[tor-commits] [orbot/master] adding in privoxy directly to Orbot repo

n8fr8 at torproject.org n8fr8 at torproject.org
Fri May 4 22:17:05 UTC 2012


commit 78074154387db5343cf5b9f08a5185670b9a23df
Author: n8fr8 <nathan at freitas.net>
Date:   Thu May 3 14:32:18 2012 -0400

    adding in privoxy directly to Orbot repo
---
 external/privoxy/AUTHORS                           |  116 +
 external/privoxy/ChangeLog                         |  717 ++
 external/privoxy/GNUmakefile                       | 2156 +++++
 external/privoxy/GNUmakefile.in                    | 2156 +++++
 external/privoxy/INSTALL                           |  173 +
 external/privoxy/LICENSE                           |  339 +
 external/privoxy/Makefile                          |  108 +
 external/privoxy/README                            |  280 +
 external/privoxy/acconfig.h                        |  495 ++
 external/privoxy/actionlist.h                      |  306 +
 external/privoxy/actions.c                         | 2021 +++++
 external/privoxy/actions.h                         |  187 +
 external/privoxy/amiga.c                           |  341 +
 external/privoxy/amiga.h                           |  176 +
 external/privoxy/autom4te.cache/output.0           | 7543 ++++++++++++++++
 external/privoxy/autom4te.cache/requests           |   75 +
 external/privoxy/autom4te.cache/traces.0           |  726 ++
 external/privoxy/cgi.c                             | 2987 +++++++
 external/privoxy/cgi.h                             |  289 +
 external/privoxy/cgiedit.c                         | 4924 +++++++++++
 external/privoxy/cgiedit.h                         |  175 +
 external/privoxy/cgisimple.c                       | 2295 +++++
 external/privoxy/cgisimple.h                       |  185 +
 external/privoxy/config                            | 1530 ++++
 external/privoxy/config.guess                      | 1526 ++++
 external/privoxy/config.h                          |  744 ++
 external/privoxy/config.h.in                       |  743 ++
 external/privoxy/config.log                        | 3125 +++++++
 external/privoxy/config.orig                       | 1530 ++++
 external/privoxy/config.status                     | 1126 +++
 external/privoxy/config.sub                        | 1662 ++++
 external/privoxy/configure                         | 7543 ++++++++++++++++
 external/privoxy/configure.in                      | 1463 +++
 external/privoxy/cygwin.h                          |   80 +
 external/privoxy/deanimate.c                       |  554 ++
 external/privoxy/deanimate.h                       |  126 +
 external/privoxy/default.action.master             | 2162 +++++
 external/privoxy/default.filter                    | 1289 +++
 external/privoxy/doc/gpl.html                      |  560 ++
 external/privoxy/doc/pcrs.3                        |  488 +
 external/privoxy/doc/source/authors.sgml           |   67 +
 external/privoxy/doc/source/buildsource.sgml       |  256 +
 external/privoxy/doc/source/config.sgml            |   36 +
 external/privoxy/doc/source/contacting.sgml        |  262 +
 external/privoxy/doc/source/copyright.sgml         |   47 +
 external/privoxy/doc/source/developer-manual.sgml  | 3304 +++++++
 external/privoxy/doc/source/faq.sgml               | 3454 ++++++++
 external/privoxy/doc/source/history.sgml           |   71 +
 external/privoxy/doc/source/install.sgml           |  106 +
 external/privoxy/doc/source/ldp.dsl                |  420 +
 external/privoxy/doc/source/ldp.dsl.in             |  420 +
 external/privoxy/doc/source/license.sgml           |   50 +
 external/privoxy/doc/source/newfeatures.sgml       |  156 +
 external/privoxy/doc/source/p-authors.sgml         |  159 +
 external/privoxy/doc/source/p-config.sgml          | 2756 ++++++
 external/privoxy/doc/source/privoxy-man-page.sgml  |  352 +
 external/privoxy/doc/source/privoxy.sgml           |   44 +
 external/privoxy/doc/source/readme.sgml            |  268 +
 external/privoxy/doc/source/seealso.sgml           |  113 +
 external/privoxy/doc/source/supported.sgml         |   46 +
 external/privoxy/doc/source/temp/manpage.refs      |    4 +
 external/privoxy/doc/source/user-manual.sgml       | 9328 ++++++++++++++++++++
 external/privoxy/doc/source/webserver/index.sgml   |  372 +
 external/privoxy/doc/webserver/README.txt          |    9 +
 external/privoxy/doc/webserver/announce.txt        |  126 +
 .../doc/webserver/developer-manual/coding.html     | 2602 ++++++
 .../doc/webserver/developer-manual/contact.html    |  510 ++
 .../doc/webserver/developer-manual/copyright.html  |  298 +
 .../doc/webserver/developer-manual/cvs.html        |  330 +
 .../webserver/developer-manual/documentation.html  |  944 ++
 .../doc/webserver/developer-manual/index.html      |  688 ++
 .../webserver/developer-manual/introduction.html   |  199 +
 .../doc/webserver/developer-manual/newrelease.html | 1956 ++++
 .../doc/webserver/developer-manual/quickstart.html |  150 +
 .../doc/webserver/developer-manual/seealso.html    |  405 +
 .../doc/webserver/developer-manual/testing.html    |  259 +
 .../developer-manual/webserver-update.html         |  260 +
 .../privoxy/doc/webserver/faq/configuration.html   | 1797 ++++
 external/privoxy/doc/webserver/faq/contact.html    |  510 ++
 external/privoxy/doc/webserver/faq/copyright.html  |  301 +
 external/privoxy/doc/webserver/faq/general.html    | 1076 +++
 external/privoxy/doc/webserver/faq/index.html      |  999 +++
 .../privoxy/doc/webserver/faq/installation.html    |  569 ++
 external/privoxy/doc/webserver/faq/misc.html       | 1745 ++++
 external/privoxy/doc/webserver/faq/trouble.html    | 1276 +++
 .../privoxy/doc/webserver/images/files-in-use.jpg  |  Bin 0 -> 16587 bytes
 .../privoxy/doc/webserver/images/proxy_setup.jpg   |  Bin 0 -> 33275 bytes
 external/privoxy/doc/webserver/index.html          |  328 +
 .../doc/webserver/man-page/privoxy-man-page.html   |  294 +
 external/privoxy/doc/webserver/p_doc.css           |   66 +
 external/privoxy/doc/webserver/p_feedback.css      |    9 +
 external/privoxy/doc/webserver/privoxy-index.html  |  283 +
 external/privoxy/doc/webserver/privoxy.css         |   69 +
 external/privoxy/doc/webserver/robots.txt          |   17 +
 external/privoxy/doc/webserver/team/01stefanw.jpg  |  Bin 0 -> 10327 bytes
 .../privoxy/doc/webserver/team/01stefanw_t.jpg     |  Bin 0 -> 1896 bytes
 external/privoxy/doc/webserver/team/02jon.jpg      |  Bin 0 -> 85888 bytes
 external/privoxy/doc/webserver/team/02jon_t.jpg    |  Bin 0 -> 2039 bytes
 external/privoxy/doc/webserver/team/03andreas.jpg  |  Bin 0 -> 42354 bytes
 .../privoxy/doc/webserver/team/03andreas_t.jpg     |  Bin 0 -> 1894 bytes
 external/privoxy/doc/webserver/team/04rodney.jpg   |  Bin 0 -> 57055 bytes
 external/privoxy/doc/webserver/team/04rodney_t.jpg |  Bin 0 -> 2138 bytes
 external/privoxy/doc/webserver/team/05david.jpg    |  Bin 0 -> 62834 bytes
 external/privoxy/doc/webserver/team/05david_t.jpg  |  Bin 0 -> 3950 bytes
 external/privoxy/doc/webserver/team/05member.jpg   |  Bin 0 -> 932 bytes
 external/privoxy/doc/webserver/team/05member_t.jpg |  Bin 0 -> 1049 bytes
 external/privoxy/doc/webserver/team/06member.jpg   |  Bin 0 -> 932 bytes
 external/privoxy/doc/webserver/team/06member_t.jpg |  Bin 0 -> 1049 bytes
 external/privoxy/doc/webserver/team/07member.jpg   |  Bin 0 -> 932 bytes
 external/privoxy/doc/webserver/team/07member_t.jpg |  Bin 0 -> 1049 bytes
 external/privoxy/doc/webserver/team/08member.jpg   |  Bin 0 -> 932 bytes
 external/privoxy/doc/webserver/team/08member_t.jpg |  Bin 0 -> 1049 bytes
 external/privoxy/doc/webserver/team/20member.jpg   |  Bin 0 -> 932 bytes
 external/privoxy/doc/webserver/team/20member_t.jpg |  Bin 0 -> 1049 bytes
 external/privoxy/doc/webserver/team/index.html     |   26 +
 .../doc/webserver/user-manual/actions-file.html    | 8214 +++++++++++++++++
 .../doc/webserver/user-manual/appendix.html        | 2187 +++++
 .../privoxy/doc/webserver/user-manual/config.html  | 4121 +++++++++
 .../doc/webserver/user-manual/configuration.html   |  514 ++
 .../privoxy/doc/webserver/user-manual/contact.html |  514 ++
 .../doc/webserver/user-manual/copyright.html       |  424 +
 .../doc/webserver/user-manual/files-in-use.jpg     |  Bin 0 -> 16587 bytes
 .../doc/webserver/user-manual/filter-file.html     | 1652 ++++
 .../privoxy/doc/webserver/user-manual/index.html   |  963 ++
 .../doc/webserver/user-manual/installation.html    | 1082 +++
 .../doc/webserver/user-manual/introduction.html    |  292 +
 .../privoxy/doc/webserver/user-manual/proxy2.jpg   |  Bin 0 -> 45431 bytes
 .../doc/webserver/user-manual/proxy_setup.jpg      |  Bin 0 -> 33275 bytes
 .../doc/webserver/user-manual/quickstart.html      |  943 ++
 .../privoxy/doc/webserver/user-manual/seealso.html |  418 +
 .../privoxy/doc/webserver/user-manual/startup.html |  902 ++
 .../doc/webserver/user-manual/templates.html       |  321 +
 .../doc/webserver/user-manual/upgradersnote.html   |  296 +
 .../doc/webserver/user-manual/whatsnew.html        |  351 +
 external/privoxy/encode.c                          |  430 +
 external/privoxy/encode.h                          |   94 +
 external/privoxy/errlog.c                          | 1547 ++++
 external/privoxy/errlog.h                          |  215 +
 external/privoxy/filters.c                         | 2709 ++++++
 external/privoxy/filters.h                         |  382 +
 external/privoxy/gateway.c                         | 1379 +++
 external/privoxy/gateway.h                         |  158 +
 external/privoxy/genclspec.sh                      |   55 +
 external/privoxy/icons/ico00001.ico                |  Bin 0 -> 318 bytes
 external/privoxy/icons/ico00002.ico                |  Bin 0 -> 318 bytes
 external/privoxy/icons/ico00003.ico                |  Bin 0 -> 318 bytes
 external/privoxy/icons/ico00004.ico                |  Bin 0 -> 318 bytes
 external/privoxy/icons/ico00005.ico                |  Bin 0 -> 318 bytes
 external/privoxy/icons/ico00006.ico                |  Bin 0 -> 318 bytes
 external/privoxy/icons/ico00007.ico                |  Bin 0 -> 318 bytes
 external/privoxy/icons/ico00008.ico                |  Bin 0 -> 318 bytes
 external/privoxy/icons/idle.ico                    |  Bin 0 -> 318 bytes
 external/privoxy/icons/off.ico                     |  Bin 0 -> 318 bytes
 external/privoxy/icons/os2.ico                     |  Bin 0 -> 2968 bytes
 external/privoxy/icons/os20.ico                    |  Bin 0 -> 498 bytes
 external/privoxy/icons/os21.ico                    |  Bin 0 -> 498 bytes
 external/privoxy/icons/os22.ico                    |  Bin 0 -> 498 bytes
 external/privoxy/icons/os23.ico                    |  Bin 0 -> 498 bytes
 external/privoxy/icons/os24.ico                    |  Bin 0 -> 498 bytes
 external/privoxy/icons/os25.ico                    |  Bin 0 -> 498 bytes
 external/privoxy/icons/os26.ico                    |  Bin 0 -> 498 bytes
 external/privoxy/icons/os27.ico                    |  Bin 0 -> 498 bytes
 external/privoxy/icons/os28.ico                    |  Bin 0 -> 498 bytes
 external/privoxy/icons/privoxy.ico                 |  Bin 0 -> 318 bytes
 external/privoxy/install-sh                        |  251 +
 external/privoxy/jbsockets.c                       | 1054 +++
 external/privoxy/jbsockets.h                       |  149 +
 external/privoxy/jcc.c                             | 4486 ++++++++++
 external/privoxy/jcc.c.rej                         |   20 +
 external/privoxy/jcc.h                             |  261 +
 external/privoxy/list.c                            | 1229 +++
 external/privoxy/list.h                            |  181 +
 external/privoxy/loadcfg.c                         | 2041 +++++
 external/privoxy/loadcfg.h                         |  199 +
 external/privoxy/loaders.c                         | 1762 ++++
 external/privoxy/loaders.h                         |  250 +
 external/privoxy/match-all.action                  |   14 +
 external/privoxy/miscutil.c                        | 1907 ++++
 external/privoxy/miscutil.h                        |  259 +
 external/privoxy/mkinstalldirs                     |   40 +
 external/privoxy/parsers.c                         | 4740 ++++++++++
 external/privoxy/parsers.c.rej                     |   16 +
 external/privoxy/parsers.h                         |  323 +
 external/privoxy/pcre/Makefile.in                  |  219 +
 external/privoxy/pcre/RunTest.in                   |  148 +
 external/privoxy/pcre/chartables.c                 |  183 +
 external/privoxy/pcre/config.guess                 | 1121 +++
 external/privoxy/pcre/config.h                     |    5 +
 external/privoxy/pcre/config.in                    |   33 +
 external/privoxy/pcre/config.sub                   | 1232 +++
 external/privoxy/pcre/configure                    | 1568 ++++
 external/privoxy/pcre/configure.in                 |   85 +
 external/privoxy/pcre/dftables                     |  Bin 0 -> 22917 bytes
 external/privoxy/pcre/dftables.c                   |  148 +
 external/privoxy/pcre/dll.mk                       |   60 +
 external/privoxy/pcre/doc/ChangeLog                |  655 ++
 external/privoxy/pcre/doc/NON-UNIX-USE             |   50 +
 external/privoxy/pcre/doc/Tech.Notes               |  243 +
 external/privoxy/pcre/doc/authors                  |    6 +
 external/privoxy/pcre/doc/copying                  |   46 +
 external/privoxy/pcre/doc/news                     |   54 +
 external/privoxy/pcre/doc/pcre.3                   | 1810 ++++
 external/privoxy/pcre/doc/pcre.html                | 2397 +++++
 external/privoxy/pcre/doc/pcre.txt                 | 2125 +++++
 external/privoxy/pcre/doc/pcregrep.1               |   76 +
 external/privoxy/pcre/doc/pcregrep.html            |  105 +
 external/privoxy/pcre/doc/pcregrep.txt             |   87 +
 external/privoxy/pcre/doc/pcreposix.3              |  149 +
 external/privoxy/pcre/doc/pcreposix.html           |  191 +
 external/privoxy/pcre/doc/pcreposix.txt            |  159 +
 external/privoxy/pcre/doc/pcretest.txt             |  246 +
 external/privoxy/pcre/doc/perltest.txt             |   29 +
 external/privoxy/pcre/doc/readme                   |  270 +
 external/privoxy/pcre/get.c                        |  227 +
 external/privoxy/pcre/install                      |  185 +
 external/privoxy/pcre/install-sh                   |  251 +
 external/privoxy/pcre/internal.h                   |  381 +
 external/privoxy/pcre/licence                      |   46 +
 external/privoxy/pcre/ltconfig                     | 3078 +++++++
 external/privoxy/pcre/ltmain.sh                    | 4012 +++++++++
 external/privoxy/pcre/maketables.c                 |  132 +
 external/privoxy/pcre/pcre-config                  |   59 +
 external/privoxy/pcre/pcre-config.in               |   59 +
 external/privoxy/pcre/pcre.c                       | 5151 +++++++++++
 external/privoxy/pcre/pcre.def                     |   19 +
 external/privoxy/pcre/pcre.h                       |  110 +
 external/privoxy/pcre/pcre.in                      |  110 +
 external/privoxy/pcre/pcregrep.c                   |  228 +
 external/privoxy/pcre/pcreposix.c                  |  280 +
 external/privoxy/pcre/pcreposix.h                  |   88 +
 external/privoxy/pcre/pcretest.c                   | 1225 +++
 external/privoxy/pcre/study.c                      |  397 +
 external/privoxy/pcre/vc_dftables.dsp              |  296 +
 external/privoxy/pcrs.c                            | 1317 +++
 external/privoxy/pcrs.h                            |  221 +
 external/privoxy/privoxy-generic.init              |  182 +
 external/privoxy/privoxy-rh.spec                   | 1196 +++
 external/privoxy/privoxy-suse.spec                 |  556 ++
 external/privoxy/privoxy.1                         |  216 +
 external/privoxy/privoxy.init                      |  276 +
 external/privoxy/privoxy.init.suse                 |  127 +
 external/privoxy/privoxy.logrotate                 |  107 +
 external/privoxy/project.h                         | 1885 ++++
 external/privoxy/regression-tests.action           |  782 ++
 external/privoxy/slackware/rc.privoxy.orig         |  109 +
 external/privoxy/ssplit.c                          |  218 +
 external/privoxy/ssplit.h                          |   84 +
 external/privoxy/strptime.h                        | 1003 +++
 external/privoxy/templates/blocked                 |  287 +
 external/privoxy/templates/cgi-error-404           |  149 +
 external/privoxy/templates/cgi-error-bad-param     |  156 +
 external/privoxy/templates/cgi-error-disabled      |  169 +
 external/privoxy/templates/cgi-error-file          |  139 +
 .../privoxy/templates/cgi-error-file-read-only     |  146 +
 external/privoxy/templates/cgi-error-modified      |  157 +
 external/privoxy/templates/cgi-error-parse         |  176 +
 external/privoxy/templates/cgi-style.css           |  173 +
 external/privoxy/templates/connect-failed          |  156 +
 external/privoxy/templates/default                 |  131 +
 .../privoxy/templates/edit-actions-add-url-form    |  216 +
 external/privoxy/templates/edit-actions-for-url    | 1425 +++
 .../privoxy/templates/edit-actions-for-url-filter  |   40 +
 external/privoxy/templates/edit-actions-list       |  412 +
 .../privoxy/templates/edit-actions-list-button     |   49 +
 .../privoxy/templates/edit-actions-list-section    |  125 +
 external/privoxy/templates/edit-actions-list-url   |   95 +
 .../privoxy/templates/edit-actions-remove-url-form |  196 +
 external/privoxy/templates/edit-actions-url-form   |  219 +
 external/privoxy/templates/forwarding-failed       |  167 +
 external/privoxy/templates/mod-local-help          |   12 +
 external/privoxy/templates/mod-support-and-service |   61 +
 external/privoxy/templates/mod-title               |    4 +
 external/privoxy/templates/mod-unstable-warning    |    7 +
 external/privoxy/templates/no-such-domain          |  158 +
 external/privoxy/templates/show-request            |  154 +
 external/privoxy/templates/show-status             |  343 +
 external/privoxy/templates/show-status-file        |  146 +
 external/privoxy/templates/show-url-info           |  340 +
 external/privoxy/templates/show-version            |  159 +
 external/privoxy/templates/toggle                  |  180 +
 external/privoxy/templates/toggle-mini             |   91 +
 external/privoxy/templates/untrusted               |  191 +
 external/privoxy/templates/url-info-osd.xml        |   14 +
 external/privoxy/tools/privoxy-log-parser.pl       | 2064 +++++
 external/privoxy/tools/privoxy-regression-test.pl  | 1754 ++++
 external/privoxy/tools/url-pattern-translator.pl   |  139 +
 external/privoxy/trust                             |   85 +
 external/privoxy/urlmatch.c                        | 1452 +++
 external/privoxy/urlmatch.h                        |  136 +
 external/privoxy/user.action                       |  169 +
 external/privoxy/user.filter                       |   75 +
 external/privoxy/utils/changelog2doc.pl            |   66 +
 external/privoxy/utils/docbook2man/COPYING         |  340 +
 .../privoxy/utils/docbook2man/docbook2man-spec.pl  | 1229 +++
 .../utils/docbook2man/docbook2man-spec.pl.1        |   99 +
 external/privoxy/utils/filter2docs.pl              |   81 +
 external/privoxy/utils/ldp_print/README            |   80 +
 external/privoxy/utils/ldp_print/VERSION           |    1 +
 .../privoxy/utils/ldp_print/fix_print_html.lib     |  227 +
 external/privoxy/utils/ldp_print/ldp_print         |   72 +
 external/privoxy/utils/prepare-configfile.pl       |   50 +
 external/privoxy/vc_config_pthreads.h              |  484 +
 external/privoxy/vc_config_winthreads.h            |  675 ++
 external/privoxy/vc_console.dsp                    |  405 +
 external/privoxy/vc_privoxy.dsp                    |  488 +
 external/privoxy/vc_privoxy.dsw                    |   59 +
 external/privoxy/w32.rc                            |  343 +
 external/privoxy/w32log.c                          | 1480 ++++
 external/privoxy/w32log.h                          |  181 +
 external/privoxy/w32res.h                          |  194 +
 external/privoxy/w32svrapi.c                       |  952 ++
 external/privoxy/w32svrapi.h                       |  146 +
 external/privoxy/w32taskbar.c                      |  313 +
 external/privoxy/w32taskbar.h                      |   82 +
 external/privoxy/win32.c                           |  366 +
 external/privoxy/win32.h                           |   94 +
 316 files changed, 203695 insertions(+), 0 deletions(-)

diff --git a/external/privoxy/AUTHORS b/external/privoxy/AUTHORS
new file mode 100644
index 0000000..3f8a609
--- /dev/null
+++ b/external/privoxy/AUTHORS
@@ -0,0 +1,116 @@
+              Authors of Privoxy v2.9.x and 3.x
+===========================================================================
+
+Current Privoxy Team:
+
+ Fabian Keil, lead developer
+ David Schmidt, developer
+
+ Hal Burgiss
+ Mark Miller
+ Gerry Murphy
+ Lee Rian
+ Roland Rosenfeld
+ Jörg Strohmayer
+
+Former Privoxy Team Members:
+
+ Johny Agotnes
+ Rodrigo Barbosa
+ Moritz Barsnick
+ Ian Cummings
+ Brian Dessent
+ Jon Foster
+ Karsten Hopp
+ Alexander Lazic
+ Daniel Leite
+ Gábor Lipták
+ Adam Lock
+ Guy Laroche
+ Justin McMurtry
+ Andreas Oesterhelt
+ Haroon Rafique
+ Georg Sauthoff
+ Thomas Steudten
+ Rodney Stromlund
+ Sviatoslav Sviridov
+ Sarantis Paskalis
+ Stefan Waldherr
+
+Thanks to the many people who have tested Privoxy, reported bugs, provided
+patches, made suggestions or contributed in some way. These include (in
+alphabetical order):
+
+ Ken Arromdee
+ Devin Bayer
+ Gergely Bor
+ Reiner Buehl
+ Andrew J. Caines
+ Clifford Caoile
+ Frédéric Crozat
+ Michael T. Davis
+ Mattes Dolak
+ Matthias Drochner
+ Peter E.
+ Florian Effenberger
+ Markus Elfring
+ Dean Gaudet
+ Stephen Gildea
+ Daniel Griscom
+ Felix Gröbert
+ Aaron Hamid
+ Darel Henman
+ Magnus Holmgren
+ Eric M. Hopper
+ Ralf Horstmann
+ Stefan Huehner 
+ Peter Hyman
+ Derek Jennings
+ Petr Kadlec
+ David Laight
+ Bert van Leeuwen
+ Don Libes
+ Paul Lieverse
+ Toby Lyward
+ Wil Mahan
+ Jindrich Makovicka
+ David Mediavilla
+ Raphael Moll
+ Amuro Namie
+ Adam Piggott
+ Dan Price
+ Roberto Ragusa
+ Félix Rauch
+ Maynard Riley
+ Chung-chieh Shan
+ Spinor S.
+ Bart Schelstraete
+ Oliver Stoeneberg
+ Peter Thoenen
+ Martin Thomas
+ Bobby G. Vinyard
+ Jochen Voss
+ Glenn Washburn
+ Song Weijia
+ Jörg Weinmann
+ Darren Wiebe
+ Anduin Withers
+ Oliver Yeoh
+ Jamie Zawinski
+
+Privoxy is based in part on code originally developed by Junkbusters Corp. and
+Anonymous Coders.
+
+Privoxy heavily relies on Philip Hazel's PCRE.
+
+The code to filter compressed content makes use of zlib which is written by
+Jean-loup Gailly and Mark Adler.
+
+On systems that lack snprintf(), Privoxy is using a version written by Mark
+Martinec. On systems that lack strptime(), Privoxy is using the one from the
+GNU C Library written by Ulrich Drepper.
+
+If we've missed you off this list, please let us know!
+
+ Privoxy team. http://www.privoxy.org/
+ <ijbswa-developers at lists.sourceforge.net>
diff --git a/external/privoxy/ChangeLog b/external/privoxy/ChangeLog
new file mode 100644
index 0000000..54cc625
--- /dev/null
+++ b/external/privoxy/ChangeLog
@@ -0,0 +1,717 @@
+--------------------------------------------------------------------
+ChangeLog for Privoxy
+--------------------------------------------------------------------
+*** Version 3.0.12 (UNRELEASED) ***
+
+- The socket-timeout option now also works on platforms whose
+  select() implementation modifies the timeout structure.
+  Previously the timeout was triggered even if the connection
+  didn't stall. Reported by cyberpatrol.
+- The Connection: keep-alive code properly deals with files
+  larger than 2GB. Previously the connection was closed too
+  early.
+- The content length for files above 2GB is logged correctly.
+- The user-manual directive on the show-status page links to
+  the documentation location specified with the directive,
+  not to the Privoxy website.
+- When running in daemon mode, Privoxy doesn't log anything
+  to the console unless there are errors before the logfile
+  has been opened.
+- The show-status page prints warnings about invalid directives
+  on the same line as the directives themselves.
+- Fixed several justified (but harmless) compiler warnings,
+  mostly on 64 bit platforms.
+- The mingw32 version explicitly requests the default charset
+  to prevent display problems with some fonts available on more
+  recent Windows versions. Patch by Burberry.
+- The mingw32 version uses the Privoxy icon in the alt-tab
+  windows. Patch by Burberry.
+- The timestamp and the thread id is omitted in the "Fatal error"
+  message box on mingw32.
+- Fixed two related mingw32-only buffer overflows. Triggering
+  them required control over the configuration file, therefore
+  this isn't seen as a security issue.
+- In verbose mode, or if the new option --show-skipped-tests
+  is used, Privoxy-Regression-Test logs skipped tests and the
+  skip reason.
+
+*** Version 3.0.11 ***
+	
+- On most platforms, outgoing connections can be kept alive and
+  reused if the server supports it. Whether or not this improves
+  things depends on the connection.
+- When dropping privileges, membership in supplementary groups
+  is given up as well. Not doing that can lead to Privoxy running
+  with more rights than necessary and violates the principle of
+  least privilege. Users of the --user option are advised to update.
+  Thanks to Matthias Drochner for reporting the problem,
+  providing the initial patch and testing the final version.
+- Passing invalid users or groups with the --user option
+  didn't lead to program exit. Regression introduced in 3.0.7.
+- The match all section has been moved from default.action
+  to a new file called match-all.action. As a result the
+  default.action no longer needs to be touched by the user
+  and can be safely overwritten by updates.
+- The standard.action file has been removed. Its content
+  is now part of the default.action file.
+- In some situations the logged content length was slightly too low.
+- Crunched requests are logged with their own log level.
+  If you used "debug 1" in the past, you'll probably want
+  to additionally enable "debug 1024", otherwise only passed
+  requests will be logged. If you only care about crunched
+  requests, simply replace "debug 1" with "debug 1024".
+- The crunch reason has been moved to the beginning of the
+  crunch message. For HTTP URLs, the protocol is logged as well.
+- Log messages are shortened by printing the thread id on its
+  own (as opposed to putting it inside the string "Privoxy()").
+- The config option socket-timeout has been added to control
+  the time Privoxy waits for data to arrive on a socket.
+- Support for remote toggling is controlled by the configure
+  option --disable-toggle only. In previous versions it also
+  depended on the action editor and thus configuring with the
+  --disable-editor option would disable remote toggling support
+  as well.
+- Requests with invalid HTTP versions are rejected.
+- The template symbol @date@ can be used to include a date(1)-like
+  time string. Initial patch submitted by Endre Szabo.
+- Responses from shoutcast servers are accepted again.
+  Problem reported and fix suggested by Stefan.
+- The hide-forwarded-for-headers action has been replaced with
+  the change-x-forwarded-for{} action which can also be used to
+  add X-Forwarded-For headers. The latter functionality already
+  existed in Privoxy versions prior to 3.0.7 but has been removed
+  as it was often used unintentionally (by not using the
+  hide-forwarded-for-headers action).
+- A "clear log" view option was added to the mingw32 version
+  to clear out all of the lines in the Privoxy log window.
+  Based on a patch submitted by T Ford.
+- The mingw32 version uses "critical sections" now, which prevents
+  log message corruption under load. As a side effect, the
+  "no thread-safe PRNG" warning could be removed as well.
+- The mingw32 version's task bar icon is crossed out and
+  the color changed to gray if Privoxy is toggled off.
+
+*** Version 3.0.10 ***
+
+- Ordinary configuration file changes no longer cause program
+  termination on OS/2 if the name of the logfile hasn't been
+  changed as well. This regression probably crept in with the
+  logging improvements in 3.0.7. Reported by Maynard.
+- The img-reorder filter is less likely to mess up JavaScript code in
+  img tags. Problem and solution reported by Glenn Washburn in #2014552.
+- The source tar ball now includes Privoxy-Log-Parser,
+  a syntax-highlighter for Privoxy logs. For fancy screenshots see:
+  http://www.fabiankeil.de/sourcecode/privoxy-log-parser/
+  Documentation is available through perldoc(1).
+
+*** Version 3.0.9 Beta ***
+
+- Added SOCKS5 support (with address resolution done by
+  the SOCKS5 server). Patch provided by Eric M. Hopper.
+- The "blocked" CGI pages include a block reason that was
+  provided as argument to the last-applying block action.
+- If enable-edit-actions is disabled (the default since 3.0.7 beta)
+  the show-status page hides the edit buttons and explains why.
+  Previously the user would get the "this feature has been disabled"
+  message after using the edit button.
+- Forbidden CONNECT requests are treated like blocks by default.
+  The now-pointless treat-forbidden-connects-like-blocks action
+  has been removed.
+- Not enabling limit-connect now allows CONNECT requests to all ports.
+  In previous versions it would only allow CONNECT requests to port 443.
+  Use +limit-connect{443} if you think you need the old default behaviour.
+- The CGI editor gets turned off after three edit requests with invalid
+  file modification timestamps. This makes life harder for attackers
+  who can leverage browser bugs to send fake Referers and intend to
+  brute-force edit URLs.
+- Action settings for multiple patterns in the same section are
+  shared in memory. As a result these sections take up less space
+  (and are loaded slightly faster). Problem reported by Franz Schwartau.
+- Linear white space in HTTP headers will be normalized to single
+  spaces before parsing the header's content, headers split across
+  multiple lines get merged first. This should prevent problems like:
+   * letting the session-cookies-only action slip
+     some Cookies through unmodified,
+   * only suppressing the first line of a header,
+     thus creating an invalid one, and
+   * to incorrectly block headers with valid timestamps
+     that weren't properly recognized.
+  Headers that could trigger these problems are unlikely to appear
+  in "normal" web traffic, but could be intentionally generated to
+  fool some of Privoxy's header parsers.
+- Host information is gathered outside the main thread so it's less
+  likely to delay other incoming connections if the host is misconfigured.
+- New config option "hostname" to use a hostname other than
+  the one returned by the operating system. Useful to speed-up responses
+  for CGI requests on misconfigured systems. Requested by Max Khon.
+- The CGI editor supports the "disable all filters of this type"
+  directives "-client-header-filter", "-server-header-filter",
+  "-client-header-tagger" and "-server-header-tagger".
+- Fixed false-positives with the link-by-url filter and URLs that
+  contain the pattern "/jump/".
+- The less-download-windows filter no longer messes
+  "Content-Type: application/x-shockwave-flash" headers up.
+- In the show-url-info page's "Final results" section active and
+  inactive actions are listed separately. Patch provided by Lee.
+- The GNUmakefile supports the DESTDIR variable. Patch for
+  the install target submitted by Radoslaw Zielinski.
+- Embedding the content of configuration files in the show-status
+  page is significantly faster now. For a largish action file (1 MB)
+  a speedup of about 2450 times has been measured. This is mostly
+  interesting if you are using large action files or regularly use
+  Privoxy-Regression-Test while running Privoxy through Valgrind,
+  for stock configuration files it doesn't really matter.
+- If zlib support is unavailable and there are content
+  filters active but the prevent-compression action is disabled,
+  the show-url-info page includes a warning that compression
+  might prevent filtering.
+- The show-url-info page provides an OpenSearch Description that
+  allows to access the page through browser search plugins.
+- Custom client-header filters that rewrite the request line
+  incorrectly no longer cause Privoxy to crash. Reported by din_a4.
+- The obsolete kill-popups action has been removed as the
+  PCRS-based popup filters can do the same and are slightly
+  less unreliable.
+- The inspect-jpegs action has been removed.
+- The send-wafer and send-vanilla-wafer actions have been removed.
+  They weren't particular useful and their behaviour could be emulated
+  with add-header anyway.
+- Privoxy-Regression-Test has been significantly improved.
+- Most sections in the default.action file contain tests for
+  Privoxy-Regression-Test to verify that they are working as intended.
+- Parts of Privoxy have been refactored to increase maintainability.
+- Building with zlib (if available) is done by default.
+
+*** Version 3.0.8 ***
+
+- Fixed a small memory leak when listen-address only specifies the port.
+- The source tar balls now include Privoxy-Regression-Test which
+  (upon other things) can be used to automatically detect some
+  packaging problems. Packagers are welcome to give it a try.
+- Reverted a change in 3.0.7 that caused path patterns to be checked
+  even if the host pattern match already failed. While this doesn't
+  noticeable affect the performance, it makes it less likely to run
+  out of stack space with overly-complex path patterns the user might
+  have added.
+- Updated the msn, yahoo and google filters to work as advertised again.
+- The warning message shown by the show-status CGI page is easier to
+  understand. Previously it wasn't clear that the error message
+  is shown below the invalid directive. (Reported by Lee)
+- When regenerating Content-Disposition headers the more common
+  spelling is used for the name. Previously it was written without caps.
+- Less confusing log message if the content type isn't overwritten
+  because force-text-type wasn't used but the old type doesn't look
+  like content that would be filtered normally.
+- Better log messages if the user tries to execute filters that
+  don't exist.
+- Treat the non-standard Request-Range headers like standard range
+  headers and suppress them if content filtering is enabled.
+- Prevent the log messages for CONNECT requests to unacceptable
+  ports from printing the limit-connect argument as [null] if
+  limit-connect hasn't been explicitly enabled.
+- Don't disable the mingw32 log window if the logfile directive
+  isn't used. While it was an intentional change in 3.0.7 at least
+  one user perceived it as a regression and the same effect can
+  be achieved by disabling all debug directives.
+- Fixed two minor problems related to the win32 build process: a css
+  file was not being in the installer and the trustfile comment in the
+  config.txt referenced a nonexisting file
+- Minor documentation fixes.
+
+*** Version 3.0.7 Beta ***
+
+- Added zlib support to filter content with gzip and deflate
+  encoding. (Patch provided by Wil Mahan)
+- Dedicated filters and actions are used for header filtering.
+  "filter-client-headers" and "filter-client-headers" are no longer
+  supported, use server-header-filter{} and client-header-filter{}
+  instead.
+- Tags can be used to change actions based on HTTP headers.
+- New server-header filter: less-download-windows.
+- New client-header taggers: css-requests, image-requests,
+  client-ip-address, http-method, allow-post, complete-url,
+  user-agent and privoxy-control.
+- New server-header taggers: content-type and privoxy-control.
+- The forward-override{} action allows to change the forwarding
+  settings through the action files, for example based on client
+  headers like the User-Agent, or the request origin.
+- Socks errors are no longer handled by the CGI page for
+  DNS resolution failures.
+- CGI pages use favicons to signal whether they are error
+  or control pages. This is useful if you rely heavily on
+  browser tabs.
+- The show-url-info CGI page shows the forwarding settings.
+- "Crunch!" log messages (used when Privoxy answers requests
+  by itself) now also contain the reason.
+- Allow to rewrite the request destination behind the client's back.
+- Fix socks requests on big-endian platforms. Patch provided by Song Weijia.
+- Fixes possible deadlocks and crashes on OpenBSD.
+  Patch provided by Ralf Horstmann.
+- The CGI action editor allows to edit actionfiles with previously
+  forbidden characters like dots.
+- New trust entries are saved with a comment that contains the
+  trusted referring URL (Suggested by Daniel Griscom).
+- Filter descriptions are HTML encoded automatically. 	
+- New config option "split-large-forms" to work
+  around a browser bug that caused IE6 and IE7 to ignore
+  the Submit button on the edit-actions-for-url CGI page.
+- New config option "allow-cgi-request-crunching" to allow
+  requests for Privoxy's CGI pages to be blocked, redirected
+  or (un)trusted like ordinary requests.
+- Empty filter files no longer interrupt the filtering process
+  prematurely and are correctly listed on the show-status CGI page.
+- New config option "accept-intercepted-requests" to combine
+  Privoxy with any packet filter to build an intercepting proxy
+  for HTTP/1.1 requests (and for HTTP/1.0 requests with Host header set).
+- fast-redirects{} catch redirects to https URLs as well.
+- redirect{s at foo@bar@} can be used to redirect to a rewritten
+  version of the original URL.
+- Trap unsupported gopher proxy requests.
+- Fixed a bug in the User Manual delivery on Windows
+  (mingw32 only). Images now show up correctly and HTML
+  pages are no longer padded with garbage data.
+- Fixed several minor memory leaks, most of them discovered with Valgrind.
+- Only unlink the pidfile if it's actually used.
+- Retries after connection problems with forced requests
+  aren't blocked again.
+- On Unix SIGABRT causes a core dump as expected and is no
+  longer treated as normal shutdown signal.
+- The "access denied" CGI page is more descriptive and
+  allows retries to circumvent the referrer check.
+- Updated PCRS to handle unexpected PCRE errors properly.
+  Fixed crashes that could occur if Privoxy was build
+  with external PCRE versions newer than Privoxy's internal
+  one. (Reported by Chung-chieh Shan)
+- Fixed crashes with null bytes in PCRS replacement strings
+  (Patch provided by Felix Gröbert).
+- Fixed crashes with header time randomization on mingw32.
+- The CGI style sheet is no longer delivered if the referring
+  page isn't a Privoxy CGI page. This prevents a JavaScript-based
+  Privoxy detection "attack". Note that detecting Privoxy is
+  still possible through other ways and Privoxy was never intended
+  to be invisible anyway.
+- Added support for AmigaOS 4, fixed build for AmigaOS 3.x.	
+- The show-url-info CGI page displays a warning if Privoxy
+  is currently toggled off.
+- The show-status CGI page suppresses the edit button
+  for action files if Privoxy has no write access.	
+- Most CGI error pages react properly to HEAD requests.
+- Requests with RFC 3253 HTTP methods (used by Subversion)
+  are accepted. (Patch provided by Petr Kadlec)
+- New config option "templdir" to change the location
+  of the CGI templates to make sure customized templates
+  aren't "updated".
+- Better handling of "HTTP/1.1 100 Continue" responses.
+- The background of the PNG pattern is transparent.
+- Fixed XML syntax errors caused by banners-by-size and banners-by-url.
+- Fixed crashes and possible action file corruptions
+  when lines containing hashes are written through the CGI editor.
+- Supports dynamic filters which can contain variables.
+- Supports tags to change the actions based on client or server headers.
+- Incorrect actions are logged before program termination.
+- The "actionsfile" syntax in the configuration file is consistent
+  with the rest of the configuration options and requires the
+  whole file name. This is an incompatible change, if you use
+  an old configuration file you might have to append ".action"
+  to your "actionsfile" directives.
+- With the configuration file option "enforce-blocks" the
+  "go there anyway" mechanism can be disabled without recompiling
+  Privoxy.
+- More precise error messages in case of incorrect acl syntax.
+- Logs a warning if filtering is enabled but impossible due
+  to lack of zlib support or use of the prevent-compression action.
+- Less noisy handling of Cookie:" and "Connection:" headers.
+- Improved error messages in case of connection problems.
+- Fix a command-line-parsing bug that was introduced before 3.0.5
+  beta and caused Privoxy to treat the last argument as configuration
+  file if no configuration file was specified.
+- Treat unknown command line options as fatal errors instead
+  of silently ignoring them.
+- Use string functions with length checks more often.
+- Don't log CONNECT requests twice.
+- Allow to log the source address for ACL-related connection drops.
+- Don't ignore applying filters if the server didn't
+  specify a Content-Type. Bug reported by Amuro Namie.
+- Rejected CONNECT requests are logged with log level info
+  (enabled by default) and the reason for the block.
+- New command line option "--pre-chroot-nslookup hostname" to
+  intialize the resolver library before chroot'ing. On some systems this
+  reduces the number of files that must be copied into the chroot tree.
+  (Patch provided by Stephen Gildea)
+- Fix a long-standing memory corruption bug that could cause
+  Privoxy to overwrite a single byte in memory it didn't explicitly
+  allocate (but that probably was allocated anyway due to bucket size).
+- Send template-based CGI pages as HTTP/1.1 unless the client
+  asked for HTTP/1.0.
+- Let the first line in connection established responses
+  end in \r\n as required by RFC1945. Reported by Bert van Leeuwen.
+- If no log file has been specified, disable logging instead of logging
+  to stderr.
+- Don't block stderr when in daemon mode.
+- Ignore missing zero-chunks when filtering chunk-encoded content.
+  Earlier Privoxy versions would buffer and then forward the content
+  unmodified which caused some browsers to simply show empty pages.
+- Fix double free in cgi_edit_actions_list(). Reported by Venustech AD-LAB.
+- The code to add X-Forwarded-For headers when the hide-forwarded-for-headers
+  action isn't being used has been removed.
+- Fixed trustfile feature which previously didn't work without FEATURE_TOGGLE.
+  Reported by Lee.
+- Minor code clean-ups, filter and action file updates.
+  (Some of them reported by Davide Alberani, Markus Elfring,
+   Stefan Huehner and Adam Piggott)
+
+*** Version 3.0.6 ***
+
+- New content filters: no-ping, google, msn, yahoo and blogspot.
+- New header filters:  x-httpd-php-to-html, html-to-xml, xml-to-html
+                       and hide-tor-exit-notation.
+- The special header "X-Filter: No" now disables header filtering as well.
+- Improved the filters img-reorder, js-annoyances, webbugs,
+  banners-by-size, banners-by-link and ie-exploits to make them
+  less likely to break anything.
+- Removed outdated URL patterns in default.action and added new ones. 
+- Added redirection from http://p.p/user-manual to http://p.p/user-manual/
+- Changed webinterface default values for hide-user-agent, hide-referrer
+  and set-image-blocker.
+	
+*** Version 3.0.5 Beta ***
+
+- Windows version can be installed/started as a service.
+- Windows icon stays blue when Privoxy is idle, green when busy.
+- Integrated Fabian Keil's extensive patch.  See:
+  http://www.fabiankeil.de/sourcecode/privoxy/. Includes the 
+  following new or significantly improved actions (among many 
+  other improvements):
+
+     content-type-overwrite{}
+     crunch-client-header{string}
+     crunch-if-none-match
+     crunch-server-header{string}
+     fast-redirects{check-decoded-url}
+     filter-client-headers
+     filter-server-headers
+     force-text-mode
+     handle-as-empty-document
+     hide-accept-language{}
+     hide-content-disposition{}
+     hide-if-modified-since
+     hide-referrer{conditional-block}
+     overwrite-last-modified{}
+     redirect{URL}
+     treat-forbidden-connects-like-blocks
+
+- Standard-compliant clients are prevented from displaying cached
+  copies of Privoxy's error messages after the cause of the problem
+  has gone.
+- Improved DNS error handling.
+- Multiple filter files can now be specified in config.
+- Added jpeg filtering to defend against MS jpeg vulnerability MS04-028
+  with the new inspect-jpegs action.
+- Removed the "arbitrary" 1000 filter limit - addresses tracker #911950
+- Thanks to Jindrich Makovicka for a race condition fix for the log 
+  file.  The race condition remains for non-pthread implementations.
+  Reference patch #1175720. Various other logging enhancements.
+- A pile of assorted bug fixes, memory leaks, enhancements, etc.
+- Moved Actions file reporting mechanism to SF tracker.
+- Two new options for config: enable-remote-http-toggle and 
+  forwarded-connect-retries.
+- Trap unsupported FTP requests.
+- Let text/xml be filtered.
+- Numerous updates to default.action
+- Increase the compiled in limit of trusted referrers from 64 to 512 
+  (for trustfile users).
+
+*** Version 3.0.3 ***
+
+- Fixed yet another two memory leaks. Process growth seems stopped now.
+- Further tightened security against malicious toggle-off links.
+- Excluded text/plain MIME types from filtering. This fixes a
+  couple of client-crashing, download corruption and
+  Privoxy performance issues, whose root cause lies in
+  web servers labelling content of unknown type as text/plain.
+- Assorted fixes for POSIX compliance, signal handling, graceful
+  termination, compiler warnings, OSX support, Win32 systray,
+  error logging, hostname wildcards, correct detection of NetBSD.
+- Workarounds for client (iTunes etc) and server (PHP < 4.2.3) bugs
+  including the notorious "blank page" problem.
+- Various filter improvements; most notably the unsolicited-popups
+  filter became less destructive     
+- Major revamp of the actions file
+	
+*** Version 3.0.2 ***
+
+- Fixed two memory leaks, one serious
+- Fixed bug in pcrs which could cause crashes with user-defined filters
+- Fixed bug in domain name matching
+- Assorted small fixes (Win32 menu, CGI URL editor, ..) 
+- Added basic support for the OPTIONS and TRACE http methods
+- Added workaround for Bug in Mac OSX that made Privoxy crash occasionally
+- Refined the default action file through >400 items of user feedback
+- Filter changes:
+  - Assorted refinements, optimizations and fixes in the js-annoyances,
+    img-reorder, banners-by-size, banners-by-link, webbugs, refresh-tags,
+    html-annoyances, content-cookies and fun filters
+  - Replaced filter "popups" by choice between two modes:
+    - "unsolicited-popups" tries to catch only the unsolicited ones
+    - "all-popups" tries to kill them all (as before)
+  - New filter "tiny-textforms" Help those tiny or hard-wrap textareas. 
+  - New filter "jumping-windows" that prevents windows from resizing
+    and moving themselves
+  - New filter "demoronizer" which fixes MS's abuse of std charsets
+    (common cases anyway).
+  - Replaced "nimda" with more general "ie-exploits" filter in which
+    all filters for exploits shall be collected
+- Improved cookie logging
+- Rewrote make install target. Added uninstall and install-strip
+  targets.
+- Fixed a potential (application-level, NOT OS-level!) security
+  problem involving remote toggling and action file manipulation
+  by mailicious websites.
+- Added ability to chroot (thanks to Sviatoslav Sviridov)
+- Added more action aliases for prehistoric action names
+- Add Slackware support to Makefile.
+
+*** Version 3.0  ***
+
+- Fixed Windows startmenu items, log window and tray icon menus.
+- Added warning for bogus install target
+- Added quicktime-kioskmode filter and improved frameset-borders
+- Updated default.action based on latest feedback
+- New PDF doc build process
+- Add a user contrib module to cvs: 
+  http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/ijbswa/contrib/
+
+*** Version 2.9.18  ***
+
+- Added workaround for IE bug that broke CGI interface
+- Bugfix: String actions now reliably editable through CGI interface
+- Three filters fixed (again!)
+- Assorted small fixes and doc enhancements
+
+*** Version 2.9.16  *** 
+
+- Major revamp of default.action to get rid of years of cruft.
+- Same for default.filter
+- Re-design and major improvements to the CGI editor interface.
+- Address spurious 'out of memory' error due to incorrect file permissions.
+- Impose buffer limits while reading client and server headers.
+- Better memory and CPU optimization.
+- Add Conectiva Linux package.
+- user-manual directive added to config for help links from within CGI
+  editor.
+- Multiple actions files can now be specified in config.
+- Actions files are changed to: default.action, standard.action, and 
+  user.action. user.action is for personal/local configuration.
+- The usual many small and miscellaneous bug and security fixes.
+
+*** Version 2.9.14 Beta *** 
+
+- Fix Solaris compile problem (gateway.h and filters.h)
+- Makefile fixes for Solaris, FreeBSD (?)
+- Fix build failure where certain features were disabled.
+- 'blocked-compact' template is removed. Various CGI improvements,
+  including an adaptive 'blocked' template.
+- Various tweaks for actions file to get ready for stable 3.0
+- Included a 'Bookmarklet' and PHP scripts for reporting actions file
+  problems via web interface at privoxy.org. Accessed via internal CGIs.
+- Include cgi-style.css for templates.
+- #include mechansim for common text in templates
+- Various other minor fixes.
+
+*** Version 2.9.13 Beta *** 
+
+- *NEWS*: The project has been renamed to Privoxy! The new name is 
+  reflected throughout (file locations, etc).
+- ijb.action is now default.action. re_filterfile is now 
+  default.filter.
+- http://i.j.b/ is now http://p.p/
+- The 'logo' option for replacing ad iamges is removed now. 'Pattern' 
+  (checkerboard) is now the default.
+- RPM spec file make over.
+
+
+*** Version 2.9.12 Beta *** 
+
+- **READ**: The default listening PORT is NOW 8118!!! Changed from 
+  8000 due to conflict with NAS (Network Audio Server, whatever that 
+  is.)
+- More CGI actions editor fixes and improvements.
+- Win32 command line fix ups.
+- re_filterfile now has modular sections that can be activated on a 
+  per site basis. Some new goodies there too.
+- +filter now takes arguments to match FILTER sections in re_filterfile
+  for even more flexibility. 
+- Added a new image blocker option: +image-blocker{pattern}, which 
+  displays a checkerboard patthern and scales better than the logo.
+- PNG images will be used in place of GIF for JB built-in images
+  if configured with --enable-no-gif.
+- Clean up compiler warnings (mostly).
+- Improved handling of failed DNS lookups & diagnostics for failed bind
+  to listen socket
+- Made --no-daemon mode log to tty instead of logfile.
+- Various spec file and init script cleanups and improvements (Redhat and
+  SuSE).
+- CGI Editor works on OS/2 now.
+- Fix restart failure where sockets were in TIME_WAIT.
+- Fixes for actions cgi editor, make sure we have right file.
+- A --pidfile command line option now, in addition to --help, 
+  --version, --no-daemon, --user and configfile. --no-daemon replaces
+  the former -d option and _DEBUG define. --user will drop privileges 
+  to the specified user.
+- Signal handling cleanups (*nix).
+- CGI actions editor improvements and fixes.
+- Error handling improvements, especially out of memory.
+- Default re_filterfile fix that caused spurious IJB logos 
+  (instead of 'blank').
+- configure.in threading fixes for Solaris.
+- Various other minor fixes.
+
+
+*** Version 2.9.11 Beta Changes ***
+
+- Add "session" cookie concept where cookies exist for the life 
+of that browser session only (ie never goes to disk). 
+- Checks for correct header length.
+- Fix user:pass at host.domain.com auth bug.
+- Better signal handling on *nix.
+- Fix CFLAGS hard-coded in configure.in
+- Fix threading bug re: gethostbyname() that caused random 
+URLs to fail in some cases.
+
+
+*** Version 2.9.11 Alpha Changes ***
+
+- A web-based editor for the actions file is included (go to http://i.j.b/).
+- Web-based toggle IJB on/off support.
+- Cookie handling has changed - the new +no-cookies-keep feature is now the
+default.
+- actionsfile is renamed to ijb.action.
+- junkbstr.txt is now config.txt on Win32.
+- Support for running IJB as a UNIX daemon process has improved.
+- Unix daemon now returns error code on failed start.
+- Timestamps in logfile and jarfile now.
+- Fix for the Netscape bug reintroduced in 2.9.9.
+- make should now abort if gmake (GNU make) not present.
+- Many other minor bugfixes
+- Start a ChangeLog :)
+
+
+
+*** Version 2.9.3 pre-Alpha Changes ***
+
+- Amiga support (completely untested by me - I don't have an Amiga)
+- "tinygif 3" support (redirects blocked images to a specified URL, so
+the browser doesn't have to load and cache many copies of the same
+image).
+- one case where there were both local and global "referrer" variables
+(yuck!) clarified by renaming the local one to "refer".
+- Fixed some places where close() was used instead of close_socket().
+Thanks to Jörg Strohmayer (joergs at users.sourceforge.net) for these.
+- Temporary hack to get FORCE_LOAD to work with IE.  I just lowercased the
+FORCE_LOAD_PREFIX.  Needs fixing properly.
+- Most URLs hardcoded into Junkbuster were changed to go through a script
+e.g. http://ijbswa.sourceforge.net/redirect.php?v=2.9.3&to=faq
+The only other URLs left are the GNU GPL:
+  http://www.fsf.org/copyleft/gpl.html
+and the home page:
+  http://ijbswa.sourceforge.net/
+... and various URLs which will be intercepted by Junkbuster anyway.
+TODO: Still need to do something with the URLs in Junkbuster Corp's 
+copyright/trademark notice on the bottom of the show-proxy-args page.
+- PCRE or GNU Regex is now a #define option.
+
+
+*** Version 2.9.2 pre-Alpha Changes ***
+
+- Andreas applied the latest version of the FORCE patch.
+
+
+*** Version 2.9.1 pre-Alpha Changes ***
+
+- in parsers.c, fixed two #ifdef FORCE to #ifdef FORCE_LOAD
+(BTW: I think FORCE is precise enough, since loading remote
+data is the whole purpose of a proxy..)
+- Set the FORCE_PREFIX (back) to 'IJB-FORCE-LOAD-'. While 'noijb.'
+is more elegant and looks like a hostname in the URL, it doesn't
+make clear to the inexperienced user that the proxy is bypassed. It
+also has a higher name collision risk.
+- Filled in the function header templates for my functions in
+parsers.c (again). They obviously got lost in our current
+patch war ;-)
+- Cut the credit for the §-referrer-option from the config file,
+that Stefan had placed there.
+- Improved the re_filterfile 
+
+
+*** Version 2.9.0 pre-Alpha Changes ***
+
+-  Now use PCRE, not GNU REGEX.  I have not yet had chance to check the
+syntax of the block/image/cookie file to ensure that they match what
+is expected - however they seem to work.
+-  Replaced "configure" script with one generated by "autoconf".  Also 
+use a header "config.h" (was ijbconfig.h in my previous release) for 
+the #defines.  "config.h" is now generated with "autoheader" from 
+"acconfig.h" and "configure.in".  (Note that to install you do not
+need autoconf or autoheader - just run "./configure".)
+To see command-line options, run "./configure --help".
+This is my first ever autoconf script, so it has some rough edges
+(how PCRE is handled is the roughest).
+-  Error logging code replaced with new module errlog.c, based on the
+one from JunkbusterMT (but with the threading code removed).
+-  Most of Rodney's 0.21 and 0.21A patches applied. (Marked *).  I did not
+apply all of these, since I had already independently done conditional
+popup file, conditional image file, and integration of popup code.
+- ACL, Jar and trust files conditionally compiled.
+- New source file headers.
+- Various cosmetic changes.  (But I have not consistently ordered the 
+config files - I think that's worthwhile, but it's 1am and I want to
+get this released!)
+- RCS tags on .h files.
+-  RCS tags are const char[] rather than const char *.  (Saves 4 bytes
+per tag ;-)
+- VC++ project files renamed to vc_junkbuster.*.
+- show-proxy-args now shows status of all conditionals, not just REGEX
+- Various functions moved around.  Most notably all the system-specific
+sockets code which was spread between jcc.c, bind.c, and connect.c,
+has been moved to "jbsockets.c".  The non-system-specific code from
+connect.c and socks4.c has been movet to "gateway.c".  Also, the
+config file loader and the global variables it writes to have been
+moved to "loadcfg.c".  (Maybe this should go into loaders.c?)
+And candidate for the "worst filename ever" award is "miscutil.c",
+which contains, well, miscellaneous utility functions like zalloc.
+(Suggestions for a better name for this file are welcome!)
+- Loaders now use a common function to read a line and skip comments,
+and this function also stores the proxy_args.
+- Added ./junkbuster --help     (Not for Win32 GUI)
+- Added ./junkbuster --version  (Not for Win32 GUI)
+- Win32 resources are now all marked as "U.S. English", rather than
+being a mix of "U.S. English", "U.K. English" and "Irish English".
+- Version number changes to 2.9.0
+
+
+
+----------------------------------------------------------------------
+Copyright   :  Written by and Copyright (C) 2001-2008 the SourceForge
+               Privoxy team. http://www.privoxy.org/
+
+               Based on the Internet Junkbuster originally written
+               by and Copyright (C) 1997 Anonymous Coders and 
+               Junkbusters Corporation.  http://www.junkbusters.com/
+
+               This program is free software; you can redistribute it 
+               and/or modify it under the terms of the GNU General
+               Public License as published by the Free Software
+               Foundation; either version 2 of the License, or (at
+               your option) any later version.
+
+               This program is distributed in the hope that it will
+               be useful, but WITHOUT ANY WARRANTY; without even the
+               implied warranty of MERCHANTABILITY or FITNESS FOR A
+               PARTICULAR PURPOSE.  See the GNU General Public
+               License for more details.
+
+               The GNU General Public License should be included with
+               this file.  If not, you can view it at
+               http://www.gnu.org/copyleft/gpl.html
+               or write to the Free Software Foundation, Inc., 59
+               Temple Place - Suite 330, Boston, MA  02111-1307, USA.
diff --git a/external/privoxy/GNUmakefile b/external/privoxy/GNUmakefile
new file mode 100644
index 0000000..a51a130
--- /dev/null
+++ b/external/privoxy/GNUmakefile
@@ -0,0 +1,2156 @@
+# Note:  Makefile is built automatically from Makefile.in
+#
+# $Id: GNUmakefile.in,v 1.180 2009/02/28 08:28:14 fabiankeil Exp $
+#
+# Written by and Copyright (C) 2001 - 2008 the SourceForge
+# Privoxy team. http://www.privoxy.org/
+#
+# Based on the Internet Junkbuster originally written
+# by and Copyright (C) 1997 Anonymous Coders and 
+# Junkbusters Corporation.  http://www.junkbusters.com
+#
+# This program is free software; you can redistribute it 
+# and/or modify it under the terms of the GNU General
+# Public License as published by the Free Software
+# Foundation; either version 2 of the License, or (at
+# your option) any later version.
+#
+# This program is distributed in the hope that it will
+# be useful, but WITHOUT ANY WARRANTY; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.  See the GNU General Public
+# License for more details.
+#
+# The GNU General Public License should be included with
+# this file.  If not, you can view it at
+# http://www.gnu.org/copyleft/gpl.html
+# or write to the Free Software Foundation, Inc., 59
+# Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
+
+#############################################################################
+# Set make command correctly
+#############################################################################
+
+
+#############################################################################
+# Version number (for RPM)
+#############################################################################
+
+VERSION_MAJOR = 3
+VERSION_MINOR = 0
+VERSION_POINT = 12
+CODE_STATUS   = stable
+VERSION       = $(VERSION_MAJOR).$(VERSION_MINOR).$(VERSION_POINT)
+RPM_VERSION   = $(VERSION)
+RPM_PACKAGEV  = ""
+SNAPVERSION   = $(RPM_VERSION)-$(shell date "+%Y%m%d")
+
+
+#############################################################################
+# "make install" directories and variables
+#############################################################################
+
+#User Group paras
+USER         = 
+GROUP	   = 
+
+datarootdir  = ${prefix}/share
+prefix       = /home/n8fr8/dev/android/ndk/my-android-toolchain
+exec_prefix  = ${prefix}
+CONF_BASE    = ${prefix}/etc
+SBIN_DEST    = ${exec_prefix}/sbin
+MAN_DIR      = ${datarootdir}/man
+MAN_DEST     = $(MAN_DIR)/man1
+SHARE_DEST   = ${datarootdir}
+DOC_DEST     = $(SHARE_DEST)/doc/privoxy
+VAR_DEST     = ${prefix}/var
+LOGS_DEST    = $(VAR_DEST)/log/privoxy
+PIDS_DEST    = $(VAR_DEST)/run
+
+# if $prefix = /usr/local then the default CONFDEST change from 
+# CONF_DEST = $(CONF_BASE) to CONF_DEST = $(CONF_BASE)/privoxy  
+# by the target rule CONF_DEST
+#
+# also if the $prefix is /usr/local and there is no
+# $(SHARE_DEST)/doc, it checks for $prefix/doc and installs there
+# instead in this situation
+#
+# finally if $prefix=/usr/local and VAR_DEST=$prefix/var it 
+# changes this to /var for storing the logs and pidfile
+
+# used in source dir only, the install goes to $share_dest/doc/privoxy
+DOK_WEB = doc/webserver/
+
+# Install usage should be compatible with install-sh.
+INSTALL    = /usr/bin/install -c
+# Binaries
+BIN_MODE	 = 0755
+# Support files, docs, etc.
+RA_MODE   = 0664
+# Directory
+DIR_MODE   = 0755
+# Files daemon writes to.
+RWD_MODE   = 0660
+INSTALL_P  = -m $(BIN_MODE)  
+INSTALL_T  = -m $(RA_MODE)
+INSTALL_D  = -m $(DIR_MODE) -d
+INSTALL_R  = -m $(RWD_MODE)
+
+# install options for superuser install
+#INSTALL_S  = -g  -o  
+
+#############################################################################
+# Build tools
+#############################################################################
+
+PROGRAM    = privoxy
+CC         = arm-linux-androideabi-gcc
+ECHO       = echo
+GZIP_PROG  = gzip
+
+# id -u is not universal. FIXME: need to set from configure. Breaks on
+# Solaris.
+#ID         = id -u
+ID         = id
+LD         = arm-linux-androideabi-gcc
+RM         = rm -f
+CP         = cp -f
+RMDIR      = rmdir
+MKDIR      = ./mkinstalldirs
+STRIP_PROG = strip
+SED        = sed
+GREP       = grep
+CAT        = cat
+RPM        = rpm
+RPMBUILD   = rpmbuild
+MV         = mv
+TAR        = tar
+LN         = ln
+TOUCH      = touch
+KILL       = kill
+CHMOD      = chmod
+CHOWN      = chown
+CHGRP      = chgrp
+GROUPS     = groups
+WDUMP      =  -dump
+JADECAT    = 
+JADEBIN    = false
+DB         = $(JADEBIN) $(JADECAT) -ihtml -t sgml  -D.. -d ldp.dsl\#html
+DB2HTML    = false
+MAN2HTML   = false
+G2H_CMD    = groff -mandoc -Thtml
+TARGET_OS  = arm-linux-eabi
+PERL       = perl
+DOC_DIR    = doc/source
+DOC_TMP    = $(DOC_DIR)/tmp
+DOC_STATUS = p-stable
+
+# Program to do LF->CRLF
+#
+# The sed version should be the most portable, but it doesn't for for me,
+# the other two do.  FIXME.
+#   - Jon
+#DOSFILTER  = $(SED) -e $$'s,$$,\r,'
+#DOSFILTER  = gawk -v ORS='\r\n' '{print $0;}'
+DOSFILTER  = $(PERL) -p -e 's/\n/\r\n/'
+CVSROOT    = :pserver:anonymous at ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa
+#TMPDIR     := $(shell mktemp -d /tmp/$(PROGRAM).XXXXXX)
+
+#############################################################################
+# Setup for make distribution rh and suse for now 
+#############################################################################
+
+TAR_ARCH = /tmp/privoxy-$(RPM_VERSION).tar.gz
+RPM_BASE = /home/n8fr8/rpmbuild
+
+#############################################################################
+# We include these files in our distributions
+#############################################################################
+CONFIGS = config trust default.action match-all.action user.action default.filter user.filter
+# take care that no CVS .cvsignore or other crappy files
+# are included here
+# and escape every '#' in the find. doh.
+CONFIG_FILES = $(CONFIGS) \
+		`find templates/ -type f | grep -v "CVS" | grep -v "\.\#" | grep -v ".*~" | grep -v ".cvsignore" | grep -v "TAGS"`
+
+DOC_FILES = AUTHORS LICENSE README ChangeLog INSTALL \
+		`find doc/webserver/ -name "*.html" | grep -v "\(webserver\|team\)\/index\.html"` \
+		`find doc/webserver/ -name "*.css"` \
+                privoxy.1
+
+#############################################################################
+# Filenames and libraries
+#############################################################################
+
+C_SRC  = actions.c cgi.c cgiedit.c cgisimple.c deanimate.c encode.c \
+         errlog.c filters.c gateway.c jbsockets.c jcc.c \
+         list.c loadcfg.c loaders.c miscutil.c parsers.c ssplit.c \
+         urlmatch.c
+
+C_OBJS = $(C_SRC:.c=.o)
+C_HDRS = $(C_SRC:.c=.h) project.h actionlist.h
+
+W32_SRC   = #w32log.c w32taskbar.c win32.c w32svrapi.c
+W32_FILES = #w32.res
+W32_OBJS  = #$(W32_SRC:.c=.o) $(W32_FILES)
+W32_HDRS  = #w32log.h w32taskbar.h win32.h w32res.h w32svrapi.h
+W32_LIB   = #-lwsock32 -lcomctl32
+W32_INIS  = #config.txt trust.txt
+
+PCRS_SRC     = pcrs.c
+PCRS_OBJS    = $(PCRS_SRC:.c=.o)
+PCRS_HDRS    = $(PCRS_SRC:.c=.h)
+
+PCRE_SRC     = pcre/get.c pcre/maketables.c pcre/study.c pcre/pcre.c
+PCRE_OBJS    = $(PCRE_SRC:.c=.o)
+PCRE_HDRS    = pcre/config.h pcre/chartables.c pcre/internal.h pcre/pcre.h
+
+# No REGEX (maybe because dynamically linked pcreposix):
+REGEX_SRC    =
+REGEX_SRC = pcre/pcreposix.c
+
+REGEX_OBJS   = $(REGEX_SRC:.c=.o)
+REGEX_HDRS   = $(REGEX_SRC:.c=.h)
+
+# Dependencies introduced by #include "project.h".
+PROJECT_H_DEPS = project.h $(REGEX_HDRS) $(PCRS_HDRS) pcre/pcre.h
+
+# Socket libraries for platforms that need them explicitly defined
+SOCKET_LIB   = 
+
+# PThreads library, if needed.
+PTHREAD_LIB  = #-lpthread
+
+SRCS         = $(C_SRC)  $(W32_SRC)  $(PCRS_SRC)  $(PCRE_SRC)  $(REGEX_SRC)
+OBJS         = $(C_OBJS) $(W32_OBJS) $(PCRS_OBJS) $(PCRE_OBJS) $(REGEX_OBJS)
+HDRS         = $(C_HDRS) $(W32_HDRS) $(PCRS_HDRS) $(PCRE_OBJS) $(REGEX_HDRS)
+LIBS         =  -lz $(W32_LIB) $(SOCKET_LIB) $(PTHREAD_LIB)
+
+
+#############################################################################
+# Compiler switches
+#############################################################################
+
+# The flag "-mno-win32" can be used by Cygwin to emulate a un?x type build.
+# The flag "-mwindows -mno-cygwin" will cause Cygwin to use MingW32 for a
+# Win32 GUI build.
+# The flag "-pthread" is required if using Pthreads under Linux (and
+# possibly other OSs).
+SPECIAL_CFLAGS = 
+
+# Add your flags here 
+OTHER_CFLAGS =   
+
+CFLAGS = -pipe -O2 --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include $(OTHER_CFLAGS) $(SPECIAL_CFLAGS) -Wall \
+          -Ipcre 
+
+LDFLAGS = -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib $(DEBUG_CFLAGS) $(SPECIAL_CFLAGS)
+
+
+#############################################################################
+# Build section.
+#
+# There should NOT be any targets above this line.
+#############################################################################
+all: $(PROGRAM) default.action
+
+
+#############################################################################
+# Phony targets
+#############################################################################
+.PHONY: all inifiles redhat-dist redhat-upload solaris-dist suse-dist \
+suse-upload win-dist tarball-dist dok redhat-dok webserver clean clobber tags \
+install conectiva-spec conectiva-dist conectiva-upload CONF_DEST LOG_DEST \
+PID_DEST check_doc install-strip uninstall GROUP_T
+
+#############################################################################
+# Define this explicitly because Solaris is broken!
+#############################################################################
+%.o: %.c
+	$(CC) -c $(CFLAGS) $(CPPFLAGS) $< -o $@
+
+
+#############################################################################
+# Strip master copy comments from default.action:
+#############################################################################
+default.action: default.action.master
+	$(GREP) -v '^#MASTER#' $< > $@
+
+#############################################################################
+# Win32 config files
+#############################################################################
+
+inifiles: $(W32_INIS)
+
+config.txt: config
+	$(SED) -e 's!\trustfile trust!trustfile trust.txt!' \
+	       -e 's!\logfile logfile!logfile privoxy.log!' \
+	       -e 's!#Win32-only: !!' \
+	       < $< | \
+	       $(DOSFILTER) > $@
+	# LF to CRLF in default.action
+	$(DOSFILTER) <default.action >default.action.txt && mv default.action.txt default.action
+	# LF to CRLF in default.filter
+	$(DOSFILTER) <default.filter >default.filter.txt && mv default.filter.txt default.filter
+
+trust.txt: trust
+	$(DOSFILTER) < $< > $@ 
+
+#############################################################################
+# Pre-dist check:
+#############################################################################
+dist-check:
+	@if [ -d CVS ]; then \
+           $(ECHO) "***************************************************"; \
+           $(ECHO) "***                                             ***"; \
+           $(ECHO) "***                  WARNING                    ***"; \
+           $(ECHO) "***                                             ***"; \
+           $(ECHO) "*** The presence of a CVS subdirectory suggests ***"; \
+           $(ECHO) "*** that you are trying to build a distribution ***"; \
+           $(ECHO) "*** package based on a checked out, not an      ***"; \
+           $(ECHO) "*** exported copy of the source tree. Please    ***"; \
+           $(ECHO) "*** see \"Releasing a new version\" in the        ***"; \
+           $(ECHO) "*** developer manual.                           ***"; \
+           $(ECHO) "***                                             ***"; \
+           $(ECHO) "***************************************************"; \
+           $(ECHO) "Type \"yes i am sure\" if you are sure that you"; \
+           $(ECHO) -n "really want to proceed: "; \
+           read answer; \
+           if [ "$$answer" != "yes i am sure" ]; then exit 1; fi \
+         fi;
+
+
+#############################################################################
+# create tar.gz from CVS:
+# This make-target is usually called through 'create-archive'. If you 
+# run 'make create-snapshot' without setting SNAPVERSION, you'll get a
+# tar.gz with the current date in the name and as a releasenumber in the 
+# spec-file. But the main usage is to run it as follows (Red Hat example):
+# make SNAPVERSION=1.6x create-snapshot
+# This creates a tar.gz and spec-file for a Red Hat 6.x version.
+#############################################################################
+create-snapshot:
+	@tag=`cvs -d $(CVSROOT) status Makefile | awk ' /Sticky Tag/ { print $$3 } '` 2> /dev/null; \
+	[ x"$$tag" = x"(none)" ] && tag=HEAD; \
+	echo "*** Creating package from $$tag!"; \
+	TMPDIR=$(shell mktemp -d /tmp/$(PROGRAM).XXXXXX); \
+	cd $$TMPDIR ; cvs -Q -d $(CVSROOT) export -r $$tag current || echo "Um... export aborted."; \
+	cd $$TMPDIR/current; \
+	TMPFILE=$$(mktemp -q /tmp/$(PROGRAM).XXXXXX); \
+	if $(SED) -e 's/^\(Version:\).*/\1 $(RPM_VERSION)/g' \
+		-e 's/^\(Release:\).*/\1 $(SNAPVERSION)/g' \
+		privoxy-rh.spec > $$TMPFILE ; then \
+			$(MV) -f $$TMPFILE privoxy-rh.spec; \
+	else \
+		$(ECHO) "Could not set version info in specfile."; \
+		exit 1;\
+	fi;\
+	if $(SED) -e 's/^\(Version:\).*/\1 $(RPM_VERSION)/g' \
+             -e 's/^\(Release:\).*/\1 $(SNAPVERSION)/g' \
+              privoxy-suse.spec > $$TMPFILE ; then \
+			$(MV) -f $$TMPFILE privoxy-suse.spec; \
+	else \
+		$(ECHO) "Could not set version info in specfile."; \
+		exit 1;\
+	fi; \
+	$(RM) $$TMPFILE; \
+	cd $$TMPDIR/current; \
+	$(TAR) --exclude ".cvsignore" --exclude "CVS" \
+		-czf /tmp/$(PROGRAM)-$(VERSION).tar.gz .; \
+	$(RM) -rf $$TMPDIR
+	@echo "Resulting file is /tmp/$(PROGRAM)-$(VERSION).tar.gz"
+
+
+#############################################################################
+# looks at the version of Makefile and exports a corresponding source-tree
+# example: if the Makefile has the sticky tag v_2_9_13, you'll get 
+# privoxy-*-2.4.13.tar.gz. Two different tar files will be written, one for
+# Red Hat and one for SuSe (different spec-files)
+#############################################################################
+create-archive:
+	make SNAPVERSION=$(SNAPVERSION) create-snapshot
+
+#############################################################################
+# RPM specifice stuff (SuSE or Redhat, ..)
+#############################################################################
+rpm-stuff: dist-check clean clobber 
+	for dir in RPMS SRPMS BUILD SOURCES SPECS; do \
+		if [ ! -w $(RPM_BASE)/$$dir ]; then \
+			$(ECHO) "$(RPM_BASE)/$$dir is not writable for you. Maybe try as root."; \
+			$(ECHO) "Or add a suitable path to .rpmmacros like."; \
+			$(ECHO) "%_topdir /home/foo/rpm-build"; \
+			exit 1; \
+		fi; \
+	done; \
+
+check-release:
+	@if [ "$(RPM_PACKAGEV)" = "" ]; then \
+		echo ; \
+		echo "	ERROR: NO RPM_PACKAGEV VALUE"; \
+		echo "	No value given for RPM_PACKAGEV. Please use:"; \
+		echo "	make dist-upload RPM_PACKAGEV=release"; \
+		echo "	where \"release\" is the release number you want to and"; \
+		echo "	where \"dist\" is the name of the distro (redhat or suse)"; \
+		echo ; \
+		echo "	Ex: make redhat-upload RPM_PACKAGEV=1"; \
+		echo ""; \
+		echo "ATTENTION: If your distribution use a specific tag on the"; \
+		echo "           release field (like \"cl\" for Conectiva, and"; \
+		echo "           \"mdk\" for Mandrake), DO NOT put it on the value"; \
+		echo "           given to RPM_PACKAGEV. It will be added automaticaly."; \
+		echo "           Do it like you would do for a redhat package,"; \
+		echo "           (i.e. just the number)."; \
+		echo ; \
+		exit 1; \
+	fi
+
+
+#############################################################################
+# Create Conectiva specfile from RedHat specfile
+#############################################################################
+conectiva-spec:
+	$(RM) privoxy-cl.spec
+	chmod a+x genclspec.sh
+	./genclspec.sh
+
+#############################################################################
+# Conectiva distribution for x86
+#############################################################################
+conectiva-dist: rpm-stuff conectiva-spec
+
+	$(TAR) --exclude ".cvsignore" --exclude "CVS" --exclude "privoxy-suse.spec" --exclude "privoxy-rh.spec" --exclude "PACKAGERS" -czf $(TAR_ARCH) .
+	$(RPMBUILD) --clean -ta  $(TAR_ARCH)
+	if [ -f $(TAR_ARCH) ]; then  $(RM) $(TAR_ARCH); fi
+
+conectiva-upload: check-release
+	make redhat-upload RPM_PACKAGEV=$(RPM_PACKAGEV)cl
+
+#############################################################################
+# redhat distribution alpha and x86
+#############################################################################
+redhat-dist: rpm-stuff
+	echo $(CONFIG_FILES)
+	$(TAR) --exclude ".cvsignore" --exclude "CVS" --exclude "privoxy-suse.spec" --exclude "privoxy-cl.spec" --exclude "PACKAGERS" -czf $(TAR_ARCH) .
+	$(RPMBUILD) --clean -ta  $(TAR_ARCH)
+	if [ -f $(TAR_ARCH) ]; then  $(RM) $(TAR_ARCH); fi
+
+# For testing build issues only! Use redhat-dist for official releases.
+redhat-test: 
+	echo $(CONFIG_FILES)
+	$(TAR) --exclude ".cvsignore" --exclude "CVS" --exclude "privoxy-suse.spec" --exclude "privoxy-cl.spec" --exclude "PACKAGERS" -czf $(TAR_ARCH) .
+	$(RPMBUILD) --clean -tb  $(TAR_ARCH)
+	if [ -f $(TAR_ARCH) ]; then  $(RM) $(TAR_ARCH); fi
+	@echo "WARNING: This target is only for testing. Use redhat-dist for releases!!!"
+
+# anonymously ncftps the rpms to sourceforge
+redhat-upload: check-release
+	ncftpput -u anonymous -p ijbswa-developers at lists.sourceforge.net upload.sourceforge.net /incoming $(RPM_BASE)/SRPMS/privoxy-$(RPM_VERSION)-$(RPM_PACKAGEV).src.rpm
+# better should use `arch` here instead of ix86 to support other platforms too
+	ncftpput -u anonymous -p ijbswa-developers at lists.sourceforge.net upload.sourceforge.net /incoming $(RPM_BASE)/RPMS/*/privoxy-$(RPM_VERSION)-$(RPM_PACKAGEV).*.rpm
+	@$(ECHO) -------------------------------------------------------
+	@$(ECHO) Now goto
+	@$(ECHO) https://sourceforge.net/project/admin/editpackages.php?group_id=11118
+	@$(ECHO) ... and release the files.
+	@$(ECHO) -------------------------------------------------------
+     # w3m http://sourceforge.net/project/admin/editpackages.php?group_id=11118
+
+
+#############################################################################
+# Creates a Red Hat sourcepackage from CVS (not from the current sources
+# on disk)
+#############################################################################
+redhat-srpm: 
+	make create-archive
+	$(RPMBUILD) -ts --nodeps $(PROGRAM)-$(VERSION).tar.gz
+
+
+#############################################################################
+# suse distribution. works fine. no need to be root. 
+#############################################################################
+suse-dist: rpm-stuff
+# 	TMPFILE=$$(mktemp -q /tmp/$(PROGRAM).XXXXXX); \
+# 	if $(SED) -e 's/^\(Version:\).*/\1 $(RPM_VERSION)/g' \
+#              -e 's/^\(Release:\).*/\1 $(RPM_PACKAGEV)/g' \
+#               privoxy-suse.spec > $$TMPFILE ; then \
+# 	$(MV) -f $$TMPFILE privoxy-suse.spec; \
+# 	else \
+# 		$(ECHO) "Could not set version info in specfile."; \
+# 	exit 1;\
+# 	fi
+
+	$(TAR) --exclude ".cvsignore" --exclude "CVS" --exclude "privoxy-rh.spec" --exclude "privoxy-cl.spec" --exclude "PACKAGERS" -czf $(TAR_ARCH) .
+	$(RPMBUILD) --clean -ta  $(TAR_ARCH)
+	if [ -f $(TAR_ARCH) ]; then  $(RM) $(TAR_ARCH); fi
+
+# anonymously ncftps the rpms to sourceforge
+suse-upload: check-release
+	ncftpput -u anonymous -p ijbswa-developers at lists.sourceforge.net upload.sourceforge.net /incoming $(RPM_BASE)/SRPMS/privoxy-suse-$(RPM_VERSION)-$(RPM_PACKAGEV).src.rpm
+# better should use `arch` here instead of ix86 to support other platforms too
+	ncftpput -u anonymous -p ijbswa-developers at lists.sourceforge.net upload.sourceforge.net /incoming $(RPM_BASE)/RPMS/*/privoxy-suse-$(RPM_VERSION)-$(RPM_PACKAGEV).*.rpm
+	@$(ECHO) -------------------------------------------------------
+	@$(ECHO) Now goto
+	@$(ECHO) https://sourceforge.net/project/admin/editpackages.php?group_id=11118
+	@$(ECHO) ... and release the files.
+	@$(ECHO) -------------------------------------------------------
+
+# handle with care. use with root.
+suse-clean:
+	$(RPM) -e junkbuster-suse || true
+	$(RM) -r /etc/junkbuster
+	$(RM) -r /etc/rc.d/junkbuster*
+	$(RM) -r /var/run/junkbuster.pid 
+	$(RM) -r /var/log/junkbuster
+	$(RM) /etc/init.d/junkbuster
+	$(RM) /usr/sbin/junkbuster
+	$(RM) /usr/sbin/rcjunkbuster
+	$(RM) /usr/share/man/man1/junkbuster.1.gz
+	$(RPM) -e privoxy-suse || true
+	$(RM) -r /etc/privoxy
+	$(RM) -r /etc/rc.d/privoxy*
+	$(RM) -r /var/run/privoxy.pid 
+	$(RM) -r /var/log/privoxy
+	$(RM) /etc/init.d/privoxy
+	$(RM) /usr/sbin/privoxy
+	$(RM) /usr/sbin/rcprivoxy
+	$(RM) /usr/share/man/man1/privoxy.1.gz
+
+#############################################################################
+# generic distribution
+#############################################################################
+gen-dist: dist-check
+	@$(ECHO) ""
+	@$(ECHO) "You have run autoconf && autoheader && ./configure right?"
+	@$(ECHO) ""
+	$(MAKE) $(PROGRAM)
+	$(STRIP_PROG) $(PROGRAM)
+	$(LN) -s current ../privoxy-$(VERSION)-$(CODE_STATUS)
+# add program
+	(cd .. && $(TAR) -cvhf --exclude "PACKAGERS" privoxy-$(TARGET_OS)-$(VERSION)-$(CODE_STATUS)-src.tar privoxy-$(VERSION)-$(CODE_STATUS)/$(PROGRAM))
+# add config files
+	for foo in $(CONFIG_FILES); do \
+		(cd .. && $(TAR) -uvhf --exclude "PACKAGERS" privoxy-$(TARGET_OS)-$(VERSION)-$(CODE_STATUS)-src.tar privoxy-$(VERSION)-$(CODE_STATUS)/$$foo;) \
+	done; 
+# add documentation
+	for foo in $(DOC_FILES); do \
+		(cd .. && $(TAR) -uvhf --exclude "PACKAGERS" privoxy-$(TARGET_OS)-$(VERSION)-$(CODE_STATUS)-src.tar privoxy-$(VERSION)-$(CODE_STATUS)/$$foo;) \
+	done;
+# and zip the archive
+	$(RM) ../privoxy-$(VERSION)-$(CODE_STATUS)
+	$(GZIP_PROG) ../privoxy-$(TARGET_OS)-$(VERSION)-$(CODE_STATUS)-src.tar
+	@$(ECHO) Distribution with binary created.
+
+# anonymously ncftps the package to sourceforge
+gen-upload:
+	ncftpput -u anonymous -p ijbswa-developers at lists.sourceforge.net upload.sourceforge.net /incoming ../privoxy-$(TARGET_OS)-$(VERSION)-$(CODE_STATUS)-src.tar.gz
+	@$(ECHO) -------------------------------------------------------
+	@$(ECHO) Now goto
+	@$(ECHO) https://sourceforge.net/project/admin/editpackages.php?group_id=11118
+	@$(ECHO) ... and release the files.
+	@$(ECHO) -------------------------------------------------------
+
+# use with care
+gen-clean:
+	$(RM) privoxy-$(TARGET_OS)-$(VERSION)-$(CODE_STATUS)-src.tar*
+
+#############################################################################
+# solaris distribution. verified on SF machines by swa.
+#############################################################################
+solaris-dist: gen-dist
+	@$(ECHO) Done.
+# anonymously ncftps the package to sourceforge
+solaris-upload: gen-upload
+	@$(ECHO) Done.
+# use with care
+solaris-clean: gen-clean
+	@$(ECHO) Done.
+
+#############################################################################
+# hpux distribution
+#############################################################################
+hpux-dist:
+	@$(ECHO) coming soon. 
+hpux-upload:
+	@$(ECHO) coming soon. 
+
+#############################################################################
+# debian distribution
+#############################################################################
+debian-dist:
+	@$(ECHO) coming soon. 
+debian-upload:
+	@$(ECHO) coming soon. 
+
+#############################################################################
+# macosx distribution
+#############################################################################
+macosx-dist:
+	@$(ECHO) coming soon. 
+macosx-upload:
+	@$(ECHO) coming soon. 
+
+#############################################################################
+# amiga distribution
+#############################################################################
+amiga-dist:
+	@$(ECHO) coming soon. 
+amiga-upload:
+	@$(ECHO) coming soon. 
+
+#############################################################################
+# freebsd distribution. verified on SF machines by swa.
+#############################################################################
+freebsd-dist: gen-dist
+	@$(ECHO) Done.
+# anonymously ncftps the package to sourceforge
+freebsd-upload: gen-upload
+	@$(ECHO) Done.
+# use with care
+freebsd-clean: gen-clean
+	@$(ECHO) Done.
+
+#############################################################################
+# Windows distribution
+#############################################################################
+win-dist:
+	$(ECHO) Not implemented.
+
+
+#############################################################################
+# Tarball distribution: No CVS dirs, dotfiles, debian build dir,
+# (FIXME:) only parts of the static / generated docs mix in doc/webserver
+#############################################################################
+
+tarball-dist: dist-check clean clobber
+	$(LN) -s current ../privoxy-$(VERSION)-$(CODE_STATUS)
+
+	for i in `find . -type f -a -not \( -path "*/CVS*" -o -name ".*" \
+	-o -path "*/debian/*" -o -path "*/actions/*" -o -name "*.php" -o \
+	-name "PACKAGERS" \)`; do \
+	   files="$$files privoxy-$(VERSION)-$(CODE_STATUS)/$$i"; \
+	done &&  \
+	cd .. && $(TAR) -cvhf privoxy-$(VERSION)-$(CODE_STATUS)-src.tar $$files ; \
+
+# and zip the archive
+	$(RM) ../privoxy-$(VERSION)-$(CODE_STATUS) 
+	$(GZIP_PROG) ../privoxy-$(VERSION)-$(CODE_STATUS)-src.tar
+	@$(ECHO) Tarball distribution created.
+
+# anonymously ncftps the tarball to sourceforge
+tarball-upload:
+	ncftpput -u anonymous -p ijbswa-developers at lists.sourceforge.net upload.sourceforge.net /incoming ../privoxy-$(VERSION)-$(CODE_STATUS)-src.tar.gz
+	@$(ECHO) -------------------------------------------------------
+	@$(ECHO) Now goto
+	@$(ECHO) https://sourceforge.net/project/admin/editpackages.php?group_id=11118
+	@$(ECHO) ... and release the files.
+	@$(ECHO) -------------------------------------------------------
+
+tarball-clean:
+	$(RM) ../privoxy-$(VERSION)-$(CODE_STATUS)-src.tar.gz
+
+#############################################################################
+#
+# Documentation
+#
+# converts doc/source/*.sgml into html and man pages
+#
+#############################################################################
+
+# developer manual
+dok-devel: 
+	$(RM) doc/webserver/developer-manual/*.html
+	$(RM) -r doc/source/developer-manual
+	mkdir -p doc/source/developer-manual
+	cd doc/source/developer-manual && $(DB) ../developer-manual.sgml && cd .. && cp developer-manual/*.html ../webserver/developer-manual/
+
+# user manual
+dok-user: 
+	$(RM) doc/webserver/user-manual/*.html
+	$(RM) -r doc/source/user-manual/
+	mkdir -p doc/source/user-manual
+	cd doc/source/user-manual && $(DB) -iuser-man ../user-manual.sgml && cd .. && cp user-manual/*.html ../webserver/user-manual/
+	# FIXME: temp fix so same stylesheet gets in more than one place so it works
+	# for all doc set-ups, including the 'user manual' config option in local
+	# system where it MUST be in same directory as html.
+	$(PERL) -pi.bak -e 's/<\/head/\n<LINK REL=\"STYLESHEET\" TYPE=\"text\/css\" HREF=\"p_doc.css\">\n<\/head/i' doc/webserver/user-manual/*html
+
+# faq
+dok-faq: 
+	$(RM) doc/webserver/faq/*.html
+	$(RM) -r doc/source/faq
+	mkdir -p doc/source/faq
+	cd doc/source/faq && $(DB) ../faq.sgml && cd .. && cp faq/*.html ../webserver/faq/
+
+# man page, one variation. Try to use the next target, just 'make man'. 
+dok-man: 
+	$(RM) doc/man/* doc/webserver/man-page/*.html
+ifneq ($(MAN2HTML),false)
+	$(ECHO) "<html><head><title>Privoxy Man page</title><link rel=\"stylesheet\" type=\"text/css\" href=\"../p_web.css\"></head><body><H2>NAME</H2>" > doc/webserver/man-page/privoxy-man-page.html
+	man ./privoxy.1 | $(MAN2HTML) -bare >> doc/webserver/man-page/privoxy-man-page.html
+	$(ECHO) "</body></html>" >> doc/webserver/man-page/privoxy-man-page.html
+else
+	$(MAKE) groff2html
+endif
+
+# Build man page from sgml. This requires the SGMLSpm perl module.
+# See CPAN, or your favorite perl repository. This is the preferred 
+# target for man page generation!
+man: dok-release
+	mkdir -p doc/source/temp && cd doc/source/temp && $(RM) * ;\
+	nsgmls ../privoxy-man-page.sgml  | sgmlspl ../../../utils/docbook2man/docbook2man-spec.pl &&\
+	perl -pi.bak -e 's/ <URL:.*>//; s/\[ /\[/g' privoxy.1 ;\
+	perl -pi.bak -e "s/\[ /\[/g;s/á/\\\\['a]/g;s/é/\\\\['e]/g" privoxy.1; \
+	perl -pi.bak -e "s/ö/\\\\[:o]/g" privoxy.1; \
+	perl -pi.bak -e 's/([ {])-([a-z])/$$1\\-$$2/g' privoxy.1; \
+	perl -pi.bak -e 's/ --([a-z])/ \\-\\-$$1/g' privoxy.1; \
+	perl -pi.bak -e 's/\\fB--/\\fB\\-\\-/g' privoxy.1; \
+	$(DB) ../privoxy-man-page.sgml && $(MV) -f privoxy.1 ../../../privoxy.1
+
+# For those with man2html ala RH7s.
+man2html:
+	mkdir -p doc/webserver/man-page
+ifneq ($(MAN2HTML),false)
+	$(MAN2HTML) privoxy.1 |grep -v "^Content-type" > tmp.html
+	$(PERL) -pi.bak -e 's/<A .*Contents<\/A>//; s/<A .*man2html<\/A>/man2html/' tmp.html
+	$(PERL) -pi.bak -e 's/(<\/HEAD>)/<LINK REL=\"STYLESHEET\" TYPE=\"text\/css\" HREF=\"..\/p_doc.css\"><\/HEAD>/' tmp.html
+# Twice because my version of man2html is pulling in commas and periods in URLs.
+	$(PERL) -pi.bak -e 's/(<A.*),(">)/$$1$$2/g' tmp.html
+	$(PERL) -pi.bak -e 's,\.">,">,g' tmp.html
+	$(PERL) -pi.bak -e "s/\['a\]/\á/g;s/\['e\]/\é/g" tmp.html
+# Get rid of spurious  from conversion. (How to do this with perl?)
+	$(SED) -e 's///g' tmp.html > doc/webserver/man-page/privoxy-man-page.html && $(RM) tmp.*
+else
+	$(MAKE) groff2html
+endif
+
+
+# Otherwise we get plain groff conversion.
+groff2html:
+	$(G2H_CMD) ./privoxy.1 | $(SED) -e 's@</head>@<link REL="STYLESHEET" TYPE="text/css" HREF="../p_doc.css"></head>@' > doc/webserver/man-page/privoxy-man-page.html
+
+
+# readme page and INSTALL file
+dok-readme: dok-release
+	cd doc/source && $(DB)-notoc -V nochunks readme.sgml > tmp.html &&\
+	env -u LANG $(WDUMP) tmp.html > ../../README ;\
+	$(DB)-notoc -V nochunks install.sgml > tmp.html &&\
+	env -u LANG $(WDUMP) tmp.html > ../../INSTALL ;\
+	$(RM) tmp.*
+
+# index.sgml is used to create both the Home Page, and a local index
+# for documentation, etc.
+#
+# index.html for webserver:
+dok-webserver: 
+	cd doc/source/webserver && $(DB)-notoc -ip-homepage -V nochunks index.sgml > ../../webserver/index.html
+	$(PERL) -pi.bak -e 's/..\/p_doc.css/p_doc.css/;\
+	s/<\/HEAD/\n<meta name=\"description\" content=\"Privoxy helps users to protect their privacy.\"><\/HEAD/;\
+	s/<\/HEAD/\n<meta name="MSSmartTagsPreventParsing" content="TRUE"><\/HEAD/;\
+	s/\.\d\. //;\
+	s/__copy/©/'\
+     doc/webserver/index.html && $(RM) doc/webserver/*.bak
+
+# privoxy-index.html for local documentation:
+dok-index: 
+	cd doc/source/webserver && $(DB)-notoc -ip-index -V nochunks index.sgml > ../../webserver/privoxy-index.html
+	$(PERL) -pi.bak -e 's/..\/p_doc.css/p_doc.css/;\
+	s/<\/HEAD/\n<meta name=\"description\" content=\"Privoxy helps users to protect their privacy.\"><\/HEAD/;\
+	s/<\/HEAD/\n<meta name="MSSmartTagsPreventParsing" content="TRUE"><\/HEAD/;\
+	s/\.\d\. //;\
+	s/__copy/©/' \
+     doc/webserver/privoxy-index.html && $(RM) doc/webserver/*.bak
+
+# Main documentation target.
+dok: dok-release dok-devel dok-user dok-faq dok-readme dok-webserver dok-authors dok-index
+	@$(ECHO) Documentation created.
+
+#
+# an alternative to the above dok. disabled man page creation for the moment
+#
+redhat-dok: dok-release dok-devel dok-user dok-faq redhat-readme dok-webserver dok-authors
+	@$(ECHO) Documentation created.
+
+## Make README
+redhat-readme: 
+	cd doc/source && $(DB)-notoc -V nochunks readme.sgml > tmp.html && $(WDUMP) \
+	  tmp.html > ../../README && $(RM) -r tmp.html
+
+## Make AUTHORS file
+dok-authors: 
+	cd doc/source && $(DB) -V nochunks authors.sgml > tmp.html && env -u LANG $(WDUMP) \
+	  tmp.html > ../../AUTHORS && $(RM) tmp.html
+
+# Set doc entities for VERSION and CODE_STATUS in sgml docs. Toggle content
+# exceptions accordingly. This needs to go before any doc building (doh).
+dok-release:
+	@$(ECHO) Setting doc version and status to $(VERSION), $(CODE_STATUS)
+	@$(PERL) -pi.bak -e 's/<!entity +p-version.*>/<!entity p-version "$(VERSION)">/;\
+     s/<!entity +p-status.*>/<!entity p-status "$(CODE_STATUS)">/' \
+     doc/source/*sgml doc/source/*/*sgml
+	$(RM) -r doc/source/*bak doc/source/*/*bak
+ifeq ($(CODE_STATUS),stable)
+	@$(ECHO) Setting docs to stable $(VERSION)
+	@$(PERL) -pi.bak -e 's/<!entity +% +p-stable.*>/<!entity % p-stable "INCLUDE">/;\
+     s/<!entity +% +p-not-stable.*>/<!entity % p-not-stable "IGNORE">/' \
+     doc/source/*sgml doc/source/*/*sgml
+	$(RM) -r doc/source/*bak doc/source/*/*bak
+else
+	@$(ECHO) Setting docs to not stable $(VERSION)
+	@$(PERL) -pi.bak -e 's/<!entity +% +p-stable.*>/<!entity % p-stable "IGNORE">/;\
+     s/<!entity +% +p-not-stable.*>/<!entity % p-not-stable "INCLUDE">/' \
+     doc/source/*sgml doc/source/*/*sgml
+	$(RM) -r doc/source/*bak doc/source/*/*bak
+endif
+
+# Create release announcement in text and html, with short and long versions.
+# This is a standalone target, and must be invoked directly.
+# announce: dok-release
+# 	mkdir -p $(DOC_TMP)
+# 	cd $(DOC_TMP) && cp -f ../announce.sgml . && $(DB) -iannounce-big announce.sgml &&\
+# 	mv -f index.html announce.html && $(WDUMP) announce.html > announce.txt
+# 	cd $(DOC_TMP) && $(DB) announce.sgml &&\
+# 	mv -f index.html announce-mini.html && $(WDUMP) announce-mini.html > announce-mini.txt &&\
+# 	mv -f *html *txt ../../.. 
+# 	rm -fr $(DOC_TMP)
+
+# The main Privoxy config file, generated from sgml sources. 
+# NOTE: This will require some hand editing. The new file is outputted 
+# as config.new so that problem sections can be compared to previous
+# version. This is hardcored to w3m for html/text conversion. Also, 
+# requires the shell util 'fmt'.
+config-file: dok-release
+	cd doc/source && $(DB)-notoc -iconfig-file -V nochunks config.sgml > __tmp.html &&\
+	env -u LANG w3m -dump __tmp.html | fmt -w 70 > ../../config.new && $(RM) -r __tmp.*
+	$(PERL) -i.bak utils/prepare-configfile.pl config.new
+
+	$(RM) *.bak
+	@$(ECHO)  "****************************************************"
+	@$(ECHO)  "The output file is config.new."
+	@$(ECHO)  "Now -- you need to hand edit the results!!!"
+	@$(ECHO)  "In particular, check the Debug levels, the"
+	@$(ECHO)  "permit-access, forward & socks examples and the"
+	@$(ECHO)  "various user-manual examples, which all"
+	@$(ECHO)  "probably got hammered."
+	@$(ECHO)  "****************************************************"
+
+# config file, alternate version using lynx (perl stuff unfinished). Lynx
+# does not do so good a job.
+config-file-alt: 
+	cd doc/source && $(ECHO) -e ".h2 JUSTIFY\\nJUSTIFY:FALSE" > __tmp.lynx_cfg &&\
+	$(DB)-notoc -iconfig-file -V nochunks config.sgml > __tmp.html &&\
+	lynx -cfg=__tmp.lynx_cfg -width=78 -dump __tmp.html > ../../config.new && $(RM) -r __tmp.*
+	$(PERL) -pi -e 's/^(   )//;\
+	                s/:$\/:\n/' config.new
+
+#############################################################################
+#
+# Webserver
+#
+# moves dokumentation to webserver
+#
+#############################################################################
+webserver: tidy
+	@$(ECHO) -------------------------------------------------------
+	@$(ECHO) You will need to "create" a SF shell first:
+	@$(ECHO)    ssh -t USER,PROJECT at shell.sourceforge.net create
+	@$(ECHO) Please make sure your documentation files are up to date.
+	@$(ECHO) Note that this command updates the home page and scps 
+	@$(ECHO) all stuff to the webserver, it will not remove obsolete documents.
+	@$(ECHO) You will also need to change the user-manual symlink manually.
+	@$(ECHO) -------------------------------------------------------
+
+	@$(ECHO) Uploading html
+	@cd doc/webserver; \
+          upload=`find . -type f -a -not \( -path "*/CVS*" -o -path "*/results*" \)`; \
+          $(TAR) c $$upload | ssh shell.sf.net 'cd /home/groups/i/ij/ijbswa/htdocs/; tar xvm 2>&1 | grep -v timestamp'
+
+	@$(ECHO) Fixing permissions
+	@ssh shell.sf.net 'chmod -R 775 /home/groups/i/ij/ijbswa/htdocs 2>/dev/null; true'
+	@ssh shell.sf.net 'find /home/groups/i/ij/ijbswa/htdocs/ -type f | xargs chmod 664 2>/dev/null; true'
+	@ssh shell.sf.net 'chmod 666 /home/groups/i/ij/ijbswa/htdocs/actions/results/actions-feedback.txt 2>/dev/null; true'
+
+
+web-actions: tidy
+	@$(ECHO) Uploading 
+	@cd doc/webserver/actions; \
+          upload=`find . -type f -a -not \( -path "*/CVS*" -o -path "*/results*" \)`; \
+          $(TAR) c $$upload | ssh ijbswa.sourceforge.net 'cd /home/groups/i/ij/ijbswa/htdocs/actions; tar xvm'
+
+	@$(ECHO) Fixing permissions
+	@ssh ijbswa.sourceforge.net 'find /home/groups/i/ij/ijbswa/htdocs/actions/ -type f | xargs chmod 664 2>/dev/null'
+	@ssh ijbswa.sourceforge.net 'chmod 666 /home/groups/i/ij/ijbswa/htdocs/actions/results/actions-feedback.txt 2>/dev/null'
+
+## 
+dok-put:
+	tar --exclude ".cvsignore" --exclude "CVS" --exclude "source" --exclude ".htaccess" \
+	     --exclude "obsolete" --exclude "actions" --exclude "*.zip" --exclude "robots.txt"\
+		doc/* INSTALL LICENSE AUTHORS README \
+		-czf $(DOC_FILE) ;\
+		$(ECHO) "Uploading doc package ..." ;\
+		scp $(DOC_FILE) ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/docs/
+		@ssh ijbswa.sourceforge.net 'chmod 775 /home/groups/i/ij/ijbswa/htdocs/docs/*gz 2>/dev/null; true'
+		$(RM) $(DOC_FILE)
+
+dok-get:
+	cd /tmp ;\
+	$(WGET) http://www.privoxy.org/docs/$(DOC_FILE) ;\
+	$(TAR) -zxvf $(DOC_FILE)
+
+
+#############################################################################
+# Source file dependencies
+#############################################################################
+
+actions.o:   actions.c   actions.h   config.h $(PROJECT_H_DEPS) errlog.h jcc.h list.h loaders.h miscutil.h actionlist.h ssplit.h
+cgi.o:       cgi.c       cgi.h       config.h $(PROJECT_H_DEPS) cgiedit.h cgisimple.h jbsockets.h list.h pcrs.h encode.h ssplit.h jcc.h filters.h actions.h errlog.h miscutil.h
+cgiedit.o:   cgiedit.c   cgiedit.h   config.h $(PROJECT_H_DEPS) cgi.h list.h pcrs.h encode.h ssplit.h jcc.h filters.h actionlist.h actions.h errlog.h miscutil.h
+cgisimple.o: cgisimple.c cgisimple.h config.h $(PROJECT_H_DEPS) cgi.h list.h pcrs.h encode.h ssplit.h jcc.h filters.h actions.h errlog.h miscutil.h urlmatch.h
+deanimate.o: deanimate.c deanimate.h config.h $(PROJECT_H_DEPS)
+encode.o:    encode.c    encode.h    config.h
+errlog.o:    errlog.c    errlog.h    config.h $(PROJECT_H_DEPS) #w32log.h
+filters.o:   filters.c   filters.h   config.h $(PROJECT_H_DEPS) errlog.h encode.h gateway.h jbsockets.h jcc.h loadcfg.h parsers.h ssplit.h cgi.h deanimate.h urlmatch.h #win32.h 
+gateway.o:   gateway.c   gateway.h   config.h $(PROJECT_H_DEPS) errlog.h jbsockets.h jcc.h loadcfg.h
+jbsockets.o: jbsockets.c jbsockets.h config.h $(PROJECT_H_DEPS) filters.h
+jcc.o:       jcc.c       jcc.h       config.h $(PROJECT_H_DEPS) errlog.h filters.h gateway.h jbsockets.h loadcfg.h loaders.h miscutil.h parsers.h #w32log.h win32.h w32svrapi.h cgi.h
+list.o:      list.c      list.h      config.h $(PROJECT_H_DEPS) list.h miscutil.h
+loadcfg.o:   loadcfg.c   loadcfg.h   config.h $(PROJECT_H_DEPS) errlog.h filters.h gateway.h jbsockets.h jcc.h loaders.h miscutil.h parsers.h #w32log.h win32.h
+loaders.o:   loaders.c   loaders.h   config.h $(PROJECT_H_DEPS) errlog.h encode.h filters.h gateway.h jcc.h loadcfg.h miscutil.h parsers.h ssplit.h
+miscutil.o:  miscutil.c  miscutil.h  config.h
+parsers.o:   parsers.c   parsers.h   config.h $(PROJECT_H_DEPS) errlog.h filters.h jbsockets.h jcc.h loadcfg.h loaders.h miscutil.h ssplit.h
+ssplit.o:    ssplit.c    ssplit.h    config.h miscutil.h
+urlmatch.o:  urlmatch.c  urlmatch.h  config.h $(PROJECT_H_DEPS) errlog.h miscutil.h ssplit.h
+
+# GNU regex
+gnu_regex.o: gnu_regex.c gnu_regex.h config.h
+
+# PCRS
+pcrs.o: pcrs.c pcrs.h config.h pcre/pcre.h 
+
+# PCRE
+pcre/get.o:        pcre/get.c        pcre/config.h pcre/internal.h pcre/pcre.h
+pcre/maketables.o: pcre/maketables.c pcre/config.h pcre/internal.h pcre/pcre.h
+pcre/pcre.o:       pcre/pcre.c       pcre/config.h pcre/internal.h pcre/pcre.h pcre/chartables.c 
+pcre/pcreposix.o:  pcre/pcreposix.c  pcre/config.h pcre/internal.h pcre/pcre.h pcre/pcreposix.h
+pcre/study.o:      pcre/study.c      pcre/config.h pcre/internal.h pcre/pcre.h
+
+# An auxiliary program makes the PCRE default character table source
+
+pcre/chartables.c:   pcre/dftables
+		pcre/dftables >pcre/chartables.c
+
+pcre/dftables:       pcre/dftables.c pcre/maketables.c pcre/pcre.h pcre/internal.h pcre/config.h
+		$(CC) -o pcre/dftables $(CFLAGS) pcre/dftables.c
+
+# Win32
+w32log.o: w32log.c errlog.h config.h jcc.h loadcfg.h miscutil.h pcre/pcre.h pcre/pcreposix.h pcrs.h project.h w32log.h w32taskbar.h win32.h
+w32taskbar.o: w32taskbar.c config.h w32log.h w32taskbar.h
+win32.o: win32.c config.h jcc.h loadcfg.h pcre/pcre.h pcre/pcreposix.h pcrs.h project.h w32log.h win32.h w32svrapi.h
+
+w32.res: w32.rc w32res.h icons/ico00001.ico icons/ico00002.ico icons/ico00003.ico icons/ico00004.ico icons/ico00005.ico icons/ico00006.ico icons/ico00007.ico icons/ico00008.ico icons/idle.ico icons/privoxy.ico config.h
+	windres -D__MINGW32__=0.2 -O coff -i $< -o $@
+
+# AmigaOS
+#OBJS += amiga.o
+#ifeq ($(shell $(CC) -dumpmachine), m68k-amigaos)
+#CFLAGS += -D__AMIGAVERSION__=\"$(VERSION_MAJOR).$(VERSION_MINOR)$(VERSION_POINT)\" -D__AMIGADATE__=\"`date +%d.%m.%Y`\" -W -m68020 -noixemul -fbaserel -msmall-code
+#LDFLAGS += -m68020 -noixemul -fbaserel
+#LIBS = -lm /gg/lib/libb/libm020/libnix/swapstack.o
+#else
+#CFLAGS += -D__AMIGAVERSION__=\"$(VERSION_MAJOR).$(VERSION_MINOR)$(VERSION_POINT)\" -D__AMIGADATE__=\"`date +%d.%m.%Y`\" -Wextra -D__USE_INLINE__ -D__NO_INTUITION_RJ_MACROS
+#endif
+#amiga.o: amiga.c amiga.h config.h
+
+
+$(PROGRAM): $(OBJS) $(W32_FILES)
+	$(LD) $(LDFLAGS) -o $(PROGRAM) $(OBJS) $(LIBS)
+
+clean:
+	$(RM) a.out $(OBJS) $(W32_FILES) $(W32_INIS) $(PROGRAM) default.action `find . -name TAGS -o -name tags` config.base config.tmp
+
+tidy:
+	$(RM) `find . -name "*~"`
+	$(RM) `find . -name "#*#"` # Emacs backup files
+	$(RM) `find . -name ".\#*"`
+
+clobber: tidy
+	$(RM) GNUmakefile configure config.h.in config.h config.cache config.status config.log logfile \
+              privoxy.log core *.tar.gz *.tar privoxy-cl.spec doc/source/ldp.dsl config.new
+	$(RM) -r autom4te.cache
+
+#
+# FIXME: What is all this? 
+#
+	$(RM) cscope.*  *.pdb *.lib *.exp 
+
+distclean: clobber
+
+tags: $(SRCS) $(HDRS)
+	etags $(SRCS) $(HDRS)
+
+CONF_DEST:=$(shell if [ "$(prefix)" = "/usr/local" ] && [ "$(CONF_BASE)" = "$(prefix)/etc" ];then \
+		$(ECHO) "$(CONF_BASE)/privoxy";\
+	 else\
+		 $(ECHO) "$(CONF_BASE)";\
+	 fi)
+
+LOG_DEST:=$(shell if [ "$(prefix)" = "/usr/local" ] && [ "$(LOGS_DEST)" = "$(prefix)/var/log/privoxy" ];then \
+		$(ECHO) "/var/log/privoxy" ;\
+	 else\
+		 $(ECHO) "$(LOGS_DEST)";\
+	 fi)
+
+PID_DEST:=$(shell if [ "$(prefix)" = "/usr/local" ] && [ "$(PIDS_DEST)" = "$(prefix)/var/run" ];then \
+		$(ECHO) "/var/run" ;\
+	 else\
+		 $(ECHO) "$(PIDS_DEST)";\
+	 fi)
+
+check_doc:=$(shell if [ ! -d "$(SHARE_DEST)/doc" ] && [ "$(prefix)" = "/usr/local" ]  && [ -d "$(prefix)/doc" ];then \
+		$(ECHO) "1";\
+	 else\
+		 $(ECHO) "0";\
+	 fi)
+
+# If USER is specified but no GROUP, assume there is a GROUP of same name.
+GROUP_T:=$(shell if [ x$(GROUP) = x ] && [ x$(USER) != x ];then \
+		$(ECHO) "$(USER)" ;\
+	 else\
+		 $(ECHO) "$(GROUP)";\
+	 fi)
+
+install-strip:
+	$(MAKE) install STRIP=-s
+
+# FIXME: Test USER and GROUP on Slack to make sure this works as 
+# intended.
+#
+# FIXME: id handling needs help, probably via configure, since 'id -u' is not 
+# universally reliable (eg Solaris). Group handling could be better. 
+# Perhaps the whole user/group validation should be done here, and simplified.
+PROGRAM_V = Privoxy $(VERSION) $(CODE_STATUS)
+install: CONF_DEST LOG_DEST PID_DEST check_doc GROUP_T
+	@# Quick test for valid USER.
+	@if [ -n "$(USER)" ]; then \
+		$(ID) $(USER) >/dev/null || exit 1;\
+	fi
+	@# Test for valid group. FIXME. USER does not have to belong to GROUP 
+	@# for file ownership purposes.
+# 	if [ -n "$(GROUP_T)" ] && [ -n "$(USER)" ] && ! $(GROUPS) $(USER) | $(GREP) "\<$(GROUP_T)\>" >/dev/null; then \
+# 		$(ECHO) Group $(GROUP_T) for User $(USER) is invalid && exit 1 ;\
+# 	fi
+
+	@$(ECHO) "Creating directories, and preparing $(PROGRAM_V) installation"
+	$(CHMOD) $(DIR_MODE) $(MKDIR)
+	@$(MKDIR) $(DESTDIR)$(SBIN_DEST) $(DESTDIR)$(prefix) $(DESTDIR)$(CONF_DEST) \
+		$(DESTDIR)$(CONF_DEST)/templates $(DESTDIR)$(SHARE_DEST) \
+		$(DESTDIR)$(LOG_DEST) $(DESTDIR)$(PID_DEST)
+	@# Install the executable binary, strip if invoked as install-strip
+	@test -n "$(STRIP)" &&\
+	$(ECHO) Installing $(PROGRAM) stripped executable to $(SBIN_DEST) ||\
+	$(ECHO) Installing $(PROGRAM) executable to $(DESTDIR)$(SBIN_DEST)
+	$(INSTALL) $(INSTALL_P) $(STRIP) $(PROGRAM) $(DESTDIR)$(SBIN_DEST)
+
+	@# Install the DOCS and man page. install-sh only does one file at a time.
+	@# FIXME: only handles jpegs.
+	- at if [ $(check_doc) = 0 ]; then \
+		DOC=$(DOC_DEST) ;\
+	else \
+		DOC=$(prefix)/doc/privoxy ;\
+	fi;\
+	$(MKDIR) $(DESTDIR)$$DOC $(DESTDIR)$$DOC/user-manual $(DESTDIR)$$DOC/faq $(DESTDIR)$$DOC/developer-manual \
+	     $(DESTDIR)$$DOC/man-page $(DESTDIR)$$DOC/images $(DESTDIR)$(MAN_DEST) ;\
+	if [ -d "$(DOK_WEB)" ]; then \
+		$(ECHO) Installing FAQ, Manual, and other docs to $(DESTDIR)$$DOC;\
+          for i in user-manual developer-manual faq; do \
+               for ii in $(DOK_WEB)/$$i/*html; do \
+                    $(INSTALL) $(INSTALL_T) $$ii $(DESTDIR)$$DOC/$$i;\
+               done ;\
+          done ;\
+		for i in $(DOK_WEB)/user-manual/*jpg; do \
+               $(INSTALL) $(INSTALL_T) $$i $(DESTDIR)$$DOC/user-manual;\
+          done ;\
+		$(INSTALL) $(INSTALL_T) $(DOK_WEB)/man-page/*html $(DESTDIR)$$DOC/man-page;\
+		$(INSTALL) $(INSTALL_T) $(DOK_WEB)/privoxy-index.html $(DESTDIR)$$DOC/index.html;\
+		$(INSTALL) $(INSTALL_T) AUTHORS $(DESTDIR)$$DOC;\
+		$(INSTALL) $(INSTALL_T) LICENSE $(DESTDIR)$$DOC;\
+		$(INSTALL) $(INSTALL_T) README $(DESTDIR)$$DOC;\
+		$(INSTALL) $(INSTALL_T) ChangeLog $(DESTDIR)$$DOC;\
+		$(INSTALL) $(INSTALL_T) $(DOK_WEB)/p_doc.css $(DESTDIR)$$DOC;\
+		$(INSTALL) $(INSTALL_T) $(DOK_WEB)/p_doc.css $(DESTDIR)$$DOC/user-manual;\
+	fi
+	@# Not all platforms support gzipped man pages.
+	@$(ECHO) Installing man page to $(DESTDIR)$(MAN_DEST)/privoxy.1
+	-$(INSTALL) $(INSTALL_T) privoxy.1  $(DESTDIR)$(MAN_DEST)/privoxy.1
+
+	@# Change the config file default directories according to the configured ones
+	@$(ECHO) Rewriting config for this installation
+	@if [ -f config.base ] ; then \
+		$(CAT) config >config~ ;\
+		$(MV) config.base config ;\
+	fi
+	$(SED) 's+^confdir \.+confdir $(CONF_DEST)+' config | \
+	$(SED) 's+^logdir \.+logdir $(LOG_DEST)+' >config.tmp
+	- at if [ $(check_doc) = 0 ]; then \
+      $(SED) 's+^#\?user-manual .*+user-manual $(DOC_DEST)/user-manual/+' config.tmp >config.updated ;\
+	else \
+      $(SED) 's+^#\?user-manual .*+user-manual $(prefix)/doc/privoxy/user-manual/+' config.tmp >config.updated ;\
+	fi;\
+	$(MV) config config.base
+	$(MV) config.updated config 
+
+	@# Install the config support files. Test for root install, and abort 
+	@# if there is no privoxy user, and no other user was enabled during 
+	@# configure. Later, install init script if appropriate.
+	@$(ECHO) Installing templates to $(DESTDIR)$(CONF_DEST)/templates
+	@for i in `find templates -type f`; do \
+		$(INSTALL) $(INSTALL_T) $$i $(DESTDIR)$(CONF_DEST)/templates ;\
+	done
+
+	@# FIXME: group/user validation is overly convoluted.
+	@# If superuser install ... we require a minimum of group ownership
+	@# of those files the daemon writes to, to be non-root owned.
+	@if [ "`$(ID) |sed 's/(.*//' |sed 's/.*=//'`" = "0" ] ;then\
+		if [ x$(USER) = x ] || [ $(USER) = root ]; then \
+			if [ x$(GROUP) = x ] || [ $(GROUP) = root ]; then \
+				if [ "`$(ID) privoxy`" ] && \
+					$(GROUPS) privoxy | $(SED) 's/^.*://' |$(GREP) "\<privoxy\>" >/dev/null; then \
+					$(ECHO) "Warning: Setting group owner to privoxy";\
+					GROUP_T=privoxy ;\
+				else \
+					$(ECHO)  "******************************************************************" ;\
+					$(ECHO)  " WARNING! WARNING! installing config files as root!" ;\
+					$(ECHO)  " It is strongly recommended to run $(PROGRAM) as a non-root user," ;\
+					$(ECHO)  " and to install the config files as that user and/or group!" ;\
+					$(ECHO)  " Please read INSTALL, and create a privoxy user and group!" ;\
+					$(ECHO)  "*******************************************************************" ;\
+					exit 1 ;\
+				fi ;\
+			else \
+				GROUP_T=$(GROUP) ;\
+			fi ;\
+			INSTALL_CONF="$(INSTALL_R) -g $$GROUP_T " ;\
+		else \
+			$(ECHO) "Superuser install, installing config files as $(USER):$(GROUP_T)" ;\
+			INSTALL_CONF="$(INSTALL_R) -o $(USER) -g $(GROUP_T)" ;\
+			GROUP_T=$(GROUP_T) ;\
+		fi ;\
+	else \
+		if [ ! "`id $(USER)`" = "`id`" ] ;then \
+			$(ECHO) "** WARNING ** current install user different from configured user!!" ;\
+			$(ECHO) "Edit may fail." ;\
+		fi ;\
+		INSTALL_CONF="$(INSTALL_R)" ;\
+	fi ;\
+	$(ECHO) Installing configuration files to $(DESTDIR)$(CONF_DEST);\
+	for i in $(CONFIGS); do \
+		if [ "$$i" = "default.action" ] || [ "$$i" = "default.filter" ] ; then \
+			$(RM) $(DESTDIR)$(CONF_DEST)/$$i ;\
+			$(ECHO) Installing fresh $$i;\
+			$(INSTALL) $$INSTALL_CONF $$i $(DESTDIR)$(CONF_DEST) || exit 1;\
+		elif [ -s "$(CONF_DEST)/$$i" ]; then \
+			$(ECHO) Installing $$i as $$i.new ;\
+			$(INSTALL) $$INSTALL_CONF $$i $(DESTDIR)$(CONF_DEST)/$$i.new || exit 1;\
+			NEW=1;\
+		else \
+			$(INSTALL) $$INSTALL_CONF $$i $(DESTDIR)$(CONF_DEST) || exit 1;\
+		fi ;\
+	done ;\
+	if [ -n "$$NEW" ]; then \
+		$(CHMOD) $(RWD_MODE) $(DESTDIR)$(CONF_DEST)/*.new || exit 1 ;\
+		$(ECHO) "Warning: Older config files are preserved. Check new versions for changes!" ;\
+	fi ;\
+	[ ! -f $(DESTDIR)$(LOG_DEST)/logfile ] && $(ECHO) Creating logfiles in $(DESTDIR)$(LOG_DEST) || \
+		$(ECHO) Checking logfiles in $(DESTDIR)$(LOG_DEST) ;\
+		$(TOUCH) $(DESTDIR)$(LOG_DEST)/logfile || exit 1 ;\
+	if [ x$$USER != x ]; then \
+		$(CHOWN) $$USER $(DESTDIR)$(LOG_DEST)/logfile || \
+		$(ECHO) "** WARNING ** current install user different from configured user. Logging may fail!!" ;\
+	fi ;\
+	if [ x$$GROUP_T != x ]; then \
+		$(CHGRP) $$GROUP_T $(DESTDIR)$(LOG_DEST)/logfile || \
+		$(ECHO) "** WARNING ** current install user different from configured user. Logging may fail!!" ;\
+	fi ;\
+	$(CHMOD) $(RWD_MODE) $(DESTDIR)$(LOG_DEST)/logfile || exit 1 ;\
+	if [ "$(prefix)" = "/usr/local" ] || [ "$(prefix)" = "/usr" ]; then \
+		if [ -f /etc/slackware-version ] && [ -d /etc/rc.d/ ] && [ -w /etc/rc.d/ ] ; then \
+               $(SED) 's+%PROGRAM%+$(PROGRAM)+' slackware/rc.privoxy.orig | \
+               $(SED) 's+%SBIN_DEST%+$(SBIN_DEST)+' | \
+               $(SED) 's+%CONF_DEST%+$(CONF_DEST)+' | \
+               $(SED) 's+%USER%+$(USER)+' | \
+               $(SED) 's+%GROUP%+$(GROUP_T)+' >slackware/rc.privoxy ;\
+			$(INSTALL) $(INSTALL_P) slackware/rc.privoxy $(DESTDIR)/etc/rc.d/ ;\
+               $(ECHO) "Installing for Slackware." ;\
+               $(ECHO) "Dont forget to add the rc.privoxy to rc.local if you want it started at every boot" ;\
+		elif [ -f /etc/redhat-release ] && [ -d /etc/rc.d/init.d/ ] && [ -w /etc/rc.d/init.d/ ] ; then \
+               $(ECHO) "Installing init script to /etc/rc.d/init.d/privoxy" ;\
+			$(SED) 's,^PRIVOXY_BIN=.*,PRIVOXY_BIN="/usr/local/sbin/$(PROGRAM)",' privoxy.init |\
+			$(SED) 's,^PRIVOXY_CONF=.*,PRIVOXY_CONF="$(CONF_DEST)/config",' |\
+			$(SED) "s,^PRIVOXY_USER=.*,PRIVOXY_USER=$$USER," > init.tmp ;\
+			$(INSTALL) $(INSTALL_P) init.tmp $(DESTDIR)/etc/rc.d/init.d/privoxy && $(RM) init.tmp;\
+			$(MKDIR) $(DESTDIR)/etc/logrotate.d/ ;\
+			$(ECHO) "Installing logrotate script to $(DESTDIR)/etc/logrotate.d/" ;\
+			$(INSTALL) -m 0644 privoxy.logrotate $(DESTDIR)/etc/logrotate.d/privoxy ;\
+		elif [ -d $(DESTDIR)/etc/init.d ] && [ -w $(DESTDIR)/etc/init.d ] ; then \
+			$(ECHO) "Installing generic init script to $(DESTDIR)/etc/init.d/privoxy" ;\
+			$(ECHO) "Please check that the PATHs are correct, and edit if needed." ;\
+			$(INSTALL) $(INSTALL_P) privoxy-generic.init $(DESTDIR)/etc/init.d/privoxy ;\
+		fi ;\
+	else \
+		$(ECHO) "No init script installed, install it manually if needed" ;\
+	fi
+	$(RM) config.base config.tmp
+	@# mmmmm, good.
+	@$(ECHO) "$(PROGRAM_V) installation succeeded!"
+	@$(ECHO) "The Privoxy configuration files have been installed in $(DESTDIR)$(CONF_DEST)"
+
+# rmdir is used as a precaution since it will not remove non-empty
+# directories. RH init script creates lock file and pid file.
+uninstall: CONF_DEST LOG_DEST PID_DEST check_doc
+	@$(ECHO) Starting Privoxy uninstallation
+	@# KILL privoxy if running
+	@# XXX: the chkconfig line may need a DESTDIR prefix.
+	- at if [ -f $(DESTDIR)/etc/redhat-release ] && [ -x $(DESTDIR)/etc/rc.d/init.d/privoxy ]; then \
+		$(DESTDIR)/etc/rc.d/init.d/privoxy stop >/dev/null 2>/dev/null ;\
+		chkconfig --del $(PROGRAM) 2>/dev/null;\
+	fi
+	- at test -f $(DESTDIR)$(PID_DEST)/privoxy.pid && $(ECHO) Stopping $(PROGRAM) &&\
+         $(KILL) `$(CAT) $(DESTDIR)$(PID_DEST)/privoxy.pid` || :
+	- at test -f $(DESTDIR)/var/run/privoxy.pid && $(ECHO) Stopping $(PROGRAM) &&\
+          $(KILL) `$(CAT) $(DESTDIR)/var/run/privoxy.pid ` || :
+
+	@# Program binary
+	@$(ECHO) Removing $(PROGRAM) binary
+	$(RM) $(DESTDIR)$(SBIN_DEST)/$(PROGRAM) $(SBIN_DEST)/$(PROGRAM)~
+
+	@# config files and dir, and maybe old install backups
+	- at if [ -d $(DESTDIR)$(CONF_DEST) ]; then \
+		$(ECHO) Saving $(PROGRAM) config files to $(DESTDIR)/tmp/$(PROGRAM)-save ;\
+		$(MKDIR) $(DESTDIR)/tmp/$(PROGRAM)-save ;\
+		cd $(DESTDIR)$(CONF_DEST) ;\
+		for i in $(DESTDIR)$(CONFIGS); do \
+			[ -f $$i ] && $(CP) $$i $(DESTDIR)/tmp/$(PROGRAM)-save ;\
+		done ;\
+	fi
+	@$(ECHO) Removing $(PROGRAM) config files
+	- at for i in $(DESTDIR)$(CONFIGS); do \
+		test -f $(CONF_DEST)/$$i && $(ECHO) Removing $$i ;\
+		$(RM) $(DESTDIR)$(CONF_DEST)/$$i $(DESTDIR)$(CONF_DEST)/$$i~ $(DESTDIR)$(CONF_DEST)/$$i.new ;\
+	done
+	- at test -d $(DESTDIR)$(CONF_DEST)/templates && $(RM) -r $(DESTDIR)$(CONF_DEST)/templates &&\
+	$(ECHO) "Removing $(DESTDIR)$(CONF_DEST)/templates/*"
+
+	@# man page and docs
+	@$(ECHO) Removing $(PROGRAM) docs
+	-$(RM) $(DESTDIR)$(MAN_DEST)/privoxy.1*
+	-$(RM) -r $(DESTDIR)$(DOC_DEST) || $(RM) -r $(DESTDIR)$(prefix)/doc/privoxy
+
+	@# Log and pidfile
+	@$(ECHO) Removing $(PROGRAM) logs
+	-$(RM) $(DESTDIR)$(LOG_DEST)/logfile $(DESTDIR)$(PID_DEST)/privoxy.pid
+
+	@# Final clean up of unused directories. Special handling of CONF and LOG
+     # destinations.
+	@$(ECHO) Removing $(PROGRAM) directories
+	@for i in $(DESTDIR)$(LOG_DEST) $(DESTDIR)$(CONF_DEST); do \
+		if test -d $$i; then \
+			$(ECHO) Removing $$i ;\
+			$(RMDIR) $$i || $(ECHO) "$$i is not empty, not removed" ;\
+		fi;\
+	done
+	@if [  ! "$(prefix)" = "/usr/local" ] ;then \
+		for i in $(DESTDIR)$(MAN_DEST) $(DESTDIR)$(MAN_DIR) $(DESTDIR)$(SHARE_DEST)/doc \
+                         $(DESTDIR)$(SHARE_DEST) $(DESTDIR)$(SBIN_DEST); do \
+			if test -d $$i; then \
+				$(ECHO) Removing $$i ;\
+				$(RMDIR) $$i || $(ECHO) "$$i is not empty, not removed" ;\
+			fi;\
+		done;\
+		if test $(LOG_DEST) != /var/log/privoxy && test -d $(DESTDIR)$(prefix)/var/log; then \
+			$(ECHO) Removing $(DESTDIR)$(prefix)/var/log ;\
+			$(RMDIR) $(DESTDIR)$(prefix)/var/log || $(ECHO) "$(DESTDIR)$(prefix)/var/log is not empty, not removed";\
+		fi ;\
+		if test $(PID_DEST) != /var/run && test -d $(DESTDIR)$(prefix)/var/run; then \
+			$(ECHO) Removing $(DESTDIR)$(prefix)/var/run ;\
+			$(RMDIR) $(DESTDIR)$(prefix)/var/run || $(ECHO) "$(DESTDIR)$(prefix)/var/run is not empty, not removed";\
+		fi ;\
+		if test $(prefix)/var != /var && test -d $(DESTDIR)$(prefix)/var; then \
+			$(ECHO) Removing $(DESTDIR)$(prefix)/var ;\
+			$(RMDIR) $(DESTDIR)$(prefix)/var || $(ECHO) "$(DESTDIR)$(prefix)/var is not empty, not removed" ;\
+		fi ;\
+		if test $(prefix) != / && test $(prefix) != /usr && test -d $(DESTDIR)$(prefix); then \
+			$(ECHO) Removing $(DESTDIR)$(prefix) ;\
+			$(ECHO) Removing installation directory $(DESTDIR)$(prefix) ;\
+			$(RMDIR) $(DESTDIR)$(prefix) || $(ECHO) "$(DESTDIR)$(prefix) is not empty, not removed" ;\
+		fi;\
+	fi
+
+	@# init scripts and logrotate
+	@if [ "$(prefix)" = "/usr/local" ] || [ "$(prefix)" = "/usr" ]; then \
+		$(ECHO) Removing $(PROGRAM) init script ;\
+		if [ -f $(DESTDIR)/etc/slackware-version ] && \
+	                [ -d $(DESTDIR)/etc/rc.d/ ]  && [ -w $(DESTDIR)/etc/rc.d/ ] ; then \
+			$(RM) $(DESTDIR)/etc/rc.d/rc.privoxy ;\
+		elif [ -f $(DESTDIR)/etc/redhat-release ] && [ -d $(DESTDIR)/etc/rc.d/init.d/ ] \
+                       && [ -w $(DESTDIR)/etc/rc.d/init.d/ ] ; then \
+			$(RM) $(DESTDIR)/etc/rc.d/init.d/privoxy $(DESTDIR)/etc/logrotate.d/privoxy;\
+		elif [ -d $(DESTDIR)/etc/init.d ] && [ -w $(DESTDIR)/etc/init.d ] ; then \
+			$(RM) $(DESTDIR)/etc/init.d/privoxy ;\
+		else \
+			$(ECHO) "Unable to remove privoxy init script, not installed or permission denied" ;\
+		fi ;\
+	fi
+	@$(ECHO) Privoxy uninstalled, bye
+
+coffee:
+	 @perl	-e 'print pack "C*", (31,139,8,8,153,63,226,60,2,3,99,111,102,102,101,'	 \
+		-e '101,0,109,143,205,13,192,32,8,133,239,78,241,110,234,1,28,160,171,'  \
+		-e '152,208,53,26,117,247,22,165,73,137,125,9,1,62,126,2,128,169,5,243,' \
+		-e '143,13,139,49,164,65,100,149,152,102,73,141,88,73,178,116,205,100,'  \
+		-e '69,253,36,102,81,49,83,236,19,225,171,131,214,172,163,73,4,168,123,' \
+		-e '115,71,126,247,122,94,128,178,227,95,154,12,86,215,122,197,249,146,' \
+		-e '187,54,220,125,193,51,228,11,1,0,0);' | zcat
+
+#############################################################################
+
+## Local Variables:
+## tab-width: 3
+## end:
+
+# $Log: GNUmakefile.in,v $
+# Revision 1.180  2009/02/28 08:28:14  fabiankeil
+# pcrs.o doesn't depend on pcre/pcre.h if we are linking
+# dynamically. Patch provided by drauh in #2056286.
+#
+# Revision 1.179  2009/02/22 14:48:31  hal9
+# Updates to the 'make webserver' target that recreates the home page and uploads
+# fresh documents to reflect new SF realities, and more explanation of process.
+#
+# Revision 1.178  2009/02/08 18:35:48  fabiankeil
+# Move the match-all section into a separate file
+# (match-all.action) so we can safely overwrite the
+# default actions when updating. Based on Roland's
+# patch #1563977.
+#
+# Revision 1.177  2009/01/13 16:44:32  fabiankeil
+# Delete the standard.action file after moving
+# the pre-settings over to the default actions.
+#
+# Revision 1.176  2008/09/21 13:24:37  fabiankeil
+# Add Roland's man page fixes from 19_manpage_fixup.dpatch.
+#
+# Revision 1.175  2008/08/30 12:03:07  fabiankeil
+# Remove FEATURE_COOKIE_JAR.
+#
+# Revision 1.174  2008/07/18 17:50:47  fabiankeil
+# Fix whitespace.
+#
+# Revision 1.173  2008/06/18 18:28:42  fabiankeil
+# Remove PDF-related stuff.
+#
+# Revision 1.172  2008/06/17 16:16:08  fabiankeil
+# - Stop building text files nobody cares about.
+# - Update copyright year.
+#
+# Revision 1.171  2008/06/13 15:24:57  fabiankeil
+# Move previously inline'd Perl code for the config-file target
+# into a separate file, have it work with older perl releases,
+# clean it up a bit and fix the "underlining" code.
+#
+# Revision 1.170  2008/06/12 16:38:50  fabiankeil
+# Add third-level domain to URL in dok-get target.
+#
+# Revision 1.169  2008/06/09 17:28:31  fabiankeil
+# - Recommend https for releasing files.
+# - Fix a warning about datarootdir being ignored.
+#
+# Revision 1.168  2008/05/23 18:03:12  fabiankeil
+# - Shorten meta description inserted in dok-webserver
+#   and dok-index target.
+# - In config-file target, unset LANG for w3m as we
+#   might otherwise end up with multi-byte characters.
+#
+# Revision 1.167  2008/05/23 14:39:09  fabiankeil
+# Silence dok-user complaint about @# not being found.
+#
+# Revision 1.166  2008/05/23 14:04:57  fabiankeil
+# - Get config-file target working with more recent Perl
+#   versions. The generated file is still messed up, though.
+# - Fix comment typo.
+#
+# Revision 1.165  2008/05/22 16:57:23  fabiankeil
+# Fix coffee machine.
+#
+# Revision 1.164  2008/05/22 10:26:26  fabiankeil
+# - Remove parsers.o's dependency on encode.h.
+# - Include Emacs backup files in tidy target again.
+#
+# Revision 1.163  2008/05/04 18:01:53  fabiankeil
+# Dependency fixes: cgisimple.c and filters.c depend on urlmatch.h.
+#
+# Revision 1.162  2008/03/30 13:31:42  fabiankeil
+# Add DESTDIR support for the uninstall target.
+#
+# Revision 1.161  2008/03/30 13:19:13  fabiankeil
+# Add DESTDIR support for the install target. Closes PR#1910612.
+# Patch by Radoslaw Zielinski with minor modifications.
+#
+# Revision 1.160  2008/03/27 18:27:19  fabiankeil
+# Remove kill-popups action.
+#
+# Revision 1.159  2008/03/21 11:13:53  fabiankeil
+# Only gather host information if it's actually needed.
+# Also move the code out of accept_connection() so it's less likely
+# to delay other incoming connections if the host is misconfigured.
+#
+# Revision 1.158  2007/12/11 21:29:25  fabiankeil
+# Fix dependency list for cgiedit.c.
+#
+# Revision 1.157  2007/12/10 02:28:02  hal9
+# Unset $LANG for text processing of docs so we get pure text.
+#
+# Revision 1.156  2007/11/15 03:17:43  hal9
+# Some workaround changes to the config file perl stuff and comments, which is
+# broken here all by itself on perl 5.8.8.
+#
+# Revision 1.155  2007/09/22 16:23:25  fabiankeil
+# Update copyright line.
+#
+# Revision 1.154  2007/02/07 11:52:40  fabiankeil
+# Fix suse-dist as described in BR#1654052.
+# (I didn't test it, but it's done the same
+# way in redhat-dist which is known to work).
+#
+# Revision 1.153  2007/01/07 07:36:36  joergs
+# Added AmigaOS4 support.
+#
+# Revision 1.152  2006/12/13 14:53:51  etresoft
+# Include any existing LDFLAGS environment when linking so that a MacOS X Universal Binary can be created.
+#
+# Revision 1.151  2006/11/30 01:08:55  hal9
+# Fix problem with variable declarations in the Slackware section. Thanks to higuita.
+#
+# Revision 1.150  2006/10/25 11:55:45  fabiankeil
+# Fix sed regexes for rewriting "confdir ." and "logdir .".
+# Thanks to Darel Henman for reporting this.
+#
+# Revision 1.149  2006/10/11 01:40:28  hal9
+# Apply patch from  Neil McCalden to fix syntax issue.
+#
+# Revision 1.148  2006/09/26 10:57:58  hal9
+# Including Karsten's patch to fix make create-snapshot.
+#
+# Revision 1.147  2006/09/13 01:25:16  hal9
+# Make sure install forces in new default.action, default.filter, and
+# standard.filter. These are privoxy files, not user files.
+#
+# Revision 1.146  2006/09/08 23:57:19  hal9
+# User manual images are now user-manual doc directory, and fix make install
+# target accordingly.
+#
+# Revision 1.145  2006/09/08 02:32:00  hal9
+# Various changes to implement building and installing docs to be compatible
+# with the new "user-manual" settings in config from Roland. Docbook does not
+# seem to like dealing with more than one css file, so workaround that here.
+# Change 'make install' so it provides p_doc.css in the user-manual doc
+# directory so that functions well, and lastly modify 'make install' so that the
+# PATH is automatically set, and the 'user-manual' directive should done during
+# the install.
+#
+# Revision 1.144  2006/09/07 22:53:20  hal9
+# Make sure config sgml build related artifacts are cleaned out.
+#
+# Revision 1.143  2006/09/02 15:59:40  hal9
+# Add to code status to make install output.
+#
+# Revision 1.142  2006/08/29 01:46:24  hal9
+# Add user.filter to $CONFIGS.
+#
+# Revision 1.141  2006/08/12 03:54:37  david__schmidt
+# Windows service integration
+#
+# Revision 1.140  2006/07/18 14:48:45  david__schmidt
+# Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+# with what was really the latest development (the v_3_0_branch branch)
+#
+# Revision 1.104.2.28  2004/06/10 17:06:05  hal9
+# Fix bug #959617, by moving TMPDIR var to create-snapshot target, which is the
+# only place it is used.
+#
+# Revision 1.104.2.27  2004/02/07 16:11:10  oes
+# Make clobber remove the autom4te.cache dir.
+# Closes BR #889300
+#
+# Revision 1.104.2.26  2004/01/31 16:32:25  oes
+# Adding a check for an htmldoc variant from the debian diff
+#
+# Revision 1.104.2.25  2004/01/31 01:15:33  oes
+# Fixed a typo; updated copyright notice
+#
+# Revision 1.104.2.24  2003/12/03 10:30:02  oes
+# - Added new dependency: actions.c -> ssplit.h
+# - Excluded PDF docs from src tarball
+#
+# Revision 1.104.2.23  2003/04/20 17:28:52  hal9
+# Strip trailing spaces from config-file generation, bug #724596.
+#
+# Revision 1.104.2.22  2003/03/28 03:32:01  hal9
+# Minor changes for Privoxy home page:
+#  - Handle © more sanely
+#  - include link to announce.txt
+# Also, disable 'make announce' target.
+#
+# Revision 1.104.2.21  2002/11/04 07:04:03  hal9
+# Catch up with main trunk install/uninstall. Quiet output, etc.
+#
+# Revision 1.104.2.20  2002/10/25 02:44:22  hal9
+# Port of make install, etc from main trunk. Needs testing! Add Slackware
+# support, and other related changes. Update related docs.
+#
+# Revision 1.104.2.19  2002/09/26 22:50:02  hal9
+# New user-manual examples in config-file are getting wrapped. Add warning.
+#
+# Revision 1.104.2.18  2002/08/23 12:22:40  oes
+# Added warning to broken install target
+#
+# Revision 1.104.2.17  2002/08/16 03:19:34  hal9
+# More (minor) cleanup of html before pdf processing to make some relative
+# links work as pdf -> pdf. Upload pdf as zip archive now.
+#
+# Revision 1.104.2.16  2002/08/14 16:43:27  hal9
+# Added pdf docs to make webserver target.
+#
+# Revision 1.104.2.15  2002/08/11 20:02:41  hal9
+# New targets for man page (make man) and pdf (make dok-pdf) targets.
+#
+# Revision 1.104.2.14  2002/08/10 11:19:37  oes
+# - Make -Ipcre (again) conditional on STATIC_PCRE
+# - $(RPMBUILD) -> $(RPM) for SuSE
+# - Add dependency: pcrs.o deps on config.h
+#
+# Revision 1.104.2.13  2002/08/07 15:13:54  hal9
+# Remove pdf2 target, and make it dok-shtml (single page html for pdf
+# conversion).
+#
+# Revision 1.104.2.12  2002/08/06 11:29:36  oes
+# Fixed detection/inclusion of pcre.h, which is in a pcre subdir on RH
+#
+# Revision 1.104.2.11  2002/07/30 19:38:11  hal9
+# Add redhat-test target for testing purposes only. Fix RPM_PACKAGEV to what
+# *I think* it was supposed to be (was breaking upload targets since it was
+# set to RPM_VERSION).
+#
+# Revision 1.104.2.10  2002/07/27 22:56:53  kick_
+# cleanups of the redhat-srpm target
+#
+# Revision 1.104.2.9  2002/07/26 15:17:02  oes
+# - Added generation of default.action from defaul.action.master
+# - Deleted obsolete re_filterfile.txt generation
+#
+# Revision 1.104.2.8  2002/07/12 10:04:32  kick_
+# added helper targets to the makefile. They shouldn't break anything, but
+# make my life a lot easier.
+#
+# The new rpm has been splitted into two parts, one for package installation/
+# removal, one for package building.
+# Therefore rpm -ta isn't a valid command anymore and needs to be replaced
+# by rpmbuild -ta  (this is backwards compatible)
+#
+# Revision 1.104.2.7  2002/06/07 00:23:47  hal9
+# Fixing a quirk of man2html (on my system) that pulls punctuation into URLs,
+# thus breaking them completely.
+#
+# Revision 1.104.2.6  2002/06/02 03:26:25  hal9
+# Update CONFIG_FILES (ie update basic.action, etc), and also DOC_FILES (exclude
+# index.html and team/index.html)
+#
+# Revision 1.104.2.5  2002/05/30 15:35:01  hal9
+# This is more cleanup on the make config-file target. Most issues for
+# automatic generation are taken care of. There are still some problems
+# that require hand editing. Namely, some of the examples that are > 80 chars.
+#
+# Revision 1.104.2.4  2002/05/29 02:12:17  hal9
+# Ooops...forgot about perl -pi cygwin problem. Add -pi.bak. Also, the
+# new target is 'make config-file', _not_ make config.
+#
+# Revision 1.104.2.3  2002/05/29 02:05:48  hal9
+# 'make config' target added (WIP) for future generation of config file from
+# text in u-m so the two are in sync. New generated config, which requires
+# some hand editing for the time being.
+#
+# Revision 1.104.2.2  2002/05/28 02:32:55  hal9
+# New target 'make dok-index' for privoxy-index.html. Also, fixed *.bak files
+# not being cleaned up in doc/webserver.
+#
+# Revision 1.104.2.1  2002/05/26 17:19:34  hal9
+# Remove Table of Contents from readme with oes's dsl trick.
+#
+# Revision 1.104  2002/05/24 00:03:49  oes
+# Use p_doc.css for the Homepage for consistency
+#
+# Revision 1.103  2002/05/23 23:19:00  oes
+# Use dsl without TOC for the homepage
+#
+# Revision 1.102  2002/05/16 01:20:17  hal9
+# make announce target added.
+#
+# Revision 1.101  2002/05/15 12:28:46  oes
+# Trying to keep Hal happy :)
+#
+# Revision 1.100  2002/05/08 13:48:18  hal9
+# Ooops, that trashed JB v2.0.2 comment. Fixed.
+#
+# Revision 1.99  2002/05/08 13:42:07  hal9
+# This fixes the numbering problem on index.html in contact info section (.1.). Using
+# perl, since its way too convoluted to try to fix proper with docbook.
+#
+# Revision 1.98  2002/05/03 14:33:06  oes
+# Replaced ldp(OK).dsl handling with generation via autoconf; handle all file exeptions to src tarball via find
+#
+# Revision 1.97  2002/04/27 20:27:43  swa
+# no longer needed due to new
+# PACKAGE_VERSION process
+#
+# Revision 1.96  2002/04/27 17:44:32  morcego
+# - Correcting typo in my name (Rodrigo, not Rodgrigo) :-)
+# - Using the RM macro everywhere rm is called (either we use, or don't)
+# - Same for RPM
+#
+# Revision 1.95  2002/04/27 15:37:25  swa
+# replacing directory in document creation process
+# no longer necessary.
+#
+# Revision 1.94  2002/04/27 08:23:29  swa
+# pdf process reviewed and cleaned up
+#
+# Revision 1.93  2002/04/27 04:55:53  morcego
+# privoxy-cl.spec now gets removed by clobber target
+#
+# Revision 1.92  2002/04/27 04:53:40  morcego
+# Adding --exclude "PACKAGERS" to every tar command that applies (not for
+#   webserver target)
+#
+# Revision 1.91  2002/04/27 04:44:51  morcego
+# GNUmakefile.in: The tarball created on redhat-dist and suse-dist now ignore
+#   the PACKAGERS file, as well privoxy-cl.spec (in case it was created)
+# GNUmakefile.in: New targets -> conectiva-spec, conectiva-dist and
+#   conectiva-upload
+# genclspec.sh  : New file to generate, from privoxy-rh.spec, a specfile
+#   for Conectiva Linux
+#
+# Revision 1.90  2002/04/26 17:46:53  swa
+# be consistent
+#
+# Revision 1.89  2002/04/26 17:20:54  swa
+# just produce single html files to proces them later with Destiller or somesuch. looks prettier.
+#
+# Revision 1.88  2002/04/25 19:13:57  morcego
+# Removed RPM release number declaration on configure.in
+# Changed makefile to use given value for RPM_PACKAGEV when on uploading
+# targets (will produce an error, explaining who to do it, if no value
+# if provided).
+#
+# Revision 1.87  2002/04/23 14:10:59  swa
+# now create pdf documents
+#
+# Revision 1.86  2002/04/15 04:30:27  hal9
+# Missed two -pi.bak's on perl/cygwin problem.
+#
+# Revision 1.85  2002/04/14 01:05:34  hal9
+# Revert dok-webserver change for SF logo.
+#
+# Revision 1.84  2002/04/13 22:43:25  hal9
+# -Fix dok-webserver for SF logo (more perl).
+# -Change all perl -pi to perl -pi.bak for Cygwin problem.
+#
+# Revision 1.83  2002/04/12 09:39:25  oes
+# Excluding yet more files from tarball; making dist warning yet more scary
+#
+# Revision 1.82  2002/04/11 21:07:11  oes
+# Excluding more files from tarball build
+#
+# Revision 1.81  2002/04/11 14:40:27  oes
+# Fixed typo -- Thanks, Moritz!
+#
+# Revision 1.80  2002/04/11 12:50:00  oes
+# Fixed tarball-dist target
+#
+# Revision 1.79  2002/04/11 06:49:28  oes
+# webserver target: silenced timestamp warnings resulting from uploading westwards, made permissions fixing independant of screwed local dir permissions, suppress (false alarm) make error if not owner of feedback log
+#
+# Revision 1.78  2002/04/09 13:37:11  sarantis
+# fix tar options typo
+#
+# Revision 1.77  2002/04/09 13:28:53  swa
+# build suse and gen-dist with html docs
+#
+# Revision 1.76  2002/04/08 22:43:41  oes
+# Fix: Include dotfiles in fixing webserver permissions
+#
+# Revision 1.75  2002/04/08 22:14:59  oes
+# Silencing tar warnings in the web* targets
+#
+# Revision 1.74  2002/04/08 15:22:44  hal9
+# This has finishing touches for dok building. Should be ready to go.
+# -The main doc build is now 'make dok', should work on Redhat too.
+# -Removed man page from main doc build. It is built separately due to
+#  perl scripts that most aren't likely to have.
+#
+# Revision 1.73  2002/04/08 14:03:24  oes
+# oes for al: Fix install target
+#
+# Revision 1.72  2002/04/08 13:42:11  oes
+# Added safety check to *-dist targets; fixed permissions for feedback logfile
+#
+# Revision 1.71  2002/04/07 20:32:03  hal9
+# -Add meta data kludge for make dok-webserver via $(PERL).
+# -Add subdirs for 'make dok-release'.
+#
+# Revision 1.70  2002/04/07 08:59:40  swa
+# generated files. do NOT edit.
+# fixed directory bug in makefile.
+#
+# Revision 1.69  2002/04/07 08:10:47  swa
+# create some of the webserver docs
+# automatically (in particular if
+# those docs recycle other documentation
+# fragments). Now committed webserver's
+# index file.
+#
+# Revision 1.68  2002/04/07 07:58:11  swa
+# create some of the webserver docs
+# automatically (in particular if
+# those docs recycle other documentation
+# fragments)
+#
+# Revision 1.67  2002/04/07 05:31:42  hal9
+# Add 'dok-release' target:
+# -Set doc entities to VERSION and CODE_STATUS during make.
+# -Set doc conditional content flags (stable vs non-stable).
+# A separate target for the time being but needs to be incorporated into
+# dok build at some point.
+# -Filter out a spurious ^G from new man page > html converion in man2html.
+#
+# Revision 1.66  2002/04/06 20:28:21  jongfoster
+# Prettifying groff2html.
+# Using GNU Make's conditional makefile feature rather than shell "if"s.
+# (The shell "if"s were hiding errors)
+# "perl" -> "$(PERL)"
+# Spaces->tabs in a couple of places.
+#
+# Revision 1.65  2002/04/06 05:16:39  hal9
+# -Add 'authors' and 'man' targets for AUTHORS and man-page (WIP).
+# -Both of these will soon be generated files.
+#
+# Revision 1.64  2002/04/04 22:14:51  oes
+# No longer rely on find honoring -iname
+#
+# Revision 1.63  2002/04/04 21:06:22  swa
+# cosmetics.
+#
+# Revision 1.62  2002/04/04 20:49:50  swa
+# attempt to consolidate the
+# different dokbook versions.
+#
+# Revision 1.61  2002/04/04 19:18:21  swa
+# readme was leftover directory. use w3m instead
+# of lynx to be consistent among developers. use
+# consistent target naming.
+#
+# Revision 1.60  2002/04/04 12:25:41  oes
+# Tidy webserver upload w/o *~ files, CVS dirs and logfiles and with proper dir and file permissions
+#
+# Revision 1.59  2002/04/04 08:32:45  swa
+# wrong name for tarball-dist target. further fixed content of tarball dist
+#
+# Revision 1.58  2002/04/04 06:32:58  hal9
+# New dok targets for make readme.
+#
+# Revision 1.57  2002/04/04 00:36:36  gliptak
+# always use pcre for matching
+#
+# Revision 1.56  2002/04/03 22:28:03  gliptak
+# Removed references to gnu_regex
+#
+# Revision 1.55  2002/04/03 19:54:29  swa
+# freebsd tested to work. attempt to move tarball dist target forward
+#
+# Revision 1.54  2002/04/03 14:54:07  oes
+# Standard clean and clobber semantics II
+#
+# Revision 1.53  2002/04/03 14:19:16  oes
+# Standard clean and clobber semantics
+#
+# Revision 1.52  2002/04/03 02:56:18  hal9
+# Revert previous FAQ numbering kludge.
+#
+# Revision 1.51  2002/04/02 13:03:56  oes
+# Added fix for webserver permissions
+#
+# Revision 1.50  2002/04/02 03:46:24  hal9
+# Rewrite ldpOK.dsl so that sections are NOT numbered on FAQ, in an effort
+# to make the Table of Contents not so 'busy' looking. SuSE needs testing :)
+#
+# Revision 1.49  2002/03/30 22:20:12  swa
+# cd didn't work. neither did find.
+#
+# Revision 1.48  2002/03/30 19:04:06  swa
+# people release differently. no good.
+# I want to make parts of the docs only.
+#
+# Revision 1.47  2002/03/30 09:05:21  swa
+# better packaging. better rpm building.
+# tar failed on sun (no exclude there).
+#
+# Revision 1.46  2002/03/29 20:09:01  swa
+# al's patch
+#
+# Revision 1.45  2002/03/29 19:45:45  swa
+# for lazy swa
+#
+# Revision 1.44  2002/03/29 17:42:44  gliptak
+# Correcting for Solaris tar limitations
+#
+# Revision 1.43  2002/03/29 07:40:03  swa
+# fixed make webserver. doh
+#
+# Revision 1.42  2002/03/29 06:59:04  swa
+# other users could not modify files on webserver
+#
+# Revision 1.41  2002/03/28 20:43:00  swa
+# set make correctly
+#
+# Revision 1.40  2002/03/28 04:22:44  hal9
+# More on man2html stuff.
+#
+# Revision 1.39  2002/03/28 01:04:14  hal9
+# More man2html stuff for docs.
+#
+# Revision 1.38  2002/03/27 16:02:30  swa
+# have a generic target
+#
+# Revision 1.37  2002/03/27 15:30:26  swa
+# have a consistent appearance
+#
+# Revision 1.36  2002/03/27 14:58:08  swa
+# can be used by mutilple targets
+#
+# Revision 1.35  2002/03/27 14:53:19  swa
+# added solaris-dist
+#
+# Revision 1.34  2002/03/27 10:30:11  swa
+# we want a html man file on the webserver
+#
+# Revision 1.33  2002/03/27 03:05:35  hal9
+# Added man2html target for docs (redhat-dok only for now)
+#
+# Revision 1.32  2002/03/26 22:29:54  swa
+# we have a new homepage!
+#
+# Revision 1.31  2002/03/26 14:00:18  swa
+# fixed make tarball, tarball-dist, tarball-clean
+#
+# Revision 1.30  2002/03/25 12:52:25  swa
+# new targets
+#
+# Revision 1.29  2002/03/24 17:03:55  jongfoster
+# Name change
+#
+# Revision 1.28  2002/03/24 16:19:48  swa
+# configure needs to be generated.
+#
+# Revision 1.27  2002/03/24 16:13:57  swa
+# generated files are a nono in cvs
+#
+# Revision 1.26  2002/03/24 15:36:02  swa
+# did not build.
+#
+# Revision 1.25  2002/03/24 14:31:08  swa
+# remove more crappy files. set RPM
+# release version correctly.
+#
+# Revision 1.24  2002/03/24 14:19:55  swa
+# set rpm package release in configure.in. nowhere else.
+#
+# Revision 1.23  2002/03/24 13:06:49  swa
+# suse-clean now runs fine
+#
+# Revision 1.22  2002/03/24 12:56:21  swa
+# name change related issues.
+#
+# Revision 1.21  2002/03/24 12:43:57  swa
+# name change
+#
+# Revision 1.20  2002/03/24 11:39:17  jongfoster
+# Renaming config files
+#
+# Revision 1.19  2002/03/22 20:53:03  morcego
+# - Ongoing process to change name to JunkbusterNG
+# - configure/configure.in: no change needed
+# - GNUmakefile.in:
+#         - TAR_ARCH = /tmp/JunkbusterNG-$(RPM_VERSION).tar.gz
+#         - PROGRAM    = jbng
+#         - rh-spec now references as junkbusterng-rh.spec
+#         - redhat-upload: references changed to junkbusterng-* (package names)
+#         - tarball-dist: references changed to JunkbusterNG-distribution-*
+#         - tarball-src: now JunkbusterNG-*
+#         - install: initscript now junkbusterng.init and junkbusterng (when
+#                    installed)
+# - junkbuster-rh.spec: renamed to junkbusterng-rh.spec
+# - junkbusterng.spec:
+#         - References to the expression ijb where changed where possible
+#         - New package name: junkbusterng (all in lower case, acording to
+#           the LSB recomendation)
+#         - Version changed to: 2.9.13
+#         - Release: 1
+#         - Added: junkbuster to obsoletes and conflicts (Not sure this is
+#           right. If it obsoletes, why conflict ? Have to check it later)
+#         - Summary changed: Stefan, please check and aprove it
+#         - Changes description to use the new name
+#         - Sed string was NOT changed. Have to wait to the manpage to
+#           change first
+#         - Keeping the user junkbuster for now. It will require some aditional
+#           changes on the script (scheduled for the next specfile release)
+#         - Added post entry to move the old logfile to the new log directory
+#         - Removing "chkconfig --add" entry (not good to have it automaticaly
+#           added to the startup list).
+#         - Added preun section to stop the service with the old name, as well
+#           as remove it from the startup list
+#         - Removed the chkconfig --del entry from the conditional block on
+#           the preun scriptlet (now handled on the %files section)
+# - junkbuster.init: renamed to junkbusterng.init
+# - junkbusterng.init:
+#         - Changed JB_BIN to jbng
+#         - Created JB_OBIN with the old value of JB_BIN (junkbuster), to
+#           be used where necessary (config dir)
+#
+# Aditional notes:
+# - The config directory is /etc/junkbuster yet. Have to change it on the
+# specfile, after it is changes on the code
+# - The only files that got renamed on the cvs tree were the rh specfile and
+# the init file. Some file references got changes on the makefile and on the
+# rh-spec (as listed above)
+#
+# Revision 1.18  2002/03/21 23:00:00  swa
+# want to autogenerate stuff.
+#
+# Revision 1.17  2002/03/19 19:30:04  morcego
+# - Fixing stylesheet checking on configure. If it is found, no further checks
+#   should be done
+#
+# - configure will now check for db2html or docbook2html (should work now
+#   on SuSe without the docbktls package)
+#
+# Revision 1.16  2002/03/14 22:32:32  hal9
+# Bumped the RPM version.
+#
+# Revision 1.15  2002/03/08 20:00:28  swa
+# some leftovers.
+#
+# Revision 1.14  2002/03/07 18:25:56  swa
+# synced redhat and suse build process
+#
+# Revision 1.13  2002/03/07 17:17:56  oes
+# (Hopefully) fixed for older make versions
+#
+# Revision 1.12  2002/03/07 15:28:27  swa
+# more informative
+#
+# Revision 1.11  2002/03/06 14:33:18  sarantis
+# Use proper temp file, not "abc".
+#
+# Revision 1.10  2002/03/06 14:19:35  sarantis
+# Cleanup PID_FILE_PATH from redhat-dist target
+#
+# Revision 1.9  2002/03/05 17:31:11  morcego
+# Search for docbook.dsl. Should solve portability problems for SuSe.
+#
+# Revision 1.8  2002/03/05 14:07:42  morcego
+# configure now detects rpm topdir, and change GNUmakefile acordingly
+#    (based on sugestion by Sarantis Paskalis)
+#
+# Revision 1.7  2002/03/05 13:43:28  morcego
+# Checking for text browser, so redhat-dok can work.
+#
+# Revision 1.6  2002/03/05 13:10:51  morcego
+# Changes to implement redhat-dok (Hal Burgiss)
+# Changes to make it work on other distros and out-of-the-shelf configurations
+#
+# Revision 1.5  2002/02/27 15:30:39  hal9
+# Reset $(RPM_PACKAGEV) to 1 (was 2)
+#
+# Revision 1.4  2002/01/17 21:44:04  jongfoster
+# Adding urlmatch.[ch]
+#
+# Revision 1.3  2002/01/04 15:26:08  oes
+# Added tarball-src target
+#
+# Revision 1.2  2001/12/30 14:07:31  steudten
+# - Add signal handling (unix)
+# - Add SIGHUP handler (unix)
+# - Add creation of pidfile (unix)
+# - Add action 'top' in rc file (RH)
+# - Add entry 'SIGNALS' to manpage
+# - Add exit message to logfile (unix)
+#
+# Revision 1.1  2001/12/01 11:22:57  jongfoster
+# Renaming Makefile.in to GNUmakefile.in so that non-GNU versions of
+# make break in a more obvious way.
+# Adding .PHONY section.
+#
+# Revision 1.40  2001/12/01 00:24:11  jongfoster
+# Renaming various config files
+# Fixing CR->CRLF under Win32 (I hope)
+#
+# Revision 1.39  2001/11/06 12:07:30  steudten
+# Add --clean for building rpm in target redhat-dist.
+#
+# Revision 1.38  2001/11/05 21:35:23  steudten
+# Complete rewrite for the 'redhat-dist' target.
+# Checks for writeable RPM build directories for calling user.
+# So you must not be root, just set the modes to 1777 to
+# build a RH package.
+# Fix the upload-target to be arch independant.
+# Add target for 'solaris-dist' - coming soon.
+#
+# Revision 1.37  2001/11/01 00:52:04  hal9
+# Redhat-upload stuff per Stefan.
+#
+# Revision 1.36  2001/10/31 19:26:13  swa
+# automate process of uploading new releases
+# to sf.
+#
+# Revision 1.35  2001/10/15 22:14:59  joergs
+# Removed -O2 and -Wall from AmigaOS-only CFLAGS since they are now in
+#  the general CFLAGS already.
+#
+# Revision 1.34  2001/10/15 18:28:06  steudten
+# remove config.cache for target clobber.
+# Cleanup make dist for RH and S.u.S.E.
+#
+# Revision 1.33  2001/10/10 12:43:33  oes
+# Added ugly hack to make install target work at least for some setups.
+#
+# Revision 1.32  2001/10/09 22:38:19  jongfoster
+# Correcting actionsfile filename for Win32 INI build
+#
+# Revision 1.31  2001/09/23 10:13:48  swa
+# upload process established. run make webserver and
+# the documentation is moved to the webserver. documents
+# are now linked correctly.
+#
+# Revision 1.30  2001/09/19 17:55:49  oes
+# Fixed CFLAGS
+#
+# Revision 1.29  2001/09/16 17:34:27  jongfoster
+# Removing showargs.[ch], adding cgi(simple|edit).[ch]
+# Replacing $(OBJEXT) with o - this seems to be a common source
+# of build problems.
+#
+# Revision 1.28  2001/09/13 15:19:08  swa
+# we want text files as well.
+#
+# Revision 1.27  2001/09/13 13:11:37  steudten
+#
+# Replace DEBUG_CFLAGS with OTHER_CFLAGS
+#
+# Revision 1.26  2001/09/12 23:44:54  david__schmidt
+# Mac OSX (Darwin) support added.
+#
+# Revision 1.25  2001/09/12 22:55:45  joergs
+# AmigaOS support added.
+#
+# Revision 1.24  2001/09/12 17:28:59  david__schmidt
+#
+# OS/2 port: update autoconf'd support for the platform.
+#
+# Revision 1.23  2001/09/12 16:28:42  swa
+# added "make dok" section to generate html pages from
+# the sgml source documents. note that the we do not want
+# generated stuff in cvs.
+#
+# Revision 1.22  2001/09/10 16:31:23  swa
+# buildroot definition in the specfile fucks up the build
+# process under suse. hence I moved it to the "rpm -ta"
+# command
+#
+# Revision 1.21  2001/09/10 11:12:49  oes
+# Turning on -Wall
+#
+# Revision 1.20  2001/08/02 22:04:29  jongfoster
+# Removing some remaining references to obsolete w32rulesdlg.[ch]
+#
+# Revision 1.19  2001/07/30 22:14:03  jongfoster
+# Removing obsolete w32rulesdlg.c and w32rulesdlg.h
+#
+# Revision 1.18  2001/07/29 17:09:17  jongfoster
+# Major changes to build system in order to fix these bugs:
+# - pthreads under Linux was broken - changed -lpthread to -pthread
+# - Compiling in MinGW32 mode under CygWin now correctly detects
+#   which shared libraries are available
+# - Solaris support (?) (Not tested under Solaris yet)
+#
+# Revision 1.17  2001/07/28 16:44:54  oes
+# Fixed sed LF->CRLF conversion and removed deprecated files
+#
+# Revision 1.16  2001/07/15 19:45:33  jongfoster
+# Added support for linking with POSIX threads library
+#
+# Revision 1.15  2001/07/13 13:48:07  oes
+#  - Moved STATIC #define for pcre to (ac)config.h
+#  - Made -Ipcre depandant on static pcre compilation to
+#    avoid version conflicts
+#  - Included compilation and depandancies for new deanimate.c
+#  - Made changes to the pcre/pcreposix/pcrs build process
+#    as required by the new library autodetection in
+#    configure.in
+#
+# Revision 1.14  2001/07/01 16:27:44  oes
+# Fixed misplaced dependancy
+#
+# Revision 1.13  2001/06/29 13:18:36  oes
+# - added depandancy of filters.o on cgi.h
+#
+# Revision 1.12  2001/06/12 17:15:56  swa
+# fixes, because a clean build on rh6.1 was impossible.
+# GZIP confuses make, %configure confuses rpm, etc.
+#
+# Revision 1.11  2001/06/11 11:26:35  sarantis
+# RPM version should be the same as ijbswa version.  The rpm release is
+# specified in the specfile.
+#
+# Revision 1.10  2001/06/07 17:27:45  swa
+# added suse build section
+#
+# Revision 1.9  2001/06/04 18:31:58  swa
+# files are now prefixed with either `confdir' or `logdir'.
+# `make redhat-dist' replaces both entries confdir and logdir
+# with redhat values
+#
+# Revision 1.8  2001/06/04 10:44:57  swa
+# `make redhatr-dist' now works. Except for the paths
+# in the config file.
+#
+# Revision 1.7  2001/06/03 17:09:09  swa
+# swa for oes: reversed my earlier change
+#
+# Revision 1.6  2001/06/03 17:07:27  swa
+# swa for oes
+#
+# Revision 1.5  2001/06/03 13:57:26  swa
+# compile cgi.c (for andreas' GUI)
+#
+# Revision 1.4  2001/05/31 21:18:45  jongfoster
+# Added files actions.[ch], actionlist.h, list.[ch] to Makefile
+#
+# Revision 1.3  2001/05/29 20:02:48  joergs
+# Changes for AmigaOS added.
+#
+# Revision 1.2  2001/05/17 22:23:23  oes
+#  - Added auto-generation of CRLFs for Win32 config files
+#  - Added comment-prefix to all Win32-only options in the config file
+#    and provided auto stripping of this prefix for the Win32 platform by make
+#
+# Revision 1.1.1.1  2001/05/15 13:59:00  oes
+# Initial import of version 2.9.3 source tree
+#
+#
diff --git a/external/privoxy/GNUmakefile.in b/external/privoxy/GNUmakefile.in
new file mode 100644
index 0000000..481633c
--- /dev/null
+++ b/external/privoxy/GNUmakefile.in
@@ -0,0 +1,2156 @@
+# Note:  Makefile is built automatically from Makefile.in
+#
+# $Id: GNUmakefile.in,v 1.180 2009/02/28 08:28:14 fabiankeil Exp $
+#
+# Written by and Copyright (C) 2001 - 2008 the SourceForge
+# Privoxy team. http://www.privoxy.org/
+#
+# Based on the Internet Junkbuster originally written
+# by and Copyright (C) 1997 Anonymous Coders and 
+# Junkbusters Corporation.  http://www.junkbusters.com
+#
+# This program is free software; you can redistribute it 
+# and/or modify it under the terms of the GNU General
+# Public License as published by the Free Software
+# Foundation; either version 2 of the License, or (at
+# your option) any later version.
+#
+# This program is distributed in the hope that it will
+# be useful, but WITHOUT ANY WARRANTY; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.  See the GNU General Public
+# License for more details.
+#
+# The GNU General Public License should be included with
+# this file.  If not, you can view it at
+# http://www.gnu.org/copyleft/gpl.html
+# or write to the Free Software Foundation, Inc., 59
+# Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
+
+#############################################################################
+# Set make command correctly
+#############################################################################
+ at SET_MAKE@
+
+#############################################################################
+# Version number (for RPM)
+#############################################################################
+
+VERSION_MAJOR = @VERSION_MAJOR@
+VERSION_MINOR = @VERSION_MINOR@
+VERSION_POINT = @VERSION_POINT@
+CODE_STATUS   = @CODE_STATUS@
+VERSION       = $(VERSION_MAJOR).$(VERSION_MINOR).$(VERSION_POINT)
+RPM_VERSION   = $(VERSION)
+RPM_PACKAGEV  = ""
+SNAPVERSION   = $(RPM_VERSION)-$(shell date "+%Y%m%d")
+
+
+#############################################################################
+# "make install" directories and variables
+#############################################################################
+
+#User Group paras
+USER         = @USER@
+GROUP	   = @GROUP@
+
+datarootdir  = @datarootdir@
+prefix       = @prefix@
+exec_prefix  = @exec_prefix@
+CONF_BASE    = @sysconfdir@
+SBIN_DEST    = @sbindir@
+MAN_DIR      = @mandir@
+MAN_DEST     = $(MAN_DIR)/man1
+SHARE_DEST   = @datadir@
+DOC_DEST     = $(SHARE_DEST)/doc/privoxy
+VAR_DEST     = @localstatedir@
+LOGS_DEST    = $(VAR_DEST)/log/privoxy
+PIDS_DEST    = $(VAR_DEST)/run
+
+# if $prefix = /usr/local then the default CONFDEST change from 
+# CONF_DEST = $(CONF_BASE) to CONF_DEST = $(CONF_BASE)/privoxy  
+# by the target rule CONF_DEST
+#
+# also if the $prefix is /usr/local and there is no
+# $(SHARE_DEST)/doc, it checks for $prefix/doc and installs there
+# instead in this situation
+#
+# finally if $prefix=/usr/local and VAR_DEST=$prefix/var it 
+# changes this to /var for storing the logs and pidfile
+
+# used in source dir only, the install goes to $share_dest/doc/privoxy
+DOK_WEB = doc/webserver/
+
+# Install usage should be compatible with install-sh.
+INSTALL    = @INSTALL@
+# Binaries
+BIN_MODE	 = 0755
+# Support files, docs, etc.
+RA_MODE   = 0664
+# Directory
+DIR_MODE   = 0755
+# Files daemon writes to.
+RWD_MODE   = 0660
+INSTALL_P  = -m $(BIN_MODE)  
+INSTALL_T  = -m $(RA_MODE)
+INSTALL_D  = -m $(DIR_MODE) -d
+INSTALL_R  = -m $(RWD_MODE)
+
+# install options for superuser install
+#INSTALL_S  = -g @GROUP@ -o @USER@ 
+
+#############################################################################
+# Build tools
+#############################################################################
+
+PROGRAM    = privoxy at EXEEXT@
+CC         = @CC@
+ECHO       = echo
+GZIP_PROG  = gzip
+
+# id -u is not universal. FIXME: need to set from configure. Breaks on
+# Solaris.
+#ID         = id -u
+ID         = id
+LD         = @CC@
+RM         = rm -f
+CP         = cp -f
+RMDIR      = rmdir
+MKDIR      = ./mkinstalldirs
+STRIP_PROG = strip
+SED        = sed
+GREP       = grep
+CAT        = cat
+RPM        = rpm
+RPMBUILD   = rpmbuild
+MV         = mv
+TAR        = tar
+LN         = ln
+TOUCH      = touch
+KILL       = kill
+CHMOD      = chmod
+CHOWN      = chown
+CHGRP      = chgrp
+GROUPS     = groups
+WDUMP      = @WDUMP@ -dump
+JADECAT    = @JADECAT@
+JADEBIN    = @JADEBIN@
+DB         = $(JADEBIN) $(JADECAT) -ihtml -t sgml  -D.. -d ldp.dsl\#html
+DB2HTML    = @DB2HTML@
+MAN2HTML   = @MAN2HTML@
+G2H_CMD    = groff -mandoc -Thtml
+TARGET_OS  = @host@
+PERL       = perl
+DOC_DIR    = doc/source
+DOC_TMP    = $(DOC_DIR)/tmp
+DOC_STATUS = @DOC_STATUS@
+
+# Program to do LF->CRLF
+#
+# The sed version should be the most portable, but it doesn't for for me,
+# the other two do.  FIXME.
+#   - Jon
+#DOSFILTER  = $(SED) -e $$'s,$$,\r,'
+#DOSFILTER  = gawk -v ORS='\r\n' '{print $0;}'
+DOSFILTER  = $(PERL) -p -e 's/\n/\r\n/'
+CVSROOT    = :pserver:anonymous at ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa
+#TMPDIR     := $(shell mktemp -d /tmp/$(PROGRAM).XXXXXX)
+
+#############################################################################
+# Setup for make distribution rh and suse for now 
+#############################################################################
+
+TAR_ARCH = /tmp/privoxy-$(RPM_VERSION).tar.gz
+RPM_BASE = @RPM_BASE@
+
+#############################################################################
+# We include these files in our distributions
+#############################################################################
+CONFIGS = config trust default.action match-all.action user.action default.filter user.filter
+# take care that no CVS .cvsignore or other crappy files
+# are included here
+# and escape every '#' in the find. doh.
+CONFIG_FILES = $(CONFIGS) \
+		`find templates/ -type f | grep -v "CVS" | grep -v "\.\#" | grep -v ".*~" | grep -v ".cvsignore" | grep -v "TAGS"`
+
+DOC_FILES = AUTHORS LICENSE README ChangeLog INSTALL \
+		`find doc/webserver/ -name "*.html" | grep -v "\(webserver\|team\)\/index\.html"` \
+		`find doc/webserver/ -name "*.css"` \
+                privoxy.1
+
+#############################################################################
+# Filenames and libraries
+#############################################################################
+
+C_SRC  = actions.c cgi.c cgiedit.c cgisimple.c deanimate.c encode.c \
+         errlog.c filters.c gateway.c jbsockets.c jcc.c \
+         list.c loadcfg.c loaders.c miscutil.c parsers.c ssplit.c \
+         urlmatch.c
+
+C_OBJS = $(C_SRC:.c=. at OBJEXT@)
+C_HDRS = $(C_SRC:.c=.h) project.h actionlist.h
+
+W32_SRC   = @WIN_ONLY at w32log.c w32taskbar.c win32.c w32svrapi.c
+W32_FILES = @WIN_ONLY at w32.res
+W32_OBJS  = @WIN_ONLY@$(W32_SRC:.c=. at OBJEXT@) $(W32_FILES)
+W32_HDRS  = @WIN_ONLY at w32log.h w32taskbar.h win32.h w32res.h w32svrapi.h
+W32_LIB   = @WIN_ONLY at -lwsock32 -lcomctl32
+W32_INIS  = @WIN_ONLY at config.txt trust.txt
+
+PCRS_SRC     = @STATIC_PCRS_ONLY at pcrs.c
+PCRS_OBJS    = @STATIC_PCRS_ONLY@$(PCRS_SRC:.c=. at OBJEXT@)
+PCRS_HDRS    = @STATIC_PCRS_ONLY@$(PCRS_SRC:.c=.h)
+
+PCRE_SRC     = @STATIC_PCRE_ONLY at pcre/get.c pcre/maketables.c pcre/study.c pcre/pcre.c
+PCRE_OBJS    = @STATIC_PCRE_ONLY@$(PCRE_SRC:.c=. at OBJEXT@)
+PCRE_HDRS    = @STATIC_PCRE_ONLY at pcre/config.h pcre/chartables.c pcre/internal.h pcre/pcre.h
+
+# No REGEX (maybe because dynamically linked pcreposix):
+REGEX_SRC    =
+ at STATIC_PCRE_ONLY@REGEX_SRC = pcre/pcreposix.c
+
+REGEX_OBJS   = $(REGEX_SRC:.c=. at OBJEXT@)
+REGEX_HDRS   = $(REGEX_SRC:.c=.h)
+
+# Dependencies introduced by #include "project.h".
+PROJECT_H_DEPS = project.h $(REGEX_HDRS) $(PCRS_HDRS) @STATIC_PCRE_ONLY at pcre/pcre.h
+
+# Socket libraries for platforms that need them explicitly defined
+SOCKET_LIB   = @SOCKET_LIB@
+
+# PThreads library, if needed.
+PTHREAD_LIB  = @PTHREAD_ONLY@@PTHREAD_LIB@
+
+SRCS         = $(C_SRC)  $(W32_SRC)  $(PCRS_SRC)  $(PCRE_SRC)  $(REGEX_SRC)
+OBJS         = $(C_OBJS) $(W32_OBJS) $(PCRS_OBJS) $(PCRE_OBJS) $(REGEX_OBJS)
+HDRS         = $(C_HDRS) $(W32_HDRS) $(PCRS_HDRS) $(PCRE_OBJS) $(REGEX_HDRS)
+LIBS         = @LIBS@ $(W32_LIB) $(SOCKET_LIB) $(PTHREAD_LIB)
+
+
+#############################################################################
+# Compiler switches
+#############################################################################
+
+# The flag "-mno-win32" can be used by Cygwin to emulate a un?x type build.
+# The flag "-mwindows -mno-cygwin" will cause Cygwin to use MingW32 for a
+# Win32 GUI build.
+# The flag "-pthread" is required if using Pthreads under Linux (and
+# possibly other OSs).
+SPECIAL_CFLAGS = @SPECIAL_CFLAGS@
+
+# Add your flags here 
+OTHER_CFLAGS =   
+
+CFLAGS = @CFLAGS@ @CPPFLAGS@ $(OTHER_CFLAGS) $(SPECIAL_CFLAGS) -Wall \
+         @STATIC_PCRE_ONLY@ -Ipcre 
+
+LDFLAGS = @LDFLAGS@ $(DEBUG_CFLAGS) $(SPECIAL_CFLAGS)
+
+
+#############################################################################
+# Build section.
+#
+# There should NOT be any targets above this line.
+#############################################################################
+all: $(PROGRAM) default.action
+
+
+#############################################################################
+# Phony targets
+#############################################################################
+.PHONY: all inifiles redhat-dist redhat-upload solaris-dist suse-dist \
+suse-upload win-dist tarball-dist dok redhat-dok webserver clean clobber tags \
+install conectiva-spec conectiva-dist conectiva-upload CONF_DEST LOG_DEST \
+PID_DEST check_doc install-strip uninstall GROUP_T
+
+#############################################################################
+# Define this explicitly because Solaris is broken!
+#############################################################################
+%.o: %.c
+	$(CC) -c $(CFLAGS) $(CPPFLAGS) $< -o $@
+
+
+#############################################################################
+# Strip master copy comments from default.action:
+#############################################################################
+default.action: default.action.master
+	$(GREP) -v '^#MASTER#' $< > $@
+
+#############################################################################
+# Win32 config files
+#############################################################################
+
+inifiles: $(W32_INIS)
+
+config.txt: config
+	$(SED) -e 's!\trustfile trust!trustfile trust.txt!' \
+	       -e 's!\logfile logfile!logfile privoxy.log!' \
+	       -e 's!#Win32-only: !!' \
+	       < $< | \
+	       $(DOSFILTER) > $@
+	# LF to CRLF in default.action
+	$(DOSFILTER) <default.action >default.action.txt && mv default.action.txt default.action
+	# LF to CRLF in default.filter
+	$(DOSFILTER) <default.filter >default.filter.txt && mv default.filter.txt default.filter
+
+trust.txt: trust
+	$(DOSFILTER) < $< > $@ 
+
+#############################################################################
+# Pre-dist check:
+#############################################################################
+dist-check:
+	@if [ -d CVS ]; then \
+           $(ECHO) "***************************************************"; \
+           $(ECHO) "***                                             ***"; \
+           $(ECHO) "***                  WARNING                    ***"; \
+           $(ECHO) "***                                             ***"; \
+           $(ECHO) "*** The presence of a CVS subdirectory suggests ***"; \
+           $(ECHO) "*** that you are trying to build a distribution ***"; \
+           $(ECHO) "*** package based on a checked out, not an      ***"; \
+           $(ECHO) "*** exported copy of the source tree. Please    ***"; \
+           $(ECHO) "*** see \"Releasing a new version\" in the        ***"; \
+           $(ECHO) "*** developer manual.                           ***"; \
+           $(ECHO) "***                                             ***"; \
+           $(ECHO) "***************************************************"; \
+           $(ECHO) "Type \"yes i am sure\" if you are sure that you"; \
+           $(ECHO) -n "really want to proceed: "; \
+           read answer; \
+           if [ "$$answer" != "yes i am sure" ]; then exit 1; fi \
+         fi;
+
+
+#############################################################################
+# create tar.gz from CVS:
+# This make-target is usually called through 'create-archive'. If you 
+# run 'make create-snapshot' without setting SNAPVERSION, you'll get a
+# tar.gz with the current date in the name and as a releasenumber in the 
+# spec-file. But the main usage is to run it as follows (Red Hat example):
+# make SNAPVERSION=1.6x create-snapshot
+# This creates a tar.gz and spec-file for a Red Hat 6.x version.
+#############################################################################
+create-snapshot:
+	@tag=`cvs -d $(CVSROOT) status Makefile | awk ' /Sticky Tag/ { print $$3 } '` 2> /dev/null; \
+	[ x"$$tag" = x"(none)" ] && tag=HEAD; \
+	echo "*** Creating package from $$tag!"; \
+	TMPDIR=$(shell mktemp -d /tmp/$(PROGRAM).XXXXXX); \
+	cd $$TMPDIR ; cvs -Q -d $(CVSROOT) export -r $$tag current || echo "Um... export aborted."; \
+	cd $$TMPDIR/current; \
+	TMPFILE=$$(mktemp -q /tmp/$(PROGRAM).XXXXXX); \
+	if $(SED) -e 's/^\(Version:\).*/\1 $(RPM_VERSION)/g' \
+		-e 's/^\(Release:\).*/\1 $(SNAPVERSION)/g' \
+		privoxy-rh.spec > $$TMPFILE ; then \
+			$(MV) -f $$TMPFILE privoxy-rh.spec; \
+	else \
+		$(ECHO) "Could not set version info in specfile."; \
+		exit 1;\
+	fi;\
+	if $(SED) -e 's/^\(Version:\).*/\1 $(RPM_VERSION)/g' \
+             -e 's/^\(Release:\).*/\1 $(SNAPVERSION)/g' \
+              privoxy-suse.spec > $$TMPFILE ; then \
+			$(MV) -f $$TMPFILE privoxy-suse.spec; \
+	else \
+		$(ECHO) "Could not set version info in specfile."; \
+		exit 1;\
+	fi; \
+	$(RM) $$TMPFILE; \
+	cd $$TMPDIR/current; \
+	$(TAR) --exclude ".cvsignore" --exclude "CVS" \
+		-czf /tmp/$(PROGRAM)-$(VERSION).tar.gz .; \
+	$(RM) -rf $$TMPDIR
+	@echo "Resulting file is /tmp/$(PROGRAM)-$(VERSION).tar.gz"
+
+
+#############################################################################
+# looks at the version of Makefile and exports a corresponding source-tree
+# example: if the Makefile has the sticky tag v_2_9_13, you'll get 
+# privoxy-*-2.4.13.tar.gz. Two different tar files will be written, one for
+# Red Hat and one for SuSe (different spec-files)
+#############################################################################
+create-archive:
+	make SNAPVERSION=$(SNAPVERSION) create-snapshot
+
+#############################################################################
+# RPM specifice stuff (SuSE or Redhat, ..)
+#############################################################################
+rpm-stuff: dist-check clean clobber 
+	for dir in RPMS SRPMS BUILD SOURCES SPECS; do \
+		if [ ! -w $(RPM_BASE)/$$dir ]; then \
+			$(ECHO) "$(RPM_BASE)/$$dir is not writable for you. Maybe try as root."; \
+			$(ECHO) "Or add a suitable path to .rpmmacros like."; \
+			$(ECHO) "%_topdir /home/foo/rpm-build"; \
+			exit 1; \
+		fi; \
+	done; \
+
+check-release:
+	@if [ "$(RPM_PACKAGEV)" = "" ]; then \
+		echo ; \
+		echo "	ERROR: NO RPM_PACKAGEV VALUE"; \
+		echo "	No value given for RPM_PACKAGEV. Please use:"; \
+		echo "	make dist-upload RPM_PACKAGEV=release"; \
+		echo "	where \"release\" is the release number you want to and"; \
+		echo "	where \"dist\" is the name of the distro (redhat or suse)"; \
+		echo ; \
+		echo "	Ex: make redhat-upload RPM_PACKAGEV=1"; \
+		echo ""; \
+		echo "ATTENTION: If your distribution use a specific tag on the"; \
+		echo "           release field (like \"cl\" for Conectiva, and"; \
+		echo "           \"mdk\" for Mandrake), DO NOT put it on the value"; \
+		echo "           given to RPM_PACKAGEV. It will be added automaticaly."; \
+		echo "           Do it like you would do for a redhat package,"; \
+		echo "           (i.e. just the number)."; \
+		echo ; \
+		exit 1; \
+	fi
+
+
+#############################################################################
+# Create Conectiva specfile from RedHat specfile
+#############################################################################
+conectiva-spec:
+	$(RM) privoxy-cl.spec
+	chmod a+x genclspec.sh
+	./genclspec.sh
+
+#############################################################################
+# Conectiva distribution for x86
+#############################################################################
+conectiva-dist: rpm-stuff conectiva-spec
+
+	$(TAR) --exclude ".cvsignore" --exclude "CVS" --exclude "privoxy-suse.spec" --exclude "privoxy-rh.spec" --exclude "PACKAGERS" -czf $(TAR_ARCH) .
+	$(RPMBUILD) --clean -ta  $(TAR_ARCH)
+	if [ -f $(TAR_ARCH) ]; then  $(RM) $(TAR_ARCH); fi
+
+conectiva-upload: check-release
+	make redhat-upload RPM_PACKAGEV=$(RPM_PACKAGEV)cl
+
+#############################################################################
+# redhat distribution alpha and x86
+#############################################################################
+redhat-dist: rpm-stuff
+	echo $(CONFIG_FILES)
+	$(TAR) --exclude ".cvsignore" --exclude "CVS" --exclude "privoxy-suse.spec" --exclude "privoxy-cl.spec" --exclude "PACKAGERS" -czf $(TAR_ARCH) .
+	$(RPMBUILD) --clean -ta  $(TAR_ARCH)
+	if [ -f $(TAR_ARCH) ]; then  $(RM) $(TAR_ARCH); fi
+
+# For testing build issues only! Use redhat-dist for official releases.
+redhat-test: 
+	echo $(CONFIG_FILES)
+	$(TAR) --exclude ".cvsignore" --exclude "CVS" --exclude "privoxy-suse.spec" --exclude "privoxy-cl.spec" --exclude "PACKAGERS" -czf $(TAR_ARCH) .
+	$(RPMBUILD) --clean -tb  $(TAR_ARCH)
+	if [ -f $(TAR_ARCH) ]; then  $(RM) $(TAR_ARCH); fi
+	@echo "WARNING: This target is only for testing. Use redhat-dist for releases!!!"
+
+# anonymously ncftps the rpms to sourceforge
+redhat-upload: check-release
+	ncftpput -u anonymous -p ijbswa-developers at lists.sourceforge.net upload.sourceforge.net /incoming $(RPM_BASE)/SRPMS/privoxy-$(RPM_VERSION)-$(RPM_PACKAGEV).src.rpm
+# better should use `arch` here instead of ix86 to support other platforms too
+	ncftpput -u anonymous -p ijbswa-developers at lists.sourceforge.net upload.sourceforge.net /incoming $(RPM_BASE)/RPMS/*/privoxy-$(RPM_VERSION)-$(RPM_PACKAGEV).*.rpm
+	@$(ECHO) -------------------------------------------------------
+	@$(ECHO) Now goto
+	@$(ECHO) https://sourceforge.net/project/admin/editpackages.php?group_id=11118
+	@$(ECHO) ... and release the files.
+	@$(ECHO) -------------------------------------------------------
+     # w3m http://sourceforge.net/project/admin/editpackages.php?group_id=11118
+
+
+#############################################################################
+# Creates a Red Hat sourcepackage from CVS (not from the current sources
+# on disk)
+#############################################################################
+redhat-srpm: 
+	make create-archive
+	$(RPMBUILD) -ts --nodeps $(PROGRAM)-$(VERSION).tar.gz
+
+
+#############################################################################
+# suse distribution. works fine. no need to be root. 
+#############################################################################
+suse-dist: rpm-stuff
+# 	TMPFILE=$$(mktemp -q /tmp/$(PROGRAM).XXXXXX); \
+# 	if $(SED) -e 's/^\(Version:\).*/\1 $(RPM_VERSION)/g' \
+#              -e 's/^\(Release:\).*/\1 $(RPM_PACKAGEV)/g' \
+#               privoxy-suse.spec > $$TMPFILE ; then \
+# 	$(MV) -f $$TMPFILE privoxy-suse.spec; \
+# 	else \
+# 		$(ECHO) "Could not set version info in specfile."; \
+# 	exit 1;\
+# 	fi
+
+	$(TAR) --exclude ".cvsignore" --exclude "CVS" --exclude "privoxy-rh.spec" --exclude "privoxy-cl.spec" --exclude "PACKAGERS" -czf $(TAR_ARCH) .
+	$(RPMBUILD) --clean -ta  $(TAR_ARCH)
+	if [ -f $(TAR_ARCH) ]; then  $(RM) $(TAR_ARCH); fi
+
+# anonymously ncftps the rpms to sourceforge
+suse-upload: check-release
+	ncftpput -u anonymous -p ijbswa-developers at lists.sourceforge.net upload.sourceforge.net /incoming $(RPM_BASE)/SRPMS/privoxy-suse-$(RPM_VERSION)-$(RPM_PACKAGEV).src.rpm
+# better should use `arch` here instead of ix86 to support other platforms too
+	ncftpput -u anonymous -p ijbswa-developers at lists.sourceforge.net upload.sourceforge.net /incoming $(RPM_BASE)/RPMS/*/privoxy-suse-$(RPM_VERSION)-$(RPM_PACKAGEV).*.rpm
+	@$(ECHO) -------------------------------------------------------
+	@$(ECHO) Now goto
+	@$(ECHO) https://sourceforge.net/project/admin/editpackages.php?group_id=11118
+	@$(ECHO) ... and release the files.
+	@$(ECHO) -------------------------------------------------------
+
+# handle with care. use with root.
+suse-clean:
+	$(RPM) -e junkbuster-suse || true
+	$(RM) -r /etc/junkbuster
+	$(RM) -r /etc/rc.d/junkbuster*
+	$(RM) -r /var/run/junkbuster.pid 
+	$(RM) -r /var/log/junkbuster
+	$(RM) /etc/init.d/junkbuster
+	$(RM) /usr/sbin/junkbuster
+	$(RM) /usr/sbin/rcjunkbuster
+	$(RM) /usr/share/man/man1/junkbuster.1.gz
+	$(RPM) -e privoxy-suse || true
+	$(RM) -r /etc/privoxy
+	$(RM) -r /etc/rc.d/privoxy*
+	$(RM) -r /var/run/privoxy.pid 
+	$(RM) -r /var/log/privoxy
+	$(RM) /etc/init.d/privoxy
+	$(RM) /usr/sbin/privoxy
+	$(RM) /usr/sbin/rcprivoxy
+	$(RM) /usr/share/man/man1/privoxy.1.gz
+
+#############################################################################
+# generic distribution
+#############################################################################
+gen-dist: dist-check
+	@$(ECHO) ""
+	@$(ECHO) "You have run autoconf && autoheader && ./configure right?"
+	@$(ECHO) ""
+	$(MAKE) $(PROGRAM)
+	$(STRIP_PROG) $(PROGRAM)
+	$(LN) -s current ../privoxy-$(VERSION)-$(CODE_STATUS)
+# add program
+	(cd .. && $(TAR) -cvhf --exclude "PACKAGERS" privoxy-$(TARGET_OS)-$(VERSION)-$(CODE_STATUS)-src.tar privoxy-$(VERSION)-$(CODE_STATUS)/$(PROGRAM))
+# add config files
+	for foo in $(CONFIG_FILES); do \
+		(cd .. && $(TAR) -uvhf --exclude "PACKAGERS" privoxy-$(TARGET_OS)-$(VERSION)-$(CODE_STATUS)-src.tar privoxy-$(VERSION)-$(CODE_STATUS)/$$foo;) \
+	done; 
+# add documentation
+	for foo in $(DOC_FILES); do \
+		(cd .. && $(TAR) -uvhf --exclude "PACKAGERS" privoxy-$(TARGET_OS)-$(VERSION)-$(CODE_STATUS)-src.tar privoxy-$(VERSION)-$(CODE_STATUS)/$$foo;) \
+	done;
+# and zip the archive
+	$(RM) ../privoxy-$(VERSION)-$(CODE_STATUS)
+	$(GZIP_PROG) ../privoxy-$(TARGET_OS)-$(VERSION)-$(CODE_STATUS)-src.tar
+	@$(ECHO) Distribution with binary created.
+
+# anonymously ncftps the package to sourceforge
+gen-upload:
+	ncftpput -u anonymous -p ijbswa-developers at lists.sourceforge.net upload.sourceforge.net /incoming ../privoxy-$(TARGET_OS)-$(VERSION)-$(CODE_STATUS)-src.tar.gz
+	@$(ECHO) -------------------------------------------------------
+	@$(ECHO) Now goto
+	@$(ECHO) https://sourceforge.net/project/admin/editpackages.php?group_id=11118
+	@$(ECHO) ... and release the files.
+	@$(ECHO) -------------------------------------------------------
+
+# use with care
+gen-clean:
+	$(RM) privoxy-$(TARGET_OS)-$(VERSION)-$(CODE_STATUS)-src.tar*
+
+#############################################################################
+# solaris distribution. verified on SF machines by swa.
+#############################################################################
+solaris-dist: gen-dist
+	@$(ECHO) Done.
+# anonymously ncftps the package to sourceforge
+solaris-upload: gen-upload
+	@$(ECHO) Done.
+# use with care
+solaris-clean: gen-clean
+	@$(ECHO) Done.
+
+#############################################################################
+# hpux distribution
+#############################################################################
+hpux-dist:
+	@$(ECHO) coming soon. 
+hpux-upload:
+	@$(ECHO) coming soon. 
+
+#############################################################################
+# debian distribution
+#############################################################################
+debian-dist:
+	@$(ECHO) coming soon. 
+debian-upload:
+	@$(ECHO) coming soon. 
+
+#############################################################################
+# macosx distribution
+#############################################################################
+macosx-dist:
+	@$(ECHO) coming soon. 
+macosx-upload:
+	@$(ECHO) coming soon. 
+
+#############################################################################
+# amiga distribution
+#############################################################################
+amiga-dist:
+	@$(ECHO) coming soon. 
+amiga-upload:
+	@$(ECHO) coming soon. 
+
+#############################################################################
+# freebsd distribution. verified on SF machines by swa.
+#############################################################################
+freebsd-dist: gen-dist
+	@$(ECHO) Done.
+# anonymously ncftps the package to sourceforge
+freebsd-upload: gen-upload
+	@$(ECHO) Done.
+# use with care
+freebsd-clean: gen-clean
+	@$(ECHO) Done.
+
+#############################################################################
+# Windows distribution
+#############################################################################
+win-dist:
+	$(ECHO) Not implemented.
+
+
+#############################################################################
+# Tarball distribution: No CVS dirs, dotfiles, debian build dir,
+# (FIXME:) only parts of the static / generated docs mix in doc/webserver
+#############################################################################
+
+tarball-dist: dist-check clean clobber
+	$(LN) -s current ../privoxy-$(VERSION)-$(CODE_STATUS)
+
+	for i in `find . -type f -a -not \( -path "*/CVS*" -o -name ".*" \
+	-o -path "*/debian/*" -o -path "*/actions/*" -o -name "*.php" -o \
+	-name "PACKAGERS" \)`; do \
+	   files="$$files privoxy-$(VERSION)-$(CODE_STATUS)/$$i"; \
+	done &&  \
+	cd .. && $(TAR) -cvhf privoxy-$(VERSION)-$(CODE_STATUS)-src.tar $$files ; \
+
+# and zip the archive
+	$(RM) ../privoxy-$(VERSION)-$(CODE_STATUS) 
+	$(GZIP_PROG) ../privoxy-$(VERSION)-$(CODE_STATUS)-src.tar
+	@$(ECHO) Tarball distribution created.
+
+# anonymously ncftps the tarball to sourceforge
+tarball-upload:
+	ncftpput -u anonymous -p ijbswa-developers at lists.sourceforge.net upload.sourceforge.net /incoming ../privoxy-$(VERSION)-$(CODE_STATUS)-src.tar.gz
+	@$(ECHO) -------------------------------------------------------
+	@$(ECHO) Now goto
+	@$(ECHO) https://sourceforge.net/project/admin/editpackages.php?group_id=11118
+	@$(ECHO) ... and release the files.
+	@$(ECHO) -------------------------------------------------------
+
+tarball-clean:
+	$(RM) ../privoxy-$(VERSION)-$(CODE_STATUS)-src.tar.gz
+
+#############################################################################
+#
+# Documentation
+#
+# converts doc/source/*.sgml into html and man pages
+#
+#############################################################################
+
+# developer manual
+dok-devel: 
+	$(RM) doc/webserver/developer-manual/*.html
+	$(RM) -r doc/source/developer-manual
+	mkdir -p doc/source/developer-manual
+	cd doc/source/developer-manual && $(DB) ../developer-manual.sgml && cd .. && cp developer-manual/*.html ../webserver/developer-manual/
+
+# user manual
+dok-user: 
+	$(RM) doc/webserver/user-manual/*.html
+	$(RM) -r doc/source/user-manual/
+	mkdir -p doc/source/user-manual
+	cd doc/source/user-manual && $(DB) -iuser-man ../user-manual.sgml && cd .. && cp user-manual/*.html ../webserver/user-manual/
+	# FIXME: temp fix so same stylesheet gets in more than one place so it works
+	# for all doc set-ups, including the 'user manual' config option in local
+	# system where it MUST be in same directory as html.
+	$(PERL) -pi.bak -e 's/<\/head/\n<LINK REL=\"STYLESHEET\" TYPE=\"text\/css\" HREF=\"p_doc.css\">\n<\/head/i' doc/webserver/user-manual/*html
+
+# faq
+dok-faq: 
+	$(RM) doc/webserver/faq/*.html
+	$(RM) -r doc/source/faq
+	mkdir -p doc/source/faq
+	cd doc/source/faq && $(DB) ../faq.sgml && cd .. && cp faq/*.html ../webserver/faq/
+
+# man page, one variation. Try to use the next target, just 'make man'. 
+dok-man: 
+	$(RM) doc/man/* doc/webserver/man-page/*.html
+ifneq ($(MAN2HTML),false)
+	$(ECHO) "<html><head><title>Privoxy Man page</title><link rel=\"stylesheet\" type=\"text/css\" href=\"../p_web.css\"></head><body><H2>NAME</H2>" > doc/webserver/man-page/privoxy-man-page.html
+	man ./privoxy.1 | $(MAN2HTML) -bare >> doc/webserver/man-page/privoxy-man-page.html
+	$(ECHO) "</body></html>" >> doc/webserver/man-page/privoxy-man-page.html
+else
+	$(MAKE) groff2html
+endif
+
+# Build man page from sgml. This requires the SGMLSpm perl module.
+# See CPAN, or your favorite perl repository. This is the preferred 
+# target for man page generation!
+man: dok-release
+	mkdir -p doc/source/temp && cd doc/source/temp && $(RM) * ;\
+	nsgmls ../privoxy-man-page.sgml  | sgmlspl ../../../utils/docbook2man/docbook2man-spec.pl &&\
+	perl -pi.bak -e 's/ <URL:.*>//; s/\[ /\[/g' privoxy.1 ;\
+	perl -pi.bak -e "s/\[ /\[/g;s/á/\\\\['a]/g;s/é/\\\\['e]/g" privoxy.1; \
+	perl -pi.bak -e "s/ö/\\\\[:o]/g" privoxy.1; \
+	perl -pi.bak -e 's/([ {])-([a-z])/$$1\\-$$2/g' privoxy.1; \
+	perl -pi.bak -e 's/ --([a-z])/ \\-\\-$$1/g' privoxy.1; \
+	perl -pi.bak -e 's/\\fB--/\\fB\\-\\-/g' privoxy.1; \
+	$(DB) ../privoxy-man-page.sgml && $(MV) -f privoxy.1 ../../../privoxy.1
+
+# For those with man2html ala RH7s.
+man2html:
+	mkdir -p doc/webserver/man-page
+ifneq ($(MAN2HTML),false)
+	$(MAN2HTML) privoxy.1 |grep -v "^Content-type" > tmp.html
+	$(PERL) -pi.bak -e 's/<A .*Contents<\/A>//; s/<A .*man2html<\/A>/man2html/' tmp.html
+	$(PERL) -pi.bak -e 's/(<\/HEAD>)/<LINK REL=\"STYLESHEET\" TYPE=\"text\/css\" HREF=\"..\/p_doc.css\"><\/HEAD>/' tmp.html
+# Twice because my version of man2html is pulling in commas and periods in URLs.
+	$(PERL) -pi.bak -e 's/(<A.*),(">)/$$1$$2/g' tmp.html
+	$(PERL) -pi.bak -e 's,\.">,">,g' tmp.html
+	$(PERL) -pi.bak -e "s/\['a\]/\á/g;s/\['e\]/\é/g" tmp.html
+# Get rid of spurious  from conversion. (How to do this with perl?)
+	$(SED) -e 's///g' tmp.html > doc/webserver/man-page/privoxy-man-page.html && $(RM) tmp.*
+else
+	$(MAKE) groff2html
+endif
+
+
+# Otherwise we get plain groff conversion.
+groff2html:
+	$(G2H_CMD) ./privoxy.1 | $(SED) -e 's@</head>@<link REL="STYLESHEET" TYPE="text/css" HREF="../p_doc.css"></head>@' > doc/webserver/man-page/privoxy-man-page.html
+
+
+# readme page and INSTALL file
+dok-readme: dok-release
+	cd doc/source && $(DB)-notoc -V nochunks readme.sgml > tmp.html &&\
+	env -u LANG $(WDUMP) tmp.html > ../../README ;\
+	$(DB)-notoc -V nochunks install.sgml > tmp.html &&\
+	env -u LANG $(WDUMP) tmp.html > ../../INSTALL ;\
+	$(RM) tmp.*
+
+# index.sgml is used to create both the Home Page, and a local index
+# for documentation, etc.
+#
+# index.html for webserver:
+dok-webserver: 
+	cd doc/source/webserver && $(DB)-notoc -ip-homepage -V nochunks index.sgml > ../../webserver/index.html
+	$(PERL) -pi.bak -e 's/..\/p_doc.css/p_doc.css/;\
+	s/<\/HEAD/\n<meta name=\"description\" content=\"Privoxy helps users to protect their privacy.\"><\/HEAD/;\
+	s/<\/HEAD/\n<meta name="MSSmartTagsPreventParsing" content="TRUE"><\/HEAD/;\
+	s/\.\d\. //;\
+	s/__copy/©/'\
+     doc/webserver/index.html && $(RM) doc/webserver/*.bak
+
+# privoxy-index.html for local documentation:
+dok-index: 
+	cd doc/source/webserver && $(DB)-notoc -ip-index -V nochunks index.sgml > ../../webserver/privoxy-index.html
+	$(PERL) -pi.bak -e 's/..\/p_doc.css/p_doc.css/;\
+	s/<\/HEAD/\n<meta name=\"description\" content=\"Privoxy helps users to protect their privacy.\"><\/HEAD/;\
+	s/<\/HEAD/\n<meta name="MSSmartTagsPreventParsing" content="TRUE"><\/HEAD/;\
+	s/\.\d\. //;\
+	s/__copy/©/' \
+     doc/webserver/privoxy-index.html && $(RM) doc/webserver/*.bak
+
+# Main documentation target.
+dok: dok-release dok-devel dok-user dok-faq dok-readme dok-webserver dok-authors dok-index
+	@$(ECHO) Documentation created.
+
+#
+# an alternative to the above dok. disabled man page creation for the moment
+#
+redhat-dok: dok-release dok-devel dok-user dok-faq redhat-readme dok-webserver dok-authors
+	@$(ECHO) Documentation created.
+
+## Make README
+redhat-readme: 
+	cd doc/source && $(DB)-notoc -V nochunks readme.sgml > tmp.html && $(WDUMP) \
+	  tmp.html > ../../README && $(RM) -r tmp.html
+
+## Make AUTHORS file
+dok-authors: 
+	cd doc/source && $(DB) -V nochunks authors.sgml > tmp.html && env -u LANG $(WDUMP) \
+	  tmp.html > ../../AUTHORS && $(RM) tmp.html
+
+# Set doc entities for VERSION and CODE_STATUS in sgml docs. Toggle content
+# exceptions accordingly. This needs to go before any doc building (doh).
+dok-release:
+	@$(ECHO) Setting doc version and status to $(VERSION), $(CODE_STATUS)
+	@$(PERL) -pi.bak -e 's/<!entity +p-version.*>/<!entity p-version "$(VERSION)">/;\
+     s/<!entity +p-status.*>/<!entity p-status "$(CODE_STATUS)">/' \
+     doc/source/*sgml doc/source/*/*sgml
+	$(RM) -r doc/source/*bak doc/source/*/*bak
+ifeq ($(CODE_STATUS),stable)
+	@$(ECHO) Setting docs to stable $(VERSION)
+	@$(PERL) -pi.bak -e 's/<!entity +% +p-stable.*>/<!entity % p-stable "INCLUDE">/;\
+     s/<!entity +% +p-not-stable.*>/<!entity % p-not-stable "IGNORE">/' \
+     doc/source/*sgml doc/source/*/*sgml
+	$(RM) -r doc/source/*bak doc/source/*/*bak
+else
+	@$(ECHO) Setting docs to not stable $(VERSION)
+	@$(PERL) -pi.bak -e 's/<!entity +% +p-stable.*>/<!entity % p-stable "IGNORE">/;\
+     s/<!entity +% +p-not-stable.*>/<!entity % p-not-stable "INCLUDE">/' \
+     doc/source/*sgml doc/source/*/*sgml
+	$(RM) -r doc/source/*bak doc/source/*/*bak
+endif
+
+# Create release announcement in text and html, with short and long versions.
+# This is a standalone target, and must be invoked directly.
+# announce: dok-release
+# 	mkdir -p $(DOC_TMP)
+# 	cd $(DOC_TMP) && cp -f ../announce.sgml . && $(DB) -iannounce-big announce.sgml &&\
+# 	mv -f index.html announce.html && $(WDUMP) announce.html > announce.txt
+# 	cd $(DOC_TMP) && $(DB) announce.sgml &&\
+# 	mv -f index.html announce-mini.html && $(WDUMP) announce-mini.html > announce-mini.txt &&\
+# 	mv -f *html *txt ../../.. 
+# 	rm -fr $(DOC_TMP)
+
+# The main Privoxy config file, generated from sgml sources. 
+# NOTE: This will require some hand editing. The new file is outputted 
+# as config.new so that problem sections can be compared to previous
+# version. This is hardcored to w3m for html/text conversion. Also, 
+# requires the shell util 'fmt'.
+config-file: dok-release
+	cd doc/source && $(DB)-notoc -iconfig-file -V nochunks config.sgml > __tmp.html &&\
+	env -u LANG w3m -dump __tmp.html | fmt -w 70 > ../../config.new && $(RM) -r __tmp.*
+	$(PERL) -i.bak utils/prepare-configfile.pl config.new
+
+	$(RM) *.bak
+	@$(ECHO)  "****************************************************"
+	@$(ECHO)  "The output file is config.new."
+	@$(ECHO)  "Now -- you need to hand edit the results!!!"
+	@$(ECHO)  "In particular, check the Debug levels, the"
+	@$(ECHO)  "permit-access, forward & socks examples and the"
+	@$(ECHO)  "various user-manual examples, which all"
+	@$(ECHO)  "probably got hammered."
+	@$(ECHO)  "****************************************************"
+
+# config file, alternate version using lynx (perl stuff unfinished). Lynx
+# does not do so good a job.
+config-file-alt: 
+	cd doc/source && $(ECHO) -e ".h2 JUSTIFY\\nJUSTIFY:FALSE" > __tmp.lynx_cfg &&\
+	$(DB)-notoc -iconfig-file -V nochunks config.sgml > __tmp.html &&\
+	lynx -cfg=__tmp.lynx_cfg -width=78 -dump __tmp.html > ../../config.new && $(RM) -r __tmp.*
+	$(PERL) -pi -e 's/^(   )//;\
+	                s/:$\/:\n/' config.new
+
+#############################################################################
+#
+# Webserver
+#
+# moves dokumentation to webserver
+#
+#############################################################################
+webserver: tidy
+	@$(ECHO) -------------------------------------------------------
+	@$(ECHO) You will need to "create" a SF shell first:
+	@$(ECHO)    ssh -t USER,PROJECT at shell.sourceforge.net create
+	@$(ECHO) Please make sure your documentation files are up to date.
+	@$(ECHO) Note that this command updates the home page and scps 
+	@$(ECHO) all stuff to the webserver, it will not remove obsolete documents.
+	@$(ECHO) You will also need to change the user-manual symlink manually.
+	@$(ECHO) -------------------------------------------------------
+
+	@$(ECHO) Uploading html
+	@cd doc/webserver; \
+          upload=`find . -type f -a -not \( -path "*/CVS*" -o -path "*/results*" \)`; \
+          $(TAR) c $$upload | ssh shell.sf.net 'cd /home/groups/i/ij/ijbswa/htdocs/; tar xvm 2>&1 | grep -v timestamp'
+
+	@$(ECHO) Fixing permissions
+	@ssh shell.sf.net 'chmod -R 775 /home/groups/i/ij/ijbswa/htdocs 2>/dev/null; true'
+	@ssh shell.sf.net 'find /home/groups/i/ij/ijbswa/htdocs/ -type f | xargs chmod 664 2>/dev/null; true'
+	@ssh shell.sf.net 'chmod 666 /home/groups/i/ij/ijbswa/htdocs/actions/results/actions-feedback.txt 2>/dev/null; true'
+
+
+web-actions: tidy
+	@$(ECHO) Uploading 
+	@cd doc/webserver/actions; \
+          upload=`find . -type f -a -not \( -path "*/CVS*" -o -path "*/results*" \)`; \
+          $(TAR) c $$upload | ssh ijbswa.sourceforge.net 'cd /home/groups/i/ij/ijbswa/htdocs/actions; tar xvm'
+
+	@$(ECHO) Fixing permissions
+	@ssh ijbswa.sourceforge.net 'find /home/groups/i/ij/ijbswa/htdocs/actions/ -type f | xargs chmod 664 2>/dev/null'
+	@ssh ijbswa.sourceforge.net 'chmod 666 /home/groups/i/ij/ijbswa/htdocs/actions/results/actions-feedback.txt 2>/dev/null'
+
+## 
+dok-put:
+	tar --exclude ".cvsignore" --exclude "CVS" --exclude "source" --exclude ".htaccess" \
+	     --exclude "obsolete" --exclude "actions" --exclude "*.zip" --exclude "robots.txt"\
+		doc/* INSTALL LICENSE AUTHORS README \
+		-czf $(DOC_FILE) ;\
+		$(ECHO) "Uploading doc package ..." ;\
+		scp $(DOC_FILE) ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/docs/
+		@ssh ijbswa.sourceforge.net 'chmod 775 /home/groups/i/ij/ijbswa/htdocs/docs/*gz 2>/dev/null; true'
+		$(RM) $(DOC_FILE)
+
+dok-get:
+	cd /tmp ;\
+	$(WGET) http://www.privoxy.org/docs/$(DOC_FILE) ;\
+	$(TAR) -zxvf $(DOC_FILE)
+
+
+#############################################################################
+# Source file dependencies
+#############################################################################
+
+actions. at OBJEXT@:   actions.c   actions.h   config.h $(PROJECT_H_DEPS) errlog.h jcc.h list.h loaders.h miscutil.h actionlist.h ssplit.h
+cgi. at OBJEXT@:       cgi.c       cgi.h       config.h $(PROJECT_H_DEPS) cgiedit.h cgisimple.h jbsockets.h list.h pcrs.h encode.h ssplit.h jcc.h filters.h actions.h errlog.h miscutil.h
+cgiedit. at OBJEXT@:   cgiedit.c   cgiedit.h   config.h $(PROJECT_H_DEPS) cgi.h list.h pcrs.h encode.h ssplit.h jcc.h filters.h actionlist.h actions.h errlog.h miscutil.h
+cgisimple. at OBJEXT@: cgisimple.c cgisimple.h config.h $(PROJECT_H_DEPS) cgi.h list.h pcrs.h encode.h ssplit.h jcc.h filters.h actions.h errlog.h miscutil.h urlmatch.h
+deanimate. at OBJEXT@: deanimate.c deanimate.h config.h $(PROJECT_H_DEPS)
+encode. at OBJEXT@:    encode.c    encode.h    config.h
+errlog. at OBJEXT@:    errlog.c    errlog.h    config.h $(PROJECT_H_DEPS) @WIN_ONLY at w32log.h
+filters. at OBJEXT@:   filters.c   filters.h   config.h $(PROJECT_H_DEPS) errlog.h encode.h gateway.h jbsockets.h jcc.h loadcfg.h parsers.h ssplit.h cgi.h deanimate.h urlmatch.h @WIN_ONLY at win32.h 
+gateway. at OBJEXT@:   gateway.c   gateway.h   config.h $(PROJECT_H_DEPS) errlog.h jbsockets.h jcc.h loadcfg.h
+jbsockets. at OBJEXT@: jbsockets.c jbsockets.h config.h $(PROJECT_H_DEPS) filters.h
+jcc. at OBJEXT@:       jcc.c       jcc.h       config.h $(PROJECT_H_DEPS) errlog.h filters.h gateway.h jbsockets.h loadcfg.h loaders.h miscutil.h parsers.h @WIN_ONLY at w32log.h win32.h w32svrapi.h cgi.h
+list. at OBJEXT@:      list.c      list.h      config.h $(PROJECT_H_DEPS) list.h miscutil.h
+loadcfg. at OBJEXT@:   loadcfg.c   loadcfg.h   config.h $(PROJECT_H_DEPS) errlog.h filters.h gateway.h jbsockets.h jcc.h loaders.h miscutil.h parsers.h @WIN_ONLY at w32log.h win32.h
+loaders. at OBJEXT@:   loaders.c   loaders.h   config.h $(PROJECT_H_DEPS) errlog.h encode.h filters.h gateway.h jcc.h loadcfg.h miscutil.h parsers.h ssplit.h
+miscutil. at OBJEXT@:  miscutil.c  miscutil.h  config.h
+parsers. at OBJEXT@:   parsers.c   parsers.h   config.h $(PROJECT_H_DEPS) errlog.h filters.h jbsockets.h jcc.h loadcfg.h loaders.h miscutil.h ssplit.h
+ssplit. at OBJEXT@:    ssplit.c    ssplit.h    config.h miscutil.h
+urlmatch. at OBJEXT@:  urlmatch.c  urlmatch.h  config.h $(PROJECT_H_DEPS) errlog.h miscutil.h ssplit.h
+
+# GNU regex
+gnu_regex. at OBJEXT@: gnu_regex.c gnu_regex.h config.h
+
+# PCRS
+pcrs. at OBJEXT@: pcrs.c pcrs.h config.h @STATIC_PCRE_ONLY at pcre/pcre.h 
+
+# PCRE
+pcre/get. at OBJEXT@:        pcre/get.c        pcre/config.h pcre/internal.h pcre/pcre.h
+pcre/maketables. at OBJEXT@: pcre/maketables.c pcre/config.h pcre/internal.h pcre/pcre.h
+pcre/pcre. at OBJEXT@:       pcre/pcre.c       pcre/config.h pcre/internal.h pcre/pcre.h pcre/chartables.c 
+pcre/pcreposix. at OBJEXT@:  pcre/pcreposix.c  pcre/config.h pcre/internal.h pcre/pcre.h pcre/pcreposix.h
+pcre/study. at OBJEXT@:      pcre/study.c      pcre/config.h pcre/internal.h pcre/pcre.h
+
+# An auxiliary program makes the PCRE default character table source
+
+pcre/chartables.c:   pcre/dftables at EXEEXT@
+		pcre/dftables at EXEEXT@ >pcre/chartables.c
+
+pcre/dftables at EXEEXT@:       pcre/dftables.c pcre/maketables.c pcre/pcre.h pcre/internal.h pcre/config.h
+		$(CC) -o pcre/dftables at EXEEXT@ $(CFLAGS) pcre/dftables.c
+
+# Win32
+w32log. at OBJEXT@: w32log.c errlog.h config.h jcc.h loadcfg.h miscutil.h pcre/pcre.h pcre/pcreposix.h pcrs.h project.h w32log.h w32taskbar.h win32.h
+w32taskbar. at OBJEXT@: w32taskbar.c config.h w32log.h w32taskbar.h
+win32. at OBJEXT@: win32.c config.h jcc.h loadcfg.h pcre/pcre.h pcre/pcreposix.h pcrs.h project.h w32log.h win32.h w32svrapi.h
+
+w32.res: w32.rc w32res.h icons/ico00001.ico icons/ico00002.ico icons/ico00003.ico icons/ico00004.ico icons/ico00005.ico icons/ico00006.ico icons/ico00007.ico icons/ico00008.ico icons/idle.ico icons/privoxy.ico config.h
+	windres -D__MINGW32__=0.2 -O coff -i $< -o $@
+
+# AmigaOS
+ at AMIGAOS_ONLY@OBJS += amiga.o
+ at AMIGAOS_ONLY@ifeq ($(shell $(CC) -dumpmachine), m68k-amigaos)
+ at AMIGAOS_ONLY@CFLAGS += -D__AMIGAVERSION__=\"$(VERSION_MAJOR).$(VERSION_MINOR)$(VERSION_POINT)\" -D__AMIGADATE__=\"`date +%d.%m.%Y`\" -W -m68020 -noixemul -fbaserel -msmall-code
+ at AMIGAOS_ONLY@LDFLAGS += -m68020 -noixemul -fbaserel
+ at AMIGAOS_ONLY@LIBS = -lm /gg/lib/libb/libm020/libnix/swapstack.o
+ at AMIGAOS_ONLY@else
+ at AMIGAOS_ONLY@CFLAGS += -D__AMIGAVERSION__=\"$(VERSION_MAJOR).$(VERSION_MINOR)$(VERSION_POINT)\" -D__AMIGADATE__=\"`date +%d.%m.%Y`\" -Wextra -D__USE_INLINE__ -D__NO_INTUITION_RJ_MACROS
+ at AMIGAOS_ONLY@endif
+ at AMIGAOS_ONLY@amiga.o: amiga.c amiga.h config.h
+
+
+$(PROGRAM): $(OBJS) $(W32_FILES)
+	$(LD) $(LDFLAGS) -o $(PROGRAM) $(OBJS) $(LIBS)
+
+clean:
+	$(RM) a.out $(OBJS) $(W32_FILES) $(W32_INIS) $(PROGRAM) default.action `find . -name TAGS -o -name tags` config.base config.tmp
+
+tidy:
+	$(RM) `find . -name "*~"`
+	$(RM) `find . -name "#*#"` # Emacs backup files
+	$(RM) `find . -name ".\#*"`
+
+clobber: tidy
+	$(RM) GNUmakefile configure config.h.in config.h config.cache config.status config.log logfile \
+              privoxy.log core *.tar.gz *.tar privoxy-cl.spec doc/source/ldp.dsl config.new
+	$(RM) -r autom4te.cache
+
+#
+# FIXME: What is all this? 
+#
+	$(RM) cscope.*  *.pdb *.lib *.exp 
+
+distclean: clobber
+
+tags: $(SRCS) $(HDRS)
+	etags $(SRCS) $(HDRS)
+
+CONF_DEST:=$(shell if [ "$(prefix)" = "/usr/local" ] && [ "$(CONF_BASE)" = "$(prefix)/etc" ];then \
+		$(ECHO) "$(CONF_BASE)/privoxy";\
+	 else\
+		 $(ECHO) "$(CONF_BASE)";\
+	 fi)
+
+LOG_DEST:=$(shell if [ "$(prefix)" = "/usr/local" ] && [ "$(LOGS_DEST)" = "$(prefix)/var/log/privoxy" ];then \
+		$(ECHO) "/var/log/privoxy" ;\
+	 else\
+		 $(ECHO) "$(LOGS_DEST)";\
+	 fi)
+
+PID_DEST:=$(shell if [ "$(prefix)" = "/usr/local" ] && [ "$(PIDS_DEST)" = "$(prefix)/var/run" ];then \
+		$(ECHO) "/var/run" ;\
+	 else\
+		 $(ECHO) "$(PIDS_DEST)";\
+	 fi)
+
+check_doc:=$(shell if [ ! -d "$(SHARE_DEST)/doc" ] && [ "$(prefix)" = "/usr/local" ]  && [ -d "$(prefix)/doc" ];then \
+		$(ECHO) "1";\
+	 else\
+		 $(ECHO) "0";\
+	 fi)
+
+# If USER is specified but no GROUP, assume there is a GROUP of same name.
+GROUP_T:=$(shell if [ x$(GROUP) = x ] && [ x$(USER) != x ];then \
+		$(ECHO) "$(USER)" ;\
+	 else\
+		 $(ECHO) "$(GROUP)";\
+	 fi)
+
+install-strip:
+	$(MAKE) install STRIP=-s
+
+# FIXME: Test USER and GROUP on Slack to make sure this works as 
+# intended.
+#
+# FIXME: id handling needs help, probably via configure, since 'id -u' is not 
+# universally reliable (eg Solaris). Group handling could be better. 
+# Perhaps the whole user/group validation should be done here, and simplified.
+PROGRAM_V = Privoxy $(VERSION) $(CODE_STATUS)
+install: CONF_DEST LOG_DEST PID_DEST check_doc GROUP_T
+	@# Quick test for valid USER.
+	@if [ -n "$(USER)" ]; then \
+		$(ID) $(USER) >/dev/null || exit 1;\
+	fi
+	@# Test for valid group. FIXME. USER does not have to belong to GROUP 
+	@# for file ownership purposes.
+# 	if [ -n "$(GROUP_T)" ] && [ -n "$(USER)" ] && ! $(GROUPS) $(USER) | $(GREP) "\<$(GROUP_T)\>" >/dev/null; then \
+# 		$(ECHO) Group $(GROUP_T) for User $(USER) is invalid && exit 1 ;\
+# 	fi
+
+	@$(ECHO) "Creating directories, and preparing $(PROGRAM_V) installation"
+	$(CHMOD) $(DIR_MODE) $(MKDIR)
+	@$(MKDIR) $(DESTDIR)$(SBIN_DEST) $(DESTDIR)$(prefix) $(DESTDIR)$(CONF_DEST) \
+		$(DESTDIR)$(CONF_DEST)/templates $(DESTDIR)$(SHARE_DEST) \
+		$(DESTDIR)$(LOG_DEST) $(DESTDIR)$(PID_DEST)
+	@# Install the executable binary, strip if invoked as install-strip
+	@test -n "$(STRIP)" &&\
+	$(ECHO) Installing $(PROGRAM) stripped executable to $(SBIN_DEST) ||\
+	$(ECHO) Installing $(PROGRAM) executable to $(DESTDIR)$(SBIN_DEST)
+	$(INSTALL) $(INSTALL_P) $(STRIP) $(PROGRAM) $(DESTDIR)$(SBIN_DEST)
+
+	@# Install the DOCS and man page. install-sh only does one file at a time.
+	@# FIXME: only handles jpegs.
+	- at if [ $(check_doc) = 0 ]; then \
+		DOC=$(DOC_DEST) ;\
+	else \
+		DOC=$(prefix)/doc/privoxy ;\
+	fi;\
+	$(MKDIR) $(DESTDIR)$$DOC $(DESTDIR)$$DOC/user-manual $(DESTDIR)$$DOC/faq $(DESTDIR)$$DOC/developer-manual \
+	     $(DESTDIR)$$DOC/man-page $(DESTDIR)$$DOC/images $(DESTDIR)$(MAN_DEST) ;\
+	if [ -d "$(DOK_WEB)" ]; then \
+		$(ECHO) Installing FAQ, Manual, and other docs to $(DESTDIR)$$DOC;\
+          for i in user-manual developer-manual faq; do \
+               for ii in $(DOK_WEB)/$$i/*html; do \
+                    $(INSTALL) $(INSTALL_T) $$ii $(DESTDIR)$$DOC/$$i;\
+               done ;\
+          done ;\
+		for i in $(DOK_WEB)/user-manual/*jpg; do \
+               $(INSTALL) $(INSTALL_T) $$i $(DESTDIR)$$DOC/user-manual;\
+          done ;\
+		$(INSTALL) $(INSTALL_T) $(DOK_WEB)/man-page/*html $(DESTDIR)$$DOC/man-page;\
+		$(INSTALL) $(INSTALL_T) $(DOK_WEB)/privoxy-index.html $(DESTDIR)$$DOC/index.html;\
+		$(INSTALL) $(INSTALL_T) AUTHORS $(DESTDIR)$$DOC;\
+		$(INSTALL) $(INSTALL_T) LICENSE $(DESTDIR)$$DOC;\
+		$(INSTALL) $(INSTALL_T) README $(DESTDIR)$$DOC;\
+		$(INSTALL) $(INSTALL_T) ChangeLog $(DESTDIR)$$DOC;\
+		$(INSTALL) $(INSTALL_T) $(DOK_WEB)/p_doc.css $(DESTDIR)$$DOC;\
+		$(INSTALL) $(INSTALL_T) $(DOK_WEB)/p_doc.css $(DESTDIR)$$DOC/user-manual;\
+	fi
+	@# Not all platforms support gzipped man pages.
+	@$(ECHO) Installing man page to $(DESTDIR)$(MAN_DEST)/privoxy.1
+	-$(INSTALL) $(INSTALL_T) privoxy.1  $(DESTDIR)$(MAN_DEST)/privoxy.1
+
+	@# Change the config file default directories according to the configured ones
+	@$(ECHO) Rewriting config for this installation
+	@if [ -f config.base ] ; then \
+		$(CAT) config >config~ ;\
+		$(MV) config.base config ;\
+	fi
+	$(SED) 's+^confdir \.+confdir $(CONF_DEST)+' config | \
+	$(SED) 's+^logdir \.+logdir $(LOG_DEST)+' >config.tmp
+	- at if [ $(check_doc) = 0 ]; then \
+      $(SED) 's+^#\?user-manual .*+user-manual $(DOC_DEST)/user-manual/+' config.tmp >config.updated ;\
+	else \
+      $(SED) 's+^#\?user-manual .*+user-manual $(prefix)/doc/privoxy/user-manual/+' config.tmp >config.updated ;\
+	fi;\
+	$(MV) config config.base
+	$(MV) config.updated config 
+
+	@# Install the config support files. Test for root install, and abort 
+	@# if there is no privoxy user, and no other user was enabled during 
+	@# configure. Later, install init script if appropriate.
+	@$(ECHO) Installing templates to $(DESTDIR)$(CONF_DEST)/templates
+	@for i in `find templates -type f`; do \
+		$(INSTALL) $(INSTALL_T) $$i $(DESTDIR)$(CONF_DEST)/templates ;\
+	done
+
+	@# FIXME: group/user validation is overly convoluted.
+	@# If superuser install ... we require a minimum of group ownership
+	@# of those files the daemon writes to, to be non-root owned.
+	@if [ "`$(ID) |sed 's/(.*//' |sed 's/.*=//'`" = "0" ] ;then\
+		if [ x$(USER) = x ] || [ $(USER) = root ]; then \
+			if [ x$(GROUP) = x ] || [ $(GROUP) = root ]; then \
+				if [ "`$(ID) privoxy`" ] && \
+					$(GROUPS) privoxy | $(SED) 's/^.*://' |$(GREP) "\<privoxy\>" >/dev/null; then \
+					$(ECHO) "Warning: Setting group owner to privoxy";\
+					GROUP_T=privoxy ;\
+				else \
+					$(ECHO)  "******************************************************************" ;\
+					$(ECHO)  " WARNING! WARNING! installing config files as root!" ;\
+					$(ECHO)  " It is strongly recommended to run $(PROGRAM) as a non-root user," ;\
+					$(ECHO)  " and to install the config files as that user and/or group!" ;\
+					$(ECHO)  " Please read INSTALL, and create a privoxy user and group!" ;\
+					$(ECHO)  "*******************************************************************" ;\
+					exit 1 ;\
+				fi ;\
+			else \
+				GROUP_T=$(GROUP) ;\
+			fi ;\
+			INSTALL_CONF="$(INSTALL_R) -g $$GROUP_T " ;\
+		else \
+			$(ECHO) "Superuser install, installing config files as $(USER):$(GROUP_T)" ;\
+			INSTALL_CONF="$(INSTALL_R) -o $(USER) -g $(GROUP_T)" ;\
+			GROUP_T=$(GROUP_T) ;\
+		fi ;\
+	else \
+		if [ ! "`id $(USER)`" = "`id`" ] ;then \
+			$(ECHO) "** WARNING ** current install user different from configured user!!" ;\
+			$(ECHO) "Edit may fail." ;\
+		fi ;\
+		INSTALL_CONF="$(INSTALL_R)" ;\
+	fi ;\
+	$(ECHO) Installing configuration files to $(DESTDIR)$(CONF_DEST);\
+	for i in $(CONFIGS); do \
+		if [ "$$i" = "default.action" ] || [ "$$i" = "default.filter" ] ; then \
+			$(RM) $(DESTDIR)$(CONF_DEST)/$$i ;\
+			$(ECHO) Installing fresh $$i;\
+			$(INSTALL) $$INSTALL_CONF $$i $(DESTDIR)$(CONF_DEST) || exit 1;\
+		elif [ -s "$(CONF_DEST)/$$i" ]; then \
+			$(ECHO) Installing $$i as $$i.new ;\
+			$(INSTALL) $$INSTALL_CONF $$i $(DESTDIR)$(CONF_DEST)/$$i.new || exit 1;\
+			NEW=1;\
+		else \
+			$(INSTALL) $$INSTALL_CONF $$i $(DESTDIR)$(CONF_DEST) || exit 1;\
+		fi ;\
+	done ;\
+	if [ -n "$$NEW" ]; then \
+		$(CHMOD) $(RWD_MODE) $(DESTDIR)$(CONF_DEST)/*.new || exit 1 ;\
+		$(ECHO) "Warning: Older config files are preserved. Check new versions for changes!" ;\
+	fi ;\
+	[ ! -f $(DESTDIR)$(LOG_DEST)/logfile ] && $(ECHO) Creating logfiles in $(DESTDIR)$(LOG_DEST) || \
+		$(ECHO) Checking logfiles in $(DESTDIR)$(LOG_DEST) ;\
+		$(TOUCH) $(DESTDIR)$(LOG_DEST)/logfile || exit 1 ;\
+	if [ x$$USER != x ]; then \
+		$(CHOWN) $$USER $(DESTDIR)$(LOG_DEST)/logfile || \
+		$(ECHO) "** WARNING ** current install user different from configured user. Logging may fail!!" ;\
+	fi ;\
+	if [ x$$GROUP_T != x ]; then \
+		$(CHGRP) $$GROUP_T $(DESTDIR)$(LOG_DEST)/logfile || \
+		$(ECHO) "** WARNING ** current install user different from configured user. Logging may fail!!" ;\
+	fi ;\
+	$(CHMOD) $(RWD_MODE) $(DESTDIR)$(LOG_DEST)/logfile || exit 1 ;\
+	if [ "$(prefix)" = "/usr/local" ] || [ "$(prefix)" = "/usr" ]; then \
+		if [ -f /etc/slackware-version ] && [ -d /etc/rc.d/ ] && [ -w /etc/rc.d/ ] ; then \
+               $(SED) 's+%PROGRAM%+$(PROGRAM)+' slackware/rc.privoxy.orig | \
+               $(SED) 's+%SBIN_DEST%+$(SBIN_DEST)+' | \
+               $(SED) 's+%CONF_DEST%+$(CONF_DEST)+' | \
+               $(SED) 's+%USER%+$(USER)+' | \
+               $(SED) 's+%GROUP%+$(GROUP_T)+' >slackware/rc.privoxy ;\
+			$(INSTALL) $(INSTALL_P) slackware/rc.privoxy $(DESTDIR)/etc/rc.d/ ;\
+               $(ECHO) "Installing for Slackware." ;\
+               $(ECHO) "Dont forget to add the rc.privoxy to rc.local if you want it started at every boot" ;\
+		elif [ -f /etc/redhat-release ] && [ -d /etc/rc.d/init.d/ ] && [ -w /etc/rc.d/init.d/ ] ; then \
+               $(ECHO) "Installing init script to /etc/rc.d/init.d/privoxy" ;\
+			$(SED) 's,^PRIVOXY_BIN=.*,PRIVOXY_BIN="/usr/local/sbin/$(PROGRAM)",' privoxy.init |\
+			$(SED) 's,^PRIVOXY_CONF=.*,PRIVOXY_CONF="$(CONF_DEST)/config",' |\
+			$(SED) "s,^PRIVOXY_USER=.*,PRIVOXY_USER=$$USER," > init.tmp ;\
+			$(INSTALL) $(INSTALL_P) init.tmp $(DESTDIR)/etc/rc.d/init.d/privoxy && $(RM) init.tmp;\
+			$(MKDIR) $(DESTDIR)/etc/logrotate.d/ ;\
+			$(ECHO) "Installing logrotate script to $(DESTDIR)/etc/logrotate.d/" ;\
+			$(INSTALL) -m 0644 privoxy.logrotate $(DESTDIR)/etc/logrotate.d/privoxy ;\
+		elif [ -d $(DESTDIR)/etc/init.d ] && [ -w $(DESTDIR)/etc/init.d ] ; then \
+			$(ECHO) "Installing generic init script to $(DESTDIR)/etc/init.d/privoxy" ;\
+			$(ECHO) "Please check that the PATHs are correct, and edit if needed." ;\
+			$(INSTALL) $(INSTALL_P) privoxy-generic.init $(DESTDIR)/etc/init.d/privoxy ;\
+		fi ;\
+	else \
+		$(ECHO) "No init script installed, install it manually if needed" ;\
+	fi
+	$(RM) config.base config.tmp
+	@# mmmmm, good.
+	@$(ECHO) "$(PROGRAM_V) installation succeeded!"
+	@$(ECHO) "The Privoxy configuration files have been installed in $(DESTDIR)$(CONF_DEST)"
+
+# rmdir is used as a precaution since it will not remove non-empty
+# directories. RH init script creates lock file and pid file.
+uninstall: CONF_DEST LOG_DEST PID_DEST check_doc
+	@$(ECHO) Starting Privoxy uninstallation
+	@# KILL privoxy if running
+	@# XXX: the chkconfig line may need a DESTDIR prefix.
+	- at if [ -f $(DESTDIR)/etc/redhat-release ] && [ -x $(DESTDIR)/etc/rc.d/init.d/privoxy ]; then \
+		$(DESTDIR)/etc/rc.d/init.d/privoxy stop >/dev/null 2>/dev/null ;\
+		chkconfig --del $(PROGRAM) 2>/dev/null;\
+	fi
+	- at test -f $(DESTDIR)$(PID_DEST)/privoxy.pid && $(ECHO) Stopping $(PROGRAM) &&\
+         $(KILL) `$(CAT) $(DESTDIR)$(PID_DEST)/privoxy.pid` || :
+	- at test -f $(DESTDIR)/var/run/privoxy.pid && $(ECHO) Stopping $(PROGRAM) &&\
+          $(KILL) `$(CAT) $(DESTDIR)/var/run/privoxy.pid ` || :
+
+	@# Program binary
+	@$(ECHO) Removing $(PROGRAM) binary
+	$(RM) $(DESTDIR)$(SBIN_DEST)/$(PROGRAM) $(SBIN_DEST)/$(PROGRAM)~
+
+	@# config files and dir, and maybe old install backups
+	- at if [ -d $(DESTDIR)$(CONF_DEST) ]; then \
+		$(ECHO) Saving $(PROGRAM) config files to $(DESTDIR)/tmp/$(PROGRAM)-save ;\
+		$(MKDIR) $(DESTDIR)/tmp/$(PROGRAM)-save ;\
+		cd $(DESTDIR)$(CONF_DEST) ;\
+		for i in $(DESTDIR)$(CONFIGS); do \
+			[ -f $$i ] && $(CP) $$i $(DESTDIR)/tmp/$(PROGRAM)-save ;\
+		done ;\
+	fi
+	@$(ECHO) Removing $(PROGRAM) config files
+	- at for i in $(DESTDIR)$(CONFIGS); do \
+		test -f $(CONF_DEST)/$$i && $(ECHO) Removing $$i ;\
+		$(RM) $(DESTDIR)$(CONF_DEST)/$$i $(DESTDIR)$(CONF_DEST)/$$i~ $(DESTDIR)$(CONF_DEST)/$$i.new ;\
+	done
+	- at test -d $(DESTDIR)$(CONF_DEST)/templates && $(RM) -r $(DESTDIR)$(CONF_DEST)/templates &&\
+	$(ECHO) "Removing $(DESTDIR)$(CONF_DEST)/templates/*"
+
+	@# man page and docs
+	@$(ECHO) Removing $(PROGRAM) docs
+	-$(RM) $(DESTDIR)$(MAN_DEST)/privoxy.1*
+	-$(RM) -r $(DESTDIR)$(DOC_DEST) || $(RM) -r $(DESTDIR)$(prefix)/doc/privoxy
+
+	@# Log and pidfile
+	@$(ECHO) Removing $(PROGRAM) logs
+	-$(RM) $(DESTDIR)$(LOG_DEST)/logfile $(DESTDIR)$(PID_DEST)/privoxy.pid
+
+	@# Final clean up of unused directories. Special handling of CONF and LOG
+     # destinations.
+	@$(ECHO) Removing $(PROGRAM) directories
+	@for i in $(DESTDIR)$(LOG_DEST) $(DESTDIR)$(CONF_DEST); do \
+		if test -d $$i; then \
+			$(ECHO) Removing $$i ;\
+			$(RMDIR) $$i || $(ECHO) "$$i is not empty, not removed" ;\
+		fi;\
+	done
+	@if [  ! "$(prefix)" = "/usr/local" ] ;then \
+		for i in $(DESTDIR)$(MAN_DEST) $(DESTDIR)$(MAN_DIR) $(DESTDIR)$(SHARE_DEST)/doc \
+                         $(DESTDIR)$(SHARE_DEST) $(DESTDIR)$(SBIN_DEST); do \
+			if test -d $$i; then \
+				$(ECHO) Removing $$i ;\
+				$(RMDIR) $$i || $(ECHO) "$$i is not empty, not removed" ;\
+			fi;\
+		done;\
+		if test $(LOG_DEST) != /var/log/privoxy && test -d $(DESTDIR)$(prefix)/var/log; then \
+			$(ECHO) Removing $(DESTDIR)$(prefix)/var/log ;\
+			$(RMDIR) $(DESTDIR)$(prefix)/var/log || $(ECHO) "$(DESTDIR)$(prefix)/var/log is not empty, not removed";\
+		fi ;\
+		if test $(PID_DEST) != /var/run && test -d $(DESTDIR)$(prefix)/var/run; then \
+			$(ECHO) Removing $(DESTDIR)$(prefix)/var/run ;\
+			$(RMDIR) $(DESTDIR)$(prefix)/var/run || $(ECHO) "$(DESTDIR)$(prefix)/var/run is not empty, not removed";\
+		fi ;\
+		if test $(prefix)/var != /var && test -d $(DESTDIR)$(prefix)/var; then \
+			$(ECHO) Removing $(DESTDIR)$(prefix)/var ;\
+			$(RMDIR) $(DESTDIR)$(prefix)/var || $(ECHO) "$(DESTDIR)$(prefix)/var is not empty, not removed" ;\
+		fi ;\
+		if test $(prefix) != / && test $(prefix) != /usr && test -d $(DESTDIR)$(prefix); then \
+			$(ECHO) Removing $(DESTDIR)$(prefix) ;\
+			$(ECHO) Removing installation directory $(DESTDIR)$(prefix) ;\
+			$(RMDIR) $(DESTDIR)$(prefix) || $(ECHO) "$(DESTDIR)$(prefix) is not empty, not removed" ;\
+		fi;\
+	fi
+
+	@# init scripts and logrotate
+	@if [ "$(prefix)" = "/usr/local" ] || [ "$(prefix)" = "/usr" ]; then \
+		$(ECHO) Removing $(PROGRAM) init script ;\
+		if [ -f $(DESTDIR)/etc/slackware-version ] && \
+	                [ -d $(DESTDIR)/etc/rc.d/ ]  && [ -w $(DESTDIR)/etc/rc.d/ ] ; then \
+			$(RM) $(DESTDIR)/etc/rc.d/rc.privoxy ;\
+		elif [ -f $(DESTDIR)/etc/redhat-release ] && [ -d $(DESTDIR)/etc/rc.d/init.d/ ] \
+                       && [ -w $(DESTDIR)/etc/rc.d/init.d/ ] ; then \
+			$(RM) $(DESTDIR)/etc/rc.d/init.d/privoxy $(DESTDIR)/etc/logrotate.d/privoxy;\
+		elif [ -d $(DESTDIR)/etc/init.d ] && [ -w $(DESTDIR)/etc/init.d ] ; then \
+			$(RM) $(DESTDIR)/etc/init.d/privoxy ;\
+		else \
+			$(ECHO) "Unable to remove privoxy init script, not installed or permission denied" ;\
+		fi ;\
+	fi
+	@$(ECHO) Privoxy uninstalled, bye
+
+coffee:
+	 @perl	-e 'print pack "C*", (31,139,8,8,153,63,226,60,2,3,99,111,102,102,101,'	 \
+		-e '101,0,109,143,205,13,192,32,8,133,239,78,241,110,234,1,28,160,171,'  \
+		-e '152,208,53,26,117,247,22,165,73,137,125,9,1,62,126,2,128,169,5,243,' \
+		-e '143,13,139,49,164,65,100,149,152,102,73,141,88,73,178,116,205,100,'  \
+		-e '69,253,36,102,81,49,83,236,19,225,171,131,214,172,163,73,4,168,123,' \
+		-e '115,71,126,247,122,94,128,178,227,95,154,12,86,215,122,197,249,146,' \
+		-e '187,54,220,125,193,51,228,11,1,0,0);' | zcat
+
+#############################################################################
+
+## Local Variables:
+## tab-width: 3
+## end:
+
+# $Log: GNUmakefile.in,v $
+# Revision 1.180  2009/02/28 08:28:14  fabiankeil
+# pcrs.o doesn't depend on pcre/pcre.h if we are linking
+# dynamically. Patch provided by drauh in #2056286.
+#
+# Revision 1.179  2009/02/22 14:48:31  hal9
+# Updates to the 'make webserver' target that recreates the home page and uploads
+# fresh documents to reflect new SF realities, and more explanation of process.
+#
+# Revision 1.178  2009/02/08 18:35:48  fabiankeil
+# Move the match-all section into a separate file
+# (match-all.action) so we can safely overwrite the
+# default actions when updating. Based on Roland's
+# patch #1563977.
+#
+# Revision 1.177  2009/01/13 16:44:32  fabiankeil
+# Delete the standard.action file after moving
+# the pre-settings over to the default actions.
+#
+# Revision 1.176  2008/09/21 13:24:37  fabiankeil
+# Add Roland's man page fixes from 19_manpage_fixup.dpatch.
+#
+# Revision 1.175  2008/08/30 12:03:07  fabiankeil
+# Remove FEATURE_COOKIE_JAR.
+#
+# Revision 1.174  2008/07/18 17:50:47  fabiankeil
+# Fix whitespace.
+#
+# Revision 1.173  2008/06/18 18:28:42  fabiankeil
+# Remove PDF-related stuff.
+#
+# Revision 1.172  2008/06/17 16:16:08  fabiankeil
+# - Stop building text files nobody cares about.
+# - Update copyright year.
+#
+# Revision 1.171  2008/06/13 15:24:57  fabiankeil
+# Move previously inline'd Perl code for the config-file target
+# into a separate file, have it work with older perl releases,
+# clean it up a bit and fix the "underlining" code.
+#
+# Revision 1.170  2008/06/12 16:38:50  fabiankeil
+# Add third-level domain to URL in dok-get target.
+#
+# Revision 1.169  2008/06/09 17:28:31  fabiankeil
+# - Recommend https for releasing files.
+# - Fix a warning about datarootdir being ignored.
+#
+# Revision 1.168  2008/05/23 18:03:12  fabiankeil
+# - Shorten meta description inserted in dok-webserver
+#   and dok-index target.
+# - In config-file target, unset LANG for w3m as we
+#   might otherwise end up with multi-byte characters.
+#
+# Revision 1.167  2008/05/23 14:39:09  fabiankeil
+# Silence dok-user complaint about @# not being found.
+#
+# Revision 1.166  2008/05/23 14:04:57  fabiankeil
+# - Get config-file target working with more recent Perl
+#   versions. The generated file is still messed up, though.
+# - Fix comment typo.
+#
+# Revision 1.165  2008/05/22 16:57:23  fabiankeil
+# Fix coffee machine.
+#
+# Revision 1.164  2008/05/22 10:26:26  fabiankeil
+# - Remove parsers. at OBJEXT@'s dependency on encode.h.
+# - Include Emacs backup files in tidy target again.
+#
+# Revision 1.163  2008/05/04 18:01:53  fabiankeil
+# Dependency fixes: cgisimple.c and filters.c depend on urlmatch.h.
+#
+# Revision 1.162  2008/03/30 13:31:42  fabiankeil
+# Add DESTDIR support for the uninstall target.
+#
+# Revision 1.161  2008/03/30 13:19:13  fabiankeil
+# Add DESTDIR support for the install target. Closes PR#1910612.
+# Patch by Radoslaw Zielinski with minor modifications.
+#
+# Revision 1.160  2008/03/27 18:27:19  fabiankeil
+# Remove kill-popups action.
+#
+# Revision 1.159  2008/03/21 11:13:53  fabiankeil
+# Only gather host information if it's actually needed.
+# Also move the code out of accept_connection() so it's less likely
+# to delay other incoming connections if the host is misconfigured.
+#
+# Revision 1.158  2007/12/11 21:29:25  fabiankeil
+# Fix dependency list for cgiedit.c.
+#
+# Revision 1.157  2007/12/10 02:28:02  hal9
+# Unset $LANG for text processing of docs so we get pure text.
+#
+# Revision 1.156  2007/11/15 03:17:43  hal9
+# Some workaround changes to the config file perl stuff and comments, which is
+# broken here all by itself on perl 5.8.8.
+#
+# Revision 1.155  2007/09/22 16:23:25  fabiankeil
+# Update copyright line.
+#
+# Revision 1.154  2007/02/07 11:52:40  fabiankeil
+# Fix suse-dist as described in BR#1654052.
+# (I didn't test it, but it's done the same
+# way in redhat-dist which is known to work).
+#
+# Revision 1.153  2007/01/07 07:36:36  joergs
+# Added AmigaOS4 support.
+#
+# Revision 1.152  2006/12/13 14:53:51  etresoft
+# Include any existing LDFLAGS environment when linking so that a MacOS X Universal Binary can be created.
+#
+# Revision 1.151  2006/11/30 01:08:55  hal9
+# Fix problem with variable declarations in the Slackware section. Thanks to higuita.
+#
+# Revision 1.150  2006/10/25 11:55:45  fabiankeil
+# Fix sed regexes for rewriting "confdir ." and "logdir .".
+# Thanks to Darel Henman for reporting this.
+#
+# Revision 1.149  2006/10/11 01:40:28  hal9
+# Apply patch from  Neil McCalden to fix syntax issue.
+#
+# Revision 1.148  2006/09/26 10:57:58  hal9
+# Including Karsten's patch to fix make create-snapshot.
+#
+# Revision 1.147  2006/09/13 01:25:16  hal9
+# Make sure install forces in new default.action, default.filter, and
+# standard.filter. These are privoxy files, not user files.
+#
+# Revision 1.146  2006/09/08 23:57:19  hal9
+# User manual images are now user-manual doc directory, and fix make install
+# target accordingly.
+#
+# Revision 1.145  2006/09/08 02:32:00  hal9
+# Various changes to implement building and installing docs to be compatible
+# with the new "user-manual" settings in config from Roland. Docbook does not
+# seem to like dealing with more than one css file, so workaround that here.
+# Change 'make install' so it provides p_doc.css in the user-manual doc
+# directory so that functions well, and lastly modify 'make install' so that the
+# PATH is automatically set, and the 'user-manual' directive should done during
+# the install.
+#
+# Revision 1.144  2006/09/07 22:53:20  hal9
+# Make sure config sgml build related artifacts are cleaned out.
+#
+# Revision 1.143  2006/09/02 15:59:40  hal9
+# Add to code status to make install output.
+#
+# Revision 1.142  2006/08/29 01:46:24  hal9
+# Add user.filter to $CONFIGS.
+#
+# Revision 1.141  2006/08/12 03:54:37  david__schmidt
+# Windows service integration
+#
+# Revision 1.140  2006/07/18 14:48:45  david__schmidt
+# Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+# with what was really the latest development (the v_3_0_branch branch)
+#
+# Revision 1.104.2.28  2004/06/10 17:06:05  hal9
+# Fix bug #959617, by moving TMPDIR var to create-snapshot target, which is the
+# only place it is used.
+#
+# Revision 1.104.2.27  2004/02/07 16:11:10  oes
+# Make clobber remove the autom4te.cache dir.
+# Closes BR #889300
+#
+# Revision 1.104.2.26  2004/01/31 16:32:25  oes
+# Adding a check for an htmldoc variant from the debian diff
+#
+# Revision 1.104.2.25  2004/01/31 01:15:33  oes
+# Fixed a typo; updated copyright notice
+#
+# Revision 1.104.2.24  2003/12/03 10:30:02  oes
+# - Added new dependency: actions.c -> ssplit.h
+# - Excluded PDF docs from src tarball
+#
+# Revision 1.104.2.23  2003/04/20 17:28:52  hal9
+# Strip trailing spaces from config-file generation, bug #724596.
+#
+# Revision 1.104.2.22  2003/03/28 03:32:01  hal9
+# Minor changes for Privoxy home page:
+#  - Handle © more sanely
+#  - include link to announce.txt
+# Also, disable 'make announce' target.
+#
+# Revision 1.104.2.21  2002/11/04 07:04:03  hal9
+# Catch up with main trunk install/uninstall. Quiet output, etc.
+#
+# Revision 1.104.2.20  2002/10/25 02:44:22  hal9
+# Port of make install, etc from main trunk. Needs testing! Add Slackware
+# support, and other related changes. Update related docs.
+#
+# Revision 1.104.2.19  2002/09/26 22:50:02  hal9
+# New user-manual examples in config-file are getting wrapped. Add warning.
+#
+# Revision 1.104.2.18  2002/08/23 12:22:40  oes
+# Added warning to broken install target
+#
+# Revision 1.104.2.17  2002/08/16 03:19:34  hal9
+# More (minor) cleanup of html before pdf processing to make some relative
+# links work as pdf -> pdf. Upload pdf as zip archive now.
+#
+# Revision 1.104.2.16  2002/08/14 16:43:27  hal9
+# Added pdf docs to make webserver target.
+#
+# Revision 1.104.2.15  2002/08/11 20:02:41  hal9
+# New targets for man page (make man) and pdf (make dok-pdf) targets.
+#
+# Revision 1.104.2.14  2002/08/10 11:19:37  oes
+# - Make -Ipcre (again) conditional on STATIC_PCRE
+# - $(RPMBUILD) -> $(RPM) for SuSE
+# - Add dependency: pcrs.o deps on config.h
+#
+# Revision 1.104.2.13  2002/08/07 15:13:54  hal9
+# Remove pdf2 target, and make it dok-shtml (single page html for pdf
+# conversion).
+#
+# Revision 1.104.2.12  2002/08/06 11:29:36  oes
+# Fixed detection/inclusion of pcre.h, which is in a pcre subdir on RH
+#
+# Revision 1.104.2.11  2002/07/30 19:38:11  hal9
+# Add redhat-test target for testing purposes only. Fix RPM_PACKAGEV to what
+# *I think* it was supposed to be (was breaking upload targets since it was
+# set to RPM_VERSION).
+#
+# Revision 1.104.2.10  2002/07/27 22:56:53  kick_
+# cleanups of the redhat-srpm target
+#
+# Revision 1.104.2.9  2002/07/26 15:17:02  oes
+# - Added generation of default.action from defaul.action.master
+# - Deleted obsolete re_filterfile.txt generation
+#
+# Revision 1.104.2.8  2002/07/12 10:04:32  kick_
+# added helper targets to the makefile. They shouldn't break anything, but
+# make my life a lot easier.
+#
+# The new rpm has been splitted into two parts, one for package installation/
+# removal, one for package building.
+# Therefore rpm -ta isn't a valid command anymore and needs to be replaced
+# by rpmbuild -ta  (this is backwards compatible)
+#
+# Revision 1.104.2.7  2002/06/07 00:23:47  hal9
+# Fixing a quirk of man2html (on my system) that pulls punctuation into URLs,
+# thus breaking them completely.
+#
+# Revision 1.104.2.6  2002/06/02 03:26:25  hal9
+# Update CONFIG_FILES (ie update basic.action, etc), and also DOC_FILES (exclude
+# index.html and team/index.html)
+#
+# Revision 1.104.2.5  2002/05/30 15:35:01  hal9
+# This is more cleanup on the make config-file target. Most issues for
+# automatic generation are taken care of. There are still some problems
+# that require hand editing. Namely, some of the examples that are > 80 chars.
+#
+# Revision 1.104.2.4  2002/05/29 02:12:17  hal9
+# Ooops...forgot about perl -pi cygwin problem. Add -pi.bak. Also, the
+# new target is 'make config-file', _not_ make config.
+#
+# Revision 1.104.2.3  2002/05/29 02:05:48  hal9
+# 'make config' target added (WIP) for future generation of config file from
+# text in u-m so the two are in sync. New generated config, which requires
+# some hand editing for the time being.
+#
+# Revision 1.104.2.2  2002/05/28 02:32:55  hal9
+# New target 'make dok-index' for privoxy-index.html. Also, fixed *.bak files
+# not being cleaned up in doc/webserver.
+#
+# Revision 1.104.2.1  2002/05/26 17:19:34  hal9
+# Remove Table of Contents from readme with oes's dsl trick.
+#
+# Revision 1.104  2002/05/24 00:03:49  oes
+# Use p_doc.css for the Homepage for consistency
+#
+# Revision 1.103  2002/05/23 23:19:00  oes
+# Use dsl without TOC for the homepage
+#
+# Revision 1.102  2002/05/16 01:20:17  hal9
+# make announce target added.
+#
+# Revision 1.101  2002/05/15 12:28:46  oes
+# Trying to keep Hal happy :)
+#
+# Revision 1.100  2002/05/08 13:48:18  hal9
+# Ooops, that trashed JB v2.0.2 comment. Fixed.
+#
+# Revision 1.99  2002/05/08 13:42:07  hal9
+# This fixes the numbering problem on index.html in contact info section (.1.). Using
+# perl, since its way too convoluted to try to fix proper with docbook.
+#
+# Revision 1.98  2002/05/03 14:33:06  oes
+# Replaced ldp(OK).dsl handling with generation via autoconf; handle all file exeptions to src tarball via find
+#
+# Revision 1.97  2002/04/27 20:27:43  swa
+# no longer needed due to new
+# PACKAGE_VERSION process
+#
+# Revision 1.96  2002/04/27 17:44:32  morcego
+# - Correcting typo in my name (Rodrigo, not Rodgrigo) :-)
+# - Using the RM macro everywhere rm is called (either we use, or don't)
+# - Same for RPM
+#
+# Revision 1.95  2002/04/27 15:37:25  swa
+# replacing directory in document creation process
+# no longer necessary.
+#
+# Revision 1.94  2002/04/27 08:23:29  swa
+# pdf process reviewed and cleaned up
+#
+# Revision 1.93  2002/04/27 04:55:53  morcego
+# privoxy-cl.spec now gets removed by clobber target
+#
+# Revision 1.92  2002/04/27 04:53:40  morcego
+# Adding --exclude "PACKAGERS" to every tar command that applies (not for
+#   webserver target)
+#
+# Revision 1.91  2002/04/27 04:44:51  morcego
+# GNUmakefile.in: The tarball created on redhat-dist and suse-dist now ignore
+#   the PACKAGERS file, as well privoxy-cl.spec (in case it was created)
+# GNUmakefile.in: New targets -> conectiva-spec, conectiva-dist and
+#   conectiva-upload
+# genclspec.sh  : New file to generate, from privoxy-rh.spec, a specfile
+#   for Conectiva Linux
+#
+# Revision 1.90  2002/04/26 17:46:53  swa
+# be consistent
+#
+# Revision 1.89  2002/04/26 17:20:54  swa
+# just produce single html files to proces them later with Destiller or somesuch. looks prettier.
+#
+# Revision 1.88  2002/04/25 19:13:57  morcego
+# Removed RPM release number declaration on configure.in
+# Changed makefile to use given value for RPM_PACKAGEV when on uploading
+# targets (will produce an error, explaining who to do it, if no value
+# if provided).
+#
+# Revision 1.87  2002/04/23 14:10:59  swa
+# now create pdf documents
+#
+# Revision 1.86  2002/04/15 04:30:27  hal9
+# Missed two -pi.bak's on perl/cygwin problem.
+#
+# Revision 1.85  2002/04/14 01:05:34  hal9
+# Revert dok-webserver change for SF logo.
+#
+# Revision 1.84  2002/04/13 22:43:25  hal9
+# -Fix dok-webserver for SF logo (more perl).
+# -Change all perl -pi to perl -pi.bak for Cygwin problem.
+#
+# Revision 1.83  2002/04/12 09:39:25  oes
+# Excluding yet more files from tarball; making dist warning yet more scary
+#
+# Revision 1.82  2002/04/11 21:07:11  oes
+# Excluding more files from tarball build
+#
+# Revision 1.81  2002/04/11 14:40:27  oes
+# Fixed typo -- Thanks, Moritz!
+#
+# Revision 1.80  2002/04/11 12:50:00  oes
+# Fixed tarball-dist target
+#
+# Revision 1.79  2002/04/11 06:49:28  oes
+# webserver target: silenced timestamp warnings resulting from uploading westwards, made permissions fixing independant of screwed local dir permissions, suppress (false alarm) make error if not owner of feedback log
+#
+# Revision 1.78  2002/04/09 13:37:11  sarantis
+# fix tar options typo
+#
+# Revision 1.77  2002/04/09 13:28:53  swa
+# build suse and gen-dist with html docs
+#
+# Revision 1.76  2002/04/08 22:43:41  oes
+# Fix: Include dotfiles in fixing webserver permissions
+#
+# Revision 1.75  2002/04/08 22:14:59  oes
+# Silencing tar warnings in the web* targets
+#
+# Revision 1.74  2002/04/08 15:22:44  hal9
+# This has finishing touches for dok building. Should be ready to go.
+# -The main doc build is now 'make dok', should work on Redhat too.
+# -Removed man page from main doc build. It is built separately due to
+#  perl scripts that most aren't likely to have.
+#
+# Revision 1.73  2002/04/08 14:03:24  oes
+# oes for al: Fix install target
+#
+# Revision 1.72  2002/04/08 13:42:11  oes
+# Added safety check to *-dist targets; fixed permissions for feedback logfile
+#
+# Revision 1.71  2002/04/07 20:32:03  hal9
+# -Add meta data kludge for make dok-webserver via $(PERL).
+# -Add subdirs for 'make dok-release'.
+#
+# Revision 1.70  2002/04/07 08:59:40  swa
+# generated files. do NOT edit.
+# fixed directory bug in makefile.
+#
+# Revision 1.69  2002/04/07 08:10:47  swa
+# create some of the webserver docs
+# automatically (in particular if
+# those docs recycle other documentation
+# fragments). Now committed webserver's
+# index file.
+#
+# Revision 1.68  2002/04/07 07:58:11  swa
+# create some of the webserver docs
+# automatically (in particular if
+# those docs recycle other documentation
+# fragments)
+#
+# Revision 1.67  2002/04/07 05:31:42  hal9
+# Add 'dok-release' target:
+# -Set doc entities to VERSION and CODE_STATUS during make.
+# -Set doc conditional content flags (stable vs non-stable).
+# A separate target for the time being but needs to be incorporated into
+# dok build at some point.
+# -Filter out a spurious ^G from new man page > html converion in man2html.
+#
+# Revision 1.66  2002/04/06 20:28:21  jongfoster
+# Prettifying groff2html.
+# Using GNU Make's conditional makefile feature rather than shell "if"s.
+# (The shell "if"s were hiding errors)
+# "perl" -> "$(PERL)"
+# Spaces->tabs in a couple of places.
+#
+# Revision 1.65  2002/04/06 05:16:39  hal9
+# -Add 'authors' and 'man' targets for AUTHORS and man-page (WIP).
+# -Both of these will soon be generated files.
+#
+# Revision 1.64  2002/04/04 22:14:51  oes
+# No longer rely on find honoring -iname
+#
+# Revision 1.63  2002/04/04 21:06:22  swa
+# cosmetics.
+#
+# Revision 1.62  2002/04/04 20:49:50  swa
+# attempt to consolidate the
+# different dokbook versions.
+#
+# Revision 1.61  2002/04/04 19:18:21  swa
+# readme was leftover directory. use w3m instead
+# of lynx to be consistent among developers. use
+# consistent target naming.
+#
+# Revision 1.60  2002/04/04 12:25:41  oes
+# Tidy webserver upload w/o *~ files, CVS dirs and logfiles and with proper dir and file permissions
+#
+# Revision 1.59  2002/04/04 08:32:45  swa
+# wrong name for tarball-dist target. further fixed content of tarball dist
+#
+# Revision 1.58  2002/04/04 06:32:58  hal9
+# New dok targets for make readme.
+#
+# Revision 1.57  2002/04/04 00:36:36  gliptak
+# always use pcre for matching
+#
+# Revision 1.56  2002/04/03 22:28:03  gliptak
+# Removed references to gnu_regex
+#
+# Revision 1.55  2002/04/03 19:54:29  swa
+# freebsd tested to work. attempt to move tarball dist target forward
+#
+# Revision 1.54  2002/04/03 14:54:07  oes
+# Standard clean and clobber semantics II
+#
+# Revision 1.53  2002/04/03 14:19:16  oes
+# Standard clean and clobber semantics
+#
+# Revision 1.52  2002/04/03 02:56:18  hal9
+# Revert previous FAQ numbering kludge.
+#
+# Revision 1.51  2002/04/02 13:03:56  oes
+# Added fix for webserver permissions
+#
+# Revision 1.50  2002/04/02 03:46:24  hal9
+# Rewrite ldpOK.dsl so that sections are NOT numbered on FAQ, in an effort
+# to make the Table of Contents not so 'busy' looking. SuSE needs testing :)
+#
+# Revision 1.49  2002/03/30 22:20:12  swa
+# cd didn't work. neither did find.
+#
+# Revision 1.48  2002/03/30 19:04:06  swa
+# people release differently. no good.
+# I want to make parts of the docs only.
+#
+# Revision 1.47  2002/03/30 09:05:21  swa
+# better packaging. better rpm building.
+# tar failed on sun (no exclude there).
+#
+# Revision 1.46  2002/03/29 20:09:01  swa
+# al's patch
+#
+# Revision 1.45  2002/03/29 19:45:45  swa
+# for lazy swa
+#
+# Revision 1.44  2002/03/29 17:42:44  gliptak
+# Correcting for Solaris tar limitations
+#
+# Revision 1.43  2002/03/29 07:40:03  swa
+# fixed make webserver. doh
+#
+# Revision 1.42  2002/03/29 06:59:04  swa
+# other users could not modify files on webserver
+#
+# Revision 1.41  2002/03/28 20:43:00  swa
+# set make correctly
+#
+# Revision 1.40  2002/03/28 04:22:44  hal9
+# More on man2html stuff.
+#
+# Revision 1.39  2002/03/28 01:04:14  hal9
+# More man2html stuff for docs.
+#
+# Revision 1.38  2002/03/27 16:02:30  swa
+# have a generic target
+#
+# Revision 1.37  2002/03/27 15:30:26  swa
+# have a consistent appearance
+#
+# Revision 1.36  2002/03/27 14:58:08  swa
+# can be used by mutilple targets
+#
+# Revision 1.35  2002/03/27 14:53:19  swa
+# added solaris-dist
+#
+# Revision 1.34  2002/03/27 10:30:11  swa
+# we want a html man file on the webserver
+#
+# Revision 1.33  2002/03/27 03:05:35  hal9
+# Added man2html target for docs (redhat-dok only for now)
+#
+# Revision 1.32  2002/03/26 22:29:54  swa
+# we have a new homepage!
+#
+# Revision 1.31  2002/03/26 14:00:18  swa
+# fixed make tarball, tarball-dist, tarball-clean
+#
+# Revision 1.30  2002/03/25 12:52:25  swa
+# new targets
+#
+# Revision 1.29  2002/03/24 17:03:55  jongfoster
+# Name change
+#
+# Revision 1.28  2002/03/24 16:19:48  swa
+# configure needs to be generated.
+#
+# Revision 1.27  2002/03/24 16:13:57  swa
+# generated files are a nono in cvs
+#
+# Revision 1.26  2002/03/24 15:36:02  swa
+# did not build.
+#
+# Revision 1.25  2002/03/24 14:31:08  swa
+# remove more crappy files. set RPM
+# release version correctly.
+#
+# Revision 1.24  2002/03/24 14:19:55  swa
+# set rpm package release in configure.in. nowhere else.
+#
+# Revision 1.23  2002/03/24 13:06:49  swa
+# suse-clean now runs fine
+#
+# Revision 1.22  2002/03/24 12:56:21  swa
+# name change related issues.
+#
+# Revision 1.21  2002/03/24 12:43:57  swa
+# name change
+#
+# Revision 1.20  2002/03/24 11:39:17  jongfoster
+# Renaming config files
+#
+# Revision 1.19  2002/03/22 20:53:03  morcego
+# - Ongoing process to change name to JunkbusterNG
+# - configure/configure.in: no change needed
+# - GNUmakefile.in:
+#         - TAR_ARCH = /tmp/JunkbusterNG-$(RPM_VERSION).tar.gz
+#         - PROGRAM    = jbng at EXEEXT@
+#         - rh-spec now references as junkbusterng-rh.spec
+#         - redhat-upload: references changed to junkbusterng-* (package names)
+#         - tarball-dist: references changed to JunkbusterNG-distribution-*
+#         - tarball-src: now JunkbusterNG-*
+#         - install: initscript now junkbusterng.init and junkbusterng (when
+#                    installed)
+# - junkbuster-rh.spec: renamed to junkbusterng-rh.spec
+# - junkbusterng.spec:
+#         - References to the expression ijb where changed where possible
+#         - New package name: junkbusterng (all in lower case, acording to
+#           the LSB recomendation)
+#         - Version changed to: 2.9.13
+#         - Release: 1
+#         - Added: junkbuster to obsoletes and conflicts (Not sure this is
+#           right. If it obsoletes, why conflict ? Have to check it later)
+#         - Summary changed: Stefan, please check and aprove it
+#         - Changes description to use the new name
+#         - Sed string was NOT changed. Have to wait to the manpage to
+#           change first
+#         - Keeping the user junkbuster for now. It will require some aditional
+#           changes on the script (scheduled for the next specfile release)
+#         - Added post entry to move the old logfile to the new log directory
+#         - Removing "chkconfig --add" entry (not good to have it automaticaly
+#           added to the startup list).
+#         - Added preun section to stop the service with the old name, as well
+#           as remove it from the startup list
+#         - Removed the chkconfig --del entry from the conditional block on
+#           the preun scriptlet (now handled on the %files section)
+# - junkbuster.init: renamed to junkbusterng.init
+# - junkbusterng.init:
+#         - Changed JB_BIN to jbng
+#         - Created JB_OBIN with the old value of JB_BIN (junkbuster), to
+#           be used where necessary (config dir)
+#
+# Aditional notes:
+# - The config directory is /etc/junkbuster yet. Have to change it on the
+# specfile, after it is changes on the code
+# - The only files that got renamed on the cvs tree were the rh specfile and
+# the init file. Some file references got changes on the makefile and on the
+# rh-spec (as listed above)
+#
+# Revision 1.18  2002/03/21 23:00:00  swa
+# want to autogenerate stuff.
+#
+# Revision 1.17  2002/03/19 19:30:04  morcego
+# - Fixing stylesheet checking on configure. If it is found, no further checks
+#   should be done
+#
+# - configure will now check for db2html or docbook2html (should work now
+#   on SuSe without the docbktls package)
+#
+# Revision 1.16  2002/03/14 22:32:32  hal9
+# Bumped the RPM version.
+#
+# Revision 1.15  2002/03/08 20:00:28  swa
+# some leftovers.
+#
+# Revision 1.14  2002/03/07 18:25:56  swa
+# synced redhat and suse build process
+#
+# Revision 1.13  2002/03/07 17:17:56  oes
+# (Hopefully) fixed for older make versions
+#
+# Revision 1.12  2002/03/07 15:28:27  swa
+# more informative
+#
+# Revision 1.11  2002/03/06 14:33:18  sarantis
+# Use proper temp file, not "abc".
+#
+# Revision 1.10  2002/03/06 14:19:35  sarantis
+# Cleanup PID_FILE_PATH from redhat-dist target
+#
+# Revision 1.9  2002/03/05 17:31:11  morcego
+# Search for docbook.dsl. Should solve portability problems for SuSe.
+#
+# Revision 1.8  2002/03/05 14:07:42  morcego
+# configure now detects rpm topdir, and change GNUmakefile acordingly
+#    (based on sugestion by Sarantis Paskalis)
+#
+# Revision 1.7  2002/03/05 13:43:28  morcego
+# Checking for text browser, so redhat-dok can work.
+#
+# Revision 1.6  2002/03/05 13:10:51  morcego
+# Changes to implement redhat-dok (Hal Burgiss)
+# Changes to make it work on other distros and out-of-the-shelf configurations
+#
+# Revision 1.5  2002/02/27 15:30:39  hal9
+# Reset $(RPM_PACKAGEV) to 1 (was 2)
+#
+# Revision 1.4  2002/01/17 21:44:04  jongfoster
+# Adding urlmatch.[ch]
+#
+# Revision 1.3  2002/01/04 15:26:08  oes
+# Added tarball-src target
+#
+# Revision 1.2  2001/12/30 14:07:31  steudten
+# - Add signal handling (unix)
+# - Add SIGHUP handler (unix)
+# - Add creation of pidfile (unix)
+# - Add action 'top' in rc file (RH)
+# - Add entry 'SIGNALS' to manpage
+# - Add exit message to logfile (unix)
+#
+# Revision 1.1  2001/12/01 11:22:57  jongfoster
+# Renaming Makefile.in to GNUmakefile.in so that non-GNU versions of
+# make break in a more obvious way.
+# Adding .PHONY section.
+#
+# Revision 1.40  2001/12/01 00:24:11  jongfoster
+# Renaming various config files
+# Fixing CR->CRLF under Win32 (I hope)
+#
+# Revision 1.39  2001/11/06 12:07:30  steudten
+# Add --clean for building rpm in target redhat-dist.
+#
+# Revision 1.38  2001/11/05 21:35:23  steudten
+# Complete rewrite for the 'redhat-dist' target.
+# Checks for writeable RPM build directories for calling user.
+# So you must not be root, just set the modes to 1777 to
+# build a RH package.
+# Fix the upload-target to be arch independant.
+# Add target for 'solaris-dist' - coming soon.
+#
+# Revision 1.37  2001/11/01 00:52:04  hal9
+# Redhat-upload stuff per Stefan.
+#
+# Revision 1.36  2001/10/31 19:26:13  swa
+# automate process of uploading new releases
+# to sf.
+#
+# Revision 1.35  2001/10/15 22:14:59  joergs
+# Removed -O2 and -Wall from AmigaOS-only CFLAGS since they are now in
+#  the general CFLAGS already.
+#
+# Revision 1.34  2001/10/15 18:28:06  steudten
+# remove config.cache for target clobber.
+# Cleanup make dist for RH and S.u.S.E.
+#
+# Revision 1.33  2001/10/10 12:43:33  oes
+# Added ugly hack to make install target work at least for some setups.
+#
+# Revision 1.32  2001/10/09 22:38:19  jongfoster
+# Correcting actionsfile filename for Win32 INI build
+#
+# Revision 1.31  2001/09/23 10:13:48  swa
+# upload process established. run make webserver and
+# the documentation is moved to the webserver. documents
+# are now linked correctly.
+#
+# Revision 1.30  2001/09/19 17:55:49  oes
+# Fixed CFLAGS
+#
+# Revision 1.29  2001/09/16 17:34:27  jongfoster
+# Removing showargs.[ch], adding cgi(simple|edit).[ch]
+# Replacing $(OBJEXT) with @OBJEXT@ - this seems to be a common source
+# of build problems.
+#
+# Revision 1.28  2001/09/13 15:19:08  swa
+# we want text files as well.
+#
+# Revision 1.27  2001/09/13 13:11:37  steudten
+#
+# Replace DEBUG_CFLAGS with OTHER_CFLAGS
+#
+# Revision 1.26  2001/09/12 23:44:54  david__schmidt
+# Mac OSX (Darwin) support added.
+#
+# Revision 1.25  2001/09/12 22:55:45  joergs
+# AmigaOS support added.
+#
+# Revision 1.24  2001/09/12 17:28:59  david__schmidt
+#
+# OS/2 port: update autoconf'd support for the platform.
+#
+# Revision 1.23  2001/09/12 16:28:42  swa
+# added "make dok" section to generate html pages from
+# the sgml source documents. note that the we do not want
+# generated stuff in cvs.
+#
+# Revision 1.22  2001/09/10 16:31:23  swa
+# buildroot definition in the specfile fucks up the build
+# process under suse. hence I moved it to the "rpm -ta"
+# command
+#
+# Revision 1.21  2001/09/10 11:12:49  oes
+# Turning on -Wall
+#
+# Revision 1.20  2001/08/02 22:04:29  jongfoster
+# Removing some remaining references to obsolete w32rulesdlg.[ch]
+#
+# Revision 1.19  2001/07/30 22:14:03  jongfoster
+# Removing obsolete w32rulesdlg.c and w32rulesdlg.h
+#
+# Revision 1.18  2001/07/29 17:09:17  jongfoster
+# Major changes to build system in order to fix these bugs:
+# - pthreads under Linux was broken - changed -lpthread to -pthread
+# - Compiling in MinGW32 mode under CygWin now correctly detects
+#   which shared libraries are available
+# - Solaris support (?) (Not tested under Solaris yet)
+#
+# Revision 1.17  2001/07/28 16:44:54  oes
+# Fixed sed LF->CRLF conversion and removed deprecated files
+#
+# Revision 1.16  2001/07/15 19:45:33  jongfoster
+# Added support for linking with POSIX threads library
+#
+# Revision 1.15  2001/07/13 13:48:07  oes
+#  - Moved STATIC #define for pcre to (ac)config.h
+#  - Made -Ipcre depandant on static pcre compilation to
+#    avoid version conflicts
+#  - Included compilation and depandancies for new deanimate.c
+#  - Made changes to the pcre/pcreposix/pcrs build process
+#    as required by the new library autodetection in
+#    configure.in
+#
+# Revision 1.14  2001/07/01 16:27:44  oes
+# Fixed misplaced dependancy
+#
+# Revision 1.13  2001/06/29 13:18:36  oes
+# - added depandancy of filters.o on cgi.h
+#
+# Revision 1.12  2001/06/12 17:15:56  swa
+# fixes, because a clean build on rh6.1 was impossible.
+# GZIP confuses make, %configure confuses rpm, etc.
+#
+# Revision 1.11  2001/06/11 11:26:35  sarantis
+# RPM version should be the same as ijbswa version.  The rpm release is
+# specified in the specfile.
+#
+# Revision 1.10  2001/06/07 17:27:45  swa
+# added suse build section
+#
+# Revision 1.9  2001/06/04 18:31:58  swa
+# files are now prefixed with either `confdir' or `logdir'.
+# `make redhat-dist' replaces both entries confdir and logdir
+# with redhat values
+#
+# Revision 1.8  2001/06/04 10:44:57  swa
+# `make redhatr-dist' now works. Except for the paths
+# in the config file.
+#
+# Revision 1.7  2001/06/03 17:09:09  swa
+# swa for oes: reversed my earlier change
+#
+# Revision 1.6  2001/06/03 17:07:27  swa
+# swa for oes
+#
+# Revision 1.5  2001/06/03 13:57:26  swa
+# compile cgi.c (for andreas' GUI)
+#
+# Revision 1.4  2001/05/31 21:18:45  jongfoster
+# Added files actions.[ch], actionlist.h, list.[ch] to Makefile
+#
+# Revision 1.3  2001/05/29 20:02:48  joergs
+# Changes for AmigaOS added.
+#
+# Revision 1.2  2001/05/17 22:23:23  oes
+#  - Added auto-generation of CRLFs for Win32 config files
+#  - Added comment-prefix to all Win32-only options in the config file
+#    and provided auto stripping of this prefix for the Win32 platform by make
+#
+# Revision 1.1.1.1  2001/05/15 13:59:00  oes
+# Initial import of version 2.9.3 source tree
+#
+#
diff --git a/external/privoxy/INSTALL b/external/privoxy/INSTALL
new file mode 100644
index 0000000..f17eadb
--- /dev/null
+++ b/external/privoxy/INSTALL
@@ -0,0 +1,173 @@
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/INSTALL,v $
+ *
+ * Purpose     :  INSTALL file to help with installing from source.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2009 the
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
+ *                or write to the Free Software Foundation, Inc., 
+ *                51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, 
+ *                USA
+ *
+ *********************************************************************/
+   
+
+-------------------------------------------------------------------------------
+
+To build Privoxy from source, autoconf, GNU make (gmake), and, of course, a C
+compiler like gcc are required.
+
+When building from a source tarball, first unpack the source:
+
+ tar xzvf privoxy-3.0.12-stable-src.tar.gz
+ cd privoxy-3.0.12-stable
+
+
+For retrieving the current CVS sources, you'll need a CVS client installed.
+Note that sources from CVS are typically development quality, and may not be
+stable, or well tested. To download CVS source, check the Sourceforge
+documentation, which might give commands like:
+
+  cvs -d:pserver:anonymous at ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa login
+  cvs -z3 -d:pserver:anonymous at ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa co current
+  cd current
+
+
+This will create a directory named current/, which will contain the source
+tree.
+
+You can also check out any Privoxy "branch", just exchange the current name
+with the wanted branch name (Example: v_3_0_branch for the 3.0 cvs tree).
+
+It is also strongly recommended to not run Privoxy as root. You should
+configure/install/run Privoxy as an unprivileged user, preferably by creating a
+"privoxy" user and group just for this purpose. See your local documentation
+for the correct command line to do add new users and groups (something like
+adduser, but the command syntax may vary from platform to platform).
+
+/etc/passwd might then look like:
+
+  privoxy:*:7777:7777:privoxy proxy:/no/home:/no/shell
+
+
+And then /etc/group, like:
+
+  privoxy:*:7777:
+
+
+Some binary packages may do this for you.
+
+Then, to build from either unpacked tarball or CVS source:
+
+ autoheader
+ autoconf
+ ./configure      # (--help to see options)
+ make             # (the make from GNU, sometimes called gmake)
+ su               # Possibly required
+ make -n install  # (to see where all the files will go)
+ make -s install  # (to really install, -s to silence output)
+
+
+Using GNU make, you can have the first four steps automatically done for you by
+just typing:
+
+  make
+
+
+in the freshly downloaded or unpacked source directory.
+
+To build an executable with security enhanced features so that users cannot
+easily bypass the proxy (e.g. "Go There Anyway"), or alter their own
+configurations, configure like this:
+
+ ./configure  --disable-toggle  --disable-editor  --disable-force
+
+
+Then build as above. In Privoxy 3.0.7 and later, all of these options can also
+be disabled through the configuration file.
+
+WARNING: If installing as root, the install will fail unless a non-root user or
+group is specified, or a privoxy user and group already exist on the system. If
+a non-root user is specified, and no group, then the installation will try to
+also use a group of the same name as "user". If a group is specified (and no
+user), then the support files will be installed as writable by that group, and
+owned by the user running the installation.
+
+configure accepts --with-user and --with-group options for setting user and
+group ownership of the configuration files (which need to be writable by the
+daemon). The specified user must already exist. When starting Privoxy, it must
+be run as this same user to insure write access to configuration and log files!
+
+Alternately, you can specify user and group on the make command line, but be
+sure both already exist:
+
+ make -s install  USER=privoxy GROUP=privoxy
+
+
+The default installation path for make install is /usr/local. This may of
+course be customized with the various ./configure path options. If you are
+doing an install to anywhere besides /usr/local, be sure to set the appropriate
+paths with the correct configure options (./configure --help). Non-privileged
+users must of course have write access permissions to wherever the target
+installation is going.
+
+If you do install to /usr/local, the install will use sysconfdir=$prefix/etc/
+privoxy by default. All other destinations, and the direct usage of
+--sysconfdir flag behave like normal, i.e. will not add the extra privoxy
+directory. This is for a safer install, as there may already exist another
+program that uses a file with the "config" name, and thus makes /usr/local/etc
+cleaner.
+
+If installing to /usr/local, the documentation will go by default to $prefix/
+share/doc. But if this directory doesn't exist, it will then try $prefix/doc
+and install there before creating a new $prefix/share/doc just for Privoxy.
+
+Again, if the installs goes to /usr/local, the localstatedir (ie: var/) will
+default to /var instead of $prefix/var so the logs will go to /var/log/privoxy
+/, and the pid file will be created in /var/run/privoxy.pid.
+
+make install will attempt to set the correct values in config (main
+configuration file). You should check this to make sure all values are correct.
+If appropriate, an init script will be installed, but it is up to the user to
+determine how and where to start Privoxy. The init script should be checked for
+correct paths and values, if anything other than a default install is done.
+
+If install finds previous versions of local configuration files, most of these
+will not be overwritten, and the new ones will be installed with a "new"
+extension. default.action and default.filter will be overwritten. You will then
+need to manually update the other installed configuration files as needed. The
+default template files will be overwritten. If you have customized, local
+templates, these should be stored safely in a separate directory and defined in
+config by the "templdir" directive. It is of course wise to always back-up any
+important configuration files "just in case". If a previous version of Privoxy
+is already running, you will have to restart it manually.
+
+For more detailed instructions on how to build Redhat RPMs, Windows
+self-extracting installers, building on platforms with special requirements
+etc, please consult the developer manual.
+
+The simplest command line to start Privoxy is $path/privoxy --user=privoxy
+$path/etc/privoxy/config. See privoxy --usage, or the man page, for other
+options, and configuration.
+
diff --git a/external/privoxy/LICENSE b/external/privoxy/LICENSE
new file mode 100644
index 0000000..d511905
--- /dev/null
+++ b/external/privoxy/LICENSE
@@ -0,0 +1,339 @@
+		    GNU GENERAL PUBLIC LICENSE
+		       Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+			    Preamble
+
+  The licenses for most software are designed to take away your
+freedom to share and change it.  By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users.  This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it.  (Some other Free Software Foundation software is covered by
+the GNU Lesser General Public License instead.)  You can apply it to
+your programs, too.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+  To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+  For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have.  You must make sure that they, too, receive or can get the
+source code.  And you must show them these terms so they know their
+rights.
+
+  We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+  Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software.  If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+  Finally, any free program is threatened constantly by software
+patents.  We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary.  To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+		    GNU GENERAL PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License.  The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language.  (Hereinafter, translation is included without limitation in
+the term "modification".)  Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope.  The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+  1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+  2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+    a) You must cause the modified files to carry prominent notices
+    stating that you changed the files and the date of any change.
+
+    b) You must cause any work that you distribute or publish, that in
+    whole or in part contains or is derived from the Program or any
+    part thereof, to be licensed as a whole at no charge to all third
+    parties under the terms of this License.
+
+    c) If the modified program normally reads commands interactively
+    when run, you must cause it, when started running for such
+    interactive use in the most ordinary way, to print or display an
+    announcement including an appropriate copyright notice and a
+    notice that there is no warranty (or else, saying that you provide
+    a warranty) and that users may redistribute the program under
+    these conditions, and telling the user how to view a copy of this
+    License.  (Exception: if the Program itself is interactive but
+    does not normally print such an announcement, your work based on
+    the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole.  If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works.  But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+  3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+    a) Accompany it with the complete corresponding machine-readable
+    source code, which must be distributed under the terms of Sections
+    1 and 2 above on a medium customarily used for software interchange; or,
+
+    b) Accompany it with a written offer, valid for at least three
+    years, to give any third party, for a charge no more than your
+    cost of physically performing source distribution, a complete
+    machine-readable copy of the corresponding source code, to be
+    distributed under the terms of Sections 1 and 2 above on a medium
+    customarily used for software interchange; or,
+
+    c) Accompany it with the information you received as to the offer
+    to distribute corresponding source code.  (This alternative is
+    allowed only for noncommercial distribution and only if you
+    received the program in object code or executable form with such
+    an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it.  For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable.  However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+  4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License.  Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+  5. You are not required to accept this License, since you have not
+signed it.  However, nothing else grants you permission to modify or
+distribute the Program or its derivative works.  These actions are
+prohibited by law if you do not accept this License.  Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+  6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions.  You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+  7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all.  For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices.  Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+  8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded.  In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+  9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation.  If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+  10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission.  For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this.  Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+			    NO WARRANTY
+
+  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+		     END OF TERMS AND CONDITIONS
+
+	    How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+  To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the program's name and a brief idea of what it does.>
+    Copyright (C) <year>  <name of author>
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 2 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License along
+    with this program; if not, write to the Free Software Foundation, Inc.,
+    51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+    Gnomovision version 69, Copyright (C) year name of author
+    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+    This is free software, and you are welcome to redistribute it
+    under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License.  Of course, the commands you use may
+be called something other than `show w' and `show c'; they could even be
+mouse-clicks or menu items--whatever suits your program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary.  Here is a sample; alter the names:
+
+  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
+  `Gnomovision' (which makes passes at compilers) written by James Hacker.
+
+  <signature of Ty Coon>, 1 April 1989
+  Ty Coon, President of Vice
+
+This General Public License does not permit incorporating your program into
+proprietary programs.  If your program is a subroutine library, you may
+consider it more useful to permit linking proprietary applications with the
+library.  If this is what you want to do, use the GNU Lesser General
+Public License instead of this License.
diff --git a/external/privoxy/Makefile b/external/privoxy/Makefile
new file mode 100644
index 0000000..ed6d7ac
--- /dev/null
+++ b/external/privoxy/Makefile
@@ -0,0 +1,108 @@
+# $Id: Makefile,v 1.11 2006/07/18 14:48:45 david__schmidt Exp $
+#
+# Written by and Copyright (C) 2001 the SourceForge
+# Privoxy team. http://www.privoxy.org/
+#
+# Based on the Internet Junkbuster originally written
+# by and Copyright (C) 1997 Anonymous Coders and 
+# Junkbusters Corporation.  http://www.junkbusters.com
+#
+# This program is free software; you can redistribute it 
+# and/or modify it under the terms of the GNU General
+# Public License as published by the Free Software
+# Foundation; either version 2 of the License, or (at
+# your option) any later version.
+#
+# This program is distributed in the hope that it will
+# be useful, but WITHOUT ANY WARRANTY; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.  See the GNU General Public
+# License for more details.
+#
+# The GNU General Public License should be included with
+# this file.  If not, you can view it at
+# http://www.gnu.org/copyleft/gpl.html
+# or write to the Free Software Foundation, Inc., 59
+# Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
+# $Log: Makefile,v $
+# Revision 1.11  2006/07/18 14:48:45  david__schmidt
+# Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+# with what was really the latest development (the v_3_0_branch branch)
+#
+# Revision 1.5.2.2  2002/10/25 02:44:23  hal9
+# Port of make install, etc from main trunk. Needs testing! Add Slackware
+# support, and other related changes. Update related docs.
+#
+# Revision 1.5.2.1  2002/08/05 17:46:13  oes
+# Change make to gmake to fix auto-build on Solaris
+#
+# Revision 1.5  2002/04/11 12:51:34  oes
+# Bugfix
+#
+# Revision 1.4  2002/04/09 16:38:10  oes
+# Added option to run the whole build process
+#
+# Revision 1.3  2002/03/26 22:29:54  swa
+# we have a new homepage!
+#
+# Revision 1.2  2002/03/24 13:25:42  swa
+# name change related issues
+#
+# Revision 1.1  2001/12/01 11:24:29  jongfoster
+# Will display a warning if non-GNU make is used
+#
+#
+
+#############################################################################
+
+GNU_MAKE_CMD = gmake
+MAKE_CMD     = make
+
+error:
+	@if [ -f GNUmakefile ]; then \
+	    echo "***"; \
+	    echo "*** You are not using the GNU version of Make - maybe it's called gmake"; \
+	    echo "*** or it's in a different PATH? Please read INSTALL." ; \
+	    echo "***"; \
+	    exit 1; \
+	 elif test -n "$(HOST_ARCH)"  && test -z "$(MAKE_VERSION)" ; then \
+	    echo "***"; \
+	    echo "*** You are not using GNU Make on Solaris, please make sure you do" ; \
+	    echo "*** and re-run 'make' "; \
+	    echo "***"; \
+	    exit 1 ; \
+	 elif test -n "$(MACHINE_ARCH)"  && test -z "$(MAKE_VERSION)" ; then \
+	    echo "***"; \
+	    echo "*** You are not using GNU Make on FreeBSD, please make sure you do" ; \
+	    echo "*** and re-run 'make' "; \
+	    echo "***"; \
+	    exit 1 ; \
+	 else \
+	    echo "***"; \
+	    echo "*** To build this program, you must run"; \
+	    echo "*** autoheader && autoconf && ./configure and then run GNU make."; \
+	    echo "***"; \
+	    echo -n "*** Shall I do this for you now? (y/n) "; \
+	    read answer; \
+	    if [ "$$answer" = "y" ]; then \
+		autoheader && autoconf && ./configure || exit 1; \
+	  	if $(GNU_MAKE_CMD) -v |grep GNU >/dev/null 2>/dev/null; then \
+		   $(GNU_MAKE_CMD) ;\
+		elif $(MAKE_CMD) -v |grep GNU >/dev/null 2>/dev/null; then \
+		   $(MAKE_CMD) ;\
+		else \
+		   echo "Neither 'make' nor 'gmake' are GNU compatible!" ; \
+		   echo "Please read INSTALL." ; \
+		   exit 1 ; \
+		fi ;\
+	    fi; \
+	 fi
+
+.PHONY: error
+
+#############################################################################
+
+## Local Variables:
+## tab-width: 3
+## end:
diff --git a/external/privoxy/README b/external/privoxy/README
new file mode 100644
index 0000000..a145e81
--- /dev/null
+++ b/external/privoxy/README
@@ -0,0 +1,280 @@
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/README,v $
+ *
+ * Purpose     :  README file to give a short intro.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2009  the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 
+ *                51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, 
+ *                USA
+ *
+ *********************************************************************/
+
+This README is included with Privoxy 3.0.12. See http://www.privoxy.org/ for
+more information. The current code maturity level is "stable".
+
+-------------------------------------------------------------------------------
+
+Privoxy is a non-caching web proxy with advanced filtering capabilities for
+enhancing privacy, modifying web page data and HTTP headers, controlling
+access, and removing ads and other obnoxious Internet junk. Privoxy has a
+flexible configuration and can be customized to suit individual needs and
+tastes. It has application for both stand-alone systems and multi-user
+networks.
+
+Privoxy is Free Software and licensed under the GPL2.
+
+Privoxy is an associated project of Software in the Public Interest (SPI).
+Donations are welcome.
+
+-------------------------------------------------------------------------------
+
+1. IMPORTANT CHANGES
+
+March 2009, Privoxy 3.0.12 is released.
+
+This is primarily a bug fix release. See the "ChangeLog", and the "What's New"
+section and the "Upgrader's Notes" in the User Manual for details.
+
+February 2009, Privoxy 3.0.11 is released.
+
+As usual there are changes that effect the configuration. See the "ChangeLog",
+and the "What's New" section and the "Upgrader's Notes" in the User Manual for
+details and specifics.
+
+This is a stable release, and marks a departure for Privoxy development.
+
+Previously, odd numbered releases were considered beta versions and were only
+released at the end of the development cycle when the code was already believed
+to be stable. Usually it was, so the stable release contained pretty much the
+same code, but got a higher version number. In the future we intend to release
+several snapshots between stable releases. There will probably still be about
+two stable releases per year, but hopefully about six snapshots instead of the
+two betas we have now. The intentions is to make testing without CVS access
+easier.
+
+-------------------------------------------------------------------------------
+
+2. INSTALL
+
+See the INSTALL file in this directory, for installing from raw source, and the
+User Manual, for all other installation types.
+
+-------------------------------------------------------------------------------
+
+3. RUN
+
+privoxy [--help] [--version] [--no-daemon] [--pidfile PIDFILE] [--user USER
+[.GROUP]] [--chroot] [--pre-chroot-nslookup HOSTNAME ][config_file]
+
+See the man page or User Manual for an explanation of each option, and other
+configuration and usage issues.
+
+If no config_file is specified on the command line, Privoxy will look for a
+file named 'config' in the current directory (except Win32 which will look for
+'config.txt'). If no config_file is found, Privoxy will fail to start.
+
+Or for Red Hat and Fedora based distributions: /etc/rc.d/init.d/privoxy start
+
+Or Debian and Ubuntu: /etc/init.d/privoxy start
+
+-------------------------------------------------------------------------------
+
+4. CONFIGURATION
+
+See: 'config', 'default.action', 'user.action', 'default.filter', and
+'user.filter'. 'user.action' and 'user.filter' are for personal and local
+configuration preferences. These are all well commented. Most of the magic is
+in '*.action' files. 'user.action' should be used for any actions
+customizations. On Unix-like systems, these files are typically installed in /
+etc/privoxy. On Windows, then wherever the executable itself is installed.
+There are many significant changes and advances from earlier versions. The User
+Manual has an explanation of all configuration options, and examples: http://
+www.privoxy.org/user-manual/.
+
+Be sure to set your browser(s) for HTTP/HTTPS Proxy at <IP>:<Port>, or whatever
+you specify in the config file under 'listen-address'. DEFAULT is
+localhost:8118. Note that Privoxy ONLY proxies HTTP (and HTTPS) traffic. Do not
+try it with FTP or other protocols for the simple reason it does not work.
+
+The actions list can be configured via the web interface accessed via http://
+p.p/, as well other options.
+
+-------------------------------------------------------------------------------
+
+5. DOCUMENTATION
+
+There should be documentation in the 'doc' subdirectory. In particular, see the
+User Manual there, the FAQ, and those interested in Privoxy development, should
+look at developer-manual.
+
+The source and configuration files are all well commented. The main
+configuration files are: 'config', 'default.action', and 'default.filter'.
+
+Included documentation may vary according to platform and packager. All
+documentation is posted on http://www.privoxy.org, in case you don't have it,
+or can't find it.
+
+-------------------------------------------------------------------------------
+
+6. CONTACTING THE DEVELOPERS, BUG REPORTING AND FEATURE REQUESTS
+
+We value your feedback. In fact, we rely on it to improve Privoxy and its
+configuration. However, please note the following hints, so we can provide you
+with the best support:
+
+-------------------------------------------------------------------------------
+
+6.1. Get Support
+
+For casual users, our support forum at SourceForge is probably best suited:
+http://sourceforge.net/tracker/?group_id=11118&atid=211118
+
+All users are of course welcome to discuss their issues on the users mailing
+list, where the developers also hang around.
+
+Please don't sent private support requests to individual Privoxy developers,
+either use the mailing lists or the support trackers.
+
+Note that the Privoxy mailing lists are moderated. Posts from unsubscribed
+addresses have to be accepted manually by a moderator. This may cause a delay
+of several days and if you use a subject that doesn't clearly mention Privoxy
+or one of its features, your message may be accidentally discarded as spam.
+
+If you aren't subscribed, you should therefore spend a few seconds to come up
+with a proper subject. Additionally you should make it clear that you want to
+get CC'd. Otherwise some responses will be directed to the mailing list only,
+and you won't see them.
+
+-------------------------------------------------------------------------------
+
+6.2. Reporting Problems
+
+"Problems" for our purposes, come in two forms:
+
+  * Configuration issues, such as ads that slip through, or sites that don't
+    function properly due to one Privoxy "action" or another being turned "on".
+
+  * "Bugs" in the programming code that makes up Privoxy, such as that might
+    cause a crash.
+
+-------------------------------------------------------------------------------
+
+6.2.1. Reporting Ads or Other Configuration Problems
+
+Please send feedback on ads that slipped through, innocent images that were
+blocked, sites that don't work properly, and other configuration related
+problem of default.action file, to http://sourceforge.net/tracker/?group_id=
+11118&atid=460288, the Actions File Tracker.
+
+New, improved default.action files may occasionally be made available based on
+your feedback. These will be announced on the ijbswa-announce list and
+available from our the files section of our project page.
+
+-------------------------------------------------------------------------------
+
+6.2.2. Reporting Bugs
+
+Please report all bugs through our bug tracker: http://sourceforge.net/tracker
+/?group_id=11118&atid=111118.
+
+Before doing so, please make sure that the bug has not already been submitted
+and observe the additional hints at the top of the submit form. If already
+submitted, please feel free to add any info to the original report that might
+help to solve the issue.
+
+Please try to verify that it is a Privoxy bug, and not a browser or site bug or
+documented behaviour that just happens to be different than what you expected.
+If unsure, try toggling off Privoxy, and see if the problem persists.
+
+If you are using your own custom configuration, please try the stock configs to
+see if the problem is configuration related. If you're having problems with a
+feature that is disabled by default, please ask around on the mailing list if
+others can reproduce the problem.
+
+If you aren't using the latest Privoxy version, the bug may have been found and
+fixed in the meantime. We would appreciate if you could take the time to
+upgrade to the latest version (or even the latest CVS snapshot) and verify that
+your bug still exists.
+
+Please be sure to provide the following information:
+
+  * The exact Privoxy version you are using (if you got the source from CVS,
+    please also provide the source code revisions as shown in http://
+    config.privoxy.org/show-version).
+
+  * The operating system and versions you run Privoxy on, (e.g. Windows XP
+    SP2), if you are using a Unix flavor, sending the output of "uname -a"
+    should do, in case of GNU/Linux, please also name the distribution.
+
+  * The name, platform, and version of the browser you were using (e.g.
+    Internet Explorer v5.5 for Mac).
+
+  * The URL where the problem occurred, or some way for us to duplicate the
+    problem (e.g. http://somesite.example.com/?somethingelse=123).
+
+  * Whether your version of Privoxy is one supplied by the Privoxy developers
+    via SourceForge, or if you got your copy somewhere else.
+
+  * Whether you are using Privoxy in tandem with another proxy such as Tor. If
+    so, please temporary disable the other proxy to see if the symptoms change.
+
+  * Whether you are using a personal firewall product. If so, does Privoxy work
+    without it?
+
+  * Any other pertinent information to help identify the problem such as config
+    or log file excerpts (yes, you should have log file entries for each action
+    taken).
+
+You don't have to tell us your actual name when filing a problem report, but
+please use a nickname so we can differentiate between your messages and the
+ones entered by other "anonymous" users that may respond to your request if
+they have the same problem or already found a solution.
+
+Please also check the status of your request a few days after submitting it, as
+we may request additional information. If you use a SF id, you should
+automatically get a mail when someone responds to your request.
+
+The appendix of the Privoxy User Manual also has helpful information on
+understanding actions, and action debugging.
+
+-------------------------------------------------------------------------------
+
+6.3. Request New Features
+
+You are welcome to submit ideas on new features or other proposals for
+improvement through our feature request tracker at http://sourceforge.net/
+tracker/?atid=361118&group_id=11118.
+
+-------------------------------------------------------------------------------
+
+6.4. Other
+
+For any other issues, feel free to use the mailing lists. Technically
+interested users and people who wish to contribute to the project are also
+welcome on the developers list! You can find an overview of all Privoxy-related
+mailing lists, including list archives, at: http://sourceforge.net/mail/?
+group_id=11118.
+
diff --git a/external/privoxy/acconfig.h b/external/privoxy/acconfig.h
new file mode 100644
index 0000000..ea2792d
--- /dev/null
+++ b/external/privoxy/acconfig.h
@@ -0,0 +1,495 @@
+#ifndef CONFIG_H_INCLUDED
+#define CONFIG_H_INCLUDED
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/acconfig.h,v $
+ *
+ * Purpose     :  This file should be the first thing included in every
+ *                .c file.  (Before even system headers).  It contains 
+ *                #define statements for various features.  It was
+ *                introduced because the compile command line started
+ *                getting ludicrously long with feature defines.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: acconfig.h,v $
+ *    Revision 1.36  2008/10/18 11:17:52  fabiankeil
+ *    Connection keep-alive support is ready for testing,
+ *    allow enabling it through the configure script.
+ *
+ *    Revision 1.35  2008/04/06 15:18:33  fabiankeil
+ *    Oh well, rename the --enable-pcre-host-patterns option to
+ *    --enable-extended-host-patterns as it's not really PCRE syntax.
+ *
+ *    Revision 1.34  2008/04/06 14:54:26  fabiankeil
+ *    Use PCRE syntax in host patterns when configured
+ *    with --enable-pcre-host-patterns.
+ *
+ *    Revision 1.33  2006/12/17 19:15:26  fabiankeil
+ *    Added ./configure switch for FEATURE_GRACEFUL_TERMINATION.
+ *
+ *    Revision 1.32  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.27.2.4  2003/12/17 16:34:40  oes
+ *    Cosmetics
+ *
+ *    Revision 1.27.2.3  2003/03/27 16:03:19  oes
+ *    Another shot at Bug #707467
+ *
+ *    Revision 1.27.2.2  2003/03/21 14:39:12  oes
+ *    Presumably fixed Bug #707467 by defining unix ifdef __unix__
+ *
+ *    Revision 1.27.2.1  2002/08/10 11:22:31  oes
+ *    - Add two AC_DEFINEs that indicate if the pcre*.h headers
+ *      are located in a pcre/ subdir to the include path.
+ *
+ *    Revision 1.27  2002/04/25 19:13:57  morcego
+ *    Removed RPM release number declaration on configure.in
+ *    Changed makefile to use given value for RPM_PACKAGEV when on uploading
+ *    targets (will produce an error, explaining who to do it, if no value
+ *    if provided).
+ *
+ *    Revision 1.26  2002/04/11 11:00:21  oes
+ *    Applied Moritz' fix for socklen_t on Solaris
+ *
+ *    Revision 1.25  2002/04/06 20:38:01  jongfoster
+ *    Renaming VC++ versions of config.h
+ *
+ *    Revision 1.24  2002/04/04 00:36:36  gliptak
+ *    always use pcre for matching
+ *
+ *    Revision 1.23  2002/04/03 22:28:03  gliptak
+ *    Removed references to gnu_regex
+ *
+ *    Revision 1.22  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.21  2002/03/24 14:31:08  swa
+ *    remove more crappy files. set RPM
+ *    release version correctly.
+ *
+ *    Revision 1.20  2002/03/24 13:46:44  swa
+ *    name change related issue.
+ *
+ *    Revision 1.19  2002/03/24 13:25:42  swa
+ *    name change related issues
+ *
+ *    Revision 1.18  2002/03/08 16:40:28  oes
+ *    Added FEATURE_NO_GIFS
+ *
+ *    Revision 1.17  2002/03/04 17:52:44  oes
+ *    Deleted PID_FILE_PATH
+ *
+ *    Revision 1.16  2002/01/10 12:36:18  oes
+ *    Moved HAVE_*_R to acconfig.h, where they belong.
+ *
+ *    Revision 1.15  2001/12/30 14:07:31  steudten
+ *    - Add signal handling (unix)
+ *    - Add SIGHUP handler (unix)
+ *    - Add creation of pidfile (unix)
+ *    - Add action 'top' in rc file (RH)
+ *    - Add entry 'SIGNALS' to manpage
+ *    - Add exit message to logfile (unix)
+ *
+ *    Revision 1.14  2001/10/23 21:24:09  jongfoster
+ *    Support for FEATURE_CGI_EDIT_ACTIONS
+ *
+ *    Revision 1.13  2001/10/07 15:30:41  oes
+ *    Removed FEATURE_DENY_GZIP
+ *
+ *    Revision 1.12  2001/09/13 19:56:37  jongfoster
+ *    Reverting to revision 1.10 - previous checking was majorly broken.
+ *
+ *    Revision 1.10  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.9  2001/07/29 19:08:52  jongfoster
+ *    Changing _CONFIG_H to CONFIG_H_INCLUDED.
+ *    Also added protection against using a MinGW32 or CygWin version of
+ *    config.h from within MS Visual C++
+ *
+ *    Revision 1.8  2001/07/29 17:09:17  jongfoster
+ *    Major changes to build system in order to fix these bugs:
+ *    - pthreads under Linux was broken - changed -lpthread to -pthread
+ *    - Compiling in MinGW32 mode under CygWin now correctly detects
+ *      which shared libraries are available
+ *    - Solaris support (?) (Not tested under Solaris yet)
+ *
+ *    Revision 1.7  2001/07/25 22:53:59  jongfoster
+ *    Will #error if pthreads is enabled under BeOs
+ *
+ *    Revision 1.6  2001/07/15 17:54:29  jongfoster
+ *    Renaming #define STATIC to STATIC_PCRE
+ *    Adding new #define FEATURE_PTHREAD that will be used to enable
+ *    POSIX threads support.
+ *
+ *    Revision 1.5  2001/07/13 13:48:37  oes
+ *     - (Fix:) Copied CODE_STATUS #define from config.h.in
+ *     - split REGEX #define into REGEX_GNU and REGEX_PCRE
+ *       and removed PCRE.
+ *       (REGEX = REGEX_GNU || REGEX_PCRE per project.h)
+ *     - Moved STATIC (for pcre) here from Makefile.in
+ *     - Introduced STATIC_PCRS #define to allow for dynaimc linking with
+ *       libpcrs
+ *     - Removed PCRS #define, since pcrs is now needed for CGI anyway
+ *
+ *    Revision 1.4  2001/05/29 09:50:24  jongfoster
+ *    Unified blocklist/imagelist/permissionslist.
+ *    File format is still under discussion, but the internal changes
+ *    are (mostly) done.
+ *
+ *    Also modified interceptor behaviour:
+ *    - We now intercept all URLs beginning with one of the following
+ *      prefixes (and *only* these prefixes):
+ *        * http://i.j.b/
+ *        * http://ijbswa.sf.net/config/
+ *        * http://ijbswa.sourceforge.net/config/
+ *    - New interceptors "home page" - go to http://i.j.b/ to see it.
+ *    - Internal changes so that intercepted and fast redirect pages
+ *      are not replaced with an image.
+ *    - Interceptors now have the option to send a binary page direct
+ *      to the client. (i.e. ijb-send-banner uses this)
+ *    - Implemented show-url-info interceptor.  (Which is why I needed
+ *      the above interceptors changes - a typical URL is
+ *      "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ *      The previous mechanism would not have intercepted that, and
+ *      if it had been intercepted then it then it would have replaced
+ *      it with an image.)
+ *
+ *    Revision 1.3  2001/05/26 01:26:34  jongfoster
+ *    New #define, WIN_GUI_EDIT, enables the (embryonic) Win32 GUI editor.
+ *    This #define cannot be set from ./configure - there's no point, it
+ *    doesn't work yet.  See feature request # 425722
+ *
+ *    Revision 1.2  2001/05/22 17:43:35  oes
+ *
+ *    - Enabled filtering banners by size rather than URL
+ *      by adding patterns that replace all standard banner
+ *      sizes with the "Junkbuster" gif to the re_filterfile
+ *
+ *    - Enabled filtering WebBugs by providing a pattern
+ *      which kills all 1x1 images
+ *
+ *    - Added support for PCRE_UNGREEDY behaviour to pcrs,
+ *      which is selected by the (nonstandard and therefore
+ *      capital) letter 'U' in the option string.
+ *      It causes the quantifiers to be ungreedy by default.
+ *      Appending a ? turns back to greedy (!).
+ *
+ *    - Added a new interceptor ijb-send-banner, which
+ *      sends back the "Junkbuster" gif. Without imagelist or
+ *      MSIE detection support, or if tinygif = 1, or the
+ *      URL isn't recognized as an imageurl, a lame HTML
+ *      explanation is sent instead.
+ *
+ *    - Added new feature, which permits blocking remote
+ *      script redirects and firing back a local redirect
+ *      to the browser.
+ *      The feature is conditionally compiled, i.e. it
+ *      can be disabled with --disable-fast-redirects,
+ *      plus it must be activated by a "fast-redirects"
+ *      line in the config file, has its own log level
+ *      and of course wants to be displayed by show-proxy-args
+ *      Note: Boy, all the #ifdefs in 1001 locations and
+ *      all the fumbling with configure.in and acconfig.h
+ *      were *way* more work than the feature itself :-(
+ *
+ *    - Because a generic redirect template was needed for
+ *      this, tinygif = 3 now uses the same.
+ *
+ *    - Moved GIFs, and other static HTTP response templates
+ *      to project.h
+ *
+ *    - Many minor fixes
+ *
+ *    - Removed some >400 CRs again (Jon, you really worked
+ *      a lot! ;-)
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:45  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+ at TOP@
+
+/*
+ * Version number - Major (X._._)
+ */
+#undef VERSION_MAJOR
+
+/*
+ * Version number - Minor (_.X._)
+ */
+#undef VERSION_MINOR
+
+/*
+ * Version number - Point (_._.X)
+ */
+#undef VERSION_POINT
+
+/*
+ * Version number, as a string
+ */
+#undef VERSION
+
+/*
+ * Status of the code: "alpha", "beta" or "stable".
+ */
+#undef CODE_STATUS
+
+/* 
+ * Should pcre be statically built in instead of linkling with libpcre?
+ * (This is determined by configure depending on the availiability of
+ * libpcre and user preferences). The name is ugly, but pcre needs it.
+ * Don't bother to change this here! Use configure instead.
+ */
+#undef STATIC_PCRE
+
+/* 
+ * Should pcrs be statically built in instead of linkling with libpcrs?
+ * (This is determined by configure depending on the availiability of
+ * libpcrs and user preferences).
+ * Don't bother to change this here! Use configure instead.
+ */
+#undef STATIC_PCRS
+
+/*
+ * Allows the use of an ACL to control access to the proxy by IP address.
+ */
+#undef FEATURE_ACL
+
+/*
+ * Enables the web-based configuration (actionsfile) editor.  If you
+ * have a shared proxy, you might want to turn this off.
+ */
+#undef FEATURE_CGI_EDIT_ACTIONS
+
+/*
+ * Allows the use of jar files to capture cookies.
+ */
+#undef FEATURE_COOKIE_JAR
+
+/*
+ * Locally redirect remote script-redirect URLs
+ */
+#undef FEATURE_FAST_REDIRECTS
+
+/*
+ * Bypass filtering for 1 page only
+ */
+#undef FEATURE_FORCE_LOAD
+
+/*
+ * Allow blocking using images as well as HTML.
+ * If you do not define this then everything is blocked as HTML.
+ *
+ * Note that this is required if you want to use FEATURE_IMAGE_DETECT_MSIE.
+ */
+#undef FEATURE_IMAGE_BLOCKING
+
+/*
+ * Detect image requests automatically for MSIE.  Will fall back to
+ * other image-detection methods (i.e. "+image" permission) for other
+ * browsers.
+ *
+ * You must also define FEATURE_IMAGE_BLOCKING to use this feature.
+ *
+ * It detects the following header pair as an image request:
+ *
+ * User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
+ * Accept: * / *
+ *
+ * And the following as a HTML request:
+ *
+ * User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
+ * Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, * / *
+ *
+ * And no, I haven't got that backwards - IE is being wierd.
+ *
+ * Known limitations: 
+ * 1) If you press shift-reload on a blocked HTML page, you get
+ *    the image "blocked" page, not the HTML "blocked" page.
+ * 2) Once an image "blocked" page has been sent, viewing it 
+ *    in it's own browser window *should* bring up the HTML
+ *    "blocked" page, but it doesn't.  You need to clear the 
+ *    browser cache to get the HTML version again.
+ *
+ * These limitations are due to IE making inconsistent choices
+ * about which "Accept:" header to send.
+ */
+#undef FEATURE_IMAGE_DETECT_MSIE
+
+/*
+ * Kills JavaScript popups - window.open, onunload, etc.
+ */
+#undef FEATURE_KILL_POPUPS
+
+/*
+ * Use PNG instead of GIF for built-in images
+ */
+#undef FEATURE_NO_GIFS
+
+/*
+ * Allow to shutdown Privoxy through the webinterface.
+ */
+#undef FEATURE_GRACEFUL_TERMINATION
+
+/*
+ * Allow PCRE syntax in host patterns.
+ */
+#undef FEATURE_EXTENDED_HOST_PATTERNS
+
+/*
+ * Keep outgoing connections alive if possible.
+ */
+#undef FEATURE_CONNECTION_KEEP_ALIVE
+
+/*
+ * Use POSIX threads instead of native threads.
+ */
+#undef FEATURE_PTHREAD
+
+/*
+ * Enables statistics function.
+ */
+#undef FEATURE_STATISTICS
+
+/*
+ * Allow Privoxy to be "disabled" so it is just a normal non-blocking
+ * non-anonymizing proxy.  This is useful if you're trying to access a
+ * blocked or broken site - just change the setting in the config file,
+ * or use the handy "Disable" menu option in the Windows GUI.
+ */
+#undef FEATURE_TOGGLE
+
+/*
+ * Allows the use of trust files.
+ */
+#undef FEATURE_TRUST
+
+/*
+ * Defined on Solaris only.  Makes the system libraries thread safe.
+ */
+#undef _REENTRANT
+
+/*
+ * Defined on Solaris only.  Without this, many important functions are not
+ * defined in the system headers.
+ */
+#undef __EXTENSIONS__
+
+/*
+ * Defined always.
+ * FIXME: Don't know what it does or why we need it.
+ * (presumably something to do with MultiThreading?)
+ */
+#undef __MT__
+
+/* If the (nonstandard and thread-safe) function gethostbyname_r
+ * is available, select which signature to use
+ */
+#undef HAVE_GETHOSTBYNAME_R_6_ARGS
+#undef HAVE_GETHOSTBYNAME_R_5_ARGS
+#undef HAVE_GETHOSTBYNAME_R_3_ARGS
+
+/* If the (nonstandard and thread-safe) function gethostbyaddr_r
+ * is available, select which signature to use
+ */
+#undef HAVE_GETHOSTBYADDR_R_8_ARGS
+#undef HAVE_GETHOSTBYADDR_R_7_ARGS
+#undef HAVE_GETHOSTBYADDR_R_5_ARGS
+
+/* Defined if you have gmtime_r and localtime_r with a signature
+ * of (struct time *, struct tm *)
+ */
+#undef HAVE_GMTIME_R
+#undef HAVE_LOCALTIME_R
+
+/* Define to 'int' if <sys/socket.h> doesn't have it. 
+ */
+#undef socklen_t
+
+/* Define if pcre.h must be included as <pcre/pcre.h>
+ */
+#undef PCRE_H_IN_SUBDIR
+
+/* Define if pcreposix.h must be included as <pcre/pcreposix.h>
+ */
+#undef PCREPOSIX_H_IN_SUBDIR
+
+ at BOTTOM@
+
+/*
+ * Defined always.
+ * FIXME: Don't know what it does or why we need it.
+ * (presumably something to do with ANSI Standard C?)
+ */
+#ifndef __STDC__
+#define __STDC__ 1
+#endif /* ndef __STDC__ */
+
+/*
+ * Need to set up this define only for the Pthreads library for
+ * Win32, available from http://sources.redhat.com/pthreads-win32/
+ */
+#if defined(FEATURE_PTHREAD) && defined(_WIN32)
+#define __CLEANUP_C
+#endif /* defined(FEATURE_PTHREAD) && defined(_WIN32) */
+
+/*
+ * BEOS does not currently support POSIX threads.
+ * This *should* be detected by ./configure, but let's be sure.
+ */
+#if defined(FEATURE_PTHREAD) && defined(__BEOS__)
+#error BEOS does not support pthread - please run ./configure again with "--disable-pthread"
+
+#endif /* defined(FEATURE_PTHREAD) && defined(__BEOS__) */
+
+/*
+ * On OpenBSD and maybe also FreeBSD, gcc doesn't define the cpp
+ * symbol unix; it defines __unix__ and sometimes not even that:
+ */
+#if ( defined(__unix__) || defined(__NetBSD__) ) && !defined(unix)
+#define unix 1
+#endif
+
+/*
+ * It's too easy to accidentally use a Cygwin or MinGW32 version of config.h
+ * under VC++, and it usually gives many wierd error messages.  Let's make
+ * the error messages understandable, by bailing out now.
+ */
+#ifdef _MSC_VER
+#error For MS VC++, please use vc_config_winthreads.h or vc_config_pthreads.h.  You can usually do this by selecting the "Build", "Clean" menu option.
+#endif /* def _MSC_VER */
+
+#endif /* CONFIG_H_INCLUDED */
diff --git a/external/privoxy/actionlist.h b/external/privoxy/actionlist.h
new file mode 100644
index 0000000..339c878
--- /dev/null
+++ b/external/privoxy/actionlist.h
@@ -0,0 +1,306 @@
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/actionlist.h,v $
+ *
+ * Purpose     :  Master list of supported actions.
+ *                Not really a header, since it generates code.
+ *                This is included (3 times!) from actions.c
+ *                Each time, the following macros are defined to
+ *                suitable values beforehand:
+ *                    DEFINE_ACTION_MULTI()
+ *                    DEFINE_ACTION_STRING()
+ *                    DEFINE_ACTION_BOOL()
+ *                    DEFINE_ACTION_ALIAS
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2008 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: actionlist.h,v $
+ *    Revision 1.36  2008/09/20 10:04:33  fabiankeil
+ *    Remove hide-forwarded-for-headers action which has
+ *    been obsoleted by change-x-forwarded-for{block}.
+ *
+ *    Revision 1.35  2008/09/19 15:43:54  fabiankeil
+ *    Fix sorting.
+ *
+ *    Revision 1.34  2008/09/19 15:26:28  fabiankeil
+ *    Add change-x-forwarded-for{} action to block or add
+ *    X-Forwarded-For headers. Mostly based on code removed
+ *    before 3.0.7.
+ *
+ *    Revision 1.33  2008/03/29 12:13:45  fabiankeil
+ *    Remove send-wafer and send-vanilla-wafer actions.
+ *
+ *    Revision 1.32  2008/03/28 15:13:42  fabiankeil
+ *    Remove inspect-jpegs action.
+ *
+ *    Revision 1.31  2008/03/27 18:27:20  fabiankeil
+ *    Remove kill-popups action.
+ *
+ *    Revision 1.30  2008/03/04 18:30:34  fabiankeil
+ *    Remove the treat-forbidden-connects-like-blocks action. We now
+ *    use the "blocked" page for forbidden CONNECT requests by default.
+ *
+ *    Revision 1.29  2008/03/01 14:00:43  fabiankeil
+ *    Let the block action take the reason for the block
+ *    as argument and show it on the "blocked" page.
+ *
+ *    Revision 1.28  2007/12/11 21:08:29  fabiankeil
+ *    Let the CGI editor suggest a forward-override
+ *    parameter whose syntax is actually valid.
+ *
+ *    Revision 1.27  2007/11/10 15:04:08  fabiankeil
+ *    Tell the CGI editor about +hide-referrer{conditional-forge}.
+ *
+ *    Revision 1.26  2007/06/01 16:54:28  fabiankeil
+ *    Add forward-override{} to change the forwarding settings through
+ *    action sections. This is mainly interesting to forward different
+ *    clients differently (for example based on User-Agent or request
+ *    origin).
+ *
+ *    Revision 1.25  2007/04/15 16:39:20  fabiankeil
+ *    Introduce tags as alternative way to specify which
+ *    actions apply to a request. At the moment tags can be
+ *    created based on client and server headers.
+ *
+ *    Revision 1.24  2007/03/20 15:16:34  fabiankeil
+ *    Use dedicated header filter actions instead of abusing "filter".
+ *    Replace "filter-client-headers" and "filter-client-headers"
+ *    with "server-header-filter" and "client-header-filter".
+ *
+ *    Revision 1.23  2006/10/09 10:26:18  fabiankeil
+ *    Changed the path in set-image-blocker's redirection default to
+ *    "send-banner?type=pattern" instead of "show-banner?type=pattern"
+ *    which isn't caught by Privoxy. Fixes BR 1573468.
+ *
+ *    Changed hide-user-agent's default value to "Privoxy VERSION".
+ *
+ *    Changed hide-referrer's default fake value to "http://www.privoxy.org/".
+ *    A static referrer is obviously fake anyway, so we might as well
+ *    advertise ourselves.
+ *
+ *    Revision 1.22  2006/09/01 17:14:18  hal9
+ *    Re-ordered the actions list so that they display in the actions editor in
+ *    alphabetical order. Some of the new actions were "out of order".
+ *
+ *    Revision 1.21  2006/08/14 08:25:19  fabiankeil
+ *    Split filter-headers{} into filter-client-headers{}
+ *    and filter-server-headers{}.
+ *    Added parse_header_time() to share some code.
+ *    Replaced timegm() with mktime().
+ *
+ *    Revision 1.20  2006/08/03 02:46:41  david__schmidt
+ *    Incorporate Fabian Keil's patch work:http://www.fabiankeil.de/sourcecode/privoxy/
+ *
+ *    Revision 1.19  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.17.2.3  2004/10/03 12:53:32  david__schmidt
+ *    Add the ability to check jpeg images for invalid
+ *    lengths of comment blocks.  Defensive strategy
+ *    against the exploit:
+ *       Microsoft Security Bulletin MS04-028
+ *       Buffer Overrun in JPEG Processing (GDI+) Could
+ *       Allow Code Execution (833987)
+ *    Enabled with +inspect-jpegs in actions files.
+ *
+ *    Revision 1.17.2.2  2002/09/25 15:25:25  oes
+ *    Added more aliases for prehistoric action names
+ *
+ *    Revision 1.17.2.1  2002/08/02 12:50:47  oes
+ *    Consistency with docs: Change default name for action from hide-referer to hide-referrer
+ *
+ *    Revision 1.17  2002/05/14 21:25:55  oes
+ *    Renamed prevent-(setting/reading)-cookies to crunch-(incoming/outgoing)-cookies
+ *
+ *    Revision 1.16  2002/04/24 02:15:18  oes
+ *    Renamed actions as discussed, Aliased old action names to new ones.
+ *
+ *    Revision 1.15  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.14  2002/03/24 16:32:08  jongfoster
+ *    Removing logo option
+ *
+ *    Revision 1.13  2002/03/24 15:23:33  jongfoster
+ *    Name changes
+ *
+ *    Revision 1.12  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.11  2002/03/12 01:42:49  oes
+ *    Introduced modular filters
+ *
+ *    Revision 1.10  2002/03/08 18:19:14  jongfoster
+ *    Adding +image-blocker{pattern} option to edit interface
+ *
+ *    Revision 1.9  2001/11/22 21:58:41  jongfoster
+ *    Adding action +no-cookies-keep
+ *
+ *    Revision 1.8  2001/10/10 16:42:52  oes
+ *    Fixed a bug, Added +limit-connect string action
+ *
+ *    Revision 1.7  2001/10/07 15:33:59  oes
+ *    Introduced a +no-compression action
+ *    Introduced a +downgrade action
+ *
+ *    Revision 1.6  2001/09/16 15:47:37  jongfoster
+ *    First version of CGI-based edit interface.  This is very much a
+ *    work-in-progress, and you can't actually use it to edit anything
+ *    yet.  You must #define FEATURE_CGI_EDIT_ACTIONS for these changes
+ *    to have any effect.
+ *
+ *    Revision 1.5  2001/07/18 12:27:03  oes
+ *    Changed deanimate-gifs to string action
+ *
+ *    Revision 1.4  2001/07/13 13:52:12  oes
+ *     - Formatting
+ *     - Introduced new action ACTION_DEANIMATE
+ *
+ *    Revision 1.3  2001/06/07 23:03:56  jongfoster
+ *    Added standard comment at top of file.
+ *
+ *
+ *********************************************************************/
+
+
+#if !(defined(DEFINE_ACTION_BOOL) && defined(DEFINE_ACTION_MULTI) && defined(DEFINE_ACTION_STRING))
+#error Please define lots of macros before including "actionlist.h".
+#endif /* !defined(all the DEFINE_ACTION_xxx macros) */
+
+#ifndef DEFINE_CGI_PARAM_RADIO
+#define DEFINE_CGI_PARAM_RADIO(name, bit, index, value, is_default)
+#define DEFINE_CGI_PARAM_CUSTOM(name, bit, index, default_val)
+#define DEFINE_CGI_PARAM_NO_RADIO(name, bit, index, default_val)
+#endif /* ndef DEFINE_CGI_PARAM_RADIO */
+
+DEFINE_ACTION_MULTI      ("add-header",                 ACTION_MULTI_ADD_HEADER)
+DEFINE_ACTION_STRING     ("block",                      ACTION_BLOCK, ACTION_STRING_BLOCK)
+DEFINE_CGI_PARAM_NO_RADIO("block",                      ACTION_BLOCK, ACTION_STRING_BLOCK, "No reason specified.")
+DEFINE_ACTION_STRING     ("change-x-forwarded-for",     ACTION_CHANGE_X_FORWARDED_FOR,  ACTION_STRING_CHANGE_X_FORWARDED_FOR)
+DEFINE_CGI_PARAM_RADIO   ("change-x-forwarded-for",     ACTION_CHANGE_X_FORWARDED_FOR,  ACTION_STRING_CHANGE_X_FORWARDED_FOR, "block", 0)
+DEFINE_CGI_PARAM_RADIO   ("change-x-forwarded-for",     ACTION_CHANGE_X_FORWARDED_FOR,  ACTION_STRING_CHANGE_X_FORWARDED_FOR, "add", 1)
+DEFINE_ACTION_MULTI      ("client-header-filter",       ACTION_MULTI_CLIENT_HEADER_FILTER)
+DEFINE_ACTION_MULTI      ("client-header-tagger",       ACTION_MULTI_CLIENT_HEADER_TAGGER)
+DEFINE_ACTION_STRING     ("content-type-overwrite",     ACTION_CONTENT_TYPE_OVERWRITE, ACTION_STRING_CONTENT_TYPE)
+DEFINE_CGI_PARAM_NO_RADIO("content-type-overwrite",     ACTION_CONTENT_TYPE_OVERWRITE, ACTION_STRING_CONTENT_TYPE,    "text/html")
+DEFINE_ACTION_STRING     ("crunch-client-header",       ACTION_CRUNCH_CLIENT_HEADER, ACTION_STRING_CLIENT_HEADER)
+DEFINE_CGI_PARAM_NO_RADIO("crunch-client-header",       ACTION_CRUNCH_CLIENT_HEADER, ACTION_STRING_CLIENT_HEADER,          "X-Whatever:")
+DEFINE_ACTION_BOOL       ("crunch-if-none-match",       ACTION_CRUNCH_IF_NONE_MATCH)
+DEFINE_ACTION_BOOL       ("crunch-incoming-cookies",    ACTION_NO_COOKIE_SET)
+DEFINE_ACTION_BOOL       ("crunch-outgoing-cookies",    ACTION_NO_COOKIE_READ)
+DEFINE_ACTION_STRING     ("crunch-server-header",       ACTION_CRUNCH_SERVER_HEADER, ACTION_STRING_SERVER_HEADER)
+DEFINE_CGI_PARAM_NO_RADIO("crunch-server-header",       ACTION_CRUNCH_SERVER_HEADER, ACTION_STRING_SERVER_HEADER,          "X-Whatever:")
+DEFINE_ACTION_STRING     ("deanimate-gifs",             ACTION_DEANIMATE,       ACTION_STRING_DEANIMATE)
+DEFINE_CGI_PARAM_RADIO   ("deanimate-gifs",             ACTION_DEANIMATE,       ACTION_STRING_DEANIMATE,     "first", 0)
+DEFINE_CGI_PARAM_RADIO   ("deanimate-gifs",             ACTION_DEANIMATE,       ACTION_STRING_DEANIMATE,     "last",  1)
+DEFINE_ACTION_BOOL       ("downgrade-http-version",     ACTION_DOWNGRADE)
+DEFINE_ACTION_STRING     ("fast-redirects",             ACTION_FAST_REDIRECTS,  ACTION_STRING_FAST_REDIRECTS)
+DEFINE_CGI_PARAM_RADIO   ("fast-redirects",             ACTION_FAST_REDIRECTS,  ACTION_STRING_FAST_REDIRECTS, "simple-check",  0)
+DEFINE_CGI_PARAM_RADIO   ("fast-redirects",             ACTION_FAST_REDIRECTS,  ACTION_STRING_FAST_REDIRECTS, "check-decoded-url",  1)
+DEFINE_ACTION_MULTI      ("filter",                     ACTION_MULTI_FILTER)
+DEFINE_ACTION_BOOL       ("force-text-mode",            ACTION_FORCE_TEXT_MODE)
+DEFINE_ACTION_STRING     ("forward-override",           ACTION_FORWARD_OVERRIDE, ACTION_STRING_FORWARD_OVERRIDE)
+DEFINE_CGI_PARAM_CUSTOM  ("forward-override",           ACTION_FORWARD_OVERRIDE, ACTION_STRING_FORWARD_OVERRIDE, "forward .")
+DEFINE_ACTION_BOOL       ("handle-as-empty-document",   ACTION_HANDLE_AS_EMPTY_DOCUMENT)
+DEFINE_ACTION_BOOL       ("handle-as-image",            ACTION_IMAGE)
+DEFINE_ACTION_STRING     ("hide-accept-language",       ACTION_HIDE_ACCEPT_LANGUAGE, ACTION_STRING_LANGUAGE)
+DEFINE_CGI_PARAM_RADIO   ("hide-accept-language",       ACTION_HIDE_ACCEPT_LANGUAGE, ACTION_STRING_LANGUAGE, "block", 0)
+DEFINE_CGI_PARAM_CUSTOM  ("hide-accept-language",       ACTION_HIDE_ACCEPT_LANGUAGE, ACTION_STRING_LANGUAGE, "de-de")
+DEFINE_ACTION_STRING     ("hide-content-disposition",   ACTION_HIDE_CONTENT_DISPOSITION, ACTION_STRING_CONTENT_DISPOSITION)
+DEFINE_CGI_PARAM_RADIO   ("hide-content-disposition",   ACTION_HIDE_CONTENT_DISPOSITION, ACTION_STRING_CONTENT_DISPOSITION,    "block", 0)
+DEFINE_CGI_PARAM_CUSTOM  ("hide-content-disposition",   ACTION_HIDE_CONTENT_DISPOSITION, ACTION_STRING_CONTENT_DISPOSITION,    "attachment; filename=WHATEVER.txt")
+DEFINE_ACTION_STRING     ("hide-from-header",           ACTION_HIDE_FROM,       ACTION_STRING_FROM)
+DEFINE_CGI_PARAM_RADIO   ("hide-from-header",           ACTION_HIDE_FROM,       ACTION_STRING_FROM,          "block", 1)
+DEFINE_CGI_PARAM_CUSTOM  ("hide-from-header",           ACTION_HIDE_FROM,       ACTION_STRING_FROM,          "spam_me_senseless at sittingduck.xyz")
+DEFINE_ACTION_STRING     ("hide-if-modified-since",     ACTION_HIDE_IF_MODIFIED_SINCE, ACTION_STRING_IF_MODIFIED_SINCE)
+DEFINE_CGI_PARAM_RADIO   ("hide-if-modified-since",     ACTION_HIDE_IF_MODIFIED_SINCE, ACTION_STRING_IF_MODIFIED_SINCE, "block", 0)
+DEFINE_CGI_PARAM_CUSTOM  ("hide-if-modified-since",     ACTION_HIDE_IF_MODIFIED_SINCE, ACTION_STRING_IF_MODIFIED_SINCE, "-1")
+DEFINE_ACTION_STRING     ("hide-referrer",              ACTION_HIDE_REFERER,    ACTION_STRING_REFERER)
+DEFINE_CGI_PARAM_RADIO   ("hide-referrer",              ACTION_HIDE_REFERER,    ACTION_STRING_REFERER,       "conditional-forge", 3)
+DEFINE_CGI_PARAM_RADIO   ("hide-referrer",              ACTION_HIDE_REFERER,    ACTION_STRING_REFERER,       "conditional-block", 2)
+DEFINE_CGI_PARAM_RADIO   ("hide-referrer",              ACTION_HIDE_REFERER,    ACTION_STRING_REFERER,       "forge", 1)
+DEFINE_CGI_PARAM_RADIO   ("hide-referrer",              ACTION_HIDE_REFERER,    ACTION_STRING_REFERER,       "block", 0)
+DEFINE_CGI_PARAM_CUSTOM  ("hide-referrer",              ACTION_HIDE_REFERER,    ACTION_STRING_REFERER,       "http://www.privoxy.org/")
+DEFINE_ACTION_STRING     ("hide-user-agent",            ACTION_HIDE_USER_AGENT, ACTION_STRING_USER_AGENT)
+DEFINE_CGI_PARAM_NO_RADIO("hide-user-agent",            ACTION_HIDE_USER_AGENT, ACTION_STRING_USER_AGENT,    "Privoxy " VERSION)
+DEFINE_ACTION_STRING     ("limit-connect",              ACTION_LIMIT_CONNECT,   ACTION_STRING_LIMIT_CONNECT)
+DEFINE_CGI_PARAM_NO_RADIO("limit-connect",              ACTION_LIMIT_CONNECT,   ACTION_STRING_LIMIT_CONNECT,  "443")
+DEFINE_ACTION_STRING     ("overwrite-last-modified",    ACTION_OVERWRITE_LAST_MODIFIED, ACTION_STRING_LAST_MODIFIED)
+DEFINE_CGI_PARAM_RADIO   ("overwrite-last-modified",    ACTION_OVERWRITE_LAST_MODIFIED, ACTION_STRING_LAST_MODIFIED, "block", 0)
+DEFINE_CGI_PARAM_RADIO   ("overwrite-last-modified",    ACTION_OVERWRITE_LAST_MODIFIED, ACTION_STRING_LAST_MODIFIED, "reset-to-request-time", 1)
+DEFINE_CGI_PARAM_RADIO   ("overwrite-last-modified",    ACTION_OVERWRITE_LAST_MODIFIED, ACTION_STRING_LAST_MODIFIED, "randomize", 2)
+DEFINE_ACTION_BOOL       ("prevent-compression",        ACTION_NO_COMPRESSION)
+DEFINE_ACTION_STRING     ("redirect",                   ACTION_REDIRECT,        ACTION_STRING_REDIRECT)
+DEFINE_CGI_PARAM_NO_RADIO("redirect",                   ACTION_REDIRECT,        ACTION_STRING_REDIRECT,  "http://localhost/")
+DEFINE_ACTION_MULTI      ("server-header-filter",       ACTION_MULTI_SERVER_HEADER_FILTER)
+DEFINE_ACTION_MULTI      ("server-header-tagger",       ACTION_MULTI_SERVER_HEADER_TAGGER)
+DEFINE_ACTION_BOOL       ("session-cookies-only",       ACTION_NO_COOKIE_KEEP)
+DEFINE_ACTION_STRING     ("set-image-blocker",          ACTION_IMAGE_BLOCKER,   ACTION_STRING_IMAGE_BLOCKER)
+DEFINE_CGI_PARAM_RADIO   ("set-image-blocker",          ACTION_IMAGE_BLOCKER,   ACTION_STRING_IMAGE_BLOCKER, "pattern", 1)
+DEFINE_CGI_PARAM_RADIO   ("set-image-blocker",          ACTION_IMAGE_BLOCKER,   ACTION_STRING_IMAGE_BLOCKER, "blank", 0)
+DEFINE_CGI_PARAM_CUSTOM  ("set-image-blocker",          ACTION_IMAGE_BLOCKER,   ACTION_STRING_IMAGE_BLOCKER,  CGI_PREFIX "send-banner?type=pattern")
+
+#if DEFINE_ACTION_ALIAS
+
+/* 
+ * Alternative spellings
+ */
+DEFINE_ACTION_STRING     ("hide-referer",   ACTION_HIDE_REFERER,    ACTION_STRING_REFERER)
+DEFINE_ACTION_BOOL       ("prevent-keeping-cookies", ACTION_NO_COOKIE_KEEP)
+
+/* 
+ * Pre-3.0.7 (pseudo) compatibility
+ */
+DEFINE_ACTION_MULTI      ("filter-client-headers",       ACTION_MULTI_CLIENT_HEADER_FILTER)
+DEFINE_ACTION_MULTI      ("filter-server-headers",       ACTION_MULTI_SERVER_HEADER_FILTER)
+
+/* 
+ * Pre-3.0 compatibility
+ */
+DEFINE_ACTION_BOOL       ("no-cookie-read",          ACTION_NO_COOKIE_READ)
+DEFINE_ACTION_BOOL       ("no-cookie-set",           ACTION_NO_COOKIE_SET)
+DEFINE_ACTION_BOOL       ("prevent-reading-cookies", ACTION_NO_COOKIE_READ)
+DEFINE_ACTION_BOOL       ("prevent-setting-cookies", ACTION_NO_COOKIE_SET)
+DEFINE_ACTION_BOOL       ("downgrade",               ACTION_DOWNGRADE)
+DEFINE_ACTION_STRING     ("hide-from",               ACTION_HIDE_FROM,       ACTION_STRING_FROM)
+DEFINE_ACTION_BOOL       ("image",                   ACTION_IMAGE)
+DEFINE_ACTION_STRING     ("image-blocker",           ACTION_IMAGE_BLOCKER,   ACTION_STRING_IMAGE_BLOCKER)
+DEFINE_ACTION_BOOL       ("no-compression",          ACTION_NO_COMPRESSION)
+DEFINE_ACTION_BOOL       ("no-cookies-keep",         ACTION_NO_COOKIE_KEEP)
+DEFINE_ACTION_BOOL       ("no-cookies-read",         ACTION_NO_COOKIE_READ)
+DEFINE_ACTION_BOOL       ("no-cookies-set",          ACTION_NO_COOKIE_SET)
+#endif /* if DEFINE_ACTION_ALIAS */
+
+#undef DEFINE_ACTION_MULTI
+#undef DEFINE_ACTION_STRING
+#undef DEFINE_ACTION_BOOL
+#undef DEFINE_ACTION_ALIAS
+#undef DEFINE_CGI_PARAM_CUSTOM
+#undef DEFINE_CGI_PARAM_RADIO
+#undef DEFINE_CGI_PARAM_NO_RADIO
+
diff --git a/external/privoxy/actions.c b/external/privoxy/actions.c
new file mode 100644
index 0000000..172085f
--- /dev/null
+++ b/external/privoxy/actions.c
@@ -0,0 +1,2021 @@
+const char actions_rcs[] = "$Id: actions.c,v 1.56 2009/03/08 14:19:21 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/actions.c,v $
+ *
+ * Purpose     :  Declares functions to work with actions files
+ *                Functions declared include: FIXME
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2008 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: actions.c,v $
+ *    Revision 1.56  2009/03/08 14:19:21  fabiankeil
+ *    Fix justified (but harmless) compiler warnings
+ *    on platforms where sizeof(int) < sizeof(long).
+ *
+ *    Revision 1.55  2008/12/04 18:18:56  fabiankeil
+ *    Fix some cparser warnings.
+ *
+ *    Revision 1.54  2008/09/20 10:04:33  fabiankeil
+ *    Remove hide-forwarded-for-headers action which has
+ *    been obsoleted by change-x-forwarded-for{block}.
+ *
+ *    Revision 1.53  2008/05/26 16:04:04  fabiankeil
+ *    s at memorey@memory@
+ *
+ *    Revision 1.52  2008/04/27 16:26:59  fabiankeil
+ *    White space fix for the last commit.
+ *
+ *    Revision 1.51  2008/04/27 16:20:19  fabiankeil
+ *    Complain about every block action without reason found.
+ *
+ *    Revision 1.50  2008/03/30 14:52:00  fabiankeil
+ *    Rename load_actions_file() and load_re_filterfile()
+ *    as they load multiple files "now".
+ *
+ *    Revision 1.49  2008/03/29 12:13:45  fabiankeil
+ *    Remove send-wafer and send-vanilla-wafer actions.
+ *
+ *    Revision 1.48  2008/03/28 18:17:14  fabiankeil
+ *    In action_used_to_be_valid(), loop through an array of formerly
+ *    valid actions instead of using an OR-chain of strcmpic() calls.
+ *
+ *    Revision 1.47  2008/03/28 15:13:37  fabiankeil
+ *    Remove inspect-jpegs action.
+ *
+ *    Revision 1.46  2008/03/27 18:27:20  fabiankeil
+ *    Remove kill-popups action.
+ *
+ *    Revision 1.45  2008/03/24 11:21:02  fabiankeil
+ *    Share the action settings for multiple patterns in the same
+ *    section so we waste less memory for gigantic block lists
+ *    (and load them slightly faster). Reported by Franz Schwartau.
+ *
+ *    Revision 1.44  2008/03/04 18:30:34  fabiankeil
+ *    Remove the treat-forbidden-connects-like-blocks action. We now
+ *    use the "blocked" page for forbidden CONNECT requests by default.
+ *
+ *    Revision 1.43  2008/03/01 14:00:43  fabiankeil
+ *    Let the block action take the reason for the block
+ *    as argument and show it on the "blocked" page.
+ *
+ *    Revision 1.42  2008/02/09 15:15:38  fabiankeil
+ *    List active and inactive actions in the show-url-info's
+ *    "Final results" section separately. Patch submitted by Lee
+ *    in #1830056, modified to list active actions first.
+ *
+ *    Revision 1.41  2008/01/28 20:17:40  fabiankeil
+ *    - Mark some parameters as immutable.
+ *    - Hide update_action_bits_for_all_tags() while it's unused.
+ *
+ *    Revision 1.40  2007/05/21 10:26:50  fabiankeil
+ *    - Use strlcpy() instead of strcpy().
+ *    - Provide a reason why loading the actions
+ *      file might have failed.
+ *
+ *    Revision 1.39  2007/04/17 18:21:45  fabiankeil
+ *    Split update_action_bits() into
+ *    update_action_bits_for_all_tags()
+ *    and update_action_bits_for_tag().
+ *
+ *    Revision 1.38  2007/04/15 16:39:20  fabiankeil
+ *    Introduce tags as alternative way to specify which
+ *    actions apply to a request. At the moment tags can be
+ *    created based on client and server headers.
+ *
+ *    Revision 1.37  2007/03/11 15:56:12  fabiankeil
+ *    Add kludge to log unknown aliases and actions before exiting.
+ *
+ *    Revision 1.36  2006/12/28 17:15:42  fabiankeil
+ *    Fix gcc43 conversion warning.
+ *
+ *    Revision 1.35  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.32.2.6  2006/01/29 23:10:56  david__schmidt
+ *    Multiple filter file support
+ *
+ *    Revision 1.32.2.5  2005/06/09 01:18:41  david__schmidt
+ *    Tweaks to conditionally include pthread.h if FEATURE_PTHREAD is enabled -
+ *    this becomes important when jcc.h gets included later down the line.
+ *
+ *    Revision 1.32.2.4  2003/12/03 10:33:11  oes
+ *    - Implemented Privoxy version requirement through
+ *      for-privoxy-version= statement in {{settings}}
+ *      block
+ *    - Fix for unchecked out-of-memory condition
+ *
+ *    Revision 1.32.2.3  2003/02/28 12:52:10  oes
+ *    Fixed memory leak reported by Dan Price in Bug #694713
+ *
+ *    Revision 1.32.2.2  2002/11/20 14:36:55  oes
+ *    Extended unload_current_actions_file() to multiple AFs.
+ *    Thanks to Oliver Stoeneberg for the hint.
+ *
+ *    Revision 1.32.2.1  2002/05/26 12:13:16  roro
+ *    Change unsigned to unsigned long in actions_name struct.  This closes
+ *    SourceForge Bug #539284.
+ *
+ *    Revision 1.32  2002/05/12 21:36:29  jongfoster
+ *    Correcting function comments
+ *
+ *    Revision 1.31  2002/05/06 07:56:50  oes
+ *    Made actions_to_html independent of FEATURE_CGI_EDIT_ACTIONS
+ *
+ *    Revision 1.30  2002/04/30 11:14:52  oes
+ *    Made csp the first parameter in *action_to_html
+ *
+ *    Revision 1.29  2002/04/26 19:30:54  jongfoster
+ *    - current_action_to_html(): Adding help link for the "-" form of
+ *      one-string actions.
+ *    - Some actions had "<br>-", some "<br> -" (note the space).
+ *      Standardizing on no space.
+ *    - Greatly simplifying some of the code by using string_join()
+ *      where appropriate.
+ *
+ *    Revision 1.28  2002/04/26 12:53:15  oes
+ *     - CGI AF editor now writes action lines split into
+ *       single lines with line continuation
+ *     - actions_to_html now embeds each action name in
+ *       link to chapter
+ *     - current_action_to_text is now called current_action_to_html
+ *       and acts like actions_to_html
+ *
+ *    Revision 1.27  2002/04/24 02:10:31  oes
+ *     - Jon's patch for multiple AFs:
+ *       - split load_actions_file, add load_one_actions_file
+ *       - make csp->actions_list files an array
+ *       - remember file id with each action
+ *     - Copy_action now frees dest action before copying
+ *
+ *    Revision 1.26  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.25  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.24  2002/03/16 23:54:06  jongfoster
+ *    Adding graceful termination feature, to help look for memory leaks.
+ *    If you enable this (which, by design, has to be done by hand
+ *    editing config.h) and then go to http://i.j.b/die, then the program
+ *    will exit cleanly after the *next* request.  It should free all the
+ *    memory that was used.
+ *
+ *    Revision 1.23  2002/03/07 03:46:16  oes
+ *    Fixed compiler warnings
+ *
+ *    Revision 1.22  2002/01/21 00:27:02  jongfoster
+ *    Allowing free_action(NULL).
+ *    Moving the functions that #include actionlist.h to the end of the file,
+ *    because the Visual C++ 97 debugger gets extremely confused if you try
+ *    to debug any code that comes after them in the file.
+ *
+ *    Revision 1.21  2002/01/17 20:54:44  jongfoster
+ *    Renaming free_url to free_url_spec, since it frees a struct url_spec.
+ *
+ *    Revision 1.20  2001/11/22 21:56:49  jongfoster
+ *    Making action_spec->flags into an unsigned long rather than just an
+ *    unsigned int.
+ *    Fixing a bug in the display of -add-header and -wafer
+ *
+ *    Revision 1.19  2001/11/13 00:14:07  jongfoster
+ *    Fixing stupid bug now I've figured out what || means.
+ *    (It always returns 0 or 1, not one of it's paramaters.)
+ *
+ *    Revision 1.18  2001/11/07 00:06:06  steudten
+ *    Add line number in error output for lineparsing for
+ *    actionsfile.
+ *
+ *    Revision 1.17  2001/10/25 03:40:47  david__schmidt
+ *    Change in porting tactics: OS/2's EMX porting layer doesn't allow multiple
+ *    threads to call select() simultaneously.  So, it's time to do a real, live,
+ *    native OS/2 port.  See defines for __EMX__ (the porting layer) vs. __OS2__
+ *    (native). Both versions will work, but using __OS2__ offers multi-threading.
+ *
+ *    Revision 1.16  2001/10/23 21:30:30  jongfoster
+ *    Adding error-checking to selected functions.
+ *
+ *    Revision 1.15  2001/10/14 21:58:22  jongfoster
+ *    Adding support for the CGI-based editor:
+ *    - Exported get_actions()
+ *    - Added new function free_alias_list()
+ *    - Added support for {{settings}} and {{description}} blocks
+ *      in the actions file.  They are currently ignored.
+ *    - Added restriction to only one {{alias}} block which must appear
+ *      first in the file, to simplify the editor's rewriting rules.
+ *    - Note that load_actions_file() is no longer used by the CGI-based
+ *      editor, but some of the other routines in this file are.
+ *
+ *    Revision 1.14  2001/09/22 16:36:59  jongfoster
+ *    Removing unused parameter fs from read_config_line()
+ *
+ *    Revision 1.13  2001/09/16 15:47:37  jongfoster
+ *    First version of CGI-based edit interface.  This is very much a
+ *    work-in-progress, and you can't actually use it to edit anything
+ *    yet.  You must #define FEATURE_CGI_EDIT_ACTIONS for these changes
+ *    to have any effect.
+ *
+ *    Revision 1.12  2001/09/16 13:21:27  jongfoster
+ *    Changes to use new list functions.
+ *
+ *    Revision 1.11  2001/09/14 00:17:32  jongfoster
+ *    Tidying up memory allocation. New function init_action().
+ *
+ *    Revision 1.10  2001/09/10 10:14:34  oes
+ *    Removing unused variable
+ *
+ *    Revision 1.9  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.8  2001/06/29 13:19:52  oes
+ *    Removed logentry from cancelled commit
+ *
+ *    Revision 1.7  2001/06/09 10:55:28  jongfoster
+ *    Changing BUFSIZ ==> BUFFER_SIZE
+ *
+ *    Revision 1.6  2001/06/07 23:04:34  jongfoster
+ *    Made get_actions() static.
+ *
+ *    Revision 1.5  2001/06/03 19:11:48  oes
+ *    adapted to new enlist_unique arg format
+ *
+ *    Revision 1.4  2001/06/01 20:03:42  jongfoster
+ *    Better memory management - current_action->strings[] now
+ *    contains copies of the strings, not the original.
+ *
+ *    Revision 1.3  2001/06/01 18:49:17  jongfoster
+ *    Replaced "list_share" with "list" - the tiny memory gain was not
+ *    worth the extra complexity.
+ *
+ *    Revision 1.2  2001/05/31 21:40:00  jongfoster
+ *    Removing some commented out, obsolete blocks of code.
+ *
+ *    Revision 1.1  2001/05/31 21:16:46  jongfoster
+ *    Moved functions to process the action list into this new file.
+ *
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+#include <stdio.h>
+#include <string.h>
+#include <assert.h>
+#include <stdlib.h>
+
+#ifdef FEATURE_PTHREAD
+#include <pthread.h>
+#endif
+
+#include "project.h"
+#include "jcc.h"
+#include "list.h"
+#include "actions.h"
+#include "miscutil.h"
+#include "errlog.h"
+#include "loaders.h"
+#include "encode.h"
+#include "urlmatch.h"
+#include "cgi.h"
+#include "ssplit.h"
+
+const char actions_h_rcs[] = ACTIONS_H_VERSION;
+
+
+/*
+ * We need the main list of options.
+ *
+ * First, we need a way to tell between boolean, string, and multi-string
+ * options.  For string and multistring options, we also need to be
+ * able to tell the difference between a "+" and a "-".  (For bools,
+ * the "+"/"-" information is encoded in "add" and "mask").  So we use
+ * an enumerated type (well, the preprocessor equivalent).  Here are
+ * the values:
+ */
+#define AV_NONE       0 /* +opt -opt */
+#define AV_ADD_STRING 1 /* +stropt{string} */
+#define AV_REM_STRING 2 /* -stropt */
+#define AV_ADD_MULTI  3 /* +multiopt{string} +multiopt{string2} */
+#define AV_REM_MULTI  4 /* -multiopt{string} -multiopt          */
+
+/*
+ * We need a structure to hold the name, flag changes,
+ * type, and string index.
+ */
+struct action_name
+{
+   const char * name;
+   unsigned long mask;   /* a bit set to "0" = remove action */
+   unsigned long add;    /* a bit set to "1" = add action */
+   int takes_value;      /* an AV_... constant */
+   int index;            /* index into strings[] or multi[] */
+};
+
+/*
+ * And with those building blocks in place, here's the array.
+ */
+static const struct action_name action_names[] =
+{
+   /*
+    * Well actually there's no data here - it's in actionlist.h
+    * This keeps it together to make it easy to change.
+    *
+    * Here's the macros used to format it:
+    */
+#define DEFINE_ACTION_MULTI(name,index)                   \
+   { "+" name, ACTION_MASK_ALL, 0, AV_ADD_MULTI, index }, \
+   { "-" name, ACTION_MASK_ALL, 0, AV_REM_MULTI, index },
+#define DEFINE_ACTION_STRING(name,flag,index)                 \
+   { "+" name, ACTION_MASK_ALL, flag, AV_ADD_STRING, index }, \
+   { "-" name, ~flag, 0, AV_REM_STRING, index },
+#define DEFINE_ACTION_BOOL(name,flag)   \
+   { "+" name, ACTION_MASK_ALL, flag }, \
+   { "-" name, ~flag, 0 },
+#define DEFINE_ACTION_ALIAS 1 /* Want aliases please */
+
+#include "actionlist.h"
+
+#undef DEFINE_ACTION_MULTI
+#undef DEFINE_ACTION_STRING
+#undef DEFINE_ACTION_BOOL
+#undef DEFINE_ACTION_ALIAS
+
+   { NULL, 0, 0 } /* End marker */
+};
+
+
+static int load_one_actions_file(struct client_state *csp, int fileid);
+
+
+/*********************************************************************
+ *
+ * Function    :  merge_actions
+ *
+ * Description :  Merge two actions together.
+ *                Similar to "dest += src".
+ *
+ * Parameters  :
+ *          1  :  dest = Actions to modify.
+ *          2  :  src = Action to add.
+ *
+ * Returns     :  JB_ERR_OK or JB_ERR_MEMORY
+ *
+ *********************************************************************/
+jb_err merge_actions (struct action_spec *dest,
+                      const struct action_spec *src)
+{
+   int i;
+   jb_err err;
+
+   dest->mask &= src->mask;
+   dest->add  &= src->mask;
+   dest->add  |= src->add;
+
+   for (i = 0; i < ACTION_STRING_COUNT; i++)
+   {
+      char * str = src->string[i];
+      if (str)
+      {
+         freez(dest->string[i]);
+         dest->string[i] = strdup(str);
+         if (NULL == dest->string[i])
+         {
+            return JB_ERR_MEMORY;
+         }
+      }
+   }
+
+   for (i = 0; i < ACTION_MULTI_COUNT; i++)
+   {
+      if (src->multi_remove_all[i])
+      {
+         /* Remove everything from dest */
+         list_remove_all(dest->multi_remove[i]);
+         dest->multi_remove_all[i] = 1;
+
+         err = list_duplicate(dest->multi_add[i], src->multi_add[i]);
+      }
+      else if (dest->multi_remove_all[i])
+      {
+         /*
+          * dest already removes everything, so we only need to worry
+          * about what we add.
+          */
+         list_remove_list(dest->multi_add[i], src->multi_remove[i]);
+         err = list_append_list_unique(dest->multi_add[i], src->multi_add[i]);
+      }
+      else
+      {
+         /* No "remove all"s to worry about. */
+         list_remove_list(dest->multi_add[i], src->multi_remove[i]);
+         err = list_append_list_unique(dest->multi_remove[i], src->multi_remove[i]);
+         if (!err) err = list_append_list_unique(dest->multi_add[i], src->multi_add[i]);
+      }
+
+      if (err)
+      {
+         return err;
+      }
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  copy_action
+ *
+ * Description :  Copy an action_specs.
+ *                Similar to "dest = src".
+ *
+ * Parameters  :
+ *          1  :  dest = Destination of copy.
+ *          2  :  src = Source for copy.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+jb_err copy_action (struct action_spec *dest,
+                    const struct action_spec *src)
+{
+   int i;
+   jb_err err = JB_ERR_OK;
+
+   free_action(dest);
+   memset(dest, '\0', sizeof(*dest));
+
+   dest->mask = src->mask;
+   dest->add  = src->add;
+
+   for (i = 0; i < ACTION_STRING_COUNT; i++)
+   {
+      char * str = src->string[i];
+      if (str)
+      {
+         str = strdup(str);
+         if (!str)
+         {
+            return JB_ERR_MEMORY;
+         }
+         dest->string[i] = str;
+      }
+   }
+
+   for (i = 0; i < ACTION_MULTI_COUNT; i++)
+   {
+      dest->multi_remove_all[i] = src->multi_remove_all[i];
+      err = list_duplicate(dest->multi_remove[i], src->multi_remove[i]);
+      if (err)
+      {
+         return err;
+      }
+      err = list_duplicate(dest->multi_add[i],    src->multi_add[i]);
+      if (err)
+      {
+         return err;
+      }
+   }
+   return err;
+}
+
+/*********************************************************************
+ *
+ * Function    :  free_action_spec
+ *
+ * Description :  Frees an action_spec and the memory used by it.
+ *
+ * Parameters  :
+ *          1  :  src = Source to free.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void free_action_spec(struct action_spec *src)
+{
+   free_action(src);
+   freez(src);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  free_action
+ *
+ * Description :  Destroy an action_spec.  Frees memory used by it,
+ *                except for the memory used by the struct action_spec
+ *                itself.
+ *
+ * Parameters  :
+ *          1  :  src = Source to free.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void free_action (struct action_spec *src)
+{
+   int i;
+
+   if (src == NULL)
+   {
+      return;
+   }
+
+   for (i = 0; i < ACTION_STRING_COUNT; i++)
+   {
+      freez(src->string[i]);
+   }
+
+   for (i = 0; i < ACTION_MULTI_COUNT; i++)
+   {
+      destroy_list(src->multi_remove[i]);
+      destroy_list(src->multi_add[i]);
+   }
+
+   memset(src, '\0', sizeof(*src));
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_action_token
+ *
+ * Description :  Parses a line for the first action.
+ *                Modifies it's input array, doesn't allocate memory.
+ *                e.g. given:
+ *                *line="  +abc{def}  -ghi "
+ *                Returns:
+ *                *line="  -ghi "
+ *                *name="+abc"
+ *                *value="def"
+ *
+ * Parameters  :
+ *          1  :  line = [in] The line containing the action.
+ *                       [out] Start of next action on line, or
+ *                       NULL if we reached the end of line before
+ *                       we found an action.
+ *          2  :  name = [out] Start of action name, null
+ *                       terminated.  NULL on EOL
+ *          3  :  value = [out] Start of action value, null
+ *                        terminated.  NULL if none or EOL.
+ *
+ * Returns     :  JB_ERR_OK => Ok
+ *                JB_ERR_PARSE => Mismatched {} (line was trashed anyway)
+ *
+ *********************************************************************/
+jb_err get_action_token(char **line, char **name, char **value)
+{
+   char * str = *line;
+   char ch;
+
+   /* set default returns */
+   *line = NULL;
+   *name = NULL;
+   *value = NULL;
+
+   /* Eat any leading whitespace */
+   while ((*str == ' ') || (*str == '\t'))
+   {
+      str++;
+   }
+
+   if (*str == '\0')
+   {
+      return 0;
+   }
+
+   if (*str == '{')
+   {
+      /* null name, just value is prohibited */
+      return JB_ERR_PARSE;
+   }
+
+   *name = str;
+
+   /* parse option */
+   while (((ch = *str) != '\0') &&
+          (ch != ' ') && (ch != '\t') && (ch != '{'))
+   {
+      if (ch == '}')
+      {
+         /* error, '}' without '{' */
+         return JB_ERR_PARSE;
+      }
+      str++;
+   }
+   *str = '\0';
+
+   if (ch != '{')
+   {
+      /* no value */
+      if (ch == '\0')
+      {
+         /* EOL - be careful not to run off buffer */
+         *line = str;
+      }
+      else
+      {
+         /* More to parse next time. */
+         *line = str + 1;
+      }
+      return JB_ERR_OK;
+   }
+
+   str++;
+   *value = str;
+
+   str = strchr(str, '}');
+   if (str == NULL)
+   {
+      /* error */
+      *value = NULL;
+      return JB_ERR_PARSE;
+   }
+
+   /* got value */
+   *str = '\0';
+   *line = str + 1;
+
+   chomp(*value);
+
+   return JB_ERR_OK;
+}
+
+/*********************************************************************
+ *
+ * Function    :  action_used_to_be_valid
+ *
+ * Description :  Checks if unrecognized actions were valid in earlier
+ *                releases.
+ *
+ * Parameters  :
+ *          1  :  action = The string containing the action to check.
+ *
+ * Returns     :  True if yes, otherwise false.
+ *
+ *********************************************************************/
+static int action_used_to_be_valid(const char *action)
+{
+   static const char *formerly_valid_actions[] = {
+      "inspect-jpegs",
+      "kill-popups",
+      "send-vanilla-wafer",
+      "send-wafer",
+      "treat-forbidden-connects-like-blocks",
+      "vanilla-wafer",
+      "wafer"
+   };
+   unsigned int i;
+
+   for (i = 0; i < SZ(formerly_valid_actions); i++)
+   {
+      if (0 == strcmpic(action, formerly_valid_actions[i]))
+      {
+         return TRUE;
+      }
+   }
+
+   return FALSE;
+}
+
+/*********************************************************************
+ *
+ * Function    :  get_actions
+ *
+ * Description :  Parses a list of actions.
+ *
+ * Parameters  :
+ *          1  :  line = The string containing the actions.
+ *                       Will be written to by this function.
+ *          2  :  alias_list = Custom alias list, or NULL for none.
+ *          3  :  cur_action = Where to store the action.  Caller
+ *                             allocates memory.
+ *
+ * Returns     :  JB_ERR_OK => Ok
+ *                JB_ERR_PARSE => Parse error (line was trashed anyway)
+ *                nonzero => Out of memory (line was trashed anyway)
+ *
+ *********************************************************************/
+jb_err get_actions(char *line,
+                   struct action_alias * alias_list,
+                   struct action_spec *cur_action)
+{
+   jb_err err;
+   init_action(cur_action);
+   cur_action->mask = ACTION_MASK_ALL;
+
+   while (line)
+   {
+      char * option = NULL;
+      char * value = NULL;
+
+      err = get_action_token(&line, &option, &value);
+      if (err)
+      {
+         return err;
+      }
+
+      if (option)
+      {
+         /* handle option in 'option' */
+
+         /* Check for standard action name */
+         const struct action_name * action = action_names;
+
+         while ( (action->name != NULL) && (0 != strcmpic(action->name, option)) )
+         {
+            action++;
+         }
+         if (action->name != NULL)
+         {
+            /* Found it */
+            cur_action->mask &= action->mask;
+            cur_action->add  &= action->mask;
+            cur_action->add  |= action->add;
+
+            switch (action->takes_value)
+            {
+            case AV_NONE:
+               /* ignore any option. */
+               break;
+            case AV_ADD_STRING:
+               {
+                  /* add single string. */
+
+                  if ((value == NULL) || (*value == '\0'))
+                  {
+                     if (0 != strcmpic(action->name, "block"))
+                     {
+                        /*
+                         * XXX: Temporary backwards compatibility hack.
+                         * XXX: should include line number.
+                         */
+                        value = "No reason specified.";
+                        log_error(LOG_LEVEL_ERROR,
+                           "block action without reason found. This may "
+                           "become a fatal error in future versions.");
+                     }
+                     else
+                     {
+                        return JB_ERR_PARSE;
+                     }
+                  }
+                  /* FIXME: should validate option string here */
+                  freez (cur_action->string[action->index]);
+                  cur_action->string[action->index] = strdup(value);
+                  if (NULL == cur_action->string[action->index])
+                  {
+                     return JB_ERR_MEMORY;
+                  }
+                  break;
+               }
+            case AV_REM_STRING:
+               {
+                  /* remove single string. */
+
+                  freez (cur_action->string[action->index]);
+                  break;
+               }
+            case AV_ADD_MULTI:
+               {
+                  /* append multi string. */
+
+                  struct list * remove_p = cur_action->multi_remove[action->index];
+                  struct list * add_p    = cur_action->multi_add[action->index];
+
+                  if ((value == NULL) || (*value == '\0'))
+                  {
+                     return JB_ERR_PARSE;
+                  }
+
+                  list_remove_item(remove_p, value);
+                  err = enlist_unique(add_p, value, 0);
+                  if (err)
+                  {
+                     return err;
+                  }
+                  break;
+               }
+            case AV_REM_MULTI:
+               {
+                  /* remove multi string. */
+
+                  struct list * remove_p = cur_action->multi_remove[action->index];
+                  struct list * add_p    = cur_action->multi_add[action->index];
+
+                  if ( (value == NULL) || (*value == '\0')
+                     || ((*value == '*') && (value[1] == '\0')) )
+                  {
+                     /*
+                      * no option, or option == "*".
+                      *
+                      * Remove *ALL*.
+                      */
+                     list_remove_all(remove_p);
+                     list_remove_all(add_p);
+                     cur_action->multi_remove_all[action->index] = 1;
+                  }
+                  else
+                  {
+                     /* Valid option - remove only 1 option */
+
+                     if ( !cur_action->multi_remove_all[action->index] )
+                     {
+                        /* there isn't a catch-all in the remove list already */
+                        err = enlist_unique(remove_p, value, 0);
+                        if (err)
+                        {
+                           return err;
+                        }
+                     }
+                     list_remove_item(add_p, value);
+                  }
+                  break;
+               }
+            default:
+               /* Shouldn't get here unless there's memory corruption. */
+               assert(0);
+               return JB_ERR_PARSE;
+            }
+         }
+         else
+         {
+            /* try user aliases. */
+            const struct action_alias * alias = alias_list;
+
+            while ( (alias != NULL) && (0 != strcmpic(alias->name, option)) )
+            {
+               alias = alias->next;
+            }
+            if (alias != NULL)
+            {
+               /* Found it */
+               merge_actions(cur_action, alias->action);
+            }
+            else if (((size_t)2 < strlen(option)) && action_used_to_be_valid(option+1))
+            {
+               log_error(LOG_LEVEL_ERROR, "Action '%s' is no longer valid "
+                  "in this Privoxy release. Ignored.", option+1);
+            }
+            else if (((size_t)2 < strlen(option)) && 0 == strcmpic(option+1, "hide-forwarded-for-headers"))
+            {
+               log_error(LOG_LEVEL_FATAL, "The action 'hide-forwarded-for-headers' "
+                  "is no longer valid in this Privoxy release. "
+                  "Use 'change-x-forwarded-for' instead.");
+            }
+            else
+            {
+               /* Bad action name */
+               /*
+                * XXX: This is a fatal error and Privoxy will later on exit
+                * in load_one_actions_file() because of an "invalid line".
+                *
+                * It would be preferable to name the offending option in that
+                * error message, but currently there is no way to do that and
+                * we have to live with two error messages for basically the
+                * same reason.
+                */
+               log_error(LOG_LEVEL_ERROR, "Unknown action or alias: %s", option);
+               return JB_ERR_PARSE;
+            }
+         }
+      }
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  init_current_action
+ *
+ * Description :  Zero out an action.
+ *
+ * Parameters  :
+ *          1  :  dest = An uninitialized current_action_spec.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void init_current_action (struct current_action_spec *dest)
+{
+   memset(dest, '\0', sizeof(*dest));
+
+   dest->flags = ACTION_MOST_COMPATIBLE;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  init_action
+ *
+ * Description :  Zero out an action.
+ *
+ * Parameters  :
+ *          1  :  dest = An uninitialized action_spec.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void init_action (struct action_spec *dest)
+{
+   memset(dest, '\0', sizeof(*dest));
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  merge_current_action
+ *
+ * Description :  Merge two actions together.
+ *                Similar to "dest += src".
+ *                Differences between this and merge_actions()
+ *                is that this one doesn't allocate memory for
+ *                strings (so "src" better be in memory for at least
+ *                as long as "dest" is, and you'd better free
+ *                "dest" using "free_current_action").
+ *                Also, there is no  mask or remove lists in dest.
+ *                (If we're applying it to a URL, we don't need them)
+ *
+ * Parameters  :
+ *          1  :  dest = Current actions, to modify.
+ *          2  :  src = Action to add.
+ *
+ * Returns  0  :  no error
+ *        !=0  :  error, probably JB_ERR_MEMORY.
+ *
+ *********************************************************************/
+jb_err merge_current_action (struct current_action_spec *dest,
+                             const struct action_spec *src)
+{
+   int i;
+   jb_err err = JB_ERR_OK;
+
+   dest->flags  &= src->mask;
+   dest->flags  |= src->add;
+
+   for (i = 0; i < ACTION_STRING_COUNT; i++)
+   {
+      char * str = src->string[i];
+      if (str)
+      {
+         str = strdup(str);
+         if (!str)
+         {
+            return JB_ERR_MEMORY;
+         }
+         freez(dest->string[i]);
+         dest->string[i] = str;
+      }
+   }
+
+   for (i = 0; i < ACTION_MULTI_COUNT; i++)
+   {
+      if (src->multi_remove_all[i])
+      {
+         /* Remove everything from dest, then add src->multi_add */
+         err = list_duplicate(dest->multi[i], src->multi_add[i]);
+         if (err)
+         {
+            return err;
+         }
+      }
+      else
+      {
+         list_remove_list(dest->multi[i], src->multi_remove[i]);
+         err = list_append_list_unique(dest->multi[i], src->multi_add[i]);
+         if (err)
+         {
+            return err;
+         }
+      }
+   }
+   return err;
+}
+
+#if 0
+/*********************************************************************
+ *
+ * Function    :  update_action_bits_for_all_tags
+ *
+ * Description :  Updates the action bits based on all matching tags.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  0 if no tag matched, or
+ *                1 otherwise
+ *
+ *********************************************************************/
+int update_action_bits_for_all_tags(struct client_state *csp)
+{
+   struct list_entry *tag;
+   int updated = 0;
+
+   for (tag = csp->tags->first; tag != NULL; tag = tag->next)
+   {
+      if (update_action_bits_for_tag(csp, tag->str))
+      {
+         updated = 1;
+      }
+   }
+
+   return updated;
+}
+#endif
+
+/*********************************************************************
+ *
+ * Function    :  update_action_bits_for_tag
+ *
+ * Description :  Updates the action bits based on the action sections
+ *                whose tag patterns match a provided tag.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  tag = The tag on which the update should be based on
+ *
+ * Returns     :  0 if no tag matched, or
+ *                1 otherwise
+ *
+ *********************************************************************/
+int update_action_bits_for_tag(struct client_state *csp, const char *tag)
+{
+   struct file_list *fl;
+   struct url_actions *b;
+
+   int updated = 0;
+   int i;
+
+   assert(tag);
+   assert(list_contains_item(csp->tags, tag));
+
+   /* Run through all action files, */
+   for (i = 0; i < MAX_AF_FILES; i++)
+   {
+      if (((fl = csp->actions_list[i]) == NULL) || ((b = fl->f) == NULL))
+      {
+         /* Skip empty files */
+         continue;
+      }
+
+      /* and through all the action patterns, */
+      for (b = b->next; NULL != b; b = b->next)
+      {
+         /* skip the URL patterns, */
+         if (NULL == b->url->tag_regex)
+         {
+            continue;
+         }
+
+         /* and check if one of the tag patterns matches the tag, */
+         if (0 == regexec(b->url->tag_regex, tag, 0, NULL, 0))
+         {
+            /* if it does, update the action bit map, */
+            if (merge_current_action(csp->action, b->action))
+            {
+               log_error(LOG_LEVEL_ERROR,
+                  "Out of memory while changing action bits");
+            }
+            /* and signal the change. */
+            updated = 1;
+         }
+      }
+   }
+
+   return updated;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  free_current_action
+ *
+ * Description :  Free memory used by a current_action_spec.
+ *                Does not free the current_action_spec itself.
+ *
+ * Parameters  :
+ *          1  :  src = Source to free.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void free_current_action (struct current_action_spec *src)
+{
+   int i;
+
+   for (i = 0; i < ACTION_STRING_COUNT; i++)
+   {
+      freez(src->string[i]);
+   }
+
+   for (i = 0; i < ACTION_MULTI_COUNT; i++)
+   {
+      destroy_list(src->multi[i]);
+   }
+
+   memset(src, '\0', sizeof(*src));
+}
+
+
+static struct file_list *current_actions_file[MAX_AF_FILES]  = {
+   NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL
+};
+
+
+#ifdef FEATURE_GRACEFUL_TERMINATION
+/*********************************************************************
+ *
+ * Function    :  unload_current_actions_file
+ *
+ * Description :  Unloads current actions file - reset to state at
+ *                beginning of program.
+ *
+ * Parameters  :  None
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void unload_current_actions_file(void)
+{
+   int i;
+
+   for (i = 0; i < MAX_AF_FILES; i++)
+   {
+      if (current_actions_file[i])
+      {
+         current_actions_file[i]->unloader = unload_actions_file;
+         current_actions_file[i] = NULL;
+      }
+   }
+}
+#endif /* FEATURE_GRACEFUL_TERMINATION */
+
+
+/*********************************************************************
+ *
+ * Function    :  unload_actions_file
+ *
+ * Description :  Unloads an actions module.
+ *
+ * Parameters  :
+ *          1  :  file_data = the data structure associated with the
+ *                            actions file.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void unload_actions_file(void *file_data)
+{
+   struct url_actions * next;
+   struct url_actions * cur = (struct url_actions *)file_data;
+   while (cur != NULL)
+   {
+      next = cur->next;
+      free_url_spec(cur->url);
+      if ((next == NULL) || (next->action != cur->action))
+      {
+         /*
+          * As the action settings might be shared,
+          * we can only free them if the current
+          * url pattern is the last one, or if the
+          * next one is using different settings.
+          */
+         free_action_spec(cur->action);
+      }
+      freez(cur);
+      cur = next;
+   }
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  free_alias_list
+ *
+ * Description :  Free memory used by a list of aliases.
+ *
+ * Parameters  :
+ *          1  :  alias_list = Linked list to free.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void free_alias_list(struct action_alias *alias_list)
+{
+   while (alias_list != NULL)
+   {
+      struct action_alias * next = alias_list->next;
+      alias_list->next = NULL;
+      freez(alias_list->name);
+      free_action(alias_list->action);
+      free(alias_list);
+      alias_list = next;
+   }
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  load_action_files
+ *
+ * Description :  Read and parse all the action files and add to files
+ *                list.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  0 => Ok, everything else is an error.
+ *
+ *********************************************************************/
+int load_action_files(struct client_state *csp)
+{
+   int i;
+   int result;
+
+   for (i = 0; i < MAX_AF_FILES; i++)
+   {
+      if (csp->config->actions_file[i])
+      {
+         result = load_one_actions_file(csp, i);
+         if (result)
+         {
+            return result;
+         }
+      }
+      else if (current_actions_file[i])
+      {
+         current_actions_file[i]->unloader = unload_actions_file;
+         current_actions_file[i] = NULL;
+      }
+   }
+
+   return 0;
+}
+
+/*********************************************************************
+ *
+ * Function    :  load_one_actions_file
+ *
+ * Description :  Read and parse a action file and add to files
+ *                list.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  fileid = File index to load.
+ *
+ * Returns     :  0 => Ok, everything else is an error.
+ *
+ *********************************************************************/
+static int load_one_actions_file(struct client_state *csp, int fileid)
+{
+
+   /*
+    * Parser mode.
+    * Note: Keep these in the order they occur in the file, they are
+    * sometimes tested with <=
+    */
+#define MODE_START_OF_FILE 1
+#define MODE_SETTINGS      2
+#define MODE_DESCRIPTION   3
+#define MODE_ALIAS         4
+#define MODE_ACTIONS       5
+
+   int mode = MODE_START_OF_FILE;
+
+   FILE *fp;
+   struct url_actions *last_perm;
+   struct url_actions *perm;
+   char  buf[BUFFER_SIZE];
+   struct file_list *fs;
+   struct action_spec * cur_action = NULL;
+   int cur_action_used = 0;
+   struct action_alias * alias_list = NULL;
+   unsigned long linenum = 0;
+
+   if (!check_file_changed(current_actions_file[fileid], csp->config->actions_file[fileid], &fs))
+   {
+      /* No need to load */
+      csp->actions_list[fileid] = current_actions_file[fileid];
+      return 0;
+   }
+   if (!fs)
+   {
+      log_error(LOG_LEVEL_FATAL, "can't load actions file '%s': %E. "
+         "Note that beginning with Privoxy 3.0.7, actions files have to be specified "
+         "with their complete file names.", csp->config->actions_file[fileid]);
+      return 1; /* never get here */
+   }
+
+   fs->f = last_perm = (struct url_actions *)zalloc(sizeof(*last_perm));
+   if (last_perm == NULL)
+   {
+      log_error(LOG_LEVEL_FATAL, "can't load actions file '%s': out of memory!",
+                csp->config->actions_file[fileid]);
+      return 1; /* never get here */
+   }
+
+   if ((fp = fopen(csp->config->actions_file[fileid], "r")) == NULL)
+   {
+      log_error(LOG_LEVEL_FATAL, "can't load actions file '%s': error opening file: %E",
+                csp->config->actions_file[fileid]);
+      return 1; /* never get here */
+   }
+
+   while (read_config_line(buf, sizeof(buf), fp, &linenum) != NULL)
+   {
+      if (*buf == '{')
+      {
+         /* It's a header block */
+         if (buf[1] == '{')
+         {
+            /* It's {{settings}} or {{alias}} */
+            size_t len = strlen(buf);
+            char * start = buf + 2;
+            char * end = buf + len - 1;
+            if ((len < (size_t)5) || (*end-- != '}') || (*end-- != '}'))
+            {
+               /* too short */
+               fclose(fp);
+               log_error(LOG_LEVEL_FATAL,
+                  "can't load actions file '%s': invalid line (%lu): %s", 
+                  csp->config->actions_file[fileid], linenum, buf);
+               return 1; /* never get here */
+            }
+
+            /* Trim leading and trailing whitespace. */
+            end[1] = '\0';
+            chomp(start);
+
+            if (*start == '\0')
+            {
+               /* too short */
+               fclose(fp);
+               log_error(LOG_LEVEL_FATAL,
+                  "can't load actions file '%s': invalid line (%lu): {{ }}",
+                  csp->config->actions_file[fileid], linenum);
+               return 1; /* never get here */
+            }
+
+            /*
+             * An actionsfile can optionally contain the following blocks.
+             * They *MUST* be in this order, to simplify processing:
+             *
+             * {{settings}}
+             * name=value...
+             *
+             * {{description}}
+             * ...free text, format TBD, but no line may start with a '{'...
+             *
+             * {{alias}}
+             * name=actions...
+             *
+             * The actual actions must be *after* these special blocks.
+             * None of these special blocks may be repeated.
+             *
+             */
+            if (0 == strcmpic(start, "settings"))
+            {
+               /* it's a {{settings}} block */
+               if (mode >= MODE_SETTINGS)
+               {
+                  /* {{settings}} must be first thing in file and must only
+                   * appear once.
+                   */
+                  fclose(fp);
+                  log_error(LOG_LEVEL_FATAL,
+                     "can't load actions file '%s': line %lu: {{settings}} must only appear once, and it must be before anything else.",
+                     csp->config->actions_file[fileid], linenum);
+               }
+               mode = MODE_SETTINGS;
+            }
+            else if (0 == strcmpic(start, "description"))
+            {
+               /* it's a {{description}} block */
+               if (mode >= MODE_DESCRIPTION)
+               {
+                  /* {{description}} is a singleton and only {{settings}} may proceed it
+                   */
+                  fclose(fp);
+                  log_error(LOG_LEVEL_FATAL,
+                     "can't load actions file '%s': line %lu: {{description}} must only appear once, and only a {{settings}} block may be above it.",
+                     csp->config->actions_file[fileid], linenum);
+               }
+               mode = MODE_DESCRIPTION;
+            }
+            else if (0 == strcmpic(start, "alias"))
+            {
+               /* it's an {{alias}} block */
+               if (mode >= MODE_ALIAS)
+               {
+                  /* {{alias}} must be first thing in file, possibly after
+                   * {{settings}} and {{description}}
+                   *
+                   * {{alias}} must only appear once.
+                   *
+                   * Note that these are new restrictions introduced in
+                   * v2.9.10 in order to make actionsfile editing simpler.
+                   * (Otherwise, reordering actionsfile entries without
+                   * completely rewriting the file becomes non-trivial)
+                   */
+                  fclose(fp);
+                  log_error(LOG_LEVEL_FATAL,
+                     "can't load actions file '%s': line %lu: {{alias}} must only appear once, and it must be before all actions.",
+                     csp->config->actions_file[fileid], linenum);
+               }
+               mode = MODE_ALIAS;
+            }
+            else
+            {
+               /* invalid {{something}} block */
+               fclose(fp);
+               log_error(LOG_LEVEL_FATAL,
+                  "can't load actions file '%s': invalid line (%lu): {{%s}}",
+                  csp->config->actions_file[fileid], linenum, start);
+               return 1; /* never get here */
+            }
+         }
+         else
+         {
+            /* It's an actions block */
+
+            char  actions_buf[BUFFER_SIZE];
+            char * end;
+
+            /* set mode */
+            mode    = MODE_ACTIONS;
+
+            /* free old action */
+            if (cur_action)
+            {
+               if (!cur_action_used)
+               {
+                  free_action_spec(cur_action);
+               }
+               cur_action = NULL;
+            }
+            cur_action_used = 0;
+            cur_action = (struct action_spec *)zalloc(sizeof(*cur_action));
+            if (cur_action == NULL)
+            {
+               fclose(fp);
+               log_error(LOG_LEVEL_FATAL,
+                  "can't load actions file '%s': out of memory",
+                  csp->config->actions_file[fileid]);
+               return 1; /* never get here */
+            }
+            init_action(cur_action);
+
+            /* trim { */
+            strlcpy(actions_buf, buf + 1, sizeof(actions_buf));
+
+            /* check we have a trailing } and then trim it */
+            end = actions_buf + strlen(actions_buf) - 1;
+            if (*end != '}')
+            {
+               /* No closing } */
+               fclose(fp);
+               log_error(LOG_LEVEL_FATAL,
+                  "can't load actions file '%s': invalid line (%lu): %s",
+                  csp->config->actions_file[fileid], linenum, buf);
+               return 1; /* never get here */
+            }
+            *end = '\0';
+
+            /* trim any whitespace immediately inside {} */
+            chomp(actions_buf);
+
+            if (get_actions(actions_buf, alias_list, cur_action))
+            {
+               /* error */
+               fclose(fp);
+               log_error(LOG_LEVEL_FATAL,
+                  "can't load actions file '%s': invalid line (%lu): %s",
+                  csp->config->actions_file[fileid], linenum, buf);
+               return 1; /* never get here */
+            }
+         }
+      }
+      else if (mode == MODE_SETTINGS)
+      {
+         /*
+          * Part of the {{settings}} block.
+          * For now only serves to check if the file's minimum Privoxy
+          * version requirement is met, but we may want to read & check
+          * permissions when we go multi-user.
+          */
+         if (!strncmp(buf, "for-privoxy-version=", 20))
+         {
+            char *version_string, *fields[3];
+            int num_fields;
+
+            if ((version_string = strdup(buf + 20)) == NULL)
+            {
+               fclose(fp);
+               log_error(LOG_LEVEL_FATAL,
+                         "can't load actions file '%s': out of memory!",
+                         csp->config->actions_file[fileid]);
+               return 1; /* never get here */
+            }
+            
+            num_fields = ssplit(version_string, ".", fields, 3, TRUE, FALSE);
+
+            if (num_fields < 1 || atoi(fields[0]) == 0)
+            {
+               log_error(LOG_LEVEL_ERROR,
+                 "While loading actions file '%s': invalid line (%lu): %s",
+                  csp->config->actions_file[fileid], linenum, buf);
+            }
+            else if (                      atoi(fields[0]) > VERSION_MAJOR
+                     || (num_fields > 1 && atoi(fields[1]) > VERSION_MINOR)
+                     || (num_fields > 2 && atoi(fields[2]) > VERSION_POINT))
+            {
+               fclose(fp);
+               log_error(LOG_LEVEL_FATAL,
+                         "Actions file '%s', line %lu requires newer Privoxy version: %s",
+                         csp->config->actions_file[fileid], linenum, buf );
+               return 1; /* never get here */
+            }
+            free(version_string);
+         }
+      }
+      else if (mode == MODE_DESCRIPTION)
+      {
+         /*
+          * Part of the {{description}} block.
+          * Ignore for now.
+          */
+      }
+      else if (mode == MODE_ALIAS)
+      {
+         /*
+          * define an alias
+          */
+         char  actions_buf[BUFFER_SIZE];
+         struct action_alias * new_alias;
+
+         char * start = strchr(buf, '=');
+         char * end = start;
+
+         if ((start == NULL) || (start == buf))
+         {
+            log_error(LOG_LEVEL_FATAL,
+               "can't load actions file '%s': invalid alias line (%lu): %s",
+               csp->config->actions_file[fileid], linenum, buf);
+            return 1; /* never get here */
+         }
+
+         if ((new_alias = zalloc(sizeof(*new_alias))) == NULL)
+         {
+            fclose(fp);
+            log_error(LOG_LEVEL_FATAL,
+               "can't load actions file '%s': out of memory!",
+               csp->config->actions_file[fileid]);
+            return 1; /* never get here */
+         }
+
+         /* Eat any the whitespace before the '=' */
+         end--;
+         while ((*end == ' ') || (*end == '\t'))
+         {
+            /*
+             * we already know we must have at least 1 non-ws char
+             * at start of buf - no need to check
+             */
+            end--;
+         }
+         end[1] = '\0';
+
+         /* Eat any the whitespace after the '=' */
+         start++;
+         while ((*start == ' ') || (*start == '\t'))
+         {
+            start++;
+         }
+         if (*start == '\0')
+         {
+            log_error(LOG_LEVEL_FATAL,
+               "can't load actions file '%s': invalid alias line (%lu): %s",
+               csp->config->actions_file[fileid], linenum, buf);
+            return 1; /* never get here */
+         }
+
+         if ((new_alias->name = strdup(buf)) == NULL)
+         {
+            fclose(fp);
+            log_error(LOG_LEVEL_FATAL,
+               "can't load actions file '%s': out of memory!",
+               csp->config->actions_file[fileid]);
+            return 1; /* never get here */
+         }
+
+         strlcpy(actions_buf, start, sizeof(actions_buf));
+
+         if (get_actions(actions_buf, alias_list, new_alias->action))
+         {
+            /* error */
+            fclose(fp);
+            log_error(LOG_LEVEL_FATAL,
+               "can't load actions file '%s': invalid alias line (%lu): %s = %s",
+               csp->config->actions_file[fileid], linenum, buf, start);
+            return 1; /* never get here */
+         }
+
+         /* add to list */
+         new_alias->next = alias_list;
+         alias_list = new_alias;
+      }
+      else if (mode == MODE_ACTIONS)
+      {
+         /* it's a URL pattern */
+
+         /* allocate a new node */
+         if ((perm = zalloc(sizeof(*perm))) == NULL)
+         {
+            fclose(fp);
+            log_error(LOG_LEVEL_FATAL,
+               "can't load actions file '%s': out of memory!",
+               csp->config->actions_file[fileid]);
+            return 1; /* never get here */
+         }
+
+         perm->action = cur_action;
+         cur_action_used = 1;
+
+         /* Save the URL pattern */
+         if (create_url_spec(perm->url, buf))
+         {
+            fclose(fp);
+            log_error(LOG_LEVEL_FATAL,
+               "can't load actions file '%s': line %lu: cannot create URL pattern from: %s",
+               csp->config->actions_file[fileid], linenum, buf);
+            return 1; /* never get here */
+         }
+
+         /* add it to the list */
+         last_perm->next = perm;
+         last_perm = perm;
+      }
+      else if (mode == MODE_START_OF_FILE)
+      {
+         /* oops - please have a {} line as 1st line in file. */
+         fclose(fp);
+         log_error(LOG_LEVEL_FATAL,
+            "can't load actions file '%s': first needed line (%lu) is invalid: %s",
+            csp->config->actions_file[fileid], linenum, buf);
+         return 1; /* never get here */
+      }
+      else
+      {
+         /* How did we get here? This is impossible! */
+         fclose(fp);
+         log_error(LOG_LEVEL_FATAL,
+            "can't load actions file '%s': INTERNAL ERROR - mode = %d",
+            csp->config->actions_file[fileid], mode);
+         return 1; /* never get here */
+      }
+   }
+
+   fclose(fp);
+
+   if (!cur_action_used)
+   {
+      free_action_spec(cur_action);
+   }
+   free_alias_list(alias_list);
+
+   /* the old one is now obsolete */
+   if (current_actions_file[fileid])
+   {
+      current_actions_file[fileid]->unloader = unload_actions_file;
+   }
+
+   fs->next    = files->next;
+   files->next = fs;
+   current_actions_file[fileid] = fs;
+
+   csp->actions_list[fileid] = fs;
+
+   return(0);
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  actions_to_text
+ *
+ * Description :  Converts a actionsfile entry from the internal
+ *                structure into a text line.  The output is split
+ *                into one line for each action with line continuation. 
+ *
+ * Parameters  :
+ *          1  :  action = The action to format.
+ *
+ * Returns     :  A string.  Caller must free it.
+ *                NULL on out-of-memory error.
+ *
+ *********************************************************************/
+char * actions_to_text(const struct action_spec *action)
+{
+   unsigned long mask = action->mask;
+   unsigned long add  = action->add;
+   char *result = strdup("");
+   struct list_entry * lst;
+
+   /* sanity - prevents "-feature +feature" */
+   mask |= add;
+
+
+#define DEFINE_ACTION_BOOL(__name, __bit)          \
+   if (!(mask & __bit))                            \
+   {                                               \
+      string_append(&result, " -" __name " \\\n"); \
+   }                                               \
+   else if (add & __bit)                           \
+   {                                               \
+      string_append(&result, " +" __name " \\\n"); \
+   }
+
+#define DEFINE_ACTION_STRING(__name, __bit, __index)   \
+   if (!(mask & __bit))                                \
+   {                                                   \
+      string_append(&result, " -" __name " \\\n");     \
+   }                                                   \
+   else if (add & __bit)                               \
+   {                                                   \
+      string_append(&result, " +" __name "{");         \
+      string_append(&result, action->string[__index]); \
+      string_append(&result, "} \\\n");                \
+   }
+
+#define DEFINE_ACTION_MULTI(__name, __index)         \
+   if (action->multi_remove_all[__index])            \
+   {                                                 \
+      string_append(&result, " -" __name " \\\n");   \
+   }                                                 \
+   else                                              \
+   {                                                 \
+      lst = action->multi_remove[__index]->first;    \
+      while (lst)                                    \
+      {                                              \
+         string_append(&result, " -" __name "{");    \
+         string_append(&result, lst->str);           \
+         string_append(&result, "} \\\n");           \
+         lst = lst->next;                            \
+      }                                              \
+   }                                                 \
+   lst = action->multi_add[__index]->first;          \
+   while (lst)                                       \
+   {                                                 \
+      string_append(&result, " +" __name "{");       \
+      string_append(&result, lst->str);              \
+      string_append(&result, "} \\\n");              \
+      lst = lst->next;                               \
+   }
+
+#define DEFINE_ACTION_ALIAS 0 /* No aliases for output */
+
+#include "actionlist.h"
+
+#undef DEFINE_ACTION_MULTI
+#undef DEFINE_ACTION_STRING
+#undef DEFINE_ACTION_BOOL
+#undef DEFINE_ACTION_ALIAS
+
+   return result;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  actions_to_html
+ *
+ * Description :  Converts a actionsfile entry from numeric form
+ *                ("mask" and "add") to a <br>-seperated HTML string
+ *                in which each action is linked to its chapter in
+ *                the user manual.
+ *
+ * Parameters  :
+ *          1  :  csp    = Client state (for config)
+ *          2  :  action = Action spec to be converted
+ *
+ * Returns     :  A string.  Caller must free it.
+ *                NULL on out-of-memory error.
+ *
+ *********************************************************************/
+char * actions_to_html(const struct client_state *csp,
+                       const struct action_spec *action)
+{
+   unsigned long mask = action->mask;
+   unsigned long add  = action->add;
+   char *result = strdup("");
+   struct list_entry * lst;
+
+   /* sanity - prevents "-feature +feature" */
+   mask |= add;
+
+
+#define DEFINE_ACTION_BOOL(__name, __bit)       \
+   if (!(mask & __bit))                         \
+   {                                            \
+      string_append(&result, "\n<br>-");        \
+      string_join(&result, add_help_link(__name, csp->config)); \
+   }                                            \
+   else if (add & __bit)                        \
+   {                                            \
+      string_append(&result, "\n<br>+");        \
+      string_join(&result, add_help_link(__name, csp->config)); \
+   }
+
+#define DEFINE_ACTION_STRING(__name, __bit, __index) \
+   if (!(mask & __bit))                              \
+   {                                                 \
+      string_append(&result, "\n<br>-");             \
+      string_join(&result, add_help_link(__name, csp->config)); \
+   }                                                 \
+   else if (add & __bit)                             \
+   {                                                 \
+      string_append(&result, "\n<br>+");             \
+      string_join(&result, add_help_link(__name, csp->config)); \
+      string_append(&result, "{");                   \
+      string_join(&result, html_encode(action->string[__index])); \
+      string_append(&result, "}");                   \
+   }
+
+#define DEFINE_ACTION_MULTI(__name, __index)          \
+   if (action->multi_remove_all[__index])             \
+   {                                                  \
+      string_append(&result, "\n<br>-");              \
+      string_join(&result, add_help_link(__name, csp->config)); \
+   }                                                  \
+   else                                               \
+   {                                                  \
+      lst = action->multi_remove[__index]->first;     \
+      while (lst)                                     \
+      {                                               \
+         string_append(&result, "\n<br>-");           \
+         string_join(&result, add_help_link(__name, csp->config)); \
+         string_append(&result, "{");                 \
+         string_join(&result, html_encode(lst->str)); \
+         string_append(&result, "}");                 \
+         lst = lst->next;                             \
+      }                                               \
+   }                                                  \
+   lst = action->multi_add[__index]->first;           \
+   while (lst)                                        \
+   {                                                  \
+      string_append(&result, "\n<br>+");              \
+      string_join(&result, add_help_link(__name, csp->config)); \
+      string_append(&result, "{");                    \
+      string_join(&result, html_encode(lst->str));    \
+      string_append(&result, "}");                    \
+      lst = lst->next;                                \
+   }
+
+#define DEFINE_ACTION_ALIAS 0 /* No aliases for output */
+
+#include "actionlist.h"
+
+#undef DEFINE_ACTION_MULTI
+#undef DEFINE_ACTION_STRING
+#undef DEFINE_ACTION_BOOL
+#undef DEFINE_ACTION_ALIAS
+
+   /* trim leading <br> */
+   if (result && *result)
+   {
+      char * s = result;
+      result = strdup(result + 5);
+      free(s);
+   }
+
+   return result;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  current_actions_to_html
+ *
+ * Description :  Converts a curren action spec to a <br> seperated HTML
+ *                text in which each action is linked to its chapter in
+ *                the user manual.
+ *
+ * Parameters  :
+ *          1  :  csp    = Client state (for config) 
+ *          2  :  action = Current action spec to be converted
+ *
+ * Returns     :  A string.  Caller must free it.
+ *                NULL on out-of-memory error.
+ *
+ *********************************************************************/
+char *current_action_to_html(const struct client_state *csp,
+                             const struct current_action_spec *action)
+{
+   unsigned long flags  = action->flags;
+   struct list_entry * lst;
+   char *result   = strdup("");
+   char *active   = strdup("");
+   char *inactive = strdup("");
+
+#define DEFINE_ACTION_BOOL(__name, __bit)  \
+   if (flags & __bit)                      \
+   {                                       \
+      string_append(&active, "\n<br>+");   \
+      string_join(&active, add_help_link(__name, csp->config)); \
+   }                                       \
+   else                                    \
+   {                                       \
+      string_append(&inactive, "\n<br>-"); \
+      string_join(&inactive, add_help_link(__name, csp->config)); \
+   }
+
+#define DEFINE_ACTION_STRING(__name, __bit, __index)   \
+   if (flags & __bit)                                  \
+   {                                                   \
+      string_append(&active, "\n<br>+");               \
+      string_join(&active, add_help_link(__name, csp->config)); \
+      string_append(&active, "{");                     \
+      string_join(&active, html_encode(action->string[__index])); \
+      string_append(&active, "}");                     \
+   }                                                   \
+   else                                                \
+   {                                                   \
+      string_append(&inactive, "\n<br>-");             \
+      string_join(&inactive, add_help_link(__name, csp->config)); \
+   }
+
+#define DEFINE_ACTION_MULTI(__name, __index)           \
+   lst = action->multi[__index]->first;                \
+   if (lst == NULL)                                    \
+   {                                                   \
+      string_append(&inactive, "\n<br>-");             \
+      string_join(&inactive, add_help_link(__name, csp->config)); \
+   }                                                   \
+   else                                                \
+   {                                                   \
+      while (lst)                                      \
+      {                                                \
+         string_append(&active, "\n<br>+");            \
+         string_join(&active, add_help_link(__name, csp->config)); \
+         string_append(&active, "{");                  \
+         string_join(&active, html_encode(lst->str));  \
+         string_append(&active, "}");                  \
+         lst = lst->next;                              \
+      }                                                \
+   }
+
+#define DEFINE_ACTION_ALIAS 0 /* No aliases for output */
+
+#include "actionlist.h"
+
+#undef DEFINE_ACTION_MULTI
+#undef DEFINE_ACTION_STRING
+#undef DEFINE_ACTION_BOOL
+#undef DEFINE_ACTION_ALIAS
+
+   if (active != NULL)
+   {
+      string_append(&result, active);
+      freez(active);
+   }
+   string_append(&result, "\n<br>");
+   if (inactive != NULL)
+   {
+      string_append(&result, inactive);
+      freez(inactive);
+   }
+   return result;
+}
diff --git a/external/privoxy/actions.h b/external/privoxy/actions.h
new file mode 100644
index 0000000..733a853
--- /dev/null
+++ b/external/privoxy/actions.h
@@ -0,0 +1,187 @@
+#ifndef ACTIONS_H_INCLUDED
+#define ACTIONS_H_INCLUDED
+#define ACTIONS_H_VERSION "$Id: actions.h,v 1.18 2008/03/30 14:52:00 fabiankeil Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/actions.h,v $
+ *
+ * Purpose     :  Declares functions to work with actions files
+ *                Functions declared include: FIXME
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2007 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: actions.h,v $
+ *    Revision 1.18  2008/03/30 14:52:00  fabiankeil
+ *    Rename load_actions_file() and load_re_filterfile()
+ *    as they load multiple files "now".
+ *
+ *    Revision 1.17  2008/01/28 20:17:40  fabiankeil
+ *    - Mark some parameters as immutable.
+ *    - Hide update_action_bits_for_all_tags() while it's unused.
+ *
+ *    Revision 1.16  2007/04/17 18:21:45  fabiankeil
+ *    Split update_action_bits() into
+ *    update_action_bits_for_all_tags()
+ *    and update_action_bits_for_tag().
+ *
+ *    Revision 1.15  2007/04/15 16:39:20  fabiankeil
+ *    Introduce tags as alternative way to specify which
+ *    actions apply to a request. At the moment tags can be
+ *    created based on client and server headers.
+ *
+ *    Revision 1.14  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.12  2002/05/06 07:56:50  oes
+ *    Made actions_to_html independent of FEATURE_CGI_EDIT_ACTIONS
+ *
+ *    Revision 1.11  2002/04/30 11:14:52  oes
+ *    Made csp the first parameter in *action_to_html
+ *
+ *    Revision 1.10  2002/04/26 12:53:33  oes
+ *     -  actions_to_html signature change
+ *     -  current_action_to_text: renamed to current_action_to_html
+ *        and signature change
+ *
+ *    Revision 1.9  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.8  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.7  2002/03/16 23:54:06  jongfoster
+ *    Adding graceful termination feature, to help look for memory leaks.
+ *    If you enable this (which, by design, has to be done by hand
+ *    editing config.h) and then go to http://i.j.b/die, then the program
+ *    will exit cleanly after the *next* request.  It should free all the
+ *    memory that was used.
+ *
+ *    Revision 1.6  2001/10/23 21:30:30  jongfoster
+ *    Adding error-checking to selected functions.
+ *
+ *    Revision 1.5  2001/10/14 21:58:22  jongfoster
+ *    Adding support for the CGI-based editor:
+ *    - Exported get_actions()
+ *    - Added new function free_alias_list()
+ *    - Added support for {{settings}} and {{description}} blocks
+ *      in the actions file.  They are currently ignored.
+ *    - Added restriction to only one {{alias}} block which must appear
+ *      first in the file, to simplify the editor's rewriting rules.
+ *    - Note that load_actions_file() is no longer used by the CGI-based
+ *      editor, but some of the other routines in this file are.
+ *
+ *    Revision 1.4  2001/09/16 15:47:37  jongfoster
+ *    First version of CGI-based edit interface.  This is very much a
+ *    work-in-progress, and you can't actually use it to edit anything
+ *    yet.  You must #define FEATURE_CGI_EDIT_ACTIONS for these changes
+ *    to have any effect.
+ *
+ *    Revision 1.3  2001/09/14 00:17:32  jongfoster
+ *    Tidying up memory allocation. New function init_action().
+ *
+ *    Revision 1.2  2001/07/29 19:01:11  jongfoster
+ *    Changed _FILENAME_H to FILENAME_H_INCLUDED.
+ *    Added forward declarations for needed structures.
+ *
+ *    Revision 1.1  2001/05/31 21:16:46  jongfoster
+ *    Moved functions to process the action list into this new file.
+ *
+ *
+ *********************************************************************/
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+struct action_spec;
+struct current_action_spec;
+struct client_state;
+
+
+
+/* This structure is used to hold user-defined aliases */
+struct action_alias
+{
+   const char * name;
+   struct action_spec action[1];
+   struct action_alias * next;
+};
+
+
+extern jb_err get_actions (char *line, 
+                           struct action_alias * alias_list,
+                           struct action_spec *cur_action);
+extern void free_alias_list(struct action_alias *alias_list);
+
+extern void init_action(struct action_spec *dest);
+extern void free_action(struct action_spec *src);
+extern jb_err merge_actions (struct action_spec *dest, 
+                             const struct action_spec *src);
+#if 0
+extern int update_action_bits_for_all_tags(struct client_state *csp);
+#endif
+extern int update_action_bits_for_tag(struct client_state *csp, const char *tag);
+extern jb_err copy_action (struct action_spec *dest, 
+                           const struct action_spec *src);
+extern char * actions_to_text     (const struct action_spec *action);
+extern char * actions_to_html     (const struct client_state *csp,
+                                   const struct action_spec *action);
+extern void init_current_action     (struct current_action_spec *dest);
+extern void free_current_action     (struct current_action_spec *src);
+extern jb_err merge_current_action  (struct current_action_spec *dest, 
+                                     const struct action_spec *src);
+extern char * current_action_to_html(const struct client_state *csp,
+                                     const struct current_action_spec *action);
+
+extern jb_err get_action_token(char **line, char **name, char **value);
+extern void unload_actions_file(void *file_data);
+extern int load_action_files(struct client_state *csp);
+
+#ifdef FEATURE_GRACEFUL_TERMINATION
+void unload_current_actions_file(void);
+#endif
+
+
+/* Revision control strings from this header and associated .c file */
+extern const char actions_rcs[];
+extern const char actions_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef ACTIONS_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
+
diff --git a/external/privoxy/amiga.c b/external/privoxy/amiga.c
new file mode 100644
index 0000000..68193fb
--- /dev/null
+++ b/external/privoxy/amiga.c
@@ -0,0 +1,341 @@
+const char amiga_rcs[] = "$Id: amiga.c,v 1.12 2007/01/07 07:40:52 joergs Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/amiga.c,v $
+ *
+ * Purpose     :  Amiga-specific declarations.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: amiga.c,v $
+ *    Revision 1.12  2007/01/07 07:40:52  joergs
+ *    Added AmigaOS4 support and made it work on AmigaOS 3.x with current sources.
+ *
+ *    Revision 1.11  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.9  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.8  2002/03/25 19:32:15  joergs
+ *    Name in version string changed from junkbuster to Privoxy.
+ *
+ *    Revision 1.7  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.6  2002/03/09 20:03:52  jongfoster
+ *    - Making various functions return int rather than size_t.
+ *      (Undoing a recent change).  Since size_t is unsigned on
+ *      Windows, functions like read_socket that return -1 on
+ *      error cannot return a size_t.
+ *
+ *      THIS WAS A MAJOR BUG - it caused frequent, unpredictable
+ *      crashes, and also frequently caused JB to jump to 100%
+ *      CPU and stay there.  (Because it thought it had just
+ *      read ((unsigned)-1) == 4Gb of data...)
+ *
+ *    - The signature of write_socket has changed, it now simply
+ *      returns success=0/failure=nonzero.
+ *
+ *    - Trying to get rid of a few warnings --with-debug on
+ *      Windows, I've introduced a new type "jb_socket".  This is
+ *      used for the socket file descriptors.  On Windows, this
+ *      is SOCKET (a typedef for unsigned).  Everywhere else, it's
+ *      an int.  The error value can't be -1 any more, so it's
+ *      now JB_INVALID_SOCKET (which is -1 on UNIX, and in
+ *      Windows it maps to the #define INVALID_SOCKET.)
+ *
+ *    - The signature of bind_port has changed.
+ *
+ *    Revision 1.5  2002/03/03 09:18:03  joergs
+ *    Made jumbjuster work on AmigaOS again.
+ *
+ *    Revision 1.4  2001/10/07 15:35:13  oes
+ *    Replaced 6 boolean members of csp with one bitmap (csp->flags)
+ *
+ *    Revision 1.3  2001/09/12 22:54:51  joergs
+ *    Stacksize of main thread increased.
+ *
+ *    Revision 1.2  2001/05/23 00:13:58  joergs
+ *    AmigaOS support fixed.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:46  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+#ifdef AMIGA
+
+#include <stdio.h>
+#include <signal.h>
+
+#include "project.h"
+
+const char amiga_h_rcs[] = AMIGA_H_VERSION;
+
+static char *ver USED = "$VER: Privoxy " __AMIGAVERSION__ " (" __AMIGADATE__ ")";
+#ifdef __amigaos4__
+static char *stack USED = "$STACK: 524288";
+#else
+unsigned long __stack = 100*1024;
+#endif
+struct Task *main_task = NULL;
+int childs = 0;
+
+void serve(struct client_state *csp);
+
+SAVEDS ULONG server_thread(void)
+{
+   struct client_state *local_csp;
+   struct UserData UserData;
+   struct Task *me=FindTask(NULL);
+#ifdef __amigaos4__
+   struct Library *SocketBase;
+#endif
+
+   Wait(SIGF_SINGLE);
+   local_csp=(struct client_state *)(me->tc_UserData);
+   me->tc_UserData=&UserData;
+   SocketBase=(APTR)OpenLibrary("bsdsocket.library",3);
+   if (SocketBase)
+#ifdef __amigaos4__
+   {
+      ISocket = (struct SocketIFace *)GetInterface(SocketBase, "main", 1, NULL);
+   }
+   if (ISocket)
+#endif
+   {
+      SetErrnoPtr(&(UserData.eno),sizeof(int));
+      local_csp->cfd=ObtainSocket(local_csp->cfd, AF_INET, SOCK_STREAM, 0);
+      if(JB_INVALID_SOCKET!=local_csp->cfd)
+      {
+         Signal(main_task,SIGF_SINGLE);
+         serve((struct client_state *) local_csp);
+      } else {
+         local_csp->flags &= ~CSP_FLAG_ACTIVE;
+         Signal(main_task,SIGF_SINGLE);
+      }
+#ifdef __amigaos4__
+      DropInterface((struct Interface *)ISocket);
+#endif
+      CloseLibrary(SocketBase);
+   } else {
+#ifdef __amigaos4__
+      CloseLibrary(SocketBase);
+#endif
+      local_csp->flags &= ~CSP_FLAG_ACTIVE;
+      Signal(main_task,SIGF_SINGLE);
+   }
+   childs--;
+   return 0;
+}
+
+static BPTR olddir;
+
+void amiga_exit(void)
+{
+#ifdef __amigaos4__
+   if (ISocket)
+#else
+   if (SocketBase)
+#endif
+   {
+#ifdef __amigaos4__
+      struct Library *SocketBase = ISocket->Data.LibBase;
+      DropInterface((struct Interface *)ISocket);
+#endif
+      CloseLibrary(SocketBase);
+   }
+   CurrentDir(olddir);
+}
+
+#ifndef __amigaos4__
+static struct SignalSemaphore memsem;
+static struct SignalSemaphore *memsemptr = NULL;
+#endif
+static struct UserData GlobalUserData;
+
+void InitAmiga(void)
+{
+#ifdef __amigaos4__
+   struct Library *SocketBase;
+#endif
+
+   main_task = FindTask(NULL);
+   main_task->tc_UserData = &GlobalUserData;
+
+   if (((struct Library *)SysBase)->lib_Version < 39)
+   {
+      exit(RETURN_FAIL);
+   }
+
+   signal(SIGINT,SIG_IGN);
+   SocketBase = (APTR)OpenLibrary("bsdsocket.library",3);
+#ifdef __amigaos4__
+   if (SocketBase)
+   {
+      ISocket = (struct SocketIFace *)GetInterface(SocketBase, "main", 1, NULL);
+   }
+   if (!ISocket)
+#else
+   if (!SocketBase)
+#endif
+   {
+#ifdef __amigaos4__
+      CloseLibrary(SocketBase);
+#endif
+      fprintf(stderr, "Can't open bsdsocket.library V3+\n");
+      exit(RETURN_ERROR);
+   }
+   SetErrnoPtr(&(GlobalUserData.eno),sizeof(int));
+#ifndef __amigaos4__
+   InitSemaphore(&memsem);
+   memsemptr = &memsem;
+#endif
+
+   olddir=CurrentDir(GetProgramDir());
+   atexit(amiga_exit);
+}
+
+#ifndef __amigaos4__
+#ifdef __GNUC__
+#ifdef libnix
+/* multithreadingsafe libnix replacements */
+static void *memPool=NULL;
+
+void *malloc (size_t s)
+{
+   ULONG *mem;
+   LONG size = s;
+
+   if (size<=0)
+   {
+      return NULL;
+   }
+   if (!memPool)
+   {
+      if (!(memPool=CreatePool(MEMF_ANY,32*1024,8*1024)))
+      {
+         return NULL;
+      }
+   }
+   size += sizeof(ULONG) + MEM_BLOCKMASK;
+   size &= ~MEM_BLOCKMASK;
+   if (memsemptr)
+   {
+      ObtainSemaphore(memsemptr);
+   }
+   if ((mem=AllocPooled(memPool,size)))
+   {
+      *mem++=size;
+   }
+   if (memsemptr)
+   {
+      ReleaseSemaphore(memsemptr);
+   }
+   return mem;
+}
+
+void free (void *m)
+{
+   ULONG *mem = m;
+
+   if(mem && memPool)
+   {
+      ULONG size=*--mem;
+
+      if (memsemptr)
+      {
+         ObtainSemaphore(memsemptr);
+      }
+      FreePooled(memPool,mem,size);
+      if (memsemptr)
+      {
+         ReleaseSemaphore(memsemptr);
+      }
+   }
+}
+
+void *realloc (void *old, size_t ns)
+{
+   void *new;
+   LONG osize, *o = old;
+   LONG nsize = ns;
+
+   if (!old)
+   {
+      return malloc(nsize);
+   }
+   osize = (*(o-1)) - sizeof(ULONG);
+   if (nsize <= osize)
+   {
+      return old;
+   }
+   if ((new = malloc(nsize)))
+   {
+      ULONG *n = new;
+
+      osize >>= 2;
+      while(osize--)
+      {
+         *n++ = *o++;
+      }
+      free(old);
+   }
+   return new;
+}
+
+void __memCleanUp (void)
+{
+   if (memsemptr)
+   {
+      ObtainSemaphore(memsemptr);
+   }
+   if (memPool)
+   {
+      DeletePool(memPool);
+   }
+   if (memsemptr)
+   {
+      ReleaseSemaphore(memsemptr);
+   }
+}
+
+#define ADD2LIST(a,b,c) asm(".stabs \"_" #b "\"," #c ",0,0,_" #a )
+#define ADD2EXIT(a,pri) ADD2LIST(a,__EXIT_LIST__,22); \
+                        asm(".stabs \"___EXIT_LIST__\",20,0,0," #pri "+128")
+ADD2EXIT(__memCleanUp,-50);
+#elif !defined(ixemul)
+#error No libnix and no ixemul!?
+#endif /* libnix */
+#else
+#error Only GCC is supported, multithreading safe malloc/free required.
+#endif /* __GNUC__ */
+#endif /* !__amigaos4__ */
+
+#endif /* def AMIGA */
diff --git a/external/privoxy/amiga.h b/external/privoxy/amiga.h
new file mode 100644
index 0000000..43ebda6
--- /dev/null
+++ b/external/privoxy/amiga.h
@@ -0,0 +1,176 @@
+#ifdef AMIGA
+#ifndef AMIGA_H_INCLUDED
+#define AMIGA_H_INCLUDED
+#define AMIGA_H_VERSION "$Id: amiga.h,v 1.12 2007/01/07 07:40:52 joergs Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/amiga.h,v $
+ *
+ * Purpose     :  Amiga-specific declarations.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: amiga.h,v $
+ *    Revision 1.12  2007/01/07 07:40:52  joergs
+ *    Added AmigaOS4 support and made it work on AmigaOS 3.x with current sources.
+ *
+ *    Revision 1.11  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.9  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.8  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.7  2002/03/03 09:18:03  joergs
+ *    Made jumbjuster work on AmigaOS again.
+ *
+ *    Revision 1.6  2001/10/13 12:46:08  joergs
+ *    Added #undef EINTR to avoid warnings
+ *
+ *    Revision 1.5  2001/07/29 18:43:08  jongfoster
+ *    Changing #ifdef _FILENAME_H to FILENAME_H_INCLUDED, to conform to
+ *    ANSI C rules.
+ *
+ *    Revision 1.4  2001/05/29 20:05:06  joergs
+ *    Fixed exit() macro not exiting if called before InitAmiga()
+ *    (junkbuster --help and --version).
+ *
+ *    Revision 1.3  2001/05/25 21:53:27  jongfoster
+ *    Fixing indentation
+ *
+ *    Revision 1.2  2001/05/23 00:13:58  joergs
+ *    AmigaOS support fixed.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:46  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#define _KERNEL
+#include <sys/socket.h>
+#undef _KERNEL
+
+#define __NOLIBBASE__
+#define __NOGLOBALIFACE__
+#include <proto/socket.h>
+#undef __NOLIBBASE__
+#undef __NOGLOBALIFACE__
+
+#define __CONSTLIBBASEDECL__ const
+#include <proto/exec.h>
+#include <exec/tasks.h>
+#include <proto/dos.h>
+#include <dos/dostags.h>
+
+struct UserData
+{
+#ifdef __amigaos4__
+   struct SocketIFace *si;
+#else
+   struct Library *sb;
+#endif
+   int eno;
+};
+
+#ifdef __amigaos4__
+#define ISocket (((struct UserData *)(FindTask(NULL)->tc_UserData))->si)
+#undef errno
+#else
+#define SocketBase ((struct Library *)(((struct UserData *)(FindTask(NULL)->tc_UserData))->sb))
+#endif
+#define errno (((struct UserData *)(FindTask(NULL)->tc_UserData))->eno)
+#define select(a,b,c,d,e) WaitSelect(a,b,c,d,e,NULL)
+#define inet_ntoa(x) Inet_NtoA(x.s_addr)
+
+extern int childs;
+extern struct Task *main_task;
+
+void InitAmiga(void);
+void amiga_exit(void);
+void __memCleanUp(void);
+SAVEDS ULONG server_thread(void);
+
+#ifdef __amigaos4__
+#define exit(x)                                             \
+{                                                           \
+   if(main_task)                                            \
+   {                                                        \
+      if(main_task == FindTask(NULL))                       \
+      {                                                     \
+         while(childs) Delay(10*TICKS_PER_SECOND); exit(x); \
+      }                                                     \
+      else                                                  \
+      {                                                     \
+         if (ISocket)                                       \
+         {                                                  \
+             struct Library *sb = ISocket->Data.LibBase;    \
+             DropInterface((struct Interface *)ISocket);    \
+             CloseLibrary(sb);                              \
+         }                                                  \
+         childs--;                                          \
+         RemTask(NULL);                                     \
+      }                                                     \
+   }                                                        \
+   else                                                     \
+   {                                                        \
+      exit(x);                                              \
+   }                                                        \
+}
+#else
+#define exit(x)                                             \
+{                                                           \
+   if(main_task)                                            \
+   {                                                        \
+      if(main_task == FindTask(NULL))                       \
+      {                                                     \
+         while(childs) Delay(10*TICKS_PER_SECOND); exit(x); \
+      }                                                     \
+      else                                                  \
+      {                                                     \
+         CloseLibrary(SocketBase);                          \
+         childs--;                                          \
+         RemTask(NULL);                                     \
+      }                                                     \
+   }                                                        \
+   else                                                     \
+   {                                                        \
+      exit(x);                                              \
+   }                                                        \
+}
+
+#undef HAVE_RANDOM
+#define h_errno 0
+#define HAVE_TIMEGM
+#define timegm(tm) mktime(tm)
+#endif /* __amigaos4__ */
+
+#undef EINTR
+#define EINTR 0
+
+#endif /* ndef AMIGA_H_INCLUDED */
+#endif /* def AMIGA */
diff --git a/external/privoxy/autom4te.cache/output.0 b/external/privoxy/autom4te.cache/output.0
new file mode 100644
index 0000000..e8eab94
--- /dev/null
+++ b/external/privoxy/autom4te.cache/output.0
@@ -0,0 +1,7543 @@
+@%:@! /bin/sh
+@%:@ From configure.in Revision: 1.126 .
+@%:@ Guess values for system-dependent variables and create Makefiles.
+@%:@ Generated by GNU Autoconf 2.68.
+@%:@ 
+@%:@ 
+@%:@ Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
+@%:@ 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software
+@%:@ Foundation, Inc.
+@%:@ 
+@%:@ 
+@%:@ This configure script is free software; the Free Software Foundation
+@%:@ gives unlimited permission to copy, distribute and modify it.
+## -------------------- ##
+## M4sh Initialization. ##
+## -------------------- ##
+
+# Be more Bourne compatible
+DUALCASE=1; export DUALCASE # for MKS sh
+if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then :
+  emulate sh
+  NULLCMD=:
+  # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+  # is contrary to our usage.  Disable this feature.
+  alias -g '${1+"$@"}'='"$@"'
+  setopt NO_GLOB_SUBST
+else
+  case `(set -o) 2>/dev/null` in @%:@(
+  *posix*) :
+    set -o posix ;; @%:@(
+  *) :
+     ;;
+esac
+fi
+
+
+as_nl='
+'
+export as_nl
+# Printing a long string crashes Solaris 7 /usr/bin/printf.
+as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo
+as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo
+# Prefer a ksh shell builtin over an external printf program on Solaris,
+# but without wasting forks for bash or zsh.
+if test -z "$BASH_VERSION$ZSH_VERSION" \
+    && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then
+  as_echo='print -r --'
+  as_echo_n='print -rn --'
+elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then
+  as_echo='printf %s\n'
+  as_echo_n='printf %s'
+else
+  if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then
+    as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"'
+    as_echo_n='/usr/ucb/echo -n'
+  else
+    as_echo_body='eval expr "X$1" : "X\\(.*\\)"'
+    as_echo_n_body='eval
+      arg=$1;
+      case $arg in @%:@(
+      *"$as_nl"*)
+	expr "X$arg" : "X\\(.*\\)$as_nl";
+	arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;;
+      esac;
+      expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl"
+    '
+    export as_echo_n_body
+    as_echo_n='sh -c $as_echo_n_body as_echo'
+  fi
+  export as_echo_body
+  as_echo='sh -c $as_echo_body as_echo'
+fi
+
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+  PATH_SEPARATOR=:
+  (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
+    (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
+      PATH_SEPARATOR=';'
+  }
+fi
+
+
+# IFS
+# We need space, tab and new line, in precisely that order.  Quoting is
+# there to prevent editors from complaining about space-tab.
+# (If _AS_PATH_WALK were called with IFS unset, it would disable word
+# splitting by setting IFS to empty value.)
+IFS=" ""	$as_nl"
+
+# Find who we are.  Look in the path if we contain no directory separator.
+as_myself=
+case $0 in @%:@((
+  *[\\/]* ) as_myself=$0 ;;
+  *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
+  done
+IFS=$as_save_IFS
+
+     ;;
+esac
+# We did not find ourselves, most probably we were run as `sh COMMAND'
+# in which case we are not to be found in the path.
+if test "x$as_myself" = x; then
+  as_myself=$0
+fi
+if test ! -f "$as_myself"; then
+  $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
+  exit 1
+fi
+
+# Unset variables that we do not need and which cause bugs (e.g. in
+# pre-3.0 UWIN ksh).  But do not cause bugs in bash 2.01; the "|| exit 1"
+# suppresses any "Segmentation fault" message there.  '((' could
+# trigger a bug in pdksh 5.2.14.
+for as_var in BASH_ENV ENV MAIL MAILPATH
+do eval test x\${$as_var+set} = xset \
+  && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || :
+done
+PS1='$ '
+PS2='> '
+PS4='+ '
+
+# NLS nuisances.
+LC_ALL=C
+export LC_ALL
+LANGUAGE=C
+export LANGUAGE
+
+# CDPATH.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+if test "x$CONFIG_SHELL" = x; then
+  as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then :
+  emulate sh
+  NULLCMD=:
+  # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which
+  # is contrary to our usage.  Disable this feature.
+  alias -g '\${1+\"\$@\"}'='\"\$@\"'
+  setopt NO_GLOB_SUBST
+else
+  case \`(set -o) 2>/dev/null\` in @%:@(
+  *posix*) :
+    set -o posix ;; @%:@(
+  *) :
+     ;;
+esac
+fi
+"
+  as_required="as_fn_return () { (exit \$1); }
+as_fn_success () { as_fn_return 0; }
+as_fn_failure () { as_fn_return 1; }
+as_fn_ret_success () { return 0; }
+as_fn_ret_failure () { return 1; }
+
+exitcode=0
+as_fn_success || { exitcode=1; echo as_fn_success failed.; }
+as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; }
+as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; }
+as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; }
+if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then :
+  
+else
+  exitcode=1; echo positional parameters were not saved.
+fi
+test x\$exitcode = x0 || exit 1"
+  as_suggested="  as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO
+  as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO
+  eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" &&
+  test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1
+test \$(( 1 + 1 )) = 2 || exit 1"
+  if (eval "$as_required") 2>/dev/null; then :
+  as_have_required=yes
+else
+  as_have_required=no
+fi
+  if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then :
+  
+else
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+as_found=false
+for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+  as_found=:
+  case $as_dir in @%:@(
+	 /*)
+	   for as_base in sh bash ksh sh5; do
+	     # Try only shells that exist, to save several forks.
+	     as_shell=$as_dir/$as_base
+	     if { test -f "$as_shell" || test -f "$as_shell.exe"; } &&
+		    { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then :
+  CONFIG_SHELL=$as_shell as_have_required=yes
+		   if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then :
+  break 2
+fi
+fi
+	   done;;
+       esac
+  as_found=false
+done
+$as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } &&
+	      { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then :
+  CONFIG_SHELL=$SHELL as_have_required=yes
+fi; }
+IFS=$as_save_IFS
+
+
+      if test "x$CONFIG_SHELL" != x; then :
+  # We cannot yet assume a decent shell, so we have to provide a
+	# neutralization value for shells without unset; and this also
+	# works around shells that cannot unset nonexistent variables.
+	# Preserve -v and -x to the replacement shell.
+	BASH_ENV=/dev/null
+	ENV=/dev/null
+	(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV
+	export CONFIG_SHELL
+	case $- in @%:@ ((((
+	  *v*x* | *x*v* ) as_opts=-vx ;;
+	  *v* ) as_opts=-v ;;
+	  *x* ) as_opts=-x ;;
+	  * ) as_opts= ;;
+	esac
+	exec "$CONFIG_SHELL" $as_opts "$as_myself" ${1+"$@"}
+fi
+
+    if test x$as_have_required = xno; then :
+  $as_echo "$0: This script requires a shell more modern than all"
+  $as_echo "$0: the shells that I found on your system."
+  if test x${ZSH_VERSION+set} = xset ; then
+    $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should"
+    $as_echo "$0: be upgraded to zsh 4.3.4 or later."
+  else
+    $as_echo "$0: Please tell bug-autoconf at gnu.org about your system,
+$0: including any error possibly output before this
+$0: message. Then install a modern shell, or manually run
+$0: the script under such a shell if you do have one."
+  fi
+  exit 1
+fi
+fi
+fi
+SHELL=${CONFIG_SHELL-/bin/sh}
+export SHELL
+# Unset more variables known to interfere with behavior of common tools.
+CLICOLOR_FORCE= GREP_OPTIONS=
+unset CLICOLOR_FORCE GREP_OPTIONS
+
+## --------------------- ##
+## M4sh Shell Functions. ##
+## --------------------- ##
+@%:@ as_fn_unset VAR
+@%:@ ---------------
+@%:@ Portably unset VAR.
+as_fn_unset ()
+{
+  { eval $1=; unset $1;}
+}
+as_unset=as_fn_unset
+
+@%:@ as_fn_set_status STATUS
+@%:@ -----------------------
+@%:@ Set @S|@? to STATUS, without forking.
+as_fn_set_status ()
+{
+  return $1
+} @%:@ as_fn_set_status
+
+@%:@ as_fn_exit STATUS
+@%:@ -----------------
+@%:@ Exit the shell with STATUS, even in a "trap 0" or "set -e" context.
+as_fn_exit ()
+{
+  set +e
+  as_fn_set_status $1
+  exit $1
+} @%:@ as_fn_exit
+
+@%:@ as_fn_mkdir_p
+@%:@ -------------
+@%:@ Create "@S|@as_dir" as a directory, including parents if necessary.
+as_fn_mkdir_p ()
+{
+
+  case $as_dir in #(
+  -*) as_dir=./$as_dir;;
+  esac
+  test -d "$as_dir" || eval $as_mkdir_p || {
+    as_dirs=
+    while :; do
+      case $as_dir in #(
+      *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'(
+      *) as_qdir=$as_dir;;
+      esac
+      as_dirs="'$as_qdir' $as_dirs"
+      as_dir=`$as_dirname -- "$as_dir" ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+	 X"$as_dir" : 'X\(//\)[^/]' \| \
+	 X"$as_dir" : 'X\(//\)$' \| \
+	 X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$as_dir" |
+    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)[^/].*/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+      test -d "$as_dir" && break
+    done
+    test -z "$as_dirs" || eval "mkdir $as_dirs"
+  } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir"
+
+
+} @%:@ as_fn_mkdir_p
+@%:@ as_fn_append VAR VALUE
+@%:@ ----------------------
+@%:@ Append the text in VALUE to the end of the definition contained in VAR. Take
+@%:@ advantage of any shell optimizations that allow amortized linear growth over
+@%:@ repeated appends, instead of the typical quadratic growth present in naive
+@%:@ implementations.
+if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then :
+  eval 'as_fn_append ()
+  {
+    eval $1+=\$2
+  }'
+else
+  as_fn_append ()
+  {
+    eval $1=\$$1\$2
+  }
+fi # as_fn_append
+
+@%:@ as_fn_arith ARG...
+@%:@ ------------------
+@%:@ Perform arithmetic evaluation on the ARGs, and store the result in the
+@%:@ global @S|@as_val. Take advantage of shells that can avoid forks. The arguments
+@%:@ must be portable across @S|@(()) and expr.
+if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then :
+  eval 'as_fn_arith ()
+  {
+    as_val=$(( $* ))
+  }'
+else
+  as_fn_arith ()
+  {
+    as_val=`expr "$@" || test $? -eq 1`
+  }
+fi # as_fn_arith
+
+
+@%:@ as_fn_error STATUS ERROR [LINENO LOG_FD]
+@%:@ ----------------------------------------
+@%:@ Output "`basename @S|@0`: error: ERROR" to stderr. If LINENO and LOG_FD are
+@%:@ provided, also output the error to LOG_FD, referencing LINENO. Then exit the
+@%:@ script with STATUS, using 1 if that was 0.
+as_fn_error ()
+{
+  as_status=$1; test $as_status -eq 0 && as_status=1
+  if test "$4"; then
+    as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+    $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4
+  fi
+  $as_echo "$as_me: error: $2" >&2
+  as_fn_exit $as_status
+} @%:@ as_fn_error
+
+if expr a : '\(a\)' >/dev/null 2>&1 &&
+   test "X`expr 00001 : '.*\(...\)'`" = X001; then
+  as_expr=expr
+else
+  as_expr=false
+fi
+
+if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
+  as_basename=basename
+else
+  as_basename=false
+fi
+
+if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
+  as_dirname=dirname
+else
+  as_dirname=false
+fi
+
+as_me=`$as_basename -- "$0" ||
+$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
+	 X"$0" : 'X\(//\)$' \| \
+	 X"$0" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X/"$0" |
+    sed '/^.*\/\([^/][^/]*\)\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\/\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\/\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+
+# Avoid depending upon Character Ranges.
+as_cr_letters='abcdefghijklmnopqrstuvwxyz'
+as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
+as_cr_Letters=$as_cr_letters$as_cr_LETTERS
+as_cr_digits='0123456789'
+as_cr_alnum=$as_cr_Letters$as_cr_digits
+
+
+  as_lineno_1=$LINENO as_lineno_1a=$LINENO
+  as_lineno_2=$LINENO as_lineno_2a=$LINENO
+  eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" &&
+  test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || {
+  # Blame Lee E. McMahon (1931-1989) for sed's syntax.  :-)
+  sed -n '
+    p
+    /[$]LINENO/=
+  ' <$as_myself |
+    sed '
+      s/[$]LINENO.*/&-/
+      t lineno
+      b
+      :lineno
+      N
+      :loop
+      s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/
+      t loop
+      s/-\n.*//
+    ' >$as_me.lineno &&
+  chmod +x "$as_me.lineno" ||
+    { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; }
+
+  # Don't try to exec as it changes $[0], causing all sort of problems
+  # (the dirname of $[0] is not the place where we might find the
+  # original and so on.  Autoconf is especially sensitive to this).
+  . "./$as_me.lineno"
+  # Exit status is that of the last command.
+  exit
+}
+
+ECHO_C= ECHO_N= ECHO_T=
+case `echo -n x` in @%:@(((((
+-n*)
+  case `echo 'xy\c'` in
+  *c*) ECHO_T='	';;	# ECHO_T is single tab character.
+  xy)  ECHO_C='\c';;
+  *)   echo `echo ksh88 bug on AIX 6.1` > /dev/null
+       ECHO_T='	';;
+  esac;;
+*)
+  ECHO_N='-n';;
+esac
+
+rm -f conf$$ conf$$.exe conf$$.file
+if test -d conf$$.dir; then
+  rm -f conf$$.dir/conf$$.file
+else
+  rm -f conf$$.dir
+  mkdir conf$$.dir 2>/dev/null
+fi
+if (echo >conf$$.file) 2>/dev/null; then
+  if ln -s conf$$.file conf$$ 2>/dev/null; then
+    as_ln_s='ln -s'
+    # ... but there are two gotchas:
+    # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
+    # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
+    # In both cases, we have to default to `cp -p'.
+    ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
+      as_ln_s='cp -p'
+  elif ln conf$$.file conf$$ 2>/dev/null; then
+    as_ln_s=ln
+  else
+    as_ln_s='cp -p'
+  fi
+else
+  as_ln_s='cp -p'
+fi
+rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
+rmdir conf$$.dir 2>/dev/null
+
+if mkdir -p . 2>/dev/null; then
+  as_mkdir_p='mkdir -p "$as_dir"'
+else
+  test -d ./-p && rmdir ./-p
+  as_mkdir_p=false
+fi
+
+if test -x / >/dev/null 2>&1; then
+  as_test_x='test -x'
+else
+  if ls -dL / >/dev/null 2>&1; then
+    as_ls_L_option=L
+  else
+    as_ls_L_option=
+  fi
+  as_test_x='
+    eval sh -c '\''
+      if test -d "$1"; then
+	test -d "$1/.";
+      else
+	case $1 in @%:@(
+	-*)set "./$1";;
+	esac;
+	case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in @%:@((
+	???[sx]*):;;*)false;;esac;fi
+    '\'' sh
+  '
+fi
+as_executable_p=$as_test_x
+
+# Sed expression to map a string onto a valid CPP name.
+as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
+
+# Sed expression to map a string onto a valid variable name.
+as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
+
+
+test -n "$DJDIR" || exec 7<&0 </dev/null
+exec 6>&1
+
+# Name of the host.
+# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status,
+# so uname gets run too.
+ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q`
+
+#
+# Initializations.
+#
+ac_default_prefix=/usr/local
+ac_clean_files=
+ac_config_libobj_dir=.
+LIB@&t at OBJS=
+cross_compiling=no
+subdirs=
+MFLAGS=
+MAKEFLAGS=
+
+# Identity of this package.
+PACKAGE_NAME=
+PACKAGE_TARNAME=
+PACKAGE_VERSION=
+PACKAGE_STRING=
+PACKAGE_BUGREPORT=
+PACKAGE_URL=
+
+ac_unique_file="jcc.c"
+# Factoring default headers for most tests.
+ac_includes_default="\
+#include <stdio.h>
+#ifdef HAVE_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_STAT_H
+# include <sys/stat.h>
+#endif
+#ifdef STDC_HEADERS
+# include <stdlib.h>
+# include <stddef.h>
+#else
+# ifdef HAVE_STDLIB_H
+#  include <stdlib.h>
+# endif
+#endif
+#ifdef HAVE_STRING_H
+# if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+#  include <memory.h>
+# endif
+# include <string.h>
+#endif
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif
+#ifdef HAVE_INTTYPES_H
+# include <inttypes.h>
+#endif
+#ifdef HAVE_STDINT_H
+# include <stdint.h>
+#endif
+#ifdef HAVE_UNISTD_H
+# include <unistd.h>
+#endif"
+
+ac_subst_vars='LTLIBOBJS
+LIB@&t at OBJS
+PTHREAD_LIB
+SPECIAL_CFLAGS
+STATIC_PCRS_ONLY
+STATIC_PCRE_ONLY
+AMIGAOS_ONLY
+SOCKET_LIB
+PTHREAD_ONLY
+EGREP
+GREP
+DKPREFIX
+JADECAT
+DOC_STATUS
+MAN2HTML
+JADEBIN
+RPM_BASE
+RPMBIN
+DB2HTML
+WDUMP
+WIN_ONLY
+GROUP
+USER
+ID
+BGROUPS
+GDB
+AWK
+SET_MAKE
+LN_S
+INSTALL_DATA
+INSTALL_SCRIPT
+INSTALL_PROGRAM
+CPP
+OBJEXT
+EXEEXT
+ac_ct_CC
+CPPFLAGS
+LDFLAGS
+CFLAGS
+CC
+CODE_STATUS
+VERSION_POINT
+VERSION_MINOR
+VERSION_MAJOR
+host_os
+host_vendor
+host_cpu
+host
+build_os
+build_vendor
+build_cpu
+build
+target_alias
+host_alias
+build_alias
+LIBS
+ECHO_T
+ECHO_N
+ECHO_C
+DEFS
+mandir
+localedir
+libdir
+psdir
+pdfdir
+dvidir
+htmldir
+infodir
+docdir
+oldincludedir
+includedir
+localstatedir
+sharedstatedir
+sysconfdir
+datadir
+datarootdir
+libexecdir
+sbindir
+bindir
+program_transform_name
+prefix
+exec_prefix
+PACKAGE_URL
+PACKAGE_BUGREPORT
+PACKAGE_STRING
+PACKAGE_VERSION
+PACKAGE_TARNAME
+PACKAGE_NAME
+PATH_SEPARATOR
+SHELL'
+ac_subst_files=''
+ac_user_opts='
+enable_option_checking
+with_docbook
+with_db2html
+with_debug
+with_user
+with_group
+enable_mingw32
+enable_pthread
+enable_toggle
+enable_force
+enable_fast_redirects
+enable_stats
+enable_ie_images
+enable_image_blocking
+enable_acl_files
+enable_trust_files
+enable_editor
+enable_no_gifs
+enable_graceful_termination
+enable_extended_host_patterns
+enable_dynamic_pcre
+enable_zlib
+'
+      ac_precious_vars='build_alias
+host_alias
+target_alias
+CC
+CFLAGS
+LDFLAGS
+LIBS
+CPPFLAGS
+CPP'
+
+
+# Initialize some variables set by options.
+ac_init_help=
+ac_init_version=false
+ac_unrecognized_opts=
+ac_unrecognized_sep=
+# The variables have the same names as the options, with
+# dashes changed to underlines.
+cache_file=/dev/null
+exec_prefix=NONE
+no_create=
+no_recursion=
+prefix=NONE
+program_prefix=NONE
+program_suffix=NONE
+program_transform_name=s,x,x,
+silent=
+site=
+srcdir=
+verbose=
+x_includes=NONE
+x_libraries=NONE
+
+# Installation directory options.
+# These are left unexpanded so users can "make install exec_prefix=/foo"
+# and all the variables that are supposed to be based on exec_prefix
+# by default will actually change.
+# Use braces instead of parens because sh, perl, etc. also accept them.
+# (The list follows the same order as the GNU Coding Standards.)
+bindir='${exec_prefix}/bin'
+sbindir='${exec_prefix}/sbin'
+libexecdir='${exec_prefix}/libexec'
+datarootdir='${prefix}/share'
+datadir='${datarootdir}'
+sysconfdir='${prefix}/etc'
+sharedstatedir='${prefix}/com'
+localstatedir='${prefix}/var'
+includedir='${prefix}/include'
+oldincludedir='/usr/include'
+docdir='${datarootdir}/doc/${PACKAGE}'
+infodir='${datarootdir}/info'
+htmldir='${docdir}'
+dvidir='${docdir}'
+pdfdir='${docdir}'
+psdir='${docdir}'
+libdir='${exec_prefix}/lib'
+localedir='${datarootdir}/locale'
+mandir='${datarootdir}/man'
+
+ac_prev=
+ac_dashdash=
+for ac_option
+do
+  # If the previous option needs an argument, assign it.
+  if test -n "$ac_prev"; then
+    eval $ac_prev=\$ac_option
+    ac_prev=
+    continue
+  fi
+
+  case $ac_option in
+  *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;;
+  *=)   ac_optarg= ;;
+  *)    ac_optarg=yes ;;
+  esac
+
+  # Accept the important Cygnus configure options, so we can diagnose typos.
+
+  case $ac_dashdash$ac_option in
+  --)
+    ac_dashdash=yes ;;
+
+  -bindir | --bindir | --bindi | --bind | --bin | --bi)
+    ac_prev=bindir ;;
+  -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*)
+    bindir=$ac_optarg ;;
+
+  -build | --build | --buil | --bui | --bu)
+    ac_prev=build_alias ;;
+  -build=* | --build=* | --buil=* | --bui=* | --bu=*)
+    build_alias=$ac_optarg ;;
+
+  -cache-file | --cache-file | --cache-fil | --cache-fi \
+  | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c)
+    ac_prev=cache_file ;;
+  -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \
+  | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*)
+    cache_file=$ac_optarg ;;
+
+  --config-cache | -C)
+    cache_file=config.cache ;;
+
+  -datadir | --datadir | --datadi | --datad)
+    ac_prev=datadir ;;
+  -datadir=* | --datadir=* | --datadi=* | --datad=*)
+    datadir=$ac_optarg ;;
+
+  -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \
+  | --dataroo | --dataro | --datar)
+    ac_prev=datarootdir ;;
+  -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \
+  | --dataroot=* | --dataroo=* | --dataro=* | --datar=*)
+    datarootdir=$ac_optarg ;;
+
+  -disable-* | --disable-*)
+    ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'`
+    # Reject names that are not valid shell variable names.
+    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+      as_fn_error $? "invalid feature name: $ac_useropt"
+    ac_useropt_orig=$ac_useropt
+    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
+    case $ac_user_opts in
+      *"
+"enable_$ac_useropt"
+"*) ;;
+      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig"
+	 ac_unrecognized_sep=', ';;
+    esac
+    eval enable_$ac_useropt=no ;;
+
+  -docdir | --docdir | --docdi | --doc | --do)
+    ac_prev=docdir ;;
+  -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*)
+    docdir=$ac_optarg ;;
+
+  -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv)
+    ac_prev=dvidir ;;
+  -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*)
+    dvidir=$ac_optarg ;;
+
+  -enable-* | --enable-*)
+    ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'`
+    # Reject names that are not valid shell variable names.
+    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+      as_fn_error $? "invalid feature name: $ac_useropt"
+    ac_useropt_orig=$ac_useropt
+    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
+    case $ac_user_opts in
+      *"
+"enable_$ac_useropt"
+"*) ;;
+      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig"
+	 ac_unrecognized_sep=', ';;
+    esac
+    eval enable_$ac_useropt=\$ac_optarg ;;
+
+  -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \
+  | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \
+  | --exec | --exe | --ex)
+    ac_prev=exec_prefix ;;
+  -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \
+  | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \
+  | --exec=* | --exe=* | --ex=*)
+    exec_prefix=$ac_optarg ;;
+
+  -gas | --gas | --ga | --g)
+    # Obsolete; use --with-gas.
+    with_gas=yes ;;
+
+  -help | --help | --hel | --he | -h)
+    ac_init_help=long ;;
+  -help=r* | --help=r* | --hel=r* | --he=r* | -hr*)
+    ac_init_help=recursive ;;
+  -help=s* | --help=s* | --hel=s* | --he=s* | -hs*)
+    ac_init_help=short ;;
+
+  -host | --host | --hos | --ho)
+    ac_prev=host_alias ;;
+  -host=* | --host=* | --hos=* | --ho=*)
+    host_alias=$ac_optarg ;;
+
+  -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht)
+    ac_prev=htmldir ;;
+  -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \
+  | --ht=*)
+    htmldir=$ac_optarg ;;
+
+  -includedir | --includedir | --includedi | --included | --include \
+  | --includ | --inclu | --incl | --inc)
+    ac_prev=includedir ;;
+  -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \
+  | --includ=* | --inclu=* | --incl=* | --inc=*)
+    includedir=$ac_optarg ;;
+
+  -infodir | --infodir | --infodi | --infod | --info | --inf)
+    ac_prev=infodir ;;
+  -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*)
+    infodir=$ac_optarg ;;
+
+  -libdir | --libdir | --libdi | --libd)
+    ac_prev=libdir ;;
+  -libdir=* | --libdir=* | --libdi=* | --libd=*)
+    libdir=$ac_optarg ;;
+
+  -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \
+  | --libexe | --libex | --libe)
+    ac_prev=libexecdir ;;
+  -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \
+  | --libexe=* | --libex=* | --libe=*)
+    libexecdir=$ac_optarg ;;
+
+  -localedir | --localedir | --localedi | --localed | --locale)
+    ac_prev=localedir ;;
+  -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*)
+    localedir=$ac_optarg ;;
+
+  -localstatedir | --localstatedir | --localstatedi | --localstated \
+  | --localstate | --localstat | --localsta | --localst | --locals)
+    ac_prev=localstatedir ;;
+  -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \
+  | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*)
+    localstatedir=$ac_optarg ;;
+
+  -mandir | --mandir | --mandi | --mand | --man | --ma | --m)
+    ac_prev=mandir ;;
+  -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*)
+    mandir=$ac_optarg ;;
+
+  -nfp | --nfp | --nf)
+    # Obsolete; use --without-fp.
+    with_fp=no ;;
+
+  -no-create | --no-create | --no-creat | --no-crea | --no-cre \
+  | --no-cr | --no-c | -n)
+    no_create=yes ;;
+
+  -no-recursion | --no-recursion | --no-recursio | --no-recursi \
+  | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r)
+    no_recursion=yes ;;
+
+  -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \
+  | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \
+  | --oldin | --oldi | --old | --ol | --o)
+    ac_prev=oldincludedir ;;
+  -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \
+  | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \
+  | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*)
+    oldincludedir=$ac_optarg ;;
+
+  -prefix | --prefix | --prefi | --pref | --pre | --pr | --p)
+    ac_prev=prefix ;;
+  -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*)
+    prefix=$ac_optarg ;;
+
+  -program-prefix | --program-prefix | --program-prefi | --program-pref \
+  | --program-pre | --program-pr | --program-p)
+    ac_prev=program_prefix ;;
+  -program-prefix=* | --program-prefix=* | --program-prefi=* \
+  | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*)
+    program_prefix=$ac_optarg ;;
+
+  -program-suffix | --program-suffix | --program-suffi | --program-suff \
+  | --program-suf | --program-su | --program-s)
+    ac_prev=program_suffix ;;
+  -program-suffix=* | --program-suffix=* | --program-suffi=* \
+  | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*)
+    program_suffix=$ac_optarg ;;
+
+  -program-transform-name | --program-transform-name \
+  | --program-transform-nam | --program-transform-na \
+  | --program-transform-n | --program-transform- \
+  | --program-transform | --program-transfor \
+  | --program-transfo | --program-transf \
+  | --program-trans | --program-tran \
+  | --progr-tra | --program-tr | --program-t)
+    ac_prev=program_transform_name ;;
+  -program-transform-name=* | --program-transform-name=* \
+  | --program-transform-nam=* | --program-transform-na=* \
+  | --program-transform-n=* | --program-transform-=* \
+  | --program-transform=* | --program-transfor=* \
+  | --program-transfo=* | --program-transf=* \
+  | --program-trans=* | --program-tran=* \
+  | --progr-tra=* | --program-tr=* | --program-t=*)
+    program_transform_name=$ac_optarg ;;
+
+  -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd)
+    ac_prev=pdfdir ;;
+  -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*)
+    pdfdir=$ac_optarg ;;
+
+  -psdir | --psdir | --psdi | --psd | --ps)
+    ac_prev=psdir ;;
+  -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*)
+    psdir=$ac_optarg ;;
+
+  -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+  | -silent | --silent | --silen | --sile | --sil)
+    silent=yes ;;
+
+  -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
+    ac_prev=sbindir ;;
+  -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
+  | --sbi=* | --sb=*)
+    sbindir=$ac_optarg ;;
+
+  -sharedstatedir | --sharedstatedir | --sharedstatedi \
+  | --sharedstated | --sharedstate | --sharedstat | --sharedsta \
+  | --sharedst | --shareds | --shared | --share | --shar \
+  | --sha | --sh)
+    ac_prev=sharedstatedir ;;
+  -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \
+  | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \
+  | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \
+  | --sha=* | --sh=*)
+    sharedstatedir=$ac_optarg ;;
+
+  -site | --site | --sit)
+    ac_prev=site ;;
+  -site=* | --site=* | --sit=*)
+    site=$ac_optarg ;;
+
+  -srcdir | --srcdir | --srcdi | --srcd | --src | --sr)
+    ac_prev=srcdir ;;
+  -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*)
+    srcdir=$ac_optarg ;;
+
+  -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \
+  | --syscon | --sysco | --sysc | --sys | --sy)
+    ac_prev=sysconfdir ;;
+  -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \
+  | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*)
+    sysconfdir=$ac_optarg ;;
+
+  -target | --target | --targe | --targ | --tar | --ta | --t)
+    ac_prev=target_alias ;;
+  -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*)
+    target_alias=$ac_optarg ;;
+
+  -v | -verbose | --verbose | --verbos | --verbo | --verb)
+    verbose=yes ;;
+
+  -version | --version | --versio | --versi | --vers | -V)
+    ac_init_version=: ;;
+
+  -with-* | --with-*)
+    ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'`
+    # Reject names that are not valid shell variable names.
+    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+      as_fn_error $? "invalid package name: $ac_useropt"
+    ac_useropt_orig=$ac_useropt
+    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
+    case $ac_user_opts in
+      *"
+"with_$ac_useropt"
+"*) ;;
+      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig"
+	 ac_unrecognized_sep=', ';;
+    esac
+    eval with_$ac_useropt=\$ac_optarg ;;
+
+  -without-* | --without-*)
+    ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'`
+    # Reject names that are not valid shell variable names.
+    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+      as_fn_error $? "invalid package name: $ac_useropt"
+    ac_useropt_orig=$ac_useropt
+    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
+    case $ac_user_opts in
+      *"
+"with_$ac_useropt"
+"*) ;;
+      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig"
+	 ac_unrecognized_sep=', ';;
+    esac
+    eval with_$ac_useropt=no ;;
+
+  --x)
+    # Obsolete; use --with-x.
+    with_x=yes ;;
+
+  -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \
+  | --x-incl | --x-inc | --x-in | --x-i)
+    ac_prev=x_includes ;;
+  -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \
+  | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*)
+    x_includes=$ac_optarg ;;
+
+  -x-libraries | --x-libraries | --x-librarie | --x-librari \
+  | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l)
+    ac_prev=x_libraries ;;
+  -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \
+  | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*)
+    x_libraries=$ac_optarg ;;
+
+  -*) as_fn_error $? "unrecognized option: \`$ac_option'
+Try \`$0 --help' for more information"
+    ;;
+
+  *=*)
+    ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='`
+    # Reject names that are not valid shell variable names.
+    case $ac_envvar in #(
+      '' | [0-9]* | *[!_$as_cr_alnum]* )
+      as_fn_error $? "invalid variable name: \`$ac_envvar'" ;;
+    esac
+    eval $ac_envvar=\$ac_optarg
+    export $ac_envvar ;;
+
+  *)
+    # FIXME: should be removed in autoconf 3.0.
+    $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2
+    expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null &&
+      $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2
+    : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}"
+    ;;
+
+  esac
+done
+
+if test -n "$ac_prev"; then
+  ac_option=--`echo $ac_prev | sed 's/_/-/g'`
+  as_fn_error $? "missing argument to $ac_option"
+fi
+
+if test -n "$ac_unrecognized_opts"; then
+  case $enable_option_checking in
+    no) ;;
+    fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;;
+    *)     $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;;
+  esac
+fi
+
+# Check all directory arguments for consistency.
+for ac_var in	exec_prefix prefix bindir sbindir libexecdir datarootdir \
+		datadir sysconfdir sharedstatedir localstatedir includedir \
+		oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
+		libdir localedir mandir
+do
+  eval ac_val=\$$ac_var
+  # Remove trailing slashes.
+  case $ac_val in
+    */ )
+      ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'`
+      eval $ac_var=\$ac_val;;
+  esac
+  # Be sure to have absolute directory names.
+  case $ac_val in
+    [\\/$]* | ?:[\\/]* )  continue;;
+    NONE | '' ) case $ac_var in *prefix ) continue;; esac;;
+  esac
+  as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val"
+done
+
+# There might be people who depend on the old broken behavior: `$host'
+# used to hold the argument of --host etc.
+# FIXME: To remove some day.
+build=$build_alias
+host=$host_alias
+target=$target_alias
+
+# FIXME: To remove some day.
+if test "x$host_alias" != x; then
+  if test "x$build_alias" = x; then
+    cross_compiling=maybe
+    $as_echo "$as_me: WARNING: if you wanted to set the --build type, don't use --host.
+    If a cross compiler is detected then cross compile mode will be used" >&2
+  elif test "x$build_alias" != "x$host_alias"; then
+    cross_compiling=yes
+  fi
+fi
+
+ac_tool_prefix=
+test -n "$host_alias" && ac_tool_prefix=$host_alias-
+
+test "$silent" = yes && exec 6>/dev/null
+
+
+ac_pwd=`pwd` && test -n "$ac_pwd" &&
+ac_ls_di=`ls -di .` &&
+ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` ||
+  as_fn_error $? "working directory cannot be determined"
+test "X$ac_ls_di" = "X$ac_pwd_ls_di" ||
+  as_fn_error $? "pwd does not report name of working directory"
+
+
+# Find the source files, if location was not specified.
+if test -z "$srcdir"; then
+  ac_srcdir_defaulted=yes
+  # Try the directory containing this script, then the parent directory.
+  ac_confdir=`$as_dirname -- "$as_myself" ||
+$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+	 X"$as_myself" : 'X\(//\)[^/]' \| \
+	 X"$as_myself" : 'X\(//\)$' \| \
+	 X"$as_myself" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$as_myself" |
+    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)[^/].*/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+  srcdir=$ac_confdir
+  if test ! -r "$srcdir/$ac_unique_file"; then
+    srcdir=..
+  fi
+else
+  ac_srcdir_defaulted=no
+fi
+if test ! -r "$srcdir/$ac_unique_file"; then
+  test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .."
+  as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir"
+fi
+ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work"
+ac_abs_confdir=`(
+	cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg"
+	pwd)`
+# When building in place, set srcdir=.
+if test "$ac_abs_confdir" = "$ac_pwd"; then
+  srcdir=.
+fi
+# Remove unnecessary trailing slashes from srcdir.
+# Double slashes in file names in object file debugging info
+# mess up M-x gdb in Emacs.
+case $srcdir in
+*/) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;;
+esac
+for ac_var in $ac_precious_vars; do
+  eval ac_env_${ac_var}_set=\${${ac_var}+set}
+  eval ac_env_${ac_var}_value=\$${ac_var}
+  eval ac_cv_env_${ac_var}_set=\${${ac_var}+set}
+  eval ac_cv_env_${ac_var}_value=\$${ac_var}
+done
+
+#
+# Report the --help message.
+#
+if test "$ac_init_help" = "long"; then
+  # Omit some internal or obsolete options to make the list less imposing.
+  # This message is too long to be a string in the A/UX 3.1 sh.
+  cat <<_ACEOF
+\`configure' configures this package to adapt to many kinds of systems.
+
+Usage: $0 [OPTION]... [VAR=VALUE]...
+
+To assign environment variables (e.g., CC, CFLAGS...), specify them as
+VAR=VALUE.  See below for descriptions of some of the useful variables.
+
+Defaults for the options are specified in brackets.
+
+Configuration:
+  -h, --help              display this help and exit
+      --help=short        display options specific to this package
+      --help=recursive    display the short help of all the included packages
+  -V, --version           display version information and exit
+  -q, --quiet, --silent   do not print \`checking ...' messages
+      --cache-file=FILE   cache test results in FILE [disabled]
+  -C, --config-cache      alias for \`--cache-file=config.cache'
+  -n, --no-create         do not create output files
+      --srcdir=DIR        find the sources in DIR [configure dir or \`..']
+
+Installation directories:
+  --prefix=PREFIX         install architecture-independent files in PREFIX
+                          @<:@@S|@ac_default_prefix@:>@
+  --exec-prefix=EPREFIX   install architecture-dependent files in EPREFIX
+                          @<:@PREFIX@:>@
+
+By default, \`make install' will install all the files in
+\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc.  You can specify
+an installation prefix other than \`$ac_default_prefix' using \`--prefix',
+for instance \`--prefix=\$HOME'.
+
+For better control, use the options below.
+
+Fine tuning of the installation directories:
+  --bindir=DIR            user executables [EPREFIX/bin]
+  --sbindir=DIR           system admin executables [EPREFIX/sbin]
+  --libexecdir=DIR        program executables [EPREFIX/libexec]
+  --sysconfdir=DIR        read-only single-machine data [PREFIX/etc]
+  --sharedstatedir=DIR    modifiable architecture-independent data [PREFIX/com]
+  --localstatedir=DIR     modifiable single-machine data [PREFIX/var]
+  --libdir=DIR            object code libraries [EPREFIX/lib]
+  --includedir=DIR        C header files [PREFIX/include]
+  --oldincludedir=DIR     C header files for non-gcc [/usr/include]
+  --datarootdir=DIR       read-only arch.-independent data root [PREFIX/share]
+  --datadir=DIR           read-only architecture-independent data [DATAROOTDIR]
+  --infodir=DIR           info documentation [DATAROOTDIR/info]
+  --localedir=DIR         locale-dependent data [DATAROOTDIR/locale]
+  --mandir=DIR            man documentation [DATAROOTDIR/man]
+  --docdir=DIR            documentation root @<:@DATAROOTDIR/doc/PACKAGE@:>@
+  --htmldir=DIR           html documentation [DOCDIR]
+  --dvidir=DIR            dvi documentation [DOCDIR]
+  --pdfdir=DIR            pdf documentation [DOCDIR]
+  --psdir=DIR             ps documentation [DOCDIR]
+_ACEOF
+
+  cat <<\_ACEOF
+
+System types:
+  --build=BUILD     configure for building on BUILD [guessed]
+  --host=HOST       cross-compile to build programs to run on HOST [BUILD]
+_ACEOF
+fi
+
+if test -n "$ac_init_help"; then
+
+  cat <<\_ACEOF
+
+Optional Features:
+  --disable-option-checking  ignore unrecognized --enable/--with options
+  --disable-FEATURE       do not include FEATURE (same as --enable-FEATURE=no)
+  --enable-FEATURE[=ARG]  include FEATURE [ARG=yes]
+  --enable-mingw32                Use mingw32 for a Windows GUI
+  --disable-pthread               Don't use POSIX threads (pthreads)
+  --disable-toggle                Don't support temporary disable
+  --disable-force                 Don't allow single-page disable
+  --disable-fast-redirects        Don't support fast redirects
+  --disable-stats                 Don't keep statistics
+  --enable-ie-images              Enable a quick but not always reliable auto-detect whether requests from
+                                  MS Internet Explorer are for an image or not.
+  --disable-image-blocking        Don't try to figure out whether a request is 
+                                  for an image or HTML - assume HTML.
+  --disable-acl-files             Prevents the use of ACL files to control access to
+                                  Privoxy by IP address.
+  --disable-trust-files           Prevents the use of trust files.
+  --disable-editor                Prevents the use of the web-based actions file
+                                  editor and web-based temporary disable setting.
+  --enable-no-gifs                Use politically correct PNG format instead of GIF
+                                  for built-in images. May not work with all browsers.
+  --enable-graceful-termination   Allow to shutdown Privoxy through the webinterface.
+  --enable-extended-host-patterns Allow extended regular expressions in host patterns.
+  --disable-dynamic-pcre          Use the built-in, static pcre, even if libpcre is available
+  --disable-zlib                  Don't use zlib to decompress data before filtering.
+
+Optional Packages:
+  --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
+  --without-PACKAGE       do not use PACKAGE (same as --with-PACKAGE=no)
+  --with-docbook=yes|no|directory	
+                           Enable docbook documentation creation 
+			   (default = yes, for gnu and linux)
+  --with-db2html=<path/executable>
+                          Set the location of the docbook to html converter
+                          (default = search)
+  --with-debug            Enable debug mode
+  --with-user=privoxy          Set user under which privoxy will run
+  --with-group=privoxy         Set group for privoxy
+
+Some influential environment variables:
+  CC          C compiler command
+  CFLAGS      C compiler flags
+  LDFLAGS     linker flags, e.g. -L<lib dir> if you have libraries in a
+              nonstandard directory <lib dir>
+  LIBS        libraries to pass to the linker, e.g. -l<library>
+  CPPFLAGS    (Objective) C/C++ preprocessor flags, e.g. -I<include dir> if
+              you have headers in a nonstandard directory <include dir>
+  CPP         C preprocessor
+
+Use these variables to override the choices made by `configure' or to help
+it to find libraries and programs with nonstandard names/locations.
+
+Report bugs to the package provider.
+_ACEOF
+ac_status=$?
+fi
+
+if test "$ac_init_help" = "recursive"; then
+  # If there are subdirs, report their specific --help.
+  for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue
+    test -d "$ac_dir" ||
+      { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } ||
+      continue
+    ac_builddir=.
+
+case "$ac_dir" in
+.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
+*)
+  ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'`
+  # A ".." for each directory in $ac_dir_suffix.
+  ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
+  case $ac_top_builddir_sub in
+  "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
+  *)  ac_top_build_prefix=$ac_top_builddir_sub/ ;;
+  esac ;;
+esac
+ac_abs_top_builddir=$ac_pwd
+ac_abs_builddir=$ac_pwd$ac_dir_suffix
+# for backward compatibility:
+ac_top_builddir=$ac_top_build_prefix
+
+case $srcdir in
+  .)  # We are building in place.
+    ac_srcdir=.
+    ac_top_srcdir=$ac_top_builddir_sub
+    ac_abs_top_srcdir=$ac_pwd ;;
+  [\\/]* | ?:[\\/]* )  # Absolute name.
+    ac_srcdir=$srcdir$ac_dir_suffix;
+    ac_top_srcdir=$srcdir
+    ac_abs_top_srcdir=$srcdir ;;
+  *) # Relative name.
+    ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix
+    ac_top_srcdir=$ac_top_build_prefix$srcdir
+    ac_abs_top_srcdir=$ac_pwd/$srcdir ;;
+esac
+ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix
+
+    cd "$ac_dir" || { ac_status=$?; continue; }
+    # Check for guested configure.
+    if test -f "$ac_srcdir/configure.gnu"; then
+      echo &&
+      $SHELL "$ac_srcdir/configure.gnu" --help=recursive
+    elif test -f "$ac_srcdir/configure"; then
+      echo &&
+      $SHELL "$ac_srcdir/configure" --help=recursive
+    else
+      $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2
+    fi || ac_status=$?
+    cd "$ac_pwd" || { ac_status=$?; break; }
+  done
+fi
+
+test -n "$ac_init_help" && exit $ac_status
+if $ac_init_version; then
+  cat <<\_ACEOF
+configure
+generated by GNU Autoconf 2.68
+
+Copyright (C) 2010 Free Software Foundation, Inc.
+This configure script is free software; the Free Software Foundation
+gives unlimited permission to copy, distribute and modify it.
+_ACEOF
+  exit
+fi
+
+## ------------------------ ##
+## Autoconf initialization. ##
+## ------------------------ ##
+
+@%:@ ac_fn_c_try_compile LINENO
+@%:@ --------------------------
+@%:@ Try to compile conftest. at S|@ac_ext, and return whether this succeeded.
+ac_fn_c_try_compile ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  rm -f conftest.$ac_objext
+  if { { ac_try="$ac_compile"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_compile") 2>conftest.err
+  ac_status=$?
+  if test -s conftest.err; then
+    grep -v '^ *+' conftest.err >conftest.er1
+    cat conftest.er1 >&5
+    mv -f conftest.er1 conftest.err
+  fi
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } && {
+	 test -z "$ac_c_werror_flag" ||
+	 test ! -s conftest.err
+       } && test -s conftest.$ac_objext; then :
+  ac_retval=0
+else
+  $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+	ac_retval=1
+fi
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
+
+} @%:@ ac_fn_c_try_compile
+
+@%:@ ac_fn_c_try_cpp LINENO
+@%:@ ----------------------
+@%:@ Try to preprocess conftest. at S|@ac_ext, and return whether this succeeded.
+ac_fn_c_try_cpp ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  if { { ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err
+  ac_status=$?
+  if test -s conftest.err; then
+    grep -v '^ *+' conftest.err >conftest.er1
+    cat conftest.er1 >&5
+    mv -f conftest.er1 conftest.err
+  fi
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } > conftest.i && {
+	 test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+	 test ! -s conftest.err
+       }; then :
+  ac_retval=0
+else
+  $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+    ac_retval=1
+fi
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
+
+} @%:@ ac_fn_c_try_cpp
+
+@%:@ ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES
+@%:@ -------------------------------------------------------
+@%:@ Tests whether HEADER exists, giving a warning if it cannot be compiled using
+@%:@ the include files in INCLUDES and setting the cache variable VAR
+@%:@ accordingly.
+ac_fn_c_check_header_mongrel ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  if eval \${$3+:} false; then :
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+  $as_echo_n "(cached) " >&6
+fi
+eval ac_res=\$$3
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+else
+  # Is the header compilable?
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5
+$as_echo_n "checking $2 usability... " >&6; }
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+@%:@include <$2>
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_header_compiler=yes
+else
+  ac_header_compiler=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5
+$as_echo "$ac_header_compiler" >&6; }
+
+# Is the header present?
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5
+$as_echo_n "checking $2 presence... " >&6; }
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+@%:@include <$2>
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"; then :
+  ac_header_preproc=yes
+else
+  ac_header_preproc=no
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5
+$as_echo "$ac_header_preproc" >&6; }
+
+# So?  What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #((
+  yes:no: )
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5
+$as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;}
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5
+$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;}
+    ;;
+  no:yes:* )
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5
+$as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;}
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2:     check for missing prerequisite headers?" >&5
+$as_echo "$as_me: WARNING: $2:     check for missing prerequisite headers?" >&2;}
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5
+$as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;}
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2:     section \"Present But Cannot Be Compiled\"" >&5
+$as_echo "$as_me: WARNING: $2:     section \"Present But Cannot Be Compiled\"" >&2;}
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5
+$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;}
+    ;;
+esac
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  eval "$3=\$ac_header_compiler"
+fi
+eval ac_res=\$$3
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+fi
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} @%:@ ac_fn_c_check_header_mongrel
+
+@%:@ ac_fn_c_try_run LINENO
+@%:@ ----------------------
+@%:@ Try to link conftest. at S|@ac_ext, and return whether this succeeded. Assumes
+@%:@ that executables *can* be run.
+ac_fn_c_try_run ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  if { { ac_try="$ac_link"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_link") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } && { ac_try='./conftest$ac_exeext'
+  { { case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_try") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; }; then :
+  ac_retval=0
+else
+  $as_echo "$as_me: program exited with status $ac_status" >&5
+       $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+       ac_retval=$ac_status
+fi
+  rm -rf conftest.dSYM conftest_ipa8_conftest.oo
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
+
+} @%:@ ac_fn_c_try_run
+
+@%:@ ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES
+@%:@ -------------------------------------------------------
+@%:@ Tests whether HEADER exists and can be compiled using the include files in
+@%:@ INCLUDES, setting the cache variable VAR accordingly.
+ac_fn_c_check_header_compile ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+@%:@include <$2>
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$3=yes"
+else
+  eval "$3=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+eval ac_res=\$$3
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} @%:@ ac_fn_c_check_header_compile
+
+@%:@ ac_fn_c_try_link LINENO
+@%:@ -----------------------
+@%:@ Try to link conftest. at S|@ac_ext, and return whether this succeeded.
+ac_fn_c_try_link ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  rm -f conftest.$ac_objext conftest$ac_exeext
+  if { { ac_try="$ac_link"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_link") 2>conftest.err
+  ac_status=$?
+  if test -s conftest.err; then
+    grep -v '^ *+' conftest.err >conftest.er1
+    cat conftest.er1 >&5
+    mv -f conftest.er1 conftest.err
+  fi
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } && {
+	 test -z "$ac_c_werror_flag" ||
+	 test ! -s conftest.err
+       } && test -s conftest$ac_exeext && {
+	 test "$cross_compiling" = yes ||
+	 $as_test_x conftest$ac_exeext
+       }; then :
+  ac_retval=0
+else
+  $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+	ac_retval=1
+fi
+  # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information
+  # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would
+  # interfere with the next link command; also delete a directory that is
+  # left behind by Apple's compiler.  We do this before executing the actions.
+  rm -rf conftest.dSYM conftest_ipa8_conftest.oo
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
+
+} @%:@ ac_fn_c_try_link
+
+@%:@ ac_fn_c_check_func LINENO FUNC VAR
+@%:@ ----------------------------------
+@%:@ Tests whether FUNC exists, setting the cache variable VAR accordingly
+ac_fn_c_check_func ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+/* Define $2 to an innocuous variant, in case <limits.h> declares $2.
+   For example, HP-UX 11i <limits.h> declares gettimeofday.  */
+#define $2 innocuous_$2
+
+/* System header to define __stub macros and hopefully few prototypes,
+    which can conflict with char $2 (); below.
+    Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+    <limits.h> exists even on freestanding compilers.  */
+
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+
+#undef $2
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char $2 ();
+/* The GNU C library defines this for functions which it implements
+    to always fail with ENOSYS.  Some functions are actually named
+    something starting with __ and the normal name is an alias.  */
+#if defined __stub_$2 || defined __stub___$2
+choke me
+#endif
+
+int
+main ()
+{
+return $2 ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  eval "$3=yes"
+else
+  eval "$3=no"
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+fi
+eval ac_res=\$$3
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} @%:@ ac_fn_c_check_func
+
+@%:@ ac_fn_c_check_type LINENO TYPE VAR INCLUDES
+@%:@ -------------------------------------------
+@%:@ Tests whether TYPE exists after having included INCLUDES, setting cache
+@%:@ variable VAR accordingly.
+ac_fn_c_check_type ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  eval "$3=no"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+if (sizeof ($2))
+	 return 0;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+if (sizeof (($2)))
+	    return 0;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  
+else
+  eval "$3=yes"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+eval ac_res=\$$3
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} @%:@ ac_fn_c_check_type
+
+@%:@ ac_fn_c_compute_int LINENO EXPR VAR INCLUDES
+@%:@ --------------------------------------------
+@%:@ Tries to find the compile-time value of EXPR in a program that includes
+@%:@ INCLUDES, setting VAR accordingly. Returns whether the value could be
+@%:@ computed
+ac_fn_c_compute_int ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  if test "$cross_compiling" = yes; then
+    # Depending upon the size, compute the lo and hi bounds.
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array @<:@1 - 2 * !(($2) >= 0)@:>@;
+test_array @<:@0@:>@ = 0
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_lo=0 ac_mid=0
+  while :; do
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array @<:@1 - 2 * !(($2) <= $ac_mid)@:>@;
+test_array @<:@0@:>@ = 0
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_hi=$ac_mid; break
+else
+  as_fn_arith $ac_mid + 1 && ac_lo=$as_val
+			if test $ac_lo -le $ac_mid; then
+			  ac_lo= ac_hi=
+			  break
+			fi
+			as_fn_arith 2 '*' $ac_mid + 1 && ac_mid=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  done
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array @<:@1 - 2 * !(($2) < 0)@:>@;
+test_array @<:@0@:>@ = 0
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_hi=-1 ac_mid=-1
+  while :; do
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array @<:@1 - 2 * !(($2) >= $ac_mid)@:>@;
+test_array @<:@0@:>@ = 0
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_lo=$ac_mid; break
+else
+  as_fn_arith '(' $ac_mid ')' - 1 && ac_hi=$as_val
+			if test $ac_mid -le $ac_hi; then
+			  ac_lo= ac_hi=
+			  break
+			fi
+			as_fn_arith 2 '*' $ac_mid && ac_mid=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  done
+else
+  ac_lo= ac_hi=
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+# Binary search between lo and hi bounds.
+while test "x$ac_lo" != "x$ac_hi"; do
+  as_fn_arith '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo && ac_mid=$as_val
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array @<:@1 - 2 * !(($2) <= $ac_mid)@:>@;
+test_array @<:@0@:>@ = 0
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_hi=$ac_mid
+else
+  as_fn_arith '(' $ac_mid ')' + 1 && ac_lo=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+done
+case $ac_lo in @%:@((
+?*) eval "$3=\$ac_lo"; ac_retval=0 ;;
+'') ac_retval=1 ;;
+esac
+  else
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+static long int longval () { return $2; }
+static unsigned long int ulongval () { return $2; }
+@%:@include <stdio.h>
+@%:@include <stdlib.h>
+int
+main ()
+{
+
+  FILE *f = fopen ("conftest.val", "w");
+  if (! f)
+    return 1;
+  if (($2) < 0)
+    {
+      long int i = longval ();
+      if (i != ($2))
+	return 1;
+      fprintf (f, "%ld", i);
+    }
+  else
+    {
+      unsigned long int i = ulongval ();
+      if (i != ($2))
+	return 1;
+      fprintf (f, "%lu", i);
+    }
+  /* Do not output a trailing newline, as this causes \r\n confusion
+     on some platforms.  */
+  return ferror (f) || fclose (f) != 0;
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"; then :
+  echo >>conftest.val; read $3 <conftest.val; ac_retval=0
+else
+  ac_retval=1
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+  conftest.$ac_objext conftest.beam conftest.$ac_ext
+rm -f conftest.val
+
+  fi
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
+
+} @%:@ ac_fn_c_compute_int
+cat >config.log <<_ACEOF
+This file contains any messages produced by compilers while
+running configure, to aid debugging if configure makes a mistake.
+
+It was created by $as_me, which was
+generated by GNU Autoconf 2.68.  Invocation command line was
+
+  $ $0 $@
+
+_ACEOF
+exec 5>>config.log
+{
+cat <<_ASUNAME
+## --------- ##
+## Platform. ##
+## --------- ##
+
+hostname = `(hostname || uname -n) 2>/dev/null | sed 1q`
+uname -m = `(uname -m) 2>/dev/null || echo unknown`
+uname -r = `(uname -r) 2>/dev/null || echo unknown`
+uname -s = `(uname -s) 2>/dev/null || echo unknown`
+uname -v = `(uname -v) 2>/dev/null || echo unknown`
+
+/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown`
+/bin/uname -X     = `(/bin/uname -X) 2>/dev/null     || echo unknown`
+
+/bin/arch              = `(/bin/arch) 2>/dev/null              || echo unknown`
+/usr/bin/arch -k       = `(/usr/bin/arch -k) 2>/dev/null       || echo unknown`
+/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown`
+/usr/bin/hostinfo      = `(/usr/bin/hostinfo) 2>/dev/null      || echo unknown`
+/bin/machine           = `(/bin/machine) 2>/dev/null           || echo unknown`
+/usr/bin/oslevel       = `(/usr/bin/oslevel) 2>/dev/null       || echo unknown`
+/bin/universe          = `(/bin/universe) 2>/dev/null          || echo unknown`
+
+_ASUNAME
+
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    $as_echo "PATH: $as_dir"
+  done
+IFS=$as_save_IFS
+
+} >&5
+
+cat >&5 <<_ACEOF
+
+
+## ----------- ##
+## Core tests. ##
+## ----------- ##
+
+_ACEOF
+
+
+# Keep a trace of the command line.
+# Strip out --no-create and --no-recursion so they do not pile up.
+# Strip out --silent because we don't want to record it for future runs.
+# Also quote any args containing shell meta-characters.
+# Make two passes to allow for proper duplicate-argument suppression.
+ac_configure_args=
+ac_configure_args0=
+ac_configure_args1=
+ac_must_keep_next=false
+for ac_pass in 1 2
+do
+  for ac_arg
+  do
+    case $ac_arg in
+    -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;;
+    -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+    | -silent | --silent | --silen | --sile | --sil)
+      continue ;;
+    *\'*)
+      ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;;
+    esac
+    case $ac_pass in
+    1) as_fn_append ac_configure_args0 " '$ac_arg'" ;;
+    2)
+      as_fn_append ac_configure_args1 " '$ac_arg'"
+      if test $ac_must_keep_next = true; then
+	ac_must_keep_next=false # Got value, back to normal.
+      else
+	case $ac_arg in
+	  *=* | --config-cache | -C | -disable-* | --disable-* \
+	  | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \
+	  | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \
+	  | -with-* | --with-* | -without-* | --without-* | --x)
+	    case "$ac_configure_args0 " in
+	      "$ac_configure_args1"*" '$ac_arg' "* ) continue ;;
+	    esac
+	    ;;
+	  -* ) ac_must_keep_next=true ;;
+	esac
+      fi
+      as_fn_append ac_configure_args " '$ac_arg'"
+      ;;
+    esac
+  done
+done
+{ ac_configure_args0=; unset ac_configure_args0;}
+{ ac_configure_args1=; unset ac_configure_args1;}
+
+# When interrupted or exit'd, cleanup temporary files, and complete
+# config.log.  We remove comments because anyway the quotes in there
+# would cause problems or look ugly.
+# WARNING: Use '\'' to represent an apostrophe within the trap.
+# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug.
+trap 'exit_status=$?
+  # Save into config.log some information that might help in debugging.
+  {
+    echo
+
+    $as_echo "## ---------------- ##
+## Cache variables. ##
+## ---------------- ##"
+    echo
+    # The following way of writing the cache mishandles newlines in values,
+(
+  for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do
+    eval ac_val=\$$ac_var
+    case $ac_val in #(
+    *${as_nl}*)
+      case $ac_var in #(
+      *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5
+$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
+      esac
+      case $ac_var in #(
+      _ | IFS | as_nl) ;; #(
+      BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
+      *) { eval $ac_var=; unset $ac_var;} ;;
+      esac ;;
+    esac
+  done
+  (set) 2>&1 |
+    case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #(
+    *${as_nl}ac_space=\ *)
+      sed -n \
+	"s/'\''/'\''\\\\'\'''\''/g;
+	  s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p"
+      ;; #(
+    *)
+      sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p"
+      ;;
+    esac |
+    sort
+)
+    echo
+
+    $as_echo "## ----------------- ##
+## Output variables. ##
+## ----------------- ##"
+    echo
+    for ac_var in $ac_subst_vars
+    do
+      eval ac_val=\$$ac_var
+      case $ac_val in
+      *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
+      esac
+      $as_echo "$ac_var='\''$ac_val'\''"
+    done | sort
+    echo
+
+    if test -n "$ac_subst_files"; then
+      $as_echo "## ------------------- ##
+## File substitutions. ##
+## ------------------- ##"
+      echo
+      for ac_var in $ac_subst_files
+      do
+	eval ac_val=\$$ac_var
+	case $ac_val in
+	*\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
+	esac
+	$as_echo "$ac_var='\''$ac_val'\''"
+      done | sort
+      echo
+    fi
+
+    if test -s confdefs.h; then
+      $as_echo "## ----------- ##
+## confdefs.h. ##
+## ----------- ##"
+      echo
+      cat confdefs.h
+      echo
+    fi
+    test "$ac_signal" != 0 &&
+      $as_echo "$as_me: caught signal $ac_signal"
+    $as_echo "$as_me: exit $exit_status"
+  } >&5
+  rm -f core *.core core.conftest.* &&
+    rm -f -r conftest* confdefs* conf$$* $ac_clean_files &&
+    exit $exit_status
+' 0
+for ac_signal in 1 2 13 15; do
+  trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal
+done
+ac_signal=0
+
+# confdefs.h avoids OS command line length limits that DEFS can exceed.
+rm -f -r conftest* confdefs.h
+
+$as_echo "/* confdefs.h */" > confdefs.h
+
+# Predefined preprocessor variables.
+
+cat >>confdefs.h <<_ACEOF
+@%:@define PACKAGE_NAME "$PACKAGE_NAME"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+@%:@define PACKAGE_TARNAME "$PACKAGE_TARNAME"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+@%:@define PACKAGE_VERSION "$PACKAGE_VERSION"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+@%:@define PACKAGE_STRING "$PACKAGE_STRING"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+@%:@define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+@%:@define PACKAGE_URL "$PACKAGE_URL"
+_ACEOF
+
+
+# Let the site file select an alternate cache file if it wants to.
+# Prefer an explicitly selected file to automatically selected ones.
+ac_site_file1=NONE
+ac_site_file2=NONE
+if test -n "$CONFIG_SITE"; then
+  # We do not want a PATH search for config.site.
+  case $CONFIG_SITE in @%:@((
+    -*)  ac_site_file1=./$CONFIG_SITE;;
+    */*) ac_site_file1=$CONFIG_SITE;;
+    *)   ac_site_file1=./$CONFIG_SITE;;
+  esac
+elif test "x$prefix" != xNONE; then
+  ac_site_file1=$prefix/share/config.site
+  ac_site_file2=$prefix/etc/config.site
+else
+  ac_site_file1=$ac_default_prefix/share/config.site
+  ac_site_file2=$ac_default_prefix/etc/config.site
+fi
+for ac_site_file in "$ac_site_file1" "$ac_site_file2"
+do
+  test "x$ac_site_file" = xNONE && continue
+  if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then
+    { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5
+$as_echo "$as_me: loading site script $ac_site_file" >&6;}
+    sed 's/^/| /' "$ac_site_file" >&5
+    . "$ac_site_file" \
+      || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "failed to load site script $ac_site_file
+See \`config.log' for more details" "$LINENO" 5; }
+  fi
+done
+
+if test -r "$cache_file"; then
+  # Some versions of bash will fail to source /dev/null (special files
+  # actually), so we avoid doing that.  DJGPP emulates it as a regular file.
+  if test /dev/null != "$cache_file" && test -f "$cache_file"; then
+    { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5
+$as_echo "$as_me: loading cache $cache_file" >&6;}
+    case $cache_file in
+      [\\/]* | ?:[\\/]* ) . "$cache_file";;
+      *)                      . "./$cache_file";;
+    esac
+  fi
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5
+$as_echo "$as_me: creating cache $cache_file" >&6;}
+  >$cache_file
+fi
+
+# Check that the precious variables saved in the cache have kept the same
+# value.
+ac_cache_corrupted=false
+for ac_var in $ac_precious_vars; do
+  eval ac_old_set=\$ac_cv_env_${ac_var}_set
+  eval ac_new_set=\$ac_env_${ac_var}_set
+  eval ac_old_val=\$ac_cv_env_${ac_var}_value
+  eval ac_new_val=\$ac_env_${ac_var}_value
+  case $ac_old_set,$ac_new_set in
+    set,)
+      { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5
+$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;}
+      ac_cache_corrupted=: ;;
+    ,set)
+      { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5
+$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;}
+      ac_cache_corrupted=: ;;
+    ,);;
+    *)
+      if test "x$ac_old_val" != "x$ac_new_val"; then
+	# differences in whitespace do not lead to failure.
+	ac_old_val_w=`echo x $ac_old_val`
+	ac_new_val_w=`echo x $ac_new_val`
+	if test "$ac_old_val_w" != "$ac_new_val_w"; then
+	  { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5
+$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;}
+	  ac_cache_corrupted=:
+	else
+	  { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5
+$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;}
+	  eval $ac_var=\$ac_old_val
+	fi
+	{ $as_echo "$as_me:${as_lineno-$LINENO}:   former value:  \`$ac_old_val'" >&5
+$as_echo "$as_me:   former value:  \`$ac_old_val'" >&2;}
+	{ $as_echo "$as_me:${as_lineno-$LINENO}:   current value: \`$ac_new_val'" >&5
+$as_echo "$as_me:   current value: \`$ac_new_val'" >&2;}
+      fi;;
+  esac
+  # Pass precious variables to config.status.
+  if test "$ac_new_set" = set; then
+    case $ac_new_val in
+    *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;;
+    *) ac_arg=$ac_var=$ac_new_val ;;
+    esac
+    case " $ac_configure_args " in
+      *" '$ac_arg' "*) ;; # Avoid dups.  Use of quotes ensures accuracy.
+      *) as_fn_append ac_configure_args " '$ac_arg'" ;;
+    esac
+  fi
+done
+if $ac_cache_corrupted; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+  { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5
+$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;}
+  as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5
+fi
+## -------------------- ##
+## Main body of script. ##
+## -------------------- ##
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+
+if test ! -f config.h.in; then
+   echo "You need to run autoheader first. "
+   echo -n "Shall I do this for you now? (y/n) "
+   read answer
+   if test "$answer" != "y"; then
+      exit 1
+   else
+      autoheader
+  fi
+fi  
+
+ac_config_headers="$ac_config_headers config.h"
+
+ac_aux_dir=
+for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do
+  if test -f "$ac_dir/install-sh"; then
+    ac_aux_dir=$ac_dir
+    ac_install_sh="$ac_aux_dir/install-sh -c"
+    break
+  elif test -f "$ac_dir/install.sh"; then
+    ac_aux_dir=$ac_dir
+    ac_install_sh="$ac_aux_dir/install.sh -c"
+    break
+  elif test -f "$ac_dir/shtool"; then
+    ac_aux_dir=$ac_dir
+    ac_install_sh="$ac_aux_dir/shtool install -c"
+    break
+  fi
+done
+if test -z "$ac_aux_dir"; then
+  as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5
+fi
+
+# These three variables are undocumented and unsupported,
+# and are intended to be withdrawn in a future Autoconf release.
+# They can cause serious problems if a builder's source tree is in a directory
+# whose full name contains unusual characters.
+ac_config_guess="$SHELL $ac_aux_dir/config.guess"  # Please don't use this var.
+ac_config_sub="$SHELL $ac_aux_dir/config.sub"  # Please don't use this var.
+ac_configure="$SHELL $ac_aux_dir/configure"  # Please don't use this var.
+
+
+# Make sure we can run config.sub.
+$SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 ||
+  as_fn_error $? "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking build system type" >&5
+$as_echo_n "checking build system type... " >&6; }
+if ${ac_cv_build+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_build_alias=$build_alias
+test "x$ac_build_alias" = x &&
+  ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"`
+test "x$ac_build_alias" = x &&
+  as_fn_error $? "cannot guess build type; you must specify one" "$LINENO" 5
+ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` ||
+  as_fn_error $? "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5
+$as_echo "$ac_cv_build" >&6; }
+case $ac_cv_build in
+*-*-*) ;;
+*) as_fn_error $? "invalid value of canonical build" "$LINENO" 5;;
+esac
+build=$ac_cv_build
+ac_save_IFS=$IFS; IFS='-'
+set x $ac_cv_build
+shift
+build_cpu=$1
+build_vendor=$2
+shift; shift
+# Remember, the first character of IFS is used to create $*,
+# except with old shells:
+build_os=$*
+IFS=$ac_save_IFS
+case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking host system type" >&5
+$as_echo_n "checking host system type... " >&6; }
+if ${ac_cv_host+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test "x$host_alias" = x; then
+  ac_cv_host=$ac_cv_build
+else
+  ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` ||
+    as_fn_error $? "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5
+$as_echo "$ac_cv_host" >&6; }
+case $ac_cv_host in
+*-*-*) ;;
+*) as_fn_error $? "invalid value of canonical host" "$LINENO" 5;;
+esac
+host=$ac_cv_host
+ac_save_IFS=$IFS; IFS='-'
+set x $ac_cv_host
+shift
+host_cpu=$1
+host_vendor=$2
+shift; shift
+# Remember, the first character of IFS is used to create $*,
+# except with old shells:
+host_os=$*
+IFS=$ac_save_IFS
+case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac
+
+
+
+dodk=auto
+DKPREFIX=none
+
+@%:@ Check whether --with-docbook was given.
+if test "${with_docbook+set}" = set; then :
+  withval=$with_docbook; case "$with_docbook" in
+yes) dodk=yes;;
+no) dodk=no;;
+*) 
+	dodk=yes
+	DKPREFIX=$withval
+	;;
+esac
+
+fi
+
+DB2HTML=false
+
+@%:@ Check whether --with-db2html was given.
+if test "${with_db2html+set}" = set; then :
+  withval=$with_db2html; DB2HTML=$withval
+
+fi
+
+
+
+VERSION_MAJOR=3
+VERSION_MINOR=0
+VERSION_POINT=12
+CODE_STATUS="stable"
+
+
+
+
+
+
+
+
+cat >>confdefs.h <<_ACEOF
+@%:@define VERSION_MAJOR ${VERSION_MAJOR}
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+@%:@define VERSION_MINOR ${VERSION_MINOR}
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+@%:@define VERSION_POINT ${VERSION_POINT}
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+@%:@define VERSION "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_POINT}"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+@%:@define CODE_STATUS "${CODE_STATUS}"
+_ACEOF
+
+
+
+if test "X$CFLAGS" = "X"; then
+   CFLAGS=" "
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+if test -n "$ac_tool_prefix"; then
+  # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
+set dummy ${ac_tool_prefix}gcc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_CC="${ac_tool_prefix}gcc"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_CC"; then
+  ac_ct_CC=$CC
+  # Extract the first word of "gcc", so it can be a program name with args.
+set dummy gcc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_CC"; then
+  ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_ac_ct_CC="gcc"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_CC=$ac_cv_prog_ac_ct_CC
+if test -n "$ac_ct_CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
+$as_echo "$ac_ct_CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+  if test "x$ac_ct_CC" = x; then
+    CC=""
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    CC=$ac_ct_CC
+  fi
+else
+  CC="$ac_cv_prog_CC"
+fi
+
+if test -z "$CC"; then
+          if test -n "$ac_tool_prefix"; then
+    # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
+set dummy ${ac_tool_prefix}cc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_CC="${ac_tool_prefix}cc"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  fi
+fi
+if test -z "$CC"; then
+  # Extract the first word of "cc", so it can be a program name with args.
+set dummy cc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+  ac_prog_rejected=no
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then
+       ac_prog_rejected=yes
+       continue
+     fi
+    ac_cv_prog_CC="cc"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+if test $ac_prog_rejected = yes; then
+  # We found a bogon in the path, so make sure we never use it.
+  set dummy $ac_cv_prog_CC
+  shift
+  if test $@%:@ != 0; then
+    # We chose a different compiler from the bogus one.
+    # However, it has the same basename, so the bogon will be chosen
+    # first if we set CC to just the basename; use the full file name.
+    shift
+    ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@"
+  fi
+fi
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$CC"; then
+  if test -n "$ac_tool_prefix"; then
+  for ac_prog in cl.exe
+  do
+    # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+    test -n "$CC" && break
+  done
+fi
+if test -z "$CC"; then
+  ac_ct_CC=$CC
+  for ac_prog in cl.exe
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_CC"; then
+  ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_ac_ct_CC="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_CC=$ac_cv_prog_ac_ct_CC
+if test -n "$ac_ct_CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
+$as_echo "$ac_ct_CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$ac_ct_CC" && break
+done
+
+  if test "x$ac_ct_CC" = x; then
+    CC=""
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    CC=$ac_ct_CC
+  fi
+fi
+
+fi
+
+
+test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "no acceptable C compiler found in \$PATH
+See \`config.log' for more details" "$LINENO" 5; }
+
+# Provide some information about the compiler.
+$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5
+set X $ac_compile
+ac_compiler=$2
+for ac_option in --version -v -V -qversion; do
+  { { ac_try="$ac_compiler $ac_option >&5"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_compiler $ac_option >&5") 2>conftest.err
+  ac_status=$?
+  if test -s conftest.err; then
+    sed '10a\
+... rest of stderr output deleted ...
+         10q' conftest.err >conftest.er1
+    cat conftest.er1 >&5
+  fi
+  rm -f conftest.er1 conftest.err
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+done
+
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+ac_clean_files_save=$ac_clean_files
+ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out"
+# Try to create an executable without -o first, disregard a.out.
+# It will help us diagnose broken compilers, and finding out an intuition
+# of exeext.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5
+$as_echo_n "checking whether the C compiler works... " >&6; }
+ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'`
+
+# The possible output files:
+ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*"
+
+ac_rmfiles=
+for ac_file in $ac_files
+do
+  case $ac_file in
+    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
+    * ) ac_rmfiles="$ac_rmfiles $ac_file";;
+  esac
+done
+rm -f $ac_rmfiles
+
+if { { ac_try="$ac_link_default"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_link_default") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then :
+  # Autoconf-2.13 could set the ac_cv_exeext variable to `no'.
+# So ignore a value of `no', otherwise this would lead to `EXEEXT = no'
+# in a Makefile.  We should not override ac_cv_exeext if it was cached,
+# so that the user can short-circuit this test for compilers unknown to
+# Autoconf.
+for ac_file in $ac_files ''
+do
+  test -f "$ac_file" || continue
+  case $ac_file in
+    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj )
+	;;
+    [ab].out )
+	# We found the default executable, but exeext='' is most
+	# certainly right.
+	break;;
+    *.* )
+	if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no;
+	then :; else
+	   ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
+	fi
+	# We set ac_cv_exeext here because the later test for it is not
+	# safe: cross compilers may not add the suffix if given an `-o'
+	# argument, so we may need to know it at that point already.
+	# Even if this section looks crufty: it has the advantage of
+	# actually working.
+	break;;
+    * )
+	break;;
+  esac
+done
+test "$ac_cv_exeext" = no && ac_cv_exeext=
+
+else
+  ac_file=''
+fi
+if test -z "$ac_file"; then :
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+$as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "C compiler cannot create executables
+See \`config.log' for more details" "$LINENO" 5; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5
+$as_echo_n "checking for C compiler default output file name... " >&6; }
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5
+$as_echo "$ac_file" >&6; }
+ac_exeext=$ac_cv_exeext
+
+rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out
+ac_clean_files=$ac_clean_files_save
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5
+$as_echo_n "checking for suffix of executables... " >&6; }
+if { { ac_try="$ac_link"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_link") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then :
+  # If both `conftest.exe' and `conftest' are `present' (well, observable)
+# catch `conftest.exe'.  For instance with Cygwin, `ls conftest' will
+# work properly (i.e., refer to `conftest.exe'), while it won't with
+# `rm'.
+for ac_file in conftest.exe conftest conftest.*; do
+  test -f "$ac_file" || continue
+  case $ac_file in
+    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
+    *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
+	  break;;
+    * ) break;;
+  esac
+done
+else
+  { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot compute suffix of executables: cannot compile and link
+See \`config.log' for more details" "$LINENO" 5; }
+fi
+rm -f conftest conftest$ac_cv_exeext
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5
+$as_echo "$ac_cv_exeext" >&6; }
+
+rm -f conftest.$ac_ext
+EXEEXT=$ac_cv_exeext
+ac_exeext=$EXEEXT
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+@%:@include <stdio.h>
+int
+main ()
+{
+FILE *f = fopen ("conftest.out", "w");
+ return ferror (f) || fclose (f) != 0;
+
+  ;
+  return 0;
+}
+_ACEOF
+ac_clean_files="$ac_clean_files conftest.out"
+# Check that the compiler produces executables we can run.  If not, either
+# the compiler is broken, or we cross compile.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5
+$as_echo_n "checking whether we are cross compiling... " >&6; }
+if test "$cross_compiling" != yes; then
+  { { ac_try="$ac_link"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_link") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+  if { ac_try='./conftest$ac_cv_exeext'
+  { { case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_try") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; }; then
+    cross_compiling=no
+  else
+    if test "$cross_compiling" = maybe; then
+	cross_compiling=yes
+    else
+	{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot run C compiled programs.
+If you meant to cross compile, use \`--host'.
+See \`config.log' for more details" "$LINENO" 5; }
+    fi
+  fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5
+$as_echo "$cross_compiling" >&6; }
+
+rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out
+ac_clean_files=$ac_clean_files_save
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5
+$as_echo_n "checking for suffix of object files... " >&6; }
+if ${ac_cv_objext+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+rm -f conftest.o conftest.obj
+if { { ac_try="$ac_compile"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_compile") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then :
+  for ac_file in conftest.o conftest.obj conftest.*; do
+  test -f "$ac_file" || continue;
+  case $ac_file in
+    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;;
+    *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'`
+       break;;
+  esac
+done
+else
+  $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot compute suffix of object files: cannot compile
+See \`config.log' for more details" "$LINENO" 5; }
+fi
+rm -f conftest.$ac_cv_objext conftest.$ac_ext
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5
+$as_echo "$ac_cv_objext" >&6; }
+OBJEXT=$ac_cv_objext
+ac_objext=$OBJEXT
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5
+$as_echo_n "checking whether we are using the GNU C compiler... " >&6; }
+if ${ac_cv_c_compiler_gnu+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+#ifndef __GNUC__
+       choke me
+#endif
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_compiler_gnu=yes
+else
+  ac_compiler_gnu=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ac_cv_c_compiler_gnu=$ac_compiler_gnu
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5
+$as_echo "$ac_cv_c_compiler_gnu" >&6; }
+if test $ac_compiler_gnu = yes; then
+  GCC=yes
+else
+  GCC=
+fi
+ac_test_CFLAGS=${CFLAGS+set}
+ac_save_CFLAGS=$CFLAGS
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5
+$as_echo_n "checking whether $CC accepts -g... " >&6; }
+if ${ac_cv_prog_cc_g+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_save_c_werror_flag=$ac_c_werror_flag
+   ac_c_werror_flag=yes
+   ac_cv_prog_cc_g=no
+   CFLAGS="-g"
+   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_prog_cc_g=yes
+else
+  CFLAGS=""
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  
+else
+  ac_c_werror_flag=$ac_save_c_werror_flag
+	 CFLAGS="-g"
+	 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_prog_cc_g=yes
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+   ac_c_werror_flag=$ac_save_c_werror_flag
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5
+$as_echo "$ac_cv_prog_cc_g" >&6; }
+if test "$ac_test_CFLAGS" = set; then
+  CFLAGS=$ac_save_CFLAGS
+elif test $ac_cv_prog_cc_g = yes; then
+  if test "$GCC" = yes; then
+    CFLAGS="-g -O2"
+  else
+    CFLAGS="-g"
+  fi
+else
+  if test "$GCC" = yes; then
+    CFLAGS="-O2"
+  else
+    CFLAGS=
+  fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5
+$as_echo_n "checking for $CC option to accept ISO C89... " >&6; }
+if ${ac_cv_prog_cc_c89+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_cv_prog_cc_c89=no
+ac_save_CC=$CC
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <stdarg.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+/* Most of the following tests are stolen from RCS 5.7's src/conf.sh.  */
+struct buf { int x; };
+FILE * (*rcsopen) (struct buf *, struct stat *, int);
+static char *e (p, i)
+     char **p;
+     int i;
+{
+  return p[i];
+}
+static char *f (char * (*g) (char **, int), char **p, ...)
+{
+  char *s;
+  va_list v;
+  va_start (v,p);
+  s = g (p, va_arg (v,int));
+  va_end (v);
+  return s;
+}
+
+/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default.  It has
+   function prototypes and stuff, but not '\xHH' hex character constants.
+   These don't provoke an error unfortunately, instead are silently treated
+   as 'x'.  The following induces an error, until -std is added to get
+   proper ANSI mode.  Curiously '\x00'!='x' always comes out true, for an
+   array size at least.  It's necessary to write '\x00'==0 to get something
+   that's true only with -std.  */
+int osf4_cc_array ['\x00' == 0 ? 1 : -1];
+
+/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters
+   inside strings and character constants.  */
+#define FOO(x) 'x'
+int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1];
+
+int test (int i, double x);
+struct s1 {int (*f) (int a);};
+struct s2 {int (*f) (double a);};
+int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int);
+int argc;
+char **argv;
+int
+main ()
+{
+return f (e, argv, 0) != argv[0]  ||  f (e, argv, 1) != argv[1];
+  ;
+  return 0;
+}
+_ACEOF
+for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \
+	-Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__"
+do
+  CC="$ac_save_CC $ac_arg"
+  if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_prog_cc_c89=$ac_arg
+fi
+rm -f core conftest.err conftest.$ac_objext
+  test "x$ac_cv_prog_cc_c89" != "xno" && break
+done
+rm -f conftest.$ac_ext
+CC=$ac_save_CC
+
+fi
+# AC_CACHE_VAL
+case "x$ac_cv_prog_cc_c89" in
+  x)
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5
+$as_echo "none needed" >&6; } ;;
+  xno)
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5
+$as_echo "unsupported" >&6; } ;;
+  *)
+    CC="$CC $ac_cv_prog_cc_c89"
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5
+$as_echo "$ac_cv_prog_cc_c89" >&6; } ;;
+esac
+if test "x$ac_cv_prog_cc_c89" != xno; then :
+  
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5
+$as_echo_n "checking how to run the C preprocessor... " >&6; }
+# On Suns, sometimes $CPP names a directory.
+if test -n "$CPP" && test -d "$CPP"; then
+  CPP=
+fi
+if test -z "$CPP"; then
+  if ${ac_cv_prog_CPP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+      # Double quotes because CPP needs to be expanded
+    for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp"
+    do
+      ac_preproc_ok=false
+for ac_c_preproc_warn_flag in '' yes
+do
+  # Use a header file that comes with gcc, so configuring glibc
+  # with a fresh cross-compiler works.
+  # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+  # <limits.h> exists even on freestanding compilers.
+  # On the NeXT, cc -E runs the code through the compiler's parser,
+  # not just through cpp. "Syntax error" is here to catch this case.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+@%:@ifdef __STDC__
+@%:@ include <limits.h>
+@%:@else
+@%:@ include <assert.h>
+@%:@endif
+		     Syntax error
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"; then :
+  
+else
+  # Broken: fails on valid input.
+continue
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+  # OK, works on sane cases.  Now check whether nonexistent headers
+  # can be detected and how.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+@%:@include <ac_nonexistent.h>
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"; then :
+  # Broken: success on invalid input.
+continue
+else
+  # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.i conftest.err conftest.$ac_ext
+if $ac_preproc_ok; then :
+  break
+fi
+
+    done
+    ac_cv_prog_CPP=$CPP
+  
+fi
+  CPP=$ac_cv_prog_CPP
+else
+  ac_cv_prog_CPP=$CPP
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5
+$as_echo "$CPP" >&6; }
+ac_preproc_ok=false
+for ac_c_preproc_warn_flag in '' yes
+do
+  # Use a header file that comes with gcc, so configuring glibc
+  # with a fresh cross-compiler works.
+  # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+  # <limits.h> exists even on freestanding compilers.
+  # On the NeXT, cc -E runs the code through the compiler's parser,
+  # not just through cpp. "Syntax error" is here to catch this case.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+@%:@ifdef __STDC__
+@%:@ include <limits.h>
+@%:@else
+@%:@ include <assert.h>
+@%:@endif
+		     Syntax error
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"; then :
+  
+else
+  # Broken: fails on valid input.
+continue
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+  # OK, works on sane cases.  Now check whether nonexistent headers
+  # can be detected and how.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+@%:@include <ac_nonexistent.h>
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"; then :
+  # Broken: success on invalid input.
+continue
+else
+  # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.i conftest.err conftest.$ac_ext
+if $ac_preproc_ok; then :
+  
+else
+  { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "C preprocessor \"$CPP\" fails sanity check
+See \`config.log' for more details" "$LINENO" 5; }
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+# Find a good install program.  We prefer a C program (faster),
+# so one script is as good as another.  But avoid the broken or
+# incompatible versions:
+# SysV /etc/install, /usr/sbin/install
+# SunOS /usr/etc/install
+# IRIX /sbin/install
+# AIX /bin/install
+# AmigaOS /C/install, which installs bootblocks on floppy discs
+# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag
+# AFS /usr/afsws/bin/install, which mishandles nonexistent args
+# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
+# OS/2's system install, which has a completely different semantic
+# ./install, which can be erroneously created by make from ./install.sh.
+# Reject install programs that cannot install multiple files.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5
+$as_echo_n "checking for a BSD-compatible install... " >&6; }
+if test -z "$INSTALL"; then
+if ${ac_cv_path_install+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    # Account for people who put trailing slashes in PATH elements.
+case $as_dir/ in @%:@((
+  ./ | .// | /[cC]/* | \
+  /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \
+  ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \
+  /usr/ucb/* ) ;;
+  *)
+    # OSF1 and SCO ODT 3.0 have their own names for install.
+    # Don't use installbsd from OSF since it installs stuff as root
+    # by default.
+    for ac_prog in ginstall scoinst install; do
+      for ac_exec_ext in '' $ac_executable_extensions; do
+	if { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; }; then
+	  if test $ac_prog = install &&
+	    grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
+	    # AIX install.  It has an incompatible calling convention.
+	    :
+	  elif test $ac_prog = install &&
+	    grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
+	    # program-specific install script used by HP pwplus--don't use.
+	    :
+	  else
+	    rm -rf conftest.one conftest.two conftest.dir
+	    echo one > conftest.one
+	    echo two > conftest.two
+	    mkdir conftest.dir
+	    if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" &&
+	      test -s conftest.one && test -s conftest.two &&
+	      test -s conftest.dir/conftest.one &&
+	      test -s conftest.dir/conftest.two
+	    then
+	      ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c"
+	      break 3
+	    fi
+	  fi
+	fi
+      done
+    done
+    ;;
+esac
+
+  done
+IFS=$as_save_IFS
+
+rm -rf conftest.one conftest.two conftest.dir
+
+fi
+  if test "${ac_cv_path_install+set}" = set; then
+    INSTALL=$ac_cv_path_install
+  else
+    # As a last resort, use the slow shell script.  Don't cache a
+    # value for INSTALL within a source directory, because that will
+    # break other packages using the cache if that directory is
+    # removed, or if the value is a relative name.
+    INSTALL=$ac_install_sh
+  fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5
+$as_echo "$INSTALL" >&6; }
+
+# Use test -z because SunOS4 sh mishandles braces in ${var-val}.
+# It thinks the first close brace ends the variable substitution.
+test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}'
+
+test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}'
+
+test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644'
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ln -s works" >&5
+$as_echo_n "checking whether ln -s works... " >&6; }
+LN_S=$as_ln_s
+if test "$LN_S" = "ln -s"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no, using $LN_S" >&5
+$as_echo "no, using $LN_S" >&6; }
+fi
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5
+$as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; }
+set x ${MAKE-make}
+ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'`
+if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat >conftest.make <<\_ACEOF
+SHELL = /bin/sh
+all:
+	@echo '@@@%%%=$(MAKE)=@@@%%%'
+_ACEOF
+# GNU make sometimes prints "make[1]: Entering ...", which would confuse us.
+case `${MAKE-make} -f conftest.make 2>/dev/null` in
+  *@@@%%%=?*=@@@%%%*)
+    eval ac_cv_prog_make_${ac_make}_set=yes;;
+  *)
+    eval ac_cv_prog_make_${ac_make}_set=no;;
+esac
+rm -f conftest.make
+fi
+if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+  SET_MAKE=
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+  SET_MAKE="MAKE=${MAKE-make}"
+fi
+
+for ac_prog in gawk mawk nawk awk
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_AWK+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$AWK"; then
+  ac_cv_prog_AWK="$AWK" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_AWK="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+AWK=$ac_cv_prog_AWK
+if test -n "$AWK"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AWK" >&5
+$as_echo "$AWK" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$AWK" && break
+done
+
+
+# Extract the first word of "gdb", so it can be a program name with args.
+set dummy gdb; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_GDB+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$GDB"; then
+  ac_cv_prog_GDB="$GDB" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_GDB="yes"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+  test -z "$ac_cv_prog_GDB" && ac_cv_prog_GDB="no"
+fi
+fi
+GDB=$ac_cv_prog_GDB
+if test -n "$GDB"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $GDB" >&5
+$as_echo "$GDB" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+# Extract the first word of "groups", so it can be a program name with args.
+set dummy groups; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_path_BGROUPS+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  case $BGROUPS in
+  [\\/]* | ?:[\\/]*)
+  ac_cv_path_BGROUPS="$BGROUPS" # Let the user override the test with a path.
+  ;;
+  *)
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+as_dummy="/bin:/usr/bin:/usr/local/bin"
+for as_dir in $as_dummy
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_path_BGROUPS="$as_dir/$ac_word$ac_exec_ext"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+  test -z "$ac_cv_path_BGROUPS" && ac_cv_path_BGROUPS="no"
+  ;;
+esac
+fi
+BGROUPS=$ac_cv_path_BGROUPS
+if test -n "$BGROUPS"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $BGROUPS" >&5
+$as_echo "$BGROUPS" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+# Extract the first word of "id", so it can be a program name with args.
+set dummy id; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_path_ID+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  case $ID in
+  [\\/]* | ?:[\\/]*)
+  ac_cv_path_ID="$ID" # Let the user override the test with a path.
+  ;;
+  *)
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+as_dummy="/bin:/usr/bin:/usr/local/bin"
+for as_dir in $as_dummy
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_path_ID="$as_dir/$ac_word$ac_exec_ext"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+  test -z "$ac_cv_path_ID" && ac_cv_path_ID="no"
+  ;;
+esac
+fi
+ID=$ac_cv_path_ID
+if test -n "$ID"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ID" >&5
+$as_echo "$ID" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+
+
+
+
+
+@%:@ Check whether --with-debug was given.
+if test "${with_debug+set}" = set; then :
+  withval=$with_debug; 
+                if test "x$withval" != "xno" ; then
+                    if test $ac_cv_prog_cc_g = yes; then
+                      if test "$GCC" = yes; then
+                        if test "$GDB"; then
+                          CFLAGS="$CFLAGS -ggdb"
+                        else
+                          CFLAGS="$CFLAGS -g"
+                        fi
+                        CFLAGS="$CFLAGS -Wshadow  -Wconversion"
+                      else
+                        CFLAGS="$CFLAGS -g"
+                      fi
+                   fi
+                fi
+        
+else
+  
+            if test "X$CFLAGS" = "X "; then # if CFLAGS were unset (see above)
+              if test "$GCC" = yes; then
+                CFLAGS="-O2"
+              fi
+            fi
+        
+
+fi
+
+
+
+
+if test "$EMXOS2" = yes; then
+  echo "Skipping user and group validity stuff.";
+
+else
+
+  $ID privoxy >/dev/null 2>/dev/null
+  if test $? -ne 0 ; then
+   { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: There is no user 'privoxy' on this system" >&5
+$as_echo "$as_me: WARNING: There is no user 'privoxy' on this system" >&2;}
+  fi
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for user" >&5
+$as_echo_n "checking for user... " >&6; }
+  
+@%:@ Check whether --with-user was given.
+if test "${with_user+set}" = set; then :
+  withval=$with_user; 
+                if test "x$withval" != "xyes"; then
+                  if test $ID = no ; then
+                    as_fn_error $? "There is no 'id' program on this system" "$LINENO" 5
+                  else
+                    { $as_echo "$as_me:${as_lineno-$LINENO}: result: $with_user" >&5
+$as_echo "$with_user" >&6; }
+                    $ID $with_user 2>/dev/null >/dev/null
+                    if test $? -eq 0 ; then
+                      USER=$with_user;
+                    else
+                      as_fn_error $? "There is no user '$with_user' on this system" "$LINENO" 5
+                    fi
+                  fi
+                  else
+                   as_fn_error $? "We need a user if you give me this parameter" "$LINENO" 5
+                fi
+        
+else
+  
+          if test $ID = no ; then
+            as_fn_error $? "There is no 'id' programm on this system" "$LINENO" 5
+          else
+            { $as_echo "$as_me:${as_lineno-$LINENO}: result: none specified" >&5
+$as_echo "none specified" >&6; }
+            USER=$with_user
+          fi
+        
+  
+fi
+
+  
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for group" >&5
+$as_echo_n "checking for group... " >&6; }
+  
+@%:@ Check whether --with-group was given.
+if test "${with_group+set}" = set; then :
+  withval=$with_group;  
+                if test "x$withval" != "xyes"; then
+                  if test $BGROUPS = no ; then
+                    as_fn_error $? "There is no 'groups' program on this system" "$LINENO" 5
+                  else
+                    { $as_echo "$as_me:${as_lineno-$LINENO}: result: $with_group" >&5
+$as_echo "$with_group" >&6; }
+                    $BGROUPS $USER >/dev/null
+                    if test $? -eq 0 ; then
+                    # FIXME: this fails if valid group, but not first group
+                    # listed.
+                      if test "$with_group" != "`$BGROUPS $USER | sed 's/.*: //' 2>/dev/null |$AWK '{print $1}'`" ; then
+                        as_fn_error $? "The given value '$withval' does not match group entry" "$LINENO" 5
+                      else
+                        GROUP=$with_group;
+                      fi
+                    else
+                      as_fn_error $? "There is no group entry for user '$USER'" "$LINENO" 5
+                    fi
+                  fi
+                else
+                   as_fn_error $? "We need a group if you give me this parameter" "$LINENO" 5
+                fi
+        
+else
+  
+          if test $BGROUPS = no ; then
+            as_fn_error $? "There is no 'groups' programm on this system" "$LINENO" 5
+          else
+            { $as_echo "$as_me:${as_lineno-$LINENO}: result: none specified" >&5
+$as_echo "none specified" >&6; }
+            GROUP=$with_group;
+          fi
+        
+  
+fi
+
+  
+
+fi
+
+if test "$GCC"; then
+  if test "$host" != "powerpc-unknown-amigaos"; then
+    CFLAGS="-pipe $CFLAGS"
+  fi
+fi
+
+
+
+
+case $host_os in
+  *mingw32* ) MINGW32=yes;;
+	  * ) MINGW32=no;;
+esac
+
+
+case $host_os in
+  *cygwin* ) CYGWIN=yes;;
+	 * ) CYGWIN=no;;
+esac
+
+
+if test "$MINGW32" = "yes"; then
+  target_type=mingw
+else
+  if test "$CYGWIN" = "yes"; then
+    target_type=cygwin
+  else
+    target_type=unix
+  fi
+fi
+
+if test $dodk = auto; then
+	dodk=no
+	if test $target_type = unix; then
+		case "$host_os" in
+		linux* | gnu*)
+			dodk=yes
+		;;
+		esac
+	fi
+fi
+
+
+@%:@ Check whether --enable-mingw32 was given.
+if test "${enable_mingw32+set}" = set; then :
+  enableval=$enable_mingw32; if test $enableval = yes; then
+  target_type=mingw
+fi
+fi
+
+
+if test $target_type = mingw; then
+  WIN_ONLY=
+  SPECIAL_CFLAGS="-mwindows -mno-cygwin"
+  PTHREAD_LIB=-lpthreadGC
+  echo "Using mingw32 (Win32 GUI)"
+else
+  WIN_ONLY=#
+  if test $target_type = cygwin; then
+    SPECIAL_CFLAGS="-mno-win32"
+    PTHREAD_LIB=
+    echo "Using Cygnus (Win32 command line)"
+  else
+    SPECIAL_CFLAGS=
+    PTHREAD_LIB=-lpthread
+  fi
+fi
+
+
+if test $dodk != no; then
+	for ac_prog in w3m lynx links
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_WDUMP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$WDUMP"; then
+  ac_cv_prog_WDUMP="$WDUMP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_WDUMP="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+WDUMP=$ac_cv_prog_WDUMP
+if test -n "$WDUMP"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $WDUMP" >&5
+$as_echo "$WDUMP" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$WDUMP" && break
+done
+test -n "$WDUMP" || WDUMP="false"
+
+	if test "$WDUMP" = false; then
+		{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: You need some kind of text browser to build documentation \(w3m, lynx and links are supported\)" >&5
+$as_echo "$as_me: WARNING: You need some kind of text browser to build documentation \(w3m, lynx and links are supported\)" >&2;}
+	fi
+	if test $DB2HTML = false; then
+						DB2HTML=""
+		for ac_prog in db2html docbook2html
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_DB2HTML+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$DB2HTML"; then
+  ac_cv_prog_DB2HTML="$DB2HTML" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_DB2HTML="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+DB2HTML=$ac_cv_prog_DB2HTML
+if test -n "$DB2HTML"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DB2HTML" >&5
+$as_echo "$DB2HTML" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$DB2HTML" && break
+done
+test -n "$DB2HTML" || DB2HTML="false"
+
+	fi
+fi
+
+
+
+for ac_prog in rpm
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_RPMBIN+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$RPMBIN"; then
+  ac_cv_prog_RPMBIN="$RPMBIN" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_RPMBIN="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+RPMBIN=$ac_cv_prog_RPMBIN
+if test -n "$RPMBIN"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RPMBIN" >&5
+$as_echo "$RPMBIN" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$RPMBIN" && break
+done
+test -n "$RPMBIN" || RPMBIN="false"
+
+if test $RPMBIN != false; then
+		RPM_BASE=`rpm --eval "%{_topdir}"`
+		if test "$RPM_BASE" = ""; then
+			RPM_BASE=/usr/src/redhat
+		fi
+fi
+
+
+for ac_prog in jade openjade
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_JADEBIN+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$JADEBIN"; then
+  ac_cv_prog_JADEBIN="$JADEBIN" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_JADEBIN="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+JADEBIN=$ac_cv_prog_JADEBIN
+if test -n "$JADEBIN"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $JADEBIN" >&5
+$as_echo "$JADEBIN" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$JADEBIN" && break
+done
+test -n "$JADEBIN" || JADEBIN="false"
+
+
+
+for ac_prog in man2html
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_MAN2HTML+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$MAN2HTML"; then
+  ac_cv_prog_MAN2HTML="$MAN2HTML" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_MAN2HTML="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+MAN2HTML=$ac_cv_prog_MAN2HTML
+if test -n "$MAN2HTML"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MAN2HTML" >&5
+$as_echo "$MAN2HTML" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$MAN2HTML" && break
+done
+test -n "$MAN2HTML" || MAN2HTML="false"
+
+
+
+DOC_STATUS=p-not-stable
+if  test $CODE_STATUS = stable; then
+     DOC_STATUS="p-stable"
+fi
+
+
+JADECAT=""
+if test $dodk = yes; then
+  if test $DKPREFIX = none; then
+    for i in /usr/share/sgml/docbook/dsssl-stylesheets \
+             /usr/share/sgml/docbkdsl /usr/share/sgml/docbook-dsssl \
+             /usr/local/share/sgml/docbook/dsssl/modular \
+             /usr/share/sgml/docbook/stylesheet/dsssl/modular/ \
+             ; do
+      { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $i" >&5
+$as_echo_n "checking for $i... " >&6; }
+      if test -f $i/html/docbook.dsl; then
+        echo "yes"
+        DKPREFIX=$i
+        break
+      else
+        echo "no"
+      fi
+    done
+# where are the catalogs?
+    for i in /usr/share/sgml/CATALOG.docbk30 \
+             /usr/share/sgml/CATALOG.docbk31 \
+             /usr/share/sgml/CATALOG.docbk31 \
+             /usr/local/share/sgml/docbook/3.0/docbook.cat \
+             /usr/local/share/sgml/docbook/3.1/docbook.cat \
+             /usr/share/sgml/docbook/dtd/3.1/docbook.cat \
+             ; do
+      { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $i" >&5
+$as_echo_n "checking for $i... " >&6; }
+      if test -f $i; then
+        echo "yes"
+        JADECAT="$JADECAT -c $i"
+      else
+        echo "no"
+      fi
+    done
+  fi
+fi
+
+
+
+old_CFLAGS_nospecial=$CFLAGS
+CFLAGS="$CFLAGS $SPECIAL_CFLAGS"
+
+# Hack to force AutoConf to use the CFLAGS we just set
+ac_cpp='$CPP $CPPFLAGS $SPECIAL_CFLAGS'
+ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
+ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5
+$as_echo_n "checking for grep that handles long lines and -e... " >&6; }
+if ${ac_cv_path_GREP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -z "$GREP"; then
+  ac_path_GREP_found=false
+  # Loop through the user's path and test for each of PROGNAME-LIST
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_prog in grep ggrep; do
+    for ac_exec_ext in '' $ac_executable_extensions; do
+      ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext"
+      { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue
+# Check for GNU ac_path_GREP and select it if it is found.
+  # Check for GNU $ac_path_GREP
+case `"$ac_path_GREP" --version 2>&1` in
+*GNU*)
+  ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;;
+*)
+  ac_count=0
+  $as_echo_n 0123456789 >"conftest.in"
+  while :
+  do
+    cat "conftest.in" "conftest.in" >"conftest.tmp"
+    mv "conftest.tmp" "conftest.in"
+    cp "conftest.in" "conftest.nl"
+    $as_echo 'GREP' >> "conftest.nl"
+    "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break
+    diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
+    as_fn_arith $ac_count + 1 && ac_count=$as_val
+    if test $ac_count -gt ${ac_path_GREP_max-0}; then
+      # Best one so far, save it but keep looking for a better one
+      ac_cv_path_GREP="$ac_path_GREP"
+      ac_path_GREP_max=$ac_count
+    fi
+    # 10*(2^10) chars as input seems more than enough
+    test $ac_count -gt 10 && break
+  done
+  rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
+esac
+
+      $ac_path_GREP_found && break 3
+    done
+  done
+  done
+IFS=$as_save_IFS
+  if test -z "$ac_cv_path_GREP"; then
+    as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
+  fi
+else
+  ac_cv_path_GREP=$GREP
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5
+$as_echo "$ac_cv_path_GREP" >&6; }
+ GREP="$ac_cv_path_GREP"
+ 
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5
+$as_echo_n "checking for egrep... " >&6; }
+if ${ac_cv_path_EGREP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if echo a | $GREP -E '(a|b)' >/dev/null 2>&1
+   then ac_cv_path_EGREP="$GREP -E"
+   else
+     if test -z "$EGREP"; then
+  ac_path_EGREP_found=false
+  # Loop through the user's path and test for each of PROGNAME-LIST
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_prog in egrep; do
+    for ac_exec_ext in '' $ac_executable_extensions; do
+      ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext"
+      { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue
+# Check for GNU ac_path_EGREP and select it if it is found.
+  # Check for GNU $ac_path_EGREP
+case `"$ac_path_EGREP" --version 2>&1` in
+*GNU*)
+  ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;;
+*)
+  ac_count=0
+  $as_echo_n 0123456789 >"conftest.in"
+  while :
+  do
+    cat "conftest.in" "conftest.in" >"conftest.tmp"
+    mv "conftest.tmp" "conftest.in"
+    cp "conftest.in" "conftest.nl"
+    $as_echo 'EGREP' >> "conftest.nl"
+    "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break
+    diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
+    as_fn_arith $ac_count + 1 && ac_count=$as_val
+    if test $ac_count -gt ${ac_path_EGREP_max-0}; then
+      # Best one so far, save it but keep looking for a better one
+      ac_cv_path_EGREP="$ac_path_EGREP"
+      ac_path_EGREP_max=$ac_count
+    fi
+    # 10*(2^10) chars as input seems more than enough
+    test $ac_count -gt 10 && break
+  done
+  rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
+esac
+
+      $ac_path_EGREP_found && break 3
+    done
+  done
+  done
+IFS=$as_save_IFS
+  if test -z "$ac_cv_path_EGREP"; then
+    as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
+  fi
+else
+  ac_cv_path_EGREP=$EGREP
+fi
+
+   fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5
+$as_echo "$ac_cv_path_EGREP" >&6; }
+ EGREP="$ac_cv_path_EGREP"
+ 
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5
+$as_echo_n "checking for ANSI C header files... " >&6; }
+if ${ac_cv_header_stdc+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <stdlib.h>
+#include <stdarg.h>
+#include <string.h>
+#include <float.h>
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_header_stdc=yes
+else
+  ac_cv_header_stdc=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+if test $ac_cv_header_stdc = yes; then
+  # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <string.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "memchr" >/dev/null 2>&1; then :
+  
+else
+  ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+  # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <stdlib.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "free" >/dev/null 2>&1; then :
+  
+else
+  ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+  # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi.
+  if test "$cross_compiling" = yes; then :
+  :
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <ctype.h>
+#include <stdlib.h>
+#if ((' ' & 0x0FF) == 0x020)
+# define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
+# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c))
+#else
+# define ISLOWER(c) \
+		   (('a' <= (c) && (c) <= 'i') \
+		     || ('j' <= (c) && (c) <= 'r') \
+		     || ('s' <= (c) && (c) <= 'z'))
+# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c))
+#endif
+
+#define XOR(e, f) (((e) && !(f)) || (!(e) && (f)))
+int
+main ()
+{
+  int i;
+  for (i = 0; i < 256; i++)
+    if (XOR (islower (i), ISLOWER (i))
+	|| toupper (i) != TOUPPER (i))
+      return 2;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"; then :
+  
+else
+  ac_cv_header_stdc=no
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+  conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+
+fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5
+$as_echo "$ac_cv_header_stdc" >&6; }
+if test $ac_cv_header_stdc = yes; then
+  
+$as_echo "@%:@define STDC_HEADERS 1" >>confdefs.h
+
+fi
+
+# On IRIX 5.3, sys/types and inttypes.h are conflicting.
+for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \
+		  inttypes.h stdint.h unistd.h
+do :
+  as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
+ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default
+"
+if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
+  cat >>confdefs.h <<_ACEOF
+@%:@define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+ 
+fi
+
+done
+
+
+ac_fn_c_check_header_mongrel "$LINENO" "pthread.h" "ac_cv_header_pthread_h" "$ac_includes_default"
+if test "x$ac_cv_header_pthread_h" = xyes; then :
+  have_pthread=yes
+else
+  have_pthread=no
+fi
+
+
+
+@%:@ Check whether --enable-pthread was given.
+if test "${enable_pthread+set}" = set; then :
+  enableval=$enable_pthread; if test $enableval = no; then
+  # Disable pthreads
+  if test $have_pthread = yes; then
+     { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: pthreads seem to be available but you are using --disable-pthread." >&5
+$as_echo "$as_me: WARNING: pthreads seem to be available but you are using --disable-pthread." >&2;} 
+     { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: This is almost always a mistake and can render Privoxy unacceptable slow." >&5
+$as_echo "$as_me: WARNING: This is almost always a mistake and can render Privoxy unacceptable slow." >&2;}
+  fi
+  have_pthread=no
+fi
+fi
+
+
+if test $have_pthread = yes; then
+  PTHREAD_ONLY=
+  $as_echo "@%:@define FEATURE_PTHREAD 1" >>confdefs.h
+
+  echo Using POSIX threads
+  if test "$GCC" = "yes"; then
+    # Set a GCC specific switch:
+    if test "$target_type" = "unix"; then
+      ac_jgf_save_CFLAGS=$CFLAGS
+      CFLAGS="$CFLAGS -pthread"
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <pthread.h>
+int
+main ()
+{
+void *p = pthread_create;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  
+          # This compiler switch makes GCC on Linux thread-safe
+          # However, it's not supported on most other OS.
+          PTHREAD_LIB=
+          SPECIAL_CFLAGS="-pthread"
+        
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+      CFLAGS=$ac_jgf_save_CFLAGS
+    fi
+  fi
+else
+  PTHREAD_ONLY=#
+  echo Using native threads
+fi
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for gethostbyname in -lnsl" >&5
+$as_echo_n "checking for gethostbyname in -lnsl... " >&6; }
+if ${ac_cv_lib_nsl_gethostbyname+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-lnsl  $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char gethostbyname ();
+int
+main ()
+{
+return gethostbyname ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_nsl_gethostbyname=yes
+else
+  ac_cv_lib_nsl_gethostbyname=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_nsl_gethostbyname" >&5
+$as_echo "$ac_cv_lib_nsl_gethostbyname" >&6; }
+if test "x$ac_cv_lib_nsl_gethostbyname" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+@%:@define HAVE_LIBNSL 1
+_ACEOF
+
+  LIBS="-lnsl $LIBS"
+
+fi
+
+
+ac_fn_c_check_func "$LINENO" "gethostbyaddr_r" "ac_cv_func_gethostbyaddr_r"
+if test "x$ac_cv_func_gethostbyaddr_r" = xyes; then :
+  
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking signature of gethostbyaddr_r" >&5
+$as_echo_n "checking signature of gethostbyaddr_r... " >&6; }
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#   include <netdb.h>
+  
+int
+main ()
+{
+
+    struct hostent *h, *hp;
+    char *a, *b;
+    int l, bl, t, e;
+    (void) gethostbyaddr_r(a, l, t, h, b, bl, &hp, &e)
+  
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  
+    $as_echo "@%:@define HAVE_GETHOSTBYADDR_R_8_ARGS 1" >>confdefs.h
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: 8 args" >&5
+$as_echo "8 args" >&6; }
+  
+else
+  
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#     include <netdb.h>
+    
+int
+main ()
+{
+
+      struct hostent *h;
+      char *a, *b;
+      int l, bl, t, e;
+      (void) gethostbyaddr_r(a, l, t, h, b, bl, &e)
+    
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  
+      $as_echo "@%:@define HAVE_GETHOSTBYADDR_R_7_ARGS 1" >>confdefs.h
+
+      { $as_echo "$as_me:${as_lineno-$LINENO}: result: 7 args" >&5
+$as_echo "7 args" >&6; }
+    
+else
+  
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#       include <netdb.h>
+      
+int
+main ()
+{
+
+        struct hostent_data *d;
+        struct hostent *h;
+        char a,
+        int l, t;
+        (void) gethostbyaddr_r(a, l, t, h, d)
+      
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  
+        $as_echo "@%:@define HAVE_GETHOSTBYADDR_R_5_ARGS 1" >>confdefs.h
+
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: 5 args" >&5
+$as_echo "5 args" >&6; }
+      
+else
+  
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: unrecognised" >&5
+$as_echo "unrecognised" >&6; }
+      
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+    
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+else
+  
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+
+fi
+
+
+ac_fn_c_check_func "$LINENO" "gethostbyname_r" "ac_cv_func_gethostbyname_r"
+if test "x$ac_cv_func_gethostbyname_r" = xyes; then :
+  
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking signature of gethostbyname_r" >&5
+$as_echo_n "checking signature of gethostbyname_r... " >&6; }
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#   include <netdb.h>
+  
+int
+main ()
+{
+
+    struct hostent *h, *r;
+    char *n, *b;
+    int bl, e;
+    (void) gethostbyname_r(n, h, b, bl, &r, &e)
+  
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  
+    $as_echo "@%:@define HAVE_GETHOSTBYNAME_R_6_ARGS 1" >>confdefs.h
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: 6 args" >&5
+$as_echo "6 args" >&6; }
+  
+else
+  
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#     include <netdb.h>
+    
+int
+main ()
+{
+
+      struct hostent *h;
+      char *n, *b;
+      int bl, e;
+      (void) gethostbyname_r(n, h, b, bl, &e)
+    
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  
+      $as_echo "@%:@define HAVE_GETHOSTBYNAME_R_5_ARGS 1" >>confdefs.h
+
+      { $as_echo "$as_me:${as_lineno-$LINENO}: result: 5 args" >&5
+$as_echo "5 args" >&6; }
+    
+else
+  
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#       include <netdb.h>
+      
+int
+main ()
+{
+
+        struct hostent_data *d;
+        struct hostent *h;
+        char *n,
+        (void) gethostbyname_r(n, h, d)
+      
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  
+        $as_echo "@%:@define HAVE_GETHOSTBYNAME_R_3_ARGS 1" >>confdefs.h
+
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: 3 args" >&5
+$as_echo "3 args" >&6; }
+      
+else
+  
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: unrecognised" >&5
+$as_echo "unrecognised" >&6; }
+      
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+    
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+else
+  
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+
+fi
+
+
+ac_fn_c_check_func "$LINENO" "gmtime_r" "ac_cv_func_gmtime_r"
+if test "x$ac_cv_func_gmtime_r" = xyes; then :
+  
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking signature of gmtime_r" >&5
+$as_echo_n "checking signature of gmtime_r... " >&6; }
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#   include <time.h>
+  
+int
+main ()
+{
+
+    struct time *t;
+    struct tm *tm;
+    (void) gmtime_r(t, tm)
+  
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: ok" >&5
+$as_echo "ok" >&6; }
+    $as_echo "@%:@define HAVE_GMTIME_R 1" >>confdefs.h
+
+  
+else
+  
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: unrecognised" >&5
+$as_echo "unrecognised" >&6; }
+  
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+else
+  
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+
+fi
+
+
+ac_fn_c_check_func "$LINENO" "localtime_r" "ac_cv_func_localtime_r"
+if test "x$ac_cv_func_localtime_r" = xyes; then :
+  
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking signature of localtime_r" >&5
+$as_echo_n "checking signature of localtime_r... " >&6; }
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#   include <time.h>
+  
+int
+main ()
+{
+
+    struct time *t;
+    struct tm *tm;
+    (void) localtime_r(t, tm)
+  
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: ok" >&5
+$as_echo "ok" >&6; }
+    $as_echo "@%:@define HAVE_LOCALTIME_R 1" >>confdefs.h
+
+  
+else
+  
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: unrecognised" >&5
+$as_echo "unrecognised" >&6; }
+  
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+else
+  
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+
+fi
+
+
+
+
+SOCKET_LIB=
+
+case "$host" in
+*-solaris*) SOCKET_LIB="-lsocket -lnsl"
+            $as_echo "@%:@define __EXTENSIONS__ 1" >>confdefs.h
+
+            if test "$GCC" = "yes"; then
+              # Set a GCC specific switch:
+              # This compiler switch makes Solaris thread-safe
+              PTHREAD_LIB=
+              SPECIAL_CFLAGS="-pthreads"
+            else
+              # What do we do without GCC? Guess this:
+              SPECIAL_CFLAGS="-D_REENTRANT"
+            fi
+;;
+esac
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for socklen_t" >&5
+$as_echo_n "checking for socklen_t... " >&6; }
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <sys/socket.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "socklen_t" >/dev/null 2>&1; then :
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+	
+$as_echo "@%:@define socklen_t int" >>confdefs.h
+
+fi
+rm -f conftest*
+
+
+
+
+case "$host" in
+*-os2-emx*) SOCKET_LIB=-lsocket
+;;
+esac
+
+
+
+    
+case "$host" in
+*-apple-darwin*) SPECIAL_CFLAGS="-Dunix"
+;;  
+esac
+
+
+case "$host" in
+*-openbsd*) SPECIAL_CFLAGS="$SPECIAL_CFLAGS -Dunix"
+;;
+esac
+
+
+AMIGAOS_ONLY=#
+
+case "$host" in
+*-amigaos) AMIGAOS_ONLY=
+;;
+esac
+
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5
+$as_echo_n "checking for ANSI C header files... " >&6; }
+if ${ac_cv_header_stdc+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <stdlib.h>
+#include <stdarg.h>
+#include <string.h>
+#include <float.h>
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_header_stdc=yes
+else
+  ac_cv_header_stdc=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+if test $ac_cv_header_stdc = yes; then
+  # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <string.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "memchr" >/dev/null 2>&1; then :
+  
+else
+  ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+  # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <stdlib.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "free" >/dev/null 2>&1; then :
+  
+else
+  ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+  # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi.
+  if test "$cross_compiling" = yes; then :
+  :
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <ctype.h>
+#include <stdlib.h>
+#if ((' ' & 0x0FF) == 0x020)
+# define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
+# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c))
+#else
+# define ISLOWER(c) \
+		   (('a' <= (c) && (c) <= 'i') \
+		     || ('j' <= (c) && (c) <= 'r') \
+		     || ('s' <= (c) && (c) <= 'z'))
+# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c))
+#endif
+
+#define XOR(e, f) (((e) && !(f)) || (!(e) && (f)))
+int
+main ()
+{
+  int i;
+  for (i = 0; i < 256; i++)
+    if (XOR (islower (i), ISLOWER (i))
+	|| toupper (i) != TOUPPER (i))
+      return 2;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"; then :
+  
+else
+  ac_cv_header_stdc=no
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+  conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+
+fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5
+$as_echo "$ac_cv_header_stdc" >&6; }
+if test $ac_cv_header_stdc = yes; then
+  
+$as_echo "@%:@define STDC_HEADERS 1" >>confdefs.h
+
+fi
+
+ac_header_dirent=no
+for ac_hdr in dirent.h sys/ndir.h sys/dir.h ndir.h; do
+  as_ac_Header=`$as_echo "ac_cv_header_dirent_$ac_hdr" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_hdr that defines DIR" >&5
+$as_echo_n "checking for $ac_hdr that defines DIR... " >&6; }
+if eval \${$as_ac_Header+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <sys/types.h>
+#include <$ac_hdr>
+
+int
+main ()
+{
+if ((DIR *) 0)
+return 0;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_ac_Header=yes"
+else
+  eval "$as_ac_Header=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+eval ac_res=\$$as_ac_Header
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
+  cat >>confdefs.h <<_ACEOF
+@%:@define `$as_echo "HAVE_$ac_hdr" | $as_tr_cpp` 1
+_ACEOF
+
+ac_header_dirent=$ac_hdr; break
+fi
+
+done
+# Two versions of opendir et al. are in -ldir and -lx on SCO Xenix.
+if test $ac_header_dirent = dirent.h; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing opendir" >&5
+$as_echo_n "checking for library containing opendir... " >&6; }
+if ${ac_cv_search_opendir+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_func_search_save_LIBS=$LIBS
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char opendir ();
+int
+main ()
+{
+return opendir ();
+  ;
+  return 0;
+}
+_ACEOF
+for ac_lib in '' dir; do
+  if test -z "$ac_lib"; then
+    ac_res="none required"
+  else
+    ac_res=-l$ac_lib
+    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
+  fi
+  if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_search_opendir=$ac_res
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext
+  if ${ac_cv_search_opendir+:} false; then :
+  break
+fi
+done
+if ${ac_cv_search_opendir+:} false; then :
+  
+else
+  ac_cv_search_opendir=no
+fi
+rm conftest.$ac_ext
+LIBS=$ac_func_search_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_opendir" >&5
+$as_echo "$ac_cv_search_opendir" >&6; }
+ac_res=$ac_cv_search_opendir
+if test "$ac_res" != no; then :
+  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
+  
+fi
+
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing opendir" >&5
+$as_echo_n "checking for library containing opendir... " >&6; }
+if ${ac_cv_search_opendir+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_func_search_save_LIBS=$LIBS
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char opendir ();
+int
+main ()
+{
+return opendir ();
+  ;
+  return 0;
+}
+_ACEOF
+for ac_lib in '' x; do
+  if test -z "$ac_lib"; then
+    ac_res="none required"
+  else
+    ac_res=-l$ac_lib
+    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
+  fi
+  if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_search_opendir=$ac_res
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext
+  if ${ac_cv_search_opendir+:} false; then :
+  break
+fi
+done
+if ${ac_cv_search_opendir+:} false; then :
+  
+else
+  ac_cv_search_opendir=no
+fi
+rm conftest.$ac_ext
+LIBS=$ac_func_search_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_opendir" >&5
+$as_echo "$ac_cv_search_opendir" >&6; }
+ac_res=$ac_cv_search_opendir
+if test "$ac_res" != no; then :
+  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
+  
+fi
+
+fi
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for an ANSI C-conforming const" >&5
+$as_echo_n "checking for an ANSI C-conforming const... " >&6; }
+if ${ac_cv_c_const+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+/* FIXME: Include the comments suggested by Paul. */
+#ifndef __cplusplus
+  /* Ultrix mips cc rejects this.  */
+  typedef int charset[2];
+  const charset cs;
+  /* SunOS 4.1.1 cc rejects this.  */
+  char const *const *pcpcc;
+  char **ppc;
+  /* NEC SVR4.0.2 mips cc rejects this.  */
+  struct point {int x, y;};
+  static struct point const zero = {0,0};
+  /* AIX XL C 1.02.0.0 rejects this.
+     It does not let you subtract one const X* pointer from another in
+     an arm of an if-expression whose if-part is not a constant
+     expression */
+  const char *g = "string";
+  pcpcc = &g + (g ? g-g : 0);
+  /* HPUX 7.0 cc rejects these. */
+  ++pcpcc;
+  ppc = (char**) pcpcc;
+  pcpcc = (char const *const *) ppc;
+  { /* SCO 3.2v4 cc rejects this.  */
+    char *t;
+    char const *s = 0 ? (char *) 0 : (char const *) 0;
+
+    *t++ = 0;
+    if (s) return 0;
+  }
+  { /* Someone thinks the Sun supposedly-ANSI compiler will reject this.  */
+    int x[] = {25, 17};
+    const int *foo = &x[0];
+    ++foo;
+  }
+  { /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */
+    typedef const int *iptr;
+    iptr p = 0;
+    ++p;
+  }
+  { /* AIX XL C 1.02.0.0 rejects this saying
+       "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */
+    struct s { int j; const int *ap[3]; };
+    struct s *b; b->j = 5;
+  }
+  { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */
+    const int foo = 10;
+    if (!foo) return 0;
+  }
+  return !cs[0] && !zero.x;
+#endif
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_c_const=yes
+else
+  ac_cv_c_const=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_const" >&5
+$as_echo "$ac_cv_c_const" >&6; }
+if test $ac_cv_c_const = no; then
+  
+$as_echo "@%:@define const /**/" >>confdefs.h
+
+fi
+
+ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default"
+if test "x$ac_cv_type_size_t" = xyes; then :
+  
+else
+  
+cat >>confdefs.h <<_ACEOF
+@%:@define size_t unsigned int
+_ACEOF
+
+fi
+
+ac_fn_c_check_type "$LINENO" "pid_t" "ac_cv_type_pid_t" "$ac_includes_default"
+if test "x$ac_cv_type_pid_t" = xyes; then :
+  
+else
+  
+cat >>confdefs.h <<_ACEOF
+@%:@define pid_t int
+_ACEOF
+
+fi
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether time.h and sys/time.h may both be included" >&5
+$as_echo_n "checking whether time.h and sys/time.h may both be included... " >&6; }
+if ${ac_cv_header_time+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <sys/types.h>
+#include <sys/time.h>
+#include <time.h>
+
+int
+main ()
+{
+if ((struct tm *) 0)
+return 0;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_header_time=yes
+else
+  ac_cv_header_time=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_time" >&5
+$as_echo "$ac_cv_header_time" >&6; }
+if test $ac_cv_header_time = yes; then
+  
+$as_echo "@%:@define TIME_WITH_SYS_TIME 1" >>confdefs.h
+
+fi
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether struct tm is in sys/time.h or time.h" >&5
+$as_echo_n "checking whether struct tm is in sys/time.h or time.h... " >&6; }
+if ${ac_cv_struct_tm+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <sys/types.h>
+#include <time.h>
+
+int
+main ()
+{
+struct tm tm;
+				     int *p = &tm.tm_sec;
+				     return !p;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_struct_tm=time.h
+else
+  ac_cv_struct_tm=sys/time.h
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_struct_tm" >&5
+$as_echo "$ac_cv_struct_tm" >&6; }
+if test $ac_cv_struct_tm = sys/time.h; then
+  
+$as_echo "@%:@define TM_IN_SYS_TIME 1" >>confdefs.h
+
+fi
+
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of int" >&5
+$as_echo_n "checking size of int... " >&6; }
+if ${ac_cv_sizeof_int+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (int))" "ac_cv_sizeof_int"        "$ac_includes_default"; then :
+  
+else
+  if test "$ac_cv_type_int" = yes; then
+     { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (int)
+See \`config.log' for more details" "$LINENO" 5; }
+   else
+     ac_cv_sizeof_int=0
+   fi
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_int" >&5
+$as_echo "$ac_cv_sizeof_int" >&6; }
+
+
+
+cat >>confdefs.h <<_ACEOF
+@%:@define SIZEOF_INT $ac_cv_sizeof_int
+_ACEOF
+
+
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of char *" >&5
+$as_echo_n "checking size of char *... " >&6; }
+if ${ac_cv_sizeof_char_p+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (char *))" "ac_cv_sizeof_char_p"        "$ac_includes_default"; then :
+  
+else
+  if test "$ac_cv_type_char_p" = yes; then
+     { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (char *)
+See \`config.log' for more details" "$LINENO" 5; }
+   else
+     ac_cv_sizeof_char_p=0
+   fi
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_char_p" >&5
+$as_echo "$ac_cv_sizeof_char_p" >&6; }
+
+
+
+cat >>confdefs.h <<_ACEOF
+@%:@define SIZEOF_CHAR_P $ac_cv_sizeof_char_p
+_ACEOF
+
+
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of long" >&5
+$as_echo_n "checking size of long... " >&6; }
+if ${ac_cv_sizeof_long+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (long))" "ac_cv_sizeof_long"        "$ac_includes_default"; then :
+  
+else
+  if test "$ac_cv_type_long" = yes; then
+     { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (long)
+See \`config.log' for more details" "$LINENO" 5; }
+   else
+     ac_cv_sizeof_long=0
+   fi
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_long" >&5
+$as_echo "$ac_cv_sizeof_long" >&6; }
+
+
+
+cat >>confdefs.h <<_ACEOF
+@%:@define SIZEOF_LONG $ac_cv_sizeof_long
+_ACEOF
+
+
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of long long" >&5
+$as_echo_n "checking size of long long... " >&6; }
+if ${ac_cv_sizeof_long_long+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (long long))" "ac_cv_sizeof_long_long"        "$ac_includes_default"; then :
+  
+else
+  if test "$ac_cv_type_long_long" = yes; then
+     { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (long long)
+See \`config.log' for more details" "$LINENO" 5; }
+   else
+     ac_cv_sizeof_long_long=0
+   fi
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_long_long" >&5
+$as_echo "$ac_cv_sizeof_long_long" >&6; }
+
+
+
+cat >>confdefs.h <<_ACEOF
+@%:@define SIZEOF_LONG_LONG $ac_cv_sizeof_long_long
+_ACEOF
+
+
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of size_t" >&5
+$as_echo_n "checking size of size_t... " >&6; }
+if ${ac_cv_sizeof_size_t+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (size_t))" "ac_cv_sizeof_size_t"        "$ac_includes_default"; then :
+  
+else
+  if test "$ac_cv_type_size_t" = yes; then
+     { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (size_t)
+See \`config.log' for more details" "$LINENO" 5; }
+   else
+     ac_cv_sizeof_size_t=0
+   fi
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_size_t" >&5
+$as_echo "$ac_cv_sizeof_size_t" >&6; }
+
+
+
+cat >>confdefs.h <<_ACEOF
+@%:@define SIZEOF_SIZE_T $ac_cv_sizeof_size_t
+_ACEOF
+
+
+
+for ac_header in OS.h arpa/inet.h errno.h fcntl.h limits.h locale.h netdb.h netinet/in.h stddef.h stdlib.h string.h sys/ioctl.h sys/socket.h sys/time.h sys/timeb.h sys/wait.h unistd.h
+do :
+  as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
+ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
+if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
+  cat >>confdefs.h <<_ACEOF
+@%:@define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+ 
+fi
+
+done
+
+
+for ac_func in strerror bcopy memmove
+do :
+  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
+ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
+if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
+  cat >>confdefs.h <<_ACEOF
+@%:@define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+ 
+fi
+done
+
+if test $ac_cv_c_compiler_gnu = yes; then
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC needs -traditional" >&5
+$as_echo_n "checking whether $CC needs -traditional... " >&6; }
+if ${ac_cv_prog_gcc_traditional+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+    ac_pattern="Autoconf.*'x'"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <sgtty.h>
+Autoconf TIOCGETP
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "$ac_pattern" >/dev/null 2>&1; then :
+  ac_cv_prog_gcc_traditional=yes
+else
+  ac_cv_prog_gcc_traditional=no
+fi
+rm -f conftest*
+
+
+  if test $ac_cv_prog_gcc_traditional = no; then
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <termio.h>
+Autoconf TCGETA
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "$ac_pattern" >/dev/null 2>&1; then :
+  ac_cv_prog_gcc_traditional=yes
+fi
+rm -f conftest*
+
+  fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_gcc_traditional" >&5
+$as_echo "$ac_cv_prog_gcc_traditional" >&6; }
+  if test $ac_cv_prog_gcc_traditional = yes; then
+    CC="$CC -traditional"
+  fi
+fi
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether setpgrp takes no argument" >&5
+$as_echo_n "checking whether setpgrp takes no argument... " >&6; }
+if ${ac_cv_func_setpgrp_void+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test "$cross_compiling" = yes; then :
+  as_fn_error $? "cannot check setpgrp when cross compiling" "$LINENO" 5
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$ac_includes_default
+int
+main ()
+{
+/* If this system has a BSD-style setpgrp which takes arguments,
+  setpgrp(1, 1) will fail with ESRCH and return -1, in that case
+  exit successfully. */
+  return setpgrp (1,1) != -1;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"; then :
+  ac_cv_func_setpgrp_void=no
+else
+  ac_cv_func_setpgrp_void=yes
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+  conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_setpgrp_void" >&5
+$as_echo "$ac_cv_func_setpgrp_void" >&6; }
+if test $ac_cv_func_setpgrp_void = yes; then
+  
+$as_echo "@%:@define SETPGRP_VOID 1" >>confdefs.h
+
+fi
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking return type of signal handlers" >&5
+$as_echo_n "checking return type of signal handlers... " >&6; }
+if ${ac_cv_type_signal+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <sys/types.h>
+#include <signal.h>
+
+int
+main ()
+{
+return *(signal (0, 0)) (0) == 1;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_type_signal=int
+else
+  ac_cv_type_signal=void
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_signal" >&5
+$as_echo "$ac_cv_type_signal" >&6; }
+
+cat >>confdefs.h <<_ACEOF
+@%:@define RETSIGTYPE $ac_cv_type_signal
+_ACEOF
+
+
+for ac_func in access atexit getcwd gethostbyaddr gethostbyaddr_r gethostbyname gethostbyname_r gettimeofday inet_ntoa localtime_r memchr memmove memset poll putenv random regcomp select setlocale snprintf socket strchr strdup strerror strftime strlcat strlcpy strptime strstr strtoul timegm tzset
+do :
+  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
+ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
+if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
+  cat >>confdefs.h <<_ACEOF
+@%:@define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+ 
+fi
+done
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for pcre_compile in -lpcre" >&5
+$as_echo_n "checking for pcre_compile in -lpcre... " >&6; }
+if ${ac_cv_lib_pcre_pcre_compile+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-lpcre  $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char pcre_compile ();
+int
+main ()
+{
+return pcre_compile ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_pcre_pcre_compile=yes
+else
+  ac_cv_lib_pcre_pcre_compile=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pcre_pcre_compile" >&5
+$as_echo "$ac_cv_lib_pcre_pcre_compile" >&6; }
+if test "x$ac_cv_lib_pcre_pcre_compile" = xyes; then :
+  
+   ac_fn_c_check_header_mongrel "$LINENO" "pcre.h" "ac_cv_header_pcre_h" "$ac_includes_default"
+if test "x$ac_cv_header_pcre_h" = xyes; then :
+  
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <pcre.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "pcre_fullinfo" >/dev/null 2>&1; then :
+  have_pcre=yes
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: pcre old version installed" >&5
+$as_echo "$as_me: WARNING: pcre old version installed" >&2;}; have_pcre=no
+fi
+rm -f conftest*
+
+   
+else
+  
+      ac_fn_c_check_header_mongrel "$LINENO" "pcre/pcre.h" "ac_cv_header_pcre_pcre_h" "$ac_includes_default"
+if test "x$ac_cv_header_pcre_pcre_h" = xyes; then :
+  
+         cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <pcre/pcre.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "pcre_fullinfo" >/dev/null 2>&1; then :
+  have_pcre=yes; $as_echo "@%:@define PCRE_H_IN_SUBDIR 1" >>confdefs.h
+
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: pcre old version installed" >&5
+$as_echo "$as_me: WARNING: pcre old version installed" >&2;}; have_pcre=no
+fi
+rm -f conftest*
+
+      
+else
+  have_pcre=no
+fi
+
+
+   
+fi
+
+
+
+else
+  have_pcre=no
+fi
+
+ 
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for regcomp in -lpcreposix" >&5
+$as_echo_n "checking for regcomp in -lpcreposix... " >&6; }
+if ${ac_cv_lib_pcreposix_regcomp+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-lpcreposix -lpcre $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char regcomp ();
+int
+main ()
+{
+return regcomp ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_pcreposix_regcomp=yes
+else
+  ac_cv_lib_pcreposix_regcomp=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pcreposix_regcomp" >&5
+$as_echo "$ac_cv_lib_pcreposix_regcomp" >&6; }
+if test "x$ac_cv_lib_pcreposix_regcomp" = xyes; then :
+  
+   ac_fn_c_check_header_mongrel "$LINENO" "pcreposix.h" "ac_cv_header_pcreposix_h" "$ac_includes_default"
+if test "x$ac_cv_header_pcreposix_h" = xyes; then :
+  
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <pcreposix.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "pcreposix_regerror" >/dev/null 2>&1; then :
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: pcreposix old version installed" >&5
+$as_echo "$as_me: WARNING: pcreposix old version installed" >&2;}; have_pcreposix=no
+else
+  have_pcreposix=yes
+fi
+rm -f conftest*
+
+   
+else
+  
+      ac_fn_c_check_header_mongrel "$LINENO" "pcre/pcreposix.h" "ac_cv_header_pcre_pcreposix_h" "$ac_includes_default"
+if test "x$ac_cv_header_pcre_pcreposix_h" = xyes; then :
+  
+         cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <pcre/pcreposix.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "pcreposix_regerror" >/dev/null 2>&1; then :
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: pcreposix old version installed" >&5
+$as_echo "$as_me: WARNING: pcreposix old version installed" >&2;}; have_pcreposix=no
+else
+  have_pcreposix=yes; $as_echo "@%:@define PCREPOSIX_H_IN_SUBDIR 1" >>confdefs.h
+
+fi
+rm -f conftest*
+
+      
+else
+  have_pcreposix=no
+fi
+
+
+   
+fi
+
+
+
+else
+  have_pcreposix=no
+fi
+ 
+
+
+
+$as_echo "@%:@define __MT__ 1" >>confdefs.h
+
+
+
+@%:@ Check whether --enable-toggle was given.
+if test "${enable_toggle+set}" = set; then :
+  enableval=$enable_toggle; if test $enableval = yes; then
+  $as_echo "@%:@define FEATURE_TOGGLE 1" >>confdefs.h
+
+fi
+else
+  $as_echo "@%:@define FEATURE_TOGGLE 1" >>confdefs.h
+
+fi
+
+
+@%:@ Check whether --enable-force was given.
+if test "${enable_force+set}" = set; then :
+  enableval=$enable_force; if test $enableval = yes; then
+  $as_echo "@%:@define FEATURE_FORCE_LOAD 1" >>confdefs.h
+
+fi
+else
+  $as_echo "@%:@define FEATURE_FORCE_LOAD 1" >>confdefs.h
+
+fi
+
+
+@%:@ Check whether --enable-fast-redirects was given.
+if test "${enable_fast_redirects+set}" = set; then :
+  enableval=$enable_fast_redirects; if test $enableval = yes; then
+  $as_echo "@%:@define FEATURE_FAST_REDIRECTS 1" >>confdefs.h
+
+fi
+else
+  $as_echo "@%:@define FEATURE_FAST_REDIRECTS 1" >>confdefs.h
+
+fi
+
+
+@%:@ Check whether --enable-stats was given.
+if test "${enable_stats+set}" = set; then :
+  enableval=$enable_stats; if test $enableval = yes; then
+  $as_echo "@%:@define FEATURE_STATISTICS 1" >>confdefs.h
+
+fi
+else
+  $as_echo "@%:@define FEATURE_STATISTICS 1" >>confdefs.h
+
+fi
+
+
+@%:@ Check whether --enable-ie-images was given.
+if test "${enable_ie_images+set}" = set; then :
+  enableval=$enable_ie_images; if test $enableval = yes; then
+  $as_echo "@%:@define FEATURE_IMAGE_DETECT_MSIE 1" >>confdefs.h
+
+fi
+fi
+
+
+@%:@ Check whether --enable-image-blocking was given.
+if test "${enable_image_blocking+set}" = set; then :
+  enableval=$enable_image_blocking; if test $enableval = yes; then
+  $as_echo "@%:@define FEATURE_IMAGE_BLOCKING 1" >>confdefs.h
+
+fi
+else
+  $as_echo "@%:@define FEATURE_IMAGE_BLOCKING 1" >>confdefs.h
+
+fi
+
+
+@%:@ Check whether --enable-acl-files was given.
+if test "${enable_acl_files+set}" = set; then :
+  enableval=$enable_acl_files; if test $enableval = yes; then
+  $as_echo "@%:@define FEATURE_ACL 1" >>confdefs.h
+
+fi
+else
+  $as_echo "@%:@define FEATURE_ACL 1" >>confdefs.h
+
+fi
+
+
+@%:@ Check whether --enable-trust-files was given.
+if test "${enable_trust_files+set}" = set; then :
+  enableval=$enable_trust_files; if test $enableval = yes; then
+  $as_echo "@%:@define FEATURE_TRUST 1" >>confdefs.h
+
+fi
+else
+  $as_echo "@%:@define FEATURE_TRUST 1" >>confdefs.h
+
+fi
+
+
+@%:@ Check whether --enable-editor was given.
+if test "${enable_editor+set}" = set; then :
+  enableval=$enable_editor; if test $enableval = yes; then
+  $as_echo "@%:@define FEATURE_CGI_EDIT_ACTIONS 1" >>confdefs.h
+
+fi
+else
+  $as_echo "@%:@define FEATURE_CGI_EDIT_ACTIONS 1" >>confdefs.h
+
+fi
+
+
+@%:@ Check whether --enable-no-gifs was given.
+if test "${enable_no_gifs+set}" = set; then :
+  enableval=$enable_no_gifs; if test $enableval = yes; then
+  $as_echo "@%:@define FEATURE_NO_GIFS 1" >>confdefs.h
+
+fi
+fi
+
+
+@%:@ Check whether --enable-graceful-termination was given.
+if test "${enable_graceful_termination+set}" = set; then :
+  enableval=$enable_graceful_termination; if test $enableval = yes; then
+  $as_echo "@%:@define FEATURE_GRACEFUL_TERMINATION 1" >>confdefs.h
+
+fi
+fi
+
+
+@%:@ Check whether --enable-extended-host-patterns was given.
+if test "${enable_extended_host_patterns+set}" = set; then :
+  enableval=$enable_extended_host_patterns; if test $enableval = yes; then
+  $as_echo "@%:@define FEATURE_EXTENDED_HOST_PATTERNS 1" >>confdefs.h
+
+fi
+fi
+
+
+
+@%:@ Check whether --enable-dynamic-pcre was given.
+if test "${enable_dynamic_pcre+set}" = set; then :
+  enableval=$enable_dynamic_pcre;  if test $enableval = "no"; then have_pcre=no; fi 
+fi
+
+
+
+
+@%:@ Check whether --enable-zlib was given.
+if test "${enable_zlib+set}" = set; then :
+  enableval=$enable_zlib; enableval2=$enableval
+else
+  enableval2=yes
+fi
+
+if test $enableval2 = yes; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for zlibVersion in -lz" >&5
+$as_echo_n "checking for zlibVersion in -lz... " >&6; }
+if ${ac_cv_lib_z_zlibVersion+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-lz  $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char zlibVersion ();
+int
+main ()
+{
+return zlibVersion ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_z_zlibVersion=yes
+else
+  ac_cv_lib_z_zlibVersion=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_z_zlibVersion" >&5
+$as_echo "$ac_cv_lib_z_zlibVersion" >&6; }
+if test "x$ac_cv_lib_z_zlibVersion" = xyes; then :
+  have_zlib="yes"
+else
+  have_zlib="no"
+fi
+
+  if test $have_zlib = "yes"; then
+    LIBS="$LIBS -lz"
+    
+$as_echo "@%:@define FEATURE_ZLIB 1" >>confdefs.h
+
+  else
+   { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: No zlib found.
+   Privoxy will not be able to filter compressed content.
+   This may become a fatal error in the future." >&5
+$as_echo "$as_me: WARNING: No zlib found.
+   Privoxy will not be able to filter compressed content.
+   This may become a fatal error in the future." >&2;}
+  fi  
+fi
+
+
+# If we have libpcre and either we also have pcreposix or
+# we don't need pcreposix, then link pcre dynamically; else
+# build it and link statically
+#
+if test $have_pcre = "yes"; then
+  echo "using libpcre"
+  pcre_dyn=yes
+  STATIC_PCRE_ONLY=#
+  LIBS="$LIBS -lpcre -lpcreposix"
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: You are using the static PCRE code which is scheduled for removal, for details see: 
+    https://sourceforge.net/mailarchive/message.php?msg_id=20080511195555.2dc6cfdc%40fabiankeil.de" >&5
+$as_echo "$as_me: WARNING: You are using the static PCRE code which is scheduled for removal, for details see: 
+    https://sourceforge.net/mailarchive/message.php?msg_id=20080511195555.2dc6cfdc%40fabiankeil.de" >&2;}
+  pcre_dyn=no
+  $as_echo "@%:@define STATIC_PCRE 1" >>confdefs.h
+
+  STATIC_PCRE_ONLY=
+fi
+
+if test $have_pthread = "yes" -o $target_type = "mingw"; then
+  echo Enabling keep-alive support for outgoing connections.
+  $as_echo "@%:@define FEATURE_CONNECTION_KEEP_ALIVE 1" >>confdefs.h
+
+fi
+
+  $as_echo "@%:@define STATIC_PCRS 1" >>confdefs.h
+
+  STATIC_PCRS_ONLY=
+
+
+
+
+
+CFLAGS=$old_CFLAGS_nospecial
+
+
+
+
+ac_config_files="$ac_config_files GNUmakefile doc/source/ldp.dsl"
+
+cat >confcache <<\_ACEOF
+# This file is a shell script that caches the results of configure
+# tests run on this system so they can be shared between configure
+# scripts and configure runs, see configure's option --config-cache.
+# It is not useful on other systems.  If it contains results you don't
+# want to keep, you may remove or edit it.
+#
+# config.status only pays attention to the cache file if you give it
+# the --recheck option to rerun configure.
+#
+# `ac_cv_env_foo' variables (set or unset) will be overridden when
+# loading this file, other *unset* `ac_cv_foo' will be assigned the
+# following values.
+
+_ACEOF
+
+# The following way of writing the cache mishandles newlines in values,
+# but we know of no workaround that is simple, portable, and efficient.
+# So, we kill variables containing newlines.
+# Ultrix sh set writes to stderr and can't be redirected directly,
+# and sets the high bit in the cache file unless we assign to the vars.
+(
+  for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do
+    eval ac_val=\$$ac_var
+    case $ac_val in #(
+    *${as_nl}*)
+      case $ac_var in #(
+      *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5
+$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
+      esac
+      case $ac_var in #(
+      _ | IFS | as_nl) ;; #(
+      BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
+      *) { eval $ac_var=; unset $ac_var;} ;;
+      esac ;;
+    esac
+  done
+
+  (set) 2>&1 |
+    case $as_nl`(ac_space=' '; set) 2>&1` in #(
+    *${as_nl}ac_space=\ *)
+      # `set' does not quote correctly, so add quotes: double-quote
+      # substitution turns \\\\ into \\, and sed turns \\ into \.
+      sed -n \
+	"s/'/'\\\\''/g;
+	  s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p"
+      ;; #(
+    *)
+      # `set' quotes correctly as required by POSIX, so do not add quotes.
+      sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p"
+      ;;
+    esac |
+    sort
+) |
+  sed '
+     /^ac_cv_env_/b end
+     t clear
+     :clear
+     s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/
+     t end
+     s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/
+     :end' >>confcache
+if diff "$cache_file" confcache >/dev/null 2>&1; then :; else
+  if test -w "$cache_file"; then
+    if test "x$cache_file" != "x/dev/null"; then
+      { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5
+$as_echo "$as_me: updating cache $cache_file" >&6;}
+      if test ! -f "$cache_file" || test -h "$cache_file"; then
+	cat confcache >"$cache_file"
+      else
+        case $cache_file in #(
+        */* | ?:*)
+	  mv -f confcache "$cache_file"$$ &&
+	  mv -f "$cache_file"$$ "$cache_file" ;; #(
+        *)
+	  mv -f confcache "$cache_file" ;;
+	esac
+      fi
+    fi
+  else
+    { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5
+$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;}
+  fi
+fi
+rm -f confcache
+
+test "x$prefix" = xNONE && prefix=$ac_default_prefix
+# Let make expand exec_prefix.
+test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
+
+DEFS=-DHAVE_CONFIG_H
+
+ac_libobjs=
+ac_ltlibobjs=
+U=
+for ac_i in : $LIB@&t at OBJS; do test "x$ac_i" = x: && continue
+  # 1. Remove the extension, and $U if already installed.
+  ac_script='s/\$U\././;s/\.o$//;s/\.obj$//'
+  ac_i=`$as_echo "$ac_i" | sed "$ac_script"`
+  # 2. Prepend LIBOBJDIR.  When used with automake>=1.10 LIBOBJDIR
+  #    will be set to the directory where LIBOBJS objects are built.
+  as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext"
+  as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo'
+done
+LIB@&t at OBJS=$ac_libobjs
+
+LTLIBOBJS=$ac_ltlibobjs
+
+
+
+: "${CONFIG_STATUS=./config.status}"
+ac_write_fail=0
+ac_clean_files_save=$ac_clean_files
+ac_clean_files="$ac_clean_files $CONFIG_STATUS"
+{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5
+$as_echo "$as_me: creating $CONFIG_STATUS" >&6;}
+as_write_fail=0
+cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1
+#! $SHELL
+# Generated by $as_me.
+# Run this file to recreate the current configuration.
+# Compiler output produced by configure, useful for debugging
+# configure, is in config.log if it exists.
+
+debug=false
+ac_cs_recheck=false
+ac_cs_silent=false
+
+SHELL=\${CONFIG_SHELL-$SHELL}
+export SHELL
+_ASEOF
+cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1
+## -------------------- ##
+## M4sh Initialization. ##
+## -------------------- ##
+
+# Be more Bourne compatible
+DUALCASE=1; export DUALCASE # for MKS sh
+if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then :
+  emulate sh
+  NULLCMD=:
+  # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+  # is contrary to our usage.  Disable this feature.
+  alias -g '${1+"$@"}'='"$@"'
+  setopt NO_GLOB_SUBST
+else
+  case `(set -o) 2>/dev/null` in @%:@(
+  *posix*) :
+    set -o posix ;; @%:@(
+  *) :
+     ;;
+esac
+fi
+
+
+as_nl='
+'
+export as_nl
+# Printing a long string crashes Solaris 7 /usr/bin/printf.
+as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo
+as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo
+# Prefer a ksh shell builtin over an external printf program on Solaris,
+# but without wasting forks for bash or zsh.
+if test -z "$BASH_VERSION$ZSH_VERSION" \
+    && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then
+  as_echo='print -r --'
+  as_echo_n='print -rn --'
+elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then
+  as_echo='printf %s\n'
+  as_echo_n='printf %s'
+else
+  if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then
+    as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"'
+    as_echo_n='/usr/ucb/echo -n'
+  else
+    as_echo_body='eval expr "X$1" : "X\\(.*\\)"'
+    as_echo_n_body='eval
+      arg=$1;
+      case $arg in @%:@(
+      *"$as_nl"*)
+	expr "X$arg" : "X\\(.*\\)$as_nl";
+	arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;;
+      esac;
+      expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl"
+    '
+    export as_echo_n_body
+    as_echo_n='sh -c $as_echo_n_body as_echo'
+  fi
+  export as_echo_body
+  as_echo='sh -c $as_echo_body as_echo'
+fi
+
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+  PATH_SEPARATOR=:
+  (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
+    (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
+      PATH_SEPARATOR=';'
+  }
+fi
+
+
+# IFS
+# We need space, tab and new line, in precisely that order.  Quoting is
+# there to prevent editors from complaining about space-tab.
+# (If _AS_PATH_WALK were called with IFS unset, it would disable word
+# splitting by setting IFS to empty value.)
+IFS=" ""	$as_nl"
+
+# Find who we are.  Look in the path if we contain no directory separator.
+as_myself=
+case $0 in @%:@((
+  *[\\/]* ) as_myself=$0 ;;
+  *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
+  done
+IFS=$as_save_IFS
+
+     ;;
+esac
+# We did not find ourselves, most probably we were run as `sh COMMAND'
+# in which case we are not to be found in the path.
+if test "x$as_myself" = x; then
+  as_myself=$0
+fi
+if test ! -f "$as_myself"; then
+  $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
+  exit 1
+fi
+
+# Unset variables that we do not need and which cause bugs (e.g. in
+# pre-3.0 UWIN ksh).  But do not cause bugs in bash 2.01; the "|| exit 1"
+# suppresses any "Segmentation fault" message there.  '((' could
+# trigger a bug in pdksh 5.2.14.
+for as_var in BASH_ENV ENV MAIL MAILPATH
+do eval test x\${$as_var+set} = xset \
+  && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || :
+done
+PS1='$ '
+PS2='> '
+PS4='+ '
+
+# NLS nuisances.
+LC_ALL=C
+export LC_ALL
+LANGUAGE=C
+export LANGUAGE
+
+# CDPATH.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+
+@%:@ as_fn_error STATUS ERROR [LINENO LOG_FD]
+@%:@ ----------------------------------------
+@%:@ Output "`basename @S|@0`: error: ERROR" to stderr. If LINENO and LOG_FD are
+@%:@ provided, also output the error to LOG_FD, referencing LINENO. Then exit the
+@%:@ script with STATUS, using 1 if that was 0.
+as_fn_error ()
+{
+  as_status=$1; test $as_status -eq 0 && as_status=1
+  if test "$4"; then
+    as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+    $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4
+  fi
+  $as_echo "$as_me: error: $2" >&2
+  as_fn_exit $as_status
+} @%:@ as_fn_error
+
+
+@%:@ as_fn_set_status STATUS
+@%:@ -----------------------
+@%:@ Set @S|@? to STATUS, without forking.
+as_fn_set_status ()
+{
+  return $1
+} @%:@ as_fn_set_status
+
+@%:@ as_fn_exit STATUS
+@%:@ -----------------
+@%:@ Exit the shell with STATUS, even in a "trap 0" or "set -e" context.
+as_fn_exit ()
+{
+  set +e
+  as_fn_set_status $1
+  exit $1
+} @%:@ as_fn_exit
+
+@%:@ as_fn_unset VAR
+@%:@ ---------------
+@%:@ Portably unset VAR.
+as_fn_unset ()
+{
+  { eval $1=; unset $1;}
+}
+as_unset=as_fn_unset
+@%:@ as_fn_append VAR VALUE
+@%:@ ----------------------
+@%:@ Append the text in VALUE to the end of the definition contained in VAR. Take
+@%:@ advantage of any shell optimizations that allow amortized linear growth over
+@%:@ repeated appends, instead of the typical quadratic growth present in naive
+@%:@ implementations.
+if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then :
+  eval 'as_fn_append ()
+  {
+    eval $1+=\$2
+  }'
+else
+  as_fn_append ()
+  {
+    eval $1=\$$1\$2
+  }
+fi # as_fn_append
+
+@%:@ as_fn_arith ARG...
+@%:@ ------------------
+@%:@ Perform arithmetic evaluation on the ARGs, and store the result in the
+@%:@ global @S|@as_val. Take advantage of shells that can avoid forks. The arguments
+@%:@ must be portable across @S|@(()) and expr.
+if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then :
+  eval 'as_fn_arith ()
+  {
+    as_val=$(( $* ))
+  }'
+else
+  as_fn_arith ()
+  {
+    as_val=`expr "$@" || test $? -eq 1`
+  }
+fi # as_fn_arith
+
+
+if expr a : '\(a\)' >/dev/null 2>&1 &&
+   test "X`expr 00001 : '.*\(...\)'`" = X001; then
+  as_expr=expr
+else
+  as_expr=false
+fi
+
+if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
+  as_basename=basename
+else
+  as_basename=false
+fi
+
+if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
+  as_dirname=dirname
+else
+  as_dirname=false
+fi
+
+as_me=`$as_basename -- "$0" ||
+$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
+	 X"$0" : 'X\(//\)$' \| \
+	 X"$0" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X/"$0" |
+    sed '/^.*\/\([^/][^/]*\)\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\/\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\/\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+
+# Avoid depending upon Character Ranges.
+as_cr_letters='abcdefghijklmnopqrstuvwxyz'
+as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
+as_cr_Letters=$as_cr_letters$as_cr_LETTERS
+as_cr_digits='0123456789'
+as_cr_alnum=$as_cr_Letters$as_cr_digits
+
+ECHO_C= ECHO_N= ECHO_T=
+case `echo -n x` in @%:@(((((
+-n*)
+  case `echo 'xy\c'` in
+  *c*) ECHO_T='	';;	# ECHO_T is single tab character.
+  xy)  ECHO_C='\c';;
+  *)   echo `echo ksh88 bug on AIX 6.1` > /dev/null
+       ECHO_T='	';;
+  esac;;
+*)
+  ECHO_N='-n';;
+esac
+
+rm -f conf$$ conf$$.exe conf$$.file
+if test -d conf$$.dir; then
+  rm -f conf$$.dir/conf$$.file
+else
+  rm -f conf$$.dir
+  mkdir conf$$.dir 2>/dev/null
+fi
+if (echo >conf$$.file) 2>/dev/null; then
+  if ln -s conf$$.file conf$$ 2>/dev/null; then
+    as_ln_s='ln -s'
+    # ... but there are two gotchas:
+    # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
+    # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
+    # In both cases, we have to default to `cp -p'.
+    ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
+      as_ln_s='cp -p'
+  elif ln conf$$.file conf$$ 2>/dev/null; then
+    as_ln_s=ln
+  else
+    as_ln_s='cp -p'
+  fi
+else
+  as_ln_s='cp -p'
+fi
+rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
+rmdir conf$$.dir 2>/dev/null
+
+
+@%:@ as_fn_mkdir_p
+@%:@ -------------
+@%:@ Create "@S|@as_dir" as a directory, including parents if necessary.
+as_fn_mkdir_p ()
+{
+
+  case $as_dir in #(
+  -*) as_dir=./$as_dir;;
+  esac
+  test -d "$as_dir" || eval $as_mkdir_p || {
+    as_dirs=
+    while :; do
+      case $as_dir in #(
+      *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'(
+      *) as_qdir=$as_dir;;
+      esac
+      as_dirs="'$as_qdir' $as_dirs"
+      as_dir=`$as_dirname -- "$as_dir" ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+	 X"$as_dir" : 'X\(//\)[^/]' \| \
+	 X"$as_dir" : 'X\(//\)$' \| \
+	 X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$as_dir" |
+    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)[^/].*/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+      test -d "$as_dir" && break
+    done
+    test -z "$as_dirs" || eval "mkdir $as_dirs"
+  } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir"
+
+
+} @%:@ as_fn_mkdir_p
+if mkdir -p . 2>/dev/null; then
+  as_mkdir_p='mkdir -p "$as_dir"'
+else
+  test -d ./-p && rmdir ./-p
+  as_mkdir_p=false
+fi
+
+if test -x / >/dev/null 2>&1; then
+  as_test_x='test -x'
+else
+  if ls -dL / >/dev/null 2>&1; then
+    as_ls_L_option=L
+  else
+    as_ls_L_option=
+  fi
+  as_test_x='
+    eval sh -c '\''
+      if test -d "$1"; then
+	test -d "$1/.";
+      else
+	case $1 in @%:@(
+	-*)set "./$1";;
+	esac;
+	case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in @%:@((
+	???[sx]*):;;*)false;;esac;fi
+    '\'' sh
+  '
+fi
+as_executable_p=$as_test_x
+
+# Sed expression to map a string onto a valid CPP name.
+as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
+
+# Sed expression to map a string onto a valid variable name.
+as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
+
+
+exec 6>&1
+## ----------------------------------- ##
+## Main body of $CONFIG_STATUS script. ##
+## ----------------------------------- ##
+_ASEOF
+test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+# Save the log message, to keep $0 and so on meaningful, and to
+# report actual input values of CONFIG_FILES etc. instead of their
+# values after options handling.
+ac_log="
+This file was extended by $as_me, which was
+generated by GNU Autoconf 2.68.  Invocation command line was
+
+  CONFIG_FILES    = $CONFIG_FILES
+  CONFIG_HEADERS  = $CONFIG_HEADERS
+  CONFIG_LINKS    = $CONFIG_LINKS
+  CONFIG_COMMANDS = $CONFIG_COMMANDS
+  $ $0 $@
+
+on `(hostname || uname -n) 2>/dev/null | sed 1q`
+"
+
+_ACEOF
+
+case $ac_config_files in *"
+"*) set x $ac_config_files; shift; ac_config_files=$*;;
+esac
+
+case $ac_config_headers in *"
+"*) set x $ac_config_headers; shift; ac_config_headers=$*;;
+esac
+
+
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+# Files that config.status was made for.
+config_files="$ac_config_files"
+config_headers="$ac_config_headers"
+
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ac_cs_usage="\
+\`$as_me' instantiates files and other configuration actions
+from templates according to the current configuration.  Unless the files
+and actions are specified as TAGs, all are instantiated by default.
+
+Usage: $0 [OPTION]... [TAG]...
+
+  -h, --help       print this help, then exit
+  -V, --version    print version number and configuration settings, then exit
+      --config     print configuration, then exit
+  -q, --quiet, --silent
+                   do not print progress messages
+  -d, --debug      don't remove temporary files
+      --recheck    update $as_me by reconfiguring in the same conditions
+      --file=FILE[:TEMPLATE] 
+                   instantiate the configuration file FILE
+      --header=FILE[:TEMPLATE] 
+                   instantiate the configuration header FILE
+
+Configuration files:
+$config_files
+
+Configuration headers:
+$config_headers
+
+Report bugs to the package provider."
+
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
+ac_cs_version="\\
+config.status
+configured by $0, generated by GNU Autoconf 2.68,
+  with options \\"\$ac_cs_config\\"
+
+Copyright (C) 2010 Free Software Foundation, Inc.
+This config.status script is free software; the Free Software Foundation
+gives unlimited permission to copy, distribute and modify it."
+
+ac_pwd='$ac_pwd'
+srcdir='$srcdir'
+INSTALL='$INSTALL'
+AWK='$AWK'
+test -n "\$AWK" || AWK=awk
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+# The default lists apply if the user does not specify any file.
+ac_need_defaults=:
+while test $# != 0
+do
+  case $1 in
+  --*=?*)
+    ac_option=`expr "X$1" : 'X\([^=]*\)='`
+    ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'`
+    ac_shift=:
+    ;;
+  --*=)
+    ac_option=`expr "X$1" : 'X\([^=]*\)='`
+    ac_optarg=
+    ac_shift=:
+    ;;
+  *)
+    ac_option=$1
+    ac_optarg=$2
+    ac_shift=shift
+    ;;
+  esac
+
+  case $ac_option in
+  # Handling of the options.
+  -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
+    ac_cs_recheck=: ;;
+  --version | --versio | --versi | --vers | --ver | --ve | --v | -V )
+    $as_echo "$ac_cs_version"; exit ;;
+  --config | --confi | --conf | --con | --co | --c )
+    $as_echo "$ac_cs_config"; exit ;;
+  --debug | --debu | --deb | --de | --d | -d )
+    debug=: ;;
+  --file | --fil | --fi | --f )
+    $ac_shift
+    case $ac_optarg in
+    *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
+    '') as_fn_error $? "missing file argument" ;;
+    esac
+    as_fn_append CONFIG_FILES " '$ac_optarg'"
+    ac_need_defaults=false;;
+  --header | --heade | --head | --hea )
+    $ac_shift
+    case $ac_optarg in
+    *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
+    esac
+    as_fn_append CONFIG_HEADERS " '$ac_optarg'"
+    ac_need_defaults=false;;
+  --he | --h)
+    # Conflict between --help and --header
+    as_fn_error $? "ambiguous option: \`$1'
+Try \`$0 --help' for more information.";;
+  --help | --hel | -h )
+    $as_echo "$ac_cs_usage"; exit ;;
+  -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+  | -silent | --silent | --silen | --sile | --sil | --si | --s)
+    ac_cs_silent=: ;;
+
+  # This is an error.
+  -*) as_fn_error $? "unrecognized option: \`$1'
+Try \`$0 --help' for more information." ;;
+
+  *) as_fn_append ac_config_targets " $1"
+     ac_need_defaults=false ;;
+
+  esac
+  shift
+done
+
+ac_configure_extra_args=
+
+if $ac_cs_silent; then
+  exec 6>/dev/null
+  ac_configure_extra_args="$ac_configure_extra_args --silent"
+fi
+
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+if \$ac_cs_recheck; then
+  set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
+  shift
+  \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6
+  CONFIG_SHELL='$SHELL'
+  export CONFIG_SHELL
+  exec "\$@"
+fi
+
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+exec 5>>config.log
+{
+  echo
+  sed 'h;s/./-/g;s/^.../@%:@@%:@ /;s/...$/ @%:@@%:@/;p;x;p;x' <<_ASBOX
+@%:@@%:@ Running $as_me. @%:@@%:@
+_ASBOX
+  $as_echo "$ac_log"
+} >&5
+
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+
+# Handling of arguments.
+for ac_config_target in $ac_config_targets
+do
+  case $ac_config_target in
+    "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;;
+    "GNUmakefile") CONFIG_FILES="$CONFIG_FILES GNUmakefile" ;;
+    "doc/source/ldp.dsl") CONFIG_FILES="$CONFIG_FILES doc/source/ldp.dsl" ;;
+
+  *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
+  esac
+done
+
+
+# If the user did not use the arguments to specify the items to instantiate,
+# then the envvar interface is used.  Set only those that are not.
+# We use the long form for the default assignment because of an extremely
+# bizarre bug on SunOS 4.1.3.
+if $ac_need_defaults; then
+  test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files
+  test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers
+fi
+
+# Have a temporary directory for convenience.  Make it in the build tree
+# simply because there is no reason against having it here, and in addition,
+# creating and moving files from /tmp can sometimes cause problems.
+# Hook for its removal unless debugging.
+# Note that there is a small window in which the directory will not be cleaned:
+# after its creation but before its name has been assigned to `$tmp'.
+$debug ||
+{
+  tmp= ac_tmp=
+  trap 'exit_status=$?
+  : "${ac_tmp:=$tmp}"
+  { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status
+' 0
+  trap 'as_fn_exit 1' 1 2 13 15
+}
+# Create a (secure) tmp directory for tmp files.
+
+{
+  tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` &&
+  test -d "$tmp"
+}  ||
+{
+  tmp=./conf$$-$RANDOM
+  (umask 077 && mkdir "$tmp")
+} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5
+ac_tmp=$tmp
+
+# Set up the scripts for CONFIG_FILES section.
+# No need to generate them if there are no CONFIG_FILES.
+# This happens for instance with `./config.status config.h'.
+if test -n "$CONFIG_FILES"; then
+
+
+ac_cr=`echo X | tr X '\015'`
+# On cygwin, bash can eat \r inside `` if the user requested igncr.
+# But we know of no other shell where ac_cr would be empty at this
+# point, so we can use a bashism as a fallback.
+if test "x$ac_cr" = x; then
+  eval ac_cr=\$\'\\r\'
+fi
+ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' </dev/null 2>/dev/null`
+if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then
+  ac_cs_awk_cr='\\r'
+else
+  ac_cs_awk_cr=$ac_cr
+fi
+
+echo 'BEGIN {' >"$ac_tmp/subs1.awk" &&
+_ACEOF
+
+
+{
+  echo "cat >conf$$subs.awk <<_ACEOF" &&
+  echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' &&
+  echo "_ACEOF"
+} >conf$$subs.sh ||
+  as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
+ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'`
+ac_delim='%!_!# '
+for ac_last_try in false false false false false :; do
+  . ./conf$$subs.sh ||
+    as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
+
+  ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X`
+  if test $ac_delim_n = $ac_delim_num; then
+    break
+  elif $ac_last_try; then
+    as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
+  else
+    ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
+  fi
+done
+rm -f conf$$subs.sh
+
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK &&
+_ACEOF
+sed -n '
+h
+s/^/S["/; s/!.*/"]=/
+p
+g
+s/^[^!]*!//
+:repl
+t repl
+s/'"$ac_delim"'$//
+t delim
+:nl
+h
+s/\(.\{148\}\)..*/\1/
+t more1
+s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/
+p
+n
+b repl
+:more1
+s/["\\]/\\&/g; s/^/"/; s/$/"\\/
+p
+g
+s/.\{148\}//
+t nl
+:delim
+h
+s/\(.\{148\}\)..*/\1/
+t more2
+s/["\\]/\\&/g; s/^/"/; s/$/"/
+p
+b
+:more2
+s/["\\]/\\&/g; s/^/"/; s/$/"\\/
+p
+g
+s/.\{148\}//
+t delim
+' <conf$$subs.awk | sed '
+/^[^""]/{
+  N
+  s/\n//
+}
+' >>$CONFIG_STATUS || ac_write_fail=1
+rm -f conf$$subs.awk
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+_ACAWK
+cat >>"\$ac_tmp/subs1.awk" <<_ACAWK &&
+  for (key in S) S_is_set[key] = 1
+  FS = ""
+
+}
+{
+  line = $ 0
+  nfields = split(line, field, "@")
+  substed = 0
+  len = length(field[1])
+  for (i = 2; i < nfields; i++) {
+    key = field[i]
+    keylen = length(key)
+    if (S_is_set[key]) {
+      value = S[key]
+      line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3)
+      len += length(value) + length(field[++i])
+      substed = 1
+    } else
+      len += 1 + keylen
+  }
+
+  print line
+}
+
+_ACAWK
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then
+  sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g"
+else
+  cat
+fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \
+  || as_fn_error $? "could not setup config files machinery" "$LINENO" 5
+_ACEOF
+
+# VPATH may cause trouble with some makes, so we remove sole $(srcdir),
+# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and
+# trailing colons and then remove the whole line if VPATH becomes empty
+# (actually we leave an empty line to preserve line numbers).
+if test "x$srcdir" = x.; then
+  ac_vpsub='/^[	 ]*VPATH[	 ]*=[	 ]*/{
+h
+s///
+s/^/:/
+s/[	 ]*$/:/
+s/:\$(srcdir):/:/g
+s/:\${srcdir}:/:/g
+s/:@srcdir@:/:/g
+s/^:*//
+s/:*$//
+x
+s/\(=[	 ]*\).*/\1/
+G
+s/\n//
+s/^[^=]*=[	 ]*$//
+}'
+fi
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+fi # test -n "$CONFIG_FILES"
+
+# Set up the scripts for CONFIG_HEADERS section.
+# No need to generate them if there are no CONFIG_HEADERS.
+# This happens for instance with `./config.status Makefile'.
+if test -n "$CONFIG_HEADERS"; then
+cat >"$ac_tmp/defines.awk" <<\_ACAWK ||
+BEGIN {
+_ACEOF
+
+# Transform confdefs.h into an awk script `defines.awk', embedded as
+# here-document in config.status, that substitutes the proper values into
+# config.h.in to produce config.h.
+
+# Create a delimiter string that does not exist in confdefs.h, to ease
+# handling of long lines.
+ac_delim='%!_!# '
+for ac_last_try in false false :; do
+  ac_tt=`sed -n "/$ac_delim/p" confdefs.h`
+  if test -z "$ac_tt"; then
+    break
+  elif $ac_last_try; then
+    as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5
+  else
+    ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
+  fi
+done
+
+# For the awk script, D is an array of macro values keyed by name,
+# likewise P contains macro parameters if any.  Preserve backslash
+# newline sequences.
+
+ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]*
+sed -n '
+s/.\{148\}/&'"$ac_delim"'/g
+t rset
+:rset
+s/^[	 ]*#[	 ]*define[	 ][	 ]*/ /
+t def
+d
+:def
+s/\\$//
+t bsnl
+s/["\\]/\\&/g
+s/^ \('"$ac_word_re"'\)\(([^()]*)\)[	 ]*\(.*\)/P["\1"]="\2"\
+D["\1"]=" \3"/p
+s/^ \('"$ac_word_re"'\)[	 ]*\(.*\)/D["\1"]=" \2"/p
+d
+:bsnl
+s/["\\]/\\&/g
+s/^ \('"$ac_word_re"'\)\(([^()]*)\)[	 ]*\(.*\)/P["\1"]="\2"\
+D["\1"]=" \3\\\\\\n"\\/p
+t cont
+s/^ \('"$ac_word_re"'\)[	 ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p
+t cont
+d
+:cont
+n
+s/.\{148\}/&'"$ac_delim"'/g
+t clear
+:clear
+s/\\$//
+t bsnlc
+s/["\\]/\\&/g; s/^/"/; s/$/"/p
+d
+:bsnlc
+s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p
+b cont
+' <confdefs.h | sed '
+s/'"$ac_delim"'/"\\\
+"/g' >>$CONFIG_STATUS || ac_write_fail=1
+
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+  for (key in D) D_is_set[key] = 1
+  FS = ""
+}
+/^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ {
+  line = \$ 0
+  split(line, arg, " ")
+  if (arg[1] == "#") {
+    defundef = arg[2]
+    mac1 = arg[3]
+  } else {
+    defundef = substr(arg[1], 2)
+    mac1 = arg[2]
+  }
+  split(mac1, mac2, "(") #)
+  macro = mac2[1]
+  prefix = substr(line, 1, index(line, defundef) - 1)
+  if (D_is_set[macro]) {
+    # Preserve the white space surrounding the "#".
+    print prefix "define", macro P[macro] D[macro]
+    next
+  } else {
+    # Replace #undef with comments.  This is necessary, for example,
+    # in the case of _POSIX_SOURCE, which is predefined and required
+    # on some systems where configure will not decide to define it.
+    if (defundef == "undef") {
+      print "/*", prefix defundef, macro, "*/"
+      next
+    }
+  }
+}
+{ print }
+_ACAWK
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+  as_fn_error $? "could not setup config headers machinery" "$LINENO" 5
+fi # test -n "$CONFIG_HEADERS"
+
+
+eval set X "  :F $CONFIG_FILES  :H $CONFIG_HEADERS    "
+shift
+for ac_tag
+do
+  case $ac_tag in
+  :[FHLC]) ac_mode=$ac_tag; continue;;
+  esac
+  case $ac_mode$ac_tag in
+  :[FHL]*:*);;
+  :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;;
+  :[FH]-) ac_tag=-:-;;
+  :[FH]*) ac_tag=$ac_tag:$ac_tag.in;;
+  esac
+  ac_save_IFS=$IFS
+  IFS=:
+  set x $ac_tag
+  IFS=$ac_save_IFS
+  shift
+  ac_file=$1
+  shift
+
+  case $ac_mode in
+  :L) ac_source=$1;;
+  :[FH])
+    ac_file_inputs=
+    for ac_f
+    do
+      case $ac_f in
+      -) ac_f="$ac_tmp/stdin";;
+      *) # Look for the file first in the build tree, then in the source tree
+	 # (if the path is not absolute).  The absolute path cannot be DOS-style,
+	 # because $ac_f cannot contain `:'.
+	 test -f "$ac_f" ||
+	   case $ac_f in
+	   [\\/$]*) false;;
+	   *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";;
+	   esac ||
+	   as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;;
+      esac
+      case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac
+      as_fn_append ac_file_inputs " '$ac_f'"
+    done
+
+    # Let's still pretend it is `configure' which instantiates (i.e., don't
+    # use $as_me), people would be surprised to read:
+    #    /* config.h.  Generated by config.status.  */
+    configure_input='Generated from '`
+	  $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g'
+	`' by configure.'
+    if test x"$ac_file" != x-; then
+      configure_input="$ac_file.  $configure_input"
+      { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5
+$as_echo "$as_me: creating $ac_file" >&6;}
+    fi
+    # Neutralize special characters interpreted by sed in replacement strings.
+    case $configure_input in #(
+    *\&* | *\|* | *\\* )
+       ac_sed_conf_input=`$as_echo "$configure_input" |
+       sed 's/[\\\\&|]/\\\\&/g'`;; #(
+    *) ac_sed_conf_input=$configure_input;;
+    esac
+
+    case $ac_tag in
+    *:-:* | *:-) cat >"$ac_tmp/stdin" \
+      || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;;
+    esac
+    ;;
+  esac
+
+  ac_dir=`$as_dirname -- "$ac_file" ||
+$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+	 X"$ac_file" : 'X\(//\)[^/]' \| \
+	 X"$ac_file" : 'X\(//\)$' \| \
+	 X"$ac_file" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$ac_file" |
+    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)[^/].*/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+  as_dir="$ac_dir"; as_fn_mkdir_p
+  ac_builddir=.
+
+case "$ac_dir" in
+.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
+*)
+  ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'`
+  # A ".." for each directory in $ac_dir_suffix.
+  ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
+  case $ac_top_builddir_sub in
+  "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
+  *)  ac_top_build_prefix=$ac_top_builddir_sub/ ;;
+  esac ;;
+esac
+ac_abs_top_builddir=$ac_pwd
+ac_abs_builddir=$ac_pwd$ac_dir_suffix
+# for backward compatibility:
+ac_top_builddir=$ac_top_build_prefix
+
+case $srcdir in
+  .)  # We are building in place.
+    ac_srcdir=.
+    ac_top_srcdir=$ac_top_builddir_sub
+    ac_abs_top_srcdir=$ac_pwd ;;
+  [\\/]* | ?:[\\/]* )  # Absolute name.
+    ac_srcdir=$srcdir$ac_dir_suffix;
+    ac_top_srcdir=$srcdir
+    ac_abs_top_srcdir=$srcdir ;;
+  *) # Relative name.
+    ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix
+    ac_top_srcdir=$ac_top_build_prefix$srcdir
+    ac_abs_top_srcdir=$ac_pwd/$srcdir ;;
+esac
+ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix
+
+
+  case $ac_mode in
+  :F)
+  #
+  # CONFIG_FILE
+  #
+
+  case $INSTALL in
+  [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;;
+  *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;;
+  esac
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+# If the template does not know about datarootdir, expand it.
+# FIXME: This hack should be removed a few years after 2.60.
+ac_datarootdir_hack=; ac_datarootdir_seen=
+ac_sed_dataroot='
+/datarootdir/ {
+  p
+  q
+}
+/@datadir@/p
+/@docdir@/p
+/@infodir@/p
+/@localedir@/p
+/@mandir@/p'
+case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in
+*datarootdir*) ac_datarootdir_seen=yes;;
+*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*)
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5
+$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;}
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+  ac_datarootdir_hack='
+  s&@datadir@&$datadir&g
+  s&@docdir@&$docdir&g
+  s&@infodir@&$infodir&g
+  s&@localedir@&$localedir&g
+  s&@mandir@&$mandir&g
+  s&\\\${datarootdir}&$datarootdir&g' ;;
+esac
+_ACEOF
+
+# Neutralize VPATH when `$srcdir' = `.'.
+# Shell code in configure.ac might set extrasub.
+# FIXME: do we really want to maintain this feature?
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ac_sed_extra="$ac_vpsub
+$extrasub
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+:t
+/@[a-zA-Z_][a-zA-Z_0-9]*@/!b
+s|@configure_input@|$ac_sed_conf_input|;t t
+s&@top_builddir@&$ac_top_builddir_sub&;t t
+s&@top_build_prefix@&$ac_top_build_prefix&;t t
+s&@srcdir@&$ac_srcdir&;t t
+s&@abs_srcdir@&$ac_abs_srcdir&;t t
+s&@top_srcdir@&$ac_top_srcdir&;t t
+s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t
+s&@builddir@&$ac_builddir&;t t
+s&@abs_builddir@&$ac_abs_builddir&;t t
+s&@abs_top_builddir@&$ac_abs_top_builddir&;t t
+s&@INSTALL@&$ac_INSTALL&;t t
+$ac_datarootdir_hack
+"
+eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \
+  >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5
+
+test -z "$ac_datarootdir_hack$ac_datarootdir_seen" &&
+  { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } &&
+  { ac_out=`sed -n '/^[	 ]*datarootdir[	 ]*:*=/p' \
+      "$ac_tmp/out"`; test -z "$ac_out"; } &&
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir'
+which seems to be undefined.  Please make sure it is defined" >&5
+$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir'
+which seems to be undefined.  Please make sure it is defined" >&2;}
+
+  rm -f "$ac_tmp/stdin"
+  case $ac_file in
+  -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";;
+  *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";;
+  esac \
+  || as_fn_error $? "could not create $ac_file" "$LINENO" 5
+ ;;
+  :H)
+  #
+  # CONFIG_HEADER
+  #
+  if test x"$ac_file" != x-; then
+    {
+      $as_echo "/* $configure_input  */" \
+      && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs"
+    } >"$ac_tmp/config.h" \
+      || as_fn_error $? "could not create $ac_file" "$LINENO" 5
+    if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then
+      { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5
+$as_echo "$as_me: $ac_file is unchanged" >&6;}
+    else
+      rm -f "$ac_file"
+      mv "$ac_tmp/config.h" "$ac_file" \
+	|| as_fn_error $? "could not create $ac_file" "$LINENO" 5
+    fi
+  else
+    $as_echo "/* $configure_input  */" \
+      && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \
+      || as_fn_error $? "could not create -" "$LINENO" 5
+  fi
+ ;;
+  
+  
+  esac
+
+done # for ac_tag
+
+
+as_fn_exit 0
+_ACEOF
+ac_clean_files=$ac_clean_files_save
+
+test $ac_write_fail = 0 ||
+  as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5
+
+
+# configure is writing to config.log, and then calls config.status.
+# config.status does its own redirection, appending to config.log.
+# Unfortunately, on DOS this fails, as config.log is still kept open
+# by configure, so config.status won't be able to write to it; its
+# output is simply discarded.  So we exec the FD to /dev/null,
+# effectively closing config.log, so it can be properly (re)opened and
+# appended to by config.status.  When coming back to configure, we
+# need to make the FD available again.
+if test "$no_create" != yes; then
+  ac_cs_success=:
+  ac_config_status_args=
+  test "$silent" = yes &&
+    ac_config_status_args="$ac_config_status_args --quiet"
+  exec 5>/dev/null
+  $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false
+  exec 5>>config.log
+  # Use ||, not &&, to avoid exiting from the if with $? = 1, which
+  # would make configure fail if this is the last instruction.
+  $ac_cs_success || as_fn_exit 1
+fi
+if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5
+$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;}
+fi
+
diff --git a/external/privoxy/autom4te.cache/requests b/external/privoxy/autom4te.cache/requests
new file mode 100644
index 0000000..8a4a507
--- /dev/null
+++ b/external/privoxy/autom4te.cache/requests
@@ -0,0 +1,75 @@
+# This file was generated by Autom4te Sun Nov  6 20:57:04 UTC 2011.
+# It contains the lists of macros which have been traced.
+# It can be safely removed.
+
+ at request = (
+             bless( [
+                      '0',
+                      1,
+                      [
+                        '/usr/share/autoconf'
+                      ],
+                      [
+                        '/usr/share/autoconf/autoconf/autoconf.m4f',
+                        'configure.in'
+                      ],
+                      {
+                        'AM_PROG_F77_C_O' => 1,
+                        '_LT_AC_TAGCONFIG' => 1,
+                        'm4_pattern_forbid' => 1,
+                        'AC_INIT' => 1,
+                        'AC_CANONICAL_TARGET' => 1,
+                        '_AM_COND_IF' => 1,
+                        'AC_CONFIG_LIBOBJ_DIR' => 1,
+                        'AC_SUBST' => 1,
+                        'AC_CANONICAL_HOST' => 1,
+                        'AC_FC_SRCEXT' => 1,
+                        'AC_PROG_LIBTOOL' => 1,
+                        'AM_INIT_AUTOMAKE' => 1,
+                        'AC_CONFIG_SUBDIRS' => 1,
+                        'AM_PATH_GUILE' => 1,
+                        'AM_AUTOMAKE_VERSION' => 1,
+                        'LT_CONFIG_LTDL_DIR' => 1,
+                        'AC_CONFIG_LINKS' => 1,
+                        'AC_REQUIRE_AUX_FILE' => 1,
+                        'LT_SUPPORTED_TAG' => 1,
+                        'm4_sinclude' => 1,
+                        'AM_MAINTAINER_MODE' => 1,
+                        'AM_NLS' => 1,
+                        'AM_GNU_GETTEXT_INTL_SUBDIR' => 1,
+                        '_m4_warn' => 1,
+                        'AM_MAKEFILE_INCLUDE' => 1,
+                        'AM_PROG_CXX_C_O' => 1,
+                        '_AM_MAKEFILE_INCLUDE' => 1,
+                        '_AM_COND_ENDIF' => 1,
+                        'AM_ENABLE_MULTILIB' => 1,
+                        'AM_SILENT_RULES' => 1,
+                        'AM_PROG_MOC' => 1,
+                        'AC_CONFIG_FILES' => 1,
+                        'LT_INIT' => 1,
+                        'include' => 1,
+                        'AM_GNU_GETTEXT' => 1,
+                        'AM_PROG_AR' => 1,
+                        'AC_LIBSOURCE' => 1,
+                        'AC_CANONICAL_BUILD' => 1,
+                        'AM_PROG_FC_C_O' => 1,
+                        'AC_FC_FREEFORM' => 1,
+                        'AH_OUTPUT' => 1,
+                        'AC_CONFIG_AUX_DIR' => 1,
+                        '_AM_SUBST_NOTMAKE' => 1,
+                        'm4_pattern_allow' => 1,
+                        'AM_PROG_CC_C_O' => 1,
+                        'sinclude' => 1,
+                        'AM_CONDITIONAL' => 1,
+                        'AC_CANONICAL_SYSTEM' => 1,
+                        'AM_XGETTEXT_OPTION' => 1,
+                        'AC_CONFIG_HEADERS' => 1,
+                        'AC_DEFINE_TRACE_LITERAL' => 1,
+                        'AM_POT_TOOLS' => 1,
+                        'm4_include' => 1,
+                        '_AM_COND_ELSE' => 1,
+                        'AC_SUBST_TRACE' => 1
+                      }
+                    ], 'Autom4te::Request' )
+           );
+
diff --git a/external/privoxy/autom4te.cache/traces.0 b/external/privoxy/autom4te.cache/traces.0
new file mode 100644
index 0000000..e49e905
--- /dev/null
+++ b/external/privoxy/autom4te.cache/traces.0
@@ -0,0 +1,726 @@
+m4trace:configure.in:570: -1- AC_INIT([jcc.c])
+m4trace:configure.in:570: -1- m4_pattern_forbid([^_?A[CHUM]_])
+m4trace:configure.in:570: -1- m4_pattern_forbid([_AC_])
+m4trace:configure.in:570: -1- m4_pattern_forbid([^LIBOBJS$], [do not use LIBOBJS directly, use AC_LIBOBJ (see section `AC_LIBOBJ vs LIBOBJS'])
+m4trace:configure.in:570: -1- m4_pattern_allow([^AS_FLAGS$])
+m4trace:configure.in:570: -1- m4_pattern_forbid([^_?m4_])
+m4trace:configure.in:570: -1- m4_pattern_forbid([^dnl$])
+m4trace:configure.in:570: -1- m4_pattern_forbid([^_?AS_])
+m4trace:configure.in:570: -1- AC_SUBST([SHELL])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([SHELL])
+m4trace:configure.in:570: -1- m4_pattern_allow([^SHELL$])
+m4trace:configure.in:570: -1- AC_SUBST([PATH_SEPARATOR])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([PATH_SEPARATOR])
+m4trace:configure.in:570: -1- m4_pattern_allow([^PATH_SEPARATOR$])
+m4trace:configure.in:570: -1- AC_SUBST([PACKAGE_NAME], [m4_ifdef([AC_PACKAGE_NAME],      ['AC_PACKAGE_NAME'])])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([PACKAGE_NAME])
+m4trace:configure.in:570: -1- m4_pattern_allow([^PACKAGE_NAME$])
+m4trace:configure.in:570: -1- AC_SUBST([PACKAGE_TARNAME], [m4_ifdef([AC_PACKAGE_TARNAME],   ['AC_PACKAGE_TARNAME'])])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([PACKAGE_TARNAME])
+m4trace:configure.in:570: -1- m4_pattern_allow([^PACKAGE_TARNAME$])
+m4trace:configure.in:570: -1- AC_SUBST([PACKAGE_VERSION], [m4_ifdef([AC_PACKAGE_VERSION],   ['AC_PACKAGE_VERSION'])])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([PACKAGE_VERSION])
+m4trace:configure.in:570: -1- m4_pattern_allow([^PACKAGE_VERSION$])
+m4trace:configure.in:570: -1- AC_SUBST([PACKAGE_STRING], [m4_ifdef([AC_PACKAGE_STRING],    ['AC_PACKAGE_STRING'])])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([PACKAGE_STRING])
+m4trace:configure.in:570: -1- m4_pattern_allow([^PACKAGE_STRING$])
+m4trace:configure.in:570: -1- AC_SUBST([PACKAGE_BUGREPORT], [m4_ifdef([AC_PACKAGE_BUGREPORT], ['AC_PACKAGE_BUGREPORT'])])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([PACKAGE_BUGREPORT])
+m4trace:configure.in:570: -1- m4_pattern_allow([^PACKAGE_BUGREPORT$])
+m4trace:configure.in:570: -1- AC_SUBST([PACKAGE_URL], [m4_ifdef([AC_PACKAGE_URL],       ['AC_PACKAGE_URL'])])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([PACKAGE_URL])
+m4trace:configure.in:570: -1- m4_pattern_allow([^PACKAGE_URL$])
+m4trace:configure.in:570: -1- AC_SUBST([exec_prefix], [NONE])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([exec_prefix])
+m4trace:configure.in:570: -1- m4_pattern_allow([^exec_prefix$])
+m4trace:configure.in:570: -1- AC_SUBST([prefix], [NONE])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([prefix])
+m4trace:configure.in:570: -1- m4_pattern_allow([^prefix$])
+m4trace:configure.in:570: -1- AC_SUBST([program_transform_name], [s,x,x,])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([program_transform_name])
+m4trace:configure.in:570: -1- m4_pattern_allow([^program_transform_name$])
+m4trace:configure.in:570: -1- AC_SUBST([bindir], ['${exec_prefix}/bin'])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([bindir])
+m4trace:configure.in:570: -1- m4_pattern_allow([^bindir$])
+m4trace:configure.in:570: -1- AC_SUBST([sbindir], ['${exec_prefix}/sbin'])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([sbindir])
+m4trace:configure.in:570: -1- m4_pattern_allow([^sbindir$])
+m4trace:configure.in:570: -1- AC_SUBST([libexecdir], ['${exec_prefix}/libexec'])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([libexecdir])
+m4trace:configure.in:570: -1- m4_pattern_allow([^libexecdir$])
+m4trace:configure.in:570: -1- AC_SUBST([datarootdir], ['${prefix}/share'])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([datarootdir])
+m4trace:configure.in:570: -1- m4_pattern_allow([^datarootdir$])
+m4trace:configure.in:570: -1- AC_SUBST([datadir], ['${datarootdir}'])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([datadir])
+m4trace:configure.in:570: -1- m4_pattern_allow([^datadir$])
+m4trace:configure.in:570: -1- AC_SUBST([sysconfdir], ['${prefix}/etc'])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([sysconfdir])
+m4trace:configure.in:570: -1- m4_pattern_allow([^sysconfdir$])
+m4trace:configure.in:570: -1- AC_SUBST([sharedstatedir], ['${prefix}/com'])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([sharedstatedir])
+m4trace:configure.in:570: -1- m4_pattern_allow([^sharedstatedir$])
+m4trace:configure.in:570: -1- AC_SUBST([localstatedir], ['${prefix}/var'])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([localstatedir])
+m4trace:configure.in:570: -1- m4_pattern_allow([^localstatedir$])
+m4trace:configure.in:570: -1- AC_SUBST([includedir], ['${prefix}/include'])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([includedir])
+m4trace:configure.in:570: -1- m4_pattern_allow([^includedir$])
+m4trace:configure.in:570: -1- AC_SUBST([oldincludedir], ['/usr/include'])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([oldincludedir])
+m4trace:configure.in:570: -1- m4_pattern_allow([^oldincludedir$])
+m4trace:configure.in:570: -1- AC_SUBST([docdir], [m4_ifset([AC_PACKAGE_TARNAME],
+				     ['${datarootdir}/doc/${PACKAGE_TARNAME}'],
+				     ['${datarootdir}/doc/${PACKAGE}'])])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([docdir])
+m4trace:configure.in:570: -1- m4_pattern_allow([^docdir$])
+m4trace:configure.in:570: -1- AC_SUBST([infodir], ['${datarootdir}/info'])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([infodir])
+m4trace:configure.in:570: -1- m4_pattern_allow([^infodir$])
+m4trace:configure.in:570: -1- AC_SUBST([htmldir], ['${docdir}'])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([htmldir])
+m4trace:configure.in:570: -1- m4_pattern_allow([^htmldir$])
+m4trace:configure.in:570: -1- AC_SUBST([dvidir], ['${docdir}'])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([dvidir])
+m4trace:configure.in:570: -1- m4_pattern_allow([^dvidir$])
+m4trace:configure.in:570: -1- AC_SUBST([pdfdir], ['${docdir}'])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([pdfdir])
+m4trace:configure.in:570: -1- m4_pattern_allow([^pdfdir$])
+m4trace:configure.in:570: -1- AC_SUBST([psdir], ['${docdir}'])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([psdir])
+m4trace:configure.in:570: -1- m4_pattern_allow([^psdir$])
+m4trace:configure.in:570: -1- AC_SUBST([libdir], ['${exec_prefix}/lib'])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([libdir])
+m4trace:configure.in:570: -1- m4_pattern_allow([^libdir$])
+m4trace:configure.in:570: -1- AC_SUBST([localedir], ['${datarootdir}/locale'])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([localedir])
+m4trace:configure.in:570: -1- m4_pattern_allow([^localedir$])
+m4trace:configure.in:570: -1- AC_SUBST([mandir], ['${datarootdir}/man'])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([mandir])
+m4trace:configure.in:570: -1- m4_pattern_allow([^mandir$])
+m4trace:configure.in:570: -1- AC_DEFINE_TRACE_LITERAL([PACKAGE_NAME])
+m4trace:configure.in:570: -1- m4_pattern_allow([^PACKAGE_NAME$])
+m4trace:configure.in:570: -1- AH_OUTPUT([PACKAGE_NAME], [/* Define to the full name of this package. */
+@%:@undef PACKAGE_NAME])
+m4trace:configure.in:570: -1- AC_DEFINE_TRACE_LITERAL([PACKAGE_TARNAME])
+m4trace:configure.in:570: -1- m4_pattern_allow([^PACKAGE_TARNAME$])
+m4trace:configure.in:570: -1- AH_OUTPUT([PACKAGE_TARNAME], [/* Define to the one symbol short name of this package. */
+@%:@undef PACKAGE_TARNAME])
+m4trace:configure.in:570: -1- AC_DEFINE_TRACE_LITERAL([PACKAGE_VERSION])
+m4trace:configure.in:570: -1- m4_pattern_allow([^PACKAGE_VERSION$])
+m4trace:configure.in:570: -1- AH_OUTPUT([PACKAGE_VERSION], [/* Define to the version of this package. */
+@%:@undef PACKAGE_VERSION])
+m4trace:configure.in:570: -1- AC_DEFINE_TRACE_LITERAL([PACKAGE_STRING])
+m4trace:configure.in:570: -1- m4_pattern_allow([^PACKAGE_STRING$])
+m4trace:configure.in:570: -1- AH_OUTPUT([PACKAGE_STRING], [/* Define to the full name and version of this package. */
+@%:@undef PACKAGE_STRING])
+m4trace:configure.in:570: -1- AC_DEFINE_TRACE_LITERAL([PACKAGE_BUGREPORT])
+m4trace:configure.in:570: -1- m4_pattern_allow([^PACKAGE_BUGREPORT$])
+m4trace:configure.in:570: -1- AH_OUTPUT([PACKAGE_BUGREPORT], [/* Define to the address where bug reports for this package should be sent. */
+@%:@undef PACKAGE_BUGREPORT])
+m4trace:configure.in:570: -1- AC_DEFINE_TRACE_LITERAL([PACKAGE_URL])
+m4trace:configure.in:570: -1- m4_pattern_allow([^PACKAGE_URL$])
+m4trace:configure.in:570: -1- AH_OUTPUT([PACKAGE_URL], [/* Define to the home page for this package. */
+@%:@undef PACKAGE_URL])
+m4trace:configure.in:570: -1- AC_SUBST([DEFS])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([DEFS])
+m4trace:configure.in:570: -1- m4_pattern_allow([^DEFS$])
+m4trace:configure.in:570: -1- AC_SUBST([ECHO_C])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([ECHO_C])
+m4trace:configure.in:570: -1- m4_pattern_allow([^ECHO_C$])
+m4trace:configure.in:570: -1- AC_SUBST([ECHO_N])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([ECHO_N])
+m4trace:configure.in:570: -1- m4_pattern_allow([^ECHO_N$])
+m4trace:configure.in:570: -1- AC_SUBST([ECHO_T])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([ECHO_T])
+m4trace:configure.in:570: -1- m4_pattern_allow([^ECHO_T$])
+m4trace:configure.in:570: -1- AC_SUBST([LIBS])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([LIBS])
+m4trace:configure.in:570: -1- m4_pattern_allow([^LIBS$])
+m4trace:configure.in:570: -1- AC_SUBST([build_alias])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([build_alias])
+m4trace:configure.in:570: -1- m4_pattern_allow([^build_alias$])
+m4trace:configure.in:570: -1- AC_SUBST([host_alias])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([host_alias])
+m4trace:configure.in:570: -1- m4_pattern_allow([^host_alias$])
+m4trace:configure.in:570: -1- AC_SUBST([target_alias])
+m4trace:configure.in:570: -1- AC_SUBST_TRACE([target_alias])
+m4trace:configure.in:570: -1- m4_pattern_allow([^target_alias$])
+m4trace:configure.in:583: -1- AC_CONFIG_HEADERS([config.h])
+m4trace:configure.in:584: -1- AC_CANONICAL_HOST
+m4trace:configure.in:584: -1- AC_CANONICAL_BUILD
+m4trace:configure.in:584: -1- AC_REQUIRE_AUX_FILE([config.sub])
+m4trace:configure.in:584: -1- AC_REQUIRE_AUX_FILE([config.guess])
+m4trace:configure.in:584: -1- AC_SUBST([build], [$ac_cv_build])
+m4trace:configure.in:584: -1- AC_SUBST_TRACE([build])
+m4trace:configure.in:584: -1- m4_pattern_allow([^build$])
+m4trace:configure.in:584: -1- AC_SUBST([build_cpu], [$[1]])
+m4trace:configure.in:584: -1- AC_SUBST_TRACE([build_cpu])
+m4trace:configure.in:584: -1- m4_pattern_allow([^build_cpu$])
+m4trace:configure.in:584: -1- AC_SUBST([build_vendor], [$[2]])
+m4trace:configure.in:584: -1- AC_SUBST_TRACE([build_vendor])
+m4trace:configure.in:584: -1- m4_pattern_allow([^build_vendor$])
+m4trace:configure.in:584: -1- AC_SUBST([build_os])
+m4trace:configure.in:584: -1- AC_SUBST_TRACE([build_os])
+m4trace:configure.in:584: -1- m4_pattern_allow([^build_os$])
+m4trace:configure.in:584: -1- AC_SUBST([host], [$ac_cv_host])
+m4trace:configure.in:584: -1- AC_SUBST_TRACE([host])
+m4trace:configure.in:584: -1- m4_pattern_allow([^host$])
+m4trace:configure.in:584: -1- AC_SUBST([host_cpu], [$[1]])
+m4trace:configure.in:584: -1- AC_SUBST_TRACE([host_cpu])
+m4trace:configure.in:584: -1- m4_pattern_allow([^host_cpu$])
+m4trace:configure.in:584: -1- AC_SUBST([host_vendor], [$[2]])
+m4trace:configure.in:584: -1- AC_SUBST_TRACE([host_vendor])
+m4trace:configure.in:584: -1- m4_pattern_allow([^host_vendor$])
+m4trace:configure.in:584: -1- AC_SUBST([host_os])
+m4trace:configure.in:584: -1- AC_SUBST_TRACE([host_os])
+m4trace:configure.in:584: -1- m4_pattern_allow([^host_os$])
+m4trace:configure.in:626: -1- AC_SUBST([VERSION_MAJOR])
+m4trace:configure.in:626: -1- AC_SUBST_TRACE([VERSION_MAJOR])
+m4trace:configure.in:626: -1- m4_pattern_allow([^VERSION_MAJOR$])
+m4trace:configure.in:627: -1- AC_SUBST([VERSION_MINOR])
+m4trace:configure.in:627: -1- AC_SUBST_TRACE([VERSION_MINOR])
+m4trace:configure.in:627: -1- m4_pattern_allow([^VERSION_MINOR$])
+m4trace:configure.in:628: -1- AC_SUBST([VERSION_POINT])
+m4trace:configure.in:628: -1- AC_SUBST_TRACE([VERSION_POINT])
+m4trace:configure.in:628: -1- m4_pattern_allow([^VERSION_POINT$])
+m4trace:configure.in:629: -1- AC_SUBST([CODE_STATUS])
+m4trace:configure.in:629: -1- AC_SUBST_TRACE([CODE_STATUS])
+m4trace:configure.in:629: -1- m4_pattern_allow([^CODE_STATUS$])
+m4trace:configure.in:632: -1- AC_DEFINE_TRACE_LITERAL([VERSION_MAJOR])
+m4trace:configure.in:632: -1- m4_pattern_allow([^VERSION_MAJOR$])
+m4trace:configure.in:633: -1- AC_DEFINE_TRACE_LITERAL([VERSION_MINOR])
+m4trace:configure.in:633: -1- m4_pattern_allow([^VERSION_MINOR$])
+m4trace:configure.in:634: -1- AC_DEFINE_TRACE_LITERAL([VERSION_POINT])
+m4trace:configure.in:634: -1- m4_pattern_allow([^VERSION_POINT$])
+m4trace:configure.in:635: -1- AC_DEFINE_TRACE_LITERAL([VERSION])
+m4trace:configure.in:635: -1- m4_pattern_allow([^VERSION$])
+m4trace:configure.in:636: -1- AC_DEFINE_TRACE_LITERAL([CODE_STATUS])
+m4trace:configure.in:636: -1- m4_pattern_allow([^CODE_STATUS$])
+m4trace:configure.in:647: -1- AC_SUBST([CC])
+m4trace:configure.in:647: -1- AC_SUBST_TRACE([CC])
+m4trace:configure.in:647: -1- m4_pattern_allow([^CC$])
+m4trace:configure.in:647: -1- AC_SUBST([CFLAGS])
+m4trace:configure.in:647: -1- AC_SUBST_TRACE([CFLAGS])
+m4trace:configure.in:647: -1- m4_pattern_allow([^CFLAGS$])
+m4trace:configure.in:647: -1- AC_SUBST([LDFLAGS])
+m4trace:configure.in:647: -1- AC_SUBST_TRACE([LDFLAGS])
+m4trace:configure.in:647: -1- m4_pattern_allow([^LDFLAGS$])
+m4trace:configure.in:647: -1- AC_SUBST([LIBS])
+m4trace:configure.in:647: -1- AC_SUBST_TRACE([LIBS])
+m4trace:configure.in:647: -1- m4_pattern_allow([^LIBS$])
+m4trace:configure.in:647: -1- AC_SUBST([CPPFLAGS])
+m4trace:configure.in:647: -1- AC_SUBST_TRACE([CPPFLAGS])
+m4trace:configure.in:647: -1- m4_pattern_allow([^CPPFLAGS$])
+m4trace:configure.in:647: -1- AC_SUBST([CC])
+m4trace:configure.in:647: -1- AC_SUBST_TRACE([CC])
+m4trace:configure.in:647: -1- m4_pattern_allow([^CC$])
+m4trace:configure.in:647: -1- AC_SUBST([CC])
+m4trace:configure.in:647: -1- AC_SUBST_TRACE([CC])
+m4trace:configure.in:647: -1- m4_pattern_allow([^CC$])
+m4trace:configure.in:647: -1- AC_SUBST([CC])
+m4trace:configure.in:647: -1- AC_SUBST_TRACE([CC])
+m4trace:configure.in:647: -1- m4_pattern_allow([^CC$])
+m4trace:configure.in:647: -1- AC_SUBST([CC])
+m4trace:configure.in:647: -1- AC_SUBST_TRACE([CC])
+m4trace:configure.in:647: -1- m4_pattern_allow([^CC$])
+m4trace:configure.in:647: -1- AC_SUBST([ac_ct_CC])
+m4trace:configure.in:647: -1- AC_SUBST_TRACE([ac_ct_CC])
+m4trace:configure.in:647: -1- m4_pattern_allow([^ac_ct_CC$])
+m4trace:configure.in:647: -1- AC_SUBST([EXEEXT], [$ac_cv_exeext])
+m4trace:configure.in:647: -1- AC_SUBST_TRACE([EXEEXT])
+m4trace:configure.in:647: -1- m4_pattern_allow([^EXEEXT$])
+m4trace:configure.in:647: -1- AC_SUBST([OBJEXT], [$ac_cv_objext])
+m4trace:configure.in:647: -1- AC_SUBST_TRACE([OBJEXT])
+m4trace:configure.in:647: -1- m4_pattern_allow([^OBJEXT$])
+m4trace:configure.in:648: -1- AC_SUBST([CPP])
+m4trace:configure.in:648: -1- AC_SUBST_TRACE([CPP])
+m4trace:configure.in:648: -1- m4_pattern_allow([^CPP$])
+m4trace:configure.in:648: -1- AC_SUBST([CPPFLAGS])
+m4trace:configure.in:648: -1- AC_SUBST_TRACE([CPPFLAGS])
+m4trace:configure.in:648: -1- m4_pattern_allow([^CPPFLAGS$])
+m4trace:configure.in:648: -1- AC_SUBST([CPP])
+m4trace:configure.in:648: -1- AC_SUBST_TRACE([CPP])
+m4trace:configure.in:648: -1- m4_pattern_allow([^CPP$])
+m4trace:configure.in:649: -1- AC_REQUIRE_AUX_FILE([install-sh])
+m4trace:configure.in:649: -1- AC_SUBST([INSTALL_PROGRAM])
+m4trace:configure.in:649: -1- AC_SUBST_TRACE([INSTALL_PROGRAM])
+m4trace:configure.in:649: -1- m4_pattern_allow([^INSTALL_PROGRAM$])
+m4trace:configure.in:649: -1- AC_SUBST([INSTALL_SCRIPT])
+m4trace:configure.in:649: -1- AC_SUBST_TRACE([INSTALL_SCRIPT])
+m4trace:configure.in:649: -1- m4_pattern_allow([^INSTALL_SCRIPT$])
+m4trace:configure.in:649: -1- AC_SUBST([INSTALL_DATA])
+m4trace:configure.in:649: -1- AC_SUBST_TRACE([INSTALL_DATA])
+m4trace:configure.in:649: -1- m4_pattern_allow([^INSTALL_DATA$])
+m4trace:configure.in:650: -1- AC_SUBST([LN_S], [$as_ln_s])
+m4trace:configure.in:650: -1- AC_SUBST_TRACE([LN_S])
+m4trace:configure.in:650: -1- m4_pattern_allow([^LN_S$])
+m4trace:configure.in:651: -1- AC_SUBST([SET_MAKE])
+m4trace:configure.in:651: -1- AC_SUBST_TRACE([SET_MAKE])
+m4trace:configure.in:651: -1- m4_pattern_allow([^SET_MAKE$])
+m4trace:configure.in:652: -1- AC_SUBST([AWK])
+m4trace:configure.in:652: -1- AC_SUBST_TRACE([AWK])
+m4trace:configure.in:652: -1- m4_pattern_allow([^AWK$])
+m4trace:configure.in:654: -1- AC_SUBST([GDB])
+m4trace:configure.in:654: -1- AC_SUBST_TRACE([GDB])
+m4trace:configure.in:654: -1- m4_pattern_allow([^GDB$])
+m4trace:configure.in:655: -1- AC_SUBST([BGROUPS])
+m4trace:configure.in:655: -1- AC_SUBST_TRACE([BGROUPS])
+m4trace:configure.in:655: -1- m4_pattern_allow([^BGROUPS$])
+m4trace:configure.in:656: -1- AC_SUBST([ID])
+m4trace:configure.in:656: -1- AC_SUBST_TRACE([ID])
+m4trace:configure.in:656: -1- m4_pattern_allow([^ID$])
+m4trace:configure.in:657: -1- AC_SUBST([ID])
+m4trace:configure.in:657: -1- AC_SUBST_TRACE([ID])
+m4trace:configure.in:657: -1- m4_pattern_allow([^ID$])
+m4trace:configure.in:658: -1- AC_SUBST([BGROUPS])
+m4trace:configure.in:658: -1- AC_SUBST_TRACE([BGROUPS])
+m4trace:configure.in:658: -1- m4_pattern_allow([^BGROUPS$])
+m4trace:configure.in:734: -1- AC_SUBST([USER])
+m4trace:configure.in:734: -1- AC_SUBST_TRACE([USER])
+m4trace:configure.in:734: -1- m4_pattern_allow([^USER$])
+m4trace:configure.in:771: -1- AC_SUBST([GROUP])
+m4trace:configure.in:771: -1- AC_SUBST_TRACE([GROUP])
+m4trace:configure.in:771: -1- m4_pattern_allow([^GROUP$])
+m4trace:configure.in:799: -1- _m4_warn([obsolete], [The macro `AC_MINGW32' is obsolete.
+You should run autoupdate.], [../../lib/autoconf/specific.m4:345: AC_MINGW32 is expanded from...
+configure.in:799: the top level])
+m4trace:configure.in:799: -1- AC_CANONICAL_HOST
+m4trace:configure.in:800: -1- _m4_warn([obsolete], [The macro `AC_CYGWIN' is obsolete.
+You should run autoupdate.], [../../lib/autoconf/specific.m4:317: AC_CYGWIN is expanded from...
+configure.in:800: the top level])
+m4trace:configure.in:800: -1- AC_CANONICAL_HOST
+m4trace:configure.in:849: -1- AC_SUBST([WIN_ONLY])
+m4trace:configure.in:849: -1- AC_SUBST_TRACE([WIN_ONLY])
+m4trace:configure.in:849: -1- m4_pattern_allow([^WIN_ONLY$])
+m4trace:configure.in:853: -1- AC_SUBST([WDUMP])
+m4trace:configure.in:853: -1- AC_SUBST_TRACE([WDUMP])
+m4trace:configure.in:853: -1- m4_pattern_allow([^WDUMP$])
+m4trace:configure.in:861: -1- AC_SUBST([DB2HTML])
+m4trace:configure.in:861: -1- AC_SUBST_TRACE([DB2HTML])
+m4trace:configure.in:861: -1- m4_pattern_allow([^DB2HTML$])
+m4trace:configure.in:864: -1- AC_SUBST([WDUMP])
+m4trace:configure.in:864: -1- AC_SUBST_TRACE([WDUMP])
+m4trace:configure.in:864: -1- m4_pattern_allow([^WDUMP$])
+m4trace:configure.in:865: -1- AC_SUBST([DB2HTML])
+m4trace:configure.in:865: -1- AC_SUBST_TRACE([DB2HTML])
+m4trace:configure.in:865: -1- m4_pattern_allow([^DB2HTML$])
+m4trace:configure.in:868: -1- AC_SUBST([RPMBIN])
+m4trace:configure.in:868: -1- AC_SUBST_TRACE([RPMBIN])
+m4trace:configure.in:868: -1- m4_pattern_allow([^RPMBIN$])
+m4trace:configure.in:875: -1- AC_SUBST([RPM_BASE])
+m4trace:configure.in:875: -1- AC_SUBST_TRACE([RPM_BASE])
+m4trace:configure.in:875: -1- m4_pattern_allow([^RPM_BASE$])
+m4trace:configure.in:878: -1- AC_SUBST([JADEBIN])
+m4trace:configure.in:878: -1- AC_SUBST_TRACE([JADEBIN])
+m4trace:configure.in:878: -1- m4_pattern_allow([^JADEBIN$])
+m4trace:configure.in:879: -1- AC_SUBST([JADEBIN])
+m4trace:configure.in:879: -1- AC_SUBST_TRACE([JADEBIN])
+m4trace:configure.in:879: -1- m4_pattern_allow([^JADEBIN$])
+m4trace:configure.in:882: -1- AC_SUBST([MAN2HTML])
+m4trace:configure.in:882: -1- AC_SUBST_TRACE([MAN2HTML])
+m4trace:configure.in:882: -1- m4_pattern_allow([^MAN2HTML$])
+m4trace:configure.in:883: -1- AC_SUBST([MAN2HTML])
+m4trace:configure.in:883: -1- AC_SUBST_TRACE([MAN2HTML])
+m4trace:configure.in:883: -1- m4_pattern_allow([^MAN2HTML$])
+m4trace:configure.in:890: -1- AC_SUBST([DOC_STATUS])
+m4trace:configure.in:890: -1- AC_SUBST_TRACE([DOC_STATUS])
+m4trace:configure.in:890: -1- m4_pattern_allow([^DOC_STATUS$])
+m4trace:configure.in:932: -1- AC_SUBST([JADECAT])
+m4trace:configure.in:932: -1- AC_SUBST_TRACE([JADECAT])
+m4trace:configure.in:932: -1- m4_pattern_allow([^JADECAT$])
+m4trace:configure.in:933: -1- AC_SUBST([DKPREFIX])
+m4trace:configure.in:933: -1- AC_SUBST_TRACE([DKPREFIX])
+m4trace:configure.in:933: -1- m4_pattern_allow([^DKPREFIX$])
+m4trace:configure.in:951: -1- AC_SUBST([GREP])
+m4trace:configure.in:951: -1- AC_SUBST_TRACE([GREP])
+m4trace:configure.in:951: -1- m4_pattern_allow([^GREP$])
+m4trace:configure.in:951: -1- AC_SUBST([EGREP])
+m4trace:configure.in:951: -1- AC_SUBST_TRACE([EGREP])
+m4trace:configure.in:951: -1- m4_pattern_allow([^EGREP$])
+m4trace:configure.in:951: -1- AC_DEFINE_TRACE_LITERAL([STDC_HEADERS])
+m4trace:configure.in:951: -1- m4_pattern_allow([^STDC_HEADERS$])
+m4trace:configure.in:951: -1- AH_OUTPUT([STDC_HEADERS], [/* Define to 1 if you have the ANSI C header files. */
+@%:@undef STDC_HEADERS])
+m4trace:configure.in:951: -1- AH_OUTPUT([HAVE_SYS_TYPES_H], [/* Define to 1 if you have the <sys/types.h> header file. */
+@%:@undef HAVE_SYS_TYPES_H])
+m4trace:configure.in:951: -1- AH_OUTPUT([HAVE_SYS_STAT_H], [/* Define to 1 if you have the <sys/stat.h> header file. */
+@%:@undef HAVE_SYS_STAT_H])
+m4trace:configure.in:951: -1- AH_OUTPUT([HAVE_STDLIB_H], [/* Define to 1 if you have the <stdlib.h> header file. */
+@%:@undef HAVE_STDLIB_H])
+m4trace:configure.in:951: -1- AH_OUTPUT([HAVE_STRING_H], [/* Define to 1 if you have the <string.h> header file. */
+@%:@undef HAVE_STRING_H])
+m4trace:configure.in:951: -1- AH_OUTPUT([HAVE_MEMORY_H], [/* Define to 1 if you have the <memory.h> header file. */
+@%:@undef HAVE_MEMORY_H])
+m4trace:configure.in:951: -1- AH_OUTPUT([HAVE_STRINGS_H], [/* Define to 1 if you have the <strings.h> header file. */
+@%:@undef HAVE_STRINGS_H])
+m4trace:configure.in:951: -1- AH_OUTPUT([HAVE_INTTYPES_H], [/* Define to 1 if you have the <inttypes.h> header file. */
+@%:@undef HAVE_INTTYPES_H])
+m4trace:configure.in:951: -1- AH_OUTPUT([HAVE_STDINT_H], [/* Define to 1 if you have the <stdint.h> header file. */
+@%:@undef HAVE_STDINT_H])
+m4trace:configure.in:951: -1- AH_OUTPUT([HAVE_UNISTD_H], [/* Define to 1 if you have the <unistd.h> header file. */
+@%:@undef HAVE_UNISTD_H])
+m4trace:configure.in:966: -1- AC_DEFINE_TRACE_LITERAL([FEATURE_PTHREAD])
+m4trace:configure.in:966: -1- m4_pattern_allow([^FEATURE_PTHREAD$])
+m4trace:configure.in:973: -1- _m4_warn([obsolete], [The macro `AC_TRY_LINK' is obsolete.
+You should run autoupdate.], [../../lib/autoconf/general.m4:2688: AC_TRY_LINK is expanded from...
+configure.in:973: the top level])
+m4trace:configure.in:989: -1- AC_SUBST([PTHREAD_ONLY])
+m4trace:configure.in:989: -1- AC_SUBST_TRACE([PTHREAD_ONLY])
+m4trace:configure.in:989: -1- m4_pattern_allow([^PTHREAD_ONLY$])
+m4trace:configure.in:997: -1- AH_OUTPUT([HAVE_LIBNSL], [/* Define to 1 if you have the `nsl\' library (-lnsl). */
+@%:@undef HAVE_LIBNSL])
+m4trace:configure.in:997: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LIBNSL])
+m4trace:configure.in:997: -1- m4_pattern_allow([^HAVE_LIBNSL$])
+m4trace:configure.in:999: -1- _m4_warn([obsolete], [The macro `AC_TRY_COMPILE' is obsolete.
+You should run autoupdate.], [../../lib/autoconf/general.m4:2615: AC_TRY_COMPILE is expanded from...
+../../lib/m4sugar/m4sh.m4:606: AS_IF is expanded from...
+../../lib/autoconf/functions.m4:60: AC_CHECK_FUNC is expanded from...
+configure.in:999: the top level])
+m4trace:configure.in:999: -1- AC_DEFINE_TRACE_LITERAL([HAVE_GETHOSTBYADDR_R_8_ARGS])
+m4trace:configure.in:999: -1- m4_pattern_allow([^HAVE_GETHOSTBYADDR_R_8_ARGS$])
+m4trace:configure.in:999: -1- _m4_warn([obsolete], [The macro `AC_TRY_COMPILE' is obsolete.
+You should run autoupdate.], [../../lib/autoconf/general.m4:2615: AC_TRY_COMPILE is expanded from...
+../../lib/m4sugar/m4sh.m4:606: AS_IF is expanded from...
+../../lib/autoconf/general.m4:2591: _AC_COMPILE_IFELSE is expanded from...
+../../lib/autoconf/general.m4:2607: AC_COMPILE_IFELSE is expanded from...
+../../lib/autoconf/general.m4:2615: AC_TRY_COMPILE is expanded from...
+../../lib/m4sugar/m4sh.m4:606: AS_IF is expanded from...
+../../lib/autoconf/functions.m4:60: AC_CHECK_FUNC is expanded from...
+configure.in:999: the top level])
+m4trace:configure.in:999: -1- AC_DEFINE_TRACE_LITERAL([HAVE_GETHOSTBYADDR_R_7_ARGS])
+m4trace:configure.in:999: -1- m4_pattern_allow([^HAVE_GETHOSTBYADDR_R_7_ARGS$])
+m4trace:configure.in:999: -1- _m4_warn([obsolete], [The macro `AC_TRY_COMPILE' is obsolete.
+You should run autoupdate.], [../../lib/autoconf/general.m4:2615: AC_TRY_COMPILE is expanded from...
+../../lib/m4sugar/m4sh.m4:606: AS_IF is expanded from...
+../../lib/autoconf/general.m4:2591: _AC_COMPILE_IFELSE is expanded from...
+../../lib/autoconf/general.m4:2607: AC_COMPILE_IFELSE is expanded from...
+../../lib/autoconf/general.m4:2615: AC_TRY_COMPILE is expanded from...
+../../lib/m4sugar/m4sh.m4:606: AS_IF is expanded from...
+../../lib/autoconf/general.m4:2591: _AC_COMPILE_IFELSE is expanded from...
+../../lib/autoconf/general.m4:2607: AC_COMPILE_IFELSE is expanded from...
+../../lib/autoconf/general.m4:2615: AC_TRY_COMPILE is expanded from...
+../../lib/m4sugar/m4sh.m4:606: AS_IF is expanded from...
+../../lib/autoconf/functions.m4:60: AC_CHECK_FUNC is expanded from...
+configure.in:999: the top level])
+m4trace:configure.in:999: -1- AC_DEFINE_TRACE_LITERAL([HAVE_GETHOSTBYADDR_R_5_ARGS])
+m4trace:configure.in:999: -1- m4_pattern_allow([^HAVE_GETHOSTBYADDR_R_5_ARGS$])
+m4trace:configure.in:1043: -1- _m4_warn([obsolete], [The macro `AC_TRY_COMPILE' is obsolete.
+You should run autoupdate.], [../../lib/autoconf/general.m4:2615: AC_TRY_COMPILE is expanded from...
+../../lib/m4sugar/m4sh.m4:606: AS_IF is expanded from...
+../../lib/autoconf/functions.m4:60: AC_CHECK_FUNC is expanded from...
+configure.in:1043: the top level])
+m4trace:configure.in:1043: -1- AC_DEFINE_TRACE_LITERAL([HAVE_GETHOSTBYNAME_R_6_ARGS])
+m4trace:configure.in:1043: -1- m4_pattern_allow([^HAVE_GETHOSTBYNAME_R_6_ARGS$])
+m4trace:configure.in:1043: -1- _m4_warn([obsolete], [The macro `AC_TRY_COMPILE' is obsolete.
+You should run autoupdate.], [../../lib/autoconf/general.m4:2615: AC_TRY_COMPILE is expanded from...
+../../lib/m4sugar/m4sh.m4:606: AS_IF is expanded from...
+../../lib/autoconf/general.m4:2591: _AC_COMPILE_IFELSE is expanded from...
+../../lib/autoconf/general.m4:2607: AC_COMPILE_IFELSE is expanded from...
+../../lib/autoconf/general.m4:2615: AC_TRY_COMPILE is expanded from...
+../../lib/m4sugar/m4sh.m4:606: AS_IF is expanded from...
+../../lib/autoconf/functions.m4:60: AC_CHECK_FUNC is expanded from...
+configure.in:1043: the top level])
+m4trace:configure.in:1043: -1- AC_DEFINE_TRACE_LITERAL([HAVE_GETHOSTBYNAME_R_5_ARGS])
+m4trace:configure.in:1043: -1- m4_pattern_allow([^HAVE_GETHOSTBYNAME_R_5_ARGS$])
+m4trace:configure.in:1043: -1- _m4_warn([obsolete], [The macro `AC_TRY_COMPILE' is obsolete.
+You should run autoupdate.], [../../lib/autoconf/general.m4:2615: AC_TRY_COMPILE is expanded from...
+../../lib/m4sugar/m4sh.m4:606: AS_IF is expanded from...
+../../lib/autoconf/general.m4:2591: _AC_COMPILE_IFELSE is expanded from...
+../../lib/autoconf/general.m4:2607: AC_COMPILE_IFELSE is expanded from...
+../../lib/autoconf/general.m4:2615: AC_TRY_COMPILE is expanded from...
+../../lib/m4sugar/m4sh.m4:606: AS_IF is expanded from...
+../../lib/autoconf/general.m4:2591: _AC_COMPILE_IFELSE is expanded from...
+../../lib/autoconf/general.m4:2607: AC_COMPILE_IFELSE is expanded from...
+../../lib/autoconf/general.m4:2615: AC_TRY_COMPILE is expanded from...
+../../lib/m4sugar/m4sh.m4:606: AS_IF is expanded from...
+../../lib/autoconf/functions.m4:60: AC_CHECK_FUNC is expanded from...
+configure.in:1043: the top level])
+m4trace:configure.in:1043: -1- AC_DEFINE_TRACE_LITERAL([HAVE_GETHOSTBYNAME_R_3_ARGS])
+m4trace:configure.in:1043: -1- m4_pattern_allow([^HAVE_GETHOSTBYNAME_R_3_ARGS$])
+m4trace:configure.in:1086: -1- _m4_warn([obsolete], [The macro `AC_TRY_COMPILE' is obsolete.
+You should run autoupdate.], [../../lib/autoconf/general.m4:2615: AC_TRY_COMPILE is expanded from...
+../../lib/m4sugar/m4sh.m4:606: AS_IF is expanded from...
+../../lib/autoconf/functions.m4:60: AC_CHECK_FUNC is expanded from...
+configure.in:1086: the top level])
+m4trace:configure.in:1086: -1- AC_DEFINE_TRACE_LITERAL([HAVE_GMTIME_R])
+m4trace:configure.in:1086: -1- m4_pattern_allow([^HAVE_GMTIME_R$])
+m4trace:configure.in:1104: -1- _m4_warn([obsolete], [The macro `AC_TRY_COMPILE' is obsolete.
+You should run autoupdate.], [../../lib/autoconf/general.m4:2615: AC_TRY_COMPILE is expanded from...
+../../lib/m4sugar/m4sh.m4:606: AS_IF is expanded from...
+../../lib/autoconf/functions.m4:60: AC_CHECK_FUNC is expanded from...
+configure.in:1104: the top level])
+m4trace:configure.in:1104: -1- AC_DEFINE_TRACE_LITERAL([HAVE_LOCALTIME_R])
+m4trace:configure.in:1104: -1- m4_pattern_allow([^HAVE_LOCALTIME_R$])
+m4trace:configure.in:1136: -1- AC_DEFINE_TRACE_LITERAL([__EXTENSIONS__])
+m4trace:configure.in:1136: -1- m4_pattern_allow([^__EXTENSIONS__$])
+m4trace:configure.in:1149: -1- AC_SUBST([SOCKET_LIB])
+m4trace:configure.in:1149: -1- AC_SUBST_TRACE([SOCKET_LIB])
+m4trace:configure.in:1149: -1- m4_pattern_allow([^SOCKET_LIB$])
+m4trace:configure.in:1158: -2- AC_DEFINE_TRACE_LITERAL([socklen_t])
+m4trace:configure.in:1158: -2- m4_pattern_allow([^socklen_t$])
+m4trace:configure.in:1158: -2- AH_OUTPUT([socklen_t], [/* Define to \'int\' if <sys/socket.h> doesn\'t have it. */
+@%:@undef socklen_t])
+m4trace:configure.in:1171: -1- AC_SUBST([SOCKET_LIB])
+m4trace:configure.in:1171: -1- AC_SUBST_TRACE([SOCKET_LIB])
+m4trace:configure.in:1171: -1- m4_pattern_allow([^SOCKET_LIB$])
+m4trace:configure.in:1202: -1- AC_SUBST([AMIGAOS_ONLY])
+m4trace:configure.in:1202: -1- AC_SUBST_TRACE([AMIGAOS_ONLY])
+m4trace:configure.in:1202: -1- m4_pattern_allow([^AMIGAOS_ONLY$])
+m4trace:configure.in:1210: -1- AC_DEFINE_TRACE_LITERAL([STDC_HEADERS])
+m4trace:configure.in:1210: -1- m4_pattern_allow([^STDC_HEADERS$])
+m4trace:configure.in:1210: -1- AH_OUTPUT([STDC_HEADERS], [/* Define to 1 if you have the ANSI C header files. */
+@%:@undef STDC_HEADERS])
+m4trace:configure.in:1211: -1- AH_OUTPUT([HAVE_DIRENT_H], [/* Define to 1 if you have the <dirent.h> header file, and it defines `DIR\'.
+   */
+@%:@undef HAVE_DIRENT_H])
+m4trace:configure.in:1211: -1- AH_OUTPUT([HAVE_SYS_NDIR_H], [/* Define to 1 if you have the <sys/ndir.h> header file, and it defines `DIR\'.
+   */
+@%:@undef HAVE_SYS_NDIR_H])
+m4trace:configure.in:1211: -1- AH_OUTPUT([HAVE_SYS_DIR_H], [/* Define to 1 if you have the <sys/dir.h> header file, and it defines `DIR\'.
+   */
+@%:@undef HAVE_SYS_DIR_H])
+m4trace:configure.in:1211: -1- AH_OUTPUT([HAVE_NDIR_H], [/* Define to 1 if you have the <ndir.h> header file, and it defines `DIR\'. */
+@%:@undef HAVE_NDIR_H])
+m4trace:configure.in:1212: -1- AC_DEFINE_TRACE_LITERAL([const])
+m4trace:configure.in:1212: -1- m4_pattern_allow([^const$])
+m4trace:configure.in:1212: -1- AH_OUTPUT([const], [/* Define to empty if `const\' does not conform to ANSI C. */
+@%:@undef const])
+m4trace:configure.in:1213: -1- AC_DEFINE_TRACE_LITERAL([size_t])
+m4trace:configure.in:1213: -1- m4_pattern_allow([^size_t$])
+m4trace:configure.in:1213: -1- AH_OUTPUT([size_t], [/* Define to `unsigned int\' if <sys/types.h> does not define. */
+@%:@undef size_t])
+m4trace:configure.in:1214: -1- AC_DEFINE_TRACE_LITERAL([pid_t])
+m4trace:configure.in:1214: -1- m4_pattern_allow([^pid_t$])
+m4trace:configure.in:1214: -1- AH_OUTPUT([pid_t], [/* Define to `int\' if <sys/types.h> does not define. */
+@%:@undef pid_t])
+m4trace:configure.in:1215: -1- AC_DEFINE_TRACE_LITERAL([TIME_WITH_SYS_TIME])
+m4trace:configure.in:1215: -1- m4_pattern_allow([^TIME_WITH_SYS_TIME$])
+m4trace:configure.in:1215: -1- AH_OUTPUT([TIME_WITH_SYS_TIME], [/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
+@%:@undef TIME_WITH_SYS_TIME])
+m4trace:configure.in:1216: -1- AC_DEFINE_TRACE_LITERAL([TM_IN_SYS_TIME])
+m4trace:configure.in:1216: -1- m4_pattern_allow([^TM_IN_SYS_TIME$])
+m4trace:configure.in:1216: -1- AH_OUTPUT([TM_IN_SYS_TIME], [/* Define to 1 if your <sys/time.h> declares `struct tm\'. */
+@%:@undef TM_IN_SYS_TIME])
+m4trace:configure.in:1217: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_INT])
+m4trace:configure.in:1217: -1- m4_pattern_allow([^SIZEOF_INT$])
+m4trace:configure.in:1217: -1- AH_OUTPUT([SIZEOF_INT], [/* The size of `int\', as computed by sizeof. */
+@%:@undef SIZEOF_INT])
+m4trace:configure.in:1218: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_CHAR_P])
+m4trace:configure.in:1218: -1- m4_pattern_allow([^SIZEOF_CHAR_P$])
+m4trace:configure.in:1218: -1- AH_OUTPUT([SIZEOF_CHAR_P], [/* The size of `char *\', as computed by sizeof. */
+@%:@undef SIZEOF_CHAR_P])
+m4trace:configure.in:1219: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_LONG])
+m4trace:configure.in:1219: -1- m4_pattern_allow([^SIZEOF_LONG$])
+m4trace:configure.in:1219: -1- AH_OUTPUT([SIZEOF_LONG], [/* The size of `long\', as computed by sizeof. */
+@%:@undef SIZEOF_LONG])
+m4trace:configure.in:1220: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_LONG_LONG])
+m4trace:configure.in:1220: -1- m4_pattern_allow([^SIZEOF_LONG_LONG$])
+m4trace:configure.in:1220: -1- AH_OUTPUT([SIZEOF_LONG_LONG], [/* The size of `long long\', as computed by sizeof. */
+@%:@undef SIZEOF_LONG_LONG])
+m4trace:configure.in:1221: -1- AC_DEFINE_TRACE_LITERAL([SIZEOF_SIZE_T])
+m4trace:configure.in:1221: -1- m4_pattern_allow([^SIZEOF_SIZE_T$])
+m4trace:configure.in:1221: -1- AH_OUTPUT([SIZEOF_SIZE_T], [/* The size of `size_t\', as computed by sizeof. */
+@%:@undef SIZEOF_SIZE_T])
+m4trace:configure.in:1226: -1- AH_OUTPUT([HAVE_OS_H], [/* Define to 1 if you have the <OS.h> header file. */
+@%:@undef HAVE_OS_H])
+m4trace:configure.in:1226: -1- AH_OUTPUT([HAVE_ARPA_INET_H], [/* Define to 1 if you have the <arpa/inet.h> header file. */
+@%:@undef HAVE_ARPA_INET_H])
+m4trace:configure.in:1226: -1- AH_OUTPUT([HAVE_ERRNO_H], [/* Define to 1 if you have the <errno.h> header file. */
+@%:@undef HAVE_ERRNO_H])
+m4trace:configure.in:1226: -1- AH_OUTPUT([HAVE_FCNTL_H], [/* Define to 1 if you have the <fcntl.h> header file. */
+@%:@undef HAVE_FCNTL_H])
+m4trace:configure.in:1226: -1- AH_OUTPUT([HAVE_LIMITS_H], [/* Define to 1 if you have the <limits.h> header file. */
+@%:@undef HAVE_LIMITS_H])
+m4trace:configure.in:1226: -1- AH_OUTPUT([HAVE_LOCALE_H], [/* Define to 1 if you have the <locale.h> header file. */
+@%:@undef HAVE_LOCALE_H])
+m4trace:configure.in:1226: -1- AH_OUTPUT([HAVE_NETDB_H], [/* Define to 1 if you have the <netdb.h> header file. */
+@%:@undef HAVE_NETDB_H])
+m4trace:configure.in:1226: -1- AH_OUTPUT([HAVE_NETINET_IN_H], [/* Define to 1 if you have the <netinet/in.h> header file. */
+@%:@undef HAVE_NETINET_IN_H])
+m4trace:configure.in:1226: -1- AH_OUTPUT([HAVE_STDDEF_H], [/* Define to 1 if you have the <stddef.h> header file. */
+@%:@undef HAVE_STDDEF_H])
+m4trace:configure.in:1226: -1- AH_OUTPUT([HAVE_STDLIB_H], [/* Define to 1 if you have the <stdlib.h> header file. */
+@%:@undef HAVE_STDLIB_H])
+m4trace:configure.in:1226: -1- AH_OUTPUT([HAVE_STRING_H], [/* Define to 1 if you have the <string.h> header file. */
+@%:@undef HAVE_STRING_H])
+m4trace:configure.in:1226: -1- AH_OUTPUT([HAVE_SYS_IOCTL_H], [/* Define to 1 if you have the <sys/ioctl.h> header file. */
+@%:@undef HAVE_SYS_IOCTL_H])
+m4trace:configure.in:1226: -1- AH_OUTPUT([HAVE_SYS_SOCKET_H], [/* Define to 1 if you have the <sys/socket.h> header file. */
+@%:@undef HAVE_SYS_SOCKET_H])
+m4trace:configure.in:1226: -1- AH_OUTPUT([HAVE_SYS_TIME_H], [/* Define to 1 if you have the <sys/time.h> header file. */
+@%:@undef HAVE_SYS_TIME_H])
+m4trace:configure.in:1226: -1- AH_OUTPUT([HAVE_SYS_TIMEB_H], [/* Define to 1 if you have the <sys/timeb.h> header file. */
+@%:@undef HAVE_SYS_TIMEB_H])
+m4trace:configure.in:1226: -1- AH_OUTPUT([HAVE_SYS_WAIT_H], [/* Define to 1 if you have the <sys/wait.h> header file. */
+@%:@undef HAVE_SYS_WAIT_H])
+m4trace:configure.in:1226: -1- AH_OUTPUT([HAVE_UNISTD_H], [/* Define to 1 if you have the <unistd.h> header file. */
+@%:@undef HAVE_UNISTD_H])
+m4trace:configure.in:1232: -1- AH_OUTPUT([HAVE_STRERROR], [/* Define to 1 if you have the `strerror\' function. */
+@%:@undef HAVE_STRERROR])
+m4trace:configure.in:1232: -1- AH_OUTPUT([HAVE_BCOPY], [/* Define to 1 if you have the `bcopy\' function. */
+@%:@undef HAVE_BCOPY])
+m4trace:configure.in:1232: -1- AH_OUTPUT([HAVE_MEMMOVE], [/* Define to 1 if you have the `memmove\' function. */
+@%:@undef HAVE_MEMMOVE])
+m4trace:configure.in:1236: -1- AC_DEFINE_TRACE_LITERAL([SETPGRP_VOID])
+m4trace:configure.in:1236: -1- m4_pattern_allow([^SETPGRP_VOID$])
+m4trace:configure.in:1236: -1- AH_OUTPUT([SETPGRP_VOID], [/* Define to 1 if the `setpgrp\' function takes no argument. */
+@%:@undef SETPGRP_VOID])
+m4trace:configure.in:1237: -1- _m4_warn([obsolete], [The macro `AC_TYPE_SIGNAL' is obsolete.
+You should run autoupdate.], [../../lib/autoconf/types.m4:738: AC_TYPE_SIGNAL is expanded from...
+configure.in:1237: the top level])
+m4trace:configure.in:1237: -1- AC_DEFINE_TRACE_LITERAL([RETSIGTYPE])
+m4trace:configure.in:1237: -1- m4_pattern_allow([^RETSIGTYPE$])
+m4trace:configure.in:1237: -1- AH_OUTPUT([RETSIGTYPE], [/* Define as the return type of signal handlers (`int\' or `void\'). */
+@%:@undef RETSIGTYPE])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_ACCESS], [/* Define to 1 if you have the `access\' function. */
+@%:@undef HAVE_ACCESS])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_ATEXIT], [/* Define to 1 if you have the `atexit\' function. */
+@%:@undef HAVE_ATEXIT])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_GETCWD], [/* Define to 1 if you have the `getcwd\' function. */
+@%:@undef HAVE_GETCWD])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_GETHOSTBYADDR], [/* Define to 1 if you have the `gethostbyaddr\' function. */
+@%:@undef HAVE_GETHOSTBYADDR])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_GETHOSTBYADDR_R], [/* Define to 1 if you have the `gethostbyaddr_r\' function. */
+@%:@undef HAVE_GETHOSTBYADDR_R])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_GETHOSTBYNAME], [/* Define to 1 if you have the `gethostbyname\' function. */
+@%:@undef HAVE_GETHOSTBYNAME])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_GETHOSTBYNAME_R], [/* Define to 1 if you have the `gethostbyname_r\' function. */
+@%:@undef HAVE_GETHOSTBYNAME_R])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_GETTIMEOFDAY], [/* Define to 1 if you have the `gettimeofday\' function. */
+@%:@undef HAVE_GETTIMEOFDAY])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_INET_NTOA], [/* Define to 1 if you have the `inet_ntoa\' function. */
+@%:@undef HAVE_INET_NTOA])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_LOCALTIME_R], [/* Define to 1 if you have the `localtime_r\' function. */
+@%:@undef HAVE_LOCALTIME_R])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_MEMCHR], [/* Define to 1 if you have the `memchr\' function. */
+@%:@undef HAVE_MEMCHR])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_MEMMOVE], [/* Define to 1 if you have the `memmove\' function. */
+@%:@undef HAVE_MEMMOVE])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_MEMSET], [/* Define to 1 if you have the `memset\' function. */
+@%:@undef HAVE_MEMSET])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_POLL], [/* Define to 1 if you have the `poll\' function. */
+@%:@undef HAVE_POLL])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_PUTENV], [/* Define to 1 if you have the `putenv\' function. */
+@%:@undef HAVE_PUTENV])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_RANDOM], [/* Define to 1 if you have the `random\' function. */
+@%:@undef HAVE_RANDOM])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_REGCOMP], [/* Define to 1 if you have the `regcomp\' function. */
+@%:@undef HAVE_REGCOMP])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_SELECT], [/* Define to 1 if you have the `select\' function. */
+@%:@undef HAVE_SELECT])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_SETLOCALE], [/* Define to 1 if you have the `setlocale\' function. */
+@%:@undef HAVE_SETLOCALE])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_SNPRINTF], [/* Define to 1 if you have the `snprintf\' function. */
+@%:@undef HAVE_SNPRINTF])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_SOCKET], [/* Define to 1 if you have the `socket\' function. */
+@%:@undef HAVE_SOCKET])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_STRCHR], [/* Define to 1 if you have the `strchr\' function. */
+@%:@undef HAVE_STRCHR])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_STRDUP], [/* Define to 1 if you have the `strdup\' function. */
+@%:@undef HAVE_STRDUP])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_STRERROR], [/* Define to 1 if you have the `strerror\' function. */
+@%:@undef HAVE_STRERROR])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_STRFTIME], [/* Define to 1 if you have the `strftime\' function. */
+@%:@undef HAVE_STRFTIME])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_STRLCAT], [/* Define to 1 if you have the `strlcat\' function. */
+@%:@undef HAVE_STRLCAT])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_STRLCPY], [/* Define to 1 if you have the `strlcpy\' function. */
+@%:@undef HAVE_STRLCPY])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_STRPTIME], [/* Define to 1 if you have the `strptime\' function. */
+@%:@undef HAVE_STRPTIME])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_STRSTR], [/* Define to 1 if you have the `strstr\' function. */
+@%:@undef HAVE_STRSTR])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_STRTOUL], [/* Define to 1 if you have the `strtoul\' function. */
+@%:@undef HAVE_STRTOUL])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_TIMEGM], [/* Define to 1 if you have the `timegm\' function. */
+@%:@undef HAVE_TIMEGM])
+m4trace:configure.in:1240: -1- AH_OUTPUT([HAVE_TZSET], [/* Define to 1 if you have the `tzset\' function. */
+@%:@undef HAVE_TZSET])
+m4trace:configure.in:1249: -1- AC_DEFINE_TRACE_LITERAL([PCRE_H_IN_SUBDIR])
+m4trace:configure.in:1249: -1- m4_pattern_allow([^PCRE_H_IN_SUBDIR$])
+m4trace:configure.in:1259: -1- AC_DEFINE_TRACE_LITERAL([PCREPOSIX_H_IN_SUBDIR])
+m4trace:configure.in:1259: -1- m4_pattern_allow([^PCREPOSIX_H_IN_SUBDIR$])
+m4trace:configure.in:1284: -1- AC_DEFINE_TRACE_LITERAL([__MT__])
+m4trace:configure.in:1284: -1- m4_pattern_allow([^__MT__$])
+m4trace:configure.in:1294: -2- AC_DEFINE_TRACE_LITERAL([FEATURE_TOGGLE])
+m4trace:configure.in:1294: -2- m4_pattern_allow([^FEATURE_TOGGLE$])
+m4trace:configure.in:1290: -1- AC_DEFINE_TRACE_LITERAL([FEATURE_TOGGLE])
+m4trace:configure.in:1290: -1- m4_pattern_allow([^FEATURE_TOGGLE$])
+m4trace:configure.in:1300: -2- AC_DEFINE_TRACE_LITERAL([FEATURE_FORCE_LOAD])
+m4trace:configure.in:1300: -2- m4_pattern_allow([^FEATURE_FORCE_LOAD$])
+m4trace:configure.in:1296: -1- AC_DEFINE_TRACE_LITERAL([FEATURE_FORCE_LOAD])
+m4trace:configure.in:1296: -1- m4_pattern_allow([^FEATURE_FORCE_LOAD$])
+m4trace:configure.in:1306: -2- AC_DEFINE_TRACE_LITERAL([FEATURE_FAST_REDIRECTS])
+m4trace:configure.in:1306: -2- m4_pattern_allow([^FEATURE_FAST_REDIRECTS$])
+m4trace:configure.in:1302: -1- AC_DEFINE_TRACE_LITERAL([FEATURE_FAST_REDIRECTS])
+m4trace:configure.in:1302: -1- m4_pattern_allow([^FEATURE_FAST_REDIRECTS$])
+m4trace:configure.in:1312: -2- AC_DEFINE_TRACE_LITERAL([FEATURE_STATISTICS])
+m4trace:configure.in:1312: -2- m4_pattern_allow([^FEATURE_STATISTICS$])
+m4trace:configure.in:1308: -1- AC_DEFINE_TRACE_LITERAL([FEATURE_STATISTICS])
+m4trace:configure.in:1308: -1- m4_pattern_allow([^FEATURE_STATISTICS$])
+m4trace:configure.in:1314: -1- AC_DEFINE_TRACE_LITERAL([FEATURE_IMAGE_DETECT_MSIE])
+m4trace:configure.in:1314: -1- m4_pattern_allow([^FEATURE_IMAGE_DETECT_MSIE$])
+m4trace:configure.in:1327: -2- AC_DEFINE_TRACE_LITERAL([FEATURE_IMAGE_BLOCKING])
+m4trace:configure.in:1327: -2- m4_pattern_allow([^FEATURE_IMAGE_BLOCKING$])
+m4trace:configure.in:1321: -1- AC_DEFINE_TRACE_LITERAL([FEATURE_IMAGE_BLOCKING])
+m4trace:configure.in:1321: -1- m4_pattern_allow([^FEATURE_IMAGE_BLOCKING$])
+m4trace:configure.in:1335: -2- AC_DEFINE_TRACE_LITERAL([FEATURE_ACL])
+m4trace:configure.in:1335: -2- m4_pattern_allow([^FEATURE_ACL$])
+m4trace:configure.in:1329: -1- AC_DEFINE_TRACE_LITERAL([FEATURE_ACL])
+m4trace:configure.in:1329: -1- m4_pattern_allow([^FEATURE_ACL$])
+m4trace:configure.in:1342: -2- AC_DEFINE_TRACE_LITERAL([FEATURE_TRUST])
+m4trace:configure.in:1342: -2- m4_pattern_allow([^FEATURE_TRUST$])
+m4trace:configure.in:1337: -1- AC_DEFINE_TRACE_LITERAL([FEATURE_TRUST])
+m4trace:configure.in:1337: -1- m4_pattern_allow([^FEATURE_TRUST$])
+m4trace:configure.in:1350: -2- AC_DEFINE_TRACE_LITERAL([FEATURE_CGI_EDIT_ACTIONS])
+m4trace:configure.in:1350: -2- m4_pattern_allow([^FEATURE_CGI_EDIT_ACTIONS$])
+m4trace:configure.in:1344: -1- AC_DEFINE_TRACE_LITERAL([FEATURE_CGI_EDIT_ACTIONS])
+m4trace:configure.in:1344: -1- m4_pattern_allow([^FEATURE_CGI_EDIT_ACTIONS$])
+m4trace:configure.in:1352: -1- AC_DEFINE_TRACE_LITERAL([FEATURE_NO_GIFS])
+m4trace:configure.in:1352: -1- m4_pattern_allow([^FEATURE_NO_GIFS$])
+m4trace:configure.in:1359: -1- AC_DEFINE_TRACE_LITERAL([FEATURE_GRACEFUL_TERMINATION])
+m4trace:configure.in:1359: -1- m4_pattern_allow([^FEATURE_GRACEFUL_TERMINATION$])
+m4trace:configure.in:1365: -1- AC_DEFINE_TRACE_LITERAL([FEATURE_EXTENDED_HOST_PATTERNS])
+m4trace:configure.in:1365: -1- m4_pattern_allow([^FEATURE_EXTENDED_HOST_PATTERNS$])
+m4trace:configure.in:1400: -1- AC_DEFINE_TRACE_LITERAL([FEATURE_ZLIB])
+m4trace:configure.in:1400: -1- m4_pattern_allow([^FEATURE_ZLIB$])
+m4trace:configure.in:1400: -1- AH_OUTPUT([FEATURE_ZLIB], [/* Define to 1 to use compression through the zlib library. */
+@%:@undef FEATURE_ZLIB])
+m4trace:configure.in:1422: -1- AC_DEFINE_TRACE_LITERAL([STATIC_PCRE])
+m4trace:configure.in:1422: -1- m4_pattern_allow([^STATIC_PCRE$])
+m4trace:configure.in:1428: -1- AC_DEFINE_TRACE_LITERAL([FEATURE_CONNECTION_KEEP_ALIVE])
+m4trace:configure.in:1428: -1- m4_pattern_allow([^FEATURE_CONNECTION_KEEP_ALIVE$])
+m4trace:configure.in:1445: -1- AC_DEFINE_TRACE_LITERAL([STATIC_PCRS])
+m4trace:configure.in:1445: -1- m4_pattern_allow([^STATIC_PCRS$])
+m4trace:configure.in:1449: -1- AC_SUBST([STATIC_PCRE_ONLY])
+m4trace:configure.in:1449: -1- AC_SUBST_TRACE([STATIC_PCRE_ONLY])
+m4trace:configure.in:1449: -1- m4_pattern_allow([^STATIC_PCRE_ONLY$])
+m4trace:configure.in:1450: -1- AC_SUBST([STATIC_PCRS_ONLY])
+m4trace:configure.in:1450: -1- AC_SUBST_TRACE([STATIC_PCRS_ONLY])
+m4trace:configure.in:1450: -1- m4_pattern_allow([^STATIC_PCRS_ONLY$])
+m4trace:configure.in:1459: -1- AC_SUBST([SPECIAL_CFLAGS])
+m4trace:configure.in:1459: -1- AC_SUBST_TRACE([SPECIAL_CFLAGS])
+m4trace:configure.in:1459: -1- m4_pattern_allow([^SPECIAL_CFLAGS$])
+m4trace:configure.in:1461: -1- AC_SUBST([PTHREAD_LIB])
+m4trace:configure.in:1461: -1- AC_SUBST_TRACE([PTHREAD_LIB])
+m4trace:configure.in:1461: -1- m4_pattern_allow([^PTHREAD_LIB$])
+m4trace:configure.in:1463: -1- AC_CONFIG_FILES([GNUmakefile doc/source/ldp.dsl])
+m4trace:configure.in:1463: -1- _m4_warn([obsolete], [AC_OUTPUT should be used without arguments.
+You should run autoupdate.], [])
+m4trace:configure.in:1463: -1- AC_SUBST([LIB@&t at OBJS], [$ac_libobjs])
+m4trace:configure.in:1463: -1- AC_SUBST_TRACE([LIB@&t at OBJS])
+m4trace:configure.in:1463: -1- m4_pattern_allow([^LIB@&t at OBJS$])
+m4trace:configure.in:1463: -1- AC_SUBST([LTLIBOBJS], [$ac_ltlibobjs])
+m4trace:configure.in:1463: -1- AC_SUBST_TRACE([LTLIBOBJS])
+m4trace:configure.in:1463: -1- m4_pattern_allow([^LTLIBOBJS$])
+m4trace:configure.in:1463: -1- AC_SUBST_TRACE([top_builddir])
+m4trace:configure.in:1463: -1- AC_SUBST_TRACE([top_build_prefix])
+m4trace:configure.in:1463: -1- AC_SUBST_TRACE([srcdir])
+m4trace:configure.in:1463: -1- AC_SUBST_TRACE([abs_srcdir])
+m4trace:configure.in:1463: -1- AC_SUBST_TRACE([top_srcdir])
+m4trace:configure.in:1463: -1- AC_SUBST_TRACE([abs_top_srcdir])
+m4trace:configure.in:1463: -1- AC_SUBST_TRACE([builddir])
+m4trace:configure.in:1463: -1- AC_SUBST_TRACE([abs_builddir])
+m4trace:configure.in:1463: -1- AC_SUBST_TRACE([abs_top_builddir])
+m4trace:configure.in:1463: -1- AC_SUBST_TRACE([INSTALL])
diff --git a/external/privoxy/cgi.c b/external/privoxy/cgi.c
new file mode 100644
index 0000000..61ff069
--- /dev/null
+++ b/external/privoxy/cgi.c
@@ -0,0 +1,2987 @@
+const char cgi_rcs[] = "$Id: cgi.c,v 1.116 2009/03/15 14:59:34 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/cgi.c,v $
+ *
+ * Purpose     :  Declares functions to intercept request, generate
+ *                html or gif answers, and to compose HTTP resonses.
+ *                This only contains the framework functions, the
+ *                actual handler functions are declared elsewhere.
+ *                
+ *                Functions declared include:
+ * 
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2004, 2006-2008
+ *                the SourceForge Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: cgi.c,v $
+ *    Revision 1.116  2009/03/15 14:59:34  fabiankeil
+ *    Cosmetics.
+ *
+ *    Revision 1.115  2009/03/01 18:28:23  fabiankeil
+ *    Help clang understand that we aren't dereferencing
+ *    NULL pointers here.
+ *
+ *    Revision 1.114  2008/12/04 18:15:04  fabiankeil
+ *    Fix some cparser warnings.
+ *
+ *    Revision 1.113  2008/09/04 08:13:58  fabiankeil
+ *    Prepare for critical sections on Windows by adding a
+ *    layer of indirection before the pthread mutex functions.
+ *
+ *    Revision 1.112  2008/08/31 16:08:12  fabiankeil
+ *    "View the request headers" isn't more equal than the other
+ *    menu items and thus doesn't need a trailing dot either.
+ *
+ *    Revision 1.111  2008/08/31 15:59:02  fabiankeil
+ *    There's no reason to let remote toggling support depend
+ *    on FEATURE_CGI_EDIT_ACTIONS, so make sure it doesn't.
+ *
+ *    Revision 1.110  2008/08/31 14:55:43  fabiankeil
+ *    Add a @date@ symbol to include a date(1)-like time string
+ *    in templates. Modified version of the patch Endre Szabo
+ *    submitted in #2026468.
+ *
+ *    Revision 1.109  2008/07/26 09:40:27  fabiankeil
+ *    Remove the unconditional block in get_http_time().
+ *    It's pointless now that it's no longer used to limit
+ *    dummy's scope. While at it, remove obvious comments
+ *    and a trailing space.
+ *
+ *    Revision 1.108  2008/05/26 17:30:53  fabiankeil
+ *    Provide an OpenSearch Description to access the
+ *    show-url-info page through "search engine plugins".
+ *
+ *    Revision 1.107  2008/05/26 16:23:19  fabiankeil
+ *    - Fix spelling in template-not-found message.
+ *    - Declare referrer_is_safe()'s alternative_prefix[] static.
+ *
+ *    Revision 1.106  2008/05/21 15:24:38  fabiankeil
+ *    Mark csp as immutable for a bunch of functions.
+ *
+ *    Revision 1.105  2008/04/17 14:40:47  fabiankeil
+ *    Provide get_http_time() with the buffer size so it doesn't
+ *    have to blindly assume that the buffer is big enough.
+ *
+ *    Revision 1.104  2008/03/26 18:07:06  fabiankeil
+ *    Add hostname directive. Closes PR#1918189.
+ *
+ *    Revision 1.103  2008/03/21 11:13:57  fabiankeil
+ *    Only gather host information if it's actually needed.
+ *    Also move the code out of accept_connection() so it's less likely
+ *    to delay other incoming connections if the host is misconfigured.
+ *
+ *    Revision 1.102  2008/02/23 16:33:43  fabiankeil
+ *    Let forward_url() use the standard parameter ordering
+ *    and mark its second parameter immutable.
+ *
+ *    Revision 1.101  2008/02/03 15:45:06  fabiankeil
+ *    Add SOCKS5 support for "Forwarding failure" CGI page.
+ *
+ *    Revision 1.100  2007/10/17 18:40:53  fabiankeil
+ *    - Send CGI pages as HTTP/1.1 unless the client asked for HTTP/1.0.
+ *    - White space fix.
+ *
+ *    Revision 1.99  2007/08/05 13:42:22  fabiankeil
+ *    #1763173 from Stefan Huehner: declare some more functions static.
+ *
+ *    Revision 1.98  2007/05/14 10:33:51  fabiankeil
+ *    - Use strlcpy() and strlcat() instead of strcpy() and strcat().
+ *
+ *    Revision 1.97  2007/04/09 18:11:35  fabiankeil
+ *    Don't mistake VC++'s _snprintf() for a snprintf() replacement.
+ *
+ *    Revision 1.96  2007/03/08 17:41:05  fabiankeil
+ *    Use sizeof() more often.
+ *
+ *    Revision 1.95  2007/02/10 17:01:37  fabiankeil
+ *    Don't overlook map result for the forwarding-type.
+ *
+ *    Revision 1.94  2007/02/08 19:44:49  fabiankeil
+ *    Use a transparent background for the PNG replacement pattern.
+ *
+ *    Revision 1.93  2007/02/07 10:45:22  fabiankeil
+ *    - Save the reason for generating http_responses.
+ *    - Fix --disable-toggle (again).
+ *    - Use TBL birthday hack for 403 responses as well.
+ *    - Uglify the @menu@ again to fix JavaScript
+ *      errors on the "blocked" template.
+ *    - Escape an ampersand in cgi_error_unknown().
+ *
+ *    Revision 1.92  2007/01/28 13:41:17  fabiankeil
+ *    - Add HEAD support to finish_http_response.
+ *    - Add error favicon to internal HTML error messages.
+ *
+ *    Revision 1.91  2007/01/27 13:09:16  fabiankeil
+ *    Add new config option "templdir" to
+ *    change the templates directory.
+ *
+ *    Revision 1.90  2007/01/25 13:47:26  fabiankeil
+ *    Added "forwarding-failed" template support for error_response().
+ *
+ *    Revision 1.89  2007/01/23 15:51:16  fabiankeil
+ *    Add favicon delivery functions.
+ *
+ *    Revision 1.88  2007/01/23 13:14:32  fabiankeil
+ *    - Map variables that aren't guaranteed to be
+ *      pure ASCII html_encoded.
+ *    - Use CGI_PREFIX to generate URL for user manual
+ *      CGI page to make sure CGI_SITE_2_PATH is included.
+ *
+ *    Revision 1.87  2007/01/22 15:34:13  fabiankeil
+ *    - "Protect" against a rather lame JavaScript-based
+ *      Privoxy detection "attack" and check the referrer
+ *      before delivering the CGI style sheet.
+ *    - Move referrer check for unsafe CGI pages into
+ *      referrer_is_safe() and log the result.
+ *    - Map @url@ in cgi-error-disabled page.
+ *      It's required for the "go there anyway" link.
+ *    - Mark *csp as immutable for grep_cgi_referrer().
+ *
+ *    Revision 1.86  2007/01/09 11:54:26  fabiankeil
+ *    Fix strdup() error handling in cgi_error_unknown()
+ *    and cgi_error_no_template(). Reported by Markus Elfring.
+ *
+ *    Revision 1.85  2007/01/05 14:19:02  fabiankeil
+ *    Handle pcrs_execute() errors in template_fill() properly.
+ *
+ *    Revision 1.84  2006/12/28 17:54:22  fabiankeil
+ *    Fixed gcc43 conversion warnings and replaced sprintf
+ *    calls with snprintf to give OpenBSD's gcc one less reason
+ *    to complain.
+ *
+ *    Revision 1.83  2006/12/17 19:35:19  fabiankeil
+ *    Escape ampersand in Privoxy menu.
+ *
+ *    Revision 1.82  2006/12/17 17:53:39  fabiankeil
+ *    Suppress the toggle link if remote toggling is disabled.
+ *
+ *    Revision 1.81  2006/12/09 13:49:16  fabiankeil
+ *    Fix configure option --disable-toggle.
+ *    Thanks to Peter Thoenen for reporting this.
+ *
+ *    Revision 1.80  2006/12/08 14:45:32  fabiankeil
+ *    Don't lose the FORCE_PREFIX in case of
+ *    connection problems. Fixes #612235.
+ *
+ *    Revision 1.79  2006/11/13 19:05:50  fabiankeil
+ *    Make pthread mutex locking more generic. Instead of
+ *    checking for OSX and OpenBSD, check for FEATURE_PTHREAD
+ *    and use mutex locking unless there is an _r function
+ *    available. Better safe than sorry.
+ *
+ *    Fixes "./configure --disable-pthread" and should result
+ *    in less threading-related problems on pthread-using platforms,
+ *    but it still doesn't fix BR#1122404.
+ *
+ *    Revision 1.78  2006/09/21 19:22:07  fabiankeil
+ *    Use CGI_PREFIX to check the referrer.
+ *    The check for "http://config.privoxy.org/" fails
+ *    if the user modified CGI_SITE_2_HOST.
+ *
+ *    Revision 1.77  2006/09/21 15:17:23  fabiankeil
+ *    Adjusted headers for Privoxy's cgi responses:
+ *    Don't set Last-Modified, Expires and Cache-Control
+ *    headers for redirects; always set "Connection: close".
+ *
+ *    Revision 1.76  2006/09/07 14:06:38  fabiankeil
+ *    Only predate the Last-Modified header for cgi responses
+ *    that are delivered with status code 404 or 503.
+ *
+ *    Revision 1.75  2006/09/07 11:56:39  fabiankeil
+ *    Mark cgi_send_user_manual as harmless,
+ *    to fix the access denied problem Hal spotted.
+ *    The manual has no secret content, therefore we
+ *    don't have to care about "secure" referrers.
+ *
+ *    Revision 1.74  2006/09/06 18:45:03  fabiankeil
+ *    Incorporate modified version of Roland Rosenfeld's patch to
+ *    optionally access the user-manual via Privoxy. Closes patch 679075.
+ *
+ *    Formatting changed to Privoxy style, added call to
+ *    cgi_error_no_template if the requested file doesn't
+ *    exist and modified check whether or not Privoxy itself
+ *    should serve the manual. Should work cross-platform now.
+ *
+ *    Revision 1.73  2006/08/03 02:46:41  david__schmidt
+ *    Incorporate Fabian Keil's patch work:http://www.fabiankeil.de/sourcecode/privoxy/
+ *
+ *    Revision 1.72  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.70.2.13  2004/02/17 13:30:23  oes
+ *    Moved cgi_error_disabled() from cgiedit.c to
+ *    cgi.c to re-enable build with --disable-editor.
+ *    Fixes Bug #892744. Thanks to Matthew Fischer
+ *    for spotting.
+ *
+ *    Revision 1.70.2.12  2003/12/17 16:33:16  oes
+ *     - Added new function cgi_redirect to handle creation of
+ *       HTTP redirect messages formerly repeated in the code.
+ *     - Send cgi_error_disabled instead of cgi_error_404 when
+ *       referrer check fails
+ *     - Dynamic content now gets Expires header field with date
+ *       in the past
+ *
+ *    Revision 1.70.2.11  2003/10/23 12:29:26  oes
+ *    Bugfix: Transparent PNG was not transparent. Thanks to
+ *    Dan Razzell of Starfish Systems for notice and new PNG.
+ *
+ *    Revision 1.70.2.10  2003/06/06 07:54:25  oes
+ *    Security fix: dspatch_known_cgi no longer considers an empty
+ *    referrer safe for critical CGIs, since malicious links could
+ *    reside on https:// locations which browsers don't advertize as
+ *    referrers. Closes bug #749916, thanks to Jeff Epler for the
+ *    hint. Goodbye One-Click[tm] toggling :-(
+ *
+ *    Revision 1.70.2.9  2003/05/08 15:11:31  oes
+ *    Nit
+ *
+ *    Revision 1.70.2.8  2003/04/29 13:33:51  oes
+ *    Killed a compiler warning on OSX
+ *
+ *    Revision 1.70.2.7  2003/04/03 13:50:58  oes
+ *    - Don't call cgi_error_disabled ifndef FEATURE_CGI_EDIT_ACTIONS
+ *      (fixes bug #710056)
+ *    - Show toggle info only if we have it
+ *
+ *    Revision 1.70.2.6  2003/03/12 01:26:25  david__schmidt
+ *    Move declaration of struct tm dummy outside of a control block so it is
+ *    accessible later on during snprintf in get_http_time.
+ *
+ *    Revision 1.70.2.5  2003/03/11 11:53:58  oes
+ *    Cosmetic: Renamed cryptic variable
+ *
+ *    Revision 1.70.2.4  2003/03/07 03:41:03  david__schmidt
+ *    Wrapping all *_r functions (the non-_r versions of them) with mutex semaphores for OSX.  Hopefully this will take care of all of those pesky crash reports.
+ *
+ *    Revision 1.70.2.3  2002/11/28 18:14:32  oes
+ *    Disable access to critical CGIs via untrusted referrers.
+ *    This prevents users from being tricked by malicious websites
+ *    into making unintentional configuration changes:
+ *
+ *     - Added flag to each cgi_dispatcher that allows or denies
+ *       external linking
+ *     - Introduced proviorical function that greps for the
+ *       referrer header before regular header parsing happens
+ *     - Added safety check to dispatch_known_cgi. CGI is called
+ *       if (cgi harmless || no referrer || we are referrer).
+ *       Else a) toggle calls are modified not to change status and
+ *       b) all other calls are denied.
+ *
+ *    Revision 1.70.2.2  2002/11/12 16:20:37  oes
+ *    Added missing #ifdef FEATURE_TOGGLE around g_bToggleIJB; fixes bug #636651
+ *
+ *    Revision 1.70.2.1  2002/08/05 11:17:46  oes
+ *    Fixed Bug #587820, i.e. added workaround for IE bug that includes fragment identifier in (cgi) query
+ *
+ *    Revision 1.70  2002/05/19 11:33:20  jongfoster
+ *    If a CGI error was not handled, and propogated back to
+ *    dispatch_known_cgi(), then it was assumed to be "out of memory".
+ *    This gave a very misleading error message.
+ *
+ *    Now other errors will cause a simple message giving the error
+ *    number and asking the user to report a bug.
+ *
+ *    Bug report:
+ *    http://sourceforge.net/tracker/index.php?func=detail
+ *    &aid=557905&group_id=11118&atid=111118
+ *
+ *    Revision 1.69  2002/05/14 21:28:40  oes
+ *     - Fixed add_help_link to link to the (now split) actions
+ *       part of the config chapter
+ *     - Renamed helplink export to actions-help-prefix
+ *
+ *    Revision 1.68  2002/05/12 21:36:29  jongfoster
+ *    Correcting function comments
+ *
+ *    Revision 1.67  2002/04/30 12:02:07  oes
+ *    Nit: updated a comment
+ *
+ *    Revision 1.66  2002/04/26 18:32:57  jongfoster
+ *    Fixing a memory leak on error
+ *
+ *    Revision 1.65  2002/04/26 12:53:51  oes
+ *     - New function add_help_link
+ *     - default_exports now exports links to the user manual
+ *       and a prefix for links into the config chapter
+ *
+ *    Revision 1.64  2002/04/24 02:17:21  oes
+ *     - Better descriptions for CGIs
+ *     - Hide edit-actions, more shortcuts
+ *     - Moved get_char_param, get_string_param and get_number_param here
+ *       from cgiedit.c
+ *
+ *    Revision 1.63  2002/04/15 19:06:43  jongfoster
+ *    Typos
+ *
+ *    Revision 1.62  2002/04/10 19:59:46  jongfoster
+ *    Fixes to #include in templates:
+ *    - Didn't close main file if loading an included template fails.
+ *    - I'm paranoid and want to disallow "#include /etc/passwd".
+ *
+ *    Revision 1.61  2002/04/10 13:37:48  oes
+ *    Made templates modular: template_load now recursive with max depth 1
+ *
+ *    Revision 1.60  2002/04/08 20:50:25  swa
+ *    fixed JB spelling
+ *
+ *    Revision 1.59  2002/04/05 15:51:51  oes
+ *     - added send-stylesheet CGI
+ *     - bugfix: error-pages now get correct request protocol
+ *     - fixed
+ *     - kludged CGI descriptions and menu not to break JS syntax
+ *
+ *    Revision 1.58  2002/03/29 03:33:13  david__schmidt
+ *    Fix Mac OSX compiler warnings
+ *
+ *    Revision 1.57  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.56  2002/03/24 17:50:46  jongfoster
+ *    Fixing compile error if actions file editor disabled
+ *
+ *    Revision 1.55  2002/03/24 16:55:06  oes
+ *    Making GIF checkerboard transparent
+ *
+ *    Revision 1.54  2002/03/24 16:18:15  jongfoster
+ *    Removing old logo
+ *
+ *    Revision 1.53  2002/03/24 16:06:00  oes
+ *    Correct transparency for checkerboard PNG. Thanks, Magnus!
+ *
+ *    Revision 1.52  2002/03/24 15:23:33  jongfoster
+ *    Name changes
+ *
+ *    Revision 1.51  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.50  2002/03/16 23:54:06  jongfoster
+ *    Adding graceful termination feature, to help look for memory leaks.
+ *    If you enable this (which, by design, has to be done by hand
+ *    editing config.h) and then go to http://i.j.b/die, then the program
+ *    will exit cleanly after the *next* request.  It should free all the
+ *    memory that was used.
+ *
+ *    Revision 1.49  2002/03/13 00:27:04  jongfoster
+ *    Killing warnings
+ *
+ *    Revision 1.48  2002/03/08 17:47:07  jongfoster
+ *    Adding comments
+ *
+ *    Revision 1.47  2002/03/08 16:41:33  oes
+ *    Added GIF images again
+ *
+ *    Revision 1.46  2002/03/07 03:48:38  oes
+ *     - Changed built-in images from GIF to PNG
+ *       (with regard to Unisys patent issue)
+ *     - Added a 4x4 pattern PNG which is less intrusive
+ *       than the logo but also clearly marks the deleted banners
+ *
+ *    Revision 1.45  2002/03/06 22:54:35  jongfoster
+ *    Automated function-comment nitpicking.
+ *
+ *    Revision 1.44  2002/03/05 22:43:45  david__schmidt
+ *    - Better error reporting on OS/2
+ *    - Fix double-slash comment (oops)
+ *
+ *    Revision 1.43  2002/03/05 21:33:45  david__schmidt
+ *    - Re-enable OS/2 building after new parms were added
+ *    - Fix false out of memory report when resolving CGI templates when no IP
+ *      address is available of failed attempt (a la no such domain)
+ *
+ *    Revision 1.42  2002/01/21 00:33:20  jongfoster
+ *    Replacing strsav() with the safer string_append() or string_join().
+ *    Adding map_block_keep() to save a few bytes in the edit-actions-list HTML.
+ *    Adding missing html_encode() to error message generators.
+ *    Adding edit-actions-section-swap and many "shortcuts" to the list of CGIs.
+ *
+ *    Revision 1.41  2002/01/17 20:56:22  jongfoster
+ *    Replacing hard references to the URL of the config interface
+ *    with #defines from project.h
+ *
+ *    Revision 1.40  2002/01/09 14:26:46  oes
+ *    Added support for thread-safe gmtime_r call.
+ *
+ *    Revision 1.39  2001/11/16 00:48:13  jongfoster
+ *    Fixing a compiler warning
+ *
+ *    Revision 1.38  2001/11/13 00:31:21  jongfoster
+ *    - Adding new CGIs for use by non-JavaScript browsers:
+ *        edit-actions-url-form
+ *        edit-actions-add-url-form
+ *        edit-actions-remove-url-form
+ *    - Fixing make_menu()'s HTML generation - it now quotes the href parameter.
+ *    - Fixing || bug.
+ *
+ *    Revision 1.37  2001/11/01 14:28:47  david__schmidt
+ *    Show enablement/disablement status in almost all templates.
+ *    There is a little trickiness here: apparent recursive resolution of
+ *    @if-enabled-then@ caused the toggle template to show status out-of-phase with
+ *    the actual enablement status.  So a similar construct,
+ *    @if-enabled-display-then@, is used to resolve the status display on non-'toggle'
+ *    templates.
+ *
+ *    Revision 1.36  2001/10/26 17:33:27  oes
+ *    marginal bugfix
+ *
+ *    Revision 1.35  2001/10/23 21:48:19  jongfoster
+ *    Cleaning up error handling in CGI functions - they now send back
+ *    a HTML error page and should never cause a FATAL error.  (Fixes one
+ *    potential source of "denial of service" attacks).
+ *
+ *    CGI actions file editor that works and is actually useful.
+ *
+ *    Ability to toggle Junkbuster remotely using a CGI call.
+ *
+ *    You can turn off both the above features in the main configuration
+ *    file, e.g. if you are running a multi-user proxy.
+ *
+ *    Revision 1.34  2001/10/18 22:22:09  david__schmidt
+ *    Only show "Local support" on templates conditionally:
+ *      - if either 'admin-address' or 'proxy-info-url' are uncommented in config
+ *      - if not, no Local support section appears
+ *
+ *    Revision 1.33  2001/10/14 22:28:41  jongfoster
+ *    Fixing stupid typo.
+ *
+ *    Revision 1.32  2001/10/14 22:20:18  jongfoster
+ *    - Changes to CGI dispatching method to match CGI names exactly,
+ *      rather than doing a prefix match.
+ *    - No longer need to count the length of the CGI handler names by hand.
+ *    - Adding new handler for 404 error when disptching a CGI, if none of
+ *      the handlers match.
+ *    - Adding new handlers for CGI actionsfile editor.
+ *
+ *    Revision 1.31  2001/10/10 10:56:39  oes
+ *    Failiure to load template now fatal. Before, the user got a hard-to-understand assertion failure from cgi.c
+ *
+ *    Revision 1.30  2001/10/02 15:30:57  oes
+ *    Introduced show-request cgi
+ *
+ *    Revision 1.29  2001/09/20 15:47:44  steudten
+ *
+ *    Fix BUG: Modify int size to size_t size in fill_template()
+ *     - removes big trouble on machines where sizeof(int) != sizeof(size_t).
+ *
+ *    Revision 1.28  2001/09/19 18:00:37  oes
+ *     - Deletef time() FIXME (Can't fail under Linux either, if
+ *       the argument is guaranteed to be in out address space,
+ *       which it is.)
+ *     - Fixed comments
+ *     - Pointer notation cosmetics
+ *     - Fixed a minor bug in template_fill(): Failiure of
+ *       pcrs_execute() now secure.
+ *
+ *    Revision 1.27  2001/09/16 17:08:54  jongfoster
+ *    Moving simple CGI functions from cgi.c to new file cgisimple.c
+ *
+ *    Revision 1.26  2001/09/16 15:47:37  jongfoster
+ *    First version of CGI-based edit interface.  This is very much a
+ *    work-in-progress, and you can't actually use it to edit anything
+ *    yet.  You must #define FEATURE_CGI_EDIT_ACTIONS for these changes
+ *    to have any effect.
+ *
+ *    Revision 1.25  2001/09/16 15:02:35  jongfoster
+ *    Adding i.j.b/robots.txt.
+ *    Inlining add_stats() since it's only ever called from one place.
+ *
+ *    Revision 1.24  2001/09/16 11:38:01  jongfoster
+ *    Splitting fill_template() into 2 functions:
+ *    template_load() loads the file
+ *    template_fill() performs the PCRS regexps.
+ *    This is because the CGI edit interface has a "table row"
+ *    template which is used many times in the page - this
+ *    change means it's only loaded from disk once.
+ *
+ *    Revision 1.23  2001/09/16 11:16:05  jongfoster
+ *    Better error handling in dispatch_cgi() and parse_cgi_parameters()
+ *
+ *    Revision 1.22  2001/09/16 11:00:10  jongfoster
+ *    New function alloc_http_response, for symmetry with free_http_response
+ *
+ *    Revision 1.21  2001/09/13 23:53:03  jongfoster
+ *    Support for both static and dynamically generated CGI pages.
+ *    Correctly setting Last-Modified: and Expires: HTTP headers.
+ *
+ *    Revision 1.20  2001/09/13 23:40:36  jongfoster
+ *    (Cosmetic only) Indentation correction
+ *
+ *    Revision 1.19  2001/09/13 23:31:25  jongfoster
+ *    Moving image data to cgi.c rather than cgi.h.
+ *
+ *    Revision 1.18  2001/08/05 16:06:20  jongfoster
+ *    Modifiying "struct map" so that there are now separate header and
+ *    "map_entry" structures.  This means that functions which modify a
+ *    map no longer need to return a pointer to the modified map.
+ *    Also, it no longer reverses the order of the entries (which may be
+ *    important with some advanced template substitutions).
+ *
+ *    Revision 1.17  2001/08/05 15:57:38  oes
+ *    Adapted finish_http_response to new list_to_text
+ *
+ *    Revision 1.16  2001/08/01 21:33:18  jongfoster
+ *    Changes to fill_template() that reduce memory usage without having
+ *    an impact on performance.  I also renamed some variables so as not
+ *    to clash with the C++ keywords "new" and "template".
+ *
+ *    Revision 1.15  2001/08/01 21:19:22  jongfoster
+ *    Moving file version information to a separate CGI page.
+ *
+ *    Revision 1.14  2001/08/01 00:19:03  jongfoster
+ *    New function: map_conditional() for an if-then-else syntax.
+ *    Changing to use new version of show_defines()
+ *
+ *    Revision 1.13  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.12  2001/07/29 18:47:05  jongfoster
+ *    Adding missing #include "loadcfg.h"
+ *
+ *    Revision 1.11  2001/07/18 17:24:37  oes
+ *    Changed to conform to new pcrs interface
+ *
+ *    Revision 1.10  2001/07/13 13:53:13  oes
+ *    Removed all #ifdef PCRS and related code
+ *
+ *    Revision 1.9  2001/06/29 21:45:41  oes
+ *    Indentation, CRLF->LF, Tab-> Space
+ *
+ *    Revision 1.8  2001/06/29 13:21:46  oes
+ *    - Cosmetics: renamed and reordered functions, variables,
+ *      texts, improved comments  etc
+ *
+ *    - Removed ij_untrusted_url() The relevant
+ *      info is now part of the "untrusted" page,
+ *      which is generated by filters.c:trust_url()
+ *
+ *    - Generators of content now call finish_http_response()
+ *      themselves, making jcc.c:chat() a little less
+ *      cluttered
+ *
+ *    - Removed obsolete "Pragma: no-cache" from our headers
+ *
+ *    - http_responses now know their head length
+ *
+ *    - fill_template now uses the new interface to pcrs, so that
+ *       - long jobs (like whole files) no longer have to be assembled
+ *         in a fixed size buffer
+ *       - the new T (trivial) option is used, and the replacement may
+ *         contain Perl syntax backrefs without confusing pcrs
+ *
+ *    - Introduced default_exports() which generates a set of exports
+ *      common to all CGIs and other content generators
+ *
+ *    - Introduced convenience function map_block_killer()
+ *
+ *    - Introduced convenience function make_menu()
+ *
+ *    - Introduced CGI-like function error_response() which generates
+ *      the "No such domain" and "Connect failed" messages using the
+ *      CGI platform
+ *
+ *    - cgi_show_url_info:
+ *      - adapted to new CGI features
+ *      - form and answers now generated from same template
+ *      - http:// prefix in URL now OK
+ *
+ *    - cgi_show_status:
+ *      - adapted to new CGI features
+ *      - no longer uses csp->init_proxy_args
+ *
+ *    - cgi_default:
+ *      - moved menu generation to make_menu()
+ *
+ *    - add_stats now writes single export map entries instead
+ *      of a fixed string
+ *
+ *    - Moved redirect_url() to filters.c
+ *
+ *    - Fixed mem leak in free_http_response(), map_block_killer(),
+ *
+ *    - Removed logentry from cancelled commit
+ *
+ *    Revision 1.7  2001/06/09 10:51:58  jongfoster
+ *    Changing "show URL info" handler to new style.
+ *    Changing BUFSIZ ==> BUFFER_SIZE
+ *
+ *    Revision 1.6  2001/06/07 23:05:19  jongfoster
+ *    Removing code related to old forward and ACL files.
+ *
+ *    Revision 1.5  2001/06/05 19:59:16  jongfoster
+ *    Fixing multiline character string (a GCC-only "feature"), and snprintf (it's _snprintf under VC++).
+ *
+ *    Revision 1.4  2001/06/04 10:41:52  swa
+ *    show version string of cgi.h and cgi.c
+ *
+ *    Revision 1.3  2001/06/03 19:12:16  oes
+ *    introduced new cgi handling
+ *
+ *    No revisions before 1.3
+ *
+ **********************************************************************/
+
+
+#include "config.h"
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <stdlib.h>
+#include <ctype.h>
+#include <string.h>
+#include <limits.h>
+#include <assert.h>
+
+#include "project.h"
+#include "cgi.h"
+#include "list.h"
+#include "encode.h"
+#include "ssplit.h"
+#include "errlog.h"
+#include "filters.h"
+#include "miscutil.h"
+#include "cgisimple.h"
+#include "jbsockets.h"
+#if defined(FEATURE_CGI_EDIT_ACTIONS) || defined(FEATURE_TOGGLE)
+#include "cgiedit.h"
+#endif /* defined(FEATURE_CGI_EDIT_ACTIONS) || defined (FEATURE_TOGGLE) */
+#include "loadcfg.h"
+/* loadcfg.h is for global_toggle_state only */
+#ifdef FEATURE_PTHREAD
+#include "jcc.h"
+/* jcc.h is for mutex semaphore globals only */
+#endif /* def FEATURE_PTHREAD */
+const char cgi_h_rcs[] = CGI_H_VERSION;
+
+/*
+ * List of CGI functions: name, handler, description
+ * Note: Do NOT use single quotes in the description;
+ *       this will break the dynamic "blocked" template!
+ */
+static const struct cgi_dispatcher cgi_dispatchers[] = {
+   { "",
+         cgi_default,
+         "Privoxy main page",
+         TRUE },
+#ifdef FEATURE_GRACEFUL_TERMINATION
+   { "die", 
+         cgi_die,  
+         "<b>Shut down</b> - <em class=\"warning\">Do not deploy this build in a production environment, "
+        "this is a one click Denial Of Service attack!!!</em>",
+         FALSE }, 
+#endif
+   { "show-status", 
+         cgi_show_status,  
+#ifdef FEATURE_CGI_EDIT_ACTIONS
+        "View & change the current configuration",
+#else
+        "View the current configuration",
+#endif
+         TRUE }, 
+   { "show-version", 
+         cgi_show_version,  
+         "View the source code version numbers",
+          TRUE }, 
+   { "show-request", 
+         cgi_show_request,  
+         "View the request headers",
+         TRUE }, 
+   { "show-url-info",
+         cgi_show_url_info, 
+         "Look up which actions apply to a URL and why",
+         TRUE },
+#ifdef FEATURE_TOGGLE
+   { "toggle",
+         cgi_toggle, 
+         "Toggle Privoxy on or off",
+         FALSE },
+#endif /* def FEATURE_TOGGLE */
+#ifdef FEATURE_CGI_EDIT_ACTIONS
+   { "edit-actions", /* Edit the actions list */
+         cgi_edit_actions, 
+         NULL, FALSE },
+   { "eaa", /* Shortcut for edit-actions-add-url-form */
+         cgi_edit_actions_add_url_form, 
+         NULL, FALSE },
+   { "eau", /* Shortcut for edit-actions-url-form */
+         cgi_edit_actions_url_form, 
+         NULL, FALSE },
+   { "ear", /* Shortcut for edit-actions-remove-url-form */
+         cgi_edit_actions_remove_url_form, 
+         NULL, FALSE },
+   { "eal", /* Shortcut for edit-actions-list */
+         cgi_edit_actions_list, 
+         NULL, FALSE },
+   { "eafu", /* Shortcut for edit-actions-for-url */
+         cgi_edit_actions_for_url, 
+         NULL, FALSE },
+   { "eas", /* Shortcut for edit-actions-submit */
+         cgi_edit_actions_submit, 
+         NULL, FALSE },
+   { "easa", /* Shortcut for edit-actions-section-add */
+         cgi_edit_actions_section_add, 
+         NULL, FALSE  },
+   { "easr", /* Shortcut for edit-actions-section-remove */
+         cgi_edit_actions_section_remove, 
+         NULL, FALSE  },
+   { "eass", /* Shortcut for edit-actions-section-swap */
+         cgi_edit_actions_section_swap, 
+         NULL, FALSE  },
+   { "edit-actions-for-url",
+         cgi_edit_actions_for_url, 
+         NULL, FALSE  /* Edit the actions for (a) specified URL(s) */ },
+   { "edit-actions-list",
+         cgi_edit_actions_list, 
+         NULL, TRUE /* Edit the actions list */ },
+   { "edit-actions-submit",
+         cgi_edit_actions_submit, 
+         NULL, FALSE /* Change the actions for (a) specified URL(s) */ },
+   { "edit-actions-url",
+         cgi_edit_actions_url, 
+         NULL, FALSE /* Change a URL pattern in the actionsfile */ },
+   { "edit-actions-url-form",
+         cgi_edit_actions_url_form, 
+         NULL, FALSE /* Form to change a URL pattern in the actionsfile */ },
+   { "edit-actions-add-url",
+         cgi_edit_actions_add_url, 
+         NULL, FALSE /* Add a URL pattern to the actionsfile */ },
+   { "edit-actions-add-url-form",
+         cgi_edit_actions_add_url_form, 
+         NULL, FALSE /* Form to add a URL pattern to the actionsfile */ },
+   { "edit-actions-remove-url",
+         cgi_edit_actions_remove_url, 
+         NULL, FALSE /* Remove a URL pattern from the actionsfile */ },
+   { "edit-actions-remove-url-form",
+         cgi_edit_actions_remove_url_form, 
+         NULL, FALSE /* Form to remove a URL pattern from the actionsfile */ },
+   { "edit-actions-section-add",
+         cgi_edit_actions_section_add, 
+         NULL, FALSE /* Remove a section from the actionsfile */ },
+   { "edit-actions-section-remove",
+         cgi_edit_actions_section_remove, 
+         NULL, FALSE /* Remove a section from the actionsfile */ },
+   { "edit-actions-section-swap",
+         cgi_edit_actions_section_swap, 
+         NULL, FALSE /* Swap two sections in the actionsfile */ },
+#endif /* def FEATURE_CGI_EDIT_ACTIONS */
+   { "error-favicon.ico", 
+         cgi_send_error_favicon,  
+         NULL, TRUE /* Sends the favicon image for error pages. */ },
+   { "favicon.ico", 
+         cgi_send_default_favicon,  
+         NULL, TRUE /* Sends the default favicon image. */ },
+   { "robots.txt", 
+         cgi_robots_txt,  
+         NULL, TRUE /* Sends a robots.txt file to tell robots to go away. */ }, 
+   { "send-banner",
+         cgi_send_banner, 
+         NULL, TRUE /* Send a built-in image */ },
+   { "send-stylesheet",
+         cgi_send_stylesheet, 
+         NULL, FALSE /* Send templates/cgi-style.css */ },
+   { "t",
+         cgi_transparent_image, 
+         NULL, TRUE /* Send a transparent image (short name) */ },
+   { "url-info-osd.xml",
+         cgi_send_url_info_osd, 
+         NULL, TRUE /* Send templates/url-info-osd.xml */ },
+   { "user-manual",
+          cgi_send_user_manual,
+          NULL, TRUE /* Send user-manual */ },
+   { NULL, /* NULL Indicates end of list and default page */
+         cgi_error_404,
+         NULL, TRUE /* Unknown CGI page */ }
+};
+
+
+/*
+ * Built-in images for ad replacement
+ *
+ * Hint: You can encode your own images like this:
+ * cat your-image | perl -e 'while (read STDIN, $c, 1) { printf("\\%.3o", unpack("C", $c)); }'
+ */
+
+#ifdef FEATURE_NO_GIFS
+
+/*
+ * Checkerboard pattern, as a PNG.
+ */
+const char image_pattern_data[] =
+   "\211\120\116\107\015\012\032\012\000\000\000\015\111\110\104"
+   "\122\000\000\000\004\000\000\000\004\010\006\000\000\000\251"
+   "\361\236\176\000\000\000\006\142\113\107\104\000\000\000\000"
+   "\000\000\371\103\273\177\000\000\000\033\111\104\101\124\010"
+   "\327\143\140\140\140\060\377\377\377\077\003\234\106\341\060"
+   "\060\230\063\020\124\001\000\161\021\031\241\034\364\030\143"
+   "\000\000\000\000\111\105\116\104\256\102\140\202";
+
+/*
+ * 1x1 transparant PNG.
+ */
+const char image_blank_data[] =
+ "\211\120\116\107\015\012\032\012\000\000\000\015\111\110\104\122"
+ "\000\000\000\001\000\000\000\001\001\003\000\000\000\045\333\126"
+ "\312\000\000\000\003\120\114\124\105\377\377\377\247\304\033\310"
+ "\000\000\000\001\164\122\116\123\000\100\346\330\146\000\000\000"
+ "\001\142\113\107\104\000\210\005\035\110\000\000\000\012\111\104"
+ "\101\124\170\001\143\140\000\000\000\002\000\001\163\165\001\030"
+ "\000\000\000\000\111\105\116\104\256\102\140\202";
+#else
+
+/*
+ * Checkerboard pattern, as a GIF.
+ */
+const char image_pattern_data[] =
+   "\107\111\106\070\071\141\004\000\004\000\200\000\000\310\310"
+   "\310\377\377\377\041\376\016\111\040\167\141\163\040\141\040"
+   "\142\141\156\156\145\162\000\041\371\004\001\012\000\001\000"
+   "\054\000\000\000\000\004\000\004\000\000\002\005\104\174\147"
+   "\270\005\000\073";
+
+/*
+ * 1x1 transparant GIF.
+ */
+const char image_blank_data[] =
+   "GIF89a\001\000\001\000\200\000\000\377\377\377\000\000"
+   "\000!\371\004\001\000\000\000\000,\000\000\000\000\001"
+   "\000\001\000\000\002\002D\001\000;";
+#endif
+
+const size_t image_pattern_length = sizeof(image_pattern_data) - 1;
+const size_t image_blank_length   = sizeof(image_blank_data) - 1;
+
+
+static struct http_response cgi_error_memory_response[1];
+
+static struct http_response *dispatch_known_cgi(struct client_state * csp,
+                                                const char * path);
+static struct map *parse_cgi_parameters(char *argstring);
+
+
+/*********************************************************************
+ * 
+ * Function    :  dispatch_cgi
+ *
+ * Description :  Checks if a request URL has either the magical
+ *                hostname CGI_SITE_1_HOST (usually http://p.p/) or
+ *                matches CGI_SITE_2_HOST CGI_SITE_2_PATH (usually
+ *                http://config.privoxy.org/). If so, it passes
+ *                the (rest of the) path onto dispatch_known_cgi, which
+ *                calls the relevant CGI handler function.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  http_response if match, NULL if nonmatch or handler fail
+ *
+ *********************************************************************/
+struct http_response *dispatch_cgi(struct client_state *csp)
+{
+   const char *host = csp->http->host;
+   const char *path = csp->http->path;
+
+   /*
+    * Should we intercept ?
+    */
+
+   /* Note: "example.com" and "example.com." are equivalent hostnames. */
+
+   /* Either the host matches CGI_SITE_1_HOST ..*/
+   if (   ( (0 == strcmpic(host, CGI_SITE_1_HOST))
+         || (0 == strcmpic(host, CGI_SITE_1_HOST ".")))
+       && (path[0] == '/') )
+   {
+      /* ..then the path will all be for us.  Remove leading '/' */
+      path++;
+   }
+   /* Or it's the host part CGI_SITE_2_HOST, and the path CGI_SITE_2_PATH */
+   else if ( ( (0 == strcmpic(host, CGI_SITE_2_HOST ))
+            || (0 == strcmpic(host, CGI_SITE_2_HOST ".")) )
+          && (0 == strncmpic(path, CGI_SITE_2_PATH, strlen(CGI_SITE_2_PATH))) )
+   {
+      /* take everything following CGI_SITE_2_PATH */
+      path += strlen(CGI_SITE_2_PATH);
+      if (*path == '/')
+      {
+         /* skip the forward slash after CGI_SITE_2_PATH */
+         path++;
+      }
+      else if (*path != '\0')
+      {
+         /*
+          * weirdness: URL is /configXXX, where XXX is some string
+          * Do *NOT* intercept.
+          */
+         return NULL;
+      }
+   }
+   else
+   {
+      /* Not a CGI */
+      return NULL;
+   }
+
+   /* 
+    * This is a CGI call.
+    */
+
+   return dispatch_known_cgi(csp, path);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  grep_cgi_referrer
+ *
+ * Description :  Ugly provisorical fix that greps the value of the
+ *                referer HTTP header field out of a linked list of
+ *                strings like found at csp->headers. Will disappear
+ *                in Privoxy 3.1.
+ *
+ *                FIXME: csp->headers ought to be csp->http->headers
+ *                FIXME: Parsing all client header lines should
+ *                       happen right after the request is received!
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  pointer to value (no copy!), or NULL if none found.
+ *
+ *********************************************************************/
+static char *grep_cgi_referrer(const struct client_state *csp)
+{
+   struct list_entry *p;
+
+   for (p = csp->headers->first; p != NULL; p = p->next)
+   {
+      if (p->str == NULL) continue;
+      if (strncmpic(p->str, "Referer: ", 9) == 0)
+      {
+         return ((p->str) + 9);
+      }
+   }
+   return NULL;
+
+}
+
+
+/*********************************************************************
+ * 
+ * Function    :  referrer_is_safe
+ *
+ * Description :  Decides whether we trust the Referer for
+ *                CGI pages which are only meant to be reachable
+ *                through Privoxy's web interface directly.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  TRUE  if the referrer is safe, or
+ *                FALSE if the referrer is unsafe or not set.
+ *
+ *********************************************************************/
+static int referrer_is_safe(const struct client_state *csp)
+{
+   char *referrer;
+   static const char alternative_prefix[] = "http://" CGI_SITE_1_HOST "/";
+
+   referrer = grep_cgi_referrer(csp);
+
+   if (NULL == referrer)
+   {
+      /* No referrer, no access  */
+      log_error(LOG_LEVEL_ERROR, "Denying access to %s. No referrer found.",
+         csp->http->url);
+   }
+   else if ((0 == strncmp(referrer, CGI_PREFIX, sizeof(CGI_PREFIX)-1)
+         || (0 == strncmp(referrer, alternative_prefix, strlen(alternative_prefix)))))
+   {
+      /* Trustworthy referrer */
+      log_error(LOG_LEVEL_CGI, "Granting access to %s, referrer %s is trustworthy.",
+         csp->http->url, referrer);
+
+      return TRUE;
+   }
+   else
+   {
+      /* Untrustworthy referrer */
+      log_error(LOG_LEVEL_ERROR, "Denying access to %s, referrer %s isn't trustworthy.",
+         csp->http->url, referrer);
+   }
+
+   return FALSE;
+
+}
+
+/*********************************************************************
+ * 
+ * Function    :  dispatch_known_cgi
+ *
+ * Description :  Processes a CGI once dispatch_cgi has determined that
+ *                it matches one of the magic prefixes. Parses the path
+ *                as a cgi name plus query string, prepares a map that
+ *                maps CGI parameter names to their values, initializes
+ *                the http_response struct, and calls the relevant CGI
+ *                handler function.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  path = Path of CGI, with the CGI prefix removed.
+ *                       Should not have a leading "/".
+ *
+ * Returns     :  http_response, or NULL on handler failure or out of
+ *                memory.
+ *
+ *********************************************************************/
+static struct http_response *dispatch_known_cgi(struct client_state * csp,
+                                                const char * path)
+{
+   const struct cgi_dispatcher *d;
+   struct map *param_list;
+   struct http_response *rsp;
+   char *query_args_start;
+   char *path_copy;
+   jb_err err;
+
+   if (NULL == (path_copy = strdup(path)))
+   {
+      return cgi_error_memory();
+   }
+   query_args_start = path_copy;
+   while (*query_args_start && *query_args_start != '?' && *query_args_start != '/')
+   {
+      query_args_start++;
+   }
+   if (*query_args_start == '/') 
+   {
+      *query_args_start++ = '\0';
+      if ((param_list = new_map()))
+      {
+         map(param_list, "file", 1, url_decode(query_args_start), 0);
+      }
+   }
+   else
+   {
+      if (*query_args_start == '?')
+      {
+         *query_args_start++ = '\0';
+      }
+      if (NULL == (param_list = parse_cgi_parameters(query_args_start)))
+      {
+         free(path_copy);
+         return cgi_error_memory();
+      }
+   }
+
+   /*
+    * At this point:
+    * path_copy        = CGI call name
+    * param_list       = CGI params, as map
+    */
+
+   /* Get mem for response or fail*/
+   if (NULL == (rsp = alloc_http_response()))
+   {
+      free(path_copy);
+      free_map(param_list);
+      return cgi_error_memory();
+   }
+
+   /* 
+    * Find and start the right CGI function
+    */
+   d = cgi_dispatchers;
+   for (;;)
+   {
+      if ((d->name == NULL) || (strcmp(path_copy, d->name) == 0))
+      {
+         /*
+          * If the called CGI is either harmless, or referred
+          * from a trusted source, start it.
+          */
+         if (d->harmless || referrer_is_safe(csp))
+         {
+            err = (d->handler)(csp, rsp, param_list);
+         }
+         else
+         {
+            /*
+             * Else, modify toggle calls so that they only display
+             * the status, and deny all other calls.
+             */
+            if (0 == strcmp(path_copy, "toggle"))
+            {
+               unmap(param_list, "set");
+               err = (d->handler)(csp, rsp, param_list);
+            }
+            else
+            {
+               err = cgi_error_disabled(csp, rsp);
+            }
+         }
+
+         free(path_copy);
+         free_map(param_list);
+
+         if (err == JB_ERR_CGI_PARAMS)
+         {
+            err = cgi_error_bad_param(csp, rsp);
+         }
+         if (err && (err != JB_ERR_MEMORY))
+         {
+            /* Unexpected error! Shouldn't get here */
+            log_error(LOG_LEVEL_ERROR, "Unexpected CGI error %d in top-level handler.  Please file a bug report!", err);
+            err = cgi_error_unknown(csp, rsp, err);
+         }
+         if (!err)
+         {
+            /* It worked */
+            rsp->reason = RSP_REASON_CGI_CALL;
+            return finish_http_response(csp, rsp);
+         }
+         else
+         {
+            /* Error in handler, probably out-of-memory */
+            free_http_response(rsp);
+            return cgi_error_memory();
+         }
+      }
+      d++;
+   }
+}
+   
+        
+/*********************************************************************
+ *
+ * Function    :  parse_cgi_parameters
+ *
+ * Description :  Parse a URL-encoded argument string into name/value
+ *                pairs and store them in a struct map list.
+ *
+ * Parameters  :
+ *          1  :  argstring = string to be parsed.  Will be trashed.
+ *
+ * Returns     :  pointer to param list, or NULL if out of memory.
+ *
+ *********************************************************************/
+static struct map *parse_cgi_parameters(char *argstring)
+{
+   char *p;
+   char *vector[BUFFER_SIZE];
+   int pairs, i;
+   struct map *cgi_params;
+
+   if (NULL == (cgi_params = new_map()))
+   {
+      return NULL;
+   }
+
+   /* 
+    * IE 5 does, of course, violate RFC 2316 Sect 4.1 and sends
+    * the fragment identifier along with the request, so we must
+    * cut it off here, so it won't pollute the CGI params:
+    */
+   if (NULL != (p = strchr(argstring, '#')))
+   {
+      *p = '\0';
+   }
+
+   pairs = ssplit(argstring, "&", vector, SZ(vector), 1, 1);
+
+   for (i = 0; i < pairs; i++)
+   {
+      if ((NULL != (p = strchr(vector[i], '='))) && (*(p+1) != '\0'))
+      {
+         *p = '\0';
+         if (map(cgi_params, url_decode(vector[i]), 0, url_decode(++p), 0))
+         {
+            free_map(cgi_params);
+            return NULL;
+         }
+      }
+   }
+
+   return cgi_params;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_char_param
+ *
+ * Description :  Get a single-character parameter passed to a CGI
+ *                function.
+ *
+ * Parameters  :
+ *          1  :  parameters = map of cgi parameters
+ *          2  :  param_name = The name of the parameter to read
+ *
+ * Returns     :  Uppercase character on success, '\0' on error.
+ *
+ *********************************************************************/
+char get_char_param(const struct map *parameters,
+                    const char *param_name)
+{
+   char ch;
+
+   assert(parameters);
+   assert(param_name);
+
+   ch = *(lookup(parameters, param_name));
+   if ((ch >= 'a') && (ch <= 'z'))
+   {
+      ch = (char)(ch - 'a' + 'A');
+   }
+
+   return ch;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_string_param
+ *
+ * Description :  Get a string paramater, to be used as an
+ *                ACTION_STRING or ACTION_MULTI paramater.
+ *                Validates the input to prevent stupid/malicious
+ *                users from corrupting their action file.
+ *
+ * Parameters  :
+ *          1  :  parameters = map of cgi parameters
+ *          2  :  param_name = The name of the parameter to read
+ *          3  :  pparam = destination for paramater.  Allocated as
+ *                part of the map "parameters", so don't free it.
+ *                Set to NULL if not specified.
+ *
+ * Returns     :  JB_ERR_OK         on success, or if the paramater
+ *                                  was not specified.
+ *                JB_ERR_MEMORY     on out-of-memory.
+ *                JB_ERR_CGI_PARAMS if the paramater is not valid.
+ *
+ *********************************************************************/
+jb_err get_string_param(const struct map *parameters,
+                        const char *param_name,
+                        const char **pparam)
+{
+   const char *param;
+   const char *s;
+   char ch;
+
+   assert(parameters);
+   assert(param_name);
+   assert(pparam);
+
+   *pparam = NULL;
+
+   param = lookup(parameters, param_name);
+   if (!*param)
+   {
+      return JB_ERR_OK;
+   }
+
+   if (strlen(param) >= CGI_PARAM_LEN_MAX)
+   {
+      /*
+       * Too long.
+       *
+       * Note that the length limit is arbitrary, it just seems
+       * sensible to limit it to *something*.  There's no
+       * technical reason for any limit at all.
+       */
+      return JB_ERR_CGI_PARAMS;
+   }
+
+   /* Check every character to see if it's legal */
+   s = param;
+   while ((ch = *s++) != '\0')
+   {
+      if ( ((unsigned char)ch < (unsigned char)' ')
+        || (ch == '}') )
+      {
+         /* Probable hack attempt, or user accidentally used '}'. */
+         return JB_ERR_CGI_PARAMS;
+      }
+   }
+
+   /* Success */
+   *pparam = param;
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_number_param
+ *
+ * Description :  Get a non-negative integer from the parameters
+ *                passed to a CGI function.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  parameters = map of cgi parameters
+ *          3  :  name = Name of CGI parameter to read
+ *          4  :  pvalue = destination for value.
+ *                         Set to -1 on error.
+ *
+ * Returns     :  JB_ERR_OK         on success
+ *                JB_ERR_MEMORY     on out-of-memory
+ *                JB_ERR_CGI_PARAMS if the parameter was not specified
+ *                                  or is not valid.
+ *
+ *********************************************************************/
+jb_err get_number_param(struct client_state *csp,
+                        const struct map *parameters,
+                        char *name,
+                        unsigned *pvalue)
+{
+   const char *param;
+   char ch;
+   unsigned value;
+
+   assert(csp);
+   assert(parameters);
+   assert(name);
+   assert(pvalue);
+
+   *pvalue = 0; 
+
+   param = lookup(parameters, name);
+   if (!*param)
+   {
+      return JB_ERR_CGI_PARAMS;
+   }
+
+   /* We don't use atoi because I want to check this carefully... */
+
+   value = 0;
+   while ((ch = *param++) != '\0')
+   {
+      if ((ch < '0') || (ch > '9'))
+      {
+         return JB_ERR_CGI_PARAMS;
+      }
+
+      ch = (char)(ch - '0');
+
+      /* Note:
+       *
+       * <limits.h> defines UINT_MAX
+       *
+       * (UINT_MAX - ch) / 10 is the largest number that
+       *     can be safely multiplied by 10 then have ch added.
+       */
+      if (value > ((UINT_MAX - (unsigned)ch) / 10U))
+      {
+         return JB_ERR_CGI_PARAMS;
+      }
+
+      value = value * 10 + (unsigned)ch;
+   }
+
+   /* Success */
+   *pvalue = value;
+
+   return JB_ERR_OK;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  error_response
+ *
+ * Description :  returns an http_response that explains the reason
+ *                why a request failed.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  templatename = Which template should be used for the answer
+ *          3  :  sys_err = system error number
+ *
+ * Returns     :  A http_response.  If we run out of memory, this
+ *                will be cgi_error_memory().
+ *
+ *********************************************************************/
+struct http_response *error_response(struct client_state *csp,
+                                     const char *templatename,
+                                     int sys_err)
+{
+   jb_err err;
+   struct http_response *rsp;
+   struct map *exports = default_exports(csp, NULL);
+   char *path = NULL;
+
+   if (exports == NULL)
+   {
+      return cgi_error_memory();
+   }
+
+   if (NULL == (rsp = alloc_http_response()))
+   {
+      free_map(exports);
+      return cgi_error_memory();
+   }
+
+#ifdef FEATURE_FORCE_LOAD
+   if (csp->flags & CSP_FLAG_FORCED)
+   {
+      path = strdup(FORCE_PREFIX);
+   }
+   else
+#endif /* def FEATURE_FORCE_LOAD */
+   {
+      path = strdup("");
+   }
+   err = string_append(&path, csp->http->path);
+
+   if (!err) err = map(exports, "host", 1, html_encode(csp->http->host), 0);
+   if (!err) err = map(exports, "hostport", 1, html_encode(csp->http->hostport), 0);
+   if (!err) err = map(exports, "path", 1, html_encode_and_free_original(path), 0);
+   if (!err) err = map(exports, "error", 1, html_encode_and_free_original(safe_strerror(sys_err)), 0);
+   if (!err) err = map(exports, "protocol", 1, csp->http->ssl ? "https://" : "http://", 1); 
+   if (!err)
+   {
+     err = map(exports, "host-ip", 1, html_encode(csp->http->host_ip_addr_str), 0);
+     if (err)
+     {
+       /* Some failures, like "404 no such domain", don't have an IP address. */
+       err = map(exports, "host-ip", 1, html_encode(csp->http->host), 0);
+     }
+   }
+
+
+   if (err)
+   {
+      free_map(exports);
+      free_http_response(rsp);
+      return cgi_error_memory();
+   }
+
+   if (!strcmp(templatename, "no-such-domain"))
+   {
+      rsp->status = strdup("404 No such domain");
+      if (rsp->status == NULL)
+      {
+         free_map(exports);
+         free_http_response(rsp);
+         return cgi_error_memory();
+      }
+      rsp->reason = RSP_REASON_NO_SUCH_DOMAIN;
+   }
+   else if (!strcmp(templatename, "forwarding-failed"))
+   {
+      const struct forward_spec *fwd = forward_url(csp, csp->http);
+      char *socks_type = NULL;
+      if (fwd == NULL)
+      {
+         log_error(LOG_LEVEL_FATAL, "gateway spec is NULL. This shouldn't happen!");
+         /* Never get here - LOG_LEVEL_FATAL causes program exit */
+      }
+
+      /*
+       * XXX: While the template is called forwarding-failed,
+       * it currently only handles socks forwarding failures.
+       */
+      assert(fwd != NULL);
+      assert(fwd->type != SOCKS_NONE);
+
+      /*
+       * Map failure reason, forwarding type and forwarder.
+       */
+      if (NULL == csp->error_message)
+      {
+         /*
+          * Either we forgot to record the failure reason,
+          * or the memory allocation failed.
+          */
+         log_error(LOG_LEVEL_ERROR, "Socks failure reason missing.");
+         csp->error_message = strdup("Failure reason missing. Check the log file for details.");
+      }
+      if (!err) err = map(exports, "gateway", 1, fwd->gateway_host, 1);
+
+      /*
+       * XXX: this is almost the same code as in cgi_show_url_info()
+       * and thus should be factored out and shared.
+       */
+      switch (fwd->type)
+      {
+         case SOCKS_4:
+            socks_type = "socks4-";
+            break;
+         case SOCKS_4A:
+            socks_type = "socks4a-";
+            break;
+         case SOCKS_5:
+            socks_type = "socks5-";
+            break;
+         default:
+            log_error(LOG_LEVEL_FATAL, "Unknown socks type: %d.", fwd->type);
+      }
+
+      if (!err) err = map(exports, "forwarding-type", 1, socks_type, 1);
+      if (!err) err = map(exports, "error-message", 1, html_encode(csp->error_message), 0);
+
+      if (!err) rsp->status = strdup("503 Forwarding failure");
+      if ((rsp->status == NULL) || (NULL == csp->error_message) || err)
+      {
+         free_map(exports);
+         free_http_response(rsp);
+         return cgi_error_memory();
+      }
+      rsp->reason = RSP_REASON_FORWARDING_FAILED;
+   }
+   else if (!strcmp(templatename, "connect-failed"))
+   {
+      rsp->status = strdup("503 Connect failed");
+      if (rsp->status == NULL)
+      {
+         free_map(exports);
+         free_http_response(rsp);
+         return cgi_error_memory();
+      }
+      rsp->reason = RSP_REASON_CONNECT_FAILED;
+   }
+
+   err = template_fill_for_cgi(csp, templatename, exports, rsp);
+   if (err)
+   {
+      free_http_response(rsp);
+      return cgi_error_memory();
+   }
+
+   return finish_http_response(csp, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_error_disabled
+ *
+ * Description :  CGI function that is called to generate an error
+ *                response if the actions editor or toggle CGI are
+ *                accessed despite having being disabled at compile-
+ *                or run-time, or if the user followed an untrusted link
+ *                to access a unsafe CGI feature that is only reachable
+ *                through Privoxy directly.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *
+ * CGI Parameters : none
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err cgi_error_disabled(const struct client_state *csp,
+                          struct http_response *rsp)
+{
+   struct map *exports;
+
+   assert(csp);
+   assert(rsp);
+
+   if (NULL == (exports = default_exports(csp, "cgi-error-disabled")))
+   {
+      return JB_ERR_MEMORY;
+   }
+   if (map(exports, "url", 1, html_encode(csp->http->url), 0))
+   {
+      /* Not important enough to do anything */
+      log_error(LOG_LEVEL_ERROR, "Failed to fill in url.");
+   }
+
+   return template_fill_for_cgi(csp, "cgi-error-disabled", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_init_error_messages
+ *
+ * Description :  Call at the start of the program to initialize
+ *                the error message used by cgi_error_memory().
+ *
+ * Parameters  :  N/A
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void cgi_init_error_messages(void)
+{
+   memset(cgi_error_memory_response, '\0', sizeof(*cgi_error_memory_response));
+   cgi_error_memory_response->head =
+      "HTTP/1.0 500 Internal Privoxy Error\r\n"
+      "Content-Type: text/html\r\n"
+      "\r\n";
+   cgi_error_memory_response->body =
+      "<html>\r\n"
+      "<head>\r\n"
+      " <title>500 Internal Privoxy Error</title>\r\n"
+      " <link rel=\"shortcut icon\" href=\"" CGI_PREFIX "error-favicon.ico\" type=\"image/x-icon\">"
+      "</head>\r\n"
+      "<body>\r\n"
+      "<h1>500 Internal Privoxy Error</h1>\r\n"
+      "<p>Privoxy <b>ran out of memory</b> while processing your request.</p>\r\n"
+      "<p>Please contact your proxy administrator, or try again later</p>\r\n"
+      "</body>\r\n"
+      "</html>\r\n";
+
+   cgi_error_memory_response->head_length =
+      strlen(cgi_error_memory_response->head);
+   cgi_error_memory_response->content_length =
+      strlen(cgi_error_memory_response->body);
+   cgi_error_memory_response->reason = RSP_REASON_OUT_OF_MEMORY;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_error_memory
+ *
+ * Description :  Called if a CGI function runs out of memory.
+ *                Returns a statically-allocated error response.
+ *
+ * Parameters  :  N/A
+ *
+ * Returns     :  http_response data structure for output.  This is
+ *                statically allocated, for obvious reasons.
+ *
+ *********************************************************************/
+struct http_response *cgi_error_memory(void)
+{
+   /* assert that it's been initialized. */
+   assert(cgi_error_memory_response->head);
+
+   return cgi_error_memory_response;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_error_no_template
+ *
+ * Description :  Almost-CGI function that is called if a template
+ *                cannot be loaded.  Note this is not a true CGI,
+ *                it takes a template name rather than a map of 
+ *                parameters.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  template_name = Name of template that could not
+ *                                be loaded.
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err cgi_error_no_template(const struct client_state *csp,
+                             struct http_response *rsp,
+                             const char *template_name)
+{
+   static const char status[] =
+      "500 Internal Privoxy Error";
+   static const char body_prefix[] =
+      "<html>\r\n"
+      "<head>\r\n"
+      " <title>500 Internal Privoxy Error</title>\r\n"
+      " <link rel=\"shortcut icon\" href=\"" CGI_PREFIX "error-favicon.ico\" type=\"image/x-icon\">"
+      "</head>\r\n"
+      "<body>\r\n"
+      "<h1>500 Internal Privoxy Error</h1>\r\n"
+      "<p>Privoxy encountered an error while processing your request:</p>\r\n"
+      "<p><b>Could not load template file <code>";
+   static const char body_suffix[] =
+      "</code> or one of its included components.</b></p>\r\n"
+      "<p>Please contact your proxy administrator.</p>\r\n"
+      "<p>If you are the proxy administrator, please put the required file(s)"
+      "in the <code><i>(confdir)</i>/templates</code> directory.  The "
+      "location of the <code><i>(confdir)</i></code> directory "
+      "is specified in the main Privoxy <code>config</code> "
+      "file.  (It's typically the Privoxy install directory"
+#ifndef _WIN32
+      ", or <code>/etc/privoxy/</code>"
+#endif /* ndef _WIN32 */
+      ").</p>\r\n"
+      "</body>\r\n"
+      "</html>\r\n";
+   const size_t body_size = strlen(body_prefix) + strlen(template_name) + strlen(body_suffix) + 1;
+
+   assert(csp);
+   assert(rsp);
+   assert(template_name);
+
+   /* Reset rsp, if needed */
+   freez(rsp->status);
+   freez(rsp->head);
+   freez(rsp->body);
+   rsp->content_length = 0;
+   rsp->head_length = 0;
+   rsp->is_static = 0;
+
+   rsp->body = malloc(body_size);
+   if (rsp->body == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+   strlcpy(rsp->body, body_prefix, body_size);
+   strlcat(rsp->body, template_name, body_size);
+   strlcat(rsp->body, body_suffix, body_size);
+
+   rsp->status = strdup(status);
+   if (rsp->status == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_error_unknown
+ *
+ * Description :  Almost-CGI function that is called if an unexpected
+ *                error occurs in the top-level CGI dispatcher.
+ *                In this context, "unexpected" means "anything other
+ *                than JB_ERR_MEMORY or JB_ERR_CGI_PARAMS" - CGIs are
+ *                expected to handle all other errors internally,
+ *                since they can give more relavent error messages
+ *                that way.
+ *
+ *                Note this is not a true CGI, it takes an error
+ *                code rather than a map of parameters.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  error_to_report = Error code to report.
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err cgi_error_unknown(const struct client_state *csp,
+                         struct http_response *rsp,
+                         jb_err error_to_report)
+{
+   static const char status[] =
+      "500 Internal Privoxy Error";
+   static const char body_prefix[] =
+      "<html>\r\n"
+      "<head>\r\n"
+      " <title>500 Internal Privoxy Error</title>\r\n"
+      " <link rel=\"shortcut icon\" href=\"" CGI_PREFIX "error-favicon.ico\" type=\"image/x-icon\">"
+      "</head>\r\n"
+      "<body>\r\n"
+      "<h1>500 Internal Privoxy Error</h1>\r\n"
+      "<p>Privoxy encountered an error while processing your request:</p>\r\n"
+      "<p><b>Unexpected internal error: ";
+   static const char body_suffix[] =
+      "</b></p>\r\n"
+      "<p>Please "
+      "<a href=\"http://sourceforge.net/tracker/?group_id=11118&atid=111118\">"
+      "file a bug report</a>.</p>\r\n"
+      "</body>\r\n"
+      "</html>\r\n";
+   char errnumbuf[30];
+   /*
+    * Due to sizeof(errnumbuf), body_size will be slightly
+    * bigger than necessary but it doesn't really matter.
+    */
+   const size_t body_size = strlen(body_prefix) + sizeof(errnumbuf) + strlen(body_suffix) + 1;
+   assert(csp);
+   assert(rsp);
+
+   /* Reset rsp, if needed */
+   freez(rsp->status);
+   freez(rsp->head);
+   freez(rsp->body);
+   rsp->content_length = 0;
+   rsp->head_length = 0;
+   rsp->is_static = 0;
+   rsp->reason = RSP_REASON_INTERNAL_ERROR;
+
+   snprintf(errnumbuf, sizeof(errnumbuf), "%d", error_to_report);
+
+   rsp->body = malloc(body_size);
+   if (rsp->body == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+   strlcpy(rsp->body, body_prefix, body_size);
+   strlcat(rsp->body, errnumbuf,   body_size);
+   strlcat(rsp->body, body_suffix, body_size);
+
+   rsp->status = strdup(status);
+   if (rsp->status == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_error_bad_param
+ *
+ * Description :  CGI function that is called if the parameters
+ *                (query string) for a CGI were wrong.
+ *               
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *
+ * CGI Parameters : none
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err cgi_error_bad_param(const struct client_state *csp,
+                           struct http_response *rsp)
+{
+   struct map *exports;
+
+   assert(csp);
+   assert(rsp);
+
+   if (NULL == (exports = default_exports(csp, NULL)))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   return template_fill_for_cgi(csp, "cgi-error-bad-param", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_redirect 
+ *
+ * Description :  CGI support function to generate a HTTP redirect
+ *                message
+ *
+ * Parameters  :
+ *          1  :  rsp = http_response data structure for output
+ *          2  :  target = string with the target URL
+ *
+ * CGI Parameters : None
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err cgi_redirect (struct http_response * rsp, const char *target)
+{
+   jb_err err;
+
+   assert(rsp);
+   assert(target);
+
+   err = enlist_unique_header(rsp->headers, "Location", target);
+
+   rsp->status = strdup("302 Local Redirect from Privoxy");
+   if (rsp->status == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   return err;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  add_help_link
+ *
+ * Description :  Produce a copy of the string given as item,
+ *                embedded in an HTML link to its corresponding
+ *                section (item name in uppercase) in the actions
+ *                chapter of the user manual, (whose URL is given in
+ *                the config and defaults to our web site).
+ *
+ *                FIXME: I currently only work for actions, and would
+ *                       like to be generalized for other topics.
+ *
+ * Parameters  :  
+ *          1  :  item = item (will NOT be free()d.) 
+ *                       It is assumed to be HTML-safe.
+ *          2  :  config = The current configuration.
+ *
+ * Returns     :  String with item embedded in link, or NULL on
+ *                out-of-memory
+ *
+ *********************************************************************/
+char *add_help_link(const char *item,
+                    struct configuration_spec *config)
+{
+   char *result;
+
+   if (!item) return NULL;
+
+   result = strdup("<a href=\"");
+   if (!strncmpic(config->usermanual, "file://", 7) ||
+       !strncmpic(config->usermanual, "http", 4))
+   {
+      string_append(&result, config->usermanual);
+   }
+   else
+   {
+      string_append(&result, "http://");
+      string_append(&result, CGI_SITE_2_HOST);
+      string_append(&result, "/user-manual/");
+   }
+   string_append(&result, ACTIONS_HELP_PREFIX);
+   string_join  (&result, string_toupper(item));
+   string_append(&result, "\">");
+   string_append(&result, item);
+   string_append(&result, "</a> ");
+
+   return result;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_http_time
+ *
+ * Description :  Get the time in a format suitable for use in a
+ *                HTTP header - e.g.:
+ *                "Sun, 06 Nov 1994 08:49:37 GMT"
+ *
+ * Parameters  :  
+ *          1  :  time_offset = Time returned will be current time
+ *                              plus this number of seconds.
+ *          2  :  buf = Destination for result.
+ *          3  :  buffer_size = Size of the buffer above. Must be big
+ *                              enough to hold 29 characters plus a
+ *                              trailing zero.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void get_http_time(int time_offset, char *buf, size_t buffer_size)
+{
+   static const char day_names[7][4] =
+      { "Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat" };
+   static const char month_names[12][4] =
+      { "Jan", "Feb", "Mar", "Apr", "May", "Jun",
+        "Jul", "Aug", "Sep", "Oct", "Nov", "Dec" };
+
+   struct tm *t;
+   time_t current_time;
+#if defined(HAVE_GMTIME_R)
+   struct tm dummy;
+#endif
+
+   assert(buf);
+   assert(buffer_size > (size_t)29);
+
+   time(&current_time);
+
+   current_time += time_offset;
+
+   /* get and save the gmt */
+#if HAVE_GMTIME_R
+   t = gmtime_r(&current_time, &dummy);
+#elif FEATURE_PTHREAD
+   privoxy_mutex_lock(&gmtime_mutex);
+   t = gmtime(&current_time);
+   privoxy_mutex_unlock(&gmtime_mutex);
+#else
+   t = gmtime(&current_time);
+#endif
+
+   /* Format: "Sun, 06 Nov 1994 08:49:37 GMT" */
+   snprintf(buf, buffer_size,
+      "%s, %02d %s %4d %02d:%02d:%02d GMT",
+      day_names[t->tm_wday],
+      t->tm_mday,
+      month_names[t->tm_mon],
+      t->tm_year + 1900,
+      t->tm_hour,
+      t->tm_min,
+      t->tm_sec
+      );
+
+}
+
+/*********************************************************************
+ *
+ * Function    :  get_locale_time
+ *
+ * Description :  Get the time in a date(1)-like format
+ *                according to the current locale - e.g.:
+ *                "Fri Aug 29 19:37:12 CEST 2008"
+ *
+ *                XXX: Should we allow the user to change the format?
+ *
+ * Parameters  :
+ *          1  :  buf         = Destination for result.
+ *          2  :  buffer_size = Size of the buffer above. Must be big
+ *                              enough to hold 29 characters plus a
+ *                              trailing zero.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+static void get_locale_time(char *buf, size_t buffer_size)
+{
+   struct tm *timeptr;
+   time_t current_time;
+#if defined(HAVE_LOCALTIME_R)
+   struct tm dummy;
+#endif
+
+   assert(buf);
+   assert(buffer_size > (size_t)29);
+
+   time(&current_time);
+
+#if HAVE_LOCALTIME_R
+   timeptr = localtime_r(&current_time, &dummy);
+#elif FEATURE_PTHREAD
+   privoxy_mutex_lock(&localtime_mutex);
+   timeptr = localtime(&current_time);
+   privoxy_mutex_unlock(&localtime_mutex);
+#else
+   timeptr = localtime(&current_time);
+#endif
+
+   strftime(buf, buffer_size, "%a %b %d %X %Z %Y", timeptr);
+
+}
+
+/*********************************************************************
+ *
+ * Function    :  finish_http_response
+ *
+ * Description :  Fill in the missing headers in an http response,
+ *                and flatten the headers to an http head.
+ *                For HEAD requests the body is freed once
+ *                the Content-Length header is set.
+ *
+ * Parameters  :
+ *          1  :  rsp = pointer to http_response to be processed
+ *
+ * Returns     :  A http_response, usually the rsp parameter.
+ *                On error, free()s rsp and returns cgi_error_memory()
+ *
+ *********************************************************************/
+struct http_response *finish_http_response(const struct client_state *csp, struct http_response *rsp)
+{
+   char buf[BUFFER_SIZE];
+   jb_err err;
+
+   /* Special case - do NOT change this statically allocated response,
+    * which is ready for output anyway.
+    */
+   if (rsp == cgi_error_memory_response)
+   {
+      return rsp;
+   }
+
+   /* 
+    * Fill in the HTTP Status, using HTTP/1.1
+    * unless the client asked for HTTP/1.0.
+    */
+   snprintf(buf, sizeof(buf), "%s %s",
+      strcmpic(csp->http->ver, "HTTP/1.0") ? "HTTP/1.1" : "HTTP/1.0",
+      rsp->status ? rsp->status : "200 OK");
+   err = enlist_first(rsp->headers, buf);
+
+   /* 
+    * Set the Content-Length
+    */
+   if (rsp->content_length == 0)
+   {
+      rsp->content_length = rsp->body ? strlen(rsp->body) : 0;
+   }
+   if (!err)
+   {
+      snprintf(buf, sizeof(buf), "Content-Length: %d", (int)rsp->content_length);
+      err = enlist(rsp->headers, buf);
+   }
+
+   if (0 == strcmpic(csp->http->gpc, "head"))
+   {
+      /*
+       * The client only asked for the head. Dispose
+       * the body and log an offensive message.
+       *
+       * While it may seem to be a bit inefficient to
+       * prepare the body if it isn't needed, it's the
+       * only way to get the Content-Length right for
+       * dynamic pages. We could have disposed the body
+       * earlier, but not without duplicating the
+       * Content-Length setting code above.
+       */
+      log_error(LOG_LEVEL_CGI, "Preparing to give head to %s.", csp->ip_addr_str);
+      freez(rsp->body);
+      rsp->content_length = 0;
+   }
+
+   if (strncmpic(rsp->status, "302", 3))
+   {
+      /*
+       * If it's not a redirect without any content,
+       * set the Content-Type to text/html if it's
+       * not already specified.
+       */
+      if (!err) err = enlist_unique(rsp->headers, "Content-Type: text/html", 13);
+   }
+
+   /*
+    * Fill in the rest of the default headers:
+    *
+    * Date: set to current date/time.
+    * Last-Modified: set to date/time the page was last changed.
+    * Expires: set to date/time page next needs reloading.
+    * Cache-Control: set to "no-cache" if applicable.
+    * 
+    * See http://www.w3.org/Protocols/rfc2068/rfc2068
+    */
+   if (rsp->is_static)
+   {
+      /*
+       * Set Expires to about 10 min into the future so it'll get reloaded
+       * occasionally, e.g. if Privoxy gets upgraded.
+       */
+
+      if (!err)
+      {
+         get_http_time(0, buf, sizeof(buf));
+         err = enlist_unique_header(rsp->headers, "Date", buf);
+      }
+
+      /* Some date in the past. */
+      if (!err) err = enlist_unique_header(rsp->headers, "Last-Modified", "Sat, 17 Jun 2000 12:00:00 GMT");
+
+      if (!err)
+      {
+         get_http_time(10 * 60, buf, sizeof(buf)); /* 10 * 60sec = 10 minutes */
+         err = enlist_unique_header(rsp->headers, "Expires", buf);
+      }
+   }
+   else if (!strncmpic(rsp->status, "302", 3))
+   {
+      get_http_time(0, buf, sizeof(buf));
+      if (!err) err = enlist_unique_header(rsp->headers, "Date", buf);
+   }
+   else
+   {
+      /*
+       * Setting "Cache-Control" to "no-cache" and  "Expires" to
+       * the current time doesn't exactly forbid caching, it just
+       * requires the client to revalidate the cached copy.
+       *
+       * If a temporary problem occurs and the user tries again after
+       * getting Privoxy's error message, a compliant browser may set the
+       * If-Modified-Since header with the content of the error page's
+       * Last-Modified header. More often than not, the document on the server
+       * is older than Privoxy's error message, the server would send status code
+       * 304 and the browser would display the outdated error message again and again.
+       *
+       * For documents delivered with status code 403, 404 and 503 we set "Last-Modified"
+       * to Tim Berners-Lee's birthday, which predates the age of any page on the web
+       * and can be safely used to "revalidate" without getting a status code 304.
+       *
+       * There is no need to let the useless If-Modified-Since header reach the
+       * server, it is therefore stripped by client_if_modified_since in parsers.c.
+       */
+      if (!err) err = enlist_unique_header(rsp->headers, "Cache-Control", "no-cache");
+
+      get_http_time(0, buf, sizeof(buf));
+      if (!err) err = enlist_unique_header(rsp->headers, "Date", buf);
+      if (!strncmpic(rsp->status, "403", 3)
+       || !strncmpic(rsp->status, "404", 3)
+       || !strncmpic(rsp->status, "503", 3))
+      {
+         if (!err) err = enlist_unique_header(rsp->headers, "Last-Modified", "Wed, 08 Jun 1955 12:00:00 GMT");
+      }
+      else
+      {
+         if (!err) err = enlist_unique_header(rsp->headers, "Last-Modified", buf);
+      }
+      if (!err) err = enlist_unique_header(rsp->headers, "Expires", "Sat, 17 Jun 2000 12:00:00 GMT");
+      if (!err) err = enlist_unique_header(rsp->headers, "Pragma", "no-cache");
+   }
+
+   /*
+    * Quoting RFC 2616:
+    *
+    * HTTP/1.1 applications that do not support persistent connections MUST
+    * include the "close" connection option in every message.
+    */
+   if (!err) err = enlist_unique_header(rsp->headers, "Connection", "close");
+
+   /* 
+    * Write the head
+    */
+   if (err || (NULL == (rsp->head = list_to_text(rsp->headers))))
+   {
+      free_http_response(rsp);
+      return cgi_error_memory();
+   }
+   rsp->head_length = strlen(rsp->head);
+
+   return rsp;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  alloc_http_response
+ *
+ * Description :  Allocates a new http_response structure.
+ *
+ * Parameters  :  N/A
+ *
+ * Returns     :  pointer to a new http_response, or NULL.
+ *
+ *********************************************************************/
+struct http_response *alloc_http_response(void)
+{
+   return (struct http_response *) zalloc(sizeof(struct http_response));
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  free_http_response
+ *
+ * Description :  Free the memory occupied by an http_response
+ *                and its depandant structures.
+ *
+ * Parameters  :
+ *          1  :  rsp = pointer to http_response to be freed
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void free_http_response(struct http_response *rsp)
+{
+   /*
+    * Must special case cgi_error_memory_response, which is never freed.
+    */
+   if (rsp && (rsp != cgi_error_memory_response))
+   {
+      freez(rsp->status);
+      freez(rsp->head);
+      freez(rsp->body);
+      destroy_list(rsp->headers);
+      free(rsp);
+   }
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  template_load
+ *
+ * Description :  CGI support function that loads a given HTML
+ *                template, ignoring comment lines and following
+ *                #include statements up to a depth of 1.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  template_ptr = Destination for pointer to loaded
+ *                               template text.
+ *          3  :  templatename = name of the HTML template to be used
+ *          4  :  recursive = Flag set if this function calls itself
+ *                            following an #include statament
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *                JB_ERR_FILE if the template file cannot be read
+ *
+ *********************************************************************/
+jb_err template_load(const struct client_state *csp, char **template_ptr, 
+                     const char *templatename, int recursive)
+{
+   jb_err err;
+   char *templates_dir_path;
+   char *full_path;
+   char *file_buffer;
+   char *included_module;
+   const char *p;
+   FILE *fp;
+   char buf[BUFFER_SIZE];
+
+   assert(csp);
+   assert(template_ptr);
+   assert(templatename);
+
+   *template_ptr = NULL;
+
+   /* Validate template name.  Paranoia. */
+   for (p = templatename; *p != 0; p++)
+   {
+      if ( ((*p < 'a') || (*p > 'z'))
+        && ((*p < 'A') || (*p > 'Z'))
+        && ((*p < '0') || (*p > '9'))
+        && (*p != '-')
+        && (*p != '.'))
+      {
+         /* Illegal character */
+         return JB_ERR_FILE;
+      }
+   }
+
+   /*
+    * Generate full path using either templdir
+    * or confdir/templates as base directory.
+    */
+   if (NULL != csp->config->templdir)
+   {
+      templates_dir_path = strdup(csp->config->templdir);
+   }
+   else
+   {
+      templates_dir_path = make_path(csp->config->confdir, "templates");
+   }
+
+   if (templates_dir_path == NULL)
+   {
+      log_error(LOG_LEVEL_ERROR, "Out of memory while generating template path for %s.",
+         templatename);
+      return JB_ERR_MEMORY;
+   }
+
+   full_path = make_path(templates_dir_path, templatename);
+   free(templates_dir_path);
+   if (full_path == NULL)
+   {
+      log_error(LOG_LEVEL_ERROR, "Out of memory while generating full template path for %s.",
+         templatename);
+      return JB_ERR_MEMORY;
+   }
+
+   /* Allocate buffer */
+
+   file_buffer = strdup("");
+   if (file_buffer == NULL)
+   {
+      log_error(LOG_LEVEL_ERROR, "Not enough free memory to buffer %s.", full_path);
+      free(full_path);
+      return JB_ERR_MEMORY;
+   }
+
+   /* Open template file */
+
+   if (NULL == (fp = fopen(full_path, "r")))
+   {
+      log_error(LOG_LEVEL_ERROR, "Cannot open template file %s: %E", full_path);
+      free(full_path);
+      free(file_buffer);
+      return JB_ERR_FILE;
+   }
+   free(full_path);
+
+   /* 
+    * Read the file, ignoring comments, and honoring #include
+    * statements, unless we're already called recursively.
+    *
+    * XXX: The comment handling could break with lines lengths > sizeof(buf).
+    *      This is unlikely in practise.
+    */
+   while (fgets(buf, sizeof(buf), fp))
+   {
+      if (!recursive && !strncmp(buf, "#include ", 9))
+      {
+         if (JB_ERR_OK != (err = template_load(csp, &included_module, chomp(buf + 9), 1)))
+         {
+            free(file_buffer);
+            fclose(fp);
+            return err;
+         }
+
+         if (string_join(&file_buffer, included_module))
+         {
+            fclose(fp);
+            return JB_ERR_MEMORY;
+         }
+
+         continue;
+      }
+
+      /* skip lines starting with '#' */
+      if (*buf == '#')
+      {
+         continue;
+      }
+
+      if (string_append(&file_buffer, buf))
+      {
+         fclose(fp);
+         return JB_ERR_MEMORY;
+      }
+   }
+   fclose(fp);
+
+   *template_ptr = file_buffer;
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  template_fill
+ *
+ * Description :  CGI support function that fills in a pre-loaded
+ *                HTML template by replacing @name@ with value using
+ *                pcrs, for each item in the output map.
+ *
+ *                Note that a leading '$' charachter in the export map's
+ *                values will be stripped and toggle on backreference
+ *                interpretation.
+ *
+ * Parameters  :
+ *          1  :  template_ptr = IN: Template to be filled out.
+ *                                   Will be free()d.
+ *                               OUT: Filled out template.
+ *                                    Caller must free().
+ *          2  :  exports = map with fill in symbol -> name pairs
+ *
+ * Returns     :  JB_ERR_OK on success (and for uncritical errors)
+ *                JB_ERR_MEMORY on out-of-memory error
+ *
+ *********************************************************************/
+jb_err template_fill(char **template_ptr, const struct map *exports)
+{
+   struct map_entry *m;
+   pcrs_job *job;
+   char buf[BUFFER_SIZE];
+   char *tmp_out_buffer;
+   char *file_buffer;
+   size_t size;
+   int error;
+   const char *flags;
+
+   assert(template_ptr);
+   assert(*template_ptr);
+   assert(exports);
+
+   file_buffer = *template_ptr;
+   size = strlen(file_buffer) + 1;
+
+   /* 
+    * Assemble pcrs joblist from exports map
+    */
+   for (m = exports->first; m != NULL; m = m->next)
+   {
+      if (*m->name == '$')
+      {
+         /*
+          * First character of name is '$', so remove this flag
+          * character and allow backreferences ($1 etc) in the
+          * "replace with" text.
+          */
+         snprintf(buf, sizeof(buf), "%s", m->name + 1);
+         flags = "sigU";
+      }
+      else
+      {
+         /*
+          * Treat the "replace with" text as a literal string - 
+          * no quoting needed, no backreferences allowed.
+          * ("Trivial" ['T'] flag).
+          */
+         flags = "sigTU";
+
+         /* Enclose name in @@ */
+         snprintf(buf, sizeof(buf), "@%s@", m->name);
+      }
+
+      log_error(LOG_LEVEL_CGI, "Substituting: s/%s/%s/%s", buf, m->value, flags);
+
+      /* Make and run job. */
+      job = pcrs_compile(buf, m->value, flags,  &error);
+      if (job == NULL) 
+      {
+         if (error == PCRS_ERR_NOMEM)
+         {
+            free(file_buffer);
+            *template_ptr = NULL;
+            return JB_ERR_MEMORY;
+         }
+         else
+         {
+            log_error(LOG_LEVEL_ERROR, "Error compiling template fill job %s: %d", m->name, error);
+            /* Hope it wasn't important and silently ignore the invalid job */
+         }
+      }
+      else
+      {
+         error = pcrs_execute(job, file_buffer, size, &tmp_out_buffer, &size);
+
+         pcrs_free_job(job);
+         if (NULL == tmp_out_buffer)
+         {
+            *template_ptr = NULL;
+            return JB_ERR_MEMORY;
+         }
+
+         if (error < 0)
+         {
+            /* 
+             * Substitution failed, keep the original buffer,
+             * log the problem and ignore it.
+             * 
+             * The user might see some unresolved @CGI_VARIABLES@,
+             * but returning a special CGI error page seems unreasonable
+             * and could mask more important error messages.
+             */
+            free(tmp_out_buffer);
+            log_error(LOG_LEVEL_ERROR, "Failed to execute s/%s/%s/%s. %s",
+               buf, m->value, flags, pcrs_strerror(error));
+         }
+         else
+         {
+            /* Substitution succeeded, use modified buffer. */
+            free(file_buffer);
+            file_buffer = tmp_out_buffer;
+         }
+      }
+   }
+
+   /*
+    * Return
+    */
+   *template_ptr = file_buffer;
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  template_fill_for_cgi
+ *
+ * Description :  CGI support function that loads a HTML template
+ *                and fills it in.  Handles file-not-found errors
+ *                by sending a HTML error message.  For convenience,
+ *                this function also frees the passed "exports" map.
+ *
+ * Parameters  :
+ *          1  :  csp = Client state
+ *          2  :  templatename = name of the HTML template to be used
+ *          3  :  exports = map with fill in symbol -> name pairs.
+ *                          Will be freed by this function.
+ *          4  :  rsp = Response structure to fill in.
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error
+ *
+ *********************************************************************/
+jb_err template_fill_for_cgi(const struct client_state *csp,
+                             const char *templatename,
+                             struct map *exports,
+                             struct http_response *rsp)
+{
+   jb_err err;
+   
+   assert(csp);
+   assert(templatename);
+   assert(exports);
+   assert(rsp);
+
+   err = template_load(csp, &rsp->body, templatename, 0);
+   if (err == JB_ERR_FILE)
+   {
+      free_map(exports);
+      return cgi_error_no_template(csp, rsp, templatename);
+   }
+   else if (err)
+   {
+      free_map(exports);
+      return err; /* JB_ERR_MEMORY */
+   }
+   err = template_fill(&rsp->body, exports);
+   free_map(exports);
+   return err;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  default_exports
+ *
+ * Description :  returns a struct map list that contains exports
+ *                which are common to all CGI functions.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  caller = name of CGI who calls us and which should
+ *                         be excluded from the generated menu. May be
+ *                         NULL.
+ * Returns     :  NULL if no memory, else a new map.  Caller frees.
+ *
+ *********************************************************************/
+struct map *default_exports(const struct client_state *csp, const char *caller)
+{
+   char buf[30];
+   jb_err err;
+   struct map * exports;
+   int local_help_exists = 0;
+   char *ip_address = NULL;
+   char *hostname = NULL;
+
+   assert(csp);
+
+   exports = new_map();
+   if (exports == NULL)
+   {
+      return NULL;
+   }
+
+   if (csp->config->hostname)
+   {
+      get_host_information(csp->cfd, &ip_address, NULL);
+      hostname = strdup(csp->config->hostname);
+   }
+   else
+   {
+      get_host_information(csp->cfd, &ip_address, &hostname);
+   }
+
+   err = map(exports, "version", 1, html_encode(VERSION), 0);
+   get_locale_time(buf, sizeof(buf));
+   if (!err) err = map(exports, "time",          1, html_encode(buf), 0);
+   if (!err) err = map(exports, "my-ip-address", 1, html_encode(ip_address ? ip_address : "unknown"), 0);
+   freez(ip_address);
+   if (!err) err = map(exports, "my-hostname",   1, html_encode(hostname ? hostname : "unknown"), 0);
+   freez(hostname);
+   if (!err) err = map(exports, "homepage",      1, html_encode(HOME_PAGE_URL), 0);
+   if (!err) err = map(exports, "default-cgi",   1, html_encode(CGI_PREFIX), 0);
+   if (!err) err = map(exports, "menu",          1, make_menu(caller, csp->config->feature_flags), 0);
+   if (!err) err = map(exports, "code-status",   1, CODE_STATUS, 1);
+   if (!strncmpic(csp->config->usermanual, "file://", 7) ||
+       !strncmpic(csp->config->usermanual, "http", 4))
+   {
+      /* Manual is located somewhere else, just link to it. */
+      if (!err) err = map(exports, "user-manual", 1, html_encode(csp->config->usermanual), 0);
+   }
+   else
+   {
+      /* Manual is delivered by Privoxy. */
+      if (!err) err = map(exports, "user-manual", 1, html_encode(CGI_PREFIX"user-manual/"), 0);
+   }
+   if (!err) err = map(exports, "actions-help-prefix", 1, ACTIONS_HELP_PREFIX ,1);
+#ifdef FEATURE_TOGGLE
+   if (!err) err = map_conditional(exports, "enabled-display", global_toggle_state);
+#else
+   if (!err) err = map_block_killer(exports, "can-toggle");
+#endif
+
+   snprintf(buf, sizeof(buf), "%d", csp->config->hport);
+   if (!err) err = map(exports, "my-port", 1, buf, 1);
+
+   if(!strcmp(CODE_STATUS, "stable"))
+   {
+      if (!err) err = map_block_killer(exports, "unstable");
+   }
+
+   if (csp->config->admin_address != NULL)
+   {
+      if (!err) err = map(exports, "admin-address", 1, html_encode(csp->config->admin_address), 0);
+      local_help_exists = 1;
+   }
+   else
+   {
+      if (!err) err = map_block_killer(exports, "have-adminaddr-info");
+   }
+
+   if (csp->config->proxy_info_url != NULL)
+   {
+      if (!err) err = map(exports, "proxy-info-url", 1, html_encode(csp->config->proxy_info_url), 0);
+      local_help_exists = 1;
+   }
+   else
+   {
+      if (!err) err = map_block_killer(exports, "have-proxy-info");
+   }
+
+   if (local_help_exists == 0)
+   {
+      if (!err) err = map_block_killer(exports, "have-help-info");
+   }
+
+   if (err)
+   {
+      free_map(exports);
+      return NULL;
+   }
+
+   return exports;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  map_block_killer
+ *
+ * Description :  Convenience function.
+ *                Adds a "killer" for the conditional HTML-template
+ *                block <name>, i.e. a substitution of the regex
+ *                "if-<name>-start.*if-<name>-end" to the given
+ *                export list.
+ *
+ * Parameters  :  
+ *          1  :  exports = map to extend
+ *          2  :  name = name of conditional block
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err map_block_killer(struct map *exports, const char *name)
+{
+   char buf[1000]; /* Will do, since the names are hardwired */
+
+   assert(exports);
+   assert(name);
+   assert(strlen(name) < (size_t)490);
+
+   snprintf(buf, sizeof(buf), "if-%s-start.*if-%s-end", name, name);
+   return map(exports, buf, 1, "", 1);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  map_block_keep
+ *
+ * Description :  Convenience function.  Removes the markers used
+ *                by map-block-killer, to save a few bytes.
+ *                i.e. removes "@if-<name>-start@" and "@if-<name>-end@"
+ *
+ * Parameters  :  
+ *          1  :  exports = map to extend
+ *          2  :  name = name of conditional block
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err map_block_keep(struct map *exports, const char *name)
+{
+   jb_err err;
+   char buf[500]; /* Will do, since the names are hardwired */
+
+   assert(exports);
+   assert(name);
+   assert(strlen(name) < (size_t)490);
+
+   snprintf(buf, sizeof(buf), "if-%s-start", name);
+   err = map(exports, buf, 1, "", 1);
+
+   if (err)
+   {
+      return err;
+   }
+
+   snprintf(buf, sizeof(buf), "if-%s-end", name);
+   return map(exports, buf, 1, "", 1);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  map_conditional
+ *
+ * Description :  Convenience function.
+ *                Adds an "if-then-else" for the conditional HTML-template
+ *                block <name>, i.e. a substitution of the form:
+ *                @if-<name>-then@
+ *                   True text
+ *                @else-not-<name>@
+ *                   False text
+ *                @endif-<name>@
+ *
+ *                The control structure and one of the alternatives
+ *                will be hidden.
+ *
+ * Parameters  :  
+ *          1  :  exports = map to extend
+ *          2  :  name = name of conditional block
+ *          3  :  choose_first = nonzero for first, zero for second.
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err map_conditional(struct map *exports, const char *name, int choose_first)
+{
+   char buf[1000]; /* Will do, since the names are hardwired */
+   jb_err err;
+
+   assert(exports);
+   assert(name);
+   assert(strlen(name) < (size_t)480);
+
+   snprintf(buf, sizeof(buf), (choose_first
+      ? "else-not-%s at .*@endif-%s"
+      : "if-%s-then at .*@else-not-%s"),
+      name, name);
+
+   err = map(exports, buf, 1, "", 1);
+   if (err)
+   {
+      return err;
+   }
+
+   snprintf(buf, sizeof(buf), (choose_first ? "if-%s-then" : "endif-%s"), name);
+   return map(exports, buf, 1, "", 1);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  make_menu
+ *
+ * Description :  Returns an HTML-formatted menu of the available 
+ *                unhidden CGIs, excluding the one given in <self>
+ *                and the toggle CGI if toggling is disabled.
+ *
+ * Parameters  :
+ *          1  :  self = name of CGI to leave out, can be NULL for
+ *                complete listing.
+ *          2  :  feature_flags = feature bitmap from csp->config
+ *                
+ *
+ * Returns     :  menu string, or NULL on out-of-memory error.
+ *
+ *********************************************************************/
+char *make_menu(const char *self, const unsigned feature_flags)
+{
+   const struct cgi_dispatcher *d;
+   char *result = strdup("");
+
+   if (self == NULL)
+   {
+      self = "NO-SUCH-CGI!";
+   }
+
+   /* List available unhidden CGI's and export as "other-cgis" */
+   for (d = cgi_dispatchers; d->name; d++)
+   {
+
+#ifdef FEATURE_TOGGLE
+      if (!(feature_flags & RUNTIME_FEATURE_CGI_TOGGLE) && !strcmp(d->name, "toggle"))
+      {
+         /*
+          * Suppress the toggle link if remote toggling is disabled.
+          */
+         continue;
+      }
+#endif /* def FEATURE_TOGGLE */
+
+      if (d->description && strcmp(d->name, self))
+      {
+         char *html_encoded_prefix;
+
+         /*
+          * Line breaks would be great, but break
+          * the "blocked" template's JavaScript.
+          */
+         string_append(&result, "<li><a href=\"");
+         html_encoded_prefix = html_encode(CGI_PREFIX);
+         if (html_encoded_prefix == NULL)
+         {
+            return NULL;  
+         }
+         else
+         {
+            string_append(&result, html_encoded_prefix);
+            free(html_encoded_prefix);
+         }
+         string_append(&result, d->name);
+         string_append(&result, "\">");
+         string_append(&result, d->description);
+         string_append(&result, "</a></li>");
+      }
+   }
+
+   return result;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  dump_map
+ *
+ * Description :  HTML-dump a map for debugging (as table)
+ *
+ * Parameters  :
+ *          1  :  the_map = map to dump
+ *
+ * Returns     :  string with HTML
+ *
+ *********************************************************************/
+char *dump_map(const struct map *the_map)
+{
+   struct map_entry *cur_entry;
+   char *ret = strdup("");
+
+   string_append(&ret, "<table>\n");
+
+   for (cur_entry = the_map->first;
+        (cur_entry != NULL) && (ret != NULL);
+        cur_entry = cur_entry->next)
+   {
+      string_append(&ret, "<tr><td><b>");
+      string_join  (&ret, html_encode(cur_entry->name));
+      string_append(&ret, "</b></td><td>");
+      string_join  (&ret, html_encode(cur_entry->value));
+      string_append(&ret, "</td></tr>\n");
+   }
+
+   string_append(&ret, "</table>\n");
+   return ret;
+}
+
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/cgi.h b/external/privoxy/cgi.h
new file mode 100644
index 0000000..6228b32
--- /dev/null
+++ b/external/privoxy/cgi.h
@@ -0,0 +1,289 @@
+#ifndef CGI_H_INCLUDED
+#define CGI_H_INCLUDED
+#define CGI_H_VERSION "$Id: cgi.h,v 1.35 2008/05/21 15:24:37 fabiankeil Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/cgi.h,v $
+ *
+ * Purpose     :  Declares functions to intercept request, generate
+ *                html or gif answers, and to compose HTTP resonses.
+ *                
+ *                Functions declared include:
+ * 
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2007 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: cgi.h,v $
+ *    Revision 1.35  2008/05/21 15:24:37  fabiankeil
+ *    Mark csp as immutable for a bunch of functions.
+ *
+ *    Revision 1.34  2008/04/17 14:40:48  fabiankeil
+ *    Provide get_http_time() with the buffer size so it doesn't
+ *    have to blindly assume that the buffer is big enough.
+ *
+ *    Revision 1.33  2007/01/28 13:41:17  fabiankeil
+ *    - Add HEAD support to finish_http_response.
+ *    - Add error favicon to internal HTML error messages.
+ *
+ *    Revision 1.32  2006/12/17 17:53:39  fabiankeil
+ *    Suppress the toggle link if remote toggling is disabled.
+ *
+ *    Revision 1.31  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.29.2.2  2004/02/17 13:30:23  oes
+ *    Moved cgi_error_disabled() from cgiedit.c to
+ *    cgi.c to re-enable build with --disable-editor.
+ *    Fixes Bug #892744. Thanks to Matthew Fischer
+ *    for spotting.
+ *
+ *    Revision 1.29.2.1  2003/12/17 16:33:28  oes
+ *    Added prototype of new function cgi_redirect
+ *
+ *    Revision 1.29  2002/05/19 11:33:21  jongfoster
+ *    If a CGI error was not handled, and propogated back to
+ *    dispatch_known_cgi(), then it was assumed to be "out of memory".
+ *    This gave a very misleading error message.
+ *
+ *    Now other errors will cause a simple message giving the error
+ *    number and asking the user to report a bug.
+ *
+ *    Bug report:
+ *    http://sourceforge.net/tracker/index.php?func=detail
+ *    &aid=557905&group_id=11118&atid=111118
+ *
+ *    Revision 1.28  2002/04/26 12:54:03  oes
+ *    New function add_help_link
+ *
+ *    Revision 1.27  2002/04/24 02:16:51  oes
+ *    Moved get_char_param, get_string_param and get_number_param here from cgiedit.c
+ *
+ *    Revision 1.26  2002/04/10 13:38:35  oes
+ *    load_template signature changed
+ *
+ *    Revision 1.25  2002/04/08 20:50:25  swa
+ *    fixed JB spelling
+ *
+ *    Revision 1.24  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.23  2002/03/24 16:18:15  jongfoster
+ *    Removing old logo
+ *
+ *    Revision 1.22  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.21  2002/03/07 03:48:38  oes
+ *     - Changed built-in images from GIF to PNG
+ *       (with regard to Unisys patent issue)
+ *     - Added a 4x4 pattern PNG which is less intrusive
+ *       than the logo but also clearly marks the deleted banners
+ *
+ *    Revision 1.20  2002/03/04 17:53:22  oes
+ *    Fixed compiled warning
+ *
+ *    Revision 1.19  2002/01/21 00:33:52  jongfoster
+ *    Adding map_block_keep() to save a few bytes in the edit-actions-list HTML.
+ *
+ *    Revision 1.18  2001/11/16 00:46:31  jongfoster
+ *    Fixing compiler warnings
+ *
+ *    Revision 1.17  2001/10/23 21:48:19  jongfoster
+ *    Cleaning up error handling in CGI functions - they now send back
+ *    a HTML error page and should never cause a FATAL error.  (Fixes one
+ *    potential source of "denial of service" attacks).
+ *
+ *    CGI actions file editor that works and is actually useful.
+ *
+ *    Ability to toggle Junkbuster remotely using a CGI call.
+ *
+ *    You can turn off both the above features in the main configuration
+ *    file, e.g. if you are running a multi-user proxy.
+ *
+ *    Revision 1.16  2001/09/16 17:08:54  jongfoster
+ *    Moving simple CGI functions from cgi.c to new file cgisimple.c
+ *
+ *    Revision 1.15  2001/09/16 15:02:35  jongfoster
+ *    Adding i.j.b/robots.txt.
+ *    Inlining add_stats() since it's only ever called from one place.
+ *
+ *    Revision 1.14  2001/09/16 11:38:02  jongfoster
+ *    Splitting fill_template() into 2 functions:
+ *    template_load() loads the file
+ *    template_fill() performs the PCRS regexps.
+ *    This is because the CGI edit interface has a "table row"
+ *    template which is used many times in the page - this
+ *    change means it's only loaded from disk once.
+ *
+ *    Revision 1.13  2001/09/16 11:00:10  jongfoster
+ *    New function alloc_http_response, for symmetry with free_http_response
+ *
+ *    Revision 1.12  2001/09/13 23:31:25  jongfoster
+ *    Moving image data to cgi.c rather than cgi.h.
+ *
+ *    Revision 1.11  2001/08/05 16:06:20  jongfoster
+ *    Modifiying "struct map" so that there are now separate header and
+ *    "map_entry" structures.  This means that functions which modify a
+ *    map no longer need to return a pointer to the modified map.
+ *    Also, it no longer reverses the order of the entries (which may be
+ *    important with some advanced template substitutions).
+ *
+ *    Revision 1.10  2001/08/01 21:19:22  jongfoster
+ *    Moving file version information to a separate CGI page.
+ *
+ *    Revision 1.9  2001/08/01 00:17:54  jongfoster
+ *    Adding prototype for map_conditional
+ *
+ *    Revision 1.8  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.7  2001/07/29 18:43:08  jongfoster
+ *    Changing #ifdef _FILENAME_H to FILENAME_H_INCLUDED, to conform to
+ *    ANSI C rules.
+ *
+ *    Revision 1.6  2001/06/29 21:45:41  oes
+ *    Indentation, CRLF->LF, Tab-> Space
+ *
+ *    Revision 1.5  2001/06/29 13:22:44  oes
+ *    - Cleaned up
+ *    - Added new functions: default_exports(), make_menu(),
+ *      error_response() etc, ranamed others and changed
+ *      param and return types.
+ *    - Removed HTTP/HTML snipplets
+ *    - Removed logentry from cancelled commit
+ *
+ *    Revision 1.4  2001/06/09 10:50:58  jongfoster
+ *    Changing "show URL info" handler to new style.
+ *    Adding "extern" to some function prototypes.
+ *
+ *    Revision 1.3  2001/06/03 19:12:16  oes
+ *    introduced new cgi handling
+ *
+ *    No revisions before 1.3
+ *
+ **********************************************************************/
+
+
+#include "project.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * Main dispatch function
+ */
+extern struct http_response *dispatch_cgi(struct client_state *csp);
+
+/* Not exactly a CGI */
+extern struct http_response * error_response(struct client_state *csp,
+                                             const char *templatename,
+                                             int err);
+
+/*
+ * CGI support functions
+ */
+extern struct http_response * alloc_http_response(void);
+extern void free_http_response(struct http_response *rsp);
+
+extern struct http_response *finish_http_response(const struct client_state *csp,
+                                                  struct http_response *rsp);
+
+extern struct map * default_exports(const struct client_state *csp, const char *caller);
+
+extern jb_err map_block_killer (struct map *exports, const char *name);
+extern jb_err map_block_keep   (struct map *exports, const char *name);
+extern jb_err map_conditional  (struct map *exports, const char *name, int choose_first);
+
+extern jb_err template_load(const struct client_state *csp, char ** template_ptr, 
+                            const char *templatename, int recursive);
+extern jb_err template_fill(char ** template_ptr, const struct map *exports);
+extern jb_err template_fill_for_cgi(const struct client_state *csp,
+                                    const char *templatename,
+                                    struct map *exports,
+                                    struct http_response *rsp);
+
+extern void cgi_init_error_messages(void);
+extern struct http_response *cgi_error_memory(void);
+extern jb_err cgi_redirect (struct http_response * rsp, const char *target);
+
+extern jb_err cgi_error_no_template(const struct client_state *csp,
+                                    struct http_response *rsp,
+                                    const char *template_name);
+extern jb_err cgi_error_bad_param(const struct client_state *csp,
+                                  struct http_response *rsp);
+extern jb_err cgi_error_disabled(const struct client_state *csp,
+                                 struct http_response *rsp);
+extern jb_err cgi_error_unknown(const struct client_state *csp,
+                         struct http_response *rsp,
+                         jb_err error_to_report);
+
+extern jb_err get_number_param(struct client_state *csp,
+                               const struct map *parameters,
+                               char *name,
+                               unsigned *pvalue);
+extern jb_err get_string_param(const struct map *parameters,
+                               const char *param_name,
+                               const char **pparam);
+extern char   get_char_param(const struct map *parameters,
+                             const char *param_name);
+
+/*
+ * Text generators
+ */
+extern void get_http_time(int time_offset, char *buf, size_t buffer_size);
+extern char *add_help_link(const char *item, struct configuration_spec *config);
+extern char *make_menu(const char *self, const unsigned feature_flags);
+extern char *dump_map(const struct map *the_map);
+
+/*
+ * Ad replacement images
+ */
+extern const char image_pattern_data[];
+extern const size_t  image_pattern_length;
+extern const char image_blank_data[];
+extern const size_t  image_blank_length;
+
+/* Revision control strings from this header and associated .c file */
+extern const char cgi_rcs[];
+extern const char cgi_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef CGI_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/cgiedit.c b/external/privoxy/cgiedit.c
new file mode 100644
index 0000000..6fca21f
--- /dev/null
+++ b/external/privoxy/cgiedit.c
@@ -0,0 +1,4924 @@
+const char cgiedit_rcs[] = "$Id: cgiedit.c,v 1.65 2009/03/08 14:19:22 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/cgiedit.c,v $
+ *
+ * Purpose     :  CGI-based actionsfile editor.
+ *
+ *                Functions declared include: cgi_edit_*
+ *
+ *                NOTE: The CGIs in this file use parameter names
+ *                such as "f" and "s" which are really *BAD* choices.
+ *                However, I'm trying to save bytes in the
+ *                edit-actions-list HTML page - the standard actions
+ *                file generated a 550kbyte page, which is ridiculous.
+ *
+ *                Stick to the short names in this file for consistency.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2008 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: cgiedit.c,v $
+ *    Revision 1.65  2009/03/08 14:19:22  fabiankeil
+ *    Fix justified (but harmless) compiler warnings
+ *    on platforms where sizeof(int) < sizeof(long).
+ *
+ *    Revision 1.64  2009/03/01 18:43:09  fabiankeil
+ *    Fix cparser warnings.
+ *
+ *    Revision 1.63  2008/12/04 18:15:38  fabiankeil
+ *    Fix some cparser warnings.
+ *
+ *    Revision 1.62  2008/08/31 15:59:02  fabiankeil
+ *    There's no reason to let remote toggling support depend
+ *    on FEATURE_CGI_EDIT_ACTIONS, so make sure it doesn't.
+ *
+ *    Revision 1.61  2008/03/24 18:12:52  fabiankeil
+ *    Use sizeof() more often.
+ *
+ *    Revision 1.60  2008/03/15 14:52:35  fabiankeil
+ *    Add CGI editor support for the "disable all filters of this type"
+ *    directives "-client-header-filter", "-server-header-filter",
+ *    "-client-header-tagger" and "-server-header-tagger".
+ *
+ *    Revision 1.59  2008/03/08 16:25:56  fabiankeil
+ *    After three file modification time mismatches, turn the CGI editor off.
+ *
+ *    Revision 1.58  2007/11/28 17:57:01  fabiankeil
+ *    Fix double free in cgi_edit_actions_list().
+ *    Reported by adlab in BR#1840145.
+ *
+ *    Revision 1.57  2007/10/27 13:32:23  fabiankeil
+ *    Plug minor 5-year-old memory leak. Spotted by
+ *    Valgrind and triggered by Privoxy-Regression-Test.
+ *
+ *    Revision 1.56  2007/08/05 13:47:03  fabiankeil
+ *    #1763173 from Stefan Huehner: s at const static at static const at .
+ *
+ *    Revision 1.55  2007/05/31 11:50:20  fabiankeil
+ *    Re-enable support for old-school URLs like
+ *    http://config.privoxy.org/edit-actions-list?f=default
+ *    in the action editor.
+ *
+ *    They are no longer used by the CGI pages, but make it easier
+ *    to reach the editor directly, without knowing the requested
+ *    file's index in csp->config->actions_file[].
+ *
+ *    Revision 1.54  2007/05/14 10:33:51  fabiankeil
+ *    - Use strlcpy() and strlcat() instead of strcpy() and strcat().
+ *
+ *    Revision 1.53  2007/04/15 16:39:20  fabiankeil
+ *    Introduce tags as alternative way to specify which
+ *    actions apply to a request. At the moment tags can be
+ *    created based on client and server headers.
+ *
+ *    Revision 1.52  2007/04/12 10:41:23  fabiankeil
+ *    - Don't mistake VC++'s _snprintf() for a snprintf() replacement.
+ *    - Move some cgi_edit_actions_for_url() variables into structs.
+ *    - Remove bogus comment.
+ *
+ *    Revision 1.51  2007/04/08 13:21:05  fabiankeil
+ *    Reference action files in CGI URLs by id instead
+ *    of using the first part of the file name.
+ *    Fixes BR 1694250 and BR 1590556.
+ *
+ *    Revision 1.50  2007/03/29 11:40:34  fabiankeil
+ *    Divide @filter-params@ into @client-header-filter-params@
+ *    @content-filter-params@ and @server-header-filter-params at .
+ *
+ *    Revision 1.49  2007/03/20 15:16:34  fabiankeil
+ *    Use dedicated header filter actions instead of abusing "filter".
+ *    Replace "filter-client-headers" and "filter-client-headers"
+ *    with "server-header-filter" and "client-header-filter".
+ *
+ *    Revision 1.48  2007/02/13 14:35:25  fabiankeil
+ *    Replace hash escaping code to prevent
+ *    crashes, memory and file corruption.
+ *
+ *    Revision 1.47  2006/12/28 18:04:25  fabiankeil
+ *    Fixed gcc43 conversion warnings.
+ *
+ *    Revision 1.46  2006/12/27 18:44:52  fabiankeil
+ *    Stop shadowing string.h's index().
+ *
+ *    Revision 1.45  2006/12/21 12:57:48  fabiankeil
+ *    Add config option "split-large-forms"
+ *    to work around the browser bug reported
+ *    in BR #1570678.
+ *
+ *    Revision 1.44  2006/12/09 13:49:16  fabiankeil
+ *    Fix configure option --disable-toggle.
+ *    Thanks to Peter Thoenen for reporting this.
+ *
+ *    Revision 1.43  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.41.2.12  2006/01/30 15:16:25  david__schmidt
+ *    Remove a little residual debugging info
+ *
+ *    Revision 1.41.2.11  2006/01/29 23:10:56  david__schmidt
+ *    Multiple filter file support
+ *
+ *    Revision 1.41.2.10  2005/07/04 03:13:43  david__schmidt
+ *    Undo some damaging memory leak patches
+ *
+ *    Revision 1.41.2.9  2005/07/04 00:31:04  david__schmidt
+ *    Removing a double free
+ *
+ *    Revision 1.41.2.8  2005/05/07 21:50:54  david__schmidt
+ *    A few memory leaks plugged (mostly on error paths)
+ *
+ *    Revision 1.41.2.7  2004/02/17 13:30:23  oes
+ *    Moved cgi_error_disabled() from cgiedit.c to
+ *    cgi.c to re-enable build with --disable-editor.
+ *    Fixes Bug #892744. Thanks to Matthew Fischer
+ *    for spotting.
+ *
+ *    Revision 1.41.2.6  2003/12/18 08:13:48  oes
+ *    One line lost in last commit
+ *
+ *    Revision 1.41.2.5  2003/12/17 16:33:47  oes
+ *     - All edit functions that redirect back to the list page
+ *       now use cgi_redirect
+ *     - All redirects now contain useless parameter "foo", whose
+ *       value are raw seconds since epoch, in order to force
+ *       Opera and Konqueror to properly reload the list. Closes
+ *       bug #859993
+ *
+ *    Revision 1.41.2.4  2003/03/11 11:53:59  oes
+ *    Cosmetic: Renamed cryptic variable
+ *
+ *    Revision 1.41.2.3  2002/11/12 15:01:41  oes
+ *    Fix: Don't free uninitialized struct editable_file
+ *
+ *    Revision 1.41.2.2  2002/08/05 20:02:59  oes
+ *    Bugfix: "Insert new section at top" did not work properly if first non-comment line in file was of type FILE_LINE_ACTION
+ *
+ *    Revision 1.41.2.1  2002/08/02 12:43:14  oes
+ *    Fixed bug #588514: first_time now set on a per-string basis in actions_from_radio; javascriptify now called on copies
+ *
+ *    Revision 1.41  2002/05/21 19:09:45  oes
+ *     - Made Add/Edit/Remove URL Submit and Cancel
+ *       buttons jump back to relevant section in eal
+ *     - Bugfix: remove-url-form needs p export
+ *
+ *    Revision 1.40  2002/05/19 11:34:35  jongfoster
+ *    Handling read-only actions files better - report the actual
+ *    error, not "Out of memory"!
+ *
+ *    Bug report:
+ *    http://sourceforge.net/tracker/index.php?func=detail
+ *    &aid=557905&group_id=11118&atid=111118
+ *
+ *    Revision 1.39  2002/05/12 21:39:15  jongfoster
+ *    - Adding Doxygen-style comments to structures and #defines.
+ *    - Correcting function comments
+ *
+ *    Revision 1.38  2002/05/03 23:00:38  jongfoster
+ *    Support for templates for "standard actions" buttons.
+ *    See bug #549871
+ *
+ *    Revision 1.37  2002/04/30 11:14:52  oes
+ *    Made csp the first parameter in *action_to_html
+ *
+ *    Revision 1.36  2002/04/26 21:53:30  jongfoster
+ *    Fixing a memory leak.  (Near, but not caused by, my earlier commit).
+ *
+ *    Revision 1.35  2002/04/26 21:50:02  jongfoster
+ *    Honouring default exports in edit-actions-for-url-filter template.
+ *
+ *    Revision 1.34  2002/04/26 12:54:17  oes
+ *    Adaptions to changes in actions.c
+ *
+ *    Revision 1.33  2002/04/24 02:17:47  oes
+ *     - Moved get_char_param, get_string_param and get_number_param to cgi.c
+ *     - Comments
+ *     - Activated Jon's code for editing multiple AFs
+ *     - cgi_edit_list_actions now provides context-sensitive
+ *       help, looks up all action sets from standard.action and
+ *       makes buttons for them in the catchall section
+ *     - cgi_edit_action_submit now honors a p parameter, looks up
+ *       the corresponding action set, and sets the catchall pattern's
+ *       actions accordingly.
+ *
+ *    Revision 1.32  2002/04/19 16:55:31  jongfoster
+ *    Fixing newline problems.  If we do our own text file newline
+ *    mangling, we don't want the library to do any, so we need to
+ *    open the files in *binary* mode.
+ *
+ *    Revision 1.31  2002/04/18 19:21:08  jongfoster
+ *    Added code to detect "conventional" action files, that start
+ *    with a set of actions for all URLs (the pattern "/").
+ *    These are special-cased in the "edit-actions-list" CGI, so
+ *    that a special UI can be written for them.
+ *
+ *    Revision 1.30  2002/04/10 13:38:35  oes
+ *    load_template signature changed
+ *
+ *    Revision 1.29  2002/04/08 16:59:08  oes
+ *    Fixed comment
+ *
+ *    Revision 1.28  2002/03/27 12:30:29  oes
+ *    Deleted unsused variable
+ *
+ *    Revision 1.27  2002/03/26 23:06:04  jongfoster
+ *    Removing duplicate @ifs on the toggle page
+ *
+ *    Revision 1.26  2002/03/26 22:59:17  jongfoster
+ *    Fixing /toggle to display status consistently.
+ *
+ *    Revision 1.25  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.24  2002/03/24 15:23:33  jongfoster
+ *    Name changes
+ *
+ *    Revision 1.23  2002/03/24 13:32:41  swa
+ *    name change related issues
+ *
+ *    Revision 1.22  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.21  2002/03/22 18:02:48  jongfoster
+ *    Fixing remote toggle
+ *
+ *    Revision 1.20  2002/03/16 20:28:34  oes
+ *    Added descriptions to the filters so users will know what they select in the cgi editor
+ *
+ *    Revision 1.19  2002/03/16 18:38:14  jongfoster
+ *    Stopping stupid or malicious users from breaking the actions
+ *    file using the web-based editor.
+ *
+ *    Revision 1.18  2002/03/16 14:57:44  jongfoster
+ *    Full support for enabling/disabling modular filters.
+ *
+ *    Revision 1.17  2002/03/16 14:26:42  jongfoster
+ *    First version of modular filters support - READ ONLY!
+ *    Fixing a double-free bug in the out-of-memory handling in map_radio().
+ *
+ *    Revision 1.16  2002/03/07 03:46:17  oes
+ *    Fixed compiler warnings
+ *
+ *    Revision 1.15  2002/03/06 22:54:35  jongfoster
+ *    Automated function-comment nitpicking.
+ *
+ *    Revision 1.14  2002/03/05 00:24:51  jongfoster
+ *    Patch to always edit the current actions file.
+ *
+ *    Revision 1.13  2002/03/04 02:07:59  david__schmidt
+ *    Enable web editing of actions file on OS/2 (it had been broken all this time!)
+ *
+ *    Revision 1.12  2002/03/03 09:18:03  joergs
+ *    Made jumbjuster work on AmigaOS again.
+ *
+ *    Revision 1.11  2002/01/23 01:03:31  jongfoster
+ *    Fixing gcc [CygWin] compiler warnings
+ *
+ *    Revision 1.10  2002/01/23 00:22:59  jongfoster
+ *    Adding new function cgi_edit_actions_section_swap(), to reorder
+ *    the actions file.
+ *
+ *    Adding get_url_spec_param() to get a validated URL pattern.
+ *
+ *    Moving edit_read_line() out of this file and into loaders.c.
+ *
+ *    Adding missing html_encode() to many CGI functions.
+ *
+ *    Moving the functions that #include actionlist.h to the end of the file,
+ *    because the Visual C++ 97 debugger gets extremely confused if you try
+ *    to debug any code that comes after them in the file.
+ *
+ *    Major optimizations in cgi_edit_actions_list() to reduce the size of
+ *    the generated HTML (down 40% from 550k to 304k), with major side-effects
+ *    throughout the editor and templates.  In particular, the length of the
+ *    URLs throughout the editor has been drastically reduced, by cutting
+ *    paramater names down to 1 character and CGI names down to 3-4
+ *    characters, by removing all non-essential CGI paramaters even at the
+ *    expense of having to re-read the actions file for the most trivial
+ *    page, and by using relative rather than absolute URLs.  This means
+ *    that this (typical example):
+ *
+ *    <a href="http://ijbswa.sourceforge.net/config/edit-actions-url-form?
+ *    filename=ijb&ver=1011487572&section=12&pattern=13
+ *    &oldval=www.oesterhelt.org%2Fdeanimate-demo">
+ *
+ *    is now this:
+ *
+ *    <a href="eau?f=ijb&v=1011487572&p=13">
+ *
+ *    Revision 1.9  2002/01/17 20:56:22  jongfoster
+ *    Replacing hard references to the URL of the config interface
+ *    with #defines from project.h
+ *
+ *    Revision 1.8  2001/11/30 23:35:51  jongfoster
+ *    Renaming actionsfile to ijb.action
+ *
+ *    Revision 1.7  2001/11/13 00:28:24  jongfoster
+ *    - Renaming parameters from edit-actions-for-url so that they only
+ *      contain legal JavaScript characters.  If we wanted to write
+ *      JavaScript that worked with Netscape 4, this is nessacery.
+ *      (Note that at the moment the JavaScript doesn't actually work
+ *      with Netscape 4, but now this is purely a template issue, not
+ *      one affecting code).
+ *    - Adding new CGIs for use by non-JavaScript browsers:
+ *        edit-actions-url-form
+ *        edit-actions-add-url-form
+ *        edit-actions-remove-url-form
+ *    - Fixing || bug.
+ *
+ *    Revision 1.6  2001/10/29 03:48:09  david__schmidt
+ *    OS/2 native needed a snprintf() routine.  Added one to miscutil, brackedted
+ *    by and __OS2__ ifdef.
+ *
+ *    Revision 1.5  2001/10/25 03:40:48  david__schmidt
+ *    Change in porting tactics: OS/2's EMX porting layer doesn't allow multiple
+ *    threads to call select() simultaneously.  So, it's time to do a real, live,
+ *    native OS/2 port.  See defines for __EMX__ (the porting layer) vs. __OS2__
+ *    (native). Both versions will work, but using __OS2__ offers multi-threading.
+ *
+ *    Revision 1.4  2001/10/23 21:48:19  jongfoster
+ *    Cleaning up error handling in CGI functions - they now send back
+ *    a HTML error page and should never cause a FATAL error.  (Fixes one
+ *    potential source of "denial of service" attacks).
+ *
+ *    CGI actions file editor that works and is actually useful.
+ *
+ *    Ability to toggle JunkBuster remotely using a CGI call.
+ *
+ *    You can turn off both the above features in the main configuration
+ *    file, e.g. if you are running a multi-user proxy.
+ *
+ *    Revision 1.3  2001/10/14 22:12:49  jongfoster
+ *    New version of CGI-based actionsfile editor.
+ *    Major changes, including:
+ *    - Completely new file parser and file output routines
+ *    - edit-actions CGI renamed edit-actions-for-url
+ *    - All CGIs now need a filename parameter, except for...
+ *    - New CGI edit-actions which doesn't need a filename,
+ *      to allow you to start the editor up.
+ *    - edit-actions-submit now works, and now automatically
+ *      redirects you back to the main edit-actions-list handler.
+ *
+ *    Revision 1.2  2001/09/16 17:05:14  jongfoster
+ *    Removing unused #include showarg.h
+ *
+ *    Revision 1.1  2001/09/16 15:47:37  jongfoster
+ *    First version of CGI-based edit interface.  This is very much a
+ *    work-in-progress, and you can't actually use it to edit anything
+ *    yet.  You must #define FEATURE_CGI_EDIT_ACTIONS for these changes
+ *    to have any effect.
+ *
+ *
+ **********************************************************************/
+
+
+#include "config.h"
+
+/*
+ * FIXME: Following includes copied from cgi.c - which are actually needed?
+ */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <ctype.h>
+#include <string.h>
+#include <assert.h>
+#include <sys/stat.h>
+
+#include "project.h"
+#include "cgi.h"
+#include "cgiedit.h"
+#include "cgisimple.h"
+#include "list.h"
+#include "encode.h"
+#include "actions.h"
+#include "miscutil.h"
+#include "errlog.h"
+#include "loaders.h"
+#ifdef FEATURE_TOGGLE
+/* loadcfg.h is for global_toggle_state only */
+#include "loadcfg.h"
+#endif /* def FEATURE_TOGGLE */
+#include "urlmatch.h"
+
+const char cgiedit_h_rcs[] = CGIEDIT_H_VERSION;
+
+
+#ifdef FEATURE_CGI_EDIT_ACTIONS
+
+/**
+ * A line in an editable_file.
+ */
+struct file_line
+{
+   /** Next entry in the linked list */
+   struct file_line * next;
+   
+   /** The raw data, to write out if this line is unmodified. */
+   char * raw;
+   
+   /** Comments and/or whitespace to put before this line if it's modified
+       and then written out. */
+   char * prefix;
+
+   /** The actual data, as a string.  Line continuation and comment removal
+       are performed on the data read from file before it's stored here, so
+       it will be a single line of data.  */
+   char * unprocessed;
+   
+   /** The type of data on this line.  One of the FILE_LINE_xxx constants. */
+   int type;
+
+   /** The actual data, processed into some sensible data type. */
+   union
+   {
+
+      /** An action specification. */
+      struct action_spec action[1];
+
+      /** A name=value pair. */
+      struct
+      {
+
+         /** The name in the name=value pair. */
+         char * name;
+
+         /** The value in the name=value pair, as a string. */
+         char * svalue;
+
+         /** The value in the name=value pair, as an integer. */
+         int ivalue;
+
+      } setting;
+
+      /* Add more data types here... e.g.
+
+
+      struct url_spec url[1];
+
+      struct
+      {
+         struct action_spec action[1];
+         const char * name;
+      } alias;
+
+      */
+
+   } data;
+
+};
+
+/** This file_line has not been processed yet. */
+#define FILE_LINE_UNPROCESSED           1
+
+/** This file_line is blank. Can only appear at the end of a file, due to
+    the way the parser works. */
+#define FILE_LINE_BLANK                 2
+
+/** This file_line says {{alias}}. */
+#define FILE_LINE_ALIAS_HEADER          3
+
+/** This file_line defines an alias. */
+#define FILE_LINE_ALIAS_ENTRY           4
+
+/** This file_line defines an {action}. */
+#define FILE_LINE_ACTION                5
+
+/** This file_line specifies a URL pattern. */
+#define FILE_LINE_URL                   6
+
+/** This file_line says {{settings}}. */
+#define FILE_LINE_SETTINGS_HEADER       7
+
+/** This file_line is in a {{settings}} block. */
+#define FILE_LINE_SETTINGS_ENTRY        8
+
+/** This file_line says {{description}}. */
+#define FILE_LINE_DESCRIPTION_HEADER    9
+
+/** This file_line is in a {{description}} block. */
+#define FILE_LINE_DESCRIPTION_ENTRY    10
+
+/*
+ * Number of file modification time mismatches
+ * before the CGI editor gets turned off.
+ */
+#define ACCEPTABLE_TIMESTAMP_MISMATCHES 3
+
+/**
+ * A configuration file, in a format that can be edited and written back to
+ * disk.
+ */
+struct editable_file
+{
+   struct file_line * lines;  /**< The contents of the file.  A linked list of lines. */
+   const char * filename;     /**< Full pathname - e.g. "/etc/privoxy/wibble.action". */
+   unsigned identifier;       /**< The file name's position in csp->config->actions_file[]. */
+   const char * version_str;  /**< Last modification time, as a string.  For CGI param. */
+                              /**< Can be used in URL without using url_param(). */
+   unsigned version;          /**< Last modification time - prevents chaos with
+                                   the browser's "back" button.  Note that this is a
+                                   time_t cast to an unsigned.  When comparing, always
+                                   cast the time_t to an unsigned, and *NOT* vice-versa.
+                                   This may lose the top few bits, but they're not
+                                   significant anyway. */
+   int newline;               /**< Newline convention - one of the NEWLINE_xxx constants.
+                                   Note that changing this after the file has been
+                                   read in will cause a mess. */
+   struct file_line * parse_error; /**< On parse error, this is the offending line. */
+   const char * parse_error_text;  /**< On parse error, this is the problem.
+                                        (Statically allocated) */
+};
+
+/**
+ * Information about the filter types.
+ * Used for macro replacement in cgi_edit_actions_for_url.
+ */
+struct filter_type_info
+{
+   const int multi_action_index; /**< The multi action index as defined in project.h */
+   const char *macro_name;       /**< Name of the macro that has to be replaced
+                                      with the prepared templates.
+                                      For example "content-filter-params" */
+   const char *type;             /**< Name of the filter type,
+                                      for example "server-header-filter". */
+   /* XXX: check if these two can be combined. */
+   const char *disable_all_option; /**< Name of the catch-all radio option that has
+                                        to be checked or unchecked for this filter type. */
+   const char *disable_all_param;  /**< Name of the parameter that causes all filters of
+                                        this type to be disabled. */
+   const char *abbr_type;        /**< Abbreviation of the filter type, usually the
+                                      first or second character capitalized */
+   const char *anchor;           /**< Anchor for the User Manual link,
+                                      for example "SERVER-HEADER-FILTER"  */
+};
+
+/* Accessed by index, keep the order in the way the FT_ macros are defined. */
+static const struct filter_type_info filter_type_info[] =
+{
+   {
+      ACTION_MULTI_FILTER,
+      "content-filter-params", "filter",
+      "filter-all", "filter_all",
+      "F", "FILTER"
+   },
+   {
+      ACTION_MULTI_CLIENT_HEADER_FILTER,
+      "client-header-filter-params", "client-header-filter",
+      "client-header-filter-all", "client_header_filter_all",
+      "C", "CLIENT-HEADER-FILTER"
+   },
+   {
+      ACTION_MULTI_SERVER_HEADER_FILTER,
+      "server-header-filter-params", "server-header-filter",
+      "server-header-filter-all", "server_header_filter_all",
+      "S", "SERVER-HEADER-FILTER"
+   },
+   {
+      ACTION_MULTI_CLIENT_HEADER_TAGGER,
+      "client-header-tagger-params", "client-header-tagger",
+      "client-header-tagger-all", "client_header_tagger_all",
+      "L", "CLIENT-HEADER-TAGGER"
+   },
+   {
+      ACTION_MULTI_SERVER_HEADER_TAGGER,
+      "server-header-tagger-params", "server-header-tagger",
+      "server-header-tagger-all", "server_header_tagger_all",
+      "E", "SERVER-HEADER-TAGGER"
+   },
+};
+
+/* FIXME: Following non-static functions should be prototyped in .h or made static */
+
+/* Functions to read and write arbitrary config files */
+jb_err edit_read_file(struct client_state *csp,
+                      const struct map *parameters,
+                      int require_version,
+                      struct editable_file **pfile);
+jb_err edit_write_file(struct editable_file * file);
+void   edit_free_file(struct editable_file * file);
+
+/* Functions to read and write actions files */
+jb_err edit_parse_actions_file(struct editable_file * file);
+jb_err edit_read_actions_file(struct client_state *csp,
+                              struct http_response *rsp,
+                              const struct map *parameters,
+                              int require_version,
+                              struct editable_file **pfile);
+
+/* Error handlers */
+jb_err cgi_error_modified(struct client_state *csp,
+                          struct http_response *rsp,
+                          const char *filename);
+jb_err cgi_error_parse(struct client_state *csp,
+                       struct http_response *rsp,
+                       struct editable_file *file);
+jb_err cgi_error_file(struct client_state *csp,
+                      struct http_response *rsp,
+                      const char *filename);
+jb_err cgi_error_file_read_only(struct client_state *csp,
+                                struct http_response *rsp,
+                                const char *filename);
+
+/* Internal arbitrary config file support functions */
+static jb_err edit_read_file_lines(FILE *fp, struct file_line ** pfile, int *newline);
+static void edit_free_file_lines(struct file_line * first_line);
+
+/* Internal actions file support functions */
+static int match_actions_file_header_line(const char * line, const char * name);
+static jb_err split_line_on_equals(const char * line, char ** pname, char ** pvalue);
+
+/* Internal parameter parsing functions */
+static jb_err get_url_spec_param(struct client_state *csp,
+                                 const struct map *parameters,
+                                 const char *name,
+                                 char **pvalue);
+
+
+/* Internal actionsfile <==> HTML conversion functions */
+static jb_err map_radio(struct map * exports,
+                        const char * optionname,
+                        const char * values,
+                        int value);
+static jb_err actions_to_radio(struct map * exports,
+                               const struct action_spec *action);
+static jb_err actions_from_radio(const struct map * parameters,
+                                 struct action_spec *action);
+
+
+static jb_err map_copy_parameter_html(struct map *out,
+                                      const struct map *in,
+                                      const char *name);
+#if 0 /* unused function */
+static jb_err map_copy_parameter_url(struct map *out,
+                                     const struct map *in,
+                                     const char *name);
+#endif /* unused function */
+
+static jb_err get_file_name_param(struct client_state *csp, 	 
+	                                   const struct map *parameters, 	 
+	                                   const char *param_name, 	 
+	                                   const char **pfilename);
+
+/* Internal convenience functions */
+static char *section_target(const unsigned sectionid);
+
+/*********************************************************************
+ *
+ * Function    :  section_target
+ *
+ * Description :  Given an unsigned (section id) n, produce a dynamically
+ *                allocated string of the form #l<n>, for use in link
+ *                targets.
+ *
+ *                XXX: The hash should be moved into the templates
+ *                to make this function more generic and render
+ *                stringify() obsolete.
+ *
+ * Parameters  :
+ *          1  :  sectionid = start line number of section
+ *
+ * Returns     :  String with link target, or NULL if out of
+ *                memory
+ *
+ *********************************************************************/
+static char *section_target(const unsigned sectionid)
+{
+   char buf[30];
+
+   snprintf(buf, sizeof(buf), "#l%d", sectionid);
+   return(strdup(buf));
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  stringify
+ *
+ * Description :  Convert a number into a dynamically allocated string.
+ *
+ * Parameters  :
+ *          1  :  number = The number to convert.
+ *
+ * Returns     :  String with link target, or NULL if out of memory
+ *
+ *********************************************************************/
+static char *stringify(const unsigned number)
+{
+   char buf[6];
+
+   snprintf(buf, sizeof(buf), "%i", number);
+   return strdup(buf);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  map_copy_parameter_html
+ *
+ * Description :  Copy a CGI parameter from one map to another, HTML
+ *                encoding it.
+ *
+ * Parameters  :
+ *          1  :  out = target map
+ *          2  :  in = source map
+ *          3  :  name = name of cgi parameter to copy
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_CGI_PARAMS if the parameter doesn't exist
+ *                                  in the source map
+ *
+ *********************************************************************/
+static jb_err map_copy_parameter_html(struct map *out,
+                                      const struct map *in,
+                                      const char *name)
+{
+   const char * value;
+   jb_err err;
+
+   assert(out);
+   assert(in);
+   assert(name);
+
+   value = lookup(in, name);
+   err = map(out, name, 1, html_encode(value), 0);
+
+   if (err)
+   {
+      /* Out of memory */
+      return err;
+   }
+   else if (*value == '\0')
+   {
+      return JB_ERR_CGI_PARAMS;
+   }
+   else
+   {
+      return JB_ERR_OK;
+   }
+}
+
+
+#if 0 /* unused function */
+/*********************************************************************
+ *
+ * Function    :  map_copy_parameter_url
+ *
+ * Description :  Copy a CGI parameter from one map to another, URL
+ *                encoding it.
+ *
+ * Parameters  :
+ *          1  :  out = target map
+ *          2  :  in = source map
+ *          3  :  name = name of cgi parameter to copy
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_CGI_PARAMS if the parameter doesn't exist
+ *                                  in the source map
+ *
+ *********************************************************************/
+static jb_err map_copy_parameter_url(struct map *out,
+                                     const struct map *in,
+                                     const char *name)
+{
+   const char * value;
+   jb_err err;
+
+   assert(out);
+   assert(in);
+   assert(name);
+
+   value = lookup(in, name);
+   err = map(out, name, 1, url_encode(value), 0);
+
+   if (err)
+   {
+      /* Out of memory */
+      return err;
+   }
+   else if (*value == '\0')
+   {
+      return JB_ERR_CGI_PARAMS;
+   }
+   else
+   {
+      return JB_ERR_OK;
+   }
+}
+#endif /* 0 - unused function */
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_edit_actions_url_form
+ *
+ * Description :  CGI function that displays a form for
+ *                edit-actions-url
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters
+ *           i : (action index) Identifies the file to edit
+ *           v : (version) File's last-modified time
+ *           p : (pattern) Line number of pattern to edit
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_CGI_PARAMS if the CGI parameters are not
+ *                                  specified or not valid.
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions_url_form(struct client_state *csp,
+                                 struct http_response *rsp,
+                                 const struct map *parameters)
+{
+   struct map * exports;
+   unsigned patternid;
+   struct editable_file * file;
+   struct file_line * cur_line;
+   unsigned line_number;
+   unsigned section_start_line_number = 0;
+   jb_err err;
+
+   assert(csp);
+   assert(rsp);
+   assert(parameters);
+
+   if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+   {
+      return cgi_error_disabled(csp, rsp);
+   }
+
+   err = get_number_param(csp, parameters, "p", &patternid);
+   if (err)
+   {
+      return err;
+   }
+
+   err = edit_read_actions_file(csp, rsp, parameters, 1, &file);
+   if (err)
+   {
+      /* No filename specified, can't read file, modified, or out of memory. */
+      return (err == JB_ERR_FILE ? JB_ERR_OK : err);
+   }
+
+   cur_line = file->lines;
+
+   for (line_number = 1; (cur_line != NULL) && (line_number < patternid); line_number++)
+   {
+      if (cur_line->type == FILE_LINE_ACTION)
+      {
+         section_start_line_number = line_number;
+      }
+      cur_line = cur_line->next;
+   }
+
+   if ( (cur_line == NULL)
+     || (line_number != patternid)
+     || (patternid < 1U)
+     || (cur_line->type != FILE_LINE_URL))
+   {
+      /* Invalid "patternid" parameter */
+      edit_free_file(file);
+      return JB_ERR_CGI_PARAMS;
+   }
+
+   if (NULL == (exports = default_exports(csp, NULL)))
+   {
+      edit_free_file(file);
+      return JB_ERR_MEMORY;
+   }
+
+   err = map(exports, "f", 1, stringify(file->identifier), 0);
+   if (!err) err = map(exports, "v", 1, file->version_str, 1);
+   if (!err) err = map(exports, "p", 1, url_encode(lookup(parameters, "p")), 0);
+   if (!err) err = map(exports, "u", 1, html_encode(cur_line->unprocessed), 0);
+   if (!err) err = map(exports, "jumptarget", 1, section_target(section_start_line_number), 0);
+
+   edit_free_file(file);
+
+   if (err)
+   {
+      free_map(exports);
+      return err;
+   }
+
+   return template_fill_for_cgi(csp, "edit-actions-url-form", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_edit_actions_add_url_form
+ *
+ * Description :  CGI function that displays a form for
+ *                edit-actions-url
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters :
+ *           f : (filename) Identifies the file to edit
+ *           v : (version) File's last-modified time
+ *           s : (section) Line number of section to edit
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_CGI_PARAMS if the CGI parameters are not
+ *                                  specified or not valid.
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions_add_url_form(struct client_state *csp,
+                                     struct http_response *rsp,
+                                     const struct map *parameters)
+{
+   struct map *exports;
+   jb_err err;
+
+   assert(csp);
+   assert(rsp);
+   assert(parameters);
+
+   if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+   {
+      return cgi_error_disabled(csp, rsp);
+   }
+
+   if (NULL == (exports = default_exports(csp, NULL)))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   err = map_copy_parameter_html(exports, parameters, "f");
+   if (!err) err = map_copy_parameter_html(exports, parameters, "v");
+   if (!err) err = map_copy_parameter_html(exports, parameters, "s");
+
+   if (err)
+   {
+      free_map(exports);
+      return err;
+   }
+
+   return template_fill_for_cgi(csp, "edit-actions-add-url-form", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_edit_actions_remove_url_form
+ *
+ * Description :  CGI function that displays a form for
+ *                edit-actions-url
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters :
+ *           f : (number)  The action file identifier.
+ *           v : (version) File's last-modified time
+ *           p : (pattern) Line number of pattern to edit
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_CGI_PARAMS if the CGI parameters are not
+ *                                  specified or not valid.
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions_remove_url_form(struct client_state *csp,
+                                     struct http_response *rsp,
+                                     const struct map *parameters)
+{
+   struct map * exports;
+   unsigned patternid;
+   struct editable_file * file;
+   struct file_line * cur_line;
+   unsigned line_number;
+   unsigned section_start_line_number = 0;
+   jb_err err;
+
+   assert(csp);
+   assert(rsp);
+   assert(parameters);
+
+   if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+   {
+      return cgi_error_disabled(csp, rsp);
+   }
+
+   err = get_number_param(csp, parameters, "p", &patternid);
+   if (err)
+   {
+      return err;
+   }
+
+   err = edit_read_actions_file(csp, rsp, parameters, 1, &file);
+   if (err)
+   {
+      /* No filename specified, can't read file, modified, or out of memory. */
+      return (err == JB_ERR_FILE ? JB_ERR_OK : err);
+   }
+
+   cur_line = file->lines;
+
+   for (line_number = 1; (cur_line != NULL) && (line_number < patternid); line_number++)
+   {
+      if (cur_line->type == FILE_LINE_ACTION)
+      {
+         section_start_line_number = line_number;
+      }      
+      cur_line = cur_line->next;
+   }
+
+   if ( (cur_line == NULL)
+     || (line_number != patternid)
+     || (patternid < 1U)
+     || (cur_line->type != FILE_LINE_URL))
+   {
+      /* Invalid "patternid" parameter */
+      edit_free_file(file);
+      return JB_ERR_CGI_PARAMS;
+   }
+
+   if (NULL == (exports = default_exports(csp, NULL)))
+   {
+      edit_free_file(file);
+      return JB_ERR_MEMORY;
+   }
+
+   err = map(exports, "f", 1, stringify(file->identifier), 0);
+   if (!err) err = map(exports, "v", 1, file->version_str, 1);
+   if (!err) err = map(exports, "p", 1, url_encode(lookup(parameters, "p")), 0);
+   if (!err) err = map(exports, "u", 1, html_encode(cur_line->unprocessed), 0);
+   if (!err) err = map(exports, "jumptarget", 1, section_target(section_start_line_number), 0);
+   if (!err) err = map(exports, "actions-file", 1, html_encode(file->filename), 0);
+
+   edit_free_file(file);
+
+   if (err)
+   {
+      free_map(exports);
+      return err;
+   }
+
+   return template_fill_for_cgi(csp, "edit-actions-remove-url-form", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  edit_write_file
+ *
+ * Description :  Write a complete file to disk.
+ *
+ * Parameters  :
+ *          1  :  file = File to write.
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_FILE   on error writing to file.
+ *                JB_ERR_MEMORY on out of memory
+ *
+ *********************************************************************/
+jb_err edit_write_file(struct editable_file * file)
+{
+   FILE * fp;
+   struct file_line * cur_line;
+   struct stat statbuf[1];
+   char version_buf[22]; /* 22 = ceil(log10(2^64)) + 2 = max number of
+                            digits in time_t, assuming this is a 64-bit
+                            machine, plus null terminator, plus one
+                            for paranoia */
+
+   assert(file);
+   assert(file->filename);
+
+   if (NULL == (fp = fopen(file->filename, "wb")))
+   {
+      return JB_ERR_FILE;
+   }
+
+   cur_line = file->lines;
+   while (cur_line != NULL)
+   {
+      if (cur_line->raw)
+      {
+         if (fputs(cur_line->raw, fp) < 0)
+         {
+            fclose(fp);
+            return JB_ERR_FILE;
+         }
+      }
+      else
+      {
+         if (cur_line->prefix)
+         {
+            if (fputs(cur_line->prefix, fp) < 0)
+            {
+               fclose(fp);
+               return JB_ERR_FILE;
+            }
+         }
+         if (cur_line->unprocessed)
+         {
+
+            if (NULL != strchr(cur_line->unprocessed, '#'))
+            {
+               /* Must quote '#' characters */
+               int numhash = 0;
+               size_t len;
+               char * src;
+               char * dest;
+               char * str;
+
+               /* Count number of # characters, so we know length of output string */
+               src = cur_line->unprocessed;
+               while (NULL != (src = strchr(src, '#')))
+               {
+                  numhash++;
+                  src++;
+               }
+               assert(numhash > 0);
+
+               /* Allocate new memory for string */
+               len = strlen(cur_line->unprocessed) + (size_t)numhash;
+               if (NULL == (str = malloc(len + 1)))
+               {
+                  /* Uh oh, just trashed file! */
+                  fclose(fp);
+                  return JB_ERR_MEMORY;
+               }
+
+               /* Copy string but quote hashes */
+               src  = cur_line->unprocessed;
+               dest = str;
+               while (*src)
+               {
+                  if (*src == '#')
+                  {
+                     *dest++ = '\\';
+                     numhash--;
+                     assert(numhash >= 0);
+                  }
+                  *dest++ = *src++;
+               }
+               *dest = '\0';
+
+               assert(numhash == 0);
+               assert(strlen(str) == len);
+               assert(str == dest - len);
+               assert(src - len <= cur_line->unprocessed);
+
+               if ((strlen(str) != len) || (numhash != 0))
+               {
+                  /*
+                   * Escaping didn't work as expected, go spread the news.
+                   * Only reached in non-debugging builds.
+                   */
+                  log_error(LOG_LEVEL_ERROR,
+                     "Looks like hash escaping failed. %s might be corrupted now.",
+                     file->filename);
+               }
+
+               if (fputs(str, fp) < 0)
+               {
+                  free(str);
+                  fclose(fp);
+                  return JB_ERR_FILE;
+               }
+
+               free(str);
+            }
+            else
+            {
+               /* Can write without quoting '#' characters. */
+               if (fputs(cur_line->unprocessed, fp) < 0)
+               {
+                  fclose(fp);
+                  return JB_ERR_FILE;
+               }
+            }
+            if (fputs(NEWLINE(file->newline), fp) < 0)
+            {
+               fclose(fp);
+               return JB_ERR_FILE;
+            }
+         }
+         else
+         {
+            /* FIXME: Write data from file->data->whatever */
+            assert(0);
+         }
+      }
+      cur_line = cur_line->next;
+   }
+
+   fclose(fp);
+
+
+   /* Update the version stamp in the file structure, since we just
+    * wrote to the file & changed it's date.
+    */
+   if (stat(file->filename, statbuf) < 0)
+   {
+      /* Error, probably file not found. */
+      return JB_ERR_FILE;
+   }
+   file->version = (unsigned)statbuf->st_mtime;
+
+   /* Correct file->version_str */
+   freez(file->version_str);
+   snprintf(version_buf, sizeof(version_buf), "%u", file->version);
+   version_buf[sizeof(version_buf)-1] = '\0';
+   file->version_str = strdup(version_buf);
+   if (version_buf == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  edit_free_file
+ *
+ * Description :  Free a complete file in memory.
+ *
+ * Parameters  :
+ *          1  :  file = Data structure to free.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void edit_free_file(struct editable_file * file)
+{
+   if (!file)
+   {
+      /* Silently ignore NULL pointer */
+      return;
+   }
+
+   edit_free_file_lines(file->lines);
+   freez(file->version_str);
+   file->version = 0;
+   file->parse_error_text = NULL; /* Statically allocated */
+   file->parse_error = NULL;
+
+   free(file);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  edit_free_file_lines
+ *
+ * Description :  Free an entire linked list of file lines.
+ *
+ * Parameters  :
+ *          1  :  first_line = Data structure to free.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+static void edit_free_file_lines(struct file_line * first_line)
+{
+   struct file_line * next_line;
+
+   while (first_line != NULL)
+   {
+      next_line = first_line->next;
+      first_line->next = NULL;
+      freez(first_line->raw);
+      freez(first_line->prefix);
+      freez(first_line->unprocessed);
+      switch(first_line->type)
+      {
+         case 0: /* special case if memory zeroed */
+         case FILE_LINE_UNPROCESSED:
+         case FILE_LINE_BLANK:
+         case FILE_LINE_ALIAS_HEADER:
+         case FILE_LINE_SETTINGS_HEADER:
+         case FILE_LINE_DESCRIPTION_HEADER:
+         case FILE_LINE_DESCRIPTION_ENTRY:
+         case FILE_LINE_ALIAS_ENTRY:
+         case FILE_LINE_URL:
+            /* No data is stored for these */
+            break;
+
+         case FILE_LINE_ACTION:
+            free_action(first_line->data.action);
+            break;
+
+         case FILE_LINE_SETTINGS_ENTRY:
+            freez(first_line->data.setting.name);
+            freez(first_line->data.setting.svalue);
+            break;
+         default:
+            /* Should never happen */
+            assert(0);
+            break;
+      }
+      first_line->type = 0; /* paranoia */
+      free(first_line);
+      first_line = next_line;
+   }
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  match_actions_file_header_line
+ *
+ * Description :  Match an actions file {{header}} line
+ *
+ * Parameters  :
+ *          1  :  line = String from file
+ *          2  :  name = Header to match against
+ *
+ * Returns     :  0 iff they match.
+ *
+ *********************************************************************/
+static int match_actions_file_header_line(const char * line, const char * name)
+{
+   size_t len;
+
+   assert(line);
+   assert(name);
+
+   /* Look for "{{" */
+   if ((line[0] != '{') || (line[1] != '{'))
+   {
+      return 1;
+   }
+   line += 2;
+
+   /* Look for optional whitespace */
+   while ( (*line == ' ') || (*line == '\t') )
+   {
+      line++;
+   }
+
+   /* Look for the specified name (case-insensitive) */
+   len = strlen(name);
+   if (0 != strncmpic(line, name, len))
+   {
+      return 1;
+   }
+   line += len;
+
+   /* Look for optional whitespace */
+   while ( (*line == ' ') || (*line == '\t') )
+   {
+      line++;
+   }
+
+   /* Look for "}}" and end of string*/
+   if ((line[0] != '}') || (line[1] != '}') || (line[2] != '\0'))
+   {
+      return 1;
+   }
+
+   /* It matched!! */
+   return 0;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  match_actions_file_header_line
+ *
+ * Description :  Match an actions file {{header}} line
+ *
+ * Parameters  :
+ *          1  :  line = String from file.  Must not start with
+ *                       whitespace (else infinite loop!)
+ *          2  :  pname = Destination for name
+ *          2  :  pvalue = Destination for value
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_PARSE  if there's no "=" sign, or if there's
+ *                              nothing before the "=" sign (but empty
+ *                              values *after* the "=" sign are legal).
+ *
+ *********************************************************************/
+static jb_err split_line_on_equals(const char * line, char ** pname, char ** pvalue)
+{
+   const char * name_end;
+   const char * value_start;
+   size_t name_len;
+
+   assert(line);
+   assert(pname);
+   assert(pvalue);
+   assert(*line != ' ');
+   assert(*line != '\t');
+
+   *pname = NULL;
+   *pvalue = NULL;
+
+   value_start = strchr(line, '=');
+   if ((value_start == NULL) || (value_start == line))
+   {
+      return JB_ERR_PARSE;
+   }
+
+   name_end = value_start - 1;
+
+   /* Eat any whitespace before the '=' */
+   while ((*name_end == ' ') || (*name_end == '\t'))
+   {
+      /*
+       * we already know we must have at least 1 non-ws char
+       * at start of buf - no need to check
+       */
+      name_end--;
+   }
+
+   name_len = (size_t)(name_end - line) + 1; /* Length excluding \0 */
+   if (NULL == (*pname = (char *) malloc(name_len + 1)))
+   {
+      return JB_ERR_MEMORY;
+   }
+   strncpy(*pname, line, name_len);
+   (*pname)[name_len] = '\0';
+
+   /* Eat any the whitespace after the '=' */
+   value_start++;
+   while ((*value_start == ' ') || (*value_start == '\t'))
+   {
+      value_start++;
+   }
+
+   if (NULL == (*pvalue = strdup(value_start)))
+   {
+      free(*pname);
+      *pname = NULL;
+      return JB_ERR_MEMORY;
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  edit_parse_actions_file
+ *
+ * Description :  Parse an actions file in memory.
+ *
+ *                Passed linked list must have the "data" member
+ *                zeroed, and must contain valid "next" and
+ *                "unprocessed" fields.  The "raw" and "prefix"
+ *                fields are ignored, and "type" is just overwritten.
+ *
+ *                Note that on error the file may have been
+ *                partially parsed.
+ *
+ * Parameters  :
+ *          1  :  file = Actions file to be parsed in-place.
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_PARSE  on error
+ *
+ *********************************************************************/
+jb_err edit_parse_actions_file(struct editable_file * file)
+{
+   struct file_line * cur_line;
+   size_t len;
+   const char * text; /* Text from a line */
+   char * name;  /* For lines of the form name=value */
+   char * value; /* For lines of the form name=value */
+   struct action_alias * alias_list = NULL;
+   jb_err err = JB_ERR_OK;
+
+   /* alias_list contains the aliases defined in this file.
+    * It might be better to use the "file_line.data" fields
+    * in the relavent places instead.
+    */
+
+   cur_line = file->lines;
+
+   /* A note about blank line support: Blank lines should only
+    * ever occur as the last line in the file.  This function
+    * is more forgiving than that - FILE_LINE_BLANK can occur
+    * anywhere.
+    */
+
+   /* Skip leading blanks.  Should only happen if file is
+    * empty (which is valid, but pointless).
+    */
+   while ( (cur_line != NULL)
+        && (cur_line->unprocessed[0] == '\0') )
+   {
+      /* Blank line */
+      cur_line->type = FILE_LINE_BLANK;
+      cur_line = cur_line->next;
+   }
+
+   if ( (cur_line != NULL)
+     && (cur_line->unprocessed[0] != '{') )
+   {
+      /* File doesn't start with a header */
+      file->parse_error = cur_line;
+      file->parse_error_text = "First (non-comment) line of the file must contain a header.";
+      return JB_ERR_PARSE;
+   }
+
+   if ( (cur_line != NULL) && (0 ==
+      match_actions_file_header_line(cur_line->unprocessed, "settings") ) )
+   {
+      cur_line->type = FILE_LINE_SETTINGS_HEADER;
+
+      cur_line = cur_line->next;
+      while ((cur_line != NULL) && (cur_line->unprocessed[0] != '{'))
+      {
+         if (cur_line->unprocessed[0])
+         {
+            cur_line->type = FILE_LINE_SETTINGS_ENTRY;
+
+            err = split_line_on_equals(cur_line->unprocessed,
+                     &cur_line->data.setting.name,
+                     &cur_line->data.setting.svalue);
+            if (err == JB_ERR_MEMORY)
+            {
+               return err;
+            }
+            else if (err != JB_ERR_OK)
+            {
+               /* Line does not contain a name=value pair */
+               file->parse_error = cur_line;
+               file->parse_error_text = "Expected a name=value pair on this {{description}} line, but couldn't find one.";
+               return JB_ERR_PARSE;
+            }
+         }
+         else
+         {
+            cur_line->type = FILE_LINE_BLANK;
+         }
+         cur_line = cur_line->next;
+      }
+   }
+
+   if ( (cur_line != NULL) && (0 ==
+      match_actions_file_header_line(cur_line->unprocessed, "description") ) )
+   {
+      cur_line->type = FILE_LINE_DESCRIPTION_HEADER;
+
+      cur_line = cur_line->next;
+      while ((cur_line != NULL) && (cur_line->unprocessed[0] != '{'))
+      {
+         if (cur_line->unprocessed[0])
+         {
+            cur_line->type = FILE_LINE_DESCRIPTION_ENTRY;
+         }
+         else
+         {
+            cur_line->type = FILE_LINE_BLANK;
+         }
+         cur_line = cur_line->next;
+      }
+   }
+
+   if ( (cur_line != NULL) && (0 ==
+      match_actions_file_header_line(cur_line->unprocessed, "alias") ) )
+   {
+      cur_line->type = FILE_LINE_ALIAS_HEADER;
+
+      cur_line = cur_line->next;
+      while ((cur_line != NULL) && (cur_line->unprocessed[0] != '{'))
+      {
+         if (cur_line->unprocessed[0])
+         {
+            /* define an alias */
+            struct action_alias * new_alias;
+
+            cur_line->type = FILE_LINE_ALIAS_ENTRY;
+
+            err = split_line_on_equals(cur_line->unprocessed, &name, &value);
+            if (err == JB_ERR_MEMORY)
+            {
+               return err;
+            }
+            else if (err != JB_ERR_OK)
+            {
+               /* Line does not contain a name=value pair */
+               file->parse_error = cur_line;
+               file->parse_error_text = "Expected a name=value pair on this {{alias}} line, but couldn't find one.";
+               return JB_ERR_PARSE;
+            }
+
+            if ((new_alias = zalloc(sizeof(*new_alias))) == NULL)
+            {
+               /* Out of memory */
+               free(name);
+               free(value);
+               free_alias_list(alias_list);
+               return JB_ERR_MEMORY;
+            }
+
+            err = get_actions(value, alias_list, new_alias->action);
+            if (err)
+            {
+               /* Invalid action or out of memory */
+               free(name);
+               free(value);
+               free(new_alias);
+               free_alias_list(alias_list);
+               if (err == JB_ERR_MEMORY)
+               {
+                  return err;
+               }
+               else
+               {
+                  /* Line does not contain a name=value pair */
+                  file->parse_error = cur_line;
+                  file->parse_error_text = "This alias does not specify a valid set of actions.";
+                  return JB_ERR_PARSE;
+               }
+            }
+
+            free(value);
+
+            new_alias->name = name;
+
+            /* add to list */
+            new_alias->next = alias_list;
+            alias_list = new_alias;
+         }
+         else
+         {
+            cur_line->type = FILE_LINE_BLANK;
+         }
+         cur_line = cur_line->next;
+      }
+   }
+
+   /* Header done, process the main part of the file */
+   while (cur_line != NULL)
+   {
+      /* At this point, (cur_line->unprocessed[0] == '{') */
+      assert(cur_line->unprocessed[0] == '{');
+      text = cur_line->unprocessed + 1;
+      len = strlen(text) - 1;
+      if (text[len] != '}')
+      {
+         /* No closing } on header */
+         free_alias_list(alias_list);
+         file->parse_error = cur_line;
+         file->parse_error_text = "Headers starting with '{' must have a "
+            "closing bracket ('}').  Headers starting with two brackets ('{{') "
+            "must close with two brackets ('}}').";
+         return JB_ERR_PARSE;
+      }
+
+      if (text[0] == '{')
+      {
+         /* An invalid {{ header.  */
+         free_alias_list(alias_list);
+         file->parse_error = cur_line;
+         file->parse_error_text = "Unknown or unexpected two-bracket header.  "
+            "Please remember that the system (two-bracket) headers must "
+            "appear in the order {{settings}}, {{description}}, {{alias}}, "
+            "and must appear before any actions (one-bracket) headers.  "
+            "Also note that system headers may not be repeated.";
+         return JB_ERR_PARSE;
+      }
+
+      while ( (*text == ' ') || (*text == '\t') )
+      {
+         text++;
+         len--;
+      }
+      while ( (len > (size_t)0)
+           && ( (text[len - 1] == ' ')
+             || (text[len - 1] == '\t') ) )
+      {
+         len--;
+      }
+
+      cur_line->type = FILE_LINE_ACTION;
+
+      /* Remove {} and make copy */
+      if (NULL == (value = (char *) malloc(len + 1)))
+      {
+         /* Out of memory */
+         free_alias_list(alias_list);
+         return JB_ERR_MEMORY;
+      }
+      strncpy(value, text, len);
+      value[len] = '\0';
+
+      /* Get actions */
+      err = get_actions(value, alias_list, cur_line->data.action);
+      if (err)
+      {
+         /* Invalid action or out of memory */
+         free(value);
+         free_alias_list(alias_list);
+         if (err == JB_ERR_MEMORY)
+         {
+            return err;
+         }
+         else
+         {
+            /* Line does not contain a name=value pair */
+            file->parse_error = cur_line;
+            file->parse_error_text = "This header does not specify a valid set of actions.";
+            return JB_ERR_PARSE;
+         }
+      }
+
+      /* Done with string - it was clobbered anyway */
+      free(value);
+
+      /* Process next line */
+      cur_line = cur_line->next;
+
+      /* Loop processing URL patterns */
+      while ((cur_line != NULL) && (cur_line->unprocessed[0] != '{'))
+      {
+         if (cur_line->unprocessed[0])
+         {
+            /* Could parse URL here, but this isn't currently needed */
+
+            cur_line->type = FILE_LINE_URL;
+         }
+         else
+         {
+            cur_line->type = FILE_LINE_BLANK;
+         }
+         cur_line = cur_line->next;
+      }
+   } /* End main while(cur_line != NULL) loop */
+
+   free_alias_list(alias_list);
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  edit_read_file_lines
+ *
+ * Description :  Read all the lines of a file into memory.
+ *                Handles whitespace, comments and line continuation.
+ *
+ * Parameters  :
+ *          1  :  fp = File to read from.  On return, this will be
+ *                     at EOF but it will not have been closed.
+ *          2  :  pfile = Destination for a linked list of file_lines.
+ *                        Will be set to NULL on error.
+ *          3  :  newline = How to handle newlines.
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *
+ *********************************************************************/
+jb_err edit_read_file_lines(FILE *fp, struct file_line ** pfile, int *newline)
+{
+   struct file_line * first_line; /* Keep for return value or to free */
+   struct file_line * cur_line;   /* Current line */
+   struct file_line * prev_line;  /* Entry with prev_line->next = cur_line */
+   jb_err rval;
+
+   assert(fp);
+   assert(pfile);
+
+   *pfile = NULL;
+
+   cur_line = first_line = zalloc(sizeof(struct file_line));
+   if (cur_line == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   cur_line->type = FILE_LINE_UNPROCESSED;
+
+   rval = edit_read_line(fp, &cur_line->raw, &cur_line->prefix, &cur_line->unprocessed, newline, NULL);
+   if (rval)
+   {
+      /* Out of memory or empty file. */
+      /* Note that empty file is not an error we propogate up */
+      free(cur_line);
+      return ((rval == JB_ERR_FILE) ? JB_ERR_OK : rval);
+   }
+
+   do
+   {
+      prev_line = cur_line;
+      cur_line = prev_line->next = zalloc(sizeof(struct file_line));
+      if (cur_line == NULL)
+      {
+         /* Out of memory */
+         edit_free_file_lines(first_line);
+         return JB_ERR_MEMORY;
+      }
+
+      cur_line->type = FILE_LINE_UNPROCESSED;
+
+      rval = edit_read_line(fp, &cur_line->raw, &cur_line->prefix, &cur_line->unprocessed, newline, NULL);
+      if ((rval != JB_ERR_OK) && (rval != JB_ERR_FILE))
+      {
+         /* Out of memory */
+         edit_free_file_lines(first_line);
+         return JB_ERR_MEMORY;
+      }
+
+   }
+   while (rval != JB_ERR_FILE);
+
+   /* EOF */
+
+   /* We allocated one too many - free it */
+   prev_line->next = NULL;
+   free(cur_line);
+
+   *pfile = first_line;
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  edit_read_file
+ *
+ * Description :  Read a complete file into memory.
+ *                Handles CGI parameter parsing.  If requested, also
+ *                checks the file's modification timestamp.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  parameters = map of cgi parameters.
+ *          3  :  require_version = true to check "ver" parameter.
+ *          4  :  pfile = Destination for the file.  Will be set
+ *                        to NULL on error.
+ *
+ * CGI Parameters :
+ *           f :  The action file identifier.
+ *         ver :  (Only if require_version is nonzero)
+ *                Timestamp of the actions file.  If wrong, this
+ *                function fails with JB_ERR_MODIFIED.
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_CGI_PARAMS if "filename" was not specified
+ *                                  or is not valid.
+ *                JB_ERR_FILE   if the file cannot be opened or
+ *                              contains no data
+ *                JB_ERR_MODIFIED if version checking was requested and
+ *                                failed - the file was modified outside
+ *                                of this CGI editor instance.
+ *
+ *********************************************************************/
+jb_err edit_read_file(struct client_state *csp,
+                      const struct map *parameters,
+                      int require_version,
+                      struct editable_file **pfile)
+{
+   struct file_line * lines;
+   FILE * fp;
+   jb_err err;
+   const char *filename = NULL;
+   struct editable_file * file;
+   unsigned version = 0;
+   struct stat statbuf[1];
+   char version_buf[22];
+   int newline = NEWLINE_UNKNOWN;
+   unsigned i;
+
+   assert(csp);
+   assert(parameters);
+   assert(pfile);
+
+   *pfile = NULL;
+
+   err = get_number_param(csp, parameters, "f", &i);
+   if ((JB_ERR_OK == err) && (i < MAX_AF_FILES) && (NULL != csp->config->actions_file[i]))
+   {
+      filename = csp->config->actions_file[i];
+   }
+   else if (JB_ERR_CGI_PARAMS == err)
+   {
+      /*
+       * Probably an old-school URL like
+       * http://config.privoxy.org/edit-actions-list?f=default
+       */
+      err = get_file_name_param(csp, parameters, "f", &filename);
+   }
+
+   if (NULL == filename || stat(filename, statbuf) < 0)
+   {
+      /* Error, probably file not found. */
+      return JB_ERR_FILE;
+   }
+   version = (unsigned) statbuf->st_mtime;
+
+   if (require_version)
+   {
+      unsigned specified_version;
+      err = get_number_param(csp, parameters, "v", &specified_version);
+      if (err)
+      {
+         return err;
+      }
+
+      if (version != specified_version)
+      {
+         return JB_ERR_MODIFIED;
+      }
+   }
+
+   if (NULL == (fp = fopen(filename,"rb")))
+   {
+      return JB_ERR_FILE;
+   }
+
+   err = edit_read_file_lines(fp, &lines, &newline);
+
+   fclose(fp);
+
+   if (err)
+   {
+      return err;
+   }
+
+   file = (struct editable_file *) zalloc(sizeof(*file));
+   if (err)
+   {
+      edit_free_file_lines(lines);
+      return err;
+   }
+
+   file->lines = lines;
+   file->newline = newline;
+   file->filename = filename;
+   file->version = version;
+   file->identifier = i;
+
+   /* Correct file->version_str */
+   freez(file->version_str);
+   snprintf(version_buf, sizeof(version_buf), "%u", file->version);
+   version_buf[sizeof(version_buf)-1] = '\0';
+   file->version_str = strdup(version_buf);
+   if (version_buf == NULL)
+   {
+      edit_free_file(file);
+      return JB_ERR_MEMORY;
+   }
+
+   *pfile = file;
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  edit_read_actions_file
+ *
+ * Description :  Read a complete actions file into memory.
+ *                Handles CGI parameter parsing.  If requested, also
+ *                checks the file's modification timestamp.
+ *
+ *                If this function detects an error in the categories
+ *                JB_ERR_FILE, JB_ERR_MODIFIED, or JB_ERR_PARSE,
+ *                then it handles it by filling in the specified
+ *                response structure and returning JB_ERR_FILE.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = HTTP response.  Only filled in on error.
+ *          2  :  parameters = map of cgi parameters.
+ *          3  :  require_version = true to check "ver" parameter.
+ *          4  :  pfile = Destination for the file.  Will be set
+ *                        to NULL on error.
+ *
+ * CGI Parameters :
+ *           f :  The actions file identifier.
+ *         ver :  (Only if require_version is nonzero)
+ *                Timestamp of the actions file.  If wrong, this
+ *                function fails with JB_ERR_MODIFIED.
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_CGI_PARAMS if "filename" was not specified
+ *                                  or is not valid.
+ *                JB_ERR_FILE  if the file does not contain valid data,
+ *                             or if file cannot be opened or
+ *                             contains no data, or if version
+ *                             checking was requested and failed.
+ *
+ *********************************************************************/
+jb_err edit_read_actions_file(struct client_state *csp,
+                              struct http_response *rsp,
+                              const struct map *parameters,
+                              int require_version,
+                              struct editable_file **pfile)
+{
+   jb_err err;
+   struct editable_file *file;
+   static int acceptable_failures = ACCEPTABLE_TIMESTAMP_MISMATCHES - 1;
+
+   assert(csp);
+   assert(parameters);
+   assert(pfile);
+
+   *pfile = NULL;
+
+   err = edit_read_file(csp, parameters, require_version, &file);
+   if (err)
+   {
+      /* Try to handle if possible */
+      if (err == JB_ERR_FILE)
+      {
+         err = cgi_error_file(csp, rsp, lookup(parameters, "f"));
+      }
+      else if (err == JB_ERR_MODIFIED)
+      {
+         assert(require_version);
+         err = cgi_error_modified(csp, rsp, lookup(parameters, "f"));
+         log_error(LOG_LEVEL_ERROR,
+            "Blocking CGI edit request due to modification time mismatch.");
+         if (acceptable_failures > 0)
+         {
+            log_error(LOG_LEVEL_INFO,
+               "The CGI editor will be turned off after another %d mismatche(s).",
+               acceptable_failures);
+            acceptable_failures--;
+         }
+         else
+         {
+            log_error(LOG_LEVEL_INFO,
+               "Timestamp mismatch limit reached, turning CGI editor off. "
+               "Reload the configuration file to reenable it.");
+            csp->config->feature_flags &= ~RUNTIME_FEATURE_CGI_EDIT_ACTIONS;
+         }
+      }
+      if (err == JB_ERR_OK)
+      {
+         /*
+          * Signal to higher-level CGI code that there was a problem but we
+          * handled it, they should just return JB_ERR_OK.
+          */
+         err = JB_ERR_FILE;
+      }
+      return err;
+   }
+
+   err = edit_parse_actions_file(file);
+   if (err)
+   {
+      if (err == JB_ERR_PARSE)
+      {
+         err = cgi_error_parse(csp, rsp, file);
+         if (err == JB_ERR_OK)
+         {
+            /*
+             * Signal to higher-level CGI code that there was a problem but we
+             * handled it, they should just return JB_ERR_OK.
+             */
+            err = JB_ERR_FILE;
+         }
+      }
+      edit_free_file(file);
+      return err;
+   }
+
+   *pfile = file;
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_file_name_param
+ *
+ * Description :  Get the name of the file to edit from the parameters
+ *                passed to a CGI function using the old syntax.
+ *                This function handles security checks and only
+ *                accepts files that Privoxy already knows.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  parameters = map of cgi parameters
+ *          3  :  param_name = The name of the parameter to read
+ *          4  :  pfilename = pointer to the filename in
+ *                csp->config->actions_file[] if found. Set to NULL on error.
+ *
+ * Returns     :  JB_ERR_OK         on success
+ *                JB_ERR_MEMORY     on out-of-memory
+ *                JB_ERR_CGI_PARAMS if "filename" was not specified
+ *                                  or is not valid.
+ *
+ *********************************************************************/
+static jb_err get_file_name_param(struct client_state *csp,
+                                  const struct map *parameters,
+                                  const char *param_name,
+                                  const char **pfilename)
+{
+   const char *param;
+   const char suffix[] = ".action";
+   const char *s;
+   char *name;
+   char *fullpath;
+   char ch;
+   size_t len;
+   size_t name_size;
+   int i;
+
+   assert(csp);
+   assert(parameters);
+   assert(pfilename);
+
+   *pfilename = NULL;
+
+   param = lookup(parameters, param_name);
+   if (!*param)
+   {
+      return JB_ERR_CGI_PARAMS;
+   }
+
+   len = strlen(param);
+   if (len >= FILENAME_MAX)
+   {
+      /* Too long. */
+      return JB_ERR_CGI_PARAMS;
+   }
+
+   /*
+    * Check every character to see if it's legal.
+    * Totally unnecessary but we do it anyway.
+    */
+   s = param;
+   while ((ch = *s++) != '\0')
+   {
+      if ( ((ch < 'A') || (ch > 'Z'))
+        && ((ch < 'a') || (ch > 'z'))
+        && ((ch < '0') || (ch > '9'))
+        && (ch != '-')
+        && (ch != '_') )
+      {
+         /* Probable hack attempt. */
+         return JB_ERR_CGI_PARAMS;
+      }
+   }
+
+   /* Append extension */
+   name_size = len + strlen(suffix) + 1;
+   name = malloc(name_size);
+   if (name == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+   strlcpy(name, param, name_size);
+   strlcat(name, suffix, name_size);
+
+   /* Prepend path */
+   fullpath = make_path(csp->config->confdir, name);
+   free(name);
+
+   if (fullpath == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   /* Check if the file is known */
+   for (i = 0; i < MAX_AF_FILES; i++)
+   {
+      if (NULL != csp->config->actions_file[i] &&
+          !strcmp(fullpath, csp->config->actions_file[i]))
+      {
+         /* Success */
+         *pfilename = csp->config->actions_file[i];
+         freez(fullpath);
+
+         return JB_ERR_OK;
+      }
+   }
+   freez(fullpath);
+
+   return JB_ERR_CGI_PARAMS;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_url_spec_param
+ *
+ * Description :  Get a URL pattern from the parameters
+ *                passed to a CGI function.  Removes leading/trailing
+ *                spaces and validates it.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  parameters = map of cgi parameters
+ *          3  :  name = Name of CGI parameter to read
+ *          4  :  pvalue = destination for value.  Will be malloc()'d.
+ *                         Set to NULL on error.
+ *
+ * Returns     :  JB_ERR_OK         on success
+ *                JB_ERR_MEMORY     on out-of-memory
+ *                JB_ERR_CGI_PARAMS if the parameter was not specified
+ *                                  or is not valid.
+ *
+ *********************************************************************/
+static jb_err get_url_spec_param(struct client_state *csp,
+                                 const struct map *parameters,
+                                 const char *name,
+                                 char **pvalue)
+{
+   const char *orig_param;
+   char *param;
+   char *s;
+   struct url_spec compiled[1];
+   jb_err err;
+
+   assert(csp);
+   assert(parameters);
+   assert(name);
+   assert(pvalue);
+
+   *pvalue = NULL;
+
+   orig_param = lookup(parameters, name);
+   if (!*orig_param)
+   {
+      return JB_ERR_CGI_PARAMS;
+   }
+
+   /* Copy and trim whitespace */
+   param = strdup(orig_param);
+   if (param == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+   chomp(param);
+
+   /* Must be non-empty, and can't allow 1st character to be '{' */
+   if (param[0] == '\0' || param[0] == '{')
+   {
+      free(param);
+      return JB_ERR_CGI_PARAMS;
+   }
+
+   /* Check for embedded newlines */
+   for (s = param; *s != '\0'; s++)
+   {
+      if ((*s == '\r') || (*s == '\n'))
+      {
+         free(param);
+         return JB_ERR_CGI_PARAMS;
+      }
+   }
+
+   /* Check that regex is valid */
+   s = strdup(param);
+   if (s == NULL)
+   {
+      free(param);
+      return JB_ERR_MEMORY;
+   }
+   err = create_url_spec(compiled, s);
+   free(s);
+   if (err)
+   {
+      free(param);
+      return (err == JB_ERR_MEMORY) ? JB_ERR_MEMORY : JB_ERR_CGI_PARAMS;
+   }
+   free_url_spec(compiled);
+
+   if (param[strlen(param) - 1] == '\\')
+   {
+      /*
+       * Must protect trailing '\\' from becoming line continuation character.
+       * Two methods: 1) If it's a domain only, add a trailing '/'.
+       * 2) For path, add the do-nothing PCRE expression (?:) to the end
+       */
+      if (strchr(param, '/') == NULL)
+      {
+         err = string_append(&param, "/");
+      }
+      else
+      {
+         err = string_append(&param, "(?:)");
+      }
+      if (err)
+      {
+         return err;
+      }
+
+      /* Check that the modified regex is valid */
+      s = strdup(param);
+      if (s == NULL)
+      {
+         free(param);
+         return JB_ERR_MEMORY;
+      }
+      err = create_url_spec(compiled, s);
+      free(s);
+      if (err)
+      {
+         free(param);
+         return (err == JB_ERR_MEMORY) ? JB_ERR_MEMORY : JB_ERR_CGI_PARAMS;
+      }
+      free_url_spec(compiled);
+   }
+
+   *pvalue = param;
+   return JB_ERR_OK;
+}
+
+/*********************************************************************
+ *
+ * Function    :  map_radio
+ *
+ * Description :  Map a set of radio button values.  E.g. if you have
+ *                3 radio buttons, declare them as:
+ *                  <option type="radio" name="xyz" @xyz-a@>
+ *                  <option type="radio" name="xyz" @xyz-b@>
+ *                  <option type="radio" name="xyz" @xyz-c@>
+ *                Then map one of the @xyz-?@ variables to "checked"
+ *                and all the others to empty by calling:
+ *                map_radio(exports, "xyz", "abc", sel)
+ *                Where 'sel' is 'a', 'b', or 'c'.
+ *
+ * Parameters  :
+ *          1  :  exports = Exports map to modify.
+ *          2  :  optionname = name for map
+ *          3  :  values = null-terminated list of values;
+ *          4  :  value = Selected value.
+ *
+ * CGI Parameters : None
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *
+ *********************************************************************/
+static jb_err map_radio(struct map * exports,
+                        const char * optionname,
+                        const char * values,
+                        int value)
+{
+   char * buf;
+   char * p;
+   char c;
+   const size_t len = strlen(optionname);
+   const size_t buf_size = len + 3;
+
+   assert(exports);
+   assert(optionname);
+   assert(values);
+
+   buf = malloc(buf_size);
+   if (buf == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   strlcpy(buf, optionname, buf_size);
+
+   /* XXX: this looks ... interesting */
+   p = buf + len;
+   *p++ = '-';
+   p[1] = '\0';
+
+   while ((c = *values++) != '\0')
+   {
+      if (c != value)
+      {
+         *p = c;
+         if (map(exports, buf, 1, "", 1))
+         {
+            return JB_ERR_MEMORY;
+         }
+      }
+   }
+
+   *p = (char)value;
+   return map(exports, buf, 0, "checked", 1);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_error_modified
+ *
+ * Description :  CGI function that is called when a file is modified
+ *                outside the CGI editor.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  filename = The file that was modified.
+ *
+ * CGI Parameters : none
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err cgi_error_modified(struct client_state *csp,
+                          struct http_response *rsp,
+                          const char *filename)
+{
+   struct map *exports;
+   jb_err err;
+
+   assert(csp);
+   assert(rsp);
+   assert(filename);
+
+   if (NULL == (exports = default_exports(csp, NULL)))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   err = map(exports, "f", 1, html_encode(filename), 0);
+   if (err)
+   {
+      free_map(exports);
+      return err;
+   }
+
+   return template_fill_for_cgi(csp, "cgi-error-modified", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_error_parse
+ *
+ * Description :  CGI function that is called when a file cannot
+ *                be parsed by the CGI editor.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  file = The file that was modified.
+ *
+ * CGI Parameters : none
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err cgi_error_parse(struct client_state *csp,
+                       struct http_response *rsp,
+                       struct editable_file *file)
+{
+   struct map *exports;
+   jb_err err;
+   struct file_line *cur_line;
+
+   assert(csp);
+   assert(rsp);
+   assert(file);
+
+   if (NULL == (exports = default_exports(csp, NULL)))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   err = map(exports, "f", 1, stringify(file->identifier), 0);
+   if (!err) err = map(exports, "parse-error", 1, html_encode(file->parse_error_text), 0);
+
+   cur_line = file->parse_error;
+   assert(cur_line);
+
+   if (!err) err = map(exports, "line-raw", 1, html_encode(cur_line->raw), 0);
+   if (!err) err = map(exports, "line-data", 1, html_encode(cur_line->unprocessed), 0);
+
+   if (err)
+   {
+      free_map(exports);
+      return err;
+   }
+
+   return template_fill_for_cgi(csp, "cgi-error-parse", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_error_file
+ *
+ * Description :  CGI function that is called when a file cannot be
+ *                opened by the CGI editor.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  filename = The file that was modified.
+ *
+ * CGI Parameters : none
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err cgi_error_file(struct client_state *csp,
+                      struct http_response *rsp,
+                      const char *filename)
+{
+   struct map *exports;
+   jb_err err;
+
+   assert(csp);
+   assert(rsp);
+   assert(filename);
+
+   if (NULL == (exports = default_exports(csp, NULL)))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   err = map(exports, "f", 1, html_encode(filename), 0);
+   if (err)
+   {
+      free_map(exports);
+      return err;
+   }
+
+   return template_fill_for_cgi(csp, "cgi-error-file", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_error_file_read_only
+ *
+ * Description :  CGI function that is called when a file cannot be
+ *                opened for writing by the CGI editor.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  filename = The file that we can't write to
+ *
+ * CGI Parameters : none
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err cgi_error_file_read_only(struct client_state *csp,
+                                struct http_response *rsp,
+                                const char *filename)
+{
+   struct map *exports;
+   jb_err err;
+
+   assert(csp);
+   assert(rsp);
+   assert(filename);
+
+   if (NULL == (exports = default_exports(csp, NULL)))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   err = map(exports, "f", 1, html_encode(filename), 0);
+   if (err)
+   {
+      free_map(exports);
+      return err;
+   }
+
+   return template_fill_for_cgi(csp, "cgi-error-file-read-only", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_edit_actions
+ *
+ * Description :  CGI function that allows the user to choose which
+ *                actions file to edit.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters : None
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions(struct client_state *csp,
+                        struct http_response *rsp,
+                        const struct map *parameters)
+{
+   (void)parameters;
+
+   if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+   {
+      return cgi_error_disabled(csp, rsp);
+   }
+
+   /* FIXME: Incomplete */
+
+   return cgi_redirect(rsp, CGI_PREFIX "edit-actions-list?f=default");
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_edit_actions_list
+ *
+ * Description :  CGI function that edits the actions list.
+ *                FIXME: This function shouldn't FATAL ever.
+ *                FIXME: This function doesn't check the retval of map()
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters : filename
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_FILE   if the file cannot be opened or
+ *                              contains no data
+ *                JB_ERR_CGI_PARAMS if "filename" was not specified
+ *                                  or is not valid.
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions_list(struct client_state *csp,
+                             struct http_response *rsp,
+                             const struct map *parameters)
+{
+   char * section_template;
+   char * url_template;
+   char * sections;
+   char * urls;
+   char buf[150];
+   char * s;
+   struct map * exports;
+   struct map * section_exports;
+   struct map * url_exports;
+   struct editable_file * file;
+   struct file_line * cur_line;
+   unsigned line_number = 0;
+   unsigned prev_section_line_number = ((unsigned) (-1));
+   int i, url_1_2;
+   struct file_list * fl;
+   struct url_actions * b;
+   char * buttons = NULL;
+   jb_err err;
+
+   if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+   {
+      return cgi_error_disabled(csp, rsp);
+   }
+
+   if (NULL == (exports = default_exports(csp, NULL)))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   /* Load actions file */
+   err = edit_read_actions_file(csp, rsp, parameters, 0, &file);
+   if (err)
+   {
+      /* No filename specified, can't read file, or out of memory. */
+      free_map(exports);
+      return (err == JB_ERR_FILE ? JB_ERR_OK : err);
+   }
+
+   /* Find start of actions in file */
+   cur_line = file->lines;
+   line_number = 1;
+   while ((cur_line != NULL) && (cur_line->type != FILE_LINE_ACTION))
+   {
+      cur_line = cur_line->next;
+      line_number++;
+   }
+
+   /*
+    * Conventional actions files should have a match all block
+    * at the start:
+    * cur_line             = {...global actions...}
+    * cur_line->next       = /
+    * cur_line->next->next = {...actions...} or EOF
+    */
+   if ( (cur_line != NULL)
+     && (cur_line->type == FILE_LINE_ACTION)
+     && (cur_line->next != NULL)
+     && (cur_line->next->type == FILE_LINE_URL)
+     && (0 == strcmp(cur_line->next->unprocessed, "/"))
+     && ( (cur_line->next->next == NULL)
+       || (cur_line->next->next->type != FILE_LINE_URL)
+      ) )
+   {
+      /*
+       * Generate string with buttons to set actions for "/" to
+       * any predefined set of actions (named standard.*, probably
+       * residing in standard.action).
+       */
+
+      err = template_load(csp, &section_template, "edit-actions-list-button", 0);
+      if (err)
+      {
+         edit_free_file(file);
+         free_map(exports);
+         if (err == JB_ERR_FILE)
+         {
+            return cgi_error_no_template(csp, rsp, "edit-actions-list-button");
+         }
+         return err;
+      }
+
+      err = template_fill(&section_template, exports);
+      if (err)
+      {
+         edit_free_file(file);
+         free_map(exports);
+         return err;
+      }
+
+      buttons = strdup("");
+      for (i = 0; i < MAX_AF_FILES; i++)
+      {
+         if (((fl = csp->actions_list[i]) != NULL) && ((b = fl->f) != NULL))
+         {
+            for (b = b->next; NULL != b; b = b->next)
+            {
+               if (!strncmp(b->url->spec, "standard.", 9) && *(b->url->spec + 9) != '\0')
+               {
+                  if (err || (NULL == (section_exports = new_map())))
+                  {
+                     freez(buttons);
+                     free(section_template);
+                     edit_free_file(file);
+                     free_map(exports);
+                     return JB_ERR_MEMORY;
+                  }
+
+                  err = map(section_exports, "button-name", 1, b->url->spec + 9, 1);
+
+                  if (err || (NULL == (s = strdup(section_template))))
+                  {
+                     free_map(section_exports);
+                     freez(buttons);
+                     free(section_template);
+                     edit_free_file(file);
+                     free_map(exports);
+                     return JB_ERR_MEMORY;
+                  }
+
+                  if (!err) err = template_fill(&s, section_exports);
+                  free_map(section_exports);
+                  if (!err) err = string_join(&buttons, s);
+               }
+            }
+         }
+      }
+      freez(section_template);
+      if (!err) err = map(exports, "all-urls-buttons", 1, buttons, 0);
+
+      /*
+       * Conventional actions file, supply extra editing help.
+       * (e.g. don't allow them to make it an unconventional one).
+       */
+      if (!err) err = map_conditional(exports, "all-urls-present", 1);
+
+      snprintf(buf, sizeof(buf), "%d", line_number);
+      if (!err) err = map(exports, "all-urls-s", 1, buf, 1);
+      snprintf(buf, sizeof(buf), "%d", line_number + 2);
+      if (!err) err = map(exports, "all-urls-s-next", 1, buf, 1);
+      if (!err) err = map(exports, "all-urls-actions", 1,
+                          actions_to_html(csp, cur_line->data.action), 0);
+
+       /* Skip the 2 lines */
+      cur_line = cur_line->next->next;
+      line_number += 2;
+
+      /*
+       * Note that prev_section_line_number is NOT set here.
+       * This is deliberate and not a bug.  It stops a "Move up"
+       * option appearing on the next section.  Clicking "Move
+       * up" would make the actions file unconventional, which
+       * we don't want, so we hide this option.
+       */
+   }
+   else
+   {
+      /*
+       * Non-standard actions file - does not begin with
+       * the "All URLs" section.
+       */
+      if (!err) err = map_conditional(exports, "all-urls-present", 0);
+   }
+
+   /* Set up global exports */
+
+   if (!err) err = map(exports, "actions-file", 1, html_encode(file->filename), 0);
+   if (!err) err = map(exports, "f", 1, stringify(file->identifier), 0);
+   if (!err) err = map(exports, "v", 1, file->version_str, 1);
+
+   /* Discourage private additions to default.action */
+
+   if (!err) err = map_conditional(exports, "default-action",
+                                   (strstr("default.action", file->filename) != NULL));
+   if (err)
+   {
+      edit_free_file(file);
+      free_map(exports);
+      return err;
+   }
+
+   /* Should do all global exports above this point */
+
+   /* Load templates */
+
+   err = template_load(csp, &section_template, "edit-actions-list-section", 0);
+   if (err)
+   {
+      edit_free_file(file);
+      free_map(exports);
+      if (err == JB_ERR_FILE)
+      {
+         return cgi_error_no_template(csp, rsp, "edit-actions-list-section");
+      }
+      return err;
+   }
+
+   err = template_load(csp, &url_template, "edit-actions-list-url", 0);
+   if (err)
+   {
+      free(section_template);
+      edit_free_file(file);
+      free_map(exports);
+      if (err == JB_ERR_FILE)
+      {
+         return cgi_error_no_template(csp, rsp, "edit-actions-list-url");
+      }
+      return err;
+   }
+
+   err = template_fill(&section_template, exports);
+   if (err)
+   {
+      free(url_template);
+      edit_free_file(file);
+      free_map(exports);
+      return err;
+   }
+
+   err = template_fill(&url_template, exports);
+   if (err)
+   {
+      free(section_template);
+      edit_free_file(file);
+      free_map(exports);
+      return err;
+   }
+
+   if (NULL == (sections = strdup("")))
+   {
+      free(section_template);
+      free(url_template);
+      edit_free_file(file);
+      free_map(exports);
+      return JB_ERR_MEMORY;
+   }
+
+   while ((cur_line != NULL) && (cur_line->type == FILE_LINE_ACTION))
+   {
+      if (NULL == (section_exports = new_map()))
+      {
+         free(sections);
+         free(section_template);
+         free(url_template);
+         edit_free_file(file);
+         free_map(exports);
+         return JB_ERR_MEMORY;
+      }
+
+      snprintf(buf, sizeof(buf), "%d", line_number);
+      err = map(section_exports, "s", 1, buf, 1);
+      if (!err) err = map(section_exports, "actions", 1,
+                          actions_to_html(csp, cur_line->data.action), 0);
+
+      if ( (!err)
+        && (cur_line->next != NULL)
+        && (cur_line->next->type == FILE_LINE_URL))
+      {
+         /* This section contains at least one URL, don't allow delete */
+         err = map_block_killer(section_exports, "empty-section");
+      }
+      else
+      {
+         if (!err) err = map_block_keep(section_exports, "empty-section");
+      }
+
+      if (prev_section_line_number != ((unsigned)(-1)))
+      {
+         /* Not last section */
+         snprintf(buf, sizeof(buf), "%d", prev_section_line_number);
+         if (!err) err = map(section_exports, "s-prev", 1, buf, 1);
+         if (!err) err = map_block_keep(section_exports, "s-prev-exists");
+      }
+      else
+      {
+         /* Last section */
+         if (!err) err = map_block_killer(section_exports, "s-prev-exists");
+      }
+      prev_section_line_number = line_number;
+
+      if (err)
+      {
+         free(sections);
+         free(section_template);
+         free(url_template);
+         edit_free_file(file);
+         free_map(exports);
+         free_map(section_exports);
+         return err;
+      }
+
+      /* Should do all section-specific exports above this point */
+
+      if (NULL == (urls = strdup("")))
+      {
+         free(sections);
+         free(section_template);
+         free(url_template);
+         edit_free_file(file);
+         free_map(exports);
+         free_map(section_exports);
+         return JB_ERR_MEMORY;
+      }
+
+      url_1_2 = 2;
+
+      cur_line = cur_line->next;
+      line_number++;
+
+      while ((cur_line != NULL) && (cur_line->type == FILE_LINE_URL))
+      {
+         if (NULL == (url_exports = new_map()))
+         {
+            free(urls);
+            free(sections);
+            free(section_template);
+            free(url_template);
+            edit_free_file(file);
+            free_map(exports);
+            free_map(section_exports);
+            return JB_ERR_MEMORY;
+         }
+
+         snprintf(buf, sizeof(buf), "%d", line_number);
+         err = map(url_exports, "p", 1, buf, 1);
+
+         snprintf(buf, sizeof(buf), "%d", url_1_2);
+         if (!err) err = map(url_exports, "url-1-2", 1, buf, 1);
+
+         if (!err) err = map(url_exports, "url-html", 1,
+                             html_encode(cur_line->unprocessed), 0);
+         if (!err) err = map(url_exports, "url", 1,
+                             url_encode(cur_line->unprocessed), 0);
+
+         if (err)
+         {
+            free(urls);
+            free(sections);
+            free(section_template);
+            free(url_template);
+            edit_free_file(file);
+            free_map(exports);
+            free_map(section_exports);
+            free_map(url_exports);
+            return err;
+         }
+
+         if (NULL == (s = strdup(url_template)))
+         {
+            free(urls);
+            free(sections);
+            free(section_template);
+            free(url_template);
+            edit_free_file(file);
+            free_map(exports);
+            free_map(section_exports);
+            free_map(url_exports);
+            return JB_ERR_MEMORY;
+         }
+
+         err = template_fill(&s, section_exports);
+         if (!err) err = template_fill(&s, url_exports);
+         if (!err) err = string_append(&urls, s);
+
+         free_map(url_exports);
+         freez(s);
+
+         if (err)
+         {
+            freez(urls);
+            free(sections);
+            free(section_template);
+            free(url_template);
+            edit_free_file(file);
+            free_map(exports);
+            free_map(section_exports);
+            return err;
+         }
+
+         url_1_2 = 3 - url_1_2;
+
+         cur_line = cur_line->next;
+         line_number++;
+      }
+
+      err = map(section_exports, "urls", 1, urls, 0);
+
+      /* Could also do section-specific exports here, but it wouldn't be as fast */
+
+      snprintf(buf, sizeof(buf), "%d", line_number);
+      if (!err) err = map(section_exports, "s-next", 1, buf, 1);
+
+      if ( (cur_line != NULL)
+        && (cur_line->type == FILE_LINE_ACTION))
+      {
+         /* Not last section */
+         if (!err) err = map_block_keep(section_exports, "s-next-exists");
+      }
+      else
+      {
+         /* Last section */
+         if (!err) err = map_block_killer(section_exports, "s-next-exists");
+      }
+
+      if (err)
+      {
+         free(sections);
+         free(section_template);
+         free(url_template);
+         edit_free_file(file);
+         free_map(exports);
+         free_map(section_exports);
+         return err;
+      }
+
+      if (NULL == (s = strdup(section_template)))
+      {
+         free(sections);
+         free(section_template);
+         free(url_template);
+         edit_free_file(file);
+         free_map(exports);
+         free_map(section_exports);
+         return JB_ERR_MEMORY;
+      }
+
+      err = template_fill(&s, section_exports);
+      if (!err) err = string_append(&sections, s);
+
+      freez(s);
+      free_map(section_exports);
+
+      if (err)
+      {
+         freez(sections);
+         free(section_template);
+         free(url_template);
+         edit_free_file(file);
+         free_map(exports);
+         return err;
+      }
+   }
+
+   edit_free_file(file);
+   free(section_template);
+   free(url_template);
+
+   err = map(exports, "sections", 1, sections, 0);
+   if (err)
+   {
+      free_map(exports);
+      return err;
+   }
+
+   /* Could also do global exports here, but it wouldn't be as fast */
+
+   return template_fill_for_cgi(csp, "edit-actions-list", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_edit_actions_for_url
+ *
+ * Description :  CGI function that edits the Actions list.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters : None
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_CGI_PARAMS if the CGI parameters are not
+ *                                  specified or not valid.
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions_for_url(struct client_state *csp,
+                                struct http_response *rsp,
+                                const struct map *parameters)
+{
+   struct map * exports;
+   unsigned sectionid;
+   struct editable_file * file;
+   struct file_line * cur_line;
+   unsigned line_number;
+   jb_err err;
+   struct re_filterfile_spec *filter_group;
+   int i, have_filters = 0;
+
+   if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+   {
+      return cgi_error_disabled(csp, rsp);
+   }
+
+   err = get_number_param(csp, parameters, "s", &sectionid);
+   if (err)
+   {
+      return err;
+   }
+
+   err = edit_read_actions_file(csp, rsp, parameters, 1, &file);
+   if (err)
+   {
+      /* No filename specified, can't read file, modified, or out of memory. */
+      return (err == JB_ERR_FILE ? JB_ERR_OK : err);
+   }
+
+   cur_line = file->lines;
+
+   for (line_number = 1; (cur_line != NULL) && (line_number < sectionid); line_number++)
+   {
+      cur_line = cur_line->next;
+   }
+
+   if ( (cur_line == NULL)
+     || (line_number != sectionid)
+     || (sectionid < 1)
+     || (cur_line->type != FILE_LINE_ACTION))
+   {
+      /* Invalid "sectionid" parameter */
+      edit_free_file(file);
+      return JB_ERR_CGI_PARAMS;
+   }
+
+   if (NULL == (exports = default_exports(csp, NULL)))
+   {
+      edit_free_file(file);
+      return JB_ERR_MEMORY;
+   }
+
+   err = map(exports, "f", 1, stringify(file->identifier), 0);
+   if (!err) err = map(exports, "v", 1, file->version_str, 1);
+   if (!err) err = map(exports, "s", 1, url_encode(lookup(parameters, "s")), 0);
+
+   if (!err) err = actions_to_radio(exports, cur_line->data.action);
+
+   /*
+    * XXX: Some browsers (at least IE6 and IE7) have an artifical URL
+    * length limitation and ignore clicks on the Submit buttons if
+    * the resulting GET URL would be longer than their limit.
+    *
+    * In Privoxy 3.0.5 beta the standard edit-actions-for-url template
+    * reached this limit and action editing stopped working in these
+    * browsers (BR #1570678).
+    *
+    * The config option split-large-forms works around this browser
+    * bug (HTTP has no URL lenght limitation) by deviding the action
+    * list form into multiple smaller ones. It means the URLs are shorter
+    * and work in broken browsers as well, but the user can no longer change
+    * all actions with one submit.
+    *
+    * A better solution would be to switch to POST requests,
+    * but this will do for now.
+    */
+   if(!err && (csp->config->feature_flags & RUNTIME_FEATURE_SPLIT_LARGE_FORMS))
+   {
+      /* Generate multiple smaller form by killing the big one. */
+      err = map_block_killer(exports, "one-form-only");
+   }
+   else
+   {
+      /* Default: Generate one large form by killing the smaller ones. */
+      err = map_block_killer(exports, "multiple-forms");
+   }
+
+   for (i = 0; i < MAX_AF_FILES; i++)
+   {
+      if ((csp->rlist[i] != NULL) && (csp->rlist[i]->f != NULL))
+      {
+         if (!err) err = map_conditional(exports, "any-filters-defined", 1);
+         have_filters = 1;
+         break;
+      }
+   }
+
+   if (err)
+   {
+      edit_free_file(file);
+      free_map(exports);
+      return err;
+   }
+
+   if (0 == have_filters)
+   {
+      err = map(exports, "filter-params", 1, "", 1);
+   }
+   else
+   {
+      /*
+       * List available filters and their settings.
+       */
+      char *filter_template;
+      int filter_identifier = 0;
+      char *prepared_templates[MAX_FILTER_TYPES];
+
+      for (i = 0; i < MAX_FILTER_TYPES; i++)
+      {
+         prepared_templates[i] = strdup("");
+      }
+
+      err = template_load(csp, &filter_template, "edit-actions-for-url-filter", 0);
+      if (err)
+      {
+         edit_free_file(file);
+         free_map(exports);
+         if (err == JB_ERR_FILE)
+         {
+            return cgi_error_no_template(csp, rsp, "edit-actions-for-url-filter");
+         }
+         return err;
+      }
+
+      err = template_fill(&filter_template, exports);
+
+      for (i = 0; i < MAX_AF_FILES; i++)
+      {
+         if ((csp->rlist[i] != NULL) && (csp->rlist[i]->f != NULL))
+         {
+            filter_group = csp->rlist[i]->f;
+            for (;(!err) && (filter_group != NULL); filter_group = filter_group->next)
+            {
+               char current_mode = 'x';
+               char number[20];
+               struct list_entry *filter_name;
+               struct map *line_exports;
+               const int type = filter_group->type;
+               const int multi_action_index = filter_type_info[type].multi_action_index;
+
+               assert(type < MAX_FILTER_TYPES);
+
+               filter_name = cur_line->data.action->multi_add[multi_action_index]->first;
+               while ((filter_name != NULL)
+                   && (0 != strcmp(filter_group->name, filter_name->str)))
+               {
+                    filter_name = filter_name->next;
+               }
+
+               if (filter_name != NULL)
+               {
+                  current_mode = 'y';
+               }
+               else
+               {
+                  filter_name = cur_line->data.action->multi_remove[multi_action_index]->first;
+                  while ((filter_name != NULL)
+                      && (0 != strcmp(filter_group->name, filter_name->str)))
+                  {
+                       filter_name = filter_name->next;
+                  }
+                  if (filter_name != NULL)
+                  {
+                     current_mode = 'n';
+                  }
+               }
+
+               /* Generate a unique serial number */
+               snprintf(number, sizeof(number), "%x", filter_identifier++);
+               number[sizeof(number) - 1] = '\0';
+
+               line_exports = new_map();
+               if (line_exports == NULL)
+               {
+                  err = JB_ERR_MEMORY;
+               }
+               else
+               {
+                  char *filter_line;
+
+                  if (!err) err = map(line_exports, "index", 1, number, 1);
+                  if (!err) err = map(line_exports, "name",  1, filter_group->name, 1);
+                  if (!err) err = map(line_exports, "description",  1, filter_group->description, 1);
+                  if (!err) err = map_radio(line_exports, "this-filter", "ynx", current_mode);
+                  if (!err) err = map(line_exports, "filter-type", 1, filter_type_info[type].type, 1);
+                  if (!err) err = map(line_exports, "abbr-filter-type", 1, filter_type_info[type].abbr_type, 1);
+                  if (!err) err = map(line_exports, "anchor", 1, filter_type_info[type].anchor, 1);
+
+                  if (!err)
+                  {
+                     filter_line = strdup(filter_template);
+                     if (filter_line == NULL) err = JB_ERR_MEMORY;
+                  }
+                  if (!err) err = template_fill(&filter_line, line_exports);
+                  string_join(&prepared_templates[type], filter_line);
+
+                  free_map(line_exports);
+               }
+            }
+         }
+      }
+      freez(filter_template);
+
+      /* Replace all filter macros with the aggregated templates */
+      for (i = 0; i < MAX_FILTER_TYPES; i++)
+      {
+         if (err) break;
+         err = map(exports, filter_type_info[i].macro_name, 1, prepared_templates[i], 0);
+      }
+
+      if (err)
+      {
+         /* Free aggregated templates */
+         for (i = 0; i < MAX_FILTER_TYPES; i++)
+         {
+            freez(prepared_templates[i]);
+         }
+      }
+   }
+
+   /* Check or uncheck the "disable all of this type" radio buttons. */
+   for (i = 0; i < MAX_FILTER_TYPES; i++)
+   {
+      const int a = filter_type_info[i].multi_action_index;
+      const int disable_all = cur_line->data.action->multi_remove_all[a];
+      if (err) break;
+      err = map_radio(exports, filter_type_info[i].disable_all_option, "nx", (disable_all ? 'n' : 'x'));
+   }
+
+   edit_free_file(file);
+
+   if (err)
+   {
+      free_map(exports);
+      return err;
+   }
+
+   return template_fill_for_cgi(csp, "edit-actions-for-url", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_edit_actions_submit
+ *
+ * Description :  CGI function that actually edits the Actions list.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters : None
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_CGI_PARAMS if the CGI parameters are not
+ *                                  specified or not valid.
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions_submit(struct client_state *csp,
+                               struct http_response *rsp,
+                               const struct map *parameters)
+{
+   unsigned sectionid;
+   char * actiontext;
+   char * newtext;
+   size_t newtext_size;
+   size_t len;
+   struct editable_file * file;
+   struct file_line * cur_line;
+   unsigned line_number;
+   char target[1024];
+   jb_err err;
+   int filter_identifier;
+   int i;
+   const char * action_set_name;
+   struct file_list * fl;
+   struct url_actions * b;
+
+   if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+   {
+      return cgi_error_disabled(csp, rsp);
+   }
+
+   err = get_number_param(csp, parameters, "s", &sectionid);
+   if (err)
+   {
+      return err;
+   }
+
+   err = edit_read_actions_file(csp, rsp, parameters, 1, &file);
+   if (err)
+   {
+      /* No filename specified, can't read file, modified, or out of memory. */
+      return (err == JB_ERR_FILE ? JB_ERR_OK : err);
+   }
+
+   cur_line = file->lines;
+
+   for (line_number = 1; (cur_line != NULL) && (line_number < sectionid); line_number++)
+   {
+      cur_line = cur_line->next;
+   }
+
+   if ( (cur_line == NULL)
+     || (line_number != sectionid)
+     || (sectionid < 1)
+     || (cur_line->type != FILE_LINE_ACTION))
+   {
+      /* Invalid "sectionid" parameter */
+      edit_free_file(file);
+      return JB_ERR_CGI_PARAMS;
+   }
+
+   get_string_param(parameters, "p", &action_set_name);
+   if (action_set_name != NULL)
+   {
+      for (filter_identifier = 0; filter_identifier < MAX_AF_FILES; filter_identifier++)
+      {
+         if (((fl = csp->actions_list[filter_identifier]) != NULL) && ((b = fl->f) != NULL))
+         {
+            for (b = b->next; NULL != b; b = b->next)
+            {
+               if (!strncmp(b->url->spec, "standard.", 9) && !strcmp(b->url->spec + 9, action_set_name))
+               {
+                  copy_action(cur_line->data.action, b->action);
+                  goto found;
+               }
+            }
+         }
+      }
+      edit_free_file(file);
+      return JB_ERR_CGI_PARAMS;
+
+      found: ;
+   }
+   else
+   {
+      err = actions_from_radio(parameters, cur_line->data.action);
+   }
+
+   if (err)
+   {
+      /* Out of memory */
+      edit_free_file(file);
+      return err;
+   }
+
+   /* Check the "disable all of this type" parameters. */
+   for (i = 0; i < MAX_FILTER_TYPES; i++)
+   {
+      const int multi_action_index = filter_type_info[i].multi_action_index;
+      const char ch = get_char_param(parameters, filter_type_info[i].disable_all_param);
+
+      if (ch == 'N')
+      {
+         list_remove_all(cur_line->data.action->multi_add[multi_action_index]);
+         list_remove_all(cur_line->data.action->multi_remove[multi_action_index]);
+         cur_line->data.action->multi_remove_all[multi_action_index] = 1;
+      }
+      else if (ch == 'X')
+      {
+         cur_line->data.action->multi_remove_all[multi_action_index] = 0;
+      }
+   }
+
+   for (filter_identifier = 0; !err; filter_identifier++)
+   {
+      char key_value[30];
+      char key_name[30];
+      char key_type[30];
+      const char *name;
+      char value; /*
+                   * Filter state. Valid states are: 'Y' (active),
+                   * 'N' (inactive) and 'X' (no change).
+                   * XXX: bad name.
+                   */
+      char type;  /*
+                   * Abbreviated filter type. Valid types are: 'F' (content filter),
+                   * 'S' (server-header filter) and 'C' (client-header filter).
+                   */
+      int multi_action_index = 0;
+
+      /* Generate the keys */
+      snprintf(key_value, sizeof(key_value), "filter_r%x", filter_identifier);
+      key_value[sizeof(key_value) - 1] = '\0'; /* XXX: Why? */
+      snprintf(key_name, sizeof(key_name), "filter_n%x", filter_identifier);
+      key_name[sizeof(key_name) - 1] = '\0'; /* XXX: Why? */
+      snprintf(key_type, sizeof(key_type), "filter_t%x", filter_identifier);
+
+      err = get_string_param(parameters, key_name, &name);
+      if (err) break;
+
+      if (name == NULL)
+      {
+         /* End of list */
+         break;
+      }
+
+      type = get_char_param(parameters, key_type);
+      switch (type)
+      {
+         case 'F':
+            multi_action_index = ACTION_MULTI_FILTER;
+            break;
+         case 'S':
+            multi_action_index = ACTION_MULTI_SERVER_HEADER_FILTER;
+            break;
+         case 'C':
+            multi_action_index = ACTION_MULTI_CLIENT_HEADER_FILTER;
+            break;
+         case 'L':
+            multi_action_index = ACTION_MULTI_CLIENT_HEADER_TAGGER;
+            break;
+         case 'E':
+            multi_action_index = ACTION_MULTI_SERVER_HEADER_TAGGER;
+            break;
+         default:
+            log_error(LOG_LEVEL_ERROR,
+               "Unknown filter type: %c for filter %s. Filter ignored.", type, name);
+            continue;
+      }
+      assert(multi_action_index);
+
+      value = get_char_param(parameters, key_value);
+      if (value == 'Y')
+      {
+         list_remove_item(cur_line->data.action->multi_add[multi_action_index], name);
+         if (!err) err = enlist(cur_line->data.action->multi_add[multi_action_index], name);
+         list_remove_item(cur_line->data.action->multi_remove[multi_action_index], name);
+      }
+      else if (value == 'N')
+      {
+         list_remove_item(cur_line->data.action->multi_add[multi_action_index], name);
+         if (!cur_line->data.action->multi_remove_all[multi_action_index])
+         {
+            list_remove_item(cur_line->data.action->multi_remove[multi_action_index], name);
+            if (!err) err = enlist(cur_line->data.action->multi_remove[multi_action_index], name);
+         }
+      }
+      else if (value == 'X')
+      {
+         list_remove_item(cur_line->data.action->multi_add[multi_action_index], name);
+         list_remove_item(cur_line->data.action->multi_remove[multi_action_index], name);
+      }
+   }
+
+   if(err)
+   {
+      /* Out of memory */
+      edit_free_file(file);
+      return err;
+   }
+
+   if (NULL == (actiontext = actions_to_text(cur_line->data.action)))
+   {
+      /* Out of memory */
+      edit_free_file(file);
+      return JB_ERR_MEMORY;
+   }
+
+   len = strlen(actiontext);
+   if (len == 0)
+   {
+      /*
+       * Empty action - must special-case this.
+       * Simply setting len to 1 is sufficient...
+       */
+      len = 1;
+   }
+
+   newtext_size = len + 2;
+   if (NULL == (newtext = malloc(newtext_size)))
+   {
+      /* Out of memory */
+      free(actiontext);
+      edit_free_file(file);
+      return JB_ERR_MEMORY;
+   }
+   strlcpy(newtext, actiontext, newtext_size);
+   free(actiontext);
+   newtext[0]       = '{';
+   newtext[len]     = '}';
+   newtext[len + 1] = '\0';
+
+   freez(cur_line->raw);
+   freez(cur_line->unprocessed);
+   cur_line->unprocessed = newtext;
+
+   err = edit_write_file(file);
+   if (err)
+   {
+      /* Error writing file */
+      if (err == JB_ERR_FILE)
+      {
+         /* Read-only file. */
+         err = cgi_error_file_read_only(csp, rsp, file->filename);
+      }
+      edit_free_file(file);
+      return err;
+   }
+
+   snprintf(target, sizeof(target), CGI_PREFIX "edit-actions-list?foo=%lu&f=%i#l%d",
+            (long) time(NULL), file->identifier, sectionid);
+
+   edit_free_file(file);
+
+   return cgi_redirect(rsp, target);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_edit_actions_url
+ *
+ * Description :  CGI function that actually edits a URL pattern in
+ *                an actions file.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters :
+ *    filename : Identifies the file to edit
+ *         ver : File's last-modified time
+ *     section : Line number of section to edit
+ *     pattern : Line number of pattern to edit
+ *      newval : New value for pattern
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_CGI_PARAMS if the CGI parameters are not
+ *                                  specified or not valid.
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions_url(struct client_state *csp,
+                            struct http_response *rsp,
+                            const struct map *parameters)
+{
+   unsigned patternid;
+   char * new_pattern;
+   struct editable_file * file;
+   struct file_line * cur_line;
+   unsigned line_number;
+   unsigned section_start_line_number = 0;
+   char target[1024];
+   jb_err err;
+
+   assert(csp);
+   assert(rsp);
+   assert(parameters);
+
+   if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+   {
+      return cgi_error_disabled(csp, rsp);
+   }
+
+   err = get_number_param(csp, parameters, "p", &patternid);
+   if (err)
+   {
+      return err;
+   }
+   if (patternid < 1U)
+   {
+      return JB_ERR_CGI_PARAMS;
+   }
+
+   err = get_url_spec_param(csp, parameters, "u", &new_pattern);
+   if (err)
+   {
+      return err;
+   }
+
+   err = edit_read_actions_file(csp, rsp, parameters, 1, &file);
+   if (err)
+   {
+      /* No filename specified, can't read file, modified, or out of memory. */
+      free(new_pattern);
+      return (err == JB_ERR_FILE ? JB_ERR_OK : err);
+   }
+
+   line_number = 1;
+   cur_line = file->lines;
+
+   while ((cur_line != NULL) && (line_number < patternid))
+   {
+      if (cur_line->type == FILE_LINE_ACTION)
+      {
+         section_start_line_number = line_number;
+      }      
+      cur_line = cur_line->next;
+      line_number++;
+   }
+
+   if ( (cur_line == NULL)
+     || (cur_line->type != FILE_LINE_URL))
+   {
+      /* Invalid "patternid" parameter */
+      free(new_pattern);
+      edit_free_file(file);
+      return JB_ERR_CGI_PARAMS;
+   }
+
+   /* At this point, the line to edit is in cur_line */
+
+   freez(cur_line->raw);
+   freez(cur_line->unprocessed);
+   cur_line->unprocessed = new_pattern;
+
+   err = edit_write_file(file);
+   if (err)
+   {
+      /* Error writing file */
+      if (err == JB_ERR_FILE)
+      {
+         /* Read-only file. */
+         err = cgi_error_file_read_only(csp, rsp, file->filename);
+      }
+      edit_free_file(file);
+      return err;
+   }
+
+   snprintf(target, sizeof(target), CGI_PREFIX "edit-actions-list?foo=%lu&f=%i#l%d",
+            (long) time(NULL), file->identifier, section_start_line_number);
+
+   edit_free_file(file);
+
+   return cgi_redirect(rsp, target);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_edit_actions_add_url
+ *
+ * Description :  CGI function that actually adds a URL pattern to
+ *                an actions file.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters :
+ *    filename : Identifies the file to edit
+ *         ver : File's last-modified time
+ *     section : Line number of section to edit
+ *      newval : New pattern
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_CGI_PARAMS if the CGI parameters are not
+ *                                  specified or not valid.
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions_add_url(struct client_state *csp,
+                                struct http_response *rsp,
+                                const struct map *parameters)
+{
+   unsigned sectionid;
+   char * new_pattern;
+   struct file_line * new_line;
+   struct editable_file * file;
+   struct file_line * cur_line;
+   unsigned line_number;
+   char target[1024];
+   jb_err err;
+
+   if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+   {
+      return cgi_error_disabled(csp, rsp);
+   }
+
+   err = get_number_param(csp, parameters, "s", &sectionid);
+   if (err)
+   {
+      return err;
+   }
+   if (sectionid < 1U)
+   {
+      return JB_ERR_CGI_PARAMS;
+   }
+
+   err = get_url_spec_param(csp, parameters, "u", &new_pattern);
+   if (err)
+   {
+      return err;
+   }
+
+   err = edit_read_actions_file(csp, rsp, parameters, 1, &file);
+   if (err)
+   {
+      /* No filename specified, can't read file, modified, or out of memory. */
+      free(new_pattern);
+      return (err == JB_ERR_FILE ? JB_ERR_OK : err);
+   }
+
+   line_number = 1;
+   cur_line = file->lines;
+
+   while ((cur_line != NULL) && (line_number < sectionid))
+   {
+      cur_line = cur_line->next;
+      line_number++;
+   }
+
+   if ( (cur_line == NULL)
+     || (cur_line->type != FILE_LINE_ACTION))
+   {
+      /* Invalid "sectionid" parameter */
+      free(new_pattern);
+      edit_free_file(file);
+      return JB_ERR_CGI_PARAMS;
+   }
+
+   /* At this point, the section header is in cur_line - add after this. */
+
+   /* Allocate the new line */
+   new_line = (struct file_line *)zalloc(sizeof(*new_line));
+   if (new_line == NULL)
+   {
+      free(new_pattern);
+      edit_free_file(file);
+      return JB_ERR_MEMORY;
+   }
+
+   /* Fill in the data members of the new line */
+   new_line->raw = NULL;
+   new_line->prefix = NULL;
+   new_line->unprocessed = new_pattern;
+   new_line->type = FILE_LINE_URL;
+
+   /* Link new_line into the list, after cur_line */
+   new_line->next = cur_line->next;
+   cur_line->next = new_line;
+
+   /* Done making changes, now commit */
+
+   err = edit_write_file(file);
+   if (err)
+   {
+      /* Error writing file */
+      if (err == JB_ERR_FILE)
+      {
+         /* Read-only file. */
+         err = cgi_error_file_read_only(csp, rsp, file->filename);
+      }
+      edit_free_file(file);
+      return err;
+   }
+
+   snprintf(target, sizeof(target), CGI_PREFIX "edit-actions-list?foo=%lu&f=%i#l%d",
+            (long) time(NULL), file->identifier, sectionid);
+
+   edit_free_file(file);
+
+   return cgi_redirect(rsp, target);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_edit_actions_remove_url
+ *
+ * Description :  CGI function that actually removes a URL pattern from
+ *                the actions file.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters :
+ *           f : (filename) Identifies the file to edit
+ *           v : (version) File's last-modified time
+ *           p : (pattern) Line number of pattern to remove
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_CGI_PARAMS if the CGI parameters are not
+ *                                  specified or not valid.
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions_remove_url(struct client_state *csp,
+                                   struct http_response *rsp,
+                                   const struct map *parameters)
+{
+   unsigned patternid;
+   struct editable_file * file;
+   struct file_line * cur_line;
+   struct file_line * prev_line;
+   unsigned line_number;
+   unsigned section_start_line_number = 0;
+   char target[1024];
+   jb_err err;
+
+   if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+   {
+      return cgi_error_disabled(csp, rsp);
+   }
+
+   err = get_number_param(csp, parameters, "p", &patternid);
+   if (err)
+   {
+      return err;
+   }
+
+   err = edit_read_actions_file(csp, rsp, parameters, 1, &file);
+   if (err)
+   {
+      /* No filename specified, can't read file, modified, or out of memory. */
+      return (err == JB_ERR_FILE ? JB_ERR_OK : err);
+   }
+
+   line_number = 1;
+   prev_line = NULL;
+   cur_line = file->lines;
+
+   while ((cur_line != NULL) && (line_number < patternid))
+   {
+      if (cur_line->type == FILE_LINE_ACTION)
+      {
+         section_start_line_number = line_number;
+      }
+      prev_line = cur_line;
+      cur_line = cur_line->next;
+      line_number++;
+   }
+
+   if ( (cur_line == NULL)
+     || (prev_line == NULL)
+     || (cur_line->type != FILE_LINE_URL))
+   {
+      /* Invalid "patternid" parameter */
+      edit_free_file(file);
+      return JB_ERR_CGI_PARAMS;
+   }
+
+   /* At this point, the line to remove is in cur_line, and the previous
+    * one is in prev_line
+    */
+
+   /* Unlink cur_line */
+   prev_line->next = cur_line->next;
+   cur_line->next = NULL;
+
+   /* Free cur_line */
+   edit_free_file_lines(cur_line);
+
+   err = edit_write_file(file);
+   if (err)
+   {
+      /* Error writing file */
+      if (err == JB_ERR_FILE)
+      {
+         /* Read-only file. */
+         err = cgi_error_file_read_only(csp, rsp, file->filename);
+      }
+      edit_free_file(file);
+      return err;
+   }
+
+   snprintf(target, sizeof(target), CGI_PREFIX "edit-actions-list?foo=%lu&f=%i#l%d",
+            (long) time(NULL), file->identifier, section_start_line_number);
+
+   edit_free_file(file);
+
+   return cgi_redirect(rsp, target);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_edit_actions_section_remove
+ *
+ * Description :  CGI function that actually removes a whole section from
+ *                the actions file.  The section must be empty first
+ *                (else JB_ERR_CGI_PARAMS).
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters :
+ *           f : (filename) Identifies the file to edit
+ *           v : (version) File's last-modified time
+ *           s : (section) Line number of section to edit
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_CGI_PARAMS if the CGI parameters are not
+ *                                  specified or not valid.
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions_section_remove(struct client_state *csp,
+                                       struct http_response *rsp,
+                                       const struct map *parameters)
+{
+   unsigned sectionid;
+   struct editable_file * file;
+   struct file_line * cur_line;
+   struct file_line * prev_line;
+   unsigned line_number;
+   char target[1024];
+   jb_err err;
+
+   if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+   {
+      return cgi_error_disabled(csp, rsp);
+   }
+
+   err = get_number_param(csp, parameters, "s", &sectionid);
+   if (err)
+   {
+      return err;
+   }
+
+   err = edit_read_actions_file(csp, rsp, parameters, 1, &file);
+   if (err)
+   {
+      /* No filename specified, can't read file, modified, or out of memory. */
+      return (err == JB_ERR_FILE ? JB_ERR_OK : err);
+   }
+
+   line_number = 1;
+   cur_line = file->lines;
+
+   prev_line = NULL;
+   while ((cur_line != NULL) && (line_number < sectionid))
+   {
+      prev_line = cur_line;
+      cur_line = cur_line->next;
+      line_number++;
+   }
+
+   if ( (cur_line == NULL)
+     || (cur_line->type != FILE_LINE_ACTION) )
+   {
+      /* Invalid "sectionid" parameter */
+      edit_free_file(file);
+      return JB_ERR_CGI_PARAMS;
+   }
+
+   if ( (cur_line->next != NULL)
+     && (cur_line->next->type == FILE_LINE_URL) )
+   {
+      /* Section not empty. */
+      edit_free_file(file);
+      return JB_ERR_CGI_PARAMS;
+   }
+
+   /* At this point, the line to remove is in cur_line, and the previous
+    * one is in prev_line
+    */
+
+   /* Unlink cur_line */
+   if (prev_line == NULL)
+   {
+      /* Removing the first line from the file */
+      file->lines = cur_line->next;
+   }
+   else
+   {
+      prev_line->next = cur_line->next;
+   }
+   cur_line->next = NULL;
+
+   /* Free cur_line */
+   edit_free_file_lines(cur_line);
+
+   err = edit_write_file(file);
+   if (err)
+   {
+      /* Error writing file */
+      if (err == JB_ERR_FILE)
+      {
+         /* Read-only file. */
+         err = cgi_error_file_read_only(csp, rsp, file->filename);
+      }
+      edit_free_file(file);
+      return err;
+   }
+
+   snprintf(target, sizeof(target), CGI_PREFIX "edit-actions-list?foo=%lu&f=%i",
+            (long) time(NULL), file->identifier);
+
+   edit_free_file(file);
+
+   return cgi_redirect(rsp, target);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_edit_actions_section_add
+ *
+ * Description :  CGI function that adds a new empty section to
+ *                an actions file.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters :
+ *           f : (filename) Identifies the file to edit
+ *           v : (version) File's last-modified time
+ *           s : (section) Line number of section to add after, 0 for
+ *               start of file.
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_CGI_PARAMS if the CGI parameters are not
+ *                                  specified or not valid.
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions_section_add(struct client_state *csp,
+                                    struct http_response *rsp,
+                                    const struct map *parameters)
+{
+   unsigned sectionid;
+   struct file_line * new_line;
+   char * new_text;
+   struct editable_file * file;
+   struct file_line * cur_line;
+   unsigned line_number;
+   char target[1024];
+   jb_err err;
+
+   if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+   {
+      return cgi_error_disabled(csp, rsp);
+   }
+
+   err = get_number_param(csp, parameters, "s", &sectionid);
+   if (err)
+   {
+      return err;
+   }
+
+   err = edit_read_actions_file(csp, rsp, parameters, 1, &file);
+   if (err)
+   {
+      /* No filename specified, can't read file, modified, or out of memory. */
+      return (err == JB_ERR_FILE ? JB_ERR_OK : err);
+   }
+
+   line_number = 1;
+   cur_line = file->lines;
+
+   if (sectionid <= 1U)
+   {
+      /* Add to start of file */
+      if (cur_line != NULL && cur_line->type != FILE_LINE_ACTION)
+      {
+         /* There's something in the file, find the line before the first
+          * action.
+          */
+         while ( (cur_line->next != NULL)
+              && (cur_line->next->type != FILE_LINE_ACTION) )
+         {
+            cur_line = cur_line->next;
+            line_number++;
+         }
+      }
+      else
+      {
+         /* File starts with action line, so insert at top */
+         cur_line = NULL;
+      }
+   }
+   else
+   {
+      /* Add after stated section. */
+      while ((cur_line != NULL) && (line_number < sectionid))
+      {
+         cur_line = cur_line->next;
+         line_number++;
+      }
+
+      if ( (cur_line == NULL)
+        || (cur_line->type != FILE_LINE_ACTION))
+      {
+         /* Invalid "sectionid" parameter */
+         edit_free_file(file);
+         return JB_ERR_CGI_PARAMS;
+      }
+
+      /* Skip through the section to find the last line in it. */
+      while ( (cur_line->next != NULL)
+           && (cur_line->next->type != FILE_LINE_ACTION) )
+      {
+         cur_line = cur_line->next;
+         line_number++;
+      }
+   }
+
+   /* At this point, the last line in the previous section is in cur_line
+    * - add after this.  (Or if we need to add as the first line, cur_line
+    * will be NULL).
+    */
+
+   new_text = strdup("{}");
+   if (NULL == new_text)
+   {
+      edit_free_file(file);
+      return JB_ERR_MEMORY;
+   }
+
+   /* Allocate the new line */
+   new_line = (struct file_line *)zalloc(sizeof(*new_line));
+   if (new_line == NULL)
+   {
+      free(new_text);
+      edit_free_file(file);
+      return JB_ERR_MEMORY;
+   }
+
+   /* Fill in the data members of the new line */
+   new_line->raw = NULL;
+   new_line->prefix = NULL;
+   new_line->unprocessed = new_text;
+   new_line->type = FILE_LINE_ACTION;
+
+   if (cur_line != NULL)
+   {
+      /* Link new_line into the list, after cur_line */
+      new_line->next = cur_line->next;
+      cur_line->next = new_line;
+   }
+   else
+   {
+      /* Link new_line into the list, as first line */
+      new_line->next = file->lines;
+      file->lines = new_line;
+   }
+
+   /* Done making changes, now commit */
+
+   err = edit_write_file(file);
+   if (err)
+   {
+      /* Error writing file */
+      if (err == JB_ERR_FILE)
+      {
+         /* Read-only file. */
+         err = cgi_error_file_read_only(csp, rsp, file->filename);
+      }
+      edit_free_file(file);
+      return err;
+   }
+
+   snprintf(target, sizeof(target), CGI_PREFIX "edit-actions-list?foo=%lu&f=%i",
+            (long) time(NULL), file->identifier);
+
+   edit_free_file(file);
+
+   return cgi_redirect(rsp, target);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_edit_actions_section_swap
+ *
+ * Description :  CGI function that swaps the order of two sections
+ *                in the actions file.  Note that this CGI can actually
+ *                swap any two arbitrary sections, but the GUI interface
+ *                currently only allows consecutive sections to be
+ *                specified.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters :
+ *           f : (filename) Identifies the file to edit
+ *           v : (version) File's last-modified time
+ *          s1 : (section1) Line number of first section to swap
+ *          s2 : (section2) Line number of second section to swap
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_CGI_PARAMS if the CGI parameters are not
+ *                                  specified or not valid.
+ *
+ *********************************************************************/
+jb_err cgi_edit_actions_section_swap(struct client_state *csp,
+                                     struct http_response *rsp,
+                                     const struct map *parameters)
+{
+   unsigned section1;
+   unsigned section2;
+   struct editable_file * file;
+   struct file_line * cur_line;
+   struct file_line * prev_line;
+   struct file_line * line_before_section1;
+   struct file_line * line_start_section1;
+   struct file_line * line_end_section1;
+   struct file_line * line_after_section1;
+   struct file_line * line_before_section2;
+   struct file_line * line_start_section2;
+   struct file_line * line_end_section2;
+   struct file_line * line_after_section2;
+   unsigned line_number;
+   char target[1024];
+   jb_err err;
+
+   if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+   {
+      return cgi_error_disabled(csp, rsp);
+   }
+
+   err = get_number_param(csp, parameters, "s1", &section1);
+   if (!err) err = get_number_param(csp, parameters, "s2", &section2);
+   if (err)
+   {
+      return err;
+   }
+
+   if (section1 > section2)
+   {
+      unsigned temp = section2;
+      section2 = section1;
+      section1 = temp;
+   }
+
+   err = edit_read_actions_file(csp, rsp, parameters, 1, &file);
+   if (err)
+   {
+      /* No filename specified, can't read file, modified, or out of memory. */
+      return (err == JB_ERR_FILE ? JB_ERR_OK : err);
+   }
+
+   /* Start at the beginning... */
+   line_number = 1;
+   cur_line = file->lines;
+   prev_line = NULL;
+
+   /* ... find section1 ... */
+   while ((cur_line != NULL) && (line_number < section1))
+   {
+      prev_line = cur_line;
+      cur_line = cur_line->next;
+      line_number++;
+   }
+
+   if ( (cur_line == NULL)
+     || (cur_line->type != FILE_LINE_ACTION) )
+   {
+      /* Invalid "section1" parameter */
+      edit_free_file(file);
+      return JB_ERR_CGI_PARAMS;
+   }
+
+   /* If no-op, we've validated params and can skip the rest. */
+   if (section1 != section2)
+   {
+      /* ... find the end of section1 ... */
+      line_before_section1 = prev_line;
+      line_start_section1 = cur_line;
+      do
+      {
+         prev_line = cur_line;
+         cur_line = cur_line->next;
+         line_number++;
+      }
+      while ((cur_line != NULL) && (cur_line->type == FILE_LINE_URL));
+      line_end_section1 = prev_line;
+      line_after_section1 = cur_line;
+
+      /* ... find section2 ... */
+      while ((cur_line != NULL) && (line_number < section2))
+      {
+         prev_line = cur_line;
+         cur_line = cur_line->next;
+         line_number++;
+      }
+
+      if ( (cur_line == NULL)
+        || (cur_line->type != FILE_LINE_ACTION) )
+      {
+         /* Invalid "section2" parameter */
+         edit_free_file(file);
+         return JB_ERR_CGI_PARAMS;
+      }
+
+      /* ... find the end of section2 ... */
+      line_before_section2 = prev_line;
+      line_start_section2 = cur_line;
+      do
+      {
+         prev_line = cur_line;
+         cur_line = cur_line->next;
+         line_number++;
+      }
+      while ((cur_line != NULL) && (cur_line->type == FILE_LINE_URL));
+      line_end_section2 = prev_line;
+      line_after_section2 = cur_line;
+
+      /* Now have all the pointers we need. Do the swap. */
+
+      /* Change the pointer to section1 to point to section2 instead */
+      if (line_before_section1 == NULL)
+      {
+         file->lines = line_start_section2;
+      }
+      else
+      {
+         line_before_section1->next = line_start_section2;
+      }
+
+      if (line_before_section2 == line_end_section1)
+      {
+         /* Consecutive sections */
+         line_end_section2->next = line_start_section1;
+      }
+      else
+      {
+         line_end_section2->next = line_after_section1;
+         line_before_section2->next = line_start_section1;
+      }
+
+      /* Set the pointer from the end of section1 to the rest of the file */
+      line_end_section1->next = line_after_section2;
+
+      err = edit_write_file(file);
+      if (err)
+      {
+         /* Error writing file */
+         if (err == JB_ERR_FILE)
+         {
+            /* Read-only file. */
+            err = cgi_error_file_read_only(csp, rsp, file->filename);
+         }
+         edit_free_file(file);
+         return err;
+      }
+   } /* END if (section1 != section2) */
+
+   snprintf(target, sizeof(target), CGI_PREFIX "edit-actions-list?foo=%lu&f=%i",
+            (long) time(NULL), file->identifier);
+
+   edit_free_file(file);
+
+   return cgi_redirect(rsp, target);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  javascriptify
+ *
+ * Description :  Converts a string into a form JavaScript will like.
+ *
+ *                Netscape 4's JavaScript sucks - it doesn't use 
+ *                "id" parameters, so you have to set the "name"
+ *                used to submit a form element to something JavaScript
+ *                will like.  (Or access the elements by index in an
+ *                array.  That array contains >60 elements and will
+ *                be changed whenever we add a new action to the
+ *                editor, so I'm NOT going to use indexes that have
+ *                to be figured out by hand.)
+ *
+ *                Currently the only thing we have to worry about
+ *                is "-" ==> "_" conversion.
+ *
+ *                This is a length-preserving operation so it is
+ *                carried out in-place, no memory is allocated
+ *                or freed.
+ *
+ * Parameters  :
+ *          1  :  identifier = String to make JavaScript-friendly.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+static void javascriptify(char * identifier)
+{
+   char * p = identifier;
+   while (NULL != (p = strchr(p, '-')))
+   {
+      *p++ = '_';
+   }
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  actions_to_radio
+ *
+ * Description :  Converts a actionsfile entry into settings for
+ *                radio buttons and edit boxes on a HTML form.
+ *
+ * Parameters  :
+ *          1  :  exports = List of substitutions to add to.
+ *          2  :  action  = Action to read
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *
+ *********************************************************************/
+static jb_err actions_to_radio(struct map * exports,
+                               const struct action_spec *action)
+{
+   unsigned long mask;
+   unsigned long add;
+   int mapped_param;
+   int checked;
+   char current_mode;
+
+   assert(exports);
+   assert(action);
+
+   mask = action->mask;
+   add  = action->add;
+
+   /* sanity - prevents "-feature +feature" */
+   mask |= add;
+
+
+#define DEFINE_ACTION_BOOL(name, bit)                 \
+   if (!(mask & bit))                                 \
+   {                                                  \
+      current_mode = 'n';                             \
+   }                                                  \
+   else if (add & bit)                                \
+   {                                                  \
+      current_mode = 'y';                             \
+   }                                                  \
+   else                                               \
+   {                                                  \
+      current_mode = 'x';                             \
+   }                                                  \
+   if (map_radio(exports, name, "ynx", current_mode)) \
+   {                                                  \
+      return JB_ERR_MEMORY;                           \
+   }
+
+#define DEFINE_ACTION_STRING(name, bit, index)        \
+   DEFINE_ACTION_BOOL(name, bit);                     \
+   mapped_param = 0;
+
+#define DEFINE_CGI_PARAM_RADIO(name, bit, index, value, is_default)  \
+   if (add & bit)                                                    \
+   {                                                                 \
+      checked = !strcmp(action->string[index], value);               \
+   }                                                                 \
+   else                                                              \
+   {                                                                 \
+      checked = is_default;                                          \
+   }                                                                 \
+   mapped_param |= checked;                                          \
+   if (map(exports, name "-param-" value, 1, (checked ? "checked" : ""), 1)) \
+   {                                                                 \
+      return JB_ERR_MEMORY;                                          \
+   }
+
+#define DEFINE_CGI_PARAM_CUSTOM(name, bit, index, default_val)       \
+   if (map(exports, name "-param-custom", 1,                         \
+           ((!mapped_param) ? "checked" : ""), 1))                   \
+   {                                                                 \
+      return JB_ERR_MEMORY;                                          \
+   }                                                                 \
+   if (map(exports, name "-param", 1,                                \
+           (((add & bit) && !mapped_param) ?                         \
+           action->string[index] : default_val), 1))                 \
+   {                                                                 \
+      return JB_ERR_MEMORY;                                          \
+   }
+
+#define DEFINE_CGI_PARAM_NO_RADIO(name, bit, index, default_val)     \
+   if (map(exports, name "-param", 1,                                \
+           ((add & bit) ? action->string[index] : default_val), 1))  \
+   {                                                                 \
+      return JB_ERR_MEMORY;                                          \
+   }
+
+#define DEFINE_ACTION_MULTI(name, index)              \
+   if (action->multi_add[index]->first)               \
+   {                                                  \
+      current_mode = 'y';                             \
+   }                                                  \
+   else if (action->multi_remove_all[index])          \
+   {                                                  \
+      current_mode = 'n';                             \
+   }                                                  \
+   else if (action->multi_remove[index]->first)       \
+   {                                                  \
+      current_mode = 'y';                             \
+   }                                                  \
+   else                                               \
+   {                                                  \
+      current_mode = 'x';                             \
+   }                                                  \
+   if (map_radio(exports, name, "ynx", current_mode)) \
+   {                                                  \
+      return JB_ERR_MEMORY;                           \
+   }
+
+#define DEFINE_ACTION_ALIAS 0 /* No aliases for output */
+
+#include "actionlist.h"
+
+#undef DEFINE_ACTION_MULTI
+#undef DEFINE_ACTION_STRING
+#undef DEFINE_ACTION_BOOL
+#undef DEFINE_ACTION_ALIAS
+#undef DEFINE_CGI_PARAM_CUSTOM
+#undef DEFINE_CGI_PARAM_RADIO
+#undef DEFINE_CGI_PARAM_NO_RADIO
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  actions_from_radio
+ *
+ * Description :  Converts a map of parameters passed to a CGI function
+ *                into an actionsfile entry.
+ *
+ * Parameters  :
+ *          1  :  parameters = parameters to the CGI call
+ *          2  :  action  = Action to change.  Must be valid before
+ *                          the call, actions not specified will be
+ *                          left unchanged.
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *
+ *********************************************************************/
+static jb_err actions_from_radio(const struct map * parameters,
+                                 struct action_spec *action)
+{
+   const char * param;
+   char * param_dup;
+   char ch;
+   const char * js_name;
+   jb_err err = JB_ERR_OK;
+
+   assert(parameters);
+   assert(action);
+
+   /* Statics are generally a potential race condition,
+    * but in this case we're safe and don't need semaphores.
+    * Be careful if you modify this function.
+    * - Jon
+    * The js_name_arr's are never free()d, but this is no
+    * problem, since they will only be created once and
+    * used by all threads thereafter. -oes
+    */
+
+#define JAVASCRIPTIFY(dest_var, string)               \
+   {                                                  \
+     static int first_time = 1;                       \
+     static char *js_name_arr;                        \
+      if (first_time)                                 \
+      {                                               \
+         js_name_arr = strdup(string);                \
+         javascriptify(js_name_arr);                  \
+      }                                               \
+      dest_var = js_name_arr;                         \
+      first_time = 0;                                 \
+   }                                                  \
+
+#define DEFINE_ACTION_BOOL(name, bit)                 \
+   JAVASCRIPTIFY(js_name, name);                      \
+   ch = get_char_param(parameters, js_name);          \
+   if (ch == 'Y')                                     \
+   {                                                  \
+      action->add  |= bit;                            \
+      action->mask |= bit;                            \
+   }                                                  \
+   else if (ch == 'N')                                \
+   {                                                  \
+      action->add  &= ~bit;                           \
+      action->mask &= ~bit;                           \
+   }                                                  \
+   else if (ch == 'X')                                \
+   {                                                  \
+      action->add  &= ~bit;                           \
+      action->mask |= bit;                            \
+   }                                                  \
+
+#define DEFINE_ACTION_STRING(name, bit, index)                 \
+   JAVASCRIPTIFY(js_name, name);                               \
+   ch = get_char_param(parameters, js_name);                   \
+   if (ch == 'Y')                                              \
+   {                                                           \
+      param = NULL;                                            \
+      JAVASCRIPTIFY(js_name, name "-mode");                    \
+      if (!err) err = get_string_param(parameters, js_name, &param);    \
+      if ((param == NULL) || (0 == strcmp(param, "CUSTOM")))            \
+      {                                                                 \
+         JAVASCRIPTIFY(js_name, name "-param");                         \
+         if (!err) err = get_string_param(parameters, js_name, &param); \
+      }                                                        \
+      if (param != NULL)                                       \
+      {                                                        \
+         if (NULL == (param_dup = strdup(param)))              \
+         {                                                     \
+            return JB_ERR_MEMORY;                              \
+         }                                                     \
+         freez(action->string[index]);                         \
+         action->add  |= bit;                                  \
+         action->mask |= bit;                                  \
+         action->string[index] = param_dup;                    \
+      }                                                        \
+   }                                                           \
+   else if (ch == 'N')                                         \
+   {                                                           \
+      if (action->add & bit)                                   \
+      {                                                        \
+         freez(action->string[index]);                         \
+      }                                                        \
+      action->add  &= ~bit;                                    \
+      action->mask &= ~bit;                                    \
+   }                                                           \
+   else if (ch == 'X')                                         \
+   {                                                           \
+      if (action->add & bit)                                   \
+      {                                                        \
+         freez(action->string[index]);                         \
+      }                                                        \
+      action->add  &= ~bit;                                    \
+      action->mask |= bit;                                     \
+   }                                                           \
+
+#define DEFINE_ACTION_MULTI(name, index)                       \
+   JAVASCRIPTIFY(js_name, name);                               \
+   ch = get_char_param(parameters, js_name);                   \
+   if (ch == 'Y')                                              \
+   {                                                           \
+      /* FIXME */                                              \
+   }                                                           \
+   else if (ch == 'N')                                         \
+   {                                                           \
+      list_remove_all(action->multi_add[index]);               \
+      list_remove_all(action->multi_remove[index]);            \
+      action->multi_remove_all[index] = 1;                     \
+   }                                                           \
+   else if (ch == 'X')                                         \
+   {                                                           \
+      list_remove_all(action->multi_add[index]);               \
+      list_remove_all(action->multi_remove[index]);            \
+      action->multi_remove_all[index] = 0;                     \
+   }                                                           \
+
+#define DEFINE_ACTION_ALIAS 0 /* No aliases for URL parsing */
+
+#include "actionlist.h"
+
+#undef DEFINE_ACTION_MULTI
+#undef DEFINE_ACTION_STRING
+#undef DEFINE_ACTION_BOOL
+#undef DEFINE_ACTION_ALIAS
+#undef JAVASCRIPTIFY
+
+   return err;
+}
+#endif /* def FEATURE_CGI_EDIT_ACTIONS */
+
+
+#ifdef FEATURE_TOGGLE
+/*********************************************************************
+ *
+ * Function    :  cgi_toggle
+ *
+ * Description :  CGI function that adds a new empty section to
+ *                an actions file.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters :
+ *         set : If present, how to change toggle setting:
+ *               "enable", "disable", "toggle", or none (default).
+ *        mini : If present, use mini reply template.
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *
+ *********************************************************************/
+jb_err cgi_toggle(struct client_state *csp,
+                  struct http_response *rsp,
+                  const struct map *parameters)
+{
+   struct map *exports;
+   char mode;
+   const char *template_name;
+
+   assert(csp);
+   assert(rsp);
+   assert(parameters);
+
+   if (0 == (csp->config->feature_flags & RUNTIME_FEATURE_CGI_TOGGLE))
+   {
+      return cgi_error_disabled(csp, rsp);
+   }
+
+   mode = get_char_param(parameters, "set");
+
+   if (mode == 'E')
+   {
+      /* Enable */
+      global_toggle_state = 1;
+   }
+   else if (mode == 'D')
+   {
+      /* Disable */
+      global_toggle_state = 0;
+   }
+   else if (mode == 'T')
+   {
+      /* Toggle */
+      global_toggle_state = !global_toggle_state;
+   }
+
+   if (NULL == (exports = default_exports(csp, "toggle")))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   template_name = (get_char_param(parameters, "mini")
+                 ? "toggle-mini"
+                 : "toggle");
+
+   return template_fill_for_cgi(csp, template_name, exports, rsp);
+}
+#endif /* def FEATURE_TOGGLE */
+
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/cgiedit.h b/external/privoxy/cgiedit.h
new file mode 100644
index 0000000..ceb5248
--- /dev/null
+++ b/external/privoxy/cgiedit.h
@@ -0,0 +1,175 @@
+#ifndef CGIEDIT_H_INCLUDED
+#define CGIEDIT_H_INCLUDED
+#define CGIEDIT_H_VERSION "$Id: cgiedit.h,v 1.10 2008/08/31 15:59:03 fabiankeil Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/cgiedit.h,v $
+ *
+ * Purpose     :  CGI-based actionsfile editor.
+ *                
+ *                Functions declared include:
+ * 
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: cgiedit.h,v $
+ *    Revision 1.10  2008/08/31 15:59:03  fabiankeil
+ *    There's no reason to let remote toggling support depend
+ *    on FEATURE_CGI_EDIT_ACTIONS, so make sure it doesn't.
+ *
+ *    Revision 1.9  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.7.2.2  2004/02/17 13:30:23  oes
+ *    Moved cgi_error_disabled() from cgiedit.c to
+ *    cgi.c to re-enable build with --disable-editor.
+ *    Fixes Bug #892744. Thanks to Matthew Fischer
+ *    for spotting.
+ *
+ *    Revision 1.7.2.1  2002/11/28 18:15:17  oes
+ *    Added cgi_error_disabled
+ *
+ *    Revision 1.7  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.6  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.5  2002/01/22 23:24:48  jongfoster
+ *    Adding edit-actions-section-swap
+ *
+ *    Revision 1.4  2001/11/13 00:28:51  jongfoster
+ *    Adding new CGIs for use by non-JavaScript browsers:
+ *      edit-actions-url-form
+ *      edit-actions-add-url-form
+ *      edit-actions-remove-url-form
+ *
+ *    Revision 1.3  2001/10/23 21:48:19  jongfoster
+ *    Cleaning up error handling in CGI functions - they now send back
+ *    a HTML error page and should never cause a FATAL error.  (Fixes one
+ *    potential source of "denial of service" attacks).
+ *
+ *    CGI actions file editor that works and is actually useful.
+ *
+ *    Ability to toggle JunkBuster remotely using a CGI call.
+ *
+ *    You can turn off both the above features in the main configuration
+ *    file, e.g. if you are running a multi-user proxy.
+ *
+ *    Revision 1.2  2001/10/14 22:12:49  jongfoster
+ *    New version of CGI-based actionsfile editor.
+ *    Major changes, including:
+ *    - Completely new file parser and file output routines
+ *    - edit-actions CGI renamed edit-actions-for-url
+ *    - All CGIs now need a filename parameter, except for...
+ *    - New CGI edit-actions which doesn't need a filename,
+ *      to allow you to start the editor up.
+ *    - edit-actions-submit now works, and now automatically
+ *      redirects you back to the main edit-actions-list handler.
+ *
+ *    Revision 1.1  2001/09/16 15:47:37  jongfoster
+ *    First version of CGI-based edit interface.  This is very much a
+ *    work-in-progress, and you can't actually use it to edit anything
+ *    yet.  You must #define FEATURE_CGI_EDIT_ACTIONS for these changes
+ *    to have any effect.
+ *
+ *
+ **********************************************************************/
+
+
+#include "project.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * CGI functions
+ */
+#ifdef FEATURE_CGI_EDIT_ACTIONS
+extern jb_err cgi_edit_actions        (struct client_state *csp,
+                                       struct http_response *rsp,
+                                       const struct map *parameters);
+extern jb_err cgi_edit_actions_for_url(struct client_state *csp,
+                                       struct http_response *rsp,
+                                       const struct map *parameters);
+extern jb_err cgi_edit_actions_list   (struct client_state *csp,
+                                       struct http_response *rsp,
+                                       const struct map *parameters);
+extern jb_err cgi_edit_actions_submit (struct client_state *csp,
+                                       struct http_response *rsp,
+                                       const struct map *parameters);
+extern jb_err cgi_edit_actions_url    (struct client_state *csp,
+                                       struct http_response *rsp,
+                                       const struct map *parameters);
+extern jb_err cgi_edit_actions_url_form(struct client_state *csp,
+                                        struct http_response *rsp,
+                                        const struct map *parameters);
+extern jb_err cgi_edit_actions_add_url(struct client_state *csp,
+                                       struct http_response *rsp,
+                                       const struct map *parameters);
+extern jb_err cgi_edit_actions_add_url_form(struct client_state *csp,
+                                            struct http_response *rsp,
+                                            const struct map *parameters);
+extern jb_err cgi_edit_actions_remove_url    (struct client_state *csp,
+                                              struct http_response *rsp,
+                                              const struct map *parameters);
+extern jb_err cgi_edit_actions_remove_url_form(struct client_state *csp,
+                                            struct http_response *rsp,
+                                            const struct map *parameters);
+extern jb_err cgi_edit_actions_section_remove(struct client_state *csp,
+                                              struct http_response *rsp,
+                                              const struct map *parameters);
+extern jb_err cgi_edit_actions_section_add   (struct client_state *csp,
+                                              struct http_response *rsp,
+                                              const struct map *parameters);
+extern jb_err cgi_edit_actions_section_swap  (struct client_state *csp,
+                                              struct http_response *rsp,
+                                              const struct map *parameters);
+#endif /* def FEATURE_CGI_EDIT_ACTIONS */
+#ifdef FEATURE_TOGGLE
+extern jb_err cgi_toggle(struct client_state *csp,
+                         struct http_response *rsp,
+                         const struct map *parameters);
+#endif /* def FEATURE_TOGGLE */
+
+/* Revision control strings from this header and associated .c file */
+extern const char cgiedit_rcs[];
+extern const char cgiedit_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef CGI_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/cgisimple.c b/external/privoxy/cgisimple.c
new file mode 100644
index 0000000..3543611
--- /dev/null
+++ b/external/privoxy/cgisimple.c
@@ -0,0 +1,2295 @@
+const char cgisimple_rcs[] = "$Id: cgisimple.c,v 1.91 2009/03/08 14:19:23 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/cgisimple.c,v $
+ *
+ * Purpose     :  Simple CGIs to get information about Privoxy's
+ *                status.
+ *                
+ *                Functions declared include:
+ * 
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2008 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: cgisimple.c,v $
+ *    Revision 1.91  2009/03/08 14:19:23  fabiankeil
+ *    Fix justified (but harmless) compiler warnings
+ *    on platforms where sizeof(int) < sizeof(long).
+ *
+ *    Revision 1.90  2009/03/01 18:43:09  fabiankeil
+ *    Fix cparser warnings.
+ *
+ *    Revision 1.89  2008/10/11 11:31:14  fabiankeil
+ *    Add FEATURE_CONNECTION_KEEP_ALIVE to the list
+ *    of conditional defines on the show-status page.
+ *
+ *    Revision 1.88  2008/08/30 12:03:07  fabiankeil
+ *    Remove FEATURE_COOKIE_JAR.
+ *
+ *    Revision 1.87  2008/08/29 15:59:22  fabiankeil
+ *    Fix two comments.
+ *
+ *    Revision 1.86  2008/06/28 14:19:05  fabiankeil
+ *    Protocol detection is done case-insensitive, fix assertion
+ *    to do the same. Yay for Privoxy-Regression-Test and zzuf.
+ *
+ *    Revision 1.85  2008/05/26 17:30:55  fabiankeil
+ *    Provide an OpenSearch Description to access the
+ *    show-url-info page through "search engine plugins".
+ *
+ *    Revision 1.84  2008/05/26 16:16:55  fabiankeil
+ *    Spell error correctly.
+ *
+ *    Revision 1.83  2008/05/12 14:51:30  fabiankeil
+ *    Don't complain about an invalid URL if show-url-info is requested
+ *    without parameters. Regression introduced in 1.81 by yours truly.
+ *
+ *    Revision 1.82  2008/05/10 20:01:47  fabiankeil
+ *    Fix an assertion that could erroneously
+ *    trigger in case of memory shortage.
+ *
+ *    Revision 1.81  2008/05/05 09:54:39  fabiankeil
+ *    In cgi_show_url_info(), make sure ftp URLs are
+ *    declared invalid. Also simplify the code that adds
+ *    "http://" if no protocol has been specified.
+ *
+ *    Revision 1.80  2008/05/04 16:18:32  fabiankeil
+ *    Provide parse_http_url() with a third parameter to specify
+ *    whether or not URLs without protocol are acceptable.
+ *
+ *    Revision 1.79  2008/05/04 13:30:56  fabiankeil
+ *    Streamline parse_http_url()'s prototype.
+ *
+ *    Revision 1.78  2008/05/03 16:50:11  fabiankeil
+ *    Leverage content_filters_enabled() in cgi_show_url_info().
+ *
+ *    Revision 1.77  2008/05/02 09:47:48  fabiankeil
+ *    In cgi_show_url_info, pass an initialized http structure
+ *    to parse_http_url() as that will be required soonish and
+ *    assert that https URLs are recognized correctly.
+ *
+ *    Revision 1.76  2008/04/28 09:13:30  fabiankeil
+ *    In load_file(), remember the error reason and fclose()
+ *    and return later on instead of right away.
+ *
+ *    Revision 1.75  2008/04/27 13:52:52  fabiankeil
+ *    Move CGI file loading code into load_file() and
+ *    add checks for unexpected errors.
+ *
+ *    Revision 1.74  2008/04/26 15:50:56  fabiankeil
+ *    Fix macro name in cgi_show_file() error path.
+ *
+ *    Revision 1.73  2008/04/26 12:21:55  fabiankeil
+ *    Forget about JB_ERR_PARSE. JB_ERR_CGI_PARAMS to the rescue.
+ *
+ *    Revision 1.72  2008/04/26 10:34:15  fabiankeil
+ *    If zlib support is unavailable and there are content filters active
+ *    but the prevent-compression action is disabled, include a warning
+ *    on the show-url-info page that compression might prevent filtering.
+ *
+ *    Revision 1.71  2008/04/25 13:33:56  fabiankeil
+ *    - Factor cgi_show_file() out of cgi_show_status().
+ *    - Adjust cgi_show_status()'s parameter description to match reality.
+ *
+ *    Revision 1.70  2008/04/24 16:12:38  fabiankeil
+ *    In cgi_show_status(), load the requested file at once.
+ *    Using string_join() for every line really doesn't scale.
+ *
+ *    Revision 1.69  2008/04/17 14:40:48  fabiankeil
+ *    Provide get_http_time() with the buffer size so it doesn't
+ *    have to blindly assume that the buffer is big enough.
+ *
+ *    Revision 1.68  2008/03/27 18:27:21  fabiankeil
+ *    Remove kill-popups action.
+ *
+ *    Revision 1.67  2008/03/27 17:00:05  fabiankeil
+ *    Turn the favicon blobs into locals.
+ *
+ *    Revision 1.66  2008/02/23 16:57:12  fabiankeil
+ *    Rename url_actions() to get_url_actions() and let it
+ *    use the standard parameter ordering.
+ *
+ *    Revision 1.65  2008/02/23 16:33:43  fabiankeil
+ *    Let forward_url() use the standard parameter ordering
+ *    and mark its second parameter immutable.
+ *
+ *    Revision 1.64  2008/02/03 13:56:07  fabiankeil
+ *    Add SOCKS5 support for show-url-info CGI page.
+ *
+ *    Revision 1.63  2008/02/01 06:04:31  fabiankeil
+ *    If edit buttons on the show-url-info CGI page are hidden, explain why.
+ *
+ *    Revision 1.62  2008/02/01 05:52:40  fabiankeil
+ *    Hide edit buttons on the show-url-info CGI page if enable-edit-action
+ *    is disabled. Patch by Lee with additional white space adjustments.
+ *
+ *    Revision 1.61  2008/01/26 11:13:25  fabiankeil
+ *    If enable-edit-actions is disabled, hide the edit buttons and explain why.
+ *
+ *    Revision 1.60  2007/10/27 13:12:13  fabiankeil
+ *    Finish 1.49 and check write access before
+ *    showing edit buttons on show-url-info page.
+ *
+ *    Revision 1.59  2007/10/19 16:42:36  fabiankeil
+ *    Plug memory leak I introduced five months ago.
+ *    Yay Valgrind and Privoxy-Regression-Test.
+ *
+ *    Revision 1.58  2007/07/21 12:19:50  fabiankeil
+ *    If show-url-info is called with an URL that Privoxy
+ *    would reject as invalid, don't show unresolved forwarding
+ *    variables, "final matches" or claim the site's secure.
+ *
+ *    Revision 1.57  2007/06/01 16:53:05  fabiankeil
+ *    Adjust cgi_show_url_info() to show what forward-override{}
+ *    would do with the requested URL (instead of showing how the
+ *    request for the CGI page would be forwarded if it wasn't a
+ *    CGI request).
+ *
+ *    Revision 1.56  2007/05/21 10:50:35  fabiankeil
+ *    - Use strlcpy() instead of strcpy().
+ *    - Stop treating actions files special. Expect a complete file name
+ *      (with or without path) like it's done for the rest of the files.
+ *      Closes FR#588084.
+ *    - Don't rerun sed() in cgi_show_request().
+ *
+ *    Revision 1.55  2007/04/13 13:36:46  fabiankeil
+ *    Reference action files in CGI URLs by id instead
+ *    of using the first part of the file name.
+ *    Fixes BR 1694250 and BR 1590556.
+ *
+ *    Revision 1.54  2007/04/09 18:11:35  fabiankeil
+ *    Don't mistake VC++'s _snprintf() for a snprintf() replacement.
+ *
+ *    Revision 1.53  2007/04/08 13:21:04  fabiankeil
+ *    Reference action files in CGI URLs by id instead
+ *    of using the first part of the file name.
+ *    Fixes BR 1694250 and BR 1590556.
+ *
+ *    Revision 1.52  2007/02/13 15:10:26  fabiankeil
+ *    Apparently fopen()ing in "binary" mode doesn't require
+ *    #ifdefs, it's already done without them in cgiedit.c.
+ *
+ *    Revision 1.51  2007/02/10 16:55:22  fabiankeil
+ *    - Show forwarding settings on the show-url-info page
+ *    - Fix some HTML syntax errors.
+ *
+ *    Revision 1.50  2007/01/23 15:51:17  fabiankeil
+ *    Add favicon delivery functions.
+ *
+ *    Revision 1.49  2007/01/20 16:29:38  fabiankeil
+ *    Suppress edit buttons for action files if Privoxy has
+ *    no write access. Suggested by Roland in PR 1564026.
+ *
+ *    Revision 1.48  2007/01/20 15:31:31  fabiankeil
+ *    Display warning if show-url-info CGI page
+ *    is used while Privoxy is toggled off.
+ *
+ *    Revision 1.47  2007/01/12 15:07:10  fabiankeil
+ *    Use zalloc in cgi_send_user_manual.
+ *
+ *    Revision 1.46  2007/01/02 12:49:46  fabiankeil
+ *    Add FEATURE_ZLIB to the list of conditional
+ *    defines at the show-status page.
+ *
+ *    Revision 1.45  2006/12/28 18:16:41  fabiankeil
+ *    Fixed gcc43 compiler warnings, zero out cgi_send_user_manual's
+ *    body memory before using it, replaced sprintf calls with snprintf.
+ *
+ *    Revision 1.44  2006/12/22 14:19:27  fabiankeil
+ *    Removed checks whether or not AF_FILES have
+ *    data structures associated with them in cgi_show_status.
+ *    It doesn't matter as we're only interested in the file names.
+ *
+ *    For the action files the checks were always true,
+ *    but they prevented empty filter files from being
+ *    listed. Fixes parts of BR 1619208.
+ *
+ *    Revision 1.43  2006/12/17 17:57:56  fabiankeil
+ *    - Added FEATURE_GRACEFUL_TERMINATION to the
+ *      "conditional #defines" section
+ *    - Escaped ampersands in generated HTML.
+ *    - Renamed re-filter-filename to re-filter-filenames
+ *
+ *    Revision 1.42  2006/11/21 15:43:12  fabiankeil
+ *    Add special treatment for WIN32 to make sure
+ *    cgi_send_user_manual opens the files in binary mode.
+ *    Fixes BR 1600411 and unbreaks image delivery.
+ *
+ *    Remove outdated comment.
+ *
+ *    Revision 1.41  2006/10/09 19:18:28  roro
+ *    Redirect http://p.p/user-manual (without trailing slash) to
+ *    http://p.p/user-manual/ (with trailing slash), otherwise links will be broken.
+ *
+ *    Revision 1.40  2006/09/09 13:05:33  fabiankeil
+ *    Modified cgi_send_user_manual to serve binary
+ *    content without destroying it first. Should also be
+ *    faster now. Added ".jpg" check for Content-Type guessing.
+ *
+ *    Revision 1.39  2006/09/08 09:49:23  fabiankeil
+ *    Deliver documents in the user-manual directory
+ *    with "Content-Type text/css" if their filename
+ *    ends with ".css".
+ *
+ *    Revision 1.38  2006/09/06 18:45:03  fabiankeil
+ *    Incorporate modified version of Roland Rosenfeld's patch to
+ *    optionally access the user-manual via Privoxy. Closes patch 679075.
+ *
+ *    Formatting changed to Privoxy style, added call to
+ *    cgi_error_no_template if the requested file doesn't
+ *    exist and modified check whether or not Privoxy itself
+ *    should serve the manual. Should work cross-platform now.
+ *
+ *    Revision 1.37  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.35.2.7  2006/01/29 23:10:56  david__schmidt
+ *    Multiple filter file support
+ *
+ *    Revision 1.35.2.6  2005/07/04 03:13:43  david__schmidt
+ *    Undo some damaging memory leak patches
+ *
+ *    Revision 1.35.2.5  2005/05/07 21:50:55  david__schmidt
+ *    A few memory leaks plugged (mostly on error paths)
+ *
+ *    Revision 1.35.2.4  2005/04/04 02:21:24  david__schmidt
+ *    Another instance of:
+ *    Don't show "Edit" buttons #ifndef FEATURE_CGI_EDIT_ACTIONS
+ *    Thanks to Magnus Holmgren for the patch
+ *
+ *    Revision 1.35.2.3  2003/12/17 16:34:15  oes
+ *     - Prevent line wrap beween "View/Edit" link buttons on status page
+ *     - Some (mostly irrelevant) fixes for Out-of-mem-case handling
+ *
+ *    Revision 1.35.2.2  2003/04/03 13:48:28  oes
+ *    Don't show "Edit" buttons #ifndef FEATURE_CGI_EDIT_ACTIONS
+ *
+ *    Revision 1.35.2.1  2002/07/04 15:02:38  oes
+ *    Added ability to send redirects to send-banner CGI, so that it can completely mimic the image blocking action if called with type=auto
+ *
+ *    Revision 1.35.2.1  2002/07/01 17:32:04  morcego
+ *    Applying patch from Andreas as provided by Hal on the list.
+ *    Message-ID: <20020701121218.V1606 at feenix.burgiss.net>
+ *
+ *    Revision 1.35  2002/05/12 21:44:44  jongfoster
+ *    Adding amiga.[ch] revision information, if on an amiga.
+ *
+ *    Revision 1.34  2002/04/30 12:06:12  oes
+ *    Deleted unused code from default_cgi
+ *
+ *    Revision 1.33  2002/04/30 11:14:52  oes
+ *    Made csp the first parameter in *action_to_html
+ *
+ *    Revision 1.32  2002/04/26 18:29:13  jongfoster
+ *    Fixing this Visual C++ warning:
+ *    cgisimple.c(775) : warning C4018: '<' : signed/unsigned mismatch
+ *
+ *    Revision 1.31  2002/04/26 12:54:36  oes
+ *     - Kill obsolete REDIRECT_URL code
+ *     - Error handling fixes
+ *     - Style sheet related HTML snipplet changes
+ *     - cgi_show_url_info:
+ *       - Matches now in table, actions on single lines,
+ *         linked to help
+ *       - standard.action suppressed
+ *       - Buttons to View and Edit AFs
+ *
+ *    Revision 1.30  2002/04/24 02:18:08  oes
+ *     - show-status is now the starting point for editing
+ *       the actions files, generate list of all AFs with buttons
+ *       for viewing and editing, new look for file list (Jon:
+ *       buttons now aligned ;-P ), view mode now supports multiple
+ *       AFs, name changes, no view links for unspecified files,
+ *       no edit link for standard.action.
+ *
+ *     - Jon's multiple AF patch: cgi_show_url_info now uses all
+ *       AFs and marks the output accordingly
+ *
+ *    Revision 1.29  2002/04/10 13:38:35  oes
+ *    load_template signature changed
+ *
+ *    Revision 1.28  2002/04/07 15:42:12  jongfoster
+ *    Fixing send-banner?type=auto when the image-blocker is
+ *    a redirect to send-banner
+ *
+ *    Revision 1.27  2002/04/05 15:50:48  oes
+ *    added send-stylesheet CGI
+ *
+ *    Revision 1.26  2002/04/04 00:36:36  gliptak
+ *    always use pcre for matching
+ *
+ *    Revision 1.25  2002/04/03 22:28:03  gliptak
+ *    Removed references to gnu_regex
+ *
+ *    Revision 1.24  2002/04/02 16:12:47  oes
+ *    Fix: moving misplaced lines into #ifdef FEATURE_FORCE
+ *
+ *    Revision 1.23  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.22  2002/03/24 16:18:15  jongfoster
+ *    Removing old logo
+ *
+ *    Revision 1.21  2002/03/24 15:23:33  jongfoster
+ *    Name changes
+ *
+ *    Revision 1.20  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.19  2002/03/16 23:54:06  jongfoster
+ *    Adding graceful termination feature, to help look for memory leaks.
+ *    If you enable this (which, by design, has to be done by hand
+ *    editing config.h) and then go to http://i.j.b/die, then the program
+ *    will exit cleanly after the *next* request.  It should free all the
+ *    memory that was used.
+ *
+ *    Revision 1.18  2002/03/12 01:44:49  oes
+ *    Changed default for "blocked" image from jb logo to checkboard pattern
+ *
+ *    Revision 1.17  2002/03/08 16:43:18  oes
+ *    Added choice beween GIF and PNG built-in images
+ *
+ *    Revision 1.16  2002/03/07 03:48:38  oes
+ *     - Changed built-in images from GIF to PNG
+ *       (with regard to Unisys patent issue)
+ *     - Added a 4x4 pattern PNG which is less intrusive
+ *       than the logo but also clearly marks the deleted banners
+ *
+ *    Revision 1.15  2002/03/06 22:54:35  jongfoster
+ *    Automated function-comment nitpicking.
+ *
+ *    Revision 1.14  2002/03/02 04:14:50  david__schmidt
+ *    Clean up a little CRLF unpleasantness that suddenly appeared
+ *
+ *    Revision 1.13  2002/02/21 00:10:37  jongfoster
+ *    Adding send-banner?type=auto option
+ *
+ *    Revision 1.12  2002/01/23 01:03:32  jongfoster
+ *    Fixing gcc [CygWin] compiler warnings
+ *
+ *    Revision 1.11  2002/01/23 00:01:04  jongfoster
+ *    Adding cgi_transparent_gif() for http://i.j.b/t
+ *    Adding missing html_encode() to many CGI functions.
+ *    Adding urlmatch.[ch] to http://i.j.b/show-version
+ *
+ *    Revision 1.10  2002/01/17 21:10:37  jongfoster
+ *    Changes to cgi_show_url_info to use new matching code from urlmatch.c.
+ *    Also fixing a problem in the same function with improperly quoted URLs
+ *    in output HTML, and adding code to handle https:// URLs correctly.
+ *
+ *    Revision 1.9  2001/11/30 23:09:15  jongfoster
+ *    Now reports on FEATURE_CGI_EDIT_ACTIONS
+ *    Removing FEATURE_DENY_GZIP from template
+ *
+ *    Revision 1.8  2001/11/13 00:14:07  jongfoster
+ *    Fixing stupid bug now I've figured out what || means.
+ *    (It always returns 0 or 1, not one of it's paramaters.)
+ *
+ *    Revision 1.7  2001/10/23 21:48:19  jongfoster
+ *    Cleaning up error handling in CGI functions - they now send back
+ *    a HTML error page and should never cause a FATAL error.  (Fixes one
+ *    potential source of "denial of service" attacks).
+ *
+ *    CGI actions file editor that works and is actually useful.
+ *
+ *    Ability to toggle JunkBuster remotely using a CGI call.
+ *
+ *    You can turn off both the above features in the main configuration
+ *    file, e.g. if you are running a multi-user proxy.
+ *
+ *    Revision 1.6  2001/10/14 22:00:32  jongfoster
+ *    Adding support for a 404 error when an invalid CGI page is requested.
+ *
+ *    Revision 1.5  2001/10/07 15:30:41  oes
+ *    Removed FEATURE_DENY_GZIP
+ *
+ *    Revision 1.4  2001/10/02 15:31:12  oes
+ *    Introduced show-request cgi
+ *
+ *    Revision 1.3  2001/09/22 16:34:44  jongfoster
+ *    Removing unneeded #includes
+ *
+ *    Revision 1.2  2001/09/19 18:01:11  oes
+ *    Fixed comments; cosmetics
+ *
+ *    Revision 1.1  2001/09/16 17:08:54  jongfoster
+ *    Moving simple CGI functions from cgi.c to new file cgisimple.c
+ *
+ *
+ **********************************************************************/
+
+
+#include "config.h"
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <stdlib.h>
+#include <ctype.h>
+#include <string.h>
+#include <assert.h>
+
+#ifdef HAVE_ACCESS
+#include <unistd.h>
+#endif /* def HAVE_ACCESS */
+
+#include "project.h"
+#include "cgi.h"
+#include "cgisimple.h"
+#include "list.h"
+#include "encode.h"
+#include "jcc.h"
+#include "filters.h"
+#include "actions.h"
+#include "miscutil.h"
+#include "loadcfg.h"
+#include "parsers.h"
+#include "urlmatch.h"
+#include "errlog.h"
+
+const char cgisimple_h_rcs[] = CGISIMPLE_H_VERSION;
+
+static char *show_rcs(void);
+static jb_err show_defines(struct map *exports);
+static jb_err cgi_show_file(struct client_state *csp,
+                            struct http_response *rsp,
+                            const struct map *parameters);
+static jb_err load_file(const char *filename, char **buffer, size_t *length);
+
+/*********************************************************************
+ *
+ * Function    :  cgi_default
+ *
+ * Description :  CGI function that is called for the CGI_SITE_1_HOST
+ *                and CGI_SITE_2_HOST/CGI_SITE_2_PATH base URLs.
+ *                Boring - only exports the default exports.
+ *               
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters : none
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *
+ *********************************************************************/
+jb_err cgi_default(struct client_state *csp,
+                   struct http_response *rsp,
+                   const struct map *parameters)
+{
+   struct map *exports;
+
+   (void)parameters;
+
+   assert(csp);
+   assert(rsp);
+
+   if (NULL == (exports = default_exports(csp, "")))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   return template_fill_for_cgi(csp, "default", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_error_404
+ *
+ * Description :  CGI function that is called if an unknown action was
+ *                given.
+ *               
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters : none
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err cgi_error_404(struct client_state *csp,
+                     struct http_response *rsp,
+                     const struct map *parameters)
+{
+   struct map *exports;
+
+   assert(csp);
+   assert(rsp);
+   assert(parameters);
+
+   if (NULL == (exports = default_exports(csp, NULL)))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   rsp->status = strdup("404 Privoxy configuration page not found");
+   if (rsp->status == NULL)
+   {
+      free_map(exports);
+      return JB_ERR_MEMORY;
+   }
+
+   return template_fill_for_cgi(csp, "cgi-error-404", exports, rsp);
+}
+
+
+#ifdef FEATURE_GRACEFUL_TERMINATION
+/*********************************************************************
+ *
+ * Function    :  cgi_die
+ *
+ * Description :  CGI function to shut down Privoxy.
+ *                NOTE: Turning this on in a production build
+ *                would be a BAD idea.  An EXTREMELY BAD idea.
+ *                In short, don't do it.
+ *               
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters : none
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err cgi_die (struct client_state *csp,
+                struct http_response *rsp,
+                const struct map *parameters)
+{
+   assert(csp);
+   assert(rsp);
+   assert(parameters);
+
+   /* quit */
+   g_terminate = 1;
+
+   /*
+    * I don't really care what gets sent back to the browser.
+    * Take the easy option - "out of memory" page.
+    */
+
+   return JB_ERR_MEMORY;
+}
+#endif /* def FEATURE_GRACEFUL_TERMINATION */
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_show_request
+ *
+ * Description :  Show the client's request and what sed() would have
+ *                made of it.
+ *               
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters : none
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err cgi_show_request(struct client_state *csp,
+                        struct http_response *rsp,
+                        const struct map *parameters)
+{
+   char *p;
+   struct map *exports;
+
+   assert(csp);
+   assert(rsp);
+   assert(parameters);
+
+   if (NULL == (exports = default_exports(csp, "show-request")))
+   {
+      return JB_ERR_MEMORY;
+   }
+   
+   /*
+    * Repair the damage done to the IOB by get_header()
+    */
+   for (p = csp->iob->buf; p < csp->iob->eod; p++)
+   {
+      if (*p == '\0') *p = '\n';
+   }
+
+   /*
+    * Export the original client's request and the one we would
+    * be sending to the server if this wasn't a CGI call
+    */
+
+   if (map(exports, "client-request", 1, html_encode(csp->iob->buf), 0))
+   {
+      free_map(exports);
+      return JB_ERR_MEMORY;
+   }
+
+   if (map(exports, "processed-request", 1,
+         html_encode_and_free_original(list_to_text(csp->headers)), 0))
+   {
+      free_map(exports);
+      return JB_ERR_MEMORY;
+   }
+
+   return template_fill_for_cgi(csp, "show-request", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_send_banner
+ *
+ * Description :  CGI function that returns a banner. 
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters :
+ *           type : Selects the type of banner between "trans", "logo",
+ *                  and "auto". Defaults to "logo" if absent or invalid.
+ *                  "auto" means to select as if we were image-blocking.
+ *                  (Only the first character really counts; b and t are
+ *                  equivalent).
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err cgi_send_banner(struct client_state *csp,
+                       struct http_response *rsp,
+                       const struct map *parameters)
+{
+   char imagetype = lookup(parameters, "type")[0];
+
+   /*
+    * If type is auto, then determine the right thing
+    * to do from the set-image-blocker action
+    */
+   if (imagetype == 'a') 
+   {
+      /*
+       * Default to pattern
+       */
+      imagetype = 'p';
+
+#ifdef FEATURE_IMAGE_BLOCKING
+      if ((csp->action->flags & ACTION_IMAGE_BLOCKER) != 0)
+      {
+         static const char prefix1[] = CGI_PREFIX "send-banner?type=";
+         static const char prefix2[] = "http://" CGI_SITE_1_HOST "/send-banner?type=";
+         const char *p = csp->action->string[ACTION_STRING_IMAGE_BLOCKER];
+
+         if (p == NULL)
+         {
+            /* Use default - nothing to do here. */
+         }
+         else if (0 == strcmpic(p, "blank"))
+         {
+            imagetype = 'b';
+         }
+         else if (0 == strcmpic(p, "pattern"))
+         {
+            imagetype = 'p';
+         }
+
+         /*
+          * If the action is to call this CGI, determine
+          * the argument:
+          */
+         else if (0 == strncmpic(p, prefix1, sizeof(prefix1) - 1))
+         {
+            imagetype = p[sizeof(prefix1) - 1];
+         }
+         else if (0 == strncmpic(p, prefix2, sizeof(prefix2) - 1))
+         {
+            imagetype = p[sizeof(prefix2) - 1];
+         }
+
+         /*
+          * Everything else must (should) be a URL to
+          * redirect to.
+          */
+         else
+         {
+            imagetype = 'r';
+         }
+      }
+#endif /* def FEATURE_IMAGE_BLOCKING */
+   }
+      
+   /*
+    * Now imagetype is either the non-auto type we were called with,
+    * or it was auto and has since been determined. In any case, we
+    * can proceed to actually answering the request by sending a redirect
+    * or an image as appropriate:
+    */
+   if (imagetype == 'r') 
+   {
+      rsp->status = strdup("302 Local Redirect from Privoxy");
+      if (rsp->status == NULL)
+      {
+         return JB_ERR_MEMORY;
+      }
+      if (enlist_unique_header(rsp->headers, "Location",
+                               csp->action->string[ACTION_STRING_IMAGE_BLOCKER]))
+      {
+         return JB_ERR_MEMORY;
+      }
+   }
+   else
+   {
+      if ((imagetype == 'b') || (imagetype == 't')) 
+      {
+         rsp->body = bindup(image_blank_data, image_blank_length);
+         rsp->content_length = image_blank_length;
+      }
+      else
+      {
+         rsp->body = bindup(image_pattern_data, image_pattern_length);
+         rsp->content_length = image_pattern_length;
+      }
+
+      if (rsp->body == NULL)
+      {
+         return JB_ERR_MEMORY;
+      }
+      if (enlist(rsp->headers, "Content-Type: " BUILTIN_IMAGE_MIMETYPE))
+      {
+         return JB_ERR_MEMORY;
+      }
+
+      rsp->is_static = 1;
+   }
+
+   return JB_ERR_OK;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_transparent_image
+ *
+ * Description :  CGI function that sends a 1x1 transparent image.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters : None
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err cgi_transparent_image(struct client_state *csp,
+                             struct http_response *rsp,
+                             const struct map *parameters)
+{
+   (void)csp;
+   (void)parameters;
+
+   rsp->body = bindup(image_blank_data, image_blank_length);
+   rsp->content_length = image_blank_length;
+
+   if (rsp->body == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   if (enlist(rsp->headers, "Content-Type: " BUILTIN_IMAGE_MIMETYPE))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   rsp->is_static = 1;
+
+   return JB_ERR_OK;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_send_default_favicon
+ *
+ * Description :  CGI function that sends the standard favicon.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters : None
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err cgi_send_default_favicon(struct client_state *csp,
+                                struct http_response *rsp,
+                                const struct map *parameters)
+{
+   static const char default_favicon_data[] =
+      "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260"
+      "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000"
+      "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000"
+      "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000"
+      "\000\000\377\377\377\000\377\000\052\000\017\360\000\000\077"
+      "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000"
+      "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000"
+      "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036"
+      "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360"
+      "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000"
+      "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
+      "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
+      "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360"
+      "\017\000\000";
+   static const size_t favicon_length = sizeof(default_favicon_data) - 1;
+
+   (void)csp;
+   (void)parameters;
+
+   rsp->body = bindup(default_favicon_data, favicon_length);
+   rsp->content_length = favicon_length;
+
+   if (rsp->body == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   if (enlist(rsp->headers, "Content-Type: image/x-icon"))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   rsp->is_static = 1;
+
+   return JB_ERR_OK;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_send_error_favicon
+ *
+ * Description :  CGI function that sends the favicon for error pages.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters : None
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err cgi_send_error_favicon(struct client_state *csp,
+                              struct http_response *rsp,
+                              const struct map *parameters)
+{
+   static const char error_favicon_data[] =
+      "\000\000\001\000\001\000\020\020\002\000\000\000\000\000\260"
+      "\000\000\000\026\000\000\000\050\000\000\000\020\000\000\000"
+      "\040\000\000\000\001\000\001\000\000\000\000\000\100\000\000"
+      "\000\000\000\000\000\000\000\000\000\002\000\000\000\000\000"
+      "\000\000\377\377\377\000\000\000\377\000\017\360\000\000\077"
+      "\374\000\000\161\376\000\000\161\376\000\000\361\377\000\000"
+      "\361\377\000\000\360\017\000\000\360\007\000\000\361\307\000"
+      "\000\361\307\000\000\361\307\000\000\360\007\000\000\160\036"
+      "\000\000\177\376\000\000\077\374\000\000\017\360\000\000\360"
+      "\017\000\000\300\003\000\000\200\001\000\000\200\001\000\000"
+      "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
+      "\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000"
+      "\000\000\200\001\000\000\200\001\000\000\300\003\000\000\360"
+      "\017\000\000";
+   static const size_t favicon_length = sizeof(error_favicon_data) - 1;
+
+   (void)csp;
+   (void)parameters;
+
+   rsp->body = bindup(error_favicon_data, favicon_length);
+   rsp->content_length = favicon_length;
+
+   if (rsp->body == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   if (enlist(rsp->headers, "Content-Type: image/x-icon"))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   rsp->is_static = 1;
+
+   return JB_ERR_OK;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_send_stylesheet
+ *
+ * Description :  CGI function that sends a css stylesheet found
+ *                in the cgi-style.css template
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters : None
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err cgi_send_stylesheet(struct client_state *csp,
+                           struct http_response *rsp,
+                           const struct map *parameters)
+{
+   jb_err err;
+   
+   assert(csp);
+   assert(rsp);
+
+   (void)parameters;
+
+   err = template_load(csp, &rsp->body, "cgi-style.css", 0);
+
+   if (err == JB_ERR_FILE)
+   {
+      /*
+       * No way to tell user; send empty stylesheet
+       */
+      log_error(LOG_LEVEL_ERROR, "Could not find cgi-style.css template");
+   }
+   else if (err)
+   {
+      return err; /* JB_ERR_MEMORY */
+   }
+
+   if (enlist(rsp->headers, "Content-Type: text/css"))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   return JB_ERR_OK;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_send_url_info_osd
+ *
+ * Description :  CGI function that sends the OpenSearch Description
+ *                template for the show-url-info page. It allows to
+ *                access the page through "search engine plugins".
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters : None
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err cgi_send_url_info_osd(struct client_state *csp,
+                               struct http_response *rsp,
+                               const struct map *parameters)
+{
+   jb_err err = JB_ERR_MEMORY;
+   struct map *exports = default_exports(csp, NULL);
+
+   (void)csp;
+   (void)parameters;
+
+   if (NULL != exports)
+   {
+      err = template_fill_for_cgi(csp, "url-info-osd.xml", exports, rsp);
+      if (JB_ERR_OK == err)
+      {
+         err = enlist(rsp->headers,
+            "Content-Type: application/opensearchdescription+xml");
+      }
+   }
+
+   return err;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_send_user_manual
+ *
+ * Description :  CGI function that sends a file in the user
+ *                manual directory.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters : file=name.html, the name of the HTML file
+ *                  (relative to user-manual from config)
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err cgi_send_user_manual(struct client_state *csp,
+                            struct http_response *rsp,
+                            const struct map *parameters)
+{
+   const char * filename;
+   char *full_path;
+   jb_err err = JB_ERR_OK;
+   size_t length;
+
+   assert(csp);
+   assert(rsp);
+   assert(parameters);
+
+   if (!parameters->first)
+   {
+      /* requested http://p.p/user-manual (without trailing slash) */
+      return cgi_redirect(rsp, CGI_PREFIX "user-manual/");
+   }
+
+   get_string_param(parameters, "file", &filename);
+   /* Check paramter for hack attempts */
+   if (filename && strchr(filename, '/'))
+   {
+      return JB_ERR_CGI_PARAMS;
+   }
+   if (filename && strstr(filename, ".."))
+   {
+      return JB_ERR_CGI_PARAMS;
+   }
+
+   full_path = make_path(csp->config->usermanual, filename ? filename : "index.html");
+   if (full_path == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   err = load_file(full_path, &rsp->body, &rsp->content_length);
+   if (JB_ERR_OK != err)
+   {
+      assert((JB_ERR_FILE == err) || (JB_ERR_MEMORY == err));
+      if (JB_ERR_FILE == err)
+      {
+         err = cgi_error_no_template(csp, rsp, full_path);
+      }
+      freez(full_path);
+      return err;
+   }
+   freez(full_path);
+
+   /* Guess correct Content-Type based on the filename's ending */
+   if (filename)
+   {
+      length = strlen(filename);
+   }
+   else
+   {
+      length = 0;
+   } 
+   if((length>=4) && !strcmp(&filename[length-4], ".css"))
+   {
+      err = enlist(rsp->headers, "Content-Type: text/css");
+   }
+   else if((length>=4) && !strcmp(&filename[length-4], ".jpg"))
+   {
+      err = enlist(rsp->headers, "Content-Type: image/jpeg");
+   }
+   else
+   {
+      err = enlist(rsp->headers, "Content-Type: text/html");
+   }
+
+   return err;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_show_version
+ *
+ * Description :  CGI function that returns a a web page describing the
+ *                file versions of Privoxy.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters : none
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err cgi_show_version(struct client_state *csp,
+                        struct http_response *rsp,
+                        const struct map *parameters)
+{
+   struct map *exports;
+
+   assert(csp);
+   assert(rsp);
+   assert(parameters);
+
+   if (NULL == (exports = default_exports(csp, "show-version")))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   if (map(exports, "sourceversions", 1, show_rcs(), 0))
+   {
+      free_map(exports);
+      return JB_ERR_MEMORY;
+   }
+
+   return template_fill_for_cgi(csp, "show-version", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_show_status
+ *
+ * Description :  CGI function that returns a web page describing the
+ *                current status of Privoxy.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters :
+ *        file :  Which file to show.  Only first letter is checked,
+ *                valid values are:
+ *                - "a"ction file
+ *                - "r"egex
+ *                - "t"rust
+ *                Default is to show menu and other information.
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err cgi_show_status(struct client_state *csp,
+                       struct http_response *rsp,
+                       const struct map *parameters)
+{
+   char *s = NULL;
+   unsigned i;
+   int j;
+
+   char buf[BUFFER_SIZE];
+#ifdef FEATURE_STATISTICS
+   float perc_rej;   /* Percentage of http requests rejected */
+   int local_urls_read;
+   int local_urls_rejected;
+#endif /* ndef FEATURE_STATISTICS */
+   jb_err err = JB_ERR_OK;
+
+   struct map *exports;
+
+   assert(csp);
+   assert(rsp);
+   assert(parameters);
+
+   if ('\0' != *(lookup(parameters, "file")))
+   {
+      return cgi_show_file(csp, rsp, parameters);
+   }
+
+   if (NULL == (exports = default_exports(csp, "show-status")))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   s = strdup("");
+   for (j = 0; (s != NULL) && (j < Argc); j++)
+   {
+      if (!err) err = string_join  (&s, html_encode(Argv[j]));
+      if (!err) err = string_append(&s, " ");
+   }
+   if (!err) err = map(exports, "invocation", 1, s, 0);
+
+   if (!err) err = map(exports, "options", 1, csp->config->proxy_args, 1);
+   if (!err) err = show_defines(exports);
+
+   if (err) 
+   {
+      free_map(exports);
+      return JB_ERR_MEMORY;
+   }
+
+#ifdef FEATURE_STATISTICS
+   local_urls_read     = urls_read;
+   local_urls_rejected = urls_rejected;
+
+   /*
+    * Need to alter the stats not to include the fetch of this
+    * page.
+    *
+    * Can't do following thread safely! doh!
+    *
+    * urls_read--;
+    * urls_rejected--; * This will be incremented subsequently *
+    */
+
+   if (local_urls_read == 0)
+   {
+      if (!err) err = map_block_killer(exports, "have-stats");
+   }
+   else
+   {
+      if (!err) err = map_block_killer(exports, "have-no-stats");
+
+      perc_rej = (float)local_urls_rejected * 100.0F /
+            (float)local_urls_read;
+
+      snprintf(buf, sizeof(buf), "%d", local_urls_read);
+      if (!err) err = map(exports, "requests-received", 1, buf, 1);
+
+      snprintf(buf, sizeof(buf), "%d", local_urls_rejected);
+      if (!err) err = map(exports, "requests-blocked", 1, buf, 1);
+
+      snprintf(buf, sizeof(buf), "%6.2f", perc_rej);
+      if (!err) err = map(exports, "percent-blocked", 1, buf, 1);
+   }
+
+#else /* ndef FEATURE_STATISTICS */
+   err = err || map_block_killer(exports, "statistics");
+#endif /* ndef FEATURE_STATISTICS */
+   
+   /* 
+    * List all action files in use, together with view and edit links,
+    * except for standard.action, which should only be viewable. (Not
+    * enforced in the editor itself)
+    * FIXME: Shouldn't include hardwired HTML here, use line template instead!
+    */
+   s = strdup("");
+   for (i = 0; i < MAX_AF_FILES; i++)
+   {
+      if (csp->actions_list[i] != NULL)
+      {
+         if (!err) err = string_append(&s, "<tr><td>");
+         if (!err) err = string_join(&s, html_encode(csp->actions_list[i]->filename));
+         snprintf(buf, sizeof(buf),
+            "</td><td class=\"buttons\"><a href=\"/show-status?file=actions&index=%u\">View</a>", i);
+         if (!err) err = string_append(&s, buf);
+
+#ifdef FEATURE_CGI_EDIT_ACTIONS
+         if ((csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS)
+            && (NULL == strstr(csp->actions_list[i]->filename, "standard.action"))
+            && (NULL != csp->config->actions_file_short[i]))
+         {
+#ifdef HAVE_ACCESS
+            if (access(csp->config->actions_file[i], W_OK) == 0)
+            {
+#endif /* def HAVE_ACCESS */
+               snprintf(buf, sizeof(buf), "  <a href=\"/edit-actions-list?f=%u\">Edit</a>", i);
+               if (!err) err = string_append(&s, buf);
+#ifdef HAVE_ACCESS
+            }
+            else
+            {
+               if (!err) err = string_append(&s, "  <strong>No write access.</strong>");
+            }
+#endif /* def HAVE_ACCESS */
+         }
+#endif
+
+         if (!err) err = string_append(&s, "</td></tr>\n");
+      }
+   }
+   if (*s != '\0')   
+   {
+      if (!err) err = map(exports, "actions-filenames", 1, s, 0);
+   }
+   else
+   {
+      if (!err) err = map(exports, "actions-filenames", 1, "<tr><td>None specified</td></tr>", 1);
+   }
+
+   /* 
+    * List all re_filterfiles in use, together with view options.
+    * FIXME: Shouldn't include hardwired HTML here, use line template instead!
+    */
+   s = strdup("");
+   for (i = 0; i < MAX_AF_FILES; i++)
+   {
+      if (csp->rlist[i] != NULL)
+      {
+         if (!err) err = string_append(&s, "<tr><td>");
+         if (!err) err = string_join(&s, html_encode(csp->rlist[i]->filename));
+         snprintf(buf, sizeof(buf),
+            "</td><td class=\"buttons\"><a href=\"/show-status?file=filter&index=%u\">View</a>", i);
+         if (!err) err = string_append(&s, buf);
+         if (!err) err = string_append(&s, "</td></tr>\n");
+      }
+   }
+   if (*s != '\0')   
+   {
+      if (!err) err = map(exports, "re-filter-filenames", 1, s, 0);
+   }
+   else
+   {
+      if (!err) err = map(exports, "re-filter-filenames", 1, "<tr><td>None specified</td></tr>", 1);
+      if (!err) err = map_block_killer(exports, "have-filterfile");
+   }
+
+#ifdef FEATURE_TRUST
+   if (csp->tlist)
+   {
+      if (!err) err = map(exports, "trust-filename", 1, html_encode(csp->tlist->filename), 0);
+   }
+   else
+   {
+      if (!err) err = map(exports, "trust-filename", 1, "None specified", 1);
+      if (!err) err = map_block_killer(exports, "have-trustfile");
+   }
+#else
+   if (!err) err = map_block_killer(exports, "trust-support");
+#endif /* ndef FEATURE_TRUST */
+
+#ifdef FEATURE_CGI_EDIT_ACTIONS
+   if (!err && (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+   {
+      err = map_block_killer(exports, "cgi-editor-is-disabled");
+   }
+#endif /* ndef CGI_EDIT_ACTIONS */
+
+   if (err)
+   {
+      free_map(exports);
+      return JB_ERR_MEMORY;
+   }
+
+   return template_fill_for_cgi(csp, "show-status", exports, rsp);
+}
+
+ 
+/*********************************************************************
+ *
+ * Function    :  cgi_show_url_info
+ *
+ * Description :  CGI function that determines and shows which actions
+ *                Privoxy will perform for a given url, and which
+ *                matches starting from the defaults have lead to that.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters :
+ *            url : The url whose actions are to be determined.
+ *                  If url is unset, the url-given conditional will be
+ *                  set, so that all but the form can be suppressed in
+ *                  the template.
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err cgi_show_url_info(struct client_state *csp,
+                         struct http_response *rsp,
+                         const struct map *parameters)
+{
+   char *url_param;
+   struct map *exports;
+   char buf[150];
+
+   assert(csp);
+   assert(rsp);
+   assert(parameters);
+
+   if (NULL == (exports = default_exports(csp, "show-url-info")))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   /*
+    * Get the url= parameter (if present) and remove any leading/trailing spaces.
+    */
+   url_param = strdup(lookup(parameters, "url"));
+   if (url_param == NULL)
+   {
+      free_map(exports);
+      return JB_ERR_MEMORY;
+   }
+   chomp(url_param);
+
+   /*
+    * Handle prefixes.  4 possibilities:
+    * 1) "http://" or "https://" prefix present and followed by URL - OK
+    * 2) Only the "http://" or "https://" part is present, no URL - change
+    *    to empty string so it will be detected later as "no URL".
+    * 3) Parameter specified but doesn't contain "http(s?)://" - add a
+    *    "http://" prefix.
+    * 4) Parameter not specified or is empty string - let this fall through
+    *    for now, next block of code will handle it.
+    */
+   if (0 == strncmp(url_param, "http://", 7))
+   {
+      if (url_param[7] == '\0')
+      {
+         /*
+          * Empty URL (just prefix).
+          * Make it totally empty so it's caught by the next if()
+          */
+         url_param[0] = '\0';
+      }
+   }
+   else if (0 == strncmp(url_param, "https://", 8))
+   {
+      if (url_param[8] == '\0')
+      {
+         /*
+          * Empty URL (just prefix).
+          * Make it totally empty so it's caught by the next if()
+          */
+         url_param[0] = '\0';
+      }
+   }
+   else if ((url_param[0] != '\0') && (NULL == strstr(url_param, "://")))
+   {
+      /* No prefix - assume http:// */
+      char *url_param_prefixed = strdup("http://");
+
+      if (JB_ERR_OK != string_join(&url_param_prefixed, url_param))
+      {
+         free_map(exports);
+         return JB_ERR_MEMORY;
+      }
+      url_param = url_param_prefixed;
+   }
+
+   /*
+    * Hide "toggle off" warning if Privoxy is toggled on.
+    */
+   if (
+#ifdef FEATURE_TOGGLE
+       (global_toggle_state == 1) &&
+#endif /* def FEATURE_TOGGLE */
+       map_block_killer(exports, "privoxy-is-toggled-off")
+      )
+   {
+      free_map(exports);
+      return JB_ERR_MEMORY;
+   }
+
+   if (url_param[0] == '\0')
+   {
+      /* URL paramater not specified, display query form only. */
+      free(url_param);
+      if (map_block_killer(exports, "url-given")
+        || map(exports, "url", 1, "", 1))
+      {
+         free_map(exports);
+         return JB_ERR_MEMORY;
+      }
+   }
+   else
+   {
+      /* Given a URL, so query it. */
+      jb_err err;
+      char *matches;
+      char *s;
+      int hits = 0;
+      struct file_list *fl;
+      struct url_actions *b;
+      struct http_request url_to_query[1];
+      struct current_action_spec action[1];
+      int i;
+      
+      if (map(exports, "url", 1, html_encode(url_param), 0))
+      {
+         free(url_param);
+         free_map(exports);
+         return JB_ERR_MEMORY;
+      }
+
+      init_current_action(action);
+
+      if (map(exports, "default", 1, current_action_to_html(csp, action), 0))
+      {
+         free_current_action(action);
+         free(url_param);
+         free_map(exports);
+         return JB_ERR_MEMORY;
+      }
+
+      memset(url_to_query, '\0', sizeof(url_to_query));
+      err = parse_http_url(url_param, url_to_query, REQUIRE_PROTOCOL);
+      assert((err != JB_ERR_OK) || (url_to_query->ssl == !strncmpic(url_param, "https://", 8)));
+
+      free(url_param);
+
+      if (err == JB_ERR_MEMORY)
+      {
+         free_http_request(url_to_query);
+         free_current_action(action);
+         free_map(exports);
+         return JB_ERR_MEMORY;
+      }
+      else if (err)
+      {
+         /* Invalid URL */
+
+         err = map(exports, "matches", 1, "<b>[Invalid URL specified!]</b>" , 1);
+         if (!err) err = map(exports, "final", 1, lookup(exports, "default"), 1);
+         if (!err) err = map_block_killer(exports, "valid-url");
+
+         free_current_action(action);
+         free_http_request(url_to_query);
+
+         if (err)
+         {
+            free_map(exports);
+            return JB_ERR_MEMORY;
+         }
+
+         return template_fill_for_cgi(csp, "show-url-info", exports, rsp);
+      }
+
+      /*
+       * We have a warning about SSL paths.  Hide it for unencrypted sites.
+       */
+      if (!url_to_query->ssl)
+      {
+         if (map_block_killer(exports, "https"))
+         {
+            free_current_action(action);
+            free_map(exports);
+            free_http_request(url_to_query);
+            return JB_ERR_MEMORY;
+         }
+      }
+
+      matches = strdup("<table summary=\"\" class=\"transparent\">");
+
+      for (i = 0; i < MAX_AF_FILES; i++)
+      {
+         if (NULL == csp->config->actions_file_short[i]
+             || !strcmp(csp->config->actions_file_short[i], "standard.action")) continue;
+
+         b = NULL;
+         hits = 1;
+         if ((fl = csp->actions_list[i]) != NULL)
+         {
+            if ((b = fl->f) != NULL)
+            {
+               /* FIXME: Hardcoded HTML! */
+               string_append(&matches, "<tr><th>In file: ");
+               string_join  (&matches, html_encode(csp->config->actions_file_short[i]));
+               snprintf(buf, sizeof(buf), " <a class=\"cmd\" href=\"/show-status?file=actions&index=%d\">", i);
+               string_append(&matches, buf);
+               string_append(&matches, "View</a>");
+#ifdef FEATURE_CGI_EDIT_ACTIONS
+               if (csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS)
+               {
+#ifdef HAVE_ACCESS
+                  if (access(csp->config->actions_file[i], W_OK) == 0)
+                  {
+#endif /* def HAVE_ACCESS */
+                     snprintf(buf, sizeof(buf),
+                        " <a class=\"cmd\" href=\"/edit-actions-list?f=%d\">", i);
+                     string_append(&matches, buf);
+                     string_append(&matches, "Edit</a>");
+#ifdef HAVE_ACCESS
+                  }
+                  else
+                  {
+                     string_append(&matches, " <strong>No write access.</strong>");
+                  }
+#endif /* def HAVE_ACCESS */
+               }
+#endif /* FEATURE_CGI_EDIT_ACTIONS */
+
+               string_append(&matches, "</th></tr>\n");
+
+               hits = 0;
+               b = b->next;
+            }
+         }
+
+         for (; (b != NULL) && (matches != NULL); b = b->next)
+         {
+            if (url_match(b->url, url_to_query))
+            {
+               string_append(&matches, "<tr><td>{");
+               string_join  (&matches, actions_to_html(csp, b->action));
+               string_append(&matches, " }<br>\n<code>");
+               string_join  (&matches, html_encode(b->url->spec));
+               string_append(&matches, "</code></td></tr>\n");
+
+               if (merge_current_action(action, b->action))
+               {
+                  freez(matches);
+                  free_http_request(url_to_query);
+                  free_current_action(action);
+                  free_map(exports);
+                  return JB_ERR_MEMORY;
+               }
+               hits++;
+            }
+         }
+
+         if (!hits)
+         {
+            string_append(&matches, "<tr><td>(no matches in this file)</td></tr>\n");
+         }
+      }
+      string_append(&matches, "</table>\n");
+
+      /*
+       * XXX: Kludge to make sure the "Forward settings" section
+       * shows what forward-override{} would do with the requested URL.
+       * No one really cares how the CGI request would be forwarded
+       * if it wasn't intercepted as CGI request in the first place.
+       *
+       * From here on the action bitmask will no longer reflect
+       * the real url (http://config.privoxy.org/show-url-info?url=.*),
+       * but luckily it's no longer required later on anyway.
+       */
+      free_current_action(csp->action);
+      get_url_actions(csp, url_to_query);
+
+      /*
+       * Fill in forwarding settings.
+       *
+       * The possibilities are:
+       *  - no forwarding
+       *  - http forwarding only
+       *  - socks4(a) forwarding only
+       *  - socks4(a) and http forwarding.
+       *
+       * XXX: Parts of this code could be reused for the
+       * "forwarding-failed" template which currently doesn't
+       * display the proxy port and an eventual second forwarder.
+       */
+      {
+         const struct forward_spec *fwd = forward_url(csp, url_to_query);
+
+         if ((fwd->gateway_host == NULL) && (fwd->forward_host == NULL))
+         {
+            if (!err) err = map_block_killer(exports, "socks-forwarder");
+            if (!err) err = map_block_killer(exports, "http-forwarder");
+         }
+         else
+         {
+            char port[10]; /* We save proxy ports as int but need a string here */
+
+            if (!err) err = map_block_killer(exports, "no-forwarder");
+
+            if (fwd->gateway_host != NULL)
+            {
+               char *socks_type = NULL;
+
+               switch (fwd->type)
+               {
+                  case SOCKS_4:
+                     socks_type = "socks4";
+                     break;
+                  case SOCKS_4A:
+                     socks_type = "socks4a";
+                     break;
+                  case SOCKS_5:
+                     socks_type = "socks5";
+                     break;
+                  default:
+                     log_error(LOG_LEVEL_FATAL, "Unknown socks type: %d.", fwd->type);
+               }
+
+               if (!err) err = map(exports, "socks-type", 1, socks_type, 1);
+               if (!err) err = map(exports, "gateway-host", 1, fwd->gateway_host, 1);
+               snprintf(port, sizeof(port), "%d", fwd->gateway_port);
+               if (!err) err = map(exports, "gateway-port", 1, port, 1);
+            }
+            else
+            {
+               if (!err) err = map_block_killer(exports, "socks-forwarder");
+            }
+
+            if (fwd->forward_host != NULL)
+            {
+               if (!err) err = map(exports, "forward-host", 1, fwd->forward_host, 1);
+               snprintf(port, sizeof(port), "%d", fwd->forward_port);
+               if (!err) err = map(exports, "forward-port", 1, port, 1);
+            }
+            else
+            {
+               if (!err) err = map_block_killer(exports, "http-forwarder");
+            }
+         }
+      }
+
+      free_http_request(url_to_query);
+
+      if (err || matches == NULL)
+      {
+         free_current_action(action);
+         free_map(exports);
+         return JB_ERR_MEMORY;
+      }
+
+#ifdef FEATURE_CGI_EDIT_ACTIONS
+      if ((csp->config->feature_flags & RUNTIME_FEATURE_CGI_EDIT_ACTIONS))
+      {
+         err = map_block_killer(exports, "cgi-editor-is-disabled");
+      }
+#endif /* FEATURE_CGI_EDIT_ACTIONS */
+
+      /*
+       * If zlib support is available, if no content filters
+       * are enabled or if the prevent-compression action is enabled,
+       * suppress the "compression could prevent filtering" warning.
+       */
+#ifndef FEATURE_ZLIB
+      if (!content_filters_enabled(action) ||
+         (action->flags & ACTION_NO_COMPRESSION))
+#endif
+      {
+         if (!err) err = map_block_killer(exports, "filters-might-be-ineffective");
+      }
+
+      if (err || map(exports, "matches", 1, matches , 0))
+      {
+         free_current_action(action);
+         free_map(exports);
+         return JB_ERR_MEMORY;
+      }
+
+      s = current_action_to_html(csp, action);
+
+      free_current_action(action);
+
+      if (map(exports, "final", 1, s, 0))
+      {
+         free_map(exports);
+         return JB_ERR_MEMORY;
+      }
+   }
+
+   return template_fill_for_cgi(csp, "show-url-info", exports, rsp);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_robots_txt
+ *
+ * Description :  CGI function to return "/robots.txt".
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters : None
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+jb_err cgi_robots_txt(struct client_state *csp,
+                      struct http_response *rsp,
+                      const struct map *parameters)
+{
+   char buf[100];
+   jb_err err;
+
+   (void)csp;
+   (void)parameters;
+
+   rsp->body = strdup(
+      "# This is the Privoxy control interface.\n"
+      "# It isn't very useful to index it, and you're likely to break stuff.\n"
+      "# So go away!\n"
+      "\n"
+      "User-agent: *\n"
+      "Disallow: /\n"
+      "\n");
+   if (rsp->body == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   err = enlist_unique(rsp->headers, "Content-Type: text/plain", 13);
+
+   rsp->is_static = 1;
+
+   get_http_time(7 * 24 * 60 * 60, buf, sizeof(buf)); /* 7 days into future */
+   if (!err) err = enlist_unique_header(rsp->headers, "Expires", buf);
+
+   return (err ? JB_ERR_MEMORY : JB_ERR_OK);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  show_defines
+ *
+ * Description :  Add to a map the state od all conditional #defines
+ *                used when building
+ *
+ * Parameters  :
+ *          1  :  exports = map to extend
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+static jb_err show_defines(struct map *exports)
+{
+   jb_err err = JB_ERR_OK;
+
+#ifdef FEATURE_ACL
+   if (!err) err = map_conditional(exports, "FEATURE_ACL", 1);
+#else /* ifndef FEATURE_ACL */
+   if (!err) err = map_conditional(exports, "FEATURE_ACL", 0);
+#endif /* ndef FEATURE_ACL */
+
+#ifdef FEATURE_CGI_EDIT_ACTIONS
+   if (!err) err = map_conditional(exports, "FEATURE_CGI_EDIT_ACTIONS", 1);
+#else /* ifndef FEATURE_CGI_EDIT_ACTIONS */
+   if (!err) err = map_conditional(exports, "FEATURE_CGI_EDIT_ACTIONS", 0);
+#endif /* ndef FEATURE_CGI_EDIT_ACTIONS */
+
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+   if (!err) err = map_conditional(exports, "FEATURE_CONNECTION_KEEP_ALIVE", 1);
+#else /* ifndef FEATURE_CGI_EDIT_ACTIONS */
+   if (!err) err = map_conditional(exports, "FEATURE_CONNECTION_KEEP_ALIVE", 0);
+#endif /* ndef FEATURE_CONNECTION_KEEP_ALIVE */
+
+#ifdef FEATURE_FAST_REDIRECTS
+   if (!err) err = map_conditional(exports, "FEATURE_FAST_REDIRECTS", 1);
+#else /* ifndef FEATURE_FAST_REDIRECTS */
+   if (!err) err = map_conditional(exports, "FEATURE_FAST_REDIRECTS", 0);
+#endif /* ndef FEATURE_FAST_REDIRECTS */
+
+#ifdef FEATURE_FORCE_LOAD
+   if (!err) err = map_conditional(exports, "FEATURE_FORCE_LOAD", 1);
+   if (!err) err = map(exports, "FORCE_PREFIX", 1, FORCE_PREFIX, 1);
+#else /* ifndef FEATURE_FORCE_LOAD */
+   if (!err) err = map_conditional(exports, "FEATURE_FORCE_LOAD", 0);
+   if (!err) err = map(exports, "FORCE_PREFIX", 1, "(none - disabled)", 1);
+#endif /* ndef FEATURE_FORCE_LOAD */
+
+#ifdef FEATURE_GRACEFUL_TERMINATION
+   if (!err) err = map_conditional(exports, "FEATURE_GRACEFUL_TERMINATION", 1);
+#else /* ifndef FEATURE_GRACEFUL_TERMINATION */
+   if (!err) err = map_conditional(exports, "FEATURE_GRACEFUL_TERMINATION", 0);
+#endif /* ndef FEATURE_GRACEFUL_TERMINATION */
+
+#ifdef FEATURE_IMAGE_BLOCKING
+   if (!err) err = map_conditional(exports, "FEATURE_IMAGE_BLOCKING", 1);
+#else /* ifndef FEATURE_IMAGE_BLOCKING */
+   if (!err) err = map_conditional(exports, "FEATURE_IMAGE_BLOCKING", 0);
+#endif /* ndef FEATURE_IMAGE_BLOCKING */
+
+#ifdef FEATURE_IMAGE_DETECT_MSIE
+   if (!err) err = map_conditional(exports, "FEATURE_IMAGE_DETECT_MSIE", 1);
+#else /* ifndef FEATURE_IMAGE_DETECT_MSIE */
+   if (!err) err = map_conditional(exports, "FEATURE_IMAGE_DETECT_MSIE", 0);
+#endif /* ndef FEATURE_IMAGE_DETECT_MSIE */
+
+#ifdef FEATURE_NO_GIFS
+   if (!err) err = map_conditional(exports, "FEATURE_NO_GIFS", 1);
+#else /* ifndef FEATURE_NO_GIFS */
+   if (!err) err = map_conditional(exports, "FEATURE_NO_GIFS", 0);
+#endif /* ndef FEATURE_NO_GIFS */
+
+#ifdef FEATURE_PTHREAD
+   if (!err) err = map_conditional(exports, "FEATURE_PTHREAD", 1);
+#else /* ifndef FEATURE_PTHREAD */
+   if (!err) err = map_conditional(exports, "FEATURE_PTHREAD", 0);
+#endif /* ndef FEATURE_PTHREAD */
+
+#ifdef FEATURE_STATISTICS
+   if (!err) err = map_conditional(exports, "FEATURE_STATISTICS", 1);
+#else /* ifndef FEATURE_STATISTICS */
+   if (!err) err = map_conditional(exports, "FEATURE_STATISTICS", 0);
+#endif /* ndef FEATURE_STATISTICS */
+
+#ifdef FEATURE_TOGGLE
+   if (!err) err = map_conditional(exports, "FEATURE_TOGGLE", 1);
+#else /* ifndef FEATURE_TOGGLE */
+   if (!err) err = map_conditional(exports, "FEATURE_TOGGLE", 0);
+#endif /* ndef FEATURE_TOGGLE */
+
+#ifdef FEATURE_TRUST
+   if (!err) err = map_conditional(exports, "FEATURE_TRUST", 1);
+#else /* ifndef FEATURE_TRUST */
+   if (!err) err = map_conditional(exports, "FEATURE_TRUST", 0);
+#endif /* ndef FEATURE_TRUST */
+
+#ifdef FEATURE_ZLIB
+   if (!err) err = map_conditional(exports, "FEATURE_ZLIB", 1);
+#else /* ifndef FEATURE_ZLIB */
+   if (!err) err = map_conditional(exports, "FEATURE_ZLIB", 0);
+#endif /* ndef FEATURE_ZLIB */
+
+#ifdef STATIC_PCRE
+   if (!err) err = map_conditional(exports, "STATIC_PCRE", 1);
+#else /* ifndef STATIC_PCRE */
+   if (!err) err = map_conditional(exports, "STATIC_PCRE", 0);
+#endif /* ndef STATIC_PCRE */
+
+#ifdef STATIC_PCRS
+   if (!err) err = map_conditional(exports, "STATIC_PCRS", 1);
+#else /* ifndef STATIC_PCRS */
+   if (!err) err = map_conditional(exports, "STATIC_PCRS", 0);
+#endif /* ndef STATIC_PCRS */
+
+   return err;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  show_rcs
+ *
+ * Description :  Create a string with the rcs info for all sourcefiles
+ *
+ * Parameters  :  None
+ *
+ * Returns     :  A string, or NULL on out-of-memory.
+ *
+ *********************************************************************/
+static char *show_rcs(void)
+{
+   char *result = strdup("");
+   char buf[BUFFER_SIZE];
+
+   /* Instead of including *all* dot h's in the project (thus creating a
+    * tremendous amount of dependencies), I will concede to declaring them
+    * as extern's.  This forces the developer to add to this list, but oh well.
+    */
+
+#define SHOW_RCS(__x)              \
+   {                               \
+      extern const char __x[];     \
+      snprintf(buf, sizeof(buf), " %s\n", __x);   \
+      string_append(&result, buf); \
+   }
+
+   /* In alphabetical order */
+   SHOW_RCS(actions_h_rcs)
+   SHOW_RCS(actions_rcs)
+#ifdef AMIGA
+   SHOW_RCS(amiga_h_rcs)
+   SHOW_RCS(amiga_rcs)
+#endif /* def AMIGA */
+   SHOW_RCS(cgi_h_rcs)
+   SHOW_RCS(cgi_rcs)
+#ifdef FEATURE_CGI_EDIT_ACTIONS
+   SHOW_RCS(cgiedit_h_rcs)
+   SHOW_RCS(cgiedit_rcs)
+#endif /* def FEATURE_CGI_EDIT_ACTIONS */
+   SHOW_RCS(cgisimple_h_rcs)
+   SHOW_RCS(cgisimple_rcs)
+#ifdef __MINGW32__
+   SHOW_RCS(cygwin_h_rcs)
+#endif
+   SHOW_RCS(deanimate_h_rcs)
+   SHOW_RCS(deanimate_rcs)
+   SHOW_RCS(encode_h_rcs)
+   SHOW_RCS(encode_rcs)
+   SHOW_RCS(errlog_h_rcs)
+   SHOW_RCS(errlog_rcs)
+   SHOW_RCS(filters_h_rcs)
+   SHOW_RCS(filters_rcs)
+   SHOW_RCS(gateway_h_rcs)
+   SHOW_RCS(gateway_rcs)
+   SHOW_RCS(jbsockets_h_rcs)
+   SHOW_RCS(jbsockets_rcs)
+   SHOW_RCS(jcc_h_rcs)
+   SHOW_RCS(jcc_rcs)
+   SHOW_RCS(list_h_rcs)
+   SHOW_RCS(list_rcs)
+   SHOW_RCS(loadcfg_h_rcs)
+   SHOW_RCS(loadcfg_rcs)
+   SHOW_RCS(loaders_h_rcs)
+   SHOW_RCS(loaders_rcs)
+   SHOW_RCS(miscutil_h_rcs)
+   SHOW_RCS(miscutil_rcs)
+   SHOW_RCS(parsers_h_rcs)
+   SHOW_RCS(parsers_rcs)
+   SHOW_RCS(pcrs_rcs)
+   SHOW_RCS(pcrs_h_rcs)
+   SHOW_RCS(project_h_rcs)
+   SHOW_RCS(ssplit_h_rcs)
+   SHOW_RCS(ssplit_rcs)
+   SHOW_RCS(urlmatch_h_rcs)
+   SHOW_RCS(urlmatch_rcs)
+#ifdef _WIN32
+#ifndef _WIN_CONSOLE
+   SHOW_RCS(w32log_h_rcs)
+   SHOW_RCS(w32log_rcs)
+   SHOW_RCS(w32res_h_rcs)
+   SHOW_RCS(w32taskbar_h_rcs)
+   SHOW_RCS(w32taskbar_rcs)
+#endif /* ndef _WIN_CONSOLE */
+   SHOW_RCS(win32_h_rcs)
+   SHOW_RCS(win32_rcs)
+#endif /* def _WIN32 */
+
+#undef SHOW_RCS
+
+   return result;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  cgi_show_file
+ *
+ * Description :  CGI function that shows the content of a
+ *                configuration file.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  rsp = http_response data structure for output
+ *          3  :  parameters = map of cgi parameters
+ *
+ * CGI Parameters :
+ *        file :  Which file to show.  Only first letter is checked,
+ *                valid values are:
+ *                - "a"ction file
+ *                - "r"egex
+ *                - "t"rust
+ *                Default is to show menu and other information.
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.  
+ *
+ *********************************************************************/
+static jb_err cgi_show_file(struct client_state *csp,
+                            struct http_response *rsp,
+                            const struct map *parameters)
+{
+   unsigned i;
+   const char * filename = NULL;
+   char * file_description = NULL;
+
+   assert(csp);
+   assert(rsp);
+   assert(parameters);
+
+   switch (*(lookup(parameters, "file")))
+   {
+   case 'a':
+      if (!get_number_param(csp, parameters, "index", &i) && i < MAX_AF_FILES && csp->actions_list[i])
+      {
+         filename = csp->actions_list[i]->filename;
+         file_description = "Actions File";
+      }
+      break;
+
+   case 'f':
+      if (!get_number_param(csp, parameters, "index", &i) && i < MAX_AF_FILES && csp->rlist[i])
+      {
+         filename = csp->rlist[i]->filename;
+         file_description = "Filter File";
+      }
+      break;
+
+#ifdef FEATURE_TRUST
+   case 't':
+      if (csp->tlist)
+      {
+         filename = csp->tlist->filename;
+         file_description = "Trust File";
+      }
+      break;
+#endif /* def FEATURE_TRUST */
+   }
+
+   if (NULL != filename)
+   {
+      struct map *exports;
+      char *s;
+      jb_err err;
+      size_t length;
+
+      exports = default_exports(csp, "show-status");
+      if (NULL == exports)
+      {
+         return JB_ERR_MEMORY;
+      }
+
+      if ( map(exports, "file-description", 1, file_description, 1)
+        || map(exports, "filepath", 1, html_encode(filename), 0) )
+      {
+         free_map(exports);
+         return JB_ERR_MEMORY;
+      }
+
+      err = load_file(filename, &s, &length);
+      if (JB_ERR_OK != err)
+      {
+         if (map(exports, "contents", 1, "<h1>ERROR OPENING FILE!</h1>", 1))
+         {
+            free_map(exports);
+            return JB_ERR_MEMORY;
+         }
+      }
+      else
+      {
+         s = html_encode_and_free_original(s);
+         if (NULL == s)
+         {
+            return JB_ERR_MEMORY;
+         }
+
+         if (map(exports, "contents", 1, s, 0))
+         {
+            free_map(exports);
+            return JB_ERR_MEMORY;
+         }
+      }
+
+      return template_fill_for_cgi(csp, "show-status-file", exports, rsp);
+   }
+
+   return JB_ERR_CGI_PARAMS;
+}
+
+ 
+/*********************************************************************
+ *
+ * Function    :  load_file
+ *
+ * Description :  Loads a file into a buffer.
+ *
+ * Parameters  :
+ *          1  :  filename = Name of the file to be loaded.
+ *          2  :  buffer   = Used to return the file's content.
+ *          3  :  length   = Used to return the size of the file.
+ *
+ * Returns     :  JB_ERR_OK in case of success,
+ *                JB_ERR_FILE in case of ordinary file loading errors
+ *                            (fseek() and ftell() errors are fatal)
+ *                JB_ERR_MEMORY in case of out-of-memory.
+ *
+ *********************************************************************/
+static jb_err load_file(const char *filename, char **buffer, size_t *length)
+{
+   FILE *fp;
+   long ret;
+   jb_err err = JB_ERR_OK;
+
+   fp = fopen(filename, "rb");
+   if (NULL == fp)
+   {
+      return JB_ERR_FILE;
+   }
+
+   /* Get file length */
+   if (fseek(fp, 0, SEEK_END))
+   {
+      log_error(LOG_LEVEL_FATAL,
+         "Unexpected error while fseek()ing to the end of %s: %E",
+         filename);
+   }
+   ret = ftell(fp);
+   if (-1 == ret)
+   {
+      log_error(LOG_LEVEL_FATAL,
+         "Unexpected ftell() error while loading %s: %E",
+         filename);
+   }
+   *length = (size_t)ret;
+
+   /* Go back to the beginning. */
+   if (fseek(fp, 0, SEEK_SET))
+   {
+      log_error(LOG_LEVEL_FATAL,
+         "Unexpected error while fseek()ing to the beginning of %s: %E",
+         filename);
+   }
+
+   *buffer = (char *)zalloc(*length + 1);
+   if (NULL == *buffer)
+   {
+      err = JB_ERR_MEMORY;
+   }
+   else if (!fread(*buffer, *length, 1, fp))
+   {
+      /*
+       * May happen if the file size changes between fseek() and
+       * fread(). If it does, we just log it and serve what we got.
+       */
+      log_error(LOG_LEVEL_ERROR,
+         "Couldn't completely read file %s.", filename);
+      err = JB_ERR_FILE;
+   }
+
+   fclose(fp);
+
+   return err;
+
+}
+
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/cgisimple.h b/external/privoxy/cgisimple.h
new file mode 100644
index 0000000..2bce214
--- /dev/null
+++ b/external/privoxy/cgisimple.h
@@ -0,0 +1,185 @@
+#ifndef CGISIMPLE_H_INCLUDED
+#define CGISIMPLE_H_INCLUDED
+#define CGISIMPLE_H_VERSION "$Id: cgisimple.h,v 1.16 2008/05/26 17:30:55 fabiankeil Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/cgisimple.h,v $
+ *
+ * Purpose     :  Declares functions to intercept request, generate
+ *                html or gif answers, and to compose HTTP resonses.
+ *                
+ *                Functions declared include:
+ * 
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2007 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: cgisimple.h,v $
+ *    Revision 1.16  2008/05/26 17:30:55  fabiankeil
+ *    Provide an OpenSearch Description to access the
+ *    show-url-info page through "search engine plugins".
+ *
+ *    Revision 1.15  2007/01/23 15:51:17  fabiankeil
+ *    Add favicon delivery functions.
+ *
+ *    Revision 1.14  2006/09/06 18:45:03  fabiankeil
+ *    Incorporate modified version of Roland Rosenfeld's patch to
+ *    optionally access the user-manual via Privoxy. Closes patch 679075.
+ *
+ *    Formatting changed to Privoxy style, added call to
+ *    cgi_error_no_template if the requested file doesn't
+ *    exist and modified check whether or not Privoxy itself
+ *    should serve the manual. Should work cross-platform now.
+ *
+ *    Revision 1.13  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.11  2002/04/05 15:50:53  oes
+ *    added send-stylesheet CGI
+ *
+ *    Revision 1.10  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.9  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.8  2002/03/16 23:54:06  jongfoster
+ *    Adding graceful termination feature, to help look for memory leaks.
+ *    If you enable this (which, by design, has to be done by hand
+ *    editing config.h) and then go to http://i.j.b/die, then the program
+ *    will exit cleanly after the *next* request.  It should free all the
+ *    memory that was used.
+ *
+ *    Revision 1.7  2002/03/08 16:43:59  oes
+ *    Renamed cgi_transparent_png to cgi_transparent_image
+ *
+ *    Revision 1.6  2002/03/07 03:48:59  oes
+ *     - Changed built-in images from GIF to PNG
+ *       (with regard to Unisys patent issue)
+ *
+ *    Revision 1.5  2002/01/22 23:26:03  jongfoster
+ *    Adding cgi_transparent_gif() for http://i.j.b/t
+ *
+ *    Revision 1.4  2001/10/23 21:48:19  jongfoster
+ *    Cleaning up error handling in CGI functions - they now send back
+ *    a HTML error page and should never cause a FATAL error.  (Fixes one
+ *    potential source of "denial of service" attacks).
+ *
+ *    CGI actions file editor that works and is actually useful.
+ *
+ *    Ability to toggle JunkBuster remotely using a CGI call.
+ *
+ *    You can turn off both the above features in the main configuration
+ *    file, e.g. if you are running a multi-user proxy.
+ *
+ *    Revision 1.3  2001/10/14 22:00:32  jongfoster
+ *    Adding support for a 404 error when an invalid CGI page is requested.
+ *
+ *    Revision 1.2  2001/10/02 15:31:20  oes
+ *    Introduced show-request cgi
+ *
+ *    Revision 1.1  2001/09/16 17:08:54  jongfoster
+ *    Moving simple CGI functions from cgi.c to new file cgisimple.c
+ *
+ *
+ **********************************************************************/
+
+
+#include "project.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * CGI functions
+ */
+extern jb_err cgi_default      (struct client_state *csp,
+                                struct http_response *rsp,
+                                const struct map *parameters);
+extern jb_err cgi_error_404    (struct client_state *csp,
+                                struct http_response *rsp,
+                                const struct map *parameters);
+extern jb_err cgi_robots_txt   (struct client_state *csp,
+                                struct http_response *rsp,
+                                const struct map *parameters);
+extern jb_err cgi_send_banner  (struct client_state *csp,
+                                struct http_response *rsp,
+                                const struct map *parameters);
+extern jb_err cgi_show_status  (struct client_state *csp,
+                                struct http_response *rsp,
+                                const struct map *parameters);
+extern jb_err cgi_show_url_info(struct client_state *csp,
+                                struct http_response *rsp,
+                                const struct map *parameters);
+extern jb_err cgi_show_version (struct client_state *csp,
+                                struct http_response *rsp,
+                                const struct map *parameters);
+extern jb_err cgi_show_request (struct client_state *csp,
+                                struct http_response *rsp,
+                                const struct map *parameters);
+extern jb_err cgi_transparent_image (struct client_state *csp,
+                                     struct http_response *rsp,
+                                     const struct map *parameters);
+extern jb_err cgi_send_error_favicon (struct client_state *csp,
+                                      struct http_response *rsp,
+                                      const struct map *parameters);
+extern jb_err cgi_send_default_favicon (struct client_state *csp,
+                                        struct http_response *rsp,
+                                        const struct map *parameters);
+extern jb_err cgi_send_stylesheet(struct client_state *csp,
+                                  struct http_response *rsp,
+                                  const struct map *parameters);
+extern jb_err cgi_send_url_info_osd(struct client_state *csp,
+                                    struct http_response *rsp,
+                                    const struct map *parameters);
+extern jb_err cgi_send_user_manual(struct client_state *csp,
+                                   struct http_response *rsp,
+                                   const struct map *parameters);
+
+
+#ifdef FEATURE_GRACEFUL_TERMINATION
+extern jb_err cgi_die (struct client_state *csp,
+                       struct http_response *rsp,
+                       const struct map *parameters);
+#endif
+
+/* Revision control strings from this header and associated .c file */
+extern const char cgisimple_rcs[];
+extern const char cgisimple_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef CGISIMPLE_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/config b/external/privoxy/config
new file mode 100644
index 0000000..741382a
--- /dev/null
+++ b/external/privoxy/config
@@ -0,0 +1,1530 @@
+#        Sample Configuration File for Privoxy v3.0.12
+#
+#  $Id: config,v 1.76 2009/03/21 11:51:51 fabiankeil Exp $
+#
+#  Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
+#
+####################################################################
+#                                                                  #
+#                      Table of Contents                           #
+#                                                                  #
+#        I. INTRODUCTION                                           #
+#       II. FORMAT OF THE CONFIGURATION FILE                       #
+#                                                                  #
+#        1. LOCAL SET-UP DOCUMENTATION                             #
+#        2. CONFIGURATION AND LOG FILE LOCATIONS                   #
+#        3. DEBUGGING                                              #
+#        4. ACCESS CONTROL AND SECURITY                            #
+#        5. FORWARDING                                             #
+#        6. WINDOWS GUI OPTIONS                                    #
+#                                                                  #
+####################################################################
+#
+#
+#  I. INTRODUCTION
+#   ===============
+#
+#  This file holds Privoxy's main configuration. Privoxy detects
+#  configuration changes automatically, so you don't have to restart
+#  it unless you want to load a different configuration file.
+#
+#  The configuration will be reloaded with the first request after
+#  the change was done, this request itself will still use the old
+#  configuration, though. In other words: it takes two requests before
+#  you see the result of your changes.  Requests that are dropped due
+#  to ACL don't trigger reloads.
+#
+#  When starting Privoxy on Unix systems, give the location of this
+#  file as last argument. On Windows systems, Privoxy will look for
+#  this file with the name 'config.txt' in the current working directory
+#  of the Privoxy process.
+#
+#
+#  II. FORMAT OF THE CONFIGURATION FILE
+#  ====================================
+#
+#  Configuration lines consist of an initial keyword followed by a
+#  list of values, all separated by whitespace (any number of spaces
+#  or tabs). For example,
+#
+#  actionsfile default.action
+#
+#  Indicates that the actionsfile is named 'default.action'.
+#
+#  The '#' indicates a comment. Any part of a line following a '#'
+#  is ignored, except if the '#' is preceded by a '\'.
+#
+#  Thus, by placing a # at the start of an existing configuration
+#  line, you can make it a comment and it will be treated as if it
+#  weren't there. This is called "commenting out" an option and can
+#  be useful. Removing the # again is called "uncommenting".
+#
+#  Note that commenting out an option and leaving it at its default
+#  are two completely different things! Most options behave very
+#  differently when unset.  See the "Effect if unset" explanation in
+#  each option's description for details.
+#
+#  Long lines can be continued on the next line by using a `\' as the
+#  last character.
+#
+#
+#
+#  1. LOCAL SET-UP DOCUMENTATION
+#  ==============================
+#
+#  If you intend to operate Privoxy for more users than just yourself,
+#  it might be a good idea to let them know how to reach you, what
+#  you block and why you do that, your policies, etc.
+#
+#
+#
+#  1.1. user-manual
+#  =================
+#
+#  Specifies:
+#
+#      Location of the Privoxy User Manual.
+#
+#  Type of value:
+#
+#      A fully qualified URI
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      http://www.privoxy.org/version/user-manual/ will be used,
+#      where version is the Privoxy version.
+#
+#  Notes:
+#
+#      The User Manual URI is the single best source of information on
+#      Privoxy, and is used for help links from some of the internal
+#      CGI pages. The manual itself is normally packaged with the
+#      binary distributions, so you probably want to set this to a
+#      locally installed copy.
+#
+#      Examples:
+#
+#      The best all purpose solution is simply to put the full local
+#      PATH to where the User Manual is located:
+#
+#        user-manual  /usr/share/doc/privoxy/user-manual
+#
+#
+#      The User Manual is then available to anyone with
+#      access to Privoxy, by following the built-in URL:
+#      http://config.privoxy.org/user-manual/ (or the shortcut:
+#      http://p.p/user-manual/).
+#
+#      If the documentation is not on the local system, it can be
+#      accessed from a remote server, as:
+#
+#        user-manual  http://example.com/privoxy/user-manual/
+#
+#
+#      WARNING!!!
+#
+#          If set, this option should be the first option in the config
+#          file, because it is used while the config file is being read.
+#
+#user-manual http://www.privoxy.org/user-manual/
+#
+#
+#  1.2. trust-info-url
+#  ====================
+#
+#  Specifies:
+#
+#      A URL to be displayed in the error page that users will see if
+#      access to an untrusted page is denied.
+#
+#  Type of value:
+#
+#      URL
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      No links are displayed on the "untrusted" error page.
+#
+#  Notes:
+#
+#      The value of this option only matters if the experimental trust
+#      mechanism has been activated. (See trustfile below.)
+#
+#      If you use the trust mechanism, it is a good idea to write
+#      up some on-line documentation about your trust policy and to
+#      specify the URL(s) here. Use multiple times for multiple URLs.
+#
+#      The URL(s) should be added to the trustfile as well, so users
+#      don't end up locked out from the information on why they were
+#      locked out in the first place!
+#
+#trust-info-url  http://www.example.com/why_we_block.html
+#trust-info-url  http://www.example.com/what_we_allow.html
+#
+#
+#  1.3. admin-address
+#  ===================
+#
+#  Specifies:
+#
+#      An email address to reach the Privoxy administrator.
+#
+#  Type of value:
+#
+#      Email address
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      No email address is displayed on error pages and the CGI user
+#      interface.
+#
+#  Notes:
+#
+#      If both admin-address and proxy-info-url are unset, the whole
+#      "Local Privoxy Support" box on all generated pages will not
+#      be shown.
+#
+#admin-address privoxy-admin at example.com
+#
+#
+#  1.4. proxy-info-url
+#  ====================
+#
+#  Specifies:
+#
+#      A URL to documentation about the local Privoxy setup,
+#      configuration or policies.
+#
+#  Type of value:
+#
+#      URL
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      No link to local documentation is displayed on error pages and
+#      the CGI user interface.
+#
+#  Notes:
+#
+#      If both admin-address and proxy-info-url are unset, the whole
+#      "Local Privoxy Support" box on all generated pages will not
+#      be shown.
+#
+#      This URL shouldn't be blocked ;-)
+#
+#proxy-info-url http://www.example.com/proxy-service.html
+#
+#
+#  2. CONFIGURATION AND LOG FILE LOCATIONS
+#  ========================================
+#
+#  Privoxy can (and normally does) use a number of other files for
+#  additional configuration, help and logging. This section of the
+#  configuration file tells Privoxy where to find those other files.
+#
+#  The user running Privoxy, must have read permission for all
+#  configuration files, and write permission to any files that would
+#  be modified, such as log files and actions files.
+#
+#
+#
+#  2.1. confdir
+#  =============
+#
+#  Specifies:
+#
+#      The directory where the other configuration files are located.
+#
+#  Type of value:
+#
+#      Path name
+#
+#  Default value:
+#
+#      /etc/privoxy (Unix) or Privoxy installation dir (Windows)
+#
+#  Effect if unset:
+#
+#      Mandatory
+#
+#  Notes:
+#
+#      No trailing "/", please.
+#
+confdir .
+#
+#
+#  2.2. templdir
+#  ==============
+#
+#  Specifies:
+#
+#      An alternative directory where the templates are loaded from.
+#
+#  Type of value:
+#
+#      Path name
+#
+#  Default value:
+#
+#      unset
+#
+#  Effect if unset:
+#
+#      The templates are assumed to be located in confdir/template.
+#
+#  Notes:
+#
+#      Privoxy's original templates are usually overwritten with each
+#      update. Use this option to relocate customized templates that
+#      should be kept. As template variables might change between
+#      updates, you shouldn't expect templates to work with Privoxy
+#      releases other than the one they were part of, though.
+#
+#templdir .
+#
+#
+#  2.3. logdir
+#  ============
+#
+#  Specifies:
+#
+#      The directory where all logging takes place (i.e. where the
+#      logfile is located).
+#
+#  Type of value:
+#
+#      Path name
+#
+#  Default value:
+#
+#      /var/log/privoxy (Unix) or Privoxy installation dir (Windows)
+#
+#  Effect if unset:
+#
+#      Mandatory
+#
+#  Notes:
+#
+#      No trailing "/", please.
+#
+logdir .
+#
+#
+#  2.4. actionsfile
+#  =================
+#
+#  Specifies:
+#
+#      The actions file(s) to use
+#
+#  Type of value:
+#
+#      Complete file name, relative to confdir
+#
+#  Default values:
+#
+#        match-all.action # Actions that are applied to all sites and maybe overruled later on.
+#
+#        default.action   # Main actions file
+#
+#        user.action      # User customizations
+#
+#  Effect if unset:
+#
+#      No actions are taken at all. More or less neutral proxying.
+#
+#  Notes:
+#
+#      Multiple actionsfile lines are permitted, and are in fact
+#      recommended!
+#
+#      The default values are default.action, which is the "main"
+#      actions file maintained by the developers, and user.action,
+#      where you can make your personal additions.
+#
+#      Actions files contain all the per site and per URL configuration
+#      for ad blocking, cookie management, privacy considerations,
+#      etc. There is no point in using Privoxy without at least one
+#      actions file.
+#
+#      Note that since Privoxy 3.0.7, the complete filename, including
+#      the ".action" extension has to be specified. The syntax change
+#      was necessary to be consistent with the other file options and
+#      to allow previously forbidden characters.
+#
+actionsfile match-all.action # Actions that are applied to all sites and maybe overruled later on.
+actionsfile default.action   # Main actions file
+actionsfile user.action      # User customizations
+#
+#
+#  2.5. filterfile
+#  ================
+#
+#  Specifies:
+#
+#      The filter file(s) to use
+#
+#  Type of value:
+#
+#      File name, relative to confdir
+#
+#  Default value:
+#
+#      default.filter (Unix) or default.filter.txt (Windows)
+#
+#  Effect if unset:
+#
+#      No textual content filtering takes place, i.e. all +filter{name}
+#      actions in the actions files are turned neutral.
+#
+#  Notes:
+#
+#      Multiple filterfile lines are permitted.
+#
+#      The filter files contain content modification rules that use
+#      regular expressions. These rules permit powerful changes on the
+#      content of Web pages, and optionally the headers as well, e.g.,
+#      you could try to disable your favorite JavaScript annoyances,
+#      re-write the actual displayed text, or just have some fun
+#      playing buzzword bingo with web pages.
+#
+#      The +filter{name} actions rely on the relevant filter (name)
+#      to be defined in a filter file!
+#
+#      A pre-defined filter file called default.filter that contains a
+#      number of useful filters for common problems is included in the
+#      distribution. See the section on the filter action for a list.
+#
+#      It is recommended to place any locally adapted filters into a
+#      separate file, such as user.filter.
+#
+filterfile default.filter
+#filterfile user.filter      # User customizations
+#
+#
+#  2.6. logfile
+#  =============
+#
+#  Specifies:
+#
+#      The log file to use
+#
+#  Type of value:
+#
+#      File name, relative to logdir
+#
+#  Default value:
+#
+#      Unset (commented out). When activated: logfile (Unix) or
+#      privoxy.log (Windows).
+#
+#  Effect if unset:
+#
+#      No logfile is written.
+#
+#  Notes:
+#
+#      The logfile is where all logging and error messages are
+#      written. The level of detail and number of messages are set with
+#      the debug option (see below).  The logfile can be useful for
+#      tracking down a problem with Privoxy (e.g., it's not blocking
+#      an ad you think it should block) and it can help you to monitor
+#      what your browser is doing.
+#
+#      Depending on the debug options below, the logfile may be a
+#      privacy risk if third parties can get access to it. As most
+#      users will never look at it, Privoxy 3.0.7 and later only log
+#      fatal errors by default.
+#
+#      For most troubleshooting purposes, you will have to change that,
+#      please refer to the debugging section for details.
+#
+#      Your logfile will grow indefinitely, and you will probably
+#      want to periodically remove it. On Unix systems, you can do
+#      this with a cron job (see "man cron"). For Red Hat based Linux
+#      distributions, a logrotate script has been included.
+#
+#      Any log files must be writable by whatever user Privoxy is
+#      being run as (on Unix, default user id is "privoxy").
+#
+logfile logfile
+#
+#
+#  2.7. trustfile
+#  ===============
+#
+#  Specifies:
+#
+#      The name of the trust file to use
+#
+#  Type of value:
+#
+#      File name, relative to confdir
+#
+#  Default value:
+#
+#      Unset (commented out). When activated: trust (Unix) or trust.txt
+#      (Windows)
+#
+#  Effect if unset:
+#
+#      The entire trust mechanism is disabled.
+#
+#  Notes:
+#
+#      The trust mechanism is an experimental feature for building
+#      white-lists and should be used with care. It is NOT recommended
+#      for the casual user.
+#
+#      If you specify a trust file, Privoxy will only allow access to
+#      sites that are specified in the trustfile. Sites can be listed
+#      in one of two ways:
+#
+#      Prepending a ~ character limits access to this site only (and
+#      any sub-paths within this site), e.g. ~www.example.com allows
+#      access to ~www.example.com/ features/news.html, etc.
+#
+#      Or, you can designate sites as trusted referrers, by prepending
+#      the name with a + character. The effect is that access to
+#      untrusted sites will be granted -- but only if a link from
+#      this trusted referrer was used to get there. The link target
+#      will then be added to the "trustfile" so that future, direct
+#      accesses will be granted. Sites added via this mechanism do
+#      not become trusted referrers themselves (i.e. they are added
+#      with a ~ designation). There is a limit of 512 such entries,
+#      after which new entries will not be made.
+#
+#      If you use the + operator in the trust file, it may grow
+#      considerably over time.
+#
+#      It is recommended that Privoxy be compiled with the
+#      --disable-force, --disable-toggle and --disable-editor options,
+#      if this feature is to be used.
+#
+#      Possible applications include limiting Internet access for
+#      children.
+#
+#trustfile trust
+#
+#
+#  3. DEBUGGING
+#  =============
+#
+#  These options are mainly useful when tracing a problem. Note that
+#  you might also want to invoke Privoxy with the --no-daemon command
+#  line option when debugging.
+#
+#
+#
+#  3.1. debug
+#  ===========
+#
+#  Specifies:
+#
+#      Key values that determine what information gets logged.
+#
+#  Type of value:
+#
+#      Integer values
+#
+#  Default value:
+#
+#      0 (i.e.: only fatal errors (that cause Privoxy to exit) are logged)
+#
+#  Effect if unset:
+#
+#      Default value is used (see above).
+#
+#  Notes:
+#
+#      The available debug levels are:
+#
+#        debug         1 # Log the destination for each request Privoxy let through. See also debug 1024.
+#        debug         2 # show each connection status
+#        debug         4 # show I/O status
+#        debug         8 # show header parsing
+#        debug        16 # log all data written to the network into the logfile
+#        debug        32 # debug force feature
+#        debug        64 # debug regular expression filters
+#        debug       128 # debug redirects
+#        debug       256 # debug GIF de-animation
+#        debug       512 # Common Log Format
+#        debug      1024 # Log the destination for requests Privoxy didn't let through, and the reason why.
+#        debug      2048 # CGI user interface
+#        debug      4096 # Startup banner and warnings.
+#        debug      8192 # Non-fatal errors
+#
+#
+#      To select multiple debug levels, you can either add them or
+#      use multiple debug lines.
+#
+#      A debug level of 1 is informative because it will show you each
+#      request as it happens. 1, 4096 and 8192 are recommended so that
+#      you will notice when things go wrong. The other levels are
+#      probably only of interest if you are hunting down a specific
+#      problem. They can produce a hell of an output (especially 16).
+#
+#      Privoxy used to ship with the debug levels recommended above
+#      enabled by default, but due to privacy concerns 3.0.7 and later
+#      are configured to only log fatal errors.
+#
+#      If you are used to the more verbose settings, simply enable
+#      the debug lines below again.
+#
+#      If you want to use pure CLF (Common Log Format), you should set
+#      "debug 512" ONLY and not enable anything else.
+#
+#      Privoxy has a hard-coded limit for the length of log messages. If
+#      it's reached, messages are logged truncated and marked with
+#      "... [too long, truncated]".
+#
+#      Please don't file any support requests without trying to
+#      reproduce the problem with increased debug level first. Once
+#      you read the log messages, you may even be able to solve the
+#      problem on your own.
+#
+#debug      1 # Log the destination for each request Privoxy let through.
+#debug   1024 # Log the destination for requests Privoxy didn't let through, and the reason why.
+#debug   4096 # Startup banner and warnings
+#debug   8192 # Non-fatal errors
+#
+#
+#  3.2. single-threaded
+#  =====================
+#
+#  Specifies:
+#
+#      Whether to run only one server thread.
+#
+#  Type of value:
+#
+#      None
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      Multi-threaded (or, where unavailable: forked) operation,
+#      i.e. the ability to serve multiple requests simultaneously.
+#
+#  Notes:
+#
+#      This option is only there for debugging purposes. It will
+#      drastically reduce performance.
+#
+#single-threaded
+#
+#
+#  3.3. hostname
+#  ==============
+#
+#  Specifies:
+#
+#      The hostname shown on the CGI pages.
+#
+#  Type of value:
+#
+#      Text
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      The hostname provided by the operating system is used.
+#
+#  Notes:
+#
+#      On some misconfigured systems resolving the hostname fails or
+#      takes too much time and slows Privoxy down. Setting a fixed
+#      hostname works around the problem.
+#
+#      In other circumstances it might be desirable to show a hostname
+#      other than the one returned by the operating system. For example
+#      if the system has several different hostnames and you don't
+#      want to use the first one.
+#
+#      Note that Privoxy does not validate the specified hostname value.
+#
+#hostname hostname.example.org
+#
+#
+#  4. ACCESS CONTROL AND SECURITY
+#  ===============================
+#
+#  This section of the config file controls the security-relevant
+#  aspects of Privoxy's configuration.
+#
+#
+#
+#  4.1. listen-address
+#  ====================
+#
+#  Specifies:
+#
+#      The IP address and TCP port on which Privoxy will listen for
+#      client requests.
+#
+#  Type of value:
+#
+#      [IP-Address]:Port
+#
+#  Default value:
+#
+#      127.0.0.1:8118
+#
+#  Effect if unset:
+#
+#      Bind to 127.0.0.1 (localhost), port 8118. This is suitable and
+#      recommended for home users who run Privoxy on the same machine
+#      as their browser.
+#
+#  Notes:
+#
+#      You will need to configure your browser(s) to this proxy address
+#      and port.
+#
+#      If you already have another service running on port 8118, or
+#      if you want to serve requests from other machines (e.g. on your
+#      local network) as well, you will need to override the default.
+#
+#      If you leave out the IP address, Privoxy will bind to all
+#      interfaces (addresses) on your machine and may become reachable
+#      from the Internet. In that case, consider using access control
+#      lists (ACL's, see below), and/or a firewall.
+#
+#      If you open Privoxy to untrusted users, you will also
+#      want to make sure that the following actions are disabled:
+#      enable-edit-actions and enable-remote-toggle
+#
+#  Example:
+#
+#      Suppose you are running Privoxy on a machine which has the
+#      address 192.168.0.1 on your local private network (192.168.0.0)
+#      and has another outside connection with a different address. You
+#      want it to serve requests from inside only:
+#
+#        listen-address  192.168.0.1:8118
+#
+#
+listen-address  127.0.0.1:8118
+#
+#
+#  4.2. toggle
+#  ============
+#
+#  Specifies:
+#
+#      Initial state of "toggle" status
+#
+#  Type of value:
+#
+#      1 or 0
+#
+#  Default value:
+#
+#      1
+#
+#  Effect if unset:
+#
+#      Act as if toggled on
+#
+#  Notes:
+#
+#      If set to 0, Privoxy will start in "toggled off" mode,
+#      i.e. mostly behave like a normal, content-neutral proxy
+#      with both ad blocking and content filtering disabled. See
+#      enable-remote-toggle below.
+#
+#      The windows version will only display the toggle icon in the
+#      system tray if this option is present.
+#
+toggle  1
+#
+#
+#  4.3. enable-remote-toggle
+#  ==========================
+#
+#  Specifies:
+#
+#      Whether or not the web-based toggle feature may be used
+#
+#  Type of value:
+#
+#      0 or 1
+#
+#  Default value:
+#
+#      0
+#
+#  Effect if unset:
+#
+#      The web-based toggle feature is disabled.
+#
+#  Notes:
+#
+#      When toggled off, Privoxy mostly acts like a normal,
+#      content-neutral proxy, i.e. doesn't block ads or filter content.
+#
+#      Access to the toggle feature can not be controlled separately by
+#      "ACLs" or HTTP authentication, so that everybody who can access
+#      Privoxy (see "ACLs" and listen-address above) can toggle it
+#      for all users. So this option is not recommended for multi-user
+#      environments with untrusted users.
+#
+#      Note that malicious client side code (e.g Java) is also capable
+#      of using this option.
+#
+#      As a lot of Privoxy users don't read documentation, this feature
+#      is disabled by default.
+#
+#      Note that you must have compiled Privoxy with support for this
+#      feature, otherwise this option has no effect.
+#
+enable-remote-toggle  0
+#
+#
+#  4.4. enable-remote-http-toggle
+#  ===============================
+#
+#  Specifies:
+#
+#      Whether or not Privoxy recognizes special HTTP headers to change
+#      its behaviour.
+#
+#  Type of value:
+#
+#      0 or 1
+#
+#  Default value:
+#
+#      0
+#
+#  Effect if unset:
+#
+#      Privoxy ignores special HTTP headers.
+#
+#  Notes:
+#
+#      When toggled on, the client can change Privoxy's behaviour by
+#      setting special HTTP headers. Currently the only supported
+#      special header is "X-Filter: No", to disable filtering for
+#      the ongoing request, even if it is enabled in one of the
+#      action files.
+#
+#      This feature is disabled by default. If you are using Privoxy in
+#      a environment with trusted clients, you may enable this feature
+#      at your discretion. Note that malicious client side code (e.g
+#      Java) is also capable of using this feature.
+#
+#      This option will be removed in future releases as it has been
+#      obsoleted by the more general header taggers.
+#
+enable-remote-http-toggle  0
+#
+#
+#  4.5. enable-edit-actions
+#  =========================
+#
+#  Specifies:
+#
+#      Whether or not the web-based actions file editor may be used
+#
+#  Type of value:
+#
+#      0 or 1
+#
+#  Default value:
+#
+#      0
+#
+#  Effect if unset:
+#
+#      The web-based actions file editor is disabled.
+#
+#  Notes:
+#
+#      Access to the editor can not be controlled separately by
+#      "ACLs" or HTTP authentication, so that everybody who can access
+#      Privoxy (see "ACLs" and listen-address above) can modify its
+#      configuration for all users.
+#
+#      This option is not recommended for environments with untrusted
+#      users and as a lot of Privoxy users don't read documentation,
+#      this feature is disabled by default.
+#
+#      Note that malicious client side code (e.g Java) is also capable
+#      of using the actions editor and you shouldn't enable this
+#      options unless you understand the consequences and are sure
+#      your browser is configured correctly.
+#
+#      Note that you must have compiled Privoxy with support for this
+#      feature, otherwise this option has no effect.
+#
+enable-edit-actions 0
+#
+#
+#  4.6. enforce-blocks
+#  ====================
+#
+#  Specifies:
+#
+#      Whether the user is allowed to ignore blocks and can "go there
+#      anyway".
+#
+#  Type of value:
+#
+#      0 or 1
+#
+#  Default value:
+#
+#      0
+#
+#  Effect if unset:
+#
+#      Blocks are not enforced.
+#
+#  Notes:
+#
+#      Privoxy is mainly used to block and filter requests as a service
+#      to the user, for example to block ads and other junk that clogs
+#      the pipes.  Privoxy's configuration isn't perfect and sometimes
+#      innocent pages are blocked. In this situation it makes sense to
+#      allow the user to enforce the request and have Privoxy ignore
+#      the block.
+#
+#      In the default configuration Privoxy's "Blocked" page contains
+#      a "go there anyway" link to adds a special string (the force
+#      prefix) to the request URL. If that link is used, Privoxy
+#      will detect the force prefix, remove it again and let the
+#      request pass.
+#
+#      Of course Privoxy can also be used to enforce a network
+#      policy. In that case the user obviously should not be able to
+#      bypass any blocks, and that's what the "enforce-blocks" option
+#      is for. If it's enabled, Privoxy hides the "go there anyway"
+#      link. If the user adds the force prefix by hand, it will not
+#      be accepted and the circumvention attempt is logged.
+#
+#  Examples:
+#
+#      enforce-blocks 1
+#
+enforce-blocks 0
+#
+#
+#  4.7. ACLs: permit-access and deny-access
+#  =========================================
+#
+#  Specifies:
+#
+#      Who can access what.
+#
+#  Type of value:
+#
+#      src_addr[/src_masklen] [dst_addr[/dst_masklen]]
+#
+#      Where src_addr and dst_addr are IP addresses in dotted decimal
+#      notation or valid DNS names, and src_masklen and dst_masklen are
+#      subnet masks in CIDR notation, i.e. integer values from 2 to 30
+#      representing the length (in bits) of the network address. The
+#      masks and the whole destination part are optional.
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      Don't restrict access further than implied by listen-address
+#
+#  Notes:
+#
+#      Access controls are included at the request of ISPs and systems
+#      administrators, and are not usually needed by individual
+#      users. For a typical home user, it will normally suffice to
+#      ensure that Privoxy only listens on the localhost (127.0.0.1)
+#      or internal (home) network address by means of the listen-address
+#      option.
+#
+#      Please see the warnings in the FAQ that Privoxy is not intended
+#      to be a substitute for a firewall or to encourage anyone to
+#      defer addressing basic security weaknesses.
+#
+#      Multiple ACL lines are OK. If any ACLs are specified, Privoxy
+#      only talks to IP addresses that match at least one permit-access
+#      line and don't match any subsequent deny-access line. In other
+#      words, the last match wins, with the default being deny-access.
+#
+#      If Privoxy is using a forwarder (see forward below) for a
+#      particular destination URL, the dst_addr that is examined is
+#      the address of the forwarder and NOT the address of the ultimate
+#      target. This is necessary because it may be impossible for the
+#      local Privoxy to determine the IP address of the ultimate target
+#      (that's often what gateways are used for).
+#
+#      You should prefer using IP addresses over DNS names, because
+#      the address lookups take time. All DNS names must resolve! You
+#      can not use domain patterns like "*.org" or partial domain
+#      names. If a DNS name resolves to multiple IP addresses, only
+#      the first one is used.
+#
+#      Denying access to particular sites by ACL may have undesired
+#      side effects if the site in question is hosted on a machine
+#      which also hosts other sites (most sites are).
+#
+#  Examples:
+#
+#      Explicitly define the default behavior if no ACL and
+#      listen-address are set: "localhost" is OK. The absence of a
+#      dst_addr implies that all destination addresses are OK:
+#
+#        permit-access  localhost
+#
+#
+#      Allow any host on the same class C subnet as www.privoxy.org
+#      access to nothing but www.example.com (or other domains hosted
+#      on the same system):
+#
+#        permit-access  www.privoxy.org/24 www.example.com/32
+#
+#
+#      Allow access from any host on the 26-bit subnet 192.168.45.64 to
+#      anywhere, with the exception that 192.168.45.73 may not access
+#      the IP address behind www.dirty-stuff.example.com:
+#
+#        permit-access  192.168.45.64/26 
+#        deny-access   192.168.45.73  www.dirty-stuff.example.com
+#
+#
+#
+#  4.8. buffer-limit
+#  ==================
+#
+#  Specifies:
+#
+#      Maximum size of the buffer for content filtering.
+#
+#  Type of value:
+#
+#      Size in Kbytes
+#
+#  Default value:
+#
+#      4096
+#
+#  Effect if unset:
+#
+#      Use a 4MB (4096 KB) limit.
+#
+#  Notes:
+#
+#      For content filtering, i.e. the +filter and +deanimate-gif
+#      actions, it is necessary that Privoxy buffers the entire document
+#      body. This can be potentially dangerous, since a server could
+#      just keep sending data indefinitely and wait for your RAM to
+#      exhaust -- with nasty consequences.  Hence this option.
+#
+#      When a document buffer size reaches the buffer-limit, it is
+#      flushed to the client unfiltered and no further attempt to filter
+#      the rest of the document is made. Remember that there may be
+#      multiple threads running, which might require up to buffer-limit
+#      Kbytes each, unless you have enabled "single-threaded" above.
+#
+buffer-limit 4096
+#
+#
+#  5. FORWARDING
+#  ==============
+#
+#  This feature allows routing of HTTP requests through a chain of
+#  multiple proxies.
+#
+#  Forwarding can be used to chain Privoxy with a caching proxy to
+#  speed up browsing. Using a parent proxy may also be necessary if
+#  the machine that Privoxy runs on has no direct Internet access.
+#
+#  Note that parent proxies can severely decrease your privacy
+#  level. For example a parent proxy could add your IP address to the
+#  request headers and if it's a caching proxy it may add the "Etag"
+#  header to revalidation requests again, even though you configured
+#  Privoxy to remove it. It may also ignore Privoxy's header time
+#  randomization and use the original values which could be used by
+#  the server as cookie replacement to track your steps between visits.
+#
+#  Also specified here are SOCKS proxies. Privoxy supports the SOCKS
+#  4 and SOCKS 4A protocols.
+#
+#
+#
+#  5.1. forward
+#  =============
+#
+#  Specifies:
+#
+#      To which parent HTTP proxy specific requests should be routed.
+#
+#  Type of value:
+#
+#      target_pattern http_parent[:port]
+#
+#      where target_pattern is a URL pattern that specifies to which
+#      requests (i.e. URLs) this forward rule shall apply. Use /
+#      to denote "all URLs".  http_parent[:port] is the DNS name or
+#      IP address of the parent HTTP proxy through which the requests
+#      should be forwarded, optionally followed by its listening port
+#      (default: 8080). Use a single dot (.) to denote "no forwarding".
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      Don't use parent HTTP proxies.
+#
+#  Notes:
+#
+#      If http_parent is ".", then requests are not forwarded to
+#      another HTTP proxy but are made directly to the web servers.
+#
+#      Multiple lines are OK, they are checked in sequence, and the
+#      last match wins.
+#
+#  Examples:
+#
+#      Everything goes to an example parent proxy, except SSL on port
+#      443 (which it doesn't handle):
+#
+#        forward   /      parent-proxy.example.org:8080 
+#        forward   :443   .
+#
+#
+#      Everything goes to our example ISP's caching proxy, except for
+#      requests to that ISP's sites:
+#
+#        forward   /                  caching-proxy.isp.example.net:8000
+#        forward   .isp.example.net   .
+#
+#
+#
+#
+#  5.2. forward-socks4, forward-socks4a and forward-socks5
+#  ========================================================
+#
+#  Specifies:
+#
+#      Through which SOCKS proxy (and optionally to which parent HTTP
+#      proxy) specific requests should be routed.
+#
+#  Type of value:
+#
+#      target_pattern socks_proxy[:port] http_parent[:port]
+#
+#      where target_pattern is a URL pattern that specifies to which
+#      requests (i.e. URLs) this forward rule shall apply. Use / to
+#      denote "all URLs".  http_parent and socks_proxy are IP addresses
+#      in dotted decimal notation or valid DNS names (http_parent may
+#      be "." to denote "no HTTP forwarding"), and the optional port
+#      parameters are TCP ports, i.e. integer values from 1 to 65535
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      Don't use SOCKS proxies.
+#
+#  Notes:
+#
+#      Multiple lines are OK, they are checked in sequence, and the
+#      last match wins.
+#
+#      The difference between forward-socks4 and forward-socks4a
+#      is that in the SOCKS 4A protocol, the DNS resolution of the
+#      target hostname happens on the SOCKS server, while in SOCKS 4
+#      it happens locally.
+#
+#      With forward-socks5 the DNS resolution will happen on the remote
+#      server as well.
+#
+#      If http_parent is ".", then requests are not forwarded to another
+#      HTTP proxy but are made (HTTP-wise) directly to the web servers,
+#      albeit through a SOCKS proxy.
+#
+#  Examples:
+#
+#      From the company example.com, direct connections are made to all
+#      "internal" domains, but everything outbound goes through their
+#      ISP's proxy by way of example.com's corporate SOCKS 4A gateway
+#      to the Internet.
+#
+#        forward-socks4a   /       socks-gw.example.com:1080    www-cache.isp.example.net:8080 
+#        forward           .example.com        .
+#
+#
+#      A rule that uses a SOCKS 4 gateway for all destinations but no
+#      HTTP parent looks like this:
+#
+#        forward-socks4   /               socks-gw.example.com:1080  .
+#
+#
+#      To chain Privoxy and Tor, both running on the same system,
+#      you would use something like:
+#
+#        forward-socks4a   /               127.0.0.1:9050 .
+#
+#
+#      The public Tor network can't be used to reach your local network,
+#      if you need to access local servers you therefore might want
+#      to make some exceptions:
+#
+#        forward         192.168.*.*/     .  
+#        forward         10.*.*.*/        .  
+#        forward         127.*.*.*/       .
+#
+#
+#      Unencrypted connections to systems in these address ranges will
+#      be as (un) secure as the local network is, but the alternative
+#      is that you can't reach the local network through Privoxy at
+#      all. Of course this may actually be desired and there is no
+#      reason to make these exceptions if you aren't sure you need them.
+#
+#      If you also want to be able to reach servers in your local
+#      network by using their names, you will need additional exceptions
+#      that look like this:
+#
+#       forward           localhost/     .
+#
+#
+#
+#
+#  5.3. forwarded-connect-retries
+#  ===============================
+#
+#  Specifies:
+#
+#      How often Privoxy retries if a forwarded connection request
+#      fails.
+#
+#  Type of value:
+#
+#      Number of retries.
+#
+#  Default value:
+#
+#      0
+#
+#  Effect if unset:
+#
+#      Connections forwarded through other proxies are treated like
+#      direct connections and no retry attempts are made.
+#
+#  Notes:
+#
+#      forwarded-connect-retries is mainly interesting for socks4a
+#      connections, where Privoxy can't detect why the connections
+#      failed. The connection might have failed because of a DNS timeout
+#      in which case a retry makes sense, but it might also have failed
+#      because the server doesn't exist or isn't reachable. In this
+#      case the retry will just delay the appearance of Privoxy's
+#      error message.
+#
+#      Note that in the context of this option, "forwarded connections"
+#      includes all connections that Privoxy forwards through other
+#      proxies. This option is not limited to the HTTP CONNECT method.
+#
+#      Only use this option, if you are getting lots of
+#      forwarding-related error messages that go away when you try again
+#      manually. Start with a small value and check Privoxy's logfile
+#      from time to time, to see how many retries are usually needed.
+#
+#  Examples:
+#
+#      forwarded-connect-retries 1
+#
+forwarded-connect-retries  0
+#
+#
+#  5.4. accept-intercepted-requests
+#  =================================
+#
+#  Specifies:
+#
+#      Whether intercepted requests should be treated as valid.
+#
+#  Type of value:
+#
+#      0 or 1
+#
+#  Default value:
+#
+#      0
+#
+#  Effect if unset:
+#
+#      Only proxy requests are accepted, intercepted requests are
+#      treated as invalid.
+#
+#  Notes:
+#
+#      If you don't trust your clients and want to force them to use
+#      Privoxy, enable this option and configure your packet filter
+#      to redirect outgoing HTTP connections into Privoxy.
+#
+#      Make sure that Privoxy's own requests aren't redirected as well.
+#      Additionally take care that Privoxy can't intentionally connect
+#      to itself, otherwise you could run into redirection loops if
+#      Privoxy's listening port is reachable by the outside or an
+#      attacker has access to the pages you visit.
+#
+#  Examples:
+#
+#      accept-intercepted-requests 1
+#
+accept-intercepted-requests 0
+#
+#
+#  5.5. allow-cgi-request-crunching
+#  =================================
+#
+#  Specifies:
+#
+#      Whether requests to Privoxy's CGI pages can be blocked or
+#      redirected.
+#
+#  Type of value:
+#
+#      0 or 1
+#
+#  Default value:
+#
+#      0
+#
+#  Effect if unset:
+#
+#      Privoxy ignores block and redirect actions for its CGI pages.
+#
+#  Notes:
+#
+#      By default Privoxy ignores block or redirect actions for
+#      its CGI pages.  Intercepting these requests can be useful in
+#      multi-user setups to implement fine-grained access control,
+#      but it can also render the complete web interface useless and
+#      make debugging problems painful if done without care.
+#
+#      Don't enable this option unless you're sure that you really
+#      need it.
+#
+#  Examples:
+#
+#      allow-cgi-request-crunching 1
+#
+allow-cgi-request-crunching 0
+#
+#
+#  5.6. split-large-forms
+#  =======================
+#
+#  Specifies:
+#
+#      Whether the CGI interface should stay compatible with broken
+#      HTTP clients.
+#
+#  Type of value:
+#
+#      0 or 1
+#
+#  Default value:
+#
+#      0
+#
+#  Effect if unset:
+#
+#      The CGI form generate long GET URLs.
+#
+#  Notes:
+#
+#      Privoxy's CGI forms can lead to rather long URLs. This isn't
+#      a problem as far as the HTTP standard is concerned, but it can
+#      confuse clients with arbitrary URL length limitations.
+#
+#      Enabling split-large-forms causes Privoxy to divide big forms
+#      into smaller ones to keep the URL length down. It makes editing
+#      a lot less convenient and you can no longer submit all changes
+#      at once, but at least it works around this browser bug.
+#
+#      If you don't notice any editing problems, there is no reason
+#      to enable this option, but if one of the submit buttons appears
+#      to be broken, you should give it a try.
+#
+#  Examples:
+#
+#      split-large-forms 1
+#
+split-large-forms 0
+#
+#
+#  5.7. keep-alive-timeout
+#  ========================
+#
+#  Specifies:
+#
+#      Number of seconds after which an open connection will no longer
+#      be reused.
+#
+#  Type of value:
+#
+#      Time in seconds.
+#
+#  Default value:
+#
+#      None
+#
+#  Effect if unset:
+#
+#      Connections are not reused.
+#
+#  Notes:
+#
+#      This option has no effect if Privoxy has been compiled without
+#      keep-alive support.
+#
+#  Notes:
+#
+#      Note that reusing connections doesn't necessary cause
+#      speedups. There are also a few privacy implications you should
+#      be aware of.
+#
+#      Outgoing connections are shared between clients (if there are
+#      more than one) and closing the client that initiated the outgoing
+#      connection does not affect the connection between Privoxy and
+#      the server unless the client's request hasn't been completed
+#      yet. If the outgoing connection is idle, it will not be closed
+#      until either Privoxy's or the server's timeout is reached. While
+#      it's open, the server knows that the system running Privoxy is
+#      still there.
+#
+#  Examples:
+#
+#      keep-alive-timeout 300
+#
+keep-alive-timeout 300
+#
+#
+#  5.8. socket-timeout
+#  ====================
+#
+#  Specifies:
+#
+#      Number of seconds after which a socket times out if no data
+#      is received.
+#
+#  Type of value:
+#
+#      Time in seconds.
+#
+#  Default value:
+#
+#      None
+#
+#  Effect if unset:
+#
+#      A default value of 300 seconds is used.
+#
+#  Notes:
+#
+#      For SOCKS requests the timeout currently doesn't start until
+#      the SOCKS server accepted the request. This will be fixed in
+#      the next release.
+#
+#  Examples:
+#
+#      socket-timeout 300
+#
+socket-timeout 300
+#
+#
+#  6. WINDOWS GUI OPTIONS
+#  =======================
+#
+#  Privoxy has a number of options specific to the Windows GUI
+#  interface:
+#
+#
+#  If "activity-animation" is set to 1, the Privoxy icon will animate
+#  when "Privoxy" is active. To turn off, set to 0.
+#
+#activity-animation   1
+#
+#  If "log-messages" is set to 1, Privoxy will log messages to the
+#  console window:
+#
+#log-messages   1
+#
+#  If "log-buffer-size" is set to 1, the size of the log buffer,
+#  i.e. the amount of memory used for the log messages displayed in
+#  the console window, will be limited to "log-max-lines" (see below).
+#
+#  Warning: Setting this to 0 will result in the buffer to grow
+#  infinitely and eat up all your memory!
+#
+#log-buffer-size 1
+#
+#  log-max-lines is the maximum number of lines held in the log
+#  buffer. See above.
+#
+#log-max-lines 200
+#
+#  If "log-highlight-messages" is set to 1, Privoxy will highlight
+#  portions of the log messages with a bold-faced font:
+#
+#log-highlight-messages 1
+#
+#  The font used in the console window:
+#
+#log-font-name Comic Sans MS
+#
+#  Font size used in the console window:
+#
+#log-font-size 8
+#
+#  "show-on-task-bar" controls whether or not Privoxy will appear as
+#  a button on the Task bar when minimized:
+#
+#show-on-task-bar 0
+#
+#  If "close-button-minimizes" is set to 1, the Windows close button
+#  will minimize Privoxy instead of closing the program (close with
+#  the exit option on the File menu).
+#
+#close-button-minimizes 1
+#
+#  The "hide-console" option is specific to the MS-Win console version
+#  of Privoxy.  If this option is used, Privoxy will disconnect from
+#  and hide the command console.
+#
+#hide-console
+#
+#
diff --git a/external/privoxy/config.guess b/external/privoxy/config.guess
new file mode 100644
index 0000000..f32079a
--- /dev/null
+++ b/external/privoxy/config.guess
@@ -0,0 +1,1526 @@
+#! /bin/sh
+# Attempt to guess a canonical system name.
+#   Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
+#   2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008
+#   Free Software Foundation, Inc.
+
+timestamp='2008-01-23'
+
+# This file is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
+# 02110-1301, USA.
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+
+# Originally written by Per Bothner <per at bothner.com>.
+# Please send patches to <config-patches at gnu.org>.  Submit a context
+# diff and a properly formatted ChangeLog entry.
+#
+# This script attempts to guess a canonical system name similar to
+# config.sub.  If it succeeds, it prints the system name on stdout, and
+# exits with 0.  Otherwise, it exits with 1.
+#
+# The plan is that this can be called by configure scripts if you
+# don't specify an explicit build system type.
+
+me=`echo "$0" | sed -e 's,.*/,,'`
+
+usage="\
+Usage: $0 [OPTION]
+
+Output the configuration name of the system \`$me' is run on.
+
+Operation modes:
+  -h, --help         print this help, then exit
+  -t, --time-stamp   print date of last modification, then exit
+  -v, --version      print version number, then exit
+
+Report bugs and patches to <config-patches at gnu.org>."
+
+version="\
+GNU config.guess ($timestamp)
+
+Originally written by Per Bothner.
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001,
+2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
+
+This is free software; see the source for copying conditions.  There is NO
+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
+
+help="
+Try \`$me --help' for more information."
+
+# Parse command line
+while test $# -gt 0 ; do
+  case $1 in
+    --time-stamp | --time* | -t )
+       echo "$timestamp" ; exit ;;
+    --version | -v )
+       echo "$version" ; exit ;;
+    --help | --h* | -h )
+       echo "$usage"; exit ;;
+    -- )     # Stop option processing
+       shift; break ;;
+    - )	# Use stdin as input.
+       break ;;
+    -* )
+       echo "$me: invalid option $1$help" >&2
+       exit 1 ;;
+    * )
+       break ;;
+  esac
+done
+
+if test $# != 0; then
+  echo "$me: too many arguments$help" >&2
+  exit 1
+fi
+
+trap 'exit 1' 1 2 15
+
+# CC_FOR_BUILD -- compiler used by this script. Note that the use of a
+# compiler to aid in system detection is discouraged as it requires
+# temporary files to be created and, as you can see below, it is a
+# headache to deal with in a portable fashion.
+
+# Historically, `CC_FOR_BUILD' used to be named `HOST_CC'. We still
+# use `HOST_CC' if defined, but it is deprecated.
+
+# Portable tmp directory creation inspired by the Autoconf team.
+
+set_cc_for_build='
+trap "exitcode=\$?; (rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null) && exit \$exitcode" 0 ;
+trap "rm -f \$tmpfiles 2>/dev/null; rmdir \$tmp 2>/dev/null; exit 1" 1 2 13 15 ;
+: ${TMPDIR=/tmp} ;
+ { tmp=`(umask 077 && mktemp -d "$TMPDIR/cgXXXXXX") 2>/dev/null` && test -n "$tmp" && test -d "$tmp" ; } ||
+ { test -n "$RANDOM" && tmp=$TMPDIR/cg$$-$RANDOM && (umask 077 && mkdir $tmp) ; } ||
+ { tmp=$TMPDIR/cg-$$ && (umask 077 && mkdir $tmp) && echo "Warning: creating insecure temp directory" >&2 ; } ||
+ { echo "$me: cannot create a temporary directory in $TMPDIR" >&2 ; exit 1 ; } ;
+dummy=$tmp/dummy ;
+tmpfiles="$dummy.c $dummy.o $dummy.rel $dummy" ;
+case $CC_FOR_BUILD,$HOST_CC,$CC in
+ ,,)    echo "int x;" > $dummy.c ;
+	for c in cc gcc c89 c99 ; do
+	  if ($c -c -o $dummy.o $dummy.c) >/dev/null 2>&1 ; then
+	     CC_FOR_BUILD="$c"; break ;
+	  fi ;
+	done ;
+	if test x"$CC_FOR_BUILD" = x ; then
+	  CC_FOR_BUILD=no_compiler_found ;
+	fi
+	;;
+ ,,*)   CC_FOR_BUILD=$CC ;;
+ ,*,*)  CC_FOR_BUILD=$HOST_CC ;;
+esac ; set_cc_for_build= ;'
+
+# This is needed to find uname on a Pyramid OSx when run in the BSD universe.
+# (ghazi at noc.rutgers.edu 1994-08-24)
+if (test -f /.attbin/uname) >/dev/null 2>&1 ; then
+	PATH=$PATH:/.attbin ; export PATH
+fi
+
+UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown
+UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown
+UNAME_SYSTEM=`(uname -s) 2>/dev/null`  || UNAME_SYSTEM=unknown
+UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown
+
+# Note: order is significant - the case branches are not exclusive.
+
+case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
+    *:NetBSD:*:*)
+	# NetBSD (nbsd) targets should (where applicable) match one or
+	# more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*,
+	# *-*-netbsdecoff* and *-*-netbsd*.  For targets that recently
+	# switched to ELF, *-*-netbsd* would select the old
+	# object file format.  This provides both forward
+	# compatibility and a consistent mechanism for selecting the
+	# object file format.
+	#
+	# Note: NetBSD doesn't particularly care about the vendor
+	# portion of the name.  We always set it to "unknown".
+	sysctl="sysctl -n hw.machine_arch"
+	UNAME_MACHINE_ARCH=`(/sbin/$sysctl 2>/dev/null || \
+	    /usr/sbin/$sysctl 2>/dev/null || echo unknown)`
+	case "${UNAME_MACHINE_ARCH}" in
+	    armeb) machine=armeb-unknown ;;
+	    arm*) machine=arm-unknown ;;
+	    sh3el) machine=shl-unknown ;;
+	    sh3eb) machine=sh-unknown ;;
+	    sh5el) machine=sh5le-unknown ;;
+	    *) machine=${UNAME_MACHINE_ARCH}-unknown ;;
+	esac
+	# The Operating System including object format, if it has switched
+	# to ELF recently, or will in the future.
+	case "${UNAME_MACHINE_ARCH}" in
+	    arm*|i386|m68k|ns32k|sh3*|sparc|vax)
+		eval $set_cc_for_build
+		if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \
+			| grep __ELF__ >/dev/null
+		then
+		    # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout).
+		    # Return netbsd for either.  FIX?
+		    os=netbsd
+		else
+		    os=netbsdelf
+		fi
+		;;
+	    *)
+	        os=netbsd
+		;;
+	esac
+	# The OS release
+	# Debian GNU/NetBSD machines have a different userland, and
+	# thus, need a distinct triplet. However, they do not need
+	# kernel version information, so it can be replaced with a
+	# suitable tag, in the style of linux-gnu.
+	case "${UNAME_VERSION}" in
+	    Debian*)
+		release='-gnu'
+		;;
+	    *)
+		release=`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'`
+		;;
+	esac
+	# Since CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM:
+	# contains redundant information, the shorter form:
+	# CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used.
+	echo "${machine}-${os}${release}"
+	exit ;;
+    *:OpenBSD:*:*)
+	UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'`
+	echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE}
+	exit ;;
+    *:ekkoBSD:*:*)
+	echo ${UNAME_MACHINE}-unknown-ekkobsd${UNAME_RELEASE}
+	exit ;;
+    *:SolidBSD:*:*)
+	echo ${UNAME_MACHINE}-unknown-solidbsd${UNAME_RELEASE}
+	exit ;;
+    macppc:MirBSD:*:*)
+	echo powerpc-unknown-mirbsd${UNAME_RELEASE}
+	exit ;;
+    *:MirBSD:*:*)
+	echo ${UNAME_MACHINE}-unknown-mirbsd${UNAME_RELEASE}
+	exit ;;
+    alpha:OSF1:*:*)
+	case $UNAME_RELEASE in
+	*4.0)
+		UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'`
+		;;
+	*5.*)
+	        UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'`
+		;;
+	esac
+	# According to Compaq, /usr/sbin/psrinfo has been available on
+	# OSF/1 and Tru64 systems produced since 1995.  I hope that
+	# covers most systems running today.  This code pipes the CPU
+	# types through head -n 1, so we only detect the type of CPU 0.
+	ALPHA_CPU_TYPE=`/usr/sbin/psrinfo -v | sed -n -e 's/^  The alpha \(.*\) processor.*$/\1/p' | head -n 1`
+	case "$ALPHA_CPU_TYPE" in
+	    "EV4 (21064)")
+		UNAME_MACHINE="alpha" ;;
+	    "EV4.5 (21064)")
+		UNAME_MACHINE="alpha" ;;
+	    "LCA4 (21066/21068)")
+		UNAME_MACHINE="alpha" ;;
+	    "EV5 (21164)")
+		UNAME_MACHINE="alphaev5" ;;
+	    "EV5.6 (21164A)")
+		UNAME_MACHINE="alphaev56" ;;
+	    "EV5.6 (21164PC)")
+		UNAME_MACHINE="alphapca56" ;;
+	    "EV5.7 (21164PC)")
+		UNAME_MACHINE="alphapca57" ;;
+	    "EV6 (21264)")
+		UNAME_MACHINE="alphaev6" ;;
+	    "EV6.7 (21264A)")
+		UNAME_MACHINE="alphaev67" ;;
+	    "EV6.8CB (21264C)")
+		UNAME_MACHINE="alphaev68" ;;
+	    "EV6.8AL (21264B)")
+		UNAME_MACHINE="alphaev68" ;;
+	    "EV6.8CX (21264D)")
+		UNAME_MACHINE="alphaev68" ;;
+	    "EV6.9A (21264/EV69A)")
+		UNAME_MACHINE="alphaev69" ;;
+	    "EV7 (21364)")
+		UNAME_MACHINE="alphaev7" ;;
+	    "EV7.9 (21364A)")
+		UNAME_MACHINE="alphaev79" ;;
+	esac
+	# A Pn.n version is a patched version.
+	# A Vn.n version is a released version.
+	# A Tn.n version is a released field test version.
+	# A Xn.n version is an unreleased experimental baselevel.
+	# 1.2 uses "1.2" for uname -r.
+	echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
+	exit ;;
+    Alpha\ *:Windows_NT*:*)
+	# How do we know it's Interix rather than the generic POSIX subsystem?
+	# Should we change UNAME_MACHINE based on the output of uname instead
+	# of the specific Alpha model?
+	echo alpha-pc-interix
+	exit ;;
+    21064:Windows_NT:50:3)
+	echo alpha-dec-winnt3.5
+	exit ;;
+    Amiga*:UNIX_System_V:4.0:*)
+	echo m68k-unknown-sysv4
+	exit ;;
+    *:[Aa]miga[Oo][Ss]:*:*)
+	echo ${UNAME_MACHINE}-unknown-amigaos
+	exit ;;
+    *:[Mm]orph[Oo][Ss]:*:*)
+	echo ${UNAME_MACHINE}-unknown-morphos
+	exit ;;
+    *:OS/390:*:*)
+	echo i370-ibm-openedition
+	exit ;;
+    *:z/VM:*:*)
+	echo s390-ibm-zvmoe
+	exit ;;
+    *:OS400:*:*)
+        echo powerpc-ibm-os400
+	exit ;;
+    arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*)
+	echo arm-acorn-riscix${UNAME_RELEASE}
+	exit ;;
+    arm:riscos:*:*|arm:RISCOS:*:*)
+	echo arm-unknown-riscos
+	exit ;;
+    SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*)
+	echo hppa1.1-hitachi-hiuxmpp
+	exit ;;
+    Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*)
+	# akee at wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE.
+	if test "`(/bin/universe) 2>/dev/null`" = att ; then
+		echo pyramid-pyramid-sysv3
+	else
+		echo pyramid-pyramid-bsd
+	fi
+	exit ;;
+    NILE*:*:*:dcosx)
+	echo pyramid-pyramid-svr4
+	exit ;;
+    DRS?6000:unix:4.0:6*)
+	echo sparc-icl-nx6
+	exit ;;
+    DRS?6000:UNIX_SV:4.2*:7* | DRS?6000:isis:4.2*:7*)
+	case `/usr/bin/uname -p` in
+	    sparc) echo sparc-icl-nx7; exit ;;
+	esac ;;
+    sun4H:SunOS:5.*:*)
+	echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit ;;
+    sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*)
+	echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit ;;
+    i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*)
+	echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit ;;
+    sun4*:SunOS:6*:*)
+	# According to config.sub, this is the proper way to canonicalize
+	# SunOS6.  Hard to guess exactly what SunOS6 will be like, but
+	# it's likely to be more like Solaris than SunOS4.
+	echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit ;;
+    sun4*:SunOS:*:*)
+	case "`/usr/bin/arch -k`" in
+	    Series*|S4*)
+		UNAME_RELEASE=`uname -v`
+		;;
+	esac
+	# Japanese Language versions have a version number like `4.1.3-JL'.
+	echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'`
+	exit ;;
+    sun3*:SunOS:*:*)
+	echo m68k-sun-sunos${UNAME_RELEASE}
+	exit ;;
+    sun*:*:4.2BSD:*)
+	UNAME_RELEASE=`(sed 1q /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null`
+	test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3
+	case "`/bin/arch`" in
+	    sun3)
+		echo m68k-sun-sunos${UNAME_RELEASE}
+		;;
+	    sun4)
+		echo sparc-sun-sunos${UNAME_RELEASE}
+		;;
+	esac
+	exit ;;
+    aushp:SunOS:*:*)
+	echo sparc-auspex-sunos${UNAME_RELEASE}
+	exit ;;
+    # The situation for MiNT is a little confusing.  The machine name
+    # can be virtually everything (everything which is not
+    # "atarist" or "atariste" at least should have a processor
+    # > m68000).  The system name ranges from "MiNT" over "FreeMiNT"
+    # to the lowercase version "mint" (or "freemint").  Finally
+    # the system name "TOS" denotes a system which is actually not
+    # MiNT.  But MiNT is downward compatible to TOS, so this should
+    # be no problem.
+    atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*)
+        echo m68k-atari-mint${UNAME_RELEASE}
+	exit ;;
+    atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*)
+	echo m68k-atari-mint${UNAME_RELEASE}
+        exit ;;
+    *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*)
+        echo m68k-atari-mint${UNAME_RELEASE}
+	exit ;;
+    milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*)
+        echo m68k-milan-mint${UNAME_RELEASE}
+        exit ;;
+    hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*)
+        echo m68k-hades-mint${UNAME_RELEASE}
+        exit ;;
+    *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*)
+        echo m68k-unknown-mint${UNAME_RELEASE}
+        exit ;;
+    m68k:machten:*:*)
+	echo m68k-apple-machten${UNAME_RELEASE}
+	exit ;;
+    powerpc:machten:*:*)
+	echo powerpc-apple-machten${UNAME_RELEASE}
+	exit ;;
+    RISC*:Mach:*:*)
+	echo mips-dec-mach_bsd4.3
+	exit ;;
+    RISC*:ULTRIX:*:*)
+	echo mips-dec-ultrix${UNAME_RELEASE}
+	exit ;;
+    VAX*:ULTRIX*:*:*)
+	echo vax-dec-ultrix${UNAME_RELEASE}
+	exit ;;
+    2020:CLIX:*:* | 2430:CLIX:*:*)
+	echo clipper-intergraph-clix${UNAME_RELEASE}
+	exit ;;
+    mips:*:*:UMIPS | mips:*:*:RISCos)
+	eval $set_cc_for_build
+	sed 's/^	//' << EOF >$dummy.c
+#ifdef __cplusplus
+#include <stdio.h>  /* for printf() prototype */
+	int main (int argc, char *argv[]) {
+#else
+	int main (argc, argv) int argc; char *argv[]; {
+#endif
+	#if defined (host_mips) && defined (MIPSEB)
+	#if defined (SYSTYPE_SYSV)
+	  printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0);
+	#endif
+	#if defined (SYSTYPE_SVR4)
+	  printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0);
+	#endif
+	#if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD)
+	  printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0);
+	#endif
+	#endif
+	  exit (-1);
+	}
+EOF
+	$CC_FOR_BUILD -o $dummy $dummy.c &&
+	  dummyarg=`echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` &&
+	  SYSTEM_NAME=`$dummy $dummyarg` &&
+	    { echo "$SYSTEM_NAME"; exit; }
+	echo mips-mips-riscos${UNAME_RELEASE}
+	exit ;;
+    Motorola:PowerMAX_OS:*:*)
+	echo powerpc-motorola-powermax
+	exit ;;
+    Motorola:*:4.3:PL8-*)
+	echo powerpc-harris-powermax
+	exit ;;
+    Night_Hawk:*:*:PowerMAX_OS | Synergy:PowerMAX_OS:*:*)
+	echo powerpc-harris-powermax
+	exit ;;
+    Night_Hawk:Power_UNIX:*:*)
+	echo powerpc-harris-powerunix
+	exit ;;
+    m88k:CX/UX:7*:*)
+	echo m88k-harris-cxux7
+	exit ;;
+    m88k:*:4*:R4*)
+	echo m88k-motorola-sysv4
+	exit ;;
+    m88k:*:3*:R3*)
+	echo m88k-motorola-sysv3
+	exit ;;
+    AViiON:dgux:*:*)
+        # DG/UX returns AViiON for all architectures
+        UNAME_PROCESSOR=`/usr/bin/uname -p`
+	if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ]
+	then
+	    if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \
+	       [ ${TARGET_BINARY_INTERFACE}x = x ]
+	    then
+		echo m88k-dg-dgux${UNAME_RELEASE}
+	    else
+		echo m88k-dg-dguxbcs${UNAME_RELEASE}
+	    fi
+	else
+	    echo i586-dg-dgux${UNAME_RELEASE}
+	fi
+ 	exit ;;
+    M88*:DolphinOS:*:*)	# DolphinOS (SVR3)
+	echo m88k-dolphin-sysv3
+	exit ;;
+    M88*:*:R3*:*)
+	# Delta 88k system running SVR3
+	echo m88k-motorola-sysv3
+	exit ;;
+    XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3)
+	echo m88k-tektronix-sysv3
+	exit ;;
+    Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD)
+	echo m68k-tektronix-bsd
+	exit ;;
+    *:IRIX*:*:*)
+	echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'`
+	exit ;;
+    ????????:AIX?:[12].1:2)   # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX.
+	echo romp-ibm-aix     # uname -m gives an 8 hex-code CPU id
+	exit ;;               # Note that: echo "'`uname -s`'" gives 'AIX '
+    i*86:AIX:*:*)
+	echo i386-ibm-aix
+	exit ;;
+    ia64:AIX:*:*)
+	if [ -x /usr/bin/oslevel ] ; then
+		IBM_REV=`/usr/bin/oslevel`
+	else
+		IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE}
+	fi
+	echo ${UNAME_MACHINE}-ibm-aix${IBM_REV}
+	exit ;;
+    *:AIX:2:3)
+	if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then
+		eval $set_cc_for_build
+		sed 's/^		//' << EOF >$dummy.c
+		#include <sys/systemcfg.h>
+
+		main()
+			{
+			if (!__power_pc())
+				exit(1);
+			puts("powerpc-ibm-aix3.2.5");
+			exit(0);
+			}
+EOF
+		if $CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy`
+		then
+			echo "$SYSTEM_NAME"
+		else
+			echo rs6000-ibm-aix3.2.5
+		fi
+	elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then
+		echo rs6000-ibm-aix3.2.4
+	else
+		echo rs6000-ibm-aix3.2
+	fi
+	exit ;;
+    *:AIX:*:[456])
+	IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'`
+	if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then
+		IBM_ARCH=rs6000
+	else
+		IBM_ARCH=powerpc
+	fi
+	if [ -x /usr/bin/oslevel ] ; then
+		IBM_REV=`/usr/bin/oslevel`
+	else
+		IBM_REV=${UNAME_VERSION}.${UNAME_RELEASE}
+	fi
+	echo ${IBM_ARCH}-ibm-aix${IBM_REV}
+	exit ;;
+    *:AIX:*:*)
+	echo rs6000-ibm-aix
+	exit ;;
+    ibmrt:4.4BSD:*|romp-ibm:BSD:*)
+	echo romp-ibm-bsd4.4
+	exit ;;
+    ibmrt:*BSD:*|romp-ibm:BSD:*)            # covers RT/PC BSD and
+	echo romp-ibm-bsd${UNAME_RELEASE}   # 4.3 with uname added to
+	exit ;;                             # report: romp-ibm BSD 4.3
+    *:BOSX:*:*)
+	echo rs6000-bull-bosx
+	exit ;;
+    DPX/2?00:B.O.S.:*:*)
+	echo m68k-bull-sysv3
+	exit ;;
+    9000/[34]??:4.3bsd:1.*:*)
+	echo m68k-hp-bsd
+	exit ;;
+    hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*)
+	echo m68k-hp-bsd4.4
+	exit ;;
+    9000/[34678]??:HP-UX:*:*)
+	HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'`
+	case "${UNAME_MACHINE}" in
+	    9000/31? )            HP_ARCH=m68000 ;;
+	    9000/[34]?? )         HP_ARCH=m68k ;;
+	    9000/[678][0-9][0-9])
+		if [ -x /usr/bin/getconf ]; then
+		    sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null`
+                    sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null`
+                    case "${sc_cpu_version}" in
+                      523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0
+                      528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1
+                      532)                      # CPU_PA_RISC2_0
+                        case "${sc_kernel_bits}" in
+                          32) HP_ARCH="hppa2.0n" ;;
+                          64) HP_ARCH="hppa2.0w" ;;
+			  '') HP_ARCH="hppa2.0" ;;   # HP-UX 10.20
+                        esac ;;
+                    esac
+		fi
+		if [ "${HP_ARCH}" = "" ]; then
+		    eval $set_cc_for_build
+		    sed 's/^              //' << EOF >$dummy.c
+
+              #define _HPUX_SOURCE
+              #include <stdlib.h>
+              #include <unistd.h>
+
+              int main ()
+              {
+              #if defined(_SC_KERNEL_BITS)
+                  long bits = sysconf(_SC_KERNEL_BITS);
+              #endif
+                  long cpu  = sysconf (_SC_CPU_VERSION);
+
+                  switch (cpu)
+              	{
+              	case CPU_PA_RISC1_0: puts ("hppa1.0"); break;
+              	case CPU_PA_RISC1_1: puts ("hppa1.1"); break;
+              	case CPU_PA_RISC2_0:
+              #if defined(_SC_KERNEL_BITS)
+              	    switch (bits)
+              		{
+              		case 64: puts ("hppa2.0w"); break;
+              		case 32: puts ("hppa2.0n"); break;
+              		default: puts ("hppa2.0"); break;
+              		} break;
+              #else  /* !defined(_SC_KERNEL_BITS) */
+              	    puts ("hppa2.0"); break;
+              #endif
+              	default: puts ("hppa1.0"); break;
+              	}
+                  exit (0);
+              }
+EOF
+		    (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy`
+		    test -z "$HP_ARCH" && HP_ARCH=hppa
+		fi ;;
+	esac
+	if [ ${HP_ARCH} = "hppa2.0w" ]
+	then
+	    eval $set_cc_for_build
+
+	    # hppa2.0w-hp-hpux* has a 64-bit kernel and a compiler generating
+	    # 32-bit code.  hppa64-hp-hpux* has the same kernel and a compiler
+	    # generating 64-bit code.  GNU and HP use different nomenclature:
+	    #
+	    # $ CC_FOR_BUILD=cc ./config.guess
+	    # => hppa2.0w-hp-hpux11.23
+	    # $ CC_FOR_BUILD="cc +DA2.0w" ./config.guess
+	    # => hppa64-hp-hpux11.23
+
+	    if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) |
+		grep __LP64__ >/dev/null
+	    then
+		HP_ARCH="hppa2.0w"
+	    else
+		HP_ARCH="hppa64"
+	    fi
+	fi
+	echo ${HP_ARCH}-hp-hpux${HPUX_REV}
+	exit ;;
+    ia64:HP-UX:*:*)
+	HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'`
+	echo ia64-hp-hpux${HPUX_REV}
+	exit ;;
+    3050*:HI-UX:*:*)
+	eval $set_cc_for_build
+	sed 's/^	//' << EOF >$dummy.c
+	#include <unistd.h>
+	int
+	main ()
+	{
+	  long cpu = sysconf (_SC_CPU_VERSION);
+	  /* The order matters, because CPU_IS_HP_MC68K erroneously returns
+	     true for CPU_PA_RISC1_0.  CPU_IS_PA_RISC returns correct
+	     results, however.  */
+	  if (CPU_IS_PA_RISC (cpu))
+	    {
+	      switch (cpu)
+		{
+		  case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break;
+		  case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break;
+		  case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break;
+		  default: puts ("hppa-hitachi-hiuxwe2"); break;
+		}
+	    }
+	  else if (CPU_IS_HP_MC68K (cpu))
+	    puts ("m68k-hitachi-hiuxwe2");
+	  else puts ("unknown-hitachi-hiuxwe2");
+	  exit (0);
+	}
+EOF
+	$CC_FOR_BUILD -o $dummy $dummy.c && SYSTEM_NAME=`$dummy` &&
+		{ echo "$SYSTEM_NAME"; exit; }
+	echo unknown-hitachi-hiuxwe2
+	exit ;;
+    9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* )
+	echo hppa1.1-hp-bsd
+	exit ;;
+    9000/8??:4.3bsd:*:*)
+	echo hppa1.0-hp-bsd
+	exit ;;
+    *9??*:MPE/iX:*:* | *3000*:MPE/iX:*:*)
+	echo hppa1.0-hp-mpeix
+	exit ;;
+    hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* )
+	echo hppa1.1-hp-osf
+	exit ;;
+    hp8??:OSF1:*:*)
+	echo hppa1.0-hp-osf
+	exit ;;
+    i*86:OSF1:*:*)
+	if [ -x /usr/sbin/sysversion ] ; then
+	    echo ${UNAME_MACHINE}-unknown-osf1mk
+	else
+	    echo ${UNAME_MACHINE}-unknown-osf1
+	fi
+	exit ;;
+    parisc*:Lites*:*:*)
+	echo hppa1.1-hp-lites
+	exit ;;
+    C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*)
+	echo c1-convex-bsd
+        exit ;;
+    C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*)
+	if getsysinfo -f scalar_acc
+	then echo c32-convex-bsd
+	else echo c2-convex-bsd
+	fi
+        exit ;;
+    C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*)
+	echo c34-convex-bsd
+        exit ;;
+    C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*)
+	echo c38-convex-bsd
+        exit ;;
+    C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*)
+	echo c4-convex-bsd
+        exit ;;
+    CRAY*Y-MP:*:*:*)
+	echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+	exit ;;
+    CRAY*[A-Z]90:*:*:*)
+	echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \
+	| sed -e 's/CRAY.*\([A-Z]90\)/\1/' \
+	      -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/ \
+	      -e 's/\.[^.]*$/.X/'
+	exit ;;
+    CRAY*TS:*:*:*)
+	echo t90-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+	exit ;;
+    CRAY*T3E:*:*:*)
+	echo alphaev5-cray-unicosmk${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+	exit ;;
+    CRAY*SV1:*:*:*)
+	echo sv1-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+	exit ;;
+    *:UNICOS/mp:*:*)
+	echo craynv-cray-unicosmp${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/'
+	exit ;;
+    F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*)
+	FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
+        FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
+        FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'`
+        echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
+        exit ;;
+    5000:UNIX_System_V:4.*:*)
+        FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
+        FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'`
+        echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
+	exit ;;
+    i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*)
+	echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE}
+	exit ;;
+    sparc*:BSD/OS:*:*)
+	echo sparc-unknown-bsdi${UNAME_RELEASE}
+	exit ;;
+    *:BSD/OS:*:*)
+	echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE}
+	exit ;;
+    *:FreeBSD:*:*)
+	case ${UNAME_MACHINE} in
+	    pc98)
+		echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
+	    amd64)
+		echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
+	    *)
+		echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;;
+	esac
+	exit ;;
+    i*:CYGWIN*:*)
+	echo ${UNAME_MACHINE}-pc-cygwin
+	exit ;;
+    *:MINGW*:*)
+	echo ${UNAME_MACHINE}-pc-mingw32
+	exit ;;
+    i*:windows32*:*)
+    	# uname -m includes "-pc" on this system.
+    	echo ${UNAME_MACHINE}-mingw32
+	exit ;;
+    i*:PW*:*)
+	echo ${UNAME_MACHINE}-pc-pw32
+	exit ;;
+    *:Interix*:[3456]*)
+    	case ${UNAME_MACHINE} in
+	    x86)
+		echo i586-pc-interix${UNAME_RELEASE}
+		exit ;;
+	    EM64T | authenticamd)
+		echo x86_64-unknown-interix${UNAME_RELEASE}
+		exit ;;
+	    IA64)
+		echo ia64-unknown-interix${UNAME_RELEASE}
+		exit ;;
+	esac ;;
+    [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*)
+	echo i${UNAME_MACHINE}-pc-mks
+	exit ;;
+    i*:Windows_NT*:* | Pentium*:Windows_NT*:*)
+	# How do we know it's Interix rather than the generic POSIX subsystem?
+	# It also conflicts with pre-2.0 versions of AT&T UWIN. Should we
+	# UNAME_MACHINE based on the output of uname instead of i386?
+	echo i586-pc-interix
+	exit ;;
+    i*:UWIN*:*)
+	echo ${UNAME_MACHINE}-pc-uwin
+	exit ;;
+    amd64:CYGWIN*:*:* | x86_64:CYGWIN*:*:*)
+	echo x86_64-unknown-cygwin
+	exit ;;
+    p*:CYGWIN*:*)
+	echo powerpcle-unknown-cygwin
+	exit ;;
+    prep*:SunOS:5.*:*)
+	echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit ;;
+    *:GNU:*:*)
+	# the GNU system
+	echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'`
+	exit ;;
+    *:GNU/*:*:*)
+	# other systems with GNU libc and userland
+	echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu
+	exit ;;
+    i*86:Minix:*:*)
+	echo ${UNAME_MACHINE}-pc-minix
+	exit ;;
+    arm*:Linux:*:*)
+	eval $set_cc_for_build
+	if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \
+	    | grep -q __ARM_EABI__
+	then
+	    echo ${UNAME_MACHINE}-unknown-linux-gnu
+	else
+	    echo ${UNAME_MACHINE}-unknown-linux-gnueabi
+	fi
+	exit ;;
+    avr32*:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	exit ;;
+    cris:Linux:*:*)
+	echo cris-axis-linux-gnu
+	exit ;;
+    crisv32:Linux:*:*)
+	echo crisv32-axis-linux-gnu
+	exit ;;
+    frv:Linux:*:*)
+    	echo frv-unknown-linux-gnu
+	exit ;;
+    ia64:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	exit ;;
+    m32r*:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	exit ;;
+    m68*:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	exit ;;
+    mips:Linux:*:*)
+	eval $set_cc_for_build
+	sed 's/^	//' << EOF >$dummy.c
+	#undef CPU
+	#undef mips
+	#undef mipsel
+	#if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
+	CPU=mipsel
+	#else
+	#if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
+	CPU=mips
+	#else
+	CPU=
+	#endif
+	#endif
+EOF
+	eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
+	    /^CPU/{
+		s: ::g
+		p
+	    }'`"
+	test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; }
+	;;
+    mips64:Linux:*:*)
+	eval $set_cc_for_build
+	sed 's/^	//' << EOF >$dummy.c
+	#undef CPU
+	#undef mips64
+	#undef mips64el
+	#if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL)
+	CPU=mips64el
+	#else
+	#if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB)
+	CPU=mips64
+	#else
+	CPU=
+	#endif
+	#endif
+EOF
+	eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
+	    /^CPU/{
+		s: ::g
+		p
+	    }'`"
+	test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; }
+	;;
+    or32:Linux:*:*)
+	echo or32-unknown-linux-gnu
+	exit ;;
+    ppc:Linux:*:*)
+	echo powerpc-unknown-linux-gnu
+	exit ;;
+    ppc64:Linux:*:*)
+	echo powerpc64-unknown-linux-gnu
+	exit ;;
+    alpha:Linux:*:*)
+	case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in
+	  EV5)   UNAME_MACHINE=alphaev5 ;;
+	  EV56)  UNAME_MACHINE=alphaev56 ;;
+	  PCA56) UNAME_MACHINE=alphapca56 ;;
+	  PCA57) UNAME_MACHINE=alphapca56 ;;
+	  EV6)   UNAME_MACHINE=alphaev6 ;;
+	  EV67)  UNAME_MACHINE=alphaev67 ;;
+	  EV68*) UNAME_MACHINE=alphaev68 ;;
+        esac
+	objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null
+	if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi
+	echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC}
+	exit ;;
+    parisc:Linux:*:* | hppa:Linux:*:*)
+	# Look for CPU level
+	case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in
+	  PA7*) echo hppa1.1-unknown-linux-gnu ;;
+	  PA8*) echo hppa2.0-unknown-linux-gnu ;;
+	  *)    echo hppa-unknown-linux-gnu ;;
+	esac
+	exit ;;
+    parisc64:Linux:*:* | hppa64:Linux:*:*)
+	echo hppa64-unknown-linux-gnu
+	exit ;;
+    s390:Linux:*:* | s390x:Linux:*:*)
+	echo ${UNAME_MACHINE}-ibm-linux
+	exit ;;
+    sh64*:Linux:*:*)
+    	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	exit ;;
+    sh*:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	exit ;;
+    sparc:Linux:*:* | sparc64:Linux:*:*)
+	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	exit ;;
+    vax:Linux:*:*)
+	echo ${UNAME_MACHINE}-dec-linux-gnu
+	exit ;;
+    x86_64:Linux:*:*)
+	echo x86_64-unknown-linux-gnu
+	exit ;;
+    xtensa*:Linux:*:*)
+    	echo ${UNAME_MACHINE}-unknown-linux-gnu
+	exit ;;
+    i*86:Linux:*:*)
+	# The BFD linker knows what the default object file format is, so
+	# first see if it will tell us. cd to the root directory to prevent
+	# problems with other programs or directories called `ld' in the path.
+	# Set LC_ALL=C to ensure ld outputs messages in English.
+	ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \
+			 | sed -ne '/supported targets:/!d
+				    s/[ 	][ 	]*/ /g
+				    s/.*supported targets: *//
+				    s/ .*//
+				    p'`
+        case "$ld_supported_targets" in
+	  elf32-i386)
+		TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu"
+		;;
+	  a.out-i386-linux)
+		echo "${UNAME_MACHINE}-pc-linux-gnuaout"
+		exit ;;
+	  coff-i386)
+		echo "${UNAME_MACHINE}-pc-linux-gnucoff"
+		exit ;;
+	  "")
+		# Either a pre-BFD a.out linker (linux-gnuoldld) or
+		# one that does not give us useful --help.
+		echo "${UNAME_MACHINE}-pc-linux-gnuoldld"
+		exit ;;
+	esac
+	# Determine whether the default compiler is a.out or elf
+	eval $set_cc_for_build
+	sed 's/^	//' << EOF >$dummy.c
+	#include <features.h>
+	#ifdef __ELF__
+	# ifdef __GLIBC__
+	#  if __GLIBC__ >= 2
+	LIBC=gnu
+	#  else
+	LIBC=gnulibc1
+	#  endif
+	# else
+	LIBC=gnulibc1
+	# endif
+	#else
+	#if defined(__INTEL_COMPILER) || defined(__PGI) || defined(__SUNPRO_C) || defined(__SUNPRO_CC)
+	LIBC=gnu
+	#else
+	LIBC=gnuaout
+	#endif
+	#endif
+	#ifdef __dietlibc__
+	LIBC=dietlibc
+	#endif
+EOF
+	eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n '
+	    /^LIBC/{
+		s: ::g
+		p
+	    }'`"
+	test x"${LIBC}" != x && {
+		echo "${UNAME_MACHINE}-pc-linux-${LIBC}"
+		exit
+	}
+	test x"${TENTATIVE}" != x && { echo "${TENTATIVE}"; exit; }
+	;;
+    i*86:DYNIX/ptx:4*:*)
+	# ptx 4.0 does uname -s correctly, with DYNIX/ptx in there.
+	# earlier versions are messed up and put the nodename in both
+	# sysname and nodename.
+	echo i386-sequent-sysv4
+	exit ;;
+    i*86:UNIX_SV:4.2MP:2.*)
+        # Unixware is an offshoot of SVR4, but it has its own version
+        # number series starting with 2...
+        # I am not positive that other SVR4 systems won't match this,
+	# I just have to hope.  -- rms.
+        # Use sysv4.2uw... so that sysv4* matches it.
+	echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION}
+	exit ;;
+    i*86:OS/2:*:*)
+	# If we were able to find `uname', then EMX Unix compatibility
+	# is probably installed.
+	echo ${UNAME_MACHINE}-pc-os2-emx
+	exit ;;
+    i*86:XTS-300:*:STOP)
+	echo ${UNAME_MACHINE}-unknown-stop
+	exit ;;
+    i*86:atheos:*:*)
+	echo ${UNAME_MACHINE}-unknown-atheos
+	exit ;;
+    i*86:syllable:*:*)
+	echo ${UNAME_MACHINE}-pc-syllable
+	exit ;;
+    i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*)
+	echo i386-unknown-lynxos${UNAME_RELEASE}
+	exit ;;
+    i*86:*DOS:*:*)
+	echo ${UNAME_MACHINE}-pc-msdosdjgpp
+	exit ;;
+    i*86:*:4.*:* | i*86:SYSTEM_V:4.*:*)
+	UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'`
+	if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then
+		echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL}
+	else
+		echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL}
+	fi
+	exit ;;
+    i*86:*:5:[678]*)
+    	# UnixWare 7.x, OpenUNIX and OpenServer 6.
+	case `/bin/uname -X | grep "^Machine"` in
+	    *486*)	     UNAME_MACHINE=i486 ;;
+	    *Pentium)	     UNAME_MACHINE=i586 ;;
+	    *Pent*|*Celeron) UNAME_MACHINE=i686 ;;
+	esac
+	echo ${UNAME_MACHINE}-unknown-sysv${UNAME_RELEASE}${UNAME_SYSTEM}${UNAME_VERSION}
+	exit ;;
+    i*86:*:3.2:*)
+	if test -f /usr/options/cb.name; then
+		UNAME_REL=`sed -n 's/.*Version //p' </usr/options/cb.name`
+		echo ${UNAME_MACHINE}-pc-isc$UNAME_REL
+	elif /bin/uname -X 2>/dev/null >/dev/null ; then
+		UNAME_REL=`(/bin/uname -X|grep Release|sed -e 's/.*= //')`
+		(/bin/uname -X|grep i80486 >/dev/null) && UNAME_MACHINE=i486
+		(/bin/uname -X|grep '^Machine.*Pentium' >/dev/null) \
+			&& UNAME_MACHINE=i586
+		(/bin/uname -X|grep '^Machine.*Pent *II' >/dev/null) \
+			&& UNAME_MACHINE=i686
+		(/bin/uname -X|grep '^Machine.*Pentium Pro' >/dev/null) \
+			&& UNAME_MACHINE=i686
+		echo ${UNAME_MACHINE}-pc-sco$UNAME_REL
+	else
+		echo ${UNAME_MACHINE}-pc-sysv32
+	fi
+	exit ;;
+    pc:*:*:*)
+	# Left here for compatibility:
+        # uname -m prints for DJGPP always 'pc', but it prints nothing about
+        # the processor, so we play safe by assuming i386.
+	echo i386-pc-msdosdjgpp
+        exit ;;
+    Intel:Mach:3*:*)
+	echo i386-pc-mach3
+	exit ;;
+    paragon:*:*:*)
+	echo i860-intel-osf1
+	exit ;;
+    i860:*:4.*:*) # i860-SVR4
+	if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then
+	  echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4
+	else # Add other i860-SVR4 vendors below as they are discovered.
+	  echo i860-unknown-sysv${UNAME_RELEASE}  # Unknown i860-SVR4
+	fi
+	exit ;;
+    mini*:CTIX:SYS*5:*)
+	# "miniframe"
+	echo m68010-convergent-sysv
+	exit ;;
+    mc68k:UNIX:SYSTEM5:3.51m)
+	echo m68k-convergent-sysv
+	exit ;;
+    M680?0:D-NIX:5.3:*)
+	echo m68k-diab-dnix
+	exit ;;
+    M68*:*:R3V[5678]*:*)
+	test -r /sysV68 && { echo 'm68k-motorola-sysv'; exit; } ;;
+    3[345]??:*:4.0:3.0 | 3[34]??A:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 3[34]??/*:*:4.0:3.0 | 4400:*:4.0:3.0 | 4850:*:4.0:3.0 | SKA40:*:4.0:3.0 | SDS2:*:4.0:3.0 | SHG2:*:4.0:3.0 | S7501*:*:4.0:3.0)
+	OS_REL=''
+	test -r /etc/.relid \
+	&& OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid`
+	/bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+	  && { echo i486-ncr-sysv4.3${OS_REL}; exit; }
+	/bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
+	  && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;;
+    3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
+        /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+          && { echo i486-ncr-sysv4; exit; } ;;
+    m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*)
+	echo m68k-unknown-lynxos${UNAME_RELEASE}
+	exit ;;
+    mc68030:UNIX_System_V:4.*:*)
+	echo m68k-atari-sysv4
+	exit ;;
+    TSUNAMI:LynxOS:2.*:*)
+	echo sparc-unknown-lynxos${UNAME_RELEASE}
+	exit ;;
+    rs6000:LynxOS:2.*:*)
+	echo rs6000-unknown-lynxos${UNAME_RELEASE}
+	exit ;;
+    PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*)
+	echo powerpc-unknown-lynxos${UNAME_RELEASE}
+	exit ;;
+    SM[BE]S:UNIX_SV:*:*)
+	echo mips-dde-sysv${UNAME_RELEASE}
+	exit ;;
+    RM*:ReliantUNIX-*:*:*)
+	echo mips-sni-sysv4
+	exit ;;
+    RM*:SINIX-*:*:*)
+	echo mips-sni-sysv4
+	exit ;;
+    *:SINIX-*:*:*)
+	if uname -p 2>/dev/null >/dev/null ; then
+		UNAME_MACHINE=`(uname -p) 2>/dev/null`
+		echo ${UNAME_MACHINE}-sni-sysv4
+	else
+		echo ns32k-sni-sysv
+	fi
+	exit ;;
+    PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort
+                      # says <Richard.M.Bartel at ccMail.Census.GOV>
+        echo i586-unisys-sysv4
+        exit ;;
+    *:UNIX_System_V:4*:FTX*)
+	# From Gerald Hewes <hewes at openmarket.com>.
+	# How about differentiating between stratus architectures? -djm
+	echo hppa1.1-stratus-sysv4
+	exit ;;
+    *:*:*:FTX*)
+	# From seanf at swdc.stratus.com.
+	echo i860-stratus-sysv4
+	exit ;;
+    i*86:VOS:*:*)
+	# From Paul.Green at stratus.com.
+	echo ${UNAME_MACHINE}-stratus-vos
+	exit ;;
+    *:VOS:*:*)
+	# From Paul.Green at stratus.com.
+	echo hppa1.1-stratus-vos
+	exit ;;
+    mc68*:A/UX:*:*)
+	echo m68k-apple-aux${UNAME_RELEASE}
+	exit ;;
+    news*:NEWS-OS:6*:*)
+	echo mips-sony-newsos6
+	exit ;;
+    R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*)
+	if [ -d /usr/nec ]; then
+	        echo mips-nec-sysv${UNAME_RELEASE}
+	else
+	        echo mips-unknown-sysv${UNAME_RELEASE}
+	fi
+        exit ;;
+    BeBox:BeOS:*:*)	# BeOS running on hardware made by Be, PPC only.
+	echo powerpc-be-beos
+	exit ;;
+    BeMac:BeOS:*:*)	# BeOS running on Mac or Mac clone, PPC only.
+	echo powerpc-apple-beos
+	exit ;;
+    BePC:BeOS:*:*)	# BeOS running on Intel PC compatible.
+	echo i586-pc-beos
+	exit ;;
+    SX-4:SUPER-UX:*:*)
+	echo sx4-nec-superux${UNAME_RELEASE}
+	exit ;;
+    SX-5:SUPER-UX:*:*)
+	echo sx5-nec-superux${UNAME_RELEASE}
+	exit ;;
+    SX-6:SUPER-UX:*:*)
+	echo sx6-nec-superux${UNAME_RELEASE}
+	exit ;;
+    SX-7:SUPER-UX:*:*)
+	echo sx7-nec-superux${UNAME_RELEASE}
+	exit ;;
+    SX-8:SUPER-UX:*:*)
+	echo sx8-nec-superux${UNAME_RELEASE}
+	exit ;;
+    SX-8R:SUPER-UX:*:*)
+	echo sx8r-nec-superux${UNAME_RELEASE}
+	exit ;;
+    Power*:Rhapsody:*:*)
+	echo powerpc-apple-rhapsody${UNAME_RELEASE}
+	exit ;;
+    *:Rhapsody:*:*)
+	echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE}
+	exit ;;
+    *:Darwin:*:*)
+	UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown
+	case $UNAME_PROCESSOR in
+	    unknown) UNAME_PROCESSOR=powerpc ;;
+	esac
+	echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE}
+	exit ;;
+    *:procnto*:*:* | *:QNX:[0123456789]*:*)
+	UNAME_PROCESSOR=`uname -p`
+	if test "$UNAME_PROCESSOR" = "x86"; then
+		UNAME_PROCESSOR=i386
+		UNAME_MACHINE=pc
+	fi
+	echo ${UNAME_PROCESSOR}-${UNAME_MACHINE}-nto-qnx${UNAME_RELEASE}
+	exit ;;
+    *:QNX:*:4*)
+	echo i386-pc-qnx
+	exit ;;
+    NSE-?:NONSTOP_KERNEL:*:*)
+	echo nse-tandem-nsk${UNAME_RELEASE}
+	exit ;;
+    NSR-?:NONSTOP_KERNEL:*:*)
+	echo nsr-tandem-nsk${UNAME_RELEASE}
+	exit ;;
+    *:NonStop-UX:*:*)
+	echo mips-compaq-nonstopux
+	exit ;;
+    BS2000:POSIX*:*:*)
+	echo bs2000-siemens-sysv
+	exit ;;
+    DS/*:UNIX_System_V:*:*)
+	echo ${UNAME_MACHINE}-${UNAME_SYSTEM}-${UNAME_RELEASE}
+	exit ;;
+    *:Plan9:*:*)
+	# "uname -m" is not consistent, so use $cputype instead. 386
+	# is converted to i386 for consistency with other x86
+	# operating systems.
+	if test "$cputype" = "386"; then
+	    UNAME_MACHINE=i386
+	else
+	    UNAME_MACHINE="$cputype"
+	fi
+	echo ${UNAME_MACHINE}-unknown-plan9
+	exit ;;
+    *:TOPS-10:*:*)
+	echo pdp10-unknown-tops10
+	exit ;;
+    *:TENEX:*:*)
+	echo pdp10-unknown-tenex
+	exit ;;
+    KS10:TOPS-20:*:* | KL10:TOPS-20:*:* | TYPE4:TOPS-20:*:*)
+	echo pdp10-dec-tops20
+	exit ;;
+    XKL-1:TOPS-20:*:* | TYPE5:TOPS-20:*:*)
+	echo pdp10-xkl-tops20
+	exit ;;
+    *:TOPS-20:*:*)
+	echo pdp10-unknown-tops20
+	exit ;;
+    *:ITS:*:*)
+	echo pdp10-unknown-its
+	exit ;;
+    SEI:*:*:SEIUX)
+        echo mips-sei-seiux${UNAME_RELEASE}
+	exit ;;
+    *:DragonFly:*:*)
+	echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
+	exit ;;
+    *:*VMS:*:*)
+    	UNAME_MACHINE=`(uname -p) 2>/dev/null`
+	case "${UNAME_MACHINE}" in
+	    A*) echo alpha-dec-vms ; exit ;;
+	    I*) echo ia64-dec-vms ; exit ;;
+	    V*) echo vax-dec-vms ; exit ;;
+	esac ;;
+    *:XENIX:*:SysV)
+	echo i386-pc-xenix
+	exit ;;
+    i*86:skyos:*:*)
+	echo ${UNAME_MACHINE}-pc-skyos`echo ${UNAME_RELEASE}` | sed -e 's/ .*$//'
+	exit ;;
+    i*86:rdos:*:*)
+	echo ${UNAME_MACHINE}-pc-rdos
+	exit ;;
+esac
+
+#echo '(No uname command or uname output not recognized.)' 1>&2
+#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2
+
+eval $set_cc_for_build
+cat >$dummy.c <<EOF
+#ifdef _SEQUENT_
+# include <sys/types.h>
+# include <sys/utsname.h>
+#endif
+main ()
+{
+#if defined (sony)
+#if defined (MIPSEB)
+  /* BFD wants "bsd" instead of "newsos".  Perhaps BFD should be changed,
+     I don't know....  */
+  printf ("mips-sony-bsd\n"); exit (0);
+#else
+#include <sys/param.h>
+  printf ("m68k-sony-newsos%s\n",
+#ifdef NEWSOS4
+          "4"
+#else
+	  ""
+#endif
+         ); exit (0);
+#endif
+#endif
+
+#if defined (__arm) && defined (__acorn) && defined (__unix)
+  printf ("arm-acorn-riscix\n"); exit (0);
+#endif
+
+#if defined (hp300) && !defined (hpux)
+  printf ("m68k-hp-bsd\n"); exit (0);
+#endif
+
+#if defined (NeXT)
+#if !defined (__ARCHITECTURE__)
+#define __ARCHITECTURE__ "m68k"
+#endif
+  int version;
+  version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`;
+  if (version < 4)
+    printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version);
+  else
+    printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version);
+  exit (0);
+#endif
+
+#if defined (MULTIMAX) || defined (n16)
+#if defined (UMAXV)
+  printf ("ns32k-encore-sysv\n"); exit (0);
+#else
+#if defined (CMU)
+  printf ("ns32k-encore-mach\n"); exit (0);
+#else
+  printf ("ns32k-encore-bsd\n"); exit (0);
+#endif
+#endif
+#endif
+
+#if defined (__386BSD__)
+  printf ("i386-pc-bsd\n"); exit (0);
+#endif
+
+#if defined (sequent)
+#if defined (i386)
+  printf ("i386-sequent-dynix\n"); exit (0);
+#endif
+#if defined (ns32000)
+  printf ("ns32k-sequent-dynix\n"); exit (0);
+#endif
+#endif
+
+#if defined (_SEQUENT_)
+    struct utsname un;
+
+    uname(&un);
+
+    if (strncmp(un.version, "V2", 2) == 0) {
+	printf ("i386-sequent-ptx2\n"); exit (0);
+    }
+    if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */
+	printf ("i386-sequent-ptx1\n"); exit (0);
+    }
+    printf ("i386-sequent-ptx\n"); exit (0);
+
+#endif
+
+#if defined (vax)
+# if !defined (ultrix)
+#  include <sys/param.h>
+#  if defined (BSD)
+#   if BSD == 43
+      printf ("vax-dec-bsd4.3\n"); exit (0);
+#   else
+#    if BSD == 199006
+      printf ("vax-dec-bsd4.3reno\n"); exit (0);
+#    else
+      printf ("vax-dec-bsd\n"); exit (0);
+#    endif
+#   endif
+#  else
+    printf ("vax-dec-bsd\n"); exit (0);
+#  endif
+# else
+    printf ("vax-dec-ultrix\n"); exit (0);
+# endif
+#endif
+
+#if defined (alliant) && defined (i860)
+  printf ("i860-alliant-bsd\n"); exit (0);
+#endif
+
+  exit (1);
+}
+EOF
+
+$CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null && SYSTEM_NAME=`$dummy` &&
+	{ echo "$SYSTEM_NAME"; exit; }
+
+# Apollos put the system type in the environment.
+
+test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit; }
+
+# Convex versions that predate uname can use getsysinfo(1)
+
+if [ -x /usr/convex/getsysinfo ]
+then
+    case `getsysinfo -f cpu_type` in
+    c1*)
+	echo c1-convex-bsd
+	exit ;;
+    c2*)
+	if getsysinfo -f scalar_acc
+	then echo c32-convex-bsd
+	else echo c2-convex-bsd
+	fi
+	exit ;;
+    c34*)
+	echo c34-convex-bsd
+	exit ;;
+    c38*)
+	echo c38-convex-bsd
+	exit ;;
+    c4*)
+	echo c4-convex-bsd
+	exit ;;
+    esac
+fi
+
+cat >&2 <<EOF
+$0: unable to guess system type
+
+This script, last modified $timestamp, has failed to recognize
+the operating system you are using. It is advised that you
+download the most up to date version of the config scripts from
+
+  http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD
+and
+  http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD
+
+If the version you run ($0) is already up to date, please
+send the following data and any information you think might be
+pertinent to <config-patches at gnu.org> in order to provide the needed
+information to handle your system.
+
+config.guess timestamp = $timestamp
+
+uname -m = `(uname -m) 2>/dev/null || echo unknown`
+uname -r = `(uname -r) 2>/dev/null || echo unknown`
+uname -s = `(uname -s) 2>/dev/null || echo unknown`
+uname -v = `(uname -v) 2>/dev/null || echo unknown`
+
+/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null`
+/bin/uname -X     = `(/bin/uname -X) 2>/dev/null`
+
+hostinfo               = `(hostinfo) 2>/dev/null`
+/bin/universe          = `(/bin/universe) 2>/dev/null`
+/usr/bin/arch -k       = `(/usr/bin/arch -k) 2>/dev/null`
+/bin/arch              = `(/bin/arch) 2>/dev/null`
+/usr/bin/oslevel       = `(/usr/bin/oslevel) 2>/dev/null`
+/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null`
+
+UNAME_MACHINE = ${UNAME_MACHINE}
+UNAME_RELEASE = ${UNAME_RELEASE}
+UNAME_SYSTEM  = ${UNAME_SYSTEM}
+UNAME_VERSION = ${UNAME_VERSION}
+EOF
+
+exit 1
+
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "timestamp='"
+# time-stamp-format: "%:y-%02m-%02d"
+# time-stamp-end: "'"
+# End:
diff --git a/external/privoxy/config.h b/external/privoxy/config.h
new file mode 100644
index 0000000..db1f360
--- /dev/null
+++ b/external/privoxy/config.h
@@ -0,0 +1,744 @@
+/* config.h.  Generated from config.h.in by configure.  */
+/* config.h.in.  Generated from configure.in by autoheader.  */
+#ifndef CONFIG_H_INCLUDED
+#define CONFIG_H_INCLUDED
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/acconfig.h,v $
+ *
+ * Purpose     :  This file should be the first thing included in every
+ *                .c file.  (Before even system headers).  It contains 
+ *                #define statements for various features.  It was
+ *                introduced because the compile command line started
+ *                getting ludicrously long with feature defines.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: acconfig.h,v $
+ *    Revision 1.36  2008/10/18 11:17:52  fabiankeil
+ *    Connection keep-alive support is ready for testing,
+ *    allow enabling it through the configure script.
+ *
+ *    Revision 1.35  2008/04/06 15:18:33  fabiankeil
+ *    Oh well, rename the --enable-pcre-host-patterns option to
+ *    --enable-extended-host-patterns as it's not really PCRE syntax.
+ *
+ *    Revision 1.34  2008/04/06 14:54:26  fabiankeil
+ *    Use PCRE syntax in host patterns when configured
+ *    with --enable-pcre-host-patterns.
+ *
+ *    Revision 1.33  2006/12/17 19:15:26  fabiankeil
+ *    Added ./configure switch for FEATURE_GRACEFUL_TERMINATION.
+ *
+ *    Revision 1.32  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.27.2.4  2003/12/17 16:34:40  oes
+ *    Cosmetics
+ *
+ *    Revision 1.27.2.3  2003/03/27 16:03:19  oes
+ *    Another shot at Bug #707467
+ *
+ *    Revision 1.27.2.2  2003/03/21 14:39:12  oes
+ *    Presumably fixed Bug #707467 by defining unix ifdef __unix__
+ *
+ *    Revision 1.27.2.1  2002/08/10 11:22:31  oes
+ *    - Add two AC_DEFINEs that indicate if the pcre*.h headers
+ *      are located in a pcre/ subdir to the include path.
+ *
+ *    Revision 1.27  2002/04/25 19:13:57  morcego
+ *    Removed RPM release number declaration on configure.in
+ *    Changed makefile to use given value for RPM_PACKAGEV when on uploading
+ *    targets (will produce an error, explaining who to do it, if no value
+ *    if provided).
+ *
+ *    Revision 1.26  2002/04/11 11:00:21  oes
+ *    Applied Moritz' fix for socklen_t on Solaris
+ *
+ *    Revision 1.25  2002/04/06 20:38:01  jongfoster
+ *    Renaming VC++ versions of config.h
+ *
+ *    Revision 1.24  2002/04/04 00:36:36  gliptak
+ *    always use pcre for matching
+ *
+ *    Revision 1.23  2002/04/03 22:28:03  gliptak
+ *    Removed references to gnu_regex
+ *
+ *    Revision 1.22  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.21  2002/03/24 14:31:08  swa
+ *    remove more crappy files. set RPM
+ *    release version correctly.
+ *
+ *    Revision 1.20  2002/03/24 13:46:44  swa
+ *    name change related issue.
+ *
+ *    Revision 1.19  2002/03/24 13:25:42  swa
+ *    name change related issues
+ *
+ *    Revision 1.18  2002/03/08 16:40:28  oes
+ *    Added FEATURE_NO_GIFS
+ *
+ *    Revision 1.17  2002/03/04 17:52:44  oes
+ *    Deleted PID_FILE_PATH
+ *
+ *    Revision 1.16  2002/01/10 12:36:18  oes
+ *    Moved HAVE_*_R to acconfig.h, where they belong.
+ *
+ *    Revision 1.15  2001/12/30 14:07:31  steudten
+ *    - Add signal handling (unix)
+ *    - Add SIGHUP handler (unix)
+ *    - Add creation of pidfile (unix)
+ *    - Add action 'top' in rc file (RH)
+ *    - Add entry 'SIGNALS' to manpage
+ *    - Add exit message to logfile (unix)
+ *
+ *    Revision 1.14  2001/10/23 21:24:09  jongfoster
+ *    Support for FEATURE_CGI_EDIT_ACTIONS
+ *
+ *    Revision 1.13  2001/10/07 15:30:41  oes
+ *    Removed FEATURE_DENY_GZIP
+ *
+ *    Revision 1.12  2001/09/13 19:56:37  jongfoster
+ *    Reverting to revision 1.10 - previous checking was majorly broken.
+ *
+ *    Revision 1.10  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.9  2001/07/29 19:08:52  jongfoster
+ *    Changing _CONFIG_H to CONFIG_H_INCLUDED.
+ *    Also added protection against using a MinGW32 or CygWin version of
+ *    config.h from within MS Visual C++
+ *
+ *    Revision 1.8  2001/07/29 17:09:17  jongfoster
+ *    Major changes to build system in order to fix these bugs:
+ *    - pthreads under Linux was broken - changed -lpthread to -pthread
+ *    - Compiling in MinGW32 mode under CygWin now correctly detects
+ *      which shared libraries are available
+ *    - Solaris support (?) (Not tested under Solaris yet)
+ *
+ *    Revision 1.7  2001/07/25 22:53:59  jongfoster
+ *    Will #error if pthreads is enabled under BeOs
+ *
+ *    Revision 1.6  2001/07/15 17:54:29  jongfoster
+ *    Renaming #define STATIC to STATIC_PCRE
+ *    Adding new #define FEATURE_PTHREAD that will be used to enable
+ *    POSIX threads support.
+ *
+ *    Revision 1.5  2001/07/13 13:48:37  oes
+ *     - (Fix:) Copied CODE_STATUS #define from config.h.in
+ *     - split REGEX #define into REGEX_GNU and REGEX_PCRE
+ *       and removed PCRE.
+ *       (REGEX = REGEX_GNU || REGEX_PCRE per project.h)
+ *     - Moved STATIC (for pcre) here from Makefile.in
+ *     - Introduced STATIC_PCRS #define to allow for dynaimc linking with
+ *       libpcrs
+ *     - Removed PCRS #define, since pcrs is now needed for CGI anyway
+ *
+ *    Revision 1.4  2001/05/29 09:50:24  jongfoster
+ *    Unified blocklist/imagelist/permissionslist.
+ *    File format is still under discussion, but the internal changes
+ *    are (mostly) done.
+ *
+ *    Also modified interceptor behaviour:
+ *    - We now intercept all URLs beginning with one of the following
+ *      prefixes (and *only* these prefixes):
+ *        * http://i.j.b/
+ *        * http://ijbswa.sf.net/config/
+ *        * http://ijbswa.sourceforge.net/config/
+ *    - New interceptors "home page" - go to http://i.j.b/ to see it.
+ *    - Internal changes so that intercepted and fast redirect pages
+ *      are not replaced with an image.
+ *    - Interceptors now have the option to send a binary page direct
+ *      to the client. (i.e. ijb-send-banner uses this)
+ *    - Implemented show-url-info interceptor.  (Which is why I needed
+ *      the above interceptors changes - a typical URL is
+ *      "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ *      The previous mechanism would not have intercepted that, and
+ *      if it had been intercepted then it then it would have replaced
+ *      it with an image.)
+ *
+ *    Revision 1.3  2001/05/26 01:26:34  jongfoster
+ *    New #define, WIN_GUI_EDIT, enables the (embryonic) Win32 GUI editor.
+ *    This #define cannot be set from ./configure - there's no point, it
+ *    doesn't work yet.  See feature request # 425722
+ *
+ *    Revision 1.2  2001/05/22 17:43:35  oes
+ *
+ *    - Enabled filtering banners by size rather than URL
+ *      by adding patterns that replace all standard banner
+ *      sizes with the "Junkbuster" gif to the re_filterfile
+ *
+ *    - Enabled filtering WebBugs by providing a pattern
+ *      which kills all 1x1 images
+ *
+ *    - Added support for PCRE_UNGREEDY behaviour to pcrs,
+ *      which is selected by the (nonstandard and therefore
+ *      capital) letter 'U' in the option string.
+ *      It causes the quantifiers to be ungreedy by default.
+ *      Appending a ? turns back to greedy (!).
+ *
+ *    - Added a new interceptor ijb-send-banner, which
+ *      sends back the "Junkbuster" gif. Without imagelist or
+ *      MSIE detection support, or if tinygif = 1, or the
+ *      URL isn't recognized as an imageurl, a lame HTML
+ *      explanation is sent instead.
+ *
+ *    - Added new feature, which permits blocking remote
+ *      script redirects and firing back a local redirect
+ *      to the browser.
+ *      The feature is conditionally compiled, i.e. it
+ *      can be disabled with --disable-fast-redirects,
+ *      plus it must be activated by a "fast-redirects"
+ *      line in the config file, has its own log level
+ *      and of course wants to be displayed by show-proxy-args
+ *      Note: Boy, all the #ifdefs in 1001 locations and
+ *      all the fumbling with configure.in and acconfig.h
+ *      were *way* more work than the feature itself :-(
+ *
+ *    - Because a generic redirect template was needed for
+ *      this, tinygif = 3 now uses the same.
+ *
+ *    - Moved GIFs, and other static HTTP response templates
+ *      to project.h
+ *
+ *    - Many minor fixes
+ *
+ *    - Removed some >400 CRs again (Jon, you really worked
+ *      a lot! ;-)
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:45  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+/*
+ * Version number - Major (X._._)
+ */
+#define VERSION_MAJOR 3
+
+/*
+ * Version number - Minor (_.X._)
+ */
+#define VERSION_MINOR 0
+
+/*
+ * Version number - Point (_._.X)
+ */
+#define VERSION_POINT 12
+
+/*
+ * Version number, as a string
+ */
+#define VERSION "3.0.12"
+
+/*
+ * Status of the code: "alpha", "beta" or "stable".
+ */
+#define CODE_STATUS "stable"
+
+/* 
+ * Should pcre be statically built in instead of linkling with libpcre?
+ * (This is determined by configure depending on the availiability of
+ * libpcre and user preferences). The name is ugly, but pcre needs it.
+ * Don't bother to change this here! Use configure instead.
+ */
+#define STATIC_PCRE 1
+
+/* 
+ * Should pcrs be statically built in instead of linkling with libpcrs?
+ * (This is determined by configure depending on the availiability of
+ * libpcrs and user preferences).
+ * Don't bother to change this here! Use configure instead.
+ */
+#define STATIC_PCRS 1
+
+/*
+ * Allows the use of an ACL to control access to the proxy by IP address.
+ */
+#define FEATURE_ACL 1
+
+/*
+ * Enables the web-based configuration (actionsfile) editor.  If you
+ * have a shared proxy, you might want to turn this off.
+ */
+#define FEATURE_CGI_EDIT_ACTIONS 1
+
+/*
+ * Allows the use of jar files to capture cookies.
+ */
+/* #undef FEATURE_COOKIE_JAR */
+
+/*
+ * Locally redirect remote script-redirect URLs
+ */
+#define FEATURE_FAST_REDIRECTS 1
+
+/*
+ * Bypass filtering for 1 page only
+ */
+#define FEATURE_FORCE_LOAD 1
+
+/*
+ * Allow blocking using images as well as HTML.
+ * If you do not define this then everything is blocked as HTML.
+ *
+ * Note that this is required if you want to use FEATURE_IMAGE_DETECT_MSIE.
+ */
+#define FEATURE_IMAGE_BLOCKING 1
+
+/*
+ * Detect image requests automatically for MSIE.  Will fall back to
+ * other image-detection methods (i.e. "+image" permission) for other
+ * browsers.
+ *
+ * You must also define FEATURE_IMAGE_BLOCKING to use this feature.
+ *
+ * It detects the following header pair as an image request:
+ *
+ * User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
+ * Accept: * / *
+ *
+ * And the following as a HTML request:
+ *
+ * User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
+ * Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, * / *
+ *
+ * And no, I haven't got that backwards - IE is being wierd.
+ *
+ * Known limitations: 
+ * 1) If you press shift-reload on a blocked HTML page, you get
+ *    the image "blocked" page, not the HTML "blocked" page.
+ * 2) Once an image "blocked" page has been sent, viewing it 
+ *    in it's own browser window *should* bring up the HTML
+ *    "blocked" page, but it doesn't.  You need to clear the 
+ *    browser cache to get the HTML version again.
+ *
+ * These limitations are due to IE making inconsistent choices
+ * about which "Accept:" header to send.
+ */
+/* #undef FEATURE_IMAGE_DETECT_MSIE */
+
+/*
+ * Kills JavaScript popups - window.open, onunload, etc.
+ */
+/* #undef FEATURE_KILL_POPUPS */
+
+/*
+ * Use PNG instead of GIF for built-in images
+ */
+/* #undef FEATURE_NO_GIFS */
+
+/*
+ * Allow to shutdown Privoxy through the webinterface.
+ */
+/* #undef FEATURE_GRACEFUL_TERMINATION */
+
+/*
+ * Allow PCRE syntax in host patterns.
+ */
+/* #undef FEATURE_EXTENDED_HOST_PATTERNS */
+
+/*
+ * Keep outgoing connections alive if possible.
+ */
+/* #undef FEATURE_CONNECTION_KEEP_ALIVE */
+
+/*
+ * Use POSIX threads instead of native threads.
+ */
+/* #undef FEATURE_PTHREAD */
+
+/*
+ * Enables statistics function.
+ */
+#define FEATURE_STATISTICS 1
+
+/*
+ * Allow Privoxy to be "disabled" so it is just a normal non-blocking
+ * non-anonymizing proxy.  This is useful if you're trying to access a
+ * blocked or broken site - just change the setting in the config file,
+ * or use the handy "Disable" menu option in the Windows GUI.
+ */
+#define FEATURE_TOGGLE 1
+
+/*
+ * Allows the use of trust files.
+ */
+#define FEATURE_TRUST 1
+
+/*
+ * Defined on Solaris only.  Makes the system libraries thread safe.
+ */
+/* #undef _REENTRANT */
+
+/*
+ * Defined on Solaris only.  Without this, many important functions are not
+ * defined in the system headers.
+ */
+/* #undef __EXTENSIONS__ */
+
+/*
+ * Defined always.
+ * FIXME: Don't know what it does or why we need it.
+ * (presumably something to do with MultiThreading?)
+ */
+#define __MT__ 1
+
+/* If the (nonstandard and thread-safe) function gethostbyname_r
+ * is available, select which signature to use
+ */
+#define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+/* #undef HAVE_GETHOSTBYNAME_R_5_ARGS */
+/* #undef HAVE_GETHOSTBYNAME_R_3_ARGS */
+
+/* If the (nonstandard and thread-safe) function gethostbyaddr_r
+ * is available, select which signature to use
+ */
+/* #undef HAVE_GETHOSTBYADDR_R_8_ARGS */
+/* #undef HAVE_GETHOSTBYADDR_R_7_ARGS */
+/* #undef HAVE_GETHOSTBYADDR_R_5_ARGS */
+
+/* Defined if you have gmtime_r and localtime_r with a signature
+ * of (struct time *, struct tm *)
+ */
+#define HAVE_GMTIME_R 1
+#define HAVE_LOCALTIME_R 1
+
+/* Define to 'int' if <sys/socket.h> doesn't have it. 
+ */
+/* #undef socklen_t */
+
+/* Define if pcre.h must be included as <pcre/pcre.h>
+ */
+/* #undef PCRE_H_IN_SUBDIR */
+
+/* Define if pcreposix.h must be included as <pcre/pcreposix.h>
+ */
+/* #undef PCREPOSIX_H_IN_SUBDIR */
+
+
+/* Define to 1 to use compression through the zlib library. */
+#define FEATURE_ZLIB 1
+
+/* Define to 1 if you have the `access' function. */
+#define HAVE_ACCESS 1
+
+/* Define to 1 if you have the <arpa/inet.h> header file. */
+#define HAVE_ARPA_INET_H 1
+
+/* Define to 1 if you have the `atexit' function. */
+#define HAVE_ATEXIT 1
+
+/* Define to 1 if you have the `bcopy' function. */
+#define HAVE_BCOPY 1
+
+/* Define to 1 if you have the <dirent.h> header file, and it defines `DIR'.
+   */
+#define HAVE_DIRENT_H 1
+
+/* Define to 1 if you have the <errno.h> header file. */
+#define HAVE_ERRNO_H 1
+
+/* Define to 1 if you have the <fcntl.h> header file. */
+#define HAVE_FCNTL_H 1
+
+/* Define to 1 if you have the `getcwd' function. */
+#define HAVE_GETCWD 1
+
+/* Define to 1 if you have the `gethostbyaddr' function. */
+#define HAVE_GETHOSTBYADDR 1
+
+/* Define to 1 if you have the `gethostbyaddr_r' function. */
+/* #undef HAVE_GETHOSTBYADDR_R */
+
+/* Define to 1 if you have the `gethostbyname' function. */
+#define HAVE_GETHOSTBYNAME 1
+
+/* Define to 1 if you have the `gethostbyname_r' function. */
+#define HAVE_GETHOSTBYNAME_R 1
+
+/* Define to 1 if you have the `gettimeofday' function. */
+#define HAVE_GETTIMEOFDAY 1
+
+/* Define to 1 if you have the `inet_ntoa' function. */
+#define HAVE_INET_NTOA 1
+
+/* Define to 1 if you have the <inttypes.h> header file. */
+#define HAVE_INTTYPES_H 1
+
+/* Define to 1 if you have the `nsl' library (-lnsl). */
+/* #undef HAVE_LIBNSL */
+
+/* Define to 1 if you have the <limits.h> header file. */
+#define HAVE_LIMITS_H 1
+
+/* Define to 1 if you have the <locale.h> header file. */
+#define HAVE_LOCALE_H 1
+
+/* Define to 1 if you have the `localtime_r' function. */
+#define HAVE_LOCALTIME_R 1
+
+/* Define to 1 if you have the `memchr' function. */
+#define HAVE_MEMCHR 1
+
+/* Define to 1 if you have the `memmove' function. */
+#define HAVE_MEMMOVE 1
+
+/* Define to 1 if you have the <memory.h> header file. */
+#define HAVE_MEMORY_H 1
+
+/* Define to 1 if you have the `memset' function. */
+#define HAVE_MEMSET 1
+
+/* Define to 1 if you have the <ndir.h> header file, and it defines `DIR'. */
+/* #undef HAVE_NDIR_H */
+
+/* Define to 1 if you have the <netdb.h> header file. */
+#define HAVE_NETDB_H 1
+
+/* Define to 1 if you have the <netinet/in.h> header file. */
+#define HAVE_NETINET_IN_H 1
+
+/* Define to 1 if you have the <OS.h> header file. */
+/* #undef HAVE_OS_H */
+
+/* Define to 1 if you have the `poll' function. */
+#define HAVE_POLL 1
+
+/* Define to 1 if you have the `putenv' function. */
+#define HAVE_PUTENV 1
+
+/* Define to 1 if you have the `random' function. */
+/* #undef HAVE_RANDOM */
+
+/* Define to 1 if you have the `regcomp' function. */
+#define HAVE_REGCOMP 1
+
+/* Define to 1 if you have the `select' function. */
+#define HAVE_SELECT 1
+
+/* Define to 1 if you have the `setlocale' function. */
+#define HAVE_SETLOCALE 1
+
+/* Define to 1 if you have the `snprintf' function. */
+#define HAVE_SNPRINTF 1
+
+/* Define to 1 if you have the `socket' function. */
+#define HAVE_SOCKET 1
+
+/* Define to 1 if you have the <stddef.h> header file. */
+#define HAVE_STDDEF_H 1
+
+/* Define to 1 if you have the <stdint.h> header file. */
+#define HAVE_STDINT_H 1
+
+/* Define to 1 if you have the <stdlib.h> header file. */
+#define HAVE_STDLIB_H 1
+
+/* Define to 1 if you have the `strchr' function. */
+#define HAVE_STRCHR 1
+
+/* Define to 1 if you have the `strdup' function. */
+#define HAVE_STRDUP 1
+
+/* Define to 1 if you have the `strerror' function. */
+#define HAVE_STRERROR 1
+
+/* Define to 1 if you have the `strftime' function. */
+#define HAVE_STRFTIME 1
+
+/* Define to 1 if you have the <strings.h> header file. */
+#define HAVE_STRINGS_H 1
+
+/* Define to 1 if you have the <string.h> header file. */
+#define HAVE_STRING_H 1
+
+/* Define to 1 if you have the `strlcat' function. */
+#define HAVE_STRLCAT 1
+
+/* Define to 1 if you have the `strlcpy' function. */
+#define HAVE_STRLCPY 1
+
+/* Define to 1 if you have the `strptime' function. */
+#define HAVE_STRPTIME 1
+
+/* Define to 1 if you have the `strstr' function. */
+#define HAVE_STRSTR 1
+
+/* Define to 1 if you have the `strtoul' function. */
+#define HAVE_STRTOUL 1
+
+/* Define to 1 if you have the <sys/dir.h> header file, and it defines `DIR'.
+   */
+/* #undef HAVE_SYS_DIR_H */
+
+/* Define to 1 if you have the <sys/ioctl.h> header file. */
+#define HAVE_SYS_IOCTL_H 1
+
+/* Define to 1 if you have the <sys/ndir.h> header file, and it defines `DIR'.
+   */
+/* #undef HAVE_SYS_NDIR_H */
+
+/* Define to 1 if you have the <sys/socket.h> header file. */
+#define HAVE_SYS_SOCKET_H 1
+
+/* Define to 1 if you have the <sys/stat.h> header file. */
+#define HAVE_SYS_STAT_H 1
+
+/* Define to 1 if you have the <sys/timeb.h> header file. */
+#define HAVE_SYS_TIMEB_H 1
+
+/* Define to 1 if you have the <sys/time.h> header file. */
+#define HAVE_SYS_TIME_H 1
+
+/* Define to 1 if you have the <sys/types.h> header file. */
+#define HAVE_SYS_TYPES_H 1
+
+/* Define to 1 if you have the <sys/wait.h> header file. */
+#define HAVE_SYS_WAIT_H 1
+
+/* Define to 1 if you have the `timegm' function. */
+/* #undef HAVE_TIMEGM */
+
+/* Define to 1 if you have the `tzset' function. */
+#define HAVE_TZSET 1
+
+/* Define to 1 if you have the <unistd.h> header file. */
+#define HAVE_UNISTD_H 1
+
+/* Define to the address where bug reports for this package should be sent. */
+#define PACKAGE_BUGREPORT ""
+
+/* Define to the full name of this package. */
+#define PACKAGE_NAME ""
+
+/* Define to the full name and version of this package. */
+#define PACKAGE_STRING ""
+
+/* Define to the one symbol short name of this package. */
+#define PACKAGE_TARNAME ""
+
+/* Define to the home page for this package. */
+#define PACKAGE_URL ""
+
+/* Define to the version of this package. */
+#define PACKAGE_VERSION ""
+
+/* Define as the return type of signal handlers (`int' or `void'). */
+#define RETSIGTYPE void
+
+/* Define to 1 if the `setpgrp' function takes no argument. */
+#define SETPGRP_VOID 1
+
+/* The size of `char *', as computed by sizeof. */
+#define SIZEOF_CHAR_P 4
+
+/* The size of `int', as computed by sizeof. */
+#define SIZEOF_INT 4
+
+/* The size of `long', as computed by sizeof. */
+#define SIZEOF_LONG 4
+
+/* The size of `long long', as computed by sizeof. */
+#define SIZEOF_LONG_LONG 8
+
+/* The size of `size_t', as computed by sizeof. */
+#define SIZEOF_SIZE_T 4
+
+/* Define to 1 if you have the ANSI C header files. */
+#define STDC_HEADERS 1
+
+/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
+#define TIME_WITH_SYS_TIME 1
+
+/* Define to 1 if your <sys/time.h> declares `struct tm'. */
+/* #undef TM_IN_SYS_TIME */
+
+/* Define to empty if `const' does not conform to ANSI C. */
+/* #undef const */
+
+/* Define to `int' if <sys/types.h> does not define. */
+/* #undef pid_t */
+
+/* Define to `unsigned int' if <sys/types.h> does not define. */
+/* #undef size_t */
+
+/* Define to 'int' if <sys/socket.h> doesn't have it. */
+/* #undef socklen_t */
+
+/*
+ * Defined always.
+ * FIXME: Don't know what it does or why we need it.
+ * (presumably something to do with ANSI Standard C?)
+ */
+#ifndef __STDC__
+#define __STDC__ 1
+#endif /* ndef __STDC__ */
+
+/*
+ * Need to set up this define only for the Pthreads library for
+ * Win32, available from http://sources.redhat.com/pthreads-win32/
+ */
+#if defined(FEATURE_PTHREAD) && defined(_WIN32)
+#define __CLEANUP_C
+#endif /* defined(FEATURE_PTHREAD) && defined(_WIN32) */
+
+/*
+ * BEOS does not currently support POSIX threads.
+ * This *should* be detected by ./configure, but let's be sure.
+ */
+#if defined(FEATURE_PTHREAD) && defined(__BEOS__)
+#error BEOS does not support pthread - please run ./configure again with "--disable-pthread"
+
+#endif /* defined(FEATURE_PTHREAD) && defined(__BEOS__) */
+
+/*
+ * On OpenBSD and maybe also FreeBSD, gcc doesn't define the cpp
+ * symbol unix; it defines __unix__ and sometimes not even that:
+ */
+#if ( defined(__unix__) || defined(__NetBSD__) ) && !defined(unix)
+#define unix 1
+#endif
+
+/*
+ * It's too easy to accidentally use a Cygwin or MinGW32 version of config.h
+ * under VC++, and it usually gives many wierd error messages.  Let's make
+ * the error messages understandable, by bailing out now.
+ */
+#ifdef _MSC_VER
+#error For MS VC++, please use vc_config_winthreads.h or vc_config_pthreads.h.  You can usually do this by selecting the "Build", "Clean" menu option.
+#endif /* def _MSC_VER */
+
+#endif /* CONFIG_H_INCLUDED */
diff --git a/external/privoxy/config.h.in b/external/privoxy/config.h.in
new file mode 100644
index 0000000..e8c8790
--- /dev/null
+++ b/external/privoxy/config.h.in
@@ -0,0 +1,743 @@
+/* config.h.in.  Generated from configure.in by autoheader.  */
+#ifndef CONFIG_H_INCLUDED
+#define CONFIG_H_INCLUDED
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/acconfig.h,v $
+ *
+ * Purpose     :  This file should be the first thing included in every
+ *                .c file.  (Before even system headers).  It contains 
+ *                #define statements for various features.  It was
+ *                introduced because the compile command line started
+ *                getting ludicrously long with feature defines.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: acconfig.h,v $
+ *    Revision 1.36  2008/10/18 11:17:52  fabiankeil
+ *    Connection keep-alive support is ready for testing,
+ *    allow enabling it through the configure script.
+ *
+ *    Revision 1.35  2008/04/06 15:18:33  fabiankeil
+ *    Oh well, rename the --enable-pcre-host-patterns option to
+ *    --enable-extended-host-patterns as it's not really PCRE syntax.
+ *
+ *    Revision 1.34  2008/04/06 14:54:26  fabiankeil
+ *    Use PCRE syntax in host patterns when configured
+ *    with --enable-pcre-host-patterns.
+ *
+ *    Revision 1.33  2006/12/17 19:15:26  fabiankeil
+ *    Added ./configure switch for FEATURE_GRACEFUL_TERMINATION.
+ *
+ *    Revision 1.32  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.27.2.4  2003/12/17 16:34:40  oes
+ *    Cosmetics
+ *
+ *    Revision 1.27.2.3  2003/03/27 16:03:19  oes
+ *    Another shot at Bug #707467
+ *
+ *    Revision 1.27.2.2  2003/03/21 14:39:12  oes
+ *    Presumably fixed Bug #707467 by defining unix ifdef __unix__
+ *
+ *    Revision 1.27.2.1  2002/08/10 11:22:31  oes
+ *    - Add two AC_DEFINEs that indicate if the pcre*.h headers
+ *      are located in a pcre/ subdir to the include path.
+ *
+ *    Revision 1.27  2002/04/25 19:13:57  morcego
+ *    Removed RPM release number declaration on configure.in
+ *    Changed makefile to use given value for RPM_PACKAGEV when on uploading
+ *    targets (will produce an error, explaining who to do it, if no value
+ *    if provided).
+ *
+ *    Revision 1.26  2002/04/11 11:00:21  oes
+ *    Applied Moritz' fix for socklen_t on Solaris
+ *
+ *    Revision 1.25  2002/04/06 20:38:01  jongfoster
+ *    Renaming VC++ versions of config.h
+ *
+ *    Revision 1.24  2002/04/04 00:36:36  gliptak
+ *    always use pcre for matching
+ *
+ *    Revision 1.23  2002/04/03 22:28:03  gliptak
+ *    Removed references to gnu_regex
+ *
+ *    Revision 1.22  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.21  2002/03/24 14:31:08  swa
+ *    remove more crappy files. set RPM
+ *    release version correctly.
+ *
+ *    Revision 1.20  2002/03/24 13:46:44  swa
+ *    name change related issue.
+ *
+ *    Revision 1.19  2002/03/24 13:25:42  swa
+ *    name change related issues
+ *
+ *    Revision 1.18  2002/03/08 16:40:28  oes
+ *    Added FEATURE_NO_GIFS
+ *
+ *    Revision 1.17  2002/03/04 17:52:44  oes
+ *    Deleted PID_FILE_PATH
+ *
+ *    Revision 1.16  2002/01/10 12:36:18  oes
+ *    Moved HAVE_*_R to acconfig.h, where they belong.
+ *
+ *    Revision 1.15  2001/12/30 14:07:31  steudten
+ *    - Add signal handling (unix)
+ *    - Add SIGHUP handler (unix)
+ *    - Add creation of pidfile (unix)
+ *    - Add action 'top' in rc file (RH)
+ *    - Add entry 'SIGNALS' to manpage
+ *    - Add exit message to logfile (unix)
+ *
+ *    Revision 1.14  2001/10/23 21:24:09  jongfoster
+ *    Support for FEATURE_CGI_EDIT_ACTIONS
+ *
+ *    Revision 1.13  2001/10/07 15:30:41  oes
+ *    Removed FEATURE_DENY_GZIP
+ *
+ *    Revision 1.12  2001/09/13 19:56:37  jongfoster
+ *    Reverting to revision 1.10 - previous checking was majorly broken.
+ *
+ *    Revision 1.10  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.9  2001/07/29 19:08:52  jongfoster
+ *    Changing _CONFIG_H to CONFIG_H_INCLUDED.
+ *    Also added protection against using a MinGW32 or CygWin version of
+ *    config.h from within MS Visual C++
+ *
+ *    Revision 1.8  2001/07/29 17:09:17  jongfoster
+ *    Major changes to build system in order to fix these bugs:
+ *    - pthreads under Linux was broken - changed -lpthread to -pthread
+ *    - Compiling in MinGW32 mode under CygWin now correctly detects
+ *      which shared libraries are available
+ *    - Solaris support (?) (Not tested under Solaris yet)
+ *
+ *    Revision 1.7  2001/07/25 22:53:59  jongfoster
+ *    Will #error if pthreads is enabled under BeOs
+ *
+ *    Revision 1.6  2001/07/15 17:54:29  jongfoster
+ *    Renaming #define STATIC to STATIC_PCRE
+ *    Adding new #define FEATURE_PTHREAD that will be used to enable
+ *    POSIX threads support.
+ *
+ *    Revision 1.5  2001/07/13 13:48:37  oes
+ *     - (Fix:) Copied CODE_STATUS #define from config.h.in
+ *     - split REGEX #define into REGEX_GNU and REGEX_PCRE
+ *       and removed PCRE.
+ *       (REGEX = REGEX_GNU || REGEX_PCRE per project.h)
+ *     - Moved STATIC (for pcre) here from Makefile.in
+ *     - Introduced STATIC_PCRS #define to allow for dynaimc linking with
+ *       libpcrs
+ *     - Removed PCRS #define, since pcrs is now needed for CGI anyway
+ *
+ *    Revision 1.4  2001/05/29 09:50:24  jongfoster
+ *    Unified blocklist/imagelist/permissionslist.
+ *    File format is still under discussion, but the internal changes
+ *    are (mostly) done.
+ *
+ *    Also modified interceptor behaviour:
+ *    - We now intercept all URLs beginning with one of the following
+ *      prefixes (and *only* these prefixes):
+ *        * http://i.j.b/
+ *        * http://ijbswa.sf.net/config/
+ *        * http://ijbswa.sourceforge.net/config/
+ *    - New interceptors "home page" - go to http://i.j.b/ to see it.
+ *    - Internal changes so that intercepted and fast redirect pages
+ *      are not replaced with an image.
+ *    - Interceptors now have the option to send a binary page direct
+ *      to the client. (i.e. ijb-send-banner uses this)
+ *    - Implemented show-url-info interceptor.  (Which is why I needed
+ *      the above interceptors changes - a typical URL is
+ *      "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ *      The previous mechanism would not have intercepted that, and
+ *      if it had been intercepted then it then it would have replaced
+ *      it with an image.)
+ *
+ *    Revision 1.3  2001/05/26 01:26:34  jongfoster
+ *    New #define, WIN_GUI_EDIT, enables the (embryonic) Win32 GUI editor.
+ *    This #define cannot be set from ./configure - there's no point, it
+ *    doesn't work yet.  See feature request # 425722
+ *
+ *    Revision 1.2  2001/05/22 17:43:35  oes
+ *
+ *    - Enabled filtering banners by size rather than URL
+ *      by adding patterns that replace all standard banner
+ *      sizes with the "Junkbuster" gif to the re_filterfile
+ *
+ *    - Enabled filtering WebBugs by providing a pattern
+ *      which kills all 1x1 images
+ *
+ *    - Added support for PCRE_UNGREEDY behaviour to pcrs,
+ *      which is selected by the (nonstandard and therefore
+ *      capital) letter 'U' in the option string.
+ *      It causes the quantifiers to be ungreedy by default.
+ *      Appending a ? turns back to greedy (!).
+ *
+ *    - Added a new interceptor ijb-send-banner, which
+ *      sends back the "Junkbuster" gif. Without imagelist or
+ *      MSIE detection support, or if tinygif = 1, or the
+ *      URL isn't recognized as an imageurl, a lame HTML
+ *      explanation is sent instead.
+ *
+ *    - Added new feature, which permits blocking remote
+ *      script redirects and firing back a local redirect
+ *      to the browser.
+ *      The feature is conditionally compiled, i.e. it
+ *      can be disabled with --disable-fast-redirects,
+ *      plus it must be activated by a "fast-redirects"
+ *      line in the config file, has its own log level
+ *      and of course wants to be displayed by show-proxy-args
+ *      Note: Boy, all the #ifdefs in 1001 locations and
+ *      all the fumbling with configure.in and acconfig.h
+ *      were *way* more work than the feature itself :-(
+ *
+ *    - Because a generic redirect template was needed for
+ *      this, tinygif = 3 now uses the same.
+ *
+ *    - Moved GIFs, and other static HTTP response templates
+ *      to project.h
+ *
+ *    - Many minor fixes
+ *
+ *    - Removed some >400 CRs again (Jon, you really worked
+ *      a lot! ;-)
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:45  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+/*
+ * Version number - Major (X._._)
+ */
+#undef VERSION_MAJOR
+
+/*
+ * Version number - Minor (_.X._)
+ */
+#undef VERSION_MINOR
+
+/*
+ * Version number - Point (_._.X)
+ */
+#undef VERSION_POINT
+
+/*
+ * Version number, as a string
+ */
+#undef VERSION
+
+/*
+ * Status of the code: "alpha", "beta" or "stable".
+ */
+#undef CODE_STATUS
+
+/* 
+ * Should pcre be statically built in instead of linkling with libpcre?
+ * (This is determined by configure depending on the availiability of
+ * libpcre and user preferences). The name is ugly, but pcre needs it.
+ * Don't bother to change this here! Use configure instead.
+ */
+#undef STATIC_PCRE
+
+/* 
+ * Should pcrs be statically built in instead of linkling with libpcrs?
+ * (This is determined by configure depending on the availiability of
+ * libpcrs and user preferences).
+ * Don't bother to change this here! Use configure instead.
+ */
+#undef STATIC_PCRS
+
+/*
+ * Allows the use of an ACL to control access to the proxy by IP address.
+ */
+#undef FEATURE_ACL
+
+/*
+ * Enables the web-based configuration (actionsfile) editor.  If you
+ * have a shared proxy, you might want to turn this off.
+ */
+#undef FEATURE_CGI_EDIT_ACTIONS
+
+/*
+ * Allows the use of jar files to capture cookies.
+ */
+#undef FEATURE_COOKIE_JAR
+
+/*
+ * Locally redirect remote script-redirect URLs
+ */
+#undef FEATURE_FAST_REDIRECTS
+
+/*
+ * Bypass filtering for 1 page only
+ */
+#undef FEATURE_FORCE_LOAD
+
+/*
+ * Allow blocking using images as well as HTML.
+ * If you do not define this then everything is blocked as HTML.
+ *
+ * Note that this is required if you want to use FEATURE_IMAGE_DETECT_MSIE.
+ */
+#undef FEATURE_IMAGE_BLOCKING
+
+/*
+ * Detect image requests automatically for MSIE.  Will fall back to
+ * other image-detection methods (i.e. "+image" permission) for other
+ * browsers.
+ *
+ * You must also define FEATURE_IMAGE_BLOCKING to use this feature.
+ *
+ * It detects the following header pair as an image request:
+ *
+ * User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
+ * Accept: * / *
+ *
+ * And the following as a HTML request:
+ *
+ * User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
+ * Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, * / *
+ *
+ * And no, I haven't got that backwards - IE is being wierd.
+ *
+ * Known limitations: 
+ * 1) If you press shift-reload on a blocked HTML page, you get
+ *    the image "blocked" page, not the HTML "blocked" page.
+ * 2) Once an image "blocked" page has been sent, viewing it 
+ *    in it's own browser window *should* bring up the HTML
+ *    "blocked" page, but it doesn't.  You need to clear the 
+ *    browser cache to get the HTML version again.
+ *
+ * These limitations are due to IE making inconsistent choices
+ * about which "Accept:" header to send.
+ */
+#undef FEATURE_IMAGE_DETECT_MSIE
+
+/*
+ * Kills JavaScript popups - window.open, onunload, etc.
+ */
+#undef FEATURE_KILL_POPUPS
+
+/*
+ * Use PNG instead of GIF for built-in images
+ */
+#undef FEATURE_NO_GIFS
+
+/*
+ * Allow to shutdown Privoxy through the webinterface.
+ */
+#undef FEATURE_GRACEFUL_TERMINATION
+
+/*
+ * Allow PCRE syntax in host patterns.
+ */
+#undef FEATURE_EXTENDED_HOST_PATTERNS
+
+/*
+ * Keep outgoing connections alive if possible.
+ */
+#undef FEATURE_CONNECTION_KEEP_ALIVE
+
+/*
+ * Use POSIX threads instead of native threads.
+ */
+#undef FEATURE_PTHREAD
+
+/*
+ * Enables statistics function.
+ */
+#undef FEATURE_STATISTICS
+
+/*
+ * Allow Privoxy to be "disabled" so it is just a normal non-blocking
+ * non-anonymizing proxy.  This is useful if you're trying to access a
+ * blocked or broken site - just change the setting in the config file,
+ * or use the handy "Disable" menu option in the Windows GUI.
+ */
+#undef FEATURE_TOGGLE
+
+/*
+ * Allows the use of trust files.
+ */
+#undef FEATURE_TRUST
+
+/*
+ * Defined on Solaris only.  Makes the system libraries thread safe.
+ */
+#undef _REENTRANT
+
+/*
+ * Defined on Solaris only.  Without this, many important functions are not
+ * defined in the system headers.
+ */
+#undef __EXTENSIONS__
+
+/*
+ * Defined always.
+ * FIXME: Don't know what it does or why we need it.
+ * (presumably something to do with MultiThreading?)
+ */
+#undef __MT__
+
+/* If the (nonstandard and thread-safe) function gethostbyname_r
+ * is available, select which signature to use
+ */
+#undef HAVE_GETHOSTBYNAME_R_6_ARGS
+#undef HAVE_GETHOSTBYNAME_R_5_ARGS
+#undef HAVE_GETHOSTBYNAME_R_3_ARGS
+
+/* If the (nonstandard and thread-safe) function gethostbyaddr_r
+ * is available, select which signature to use
+ */
+#undef HAVE_GETHOSTBYADDR_R_8_ARGS
+#undef HAVE_GETHOSTBYADDR_R_7_ARGS
+#undef HAVE_GETHOSTBYADDR_R_5_ARGS
+
+/* Defined if you have gmtime_r and localtime_r with a signature
+ * of (struct time *, struct tm *)
+ */
+#undef HAVE_GMTIME_R
+#undef HAVE_LOCALTIME_R
+
+/* Define to 'int' if <sys/socket.h> doesn't have it. 
+ */
+#undef socklen_t
+
+/* Define if pcre.h must be included as <pcre/pcre.h>
+ */
+#undef PCRE_H_IN_SUBDIR
+
+/* Define if pcreposix.h must be included as <pcre/pcreposix.h>
+ */
+#undef PCREPOSIX_H_IN_SUBDIR
+
+
+/* Define to 1 to use compression through the zlib library. */
+#undef FEATURE_ZLIB
+
+/* Define to 1 if you have the `access' function. */
+#undef HAVE_ACCESS
+
+/* Define to 1 if you have the <arpa/inet.h> header file. */
+#undef HAVE_ARPA_INET_H
+
+/* Define to 1 if you have the `atexit' function. */
+#undef HAVE_ATEXIT
+
+/* Define to 1 if you have the `bcopy' function. */
+#undef HAVE_BCOPY
+
+/* Define to 1 if you have the <dirent.h> header file, and it defines `DIR'.
+   */
+#undef HAVE_DIRENT_H
+
+/* Define to 1 if you have the <errno.h> header file. */
+#undef HAVE_ERRNO_H
+
+/* Define to 1 if you have the <fcntl.h> header file. */
+#undef HAVE_FCNTL_H
+
+/* Define to 1 if you have the `getcwd' function. */
+#undef HAVE_GETCWD
+
+/* Define to 1 if you have the `gethostbyaddr' function. */
+#undef HAVE_GETHOSTBYADDR
+
+/* Define to 1 if you have the `gethostbyaddr_r' function. */
+#undef HAVE_GETHOSTBYADDR_R
+
+/* Define to 1 if you have the `gethostbyname' function. */
+#undef HAVE_GETHOSTBYNAME
+
+/* Define to 1 if you have the `gethostbyname_r' function. */
+#undef HAVE_GETHOSTBYNAME_R
+
+/* Define to 1 if you have the `gettimeofday' function. */
+#undef HAVE_GETTIMEOFDAY
+
+/* Define to 1 if you have the `inet_ntoa' function. */
+#undef HAVE_INET_NTOA
+
+/* Define to 1 if you have the <inttypes.h> header file. */
+#undef HAVE_INTTYPES_H
+
+/* Define to 1 if you have the `nsl' library (-lnsl). */
+#undef HAVE_LIBNSL
+
+/* Define to 1 if you have the <limits.h> header file. */
+#undef HAVE_LIMITS_H
+
+/* Define to 1 if you have the <locale.h> header file. */
+#undef HAVE_LOCALE_H
+
+/* Define to 1 if you have the `localtime_r' function. */
+#undef HAVE_LOCALTIME_R
+
+/* Define to 1 if you have the `memchr' function. */
+#undef HAVE_MEMCHR
+
+/* Define to 1 if you have the `memmove' function. */
+#undef HAVE_MEMMOVE
+
+/* Define to 1 if you have the <memory.h> header file. */
+#undef HAVE_MEMORY_H
+
+/* Define to 1 if you have the `memset' function. */
+#undef HAVE_MEMSET
+
+/* Define to 1 if you have the <ndir.h> header file, and it defines `DIR'. */
+#undef HAVE_NDIR_H
+
+/* Define to 1 if you have the <netdb.h> header file. */
+#undef HAVE_NETDB_H
+
+/* Define to 1 if you have the <netinet/in.h> header file. */
+#undef HAVE_NETINET_IN_H
+
+/* Define to 1 if you have the <OS.h> header file. */
+#undef HAVE_OS_H
+
+/* Define to 1 if you have the `poll' function. */
+#undef HAVE_POLL
+
+/* Define to 1 if you have the `putenv' function. */
+#undef HAVE_PUTENV
+
+/* Define to 1 if you have the `random' function. */
+#undef HAVE_RANDOM
+
+/* Define to 1 if you have the `regcomp' function. */
+#undef HAVE_REGCOMP
+
+/* Define to 1 if you have the `select' function. */
+#undef HAVE_SELECT
+
+/* Define to 1 if you have the `setlocale' function. */
+#undef HAVE_SETLOCALE
+
+/* Define to 1 if you have the `snprintf' function. */
+#undef HAVE_SNPRINTF
+
+/* Define to 1 if you have the `socket' function. */
+#undef HAVE_SOCKET
+
+/* Define to 1 if you have the <stddef.h> header file. */
+#undef HAVE_STDDEF_H
+
+/* Define to 1 if you have the <stdint.h> header file. */
+#undef HAVE_STDINT_H
+
+/* Define to 1 if you have the <stdlib.h> header file. */
+#undef HAVE_STDLIB_H
+
+/* Define to 1 if you have the `strchr' function. */
+#undef HAVE_STRCHR
+
+/* Define to 1 if you have the `strdup' function. */
+#undef HAVE_STRDUP
+
+/* Define to 1 if you have the `strerror' function. */
+#undef HAVE_STRERROR
+
+/* Define to 1 if you have the `strftime' function. */
+#undef HAVE_STRFTIME
+
+/* Define to 1 if you have the <strings.h> header file. */
+#undef HAVE_STRINGS_H
+
+/* Define to 1 if you have the <string.h> header file. */
+#undef HAVE_STRING_H
+
+/* Define to 1 if you have the `strlcat' function. */
+#undef HAVE_STRLCAT
+
+/* Define to 1 if you have the `strlcpy' function. */
+#undef HAVE_STRLCPY
+
+/* Define to 1 if you have the `strptime' function. */
+#undef HAVE_STRPTIME
+
+/* Define to 1 if you have the `strstr' function. */
+#undef HAVE_STRSTR
+
+/* Define to 1 if you have the `strtoul' function. */
+#undef HAVE_STRTOUL
+
+/* Define to 1 if you have the <sys/dir.h> header file, and it defines `DIR'.
+   */
+#undef HAVE_SYS_DIR_H
+
+/* Define to 1 if you have the <sys/ioctl.h> header file. */
+#undef HAVE_SYS_IOCTL_H
+
+/* Define to 1 if you have the <sys/ndir.h> header file, and it defines `DIR'.
+   */
+#undef HAVE_SYS_NDIR_H
+
+/* Define to 1 if you have the <sys/socket.h> header file. */
+#undef HAVE_SYS_SOCKET_H
+
+/* Define to 1 if you have the <sys/stat.h> header file. */
+#undef HAVE_SYS_STAT_H
+
+/* Define to 1 if you have the <sys/timeb.h> header file. */
+#undef HAVE_SYS_TIMEB_H
+
+/* Define to 1 if you have the <sys/time.h> header file. */
+#undef HAVE_SYS_TIME_H
+
+/* Define to 1 if you have the <sys/types.h> header file. */
+#undef HAVE_SYS_TYPES_H
+
+/* Define to 1 if you have the <sys/wait.h> header file. */
+#undef HAVE_SYS_WAIT_H
+
+/* Define to 1 if you have the `timegm' function. */
+#undef HAVE_TIMEGM
+
+/* Define to 1 if you have the `tzset' function. */
+#undef HAVE_TZSET
+
+/* Define to 1 if you have the <unistd.h> header file. */
+#undef HAVE_UNISTD_H
+
+/* Define to the address where bug reports for this package should be sent. */
+#undef PACKAGE_BUGREPORT
+
+/* Define to the full name of this package. */
+#undef PACKAGE_NAME
+
+/* Define to the full name and version of this package. */
+#undef PACKAGE_STRING
+
+/* Define to the one symbol short name of this package. */
+#undef PACKAGE_TARNAME
+
+/* Define to the home page for this package. */
+#undef PACKAGE_URL
+
+/* Define to the version of this package. */
+#undef PACKAGE_VERSION
+
+/* Define as the return type of signal handlers (`int' or `void'). */
+#undef RETSIGTYPE
+
+/* Define to 1 if the `setpgrp' function takes no argument. */
+#undef SETPGRP_VOID
+
+/* The size of `char *', as computed by sizeof. */
+#undef SIZEOF_CHAR_P
+
+/* The size of `int', as computed by sizeof. */
+#undef SIZEOF_INT
+
+/* The size of `long', as computed by sizeof. */
+#undef SIZEOF_LONG
+
+/* The size of `long long', as computed by sizeof. */
+#undef SIZEOF_LONG_LONG
+
+/* The size of `size_t', as computed by sizeof. */
+#undef SIZEOF_SIZE_T
+
+/* Define to 1 if you have the ANSI C header files. */
+#undef STDC_HEADERS
+
+/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
+#undef TIME_WITH_SYS_TIME
+
+/* Define to 1 if your <sys/time.h> declares `struct tm'. */
+#undef TM_IN_SYS_TIME
+
+/* Define to empty if `const' does not conform to ANSI C. */
+#undef const
+
+/* Define to `int' if <sys/types.h> does not define. */
+#undef pid_t
+
+/* Define to `unsigned int' if <sys/types.h> does not define. */
+#undef size_t
+
+/* Define to 'int' if <sys/socket.h> doesn't have it. */
+#undef socklen_t
+
+/*
+ * Defined always.
+ * FIXME: Don't know what it does or why we need it.
+ * (presumably something to do with ANSI Standard C?)
+ */
+#ifndef __STDC__
+#define __STDC__ 1
+#endif /* ndef __STDC__ */
+
+/*
+ * Need to set up this define only for the Pthreads library for
+ * Win32, available from http://sources.redhat.com/pthreads-win32/
+ */
+#if defined(FEATURE_PTHREAD) && defined(_WIN32)
+#define __CLEANUP_C
+#endif /* defined(FEATURE_PTHREAD) && defined(_WIN32) */
+
+/*
+ * BEOS does not currently support POSIX threads.
+ * This *should* be detected by ./configure, but let's be sure.
+ */
+#if defined(FEATURE_PTHREAD) && defined(__BEOS__)
+#error BEOS does not support pthread - please run ./configure again with "--disable-pthread"
+
+#endif /* defined(FEATURE_PTHREAD) && defined(__BEOS__) */
+
+/*
+ * On OpenBSD and maybe also FreeBSD, gcc doesn't define the cpp
+ * symbol unix; it defines __unix__ and sometimes not even that:
+ */
+#if ( defined(__unix__) || defined(__NetBSD__) ) && !defined(unix)
+#define unix 1
+#endif
+
+/*
+ * It's too easy to accidentally use a Cygwin or MinGW32 version of config.h
+ * under VC++, and it usually gives many wierd error messages.  Let's make
+ * the error messages understandable, by bailing out now.
+ */
+#ifdef _MSC_VER
+#error For MS VC++, please use vc_config_winthreads.h or vc_config_pthreads.h.  You can usually do this by selecting the "Build", "Clean" menu option.
+#endif /* def _MSC_VER */
+
+#endif /* CONFIG_H_INCLUDED */
diff --git a/external/privoxy/config.log b/external/privoxy/config.log
new file mode 100644
index 0000000..3546917
--- /dev/null
+++ b/external/privoxy/config.log
@@ -0,0 +1,3125 @@
+This file contains any messages produced by compilers while
+running configure, to aid debugging if configure makes a mistake.
+
+It was created by configure, which was
+generated by GNU Autoconf 2.68.  Invocation command line was
+
+  $ ./configure --host=arm-linux-eabi --build= --prefix=/home/n8fr8/dev/android/ndk/my-android-toolchain --disable-pthread
+
+## --------- ##
+## Platform. ##
+## --------- ##
+
+hostname = didactic
+uname -m = i686
+uname -r = 3.3.0-030300-generic
+uname -s = Linux
+uname -v = #201203182135 SMP Mon Mar 19 01:43:18 UTC 2012
+
+/usr/bin/uname -p = unknown
+/bin/uname -X     = unknown
+
+/bin/arch              = unknown
+/usr/bin/arch -k       = unknown
+/usr/convex/getsysinfo = unknown
+/usr/bin/hostinfo      = unknown
+/bin/machine           = unknown
+/usr/bin/oslevel       = unknown
+/bin/universe          = unknown
+
+PATH: /home/n8fr8/dev/android/ndk/my-android-toolchain/bin/
+PATH: /home/n8fr8/bin
+PATH: /usr/lib/lightdm/lightdm
+PATH: /usr/local/sbin
+PATH: /usr/local/bin
+PATH: /usr/sbin
+PATH: /usr/bin
+PATH: /sbin
+PATH: /bin
+PATH: /usr/games
+PATH: /home/n8fr8/dev/android/tools
+PATH: /home/n8fr8/dev/android/platform-tools
+PATH: /home/n8fr8/dev/android/ndk
+PATH: /home/n8fr8/bin
+
+
+## ----------- ##
+## Core tests. ##
+## ----------- ##
+
+configure:2443: checking build system type
+configure:2457: result: i686-pc-linux-gnulibc1
+configure:2477: checking host system type
+configure:2490: result: arm-linux-eabi
+configure:2583: checking for arm-linux-eabi-gcc
+configure:2610: result: arm-linux-androideabi-gcc
+configure:2879: checking for C compiler version
+configure:2888: arm-linux-androideabi-gcc --version >&5
+arm-linux-androideabi-gcc (GCC) 4.4.3
+Copyright (C) 2009 Free Software Foundation, Inc.
+This is free software; see the source for copying conditions.  There is NO
+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+configure:2899: $? = 0
+configure:2888: arm-linux-androideabi-gcc -v >&5
+Using built-in specs.
+Target: arm-linux-androideabi
+Configured with: /tmp/ndk-digit/src/build/../gcc/gcc-4.4.3/configure --prefix=/opt/digit/repo/master/ndk/toolchains/arm-linux-androideabi-4.4.3/prebuilt/linux-x86 --target=arm-linux-androideabi --host=x86_64-linux-gnu --build=x86_64-linux-gnu --with-gnu-as --with-gnu-ld --enable-languages=c,c++ --with-gmp=/tmp/ndk-digit/build/toolchain/temp-install --with-mpfr=/tmp/ndk-digit/build/toolchain/temp-install --disable-libssp --enable-threads --disable-nls --disable-libmudflap --disable-libgomp --disable-libstdc__-v3 --disable-sjlj-exceptions --disable-shared --disable-tls --with-float=soft --with-fpu=vfp --with-arch=armv5te --enable-target-optspace --enable-initfini-array --disable-nls --prefix=/opt/digit/repo/master/ndk/toolchains/arm-linux-androideabi-4.4.3/prebuilt/linux-x86 --with-sysroot=/opt/digit/repo/master/ndk/toolchains/arm-linux-androideabi-4.4.3/prebuilt/linux-x86/sysroot --with-binutils-version=2.19 --with-mpfr-version=2.4.1 --with-mpc-version=0.8.1 --with-gmp-versio
 n=4.2.4 --with-gcc-version=4.4.3 --with-gdb-version=6.6 --disable-bootstrap --disable-libquadmath --disable-plugin --with-arch=armv5te --program-transform-name='s,^,arm-linux-androideabi-,'
+Thread model: posix
+gcc version 4.4.3 (GCC) 
+configure:2899: $? = 0
+configure:2888: arm-linux-androideabi-gcc -V >&5
+arm-linux-androideabi-gcc: '-V' option must have argument
+configure:2899: $? = 1
+configure:2888: arm-linux-androideabi-gcc -qversion >&5
+arm-linux-androideabi-gcc: unrecognized option '-qversion'
+arm-linux-androideabi-gcc: no input files
+configure:2899: $? = 1
+configure:2919: checking whether the C compiler works
+configure:2941: arm-linux-androideabi-gcc   --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  >&5
+configure:2945: $? = 0
+configure:2993: result: yes
+configure:2996: checking for C compiler default output file name
+configure:2998: result: a.out
+configure:3004: checking for suffix of executables
+configure:3011: arm-linux-androideabi-gcc -o conftest   --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  >&5
+configure:3015: $? = 0
+configure:3037: result: 
+configure:3059: checking whether we are cross compiling
+configure:3067: arm-linux-androideabi-gcc -o conftest   --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  >&5
+configure:3071: $? = 0
+configure:3078: ./conftest
+./configure: line 3080: ./conftest: cannot execute binary file
+configure:3082: $? = 126
+configure:3097: result: yes
+configure:3102: checking for suffix of object files
+configure:3124: arm-linux-androideabi-gcc -c   --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c >&5
+configure:3128: $? = 0
+configure:3149: result: o
+configure:3153: checking whether we are using the GNU C compiler
+configure:3172: arm-linux-androideabi-gcc -c   --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c >&5
+configure:3172: $? = 0
+configure:3181: result: yes
+configure:3190: checking whether arm-linux-androideabi-gcc accepts -g
+configure:3210: arm-linux-androideabi-gcc -c -g --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c >&5
+configure:3210: $? = 0
+configure:3251: result: yes
+configure:3268: checking for arm-linux-androideabi-gcc option to accept ISO C89
+configure:3332: arm-linux-androideabi-gcc  -c   --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c >&5
+configure:3332: $? = 0
+configure:3345: result: none needed
+configure:3370: checking how to run the C preprocessor
+configure:3401: arm-linux-androideabi-gcc -E --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c
+configure:3401: $? = 0
+configure:3415: arm-linux-androideabi-gcc -E --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c
+conftest.c:14:28: error: ac_nonexistent.h: No such file or directory
+configure:3415: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| /* end confdefs.h.  */
+| #include <ac_nonexistent.h>
+configure:3440: result: arm-linux-androideabi-gcc -E
+configure:3460: arm-linux-androideabi-gcc -E --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c
+configure:3460: $? = 0
+configure:3474: arm-linux-androideabi-gcc -E --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c
+conftest.c:14:28: error: ac_nonexistent.h: No such file or directory
+configure:3474: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| /* end confdefs.h.  */
+| #include <ac_nonexistent.h>
+configure:3516: checking for a BSD-compatible install
+configure:3584: result: /usr/bin/install -c
+configure:3595: checking whether ln -s works
+configure:3599: result: yes
+configure:3606: checking whether make sets $(MAKE)
+configure:3628: result: yes
+configure:3641: checking for gawk
+configure:3671: result: no
+configure:3641: checking for mawk
+configure:3657: found /usr/bin/mawk
+configure:3668: result: mawk
+configure:3682: checking for gdb
+configure:3698: found /usr/bin/gdb
+configure:3710: result: yes
+configure:3720: checking for groups
+configure:3739: found /usr/bin/groups
+configure:3752: result: /usr/bin/groups
+configure:3762: checking for id
+configure:3781: found /usr/bin/id
+configure:3794: result: /usr/bin/id
+configure:3846: WARNING: There is no user 'privoxy' on this system
+configure:3849: checking for user
+configure:3877: result: none specified
+configure:3887: checking for group
+configure:3921: result: none specified
+configure:4104: checking for rpm
+configure:4120: found /usr/bin/rpm
+configure:4131: result: rpm
+configure:4155: checking for jade
+configure:4185: result: no
+configure:4155: checking for openjade
+configure:4185: result: no
+configure:4200: checking for man2html
+configure:4230: result: no
+configure:4299: checking for grep that handles long lines and -e
+configure:4357: result: /bin/grep
+configure:4362: checking for egrep
+configure:4424: result: /bin/grep -E
+configure:4429: checking for ANSI C header files
+configure:4449: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:4449: $? = 0
+configure:4533: result: yes
+configure:4546: checking for sys/types.h
+configure:4546: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:4546: $? = 0
+configure:4546: result: yes
+configure:4546: checking for sys/stat.h
+configure:4546: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:4546: $? = 0
+configure:4546: result: yes
+configure:4546: checking for stdlib.h
+configure:4546: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:4546: $? = 0
+configure:4546: result: yes
+configure:4546: checking for string.h
+configure:4546: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:4546: $? = 0
+configure:4546: result: yes
+configure:4546: checking for memory.h
+configure:4546: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:4546: $? = 0
+configure:4546: result: yes
+configure:4546: checking for strings.h
+configure:4546: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:4546: $? = 0
+configure:4546: result: yes
+configure:4546: checking for inttypes.h
+configure:4546: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:4546: $? = 0
+configure:4546: result: yes
+configure:4546: checking for stdint.h
+configure:4546: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:4546: $? = 0
+configure:4546: result: yes
+configure:4546: checking for unistd.h
+configure:4546: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:4546: $? = 0
+configure:4546: result: yes
+configure:4558: checking pthread.h usability
+configure:4558: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:4558: $? = 0
+configure:4558: result: yes
+configure:4558: checking pthread.h presence
+configure:4558: arm-linux-androideabi-gcc -E --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include  conftest.c
+configure:4558: $? = 0
+configure:4558: result: yes
+configure:4558: checking for pthread.h
+configure:4558: result: yes
+configure:4572: WARNING: pthreads seem to be available but you are using --disable-pthread.
+configure:4574: WARNING: This is almost always a mistake and can render Privoxy unacceptable slow.
+configure:4624: checking for gethostbyname in -lnsl
+configure:4649: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c -lnsl   1>&5
+/home/n8fr8/dev/android/ndk/my-android-toolchain/bin/../lib/gcc/arm-linux-androideabi/4.4.3/../../../../arm-linux-androideabi/bin/ld: cannot find -lnsl
+collect2: ld returned 1 exit status
+configure:4649: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| /* end confdefs.h.  */
+| 
+| /* Override any GCC internal prototype to avoid an error.
+|    Use char because int might match the return type of a GCC
+|    builtin and then its argument prototype would still apply.  */
+| #ifdef __cplusplus
+| extern "C"
+| #endif
+| char gethostbyname ();
+| int
+| main ()
+| {
+| return gethostbyname ();
+|   ;
+|   return 0;
+| }
+configure:4658: result: no
+configure:4670: checking for gethostbyaddr_r
+configure:4670: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+/tmp/ccoMoDoy.o: In function `main':
+conftest.c:(.text+0x4): undefined reference to `gethostbyaddr_r'
+collect2: ld returned 1 exit status
+configure:4670: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| /* end confdefs.h.  */
+| /* Define gethostbyaddr_r to an innocuous variant, in case <limits.h> declares gethostbyaddr_r.
+|    For example, HP-UX 11i <limits.h> declares gettimeofday.  */
+| #define gethostbyaddr_r innocuous_gethostbyaddr_r
+| 
+| /* System header to define __stub macros and hopefully few prototypes,
+|     which can conflict with char gethostbyaddr_r (); below.
+|     Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+|     <limits.h> exists even on freestanding compilers.  */
+| 
+| #ifdef __STDC__
+| # include <limits.h>
+| #else
+| # include <assert.h>
+| #endif
+| 
+| #undef gethostbyaddr_r
+| 
+| /* Override any GCC internal prototype to avoid an error.
+|    Use char because int might match the return type of a GCC
+|    builtin and then its argument prototype would still apply.  */
+| #ifdef __cplusplus
+| extern "C"
+| #endif
+| char gethostbyaddr_r ();
+| /* The GNU C library defines this for functions which it implements
+|     to always fail with ENOSYS.  Some functions are actually named
+|     something starting with __ and the normal name is an alias.  */
+| #if defined __stub_gethostbyaddr_r || defined __stub___gethostbyaddr_r
+| choke me
+| #endif
+| 
+| int
+| main ()
+| {
+| return gethostbyaddr_r ();
+|   ;
+|   return 0;
+| }
+configure:4670: result: no
+configure:4771: result: no
+configure:4777: checking for gethostbyname_r
+configure:4777: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:4777: $? = 0
+configure:4777: result: yes
+configure:4780: checking signature of gethostbyname_r
+configure:4800: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:4800: $? = 0
+configure:4804: result: 6 args
+configure:4883: checking for gmtime_r
+configure:4883: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:4883: $? = 0
+configure:4883: result: yes
+configure:4886: checking signature of gmtime_r
+configure:4905: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:34: warning: passing argument 1 of 'gmtime_r' from incompatible pointer type
+/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include/time.h:77: note: expected 'const time_t *' but argument is of type 'struct time *'
+configure:4905: $? = 0
+configure:4907: result: ok
+configure:4928: checking for localtime_r
+configure:4928: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:4928: $? = 0
+configure:4928: result: yes
+configure:4931: checking signature of localtime_r
+configure:4950: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:35: warning: passing argument 1 of 'localtime_r' from incompatible pointer type
+/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include/time.h:74: note: expected 'const time_t *' but argument is of type 'struct time *'
+configure:4950: $? = 0
+configure:4952: result: ok
+configure:4996: checking for socklen_t
+configure:5005: result: yes
+configure:5051: checking for ANSI C header files
+configure:5155: result: yes
+configure:5166: checking for dirent.h that defines DIR
+configure:5185: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5185: $? = 0
+configure:5193: result: yes
+configure:5206: checking for library containing opendir
+configure:5237: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5237: $? = 0
+configure:5254: result: none required
+configure:5321: checking for an ANSI C-conforming const
+configure:5386: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5386: $? = 0
+configure:5393: result: yes
+configure:5401: checking for size_t
+configure:5401: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5401: $? = 0
+configure:5401: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:65: error: expected expression before ')' token
+configure:5401: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| /* end confdefs.h.  */
+| #include <stdio.h>
+| #ifdef HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #ifdef HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #ifdef STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # ifdef HAVE_STDLIB_H
+| #  include <stdlib.h>
+| # endif
+| #endif
+| #ifdef HAVE_STRING_H
+| # if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+| #  include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #ifdef HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #ifdef HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #endif
+| #ifdef HAVE_STDINT_H
+| # include <stdint.h>
+| #endif
+| #ifdef HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| int
+| main ()
+| {
+| if (sizeof ((size_t)))
+| 	    return 0;
+|   ;
+|   return 0;
+| }
+configure:5401: result: yes
+configure:5412: checking for pid_t
+configure:5412: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5412: $? = 0
+configure:5412: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:65: error: expected expression before ')' token
+configure:5412: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| /* end confdefs.h.  */
+| #include <stdio.h>
+| #ifdef HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #ifdef HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #ifdef STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # ifdef HAVE_STDLIB_H
+| #  include <stdlib.h>
+| # endif
+| #endif
+| #ifdef HAVE_STRING_H
+| # if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+| #  include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #ifdef HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #ifdef HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #endif
+| #ifdef HAVE_STDINT_H
+| # include <stdint.h>
+| #endif
+| #ifdef HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| int
+| main ()
+| {
+| if (sizeof ((pid_t)))
+| 	    return 0;
+|   ;
+|   return 0;
+| }
+configure:5412: result: yes
+configure:5423: checking whether time.h and sys/time.h may both be included
+configure:5443: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5443: $? = 0
+configure:5450: result: yes
+configure:5458: checking whether struct tm is in sys/time.h or time.h
+configure:5478: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5478: $? = 0
+configure:5485: result: time.h
+configure:5497: checking size of int
+configure:5502: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5502: $? = 0
+configure:5502: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:66: error: size of array 'test_array' is negative
+configure:5502: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| /* end confdefs.h.  */
+| #include <stdio.h>
+| #ifdef HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #ifdef HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #ifdef STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # ifdef HAVE_STDLIB_H
+| #  include <stdlib.h>
+| # endif
+| #endif
+| #ifdef HAVE_STRING_H
+| # if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+| #  include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #ifdef HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #ifdef HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #endif
+| #ifdef HAVE_STDINT_H
+| # include <stdint.h>
+| #endif
+| #ifdef HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| int
+| main ()
+| {
+| static int test_array [1 - 2 * !(((long int) (sizeof (int))) <= 0)];
+| test_array [0] = 0
+| 
+|   ;
+|   return 0;
+| }
+configure:5502: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:66: error: size of array 'test_array' is negative
+configure:5502: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| /* end confdefs.h.  */
+| #include <stdio.h>
+| #ifdef HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #ifdef HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #ifdef STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # ifdef HAVE_STDLIB_H
+| #  include <stdlib.h>
+| # endif
+| #endif
+| #ifdef HAVE_STRING_H
+| # if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+| #  include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #ifdef HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #ifdef HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #endif
+| #ifdef HAVE_STDINT_H
+| # include <stdint.h>
+| #endif
+| #ifdef HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| int
+| main ()
+| {
+| static int test_array [1 - 2 * !(((long int) (sizeof (int))) <= 1)];
+| test_array [0] = 0
+| 
+|   ;
+|   return 0;
+| }
+configure:5502: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:66: error: size of array 'test_array' is negative
+configure:5502: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| /* end confdefs.h.  */
+| #include <stdio.h>
+| #ifdef HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #ifdef HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #ifdef STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # ifdef HAVE_STDLIB_H
+| #  include <stdlib.h>
+| # endif
+| #endif
+| #ifdef HAVE_STRING_H
+| # if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+| #  include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #ifdef HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #ifdef HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #endif
+| #ifdef HAVE_STDINT_H
+| # include <stdint.h>
+| #endif
+| #ifdef HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| int
+| main ()
+| {
+| static int test_array [1 - 2 * !(((long int) (sizeof (int))) <= 3)];
+| test_array [0] = 0
+| 
+|   ;
+|   return 0;
+| }
+configure:5502: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5502: $? = 0
+configure:5502: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5502: $? = 0
+configure:5502: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5502: $? = 0
+configure:5516: result: 4
+configure:5530: checking size of char *
+configure:5535: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5535: $? = 0
+configure:5535: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:67: error: size of array 'test_array' is negative
+configure:5535: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| /* end confdefs.h.  */
+| #include <stdio.h>
+| #ifdef HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #ifdef HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #ifdef STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # ifdef HAVE_STDLIB_H
+| #  include <stdlib.h>
+| # endif
+| #endif
+| #ifdef HAVE_STRING_H
+| # if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+| #  include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #ifdef HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #ifdef HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #endif
+| #ifdef HAVE_STDINT_H
+| # include <stdint.h>
+| #endif
+| #ifdef HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| int
+| main ()
+| {
+| static int test_array [1 - 2 * !(((long int) (sizeof (char *))) <= 0)];
+| test_array [0] = 0
+| 
+|   ;
+|   return 0;
+| }
+configure:5535: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:67: error: size of array 'test_array' is negative
+configure:5535: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| /* end confdefs.h.  */
+| #include <stdio.h>
+| #ifdef HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #ifdef HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #ifdef STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # ifdef HAVE_STDLIB_H
+| #  include <stdlib.h>
+| # endif
+| #endif
+| #ifdef HAVE_STRING_H
+| # if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+| #  include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #ifdef HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #ifdef HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #endif
+| #ifdef HAVE_STDINT_H
+| # include <stdint.h>
+| #endif
+| #ifdef HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| int
+| main ()
+| {
+| static int test_array [1 - 2 * !(((long int) (sizeof (char *))) <= 1)];
+| test_array [0] = 0
+| 
+|   ;
+|   return 0;
+| }
+configure:5535: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:67: error: size of array 'test_array' is negative
+configure:5535: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| /* end confdefs.h.  */
+| #include <stdio.h>
+| #ifdef HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #ifdef HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #ifdef STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # ifdef HAVE_STDLIB_H
+| #  include <stdlib.h>
+| # endif
+| #endif
+| #ifdef HAVE_STRING_H
+| # if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+| #  include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #ifdef HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #ifdef HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #endif
+| #ifdef HAVE_STDINT_H
+| # include <stdint.h>
+| #endif
+| #ifdef HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| int
+| main ()
+| {
+| static int test_array [1 - 2 * !(((long int) (sizeof (char *))) <= 3)];
+| test_array [0] = 0
+| 
+|   ;
+|   return 0;
+| }
+configure:5535: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5535: $? = 0
+configure:5535: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5535: $? = 0
+configure:5535: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5535: $? = 0
+configure:5549: result: 4
+configure:5563: checking size of long
+configure:5568: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5568: $? = 0
+configure:5568: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:68: error: size of array 'test_array' is negative
+configure:5568: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| #define SIZEOF_CHAR_P 4
+| /* end confdefs.h.  */
+| #include <stdio.h>
+| #ifdef HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #ifdef HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #ifdef STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # ifdef HAVE_STDLIB_H
+| #  include <stdlib.h>
+| # endif
+| #endif
+| #ifdef HAVE_STRING_H
+| # if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+| #  include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #ifdef HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #ifdef HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #endif
+| #ifdef HAVE_STDINT_H
+| # include <stdint.h>
+| #endif
+| #ifdef HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| int
+| main ()
+| {
+| static int test_array [1 - 2 * !(((long int) (sizeof (long))) <= 0)];
+| test_array [0] = 0
+| 
+|   ;
+|   return 0;
+| }
+configure:5568: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:68: error: size of array 'test_array' is negative
+configure:5568: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| #define SIZEOF_CHAR_P 4
+| /* end confdefs.h.  */
+| #include <stdio.h>
+| #ifdef HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #ifdef HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #ifdef STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # ifdef HAVE_STDLIB_H
+| #  include <stdlib.h>
+| # endif
+| #endif
+| #ifdef HAVE_STRING_H
+| # if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+| #  include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #ifdef HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #ifdef HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #endif
+| #ifdef HAVE_STDINT_H
+| # include <stdint.h>
+| #endif
+| #ifdef HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| int
+| main ()
+| {
+| static int test_array [1 - 2 * !(((long int) (sizeof (long))) <= 1)];
+| test_array [0] = 0
+| 
+|   ;
+|   return 0;
+| }
+configure:5568: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:68: error: size of array 'test_array' is negative
+configure:5568: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| #define SIZEOF_CHAR_P 4
+| /* end confdefs.h.  */
+| #include <stdio.h>
+| #ifdef HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #ifdef HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #ifdef STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # ifdef HAVE_STDLIB_H
+| #  include <stdlib.h>
+| # endif
+| #endif
+| #ifdef HAVE_STRING_H
+| # if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+| #  include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #ifdef HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #ifdef HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #endif
+| #ifdef HAVE_STDINT_H
+| # include <stdint.h>
+| #endif
+| #ifdef HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| int
+| main ()
+| {
+| static int test_array [1 - 2 * !(((long int) (sizeof (long))) <= 3)];
+| test_array [0] = 0
+| 
+|   ;
+|   return 0;
+| }
+configure:5568: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5568: $? = 0
+configure:5568: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5568: $? = 0
+configure:5568: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5568: $? = 0
+configure:5582: result: 4
+configure:5596: checking size of long long
+configure:5601: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5601: $? = 0
+configure:5601: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:69: error: size of array 'test_array' is negative
+configure:5601: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| #define SIZEOF_CHAR_P 4
+| #define SIZEOF_LONG 4
+| /* end confdefs.h.  */
+| #include <stdio.h>
+| #ifdef HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #ifdef HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #ifdef STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # ifdef HAVE_STDLIB_H
+| #  include <stdlib.h>
+| # endif
+| #endif
+| #ifdef HAVE_STRING_H
+| # if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+| #  include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #ifdef HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #ifdef HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #endif
+| #ifdef HAVE_STDINT_H
+| # include <stdint.h>
+| #endif
+| #ifdef HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| int
+| main ()
+| {
+| static int test_array [1 - 2 * !(((long int) (sizeof (long long))) <= 0)];
+| test_array [0] = 0
+| 
+|   ;
+|   return 0;
+| }
+configure:5601: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:69: error: size of array 'test_array' is negative
+configure:5601: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| #define SIZEOF_CHAR_P 4
+| #define SIZEOF_LONG 4
+| /* end confdefs.h.  */
+| #include <stdio.h>
+| #ifdef HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #ifdef HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #ifdef STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # ifdef HAVE_STDLIB_H
+| #  include <stdlib.h>
+| # endif
+| #endif
+| #ifdef HAVE_STRING_H
+| # if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+| #  include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #ifdef HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #ifdef HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #endif
+| #ifdef HAVE_STDINT_H
+| # include <stdint.h>
+| #endif
+| #ifdef HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| int
+| main ()
+| {
+| static int test_array [1 - 2 * !(((long int) (sizeof (long long))) <= 1)];
+| test_array [0] = 0
+| 
+|   ;
+|   return 0;
+| }
+configure:5601: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:69: error: size of array 'test_array' is negative
+configure:5601: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| #define SIZEOF_CHAR_P 4
+| #define SIZEOF_LONG 4
+| /* end confdefs.h.  */
+| #include <stdio.h>
+| #ifdef HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #ifdef HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #ifdef STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # ifdef HAVE_STDLIB_H
+| #  include <stdlib.h>
+| # endif
+| #endif
+| #ifdef HAVE_STRING_H
+| # if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+| #  include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #ifdef HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #ifdef HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #endif
+| #ifdef HAVE_STDINT_H
+| # include <stdint.h>
+| #endif
+| #ifdef HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| int
+| main ()
+| {
+| static int test_array [1 - 2 * !(((long int) (sizeof (long long))) <= 3)];
+| test_array [0] = 0
+| 
+|   ;
+|   return 0;
+| }
+configure:5601: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:69: error: size of array 'test_array' is negative
+configure:5601: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| #define SIZEOF_CHAR_P 4
+| #define SIZEOF_LONG 4
+| /* end confdefs.h.  */
+| #include <stdio.h>
+| #ifdef HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #ifdef HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #ifdef STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # ifdef HAVE_STDLIB_H
+| #  include <stdlib.h>
+| # endif
+| #endif
+| #ifdef HAVE_STRING_H
+| # if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+| #  include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #ifdef HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #ifdef HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #endif
+| #ifdef HAVE_STDINT_H
+| # include <stdint.h>
+| #endif
+| #ifdef HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| int
+| main ()
+| {
+| static int test_array [1 - 2 * !(((long int) (sizeof (long long))) <= 7)];
+| test_array [0] = 0
+| 
+|   ;
+|   return 0;
+| }
+configure:5601: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5601: $? = 0
+configure:5601: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5601: $? = 0
+configure:5601: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5601: $? = 0
+configure:5601: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5601: $? = 0
+configure:5615: result: 8
+configure:5629: checking size of size_t
+configure:5634: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5634: $? = 0
+configure:5634: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:70: error: size of array 'test_array' is negative
+configure:5634: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| #define SIZEOF_CHAR_P 4
+| #define SIZEOF_LONG 4
+| #define SIZEOF_LONG_LONG 8
+| /* end confdefs.h.  */
+| #include <stdio.h>
+| #ifdef HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #ifdef HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #ifdef STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # ifdef HAVE_STDLIB_H
+| #  include <stdlib.h>
+| # endif
+| #endif
+| #ifdef HAVE_STRING_H
+| # if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+| #  include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #ifdef HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #ifdef HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #endif
+| #ifdef HAVE_STDINT_H
+| # include <stdint.h>
+| #endif
+| #ifdef HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| int
+| main ()
+| {
+| static int test_array [1 - 2 * !(((long int) (sizeof (size_t))) <= 0)];
+| test_array [0] = 0
+| 
+|   ;
+|   return 0;
+| }
+configure:5634: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:70: error: size of array 'test_array' is negative
+configure:5634: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| #define SIZEOF_CHAR_P 4
+| #define SIZEOF_LONG 4
+| #define SIZEOF_LONG_LONG 8
+| /* end confdefs.h.  */
+| #include <stdio.h>
+| #ifdef HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #ifdef HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #ifdef STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # ifdef HAVE_STDLIB_H
+| #  include <stdlib.h>
+| # endif
+| #endif
+| #ifdef HAVE_STRING_H
+| # if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+| #  include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #ifdef HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #ifdef HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #endif
+| #ifdef HAVE_STDINT_H
+| # include <stdint.h>
+| #endif
+| #ifdef HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| int
+| main ()
+| {
+| static int test_array [1 - 2 * !(((long int) (sizeof (size_t))) <= 1)];
+| test_array [0] = 0
+| 
+|   ;
+|   return 0;
+| }
+configure:5634: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:70: error: size of array 'test_array' is negative
+configure:5634: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| #define SIZEOF_CHAR_P 4
+| #define SIZEOF_LONG 4
+| #define SIZEOF_LONG_LONG 8
+| /* end confdefs.h.  */
+| #include <stdio.h>
+| #ifdef HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #ifdef HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #ifdef STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # ifdef HAVE_STDLIB_H
+| #  include <stdlib.h>
+| # endif
+| #endif
+| #ifdef HAVE_STRING_H
+| # if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+| #  include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #ifdef HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #ifdef HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #endif
+| #ifdef HAVE_STDINT_H
+| # include <stdint.h>
+| #endif
+| #ifdef HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| int
+| main ()
+| {
+| static int test_array [1 - 2 * !(((long int) (sizeof (size_t))) <= 3)];
+| test_array [0] = 0
+| 
+|   ;
+|   return 0;
+| }
+configure:5634: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5634: $? = 0
+configure:5634: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5634: $? = 0
+configure:5634: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5634: $? = 0
+configure:5648: result: 4
+configure:5662: checking OS.h usability
+configure:5662: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c:68:16: error: OS.h: No such file or directory
+configure:5662: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| #define SIZEOF_CHAR_P 4
+| #define SIZEOF_LONG 4
+| #define SIZEOF_LONG_LONG 8
+| #define SIZEOF_SIZE_T 4
+| /* end confdefs.h.  */
+| #include <stdio.h>
+| #ifdef HAVE_SYS_TYPES_H
+| # include <sys/types.h>
+| #endif
+| #ifdef HAVE_SYS_STAT_H
+| # include <sys/stat.h>
+| #endif
+| #ifdef STDC_HEADERS
+| # include <stdlib.h>
+| # include <stddef.h>
+| #else
+| # ifdef HAVE_STDLIB_H
+| #  include <stdlib.h>
+| # endif
+| #endif
+| #ifdef HAVE_STRING_H
+| # if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+| #  include <memory.h>
+| # endif
+| # include <string.h>
+| #endif
+| #ifdef HAVE_STRINGS_H
+| # include <strings.h>
+| #endif
+| #ifdef HAVE_INTTYPES_H
+| # include <inttypes.h>
+| #endif
+| #ifdef HAVE_STDINT_H
+| # include <stdint.h>
+| #endif
+| #ifdef HAVE_UNISTD_H
+| # include <unistd.h>
+| #endif
+| #include <OS.h>
+configure:5662: result: no
+configure:5662: checking OS.h presence
+configure:5662: arm-linux-androideabi-gcc -E --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include  conftest.c
+conftest.c:35:16: error: OS.h: No such file or directory
+configure:5662: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| #define SIZEOF_CHAR_P 4
+| #define SIZEOF_LONG 4
+| #define SIZEOF_LONG_LONG 8
+| #define SIZEOF_SIZE_T 4
+| /* end confdefs.h.  */
+| #include <OS.h>
+configure:5662: result: no
+configure:5662: checking for OS.h
+configure:5662: result: no
+configure:5662: checking arpa/inet.h usability
+configure:5662: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking arpa/inet.h presence
+configure:5662: arm-linux-androideabi-gcc -E --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include  conftest.c
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking for arpa/inet.h
+configure:5662: result: yes
+configure:5662: checking errno.h usability
+configure:5662: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking errno.h presence
+configure:5662: arm-linux-androideabi-gcc -E --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include  conftest.c
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking for errno.h
+configure:5662: result: yes
+configure:5662: checking fcntl.h usability
+configure:5662: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking fcntl.h presence
+configure:5662: arm-linux-androideabi-gcc -E --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include  conftest.c
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking for fcntl.h
+configure:5662: result: yes
+configure:5662: checking limits.h usability
+configure:5662: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking limits.h presence
+configure:5662: arm-linux-androideabi-gcc -E --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include  conftest.c
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking for limits.h
+configure:5662: result: yes
+configure:5662: checking locale.h usability
+configure:5662: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking locale.h presence
+configure:5662: arm-linux-androideabi-gcc -E --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include  conftest.c
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking for locale.h
+configure:5662: result: yes
+configure:5662: checking netdb.h usability
+configure:5662: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking netdb.h presence
+configure:5662: arm-linux-androideabi-gcc -E --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include  conftest.c
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking for netdb.h
+configure:5662: result: yes
+configure:5662: checking netinet/in.h usability
+configure:5662: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking netinet/in.h presence
+configure:5662: arm-linux-androideabi-gcc -E --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include  conftest.c
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking for netinet/in.h
+configure:5662: result: yes
+configure:5662: checking stddef.h usability
+configure:5662: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking stddef.h presence
+configure:5662: arm-linux-androideabi-gcc -E --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include  conftest.c
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking for stddef.h
+configure:5662: result: yes
+configure:5662: checking for stdlib.h
+configure:5662: result: yes
+configure:5662: checking for string.h
+configure:5662: result: yes
+configure:5662: checking sys/ioctl.h usability
+configure:5662: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking sys/ioctl.h presence
+configure:5662: arm-linux-androideabi-gcc -E --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include  conftest.c
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking for sys/ioctl.h
+configure:5662: result: yes
+configure:5662: checking sys/socket.h usability
+configure:5662: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking sys/socket.h presence
+configure:5662: arm-linux-androideabi-gcc -E --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include  conftest.c
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking for sys/socket.h
+configure:5662: result: yes
+configure:5662: checking sys/time.h usability
+configure:5662: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking sys/time.h presence
+configure:5662: arm-linux-androideabi-gcc -E --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include  conftest.c
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking for sys/time.h
+configure:5662: result: yes
+configure:5662: checking sys/timeb.h usability
+configure:5662: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking sys/timeb.h presence
+configure:5662: arm-linux-androideabi-gcc -E --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include  conftest.c
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking for sys/timeb.h
+configure:5662: result: yes
+configure:5662: checking sys/wait.h usability
+configure:5662: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking sys/wait.h presence
+configure:5662: arm-linux-androideabi-gcc -E --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include  conftest.c
+configure:5662: $? = 0
+configure:5662: result: yes
+configure:5662: checking for sys/wait.h
+configure:5662: result: yes
+configure:5662: checking for unistd.h
+configure:5662: result: yes
+configure:5676: checking for strerror
+configure:5676: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5676: $? = 0
+configure:5676: result: yes
+configure:5676: checking for bcopy
+configure:5676: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+conftest.c:75: warning: conflicting types for built-in function 'bcopy'
+configure:5676: $? = 0
+configure:5676: result: yes
+configure:5676: checking for memmove
+configure:5676: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+conftest.c:76: warning: conflicting types for built-in function 'memmove'
+configure:5676: $? = 0
+configure:5676: result: yes
+configure:5686: checking whether arm-linux-androideabi-gcc needs -traditional
+configure:5720: result: no
+configure:5727: checking whether setpgrp takes no argument
+configure:5759: result: yes
+configure:5767: checking return type of signal handlers
+configure:5785: arm-linux-androideabi-gcc -c -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include conftest.c 1>&5
+conftest.c: In function 'main':
+conftest.c:61: error: void value not ignored as it ought to be
+configure:5785: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| #define SIZEOF_CHAR_P 4
+| #define SIZEOF_LONG 4
+| #define SIZEOF_LONG_LONG 8
+| #define SIZEOF_SIZE_T 4
+| #define HAVE_ARPA_INET_H 1
+| #define HAVE_ERRNO_H 1
+| #define HAVE_FCNTL_H 1
+| #define HAVE_LIMITS_H 1
+| #define HAVE_LOCALE_H 1
+| #define HAVE_NETDB_H 1
+| #define HAVE_NETINET_IN_H 1
+| #define HAVE_STDDEF_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_SYS_IOCTL_H 1
+| #define HAVE_SYS_SOCKET_H 1
+| #define HAVE_SYS_TIME_H 1
+| #define HAVE_SYS_TIMEB_H 1
+| #define HAVE_SYS_WAIT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_STRERROR 1
+| #define HAVE_BCOPY 1
+| #define HAVE_MEMMOVE 1
+| #define SETPGRP_VOID 1
+| /* end confdefs.h.  */
+| #include <sys/types.h>
+| #include <signal.h>
+| 
+| int
+| main ()
+| {
+| return *(signal (0, 0)) (0) == 1;
+|   ;
+|   return 0;
+| }
+configure:5792: result: void
+configure:5803: checking for access
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for atexit
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for getcwd
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for gethostbyaddr
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for gethostbyaddr_r
+configure:5803: result: no
+configure:5803: checking for gethostbyname
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for gethostbyname_r
+configure:5803: result: yes
+configure:5803: checking for gettimeofday
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for inet_ntoa
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for localtime_r
+configure:5803: result: yes
+configure:5803: checking for memchr
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+conftest.c:88: warning: conflicting types for built-in function 'memchr'
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for memmove
+configure:5803: result: yes
+configure:5803: checking for memset
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+conftest.c:90: warning: conflicting types for built-in function 'memset'
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for poll
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for putenv
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for random
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+/tmp/ccyfkYEq.o: In function `main':
+conftest.c:(.text+0x4): undefined reference to `random'
+collect2: ld returned 1 exit status
+configure:5803: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| #define SIZEOF_CHAR_P 4
+| #define SIZEOF_LONG 4
+| #define SIZEOF_LONG_LONG 8
+| #define SIZEOF_SIZE_T 4
+| #define HAVE_ARPA_INET_H 1
+| #define HAVE_ERRNO_H 1
+| #define HAVE_FCNTL_H 1
+| #define HAVE_LIMITS_H 1
+| #define HAVE_LOCALE_H 1
+| #define HAVE_NETDB_H 1
+| #define HAVE_NETINET_IN_H 1
+| #define HAVE_STDDEF_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_SYS_IOCTL_H 1
+| #define HAVE_SYS_SOCKET_H 1
+| #define HAVE_SYS_TIME_H 1
+| #define HAVE_SYS_TIMEB_H 1
+| #define HAVE_SYS_WAIT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_STRERROR 1
+| #define HAVE_BCOPY 1
+| #define HAVE_MEMMOVE 1
+| #define SETPGRP_VOID 1
+| #define RETSIGTYPE void
+| #define HAVE_ACCESS 1
+| #define HAVE_ATEXIT 1
+| #define HAVE_GETCWD 1
+| #define HAVE_GETHOSTBYADDR 1
+| #define HAVE_GETHOSTBYNAME 1
+| #define HAVE_GETHOSTBYNAME_R 1
+| #define HAVE_GETTIMEOFDAY 1
+| #define HAVE_INET_NTOA 1
+| #define HAVE_LOCALTIME_R 1
+| #define HAVE_MEMCHR 1
+| #define HAVE_MEMMOVE 1
+| #define HAVE_MEMSET 1
+| #define HAVE_POLL 1
+| #define HAVE_PUTENV 1
+| /* end confdefs.h.  */
+| /* Define random to an innocuous variant, in case <limits.h> declares random.
+|    For example, HP-UX 11i <limits.h> declares gettimeofday.  */
+| #define random innocuous_random
+| 
+| /* System header to define __stub macros and hopefully few prototypes,
+|     which can conflict with char random (); below.
+|     Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+|     <limits.h> exists even on freestanding compilers.  */
+| 
+| #ifdef __STDC__
+| # include <limits.h>
+| #else
+| # include <assert.h>
+| #endif
+| 
+| #undef random
+| 
+| /* Override any GCC internal prototype to avoid an error.
+|    Use char because int might match the return type of a GCC
+|    builtin and then its argument prototype would still apply.  */
+| #ifdef __cplusplus
+| extern "C"
+| #endif
+| char random ();
+| /* The GNU C library defines this for functions which it implements
+|     to always fail with ENOSYS.  Some functions are actually named
+|     something starting with __ and the normal name is an alias.  */
+| #if defined __stub_random || defined __stub___random
+| choke me
+| #endif
+| 
+| int
+| main ()
+| {
+| return random ();
+|   ;
+|   return 0;
+| }
+configure:5803: result: no
+configure:5803: checking for regcomp
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for select
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for setlocale
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for snprintf
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+conftest.c:96: warning: conflicting types for built-in function 'snprintf'
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for socket
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for strchr
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+conftest.c:98: warning: conflicting types for built-in function 'strchr'
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for strdup
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+conftest.c:99: warning: conflicting types for built-in function 'strdup'
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for strerror
+configure:5803: result: yes
+configure:5803: checking for strftime
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+conftest.c:101: warning: conflicting types for built-in function 'strftime'
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for strlcat
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for strlcpy
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for strptime
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for strstr
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+conftest.c:105: warning: conflicting types for built-in function 'strstr'
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for strtoul
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5803: checking for timegm
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+/tmp/ccHB58uk.o: In function `main':
+conftest.c:(.text+0x4): undefined reference to `timegm'
+collect2: ld returned 1 exit status
+configure:5803: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| #define SIZEOF_CHAR_P 4
+| #define SIZEOF_LONG 4
+| #define SIZEOF_LONG_LONG 8
+| #define SIZEOF_SIZE_T 4
+| #define HAVE_ARPA_INET_H 1
+| #define HAVE_ERRNO_H 1
+| #define HAVE_FCNTL_H 1
+| #define HAVE_LIMITS_H 1
+| #define HAVE_LOCALE_H 1
+| #define HAVE_NETDB_H 1
+| #define HAVE_NETINET_IN_H 1
+| #define HAVE_STDDEF_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_SYS_IOCTL_H 1
+| #define HAVE_SYS_SOCKET_H 1
+| #define HAVE_SYS_TIME_H 1
+| #define HAVE_SYS_TIMEB_H 1
+| #define HAVE_SYS_WAIT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_STRERROR 1
+| #define HAVE_BCOPY 1
+| #define HAVE_MEMMOVE 1
+| #define SETPGRP_VOID 1
+| #define RETSIGTYPE void
+| #define HAVE_ACCESS 1
+| #define HAVE_ATEXIT 1
+| #define HAVE_GETCWD 1
+| #define HAVE_GETHOSTBYADDR 1
+| #define HAVE_GETHOSTBYNAME 1
+| #define HAVE_GETHOSTBYNAME_R 1
+| #define HAVE_GETTIMEOFDAY 1
+| #define HAVE_INET_NTOA 1
+| #define HAVE_LOCALTIME_R 1
+| #define HAVE_MEMCHR 1
+| #define HAVE_MEMMOVE 1
+| #define HAVE_MEMSET 1
+| #define HAVE_POLL 1
+| #define HAVE_PUTENV 1
+| #define HAVE_REGCOMP 1
+| #define HAVE_SELECT 1
+| #define HAVE_SETLOCALE 1
+| #define HAVE_SNPRINTF 1
+| #define HAVE_SOCKET 1
+| #define HAVE_STRCHR 1
+| #define HAVE_STRDUP 1
+| #define HAVE_STRERROR 1
+| #define HAVE_STRFTIME 1
+| #define HAVE_STRLCAT 1
+| #define HAVE_STRLCPY 1
+| #define HAVE_STRPTIME 1
+| #define HAVE_STRSTR 1
+| #define HAVE_STRTOUL 1
+| /* end confdefs.h.  */
+| /* Define timegm to an innocuous variant, in case <limits.h> declares timegm.
+|    For example, HP-UX 11i <limits.h> declares gettimeofday.  */
+| #define timegm innocuous_timegm
+| 
+| /* System header to define __stub macros and hopefully few prototypes,
+|     which can conflict with char timegm (); below.
+|     Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+|     <limits.h> exists even on freestanding compilers.  */
+| 
+| #ifdef __STDC__
+| # include <limits.h>
+| #else
+| # include <assert.h>
+| #endif
+| 
+| #undef timegm
+| 
+| /* Override any GCC internal prototype to avoid an error.
+|    Use char because int might match the return type of a GCC
+|    builtin and then its argument prototype would still apply.  */
+| #ifdef __cplusplus
+| extern "C"
+| #endif
+| char timegm ();
+| /* The GNU C library defines this for functions which it implements
+|     to always fail with ENOSYS.  Some functions are actually named
+|     something starting with __ and the normal name is an alias.  */
+| #if defined __stub_timegm || defined __stub___timegm
+| choke me
+| #endif
+| 
+| int
+| main ()
+| {
+| return timegm ();
+|   ;
+|   return 0;
+| }
+configure:5803: result: no
+configure:5803: checking for tzset
+configure:5803: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c  1>&5
+configure:5803: $? = 0
+configure:5803: result: yes
+configure:5814: checking for pcre_compile in -lpcre
+configure:5839: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c -lpcre   1>&5
+/home/n8fr8/dev/android/ndk/my-android-toolchain/bin/../lib/gcc/arm-linux-androideabi/4.4.3/../../../../arm-linux-androideabi/bin/ld: cannot find -lpcre
+collect2: ld returned 1 exit status
+configure:5839: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| #define SIZEOF_CHAR_P 4
+| #define SIZEOF_LONG 4
+| #define SIZEOF_LONG_LONG 8
+| #define SIZEOF_SIZE_T 4
+| #define HAVE_ARPA_INET_H 1
+| #define HAVE_ERRNO_H 1
+| #define HAVE_FCNTL_H 1
+| #define HAVE_LIMITS_H 1
+| #define HAVE_LOCALE_H 1
+| #define HAVE_NETDB_H 1
+| #define HAVE_NETINET_IN_H 1
+| #define HAVE_STDDEF_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_SYS_IOCTL_H 1
+| #define HAVE_SYS_SOCKET_H 1
+| #define HAVE_SYS_TIME_H 1
+| #define HAVE_SYS_TIMEB_H 1
+| #define HAVE_SYS_WAIT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_STRERROR 1
+| #define HAVE_BCOPY 1
+| #define HAVE_MEMMOVE 1
+| #define SETPGRP_VOID 1
+| #define RETSIGTYPE void
+| #define HAVE_ACCESS 1
+| #define HAVE_ATEXIT 1
+| #define HAVE_GETCWD 1
+| #define HAVE_GETHOSTBYADDR 1
+| #define HAVE_GETHOSTBYNAME 1
+| #define HAVE_GETHOSTBYNAME_R 1
+| #define HAVE_GETTIMEOFDAY 1
+| #define HAVE_INET_NTOA 1
+| #define HAVE_LOCALTIME_R 1
+| #define HAVE_MEMCHR 1
+| #define HAVE_MEMMOVE 1
+| #define HAVE_MEMSET 1
+| #define HAVE_POLL 1
+| #define HAVE_PUTENV 1
+| #define HAVE_REGCOMP 1
+| #define HAVE_SELECT 1
+| #define HAVE_SETLOCALE 1
+| #define HAVE_SNPRINTF 1
+| #define HAVE_SOCKET 1
+| #define HAVE_STRCHR 1
+| #define HAVE_STRDUP 1
+| #define HAVE_STRERROR 1
+| #define HAVE_STRFTIME 1
+| #define HAVE_STRLCAT 1
+| #define HAVE_STRLCPY 1
+| #define HAVE_STRPTIME 1
+| #define HAVE_STRSTR 1
+| #define HAVE_STRTOUL 1
+| #define HAVE_TZSET 1
+| /* end confdefs.h.  */
+| 
+| /* Override any GCC internal prototype to avoid an error.
+|    Use char because int might match the return type of a GCC
+|    builtin and then its argument prototype would still apply.  */
+| #ifdef __cplusplus
+| extern "C"
+| #endif
+| char pcre_compile ();
+| int
+| main ()
+| {
+| return pcre_compile ();
+|   ;
+|   return 0;
+| }
+configure:5848: result: no
+configure:5906: checking for regcomp in -lpcreposix
+configure:5931: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c -lpcreposix -lpcre  1>&5
+/home/n8fr8/dev/android/ndk/my-android-toolchain/bin/../lib/gcc/arm-linux-androideabi/4.4.3/../../../../arm-linux-androideabi/bin/ld: cannot find -lpcreposix
+collect2: ld returned 1 exit status
+configure:5931: $? = 1
+configure: failed program was:
+| /* confdefs.h */
+| #define PACKAGE_NAME ""
+| #define PACKAGE_TARNAME ""
+| #define PACKAGE_VERSION ""
+| #define PACKAGE_STRING ""
+| #define PACKAGE_BUGREPORT ""
+| #define PACKAGE_URL ""
+| #define VERSION_MAJOR 3
+| #define VERSION_MINOR 0
+| #define VERSION_POINT 12
+| #define VERSION "3.0.12"
+| #define CODE_STATUS "stable"
+| #define STDC_HEADERS 1
+| #define HAVE_SYS_TYPES_H 1
+| #define HAVE_SYS_STAT_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_MEMORY_H 1
+| #define HAVE_STRINGS_H 1
+| #define HAVE_INTTYPES_H 1
+| #define HAVE_STDINT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+| #define HAVE_GMTIME_R 1
+| #define HAVE_LOCALTIME_R 1
+| #define STDC_HEADERS 1
+| #define HAVE_DIRENT_H 1
+| #define TIME_WITH_SYS_TIME 1
+| #define SIZEOF_INT 4
+| #define SIZEOF_CHAR_P 4
+| #define SIZEOF_LONG 4
+| #define SIZEOF_LONG_LONG 8
+| #define SIZEOF_SIZE_T 4
+| #define HAVE_ARPA_INET_H 1
+| #define HAVE_ERRNO_H 1
+| #define HAVE_FCNTL_H 1
+| #define HAVE_LIMITS_H 1
+| #define HAVE_LOCALE_H 1
+| #define HAVE_NETDB_H 1
+| #define HAVE_NETINET_IN_H 1
+| #define HAVE_STDDEF_H 1
+| #define HAVE_STDLIB_H 1
+| #define HAVE_STRING_H 1
+| #define HAVE_SYS_IOCTL_H 1
+| #define HAVE_SYS_SOCKET_H 1
+| #define HAVE_SYS_TIME_H 1
+| #define HAVE_SYS_TIMEB_H 1
+| #define HAVE_SYS_WAIT_H 1
+| #define HAVE_UNISTD_H 1
+| #define HAVE_STRERROR 1
+| #define HAVE_BCOPY 1
+| #define HAVE_MEMMOVE 1
+| #define SETPGRP_VOID 1
+| #define RETSIGTYPE void
+| #define HAVE_ACCESS 1
+| #define HAVE_ATEXIT 1
+| #define HAVE_GETCWD 1
+| #define HAVE_GETHOSTBYADDR 1
+| #define HAVE_GETHOSTBYNAME 1
+| #define HAVE_GETHOSTBYNAME_R 1
+| #define HAVE_GETTIMEOFDAY 1
+| #define HAVE_INET_NTOA 1
+| #define HAVE_LOCALTIME_R 1
+| #define HAVE_MEMCHR 1
+| #define HAVE_MEMMOVE 1
+| #define HAVE_MEMSET 1
+| #define HAVE_POLL 1
+| #define HAVE_PUTENV 1
+| #define HAVE_REGCOMP 1
+| #define HAVE_SELECT 1
+| #define HAVE_SETLOCALE 1
+| #define HAVE_SNPRINTF 1
+| #define HAVE_SOCKET 1
+| #define HAVE_STRCHR 1
+| #define HAVE_STRDUP 1
+| #define HAVE_STRERROR 1
+| #define HAVE_STRFTIME 1
+| #define HAVE_STRLCAT 1
+| #define HAVE_STRLCPY 1
+| #define HAVE_STRPTIME 1
+| #define HAVE_STRSTR 1
+| #define HAVE_STRTOUL 1
+| #define HAVE_TZSET 1
+| /* end confdefs.h.  */
+| 
+| /* Override any GCC internal prototype to avoid an error.
+|    Use char because int might match the return type of a GCC
+|    builtin and then its argument prototype would still apply.  */
+| #ifdef __cplusplus
+| extern "C"
+| #endif
+| char regcomp ();
+| int
+| main ()
+| {
+| return regcomp ();
+|   ;
+|   return 0;
+| }
+configure:5940: result: no
+configure:6153: checking for zlibVersion in -lz
+configure:6178: arm-linux-androideabi-gcc -o conftest -pipe -O2  --sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include -L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib conftest.c -lz   1>&5
+configure:6178: $? = 0
+configure:6187: result: yes
+configure:6222: WARNING: You are using the static PCRE code which is scheduled for removal, for details see:
+    https://sourceforge.net/mailarchive/message.php?msg_id=20080511195555.2dc6cfdc%40fabiankeil.de
+configure:6366: creating ./config.status
+
+## ---------------------- ##
+## Running config.status. ##
+## ---------------------- ##
+
+This file was extended by config.status, which was
+generated by GNU Autoconf 2.68.  Invocation command line was
+
+  CONFIG_FILES    = 
+  CONFIG_HEADERS  = 
+  CONFIG_LINKS    = 
+  CONFIG_COMMANDS = 
+  $ ./config.status 
+
+on didactic
+
+config.status:931: creating GNUmakefile
+config.status:931: creating doc/source/ldp.dsl
+config.status:931: creating config.h
+config.status:1106: config.h is unchanged
+
+## ---------------- ##
+## Cache variables. ##
+## ---------------- ##
+
+ac_cv_build=i686-pc-linux-gnulibc1
+ac_cv_c_compiler_gnu=yes
+ac_cv_c_const=yes
+ac_cv_env_CC_set=set
+ac_cv_env_CC_value=arm-linux-androideabi-gcc
+ac_cv_env_CFLAGS_set=
+ac_cv_env_CFLAGS_value=
+ac_cv_env_CPPFLAGS_set=set
+ac_cv_env_CPPFLAGS_value='--sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include'
+ac_cv_env_CPP_set=
+ac_cv_env_CPP_value=
+ac_cv_env_LDFLAGS_set=set
+ac_cv_env_LDFLAGS_value='-L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib'
+ac_cv_env_LIBS_set=
+ac_cv_env_LIBS_value=
+ac_cv_env_build_alias_set=set
+ac_cv_env_build_alias_value=
+ac_cv_env_host_alias_set=set
+ac_cv_env_host_alias_value=arm-linux-eabi
+ac_cv_env_target_alias_set=
+ac_cv_env_target_alias_value=
+ac_cv_func_access=yes
+ac_cv_func_atexit=yes
+ac_cv_func_bcopy=yes
+ac_cv_func_getcwd=yes
+ac_cv_func_gethostbyaddr=yes
+ac_cv_func_gethostbyaddr_r=no
+ac_cv_func_gethostbyname=yes
+ac_cv_func_gethostbyname_r=yes
+ac_cv_func_gettimeofday=yes
+ac_cv_func_gmtime_r=yes
+ac_cv_func_inet_ntoa=yes
+ac_cv_func_localtime_r=yes
+ac_cv_func_memchr=yes
+ac_cv_func_memmove=yes
+ac_cv_func_memset=yes
+ac_cv_func_poll=yes
+ac_cv_func_putenv=yes
+ac_cv_func_random=no
+ac_cv_func_regcomp=yes
+ac_cv_func_select=yes
+ac_cv_func_setlocale=yes
+ac_cv_func_setpgrp_void=yes
+ac_cv_func_snprintf=yes
+ac_cv_func_socket=yes
+ac_cv_func_strchr=yes
+ac_cv_func_strdup=yes
+ac_cv_func_strerror=yes
+ac_cv_func_strftime=yes
+ac_cv_func_strlcat=yes
+ac_cv_func_strlcpy=yes
+ac_cv_func_strptime=yes
+ac_cv_func_strstr=yes
+ac_cv_func_strtoul=yes
+ac_cv_func_timegm=no
+ac_cv_func_tzset=yes
+ac_cv_header_OS_h=no
+ac_cv_header_arpa_inet_h=yes
+ac_cv_header_dirent_dirent_h=yes
+ac_cv_header_errno_h=yes
+ac_cv_header_fcntl_h=yes
+ac_cv_header_inttypes_h=yes
+ac_cv_header_limits_h=yes
+ac_cv_header_locale_h=yes
+ac_cv_header_memory_h=yes
+ac_cv_header_netdb_h=yes
+ac_cv_header_netinet_in_h=yes
+ac_cv_header_pthread_h=yes
+ac_cv_header_stdc=yes
+ac_cv_header_stddef_h=yes
+ac_cv_header_stdint_h=yes
+ac_cv_header_stdlib_h=yes
+ac_cv_header_string_h=yes
+ac_cv_header_strings_h=yes
+ac_cv_header_sys_ioctl_h=yes
+ac_cv_header_sys_socket_h=yes
+ac_cv_header_sys_stat_h=yes
+ac_cv_header_sys_time_h=yes
+ac_cv_header_sys_timeb_h=yes
+ac_cv_header_sys_types_h=yes
+ac_cv_header_sys_wait_h=yes
+ac_cv_header_time=yes
+ac_cv_header_unistd_h=yes
+ac_cv_host=arm-linux-eabi
+ac_cv_lib_nsl_gethostbyname=no
+ac_cv_lib_pcre_pcre_compile=no
+ac_cv_lib_pcreposix_regcomp=no
+ac_cv_lib_z_zlibVersion=yes
+ac_cv_objext=o
+ac_cv_path_BGROUPS=/usr/bin/groups
+ac_cv_path_EGREP='/bin/grep -E'
+ac_cv_path_GREP=/bin/grep
+ac_cv_path_ID=/usr/bin/id
+ac_cv_path_install='/usr/bin/install -c'
+ac_cv_prog_AWK=mawk
+ac_cv_prog_CC=arm-linux-androideabi-gcc
+ac_cv_prog_CPP='arm-linux-androideabi-gcc -E'
+ac_cv_prog_GDB=yes
+ac_cv_prog_RPMBIN=rpm
+ac_cv_prog_cc_c89=
+ac_cv_prog_cc_g=yes
+ac_cv_prog_gcc_traditional=no
+ac_cv_prog_make_make_set=yes
+ac_cv_search_opendir='none required'
+ac_cv_sizeof_char_p=4
+ac_cv_sizeof_int=4
+ac_cv_sizeof_long=4
+ac_cv_sizeof_long_long=8
+ac_cv_sizeof_size_t=4
+ac_cv_struct_tm=time.h
+ac_cv_type_pid_t=yes
+ac_cv_type_signal=void
+ac_cv_type_size_t=yes
+
+## ----------------- ##
+## Output variables. ##
+## ----------------- ##
+
+AMIGAOS_ONLY='#'
+AWK='mawk'
+BGROUPS='/usr/bin/groups'
+CC='arm-linux-androideabi-gcc'
+CFLAGS='-pipe -O2'
+CODE_STATUS='stable'
+CPP='arm-linux-androideabi-gcc -E'
+CPPFLAGS='--sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include'
+DB2HTML='false'
+DEFS='-DHAVE_CONFIG_H'
+DKPREFIX='none'
+DOC_STATUS='p-stable'
+ECHO_C=''
+ECHO_N='-n'
+ECHO_T=''
+EGREP='/bin/grep -E'
+EXEEXT=''
+GDB='yes'
+GREP='/bin/grep'
+GROUP=''
+ID='/usr/bin/id'
+INSTALL_DATA='${INSTALL} -m 644'
+INSTALL_PROGRAM='${INSTALL}'
+INSTALL_SCRIPT='${INSTALL}'
+JADEBIN='false'
+JADECAT=''
+LDFLAGS='-L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib'
+LIBOBJS=''
+LIBS=' -lz'
+LN_S='ln -s'
+LTLIBOBJS=''
+MAN2HTML='false'
+OBJEXT='o'
+PACKAGE_BUGREPORT=''
+PACKAGE_NAME=''
+PACKAGE_STRING=''
+PACKAGE_TARNAME=''
+PACKAGE_URL=''
+PACKAGE_VERSION=''
+PATH_SEPARATOR=':'
+PTHREAD_LIB='-lpthread'
+PTHREAD_ONLY='#'
+RPMBIN='rpm'
+RPM_BASE='/home/n8fr8/rpmbuild'
+SET_MAKE=''
+SHELL='/bin/bash'
+SOCKET_LIB=''
+SPECIAL_CFLAGS=''
+STATIC_PCRE_ONLY=''
+STATIC_PCRS_ONLY=''
+USER=''
+VERSION_MAJOR='3'
+VERSION_MINOR='0'
+VERSION_POINT='12'
+WDUMP=''
+WIN_ONLY='#'
+ac_ct_CC=''
+bindir='${exec_prefix}/bin'
+build='i686-pc-linux-gnulibc1'
+build_alias=''
+build_cpu='i686'
+build_os='linux-gnulibc1'
+build_vendor='pc'
+datadir='${datarootdir}'
+datarootdir='${prefix}/share'
+docdir='${datarootdir}/doc/${PACKAGE}'
+dvidir='${docdir}'
+exec_prefix='${prefix}'
+host='arm-linux-eabi'
+host_alias='arm-linux-eabi'
+host_cpu='arm'
+host_os='eabi'
+host_vendor='linux'
+htmldir='${docdir}'
+includedir='${prefix}/include'
+infodir='${datarootdir}/info'
+libdir='${exec_prefix}/lib'
+libexecdir='${exec_prefix}/libexec'
+localedir='${datarootdir}/locale'
+localstatedir='${prefix}/var'
+mandir='${datarootdir}/man'
+oldincludedir='/usr/include'
+pdfdir='${docdir}'
+prefix='/home/n8fr8/dev/android/ndk/my-android-toolchain'
+program_transform_name='s,x,x,'
+psdir='${docdir}'
+sbindir='${exec_prefix}/sbin'
+sharedstatedir='${prefix}/com'
+sysconfdir='${prefix}/etc'
+target_alias=''
+
+## ----------- ##
+## confdefs.h. ##
+## ----------- ##
+
+/* confdefs.h */
+#define PACKAGE_NAME ""
+#define PACKAGE_TARNAME ""
+#define PACKAGE_VERSION ""
+#define PACKAGE_STRING ""
+#define PACKAGE_BUGREPORT ""
+#define PACKAGE_URL ""
+#define VERSION_MAJOR 3
+#define VERSION_MINOR 0
+#define VERSION_POINT 12
+#define VERSION "3.0.12"
+#define CODE_STATUS "stable"
+#define STDC_HEADERS 1
+#define HAVE_SYS_TYPES_H 1
+#define HAVE_SYS_STAT_H 1
+#define HAVE_STDLIB_H 1
+#define HAVE_STRING_H 1
+#define HAVE_MEMORY_H 1
+#define HAVE_STRINGS_H 1
+#define HAVE_INTTYPES_H 1
+#define HAVE_STDINT_H 1
+#define HAVE_UNISTD_H 1
+#define HAVE_GETHOSTBYNAME_R_6_ARGS 1
+#define HAVE_GMTIME_R 1
+#define HAVE_LOCALTIME_R 1
+#define STDC_HEADERS 1
+#define HAVE_DIRENT_H 1
+#define TIME_WITH_SYS_TIME 1
+#define SIZEOF_INT 4
+#define SIZEOF_CHAR_P 4
+#define SIZEOF_LONG 4
+#define SIZEOF_LONG_LONG 8
+#define SIZEOF_SIZE_T 4
+#define HAVE_ARPA_INET_H 1
+#define HAVE_ERRNO_H 1
+#define HAVE_FCNTL_H 1
+#define HAVE_LIMITS_H 1
+#define HAVE_LOCALE_H 1
+#define HAVE_NETDB_H 1
+#define HAVE_NETINET_IN_H 1
+#define HAVE_STDDEF_H 1
+#define HAVE_STDLIB_H 1
+#define HAVE_STRING_H 1
+#define HAVE_SYS_IOCTL_H 1
+#define HAVE_SYS_SOCKET_H 1
+#define HAVE_SYS_TIME_H 1
+#define HAVE_SYS_TIMEB_H 1
+#define HAVE_SYS_WAIT_H 1
+#define HAVE_UNISTD_H 1
+#define HAVE_STRERROR 1
+#define HAVE_BCOPY 1
+#define HAVE_MEMMOVE 1
+#define SETPGRP_VOID 1
+#define RETSIGTYPE void
+#define HAVE_ACCESS 1
+#define HAVE_ATEXIT 1
+#define HAVE_GETCWD 1
+#define HAVE_GETHOSTBYADDR 1
+#define HAVE_GETHOSTBYNAME 1
+#define HAVE_GETHOSTBYNAME_R 1
+#define HAVE_GETTIMEOFDAY 1
+#define HAVE_INET_NTOA 1
+#define HAVE_LOCALTIME_R 1
+#define HAVE_MEMCHR 1
+#define HAVE_MEMMOVE 1
+#define HAVE_MEMSET 1
+#define HAVE_POLL 1
+#define HAVE_PUTENV 1
+#define HAVE_REGCOMP 1
+#define HAVE_SELECT 1
+#define HAVE_SETLOCALE 1
+#define HAVE_SNPRINTF 1
+#define HAVE_SOCKET 1
+#define HAVE_STRCHR 1
+#define HAVE_STRDUP 1
+#define HAVE_STRERROR 1
+#define HAVE_STRFTIME 1
+#define HAVE_STRLCAT 1
+#define HAVE_STRLCPY 1
+#define HAVE_STRPTIME 1
+#define HAVE_STRSTR 1
+#define HAVE_STRTOUL 1
+#define HAVE_TZSET 1
+#define __MT__ 1
+#define FEATURE_TOGGLE 1
+#define FEATURE_FORCE_LOAD 1
+#define FEATURE_FAST_REDIRECTS 1
+#define FEATURE_STATISTICS 1
+#define FEATURE_IMAGE_BLOCKING 1
+#define FEATURE_ACL 1
+#define FEATURE_TRUST 1
+#define FEATURE_CGI_EDIT_ACTIONS 1
+#define FEATURE_ZLIB 1
+#define STATIC_PCRE 1
+#define STATIC_PCRS 1
+
+configure: exit 0
diff --git a/external/privoxy/config.orig b/external/privoxy/config.orig
new file mode 100644
index 0000000..176dd5f
--- /dev/null
+++ b/external/privoxy/config.orig
@@ -0,0 +1,1530 @@
+#        Sample Configuration File for Privoxy v3.0.12
+#
+#  $Id: config,v 1.75 2009/03/21 11:35:37 hal9 Exp $
+#
+#  Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
+#
+####################################################################
+#                                                                  #
+#                      Table of Contents                           #
+#                                                                  #
+#        I. INTRODUCTION                                           #
+#       II. FORMAT OF THE CONFIGURATION FILE                       #
+#                                                                  #
+#        1. LOCAL SET-UP DOCUMENTATION                             #
+#        2. CONFIGURATION AND LOG FILE LOCATIONS                   #
+#        3. DEBUGGING                                              #
+#        4. ACCESS CONTROL AND SECURITY                            #
+#        5. FORWARDING                                             #
+#        6. WINDOWS GUI OPTIONS                                    #
+#                                                                  #
+####################################################################
+#
+#
+#  I. INTRODUCTION
+#   ===============
+#
+#  This file holds Privoxy's main configuration. Privoxy detects
+#  configuration changes automatically, so you don't have to restart
+#  it unless you want to load a different configuration file.
+#
+#  The configuration will be reloaded with the first request after
+#  the change was done, this request itself will still use the old
+#  configuration, though. In other words: it takes two requests before
+#  you see the result of your changes.  Requests that are dropped due
+#  to ACL don't trigger reloads.
+#
+#  When starting Privoxy on Unix systems, give the location of this
+#  file as last argument. On Windows systems, Privoxy will look for
+#  this file with the name 'config.txt' in the current working directory
+#  of the Privoxy process.
+#
+#
+#  II. FORMAT OF THE CONFIGURATION FILE
+#  ====================================
+#
+#  Configuration lines consist of an initial keyword followed by a
+#  list of values, all separated by whitespace (any number of spaces
+#  or tabs). For example,
+#
+#  actionsfile default.action
+#
+#  Indicates that the actionsfile is named 'default.action'.
+#
+#  The '#' indicates a comment. Any part of a line following a '#'
+#  is ignored, except if the '#' is preceded by a '\'.
+#
+#  Thus, by placing a # at the start of an existing configuration
+#  line, you can make it a comment and it will be treated as if it
+#  weren't there. This is called "commenting out" an option and can
+#  be useful. Removing the # again is called "uncommenting".
+#
+#  Note that commenting out an option and leaving it at its default
+#  are two completely different things! Most options behave very
+#  differently when unset.  See the "Effect if unset" explanation in
+#  each option's description for details.
+#
+#  Long lines can be continued on the next line by using a `\' as the
+#  last character.
+#
+#
+#
+#  1. LOCAL SET-UP DOCUMENTATION
+#  ==============================
+#
+#  If you intend to operate Privoxy for more users than just yourself,
+#  it might be a good idea to let them know how to reach you, what
+#  you block and why you do that, your policies, etc.
+#
+#
+#
+#  1.1. user-manual
+#  =================
+#
+#  Specifies:
+#
+#      Location of the Privoxy User Manual.
+#
+#  Type of value:
+#
+#      A fully qualified URI
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      http://www.privoxy.org/version/user-manual/ will be used,
+#      where version is the Privoxy version.
+#
+#  Notes:
+#
+#      The User Manual URI is the single best source of information on
+#      Privoxy, and is used for help links from some of the internal
+#      CGI pages. The manual itself is normally packaged with the
+#      binary distributions, so you probably want to set this to a
+#      locally installed copy.
+#
+#      Examples:
+#
+#      The best all purpose solution is simply to put the full local
+#      PATH to where the User Manual is located:
+#
+#        user-manual  /usr/share/doc/privoxy/user-manual
+#
+#
+#      The User Manual is then available to anyone with
+#      access to Privoxy, by following the built-in URL:
+#      http://config.privoxy.org/user-manual/ (or the shortcut:
+#      http://p.p/user-manual/).
+#
+#      If the documentation is not on the local system, it can be
+#      accessed from a remote server, as:
+#
+#        user-manual  http://example.com/privoxy/user-manual/
+#
+#
+#      WARNING!!!
+#
+#          If set, this option should be the first option in the config
+#          file, because it is used while the config file is being read.
+#
+user-manual /home/halb/privoxy/share/doc/privoxy/user-manual/
+#
+#
+#  1.2. trust-info-url
+#  ====================
+#
+#  Specifies:
+#
+#      A URL to be displayed in the error page that users will see if
+#      access to an untrusted page is denied.
+#
+#  Type of value:
+#
+#      URL
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      No links are displayed on the "untrusted" error page.
+#
+#  Notes:
+#
+#      The value of this option only matters if the experimental trust
+#      mechanism has been activated. (See trustfile below.)
+#
+#      If you use the trust mechanism, it is a good idea to write
+#      up some on-line documentation about your trust policy and to
+#      specify the URL(s) here. Use multiple times for multiple URLs.
+#
+#      The URL(s) should be added to the trustfile as well, so users
+#      don't end up locked out from the information on why they were
+#      locked out in the first place!
+#
+#trust-info-url  http://www.example.com/why_we_block.html
+#trust-info-url  http://www.example.com/what_we_allow.html
+#
+#
+#  1.3. admin-address
+#  ===================
+#
+#  Specifies:
+#
+#      An email address to reach the Privoxy administrator.
+#
+#  Type of value:
+#
+#      Email address
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      No email address is displayed on error pages and the CGI user
+#      interface.
+#
+#  Notes:
+#
+#      If both admin-address and proxy-info-url are unset, the whole
+#      "Local Privoxy Support" box on all generated pages will not
+#      be shown.
+#
+#admin-address privoxy-admin at example.com
+#
+#
+#  1.4. proxy-info-url
+#  ====================
+#
+#  Specifies:
+#
+#      A URL to documentation about the local Privoxy setup,
+#      configuration or policies.
+#
+#  Type of value:
+#
+#      URL
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      No link to local documentation is displayed on error pages and
+#      the CGI user interface.
+#
+#  Notes:
+#
+#      If both admin-address and proxy-info-url are unset, the whole
+#      "Local Privoxy Support" box on all generated pages will not
+#      be shown.
+#
+#      This URL shouldn't be blocked ;-)
+#
+#proxy-info-url http://www.example.com/proxy-service.html
+#
+#
+#  2. CONFIGURATION AND LOG FILE LOCATIONS
+#  ========================================
+#
+#  Privoxy can (and normally does) use a number of other files for
+#  additional configuration, help and logging. This section of the
+#  configuration file tells Privoxy where to find those other files.
+#
+#  The user running Privoxy, must have read permission for all
+#  configuration files, and write permission to any files that would
+#  be modified, such as log files and actions files.
+#
+#
+#
+#  2.1. confdir
+#  =============
+#
+#  Specifies:
+#
+#      The directory where the other configuration files are located.
+#
+#  Type of value:
+#
+#      Path name
+#
+#  Default value:
+#
+#      /etc/privoxy (Unix) or Privoxy installation dir (Windows)
+#
+#  Effect if unset:
+#
+#      Mandatory
+#
+#  Notes:
+#
+#      No trailing "/", please.
+#
+confdir /home/halb/privoxy/etc
+#
+#
+#  2.2. templdir
+#  ==============
+#
+#  Specifies:
+#
+#      An alternative directory where the templates are loaded from.
+#
+#  Type of value:
+#
+#      Path name
+#
+#  Default value:
+#
+#      unset
+#
+#  Effect if unset:
+#
+#      The templates are assumed to be located in confdir/template.
+#
+#  Notes:
+#
+#      Privoxy's original templates are usually overwritten with each
+#      update. Use this option to relocate customized templates that
+#      should be kept. As template variables might change between
+#      updates, you shouldn't expect templates to work with Privoxy
+#      releases other than the one they were part of, though.
+#
+#templdir .
+#
+#
+#  2.3. logdir
+#  ============
+#
+#  Specifies:
+#
+#      The directory where all logging takes place (i.e. where the
+#      logfile is located).
+#
+#  Type of value:
+#
+#      Path name
+#
+#  Default value:
+#
+#      /var/log/privoxy (Unix) or Privoxy installation dir (Windows)
+#
+#  Effect if unset:
+#
+#      Mandatory
+#
+#  Notes:
+#
+#      No trailing "/", please.
+#
+logdir /home/halb/privoxy/var/log/privoxy
+#
+#
+#  2.4. actionsfile
+#  =================
+#
+#  Specifies:
+#
+#      The actions file(s) to use
+#
+#  Type of value:
+#
+#      Complete file name, relative to confdir
+#
+#  Default values:
+#
+#        match-all.action # Actions that are applied to all sites and maybe overruled later on.
+#
+#        default.action   # Main actions file
+#
+#        user.action      # User customizations
+#
+#  Effect if unset:
+#
+#      No actions are taken at all. More or less neutral proxying.
+#
+#  Notes:
+#
+#      Multiple actionsfile lines are permitted, and are in fact
+#      recommended!
+#
+#      The default values are default.action, which is the "main"
+#      actions file maintained by the developers, and user.action,
+#      where you can make your personal additions.
+#
+#      Actions files contain all the per site and per URL configuration
+#      for ad blocking, cookie management, privacy considerations,
+#      etc. There is no point in using Privoxy without at least one
+#      actions file.
+#
+#      Note that since Privoxy 3.0.7, the complete filename, including
+#      the ".action" extension has to be specified. The syntax change
+#      was necessary to be consistent with the other file options and
+#      to allow previously forbidden characters.
+#
+actionsfile match-all.action # Actions that are applied to all sites and maybe overruled later on.
+actionsfile default.action   # Main actions file
+actionsfile user.action      # User customizations
+#
+#
+#  2.5. filterfile
+#  ================
+#
+#  Specifies:
+#
+#      The filter file(s) to use
+#
+#  Type of value:
+#
+#      File name, relative to confdir
+#
+#  Default value:
+#
+#      default.filter (Unix) or default.filter.txt (Windows)
+#
+#  Effect if unset:
+#
+#      No textual content filtering takes place, i.e. all +filter{name}
+#      actions in the actions files are turned neutral.
+#
+#  Notes:
+#
+#      Multiple filterfile lines are permitted.
+#
+#      The filter files contain content modification rules that use
+#      regular expressions. These rules permit powerful changes on the
+#      content of Web pages, and optionally the headers as well, e.g.,
+#      you could try to disable your favorite JavaScript annoyances,
+#      re-write the actual displayed text, or just have some fun
+#      playing buzzword bingo with web pages.
+#
+#      The +filter{name} actions rely on the relevant filter (name)
+#      to be defined in a filter file!
+#
+#      A pre-defined filter file called default.filter that contains a
+#      number of useful filters for common problems is included in the
+#      distribution. See the section on the filter action for a list.
+#
+#      It is recommended to place any locally adapted filters into a
+#      separate file, such as user.filter.
+#
+filterfile default.filter
+#filterfile user.filter      # User customizations
+#
+#
+#  2.6. logfile
+#  =============
+#
+#  Specifies:
+#
+#      The log file to use
+#
+#  Type of value:
+#
+#      File name, relative to logdir
+#
+#  Default value:
+#
+#      Unset (commented out). When activated: logfile (Unix) or
+#      privoxy.log (Windows).
+#
+#  Effect if unset:
+#
+#      No logfile is written.
+#
+#  Notes:
+#
+#      The logfile is where all logging and error messages are
+#      written. The level of detail and number of messages are set with
+#      the debug option (see below).  The logfile can be useful for
+#      tracking down a problem with Privoxy (e.g., it's not blocking
+#      an ad you think it should block) and it can help you to monitor
+#      what your browser is doing.
+#
+#      Depending on the debug options below, the logfile may be a
+#      privacy risk if third parties can get access to it. As most
+#      users will never look at it, Privoxy 3.0.7 and later only log
+#      fatal errors by default.
+#
+#      For most troubleshooting purposes, you will have to change that,
+#      please refer to the debugging section for details.
+#
+#      Your logfile will grow indefinitely, and you will probably
+#      want to periodically remove it. On Unix systems, you can do
+#      this with a cron job (see "man cron"). For Red Hat based Linux
+#      distributions, a logrotate script has been included.
+#
+#      Any log files must be writable by whatever user Privoxy is
+#      being run as (on Unix, default user id is "privoxy").
+#
+logfile logfile
+#
+#
+#  2.7. trustfile
+#  ===============
+#
+#  Specifies:
+#
+#      The name of the trust file to use
+#
+#  Type of value:
+#
+#      File name, relative to confdir
+#
+#  Default value:
+#
+#      Unset (commented out). When activated: trust (Unix) or trust.txt
+#      (Windows)
+#
+#  Effect if unset:
+#
+#      The entire trust mechanism is disabled.
+#
+#  Notes:
+#
+#      The trust mechanism is an experimental feature for building
+#      white-lists and should be used with care. It is NOT recommended
+#      for the casual user.
+#
+#      If you specify a trust file, Privoxy will only allow access to
+#      sites that are specified in the trustfile. Sites can be listed
+#      in one of two ways:
+#
+#      Prepending a ~ character limits access to this site only (and
+#      any sub-paths within this site), e.g. ~www.example.com allows
+#      access to ~www.example.com/ features/news.html, etc.
+#
+#      Or, you can designate sites as trusted referrers, by prepending
+#      the name with a + character. The effect is that access to
+#      untrusted sites will be granted -- but only if a link from
+#      this trusted referrer was used to get there. The link target
+#      will then be added to the "trustfile" so that future, direct
+#      accesses will be granted. Sites added via this mechanism do
+#      not become trusted referrers themselves (i.e. they are added
+#      with a ~ designation). There is a limit of 512 such entries,
+#      after which new entries will not be made.
+#
+#      If you use the + operator in the trust file, it may grow
+#      considerably over time.
+#
+#      It is recommended that Privoxy be compiled with the
+#      --disable-force, --disable-toggle and --disable-editor options,
+#      if this feature is to be used.
+#
+#      Possible applications include limiting Internet access for
+#      children.
+#
+#trustfile trust
+#
+#
+#  3. DEBUGGING
+#  =============
+#
+#  These options are mainly useful when tracing a problem. Note that
+#  you might also want to invoke Privoxy with the --no-daemon command
+#  line option when debugging.
+#
+#
+#
+#  3.1. debug
+#  ===========
+#
+#  Specifies:
+#
+#      Key values that determine what information gets logged.
+#
+#  Type of value:
+#
+#      Integer values
+#
+#  Default value:
+#
+#      0 (i.e.: only fatal errors (that cause Privoxy to exit) are logged)
+#
+#  Effect if unset:
+#
+#      Default value is used (see above).
+#
+#  Notes:
+#
+#      The available debug levels are:
+#
+#        debug         1 # Log the destination for each request Privoxy let through. See also debug 1024.
+#        debug         2 # show each connection status
+#        debug         4 # show I/O status
+#        debug         8 # show header parsing
+#        debug        16 # log all data written to the network into the logfile
+#        debug        32 # debug force feature
+#        debug        64 # debug regular expression filters
+#        debug       128 # debug redirects
+#        debug       256 # debug GIF de-animation
+#        debug       512 # Common Log Format
+#        debug      1024 # Log the destination for requests Privoxy didn't let through, and the reason why.
+#        debug      2048 # CGI user interface
+#        debug      4096 # Startup banner and warnings.
+#        debug      8192 # Non-fatal errors
+#
+#
+#      To select multiple debug levels, you can either add them or
+#      use multiple debug lines.
+#
+#      A debug level of 1 is informative because it will show you each
+#      request as it happens. 1, 4096 and 8192 are recommended so that
+#      you will notice when things go wrong. The other levels are
+#      probably only of interest if you are hunting down a specific
+#      problem. They can produce a hell of an output (especially 16).
+#
+#      Privoxy used to ship with the debug levels recommended above
+#      enabled by default, but due to privacy concerns 3.0.7 and later
+#      are configured to only log fatal errors.
+#
+#      If you are used to the more verbose settings, simply enable
+#      the debug lines below again.
+#
+#      If you want to use pure CLF (Common Log Format), you should set
+#      "debug 512" ONLY and not enable anything else.
+#
+#      Privoxy has a hard-coded limit for the length of log messages. If
+#      it's reached, messages are logged truncated and marked with
+#      "... [too long, truncated]".
+#
+#      Please don't file any support requests without trying to
+#      reproduce the problem with increased debug level first. Once
+#      you read the log messages, you may even be able to solve the
+#      problem on your own.
+#
+#debug      1 # Log the destination for each request Privoxy let through.
+#debug   1024 # Log the destination for requests Privoxy didn't let through, and the reason why.
+#debug   4096 # Startup banner and warnings
+#debug   8192 # Non-fatal errors
+#
+#
+#  3.2. single-threaded
+#  =====================
+#
+#  Specifies:
+#
+#      Whether to run only one server thread.
+#
+#  Type of value:
+#
+#      None
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      Multi-threaded (or, where unavailable: forked) operation,
+#      i.e. the ability to serve multiple requests simultaneously.
+#
+#  Notes:
+#
+#      This option is only there for debugging purposes. It will
+#      drastically reduce performance.
+#
+#single-threaded
+#
+#
+#  3.3. hostname
+#  ==============
+#
+#  Specifies:
+#
+#      The hostname shown on the CGI pages.
+#
+#  Type of value:
+#
+#      Text
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      The hostname provided by the operating system is used.
+#
+#  Notes:
+#
+#      On some misconfigured systems resolving the hostname fails or
+#      takes too much time and slows Privoxy down. Setting a fixed
+#      hostname works around the problem.
+#
+#      In other circumstances it might be desirable to show a hostname
+#      other than the one returned by the operating system. For example
+#      if the system has several different hostnames and you don't
+#      want to use the first one.
+#
+#      Note that Privoxy does not validate the specified hostname value.
+#
+#hostname hostname.example.org
+#
+#
+#  4. ACCESS CONTROL AND SECURITY
+#  ===============================
+#
+#  This section of the config file controls the security-relevant
+#  aspects of Privoxy's configuration.
+#
+#
+#
+#  4.1. listen-address
+#  ====================
+#
+#  Specifies:
+#
+#      The IP address and TCP port on which Privoxy will listen for
+#      client requests.
+#
+#  Type of value:
+#
+#      [IP-Address]:Port
+#
+#  Default value:
+#
+#      127.0.0.1:8118
+#
+#  Effect if unset:
+#
+#      Bind to 127.0.0.1 (localhost), port 8118. This is suitable and
+#      recommended for home users who run Privoxy on the same machine
+#      as their browser.
+#
+#  Notes:
+#
+#      You will need to configure your browser(s) to this proxy address
+#      and port.
+#
+#      If you already have another service running on port 8118, or
+#      if you want to serve requests from other machines (e.g. on your
+#      local network) as well, you will need to override the default.
+#
+#      If you leave out the IP address, Privoxy will bind to all
+#      interfaces (addresses) on your machine and may become reachable
+#      from the Internet. In that case, consider using access control
+#      lists (ACL's, see below), and/or a firewall.
+#
+#      If you open Privoxy to untrusted users, you will also
+#      want to make sure that the following actions are disabled:
+#      enable-edit-actions and enable-remote-toggle
+#
+#  Example:
+#
+#      Suppose you are running Privoxy on a machine which has the
+#      address 192.168.0.1 on your local private network (192.168.0.0)
+#      and has another outside connection with a different address. You
+#      want it to serve requests from inside only:
+#
+#        listen-address  192.168.0.1:8118
+#
+#
+listen-address  127.0.0.1:8118
+#
+#
+#  4.2. toggle
+#  ============
+#
+#  Specifies:
+#
+#      Initial state of "toggle" status
+#
+#  Type of value:
+#
+#      1 or 0
+#
+#  Default value:
+#
+#      1
+#
+#  Effect if unset:
+#
+#      Act as if toggled on
+#
+#  Notes:
+#
+#      If set to 0, Privoxy will start in "toggled off" mode,
+#      i.e. mostly behave like a normal, content-neutral proxy
+#      with both ad blocking and content filtering disabled. See
+#      enable-remote-toggle below.
+#
+#      The windows version will only display the toggle icon in the
+#      system tray if this option is present.
+#
+toggle  1
+#
+#
+#  4.3. enable-remote-toggle
+#  ==========================
+#
+#  Specifies:
+#
+#      Whether or not the web-based toggle feature may be used
+#
+#  Type of value:
+#
+#      0 or 1
+#
+#  Default value:
+#
+#      0
+#
+#  Effect if unset:
+#
+#      The web-based toggle feature is disabled.
+#
+#  Notes:
+#
+#      When toggled off, Privoxy mostly acts like a normal,
+#      content-neutral proxy, i.e. doesn't block ads or filter content.
+#
+#      Access to the toggle feature can not be controlled separately by
+#      "ACLs" or HTTP authentication, so that everybody who can access
+#      Privoxy (see "ACLs" and listen-address above) can toggle it
+#      for all users. So this option is not recommended for multi-user
+#      environments with untrusted users.
+#
+#      Note that malicious client side code (e.g Java) is also capable
+#      of using this option.
+#
+#      As a lot of Privoxy users don't read documentation, this feature
+#      is disabled by default.
+#
+#      Note that you must have compiled Privoxy with support for this
+#      feature, otherwise this option has no effect.
+#
+enable-remote-toggle  0
+#
+#
+#  4.4. enable-remote-http-toggle
+#  ===============================
+#
+#  Specifies:
+#
+#      Whether or not Privoxy recognizes special HTTP headers to change
+#      its behaviour.
+#
+#  Type of value:
+#
+#      0 or 1
+#
+#  Default value:
+#
+#      0
+#
+#  Effect if unset:
+#
+#      Privoxy ignores special HTTP headers.
+#
+#  Notes:
+#
+#      When toggled on, the client can change Privoxy's behaviour by
+#      setting special HTTP headers. Currently the only supported
+#      special header is "X-Filter: No", to disable filtering for
+#      the ongoing request, even if it is enabled in one of the
+#      action files.
+#
+#      This feature is disabled by default. If you are using Privoxy in
+#      a environment with trusted clients, you may enable this feature
+#      at your discretion. Note that malicious client side code (e.g
+#      Java) is also capable of using this feature.
+#
+#      This option will be removed in future releases as it has been
+#      obsoleted by the more general header taggers.
+#
+enable-remote-http-toggle  0
+#
+#
+#  4.5. enable-edit-actions
+#  =========================
+#
+#  Specifies:
+#
+#      Whether or not the web-based actions file editor may be used
+#
+#  Type of value:
+#
+#      0 or 1
+#
+#  Default value:
+#
+#      0
+#
+#  Effect if unset:
+#
+#      The web-based actions file editor is disabled.
+#
+#  Notes:
+#
+#      Access to the editor can not be controlled separately by
+#      "ACLs" or HTTP authentication, so that everybody who can access
+#      Privoxy (see "ACLs" and listen-address above) can modify its
+#      configuration for all users.
+#
+#      This option is not recommended for environments with untrusted
+#      users and as a lot of Privoxy users don't read documentation,
+#      this feature is disabled by default.
+#
+#      Note that malicious client side code (e.g Java) is also capable
+#      of using the actions editor and you shouldn't enable this
+#      options unless you understand the consequences and are sure
+#      your browser is configured correctly.
+#
+#      Note that you must have compiled Privoxy with support for this
+#      feature, otherwise this option has no effect.
+#
+enable-edit-actions 0
+#
+#
+#  4.6. enforce-blocks
+#  ====================
+#
+#  Specifies:
+#
+#      Whether the user is allowed to ignore blocks and can "go there
+#      anyway".
+#
+#  Type of value:
+#
+#      0 or 1
+#
+#  Default value:
+#
+#      0
+#
+#  Effect if unset:
+#
+#      Blocks are not enforced.
+#
+#  Notes:
+#
+#      Privoxy is mainly used to block and filter requests as a service
+#      to the user, for example to block ads and other junk that clogs
+#      the pipes.  Privoxy's configuration isn't perfect and sometimes
+#      innocent pages are blocked. In this situation it makes sense to
+#      allow the user to enforce the request and have Privoxy ignore
+#      the block.
+#
+#      In the default configuration Privoxy's "Blocked" page contains
+#      a "go there anyway" link to adds a special string (the force
+#      prefix) to the request URL. If that link is used, Privoxy
+#      will detect the force prefix, remove it again and let the
+#      request pass.
+#
+#      Of course Privoxy can also be used to enforce a network
+#      policy. In that case the user obviously should not be able to
+#      bypass any blocks, and that's what the "enforce-blocks" option
+#      is for. If it's enabled, Privoxy hides the "go there anyway"
+#      link. If the user adds the force prefix by hand, it will not
+#      be accepted and the circumvention attempt is logged.
+#
+#  Examples:
+#
+#      enforce-blocks 1
+#
+enforce-blocks 0
+#
+#
+#  4.7. ACLs: permit-access and deny-access
+#  =========================================
+#
+#  Specifies:
+#
+#      Who can access what.
+#
+#  Type of value:
+#
+#      src_addr[/src_masklen] [dst_addr[/dst_masklen]]
+#
+#      Where src_addr and dst_addr are IP addresses in dotted decimal
+#      notation or valid DNS names, and src_masklen and dst_masklen are
+#      subnet masks in CIDR notation, i.e. integer values from 2 to 30
+#      representing the length (in bits) of the network address. The
+#      masks and the whole destination part are optional.
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      Don't restrict access further than implied by listen-address
+#
+#  Notes:
+#
+#      Access controls are included at the request of ISPs and systems
+#      administrators, and are not usually needed by individual
+#      users. For a typical home user, it will normally suffice to
+#      ensure that Privoxy only listens on the localhost (127.0.0.1)
+#      or internal (home) network address by means of the listen-address
+#      option.
+#
+#      Please see the warnings in the FAQ that Privoxy is not intended
+#      to be a substitute for a firewall or to encourage anyone to
+#      defer addressing basic security weaknesses.
+#
+#      Multiple ACL lines are OK. If any ACLs are specified, Privoxy
+#      only talks to IP addresses that match at least one permit-access
+#      line and don't match any subsequent deny-access line. In other
+#      words, the last match wins, with the default being deny-access.
+#
+#      If Privoxy is using a forwarder (see forward below) for a
+#      particular destination URL, the dst_addr that is examined is
+#      the address of the forwarder and NOT the address of the ultimate
+#      target. This is necessary because it may be impossible for the
+#      local Privoxy to determine the IP address of the ultimate target
+#      (that's often what gateways are used for).
+#
+#      You should prefer using IP addresses over DNS names, because
+#      the address lookups take time. All DNS names must resolve! You
+#      can not use domain patterns like "*.org" or partial domain
+#      names. If a DNS name resolves to multiple IP addresses, only
+#      the first one is used.
+#
+#      Denying access to particular sites by ACL may have undesired
+#      side effects if the site in question is hosted on a machine
+#      which also hosts other sites (most sites are).
+#
+#  Examples:
+#
+#      Explicitly define the default behavior if no ACL and
+#      listen-address are set: "localhost" is OK. The absence of a
+#      dst_addr implies that all destination addresses are OK:
+#
+#        permit-access  localhost
+#
+#
+#      Allow any host on the same class C subnet as www.privoxy.org
+#      access to nothing but www.example.com (or other domains hosted
+#      on the same system):
+#
+#        permit-access  www.privoxy.org/24 www.example.com/32
+#
+#
+#      Allow access from any host on the 26-bit subnet 192.168.45.64 to
+#      anywhere, with the exception that 192.168.45.73 may not access
+#      the IP address behind www.dirty-stuff.example.com:
+#
+#        permit-access  192.168.45.64/26 
+#        deny-access   192.168.45.73  www.dirty-stuff.example.com
+#
+#
+#
+#  4.8. buffer-limit
+#  ==================
+#
+#  Specifies:
+#
+#      Maximum size of the buffer for content filtering.
+#
+#  Type of value:
+#
+#      Size in Kbytes
+#
+#  Default value:
+#
+#      4096
+#
+#  Effect if unset:
+#
+#      Use a 4MB (4096 KB) limit.
+#
+#  Notes:
+#
+#      For content filtering, i.e. the +filter and +deanimate-gif
+#      actions, it is necessary that Privoxy buffers the entire document
+#      body. This can be potentially dangerous, since a server could
+#      just keep sending data indefinitely and wait for your RAM to
+#      exhaust -- with nasty consequences.  Hence this option.
+#
+#      When a document buffer size reaches the buffer-limit, it is
+#      flushed to the client unfiltered and no further attempt to filter
+#      the rest of the document is made. Remember that there may be
+#      multiple threads running, which might require up to buffer-limit
+#      Kbytes each, unless you have enabled "single-threaded" above.
+#
+buffer-limit 4096
+#
+#
+#  5. FORWARDING
+#  ==============
+#
+#  This feature allows routing of HTTP requests through a chain of
+#  multiple proxies.
+#
+#  Forwarding can be used to chain Privoxy with a caching proxy to
+#  speed up browsing. Using a parent proxy may also be necessary if
+#  the machine that Privoxy runs on has no direct Internet access.
+#
+#  Note that parent proxies can severely decrease your privacy
+#  level. For example a parent proxy could add your IP address to the
+#  request headers and if it's a caching proxy it may add the "Etag"
+#  header to revalidation requests again, even though you configured
+#  Privoxy to remove it. It may also ignore Privoxy's header time
+#  randomization and use the original values which could be used by
+#  the server as cookie replacement to track your steps between visits.
+#
+#  Also specified here are SOCKS proxies. Privoxy supports the SOCKS
+#  4 and SOCKS 4A protocols.
+#
+#
+#
+#  5.1. forward
+#  =============
+#
+#  Specifies:
+#
+#      To which parent HTTP proxy specific requests should be routed.
+#
+#  Type of value:
+#
+#      target_pattern http_parent[:port]
+#
+#      where target_pattern is a URL pattern that specifies to which
+#      requests (i.e. URLs) this forward rule shall apply. Use /
+#      to denote "all URLs".  http_parent[:port] is the DNS name or
+#      IP address of the parent HTTP proxy through which the requests
+#      should be forwarded, optionally followed by its listening port
+#      (default: 8080). Use a single dot (.) to denote "no forwarding".
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      Don't use parent HTTP proxies.
+#
+#  Notes:
+#
+#      If http_parent is ".", then requests are not forwarded to
+#      another HTTP proxy but are made directly to the web servers.
+#
+#      Multiple lines are OK, they are checked in sequence, and the
+#      last match wins.
+#
+#  Examples:
+#
+#      Everything goes to an example parent proxy, except SSL on port
+#      443 (which it doesn't handle):
+#
+#        forward   /      parent-proxy.example.org:8080 
+#        forward   :443   .
+#
+#
+#      Everything goes to our example ISP's caching proxy, except for
+#      requests to that ISP's sites:
+#
+#        forward   /                  caching-proxy.isp.example.net:8000
+#        forward   .isp.example.net   .
+#
+#
+#
+#
+#  5.2. forward-socks4, forward-socks4a and forward-socks5
+#  ========================================================
+#
+#  Specifies:
+#
+#      Through which SOCKS proxy (and optionally to which parent HTTP
+#      proxy) specific requests should be routed.
+#
+#  Type of value:
+#
+#      target_pattern socks_proxy[:port] http_parent[:port]
+#
+#      where target_pattern is a URL pattern that specifies to which
+#      requests (i.e. URLs) this forward rule shall apply. Use / to
+#      denote "all URLs".  http_parent and socks_proxy are IP addresses
+#      in dotted decimal notation or valid DNS names (http_parent may
+#      be "." to denote "no HTTP forwarding"), and the optional port
+#      parameters are TCP ports, i.e. integer values from 1 to 65535
+#
+#  Default value:
+#
+#      Unset
+#
+#  Effect if unset:
+#
+#      Don't use SOCKS proxies.
+#
+#  Notes:
+#
+#      Multiple lines are OK, they are checked in sequence, and the
+#      last match wins.
+#
+#      The difference between forward-socks4 and forward-socks4a
+#      is that in the SOCKS 4A protocol, the DNS resolution of the
+#      target hostname happens on the SOCKS server, while in SOCKS 4
+#      it happens locally.
+#
+#      With forward-socks5 the DNS resolution will happen on the remote
+#      server as well.
+#
+#      If http_parent is ".", then requests are not forwarded to another
+#      HTTP proxy but are made (HTTP-wise) directly to the web servers,
+#      albeit through a SOCKS proxy.
+#
+#  Examples:
+#
+#      From the company example.com, direct connections are made to all
+#      "internal" domains, but everything outbound goes through their
+#      ISP's proxy by way of example.com's corporate SOCKS 4A gateway
+#      to the Internet.
+#
+#        forward-socks4a   /       socks-gw.example.com:1080    www-cache.isp.example.net:8080 
+#        forward           .example.com        .
+#
+#
+#      A rule that uses a SOCKS 4 gateway for all destinations but no
+#      HTTP parent looks like this:
+#
+#        forward-socks4   /               socks-gw.example.com:1080  .
+#
+#
+#      To chain Privoxy and Tor, both running on the same system,
+#      you would use something like:
+#
+#        forward-socks4a   /               127.0.0.1:9050 .
+#
+#
+#      The public Tor network can't be used to reach your local network,
+#      if you need to access local servers you therefore might want
+#      to make some exceptions:
+#
+#        forward         192.168.*.*/     .  
+#        forward         10.*.*.*/        .  
+#        forward         127.*.*.*/       .
+#
+#
+#      Unencrypted connections to systems in these address ranges will
+#      be as (un) secure as the local network is, but the alternative
+#      is that you can't reach the local network through Privoxy at
+#      all. Of course this may actually be desired and there is no
+#      reason to make these exceptions if you aren't sure you need them.
+#
+#      If you also want to be able to reach servers in your local
+#      network by using their names, you will need additional exceptions
+#      that look like this:
+#
+#       forward           localhost/     .
+#
+#
+#
+#
+#  5.3. forwarded-connect-retries
+#  ===============================
+#
+#  Specifies:
+#
+#      How often Privoxy retries if a forwarded connection request
+#      fails.
+#
+#  Type of value:
+#
+#      Number of retries.
+#
+#  Default value:
+#
+#      0
+#
+#  Effect if unset:
+#
+#      Connections forwarded through other proxies are treated like
+#      direct connections and no retry attempts are made.
+#
+#  Notes:
+#
+#      forwarded-connect-retries is mainly interesting for socks4a
+#      connections, where Privoxy can't detect why the connections
+#      failed. The connection might have failed because of a DNS timeout
+#      in which case a retry makes sense, but it might also have failed
+#      because the server doesn't exist or isn't reachable. In this
+#      case the retry will just delay the appearance of Privoxy's
+#      error message.
+#
+#      Note that in the context of this option, "forwarded connections"
+#      includes all connections that Privoxy forwards through other
+#      proxies. This option is not limited to the HTTP CONNECT method.
+#
+#      Only use this option, if you are getting lots of
+#      forwarding-related error messages that go away when you try again
+#      manually. Start with a small value and check Privoxy's logfile
+#      from time to time, to see how many retries are usually needed.
+#
+#  Examples:
+#
+#      forwarded-connect-retries 1
+#
+forwarded-connect-retries  0
+#
+#
+#  5.4. accept-intercepted-requests
+#  =================================
+#
+#  Specifies:
+#
+#      Whether intercepted requests should be treated as valid.
+#
+#  Type of value:
+#
+#      0 or 1
+#
+#  Default value:
+#
+#      0
+#
+#  Effect if unset:
+#
+#      Only proxy requests are accepted, intercepted requests are
+#      treated as invalid.
+#
+#  Notes:
+#
+#      If you don't trust your clients and want to force them to use
+#      Privoxy, enable this option and configure your packet filter
+#      to redirect outgoing HTTP connections into Privoxy.
+#
+#      Make sure that Privoxy's own requests aren't redirected as well.
+#      Additionally take care that Privoxy can't intentionally connect
+#      to itself, otherwise you could run into redirection loops if
+#      Privoxy's listening port is reachable by the outside or an
+#      attacker has access to the pages you visit.
+#
+#  Examples:
+#
+#      accept-intercepted-requests 1
+#
+accept-intercepted-requests 0
+#
+#
+#  5.5. allow-cgi-request-crunching
+#  =================================
+#
+#  Specifies:
+#
+#      Whether requests to Privoxy's CGI pages can be blocked or
+#      redirected.
+#
+#  Type of value:
+#
+#      0 or 1
+#
+#  Default value:
+#
+#      0
+#
+#  Effect if unset:
+#
+#      Privoxy ignores block and redirect actions for its CGI pages.
+#
+#  Notes:
+#
+#      By default Privoxy ignores block or redirect actions for
+#      its CGI pages.  Intercepting these requests can be useful in
+#      multi-user setups to implement fine-grained access control,
+#      but it can also render the complete web interface useless and
+#      make debugging problems painful if done without care.
+#
+#      Don't enable this option unless you're sure that you really
+#      need it.
+#
+#  Examples:
+#
+#      allow-cgi-request-crunching 1
+#
+allow-cgi-request-crunching 0
+#
+#
+#  5.6. split-large-forms
+#  =======================
+#
+#  Specifies:
+#
+#      Whether the CGI interface should stay compatible with broken
+#      HTTP clients.
+#
+#  Type of value:
+#
+#      0 or 1
+#
+#  Default value:
+#
+#      0
+#
+#  Effect if unset:
+#
+#      The CGI form generate long GET URLs.
+#
+#  Notes:
+#
+#      Privoxy's CGI forms can lead to rather long URLs. This isn't
+#      a problem as far as the HTTP standard is concerned, but it can
+#      confuse clients with arbitrary URL length limitations.
+#
+#      Enabling split-large-forms causes Privoxy to divide big forms
+#      into smaller ones to keep the URL length down. It makes editing
+#      a lot less convenient and you can no longer submit all changes
+#      at once, but at least it works around this browser bug.
+#
+#      If you don't notice any editing problems, there is no reason
+#      to enable this option, but if one of the submit buttons appears
+#      to be broken, you should give it a try.
+#
+#  Examples:
+#
+#      split-large-forms 1
+#
+split-large-forms 0
+#
+#
+#  5.7. keep-alive-timeout
+#  ========================
+#
+#  Specifies:
+#
+#      Number of seconds after which an open connection will no longer
+#      be reused.
+#
+#  Type of value:
+#
+#      Time in seconds.
+#
+#  Default value:
+#
+#      None
+#
+#  Effect if unset:
+#
+#      Connections are not reused.
+#
+#  Notes:
+#
+#      This option has no effect if Privoxy has been compiled without
+#      keep-alive support.
+#
+#  Notes:
+#
+#      Note that reusing connections doesn't necessary cause
+#      speedups. There are also a few privacy implications you should
+#      be aware of.
+#
+#      Outgoing connections are shared between clients (if there are
+#      more than one) and closing the client that initiated the outgoing
+#      connection does not affect the connection between Privoxy and
+#      the server unless the client's request hasn't been completed
+#      yet. If the outgoing connection is idle, it will not be closed
+#      until either Privoxy's or the server's timeout is reached. While
+#      it's open, the server knows that the system running Privoxy is
+#      still there.
+#
+#  Examples:
+#
+#      keep-alive-timeout 300
+#
+keep-alive-timeout 300
+#
+#
+#  5.8. socket-timeout
+#  ====================
+#
+#  Specifies:
+#
+#      Number of seconds after which a socket times out if no data
+#      is received.
+#
+#  Type of value:
+#
+#      Time in seconds.
+#
+#  Default value:
+#
+#      None
+#
+#  Effect if unset:
+#
+#      A default value of 300 seconds is used.
+#
+#  Notes:
+#
+#      For SOCKS requests the timeout currently doesn't start until
+#      the SOCKS server accepted the request. This will be fixed in
+#      the next release.
+#
+#  Examples:
+#
+#      socket-timeout 300
+#
+socket-timeout 300
+#
+#
+#  6. WINDOWS GUI OPTIONS
+#  =======================
+#
+#  Privoxy has a number of options specific to the Windows GUI
+#  interface:
+#
+#
+#  If "activity-animation" is set to 1, the Privoxy icon will animate
+#  when "Privoxy" is active. To turn off, set to 0.
+#
+#activity-animation   1
+#
+#  If "log-messages" is set to 1, Privoxy will log messages to the
+#  console window:
+#
+#log-messages   1
+#
+#  If "log-buffer-size" is set to 1, the size of the log buffer,
+#  i.e. the amount of memory used for the log messages displayed in
+#  the console window, will be limited to "log-max-lines" (see below).
+#
+#  Warning: Setting this to 0 will result in the buffer to grow
+#  infinitely and eat up all your memory!
+#
+#log-buffer-size 1
+#
+#  log-max-lines is the maximum number of lines held in the log
+#  buffer. See above.
+#
+#log-max-lines 200
+#
+#  If "log-highlight-messages" is set to 1, Privoxy will highlight
+#  portions of the log messages with a bold-faced font:
+#
+#log-highlight-messages 1
+#
+#  The font used in the console window:
+#
+#log-font-name Comic Sans MS
+#
+#  Font size used in the console window:
+#
+#log-font-size 8
+#
+#  "show-on-task-bar" controls whether or not Privoxy will appear as
+#  a button on the Task bar when minimized:
+#
+#show-on-task-bar 0
+#
+#  If "close-button-minimizes" is set to 1, the Windows close button
+#  will minimize Privoxy instead of closing the program (close with
+#  the exit option on the File menu).
+#
+#close-button-minimizes 1
+#
+#  The "hide-console" option is specific to the MS-Win console version
+#  of Privoxy.  If this option is used, Privoxy will disconnect from
+#  and hide the command console.
+#
+#hide-console
+#
+#
diff --git a/external/privoxy/config.status b/external/privoxy/config.status
new file mode 100755
index 0000000..a3adb80
--- /dev/null
+++ b/external/privoxy/config.status
@@ -0,0 +1,1126 @@
+#! /bin/bash
+# Generated by configure.
+# Run this file to recreate the current configuration.
+# Compiler output produced by configure, useful for debugging
+# configure, is in config.log if it exists.
+
+debug=false
+ac_cs_recheck=false
+ac_cs_silent=false
+
+SHELL=${CONFIG_SHELL-/bin/bash}
+export SHELL
+## -------------------- ##
+## M4sh Initialization. ##
+## -------------------- ##
+
+# Be more Bourne compatible
+DUALCASE=1; export DUALCASE # for MKS sh
+if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then :
+  emulate sh
+  NULLCMD=:
+  # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+  # is contrary to our usage.  Disable this feature.
+  alias -g '${1+"$@"}'='"$@"'
+  setopt NO_GLOB_SUBST
+else
+  case `(set -o) 2>/dev/null` in #(
+  *posix*) :
+    set -o posix ;; #(
+  *) :
+     ;;
+esac
+fi
+
+
+as_nl='
+'
+export as_nl
+# Printing a long string crashes Solaris 7 /usr/bin/printf.
+as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo
+as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo
+# Prefer a ksh shell builtin over an external printf program on Solaris,
+# but without wasting forks for bash or zsh.
+if test -z "$BASH_VERSION$ZSH_VERSION" \
+    && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then
+  as_echo='print -r --'
+  as_echo_n='print -rn --'
+elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then
+  as_echo='printf %s\n'
+  as_echo_n='printf %s'
+else
+  if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then
+    as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"'
+    as_echo_n='/usr/ucb/echo -n'
+  else
+    as_echo_body='eval expr "X$1" : "X\\(.*\\)"'
+    as_echo_n_body='eval
+      arg=$1;
+      case $arg in #(
+      *"$as_nl"*)
+	expr "X$arg" : "X\\(.*\\)$as_nl";
+	arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;;
+      esac;
+      expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl"
+    '
+    export as_echo_n_body
+    as_echo_n='sh -c $as_echo_n_body as_echo'
+  fi
+  export as_echo_body
+  as_echo='sh -c $as_echo_body as_echo'
+fi
+
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+  PATH_SEPARATOR=:
+  (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
+    (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
+      PATH_SEPARATOR=';'
+  }
+fi
+
+
+# IFS
+# We need space, tab and new line, in precisely that order.  Quoting is
+# there to prevent editors from complaining about space-tab.
+# (If _AS_PATH_WALK were called with IFS unset, it would disable word
+# splitting by setting IFS to empty value.)
+IFS=" ""	$as_nl"
+
+# Find who we are.  Look in the path if we contain no directory separator.
+as_myself=
+case $0 in #((
+  *[\\/]* ) as_myself=$0 ;;
+  *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
+  done
+IFS=$as_save_IFS
+
+     ;;
+esac
+# We did not find ourselves, most probably we were run as `sh COMMAND'
+# in which case we are not to be found in the path.
+if test "x$as_myself" = x; then
+  as_myself=$0
+fi
+if test ! -f "$as_myself"; then
+  $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
+  exit 1
+fi
+
+# Unset variables that we do not need and which cause bugs (e.g. in
+# pre-3.0 UWIN ksh).  But do not cause bugs in bash 2.01; the "|| exit 1"
+# suppresses any "Segmentation fault" message there.  '((' could
+# trigger a bug in pdksh 5.2.14.
+for as_var in BASH_ENV ENV MAIL MAILPATH
+do eval test x\${$as_var+set} = xset \
+  && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || :
+done
+PS1='$ '
+PS2='> '
+PS4='+ '
+
+# NLS nuisances.
+LC_ALL=C
+export LC_ALL
+LANGUAGE=C
+export LANGUAGE
+
+# CDPATH.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+
+# as_fn_error STATUS ERROR [LINENO LOG_FD]
+# ----------------------------------------
+# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are
+# provided, also output the error to LOG_FD, referencing LINENO. Then exit the
+# script with STATUS, using 1 if that was 0.
+as_fn_error ()
+{
+  as_status=$1; test $as_status -eq 0 && as_status=1
+  if test "$4"; then
+    as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+    $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4
+  fi
+  $as_echo "$as_me: error: $2" >&2
+  as_fn_exit $as_status
+} # as_fn_error
+
+
+# as_fn_set_status STATUS
+# -----------------------
+# Set $? to STATUS, without forking.
+as_fn_set_status ()
+{
+  return $1
+} # as_fn_set_status
+
+# as_fn_exit STATUS
+# -----------------
+# Exit the shell with STATUS, even in a "trap 0" or "set -e" context.
+as_fn_exit ()
+{
+  set +e
+  as_fn_set_status $1
+  exit $1
+} # as_fn_exit
+
+# as_fn_unset VAR
+# ---------------
+# Portably unset VAR.
+as_fn_unset ()
+{
+  { eval $1=; unset $1;}
+}
+as_unset=as_fn_unset
+# as_fn_append VAR VALUE
+# ----------------------
+# Append the text in VALUE to the end of the definition contained in VAR. Take
+# advantage of any shell optimizations that allow amortized linear growth over
+# repeated appends, instead of the typical quadratic growth present in naive
+# implementations.
+if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then :
+  eval 'as_fn_append ()
+  {
+    eval $1+=\$2
+  }'
+else
+  as_fn_append ()
+  {
+    eval $1=\$$1\$2
+  }
+fi # as_fn_append
+
+# as_fn_arith ARG...
+# ------------------
+# Perform arithmetic evaluation on the ARGs, and store the result in the
+# global $as_val. Take advantage of shells that can avoid forks. The arguments
+# must be portable across $(()) and expr.
+if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then :
+  eval 'as_fn_arith ()
+  {
+    as_val=$(( $* ))
+  }'
+else
+  as_fn_arith ()
+  {
+    as_val=`expr "$@" || test $? -eq 1`
+  }
+fi # as_fn_arith
+
+
+if expr a : '\(a\)' >/dev/null 2>&1 &&
+   test "X`expr 00001 : '.*\(...\)'`" = X001; then
+  as_expr=expr
+else
+  as_expr=false
+fi
+
+if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
+  as_basename=basename
+else
+  as_basename=false
+fi
+
+if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
+  as_dirname=dirname
+else
+  as_dirname=false
+fi
+
+as_me=`$as_basename -- "$0" ||
+$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
+	 X"$0" : 'X\(//\)$' \| \
+	 X"$0" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X/"$0" |
+    sed '/^.*\/\([^/][^/]*\)\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\/\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\/\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+
+# Avoid depending upon Character Ranges.
+as_cr_letters='abcdefghijklmnopqrstuvwxyz'
+as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
+as_cr_Letters=$as_cr_letters$as_cr_LETTERS
+as_cr_digits='0123456789'
+as_cr_alnum=$as_cr_Letters$as_cr_digits
+
+ECHO_C= ECHO_N= ECHO_T=
+case `echo -n x` in #(((((
+-n*)
+  case `echo 'xy\c'` in
+  *c*) ECHO_T='	';;	# ECHO_T is single tab character.
+  xy)  ECHO_C='\c';;
+  *)   echo `echo ksh88 bug on AIX 6.1` > /dev/null
+       ECHO_T='	';;
+  esac;;
+*)
+  ECHO_N='-n';;
+esac
+
+rm -f conf$$ conf$$.exe conf$$.file
+if test -d conf$$.dir; then
+  rm -f conf$$.dir/conf$$.file
+else
+  rm -f conf$$.dir
+  mkdir conf$$.dir 2>/dev/null
+fi
+if (echo >conf$$.file) 2>/dev/null; then
+  if ln -s conf$$.file conf$$ 2>/dev/null; then
+    as_ln_s='ln -s'
+    # ... but there are two gotchas:
+    # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
+    # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
+    # In both cases, we have to default to `cp -p'.
+    ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
+      as_ln_s='cp -p'
+  elif ln conf$$.file conf$$ 2>/dev/null; then
+    as_ln_s=ln
+  else
+    as_ln_s='cp -p'
+  fi
+else
+  as_ln_s='cp -p'
+fi
+rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
+rmdir conf$$.dir 2>/dev/null
+
+
+# as_fn_mkdir_p
+# -------------
+# Create "$as_dir" as a directory, including parents if necessary.
+as_fn_mkdir_p ()
+{
+
+  case $as_dir in #(
+  -*) as_dir=./$as_dir;;
+  esac
+  test -d "$as_dir" || eval $as_mkdir_p || {
+    as_dirs=
+    while :; do
+      case $as_dir in #(
+      *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'(
+      *) as_qdir=$as_dir;;
+      esac
+      as_dirs="'$as_qdir' $as_dirs"
+      as_dir=`$as_dirname -- "$as_dir" ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+	 X"$as_dir" : 'X\(//\)[^/]' \| \
+	 X"$as_dir" : 'X\(//\)$' \| \
+	 X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$as_dir" |
+    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)[^/].*/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+      test -d "$as_dir" && break
+    done
+    test -z "$as_dirs" || eval "mkdir $as_dirs"
+  } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir"
+
+
+} # as_fn_mkdir_p
+if mkdir -p . 2>/dev/null; then
+  as_mkdir_p='mkdir -p "$as_dir"'
+else
+  test -d ./-p && rmdir ./-p
+  as_mkdir_p=false
+fi
+
+if test -x / >/dev/null 2>&1; then
+  as_test_x='test -x'
+else
+  if ls -dL / >/dev/null 2>&1; then
+    as_ls_L_option=L
+  else
+    as_ls_L_option=
+  fi
+  as_test_x='
+    eval sh -c '\''
+      if test -d "$1"; then
+	test -d "$1/.";
+      else
+	case $1 in #(
+	-*)set "./$1";;
+	esac;
+	case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #((
+	???[sx]*):;;*)false;;esac;fi
+    '\'' sh
+  '
+fi
+as_executable_p=$as_test_x
+
+# Sed expression to map a string onto a valid CPP name.
+as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
+
+# Sed expression to map a string onto a valid variable name.
+as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
+
+
+exec 6>&1
+## ----------------------------------- ##
+## Main body of $CONFIG_STATUS script. ##
+## ----------------------------------- ##
+# Save the log message, to keep $0 and so on meaningful, and to
+# report actual input values of CONFIG_FILES etc. instead of their
+# values after options handling.
+ac_log="
+This file was extended by $as_me, which was
+generated by GNU Autoconf 2.68.  Invocation command line was
+
+  CONFIG_FILES    = $CONFIG_FILES
+  CONFIG_HEADERS  = $CONFIG_HEADERS
+  CONFIG_LINKS    = $CONFIG_LINKS
+  CONFIG_COMMANDS = $CONFIG_COMMANDS
+  $ $0 $@
+
+on `(hostname || uname -n) 2>/dev/null | sed 1q`
+"
+
+# Files that config.status was made for.
+config_files=" GNUmakefile doc/source/ldp.dsl"
+config_headers=" config.h"
+
+ac_cs_usage="\
+\`$as_me' instantiates files and other configuration actions
+from templates according to the current configuration.  Unless the files
+and actions are specified as TAGs, all are instantiated by default.
+
+Usage: $0 [OPTION]... [TAG]...
+
+  -h, --help       print this help, then exit
+  -V, --version    print version number and configuration settings, then exit
+      --config     print configuration, then exit
+  -q, --quiet, --silent
+                   do not print progress messages
+  -d, --debug      don't remove temporary files
+      --recheck    update $as_me by reconfiguring in the same conditions
+      --file=FILE[:TEMPLATE]
+                   instantiate the configuration file FILE
+      --header=FILE[:TEMPLATE]
+                   instantiate the configuration header FILE
+
+Configuration files:
+$config_files
+
+Configuration headers:
+$config_headers
+
+Report bugs to the package provider."
+
+ac_cs_config="'--host=arm-linux-eabi' '--build=' '--prefix=/home/n8fr8/dev/android/ndk/my-android-toolchain' '--disable-pthread' 'build_alias=' 'host_alias=arm-linux-eabi' 'CC=arm-linux-androideabi-gcc' 'LDFLAGS=-L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib' 'CPPFLAGS=--sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include'"
+ac_cs_version="\
+config.status
+configured by ./configure, generated by GNU Autoconf 2.68,
+  with options \"$ac_cs_config\"
+
+Copyright (C) 2010 Free Software Foundation, Inc.
+This config.status script is free software; the Free Software Foundation
+gives unlimited permission to copy, distribute and modify it."
+
+ac_pwd='/home/n8fr8/dev/gp/repos/orbot/native/privoxy/privoxy-3.0.12-stable'
+srcdir='.'
+INSTALL='/usr/bin/install -c'
+AWK='mawk'
+test -n "$AWK" || AWK=awk
+# The default lists apply if the user does not specify any file.
+ac_need_defaults=:
+while test $# != 0
+do
+  case $1 in
+  --*=?*)
+    ac_option=`expr "X$1" : 'X\([^=]*\)='`
+    ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'`
+    ac_shift=:
+    ;;
+  --*=)
+    ac_option=`expr "X$1" : 'X\([^=]*\)='`
+    ac_optarg=
+    ac_shift=:
+    ;;
+  *)
+    ac_option=$1
+    ac_optarg=$2
+    ac_shift=shift
+    ;;
+  esac
+
+  case $ac_option in
+  # Handling of the options.
+  -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
+    ac_cs_recheck=: ;;
+  --version | --versio | --versi | --vers | --ver | --ve | --v | -V )
+    $as_echo "$ac_cs_version"; exit ;;
+  --config | --confi | --conf | --con | --co | --c )
+    $as_echo "$ac_cs_config"; exit ;;
+  --debug | --debu | --deb | --de | --d | -d )
+    debug=: ;;
+  --file | --fil | --fi | --f )
+    $ac_shift
+    case $ac_optarg in
+    *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
+    '') as_fn_error $? "missing file argument" ;;
+    esac
+    as_fn_append CONFIG_FILES " '$ac_optarg'"
+    ac_need_defaults=false;;
+  --header | --heade | --head | --hea )
+    $ac_shift
+    case $ac_optarg in
+    *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
+    esac
+    as_fn_append CONFIG_HEADERS " '$ac_optarg'"
+    ac_need_defaults=false;;
+  --he | --h)
+    # Conflict between --help and --header
+    as_fn_error $? "ambiguous option: \`$1'
+Try \`$0 --help' for more information.";;
+  --help | --hel | -h )
+    $as_echo "$ac_cs_usage"; exit ;;
+  -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+  | -silent | --silent | --silen | --sile | --sil | --si | --s)
+    ac_cs_silent=: ;;
+
+  # This is an error.
+  -*) as_fn_error $? "unrecognized option: \`$1'
+Try \`$0 --help' for more information." ;;
+
+  *) as_fn_append ac_config_targets " $1"
+     ac_need_defaults=false ;;
+
+  esac
+  shift
+done
+
+ac_configure_extra_args=
+
+if $ac_cs_silent; then
+  exec 6>/dev/null
+  ac_configure_extra_args="$ac_configure_extra_args --silent"
+fi
+
+if $ac_cs_recheck; then
+  set X '/bin/bash' './configure'  '--host=arm-linux-eabi' '--build=' '--prefix=/home/n8fr8/dev/android/ndk/my-android-toolchain' '--disable-pthread' 'build_alias=' 'host_alias=arm-linux-eabi' 'CC=arm-linux-androideabi-gcc' 'LDFLAGS=-L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib' 'CPPFLAGS=--sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8fr8/dev/android/ndk/my-android-toolchain/include' $ac_configure_extra_args --no-create --no-recursion
+  shift
+  $as_echo "running CONFIG_SHELL=/bin/bash $*" >&6
+  CONFIG_SHELL='/bin/bash'
+  export CONFIG_SHELL
+  exec "$@"
+fi
+
+exec 5>>config.log
+{
+  echo
+  sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX
+## Running $as_me. ##
+_ASBOX
+  $as_echo "$ac_log"
+} >&5
+
+
+# Handling of arguments.
+for ac_config_target in $ac_config_targets
+do
+  case $ac_config_target in
+    "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;;
+    "GNUmakefile") CONFIG_FILES="$CONFIG_FILES GNUmakefile" ;;
+    "doc/source/ldp.dsl") CONFIG_FILES="$CONFIG_FILES doc/source/ldp.dsl" ;;
+
+  *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
+  esac
+done
+
+
+# If the user did not use the arguments to specify the items to instantiate,
+# then the envvar interface is used.  Set only those that are not.
+# We use the long form for the default assignment because of an extremely
+# bizarre bug on SunOS 4.1.3.
+if $ac_need_defaults; then
+  test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files
+  test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers
+fi
+
+# Have a temporary directory for convenience.  Make it in the build tree
+# simply because there is no reason against having it here, and in addition,
+# creating and moving files from /tmp can sometimes cause problems.
+# Hook for its removal unless debugging.
+# Note that there is a small window in which the directory will not be cleaned:
+# after its creation but before its name has been assigned to `$tmp'.
+$debug ||
+{
+  tmp= ac_tmp=
+  trap 'exit_status=$?
+  : "${ac_tmp:=$tmp}"
+  { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status
+' 0
+  trap 'as_fn_exit 1' 1 2 13 15
+}
+# Create a (secure) tmp directory for tmp files.
+
+{
+  tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` &&
+  test -d "$tmp"
+}  ||
+{
+  tmp=./conf$$-$RANDOM
+  (umask 077 && mkdir "$tmp")
+} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5
+ac_tmp=$tmp
+
+# Set up the scripts for CONFIG_FILES section.
+# No need to generate them if there are no CONFIG_FILES.
+# This happens for instance with `./config.status config.h'.
+if test -n "$CONFIG_FILES"; then
+
+
+ac_cr=`echo X | tr X '\015'`
+# On cygwin, bash can eat \r inside `` if the user requested igncr.
+# But we know of no other shell where ac_cr would be empty at this
+# point, so we can use a bashism as a fallback.
+if test "x$ac_cr" = x; then
+  eval ac_cr=\$\'\\r\'
+fi
+ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' </dev/null 2>/dev/null`
+if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then
+  ac_cs_awk_cr='\\r'
+else
+  ac_cs_awk_cr=$ac_cr
+fi
+
+echo 'BEGIN {' >"$ac_tmp/subs1.awk" &&
+cat >>"$ac_tmp/subs1.awk" <<\_ACAWK &&
+S["LTLIBOBJS"]=""
+S["LIBOBJS"]=""
+S["PTHREAD_LIB"]="-lpthread"
+S["SPECIAL_CFLAGS"]=""
+S["STATIC_PCRS_ONLY"]=""
+S["STATIC_PCRE_ONLY"]=""
+S["AMIGAOS_ONLY"]="#"
+S["SOCKET_LIB"]=""
+S["PTHREAD_ONLY"]="#"
+S["EGREP"]="/bin/grep -E"
+S["GREP"]="/bin/grep"
+S["DKPREFIX"]="none"
+S["JADECAT"]=""
+S["DOC_STATUS"]="p-stable"
+S["MAN2HTML"]="false"
+S["JADEBIN"]="false"
+S["RPM_BASE"]="/home/n8fr8/rpmbuild"
+S["RPMBIN"]="rpm"
+S["DB2HTML"]="false"
+S["WDUMP"]=""
+S["WIN_ONLY"]="#"
+S["GROUP"]=""
+S["USER"]=""
+S["ID"]="/usr/bin/id"
+S["BGROUPS"]="/usr/bin/groups"
+S["GDB"]="yes"
+S["AWK"]="mawk"
+S["SET_MAKE"]=""
+S["LN_S"]="ln -s"
+S["INSTALL_DATA"]="${INSTALL} -m 644"
+S["INSTALL_SCRIPT"]="${INSTALL}"
+S["INSTALL_PROGRAM"]="${INSTALL}"
+S["CPP"]="arm-linux-androideabi-gcc -E"
+S["OBJEXT"]="o"
+S["EXEEXT"]=""
+S["ac_ct_CC"]=""
+S["CPPFLAGS"]="--sysroot=/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot -I/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/include -I/home/n8"\
+"fr8/dev/android/ndk/my-android-toolchain/include"
+S["LDFLAGS"]="-L/home/n8fr8/dev/android/ndk/my-android-toolchain/sysroot/usr/lib -L/home/n8fr8/dev/android/ndk/my-android-toolchain/lib"
+S["CFLAGS"]="-pipe -O2"
+S["CC"]="arm-linux-androideabi-gcc"
+S["CODE_STATUS"]="stable"
+S["VERSION_POINT"]="12"
+S["VERSION_MINOR"]="0"
+S["VERSION_MAJOR"]="3"
+S["host_os"]="eabi"
+S["host_vendor"]="linux"
+S["host_cpu"]="arm"
+S["host"]="arm-linux-eabi"
+S["build_os"]="linux-gnulibc1"
+S["build_vendor"]="pc"
+S["build_cpu"]="i686"
+S["build"]="i686-pc-linux-gnulibc1"
+S["target_alias"]=""
+S["host_alias"]="arm-linux-eabi"
+S["build_alias"]=""
+S["LIBS"]=" -lz"
+S["ECHO_T"]=""
+S["ECHO_N"]="-n"
+S["ECHO_C"]=""
+S["DEFS"]="-DHAVE_CONFIG_H"
+S["mandir"]="${datarootdir}/man"
+S["localedir"]="${datarootdir}/locale"
+S["libdir"]="${exec_prefix}/lib"
+S["psdir"]="${docdir}"
+S["pdfdir"]="${docdir}"
+S["dvidir"]="${docdir}"
+S["htmldir"]="${docdir}"
+S["infodir"]="${datarootdir}/info"
+S["docdir"]="${datarootdir}/doc/${PACKAGE}"
+S["oldincludedir"]="/usr/include"
+S["includedir"]="${prefix}/include"
+S["localstatedir"]="${prefix}/var"
+S["sharedstatedir"]="${prefix}/com"
+S["sysconfdir"]="${prefix}/etc"
+S["datadir"]="${datarootdir}"
+S["datarootdir"]="${prefix}/share"
+S["libexecdir"]="${exec_prefix}/libexec"
+S["sbindir"]="${exec_prefix}/sbin"
+S["bindir"]="${exec_prefix}/bin"
+S["program_transform_name"]="s,x,x,"
+S["prefix"]="/home/n8fr8/dev/android/ndk/my-android-toolchain"
+S["exec_prefix"]="${prefix}"
+S["PACKAGE_URL"]=""
+S["PACKAGE_BUGREPORT"]=""
+S["PACKAGE_STRING"]=""
+S["PACKAGE_VERSION"]=""
+S["PACKAGE_TARNAME"]=""
+S["PACKAGE_NAME"]=""
+S["PATH_SEPARATOR"]=":"
+S["SHELL"]="/bin/bash"
+_ACAWK
+cat >>"$ac_tmp/subs1.awk" <<_ACAWK &&
+  for (key in S) S_is_set[key] = 1
+  FS = ""
+
+}
+{
+  line = $ 0
+  nfields = split(line, field, "@")
+  substed = 0
+  len = length(field[1])
+  for (i = 2; i < nfields; i++) {
+    key = field[i]
+    keylen = length(key)
+    if (S_is_set[key]) {
+      value = S[key]
+      line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3)
+      len += length(value) + length(field[++i])
+      substed = 1
+    } else
+      len += 1 + keylen
+  }
+
+  print line
+}
+
+_ACAWK
+if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then
+  sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g"
+else
+  cat
+fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \
+  || as_fn_error $? "could not setup config files machinery" "$LINENO" 5
+fi # test -n "$CONFIG_FILES"
+
+# Set up the scripts for CONFIG_HEADERS section.
+# No need to generate them if there are no CONFIG_HEADERS.
+# This happens for instance with `./config.status Makefile'.
+if test -n "$CONFIG_HEADERS"; then
+cat >"$ac_tmp/defines.awk" <<\_ACAWK ||
+BEGIN {
+D["PACKAGE_NAME"]=" \"\""
+D["PACKAGE_TARNAME"]=" \"\""
+D["PACKAGE_VERSION"]=" \"\""
+D["PACKAGE_STRING"]=" \"\""
+D["PACKAGE_BUGREPORT"]=" \"\""
+D["PACKAGE_URL"]=" \"\""
+D["VERSION_MAJOR"]=" 3"
+D["VERSION_MINOR"]=" 0"
+D["VERSION_POINT"]=" 12"
+D["VERSION"]=" \"3.0.12\""
+D["CODE_STATUS"]=" \"stable\""
+D["STDC_HEADERS"]=" 1"
+D["HAVE_SYS_TYPES_H"]=" 1"
+D["HAVE_SYS_STAT_H"]=" 1"
+D["HAVE_STDLIB_H"]=" 1"
+D["HAVE_STRING_H"]=" 1"
+D["HAVE_MEMORY_H"]=" 1"
+D["HAVE_STRINGS_H"]=" 1"
+D["HAVE_INTTYPES_H"]=" 1"
+D["HAVE_STDINT_H"]=" 1"
+D["HAVE_UNISTD_H"]=" 1"
+D["HAVE_GETHOSTBYNAME_R_6_ARGS"]=" 1"
+D["HAVE_GMTIME_R"]=" 1"
+D["HAVE_LOCALTIME_R"]=" 1"
+D["STDC_HEADERS"]=" 1"
+D["HAVE_DIRENT_H"]=" 1"
+D["TIME_WITH_SYS_TIME"]=" 1"
+D["SIZEOF_INT"]=" 4"
+D["SIZEOF_CHAR_P"]=" 4"
+D["SIZEOF_LONG"]=" 4"
+D["SIZEOF_LONG_LONG"]=" 8"
+D["SIZEOF_SIZE_T"]=" 4"
+D["HAVE_ARPA_INET_H"]=" 1"
+D["HAVE_ERRNO_H"]=" 1"
+D["HAVE_FCNTL_H"]=" 1"
+D["HAVE_LIMITS_H"]=" 1"
+D["HAVE_LOCALE_H"]=" 1"
+D["HAVE_NETDB_H"]=" 1"
+D["HAVE_NETINET_IN_H"]=" 1"
+D["HAVE_STDDEF_H"]=" 1"
+D["HAVE_STDLIB_H"]=" 1"
+D["HAVE_STRING_H"]=" 1"
+D["HAVE_SYS_IOCTL_H"]=" 1"
+D["HAVE_SYS_SOCKET_H"]=" 1"
+D["HAVE_SYS_TIME_H"]=" 1"
+D["HAVE_SYS_TIMEB_H"]=" 1"
+D["HAVE_SYS_WAIT_H"]=" 1"
+D["HAVE_UNISTD_H"]=" 1"
+D["HAVE_STRERROR"]=" 1"
+D["HAVE_BCOPY"]=" 1"
+D["HAVE_MEMMOVE"]=" 1"
+D["SETPGRP_VOID"]=" 1"
+D["RETSIGTYPE"]=" void"
+D["HAVE_ACCESS"]=" 1"
+D["HAVE_ATEXIT"]=" 1"
+D["HAVE_GETCWD"]=" 1"
+D["HAVE_GETHOSTBYADDR"]=" 1"
+D["HAVE_GETHOSTBYNAME"]=" 1"
+D["HAVE_GETHOSTBYNAME_R"]=" 1"
+D["HAVE_GETTIMEOFDAY"]=" 1"
+D["HAVE_INET_NTOA"]=" 1"
+D["HAVE_LOCALTIME_R"]=" 1"
+D["HAVE_MEMCHR"]=" 1"
+D["HAVE_MEMMOVE"]=" 1"
+D["HAVE_MEMSET"]=" 1"
+D["HAVE_POLL"]=" 1"
+D["HAVE_PUTENV"]=" 1"
+D["HAVE_REGCOMP"]=" 1"
+D["HAVE_SELECT"]=" 1"
+D["HAVE_SETLOCALE"]=" 1"
+D["HAVE_SNPRINTF"]=" 1"
+D["HAVE_SOCKET"]=" 1"
+D["HAVE_STRCHR"]=" 1"
+D["HAVE_STRDUP"]=" 1"
+D["HAVE_STRERROR"]=" 1"
+D["HAVE_STRFTIME"]=" 1"
+D["HAVE_STRLCAT"]=" 1"
+D["HAVE_STRLCPY"]=" 1"
+D["HAVE_STRPTIME"]=" 1"
+D["HAVE_STRSTR"]=" 1"
+D["HAVE_STRTOUL"]=" 1"
+D["HAVE_TZSET"]=" 1"
+D["__MT__"]=" 1"
+D["FEATURE_TOGGLE"]=" 1"
+D["FEATURE_FORCE_LOAD"]=" 1"
+D["FEATURE_FAST_REDIRECTS"]=" 1"
+D["FEATURE_STATISTICS"]=" 1"
+D["FEATURE_IMAGE_BLOCKING"]=" 1"
+D["FEATURE_ACL"]=" 1"
+D["FEATURE_TRUST"]=" 1"
+D["FEATURE_CGI_EDIT_ACTIONS"]=" 1"
+D["FEATURE_ZLIB"]=" 1"
+D["STATIC_PCRE"]=" 1"
+D["STATIC_PCRS"]=" 1"
+  for (key in D) D_is_set[key] = 1
+  FS = ""
+}
+/^[\t ]*#[\t ]*(define|undef)[\t ]+[_abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ][_abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789]*([\t (]|$)/ {
+  line = $ 0
+  split(line, arg, " ")
+  if (arg[1] == "#") {
+    defundef = arg[2]
+    mac1 = arg[3]
+  } else {
+    defundef = substr(arg[1], 2)
+    mac1 = arg[2]
+  }
+  split(mac1, mac2, "(") #)
+  macro = mac2[1]
+  prefix = substr(line, 1, index(line, defundef) - 1)
+  if (D_is_set[macro]) {
+    # Preserve the white space surrounding the "#".
+    print prefix "define", macro P[macro] D[macro]
+    next
+  } else {
+    # Replace #undef with comments.  This is necessary, for example,
+    # in the case of _POSIX_SOURCE, which is predefined and required
+    # on some systems where configure will not decide to define it.
+    if (defundef == "undef") {
+      print "/*", prefix defundef, macro, "*/"
+      next
+    }
+  }
+}
+{ print }
+_ACAWK
+  as_fn_error $? "could not setup config headers machinery" "$LINENO" 5
+fi # test -n "$CONFIG_HEADERS"
+
+
+eval set X "  :F $CONFIG_FILES  :H $CONFIG_HEADERS    "
+shift
+for ac_tag
+do
+  case $ac_tag in
+  :[FHLC]) ac_mode=$ac_tag; continue;;
+  esac
+  case $ac_mode$ac_tag in
+  :[FHL]*:*);;
+  :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;;
+  :[FH]-) ac_tag=-:-;;
+  :[FH]*) ac_tag=$ac_tag:$ac_tag.in;;
+  esac
+  ac_save_IFS=$IFS
+  IFS=:
+  set x $ac_tag
+  IFS=$ac_save_IFS
+  shift
+  ac_file=$1
+  shift
+
+  case $ac_mode in
+  :L) ac_source=$1;;
+  :[FH])
+    ac_file_inputs=
+    for ac_f
+    do
+      case $ac_f in
+      -) ac_f="$ac_tmp/stdin";;
+      *) # Look for the file first in the build tree, then in the source tree
+	 # (if the path is not absolute).  The absolute path cannot be DOS-style,
+	 # because $ac_f cannot contain `:'.
+	 test -f "$ac_f" ||
+	   case $ac_f in
+	   [\\/$]*) false;;
+	   *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";;
+	   esac ||
+	   as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;;
+      esac
+      case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac
+      as_fn_append ac_file_inputs " '$ac_f'"
+    done
+
+    # Let's still pretend it is `configure' which instantiates (i.e., don't
+    # use $as_me), people would be surprised to read:
+    #    /* config.h.  Generated by config.status.  */
+    configure_input='Generated from '`
+	  $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g'
+	`' by configure.'
+    if test x"$ac_file" != x-; then
+      configure_input="$ac_file.  $configure_input"
+      { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5
+$as_echo "$as_me: creating $ac_file" >&6;}
+    fi
+    # Neutralize special characters interpreted by sed in replacement strings.
+    case $configure_input in #(
+    *\&* | *\|* | *\\* )
+       ac_sed_conf_input=`$as_echo "$configure_input" |
+       sed 's/[\\\\&|]/\\\\&/g'`;; #(
+    *) ac_sed_conf_input=$configure_input;;
+    esac
+
+    case $ac_tag in
+    *:-:* | *:-) cat >"$ac_tmp/stdin" \
+      || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;;
+    esac
+    ;;
+  esac
+
+  ac_dir=`$as_dirname -- "$ac_file" ||
+$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+	 X"$ac_file" : 'X\(//\)[^/]' \| \
+	 X"$ac_file" : 'X\(//\)$' \| \
+	 X"$ac_file" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$ac_file" |
+    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)[^/].*/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+  as_dir="$ac_dir"; as_fn_mkdir_p
+  ac_builddir=.
+
+case "$ac_dir" in
+.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
+*)
+  ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'`
+  # A ".." for each directory in $ac_dir_suffix.
+  ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
+  case $ac_top_builddir_sub in
+  "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
+  *)  ac_top_build_prefix=$ac_top_builddir_sub/ ;;
+  esac ;;
+esac
+ac_abs_top_builddir=$ac_pwd
+ac_abs_builddir=$ac_pwd$ac_dir_suffix
+# for backward compatibility:
+ac_top_builddir=$ac_top_build_prefix
+
+case $srcdir in
+  .)  # We are building in place.
+    ac_srcdir=.
+    ac_top_srcdir=$ac_top_builddir_sub
+    ac_abs_top_srcdir=$ac_pwd ;;
+  [\\/]* | ?:[\\/]* )  # Absolute name.
+    ac_srcdir=$srcdir$ac_dir_suffix;
+    ac_top_srcdir=$srcdir
+    ac_abs_top_srcdir=$srcdir ;;
+  *) # Relative name.
+    ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix
+    ac_top_srcdir=$ac_top_build_prefix$srcdir
+    ac_abs_top_srcdir=$ac_pwd/$srcdir ;;
+esac
+ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix
+
+
+  case $ac_mode in
+  :F)
+  #
+  # CONFIG_FILE
+  #
+
+  case $INSTALL in
+  [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;;
+  *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;;
+  esac
+# If the template does not know about datarootdir, expand it.
+# FIXME: This hack should be removed a few years after 2.60.
+ac_datarootdir_hack=; ac_datarootdir_seen=
+ac_sed_dataroot='
+/datarootdir/ {
+  p
+  q
+}
+/@datadir@/p
+/@docdir@/p
+/@infodir@/p
+/@localedir@/p
+/@mandir@/p'
+case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in
+*datarootdir*) ac_datarootdir_seen=yes;;
+*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*)
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5
+$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;}
+  ac_datarootdir_hack='
+  s&@datadir@&${datarootdir}&g
+  s&@docdir@&${datarootdir}/doc/${PACKAGE}&g
+  s&@infodir@&${datarootdir}/info&g
+  s&@localedir@&${datarootdir}/locale&g
+  s&@mandir@&${datarootdir}/man&g
+  s&\${datarootdir}&${prefix}/share&g' ;;
+esac
+ac_sed_extra="/^[	 ]*VPATH[	 ]*=[	 ]*/{
+h
+s///
+s/^/:/
+s/[	 ]*$/:/
+s/:\$(srcdir):/:/g
+s/:\${srcdir}:/:/g
+s/:@srcdir@:/:/g
+s/^:*//
+s/:*$//
+x
+s/\(=[	 ]*\).*/\1/
+G
+s/\n//
+s/^[^=]*=[	 ]*$//
+}
+
+:t
+/@[a-zA-Z_][a-zA-Z_0-9]*@/!b
+s|@configure_input@|$ac_sed_conf_input|;t t
+s&@top_builddir@&$ac_top_builddir_sub&;t t
+s&@top_build_prefix@&$ac_top_build_prefix&;t t
+s&@srcdir@&$ac_srcdir&;t t
+s&@abs_srcdir@&$ac_abs_srcdir&;t t
+s&@top_srcdir@&$ac_top_srcdir&;t t
+s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t
+s&@builddir@&$ac_builddir&;t t
+s&@abs_builddir@&$ac_abs_builddir&;t t
+s&@abs_top_builddir@&$ac_abs_top_builddir&;t t
+s&@INSTALL@&$ac_INSTALL&;t t
+$ac_datarootdir_hack
+"
+eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \
+  >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5
+
+test -z "$ac_datarootdir_hack$ac_datarootdir_seen" &&
+  { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } &&
+  { ac_out=`sed -n '/^[	 ]*datarootdir[	 ]*:*=/p' \
+      "$ac_tmp/out"`; test -z "$ac_out"; } &&
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir'
+which seems to be undefined.  Please make sure it is defined" >&5
+$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir'
+which seems to be undefined.  Please make sure it is defined" >&2;}
+
+  rm -f "$ac_tmp/stdin"
+  case $ac_file in
+  -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";;
+  *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";;
+  esac \
+  || as_fn_error $? "could not create $ac_file" "$LINENO" 5
+ ;;
+  :H)
+  #
+  # CONFIG_HEADER
+  #
+  if test x"$ac_file" != x-; then
+    {
+      $as_echo "/* $configure_input  */" \
+      && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs"
+    } >"$ac_tmp/config.h" \
+      || as_fn_error $? "could not create $ac_file" "$LINENO" 5
+    if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then
+      { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5
+$as_echo "$as_me: $ac_file is unchanged" >&6;}
+    else
+      rm -f "$ac_file"
+      mv "$ac_tmp/config.h" "$ac_file" \
+	|| as_fn_error $? "could not create $ac_file" "$LINENO" 5
+    fi
+  else
+    $as_echo "/* $configure_input  */" \
+      && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \
+      || as_fn_error $? "could not create -" "$LINENO" 5
+  fi
+ ;;
+
+
+  esac
+
+done # for ac_tag
+
+
+as_fn_exit 0
diff --git a/external/privoxy/config.sub b/external/privoxy/config.sub
new file mode 100644
index 0000000..de5d6a7
--- /dev/null
+++ b/external/privoxy/config.sub
@@ -0,0 +1,1662 @@
+#! /bin/sh
+# Configuration validation subroutine script.
+#   Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999,
+#   2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008
+#   Free Software Foundation, Inc.
+
+timestamp='2008-02-05'
+
+# This file is (in principle) common to ALL GNU software.
+# The presence of a machine in this file suggests that SOME GNU software
+# can handle that machine.  It does not imply ALL GNU software can.
+#
+# This file is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA
+# 02110-1301, USA.
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+
+# Please send patches to <config-patches at gnu.org>.  Submit a context
+# diff and a properly formatted ChangeLog entry.
+#
+# Configuration subroutine to validate and canonicalize a configuration type.
+# Supply the specified configuration type as an argument.
+# If it is invalid, we print an error message on stderr and exit with code 1.
+# Otherwise, we print the canonical config type on stdout and succeed.
+
+# This file is supposed to be the same for all GNU packages
+# and recognize all the CPU types, system types and aliases
+# that are meaningful with *any* GNU software.
+# Each package is responsible for reporting which valid configurations
+# it does not support.  The user should be able to distinguish
+# a failure to support a valid configuration from a meaningless
+# configuration.
+
+# The goal of this file is to map all the various variations of a given
+# machine specification into a single specification in the form:
+#	CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM
+# or in some cases, the newer four-part form:
+#	CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM
+# It is wrong to echo any other type of specification.
+
+me=`echo "$0" | sed -e 's,.*/,,'`
+
+usage="\
+Usage: $0 [OPTION] CPU-MFR-OPSYS
+       $0 [OPTION] ALIAS
+
+Canonicalize a configuration name.
+
+Operation modes:
+  -h, --help         print this help, then exit
+  -t, --time-stamp   print date of last modification, then exit
+  -v, --version      print version number, then exit
+
+Report bugs and patches to <config-patches at gnu.org>."
+
+version="\
+GNU config.sub ($timestamp)
+
+Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001,
+2002, 2003, 2004, 2005, 2006, 2007, 2008 Free Software Foundation, Inc.
+
+This is free software; see the source for copying conditions.  There is NO
+warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE."
+
+help="
+Try \`$me --help' for more information."
+
+# Parse command line
+while test $# -gt 0 ; do
+  case $1 in
+    --time-stamp | --time* | -t )
+       echo "$timestamp" ; exit ;;
+    --version | -v )
+       echo "$version" ; exit ;;
+    --help | --h* | -h )
+       echo "$usage"; exit ;;
+    -- )     # Stop option processing
+       shift; break ;;
+    - )	# Use stdin as input.
+       break ;;
+    -* )
+       echo "$me: invalid option $1$help"
+       exit 1 ;;
+
+    *local*)
+       # First pass through any local machine types.
+       echo $1
+       exit ;;
+
+    * )
+       break ;;
+  esac
+done
+
+case $# in
+ 0) echo "$me: missing argument$help" >&2
+    exit 1;;
+ 1) ;;
+ *) echo "$me: too many arguments$help" >&2
+    exit 1;;
+esac
+
+# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any).
+# Here we must recognize all the valid KERNEL-OS combinations.
+maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
+case $maybe_os in
+  nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \
+  uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \
+  storm-chaos* | os2-emx* | rtmk-nova*)
+    os=-$maybe_os
+    basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
+    ;;
+  *)
+    basic_machine=`echo $1 | sed 's/-[^-]*$//'`
+    if [ $basic_machine != $1 ]
+    then os=`echo $1 | sed 's/.*-/-/'`
+    else os=; fi
+    ;;
+esac
+
+### Let's recognize common machines as not being operating systems so
+### that things like config.sub decstation-3100 work.  We also
+### recognize some manufacturers as not being operating systems, so we
+### can provide default operating systems below.
+case $os in
+	-sun*os*)
+		# Prevent following clause from handling this invalid input.
+		;;
+	-dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \
+	-att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \
+	-unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \
+	-convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
+	-c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
+	-harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
+	-apple | -axis | -knuth | -cray)
+		os=
+		basic_machine=$1
+		;;
+	-sim | -cisco | -oki | -wec | -winbond)
+		os=
+		basic_machine=$1
+		;;
+	-scout)
+		;;
+	-wrs)
+		os=-vxworks
+		basic_machine=$1
+		;;
+	-chorusos*)
+		os=-chorusos
+		basic_machine=$1
+		;;
+ 	-chorusrdb)
+ 		os=-chorusrdb
+		basic_machine=$1
+ 		;;
+	-hiux*)
+		os=-hiuxwe2
+		;;
+	-sco6)
+		os=-sco5v6
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-sco5)
+		os=-sco3.2v5
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-sco4)
+		os=-sco3.2v4
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-sco3.2.[4-9]*)
+		os=`echo $os | sed -e 's/sco3.2./sco3.2v/'`
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-sco3.2v[4-9]*)
+		# Don't forget version if it is 3.2v4 or newer.
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-sco5v6*)
+		# Don't forget version if it is 3.2v4 or newer.
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-sco*)
+		os=-sco3.2v2
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-udk*)
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-isc)
+		os=-isc2.2
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-clix*)
+		basic_machine=clipper-intergraph
+		;;
+	-isc*)
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-lynx*)
+		os=-lynxos
+		;;
+	-ptx*)
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'`
+		;;
+	-windowsnt*)
+		os=`echo $os | sed -e 's/windowsnt/winnt/'`
+		;;
+	-psos*)
+		os=-psos
+		;;
+	-mint | -mint[0-9]*)
+		basic_machine=m68k-atari
+		os=-mint
+		;;
+esac
+
+# Decode aliases for certain CPU-COMPANY combinations.
+case $basic_machine in
+	# Recognize the basic CPU types without company name.
+	# Some are omitted here because they have special meanings below.
+	1750a | 580 \
+	| a29k \
+	| alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \
+	| alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \
+	| am33_2.0 \
+	| arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \
+	| bfin \
+	| c4x | clipper \
+	| d10v | d30v | dlx | dsp16xx \
+	| fido | fr30 | frv \
+	| h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \
+	| i370 | i860 | i960 | ia64 \
+	| ip2k | iq2000 \
+	| m32c | m32r | m32rle | m68000 | m68k | m88k \
+	| maxq | mb | microblaze | mcore | mep \
+	| mips | mipsbe | mipseb | mipsel | mipsle \
+	| mips16 \
+	| mips64 | mips64el \
+	| mips64octeon | mips64octeonel \
+	| mips64orion | mips64orionel \
+	| mips64r5900 | mips64r5900el \
+	| mips64vr | mips64vrel \
+	| mips64vr4100 | mips64vr4100el \
+	| mips64vr4300 | mips64vr4300el \
+	| mips64vr5000 | mips64vr5000el \
+	| mips64vr5900 | mips64vr5900el \
+	| mipsisa32 | mipsisa32el \
+	| mipsisa32r2 | mipsisa32r2el \
+	| mipsisa64 | mipsisa64el \
+	| mipsisa64r2 | mipsisa64r2el \
+	| mipsisa64sb1 | mipsisa64sb1el \
+	| mipsisa64sr71k | mipsisa64sr71kel \
+	| mipstx39 | mipstx39el \
+	| mn10200 | mn10300 \
+	| mt \
+	| msp430 \
+	| nios | nios2 \
+	| ns16k | ns32k \
+	| or32 \
+	| pdp10 | pdp11 | pj | pjl \
+	| powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \
+	| pyramid \
+	| score \
+	| sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \
+	| sh64 | sh64le \
+	| sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \
+	| sparcv8 | sparcv9 | sparcv9b | sparcv9v \
+	| spu | strongarm \
+	| tahoe | thumb | tic4x | tic80 | tron \
+	| v850 | v850e \
+	| we32k \
+	| x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \
+	| z8k)
+		basic_machine=$basic_machine-unknown
+		;;
+	m6811 | m68hc11 | m6812 | m68hc12)
+		# Motorola 68HC11/12.
+		basic_machine=$basic_machine-unknown
+		os=-none
+		;;
+	m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | v70 | w65 | z8k)
+		;;
+	ms1)
+		basic_machine=mt-unknown
+		;;
+
+	# We use `pc' rather than `unknown'
+	# because (1) that's what they normally are, and
+	# (2) the word "unknown" tends to confuse beginning users.
+	i*86 | x86_64)
+	  basic_machine=$basic_machine-pc
+	  ;;
+	# Object if more than one company name word.
+	*-*-*)
+		echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
+		exit 1
+		;;
+	# Recognize the basic CPU types with company name.
+	580-* \
+	| a29k-* \
+	| alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \
+	| alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \
+	| alphapca5[67]-* | alpha64pca5[67]-* | arc-* \
+	| arm-*  | armbe-* | armle-* | armeb-* | armv*-* \
+	| avr-* | avr32-* \
+	| bfin-* | bs2000-* \
+	| c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \
+	| clipper-* | craynv-* | cydra-* \
+	| d10v-* | d30v-* | dlx-* \
+	| elxsi-* \
+	| f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \
+	| h8300-* | h8500-* \
+	| hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \
+	| i*86-* | i860-* | i960-* | ia64-* \
+	| ip2k-* | iq2000-* \
+	| m32c-* | m32r-* | m32rle-* \
+	| m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \
+	| m88110-* | m88k-* | maxq-* | mcore-* \
+	| mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \
+	| mips16-* \
+	| mips64-* | mips64el-* \
+	| mips64octeon-* | mips64octeonel-* \
+	| mips64orion-* | mips64orionel-* \
+	| mips64r5900-* | mips64r5900el-* \
+	| mips64vr-* | mips64vrel-* \
+	| mips64vr4100-* | mips64vr4100el-* \
+	| mips64vr4300-* | mips64vr4300el-* \
+	| mips64vr5000-* | mips64vr5000el-* \
+	| mips64vr5900-* | mips64vr5900el-* \
+	| mipsisa32-* | mipsisa32el-* \
+	| mipsisa32r2-* | mipsisa32r2el-* \
+	| mipsisa64-* | mipsisa64el-* \
+	| mipsisa64r2-* | mipsisa64r2el-* \
+	| mipsisa64sb1-* | mipsisa64sb1el-* \
+	| mipsisa64sr71k-* | mipsisa64sr71kel-* \
+	| mipstx39-* | mipstx39el-* \
+	| mmix-* \
+	| mt-* \
+	| msp430-* \
+	| nios-* | nios2-* \
+	| none-* | np1-* | ns16k-* | ns32k-* \
+	| orion-* \
+	| pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \
+	| powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \
+	| pyramid-* \
+	| romp-* | rs6000-* \
+	| sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \
+	| shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \
+	| sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \
+	| sparclite-* \
+	| sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \
+	| tahoe-* | thumb-* \
+	| tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \
+	| tron-* \
+	| v850-* | v850e-* | vax-* \
+	| we32k-* \
+	| x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \
+	| xstormy16-* | xtensa*-* \
+	| ymp-* \
+	| z8k-*)
+		;;
+	# Recognize the basic CPU types without company name, with glob match.
+	xtensa*)
+		basic_machine=$basic_machine-unknown
+		;;
+	# Recognize the various machine names and aliases which stand
+	# for a CPU type and a company and sometimes even an OS.
+	386bsd)
+		basic_machine=i386-unknown
+		os=-bsd
+		;;
+	3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc)
+		basic_machine=m68000-att
+		;;
+	3b*)
+		basic_machine=we32k-att
+		;;
+	a29khif)
+		basic_machine=a29k-amd
+		os=-udi
+		;;
+    	abacus)
+		basic_machine=abacus-unknown
+		;;
+	adobe68k)
+		basic_machine=m68010-adobe
+		os=-scout
+		;;
+	alliant | fx80)
+		basic_machine=fx80-alliant
+		;;
+	altos | altos3068)
+		basic_machine=m68k-altos
+		;;
+	am29k)
+		basic_machine=a29k-none
+		os=-bsd
+		;;
+	amd64)
+		basic_machine=x86_64-pc
+		;;
+	amd64-*)
+		basic_machine=x86_64-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	amdahl)
+		basic_machine=580-amdahl
+		os=-sysv
+		;;
+	amiga | amiga-*)
+		basic_machine=m68k-unknown
+		;;
+	amigaos | amigados)
+		basic_machine=m68k-unknown
+		os=-amigaos
+		;;
+	amigaunix | amix)
+		basic_machine=m68k-unknown
+		os=-sysv4
+		;;
+	apollo68)
+		basic_machine=m68k-apollo
+		os=-sysv
+		;;
+	apollo68bsd)
+		basic_machine=m68k-apollo
+		os=-bsd
+		;;
+	aux)
+		basic_machine=m68k-apple
+		os=-aux
+		;;
+	balance)
+		basic_machine=ns32k-sequent
+		os=-dynix
+		;;
+	blackfin)
+		basic_machine=bfin-unknown
+		os=-linux
+		;;
+	blackfin-*)
+		basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'`
+		os=-linux
+		;;
+	c90)
+		basic_machine=c90-cray
+		os=-unicos
+		;;
+	convex-c1)
+		basic_machine=c1-convex
+		os=-bsd
+		;;
+	convex-c2)
+		basic_machine=c2-convex
+		os=-bsd
+		;;
+	convex-c32)
+		basic_machine=c32-convex
+		os=-bsd
+		;;
+	convex-c34)
+		basic_machine=c34-convex
+		os=-bsd
+		;;
+	convex-c38)
+		basic_machine=c38-convex
+		os=-bsd
+		;;
+	cray | j90)
+		basic_machine=j90-cray
+		os=-unicos
+		;;
+	craynv)
+		basic_machine=craynv-cray
+		os=-unicosmp
+		;;
+	cr16)
+		basic_machine=cr16-unknown
+		os=-elf
+		;;
+	crds | unos)
+		basic_machine=m68k-crds
+		;;
+	crisv32 | crisv32-* | etraxfs*)
+		basic_machine=crisv32-axis
+		;;
+	cris | cris-* | etrax*)
+		basic_machine=cris-axis
+		;;
+	crx)
+		basic_machine=crx-unknown
+		os=-elf
+		;;
+	da30 | da30-*)
+		basic_machine=m68k-da30
+		;;
+	decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn)
+		basic_machine=mips-dec
+		;;
+	decsystem10* | dec10*)
+		basic_machine=pdp10-dec
+		os=-tops10
+		;;
+	decsystem20* | dec20*)
+		basic_machine=pdp10-dec
+		os=-tops20
+		;;
+	delta | 3300 | motorola-3300 | motorola-delta \
+	      | 3300-motorola | delta-motorola)
+		basic_machine=m68k-motorola
+		;;
+	delta88)
+		basic_machine=m88k-motorola
+		os=-sysv3
+		;;
+	djgpp)
+		basic_machine=i586-pc
+		os=-msdosdjgpp
+		;;
+	dpx20 | dpx20-*)
+		basic_machine=rs6000-bull
+		os=-bosx
+		;;
+	dpx2* | dpx2*-bull)
+		basic_machine=m68k-bull
+		os=-sysv3
+		;;
+	ebmon29k)
+		basic_machine=a29k-amd
+		os=-ebmon
+		;;
+	elxsi)
+		basic_machine=elxsi-elxsi
+		os=-bsd
+		;;
+	encore | umax | mmax)
+		basic_machine=ns32k-encore
+		;;
+	es1800 | OSE68k | ose68k | ose | OSE)
+		basic_machine=m68k-ericsson
+		os=-ose
+		;;
+	fx2800)
+		basic_machine=i860-alliant
+		;;
+	genix)
+		basic_machine=ns32k-ns
+		;;
+	gmicro)
+		basic_machine=tron-gmicro
+		os=-sysv
+		;;
+	go32)
+		basic_machine=i386-pc
+		os=-go32
+		;;
+	h3050r* | hiux*)
+		basic_machine=hppa1.1-hitachi
+		os=-hiuxwe2
+		;;
+	h8300hms)
+		basic_machine=h8300-hitachi
+		os=-hms
+		;;
+	h8300xray)
+		basic_machine=h8300-hitachi
+		os=-xray
+		;;
+	h8500hms)
+		basic_machine=h8500-hitachi
+		os=-hms
+		;;
+	harris)
+		basic_machine=m88k-harris
+		os=-sysv3
+		;;
+	hp300-*)
+		basic_machine=m68k-hp
+		;;
+	hp300bsd)
+		basic_machine=m68k-hp
+		os=-bsd
+		;;
+	hp300hpux)
+		basic_machine=m68k-hp
+		os=-hpux
+		;;
+	hp3k9[0-9][0-9] | hp9[0-9][0-9])
+		basic_machine=hppa1.0-hp
+		;;
+	hp9k2[0-9][0-9] | hp9k31[0-9])
+		basic_machine=m68000-hp
+		;;
+	hp9k3[2-9][0-9])
+		basic_machine=m68k-hp
+		;;
+	hp9k6[0-9][0-9] | hp6[0-9][0-9])
+		basic_machine=hppa1.0-hp
+		;;
+	hp9k7[0-79][0-9] | hp7[0-79][0-9])
+		basic_machine=hppa1.1-hp
+		;;
+	hp9k78[0-9] | hp78[0-9])
+		# FIXME: really hppa2.0-hp
+		basic_machine=hppa1.1-hp
+		;;
+	hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893)
+		# FIXME: really hppa2.0-hp
+		basic_machine=hppa1.1-hp
+		;;
+	hp9k8[0-9][13679] | hp8[0-9][13679])
+		basic_machine=hppa1.1-hp
+		;;
+	hp9k8[0-9][0-9] | hp8[0-9][0-9])
+		basic_machine=hppa1.0-hp
+		;;
+	hppa-next)
+		os=-nextstep3
+		;;
+	hppaosf)
+		basic_machine=hppa1.1-hp
+		os=-osf
+		;;
+	hppro)
+		basic_machine=hppa1.1-hp
+		os=-proelf
+		;;
+	i370-ibm* | ibm*)
+		basic_machine=i370-ibm
+		;;
+# I'm not sure what "Sysv32" means.  Should this be sysv3.2?
+	i*86v32)
+		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+		os=-sysv32
+		;;
+	i*86v4*)
+		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+		os=-sysv4
+		;;
+	i*86v)
+		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+		os=-sysv
+		;;
+	i*86sol2)
+		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+		os=-solaris2
+		;;
+	i386mach)
+		basic_machine=i386-mach
+		os=-mach
+		;;
+	i386-vsta | vsta)
+		basic_machine=i386-unknown
+		os=-vsta
+		;;
+	iris | iris4d)
+		basic_machine=mips-sgi
+		case $os in
+		    -irix*)
+			;;
+		    *)
+			os=-irix4
+			;;
+		esac
+		;;
+	isi68 | isi)
+		basic_machine=m68k-isi
+		os=-sysv
+		;;
+	m68knommu)
+		basic_machine=m68k-unknown
+		os=-linux
+		;;
+	m68knommu-*)
+		basic_machine=m68k-`echo $basic_machine | sed 's/^[^-]*-//'`
+		os=-linux
+		;;
+	m88k-omron*)
+		basic_machine=m88k-omron
+		;;
+	magnum | m3230)
+		basic_machine=mips-mips
+		os=-sysv
+		;;
+	merlin)
+		basic_machine=ns32k-utek
+		os=-sysv
+		;;
+	mingw32)
+		basic_machine=i386-pc
+		os=-mingw32
+		;;
+	mingw32ce)
+		basic_machine=arm-unknown
+		os=-mingw32ce
+		;;
+	miniframe)
+		basic_machine=m68000-convergent
+		;;
+	*mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*)
+		basic_machine=m68k-atari
+		os=-mint
+		;;
+	mips3*-*)
+		basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`
+		;;
+	mips3*)
+		basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown
+		;;
+	monitor)
+		basic_machine=m68k-rom68k
+		os=-coff
+		;;
+	morphos)
+		basic_machine=powerpc-unknown
+		os=-morphos
+		;;
+	msdos)
+		basic_machine=i386-pc
+		os=-msdos
+		;;
+	ms1-*)
+		basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'`
+		;;
+	mvs)
+		basic_machine=i370-ibm
+		os=-mvs
+		;;
+	ncr3000)
+		basic_machine=i486-ncr
+		os=-sysv4
+		;;
+	netbsd386)
+		basic_machine=i386-unknown
+		os=-netbsd
+		;;
+	netwinder)
+		basic_machine=armv4l-rebel
+		os=-linux
+		;;
+	news | news700 | news800 | news900)
+		basic_machine=m68k-sony
+		os=-newsos
+		;;
+	news1000)
+		basic_machine=m68030-sony
+		os=-newsos
+		;;
+	news-3600 | risc-news)
+		basic_machine=mips-sony
+		os=-newsos
+		;;
+	necv70)
+		basic_machine=v70-nec
+		os=-sysv
+		;;
+	next | m*-next )
+		basic_machine=m68k-next
+		case $os in
+		    -nextstep* )
+			;;
+		    -ns2*)
+		      os=-nextstep2
+			;;
+		    *)
+		      os=-nextstep3
+			;;
+		esac
+		;;
+	nh3000)
+		basic_machine=m68k-harris
+		os=-cxux
+		;;
+	nh[45]000)
+		basic_machine=m88k-harris
+		os=-cxux
+		;;
+	nindy960)
+		basic_machine=i960-intel
+		os=-nindy
+		;;
+	mon960)
+		basic_machine=i960-intel
+		os=-mon960
+		;;
+	nonstopux)
+		basic_machine=mips-compaq
+		os=-nonstopux
+		;;
+	np1)
+		basic_machine=np1-gould
+		;;
+	nsr-tandem)
+		basic_machine=nsr-tandem
+		;;
+	op50n-* | op60c-*)
+		basic_machine=hppa1.1-oki
+		os=-proelf
+		;;
+	openrisc | openrisc-*)
+		basic_machine=or32-unknown
+		;;
+	os400)
+		basic_machine=powerpc-ibm
+		os=-os400
+		;;
+	OSE68000 | ose68000)
+		basic_machine=m68000-ericsson
+		os=-ose
+		;;
+	os68k)
+		basic_machine=m68k-none
+		os=-os68k
+		;;
+	pa-hitachi)
+		basic_machine=hppa1.1-hitachi
+		os=-hiuxwe2
+		;;
+	paragon)
+		basic_machine=i860-intel
+		os=-osf
+		;;
+	parisc)
+		basic_machine=hppa-unknown
+		os=-linux
+		;;
+	parisc-*)
+		basic_machine=hppa-`echo $basic_machine | sed 's/^[^-]*-//'`
+		os=-linux
+		;;
+	pbd)
+		basic_machine=sparc-tti
+		;;
+	pbb)
+		basic_machine=m68k-tti
+		;;
+	pc532 | pc532-*)
+		basic_machine=ns32k-pc532
+		;;
+	pc98)
+		basic_machine=i386-pc
+		;;
+	pc98-*)
+		basic_machine=i386-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	pentium | p5 | k5 | k6 | nexgen | viac3)
+		basic_machine=i586-pc
+		;;
+	pentiumpro | p6 | 6x86 | athlon | athlon_*)
+		basic_machine=i686-pc
+		;;
+	pentiumii | pentium2 | pentiumiii | pentium3)
+		basic_machine=i686-pc
+		;;
+	pentium4)
+		basic_machine=i786-pc
+		;;
+	pentium-* | p5-* | k5-* | k6-* | nexgen-* | viac3-*)
+		basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	pentiumpro-* | p6-* | 6x86-* | athlon-*)
+		basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	pentiumii-* | pentium2-* | pentiumiii-* | pentium3-*)
+		basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	pentium4-*)
+		basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	pn)
+		basic_machine=pn-gould
+		;;
+	power)	basic_machine=power-ibm
+		;;
+	ppc)	basic_machine=powerpc-unknown
+		;;
+	ppc-*)	basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	ppcle | powerpclittle | ppc-le | powerpc-little)
+		basic_machine=powerpcle-unknown
+		;;
+	ppcle-* | powerpclittle-*)
+		basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	ppc64)	basic_machine=powerpc64-unknown
+		;;
+	ppc64-*) basic_machine=powerpc64-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	ppc64le | powerpc64little | ppc64-le | powerpc64-little)
+		basic_machine=powerpc64le-unknown
+		;;
+	ppc64le-* | powerpc64little-*)
+		basic_machine=powerpc64le-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	ps2)
+		basic_machine=i386-ibm
+		;;
+	pw32)
+		basic_machine=i586-unknown
+		os=-pw32
+		;;
+	rdos)
+		basic_machine=i386-pc
+		os=-rdos
+		;;
+	rom68k)
+		basic_machine=m68k-rom68k
+		os=-coff
+		;;
+	rm[46]00)
+		basic_machine=mips-siemens
+		;;
+	rtpc | rtpc-*)
+		basic_machine=romp-ibm
+		;;
+	s390 | s390-*)
+		basic_machine=s390-ibm
+		;;
+	s390x | s390x-*)
+		basic_machine=s390x-ibm
+		;;
+	sa29200)
+		basic_machine=a29k-amd
+		os=-udi
+		;;
+	sb1)
+		basic_machine=mipsisa64sb1-unknown
+		;;
+	sb1el)
+		basic_machine=mipsisa64sb1el-unknown
+		;;
+	sde)
+		basic_machine=mipsisa32-sde
+		os=-elf
+		;;
+	sei)
+		basic_machine=mips-sei
+		os=-seiux
+		;;
+	sequent)
+		basic_machine=i386-sequent
+		;;
+	sh)
+		basic_machine=sh-hitachi
+		os=-hms
+		;;
+	sh5el)
+		basic_machine=sh5le-unknown
+		;;
+	sh64)
+		basic_machine=sh64-unknown
+		;;
+	sparclite-wrs | simso-wrs)
+		basic_machine=sparclite-wrs
+		os=-vxworks
+		;;
+	sps7)
+		basic_machine=m68k-bull
+		os=-sysv2
+		;;
+	spur)
+		basic_machine=spur-unknown
+		;;
+	st2000)
+		basic_machine=m68k-tandem
+		;;
+	stratus)
+		basic_machine=i860-stratus
+		os=-sysv4
+		;;
+	sun2)
+		basic_machine=m68000-sun
+		;;
+	sun2os3)
+		basic_machine=m68000-sun
+		os=-sunos3
+		;;
+	sun2os4)
+		basic_machine=m68000-sun
+		os=-sunos4
+		;;
+	sun3os3)
+		basic_machine=m68k-sun
+		os=-sunos3
+		;;
+	sun3os4)
+		basic_machine=m68k-sun
+		os=-sunos4
+		;;
+	sun4os3)
+		basic_machine=sparc-sun
+		os=-sunos3
+		;;
+	sun4os4)
+		basic_machine=sparc-sun
+		os=-sunos4
+		;;
+	sun4sol2)
+		basic_machine=sparc-sun
+		os=-solaris2
+		;;
+	sun3 | sun3-*)
+		basic_machine=m68k-sun
+		;;
+	sun4)
+		basic_machine=sparc-sun
+		;;
+	sun386 | sun386i | roadrunner)
+		basic_machine=i386-sun
+		;;
+	sv1)
+		basic_machine=sv1-cray
+		os=-unicos
+		;;
+	symmetry)
+		basic_machine=i386-sequent
+		os=-dynix
+		;;
+	t3e)
+		basic_machine=alphaev5-cray
+		os=-unicos
+		;;
+	t90)
+		basic_machine=t90-cray
+		os=-unicos
+		;;
+	tic54x | c54x*)
+		basic_machine=tic54x-unknown
+		os=-coff
+		;;
+	tic55x | c55x*)
+		basic_machine=tic55x-unknown
+		os=-coff
+		;;
+	tic6x | c6x*)
+		basic_machine=tic6x-unknown
+		os=-coff
+		;;
+	tile*)
+		basic_machine=tile-unknown
+		os=-linux-gnu
+		;;
+	tx39)
+		basic_machine=mipstx39-unknown
+		;;
+	tx39el)
+		basic_machine=mipstx39el-unknown
+		;;
+	toad1)
+		basic_machine=pdp10-xkl
+		os=-tops20
+		;;
+	tower | tower-32)
+		basic_machine=m68k-ncr
+		;;
+	tpf)
+		basic_machine=s390x-ibm
+		os=-tpf
+		;;
+	udi29k)
+		basic_machine=a29k-amd
+		os=-udi
+		;;
+	ultra3)
+		basic_machine=a29k-nyu
+		os=-sym1
+		;;
+	v810 | necv810)
+		basic_machine=v810-nec
+		os=-none
+		;;
+	vaxv)
+		basic_machine=vax-dec
+		os=-sysv
+		;;
+	vms)
+		basic_machine=vax-dec
+		os=-vms
+		;;
+	vpp*|vx|vx-*)
+		basic_machine=f301-fujitsu
+		;;
+	vxworks960)
+		basic_machine=i960-wrs
+		os=-vxworks
+		;;
+	vxworks68)
+		basic_machine=m68k-wrs
+		os=-vxworks
+		;;
+	vxworks29k)
+		basic_machine=a29k-wrs
+		os=-vxworks
+		;;
+	w65*)
+		basic_machine=w65-wdc
+		os=-none
+		;;
+	w89k-*)
+		basic_machine=hppa1.1-winbond
+		os=-proelf
+		;;
+	xbox)
+		basic_machine=i686-pc
+		os=-mingw32
+		;;
+	xps | xps100)
+		basic_machine=xps100-honeywell
+		;;
+	ymp)
+		basic_machine=ymp-cray
+		os=-unicos
+		;;
+	z8k-*-coff)
+		basic_machine=z8k-unknown
+		os=-sim
+		;;
+	none)
+		basic_machine=none-none
+		os=-none
+		;;
+
+# Here we handle the default manufacturer of certain CPU types.  It is in
+# some cases the only manufacturer, in others, it is the most popular.
+	w89k)
+		basic_machine=hppa1.1-winbond
+		;;
+	op50n)
+		basic_machine=hppa1.1-oki
+		;;
+	op60c)
+		basic_machine=hppa1.1-oki
+		;;
+	romp)
+		basic_machine=romp-ibm
+		;;
+	mmix)
+		basic_machine=mmix-knuth
+		;;
+	rs6000)
+		basic_machine=rs6000-ibm
+		;;
+	vax)
+		basic_machine=vax-dec
+		;;
+	pdp10)
+		# there are many clones, so DEC is not a safe bet
+		basic_machine=pdp10-unknown
+		;;
+	pdp11)
+		basic_machine=pdp11-dec
+		;;
+	we32k)
+		basic_machine=we32k-att
+		;;
+	sh[1234] | sh[24]a | sh[34]eb | sh[1234]le | sh[23]ele)
+		basic_machine=sh-unknown
+		;;
+	sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v)
+		basic_machine=sparc-sun
+		;;
+	cydra)
+		basic_machine=cydra-cydrome
+		;;
+	orion)
+		basic_machine=orion-highlevel
+		;;
+	orion105)
+		basic_machine=clipper-highlevel
+		;;
+	mac | mpw | mac-mpw)
+		basic_machine=m68k-apple
+		;;
+	pmac | pmac-mpw)
+		basic_machine=powerpc-apple
+		;;
+	*-unknown)
+		# Make sure to match an already-canonicalized machine name.
+		;;
+	*)
+		echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
+		exit 1
+		;;
+esac
+
+# Here we canonicalize certain aliases for manufacturers.
+case $basic_machine in
+	*-digital*)
+		basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'`
+		;;
+	*-commodore*)
+		basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'`
+		;;
+	*)
+		;;
+esac
+
+# Decode manufacturer-specific aliases for certain operating systems.
+
+if [ x"$os" != x"" ]
+then
+case $os in
+        # First match some system type aliases
+        # that might get confused with valid system types.
+	# -solaris* is a basic system type, with this one exception.
+	-solaris1 | -solaris1.*)
+		os=`echo $os | sed -e 's|solaris1|sunos4|'`
+		;;
+	-solaris)
+		os=-solaris2
+		;;
+	-svr4*)
+		os=-sysv4
+		;;
+	-unixware*)
+		os=-sysv4.2uw
+		;;
+	-gnu/linux*)
+		os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'`
+		;;
+	# First accept the basic system types.
+	# The portable systems comes first.
+	# Each alternative MUST END IN A *, to match a version number.
+	# -sysv* is not here because it comes later, after sysvr4.
+	-gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \
+	      | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\
+	      | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \
+	      | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \
+	      | -aos* \
+	      | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
+	      | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
+	      | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \
+	      | -openbsd* | -solidbsd* \
+	      | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \
+	      | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
+	      | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
+	      | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
+	      | -chorusos* | -chorusrdb* \
+	      | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
+	      | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \
+	      | -uxpv* | -beos* | -mpeix* | -udk* \
+	      | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \
+	      | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \
+	      | -storm-chaos* | -tops10* | -tenex* | -tops20* | -its* \
+	      | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \
+	      | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \
+	      | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \
+	      | -skyos* | -haiku* | -rdos* | -toppers* | -drops*)
+	# Remember, each alternative MUST END IN *, to match a version number.
+		;;
+	-qnx*)
+		case $basic_machine in
+		    x86-* | i*86-*)
+			;;
+		    *)
+			os=-nto$os
+			;;
+		esac
+		;;
+	-nto-qnx*)
+		;;
+	-nto*)
+		os=`echo $os | sed -e 's|nto|nto-qnx|'`
+		;;
+	-sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \
+	      | -windows* | -osx | -abug | -netware* | -os9* | -beos* | -haiku* \
+	      | -macos* | -mpw* | -magic* | -mmixware* | -mon960* | -lnews*)
+		;;
+	-mac*)
+		os=`echo $os | sed -e 's|mac|macos|'`
+		;;
+	-linux-dietlibc)
+		os=-linux-dietlibc
+		;;
+	-linux*)
+		os=`echo $os | sed -e 's|linux|linux-gnu|'`
+		;;
+	-sunos5*)
+		os=`echo $os | sed -e 's|sunos5|solaris2|'`
+		;;
+	-sunos6*)
+		os=`echo $os | sed -e 's|sunos6|solaris3|'`
+		;;
+	-opened*)
+		os=-openedition
+		;;
+        -os400*)
+		os=-os400
+		;;
+	-wince*)
+		os=-wince
+		;;
+	-osfrose*)
+		os=-osfrose
+		;;
+	-osf*)
+		os=-osf
+		;;
+	-utek*)
+		os=-bsd
+		;;
+	-dynix*)
+		os=-bsd
+		;;
+	-acis*)
+		os=-aos
+		;;
+	-atheos*)
+		os=-atheos
+		;;
+	-syllable*)
+		os=-syllable
+		;;
+	-386bsd)
+		os=-bsd
+		;;
+	-ctix* | -uts*)
+		os=-sysv
+		;;
+	-nova*)
+		os=-rtmk-nova
+		;;
+	-ns2 )
+		os=-nextstep2
+		;;
+	-nsk*)
+		os=-nsk
+		;;
+	# Preserve the version number of sinix5.
+	-sinix5.*)
+		os=`echo $os | sed -e 's|sinix|sysv|'`
+		;;
+	-sinix*)
+		os=-sysv4
+		;;
+        -tpf*)
+		os=-tpf
+		;;
+	-triton*)
+		os=-sysv3
+		;;
+	-oss*)
+		os=-sysv3
+		;;
+	-svr4)
+		os=-sysv4
+		;;
+	-svr3)
+		os=-sysv3
+		;;
+	-sysvr4)
+		os=-sysv4
+		;;
+	# This must come after -sysvr4.
+	-sysv*)
+		;;
+	-ose*)
+		os=-ose
+		;;
+	-es1800*)
+		os=-ose
+		;;
+	-xenix)
+		os=-xenix
+		;;
+	-*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*)
+		os=-mint
+		;;
+	-aros*)
+		os=-aros
+		;;
+	-kaos*)
+		os=-kaos
+		;;
+	-zvmoe)
+		os=-zvmoe
+		;;
+	-none)
+		;;
+	*)
+		# Get rid of the `-' at the beginning of $os.
+		os=`echo $os | sed 's/[^-]*-//'`
+		echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2
+		exit 1
+		;;
+esac
+else
+
+# Here we handle the default operating systems that come with various machines.
+# The value should be what the vendor currently ships out the door with their
+# machine or put another way, the most popular os provided with the machine.
+
+# Note that if you're going to try to match "-MANUFACTURER" here (say,
+# "-sun"), then you have to tell the case statement up towards the top
+# that MANUFACTURER isn't an operating system.  Otherwise, code above
+# will signal an error saying that MANUFACTURER isn't an operating
+# system, and we'll never get to this point.
+
+case $basic_machine in
+        score-*)
+		os=-elf
+		;;
+        spu-*)
+		os=-elf
+		;;
+	*-acorn)
+		os=-riscix1.2
+		;;
+	arm*-rebel)
+		os=-linux
+		;;
+	arm*-semi)
+		os=-aout
+		;;
+        c4x-* | tic4x-*)
+        	os=-coff
+		;;
+	# This must come before the *-dec entry.
+	pdp10-*)
+		os=-tops20
+		;;
+	pdp11-*)
+		os=-none
+		;;
+	*-dec | vax-*)
+		os=-ultrix4.2
+		;;
+	m68*-apollo)
+		os=-domain
+		;;
+	i386-sun)
+		os=-sunos4.0.2
+		;;
+	m68000-sun)
+		os=-sunos3
+		# This also exists in the configure program, but was not the
+		# default.
+		# os=-sunos4
+		;;
+	m68*-cisco)
+		os=-aout
+		;;
+        mep-*)
+		os=-elf
+		;;
+	mips*-cisco)
+		os=-elf
+		;;
+	mips*-*)
+		os=-elf
+		;;
+	or32-*)
+		os=-coff
+		;;
+	*-tti)	# must be before sparc entry or we get the wrong os.
+		os=-sysv3
+		;;
+	sparc-* | *-sun)
+		os=-sunos4.1.1
+		;;
+	*-be)
+		os=-beos
+		;;
+	*-haiku)
+		os=-haiku
+		;;
+	*-ibm)
+		os=-aix
+		;;
+    	*-knuth)
+		os=-mmixware
+		;;
+	*-wec)
+		os=-proelf
+		;;
+	*-winbond)
+		os=-proelf
+		;;
+	*-oki)
+		os=-proelf
+		;;
+	*-hp)
+		os=-hpux
+		;;
+	*-hitachi)
+		os=-hiux
+		;;
+	i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent)
+		os=-sysv
+		;;
+	*-cbm)
+		os=-amigaos
+		;;
+	*-dg)
+		os=-dgux
+		;;
+	*-dolphin)
+		os=-sysv3
+		;;
+	m68k-ccur)
+		os=-rtu
+		;;
+	m88k-omron*)
+		os=-luna
+		;;
+	*-next )
+		os=-nextstep
+		;;
+	*-sequent)
+		os=-ptx
+		;;
+	*-crds)
+		os=-unos
+		;;
+	*-ns)
+		os=-genix
+		;;
+	i370-*)
+		os=-mvs
+		;;
+	*-next)
+		os=-nextstep3
+		;;
+	*-gould)
+		os=-sysv
+		;;
+	*-highlevel)
+		os=-bsd
+		;;
+	*-encore)
+		os=-bsd
+		;;
+	*-sgi)
+		os=-irix
+		;;
+	*-siemens)
+		os=-sysv4
+		;;
+	*-masscomp)
+		os=-rtu
+		;;
+	f30[01]-fujitsu | f700-fujitsu)
+		os=-uxpv
+		;;
+	*-rom68k)
+		os=-coff
+		;;
+	*-*bug)
+		os=-coff
+		;;
+	*-apple)
+		os=-macos
+		;;
+	*-atari*)
+		os=-mint
+		;;
+	*)
+		os=-none
+		;;
+esac
+fi
+
+# Here we handle the case where we know the os, and the CPU type, but not the
+# manufacturer.  We pick the logical manufacturer.
+vendor=unknown
+case $basic_machine in
+	*-unknown)
+		case $os in
+			-riscix*)
+				vendor=acorn
+				;;
+			-sunos*)
+				vendor=sun
+				;;
+			-aix*)
+				vendor=ibm
+				;;
+			-beos*)
+				vendor=be
+				;;
+			-hpux*)
+				vendor=hp
+				;;
+			-mpeix*)
+				vendor=hp
+				;;
+			-hiux*)
+				vendor=hitachi
+				;;
+			-unos*)
+				vendor=crds
+				;;
+			-dgux*)
+				vendor=dg
+				;;
+			-luna*)
+				vendor=omron
+				;;
+			-genix*)
+				vendor=ns
+				;;
+			-mvs* | -opened*)
+				vendor=ibm
+				;;
+			-os400*)
+				vendor=ibm
+				;;
+			-ptx*)
+				vendor=sequent
+				;;
+			-tpf*)
+				vendor=ibm
+				;;
+			-vxsim* | -vxworks* | -windiss*)
+				vendor=wrs
+				;;
+			-aux*)
+				vendor=apple
+				;;
+			-hms*)
+				vendor=hitachi
+				;;
+			-mpw* | -macos*)
+				vendor=apple
+				;;
+			-*mint | -mint[0-9]* | -*MiNT | -MiNT[0-9]*)
+				vendor=atari
+				;;
+			-vos*)
+				vendor=stratus
+				;;
+		esac
+		basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"`
+		;;
+esac
+
+echo $basic_machine$os
+exit
+
+# Local variables:
+# eval: (add-hook 'write-file-hooks 'time-stamp)
+# time-stamp-start: "timestamp='"
+# time-stamp-format: "%:y-%02m-%02d"
+# time-stamp-end: "'"
+# End:
diff --git a/external/privoxy/configure b/external/privoxy/configure
new file mode 100755
index 0000000..f7c38c9
--- /dev/null
+++ b/external/privoxy/configure
@@ -0,0 +1,7543 @@
+#! /bin/sh
+# From configure.in Revision: 1.126 .
+# Guess values for system-dependent variables and create Makefiles.
+# Generated by GNU Autoconf 2.68.
+#
+#
+# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001,
+# 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 Free Software
+# Foundation, Inc.
+#
+#
+# This configure script is free software; the Free Software Foundation
+# gives unlimited permission to copy, distribute and modify it.
+## -------------------- ##
+## M4sh Initialization. ##
+## -------------------- ##
+
+# Be more Bourne compatible
+DUALCASE=1; export DUALCASE # for MKS sh
+if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then :
+  emulate sh
+  NULLCMD=:
+  # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+  # is contrary to our usage.  Disable this feature.
+  alias -g '${1+"$@"}'='"$@"'
+  setopt NO_GLOB_SUBST
+else
+  case `(set -o) 2>/dev/null` in #(
+  *posix*) :
+    set -o posix ;; #(
+  *) :
+     ;;
+esac
+fi
+
+
+as_nl='
+'
+export as_nl
+# Printing a long string crashes Solaris 7 /usr/bin/printf.
+as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo
+as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo
+# Prefer a ksh shell builtin over an external printf program on Solaris,
+# but without wasting forks for bash or zsh.
+if test -z "$BASH_VERSION$ZSH_VERSION" \
+    && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then
+  as_echo='print -r --'
+  as_echo_n='print -rn --'
+elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then
+  as_echo='printf %s\n'
+  as_echo_n='printf %s'
+else
+  if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then
+    as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"'
+    as_echo_n='/usr/ucb/echo -n'
+  else
+    as_echo_body='eval expr "X$1" : "X\\(.*\\)"'
+    as_echo_n_body='eval
+      arg=$1;
+      case $arg in #(
+      *"$as_nl"*)
+	expr "X$arg" : "X\\(.*\\)$as_nl";
+	arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;;
+      esac;
+      expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl"
+    '
+    export as_echo_n_body
+    as_echo_n='sh -c $as_echo_n_body as_echo'
+  fi
+  export as_echo_body
+  as_echo='sh -c $as_echo_body as_echo'
+fi
+
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+  PATH_SEPARATOR=:
+  (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
+    (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
+      PATH_SEPARATOR=';'
+  }
+fi
+
+
+# IFS
+# We need space, tab and new line, in precisely that order.  Quoting is
+# there to prevent editors from complaining about space-tab.
+# (If _AS_PATH_WALK were called with IFS unset, it would disable word
+# splitting by setting IFS to empty value.)
+IFS=" ""	$as_nl"
+
+# Find who we are.  Look in the path if we contain no directory separator.
+as_myself=
+case $0 in #((
+  *[\\/]* ) as_myself=$0 ;;
+  *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
+  done
+IFS=$as_save_IFS
+
+     ;;
+esac
+# We did not find ourselves, most probably we were run as `sh COMMAND'
+# in which case we are not to be found in the path.
+if test "x$as_myself" = x; then
+  as_myself=$0
+fi
+if test ! -f "$as_myself"; then
+  $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
+  exit 1
+fi
+
+# Unset variables that we do not need and which cause bugs (e.g. in
+# pre-3.0 UWIN ksh).  But do not cause bugs in bash 2.01; the "|| exit 1"
+# suppresses any "Segmentation fault" message there.  '((' could
+# trigger a bug in pdksh 5.2.14.
+for as_var in BASH_ENV ENV MAIL MAILPATH
+do eval test x\${$as_var+set} = xset \
+  && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || :
+done
+PS1='$ '
+PS2='> '
+PS4='+ '
+
+# NLS nuisances.
+LC_ALL=C
+export LC_ALL
+LANGUAGE=C
+export LANGUAGE
+
+# CDPATH.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+if test "x$CONFIG_SHELL" = x; then
+  as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then :
+  emulate sh
+  NULLCMD=:
+  # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which
+  # is contrary to our usage.  Disable this feature.
+  alias -g '\${1+\"\$@\"}'='\"\$@\"'
+  setopt NO_GLOB_SUBST
+else
+  case \`(set -o) 2>/dev/null\` in #(
+  *posix*) :
+    set -o posix ;; #(
+  *) :
+     ;;
+esac
+fi
+"
+  as_required="as_fn_return () { (exit \$1); }
+as_fn_success () { as_fn_return 0; }
+as_fn_failure () { as_fn_return 1; }
+as_fn_ret_success () { return 0; }
+as_fn_ret_failure () { return 1; }
+
+exitcode=0
+as_fn_success || { exitcode=1; echo as_fn_success failed.; }
+as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; }
+as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; }
+as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; }
+if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then :
+
+else
+  exitcode=1; echo positional parameters were not saved.
+fi
+test x\$exitcode = x0 || exit 1"
+  as_suggested="  as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO
+  as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO
+  eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" &&
+  test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1
+test \$(( 1 + 1 )) = 2 || exit 1"
+  if (eval "$as_required") 2>/dev/null; then :
+  as_have_required=yes
+else
+  as_have_required=no
+fi
+  if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then :
+
+else
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+as_found=false
+for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+  as_found=:
+  case $as_dir in #(
+	 /*)
+	   for as_base in sh bash ksh sh5; do
+	     # Try only shells that exist, to save several forks.
+	     as_shell=$as_dir/$as_base
+	     if { test -f "$as_shell" || test -f "$as_shell.exe"; } &&
+		    { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then :
+  CONFIG_SHELL=$as_shell as_have_required=yes
+		   if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then :
+  break 2
+fi
+fi
+	   done;;
+       esac
+  as_found=false
+done
+$as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } &&
+	      { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then :
+  CONFIG_SHELL=$SHELL as_have_required=yes
+fi; }
+IFS=$as_save_IFS
+
+
+      if test "x$CONFIG_SHELL" != x; then :
+  # We cannot yet assume a decent shell, so we have to provide a
+	# neutralization value for shells without unset; and this also
+	# works around shells that cannot unset nonexistent variables.
+	# Preserve -v and -x to the replacement shell.
+	BASH_ENV=/dev/null
+	ENV=/dev/null
+	(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV
+	export CONFIG_SHELL
+	case $- in # ((((
+	  *v*x* | *x*v* ) as_opts=-vx ;;
+	  *v* ) as_opts=-v ;;
+	  *x* ) as_opts=-x ;;
+	  * ) as_opts= ;;
+	esac
+	exec "$CONFIG_SHELL" $as_opts "$as_myself" ${1+"$@"}
+fi
+
+    if test x$as_have_required = xno; then :
+  $as_echo "$0: This script requires a shell more modern than all"
+  $as_echo "$0: the shells that I found on your system."
+  if test x${ZSH_VERSION+set} = xset ; then
+    $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should"
+    $as_echo "$0: be upgraded to zsh 4.3.4 or later."
+  else
+    $as_echo "$0: Please tell bug-autoconf at gnu.org about your system,
+$0: including any error possibly output before this
+$0: message. Then install a modern shell, or manually run
+$0: the script under such a shell if you do have one."
+  fi
+  exit 1
+fi
+fi
+fi
+SHELL=${CONFIG_SHELL-/bin/sh}
+export SHELL
+# Unset more variables known to interfere with behavior of common tools.
+CLICOLOR_FORCE= GREP_OPTIONS=
+unset CLICOLOR_FORCE GREP_OPTIONS
+
+## --------------------- ##
+## M4sh Shell Functions. ##
+## --------------------- ##
+# as_fn_unset VAR
+# ---------------
+# Portably unset VAR.
+as_fn_unset ()
+{
+  { eval $1=; unset $1;}
+}
+as_unset=as_fn_unset
+
+# as_fn_set_status STATUS
+# -----------------------
+# Set $? to STATUS, without forking.
+as_fn_set_status ()
+{
+  return $1
+} # as_fn_set_status
+
+# as_fn_exit STATUS
+# -----------------
+# Exit the shell with STATUS, even in a "trap 0" or "set -e" context.
+as_fn_exit ()
+{
+  set +e
+  as_fn_set_status $1
+  exit $1
+} # as_fn_exit
+
+# as_fn_mkdir_p
+# -------------
+# Create "$as_dir" as a directory, including parents if necessary.
+as_fn_mkdir_p ()
+{
+
+  case $as_dir in #(
+  -*) as_dir=./$as_dir;;
+  esac
+  test -d "$as_dir" || eval $as_mkdir_p || {
+    as_dirs=
+    while :; do
+      case $as_dir in #(
+      *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'(
+      *) as_qdir=$as_dir;;
+      esac
+      as_dirs="'$as_qdir' $as_dirs"
+      as_dir=`$as_dirname -- "$as_dir" ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+	 X"$as_dir" : 'X\(//\)[^/]' \| \
+	 X"$as_dir" : 'X\(//\)$' \| \
+	 X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$as_dir" |
+    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)[^/].*/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+      test -d "$as_dir" && break
+    done
+    test -z "$as_dirs" || eval "mkdir $as_dirs"
+  } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir"
+
+
+} # as_fn_mkdir_p
+# as_fn_append VAR VALUE
+# ----------------------
+# Append the text in VALUE to the end of the definition contained in VAR. Take
+# advantage of any shell optimizations that allow amortized linear growth over
+# repeated appends, instead of the typical quadratic growth present in naive
+# implementations.
+if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then :
+  eval 'as_fn_append ()
+  {
+    eval $1+=\$2
+  }'
+else
+  as_fn_append ()
+  {
+    eval $1=\$$1\$2
+  }
+fi # as_fn_append
+
+# as_fn_arith ARG...
+# ------------------
+# Perform arithmetic evaluation on the ARGs, and store the result in the
+# global $as_val. Take advantage of shells that can avoid forks. The arguments
+# must be portable across $(()) and expr.
+if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then :
+  eval 'as_fn_arith ()
+  {
+    as_val=$(( $* ))
+  }'
+else
+  as_fn_arith ()
+  {
+    as_val=`expr "$@" || test $? -eq 1`
+  }
+fi # as_fn_arith
+
+
+# as_fn_error STATUS ERROR [LINENO LOG_FD]
+# ----------------------------------------
+# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are
+# provided, also output the error to LOG_FD, referencing LINENO. Then exit the
+# script with STATUS, using 1 if that was 0.
+as_fn_error ()
+{
+  as_status=$1; test $as_status -eq 0 && as_status=1
+  if test "$4"; then
+    as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+    $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4
+  fi
+  $as_echo "$as_me: error: $2" >&2
+  as_fn_exit $as_status
+} # as_fn_error
+
+if expr a : '\(a\)' >/dev/null 2>&1 &&
+   test "X`expr 00001 : '.*\(...\)'`" = X001; then
+  as_expr=expr
+else
+  as_expr=false
+fi
+
+if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
+  as_basename=basename
+else
+  as_basename=false
+fi
+
+if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
+  as_dirname=dirname
+else
+  as_dirname=false
+fi
+
+as_me=`$as_basename -- "$0" ||
+$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
+	 X"$0" : 'X\(//\)$' \| \
+	 X"$0" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X/"$0" |
+    sed '/^.*\/\([^/][^/]*\)\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\/\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\/\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+
+# Avoid depending upon Character Ranges.
+as_cr_letters='abcdefghijklmnopqrstuvwxyz'
+as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
+as_cr_Letters=$as_cr_letters$as_cr_LETTERS
+as_cr_digits='0123456789'
+as_cr_alnum=$as_cr_Letters$as_cr_digits
+
+
+  as_lineno_1=$LINENO as_lineno_1a=$LINENO
+  as_lineno_2=$LINENO as_lineno_2a=$LINENO
+  eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" &&
+  test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || {
+  # Blame Lee E. McMahon (1931-1989) for sed's syntax.  :-)
+  sed -n '
+    p
+    /[$]LINENO/=
+  ' <$as_myself |
+    sed '
+      s/[$]LINENO.*/&-/
+      t lineno
+      b
+      :lineno
+      N
+      :loop
+      s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/
+      t loop
+      s/-\n.*//
+    ' >$as_me.lineno &&
+  chmod +x "$as_me.lineno" ||
+    { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; }
+
+  # Don't try to exec as it changes $[0], causing all sort of problems
+  # (the dirname of $[0] is not the place where we might find the
+  # original and so on.  Autoconf is especially sensitive to this).
+  . "./$as_me.lineno"
+  # Exit status is that of the last command.
+  exit
+}
+
+ECHO_C= ECHO_N= ECHO_T=
+case `echo -n x` in #(((((
+-n*)
+  case `echo 'xy\c'` in
+  *c*) ECHO_T='	';;	# ECHO_T is single tab character.
+  xy)  ECHO_C='\c';;
+  *)   echo `echo ksh88 bug on AIX 6.1` > /dev/null
+       ECHO_T='	';;
+  esac;;
+*)
+  ECHO_N='-n';;
+esac
+
+rm -f conf$$ conf$$.exe conf$$.file
+if test -d conf$$.dir; then
+  rm -f conf$$.dir/conf$$.file
+else
+  rm -f conf$$.dir
+  mkdir conf$$.dir 2>/dev/null
+fi
+if (echo >conf$$.file) 2>/dev/null; then
+  if ln -s conf$$.file conf$$ 2>/dev/null; then
+    as_ln_s='ln -s'
+    # ... but there are two gotchas:
+    # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
+    # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
+    # In both cases, we have to default to `cp -p'.
+    ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
+      as_ln_s='cp -p'
+  elif ln conf$$.file conf$$ 2>/dev/null; then
+    as_ln_s=ln
+  else
+    as_ln_s='cp -p'
+  fi
+else
+  as_ln_s='cp -p'
+fi
+rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
+rmdir conf$$.dir 2>/dev/null
+
+if mkdir -p . 2>/dev/null; then
+  as_mkdir_p='mkdir -p "$as_dir"'
+else
+  test -d ./-p && rmdir ./-p
+  as_mkdir_p=false
+fi
+
+if test -x / >/dev/null 2>&1; then
+  as_test_x='test -x'
+else
+  if ls -dL / >/dev/null 2>&1; then
+    as_ls_L_option=L
+  else
+    as_ls_L_option=
+  fi
+  as_test_x='
+    eval sh -c '\''
+      if test -d "$1"; then
+	test -d "$1/.";
+      else
+	case $1 in #(
+	-*)set "./$1";;
+	esac;
+	case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #((
+	???[sx]*):;;*)false;;esac;fi
+    '\'' sh
+  '
+fi
+as_executable_p=$as_test_x
+
+# Sed expression to map a string onto a valid CPP name.
+as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
+
+# Sed expression to map a string onto a valid variable name.
+as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
+
+
+test -n "$DJDIR" || exec 7<&0 </dev/null
+exec 6>&1
+
+# Name of the host.
+# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status,
+# so uname gets run too.
+ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q`
+
+#
+# Initializations.
+#
+ac_default_prefix=/usr/local
+ac_clean_files=
+ac_config_libobj_dir=.
+LIBOBJS=
+cross_compiling=no
+subdirs=
+MFLAGS=
+MAKEFLAGS=
+
+# Identity of this package.
+PACKAGE_NAME=
+PACKAGE_TARNAME=
+PACKAGE_VERSION=
+PACKAGE_STRING=
+PACKAGE_BUGREPORT=
+PACKAGE_URL=
+
+ac_unique_file="jcc.c"
+# Factoring default headers for most tests.
+ac_includes_default="\
+#include <stdio.h>
+#ifdef HAVE_SYS_TYPES_H
+# include <sys/types.h>
+#endif
+#ifdef HAVE_SYS_STAT_H
+# include <sys/stat.h>
+#endif
+#ifdef STDC_HEADERS
+# include <stdlib.h>
+# include <stddef.h>
+#else
+# ifdef HAVE_STDLIB_H
+#  include <stdlib.h>
+# endif
+#endif
+#ifdef HAVE_STRING_H
+# if !defined STDC_HEADERS && defined HAVE_MEMORY_H
+#  include <memory.h>
+# endif
+# include <string.h>
+#endif
+#ifdef HAVE_STRINGS_H
+# include <strings.h>
+#endif
+#ifdef HAVE_INTTYPES_H
+# include <inttypes.h>
+#endif
+#ifdef HAVE_STDINT_H
+# include <stdint.h>
+#endif
+#ifdef HAVE_UNISTD_H
+# include <unistd.h>
+#endif"
+
+ac_subst_vars='LTLIBOBJS
+LIBOBJS
+PTHREAD_LIB
+SPECIAL_CFLAGS
+STATIC_PCRS_ONLY
+STATIC_PCRE_ONLY
+AMIGAOS_ONLY
+SOCKET_LIB
+PTHREAD_ONLY
+EGREP
+GREP
+DKPREFIX
+JADECAT
+DOC_STATUS
+MAN2HTML
+JADEBIN
+RPM_BASE
+RPMBIN
+DB2HTML
+WDUMP
+WIN_ONLY
+GROUP
+USER
+ID
+BGROUPS
+GDB
+AWK
+SET_MAKE
+LN_S
+INSTALL_DATA
+INSTALL_SCRIPT
+INSTALL_PROGRAM
+CPP
+OBJEXT
+EXEEXT
+ac_ct_CC
+CPPFLAGS
+LDFLAGS
+CFLAGS
+CC
+CODE_STATUS
+VERSION_POINT
+VERSION_MINOR
+VERSION_MAJOR
+host_os
+host_vendor
+host_cpu
+host
+build_os
+build_vendor
+build_cpu
+build
+target_alias
+host_alias
+build_alias
+LIBS
+ECHO_T
+ECHO_N
+ECHO_C
+DEFS
+mandir
+localedir
+libdir
+psdir
+pdfdir
+dvidir
+htmldir
+infodir
+docdir
+oldincludedir
+includedir
+localstatedir
+sharedstatedir
+sysconfdir
+datadir
+datarootdir
+libexecdir
+sbindir
+bindir
+program_transform_name
+prefix
+exec_prefix
+PACKAGE_URL
+PACKAGE_BUGREPORT
+PACKAGE_STRING
+PACKAGE_VERSION
+PACKAGE_TARNAME
+PACKAGE_NAME
+PATH_SEPARATOR
+SHELL'
+ac_subst_files=''
+ac_user_opts='
+enable_option_checking
+with_docbook
+with_db2html
+with_debug
+with_user
+with_group
+enable_mingw32
+enable_pthread
+enable_toggle
+enable_force
+enable_fast_redirects
+enable_stats
+enable_ie_images
+enable_image_blocking
+enable_acl_files
+enable_trust_files
+enable_editor
+enable_no_gifs
+enable_graceful_termination
+enable_extended_host_patterns
+enable_dynamic_pcre
+enable_zlib
+'
+      ac_precious_vars='build_alias
+host_alias
+target_alias
+CC
+CFLAGS
+LDFLAGS
+LIBS
+CPPFLAGS
+CPP'
+
+
+# Initialize some variables set by options.
+ac_init_help=
+ac_init_version=false
+ac_unrecognized_opts=
+ac_unrecognized_sep=
+# The variables have the same names as the options, with
+# dashes changed to underlines.
+cache_file=/dev/null
+exec_prefix=NONE
+no_create=
+no_recursion=
+prefix=NONE
+program_prefix=NONE
+program_suffix=NONE
+program_transform_name=s,x,x,
+silent=
+site=
+srcdir=
+verbose=
+x_includes=NONE
+x_libraries=NONE
+
+# Installation directory options.
+# These are left unexpanded so users can "make install exec_prefix=/foo"
+# and all the variables that are supposed to be based on exec_prefix
+# by default will actually change.
+# Use braces instead of parens because sh, perl, etc. also accept them.
+# (The list follows the same order as the GNU Coding Standards.)
+bindir='${exec_prefix}/bin'
+sbindir='${exec_prefix}/sbin'
+libexecdir='${exec_prefix}/libexec'
+datarootdir='${prefix}/share'
+datadir='${datarootdir}'
+sysconfdir='${prefix}/etc'
+sharedstatedir='${prefix}/com'
+localstatedir='${prefix}/var'
+includedir='${prefix}/include'
+oldincludedir='/usr/include'
+docdir='${datarootdir}/doc/${PACKAGE}'
+infodir='${datarootdir}/info'
+htmldir='${docdir}'
+dvidir='${docdir}'
+pdfdir='${docdir}'
+psdir='${docdir}'
+libdir='${exec_prefix}/lib'
+localedir='${datarootdir}/locale'
+mandir='${datarootdir}/man'
+
+ac_prev=
+ac_dashdash=
+for ac_option
+do
+  # If the previous option needs an argument, assign it.
+  if test -n "$ac_prev"; then
+    eval $ac_prev=\$ac_option
+    ac_prev=
+    continue
+  fi
+
+  case $ac_option in
+  *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;;
+  *=)   ac_optarg= ;;
+  *)    ac_optarg=yes ;;
+  esac
+
+  # Accept the important Cygnus configure options, so we can diagnose typos.
+
+  case $ac_dashdash$ac_option in
+  --)
+    ac_dashdash=yes ;;
+
+  -bindir | --bindir | --bindi | --bind | --bin | --bi)
+    ac_prev=bindir ;;
+  -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*)
+    bindir=$ac_optarg ;;
+
+  -build | --build | --buil | --bui | --bu)
+    ac_prev=build_alias ;;
+  -build=* | --build=* | --buil=* | --bui=* | --bu=*)
+    build_alias=$ac_optarg ;;
+
+  -cache-file | --cache-file | --cache-fil | --cache-fi \
+  | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c)
+    ac_prev=cache_file ;;
+  -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \
+  | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*)
+    cache_file=$ac_optarg ;;
+
+  --config-cache | -C)
+    cache_file=config.cache ;;
+
+  -datadir | --datadir | --datadi | --datad)
+    ac_prev=datadir ;;
+  -datadir=* | --datadir=* | --datadi=* | --datad=*)
+    datadir=$ac_optarg ;;
+
+  -datarootdir | --datarootdir | --datarootdi | --datarootd | --dataroot \
+  | --dataroo | --dataro | --datar)
+    ac_prev=datarootdir ;;
+  -datarootdir=* | --datarootdir=* | --datarootdi=* | --datarootd=* \
+  | --dataroot=* | --dataroo=* | --dataro=* | --datar=*)
+    datarootdir=$ac_optarg ;;
+
+  -disable-* | --disable-*)
+    ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'`
+    # Reject names that are not valid shell variable names.
+    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+      as_fn_error $? "invalid feature name: $ac_useropt"
+    ac_useropt_orig=$ac_useropt
+    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
+    case $ac_user_opts in
+      *"
+"enable_$ac_useropt"
+"*) ;;
+      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig"
+	 ac_unrecognized_sep=', ';;
+    esac
+    eval enable_$ac_useropt=no ;;
+
+  -docdir | --docdir | --docdi | --doc | --do)
+    ac_prev=docdir ;;
+  -docdir=* | --docdir=* | --docdi=* | --doc=* | --do=*)
+    docdir=$ac_optarg ;;
+
+  -dvidir | --dvidir | --dvidi | --dvid | --dvi | --dv)
+    ac_prev=dvidir ;;
+  -dvidir=* | --dvidir=* | --dvidi=* | --dvid=* | --dvi=* | --dv=*)
+    dvidir=$ac_optarg ;;
+
+  -enable-* | --enable-*)
+    ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'`
+    # Reject names that are not valid shell variable names.
+    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+      as_fn_error $? "invalid feature name: $ac_useropt"
+    ac_useropt_orig=$ac_useropt
+    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
+    case $ac_user_opts in
+      *"
+"enable_$ac_useropt"
+"*) ;;
+      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig"
+	 ac_unrecognized_sep=', ';;
+    esac
+    eval enable_$ac_useropt=\$ac_optarg ;;
+
+  -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \
+  | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \
+  | --exec | --exe | --ex)
+    ac_prev=exec_prefix ;;
+  -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \
+  | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \
+  | --exec=* | --exe=* | --ex=*)
+    exec_prefix=$ac_optarg ;;
+
+  -gas | --gas | --ga | --g)
+    # Obsolete; use --with-gas.
+    with_gas=yes ;;
+
+  -help | --help | --hel | --he | -h)
+    ac_init_help=long ;;
+  -help=r* | --help=r* | --hel=r* | --he=r* | -hr*)
+    ac_init_help=recursive ;;
+  -help=s* | --help=s* | --hel=s* | --he=s* | -hs*)
+    ac_init_help=short ;;
+
+  -host | --host | --hos | --ho)
+    ac_prev=host_alias ;;
+  -host=* | --host=* | --hos=* | --ho=*)
+    host_alias=$ac_optarg ;;
+
+  -htmldir | --htmldir | --htmldi | --htmld | --html | --htm | --ht)
+    ac_prev=htmldir ;;
+  -htmldir=* | --htmldir=* | --htmldi=* | --htmld=* | --html=* | --htm=* \
+  | --ht=*)
+    htmldir=$ac_optarg ;;
+
+  -includedir | --includedir | --includedi | --included | --include \
+  | --includ | --inclu | --incl | --inc)
+    ac_prev=includedir ;;
+  -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \
+  | --includ=* | --inclu=* | --incl=* | --inc=*)
+    includedir=$ac_optarg ;;
+
+  -infodir | --infodir | --infodi | --infod | --info | --inf)
+    ac_prev=infodir ;;
+  -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*)
+    infodir=$ac_optarg ;;
+
+  -libdir | --libdir | --libdi | --libd)
+    ac_prev=libdir ;;
+  -libdir=* | --libdir=* | --libdi=* | --libd=*)
+    libdir=$ac_optarg ;;
+
+  -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \
+  | --libexe | --libex | --libe)
+    ac_prev=libexecdir ;;
+  -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \
+  | --libexe=* | --libex=* | --libe=*)
+    libexecdir=$ac_optarg ;;
+
+  -localedir | --localedir | --localedi | --localed | --locale)
+    ac_prev=localedir ;;
+  -localedir=* | --localedir=* | --localedi=* | --localed=* | --locale=*)
+    localedir=$ac_optarg ;;
+
+  -localstatedir | --localstatedir | --localstatedi | --localstated \
+  | --localstate | --localstat | --localsta | --localst | --locals)
+    ac_prev=localstatedir ;;
+  -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \
+  | --localstate=* | --localstat=* | --localsta=* | --localst=* | --locals=*)
+    localstatedir=$ac_optarg ;;
+
+  -mandir | --mandir | --mandi | --mand | --man | --ma | --m)
+    ac_prev=mandir ;;
+  -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*)
+    mandir=$ac_optarg ;;
+
+  -nfp | --nfp | --nf)
+    # Obsolete; use --without-fp.
+    with_fp=no ;;
+
+  -no-create | --no-create | --no-creat | --no-crea | --no-cre \
+  | --no-cr | --no-c | -n)
+    no_create=yes ;;
+
+  -no-recursion | --no-recursion | --no-recursio | --no-recursi \
+  | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r)
+    no_recursion=yes ;;
+
+  -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \
+  | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \
+  | --oldin | --oldi | --old | --ol | --o)
+    ac_prev=oldincludedir ;;
+  -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \
+  | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \
+  | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*)
+    oldincludedir=$ac_optarg ;;
+
+  -prefix | --prefix | --prefi | --pref | --pre | --pr | --p)
+    ac_prev=prefix ;;
+  -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*)
+    prefix=$ac_optarg ;;
+
+  -program-prefix | --program-prefix | --program-prefi | --program-pref \
+  | --program-pre | --program-pr | --program-p)
+    ac_prev=program_prefix ;;
+  -program-prefix=* | --program-prefix=* | --program-prefi=* \
+  | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*)
+    program_prefix=$ac_optarg ;;
+
+  -program-suffix | --program-suffix | --program-suffi | --program-suff \
+  | --program-suf | --program-su | --program-s)
+    ac_prev=program_suffix ;;
+  -program-suffix=* | --program-suffix=* | --program-suffi=* \
+  | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*)
+    program_suffix=$ac_optarg ;;
+
+  -program-transform-name | --program-transform-name \
+  | --program-transform-nam | --program-transform-na \
+  | --program-transform-n | --program-transform- \
+  | --program-transform | --program-transfor \
+  | --program-transfo | --program-transf \
+  | --program-trans | --program-tran \
+  | --progr-tra | --program-tr | --program-t)
+    ac_prev=program_transform_name ;;
+  -program-transform-name=* | --program-transform-name=* \
+  | --program-transform-nam=* | --program-transform-na=* \
+  | --program-transform-n=* | --program-transform-=* \
+  | --program-transform=* | --program-transfor=* \
+  | --program-transfo=* | --program-transf=* \
+  | --program-trans=* | --program-tran=* \
+  | --progr-tra=* | --program-tr=* | --program-t=*)
+    program_transform_name=$ac_optarg ;;
+
+  -pdfdir | --pdfdir | --pdfdi | --pdfd | --pdf | --pd)
+    ac_prev=pdfdir ;;
+  -pdfdir=* | --pdfdir=* | --pdfdi=* | --pdfd=* | --pdf=* | --pd=*)
+    pdfdir=$ac_optarg ;;
+
+  -psdir | --psdir | --psdi | --psd | --ps)
+    ac_prev=psdir ;;
+  -psdir=* | --psdir=* | --psdi=* | --psd=* | --ps=*)
+    psdir=$ac_optarg ;;
+
+  -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+  | -silent | --silent | --silen | --sile | --sil)
+    silent=yes ;;
+
+  -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
+    ac_prev=sbindir ;;
+  -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
+  | --sbi=* | --sb=*)
+    sbindir=$ac_optarg ;;
+
+  -sharedstatedir | --sharedstatedir | --sharedstatedi \
+  | --sharedstated | --sharedstate | --sharedstat | --sharedsta \
+  | --sharedst | --shareds | --shared | --share | --shar \
+  | --sha | --sh)
+    ac_prev=sharedstatedir ;;
+  -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \
+  | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \
+  | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \
+  | --sha=* | --sh=*)
+    sharedstatedir=$ac_optarg ;;
+
+  -site | --site | --sit)
+    ac_prev=site ;;
+  -site=* | --site=* | --sit=*)
+    site=$ac_optarg ;;
+
+  -srcdir | --srcdir | --srcdi | --srcd | --src | --sr)
+    ac_prev=srcdir ;;
+  -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*)
+    srcdir=$ac_optarg ;;
+
+  -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \
+  | --syscon | --sysco | --sysc | --sys | --sy)
+    ac_prev=sysconfdir ;;
+  -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \
+  | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*)
+    sysconfdir=$ac_optarg ;;
+
+  -target | --target | --targe | --targ | --tar | --ta | --t)
+    ac_prev=target_alias ;;
+  -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*)
+    target_alias=$ac_optarg ;;
+
+  -v | -verbose | --verbose | --verbos | --verbo | --verb)
+    verbose=yes ;;
+
+  -version | --version | --versio | --versi | --vers | -V)
+    ac_init_version=: ;;
+
+  -with-* | --with-*)
+    ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'`
+    # Reject names that are not valid shell variable names.
+    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+      as_fn_error $? "invalid package name: $ac_useropt"
+    ac_useropt_orig=$ac_useropt
+    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
+    case $ac_user_opts in
+      *"
+"with_$ac_useropt"
+"*) ;;
+      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig"
+	 ac_unrecognized_sep=', ';;
+    esac
+    eval with_$ac_useropt=\$ac_optarg ;;
+
+  -without-* | --without-*)
+    ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'`
+    # Reject names that are not valid shell variable names.
+    expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null &&
+      as_fn_error $? "invalid package name: $ac_useropt"
+    ac_useropt_orig=$ac_useropt
+    ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'`
+    case $ac_user_opts in
+      *"
+"with_$ac_useropt"
+"*) ;;
+      *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig"
+	 ac_unrecognized_sep=', ';;
+    esac
+    eval with_$ac_useropt=no ;;
+
+  --x)
+    # Obsolete; use --with-x.
+    with_x=yes ;;
+
+  -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \
+  | --x-incl | --x-inc | --x-in | --x-i)
+    ac_prev=x_includes ;;
+  -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \
+  | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*)
+    x_includes=$ac_optarg ;;
+
+  -x-libraries | --x-libraries | --x-librarie | --x-librari \
+  | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l)
+    ac_prev=x_libraries ;;
+  -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \
+  | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*)
+    x_libraries=$ac_optarg ;;
+
+  -*) as_fn_error $? "unrecognized option: \`$ac_option'
+Try \`$0 --help' for more information"
+    ;;
+
+  *=*)
+    ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='`
+    # Reject names that are not valid shell variable names.
+    case $ac_envvar in #(
+      '' | [0-9]* | *[!_$as_cr_alnum]* )
+      as_fn_error $? "invalid variable name: \`$ac_envvar'" ;;
+    esac
+    eval $ac_envvar=\$ac_optarg
+    export $ac_envvar ;;
+
+  *)
+    # FIXME: should be removed in autoconf 3.0.
+    $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2
+    expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null &&
+      $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2
+    : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}"
+    ;;
+
+  esac
+done
+
+if test -n "$ac_prev"; then
+  ac_option=--`echo $ac_prev | sed 's/_/-/g'`
+  as_fn_error $? "missing argument to $ac_option"
+fi
+
+if test -n "$ac_unrecognized_opts"; then
+  case $enable_option_checking in
+    no) ;;
+    fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;;
+    *)     $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;;
+  esac
+fi
+
+# Check all directory arguments for consistency.
+for ac_var in	exec_prefix prefix bindir sbindir libexecdir datarootdir \
+		datadir sysconfdir sharedstatedir localstatedir includedir \
+		oldincludedir docdir infodir htmldir dvidir pdfdir psdir \
+		libdir localedir mandir
+do
+  eval ac_val=\$$ac_var
+  # Remove trailing slashes.
+  case $ac_val in
+    */ )
+      ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'`
+      eval $ac_var=\$ac_val;;
+  esac
+  # Be sure to have absolute directory names.
+  case $ac_val in
+    [\\/$]* | ?:[\\/]* )  continue;;
+    NONE | '' ) case $ac_var in *prefix ) continue;; esac;;
+  esac
+  as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val"
+done
+
+# There might be people who depend on the old broken behavior: `$host'
+# used to hold the argument of --host etc.
+# FIXME: To remove some day.
+build=$build_alias
+host=$host_alias
+target=$target_alias
+
+# FIXME: To remove some day.
+if test "x$host_alias" != x; then
+  if test "x$build_alias" = x; then
+    cross_compiling=maybe
+    $as_echo "$as_me: WARNING: if you wanted to set the --build type, don't use --host.
+    If a cross compiler is detected then cross compile mode will be used" >&2
+  elif test "x$build_alias" != "x$host_alias"; then
+    cross_compiling=yes
+  fi
+fi
+
+ac_tool_prefix=
+test -n "$host_alias" && ac_tool_prefix=$host_alias-
+
+test "$silent" = yes && exec 6>/dev/null
+
+
+ac_pwd=`pwd` && test -n "$ac_pwd" &&
+ac_ls_di=`ls -di .` &&
+ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` ||
+  as_fn_error $? "working directory cannot be determined"
+test "X$ac_ls_di" = "X$ac_pwd_ls_di" ||
+  as_fn_error $? "pwd does not report name of working directory"
+
+
+# Find the source files, if location was not specified.
+if test -z "$srcdir"; then
+  ac_srcdir_defaulted=yes
+  # Try the directory containing this script, then the parent directory.
+  ac_confdir=`$as_dirname -- "$as_myself" ||
+$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+	 X"$as_myself" : 'X\(//\)[^/]' \| \
+	 X"$as_myself" : 'X\(//\)$' \| \
+	 X"$as_myself" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$as_myself" |
+    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)[^/].*/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+  srcdir=$ac_confdir
+  if test ! -r "$srcdir/$ac_unique_file"; then
+    srcdir=..
+  fi
+else
+  ac_srcdir_defaulted=no
+fi
+if test ! -r "$srcdir/$ac_unique_file"; then
+  test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .."
+  as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir"
+fi
+ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work"
+ac_abs_confdir=`(
+	cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg"
+	pwd)`
+# When building in place, set srcdir=.
+if test "$ac_abs_confdir" = "$ac_pwd"; then
+  srcdir=.
+fi
+# Remove unnecessary trailing slashes from srcdir.
+# Double slashes in file names in object file debugging info
+# mess up M-x gdb in Emacs.
+case $srcdir in
+*/) srcdir=`expr "X$srcdir" : 'X\(.*[^/]\)' \| "X$srcdir" : 'X\(.*\)'`;;
+esac
+for ac_var in $ac_precious_vars; do
+  eval ac_env_${ac_var}_set=\${${ac_var}+set}
+  eval ac_env_${ac_var}_value=\$${ac_var}
+  eval ac_cv_env_${ac_var}_set=\${${ac_var}+set}
+  eval ac_cv_env_${ac_var}_value=\$${ac_var}
+done
+
+#
+# Report the --help message.
+#
+if test "$ac_init_help" = "long"; then
+  # Omit some internal or obsolete options to make the list less imposing.
+  # This message is too long to be a string in the A/UX 3.1 sh.
+  cat <<_ACEOF
+\`configure' configures this package to adapt to many kinds of systems.
+
+Usage: $0 [OPTION]... [VAR=VALUE]...
+
+To assign environment variables (e.g., CC, CFLAGS...), specify them as
+VAR=VALUE.  See below for descriptions of some of the useful variables.
+
+Defaults for the options are specified in brackets.
+
+Configuration:
+  -h, --help              display this help and exit
+      --help=short        display options specific to this package
+      --help=recursive    display the short help of all the included packages
+  -V, --version           display version information and exit
+  -q, --quiet, --silent   do not print \`checking ...' messages
+      --cache-file=FILE   cache test results in FILE [disabled]
+  -C, --config-cache      alias for \`--cache-file=config.cache'
+  -n, --no-create         do not create output files
+      --srcdir=DIR        find the sources in DIR [configure dir or \`..']
+
+Installation directories:
+  --prefix=PREFIX         install architecture-independent files in PREFIX
+                          [$ac_default_prefix]
+  --exec-prefix=EPREFIX   install architecture-dependent files in EPREFIX
+                          [PREFIX]
+
+By default, \`make install' will install all the files in
+\`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc.  You can specify
+an installation prefix other than \`$ac_default_prefix' using \`--prefix',
+for instance \`--prefix=\$HOME'.
+
+For better control, use the options below.
+
+Fine tuning of the installation directories:
+  --bindir=DIR            user executables [EPREFIX/bin]
+  --sbindir=DIR           system admin executables [EPREFIX/sbin]
+  --libexecdir=DIR        program executables [EPREFIX/libexec]
+  --sysconfdir=DIR        read-only single-machine data [PREFIX/etc]
+  --sharedstatedir=DIR    modifiable architecture-independent data [PREFIX/com]
+  --localstatedir=DIR     modifiable single-machine data [PREFIX/var]
+  --libdir=DIR            object code libraries [EPREFIX/lib]
+  --includedir=DIR        C header files [PREFIX/include]
+  --oldincludedir=DIR     C header files for non-gcc [/usr/include]
+  --datarootdir=DIR       read-only arch.-independent data root [PREFIX/share]
+  --datadir=DIR           read-only architecture-independent data [DATAROOTDIR]
+  --infodir=DIR           info documentation [DATAROOTDIR/info]
+  --localedir=DIR         locale-dependent data [DATAROOTDIR/locale]
+  --mandir=DIR            man documentation [DATAROOTDIR/man]
+  --docdir=DIR            documentation root [DATAROOTDIR/doc/PACKAGE]
+  --htmldir=DIR           html documentation [DOCDIR]
+  --dvidir=DIR            dvi documentation [DOCDIR]
+  --pdfdir=DIR            pdf documentation [DOCDIR]
+  --psdir=DIR             ps documentation [DOCDIR]
+_ACEOF
+
+  cat <<\_ACEOF
+
+System types:
+  --build=BUILD     configure for building on BUILD [guessed]
+  --host=HOST       cross-compile to build programs to run on HOST [BUILD]
+_ACEOF
+fi
+
+if test -n "$ac_init_help"; then
+
+  cat <<\_ACEOF
+
+Optional Features:
+  --disable-option-checking  ignore unrecognized --enable/--with options
+  --disable-FEATURE       do not include FEATURE (same as --enable-FEATURE=no)
+  --enable-FEATURE[=ARG]  include FEATURE [ARG=yes]
+  --enable-mingw32                Use mingw32 for a Windows GUI
+  --disable-pthread               Don't use POSIX threads (pthreads)
+  --disable-toggle                Don't support temporary disable
+  --disable-force                 Don't allow single-page disable
+  --disable-fast-redirects        Don't support fast redirects
+  --disable-stats                 Don't keep statistics
+  --enable-ie-images              Enable a quick but not always reliable auto-detect whether requests from
+                                  MS Internet Explorer are for an image or not.
+  --disable-image-blocking        Don't try to figure out whether a request is
+                                  for an image or HTML - assume HTML.
+  --disable-acl-files             Prevents the use of ACL files to control access to
+                                  Privoxy by IP address.
+  --disable-trust-files           Prevents the use of trust files.
+  --disable-editor                Prevents the use of the web-based actions file
+                                  editor and web-based temporary disable setting.
+  --enable-no-gifs                Use politically correct PNG format instead of GIF
+                                  for built-in images. May not work with all browsers.
+  --enable-graceful-termination   Allow to shutdown Privoxy through the webinterface.
+  --enable-extended-host-patterns Allow extended regular expressions in host patterns.
+  --disable-dynamic-pcre          Use the built-in, static pcre, even if libpcre is available
+  --disable-zlib                  Don't use zlib to decompress data before filtering.
+
+Optional Packages:
+  --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
+  --without-PACKAGE       do not use PACKAGE (same as --with-PACKAGE=no)
+  --with-docbook=yes|no|directory
+                           Enable docbook documentation creation
+			   (default = yes, for gnu and linux)
+  --with-db2html=<path/executable>
+                          Set the location of the docbook to html converter
+                          (default = search)
+  --with-debug            Enable debug mode
+  --with-user=privoxy          Set user under which privoxy will run
+  --with-group=privoxy         Set group for privoxy
+
+Some influential environment variables:
+  CC          C compiler command
+  CFLAGS      C compiler flags
+  LDFLAGS     linker flags, e.g. -L<lib dir> if you have libraries in a
+              nonstandard directory <lib dir>
+  LIBS        libraries to pass to the linker, e.g. -l<library>
+  CPPFLAGS    (Objective) C/C++ preprocessor flags, e.g. -I<include dir> if
+              you have headers in a nonstandard directory <include dir>
+  CPP         C preprocessor
+
+Use these variables to override the choices made by `configure' or to help
+it to find libraries and programs with nonstandard names/locations.
+
+Report bugs to the package provider.
+_ACEOF
+ac_status=$?
+fi
+
+if test "$ac_init_help" = "recursive"; then
+  # If there are subdirs, report their specific --help.
+  for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue
+    test -d "$ac_dir" ||
+      { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } ||
+      continue
+    ac_builddir=.
+
+case "$ac_dir" in
+.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
+*)
+  ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'`
+  # A ".." for each directory in $ac_dir_suffix.
+  ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
+  case $ac_top_builddir_sub in
+  "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
+  *)  ac_top_build_prefix=$ac_top_builddir_sub/ ;;
+  esac ;;
+esac
+ac_abs_top_builddir=$ac_pwd
+ac_abs_builddir=$ac_pwd$ac_dir_suffix
+# for backward compatibility:
+ac_top_builddir=$ac_top_build_prefix
+
+case $srcdir in
+  .)  # We are building in place.
+    ac_srcdir=.
+    ac_top_srcdir=$ac_top_builddir_sub
+    ac_abs_top_srcdir=$ac_pwd ;;
+  [\\/]* | ?:[\\/]* )  # Absolute name.
+    ac_srcdir=$srcdir$ac_dir_suffix;
+    ac_top_srcdir=$srcdir
+    ac_abs_top_srcdir=$srcdir ;;
+  *) # Relative name.
+    ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix
+    ac_top_srcdir=$ac_top_build_prefix$srcdir
+    ac_abs_top_srcdir=$ac_pwd/$srcdir ;;
+esac
+ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix
+
+    cd "$ac_dir" || { ac_status=$?; continue; }
+    # Check for guested configure.
+    if test -f "$ac_srcdir/configure.gnu"; then
+      echo &&
+      $SHELL "$ac_srcdir/configure.gnu" --help=recursive
+    elif test -f "$ac_srcdir/configure"; then
+      echo &&
+      $SHELL "$ac_srcdir/configure" --help=recursive
+    else
+      $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2
+    fi || ac_status=$?
+    cd "$ac_pwd" || { ac_status=$?; break; }
+  done
+fi
+
+test -n "$ac_init_help" && exit $ac_status
+if $ac_init_version; then
+  cat <<\_ACEOF
+configure
+generated by GNU Autoconf 2.68
+
+Copyright (C) 2010 Free Software Foundation, Inc.
+This configure script is free software; the Free Software Foundation
+gives unlimited permission to copy, distribute and modify it.
+_ACEOF
+  exit
+fi
+
+## ------------------------ ##
+## Autoconf initialization. ##
+## ------------------------ ##
+
+# ac_fn_c_try_compile LINENO
+# --------------------------
+# Try to compile conftest.$ac_ext, and return whether this succeeded.
+ac_fn_c_try_compile ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  rm -f conftest.$ac_objext
+  if { { ac_try="$ac_compile"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_compile") 2>conftest.err
+  ac_status=$?
+  if test -s conftest.err; then
+    grep -v '^ *+' conftest.err >conftest.er1
+    cat conftest.er1 >&5
+    mv -f conftest.er1 conftest.err
+  fi
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } && {
+	 test -z "$ac_c_werror_flag" ||
+	 test ! -s conftest.err
+       } && test -s conftest.$ac_objext; then :
+  ac_retval=0
+else
+  $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+	ac_retval=1
+fi
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
+
+} # ac_fn_c_try_compile
+
+# ac_fn_c_try_cpp LINENO
+# ----------------------
+# Try to preprocess conftest.$ac_ext, and return whether this succeeded.
+ac_fn_c_try_cpp ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  if { { ac_try="$ac_cpp conftest.$ac_ext"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err
+  ac_status=$?
+  if test -s conftest.err; then
+    grep -v '^ *+' conftest.err >conftest.er1
+    cat conftest.er1 >&5
+    mv -f conftest.er1 conftest.err
+  fi
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } > conftest.i && {
+	 test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" ||
+	 test ! -s conftest.err
+       }; then :
+  ac_retval=0
+else
+  $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+    ac_retval=1
+fi
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
+
+} # ac_fn_c_try_cpp
+
+# ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES
+# -------------------------------------------------------
+# Tests whether HEADER exists, giving a warning if it cannot be compiled using
+# the include files in INCLUDES and setting the cache variable VAR
+# accordingly.
+ac_fn_c_check_header_mongrel ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  if eval \${$3+:} false; then :
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+  $as_echo_n "(cached) " >&6
+fi
+eval ac_res=\$$3
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+else
+  # Is the header compilable?
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5
+$as_echo_n "checking $2 usability... " >&6; }
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+#include <$2>
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_header_compiler=yes
+else
+  ac_header_compiler=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5
+$as_echo "$ac_header_compiler" >&6; }
+
+# Is the header present?
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5
+$as_echo_n "checking $2 presence... " >&6; }
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <$2>
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"; then :
+  ac_header_preproc=yes
+else
+  ac_header_preproc=no
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5
+$as_echo "$ac_header_preproc" >&6; }
+
+# So?  What about this header?
+case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #((
+  yes:no: )
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5
+$as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;}
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5
+$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;}
+    ;;
+  no:yes:* )
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5
+$as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;}
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2:     check for missing prerequisite headers?" >&5
+$as_echo "$as_me: WARNING: $2:     check for missing prerequisite headers?" >&2;}
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5
+$as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;}
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2:     section \"Present But Cannot Be Compiled\"" >&5
+$as_echo "$as_me: WARNING: $2:     section \"Present But Cannot Be Compiled\"" >&2;}
+    { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5
+$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;}
+    ;;
+esac
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  eval "$3=\$ac_header_compiler"
+fi
+eval ac_res=\$$3
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+fi
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} # ac_fn_c_check_header_mongrel
+
+# ac_fn_c_try_run LINENO
+# ----------------------
+# Try to link conftest.$ac_ext, and return whether this succeeded. Assumes
+# that executables *can* be run.
+ac_fn_c_try_run ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  if { { ac_try="$ac_link"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_link") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } && { ac_try='./conftest$ac_exeext'
+  { { case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_try") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; }; then :
+  ac_retval=0
+else
+  $as_echo "$as_me: program exited with status $ac_status" >&5
+       $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+       ac_retval=$ac_status
+fi
+  rm -rf conftest.dSYM conftest_ipa8_conftest.oo
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
+
+} # ac_fn_c_try_run
+
+# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES
+# -------------------------------------------------------
+# Tests whether HEADER exists and can be compiled using the include files in
+# INCLUDES, setting the cache variable VAR accordingly.
+ac_fn_c_check_header_compile ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+#include <$2>
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$3=yes"
+else
+  eval "$3=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+eval ac_res=\$$3
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} # ac_fn_c_check_header_compile
+
+# ac_fn_c_try_link LINENO
+# -----------------------
+# Try to link conftest.$ac_ext, and return whether this succeeded.
+ac_fn_c_try_link ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  rm -f conftest.$ac_objext conftest$ac_exeext
+  if { { ac_try="$ac_link"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_link") 2>conftest.err
+  ac_status=$?
+  if test -s conftest.err; then
+    grep -v '^ *+' conftest.err >conftest.er1
+    cat conftest.er1 >&5
+    mv -f conftest.er1 conftest.err
+  fi
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; } && {
+	 test -z "$ac_c_werror_flag" ||
+	 test ! -s conftest.err
+       } && test -s conftest$ac_exeext && {
+	 test "$cross_compiling" = yes ||
+	 $as_test_x conftest$ac_exeext
+       }; then :
+  ac_retval=0
+else
+  $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+	ac_retval=1
+fi
+  # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information
+  # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would
+  # interfere with the next link command; also delete a directory that is
+  # left behind by Apple's compiler.  We do this before executing the actions.
+  rm -rf conftest.dSYM conftest_ipa8_conftest.oo
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
+
+} # ac_fn_c_try_link
+
+# ac_fn_c_check_func LINENO FUNC VAR
+# ----------------------------------
+# Tests whether FUNC exists, setting the cache variable VAR accordingly
+ac_fn_c_check_func ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+/* Define $2 to an innocuous variant, in case <limits.h> declares $2.
+   For example, HP-UX 11i <limits.h> declares gettimeofday.  */
+#define $2 innocuous_$2
+
+/* System header to define __stub macros and hopefully few prototypes,
+    which can conflict with char $2 (); below.
+    Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+    <limits.h> exists even on freestanding compilers.  */
+
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+
+#undef $2
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char $2 ();
+/* The GNU C library defines this for functions which it implements
+    to always fail with ENOSYS.  Some functions are actually named
+    something starting with __ and the normal name is an alias.  */
+#if defined __stub_$2 || defined __stub___$2
+choke me
+#endif
+
+int
+main ()
+{
+return $2 ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  eval "$3=yes"
+else
+  eval "$3=no"
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+fi
+eval ac_res=\$$3
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} # ac_fn_c_check_func
+
+# ac_fn_c_check_type LINENO TYPE VAR INCLUDES
+# -------------------------------------------
+# Tests whether TYPE exists after having included INCLUDES, setting cache
+# variable VAR accordingly.
+ac_fn_c_check_type ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5
+$as_echo_n "checking for $2... " >&6; }
+if eval \${$3+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  eval "$3=no"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+if (sizeof ($2))
+	 return 0;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+if (sizeof (($2)))
+	    return 0;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+else
+  eval "$3=yes"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+eval ac_res=\$$3
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+
+} # ac_fn_c_check_type
+
+# ac_fn_c_compute_int LINENO EXPR VAR INCLUDES
+# --------------------------------------------
+# Tries to find the compile-time value of EXPR in a program that includes
+# INCLUDES, setting VAR accordingly. Returns whether the value could be
+# computed
+ac_fn_c_compute_int ()
+{
+  as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+  if test "$cross_compiling" = yes; then
+    # Depending upon the size, compute the lo and hi bounds.
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) >= 0)];
+test_array [0] = 0
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_lo=0 ac_mid=0
+  while :; do
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) <= $ac_mid)];
+test_array [0] = 0
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_hi=$ac_mid; break
+else
+  as_fn_arith $ac_mid + 1 && ac_lo=$as_val
+			if test $ac_lo -le $ac_mid; then
+			  ac_lo= ac_hi=
+			  break
+			fi
+			as_fn_arith 2 '*' $ac_mid + 1 && ac_mid=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  done
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) < 0)];
+test_array [0] = 0
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_hi=-1 ac_mid=-1
+  while :; do
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) >= $ac_mid)];
+test_array [0] = 0
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_lo=$ac_mid; break
+else
+  as_fn_arith '(' $ac_mid ')' - 1 && ac_hi=$as_val
+			if test $ac_mid -le $ac_hi; then
+			  ac_lo= ac_hi=
+			  break
+			fi
+			as_fn_arith 2 '*' $ac_mid && ac_mid=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+  done
+else
+  ac_lo= ac_hi=
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+# Binary search between lo and hi bounds.
+while test "x$ac_lo" != "x$ac_hi"; do
+  as_fn_arith '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo && ac_mid=$as_val
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+int
+main ()
+{
+static int test_array [1 - 2 * !(($2) <= $ac_mid)];
+test_array [0] = 0
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_hi=$ac_mid
+else
+  as_fn_arith '(' $ac_mid ')' + 1 && ac_lo=$as_val
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+done
+case $ac_lo in #((
+?*) eval "$3=\$ac_lo"; ac_retval=0 ;;
+'') ac_retval=1 ;;
+esac
+  else
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$4
+static long int longval () { return $2; }
+static unsigned long int ulongval () { return $2; }
+#include <stdio.h>
+#include <stdlib.h>
+int
+main ()
+{
+
+  FILE *f = fopen ("conftest.val", "w");
+  if (! f)
+    return 1;
+  if (($2) < 0)
+    {
+      long int i = longval ();
+      if (i != ($2))
+	return 1;
+      fprintf (f, "%ld", i);
+    }
+  else
+    {
+      unsigned long int i = ulongval ();
+      if (i != ($2))
+	return 1;
+      fprintf (f, "%lu", i);
+    }
+  /* Do not output a trailing newline, as this causes \r\n confusion
+     on some platforms.  */
+  return ferror (f) || fclose (f) != 0;
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"; then :
+  echo >>conftest.val; read $3 <conftest.val; ac_retval=0
+else
+  ac_retval=1
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+  conftest.$ac_objext conftest.beam conftest.$ac_ext
+rm -f conftest.val
+
+  fi
+  eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno
+  as_fn_set_status $ac_retval
+
+} # ac_fn_c_compute_int
+cat >config.log <<_ACEOF
+This file contains any messages produced by compilers while
+running configure, to aid debugging if configure makes a mistake.
+
+It was created by $as_me, which was
+generated by GNU Autoconf 2.68.  Invocation command line was
+
+  $ $0 $@
+
+_ACEOF
+exec 5>>config.log
+{
+cat <<_ASUNAME
+## --------- ##
+## Platform. ##
+## --------- ##
+
+hostname = `(hostname || uname -n) 2>/dev/null | sed 1q`
+uname -m = `(uname -m) 2>/dev/null || echo unknown`
+uname -r = `(uname -r) 2>/dev/null || echo unknown`
+uname -s = `(uname -s) 2>/dev/null || echo unknown`
+uname -v = `(uname -v) 2>/dev/null || echo unknown`
+
+/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown`
+/bin/uname -X     = `(/bin/uname -X) 2>/dev/null     || echo unknown`
+
+/bin/arch              = `(/bin/arch) 2>/dev/null              || echo unknown`
+/usr/bin/arch -k       = `(/usr/bin/arch -k) 2>/dev/null       || echo unknown`
+/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown`
+/usr/bin/hostinfo      = `(/usr/bin/hostinfo) 2>/dev/null      || echo unknown`
+/bin/machine           = `(/bin/machine) 2>/dev/null           || echo unknown`
+/usr/bin/oslevel       = `(/usr/bin/oslevel) 2>/dev/null       || echo unknown`
+/bin/universe          = `(/bin/universe) 2>/dev/null          || echo unknown`
+
+_ASUNAME
+
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    $as_echo "PATH: $as_dir"
+  done
+IFS=$as_save_IFS
+
+} >&5
+
+cat >&5 <<_ACEOF
+
+
+## ----------- ##
+## Core tests. ##
+## ----------- ##
+
+_ACEOF
+
+
+# Keep a trace of the command line.
+# Strip out --no-create and --no-recursion so they do not pile up.
+# Strip out --silent because we don't want to record it for future runs.
+# Also quote any args containing shell meta-characters.
+# Make two passes to allow for proper duplicate-argument suppression.
+ac_configure_args=
+ac_configure_args0=
+ac_configure_args1=
+ac_must_keep_next=false
+for ac_pass in 1 2
+do
+  for ac_arg
+  do
+    case $ac_arg in
+    -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;;
+    -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+    | -silent | --silent | --silen | --sile | --sil)
+      continue ;;
+    *\'*)
+      ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;;
+    esac
+    case $ac_pass in
+    1) as_fn_append ac_configure_args0 " '$ac_arg'" ;;
+    2)
+      as_fn_append ac_configure_args1 " '$ac_arg'"
+      if test $ac_must_keep_next = true; then
+	ac_must_keep_next=false # Got value, back to normal.
+      else
+	case $ac_arg in
+	  *=* | --config-cache | -C | -disable-* | --disable-* \
+	  | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \
+	  | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \
+	  | -with-* | --with-* | -without-* | --without-* | --x)
+	    case "$ac_configure_args0 " in
+	      "$ac_configure_args1"*" '$ac_arg' "* ) continue ;;
+	    esac
+	    ;;
+	  -* ) ac_must_keep_next=true ;;
+	esac
+      fi
+      as_fn_append ac_configure_args " '$ac_arg'"
+      ;;
+    esac
+  done
+done
+{ ac_configure_args0=; unset ac_configure_args0;}
+{ ac_configure_args1=; unset ac_configure_args1;}
+
+# When interrupted or exit'd, cleanup temporary files, and complete
+# config.log.  We remove comments because anyway the quotes in there
+# would cause problems or look ugly.
+# WARNING: Use '\'' to represent an apostrophe within the trap.
+# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug.
+trap 'exit_status=$?
+  # Save into config.log some information that might help in debugging.
+  {
+    echo
+
+    $as_echo "## ---------------- ##
+## Cache variables. ##
+## ---------------- ##"
+    echo
+    # The following way of writing the cache mishandles newlines in values,
+(
+  for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do
+    eval ac_val=\$$ac_var
+    case $ac_val in #(
+    *${as_nl}*)
+      case $ac_var in #(
+      *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5
+$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
+      esac
+      case $ac_var in #(
+      _ | IFS | as_nl) ;; #(
+      BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
+      *) { eval $ac_var=; unset $ac_var;} ;;
+      esac ;;
+    esac
+  done
+  (set) 2>&1 |
+    case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #(
+    *${as_nl}ac_space=\ *)
+      sed -n \
+	"s/'\''/'\''\\\\'\'''\''/g;
+	  s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p"
+      ;; #(
+    *)
+      sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p"
+      ;;
+    esac |
+    sort
+)
+    echo
+
+    $as_echo "## ----------------- ##
+## Output variables. ##
+## ----------------- ##"
+    echo
+    for ac_var in $ac_subst_vars
+    do
+      eval ac_val=\$$ac_var
+      case $ac_val in
+      *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
+      esac
+      $as_echo "$ac_var='\''$ac_val'\''"
+    done | sort
+    echo
+
+    if test -n "$ac_subst_files"; then
+      $as_echo "## ------------------- ##
+## File substitutions. ##
+## ------------------- ##"
+      echo
+      for ac_var in $ac_subst_files
+      do
+	eval ac_val=\$$ac_var
+	case $ac_val in
+	*\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;;
+	esac
+	$as_echo "$ac_var='\''$ac_val'\''"
+      done | sort
+      echo
+    fi
+
+    if test -s confdefs.h; then
+      $as_echo "## ----------- ##
+## confdefs.h. ##
+## ----------- ##"
+      echo
+      cat confdefs.h
+      echo
+    fi
+    test "$ac_signal" != 0 &&
+      $as_echo "$as_me: caught signal $ac_signal"
+    $as_echo "$as_me: exit $exit_status"
+  } >&5
+  rm -f core *.core core.conftest.* &&
+    rm -f -r conftest* confdefs* conf$$* $ac_clean_files &&
+    exit $exit_status
+' 0
+for ac_signal in 1 2 13 15; do
+  trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal
+done
+ac_signal=0
+
+# confdefs.h avoids OS command line length limits that DEFS can exceed.
+rm -f -r conftest* confdefs.h
+
+$as_echo "/* confdefs.h */" > confdefs.h
+
+# Predefined preprocessor variables.
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_NAME "$PACKAGE_NAME"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_TARNAME "$PACKAGE_TARNAME"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_VERSION "$PACKAGE_VERSION"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_STRING "$PACKAGE_STRING"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+#define PACKAGE_URL "$PACKAGE_URL"
+_ACEOF
+
+
+# Let the site file select an alternate cache file if it wants to.
+# Prefer an explicitly selected file to automatically selected ones.
+ac_site_file1=NONE
+ac_site_file2=NONE
+if test -n "$CONFIG_SITE"; then
+  # We do not want a PATH search for config.site.
+  case $CONFIG_SITE in #((
+    -*)  ac_site_file1=./$CONFIG_SITE;;
+    */*) ac_site_file1=$CONFIG_SITE;;
+    *)   ac_site_file1=./$CONFIG_SITE;;
+  esac
+elif test "x$prefix" != xNONE; then
+  ac_site_file1=$prefix/share/config.site
+  ac_site_file2=$prefix/etc/config.site
+else
+  ac_site_file1=$ac_default_prefix/share/config.site
+  ac_site_file2=$ac_default_prefix/etc/config.site
+fi
+for ac_site_file in "$ac_site_file1" "$ac_site_file2"
+do
+  test "x$ac_site_file" = xNONE && continue
+  if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then
+    { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5
+$as_echo "$as_me: loading site script $ac_site_file" >&6;}
+    sed 's/^/| /' "$ac_site_file" >&5
+    . "$ac_site_file" \
+      || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "failed to load site script $ac_site_file
+See \`config.log' for more details" "$LINENO" 5; }
+  fi
+done
+
+if test -r "$cache_file"; then
+  # Some versions of bash will fail to source /dev/null (special files
+  # actually), so we avoid doing that.  DJGPP emulates it as a regular file.
+  if test /dev/null != "$cache_file" && test -f "$cache_file"; then
+    { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5
+$as_echo "$as_me: loading cache $cache_file" >&6;}
+    case $cache_file in
+      [\\/]* | ?:[\\/]* ) . "$cache_file";;
+      *)                      . "./$cache_file";;
+    esac
+  fi
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5
+$as_echo "$as_me: creating cache $cache_file" >&6;}
+  >$cache_file
+fi
+
+# Check that the precious variables saved in the cache have kept the same
+# value.
+ac_cache_corrupted=false
+for ac_var in $ac_precious_vars; do
+  eval ac_old_set=\$ac_cv_env_${ac_var}_set
+  eval ac_new_set=\$ac_env_${ac_var}_set
+  eval ac_old_val=\$ac_cv_env_${ac_var}_value
+  eval ac_new_val=\$ac_env_${ac_var}_value
+  case $ac_old_set,$ac_new_set in
+    set,)
+      { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5
+$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;}
+      ac_cache_corrupted=: ;;
+    ,set)
+      { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5
+$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;}
+      ac_cache_corrupted=: ;;
+    ,);;
+    *)
+      if test "x$ac_old_val" != "x$ac_new_val"; then
+	# differences in whitespace do not lead to failure.
+	ac_old_val_w=`echo x $ac_old_val`
+	ac_new_val_w=`echo x $ac_new_val`
+	if test "$ac_old_val_w" != "$ac_new_val_w"; then
+	  { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5
+$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;}
+	  ac_cache_corrupted=:
+	else
+	  { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5
+$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;}
+	  eval $ac_var=\$ac_old_val
+	fi
+	{ $as_echo "$as_me:${as_lineno-$LINENO}:   former value:  \`$ac_old_val'" >&5
+$as_echo "$as_me:   former value:  \`$ac_old_val'" >&2;}
+	{ $as_echo "$as_me:${as_lineno-$LINENO}:   current value: \`$ac_new_val'" >&5
+$as_echo "$as_me:   current value: \`$ac_new_val'" >&2;}
+      fi;;
+  esac
+  # Pass precious variables to config.status.
+  if test "$ac_new_set" = set; then
+    case $ac_new_val in
+    *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;;
+    *) ac_arg=$ac_var=$ac_new_val ;;
+    esac
+    case " $ac_configure_args " in
+      *" '$ac_arg' "*) ;; # Avoid dups.  Use of quotes ensures accuracy.
+      *) as_fn_append ac_configure_args " '$ac_arg'" ;;
+    esac
+  fi
+done
+if $ac_cache_corrupted; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+  { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5
+$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;}
+  as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5
+fi
+## -------------------- ##
+## Main body of script. ##
+## -------------------- ##
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+
+
+if test ! -f config.h.in; then
+   echo "You need to run autoheader first. "
+   echo -n "Shall I do this for you now? (y/n) "
+   read answer
+   if test "$answer" != "y"; then
+      exit 1
+   else
+      autoheader
+  fi
+fi
+
+ac_config_headers="$ac_config_headers config.h"
+
+ac_aux_dir=
+for ac_dir in "$srcdir" "$srcdir/.." "$srcdir/../.."; do
+  if test -f "$ac_dir/install-sh"; then
+    ac_aux_dir=$ac_dir
+    ac_install_sh="$ac_aux_dir/install-sh -c"
+    break
+  elif test -f "$ac_dir/install.sh"; then
+    ac_aux_dir=$ac_dir
+    ac_install_sh="$ac_aux_dir/install.sh -c"
+    break
+  elif test -f "$ac_dir/shtool"; then
+    ac_aux_dir=$ac_dir
+    ac_install_sh="$ac_aux_dir/shtool install -c"
+    break
+  fi
+done
+if test -z "$ac_aux_dir"; then
+  as_fn_error $? "cannot find install-sh, install.sh, or shtool in \"$srcdir\" \"$srcdir/..\" \"$srcdir/../..\"" "$LINENO" 5
+fi
+
+# These three variables are undocumented and unsupported,
+# and are intended to be withdrawn in a future Autoconf release.
+# They can cause serious problems if a builder's source tree is in a directory
+# whose full name contains unusual characters.
+ac_config_guess="$SHELL $ac_aux_dir/config.guess"  # Please don't use this var.
+ac_config_sub="$SHELL $ac_aux_dir/config.sub"  # Please don't use this var.
+ac_configure="$SHELL $ac_aux_dir/configure"  # Please don't use this var.
+
+
+# Make sure we can run config.sub.
+$SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 ||
+  as_fn_error $? "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking build system type" >&5
+$as_echo_n "checking build system type... " >&6; }
+if ${ac_cv_build+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_build_alias=$build_alias
+test "x$ac_build_alias" = x &&
+  ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"`
+test "x$ac_build_alias" = x &&
+  as_fn_error $? "cannot guess build type; you must specify one" "$LINENO" 5
+ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` ||
+  as_fn_error $? "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5
+$as_echo "$ac_cv_build" >&6; }
+case $ac_cv_build in
+*-*-*) ;;
+*) as_fn_error $? "invalid value of canonical build" "$LINENO" 5;;
+esac
+build=$ac_cv_build
+ac_save_IFS=$IFS; IFS='-'
+set x $ac_cv_build
+shift
+build_cpu=$1
+build_vendor=$2
+shift; shift
+# Remember, the first character of IFS is used to create $*,
+# except with old shells:
+build_os=$*
+IFS=$ac_save_IFS
+case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking host system type" >&5
+$as_echo_n "checking host system type... " >&6; }
+if ${ac_cv_host+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test "x$host_alias" = x; then
+  ac_cv_host=$ac_cv_build
+else
+  ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` ||
+    as_fn_error $? "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5
+$as_echo "$ac_cv_host" >&6; }
+case $ac_cv_host in
+*-*-*) ;;
+*) as_fn_error $? "invalid value of canonical host" "$LINENO" 5;;
+esac
+host=$ac_cv_host
+ac_save_IFS=$IFS; IFS='-'
+set x $ac_cv_host
+shift
+host_cpu=$1
+host_vendor=$2
+shift; shift
+# Remember, the first character of IFS is used to create $*,
+# except with old shells:
+host_os=$*
+IFS=$ac_save_IFS
+case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac
+
+
+
+dodk=auto
+DKPREFIX=none
+
+# Check whether --with-docbook was given.
+if test "${with_docbook+set}" = set; then :
+  withval=$with_docbook; case "$with_docbook" in
+yes) dodk=yes;;
+no) dodk=no;;
+*)
+	dodk=yes
+	DKPREFIX=$withval
+	;;
+esac
+
+fi
+
+DB2HTML=false
+
+# Check whether --with-db2html was given.
+if test "${with_db2html+set}" = set; then :
+  withval=$with_db2html; DB2HTML=$withval
+
+fi
+
+
+
+VERSION_MAJOR=3
+VERSION_MINOR=0
+VERSION_POINT=12
+CODE_STATUS="stable"
+
+
+
+
+
+
+
+
+cat >>confdefs.h <<_ACEOF
+#define VERSION_MAJOR ${VERSION_MAJOR}
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+#define VERSION_MINOR ${VERSION_MINOR}
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+#define VERSION_POINT ${VERSION_POINT}
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+#define VERSION "${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_POINT}"
+_ACEOF
+
+cat >>confdefs.h <<_ACEOF
+#define CODE_STATUS "${CODE_STATUS}"
+_ACEOF
+
+
+
+if test "X$CFLAGS" = "X"; then
+   CFLAGS=" "
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+if test -n "$ac_tool_prefix"; then
+  # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args.
+set dummy ${ac_tool_prefix}gcc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_CC="${ac_tool_prefix}gcc"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$ac_cv_prog_CC"; then
+  ac_ct_CC=$CC
+  # Extract the first word of "gcc", so it can be a program name with args.
+set dummy gcc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_CC"; then
+  ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_ac_ct_CC="gcc"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_CC=$ac_cv_prog_ac_ct_CC
+if test -n "$ac_ct_CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
+$as_echo "$ac_ct_CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+  if test "x$ac_ct_CC" = x; then
+    CC=""
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    CC=$ac_ct_CC
+  fi
+else
+  CC="$ac_cv_prog_CC"
+fi
+
+if test -z "$CC"; then
+          if test -n "$ac_tool_prefix"; then
+    # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args.
+set dummy ${ac_tool_prefix}cc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_CC="${ac_tool_prefix}cc"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  fi
+fi
+if test -z "$CC"; then
+  # Extract the first word of "cc", so it can be a program name with args.
+set dummy cc; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+  ac_prog_rejected=no
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then
+       ac_prog_rejected=yes
+       continue
+     fi
+    ac_cv_prog_CC="cc"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+if test $ac_prog_rejected = yes; then
+  # We found a bogon in the path, so make sure we never use it.
+  set dummy $ac_cv_prog_CC
+  shift
+  if test $# != 0; then
+    # We chose a different compiler from the bogus one.
+    # However, it has the same basename, so the bogon will be chosen
+    # first if we set CC to just the basename; use the full file name.
+    shift
+    ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@"
+  fi
+fi
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+fi
+if test -z "$CC"; then
+  if test -n "$ac_tool_prefix"; then
+  for ac_prog in cl.exe
+  do
+    # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args.
+set dummy $ac_tool_prefix$ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_CC="$ac_tool_prefix$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+CC=$ac_cv_prog_CC
+if test -n "$CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5
+$as_echo "$CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+    test -n "$CC" && break
+  done
+fi
+if test -z "$CC"; then
+  ac_ct_CC=$CC
+  for ac_prog in cl.exe
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_ac_ct_CC+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$ac_ct_CC"; then
+  ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_ac_ct_CC="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+ac_ct_CC=$ac_cv_prog_ac_ct_CC
+if test -n "$ac_ct_CC"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5
+$as_echo "$ac_ct_CC" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$ac_ct_CC" && break
+done
+
+  if test "x$ac_ct_CC" = x; then
+    CC=""
+  else
+    case $cross_compiling:$ac_tool_warned in
+yes:)
+{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5
+$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;}
+ac_tool_warned=yes ;;
+esac
+    CC=$ac_ct_CC
+  fi
+fi
+
+fi
+
+
+test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "no acceptable C compiler found in \$PATH
+See \`config.log' for more details" "$LINENO" 5; }
+
+# Provide some information about the compiler.
+$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5
+set X $ac_compile
+ac_compiler=$2
+for ac_option in --version -v -V -qversion; do
+  { { ac_try="$ac_compiler $ac_option >&5"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_compiler $ac_option >&5") 2>conftest.err
+  ac_status=$?
+  if test -s conftest.err; then
+    sed '10a\
+... rest of stderr output deleted ...
+         10q' conftest.err >conftest.er1
+    cat conftest.er1 >&5
+  fi
+  rm -f conftest.er1 conftest.err
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+done
+
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+ac_clean_files_save=$ac_clean_files
+ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out"
+# Try to create an executable without -o first, disregard a.out.
+# It will help us diagnose broken compilers, and finding out an intuition
+# of exeext.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5
+$as_echo_n "checking whether the C compiler works... " >&6; }
+ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'`
+
+# The possible output files:
+ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*"
+
+ac_rmfiles=
+for ac_file in $ac_files
+do
+  case $ac_file in
+    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
+    * ) ac_rmfiles="$ac_rmfiles $ac_file";;
+  esac
+done
+rm -f $ac_rmfiles
+
+if { { ac_try="$ac_link_default"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_link_default") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then :
+  # Autoconf-2.13 could set the ac_cv_exeext variable to `no'.
+# So ignore a value of `no', otherwise this would lead to `EXEEXT = no'
+# in a Makefile.  We should not override ac_cv_exeext if it was cached,
+# so that the user can short-circuit this test for compilers unknown to
+# Autoconf.
+for ac_file in $ac_files ''
+do
+  test -f "$ac_file" || continue
+  case $ac_file in
+    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj )
+	;;
+    [ab].out )
+	# We found the default executable, but exeext='' is most
+	# certainly right.
+	break;;
+    *.* )
+	if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no;
+	then :; else
+	   ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
+	fi
+	# We set ac_cv_exeext here because the later test for it is not
+	# safe: cross compilers may not add the suffix if given an `-o'
+	# argument, so we may need to know it at that point already.
+	# Even if this section looks crufty: it has the advantage of
+	# actually working.
+	break;;
+    * )
+	break;;
+  esac
+done
+test "$ac_cv_exeext" = no && ac_cv_exeext=
+
+else
+  ac_file=''
+fi
+if test -z "$ac_file"; then :
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+$as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "C compiler cannot create executables
+See \`config.log' for more details" "$LINENO" 5; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5
+$as_echo_n "checking for C compiler default output file name... " >&6; }
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5
+$as_echo "$ac_file" >&6; }
+ac_exeext=$ac_cv_exeext
+
+rm -f -r a.out a.out.dSYM a.exe conftest$ac_cv_exeext b.out
+ac_clean_files=$ac_clean_files_save
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of executables" >&5
+$as_echo_n "checking for suffix of executables... " >&6; }
+if { { ac_try="$ac_link"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_link") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then :
+  # If both `conftest.exe' and `conftest' are `present' (well, observable)
+# catch `conftest.exe'.  For instance with Cygwin, `ls conftest' will
+# work properly (i.e., refer to `conftest.exe'), while it won't with
+# `rm'.
+for ac_file in conftest.exe conftest conftest.*; do
+  test -f "$ac_file" || continue
+  case $ac_file in
+    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;;
+    *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'`
+	  break;;
+    * ) break;;
+  esac
+done
+else
+  { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot compute suffix of executables: cannot compile and link
+See \`config.log' for more details" "$LINENO" 5; }
+fi
+rm -f conftest conftest$ac_cv_exeext
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5
+$as_echo "$ac_cv_exeext" >&6; }
+
+rm -f conftest.$ac_ext
+EXEEXT=$ac_cv_exeext
+ac_exeext=$EXEEXT
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <stdio.h>
+int
+main ()
+{
+FILE *f = fopen ("conftest.out", "w");
+ return ferror (f) || fclose (f) != 0;
+
+  ;
+  return 0;
+}
+_ACEOF
+ac_clean_files="$ac_clean_files conftest.out"
+# Check that the compiler produces executables we can run.  If not, either
+# the compiler is broken, or we cross compile.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5
+$as_echo_n "checking whether we are cross compiling... " >&6; }
+if test "$cross_compiling" != yes; then
+  { { ac_try="$ac_link"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_link") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }
+  if { ac_try='./conftest$ac_cv_exeext'
+  { { case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_try") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; }; then
+    cross_compiling=no
+  else
+    if test "$cross_compiling" = maybe; then
+	cross_compiling=yes
+    else
+	{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot run C compiled programs.
+If you meant to cross compile, use \`--host'.
+See \`config.log' for more details" "$LINENO" 5; }
+    fi
+  fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5
+$as_echo "$cross_compiling" >&6; }
+
+rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out
+ac_clean_files=$ac_clean_files_save
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5
+$as_echo_n "checking for suffix of object files... " >&6; }
+if ${ac_cv_objext+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+rm -f conftest.o conftest.obj
+if { { ac_try="$ac_compile"
+case "(($ac_try" in
+  *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;;
+  *) ac_try_echo=$ac_try;;
+esac
+eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\""
+$as_echo "$ac_try_echo"; } >&5
+  (eval "$ac_compile") 2>&5
+  ac_status=$?
+  $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5
+  test $ac_status = 0; }; then :
+  for ac_file in conftest.o conftest.obj conftest.*; do
+  test -f "$ac_file" || continue;
+  case $ac_file in
+    *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;;
+    *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'`
+       break;;
+  esac
+done
+else
+  $as_echo "$as_me: failed program was:" >&5
+sed 's/^/| /' conftest.$ac_ext >&5
+
+{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "cannot compute suffix of object files: cannot compile
+See \`config.log' for more details" "$LINENO" 5; }
+fi
+rm -f conftest.$ac_cv_objext conftest.$ac_ext
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5
+$as_echo "$ac_cv_objext" >&6; }
+OBJEXT=$ac_cv_objext
+ac_objext=$OBJEXT
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5
+$as_echo_n "checking whether we are using the GNU C compiler... " >&6; }
+if ${ac_cv_c_compiler_gnu+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+#ifndef __GNUC__
+       choke me
+#endif
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_compiler_gnu=yes
+else
+  ac_compiler_gnu=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+ac_cv_c_compiler_gnu=$ac_compiler_gnu
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5
+$as_echo "$ac_cv_c_compiler_gnu" >&6; }
+if test $ac_compiler_gnu = yes; then
+  GCC=yes
+else
+  GCC=
+fi
+ac_test_CFLAGS=${CFLAGS+set}
+ac_save_CFLAGS=$CFLAGS
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5
+$as_echo_n "checking whether $CC accepts -g... " >&6; }
+if ${ac_cv_prog_cc_g+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_save_c_werror_flag=$ac_c_werror_flag
+   ac_c_werror_flag=yes
+   ac_cv_prog_cc_g=no
+   CFLAGS="-g"
+   cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_prog_cc_g=yes
+else
+  CFLAGS=""
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+else
+  ac_c_werror_flag=$ac_save_c_werror_flag
+	 CFLAGS="-g"
+	 cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_prog_cc_g=yes
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+   ac_c_werror_flag=$ac_save_c_werror_flag
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5
+$as_echo "$ac_cv_prog_cc_g" >&6; }
+if test "$ac_test_CFLAGS" = set; then
+  CFLAGS=$ac_save_CFLAGS
+elif test $ac_cv_prog_cc_g = yes; then
+  if test "$GCC" = yes; then
+    CFLAGS="-g -O2"
+  else
+    CFLAGS="-g"
+  fi
+else
+  if test "$GCC" = yes; then
+    CFLAGS="-O2"
+  else
+    CFLAGS=
+  fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5
+$as_echo_n "checking for $CC option to accept ISO C89... " >&6; }
+if ${ac_cv_prog_cc_c89+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_cv_prog_cc_c89=no
+ac_save_CC=$CC
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <stdarg.h>
+#include <stdio.h>
+#include <sys/types.h>
+#include <sys/stat.h>
+/* Most of the following tests are stolen from RCS 5.7's src/conf.sh.  */
+struct buf { int x; };
+FILE * (*rcsopen) (struct buf *, struct stat *, int);
+static char *e (p, i)
+     char **p;
+     int i;
+{
+  return p[i];
+}
+static char *f (char * (*g) (char **, int), char **p, ...)
+{
+  char *s;
+  va_list v;
+  va_start (v,p);
+  s = g (p, va_arg (v,int));
+  va_end (v);
+  return s;
+}
+
+/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default.  It has
+   function prototypes and stuff, but not '\xHH' hex character constants.
+   These don't provoke an error unfortunately, instead are silently treated
+   as 'x'.  The following induces an error, until -std is added to get
+   proper ANSI mode.  Curiously '\x00'!='x' always comes out true, for an
+   array size at least.  It's necessary to write '\x00'==0 to get something
+   that's true only with -std.  */
+int osf4_cc_array ['\x00' == 0 ? 1 : -1];
+
+/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters
+   inside strings and character constants.  */
+#define FOO(x) 'x'
+int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1];
+
+int test (int i, double x);
+struct s1 {int (*f) (int a);};
+struct s2 {int (*f) (double a);};
+int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int);
+int argc;
+char **argv;
+int
+main ()
+{
+return f (e, argv, 0) != argv[0]  ||  f (e, argv, 1) != argv[1];
+  ;
+  return 0;
+}
+_ACEOF
+for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \
+	-Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__"
+do
+  CC="$ac_save_CC $ac_arg"
+  if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_prog_cc_c89=$ac_arg
+fi
+rm -f core conftest.err conftest.$ac_objext
+  test "x$ac_cv_prog_cc_c89" != "xno" && break
+done
+rm -f conftest.$ac_ext
+CC=$ac_save_CC
+
+fi
+# AC_CACHE_VAL
+case "x$ac_cv_prog_cc_c89" in
+  x)
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5
+$as_echo "none needed" >&6; } ;;
+  xno)
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5
+$as_echo "unsupported" >&6; } ;;
+  *)
+    CC="$CC $ac_cv_prog_cc_c89"
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5
+$as_echo "$ac_cv_prog_cc_c89" >&6; } ;;
+esac
+if test "x$ac_cv_prog_cc_c89" != xno; then :
+
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5
+$as_echo_n "checking how to run the C preprocessor... " >&6; }
+# On Suns, sometimes $CPP names a directory.
+if test -n "$CPP" && test -d "$CPP"; then
+  CPP=
+fi
+if test -z "$CPP"; then
+  if ${ac_cv_prog_CPP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+      # Double quotes because CPP needs to be expanded
+    for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp"
+    do
+      ac_preproc_ok=false
+for ac_c_preproc_warn_flag in '' yes
+do
+  # Use a header file that comes with gcc, so configuring glibc
+  # with a fresh cross-compiler works.
+  # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+  # <limits.h> exists even on freestanding compilers.
+  # On the NeXT, cc -E runs the code through the compiler's parser,
+  # not just through cpp. "Syntax error" is here to catch this case.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+		     Syntax error
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"; then :
+
+else
+  # Broken: fails on valid input.
+continue
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+  # OK, works on sane cases.  Now check whether nonexistent headers
+  # can be detected and how.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <ac_nonexistent.h>
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"; then :
+  # Broken: success on invalid input.
+continue
+else
+  # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.i conftest.err conftest.$ac_ext
+if $ac_preproc_ok; then :
+  break
+fi
+
+    done
+    ac_cv_prog_CPP=$CPP
+
+fi
+  CPP=$ac_cv_prog_CPP
+else
+  ac_cv_prog_CPP=$CPP
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5
+$as_echo "$CPP" >&6; }
+ac_preproc_ok=false
+for ac_c_preproc_warn_flag in '' yes
+do
+  # Use a header file that comes with gcc, so configuring glibc
+  # with a fresh cross-compiler works.
+  # Prefer <limits.h> to <assert.h> if __STDC__ is defined, since
+  # <limits.h> exists even on freestanding compilers.
+  # On the NeXT, cc -E runs the code through the compiler's parser,
+  # not just through cpp. "Syntax error" is here to catch this case.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#ifdef __STDC__
+# include <limits.h>
+#else
+# include <assert.h>
+#endif
+		     Syntax error
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"; then :
+
+else
+  # Broken: fails on valid input.
+continue
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+  # OK, works on sane cases.  Now check whether nonexistent headers
+  # can be detected and how.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <ac_nonexistent.h>
+_ACEOF
+if ac_fn_c_try_cpp "$LINENO"; then :
+  # Broken: success on invalid input.
+continue
+else
+  # Passes both tests.
+ac_preproc_ok=:
+break
+fi
+rm -f conftest.err conftest.i conftest.$ac_ext
+
+done
+# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped.
+rm -f conftest.i conftest.err conftest.$ac_ext
+if $ac_preproc_ok; then :
+
+else
+  { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error $? "C preprocessor \"$CPP\" fails sanity check
+See \`config.log' for more details" "$LINENO" 5; }
+fi
+
+ac_ext=c
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5'
+ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5'
+ac_compiler_gnu=$ac_cv_c_compiler_gnu
+
+# Find a good install program.  We prefer a C program (faster),
+# so one script is as good as another.  But avoid the broken or
+# incompatible versions:
+# SysV /etc/install, /usr/sbin/install
+# SunOS /usr/etc/install
+# IRIX /sbin/install
+# AIX /bin/install
+# AmigaOS /C/install, which installs bootblocks on floppy discs
+# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag
+# AFS /usr/afsws/bin/install, which mishandles nonexistent args
+# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff"
+# OS/2's system install, which has a completely different semantic
+# ./install, which can be erroneously created by make from ./install.sh.
+# Reject install programs that cannot install multiple files.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5
+$as_echo_n "checking for a BSD-compatible install... " >&6; }
+if test -z "$INSTALL"; then
+if ${ac_cv_path_install+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    # Account for people who put trailing slashes in PATH elements.
+case $as_dir/ in #((
+  ./ | .// | /[cC]/* | \
+  /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \
+  ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \
+  /usr/ucb/* ) ;;
+  *)
+    # OSF1 and SCO ODT 3.0 have their own names for install.
+    # Don't use installbsd from OSF since it installs stuff as root
+    # by default.
+    for ac_prog in ginstall scoinst install; do
+      for ac_exec_ext in '' $ac_executable_extensions; do
+	if { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; }; then
+	  if test $ac_prog = install &&
+	    grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
+	    # AIX install.  It has an incompatible calling convention.
+	    :
+	  elif test $ac_prog = install &&
+	    grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then
+	    # program-specific install script used by HP pwplus--don't use.
+	    :
+	  else
+	    rm -rf conftest.one conftest.two conftest.dir
+	    echo one > conftest.one
+	    echo two > conftest.two
+	    mkdir conftest.dir
+	    if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" &&
+	      test -s conftest.one && test -s conftest.two &&
+	      test -s conftest.dir/conftest.one &&
+	      test -s conftest.dir/conftest.two
+	    then
+	      ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c"
+	      break 3
+	    fi
+	  fi
+	fi
+      done
+    done
+    ;;
+esac
+
+  done
+IFS=$as_save_IFS
+
+rm -rf conftest.one conftest.two conftest.dir
+
+fi
+  if test "${ac_cv_path_install+set}" = set; then
+    INSTALL=$ac_cv_path_install
+  else
+    # As a last resort, use the slow shell script.  Don't cache a
+    # value for INSTALL within a source directory, because that will
+    # break other packages using the cache if that directory is
+    # removed, or if the value is a relative name.
+    INSTALL=$ac_install_sh
+  fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5
+$as_echo "$INSTALL" >&6; }
+
+# Use test -z because SunOS4 sh mishandles braces in ${var-val}.
+# It thinks the first close brace ends the variable substitution.
+test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}'
+
+test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}'
+
+test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644'
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ln -s works" >&5
+$as_echo_n "checking whether ln -s works... " >&6; }
+LN_S=$as_ln_s
+if test "$LN_S" = "ln -s"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no, using $LN_S" >&5
+$as_echo "no, using $LN_S" >&6; }
+fi
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5
+$as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; }
+set x ${MAKE-make}
+ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'`
+if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat >conftest.make <<\_ACEOF
+SHELL = /bin/sh
+all:
+	@echo '@@@%%%=$(MAKE)=@@@%%%'
+_ACEOF
+# GNU make sometimes prints "make[1]: Entering ...", which would confuse us.
+case `${MAKE-make} -f conftest.make 2>/dev/null` in
+  *@@@%%%=?*=@@@%%%*)
+    eval ac_cv_prog_make_${ac_make}_set=yes;;
+  *)
+    eval ac_cv_prog_make_${ac_make}_set=no;;
+esac
+rm -f conftest.make
+fi
+if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+  SET_MAKE=
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+  SET_MAKE="MAKE=${MAKE-make}"
+fi
+
+for ac_prog in gawk mawk nawk awk
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_AWK+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$AWK"; then
+  ac_cv_prog_AWK="$AWK" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_AWK="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+AWK=$ac_cv_prog_AWK
+if test -n "$AWK"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AWK" >&5
+$as_echo "$AWK" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$AWK" && break
+done
+
+
+# Extract the first word of "gdb", so it can be a program name with args.
+set dummy gdb; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_GDB+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$GDB"; then
+  ac_cv_prog_GDB="$GDB" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_GDB="yes"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+  test -z "$ac_cv_prog_GDB" && ac_cv_prog_GDB="no"
+fi
+fi
+GDB=$ac_cv_prog_GDB
+if test -n "$GDB"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $GDB" >&5
+$as_echo "$GDB" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+# Extract the first word of "groups", so it can be a program name with args.
+set dummy groups; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_path_BGROUPS+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  case $BGROUPS in
+  [\\/]* | ?:[\\/]*)
+  ac_cv_path_BGROUPS="$BGROUPS" # Let the user override the test with a path.
+  ;;
+  *)
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+as_dummy="/bin:/usr/bin:/usr/local/bin"
+for as_dir in $as_dummy
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_path_BGROUPS="$as_dir/$ac_word$ac_exec_ext"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+  test -z "$ac_cv_path_BGROUPS" && ac_cv_path_BGROUPS="no"
+  ;;
+esac
+fi
+BGROUPS=$ac_cv_path_BGROUPS
+if test -n "$BGROUPS"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $BGROUPS" >&5
+$as_echo "$BGROUPS" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+# Extract the first word of "id", so it can be a program name with args.
+set dummy id; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_path_ID+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  case $ID in
+  [\\/]* | ?:[\\/]*)
+  ac_cv_path_ID="$ID" # Let the user override the test with a path.
+  ;;
+  *)
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+as_dummy="/bin:/usr/bin:/usr/local/bin"
+for as_dir in $as_dummy
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_path_ID="$as_dir/$ac_word$ac_exec_ext"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+  test -z "$ac_cv_path_ID" && ac_cv_path_ID="no"
+  ;;
+esac
+fi
+ID=$ac_cv_path_ID
+if test -n "$ID"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ID" >&5
+$as_echo "$ID" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+
+
+
+
+
+# Check whether --with-debug was given.
+if test "${with_debug+set}" = set; then :
+  withval=$with_debug;
+                if test "x$withval" != "xno" ; then
+                    if test $ac_cv_prog_cc_g = yes; then
+                      if test "$GCC" = yes; then
+                        if test "$GDB"; then
+                          CFLAGS="$CFLAGS -ggdb"
+                        else
+                          CFLAGS="$CFLAGS -g"
+                        fi
+                        CFLAGS="$CFLAGS -Wshadow  -Wconversion"
+                      else
+                        CFLAGS="$CFLAGS -g"
+                      fi
+                   fi
+                fi
+
+else
+
+            if test "X$CFLAGS" = "X "; then # if CFLAGS were unset (see above)
+              if test "$GCC" = yes; then
+                CFLAGS="-O2"
+              fi
+            fi
+
+
+fi
+
+
+
+
+if test "$EMXOS2" = yes; then
+  echo "Skipping user and group validity stuff.";
+
+else
+
+  $ID privoxy >/dev/null 2>/dev/null
+  if test $? -ne 0 ; then
+   { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: There is no user 'privoxy' on this system" >&5
+$as_echo "$as_me: WARNING: There is no user 'privoxy' on this system" >&2;}
+  fi
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for user" >&5
+$as_echo_n "checking for user... " >&6; }
+
+# Check whether --with-user was given.
+if test "${with_user+set}" = set; then :
+  withval=$with_user;
+                if test "x$withval" != "xyes"; then
+                  if test $ID = no ; then
+                    as_fn_error $? "There is no 'id' program on this system" "$LINENO" 5
+                  else
+                    { $as_echo "$as_me:${as_lineno-$LINENO}: result: $with_user" >&5
+$as_echo "$with_user" >&6; }
+                    $ID $with_user 2>/dev/null >/dev/null
+                    if test $? -eq 0 ; then
+                      USER=$with_user;
+                    else
+                      as_fn_error $? "There is no user '$with_user' on this system" "$LINENO" 5
+                    fi
+                  fi
+                  else
+                   as_fn_error $? "We need a user if you give me this parameter" "$LINENO" 5
+                fi
+
+else
+
+          if test $ID = no ; then
+            as_fn_error $? "There is no 'id' programm on this system" "$LINENO" 5
+          else
+            { $as_echo "$as_me:${as_lineno-$LINENO}: result: none specified" >&5
+$as_echo "none specified" >&6; }
+            USER=$with_user
+          fi
+
+
+fi
+
+
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for group" >&5
+$as_echo_n "checking for group... " >&6; }
+
+# Check whether --with-group was given.
+if test "${with_group+set}" = set; then :
+  withval=$with_group;
+                if test "x$withval" != "xyes"; then
+                  if test $BGROUPS = no ; then
+                    as_fn_error $? "There is no 'groups' program on this system" "$LINENO" 5
+                  else
+                    { $as_echo "$as_me:${as_lineno-$LINENO}: result: $with_group" >&5
+$as_echo "$with_group" >&6; }
+                    $BGROUPS $USER >/dev/null
+                    if test $? -eq 0 ; then
+                    # FIXME: this fails if valid group, but not first group
+                    # listed.
+                      if test "$with_group" != "`$BGROUPS $USER | sed 's/.*: //' 2>/dev/null |$AWK '{print $1}'`" ; then
+                        as_fn_error $? "The given value '$withval' does not match group entry" "$LINENO" 5
+                      else
+                        GROUP=$with_group;
+                      fi
+                    else
+                      as_fn_error $? "There is no group entry for user '$USER'" "$LINENO" 5
+                    fi
+                  fi
+                else
+                   as_fn_error $? "We need a group if you give me this parameter" "$LINENO" 5
+                fi
+
+else
+
+          if test $BGROUPS = no ; then
+            as_fn_error $? "There is no 'groups' programm on this system" "$LINENO" 5
+          else
+            { $as_echo "$as_me:${as_lineno-$LINENO}: result: none specified" >&5
+$as_echo "none specified" >&6; }
+            GROUP=$with_group;
+          fi
+
+
+fi
+
+
+
+fi
+
+if test "$GCC"; then
+  if test "$host" != "powerpc-unknown-amigaos"; then
+    CFLAGS="-pipe $CFLAGS"
+  fi
+fi
+
+
+
+
+case $host_os in
+  *mingw32* ) MINGW32=yes;;
+	  * ) MINGW32=no;;
+esac
+
+
+case $host_os in
+  *cygwin* ) CYGWIN=yes;;
+	 * ) CYGWIN=no;;
+esac
+
+
+if test "$MINGW32" = "yes"; then
+  target_type=mingw
+else
+  if test "$CYGWIN" = "yes"; then
+    target_type=cygwin
+  else
+    target_type=unix
+  fi
+fi
+
+if test $dodk = auto; then
+	dodk=no
+	if test $target_type = unix; then
+		case "$host_os" in
+		linux* | gnu*)
+			dodk=yes
+		;;
+		esac
+	fi
+fi
+
+
+# Check whether --enable-mingw32 was given.
+if test "${enable_mingw32+set}" = set; then :
+  enableval=$enable_mingw32; if test $enableval = yes; then
+  target_type=mingw
+fi
+fi
+
+
+if test $target_type = mingw; then
+  WIN_ONLY=
+  SPECIAL_CFLAGS="-mwindows -mno-cygwin"
+  PTHREAD_LIB=-lpthreadGC
+  echo "Using mingw32 (Win32 GUI)"
+else
+  WIN_ONLY=#
+  if test $target_type = cygwin; then
+    SPECIAL_CFLAGS="-mno-win32"
+    PTHREAD_LIB=
+    echo "Using Cygnus (Win32 command line)"
+  else
+    SPECIAL_CFLAGS=
+    PTHREAD_LIB=-lpthread
+  fi
+fi
+
+
+if test $dodk != no; then
+	for ac_prog in w3m lynx links
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_WDUMP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$WDUMP"; then
+  ac_cv_prog_WDUMP="$WDUMP" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_WDUMP="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+WDUMP=$ac_cv_prog_WDUMP
+if test -n "$WDUMP"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $WDUMP" >&5
+$as_echo "$WDUMP" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$WDUMP" && break
+done
+test -n "$WDUMP" || WDUMP="false"
+
+	if test "$WDUMP" = false; then
+		{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: You need some kind of text browser to build documentation \(w3m, lynx and links are supported\)" >&5
+$as_echo "$as_me: WARNING: You need some kind of text browser to build documentation \(w3m, lynx and links are supported\)" >&2;}
+	fi
+	if test $DB2HTML = false; then
+						DB2HTML=""
+		for ac_prog in db2html docbook2html
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_DB2HTML+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$DB2HTML"; then
+  ac_cv_prog_DB2HTML="$DB2HTML" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_DB2HTML="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+DB2HTML=$ac_cv_prog_DB2HTML
+if test -n "$DB2HTML"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DB2HTML" >&5
+$as_echo "$DB2HTML" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$DB2HTML" && break
+done
+test -n "$DB2HTML" || DB2HTML="false"
+
+	fi
+fi
+
+
+
+for ac_prog in rpm
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_RPMBIN+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$RPMBIN"; then
+  ac_cv_prog_RPMBIN="$RPMBIN" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_RPMBIN="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+RPMBIN=$ac_cv_prog_RPMBIN
+if test -n "$RPMBIN"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RPMBIN" >&5
+$as_echo "$RPMBIN" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$RPMBIN" && break
+done
+test -n "$RPMBIN" || RPMBIN="false"
+
+if test $RPMBIN != false; then
+		RPM_BASE=`rpm --eval "%{_topdir}"`
+		if test "$RPM_BASE" = ""; then
+			RPM_BASE=/usr/src/redhat
+		fi
+fi
+
+
+for ac_prog in jade openjade
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_JADEBIN+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$JADEBIN"; then
+  ac_cv_prog_JADEBIN="$JADEBIN" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_JADEBIN="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+JADEBIN=$ac_cv_prog_JADEBIN
+if test -n "$JADEBIN"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $JADEBIN" >&5
+$as_echo "$JADEBIN" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$JADEBIN" && break
+done
+test -n "$JADEBIN" || JADEBIN="false"
+
+
+
+for ac_prog in man2html
+do
+  # Extract the first word of "$ac_prog", so it can be a program name with args.
+set dummy $ac_prog; ac_word=$2
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5
+$as_echo_n "checking for $ac_word... " >&6; }
+if ${ac_cv_prog_MAN2HTML+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -n "$MAN2HTML"; then
+  ac_cv_prog_MAN2HTML="$MAN2HTML" # Let the user override the test.
+else
+as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_exec_ext in '' $ac_executable_extensions; do
+  if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then
+    ac_cv_prog_MAN2HTML="$ac_prog"
+    $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5
+    break 2
+  fi
+done
+  done
+IFS=$as_save_IFS
+
+fi
+fi
+MAN2HTML=$ac_cv_prog_MAN2HTML
+if test -n "$MAN2HTML"; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MAN2HTML" >&5
+$as_echo "$MAN2HTML" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+fi
+
+
+  test -n "$MAN2HTML" && break
+done
+test -n "$MAN2HTML" || MAN2HTML="false"
+
+
+
+DOC_STATUS=p-not-stable
+if  test $CODE_STATUS = stable; then
+     DOC_STATUS="p-stable"
+fi
+
+
+JADECAT=""
+if test $dodk = yes; then
+  if test $DKPREFIX = none; then
+    for i in /usr/share/sgml/docbook/dsssl-stylesheets \
+             /usr/share/sgml/docbkdsl /usr/share/sgml/docbook-dsssl \
+             /usr/local/share/sgml/docbook/dsssl/modular \
+             /usr/share/sgml/docbook/stylesheet/dsssl/modular/ \
+             ; do
+      { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $i" >&5
+$as_echo_n "checking for $i... " >&6; }
+      if test -f $i/html/docbook.dsl; then
+        echo "yes"
+        DKPREFIX=$i
+        break
+      else
+        echo "no"
+      fi
+    done
+# where are the catalogs?
+    for i in /usr/share/sgml/CATALOG.docbk30 \
+             /usr/share/sgml/CATALOG.docbk31 \
+             /usr/share/sgml/CATALOG.docbk31 \
+             /usr/local/share/sgml/docbook/3.0/docbook.cat \
+             /usr/local/share/sgml/docbook/3.1/docbook.cat \
+             /usr/share/sgml/docbook/dtd/3.1/docbook.cat \
+             ; do
+      { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $i" >&5
+$as_echo_n "checking for $i... " >&6; }
+      if test -f $i; then
+        echo "yes"
+        JADECAT="$JADECAT -c $i"
+      else
+        echo "no"
+      fi
+    done
+  fi
+fi
+
+
+
+old_CFLAGS_nospecial=$CFLAGS
+CFLAGS="$CFLAGS $SPECIAL_CFLAGS"
+
+# Hack to force AutoConf to use the CFLAGS we just set
+ac_cpp='$CPP $CPPFLAGS $SPECIAL_CFLAGS'
+ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
+ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5
+$as_echo_n "checking for grep that handles long lines and -e... " >&6; }
+if ${ac_cv_path_GREP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test -z "$GREP"; then
+  ac_path_GREP_found=false
+  # Loop through the user's path and test for each of PROGNAME-LIST
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_prog in grep ggrep; do
+    for ac_exec_ext in '' $ac_executable_extensions; do
+      ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext"
+      { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue
+# Check for GNU ac_path_GREP and select it if it is found.
+  # Check for GNU $ac_path_GREP
+case `"$ac_path_GREP" --version 2>&1` in
+*GNU*)
+  ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;;
+*)
+  ac_count=0
+  $as_echo_n 0123456789 >"conftest.in"
+  while :
+  do
+    cat "conftest.in" "conftest.in" >"conftest.tmp"
+    mv "conftest.tmp" "conftest.in"
+    cp "conftest.in" "conftest.nl"
+    $as_echo 'GREP' >> "conftest.nl"
+    "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break
+    diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
+    as_fn_arith $ac_count + 1 && ac_count=$as_val
+    if test $ac_count -gt ${ac_path_GREP_max-0}; then
+      # Best one so far, save it but keep looking for a better one
+      ac_cv_path_GREP="$ac_path_GREP"
+      ac_path_GREP_max=$ac_count
+    fi
+    # 10*(2^10) chars as input seems more than enough
+    test $ac_count -gt 10 && break
+  done
+  rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
+esac
+
+      $ac_path_GREP_found && break 3
+    done
+  done
+  done
+IFS=$as_save_IFS
+  if test -z "$ac_cv_path_GREP"; then
+    as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
+  fi
+else
+  ac_cv_path_GREP=$GREP
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5
+$as_echo "$ac_cv_path_GREP" >&6; }
+ GREP="$ac_cv_path_GREP"
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5
+$as_echo_n "checking for egrep... " >&6; }
+if ${ac_cv_path_EGREP+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if echo a | $GREP -E '(a|b)' >/dev/null 2>&1
+   then ac_cv_path_EGREP="$GREP -E"
+   else
+     if test -z "$EGREP"; then
+  ac_path_EGREP_found=false
+  # Loop through the user's path and test for each of PROGNAME-LIST
+  as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    for ac_prog in egrep; do
+    for ac_exec_ext in '' $ac_executable_extensions; do
+      ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext"
+      { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue
+# Check for GNU ac_path_EGREP and select it if it is found.
+  # Check for GNU $ac_path_EGREP
+case `"$ac_path_EGREP" --version 2>&1` in
+*GNU*)
+  ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;;
+*)
+  ac_count=0
+  $as_echo_n 0123456789 >"conftest.in"
+  while :
+  do
+    cat "conftest.in" "conftest.in" >"conftest.tmp"
+    mv "conftest.tmp" "conftest.in"
+    cp "conftest.in" "conftest.nl"
+    $as_echo 'EGREP' >> "conftest.nl"
+    "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break
+    diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break
+    as_fn_arith $ac_count + 1 && ac_count=$as_val
+    if test $ac_count -gt ${ac_path_EGREP_max-0}; then
+      # Best one so far, save it but keep looking for a better one
+      ac_cv_path_EGREP="$ac_path_EGREP"
+      ac_path_EGREP_max=$ac_count
+    fi
+    # 10*(2^10) chars as input seems more than enough
+    test $ac_count -gt 10 && break
+  done
+  rm -f conftest.in conftest.tmp conftest.nl conftest.out;;
+esac
+
+      $ac_path_EGREP_found && break 3
+    done
+  done
+  done
+IFS=$as_save_IFS
+  if test -z "$ac_cv_path_EGREP"; then
+    as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5
+  fi
+else
+  ac_cv_path_EGREP=$EGREP
+fi
+
+   fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5
+$as_echo "$ac_cv_path_EGREP" >&6; }
+ EGREP="$ac_cv_path_EGREP"
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5
+$as_echo_n "checking for ANSI C header files... " >&6; }
+if ${ac_cv_header_stdc+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <stdlib.h>
+#include <stdarg.h>
+#include <string.h>
+#include <float.h>
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_header_stdc=yes
+else
+  ac_cv_header_stdc=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+if test $ac_cv_header_stdc = yes; then
+  # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <string.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "memchr" >/dev/null 2>&1; then :
+
+else
+  ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+  # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <stdlib.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "free" >/dev/null 2>&1; then :
+
+else
+  ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+  # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi.
+  if test "$cross_compiling" = yes; then :
+  :
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <ctype.h>
+#include <stdlib.h>
+#if ((' ' & 0x0FF) == 0x020)
+# define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
+# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c))
+#else
+# define ISLOWER(c) \
+		   (('a' <= (c) && (c) <= 'i') \
+		     || ('j' <= (c) && (c) <= 'r') \
+		     || ('s' <= (c) && (c) <= 'z'))
+# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c))
+#endif
+
+#define XOR(e, f) (((e) && !(f)) || (!(e) && (f)))
+int
+main ()
+{
+  int i;
+  for (i = 0; i < 256; i++)
+    if (XOR (islower (i), ISLOWER (i))
+	|| toupper (i) != TOUPPER (i))
+      return 2;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"; then :
+
+else
+  ac_cv_header_stdc=no
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+  conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+
+fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5
+$as_echo "$ac_cv_header_stdc" >&6; }
+if test $ac_cv_header_stdc = yes; then
+
+$as_echo "#define STDC_HEADERS 1" >>confdefs.h
+
+fi
+
+# On IRIX 5.3, sys/types and inttypes.h are conflicting.
+for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \
+		  inttypes.h stdint.h unistd.h
+do :
+  as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
+ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default
+"
+if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
+  cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+ac_fn_c_check_header_mongrel "$LINENO" "pthread.h" "ac_cv_header_pthread_h" "$ac_includes_default"
+if test "x$ac_cv_header_pthread_h" = xyes; then :
+  have_pthread=yes
+else
+  have_pthread=no
+fi
+
+
+
+# Check whether --enable-pthread was given.
+if test "${enable_pthread+set}" = set; then :
+  enableval=$enable_pthread; if test $enableval = no; then
+  # Disable pthreads
+  if test $have_pthread = yes; then
+     { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: pthreads seem to be available but you are using --disable-pthread." >&5
+$as_echo "$as_me: WARNING: pthreads seem to be available but you are using --disable-pthread." >&2;}
+     { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: This is almost always a mistake and can render Privoxy unacceptable slow." >&5
+$as_echo "$as_me: WARNING: This is almost always a mistake and can render Privoxy unacceptable slow." >&2;}
+  fi
+  have_pthread=no
+fi
+fi
+
+
+if test $have_pthread = yes; then
+  PTHREAD_ONLY=
+  $as_echo "#define FEATURE_PTHREAD 1" >>confdefs.h
+
+  echo Using POSIX threads
+  if test "$GCC" = "yes"; then
+    # Set a GCC specific switch:
+    if test "$target_type" = "unix"; then
+      ac_jgf_save_CFLAGS=$CFLAGS
+      CFLAGS="$CFLAGS -pthread"
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <pthread.h>
+int
+main ()
+{
+void *p = pthread_create;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+
+          # This compiler switch makes GCC on Linux thread-safe
+          # However, it's not supported on most other OS.
+          PTHREAD_LIB=
+          SPECIAL_CFLAGS="-pthread"
+
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+      CFLAGS=$ac_jgf_save_CFLAGS
+    fi
+  fi
+else
+  PTHREAD_ONLY=#
+  echo Using native threads
+fi
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for gethostbyname in -lnsl" >&5
+$as_echo_n "checking for gethostbyname in -lnsl... " >&6; }
+if ${ac_cv_lib_nsl_gethostbyname+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-lnsl  $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char gethostbyname ();
+int
+main ()
+{
+return gethostbyname ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_nsl_gethostbyname=yes
+else
+  ac_cv_lib_nsl_gethostbyname=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_nsl_gethostbyname" >&5
+$as_echo "$ac_cv_lib_nsl_gethostbyname" >&6; }
+if test "x$ac_cv_lib_nsl_gethostbyname" = xyes; then :
+  cat >>confdefs.h <<_ACEOF
+#define HAVE_LIBNSL 1
+_ACEOF
+
+  LIBS="-lnsl $LIBS"
+
+fi
+
+
+ac_fn_c_check_func "$LINENO" "gethostbyaddr_r" "ac_cv_func_gethostbyaddr_r"
+if test "x$ac_cv_func_gethostbyaddr_r" = xyes; then :
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking signature of gethostbyaddr_r" >&5
+$as_echo_n "checking signature of gethostbyaddr_r... " >&6; }
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#   include <netdb.h>
+
+int
+main ()
+{
+
+    struct hostent *h, *hp;
+    char *a, *b;
+    int l, bl, t, e;
+    (void) gethostbyaddr_r(a, l, t, h, b, bl, &hp, &e)
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+    $as_echo "#define HAVE_GETHOSTBYADDR_R_8_ARGS 1" >>confdefs.h
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: 8 args" >&5
+$as_echo "8 args" >&6; }
+
+else
+
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#     include <netdb.h>
+
+int
+main ()
+{
+
+      struct hostent *h;
+      char *a, *b;
+      int l, bl, t, e;
+      (void) gethostbyaddr_r(a, l, t, h, b, bl, &e)
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+      $as_echo "#define HAVE_GETHOSTBYADDR_R_7_ARGS 1" >>confdefs.h
+
+      { $as_echo "$as_me:${as_lineno-$LINENO}: result: 7 args" >&5
+$as_echo "7 args" >&6; }
+
+else
+
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#       include <netdb.h>
+
+int
+main ()
+{
+
+        struct hostent_data *d;
+        struct hostent *h;
+        char a,
+        int l, t;
+        (void) gethostbyaddr_r(a, l, t, h, d)
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+        $as_echo "#define HAVE_GETHOSTBYADDR_R_5_ARGS 1" >>confdefs.h
+
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: 5 args" >&5
+$as_echo "5 args" >&6; }
+
+else
+
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: unrecognised" >&5
+$as_echo "unrecognised" >&6; }
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+else
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+
+fi
+
+
+ac_fn_c_check_func "$LINENO" "gethostbyname_r" "ac_cv_func_gethostbyname_r"
+if test "x$ac_cv_func_gethostbyname_r" = xyes; then :
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking signature of gethostbyname_r" >&5
+$as_echo_n "checking signature of gethostbyname_r... " >&6; }
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#   include <netdb.h>
+
+int
+main ()
+{
+
+    struct hostent *h, *r;
+    char *n, *b;
+    int bl, e;
+    (void) gethostbyname_r(n, h, b, bl, &r, &e)
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+    $as_echo "#define HAVE_GETHOSTBYNAME_R_6_ARGS 1" >>confdefs.h
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: 6 args" >&5
+$as_echo "6 args" >&6; }
+
+else
+
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#     include <netdb.h>
+
+int
+main ()
+{
+
+      struct hostent *h;
+      char *n, *b;
+      int bl, e;
+      (void) gethostbyname_r(n, h, b, bl, &e)
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+      $as_echo "#define HAVE_GETHOSTBYNAME_R_5_ARGS 1" >>confdefs.h
+
+      { $as_echo "$as_me:${as_lineno-$LINENO}: result: 5 args" >&5
+$as_echo "5 args" >&6; }
+
+else
+
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#       include <netdb.h>
+
+int
+main ()
+{
+
+        struct hostent_data *d;
+        struct hostent *h;
+        char *n,
+        (void) gethostbyname_r(n, h, d)
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+        $as_echo "#define HAVE_GETHOSTBYNAME_R_3_ARGS 1" >>confdefs.h
+
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: 3 args" >&5
+$as_echo "3 args" >&6; }
+
+else
+
+        { $as_echo "$as_me:${as_lineno-$LINENO}: result: unrecognised" >&5
+$as_echo "unrecognised" >&6; }
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+else
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+
+fi
+
+
+ac_fn_c_check_func "$LINENO" "gmtime_r" "ac_cv_func_gmtime_r"
+if test "x$ac_cv_func_gmtime_r" = xyes; then :
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking signature of gmtime_r" >&5
+$as_echo_n "checking signature of gmtime_r... " >&6; }
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#   include <time.h>
+
+int
+main ()
+{
+
+    struct time *t;
+    struct tm *tm;
+    (void) gmtime_r(t, tm)
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: ok" >&5
+$as_echo "ok" >&6; }
+    $as_echo "#define HAVE_GMTIME_R 1" >>confdefs.h
+
+
+else
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: unrecognised" >&5
+$as_echo "unrecognised" >&6; }
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+else
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+
+fi
+
+
+ac_fn_c_check_func "$LINENO" "localtime_r" "ac_cv_func_localtime_r"
+if test "x$ac_cv_func_localtime_r" = xyes; then :
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking signature of localtime_r" >&5
+$as_echo_n "checking signature of localtime_r... " >&6; }
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+#   include <time.h>
+
+int
+main ()
+{
+
+    struct time *t;
+    struct tm *tm;
+    (void) localtime_r(t, tm)
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: ok" >&5
+$as_echo "ok" >&6; }
+    $as_echo "#define HAVE_LOCALTIME_R 1" >>confdefs.h
+
+
+else
+
+    { $as_echo "$as_me:${as_lineno-$LINENO}: result: unrecognised" >&5
+$as_echo "unrecognised" >&6; }
+
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+else
+
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+
+fi
+
+
+
+
+SOCKET_LIB=
+
+case "$host" in
+*-solaris*) SOCKET_LIB="-lsocket -lnsl"
+            $as_echo "#define __EXTENSIONS__ 1" >>confdefs.h
+
+            if test "$GCC" = "yes"; then
+              # Set a GCC specific switch:
+              # This compiler switch makes Solaris thread-safe
+              PTHREAD_LIB=
+              SPECIAL_CFLAGS="-pthreads"
+            else
+              # What do we do without GCC? Guess this:
+              SPECIAL_CFLAGS="-D_REENTRANT"
+            fi
+;;
+esac
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for socklen_t" >&5
+$as_echo_n "checking for socklen_t... " >&6; }
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <sys/socket.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "socklen_t" >/dev/null 2>&1; then :
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5
+$as_echo "yes" >&6; }
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5
+$as_echo "no" >&6; }
+
+$as_echo "#define socklen_t int" >>confdefs.h
+
+fi
+rm -f conftest*
+
+
+
+
+case "$host" in
+*-os2-emx*) SOCKET_LIB=-lsocket
+;;
+esac
+
+
+
+
+case "$host" in
+*-apple-darwin*) SPECIAL_CFLAGS="-Dunix"
+;;
+esac
+
+
+case "$host" in
+*-openbsd*) SPECIAL_CFLAGS="$SPECIAL_CFLAGS -Dunix"
+;;
+esac
+
+
+AMIGAOS_ONLY=#
+
+case "$host" in
+*-amigaos) AMIGAOS_ONLY=
+;;
+esac
+
+
+
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5
+$as_echo_n "checking for ANSI C header files... " >&6; }
+if ${ac_cv_header_stdc+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <stdlib.h>
+#include <stdarg.h>
+#include <string.h>
+#include <float.h>
+
+int
+main ()
+{
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_header_stdc=yes
+else
+  ac_cv_header_stdc=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+
+if test $ac_cv_header_stdc = yes; then
+  # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <string.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "memchr" >/dev/null 2>&1; then :
+
+else
+  ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+  # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <stdlib.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "free" >/dev/null 2>&1; then :
+
+else
+  ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+  # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi.
+  if test "$cross_compiling" = yes; then :
+  :
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <ctype.h>
+#include <stdlib.h>
+#if ((' ' & 0x0FF) == 0x020)
+# define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
+# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c))
+#else
+# define ISLOWER(c) \
+		   (('a' <= (c) && (c) <= 'i') \
+		     || ('j' <= (c) && (c) <= 'r') \
+		     || ('s' <= (c) && (c) <= 'z'))
+# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c))
+#endif
+
+#define XOR(e, f) (((e) && !(f)) || (!(e) && (f)))
+int
+main ()
+{
+  int i;
+  for (i = 0; i < 256; i++)
+    if (XOR (islower (i), ISLOWER (i))
+	|| toupper (i) != TOUPPER (i))
+      return 2;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"; then :
+
+else
+  ac_cv_header_stdc=no
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+  conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+
+fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5
+$as_echo "$ac_cv_header_stdc" >&6; }
+if test $ac_cv_header_stdc = yes; then
+
+$as_echo "#define STDC_HEADERS 1" >>confdefs.h
+
+fi
+
+ac_header_dirent=no
+for ac_hdr in dirent.h sys/ndir.h sys/dir.h ndir.h; do
+  as_ac_Header=`$as_echo "ac_cv_header_dirent_$ac_hdr" | $as_tr_sh`
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_hdr that defines DIR" >&5
+$as_echo_n "checking for $ac_hdr that defines DIR... " >&6; }
+if eval \${$as_ac_Header+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <sys/types.h>
+#include <$ac_hdr>
+
+int
+main ()
+{
+if ((DIR *) 0)
+return 0;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  eval "$as_ac_Header=yes"
+else
+  eval "$as_ac_Header=no"
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+eval ac_res=\$$as_ac_Header
+	       { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5
+$as_echo "$ac_res" >&6; }
+if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
+  cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_hdr" | $as_tr_cpp` 1
+_ACEOF
+
+ac_header_dirent=$ac_hdr; break
+fi
+
+done
+# Two versions of opendir et al. are in -ldir and -lx on SCO Xenix.
+if test $ac_header_dirent = dirent.h; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing opendir" >&5
+$as_echo_n "checking for library containing opendir... " >&6; }
+if ${ac_cv_search_opendir+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_func_search_save_LIBS=$LIBS
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char opendir ();
+int
+main ()
+{
+return opendir ();
+  ;
+  return 0;
+}
+_ACEOF
+for ac_lib in '' dir; do
+  if test -z "$ac_lib"; then
+    ac_res="none required"
+  else
+    ac_res=-l$ac_lib
+    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
+  fi
+  if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_search_opendir=$ac_res
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext
+  if ${ac_cv_search_opendir+:} false; then :
+  break
+fi
+done
+if ${ac_cv_search_opendir+:} false; then :
+
+else
+  ac_cv_search_opendir=no
+fi
+rm conftest.$ac_ext
+LIBS=$ac_func_search_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_opendir" >&5
+$as_echo "$ac_cv_search_opendir" >&6; }
+ac_res=$ac_cv_search_opendir
+if test "$ac_res" != no; then :
+  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
+
+fi
+
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing opendir" >&5
+$as_echo_n "checking for library containing opendir... " >&6; }
+if ${ac_cv_search_opendir+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_func_search_save_LIBS=$LIBS
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char opendir ();
+int
+main ()
+{
+return opendir ();
+  ;
+  return 0;
+}
+_ACEOF
+for ac_lib in '' x; do
+  if test -z "$ac_lib"; then
+    ac_res="none required"
+  else
+    ac_res=-l$ac_lib
+    LIBS="-l$ac_lib  $ac_func_search_save_LIBS"
+  fi
+  if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_search_opendir=$ac_res
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext
+  if ${ac_cv_search_opendir+:} false; then :
+  break
+fi
+done
+if ${ac_cv_search_opendir+:} false; then :
+
+else
+  ac_cv_search_opendir=no
+fi
+rm conftest.$ac_ext
+LIBS=$ac_func_search_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_opendir" >&5
+$as_echo "$ac_cv_search_opendir" >&6; }
+ac_res=$ac_cv_search_opendir
+if test "$ac_res" != no; then :
+  test "$ac_res" = "none required" || LIBS="$ac_res $LIBS"
+
+fi
+
+fi
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for an ANSI C-conforming const" >&5
+$as_echo_n "checking for an ANSI C-conforming const... " >&6; }
+if ${ac_cv_c_const+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+int
+main ()
+{
+/* FIXME: Include the comments suggested by Paul. */
+#ifndef __cplusplus
+  /* Ultrix mips cc rejects this.  */
+  typedef int charset[2];
+  const charset cs;
+  /* SunOS 4.1.1 cc rejects this.  */
+  char const *const *pcpcc;
+  char **ppc;
+  /* NEC SVR4.0.2 mips cc rejects this.  */
+  struct point {int x, y;};
+  static struct point const zero = {0,0};
+  /* AIX XL C 1.02.0.0 rejects this.
+     It does not let you subtract one const X* pointer from another in
+     an arm of an if-expression whose if-part is not a constant
+     expression */
+  const char *g = "string";
+  pcpcc = &g + (g ? g-g : 0);
+  /* HPUX 7.0 cc rejects these. */
+  ++pcpcc;
+  ppc = (char**) pcpcc;
+  pcpcc = (char const *const *) ppc;
+  { /* SCO 3.2v4 cc rejects this.  */
+    char *t;
+    char const *s = 0 ? (char *) 0 : (char const *) 0;
+
+    *t++ = 0;
+    if (s) return 0;
+  }
+  { /* Someone thinks the Sun supposedly-ANSI compiler will reject this.  */
+    int x[] = {25, 17};
+    const int *foo = &x[0];
+    ++foo;
+  }
+  { /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */
+    typedef const int *iptr;
+    iptr p = 0;
+    ++p;
+  }
+  { /* AIX XL C 1.02.0.0 rejects this saying
+       "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */
+    struct s { int j; const int *ap[3]; };
+    struct s *b; b->j = 5;
+  }
+  { /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */
+    const int foo = 10;
+    if (!foo) return 0;
+  }
+  return !cs[0] && !zero.x;
+#endif
+
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_c_const=yes
+else
+  ac_cv_c_const=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_const" >&5
+$as_echo "$ac_cv_c_const" >&6; }
+if test $ac_cv_c_const = no; then
+
+$as_echo "#define const /**/" >>confdefs.h
+
+fi
+
+ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default"
+if test "x$ac_cv_type_size_t" = xyes; then :
+
+else
+
+cat >>confdefs.h <<_ACEOF
+#define size_t unsigned int
+_ACEOF
+
+fi
+
+ac_fn_c_check_type "$LINENO" "pid_t" "ac_cv_type_pid_t" "$ac_includes_default"
+if test "x$ac_cv_type_pid_t" = xyes; then :
+
+else
+
+cat >>confdefs.h <<_ACEOF
+#define pid_t int
+_ACEOF
+
+fi
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether time.h and sys/time.h may both be included" >&5
+$as_echo_n "checking whether time.h and sys/time.h may both be included... " >&6; }
+if ${ac_cv_header_time+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <sys/types.h>
+#include <sys/time.h>
+#include <time.h>
+
+int
+main ()
+{
+if ((struct tm *) 0)
+return 0;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_header_time=yes
+else
+  ac_cv_header_time=no
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_time" >&5
+$as_echo "$ac_cv_header_time" >&6; }
+if test $ac_cv_header_time = yes; then
+
+$as_echo "#define TIME_WITH_SYS_TIME 1" >>confdefs.h
+
+fi
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether struct tm is in sys/time.h or time.h" >&5
+$as_echo_n "checking whether struct tm is in sys/time.h or time.h... " >&6; }
+if ${ac_cv_struct_tm+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <sys/types.h>
+#include <time.h>
+
+int
+main ()
+{
+struct tm tm;
+				     int *p = &tm.tm_sec;
+				     return !p;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_struct_tm=time.h
+else
+  ac_cv_struct_tm=sys/time.h
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_struct_tm" >&5
+$as_echo "$ac_cv_struct_tm" >&6; }
+if test $ac_cv_struct_tm = sys/time.h; then
+
+$as_echo "#define TM_IN_SYS_TIME 1" >>confdefs.h
+
+fi
+
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of int" >&5
+$as_echo_n "checking size of int... " >&6; }
+if ${ac_cv_sizeof_int+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (int))" "ac_cv_sizeof_int"        "$ac_includes_default"; then :
+
+else
+  if test "$ac_cv_type_int" = yes; then
+     { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (int)
+See \`config.log' for more details" "$LINENO" 5; }
+   else
+     ac_cv_sizeof_int=0
+   fi
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_int" >&5
+$as_echo "$ac_cv_sizeof_int" >&6; }
+
+
+
+cat >>confdefs.h <<_ACEOF
+#define SIZEOF_INT $ac_cv_sizeof_int
+_ACEOF
+
+
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of char *" >&5
+$as_echo_n "checking size of char *... " >&6; }
+if ${ac_cv_sizeof_char_p+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (char *))" "ac_cv_sizeof_char_p"        "$ac_includes_default"; then :
+
+else
+  if test "$ac_cv_type_char_p" = yes; then
+     { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (char *)
+See \`config.log' for more details" "$LINENO" 5; }
+   else
+     ac_cv_sizeof_char_p=0
+   fi
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_char_p" >&5
+$as_echo "$ac_cv_sizeof_char_p" >&6; }
+
+
+
+cat >>confdefs.h <<_ACEOF
+#define SIZEOF_CHAR_P $ac_cv_sizeof_char_p
+_ACEOF
+
+
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of long" >&5
+$as_echo_n "checking size of long... " >&6; }
+if ${ac_cv_sizeof_long+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (long))" "ac_cv_sizeof_long"        "$ac_includes_default"; then :
+
+else
+  if test "$ac_cv_type_long" = yes; then
+     { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (long)
+See \`config.log' for more details" "$LINENO" 5; }
+   else
+     ac_cv_sizeof_long=0
+   fi
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_long" >&5
+$as_echo "$ac_cv_sizeof_long" >&6; }
+
+
+
+cat >>confdefs.h <<_ACEOF
+#define SIZEOF_LONG $ac_cv_sizeof_long
+_ACEOF
+
+
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of long long" >&5
+$as_echo_n "checking size of long long... " >&6; }
+if ${ac_cv_sizeof_long_long+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (long long))" "ac_cv_sizeof_long_long"        "$ac_includes_default"; then :
+
+else
+  if test "$ac_cv_type_long_long" = yes; then
+     { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (long long)
+See \`config.log' for more details" "$LINENO" 5; }
+   else
+     ac_cv_sizeof_long_long=0
+   fi
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_long_long" >&5
+$as_echo "$ac_cv_sizeof_long_long" >&6; }
+
+
+
+cat >>confdefs.h <<_ACEOF
+#define SIZEOF_LONG_LONG $ac_cv_sizeof_long_long
+_ACEOF
+
+
+# The cast to long int works around a bug in the HP C Compiler
+# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects
+# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'.
+# This bug is HP SR number 8606223364.
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of size_t" >&5
+$as_echo_n "checking size of size_t... " >&6; }
+if ${ac_cv_sizeof_size_t+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (size_t))" "ac_cv_sizeof_size_t"        "$ac_includes_default"; then :
+
+else
+  if test "$ac_cv_type_size_t" = yes; then
+     { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5
+$as_echo "$as_me: error: in \`$ac_pwd':" >&2;}
+as_fn_error 77 "cannot compute sizeof (size_t)
+See \`config.log' for more details" "$LINENO" 5; }
+   else
+     ac_cv_sizeof_size_t=0
+   fi
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_size_t" >&5
+$as_echo "$ac_cv_sizeof_size_t" >&6; }
+
+
+
+cat >>confdefs.h <<_ACEOF
+#define SIZEOF_SIZE_T $ac_cv_sizeof_size_t
+_ACEOF
+
+
+
+for ac_header in OS.h arpa/inet.h errno.h fcntl.h limits.h locale.h netdb.h netinet/in.h stddef.h stdlib.h string.h sys/ioctl.h sys/socket.h sys/time.h sys/timeb.h sys/wait.h unistd.h
+do :
+  as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh`
+ac_fn_c_check_header_mongrel "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default"
+if eval test \"x\$"$as_ac_Header"\" = x"yes"; then :
+  cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+
+done
+
+
+for ac_func in strerror bcopy memmove
+do :
+  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
+ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
+if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
+  cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+if test $ac_cv_c_compiler_gnu = yes; then
+    { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC needs -traditional" >&5
+$as_echo_n "checking whether $CC needs -traditional... " >&6; }
+if ${ac_cv_prog_gcc_traditional+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+    ac_pattern="Autoconf.*'x'"
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <sgtty.h>
+Autoconf TIOCGETP
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "$ac_pattern" >/dev/null 2>&1; then :
+  ac_cv_prog_gcc_traditional=yes
+else
+  ac_cv_prog_gcc_traditional=no
+fi
+rm -f conftest*
+
+
+  if test $ac_cv_prog_gcc_traditional = no; then
+    cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <termio.h>
+Autoconf TCGETA
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "$ac_pattern" >/dev/null 2>&1; then :
+  ac_cv_prog_gcc_traditional=yes
+fi
+rm -f conftest*
+
+  fi
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_gcc_traditional" >&5
+$as_echo "$ac_cv_prog_gcc_traditional" >&6; }
+  if test $ac_cv_prog_gcc_traditional = yes; then
+    CC="$CC -traditional"
+  fi
+fi
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether setpgrp takes no argument" >&5
+$as_echo_n "checking whether setpgrp takes no argument... " >&6; }
+if ${ac_cv_func_setpgrp_void+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  if test "$cross_compiling" = yes; then :
+  as_fn_error $? "cannot check setpgrp when cross compiling" "$LINENO" 5
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+$ac_includes_default
+int
+main ()
+{
+/* If this system has a BSD-style setpgrp which takes arguments,
+  setpgrp(1, 1) will fail with ESRCH and return -1, in that case
+  exit successfully. */
+  return setpgrp (1,1) != -1;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_run "$LINENO"; then :
+  ac_cv_func_setpgrp_void=no
+else
+  ac_cv_func_setpgrp_void=yes
+fi
+rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \
+  conftest.$ac_objext conftest.beam conftest.$ac_ext
+fi
+
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_func_setpgrp_void" >&5
+$as_echo "$ac_cv_func_setpgrp_void" >&6; }
+if test $ac_cv_func_setpgrp_void = yes; then
+
+$as_echo "#define SETPGRP_VOID 1" >>confdefs.h
+
+fi
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking return type of signal handlers" >&5
+$as_echo_n "checking return type of signal handlers... " >&6; }
+if ${ac_cv_type_signal+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <sys/types.h>
+#include <signal.h>
+
+int
+main ()
+{
+return *(signal (0, 0)) (0) == 1;
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_compile "$LINENO"; then :
+  ac_cv_type_signal=int
+else
+  ac_cv_type_signal=void
+fi
+rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_type_signal" >&5
+$as_echo "$ac_cv_type_signal" >&6; }
+
+cat >>confdefs.h <<_ACEOF
+#define RETSIGTYPE $ac_cv_type_signal
+_ACEOF
+
+
+for ac_func in access atexit getcwd gethostbyaddr gethostbyaddr_r gethostbyname gethostbyname_r gettimeofday inet_ntoa localtime_r memchr memmove memset poll putenv random regcomp select setlocale snprintf socket strchr strdup strerror strftime strlcat strlcpy strptime strstr strtoul timegm tzset
+do :
+  as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
+ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
+if eval test \"x\$"$as_ac_var"\" = x"yes"; then :
+  cat >>confdefs.h <<_ACEOF
+#define `$as_echo "HAVE_$ac_func" | $as_tr_cpp` 1
+_ACEOF
+
+fi
+done
+
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for pcre_compile in -lpcre" >&5
+$as_echo_n "checking for pcre_compile in -lpcre... " >&6; }
+if ${ac_cv_lib_pcre_pcre_compile+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-lpcre  $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char pcre_compile ();
+int
+main ()
+{
+return pcre_compile ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_pcre_pcre_compile=yes
+else
+  ac_cv_lib_pcre_pcre_compile=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pcre_pcre_compile" >&5
+$as_echo "$ac_cv_lib_pcre_pcre_compile" >&6; }
+if test "x$ac_cv_lib_pcre_pcre_compile" = xyes; then :
+
+   ac_fn_c_check_header_mongrel "$LINENO" "pcre.h" "ac_cv_header_pcre_h" "$ac_includes_default"
+if test "x$ac_cv_header_pcre_h" = xyes; then :
+
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <pcre.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "pcre_fullinfo" >/dev/null 2>&1; then :
+  have_pcre=yes
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: pcre old version installed" >&5
+$as_echo "$as_me: WARNING: pcre old version installed" >&2;}; have_pcre=no
+fi
+rm -f conftest*
+
+
+else
+
+      ac_fn_c_check_header_mongrel "$LINENO" "pcre/pcre.h" "ac_cv_header_pcre_pcre_h" "$ac_includes_default"
+if test "x$ac_cv_header_pcre_pcre_h" = xyes; then :
+
+         cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <pcre/pcre.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "pcre_fullinfo" >/dev/null 2>&1; then :
+  have_pcre=yes; $as_echo "#define PCRE_H_IN_SUBDIR 1" >>confdefs.h
+
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: pcre old version installed" >&5
+$as_echo "$as_me: WARNING: pcre old version installed" >&2;}; have_pcre=no
+fi
+rm -f conftest*
+
+
+else
+  have_pcre=no
+fi
+
+
+
+fi
+
+
+
+else
+  have_pcre=no
+fi
+
+
+{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for regcomp in -lpcreposix" >&5
+$as_echo_n "checking for regcomp in -lpcreposix... " >&6; }
+if ${ac_cv_lib_pcreposix_regcomp+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-lpcreposix -lpcre $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char regcomp ();
+int
+main ()
+{
+return regcomp ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_pcreposix_regcomp=yes
+else
+  ac_cv_lib_pcreposix_regcomp=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pcreposix_regcomp" >&5
+$as_echo "$ac_cv_lib_pcreposix_regcomp" >&6; }
+if test "x$ac_cv_lib_pcreposix_regcomp" = xyes; then :
+
+   ac_fn_c_check_header_mongrel "$LINENO" "pcreposix.h" "ac_cv_header_pcreposix_h" "$ac_includes_default"
+if test "x$ac_cv_header_pcreposix_h" = xyes; then :
+
+      cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <pcreposix.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "pcreposix_regerror" >/dev/null 2>&1; then :
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: pcreposix old version installed" >&5
+$as_echo "$as_me: WARNING: pcreposix old version installed" >&2;}; have_pcreposix=no
+else
+  have_pcreposix=yes
+fi
+rm -f conftest*
+
+
+else
+
+      ac_fn_c_check_header_mongrel "$LINENO" "pcre/pcreposix.h" "ac_cv_header_pcre_pcreposix_h" "$ac_includes_default"
+if test "x$ac_cv_header_pcre_pcreposix_h" = xyes; then :
+
+         cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+#include <pcre/pcreposix.h>
+
+_ACEOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  $EGREP "pcreposix_regerror" >/dev/null 2>&1; then :
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: pcreposix old version installed" >&5
+$as_echo "$as_me: WARNING: pcreposix old version installed" >&2;}; have_pcreposix=no
+else
+  have_pcreposix=yes; $as_echo "#define PCREPOSIX_H_IN_SUBDIR 1" >>confdefs.h
+
+fi
+rm -f conftest*
+
+
+else
+  have_pcreposix=no
+fi
+
+
+
+fi
+
+
+
+else
+  have_pcreposix=no
+fi
+
+
+
+
+$as_echo "#define __MT__ 1" >>confdefs.h
+
+
+
+# Check whether --enable-toggle was given.
+if test "${enable_toggle+set}" = set; then :
+  enableval=$enable_toggle; if test $enableval = yes; then
+  $as_echo "#define FEATURE_TOGGLE 1" >>confdefs.h
+
+fi
+else
+  $as_echo "#define FEATURE_TOGGLE 1" >>confdefs.h
+
+fi
+
+
+# Check whether --enable-force was given.
+if test "${enable_force+set}" = set; then :
+  enableval=$enable_force; if test $enableval = yes; then
+  $as_echo "#define FEATURE_FORCE_LOAD 1" >>confdefs.h
+
+fi
+else
+  $as_echo "#define FEATURE_FORCE_LOAD 1" >>confdefs.h
+
+fi
+
+
+# Check whether --enable-fast-redirects was given.
+if test "${enable_fast_redirects+set}" = set; then :
+  enableval=$enable_fast_redirects; if test $enableval = yes; then
+  $as_echo "#define FEATURE_FAST_REDIRECTS 1" >>confdefs.h
+
+fi
+else
+  $as_echo "#define FEATURE_FAST_REDIRECTS 1" >>confdefs.h
+
+fi
+
+
+# Check whether --enable-stats was given.
+if test "${enable_stats+set}" = set; then :
+  enableval=$enable_stats; if test $enableval = yes; then
+  $as_echo "#define FEATURE_STATISTICS 1" >>confdefs.h
+
+fi
+else
+  $as_echo "#define FEATURE_STATISTICS 1" >>confdefs.h
+
+fi
+
+
+# Check whether --enable-ie-images was given.
+if test "${enable_ie_images+set}" = set; then :
+  enableval=$enable_ie_images; if test $enableval = yes; then
+  $as_echo "#define FEATURE_IMAGE_DETECT_MSIE 1" >>confdefs.h
+
+fi
+fi
+
+
+# Check whether --enable-image-blocking was given.
+if test "${enable_image_blocking+set}" = set; then :
+  enableval=$enable_image_blocking; if test $enableval = yes; then
+  $as_echo "#define FEATURE_IMAGE_BLOCKING 1" >>confdefs.h
+
+fi
+else
+  $as_echo "#define FEATURE_IMAGE_BLOCKING 1" >>confdefs.h
+
+fi
+
+
+# Check whether --enable-acl-files was given.
+if test "${enable_acl_files+set}" = set; then :
+  enableval=$enable_acl_files; if test $enableval = yes; then
+  $as_echo "#define FEATURE_ACL 1" >>confdefs.h
+
+fi
+else
+  $as_echo "#define FEATURE_ACL 1" >>confdefs.h
+
+fi
+
+
+# Check whether --enable-trust-files was given.
+if test "${enable_trust_files+set}" = set; then :
+  enableval=$enable_trust_files; if test $enableval = yes; then
+  $as_echo "#define FEATURE_TRUST 1" >>confdefs.h
+
+fi
+else
+  $as_echo "#define FEATURE_TRUST 1" >>confdefs.h
+
+fi
+
+
+# Check whether --enable-editor was given.
+if test "${enable_editor+set}" = set; then :
+  enableval=$enable_editor; if test $enableval = yes; then
+  $as_echo "#define FEATURE_CGI_EDIT_ACTIONS 1" >>confdefs.h
+
+fi
+else
+  $as_echo "#define FEATURE_CGI_EDIT_ACTIONS 1" >>confdefs.h
+
+fi
+
+
+# Check whether --enable-no-gifs was given.
+if test "${enable_no_gifs+set}" = set; then :
+  enableval=$enable_no_gifs; if test $enableval = yes; then
+  $as_echo "#define FEATURE_NO_GIFS 1" >>confdefs.h
+
+fi
+fi
+
+
+# Check whether --enable-graceful-termination was given.
+if test "${enable_graceful_termination+set}" = set; then :
+  enableval=$enable_graceful_termination; if test $enableval = yes; then
+  $as_echo "#define FEATURE_GRACEFUL_TERMINATION 1" >>confdefs.h
+
+fi
+fi
+
+
+# Check whether --enable-extended-host-patterns was given.
+if test "${enable_extended_host_patterns+set}" = set; then :
+  enableval=$enable_extended_host_patterns; if test $enableval = yes; then
+  $as_echo "#define FEATURE_EXTENDED_HOST_PATTERNS 1" >>confdefs.h
+
+fi
+fi
+
+
+
+# Check whether --enable-dynamic-pcre was given.
+if test "${enable_dynamic_pcre+set}" = set; then :
+  enableval=$enable_dynamic_pcre;  if test $enableval = "no"; then have_pcre=no; fi
+fi
+
+
+
+
+# Check whether --enable-zlib was given.
+if test "${enable_zlib+set}" = set; then :
+  enableval=$enable_zlib; enableval2=$enableval
+else
+  enableval2=yes
+fi
+
+if test $enableval2 = yes; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: checking for zlibVersion in -lz" >&5
+$as_echo_n "checking for zlibVersion in -lz... " >&6; }
+if ${ac_cv_lib_z_zlibVersion+:} false; then :
+  $as_echo_n "(cached) " >&6
+else
+  ac_check_lib_save_LIBS=$LIBS
+LIBS="-lz  $LIBS"
+cat confdefs.h - <<_ACEOF >conftest.$ac_ext
+/* end confdefs.h.  */
+
+/* Override any GCC internal prototype to avoid an error.
+   Use char because int might match the return type of a GCC
+   builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char zlibVersion ();
+int
+main ()
+{
+return zlibVersion ();
+  ;
+  return 0;
+}
+_ACEOF
+if ac_fn_c_try_link "$LINENO"; then :
+  ac_cv_lib_z_zlibVersion=yes
+else
+  ac_cv_lib_z_zlibVersion=no
+fi
+rm -f core conftest.err conftest.$ac_objext \
+    conftest$ac_exeext conftest.$ac_ext
+LIBS=$ac_check_lib_save_LIBS
+fi
+{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_z_zlibVersion" >&5
+$as_echo "$ac_cv_lib_z_zlibVersion" >&6; }
+if test "x$ac_cv_lib_z_zlibVersion" = xyes; then :
+  have_zlib="yes"
+else
+  have_zlib="no"
+fi
+
+  if test $have_zlib = "yes"; then
+    LIBS="$LIBS -lz"
+
+$as_echo "#define FEATURE_ZLIB 1" >>confdefs.h
+
+  else
+   { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: No zlib found.
+   Privoxy will not be able to filter compressed content.
+   This may become a fatal error in the future." >&5
+$as_echo "$as_me: WARNING: No zlib found.
+   Privoxy will not be able to filter compressed content.
+   This may become a fatal error in the future." >&2;}
+  fi
+fi
+
+
+# If we have libpcre and either we also have pcreposix or
+# we don't need pcreposix, then link pcre dynamically; else
+# build it and link statically
+#
+if test $have_pcre = "yes"; then
+  echo "using libpcre"
+  pcre_dyn=yes
+  STATIC_PCRE_ONLY=#
+  LIBS="$LIBS -lpcre -lpcreposix"
+else
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: You are using the static PCRE code which is scheduled for removal, for details see:
+    https://sourceforge.net/mailarchive/message.php?msg_id=20080511195555.2dc6cfdc%40fabiankeil.de" >&5
+$as_echo "$as_me: WARNING: You are using the static PCRE code which is scheduled for removal, for details see:
+    https://sourceforge.net/mailarchive/message.php?msg_id=20080511195555.2dc6cfdc%40fabiankeil.de" >&2;}
+  pcre_dyn=no
+  $as_echo "#define STATIC_PCRE 1" >>confdefs.h
+
+  STATIC_PCRE_ONLY=
+fi
+
+if test $have_pthread = "yes" -o $target_type = "mingw"; then
+  echo Enabling keep-alive support for outgoing connections.
+  $as_echo "#define FEATURE_CONNECTION_KEEP_ALIVE 1" >>confdefs.h
+
+fi
+
+  $as_echo "#define STATIC_PCRS 1" >>confdefs.h
+
+  STATIC_PCRS_ONLY=
+
+
+
+
+
+CFLAGS=$old_CFLAGS_nospecial
+
+
+
+
+ac_config_files="$ac_config_files GNUmakefile doc/source/ldp.dsl"
+
+cat >confcache <<\_ACEOF
+# This file is a shell script that caches the results of configure
+# tests run on this system so they can be shared between configure
+# scripts and configure runs, see configure's option --config-cache.
+# It is not useful on other systems.  If it contains results you don't
+# want to keep, you may remove or edit it.
+#
+# config.status only pays attention to the cache file if you give it
+# the --recheck option to rerun configure.
+#
+# `ac_cv_env_foo' variables (set or unset) will be overridden when
+# loading this file, other *unset* `ac_cv_foo' will be assigned the
+# following values.
+
+_ACEOF
+
+# The following way of writing the cache mishandles newlines in values,
+# but we know of no workaround that is simple, portable, and efficient.
+# So, we kill variables containing newlines.
+# Ultrix sh set writes to stderr and can't be redirected directly,
+# and sets the high bit in the cache file unless we assign to the vars.
+(
+  for ac_var in `(set) 2>&1 | sed -n 's/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'`; do
+    eval ac_val=\$$ac_var
+    case $ac_val in #(
+    *${as_nl}*)
+      case $ac_var in #(
+      *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5
+$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;;
+      esac
+      case $ac_var in #(
+      _ | IFS | as_nl) ;; #(
+      BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #(
+      *) { eval $ac_var=; unset $ac_var;} ;;
+      esac ;;
+    esac
+  done
+
+  (set) 2>&1 |
+    case $as_nl`(ac_space=' '; set) 2>&1` in #(
+    *${as_nl}ac_space=\ *)
+      # `set' does not quote correctly, so add quotes: double-quote
+      # substitution turns \\\\ into \\, and sed turns \\ into \.
+      sed -n \
+	"s/'/'\\\\''/g;
+	  s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p"
+      ;; #(
+    *)
+      # `set' quotes correctly as required by POSIX, so do not add quotes.
+      sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p"
+      ;;
+    esac |
+    sort
+) |
+  sed '
+     /^ac_cv_env_/b end
+     t clear
+     :clear
+     s/^\([^=]*\)=\(.*[{}].*\)$/test "${\1+set}" = set || &/
+     t end
+     s/^\([^=]*\)=\(.*\)$/\1=${\1=\2}/
+     :end' >>confcache
+if diff "$cache_file" confcache >/dev/null 2>&1; then :; else
+  if test -w "$cache_file"; then
+    if test "x$cache_file" != "x/dev/null"; then
+      { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5
+$as_echo "$as_me: updating cache $cache_file" >&6;}
+      if test ! -f "$cache_file" || test -h "$cache_file"; then
+	cat confcache >"$cache_file"
+      else
+        case $cache_file in #(
+        */* | ?:*)
+	  mv -f confcache "$cache_file"$$ &&
+	  mv -f "$cache_file"$$ "$cache_file" ;; #(
+        *)
+	  mv -f confcache "$cache_file" ;;
+	esac
+      fi
+    fi
+  else
+    { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5
+$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;}
+  fi
+fi
+rm -f confcache
+
+test "x$prefix" = xNONE && prefix=$ac_default_prefix
+# Let make expand exec_prefix.
+test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
+
+DEFS=-DHAVE_CONFIG_H
+
+ac_libobjs=
+ac_ltlibobjs=
+U=
+for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue
+  # 1. Remove the extension, and $U if already installed.
+  ac_script='s/\$U\././;s/\.o$//;s/\.obj$//'
+  ac_i=`$as_echo "$ac_i" | sed "$ac_script"`
+  # 2. Prepend LIBOBJDIR.  When used with automake>=1.10 LIBOBJDIR
+  #    will be set to the directory where LIBOBJS objects are built.
+  as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext"
+  as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo'
+done
+LIBOBJS=$ac_libobjs
+
+LTLIBOBJS=$ac_ltlibobjs
+
+
+
+: "${CONFIG_STATUS=./config.status}"
+ac_write_fail=0
+ac_clean_files_save=$ac_clean_files
+ac_clean_files="$ac_clean_files $CONFIG_STATUS"
+{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5
+$as_echo "$as_me: creating $CONFIG_STATUS" >&6;}
+as_write_fail=0
+cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1
+#! $SHELL
+# Generated by $as_me.
+# Run this file to recreate the current configuration.
+# Compiler output produced by configure, useful for debugging
+# configure, is in config.log if it exists.
+
+debug=false
+ac_cs_recheck=false
+ac_cs_silent=false
+
+SHELL=\${CONFIG_SHELL-$SHELL}
+export SHELL
+_ASEOF
+cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1
+## -------------------- ##
+## M4sh Initialization. ##
+## -------------------- ##
+
+# Be more Bourne compatible
+DUALCASE=1; export DUALCASE # for MKS sh
+if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then :
+  emulate sh
+  NULLCMD=:
+  # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which
+  # is contrary to our usage.  Disable this feature.
+  alias -g '${1+"$@"}'='"$@"'
+  setopt NO_GLOB_SUBST
+else
+  case `(set -o) 2>/dev/null` in #(
+  *posix*) :
+    set -o posix ;; #(
+  *) :
+     ;;
+esac
+fi
+
+
+as_nl='
+'
+export as_nl
+# Printing a long string crashes Solaris 7 /usr/bin/printf.
+as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\'
+as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo
+as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo
+# Prefer a ksh shell builtin over an external printf program on Solaris,
+# but without wasting forks for bash or zsh.
+if test -z "$BASH_VERSION$ZSH_VERSION" \
+    && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then
+  as_echo='print -r --'
+  as_echo_n='print -rn --'
+elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then
+  as_echo='printf %s\n'
+  as_echo_n='printf %s'
+else
+  if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then
+    as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"'
+    as_echo_n='/usr/ucb/echo -n'
+  else
+    as_echo_body='eval expr "X$1" : "X\\(.*\\)"'
+    as_echo_n_body='eval
+      arg=$1;
+      case $arg in #(
+      *"$as_nl"*)
+	expr "X$arg" : "X\\(.*\\)$as_nl";
+	arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;;
+      esac;
+      expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl"
+    '
+    export as_echo_n_body
+    as_echo_n='sh -c $as_echo_n_body as_echo'
+  fi
+  export as_echo_body
+  as_echo='sh -c $as_echo_body as_echo'
+fi
+
+# The user is always right.
+if test "${PATH_SEPARATOR+set}" != set; then
+  PATH_SEPARATOR=:
+  (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && {
+    (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 ||
+      PATH_SEPARATOR=';'
+  }
+fi
+
+
+# IFS
+# We need space, tab and new line, in precisely that order.  Quoting is
+# there to prevent editors from complaining about space-tab.
+# (If _AS_PATH_WALK were called with IFS unset, it would disable word
+# splitting by setting IFS to empty value.)
+IFS=" ""	$as_nl"
+
+# Find who we are.  Look in the path if we contain no directory separator.
+as_myself=
+case $0 in #((
+  *[\\/]* ) as_myself=$0 ;;
+  *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR
+for as_dir in $PATH
+do
+  IFS=$as_save_IFS
+  test -z "$as_dir" && as_dir=.
+    test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break
+  done
+IFS=$as_save_IFS
+
+     ;;
+esac
+# We did not find ourselves, most probably we were run as `sh COMMAND'
+# in which case we are not to be found in the path.
+if test "x$as_myself" = x; then
+  as_myself=$0
+fi
+if test ! -f "$as_myself"; then
+  $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2
+  exit 1
+fi
+
+# Unset variables that we do not need and which cause bugs (e.g. in
+# pre-3.0 UWIN ksh).  But do not cause bugs in bash 2.01; the "|| exit 1"
+# suppresses any "Segmentation fault" message there.  '((' could
+# trigger a bug in pdksh 5.2.14.
+for as_var in BASH_ENV ENV MAIL MAILPATH
+do eval test x\${$as_var+set} = xset \
+  && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || :
+done
+PS1='$ '
+PS2='> '
+PS4='+ '
+
+# NLS nuisances.
+LC_ALL=C
+export LC_ALL
+LANGUAGE=C
+export LANGUAGE
+
+# CDPATH.
+(unset CDPATH) >/dev/null 2>&1 && unset CDPATH
+
+
+# as_fn_error STATUS ERROR [LINENO LOG_FD]
+# ----------------------------------------
+# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are
+# provided, also output the error to LOG_FD, referencing LINENO. Then exit the
+# script with STATUS, using 1 if that was 0.
+as_fn_error ()
+{
+  as_status=$1; test $as_status -eq 0 && as_status=1
+  if test "$4"; then
+    as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack
+    $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4
+  fi
+  $as_echo "$as_me: error: $2" >&2
+  as_fn_exit $as_status
+} # as_fn_error
+
+
+# as_fn_set_status STATUS
+# -----------------------
+# Set $? to STATUS, without forking.
+as_fn_set_status ()
+{
+  return $1
+} # as_fn_set_status
+
+# as_fn_exit STATUS
+# -----------------
+# Exit the shell with STATUS, even in a "trap 0" or "set -e" context.
+as_fn_exit ()
+{
+  set +e
+  as_fn_set_status $1
+  exit $1
+} # as_fn_exit
+
+# as_fn_unset VAR
+# ---------------
+# Portably unset VAR.
+as_fn_unset ()
+{
+  { eval $1=; unset $1;}
+}
+as_unset=as_fn_unset
+# as_fn_append VAR VALUE
+# ----------------------
+# Append the text in VALUE to the end of the definition contained in VAR. Take
+# advantage of any shell optimizations that allow amortized linear growth over
+# repeated appends, instead of the typical quadratic growth present in naive
+# implementations.
+if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then :
+  eval 'as_fn_append ()
+  {
+    eval $1+=\$2
+  }'
+else
+  as_fn_append ()
+  {
+    eval $1=\$$1\$2
+  }
+fi # as_fn_append
+
+# as_fn_arith ARG...
+# ------------------
+# Perform arithmetic evaluation on the ARGs, and store the result in the
+# global $as_val. Take advantage of shells that can avoid forks. The arguments
+# must be portable across $(()) and expr.
+if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then :
+  eval 'as_fn_arith ()
+  {
+    as_val=$(( $* ))
+  }'
+else
+  as_fn_arith ()
+  {
+    as_val=`expr "$@" || test $? -eq 1`
+  }
+fi # as_fn_arith
+
+
+if expr a : '\(a\)' >/dev/null 2>&1 &&
+   test "X`expr 00001 : '.*\(...\)'`" = X001; then
+  as_expr=expr
+else
+  as_expr=false
+fi
+
+if (basename -- /) >/dev/null 2>&1 && test "X`basename -- / 2>&1`" = "X/"; then
+  as_basename=basename
+else
+  as_basename=false
+fi
+
+if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then
+  as_dirname=dirname
+else
+  as_dirname=false
+fi
+
+as_me=`$as_basename -- "$0" ||
+$as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \
+	 X"$0" : 'X\(//\)$' \| \
+	 X"$0" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X/"$0" |
+    sed '/^.*\/\([^/][^/]*\)\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\/\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\/\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+
+# Avoid depending upon Character Ranges.
+as_cr_letters='abcdefghijklmnopqrstuvwxyz'
+as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ'
+as_cr_Letters=$as_cr_letters$as_cr_LETTERS
+as_cr_digits='0123456789'
+as_cr_alnum=$as_cr_Letters$as_cr_digits
+
+ECHO_C= ECHO_N= ECHO_T=
+case `echo -n x` in #(((((
+-n*)
+  case `echo 'xy\c'` in
+  *c*) ECHO_T='	';;	# ECHO_T is single tab character.
+  xy)  ECHO_C='\c';;
+  *)   echo `echo ksh88 bug on AIX 6.1` > /dev/null
+       ECHO_T='	';;
+  esac;;
+*)
+  ECHO_N='-n';;
+esac
+
+rm -f conf$$ conf$$.exe conf$$.file
+if test -d conf$$.dir; then
+  rm -f conf$$.dir/conf$$.file
+else
+  rm -f conf$$.dir
+  mkdir conf$$.dir 2>/dev/null
+fi
+if (echo >conf$$.file) 2>/dev/null; then
+  if ln -s conf$$.file conf$$ 2>/dev/null; then
+    as_ln_s='ln -s'
+    # ... but there are two gotchas:
+    # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail.
+    # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable.
+    # In both cases, we have to default to `cp -p'.
+    ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe ||
+      as_ln_s='cp -p'
+  elif ln conf$$.file conf$$ 2>/dev/null; then
+    as_ln_s=ln
+  else
+    as_ln_s='cp -p'
+  fi
+else
+  as_ln_s='cp -p'
+fi
+rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file
+rmdir conf$$.dir 2>/dev/null
+
+
+# as_fn_mkdir_p
+# -------------
+# Create "$as_dir" as a directory, including parents if necessary.
+as_fn_mkdir_p ()
+{
+
+  case $as_dir in #(
+  -*) as_dir=./$as_dir;;
+  esac
+  test -d "$as_dir" || eval $as_mkdir_p || {
+    as_dirs=
+    while :; do
+      case $as_dir in #(
+      *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'(
+      *) as_qdir=$as_dir;;
+      esac
+      as_dirs="'$as_qdir' $as_dirs"
+      as_dir=`$as_dirname -- "$as_dir" ||
+$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+	 X"$as_dir" : 'X\(//\)[^/]' \| \
+	 X"$as_dir" : 'X\(//\)$' \| \
+	 X"$as_dir" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$as_dir" |
+    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)[^/].*/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+      test -d "$as_dir" && break
+    done
+    test -z "$as_dirs" || eval "mkdir $as_dirs"
+  } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir"
+
+
+} # as_fn_mkdir_p
+if mkdir -p . 2>/dev/null; then
+  as_mkdir_p='mkdir -p "$as_dir"'
+else
+  test -d ./-p && rmdir ./-p
+  as_mkdir_p=false
+fi
+
+if test -x / >/dev/null 2>&1; then
+  as_test_x='test -x'
+else
+  if ls -dL / >/dev/null 2>&1; then
+    as_ls_L_option=L
+  else
+    as_ls_L_option=
+  fi
+  as_test_x='
+    eval sh -c '\''
+      if test -d "$1"; then
+	test -d "$1/.";
+      else
+	case $1 in #(
+	-*)set "./$1";;
+	esac;
+	case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in #((
+	???[sx]*):;;*)false;;esac;fi
+    '\'' sh
+  '
+fi
+as_executable_p=$as_test_x
+
+# Sed expression to map a string onto a valid CPP name.
+as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'"
+
+# Sed expression to map a string onto a valid variable name.
+as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'"
+
+
+exec 6>&1
+## ----------------------------------- ##
+## Main body of $CONFIG_STATUS script. ##
+## ----------------------------------- ##
+_ASEOF
+test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+# Save the log message, to keep $0 and so on meaningful, and to
+# report actual input values of CONFIG_FILES etc. instead of their
+# values after options handling.
+ac_log="
+This file was extended by $as_me, which was
+generated by GNU Autoconf 2.68.  Invocation command line was
+
+  CONFIG_FILES    = $CONFIG_FILES
+  CONFIG_HEADERS  = $CONFIG_HEADERS
+  CONFIG_LINKS    = $CONFIG_LINKS
+  CONFIG_COMMANDS = $CONFIG_COMMANDS
+  $ $0 $@
+
+on `(hostname || uname -n) 2>/dev/null | sed 1q`
+"
+
+_ACEOF
+
+case $ac_config_files in *"
+"*) set x $ac_config_files; shift; ac_config_files=$*;;
+esac
+
+case $ac_config_headers in *"
+"*) set x $ac_config_headers; shift; ac_config_headers=$*;;
+esac
+
+
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+# Files that config.status was made for.
+config_files="$ac_config_files"
+config_headers="$ac_config_headers"
+
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+ac_cs_usage="\
+\`$as_me' instantiates files and other configuration actions
+from templates according to the current configuration.  Unless the files
+and actions are specified as TAGs, all are instantiated by default.
+
+Usage: $0 [OPTION]... [TAG]...
+
+  -h, --help       print this help, then exit
+  -V, --version    print version number and configuration settings, then exit
+      --config     print configuration, then exit
+  -q, --quiet, --silent
+                   do not print progress messages
+  -d, --debug      don't remove temporary files
+      --recheck    update $as_me by reconfiguring in the same conditions
+      --file=FILE[:TEMPLATE]
+                   instantiate the configuration file FILE
+      --header=FILE[:TEMPLATE]
+                   instantiate the configuration header FILE
+
+Configuration files:
+$config_files
+
+Configuration headers:
+$config_headers
+
+Report bugs to the package provider."
+
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
+ac_cs_version="\\
+config.status
+configured by $0, generated by GNU Autoconf 2.68,
+  with options \\"\$ac_cs_config\\"
+
+Copyright (C) 2010 Free Software Foundation, Inc.
+This config.status script is free software; the Free Software Foundation
+gives unlimited permission to copy, distribute and modify it."
+
+ac_pwd='$ac_pwd'
+srcdir='$srcdir'
+INSTALL='$INSTALL'
+AWK='$AWK'
+test -n "\$AWK" || AWK=awk
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+# The default lists apply if the user does not specify any file.
+ac_need_defaults=:
+while test $# != 0
+do
+  case $1 in
+  --*=?*)
+    ac_option=`expr "X$1" : 'X\([^=]*\)='`
+    ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'`
+    ac_shift=:
+    ;;
+  --*=)
+    ac_option=`expr "X$1" : 'X\([^=]*\)='`
+    ac_optarg=
+    ac_shift=:
+    ;;
+  *)
+    ac_option=$1
+    ac_optarg=$2
+    ac_shift=shift
+    ;;
+  esac
+
+  case $ac_option in
+  # Handling of the options.
+  -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
+    ac_cs_recheck=: ;;
+  --version | --versio | --versi | --vers | --ver | --ve | --v | -V )
+    $as_echo "$ac_cs_version"; exit ;;
+  --config | --confi | --conf | --con | --co | --c )
+    $as_echo "$ac_cs_config"; exit ;;
+  --debug | --debu | --deb | --de | --d | -d )
+    debug=: ;;
+  --file | --fil | --fi | --f )
+    $ac_shift
+    case $ac_optarg in
+    *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
+    '') as_fn_error $? "missing file argument" ;;
+    esac
+    as_fn_append CONFIG_FILES " '$ac_optarg'"
+    ac_need_defaults=false;;
+  --header | --heade | --head | --hea )
+    $ac_shift
+    case $ac_optarg in
+    *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;;
+    esac
+    as_fn_append CONFIG_HEADERS " '$ac_optarg'"
+    ac_need_defaults=false;;
+  --he | --h)
+    # Conflict between --help and --header
+    as_fn_error $? "ambiguous option: \`$1'
+Try \`$0 --help' for more information.";;
+  --help | --hel | -h )
+    $as_echo "$ac_cs_usage"; exit ;;
+  -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+  | -silent | --silent | --silen | --sile | --sil | --si | --s)
+    ac_cs_silent=: ;;
+
+  # This is an error.
+  -*) as_fn_error $? "unrecognized option: \`$1'
+Try \`$0 --help' for more information." ;;
+
+  *) as_fn_append ac_config_targets " $1"
+     ac_need_defaults=false ;;
+
+  esac
+  shift
+done
+
+ac_configure_extra_args=
+
+if $ac_cs_silent; then
+  exec 6>/dev/null
+  ac_configure_extra_args="$ac_configure_extra_args --silent"
+fi
+
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+if \$ac_cs_recheck; then
+  set X '$SHELL' '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion
+  shift
+  \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6
+  CONFIG_SHELL='$SHELL'
+  export CONFIG_SHELL
+  exec "\$@"
+fi
+
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+exec 5>>config.log
+{
+  echo
+  sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX
+## Running $as_me. ##
+_ASBOX
+  $as_echo "$ac_log"
+} >&5
+
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+
+# Handling of arguments.
+for ac_config_target in $ac_config_targets
+do
+  case $ac_config_target in
+    "config.h") CONFIG_HEADERS="$CONFIG_HEADERS config.h" ;;
+    "GNUmakefile") CONFIG_FILES="$CONFIG_FILES GNUmakefile" ;;
+    "doc/source/ldp.dsl") CONFIG_FILES="$CONFIG_FILES doc/source/ldp.dsl" ;;
+
+  *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;;
+  esac
+done
+
+
+# If the user did not use the arguments to specify the items to instantiate,
+# then the envvar interface is used.  Set only those that are not.
+# We use the long form for the default assignment because of an extremely
+# bizarre bug on SunOS 4.1.3.
+if $ac_need_defaults; then
+  test "${CONFIG_FILES+set}" = set || CONFIG_FILES=$config_files
+  test "${CONFIG_HEADERS+set}" = set || CONFIG_HEADERS=$config_headers
+fi
+
+# Have a temporary directory for convenience.  Make it in the build tree
+# simply because there is no reason against having it here, and in addition,
+# creating and moving files from /tmp can sometimes cause problems.
+# Hook for its removal unless debugging.
+# Note that there is a small window in which the directory will not be cleaned:
+# after its creation but before its name has been assigned to `$tmp'.
+$debug ||
+{
+  tmp= ac_tmp=
+  trap 'exit_status=$?
+  : "${ac_tmp:=$tmp}"
+  { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status
+' 0
+  trap 'as_fn_exit 1' 1 2 13 15
+}
+# Create a (secure) tmp directory for tmp files.
+
+{
+  tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` &&
+  test -d "$tmp"
+}  ||
+{
+  tmp=./conf$$-$RANDOM
+  (umask 077 && mkdir "$tmp")
+} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5
+ac_tmp=$tmp
+
+# Set up the scripts for CONFIG_FILES section.
+# No need to generate them if there are no CONFIG_FILES.
+# This happens for instance with `./config.status config.h'.
+if test -n "$CONFIG_FILES"; then
+
+
+ac_cr=`echo X | tr X '\015'`
+# On cygwin, bash can eat \r inside `` if the user requested igncr.
+# But we know of no other shell where ac_cr would be empty at this
+# point, so we can use a bashism as a fallback.
+if test "x$ac_cr" = x; then
+  eval ac_cr=\$\'\\r\'
+fi
+ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' </dev/null 2>/dev/null`
+if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then
+  ac_cs_awk_cr='\\r'
+else
+  ac_cs_awk_cr=$ac_cr
+fi
+
+echo 'BEGIN {' >"$ac_tmp/subs1.awk" &&
+_ACEOF
+
+
+{
+  echo "cat >conf$$subs.awk <<_ACEOF" &&
+  echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' &&
+  echo "_ACEOF"
+} >conf$$subs.sh ||
+  as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
+ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'`
+ac_delim='%!_!# '
+for ac_last_try in false false false false false :; do
+  . ./conf$$subs.sh ||
+    as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
+
+  ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X`
+  if test $ac_delim_n = $ac_delim_num; then
+    break
+  elif $ac_last_try; then
+    as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5
+  else
+    ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
+  fi
+done
+rm -f conf$$subs.sh
+
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK &&
+_ACEOF
+sed -n '
+h
+s/^/S["/; s/!.*/"]=/
+p
+g
+s/^[^!]*!//
+:repl
+t repl
+s/'"$ac_delim"'$//
+t delim
+:nl
+h
+s/\(.\{148\}\)..*/\1/
+t more1
+s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/
+p
+n
+b repl
+:more1
+s/["\\]/\\&/g; s/^/"/; s/$/"\\/
+p
+g
+s/.\{148\}//
+t nl
+:delim
+h
+s/\(.\{148\}\)..*/\1/
+t more2
+s/["\\]/\\&/g; s/^/"/; s/$/"/
+p
+b
+:more2
+s/["\\]/\\&/g; s/^/"/; s/$/"\\/
+p
+g
+s/.\{148\}//
+t delim
+' <conf$$subs.awk | sed '
+/^[^""]/{
+  N
+  s/\n//
+}
+' >>$CONFIG_STATUS || ac_write_fail=1
+rm -f conf$$subs.awk
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+_ACAWK
+cat >>"\$ac_tmp/subs1.awk" <<_ACAWK &&
+  for (key in S) S_is_set[key] = 1
+  FS = ""
+
+}
+{
+  line = $ 0
+  nfields = split(line, field, "@")
+  substed = 0
+  len = length(field[1])
+  for (i = 2; i < nfields; i++) {
+    key = field[i]
+    keylen = length(key)
+    if (S_is_set[key]) {
+      value = S[key]
+      line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3)
+      len += length(value) + length(field[++i])
+      substed = 1
+    } else
+      len += 1 + keylen
+  }
+
+  print line
+}
+
+_ACAWK
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then
+  sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g"
+else
+  cat
+fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \
+  || as_fn_error $? "could not setup config files machinery" "$LINENO" 5
+_ACEOF
+
+# VPATH may cause trouble with some makes, so we remove sole $(srcdir),
+# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and
+# trailing colons and then remove the whole line if VPATH becomes empty
+# (actually we leave an empty line to preserve line numbers).
+if test "x$srcdir" = x.; then
+  ac_vpsub='/^[	 ]*VPATH[	 ]*=[	 ]*/{
+h
+s///
+s/^/:/
+s/[	 ]*$/:/
+s/:\$(srcdir):/:/g
+s/:\${srcdir}:/:/g
+s/:@srcdir@:/:/g
+s/^:*//
+s/:*$//
+x
+s/\(=[	 ]*\).*/\1/
+G
+s/\n//
+s/^[^=]*=[	 ]*$//
+}'
+fi
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+fi # test -n "$CONFIG_FILES"
+
+# Set up the scripts for CONFIG_HEADERS section.
+# No need to generate them if there are no CONFIG_HEADERS.
+# This happens for instance with `./config.status Makefile'.
+if test -n "$CONFIG_HEADERS"; then
+cat >"$ac_tmp/defines.awk" <<\_ACAWK ||
+BEGIN {
+_ACEOF
+
+# Transform confdefs.h into an awk script `defines.awk', embedded as
+# here-document in config.status, that substitutes the proper values into
+# config.h.in to produce config.h.
+
+# Create a delimiter string that does not exist in confdefs.h, to ease
+# handling of long lines.
+ac_delim='%!_!# '
+for ac_last_try in false false :; do
+  ac_tt=`sed -n "/$ac_delim/p" confdefs.h`
+  if test -z "$ac_tt"; then
+    break
+  elif $ac_last_try; then
+    as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5
+  else
+    ac_delim="$ac_delim!$ac_delim _$ac_delim!! "
+  fi
+done
+
+# For the awk script, D is an array of macro values keyed by name,
+# likewise P contains macro parameters if any.  Preserve backslash
+# newline sequences.
+
+ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]*
+sed -n '
+s/.\{148\}/&'"$ac_delim"'/g
+t rset
+:rset
+s/^[	 ]*#[	 ]*define[	 ][	 ]*/ /
+t def
+d
+:def
+s/\\$//
+t bsnl
+s/["\\]/\\&/g
+s/^ \('"$ac_word_re"'\)\(([^()]*)\)[	 ]*\(.*\)/P["\1"]="\2"\
+D["\1"]=" \3"/p
+s/^ \('"$ac_word_re"'\)[	 ]*\(.*\)/D["\1"]=" \2"/p
+d
+:bsnl
+s/["\\]/\\&/g
+s/^ \('"$ac_word_re"'\)\(([^()]*)\)[	 ]*\(.*\)/P["\1"]="\2"\
+D["\1"]=" \3\\\\\\n"\\/p
+t cont
+s/^ \('"$ac_word_re"'\)[	 ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p
+t cont
+d
+:cont
+n
+s/.\{148\}/&'"$ac_delim"'/g
+t clear
+:clear
+s/\\$//
+t bsnlc
+s/["\\]/\\&/g; s/^/"/; s/$/"/p
+d
+:bsnlc
+s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p
+b cont
+' <confdefs.h | sed '
+s/'"$ac_delim"'/"\\\
+"/g' >>$CONFIG_STATUS || ac_write_fail=1
+
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+  for (key in D) D_is_set[key] = 1
+  FS = ""
+}
+/^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ {
+  line = \$ 0
+  split(line, arg, " ")
+  if (arg[1] == "#") {
+    defundef = arg[2]
+    mac1 = arg[3]
+  } else {
+    defundef = substr(arg[1], 2)
+    mac1 = arg[2]
+  }
+  split(mac1, mac2, "(") #)
+  macro = mac2[1]
+  prefix = substr(line, 1, index(line, defundef) - 1)
+  if (D_is_set[macro]) {
+    # Preserve the white space surrounding the "#".
+    print prefix "define", macro P[macro] D[macro]
+    next
+  } else {
+    # Replace #undef with comments.  This is necessary, for example,
+    # in the case of _POSIX_SOURCE, which is predefined and required
+    # on some systems where configure will not decide to define it.
+    if (defundef == "undef") {
+      print "/*", prefix defundef, macro, "*/"
+      next
+    }
+  }
+}
+{ print }
+_ACAWK
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+  as_fn_error $? "could not setup config headers machinery" "$LINENO" 5
+fi # test -n "$CONFIG_HEADERS"
+
+
+eval set X "  :F $CONFIG_FILES  :H $CONFIG_HEADERS    "
+shift
+for ac_tag
+do
+  case $ac_tag in
+  :[FHLC]) ac_mode=$ac_tag; continue;;
+  esac
+  case $ac_mode$ac_tag in
+  :[FHL]*:*);;
+  :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;;
+  :[FH]-) ac_tag=-:-;;
+  :[FH]*) ac_tag=$ac_tag:$ac_tag.in;;
+  esac
+  ac_save_IFS=$IFS
+  IFS=:
+  set x $ac_tag
+  IFS=$ac_save_IFS
+  shift
+  ac_file=$1
+  shift
+
+  case $ac_mode in
+  :L) ac_source=$1;;
+  :[FH])
+    ac_file_inputs=
+    for ac_f
+    do
+      case $ac_f in
+      -) ac_f="$ac_tmp/stdin";;
+      *) # Look for the file first in the build tree, then in the source tree
+	 # (if the path is not absolute).  The absolute path cannot be DOS-style,
+	 # because $ac_f cannot contain `:'.
+	 test -f "$ac_f" ||
+	   case $ac_f in
+	   [\\/$]*) false;;
+	   *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";;
+	   esac ||
+	   as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;;
+      esac
+      case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac
+      as_fn_append ac_file_inputs " '$ac_f'"
+    done
+
+    # Let's still pretend it is `configure' which instantiates (i.e., don't
+    # use $as_me), people would be surprised to read:
+    #    /* config.h.  Generated by config.status.  */
+    configure_input='Generated from '`
+	  $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g'
+	`' by configure.'
+    if test x"$ac_file" != x-; then
+      configure_input="$ac_file.  $configure_input"
+      { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5
+$as_echo "$as_me: creating $ac_file" >&6;}
+    fi
+    # Neutralize special characters interpreted by sed in replacement strings.
+    case $configure_input in #(
+    *\&* | *\|* | *\\* )
+       ac_sed_conf_input=`$as_echo "$configure_input" |
+       sed 's/[\\\\&|]/\\\\&/g'`;; #(
+    *) ac_sed_conf_input=$configure_input;;
+    esac
+
+    case $ac_tag in
+    *:-:* | *:-) cat >"$ac_tmp/stdin" \
+      || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;;
+    esac
+    ;;
+  esac
+
+  ac_dir=`$as_dirname -- "$ac_file" ||
+$as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \
+	 X"$ac_file" : 'X\(//\)[^/]' \| \
+	 X"$ac_file" : 'X\(//\)$' \| \
+	 X"$ac_file" : 'X\(/\)' \| . 2>/dev/null ||
+$as_echo X"$ac_file" |
+    sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)[^/].*/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\/\)$/{
+	    s//\1/
+	    q
+	  }
+	  /^X\(\/\).*/{
+	    s//\1/
+	    q
+	  }
+	  s/.*/./; q'`
+  as_dir="$ac_dir"; as_fn_mkdir_p
+  ac_builddir=.
+
+case "$ac_dir" in
+.) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;;
+*)
+  ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'`
+  # A ".." for each directory in $ac_dir_suffix.
+  ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'`
+  case $ac_top_builddir_sub in
+  "") ac_top_builddir_sub=. ac_top_build_prefix= ;;
+  *)  ac_top_build_prefix=$ac_top_builddir_sub/ ;;
+  esac ;;
+esac
+ac_abs_top_builddir=$ac_pwd
+ac_abs_builddir=$ac_pwd$ac_dir_suffix
+# for backward compatibility:
+ac_top_builddir=$ac_top_build_prefix
+
+case $srcdir in
+  .)  # We are building in place.
+    ac_srcdir=.
+    ac_top_srcdir=$ac_top_builddir_sub
+    ac_abs_top_srcdir=$ac_pwd ;;
+  [\\/]* | ?:[\\/]* )  # Absolute name.
+    ac_srcdir=$srcdir$ac_dir_suffix;
+    ac_top_srcdir=$srcdir
+    ac_abs_top_srcdir=$srcdir ;;
+  *) # Relative name.
+    ac_srcdir=$ac_top_build_prefix$srcdir$ac_dir_suffix
+    ac_top_srcdir=$ac_top_build_prefix$srcdir
+    ac_abs_top_srcdir=$ac_pwd/$srcdir ;;
+esac
+ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix
+
+
+  case $ac_mode in
+  :F)
+  #
+  # CONFIG_FILE
+  #
+
+  case $INSTALL in
+  [\\/$]* | ?:[\\/]* ) ac_INSTALL=$INSTALL ;;
+  *) ac_INSTALL=$ac_top_build_prefix$INSTALL ;;
+  esac
+_ACEOF
+
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+# If the template does not know about datarootdir, expand it.
+# FIXME: This hack should be removed a few years after 2.60.
+ac_datarootdir_hack=; ac_datarootdir_seen=
+ac_sed_dataroot='
+/datarootdir/ {
+  p
+  q
+}
+/@datadir@/p
+/@docdir@/p
+/@infodir@/p
+/@localedir@/p
+/@mandir@/p'
+case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in
+*datarootdir*) ac_datarootdir_seen=yes;;
+*@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*)
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5
+$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;}
+_ACEOF
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+  ac_datarootdir_hack='
+  s&@datadir@&$datadir&g
+  s&@docdir@&$docdir&g
+  s&@infodir@&$infodir&g
+  s&@localedir@&$localedir&g
+  s&@mandir@&$mandir&g
+  s&\\\${datarootdir}&$datarootdir&g' ;;
+esac
+_ACEOF
+
+# Neutralize VPATH when `$srcdir' = `.'.
+# Shell code in configure.ac might set extrasub.
+# FIXME: do we really want to maintain this feature?
+cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
+ac_sed_extra="$ac_vpsub
+$extrasub
+_ACEOF
+cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
+:t
+/@[a-zA-Z_][a-zA-Z_0-9]*@/!b
+s|@configure_input@|$ac_sed_conf_input|;t t
+s&@top_builddir@&$ac_top_builddir_sub&;t t
+s&@top_build_prefix@&$ac_top_build_prefix&;t t
+s&@srcdir@&$ac_srcdir&;t t
+s&@abs_srcdir@&$ac_abs_srcdir&;t t
+s&@top_srcdir@&$ac_top_srcdir&;t t
+s&@abs_top_srcdir@&$ac_abs_top_srcdir&;t t
+s&@builddir@&$ac_builddir&;t t
+s&@abs_builddir@&$ac_abs_builddir&;t t
+s&@abs_top_builddir@&$ac_abs_top_builddir&;t t
+s&@INSTALL@&$ac_INSTALL&;t t
+$ac_datarootdir_hack
+"
+eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \
+  >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5
+
+test -z "$ac_datarootdir_hack$ac_datarootdir_seen" &&
+  { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } &&
+  { ac_out=`sed -n '/^[	 ]*datarootdir[	 ]*:*=/p' \
+      "$ac_tmp/out"`; test -z "$ac_out"; } &&
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir'
+which seems to be undefined.  Please make sure it is defined" >&5
+$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir'
+which seems to be undefined.  Please make sure it is defined" >&2;}
+
+  rm -f "$ac_tmp/stdin"
+  case $ac_file in
+  -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";;
+  *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";;
+  esac \
+  || as_fn_error $? "could not create $ac_file" "$LINENO" 5
+ ;;
+  :H)
+  #
+  # CONFIG_HEADER
+  #
+  if test x"$ac_file" != x-; then
+    {
+      $as_echo "/* $configure_input  */" \
+      && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs"
+    } >"$ac_tmp/config.h" \
+      || as_fn_error $? "could not create $ac_file" "$LINENO" 5
+    if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then
+      { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5
+$as_echo "$as_me: $ac_file is unchanged" >&6;}
+    else
+      rm -f "$ac_file"
+      mv "$ac_tmp/config.h" "$ac_file" \
+	|| as_fn_error $? "could not create $ac_file" "$LINENO" 5
+    fi
+  else
+    $as_echo "/* $configure_input  */" \
+      && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \
+      || as_fn_error $? "could not create -" "$LINENO" 5
+  fi
+ ;;
+
+
+  esac
+
+done # for ac_tag
+
+
+as_fn_exit 0
+_ACEOF
+ac_clean_files=$ac_clean_files_save
+
+test $ac_write_fail = 0 ||
+  as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5
+
+
+# configure is writing to config.log, and then calls config.status.
+# config.status does its own redirection, appending to config.log.
+# Unfortunately, on DOS this fails, as config.log is still kept open
+# by configure, so config.status won't be able to write to it; its
+# output is simply discarded.  So we exec the FD to /dev/null,
+# effectively closing config.log, so it can be properly (re)opened and
+# appended to by config.status.  When coming back to configure, we
+# need to make the FD available again.
+if test "$no_create" != yes; then
+  ac_cs_success=:
+  ac_config_status_args=
+  test "$silent" = yes &&
+    ac_config_status_args="$ac_config_status_args --quiet"
+  exec 5>/dev/null
+  $SHELL $CONFIG_STATUS $ac_config_status_args || ac_cs_success=false
+  exec 5>>config.log
+  # Use ||, not &&, to avoid exiting from the if with $? = 1, which
+  # would make configure fail if this is the last instruction.
+  $ac_cs_success || as_fn_exit 1
+fi
+if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then
+  { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5
+$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;}
+fi
+
diff --git a/external/privoxy/configure.in b/external/privoxy/configure.in
new file mode 100644
index 0000000..6c6ce39
--- /dev/null
+++ b/external/privoxy/configure.in
@@ -0,0 +1,1463 @@
+dnl Process this file with autoconf to produce a configure script.
+dnl 
+dnl $Id: configure.in,v 1.126 2009/03/21 10:45:06 fabiankeil Exp $
+dnl 
+dnl Written by and Copyright (C) 2001-2009 the
+dnl Privoxy team. http://www.privoxy.org/
+dnl
+dnl Based on the Internet Junkbuster originally written
+dnl by and Copyright (C) 1997 Anonymous Coders and 
+dnl Junkbusters Corporation.  http://www.junkbusters.com
+dnl
+dnl This program is free software; you can redistribute it 
+dnl and/or modify it under the terms of the GNU General
+dnl Public License as published by the Free Software
+dnl Foundation; either version 2 of the License, or (at
+dnl your option) any later version.
+dnl 
+dnl This program is distributed in the hope that it will
+dnl be useful, but WITHOUT ANY WARRANTY; without even the
+dnl implied warranty of MERCHANTABILITY or FITNESS FOR A
+dnl PARTICULAR PURPOSE.  See the GNU General Public
+dnl License for more details.
+dnl 
+dnl The GNU General Public License should be included with
+dnl this file.  If not, you can view it at
+dnl http://www.gnu.org/copyleft/gpl.html
+dnl or write to the Free Software Foundation, Inc., 59
+dnl Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+dnl 
+dnl $Log: configure.in,v $
+dnl Revision 1.126  2009/03/21 10:45:06  fabiankeil
+dnl Declare the code stable.
+dnl
+dnl Revision 1.125  2009/02/25 16:58:03  fabiankeil
+dnl And the journey continues. Bump version to 3.0.12 UNRELEASED.
+dnl
+dnl Revision 1.124  2009/02/12 15:42:00  fabiankeil
+dnl Declare the code stable.
+dnl
+dnl Revision 1.123  2009/02/06 18:17:32  fabiankeil
+dnl Boldly enable keep-alive support where possible.
+dnl
+dnl Revision 1.122  2008/10/18 11:17:52  fabiankeil
+dnl Connection keep-alive support is ready for testing,
+dnl allow enabling it through the configure script.
+dnl
+dnl Revision 1.121  2008/08/30 12:03:07  fabiankeil
+dnl Remove FEATURE_COOKIE_JAR.
+dnl
+dnl Revision 1.120  2008/08/21 17:19:50  fabiankeil
+dnl Change version to 3.0.11 UNRELEASED.
+dnl
+dnl Revision 1.119  2008/08/13 16:53:50  fabiankeil
+dnl Change version to 3.0.10 stable.
+dnl
+dnl Revision 1.118  2008/06/27 12:50:44  fabiankeil
+dnl Here's looking at you, Gentoo Linux: Show a warning if
+dnl --disable-pthread is used even though pthreads are available.
+dnl
+dnl Revision 1.117  2008/06/14 12:47:30  fabiankeil
+dnl Set CODE_STATUS to beta.
+dnl
+dnl Revision 1.116  2008/06/08 11:55:09  fabiankeil
+dnl - Show a warning if the soon-to-be-removed static PCRE code is used.
+dnl - Hide the "using built-in static pcrs" message. With dynamic linking
+dnl   against PCRS disabled, the message isn't particularly useful.
+dnl
+dnl Revision 1.115  2008/05/25 15:50:14  fabiankeil
+dnl Try to use zlib by default, but just show a warning if it's
+dnl unavailable. Remove --enable-zlib, add  --disable-zlib.
+dnl
+dnl Revision 1.114  2008/04/06 15:18:33  fabiankeil
+dnl Oh well, rename the --enable-pcre-host-patterns option to
+dnl --enable-extended-host-patterns as it's not really PCRE syntax.
+dnl
+dnl Revision 1.113  2008/04/06 14:54:26  fabiankeil
+dnl Use PCRE syntax in host patterns when configured
+dnl with --enable-pcre-host-patterns.
+dnl
+dnl Revision 1.112  2008/03/27 18:27:22  fabiankeil
+dnl Remove kill-popups action.
+dnl
+dnl Revision 1.111  2008/02/03 14:40:47  fabiankeil
+dnl Remove unused OSX_DARWIN macro. Reported by Mark Miller in #1852529.
+dnl
+dnl Revision 1.110  2008/01/26 10:52:13  fabiankeil
+dnl Change version to 3.0.9 UNRELEASED.
+dnl
+dnl Revision 1.109  2008/01/20 14:07:09  fabiankeil
+dnl Set CODE_STATUS to stable.
+dnl
+dnl Revision 1.108  2007/12/10 02:30:00  hal9
+dnl Change versioning for > 3.0.7 && < 3.0.8
+dnl
+dnl Revision 1.107  2007/11/15 02:50:14  hal9
+dnl Setting to "beta" (for doc builds, etc).
+dnl
+dnl Revision 1.106  2007/05/11 11:49:41  fabiankeil
+dnl Check for strlcat().
+dnl
+dnl Revision 1.105  2007/04/09 17:34:58  fabiankeil
+dnl Check for snprintf().
+dnl
+dnl Revision 1.104  2007/03/31 13:35:11  fabiankeil
+dnl Add checks for gettimeofday() and strlcpy().
+dnl
+dnl Revision 1.103  2007/01/20 16:29:38  fabiankeil
+dnl Suppress edit buttons for action files if Privoxy has
+dnl no write access. Suggested by Roland in PR 1564026.
+dnl
+dnl Revision 1.102  2007/01/18 14:55:45  fabiankeil
+dnl Check for tzset() and putenv() to make sure the
+dnl replacement timegm() isn't included on systems
+dnl where it fails to compile.
+dnl
+dnl Revision 1.101  2007/01/12 15:20:17  fabiankeil
+dnl Temporarily ignore external libpcrs to prevent
+dnl problems that are fixed in Privoxy's own version.
+dnl
+dnl Revision 1.100  2007/01/07 07:38:10  joergs
+dnl Disabled -pipe for AmigaOS4.
+dnl
+dnl Revision 1.99  2007/01/01 19:36:37  fabiankeil
+dnl Integrate a modified version of Wil Mahan's
+dnl zlib patch (PR #895531).
+dnl
+dnl Revision 1.98  2006/12/17 19:15:26  fabiankeil
+dnl Added ./configure switch for FEATURE_GRACEFUL_TERMINATION.
+dnl
+dnl Revision 1.97  2006/11/21 18:32:46  hal9
+dnl Setting version to 3.0.7 UNRELEASED for lack of a better setting.
+dnl
+dnl Revision 1.96  2006/11/18 14:42:51  fabiankeil
+dnl Mark as stable.
+dnl
+dnl Revision 1.95  2006/11/14 02:08:59  hal9
+dnl Setting version string to 3.0.6 UNRELEASED. This needs to be reset to 3.0.6
+dnl stable just before CVS is tagged for release.
+dnl
+dnl Revision 1.94  2006/11/13 19:05:50  fabiankeil
+dnl Make pthread mutex locking more generic. Instead of
+dnl checking for OSX and OpenBSD, check for FEATURE_PTHREAD
+dnl and use mutex locking unless there is an _r function
+dnl available. Better safe than sorry.
+dnl
+dnl Fixes "./configure --disable-pthread" and should result
+dnl in less threading-related problems on pthread-using platforms,
+dnl but it still doesn't fix BR#1122404.
+dnl
+dnl Revision 1.93  2006/09/22 01:26:20  hal9
+dnl Set version to 3.0.5 BETA for hopefully release this weekend.
+dnl
+dnl Revision 1.92  2006/08/17 17:09:49  fabiankeil
+dnl Added check for timegm().
+dnl
+dnl Revision 1.91  2006/08/13 22:01:51  fabiankeil
+dnl Added checks for strptime() and random()
+dnl
+dnl Revision 1.90  2006/07/18 14:48:45  david__schmidt
+dnl Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+dnl with what was really the latest development (the v_3_0_branch branch)
+dnl
+dnl Revision 1.68.2.20  2004/01/31 16:31:46  oes
+dnl Resetting version info to 0.0.0 UNRELEASED
+dnl
+dnl Revision 1.68.2.19  2004/01/30 09:26:03  oes
+dnl Added docbook paths for debian sarge; set status for release
+dnl
+dnl Revision 1.68.2.18  2003/12/08 15:10:29  oes
+dnl Bugfix: --with-docbook now correctly accepts its path parameter. Thanks, Roland!
+dnl
+dnl Revision 1.68.2.17  2003/10/18 18:41:26  david__schmidt
+dnl Update to remain buildable on OS/2 - remove the failures
+dnl due to missing unixisms
+dnl
+dnl Revision 1.68.2.16  2003/03/26 16:05:14  oes
+dnl Marked as 0.0.0 UNRELEASED
+dnl
+dnl Revision 1.68.2.15  2003/03/26 00:25:00  oes
+dnl Bump version for 3.0.2
+dnl
+dnl Revision 1.68.2.14  2003/03/25 13:27:12  hal9
+dnl Manually apply Docbook/FreeBSD patch #708081 from a.go at tiscali.nl.
+dnl
+dnl Revision 1.68.2.13  2003/03/18 19:38:57  oes
+dnl Set version info for 3.0.1 release
+dnl
+dnl Revision 1.68.2.12  2003/03/07 03:41:04  david__schmidt
+dnl Wrapping all *_r functions (the non-_r versions of them) with mutex semaphores for OSX.  Hopefully this will take care of all of those pesky crash reports.
+dnl
+dnl Revision 1.68.2.11  2003/03/06 15:22:37  oes
+dnl Fixed minor shell syntax bug
+dnl
+dnl Revision 1.68.2.10  2003/01/08 16:39:41  oes
+dnl Changing default to exclude FEATURE_IMAGE_DETECT_MSIE because of problem reports with recent IEs
+dnl
+dnl Revision 1.68.2.9  2002/12/13 23:47:45  hal9
+dnl Add openbsd $specialflags per gunner at styx2002.no-ip.org
+dnl
+dnl Revision 1.68.2.8  2002/11/27 12:55:26  oes
+dnl Fixed broken handling of pre-set CFLAGS
+dnl
+dnl Revision 1.68.2.7  2002/10/25 02:44:22  hal9
+dnl Port of make install, etc from main trunk. Needs testing! Add Slackware
+dnl support, and other related changes. Update related docs.
+dnl
+dnl Revision 1.68.2.6  2002/09/25 15:35:15  oes
+dnl Marking as non-release
+dnl
+dnl Revision 1.68.2.5  2002/08/25 23:37:00  hal9
+dnl Getting ready for 3.0 release.
+dnl
+dnl Revision 1.68.2.4  2002/08/10 11:21:57  oes
+dnl - Set Version to 2.9.20 (beta)
+dnl - Add two AC_DEFINEs that indicate if the pcre*.h headers
+dnl   are located in a pcre/ subdir to the include path.
+dnl
+dnl Revision 1.68.2.3  2002/08/06 11:29:36  oes
+dnl Fixed detection/inclusion of pcre.h, which is in a pcre subdir on RH
+dnl
+dnl Revision 1.68.2.2  2002/07/30 19:36:09  hal9
+dnl Bump version to 2.9.17.
+dnl
+dnl Revision 1.68.2.1  2002/07/26 15:21:12  oes
+dnl  Bumped version number for 2.9.16 freeze
+dnl
+dnl Revision 1.68  2002/05/25 16:54:54  jongfoster
+dnl Detect if the compiler supports -pthread.
+dnl Hopefully this will fix bug 560442.  (I don't have a HP PA-RISC
+dnl machine to test this!)
+dnl
+dnl Revision 1.67  2002/05/03 14:33:59  oes
+dnl Generate doc/soucre/ldp.dsl
+dnl
+dnl Revision 1.66  2002/05/03 00:41:56  oes
+dnl Set version to 2.9.15 to comply with new versioning scheme
+dnl
+dnl Revision 1.65  2002/04/25 19:13:57  morcego
+dnl Removed RPM release number declaration on configure.in
+dnl Changed makefile to use given value for RPM_PACKAGEV when on uploading
+dnl targets (will produce an error, explaining who to do it, if no value
+dnl if provided).
+dnl
+dnl Revision 1.64  2002/04/22 16:32:31  morcego
+dnl configure.in, *.spec: Bumping release to 2 (2.9.14-2)
+dnl -rh.spec: uid and gid are now macros
+dnl -suse.spec: Changing the header Copyright to License (Copyright is
+dnl             deprecable)
+dnl
+dnl Revision 1.63  2002/04/11 11:00:21  oes
+dnl Applied Moritz' fix for socklen_t on Solaris
+dnl
+dnl Revision 1.62  2002/04/11 10:09:20  oes
+dnl Version 2.9.14
+dnl
+dnl Revision 1.61  2002/04/10 18:14:45  morcego
+dnl - (privoxy-rh.spec only) Relisting template files on the %%files section
+dnl - (configure.in, privoxy-rh.spec) Bumped package release to 5
+dnl
+dnl Revision 1.60  2002/04/09 16:38:49  oes
+dnl Added detection of missing config.h.in
+dnl
+dnl Revision 1.59  2002/04/06 20:23:55  jongfoster
+dnl Removing unnessacery tests (C++, ranlib)
+dnl
+dnl Revision 1.58  2002/04/04 20:49:20  swa
+dnl attempt to consolidate the
+dnl different dokbook versions.
+dnl
+dnl Revision 1.57  2002/04/04 00:36:36  gliptak
+dnl always use pcre for matching
+dnl
+dnl Revision 1.56  2002/04/03 22:28:03  gliptak
+dnl Removed references to gnu_regex
+dnl
+dnl Revision 1.55  2002/04/03 03:54:38  gliptak
+dnl Checking pcre version
+dnl
+dnl Revision 1.54  2002/04/01 00:54:24  gliptak
+dnl More changes needed around regex support.
+dnl
+dnl Revision 1.53  2002/03/29 20:09:01  swa
+dnl al's patch
+dnl
+dnl Revision 1.52  2002/03/29 19:51:40  gliptak
+dnl Correcting compile problem with Debian
+dnl
+dnl Revision 1.51  2002/03/28 20:43:00  swa
+dnl set make correctly
+dnl
+dnl Revision 1.50  2002/03/27 03:03:45  hal9
+dnl Add test for man2html
+dnl
+dnl Revision 1.49  2002/03/27 02:19:52  david__schmidt
+dnl More Mac OSX support:
+dnl - Get rid of extraneous, noisy -pthread warnings
+dnl - Define unix so we get oes' unix-tagged changes
+dnl
+dnl Revision 1.48  2002/03/26 22:29:54  swa
+dnl we have a new homepage!
+dnl
+dnl Revision 1.47  2002/03/26 16:41:00  hal9
+dnl Upped RPM Release to 3 (need to build new RH packages)
+dnl
+dnl Revision 1.46  2002/03/24 18:55:06  jongfoster
+dnl Making Docbook work under Windows
+dnl
+dnl Revision 1.45  2002/03/24 14:19:55  swa
+dnl set rpm package release in configure.in. nowhere else.
+dnl
+dnl Revision 1.44  2002/03/24 13:25:43  swa
+dnl name change related issues
+dnl
+dnl Revision 1.43  2002/03/24 12:56:21  swa
+dnl name change related issues.
+dnl
+dnl Revision 1.42  2002/03/22 18:11:37  jongfoster
+dnl Bumping version number to 2.9.12
+dnl
+dnl Revision 1.41  2002/03/19 19:30:04  morcego
+dnl - Fixing stylesheet checking on configure. If it is found, no further checks
+dnl   should be done
+dnl
+dnl - configure will now check for db2html or docbook2html (should work now
+dnl   on SuSe without the docbktls package)
+dnl
+dnl Revision 1.40  2002/03/09 14:33:30  oes
+dnl Fixing the (harmless) AC_CHECK_FILE warnings
+dnl
+dnl Revision 1.39  2002/03/08 16:46:13  oes
+dnl Added --enable-no-gifs
+dnl
+dnl Revision 1.38  2002/03/08 14:13:50  morcego
+dnl Fixing configure, to remove a command not found error.
+dnl
+dnl Revision 1.37  2002/03/08 12:58:21  oes
+dnl Tiny bugfix in AC_ARG_WITH(debug)
+dnl
+dnl Revision 1.36  2002/03/06 23:50:36  morcego
+dnl Will not test for a text browser if we are not using docbook.
+dnl
+dnl Revision 1.35  2002/03/06 21:55:52  morcego
+dnl New configure option: --with-docbook=(yes|no|directory)
+dnl Preliminary new platform detection code included. Will work with the
+dnl old one for now. No use just trowing it away
+dnl
+dnl Revision 1.34  2002/03/06 20:57:00  morcego
+dnl Fixing detection of stylesheets on SuSe.
+dnl
+dnl Revision 1.33  2002/03/05 17:31:11  morcego
+dnl Search for docbook.dsl. Should solve portability problems for SuSe.
+dnl
+dnl Revision 1.32  2002/03/05 14:07:43  morcego
+dnl configure now detects rpm topdir, and change GNUmakefile acordingly
+dnl    (based on sugestion by Sarantis Paskalis)
+dnl
+dnl Revision 1.31  2002/03/05 13:43:28  morcego
+dnl Checking for text browser, so redhat-dok can work.
+dnl
+dnl Revision 1.30  2002/03/04 17:58:01  oes
+dnl Deleted _DEBUG and PID_FILE_PATH
+dnl
+dnl Revision 1.29  2002/02/28 14:20:53  oes
+dnl Fixed detection of gethost*_r functions on Solaris
+dnl
+dnl Revision 1.28  2002/02/27 15:02:38  oes
+dnl Incremented version number
+dnl
+dnl Revision 1.27  2002/01/10 12:35:18  oes
+dnl Added cross-compile defaults to the AC_CHECK_SIZEOF macros
+dnl to silence autoconf warnings. Numbers are for Intel/Linux.
+dnl Is there a better way?
+dnl
+dnl Revision 1.26  2002/01/09 14:29:49  oes
+dnl - Added AC_CHECK_FUNC tests for the availability of
+dnl   gethostbyname_r, gethostbyaddr_r, gmtime_r and
+dnl   localtime_r, as well as AC_TRY_COMPILE tests to
+dnl   determine their signatures.
+dnl
+dnl - Fixed a bug with the init of CFLAGS that was
+dnl   reported by barsnick
+dnl
+dnl Revision 1.25  2002/01/04 15:27:18  oes
+dnl Changed quoting of CODE_STATUS for use in make
+dnl
+dnl Revision 1.24  2001/12/30 14:07:31  steudten
+dnl - Add signal handling (unix)
+dnl - Add SIGHUP handler (unix)
+dnl - Add creation of pidfile (unix)
+dnl - Add action 'top' in rc file (RH)
+dnl - Add entry 'SIGNALS' to manpage
+dnl - Add exit message to logfile (unix)
+dnl
+dnl Revision 1.23  2001/12/09 20:24:42  david__schmidt
+dnl Change from "alpha" to "beta" in configure.in
+dnl
+dnl Revision 1.22  2001/12/01 11:24:01  jongfoster
+dnl Renaming Makefile.in to GNUmakefile.in so that non-GNU versions of
+dnl make break in a more obvious way.
+dnl
+dnl Revision 1.21  2001/11/30 21:35:54  jongfoster
+dnl Bumping version number to 2.9.10
+dnl
+dnl Revision 1.20  2001/10/23 21:24:09  jongfoster
+dnl Support for FEATURE_CGI_EDIT_ACTIONS
+dnl
+dnl Revision 1.19  2001/10/07 15:33:14  oes
+dnl Removed FEATURE_DENY_GZIP
+dnl Bumped up version number
+dnl
+dnl Revision 1.18  2001/09/13 13:10:24  steudten
+dnl
+dnl PreWork for Debug Interface.
+dnl Add new option "--with-debug" to enable debugging (flags aso.)
+dnl
+dnl Revision 1.17  2001/09/12 23:44:55  david__schmidt
+dnl Mac OSX (Darwin) support added.
+dnl
+dnl Revision 1.16  2001/09/12 22:55:45  joergs
+dnl AmigaOS support added.
+dnl
+dnl Revision 1.15  2001/09/12 17:28:59  david__schmidt
+dnl
+dnl OS/2 port: update autoconf'd support for the platform.
+dnl
+dnl Revision 1.14  2001/07/30 22:12:11  jongfoster
+dnl Fixing Solaris build (I hope) and tidying up #defines:
+dnl - All feature #defines are now of the form FEATURE_xxx
+dnl - Permanently turned off WIN_GUI_EDIT
+dnl - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+dnl
+dnl Revision 1.13  2001/07/29 17:09:17  jongfoster
+dnl Major changes to build system in order to fix these bugs:
+dnl - pthreads under Linux was broken - changed -lpthread to -pthread
+dnl - Compiling in MinGW32 mode under CygWin now correctly detects
+dnl   which shared libraries are available
+dnl - Solaris support (?) (Not tested under Solaris yet)
+dnl
+dnl Revision 1.12  2001/07/25 19:16:27  oes
+dnl Bumping version number to 2.9.8
+dnl
+dnl Revision 1.11  2001/07/21 18:00:07  jongfoster
+dnl Bumping version number to 2.9.7
+dnl
+dnl Revision 1.10  2001/07/18 17:25:04  oes
+dnl Fixed a typo
+dnl
+dnl Revision 1.9  2001/07/15 19:45:13  jongfoster
+dnl Added support for linking with POSIX threads library
+dnl
+dnl Revision 1.8  2001/07/15 17:54:29  jongfoster
+dnl Renaming #define STATIC to STATIC_PCRE
+dnl Adding new #define FEATURE_PTHREAD that will be used to enable
+dnl POSIX threads support.
+dnl
+dnl Revision 1.7  2001/07/13 13:58:05  oes
+dnl    Completely reorganized the selection scheme for
+dnl    pcre, pcreposix, pcrs and gnu_regex:
+dnl
+dnl    The presence of shared pcre, pcreposix or pcrs
+dnl    libraried is now autodetected. Additionally, the
+dnl    user can enforce using the built-in static variants
+dnl    by specifying --disable-dynamic-(pcre|pcrs).
+dnl    Care is taken to avoid that pcre is dyn, while pcreposix
+dnl    is static, if both are used and that pcrs is static if
+dnl    pcrs is.
+dnl
+dnl    The choice between pcre, gnu or no regex for actionsfile
+dnl    URL matching is now via
+dnl    --(enable|disable)-regex-matching[=(gnu|pcre|no)] with the
+dnl    default being pcre.
+dnl
+dnl Revision 1.6  2001/06/29 21:56:40  oes
+dnl Version -> 2.9.5
+dnl
+dnl Revision 1.5  2001/06/29 13:26:27  oes
+dnl Introduced #define CODE_STATUS
+dnl
+dnl Revision 1.4  2001/05/29 09:50:24  jongfoster
+dnl Unified blocklist/imagelist/permissionslist.
+dnl File format is still under discussion, but the internal changes
+dnl are (mostly) done.
+dnl
+dnl Also modified interceptor behaviour:
+dnl - We now intercept all URLs beginning with one of the following
+dnl   prefixes (and *only* these prefixes):
+dnl     * http://i.j.b/
+dnl     * http://ijbswa.sf.net/config/
+dnl     * http://ijbswa.sourceforge.net/config/
+dnl - New interceptors "home page" - go to http://i.j.b/ to see it.
+dnl - Internal changes so that intercepted and fast redirect pages
+dnl   are not replaced with an image.
+dnl - Interceptors now have the option to send a binary page direct
+dnl   to the client. (i.e. ijb-send-banner uses this)
+dnl - Implemented show-url-info interceptor.  (Which is why I needed
+dnl   the above interceptors changes - a typical URL is
+dnl   "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+dnl   The previous mechanism would not have intercepted that, and
+dnl   if it had been intercepted then it then it would have replaced
+dnl   it with an image.)
+dnl
+dnl Revision 1.3  2001/05/22 18:46:04  oes
+dnl
+dnl - Enabled filtering banners by size rather than URL
+dnl   by adding patterns that replace all standard banner
+dnl   sizes with the "Junkbuster" gif to the re_filterfile
+dnl
+dnl - Enabled filtering WebBugs by providing a pattern
+dnl   which kills all 1x1 images
+dnl
+dnl - Added support for PCRE_UNGREEDY behaviour to pcrs,
+dnl   which is selected by the (nonstandard and therefore
+dnl   capital) letter 'U' in the option string.
+dnl   It causes the quantifiers to be ungreedy by default.
+dnl   Appending a ? turns back to greedy (!).
+dnl
+dnl - Added a new interceptor ijb-send-banner, which
+dnl   sends back the "Junkbuster" gif. Without imagelist or
+dnl   MSIE detection support, or if tinygif = 1, or the
+dnl   URL isn't recognized as an imageurl, a lame HTML
+dnl   explanation is sent instead.
+dnl
+dnl - Added new feature, which permits blocking remote
+dnl   script redirects and firing back a local redirect
+dnl   to the browser.
+dnl   The feature is conditionally compiled, i.e. it
+dnl   can be disabled with --disable-fast-redirects,
+dnl   plus it must be activated by a "fast-redirects"
+dnl   line in the config file, has its own log level
+dnl   and of course wants to be displayed by show-proxy-args
+dnl   Note: Boy, all the #ifdefs in 1001 locations and
+dnl   all the fumbling with configure.in and acconfig.h
+dnl   were *way* more work than the feature itself :-(
+dnl
+dnl - Because a generic redirect template was needed for
+dnl   this, tinygif = 3 now uses the same.
+dnl
+dnl - Moved GIFs, and other static HTTP response templates
+dnl   to project.h
+dnl
+dnl - Some minor fixes
+dnl
+dnl - Removed some >400 CRs again (Jon, you really worked
+dnl   a lot! ;-)
+dnl
+dnl Revision 1.2  2001/05/20 01:21:20  jongfoster
+dnl Version 2.9.4 checkin.
+dnl - Merged popupfile and cookiefile, and added control over PCRS
+dnl   filtering, in new "permissionsfile".
+dnl - Implemented LOG_LEVEL_FATAL, so that if there is a configuration
+dnl   file error you now get a message box (in the Win32 GUI) rather
+dnl   than the program exiting with no explanation.
+dnl - Made killpopup use the PCRS MIME-type checking and HTTP-header
+dnl   skipping.
+dnl - Removed tabs from "config"
+dnl - Moved duplicated url parsing code in "loaders.c" to a new funcition.
+dnl - Bumped up version number.
+dnl
+dnl Revision 1.1.1.1  2001/05/15 13:58:50  oes
+dnl Initial import of version 2.9.3 source tree
+dnl
+dnl 
+
+
+dnl =================================================================
+dnl AutoConf Initialization
+dnl =================================================================
+
+AC_REVISION($Revision: 1.126 $)
+AC_INIT(jcc.c)
+
+if test ! -f config.h.in; then
+   echo "You need to run autoheader first. "
+   echo -n "Shall I do this for you now? (y/n) "
+   read answer
+   if test "$answer" != "y"; then
+      exit 1
+   else
+      autoheader
+  fi
+fi  
+
+AC_CONFIG_HEADER([config.h])
+AC_CANONICAL_HOST
+
+dodk=auto
+DKPREFIX=none
+AC_ARG_WITH(docbook, dnl
+  --with-docbook=[[yes|no|directory]]	
+                           Enable docbook documentation creation 
+			   (default = yes, for gnu and linux),[dnl
+case "$with_docbook" in
+yes) dodk=yes;;
+no) dodk=no;;
+*) 
+	dodk=yes
+	DKPREFIX=$withval
+	;;
+esac
+])
+DB2HTML=false
+AC_ARG_WITH(db2html, dnl
+  --with-db2html=<path/executable>
+                          Set the location of the docbook to html converter
+                          (default = search),[dnl
+DB2HTML=$withval
+])
+
+dnl =================================================================
+dnl Application version number
+dnl =================================================================
+
+VERSION_MAJOR=3
+VERSION_MINOR=0
+VERSION_POINT=12
+CODE_STATUS="stable"
+
+dnl CODE_STATUS can be "alpha", "beta", or "stable", and will be
+dnl used for CGI output. Set version to 0.0.0 and status to "UNRELEASED"
+dnl whenever CVS in a stable branch differs from the last release.
+
+dnl =================================================================
+dnl Substitute the version numbers
+dnl =================================================================
+
+AC_SUBST(VERSION_MAJOR)
+AC_SUBST(VERSION_MINOR)
+AC_SUBST(VERSION_POINT)
+AC_SUBST(CODE_STATUS)
+
+dnl
+AC_DEFINE_UNQUOTED(VERSION_MAJOR,${VERSION_MAJOR})
+AC_DEFINE_UNQUOTED(VERSION_MINOR,${VERSION_MINOR})
+AC_DEFINE_UNQUOTED(VERSION_POINT,${VERSION_POINT})
+AC_DEFINE_UNQUOTED(VERSION,"${VERSION_MAJOR}.${VERSION_MINOR}.${VERSION_POINT}")
+AC_DEFINE_UNQUOTED(CODE_STATUS,"${CODE_STATUS}")
+
+dnl =================================================================
+dnl Checks for programs needed to build.
+dnl =================================================================
+
+dnl Keep AC_PROG_CC from setting its own defaults:
+if test "X$CFLAGS" = "X"; then
+   CFLAGS=" "
+fi
+
+AC_PROG_CC
+AC_PROG_CPP
+AC_PROG_INSTALL
+AC_PROG_LN_S
+AC_PROG_MAKE_SET
+AC_PROG_AWK
+
+AC_CHECK_PROG(GDB,gdb,yes,no)
+AC_PATH_PROG(BGROUPS,groups,no,/bin:/usr/bin:/usr/local/bin)
+AC_PATH_PROG(ID,id,no,/bin:/usr/bin:/usr/local/bin)
+AC_SUBST(ID)
+AC_SUBST(BGROUPS)
+
+dnl =================================================================
+dnl debug, gcc and gdb support 
+dnl =================================================================
+
+AC_ARG_WITH(debug,
+        [  --with-debug            Enable debug mode],
+        [
+                if test "x$withval" != "xno" ; then
+                    if test $ac_cv_prog_cc_g = yes; then
+                      if test "$GCC" = yes; then
+                        if test "$GDB"; then
+                          CFLAGS="$CFLAGS -ggdb"
+                        else
+                          CFLAGS="$CFLAGS -g"
+                        fi
+                        CFLAGS="$CFLAGS -Wshadow  -Wconversion"
+                      else
+                        CFLAGS="$CFLAGS -g"
+                      fi
+                   fi
+                fi
+        ],
+        [
+            if test "X$CFLAGS" = "X "; then # if CFLAGS were unset (see above)
+              if test "$GCC" = yes; then
+                CFLAGS="-O2"
+              fi
+            fi
+        ]
+)
+
+dnl =================================================================
+dnl Check for user and group validity
+dnl =================================================================
+
+
+if test "$EMXOS2" = yes; then
+  echo "Skipping user and group validity stuff.";
+
+else
+
+  $ID privoxy >/dev/null 2>/dev/null
+  if test $? -ne 0 ; then
+   AC_MSG_WARN(There is no user 'privoxy' on this system)
+  fi
+  AC_MSG_CHECKING([for user])
+  AC_ARG_WITH(user,
+        [  --with-user=privoxy          Set user under which privoxy will run],
+        [
+                if test "x$withval" != "xyes"; then
+                  if test $ID = no ; then
+                    AC_MSG_ERROR(There is no 'id' program on this system)
+                  else
+                    AC_MSG_RESULT($with_user)
+                    $ID $with_user 2>/dev/null >/dev/null
+                    if test $? -eq 0 ; then
+                      USER=$with_user;
+                    else
+                      AC_MSG_ERROR(There is no user '$with_user' on this system)
+                    fi
+                  fi
+                  else
+                   AC_MSG_ERROR(We need a user if you give me this parameter)
+                fi
+        ],
+        [
+          if test $ID = no ; then
+            AC_MSG_ERROR(There is no 'id' programm on this system)
+          else
+            AC_MSG_RESULT(none specified)
+            USER=$with_user
+          fi
+        ]
+  )
+  AC_SUBST(USER)
+
+  AC_MSG_CHECKING([for group])
+  AC_ARG_WITH(group,
+        [  --with-group=privoxy         Set group for privoxy],
+        [ 
+                if test "x$withval" != "xyes"; then
+                  if test $BGROUPS = no ; then
+                    AC_MSG_ERROR(There is no 'groups' program on this system)
+                  else
+                    AC_MSG_RESULT($with_group)
+                    $BGROUPS $USER >/dev/null
+                    if test $? -eq 0 ; then
+                    # FIXME: this fails if valid group, but not first group
+                    # listed.
+                      if test "$with_group" != "`$BGROUPS $USER | sed 's/.*: //' 2>/dev/null |$AWK '{print $1}'`" ; then
+                        AC_MSG_ERROR(The given value '$withval' does not match group entry)
+                      else
+                        GROUP=$with_group;
+                      fi
+                    else
+                      AC_MSG_ERROR(There is no group entry for user '$USER')
+                    fi
+                  fi
+                else
+                   AC_MSG_ERROR(We need a group if you give me this parameter)
+                fi
+        ],
+        [
+          if test $BGROUPS = no ; then
+            AC_MSG_ERROR(There is no 'groups' programm on this system)
+          else
+            AC_MSG_RESULT(none specified)
+            GROUP=$with_group;
+          fi
+        ]
+  )
+  AC_SUBST(GROUP)
+
+fi
+
+dnl =================================================================
+dnl additional gcc flags
+dnl =================================================================
+dnl 
+if test "$GCC"; then
+  if test "$host" != "powerpc-unknown-amigaos"; then
+    CFLAGS="-pipe $CFLAGS"
+  fi
+fi
+
+
+dnl =================================================================
+dnl Build type
+dnl =================================================================
+dnl
+dnl Must do this first.
+dnl
+dnl Reason: This sets CFLAGS in order to switch the Cygwin compiler
+dnl into Cygwin or MinGW32 modes.  Depending on the mode selected,
+dnl the compiler will use completely different sets of library
+dnl and include files.
+dnl 
+dnl =================================================================
+
+AC_MINGW32
+AC_CYGWIN
+
+if test "$MINGW32" = "yes"; then
+  target_type=mingw
+else
+  if test "$CYGWIN" = "yes"; then
+    target_type=cygwin
+  else
+    target_type=unix
+  fi
+fi
+
+if test $dodk = auto; then
+	dodk=no
+	if test $target_type = unix; then
+		case "$host_os" in
+		linux* | gnu*)
+			dodk=yes
+		;;
+		esac
+	fi
+fi
+
+dnl Decide what to do based on target_type
+dnl Note: PTHREAD_LIB is always set, even if pthread is disabled.
+dnl This is because we don't know yet whether pthread is enabled.
+
+AC_ARG_ENABLE(mingw32,
+[  --enable-mingw32                Use mingw32 for a Windows GUI],
+[if test $enableval = yes; then
+  target_type=mingw
+fi])
+
+if test $target_type = mingw; then
+  WIN_ONLY=
+  SPECIAL_CFLAGS="-mwindows -mno-cygwin"
+  PTHREAD_LIB=-lpthreadGC
+  echo "Using mingw32 (Win32 GUI)"
+else
+  WIN_ONLY=#
+  if test $target_type = cygwin; then
+    SPECIAL_CFLAGS="-mno-win32"
+    PTHREAD_LIB=
+    echo "Using Cygnus (Win32 command line)"
+  else
+    SPECIAL_CFLAGS=
+    PTHREAD_LIB=-lpthread
+  fi
+fi
+AC_SUBST(WIN_ONLY)
+
+dnl Checking which text html browser we have avaliable
+if test $dodk != no; then
+	AC_CHECK_PROGS(WDUMP,w3m lynx links,false)
+	if test "$WDUMP" = false; then
+		AC_MSG_WARN(You need some kind of text browser to build documentation \(w3m, lynx and links are supported\))
+	fi
+	if test $DB2HTML = false; then
+		dnl We need to clean the variable, otherwise AC_CHECK_PROGS
+		dnl will fail	
+		DB2HTML=""
+		AC_CHECK_PROGS(DB2HTML,db2html docbook2html,false)
+	fi
+fi
+AC_SUBST(WDUMP)
+AC_SUBST(DB2HTML)
+
+dnl If we use rpm, we need to check where %_topdir is
+AC_CHECK_PROGS(RPMBIN,rpm,false)
+if test $RPMBIN != false; then
+		RPM_BASE=`rpm --eval "%{_topdir}"`
+		if test "$RPM_BASE" = ""; then
+			RPM_BASE=/usr/src/redhat
+		fi
+fi
+AC_SUBST(RPM_BASE)
+
+dnl Check for jade, so we can build the documentation
+AC_CHECK_PROGS(JADEBIN,jade openjade,false)
+AC_SUBST(JADEBIN)
+
+dnl Check for man2html for docs.
+AC_CHECK_PROGS(MAN2HTML,man2html,false)
+AC_SUBST(MAN2HTML)
+
+dnl Set doc status flag for conditional content inclusions
+DOC_STATUS=p-not-stable
+if  test $CODE_STATUS = stable; then
+     DOC_STATUS="p-stable"
+fi
+AC_SUBST(DOC_STATUS)
+
+dnl Checking for the docbook.dsl stylesheet file
+dnl It is still not portable (directory slash)
+JADECAT=""
+if test $dodk = yes; then
+  if test $DKPREFIX = none; then
+    for i in /usr/share/sgml/docbook/dsssl-stylesheets \
+             /usr/share/sgml/docbkdsl /usr/share/sgml/docbook-dsssl \
+             /usr/local/share/sgml/docbook/dsssl/modular \
+             /usr/share/sgml/docbook/stylesheet/dsssl/modular/ \
+             ; do
+dnl  echo -n does not fly with /bin/sh.
+dnl      echo -n "checking for $i/html/docbook.dsl..."
+      AC_MSG_CHECKING([for $i])
+      if test -f $i/html/docbook.dsl; then
+        echo "yes"
+        DKPREFIX=$i
+        break
+      else
+        echo "no"
+      fi
+    done
+# where are the catalogs?
+    for i in /usr/share/sgml/CATALOG.docbk30 \
+             /usr/share/sgml/CATALOG.docbk31 \
+             /usr/share/sgml/CATALOG.docbk31 \
+             /usr/local/share/sgml/docbook/3.0/docbook.cat \
+             /usr/local/share/sgml/docbook/3.1/docbook.cat \
+             /usr/share/sgml/docbook/dtd/3.1/docbook.cat \
+             ; do
+dnl     echo -n "checking for $i..."
+      AC_MSG_CHECKING([for $i])
+      if test -f $i; then
+        echo "yes"
+        JADECAT="$JADECAT -c $i"
+      else
+        echo "no"
+      fi
+    done
+  fi
+fi
+AC_SUBST(JADECAT)
+AC_SUBST(DKPREFIX)
+
+dnl Save old CFLAGS so we can restore them later, then add SPECIAL_CFLAGS
+old_CFLAGS_nospecial=$CFLAGS
+CFLAGS="$CFLAGS $SPECIAL_CFLAGS"
+
+# Hack to force AutoConf to use the CFLAGS we just set
+dnl Warning: This may break with a future version of Autoconf
+dnl          Tested with autoconf 2.13
+ac_cpp='$CPP $CPPFLAGS $SPECIAL_CFLAGS'
+ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
+ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
+
+
+dnl =================================================================
+dnl Thread support
+dnl =================================================================
+
+AC_CHECK_HEADER(pthread.h, [have_pthread=yes], [have_pthread=no])
+
+AC_ARG_ENABLE(pthread,
+[  --disable-pthread               Don't use POSIX threads (pthreads)],
+[if test $enableval = no; then
+  # Disable pthreads
+  if test $have_pthread = yes; then
+     AC_MSG_WARN([pthreads seem to be available but you are using --disable-pthread.]) 
+     AC_MSG_WARN([This is almost always a mistake and can render Privoxy unacceptable slow.])
+  fi
+  have_pthread=no
+fi])
+
+if test $have_pthread = yes; then
+  PTHREAD_ONLY=
+  AC_DEFINE(FEATURE_PTHREAD)
+  echo Using POSIX threads
+  if test "$GCC" = "yes"; then
+    # Set a GCC specific switch:
+    if test "$target_type" = "unix"; then
+      ac_jgf_save_CFLAGS=$CFLAGS
+      CFLAGS="$CFLAGS -pthread"
+      AC_TRY_LINK([#include <pthread.h>],
+        [void *p = pthread_create;],
+        [
+          # This compiler switch makes GCC on Linux thread-safe
+          # However, it's not supported on most other OS.
+          PTHREAD_LIB=
+          SPECIAL_CFLAGS="-pthread"
+        ])
+      CFLAGS=$ac_jgf_save_CFLAGS
+    fi
+  fi
+else
+  PTHREAD_ONLY=#
+  echo Using native threads
+fi
+
+AC_SUBST(PTHREAD_ONLY)
+
+dnl =================================================================
+dnl Support for thread-safe versions of gethostbyaddr, gethostbyname,
+dnl gmtime and localtime
+dnl =================================================================
+
+dnl Next line needed to find the gethost*_r functions on Solaris
+AC_CHECK_LIB(nsl, gethostbyname)
+
+AC_CHECK_FUNC(gethostbyaddr_r, [
+  AC_MSG_CHECKING([signature of gethostbyaddr_r])
+  AC_TRY_COMPILE([
+#   include <netdb.h>
+  ], [
+    struct hostent *h, *hp;
+    char *a, *b;
+    int l, bl, t, e;
+    (void) gethostbyaddr_r(a, l, t, h, b, bl, &hp, &e)
+  ], [
+    AC_DEFINE(HAVE_GETHOSTBYADDR_R_8_ARGS)
+    AC_MSG_RESULT([8 args])
+  ], [
+    AC_TRY_COMPILE([
+#     include <netdb.h>
+    ], [
+      struct hostent *h;
+      char *a, *b;
+      int l, bl, t, e;
+      (void) gethostbyaddr_r(a, l, t, h, b, bl, &e)
+    ], [
+      AC_DEFINE(HAVE_GETHOSTBYADDR_R_7_ARGS)
+      AC_MSG_RESULT([7 args])
+    ], [
+      AC_TRY_COMPILE([
+#       include <netdb.h>
+      ], [
+        struct hostent_data *d;
+        struct hostent *h;
+        char a,
+        int l, t;
+        (void) gethostbyaddr_r(a, l, t, h, d)
+      ], [
+        AC_DEFINE(HAVE_GETHOSTBYADDR_R_5_ARGS)
+        AC_MSG_RESULT([5 args])
+      ], [
+        AC_MSG_RESULT(unrecognised)
+      ])
+    ])
+  ])
+], [
+  AC_MSG_RESULT(no)
+])
+
+AC_CHECK_FUNC(gethostbyname_r, [
+  AC_MSG_CHECKING([signature of gethostbyname_r])
+  AC_TRY_COMPILE([
+#   include <netdb.h>
+  ], [
+    struct hostent *h, *r;
+    char *n, *b;
+    int bl, e;
+    (void) gethostbyname_r(n, h, b, bl, &r, &e)
+  ], [
+    AC_DEFINE(HAVE_GETHOSTBYNAME_R_6_ARGS)
+    AC_MSG_RESULT([6 args])
+  ], [
+    AC_TRY_COMPILE([
+#     include <netdb.h>
+    ], [
+      struct hostent *h;
+      char *n, *b;
+      int bl, e;
+      (void) gethostbyname_r(n, h, b, bl, &e)
+    ], [
+      AC_DEFINE(HAVE_GETHOSTBYNAME_R_5_ARGS)
+      AC_MSG_RESULT([5 args])
+    ], [
+      AC_TRY_COMPILE([
+#       include <netdb.h>
+      ], [
+        struct hostent_data *d;
+        struct hostent *h;
+        char *n,
+        (void) gethostbyname_r(n, h, d)
+      ], [
+        AC_DEFINE(HAVE_GETHOSTBYNAME_R_3_ARGS)
+        AC_MSG_RESULT([3 args])
+      ], [
+        AC_MSG_RESULT(unrecognised)
+      ])
+    ])
+  ])
+], [
+  AC_MSG_RESULT(no)
+])
+
+AC_CHECK_FUNC(gmtime_r, [
+  AC_MSG_CHECKING([signature of gmtime_r])
+  AC_TRY_COMPILE([
+#   include <time.h>
+  ], [
+    struct time *t;
+    struct tm *tm;
+    (void) gmtime_r(t, tm)
+  ], [
+    AC_MSG_RESULT(ok)
+    AC_DEFINE(HAVE_GMTIME_R)
+  ], [
+    AC_MSG_RESULT(unrecognised)
+  ])
+], [
+  AC_MSG_RESULT(no)
+])
+
+AC_CHECK_FUNC(localtime_r, [
+  AC_MSG_CHECKING([signature of localtime_r])
+  AC_TRY_COMPILE([
+#   include <time.h>
+  ], [
+    struct time *t;
+    struct tm *tm;
+    (void) localtime_r(t, tm)
+  ], [
+    AC_MSG_RESULT(ok)
+    AC_DEFINE(HAVE_LOCALTIME_R)
+  ], [
+    AC_MSG_RESULT(unrecognised)
+  ])
+], [
+  AC_MSG_RESULT(no)
+])
+
+dnl =================================================================
+dnl Solaris specific
+dnl FIXME: Not tested on Solaris yet...
+dnl ISFIXED: Have tested it on Solaris, but there are other ways to
+dnl 	make these checks generic, e.g.:
+dnl AC_CHECK_FUNC(getsockopt, , AC_CHECK_LIB(socket, getsockopt))
+dnl	(Moritz Barsnick <moritz at barsnick.net>)
+dnl =================================================================
+
+
+SOCKET_LIB=
+
+case "$host" in
+*-solaris*) SOCKET_LIB="-lsocket -lnsl"
+            AC_DEFINE(__EXTENSIONS__)
+            if test "$GCC" = "yes"; then
+              # Set a GCC specific switch:
+              # This compiler switch makes Solaris thread-safe
+              PTHREAD_LIB=
+              SPECIAL_CFLAGS="-pthreads"
+            else
+              # What do we do without GCC? Guess this:
+              SPECIAL_CFLAGS="-D_REENTRANT"
+            fi
+;;
+esac
+
+AC_SUBST(SOCKET_LIB)
+
+dnl =================================================================
+dnl Solaris problem, and others perhaps (socklen_t is undefined)
+dnl =================================================================
+
+AC_MSG_CHECKING([for socklen_t])
+AC_EGREP_HEADER(socklen_t, sys/socket.h, AC_MSG_RESULT([yes]),
+	AC_MSG_RESULT([no])
+	AC_DEFINE(socklen_t,int,
+		[ Define to 'int' if <sys/socket.h> doesn't have it. ]))
+
+
+dnl =================================================================
+dnl OS/2 specific
+dnl =================================================================
+
+case "$host" in
+*-os2-emx*) SOCKET_LIB=-lsocket
+;;
+esac
+
+AC_SUBST(SOCKET_LIB)
+
+dnl =================================================================
+dnl Mac OSX specific
+dnl =================================================================
+    
+case "$host" in
+*-apple-darwin*) SPECIAL_CFLAGS="-Dunix"
+;;  
+esac
+
+dnl =================================================================
+dnl OpenBSD specific
+dnl =================================================================
+
+case "$host" in
+*-openbsd*) SPECIAL_CFLAGS="$SPECIAL_CFLAGS -Dunix"
+;;
+esac
+
+dnl =================================================================
+dnl AmigaOS specific
+dnl =================================================================
+
+AMIGAOS_ONLY=#
+
+case "$host" in
+*-amigaos) AMIGAOS_ONLY=
+;;
+esac
+
+AC_SUBST(AMIGAOS_ONLY)
+
+dnl =================================================================
+dnl Check for standard compiler stuff
+dnl =================================================================
+
+AC_EXEEXT
+AC_OBJEXT
+AC_HEADER_STDC
+AC_HEADER_DIRENT
+AC_C_CONST
+AC_TYPE_SIZE_T
+AC_TYPE_PID_T
+AC_HEADER_TIME
+AC_STRUCT_TM
+AC_CHECK_SIZEOF(int, 4)
+AC_CHECK_SIZEOF(char *, 4)
+AC_CHECK_SIZEOF(long, 4)
+AC_CHECK_SIZEOF(long long, 8)
+AC_CHECK_SIZEOF(size_t, 4)
+
+dnl Checks for header files.
+dnl AC_HEADER_SYS_WAIT
+dnl AC_CHECK_HEADERS(fcntl.h limits.h malloc.h sys/time.h unistd.h)
+AC_CHECK_HEADERS([OS.h arpa/inet.h errno.h fcntl.h limits.h locale.h netdb.h netinet/in.h stddef.h stdlib.h string.h sys/ioctl.h sys/socket.h sys/time.h sys/timeb.h sys/wait.h unistd.h])
+
+dnl Checks for library functions.
+dnl AC_TYPE_SIGNAL
+dnl AC_CHECK_FUNC(strstr)
+dnl bcopy and memmove are for PCRE
+AC_CHECK_FUNCS([strerror bcopy memmove])
+AC_PROG_GCC_TRADITIONAL
+dnl uncommenting does not work for swa. suse linux
+dnl AC_FUNC_MALLOC
+AC_FUNC_SETPGRP
+AC_TYPE_SIGNAL
+dnl uncommenting does not work for swa. suse linux
+dnl AC_FUNC_STAT
+AC_CHECK_FUNCS([access atexit getcwd gethostbyaddr gethostbyaddr_r gethostbyname gethostbyname_r gettimeofday inet_ntoa localtime_r memchr memmove memset poll putenv random regcomp select setlocale snprintf socket strchr strdup strerror strftime strlcat strlcpy strptime strstr strtoul timegm tzset])
+
+
+dnl =================================================================
+dnl Checks for libraries.
+dnl =================================================================
+dnl Note: Some systems may have the library but not the system header
+dnl       file, so we must check for both.
+dnl       Also check for correct version
+AC_CHECK_LIB(pcre, pcre_compile, [
+   AC_CHECK_HEADER(pcre.h, [
+      AC_EGREP_HEADER(pcre_fullinfo, pcre.h, [have_pcre=yes], [AC_MSG_WARN([[pcre old version installed]]); have_pcre=no])
+   ], [
+      AC_CHECK_HEADER(pcre/pcre.h, [
+         AC_EGREP_HEADER(pcre_fullinfo, pcre/pcre.h, [have_pcre=yes]; [AC_DEFINE(PCRE_H_IN_SUBDIR)], [AC_MSG_WARN([[pcre old version installed]]); have_pcre=no])
+      ], [have_pcre=no])
+   ])
+], [have_pcre=no])
+ 
+AC_CHECK_LIB(pcreposix, regcomp, [
+   AC_CHECK_HEADER(pcreposix.h, [
+      AC_EGREP_HEADER(pcreposix_regerror, pcreposix.h, [AC_MSG_WARN([[pcreposix old version installed]]); have_pcreposix=no], [have_pcreposix=yes])
+   ], [
+      AC_CHECK_HEADER(pcre/pcreposix.h, [
+         AC_EGREP_HEADER(pcreposix_regerror, pcre/pcreposix.h, [AC_MSG_WARN([[pcreposix old version installed]]); have_pcreposix=no], [have_pcreposix=yes]; [AC_DEFINE(PCREPOSIX_H_IN_SUBDIR)])
+      ], [have_pcreposix=no])
+   ])
+], [have_pcreposix=no], -lpcre) 
+
+dnl ================================================================
+dnl libpcrs is temporarily disabled.
+dnl
+dnl Privoxy's own pcrs version fixes some problems that
+dnl are present in libpcrs 0.3, the last pcrs release we
+dnl know of, and as libpcrs seems to be currently unmaintained
+dnl we can't send these fixes upstream.
+dnl ================================================================
+dnl
+dnl AC_CHECK_LIB(pcrs, pcrs_compile, [AC_CHECK_HEADER(pcrs.h, [have_pcrs=yes], [have_pcrs=no])], [have_pcrs=no], -lpcre)
+
+dnl =================================================================
+dnl Always defined
+dnl =================================================================
+
+AC_DEFINE(__MT__)
+
+dnl =================================================================
+dnl Features
+dnl =================================================================
+
+AC_ARG_ENABLE(toggle,
+[  --disable-toggle                Don't support temporary disable],
+[if test $enableval = yes; then
+  AC_DEFINE(FEATURE_TOGGLE)
+fi],AC_DEFINE(FEATURE_TOGGLE))
+
+AC_ARG_ENABLE(force,
+[  --disable-force                 Don't allow single-page disable],
+[if test $enableval = yes; then
+  AC_DEFINE(FEATURE_FORCE_LOAD)
+fi],AC_DEFINE(FEATURE_FORCE_LOAD))
+
+AC_ARG_ENABLE(fast-redirects,
+[  --disable-fast-redirects        Don't support fast redirects],
+[if test $enableval = yes; then
+  AC_DEFINE(FEATURE_FAST_REDIRECTS)
+fi], AC_DEFINE(FEATURE_FAST_REDIRECTS))
+
+AC_ARG_ENABLE(stats,
+[  --disable-stats                 Don't keep statistics],
+[if test $enableval = yes; then
+  AC_DEFINE(FEATURE_STATISTICS)
+fi],AC_DEFINE(FEATURE_STATISTICS))
+
+AC_ARG_ENABLE(ie-images,
+[  --enable-ie-images              Enable a quick but not always reliable auto-detect whether requests from
+                                  MS Internet Explorer are for an image or not.],
+[if test $enableval = yes; then
+  AC_DEFINE(FEATURE_IMAGE_DETECT_MSIE)
+fi],)
+
+AC_ARG_ENABLE(image-blocking,
+[  --disable-image-blocking        Don't try to figure out whether a request is 
+                                  for an image or HTML - assume HTML.],
+[if test $enableval = yes; then
+  AC_DEFINE(FEATURE_IMAGE_BLOCKING)
+fi],
+AC_DEFINE(FEATURE_IMAGE_BLOCKING))
+
+AC_ARG_ENABLE(acl-files,
+[  --disable-acl-files             Prevents the use of ACL files to control access to
+                                  Privoxy by IP address.],
+[if test $enableval = yes; then
+  AC_DEFINE(FEATURE_ACL)
+fi],
+AC_DEFINE(FEATURE_ACL))
+
+AC_ARG_ENABLE(trust-files,
+[  --disable-trust-files           Prevents the use of trust files.],
+[if test $enableval = yes; then
+  AC_DEFINE(FEATURE_TRUST)
+fi],
+AC_DEFINE(FEATURE_TRUST))
+
+AC_ARG_ENABLE(editor,
+[  --disable-editor                Prevents the use of the web-based actions file
+                                  editor and web-based temporary disable setting.],
+[if test $enableval = yes; then
+  AC_DEFINE(FEATURE_CGI_EDIT_ACTIONS)
+fi],
+AC_DEFINE(FEATURE_CGI_EDIT_ACTIONS))
+
+AC_ARG_ENABLE(no-gifs,
+[  --enable-no-gifs                Use politically correct PNG format instead of GIF
+                                  for built-in images. May not work with all browsers.],
+[if test $enableval = yes; then
+  AC_DEFINE(FEATURE_NO_GIFS)
+fi])
+
+AC_ARG_ENABLE(graceful-termination,
+[  --enable-graceful-termination   Allow to shutdown Privoxy through the webinterface.],
+[if test $enableval = yes; then
+  AC_DEFINE(FEATURE_GRACEFUL_TERMINATION)
+fi])
+
+AC_ARG_ENABLE(extended-host-patterns,
+[  --enable-extended-host-patterns Allow extended regular expressions in host patterns.],
+[if test $enableval = yes; then
+  AC_DEFINE(FEATURE_EXTENDED_HOST_PATTERNS)
+fi])
+
+dnl pcre/pcrs is needed for CGI anyway, so
+dnl the choice is only between static and
+dnl dynamic:
+
+AC_ARG_ENABLE(dynamic-pcre,
+[  --disable-dynamic-pcre          Use the built-in, static pcre, even if libpcre is available],
+[ if test $enableval = "no"; then have_pcre=no; fi ])
+
+dnl =================================================
+dnl libpcrs is temporarily disabled,
+dnl see comment above for the reason.
+dnl =================================================
+dnl AC_ARG_ENABLE(dynamic-pcrs,
+dnl [  --disable-dynamic-pcrs          Use the built-in, static pcrs, even if libpcrs is available],
+dnl [ if test $enableval = "no"; then have_pcrs=no; fi ])
+
+
+dnl ====================================================
+dnl This check is incomplete. For mingw32 zlib is found
+dnl by configure, but not necessarily by the compiler.
+dnl ====================================================
+AC_ARG_ENABLE(zlib,
+[  --disable-zlib                  Don't use zlib to decompress data before filtering.],
+[enableval2=$enableval],
+[enableval2=yes])
+if test $enableval2 = yes; then
+  AC_CHECK_LIB(z, zlibVersion, [have_zlib="yes"], [have_zlib="no"])
+  if test $have_zlib = "yes"; then
+    LIBS="$LIBS -lz"
+    AC_DEFINE(FEATURE_ZLIB,1,[Define to 1 to use compression through the zlib library.])
+  else
+   AC_MSG_WARN([No zlib found.
+   Privoxy will not be able to filter compressed content.
+   This may become a fatal error in the future.])
+  fi  
+fi
+
+
+# If we have libpcre and either we also have pcreposix or
+# we don't need pcreposix, then link pcre dynamically; else
+# build it and link statically
+#
+if test $have_pcre = "yes"; then
+  echo "using libpcre"
+  pcre_dyn=yes
+  STATIC_PCRE_ONLY=#
+  LIBS="$LIBS -lpcre -lpcreposix"
+else
+  AC_MSG_WARN([You are using the static PCRE code which is scheduled for removal, for details see: 
+    https://sourceforge.net/mailarchive/message.php?msg_id=20080511195555.2dc6cfdc%40fabiankeil.de])
+  pcre_dyn=no
+  AC_DEFINE(STATIC_PCRE)
+  STATIC_PCRE_ONLY=
+fi
+
+if test $have_pthread = "yes" -o $target_type = "mingw"; then
+  echo Enabling keep-alive support for outgoing connections.
+  AC_DEFINE(FEATURE_CONNECTION_KEEP_ALIVE)
+fi
+
+dnl =================================================
+dnl libpcrs is temporarily disabled,
+dnl see comment above for the reason.
+dnl =================================================
+dnl # If we have libpcrs and pcre is linked dynamically
+dnl # then also link pcrs dynamically, else build and link
+dnl # pcrs statically
+dnl
+dnl if test $have_pcrs = "yes" -a $pcre_dyn = "yes"; then
+dnl  echo "using libpcrs"
+dnl  STATIC_PCRS_ONLY=#
+dnl  LIBS="$LIBS -lpcrs"
+dnl else
+dnl  echo "using built-in static pcrs"
+  AC_DEFINE(STATIC_PCRS)
+  STATIC_PCRS_ONLY=
+dnl fi
+
+AC_SUBST(STATIC_PCRE_ONLY)
+AC_SUBST(STATIC_PCRS_ONLY)
+
+dnl =================================================================
+dnl Final cleanup and output
+dnl =================================================================
+
+dnl Remove the SPECIAL_CFLAGS stuff from CFLAGS, and add it seperately
+dnl in the Makefile
+CFLAGS=$old_CFLAGS_nospecial
+AC_SUBST(SPECIAL_CFLAGS)
+
+AC_SUBST(PTHREAD_LIB)
+
+AC_OUTPUT(GNUmakefile doc/source/ldp.dsl)
diff --git a/external/privoxy/cygwin.h b/external/privoxy/cygwin.h
new file mode 100644
index 0000000..526f8d0
--- /dev/null
+++ b/external/privoxy/cygwin.h
@@ -0,0 +1,80 @@
+#ifndef CYGWIN_H_INCLUDED
+#define CYGWIN_H_INCLUDED
+#define CYGWIN_H_VERSION "$Id: cygwin.h,v 1.6 2006/07/18 14:48:45 david__schmidt Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/cygwin.h,v $
+ *
+ * Purpose     :  The windows.h file seems to be a *tad* different, so I
+ *                will bridge the gaps here.  Perhaps I should convert the
+ *                latest SDK too?  Shudder, I think not.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: cygwin.h,v $
+ *    Revision 1.6  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.4  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.3  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.2  2001/07/29 18:43:08  jongfoster
+ *    Changing #ifdef _FILENAME_H to FILENAME_H_INCLUDED, to conform to
+ *    ANSI C rules.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:51  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+/* Conditionally include this whole file. */
+#ifdef __MINGW32__
+
+/* Hmmm, seems to be overlooked. */
+#define _RICHEDIT_VER 0x0300
+
+/*
+ * Named slightly different ... but not in Cygwin v1.3.1 ...
+ *
+ * #define LVITEM   LV_ITEM
+ * #define LVCOLUMN LV_COLUMN
+ */
+
+#endif /* def __MINGW32__ */
+#endif /* ndef CYGWIN_H_INCLUDED */
+
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/deanimate.c b/external/privoxy/deanimate.c
new file mode 100644
index 0000000..01fc97c
--- /dev/null
+++ b/external/privoxy/deanimate.c
@@ -0,0 +1,554 @@
+const char deanimate_rcs[] = "$Id: deanimate.c,v 1.19 2008/05/21 15:29:35 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/deanimate.c,v $
+ *
+ * Purpose     :  Declares functions to manipulate binary images on the
+ *                fly.  High-level functions include:
+ *                  - Deanimation of GIF images
+ *                
+ *                Functions declared include: gif_deanimate, buf_free,
+ *                buf_copy,  buf_getbyte, gif_skip_data_block
+ *                and gif_extract_image
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 - 2004, 2006 by the
+ *                SourceForge Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the GIF file format specification (see
+ *                http://tronche.com/computer-graphics/gif/gif89a.html)
+ *                and ideas from the Image::DeAnim Perl module by
+ *                Ken MacFarlane, <ksm+cpan at universal.dca.net>
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: deanimate.c,v $
+ *    Revision 1.19  2008/05/21 15:29:35  fabiankeil
+ *    Fix gcc43 warnings.
+ *
+ *    Revision 1.18  2008/03/28 15:13:38  fabiankeil
+ *    Remove inspect-jpegs action.
+ *
+ *    Revision 1.17  2007/08/05 13:42:22  fabiankeil
+ *    #1763173 from Stefan Huehner: declare some more functions static.
+ *
+ *    Revision 1.16  2007/07/14 08:01:58  fabiankeil
+ *    s at failiure@failure@
+ *
+ *    Revision 1.15  2007/01/03 14:39:19  fabiankeil
+ *    Fix a gcc43 warning and mark the binbuffer
+ *    as immutable for buf_getbyte().
+ *
+ *    Revision 1.14  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.12.2.1  2004/10/03 12:53:32  david__schmidt
+ *    Add the ability to check jpeg images for invalid
+ *    lengths of comment blocks.  Defensive strategy
+ *    against the exploit:
+ *       Microsoft Security Bulletin MS04-028
+ *       Buffer Overrun in JPEG Processing (GDI+) Could
+ *       Allow Code Execution (833987)
+ *    Enabled with +inspect-jpegs in actions files.
+ *
+ *    Revision 1.12  2002/05/12 21:36:29  jongfoster
+ *    Correcting function comments
+ *
+ *    Revision 1.11  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.10  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.9  2002/03/13 00:27:04  jongfoster
+ *    Killing warnings
+ *
+ *    Revision 1.8  2002/03/09 19:42:47  jongfoster
+ *    Fixing more warnings
+ *
+ *    Revision 1.7  2002/03/08 17:46:04  jongfoster
+ *    Fixing int/size_t warnings
+ *
+ *    Revision 1.6  2002/03/07 03:46:17  oes
+ *    Fixed compiler warnings
+ *
+ *    Revision 1.5  2001/09/10 10:16:06  oes
+ *    Silenced compiler warnings
+ *
+ *    Revision 1.4  2001/07/18 12:28:49  oes
+ *    - Added feature for extracting the first frame
+ *      to gif_deanimate
+ *    - Separated image buffer extension into buf_extend
+ *    - Extended gif deanimation to GIF87a (untested!)
+ *    - Cosmetics
+ *
+ *    Revision 1.3  2001/07/15 13:57:50  jongfoster
+ *    Adding #includes string.h and miscutil.h
+ *
+ *    Revision 1.2  2001/07/13 13:46:20  oes
+ *    Introduced GIF deanimation feature
+ *
+ *
+ **********************************************************************/
+
+
+#include "config.h"
+
+#include <string.h>
+#include <fcntl.h>
+
+#include "errlog.h"
+#include "project.h"
+#include "deanimate.h"
+#include "miscutil.h"
+
+const char deanimate_h_rcs[] = DEANIMATE_H_VERSION;
+
+/*********************************************************************
+ * 
+ * Function    :  buf_free
+ *
+ * Description :  Safely frees a struct binbuffer
+ *
+ * Parameters  :
+ *          1  :  buf = Pointer to the binbuffer to be freed
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void buf_free(struct binbuffer *buf)
+{
+   if (buf == NULL) return;
+
+   if (buf->buffer != NULL)
+   {
+      free(buf->buffer);
+   }
+
+   free(buf);
+
+}
+
+
+/*********************************************************************
+ * 
+ * Function    :  buf_extend
+ *
+ * Description :  Ensure that a given binbuffer can hold a given amount
+ *                of bytes, by reallocating its buffer if necessary.
+ *                Allocate new mem in chunks of 1024 bytes, so we don't
+ *                have to realloc() too often.
+ *
+ * Parameters  :
+ *          1  :  buf = Pointer to the binbuffer
+ *          2  :  length = Desired minimum size
+ *                
+ *
+ * Returns     :  0 on success, 1 on failure.
+ *
+ *********************************************************************/
+static int buf_extend(struct binbuffer *buf, size_t length)
+{
+   char *newbuf;
+
+   if (buf->offset + length > buf->size)
+   {
+      buf->size = ((buf->size + length + (size_t)1023) & ~(size_t)1023);
+      newbuf = (char *)realloc(buf->buffer, buf->size);
+
+      if (newbuf == NULL)
+      {
+         freez(buf->buffer);
+         return 1;
+      }
+      else
+      {
+         buf->buffer = newbuf;
+         return 0;
+      }
+   }
+   return 0;
+
+}
+
+
+/*********************************************************************
+ * 
+ * Function    :  buf_copy
+ *
+ * Description :  Safely copies a given amount of bytes from one
+ *                struct binbuffer to another, advancing the
+ *                offsets appropriately.
+ *
+ * Parameters  :
+ *          1  :  src = Pointer to the source binbuffer
+ *          2  :  dst = Pointer to the destination binbuffer
+ *          3  :  length = Number of bytes to be copied
+ *
+ * Returns     :  0 on success, 1 on failure.
+ *
+ *********************************************************************/
+static int buf_copy(struct binbuffer *src, struct binbuffer *dst, size_t length)
+{
+
+   /*
+    * Sanity check: Can't copy more data than we have
+    */
+   if (src->offset + length > src->size) 
+   {
+      return 1;
+   }
+
+   /*
+    * Ensure that dst can hold the new data
+    */
+   if (buf_extend(dst, length)) 
+   {
+      return 1;
+   }
+
+   /*
+    * Now that it's safe, memcpy() the desired amount of
+    * data from src to dst and adjust the offsets
+    */
+   memcpy(dst->buffer + dst->offset, src->buffer + src->offset, length);
+   src->offset += length;
+   dst->offset += length;
+
+   return 0;
+
+}
+
+
+/*********************************************************************
+ * 
+ * Function    :  buf_getbyte
+ *
+ * Description :  Safely gets a byte from a given binbuffer at a
+ *                given offset
+ *
+ * Parameters  :
+ *          1  :  src = Pointer to the source binbuffer
+ *          2  :  offset = Offset to the desired byte
+ *
+ * Returns     :  The byte on success, or 0 on failure
+ *
+ *********************************************************************/
+static unsigned char buf_getbyte(const struct binbuffer *src, size_t offset)
+{
+   if (src->offset + offset < src->size)
+   {
+      return (unsigned char)*(src->buffer + src->offset + offset);
+   }
+   else
+   {
+      return '\0';
+   }
+
+}
+
+
+/*********************************************************************
+ * 
+ * Function    :  gif_skip_data_block
+ *
+ * Description :  Safely advances the offset of a given struct binbuffer
+ *                that contains a GIF image and whose offset is
+ *                positioned at the start of a data block, behind
+ *                that block.
+ *
+ * Parameters  :
+ *          1  :  buf = Pointer to the binbuffer
+ *
+ * Returns     :  0 on success, or 1 on failure
+ *
+ *********************************************************************/
+static int gif_skip_data_block(struct binbuffer *buf)
+{
+   unsigned char c;
+
+   /* 
+    * Data blocks are sequences of chunks, which are headed
+    * by a one-byte length field, with the last chunk having
+    * zero length.
+    */
+   while((c = buf_getbyte(buf, 0)) != '\0')
+   {
+      buf->offset += (size_t)c + 1;
+      if (buf->offset >= buf->size - 1)
+      {
+         return 1;
+      }
+   }
+   buf->offset++;
+
+   return 0;
+
+}
+
+
+/*********************************************************************
+ * 
+ * Function    :  gif_extract_image
+ *
+ * Description :  Safely extracts an image data block from a given
+ *                struct binbuffer that contains a GIF image and whose
+ *                offset is positioned at the start of a data block 
+ *                into a given destination binbuffer.
+ *
+ * Parameters  :
+ *          1  :  src = Pointer to the source binbuffer
+ *          2  :  dst = Pointer to the destination binbuffer
+ *
+ * Returns     :  0 on success, or 1 on failure
+ *
+ *********************************************************************/
+static int gif_extract_image(struct binbuffer *src, struct binbuffer *dst)
+{
+   unsigned char c;
+
+   /*
+    * Remember the colormap flag and copy the image head
+    */
+   c = buf_getbyte(src, 9);
+   if (buf_copy(src, dst, 10))
+   {
+      return 1;
+   }
+
+   /*
+    * If the image has a local colormap, copy it.
+    */
+   if (c & 0x80)
+   {
+      int map_length = 3 * (1 << ((c & 0x07) + 1));
+      if (map_length <= 0)
+      {
+         log_error(LOG_LEVEL_DEANIMATE,
+            "colormap length = %d (%c)?", map_length, c);
+         return 1;
+      }
+      if (buf_copy(src, dst, (size_t)map_length))
+      {
+         return 1;
+      }           
+   }
+   if (buf_copy(src, dst, 1)) return 1;
+
+   /*
+    * Copy the image chunk by chunk.
+    */
+   while((c = buf_getbyte(src, 0)) != '\0')
+   {
+      if (buf_copy(src, dst, 1 + (size_t) c)) return 1;
+   }
+   if (buf_copy(src, dst, 1)) return 1;
+
+   /*
+    * Trim and rewind the dst buffer
+    */
+   if (NULL == (dst->buffer = (char *)realloc(dst->buffer, dst->offset))) return 1;
+   dst->size = dst->offset;
+   dst->offset = 0;
+
+   return(0);
+
+}
+
+/*********************************************************************
+ * 
+ * Function    :  gif_deanimate
+ *
+ * Description :  Deanimate a given GIF image, i.e. given a GIF with
+ *                an (optional) image block and an arbitrary number
+ *                of image extension blocks, produce an output GIF with
+ *                only one image block that contains the last image
+ *                (extenstion) block of the original.
+ *                Also strip Comments, Application extenstions, etc.
+ *
+ * Parameters  :
+ *          1  :  src = Pointer to the source binbuffer
+ *          2  :  dst = Pointer to the destination binbuffer
+ *          3  :  get_first_image = Flag: If set, get the first image
+ *                                        If unset (default), get the last
+ *
+ * Returns     :  0 on success, or 1 on failure
+ *
+ *********************************************************************/
+int gif_deanimate(struct binbuffer *src, struct binbuffer *dst, int get_first_image)
+{
+   unsigned char c;
+   struct binbuffer *image;
+
+   if (NULL == src || NULL == dst)
+   {
+      return 1;
+   }
+
+   c = buf_getbyte(src, 10);
+
+   /*
+    * Check & copy GIF header 
+    */
+   if (strncmp(src->buffer, "GIF89a", 6) && strncmp(src->buffer, "GIF87a", 6)) 
+   {
+      return 1;
+   }
+   else
+   {
+      if (buf_copy(src, dst, 13))
+      {
+         return 1;
+      }
+   }
+
+   /*
+    * Look for global colormap and  copy if found.
+    */
+   if(c & 0x80)
+   {
+      int map_length = 3 * (1 << ((c & 0x07) + 1));
+      if (map_length <= 0)
+      {
+         log_error(LOG_LEVEL_DEANIMATE,
+            "colormap length = %d (%c)?", map_length, c);
+         return 1;
+      }
+      if (buf_copy(src, dst, (size_t)map_length))
+      {
+         return 1;
+      }
+   }
+
+   /*
+    * Reserve a buffer for the current image block
+    */
+   if (NULL == (image = (struct binbuffer *)zalloc(sizeof(*image))))
+   {
+      return 1;
+   }
+
+   /*
+    * Parse the GIF block by block and copy the relevant
+    * parts to dst
+    */
+   while(src->offset < src->size)
+   {
+      switch(buf_getbyte(src, 0))
+      {
+         /*
+          *  End-of-GIF Marker: Append current image and return
+          */
+      case 0x3b:
+         goto write;
+
+         /* 
+          * Image block: Extract to current image buffer.
+          */
+      case 0x2c:
+         image->offset = 0;
+         if (gif_extract_image(src, image)) goto failed;
+         if (get_first_image) goto write;
+         continue;
+
+         /*
+          * Extension block: Look at next byte and decide
+          */
+      case 0x21:
+         switch (buf_getbyte(src, 1))
+         {
+            /*
+             * Image extension: Copy extension  header and image
+             *                  to the current image buffer
+             */
+         case 0xf9:
+            image->offset = 0;
+            if (buf_copy(src, image, 8) || buf_getbyte(src, 0) != 0x2c) goto failed;
+            if (gif_extract_image(src, image)) goto failed;
+            if (get_first_image) goto write;
+            continue;
+
+            /*
+             * Application extension: Skip
+             */
+         case 0xff:
+            if ((src->offset += 14) >= src->size || gif_skip_data_block(src)) goto failed;
+            continue;
+
+            /*
+             * Comment extension: Skip
+             */
+         case 0xfe:
+            if ((src->offset += 2) >= src->size || gif_skip_data_block(src)) goto failed;
+            continue;
+
+            /*
+             * Plain text extension: Skip
+             */
+         case 0x01:
+            if ((src->offset += 15) >= src->size || gif_skip_data_block(src)) goto failed;
+            continue;
+
+            /*
+             * Ooops, what type of extension is that?
+             */
+         default:
+            goto failed;
+
+         }
+
+         /*
+          * Ooops, what type of block is that?
+          */
+      default:
+         goto failed;
+         
+      }
+   } /* -END- while src */
+
+   /*
+    * Either we got here by goto, or because the GIF is
+    * bogus and EOF was reached before an end-of-gif marker 
+    * was found.
+    */
+
+failed:
+   buf_free(image);
+   return 1;
+
+   /*
+    * Append the current image to dst and return
+    */
+
+write:
+   if (buf_copy(image, dst, image->size)) goto failed;
+   if (buf_extend(dst, 1)) goto failed;
+   *(dst->buffer + dst->offset++) = 0x3b;
+   buf_free(image);
+   return 0;
+
+}
+
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/deanimate.h b/external/privoxy/deanimate.h
new file mode 100644
index 0000000..53af6f1
--- /dev/null
+++ b/external/privoxy/deanimate.h
@@ -0,0 +1,126 @@
+#ifndef DEANIMATE_H_INCLUDED
+#define DEANIMATE_H_INCLUDED
+#define DEANIMATE_H_VERSION "$Id: deanimate.h,v 1.12 2008/03/28 15:13:39 fabiankeil Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/deanimate.h,v $
+ *
+ * Purpose     :  Declares functions to manipulate binary images on the
+ *                fly.  High-level functions include:
+ *                  - Deanimation of GIF images
+ *                
+ *                Functions declared include: gif_deanimate and buf_free.
+ *                
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 - 2004 by the the
+ *                SourceForge Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on ideas from the Image::DeAnim Perl module by
+ *                Ken MacFarlane, <ksm+cpan at universal.dca.net>
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: deanimate.h,v $
+ *    Revision 1.12  2008/03/28 15:13:39  fabiankeil
+ *    Remove inspect-jpegs action.
+ *
+ *    Revision 1.11  2007/01/12 15:41:00  fabiankeil
+ *    Remove some white space at EOL.
+ *
+ *    Revision 1.10  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.8.2.1  2004/10/03 12:53:32  david__schmidt
+ *    Add the ability to check jpeg images for invalid
+ *    lengths of comment blocks.  Defensive strategy
+ *    against the exploit:
+ *       Microsoft Security Bulletin MS04-028
+ *       Buffer Overrun in JPEG Processing (GDI+) Could
+ *       Allow Code Execution (833987)
+ *    Enabled with +inspect-jpegs in actions files.
+ *
+ *    Revision 1.8  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.7  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.6  2002/03/08 17:46:04  jongfoster
+ *    Fixing int/size_t warnings
+ *
+ *    Revision 1.5  2002/03/07 03:46:17  oes
+ *    Fixed compiler warnings
+ *
+ *    Revision 1.4  2001/07/29 18:50:04  jongfoster
+ *    Fixing "extern C" block, and renaming #define _DEANIMATE_H
+ *
+ *    Revision 1.3  2001/07/18 12:29:05  oes
+ *    Updated prototype for gif_deanimate
+ *
+ *    Revision 1.2  2001/07/13 13:46:20  oes
+ *    Introduced GIF deanimation feature
+ *
+ *
+ *********************************************************************/
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * A struct that holds a buffer, a read/write offset,
+ * and the buffer's capacity.
+ */
+struct binbuffer
+{
+   char *buffer;
+   size_t offset;
+   size_t size;
+};
+
+/*
+ * Function prototypes
+ */
+extern int gif_deanimate(struct binbuffer *src, struct binbuffer *dst, int get_first_image);
+extern void buf_free(struct binbuffer *buf);
+
+/* 
+ * Revision control strings from this header and associated .c file
+ */
+extern const char deanimate_rcs[];
+extern const char deanimate_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef DEANIMATE_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/default.action.master b/external/privoxy/default.action.master
new file mode 100644
index 0000000..81c4138
--- /dev/null
+++ b/external/privoxy/default.action.master
@@ -0,0 +1,2162 @@
+#MASTER# COMMENT:
+#MASTER# COMMENT:  Anyone adding specific rules to this file,
+#MASTER# COMMENT:  wherever possible please include a *full* URL
+#MASTER# COMMENT:  which can be used to verify the problem, and if
+#MASTER# COMMENT:  the problem may not always be fully obvious, a
+#MASTER# COMMENT:  brief explanation. Please also add tests for
+#MASTER# COMMENT:  Privoxy-Regression-Test so we can automatically
+#MASTER# COMMENT:  verify that your rules are effective. Thanks.
+#MASTER# COMMENT:
+######################################################################
+#
+#  File        :  $Source: /cvsroot/ijbswa/current/default.action.master,v $
+#
+#  $Id: default.action.master,v 1.170 2009/03/04 15:05:00 ler762 Exp $
+#
+#  Requires    :  This version requires Privoxy v3.0.11 or later due to
+#                 syntax changes.
+#
+#  Purpose     :  Default actions file, see
+#                 http://www.privoxy.org/user-manual/actions-file.html.
+#                 This file is subject to periodic updating. It is
+#                 not supposed to be edited by the user. Local exceptions
+#                 and enhancements are better placed in user.action,
+#                 the match-all section has been moved to match-all.action.
+#
+#  Copyright   :  Written by and Copyright (C) 2001-2009 the
+#                 Privoxy team. http://www.privoxy.org/
+#
+#  Note: Updated versions of this file will be made available from time
+#        to time. Check http://sourceforge.net/project/showfiles.php?group_id=11118
+#        for updates and/or subscribe to the announce mailing list
+#        (http://lists.sourceforge.net/lists/listinfo/ijbswa-announce) if you
+#        wish to receive an email notice whenever updates are released.
+#
+# We value your feedback. However, to provide you with the best support,
+# please note:
+#
+#  * Use the support forum to get help:
+#    http://sourceforge.net/tracker/?group_id=11118&atid=211118
+#  * Submit feedback for this actions file only through the
+#    SF actions file feedback tracker:
+#    http://sourceforge.net/tracker/?group_id=11118&atid=460288
+#  * Submit bugs only through our bug forum:
+#    http://sourceforge.net/tracker/?group_id=11118&atid=111118
+#    Make sure that the bug has not already been submitted. Please try
+#    to verify that it is a Privoxy bug, and not a browser or site
+#    bug first. If you are using your own custom configuration, please
+#    try the stock configs to see if the problem is a configuration
+#    related bug. And if possible please try the latest CVS sources.
+#  * Submit feature requests only through our feature request forum:
+#    http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse
+#
+# For any other issues, feel free to use the mailing lists:
+# http://sourceforge.net/mail/?group_id=11118
+#
+# Anyone interested in actively participating in development and related
+# discussions can join the appropriate mailing list here:
+# http://sourceforge.net/mail/?group_id=11118. Archives are available
+# here too.
+#
+# The current development version of this file is located:
+# http://ijbswa.cvs.sourceforge.net/*checkout*/ijbswa/current/default.action.master
+#
+#############################################################################
+# Syntax
+#############################################################################
+#
+# A much better explanation can be found in the user manual which is
+# part of the distribution and can be found at http://www.privoxy.org/user-manual
+#
+# To determine which actions apply to a request, the URL of the request is
+# compared to all patterns in this file. Every time it matches, the list of
+# applicable actions for this URL is incrementally updated. You can trace
+# this process by visiting http://config.privoxy.org/show-url-info
+#
+# There are 4 types of lines in this file: comments (like this line),
+# actions, aliases and patterns, all of which are explained below.
+#
+#############################################################################
+# Pattern Syntax
+#############################################################################
+#
+# 1. On Domains and Paths
+# -----------------------
+#
+# Generally, a pattern has the form <domain>/<path>, where both the <domain>
+# and <path> part are optional. The pattern matching syntax is different for
+# each. If you only specify a domain part, the "/" can be left out, but it is
+# required for the path part.
+#
+# www.example.com
+#   is a domain-only pattern and will match any request to www.example.com
+#
+# www.example.com/
+#   means exactly the same (but is slightly less efficient)
+#
+# www.example.com/index.html
+#   matches only the document /index.html on www.example.com
+#
+# /index.html
+#   matches the document /index.html, regardless of the domain
+#
+# index.html
+#   matches nothing, since it would be interpreted as a domain name and
+#   there is no top-level domain called ".html".
+#
+# 2. Domain Syntax
+# ----------------
+#
+# The matching of the domain part offers some flexible options: If the
+# domain starts or ends with a dot, it becomes unanchored at that end:
+#
+# www.example.com
+#   matches only www.example.com
+#
+# .example.com
+#   matches any domain that ENDS in .example.com
+#
+# www.
+#   matches any domain that STARTS with www.
+#
+# .example.
+#   matches any domain that CONTAINS example
+#
+#
+# Additionally, there are wildcards that you can use in the domain names
+# themselves. They work pretty similar to shell wildcards: "*" stands for
+# zero or more arbitrary characters, "?" stands for one, and you can define
+# character classes in square brackets and they can be freely mixed:
+#
+# ad*.example.com
+#   matches adserver.example.com, ads.example.com, etc but not sfads.example.com
+#
+# *ad*.example.com
+#   matches all of the above
+#
+# .?pix.com
+#   matches www.ipix.com, pictures.epix.com, a.b.c.d.e.upix.com etc
+#
+# www[1-9a-ez].example.com
+#   matches www1.example.com, www4.example.com, wwwd.example.com,
+#   wwwz.example.com etc, but not wwww.example.com
+#
+# You get the idea?
+#
+# 2. Path Syntax
+# --------------
+#
+# Paths are specified as full regular expressions, and are more flexible than
+# the domain syntax above. A comprehensive discussion of regular expressions
+# wouldn't fit here.
+#
+# Perl compatible regular expressions are used. See the pcre/docs/ direcory or
+# man perlre (also available at http://perldoc.perl.org/perlre.html) for
+# details. The appendix to our User Manual also has some detail.
+#
+# Please note that matching in the path is CASE INSENSITIVE by default, but
+# you can switch to case sensitive by starting the pattern with the "(?-i)"
+# switch:
+#
+# www.example.com/(?-i)PaTtErN.*
+#   will match only documents whose path starts with PaTtErN in exactly this
+#   capitalization.
+#
+# Partially case-sensitive and partially case-insensitive patterns are
+# possible, but the rules about splitting them up are extremely complex
+# - see the PCRE documentation for more information.
+#
+#############################################################################
+# Action Syntax
+#############################################################################
+#
+# There are 3 kinds of actions:
+#
+# Boolean (e.g. "handle-as-image"):
+#   +name  # enable
+#   -name  # disable
+#
+# Parameterized (e.g. "hide-user-agent"):
+#   +name{param}  # enable and set parameter to "param"
+#   -name         # disable
+#
+# Multi-value (e.g. "add-header", "filter"):
+#   +name{param}  # enable and add parameter "param"
+#   -name{param}  # remove the parameter "param"
+#   -name         # disable totally
+#
+# The default (if you don't specify anything in this file) is not to take
+# any actions - i.e completely disabled, so Privoxy will just be a
+# normal, non-blocking, non-anonymizing proxy.  You must specifically
+# enable the privacy and blocking features you need (although the
+# provided default actions file will do that for you).
+#
+# Later actions always override earlier ones.  For multi-valued actions,
+# the actions are applied in the order they are specified.
+#
+#############################################################################
+# Valid actions are:
+#############################################################################
+#
+# +add-header{Name: value}
+#    Adds the specified HTTP header, which is not checked for validity.
+#    You may specify this many times to specify many headers.
+#
+# +block{reason}
+#    Block this URL. Instead of forwarding the request, Privoxy will
+#    send a "block" page containing the specified reason.
+#
+# +change-x-forwarded-for{add}
+# +change-x-forwarded-for{block}
+#   Adds or blocks the "X-Forwarded-For:" HTTP header in client
+#   requests.
+#
+# +client-header-filter{name}
+#    All client headers to which this action applies are filtered on-the-fly
+#    through the specified regular expression based substitutions.
+#
+#    Client-header filters predefined in the supplied default.filter include:
+#
+#     hide-tor-exit-notation: Removes the Tor exit node notation in Host and Referer headers.
+#     privoxy-control:        Removes X-Privoxy-Control headers.
+#
+# +client-header-tagger{string}
+#    Tag requests based on their headers. Client headers to which this
+#    action applies are filtered on-the-fly through the specified regular
+#    expression based substitutions, the result is used as a tag.
+#    Client-header taggers are the first actions that are executed and their
+#    tags can be used to control every other action.
+#
+#    Client-header taggers predefined in the supplied default.filter include:
+#
+#     image-requests:    Tags detected image requests as "IMAGE-REQUEST".
+#     css-requests:      Tags detected CSS requests as "CSS-REQUEST".
+#     client-ip-address: Tags the request with the client's IP address.
+#     http-method:       Tags the request with its HTTP method.
+#     allow-post:        Tags POST requests as "ALLOWED-POST".
+#     complete-url:      Tags the request with the whole request URL.
+#     user-agent:        Tags the request with the complete User-Agent header.
+#     privoxy-control:   Creates tags with the content of X-Privoxy-Control headers.
+#
+# +content-type-overwrite
+#    Replaces the "Content-Type:" HTTP server header, so that unwanted
+#    download menus will not pop up, or changes the browser's rendering mode.
+#
+# +crunch-client-header{string}
+#    Deletes every header sent by the client that contains the string the
+#    user supplied as parameter.
+#
+# +crunch-if-none-match
+#     Deletes the "If-None-Match:" HTTP client header.
+#
+# +crunch-server-header{string}
+#    Deletes every header sent by the server that contains the string the
+#    user supplied as a parameter.
+#
+# +deanimate-gifs{last}
+# +deanimate-gifs{first}
+#    Deanimate all animated GIF images, i.e. reduce them to their last
+#    frame. This will also shrink the images considerably. (In bytes,
+#    not pixels!)
+#    If the option "first" is given, the first frame of the animation
+#    is used as the replacement. If "last" is given, the last frame of
+#    the animation is used instead, which propably makes more sense for
+#    most banner animations, but also has the risk of not showing the
+#    entire last frame (if it is only a delta to an earlier frame).
+#
+# +downgrade-http-version
+#    Downgrade HTTP/1.1 client requests to HTTP/1.0 and downgrade the
+#    responses as well. Use this action for servers that use HTTP/1.1
+#    protocol features that Privoxy currently can't handle yet.
+#
+# +fast-redirects{check-decoded-url}
+# +fast-redirects{simple-check}
+#    Many sites, like yahoo.com, don't just link to other sites.
+#    Instead, they will link to some script on their own server,
+#    giving the destination as a parameter, which will then redirect
+#    you to the final target.
+#
+#    URLs resulting from this scheme typically look like:
+#    http://some.place/some_script?http://some.where-else
+#
+#    Sometimes, there are even multiple consecutive redirects encoded
+#    in the URL. These redirections via scripts make your web browsing
+#    more traceable, since the server from which you follow such a link
+#    can see where you go to. Apart from that, valuable bandwidth and
+#    time is wasted, while your browser asks the server for one redirect
+#    after the other. Plus, it feeds the advertisers.
+#
+#    The +fast-redirects{check-decoded-url} option enables interception of
+#    these requests by Privoxy, who will cut off all but the last valid URL
+#    in the request and send a local redirect back to your browser without
+#    contacting the intermediate sites. NOTE: Syntax change as of v.3.0.4.
+#
+# +filter{name}
+#    All files of text-based type, most notably HTML and JavaScript, to which
+#    this action applies, can be filtered on-the-fly through the specified
+#    regular expression based substitutions. (Note: plain text documents are
+#    exempted from filtering, because web servers often use the text/plain
+#    MIME type for all files whose type they don't know.) By default,
+#    filtering works only on the raw document content itself (that which can
+#    be seen with View Source), not the headers. Repeat for multiple filters.
+#    Use with caution: filters can be very intrusive.
+#
+#    Filters predefined in the supplied default.filter include:
+#
+#     js-annoyances:       Get rid of particularly annoying JavaScript abuse.
+#     js-events:           Kill all JS event bindings and timers (Radically destructive! Only for extra nasty sites).
+#     html-annoyances:     Get rid of particularly annoying HTML abuse.
+#     content-cookies:     Kill cookies that come in the HTML or JS content.
+#     refresh-tags:        Kill automatic refresh tags (for dial-on-demand setups).
+#     unsolicited-popups:  Disable only unsolicited pop-up windows.
+#     all-popups:          Kill all popups in JavaScript and HTML.
+#     img-reorder:         Reorder attributes in <img> tags to make the banners-by-* filters more effective.
+#     banners-by-size:     Kill banners by size.
+#     banners-by-link:     Kill banners by their links to known clicktrackers.
+#     webbugs:             Squish WebBugs (1x1 invisible GIFs used for user tracking).
+#     tiny-textforms:      Extend those tiny textareas up to 40x80 and kill the hard wrap.
+#     jumping-windows:     Prevent windows from resizing and moving themselves.
+#     frameset-borders:    Give frames a border and make them resizable.
+#     demoronizer:         Fix MS's non-standard use of standard charsets.
+#     shockwave-flash:     Kill embedded Shockwave Flash objects.
+#     quicktime-kioskmode: Make Quicktime movies saveable.
+#     fun:                 Text replacements for subversive browsing fun!
+#     crude-parental:      Crude parental filtering. Note that this filter doesn't work reliably.
+#     ie-exploits:         Disable some known Internet Explorer bug exploits.
+#     site-specifics:      Cure for site-specific problems. Don't apply generally!
+#     no-ping:             Removes non-standard ping attributes in <a> and <area> tags.
+#     google:              CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.
+#     yahoo:               CSS-based block for Yahoo text ads. Also removes a width limitation.
+#     msn:                 CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.
+#     blogspot:            Cleans up some Blogspot blogs. Read the fine print before using this.
+#
+# +force-text-mode
+#    Declares a document as plain text, even if the "Content-Type:" isn't detected
+#    as such.
+#
+# +forward-override{forward .}
+# +forward-override{forward 127.0.0.1:8123}
+# +forward-override{forward-socks4a 127.0.0.1:9050 .}
+# +forward-override{forward-socks4a 127.0.0.1:9050 proxy.example.org:8000}
+# +forward-override{forward-socks5 127.0.0.1:9050 .}
+# +forward-override{forward-socks5 127.0.0.1:9050 proxy.example.org:8000}
+#   This action overrules the forward directives in the configuration file.
+#
+# +handle-as-empty-document
+#   This action alone doesn't do anything noticeable. It just marks URLs. If
+#   the block action also applies, the presence or absence of this mark
+#   decides whether an HTML "blocked"  page, or an empty document will be sent
+#   to the client as a substitute for the blocked content.
+#
+# +handle-as-image
+#    Treat this URL as an image.  This only matters if it's also "+block"ed,
+#    in which case a "blocked" image can be sent rather than a HTML page.
+#    See +set-image-blocker{} for the control over what is actually sent.
+#
+# +hide-accept-language{lang}
+# +hide-accept-language{block}
+#   Deletes or replaces the "Accept-Language:" HTTP header in client
+#   requests.
+#
+# +hide-content-disposition{block}
+# +hide-content-disposition{string}
+#   Deletes or replaces the "Content-Disposition:" HTTP header set by some
+#   servers. This can be used to prevent download menus for content you
+#   prefer to view inside the browser, for example.
+#
+# +hide-from-header{block}
+# +hide-from-header{spam at sittingduck.xqq}
+#   If the browser sends a "From:" header containing your e-mail address,
+#   either completely removes the header ("block"), or change it to the
+#   specified e-mail address.
+#
+# +hide-if-modified-since{block}
+# +hide-if-modified-since{-60}
+#   Deletes the "If-Modified-Since:" HTTP client header or modifies its
+#   value, preventing another way to track users.
+#
+# +hide-referer{block}
+# +hide-referer{forge}
+# +hide-referer{http://nowhere.com}
+#    Don't send the "Referer:" (sic) header to the web site.  You can
+#    block it, forge a URL to the same server as the request (which is
+#    preferred because some sites will not send images otherwise) or
+#    set it to a constant string.
+#
+# +hide-referrer{...}
+#    Alternative spelling of +hide-referer.  Has the same parameters,
+#    and can be freely mixed with, "+hide-referer".  ("referrer" is the
+#    correct English spelling, however the HTTP specification has a
+#    bug - it requires it to be spelt "referer").
+#
+# +hide-user-agent{browser-type}
+#    Change the "User-Agent:" header so web servers can't tell your
+#    browser type.  (Breaks many web sites).  Specify the user-agent
+#    value you want - e.g., to pretend to be using Netscape on Linux:
+#      +hide-user-agent{Mozilla (X11; I; Linux 2.0.32 i586)}
+#    Or to identify yourself explicitly as a Privoxy user:
+#      +hide-user-agent{Privoxy/1.0}
+#    (Don't change the version number from 1.0 - after all, why tell them?)
+#
+# +limit-connect{portlist}
+#
+#    By default, i.e. if no limit-connect action applies, Privoxy
+#    allows HTTP CONNECT requests to all ports. Use limit-connect
+#    if fine-grained control is desired for some or all destinations.
+#    The CONNECT methods exists in HTTP to allow access to secure websites
+#    ("https://" URLs) through proxies. It works very simply: the proxy
+#    connects to the server on the specified port, and then short-circuits
+#    its connections to the client and to the remote server. This means
+#    CONNECT-enabled proxies can be used as TCP relays very easily. Privoxy
+#    relays HTTPS traffic without seeing the decoded content. Websites can
+#    leverage this limitation to circumvent Privoxy's filters. By specifying
+#    an invalid port range you can disable HTTPS entirely.
+#
+#    +limit-connect{443}                   # Only port 443 is OK.
+#    +limit-connect{80,443}                # Ports 80 and 443 are OK.
+#    +limit-connect{-3, 7, 20-100, 500-}   # Ports less than 3, 7, 20 to 100 and above 500 are OK.
+#    +limit-connect{-}                     # All ports are OK
+#    +limit-connect{,}                     # No HTTPS/SSL traffic is allowed
+#
+# +overwrite-last-modified{block}
+# +overwrite-last-modified{reset-to-request-time}
+# +overwrite-last-modified{randomize}
+#    Removing the "Last-Modified:" header is useful for filter testing, where
+#    you want to force a real reload instead of getting status code "304",
+#    which would cause the browser to reuse the old version of the page.
+#
+#    The "randomize" option overwrites the value of the "Last-Modified:"
+#    header with a randomly chosen time between the original value and the
+#    current time. In theory the server could send each document with a
+#    different "Last-Modified:" header to track visits without using cookies.
+#    "Randomize" makes it impossible and the browser can still revalidate
+#    cached documents.
+#
+#    "reset-to-request-time" overwrites the value of the "Last-Modified:"
+#    header with the current time. You could use this option together with
+#    hide-if-modified-since to further customize your random range.
+#
+# +prevent-compression
+#    Prevent the website from compressing the data. Some websites do
+#    that, which is a problem for Privoxy when built without zlib support,
+#    since +filter and +gif-deanimate will not work on compressed data.
+#    Will slow down connections to those websites, though.
+#
+# +server-header-filter{name}
+#    All server headers to which this action applies are filtered on-the-fly
+#    through the specified regular expression based substitutions.
+#
+#    Server-header filters predefined in the supplied default.filter include:
+#
+#     x-httpd-php-to-html:   Changes the Content-Type header from x-httpd-php to html.
+#     html-to-xml:           Changes the Content-Type header from html to xml.
+#     xml-to-html:           Changes the Content-Type header from xml to html.
+#     less-download-windows: Prevent annoying download windows for content types the browser can handle itself.
+#     privoxy-control:       Removes X-Privoxy-Control headers.
+#
+# +server-header-tagger{content-type}
+#    Server headers to which this action applies are filtered on-the-fly
+#    through the specified regular expression based substitutions, the result
+#    is used as a tag. Server-header taggers are executed before all other
+#    header actions that modify server headers. Their tags can be used to
+#    control all of the other server-header actions, the content filters and
+#    the crunch actions (redirect and block).
+#
+#    Server-header taggers predefined in the supplied default.filter include:
+#
+#     content-type:    Tags the request with the content type declared by the server.
+#     privoxy-control: Creates tags with the content of X-Privoxy-Control headers.
+#
+# +session-cookies-only
+#    If the website sets cookies, make sure they are erased when you exit
+#    and restart your web browser.  This makes profiling cookies useless,
+#    but won't break sites which require cookies so that you can log in
+#    or for transactions.
+#
+# +set-image-blocker{blank}
+# +set-image-blocker{pattern}
+# +set-image-blocker{<URL>} with <url> being any valid image URL
+#    Decides what to do with URLs that end up tagged with {+block +handle-as-image}.
+#    There are 4 options:
+#      * "-set-image-blocker" will send a HTML "blocked" page, usually
+#         resulting in a "broken image" icon.
+#      * "+set-image-blocker{blank}" will send a 1x1 transparent image
+#      * "+set-image-blocker{pattern}" will send a 4x4 grey/white pattern
+#        which is less intrusive than the logo but easier to recognize
+#        than the transparent one.
+#      * "+set-image-blocker{<URL>}" will send a HTTP temporary redirect
+#        to the specified image URL.
+#
+#
+# +crunch-outgoing-cookies
+#    Prevent the website from reading cookies
+#
+# +crunch-incoming-cookies
+#    Prevent the website from setting cookies
+#
+# +redirect{<URL>}
+# +redirect{<pcrs command>}
+#    Convinces the browser that the requested document has been moved to
+#    another location and the browser should get it from the specified
+#    URL.
+#
+#############################################################################
+
+#############################################################################
+# Settings -- Don't change.
+#############################################################################
+{{settings}}
+#############################################################################
+#MASTER# COMMENT: The minimum Privoxy version:
+for-privoxy-version=3.0.11
+
+#############################################################################
+# Aliases
+#############################################################################
+{{alias}}
+#############################################################################
+#
+# You can define a short form for a list of permissions - e.g., instead
+# of "-crunch-incoming-cookies -crunch-outgoing-cookies -filter -fast-redirects",
+# you can just write "shop". This is called an alias.
+#
+# Currently, an alias can contain any character except space, tab, '=', '{'
+# or '}'.
+# But please use only 'a'-'z', '0'-'9', '+', and '-'.
+#
+# Alias names are not case sensitive.
+#
+# Aliases beginning with '+' or '-' may be used for system action names
+# in future releases - so try to avoid alias names like this.  (e.g.
+# "+crunch-all-cookies" below is not a good name)
+#
+# Aliases must be defined before they are used.
+#
+
+# These aliases just save typing later:
+#
++crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
+-crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
+ allow-all-cookies  = -crunch-all-cookies -session-cookies-only
+ allow-popups       = -filter{all-popups} -filter{unsolicited-popups}
++block-as-image     = +block{Blocked image request.} +handle-as-image
+-block-as-image     = -block
+
+# These aliases define combinations of actions
+# that are useful for certain types of sites:
+#
+fragile     = -block -crunch-all-cookies -filter -fast-redirects -hide-referer -prevent-compression
+shop        = -crunch-all-cookies allow-popups
+
+# Your favourite blend of filters:
+#
+myfilters   = +filter{html-annoyances} +filter{js-annoyances} +filter{all-popups}\
+              +filter{webbugs} +filter{banners-by-size}
+
+# Allow ads for selected useful free sites:
+#
+allow-ads   = -block -filter{banners-by-size} -filter{banners-by-link}
+
+################
+#
+# Cautious settings -- safe for all sites, but offer little privacy protection
+#
+{ \
++change-x-forwarded-for{block} \
++hide-from-header{block} \
++set-image-blocker{pattern} \
+}
+standard.Cautious
+
+################
+#
+# Medium settings -- safe for most sites, with reasonable protection/damage tradeoff
+#
+{ \
++change-x-forwarded-for{block} \
++deanimate-gifs{last} \
++filter{refresh-tags} \
++filter{img-reorder} \
++filter{banners-by-size} \
++filter{webbugs} \
++filter{jumping-windows} \
++filter{ie-exploits} \
++hide-from-header{block} \
++hide-referrer{conditional-block} \
++session-cookies-only \
++set-image-blocker{pattern} \
+}
+standard.Medium
+
+################
+#
+# Advanced settings -- reasonable privacy protection but
+# require some exceptions for trusted sites, most likely
+# because of cookies or SSL. Also testing ground for
+# new options.
+#
+# CAUTION: These settings can still be subverted by a
+# misconfigured client that executes code from untrusted
+# sources.
+#
+{ \
++change-x-forwarded-for{block} \
++client-header-tagger{css-requests} \
++client-header-tagger{image-requests} \
++crunch-if-none-match \
++crunch-outgoing-cookies \
++crunch-incoming-cookies \
++deanimate-gifs{last} \
++fast-redirects{check-decoded-url} \
++filter{html-annoyances} \
++filter{content-cookies} \
++filter{refresh-tags} \
++filter{img-reorder} \
++filter{banners-by-size} \
++filter{banners-by-link} \
++filter{webbugs} \
++filter{jumping-windows} \
++filter{frameset-borders} \
++filter{quicktime-kioskmode} \
++hide-if-modified-since{-60} \
++hide-from-header{block} \
++hide-referrer{conditional-block} \
++limit-connect{,} \
++overwrite-last-modified{randomize} \
++set-image-blocker{pattern} \
+}
+standard.Advanced
+
+#############################################################################
+# These extensions belong to images:
+#############################################################################
+{+handle-as-image -filter}
+#############################################################################
+/.*\.(gif|jpe?g|png|bmp|ico)($|\?)
+
+#############################################################################
+# These don't:
+#############################################################################
+{-handle-as-image}
+/.*\.(js|php|css|.?html?)
+
+#############################################################################
+# Generic block patterns by host:
+#############################################################################
+{+block{Host matches generic block pattern.}}
+ad*.
+.*ads.
+#MASTER# REMARKS: removed .ad. 2007-12-18 HB
+#MASTER# REMARKS: Modifications per Actionsfile feedback item #1807613
+.ad.?.
+.ad.[a-ik-z][a-oq-z].
+.ad.jp.*.
+.ad.???*.
+# Blocked URL = http://alternativos.iw-advertising.com/
+.*advert*.
+*banner*.
+count*.
+*counter.
+#MASTER# PROBLEM URL: http://www.newegg.com
+promotions.
+#MASTER# BLOCK-REFERRER: http://tech.cybernetnews.com/
+# Blocked URL = http://metrics.performancing.com/
+metrics.
+
+#############################################################################
+# Generic unblockers by host:
+#############################################################################
+{-block}
+adsl.
+ad[udmw]*.
+adbl*.
+adam*.
+adapt*.
+adob*.
+adrenaline.
+adtp*.
+adv[oia]*.
+adventure*.
+.*road*.
+.olympiad*.
+.*load*.
+.*[epu]ad*.
+county*.
+countr*.
+
+#############################################################################
+# Generic block patterns by path:
+#############################################################################
+{+block{Path matches generic block pattern.}}
+/(.*/)?ad(\?|/|s|v|_?(image|se?rv|box)|cycle|rotate|mentor|click|f[ra]m|script|stream|fetch|log|space)
+# Blocked URL = http://www.example.org/adimage
+# Blocked URL = http://www.example.org/adspace
+/phpads(new)?/
+/(.*/)?(ad|all|nn|db|promo(tion)?)?[-_]?banner
+/(.*/)?(publicite|werbung|rekla(me|am)|annonse|maino(kset|nta|s)?/)
+/.*(count|track|compteur|(?<!relo)adframe|adse?rve?|banner)(er|run)?(\?|\.(pl|cgi|exe|dll|asp|php|cpt))
+/(.*/)?clicktrack
+/(.*/)?(full)?pop[-_]?(up|over|under|open(er)?)?s?(/|\.)
+/(.*/)?((flash)?pop|live(cnt|count(er)?)).*\.(js|php|cgi)
+
+#############################################################################
+# Generic unblockers by path:
+#############################################################################
+{-block}
+# Sticky Actions = -block
+/.*ad(sl|v(i[cs]|o|an|ertencia|ent|.*search|erse)) # advice/advisories/advan*/advertencia (spanish) adverse
+/.*(lo|thre|he|d|gr|l|ro|re|squ|class(ified)?)ads
+/.*account
+support./(.*/)?track
+
+#############################################################################
+# Exceptions for academia and non-profits
+#############################################################################
+.edu
+.ac.*/
+.uni-*.de
+.tu-*.de
+.gov
+.hs-*.de
+.fh-*.de
+#MASTER# REMARKS: Try to avoid harmless names in non-commercial organizations. Added 10/24/06
+# URL = http://www.gnu.org/graphics/gnu-head-banner.png
+.org/.*(image|banner)
+
+#############################################################################
+# Catch-all for false-positives that are just TOO obvious to let go
+#############################################################################
+{+block{Catch-all block for false-positives.}}
+#MASTER# REMARKS: Going for adsrv, adserve, adserver*.
+.ads[erv][rv]*.
+# Blocked URL = http://ads.facebook.com/ads/spreadshirt/banner120x600.jpg
+.ads.
+/(.*/)?ad(se?rv|click|stream|image|log|farm|script)
+# Blocked URL = http://www.torrentportal.com/topad.html
+#MASTER# REMARKS: Action tracker 1637648 and a bit of imagination. Added 2007-01-20.
+#MASTER# REMARKS: Added "text" 20070730 as per http://www.pcworld.com/textad?Keywords=System Resources Tune-Up.&type=pcworld_downloads_search&count=3&ord=906010128&serveUrl=http%3A%2F%2Fwww.pcworld.com%2Fdownloads%2Ffile%2Ffid%2C7661-order%2C1-page%2C1-c%2Csystemresourcestuneup%2Fdescription.html Adam Piggott
+/.*(top|bottom|left|right|text)_?ad
+
+#############################################################################
+# Site-specific block patterns;
+#############################################################################
+{+block{Domain parking site}}
+#MASTER# BLOCK-REFERRER: http://www.inetcat.org
+# Blocked URL = http://www.sedoparking.com/www.inetcat.org
+.sedoparking.com/
+# Blocked URL = http://landing.trafficz.com/index.php?domain=www.inetcat.org
+landing.trafficz.com/
+# Blocked URL = http://www.searchnut.com/?domain=www.inetcat.org
+.searchnut.com/\?domain
+
+{+block{Site-specific block pattern matches.}}
+#MASTER# BLOCK-REFERRER: http://www.brooksbrothers.com/ 10/18/06
+#MASTER# BLOCK-REFERRER: http://www.autodesk.com/
+# Blocked URL = http://www.hitbox.com/foobar
+.hitbox.com
+#MASTER# BLOCK-REFERRER: http://www.the-gadgeteer.com/palmos.html 10/18/06
+# Blocked URL = http://www..the-gadgeteer.com/cgi-bin/getimage.cgi/
+.the-gadgeteer.com/cgi-bin/getimage.cgi/
+#MASTER# BLOCK-REFERRER: http://dest.travelocity.com/DestGuides/geo_frontdoor/0,,TRAVELOCITY,00.html?HPTRACK=icon_dest
+# Blocked URL = http://dest.travelocity.com/website/destinations/images/partner_frommers.gif
+# Blocked URL = http://dest.travelocity.com/website/destinations/images/travelex_logo.gif
+dest.travelocity.com/website/destinations/images/partner_frommers.gif
+dest.travelocity.com/website/destinations/images/travelex_logo.gif
+#MASTER# BLOCK-REFERRER: http://us.imdb.com/Title?0110912 10/18/06
+#MASTER# BLOCK-REFERRER: http://www.imdb.com/help/boards/markup
+#MASTER# REMARKS: 2nd is for emoticons exception
+i.imdb.com/Photos/CMSIcons/(?!buttons|emoticons)
+rcm.amazon.com
+#MASTER# BLOCK-REFERRER: http://www.nytimes.com/ 10/18/06
+# Blocked URL = http://www.nytimes.com/adx/foo
+.nytimes.com/adx/
+#MASTER# BLOCK-REFERRER: http://www.sharereactor.com/ 10/19/06
+#MASTER# BLOCK-REFERRER: http://www.popupad.net/
+#www.popupad.net/ats/
+.adtrak.net
+.elitemediagroup.net
+.popuptraffic.com
+#MASTER# BLOCK-REFERRER: http://www.famousbabes.com/gabrielleR/grpics1.htm 10/19/06
+#MASTER# BLOCK-REFERRER: http://www.hit-now.com/
+.hit-now.com
+#MASTER# BLOCK-REFERRER: http://www.pgpi.org/ 10/18/06
+[a-v]*.valueclick.com
+#MASTER# BLOCK-REFERRER: http://astalavista.box.sk/
+#MASTER# REMARKS: Yea, all these at one site! 10/19/06
+.cpays.com
+.oxado.com
+.adult*finder.com
+#MASTER# DONT-VERIFY: Opera's list of banners to load (XML)
+/scripts/cms/xcms.asp
+#MASTER# REMARKS: Actionsfile tracker 1559740 09/16/06 See http://www.vibrantmedia.com/whatisIntelliTXT.asp
+#MASTER# BLOCK-REFERRER: http://www.hartware.de/news_40795.html
+/.*intellitxt/
+.intellitxt.com
+#MASTER# REMARKS: per Actions File tracker: #1597893 11/17/06, similar to intellitxt
+.kontera.com
+#MASTER# REMARKS: 2007-08-17 HB, similar to intellitxt
+#MASTER# BLOCK-REFERRER: http://www.webhostingtalk.com/archive/index.php/t-533369.html
+.tribalfusion.com/ctxt
+#MASTER# REMARKS: Video advertizer, owned by doubleclick.net.
+#MASTER# BLOCK-REFERRER: http://www.ign.com/ 09/17/06
+.klipmart.com
+#MASTER# BLOCK-REFERRER: http://gamespot.com 09/26/06
+#MASTER# REMARKS: adlog.com.com and ads.com.com
+ad*.com.com
+#MASTER# REMARKS: used in redirects: dw.com.com 12/18/06
+#MASTER# BLOCK-REFERRER: http://verizon.net 09/29/06
+sales.liveperson.net
+#MASTER# BLOCK-REFERRER: www.avclub.com/ 10/14/06
+.iad.liveperson.net
+#MASTER# BLOCK-REFERRER: http://homedepot.com 09/29/06
+#MASTER# BLOCK-REFERRER: http://weather.com 11/03/06
+.coremetrics.com/
+#MASTER# BLOCK-REFERRER: http://wired.com 09/29/06
+.realmedia.com/data/
+#MASTER# REMARKS: webbugs, ads and user tracking js in many places.
+#MASTER# BLOCK-REFERRER: http://washingtonpost.com & http://tomshardware.com 09/29/06
+.revsci.net
+#MASTER# BLOCK-REFERRER: http://www.time.com/time/business/article/0,8599,1073341,00.html 09/29/06
+.clickability.com
+/.*clickability(.com)?/
+#MASTER# BLOCK-REFERRER: http://washingtonpost.com 09/29/06
+stats.*.ihost.com
+#MASTER# BLOCK-REFERRER: http://msnbc.com and many others 09/29/06
+.2o7.net
+#MASTER# BLOCK-REFERRER: http://microsoft.com 09/29/06
+.webtrends.com
+#MASTER# BLOCK-REFERRER: http://tomshardware.com 09/29/06
+.tacoda.
+#MASTER# BLOCK-REFERRER: http://www.torrentazos.com 10/04/06
+ad.theadhost.com
+#MASTER# BLOCK-REFERRER: http://www.stuff.co.nz 10/06/06
+.adbureau.net
+#MASTER# BLOCK-REFERRER: http://drudgereport.com 10/06/06
+.adgardener.com
+#MASTER# BLOCK-REFERRER: http://www.connected-media.com/riven/hints.htm 10/14/06
+#MASTER# REMARKS: ads.kw.revenue.net/? etc
+.revenue.net
+#MASTER# BLOCK-REFERRER: http://www.geocities.com/the_sockman1/index.html 10/15/06
+#MASTER# REMARKS: ..and any other page on geocities. Source of the obnoxious Geocities drop-in menu.
+.geocities.com/js_source
+#MASTER# BLOCK-REFERRER: http://www.google.com 09/28/06
+.dartsearch.net
+#MASTER# BLOCK-REFERRER: http://wunderground.com 11/02/06
+.zedo.com
+#MASTER# BLOCK-REFERRER: http://realtor.org 11/03/06
+.trk.sodoit.com/
+#MASTER# BLOCK-REFERRER: http://www.freenews.fr 11/23/06 Actionsfile feedback item #1597034
+.espace.netavenir.com
+#MASTER# BLOCK-REFERRER: http://www.powerdvd.com/ 12/28/06
+.hitfarm.com
+#MASTER# BLOCK-REFERRER: http://www.uk-businessdirectory.co.uk/
+#MASTER# REMARKS: Action tracker 1616457. Added 2007-01-20.
+.topnemo.com/engine
+.top100categories.com/engine
+#MASTER# REMARKS: Actionsfile feedback item #1647852 2007-01-30
+#MASTER# REMARKS: Domain squatting onload pop-ups
+#MASTER# BLOCK-REFERRER: http://www.memtest.com/
+/(t|search)\.php\?uid=ws[a-z0-9]+\.[a-z0-9]+
+#MASTER# BLOCK-REFERRER: via Yahoo groups
+#MASTER# REMARKS: Actionsfile tracker 1645513 2007-01-26
+.adinterax.com/(?!(.*)\.(js|gif|jpg))
+#MASTER# BLOCK-REFERRER:  http://www.weilpod.com
+#MASTER# REMARKS: Actionsfile feedback item #1710951 2007-05-02
+img.bluehost.com
+#MASTER# BLOCK-REFERRER: http://www.linuxinsider.com/story/57759.html
+#MASTER# REMARKS: Actionsfile feedback item #1736213 at 2007-06-12
+linuxinsider.com/images/sda/
+#MASTER# REMARKS: 20070711 Adam Piggott Actionsfile feedback #1700692
+#MASTER# REMARKS: Tracking JavaScript
+#MASTER# BLOCK-REFERRER: http://www.hants.gov.uk/record-office/
+[a-z].clickdensity.com
+#MASTER# REMARKS: Obnoxious "widget" adverts
+#MASTER# BLOCK-REFERRER: http://www.quickonlinetips.com/archives/2007/08/nokia-offers-free-bl-5c-battery-replacement-for-overheating/
+.widgetbucks.com
+#MASTER# BLOCK-REFERRER: http://www.dailymail.co.uk/pages/live/articles/news/news.html?in_article_id=559547&in_page_id=1770
+# Blocked URL = http://img.dailymail.co.uk/i/promo_boxes/groTime_promo.jpg
+# Blocked URL = http://img.dailymail.co.uk/i/promo_boxes/idealhome_promo.gif
+img.dailymail.co.uk/i/promo_boxes/
+#MASTER# REMARKS: Flash ad, Actionsfile feedback item #2003465 2008-07-01
+# Blocked URL = http://cache.opt.fimserve.com/contents/325/84/84325/LIN728x90.swf?%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20clickTag=http%3A//delb.opt.fimserve.com/lnk/%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%20%3Fk%3DODk1ODc7Mzs0MDA7ODQzMjU7Zi44LjkuaHYuaGdseHBzbG9uaCBvem0uNzYuZkBAeHp5b3ZAQGxobmxAQCs4XzlAQHhsbnN2biBoZHZ3dm1AQGh2QEBmOzEyMTQ1MTE1MjgzMzA7Mjs7MTMxfDsxOzQ7NzIxODs4ODAyODc3NQ%3D%3Dhref%3Dhttp%3A//www.myspace.com/liveinnordics&clickTarget=_new
+.fimserve.com
+#MASTER# REMARKS: Actionsfile feedback item #2004311 2008-07-01, are they all images?
+# Blocked URL = http://static.lycos-europe.net/lea/se/pricerunner/040608_728x90_payback_digitalkamer.gif
+static.lycos-europe.net
+#MASTER# REMARKS: Actionsfile feedback item #2005285
+#MASTER# BLOCK-REFERRER: http://hitta.se
+# Blocked URL = http://82.99.18.195/media.1/112/9460/146016/150x175_Hitta_FV_Feb08.gif
+82.99.18.195
+#MASTER# REMARKS: Actionsfile feedback item #1888197  2008-02-06
+#MASTER# REMARKS: Have a "go there anyway" link for clk.atdmt.com
+#MASTER# BLOCK-REFERRER: http://www.networkworld.com/resourcelibrary/?tid=4&type=special%20report
+# Blocked URL = http://clk.atdmt.com/
+.atdmt.com/
+
+#----------------------------------------------------------------------------
+# Misc Web-bugs, JS and just plain Junk. Images here aren't normal images.
+#----------------------------------------------------------------------------
+{+block{Might be a web-bug.} +handle-as-empty-document -handle-as-image}
+#MASTER# REMARKS: signature for user tracking nytimes, cnn.com,latimes.com and many others. 10/06/06
+/b/ss/.+
+#MASTER# BLOCK-REFERRER: http://www.thesun.co.uk/article/0,,11071-10784,00.html
+#MASTER# REMARKS: widespread hitbox signature 10/06/06
+/HG\?hc=
+#MASTER# BLOCK-REFERRER: http://macaddict.com 10/06/06
+.visistat.com
+#MASTER# REMARKS: See <http://www.google.com/analytics/> for user tracking.
+#MASTER# REMARKS: There is a ssl.google-analytics as well.
+.google-analytics./
+#MASTER# BLOCK-REFERRER: http://versiontracker.com and many others. 10/20/06
+/(.*/)?__utm.gif\?
+#MASTER# REMARKS: Below Moved here from -handle-as-image 10/16/06 ##########
+#MASTER# BLOCK-REFERRER: http://forums2.gardenweb.com/forums/orchids/ 09/25/06
+#MASTER# REMARKS: Mostly JS and plain text stuff
+.overture.
+#MASTER# PROBLEM-URL: http://www.linuxtoday.com/
+#MASTER# REMARKS: /adi has HTML snipplets for use in IFRAMEs 10/15/06
+.doubleclick.net/adi
+.doubleclick.net/(.*/)?adj/
+#MASTER# PROBLEM-URL: http://maps.yahoo.com/
+#MASTER# REMARKS: /AVE/iview has HTML snipplets for use in IFRAMEs 10/15/06
+view.atdmt.com/(.*/)?iview/
+#MASTER# REMARKS: Above Moved here from -handle-as-image 10/16/06 ##########
+#MASTER# REMARKS: Generic, re: tracking.foxnews.com/HG? 10/01/06
+tracking.
+#MASTER# BLOCK-REFERRER: http://netcraft.com and many others 10/22/06
+/(.*/)?adjs\.php\?
+#MASTER# BLOCK-REFERRER: http://washingpost.com and others 10/25/06
+/.*\.gif\?D=DM
+#MASTER# BLOCK-REFERRER: http://www.washingtonpost.com/
+#stats.surfaid.ihost.com/(crc/)?images/(bounce/)?uc.GIF
+#MASTER# BLOCK-REFERRER: http://www.ibm.com 10/09/06
+#MASTER# REMARKS: Similar hostname and paths appear in multiple locations.
+# Blocked URL = http://stats.surfaid.ihost.com/crc/images/bounce/uc.GIF
+# Blocked URL = http://stats.surfaid.ihost.com/rc/images/bounce/uc.GIF
+stats./c?rc/.*/uc.gif
+#MASTER# BLOCK-REFERRER: http://priceline.com 10/20/06
+#MASTER# REMARKS: User tracking, webbug stuff
+/(.*/)?dcs.gif\?&?dcs
+#MASTER# BLOCK-REFERRER: http://www.msnbc.com 10/07/06
+#MASTER# REMARKS: And MANY others. Webbug stuff.
+/(.*/)?c(lear)?\.gif\?.
+#MASTER# BLOCK-REFERRER: http://www.investorguide.com 10/08/06
+#MASTER# BLOCK-REFERRER: http://foodnetwork.com, http://gardenweb.com 10/20/06
+#MASTER# REMARK: webbug type gif used in MANY places.
+#MASTER# REMARK: Too many false positives
+#/(.*/)?(clear|(trans_?1x|blank)?1).gif
+#MASTER# REMARK: Let's try this way.
+/(.*/)?(clear|blank|(trans_?|1x)?1).gif\?.
+#MASTER# BLOCK-REFERRER: http://groups.yahoo.com/group/epdf/ 10/08/06
+.bc.yahoo.com/b\?P=
+#MASTER# BLOCK-REFERRER: http://www.motherboard.cz 10/30/06
+x*.alexa.com
+#MASTER# BLOCK-REFERRER: http://actorstheatre.org 11/02/06
+stats./.*\.gif\?
+#MASTER# BLOCK-REFERRER: http://mplayernetwork.com 11/07/06
+#MASTER# BLOCK-REFERRER: http://eetimes.com 09/26/06
+/event.ng/
+#MASTER# BLOCK-REFERRER: http://www.homedepot.com/ 11/08/06
+#MASTER# BLOCK-REFERRER: http://www.williams-sonoma.com/ 11/08/06
+/cm\?[tc]
+#MASTER# BLOCK-REFERRER: http://www.snapfiles.com/feedback/ 12/13/06 SF tracker
+.snapfiles.net/rotation/.*\.asp
+#MASTER# BLOCK-REFERRER: not provided. SF tracker #1616034 12/16/06
+#MASTER# COMMENT: JS pop-ups
+spa.snap.com/
+#MASTER# BLOCK-REFERRER: http://www.gamefaqs.com/computer/doswin/game/914819.html 12/18/06
+#MASTER# COMMENT: user tracking, and run-away assorted 'junk'
+#MASTER# BLOCK-REFERRER: http://formwood.com 2007-11-12
+.insitemetrics.com/
+#MASTER# COMMENT: user tracking, and assorted 'junk'
+#MASTER# BLOCK-REFERRER: http://blogblog.com 2007-11-12
+.extreme-dm.com/
+#MASTER# COMMENT: user tracking, and assorted 'junk'
+#MASTER# BLOCK-REFERRER: http://www.schillmania.com 2007-11-12
+stats.reinvigorate.net/
+#MASTER# COMMENT: user tracking, and assorted 'junk'
+#MASTER# BLOCK-REFERRER: http://wordpress.com 2007-11-12
+.getclicky.com/
+#MASTER# COMMENT: user tracking, and assorted 'junk'
+#MASTER# BLOCK-REFERRER: http://infoworld.com 2007-11-12
+.quantserve.com
+# Blocked URL = http://media.adrevolver.com/adrevolver/trace?sip=123&cpy=123
+media.adrevolver.com/
+
+#----------------------------------------------------------------------------
+# JavaScripts and Texts for ad and popup generation
+#----------------------------------------------------------------------------
+#MASTER# BLOCK-REFERRER: http://www.chip.de/artikel/c_artikelunterseite_10423683.html
+# Blocked URL = http://pagead.googlesyndication.example.com/foo/bar/baz.js
+pagead*.googlesyndication./.*\.js
+#MASTER# REMARKS: broadening scope from a.tfag.de/js.ng/ 10/23/06
+# Blocked URL = http://a.tfag.de/js.ng/
+/js\.ng/
+#MASTER# BLOCK-REFERRER: http://www.britannica.com/ 10/23/06
+/popunder
+#MASTER# BLOCK-REFERRER: http://www.pcmag.com/ 11/22/06 per SF Tracker # 1601148
+/js/slider\.js
+#MASTER# BLOCK-REFERRER: http://www.earthcore.com/ feedback item #1605385 12/14/06
+/t\.php\?cat=.*&kw=.*&sc=
+#MASTER# BLOCK-REFERRER: http://floodle.net 2007-01-21 SF tracker
+scripts.chitika.net/.*\.js
+#MASTER# REMARKS: Actionsfile tracker #1674363 2007-03-05, text ads
+#MASTER# BLOCK-REFERRER: http://www.securityfocus.com/archive/1/461489/30/0/threaded
+jlinks.industrybrains.com/
+#MASTER# BLOCK-REFERRER: via Yahoo groups
+#MASTER# REMARKS: Actionsfile tracker 1645513 2007-01-26
+.adinterax.com/.*\.js
+#MASTER# BLOCK-REFERRER: http://dictionary.reference.com/search?q=privacy&db=*
+#MASTER# REMARKS: Actionsfile tracker 1650798 2007-02-02
+.googleadservices.com/gampad/.*\.js
+#MASTER# BLOCK-REFERRER: http://www.linuxworld.com/news/2007/061307-brian-aker-interview.html
+#MASTER# REMARKS: Actionsfile feedback item #1736794 2007-06-13
+js.adsonar.
+#MASTER# BLOCK-REFERRER: http://news.zdnet.co.uk/software/0,1000000121,39209666,00.htm
+#MASTER# REMARKS: Actionsfile feedback item #1736879 2007-06-13, sponsored links. 2007-08-02, more hosts using this scheme, broadening scope.
+#bwp.zdnet.
+bwp.
+# Blocked URL = http://us.mc123.mail.yahoo.com/mc/stampNonJs
+.yahoo.com/mc/stampNonJs
+# Blocked URL = http://richmedia.yimg.com/js/123/personnals_banners/PER_happy_sara1_4_425x600/ad.js?q=123
+/.*/ad\.js\?
+# Blocked URL = http://ad.yieldmanager.com/st?ad_type=iframe&ad_size=728x90&site=123&section_code=123
+/.*\?ad_(type|size)=
+
+#############################################################################
+# Generic block-as-image patterns:
+#############################################################################
+{+block-as-image}
+# XXX: Should use "+block{Blocked image request.}", but Privoxy-Regression-Test
+# isn't smart enough to split that properly.
+# Sticky Actions = +block +handle-as-image
+#MASTER# BLOCK-REFERRER: http://experts-exchange.com/os2gen/
+/.*ad_?image\.(php|cgi)
+#MASTER# BLOCK-REFERRER: http://flashhentai.com/Tgp/28-09-2002/index4.html
+#MASTER# BLOCK-REFERRER: http://www.thughosting.com/www/ixix/a912/912s2.html
+#MASTER# BLOCK-REFERRER: http://www.fantasiegirl.com/cumshots/3/spunkpatrolgirl302.htm
+#MASTER# BLOCK-REFERRER: http://www.asianuncut.com/asian2/sep5628.html
+#MASTER# BLOCK-REFERRER: http://www.tatgirls.com/gals/redhot-2/kitty-carl/lb10.html
+#MASTER# BLOCK-REFERRER: http://www.cream-porn.com/1/hard/29/02.html
+/.*recips?/
+#MASTER# BLOCK-REFERRER: http://www.paroles.net/texte/10818
+/bandeaux/
+#MASTER# COMMENT: SF tracker 09/15/06
+/.*client_?ad\.(php|cgi)
+#MASTER# COMMENT: SF tracker 09/15/06
+/.*AIM_UAC.adp
+#MASTER# BLOCK-REFERRER: http://www.wunderground.com/ 2007-01-20
+#MASTER# COMMENT: banner at top of page http://server2.as5000.com/AS5000/adserver/click?ID=ADST-00015&C=0&T=1169332403
+/(.*/)?adserver/image
+#MASTER# COMMENT: Also from wunderground.com: http://icons-aa.wunderground.com/ads/images/TripAdvisor-Blinky.gif 2007-01-20
+# Blocked URL = http://icons-aa.wunderground.com/ads/images/TripAdvisor-Blinky.gif
+# URL = http://icons-aa.wunderground.com/ads/images/TripAdvisor-Blinky.gif
+/(.*/)?ads/images/
+
+#############################################################################
+# Site-specific block-as-image patterns:
+#############################################################################
+#----------------------------------------------------------------------------
+# Banner farms:
+#----------------------------------------------------------------------------
+#MASTER# BLOCK-REFERRER: http://www.cnn.com/
+#MASTER# BLOCK-REFERRER: http://www.aol.com/
+#MASTER# COMMENT: There are at least ar.atwola and pr.atwola. 10/01/06
+# Blocked URL = http://ar.atwola.com/
+# Blocked URL = http://pr.atwola.com/
+?r.atwola.com
+#MASTER# BLOCK-REFERRER: http://www.altavista.com/
+#MASTER# BLOCK-REFERRER: http://www.tecchannel.de/
+#MASTER# BLOCK-REFERRER: http://www.whowhere.lycos.com/
+#MASTER# REMARKS: Do NOT block /adj or /adi here since these are typically JS
+.[a-vx-z]*.doubleclick.net/(?!(.*/)?ad[ji])
+#MASTER# BLOCK-REFERRER: http://www.joecartoon.com/  10/17/06
+.*servedby.advertising.com
+#MASTER# BLOCK-REFERRER: http://www.yahoo.com/
+#.a.yimg.com/(?:(?!/i/).)*$
+#.a[0-9].yimg.com/(?:(?!/i/).)*$
+#.yimg.com/(.*/)?a/
+#.yimg.com/.*/(flash|java)/promotions
+#.yimg.com/a/.*/flash/
+#MASTER# REMARKS: The above replaced with below. Actions file tracker #1645616 2007-01-27
+.yimg.com/.*\.yimg\.com/a/
+bs*.gsanet.com
+bs*.einets.com
+.qkimg.net
+#MASTER# BLOCK-REFERRER: http://salon.com/ 10/19/06
+#MASTER# BLOCK-REFERRER: http://maps.yahoo.com/
+#MASTER# REMARKS: Banner farms; just exclude their corp. info
+#MASTER# REMARKS: and have a "go there anyway" link for clk.atdmt.com
+#MASTER# REMARKS:   (Actionsfile feedback item #1888197)
+[abd-vx-z]*.atdmt.com/
+#MASTER# BLOCK-REFERRER: http://www.exactaudiocopy.de/ 09/11/06
+#MASTER# BLOCK-REFERRER: http://stanford.facebook.com/home.php
+# URL = http://www.fastclick.net/
+.fastclick.net
+#MASTER# BLOCK-REFERRER: http://www.math.com/school/subject2/lessons/S2U3L6DP.html 09/11/06
+.casalemedia.com
+#MASTER# BLOCK-REFERRER: http://www.macnn.com/ 10/09/06
+kermit.macnn.com/
+#MASTER# BLOCK-REFERRER: http://www.globalseeker.com/freesamples/ 10/09/06
+quinst.com/images
+valuepage.com/images
+#MASTER# BLOCK-REFERRER: http://www.imdb.com/
+ia.imdb.com/.*\.swf
+#MASTER# BLOCK-REFERRER: http://www.dietngo.com/ 10/09/06
+.reactivpub.
+#MASTER# BLOCK-REFERRER: http://freemail.web.de/  10/17/06
+#MASTER# BLOCK-REFERRER: http://www.nytimes.com/2003/11/19/politics/19DEAN.html?ex=1069822800&en=dc82dfff0502faeb&ei=5062&partner=GOOGLE
+.as*.falkag.
+#MASTER# BLOCK-REFERRER: http://www.macnn.com/news/18944 10/17/06
+a.tribalfusion.com/
+#MASTER# BLOCK-REFERRER: http://reviews.infosyncworld.com/palmos/featured/index.html?start=1&offset=10 10/19/06
+.adserver.com/
+#MASTER# BLOCK-REFERRER: http://computers.cnet.com/hardware/0-1027-404-20857400.html?tag=rev
+#MASTER# REMARKS: Pointdexter
+.ru4.com/
+#MASTER# BLOCK-REFERRER: http://www.boursorama.com/infos/actualites/detail_actu_marches.phtml?news=1510287
+www.smartadserver.com/
+#MASTER# BLOCK-REFERRER: http://www.chez.tiscali.fr/ 10/07/06
+admedia.
+#MASTER# REMARKS: Bannerfarm used by Morpheus file sharing software
+jmcms.cydoor.com/
+#MASTER# BLOCK-REFERRER: http://www.tech-report.com/etc/2003q2/3dmurk03/index.x?pg=7
+#MASTER# REMARKS: Netshelter.com farm
+#MASTER# REMARKS: Not found but leaving 10/07/06
+.adtrix.com
+#MASTER# BLOCK-REFERRER: http://discussion.brighthand.com/forumdisplay.php?s=fee44a5b2a6fc2e9e79d6472bc8fbe94&forumid=197 10/19/06
+*[0-9].tribalfusion.com/
+#MASTER# REMARKS: Actions file tracker 1547656 09/02/06
+#MASTER# REMARKS: Update pattern: Actionsfile feedback item #1698822, was opened at 2007-04-11 to catch https://secure.img-cdn.mediaplex.com/0....
+# Blocked URL = https://secure.img-cdn.mediaplex.com/0/7454/43775/YA3149_17566_728x90_FCR_07.gif
+.img*.mediaplex.com
+#MASTER# BLOCK-REFERRER: http://www.tomshardware.com/ 09/28/06
+#MASTER# REMARKS: There is adfarm and altfarm.mediaplex
+#MASTER# REMARKS: 20070711 Actionsfile feedback #1749013 /ad/fm/ appended, as click-throughs were being blocked. Could only find adverts being served from /ad/fm/
+a*farm.mediaplex.com/ad/fm/
+#MASTER# REMARKS: Support request 1312362 09/08/06
+#MASTER# DUPLICATED: adserver.itsfogo.com
+#MASTER# REMARKS: Actionsfile feedback 09/11/06 http://matrix.mediavantage.de/mx.one?p=210&pa=1060&pb=1906&pd=10944&aid=399&x=120&y=240&ts=2005.06.27.21.38.08
+# URL = http://matrix.mediavantage.de/mx.one?p=210&pa=1060&pb=1906&pd=10944&aid=399&x=120&y=240&ts=2005.06.27.21.38.08
+#MASTER# BLOCK-REFERRER: http://www.heise.de/newsticker/meldung/61067
+matrix.mediavantage.
+#MASTER# REMARKS Ad generator, SF user tracker 09/11/06
+.cibleclick.com
+#MASTER# REMARKS: Ad generator 09/11/06  http://c1.netshelter.net/campaigns/ITTTech/itttech09_728x90.gif
+#MASTER# BLOCK-REFERRER: http://www.osnews.com/ 09/11/06
+.netracker.net
+#MASTER# REMARKS: ad generator domain per SF tracker 09/11/06
+.interclick.com
+#MASTER# REMARKS: Ad generator http://c4.maxserving.com/iserver/site=5314/area=ad728x90/aamfmt=normal/aamsz=banner/PageID=
+#MASTER# BLOCK-REFERRER: http://www.imdb.com/name/nm0000168/bio 09/12/06
+# URL = http://c4.maxserving.com/iserver/site=5314/area=ad728x90/aamfmt=normal/aamsz=banner/PageID=
+.maxserving.com
+#MASTER# REMARKS: Ad generator http://partner.gonamic.de/Affiliate/ViewCounter/index.cfm?trackingID=368232&bIsAffiliate=0
+#MASTER# BLOCK-REFERRER:  http://torrent.to/torrent/ 09/12/06
+# URL = http://partner.gonamic.de/Affiliate/ViewCounter/index.cfm?trackingID=368232&bIsAffiliate=0
+.gonamic.de
+# URL = http://img.webads.nl/
+.webads.
+#MASTER# REMARKS: Ad generator http://media.adlegend.com/centrport/20060/511290/GM_emplyee_300x250.gif
+# URL = http://media.adlegend.com/centrport/20060/511290/GM_emplyee_300x250.gif
+#MASTER# BLOCK-REFERRER:  http://news.yahoo.com/news?tmpl=story&cid=534&e=1&u=/ap/20050613/ap_on_he_me/cancer_research
+.adlegend.com
+#MASTER# REMARKS: Ad generator 09/12/06 http://dist.belnk.com//4/placement/1738/alt_offer/static.jpg
+# URL = http://dist.belnk.com//4/placement/1738/alt_offer/static.jpg
+#MASTER# BLOCK-REFERRER: http://groups.yahoo.com/group/louisianaandmardigra/messages/1?viscount=100
+.belnk.com
+.euros4click.
+#MASTER# BLOCK-REFERRER: http://www.planet3dnow.de/cgi-bin/newspub/viewnews.cgi?id=1129904195
+ads-*.quarterserver.
+#MASTER# BLOCK-REFERRER: http://adrian.adrian.org/ 10/07/06
+searchportal.information.com/
+#MASTER# BLOCK-REFERRER: http://www.nbc4.com/news/2672416/detail.html 10/17/06
+images.ibsys.com/
+#MASTER# BLOCK-REFERRER: http://www.rentalhouses.com/search_results.php?searchnew=1&citys_city=&citys_county=&citys_state=&ssubmit=Search&Szip=40205&keyword=&listingid=&strs_state=&strs_city=&strs_street= 11/05/06
+.lduhtrp.net/image
+#MASTER# BLOCK-REFERRER: http://floodle.net 2007-01-21 SF tracker
+scripts.chitika.net/.*\.(gif|png|jpg)
+#MASTER# REMARKS: Actionsfile feedback item #1648478 2007-01-30
+.projectwonderful.com/gen.php
+#MASTER# BLOCK-REFERRER: http://www.multimap.com/ (sporadic)
+#MASTER# REMARKS: Actionsfile feedback item #1665682 2007-02-21
+.akamai.net/.*\.adtech\.de/.*\.(gif|png)
+#MASTER# BLOCK-REFERRER: via Yahoo groups
+#MASTER# REMARKS: Actionsfile tracker 1645513 2007-01-26
+.adinterax.com/.*\.(gif|jpg)
+#MASTER# BLOCK-REFERRER: http://www.wotzon.com/profilepage.html?comp_id=1002310&CatID=2
+#MASTER# REMARKS: Ad generator per Actionsfile feedback item #1749870 2007-07-08
+# URL = http://img.directtrack.com
+img.directtrack.com
+#MASTER# BLOCK-REFERRER: http://www.thinkbroadband.com/news/3621-complaint-about-orange-broadband-advertising-upheld.html
+# URL = http://eas.apm.emediate.eu/media.5/1/1228/19193/ACT1215_120x600_v3.gif
+.emediate.eu/
+# URL = http://feedads.googleadservices.com/~a/dPlpGU767u4D4kVO8EGuUlnf1Q0/i
+# URL = http://feedads.googleadservices.com/~at/EpX-FnAXxwdaBSq-GRze37-rG0M/i
+.googleadservices.com/~
+#MASTER# REMARKS: Block yahoo email & ygroups banner ad
+# URL = http://ts.richmedia.yahoo.com/...hummingbird.jpg?adxq=NNN
+.richmedia.yahoo.com/.*\.(gif|jpe?g)\?ad
+# Blocked URL = http://this.content.served.by.adshuffle.com/p/a=/view.pxl
+.served.by.adshuffle.com/
+# Blocked URL = http://newsletter.adsonar.com/nwrss/imgs/nwr_123.PNG?placementId=123&plid=123&rotation=1&type=2&&url=NA
+.adsonar.com/.*/imgs/
+# Blocked URL = http://rtb.pclick.yahoo.com/images/nojs.gif?p=3
+.pclick.yahoo.com/images/
+# Blocked URL = http://rover.ebay.com/ar/1/2/3?mpt=123&adtype=1&size=728x90
+/.*\&adtype=
+
+#----------------------------------------------------------------------------
+# Cross-site user tracking
+#----------------------------------------------------------------------------
+#MASTER# REMARKS: +block-as-image here
+#MASTER# BLOCK-REFERRER: http://os2.ru/ 10/07/06
+.*.*.spylog.com/
+#MASTER# BLOCK-REFERRER: http://www.dhtmlplanet.com/ 10/07/06
+statse.webtrendslive.com
+#MASTER# BLOCK-REFERRER: http://www.versiontracker.com/
+#MASTER# REMARKS: 1) Used on many sites 2) URLs don't _end_ in .gif, hence +imageblock
+spinbox.versiontracker.com/.*\.(gif|jpg)
+#MASTER# BLOCK-REFERRER: http://mycroft.mozdev.org/ 10/07/06
+stat.onestat.com
+#MASTER# BLOCK-REFERRER: http://www.meparecebien.com/noticias/discograficas/sinnamon-records/sinnamon-records-libera-a-sus-artistas-nacionales-para-el-mercado-digital-401/
+#MASTER# REMARKS: Actionsfile feedback item #1644583 2007-03-05
+imp*.tradedoubler.com
+#MASTER# BLOCK-REFERRER: http://www.sharepoint.boo.pl/
+#MASTER# REMARKS: Not found, but left 10/07/06
+stat.webmedia.
+#MASTER# BLOCK-REFERRER: http://www.asp-php.net/index.php 10/07/06
+log*.xiti.com/
+log*.hit-parade.com/
+#MASTER# BLOCK-REFERRER: http://www.msnbc.com/news/884810.asp?0si=-&cp1=1
+# URL = http://www.xml.eshop.msn.com/tracksponsorimpression.asp
+www.xml.eshop.msn.com/tracksponsorimpression.asp
+#MASTER# BLOCK-REFERRER: http://www.planetgamecube.com/ 10/07/06
+.imrworldwide.com
+#MASTER# REMARKS: Actionsfile feedback 1555719 09/10/06, and Debian Bug report
+#MASTER# BLOCK-REFERRER: http://www.nrc.nl/ 09/12/06
+.clicktracks.com
+#MASTER# REMARK: Actionsfile tracker 1159072 09/12/06
+.etracker.
+#MASTER# REMARK: Actionsfile tracker 1243494 09/12/06
+#MASTER# BLOCK-REFERRER: http://www.spanked-slaves.com/movies14/bdsm14c.html
+.x-traceur.com
+#MASTER# BLOCK-REFERRER: http://www.aintitcool.com/ 10/05/06
+content.ipro.com
+#MASTER# BLOCK-REFERRER: http://www.weatherbug.com/default.asp 10/05/06
+.247realmedia.com
+#MASTER# BLOCK-REFERRER: http://www.samachar.com/ 10/05/06
+.sify.com
+#MASTER# BLOCK-REFERRER: http://www.nbc4.com/news/2672416/detail.html 10/06/06
+.searchignite.com
+#MASTER# BLOCK-REFERRER: http://www.sdtimes.com/ 10/07/06
+.statcounter.com
+#MASTER# BLOCK-REFERRER: http://www.dn.se/ 10/07/06
+.research-int.se/data
+#MASTER# BLOCK-REFERRER: http://www.chez.aliceadsl.fr/ 10/07/06
+.cybermonitor.com
+#MASTER# BLOCK-REFERRER: http://disney.go.com
+#MASTER# BLOCK-REFERRER: http://abcnews.com  10/15/06
+log.go.com/log
+#MASTER# BLOCK-REFERRER: http://www.care2.com 10/18/06
+stats.indextools.com
+#MASTER# BLOCK-REFERRER: http://www.techcrunch.com/ 12/16/06 #1616497 3 urls.
+tra*.measuremap.com
+.eurekster.com/sidebar
+tra*.mybloglog.com
+#MASTER# BLOCK-REFERRER:  http://www.polymervision.com/
+#MASTER# REMARKS: Actionsfile feedback item #1629370 01/16/07
+.guesttrace.
+#MASTER# BLOCK-REFERRER: http://dictionary.com
+#MASTER# REMARKS: Actionsfile feedback item #165078 2007-02-05
+insightxe./data/
+#MASTER# BLOCK-REFERRER:  http://www.unitedairlines.com
+#MASTER# REMARKS: Actionsfile feedback item #1650797 2007-02-05
+.insightfirst.com
+#MASTER# BLOCK-REFERRER: http://rss.slashdot.org/Slashdot/slashdot
+# Blocked URL = http://rss.slashdot.org/~a/Slashdot/slashdot?i=ofbWqX
+# URL = http://rss.slashdot.org/~a/Slashdot/slashdot?i=ofbWqX
+rss.slashdot.org/~a/Slashdot/slashdot\?
+# Blocked URL = http://rss.slashdot.org/~r/Slashdot/slashdot/~4/102113044
+# URL = http://rss.slashdot.org/~r/Slashdot/slashdot/~4/102113044
+rss.slashdot.org/~r/Slashdot/slashdot/~4/
+#MASTER# BLOCK-REFERRER: http://www.isys.ucl.ac.be/bchi/research/Kwaresmi.htm
+#MASTER# REMAKRKS: Actionsfile feedback item #1849627 2007-12-12
+[a-z][0-9].nedstatbasic.net/
+#MASTER# BLOCK-REFERER: http://feeds.feedburner.com/dilbertdailystrip/
+# Blocked URL = http://feeds.feedburner.com/~r/DilbertDailyStrip/~4/274512747
+#MASTER# BLOCK-REFERER: http://feeds.feedburner.com/PCLoadLetter
+# Blocked URL = http://feeds.feedburner.com/~r/PCLoadLetter/~4/270448381
+#MASTER# REMAKRKS: This seem to be a common pattern for web bugs in feedburner feeds.
+feeds.feedburner.com/~r/.*/~4/
+# Blocked URL = http://feedproxy.google.com/~r/DilbertDailyStrip/~4/y_kXD1z1HO0
+feedproxy.google.com/~r/.*/~4/
+# Blocked URL = http://feeds.feedburner.com/~a/DilbertDailyStrip?a=Ebzxel
+#MASTER# REMAKRKS: This looks like a pattern as well, maybe we should block feeds.feedburner.com/~a/ here.
+feeds.feedburner.com/~a/DilbertDailyStrip\?
+#MASTER# BLOCK-REFERER: http://www.buch.de/
+# URL = http://track.webtrekk.de/471497967328727/wt.pl?p=177,de.buch.show.home,1,1024x768,24,1,1218816426275,0,884x653,0&enc1=%FC&enc2=iso-8859-1&st=view&la=en-US&np=Default%20Plugi
+track.webtrekk.de/
+
+#----------------------------------------------------------------------------
+# Specific counters (see above for generic patterns)
+#----------------------------------------------------------------------------
+#MASTER# BLOCK-REFERRER: http://www.distrowatch.com/table.php?distribution=linex 10/19/06
+#MASTER# BLOCK-REFERRER: http://floodle.net 2007-01-21 tracker  #1641102
+s*.sitemeter.com/(meter|js/counter.js)
+#MASTER# BLOCK-REFERRER: http://personales.mundivia.es/lbouza/ 10/19/06
+# URL = http://fastcounter.bcentral.com/
+fastcounter.bcentral.com/
+#MASTER# BLOCK-REFERRER: http://osnews.com/ 10/19/06
+# URL = http://bilbo.counted.com/
+bilbo.counted.com/
+
+#----------------------------------------------------------------------------
+# On-site ads and other single sources:
+#----------------------------------------------------------------------------
+#MASTER# BLOCK-REFERRER: http://www.travelocity.com/Vacations/0,,TRAVELOCITY||Y,00.html?HPTRACK=mpc_vac
+#MASTER# BLOCK-REFERRER: http://dest.travelocity.com/DestGuides/geo_frontdoor/0,,TRAVELOCITY,00.html?HPTRACK=icon_dest 10/07/06
+.travelocity./Sponsor_gifs/
+#MASTER# REMARKS: Referenced from HTML-Emails (not checked 10/08/06)
+# URL = http://foo.weather.com/creatives/
+# URL = http://bar.weather.com/web/services/email/
+.weather.com/creatives/
+.weather.com/web/services/email/
+#MASTER# BLOCK-REFERRER: http://gamespot.com/gamespot/filters/0,10850,6013548,00.html 10/08/06
+/.*/topslots/topslot
+.contextweb.com/
+.offermatica.com/
+#MASTER# BLOCK-REFERRER: http://www.jpost.com/ 10/08/06
+.adbrite.com
+#MASTER# BLOCK-REFERRER: http://www.jpost.com/servlet/Satellite?pagename=JPost/A/JPArticle/ShowFull&cid=1038889003183
+.jpost.com/images/\d+/promos/
+#MASTER# BLOCK-REFERRER: http://www.infoempleo.com/ 10/08/06
+.infoempleo.com/(pop-up|images(/Nueva/|/motor))
+#MASTER# BLOCK-REFERRER: http://www.hardocp.com/ 10/08/06
+hera.hardocp.com/
+#MASTER# BLOCK-REFERRER: http://people.aol.com/ 10/08/06
+leadback.advertising.
+#MASTER# BLOCK-REFERRER: http://astalavista.box.sk/ 10/08/06
+.yieldmanager.com/
+.displayadsmedia.com
+# URL = http://astalavista.box.sk/adult.foo.jpg
+astalavista.box.sk/adult.*\.jpg
+#MASTER# BLOCK-REFERRER: http://www.bol.com.br/
+smartad.*.*.*
+#MASTER# BLOCK-REFERRER: http://www.dinside.no/ 10/08/06
+.dinside.no/annonsorer/
+#MASTER# BLOCK-REFERRER: http://www.heise.de/ 10/08/06
+#MASTER# BLOCK-REFERRER: http://www.spiegel.de/
+/RealMedia/ads/
+#MASTER# REMARKS: Variation 2007-11-12
+/RealMediaAds/
+#MASTER# BLOCK-REFERRER: http://www.powerdvd.com 12/28/06 per SF tracker
+/top\.php\?d=.*\.[a-z]{2,5}
+#MASTER# REMARKS: Actionsfile feedback item #1764161 2007-07-31
+#MASTER# BLOCK-REFERRER: http://www.webster.com/dictionary/revering
+.google.com/afsonline
+
+#############################################################################
+# Site-specific unblockers:
+#############################################################################
+{-block}
+# Sticky Actions = -block
+#MASTER# UNBLOCK-REFERRER: http://www.faqs.org/
+.faqs.org/banner\.html
+#MASTER# UNBLOCK-REFERRER: http://bannerblind.mozdev.org/
+bannerblind.mozdev.org
+#MASTER# UNBLOCK-REFERRER: http://advogato.org/
+advogato.org
+#MASTER# UNBLOCK-REFERRER: http://www.handelsblatt.com/
+ad*.vhb.de
+#MASTER# UNBLOCK-REFERRER: http://www.globalintersec.com/adv/sendtemp-2001021302.txt
+.globalintersec.com/adv
+#MASTER# UNBLOCK-REFERRER: http://www.wunderground.com/geo/BannerPromo/US/NY/New_York.html 10/08/06
+banners.wunderground.com/
+#MASTER# UNBLOCK-REFERRER: http://www.openoffice.org/ 10/09/06
+.openoffice.org/banners/
+#MASTER# UNBLOCK-REFERRER: http://www.amazon.com/exec/obidos/tg/browse/-/130/ref=gw_br_dvd/102-9730978-3540926 10/09/06
+#MASTER# REMARKS: Part of site decoration
+.amazon.com/.*/banners/
+#MASTER# UNBLOCK-REFERRER: http://www.washingtonpost.com/wp-dyn/articles/A43890-2002Aug4.html
+#MASTER# REMARKS: Javascripts whose absence messes the page
+.washingtonpost.com/wp-srv/
+# URL = http://www.gnome.org/images/banner-gnomeis
+.gnome.org
+#MASTER# UNBLOCK-REFERRER: http://www.nycsubway.org/ 10/09/06
+.nycsubway.org/img/banner
+#MASTER# UNBLOCK-REFERRER: http://www.forgotten-ny.com/ADS/manhattanads/moremahnattan.html
+# URL = http://www.forgotten-ny.com/ADS/manhattanads/moremahnattan.html
+.forgotten-ny.com/ADS/
+# URL = http://counter.li.org
+counter.li.org
+#MASTER# UNBLOCK-REFERRER: http://adrian.adrian.org/ 10/09/06
+# URL = http://adrian.adrian.org
+adrian.adrian.org
+#MASTER# UNBLOCK-REFERRER: http://adela.karlin.mff.cuni.cz/ 10/09/06
+# URL = http://adela.karlin.mff.cuni.cz
+adela.karlin.mff.cuni.cz
+#MASTER# UNBLOCK-REFERRER: http://www.swcp.com/rtoads/printmag/issue3/neg_data.html 10/09/06
+.swcp.com/rtoads/
+#MASTER# UNBLOCK-REFERRER: http://www.privoxy.org/actions/index.php
+#MASTER# REMARKS: Don't block our own feedback process, even if the
+#MASTER# REMARKS: parameters contain block patterns
+# URL = http://www.privoxy.org/actions/index.php
+.privoxy.org
+#MASTER# UNBLOCK-REFERRER: http://sourceforge.net/help/tracker.php
+sourceforge.net/.*tracker
+#MASTER# UNBLOCK-REFERRER: http://www.brawnylads.com/
+# URL = http://www.brawnylads.com/
+.brawnylads.com
+#MASTER# UNBLOCK-REFERRER: http://adzapper.sourceforge.net/
+# URL = http://adzapper.sourceforge.net/
+adzapper.
+#MASTER# UNBLOCK-REFERRER: http://de.altavista.com/web/adv
+# URL = http://de.altavista.com/web/adv
+.altavista.com/web/adv
+# URL = http://rads.mcafee.com/rads/scripts/RADS.dll?QueryProduct2
+rads.mcafee.com/
+# URL = http://linuxfromscratch.org/cgi-bin/lfscounter.cgi
+linuxfromscratch.org/
+#MASTER# UNBLOCK-REFERRER: http://dv411.com/advc50.html
+# URL = http://dv411.com/advc50.html
+dv411.com/.*advc50
+# URL = http://www.freeswan.org/freeswan_trees/freeswan-1.98b/doc/adv_config.html
+.freeswan.org/
+# URL = http://www.arm.com/support/ads_faq?OpenDocument&ExpandSection=11
+www.arm.com/.*ads
+# URL = http://www.anybrowser.org/campaign/
+www.anybrowser.org/
+# URL = http://www.tads.org/
+www.tads.org/
+# URL = http://www.mbe.com/redir/packtrack.asp
+.mbe.com/redir/packtrack.asp
+.iship.com/trackit/
+# URL = http://www.esis.com.au/AdvSerialCards/Firewire.htm
+.esis.com.au/AdvSerialCards
+#MASTER# UNBLOCK-REFERRER: http://www.familysearch.org/ 10/11/06
+.familysearch.org/.*banner
+#MASTER# UNBLOCK-REFERRER: http://coder.com/ 10/11/06
+coder.com/creations/banner/
+#MASTER# UNBLOCK-REFERRER: http://arnolds.dhs.org/static/adv_tools.html 10/11/06
+# URL = http://arnolds.dhs.org/static/adv_tools.html
+arnolds.dhs.org/static/adv_tools.html
+#MASTER# UNBLOCK-REFERRER: http://www.gpl.org/
+.gpl.org/
+#MASTER# UNBLOCK-REFERRER: http://europa.eu.int/yourvoice/ 10/11/06
+.europa.eu.
+#MASTER# UNBLOCK-REFERRER: http://www.schooner.com/~loverso/no-ads/ 10/11/06
+# URL = http://www.schooner.com/~loverso/no-ads/
+.schooner.com/~loverso/no-ads/
+#MASTER# UNBLOCK-REFERRER: http://source.bungie.org/ 10/11/06
+source.bungie.org/
+# URL = http://adonthell.linuxgames.com/
+adonthell.linuxgames.com/
+#MASTER# UNBLOCK-REFERRER: http://news.bbc.co.uk/furniture/chinese/banner/bbccantonese_600.gif
+#MASTER# REMARKS: Banner-free site(s).
+.bbc.co.uk/
+# URL = http://adc.netlabs.org/
+adc.netlabs.org/
+#MASTER# UNBLOCK-REFERRER: http://www.tela.bc.ca/tads/authoring/multimedia-tads-docs/latin2.htm 10/11/06
+# URL = http://www.tela.bc.ca/tads/authoring/multimedia-tads-docs/latin2.htm
+.tela.bc.ca/tads/
+# URL = http://adbusters.org/information/
+adbusters.org/
+# URL = http://www.eads.com/
+# URL = http://www.eads.net/
+# URL = http://www.eads.de/
+.eads.*/
+# URL = http://brew.qualcomm.com/brew/en/developer/resources/ad/documentation.html
+.qualcomm.com/brew/en/developer/resources/ad/
+# URL = http://upgrade.bitdefender.com/update71/avx/Plugins/adsntfs.xmd.gzip
+/update\d\d/.*adsnt.*
+#MASTER# UNBLOCK-REFERRER: http://msdn.microsoft.com/ 09/11/06
+.microsoft.com/.*masthead
+#MASTER# UNBLOCK-REFERRER: http://indymedia.org adfree site 09/11/06
+.indymedia.org
+# URL = http://www.seanbaby.com/stupid/comicads05.shtml
+.seanbaby.com
+# URL = http://www.cels.org/db/keep-track.pl?cat:1
+.cels.org/.*track
+#MASTER# UNBLOCK-REFERRER: http://www.nic.ad.jp/ See http://jprs.co.jp/en/jpdomain.html 09/11/06
+#MASTER# REMARKS: 2007-10-04, increase scope per Actionsfile feedback item #1807613
+#.nic.ad.jp
+#MASTER# REMARKS removed .ad.jp per Actionsfile feedback item #1807613
+#MASTER# UNBLOCK-REFERRER: http://www.flickr.com/photo_zoom.gne?id=32594118&size=l 09/11/06
+#MASTER# REMARKS: creativecommons.org worthwhile organization 09/11/06
+/(.*/)?somerights20.gif
+.creativecommons.org
+# URL = http://www.ups.com/WebTracking/track?loc=en_US
+.ups.com/.*/track
+#MASTER# UNBLOCK-REFERRER: http://adju.st 09/12/06
+.adju.
+#MASTER# REMARKS: Ad-free art site 09/12/06
+.rubberslug.com
+.freebsd.org
+.fsf.org
+.gnu.org
+#MASTER# REMARKS: SF tracker 09/15/06, and #1750779 2007-07-09
+#MASTER# REMARKS: New home? http://adiumx.cachefly.net/Adium_1.0.5.dmg
+adium*.*.
+#MASTER# UNBLOCK-REFERRER: http://google.com 10/01/06
+#MASTER# REMARKS: This allows many (but not all) Google "Sponsored Links" to function.
+#MASTER# REMARKS: Presumably if someone clicks these they want to go there.
+.googleadservices./pagead/adclick
+#MASTER# UNBLOCK-REFERRER: http://www.garaget.org
+#MASTER# REMARKS: These are "ads" from individuals selling cars per tracker. 10/06/06
+.garaget.org/annonser/
+#MASTER# UNBLOCK-REFERRER: http://www.macworld.com/ 10/07/06
+#MASTER# REMARKS: Without the unblock, the page layout is horribly broken 10/08/06
+edge.macworld.com
+#MASTER# UNBLOCK-REFERRER: http:// www.discovery.de  10/19/06
+#MASTER# REMARKS: These are promos relevant to the page content.
+.discovery./.*/topads/
+#MASTER# UNBLOCK-REFERRER: http://dawn.com
+#MASTER# REMARKS: SF Actionsfile tracker 10/19/06. These images are not ads.
+.dawn.com/.*/(9690dina|aurora_award)\.
+#MASTER# UNBLOCK-REFERRER: http://google.com/reader/
+#MASTER# REMARKS: Initial page does not load, per Support request 10/27/06
+.google.com/reader/
+#MASTER# REMARKS: Actionsfile Tracker 1587079 10/30/06
+.parcel2go.com/track
+#MASTER# REMARKS: Actionsfile Tracker #1612950 12/11/06
+.amazon.com/gp/gift-central/.*recip/
+#MASTER# UNBLOCK-REFERRER: http://yahoo.com 2007-01-27
+#MASTER# REMARKS: Actionsfile Tracker #1645501, this is a UI page element.
+.yimg.com/.*/themes/ad/
+#MASTER# UNBLOCK-REFERRER: http://mozilla.hongo.wide.ad.jp/pub/mozilla.org//thunderbird/releases/
+#MASTER# REMARKS: Actionsfile feedback item #1672918 2007-03-03
+# URL = http://mozilla.hongo.wide.ad.jp/pub/mozilla.org//thunderbird/releases/
+.ad.*/pub/mozilla.org/
+# URL = http://lads.myspace.com/mini/mini.swf?b=NDgwNzU1ODE=&o=NjQwNzIzMA==&d=MTE3NDI4ODcwNg==&i=MA==&a=VHJ1ZQ==
+#MASTER# UNBLOCK-REFERRER: http://profile.myspace.com/index.cfm?fuseaction=user.viewprofile&friendid=5282733
+#MASTER# UNBLOCK-REFERRER: http://lads.myspace.com/videos/vplayer.swf
+#MASTER# REMARKS: MySpace videos caught by .*ads. The above profile.myspace.com link grabs the vplayer.swf file (which does not work when directly fetched)
+# URL = http://lads.myspace.com/videos/vplayer.swf
+lads.myspace.com
+#MASTER# REMARKS: 20070402 Adam Piggott first-party tracking. 20070411 Moved from generic unblockers by path to site-specific unblockers.
+#MASTER# UNBLOCK-REFERRER: http://www.shockwave.com/servlet/DownloadEcommTracker?sku=fizzball-pc&promoCode=SiteShockwaveLandingPage
+# URL = http://www.shockwave.com/servlet/DownloadEcommTracker?sku=fizzball-pc&promoCode=SiteShockwaveLandingPage
+.shockwave.com/servlet/DownloadEcommTracker
+#MASTER# REMARKS: 20070411 Adam Piggott fish4.co.uk is a popular UK advertising site for cars, properties and jobs and uses ad/advert all over the place, understandably.
+# URL = http://www.fish4.co.uk/iad/lettings/advert?adId=12389712&src=nestoria
+.fish4.co.uk/.*ad
+#MASTER# REMARKS: Actionsfile feedback item #1700037 2007-04-13 HB
+# URL = http://www.mp3.com.au/popup/popup.asp?id=110433
+.mp3.com.au/.*popup
+#MASTER# REMARKS Actionsfile feedback #1700915 2007-04-15
+# URL = http://www.svd.se/ego/339/http://www.e24.se/dynamiskt/reklam_media/did_15092793.asp
+# URL = http://www.e24.se/dynamiskt/reklam_media/did_15092793.asp
+/(.*/)?dynamiskt/reklam_media/did_
+#MASTER# REMARKS 20070710 Actionsfile feedback #1751020
+switch.atdmt.com/action/
+# URL = http://www.parcelforce.com/portal/pw/track?catId=7500082
+.parcelforce.com/.*track
+#MASTER# UNBLOCK-REFERRER: redirect from http://go.microsoft.com/fwlink?linkid=51093
+#MASTER# REMARKS: Actionsfile feedback item #1757121 2007-07-19
+.microsoft.com/.*/adschema/
+# URL = http://upload.wikimedia.org/wikipedia/en/a/ad/Picturecarnegie.jpg
+.wikimedia.org/
+# URL = http://en.wikipedia.org/wiki/Advertisement
+.wikipedia.org/
+#MASTER# REMARKS Actionsfile feedback item #2299717 2008-11-16
+# URL = http://en.wiktionary.org/wiki/advertisement
+.wiktionary.org/
+# URL = http://curl.haxx.se/docs/adv_20070710.html
+.haxx.se/docs/adv_
+# URL = http://www.google.com/adsense/
+www.google.com/adsense/
+# URL = http://www.encyclopediadramatica.com/Advertisement
+# URL = http://images.encyclopediadramatica.com/images/b/b5/Advertising-Dierentuin.jpg
+.encyclopediadramatica.com/
+#MASTER# UNBLOCK-REFERRER: http://lifehacker.com 2008-04-18 HB
+# URL = tags.gawker.com/assets/minify.php?files=/assets/base.v6/css/global.css,/assets/base.v6/css/header.css,/assets/base.v6/css/sidebar.css,/assets/base.v6/css/content.css,/assets/base.v6/css/images.css,/assets/base.v6/css/ads.css,/assets/base.v6/css/community.css,/assets/base.v6/css/comments.css,/assets/base.v6/css/messages.css,/assets/base.v6/css/ui.css
+tags.gawker.com/.*css$
+# URL = http://cgi.tnt.co.uk/TrackNTrace/quicktrack.asp
+.tnt.co.uk/TrackNTrace/
+#MASTER# UNBLOCK-REFERRER: http://www.supermediastore.com/trackorder.html
+# URL = http://secure.howtoburndvd.net/ups/track.php
+/ups/track\.php
+#MASTER# REMARKS: Actionsfile feedback item #1886140  2008-02-04
+#MASTER# UNBLOCK-REFERRER: http://idonthateyouall.imeem.com/video/8zH0_f9i/kiley_rilo_pull_me_in_tighter_art_video/
+# URL = http://ad.doubleclick.net/crossdomain.xml
+ad.doubleclick.net/crossdomain\.xml
+#MASTER# REMARKS: Actionsfile feedback item #2021509  2008-07-18
+#MASTER# REMARKS: Allow realplayer site help popup windows
+#MASTER# UNBLOCK-REFERRER: http://real.custhelp.com/cgi-bin/real.cfg/php/enduser/std_adp.php?p_faqid=4512
+# URL = http://real.custhelp.com/cgi-bin/real.cfg/php/enduser/popup_adp.php
+real.custhelp.com/cgi-bin/real\.cfg/php/enduser/popup_adp\.php
+# URL = http://fritz.fonwlan.box/cgi-bin/webcm?getpage=../html/de/help/popup.html&var:lang=de&var:pagename=hilfe_syslog&var:anker=24
+fritz.fonwlan.box/
+# URL = http://fritz.box/cgi-bin/webcm?getpage=../html/de/help/popup.html&var:lang=de&var:pagename=hilfe_syslog&var:anker=24
+fritz.box/
+#MASTER# REMARKS: Actionsfile feedback item #2043327 2008-08-08
+# URL = http://kb.adobe.com/selfservice/viewContent.do?externalId=kb402747&sliceId=1
+.adobe.com
+# URL = http://qa.debian.org/popcon.php
+qa.debian.org/popcon\.php
+#MASTER# REMARKS: Support Requests item #2432535 2008-12-16
+# URL = http://www.mta.info/bandt/traffic/advmain.htm
+.mta.info/.*advmain.htm$
+#MASTER# REMARKS: We also use this as a light character class test, therefore the additional URL directives.
+# URL = http://www.proaurum.de/bannerA2/image/pro_master_r3_01_04.gif
+# URL = http://www.proaurum.de/bannerA1/image/limitorder2.gif
+# URL = http://www.proaurum.de/bannerA3/image/pro_master_r5_banken_01_01+.gif
+# URL = http://www.proaurum.de/bannerB2/image/pro_banner_mitte.gif
+# URL = http://www.proaurum.de/bannerB1_/image/pro_banner_links.gif
+# URL = http://www.proaurum.de/bannerC1/image/partner1.png
+.proaurum.de/banner[ABC]\d_?/
+# URL = http://www.goldmoney.com/en/images/home/banner_r4_c1.gif
+.goldmoney.com/
+#MASTER# REMARKS: Actionsfile feedback item #2017126  2008-07-13
+#MASTER# REMARKS: The dutch newspaper site of Algemeen Dagblad (http://www.ad.nl) is blocked
+# URL = http://www.ad.nl/
+.ad.nl/
+#MASTER# REMARKS: yahoo groups self-promotion - and the page is uglier without it
+# URL = http://us.i1.yimg.com/us.yimg.com/i/yg/img/ads/bestofygroups.jpg
+.yimg.com/.*/ads/bestofygroups.jpg$
+#MASTER# REMARKS: NYT home page is messed up because .css files are blocked
+#MASTER# UNBLOCK-REFERRER: http://www.nytimes.com/
+# URL = http://graphics8.nytimes.com/css/0.1/screen/common/ads.css
+# URL = http://graphics8.nytimes.com/css/0.1/screen/homepage/ads.css
+.nytimes.com/.*/ads\.css$
+
+
+#############################################################################
+# Site-specific special rules:
+#############################################################################
+
+#----------------------------------------------------------------------------
+# These sites are very complex (read: keen on your identity) and require
+# minimal interference.
+#----------------------------------------------------------------------------
+{fragile}
+.office.microsoft.com
+.windowsupdate.microsoft.com
+#MASTER# PROBLEM URL: http://metrics.apple.com 10/11/06
+# too broad: .apple.com
+www.apple.com
+store.apple.com
+images.apple.com
+#MASTER# REMARKS: Actions Tracker 1293057 09/02/06
+.update.microsoft.com
+#MASTER# REMARKS: Various reports 09/16/06. This site also requires pop-ups.
+mail.google.
+
+#----------------------------------------------------------------------------
+# Semi-fragile, allow for blocks.
+#----------------------------------------------------------------------------
+{ -crunch-all-cookies -filter -fast-redirects -hide-referer -prevent-compression }
+#MASTER# REMARKS: Problem URL: adserver.yahoo.com 10/01/06
+#MASTER# REMARKS: This is much too broad for my taste. It forces me to add
+#MASTER# REMARKS: a special yahoo section in my user.action file, just to
+#MASTER# REMARKS: confirm my defaults in default.action. fk 2007-01-19
+.yahoo.com
+
+#----------------------------------------------------------------------------
+# Shopping and banking sites - allow cookies and pop-ups
+#----------------------------------------------------------------------------
+#MASTER# REMARKS: This section not checked 10/11/06 HB
+{shop}
+.quietpc.com
+.worldpay.com   # for quietpc.com
+.jungle.com
+.dabs.com
+.overclockers.co.uk
+.db24.de
+.ebay.
+.mobile.de
+www.fondationlejeu.com
+www.techtv.com
+.mywebgrocer.com
+
+#----------------------------------------------------------------------------
+# Subscription sites (with credible privacy policy) - allow permanent cookies
+#----------------------------------------------------------------------------
+{-session-cookies-only}
+#MASTER# PROBLEM-URL: http://www.nytimes.com/auth/login
+.nytimes.com/
+#MASTER# PROBLEM-URL: http://www.volkskrant.nl/
+.volkskrant.nl/
+
+#----------------------------------------------------------------------------
+# These sites require pop-ups, so don't use the unconditional filters.
+#----------------------------------------------------------------------------
+{allow-popups}
+#MASTER# PROBLEM-URL: http://www.aprilbarrows.com/discography.html
+www.aprilbarrows.com/discography\.html$
+#MASTER# PROBLEM-URL: http://www.nvidia.com/view.asp?PAGE=windows2000
+.nvidia.com
+#MASTER# PROBLEM-URL: http://www15.chathouse.com/games/
+www*.chathouse.com/games/
+#MASTER# PROBLEM-URL: http://www.bild.de/
+.bild.t-online.de
+#MASTER# PROBLEM-URL: http://www.netflix.com/
+.netflix.com
+#MASTER# PROBLEM-URL: http://my.aol.com/
+my.aol.com
+#MASTER# PROBLEM-URL: http://www.cnn.com/
+#MASTER# REMARKS: Re-enable "Story Tools" i.e. printing, emailing etc.
+i.cnn.net/cnn/.*/clickability/button
+#MASTER# PROBLEM-URL: http://www.rosettaproject.org:8080/live/search/contribute/swadesh/view?ethnocode=SPN
+.rosettaproject.org
+#MASTER# PROBLEM-URL: http://www.quantum.com requires popups for downloads, etc. 09/11/06
+.quantum.com
+#MASTER# PROBLEM-URL: http://www.liberation.fr 11/23/06 Actions tracker
+.liberation.fr
+
+#----------------------------------------------------------------------------
+# Sometimes (i.e. often!) fast-redirects catches things by mistake
+#----------------------------------------------------------------------------
+#MASTER# REMARKS: This section NOT checked 10/13/06 HB
+{-fast-redirects}
+# Sticky Actions = -fast-redirects
+www.ukc.ac.uk/cgi-bin/wac\.cgi\?
+#MASTER# PROBLEM-URL: http://www.google.com/search?q=foo
+.google.
+#MASTER# PROBLEM-URL: http://de.altavista.com/q?pg=q&q=foo&kl=XX&search.x=28&search.y=8&what=web
+.altavista.com/(.*(like|url|link):|trans.*urltext=)http
+#MASTER# PROBLEM-URL: http://www.speedfind.de/cgi-bin/search?q=foo&t=STANDARD
+.speedfind.de
+#MASTER# PROBLEM-URL: http://www.nytimes.com/
+.nytimes.com
+#MASTER# REMARKS: Yahoo logout URL after first redirect. fk 2007-01-19
+#MASTER# REMARKS: Logout fails if we fast-redirect to the URL after "done=".
+#MASTER# REMARKS: Reported in support request #1635354.
+# URL = http://login.yahoo.com/config/login?logout=1&.done=http://mail.yahoo.com&.src=ym&.intl=us
+.yahoo.com/.*done=http
+#MASTER# REMARKS: Reported in support request #1802365.
+# URL = http://us.rd.yahoo.com/reg/login1/lisu/login/uk/ym/*http://edit.europe.yahoo.com/c onfig/login?.tries=1&.src=ym&.md5=&.hash=&.js=1&.last=&...kP=Y&.done=http://mail .yahoo.com&.pd=ym_ver=0&c=&login=XXX&passwd=XXX&.persistent =&.hash=1&.md5=1
+.rd.yahoo.com/reg/login1/
+# URL = http://validator.w3.org/check
+.w3.org
+#MASTER# PROBLEM-URL: http://www.ask.com/
+.directhit.com
+#MASTER# PROBLEM-URL: http://www.zagats.com/
+.zagats.com
+#MASTER# PROBLEM-URL: http://www.passport.com/Consumer/default.asp?lc=1033
+#MASTER# PROBLEM-URL: http://www.msn.com/
+# URL = http://www.passport.com/Consumer/default.asp?lc=1033&msppchlg=1&mspplogin=
+my.msn.com/passport/pp(consent|set)\.ashx\?msnru=
+www.passport.com/Consumer/default\.asp\?lc=[0-9]+&msppchlg=[01]&mspplogin=
+login.passport.com/logout\.(asp|srf)\?
+#MASTER# PROBLEM-URL: http://www.fileplanet.com
+download.com.com/redir\?
+www.fileplanet.com/redir\.asp\?
+#MASTER# PROBLEM-URL: http://cyber.law.harvard.edu/filtering/china/test/
+.edu
+#MASTER# PROBLEM-URL: http://web.archive.org
+# URL = http://web.archive.org/web/19970715180251/http://www.gmd.de/
+.archive.org
+# URL = http://www.guenstiger.de/gt/link.asp?url=http://www.edv-supermarkt.de&source=produkt=238284&USID=00086443917155&hnr=2199&pnr=238284&ppr=158,00
+www.guenstiger.de
+# URL = http://anon.free.anonymizer.com/http://www.privoxy.org/
+.anonymizer.com
+# URL = http://www.mailtothefuture.com/public/logon?http://www.mailtothefuture.com/
+www.mailtothefuture.com
+#MASTER# PROBLEM-URL: http://support.microsoft.com/default.aspx?scid=KB;en-us;q219110
+support.microsoft.com/
+# URL = http://www.alexa.com/data/details/traffic_details?q=blogspot&url=http://www.blogalia.com
+.alexa.com
+# URL = http://www.translate.ru/url/tran_url.asp?lang=es&url=http%3A%2F%2Fos2progg.by.ru%2Findex.shtml&direction=rs&template=General&cp1=NO&cp2=NO&autotranslate=on&transliterate=on&psubmit2.x=68&psubmit2.y=12
+www.translate.ru/url/
+# URL = http://schneegans.de/sv/?url=http%3A%2F%2Fwww.freebsd.org%2F&schema=%28Detect+automatically%29&encoding=%28Detect+automatically%29&htmlcomp=%28Detect+automatically%29
+schneegans.de/
+# URL = http://config.privoxy.org/edit-actions-submit?f=user..&redirect_mode=http%3A%2F%2Fwww.privoxy.org%2F
+config.privoxy.org/
+# URL = http://users.wsj.com/lmda/do/checkLogin?mg=evo-wsj&url=http%3A%2F%2Fonline.wsj.com%2Farticle%2FSB117313867582027623.html
+.wsj.com/lmda/do/checkLogin
+#MASTER# REMARKS: As we already have five other PROBLEM-URLs that contain '?url=',
+#MASTER# REMARKS: it might make sense to allow '/.*?url=' in general
+# URL = http://del.icio.us/url/check?url=http%3A%2F%2Fwww.privoxy.org
+del.icio.us/
+# URL = http://calgary.ctv.ca/servlet/RTGAMArticleHTMLTemplate/B/20070615/goexpo?brand=generic&hub=&tf=CFCNPlus/generic/hubs/frontpage.html&cf=CFCNPlus/generic/hubs/frontpage.cfg&slug=goexpo&date=20070615&archive=CFCNPlus&ad_page_name=&nav=home&subnav=fullstory&site_cfcn=http://calgary.ctv.ca
+.ctv.ca/.*&site_cfcn=http://
+# URL = http://memberservices.informit.com/checkLogin.ashx?partner=8&r=http%3a%2f%2fwww.informit.com%2farticles%2farticle.asp%3fp%3d766375%26seqNum%3d1
+.informit.com/.*&r=http%3a%2f%2f
+# URL = http://access.adobe.com/access/getStatus.do?jobid=&srcPdfUrl=http://cups.cs.cmu.edu/soups/2007/proceedings/p41_clark.pdf&convertTo=html&visuallyImpaired=preferhtml&preferHTMLReason=&platform=&comments=&starttime=1187362172109
+access.adobe.com/access/getStatus.do\?jobid=&srcPdfUrl=
+# URL = http://view.samurajdata.se/ps.php?url=http%3A%2F%2Fcups.cs.cmu.edu%2Fsoups%2F2007%2Fproceedings%2Fp41_clark.pdf&submit=View%21
+view.samurajdata.se/ps\.php\?url=
+# URL = http://www.blogger.com/navbar.g?targetBlogID=8919860543765866292&blogName=Kickin%27+the+Darkness&publishMode=PUBLISH_MODE_HOSTED&navbarType=BLUE&layoutType=LAYOUTS&homepageUrl=http%3A%2F%2Fblog.kickin-the-darkness.com%2F&searchRoot=http%3A%2F%2Fblog.kickin-the-darkness.com%2Fsearch
+.blogger.com/navbar\.g
+# URL = http://editors.dmoz.org/editors/editurl.cgi?url=http%3a//www.example.de/&cat=World/Deutsch/Computer/Hardware/Speichermedien
+.dmoz.org/editors/editurl\.cgi
+# URL = http://offer.ebay.de/ws/eBayISAPI.dll?stockphotourl=http%3A%2F%2Fi16.ebayimg.com%2F02%2Fc%2F02%2F88%2F21%2F5b_6.JPG&MfcISAPICommand=BinConfirm&fb=1&co_partnerid=&item=123456789112&quantity=1&input_bin=
+# URL = http://offer.ebay.de/ws/eBayISAPI.dll?maxbid=15%2C01&MfcISAPICommand=MakeBid&fromPage=284&stockphotourl=http%3A%2F%2Fi14.ebayimg.com%2F02%2Fc%2F00%2Fe9%2Fe1%2F2a_6.JPG&fb=2&co_partnerid=&item=123456789112&input_bid=
+.ebay.de/ws/eBayISAPI\.dll\?
+#MASTER# REMARKS: While this is a redirect, the token isn't part of the URL redirected to.
+# URL = http://www.amazon.com/gp/redirect.html/ref=cm_plog_item_link/105-3659773-0844420?ie=UTF8&location=http%3A%2F%2Fjoltawards.com%2F2007%2F&token=A07736D870C02EF10CB13BCC8A33C302F689BBBA
+.amazon.com/gp/redirect.html/.*location.*&token
+# URL = http://en.groundspring.org/EmailNow/pub.php?module=WebSignup&cmd=thankyou&gotoUrl=http%3A%2F%2Fwww.freebsdfoundation.org&gotoText=Return+to+Home+Page&listNames=The+FreeBSD+Foundation+Mailing+List
+.groundspring.org/
+# URL = http://www1.landsend.de/pp/undefined/images/error.gif?onerr=true&ts=1227969386837&file=http%3A//s7.landsend.com/is-viewers/dhtml/include/sj_textloader.js%3Fver%3Dle.1&line=0&msg=Script%20error.&sid=
+.landsend.de/
+# URL = http://www.youtube.com/swf/l.swf?swf=http%3A//s.ytimg.com/yt/swf/cps-vfl68942.swf&video_id=2cpd6rHIfyA&rel=1&showsearch=1&eurl=&iurl=http%3A//i3.ytimg.com/vi/2cpd6rHIfyA/hqdefault.jpg&sk=5E3I2RCcOLknk1qyI_JgVVnb8FKwgpHzC&use_get_video_info=1&load_modules=1&fs=1&hl=en
+.youtube.com/swf/.*swf=
+
+#----------------------------------------------------------------------------
+# No filtering for sourcecode or other automatically parsed content
+#----------------------------------------------------------------------------
+{-filter -prevent-compression}
+# Sticky Actions = -filter -prevent-compression
+# URL = http://ijbswa.cvs.sourceforge.net/ijbswa/current/
+.cvs.
+/.*(cvs(view|web)|viewcvs)
+#MASTER# REMARKS: The same for Subversion
+# URL = http://svn.sourceforge.net/
+.svn.
+.websvn.
+/(.*/)?svn/
+#MASTER# REMARKS: Jeez, could you please stay with one of them?
+# URL = http://liveupdate.symantec.com/ennlu.x86
+liveupdate.symantec.com
+liveupdate.liveupdatesymantec.com
+liveupdate.symantecliveupdate.com
+# URL = http://www.bookmarklets.com/
+.bookmarklets.com
+# URL = http://www.squarefree.com/bookmarklets/
+.squarefree.com/bookmarklets/
+#MASTER# REMARKS: Used by Mac OSX's automatic software update feature
+swquery.apple.com
+swscan.apple.com
+#MASTER# REMARKS: These are various US DSL speed tests sites, where MIME is wrong
+# URL = http://atl.speakeasy.net/300k
+.speakeasy.net/\d+k
+# URL = http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=185033
+.debian.org
+#MASTER# DONT-VERIFY
+#MASTER# REMARKS: Popular bug-tracking system - likely to contain code
+bugzilla.
+.tldp.org
+#MASTER# REMARKS: mail should not be filtered 09/18/06
+webmail.
+#MASTER# REMARKS: all the world is wikified 09/02/06. Generic wiki un-filterers.
+.wiki*.
+.*wiki.
+/.*wiki/
+#MASTER# REMARKS Actionsfile feedback item #2299717 2008-11-16
+# URL = http://en.wiktionary.org/
+.wiktionary.org/
+#MASTER# REMARKS: protect some google projects from accidental JS/HTML tampering, etc
+maps.google.
+.google.com/(calendar|reader)
+#MASTER# REMARKS: A lot of code and docs on these sites:
+code.
+developer.
+.mozdev.org
+.mozilla.org
+.perl.org
+.cpan.org
+.webdeveloper.com
+.ibm.com/developerworks
+.apache.org/docs
+.comptechdoc.org
+.webmonkey.com
+.webreference.com
+docs.sun.com
+java.sun.com
+.thescripts.com
+.php.net
+.phpdeveloper.org
+.oreillynet.com/pub
+.devshed.com
+.htmlgoodies.com
+.javascript.com
+javascript.internet.com
+.w3schools.com
+.devguru.com
+javascriptkit.com
+.xulplanet.com
+.perl.com/language/newdocs
+.freebsd.org
+.watson.org
+.netbsd.org
+.openbsd.org
+.dragonflybsd.org
+.freedesktop.org
+.gnu.org
+.fedoraproject.org
+.userscripts.org
+#MASTER# REMARKS: Bug trackers like Flyspray and Mailinglist interfaces like Mailman:
+/(.*/)?flyspray/
+/(.*/)?mail(man|archive|inglists?)/
+bugs.
+#MASTER# REMARKS: Actionsfile tracker 1555909 09/17/06, various problems with cpu and logging in.
+quoka.de
+
+#----------------------------------------------------------------------------
+# Innocent images in standard banner sizes found here:
+#----------------------------------------------------------------------------
+{-filter{banners-by-size}}
+# Sticky Actions = -filter{banners-by-size}
+# URL = http://www.pricegrabber.com/search_getprod.php?masterid=580330&zip_code=92840&found=1&ut=40a6c41f2c9d1244
+.pricegrabber.com/search_getprod.php
+#MASTER# REMARKS: URL-based filtering is enough here. 120x90 content images
+# URL = http://www.cnn.com/WORLD/
+.cnn.com
+#MASTER# REMARKS: 120x90 content images
+# URL = http://gamespot.com/gamespot/filters/0,10850,6013054,00.html
+.gamespot.com/gamespot
+#MASTER# PROBLEM-URL: http://www.wral.com/ 10/14/06
+www.wral.com
+#MASTER# PROBLEM-URL: http://www.cartoonnetwork.com/ 10/15/06
+.cartoonnetwork.com/
+# URL = http://www.anybrowser.org/campaign/
+.anybrowser.org
+# URL = http://images.google.de/images?q=cookie+monster&svnum=10&hl=de&lr=&ie=UTF-8&oe=UTF-8&start=40&sa=N
+images.google.
+# URL =  http://www.pbs.org/wgbh/pages/roadshow/series/highlights/2003/albuquerque/index.html
+.pbs.org/.*/roadshow/
+# URL = http://objects.povworld.org/cat/Food/
+objects.povworld.org/cat/
+# URL = http://www.xach.com/gimp/tutorials/tiles.html
+www.xach.com/gimp/
+#MASTER# REMARKS: The destination map at the bottom of the page.
+# URL = http://www.mapquest.com/directions/main.adp?go=1&do=nw&ct=NA&1y=US&1a=255+w+88+st&1p=&1c=&1s=&1z=10024&2y=US&2a=20+milltown+rd&2p=&2c=&2s=&2z=10509&lr=2
+.mapquest.com/directions/
+#MASTER# PROBLEM-URL: http://www.theonion.com/ 10/15/06
+#MASTER# REMARKS: A nasty "premercial" ad is required to enter this site.
+.theonion.com/content/
+# URL = http://www.pattilupone.net/gallery.html
+.pattilupone.net/gallery.html
+# URL = http://www.ambrosiasw.com/games/evn/desktops.html
+.ambrosiasw.com/
+# URL = http://oca.microsoft.com/en/Welcome.asp
+.microsoft.com
+# URL = http://javabog.dk/ijk/
+javabog.dk/ijk/
+#MASTER# REMARK: Per Debian bug report #319025 09/09/06
+.w3.org
+# URL = http://www.encyclopediadramatica.com/New_Zealand_Fail_Guy
+.encyclopediadramatica.com/
+# URL = http://www.ikea.com/us/en/catalog/products/00103102
+.ikea.com/
+# URL = http://www.froscon.de/en/projects.html
+.froscon.de/
+# URL = http://www.fsfe.org/en/supporters
+.fsfe.org/
+# URL = http://www.couchsurfing.com/mapsurf.html
+.couchsurfing.com/
+
+{-filter{banners-by-link}}
+# Sticky Actions = -filter{banners-by-link}
+# URL = http://www.encyclopediadramatica.com/Advertisement
+.encyclopediadramatica.com/
+
+#----------------------------------------------------------------------------
+# These don't work without the referrer information:
+#----------------------------------------------------------------------------
+{-hide-referrer}
+# Sticky Actions = -hide-referrer
+#MASTER# REMARKS: This section NOT checked 10/18/06 HB
+#MASTER# REMARKS: These are movie clips, linked from http://us.imdb.com
+.totaleclips.com
+#MASTER# REMARKS: Link to download page breaks
+# URL = http://www.mandrakelinux.com/en/ftp.php3
+.mandrakelinux.com/en/ftp.php3
+#MASTER# REMARKS: Actions Tracker 1313157
+# URL = http://validator.w3.org/check?uri=referer
+validator.w3.org/check\?uri=referer
+#MASTER# REMARKS: Fixes Debian Bug #250407
+# URL = http://www.petitiononline.com/mod_perl/signed.cgi
+.petitiononline.com/mod_perl/signed.cgi
+#MASTER# REMARKS: Tracker bug report 1107806 09/26/06
+.telia.se
+#MASTER# REMARKS: XML validator that actually works.
+# URL = schneegans.de/sv/?url=referer
+schneegans.de/sv/\?url=referer
+
+#----------------------------------------------------------------------------
+# These animated gifs are either useful or nice:
+#----------------------------------------------------------------------------
+{-deanimate-gifs}
+# Sticky Actions = -deanimate-gifs
+#MASTER# REMARKS: Wanted animations on ecards
+#MASTER# REMARKS: Leaving 10/18/06 though most animated seem flash now.
+# URL = http://www.care2.com/
+.care2.com
+.care-mail.com
+#MASTER# PROBLEM-URL: http://weather.chicagotribune.com/radar/station.asp?ID=LOT19&type=loop
+#MASTER# REMARKS: These are weather radar images. 10/18/06
+# URL = http://www.wunderground.com/radar/station.asp?ID=MPX19&type=loop&clutter=1
+.wunderground.com
+66.28.250.180/data/
+#MASTER# PROBLEM-URL: http://www.teamquest.com/html/gunther/laquiz.shtml
+.teamquest.com/gifs/gunther/
+#MASTER# REMARKS: 09/12/06 Art site, and ad-free
+.rubberslug.com
+#MASTER# REMARKS: Actionsfile feedback item #2040467, allow animated gifs from wikipedia.org
+.wikipedia.org/
+
+#----------------------------------------------------------------------------
+# The "site-specifics" filter has special cures for problems found here:
+#----------------------------------------------------------------------------
+#MASTER# REMARKS: This section NOT checked 10/15/06 HB.
+{+filter{site-specifics}}
+# Sticky Actions = +filter{site-specifics}
+# URL = http://www.spiegel.de/static/js/flash-plugin.js
+.spiegel.de/static/js/flash-plugin\.js
+# URL = http://www.quelle-bausparkasse.de/
+.quelle-bausparkasse.de/$
+# URL = http://de.groups.yahoo.com/group/die-spinner/interrupt?st=2&ln=die-spinner&m=1&done=%2Fgroup%2Fdie-spinner%2Fmessage%2F416
+.groups.yahoo.com/group/
+# URL = http://www.nytimes.com/
+.nytimes.com/
+
+#----------------------------------------------------------------------------
+# Content under these TLDs is most probably in character sets which the
+# demoronizer filter would mess up
+#----------------------------------------------------------------------------
+{-filter{demoronizer}}
+.jp
+.cn
+.tw
+.ru
+.kr
+
+#----------------------------------------------------------------------------
+# Misc special rules:
+#----------------------------------------------------------------------------
+{-filter{content-cookies} -filter{webbugs}}
+# Sticky Actions = -filter{content-cookies} -filter{webbugs}
+#MASTER# REMARKS: Needs content-cookies for cookie test on index page; needs webbugs for storing profile(!)
+# URL = http://www.friendscout24.de/
+.friendscout24.de
+#MASTER# REMARKS: Explains how content cookies work
+# URL = http://www.webreference.com/js/column8/property.html
+.webreference.com/js/column8/property.html
+
+{-filter{fun}}
+# Sticky Actions = -filter{fun}
+#MASTER# REMARKS: Don't change the filter code with itself ;-)
+# URL = http://www.privoxy.org/user-manual/filter-file.html
+/(.*/)?user-manual/filter-file.html
+
+#{+filter{img-reorder} +filter{banners-by-link}}
+#MASTER# REMARKS: Temporarily decommissioning 10/15/06. Violates Cautious no filter policy. HB
+#MASTER# PROBLEM-URL: http://www.dn.se/
+#MASTER# REMARKS: Can't catch by size or location
+#www.dn.se
+
+{-filter{img-reorder}}
+# Sticky Actions = -filter{img-reorder}
+#MASTER# REMARKS: Google images don't show up with img-reorder on
+#MASTER# REMARKS: Also images on finance.google.com 09/25/06
+# URL = http://images.google.com
+.google.
+#MASTER# PROBLEM-URL: http://wired.com 09/23/06
+# URL = http://wired.com
+/.*wired(\.com)?/
+.wired.com/
+
+{-filter{js-annoyances}}
+# Sticky Actions = -filter{js-annoyances}
+#MASTER# REMARKS: No progress past main page without js-annoyances
+# URL = http://www.nasa.gov
+.nasa.gov
+#MASTER# REMARKS: Exclude per Debian bug report #377843
+# URL = http://www2.cnrs.fr/presse/communique/900.htm
+.cnrs.fr
+#MASTER# REMARKS: Exclude per Debian bug report #377843
+# URL = http://blogs.msdn.com/wga/archive/2006/07/16/667063.aspx
+blogs.msdn.com
+
+{-filter{unsolicited-popups}}
+# Sticky Actions = -filter{unsolicited-popups}
+#MASTER# REMARKS: Breaks Movable Type's admin interface (http://www.movabletype.org/)
+/.*mt.cgi$
+#MASTER# REMARKS: Exclude per Debian bug report #377843 09/17/06
+# URL = http://www2.cnrs.fr/presse/communique/900.htm
+.cnrs.fr
+#MASTER# REMARKS: Exclude per Debian bug report #377843 09/17/06
+# URL = http://blogs.msdn.com/wga/archive/2006/07/16/667063.aspx
+blogs.msdn.com
+
+{+fast-redirects{check-decoded-url} -block}
+# Sticky Actions = +fast-redirects{check-decoded-url} -block
+#MASTER# REMARKS: Yahoo search results. Added 2007-01-19 fk
+#MASTER# REDIRECT-REFERRER: http://search.yahoo.com/search?p=privoxy
+# URL = http://rds.yahoo.com/_ylt=A0geuryczbBF._YAEmxXNyoA;_ylu=X3oDMTB2b2gzdDdtBGNvbG8DZQRsA1dTMQRwb3MDMQRzZWMDc3IEdnRpZAM-/SIG=11b3qg40n/EXP=1169301276/**http%3a//www.privoxy.org/
+rds.yahoo.com/
+#MASTER# COMMENTS: Verified 2007-01-19 fk
+#MASTER# REDIRECT-REFERRER: http://www.gamefaqs.com/computer/doswin/game/914819.html
+# URL = http://dw.com.com/redir?asid=0&astid=8&siteid=19&edid=107&destCat=33862&destURL=http%3A%2F%2Fdb.gamefaqs.com%2Fcomputer%2Fdoswin%2Ffile%2Fvampire_tmb_b.txt
+dw.com.com/
+#MASTER# REMARKS: Action tracker 1593393. Added 2007-01-20.
+# URL = http://wzus.bloglines.com/r?t=a&d=us&s=bl&c=blen&ti=1&ai=51060&l=dir&o=0&sv=z6f537f5b&ip=971AC44B&u=http%3A%2F%2Fwww.skweezer.net%2Fbloglines%2Fskweeze.aspx%3F%26i%3Dd%26l%3Den%26r%3Dhttp%253A%252F%252Fwww.bloglines.com%252Fmyblogs_display%253Fsub%253D29302699%2526site%253D5382440%26url%3Dhttp%253A%252F%252Fpermalink.gmane.org%252Fgmane.linux.debian.devel.changes.unstable%252F97340
+.bloglines.com/r\?
+www.skweezer.net/bloglines
+# URL = http://media.fastclick.net/w/get.media?sid=4681&m=5&tp=6&url=http%3A//www.sciam.com/article.cfm%3FchanID%3Dsa003%26articleID%3DC7C87ECC-E7F2-99DF-39AEFF3D7D1A8CFB%26ref%3Drss
+.fastclick.net/w/get\.media\?
+
+{+block{Looks like an anti-leech trigger URL.}}
+#MASTER# COMMENTS: This section not checked 10/17/06 HB. Still out there?
+#MASTER# PROBLEM-URL: http://www.anti-leech.com/theft_example.html
+#MASTER# REMARKS: Lame attempt at banning ad-blockers. Used by other websites as well.
+/antitheft\.php
+
+{ +prevent-compression }
+.compusa.com/
+
+{+filter{tiny-textforms}}
+.sourceforge.net/tracker
+
+{+downgrade-http-version}
+#MASTER# COMMENTS: This section not checked 10/17/06 HB
+#MASTER# REMARKS: This is work-around for CUPS http configuration.
+:631
+
+#MASTER# REMARKS: If Privoxy is disabled, requests for config.privoxy.org/
+#MASTER# REMARKS: reach privoxy.org and are redirected to privoxy.org/config.
+#MASTER# REMARKS: The instructions tell the user to reload the page with
+#MASTER# REMARKS: Privoxy enabled to reach the configuration webinterface,
+#MASTER# REMARKS: to make this work we have to intercept the request and revert
+#MASTER# REMARKS: the redirection.
+{+redirect{http://config.privoxy.org/}}
+# Sticky Actions = +redirect{http://config.privoxy.org/}
+# URL = http://www.privoxy.org/config
+.privoxy.org/config
+
+#MASTER# REMARKS: Privoxy's "unsafe" CGI pages check the referrer
+#MASTER# REMARKS: to make sure the user reached them intentionally.
+#MASTER# REMARKS: Disabling hide-referrer so there's a referrer left to check.
+#MASTER# REMARKS: Disabling fast-redirects because if CGI crunching gets
+#MASTER# REMARKS: enabled it could be leveraged to fool the referrer check.
+{-hide-referrer -fast-redirects}
+# Sticky Actions = -hide-referrer -fast-redirects
+# URL = http://p.p
+# URL = http://config.privoxy.org
+p.p/
+config.privoxy.org/
+
+#MASTER# REMARKS: Yahoo logout URLs need special treatment,
+#MASTER# REMARKS: the URL after "done=" is no fast-redirect. 2007-01-19 fk
+#MASTER# REMARKS: Reported in support request #1635354.
+{-fast-redirects +redirect{s@^.*\*(http://login\.yahoo\.com/.*)$@$1 at i}}
+# XXX: Privoxy-Regression-Test currently doesn't allow backslashes.
+# Sticky Actions = -fast-redirects +redirect
+# URL = http://us.ard.yahoo.com/SIG=AAAAAAAAA/M=NNNNNN.NNNNNNN.NNNNNNN.NNNNNNN/D=mail/S=NNNNNNNNN:HEADR/Y=YAHOO/EXP=NNNNNNNNNN/A=NNNNNNN/R=N/SIG=AAAAAAAAA/*http://login.yahoo.com/config/login?logout=1&.done=http://mail.yahoo.com&.src=ym&.intl=us
+.yahoo./.*http://login.yahoo.com/config/login.*http://
+
+#----------------------------------------------------------------------------
+# Sections that modify the action settings based on tags.
+#----------------------------------------------------------------------------
+
+#############################################################################
+# Depends on +client-header-tagger{image-requests}
+#############################################################################
+{-handle-as-empty-document \
+ +handle-as-image \
+}
+TAG:^IMAGE-REQUEST$
+
+#############################################################################
+# Depends on +client-header-tagger{css-requests}
+#############################################################################
+{+handle-as-empty-document \
+ -handle-as-image \
+}
+TAG:^CSS-REQUEST$
+
+#MASTER# set vi:nowrap
diff --git a/external/privoxy/default.filter b/external/privoxy/default.filter
new file mode 100644
index 0000000..3537c7b
--- /dev/null
+++ b/external/privoxy/default.filter
@@ -0,0 +1,1289 @@
+# ********************************************************************
+# 
+#  File        :  $Source: /cvsroot/ijbswa/current/default.filter,v $
+# 
+#  $Id: default.filter,v 1.71 2009/03/01 18:33:17 ler762 Exp $
+#
+#  Purpose     :  Rules to process the content of web pages
+# 
+#  Copyright   :  Written by and Copyright (C) 2001-2009 the
+#                 Privoxy team. http://www.privoxy.org/
+#
+# We value your feedback. However, to provide you with the best support,
+# please note:
+#  
+#  * Use the support forum to get help:
+#    http://sourceforge.net/tracker/?group_id=11118&atid=211118
+#  * Submit bugs only thru our bug forum:
+#    http://sourceforge.net/tracker/?group_id=11118&atid=111118 
+#    Make sure that the bug has not already been submitted. Please try
+#    to verify that it is a Privoxy bug, and not a browser or site
+#    bug first. If you are using your own custom configuration, please
+#    try the stock configs to see if the problem is a configuration
+#    related bug. And if not using the latest development snapshot,
+#    please try the latest one. Or even better, CVS sources.
+#  * Submit feature requests only thru our feature request forum:
+#    http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse
+#      
+# For any other issues, feel free to use the mailing lists:
+# http://sourceforge.net/mail/?group_id=11118
+#    
+# Anyone interested in actively participating in development and related
+# discussions can join the appropriate mailing list here:
+# http://sourceforge.net/mail/?group_id=11118. Archives are available
+# here too.
+# 
+#################################################################################
+#
+# Syntax:
+#
+# Generally filters start with a line like "FILTER: name description".
+# They are then referrable from the actionsfile with +filter{name}
+#
+# FILTER marks a filter as content filter, other filter
+# types are CLIENT-HEADER-FILTER, CLIENT-HEADER-TAGGER,
+# SERVER-HEADER-FILTER and SERVER-HEADER-TAGGER.
+#
+# Inside the filters, write one Perl-Style substitution (job) per line.
+# Jobs that precede the first FILTER: line are ignored.
+#
+# For Details see the pcrs manpage contained in this distribution.
+# (and the perlre, perlop and pcre manpages)
+#
+# Note that you are free to choose the delimiter as you see fit.
+#
+# Note2: In addition to the Perl options gimsx, the following nonstandard
+# options are supported:
+# 
+# 'U' turns the default to ungreedy matching.  Add ? to quantifiers to
+#     switch back to greedy.
+#
+# 'T' (trivial) prevents parsing for backreferences in the substitute.
+#     Use if you want to include text like '$&' in your substitute without
+#     quoting.
+#
+# 'D' (Dynamic) allows the use of variables. Supported variables are:
+#     $host, $origin (the IP address the request came from), $path and $url.
+#
+#     Note that '$' is a bad choice as delimiter for dynamic filters as you
+#     might end up with unintended variables if you use a variable name
+#     directly after the delimiter. Variables will be resolved without
+#     escaping anything, therefore you also have to be careful not to chose
+#     delimiters that appear in the replacement text. For example '<' should
+#     be save, while '?' will sooner or later cause conflicts with $url.
+# 
+#################################################################################
+
+
+#################################################################################
+#
+# js-annoyances: Get rid of particularly annoying JavaScript abuse.
+#
+#################################################################################
+FILTER: js-annoyances Get rid of particularly annoying JavaScript abuse.
+
+# Note: Most of these jobs would be safer if restricted to a
+# <script> context as in:
+#
+# s/(<script.*)nasty-item(?=.*<\/script>)/$1replacement/sigU
+#
+# but that would make them match only the first occurrence of
+# nasty-item in each <script>. We need nestable jobs!
+
+# Get rid of Javascript referrer tracking. 
+# Test page: http://www.javascript-page.com/referrer.html
+#
+s|(?:\w+\.)+referrer|"Not Your Business!"|gisU
+
+# The status bar is for displaying link targets, not pointless blahblah
+#
+s@([\W]\s*)((?:this|window)\.(?:default)?status)\s*=\s*((['"]).*?\4)@$1$2 =\
+ (typeof(this.href) != 'undefined')?($3 + ' URL: ' + this.href):($2)@ig
+
+s/(?:(?:this|window)\.(?:default)?status)\s*=\s*\w*\s*;//ig
+
+# Kill OnUnload popups. Yummy.
+# Test: http://www.zdnet.com/zdsubs/yahoo/tree/yfs.html
+#
+s/(<body\s+[^>]*)onunload/$1never/siU
+s|(<script.*)window\.onunload(?=.*</script>)|$1never|sigU
+
+# If we allow window.open, we want normal window features: 
+# Test: http://www.htmlgoodies.com/beyond/notitle.html
+#
+s/(open\s*\([^\)]+resizable=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
+s/(open\s*\([^\)]+location=)(["']?)(?:no|0)\2/$1$2yes$2/sigU 
+s/(open\s*\([^\)]+status=)(["']?)(?:no|0)\2/$1$2yes$2/sigU 
+s/(open\s*\([^\)]+scroll(?:ing|bars)=)(["']?)(?:no|0)\2/$1$2auto$2/sigU 
+s/(open\s*\([^\)]+menubar=)(["']?)(?:no|0)\2/$1$2yes$2/sigU 
+s/(open\s*\([^\)]+toolbar=)(["']?)(?:no|0)\2/$1$2yes$2/sigU 
+s/(open\s*\([^\)]+directories=)(["']?)(?:no|0)\2/$1$2yes$2/sigU 
+s/(open\s*\([^\)]+fullscreen=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
+s/(open\s*\([^\)]+always(?:raised|lowered)=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
+s/(open\s*\([^\)]+z-?lock=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
+s/(open\s*\([^\)]+hotkeys=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
+s/(open\s*\([^\)]+titlebar=)(["']?)(?:no|0)\2/$1$2yes$2/sigU
+s/(open\s*\([^\)]+always(?:raised|lowered)=)(["']?)(?:yes|1)\2/$1$2no$2/sigU
+
+
+#################################################################################
+#
+# js-events: Kill all JS event bindings and timers (Radically destructive! Only for extra nasty sites).
+#
+#################################################################################
+FILTER: js-events Kill all JS event bindings and timers (Radically destructive! Only for extra nasty sites).
+
+s/(on|event\.)((mouse(over|out|down|up|move))|(un)?load|contextmenu|selectstart)/never/ig
+# Not events, but abused on the same type of sites:
+s/(alert|confirm)\s*\(/concat(/ig
+s/settimeout\(/concat(/ig
+
+#################################################################################
+#
+# html-annoyances: Get rid of particularly annoying HTML abuse.
+#
+#################################################################################
+FILTER: html-annoyances Get rid of particularly annoying HTML abuse.
+
+# New browser windows (if allowed -- see no-popups filter below) should be
+# resizeable and have a location and status bar
+#
+s/(<a\s+href[^>]+resizable=)(['"]?)(?:no|0)\2/$1$2yes$2/igU 
+s/(<a\s+href[^>]+location=)(['"]?)(?:no|0)\2/$1$2yes$2/igU 
+s/(<a\s+href[^>]+status=)(['"]?)(?:no|0)\2/$1$2yes1$2/igU
+s/(<a\s+href[^>]+scrolling=)(['"]?)(?:no|0)\2/$1$2auto$2/igU
+s/(<a\s+href[^>]+menubar=)(['"]?)(?:no|0)\2/$1$2yes$2/igU
+
+# The <BLINK> and <MARQUEE> tags were crimes!
+#
+s-</?(blink|marquee).*>--sigU
+
+
+#################################################################################
+#
+# content-cookies: Kill cookies that come in the HTML or JS content.
+#
+#################################################################################
+FILTER: content-cookies Kill cookies that come in the HTML or JS content.
+
+# JS cookies, except those used by antiadbuster.com to detect us:
+#
+s|(\w+\.)+cookie(?=[ \t\r\n]*=)(?!='aab)|ZappedCookie|ig
+
+# HTML cookies:
+#
+s|<meta\s+http-equiv=['"]?set-cookie.*>|<!-- ZappedCookie -->|igU
+
+
+#################################################################################
+#
+# refresh-tags: Kill automatic refresh tags (for dial-on-demand setups).
+#
+#################################################################################
+FILTER: refresh-tags Kill automatic refresh tags (for dial-on-demand setups).
+
+# Note: Only deactivates refreshes with more than 9 seconds delay to
+#       preserve monster-stupid but common redirections via meta tags.
+#
+s/<meta\s+http-equiv\s*=\s*(['"]?)refresh\1\s+content\s*=\s*(['"]?)\d{2,}\s*(;\s*url\s*=\s*([^>\2]*))?\2/<link rev="x-refresh" href="$4"/iU
+
+
+#################################################################################
+#
+# unsolicited-popups: Disable unsolicited pop-up windows.
+#
+#################################################################################
+FILTER: unsolicited-popups Disable only unsolicited pop-up windows.
+
+s+([^'"]\s*<head.*>)(?=\s*[^'"])+$1<script>function PrivoxyWindowOpen(){return(null);}</script>+isU
+s@([^\w\s.]\s*)((?:map)?(window|this|parent)\.?)?open\s*\(@$1PrivoxyWindowOpen(@ig
+s+([^'"]\s*</html>)(?!\s*(\\n|'|"))+$1<script>function PrivoxyWindowOpen(a, b, c){return(window.open(a, b, c));}</script>+iU     
+
+
+##################################################################################
+#
+# all-popups: Kill all popups in JavaScript and HTML.
+#
+#################################################################################
+FILTER: all-popups Kill all popups in JavaScript and HTML.
+
+s@((\W\s*)(?:map)?(window|this|parent)\.?)open\s*\\?\(@$1concat(@ig  # JavaScript
+#s/\starget\s*=\s*(['"]?)_?(blank|new)\1?/ notarget/ig        # HTML
+s/\starget\s*=\s*(['"]?)_?(blank|new)\1?/ /ig        # (X)HTML
+
+##################################################################################
+#
+# img-reorder: Reorder attributes in <img> tags to make the banners-by-* filters more effective.
+#
+#################################################################################
+FILTER: img-reorder Reorder attributes in <img> tags to make the banners-by-* filters more effective.
+
+# In the first step src is moved to the start, then width is moved to the second
+# place to guarantee an order of src, width, height. Also does some white-space
+# normalization.
+#
+# This makes banners-by-size more effective and allows both banners-by-size
+# and banners-by-link to preserve the original image URL in the title attribute.
+
+s|<img\s+?([^>]*)\ssrc\s*=\s*(['"])([^>\\\2]+)\2|<img src=$2$3$2 $1|siUg
+s|<img\s+?([^>]*)\ssrc\s*=\s*([^'">\\\s]+)|<img src=$2 $1|sig
+s|(<img[^>]+height)\s*=\s*|$1=|sig
+
+s|<img (src=(?:(['"])[^>\\\\2]*\2\|[^'">\\\s]+?))([^>]*)\s+width\s*=\s*((["']?)\d+?\5)(?=[\s>])|<img $1 width=$4$3|siUg
+
+
+#################################################################################
+#
+# banners-by-size: Kill banners by size.
+#
+#################################################################################
+#
+# Standard banner sizes taken from http://www.iab.net/iab_banner_standards/bannersizes.html
+#
+# Note: Use http://config.privoxy.org/send-banner?type=trans for a transparent 1x1 image
+#       Use http://config.privoxy.org/send-banner?type=pattern for a grey/white pattern image
+#       Use http://config.privoxy.org/send-banner?type=auto  to auto-select.
+#
+# Note2: Use img-reorder before this filter to ensure maximum matching success
+#
+#################################################################################
+FILTER: banners-by-size Kill banners by size.
+
+# 88*31
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)88\4)[^>]*?(height=(['"]?)31\6)[^>]*?(?=/?>)@\
+  <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5 at sig
+# 120*60, 120*90, 120*240, 120*600
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)120\4)[^>]*?(height=(['"]?)(?:600?|90|240)\6)[^>]*?(?=/?>)@\
+  <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5 at sig
+# 125*125
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)125\4)[^>]*?(height=(['"]?)125\6)[^>]*?(?=/?>)@\
+  <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5 at sig
+# 160*600
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)160\4)[^>]*?(height=(['"]?)600\6)[^>]*?(?=/?>)@\
+  <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5 at sig
+# 180*150
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)180\4)[^>]*?(height=(['"]?)150\6)[^>]*?(?=/?>)@\
+  <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5 at sig
+# 234*60, 468*60 (Most Banners!)
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)(?:234|468)\4)[^>]*?(height=(['"]?)60\6)[^>]*?(?=/?>)@\
+  <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5 at sig
+# 240*400
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)240\4)[^>]*?(height=(['"]?)400\6)[^>]*?(?=/?>)@\
+  <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5 at sig
+# 250*250, 300*250
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)(?:250|300)\4)[^>]*?(height=(['"]?)250\6)[^>]*?(?=/?>)@\
+  <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5 at sig
+# 336*280
+s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)336\4)[^>]*?(height=(['"]?)280\6)[^>]*?(?=/?>)@\
+  <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5 at sig
+
+# Note: 200*50 was also proposed, but it probably causes too much collateral damage:
+#
+#s@<img\s+(?:src\s*=\s*(['"]?)([^>\\\1\s]+)\1)?[^>]*?(width=(['"]?)200\4)[^>]*?(height=(['"]?)50\6)[^>]*?(?=/?>)@\
+#   <img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed-$2-by-size" $3 $5 at sig
+
+
+#################################################################################
+#
+# banners-by-link: Kill banners by their links to known clicktrackers (Experimental).
+#
+#################################################################################
+FILTER: banners-by-link Kill banners by their links to known clicktrackers.
+
+# Common case with width and height attributes:
+#
+s@<a\s+href\s*=\s*(['"]?)([^>\1\s]*?(?:\
+  adclick                             # See www.dn.se \
+| advert                              # see dict.leo.org \
+| atwola\.com/(?:link|redir)          # see www.cnn.com \
+| doubleclick\.net/jump/              # redirs for doublecklick.net ads \
+| counter                             # common \
+| (?<!&type=)tracker                  # (&type=tracker is used in sf's project statistics) \
+| adlog\.pl                           # see sf.net \
+)[^>\1\s]*)\1[^>]*>\s*<img\s+(?:src\s*=\s*(['"]?)([^>\\\3\s]+)\3)?[^>]*((?:width|height)\s*=\s*(['"]?)\d+?\6)[^>]*((?:width|height)\s*=\s*(['"]?)\d+?\8)[^>]*?(?=/?>)\
+@<img $5 $7 src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed $4 by link to $2"@sigx
+
+# Rare case w/o explicit dimensions:
+#
+s@<a\s+href\s*=\s*(['"]?)([^>\1\s]*?(?:ad(?:click|vert)|atwola\.com/(?:link|redir)|doubleclick\.net/jump/|(?<!&type=)tracker|counter|adlog\.pl)[^>\1\s]*)\1[^>]*>\s*<img\s+(?:src\s*=\s*(['"]?)([^>\\\3\s]+)\3)?[^>]*?(?=/?>)@<img src="http://config.privoxy.org/send-banner?type=auto" border="0" title="Killed $4 by link to $2"@sig
+
+
+################################################################################
+#
+# webbugs: Squish WebBugs (1x1 invisible GIFs used for user tracking).
+#
+#################################################################################
+FILTER: webbugs Squish WebBugs (1x1 invisible GIFs used for user tracking).
+
+s@<img[^>]*\s(?:width|height)\s*=\s*['"]?[01](?=\D)[^>]*\s(?:width|height)\s*=\s*['"]?[01](?=\D)[^>]*?>@@siUg
+
+
+#################################################################################
+#
+# tiny-textforms: Extend those tiny textareas up to 40x80 and kill the hard wrap.
+#
+#################################################################################
+FILTER: tiny-textforms Extend those tiny textareas up to 40x80 and kill the hard wrap.
+
+s/(<textarea[^>]*?)(?:\s*(?:rows|cols)=(['"]?)\d+\2)+/$1 rows=$2\40$2 cols=$2\80$2/ig 
+s/(<textarea[^>]*?)wrap=(['"]?)hard\2/$1/ig
+
+
+#################################################################################
+#
+# jumping-windows: Prevent windows from resizing and moving themselves.
+#
+#################################################################################
+FILTER: jumping-windows Prevent windows from resizing and moving themselves.
+
+s/(?<=[\W])(?:window|this|self)\.(?:move|resize)(?:to|by)\(/''.concat(/ig
+
+#################################################################################
+#
+# frameset-borders: Give frames a border, make them resizable and scrollable.
+#
+#################################################################################
+FILTER: frameset-borders Give frames a border and make them resizable.
+
+s/(<frameset\s+[^>]*)framespacing=(['"]?)(no|0)\2/$1/igU
+s/(<frameset\s+[^>]*)frameborder=(['"]?)(no|0)\2/$1/igU
+s/(<frameset\s+[^>]*)border=(['"]?)(no|0)\2/$1/igU
+s/(<frame\s+[^>]*)noresize/$1/igU
+s/(<frame\s+[^>]*)frameborder=(['"]?)(no|0)\2/$1/igU 
+s/(<frame\s+[^>]*)scrolling=(['"]?)(no|0)\2/$1/igU
+
+
+
+#################################################################################
+#
+# demoronizer: Correct Microsoft's abuse of standardized character sets, which 
+#              leave the browser to (mis)-interpret unknown characters, with 
+#              sometimes bizarre results on non-MS platforms.
+#
+# credit: ripped from the demoroniser.pl script by: 
+#         John Walker -- January 1998, http://www.fourmilab.ch/webtools/demoroniser
+#
+#################################################################################
+FILTER: demoronizer Fix MS's non-standard use of standard charsets.
+
+s/(&\#[0-2]\d\d)\s/$1; /g
+# per Robert Lynch: http://slate.msn.com//?id=2067547, just a guess.
+# Must come before x94 below.
+s/\xE2\x80\x94/ -- /g
+s/\x82/,/g
+#s-\x83-<em>f</em>-g
+s/\x84/,,/g
+s/\x85/.../g
+#s/\x88/^/g
+#s-\x89- °/°°-g
+s/\x8B/</g
+s/\x8C/Oe/g
+s/\x91/`/g
+s/\x92/'/g
+s/(\x93|\x94)/"/g
+# Bullet type character.
+s/\x95/·/g
+s/\x96/-/g
+s/\x97/--/g
+#s-\x98-<sup>~</sup>-g
+#s-\x99-<sup>TM</sup>-g
+# per Robert Lynch.
+s/\x9B/>/g                  # 155
+
+
+#################################################################################
+#
+# shockwave-flash: Kill embedded Shockwave Flash objects.
+#                  Note: Better just block "/.*\.swf$"!
+#
+#################################################################################
+FILTER: shockwave-flash Kill embedded Shockwave Flash objects.
+
+s|<object [^>]*macromedia.*</object>|<!-- Squished Shockwave Object -->|sigU
+s|<embed [^>]*(application/x-shockwave-flash\|\.swf).*>(.*</embed>)?|<!-- Squished Shockwave Flash Embed -->|sigU
+
+
+#################################################################################
+#
+# quicktime-kioskmode: Make Quicktime movies saveable.
+#
+#################################################################################
+FILTER: quicktime-kioskmode Make Quicktime movies saveable.
+
+s/(<embed\s+[^>]*)kioskmode\s*=\s*(["']?)true\2/$1/ig 
+
+
+#################################################################################
+#
+# fun: Text replacements for subversive browsing fun!
+#
+#################################################################################
+FILTER: fun Text replacements for subversive browsing fun!
+
+# SCNR
+#
+s/microsoft(?!.[^\s])/MicroSuck/ig
+
+# Buzzword Bingo (example for extended regex syntax)
+#
+s* (?:industry|world)[ -]leading \
+|  cutting[ -]edge \
+|  customer[ -]focused \
+|  market[ -]driven \
+|  award[ -]winning # Comments are OK, too! \
+|  high[ -]performance \
+|  solutions[ -]based \
+|  unmatched \
+|  unparalleled \
+|  unrivalled \
+*$0<sup><font color="red"><b>Bingo!</b></font></sup> \
+*igx
+
+# For Germans only
+#
+s/(M|m)edien(?![^<]*>)/$1ädchen/Ug
+
+#################################################################################
+#
+# crude-parental: Crude parental filtering. Use with a suitable blocklist.
+#                 Pages are "blocked" based on keyword matching.
+#
+#################################################################################
+FILTER: crude-parental Crude parental filtering. Note that this filter doesn't work reliably.
+
+# (Note: Middlesex, Sussex and Essex are counties in the UK, not rude words)
+# (Note #2: Is 'sex' a rude word?!)
+
+s%^.*(?<!middle)(?<!sus)(?<!es)sex.*$%<html><head><title>Blocked</title></head><body>\
+<h3>Blocked by Privoxy's crude-parental filter due to possible adult content.</h3></body></html>%is
+
+s+^.*warez.*$+<html><head><title>No Warez</title></head><body><h3>You're not searching for illegal stuff, are you?</h3></body></html>+is
+
+# Remove by description
+s/^.*\
+(?:(suck|lick|tongue|rub|fuck|fingering|finger|chicks?)\s*)?\
+(?:(her|your|my|hard|with|big|wet|tight|pink|hot|moist|young|teen)\s*)+\
+(dicks?|penis|cocks?|balls?|tits?|pussy|cunt|clit|ass|mouth).*$\
+/This page has been blocked by Privoxy's crude-parental content filter\
+/is
+
+#Remove by link text
+s/^.*\
+(download|broadband|view|watch|free|get|extreem)?\s*\
+(sex|xxx|porn|cumshot|fuck(ing|s)?|anal|ass|asian|adult|Amateur|org(y|ies)|close ups?|hand?job|nail(ed)?)+\s*\
+(movies?|pics?|videos?|dvds?|dvd's|links?).*$\
+/This page has been blocked by Privoxy's crude-parental content filter\
+/is
+
+#Remove by age disclaimer
+s/^.*\
+(models?|chicks?|girls?|women|persons)\s*\
+(who|are|were)+ (over|at least) (16|18|21) years (old|of age).*$\
+/This page has been blocked by Privoxy's crude-parental content filter\
+/is
+
+#Remove by regulations
+s/^.*(Section 2257|18 U.?S.?C.? 2257).*$\
+/This page has been blocked by Privoxy's crude-parental content filter\
+/is 
+
+
+#################################################################################
+#
+# IE-Exploits: Disable some known Internet Explorer bug exploits.
+#
+#################################################################################
+FILTER: ie-exploits Disable some known Internet Explorer bug exploits.
+
+# Note: This is basically a demo and waits for someone more interested in IE
+# security (sic!) to take over.
+
+# Cross-site-scripting:
+#
+s%f\("javascript:location.replace\('mk:@MSITStore:C:'\)"\);%alert\("This page looks like it tries to use a vulnerability described here:\n http://online.securityfocus.com/archive/1/298748/2002-11-02/2002-11-08/2"\);%siU
+
+# Address bar spoofing (http://www.secunia.com/advisories/10395/):
+#
+s/(<a[^>]*href[^>]*)(?:\x01|\x02|\x03|%0[012])@/$1MALICIOUS-LINK@/ig
+
+# Nimda:
+#
+s%<script language="JavaScript">(window\.open|1;''\.concat)\("readme\.eml", null, "resizable=no,top=6000,left=6000"\)</script>%<br><font size="7"> WARNING: This Server is infected with <a href="http://www.cert.org/advisories/CA-2001-26.html">Nimda</a>!</font>%g
+
+
+#################################################################################
+#
+#
+# site-specifics: Cure for site-specific problems. Don't apply generally!
+#
+#   Note: The fixes contained here are so specific to the problems of the
+#         particular web sites they are designed for that they would be a
+#         waste of CPU cycles (or even destructive!) on 99.9% of the web
+#         sites where they don't apply.
+#
+#################################################################################
+FILTER: site-specifics Cure for site-specific problems. Don't apply generally!
+
+# www.spiegel.de excludes X11 users from viewing Flash5 objects - shame.
+# Apply to: www.spiegel.de/static/js/flash-plugin.js 
+#
+s/indexOf\("x11"\)/indexOf("x13")/
+
+# www.quelle-bausparkasse.de uses a very stupid redirect mechanism that
+# relies on a webbug being present. Can we tolerate that? No!
+# Apply to: www.quelle-bausparkasse.de/$
+#
+s/mylogfunc()//g
+
+# groups.yahoo.com has splash pages that one needs to click through in
+# order to access the actual messages. Let the browser do that. Thanks
+# to Paul Jobson for this one:
+#
+s|<a href="(.+?)">(?:Continue to message\|Weiter zu Nachricht)</a>|<meta http-equiv="refresh" content="0; URL=$1">|ig
+
+# monster.com has two very similar gimmicks:
+#
+s|<input type="hidden" name="REDIRECT" value="(.+?)">|<meta http-equiv="refresh" content="0; URL=$1">|i
+ 
+s|<IMG SRC="http://media.monster.com/mm/usen/my/no_thanks_211x40.gif".+?>|<meta http-equiv="refresh" content="0; URL=http://my.monster.com/resume.asp">|i 
+
+# nytimes.com triggers popups through the onload handler of dummy images
+# to fool popup-blockers.  
+#
+s|(<img [^>]*)onload|$1never|sig
+
+# Pre-check all the "Discard" buttons in GNU Mailman's web interface.
+# (This saves a lot of mouse aiming practice when flushing spamtraps)
+#
+s|(<INPUT name="\d{2,4}" type="RADIO" value="0") CHECKED |$1|g
+s|<INPUT name="\d{2,4}" type="RADIO" value="3" |$0 checked|g
+
+#################################################################################
+#
+# no-ping: Removes non-standard ping attributes in <a> and <area> tags.
+#          
+#################################################################################
+FILTER: no-ping Removes non-standard ping attributes in <a> and <area> tags.
+s@(<a(?:rea)?[^>]*?)\sping=(['"]?)([^"'>]+)\2([>\s]?)@\
+<strong style="color:white; background-color:red;" title="Privoxy removed ping target '$3'">PING!</strong>\n$1$4 at ig
+
+#################################################################################
+#
+# google: CSS-based block for Google text ads. Also removes
+#         a width limitation and the toolbar advertisement.
+#
+#################################################################################
+FILTER: google CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.
+
+s@</head>@<style type="text/css">\n\
+ /* Style sheet inserted by Privoxy's google filter. */\n\
+ \#fbc, \#fbl, \#ra, .rhh {visibility: hidden !important;}\n\
+ \#tpa1,\#tpa2,\#tpa3,\#tpa4,\#tpa5,\#tpa5, \#spl, .ch, \#ads,\
+ \#toolbar, \#google_ads_frame, \#mbEnd {display: none !important;}\n\
+ .main_body, .j {width: 100%}\n</style>\n$0@
+s@<div style=\"padding-top:11px;min-width:500px\">@<div id="main_body">@
+s@(<table cellspacing=0 cellpadding=0 width=25% align=right bgcolor=\#ffffff border=0\
+|</font></td></tr></tbody></table><table align=\"right\" bgcolor=\"\#ffffff\"\
+|<table cellspacing=0 cellpadding=0 align=right bgcolor=\#ffffff border=0\
+|<table style=\"clear:both\" align=right width=25% cellspacing=\"0\" cellpadding=\"0\"\
+ border=\"0\" bgcolor=\"\#ffffff\")@$0 id="ads"@
+s@(<br clear=all><table)( border=0 cellpadding=9><tr><td)@$1 id="toolbar"$2@
+
+#################################################################################
+#
+# yahoo: CSS-based block for Yahoo text ads. Also removes a width limitation.
+#
+#################################################################################
+FILTER: yahoo CSS-based block for Yahoo text ads. Also removes a width limitation.
+
+s@</head>@\n<style type="text/css">\n\
+ /* Style sheet inserted by Privoxy's yahoo filter. */\n\
+ \#symadbn, \#ymadbn, .yschbox, .yschhd, .bbox, \#yschsec, \#sec,\
+ \#yschanswr, .yschftad, .yschspn, .yschspns, \#ygrp-sponsored-links,\
+ \#nwad, \#MWA2, \#MSCM, \#yregad, \
+ \#ks-ypn-ads, .ad, \#east, \#ygrp-vital {display: none !important;}\n\
+ \#yschpri, \#yschweb, \#pri, \#web, \#main {width: 100% !important; max-width: 100% !important;}\n\
+ \#yschqcon, \#yschtg {width: auto !important; /* No useless horizontal scrollbar please */}\n\
+ \#composebox \#compose_editorArea {width: 70% !important; /* reasonably sized reply textarea please */\n\
+ </style>\n$0\n@
+
+s@(<textarea\s+id="composeArea"[^>]*)width:545px;@$1width:70%;@isU
+
+#################################################################################
+#
+# msn: CSS-based block for MSN text ads. Also removes tracking URLs
+#      and a width limitation.
+#
+#################################################################################
+FILTER: msn CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.
+
+s@</head>@<style type="text/css">\n\
+ /* Style sheet inserted by Privoxy's msn filter. */\n\
+ .msn_ads, \#at, \#ar, .mktmsg {display: none !important;}\n\
+ \#results, .flank, .results_area_flank, .results_area_stroke,\n\
+ \#results_area, .SearchSection, .not, .sc_rslth1\n\
+.content, \#sw_foot, \#bf, \#sw_content, \#sidebar, \#pag\n\
+ {width: 99% !important; min-width: 99% !important;\n\
+ max-width: 100% !important; /* width:100% sometimes causes horizontal scrollbars */}\n\
+ /* Remove "suggestions". They are next to worthless but partly overlap with the search results */\n\
+ .suggestion, \#nys_right, \#nys {clear: both; display:none;}\n\
+ \#content {padding-right: 0;}\n\
+ </style>\n$0@
+# Are these ids still in use?
+s@(<div[^>]*) id=(["']?)ads_[^\2]*\2@$1 class="msn_ads"@Uig
+s@(<div[^>]*) class=(["']?)sb_ads[^\2]*\2@$1 class="msn_ads"@Uig
+s@(<a[^>]*href=\")http://g.msn.com/.*\?(http://.*)(&&DI=.*)(\")@$1$2$4 at Ug
+s@(<a[^>]*)gping=\".*\"@$1 title="URL cleaned up by Privoxy's msn filter"@Ug
+
+#################################################################################
+#
+# blogspot: Cleans up some Blogspot blogs. Read the fine print before using this.
+#
+#           This filter also intentionally removes some navigation stuff and
+#           sets the page width to 100%. As a result, some rounded "corners" would
+#           appear to early or not at all and as fixing this would require a browser
+#           that understands background-size (CSS3), they are removed instead.
+#
+#           When applied to feeds, it removes comment titles that
+#           only contain the beginning of the actual comment.
+#
+#################################################################################
+FILTER: blogspot Cleans up some Blogspot blogs. Read the fine print before using this.
+
+s@</head>@<style type="text/css">\n\
+ /* Style sheet inserted by Privoxy's blogspot filter. */\n\
+ \#powered-by {display: none !important;}\n\
+ \#wrap4, \#wrapper {margin-top: 0px }\n\
+ \#blogheader, \#header {margin-top: 0.5em !important}\n\
+ \#content {width: 98% }\n\
+ \#main {width: 70% }\n\
+ \#sidebar {width: 29% }\n\
+ .post-body {overflow: auto;}\n\
+ .blogComments {width: 100%; overflow: auto;}\n</style>\n$0@
+s@<body.*(?:<div id="space-for-ie"></div>|(<div id="(?:content|wrap4|wrapper)))@<body>\
+ <!-- Privoxy's blogspot filter ditched some garbage here -->$1 at Us
+s@(<div style=\"[^\"]*width:)30em@$1 100%@
+s at background:url\(\"http://www.blogblog.com/rounders[^\"]*\"\).*;@/*$0*/@Ug
+s@(background:\#[a-f\d]{3})( url\(\"http://www.blogblog.com/rounders[^\"]*\"\).*;)@$1 ;/*$2*/@Ug
+# Do the feed filtering magic as described above.
+s@<title(?:\s+type=\'text\')?>([^<]*)(?:\.\.\.)?\s*</title>\s*\
+(<content(?:\s+type=\'(?:html|text)\')?>\s*\1)@<title></title>$2 at ig
+
+#################################################################################
+#
+# x-httpd-php-to-html: Changes the Content-Type header from
+#                      x-httpd-php to html. "Content-Type: x-httpd-php"
+#                      is set by clueless PHP users and causes many
+#                      browsers do open a download menu instead of
+#                      rendering the page.
+#
+#################################################################################
+SERVER-HEADER-FILTER: x-httpd-php-to-html Changes the Content-Type header from x-httpd-php to html.
+
+s@^(Content-Type:)\s*application/x-httpd-php@$1 text/html at i
+
+#################################################################################
+#
+# html-to-xml: Changes the Content-Type header from html to xml.
+#
+#################################################################################
+SERVER-HEADER-FILTER: html-to-xml Changes the Content-Type header from html to xml.
+
+s@^(Content-Type:)\s*text/html(;.*)?$@$1 application/xhtml+xml$2 at i
+
+#################################################################################
+#
+# xml-to-html: Changes the Content-Type header from xml to html.
+#
+#################################################################################
+SERVER-HEADER-FILTER: xml-to-html Changes the Content-Type header from xml to html.
+
+s@^(Content-Type:)\s*(?:application|text)/(?:xhtml\+)?xml(;.*)?$@$1 text/html$2 at i
+
+#################################################################################
+#
+# hide-tor-exit-notation: Remove the Tor exit node notation in Host and Referer headers.
+#
+#   Note: If Privoxy and Tor are chained and Privoxy is configured to
+#         use socks4a, one can use http://www.example.org.foobar.exit/
+#         to access the host www.example.org through Tor exit node foobar.
+#
+#         As the HTTP client isn't aware of this notation, it treats the
+#         whole string "www.example.org.foobar.exit" as host and uses it
+#         for the "Host" and "Referer" headers. From the server's point of
+#         view the resulting headers are invalid and can cause problems.
+#
+#         An invalid "Referer" header can trigger "hot-linking" protections,
+#         an invalid "Host" header will make it impossible for the server to
+#         find the right vhost (several domains hosted on the same IP address).
+#
+#         This filter removes the "foo.exit" part in those headers
+#         to prevent the mentioned problems. Note that it only modifies
+#         the HTTP headers, it doesn't make it impossible for the server
+#         to detect your Tor exit node based on the IP address the request is
+#         coming from.
+#
+#################################################################################
+CLIENT-HEADER-FILTER: hide-tor-exit-notation Removes the Tor exit node notation in Host and Referer headers.
+
+s@^((?:Referer|Host):\s*(?:https?://)?[^/]*)\.[^\./]*?\.exit@$1 at i
+
+#################################################################################
+#
+# less-download-windows: Prevents annoying download windows for content types
+#                        the browser can handle itself.
+#
+#################################################################################
+SERVER-HEADER-FILTER: less-download-windows Prevent annoying download windows for content types the browser can handle itself.
+
+s@^Content-Disposition:.*filename=(["']?).*\.(png|gif|jpe?g|diff?|d?patch|c|h|pl|shar)\1.*$@@i
+s@^(Content-Type:)\s*(?:message/(?:news|rfc822)|text/x-.*|application/x-sh(?:\s|$))\s*@$1 text/plain at i
+
+#################################################################################
+#
+# image-requests: Tags detected image requests as "IMAGE-REQUEST". Whether
+#                 or not the detection actually works depends on the browser.
+#
+#################################################################################
+CLIENT-HEADER-TAGGER: image-requests Tags detected image requests as "IMAGE-REQUEST".
+
+s@^Accept:\s*image/.*@IMAGE-REQUEST at i
+
+#################################################################################
+#
+# css-requests:  Tags detected CSS requests as "CSS-REQUEST". Whether
+#                or not the detection actually works depends on the browser.
+#
+#################################################################################
+CLIENT-HEADER-TAGGER: css-requests Tags detected CSS requests as "CSS-REQUEST".
+
+s@^Accept:\s*text/css.*@CSS-REQUEST at i
+
+#################################################################################
+#
+# client-ip-address: Tags the request with the client's IP address.
+#
+#################################################################################
+CLIENT-HEADER-TAGGER: client-ip-address Tags the request with the client's IP address.
+
+s@^\w*\s+.*\s+HTTP/\d\.\d\s*@IP-ADDRESS: $origin at D
+
+#################################################################################
+#
+# http-method: Tags the request with its HTTP method.
+#
+#################################################################################
+CLIENT-HEADER-TAGGER: http-method Tags the request with its HTTP method.
+
+s@^(\w*).*HTTP/\d\.\d\s*$@$1 at i
+
+#################################################################################
+#
+# allow-post: Tags POST requests as "ALLOWED-POST".
+#
+#################################################################################
+CLIENT-HEADER-TAGGER: allow-post Tags POST requests as "ALLOWED-POST".
+
+s@^(?:POST)\s+.*\s+HTTP/\d\.\d\s*@ALLOWED-POST at i
+
+#################################################################################
+#
+# complete-url: Tags the request with the whole request URL.
+#
+#################################################################################
+CLIENT-HEADER-TAGGER: complete-url Tags the request with the whole request URL.
+
+s@^\w*\s+(.*)\s+HTTP/\d\.\d\s*$@$1 at i
+
+#################################################################################
+#
+# user-agent: Tags the request with the complete User-Agent header.
+#
+#################################################################################
+CLIENT-HEADER-TAGGER: user-agent Tags the request with the complete User-Agent header.
+
+s@^User-Agent:.*@$0 at i
+
+#################################################################################
+#
+# content-type: Tags the request with the content type declared by the server.
+#
+#################################################################################
+SERVER-HEADER-TAGGER: content-type Tags the request with the content type declared by the server.
+
+s@^Content-Type:\s*([^;]+).*@$1 at i
+
+#################################################################################
+#
+# privoxy-control: The taggers create tags with the content of X-Privoxy-Control
+#                  headers, the filters remove said headers.
+#
+#################################################################################
+CLIENT-HEADER-TAGGER: privoxy-control Creates tags with the content of X-Privoxy-Control headers.
+
+s@^X-Privoxy-Control:\s*@@i
+
+CLIENT-HEADER-FILTER: privoxy-control Removes X-Privoxy-Control headers.
+
+s@^X-Privoxy-Control:.*@@i
+
+SERVER-HEADER-TAGGER: privoxy-control Creates tags with the content of X-Privoxy-Control headers.
+
+s@^X-Privoxy-Control:\s*@@i
+
+SERVER-HEADER-FILTER: privoxy-control Removes X-Privoxy-Control headers.
+
+s@^X-Privoxy-Control:.*@@i
+
+
+############################################################################## 
+#
+#  Revisions   :
+#     $Log: default.filter,v $
+#     Revision 1.71  2009/03/01 18:33:17  ler762
+#     couple of changes to the yahoo filter
+#     -get a bigger email message reply textarea
+#     -block a few more ads
+#     -remove the now useless northbanner css change
+#
+#     Revision 1.70  2009/02/21 13:01:51  fabiankeil
+#     Make blogspot's feed magic slightly more reliable.
+#
+#     Revision 1.69  2009/02/12 15:40:11  ler762
+#     more yahoo email ad blocking
+#
+#     Revision 1.68  2008/09/19 13:26:04  fabiankeil
+#     s at tounge@tongue at . Anonymously reported in #1648657.
+#
+#     Revision 1.67  2008/08/06 17:38:06  fabiankeil
+#     In banners-by-size, make sure white-space around the height
+#     attribute is removed as well and replace two spaces with
+#     "\s" so we don't get fooled by tabs. Fixes #2036125.
+#
+#     Revision 1.66  2008/08/03 17:27:47  fabiankeil
+#     Teach msn filter to catch a few new ad classes.
+#
+#     Revision 1.65  2008/07/21 13:43:44  fabiankeil
+#     Fix img-reorder regression introduced with my last commit.
+#     Some tags were terminated too soon, letting the browser render
+#     some of their arguments as text. Oops.
+#
+#     Revision 1.64  2008/07/12 15:49:09  fabiankeil
+#     - Don't let img-reorder touch width attributes
+#       that aren't followed by either whitespace or '>',
+#       as those usually indicate onclick nonsense.
+#       Problem and solution reported by Glenn Washburn in #2014552.
+#     - While at it, don't use more groups than necessary.
+#
+#     Revision 1.63  2008/06/27 12:53:41  fabiankeil
+#     Make sure the taggers css-requests and image-requests
+#     only match at the beginning of the header.
+#
+#     Revision 1.62  2008/06/21 17:02:03  fabiankeil
+#     Fix typo.
+#
+#     Revision 1.61  2008/05/21 18:44:43  fabiankeil
+#     - Let the content-type tagger ignore headers without value.
+#     - Remove a few unused lines at the end of the file.
+#
+#     Revision 1.60  2008/04/26 10:36:41  fabiankeil
+#     Let the msn filter hide another class.
+#
+#     Revision 1.59  2008/04/23 16:18:18  fabiankeil
+#     s at declarded@declared@
+#
+#     Revision 1.58  2008/02/02 15:27:19  fabiankeil
+#     Yet another yahoo update to get the width limitation removal working again.
+#
+#     Revision 1.57  2008/01/26 15:45:39  fabiankeil
+#     Don't let the less-download-windows filter mess up
+#     "Content-Type: application/x-shockwave-flash" headers.
+#
+#     Revision 1.56  2008/01/25 19:12:40  fabiankeil
+#     - Add yet another new yahoo ad id.
+#     - Don't let the first banners-by-link job punish URLs for merely
+#       containing the pattern "/jump/" when it should really look for
+#       "doubleclick\.net/jump/".
+#
+#     Revision 1.55  2007/12/31 19:53:59  fabiankeil
+#     Let the msn filter remove the width limitation again.
+#
+#     Revision 1.54  2007/12/31 19:11:31  fabiankeil
+#     - Let the yahoo filter remove the width limitation again.
+#     - Teach the blogspot filter to remove useless feed comment
+#       titles that only contain the beginning of the actual comment.
+#
+#     Revision 1.53  2007/12/23 15:48:12  fabiankeil
+#     - Lo and behold, the CSS fix for the MSN buttons is no longer necessary.
+#     - Add some new selectors the msn filter should hide.
+#     - Add the two yahoo selectors Lee reported in #1856574.
+#     - Add comments that the width limitation fixes stopped
+#       working for the msn and yahoo filter.
+#
+#     Revision 1.52  2007/11/27 18:35:48  fabiankeil
+#     Update CSS for the yahoo filter.
+#
+#     Revision 1.51  2007/11/04 16:15:11  fabiankeil
+#     - Add client-header taggers: client-ip-address,
+#       http-method, allow-post, complete-url and user-agent.
+#     - Add server-header tagger: content-type.
+#
+#     Revision 1.50  2007/11/03 15:05:30  fabiankeil
+#     Consistently use an empty line between the description and the PCRS code
+#     and end descriptions with dots. Patch submitted by Simon Ruderich.
+#
+#     Revision 1.49  2007/11/03 14:29:41  fabiankeil
+#     Spelling fixes mostly submitted by Simon Ruderich.
+#
+#     Revision 1.48  2007/10/17 18:11:32  fabiankeil
+#     Add privoxy-control header filters and taggers.
+#
+#     Revision 1.47  2007/10/06 15:45:25  fabiankeil
+#     Let msn hide sponsored links in #at divs.
+#
+#     Revision 1.46  2007/10/06 09:54:13  fabiankeil
+#     - Let msn hide sponsored links in #ar divs.
+#     - Teach banners-by-link not to block the graphs for sf's tracker statistics.
+#
+#     Revision 1.45  2007/08/11 16:54:12  fabiankeil
+#     - Complete the changes from r1.42.
+#     - Make crude-parental less sensitive to the amount of white-space,
+#       add the note that it doesn't work too well again and replace the
+#       DMOZ link with a less confusing explanation.
+#
+#     Revision 1.44  2007/07/18 11:06:56  hal9
+#     Replace notarget with '' in all popups filter to keep from breaking xhmtl per
+#     report from Siegfried Gipp.
+#
+#     Revision 1.43  2007/06/01 14:17:04  fabiankeil
+#     Mention possible delimiter conflicts with variables in dynamic pcrs commands.
+#
+#     Revision 1.42  2007/05/17 15:55:36  fabiankeil
+#     Undo an improperly tested last-minute change
+#     and turn "text-requests" back into "css-requests".
+#
+#     Revision 1.41  2007/05/17 15:45:41  fabiankeil
+#     - Mention new filter types and the 'D' option.
+#     - Header filters are now case-insensitive and accept a
+#       varying amount of whitespace after the colon.
+#     - Add another selector for yahoo ads.
+#     - New server-header filter: less-download-windows
+#     - New client-header taggers: text-requests and image-requests.
+#
+#     Revision 1.40  2007/03/20 15:40:00  fabiankeil
+#     Adjust to new world order with dedicated header-filter actions.
+#
+#     Revision 1.39  2007/02/21 14:10:23  fabiankeil
+#     - Fix a js-annoyances pcrs command that broke
+#       evaluated code. (BR #1124071, thanks to Bor Gergely)
+#     - Have unsolicited-popups and all-popups catch the
+#       wheather.com popup reported in in AF #1640173.
+#
+#     Revision 1.38  2007/02/19 11:22:48  hal9
+#     Adding back the orginal filter content to offset problems found by Fabian.
+#
+#     Revision 1.37  2007/02/17 13:29:44  hal9
+#     Updates to the crude parental filter per Feature Requests item #1648657.
+#
+#     Revision 1.36  2007/02/05 16:47:31  fabiankeil
+#     - Let banners-by-link look for "advert".
+#     - Fix XML systax problems with banners-by-link
+#       and banners-by-size (AF#1651570).
+#
+#     Revision 1.35  2006/12/21 12:28:12  fabiankeil
+#     Escaping special characters in filter descriptions is no
+#     longer necessary, it's done by Privoxy now.
+#
+#     Revision 1.34  2006/12/12 17:32:23  fabiankeil
+#     Added id mbEnd to google filter, it's now and then
+#     used for the sponsored links.
+#
+#     Have js-annoyances try to prevent status bar
+#     modifications where the status bar text is
+#     inside another variable. Fixes 1605710.
+#
+#     Revision 1.33  2006/11/16 17:10:43  fabiankeil
+#     Removed webbugs debugging comment again.
+#     The apostrophe could break JavaScript and
+#     the comment itself could mess up existing
+#     comments.
+#
+#     Revision 1.32  2006/11/10 18:04:04  fabiankeil
+#     Have no-ping print the ping warning in red.
+#
+#     Modified yahoo to keep in sync with recent
+#     CSS changes and to suppress a useless horizontal
+#     scrollbar.
+#
+#     msn now makes sure that the continue-link boxes
+#     act as links (the original CSS just changes the cursor).
+#
+#     Changed fun filter regex to leave microsoft links alone.
+#     Fixes BR 1019996.
+#
+#     Revision 1.31  2006/10/21 13:12:28  fabiankeil
+#     Added no-ping and hide-tor-exit-notation.
+#
+#     Adjusted jumping-windows to break less.
+#     Fixes BR 1146134.
+#
+#     Revision 1.30  2006/10/18 12:36:50  fabiankeil
+#     google filter now cleans Google groups as well.
+#
+#     Revision 1.29  2006/10/11 14:03:17  fabiankeil
+#     Changed img-reorder regex to only move width
+#     attributes if they are following at least one
+#     whitespace. Fixes BR 1328455.
+#
+#     Revision 1.28  2006/10/11 13:31:13  fabiankeil
+#     Added Anduin Withers' js-annoyances fix
+#     for not messing up escaped quotes. Fixes BR 999765.
+#
+#     Improved blogspot filter to make it less likely that
+#     the blogspot banner at the top of the page is missed.
+#
+#     Revision 1.27  2006/10/08 17:00:51  fabiankeil
+#     Modified webbugs filter to create a comment around the offending
+#     image instead of removing it entirely.
+#
+#     Adjusted regex to only match if there's at least one whitespace
+#     before the width and height attributes. Makes it more likely that
+#     they are indeed attributes, and not part of the value of another attribute.
+#     Solves BR 1035587.
+#
+#     Thanks to Martin Thomas for diagnosing the cause of the problem.
+#
+#     Revision 1.26  2006/10/06 18:06:16  fabiankeil
+#     Added header filter x-httpd-php-to-html
+#     and reverted another img-reorder whitespace
+#     problem.
+#
+#     Revision 1.25  2006/10/06 15:26:09  fabiankeil
+#     Bumped copyright year.
+#
+#     Reverted parts of the last img-reorder change
+#     which were intended to remove superfluous whitespace
+#     but had the side effect to mess up some tags.
+#
+#     Modified banners-by-size and banners-by-link to
+#     use border value "0" instead of "\0". Fixes BR 1100065.
+#
+#     Revision 1.24  2006/10/06 11:25:31  fabiankeil
+#     Taught img-reorder not to break img tags
+#     with empty src attributes. Fixes BR 1089474.
+#     Thanks to Raphael Moll for reporting.
+#
+#     Revision 1.23  2006/10/05 14:46:28  fabiankeil
+#     Replaced "<" in img-reorder's description with "<".
+#
+#     Modified msn filter to tag ads with classes instead
+#     of ids. There may be more than one ad per page,
+#     but ids are required to be unique.
+#
+#     Revision 1.22  2006/10/04 19:17:14  fabiankeil
+#     Incorportated Frédéric Crozat's ie-exploits
+#     modification to make it less trigger-happy.
+#
+#     Modified blogspot filter to make .post-body
+#     scrollable if necessary.
+#
+#     Revision 1.21  2006/10/02 16:21:14  fabiankeil
+#     Adjusted yahoo filter to hide .yschspns as well.
+#     Added header filters: html-to-xml and xml-to-html.
+#
+#     Revision 1.20  2006/10/01 21:00:22  fabiankeil
+#     New site-specific filters: google, yahoo, msn and blogspot.
+#
+#     Revision 1.19  2006/07/18 14:48:45  david__schmidt
+#     Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+#     with what was really the latest development (the v_3_0_branch branch)
+#
+#     Revision 1.11.2.23  2004/02/17 13:34:01  oes
+#     - Beefed up the protection of the unsolicited-popups
+#       filter against matching in JavaScript string constants.
+#     - Extended the fun filter with a German joke
+#     - Extended the site-specifics filter with a convenience
+#       reeplacement for managing mailing lists at SourceForge
+#
+#     Revision 1.11.2.22  2004/01/30 15:29:29  oes
+#     Updated the copyright note
+#
+#     Revision 1.11.2.21  2004/01/20 15:15:01  oes
+#     Detail enhancement in all-popups
+#
+#     Revision 1.11.2.20  2004/01/06 16:46:14  oes
+#     Fixed a JS syntax problem in jumping-windows
+#
+#     Revision 1.11.2.19  2003/12/17 17:09:25  oes
+#     Added remedy against IE address bar spoofing
+#
+#     Revision 1.11.2.18  2003/12/02 11:25:27  oes
+#     Fixed a line trashed in previous commit
+#
+#     Revision 1.11.2.17  2003/12/01 21:58:46  oes
+#     Assorted tuning:
+#
+#      - unsolicited-popups no longer matches at start or end of quoted
+#        strings, and is now activated earlier and deactivated later in
+#        the page.
+#      - replacement images in banners-by-* now without border
+#      - more effective shockwave flash flattening
+#      - Custom annoyance filtering for Yahoo Groups, Monster.com, NY Times.
+#
+#     Revision 1.11.2.16  2003/05/08 09:44:56  oes
+#     Allow extra parameters in blink,marquee tags. Fixes bug #734012
+#
+#     Revision 1.11.2.15  2003/03/30 13:57:08  oes
+#     Making unsolicited-popups safe for use on <html> tags enclosed in JS strings
+#
+#     Revision 1.11.2.14  2003/03/19 13:17:50  oes
+#     - Added filter "site-specifics" to address site specific problems
+#     - Fixed a small problem in the img-reorder filter
+#
+#     Revision 1.11.2.13  2003/03/18 19:28:59  oes
+#     Fixed a minor problem in the img-reorder filter
+#
+#     Revision 1.11.2.12  2003/03/15 14:06:58  oes
+#      - Assorted refinements, optimizations and fixes in the js-annoyances,
+#        img-reorder, banners-by-size, banners-by-link, webbugs, refresh-tags,
+#        html-annoyances, content-cookies and fun filters
+#      - Replaced filter "popups" by choice between two modes:
+#        - "unsolicited-popups" tries to catch only the unsolicited ones
+#        - "all-popups" tries to kill them all (as before)
+#      - New filter "tiny-textforms" Help those tiny or hard-wrap textareas.
+#      - New filter "jumping-windows" that prevents windows from resizing
+#        and moving themselves
+#      - Replaced "nimda" with more general "ie-exploits" filter in which
+#        all filters for exploits shall be collected
+#
+#     Revision 1.11.2.11  2002/11/12 16:14:43  oes
+#     Exchanged js-annoyance filter against status bar rewrites with improved version by Don Libes
+#
+#     Revision 1.11.2.10  2002/11/11 13:39:47  oes
+#     Make refresh-tags filter work even on incorrect refresh tags like found on usatoday.com
+#
+#     Revision 1.11.2.9  2002/11/08 16:39:17  oes
+#     Made img-reorder more cautious. Fixes bug #632715
+#
+#     Revision 1.11.2.8  2002/10/13 21:56:52  hal9
+#     Adding demoronizer filter. This should include all the common abuses. I have
+#     left a few of the rare cases commented out (never found these in the wild).
+#
+#     Revision 1.11.2.7  2002/09/25 15:09:39  oes
+#     Preserve original quoting style in <img> tags wherever possible. Fixes Bug #605956
+#
+#     Revision 1.11.2.6  2002/08/23 14:12:26  oes
+#     Proofed frameset-borders against "fremaborder=0 border=0"
+#
+#     Revision 1.11.2.5  2002/08/22 15:05:20  oes
+#     Added Filter to make Quicktime movies saveable (thanks to aaron at linville.org for the idea)
+#
+#     Revision 1.11.2.4  2002/08/10 11:32:29  oes
+#     Attribute values in replacement tags of banners-by-size filter now undelimited. (Fixes bug #592493)
+#
+#     Revision 1.11.2.3  2002/08/05 11:43:56  oes
+#     Fixed a bug in the popups filter that was introduced with the last fix :-(
+#
+#     Revision 1.11.2.2  2002/08/01 11:20:13  oes
+#     Fixed bugs 587802, 577802 and an unreported one
+#
+#     Revision 1.11.2.1  2002/07/26 15:18:26  oes
+#     - All filters reviewed and many shorcomings fixed
+#     - New filters: img-reorder, banners-by-link and js-events
+#     - Jobs reorderd because they are now executed in order of
+#       appearance
+#
+#     Revision 1.11  2002/05/24 00:57:18  oes
+#     Made WeBugs job ungreedy; Fixes bug 559190
+#
+#     Revision 1.10  2002/04/18 10:14:19  oes
+#     renamed some filters
+#
+#     Revision 1.9  2002/04/11 07:36:35  oes
+#     Generalized js-popup filter
+#
+#     Revision 1.8  2002/04/10 17:07:21  oes
+#     Fixed potentially desctructive jobs, added noflash filter
+#
+#     Revision 1.7  2002/04/09 18:34:51  oes
+#     Fixed HTML syntax in replacements
+#
+#     Revision 1.6  2002/04/03 19:49:52  swa
+#     name change
+#
+#     Revision 1.5  2002/03/27 15:30:26  swa
+#     have a consistent appearance
+#
+#     Revision 1.4  2002/03/26 22:29:54  swa
+#     we have a new homepage!
+#
+#     Revision 1.3  2002/03/24 16:08:03  jongfoster
+#     Fixing banners-by-size for new config URLs
+#
+#     Revision 1.2  2002/03/24 13:02:18  swa
+#     name change related issues.
+#
+#     Revision 1.1  2002/03/24 11:37:39  jongfoster
+#     Name change
+#
+#     Revision 1.24  2002/03/16 20:39:54  oes
+#      - Added descriptions to the filters so users will know what they select in the cgi editor
+#      - Added content-cookies filter
+#      - Bugfixed many jobs (Thanks to Al for some hints)
+#
+#     Revision 1.22  2002/03/12 13:42:50  oes
+#     Fixing & Optimizing REs
+#
+#     Revision 1.21  2002/03/12 11:59:20  oes
+#     Beefed up Buzzword Bingo
+#
+#     Revision 1.20  2002/03/12 01:42:50  oes
+#     Introduced modular filters
+#
+#     Revision 1.19  2002/03/10 19:49:24  oes
+#     Added expression to kill referer tracking in JavaScripts
+#
+#     Revision 1.18  2002/03/08 17:14:12  oes
+#     PNG -> image in comments
+#
+#     Revision 1.17  2002/03/07 03:50:54  oes
+#     Adapted comments to new built-in images
+#
+#     Revision 1.16  2002/02/21 00:12:19  jongfoster
+#     Modifying the banner regexps to use long URLS and to autodetect
+#     whether to show a logo or a transparent GIF, based on actionsfile
+#     setting.
+#
+#     Revision 1.15  2001/12/28 23:54:20  steudten
+#     Fix for feature Req #495374: http-equiv problem
+#
+#     Revision 1.14  2001/12/09 18:55:11  david__schmidt
+#     Updated CODE_STATUS to beta, commented out microsuck line in re_filterfile
+#     for 2.9.10 beta
+#
+#     Revision 1.13  2001/10/13 13:11:20  joergs
+#     Fixed WebBug filter.
+#
+#     Revision 1.12  2001/10/07 15:46:42  oes
+#     Followed Guy's proposal to change the document.cookie job
+#
+#     Revision 1.11  2001/09/21 12:34:00  joergs
+#     Added filter to replace "Nimda" code by a warning.
+#
+#     Revision 1.10  2001/07/20 11:04:26  oes
+#     Added Rodneys javascript cookie filter
+#
+#     Revision 1.9  2001/07/13 14:03:48  oes
+#     Elimiated yet another bug in the banner-by-size jobs. Shame on me!
+#
+#     Revision 1.8  2001/06/29 13:34:00  oes
+#     - Added explanation for U and T options
+#     - Added hint on image replacement by CGI call
+#     - Fixed bug in banner-by-size jobs
+#
+#     Revision 1.7  2001/06/19 14:21:56  oes
+#     Fixed microsuck line
+#
+#     Revision 1.6  2001/06/09 14:01:57  swa
+#     header. cosmetics. default: no messing ala microsuck.
+#
diff --git a/external/privoxy/doc/gpl.html b/external/privoxy/doc/gpl.html
new file mode 100644
index 0000000..17c517d
--- /dev/null
+++ b/external/privoxy/doc/gpl.html
@@ -0,0 +1,560 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<!-- $Id: gpl.html,v 1.4 2002/04/08 20:39:43 swa Exp $
+
+     See copyright details at end of file
+
+     After changing this file, please run it through "HTML Tidy"
+     (from http://www.w3.org/People/Raggett/tidy/)
+     It should have no warnings or errors.
+-->
+
+<html>
+  <head>
+    <title>The GNU General Public License</title>
+    <meta name="description" content=
+    "GNU General Public License, as used by Junkbuster">
+    <meta name="keywords" content="">
+<style type="text/css">
+<!--
+h2           { text-align: Center; font-family: arial, helvetica, sans-serif }
+p.sans       { font-family: arial, helvetica, sans-serif }
+b.dot        { color: #FF0000 }
+-->
+</style>
+  </head>
+
+  <body bgcolor="#f8f8f0" link="#000078" alink="#ff0022" vlink=
+  "#787878">
+    <p class="sans"><a href="http://www.privoxy.org/">
+    Website</a> <b class="dot">·</b> <a href="ijbman.html">
+    Manual</a> <b class="dot">·</b> <a href="ijbfaq.html">
+    FAQ</a> <b class="dot">·</b> <b>GPL</b></p>
+
+    <h1 align="center"><a name="top_of_page">Internet J<small>UNK<i
+    style="color: #FF0000">BUSTER</i></small> License</a></h1>
+
+    <h1>This document is out of date</h1>
+
+    <p><b>Development of Junkbuster is ongoing and this document is
+    no longer current. However, it may provide some assistance. If
+    you have problems, please use the <a href=
+    "http://groups.yahoo.com/group/junkbuster-users/">Yahoo Groups
+    mailing list</a> (which includes an archive of mail), the
+    SourceForge.net <a href=
+    "http://sourceforge.net/projects/ijbswa/">project page</a>, or
+    see the project's <a href="http://www.privoxy.org/">home
+    page</a>. Please also bear in mind that versions 2.9.x of
+    Junkbuster are development releases, and are not production
+    quality.</b></p>
+
+    <h3 align="center">The GNU General Public License</h3>
+
+    <p class="sans"><a name="notus"><b>We did not write the GPL:
+    the <a href="http://www.fsf.org/fsf/fsf.html">Free Software
+    Foundation</a> did</b></a></p>
+
+    <h3><img border="0" width="14" height="14" src="fb.gif" alt=
+    "*">  The GPL allows copying and changing of copyrighted
+    documents</h3>
+
+    <p><a name="fsf">The Free Software Foundation</a> <a href=
+    "http://www.fsf.org/fsf/fsf.html">(FSF)</a> is a non-profit
+    institution that designed the GNU General Public License (GPL)
+    to promote the publication of free software. The GPL is used by
+    thousands of programmers who want to give others the right to
+    copy and modify the source code of their programs. Millions of
+    people benefit from this.</p>
+
+    <p><a name="junkbuster">We use the GPL</a> to allow everyone to
+    use, copy and modify the Internet Junkbuster as they wish. <a
+    name="separate">Companies can use it for commercial
+    purposes,</a> but they are not permitted to use it in products
+    that they claim as their property.</p>
+
+    <p><a name="text">The GPL</a> can also be used on documents
+    written in human languages. This documentation for the Internet
+    Junkbuster is also under the GPL. This means that you do not
+    have to break copyright laws in order to print a page or email
+    a screen of the text to someone, for example.</p>
+
+    <p><a name="rest">The</a> remainder of this page is the text of
+    the GPL. As legal documents go it's relatively clear, but
+    unfortunately it's fairly long because it has to cover a lot of
+    details. The HTML formatting is ours, and should not be
+    misinterpreted as changing the license in any way.</p>
+
+    <p align="center"><a href="#top_of_page"><img border="0" width=
+    "250" height="15" src="top.gif" alt=
+    "--- Back to Top of Page ---"></a></p>
+
+    <h2><a name="v2">Version 2, June 1991</a></h2>
+
+    <blockquote>
+      <a name="crn">Copyright 1989, 1991</a><br>
+       <a name="address">Free Software Foundation, Inc.</a><br>
+       675 Mass Ave.<br>
+       Cambridge, MA 02139<br>
+       USA
+    </blockquote>
+    <a name="changing">Everyone</a> 
+
+    <p>is permitted to copy and distribute verbatim copies of this
+    license document, but changing it is not allowed.</p>
+
+    <h3><a name="pream"><img border="0" width="14" height="14" src=
+    "fb.gif" alt="*"></a>  Preamble</h3>
+
+    <p>The licenses for most software are designed to take away
+    your freedom to share and change it. By contrast, the GNU
+    General Public License is intended to guarantee your freedom to
+    share and change free software--to make sure the software is
+    free for all its users. This General Public License applies to
+    most of the Free Software Foundation's software and to any
+    other program whose authors commit to using it. (Some other
+    Free Software Foundation software is covered by the GNU Library
+    General Public License instead.) You can apply it to your
+    programs, too.</p>
+
+    <p><a name="freedom">When we speak of free software,</a> we are
+    referring to freedom, not price. Our General Public Licenses
+    are designed to make sure that you have the freedom to
+    distribute copies of free software (and charge for this service
+    if you wish), that you receive source code or can get it if you
+    want it, that you can change the software or use pieces of it
+    in new free programs; and that you know you can do these
+    things.</p>
+
+    <p><a name="forbid">To protect your rights,</a> we need to make
+    restrictions that forbid anyone to deny you these rights or to
+    ask you to surrender the rights. These restrictions translate
+    to certain responsibilities for you if you distribute copies of
+    the software, or if you modify it.</p>
+
+    <p><a name="allrights">For example,</a> if you distribute
+    copies of such a program, whether gratis or for a fee, you must
+    give the recipients all the rights that you have. You must make
+    sure that they, too, receive or can get the source code. And
+    you must show them these terms so they know their rights.</p>
+
+    <p><a name="steps">We protect your rights with two steps:</a>
+    (1) copyright the software, and (2) offer you this license
+    which gives you legal permission to copy, distribute and/or
+    modify the software.</p>
+
+    <p><a name="protection">Also,</a> for each author's protection
+    and ours, we want to make certain that everyone understands
+    that there is no warranty for this free software. If the
+    software is modified by someone else and passed on, we want its
+    recipients to know that what they have is not the original, so
+    that any problems introduced by others will not reflect on the
+    original authors' reputations.</p>
+
+    <p><a name="threat">Finally,</a> any free program is threatened
+    constantly by software patents. We wish to avoid the danger
+    that redistributors of a free program will individually obtain
+    patent licenses, in effect making the program proprietary. To
+    prevent this, we have made it clear that any patent must be
+    licensed for everyone's free use or not licensed at all.</p>
+
+    <p><a name="terms">The precise terms and conditions</a> for
+    copying, distribution and modification follow.</p>
+
+    <h3><a name="tnc"><img border="0" width="14" height="14" src=
+    "fb.gif" alt="*"></a>  GNU General Public License: Terms
+    and Conditions for Copying, Distribution and Modification</h3>
+
+    <p><a name="applies">O.</a> This License applies to any program
+    or other work which contains a notice placed by the copyright
+    holder saying it may be distributed under the terms of this
+    General Public License. The "Program", below, refers to any
+    such program or work, and a "work based on the Program" means
+    either the Program or any derivative work under copyright law:
+    that is to say, a work containing the Program or a portion of
+    it, either verbatim or with modifications and/or translated
+    into another language. (Hereinafter, translation is included
+    without limitation in the term "modification".) Each licensee
+    is addressed as "you".</p>
+
+    <p><a name="scope">Activities</a> other than copying,
+    distribution and modification are not covered by this License;
+    they are outside its scope. The act of running the Program is
+    not restricted, and the output from the Program is covered only
+    if its contents constitute a work based on the Program
+    (independent of having been made by running the Program).</p>
+
+    <p><a name="depends">Whether that is true depends on what the
+    Program does.</a><br>
+    </p>
+
+    <ol type="1">
+      <li>
+        <a name="verbatim">You may copy</a> and distribute verbatim
+        copies of the Program's source code as you receive it, in
+        any medium, provided that you conspicuously and
+        appropriately publish on each copy an appropriate copyright
+        notice and disclaimer of warranty; keep intact all the
+        notices that refer to this License and to the absence of
+        any warranty; and give any other recipients of the Program
+        a copy of this License along with the Program. 
+
+        <p><a name="fee">You may charge a fee</a> for the physical
+        act of transferring a copy, and you may at your option
+        offer warranty protection in exchange for a fee.</p>
+      </li>
+
+      <li>
+        <a name="modify">You may modify</a> your copy or copies of
+        the Program or any portion of it, thus forming a work based
+        on the Program, and copy and distribute such modifications
+        or work under the terms of Section 1 above, provided that
+        you also meet all of these conditions:<br>
+         
+
+        <ol type="a">
+          <li><a name="notices">You must cause</a> the modified
+          files to carry prominent notices stating that you changed
+          the files and the date of any change.</li>
+
+          <li><a name="nocharge">You must</a> cause any work that
+          you distribute or publish, that in whole or in part
+          contains or is derived from the Program or any part
+          thereof, to be licensed as a whole at no charge to all
+          third parties under the terms of this License.</li>
+
+          <li><a name="interactive">If the modified program</a>
+          normally reads commands interactively when run, you must
+          cause it, when started running for such interactive use
+          in the most ordinary way, to print or display an
+          announcement including an appropriate copyright notice
+          and a notice that there is no warranty (or else, saying
+          that you provide a warranty) and that users may
+          redistribute the program under these conditions, and
+          telling the user how to view a copy of this License.
+          (Exception: if the Program itself is interactive but does
+          not normally print such an announcement, your work based
+          on the Program is not required to print an
+          announcement.)</li>
+        </ol>
+
+        <p><a name="sections">These requirements</a> apply to the
+        modified work as a whole. If identifiable sections of that
+        work are not derived from the Program, and can be
+        reasonably considered independent and separate works in
+        themselves, then this License, and its terms, do not apply
+        to those sections when you distribute them as separate
+        works. But when you distribute the same sections as part of
+        a whole which is a work based on the Program, the
+        distribution of the whole must be on the terms of this
+        License, whose permissions for other licensees extend to
+        the entire whole, and thus to each and every part
+        regardless of who wrote it.</p>
+
+        <p><a name="intent">Thus,</a> it is not the intent of this
+        section to claim rights or contest your rights to work
+        written entirely by you; rather, the intent is to exercise
+        the right to control the distribution of derivative or
+        collective works based on the Program.</p>
+
+        <p><a name="aggregation">In addition,</a> mere aggregation
+        of another work not based on the Program with the Program
+        (or with a work based on the Program) on a volume of a
+        storage or distribution medium does not bring the other
+        work under the scope of this License.</p>
+      </li>
+
+      <li>
+        <a name="exeutable">You may copy</a> and distribute the
+        Program (or a work based on it, under Section 2) in object
+        code or executable form under the terms of Sections 1 and 2
+        above provided that you also do one of the following:<br>
+         
+
+        <ol type="a">
+          <li><a name="medium">Accompany it</a> with the complete
+          corresponding machine-readable source code, which must be
+          distributed under the terms of Sections 1 and 2 above on
+          a medium customarily used for software interchange;
+          or,</li>
+
+          <li><a name="written">Accompany it with a written
+          offer,</a> valid for at least three years, to give any
+          third party, for a charge no more than your cost of
+          physically performing source distribution, a complete
+          machine-readable copy of the corresponding source code,
+          to be distributed under the terms of Sections 1 and 2
+          above on a medium customarily used for software
+          interchange; or,</li>
+
+          <li><a name="distrib">Accompany it</a> with the
+          information you received as to the offer to distribute
+          corresponding source code. (This alternative is allowed
+          only for noncommercial distribution and only if you
+          received the program in object code or executable form
+          with such an offer, in accord with Subsection b
+          above.)</li>
+        </ol>
+
+        <p><a name="preferred">The source code</a> for a work means
+        the preferred form of the work for making modifications to
+        it. For an executable work, complete source code means all
+        the source code for all modules it contains, plus any
+        associated interface definition files, plus the scripts
+        used to control compilation and installation of the
+        executable. However, as a special exception, the source
+        code distributed need not include anything that is normally
+        distributed (in either source or binary form) with the
+        major components (compiler, kernel, and so on) of the
+        operating system on which the executable runs, unless that
+        component itself accompanies the executable.</p>
+
+        <p><a name="access">If distribution of executable or object
+        code is made</a> by offering access to copy from a
+        designated place, then offering equivalent access to copy
+        the source code from the same place counts as distribution
+        of the source code, even though third parties are not
+        compelled to copy the source along with the object
+        code.</p>
+      </li>
+
+      <li><a name="otherwise">You may not copy,</a> modify,
+      sublicense, or distribute the Program except as expressly
+      provided under this License. Any attempt otherwise to copy,
+      modify, sublicense or distribute the Program is void, and
+      will automatically terminate your rights under this License.
+      However, parties who have received copies, or rights, from
+      you under this License will not have their licenses
+      terminated so long as such parties remain in full
+      compliance.</li>
+
+      <li><a name="voluntary">You are not required</a> to accept
+      this License, since you have not signed it. However, nothing
+      else grants you permission to modify or distribute the
+      Program or its derivative works. These actions are prohibited
+      by law if you do not accept this License. Therefore, by
+      modifying or distributing the Program (or any work based on
+      the Program), you indicate your acceptance of this License to
+      do so, and all its terms and conditions for copying,
+      distributing or modifying the Program or works based on
+      it.</li>
+
+      <li><a name="redistrib">Each time you redistribute</a> the
+      Program (or any work based on the Program), the recipient
+      automatically receives a license from the original licensor
+      to copy, distribute or modify the Program subject to these
+      terms and conditions. You may not impose any further
+      restrictions on the recipients' exercise of the rights
+      granted herein. You are not responsible for enforcing
+      compliance by third parties to this License.</li>
+
+      <li>
+        <a name="patent">If, as a consequence of a court
+        judgment</a> or allegation of patent infringement or for
+        any other reason (not limited to patent issues), conditions
+        are imposed on you (whether by court order, agreement or
+        otherwise) that contradict the conditions of this License,
+        they do not excuse you from the conditions of this License.
+        If you cannot distribute so as to satisfy simultaneously
+        your obligations under this License and any other pertinent
+        obligations, then as a consequence you may not distribute
+        the Program at all. For example, if a patent license would
+        not permit royalty-free redistribution of the Program by
+        all those who receive copies directly or indirectly through
+        you, then the only way you could satisfy both it and this
+        License would be to refrain entirely from distribution of
+        the Program. 
+
+        <p><a name="invalid">If any portion</a> of this section is
+        held invalid or unenforceable under any particular
+        circumstance, the balance of the section is intended to
+        apply and the section as a whole is intended to apply in
+        other circumstances.</p>
+
+        <p><a name="induce">It is not the purpose</a> of this
+        section to induce you to infringe any patents or other
+        property right claims or to contest validity of any such
+        claims; this section has the sole purpose of protecting the
+        integrity of the free software distribution system, which
+        is implemented by public license practices. Many people
+        have made generous contributions to the wide range of
+        software distributed through that system in reliance on
+        consistent application of that system; it is up to the
+        author/donor to decide if he or she is willing to
+        distribute software through any other system and a licensee
+        cannot impose that choice.</p>
+
+        <p><a name="clarify">This section</a> is intended to make
+        thoroughly clear what is believed to be a consequence of
+        the rest of this License.</p>
+      </li>
+
+      <li><a name="geog">If the distribution</a> and/or use of the
+      Program is restricted in certain countries either by patents
+      or by copyrighted interfaces, the original copyright holder
+      who places the Program under this License may add an explicit
+      geographical distribution limitation excluding those
+      countries, so that distribution is permitted only in or among
+      countries not thus excluded. In such case, this License
+      incorporates the limitation as if written in the body of this
+      License.</li>
+
+      <li><a name="revise">The Free Software Foundation</a> may
+      publish revised and/or new versions of the General Public
+      License from time to time. Such new versions will be similar
+      in spirit to the present version, but may differ in detail to
+      address new problems or concerns. Each version is given a
+      distinguishing version number. If the Program specifies a
+      version number of this License which applies to it and "any
+      later version", you have the option of following the terms
+      and conditions either of that version or of any later version
+      published by the Free Software Foundation. If the Program
+      does not specify a version number of this License, you may
+      choose any version ever published by the Free Software
+      Foundation.</li>
+
+      <li>
+        <a name="permission">If you wish to incorporate parts</a>
+        of the Program into other free programs whose distribution
+        conditions are different, write to the author to ask for
+        permission. For software which is copyrighted by the Free
+        Software Foundation, write to the Free Software Foundation;
+        we sometimes make exceptions for this. Our decision will be
+        guided by the two goals of preserving the free status of
+        all derivatives of our free software and of promoting the
+        sharing and reuse of software generally. 
+
+        <p><a name="nowarr">NO WARRANTY</a></p>
+      </li>
+
+      <li><a name="foc">BECAUSE THE PROGRAM IS LICENSED FREE OF
+      CHARGE,</a> THERE IS NO WARRANTY FOR THE PROGRAM, TO THE
+      EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN OTHERWISE
+      STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+      PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND,
+      EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
+      THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+      PARTICULAR PURPOSE. THE ENTIRE RISK AS TO THE QUALITY AND
+      PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE PROGRAM
+      PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY
+      SERVICING, REPAIR OR CORRECTION.</li>
+
+      <li><a name="liable">IN NO EVENT UNLESS REQUIRED</a> BY
+      APPLICABLE LAW OR AGREED TO IN WRITING WILL ANY COPYRIGHT
+      HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR REDISTRIBUTE
+      THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+      INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL
+      DAMAGES ARISING OUT OF THE USE OR INABILITY TO USE THE
+      PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF DATA OR DATA
+      BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
+      PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+      PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN
+      ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.</li>
+    </ol>
+
+    <p>END OF TERMS AND CONDITIONS<br>
+    <br>
+    </p>
+
+    <h3><a name="append"><img border="0" width="14" height="14"
+    src="fb.gif" alt="*"></a>  Appendix: How to Apply These
+    Terms to Your New Programs</h3>
+
+    <p>If you develop a new program, and you want it to be of the
+    greatest possible use to the public, the best way to achieve
+    this is to make it free software which everyone can
+    redistribute and change under these terms.</p>
+
+    <p><a name="attach">To do so,</a> attach the following notices
+    to the program. It is safest to attach them to the start of
+    each source file to most effectively convey the exclusion of
+    warranty; and each file should have at least the "copyright"
+    line and a pointer to where the full notice is found.</p>
+
+    <blockquote>
+      <one line to give the program's name and a brief idea of
+      what it does.> Copyright (C) 19yy <name of author> 
+
+      <p><a name="free">This program is free software;</a> you can
+      redistribute it and/or modify it under the terms of the GNU
+      General Public License as published by the Free Software
+      Foundation; either version 2 of the License, or (at your
+      option) any later version.</p>
+
+      <p><a name="merchant">This program</a> is distributed in the
+      hope that it will be useful, but WITHOUT ANY WARRANTY;
+      without even the implied warranty of MERCHANTABILITY or
+      FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
+      License for more details.</p>
+
+      <p><a name="ifnot">You should</a> have received a copy of the
+      GNU General Public License along with this program; if not,
+      write to the Free Software Foundation, Inc., 675 Mass Ave,
+      Cambridge, MA 02139, USA.</p>
+    </blockquote>
+
+    <p><a name="contact">Also add</a> information on how to contact
+    you by electronic and paper mail.</p>
+
+    <p><a name="short">If the program is interactive,</a> make it
+    output a short notice like this when it starts in an
+    interactive mode:</p>
+
+    <blockquote>
+      Gnomovision version 69, Copyright (C) 19yy name of author
+      Gnomovision comes with ABSOLUTELY NO WARRANTY; for details
+      type `show w'. This is free software, and you are welcome to
+      redistribute it under certain conditions; type `show c' for
+      details.
+    </blockquote>
+
+    <p><a name="hypo">The hypothetical</a> commands `show w' and
+    `show c' should show the appropriate parts of the General
+    Public License. Of course, the commands you use may be called
+    something other than `show w' and `show c'; they could even be
+    mouse-clicks or menu items--whatever suits your program.</p>
+
+    <p><a name="disclaimer">You should also get your employer</a>
+    (if you work as a programmer) or your school, if any, to sign a
+    "copyright disclaimer" for the program, if necessary. Here is a
+    sample; alter the names:</p>
+
+    <blockquote>
+      Yoyodyne, Inc., hereby disclaims all copyright interest in
+      the program `Gnomovision' (which makes passes at compilers)
+      written by James Hacker. <signature of Ty Coon>, 1
+      April 1989<br>
+       Ty Coon, President of Vice
+    </blockquote>
+
+    <p><a name="library">This General Public License</a> does not
+    permit incorporating your program into proprietary programs. If
+    your program is a subroutine library, you may consider it more
+    useful to permit linking proprietary applications with the
+    library. If this is what you want to do, use the GNU Library
+    General Public License instead of this License.</p>
+
+    <p align="center"><a href="#top_of_page"><img border="0" width=
+    "250" height="15" src="top.gif" alt=
+    "--- Back to Top of Page ---"></a></p>
+
+    <p class="sans"><a href="http://www.privoxy.org/">
+    Website</a> <b class="dot">·</b> <a href="ijbman.html">
+    Manual</a> <b class="dot">·</b> <a href="ijbfaq.html">
+    FAQ</a> <b class="dot">·</b> <b>GPL</b></p>
+
+    <p class="sans"><small><small><a href="gpl.html#text">
+    Copyright</a> © 1996-8 <a href=
+    "http://www.junkbusters.com/">Junkbusters</a> <a href=
+    "http://www.junkbusters.com/ht/en/legal.html#marks">®</a>
+    Corporation. <a href="gpl.html#text">Copyright</a> © 2001
+    <a href="http://sourceforge.net/projects/ijbswa/">Jon
+    Foster</a>. Copying and distribution permitted under the <a
+    href="gpl.html">GNU</a> General Public License. The text of the
+    GNU GPL itself is copyrighted by the FSF, and may be copied but
+    not modified.</small></small></p>
+
+    <p><small><code><a href=
+    "http://sourceforge.net/projects/ijbswa/">
+    http://sourceforge.net/projects/ijbswa/</a></code></small></p>
+  </body>
+</html>
+
diff --git a/external/privoxy/doc/pcrs.3 b/external/privoxy/doc/pcrs.3
new file mode 100644
index 0000000..59e0f22
--- /dev/null
+++ b/external/privoxy/doc/pcrs.3
@@ -0,0 +1,488 @@
+.\" Copyright (c) 2001-2003 Andreas S. Oesterhelt <oes at oesterhelt.org>
+.\"
+.\" This is free documentation; you can redistribute it and/or
+.\" modify it under the terms of the GNU General Public License as
+.\" published by the Free Software Foundation; either version 2 of
+.\" the License, or (at your option) any later version.
+.\"
+.\" The GNU General Public License's references to "object code"
+.\" and "executables" are to be interpreted as the output of any
+.\" document formatting or typesetting system, including
+.\" intermediate and printed output.
+.\"
+.\" This manual is distributed in the hope that it will be useful,
+.\" but WITHOUT ANY WARRANTY; without even the implied warranty of
+.\" MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+.\" GNU General Public License for more details.
+.\"
+.\" You should have received a copy of the GNU General Public
+.\" License along with this manual; if not, write to the Free
+.\" Software Foundation, Inc., 59 Temple Place, Suite 330, Boston,
+.\" MA 02111, USA.
+.\"
+.TH PCRS 3 "2 December 2003" "pcrs-0.0.3"
+.SH NAME
+pcrs - Perl-compatible regular substitution.
+.SH SYNOPSIS
+.br
+.B "#include <pcrs.h>"
+.PP
+.br
+.BI "pcrs_job *pcrs_compile(const char *" pattern "," 
+.ti +5n
+.BI "const char *" substitute ", const char *" options ,
+.ti +5n
+.BI "int *" errptr );
+.PP
+.br
+.BI "pcrs_job *pcrs_compile_command(const char *" command ,
+.ti +5n
+.BI "int *" errptr );
+.PP
+.br
+.BI "int pcrs_execute(pcrs_job *" job ", char *" subject ,
+.ti +5n
+.BI "int " subject_length ", char **" result ,
+.ti +5n
+.BI "int *" result_length );
+.PP
+.br
+.BI "int pcrs_execute_list (pcrs_job *" joblist ", char *" subject ,
+.ti +5n
+.BI "int " subject_length ", char **" result ,
+.ti +5n
+.BI "int *" result_length );
+.PP
+.br
+.BI "pcrs_job *pcrs_free_job(pcrs_job *" job );
+.PP
+.br
+.BI "void pcrs_free_joblist(pcrs_job *" joblist );
+.PP
+.br
+.BI "char *pcrs_strerror(int " err );
+.PP
+.br
+
+.SH DESCRIPTION
+
+The
+.SM PCRS
+library is a supplement to the 
+.SB PCRE(3)
+library that implements
+.RB "regular expression based substitution, like provided by " Perl(1) "'s 's'"
+operator. It uses the same syntax and semantics as Perl 5, with just a few
+differences (see below).
+
+In a first step, the information on a substitution, i.e. the pattern, the
+substitute and the options are compiled from Perl syntax to an internal form
+.RB "called " pcrs_job " by using either the " pcrs_compile() " or " 
+.BR pcrs_compile_command() " functions."
+
+Once the job is compiled, it can be used on subjects, which are arbitrary 
+memory areas containing string or binary data, by calling
+.BR pcrs_execute() ". Jobs can be chained to joblists and whole"
+.RB "joblists can be applied to a subject using " pcrs_execute_list() .
+
+There are also convenience functions for freeing the jobs and for errno-to-string
+.RB "conversion, namely " pcrs_free_job() ", " pcrs_free_joblist() " and "
+.BR pcrs_strerror() .
+
+.SH COMPILING JOBS
+
+.RB "The function " pcrs_compile() " is called to compile a " pcrs_job
+.RI "from a " pattern ", " substitute " and " options " string."
+.RB "The resulting " "pcrs_job" " structure is dynamically allocated and it"
+.RB "is the caller's responsibility to call " "pcrs_free_job()" "  when it's no longer needed."
+
+.BR "pcrs_compile_command()" " is a convenience wrapper function that parses a Perl"
+.IR "command" " of the form"
+.BI "s/" "pattern" "/" "substitute" "/[" "options" "]"
+.RB "into its components and then calls " "pcrs_compile()" ". As in Perl, you"
+.RB "are not bound to the '" "/" "' character: Whatever"
+.RB "follows the '" "s" "' will be used as the delimiter. Patterns or substitutes"
+that contain the delimiter need to quote it:
+\fBs/th\\/is/th\\/at/\fR
+.RB "will replace " "th/is" " by " "th/at" " and can be written more simply as" 
+.BR "s|th/is|th/at|" "."
+
+.IR "pattern" ", " "substitute" ", " "options" " and " "command" " must be"
+.RI "zero-terminated C strings. " "substitute" " and " "options" " may be"
+.BR "NULL" ", in which case they are treated like the empty string."
+
+.SS "Return value and diagnostics"
+On success, both functions return a pointer to the compiled job.
+.RB "On failure, " "NULL"
+.RI "is returned. In that case, the pcrs error code is written to *" "err" "."
+
+.SS Patterns
+.RI "For the syntax of the " "pattern" ", see the "
+.BR "PCRE(3)" " manual page."
+
+.SS Substitutes
+.RI "The " "substitute" " uses"
+.RB "Perl syntax as documented in the " "perlre(1)" " manual page, with"
+some exceptions: 
+
+Most notably and evidently, since
+.SM PCRS
+is not Perl, variable interpolation or Perl command substitution won't work.
+Special variables that do get interpolated, are:
+.TP
+.B "$1, $2, ..., $n"
+Like in Perl, these variables refer to what the nth capturing subpattern
+in the pattern matched.
+.TP
+.B "$& and $0"
+.RB "refer to the whole match. Note that " "$0" " is deprecated in recent"
+Perl versions and now refers to the program name.
+.TP
+.B "$+"
+refers to what the last capturing subpattern matched.
+.TP
+.BR "$` and $'" " (backtick and tick)"
+.RI "refer to the areas of the " "subject" " before and after the match, respectively."
+.RB "Note that, like in Perl, the " "unmodified" " subject is used, even"
+if a global substitution previously matched.
+
+.PP
+Perl4-style references to subpattern matches of the form 
+\fB\\1, \\2, ...\fR
+.RB "which only exist in Perl5 for backwards compatibility, are " "not" 
+supported.
+
+Also, since the substitute is a double-quoted string in Perl, you
+might expect all Perl syntax for special characters to apply. In fact,
+only the following are supported:
+
+.TP
+\fB\\n\fR
+newline (0x0a)
+.TP
+\fB\\r\fR
+carriage return (0x0d)
+.TP
+\fB\\t\fR
+horizontal tab (0x09)
+.TP
+\fB\\f\fR
+form feed (0x0c)
+.TP
+\fB\\b\fR
+backspace (0x08)
+.TP
+\fB\\a\fR
+alarm, bell (0x07)
+.TP
+\fB\\e\fR
+escape (0x1b)
+.TP
+\fB\\0\fR
+binary zero (0x00)
+
+.SS "Options"
+.RB "The options " "gmisx" " are supported. " "e" " is not, since it would"
+.RB "require a Perl interpreter and neither is " o ", because the pattern
+is explicitly compiled, anyway. Additionally,
+.SM PCRS
+.RB "honors the options " "U" " and " "T" "."
+Where
+.SM PCRE
+.RB "options are mentioned below, refer to " PCRE(3) " for the subtle differences"
+to Perl behaviour.
+
+.TP
+.B g
+.RB "Replace " all " instances of"
+.IR pattern " in " subject ,
+not just the first one.
+
+.TP
+.B i
+.RI "Match the " pattern " without respect to case. This translates to"
+.SM PCRE_CASELESS.
+
+.TP
+.B m
+.RI "Treat the " subject " as consisting of multiple lines, i.e."
+.RB ' ^ "' matches immediately after, and '" $ "' immediately before each newline."
+Translates to
+.SM PCRE_MULTILINE.
+
+.TP
+.B s
+.RI "Treat the " subject " as consisting of one single line, i.e."
+.RB "let the scope of the '" . "' metacharacter include newlines."
+Translates to
+.SM PCRE_DOTALL.
+
+.TP
+.B x
+.RI "Allow extended regular expression syntax in the " pattern ","
+.RB "enabling whitespace and comments in complex patterns."
+Translates to
+.SM PCRE_EXTENDED.
+
+.TP
+.B U
+.RB "Switch the default behaviour of the '" * "' and '" + "' quantifiers"
+.RB "to ungreedy. Note that appending a '" ? "' switches back to greedy(!)."
+.RB "The explicit in-pattern switches " (?U) " and " (?-U) " remain unaffected."
+Translates to
+.SM PCRE_UNGREEDY.
+
+.TP
+.B T
+.RI "Consider the " substitute " trivial, i.e. do not interpret any references"
+or special character escape sequences in the substitute. Handy for large
+user-supplied substitutes, which would otherwise have to be examined and properly
+quoted.
+
+.PP
+Unsupported options are silently ignored.
+
+.SH EXECUTING JOBS
+
+.RI "Calling " pcrs_execute() " produces a modified copy of the " subject ", in which"
+.RB "the first (or all, if the '" g "' option was given when compiling the job)"
+.RI "occurance(s) of the job's " pattern " in the " subject " is replaced by the job's"
+.IR substitute .
+
+.RI "The first " subject_length " bytes following " subject " are processed, so"
+.RI  "a " subject_length " that exceeds the actual " subject " is dangerous."
+.RI "Note that for zero-terminated C strings, you should set " subject_length " to"
+.BI strlen( subject ) \fR,
+so that the dollar metacharacter matches at the end of the string, not after
+the string-terminating null byte. For convenience, an extra null byte is
+appended to the result so it can again be used as a string.
+
+.RI "The " subject " itself is left untouched, and the " *result " is dynamically"
+.RB "allocated, so it is the caller's responsibility to " free() " it when it's"
+no longer needed.
+
+.RI "The result's length (excluding the extra null byte) is written to " *result_length "."
+
+.RB "If the job matched, the " PCRS_SUCCESS " flag in"
+.IB job ->flags
+is set.
+
+
+.SS String subjects
+If your 
+
+.SS Return value and diagnostics
+
+.RB "On success, " pcrs_execute() " returns the number of substitutions that"
+were made, which is limited to 0 or 1 for non-global searches.
+.RI "On failure, a negative error code is returned and " result " is set"
+.RB "to " NULL .
+
+.SH FREEING JOBS
+.RB "It is not sufficient to call " free() " on a " pcrs_job ", because it "
+contains pointers to other dynamically allocated structures.
+.RB "Use " pcrs_free_job() " instead. It is safe to pass " NULL " pointers "
+.RB "(or pointers to invalid " pcrs_job "s that contain " NULL " pointers"
+.RB "to dependant structures) to " pcrs_free_job() "."
+
+.SS Return value
+.RB "The value of the job's " next " pointer."
+
+
+.SH CHAINING JOBS
+
+.SM PCRS
+.RB "supports to some extent the chaining of multiple " pcrs_job " structures by"
+.RB "means of their " next " member."
+
+Chaining the jobs is up to you, but once you have built a linked list of jobs,
+.RI "you can execute a whole " joblist " on a given subject by"
+.RB "a single call to " pcrs_execute_list() ", which will sequentially traverse"
+.RB "the linked list until it reaches a " NULL " pointer, and call " pcrs_execute() 
+.RI "for each job it encounters, feeding the " result  " and " result_length " of each"
+.RI "call into the next as the " subject " and " subject_length ". As in the single"
+.RI "job case, the original " subject " remains untouched, but all interim " result "s"
+.RB "are of course " free() "d. The return value is the accumulated number of matches"
+.RI "for all jobs in the " joblist "."
+.RI "Note that while this is handy, it reduces the diagnostic value of " err ", since "
+you won't know which job failed.
+
+.RI "In analogy, you can free all jobs in a given " joblist " by calling"
+.BR pcrs_free_joblist() .
+
+.SH QUOTING
+The quote character is (surprise!) '\fB\\\fR'. It quotes the delimiter in a
+.IR command ", the"
+.RB ' $ "' in  a"
+.IR substitute ", and, of course, itself. Note that the"
+.RB ' $ "' doesn't need to be quoted if it isn't followed by " [0-9+'`&] "."
+
+.RI "For quoting in the " pattern ", please refer to"
+.BR PCRE(3) .
+
+.SH DIAGNOSTICS
+
+.RB "When " compiling " a job either via the " pcrs_compile() " or " pcrs_compile_command()
+.RB "functions, you know that something went wrong when you are returned a " NULL " pointer."
+.RI "In that case, or in the event of non-fatal warnings, the integer pointed to by " err
+contains a nonzero error code, which is either a passed-through
+.SM PCRE
+error code or one generated by
+.SM PCRS.
+Under normal circumstances, it can take the following values:
+.TP
+.B PCRE_ERROR_NOMEMORY
+While compiling the pattern,
+.SM PCRE
+ran out of memory.
+.TP  
+.B  PCRS_ERR_NOMEM
+While compiling the job,
+.SM PCRS
+ran out of memory.
+.TP  
+.B  PCRS_ERR_CMDSYNTAX
+.BR pcrs_compile_command() " didn't find four tokens while parsing the"
+.IR command .
+.TP  
+.B  PCRS_ERR_STUDY
+A
+.SM PCRE
+.RB "error occured while studying the compiled pattern. Since " pcre_study()
+only provides textual diagnostic information, the details are lost.
+.TP  
+.B  PCRS_WARN_BADREF
+.RI "The " substitute " contains a reference to a capturing subpattern that"
+.RI "has a higher index than the number of capturing subpatterns in the " pattern
+or that exceeds the current hard limit of 33 (See LIMITATIONS below). As in Perl,
+this is non-fatal and results in substitutions with the empty string.
+
+.PP
+.RB "When " executing " jobs via " pcrs_execute() " or " pcrs_execute_list() ","
+.RI "a negative return code indicates an error. In that case, *" result
+.RB "is " NULL ". Possible error codes are:"
+.TP
+.B PCRE_ERROR_NOMEMORY
+While matching the pattern,
+.SM PCRE
+ran out of memory. This can only happen if there are more than 33 backrefrences
+.RI "in the " pattern "(!)"
+.BR and " memory is too tight to extend storage for more."
+.TP  
+.B  PCRS_ERR_NOMEM
+While executing the job,
+.SM PCRS
+ran out of memory.
+.TP  
+.B  PCRS_ERR_BADJOB
+.RB "The " pcrs_job "*  passed to " pcrs_execute " was NULL, or the"
+.RB "job is bogus (it contains " NULL " pointers to the compiled
+pattern, extra, or substitute).
+
+.PP
+If you see any other
+.SM PCRE
+error code passed through, you've either messed with the compiled job
+or found a bug in
+.SM PCRS.
+Please send me an email.
+
+.RB "Ah, and don't look for " PCRE_ERROR_NOMATCH ", since this"
+is not an error in the context of
+.SM PCRS.
+.RI "Should there be no match, an exact copy of the " subject " is"
+.RI "found at *" result " and the return code is 0 (matches)."
+
+All error codes can be translated into human readable text by means
+.RB "of the " pcrs_strerror() " function."
+
+
+.SH EXAMPLE
+A trivial command-line test program for
+.SM PCRS
+might look like:
+
+.nf
+#include <pcrs.h>
+#include <stdio.h>
+
+int main(int Argc, char **Argv)
+{
+   pcrs_job *job;
+   char *result;
+   size_t newsize;
+   int err;
+
+   if (Argc != 3)
+   {
+      fprintf(stderr, "Usage: %s s/pattern/substitute/[options]  subject\\n", Argv[0]);
+      return 1;
+   }
+
+   if (NULL == (job = pcrs_compile_command(Argv[1], &err)))
+   {
+      fprintf(stderr, "%s: compile error:  %s (%d).\\n", Argv[0], pcrs_strerror(err), err);
+   }
+
+   if (0 > (err = pcrs_execute(job, Argv[2], strlen(Argv[2]), &result, &newsize)))
+   {
+      fprintf(stderr, "%s: exec error:  %s (%d).\\n", Argv[0], pcrs_strerror(err), err);
+   }
+   else
+   {
+      printf("Result: *%s*\\n", result);
+      free(result);
+   }
+
+   pcrs_free_job(job);
+   return(err < 0);
+
+}
+
+.fi
+
+
+.SH LIMITATIONS
+The number of matches that a global job can have is only limited by the
+available memory. An initial storage for 40 matches is reserved, which
+is dynamically resized by the factor 1.6 whenever it is exhausted.
+
+The number of capturing subpatterns is currently limited to 33, which
+is a Bad Thing[tm]. It should be dynamically expanded until it reaches the
+.SM PCRE
+limit of 99.
+.br
+This limitation is particularly embarassing since
+.SM PCRE
+3.5 has raised the capturing subpattern limit to 65K.
+
+All of the above values can be adjusted in the "Capacity" section
+.RB "of " pcrs.h "."
+
+The Perl-style escape sequences for special characters \\\fInnn\fR,
+\\x\fInn\fR, and \\c\fIX\fR are currently unsupported.
+
+.SH BUGS
+This library has only been tested in the context of one application
+and should be considered high risk.
+
+.SH HISTORY
+.SM PCRS
+was originally written for the Privoxy project
+(http://www.privoxy.org/).
+
+.SH SEE ALSO
+.B PCRE(3), perl(1), perlre(1)
+
+.SH AUTHOR
+
+.SM PCRS
+is Copyright 2000 - 2003 by Andreas Oesterhelt <andreas at oesterhelt.org> and is
+licensed under the terms of the GNU Lesser General Public License (LGPL),
+version 2.1, which should be included in this distribution, with the exception
+that the permission to replace that license with the GNU General Public
+License (GPL) given in section 3 is restricted to version 2 of the GPL.
+
+If it is missing from this distribution, the LGPL can be obtained from
+http://www.gnu.org/licenses/lgpl.html or by mail: Write to the Free Software
+Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
diff --git a/external/privoxy/doc/source/authors.sgml b/external/privoxy/doc/source/authors.sgml
new file mode 100644
index 0000000..a810736
--- /dev/null
+++ b/external/privoxy/doc/source/authors.sgml
@@ -0,0 +1,67 @@
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/authors.sgml,v $
+
+ Purpose     :  AUTHORS file for Privoxy
+                
+ $Id: authors.sgml,v 2.11 2009/02/12 16:08:26 fabiankeil Exp $
+
+ 
+ Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
+ See LICENSE.
+
+ ========================================================================
+ NOTE: Please read developer-manual/documentation.html before touching 
+ anything in this, or other Privoxy documentation. You have been warned!
+ Failure to abide by this rule will result in the revocation of your license 
+ to live a peaceful existence!
+ ========================================================================
+
+ ===================================================================
+ READ: Document Note: This file generates the AUTHORS file in the 
+ top level source directory. See p-authors.sgml for list of developers
+ and contributors, etc. They were split from here for use in man page.
+ ===================================================================
+
+-->
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook V3.1//EN" [
+<!entity % dummy "IGNORE"> 
+<!entity authors SYSTEM "p-authors.sgml">
+<!entity p-version "3.0.11">
+<!entity p-status "stable">
+<!entity % p-not-stable "IGNORE">
+<!entity % p-stable "INCLUDE">
+<!entity % p-text "INCLUDE">           <!-- define we are a text only doc -->
+<!entity % p-authors-formal "INCLUDE"> <!-- include additional text, etc  -->
+]>
+
+<article id="index">
+
+<![%dummy;[
+ <para>
+ <comment>
+  This is here to keep vim syntax file from breaking :/
+  If I knew enough to fix it, I would.
+  PLEASE DO NOT REMOVE! HB: hal at foobox.net
+ </comment>
+ </para>
+]]>
+
+<literallayout>
+              Authors of <application>Privoxy</application> v2.9.x and 3.x
+===========================================================================
+</literallayout>
+
+<!-- include boilerplate p-authors.sgml -->
+ &authors;
+<!-- end boilerplate -->
+
+<para>
+ If we've missed you off this list, please let us know!
+</para>
+
+<literallayout>
+ Privoxy team. <ulink url="http://www.privoxy.org/">http://www.privoxy.org/</ulink>
+ <email>ijbswa-developers at lists.sourceforge.net</email>
+</literallayout>
+
+</article>
diff --git a/external/privoxy/doc/source/buildsource.sgml b/external/privoxy/doc/source/buildsource.sgml
new file mode 100644
index 0000000..f8f5955
--- /dev/null
+++ b/external/privoxy/doc/source/buildsource.sgml
@@ -0,0 +1,256 @@
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/buildsource.sgml,v $
+
+ Purpose     :  Entity included in other project documents.
+                
+ $Id: buildsource.sgml,v 2.18 2009/02/23 09:03:12 fabiankeil Exp $
+
+ Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
+ See LICENSE.
+
+ ======================================================================
+  This file used for inclusion with other documents only.
+ ======================================================================
+
+ If you make changes to this file, please verify the finished 
+ docs all display as intended.
+
+ This file is included into:
+
+  user-manual
+  INSTALL
+
+-->
+<para>
+ To build <application>Privoxy</application> from source, 
+ <ulink url="http://www.gnu.org/software/autoconf/autoconf.html">autoconf</ulink>,
+ <ulink
+ url="http://www.gnu.org/software/make/make.html">GNU make
+ (gmake)</ulink>, and, of course, a C compiler like <ulink
+ url="http://www.gnu.org/software/gcc/gcc.html">gcc</ulink> are required.
+</para>
+
+<para>
+ When building from a source tarball,
+<!-- 
+ no longer available ...
+ <ulink
+ url="http://cvs.sourceforge.net/cvstarballs/ijbswa-cvsroot.tar.gz">nightly CVS
+ tarball</ulink>), 
+--> first unpack the source: 
+</para>
+
+<para>
+ <screen>
+ tar xzvf privoxy-&p-version;<![%p-not-stable;[-beta]]><![%p-stable;[-stable]]>-src.tar.gz
+ cd privoxy-&p-version;<![%p-not-stable;[-beta]]><![%p-stable;[-stable]]>
+</screen>
+</para>
+
+<para>
+ For retrieving the current CVS sources, you'll need a CVS client installed.
+ Note that sources from CVS are typically development quality, and may not be
+ stable, or well tested. To download CVS source, check the Sourceforge
+ documentation, which might give commands like:
+</para>
+
+<para>
+ <screen>
+  cvs -d:pserver:anonymous at ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa login
+  cvs -z3 -d:pserver:anonymous at ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa co current
+  cd current
+</screen>
+</para>
+
+<para>
+ This will create a directory named <filename>current/</filename>, which will 
+ contain the source tree.
+</para>
+
+<para>
+ You can also check out any <application>Privoxy</application>
+ <quote>branch</quote>, just exchange the <application>current</application>
+ name with the wanted branch name (Example: v_3_0_branch for the 3.0 cvs
+ tree).
+</para>
+
+<para>
+ It is also strongly recommended to not run <application>Privoxy</application>
+ as root. You should configure/install/run <application>Privoxy</application> as
+ an unprivileged user, preferably by  creating a <quote>privoxy</quote> user
+ and group just for this purpose. See your local documentation for the correct
+ command line to do add new users and groups (something like
+ <command>adduser</command>, but the command syntax may vary from platform
+ to platform). 
+</para>
+
+<para>
+ <filename>/etc/passwd</filename> might then look like:
+</para>
+
+<para>
+ <screen>  privoxy:*:7777:7777:privoxy proxy:/no/home:/no/shell</screen>
+</para>
+
+<para>
+ And then <filename>/etc/group</filename>, like:
+</para>
+
+<para>
+ <screen>  privoxy:*:7777:</screen>
+</para>
+
+<para>
+ Some binary packages may do this for you.
+</para>
+
+<para>
+ Then, to build from either unpacked tarball or CVS source:
+</para>
+
+<para>
+ <screen>
+ autoheader
+ autoconf
+ ./configure      # (--help to see options)
+ make             # (the make from GNU, sometimes called gmake) 
+ su               # Possibly required
+ make -n install  # (to see where all the files will go)
+ make -s install  # (to really install, -s to silence output)</screen>
+</para>
+
+<para>
+  Using GNU <command>make</command>, you can have the first four steps
+  automatically done for you by just typing:
+</para>
+
+<para>
+ <screen>
+  make
+</screen>
+</para>
+
+<para>
+  in the freshly downloaded or unpacked source directory.
+</para>
+
+<para>
+ To build an executable with security enhanced features so that 
+ users cannot easily bypass the proxy (e.g. <quote>Go There Anyway</quote>), or
+ alter their own configurations, <command>configure</command> like this:
+</para>
+<para>
+ <screen>
+ ./configure  --disable-toggle  --disable-editor  --disable-force</screen>
+</para> 
+<para>
+Then build as above. In Privoxy 3.0.7 and later, all of these options
+can also be disabled through the configuration file.
+</para>
+<para>
+ <emphasis>WARNING:</emphasis> If installing as root, the install will fail
+ unless a non-root user or group is specified, or a <literal>privoxy</literal>
+ user and group already exist on the system. If a non-root user is specified,
+ and no group, then the installation will try to also use a group of the same name
+ as <quote>user</quote>. If a group is specified (and no user), then the
+ support files will be installed as writable by that group, and owned by the
+ user running the installation.
+</para>
+
+<para>
+ <command>configure</command> accepts <literal>--with-user</literal> and
+ <literal>--with-group</literal> options for setting user and group ownership
+ of the configuration files (which need to be writable by the daemon). The
+ specified <emphasis>user must already exist</emphasis>. When starting
+ <application>Privoxy</application>, it must be run as this same user to
+ insure write access to configuration and log files!
+</para>
+
+<para>
+ Alternately, you can specify <literal>user</literal> and <literal>group</literal>
+ on the <command>make</command> command line, but be sure both already exist:
+</para>
+
+<para>
+ <screen>
+ make -s install  USER=privoxy GROUP=privoxy</screen>
+</para>
+
+<para>
+ The default installation path for <command>make install</command> is 
+ <filename>/usr/local</filename>. This may of course be customized with 
+ the various <command>./configure</command> path options. If you are doing 
+ an install to anywhere besides <filename>/usr/local</filename>, be
+ sure to set the appropriate paths with the correct configure options
+ (<command>./configure --help</command>). Non-privileged users must of course
+ have write access permissions to wherever the target installation is going.
+</para>
+
+<para>
+ If you do install to <filename>/usr/local</filename>, the install will use
+ <literal>sysconfdir=$prefix/etc/privoxy</literal> by default. All other
+ destinations, and the direct usage of <literal>--sysconfdir</literal> flag
+ behave like normal, i.e. will not add the extra <filename>privoxy</filename>
+ directory. This is for a safer install, as there may already exist another
+ program that uses a file with the <quote>config</quote> name, and thus makes
+ <filename>/usr/local/etc</filename> cleaner.
+</para>
+
+<para>
+ If installing to <filename>/usr/local</filename>, the documentation will go
+ by default to <filename>$prefix/share/doc</filename>. But if this directory
+ doesn't exist, it will then try <filename>$prefix/doc</filename> and install
+ there before creating a new <filename>$prefix/share/doc</filename> just for
+ <application>Privoxy</application>.
+</para>
+
+<para>
+ Again, if the installs goes to <filename>/usr/local</filename>, the
+ <literal>localstatedir</literal> (ie: <filename>var/</filename>) will default
+ to <filename>/var</filename> instead of <literal>$prefix/var</literal> so
+ the logs will go to <filename>/var/log/privoxy/</filename>, and the pid file
+ will be created in <filename>/var/run/privoxy.pid</filename>. 
+</para>
+
+<para>
+ <command>make install</command> will attempt to set the correct values 
+ in <filename>config</filename> (main configuration file). You should  
+ check this to make sure all values are correct. If appropriate,
+ an init script will be installed, but it is up to the user to determine 
+ how and where to start <application>Privoxy</application>. The init 
+ script should be checked for correct paths and values, if anything other than
+ a default install is done.
+</para>
+
+<para>
+ If install finds previous versions of local configuration files, most of
+ these will not be overwritten, and the new ones will be installed with a
+ <quote>new</quote> extension. default.action and default.filter
+ <emphasis>will be overwritten</emphasis>. You will then need
+ to manually update the other installed configuration files as needed. The
+ default template files <emphasis>will</emphasis> be overwritten. If you have
+ customized, local templates, these should be stored safely in a separate
+ directory and defined in <filename>config</filename> by the
+ <quote>templdir</quote> directive. It is of course wise to always back-up any
+ important configuration files <quote>just in case</quote>. If a previous
+ version of <application>Privoxy</application> is already running, you will
+ have to restart it manually.
+</para>
+
+<para>
+ For more detailed instructions on how to build Redhat RPMs,
+ Windows self-extracting installers, building on platforms with
+ special requirements etc, please consult the <ulink
+ url="http://www.privoxy.org/developer-manual/newrelease.html">developer manual</ulink>.
+</para>
+
+<!-- print for README only -->
+<!-- Actually this is now in INSTALL -->
+ <![%p-readme;[
+<para>
+ The simplest command line to start <application>Privoxy</application> is 
+ <command>$path/privoxy --user=privoxy  $path/etc/privoxy/config</command>. 
+ See <command>privoxy --usage</command>, or the man page, for other options, 
+ and configuration.
+</para>
+]]>
diff --git a/external/privoxy/doc/source/config.sgml b/external/privoxy/doc/source/config.sgml
new file mode 100644
index 0000000..472884c
--- /dev/null
+++ b/external/privoxy/doc/source/config.sgml
@@ -0,0 +1,36 @@
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook V3.1//EN"[
+<!entity % dummy "IGNORE"> 
+<!entity config SYSTEM "p-config.sgml">
+<!entity p-version "3.0.11">
+<!entity p-status "stable">
+<!entity % p-not-stable "IGNORE">
+<!entity % user-man "IGNORE">
+<!entity % config-file "IGNORE">
+<!entity  my-app "<application>Privoxy</application>">
+]>
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/config.sgml,v $
+
+ Purpose     :  config file generation
+                
+ $Id: config.sgml,v 2.12 2009/02/12 16:08:26 fabiankeil Exp $
+
+ Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
+ See LICENSE.
+
+ ========================================================================
+ NOTE: Please read developer-manual/documentation.html before touching 
+ anything in this, or other Privoxy documentation. 
+ ========================================================================
+
+ This file is used to generate the main Privoxy config file. It is mostly 
+ content included from p-config.sgml (where all the data is). See that 
+ file for more comments.
+
+-->
+
+<article>
+<!-- include config.sgml -->
+ &config;
+<!-- end include -->
+</article>
diff --git a/external/privoxy/doc/source/contacting.sgml b/external/privoxy/doc/source/contacting.sgml
new file mode 100644
index 0000000..96293f7
--- /dev/null
+++ b/external/privoxy/doc/source/contacting.sgml
@@ -0,0 +1,262 @@
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/contacting.sgml,v $
+
+ Purpose     :  Entity included in other project documents.
+                
+ $Id: contacting.sgml,v 2.14 2008/04/26 11:38:51 fabiankeil Exp $
+
+ Copyright (C) 2001-2008 Privoxy Developers http://www.privoxy.org/
+ See LICENSE.
+
+ ======================================================================
+  This file used for inclusion with other documents only.
+ ======================================================================
+
+ This file is included into:
+
+  faq
+  developer-manual
+  README
+  user-manual
+  webserver/index.sgml
+  announce.sgml
+
+-->
+
+<!-- READ: -->
+<!-- Careful of the literallayout tags and finished formatting -->
+
+<para>
+ We value your feedback. In fact, we rely on it to improve
+ <application>Privoxy</application> and its configuration.
+ However, please note the following hints, so we can 
+ provide you with the best support:
+</para>
+
+<sect2 id="contact-support"><title>Get Support</title>
+<para>
+ For casual users, our 
+ <ulink url="http://sourceforge.net/tracker/?group_id=11118&atid=211118">support forum at SourceForge</ulink>
+ is probably best suited:
+ <ulink url="http://sourceforge.net/tracker/?group_id=11118&atid=211118">http://sourceforge.net/tracker/?group_id=11118&atid=211118</ulink>
+</para>
+
+<para>
+ All users are of course welcome to discuss their issues on the <ulink
+ url="http://lists.sourceforge.net/lists/listinfo/ijbswa-users">users
+ mailing list</ulink>, where the developers also hang around.
+</para>
+
+<para>
+ Please don't sent private support requests to individual Privoxy
+ developers, either use the mailing lists or the support trackers.
+</para>
+
+<para>
+ Note that the Privoxy mailing lists are moderated. Posts from unsubscribed
+ addresses have to be accepted manually by a moderator. This may cause a
+ delay of several days and if you use a subject that doesn't clearly
+ mention Privoxy or one of its features, your message may be accidentally
+ discarded as spam.
+</para>
+
+<para>
+ If you aren't subscribed, you should therefore spend a few seconds
+ to come up with a proper subject. Additionally you should make it clear
+ that you want to get CC'd. Otherwise some responses will be directed to
+ the mailing list only, and you won't see them.
+</para>
+
+</sect2>
+
+<sect2 id="reporting"><title>Reporting Problems</title>
+<para>
+<quote>Problems</quote> for our purposes, come in two forms:
+</para>
+ <itemizedlist>
+
+  <listitem>
+   <para>
+    Configuration issues, such as ads that slip through, or sites that 
+    don't function properly due to one <application>Privoxy</application> 
+    <quote>action</quote> or another being turned <quote>on</quote>.
+   </para>
+  </listitem> 
+
+  <listitem>
+   <para>
+    <quote>Bugs</quote> in the programming code that makes up 
+    <application>Privoxy</application>, such as that might cause a crash.
+   </para>
+  </listitem> 
+</itemizedlist>
+
+
+<sect3 id="contact-ads"><title>Reporting Ads or Other Configuration Problems</title>
+<para>
+ Please send feedback on ads that slipped through, innocent images that were
+ blocked, sites that don't work properly, and other configuration related problem of 
+ <filename>default.action</filename> file, to 
+ <ulink url="http://sourceforge.net/tracker/?group_id=11118&atid=460288">
+ http://sourceforge.net/tracker/?group_id=11118&atid=460288</ulink>,
+ the Actions File Tracker.
+</para> 
+
+<para>
+ New, improved <filename>default.action</filename> files may occasionally be made
+ available based on your feedback. These will be announced on the <ulink
+ url="http://lists.sourceforge.net/lists/listinfo/ijbswa-announce">ijbswa-announce</ulink>
+ list and available from our the <ulink
+ url="http://sourceforge.net/project/showfiles.php?group_id=11118">files section</ulink> of
+ our <ulink url="http://sf.net/projects/ijbswa/">project page</ulink>.
+</para>
+</sect3>
+
+
+<sect3 id="contact-bugs"><title>Reporting Bugs</title>
+<para>
+ Please report all bugs through our bug tracker: 
+ <ulink url="http://sourceforge.net/tracker/?group_id=11118&atid=111118">http://sourceforge.net/tracker/?group_id=11118&atid=111118</ulink>. 
+</para>
+
+<para>
+  Before doing so, please make sure that the bug has <emphasis>not already been submitted</emphasis>
+  and observe the additional hints at the top of the <ulink
+  url="http://sourceforge.net/tracker/?func=add&group_id=11118&atid=111118">submit
+  form</ulink>. If already submitted, please feel free to add any info to the 
+  original report that might help to solve the issue.
+</para>
+
+<para>
+  Please try to verify that it is a <application>Privoxy</application> bug,
+  and not a browser or site bug or documented behaviour that just happens
+  to be different than what you expected. If unsure,
+  try <ulink url="http://config.privoxy.org/toggle?set=disable">toggling
+  off</ulink> <application>Privoxy</application>, and see if the problem persists.
+</para>
+
+<para>
+  If you are using your own custom configuration, please try
+  the stock configs to see if the problem is configuration related.
+  If you're having problems with a feature that is disabled by default,
+  please ask around on the mailing list if others can reproduce the problem.
+</para>
+
+<para>
+  If you aren't using the latest Privoxy version, the bug may have been found
+  and fixed in the meantime. We would appreciate if you could take the time
+  to <ulink url="http://www.privoxy.org/user-manual/installation.html">upgrade
+  to the latest version</ulink> (or  even the latest CVS snapshot) and verify
+  that your bug still exists.
+</para>
+<para>
+Please be sure to provide the following information:
+</para>
+<para>
+ <itemizedlist>
+
+  <listitem>
+   <para>
+    The exact <application>Privoxy</application> version you are using
+    (if you got the source from CVS, please also provide the source code revisions
+     as shown in <ulink url="http://config.privoxy.org/show-version">http://config.privoxy.org/show-version</ulink>).
+   </para>
+  </listitem> 
+
+  <listitem>
+   <para>
+    The operating system and versions you run
+    <application>Privoxy</application> on, (e.g. <application>Windows
+    XP SP2</application>), if you are using a Unix flavor,
+    sending the output of <quote>uname -a</quote> should do,
+    in case of GNU/Linux, please also name the distribution.
+   </para>
+  </listitem> 
+
+  <listitem>
+   <para>
+    The name, platform, and version of the <application>browser</application> 
+    you were using (e.g. <application>Internet Explorer v5.5</application> for Mac).
+   </para>
+  </listitem>
+
+  <listitem>
+   <para>
+    The URL where the problem occurred, or some way for us to duplicate the
+    problem (e.g. <literal>http://somesite.example.com/?somethingelse=123</literal>). 
+   </para>
+  </listitem> 
+
+  <listitem>
+   <para>
+    Whether your version of <application>Privoxy</application> is one supplied
+    by the <application>Privoxy</application> developers via SourceForge,
+    or if you got your copy somewhere else.
+   </para>
+  </listitem> 
+
+  <listitem>
+   <para>
+    Whether you are using <application>Privoxy</application> in tandem with 
+    another proxy such as <application>Tor</application>. If so, please
+    temporary disable the other proxy to see if the symptoms change.
+   </para>
+  </listitem> 
+
+  <listitem>
+   <para>
+    Whether you are using a personal firewall product. If so, does 
+    <application>Privoxy</application> work without it?
+   </para>
+  </listitem> 
+
+  <listitem>
+   <para>
+    Any other pertinent information to help identify the problem such as config
+    or log file excerpts (yes, you should have log file entries for each
+    action taken).
+   </para>
+  </listitem> 
+
+</itemizedlist>
+</para>
+
+<para>
+ You don't have to tell us your actual name when filing a problem
+ report, but please use a nickname so we can differentiate between
+ your messages and the ones entered by other "anonymous" users that
+ may respond to your request if they have the same problem or already
+ found a solution.
+</para>
+
+<para>
+ Please also check the status of your request a few days after submitting
+ it, as we may request additional information. If you use a SF id,
+ you should automatically get a mail when someone responds to your request.
+</para>
+
+<para>
+  The <ulink url="http://www.privoxy.org/user-manual/appendix.html#ACTIONSANAT">appendix
+  of the Privoxy User Manual</ulink> also has helpful information 
+  on understanding <literal>actions</literal>, and <literal>action</literal> debugging. 
+</para>
+</sect3>
+</sect2>
+
+<sect2 id="contact-feature"><title>Request New Features</title>
+<para>
+ You are welcome to submit ideas on new features or other proposals
+ for improvement through our feature request tracker at
+ <ulink url="http://sourceforge.net/tracker/?atid=361118&group_id=11118">http://sourceforge.net/tracker/?atid=361118&group_id=11118</ulink>.
+</para>
+</sect2>
+
+<sect2 id="contact-other"><title>Other</title>
+<para>
+For any other issues, feel free to use the mailing lists. Technically interested users
+and people who wish to contribute to the project are also welcome on the developers list!
+You can find an overview of all <application>Privoxy</application>-related mailing lists,
+including list archives, at:
+<ulink url="http://sourceforge.net/mail/?group_id=11118">http://sourceforge.net/mail/?group_id=11118</ulink>.
+</para>
+</sect2>
diff --git a/external/privoxy/doc/source/copyright.sgml b/external/privoxy/doc/source/copyright.sgml
new file mode 100644
index 0000000..01c978d
--- /dev/null
+++ b/external/privoxy/doc/source/copyright.sgml
@@ -0,0 +1,47 @@
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/copyright.sgml,v $
+
+ Purpose     :  Entity included in other project documents.
+                
+ $Id: copyright.sgml,v 2.10 2009/02/10 16:13:30 fabiankeil Exp $
+
+ Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
+ See LICENSE.
+
+ ======================================================================
+  This file used for inclusion with other documents only.
+ ======================================================================
+
+ If you make changes to this file, please verify the finished 
+ docs all display as intended.
+
+ This file is included into:
+
+  privoxy-man-page
+  user-manual
+  developer-manual
+  faq
+
+ **************************************************************
+ NOTE: the &my-copy entity must be defined in any file that will 
+ include this file. (This is a workaround for docbook2man not 
+ handling the standard &copy entity in the man page processing.)
+ **************************************************************
+
+-->
+
+<!--
+ GFDL:
+ http://www.gnu.org/licenses/fdl.html
+-->
+
+<para>
+ Copyright &my-copy; 2001-2009 by Privoxy Developers <email>ijbswa-developers at lists.sourceforge.net</email>
+</para>
+
+<para>
+ Some source code is based on code Copyright &my-copy; 1997 by Anonymous Coders
+ and Junkbusters, Inc. and licensed under the <citetitle>GNU General Public
+ License</citetitle>.
+</para>
+
diff --git a/external/privoxy/doc/source/developer-manual.sgml b/external/privoxy/doc/source/developer-manual.sgml
new file mode 100644
index 0000000..0e1dc1f
--- /dev/null
+++ b/external/privoxy/doc/source/developer-manual.sgml
@@ -0,0 +1,3304 @@
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook V3.1//EN"[
+<!entity % dummy "IGNORE"> 
+<!entity supported SYSTEM "supported.sgml">
+<!entity newfeatures SYSTEM "newfeatures.sgml">
+<!entity p-intro SYSTEM "privoxy.sgml">
+<!entity history SYSTEM "history.sgml">
+<!entity seealso SYSTEM "seealso.sgml">
+<!entity contacting SYSTEM "contacting.sgml">
+<!entity copyright SYSTEM "copyright.sgml">
+<!entity license SYSTEM "license.sgml">
+<!entity p-version "3.0.11">
+<!entity p-status "stable">
+<!entity % p-not-stable "IGNORE">
+<!entity % p-stable "INCLUDE">
+<!entity % p-text "IGNORE">        <!-- define we are not a text only doc -->
+<!entity % p-doc "INCLUDE">        <!-- and we are a formal doc           -->
+<!entity % seealso-extra "INCLUDE"> <!-- extra stuff from seealso.sgml    -->
+<!entity  my-copy "©">        <!-- kludge for docbook2man            -->
+]>
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/developer-manual.sgml,v $
+
+ Purpose     :  developer manual
+                This file belongs into
+                ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/
+                
+ $Id: developer-manual.sgml,v 2.27 2009/02/19 02:20:22 hal9 Exp $
+
+ Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
+ See LICENSE.
+
+ ========================================================================
+ NOTE: Please read developer-manual/documentation.html before touching 
+ anything in this, or other Privoxy documentation. You have been warned!
+ Failure to abide by this rule will result in the revocation of your license 
+ to live a peaceful existence!
+ ========================================================================
+
+-->
+
+<article id="index">
+  <artheader>
+    <title>Privoxy Developer Manual</title>
+    <pubdate>
+     <subscript>
+    <!-- Completely the wrong markup, but very little is allowed  -->
+    <!-- in this part of an article. FIXME -->
+      <link linkend="copyright">Copyright</link> &my-copy; 2001-2009 by 
+      <ulink url="http://www.privoxy.org/">Privoxy Developers</ulink>
+     </subscript>
+    </pubdate>
+
+
+    <pubdate>$Id: developer-manual.sgml,v 2.27 2009/02/19 02:20:22 hal9 Exp $</pubdate>
+
+<!--
+
+Note: this should generate a separate page, and a live link to it. 
+But it doesn't for some mysterious reason. Please leave commented
+unless it can be fixed proper. For the time being, the copyright 
+statement will be in copyright.smgl.
+
+Hal.
+
+<legalnotice id="legalnotice"> 
+ <para>
+  text goes here ........
+ </para>
+</legalnotice>
+
+-->
+
+    <abstract>
+
+<![%dummy;[
+ <para>
+ <comment>
+  This is here to keep vim syntax file from breaking :/
+  If I knew enough to fix it, I would.
+  PLEASE DO NOT REMOVE! HB: hal at foobox.net
+ </comment>
+ </para>
+ ]]>
+<para>
+ The developer manual provides guidance on coding, testing, packaging, documentation
+ and other issues of importance to those involved with
+ <application>Privoxy</application> development. It is mandatory (and helpful!) reading
+ for anyone who wants to join the team. Note that it's currently out of date
+ and may not be entirely correct. As always, patches are welcome.
+</para>
+
+<!-- Include privoxy.sgml boilerplate text: -->
+
+<!--  &p-intro; Someone interested enough in the project to contribute
+                will already know at this point what Privoxy is. -->
+
+<!-- end boilerplate -->
+
+<para>
+ Please note that this document is constantly evolving. This copy represents
+ the state at the release of version &p-version;.
+ You can find the latest version of the this manual at <ulink
+ url="http://www.privoxy.org/developer-manual/">http://www.privoxy.org/developer-manual/</ulink>.
+ Please see <link linkend="contact">the Contact section</link> 
+ on how to contact the developers.
+</para>
+<!--        <para> -->
+<!--    Feel free to send a note to the developers at <email>ijbswa-developers at lists.sourceforge.net</email>. -->
+<!--   </para> -->
+
+    </abstract>
+  </artheader>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+  <sect1 id="introduction"><title>Introduction</title>
+<!--
+
+ I don't like seeing blank space :) So added *something* here.
+
+ --> 
+    <para>
+     <application>Privoxy</application>, as an heir to
+     <application>Junkbuster</application>, is a Free Software project 
+     and the code is licensed under the GNU General Public License version 2.
+     As such, <application>Privoxy</application> development is potentially open
+     to anyone who has the time, knowledge, and desire to contribute
+     in any capacity. Our goals are simply to continue the mission,
+     to improve <application>Privoxy</application>, and
+     to make it available to as wide an audience as possible. 
+    </para>
+    <para>
+     One does not have to be a programmer to contribute. Packaging, testing,
+     documenting and porting, are all important jobs as well.
+    </para>
+
+  <!--   ~~~~~       New section      ~~~~~     -->
+  <sect2 id="quickstart"><title>Quickstart to Privoxy Development</title>
+   <para>
+    The first step is to join the <ulink
+      url="mailto:ijbswa-developers at lists.sourceforge.net">developer's mailing list</ulink>.
+    You can submit your ideas, or even better patches. Patches are best 
+    submitted to the Sourceforge tracker set up for this purpose, but 
+    can be sent to the list for review too.
+   </para>
+    <para>
+     You will also need to have a cvs package installed, which will 
+     entail having ssh installed as well (which seems to be a requirement of
+     SourceForge), in order to access the cvs repository. Having the GNU build
+     tools is also going to be important (particularly, autoconf and gmake).
+    </para>
+    <para>
+      For the time being (read, this section is under construction), you can 
+      also refer to the extensive comments in the source code. In fact, 
+      reading the code is recommended in any case.
+    </para>
+   </sect2>
+  </sect1>
+
+  <!--   ~~~~~       New section      ~~~~~     -->
+  <sect1 id="cvs"><title>The CVS Repository</title>
+    <para>
+      If you become part of the active development team, you will eventually
+      need write access to our holy grail, the CVS repository. One of the 
+      team members will need to set this up for you. Please read
+      this chapter completely before accessing via CVS.
+    </para>
+
+    <sect2 id="cvsaccess"><title>Access to CVS</title>
+      <para>
+        The project's CVS repository is hosted on
+        <ulink url="http://sourceforge.net/">SourceForge.</ulink>
+        Please refer to the chapters 6 and 7 in
+        <ulink url="http://sourceforge.net/docman/?group_id=1">SF's site
+        documentation</ulink> for the technical access details for your
+        operating system. For historical reasons, the CVS server is
+        called <literal>ijbswa.cvs.sourceforge.net</literal>, the repository is
+        called <literal>ijbswa</literal>, and the source tree module is called
+        <literal>current</literal>.
+      </para>
+    </sect2>
+
+    <sect2 id="cvsbranches">
+    <title>Branches</title>
+     <para>
+       Within the CVS repository, there are modules and branches. As
+       mentioned, the sources are in the <literal>current</literal>
+       <quote>module</quote>. Other modules are present for platform specific
+       issues. There is a webview of the CVS hierarchy at <ulink
+       url="http://ijbswa.cvs.sourceforge.net/ijbswa/">http://ijbswa.cvs.sourceforge.net/ijbswa/</ulink>,
+       which might help with visualizing how these pieces fit together.
+     </para>
+     <para>
+       Branches are used to fork a sub-development path from the main trunk.
+       Within the <literal>current</literal> module where the sources are, there
+       is always at least one <quote>branch</quote> from the main trunk
+       devoted to a stable release series. The main trunk is where active
+       development takes place for the next stable series (e.g. 3.2.x).
+       So just prior to each stable series (e.g. 3.0.x), a branch is created
+       just for stable series releases (e.g. 3.0.0 -> 3.0.1 -> 3.0.2, etc).
+       Once the initial stable release of any stable branch has taken place,
+       this branch is <emphasis>only used for bugfixes</emphasis>, which have
+       had prior testing before being committed to CVS. (See <link
+       linkend="versionnumbers">Version Numbers</link> below for details on
+       versioning.)
+     </para>
+     <para>
+      At one time there were two distinct branches: stable and unstable. The
+      more drastic changes were to be in the unstable branch. These branches 
+      have now been merged to minimize time and effort of maintaining two 
+      branches.
+     </para>
+    <!-- 
+     <para>
+       This will result in at least two active branches, which means there may
+       be occasions that require the same (or similar) item to be 
+       checked into to two different places (assuming its a bugfix and needs 
+       fixing in both the stable and unstable trees). This also means that in
+       order to have access to both trees, both will have to be checked out 
+       separately. Use the <literal>cvs -r</literal> flag to check out a 
+       branch, e.g: <literal>cvs co -r v_3_0_branch current</literal>.
+     </para>
+    --> 
+    </sect2>
+
+    <sect2 id="cvscommit"><title>CVS Commit Guidelines</title>
+      <para>
+        The source tree is the heart of every software project. Every effort must
+        be made to ensure that it is readable, compilable and consistent at all
+        times. There are differing guidelines for the stable branch and the
+        main development trunk, and we ask anyone with CVS access to strictly
+        adhere to the following guidelines:
+      </para>
+      
+      <para>
+       Basic Guidelines, for all branches:
+      </para>
+      <para>
+        <itemizedlist>
+          <listitem><para>
+            Please don't commit even 
+            a small change without testing it thoroughly first. When we're
+            close to a public release, ask a fellow developer to review your 
+            changes.
+          </para></listitem>
+          <listitem><para>
+            Your commit message should give a concise overview of <emphasis>what you
+            changed</emphasis> (no big details) and <emphasis>why you changed it</emphasis>
+            Just check previous messages for good examples.
+          </para></listitem>
+          <listitem><para>
+            Don't use the same message on multiple files, unless it equally applies to
+            all those files.
+          </para></listitem>
+          <listitem><para>
+            If your changes span multiple files, and the code won't recompile unless
+            all changes are committed (e.g. when changing the signature of a function),
+            then commit all files one after another, without long delays in between.
+            If necessary, prepare the commit messages in advance.
+          </para></listitem>
+          <listitem><para>
+            Before changing things on CVS, make sure that your changes are in line
+            with the team's general consensus on what should be done.
+          </para></listitem>
+          <listitem>
+           <para>
+            Note that near a major public release, we get more cautious.
+            There is always the possibility to submit a patch to the <ulink
+            url="http://sourceforge.net/tracker/?atid=311118&group_id=11118&func=browse">patch
+            tracker</ulink> instead.
+          </para>
+         </listitem> 
+        </itemizedlist>
+      </para>
+      
+<!--
+      <para>
+       Stable branches are handled with more care, especially after the 
+       initial *.*.0 release, and we are just in bugfix mode. In addition to 
+       the above, the below applies only to the stable branch (currently the 
+       <literal>v_3_0_branch</literal> branch):
+      </para>
+      
+      <para>
+       <itemizedlist>
+        <listitem>
+         <para>
+           Do not commit <emphasis>anything</emphasis> unless your proposed
+           changes have been well tested first, preferably by other members of the
+           project, or have prior approval of the project leaders or consensus
+           of the devel list.
+         </para>
+        </listitem> 
+       <listitem>
+        <para>
+         Where possible, bugfixes and changes should be tested in the main 
+         development trunk first. There may be occasions where this is not 
+         feasible, though.
+        </para>
+       </listitem> 
+       <listitem>
+        <para>
+          Alternately, proposed changes can be submitted as patches to the patch tracker on 
+          Sourceforge first: <ulink
+          url="http://sourceforge.net/tracker/?group_id=11118&atid=311118">http://sourceforge.net/tracker/?group_id=11118&atid=311118</ulink>.
+          Then ask for peer review. 
+        </para>
+       </listitem> 
+        <listitem>
+         <para>
+          Do not even think about anything except bugfixes. No new features!
+         </para>
+        </listitem> 
+     
+       </itemizedlist>
+      </para> 
+    -->
+    </sect2>
+
+  </sect1>
+	
+  <!--   ~~~~~       New section      ~~~~~     -->
+<sect1 id="documentation"><title>Documentation Guidelines</title>
+  <para>
+    All formal documents are maintained in Docbook SGML and located in the
+    <computeroutput>doc/source/*</computeroutput> directory. You will need
+    <ulink url="http://www.docbook.org">Docbook</ulink>, the Docbook 
+    DTD's and the Docbook modular stylesheets (or comparable alternatives),
+    and either <application>jade</application> or
+    <application>openjade</application> (recommended) installed in order to
+    build docs from source. Currently there is <ulink
+    url="../user-manual/index.html"><citetitle>user-manual</citetitle></ulink>,
+    <ulink url="../faq/index.html"><citetitle>FAQ</citetitle></ulink>, and, of
+    course this, the <citetitle>developer-manual</citetitle> in this format.
+    The <citetitle>README</citetitle>, <citetitle>AUTHORS</citetitle>,
+    <citetitle>INSTALL</citetitle>,
+    <citetitle>privoxy.1</citetitle> (man page), and
+    <citetitle>config</citetitle> files are also now maintained as Docbook
+    SGML. These files, when built, in the top-level source directory are
+    generated files! Also, the <application>Privoxy</application> <filename>index.html</filename> (and a 
+    variation on this file, <filename>privoxy-index.html</filename>, 
+    meant for inclusion with doc packages), are maintained as SGML as well.
+    <emphasis>DO NOT edit these directly</emphasis>. Edit the SGML source, or
+    contact someone involved in the documentation.
+    </para> 
+    <para>
+     <filename>config</filename> requires some special handling. The reason it
+     is maintained this way is so that the extensive comments in the file
+     mirror those in <citetitle>user-manual</citetitle>. But the conversion 
+     process requires going from SGML to HTML to text to special formatting 
+     required for the embedded comments. Some of this does not survive so
+     well. Especially some of the examples that are longer than 80 characters.
+     The build process for this file outputs to <filename>config.new</filename>, 
+     which should be reviewed for errors and mis-formatting. Once satisfied
+     that it is correct, then it should be hand copied to
+     <filename>config</filename>.
+    </para>
+    <para>
+     Other, less formal documents (e.g. <filename>LICENSE</filename>) are
+     maintained as plain text files in the top-level source directory.
+    </para>
+    <para>
+     Packagers are encouraged to include this documentation. For those without
+     the ability to build the docs locally, text versions of each are kept in
+     CVS. HTML versions are also being kept in CVS under 
+     <filename>doc/webserver/*</filename>. And PDF version are kept in 
+     <filename>doc/pdf/*</filename>.
+    </para>
+    <para>
+     Formal documents are built with the Makefile targets of
+     <computeroutput>make dok</computeroutput>, or alternately
+     <computeroutput>make redhat-dok</computeroutput>. If you have problems,
+     try both. The build process uses the document SGML sources in
+     <computeroutput>doc/source/*/*</computeroutput> to update all text files in
+     <computeroutput>doc/text/</computeroutput> and to update all HTML
+     documents in <computeroutput>doc/webserver/</computeroutput>.
+    </para>
+    <para>
+     Documentation writers should please make sure documents build
+     successfully before committing to CVS, if possible.
+    </para>
+    <para>
+     How do you update the webserver (i.e. the pages on privoxy.org)?
+     
+     <orderedlist numeration="arabic">
+      <listitem><para>
+        First, build the docs by running <computeroutput>make
+        dok</computeroutput> (or alternately <computeroutput>make
+        redhat-dok</computeroutput>). For PDF docs, do <computeroutput>make
+        dok-pdf</computeroutput>.
+      </para></listitem>
+      <listitem><para>
+        Run <computeroutput>make webserver</computeroutput> which copies all
+        files from <computeroutput>doc/webserver</computeroutput> to the
+        sourceforge webserver via scp.
+      </para></listitem>
+     </orderedlist>
+  </para>
+
+  <para>
+   Finished docs should be occasionally submitted to CVS
+   (<filename>doc/webserver/*/*.html</filename>) so that those without 
+   the ability to build them locally, have access to them if needed.
+   This is especially important just prior to a new release! Please
+   do this <emphasis>after</emphasis> the <literal>$VERSION</literal> and
+   other release specific data in <filename>configure.in</filename> has been
+   updated (this is done just prior to a new release).
+  </para>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2 id="sgml">
+<title>Quickstart to Docbook and SGML</title>
+<para>
+ If you are not familiar with SGML, it is a markup language similar to HTML. 
+ Actually, not a mark up language per se, but a language used to define 
+ markup languages. In fact, HTML is an SGML application. Both will use
+ <quote>tags</quote> to format text and other content. SGML tags can be much
+ more varied, and flexible, but do much of the same kinds of things. The tags,
+ or <quote>elements</quote>, are definable in SGML. There is no set
+ <quote>standards</quote>. Since we are using
+ <application>Docbook</application>, our tags are those that are defined by 
+ <application>Docbook</application>. Much of how the finish document is
+ rendered is determined by the <quote>stylesheets</quote>.
+ The stylesheets determine how each tag gets translated to HTML, or other
+ formats.
+</para>
+
+<para>
+ Tags in Docbook SGML need to be always <quote>closed</quote>. If not, you
+ will likely generate errors. Example: <literal><title>My
+ Title</title></literal>. They are also case-insensitive, but we
+ strongly suggest using all lower case. This keeps compatibility with
+ [Docbook] <application>XML</application>.
+</para>
+
+<para>
+ Our documents use <quote>sections</quote> for the most part. Sections
+ will be processed into HTML headers (e.g. <literal>h1</literal> for 
+ <literal>sect1</literal>). The <application>Docbook</application> stylesheets
+ will use these to also generate the Table of Contents for each doc. Our 
+ TOC's are set to a depth of three. Meaning <literal>sect1</literal>, 
+ <literal>sect2</literal>, and <literal>sect3</literal> will have TOC 
+ entries, but <literal>sect4</literal> will not. Each section requires 
+ a <literal><title></literal> element, and at least one 
+ <literal><para></literal>. There is a limit of five section 
+ levels in Docbook, but generally three should be sufficient for our 
+ purposes.
+</para>
+
+<para>
+ Some common elements that you likely will use: 
+</para>
+
+<para>
+  <simplelist>
+    <member>
+      <emphasis><para></para></emphasis>, paragraph delimiter. Most 
+      text needs to be within paragraph elements (there are some exceptions).
+    </member>
+    <member>
+      <emphasis><emphasis></emphasis></emphasis>, the stylesheets
+      make this italics.
+    </member>
+    <member>
+      <emphasis><filename></filename></emphasis>, files and directories.
+    </member>
+    <member>
+      <emphasis><command></command></emphasis>, command examples.
+    </member>
+    <member>
+      <emphasis><literallayout></literallayout></emphasis>, like 
+      <literal><pre></literal>, more or less.
+    </member>
+    <member>
+      <emphasis><itemizedlist></itemizedlist></emphasis>, list with bullets.
+    </member>
+    <member>
+      <emphasis><listitem></listitem></emphasis>, member of the above.
+    </member>
+    <member>
+      <emphasis><screen></screen></emphasis>, screen output, implies 
+      <literal><literallayout></literal>.
+    </member>
+    <member>
+      <emphasis><ulink url="example.com"></ulink></emphasis>, like 
+      HTML <literal><a></literal> tag.
+    </member>
+    <member>
+      <emphasis><quote></quote></emphasis>, for, doh, quoting text. 
+    </member>
+  </simplelist>
+</para>
+
+<para>
+ Look at any of the existing docs for examples of all these and more.
+</para>
+
+<para>
+ You might also find <quote><ulink
+ url="http://opensource.bureau-cornavin.com/crash-course/index.html">Writing Documentation
+ Using DocBook - A Crash Course</ulink></quote> useful.
+</para>
+</sect2>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+  <sect2 id="docstyle">
+  <title><application>Privoxy</application> Documentation Style</title>
+   <para>
+    It will be easier if everyone follows a similar writing style. This 
+    just makes it easier to read what someone else has written if it 
+    is all done in a similar fashion.
+   </para>
+   <para>
+    Here it is:
+   </para>
+   <para>
+    <itemizedlist>
+     <listitem>
+      <para>
+       All tags should be lower case.
+      </para>
+    </listitem> 
+    <listitem>
+     <para>
+       Tags delimiting a <emphasis>block</emphasis> of text (even small
+       blocks) should be on their own line. Like:
+       <literallayout>
+ <para>
+  Some text goes here.
+ </para>
+       </literallayout>
+       Tags marking individual words, or few words, should be in-line:
+       <literallayout>
+  Just to <emphasis>emphasize</emphasis>, some text goes here.
+       </literallayout>
+     </para>
+   </listitem> 
+   <listitem>
+    <para>
+      Tags should be nested and step indented for block text like: (except
+      in-line tags) 
+     <literallayout>
+ <para>
+  <itemizedlist>
+   <para>
+    <listitem>
+      Some text goes here in our list example.
+     </listitem>
+   </para>
+  </itemizedlist>
+ </para>
+       </literallayout>
+      This makes it easier to find the text amongst the tags ;-)
+    </para>
+   </listitem> 
+   <listitem>
+    <para>
+     Use white space to separate logical divisions within a document, 
+     like between sections. Running everything together consistently 
+     makes it harder to read and work on.
+    </para>
+   </listitem> 
+   <listitem>
+    <para>
+     Do not hesitate to make comments. Comments can either use the 
+     <comment> element, or the <!--  --> style comment 
+     familiar from HTML. (Note in Docbook v4.x <comment> is 
+     replaced by <remark>.)
+    </para>
+  </listitem> 
+  <listitem>
+   <para>
+     We have an international audience. Refrain from slang, or English 
+     idiosyncrasies (too many to list :). Humor also does not translate 
+     well sometimes.
+   </para>
+  </listitem> 
+  <listitem>
+   <para>
+    Try to keep overall line lengths in source files to 80 characters or less
+    for obvious reasons. This is not always possible, with lengthy URLs for
+    instance.
+   </para>
+  </listitem> 
+  <listitem>
+   <para>
+    Our documents are available in differing formats. Right now, they 
+    are just plain text, HTML, and PDF, but others are always a 
+    future possibility. Be careful with URLs (<ulink>), and avoid 
+    this mistake:
+   </para>
+   <para>
+     My favorite site is <ulink url="http://example.com">here</ulink>.
+   </para>
+   <para>
+     This will render as <quote>My favorite site is here</quote>, which is 
+     not real helpful in a text doc. Better like this:
+   </para>
+   <para>
+     My favorite site is <ulink url="http://example.com">example.com</ulink>.
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    All documents should be spell checked occasionally.
+    <application>aspell</application> can check SGML with the
+    <literal>-H</literal> option. (<application>ispell</application> I think
+    too.)
+   </para>
+  </listitem> 
+
+  </itemizedlist>
+ </para> 
+  
+  </sect2>
+
+  
+ <!--   ~~~~~       New section      ~~~~~     -->
+
+ <sect2><title>Privoxy Custom Entities</title>
+ <para>
+  <application>Privoxy</application> documentation is using 
+  a number of customized <quote>entities</quote> to facilitate 
+  documentation maintenance. 
+ </para>
+ <para>
+  We are using a set of <quote>boilerplate</quote> files with generic text,
+  that is used by multiple docs. This way we can write something once, and use
+  it repeatedly without having to re-write the same content over and over again.
+  If editing such a file, keep in mind that it should be
+  <emphasis>generic</emphasis>. That is the purpose; so it can be used in varying 
+  contexts without additional modifications.
+ </para>
+ <para>
+  We are also using what <application>Docbook</application> calls 
+  <quote>internal entities</quote>. These are like variables in 
+  programming. Well, sort of. For instance, we have the
+  <literal>p-version</literal> entity that contains the current 
+  <application>Privoxy</application> version string. You are strongly 
+  encouraged to use these where possible. Some of these obviously 
+  require re-setting with each release (done by the Makefile). A sampling of
+  custom entities are listed below. See any of the main docs for examples.
+ </para>
+
+ <para>
+  <itemizedlist>
+  <listitem>
+   <para>
+    Re- <quote>boilerplate</quote> text entities are defined like:
+   </para>
+   <para>
+    <literal><!entity supported SYSTEM "supported.sgml"></literal>
+   </para>
+   <para>
+     In this example, the contents of the file,
+     <filename>supported.sgml</filename> is available for inclusion anywhere 
+     in the doc. To make this happen, just reference the now defined 
+     entity: <literal>&supported;</literal> (starts with an ampersand 
+     and ends with a semi-colon), and the contents will be dumped into 
+     the finished doc at that point.
+   </para>
+  </listitem> 
+  <listitem>
+   <para>
+    Commonly used <quote>internal entities</quote>:
+  </para>
+  <simplelist>
+   <member>
+    <emphasis>p-version</emphasis>: the <application>Privoxy</application> 
+    version string, e.g. <quote>&p-version;</quote>.
+   </member>
+   <member>
+    <emphasis>p-status</emphasis>: the project status, either 
+    <quote>alpha</quote>, <quote>beta</quote>, or <quote>stable</quote>.
+   </member>
+   <member>
+    <emphasis>p-not-stable</emphasis>: use to conditionally include 
+    text in <quote>not stable</quote> releases (e.g. <quote>beta</quote>).
+   </member>
+   <member>
+    <emphasis>p-stable</emphasis>: just the opposite.
+   </member>
+   <member>
+    <emphasis>p-text</emphasis>: this doc is only generated as text.
+   </member>
+  </simplelist>
+ </listitem> 
+ </itemizedlist>
+ </para> 
+ <para>
+  There are others in various places that are defined for a specific 
+  purpose. Read the source!
+ </para>
+ 
+ </sect2>
+  
+ </sect1>
+
+<!--     <listitem><para>be consistent with the redirect script (i.e. the <application>Privoxy</application> program -->
+<!--       points via the redirect URL at sf to valid end-points in the document)</para></listitem> -->
+
+  <!--   ~~~~~       New section      ~~~~~     -->
+  <sect1 id="coding"><title>Coding Guidelines</title>
+
+    <sect2 id="s1"><title>Introduction</title>
+
+    <para>This set of standards is designed to make our lives easier.  It is
+    developed with the simple goal of helping us keep the "new and improved
+    <application>Privoxy</application>" consistent and reliable. Thus making
+    maintenance easier and increasing chances of success of the
+    project.</para>
+
+    <para>And that of course comes back to us as individuals. If we can
+    increase our development and product efficiencies then we can solve more
+    of the request for changes/improvements and in general feel good about
+    ourselves. ;-></para>
+
+  </sect2>
+
+    <sect2 id="s2"><title>Using Comments</title>
+ 
+
+    <sect3 id="s3"><title>Comment, Comment, Comment</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>Comment as much as possible without commenting the obvious.
+    For example do not comment "variable_a is equal to variable_b".
+    Instead explain why variable_a should be equal to the variable_b.
+    Just because a person can read code does not mean they will
+    understand why or what is being done. A reader may spend a lot
+    more time figuring out what is going on when a simple comment
+    or explanation would have prevented the extra research. Please
+    help your brother IJB'ers out!</para>
+
+    <para>The comments will also help justify the intent of the code.
+    If the comment describes something different than what the code
+    is doing then maybe a programming error is occurring.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+/* if page size greater than 1k ... */
+if ( page_length() > 1024 )
+{
+    ... "block" the page up ...
+}
+
+/* if page size is small, send it in blocks */
+if ( page_length() > 1024 )
+{
+    ... "block" the page up ...
+}
+
+This demonstrates 2 cases of "what not to do".  The first is a
+"syntax comment".  The second is a comment that does not fit what
+is actually being done.
+</programlisting>
+  </sect3>
+
+    
+
+    <sect3 id="s4"><title>Use blocks for comments</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>Comments can help or they can clutter. They help when they
+    are differentiated from the code they describe. One line
+    comments do not offer effective separation between the comment
+    and the code. Block identifiers do, by surrounding the code
+    with a clear, definable pattern.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+/*********************************************************************
+ * This will stand out clearly in your code!
+ *********************************************************************/
+if ( this_variable == that_variable )
+{
+   do_something_very_important();
+}
+
+
+/* unfortunately, this may not */
+if ( this_variable == that_variable )
+{
+   do_something_very_important();
+}
+
+
+if ( this_variable == that_variable ) /* this may not either */
+{
+   do_something_very_important();
+}</programlisting>
+
+    <para><emphasis>Exception:</emphasis></para>
+
+    <para>If you are trying to add a small logic comment and do not
+    wish to "disrupt" the flow of the code, feel free to use a 1
+    line comment which is NOT on the same line as the code.</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s5"><title>Keep Comments on their own line</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>It goes back to the question of readability. If the comment
+    is on the same line as the code it will be harder to read than
+    the comment that is on its own line.</para>
+
+    <para>There are three exceptions to this rule, which should be
+    violated freely and often: during the definition of variables,
+    at the end of closing braces, when used to comment
+    parameters.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+/*********************************************************************
+ * This will stand out clearly in your code,
+ * But the second example won't.
+ *********************************************************************/
+if ( this_variable == this_variable )
+{
+   do_something_very_important();
+}
+
+if ( this_variable == this_variable ) /*can you see me?*/
+{
+   do_something_very_important(); /*not easily*/
+}
+
+
+/*********************************************************************
+ * But, the encouraged exceptions:
+ *********************************************************************/
+int urls_read     = 0;     /* # of urls read + rejected */
+int urls_rejected = 0;     /* # of urls rejected */
+
+if ( 1 == X )
+{
+   do_something_very_important();
+}
+
+
+short do_something_very_important(
+   short firstparam,   /* represents something */
+   short nextparam     /* represents something else */ )
+{
+   ...code here...
+
+}   /* -END- do_something_very_important */
+</programlisting>
+  </sect3>
+    
+
+    <sect3 id="s6"><title>Comment each logical step</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>Logical steps should be commented to help others follow the
+    intent of the written code and comments will make the code more
+    readable.</para>
+
+    <para>If you have 25 lines of code without a comment, you should
+    probably go back into it to see where you forgot to put
+    one.</para>
+
+    <para>Most "for", "while", "do", etc... loops _probably_ need a
+    comment. After all, these are usually major logic
+    containers.</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s7"><title>Comment All Functions Thoroughly</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>A reader of the code should be able to look at the comments
+    just prior to the beginning of a function and discern the
+    reason for its existence and the consequences of using it. The
+    reader should not have to read through the code to determine if
+    a given function is safe for a desired use. The proper
+    information thoroughly presented at the introduction of a
+    function not only saves time for subsequent maintenance or
+    debugging, it more importantly aids in code reuse by allowing a
+    user to determine the safety and applicability of any function
+    for the problem at hand. As a result of such benefits, all
+    functions should contain the information presented in the
+    addendum section of this document.</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s8"><title>Comment at the end of braces if the
+    content is more than one screen length</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>Each closing brace should be followed on the same line by a
+    comment that describes the origination of the brace if the
+    original brace is off of the screen, or otherwise far away from
+    the closing brace. This will simplify the debugging,
+    maintenance, and readability of the code.</para>
+
+    <para>As a suggestion , use the following flags to make the
+    comment and its brace more readable:</para>
+
+    <para>use following a closing brace: } /* -END- if() or while ()
+    or etc... */</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+if ( 1 == X )
+{
+   do_something_very_important();
+   ...some long list of commands...
+} /* -END- if x is 1 */
+
+or:
+
+if ( 1 == X )
+{
+   do_something_very_important();
+   ...some long list of commands...
+} /* -END- if ( 1 == X ) */
+</programlisting>
+  </sect3>
+    
+  </sect2>
+
+    <sect2 id="s9"><title>Naming Conventions</title>
+
+    
+
+    <sect3 id="s10"><title>Variable Names</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>Use all lowercase, and separate words via an underscore
+    ('_'). Do not start an identifier with an underscore. (ANSI C
+    reserves these for use by the compiler and system headers.) Do
+    not use identifiers which are reserved in ANSI C++. (E.g.
+    template, class, true, false, ...). This is in case we ever
+    decide to port Privoxy to C++.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+int ms_iis5_hack = 0;</programlisting>
+
+    <para><emphasis>Instead of:</emphasis></para>
+
+    <para>
+<programlisting>
+int msiis5hack = 0; int msIis5Hack = 0;
+</programlisting>
+</para>
+
+    
+
+  </sect3>    
+
+    <sect3 id="s11"><title>Function Names</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>Use all lowercase, and separate words via an underscore
+    ('_'). Do not start an identifier with an underscore. (ANSI C
+    reserves these for use by the compiler and system headers.) Do
+    not use identifiers which are reserved in ANSI C++. (E.g.
+    template, class, true, false, ...). This is in case we ever
+    decide to port Privoxy to C++.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+int load_some_file( struct client_state *csp )</programlisting>
+
+    <para><emphasis>Instead of:</emphasis></para>
+
+    <para>
+<programlisting>
+int loadsomefile( struct client_state *csp )
+int loadSomeFile( struct client_state *csp )
+</programlisting>
+</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s12"><title>Header file prototypes</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>Use a descriptive parameter name in the function prototype
+    in header files. Use the same parameter name in the header file
+    that you use in the c file.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+(.h) extern int load_aclfile( struct client_state *csp );
+(.c) int load_aclfile( struct client_state *csp )</programlisting>
+
+    <para><emphasis>Instead of:</emphasis>
+<programlisting>
+(.h) extern int load_aclfile( struct client_state * ); or 
+(.h) extern int load_aclfile(); 
+(.c) int load_aclfile( struct client_state *csp )
+</programlisting>
+</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s13"><title>Enumerations, and #defines</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>Use all capital letters, with underscores between words. Do
+    not start an identifier with an underscore. (ANSI C reserves
+    these for use by the compiler and system headers.)</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+(enumeration) : enum Boolean { FALSE, TRUE };
+(#define) : #define DEFAULT_SIZE 100;</programlisting>
+
+    <para><emphasis>Note:</emphasis> We have a standard naming scheme for #defines
+    that toggle a feature in the preprocessor: FEATURE_>, where
+    > is a short (preferably 1 or 2 word) description.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+#define FEATURE_FORCE 1
+
+#ifdef FEATURE_FORCE
+#define FORCE_PREFIX blah
+#endif /* def FEATURE_FORCE */
+</programlisting>
+  </sect3>
+    
+
+    <sect3 id="s14"><title>Constants</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>Spell common words out entirely (do not remove vowels).</para>
+
+    <para>Use only widely-known domain acronyms and abbreviations.
+    Capitalize all letters of an acronym.</para>
+
+    <para>Use underscore (_) to separate adjacent acronyms and
+    abbreviations. Never terminate a name with an underscore.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+#define USE_IMAGE_LIST 1</programlisting>
+
+    <para><emphasis>Instead of:</emphasis></para>
+
+    <para>
+<programlisting>
+#define USE_IMG_LST 1 or 
+#define _USE_IMAGE_LIST 1 or
+#define USE_IMAGE_LIST_ 1 or 
+#define use_image_list 1 or
+#define UseImageList 1
+</programlisting>
+</para>
+
+    
+  </sect3>
+
+  </sect2>
+    
+
+    <sect2 id="s15"><title>Using Space</title>
+
+    
+
+    <sect3 id="s16"><title>Put braces on a line by themselves.</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>The brace needs to be on a line all by itself, not at the
+    end of the statement. Curly braces should line up with the
+    construct that they're associated with. This practice makes it
+    easier to identify the opening and closing braces for a
+    block.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+if ( this == that )
+{
+   ...
+}</programlisting>
+
+    <para><emphasis>Instead of:</emphasis></para>
+
+    <para>if ( this == that ) { ... }</para>
+
+    <para>or</para>
+
+    <para>if ( this == that ) { ... }</para>
+
+    <para><emphasis>Note:</emphasis> In the special case that the if-statement is
+    inside a loop, and it is trivial, i.e. it tests for a
+    condition that is obvious from the purpose of the block,
+    one-liners as above may optically preserve the loop structure
+    and make it easier to read.</para>
+
+    <para><emphasis>Status:</emphasis> developer-discretion.</para>
+
+    <para><emphasis>Example exception:</emphasis></para>
+<programlisting>
+while ( more lines are read )
+{
+   /* Please document what is/is not a comment line here */
+   if ( it's a comment ) continue;
+
+   do_something( line );
+}
+</programlisting>
+  </sect3>
+    
+
+    <sect3 id="s17"><title>ALL control statements should have a
+    block</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>Using braces to make a block will make your code more
+    readable and less prone to error. All control statements should
+    have a block defined.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+if ( this == that )
+{
+   do_something();
+   do_something_else();
+}</programlisting>
+
+    <para><emphasis>Instead of:</emphasis></para>
+
+    <para>if ( this == that ) do_something(); do_something_else();</para>
+
+    <para>or</para>
+
+    <para>if ( this == that ) do_something();</para>
+
+    <para><emphasis>Note:</emphasis> The first example in "Instead of" will execute
+    in a manner other than that which the developer desired (per
+    indentation). Using code braces would have prevented this
+    "feature". The "explanation" and "exception" from the point
+    above also applies.</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s18"><title>Do not belabor/blow-up boolean
+    expressions</title>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+structure->flag = ( condition );</programlisting>
+
+    <para><emphasis>Instead of:</emphasis></para>
+
+    <para>if ( condition ) { structure->flag = 1; } else {
+    structure->flag = 0; }</para>
+
+    <para><emphasis>Note:</emphasis> The former is readable and concise. The later
+    is wordy and inefficient. Please assume that any developer new
+    to the project has at least a "good" knowledge of C/C++. (Hope
+    I do not offend by that last comment ... 8-)</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s19"><title>Use white space freely because it is
+    free</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>Make it readable. The notable exception to using white space
+    freely is listed in the next guideline.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+int first_value   = 0;
+int some_value    = 0;
+int another_value = 0;
+int this_variable = 0;
+
+if ( this_variable == this_variable )
+
+first_value = old_value + ( ( some_value - another_value ) - whatever )
+</programlisting>
+  </sect3>
+    
+
+    <sect3 id="s20"><title>Don't use white space around structure
+    operators</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>- structure pointer operator ( "->" ) - member operator (
+    "." ) - functions and parentheses</para>
+
+    <para>It is a general coding practice to put pointers, references,
+    and function parentheses next to names. With spaces, the
+    connection between the object and variable/function name is not
+    as clear.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+a_struct->a_member;
+a_struct.a_member;
+function_name();</programlisting>
+
+    <para><emphasis>Instead of:</emphasis> a_struct -> a_member; a_struct . a_member;
+    function_name ();</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s21"><title>Make the last brace of a function stand
+    out</title>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+int function1( ... )
+{
+   ...code...
+   return( ret_code );
+
+}   /* -END- function1 */
+
+
+int function2( ... )
+{
+}   /* -END- function2 */
+</programlisting>
+
+    <para><emphasis>Instead of:</emphasis></para>
+
+    <para>int function1( ... ) { ...code... return( ret_code ); } int
+    function2( ... ) { }</para>
+
+    <para><emphasis>Note:</emphasis> Use 1 blank line before the closing brace and 2
+    lines afterward. This makes the end of function standout to
+    the most casual viewer. Although function comments help
+    separate functions, this is still a good coding practice. In
+    fact, I follow these rules when using blocks in "for", "while",
+    "do" loops, and long if {} statements too. After all whitespace
+    is free!</para>
+
+    <para><emphasis>Status:</emphasis> developer-discretion on the number of blank
+    lines. Enforced is the end of function comments.</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s22"><title>Use 3 character indentions</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>If some use 8 character TABs and some use 3 character TABs,
+    the code can look *very* ragged. So use 3 character indentions
+    only. If you like to use TABs, pass your code through a filter
+    such as "expand -t3" before checking in your code.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+static const char * const url_code_map[256] =
+{
+   NULL, ...
+};
+
+
+int function1( ... )
+{
+   if ( 1 )
+   {
+      return( ALWAYS_TRUE );
+   }
+   else
+   {
+      return( HOW_DID_YOU_GET_HERE );
+   }
+
+   return( NEVER_GETS_HERE );
+
+}
+</programlisting>
+  </sect3>
+
+  </sect2>
+    
+
+    <sect2 id="s23"><title>Initializing</title>
+
+    
+
+    <sect3 id="s24"><title>Initialize all variables</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>Do not assume that the variables declared will not be used
+    until after they have been assigned a value somewhere else in
+    the code. Remove the chance of accidentally using an unassigned
+    variable.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+short a_short = 0;
+float a_float  = 0;
+struct *ptr = NULL;</programlisting>
+
+    <para><emphasis>Note:</emphasis> It is much easier to debug a SIGSEGV if the
+    message says you are trying to access memory address 00000000
+    and not 129FA012; or array_ptr[20] causes a SIGSEV vs.
+    array_ptr[0].</para>
+
+    <para><emphasis>Status:</emphasis> developer-discretion if and only if the
+    variable is assigned a value "shortly after" declaration.</para>
+
+  </sect3>
+  </sect2>
+    
+
+    <sect2 id="s25"><title>Functions</title>
+
+    
+
+    <sect3 id="s26"><title>Name functions that return a boolean as a
+    question.</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>Value should be phrased as a question that would logically
+    be answered as a true or false statement</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+should_we_block_this();
+contains_an_image();
+is_web_page_blank();
+</programlisting>
+  </sect3>
+    
+
+    <sect3 id="s27"><title>Always specify a return type for a
+    function.</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>The default return for a function is an int. To avoid
+    ambiguity, create a return for a function when the return has a
+    purpose, and create a void return type if the function does not
+    need to return anything.</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s28"><title>Minimize function calls when iterating by
+    using variables</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>It is easy to write the following code, and a clear argument
+    can be made that the code is easy to understand:</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+for ( size_t cnt = 0; cnt < block_list_length(); cnt++ )
+{
+   ....
+}</programlisting>
+
+    <para><emphasis>Note:</emphasis> Unfortunately, this makes a function call for
+    each and every iteration. This increases the overhead in the
+    program, because the compiler has to look up the function each
+    time, call it, and return a value. Depending on what occurs in
+    the block_list_length() call, it might even be creating and
+    destroying structures with each iteration, even though in each
+    case it is comparing "cnt" to the same value, over and over.
+    Remember too - even a call to block_list_length() is a function
+    call, with the same overhead.</para>
+
+    <para>Instead of using a function call during the iterations,
+    assign the value to a variable, and evaluate using the
+    variable.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+size_t len = block_list_length();
+
+for ( size_t cnt = 0; cnt < len; cnt++ )
+{
+   ....
+}</programlisting>
+
+    <para><emphasis>Exceptions:</emphasis> if the value of block_list_length()
+    *may* change or could *potentially* change, then you must code the
+    function call in the for/while loop.</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s29"><title>Pass and Return by Const Reference</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>This allows a developer to define a const pointer and call
+    your function. If your function does not have the const
+    keyword, we may not be able to use your function. Consider
+    strcmp, if it were defined as: extern int strcmp( char *s1,
+    char *s2 );</para>
+
+    <para>I could then not use it to compare argv's in main: int main(
+    int argc, const char *argv[] ) { strcmp( argv[0], "privoxy"
+    ); }</para>
+
+    <para>Both these pointers are *const*! If the c runtime library
+    maintainers do it, we should too.</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s30"><title>Pass and Return by Value</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>Most structures cannot fit onto a normal stack entry (i.e.
+    they are not 4 bytes or less). Aka, a function declaration
+    like: int load_aclfile( struct client_state csp )</para>
+
+    <para>would not work. So, to be consistent, we should declare all
+    prototypes with "pass by value": int load_aclfile( struct
+    client_state *csp )</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s31"><title>Names of include files</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>Your include statements should contain the file name without
+    a path. The path should be listed in the Makefile, using -I as
+    processor directive to search the indicated paths. An exception
+    to this would be for some proprietary software that utilizes a
+    partial path to distinguish their header files from system or
+    other header files.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+#include <iostream.h>     /* This is not a local include */
+#include "config.h"       /* This IS a local include */
+</programlisting>
+
+    <para><emphasis>Exception:</emphasis></para>
+
+    <para>
+<programlisting>
+/* This is not a local include, but requires a path element. */ 
+#include <sys/fileName.h>
+</programlisting>
+</para>
+
+    <para><emphasis>Note:</emphasis> Please! do not add "-I." to the Makefile
+    without a _very_ good reason. This duplicates the #include
+    "file.h" behavior.</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s32"><title>Provide multiple inclusion
+    protection</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>Prevents compiler and linker errors resulting from
+    redefinition of items.</para>
+
+    <para>Wrap each header file with the following syntax to prevent
+    multiple inclusions of the file. Of course, replace PROJECT_H
+    with your file name, with "." Changed to "_", and make it
+    uppercase.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+#ifndef PROJECT_H_INCLUDED
+#define PROJECT_H_INCLUDED
+ ...
+#endif /* ndef PROJECT_H_INCLUDED */
+</programlisting>
+  </sect3>
+    
+
+    <sect3 id="s33"><title>Use `extern "C"` when appropriate</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>If our headers are included from C++, they must declare our
+    functions as `extern "C"`. This has no cost in C, but increases
+    the potential re-usability of our code.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+#ifdef __cplusplus
+extern "C"
+{
+#endif /* def __cplusplus */
+
+... function definitions here ...
+
+#ifdef __cplusplus
+}
+#endif /* def __cplusplus */
+</programlisting>
+  </sect3>
+    
+
+    <sect3 id="s34"><title>Where Possible, Use Forward Struct
+    Declaration Instead of Includes</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>Useful in headers that include pointers to other struct's.
+    Modifications to excess header files may cause needless
+    compiles.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+/*********************************************************************
+ * We're avoiding an include statement here!
+ *********************************************************************/
+struct file_list;
+extern file_list *xyz;</programlisting>
+
+    <para><emphasis>Note:</emphasis> If you declare "file_list xyz;" (without the
+    pointer), then including the proper header file is necessary.
+    If you only want to prototype a pointer, however, the header
+    file is unnecessary.</para>
+
+    <para><emphasis>Status:</emphasis> Use with discretion.</para>
+
+    
+  </sect3>
+  </sect2>
+
+    <sect2 id="s35"><title>General Coding Practices</title>
+
+    
+
+    <sect3 id="s36"><title>Turn on warnings</title>
+
+    <para><emphasis>Explanation</emphasis></para>
+
+    <para>Compiler warnings are meant to help you find bugs. You
+    should turn on as many as possible. With GCC, the switch is
+    "-Wall". Try and fix as many warnings as possible.</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s37"><title>Provide a default case for all switch
+    statements</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>What you think is guaranteed is never really guaranteed. The
+    value that you don't think you need to check is the one that
+    someday will be passed. So, to protect yourself from the
+    unknown, always have a default step in a switch statement.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+switch( hash_string( cmd ) )
+{
+   case hash_actions_file :
+      ... code ...
+      break;
+
+   case hash_confdir :
+      ... code ...
+      break;
+
+   default :
+      log_error( ... );
+      ... anomaly code goes here ...
+      continue; / break; / exit( 1 ); / etc ...
+
+} /* end switch( hash_string( cmd ) ) */</programlisting>
+
+    <para><emphasis>Note:</emphasis> If you already have a default condition, you
+    are obviously exempt from this point. Of note, most of the
+    WIN32 code calls `DefWindowProc' after the switch statement.
+    This API call *should* be included in a default statement.</para>
+
+    <para><emphasis>Another Note:</emphasis> This is not so much a readability issue
+    as a robust programming issue. The "anomaly code goes here" may
+    be no more than a print to the STDERR stream (as in
+    load_config). Or it may really be an abort condition.</para>
+
+    <para><emphasis>Status:</emphasis> Programmer discretion is advised.</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s38"><title>Try to avoid falling through cases in a
+    switch statement.</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>In general, you will want to have a 'break' statement within
+    each 'case' of a switch statement. This allows for the code to
+    be more readable and understandable, and furthermore can
+    prevent unwanted surprises if someone else later gets creative
+    and moves the code around.</para>
+
+    <para>The language allows you to plan the fall through from one
+    case statement to another simply by omitting the break
+    statement within the case statement. This feature does have
+    benefits, but should only be used in rare cases. In general,
+    use a break statement for each case statement.</para>
+
+    <para>If you choose to allow fall through, you should comment both
+    the fact of the fall through and reason why you felt it was
+    necessary.</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s39"><title>Use 'long' or 'short' Instead of
+    'int'</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>On 32-bit platforms, int usually has the range of long. On
+    16-bit platforms, int has the range of short.</para>
+
+    <para><emphasis>Status:</emphasis> open-to-debate. In the case of most FSF
+    projects (including X/GNU-Emacs), there are typedefs to int4,
+    int8, int16, (or equivalence ... I forget the exact typedefs
+    now). Should we add these to IJB now that we have a "configure"
+    script?</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s40"><title>Don't mix size_t and other types</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>The type of size_t varies across platforms. Do not make
+    assumptions about whether it is signed or unsigned, or about
+    how long it is. Do not compare a size_t against another
+    variable of a different type (or even against a constant)
+    without casting one of the values.</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s41"><title>Declare each variable and struct on its
+    own line.</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>It can be tempting to declare a series of variables all on
+    one line. Don't.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+long a = 0;
+long b = 0;
+long c = 0;</programlisting>
+
+    <para><emphasis>Instead of:</emphasis></para>
+
+    <para>long a, b, c;</para>
+
+    <para><emphasis>Explanation:</emphasis> - there is more room for comments on the
+    individual variables - easier to add new variables without
+    messing up the original ones - when searching on a variable to
+    find its type, there is less clutter to "visually"
+    eliminate</para>
+
+    <para><emphasis>Exceptions:</emphasis> when you want to declare a bunch of loop
+    variables or other trivial variables; feel free to declare them
+    on one line. You should, although, provide a good comment on
+    their functions.</para>
+
+    <para><emphasis>Status:</emphasis> developer-discretion.</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s42"><title>Use malloc/zalloc sparingly</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>Create a local struct (on the stack) if the variable will
+    live and die within the context of one function call.</para>
+
+    <para>Only "malloc" a struct (on the heap) if the variable's life
+    will extend beyond the context of one function call.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+If a function creates a struct and stores a pointer to it in a
+list, then it should definitely be allocated via `malloc'.
+</programlisting>
+  </sect3>
+    
+
+    <sect3 id="s43"><title>The Programmer Who Uses 'malloc' is
+    Responsible for Ensuring 'free'</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>If you have to "malloc" an instance, you are responsible for
+    insuring that the instance is `free'd, even if the deallocation
+    event falls within some other programmer's code. You are also
+    responsible for ensuring that deletion is timely (i.e. not too
+    soon, not too late). This is known as "low-coupling" and is a
+    "good thing (tm)". You may need to offer a
+    free/unload/destructor type function to accommodate this.</para>
+
+    <para><emphasis>Example:</emphasis></para>
+<programlisting>
+int load_re_filterfile( struct client_state *csp ) { ... }
+static void unload_re_filterfile( void *f ) { ... }</programlisting>
+
+    <para><emphasis>Exceptions:</emphasis></para>
+
+    <para>The developer cannot be expected to provide `free'ing
+    functions for C run-time library functions ... such as
+    `strdup'.</para>
+
+    <para><emphasis>Status:</emphasis> developer-discretion. The "main" use of this
+    standard is for allocating and freeing data structures (complex
+    or nested).</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s44"><title>Add loaders to the `file_list' structure
+    and in order</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>I have ordered all of the "blocker" file code to be in alpha
+    order. It is easier to add/read new blockers when you expect a
+    certain order.</para>
+
+    <para><emphasis>Note:</emphasis> It may appear that the alpha order is broken in
+    places by POPUP tests coming before PCRS tests. But since
+    POPUPs can also be referred to as KILLPOPUPs, it is clear that
+    it should come first.</para>
+
+    
+  </sect3>
+    
+
+    <sect3 id="s45"><title>"Uncertain" new code and/or changes to
+    existing code, use FIXME or XXX</title>
+
+    <para><emphasis>Explanation:</emphasis></para>
+
+    <para>If you have enough confidence in new code or confidence in
+    your changes, but are not *quite* sure of the repercussions,
+    add this:</para>
+
+    <para>/* FIXME: this code has a logic error on platform XYZ, *
+    attempting to fix */ #ifdef PLATFORM ...changed code here...
+    #endif</para>
+
+    <para>or:</para>
+
+    <para>/* FIXME: I think the original author really meant this...
+    */ ...changed code here...</para>
+
+    <para>or:</para>
+
+    <para>/* FIXME: new code that *may* break something else... */
+    ...new code here...</para>
+
+    <para><emphasis>Note:</emphasis> If you make it clear that this may or may not
+    be a "good thing (tm)", it will be easier to identify and
+    include in the project (or conversely exclude from the
+    project).</para>
+
+    
+  </sect3>
+
+  </sect2>
+
+    <sect2 id="s46"><title>Addendum: Template for files and function
+    comment blocks:</title>
+
+    <para><emphasis>Example for file comments:</emphasis></para>
+<programlisting>
+const char FILENAME_rcs[] = "$I<!-- Break CVS Substitution -->d$";
+/*********************************************************************
+ *
+ * File        :  $S<!-- Break CVS Substitution -->ource$
+ *
+ * Purpose     :  (Fill me in with a good description!)
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2009
+ *                the Privoxy team. http://www.privoxy.org/
+ *
+ *                This program is free software; you can redistribute it
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
+ *                or write to the Free Software Foundation, Inc., 
+ *                51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 ,
+ *                USA
+ *
+ * Revisions   :
+ *    $L<!-- Break CVS Substitution -->og$
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+   ...necessary include files for us to do our work...
+
+const char FILENAME_h_rcs[] = FILENAME_H_VERSION;
+</programlisting>
+
+    <para><emphasis>Note:</emphasis> This declares the rcs variables that should be
+    added to the "show-proxy-args" page. If this is a brand new
+    creation by you, you are free to change the "Copyright" section
+    to represent the rights you wish to maintain.</para>
+
+    <para><emphasis>Note:</emphasis> The formfeed character that is present right
+    after the comment flower box is handy for (X|GNU)Emacs users to
+    skip the verbiage and get to the heart of the code (via
+    `forward-page' and `backward-page'). Please include it if you
+    can.</para>
+
+    <para><emphasis>Example for file header comments:</emphasis></para>
+<programlisting>
+#ifndef _FILENAME_H
+#define _FILENAME_H
+#define FILENAME_H_VERSION "$I<!-- Break CVS Substitution -->d$"
+/*********************************************************************
+ *
+ * File        :  $S<!-- Break CVS Substitution -->ource$
+ *
+ * Purpose     :  (Fill me in with a good description!)
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2009
+ *                the Privoxy team. http://www.privoxy.org/
+ *
+ *                This program is free software; you can redistribute it
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
+ *                or write to the Free Software Foundation, Inc., 
+ *                51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 ,
+ *                USA
+ *
+ * Revisions   :
+ *    $L<!-- Break CVS Substitution -->og$
+ *
+ *********************************************************************/
+
+
+#include "project.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+   ... function headers here ...
+
+
+/* Revision control strings from this header and associated .c file */
+extern const char FILENAME_rcs[];
+extern const char FILENAME_h_rcs[];
+
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef _FILENAME_H */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
+</programlisting>
+
+    <para><emphasis>Example for function comments:</emphasis></para>
+<programlisting>
+/*********************************************************************
+ *
+ * Function    :  FUNCTION_NAME
+ *
+ * Description :  (Fill me in with a good description!)
+ *
+ * parameters  :
+ *          1  :  param1 = pointer to an important thing
+ *          2  :  x      = pointer to something else
+ *
+ * Returns     :  0 => Ok, everything else is an error.
+ *
+ *********************************************************************/
+int FUNCTION_NAME( void *param1, const char *x )
+{
+   ...
+   return( 0 );
+
+}
+</programlisting>
+
+    <para><emphasis>Note:</emphasis> If we all follow this practice, we should be
+    able to parse our code to create a "self-documenting" web
+    page.</para>
+
+  </sect2>
+
+  </sect1>
+
+  <!--   ~~~~~       New section      ~~~~~     -->
+  <sect1 id="testing"><title>Testing Guidelines</title>
+    <para>To be filled.
+</para>
+
+    <!--   ~~~~~       New section      ~~~~~     -->
+    <sect2 id="testing-plan"><title>Testplan for releases</title>
+      <para>
+       Explain release numbers. major, minor. developer releases. etc.
+
+<orderedlist numeration="arabic">
+          <listitem><para>
+Remove any existing rpm with rpm -e
+</para></listitem>
+          <listitem><para>
+Remove any file that was left over. This includes (but is not limited to)
+      <itemizedlist>
+                <listitem><para>/var/log/privoxy</para></listitem>
+                <listitem><para>/etc/privoxy</para></listitem>
+                <listitem><para>/usr/sbin/privoxy</para></listitem>
+                <listitem><para>/etc/init.d/privoxy</para></listitem>
+                <listitem><para>/usr/doc/privoxy*</para></listitem>
+              </itemizedlist>
+</para></listitem>
+          <listitem><para>
+Install the rpm. Any error messages?
+</para></listitem>
+          <listitem><para>start,stop,status <application>Privoxy</application> with the specific script
+      (e.g. /etc/rc.d/init/privoxy stop). Reboot your machine. Does
+      autostart work?</para></listitem>
+          <listitem><para>Start browsing. Does <application>Privoxy</application> work? Logfile written?</para></listitem>
+          <listitem><para>Remove the rpm. Any error messages? All files removed?</para></listitem>
+        </orderedlist>
+</para>
+    </sect2>
+
+    <!--   ~~~~~       New section      ~~~~~     -->
+    <sect2 id="testing-report"><title>Test reports</title>
+      <para>
+Please submit test reports only with the <ulink url="http://sourceforge.net/tracker/?func=add&group_id=11118&atid=395005">test form</ulink>
+at sourceforge. Three simple steps:
+        <itemizedlist>
+          
+          <listitem><para>Select category: the distribution you test on.</para></listitem>
+          <listitem><para>Select group: the version of <application>Privoxy</application> that we are about to release.</para></listitem>
+          <listitem><para>Fill the Summary and Detailed Description with something
+              intelligent (keep it short and precise).</para>
+          </listitem>
+        </itemizedlist>
+        Do not mail to the mailing list (we cannot keep track on issues there).
+      </para>
+    </sect2>
+    
+  </sect1>
+
+  <!--   ~~~~~       New section      ~~~~~     -->
+  <sect1 id="newrelease"><title>Releasing a New Version</title>
+    <para>
+        When we release versions of <application>Privoxy</application>,
+        our work leaves our cozy secret lab and has to work in the cold
+        RealWorld[tm]. Once it is released, there is no way to call it
+        back, so it is very important that great care is taken to ensure
+        that everything runs fine, and not to introduce problems in the
+        very last minute.
+    </para>
+    <para>
+        So when releasing a new version, please adhere exactly to the
+        procedure outlined in this chapter.
+    </para>
+
+    <para>
+	The following programs are required to follow this process:
+	<filename>ncftpput</filename> (ncftp), <filename>scp, ssh</filename> (ssh),
+        <filename>gmake</filename> (GNU's version of make), autoconf, cvs.
+    </para>
+
+    <sect2 id="versionnumbers">
+    <title>Version numbers</title>
+
+    <para>
+      First you need to determine which version number the release will have. 
+      <application>Privoxy</application> version numbers consist of three numbers,
+      separated by dots, like in X.Y.Z (e.g. 3.0.0), where:
+        <itemizedlist>
+          <listitem>
+            <para>
+              X, the version major, is rarely ever changed. It is increased by one if
+              turning a development branch into stable substantially changes the functionality,
+              user interface or configuration syntax. Majors 1 and 2 were 
+              <application>Junkbuster</application>, and 3 will be the first stable
+              <application>Privoxy</application> release.
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              Y, the version minor, represents the branch within the major version.
+              At any point in time, there are two branches being maintained:
+              The stable branch, with an even minor, say, 2N, in which no functionality is
+              being added and only bug-fixes are made, and 2N+1, the development branch, in
+              which the further development of <application>Privoxy</application> takes
+              place.
+              This enables us to turn the code upside down and inside out, while at the same time
+              providing and maintaining a stable version.
+              The minor is reset to zero (and one) when the major is incremented. When a development
+              branch has matured to the point where it can be turned into stable, the old stable branch
+              2N is given up (i.e. no longer maintained), the former development branch 2N+1 becomes the
+              new stable branch 2N+2, and a new development branch 2N+3 is opened.
+            </para>
+          </listitem>
+          <listitem>
+            <para>
+              Z, the point or sub version, represents a release of the software within a branch.
+              It is therefore incremented immediately before each code freeze. 
+              In development branches, only the even point versions correspond to actual releases,
+              while the odd ones denote the evolving state of the sources on CVS in between.
+              It follows that Z is odd on CVS in development branches most of the time. There, it gets
+              increased to an even number immediately before a code freeze, and is increased to an odd
+              number again immediately thereafter.
+              This ensures that builds from CVS snapshots are easily distinguished from released versions.
+              The point version is reset to zero when the minor changes.
+            </para>
+            <para>
+              Stable branches work a little differently, since there should be
+              little to no development happening in such branches. Remember,
+              only bugfixes, which presumably should have had some testing
+              before being committed. Stable branches will then have their 
+              version reported as <literal>0.0.0</literal>, during that period 
+              between releases when changes are being added. This is to denote 
+              that this code is <emphasis>not for release</emphasis>. Then 
+              as the release nears, the version is bumped according: e.g. 
+              <literal>3.0.1 -> 0.0.0 -> 3.0.2</literal>.
+            </para>
+          </listitem>
+        </itemizedlist>
+    </para>
+    <para>
+     In summary, the main CVS trunk is the development branch where new
+     features are being worked on for the next stable series. This should
+     almost always be where the most activity takes place. There is always at
+     least one stable branch from the trunk, e.g now it is
+     <literal>3.0</literal>, which is only used to release stable versions.
+     Once the initial *.0 release of the stable branch has been done, then as a
+     rule, only bugfixes that have had prior testing should be committed to
+     the stable branch. Once there are enough bugfixes to justify a new
+     release, the version of this branch is again incremented Example: 3.0.0
+     -> 3.0.1 -> 3.0.2, etc are all stable releases from within the stable
+     branch. 3.1.x is currently the main trunk, and where work on 3.2.x is
+     taking place. If any questions, please post to the devel list
+     <emphasis>before</emphasis> committing to a stable branch!
+    </para>
+    <para>
+     Developers should remember too that if they commit a bugfix to the stable 
+     branch, this will more than likely require a separate submission to the 
+     main trunk, since these are separate development trees within CVS. If you 
+     are working on both, then this would require at least two separate check
+     outs (i.e main trunk, <emphasis>and</emphasis> the stable release branch,
+     which is <literal>v_3_0_branch</literal> at the moment).
+    </para>
+
+    </sect2>
+     
+    <sect2 id="beforerelease">
+    <title>Before the Release: Freeze</title>
+     <para>
+       The following <emphasis>must be done by one of the
+       developers</emphasis> prior to each new release.
+     </para>
+     <para>
+      <itemizedlist>
+       <listitem>
+        <para>
+         Make sure that everybody who has worked on the code in the last
+         couple of days has had a chance to yell <quote>no!</quote> in case
+         they have pending changes/fixes in their pipelines. Announce the
+         freeze so that nobody will interfere with last minute changes.
+        </para>
+      </listitem> 
+      <listitem>
+       <para>
+         Increment the version number (point from odd to even in development
+         branches!) in <filename>configure.in</filename>. (RPM spec files 
+         will need to be incremented as well.)
+       </para>
+      </listitem> 
+      <listitem>
+       <para>
+        If <filename>default.action</filename> has changed since last
+        release (i.e. software release or standalone actions file release),
+        bump up its version info to A.B in this line:
+       </para>
+       <para> 
+        <programlisting>
+  {+add-header{X-Actions-File-Version: A.B} -filter -no-popups}
+</programlisting>
+       </para>
+       <para> 
+        Then change the version info in doc/webserver/actions/index.php,
+        line: '$required_actions_file_version = "A.B";'
+       </para>
+      </listitem>
+      <listitem>
+       <para>
+        All documentation should be rebuild after the version bump.
+        Finished docs should be then be committed to CVS (for those 
+        without the ability to build these). Some docs may require 
+        rather obscure processing tools. <filename>config</filename>,
+        the man page (and the html version of the man page), and the PDF docs
+        fall in this category. REAMDE, the man page, AUTHORS, and config
+        should all also be committed to CVS for other packagers. The 
+        formal docs should be uploaded to the webserver. See the
+        Section "Updating the webserver" in this manual for details.
+       </para>
+      </listitem> 
+      <listitem>
+       <para>
+         The <citetitle>User Manual</citetitle> is also used for context 
+         sensitive help for the CGI editor. This is version sensitive, so that
+         the user will get appropriate help for his/her release. So with 
+         each release a fresh version should be uploaded to the webserver
+         (this is in addition to the main <citetitle>User Manual</citetitle>
+         link from the main page since we need to keep manuals for various 
+         versions available). The CGI pages will link to something like 
+         <literal>http://privoxy.org/$(VERSION)/user-manual/</literal>. This
+         will need to be updated for each new release. There is no Makefile
+         target for this at this time!!! It needs to be done manually.
+       </para>
+      </listitem> 
+      <listitem>
+       <para>
+        All developers should look at the <filename>ChangeLog</filename> and
+        make sure noteworthy changes are referenced.
+       </para>
+     </listitem> 
+      <listitem>
+       <para>
+        <emphasis>Commit all files that were changed in the above steps!</emphasis>
+       </para>
+      </listitem>
+      <listitem>
+       <para>
+        Tag all files in CVS with the version number with
+        <quote><command>cvs tag v_X_Y_Z</command></quote>.
+        Don't use vX_Y_Z, ver_X_Y_Z, v_X.Y.Z (won't work) etc.
+       </para>
+      </listitem> 
+     <listitem>
+       <para>
+        If the release was in a development branch, increase the point version
+        from even to odd (X.Y.(Z+1)) again in <filename>configure.in</filename> and
+        commit your change.
+       </para>
+      </listitem> 
+     <listitem>
+       <para>
+        On the webserver, copy the user manual to a new top-level directory
+        called <filename>X.Y.Z</filename>. This ensures that help links from the CGI
+        pages, which have the version as a prefix, will go into the right version of the manual.
+        If this is a development branch release, also symlink <filename>X.Y.(Z-1)</filename>
+        to <filename>X.Y.Z</filename> and <filename>X.Y.(Z+1)</filename> to
+        <filename>.</filename> (i.e. dot). 
+       </para>
+      </listitem> 
+      </itemizedlist>
+     </para> 
+    </sect2>
+    
+    <sect2 id="therelease">
+    <title>Building and Releasing the Packages</title>
+     <para>
+      Now the individual packages can be built and released. Note that for
+      GPL reasons the first package to be released is always the source tarball.
+     </para>
+ 
+     <para>
+      For <emphasis>all</emphasis> types of packages, including the source tarball,
+      <emphasis>you must make sure that you build from clean sources by exporting
+      the right version from CVS into an empty directory</emphasis> (just press return when
+      asked for a password):
+     </para>
+      
+     <para>
+      <programlisting>
+  mkdir dist # delete or choose different name if it already exists
+  cd dist
+  cvs -d:pserver:anonymous at ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa login
+  cvs -z3 -d:pserver:anonymous at ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa export -r v_X_Y_Z current
+</programlisting>
+    </para>
+  
+    <para>
+     <emphasis>Do NOT change</emphasis> a single bit, including, but not limited to
+     version information after export from CVS. This is to make sure that
+     all release packages, and with them, all future bug reports, are based
+     on exactly the same code.
+    </para>
+  
+    <warning>
+     <para>
+      Every significant release of Privoxy has included at least one 
+      package that either had incorrect versions of files, missing files, 
+      or incidental leftovers from a previous build process that gave 
+      unknown numbers of users headaches to try to figure out what was 
+      wrong. PLEASE, make sure you are using pristene sources, and are
+      following the prescribed process!
+     </para>
+    </warning>
+
+    <para>
+     Please find additional instructions for the source tarball and the
+     individual platform dependent binary packages below. And details 
+     on the Sourceforge release process below that.
+    </para>
+
+    <sect3 id="pack-guidelines">
+    <title>Note on Privoxy Packaging</title>
+     <para>
+      Please keep these general guidelines in mind when putting together 
+      your package. These apply to <emphasis>all</emphasis> platforms!
+     </para>
+     <para>
+      <itemizedlist>
+       <listitem>
+        <para>
+          <application>Privoxy</application> <emphasis>requires</emphasis>
+          write access to: all <filename>*.action</filename> files, all 
+          logfiles, and the <filename>trust</filename> file. You will 
+          need to determine the best way to do this for your platform.
+        </para>
+       </listitem> 
+       <listitem>
+        <para>
+          Please include up to date documentation. At a bare minimum:
+        </para>
+        <simplelist>
+         <member>
+          <filename>LICENSE</filename> (top-level directory)
+         </member>
+        </simplelist>
+        <simplelist>
+         <member>
+          <filename>README</filename> (top-level directory)
+         </member>
+        </simplelist>
+        <simplelist>
+         <member>
+          <filename>AUTHORS</filename> (top-level directory)
+         </member>
+        </simplelist>
+        <simplelist>
+         <member>
+          <filename>man page</filename> (top-level directory, Unix-like
+          platforms only)
+         </member>
+        </simplelist>
+        <simplelist>
+         <member>
+          <filename>The User Manual</filename> (doc/webserver/user-manual/)
+         </member>
+        </simplelist>
+        <simplelist>
+         <member>
+          <filename>FAQ</filename> (doc/webserver/faq/)
+         </member>
+        </simplelist>
+        <para>
+          Also suggested: <filename>Developer Manual</filename>
+          (doc/webserver/developer-manual) and <filename>ChangeLog</filename>
+          (top-level directory). <filename>FAQ</filename> and the manuals are
+          HTML docs. There are also text versions in
+          <filename>doc/text/</filename> which could conceivably also be
+          included.
+        </para>
+        <para>
+         The documentation has been designed such that the manuals are linked
+         to each other from parallel directories, and should be packaged 
+         that way. <filename>privoxy-index.html</filename> can also be
+         included and can serve as a focal point for docs and other links of
+         interest (and possibly renamed to <filename>index.html</filename>).
+         This should be one level up from the manuals. There is a link also 
+         on this page to an HTMLized version of the man page. To avoid 404 for
+         this, it is in CVS as
+         <filename>doc/webserver/man-page/privoxy-man-page.html</filename>,
+         and should be included along with the manuals. There is also a
+         css stylesheets that can be included for better presentation:
+         <filename>p_doc.css</filename>. This should be in the same directory
+         with <filename>privoxy-index.html</filename>, (i.e. one level up from
+         the manual directories).
+        </para>
+      </listitem> 
+      <listitem>
+       <para>
+        <filename>user.action</filename> and <filename>user.filter</filename>
+        are designed for local preferences. Make sure these do not get overwritten!
+        <filename>config</filename> should not be overwritten either. This 
+        has especially important configuration data in it.
+        <filename>trust</filename> should be left in tact as well.
+       </para>
+      </listitem> 
+      <listitem>
+       <para>
+        Other configuration files (<filename>default.action</filename> and
+        <filename>default.filter</filename>) should be installed as the new
+        defaults, but all previously installed configuration files should be
+        preserved as backups. This is just good manners :-) These files are
+        likely to change between releases and contain important new features
+        and bug fixes.
+       </para>
+     </listitem> 
+     <listitem>
+      <para>
+       Please check platform specific notes in this doc, if you haven't 
+       done <quote>Privoxy</quote> packaging before for other platform 
+       specific issues. Conversely, please add any notes that you know 
+       are important for your platform (or contact one of the doc 
+       maintainers to do this if you can't).
+      </para>
+    </listitem> 
+    <listitem>
+     <para>
+       Packagers should do a <quote>clean</quote> install of their 
+       package after building it. So any previous installs should be 
+       removed first to ensure the integrity of the newly built package. 
+       Then run the package for a while to make sure there are no 
+       obvious problems, before uploading.
+     </para>
+    </listitem> 
+
+      </itemizedlist>
+     </para> 
+    
+    </sect3>
+
+    <sect3 id="newrelease-tarball"><title>Source Tarball</title>
+        <para>
+	First, <emphasis>make sure that you have freshly exported the right
+        version into an empty directory</emphasis>. (See "Building and releasing
+        packages" above). Then run:
+	</para>
+	<para>
+	<programlisting>
+  cd current
+  autoheader && autoconf && ./configure
+</programlisting>
+	</para>
+	<para>
+	Then do:
+	</para>
+	<para>
+	<programlisting>
+  make tarball-dist
+</programlisting>
+	</para>
+	<para>
+	To upload the package to Sourceforge, simply issue
+	</para>
+	<para>
+	<programlisting>
+  make tarball-upload
+</programlisting>
+	</para>
+	<para>
+	Go to the displayed URL and release the file publicly on Sourceforge.
+        For the change log field, use the relevant section of the
+        <filename>ChangeLog</filename> file.
+      </para>
+    </sect3>
+
+    <sect3 id="newrelease-rpm"><title>SuSE, Conectiva or Red Hat RPM</title>
+        <para>
+        In following text, replace <replaceable class="parameter">dist</replaceable>
+        with either <quote>rh</quote> for Red Hat or <quote>suse</quote> for SuSE.
+        </para>
+        <para>
+	First, <emphasis>make sure that you have freshly exported the right
+        version into an empty directory</emphasis>. (See "Building and releasing
+        packages" above). 
+	</para>
+	<para>
+        As the only exception to not changing anything after export from CVS,
+        now examine the file <filename>privoxy-</filename><replaceable class="parameter">dist</replaceable><filename>.spec</filename>
+        and make sure that the version information and the RPM release number are
+        correct. The RPM release numbers for each version start at one. Hence it must
+        be reset to one if this is the first RPM for
+        <replaceable class="parameter">dist</replaceable> which is built from version
+        X.Y.Z. Check the
+        <ulink url="http://sourceforge.net/project/showfiles.php?group_id=11118">file
+        list</ulink> if unsure. Else, it must be set to the highest already available RPM
+        release number for that version plus one.
+	</para>
+	<para>
+        Then run:
+	</para>
+	<para>
+	<programlisting>
+  cd current
+  autoheader && autoconf && ./configure
+</programlisting>
+	</para>
+	<para>
+	Then do
+	</para>
+	<para>
+	<programlisting>
+  make <replaceable class="parameter">dist</replaceable>-dist
+</programlisting>
+	</para>
+	<para>
+	To upload the package to Sourceforge, simply issue
+	</para>
+	<para>
+	<programlisting>
+  make <replaceable class="parameter">dist</replaceable>-upload <replaceable class="parameter">rpm_packagerev</replaceable>
+</programlisting>
+	</para>
+	<para>
+        where <replaceable class="parameter">rpm_packagerev</replaceable> is the
+        RPM release number as determined above.
+	Go to the displayed URL and release the file publicly on Sourceforge.
+        Use the release notes and change log from the source tarball package.
+      </para>
+    </sect3>
+
+    <sect3 id="newrelease-os2"><title>OS/2</title>
+      <para>
+	First, <emphasis>make sure that you have freshly exported the right
+        version into an empty directory</emphasis>. (See "Building and releasing
+        packages" above). Then get the OS/2 Setup module:
+	</para>
+	<para>
+	<programlisting>
+  cvs -z3 -d:pserver:anonymous at ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa co os2setup
+</programlisting>
+	</para>
+	<para>
+	You will need a mix of development tools.
+	The main compilation takes place with IBM Visual Age C++.
+	Some ancillary work takes place with GNU tools, available from
+	various sources like hobbes.nmsu.edu.
+	Specificially, you will need <filename>autoheader</filename>,
+	<filename>autoconf</filename> and <filename>sh</filename> tools.
+	The packaging takes place with WarpIN, available from various sources, including
+	its home page: <ulink url="http://www.xworkplace.org/">xworkplace</ulink>.
+	</para>
+	<para>
+	Change directory to the <filename>os2setup</filename> directory.
+	Edit the os2build.cmd file to set the final executable filename.
+	For example, 
+	</para>
+	<para>
+ 	<programlisting>
+  installExeName='privoxyos2_setup_X.Y.Z.exe'
+</programlisting>
+	</para>
+	<para>
+ 	Next, edit the <filename>IJB.wis</filename> file so the release number matches
+ 	in the <filename>PACKAGEID</filename> section:
+ 	</para>
+	<para>
+	<programlisting>
+  PACKAGEID="Privoxy Team\Privoxy\Privoxy Package\X\Y\Z"
+</programlisting>
+	</para>
+	<para>
+	You're now ready to build.  Run:
+	</para>
+	<para>
+	<programlisting>
+  os2build
+</programlisting>
+	</para>
+	<para>
+         You will find the  WarpIN-installable executable in the
+        <filename>./files</filename> directory. Upload this anonymously to
+         <filename>uploads.sourceforge.net/incoming</filename>, create a release
+         for it, and you're done. Use the release notes and Change Log from the
+         source tarball package.
+	</para>
+    </sect3>
+
+    <sect3 id="newrelease-solaris"><title>Solaris</title>
+      <para>
+	Login to Sourceforge's compilefarm via ssh:
+	</para>
+	<para>
+	<programlisting>
+  ssh cf.sourceforge.net
+</programlisting>
+	</para>
+	<para>
+	Choose the right operating system (not the Debian one).
+        When logged in, <emphasis>make sure that you have freshly exported the right
+        version into an empty directory</emphasis>. (See "Building and releasing
+        packages" above). Then run:
+	</para>
+	<para>
+	<programlisting>
+  cd current
+  autoheader && autoconf && ./configure
+</programlisting>
+	</para>
+	<para>
+	Then run
+	</para>
+	<para>
+	<programlisting>
+  gmake solaris-dist
+</programlisting>
+	</para>
+	<para>
+	which creates a gzip'ed tar archive. Sadly, you cannot use <command>make
+	solaris-upload</command> on the Sourceforge machine (no ncftpput). You now have
+	to manually upload the archive to Sourceforge's ftp server and release
+	the file publicly. Use the release notes and Change Log from the
+        source tarball package.
+	</para>
+    </sect3>
+
+    <sect3 id="newrelease-windows"><title>Windows</title>
+      <para>
+        You should ensure you have the latest version of Cygwin (from
+        <ulink url="http://www.cygwin.com/">http://www.cygwin.com/</ulink>).
+        Run the following commands from within a Cygwin bash shell.
+      </para>
+      <para>
+	First, <emphasis>make sure that you have freshly exported the right
+        version into an empty directory</emphasis>. (See "Building and releasing
+        packages" above). Then get the Windows setup module:
+      </para>
+      <para>
+      <programlisting>
+  cvs -z3  -d:pserver:anonymous at ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa co winsetup
+</programlisting>
+      </para>
+      <para>
+        Then you can build the package.  This is fully automated, and is
+        controlled by <filename>winsetup/GNUmakefile</filename>.
+        All you need to do is:
+      </para>
+      <para>
+      <programlisting>
+  cd winsetup
+  make
+</programlisting>
+      </para>
+      <para>
+        Now you can manually rename <filename>privoxy_setup.exe</filename> to
+        <filename>privoxy_setup_X_Y_Z.exe</filename>, and upload it to
+        SourceForge. When releasing the package on SourceForge, use the release notes
+        and Change Log from the source tarball package.
+      </para>
+    </sect3>
+
+    <sect3 id="newrelease-debian"><title>Debian</title>
+      <para>
+        First, <emphasis>make sure that you have freshly exported the
+        right version into an empty directory</emphasis>. (See
+        "Building and releasing packages" above).  Then add a log
+        entry to <filename>debian/changelog</filename>, if it is not
+        already there, for example by running:
+      </para>
+      <para>
+        <programlisting>
+  debchange -v &p-version;-&p-status;-1 "New upstream version"
+</programlisting>
+      </para>
+      <para>
+        Then, run: 
+      </para>
+      <para>
+        <programlisting>
+  dpkg-buildpackage -rfakeroot -us -uc -b
+</programlisting>
+      </para>
+      <para>
+        This will create
+        <filename>../privoxy_&p-version;-&p-status;-1_i386.deb</filename>
+        which can be uploaded.  To upload the package to Sourceforge, simply
+	issue
+      </para>
+      <para>
+        <programlisting>
+  make debian-upload
+</programlisting>
+      </para>
+    </sect3>
+
+    <sect3 id="newrelease-macosx"><title>Mac OS X</title>
+      <para>
+	First, <emphasis>make sure that you have freshly exported the right
+        version into an empty directory</emphasis>. (See "Building and releasing
+        packages" above). Then get the Mac OS X setup module:
+	</para>
+	<para>
+	<programlisting>
+  cvs -z3 -d:pserver:anonymous at ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa co osxsetup
+</programlisting>
+	</para>
+	<para>
+	Then run:
+	</para>
+	<para>
+	<programlisting>
+  cd osxsetup
+  build
+</programlisting>
+	</para>
+	<para>
+	This will run <filename>autoheader</filename>, <filename>autoconf</filename> and
+	<filename>configure</filename> as well as <filename>make</filename>.
+	Finally, it will copy over the necessary files to the ./osxsetup/files directory
+	for further processing by <filename>PackageMaker</filename>.
+	</para>
+	<para>
+	Bring up PackageMaker with the PrivoxyPackage.pmsp definition file, modify the package
+	name to match the release, and hit the "Create package" button.
+	If you specify ./Privoxy.pkg as the output package name, you can then create
+	the distributable zip file with the command:
+	</para>
+	<para>
+	<programlisting>
+  zip -r privoxyosx_setup_x.y.z.zip Privoxy.pkg
+</programlisting>
+	</para>
+	<para>
+	You can then upload <filename>privoxyosx_setup_x.y.z.zip</filename> anonymously to 
+	<filename>uploads.sourceforge.net/incoming</filename>,
+	create a release for it, and you're done. Use the release notes
+        and Change Log from the source tarball package.
+	</para>
+    </sect3>
+
+    <sect3 id="newrelease-freebsd"><title>FreeBSD</title>
+      <para>
+	Login to Sourceforge's compile-farm via ssh:
+	</para>
+	<para>
+	<programlisting>
+  ssh cf.sourceforge.net
+</programlisting>
+	</para>
+	<para>
+	Choose the right operating system.
+        When logged in, <emphasis>make sure that you have freshly exported the right
+        version into an empty directory</emphasis>. (See "Building and releasing
+        packages" above). Then run:
+	</para>
+	<para>
+	<programlisting>
+  cd current
+  autoheader && autoconf && ./configure
+</programlisting>
+	</para>
+	<para>
+	Then run:
+	</para>
+	<para>
+	<programlisting>
+  gmake freebsd-dist
+</programlisting>
+	</para>
+	<para>
+	which creates a gzip'ed tar archive. Sadly, you cannot use <command>make
+	freebsd-upload</command> on the Sourceforge machine (no ncftpput). You now have
+	to manually upload the archive to Sourceforge's ftp server and release
+	the file publicly. Use the release notes and Change Log from the
+        source tarball package.
+	</para>
+    </sect3>
+
+    <sect3 id="newrelease-hpux"><title>HP-UX 11</title>
+      <para>
+	First, <emphasis>make sure that you have freshly exported the right
+        version into an empty directory</emphasis>. (See "Building and releasing
+        packages" above). Then run:
+	</para>
+	<para>
+	<programlisting>
+  cd current
+  autoheader && autoconf && ./configure
+</programlisting>
+	</para>
+	<para>
+	Then do FIXME.
+	</para>
+    </sect3>
+
+    <sect3 id="newrelease-amiga"><title>Amiga OS</title>
+      <para>
+	First, <emphasis>make sure that you have freshly exported the right
+        version into an empty directory</emphasis>. (See "Building and releasing
+        packages" above). Then run:
+	</para>
+	<para>
+	<programlisting>
+  cd current
+  autoheader && autoconf && ./configure
+</programlisting>
+	</para>
+	<para>
+	Then do FIXME.
+	</para>
+    </sect3>
+
+    <sect3 id="newrelease-aix"><title>AIX</title>
+      <para>
+	Login to Sourceforge's compilefarm via ssh:
+	</para>
+	<para>
+	<programlisting>
+  ssh cf.sourceforge.net
+</programlisting>
+	</para>
+	<para>
+	Choose the right operating system.
+        When logged in, <emphasis>make sure that you have freshly exported the right
+        version into an empty directory</emphasis>. (See "Building and releasing
+        packages" above). Then run:
+	</para>
+	<para>
+	<programlisting>
+  cd current
+  autoheader && autoconf && ./configure
+</programlisting>
+	</para>
+	<para>
+	Then run:
+	</para>
+	<para>
+	<programlisting>
+  make aix-dist
+</programlisting>
+	</para>
+	<para>
+	which creates a gzip'ed tar archive. Sadly, you cannot use <command>make
+	aix-upload</command> on the Sourceforge machine (no ncftpput). You now have
+	to manually upload the archive to Sourceforge's ftp server and release
+	the file publicly. Use the release notes and Change Log from the
+        source tarball package.
+	</para>
+    </sect3>
+   </sect2>
+
+   <sect2 id="releasing">
+   <title>Uploading and Releasing Your Package</title>
+    <para>
+      After the package is ready, it is time to upload it 
+      to SourceForge, and go through the release steps. The upload
+      is done via FTP:
+    </para>
+     <para>
+      <itemizedlist>
+       <listitem>
+        <para>
+          Upload to: <ulink url="ftp://upload.sourceforge.net/incoming">ftp://upload.sourceforge.net/incoming</ulink>
+        </para>
+      </listitem> 
+      <listitem>
+       <para>
+         user: <literal>anonymous</literal>
+       </para>
+      </listitem> 
+      <listitem>
+       <para>
+         password: <literal>ijbswa-developers at lists.sourceforge.net</literal>
+       </para>
+      </listitem> 
+     </itemizedlist>
+    </para> 
+    <para>
+     Or use the <command>make</command> targets as described above.
+    </para>
+    <para>
+     Once this done go to <ulink
+      url="https://sourceforge.net/project/admin/editpackages.php?group_id=11118"
+      >https://sourceforge.net/project/admin/editpackages.php?group_id=11118</ulink>, 
+     making sure you are logged in. Find your target platform in the 
+     second column, and click <literal>Add Release</literal>. You will 
+     then need to create a new release for your package, using the format 
+     of <literal>$VERSION ($CODE_STATUS)</literal>, e.g. <emphasis>&p-version;
+     (beta)</emphasis>.
+    </para>
+    <para>
+     Now just follow the prompts. Be sure to add any appropriate Release
+     notes. You should see your freshly uploaded packages in 
+     <quote>Step 2. Add Files To This Release</quote>. Check the 
+     appropriate box(es). Remember at each step to hit the 
+     <quote>Refresh/Submit</quote> buttons! You should now see your 
+     file(s) listed in Step 3. Fill out the forms with the appropriate 
+     information for your platform, being sure to hit <quote>Update</quote>
+     for each file. If anyone is monitoring your platform, check the 
+     <quote>email</quote> box at the very bottom to notify them of 
+     the new package. This should do it!
+    </para>
+    <para>
+     If you have made errors, or need to make changes, you can go through 
+     essentially the same steps, but select <literal>Edit Release</literal>, 
+     instead of <literal>Add Release</literal>.
+    </para>
+   </sect2>
+
+    <sect2 id="afterrelease">
+    <title>After the Release</title>
+     <para>
+      When all (or: most of the) packages have been uploaded and made available,
+      send an email to the <ulink url="mailto:ijbswa-announce at lists.sourceforge.net">announce
+      mailing list</ulink>, Subject: "Version X.Y.Z available for download". Be sure to
+      include the
+      <ulink url="http://sourceforge.net/project/showfiles.php?group_id=11118">download
+      location</ulink>, the release notes and the Changelog. Also, post an
+      updated News item on the project page Sourceforge, and update the Home 
+      page and docs linked from the Home page (see below). Other news sites
+      and release oriented sites, such as Freshmeat, should also be notified.
+     </para>
+   </sect2>
+
+  </sect1>
+  
+  <!--   ~~~~~       New section      ~~~~~     -->
+  <sect1 id="webserver-update"><title>Update the Webserver</title>
+   <para>
+    The webserver should be updated at least with each stable release. When
+    updating, please follow these steps to make sure that no broken links,
+    inconsistent contents or permission problems will occur (as it has many 
+    times in the past!):
+   </para>
+   <para>
+    If you have changed anything in the stable-branch documentation source
+    SGML files, do:
+   </para>
+   <para>
+    <programlisting>
+  make dok dok-pdf # (or 'make redhat-dok dok-pdf' if 'make dok' doesn't work for you)
+</programlisting>
+   </para>
+   <para>
+    That will generate <filename>doc/webserver/user-manual</filename>,
+    <filename>doc/webserver/developer-manual</filename>,
+    <filename>doc/webserver/faq</filename>, 
+    <filename>doc/pdf/*.pdf</filename> and
+    <filename>doc/webserver/index.html</filename> automatically.
+   </para>
+   <para>
+    If you changed the manual page sources, generate
+    <filename>doc/webserver/man-page/privoxy-man-page.html</filename>
+    by running <quote><command>make man</command></quote>. (This is
+    a separate target due to dependencies on some obscure perl scripts
+    [now in CVS, but not well tested]. See comments in <filename>GNUmakefile</filename>.)
+   </para>
+   <para>
+    If you want to add new files to the webserver, create them locally in
+    the <filename>doc/webserver/*</filename> directory (or
+    create new directories under <filename>doc/webserver</filename>).
+   </para>
+   <para>
+    Next, commit any changes from the above steps to CVS. All set? 
+    If these are docs in the stable branch, then do:
+   </para>
+   <para>
+    <programlisting>
+  make webserver
+</programlisting>
+   </para>
+   <para>
+    This will do the upload to <ulink url="http://www.privoxy.org/">the
+    webserver</ulink> (www.privoxy.org) and ensure all files and directories
+    there are group writable.
+   </para>
+   <para>
+    Please do <emphasis>NOT</emphasis> use any other means of transferring
+    files to the webserver to avoid permission problems. Also, please do not
+    upload docs from development branches or versions. The publicly posted
+    docs should be in sync with the last official release.
+   </para>
+  </sect1>
+
+  <!--   ~~~~~       New section      ~~~~~     -->
+  <sect1 id="contact"><title>Contacting the developers, Bug Reporting and Feature Requests</title>
+<!-- Include contacting.sgml  -->
+ &contacting;
+<!-- end contacting -->
+  </sect1>
+  
+
+<!--   ~~~~~~~~       New section Header    ~~~~~~~~~     -->
+<sect1 id="copyright"><title>Privoxy Copyright, License and History</title>
+
+<!-- Include copyright.sgml -->
+ ©right;
+<!-- end -->
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2><title>License</title>
+<!-- Include copyright.sgml: -->
+ &license;
+<!-- end copyright -->
+</sect2>
+<!--  ~  End section  ~  -->
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2><title>History</title>
+<!-- Include history.sgml -->
+ &history;
+<!-- end -->
+</sect2>
+
+</sect1>
+  
+  <!--   ~~~~~       New section      ~~~~~     -->
+  <sect1 id="seealso"><title>See also</title>
+<!-- Include seealso.sgml -->
+ &seealso;
+<!-- end  -->
+
+  </sect1>
+
+  <!--
+
+  This program is free software; you can redistribute it 
+  and/or modify it under the terms of the GNU General
+  Public License as published by the Free Software
+  Foundation; either version 2 of the License, or (at
+  your option) any later version.
+
+  This program is distributed in the hope that it will
+  be useful, but WITHOUT ANY WARRANTY; without even the
+  implied warranty of MERCHANTABILITY or FITNESS FOR A
+  PARTICULAR PURPOSE.  See the GNU General Public
+  License for more details.
+
+  The GNU General Public License should be included with
+  this file.  If not, you can view it at
+  http://www.gnu.org/copyleft/gpl.html
+  or write to the Free Software Foundation, Inc., 59
+  Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+
+  $Log: developer-manual.sgml,v $
+  Revision 2.27  2009/02/19 02:20:22  hal9
+  Make some links in seealso conditional. Man page is now privoxy only links.
+
+  Revision 2.26  2009/02/12 16:08:26  fabiankeil
+  Declare the code stable.
+
+  Revision 2.25  2009/02/12 15:37:05  fabiankeil
+  Update templates.
+
+  Revision 2.24  2009/01/13 16:50:35  fabiankeil
+  The standard.action file is gone.
+
+  Revision 2.23  2008/09/26 17:02:01  fabiankeil
+  - Break some more CVS substitutions in examples.
+  - Remove Junkbusters reference in example header
+    for new files.
+
+  Revision 2.22  2008/08/30 15:37:35  fabiankeil
+  Update entities.
+
+  Revision 2.21  2008/08/16 08:51:28  fabiankeil
+  Update version-related entities.
+
+  Revision 2.20  2008/06/14 13:21:24  fabiankeil
+  Prepare for the upcoming 3.0.9 beta release.
+
+  Revision 2.19  2008/05/12 11:13:33  fabiankeil
+  Clarify that Privoxy is licensed under GPL version 2.
+
+  Revision 2.18  2008/02/04 12:14:06  fabiankeil
+  Change "Edit Packages" URL to use https.
+
+  Revision 2.17  2008/02/03 21:37:41  hal9
+  Apply patch from Mark: s/OSX/OS X/
+
+  Revision 2.16  2008/01/19 17:52:38  hal9
+  Re-commit to fix various minor issues for new release.
+
+  Revision 2.15  2008/01/19 15:03:05  hal9
+  Doc sources tagged for 3.0.8 release.
+
+  Revision 2.14  2008/01/17 01:49:51  hal9
+  Change copyright notice for docs s/2007/2008/. All these will be rebuilt soon
+  enough.
+
+  Revision 2.13  2007/10/30 17:59:31  fabiankeil
+  - Bump p-version, p-status and copyright date.
+  - Mention that the manual is out of date.
+  - Don't use examples with HardToReadCamelCase after
+    explaining that we actually don't like that.
+  - Minor cosmetics.
+
+  Revision 2.12  2006/11/14 01:57:46  hal9
+  Dump all docs prior to 3.0.6 release. Various minor changes to faq and user
+  manual.
+
+  Revision 2.11  2006/09/26 02:36:29  hal9
+  Fix broken link per bug tracker.
+
+  Revision 2.10  2006/09/22 01:27:55  hal9
+  Final commit of probably various minor changes here and there. Unless
+  something changes this should be ready for pending release.
+
+  Revision 2.9  2006/09/14 02:30:07  hal9
+  Fix ijbswa cvs links. Update notes on release process, and which config files
+  should be overwritten and which not.
+
+  Revision 2.8  2006/08/22 23:35:01  hal9
+  Fix email address, cvs URI, address branching changes and various other
+  small updates.
+
+  Revision 2.7  2006/07/18 14:48:50  david__schmidt
+  Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+  with what was really the latest development (the v_3_0_branch branch)
+
+  Revision 1.46.2.11  2002/12/11 13:12:15  hal9
+  Rewrite cvs write access give-away section.
+
+  Revision 1.46.2.10  2002/09/26 21:53:45  hal9
+  Changes to reflect recent change in stable branch commit policy (hopefully
+  clearer now).
+
+  Revision 1.46.2.9  2002/09/26 01:21:40  hal9
+  Porting 3.1.1 changes: more on cvs and branches, more on versions and
+  releases.
+
+  Revision 1.46.2.8  2002/08/17 00:16:10  hal9
+  Add note on updating webserver for User-manual/CGI editor, which is version
+  dependent (and different from main UM link).
+
+  Revision 1.46.2.7  2002/08/14 17:29:25  hal9
+  Add small notes on post-release steps, and uploading docs to webserver.
+
+  Revision 1.46.2.6  2002/08/10 11:40:25  oes
+  Added disclaimer about probably being out-of-date and two small hints
+
+  Revision 1.46.2.5  2002/08/09 01:15:12  hal9
+  Added some notes on pre-release steps (test builds first, update ChangeLog).
+
+  Revision 1.46.2.4  2002/05/29 00:30:59  mal0rd
+  Fixed a little formatting.  Clarified debian section.
+
+  Revision 1.46.2.3  2002/05/28 04:32:45  hal9
+  Change hints on bundling index.html to privoxy-index.html
+
+  Revision 1.46.2.2  2002/05/26 17:04:24  hal9
+  -Spellcheck, very minor edits, and sync across branches
+
+  Revision 1.48  2002/05/26 12:48:31  roro
+  Add releasing information about Debian.
+
+  Revision 1.47  2002/05/26 04:55:11  mal0rd
+  Added debian-dist and debian-upload targets.  Also documented usage.
+
+  Revision 1.46  2002/05/22 17:15:00  oes
+  Updated intro
+
+  Revision 1.45  2002/05/19 23:01:54  hal9
+  Add small section on general packaging guidelines (e.g. actions files must
+  be writable).
+
+  Revision 1.44  2002/05/15 03:55:17  hal9
+  Fix ulink -> link, and minor modification to release process section for
+  clarification.
+
+  Revision 1.43  2002/05/10 01:48:19  hal9
+  This is mostly proposed copyright/licensing additions and changes. Docs
+  are still GPL, but licensing and copyright are more visible. Also, copyright
+  changed in doc header comments (eliminate references to JB except FAQ).
+
+  Revision 1.42  2002/05/05 20:26:02  hal9
+  Sorting out license vs copyright in these docs.
+
+  Revision 1.41  2002/05/04 08:44:44  swa
+  bumped version
+
+  Revision 1.40  2002/05/04 00:43:43  hal9
+  -Remove TOC/first page kludge with proper stylesheet fix.
+  -Combined the two very brief sections: Intro and Quickstart.
+
+  Revision 1.39  2002/05/02 15:08:25  oes
+  Added explanation about version numbers and RPM package revisions
+
+  Revision 1.38  2002/04/29 02:20:31  hal9
+  Add info on steps for uploading and the release process on SF.
+
+  Revision 1.37  2002/04/26 17:23:29  swa
+  bookmarks cleaned, changed structure of user manual, screen and programlisting cleanups, and numerous other changes that I forgot
+
+  Revision 1.36  2002/04/26 05:25:23  hal9
+  Mass commit to catch a few scattered fixes.
+
+  Revision 1.35  2002/04/17 15:16:15  oes
+  Added link to docbook crash course
+
+  Revision 1.34  2002/04/15 23:39:32  oes
+   - Extended & fixed the release section
+   - Added CVS guideline sections
+   - Separated webserver section from release section
+   - Commented out boilerplate inclusion (If you don't know yet what it is,
+     you shouldn't mess with its code ;-)
+   - Nits & fixes
+
+  Revision 1.33  2002/04/12 03:49:53  hal9
+  Spell checked. Clarification on where docs are kept.
+
+  Revision 1.32  2002/04/11 21:29:58  jongfoster
+  Documenting Win32 release procedure
+
+  Revision 1.31  2002/04/11 09:32:52  oes
+  more nits
+
+  Revision 1.30  2002/04/11 09:24:53  oes
+  nits
+
+  Revision 1.29  2002/04/10 18:45:14  swa
+  generated
+
+  Revision 1.28  2002/04/08 22:59:26  hal9
+  Version update. Spell chkconfig correctly :)
+
+  Revision 1.27  2002/04/08 15:31:18  hal9
+  Touch ups to documentation section.
+
+  Revision 1.26  2002/04/07 23:50:08  hal9
+  Documentation changes to reflect HTML docs now in CVS, and new generated files
+  list.
+
+  Revision 1.25  2002/04/06 05:07:28  hal9
+  -Add privoxy-man-page.sgml, for man page.
+  -Add authors.sgml for AUTHORS (and p-authors.sgml)
+  -Reworked various aspects of various docs.
+  -Added additional comments to sub-docs.
+
+  Revision 1.24  2002/04/04 21:33:37  hal9
+  More on documenting the documents.
+
+  Revision 1.23  2002/04/04 18:46:47  swa
+  consistent look. reuse of copyright, history et. al.
+
+  Revision 1.22  2002/04/04 17:27:56  swa
+  more single file to be included at multiple points. make maintaining easier
+
+  Revision 1.21  2002/04/04 06:48:37  hal9
+  Structural changes to allow for conditional inclusion/exclusion of content
+  based on entity toggles, e.g. 'entity % p-not-stable  "INCLUDE"'. And
+  definition of internal entities, e.g. 'entity p-version "2.9.13"' that will
+  eventually be set by Makefile.
+  More boilerplate text for use across multiple docs.
+
+  Revision 1.20  2002/04/04 03:28:27  david__schmidt
+  Add Mac OS X section
+
+  Revision 1.19  2002/04/03 15:09:42  david__schmidt
+  Add OS/2 build section
+
+  Revision 1.18  2002/04/03 03:51:48  hal9
+  Touch ups.
+
+  Revision 1.17  2002/04/03 01:21:17  hal9
+  Implementing Andreas's suggestions for Release sections.
+
+  Revision 1.16  2002/03/31 23:04:40  hal9
+  Fleshed out the doc section, and added something for an intro so it was not
+  blank.
+
+  Revision 1.15  2002/03/30 22:29:47  swa
+  wrong make flavour
+
+  Revision 1.14  2002/03/30 19:04:08  swa
+  people release differently. no good.
+  I want to make parts of the docs only.
+
+  Revision 1.13  2002/03/27 01:16:41  hal9
+  ditto
+
+  Revision 1.12  2002/03/27 01:02:51  hal9
+  Touch up on name change...
+
+  Revision 1.11  2002/03/26 22:29:55  swa
+  we have a new homepage!
+
+  Revision 1.10  2002/03/24 12:33:01  swa
+  more additions.
+
+  Revision 1.9  2002/03/24 11:01:05  swa
+  name change
+
+  Revision 1.8  2002/03/23 15:13:11  swa
+  renamed every reference to the old name with foobar.
+  fixed "application foobar application" tag, fixed
+  "the foobar" with "foobar". left junkbustser in cvs
+  comments and remarks to history untouched.
+
+  Revision 1.7  2002/03/11 13:13:27  swa
+  correct feedback channels
+
+  Revision 1.6  2002/02/24 14:25:06  jongfoster
+  Formatting changes.  Now changing the doctype to DocBook XML 4.1
+  will work - no other changes are needed.
+
+  Revision 1.5  2001/10/31 18:16:51  swa
+  documentation added: howto generate docs in text and html
+  format, howto move stuff to the webserver.
+
+  Revision 1.4  2001/09/23 10:13:48  swa
+  upload process established. run make webserver and
+  the documentation is moved to the webserver. documents
+  are now linked correctly.
+
+  Revision 1.3  2001/09/13 15:27:40  swa
+  cosmetics
+
+  Revision 1.2  2001/09/13 15:20:17  swa
+  merged standards into developer manual
+
+  Revision 1.1  2001/09/12 15:36:41  swa
+  source files for junkbuster documentation
+
+  Revision 1.3  2001/09/10 17:43:59  swa
+  first proposal of a structure.
+
+  Revision 1.2  2001/06/13 14:28:31  swa
+  docs should have an author.
+
+  Revision 1.1  2001/06/13 14:20:37  swa
+  first import of project's documentation for the webserver.
+
+  -->
+
+</article>
diff --git a/external/privoxy/doc/source/faq.sgml b/external/privoxy/doc/source/faq.sgml
new file mode 100644
index 0000000..7684e8e
--- /dev/null
+++ b/external/privoxy/doc/source/faq.sgml
@@ -0,0 +1,3454 @@
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook V3.1//EN"[
+<!entity % dummy "IGNORE"> 
+<!entity supported SYSTEM "supported.sgml">
+<!entity newfeatures SYSTEM "newfeatures.sgml">
+<!entity p-intro SYSTEM "privoxy.sgml">
+<!entity seealso SYSTEM "seealso.sgml">
+<!entity contacting SYSTEM "contacting.sgml">
+<!entity history SYSTEM "history.sgml">
+<!entity copyright SYSTEM "copyright.sgml">
+<!entity license SYSTEM "license.sgml">
+<!entity p-version "3.0.11">
+<!entity p-status "stable">
+<!entity % p-not-stable "IGNORE">
+<!entity % p-stable "INCLUDE">
+<!entity % p-text "IGNORE">        <!-- define we are not a text only doc -->
+<!entity % p-doc "INCLUDE">        <!-- and we are a formal doc           -->
+<!entity % p-supp-userman "INCLUDE"> <!-- Include all from supported.sgml -->
+<!entity  my-copy "©">          <!-- kludge for docbook2man          -->
+<!entity % p-newstuff "INCLUDE">      <!-- exclude stuff from devel versions -->
+<!entity % seealso-extra "INCLUDE"> <!-- extra stuff from seealso.sgml    -->
+<!entity  my-app "<application>Privoxy</application>">
+]>
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/faq.sgml,v $
+
+ Purpose     :  FAQ
+                This file belongs into
+                ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/
+                
+ $Id: faq.sgml,v 2.58 2009/03/21 12:27:44 fabiankeil Exp $
+
+ Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
+ See LICENSE.
+
+ Based partially on the Internet Junkbuster FAQ originally written by and
+ Copyright (C) 1997 Anonymous Coders and Junkbusters Corporation.
+ http://www.junkbusters.com/
+
+ <Qandaset defaultlabel='qanda'>
+  <QandAEntry>
+   <question>
+    <para> 
+     How are you?
+    </para>
+   </question>
+   <answer>
+    <para> 
+     Fine.
+    </para>
+   </answer>
+  </QandAEntry>
+ </QandASet>
+
+ ========================================================================
+ NOTE: Please read developer-manual/documentation.html before touching 
+ this file!
+
+ Please we keep the info in this file as version independent as possible 
+ so we only have to maintain one FAQ. Where significant changes are 
+ made to Privoxy configuration, please note the change in such a way that 
+ it makes sense to both users of older and newer versions.
+ ========================================================================
+
+
+-->
+
+
+<article id="index" class="faq">
+<artheader>
+<title>Privoxy Frequently Asked Questions</title>
+
+<pubdate>
+ <subscript>
+<!-- Completely the wrong markup, but very little is allowed  -->
+<!-- in this part of an article. FIXME -->
+ <link linkend="copyright">Copyright</link> &my-copy; 2001-2009 by 
+ <ulink url="http://www.privoxy.org/">Privoxy Developers</ulink>
+ </subscript>
+</pubdate>
+
+<pubdate>$Id: faq.sgml,v 2.58 2009/03/21 12:27:44 fabiankeil Exp $</pubdate>
+
+<!--
+
+Note: this should generate a separate page, and a live link to it. 
+But it doesn't for some mysterious reason. Please leave commented
+unless it can be fixed proper. For the time being, the copyright 
+statement will be in copyright.smgl.
+
+Hal.
+
+<legalnotice id="legalnotice"> 
+ <para>
+  text goes here ........
+ </para>
+</legalnotice>
+
+-->
+
+<!--
+<authorgroup>
+ <author>
+  <affiliation>
+   <orgname>By: Privoxy Developers</orgname>
+   </affiliation>
+ </author>
+</authorgroup>
+-->
+<abstract>
+<![%dummy;[
+<para>
+ <comment>
+  This is here to keep vim syntax file from breaking :/
+  If I knew enough to fix it, I would.
+  PLEASE DO NOT REMOVE! HB: hal at foobox.net
+ </comment>
+</para>
+]]>
+ <para>
+ This FAQ gives quick answers to frequently asked questions about
+ <ulink url="http://www.privoxy.org/">Privoxy</ulink>.
+ It is not a substitute for the 
+ <ulink url="../user-manual/index.html"><citetitle>Privoxy User Manual</citetitle></ulink>.
+<!-- 
+ This works, at least in some situtations:
+ Test: <ulink url="privoxy-user-manual.pdf"><citetitle>User Manual</citetitle></ulink>.
+--> 
+ </para>
+
+<!-- Include privoxy.sgml boilerplate: -->
+ <para>What is Privoxy?</para> &p-intro;
+<!-- end boilerplate -->
+
+ <para>
+  Please note that this document is a work in progress. This copy represents
+  the state at the release of version &p-version;.
+  You can find the latest version of the document at <ulink
+  url="http://www.privoxy.org/faq/">http://www.privoxy.org/faq/</ulink>.
+  Please see the <link linkend="contact">Contact section</link> if you want to
+  contact the developers. 
+ </para>
+
+<!--   <para> -->
+<!--    Feel free to send a note to the developers at <email>ijbswa-developers at lists.sourceforge.net</email>. -->
+<!--   </para> -->
+</abstract>
+</artheader>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+
+<sect1 id="general"><title>General Information</title>
+<sect2 renderas="sect3" id="who-uses"><title>Who should give &my-app; a try?</title>
+ <para>
+  Anyone who is interested in security, privacy, or in 
+  finer-grained control over their web and Internet experience.
+ </para>
+</sect2>
+
+<sect2 renderas="sect3" id="bestchoice"><title>Is Privoxy the best choice for
+me?</title>
+ <para>
+  &my-app; is certainly a good choice, especially for those who want more 
+  control and security. Those with the willingness to read the documentation
+  and the ability to fine-tune their installation will benefit the most.
+ </para>
+ <para>
+  One of <application>Privoxy's</application>
+  strengths is that it is highly configurable giving you the ability to
+  completely personalize your installation. Being familiar with, or at least
+  having an interest in learning about <ulink
+  url="http://en.wikipedia.org/wiki/Http">HTTP</ulink> and other networking
+  protocols, <ulink url="http://en.wikipedia.org/wiki/Html">HTML</ulink>, and 
+  <ulink url="http://en.wikipedia.org/wiki/Regular_expressions"><quote>Regular
+  Expressions</quote></ulink>
+  will be a big plus and will help you get the most out of &my-app;. 
+  A new installation just includes a very basic configuration. The user 
+  should take this as a starting point only, and enhance it as he or she 
+  sees fit. In fact, the user is encouraged, and expected to, fine-tune the 
+  configuration.
+ </para>
+ <para>
+  Much of <application>Privoxy's</application> configuration can be done 
+  with a <ulink url="http://en.wikipedia.org/wiki/Web_browser">Web browser</ulink>.
+  But there are areas where configuration is done using a 
+  <ulink url="http://en.wikipedia.org/wiki/Text_editors">text editor</ulink>
+  to edit configuration files. Also note that the web-based action editor
+  doesn't use authentication and should only be enabled in environments
+  where all clients with access to &my-app; listening port can be trusted.
+  </para>
+</sect2>
+
+<sect2 renderas="sect3" id="proxymoron"><title>What is a <quote>proxy</quote>? How does
+Privoxy work? </title>
+ <para>
+  A <ulink url="http://en.wikipedia.org/wiki/Proxy_server">web proxy</ulink>
+  is a service, based on a software such as &my-app;, that clients
+  (i.e. browsers) can use instead of connecting to web servers directly.
+  The clients then ask the proxy to request objects (web pages, images, movies etc)
+  on their behalf and to forward the data to the clients.
+  It is a <quote>go-between</quote>. For details, see
+  <ulink url="http://en.wikipedia.org/wiki/Proxy_server">Wikipedia's proxy definition</ulink>.
+ </para>
+ <para>
+  There are many reasons to use web proxies, such as security (firewalling),
+  efficiency (caching) and others, and there are any number of proxies
+  to accommodate those needs.
+ </para>
+ <para>
+  &my-app; is a proxy that is primarily focused on
+  privacy enhancement, ad and junk elimination and freeing the user from
+  restrictions placed on his activities. Sitting between your browser(s) and the Internet,
+  it is in a perfect position to filter outbound personal information that your
+  browser is leaking, as well as inbound junk. It uses a variety of techniques to do
+  this, all of which are under your complete control via the various configuration
+  files and options. Being a proxy also makes it easier to share
+  configurations among multiple browsers and/or users.
+ </para>
+</sect2>
+
+<sect2 renderas="sect3" id="otherstuff">
+<title>Does Privoxy do anything more than ad blocking?</title>
+ <para> 
+  Yes, ad blocking is but one possible use. There are many, many ways &my-app; 
+  can be used to sanitize and customize web browsing. 
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="newjb"><title>What is this new version of 
+<quote><citetitle>Junkbuster</citetitle></quote>?</title>
+
+<!-- Include history.sgml -->
+ &history;
+<!-- end -->
+
+</sect2>
+
+
+<sect2 renderas="sect3">
+<title id="whyprivoxy">Why <quote>Privoxy</quote>? Why change the name from
+Junkbuster at all?</title>
+<para>
+ Though outdated, <ulink url="http://junkbusters.com/">Junkbusters Corporation</ulink>
+ continues to offer their original version of the <application>Internet
+ Junkbuster</application>, so publishing our
+ <application> Junkbuster</application>-derived software under the same name
+ led to confusion.
+</para>
+<para>
+ There are also potential legal complications from our use of the 
+ <application>Junkbuster</application> name, which is a registered trademark of 
+ <ulink url="http://junkbusters.com/">Junkbusters Corporation</ulink>.
+ There are, however, no objections from Junkbusters Corporation to the 
+ <application>Privoxy</application> project itself, and they, in fact, still
+ share our ideals and goals.
+</para>
+<para>
+ The developers also believed that there are so many improvements over the original 
+ code, that it was time to make a clean break from the past and make 
+ a name in their own right.
+</para>
+<para>
+ <application>Privoxy</application> is the 
+ <quote><emphasis>Privacy Enhancing Proxy</emphasis></quote>. Also, its content
+ modification and junk suppression gives <emphasis>you</emphasis>, the user, more
+ control, more freedom, and allows you to browse your personal and
+ <quote><emphasis>private</emphasis> edition</quote> of the web.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="differs"><title>How does Privoxy differ
+from the old Junkbuster?</title> 
+<para>
+ <application>Privoxy</application> picks up where
+ <application>Junkbuster</application> left off.
+ The new <application>Privoxy</application> still blocks ads and banners,
+ still manages <ulink
+ url="http://en.wikipedia.org/wiki/Browser_cookie">cookies</ulink>, and still
+ helps protect your privacy. But, most of these features have been enhanced,
+ and many new ones have been added, all in the same vein.
+ </para>
+<para>
+ <application>Privoxy</application>'s new features include:
+</para>
+
+<!-- Include newfeatures.sgml: --> 
+ &newfeatures;
+<!-- end include -->
+
+</sect2>
+
+<sect2 renderas="sect3" id="whatsanad">
+<title id="knows">How does Privoxy know what is
+an ad, and what is not?</title>
+<para>
+ <application>Privoxy</application>'s approach to blocking ads is twofold:
+</para>
+<para>
+ First, there are certain patterns in the <emphasis>locations</emphasis> (URLs)
+ of banner images. This applies to both the path (you wouldn't guess how many
+ web sites serve their banners from a directory called <quote>banners</quote>!)
+ and the host (blocking the big banner hosting services like doublecklick.net
+ already helps a lot). <application>Privoxy</application> takes advantage of this
+ fact by using <ulink url="../user-manual/actions-file.html#AF-PATTERNS">URL
+ patterns</ulink> to sort out and block the requests for things that sound 
+ like they would be ads or banners.
+</para>
+<para>
+ Second, banners tend to come in certain <emphasis>sizes</emphasis>. But you
+ can't tell the size of an image by its URL without downloading it, and if you
+ do, it's too late to save bandwidth. Therefore, <application>Privoxy</application>
+ also inspects the HTML sources of web pages while they are loaded, and replaces
+ references to images with standard banner sizes by dummy references, so that
+ your browser doesn't request them anymore in the first place.
+</para>
+<para>
+ Both of this involves a certain amount of guesswork and is, of course, freely
+ and readily configurable.
+</para>
+</sect2>
+
+<sect2 renderas="sect3">
+<title id="mistakes">Can Privoxy make mistakes? 
+This does not sound very scientific.</title>
+<para>
+ Actually, it's a black art ;-) And yes, it is always possible to have a broad
+ rule accidentally block or change something by mistake. You will almost surely
+ run into such situations at some point. It is tricky writing rules to
+ cover every conceivable possibility, and not occasionally get false positives.
+</para>
+
+<para>
+ But this should not be a big concern since the
+ <application>Privoxy</application> configuration is very flexible, and
+ includes tools to help identify these types of situations so they can be
+ addressed as needed, allowing you to customize your installation.
+ (<link linkend="badsite">See the Troubleshooting section below</link>.)
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3">
+<title id="configornot">Will I have to configure Privoxy
+ before I can use it?</title>
+<para>
+ That depends on your expectations.
+ The default installation should give you a good starting
+ point, and block <emphasis>most</emphasis> ads and unwanted content,
+ but many of the more advanced features are off by default, and require
+ you to activate them. 
+</para>
+<para>
+ You do have to set up your browser to use
+ <application>Privoxy</application> (see the <link
+ linkend="firststep">Installation section below</link>). 
+</para>
+<para>
+ And you will certainly run into situations where there are false positives,
+ or ads not being blocked that you may not want to see. In these cases, you
+ would certainly benefit by customizing <application>Privoxy's</application>
+ configuration to more closely match your individual situation. And we
+ encourage you to do this. This is where the real power of
+ <application>Privoxy</application> lies!
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="lan">
+<title>Can Privoxy run as a server on a network?</title>
+ <para> 
+  Yes, &my-app; runs as a server already, and can easily be configured to
+  <quote>serve</quote> more than one client. See <link linkend="lanconfig">
+  How can I set up Privoxy to act as a proxy for my LAN</link> below.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="browsers2"><title>My browser does the same things as
+Privoxy. Why should I use Privoxy at all?</title>
+ <para>
+  Modern browsers do indeed have <emphasis>some</emphasis> of the same
+  functionality as <application>Privoxy</application>. Maybe this is
+  adequate for you. But <application>Privoxy</application> is very
+  versatile and powerful, and can probably do a number of things
+  your browser just can't.
+ </para>
+ <para>
+  In addition, a proxy is good choice if you use multiple browsers, or 
+  have a LAN with multiple computers since &my-app; can run as a server  
+  application. This way all the configuration is in one place, and you don't
+  have to maintain a similar configuration for possibly many browsers or
+  users.
+ </para>
+ <para>
+  Note, however, that it's recommended to leverage both your browser's
+  and <application>Privoxy's</application> privacy enhancing features
+  at the same time. While your browser probably lacks some features
+  &my-app; offers, it should also be able to do some things more
+  reliable, for example restricting and suppressing JavaScript.
+ </para>
+</sect2>
+
+<sect2 renderas="sect3" id="whytrust"><title>Why should I trust Privoxy?</title>
+ <para>
+  The most important reason is because you have access to
+  <emphasis>everything</emphasis>, and you can control everything. You can
+  check every line of every configuration file yourself. You can check every
+  last bit of source code should you desire. And even if you can't read code, 
+  there should be some comfort in knowing that <!-- thousands of -->other people can, 
+  and do read it. You can build the software from scratch, if you want,
+  so that you know the executable is clean, and that it is
+  <emphasis>yours</emphasis>. In fact, we encourage this level of scrutiny. It
+  is one reason we use &my-app; ourselves.
+ </para>
+</sect2>
+
+<sect2 renderas="sect3" id="license"><title>Is there is a license or fee? What about a 
+warranty? Registration?</title>
+ <para>
+  <application>Privoxy</application> is free software and licensed under the <ulink
+  url="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html">GNU General Public License (GPL) version 2</ulink>.
+  It is free to use, copy, modify or distribute as you wish under the terms of this
+  license.  Please see the <link linkend="copyright">Copyright</link> section for more
+  information on the license and copyright. Or the <filename>LICENSE</filename> file 
+  that should be included.
+ </para>
+ <para>
+  There is <emphasis>no warranty</emphasis> of any kind, expressed, implied or otherwise.
+  That is something that would cost real money ;-) There is no registration either.
+ </para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="spyware">
+<title>Can Privoxy remove spyware? Adware? Viruses?</title>
+<para>
+ No, at least not reliably enough to trust it. &my-app; is not designed to be
+ a malware removal tool and the default configuration doesn't even try to
+ filter out any malware.
+</para>
+<para>
+ &my-app; could help prevent contact from (known) sites that use such
+ tactics with appropriate configuration rules, and thus could conceivably
+ prevent contamination from such sites. However, keeping such a configuration
+ up to date would require a lot of time and effort that would be better spend
+ on keeping your software itself up to date so it doesn't have known
+ vulnerabilities.
+</para>
+</sect2>
+
+
+<sect2 renderas="sect3" id="otherads">
+<title>Can I use Privoxy with other ad-blocking software?</title>
+<para>
+ &my-app; should work fine with other proxies and other software in general.
+</para>
+<para>
+ But it is probably not necessary to use &my-app; in conjunction with other
+ ad-blocking products, and this could conceivably cause undesirable results.
+ It might be better to choose one software or the other and work a little to
+ tweak its configuration to your liking.
+</para>
+<para>
+ Note that this is an advice specific to ad blocking.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="jointeam"><title>I would like to help you, what can I do?</title>
+
+<sect3 renderas="sect4" id="jointeam-work"><title>Would you like to participate?</title>
+<para>
+   Well, we <emphasis>always</emphasis> need help. There is something for
+   everybody who wants to help us. We welcome new developers, packagers,
+   testers, documentation writers or really anyone with a desire to help in
+   any way. You <emphasis>DO NOT</emphasis> need to be a
+   <quote>programmer</quote>. There are many other tasks available. In fact,
+   the programmers often can't spend as much time programming because of some
+   of the other, more mundane things that need to be done, like checking the
+   Tracker feedback sections. 
+ </para>
+ <para>
+  So first thing, <ulink
+   url="https://sourceforge.net/account/register.php">get an account on SourceForge.net</ulink>
+   and mail your id to the <ulink url="mailto:ijbswa-developers at lists.sourceforge.net">developers
+   mailing list</ulink>. Then, please read the <ulink
+   url="../developer-manual/index.html">Developer's Manual</ulink>, at least
+   the pertinent sections.
+</para>
+ <para>
+  You can also start helping out without SourceForge.net account,
+  simply by showing up on the mailing list, helping out other users,
+  providing general feedback or reporting problems you noticed.
+ </para>
+</sect3>
+
+<sect3 renderas="sect4" id="donate"><title>Would you like to donate?</title>
+<para>
+ <application>Privoxy</application> is developed by unpaid volunteers
+ and thus our current running costs are pretty low. Nevertheless, we
+ have plans that will cost money in the future. We would like to get
+ this money through donations made by our users.
+</para>
+
+<para>
+ <application>Privoxy</application> has therefore become an associated
+ project of <ulink url="http://www.spi-inc.org/about-spi/about-spi">Software
+ in the Public Interest (SPI)</ulink>, which allows us to receive tax-deductible
+ donations in most western countries.
+</para>
+
+<para>
+ We intend to use the donations to pay for our domain after transfering
+ it to SPI. Our goal is to make sure there's no single point of failure
+ and the bill gets paid and the site keeps running even if a some of
+ the currently active developers were to suddenly disappear for a while.
+</para>
+
+<para>
+ We would also like to spend some money on more reliable hosting,
+ on hardware to help make sure <application>Privoxy</application>
+ keeps running on platforms the developers currently can't test on,
+ and on technical books to educate our developers about said platforms
+ or to improve their knowledge in general.
+</para>
+
+<para>
+ If you enjoy our software and feel like helping out with a donation,
+ please have a look at
+ <ulink url="http://www.spi-inc.org/donations">SPI's donation page</ulink>
+ to see what the options are.
+<para>
+</sect3>
+
+</sect2>
+
+</sect1>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+
+<sect1  id="installation"><title>Installation</title>
+
+<sect2 renderas="sect3" id="whichbrowsers">
+<title>Which browsers are supported by Privoxy?</title>
+<para>
+ Any browser that can be configured to use a proxy, which 
+ should be virtually all browsers, including
+ <application>Firefox</application>, <application>Internet
+ Explorer</application>, <application>Opera</application>, and 
+ <application>Safari</application> among others.
+ Direct browser support is not an absolute requirement since
+ <application>Privoxy</application> runs as a separate application and talks
+ to the browser in the standardized HTTP protocol, just like a web server
+ does.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="whichos">
+<title>Which operating systems are supported?</title>
+<!--
+Include supported.sgml here:
+-->
+&supported;
+</sect2>
+
+<sect2 renderas="sect3" id="email-client">
+<title>Can I use Privoxy with my email client?</title>
+<para>
+ As long as there is some way to set a HTTP proxy for the client, then yes,
+ any application can be used, whether it is strictly speaking a
+ <quote>browser</quote> or not. Though this may not be the best approach for
+ dealing with some of the common abuses of HTML in email. See <link
+ linkend="outlook">How can I configure <application>Privoxy</application>
+ with <application>Outlook</application>?</link> below for more on
+ this. 
+</para>
+<para>
+ Be aware that HTML email presents a number of unique security and privacy
+ related issues, that can require advanced skills to overcome. The developers
+ recommend using email clients that can be configured to convert HTML to plain
+ text for these reasons.
+</para>
+</sect2>
+
+<!-- Nobody is going to still be doing this!
+<sect2 renderas="sect3" id="newinstall"><title>Can I install  
+ Privoxy over Junkbuster?</title>
+ <para>
+   We recommend you un-install <application>Junkbuster</application>
+   first to minimize conflicts and confusion. You may want to 
+   save your old configuration files for future reference. The configuration
+   files and syntax have substantially changed, so you will need to manually
+   port your old patterns. See the <ulink url="../user-manual/upgradersnote.html">note
+   to upgraders</ulink> and <ulink url="../user-manual/installation.html">installation
+   chapter</ulink> in the <ulink url="../user-manual/index.html">User Manual</ulink>
+   for details.
+ </para>
+ <para>
+  Note: Some installers may automatically un-install
+  <application>Junkbuster</application>, if present!
+ </para>
+
+</sect2>
+-->
+
+<sect2 renderas="sect3" id="firststep">
+<title>I just installed Privoxy. Is there anything 
+special I have to do now?</title>
+
+<para>
+ All browsers should be told to use <application>Privoxy</application> 
+ as a proxy by specifying the correct proxy address and port number 
+ in the appropriate configuration area for the browser. It's possible
+ to combine &my-app; with a packet filter to intercept HTTP requests
+ even if the client isn't explicitly configured to use &my-app;,
+ but where possible, configuring the client is recommended. See 
+ <ulink url="../user-manual/startup.html">the User Manual for more
+ details</ulink>. You should also flush your browser's memory and disk
+ cache to get rid of any cached junk items, and remove any stored 
+ <ulink url="http://en.wikipedia.org/wiki/Browser_cookie">cookies</ulink>.
+
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="localhost"><title>What is the proxy address of Privoxy?</title>
+ <para>
+  If you set up the <application>Privoxy</application> to run on
+  the computer you browse from (rather than your ISP's server or some
+  networked computer on a LAN), the proxy will be on <literal>127.0.0.1</literal> 
+  (sometimes referred to as <quote>localhost</quote>,
+  which is the special name used by every computer on the Internet to refer
+  to itself) and the port will be 8118 (unless you used the <ulink
+  url="../user-manual/config.html#LISTEN-ADDRESS">listen-address</ulink>
+  config option to tell <application>Privoxy</application> to run on
+  a different port).
+ </para>
+ <para>
+  When configuring your browser's proxy settings you typically enter
+  the word <quote>localhost</quote> or the IP address <quote>127.0.0.1</quote>
+  in the boxes next to <quote>HTTP</quote> and <quote>Secure</quote> (HTTPS) and
+  then the number <quote>8118</quote> for <quote>port</quote>. 
+  This tells your browser to send all web requests to <application>Privoxy</application>
+  instead of directly to the Internet.
+ </para>
+ <para>
+  <application>Privoxy</application> can also be used to proxy for 
+  a Local Area Network. In this case, your would enter either the IP 
+  address of the LAN host where <application>Privoxy</application> 
+  is running, or the equivalent hostname, e.g. <literal>192.168.1.1</literal>.
+  Port assignment would be same as above. Note that
+  <application>Privoxy</application> doesn't listen on any LAN interfaces by
+  default.
+ </para>
+ <para>
+  <application>Privoxy</application> does not currently handle
+  any other protocols such as FTP, SMTP, IM, IRC, ICQ, etc.
+ </para>
+</sect2>
+
+<sect2 renderas="sect3" id="nothing">
+<title>I just installed Privoxy, and nothing is happening.
+All the ads are there. What's wrong?</title>
+
+<para>
+ Did you configure your browser to use <application>Privoxy</application> 
+ as a proxy? It does not sound like it. See above. You might also try flushing
+ the browser's caches to force a full re-reading of pages. You can verify 
+ that <application>Privoxy</application> is running, and your browser 
+ is correctly configured by entering the special URL: 
+ <ulink url="http://p.p/">http://p.p/</ulink>. 
+ <!-- Use http://p.p/ instead of http://config.privoxy.org/ here because
+      of potential redirect caching problem (see next Q). -->
+ This should take you to a page titled <quote>This is Privoxy..</quote> with
+ access to <application>Privoxy's</application> internal configuration.
+ If you see this, then you are good to go. If you receive a page saying 
+ <quote>Privoxy is not running</quote>, then the browser is not set up to use
+ your <application>Privoxy</application> installation.
+ If you receive anything else (probably nothing at all), it could either
+ be that the browser is not set up correctly, or that
+ <application>Privoxy</application> is not running at all. Check the <ulink
+ url="../user-manual/config.html#LOGFILE">log file</ulink>. For instructions
+ on starting <application>Privoxy</application> and browser configuration,
+ see the <ulink url="http://www.privoxy.org/user-manual/startup.html">chapter
+ on starting <application>Privoxy</application></ulink> in the
+ <ulink url="http://www.privoxy.org/user-manual/">User Manual</ulink>.
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="notused">
+<title>I get a <quote>Privoxy is not being used</quote> dummy page although
+Privoxy is running and being used.</title>
+
+<para>
+ First, make sure that Privoxy is <emphasis>really</emphasis> running and
+ being used by visiting <ulink url="http://p.p/">http://p.p/</ulink>. You
+ should see the <application>Privoxy</application> main page. If not, see
+ the <ulink url="http://www.privoxy.org/user-manual/startup.html">chapter
+ on starting <application>Privoxy</application></ulink> in the
+ <ulink url="http://www.privoxy.org/user-manual/">User Manual</ulink>.
+</para>
+
+<para>
+ Now if <ulink url="http://p.p/">http://p.p/</ulink> works for you, but
+ other parts of <application>Privoxy</application>'s web interface show
+ the dummy page, your browser has cached a redirection it encountered before
+ <application>Privoxy</application> was being used. You need to clear your
+ browser's cache. Note that shift-reloading the dummy page won't help, since
+ that'll only refresh the dummy page, not the redirection that lead you there.
+</para>
+
+<para>
+ The procedure for clearing the cache varies from browser to browser. For
+ example, <application>Mozilla/Netscape</application> users would click 
+ <guibutton>Edit</guibutton> --> <guibutton>Preferences</guibutton> -->
+ <guibutton>Advanced</guibutton> --> <guibutton>Cache</guibutton> and
+ then click both <quote><guibutton>Clear Memory Cache</guibutton></quote>
+ and <quote><guibutton>Clear Disk Cache</guibutton></quote>.
+ In some <application>Firefox</application> versions it's
+ <guibutton>Tools</guibutton> --> <guibutton>Options</guibutton> -->
+ <guibutton>Privacy</guibutton> --> <guibutton>Cache</guibutton> and
+ then click <quote><guibutton>Clear Cache Now</guibutton></quote>.
+ <!-- In my Firefox versions it's the Netscape way. fk 2007-11-19-->
+</para>
+</sect2>
+
+</sect1>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+
+<sect1 id="configuration"><title>Configuration</title>
+<sect2 renderas="sect3">
+<title id="actionsfile">What exactly is an <quote>actions</quote> file?</title>
+
+<para>
+ &my-app; utilizes the concept of <quote>
+ <ulink url="../user-manual/actions-file.html#ACTIONS">actions</ulink></quote> 
+ that are used to manipulate and control web page data.
+ <ulink url="../user-manual/actions-file.html">Actions files</ulink>
+ are where these <ulink url="../user-manual/actions-file.html#ACTIONS">actions</ulink>
+ that <application>Privoxy</application> could take while processing a certain
+ request, are configured. Typically, you would define a set of default actions
+ that apply globally to all URLs, then add exceptions to these defaults where needed.
+ There is a wide array of actions available that give the user a high degree
+ of control and flexibility on how to process each and every web page.
+</para>
+ 
+<para>
+ Actions can be defined on a <ulink
+ url="../user-manual/actions-file.html#AF-PATTERNS">URL pattern</ulink> basis, i.e.
+ for single URLs, whole web sites, groups or parts thereof etc. Actions can also be
+ grouped together and then applied to requests matching one or more patterns.
+ There are many possible actions that might apply to any given site. As an example,
+ if you are blocking <ulink url="http://en.wikipedia.org/wiki/Browser_cookie">cookies</ulink>
+ as one of your default actions, but need to accept cookies from a given site,
+ you would need to define an exception for this site in one of your actions
+ files, preferably in <filename>user.action</filename>.
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="actionss">
+<title>The <quote>actions</quote> concept confuses me. Please list 
+some of these <quote>actions</quote>.</title>
+<para>
+ For a comprehensive discussion of the actions concept, please refer
+ to the <ulink url="../user-manual/actions-file.html">actions file
+ chapter</ulink> in the <ulink url="../user-manual/index.html">User
+ Manual</ulink>. It includes a <ulink
+ url="../user-manual/actions-file.html#ACTIONS">list of all actions</ulink>
+ and an <ulink url="../user-manual/actions-file.html#ACT-EXAMPLES">actions
+ file tutorial</ulink> to get you started.
+</para>
+</sect2>
+
+
+<sect2 renderas="sect3">
+<title id="actconfig">How are actions files configured? What is the easiest
+way to do this?</title> 
+
+<para>
+ Actions files are just text files in a special syntax and can be edited
+ with a text editor. But probably the easiest way is to access
+ <application>Privoxy</application>'s user interface with your web browser
+ at <ulink url="http://config.privoxy.org/">http://config.privoxy.org/</ulink>
+ (Shortcut: <ulink url="http://p.p/">http://p.p/</ulink>) and then select
+ <quote><ulink url="http://config.privoxy.org/show-status">View &
+ change the current configuration</ulink></quote> from the menu. Note 
+ that this feature must be explicitly enabled in the main config file 
+ (see <ulink
+ url="../user-manual/config.html#ENABLE-EDIT-ACTIONS">enable-edit-actions</ulink>).
+</para>
+</sect2>
+
+
+<sect2 renderas="sect3">
+<title>There are several different <quote>actions</quote> files. What are
+the differences?</title>
+<para>
+ Three actions files 
+ are being included by the developers, to be used for 
+ different purposes: These are 
+ <filename>default.action</filename>, the <quote>main</quote> actions file
+ which is actively maintained by the <application>Privoxy</application>
+ developers and typically sets the default policies, <filename>user.action</filename>,
+ where users are encouraged to make their private customizations.
+ Please see <ulink url="../user-manual/actions-file.html">the actions chapter</ulink>
+ in the <ulink url="../user-manual/index.html">User Manual</ulink> for a more
+ detailed explanation.
+</para>
+
+<para>
+ Earlier versions included three different versions of the 
+ <filename>default.action</filename> file. The new scheme allows for 
+ greater flexibility of local configuration, and for browser based 
+ selection of pre-defined <quote>aggressiveness</quote> levels.
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="getupdates"><title>Where can I get updated Actions Files?</title>
+ <para>
+  Based on your feedback and the continuing development, updates of 
+  <filename>default.action</filename> will be
+  made available from time to time on the <ulink
+  url="http://sourceforge.net/project/showfiles.php?group_id=11118">files section</ulink> of
+  our <ulink url="http://sf.net/projects/ijbswa/">project page</ulink>.
+ </para>
+
+ <para>
+  If you wish to receive an email notification whenever we release updates of
+  <application>Privoxy</application> or the actions file, <ulink
+  url="http://lists.sourceforge.net/lists/listinfo/ijbswa-announce/">subscribe
+  to our announce mailing list</ulink>, ijbswa-announce at lists.sourceforge.net.
+ </para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="newconfig"><title>Can I use my old config files?</title>
+ <para>
+  The syntax and purpose of configuration files has remained roughly the
+  same throughout the 3.x series, but backwards compatibility is not guaranteed.
+  Also each release contains updated, <quote>improved</quote> versions and it is
+  therefore strongly recommended to install the newer configuration files
+  and merge back your modifications.
+ </para>
+</sect2>
+
+<sect2 renderas="sect3" id="difficult">
+<title>Why is the configuration so complicated?</title>
+ <para>
+  <quote>Complicated</quote> is in the eye of the beholder. Those that are 
+  familiar with some of the underlying concepts, such as regular expression
+  syntax, take to it like a fish takes to water. Also, software that tries
+  hard to be <quote>user friendly</quote>, often lacks sophistication and
+  flexibility. There is always that trade-off there between power vs.
+  easy-of-use. Furthermore, anyone is welcome to contribute ideas and
+  implementations to enhance &my-app;. 
+ </para>
+</sect2>
+
+<sect2 renderas="sect3" id="yahoo"><title>How can I make my Yahoo/Hotmail/Gmail account work?</title>
+ <para>
+  The default configuration shouldn't impact the usability of any of these services.
+  It may, however, make all <ulink 
+ url="http://en.wikipedia.org/wiki/Browser_cookie">cookies</ulink> 
+  temporary, so that your browser will forget your
+  login credentials in between browser sessions. If you would like not to have to log
+  in manually each time you access those websites, simply turn off all cookie handling
+  for them in the <filename>user.action</filename> file. An example for yahoo might
+  look like:
+ </para>
+ <para>
+  <screen># Allow all cookies for Yahoo login:
+#
+{ -<ulink url="../user-manual/actions-file.html#CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</ulink> -<ulink url="../user-manual/actions-file.html#CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</ulink> -<ulink url="../user-manual/actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</ulink> }
+.login.yahoo.com</screen>
+ </para>
+ <para>
+  These kinds of sites are often quite complex and heavy with 
+  <ulink url="http://en.wikipedia.org/wiki/Javascript">Javascript</ulink> and 
+  thus <quote>fragile</quote>. So if <emphasis>still</emphasis> a problem, 
+  we have an <ulink
+  url="../user-manual/actions-file.html#ALIASES">alias</ulink> just for such
+  sticky situations:
+ </para>
+ <para>
+  <screen># Gmail is a _fragile_ site:
+#
+{ <literal>fragile</literal> }
+ # Gmail is ...
+ mail.google.com</screen>
+ </para>
+ <para>
+  Be sure to flush your browser's caches whenever making these kinds of
+  changes, just to make sure the changes <quote>take</quote>.
+ </para>
+ <para>
+  Make sure the domain, host and path are appropriate as well. Your browser can
+  tell you where you are specifically and you should use that information for 
+  your configuration settings. Note that above it is not referenced as 
+  <literal>gmail.com</literal>, which is a valid domain name.
+ </para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="configfiles"> <title>What's the difference between the
+<quote>Cautious</quote>, <quote>Medium</quote> and <quote>Advanced</quote> defaults?</title>
+ <para>
+  Configuring <application>Privoxy</application> is not entirely trivial. To
+  help you get started, we provide you with three different default action
+  <quote>profiles</quote> in the web based actions file editor at <ulink
+  url="http://config.privoxy.org/show-status">http://config.privoxy.org/show-status</ulink>.
+  See the <ulink url="../user-manual/actions-file.html"><citetitle>User
+  Manual</citetitle></ulink> for a list of actions, and how the default 
+  profiles are set.
+ </para>
+
+<para>
+ Where the defaults are likely to break some sites, exceptions for
+ known popular <quote>problem</quote> sites are included, but in
+ general, the more aggressive your default settings are, the more exceptions
+ you will have to make later. New users are best to start off in 
+ <quote>Cautious</quote> setting. This is safest and will have the fewest 
+ problems. See the <ulink
+ url="../user-manual/index.html"><citetitle>User Manual</citetitle></ulink>
+ for a more detailed discussion.
+</para>
+
+<para>
+ It should be noted that the <quote>Advanced</quote> profile (formerly known 
+ as the <quote>Adventuresome</quote> profile) is more
+ aggressive, and will make use of some of 
+ <application>Privoxy's</application> advanced features. Use at your own risk!
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="browseconfig"> <title>Why can I change the configuration 
+with a browser? Does that not raise security issues?</title>
+ <para>
+  It may seem strange that regular users can edit the config files with their
+  browsers, although the whole <filename>/etc/privoxy</filename> hierarchy
+  belongs to the user <quote>privoxy</quote>, with only 644 permissions.
+ </para>
+ <para>
+  When you use the browser-based editor, <application>Privoxy</application>
+  itself is writing to the config files.  Because
+  <application>Privoxy</application> is running as the user <quote>privoxy</quote>,
+  it can update its own config files.
+ </para>
+ <para>
+  If you run <application>Privoxy</application> for multiple untrusted users (e.g. in
+  a LAN) or aren't entirely in control of your own browser, you will probably want
+  to make sure that the the web-based editor and remote toggle features are
+  <quote>off</quote> by setting <quote><literal><ulink
+  url="../user-manual/config.html#ENABLE-EDIT-ACTIONS">enable-edit-actions</ulink>
+  0</literal></quote> and <quote><literal><ulink
+  url="../user-manual/config.html#ENABLE-REMOTE-TOGGLE">enable-remote-toggle</ulink>
+  0</literal></quote> in the <ulink url="../user-manual/config.html">main configuration file</ulink>.
+ </para>
+ <para>
+  As of &my-app; 3.0.7 these options are disabled by default.
+ </para>
+</sect2>
+
+
+<sect2 renderas="sect3">
+<title id="filterfile">What is the <filename>default.filter</filename> file? What is a <quote>filter</quote>?</title>
+<para>
+ The <ulink url="../user-manual/filter-file.html"><filename>default.filter</filename></ulink>
+ file is where <emphasis>filters</emphasis> as supplied by the developers are defined.
+ Filters are a special subset of actions that can be used to modify or
+ remove web page content or headers on the fly. Content filters can
+ be applied to <emphasis>anything</emphasis> in the page source,
+ header filters can be applied to either server or client headers.
+ Regular expressions are used to accomplish this.
+</para>
+<para>
+ There are a number of pre-defined filters to deal with common annoyances. The
+ filters are only defined here, to invoke them, you need to use the
+ <ulink
+ url="../user-manual/actions-file.html#FILTER"><literal>filter</literal>
+ action</ulink> in one of the actions files. Content filtering is automatically
+ disabled for inappropriate MIME types, but if you now better than Privoxy
+ what should or should not be filtered you can filter any content you like.
+</para>
+<para>
+ Filters should
+ <emphasis>not</emphasis> be confused with <ulink
+ url="../user-manual/actions-file.html#BLOCK"><literal>blocks</literal></ulink>, which
+ is a completely different action, and is more typically used to block ads and
+ unwanted sites.
+</para>
+
+<para>
+ If you are familiar with regular expressions, and HTML, you can look at 
+ the provided <filename>default.filter</filename> with a text editor and define
+ your own filters.  This is potentially a very powerful feature, but
+ requires some expertise in both regular expressions and HTML/HTTP. 
+ <![%p-newstuff;[ You should 
+ place any modifications to the default filters, or any new ones you create 
+ in a separate file, such as <filename>user.filter</filename>, so they won't 
+ be overwritten during upgrades. 
+ The ability to define multiple filter files 
+ in <filename>config</filename> is a new feature as of v. 3.0.5.]]>
+</para>
+
+<para>
+ There is no GUI editor option for this part of the configuration, 
+ but you can disable/enable the various pre-defined filters of the included 
+ <filename>default.filter</filename> file with the <ulink
+ url="http://config.privoxy.org/show-status">web-based actions file editor</ulink>.
+ Note that the custom actions editor must be explicitly enabled in
+ the main config file (see <ulink
+ url="../user-manual/config.html#ENABLE-EDIT-ACTIONS">enable-edit-actions</ulink>).
+</para>
+
+<para>
+ If you intend to develop your own filters, you might want to have a look at
+ <ulink
+ url="http://www.fabiankeil.de/sourcecode/pft/">Privoxy-Filter-Test</ulink>.
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="lanconfig">
+<title>How can I set up Privoxy to act as a proxy for my 
+ LAN?</title>
+<para>
+ By default, <application>Privoxy</application> only responds to requests 
+ from <literal>127.0.0.1</literal> (localhost). To have it act as a server for
+ a network, this needs to be changed in the <ulink
+ url="../user-manual/config.html">main configuration file</ulink>. Look for
+ the <literal><ulink
+ url="../user-manual/config.html#LISTEN-ADDRESS">listen-address</ulink></literal>
+ option, which may be commented out with a <quote>#</quote> symbol. Make sure
+ it is uncommented, and assign it the address of the LAN gateway interface,
+ and port number to use. Assuming your LAN address is 192.168.1.1 and you
+ wish to run <application>Privoxy</application> on port 8118, this line
+ should look like:
+</para>
+
+<para>
+ <screen>
+  listen-address  192.168.1.1:8118</screen>
+</para>
+
+<para>
+ Save the file, and restart <application>Privoxy</application>. Configure 
+ all browsers on the network then to use this address and port number.
+</para>
+
+<para>
+ Alternately, you can have <application>Privoxy</application> listen on 
+ all available interfaces:
+</para>
+
+<para>
+ <screen>
+  listen-address    :8118</screen>
+</para>
+
+<para>
+ And then use <application>Privoxy's</application> 
+ <ulink
+ url="../user-manual/config.html#PERMIT-ACCESS">permit-access</ulink> 
+ feature to limit connections. A firewall in this situation is recommended 
+ as well.
+</para>
+
+<para>
+ The above steps should be the same for any TCP network, regardless of
+ operating system.
+</para>
+
+<para>
+ If you run <application>Privoxy</application> on a LAN with untrusted users,
+ we recommend that you double-check the <ulink
+ url="../user-manual/config.html#ACCESS-CONTROL">access control and security</ulink>
+ options!
+</para>
+
+</sect2>
+
+
+<sect2 renderas="sect3">
+<title id="noseeum">Instead of ads, now I get a checkerboard pattern. I don't want to see anything.</title>
+<para>
+ The replacement for blocked images can be controlled with the <ulink
+ url="../user-manual/actions-file.html#SET-IMAGE-BLOCKER"><literal>set-image-blocker</literal>
+ action</ulink>. You have the choice of a checkerboard pattern, a transparent 1x1 GIF
+ image (aka <quote>blank</quote>), or a redirect to a custom image of your choice.
+ Note that this choice only has effect for images which are blocked as images, i.e.
+ whose URLs match both a <literal><ulink
+ url="../user-manual/actions-file.html#HANDLE-AS-IMAGE">handle-as-image</ulink></literal>
+ <emphasis>and</emphasis> <literal><ulink
+ url="../user-manual/actions-file.html#BLOCK">block</ulink></literal> action.
+</para>
+<para>
+ If you want to see nothing, then change the <ulink
+ url="../user-manual/actions-file.html#SET-IMAGE-BLOCKER"><literal>set-image-blocker</literal>
+ action</ulink> to <quote>blank</quote>. This can be done by editing the 
+ <filename>user.action</filename> file, or through the <ulink
+ url="http://config.privoxy.org/show-status">web-based actions file editor</ulink>.
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3">
+<title id="whyseeum">Why would anybody want to see a checkerboard pattern?</title>
+<para>
+ Remember that <link linkend="whatsanad">telling which image is an ad and which
+ isn't</link>, is an educated guess. While we hope that the standard configuration
+ is rather smart, it will make occasional mistakes. The checkerboard image is visually
+ decent, and it shows you where images have been blocked, which can be very
+ helpful in case some navigation aid or otherwise innocent image was
+ erroneously blocked. It is recommended for new users so they can 
+ <quote>see</quote> what is happening. Some people might also enjoy seeing how
+ many banners they <emphasis>don't</emphasis> have to see.
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3">
+<title id="blockedbytext">I see some images being replaced with text
+instead of the checkerboard image. Why and how do I get rid of this?</title>
+<para>
+ This happens when the banners are not embedded in the HTML code of the
+ page itself, but in separate HTML (sub)documents that are loaded into (i)frames
+ or (i)layers, and these external HTML documents are blocked. Being non-images
+ they get replaced by a substitute HTML page rather than a substitute image,
+ which wouldn't work out technically, since the browser expects and accepts
+ only HTML when it has requested an HTML document. 
+</para>
+<para>
+ The substitute page adapts to the available space and shows itself as a
+ miniature two-liner if loaded into small frames, or full-blown with a
+ large red "BLOCKED" banner if space allows.
+</para>
+<para>
+ If you prefer the banners to be blocked by images, you must see to it that
+ the HTML documents in which they are embedded are not blocked. Clicking
+ the <quote>See why</quote> link offered in the substitute page will show
+ you which rule blocked the page. After changing the rule and un-blocking
+ the HTML documents, the browser will try to load the actual banner images
+ and the usual image blocking will (hopefully!) kick in.
+</para>
+</sect2>
+
+
+<sect2 renderas="sect3" id="srvany">
+<title>Can Privoxy run as a service 
+on Win2K/NT/XP?</title>
+<para>
+<![%p-newstuff;[
+ Yes. Version 3.0.5 introduces full <application>Windows</application> service
+ functionality. See <ulink url="../user-manual/installation.html#installation-pack-win">
+ the <citetitle>User Manual</citetitle></ulink> for details on how to install and configure 
+ <application>Privoxy</application> as a service.
+</para> 
+<para>
+ Earlier ]]>3.x versions could run as a system service using <command>srvany.exe</command>.
+ See the discussion at <ulink
+ url="http://sourceforge.net/tracker/?func=detail&atid=361118&aid=485617&group_id=11118">http://sourceforge.net/tracker/?func=detail&atid=361118&aid=485617&group_id=11118</ulink>,
+ for details, and a sample configuration.
+</para>
+</sect2>
+
+
+<sect2 renderas="sect3" id="otherproxy">
+<title>How can I make Privoxy work with other 
+proxies like Squid or Tor?</title>
+<para>
+ This can be done and is often useful to combine the benefits of
+ <application>Privoxy</application> with those of a another proxy.
+ See the <ulink
+ url="../user-manual/config.html#FORWARDING">forwarding chapter</ulink>
+ in the <ulink url="../user-manual/index.html">User Manual</ulink> which
+ describes how to do this, and the <link linkend="TOR">
+ How do I use Privoxy together with 
+ Tor</link> section below.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="port-80">
+<title>Can I just set Privoxy to use port 80
+and thus avoid individual browser configuration?</title>
+
+<para>
+ No, its more complicated than that. This only works with special kinds 
+ of proxies known as <quote>intercepting</quote> proxies (see below).
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="transparent">
+<title>Can Privoxy run as a <quote>transparent
+</quote> proxy?</title>
+<para>
+ The whole idea of Privoxy is to modify client requests
+ and server responses in all sorts of ways and therefore
+ it's not a transparent proxy as described in
+ <ulink url="http://tools.ietf.org/html/rfc2616">RFC 2616</ulink>.
+</para>
+<para>
+ However, some people say <quote>transparent proxy</quote> when they
+ mean <quote>intercepting proxy</quote>. If you are one of them,
+ please read the <ulink url="#intercepting">next entry</ulink>.
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="intercepting">
+<title>Can Privoxy run as a <quote>intercepting</quote> proxy?</title>
+<para>
+ <application>Privoxy</application> can't intercept traffic itself,
+  but it can handle requests that where intercepted and redirected
+  with a packet filter (like <application>PF</application> or
+  <application>iptables</application>), as long as the <literal>Host</literal>
+  header is present. 
+  </para>
+<para>
+  As the <literal>Host</literal> header is required by HTTP/1.1 and as most
+  web sites rely on it anyway, this limitation shouldn't be a problem.
+</para>
+<para>
+  Please refer to your packet filter's documentation to learn how to
+  intercept and redirect traffic into <application>Privoxy</application>.
+  Afterward you just have to configure <application>Privoxy</application> to
+  <ulink url="../user-manual/config.html#ACCEPT-INTERCEPTED-REQUESTS">accept
+  intercepted requests</ulink>.
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="outlook">
+<title>How can I configure Privoxy for use with Outlook?</title>
+<para>
+ Versions of <application>Outlook</application> prior to Office 2007, use
+ <application>Internet Explorer</application> components to both render HTML,
+ and fetch any HTTP requests that may be embedded in an HTML email. So however
+ you have <application>Privoxy</application> configured to work with IE, this
+ configuration should automatically be shared, at least with older version of
+ Internet Explorer.
+</para>
+<para>
+ Starting with Office 2007, Microsoft is instead using the MS-Word rendering
+ engine with Outlook. It is unknown whether this can be configured to use a
+ proxy.
+ <!-- FIXME HB 2009-02-15 -->
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="outlook-more">
+<title>How can I have separate rules just for HTML mail?</title>
+<para>
+ The short answer is, you can't. <application>Privoxy</application> has no way
+ of knowing which particular application makes a request, so there is no way to
+ distinguish between web pages and HTML mail.
+ <application>Privoxy</application> just blindly proxies all requests. In the
+ case of <application>Outlook Express</application> (see above), OE uses 
+ IE anyway, and there is no way for <application>Privoxy</application> to ever 
+ be able to distinguish between them (nor could any other proxy type application for
+ that matter).
+</para>
+<para>
+ For a good discussion of some of the issues involved (including privacy and 
+ security issues), see 
+ <ulink url="http://sourceforge.net/tracker/?func=detail&atid=211118&aid=629518&group_id=11118">http://sourceforge.net/tracker/?func=detail&atid=211118&aid=629518&group_id=11118</ulink>.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="sneaky-cookies">
+<title>I sometimes notice cookies sneaking through. How?</title>
+<para>
+ <ulink
+ url="http://en.wikipedia.org/wiki/Browser_cookie">Cookies</ulink> can be 
+ set in several ways. The classic method is via the 
+ <literal>Set-Cookie</literal> HTTP header. This is straightforward, and an
+ easy one to manipulate, such as the &my-app; concept of 
+ <ulink url="../user-manual/actions-file.html#SESSION-COOKIES-ONLY">session-cookies-only</ulink>.
+ There is also the possibility of using 
+  <ulink url="http://en.wikipedia.org/wiki/Javascript">Javascript</ulink> to
+ set cookies (&my-app; calls these <literal>content-cookies</literal>). This
+ is trickier because the syntax can vary widely, and thus requires a certain
+ amount of guesswork. It is not realistic to catch all of these short of
+ disabling Javascript, which would break many sites. And lastly, if the
+ cookies are embedded in a HTTPS/SSL secure session via Javascript, they are beyond
+ <application>Privoxy's</application> reach.
+</para>
+<para>
+ All in all, &my-app; can help manage cookies in general, can help minimize
+ the loss of privacy posed by cookies, but can't realistically stop all
+ cookies.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="evil-cookies">
+<title>Are all cookies bad? Why?</title>
+<para>
+ No, in fact there are many beneficial uses of 
+ <ulink
+ url="http://en.wikipedia.org/wiki/Browser_cookie">cookies</ulink>. Cookies are just a
+ method that browsers can use to store data between pages, or between browser
+ sessions. Sometimes there is a good reason for this, and the user's life is a
+ bit easier as a result. But there is a long history of some websites taking
+ advantage of this layer of trust, and using the data they glean from you and 
+ your browsing habits for their own purposes, and maybe to your potential
+ detriment. Such sites are using you and storing their data on your system.
+ That is why the privacy conscious watch from whom those cookies come, and why
+ they really <emphasis>need</emphasis> to be there.
+</para>
+<para>
+  See the 
+   <ulink url="http://en.wikipedia.org/wiki/Browser_cookie">Wikipedia cookie
+  definition</ulink> for more.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="allow-cookies">
+<title>How can I allow permanent cookies for my trusted sites?</title>
+
+<para>
+  There are several actions that relate to cookies. The default behavior is to 
+  allow only <quote>session cookies</quote>, which means the cookies only last
+  for the current browser session. This eliminates most kinds of abuse related 
+  to cookies. But there may be cases where you want cookies to last.
+</para>
+<para>
+  To disable all cookie actions, so that cookies are allowed unrestricted,
+  both in and out, for <literal>example.com</literal>: 
+</para>
+<para>
+ <screen>
+ { -crunch-incoming-cookies -crunch-outgoing-cookies -session-cookies-only -filter{content-cookies} }
+  .example.com</screen>
+</para>
+<para>
+ Place the above in <filename>user.action</filename>. Note that some of these may
+ be off by default anyway, so this might be redundant, but there is no harm
+ being explicit in what you want to happen. <filename>user.action</filename>
+ includes an alias for this situation, called
+ <literal>allow-all-cookies</literal>.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="multiples">
+<title>Can I have separate configurations for different users?</title>
+<para>
+ Each instance of <application>Privoxy</application> has its own
+ configuration, including such attributes as the TCP port that it listens on.
+ What you can do is run multiple instances of <application>Privoxy</application>, each with 
+ a unique 
+ <ulink url="../user-manual/config.html#LISTEN-ADDRESS">listen-address</ulink>
+ configuration setting, and configuration path, and then
+ each of these can have their own configurations. Think of it as per-port
+ configuration.
+</para>
+<para> 
+ Simple enough for a few users, but for large installations, consider having
+ groups of users that might share like configurations.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="whitelists">
+<title>Can I set-up Privoxy as a whitelist of
+<quote>good</quote> sites?</title>
+<para>
+ Sure. There are a couple of things you can do for simple white-listing.
+ Here's one real easy one:
+</para>
+ <screen>
+ ############################################################
+ # Blacklist
+ ############################################################
+ { <ulink url="../user-manual/actions-file.html#BLOCK">+block</ulink> }
+ / # Block *all* URLs
+ 
+ ############################################################
+ # Whitelist
+ ############################################################
+ { <ulink url="../user-manual/actions-file.html#BLOCK">-block</ulink> }
+  kids.example.com
+  toys.example.com
+  games.example.com</screen>
+<para>
+ This allows access to only those three sites by first blocking all URLs, and 
+ then subsequently allowing three specific exceptions.
+</para>
+<para>
+ Another approach is <application>Privoxy's</application> 
+ <literal>trustfile</literal> concept, which incorporates the notion of 
+ <quote>trusted referrers</quote>. See the <ulink
+ url="../user-manual/config.html#TRUSTFILE">Trust documentation</ulink>
+ for details.
+</para>
+<para>
+ These are fairly simple approaches and are not completely foolproof. There
+ are various other configuration options that should be disabled (described
+ elsewhere here and in <ulink url="../user-manual/">the User Manual</ulink>)
+ so that users can't modify their own configuration and easily circumvent the
+ whitelist.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="no-adblock">
+<title>How can I turn off ad-blocking?</title>
+<para>
+ Ad blocking is achieved through a complex application of various &my-app; 
+ <ulink url="../user-manual/actions-file.html">actions</ulink>. These 
+ actions are deployed against simple images, banners, flash animations, 
+ text pages, JavaScript, pop-ups and pop-unders, etc., so its not as simple as
+ just turning one or two actions off. The various actions that make up
+ &my-app; ad blocking are hard-coded into the default configuration files. It
+ has been assumed that everyone using &my-app; is interested in this
+ particular feature. 
+ </para>
+ <para>
+ If you want to do without this, there are several approaches you can take:
+ You can manually undo the many block rules in
+ <filename>default.action</filename>. Or even easier, just create your own
+ <filename>default.action</filename> file from scratch without the many ad
+ blocking rules, and corresponding exceptions. Or lastly, if you are not
+ concerned about the additional blocks that are done for privacy reasons, you
+ can very easily over-ride <emphasis>all</emphasis> blocking with the
+ following very simple rule in your <filename>user.action</filename>: 
+ </para>
+ <para>
+ <screen>
+ # Unblock everybody, everywhere
+ { <ulink url="../user-manual/actions-file.html#BLOCK">-block</ulink> }
+ / # UN-Block *all* URLs</screen>
+</para>
+<para> 
+ Or even a more comprehensive reversing of various ad related actions:
+</para>
+<para>
+ <screen>
+ # Unblock everybody, everywhere, and turn off appropriate filtering, etc
+ { <ulink url="../user-manual/actions-file.html#BLOCK">-block</ulink> \
+  <ulink url="../user-manual/actions-file.html#FILTER-BANNERS-BY-SIZE">-filter{banners-by-size}</ulink> \
+  <ulink url="../user-manual/actions-file.html#FILTER-BANNERS-BY-LINK">-filter{banners-by-link}</ulink> \
+  <literal>allow-popups</literal> \
+ }
+ / # UN-Block *all* URLs and allow ads</screen>
+</para>
+<para>
+ This last <quote>action</quote> in this compound statement,
+ <literal>allow-popups</literal>, is an <ulink
+ url="../user-manual/actions-file.html#ALIASES">alias</ulink> that disables
+ various pop-up blocking features.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="templates">
+<title>How can I have custom template pages, like the 
+<emphasis>BLOCKED</emphasis> page?</title>
+<para>
+ &my-app; <quote>templates</quote> are specialized text files utilized by
+ &my-app; for various purposes and can easily be modified using any text
+ editor. All the template pages are installed in a sub-directory appropriately
+ named: <filename>templates</filename>.  Knowing something about HTML syntax
+ will of course be helpful.
+</para>
+<para>
+ Be forewarned that the default templates are subject to being overwritten
+ during upgrades. You can, however, create completely new templates,
+ place them in another directory and specify the alternate path in the main
+ <filename>config</filename>. For details, have a look at the <ulink
+ url="../user-manual/config.html#templdir">templdir</ulink> option. 
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="blockall">
+<title>How can I remove the <quote>Go There Anyway</quote> link from 
+the <emphasis>BLOCKED</emphasis> page?</title>
+<para>
+ There is more than one way to do it (although Perl is not involved).
+</para>
+<para>
+ Editing the BLOCKED template page (see above) may dissuade some users, but
+ this method is easily circumvented. Where you need this level of control, you
+ might want to build &my-app; from source, and disable various features that are
+ available as compile-time options. You should 
+ <command>configure</command> the sources as follows:
+</para>
+<para>
+ <screen>
+ ./configure  --disable-toggle  --disable-editor  --disable-force</screen>
+</para>
+<para>
+ This will create an executable with hard-coded security features so that
+ &my-app; does not allow easy bypassing of blocked sites, or changing the
+ current configuration via any connected user's web browser.
+</para>
+<para>
+ Finally, all of these features can also be toggled on/off via options in
+ <application>Privoxy's</application> main  <ulink
+ url="../user-manual/config.html#ACCESS-CONTROL">config</ulink> file which
+ means you don't have to recompile anything.
+</para>
+</sect2>
+
+</sect1>
+
+<!--  ~  End section  ~  -->
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+
+<sect1 id="misc"><title>Miscellaneous</title>
+
+<sect2 renderas="sect3">
+<title id="slowsme">How much does Privoxy slow my browsing down? This 
+has to add extra time to browsing.</title>
+<para>
+ How much of an impact depends on many things, including the CPU of the host
+ system, how aggressive the configuration is, which specific actions are being triggered, 
+ the size of the page, the bandwidth of the connection, etc.
+</para>
+<para>
+ Overall, it should not slow you down any in real terms, and may actually help 
+ speed things up since ads, banners and other junk are not typically being
+ retrieved and displayed. The actual processing time required by
+ <application>Privoxy</application> itself for each page, is relatively small
+ in the overall scheme of things, and happens very quickly. This is typically
+ more than offset by time saved not downloading and rendering ad images and
+ other junk content (if ad blocking is being used).
+</para>
+
+<para>
+ <quote>Filtering</quote> content via the <literal><ulink
+ url="../user-manual/actions-file.html#FILTER">filter</ulink></literal> or
+ <literal><ulink
+ url="../user-manual/actions-file.html#DEANIMATE-GIFS">deanimate-gifs</ulink></literal>
+ actions may cause a perceived slowdown, since the entire document
+ needs to be buffered before displaying. And on very large documents,
+ filtering may have some measurable impact. How much depends on the page size,
+ the actual definition of the filter(s), etc. See below. Most other actions
+ have little to no impact on speed.
+</para>
+<para>
+ Also, when filtering is enabled but zlib support isn't available, compression
+ is often disabled (see <ulink
+ url="../user-manual/actions-file.html#PREVENT-COMPRESSION">prevent-compression</ulink>).
+ This can have an impact on speed as well, although it's probably smaller than
+ you might think. Again, the page size, etc. will determine how much of an impact.
+</para>
+
+</sect2>
+
+
+<sect2 renderas="sect3" id="loadingtimes"><title>I notice considerable
+delays in page requests. What's wrong?</title>
+<para>
+ If you use any <literal><ulink
+ url="../user-manual/actions-file.html#FILTER">filter</ulink></literal> action,
+ such as filtering banners by size, web-bugs etc, or the <literal><ulink
+ url="../user-manual/actions-file.html#DEANIMATE-GIFS">deanimate-gifs</ulink></literal>
+ action, the entire document must be loaded into memory in order for the filtering 
+ mechanism to work, and nothing is sent to the browser during this time.
+</para>
+<para>
+ The loading time typically does not really change much in real numbers, but
+ the feeling is different, because most browsers are able to start rendering
+ incomplete content, giving the user a feeling of "it works". This effect is
+ more noticeable on slower dialup connections. Extremely large documents
+ may have some impact on the time to load the page where there is filtering
+ being done. But overall, the difference should be very minimal. If there is a
+ big impact, then probably some other situation is contributing (like
+ anti-virus software).
+ </para>
+<para>
+ Filtering is automatically disabled for inappropriate MIME types. But note 
+ that if the web server mis-reports the MIME type, then content that should
+ not be filtered, could be. <application>Privoxy</application> only knows how
+ to differentiate filterable content because of the MIME type as reported by
+ the server, or because of some configuration setting that enables/disables
+ filtering.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="configurl"><title>What are "http://config.privoxy.org/" and
+"http://p.p/"?</title>
+<para>
+ <ulink url="http://config.privoxy.org/">http://config.privoxy.org/</ulink> is the
+ address of <application>Privoxy</application>'s built-in user interface, and 
+ <ulink url="http://p.p/">http://p.p/</ulink> is a shortcut for it.
+</para>
+<para>
+ Since <application>Privoxy</application> sits between your web browser and the Internet, 
+ it can simply intercept requests for these addresses and answer them with its built-in
+ <quote>web server</quote>.
+</para>
+<para>
+ This also makes for a good test for your browser configuration: If entering the
+ URL <ulink url="http://config.privoxy.org/">http://config.privoxy.org/</ulink>
+ takes you to a page saying <quote>This is Privoxy ...</quote>, everything is OK.
+ If you get a page saying <quote>Privoxy is not working</quote> instead, then
+ your browser didn't use <application>Privoxy</application> for the request,
+ hence it could not be intercepted, and you have accessed the <emphasis>real</emphasis>
+ web site at config.privoxy.org.
+</para>
+
+</sect2>
+
+<!--
+ out of date 09/02/06 HB
+<sect2 renderas="sect3" id="blocklist"><title>Do you still maintain the blocklists?</title>
+ <para>
+  No. The patterns for blocking now reside (among other things) in the <ulink
+  url="../user-manual/actions-file.html">actions files</ulink>, which are 
+  actively maintained instead. See next question ...
+</para>
+</sect2>
+-->
+<sect2 renderas="sect3" id="newads"><title>How can I submit new ads, or report
+problems?</title>
+<para>
+Please see the <link linkend="contact">Contact section</link> for
+various ways to interact with the developers.
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="newads2"><title>If I do submit missed ads, will 
+they be included in future updates?</title>
+<para>
+ Whether such submissions are eventually included in the
+ <filename>default.action</filename> configuration file depends on how 
+ significant the issue is. We of course want to address any potential 
+ problem with major, high-profile sites such as <citetitle>Google</citetitle>, 
+ <citetitle>Yahoo</citetitle>, etc. Any site with global or regional reach, 
+ has a good chance of being a candidate. But at the other end of the spectrum
+ are any number of smaller, low-profile sites such as for local clubs or
+ schools. Since their reach and impact are much less, they are best handled by
+ inclusion in the user's <filename>user.action</filename>, and thus would be
+ unlikely to be included. 
+</para>
+
+</sect2>
+
+
+<sect2 renderas="sect3" id="noonecares"><title>Why doesn't anyone answer my support 
+request?</title>
+<para>
+Rest assured that it has been read and considered. Why it is not answered,
+could be for various reasons, including no one has a good answer for it, no
+one has had time to yet investigate it thoroughly, it has been reported
+numerous times already, or because not enough information was provided to help
+us help you. Your efforts are not wasted, and we do appreciate them.
+</para>
+
+</sect2>
+
+
+<sect2 renderas="sect3" id="ip"><title>How can I hide my IP address?</title>
+<para>
+ If you run both the browser and &my-app; locally, you cannot hide your IP
+ address with <application>Privoxy</application> or ultimately any other
+ software alone. The server needs to know your IP address so that it knows
+ where to send the responses back. 
+</para>
+<para>
+ There are many publicly usable "anonymous" proxies out there, which
+ provide a further level of indirection between you and the web server.
+</para>
+<para>
+ However, these proxies are called "anonymous" because you don't need
+ to authenticate, not because they would offer any real anonymity.
+ Most of them will log your IP address and make it available to the
+ authorities in case you violate the law of the country they run in. In fact
+ you can't even rule out that some of them only exist to *collect* information
+ on (those suspicious) people with a more than average preference for privacy.
+</para>
+<para>
+ If you want to hide your IP address from most adversaries,
+ you should consider chaining <application>Privoxy</application>
+ with <ulink url="https://www.torproject.org/">Tor</ulink>.
+ The configuration details can be found in
+ <ulink url="#TOR">How do I use <application>Privoxy</application> together
+ with <application>Tor</application> section</ulink>
+ just below.
+</para>
+</sect2>
+
+<sect2 renderas="sect3">
+<title id="anonforsure">Can Privoxy guarantee I am anonymous?</title>
+<para>
+ No. Your chances of remaining anonymous are improved, but unless you
+ <ulink url="#TOR">chain <application>Privoxy</application> with <application>Tor</application></ulink>
+ or a similar proxy and know what you're doing when it comes to configuring
+ the rest of your system, you should assume that everything you do
+ on the Web can be traced back to you.
+</para>
+<para>
+ <application>Privoxy</application> can remove various information about you,
+ and allows <emphasis>you</emphasis> more freedom to decide which sites 
+ you can trust, and what details you want to reveal. But it neither 
+ hides your IP address, nor can it guarantee that the rest of the system
+ behaves correctly. There are several possibilities how a web sites can find
+ out who you are, even if you are using a strict <application>Privoxy</application>
+ configuration and chained it with <application>Tor</application>.
+</para>
+<para>
+ Most of <application>Privoxy's</application> privacy-enhancing features can be easily subverted
+ by an insecure browser configuration, therefore you should use a browser that can
+ be configured to only execute code from trusted sites, and be careful which sites you trust.
+ For example there is no point in having <application>Privoxy</application>
+ modify the User-Agent header, if websites can get all the information they want
+ through JavaScript, ActiveX, Flash, Java etc.
+</para>
+<para>
+ A few browsers disclose the user's email address in certain situations, such
+ as when transferring a file by FTP. <application>Privoxy</application>
+ does not filter FTP. If you need this feature, or are concerned about the
+ mail handler of your browser disclosing your email address, you might
+ consider products such as <application>NSClean</application>.
+</para>
+<para>
+ Browsers available only as binaries could use non-standard headers to give
+ out any information they can have access to: see the manufacturer's license
+ agreement. It's impossible to anticipate and prevent every breach of privacy
+ that might occur. The professionally paranoid prefer browsers available as
+ source code, because anticipating their behavior is easier. Trust the source,
+ Luke!
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3">
+<title id="proxytest">A test site says I am not using a Proxy.</title>
+<para>
+ Good! Actually, they are probably testing for some other kinds of proxies.
+ Hiding yourself completely would require additional steps.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="tor"><title>How do I use Privoxy
+ together with Tor?</title>
+<para>
+ Before you configure <application>Privoxy</application> to use
+ <ulink url="https://www.torproject.org/">Tor</ulink>,
+ please follow the <citetitle>User Manual</citetitle> chapters
+ <ulink url="../user-manual/installation.html">2. Installation</ulink> and
+ <ulink url="../user-manual/startup.html">5. Startup</ulink> to make sure
+ <application>Privoxy</application> itself is setup correctly.
+</para>
+<para> 
+ If it is, refer to <ulink url="https://www.torproject.org/documentation.html">Tor's
+ extensive documentation</ulink> to learn how to install <application>Tor</application>,
+ and make sure <application>Tor</application>'s logfile says that
+ <quote>Tor has successfully opened a circuit</quote> and it
+ <quote>looks like client functionality is working</quote>.
+</para>
+<para>
+ If either <application>Tor</application> or <application>Privoxy</application>
+ isn't working, their combination most likely will neither. Testing them on their
+ own will also help you to direct problem reports to the right audience.
+ If <application>Privoxy</application> isn't working, don't bother the
+ <application>Tor</application> developers. If <application>Tor</application>
+ isn't working, don't send bug reports to the <application>Privoxy</application> Team.
+</para>
+<para>
+ If you verified that <application>Privoxy</application> and <application>Tor</application>
+ are working, it is time to connect them. As far as <application>Privoxy</application>
+ is concerned, <application>Tor</application> is just another proxy that can be reached
+ by socks4 or socks4a. Most likely you are interested in <application>Tor</application>
+ to increase your anonymity level, therefore you should use socks4a, to make sure DNS requests are
+ done through <application>Tor</application> and thus invisible to your local network.
+</para>
+
+<![%p-newstuff;[
+<para>
+ Since <application>Privoxy</application> 3.0.5, its
+ <ulink url="../user-manual/config.html">main configuration file</ulink>
+ is already prepared for <application>Tor</application>, if you are using a
+ default <application>Tor</application> configuration and run it on the same
+ system as &my-app;, you just have to edit the
+ <ulink url="../user-manual/config.html#FORWARDING">forwarding section</ulink>
+ and uncomment the line:
+</para>
+<para>
+ <screen>
+#        forward-socks4a             /     127.0.0.1:9050 .
+ </screen>
+</para>
+<para>
+ This is enough to reach the Internet, but additionally you might want to
+ uncomment the following forward rules, to make sure your local network is still
+ reachable through Privoxy:
+</para>
+<para>
+ <screen>
+#        forward         192.168.*.*/     .
+#        forward            10.*.*.*/     .
+#        forward           127.*.*.*/     .
+ </screen>
+</para>
+<para>
+ Unencrypted connections to systems in these address ranges will
+ be as (un)secure as the local network is, but the alternative is
+ that your browser can't reach the network at all. Then again,
+ that may actually be desired and if you don't know for sure
+ that your browser has to be able to reach the local network,
+ there's no reason to allow it.
+</para>
+<para>
+ If you want your browser to be able to reach servers in your local
+ network by using their names, you will need additional exceptions
+ that look like this:
+</para>
+<para>
+ <screen>
+#        forward           localhost/     .
+ </screen>
+</para>
+<para>
+ Save the modified configuration file and open
+ <ulink url="http://config.privoxy.org/show-status">http://config.privoxy.org/show-status/</ulink>
+ in your browser, confirm that <application>Privoxy</application> has reloaded its configuration
+ and that there are no other forward lines, unless you know that you need them. If everything looks good,
+ refer to
+ <ulink url="https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#IsMyConnectionPrivate">Tor
+ Faq 4.2</ulink> to learn how to verify that you are really using <application>Tor</application>.
+</para>
+<para>
+ Afterward, please take the time to at least skim through the rest
+ of <application>Tor's</application> documentation. Make sure you understand
+ what <application>Tor</application> does, why it is no replacement for
+ application level security, and why you probably don't want to
+ use it for unencrypted logins.
+</para> ]]>
+</sect2>
+
+<sect2 renderas="sect3">
+<title id="sitebreak">Might some things break because header information or
+content is being altered?</title>
+
+<para>
+ Definitely. It is common for sites to use browser type, browser version, 
+ HTTP header content, and various other techniques in order to dynamically
+ decide what to display and how to display it. What you see, and what I see,
+ might be very different. There are many, many ways that this can be handled,
+ so having hard and fast rules, is tricky.
+</para>
+
+<para>
+ The <quote>User-Agent</quote> is sometimes used in this way to identify
+ the browser, and adjust content accordingly.
+</para>
+
+<para>
+ Also, different browsers use different encodings of non-English
+ characters, certain web servers convert pages on-the-fly according to the
+ User Agent header. Giving a <quote>User Agent</quote> with the wrong
+ operating system or browser manufacturer causes some sites in these languages
+ to be garbled; Surfers to Eastern European sites should change it to
+ something closer. And then some page access counters work by looking at the
+ <quote>Referer</quote> header; they may fail or break if unavailable. The
+ weather maps of Intellicast have been blocked by their server when no
+ <quote>Referer</quote> or cookie is provided, is another example. (But you
+ can forge both headers without giving information away). There are
+ many other ways things can go wrong when trying to fool a web server. The
+ results of which could inadvertently cause pages to load incorrectly,
+ partially, or even not at all. And there may be no obvious clues as to just
+ what went wrong, or why. Nowhere will there be a message that says 
+ <quote><emphasis>Turn off <literal>fast-redirects</literal> or else!</emphasis> 
+ </quote>
+</para>
+
+<para>
+ Similar thoughts apply to modifying JavaScript, and, to a lesser degree,
+ HTML elements.
+</para>
+
+<para>
+ If you have problems with a site, you will have to adjust your configuration 
+ accordingly. Cookies are probably the most likely adjustment that may 
+ be required, but by no means the only one.
+</para>
+
+</sect2>
+
+
+<sect2 renderas="sect3">
+<title id="caching">Can Privoxy act as a <quote>caching</quote> proxy to 
+speed up web browsing?</title>
+<para>
+ No, it does not have this ability at all. You want something like 
+ <ulink url="http://www.squid-cache.org/">Squid</ulink> or
+ <ulink url="http://www.pps.jussieu.fr/~jch/software/polipo/">Polipo</ulink> for this.
+ And, yes, before you ask, <application>Privoxy</application> can co-exist 
+ with other kinds of proxies like <application>Squid</application>.
+ See the <ulink url="../user-manual/config.html#FORWARDING">forwarding
+ chapter</ulink> in the <ulink url="../user-manual/index.html">user
+ manual</ulink> for details.
+</para>
+</sect2>
+
+<sect2 renderas="sect3">
+<title id="firewall">What about as a firewall? Can Privoxy protect me?</title>
+<para>
+ Not in the way you mean, or in the way some firewall vendors claim they can. 
+ <application>Privoxy</application> can help protect your privacy, but can't
+ protect your system from intrusion attempts. It is, of course, perfectly possible
+ to use <emphasis>both</emphasis>.
+</para>
+</sect2>
+
+<sect2 renderas="sect3">
+<title id="wasted">I have large empty spaces / a checkerboard pattern now where
+ads used to be. Why?</title>
+<para>
+ It is technically possible to eliminate banners and ads in a way that frees
+ their allocated page space. This could easily be done by blocking with 
+ <application>Privoxy's</application> filters,
+ and eliminating the <emphasis>entire</emphasis> image references from the
+ HTML page source. 
+</para>
+<para>
+ But, this would consume considerably more CPU resources (IOW, slow things
+ down), would likely destroy the layout of some web pages which rely on the
+ banners utilizing a certain amount of page space, and might fail in other
+ cases, where the screen space is reserved (e.g. by HTML tables for instance).
+ Also, making ads and banners disappear without any trace complicates
+ troubleshooting, and would sooner or later be problematic.
+</para>
+<para>
+ The better alternative is to instead let them stay, and block the resulting
+ requests for the banners themselves as is now the case. This leaves either
+ empty space, or the familiar checkerboard pattern.
+</para>
+<para>
+ So the developers won't support this in the default configuration, but you
+ can of course define appropriate filters yourself to achieve this.
+</para>
+</sect2>
+
+<sect2 renderas="sect3">
+<title id="ssl">How can Privoxy filter Secure (HTTPS) URLs?</title>
+<para>
+ Since secure HTTP connections are encrypted SSL sessions between your browser
+ and the secure site, and are meant to be reliably <emphasis>secure</emphasis>,
+ there is little that <application>Privoxy</application> can do but hand the raw
+ gibberish data though from one end to the other unprocessed.
+</para>
+<para>
+ The only exception to this is blocking by host patterns, as the client needs
+ to tell <application>Privoxy</application> the name of the remote server,
+ so that <application>Privoxy</application> can establish the connection.
+ If that name matches a host-only pattern, the connection will be blocked.
+</para>
+<para>
+ As far as ad blocking is concerned, this is less of a restriction than it may
+ seem, since ad sources are often identifiable by the host name, and often
+ the banners to be placed in an encrypted page come unencrypted nonetheless
+ for efficiency reasons, which exposes them to the full power of 
+ <application>Privoxy</application>'s ad blocking.
+</para>
+<para>
+ <quote>Content cookies</quote> (those that are embedded in the actual HTML or
+ JS page content, see <literal><ulink
+ url="../user-manual/actions-file.html#FILTER-CONTENT-COOKIES">filter{content-cookies}</ulink></literal>), 
+ in an SSL transaction will be impossible to block under these conditions. 
+ Fortunately, this does not seem to be a very common scenario since most 
+ cookies come by traditional means.
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3">
+<title id="secure">Privoxy runs as a <quote>server</quote>. How 
+secure is it? Do I need to take any special precautions?</title>
+<para>
+ On Unix-like systems, <application>Privoxy</application> can run as a non-privileged 
+ user, which is how we recommend it be run. Also, by default
+ <application>Privoxy</application> listens to requests from <quote>localhost</quote>
+ only.
+</para>
+<para>
+ The server aspect of <application>Privoxy</application> is not itself directly 
+ exposed to the Internet in this configuration. If you want to have
+ <application>Privoxy</application> serve as a LAN proxy, this will have to
+ be opened up to allow for LAN requests. In this case, we'd recommend
+ you specify only the LAN gateway address, e.g. 192.168.1.1, in the main 
+ <application>Privoxy</application> configuration file and check all <ulink
+ url="../user-manual/config.html#ACCESS-CONTROL">access control and security
+ options</ulink>. All LAN hosts can then use this as their proxy address
+ in the browser proxy configuration, but <application>Privoxy</application>
+ will not listen on any external interfaces. ACLs can be defined in addition,
+ and using a firewall is always good too. Better safe than sorry.
+</para>
+
+</sect2>
+
+<sect2 renderas="sect3" id="turnoff">
+<title>Can I temporarily disable Privoxy?</title>
+<para>
+ &my-app; doesn't have a transparent proxy mode,
+ but you can toggle off blocking and content filtering.
+</para>
+<para>
+ The easiest way to do that is to point your browser
+ to the remote toggle URL: <ulink
+ url="http://config.privoxy.org/toggle">http://config.privoxy.org/toggle</ulink>.
+</para>
+<para>
+ See the <ulink url="../user-manual/appendix.html#BOOKMARKLETS">Bookmarklets section</ulink> 
+ of the <citetitle>User Manual</citetitle> for an easy way to access this 
+ feature. Note that this is a feature that may need to be enabled in the main 
+ <filename>config</filename> file.
+</para>
+</sect2>
+
+
+<sect2 renderas="sect3" id="reallyoff">
+<title>When <quote>disabled</quote> is Privoxy totally 
+out of the picture?</title>
+<para>
+ No, this just means all optional filtering and actions are disabled.
+ <application>Privoxy</application> is still acting as a proxy, but just 
+ doing less of the things that <application>Privoxy</application> would
+ normally be expected to do. It is still a <quote>middle-man</quote> in 
+ the interaction between your browser and web sites. See below to bypass 
+ the proxy.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="turnoff2">
+<title>How can I tell Privoxy to totally ignore certain sites?</title>
+<para>
+ Bypassing a proxy, or proxying based on arbitrary criteria, is purely a browser
+ configuration issue, not a &my-app; issue. Modern browsers typically do have
+ settings for not proxying certain sites. Check your browser's help files.
+</para>
+</sect2>
+
+
+<sect2 renderas="sect3" id="crunch">
+<title>My logs show Privoxy <quote>crunches</quote> 
+ads, but also its own internal CGI pages. What is a <quote>crunch</quote>?</title>
+<para>
+ A <quote>crunch</quote> simply means <application>Privoxy</application> intercepted 
+ <emphasis>something</emphasis>, nothing more. Often this is indeed ads or
+ banners, but <application>Privoxy</application> uses the same mechanism for
+ trapping requests for its own internal pages. For instance, a request for
+ <application>Privoxy's</application> configuration page at: <ulink
+ url="http://config.privoxy.org">http://config.privoxy.org</ulink>, is
+ intercepted (i.e. it does not go out to the 'net), and the familiar CGI
+ configuration is returned to the browser, and the log consequently will show
+ a <quote>crunch</quote>.
+</para>
+<para>
+ Since version 3.0.7, Privoxy will also log the crunch reason.
+ If you are using an older version you might want to upgrade.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="downloads">
+<title>Can Privoxy effect files that I download
+from a webserver? FTP server?</title>
+<para>
+ From the webserver's perspective, there is no difference between
+ viewing a document (i.e. a page), and downloading a file. The same is true of
+ <application>Privoxy</application>. If there is a match for a <literal><ulink
+ url="../user-manual/actions-file.html#BLOCK">block</ulink></literal> pattern,
+ it will still be blocked, and of course this is obvious. 
+ </para>
+ <para>
+ Filtering is potentially more of a concern since the results are not always
+ so obvious, and the effects of filtering are there whether the file is simply
+ viewed, or downloaded. And potentially whether the content is some obnoxious
+ advertisement, or Mr. Jimmy's latest/greatest source code jewel. Of course,
+ one of these presumably is <quote>bad</quote> content that we don't want, and
+ the other is <quote>good</quote> content that we do want.
+ <application>Privoxy</application> is blind to the differences, and can only
+ distinguish <quote>good from bad</quote> by the configuration parameters
+ <emphasis>we</emphasis> give it.
+</para>
+<para>
+ <application>Privoxy</application> knows the differences in files according
+ to the <quote>Content Type</quote> as reported by the webserver. If this is
+ reported accurately (e.g. <quote>application/zip</quote> for a zip archive),
+ then <application>Privoxy</application> knows to ignore these where
+ appropriate. <application>Privoxy</application> potentially can filter HTML
+ as well as plain text documents, subject to configuration parameters of
+ course. Also, documents that are of an unknown type (generally assumed to be
+ <quote>text/plain</quote>) can be filtered, as will those that might be
+ incorrectly reported by the webserver. If such a file is a downloaded file
+ that is intended to be saved to disk, then any content that might have been
+ altered by filtering, will be saved too, for these (probably rare) cases.
+</para>
+<para>
+ Note that versions later than 3.0.2 do NOT filter document types reported as 
+ <quote>text/plain</quote>. Prior to this, <application>Privoxy</application>
+ did filter this document type.
+</para>
+<para>
+ In short, filtering is <quote>ON</quote> if a) the content type as reported
+ by the webserver is appropriate <emphasis>and</emphasis> b) the configuration
+ allows it (or at least does not disallow it). That's it. There is no magic
+ cookie anywhere to say this is <quote>good</quote> and this is
+ <quote>bad</quote>. It's the configuration that lets it all happen or not.
+</para>
+<para>
+ If you download text files, you probably do not want these to be filtered,
+ particularly if the content is source code, or other critical content. Source
+ code sometimes might be mistaken for Javascript (i.e. the kind that might
+ open a pop-up window). It is recommended to turn off filtering for download
+ sites (particularly if the content may be plain text files and you are using
+ version 3.0.2 or earlier) in your <filename>user.action</filename> file. And
+ also, for any site or page where making <emphasis>any</emphasis> changes at
+ all to the content is to be avoided.
+</para>
+<para>
+ <application>Privoxy</application> does not do FTP at all, only HTTP 
+ and HTTPS (SSL) protocols.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="downloads2">
+<title>I just downloaded a Perl script, and Privoxy
+altered it! Yikes, what is wrong!</title>
+<para>
+ Please read above.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="hostsfile">
+<title>Should I continue to use a <quote>HOSTS</quote> file for ad-blocking?</title>
+<para>
+ One time-tested technique to defeat common ads is to trick the local DNS
+ system by giving a phony IP address for the ad generator in the local 
+ <filename>HOSTS</filename> file, typically using <literal>127.0.0.1</literal>, aka 
+ <literal>localhost</literal>. This effectively blocks the ad.
+</para>
+<para>
+ There is no reason to use this technique in conjunction with 
+ <application>Privoxy</application>. <application>Privoxy</application>
+ does essentially the same thing, much more elegantly and with much more 
+ flexibility. A large <filename>HOSTS</filename> file, in fact, not only
+ duplicates effort, but may get in the way and seriously slow down your system.
+ It is recommended to remove such entries from your <filename>HOSTS</filename> file. If you think 
+ your hosts list is neglected by <application>Privoxy's </application> 
+ configuration, consider adding your list to your <filename>user.action</filename> file:
+</para>
+<para>
+ <screen>
+  { +block }
+   www.ad.example1.com
+   ad.example2.com
+   ads.galore.example.com
+   etc.example.com</screen>
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="seealso">
+<title>Where can I find more information about Privoxy
+and related issues?</title>
+<!-- Include seealso.sgml boilerplate: -->
+ &seealso;
+<!-- end boilerplate -->
+
+<!--
+<para>
+ Please see the 
+ <ulink url="../user-manual/seealso.html">user-manual</ulink> for 
+ others references.
+</para>
+-->
+</sect2>
+
+<sect2 renderas="sect3" id="microsuck">
+<title>I've noticed that Privoxy changes <quote>Microsoft</quote> to 
+<quote>MicroSuck</quote>! Why are you manipulating my browsing?</title>
+
+<para>
+ We're not. The text substitutions that you are seeing are disabled
+ in the default configuration as shipped. You have either manually
+ activated the <quote><literal>fun</literal></quote> filter which
+ is clearly labeled <quote>Text replacements for subversive browsing
+ fun!</quote> or you are using an older Privoxy version and have implicitly
+ activated it by choosing the <quote>Advanced</quote> profile in the
+ web-based editor. Please upgrade.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="valid">
+<title>Does Privoxy produce <quote>valid</quote> HTML (or XHTML)?</title>
+
+<para>
+ Privoxy generates HTML in both its own <quote>templates</quote>, and possibly
+ whenever there are text substitutions via a &my-app; filter. While this
+ should always conform to the HTML 4.01 specifications, it has not been
+ validated against this or any other standard. 
+</para>
+</sect2>
+
+
+</sect1>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+
+<sect1 id="trouble">
+<title>Troubleshooting</title>
+
+<sect2 renderas="sect3">
+<title id="refused">I cannot connect to any websites. Or, I am getting
+<quote>connection refused</quote> message with every web page. Why?</title>
+<para>
+ There are several possibilities:
+</para>
+<para>
+<itemizedlist>
+<listitem><para>
+<application>Privoxy</application> is not running. Solution: verify 
+ that &my-app; is installed correctly, has not crashed, and is indeed running.
+ Turn on <application>Privoxy's</application> logging, and look at the logs to see what they say.
+</para></listitem>
+ <listitem><para>Or your browser is configured for a different port than what
+ <application>Privoxy</application> is using. Solution: verify that &my-app;
+ and your browser are set to the same port (<literal>listen-address</literal>).
+</para></listitem>
+ <listitem><para>Or if using a forwarding rule, you have a configuration problem or a
+ problem with a host in the forwarding chain. Solution: temporarily alter your
+ configuration and take the forwarders out of the equation.
+</para></listitem>
+ <listitem><para>
+  Or you have a firewall that is interfering and blocking you. Solution: 
+  try disabling or removing the firewall as a simple test.
+ </para></listitem>
+</itemizedlist>
+</para>
+
+</sect2>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2 renderas="sect3" id="error503">
+<title>Why am I getting a 503 Error (WSAECONNREFUSED) on every page?</title>
+ <para>
+  More than likely this is a problem with your TCP/IP networking. ZoneAlarm has
+  been reported to cause this symptom -- even if not running! The solution is
+  to either fight the ZA configuration, or uninstall ZoneAlarm, and then find
+  something better behaved in its place. Other personal firewall type products
+  may cause similar type problems if not configured correctly.
+ </para>
+</sect2>
+
+<sect2 renderas="sect3">
+<title id="flushit">I just added a new rule, but the steenkin ad is 
+still getting through. How?</title>
+<para>
+ If the ad had been displayed before you added its URL, it will probably be
+ held in the browser's cache for some time, so it will be displayed without
+ the need for any request to the server, and <application>Privoxy</application>
+ will not be involved. Flush the browser's caches, and then try again.
+</para>
+
+<para>
+ If this doesn't help, you probably have an error in the rule you
+ applied. Try pasting the full URL of the offending ad into <ulink
+ url="http://config.privoxy.org/show-url-info">http://config.privoxy.org/show-url-info</ulink>
+ and see if it really matches your new rule. Blocking ads is like blocking
+ spam: a lot of tinkering is required to stay ahead of the game. And 
+ remember you need to block the URL of the ad in question, which may be 
+ entirely different from the site URL itself. Most ads are hosted on different
+ servers than the main site itself. If you right-click on the ad, you should
+ be able to get all the relevant information you need. Alternately, you can 
+ find the correct URL by looking at <application>Privoxy's</application> logs
+ (you may need to enable logging in the main config file if its disabled).
+</para>
+<para>
+ Below is a slightly modified real-life log snippet that originates with one 
+ requested URL: <literal>www.example.com</literal> (name of site was changed
+ for this example, the number of requests is real). You can see in this the
+ complexity of what goes into making up this one <quote>page</quote>. There
+ are eight different domains involved here, with thirty two separate URLs
+ requested in all, making up all manner of images, Shockwave Flash,
+ JavaScript, CSS stylesheets, scripts, and other related content. Some of this
+ content is obviously <quote>good</quote> or <quote>bad</quote>, but not all.
+ Many of the more questionable looking requests, are going to outside domains
+ that seem to be identifying themselves with suspicious looking names, making
+ our job a little easier. &my-app; has <quote>crunched</quote> (meaning caught 
+ and BLOCKED) quite a few items in this example, but perhaps missed a few as well. 
+</para>
+<para>
+<screen>
+<![CDATA[
+Request: www.example.com/
+Request: www.example.com/favicon.ico
+Request: img.example.com/main.css
+Request: img.example.com/sr.js
+Request: example.betamarker.com/example.html
+Request: www.lik-sang.com/Banners/bestsellers/skyscraper.php?likref=BSellers
+Request: img.example.com/pb.png
+Request: www.google-analytics.com/urchin.js crunch! (Blocked)
+Request: www.advertising-department.com/ats/switch.ps.php?26856 crunch! (Blocked)
+Request: img.example.com/p.gif
+Request: www.popuptraffic.com/assign.php?l=example&mode=behind crunch! (Blocked)
+Request: www.popuptraffic.com/scripts/popup.php?hid=5c3cf&tmpl=PBa.tmpl crunch! (Blocked)
+Request: www.popuptraffic.com/assign.php?l=example crunch! (Blocked)
+Request: www.lik-sang.com/Banners/best_sellers/best_sellers.css
+Request: www.adtrak.net/adx.js crunch! (Blocked)
+Request: img.example.com/hbg.gif
+Request: img.example.com/example.jpg
+Request: img.example.com/mt.png
+Request: img.example.com/mm.png
+Request: img.example.com/mb.png
+Request: www.popuptraffic.com/scripts/popup.php?hid=a71b91fa5&tmpl=Ua.tmp crunch! (Blocked)
+Request: www.example.com/tracker.js
+Request: www.lik-sang.com/Banners/best_sellers/lsi_head.gif
+Request: www.adtrak.net/adjs.php?n=020548130&what=zone:61 crunch! (Blocked)
+Request: www.adtrak.net/adjs.php?n=463594413&what=zone:58&source=Ua crunch! (Blocked)
+Request: www.lik-sang.com/Banners/best_sellers/bottomani.swf
+Request: mmm.elitemediagroup.net/install.php?allowpop=no&popupmincook=0&allowsp2=1 crunch! (Blocked)
+Request: www.example.com/tracker.js?screen=1400x1050&win=962x693
+Request: www.adtrak.net/adlog.php?bannerid=1309&clientid=439&zoneid=61 crunch! (Blocked)
+Request: 66.70.21.80/scripts/click.php?hid=5c3cf599a9efd0320d26&si
+Request: 66.70.21.80/img/pixel.gif
+Request: www.adtrak.net/adlog.php?bannerid=1309&clientid=439&zoneid=58&source=Ua&block=86400 crunch! (Blocked)
+Request: 66.70.21.80/scripts/click.php?hid=a71b9f6504b0c5681fa5&si=Ua
+]]>
+</screen>
+</para>
+<para>
+ Despite 12 out of 32 requests being blocked, the page looked, and seemed to
+ behave perfectly <quote>normal</quote> (minus some ads, of course).
+</para>
+
+</sect2>
+
+<sect2 id="badsite" renderas="sect3">
+<title >One of my favorite sites does not work with Privoxy.
+What can I do?</title>
+
+<para>
+ First verify that it is indeed a <application>Privoxy</application> problem, 
+ by toggling off <application>Privoxy</application> through <ulink
+ url="http://config.privoxy.org/toggle">http://config.privoxy.org/toggle</ulink>
+ (the toggle feature may need to be enabled in the main
+ <filename>config</filename>),
+ and then shift-reloading the problem page (i.e. holding down the shift key
+ while clicking reload. Alternatively, flush your browser's disk and memory
+ caches).
+</para>
+
+<para>
+ If the problem went away, we know we have a configuration related problem.
+ Now go to <ulink
+ url="http://config.privoxy.org/show-url-info">http://config.privoxy.org/show-url-info</ulink>
+ and paste the full URL of the page in question into the prompt. See which
+ actions are being applied to the URL, and which matches in which actions
+ files are responsible for that. It might be helpful also to look at your logs
+ for this site too, to see what else might be happening (note: logging may need
+ to be enabled in the main config file). Many sites are
+ complex and require a number of related pages to help present their content.
+ Look at what else might be used by the page in question, and what of that
+ might be <emphasis>required</emphasis>.
+ Now, armed with this information, go to
+ <ulink
+ url="http://config.privoxy.org/show-status">http://config.privoxy.org/show-status</ulink>
+ and select the appropriate actions files for editing. </para>
+<para>
+ You can now either look for a section which disables the actions that
+ you suspect to cause the problem and add a pattern for your site there,
+ or make up a completely new section for your site. In any case, the recommended
+ way is to disable only the prime suspect, reload the problem page, and only
+ if the problem persists, disable more and more actions until you have
+ identified the culprit. You may or may not want to turn the other actions
+ on again. Remember to flush your browser's caches in between any such changes!
+</para>
+<para>
+ Alternately, if you are comfortable with a text editor, you can accomplish 
+ the same thing by editing the appropriate actions file. Probably the easiest 
+ way to deal with such problems when editing by hand is to add your
+ site to a <literal>{ fragile }</literal> section in <filename>user.action</filename>,
+ which is an alias that turns off most <quote>dangerous</quote>
+ actions, but is also likely to turn off more actions then needed, and thus lower
+ your privacy and protection more than necessary, 
+</para>
+<para>
+ Troubleshooting actions is discussed in more detail in the <ulink
+ url="../user-manual/appendix.html#ACTIONSANAT">User Manual appendix,
+ Troubleshooting: the Anatomy of an Action</ulink>.
+ There is also an <ulink
+ url="../user-manual/actions-file.html#ACT-EXAMPLES">actions tutorial</ulink>
+ with general configuration information and examples.
+</para>
+<para>
+ As a last resort, you can always see if your browser has a setting that will 
+ bypass the proxy setting for selective sites. Modern browsers can do this.
+</para>
+
+</sect2>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2 id="dun" renderas="sect3">
+<title>After installing Privoxy, I have to log in
+every time I start IE. What gives?</title>
+
+<para>
+ This is a quirk that effects the installation of
+ <application>Privoxy</application>, in conjunction with Internet Explorer and
+ Internet Connection Sharing on Windows 2000 and Windows XP. The symptoms may
+ appear to be corrupted or invalid DUN settings, or passwords.
+</para>
+
+<para>
+ When setting up an NT based Windows system with
+ <application>Privoxy</application> you may find that things do not seem to be
+ doing what you expect. When you set your system up you will probably have set
+ up Internet Connection Sharing (ICS) with Dial up Networking (DUN) when
+ logged in with administrator privileges. You will probably have made this DUN
+ connection available to other accounts that you may have set-up on your
+ system. E.g. Mum or Dad sets up the system and makes accounts suitably
+ configured for the kids.
+</para>
+
+<para>
+ When setting up <application>Privoxy</application> in this environment you
+ will have to alter the proxy set-up of Internet Explorer (IE) for the
+ specific DUN connection on which you wish to use
+ <application>Privoxy</application>. When you do this the ICS DUN set-up
+ becomes user specific. In this instance you will see no difference if you
+ change the DUN connection under the account used to set-up the connection.
+ However when you do this from another user you will notice that the DUN
+ connection changes to make available to "Me only". You will also find that
+ you have to store the password under each different user!
+</para>
+
+<para>
+ The reason for this is that each user's set-up for IE is user specific. Each
+ set-up DUN connection and each LAN connection in IE store the settings for
+ each user individually. As such this enforces individual configurations
+ rather than common ones. Hence the first time you use a DUN connection after
+ re-booting your system it may not perform as you expect, and prompt you for 
+ the password. Just set and save the password again and all should be OK.
+</para>
+
+<para>
+[Thanks to Ray Griffith for this submission.]
+</para>
+</sect2>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2 id="ftp" renderas="sect3">
+<title>I cannot connect to any FTP sites. Privoxy
+ is blocking me.</title>
+ <para>
+  <application>Privoxy</application> cannot act as a proxy for FTP traffic, 
+  so do not configure your browser to use <application>Privoxy</application>
+  as an FTP proxy. The same is true for <emphasis>any protocol other than HTTP
+  or HTTPS (SSL)</emphasis>. 
+ </para>
+ <para>
+  Most browsers understand FTP as well as HTTP. If you connect to a site, with
+  a URL like <literal>ftp://ftp.example.com</literal>, your browser is making
+  an FTP connection, and not a HTTP connection. So while your browser may 
+  speak FTP, <application>Privoxy</application> does not, and cannot proxy 
+  such traffic.
+ </para>
+ <para>
+  To complicate matters, some systems may have a generic <quote>proxy</quote>
+  setting, which will enable various protocols, including
+  <emphasis>both</emphasis> HTTP and FTP proxying! So it is possible to
+  accidentally enable FTP proxying in these cases. And of course, if this
+  happens, <application>Privoxy</application> will indeed cause problems since
+  it does not know FTP. <![%p-newstuff;[Newer version will give a sane error
+  message if a FTP connection is attempted.]]> Just disable the FTP setting 
+  and all will be well again.
+ </para>
+ <para>
+  Will <application>Privoxy</application> ever proxy FTP traffic? Unlikely.
+  There just is not much reason, and the work to make this happen is more than
+  it may seem.
+ </para>
+</sect2>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2 id="macosxie" renderas="sect3">
+<title>In Mac OS X, I can't configure Microsoft Internet Explorer to use 
+ Privoxy as the HTTP proxy.</title>
+ <para>
+  Microsoft Internet Explorer (in versions like 5.1) respects system-wide
+  network settings.  In order to change the HTTP proxy, open System
+  Preferences, and click on the Network icon.  In the settings pane that
+  comes up, click on the Proxies tab.  Ensure the "Web Proxy (HTTP)" checkbox 
+  is checked and enter <literal>127.0.0.1</literal> in the entry field.  
+  Enter <literal>8118</literal> in the Port field.  The next time you start
+  IE, it should reflect these values.
+ </para>
+</sect2>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2 renderas="sect3" id="macosxuninstall">
+<title>In Mac OS X, I dragged the Privoxy folder to the trash in order to 
+ uninstall it. Now the finder tells me I don't have sufficient privileges to
+ empty the trash.</title>
+ <para>
+ Note: This ONLY applies to privoxy 3.0.6 and earlier.
+ </para> 
+ <para>
+  Just dragging the <application>Privoxy</application> folder to the trash is
+  not enough to delete it. <application>Privoxy</application> supplies an
+  <application>uninstall.command</application> file that takes care of
+  these details. Open the trash, drag the <application>uninstall.command</application>
+  file out of the trash and double-click on it. You will be prompted for
+  confirmation and the administration password.
+ </para> 
+ <para>
+  The trash may still appear full after this command; emptying the trash 
+  from the desktop should make it appear empty again.
+ </para>
+</sect2>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2 renderas="sect3" id="macosximages">
+<title>In Mac OS X Panther (10.3), images often fail to load and/or I
+ experience random delays in page loading. I'm using
+ <literal>localhost</literal> as my browser's proxy setting.</title>
+ <para>
+  We believe this is due to an IPv6-related bug in Mac OS X, but don't fully
+  understand the issue yet. In any case, changing the proxy setting to 
+  <literal>127.0.0.1</literal> instead of <literal>localhost</literal>
+  works around the problem.
+ </para>
+</sect2>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<!-- XXX: Is this still relevant now that we have gzip support? -->
+<sect2 renderas="sect3" id="blankpage">
+<title>I get a completely blank page at one site. <quote>View Source</quote>
+ shows only: <markup><![CDATA[<html><body></body></html>]]></markup>. Without
+ Privoxy the page loads fine.</title>
+ <para>
+  Chances are that the site suffers from a bug in
+  <ulink url="http://www.php.net/"><application>PHP</application></ulink>,
+  which results in empty pages being sent if the client explicitly requests
+  an uncompressed page, like <application>Privoxy</application> does.
+  This bug has been fixed in PHP 4.2.3.
+ </para>
+ <para>
+  To find out if this is in fact the source of the problem, try adding
+  the site to a <literal>-prevent-compression</literal> section in
+  <filename>user.action</filename>:
+ </para>
+ <screen>
+   # Make exceptions for ill-behaved sites:                                     
+   #                                                                    
+   {-prevent-compression}                                               
+    .example.com</screen>
+ <para>
+  If that works, you may also want to report the problem to the
+  site's webmasters, telling them to use zlib.output_compression
+  instead of ob_gzhandler in their PHP applications (workaround)
+  or upgrade to PHP 4.2.3 or later (fix).
+ </para>
+</sect2>
+
+<sect2 renderas="sect3" id="nohostname">
+<title>My logs show many <quote>Unable to get my own hostname</quote> lines.
+Why?</title>
+<para>
+ <application>Privoxy</application> tries to get the hostname of the system
+ its running on from the IP address of the system interface it is bound to
+ (from the <filename>config</filename> file
+ <emphasis>listen-address</emphasis> setting). If the system cannot supply
+ this information, <application>Privoxy</application> logs this condition. 
+</para>
+<para>
+ Typically, this would be considered a minor system configuration error. It is
+ not a fatal error to <application>Privoxy</application> however, but may
+ result in a much slower response from <application>Privoxy</application> on
+ some platforms due to DNS timeouts.
+</para>
+<para>
+ This can be caused by a problem with the local <filename>hosts</filename>
+ file. If this file has been changed from the original, try reverting it to
+ see if that helps. Make sure whatever name(s) are used for the local system,
+ that they resolve both ways.
+</para>
+<para>
+ You should also be able to work around the problem with the
+ <ulink url="../user-manual/config.html#HOSTNAME">hostname option</ulink>.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="inuse">
+<title>When I try to launch Privoxy, I get an 
+error message <quote>port 8118 is already in use</quote> (or similar wording).
+Why?</title>
+<para>
+ Port 8118 is <application>Privoxy's</application> default TCP 
+ <quote>listening</quote> port. Typically this message would mean that there
+ is already one instance of <application>Privoxy</application> running, and
+ your system is actually trying to start a second
+ <application>Privoxy</application> on the same port, which will not work.
+ (You can have multiple instances but they must be assigned different ports.)
+ How and why this might happen varies from platform to platform, but you need
+ to check your installation and start-up procedures.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="demoronizer">
+<title>
+ Pages with UTF-8 fonts are garbled.
+</title>
+<para>
+ This is caused by the <quote>demoronizer</quote> filter. You should either
+ upgrade <application>Privoxy</application>, or at least upgrade to the most
+ recent <filename>default.action</filename> file available from <ulink
+ url="http://sourceforge.net/project/showfiles.php?group_id=11118">SourceForge</ulink>.
+ Or you can simply disable the demoronizer filter.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="demoronizer2">
+<title>
+ Why are binary files (such as images) corrupted when Privoxy
+ is used?
+</title>
+<para>
+ This may also be caused by the <quote>demoronizer</quote> filter, 
+ in conjunction with a web server that is misreporting the content type. Binary 
+ files are exempted from <application>Privoxy's</application> filtering
+ (unless the web server by mistake says the file is something else). Either
+ upgrade <application>Privoxy</application>, or go to the most recent
+ <filename>default.action</filename> file available from <ulink
+ url="http://sourceforge.net/project/showfiles.php?group_id=11118">SourceForge</ulink>.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="demoronizer3">
+<title>
+ What is the <quote>demoronizer</quote> and why is it there?
+</title>
+<para>
+ The original demoronizer was a Perl script that cleaned up HTML pages which 
+ were created with certain Microsoft products. MS has used proprietary extensions 
+ to standardized font encodings (ISO 8859-1), which has caused problems for pages
+ that are viewed with non-Microsoft products (and are expecting to see a
+ standard set of fonts). The demoronizer corrected these errors so the pages
+ displayed correctly. <application>Privoxy</application> borrowed from this
+ script, introducing a filter based on the original demoronizer, which in turn could
+ correct these errors on the fly. 
+</para>
+<para>
+ But this is only needed in some situations, and will cause serious problems in some 
+ other situations.
+</para>
+<para>
+ If you are using Microsoft products, you do not need it. If you need to view 
+ pages with UTF-8 characters (such as Cyrillic or Chinese), then it will 
+ cause corruption of the fonts, and thus <emphasis>should not be on</emphasis>.
+</para>
+<para>
+ On the other hand, if you use non-Microsoft products, and you occasionally 
+ notice weird characters on pages, you might want to try it.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="windowopen">
+<title>
+ Why do I keep seeing <quote>PrivoxyWindowOpen()</quote> in raw source code?
+</title>
+<para>
+ <application>Privoxy</application> is attempting to disable malicious 
+  <ulink url="http://en.wikipedia.org/wiki/Javascript">Javascript</ulink> 
+  in this case, with the <literal>unsolicited-popups</literal>
+ filter. <application>Privoxy</application> cannot tell very well 
+ <quote>good</quote> code snippets from <quote>bad</quote> code snippets.
+</para>
+<para>
+ If you see this in HTML source, and the page displays without problems, then 
+ this is good, and likely some pop-up window was disabled. If you see this 
+ where it is causing a problem, such as a downloaded program source code file, 
+ then you should set an exception for this site or page such that the
+ integrity of the page stays in tact by disabling all filtering.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="dnserrors">
+<title>
+ I am getting too many DNS errors like <quote>404 No Such Domain</quote>. Why
+ can't Privoxy do this better?
+</title>
+<para>
+ There are potentially several factors here. First of all, the DNS resolution
+ is done by the underlying operating system -- not
+ <application>Privoxy</application> itself. <application>Privoxy</application>
+ merely initiates the process and hands it off, and then later reports
+ whatever the outcome was and tries to give a coherent message if there seems
+ to be a problem. In some cases, this might otherwise be mitigated by the
+ browser itself which might try some work-arounds and alternate approaches (e.g
+ adding <quote>www.</quote> to the URL).
+</para>
+<para>
+ In other cases, if <application>Privoxy</application> is being chained
+ with another proxy, this could complicate the issue, and cause undue
+ delays and timeouts. In the case of a <quote>socks4a</quote> proxy, the socks
+ server handles all the DNS.  <application>Privoxy</application> would just be
+ the <quote>messenger</quote> which is reporting whatever problem occurred
+ downstream, and not the root cause of the error.
+</para>
+<![%p-newstuff;[
+<para>
+ In any case, versions newer than 3.0.3 include various improvements to help
+ <application>Privoxy</application> better handle these cases.
+</para>]]>
+</sect2>
+
+<sect2 renderas="sect3" id="allcpu">
+<title>
+ At one site Privoxy just hangs, and starts taking 
+ all CPU. Why is this?
+</title>
+<para>
+ This is probably a manifestation of the <quote>100% cpu</quote> problem that
+ occurs on pages containing many (thousands upon thousands) of blank lines. The blank lines 
+ are in the raw HTML source of the page, and the browser just ignores them. But the 
+ pattern matching in <application>Privoxy's</application> page filtering
+ mechanism is trying to match against absurdly long strings and this becomes
+ very CPU-intensive, taking a long, long time to complete.
+</para>
+<para>
+ Until a better solution comes along, disable filtering on these pages,
+ particularly the <literal>js-annoyances</literal> and
+ <literal>unsolicited-popups</literal> filters. If you run into this problem
+ with a recent &my-app; version, please send a problem report.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="slowcrawl">
+<title>I just installed Privoxy, and all my
+browsing has slowed to a crawl. What gives? </title>
+<para>
+ This should not happen, and for the overwhelming number of users world-wide,
+ it does not happen. I would suspect some inadvertent interaction of software
+ components such as anti-virus software, spyware protectors, personal
+ firewalls or similar components. Try disabling (or uninstalling) these one
+ at a time and see if that helps. Either way, if you are using a
+ recent &my-app; version, please report the problem.
+</para>
+</sect2>
+
+<sect2 renderas="sect3" id="preventcomp">
+<title>Why do my filters work on some sites but not on others? </title>
+<para>
+ It's probably due to compression. It is a common practice for web servers to
+ send their content <quote>compressed</quote> in order to speed things up, and
+ then let the browser <quote>uncompress</quote> them. When compiled with zlib support
+ &my-app; can decompress content before filtering, otherwise you may want to enable
+<ulink
+ url="../user-manual/actions-file.html#PREVENT-COMPRESSION">prevent-compression</ulink>.
+</para>
+<para>
+ As of &my-app; 3.0.9, zlib support is enabled in the default builds.
+</para>
+</sect2>
+
+
+<sect2 renderas="sect3" id="ssl-warnings">
+<title>On some HTTPS sites my browser warns me about unauthenticated content,
+ the URL bar doesn't get highlighted and the lock symbol appears to be broken.
+ What's going on?</title>
+<para>
+ Probably the browser is requesting ads through HTTPS and &my-app;
+ is blocking the requests. Privoxy's error messages are delivered
+ unencrypted and while it's obvious for the browser that the HTTPS
+ request is already blocked by the proxy, some warn about unauthenticated
+ content anyway.
+</para>
+<para>
+ To work around the problem you can redirect those requests to an invalid
+ local address instead of blocking them. While the redirects aren't
+ encrypted either, many browsers don't care. They simply follow the
+ redirect, fail to reach a server and display an error message instead
+ of the ad.
+</para>
+<para>
+ To do that, enable logging to figure out which requests get blocked by
+ &my-app; and add the hosts (no path patterns) to a section like this:
+</para>
+<para>
+<screen>
+<![CDATA[
+{+redirect{http://127.0.0.1:0/} -block -limit-connect}
+.ivwbox.de:443/
+]]>
+</screen>
+</para>
+<para>
+ Additionally you have to configure your browser to contact
+ <quote>127.0.0.1:0</quote> directly (instead of through &my-app;).
+</para>
+<para>
+ To add a proxy exception in <application>Mozilla Firefox</application>
+ open the <quote>Preferences</quote>, click the <quote>Settings</quote>
+ button located on the <quote>Network</quote> tab in the <quote>Advanced</quote>
+ section, and add <quote>127.0.0.1:0</quote> in the <quote>No Proxy for:</quote>
+ field.
+</para>
+</sect2>
+
+
+<sect2 renderas="sect3" id="se-linux">
+<title>I get selinux error messages. How can I fix this?</title>
+<para>
+ Please report the problem to the creator of your selinux policies.
+</para>
+<para>
+ The problem is that some selinux policy writers aren't familiar
+ with the application they are trying to <quote>secure</quote> and
+ thus create policies that make no sense.
+</para>
+<para>
+ In <application>Privoxy's</application> case the problem usually
+ is that the policy only allows outgoing connections for certain
+ destination ports (e.g. 80 and 443). While this may cover the
+ standard ports, websites occasionally use other ports as well.
+ This isn't a security problem and therefore <application>Privoxy's</application>
+ default configuration doesn't block these requests.
+</para>
+<para>
+ If you really want to block these ports (and don't be able
+ to load websites that don't use standard ports), you should
+ configure Privoxy to block these ports as well, so it doesn't
+ trigger the selinux warnings.
+</para>
+</sect2>
+
+
+<sect2 renderas="sect3" id="gentoo-ricers">
+<title>I compiled &my-app; with Gentoo's portage and it appears to be very slow. Why?</title>
+<para>
+ Probably you unintentionally compiled &my-app; without threading support
+ in which case requests have to be serialized and only one can be served
+ at the same time.
+</para>
+<para>
+ Check your <quote>USE</quote> flags and make sure they include
+ <quote>threads</quote>. If they don't, add the flag and rebuild &my-app;.
+</para>
+<para>
+ If you compiled &my-app; with threading support (on POSIX-based systems),
+ the <quote>Conditional #defines</quote> section on <ulink
+ url="http://config.privoxy.org/show-status">http://config.privoxy.org/show-status</ulink>
+ will list <quote>FEATURE_PTHREAD</quote> as <quote>enabled</quote>. 
+</para>
+</sect2>
+
+
+</sect1>
+
+  <!--   ~~~~~       New section      ~~~~~     -->
+  <sect1 id="contact"><title>Contacting the developers, Bug Reporting and Feature Requests</title>
+<!-- Include contacting.sgml  -->
+ &contacting;
+<!-- end contacting -->
+  </sect1>
+  
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect1 id="copyright"><title>Privoxy Copyright, License and History</title>
+
+ <!-- Include copyright.sgml -->
+  ©right;
+ <!-- end -->
+  
+
+  <para>
+   Portions of this document are <quote>borrowed</quote> from the original
+   <application>Junkbuster</application> (tm) FAQ, and modified as 
+   appropriate for <application>Privoxy</application>.
+  </para>
+
+ <!--   ~~~~~       New section      ~~~~~     -->
+ <sect2><title>License</title>
+ <!-- Include copyright.sgml: -->
+  &license;
+ <!-- end copyright -->
+ </sect2>
+ <!--  ~  End section  ~  -->
+
+ <!--   ~~~~~       New section      ~~~~~     -->
+ <sect2><title>History</title>
+ <!-- Include history.sgml -->
+  &history;
+ <!-- end -->
+ </sect2>
+
+ </sect1>
+ <!--  ~  End section  ~  -->
+ 
+  
+<!--   ~~~~~       New section      ~~~~~     -->
+<!--
+<sect1 id="seealso"><title>See also</title>
+-->
+<!-- Include seealso.sgml -->
+<!--
+ &see;
+-->
+<!-- end  -->
+<!--
+</sect1>
+-->
+
+<!-- hhmts end -->
+ <!--
+ Tue 09/11/01 06:38:14 PM EST: Test SGML doc by Hal Burgiss.
+ 
+ This program is free software; you can redistribute it 
+ and/or modify it under the terms of the GNU General
+ Public License as published by the Free Software
+ Foundation; either version 2 of the License, or (at
+ your option) any later version.
+
+ This program is distributed in the hope that it will
+ be useful, but WITHOUT ANY WARRANTY; without even the
+ implied warranty of MERCHANTABILITY or FITNESS FOR A
+ PARTICULAR PURPOSE.  See the GNU General Public
+ License for more details.
+
+ The GNU General Public License should be included with
+ this file.  If not, you can view it at
+ http://www.gnu.org/copyleft/gpl.html
+ or write to the Free Software Foundation, Inc., 
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+
+$Log: faq.sgml,v $
+Revision 2.58  2009/03/21 12:27:44  fabiankeil
+Turn the donation entry title into a question,
+also rephrase the content a bit.
+
+Revision 2.57  2009/03/19 19:07:49  fabiankeil
+First draft of a "Donating" entry. To be polished tomorrow.
+
+Revision 2.56  2009/02/19 17:05:05  fabiankeil
+Explain slowness when build with Gentoo's portage.
+
+Revision 2.55  2009/02/19 02:20:21  hal9
+Make some links in seealso conditional. Man page is now privoxy only links.
+
+Revision 2.54  2009/02/15 20:47:12  hal9
+Fix small typo.
+
+Revision 2.53  2009/02/15 20:46:13  hal9
+Update Outlook HTML rendering engine comments re: Office 2007.
+
+Revision 2.52  2009/02/14 10:27:52  fabiankeil
+Finish last paragraph in the selinux entry which
+I unintentionally committed with the last commit.
+
+Revision 2.51  2009/02/12 16:08:26  fabiankeil
+Declare the code stable.
+
+Revision 2.50  2009/02/11 18:13:36  fabiankeil
+State the obvious.
+
+Revision 2.49  2009/02/10 16:30:20  fabiankeil
+Add a workaround for "unauthenticated content" warnings on HTTPS sites.
+
+Revision 2.48  2009/01/13 16:50:35  fabiankeil
+The standard.action file is gone.
+
+Revision 2.47  2008/11/24 18:29:39  fabiankeil
+Two changes suggested by Roger Dingledine:
+- Use https://www.torproject.org/ in section 4.7, too.
+- Replace the Tor wiki URL in section 4.10 with one
+  with a more useful anchor name.
+
+Revision 2.46  2008/08/30 15:37:35  fabiankeil
+Update entities.
+
+Revision 2.45  2008/08/16 08:51:28  fabiankeil
+Update version-related entities.
+
+Revision 2.44  2008/06/19 01:41:36  hal9
+Add short note about zlib being enabled in 3.0.9
+
+Revision 2.43  2008/06/14 13:21:25  fabiankeil
+Prepare for the upcoming 3.0.9 beta release.
+
+Revision 2.42  2008/06/07 13:11:15  fabiankeil
+- Note that the "100% cpu problem" is worth
+  reporting if it happens with a recent release.
+- Mention the hostname option as a workaround for
+  the "can't get my own hostname" issue.
+- The profile formerly known as "Adventuresome"
+  is called "Advanced" now.
+- Some white-space fixes.
+
+Revision 2.41  2008/06/06 15:32:09  fabiankeil
+- Minor rewordings.
+- Don't claim that all the old Junkbuster features remain.
+  Some of them have been removed or replaced with better ones.
+
+Revision 2.40  2008/02/22 05:54:27  markm68k
+updates for mac os x
+
+Revision 2.39  2008/02/03 21:37:41  hal9
+Apply patch from Mark: s/OSX/OS X/
+
+Revision 2.38  2008/01/19 17:52:39  hal9
+Re-commit to fix various minor issues for new release.
+
+Revision 2.37  2008/01/19 15:03:05  hal9
+Doc sources tagged for 3.0.8 release.
+
+Revision 2.36  2008/01/17 01:49:51  hal9
+Change copyright notice for docs s/2007/2008/. All these will be rebuilt soon
+enough.
+
+Revision 2.35  2007/11/19 17:57:59  fabiankeil
+A bunch of rewordings, minor updates and fixes.
+
+Revision 2.34  2007/11/19 02:38:11  hal9
+Minor revisions and rebuild
+
+Revision 2.33  2007/11/15 03:30:20  hal9
+Results of spell check.
+
+Revision 2.32  2007/11/13 03:03:42  hal9
+Various changes to reflect new features and revised configuration for the
+upcoming release.
+
+Revision 2.31  2007/11/05 02:34:53  hal9
+Various changes in preparation for the upcoming release. Much yet to be done.
+
+Revision 2.30  2007/11/04 15:16:40  hal9
+Fix one silly typo.
+
+Revision 2.29  2007/11/04 15:12:47  hal9
+Various minor adjustments.
+
+Revision 2.28  2007/10/27 15:14:16  fabiankeil
+Change Tor links to use the new domain torproject.org.
+
+Revision 2.27  2007/10/22 19:47:05  fabiankeil
+- Bump version and copyright.
+- Adjust Tor section to make it clear that forward exceptions
+  aren't required and may not even be desired.
+- A bunch of other minor rewordings.
+- Fix markup problems Roland noticed (hopefully without adding new ones).
+
+Revision 2.26  2007/08/05 15:37:55  fabiankeil
+- Don't claim that thousands of people read our code.
+- Specify the GPL version and link to GPLv2 instead of v3.
+- Note that configuration syntax may change between releases.
+- Mention zlib support.
+- Answer the "transparent proxy" question properly.
+- Add "intercepting proxy" entry.
+- Mention Polipo.
+- Rephrase some other sentences for various reasons.
+
+Revision 2.25  2007/07/18 11:00:34  hal9
+Add misc note about valid mark-up in Privoxy.
+
+Revision 2.24  2006/11/14 01:57:46  hal9
+Dump all docs prior to 3.0.6 release. Various minor changes to faq and user
+manual.
+
+Revision 2.23  2006/10/21 22:19:52  hal9
+Two new FAQs, a rewrite or two, and some touch ups.
+
+Revision 2.22  2006/10/14 20:33:10  hal9
+Three new FAQ's re: templates and blocking, and various minor touch-ups/improvements.
+
+Revision 2.21  2006/10/03 14:40:51  fabiankeil
+Added links from the Tor faq to the
+configuration chapter in the User Manual.
+
+Revision 2.20  2006/09/26 10:12:37  fabiankeil
+Spelling fix.
+
+Revision 2.19  2006/09/22 10:54:32  hal9
+Change references to 3.0.4 to 3.0.5 and minor adjustments.
+
+Revision 2.18  2006/09/22 01:27:55  hal9
+Final commit of probably various minor changes here and there. Unless
+something changes this should be ready for pending release.
+
+Revision 2.17  2006/09/17 14:56:32  hal9
+This includes yet several more new FAQs, some improved wording, enhanced
+mark-up, various hyper links to wikipedia to explain key terminology to the
+uninitiated, etc. This is ready for release IMO pending final tagging of cvs
+and Privoxy version stamping.
+
+Revision 2.16  2006/09/10 15:30:46  hal9
+Spell check.
+
+Revision 2.15  2006/09/08 23:05:07  hal9
+Fix broken links. Add faq on hosts files. Move most of new windows service
+feature to user manual and reference in faq. Various other small changes.
+
+Revision 2.14  2006/09/05 13:25:12  david__schmidt
+Add Windows service invocation stuff (duplicated) in FAQ and in user manual under Windows startup.  One probably ought to reference the other.
+
+Revision 2.13  2006/09/04 19:20:33  fabiankeil
+Adjusted anonymity related sections to match reality.
+Added a section about using Privoxy with Tor.
+
+Revision 2.12  2006/09/03 14:15:30  hal9
+Various updates, including 7 or 8 new FAQs, and updates/changes to various
+other ones to better reflect improvements, additions and changes for the
+upcoming release. This is close to final form for 3.0.4 IMHO.
+
+Revision 2.11  2006/07/18 14:48:50  david__schmidt
+Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+with what was really the latest development (the v_3_0_branch branch)
+
+Revision 1.61.2.41  2004/04/05 13:44:05  oes
+Fixed allow-all-cookies alias name; closes SR #929746
+
+Revision 1.61.2.40  2004/01/30 17:00:33  oes
+Added Mac OS X Panther problem
+
+Revision 1.61.2.39  2004/01/29 22:53:08  hal9
+Minor changes for exempting docs of text/plain. Change copyright date.
+
+Revision 1.61.2.38  2003/12/10 03:39:45  hal9
+Added FAQs for: demoronizer, related problems and why its included. Also,
+port 8118 already in use questions, and PrivoxyWindowOpen() questions. All in
+troubleshooting section.
+
+Revision 1.61.2.37  2003/10/17 11:01:50  oes
+Added Q&A for "not being used" page problem
+
+Revision 1.61.2.36  2003/06/26 23:49:20  hal9
+More on the filter/source code problem.
+
+Revision 1.61.2.35  2003/06/26 13:38:08  hal9
+Add FAQ on whether configuring Privoxy is necessary or not.
+
+Revision 1.61.2.34  2003/06/26 03:00:03  hal9
+Sorry, found another copyright date.
+
+Revision 1.61.2.33  2003/06/26 02:57:05  hal9
+Fix typo (finally!) and very minor modifications.
+
+Revision 1.61.2.32  2003/06/26 02:52:04  hal9
+Test, no changes.
+
+Revision 1.61.2.31  2003/06/25 01:27:51  hal9
+Fix copyright, and a few nits.
+
+Revision 1.61.2.30  2003/06/25 01:13:52  hal9
+Add:
+
+ - FAQ on "Unable to get my own hostname"
+ - Another one on filtering effects on text files.
+
+Revision 1.61.2.29  2003/06/15 21:32:58  hal9
+Add to the 4.17 (filtering effects on downloaded files).
+
+Revision 1.61.2.28  2003/03/18 19:37:21  oes
+s/Advanced|Radical/Adventuresome/g to avoid complaints re fun filter
+
+Revision 1.61.2.27  2002/12/01 06:31:58  hal9
+Add faq on win32 error 503 due to ZoneAlarm.
+
+Revision 1.61.2.26  2002/11/17 06:41:06  hal9
+Move default profiles table from FAQ to U-M, and other minor related changes.
+Add faq on cookies.
+
+Revision 1.61.2.25  2002/10/29 03:21:50  hal9
+Add 3 Q/A's relating to HTML in email. Other minor touchups.
+
+Revision 1.61.2.24  2002/10/15 12:50:22  oes
+s/Advanced/Radical/ (stupid me)
+
+Revision 1.61.2.23  2002/10/15 12:38:56  oes
+Added Microsuck faq; more detail for PHP problem
+
+Revision 1.61.2.22  2002/10/12 01:13:13  hal9
+Updates for demoronizer, more commentary on Radical profile, and update on
+the srvany.exe/icon fix.
+
+Revision 1.61.2.21  2002/10/10 04:09:35  hal9
+s/Advanced/Radical/ and added very brief note.
+
+Revision 1.61.2.20  2002/09/26 01:22:45  hal9
+Small additions for LAN setup, content-cookies/SSL, and FTP non-support.
+
+Revision 1.61.2.19  2002/08/25 23:31:56  hal9
+Fix one grammatical error. Add brief FAQ relating to tranparent proxies (ie
+port 80 setting). Add FAQ on effects of Privoxy on downloaded files
+(especially filtering).
+
+Revision 1.61.2.18  2002/08/14 16:39:37  hal9
+Fix wrong tag on FAQ addition.
+
+Revision 1.61.2.17  2002/08/14 00:01:18  hal9
+Add a crunch FAQ.
+
+Revision 1.61.2.16  2002/08/13 00:10:38  hal9
+Add faq to troubleshooting re: blank page syndrome, ie {-prevent-compression}.
+
+Revision 1.61.2.15  2002/08/10 11:34:22  oes
+Add disclaimer about probably being out-of-date
+
+Revision 1.61.2.14  2002/08/07 02:53:43  hal9
+Fix some minor markup errors, and move one Mac OS X Q/A to troubleshooting section.
+
+Revision 1.61.2.13  2002/08/06 11:55:32  oes
+Added missing close tag
+
+Revision 1.61.2.12  2002/08/06 11:43:46  david__schmidt
+Updated Mac OS X uninstall FAQ... we have an uninstall script now.
+
+Revision 1.61.2.11  2002/08/06 08:54:03  oes
+Style police: Fixed formatting details
+
+Revision 1.61.2.10  2002/08/02 14:00:25  david__schmidt
+Made the Mac OS X removal commands far less dangerous
+
+Revision 1.61.2.9  2002/08/02 13:14:45  oes
+Added warning about sudo rm -r for Mac OS X deinstallation; moved this item to install section
+
+Revision 1.61.2.8  2002/08/02 02:01:42  david__schmidt
+Add FAQ item for MSIE on Mac OS X HTTP proxy confusion
+
+Revision 1.61.2.7  2002/08/02 01:46:01  david__schmidt
+Added FAQ item for Mac OS X uninstall woes
+
+Revision 1.61.2.6  2002/07/30 20:04:56  hal9
+Fix typo: 'schould'.
+
+Revision 1.61.2.5  2002/07/26 15:22:58  oes
+- Updated to reflect changes in standard.action
+- Added info on where to get updated actions files
+
+Revision 1.61.2.4  2002/07/25 21:42:29  hal9
+Add brief notes on not proxying non-HTTP protocols.
+
+Revision 1.61.2.3  2002/06/09 16:36:33  hal9
+Clarifications on filtering and MIME. Hardcode 'latest release' in index.html.
+
+Revision 1.61.2.2  2002/06/06 02:51:34  hal9
+Fix typo in URL http:/config.privoxy.org
+
+Revision 1.61.2.1  2002/06/05 23:10:43  hal9
+Add new FAQ re: DUN/IE. Change release date from May to June :)
+
+Revision 1.61  2002/05/25 12:37:25  hal9
+Various minor changes and edits.
+
+Revision 1.60  2002/05/22 17:17:48  oes
+Proofread & added more links into u-m
+
+Revision 1.59  2002/05/15 04:03:30  hal9
+Fix ulink -> link markup.
+
+Revision 1.58  2002/05/10 01:48:20  hal9
+This is mostly proposed copyright/licensing additions and changes. Docs
+are still GPL, but licensing and copyright are more visible. Also, copyright
+changed in doc header comments (eliminate references to JB except FAQ).
+
+Revision 1.57  2002/05/05 20:26:02  hal9
+Sorting out license vs copyright in these docs.
+
+Revision 1.56  2002/05/04 08:44:44  swa
+bumped version
+
+Revision 1.55  2002/05/04 00:41:56  hal9
+-Remove TOC/first page kludge in favor of proper handling via dsl file.
+
+Revision 1.54  2002/05/03 05:06:44  hal9
+Add brief Q/A on transparent proxies.
+
+Revision 1.53  2002/05/03 01:34:52  hal9
+Fix section numbering for new sections (due to TOC kludge).
+
+Revision 1.52  2002/04/29 03:08:43  hal9
+-Added new Q/A on new actions file set up (pointer to u-m)
+-Fixed a few broken links and converted old actions as a result of
+ recent changes.
+
+Revision 1.51  2002/04/26 17:24:31  swa
+bookmarks cleaned, changed structure of user manual, screen and programlisting cleanups, and numerous other changes that I forgot
+
+Revision 1.50  2002/04/26 05:25:23  hal9
+Mass commit to catch a few scattered fixes.
+
+Revision 1.49  2002/04/12 10:10:18  swa
+version update
+
+Revision 1.48  2002/04/10 18:45:15  swa
+generated
+
+Revision 1.47  2002/04/10 04:05:32  hal9
+More on BML, etc.
+
+Revision 1.45  2002/04/08 22:59:26  hal9
+Version update. Spell chkconfig correctly :)
+
+Revision 1.44  2002/04/07 21:24:29  hal9
+Touch up on name change.
+
+Revision 1.43  2002/04/04 21:59:53  hal9
+Added NT/W2K service/icon situation.
+
+Revision 1.42  2002/04/04 18:46:47  swa
+consistent look. reuse of copyright, history et. al.
+
+Revision 1.41  2002/04/04 06:48:37  hal9
+Structural changes to allow for conditional inclusion/exclusion of content
+based on entity toggles, e.g. 'entity % p-not-stable  "INCLUDE"'. And
+definition of internal entities, e.g. 'entity p-version "2.9.13"' that will
+eventually be set by Makefile.
+More boilerplate text for use across multiple docs.
+
+Revision 1.40  2002/04/03 04:22:03  hal9
+Fixed several typos.
+
+Revision 1.39  2002/04/03 03:53:03  hal9
+Revert some changes, and then make some news, to layout, and appearance.
+
+Revision 1.38  2002/04/02 03:49:10  hal9
+Major changes to doc structure and layout. Sections are not automatically
+numbered now. TOC is on page by itself.
+
+Revision 1.37  2002/04/01 16:24:07  hal9
+-Rework of supported Q/A.
+-Set up entities to include boilerplate text.
+
+Revision 1.36  2002/03/31 23:18:47  hal9
+More on dealing with BLOCKED.
+
+Revision 1.35  2002/03/30 04:14:19  hal9
+Fix privoxy.org/config links.
+
+Revision 1.34  2002/03/29 04:35:56  hal9
+Touch ups.
+
+Revision 1.33  2002/03/29 01:31:48  hal9
+Several new Q/A's and other touch ups.
+
+Revision 1.32  2002/03/27 00:57:03  hal9
+Touch ups for name change.
+
+Revision 1.31  2002/03/26 22:29:55  swa
+we have a new homepage!
+
+Revision 1.30  2002/03/25 16:39:22  hal9
+A few new sections. Made all links relative to user-manual.
+
+Revision 1.29  2002/03/25 05:23:57  hal9
+Moved section, and touch ups.
+
+Revision 1.28  2002/03/25 04:27:33  hal9
+New section related to name change.
+
+Revision 1.25  2002/03/24 16:08:08  swa
+we are too lazy to make a block-built
+privoxy logo. hence removed the option.
+
+Revision 1.24  2002/03/24 15:46:20  swa
+name change related issue.
+
+Revision 1.23  2002/03/24 12:33:01  swa
+more additions.
+
+Revision 1.22  2002/03/24 11:51:00  swa
+name change. changed filenames.
+
+Revision 1.21  2002/03/24 11:01:06  swa
+name change
+
+Revision 1.20  2002/03/23 15:13:11  swa
+renamed every reference to the old name with foobar.
+fixed "application foobar application" tag, fixed
+"the foobar" with "foobar". left junkbustser in cvs
+comments and remarks to history untouched.
+
+Revision 1.19  2002/03/21 17:01:54  hal9
+Some touch ups.
+
+Revision 1.18  2002/03/18 16:40:31  hal9
+More additions.
+
+Revision 1.17  2002/03/18 03:53:53  hal9
+Some new additions.
+
+Revision 1.16  2002/03/17 21:32:56  hal9
+A few more additions.
+
+Revision 1.15  2002/03/17 07:25:59  hal9
+Correcting some of my typos, and some additions.
+
+Revision 1.14  2002/03/17 02:39:13  hal9
+A little more added ...
+
+Revision 1.13  2002/03/17 00:22:20  hal9
+Adding new stuff, and trying to incorporate stuff from old faq.
+
+Revision 1.12  2002/03/11 20:13:21  swa
+typo
+
+Revision 1.11  2002/03/11 18:42:27  swa
+new section
+
+Revision 1.10  2002/03/11 13:13:27  swa
+correct feedback channels
+
+Revision 1.9  2002/03/10 23:34:04  swa
+more info on not hiding ip address
+
+Revision 1.8  2002/03/09 15:55:48  swa
+added default config section
+
+Revision 1.7  2002/03/07 18:16:55  swa
+looks better
+
+Revision 1.6  2002/03/07 13:16:31  oes
+Committing changes by Stefan
+
+Revision 1.5  2002/03/02 15:50:04  swa
+2.9.11 version. more input for docs.
+
+Revision 1.4  2002/02/24 14:34:24  jongfoster
+Formatting changes.  Now changing the doctype to DocBook XML 4.1
+will work - no other changes are needed.
+
+Revision 1.3  2001/09/23 10:13:48  swa
+upload process established. run make webserver and
+the documentation is moved to the webserver. documents
+are now linked correctly.
+
+Revision 1.2  2001/09/13 15:20:17  swa
+merged standards into developer manual
+
+Revision 1.1  2001/09/12 15:36:41  swa
+source files for junkbuster documentation
+
+Revision 1.3  2001/09/10 17:43:59  swa
+first proposal of a structure.
+
+Revision 1.2  2001/06/13 14:28:31  swa
+docs should have an author.
+
+Revision 1.1  2001/06/13 14:20:37  swa
+first import of project's documentation for the webserver.
+
+-->
+
+</article>
diff --git a/external/privoxy/doc/source/history.sgml b/external/privoxy/doc/source/history.sgml
new file mode 100644
index 0000000..9e8b2fa
--- /dev/null
+++ b/external/privoxy/doc/source/history.sgml
@@ -0,0 +1,71 @@
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/history.sgml,v $
+
+ Purpose     :  Entity included in other project documents.
+                
+ $Id: history.sgml,v 2.7 2009/02/22 11:05:21 fabiankeil Exp $
+
+  Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
+  See LICENSE.
+
+ ======================================================================
+  This file used for inclusion with other documents only.
+ ======================================================================
+
+ If you make changes to this file, please verify the finished 
+ docs all display as intended.
+
+ This file is included into:
+
+  user-manual
+  developer-manual
+  faq
+  webserver/index.sgml
+
+-->
+
+<para>
+ A long time ago, there was the
+ <ulink url="http://www.junkbusters.com/ijb.html"><application>Internet Junkbuster</application></ulink>, 
+ by Anonymous Coders and <ulink url="http://www.junkbusters.com/">Junkbusters
+ Corporation</ulink>. This saved many users a lot of pain in the early days of
+ web advertising and user tracking.
+</para>
+
+<para>
+ But the web, its protocols and standards, and with it, the techniques for
+ forcing ads on users, give up autonomy over their browsing, and
+ for tracking them, keeps evolving. Unfortunately, the <application>Internet
+ Junkbuster</application> did not. Version 2.0.2, published in 1998, was 
+ (and is) the last official
+ <ulink url="http://www.junkbusters.com/ijbdist.html#release">release</ulink>
+ available from <ulink url="http://www.junkbusters.com">Junkbusters Corporation</ulink>.
+ Fortunately, it had been released under the GNU
+ <ulink url="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html">GPL</ulink>,
+ which allowed further development by others.
+</para>
+
+<para>
+ So Stefan Waldherr started maintaining an improved version of the
+ software, to which eventually a number of people contributed patches.
+ It could already replace banners with a transparent image, and had a first
+ version of pop-up killing, but it was still very closely based on the
+ original, with all its limitations, such as the lack of HTTP/1.1 support,
+ flexible per-site configuration, or content modification. The last release
+ from this effort was version 2.0.2-10, published in 2000.
+</para>
+
+<para>
+ Then, some
+ <ulink url="http://www.privoxy.org/user-manual/copyright.html#AUTHORS">developers</ulink>
+ picked up the thread, and started turning the software inside out, upside down,
+ and then reassembled it, adding many
+ <ulink url="http://www.privoxy.org/user-manual/introduction.html#FEATURES">new
+ features</ulink> along the way.
+</para>
+
+<para>
+ The result of this is <application>Privoxy</application>, whose first
+ stable version, 3.0, was released August, 2002. 
+ <!-- Cautious!!!!!!!!! ;) -->
+</para>
diff --git a/external/privoxy/doc/source/install.sgml b/external/privoxy/doc/source/install.sgml
new file mode 100644
index 0000000..bba9ccc
--- /dev/null
+++ b/external/privoxy/doc/source/install.sgml
@@ -0,0 +1,106 @@
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook V3.1//EN" [
+<!entity % dummy "IGNORE"> 
+<!entity buildsource SYSTEM "buildsource.sgml">
+<!entity p-version "3.0.11">
+<!entity p-status "stable">
+<!entity % p-stable "INCLUDE">
+<!entity % p-not-stable "IGNORE">
+<!entity % p-alpha "IGNORE">
+<!entity % p-beta "IGNORE">
+<!entity % p-text "INCLUDE">       <!-- define we are a text only doc    -->
+<!entity % p-doc "IGNORE">         <!-- and never a text doc             -->
+<!entity % p-readme "INCLUDE">     <!-- This is now in INSTALL           -->
+]>
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/install.sgml,v $
+
+ Purpose     :  INSTALL file for Privoxy
+                
+ $Id: install.sgml,v 2.11 2009/02/12 16:08:26 fabiankeil Exp $
+
+ Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
+ See LICENSE.
+
+ ========================================================================
+ NOTE: Please read developer-manual/documentation.html before touching 
+ anything in this, or other Privoxy documentation. You have been warned!
+ Failure to abide by this rule will result in the revocation of your license 
+ to live a peaceful existence!
+ ========================================================================
+
+ ===================================================================
+ READ: Document Note: This file generates the INSTALL file in the top level
+ source directory. It is generated as only a plain text file. The current
+ markup is not suitable for other formats. Build from Makefile with 'make
+ dok-readme'.
+ ===================================================================
+
+-->
+<article id="index">
+<artheader>
+<![%dummy;[
+ <para>
+ <comment>
+  This is here to keep vim syntax file from breaking :/
+  If I knew enough to fix it, I would.
+  PLEASE DO NOT REMOVE! HB: hal at foobox.net
+ </comment>
+ </para>
+]]>
+<abstract>
+<para>
+ <literal>
+  <msgtext>
+   <literallayout>
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/doc/source/install.sgml,v $
+ *
+ * Purpose     :  INSTALL file to help with installing from source.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2009 the
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
+ *                or write to the Free Software Foundation, Inc., 
+ *                51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, 
+ *                USA
+ *
+ *********************************************************************/
+   </literallayout>
+  </msgtext>
+ </literal>
+</para>
+
+ </abstract>
+</artheader>
+
+<para>
+ <msgtext>
+<!--   ~~~~~       New section      ~~~~~     -->
+<!-- include buildsource.sgml boilerplate: -->
+ &buildsource;
+<!-- end boilderplate -->
+ </msgtext>
+</para>
+
+
+</article>
diff --git a/external/privoxy/doc/source/ldp.dsl b/external/privoxy/doc/source/ldp.dsl
new file mode 100644
index 0000000..896e8ab
--- /dev/null
+++ b/external/privoxy/doc/source/ldp.dsl
@@ -0,0 +1,420 @@
+<!DOCTYPE style-sheet PUBLIC "-//James Clark//DTD DSSSL Style Sheet//EN" [
+<!ENTITY % html "IGNORE">
+<![%html;[
+<!ENTITY % print "IGNORE">
+<!ENTITY docbook.dsl SYSTEM "none/html/docbook.dsl" CDATA dsssl>
+]]>
+<!ENTITY % print "INCLUDE">
+<![%print;[
+<!ENTITY docbook.dsl SYSTEM "none/print/docbook.dsl" CDATA dsssl>
+]]>
+]>
+
+<!--
+
+;; borrowed from the LDP stylesheet, with modifications, HB.
+;; Added support for css 03/20/02, and other mods.
+
+-->
+
+<style-sheet>
+
+<style-specification id="print" use="docbook">
+<style-specification-body> 
+
+;; ==============================
+;; customize the print stylesheet
+;; ==============================
+;;
+;; see http://docbook.sourceforge.net/projects/dsssl/doc/print.html
+;;
+
+(define %indent-screen-lines%
+  ;; Indent lines in a 'Screen'?
+  #t)
+
+(define %callout-fancy-bug% 
+  ;; Use fancy callout bugs?
+  #t)
+
+(define %chap-app-running-heads% 
+  ;; Generate running headers and footers on chapter-level elements?
+  #t)
+
+(define %chap-app-running-head-autolabel% 
+  ;; Put chapter labels in running heads?
+  #t)
+
+;; this is necessary because right now jadetex does not understand
+;; symbolic entities, whereas things work well with numeric entities.
+(declare-characteristic preserve-sdata?
+  "UNREGISTERED::James Clark//Characteristic::preserve-sdata?"
+  #f)
+
+;; put the legal notice in a separate file
+(define %generate-legalnotice-link%
+  #t)
+
+;; use graphics in admonitions, and have their path be "stylesheet-images"
+;; NO: they do not yet look very good
+(define %admon-graphics-path%
+  "./stylesheet-images/")
+
+(define %admon-graphics%
+  #f)
+
+(define %funcsynopsis-decoration%
+  ;; make funcsynopsis look pretty
+  #t)
+
+;;(define %shade-verbatim%
+;;  #t)
+
+(define %section-autolabel% #t)
+  ;; For enumerated sections (1.1, 1.1.1, 1.2, etc.)
+  
+;; HB changed TOC depth to 3 levels.
+(define (toc-depth nd)
+  3)
+
+;; HB added 03/20/02, see dbparam.dsl ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+(define %body-attr% 
+  ;; REFENTRY body-attr
+  ;; PURP What attributes should be hung off of BODY?
+  ;; DESC
+  ;; A list of the the BODY attributes that should be generated.
+  ;; The format is a list of lists, each interior list contains the
+  ;; name and value of a BODY attribute.
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  (list
+   (list "BGCOLOR" "#EEEEEE")
+   (list "TEXT" "#000000")
+   (list "LINK" "#0000FF")
+   (list "VLINK" "#840084")
+   (list "ALINK" "#0000FF")))
+
+(define %stylesheet%
+  ;; REFENTRY stylesheet
+  ;; PURP Name of the stylesheet to use
+  ;; DESC
+  ;; The name of the stylesheet to place in the HTML LINK TAG, or '#f' to
+  ;; suppress the stylesheet LINK.
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  "../p_doc.css")
+
+(define %stylesheet-type%
+  ;; REFENTRY stylesheet-type
+  ;; PURP The type of the stylesheet to use
+  ;; DESC
+  ;; The type of the stylesheet to place in the HTML LINK TAG.
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  "text/css")
+
+(define %css-liststyle-alist%
+  ;; REFENTRY css-liststyle-alist
+  ;; PURP Map DocBook OVERRIDE and MARK attributes to CSS
+  ;; DESC
+  ;; If '%css-decoration%' is turned on then the list-style-type property of
+  ;; list items will be set to reflect the list item style selected in the
+  ;; DocBook instance.  This associative list maps the style type names used
+  ;; in your instance to the appropriate CSS names.  If no mapping exists,
+  ;; the name from the instance will be used.
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  '(("bullet" "disc")
+    ("box" "square")))
+
+(define %css-decoration%
+  ;; REFENTRY css-decoration
+  ;; PURP Enable CSS decoration of elements
+  ;; DESC
+  ;; If '%css-decoration%' is turned on then HTML elements produced by the
+  ;; stylesheet may be decorated with STYLE attributes.  For example, the
+  ;; LI tags produced for list items may include a fragment of CSS in the
+  ;; STYLE attribute which sets the CSS property "list-style-type".
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  #t)
+
+;; swa1
+
+(define %generate-part-toc%
+  #f)
+
+(define %generate-article-toc% 
+  ;; Should a Table of Contents be produced for Articles?
+  ;; If true, a Table of Contents will be generated for each 'Article'.
+  #t)
+
+(define %generate-part-toc-on-titlepage%
+  ;; Should the Part TOC appear on the Part title page?
+  #f)
+
+;;Do you want a separate page for the title?
+(define %generate-article-titlepage-on-separate-page%
+ #t)
+
+;;Do you want the article toc on the titlepage or separate?
+(define %generate-article-toc-on-titlepage%
+ #f)
+
+;;Titlepage Separate?
+;; This is the one that makes TOC only on first page!! hal.
+(define (chunk-skip-first-element-list)
+ '())
+
+(define %body-start-indent%
+  ;; Default indent of body text
+  2pi)
+
+(define %para-indent-firstpara%
+  ;; First line start-indent for the first paragraph
+  0pt)
+
+;; swa2
+
+(define %para-indent%
+  ;; First line start-indent for paragraphs (other than the first)
+  0pt)
+
+(define %block-start-indent%
+  ;; Extra start-indent for block-elements
+  2pt)
+
+;;Define distance between paragraphs
+(define %para-sep% 
+ (/ %bf-size% 2.0))
+
+;; with swa2 no effects
+
+;; swa3
+
+;;Define distance between block elements (figures, tables, etc.).
+(define %block-sep% 
+ (* %para-sep% 1.0))
+;; (* %para-sep% 2.0))
+
+(define %hyphenation%
+  ;; Allow automatic hyphenation?
+  #t)
+
+(define %left-margin% 5pi)
+(define %right-margin% 5pi)
+(define %top-margin% 5pi)
+(define %bottom-margin% 5pi)
+(define %footer-margin% 2pi)
+(define %header-margin% 2pi)
+
+(define %line-spacing-factor% 1.3)
+  ;; Factor used to calculate leading
+  ;; The leading is calculated by multiplying the current font size by the 
+  ;; '%line-spacing-factor%'. For example, if the font size is 10pt and
+  ;; the '%line-spacing-factor%' is 1.1, then the text will be
+  ;; printed "10-on-11".
+
+(define %head-before-factor% 
+  ;; Factor used to calculate space above a title
+  ;; The space before a title is calculated by multiplying the font size
+  ;; used in the title by the '%head-before-factor%'.
+;;  0.75)
+  0.5)
+
+(define %head-after-factor% 
+  ;; Factor used to calculate space below a title
+  ;; The space after a title is calculated by multiplying the font size used
+  ;; in the title by the '%head-after-factor%'.
+  0.5)
+
+(define %input-whitespace-treatment% 'collapse)
+
+(define ($generate-article-lot-list$)
+  ;; Which Lists of Titles should be produced for Articles?
+  (list ))
+
+
+</style-specification-body>
+</style-specification>
+
+
+<!--
+;; ===================================================
+;; customize the html stylesheet; borrowed from Cygnus
+;; at http://sourceware.cygnus.com/ (cygnus-both.dsl)
+;; ===================================================
+-->
+
+<style-specification id="html" use="docbook">
+<style-specification-body> 
+
+;; this is necessary because right now jadetex does not understand
+;; symbolic entities, whereas things work well with numeric entities.
+(declare-characteristic preserve-sdata?
+  "UNREGISTERED::James Clark//Characteristic::preserve-sdata?"
+  #f)
+
+;; put the legal notice in a separate file
+(define %generate-legalnotice-link%
+  #t)
+
+;; use graphics in admonitions, and have their path be "stylesheet-images"
+;; NO: they do not yet look very good
+(define %admon-graphics-path%
+  "./stylesheet-images/")
+
+(define %admon-graphics%
+  #f)
+
+(define %funcsynopsis-decoration%
+  ;; make funcsynopsis look pretty
+  #t)
+
+(define %html-ext%
+  ".html")
+
+(define %generate-article-toc% 
+  ;; Should a Table of Contents be produced for Articles?
+  ;; If true, a Table of Contents will be generated for each 'Article'.
+  #t)
+
+;; HB added next three statements 05/03/02.
+;;Do you want a separate page for the title?
+(define %generate-article-titlepage-on-separate-page%
+ #t)
+
+;;Do you want the article toc on the titlepage or separate?
+(define %generate-article-toc-on-titlepage%
+ #t)
+
+;;Titlepage Separate?
+;; This is the one that makes TOC only on first page!! hal.
+(define (chunk-skip-first-element-list)
+ '())
+
+(define %root-filename%
+  ;; The filename of the root HTML document (e.g, "index").
+  "index")
+
+(define %generate-part-toc%
+  #t)
+
+(define %shade-verbatim%
+  #t)
+
+(define %use-id-as-filename%
+  ;; Use ID attributes as name for component HTML files?
+  #t)
+
+(define %graphic-default-extension% 
+  "gif")
+
+(define %section-autolabel% #t)
+  ;; For enumerated sections (1.1, 1.1.1, 1.2, etc.)
+  
+;; HB changed TOC depth to 3 levels.
+(define (toc-depth nd)
+  3)
+
+;; HB added 03/20/02, see dbparam.dsl ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+(define %body-attr% 
+  ;; REFENTRY body-attr
+  ;; PURP What attributes should be hung off of BODY?
+  ;; DESC
+  ;; A list of the the BODY attributes that should be generated.
+  ;; The format is a list of lists, each interior list contains the
+  ;; name and value of a BODY attribute.
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  (list
+   (list "BGCOLOR" "#EEEEEE")
+   (list "TEXT" "#000000")
+   (list "LINK" "#0000FF")
+   (list "VLINK" "#840084")
+   (list "ALINK" "#0000FF")))
+
+(define %stylesheet%
+  ;; REFENTRY stylesheet
+  ;; PURP Name of the stylesheet to use
+  ;; DESC
+  ;; The name of the stylesheet to place in the HTML LINK TAG, or '#f' to
+  ;; suppress the stylesheet LINK.
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  "../p_doc.css")
+
+(define %stylesheet-type%
+  ;; REFENTRY stylesheet-type
+  ;; PURP The type of the stylesheet to use
+  ;; DESC
+  ;; The type of the stylesheet to place in the HTML LINK TAG.
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  "text/css")
+
+(define %css-liststyle-alist%
+  ;; REFENTRY css-liststyle-alist
+  ;; PURP Map DocBook OVERRIDE and MARK attributes to CSS
+  ;; DESC
+  ;; If '%css-decoration%' is turned on then the list-style-type property of
+  ;; list items will be set to reflect the list item style selected in the
+  ;; DocBook instance.  This associative list maps the style type names used
+  ;; in your instance to the appropriate CSS names.  If no mapping exists,
+  ;; the name from the instance will be used.
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  '(("bullet" "disc")
+    ("box" "square")))
+
+(define %css-decoration%
+  ;; REFENTRY css-decoration
+  ;; PURP Enable CSS decoration of elements
+  ;; DESC
+  ;; If '%css-decoration%' is turned on then HTML elements produced by the
+  ;; stylesheet may be decorated with STYLE attributes.  For example, the
+  ;; LI tags produced for list items may include a fragment of CSS in the
+  ;; STYLE attribute which sets the CSS property "list-style-type".
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  #t)
+
+;; HB added 2008-01-19
+(define %html-header-tags% 
+  '(("META" ("HTTP-EQUIV" "Content-Type") ("CONTENT" "text/html;
+charset=ISO-8859-1"))))
+
+</style-specification-body>
+</style-specification>
+
+
+<style-specification id="html-notoc" use="html">
+<style-specification-body> 
+
+;; ===================================================
+;; Vairant without TOC for the Homepage --oes 24/05/02
+;; ===================================================
+
+(define %generate-article-toc% 
+  ;; Should a Table of Contents be produced for Articles?
+  ;; If true, a Table of Contents will be generated for each 'Article'.
+  #f)
+
+</style-specification-body>
+</style-specification>
+
+<external-specification id="docbook" document="docbook.dsl">
+
+</style-sheet>
diff --git a/external/privoxy/doc/source/ldp.dsl.in b/external/privoxy/doc/source/ldp.dsl.in
new file mode 100644
index 0000000..a86de0d
--- /dev/null
+++ b/external/privoxy/doc/source/ldp.dsl.in
@@ -0,0 +1,420 @@
+<!DOCTYPE style-sheet PUBLIC "-//James Clark//DTD DSSSL Style Sheet//EN" [
+<!ENTITY % html "IGNORE">
+<![%html;[
+<!ENTITY % print "IGNORE">
+<!ENTITY docbook.dsl SYSTEM "@DKPREFIX@/html/docbook.dsl" CDATA dsssl>
+]]>
+<!ENTITY % print "INCLUDE">
+<![%print;[
+<!ENTITY docbook.dsl SYSTEM "@DKPREFIX@/print/docbook.dsl" CDATA dsssl>
+]]>
+]>
+
+<!--
+
+;; borrowed from the LDP stylesheet, with modifications, HB.
+;; Added support for css 03/20/02, and other mods.
+
+-->
+
+<style-sheet>
+
+<style-specification id="print" use="docbook">
+<style-specification-body> 
+
+;; ==============================
+;; customize the print stylesheet
+;; ==============================
+;;
+;; see http://docbook.sourceforge.net/projects/dsssl/doc/print.html
+;;
+
+(define %indent-screen-lines%
+  ;; Indent lines in a 'Screen'?
+  #t)
+
+(define %callout-fancy-bug% 
+  ;; Use fancy callout bugs?
+  #t)
+
+(define %chap-app-running-heads% 
+  ;; Generate running headers and footers on chapter-level elements?
+  #t)
+
+(define %chap-app-running-head-autolabel% 
+  ;; Put chapter labels in running heads?
+  #t)
+
+;; this is necessary because right now jadetex does not understand
+;; symbolic entities, whereas things work well with numeric entities.
+(declare-characteristic preserve-sdata?
+  "UNREGISTERED::James Clark//Characteristic::preserve-sdata?"
+  #f)
+
+;; put the legal notice in a separate file
+(define %generate-legalnotice-link%
+  #t)
+
+;; use graphics in admonitions, and have their path be "stylesheet-images"
+;; NO: they do not yet look very good
+(define %admon-graphics-path%
+  "./stylesheet-images/")
+
+(define %admon-graphics%
+  #f)
+
+(define %funcsynopsis-decoration%
+  ;; make funcsynopsis look pretty
+  #t)
+
+;;(define %shade-verbatim%
+;;  #t)
+
+(define %section-autolabel% #t)
+  ;; For enumerated sections (1.1, 1.1.1, 1.2, etc.)
+  
+;; HB changed TOC depth to 3 levels.
+(define (toc-depth nd)
+  3)
+
+;; HB added 03/20/02, see dbparam.dsl ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+(define %body-attr% 
+  ;; REFENTRY body-attr
+  ;; PURP What attributes should be hung off of BODY?
+  ;; DESC
+  ;; A list of the the BODY attributes that should be generated.
+  ;; The format is a list of lists, each interior list contains the
+  ;; name and value of a BODY attribute.
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  (list
+   (list "BGCOLOR" "#EEEEEE")
+   (list "TEXT" "#000000")
+   (list "LINK" "#0000FF")
+   (list "VLINK" "#840084")
+   (list "ALINK" "#0000FF")))
+
+(define %stylesheet%
+  ;; REFENTRY stylesheet
+  ;; PURP Name of the stylesheet to use
+  ;; DESC
+  ;; The name of the stylesheet to place in the HTML LINK TAG, or '#f' to
+  ;; suppress the stylesheet LINK.
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  "../p_doc.css")
+
+(define %stylesheet-type%
+  ;; REFENTRY stylesheet-type
+  ;; PURP The type of the stylesheet to use
+  ;; DESC
+  ;; The type of the stylesheet to place in the HTML LINK TAG.
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  "text/css")
+
+(define %css-liststyle-alist%
+  ;; REFENTRY css-liststyle-alist
+  ;; PURP Map DocBook OVERRIDE and MARK attributes to CSS
+  ;; DESC
+  ;; If '%css-decoration%' is turned on then the list-style-type property of
+  ;; list items will be set to reflect the list item style selected in the
+  ;; DocBook instance.  This associative list maps the style type names used
+  ;; in your instance to the appropriate CSS names.  If no mapping exists,
+  ;; the name from the instance will be used.
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  '(("bullet" "disc")
+    ("box" "square")))
+
+(define %css-decoration%
+  ;; REFENTRY css-decoration
+  ;; PURP Enable CSS decoration of elements
+  ;; DESC
+  ;; If '%css-decoration%' is turned on then HTML elements produced by the
+  ;; stylesheet may be decorated with STYLE attributes.  For example, the
+  ;; LI tags produced for list items may include a fragment of CSS in the
+  ;; STYLE attribute which sets the CSS property "list-style-type".
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  #t)
+
+;; swa1
+
+(define %generate-part-toc%
+  #f)
+
+(define %generate-article-toc% 
+  ;; Should a Table of Contents be produced for Articles?
+  ;; If true, a Table of Contents will be generated for each 'Article'.
+  #t)
+
+(define %generate-part-toc-on-titlepage%
+  ;; Should the Part TOC appear on the Part title page?
+  #f)
+
+;;Do you want a separate page for the title?
+(define %generate-article-titlepage-on-separate-page%
+ #t)
+
+;;Do you want the article toc on the titlepage or separate?
+(define %generate-article-toc-on-titlepage%
+ #f)
+
+;;Titlepage Separate?
+;; This is the one that makes TOC only on first page!! hal.
+(define (chunk-skip-first-element-list)
+ '())
+
+(define %body-start-indent%
+  ;; Default indent of body text
+  2pi)
+
+(define %para-indent-firstpara%
+  ;; First line start-indent for the first paragraph
+  0pt)
+
+;; swa2
+
+(define %para-indent%
+  ;; First line start-indent for paragraphs (other than the first)
+  0pt)
+
+(define %block-start-indent%
+  ;; Extra start-indent for block-elements
+  2pt)
+
+;;Define distance between paragraphs
+(define %para-sep% 
+ (/ %bf-size% 2.0))
+
+;; with swa2 no effects
+
+;; swa3
+
+;;Define distance between block elements (figures, tables, etc.).
+(define %block-sep% 
+ (* %para-sep% 1.0))
+;; (* %para-sep% 2.0))
+
+(define %hyphenation%
+  ;; Allow automatic hyphenation?
+  #t)
+
+(define %left-margin% 5pi)
+(define %right-margin% 5pi)
+(define %top-margin% 5pi)
+(define %bottom-margin% 5pi)
+(define %footer-margin% 2pi)
+(define %header-margin% 2pi)
+
+(define %line-spacing-factor% 1.3)
+  ;; Factor used to calculate leading
+  ;; The leading is calculated by multiplying the current font size by the 
+  ;; '%line-spacing-factor%'. For example, if the font size is 10pt and
+  ;; the '%line-spacing-factor%' is 1.1, then the text will be
+  ;; printed "10-on-11".
+
+(define %head-before-factor% 
+  ;; Factor used to calculate space above a title
+  ;; The space before a title is calculated by multiplying the font size
+  ;; used in the title by the '%head-before-factor%'.
+;;  0.75)
+  0.5)
+
+(define %head-after-factor% 
+  ;; Factor used to calculate space below a title
+  ;; The space after a title is calculated by multiplying the font size used
+  ;; in the title by the '%head-after-factor%'.
+  0.5)
+
+(define %input-whitespace-treatment% 'collapse)
+
+(define ($generate-article-lot-list$)
+  ;; Which Lists of Titles should be produced for Articles?
+  (list ))
+
+
+</style-specification-body>
+</style-specification>
+
+
+<!--
+;; ===================================================
+;; customize the html stylesheet; borrowed from Cygnus
+;; at http://sourceware.cygnus.com/ (cygnus-both.dsl)
+;; ===================================================
+-->
+
+<style-specification id="html" use="docbook">
+<style-specification-body> 
+
+;; this is necessary because right now jadetex does not understand
+;; symbolic entities, whereas things work well with numeric entities.
+(declare-characteristic preserve-sdata?
+  "UNREGISTERED::James Clark//Characteristic::preserve-sdata?"
+  #f)
+
+;; put the legal notice in a separate file
+(define %generate-legalnotice-link%
+  #t)
+
+;; use graphics in admonitions, and have their path be "stylesheet-images"
+;; NO: they do not yet look very good
+(define %admon-graphics-path%
+  "./stylesheet-images/")
+
+(define %admon-graphics%
+  #f)
+
+(define %funcsynopsis-decoration%
+  ;; make funcsynopsis look pretty
+  #t)
+
+(define %html-ext%
+  ".html")
+
+(define %generate-article-toc% 
+  ;; Should a Table of Contents be produced for Articles?
+  ;; If true, a Table of Contents will be generated for each 'Article'.
+  #t)
+
+;; HB added next three statements 05/03/02.
+;;Do you want a separate page for the title?
+(define %generate-article-titlepage-on-separate-page%
+ #t)
+
+;;Do you want the article toc on the titlepage or separate?
+(define %generate-article-toc-on-titlepage%
+ #t)
+
+;;Titlepage Separate?
+;; This is the one that makes TOC only on first page!! hal.
+(define (chunk-skip-first-element-list)
+ '())
+
+(define %root-filename%
+  ;; The filename of the root HTML document (e.g, "index").
+  "index")
+
+(define %generate-part-toc%
+  #t)
+
+(define %shade-verbatim%
+  #t)
+
+(define %use-id-as-filename%
+  ;; Use ID attributes as name for component HTML files?
+  #t)
+
+(define %graphic-default-extension% 
+  "gif")
+
+(define %section-autolabel% #t)
+  ;; For enumerated sections (1.1, 1.1.1, 1.2, etc.)
+  
+;; HB changed TOC depth to 3 levels.
+(define (toc-depth nd)
+  3)
+
+;; HB added 03/20/02, see dbparam.dsl ;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
+
+(define %body-attr% 
+  ;; REFENTRY body-attr
+  ;; PURP What attributes should be hung off of BODY?
+  ;; DESC
+  ;; A list of the the BODY attributes that should be generated.
+  ;; The format is a list of lists, each interior list contains the
+  ;; name and value of a BODY attribute.
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  (list
+   (list "BGCOLOR" "#EEEEEE")
+   (list "TEXT" "#000000")
+   (list "LINK" "#0000FF")
+   (list "VLINK" "#840084")
+   (list "ALINK" "#0000FF")))
+
+(define %stylesheet%
+  ;; REFENTRY stylesheet
+  ;; PURP Name of the stylesheet to use
+  ;; DESC
+  ;; The name of the stylesheet to place in the HTML LINK TAG, or '#f' to
+  ;; suppress the stylesheet LINK.
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  "../p_doc.css")
+
+(define %stylesheet-type%
+  ;; REFENTRY stylesheet-type
+  ;; PURP The type of the stylesheet to use
+  ;; DESC
+  ;; The type of the stylesheet to place in the HTML LINK TAG.
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  "text/css")
+
+(define %css-liststyle-alist%
+  ;; REFENTRY css-liststyle-alist
+  ;; PURP Map DocBook OVERRIDE and MARK attributes to CSS
+  ;; DESC
+  ;; If '%css-decoration%' is turned on then the list-style-type property of
+  ;; list items will be set to reflect the list item style selected in the
+  ;; DocBook instance.  This associative list maps the style type names used
+  ;; in your instance to the appropriate CSS names.  If no mapping exists,
+  ;; the name from the instance will be used.
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  '(("bullet" "disc")
+    ("box" "square")))
+
+(define %css-decoration%
+  ;; REFENTRY css-decoration
+  ;; PURP Enable CSS decoration of elements
+  ;; DESC
+  ;; If '%css-decoration%' is turned on then HTML elements produced by the
+  ;; stylesheet may be decorated with STYLE attributes.  For example, the
+  ;; LI tags produced for list items may include a fragment of CSS in the
+  ;; STYLE attribute which sets the CSS property "list-style-type".
+  ;; /DESC
+  ;; AUTHOR N/A
+  ;; /REFENTRY
+  #t)
+
+;; HB added 2008-01-19
+(define %html-header-tags% 
+  '(("META" ("HTTP-EQUIV" "Content-Type") ("CONTENT" "text/html;
+charset=ISO-8859-1"))))
+
+</style-specification-body>
+</style-specification>
+
+
+<style-specification id="html-notoc" use="html">
+<style-specification-body> 
+
+;; ===================================================
+;; Vairant without TOC for the Homepage --oes 24/05/02
+;; ===================================================
+
+(define %generate-article-toc% 
+  ;; Should a Table of Contents be produced for Articles?
+  ;; If true, a Table of Contents will be generated for each 'Article'.
+  #f)
+
+</style-specification-body>
+</style-specification>
+
+<external-specification id="docbook" document="docbook.dsl">
+
+</style-sheet>
diff --git a/external/privoxy/doc/source/license.sgml b/external/privoxy/doc/source/license.sgml
new file mode 100644
index 0000000..b674770
--- /dev/null
+++ b/external/privoxy/doc/source/license.sgml
@@ -0,0 +1,50 @@
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/license.sgml,v $
+
+ Purpose     :  Entity included in other project documents.
+                
+ $Id: license.sgml,v 2.6 2008/05/23 15:09:48 fabiankeil Exp $
+
+  Copyright (C) 2001-2008 Privoxy Developers http://www.privoxy.org/
+  See LICENSE.
+ 
+ ======================================================================
+  This file used for inclusion with other documents only.
+ ======================================================================
+
+ If you make changes to this file, please verify the finished 
+ docs all display as intended.
+
+ This file is included into:
+
+  privoxy-man-page
+  user-manual
+  developer-manual
+  faq
+  webserver/index.sgml
+
+-->
+
+<para>
+ <application>Privoxy</application> is free software; you can
+ redistribute it and/or modify it under the terms of the 
+ <citetitle>GNU General Public License</citetitle>, version 2,
+ as published by the Free Software Foundation.
+</para>
+
+<para>
+ This program is distributed in the hope that it will be useful, but WITHOUT
+ ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ FITNESS FOR A PARTICULAR PURPOSE.  See the <ulink
+ url="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html">
+ <citetitle>GNU General Public License</citetitle></ulink> for details.
+</para>
+
+<para>
+ You should have received a copy of the <citetitle>GNU GPL</citetitle>
+ along with this program; if not, write to the <address> Free Software
+ Foundation, Inc. <street>51 Franklin Street, Fifth Floor</street>
+ <city>Boston</city>, <state>MA</state> <postcode>02110-1301</postcode>
+ <country>USA</country> </address>
+</para>
+
diff --git a/external/privoxy/doc/source/newfeatures.sgml b/external/privoxy/doc/source/newfeatures.sgml
new file mode 100644
index 0000000..b1db531
--- /dev/null
+++ b/external/privoxy/doc/source/newfeatures.sgml
@@ -0,0 +1,156 @@
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/newfeatures.sgml,v $
+
+ Purpose     :  Entity included in other project documents.
+                
+ $Id: newfeatures.sgml,v 2.10 2009/02/14 17:37:13 fabiankeil Exp $
+
+ Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
+ See LICENSE.
+
+ ======================================================================
+  This file used for inclusion with other documents only.
+ ======================================================================
+
+ If you make changes to this file, please verify the finished 
+ docs all display as intended.
+
+ This file is included into:
+
+  user-manual
+  faq
+
+-->
+<para>
+ <itemizedlist>
+
+<!--
+ <listitem>
+  <para>
+  FIXME: complete the list of features. change the order: most important
+  features to the top of the list. prefix new features with "NEW".
+  </para>
+ </listitem> 
+-->
+ <listitem>
+  <para>
+     Can keep outgoing connections alive and reuse them later on.
+  </para>
+ </listitem> 
+
+ <listitem>
+  <para>
+     Supports tagging which allows to change the behaviour
+     based on client and server headers.
+  </para>
+ </listitem> 
+
+ <listitem>
+  <para>
+     Can be run as an "intercepting" proxy, which obviates the need to
+     configure browsers individually.
+  </para>
+ </listitem> 
+
+ <listitem>
+  <para>
+     Sophisticated actions and filters for manipulating both server and client
+     headers. 
+   </para>
+ </listitem> 
+
+ <listitem>
+  <para>
+     Can be chained with other proxies.
+  </para>
+ </listitem> 
+
+ <listitem>
+  <para>
+   Integrated browser based configuration and control utility at <ulink
+   url="http://config.privoxy.org/">http://config.privoxy.org/</ulink>
+   (shortcut: <ulink url="http://p.p/">http://p.p/</ulink>). Browser-based
+   tracing of rule and filter effects. Remote toggling.
+  </para>
+ </listitem> 
+
+ <listitem>
+  <para>
+   Web page filtering (text replacements, removes banners based on size,
+   invisible <quote>web-bugs</quote>, JavaScript and HTML annoyances, 
+   pop-up windows, etc.)
+  </para>
+ </listitem> 
+
+ <listitem>
+  <para>
+   Modularized configuration that allows for standard settings and
+   user settings to reside in separate files, so that installing updated
+   actions files won't overwrite individual user settings.
+  </para>
+ </listitem> 
+
+ <listitem>
+  <para>
+   Support for Perl Compatible Regular Expressions in the configuration files, and 
+   a more sophisticated and flexible configuration syntax.
+  </para>
+ </listitem> 
+
+ <listitem>
+  <para>
+   Improved cookie management features (e.g. session based cookies).
+  </para>
+</listitem> 
+
+ <listitem>
+  <para>
+   GIF de-animation. 
+  </para>
+ </listitem> 
+ 
+ <listitem>
+  <para>
+   Bypass many click-tracking scripts (avoids script redirection).
+  </para>
+ </listitem> 
+ 
+ <listitem>
+  <para>
+   Multi-threaded (POSIX and native threads).
+  </para>
+ </listitem> 
+
+ <listitem>
+  <para>
+   User-customizable HTML templates for most proxy-generated pages (e.g. "blocked" page).
+  </para>
+ </listitem> 
+
+ <listitem>
+  <para>
+   Auto-detection and re-reading of config file changes.
+  </para>
+ </listitem> 
+
+ <listitem>
+  <para>
+   Improved signal handling, and a true daemon mode (Unix).
+  </para>
+</listitem> 
+
+ <listitem>
+  <para>
+   Every feature now controllable on a per-site or per-location basis, configuration
+   more powerful and versatile over-all.
+  </para>
+</listitem> 
+
+ <listitem>
+  <para>
+   Many smaller new features added, limitations and bugs removed.
+  </para>
+</listitem> 
+
+ </itemizedlist>
+</para>
diff --git a/external/privoxy/doc/source/p-authors.sgml b/external/privoxy/doc/source/p-authors.sgml
new file mode 100644
index 0000000..b8eb1ca
--- /dev/null
+++ b/external/privoxy/doc/source/p-authors.sgml
@@ -0,0 +1,159 @@
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/p-authors.sgml,v $
+
+ Purpose     :  Entity included in other project documents.
+                
+ $Id: p-authors.sgml,v 2.34 2009/02/08 18:13:26 fabiankeil Exp $
+
+ Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
+ See LICENSE.
+
+ ======================================================================
+  This file used for inclusion with other documents only.
+ ======================================================================
+
+ If you make changes to this file, please verify the finished 
+ docs all display as intended.
+
+ This file is included into:
+
+  privoxy-man-page
+  AUTHORS
+  user-manual
+
+-->
+<![%p-authors-formal;[
+<para>
+Current Privoxy Team:
+</para>
+]]>
+
+<literallayout>
+ Fabian Keil, lead developer
+ David Schmidt, developer
+<![%p-authors-formal;[
+]]>
+
+ Hal Burgiss
+ Mark Miller
+ Gerry Murphy
+ Lee Rian
+ Roland Rosenfeld
+ Jörg Strohmayer
+<![%p-authors-formal;[
+</literallayout>
+
+<para>
+ Former Privoxy Team Members:
+</para>
+
+<literallayout>
+ Johny Agotnes
+ Rodrigo Barbosa
+ Moritz Barsnick
+ Ian Cummings
+ Brian Dessent
+ Jon Foster
+ Karsten Hopp
+ Alexander Lazic
+ Daniel Leite
+ Gábor Lipták
+ Adam Lock
+ Guy Laroche
+ Justin McMurtry
+ Andreas Oesterhelt
+ Haroon Rafique
+ Georg Sauthoff
+ Thomas Steudten
+ Rodney Stromlund
+ Sviatoslav Sviridov
+ Sarantis Paskalis
+ Stefan Waldherr
+]]>
+</literallayout>
+<![%p-authors-formal;[
+<para>
+ Thanks to the many people who have tested Privoxy, reported bugs, provided
+ patches, made suggestions or contributed in some way. These include (in
+ alphabetical order):
+</para>
+<literallayout>
+ Ken Arromdee
+ Devin Bayer
+ Gergely Bor
+ Reiner Buehl
+ Andrew J. Caines
+ Clifford Caoile
+ Frédéric Crozat
+ Michael T. Davis
+ Mattes Dolak
+ Matthias Drochner
+ Peter E.
+ Florian Effenberger
+ Markus Elfring
+ Dean Gaudet
+ Stephen Gildea
+ Daniel Griscom
+ Felix Gröbert
+ Aaron Hamid
+ Darel Henman
+ Magnus Holmgren
+ Eric M. Hopper
+ Ralf Horstmann
+ Stefan Huehner
+ Peter Hyman
+ Derek Jennings
+ Petr Kadlec
+ David Laight
+ Bert van Leeuwen
+ Don Libes
+ Paul Lieverse
+ Toby Lyward
+ Wil Mahan
+ Jindrich Makovicka
+ David Mediavilla
+ Raphael Moll
+ Amuro Namie
+ Adam Piggott
+ Dan Price
+ Roberto Ragusa
+ Félix Rauch
+ Maynard Riley
+ Chung-chieh Shan
+ Spinor S.
+ Bart Schelstraete
+ Oliver Stoeneberg
+ Peter Thoenen
+ Martin Thomas
+ Bobby G. Vinyard
+ Jochen Voss
+ Glenn Washburn
+ Song Weijia
+ Jörg Weinmann
+ Darren Wiebe
+ Anduin Withers
+ Oliver Yeoh
+ Jamie Zawinski
+</literallayout>
+
+<para>
+ Privoxy is based in part on code originally developed by
+ Junkbusters Corp. and Anonymous Coders.
+</para>
+
+<para>
+ Privoxy heavily relies on Philip Hazel's PCRE.
+</para>
+
+<para>
+ The code to filter compressed content makes use of zlib
+ which is written by Jean-loup Gailly and Mark Adler.
+</para>
+
+<para>
+ On systems that lack snprintf(), Privoxy is using a version
+ written by Mark Martinec. On systems that lack strptime(),
+ Privoxy is using the one from the GNU C Library written
+ by Ulrich Drepper.
+</para>
+]]>
diff --git a/external/privoxy/doc/source/p-config.sgml b/external/privoxy/doc/source/p-config.sgml
new file mode 100644
index 0000000..3b59fbf
--- /dev/null
+++ b/external/privoxy/doc/source/p-config.sgml
@@ -0,0 +1,2756 @@
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/p-config.sgml,v $
+
+ Purpose     :  Used with other docs and files only.
+
+ $Id: p-config.sgml,v 2.41 2009/02/19 16:59:41 fabiankeil Exp $
+
+ Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
+ See LICENSE.
+
+ ========================================================================
+ NOTE: Please read developer-manual/documentation.html before touching 
+ anything in this, or other Privoxy documentation.
+ ========================================================================
+
+ 
+ This file contains all the config file comments and options. It used to 
+ build both the user-manual config sections, and all of config (yes, the main
+ config file) itself.
+
+ Rationale: This is broken up into two files since a file with a prolog 
+ (DTD, etc) cannot be sourced as a secondary file. config.sgml is basically
+ a wrapper for this file.
+
+ IMPORTANT:
+
+ OPTIONS: The actual options are included in this file and prefixed with 
+ '@@', and processed by the Makefile to strip the '@@'. Default options 
+ that should appear commented out should be listed as: '@@#OPTION'. 
+ Otherwise, as '@@OPTION'. Example:
+
+  @@listen-address  127.0.0.1:8118
+
+ The Makefile does significant other processing too. The final results 
+ should be checked to make sure that the perl processing does not 
+ fubar something!!! Makefile processing requires w3m, fmt (shell line
+ formatter), and perl.
+ 
+
+ This file is included into:
+
+   user-manual.sgml
+   config   (the actual Privoxy config file)
+
+-->
+
+<![%user-man;[
+<!-- This part only goes into user-manual -->
+<sect1 id="config">
+<title>The Main Configuration File</title>
+
+<para>
+ Again, the main configuration file is named <filename>config</filename> on
+ Linux/Unix/BSD and OS/2, and <filename>config.txt</filename> on Windows.
+ Configuration lines consist of an initial keyword followed by a list of
+ values, all separated by whitespace (any number of spaces or tabs). For
+ example:
+</para>
+
+<para>
+ <literal>
+  <msgtext> 
+   <literallayout>
+  <emphasis>confdir /etc/privoxy</emphasis></literallayout>
+  </msgtext>
+ </literal> 
+</para>
+
+<para>
+ Assigns the value <literal>/etc/privoxy</literal> to the option
+ <literal>confdir</literal> and thus indicates that the configuration
+ directory is named <quote>/etc/privoxy/</quote>.
+</para>
+
+<para>
+ All options in the config file except for <literal>confdir</literal> and
+ <literal>logdir</literal> are optional. Watch out in the below description
+ for what happens if you leave them unset.
+</para>
+
+<para>
+ The main config file controls all aspects of <application>Privoxy</application>'s
+ operation that are not location dependent (i.e. they apply universally, no matter
+ where you may be surfing).
+</para>
+
+]]>
+
+
+<![%config-file;[
+<!-- This part only goes into the config file -->
+<sect1 id="config">
+<title>
+ @@TITLE<!-- between the @@ is stripped by Makefile -->@@
+ Sample Configuration File for Privoxy v&p-version;
+</title>
+<para>
+ $Id: p-config.sgml,v 2.41 2009/02/19 16:59:41 fabiankeil Exp $
+</para>
+<para>
+Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
+</para>
+
+<para>
+ <literallayout>
+#################################################################
+                                                                #
+                    Table of Contents                           #
+                                                                #
+      I. INTRODUCTION                                           #
+     II. FORMAT OF THE CONFIGURATION FILE                       #
+                                                                #
+      1. LOCAL SET-UP DOCUMENTATION                             #
+      2. CONFIGURATION AND LOG FILE LOCATIONS                   #
+      3. DEBUGGING                                              #
+      4. ACCESS CONTROL AND SECURITY                            #
+      5. FORWARDING                                             #
+      6. WINDOWS GUI OPTIONS                                    #
+                                                                #
+#################################################################
+ </literallayout>
+</para>
+
+<literallayout>I. INTRODUCTION
+ ===============  <!-- fuck this madness --></literallayout>
+
+<para>
+ This file holds Privoxy's main configuration.  Privoxy detects
+ configuration changes automatically, so you don't have to restart it
+ unless you want to load a different configuration file.
+</para>
+<para>
+ The configuration will be reloaded with the first request after the
+ change was done, this request itself will still use the old configuration,
+ though. In other words: it takes two requests before you see the result of
+ your changes. Requests that are dropped due to ACL don't trigger reloads.
+</para>
+<para>
+ When starting Privoxy on Unix systems, give the location of this
+ file as last argument.  On Windows systems, Privoxy will look for
+ this file with the name 'config.txt' in the current working directory
+ of the Privoxy process.
+</para>
+
+<para>
+ <literallayout><!-- funky spacing -->
+
+II. FORMAT OF THE CONFIGURATION FILE
+====================================</literallayout>
+</para>
+<para>
+ Configuration lines consist of an initial keyword followed by a list
+ of values, all separated by whitespace (any number of spaces or
+ tabs).  For example,
+</para>
+<para>
+ actionsfile default.action
+</para>
+<para>
+ Indicates that the actionsfile is named 'default.action'.
+</para>
+<para>
+ The '#' indicates a comment.  Any part of a line following a '#' is
+ ignored, except if the '#' is preceded by a '\'.
+</para>
+<para>
+ Thus, by placing a # at the start of an existing configuration line,
+ you can make it a comment and it will be treated as if it weren't there. 
+ This is called "commenting out" an option and can be useful. Removing
+ the # again is called "uncommenting".
+</para>
+<para>
+ Note that commenting out an option and leaving it at its default
+ are two completely different things! Most options behave very
+ differently when unset. See the "Effect if unset" explanation
+ in each option's description for details.
+</para>
+<para>
+ Long lines can be continued on the next line by using a `\' as
+ the last character.
+</para>
+
+]]>
+
+<!-- ************************************************ -->
+<!-- The following is common to both outputs (mostly) -->
+<!-- ************************************************ -->
+
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2 id="local-set-up">
+<title>Local Set-up Documentation</title>
+
+  <para>
+    If you intend to operate <application>Privoxy</application> for more users
+    than just yourself, it might be a good idea to let them know how to reach
+    you, what you block and why you do that, your policies, etc.
+   </para>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="user-manual"><title>user-manual</title>
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    Location of the <application>Privoxy</application> User Manual.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>A fully qualified URI</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para><emphasis>Unset</emphasis></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    <ulink url="http://www.privoxy.org/user-manual/">http://www.privoxy.org/<replaceable class="parameter">version</replaceable>/user-manual/</ulink>
+    will be used, where <replaceable class="parameter">version</replaceable> is the <application>Privoxy</application> version.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+    <para>
+    The User Manual URI is the single best source of information on 
+    <application>Privoxy</application>, and is used for help links from some
+    of the internal CGI pages. The manual itself is normally packaged with the
+    binary distributions, so you probably want to set this to a locally
+    installed copy. 
+   </para>
+   <para>
+    Examples:
+   </para>
+  <!--
+  <para>
+   Unix, in local filesystem (may not work with all browsers):
+  </para>
+  <para>
+   <screen>  user-manual  file:///usr/share/doc/privoxy-&p-version;/user-manual/</screen>
+  </para>
+  <para>
+   Windows, in local filesystem, <emphasis>must</emphasis> use forward slash notation:
+  </para>
+  <para>
+   <screen>  user-manual  file:/c:/some-dir/privoxy-&p-version;/user-manual/</screen>
+  </para>
+  <para>
+   Windows, UNC notation (with forward slashes):
+  </para>
+  <para>
+   <screen>  user-manual  file://///some-server/some-path/privoxy-&p-version;/user-manual/</screen>
+  </para>
+ --> 
+  <para>
+   The best all purpose solution is simply to put the full local
+   <literal>PATH</literal> to where the <citetitle>User Manual</citetitle> is
+   located:
+  </para>
+  <para>
+   <screen>  user-manual  /usr/share/doc/privoxy/user-manual</screen>
+  </para>
+  <para>
+   The User Manual is then available to anyone with access to
+   <application>Privoxy</application>, by following the built-in URL:
+   <literal>http://config.privoxy.org/user-manual/</literal>
+   (or the shortcut: <literal>http://p.p/user-manual/</literal>).
+  </para>
+  <para>
+   If the documentation is not on the local system, it can be accessed 
+   from a remote server, as:
+  </para>
+  <para>
+   <screen>  user-manual  http://example.com/privoxy/user-manual/</screen>
+  </para>
+  <![%user-man;[
+   <!-- this gets hammered in conversion to config. Text repeated below. -->
+  <warning>
+   <para>
+     If set, this option should be <emphasis>the first option in the config
+     file</emphasis>, because it is used while the config file is being read
+     on start-up.
+   </para>
+  </warning>     
+  ]]>
+
+  <![%config-file;[
+   <!-- alternate -->
+   <para>
+    WARNING!!!
+   </para>
+   <blockquote>
+    <para> 
+     If set, this option should be the first option in the config
+     file, because it is used while the config file is being read.
+    </para>
+   </blockquote>
+  ]]>
+
+ </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@#user-manual http://www.privoxy.org/user-manual/</literallayout>]]>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="trust-info-url"><title>trust-info-url</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    A URL to be displayed in the error page that users will see if access to an untrusted page is denied.    
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>URL</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para><emphasis>Unset</emphasis></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    No links are displayed on the "untrusted" error page.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    The value of this option only matters if the experimental trust mechanism has been
+    activated. (See <link linkend="trustfile"><emphasis>trustfile</emphasis></link> below.)
+   </para>
+   <para>
+    If you use the trust mechanism, it is a good idea to write up some on-line
+    documentation about your trust policy and to specify the URL(s) here.
+    Use multiple times for multiple URLs.
+   </para>
+   <para>
+    The URL(s) should be added to the trustfile as well, so users don't end up
+    locked out from the information on why they were locked out in the first place!
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@#trust-info-url  http://www.example.com/why_we_block.html</literallayout>]]>
+<![%config-file;[<literallayout>@@#trust-info-url  http://www.example.com/what_we_allow.html</literallayout>]]>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="admin-address"><title>admin-address</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    An email address to reach the <application>Privoxy</application> administrator.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>Email address</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para><emphasis>Unset</emphasis></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    No email address is displayed on error pages and the CGI user interface.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    If both <literal>admin-address</literal> and <literal>proxy-info-url</literal>
+    are unset, the whole "Local Privoxy Support" box on all generated pages will
+    not be shown.
+   </para>  
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@#admin-address privoxy-admin at example.com</literallayout>]]>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="proxy-info-url"><title>proxy-info-url</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    A URL to documentation about the local <application>Privoxy</application> setup,
+    configuration or policies.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>URL</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para><emphasis>Unset</emphasis></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    No link to local documentation is displayed on error pages and the CGI user interface.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    If both <literal>admin-address</literal> and <literal>proxy-info-url</literal>
+    are unset, the whole "Local Privoxy Support" box on all generated pages will
+    not be shown.
+   </para>  
+   <para>
+    This URL shouldn't be blocked ;-)
+   </para> 
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@#proxy-info-url http://www.example.com/proxy-service.html</literallayout>]]>
+</sect3>
+
+</sect2>
+<!--  ~  End section  ~  -->
+
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+
+<sect2 id="conf-log-loc">
+<title>Configuration and Log File Locations</title>
+
+<para>
+ <application>Privoxy</application> can (and normally does) use a number of
+ other files for additional configuration, help and logging.
+ This section of the configuration file tells <application>Privoxy</application>
+ where to find those other files. 
+</para>
+
+<para>
+ The user running <application>Privoxy</application>, must have read
+ permission for all configuration files, and write permission to any files
+ that would be modified, such as log files and actions files.
+</para>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="confdir"><title>confdir</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>The directory where the other configuration files are located.</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>Path name</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para>/etc/privoxy (Unix) <emphasis>or</emphasis> <application>Privoxy</application> installation dir (Windows) </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para><emphasis>Mandatory</emphasis></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    No trailing <quote><literal>/</literal></quote>, please.
+   </para>
+  <!-- 
+   This is really outdated and not likely to happen. HB 09/20/06
+   <para>
+    When development goes modular and multi-user, the blocker, filter, and
+    per-user config will be stored in subdirectories of <quote>confdir</quote>.
+    For now, the configuration directory structure is flat, except for 
+    <filename>confdir/templates</filename>, where the HTML templates for CGI 
+    output reside (e.g. <application>Privoxy's</application> 404 error page). 
+   </para>
+  --> 
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@confdir .</literallayout>]]>
+</sect3>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="templdir"><title>templdir</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>An alternative directory where the templates are loaded from.</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>Path name</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para>unset</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>The templates are assumed to be located in confdir/template.</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    <application>Privoxy's</application> original templates are usually
+    overwritten with each update. Use this option to relocate customized
+    templates that should be kept. As template variables might change
+    between updates, you shouldn't expect templates to work with
+    <application>Privoxy</application> releases other than the one
+    they were part of, though.
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@#templdir .</literallayout>]]>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="logdir"><title>logdir</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    The directory where all logging takes place
+    (i.e. where the <filename>logfile</filename> is located).
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>Path name</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para>/var/log/privoxy (Unix) <emphasis>or</emphasis> <application>Privoxy</application> installation dir (Windows) </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para><emphasis>Mandatory</emphasis></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    No trailing <quote><literal>/</literal></quote>, please.
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@logdir .</literallayout>]]>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="actionsfile"><title>
+actionsfile
+</title>
+<anchor id="default.action">
+<anchor id="standard.action">
+<anchor id="user.action">
+<!-- Note: slightly modified this section 04/28/02, hal. See NOTE. -->
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    The <link linkend="actions-file">actions file(s)</link> to use
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>Complete file name, relative to <literal>confdir</literal></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default values:</term>
+  <listitem>
+   <simplelist>
+    <member>
+     <msgtext><literallayout>  match-all.action # Actions that are applied to all sites and maybe overruled later on.</literallayout></msgtext>
+    </member>
+    <member>
+     <msgtext><literallayout>  default.action   # Main actions file</literallayout></msgtext>
+    </member>
+    <member>
+     <msgtext><literallayout>  user.action      # User customizations</literallayout></msgtext>
+    </member>
+   </simplelist>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    No actions are taken at all. More or less neutral proxying. 
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    Multiple <literal>actionsfile</literal> lines are permitted, and are in fact recommended!
+   </para>
+   <para> 
+    The default values are <filename>default.action</filename>, which is the
+    <quote>main</quote> actions file maintained by the developers, and
+    <filename>user.action</filename>, where you can make your personal additions.
+   </para>
+   <para> 
+    Actions files contain all the per site and per URL configuration for 
+    ad blocking, cookie management, privacy considerations, etc.
+    There is no point in using <application>Privoxy</application> without at 
+    least one actions file.
+   </para>
+   <para>
+    Note that since Privoxy 3.0.7, the complete filename, including the <quote>.action</quote>
+    extension has to be specified.  The syntax change was necessary to be consistent
+    with the other file options and to allow previously forbidden characters.
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<!-- NOTE: alternate markup to make a simpler list doesn't work due to -->
+<!-- html -> text conversion, blah -->
+<![%config-file;[<literallayout>@@actionsfile match-all.action # Actions that are applied to all sites and maybe overruled later on.</literallayout>]]>
+<![%config-file;[<literallayout>@@actionsfile default.action   # Main actions file</literallayout>]]>
+<!--
+ XXX: Like user.filter, user.action should probably be commented out
+ by default as not all packages install it into the default directory.
+ fk 2007-11-07
+-->
+<![%config-file;[<literallayout>@@actionsfile user.action      # User customizations</literallayout>]]>
+</sect3>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="filterfile"><title>filterfile</title>
+<anchor id="default.filter">
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    The <link linkend="filter-file">filter file(s)</link> to use
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>File name, relative to <literal>confdir</literal></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para>default.filter (Unix) <emphasis>or</emphasis> default.filter.txt (Windows)</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    No textual content filtering takes place, i.e. all
+    <literal>+<link linkend="filter">filter</link>{<replaceable class="parameter">name</replaceable>}</literal>
+    actions in the actions files are turned neutral.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    Multiple <literal>filterfile</literal> lines are permitted.
+   </para>
+   <para>
+    The <link linkend="filter-file">filter files</link> contain content modification
+    rules that use <link linkend="regex">regular expressions</link>. These rules permit
+    powerful changes on the content of Web pages, and optionally the headers
+    as well, e.g., you could try to disable your favorite JavaScript annoyances,
+    re-write the actual displayed text, or just have some fun 
+    playing buzzword bingo with web pages.
+   </para>
+   <para>
+    The
+    <literal>+<link linkend="filter">filter</link>{<replaceable class="parameter">name</replaceable>}</literal>
+    actions rely on the relevant filter (<replaceable class="parameter">name</replaceable>)
+    to be defined in a filter file!
+   </para>
+   <para>
+    A pre-defined filter file called <filename>default.filter</filename> that contains
+    a number of useful filters for common problems is included in the distribution.
+    See the section on the <literal><link linkend="filter">filter</link></literal>
+    action for a list.
+   </para>
+   <para>
+    It is recommended to place any locally adapted filters into a separate
+    file, such as <filename>user.filter</filename>.
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@filterfile default.filter</literallayout>]]>
+<![%config-file;[<literallayout>@@#filterfile user.filter      # User customizations</literallayout>]]>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="logfile"><title>logfile</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    The log file to use
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>File name, relative to <literal>logdir</literal></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para><emphasis>Unset (commented out)</emphasis>. When activated: logfile (Unix) <emphasis>or</emphasis> privoxy.log (Windows).</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    No logfile is written.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    The logfile is where all logging and error messages are written. The level
+    of detail and number of messages are set with the <literal>debug</literal>
+    option (see below). The logfile can be useful for tracking down a problem with
+    <application>Privoxy</application> (e.g., it's not blocking an ad you
+    think it should block) and it can help you to monitor what your browser
+    is doing.
+   </para>
+   <para>
+    Depending on the debug options below, the logfile may be a privacy risk
+    if third parties can get access to it. As most users will never look
+    at it, <application>Privoxy</application> 3.0.7 and later only log fatal
+    errors by default.
+   </para>
+   <para>
+    For most troubleshooting purposes, you will have to change that,
+    please refer to the debugging section for details.
+   </para>
+   <para>
+    Your logfile will grow indefinitely, and you will probably want to
+    periodically remove it.  On Unix systems, you can do this with a cron job
+    (see <quote>man cron</quote>). For Red Hat based Linux distributions, a
+    <command>logrotate</command> script has been included.
+   </para> 
+   <para>
+    Any log files must be writable by whatever user <application>Privoxy</application>
+    is being run as (on Unix, default user id is <quote>privoxy</quote>).
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@logfile logfile</literallayout>]]>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="trustfile"><title>trustfile</title>
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    The name of the trust file to use
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>File name, relative to <literal>confdir</literal></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para><emphasis>Unset (commented out)</emphasis>. When activated: trust (Unix) <emphasis>or</emphasis> trust.txt (Windows)</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    The entire trust mechanism is disabled.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    The trust mechanism is an experimental feature for building white-lists and should
+    be used with care. It is <emphasis>NOT</emphasis> recommended for the casual user.
+   </para>
+   <para>
+    If you specify a trust file, <application>Privoxy</application> will only allow
+    access to sites that are specified in the trustfile. Sites can be listed 
+    in one of two ways:
+   </para>
+   <para>
+    Prepending a <literal>~</literal> character limits access to this site 
+    only (and any sub-paths within this site), e.g. 
+    <literal>~www.example.com</literal> allows access to
+    <literal>~www.example.com/features/news.html</literal>, etc. 
+   </para>
+   <para>
+    Or, you can designate sites as <emphasis>trusted referrers</emphasis>, by
+    prepending the name with a <literal>+</literal> character. The effect is that
+    access to untrusted sites will be granted -- but only if a link from this
+    trusted referrer was used to get there. The link target will then be added
+    to the <quote>trustfile</quote> so that future, direct accesses will be
+    granted. Sites added via this mechanism do not become trusted referrers
+    themselves (i.e. they are added with a <literal>~</literal> designation).
+    There is a limit of 512 such entries, after which new entries will not be
+    made.
+   </para>
+   <para>
+    If you use the <literal>+</literal> operator in the trust file, it may grow 
+    considerably over time.
+   </para>
+   <para>
+    It is recommended that <application>Privoxy</application> be compiled with
+    the <literal>--disable-force</literal>, <literal>--disable-toggle</literal> and
+    <literal> --disable-editor</literal> options, if this feature is to be
+    used.
+   </para>
+   <para>
+    Possible applications include limiting Internet access for children.
+   </para>
+   
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@#trustfile trust</literallayout>]]>
+</sect3>
+</sect2>
+
+<!--  ~  End section  ~  -->
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2 id="debugging">
+<title>Debugging</title>
+
+ <para>
+  These options are mainly useful when tracing a problem.
+  Note that you might also want to invoke
+  <application>Privoxy</application> with the <literal>--no-daemon</literal>
+  command line option when debugging.
+ </para>
+
+<sect3 renderas="sect4" id="debug"><title>debug</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    Key values that determine what information gets logged.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>Integer values</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para>0 (i.e.: only fatal errors (that cause Privoxy to exit) are logged)</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    Default value is used (see above).
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    The available debug levels are:
+   </para>
+   <para>
+    <programlisting>
+  debug     1 # Log the destination for each request &my-app; let through. See also debug 1024.
+  debug     2 # show each connection status
+  debug     4 # show I/O status
+  debug     8 # show header parsing
+  debug    16 # log all data written to the network into the logfile
+  debug    32 # debug force feature
+  debug    64 # debug regular expression filters
+  debug   128 # debug redirects
+  debug   256 # debug GIF de-animation
+  debug   512 # Common Log Format
+  debug  1024 # Log the destination for requests &my-app; didn't let through, and the reason why.
+  debug  2048 # CGI user interface
+  debug  4096 # Startup banner and warnings.
+  debug  8192 # Non-fatal errors
+</programlisting>
+   </para>
+   <para>
+    To select multiple debug levels, you can either add them or use
+    multiple <literal>debug</literal> lines.
+   </para>
+   <para>
+    A debug level of 1 is informative because it will show you each request
+    as it happens. <emphasis>1, 4096 and 8192 are recommended</emphasis>
+    so that you will notice when things go wrong. The other levels are
+    probably only of interest if you are hunting down a specific problem.
+    They can produce a hell of an output (especially 16).
+    <!-- LOL -->
+   </para>
+   <para>
+    &my-app; used to ship with the debug levels recommended above enabled by
+    default, but due to privacy concerns 3.0.7 and later are configured to
+    only log fatal errors.
+   </para>
+   <para>
+    If you are used to the more verbose settings, simply enable the debug lines
+    below again.
+   </para>
+   <para>
+    If you want to use pure CLF (Common Log Format), you should set <quote>debug
+    512</quote> <emphasis>ONLY</emphasis> and not enable anything else.
+   </para>
+   <para>
+    <application>Privoxy</application> has a hard-coded limit for the
+    length of log messages. If it's reached, messages are logged truncated
+    and marked with <quote>... [too long, truncated]</quote>.
+   </para>
+   <para>
+    Please don't file any support requests without trying to reproduce
+    the problem with increased debug level first. Once you read the log
+    messages, you may even be able to solve the problem on your own.
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@#debug     1 # Log the destination for each request &my-app; let through.</literallayout>]]>
+<![%config-file;[<literallayout>@@#debug  1024 # Log the destination for requests &my-app; didn't let through, and the reason why.</literallayout>]]>
+<![%config-file;[<literallayout>@@#debug  4096 # Startup banner and warnings</literallayout>]]>
+<![%config-file;[<literallayout>@@#debug  8192 # Non-fatal errors</literallayout>]]>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="single-threaded"><title>single-threaded</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    Whether to run only one server thread.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para><emphasis>None</emphasis></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para><emphasis>Unset</emphasis></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    Multi-threaded (or, where unavailable: forked) operation, i.e. the ability to
+    serve multiple requests simultaneously.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    This option is only there for debugging purposes.
+    <emphasis>It will drastically reduce performance.</emphasis>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@#single-threaded</literallayout>]]>
+</sect3>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="hostname"><title>hostname</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    The hostname shown on the CGI pages.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>Text</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para><emphasis>Unset</emphasis></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    The hostname provided by the operating system is used.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    On some misconfigured systems resolving the hostname fails or
+    takes too much time and slows Privoxy down. Setting a fixed hostname
+    works around the problem.
+   </para>
+   <para>
+    In other circumstances it might be desirable to show a hostname
+    other than the one returned by the operating system. For example
+    if the system has several different hostnames and you don't want
+    to use the first one.
+   </para>
+   <para>
+    Note that Privoxy does not validate the specified hostname value.
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@#hostname hostname.example.org</literallayout>]]>
+</sect3>
+
+</sect2>
+
+<!--  ~  End section  ~  -->
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2 id="access-control">
+<title>Access Control and Security</title>
+
+ <para>
+  This section of the config file controls the security-relevant aspects
+  of <application>Privoxy</application>'s configuration.
+ </para>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="listen-address"><title>listen-address</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    The IP address and TCP port on which <application>Privoxy</application> will
+    listen for client requests.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>[<replaceable class="parameter">IP-Address</replaceable>]:<replaceable class="parameter">Port</replaceable></para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para>127.0.0.1:8118</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    Bind to 127.0.0.1 (localhost), port 8118. This is suitable and recommended for
+    home users who run <application>Privoxy</application> on the same machine as
+    their browser.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    You will need to configure your browser(s) to this proxy address and port.
+   </para>
+   <para>
+    If you already have another service running on port 8118, or if you want to
+    serve requests from other machines (e.g. on your local network) as well, you
+    will need to override the default.
+   </para>
+   <para>
+    If you leave out the IP address, <application>Privoxy</application> will
+    bind to all interfaces (addresses) on your machine and may become reachable
+    from the Internet. In that case, consider using <link
+    linkend="acls">access control lists</link> (ACL's, see below), and/or
+    a firewall.
+   </para>
+   <para>
+    If you open <application>Privoxy</application> to untrusted users, you will
+    also want to make sure that the following actions are disabled:  <literal><link
+    linkend="enable-edit-actions">enable-edit-actions</link></literal> and
+    <literal><link linkend="enable-remote-toggle">enable-remote-toggle</link></literal>
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Example:</term>
+  <listitem>
+   <para>
+     Suppose you are running <application>Privoxy</application> on
+     a machine which has the address 192.168.0.1 on your local private network
+     (192.168.0.0) and has another outside connection with a different address.
+     You want it to serve requests from inside only:
+   </para>
+   <para>
+    <programlisting>
+  listen-address  192.168.0.1:8118
+</programlisting>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@listen-address  127.0.0.1:8118</literallayout>]]>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="toggle"><title>toggle</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    Initial state of "toggle" status
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>1 or 0</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para>1</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    Act as if toggled on
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    If set to 0, <application>Privoxy</application> will start in
+    <quote>toggled off</quote> mode, i.e. mostly behave like a normal,
+    content-neutral proxy with both ad blocking and content filtering
+    disabled. See <literal>enable-remote-toggle</literal> below.
+<!--
+    This is not really useful
+    anymore, since toggling is much easier via <ulink
+    url="http://config.privoxy.org/toggle">the web interface</ulink> than via
+    editing the <filename>conf</filename> file.
+
+    Remote toggling is now disabled by default. fk 2007-11-07)
+-->
+   </para>
+   <para>
+    The windows version will only display the toggle icon in the system tray
+    if this option is present.
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@toggle  1</literallayout>]]>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="enable-remote-toggle"><title>enable-remote-toggle</title>
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    Whether or not the <ulink url="http://config.privoxy.org/toggle">web-based toggle
+    feature</ulink> may be used
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>0 or 1</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para>0</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    The web-based toggle feature is disabled.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    When toggled off, <application>Privoxy</application> mostly acts like a normal,
+    content-neutral proxy, i.e. doesn't block ads or filter content.
+   </para>
+   <para>
+    Access to the toggle feature can <emphasis>not</emphasis> be
+    controlled separately by <quote>ACLs</quote> or HTTP authentication,
+    so that everybody who can access <application>Privoxy</application> (see
+    <quote>ACLs</quote> and <literal>listen-address</literal> above) can
+    toggle it for all users. So this option is <emphasis>not recommended</emphasis>
+    for multi-user environments with untrusted users.
+   </para>
+   <para>
+    Note that malicious client side code (e.g Java) is also
+    capable of using this option.
+   </para>
+   <para>
+    As a lot of <application>Privoxy</application> users don't read
+    documentation, this feature is disabled by default.
+   </para>
+   <para>
+    Note that you must have compiled <application>Privoxy</application> with
+    support for this feature, otherwise this option has no effect. 
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@enable-remote-toggle  0</literallayout>]]>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="enable-remote-http-toggle"><title>enable-remote-http-toggle</title>
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    Whether or not Privoxy recognizes special HTTP headers to change its behaviour.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>0 or 1</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para>0</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    Privoxy ignores special HTTP headers.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    When toggled on, the client can change <application>Privoxy's</application>
+    behaviour by setting special HTTP headers. Currently the only supported
+    special header is <quote>X-Filter: No</quote>, to disable filtering for
+    the ongoing request, even if it is enabled in one of the action files.
+   </para>
+   <para>
+    This feature is disabled by default. If you are using
+    <application>Privoxy</application> in a environment with trusted clients,
+    you may enable this feature at your discretion. Note that malicious client
+    side code (e.g Java) is also capable of using this feature.
+   </para>
+   <para>
+    This option will be removed in future releases as it has been obsoleted
+    by the more general header taggers.
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@enable-remote-http-toggle  0</literallayout>]]>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="enable-edit-actions"><title>enable-edit-actions</title>
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    Whether or not the <ulink url="http://config.privoxy.org/show-status">web-based actions
+    file editor</ulink> may be used
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>0 or 1</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para>0</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    The web-based actions file editor is disabled.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    Access to the editor can <emphasis>not</emphasis> be
+    controlled separately by <quote>ACLs</quote> or HTTP authentication,
+    so that everybody who can access <application>Privoxy</application> (see
+    <quote>ACLs</quote> and <literal>listen-address</literal> above) can
+    modify its configuration for all users.
+   </para>
+   <para>
+    This option is <emphasis>not recommended</emphasis> for environments
+    with untrusted users and as a lot of <application>Privoxy</application>
+    users don't read documentation, this feature is disabled by default.
+   </para>
+   <para>
+    Note that malicious client side code (e.g Java) is also
+    capable of using the actions editor and you shouldn't enable
+    this options unless you understand the consequences and are
+    sure your browser is configured correctly.
+   </para>
+   <para>
+    Note that you must have compiled <application>Privoxy</application> with
+    support for this feature, otherwise this option has no effect. 
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@enable-edit-actions 0</literallayout>]]>
+</sect3>
+
+
+<sect3 renderas="sect4" id="enforce-blocks"><title>enforce-blocks</title>
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    Whether the user is allowed to ignore blocks and can <quote>go there anyway</quote>.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>
+    <replaceable>0 or 1</replaceable>
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para><emphasis>0</emphasis></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    Blocks are not enforced.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    <application>Privoxy</application> is mainly used to block and filter
+    requests as a service to the user, for example to block ads and other
+    junk that clogs the pipes. <application>Privoxy's</application> configuration
+    isn't perfect and sometimes innocent pages are blocked. In this situation it
+    makes sense to allow the user to enforce the request and have
+    <application>Privoxy</application> ignore the block.
+   </para>
+   <para>
+    In the default configuration <application>Privoxy's</application>
+    <quote>Blocked</quote> page contains a <quote>go there anyway</quote>
+    link to adds a special string (the force prefix) to the request URL.
+    If that link is used, <application>Privoxy</application> will
+    detect the force prefix, remove it again and let the request pass.
+   </para>
+   <para>
+    Of course <application>Privoxy</application> can also be used to enforce
+    a network policy. In that case the user obviously should not be able to
+    bypass any blocks, and that's what the <quote>enforce-blocks</quote>
+    option is for. If it's enabled, <application>Privoxy</application> hides
+    the <quote>go there anyway</quote> link. If the user adds the force
+    prefix by hand, it will not be accepted and the circumvention attempt
+    is logged.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Examples:</term>
+  <listitem>
+   <para>
+    enforce-blocks 1
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+<![%config-file;[<literallayout>@@enforce-blocks 0</literallayout>]]>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="acls"><title>
+ACLs: permit-access and deny-access</title>
+<anchor id="permit-access">
+<anchor id="deny-access">
+
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    Who can access what.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>
+    <replaceable class="parameter">src_addr</replaceable>[/<replaceable class="parameter">src_masklen</replaceable>]
+    [<replaceable class="parameter">dst_addr</replaceable>[/<replaceable class="parameter">dst_masklen</replaceable>]]
+   </para>
+   <para>
+    Where <replaceable class="parameter">src_addr</replaceable> and 
+   <replaceable class="parameter">dst_addr</replaceable> are IP addresses in dotted decimal notation or valid
+    DNS names, and <replaceable class="parameter">src_masklen</replaceable> and
+    <replaceable class="parameter">dst_masklen</replaceable> are subnet masks in CIDR notation, i.e. integer
+    values from 2 to 30 representing the length (in bits) of the network address. The masks and the whole
+    destination part are optional.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para><emphasis>Unset</emphasis></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    Don't restrict access further than implied by <literal>listen-address</literal>
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    Access controls are included at the request of ISPs and systems
+    administrators, and <emphasis>are not usually needed by individual users</emphasis>.
+    For a typical home user, it will normally suffice to ensure that 
+    <application>Privoxy</application> only listens on the localhost
+    (127.0.0.1) or internal (home) network address by means of the
+    <link linkend="listen-address"><emphasis>listen-address</emphasis></link>
+    option. 
+   </para>
+   <para>
+    Please see the warnings in the FAQ that <application>Privoxy</application>
+    is not intended to be a substitute for a firewall or to encourage anyone
+    to defer addressing basic security weaknesses.
+   </para>
+   <para>
+    Multiple ACL lines are OK.
+    If any ACLs are specified, <application>Privoxy</application> only talks
+    to IP addresses that match at least one <literal>permit-access</literal> line
+    and don't match any subsequent <literal>deny-access</literal> line. In other words, the
+    last match wins, with the default being <literal>deny-access</literal>.
+   </para>
+   <para>
+    If <application>Privoxy</application> is using a forwarder (see <literal>forward</literal> below)
+    for a particular destination URL, the <replaceable class="parameter">dst_addr</replaceable>
+    that is examined is the address of the forwarder and <emphasis>NOT</emphasis> the address
+    of the ultimate target. This is necessary because it may be impossible for the local
+    <application>Privoxy</application> to determine the IP address of the
+    ultimate target (that's often what gateways are used for).
+   </para>
+   <para>
+    You should prefer using IP addresses over DNS names, because the address lookups take
+    time. All DNS names must resolve! You can <emphasis>not</emphasis> use domain patterns
+    like <quote>*.org</quote> or partial domain names. If a DNS name resolves to multiple
+    IP addresses, only the first one is used.
+   </para>
+   <para>
+    Denying access to particular sites by ACL may have undesired side effects
+    if the site in question is hosted on a machine which also hosts other sites
+    (most sites are).
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Examples:</term>
+  <listitem>
+   <para>
+    Explicitly define the default behavior if no ACL and
+    <literal>listen-address</literal> are set: <quote>localhost</quote>
+    is OK. The absence of a <replaceable class="parameter">dst_addr</replaceable> implies that
+    <emphasis>all</emphasis> destination addresses are OK:
+   </para>
+   <para>
+    <screen>
+  permit-access  localhost
+</screen>
+   </para>
+   <para>
+    Allow any host on the same class C subnet as www.privoxy.org access to
+    nothing but www.example.com (or other domains hosted on the same system):
+   </para>
+   <para>
+    <screen>
+  permit-access  www.privoxy.org/24 www.example.com/32
+</screen>
+   </para>
+   <para>
+    Allow access from any host on the 26-bit subnet 192.168.45.64 to anywhere,
+    with the exception that 192.168.45.73 may not access the IP address behind
+    www.dirty-stuff.example.com:
+   </para>
+   <para>
+    <screen>
+  permit-access  192.168.45.64/26
+  deny-access    192.168.45.73    www.dirty-stuff.example.com
+</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="buffer-limit"><title>buffer-limit</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    Maximum size of the buffer for content filtering.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>Size in Kbytes</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para>4096</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    Use a 4MB (4096 KB) limit.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    For content filtering, i.e. the <literal>+filter</literal> and
+    <literal>+deanimate-gif</literal> actions, it is necessary that 
+    <application>Privoxy</application> buffers the entire document body.
+    This can be potentially dangerous, since a server could just keep sending
+    data indefinitely and wait for your RAM to exhaust -- with nasty consequences.
+    Hence this option.
+   </para>
+   <para>
+    When a document buffer size reaches the <literal>buffer-limit</literal>, it is
+    flushed to the client unfiltered and no further attempt to
+    filter the rest of the document is made. Remember that there may be multiple threads
+    running, which might require up to <literal>buffer-limit</literal> Kbytes
+    <emphasis>each</emphasis>, unless you have enabled <quote>single-threaded</quote>
+    above.
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<![%config-file;[<literallayout>@@buffer-limit 4096</literallayout>]]>
+</sect3>
+
+</sect2>
+
+<!--  ~  End section  ~  -->
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+
+<sect2 id="forwarding">
+<title>Forwarding</title>
+
+<para>
+ This feature allows routing of HTTP requests through a chain of
+ multiple proxies.
+</para>
+<para>
+ Forwarding can be used to chain Privoxy with a caching proxy to speed
+ up browsing. Using a parent proxy may also be necessary if the machine
+ that <application>Privoxy</application> runs on has no direct Internet access.
+</para>
+<para>
+ Note that parent proxies can severely decrease your privacy level.
+ For example a parent proxy could add your IP address to the request
+ headers and if it's a caching proxy it may add the <quote>Etag</quote>
+ header to revalidation requests again, even though you configured Privoxy
+ to remove it. It may also ignore Privoxy's header time randomization and use the
+ original values which could be used by the server as cookie replacement
+ to track your steps between visits.
+</para>
+
+<para>
+ Also specified here are SOCKS proxies. <application>Privoxy</application>
+ supports the SOCKS 4 and SOCKS 4A protocols.
+</para>
+
+<sect3 renderas="sect4" id="forward"><title>forward</title>
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    To which parent HTTP proxy specific requests should be routed.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>
+    <replaceable class="parameter">target_pattern</replaceable>
+    <replaceable class="parameter">http_parent</replaceable>[:<replaceable class="parameter">port</replaceable>]
+   </para>
+   <para>
+    where <replaceable class="parameter">target_pattern</replaceable> is a <link linkend="af-patterns">URL pattern</link> 
+    that specifies to which requests (i.e. URLs) this forward rule shall apply. Use <literal>/</literal> to
+    denote <quote>all URLs</quote>.
+    <replaceable class="parameter">http_parent</replaceable>[:<replaceable class="parameter">port</replaceable>]
+    is the DNS name or IP address of the parent HTTP proxy through which the requests should be forwarded,
+    optionally followed by its listening port (default: 8080).
+    Use a single dot (<literal>.</literal>) to denote <quote>no forwarding</quote>.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para><emphasis>Unset</emphasis></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    Don't use parent HTTP proxies.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    If <replaceable class="parameter">http_parent</replaceable> is <quote>.</quote>, then requests are not
+    forwarded to another HTTP proxy but are made directly to the web servers.
+   </para>
+   <para>
+    Multiple lines are OK, they are checked in sequence, and the last match wins.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Examples:</term>
+  <listitem>
+   <para>
+    Everything goes to an example parent proxy, except SSL on port 443 (which it doesn't handle):
+   </para>
+   <para>
+    <screen>
+  forward   /      parent-proxy.example.org:8080
+  forward   :443   .
+</screen>
+   </para>
+   <para>
+    Everything goes to our example ISP's caching proxy, except for requests
+    to that ISP's sites:
+   </para>
+   <para>
+    <screen>
+  forward   /                  caching-proxy.isp.example.net:8000
+  forward   .isp.example.net   .
+</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="socks"><title>
+forward-socks4, forward-socks4a and forward-socks5</title>
+<anchor id="forward-socks4">
+<anchor id="forward-socks4a">
+
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    Through which SOCKS proxy (and optionally to which parent HTTP proxy) specific requests should be routed.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>
+    <replaceable class="parameter">target_pattern</replaceable>
+    <replaceable class="parameter">socks_proxy</replaceable>[:<replaceable class="parameter">port</replaceable>]
+    <replaceable class="parameter">http_parent</replaceable>[:<replaceable class="parameter">port</replaceable>]
+   </para>
+   <para>
+    where <replaceable class="parameter">target_pattern</replaceable> is a
+    <link linkend="af-patterns">URL pattern</link> that specifies to which
+    requests (i.e. URLs) this forward rule shall apply. Use <literal>/</literal> to
+    denote <quote>all URLs</quote>. <replaceable class="parameter">http_parent</replaceable>
+    and <replaceable class="parameter">socks_proxy</replaceable>
+    are IP addresses in dotted decimal notation or valid DNS names
+    (<replaceable class="parameter">http_parent</replaceable>
+    may be <quote>.</quote> to denote <quote>no HTTP forwarding</quote>), and the optional 
+    <replaceable class="parameter">port</replaceable> parameters are TCP ports,
+    i.e. integer values from 1 to 65535
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para><emphasis>Unset</emphasis></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    Don't use SOCKS proxies.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    Multiple lines are OK, they are checked in sequence, and the last match wins.
+   </para>
+   <para>
+    The difference between <literal>forward-socks4</literal> and <literal>forward-socks4a</literal>
+    is that in the SOCKS 4A protocol, the DNS resolution of the target hostname happens on the SOCKS
+    server, while in SOCKS 4 it happens locally.
+   </para>
+   <para>
+    With <literal>forward-socks5</literal> the DNS resolution will happen on the remote server as well.
+   </para>
+   <para>
+    If <replaceable class="parameter">http_parent</replaceable> is <quote>.</quote>, then requests are not
+    forwarded to another HTTP proxy but are made (HTTP-wise) directly to the web servers, albeit through
+    a SOCKS proxy.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Examples:</term>
+  <listitem>
+   <para>
+     From the company example.com, direct connections are made to all
+     <quote>internal</quote> domains, but everything outbound goes through
+     their ISP's proxy by way of example.com's corporate SOCKS 4A gateway to
+     the Internet.
+   </para>
+   <para>
+    <screen>
+  forward-socks4a   /              socks-gw.example.com:1080  www-cache.isp.example.net:8080
+  forward           .example.com   .
+</screen>
+   </para>
+   <para>
+    A rule that uses a SOCKS 4 gateway for all destinations but no HTTP parent looks like this:
+   </para>
+   <para>
+    <screen>
+  forward-socks4   /               socks-gw.example.com:1080  .
+</screen>
+   </para>
+  
+    <para>
+    To chain Privoxy and Tor, both running on the same system, you would use 
+    something like:
+   </para>
+   <para>
+    <screen>
+  forward-socks4a   /               127.0.0.1:9050 .
+</screen>
+   </para>
+
+    <para>
+    The public <application>Tor</application> network can't be used to
+    reach your local network, if you need to access local servers you
+    therefore might want to make some exceptions:
+   </para>
+   <para>
+    <screen>
+  forward         192.168.*.*/     .
+  forward            10.*.*.*/     .
+  forward           127.*.*.*/     .
+</screen>
+   </para>
+   <para>
+    Unencrypted connections to systems in these address ranges will
+    be as (un)secure as the local network is, but the alternative is that you
+    can't reach the local network through <application>Privoxy</application>
+    at all. Of course this may actually be desired and there is no reason
+    to make these exceptions if you aren't sure you need them.
+   </para>
+   <para>
+    If you also want to be able to reach servers in your local network by
+    using their names, you will need additional exceptions that look like
+    this:
+   </para>
+   <para>
+    <screen>
+ forward           localhost/     .
+</screen>
+   </para>
+
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+<![%user-man;[     <!-- not included in config due to length -->
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="advanced-forwarding-examples"><title>Advanced Forwarding Examples</title>
+
+<para>
+ If you have links to multiple ISPs that provide various special content 
+ only to their subscribers, you can configure multiple <application>Privoxies</application>
+ which have connections to the respective ISPs to act as forwarders to each other, so that
+ <emphasis>your</emphasis> users can see the internal content of all ISPs.
+</para>
+
+<para>
+ Assume that host-a has a PPP connection to isp-a.example.net. And host-b has a PPP connection to
+ isp-b.example.org. Both run <application>Privoxy</application>. Their forwarding
+ configuration can look like this:
+</para>
+
+<para>
+ host-a:
+</para>
+
+<para>
+ <screen>
+  forward    /           .
+  forward    .isp-b.example.net  host-b:8118
+</screen>
+</para>
+
+<para>
+ host-b:
+</para>
+
+<para>
+ <screen>
+  forward    /           .
+  forward    .isp-a.example.org  host-a:8118
+</screen>
+</para>
+
+<para>
+ Now, your users can set their browser's proxy to use either
+ host-a or host-b and be able to browse the internal content
+ of both isp-a and isp-b.
+</para>
+
+<para>
+ If you intend to chain <application>Privoxy</application> and 
+ <application>squid</application> locally, then chaining as 
+ <literal>browser -> squid -> privoxy</literal> is the recommended way. 
+</para>
+
+<para>
+ Assuming that <application>Privoxy</application> and <application>squid</application>
+ run on the same box, your <application>squid</application> configuration could then look like this:
+</para>
+
+<para>
+ <screen>
+  # Define Privoxy as parent proxy (without ICP) 
+  cache_peer 127.0.0.1 parent 8118 7 no-query 
+
+  # Define ACL for protocol FTP 
+  acl ftp proto FTP 
+
+  # Do not forward FTP requests to Privoxy
+  always_direct allow ftp 
+
+  # Forward all the rest to Privoxy
+  never_direct allow all</screen>
+</para>
+
+<para>
+ You would then need to change your browser's proxy settings to <application>squid</application>'s address and port.
+ Squid normally uses port 3128. If unsure consult <literal>http_port</literal> in <filename>squid.conf</filename>.
+</para>
+
+<para>
+ You could just as well decide to only forward requests you suspect
+ of leading to Windows executables through a virus-scanning parent proxy,
+ say, on <literal>antivir.example.com</literal>, port 8010:
+</para>
+
+<para>
+ <screen>
+  forward   /                          .
+  forward   /.*\.(exe|com|dll|zip)$    antivir.example.com:8010</screen> 
+</para>
+
+</sect3>
+]]>
+
+<sect3 renderas="sect4" id="forwarded-connect-retries"><title>forwarded-connect-retries</title>
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    How often Privoxy retries if a forwarded connection request fails. 
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>
+    <replaceable class="parameter">Number of retries.</replaceable>
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para><emphasis>0</emphasis></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    Connections forwarded through other proxies are treated like direct connections and no retry attempts are made.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    <replaceable class="parameter">forwarded-connect-retries</replaceable> is mainly interesting
+    for socks4a connections, where <application>Privoxy</application> can't detect why the connections failed.
+    The connection might have failed because of a DNS timeout in which case a retry makes sense,
+    but it might also have failed because the server doesn't exist or isn't reachable. In this
+    case the retry will just delay the appearance of Privoxy's error message.
+   </para>
+   <para>
+    Note that in the context of this option, <quote>forwarded connections</quote> includes all connections
+    that Privoxy forwards through other proxies. This option is not limited to the HTTP CONNECT method.
+   </para>
+   <para>
+    Only use this option, if you are getting lots of forwarding-related error messages
+    that go away when you try again manually. Start with a small value and check Privoxy's
+    logfile from time to time, to see how many retries are usually needed.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Examples:</term>
+  <listitem>
+   <para>
+    forwarded-connect-retries 1
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+<![%config-file;[<literallayout>@@forwarded-connect-retries  0</literallayout>]]>
+</sect3>
+
+<sect3 renderas="sect4" id="accept-intercepted-requests"><title>accept-intercepted-requests</title>
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    Whether intercepted requests should be treated as valid.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>
+    <replaceable>0 or 1</replaceable>
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para><emphasis>0</emphasis></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    Only proxy requests are accepted, intercepted requests are treated as invalid.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    If you don't trust your clients and want to force them
+    to use <application>Privoxy</application>, enable this
+    option and configure your packet filter to redirect outgoing
+    HTTP connections into <application>Privoxy</application>. 
+   </para>
+   <para>
+    Make sure that <application>Privoxy's</application> own requests
+    aren't redirected as well. Additionally take care that
+    <application>Privoxy</application> can't intentionally connect
+    to itself, otherwise you could run into redirection loops if
+    <application>Privoxy's</application> listening port is reachable
+    by the outside or an attacker has access to the pages you visit.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Examples:</term>
+  <listitem>
+   <para>
+    accept-intercepted-requests 1
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+<![%config-file;[<literallayout>@@accept-intercepted-requests 0</literallayout>]]>
+</sect3>
+
+<sect3 renderas="sect4" id="allow-cgi-request-crunching"><title>allow-cgi-request-crunching</title>
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    Whether requests to <application>Privoxy's</application> CGI pages can be blocked or redirected.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>
+    <replaceable>0 or 1</replaceable>
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para><emphasis>0</emphasis></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    <application>Privoxy</application> ignores block and redirect actions for its CGI pages.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    By default <application>Privoxy</application> ignores block or redirect actions
+    for its CGI pages. Intercepting these requests can be useful in multi-user
+    setups to implement fine-grained access control, but it can also render the complete
+    web interface useless and make debugging problems painful if done without care.
+   </para>
+   <para>
+    Don't enable this option unless you're sure that you really need it.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Examples:</term>
+  <listitem>
+   <para>
+    allow-cgi-request-crunching 1
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+<![%config-file;[<literallayout>@@allow-cgi-request-crunching 0</literallayout>]]>
+</sect3>
+
+<sect3 renderas="sect4" id="split-large-forms"><title>split-large-forms</title>
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    Whether the CGI interface should stay compatible with broken HTTP clients.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>
+    <replaceable>0 or 1</replaceable>
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para><emphasis>0</emphasis></para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    The CGI form generate long GET URLs.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    <application>Privoxy's</application> CGI forms can lead to
+    rather long URLs. This isn't a problem as far as the HTTP
+    standard is concerned, but it can confuse clients with arbitrary
+    URL length limitations.
+   </para>
+   <para>
+    Enabling split-large-forms causes <application>Privoxy</application>
+    to divide big forms into smaller ones to keep the URL length down.
+    It makes editing a lot less convenient and you can no longer
+    submit all changes at once, but at least it works around this
+    browser bug.
+   </para>
+   <para>
+    If you don't notice any editing problems, there is no reason
+    to enable this option, but if one of the submit buttons appears
+    to be broken, you should give it a try.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Examples:</term>
+  <listitem>
+   <para>
+    split-large-forms 1
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+<![%config-file;[<literallayout>@@split-large-forms 0</literallayout>]]>
+</sect3>
+
+<sect3 renderas="sect4" id="keep-alive-timeout"><title>keep-alive-timeout</title>
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    Number of seconds after which an open connection will no longer be reused.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>
+    <replaceable>Time in seconds.</replaceable>
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para>None</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    Connections are not reused.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    This option has no effect if <application>Privoxy</application>
+    has been compiled without keep-alive support.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    Note that reusing connections doesn't necessary cause speedups.
+    There are also a few privacy implications you should be aware of.
+   </para>
+   <para>
+    Outgoing connections are shared between clients (if there are more
+    than one) and closing the client that initiated the outgoing connection
+    does not affect the connection between &my-app; and the server unless
+    the client's request hasn't been completed yet. If the outgoing connection
+    is idle, it will not be closed until either <application>Privoxy's</application>
+    or the server's timeout is reached. While it's open, the server knows
+    that the system running &my-app; is still there.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Examples:</term>
+  <listitem>
+   <para>
+    keep-alive-timeout 300
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+<![%config-file;[<literallayout>@@keep-alive-timeout 300</literallayout>]]>
+</sect3>
+
+
+<sect3 renderas="sect4" id="socket-timeout"><title>socket-timeout</title>
+<variablelist>
+ <varlistentry>
+  <term>Specifies:</term>
+  <listitem>
+   <para>
+    Number of seconds after which a socket times out if
+    no data is received.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Type of value:</term>
+  <listitem>
+   <para>
+    <replaceable>Time in seconds.</replaceable>
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Default value:</term>
+  <listitem>
+   <para>None</para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Effect if unset:</term>
+  <listitem>
+   <para>
+    A default value of 300 seconds is used.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    For SOCKS requests the timeout currently doesn't start until
+    the SOCKS server accepted the request. This will be fixed in
+    the next release.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Examples:</term>
+  <listitem>
+   <para>
+    socket-timeout 300
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+<![%config-file;[<literallayout>@@socket-timeout 300</literallayout>]]>
+</sect3>
+
+
+</sect2>
+
+<!--  ~  End section  ~  -->
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+
+<sect2 id="windows-gui">
+<title>Windows GUI Options</title>
+<para>
+ <application>Privoxy</application> has a number of options specific to the
+ Windows GUI interface:
+</para>
+
+<anchor id="activity-animation">
+<![%config-file;[<para>@@</para>]]> <!-- for spacing -->
+<para>
+ If <quote>activity-animation</quote> is set to 1, the
+ <application>Privoxy</application> icon will animate when
+ <quote>Privoxy</quote> is active. To turn off, set to 0.
+</para>
+
+<![%config-file;[<literallayout>@@#activity-animation   1</literallayout>]]>
+<![%user-man;[
+<para>
+ <literal>
+  <msgtext> 
+   <literallayout>
+  <emphasis>activity-animation   1</emphasis>
+   </literallayout>
+  </msgtext> 
+ </literal>
+</para>
+]]>
+
+<anchor id="log-messages">
+<![%config-file;[<para>@@</para>]]> <!-- for spacing -->
+<para>
+ If <quote>log-messages</quote> is set to 1,
+ <application>Privoxy</application> will log messages to the console
+ window:
+</para>
+
+<![%config-file;[<literallayout>@@#log-messages   1</literallayout>]]>
+<![%user-man;[
+<para>
+ <literal>
+  <msgtext> 
+   <literallayout>
+  <emphasis>log-messages       1</emphasis>
+   </literallayout>
+  </msgtext> 
+ </literal>
+</para>
+]]>
+
+<anchor id="log-buffer-size">
+<![%config-file;[<para>@@</para>]]> <!-- for spacing -->
+<para> 
+ If <quote>log-buffer-size</quote> is set to 1, the size of the log buffer,
+ i.e. the amount of memory used for the log messages displayed in the
+ console window, will be limited to <quote>log-max-lines</quote> (see below).
+</para>
+
+<para>
+ Warning: Setting this to 0 will result in the buffer to grow infinitely and
+ eat up all your memory!
+</para>
+
+<![%config-file;[<literallayout>@@#log-buffer-size 1</literallayout>]]>
+<![%user-man;[
+<para>
+ <literal>
+  <msgtext> 
+   <literallayout>
+  <emphasis>log-buffer-size      1</emphasis>
+   </literallayout>
+  </msgtext> 
+ </literal>
+</para>
+]]>
+
+<anchor id="log-max-lines">
+<![%config-file;[<para>@@</para>]]> <!-- for spacing -->
+<para>
+ <application>log-max-lines</application> is the maximum number of lines held
+ in the log buffer. See above.
+</para>
+
+<![%config-file;[<literallayout>@@#log-max-lines 200</literallayout>]]>
+<![%user-man;[
+<para>
+ <literal>
+  <msgtext> 
+   <literallayout>
+  <emphasis>log-max-lines      200</emphasis>
+   </literallayout>
+  </msgtext> 
+ </literal>
+</para>
+]]>
+
+<anchor id="log-highlight-messages">
+<![%config-file;[<para>@@</para>]]> <!-- for spacing -->
+<para>
+ If <quote>log-highlight-messages</quote> is set to 1,
+ <application>Privoxy</application> will highlight portions of the log
+ messages with a bold-faced font:
+</para>
+
+<![%config-file;[<literallayout>@@#log-highlight-messages 1</literallayout>]]>
+<![%user-man;[
+<para>
+ <literal>
+  <msgtext> 
+   <literallayout>
+  <emphasis>log-highlight-messages   1</emphasis>
+   </literallayout>
+  </msgtext> 
+ </literal>
+</para>
+]]>
+
+<anchor id="log-font-name">
+<![%config-file;[<para>@@</para>]]> <!-- for spacing -->
+<para>
+ The font used in the console window:
+</para>
+
+<![%config-file;[<literallayout>@@#log-font-name Comic Sans MS</literallayout>]]>
+<![%user-man;[
+<para>
+ <literal>
+  <msgtext> 
+   <literallayout>
+  <emphasis>log-font-name        Comic Sans MS</emphasis>
+   </literallayout>
+  </msgtext> 
+ </literal>
+</para>
+]]>
+
+<anchor id="log-font-size">
+<![%config-file;[<para>@@</para>]]> <!-- for spacing -->
+<para>
+ Font size used in the console window:
+</para>
+
+<![%config-file;[<literallayout>@@#log-font-size 8</literallayout>]]>
+<![%user-man;[
+<para>
+ <literal>
+  <msgtext> 
+   <literallayout>
+  <emphasis>log-font-size        8</emphasis>
+   </literallayout>
+  </msgtext> 
+ </literal>
+</para>
+]]>
+
+<anchor id="show-on-task-bar">
+<![%config-file;[<para>@@</para>]]> <!-- for spacing -->
+<para>  
+ <quote>show-on-task-bar</quote> controls whether or not
+ <application>Privoxy</application> will appear as a button on the Task bar
+ when minimized:
+</para>
+
+<![%config-file;[<literallayout>@@#show-on-task-bar 0</literallayout>]]>
+<![%user-man;[
+<para>
+ <literal>
+  <msgtext> 
+   <literallayout>
+  <emphasis>show-on-task-bar     0</emphasis>
+   </literallayout>
+  </msgtext> 
+ </literal>
+</para>
+]]>
+
+<anchor id="close-button-minimizes">
+<![%config-file;[<para>@@</para>]]> <!-- for spacing -->
+<para>
+ If <quote>close-button-minimizes</quote> is set to 1, the Windows close
+ button will minimize <application>Privoxy</application> instead of closing
+ the program (close with the exit option on the File menu).
+</para>
+
+<![%config-file;[<literallayout>@@#close-button-minimizes 1</literallayout>]]>
+<![%user-man;[
+<para>
+ <literal>
+  <msgtext> 
+   <literallayout>
+  <emphasis>close-button-minimizes  1</emphasis>
+   </literallayout>
+  </msgtext> 
+ </literal>
+</para>
+]]>
+
+<anchor id="hide-console">
+<![%config-file;[<para>@@</para>]]> <!-- for spacing -->
+<para>
+ The <quote>hide-console</quote> option is specific to the MS-Win console
+ version of <application>Privoxy</application>. If this option is used,
+ <application>Privoxy</application> will disconnect from and hide the
+ command console.
+</para>
+
+<![%config-file;[<literallayout>@@#hide-console</literallayout>]]>
+<![%user-man;[
+<para>
+ <literal>
+  <msgtext> 
+   <literallayout>
+  #<emphasis>hide-console</emphasis>
+   </literallayout>
+  </msgtext> 
+ </literal>
+</para>
+]]>
+
+</sect2>
+</sect1>
+
+<!-- end config content common to both outputs -->
+
+<![%config-file;[
+<!-- These are dummy anchors to keep the processor quiet            -->
+<!-- when building config-file only (ie. they are used in u-m only) -->
+<sect1 label="">
+<title></title>
+<anchor id="filter">
+<anchor id="filter-file">
+<anchor id="regex">
+<anchor id="actions-file">
+<anchor id="af-patterns">
+</sect1>
+]]>
+
+<!-- eof p-config.sgml -->
diff --git a/external/privoxy/doc/source/privoxy-man-page.sgml b/external/privoxy/doc/source/privoxy-man-page.sgml
new file mode 100644
index 0000000..ea336e3
--- /dev/null
+++ b/external/privoxy/doc/source/privoxy-man-page.sgml
@@ -0,0 +1,352 @@
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/privoxy-man-page.sgml,v $
+
+ Purpose     :  Manual Page
+                This file belongs into
+                ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/
+                
+ $Id: privoxy-man-page.sgml,v 2.29 2009/02/19 02:20:22 hal9 Exp $
+
+ Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
+ See LICENSE.
+
+ ========================================================================
+ NOTE: Please read developer-manual/documentation.html before touching 
+ anything in this, or other Privoxy documentation. 
+ ========================================================================
+
+ Doc NOTES: This is some tricky markup! There are some quirks
+ to how this markup is handled. It is not always so co-operative.
+ Please don't change the markup unless you can verify the changes 
+ will improve finished output! 
+ 
+ literallayout tags are particularly sensitive to where they are placed.
+ The 'replaceable' and 'command' tags are used here somewhat unconventionally,
+ since it seems to generate the proper formatting (at least for me :).
+
+ Create man page: 'make man'
+
+ Requires docbook2man (short perl script), see CVS
+ http://sources.redhat.com/docbook-tools/. Also requires openjade and SGMLSpm
+ perl module. 
+ 
+ For man page references, see:
+ http://www.linuxdoc.org/HOWTO/mini/DocBook-Install/using.html
+ http://docbook.org/tdg/en/html/ch02.html#making-refentry
+
+-->
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook V4.1//EN"[
+<!entity % dummy "IGNORE"> 
+<!entity p-intro SYSTEM "privoxy.sgml">
+<!entity seealso SYSTEM "seealso.sgml">
+<!entity copyright SYSTEM "copyright.sgml">
+<!entity license SYSTEM "license.sgml">
+<!entity authors SYSTEM "p-authors.sgml">
+<!entity p-version "3.0.11">
+<!entity p-status "stable">
+<!entity % p-not-stable "IGNORE">
+<!entity % p-stable "INCLUDE">
+<!entity % p-text "IGNORE">           <!-- define we are not a text only doc -->
+<!entity % p-authors-formal "IGNORE"> <!-- exclude additional formating      -->
+<!entity my-copy "(C)">               <!-- db2man barfs on copyright symbol  -->
+<!entity % seealso-extra "IGNORE">    <!-- for excluding sections of seealso -->
+]>
+
+<refentry id="privoxy">
+<refentryinfo>
+ <date>2009-02-15</date>
+</refentryinfo>
+<refmeta>
+ <refentrytitle>privoxy</refentrytitle> 
+ <manvolnum>1</manvolnum>
+ <refmiscinfo>
+  Privoxy &p-version;<![%p-not-stable;[ &p-status;]]>
+ </refmiscinfo>
+</refmeta>
+
+<refnamediv>
+ <refname><application>privoxy</application></refname>
+ <refpurpose>Privacy Enhancing Proxy</refpurpose>
+</refnamediv>
+
+<refsynopsisdiv>
+ <cmdsynopsis> 
+  <command>privoxy</command>
+  <arg><option>--help</option></arg>
+  <arg><option>--version</option></arg>
+  <arg><option>--no-daemon</option></arg>
+  <arg><option>--pidfile </option><replaceable class="parameter">pidfile</replaceable></arg>  
+  <arg><option>--user </option><replaceable class="parameter">user[.group]</replaceable></arg> 
+  <arg><option>--chroot</option></arg>
+  <arg><option>--pre-chroot-nslookup </option><replaceable class="parameter">hostname</replaceable></arg> 
+  <arg><replaceable class="parameter">configfile</replaceable></arg>        
+ </cmdsynopsis>
+
+</refsynopsisdiv>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<refsect1><title>Options</title>
+ <para>
+  <command>Privoxy</command> may be invoked with the following command line
+  options:
+ </para>
+
+ <variablelist>                                          
+  <varlistentry>
+    <term>--help</term>
+      <listitem>
+       <para>
+         Print brief usage info and exit.
+        </para>
+      </listitem>
+  </varlistentry>
+
+  <varlistentry>
+    <term>--version</term>
+      <listitem>
+       <para>
+         Print version info and exit.
+        </para>
+      </listitem>
+  </varlistentry>
+
+  <varlistentry>
+    <term>--no-daemon</term>
+     <listitem>
+      <para>
+        Don't  become  a daemon, i.e. don't fork and become process group
+        leader, don't detach from controlling tty, and do all logging there.
+      </para>
+    </listitem>
+  </varlistentry>
+
+  <varlistentry>
+    <term>--pidfile <replaceable class="parameter">pidfile</replaceable></term>
+     <listitem>
+      <para>
+        On startup, write the process ID to <replaceable class="parameter">pidfile</replaceable>.
+        Delete the <replaceable class="parameter">pidfile</replaceable> on exit.
+        Failure to create or delete the <replaceable class="parameter">pidfile</replaceable>
+        is non-fatal. If no <command>--pidfile</command> option is given, no PID file will be used.
+      </para>
+    </listitem>
+  </varlistentry>
+
+  <varlistentry>
+    <term>--user <replaceable class="parameter">user[.group]</replaceable></term>
+     <listitem>
+      <para>
+       <!-- Note: replaceable is maybe the wrong tag, but generates  -->
+       <!-- correct looking man output.                              -->
+       After (optionally) writing the PID file, assume the user ID of
+       <replaceable class="parameter">user</replaceable> and the GID of
+       <replaceable class="parameter">group</replaceable>, or, if the optional
+       <replaceable class="parameter">group</replaceable> was not given, the default group of
+       <replaceable class="parameter">user</replaceable>. Exit if the privileges are not
+       sufficient to do so.
+     </para>
+    </listitem>
+  </varlistentry>
+  <varlistentry>
+    <term>--chroot</term>
+     <listitem>
+      <para>
+       Before changing to the user ID given in the --user option, chroot to
+       that user's home directory, i.e. make the kernel pretend to the
+       <command>Privoxy</command> process that the directory tree starts
+       there. If set up carefully, this can limit the impact of possible
+       vulnerabilities in <command>Privoxy</command> to the files contained in
+       that hierarchy. 
+      </para>
+    </listitem>
+  </varlistentry>
+  <varlistentry>
+    <term>--pre-chroot-nslookup <replaceable class="parameter">hostname</replaceable></term>
+     <listitem>
+      <para>
+        Initialize the resolver library using <replaceable class="parameter">hostname</replaceable>
+        before chroot'ing. On some systems this reduces the number of files
+        that must be copied into the chroot tree.
+     </para>
+    </listitem>
+  </varlistentry>
+ </variablelist>
+
+ <para>
+  If the <filename>configfile</filename> is not specified on  the  command  line,
+  <command>Privoxy</command>  will  look for a file named
+  <filename>config</filename> in the current directory. If no
+  <filename>configfile</filename> is found, <command>Privoxy</command> will 
+  fail to start.
+ </para>
+
+</refsect1>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<refsect1><title>Description</title>
+<!-- Include privoxy.sgml boilerplate: -->
+ &p-intro;
+<!-- end boilerplate -->
+</refsect1>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<refsect1><title>Installation and Usage</title>
+<para>
+ Browsers can either be individually configured to use
+ <command>Privoxy</command> as a HTTP proxy (recommended),
+ or <command>Privoxy</command> can be combined with a packet
+ filter to build an intercepting proxy
+ (see <filename>config</filename>).  The default setting is  for
+ localhost,  on port  8118 (configurable in the main config file).  To set the
+ HTTP proxy in Firefox, go through: <command>Tools</command>; 
+ <command>Options</command>; <command>General</command>;
+ <command>Connection Settings</command>;
+ <command>Manual Proxy Configuration</command>. 
+</para>
+<para>
+ For Internet Explorer, go through: <command>Tools</command>; 
+ <command>Internet Properties</command>; <command>Connections</command>;
+ <command>LAN Settings</command>. 
+</para>
+<para>
+ The Secure (SSL) Proxy should also be set to the same values, otherwise
+ https: URLs will not be proxied. Note: <command>Privoxy</command> can only
+ proxy HTTP and HTTPS traffic. Do not try it with FTP or other protocols.
+ HTTPS presents some limitations, and not all features will work with HTTPS 
+ connections.
+</para>
+
+<para>
+ For other browsers, check the documentation.
+</para>
+</refsect1>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<refsect1><title>Configuration</title>
+<para>
+ <command>Privoxy</command> can be configured with the various configuration
+ files. The default configuration files are: <filename>config</filename>,
+ <filename>default.filter</filename>, <filename>default.action</filename> and
+ <filename>default.action</filename>. <filename>user.action</filename> should 
+ be used for locally defined exceptions to the default rules in
+ <filename>match-all.action</filename> and <filename>default.action</filename>,
+ and <filename>user.filter</filename> for locally defined filters. These are
+ well commented.  On Unix and Unix-like systems, these are located in
+ <filename>/etc/privoxy/</filename> by default. 
+</para>
+<para> 
+ <command>Privoxy</command> uses the concept of <command>actions</command> 
+ in order to manipulate the data stream between the browser and remote sites.
+ There are various actions available with specific functions for such things 
+ as blocking web sites, managing cookies, etc. These actions can be invoked
+ individually or combined, and used against individual URLs, or groups of URLs 
+ that can be defined using wildcards and regular expressions. The result is
+ that the user has greatly enhanced control and freedom.
+</para>
+<para>
+ The actions list (ad blocks, etc) can also be configured with your
+ web browser at <ulink url="http://config.privoxy.org/">http://config.privoxy.org/</ulink> 
+ (assuming the configuration allows it).
+ <command>Privoxy's</command> configuration parameters  can also  be viewed at
+ the same page. In addition, <command>Privoxy</command> can be toggled on/off.
+ This is an internal page, and does not require Internet access.
+</para>
+<para>
+ See the <ulink
+ url="http://www.privoxy.org/user-manual/"><citetitle>User Manual</citetitle></ulink> for a detailed
+ explanation of installation, general usage, all configuration options, new
+ features and notes on upgrading.
+</para>
+</refsect1>
+
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<refsect1><title>Files</title>
+<!-- this is a cheesy way to do this, but WTF. -->
+<literallayout> 
+ <filename>/usr/sbin/privoxy</filename>
+ <filename>/etc/privoxy/config</filename>
+ <filename>/etc/privoxy/match-all.action</filename>
+ <filename>/etc/privoxy/default.action</filename>
+ <filename>/etc/privoxy/user.action</filename>
+ <filename>/etc/privoxy/default.filter</filename>
+ <filename>/etc/privoxy/user.filter</filename>
+ <filename>/etc/privoxy/trust</filename>
+ <filename>/etc/privoxy/templates/*</filename>
+ <filename>/var/log/privoxy/logfile</filename>
+</literallayout>
+
+<para>
+ Various other files should be included, but may vary depending on platform
+ and build configuration. Additional documentation should be included in the local
+ documentation directory.
+</para>
+
+</refsect1>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<refsect1><title>Signals</title>
+<para>
+ <!-- command tag is used here to get proper looking format  -->
+ <command>Privoxy</command> terminates on the <command>SIGINT</command>,
+ <command>SIGTERM</command> and <command>SIGABRT</command> signals. Log
+ rotation scripts may cause a re-opening of the logfile by sending a 
+ <command>SIGHUP</command> to <command>Privoxy</command>. Note that unlike
+ other daemons,  <command>Privoxy</command> does not need to be made aware of
+ config file changes by <command>SIGHUP</command> -- it will detect them
+ automatically. 
+</para>
+
+</refsect1>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<refsect1><title>Notes</title>
+<![%p-not-stable;[
+<para>
+ This is a &p-status; version of <command>Privoxy</command>. Not 
+ all features are well tested.
+</para>]]>
+<para>
+ Please see the <citetitle>User Manual</citetitle> on how to contact the
+ developers, for feature requests, reporting problems, and other questions.
+</para>
+
+</refsect1>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<refsect1><title>See Also</title>
+<!-- Include seealso.sgml boilerplate: -->
+ &seealso;
+<!-- end boilerplate -->
+</refsect1>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<refsect1><title>Development Team</title>
+<!-- Include p-authors.sgml boilerplate: -->
+ &authors;
+<!-- end boilerplate -->
+</refsect1>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<refsect1><title>Copyright and License</title>
+
+<refsect2><title>Copyright</title>
+<!-- Include copyright.sgml boilerplate: -->
+ ©right;
+<!-- end boilerplate -->
+</refsect2>
+
+<refsect2><title>License</title>
+<!-- Include license.sgml boilerplate: -->
+ &license;
+<!-- end boilerplate -->
+</refsect2>
+</refsect1>
+
+</refentry>
diff --git a/external/privoxy/doc/source/privoxy.sgml b/external/privoxy/doc/source/privoxy.sgml
new file mode 100644
index 0000000..1e4791f
--- /dev/null
+++ b/external/privoxy/doc/source/privoxy.sgml
@@ -0,0 +1,44 @@
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/privoxy.sgml,v $
+
+ Purpose     :  Entity included in other project documents.
+                
+ $Id: privoxy.sgml,v 2.9 2009/03/21 12:42:49 fabiankeil Exp $
+
+ Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
+ See LICENSE.
+
+ ======================================================================
+  This file used for inclusion with other documents only.
+ ======================================================================
+
+ If you make changes to this file, please verify the finished 
+ docs all display as intended.
+
+ This file is included into:
+
+  privoxy-man-page
+  user-manual
+  faq
+  developer-manual
+  README
+  webserver/index.sgml
+
+-->
+
+<para>
+ Privoxy is a non-caching web proxy with advanced filtering capabilities
+ for enhancing privacy, modifying web page data and HTTP headers, controlling
+ access, and removing ads and other obnoxious Internet junk. Privoxy has a
+ flexible configuration and can be customized to suit individual needs and tastes.
+ It has application for both stand-alone systems and multi-user networks.
+</para>
+
+<para>
+ Privoxy is Free Software and licensed under the GPL2.
+</para>
+
+<para>
+ Privoxy is an associated project of Software in the Public Interest (SPI).
+ <ulink url="http://www.privoxy.org/faq/general.html#DONATE">Donations are welcome</ulink>.
+</para>
diff --git a/external/privoxy/doc/source/readme.sgml b/external/privoxy/doc/source/readme.sgml
new file mode 100644
index 0000000..3bbacf7
--- /dev/null
+++ b/external/privoxy/doc/source/readme.sgml
@@ -0,0 +1,268 @@
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook V3.1//EN" [
+<!entity % dummy "IGNORE"> 
+<!entity supported SYSTEM "supported.sgml">
+<!entity p-intro SYSTEM "privoxy.sgml">
+<!entity contacting SYSTEM "contacting.sgml">
+<!entity buildsource SYSTEM "buildsource.sgml">
+<!entity p-version "3.0.12">
+<!entity p-status "stable">
+<!entity % p-not-stable "IGNORE">
+<!entity % p-stable "INCLUDE">
+<!entity % p-text "INCLUDE">       <!-- define we are a text only doc    -->
+<!entity % p-doc "IGNORE">         <!-- and never a text doc             -->
+<!entity % p-readme "INCLUDE">     <!-- all your README belong to us     -->
+]>
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/readme.sgml,v $
+
+ Purpose     :  README for Privoxy
+                
+ $Id: readme.sgml,v 2.26 2009/03/21 11:32:38 hal9 Exp $
+
+ Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
+ See LICENSE.
+
+ ========================================================================
+ NOTE: Please read developer-manual/documentation.html before touching 
+ anything in this, or other Privoxy documentation. You have been warned!
+ Failure to abide by this rule will result in the revocation of your license 
+ to live a peaceful existence!
+ ========================================================================
+
+ ===================================================================
+ READ: Document Note: This file generates the README in the top level 
+ source directory. It is generated as only a plain text file. The 
+ current markup is not suitable for other formats. Build from 
+ Makefile with 'make dok-readme'.
+ ===================================================================
+
+ READ:
+
+ ======================================================================
+ NOTE: The left margin spacing is *important* when using 'literallayout'
+ WYSISWYG!!! Don't mess this up!!! Careful with linebreaks too, ie 
+ the para tag forces a linebreak. Tags need to be carefully placed as a result
+ to avoid extra blank lines, etc. 
+ ======================================================================
+
+ For stable releases, change 
+ 
+  entity % p-not-stable "INCLUDE" 
+ 
+ to 
+ 
+  entity % p-not-stable "IGNORE" 
+  
+ in the DTD at the top. This will toggle various text 'off'. BOTH
+ MUST be toggled in this case or you will get both text referencing 
+ stable and unstable versions. You only want one or the other!
+
+-->
+<article id="index">
+<artheader>
+<![%dummy;[
+ <para>
+ <comment>
+  This is here to keep vim syntax file from breaking :/
+  If I knew enough to fix it, I would.
+  PLEASE DO NOT REMOVE! HB: hal at foobox.net
+ </comment>
+ </para>
+]]>
+<abstract>
+<para>
+ <literal>
+  <msgtext>
+   <literallayout>
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/doc/source/readme.sgml,v $
+ *
+ * Purpose     :  README file to give a short intro.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2009  the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 
+ *                51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, 
+ *                USA
+ *
+ *********************************************************************/
+</literallayout>
+</msgtext>
+</literal>
+</para>
+
+<para>
+ <!-- include some conditional text -->
+ This README is included with <![%p-not-stable;[ the development version of]]>
+ Privoxy &p-version;. See http://www.privoxy.org/ for more information. The current code maturity
+ level is <quote>&p-status;</quote><![%p-not-stable;[, but seems stable to us :)]]>.
+</para>
+</abstract>
+</artheader>
+
+<!-- Include privoxy.sgml boilerplate: -->
+&p-intro;
+<!-- end boilerplate -->
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect1 id="importantchanges" ><title>IMPORTANT CHANGES</title>
+<para>
+ March 2009, Privoxy 3.0.12 is released.
+</para>
+<para>
+ This is primarily a bug fix release. See the "ChangeLog", and the "What's
+ New" section and the "Upgrader's Notes" in <citetitle>the User
+ Manual</citetitle> for details. 
+</para>
+
+<para>
+ February 2009, Privoxy 3.0.11 is released.
+</para>
+<para>
+ As usual there are changes that effect the configuration. See the "ChangeLog",
+ and the "What's New" section and the "Upgrader's Notes" in
+ <citetitle>the User Manual</citetitle> for details and specifics. 
+</para>
+<para>
+ This is a stable release, and marks a departure for Privoxy development.
+</para>
+<para>
+ Previously, odd numbered releases were considered beta versions and
+ were only released at the end of the development cycle when the code
+ was already believed to be stable. Usually it was, so the stable release
+ contained pretty much the same code, but got a higher version number.
+ In the future we intend to release several snapshots between stable releases.
+ There will probably still be about two stable releases per year,
+ but hopefully about six snapshots instead of the two betas we have now.
+ The intentions is to make testing without CVS access easier.
+</para>
+</sect1>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect1 id="install" ><title>INSTALL</title>
+<para> 
+ See the <filename>INSTALL</filename> file in this directory, for installing
+ from raw source, and the <citetitle>User Manual</citetitle>, for all other
+ installation types. 
+</para>
+</sect1>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect1 id="run"><title>RUN</title>
+<para>
+ privoxy [--help] [--version]
+ [--no-daemon] [--pidfile PIDFILE] [--user USER[.GROUP]] [--chroot]  [--pre-chroot-nslookup
+ HOSTNAME ][config_file]
+</para>
+<para>
+ See the man page or <citetitle>User Manual</citetitle> for an explanation of each option, and 
+ other configuration and usage issues.
+</para>
+<para>
+ If no config_file is specified on the command line, Privoxy will look for a
+ file named 'config' in the current directory (except Win32 which will look
+ for 'config.txt'). If no config_file is found, Privoxy will fail to start.
+</para>
+<para>
+ Or for Red Hat and Fedora based distributions: /etc/rc.d/init.d/privoxy start
+</para>
+<para>
+ Or Debian and Ubuntu: /etc/init.d/privoxy start
+</para>
+</sect1>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect1 id="configuration"><title>CONFIGURATION</title>
+<para>
+ See: 'config', 'default.action', 'user.action', 'default.filter', and
+ 'user.filter'. 'user.action' and 'user.filter' are for personal and local
+ configuration preferences. These are all well commented. Most of the magic is
+ in '*.action' files. 'user.action' should be used for any actions
+ customizations. On Unix-like systems, these files are typically installed in
+ /etc/privoxy.  On Windows, then wherever the executable itself is installed.
+ There are many significant changes and advances from earlier versions. The
+ <citetitle>User Manual</citetitle> has an explanation of all configuration
+ options, and examples: http://www.privoxy.org/user-manual/.
+</para>
+<para>
+ Be sure to set your browser(s) for HTTP/HTTPS Proxy at <IP>:<Port>, or
+ whatever you specify in the config file under 'listen-address'. DEFAULT is
+ localhost:8118. Note that Privoxy ONLY proxies HTTP (and HTTPS) traffic. Do not try it 
+ with FTP or other protocols for the simple reason it does not work.
+</para>
+<para>
+ The actions list can be configured via the web interface accessed via
+ http://p.p/, as well other options.
+</para>
+<![%p-not-stable;[
+<para>
+ All configuration files are subject to unannounced changes during the
+ development process.
+</para>
+]]>
+</sect1>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect1 id="documentation"><title>DOCUMENTATION</title>
+<para>
+ There should be documentation in the 'doc' subdirectory<![%p-not-stable;[, but it
+ may not be completed at this point]]>. In particular, see the 
+ <citetitle>User Manual</citetitle> there,
+ the <citetitle>FAQ</citetitle>, and those interested in Privoxy development, should look at
+ <citetitle>developer-manual</citetitle>. 
+</para>
+<para>
+ <![%p-not-stable;[
+ The most up to date source of information on the current development version,
+ may still be either comments in the source code, or the included
+ configuration files. ]]>The source and configuration files are all well
+ commented. The main configuration files are: 'config', 'default.action', and
+ 'default.filter'<![%p-not-stable;[ in the top-level source directory]]>. 
+</para>
+
+<para>
+ Included documentation may vary according to platform and packager. All 
+ documentation is posted on http://www.privoxy.org, in case you don't have it, 
+ or can't find it.
+</para>
+</sect1>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect1 id="contact"><title>CONTACTING THE DEVELOPERS, BUG REPORTING AND FEATURE REQUESTS</title>
+<!-- Include contacting.sgml boilerplate: -->
+  &contacting;
+<!-- end boilerplate -->
+</sect1>
+
+<!-- <para> -->
+<!--  <LiteralLayout> -->
+<!--  ------------------------------------------------------------------------- -->
+<!--  ijbswa-developers at lists.sourceforge.net -->
+<!-- </LiteralLayout> -->
+<!-- </para> -->
+<!-- <para> -->
+<!--  $Id: readme.sgml,v 2.26 2009/03/21 11:32:38 hal9 Exp $ -->
+<!-- </para> -->
+
+</article>
diff --git a/external/privoxy/doc/source/seealso.sgml b/external/privoxy/doc/source/seealso.sgml
new file mode 100644
index 0000000..087ebc5
--- /dev/null
+++ b/external/privoxy/doc/source/seealso.sgml
@@ -0,0 +1,113 @@
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/seealso.sgml,v $
+
+ Purpose     :  Entity included in other project documents.
+                
+ $Id: seealso.sgml,v 2.12 2009/02/23 10:42:58 fabiankeil Exp $
+
+ Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
+ See LICENSE.
+
+ ======================================================================
+  This file used for inclusion with other documents only.
+ ======================================================================
+
+ If you make changes to this file, please verify the finished 
+ docs all display as intended.
+
+ This file is included into:
+
+  privoxy-man-page
+  user-manual
+  faq
+  developer-manual
+
+ NOTE: 04/05/02, HB Removed   tags. They were causing docbook2man 
+ to barf.
+
+-->
+
+<para>
+ Other references and sites of interest to <application>Privoxy</application>
+ users:
+</para>
+
+<para>
+ <simplelist>
+  <member>
+   <ulink
+   url="http://www.privoxy.org/">http://www.privoxy.org/</ulink>, 
+   the <application>Privoxy</application> Home page. 
+  </member>
+ </simplelist>
+ <simplelist>
+  <member>
+   <ulink
+   url="http://www.privoxy.org/faq/">http://www.privoxy.org/faq/</ulink>, 
+   the <application>Privoxy</application> FAQ. 
+  </member>
+ </simplelist>
+ <simplelist>
+  <member>
+   <ulink
+   url="http://www.privoxy.org/developer-manual/">http://www.privoxy.org/developer-manual/</ulink>, 
+   the <application>Privoxy</application> developer manual. 
+  </member>
+ </simplelist>
+ <simplelist>
+  <member>
+   <ulink url="https://sourceforge.net/projects/ijbswa/">https://sourceforge.net/projects/ijbswa/</ulink>, 
+   the Project Page for <application>Privoxy</application> on 
+   <ulink url="http://sourceforge.net">SourceForge</ulink>.
+  </member>
+ </simplelist>
+ <simplelist>
+  <member>
+   <ulink url="http://config.privoxy.org/">http://config.privoxy.org/</ulink>,
+   the web-based user interface. <application>Privoxy</application> must be
+   running for this to work. Shortcut: <ulink url="http://p.p/">http://p.p/</ulink>
+  </member>
+ </simplelist>
+ <simplelist>
+  <member>
+   <ulink url="https://sourceforge.net/tracker/?group_id=11118&atid=460288">https://sourceforge.net/tracker/?group_id=11118&atid=460288</ulink>, to submit <quote>misses</quote> and other
+   configuration related suggestions to the developers. 
+  </member>
+ </simplelist>
+ <![%seealso-extra;[
+ <!-- This part only goes into user-manual -->
+ <simplelist>
+  <member>
+   <ulink url="http://www.junkbusters.com/ht/en/cookies.html">http://www.junkbusters.com/ht/en/cookies.html</ulink>,
+   an explanation how cookies are used to track web users.
+  </member>
+ </simplelist>
+ <simplelist>
+  <member>
+   <ulink url="http://www.junkbusters.com/ijb.html">http://www.junkbusters.com/ijb.html</ulink>,
+   the original Internet Junkbuster.
+  </member>
+ </simplelist>
+ <simplelist>
+  <member>
+   <ulink url="http://www.squid-cache.org/">http://www.squid-cache.org/</ulink>, a popular
+   caching proxy, which is often used together with <application>Privoxy</application>.
+  </member>
+ </simplelist>
+ <simplelist>
+  <member>
+   <ulink url="http://www.pps.jussieu.fr/~jch/software/polipo/">http://www.pps.jussieu.fr/~jch/software/polipo/</ulink>,
+   <application>Polipo</application> is a caching proxy with advanced features
+   like pipelining, multiplexing and caching of partial instances. In many setups
+   it can be used as <application>Squid</application> replacement.
+  </member>
+ </simplelist>
+ <simplelist>
+  <member>
+   <ulink url="https://www.torproject.org/">https://www.torproject.org/</ulink>, 
+   <application>Tor</application> can help anonymize web browsing, 
+   web publishing, instant messaging, IRC, SSH, and other applications.
+  </member>
+ </simplelist>
+ ]]>
+</para>
diff --git a/external/privoxy/doc/source/supported.sgml b/external/privoxy/doc/source/supported.sgml
new file mode 100644
index 0000000..62bfde1
--- /dev/null
+++ b/external/privoxy/doc/source/supported.sgml
@@ -0,0 +1,46 @@
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/supported.sgml,v $
+
+ Purpose     :  Entity included in other project documents.
+                
+ $Id: supported.sgml,v 2.9 2008/01/17 01:49:51 hal9 Exp $
+
+ Copyright (C) 2001-2008 Privoxy Developers http://www.privoxy.org/
+ See LICENSE.
+
+ ======================================================================
+  This file used for inclusion with other documents only.
+ ======================================================================
+
+ If you make changes to this file, please verify the finished 
+ docs all display as intended.
+
+ This file is included into:
+
+  user-manual
+  faq
+  newfeatures
+  announce
+
+-->
+<para>
+ At present, <application>Privoxy</application> is known to run on
+ Windows(95, 98, ME, 2000, XP, Vista), GNU/Linux (RedHat, SuSE, Debian,
+ Fedora, Gentoo, Slackware and others), Mac OSX, OS/2, AmigaOS, FreeBSD,
+ NetBSD, OpenBSD, Solaris, and various other flavors of Unix.
+</para>
+
+<![%p-supp-userman;[
+<para>
+ But any operating system that runs TCP/IP, can conceivably take advantage of
+ <application>Privoxy</application> in a networked situation where
+ <application>Privoxy</application> would run as a server on a LAN gateway. 
+ Then only the <quote>gateway</quote> needs to be running one of the above
+ operating systems.
+</para>
+
+<para>
+ Source code is freely available, so porting to other operating systems 
+ is always a possibility.
+</para>
+]]>
diff --git a/external/privoxy/doc/source/temp/manpage.links b/external/privoxy/doc/source/temp/manpage.links
new file mode 100644
index 0000000..e69de29
diff --git a/external/privoxy/doc/source/temp/manpage.refs b/external/privoxy/doc/source/temp/manpage.refs
new file mode 100644
index 0000000..09dd95e
--- /dev/null
+++ b/external/privoxy/doc/source/temp/manpage.refs
@@ -0,0 +1,4 @@
+{
+  'refentry:PRIVOXY' => 'privoxy(1)',
+  '' => ''
+}
diff --git a/external/privoxy/doc/source/user-manual.sgml b/external/privoxy/doc/source/user-manual.sgml
new file mode 100644
index 0000000..2999e3e
--- /dev/null
+++ b/external/privoxy/doc/source/user-manual.sgml
@@ -0,0 +1,9328 @@
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook V3.1//EN" [
+<!entity % dummy "IGNORE"> 
+<!entity supported SYSTEM "supported.sgml">
+<!entity newfeatures SYSTEM "newfeatures.sgml">
+<!entity p-intro SYSTEM "privoxy.sgml">
+<!entity seealso SYSTEM "seealso.sgml">
+<!entity buildsource SYSTEM "buildsource.sgml">
+<!entity contacting SYSTEM "contacting.sgml">
+<!entity history SYSTEM "history.sgml">
+<!entity copyright SYSTEM "copyright.sgml">
+<!entity license SYSTEM "license.sgml">
+<!entity p-authors SYSTEM "p-authors.sgml">
+<!entity config SYSTEM "p-config.sgml">
+<!entity p-version "3.0.11">
+<!entity p-status "stable">
+<!entity % p-authors-formal "INCLUDE"> <!-- include additional text, etc  -->
+<!entity % p-not-stable "IGNORE">
+<!entity % p-stable "INCLUDE">
+<!entity % p-text "IGNORE">        <!-- define we are not a text only doc -->
+<!entity % p-doc "INCLUDE">        <!-- and we are a formal doc           -->
+<!entity % p-readme "IGNORE">
+<!entity % user-man "IGNORE">
+<!entity % config-file "IGNORE">
+<!entity % p-supp-userman "IGNORE"> <!-- Omit some from supported.sgml    -->
+<!entity  my-copy "©">         <!-- kludge for docbook2man           -->
+<!entity % draft "IGNORE">          <!-- WIP stuff    -->
+<!entity % seealso-extra "INCLUDE"> <!-- extra stuff from seealso.sgml    -->
+<!entity  my-app "<application>Privoxy</application>">
+]>
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/user-manual.sgml,v $
+
+ Purpose     :  user manual
+                This file belongs into
+                ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/
+
+ $Id: user-manual.sgml,v 2.103 2009/03/21 10:49:05 fabiankeil Exp $
+
+ Copyright (C) 2001-2009 Privoxy Developers http://www.privoxy.org/
+ See LICENSE.
+
+ ========================================================================
+ NOTE: Please read developer-manual/documentation.html before touching 
+ anything in this, or other Privoxy documentation.
+ ========================================================================
+
+-->
+
+<article id="index">
+<artheader>
+
+<title>Privoxy &p-version; User Manual</title>
+
+<pubdate>
+ <subscript>
+<!-- Completely the wrong markup, but very little is allowed  -->
+<!-- in this part of an article. FIXME -->
+ <link linkend="copyright">Copyright</link> &my-copy; 2001-2009 by 
+ <ulink url="http://www.privoxy.org/">Privoxy Developers</ulink>
+ </subscript>
+</pubdate>
+
+<pubdate>$Id: user-manual.sgml,v 2.103 2009/03/21 10:49:05 fabiankeil Exp $</pubdate>
+
+<!--
+
+Note: the following should generate a separate page, and a live link to it,
+all nicely done. But it doesn't for some mysterious reason. Please leave
+commented unless it can be fixed proper. For the time being, the
+copyright/license declarations will be in their own sgml.
+
+Hal.
+
+
+-->
+
+
+<abstract>
+
+<![%dummy;[
+ <para>
+ <comment>
+  This is here to keep vim syntax file from breaking :/
+  If I knew enough to fix it, I would.
+  PLEASE DO NOT REMOVE! HB: hal at foobox.net
+ </comment>
+ </para>
+]]>
+
+ <para>
+  The <citetitle>Privoxy User Manual</citetitle> gives users information on how to
+  install, configure and use <ulink
+  url="http://www.privoxy.org/">Privoxy</ulink>.
+ </para>
+
+<!-- Include privoxy.sgml boilerplate: -->
+ &p-intro;
+<!-- end privoxy.sgml -->
+
+ <para>
+  You can find the latest version of the <citetitle>Privoxy User Manual</citetitle> at  <ulink
+  url="http://www.privoxy.org/user-manual/">http://www.privoxy.org/user-manual/</ulink>.
+  Please see the <link linkend="contact">Contact section</link> on how to
+  contact the developers.
+ </para>
+
+<!--   <para> -->
+<!--    Feel free to send a note to the developers at <email>ijbswa-developers at lists.sourceforge.net</email>. -->
+<!--   </para> -->
+</abstract>
+
+</artheader>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect1 label="1" id="introduction"><title>Introduction</title>
+<para>
+ This documentation is included with the current &p-status; version of
+ <application>Privoxy</application>, v.&p-version;<![%p-not-stable;[, 
+ and is mostly complete at this point. The most up to date reference for the
+ time being is still the comments in the source files and in the individual
+ configuration files. Development of a new version is currently nearing
+ completion, and includes significant changes and enhancements over
+ earlier versions. ]]>.
+</para>
+
+<!-- include only in non-stable versions -->
+<![%p-not-stable;[
+<para>
+ Since this is a &p-status; version, not all new features are well tested. This
+ documentation may be slightly out of sync as a result (especially with 
+ CVS sources). And there <emphasis>may be</emphasis> bugs, though hopefully
+ not many! 
+</para>
+]]>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2 id="features"><title>Features</title>
+<para>
+ In addition to the core 
+ features of ad blocking and 
+ <ulink url="http://en.wikipedia.org/wiki/Browser_cookie">cookie</ulink> management,
+ <application>Privoxy</application> provides many supplemental
+ features<![%p-not-stable;[, some of them currently under development]]>, 
+ that give the end-user more control, more privacy and more freedom:
+</para>
+<!-- Include newfeatures.sgml boilerplate here: -->
+ &newfeatures;
+<!-- end boilerplate -->
+</sect2>
+
+</sect1>
+
+<!--  ~  End section  ~  -->
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect1 id="installation"><title>Installation</title>
+
+<para>
+ <application>Privoxy</application> is available both in convenient pre-compiled
+ packages for a wide range of operating systems, and as raw source code.
+ For most users, we recommend using the packages, which can be downloaded from our
+ <ulink url="http://sourceforge.net/projects/ijbswa/">Privoxy Project
+ Page</ulink>.
+</para>
+
+<para>
+ Note: 
+ On some platforms, the installer may remove previously installed versions, if 
+ found. (See below for your platform). In any case <emphasis>be sure to backup
+ your old configuration if it is valuable to you.</emphasis> See the <link
+ linkend="upgradersnote">note to upgraders</link> section below.
+</para>
+
+<!--   ~~~~~       New section      ~~~~~     --> 
+<sect2 id="installation-packages"><title>Binary Packages</title>
+<para>
+How to install the binary packages depends on your operating system:
+</para>
+
+<!-- XXX: The installation sections should be sorted -->
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 id="installation-pack-rpm"><title>Red Hat and Fedora RPMs</title>
+
+<para>
+ RPMs can be installed with <literal>rpm -Uvh privoxy-&p-version;-1.rpm</literal>,
+ and will use <filename>/etc/privoxy</filename> for the location 
+ of configuration files.
+</para>
+
+<para>
+ Note that on Red Hat, <application>Privoxy</application> will
+ <emphasis>not</emphasis> be automatically started on system boot. You will
+ need to enable that using <command>chkconfig</command>,
+ <command>ntsysv</command>, or similar methods. 
+</para>
+
+<para>
+ If you have problems with failed dependencies, try rebuilding the SRC RPM: 
+ <literal>rpm --rebuild privoxy-&p-version;-1.src.rpm</literal>. This 
+ will use your locally installed libraries and RPM version. 
+</para>
+
+<para>
+ Also note that if you have a <application>Junkbuster</application> RPM installed
+ on your system, you need to remove it first, because the packages conflict.
+ Otherwise, RPM will try to remove <application>Junkbuster</application>
+ automatically if found, before installing <application>Privoxy</application>.
+</para>
+</sect3>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 id="installation-deb"><title>Debian and Ubuntu</title>
+<para>
+ DEBs can be installed with <literal>apt-get install privoxy</literal>,
+ and will use <filename>/etc/privoxy</filename> for the location of 
+ configuration files.
+</para>
+</sect3>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 id="installation-pack-win"><title>Windows</title>
+
+<para>
+ Just double-click the installer, which will guide you through
+ the installation process. You will find the configuration files
+ in the same directory as you installed <application>Privoxy</application> in. 
+</para>
+<para>
+ Version 3.0.5 beta introduced full <application>Windows</application> service
+ functionality. On Windows only, the <application>Privoxy</application>
+ program has two new command line arguments to install and uninstall
+ <application>Privoxy</application> as a <emphasis>service</emphasis>.
+</para>
+ <variablelist>
+  <varlistentry>
+   <term>Arguments:</term>
+   <listitem>
+    <para>
+     <replaceable class="parameter">--install</replaceable>[:<replaceable class="parameter">service_name</replaceable>]
+    </para>
+    <para>
+     <replaceable class="parameter">--uninstall</replaceable>[:<replaceable class="parameter">service_name</replaceable>]
+    </para>
+   </listitem>
+  </varlistentry>
+ </variablelist>
+ <para>
+ After invoking <application>Privoxy</application> with
+ <command>--install</command>, you will need to bring up the
+ <application>Windows</application> service console to assign the user you
+ want <application>Privoxy</application> to run under, and whether or not you
+ want it to run whenever the system starts. You can start the
+ <application>Windows</application> services console with the following
+ command: <command>services.msc</command>.  If you do not take the manual step
+ of modifying <application>Privoxy's</application> service settings, it will
+ not start.  Note too that you will need to give Privoxy a user account that
+ actually exists, or it will not be permitted to 
+ write to its log and configuration files.
+</para>
+
+</sect3>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 id="installation-pack-bintgz"><title>Solaris <!--, NetBSD, HP-UX--></title>
+
+<para>
+ Create a new directory, <literal>cd</literal> to it, then unzip and
+ untar the archive. For the most part, you'll have to figure out where
+ things go. <!-- FIXME, more info needed? -->
+</para>
+</sect3>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 id="installation-os2"><title>OS/2</title>
+
+<para>
+ First, make sure that no previous installations of
+ <application>Junkbuster</application> and / or 
+ <application>Privoxy</application> are left on your
+ system. Check that no <application>Junkbuster</application>
+ or <application>Privoxy</application> objects are in
+ your startup folder.
+
+</para>
+
+<para>
+ Then, just double-click the WarpIN self-installing archive, which will
+ guide you through the installation process. A shadow of the
+ <application>Privoxy</application> executable will be placed in your
+ startup folder so it will start automatically whenever OS/2 starts.
+</para>
+
+<para>
+ The directory you choose to install <application>Privoxy</application>
+ into will contain all of the configuration files.
+</para>
+</sect3>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 id="installation-mac"><title>Mac OS X</title>
+<para>
+ Unzip the downloaded file (you can either double-click on the zip file
+ icon from the Finder, or from the desktop if you downloaded it there).
+ Then, double-click on the package installer icon and follow the
+ installation process.
+</para>
+<para>
+ The privoxy service will automatically start after a successful
+ installation (in addition to every time your computer starts up).  To
+ prevent the privoxy service from automatically starting when your
+ computer starts up, remove or rename the folder named
+ <literal>/Library/StartupItems/Privoxy</literal>. 
+</para>
+<para>
+ To manually start or stop the privoxy service, use the Privoxy Utility
+ for Mac OS X.  This application controls the privoxy service (e.g.
+ starting and stopping the service as well as uninstalling the software).
+</para>
+</sect3>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 id="installation-amiga"><title>AmigaOS</title>
+<para>
+ Copy and then unpack the <filename>lha</filename> archive to a suitable location. 
+ All necessary files will be installed into <application>Privoxy</application>
+ directory, including all configuration and log files. To uninstall, just 
+ remove this directory.
+</para>
+</sect3>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 id="installation-tbz"><title>FreeBSD</title>
+
+<para>
+ Privoxy is part of FreeBSD's Ports Collection, you can build and install
+ it with <literal>cd /usr/ports/www/privoxy; make install clean</literal>.
+</para>
+<para>
+ If you don't use the ports, you can fetch and install
+ the package with <literal>pkg_add -r privoxy</literal>.
+</para>
+<para>
+ The port skeleton and the package can also be downloaded from the
+ <ulink url="https://sourceforge.net/project/showfiles.php?group_id=11118">File Release
+ Page</ulink>, but there's no reason to use them unless you're interested in the
+ beta releases which are only available there.
+</para>
+</sect3>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 id="installattion-gentoo"><title>Gentoo</title>
+<para>
+ Gentoo source packages (Ebuilds) for <application>Privoxy</application> are 
+ contained in the Gentoo  Portage Tree (they are not on the download page, 
+ but there is a Gentoo section, where you can see when a new 
+ <application>Privoxy</application> Version is added to the  Portage Tree).
+</para>
+<para>
+ Before installing <application>Privoxy</application> under Gentoo just do 
+ first <literal>emerge --sync</literal> to get the latest changes from the 
+ Portage tree. With <literal>emerge privoxy</literal> you install the latest 
+ version.
+</para>
+<para>
+ Configuration files are in <filename>/etc/privoxy</filename>, the 
+ documentation is in <filename>/usr/share/doc/privoxy-&p-version;</filename>
+ and the Log directory is in <filename>/var/log/privoxy</filename>.
+</para>
+</sect3>
+
+</sect2>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2 id="installation-source"><title>Building from Source</title>
+
+<para>
+ The most convenient way to obtain the <application>Privoxy</application> sources
+ is to download the source tarball from our 
+ <ulink url="http://sourceforge.net/project/showfiles.php?group_id=11118&package_id=10571">project download
+ page</ulink>.
+</para>
+
+<para>
+ If you like to live on the bleeding edge and are not afraid of using
+ possibly unstable development versions, you can check out the up-to-the-minute
+ version directly from <ulink url="http://sourceforge.net/cvs/?group_id=11118">the
+ CVS repository</ulink>. 
+<!-- 
+ deprecated...out of business.
+ or simply download <ulink
+ url="http://cvs.sourceforge.net/cvstarballs/ijbswa-cvsroot.tar.bz2">the nightly CVS
+ tarball.</ulink>
+-->
+</para>
+
+<!-- include buildsource.sgml boilerplate: -->
+&buildsource;
+<!-- end boilerplate -->
+
+</sect2>
+<!--   ~~~~~       New section      ~~~~~     --> 
+<sect2 id="installation-keepupdated"><title>Keeping your Installation Up-to-Date</title>
+<para>
+ As user feedback comes in and development continues, we will make updated versions
+ of both the main <link linkend="actions-file">actions file</link> (as a <ulink
+ url="http://sourceforge.net/project/showfiles.php?group_id=11118&release_id=103670">separate
+ package</ulink>) and the software itself (including the actions file) available for
+ download.
+</para>
+
+<para>
+ If you wish to receive an email notification whenever we release updates of
+ <application>Privoxy</application> or the actions file, <ulink
+ url="http://lists.sourceforge.net/lists/listinfo/ijbswa-announce/">subscribe
+ to our announce  mailing list</ulink>, ijbswa-announce at lists.sourceforge.net.
+</para>
+
+<para>
+ In order not to lose your personal changes and adjustments when updating
+ to the latest <literal>default.action</literal> file we <emphasis>strongly
+ recommend</emphasis> that you use <literal>user.action</literal> and 
+ <literal>user.filter</literal> for your local
+ customizations of <application>Privoxy</application>. See the <link
+ linkend="actions-file">Chapter on actions files</link> for details.
+</para>
+
+</sect2>
+
+
+</sect1>
+
+<!--  ~  End section  ~  -->
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect1 id="whatsnew">
+<title>What's New in this Release</title>
+<para>
+ <application>Privoxy 3.0.12</application> is mainly a bugfix release:
+</para>
+
+<para>
+ <itemizedlist>
+  <listitem>
+   <para>
+    The socket-timeout option now also works on platforms whose
+    select() implementation modifies the timeout structure.
+    Previously the timeout was triggered even if the connection
+    didn't stall. Reported by cyberpatrol.
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    The Connection: keep-alive code properly deals with files
+    larger than 2GB. Previously the connection was closed too
+    early.
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    The content length for files above 2GB is logged correctly.
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    The user-manual directive on the show-status page links to
+    the documentation location specified with the directive,
+    not to the Privoxy website.
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    When running in daemon mode, Privoxy doesn't log anything
+    to the console unless there are errors before the logfile
+    has been opened.
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    The show-status page prints warnings about invalid directives
+    on the same line as the directives themselves.
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    Fixed several justified (but harmless) compiler warnings,
+    mostly on 64 bit platforms.
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    The mingw32 version explicitly requests the default charset
+    to prevent display problems with some fonts available on more
+    recent Windows versions. Patch by Burberry.
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    The mingw32 version uses the Privoxy icon in the alt-tab
+    windows. Patch by Burberry.
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    The timestamp and the thread id is omitted in the "Fatal error"
+    message box on mingw32.
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    Fixed two related mingw32-only buffer overflows. Triggering
+    them required control over the configuration file, therefore
+    this isn't seen as a security issue.
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    In verbose mode, or if the new option --show-skipped-tests
+    is used, Privoxy-Regression-Test logs skipped tests and the
+    skip reason.
+   </para>
+  </listitem>
+ </itemizedlist>
+</para>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+
+<sect2 id="upgradersnote">
+<title>Note to Upgraders</title>
+
+<para>
+ A quick list of things to be aware of before upgrading from earlier 
+ versions of <application>Privoxy</application>:
+</para>
+
+<para>
+ <itemizedlist>
+
+ <listitem>
+  <para>
+   The recommended way to upgrade &my-app; is to backup your old 
+   configuration files, install the new ones, verify that &my-app;
+   is working correctly and finally merge back your changes using
+   <application>diff</application> and maybe <application>patch</application>.
+  </para>
+  <para>
+   There are a number of new features in each &my-app; release and
+   most of them have to be explicitly enabled in the configuration
+   files. Old configuration files obviously don't do that and due
+   to syntax changes using old configuration files with a new
+   &my-app; isn't always possible anyway.
+  </para>
+ </listitem>
+ <listitem>
+  <para>  
+    Note that some installers remove earlier versions completely,
+    including configuration files, therefore you should really save
+    any important configuration files!
+  </para>
+ </listitem>
+ <listitem>
+  <para>  
+   On the other hand, other installers don't overwrite existing configuration 
+   files, thinking you will want to do that yourself.
+  </para>
+ </listitem>
+ <listitem>
+  <para>  
+   <filename>standard.action</filename> has been merged into
+   the <filename>default.action</filename> file.
+  </para>
+ </listitem>
+ <listitem>
+  <para>
+   In the default configuration only fatal errors are logged now.
+   You can change that in the <link linkend="DEBUG">debug section</link>
+   of the configuration file. You may also want to enable more verbose
+   logging until you verified that the new &my-app; version is working
+   as expected.
+  </para>
+ </listitem>
+
+ <listitem>
+    <para>
+     Three other config file settings are now off by default: 
+     <link linkend="enable-remote-toggle">enable-remote-toggle</link>,
+     <link linkend="enable-remote-http-toggle">enable-remote-http-toggle</link>,
+     and  <link linkend="enable-edit-actions">enable-edit-actions</link>. 
+     If you use or want these, you will need to explicitly enable them, and
+     be aware of the security issues involved. 
+    </para>
+  </listitem>
+
+<!--
+ <listitem>
+  <para>  
+   What constitutes a <quote>default</quote> configuration has changed, 
+   and you may want to review which actions are <quote>on</quote> by 
+   default. This is primarily a matter of emphasis, but some features 
+   you may have been used to, may now be <quote>off</quote> by default.
+   There are also a number of new actions and filters you may want to
+   consider, most of which are not fully incorporated into the default
+   settings as yet (see above).
+  </para>
+ </listitem>
+-->
+<!--
+  <listitem>
+   <para>
+    The default actions setting is now <literal>Cautious</literal>. Previous
+    releases had a default setting of <literal>Medium</literal>. Experienced
+    users may want to adjust this, as it is fairly conservative by &my-app;
+    standards and past practices. See <ulink
+    url="http://config.privoxy.org/edit-actions-list?f=default">
+    http://config.privoxy.org/edit-actions-list?f=default</ulink>. New users
+    should try the default settings for a while before turning up the volume.
+   </para>
+  </listitem>
+
+  <listitem>
+   <para>
+    The default setting has filtering turned <emphasis>off</emphasis>, which
+    subsequently means that compression is <emphasis>on</emphasis>. Remember
+    that filtering does not work on compressed pages, so if you use, or want to
+    use, filtering, you will need to force compression off. Example:
+   </para>
+   <para>
+ <screen>
+  { +<link linkend="filter">filter</link>{google}  +<link linkend="prevent-compression">prevent-compression</link> }
+   .google.</screen>
+   </para>
+   <para>
+    Or if you use a number of filters, or filter many sites, you may just want
+    to turn off compression for all sites in
+    <filename>default.action</filename> (or
+    <filename>user.action</filename>). 
+   </para>
+
+  </listitem>
+
+  <listitem>
+  <para>
+   Also, <link linkend="SESSION-COOKIES-ONLY">session-cookies-only</link> is 
+   off by default now. If you've liked this feature in the past, you may want 
+   to turn it back on in <filename>user.action</filename> now.
+  </para>
+  </listitem>
+
+
+  <listitem>
+  <para>
+   Some installers may not automatically start
+   <application>Privoxy</application> after installation.
+  </para>
+ </listitem> 
+-->
+
+ </itemizedlist>
+</para>
+
+</sect2>
+</sect1>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect1 id="quickstart"><title>Quickstart to Using Privoxy</title>
+<para>
+ <itemizedlist>
+
+ <listitem>
+  <para>
+  Install <application>Privoxy</application>. See the <link
+  linkend="installation">Installation Section</link> below for platform specific
+  information. 
+ </para>
+ </listitem>  
+
+ <listitem>
+  <para>
+   Advanced users and those who want to offer <application>Privoxy</application>
+   service to more than just their local machine should check the <link
+   linkend="config">main config file</link>, especially the <link
+   linkend="access-control">security-relevant</link> options. These are 
+   off by default.
+  </para>
+ </listitem>  
+
+ <listitem>
+  <para>
+  Start <application>Privoxy</application>, if the installation program has
+  not done this already (may vary according to platform). See the section
+  <link linkend="startup">Starting <application>Privoxy</application></link>.
+  </para>
+ </listitem>
+
+ <listitem>
+  <para>
+   Set your browser to use <application>Privoxy</application> as HTTP and
+   HTTPS (SSL)  <ulink url="http://en.wikipedia.org/wiki/Proxy_server">proxy</ulink>
+   by setting the proxy configuration for address of
+   <literal>127.0.0.1</literal> and port <literal>8118</literal>.
+   <emphasis>DO NOT</emphasis> activate proxying for <literal>FTP</literal> or 
+   any protocols besides HTTP and HTTPS (SSL) unless you intend to prevent your
+   browser from using these protocols.
+  </para>
+ </listitem>  
+
+ <listitem>
+  <para>
+    Flush your browser's disk and memory caches, to remove any cached ad images.
+    If using <application>Privoxy</application> to manage 
+    <ulink url="http://en.wikipedia.org/wiki/Browser_cookie">cookies</ulink>,
+    you should remove any currently stored cookies too.
+  </para>
+ </listitem> 
+
+ <listitem>
+  <para>
+   A default installation should provide a reasonable starting point for 
+   most. There will undoubtedly be occasions where you will want to adjust the
+   configuration, but that can be dealt with as the need arises. Little 
+   to no initial configuration is required in most cases, you may want
+   to enable the
+   <ulink url="config.html#ENABLE-EDIT-ACTIONS">web-based action editor</ulink> though.
+   Be sure to read the warnings first.
+  </para>
+  <para>
+   See the <link linkend="configuration">Configuration section</link> for more
+   configuration options, and how to customize your installation.
+   You might also want to look at the <link
+   linkend="quickstart-ad-blocking">next section</link> for a quick
+   introduction to how <application>Privoxy</application> blocks ads and
+   banners.
+</para>
+ </listitem> 
+
+ <listitem>
+  <para>
+    If you experience ads that slip through, innocent images that are
+    blocked, or otherwise feel the need to fine-tune
+    <application>Privoxy's</application> behavior, take a look at the <link
+    linkend="actions-file">actions files</link>. As a quick start, you might
+    find the <link linkend="act-examples">richly commented examples</link>
+    helpful. You can also view and edit the actions files through the <ulink
+    url="http://config.privoxy.org">web-based user interface</ulink>. The
+    Appendix <quote><link linkend="actionsanat">Troubleshooting: Anatomy of an
+    Action</link></quote> has hints on how to understand and debug actions that
+    <quote>misbehave</quote>.
+  </para>
+ </listitem> 
+
+<!--
+ Did anyone test these lately?
+ fk 2007-11-10
+ <listitem>
+  <para>
+   For easy access to &my-app;'s most important controls, drag the provided
+   <link linkend="bookmarklets">Bookmarklets</link> into your browser's
+   personal toolbar.
+  </para>
+ </listitem> 
+-->
+
+ <listitem>
+  <para>
+   Please see the section <link linkend="contact">Contacting the
+   Developers</link> on how to report bugs, problems with websites or to get
+   help. 
+  </para>
+ </listitem> 
+
+ <listitem>
+  <para>
+   Now enjoy surfing with enhanced control, comfort and privacy!
+  </para>
+ </listitem> 
+
+ </itemizedlist>
+</para>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+
+<sect2 id="quickstart-ad-blocking">
+<title>Quickstart to Ad Blocking</title>
+<!--
+ NOTE:  This section is deliberately redundant for those that don't 
+ want to read the whole thing (which is getting lengthy).
+-->
+<para>
+ Ad blocking is but one of <application>Privoxy's</application>
+ array of features. Many of these features are for the technically minded advanced 
+ user. But, ad and banner blocking is surely common ground for everybody.
+</para>
+<para> 
+ This section will provide a quick summary of ad blocking so 
+ you can get up to speed quickly without having to read the more extensive
+ information provided below, though this is highly recommended.
+</para>
+<para>
+ First a bit of a warning ... blocking ads is much like blocking SPAM: the
+ more aggressive you are about it, the more likely you are to block 
+ things that were not intended. And the more likely that some things 
+ may not work as intended. So there is a trade off here. If you want
+ extreme ad free browsing, be prepared to deal with more
+ <quote>problem</quote> sites, and to spend more time adjusting the
+ configuration to solve these unintended consequences. In short, there is 
+ not an easy way to eliminate <emphasis>all</emphasis> ads. Either take 
+ the easy way and settle for <emphasis>most</emphasis> ads blocked with the
+ default configuration, or jump in and tweak it for your personal surfing
+ habits and preferences.
+</para>
+<para>
+ Secondly, a brief explanation of <application>Privoxy's </application>
+ <quote>actions</quote>. <quote>Actions</quote> in this context, are 
+ the directives we use to tell <application>Privoxy</application> to perform
+ some task relating to HTTP transactions (i.e. web browsing). We tell
+ <application>Privoxy</application> to take some <quote>action</quote>. Each
+ action has a unique name and function. While there are many potential
+ <application>actions</application> in <application>Privoxy's</application>
+ arsenal, only a few are used for ad blocking. <link
+ linkend="actions">Actions</link>, and <link linkend="actions-file">action
+ configuration files</link>, are explained in depth below.
+</para>
+<para>
+ Actions are specified in <application>Privoxy's</application> configuration,
+ followed by one or more URLs to which the action should apply. URLs 
+ can actually be URL type <link linkend="af-patterns">patterns</link> that use
+ wildcards so they can apply potentially to a range of similar URLs. The
+ actions, together with the URL patterns are called a section.
+</para>
+<para>
+ When you connect to a website, the full URL will either match one or more
+ of the sections as defined in <application>Privoxy's</application> configuration,
+ or not. If so, then <application>Privoxy</application> will perform the
+ respective actions. If not, then nothing special happens. Furthermore, web
+ pages may contain embedded, secondary URLs that your web browser will
+ use to load additional components of the page, as it parses the
+ original page's HTML content. An ad image for instance, is just an URL
+ embedded in the page somewhere. The image itself may be on the same server,
+ or a server somewhere else on the Internet. Complex web pages will have many
+ such embedded URLs. &my-app; can deal with each URL individually, so, for
+ instance, the main page text is not touched, but images from such-and-such
+ server are blocked.
+</para>
+
+<para>
+ The most important actions for basic ad blocking are:  <literal><link
+ linkend="block">block</link></literal>, <literal><link
+ linkend="handle-as-image">handle-as-image</link></literal>, 
+ <literal><link
+ linkend="handle-as-empty-document">handle-as-empty-document</link></literal>,and
+ <literal><link linkend="set-image-blocker">set-image-blocker</link></literal>:
+</para>
+
+<para>
+ <itemizedlist>
+  
+ <listitem>
+  <para>
+   <literal><link linkend="block">block</link></literal> - this is perhaps 
+   the single most used action, and is particularly important for ad blocking.
+   This action stops any contact between your browser and any URL patterns
+   that match this action's configuration. It can be used for blocking ads,
+   but also anything that is determined to be unwanted. By itself, it simply
+   stops any communication with the remote server and sends
+   <application>Privoxy</application>'s own built-in BLOCKED page instead to
+   let you now what has happened (with some exceptions, see below).
+  </para>
+ </listitem> 
+
+ <listitem>
+  <para>
+   <literal><link linkend="handle-as-image">handle-as-image</link></literal> - 
+   tells <application>Privoxy</application> to treat this URL as an image.
+   <application>Privoxy</application>'s default configuration already does this
+   for all common image types (e.g. GIF), but there are many situations where this
+   is not so easy to determine. So we'll force it in these cases. This is particularly
+   important for ad blocking, since  only if we know that it's an image of
+   some kind, can we replace it with an image of our choosing, instead of the 
+   <application>Privoxy</application> BLOCKED page (which would only result in
+   a <quote>broken image</quote> icon). There are some limitations to this
+   though. For instance, you can't just brute-force an image substitution for
+   an entire HTML page in most situations.
+  </para>
+ </listitem> 
+
+ <listitem>
+  <para>
+   <literal><link linkend="handle-as-empty-document">handle-as-empty-document</link></literal> - 
+   sends an empty document instead of <application>Privoxy's</application> 
+   normal BLOCKED HTML page. This is useful for file types that are neither 
+   HTML nor images, such as blocking JavaScript files.
+  </para>
+ </listitem> 
+
+ <listitem>
+  <para>
+   <literal><link
+   linkend="set-image-blocker">set-image-blocker</link></literal> - tells
+   <application>Privoxy</application> what to display in place of an ad image that
+   has hit a block rule. For this to come into play, the URL must match a
+   <literal><link linkend="block">block</link></literal> action somewhere in the
+   configuration, <emphasis>and</emphasis>, it must also match an
+   <literal><link linkend="handle-as-image">handle-as-image</link></literal> action.
+  </para>
+  <para>
+   The configuration options on what to display instead of the ad are:
+  </para>
+  <simplelist>
+   <member>
+       <emphasis>pattern</emphasis> - a checkerboard pattern, so that an ad 
+    replacement is obvious. This is the default.
+   </member>
+  </simplelist>
+  <simplelist>
+   <member>
+       <emphasis>blank</emphasis> - A very small empty GIF image is displayed.
+    This is the so-called <quote>invisible</quote> configuration option.
+   </member>
+  </simplelist>
+  <simplelist>
+   <member>
+       <emphasis>http://<URL></emphasis> - A redirect to any image anywhere
+    of the user's choosing (advanced usage).
+   </member>
+  </simplelist>
+  </listitem> 
+
+</itemizedlist>
+</para>
+
+<para>
+ Advanced users will eventually want to explore &my-app;
+ <literal><link linkend="filter">filters</link></literal> as well. Filters 
+ are very different from <literal><link
+ linkend="block">blocks</link></literal>.
+ A <quote>block</quote> blocks a site, page, or unwanted contented. Filters
+ are a way of filtering or modifying what is actually on the page. An example
+ filter usage: a text replacement of <quote>no-no</quote> for
+ <quote>nasty-word</quote>. That is a very simple example. This process can be
+ used for ad blocking, but it is more in the realm of advanced usage and has
+ some pitfalls to be wary off.
+</para>
+
+<para>
+ The quickest way to adjust any of these settings is with your browser through
+ the special <application>Privoxy</application> editor at <ulink
+ url="http://config.privoxy.org/show-status">http://config.privoxy.org/show-status</ulink>
+ (shortcut: <ulink url="http://p.p/">http://p.p/show-status</ulink>). This 
+ is an internal page, and does not require Internet access.
+</para>
+
+<para>
+ Note that as of <application>Privoxy</application> 3.0.7 beta the
+ action editor is disabled by default. Check the
+ <ulink url="config.html#ENABLE-EDIT-ACTIONS">enable-edit-actions
+  section in the configuration file</ulink> to learn why and in which
+ cases it's safe to enable again.
+</para>
+
+<para>
+ If you decided to enable the action editor, select the appropriate
+ <quote>actions</quote> file, and click
+ <quote><guibutton>Edit</guibutton></quote>. It is best to put personal or
+ local preferences in <filename>user.action</filename> since this is not
+ meant to be overwritten during upgrades, and will over-ride the settings in
+ other files. Here you can insert new <quote>actions</quote>, and URLs for ad
+ blocking or other purposes, and make other adjustments to the configuration.
+ <application>Privoxy</application> will detect these changes automatically.
+</para>
+
+<para>
+ A quick and simple step by step example:
+</para>
+
+<para>
+ <itemizedlist>
+
+  <listitem>
+   <para>
+     Right click on the ad image to be blocked, then select 
+     <quote><guimenuitem>Copy Link Location</guimenuitem></quote> from the
+     pop-up menu. 
+   </para>
+  </listitem> 
+  <listitem>
+   <para>
+    Set your browser to 
+    <ulink
+ url="http://config.privoxy.org/show-status">http://config.privoxy.org/show-status</ulink>
+   </para>
+  </listitem> 
+  <listitem>
+   <para>
+    Find <filename>user.action</filename> in the top section, and click 
+    on <quote><guibutton>Edit</guibutton></quote>:
+   </para>
+
+ <!-- image of editor and actions files selections -->
+ <para>
+  <figure pgwide="0" float="0"><title>Actions Files in Use</title>
+   <mediaobject>
+     <imageobject>
+      <imagedata  fileref="files-in-use.jpg" format="jpg">
+       </imageobject> 
+       <textobject>
+        <phrase>[ Screenshot of Actions Files in Use ]</phrase>
+      </textobject>
+   </mediaobject>
+  </figure>
+ </para>
+ </listitem> 
+ 
+ <listitem>
+  <para>
+   You should have a section with only
+   <literal><link linkend="block">block</link></literal> listed under 
+   <quote>Actions:</quote>.
+   If not, click a <quote><guibutton>Insert new section below</guibutton></quote>
+   button, and in the new section that just appeared, click the 
+   <guibutton>Edit</guibutton> button right under the word <quote>Actions:</quote>.
+   This will bring up a list of all actions. Find
+   <literal><link linkend="block">block</link></literal> near the top, and click
+   in the <quote>Enabled</quote> column, then <quote><guibutton>Submit</guibutton></quote>
+   just below the list.
+  </para>
+ </listitem> 
+ <listitem>
+  <para>
+   Now, in the <literal><link linkend="block">block</link></literal> actions section,
+   click the <quote><guibutton>Add</guibutton></quote> button, and paste the URL the
+   browser got from <quote><guimenuitem>Copy Link Location</guimenuitem></quote>.
+   Remove the <literal>http://</literal> at the beginning of the URL. Then, click
+   <quote><guibutton>Submit</guibutton></quote> (or
+   <quote><guibutton>OK</guibutton></quote> if in a pop-up window).
+  </para>
+ </listitem> 
+ <listitem>
+  <para>
+   Now go back to the original page, and press <keycap>SHIFT-Reload</keycap>
+   (or flush all browser caches). The image should be gone now.
+  </para>
+ </listitem> 
+ 
+ </itemizedlist>
+</para>
+
+<para>
+ This is a very crude and simple example. There might be good reasons to use a 
+ wildcard pattern match to include potentially similar images from the same
+ site. For a more extensive explanation of <quote>patterns</quote>, and 
+ the entire actions concept, see <link linkend="actions-file">the Actions
+ section</link>.
+</para>
+
+<para>
+ For advanced users who want to hand edit their config files, you might want
+ to now go to the <link linkend="act-examples">Actions Files Tutorial</link>.
+ The ideas explained therein also apply to the web-based editor.
+</para>
+<para>
+ There are also various 
+ <link linkend="filter">filters</link> that can be used for ad blocking 
+ (filters are a special subset of actions). These 
+ fall into the <quote>advanced</quote> usage category, and are explained in
+ depth in later sections. 
+</para>
+
+</sect2>
+
+</sect1>
+
+<!--  ~  End section  ~  -->
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect1 id="startup">
+<title>Starting Privoxy</title>
+<para>
+ Before launching <application>Privoxy</application> for the first time, you
+ will want to configure your browser(s) to use
+ <application>Privoxy</application> as a HTTP and HTTPS (SSL) 
+ <ulink url="http://en.wikipedia.org/wiki/Proxy_server">proxy</ulink>. The default is
+ 127.0.0.1 (or localhost) for the proxy address, and port 8118 (earlier versions
+ used port 8000). This is the one configuration step <emphasis>that must be done
+</emphasis>!
+</para>
+<para>
+ Please note that <application>Privoxy</application> can only proxy HTTP and 
+ HTTPS traffic. It will not work with FTP or other protocols.
+</para>
+
+ <!-- image of Mozilla Proxy configuration -->
+ <para>
+  <figure pgwide="0" float="0"><title>Proxy Configuration Showing
+  Mozilla/Netscape HTTP and HTTPS (SSL) Settings</title>
+   <mediaobject>
+     <imageobject>
+      <imagedata  fileref="proxy_setup.jpg" format="jpg">
+       </imageobject> 
+       <textobject>
+        <phrase>[ Screenshot of Mozilla Proxy Configuration ]</phrase>
+      </textobject>
+   </mediaobject>
+  </figure>
+ </para>
+ 
+
+<para> 
+ With <application>Firefox</application>, this is typically set under:
+</para>
+ 
+<literallayout>
+ <guibutton>Tools</guibutton> -> <guibutton>Options</guibutton> ->  <guibutton>Advanced</guibutton> -> <guibutton>Network</guibutton> -><guibutton>Connection</guibutton> -> <guibutton>Settings</guibutton>
+
+</literallayout>
+
+<para> 
+ Or optionally on some platforms:
+</para>
+ 
+<literallayout>
+ <guibutton>Edit</guibutton> -> <guibutton>Preferences</guibutton> -> <guibutton>General</guibutton> -> <guibutton>Connection Settings</guibutton> -> <guibutton>Manual Proxy Configuration</guibutton>
+
+</literallayout>
+
+
+<para> 
+ With <application>Netscape</application> (and
+ <application>Mozilla</application>), this can be set under:
+</para>
+
+
+<literallayout>
+<!-- Mix ascii and gui art, something for everybody -->
+<!-- spacing on this is tricky -->
+ <guibutton>Edit</guibutton> -> <guibutton>Preferences</guibutton> -> <guibutton>Advanced</guibutton> -> <guibutton>Proxies</guibutton> -> <guibutton>HTTP Proxy</guibutton>
+
+</literallayout>
+
+<para>
+ For <application>Internet Explorer v.5-7</application>: 
+</para>
+
+<literallayout>
+ <guibutton>Tools</guibutton> -> <guibutton>Internet Options</guibutton> -> <guibutton>Connections</guibutton> -> <guibutton>LAN Settings</guibutton>
+</literallayout>
+
+<para>
+ Then, check <quote>Use Proxy</quote> and fill in the appropriate info
+ (Address: 127.0.0.1, Port: 8118). Include HTTPS (SSL), if you want HTTPS
+ proxy support too (sometimes labeled <quote>Secure</quote>). Make sure any
+ checkboxes like <quote>Use the same proxy server for all protocols</quote> is
+ <emphasis>UNCHECKED</emphasis>. You want only HTTP and HTTPS (SSL)!
+</para>
+
+ <!-- image of IE Proxy configuration -->
+ <para>
+  <figure pgwide="0" float="0"><title>Proxy Configuration Showing
+  Internet Explorer HTTP and HTTPS (Secure) Settings</title>
+   <mediaobject>
+     <imageobject>
+      <imagedata  fileref="proxy2.jpg" format="jpg">
+       </imageobject> 
+       <textobject>
+        <phrase>[ Screenshot of IE Proxy Configuration ]</phrase>
+      </textobject>
+   </mediaobject>
+  </figure>
+ </para>
+
+
+<para>
+ After doing this, flush your browser's disk and memory caches to force a
+ re-reading of all pages and to get rid of any ads that may be cached. Remove 
+ any <ulink url="http://en.wikipedia.org/wiki/Browser_cookie">cookies</ulink>,
+ if you want <application>Privoxy</application> to manage that. You are now
+ ready to start enjoying the benefits of using
+ <application>Privoxy</application>!
+</para>
+
+<para>
+ <application>Privoxy</application> itself is typically started by specifying the
+ main configuration file to be used on the command line. If no configuration
+ file is specified on the command line, <application>Privoxy</application>
+ will look for a file named <filename>config</filename> in the current
+ directory. Except on Win32 where it will try <filename>config.txt</filename>.
+</para>
+
+<sect2 id="start-redhat">
+<title>Red Hat and Fedora</title>
+<para>
+ A default Red Hat installation may not start &my-app; upon boot. It will use
+ the file <filename>/etc/privoxy/config</filename> as its main configuration
+ file.
+</para>
+<para>
+ <screen>
+ # /etc/rc.d/init.d/privoxy start
+</screen>
+</para>
+<para>
+ Or ...
+</para>
+<para>
+ <screen>
+ # service privoxy start
+</screen>
+</para>
+</sect2>
+
+<sect2 id="start-debian">
+<title>Debian</title>
+<para>
+ We use a script. Note that Debian typically starts &my-app; upon booting per
+ default.  It will use the file
+ <filename>/etc/privoxy/config</filename> as its main configuration
+ file.
+</para>
+<para>
+ <screen>
+ # /etc/init.d/privoxy start
+</screen>
+</para>
+</sect2>
+
+<sect2 id="start-windows">
+<title>Windows</title>
+<para>
+Click on the &my-app; Icon to start <application>Privoxy</application>. If no configuration file is
+ specified on the command line, <application>Privoxy</application> will look
+ for a file named <filename>config.txt</filename>. Note that Windows will
+ automatically start &my-app; when the system starts if you chose that option
+ when installing.
+</para>
+<para>
+ <application>Privoxy</application> can run with full Windows service functionality.
+ On Windows only, the &my-app; program has two new command line arguments
+ to install and uninstall &my-app; as a service. See the 
+ <link linkend="installation-pack-win">Windows Installation
+ instructions</link> for details.
+</para>
+</sect2>
+
+<sect2 id="start-unices">
+<title>Solaris, NetBSD, FreeBSD, HP-UX and others</title>
+<para>
+Example Unix startup command:
+</para>
+<para>
+ <screen>
+ # /usr/sbin/privoxy /etc/privoxy/config
+</screen>
+</para>
+</sect2>
+
+<sect2 id="start-os2">
+<title>OS/2</title>
+<para>
+ During installation, <application>Privoxy</application> is configured to
+ start automatically when the system restarts. You can start it manually by
+ double-clicking on the <application>Privoxy</application> icon in the
+ <application>Privoxy</application> folder.
+</para>
+</sect2>
+
+<sect2 id="start-macosx">
+<title>Mac OS X</title>
+<para>
+  After downloading the privoxy software, unzip the downloaded file by
+  double-clicking on the zip file icon.  Then, double-click on the
+  installer package icon and follow the installation process.
+</para>
+<para>
+  The privoxy service will automatically start after a successful
+  installation.  In addition, the privoxy service will automatically
+  start every time your computer starts up.
+</para>
+<para>
+  To prevent the privoxy service from automatically starting when your
+  computer starts up, remove or rename the folder named
+  /Library/StartupItems/Privoxy.
+</para>
+<para>
+  A simple application named Privoxy Utility has been created which
+  enables administrators to easily start and stop the privoxy service.
+</para>
+<para>
+  In addition, the Privoxy Utility presents a simple way for
+  administrators to edit the various privoxy config files.  A method
+  to uninstall the software is also available.
+</para>
+<para>
+  An administrator username and password must be supplied in order for
+  the Privoxy Utility to perform any of the tasks.
+</para>
+</sect2>
+
+
+<sect2 id="start-amigaos">
+<title>AmigaOS</title>
+<para>
+ Start <application>Privoxy</application> (with RUN <>NIL:) in your
+ <filename>startnet</filename> script (AmiTCP), in
+ <filename>s:user-startup</filename> (RoadShow), as startup program in your
+ startup script (Genesis), or as startup action (Miami and MiamiDx). 
+ <application>Privoxy</application> will automatically quit when you quit your
+ TCP/IP stack (just ignore the harmless warning your TCP/IP stack may display that
+ <application>Privoxy</application> is still running).
+</para>
+</sect2>
+
+<sect2 id="start-gentoo">
+<title>Gentoo</title>
+<para>
+ A script is again used. It will use the file <filename>/etc/privoxy/config 
+ </filename> as its main configuration file.
+</para>
+<para>
+ <screen>
+ /etc/init.d/privoxy start
+ </screen>
+</para>
+<para>
+ Note that <application>Privoxy</application> is not automatically started at 
+ boot time by default. You can change this with the <literal>rc-update</literal> 
+ command.
+</para>
+<para> 
+ <screen>
+ rc-update add privoxy default
+ </screen>
+</para>
+</sect2>
+
+<!--
+
+<para>
+ See the section <link linkend="cmdoptions">Command line options</link> for
+ further info.
+</para>
+
+must find a better place for this paragraph
+
+<para>
+ The included default configuration files should give a reasonable starting
+ point. Most of the per site configuration is done in the
+ <ulink url="actions-file.html"><quote>actions</quote></ulink> files. These are
+ where various cookie actions are defined, ad and banner blocking, and other
+ aspects of <application>Privoxy</application> configuration. There are several
+ such files included, with varying levels of aggressiveness. 
+</para>
+
+<para>
+ You will probably want to keep an eye out for sites for which you may prefer
+ persistent cookies, and add these to your actions configuration as needed. By
+ default, most of these will be accepted only during the current browser
+ session (aka <quote>session cookies</quote>), unless you add them to the
+ configuration. If you want the browser to handle this instead, you will need
+ to edit <filename>user.action</filename> (or through the web based interface)
+ and disable this feature. If you use more than one browser, it would make
+ more sense to let <application>Privoxy</application> handle this. In which
+ case, the browser(s) should be set to accept all cookies.
+</para>
+
+<para>
+ Another feature where you will probably want to define exceptions for trusted
+ sites is the popup-killing (through  <ulink
+ url="actions-file.html#FILTER-POPUPS"><quote>+filter{popups}</quote></ulink>),
+ because your favorite shopping, banking, or leisure site may need
+ popups (explained below). 
+</para>
+
+<para>
+ <application>Privoxy</application> does not support all of the optional HTTP/1.1
+ features yet. In the unlikely event that you experience inexplicable problems
+ with browsers that use HTTP/1.1 per default
+ (like <application>Mozilla</application> or recent versions of I.E.), you might
+ try to force HTTP/1.0 compatibility. For Mozilla, look under <literal>Edit ->
+ Preferences -> Debug -> Networking</literal>.
+ Alternatively, set the <quote>+downgrade-http-version</quote> config option in
+ <filename>default.action</filename> which will downgrade your browser's HTTP
+ requests from HTTP/1.1 to HTTP/1.0 before processing them.
+</para>
+
+<para>
+ After running <application>Privoxy</application> for a while, you can 
+ start to fine tune the configuration to suit your personal, or site, 
+ preferences and requirements. There are many, many aspects that can 
+ be customized. <quote>Actions</quote> 
+ can be adjusted by pointing your browser to 
+ <ulink url="http://config.privoxy.org/">http://config.privoxy.org/</ulink>
+ (shortcut: <ulink url="http://p.p/">http://p.p/</ulink>), 
+ and then follow the link to <quote>View & Change the Current Configuration</quote>. 
+ (This is an internal page and does not require Internet access.)
+</para>
+
+<para>
+ In fact, various aspects of <application>Privoxy</application>
+ configuration can be viewed from this page, including 
+ current configuration parameters, source code version numbers, 
+ the browser's request headers, and <quote>actions</quote> that apply 
+ to a given URL. In addition to the actions file 
+ editor mentioned above, <application>Privoxy</application> can also 
+ be turned <quote>on</quote> and <quote>off</quote> (toggled) from this page.
+</para>
+
+<para>
+ If you encounter problems, try loading the page without
+ <application>Privoxy</application>. If that helps, enter the URL where
+ you have the problems into <ulink url="http://p.p/show-url-info">the browser
+ based rule tracing utility</ulink>. See which rules apply and why, and
+ then try turning them off for that site one after the other, until the problem
+ is gone. When you have found the culprit, you might want to turn the rest on
+ again.
+</para>
+
+<para>
+ If the above paragraph sounds gibberish to you, you might want to <link
+ linkend="actions-file">read more about the actions concept</link>
+ or even dive deep into the <link linkend="actionsanat">Appendix
+ on actions</link>.
+</para>
+
+<para>
+ If you can't get rid of the problem at all, think you've found a bug in
+ Privoxy, want to propose a new feature or smarter rules, please see the 
+ section <link linkend="contact"><quote>Contacting the
+ Developers</quote></link> below. 
+</para>
+
+-->
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2 id="cmdoptions">
+<title>Command Line Options</title>
+<para>
+ <application>Privoxy</application> may be invoked with the following
+ command-line options:
+</para>
+
+<para>
+ <itemizedlist>
+
+ <listitem>
+  <para>
+    <emphasis>--version</emphasis>
+  </para>
+  <para>
+     Print version info and exit. Unix only.
+  </para>
+ </listitem> 
+ <listitem>
+  <para>
+    <emphasis>--help</emphasis>
+  </para>
+  <para>
+   Print short usage info and exit. Unix only.
+  </para>
+ </listitem> 
+ <listitem>
+  <para>
+   <emphasis>--no-daemon</emphasis>
+  </para>
+  <para>
+   Don't become a daemon, i.e. don't fork and become process group
+   leader, and don't detach from controlling tty. Unix only.
+  </para>
+ </listitem> 
+ <listitem>
+  <para>
+   <emphasis>--pidfile FILE</emphasis>
+  </para>
+  <para>
+   On startup, write the process ID to <emphasis>FILE</emphasis>. Delete the
+   <emphasis>FILE</emphasis> on exit. Failure to create or delete the
+   <emphasis>FILE</emphasis> is non-fatal. If no <emphasis>FILE</emphasis>
+   option is given, no PID file will be used. Unix only.
+  </para>
+ </listitem> 
+ <listitem>
+  <para>
+   <emphasis>--user USER[.GROUP]</emphasis>
+  </para>
+  <para>
+   After (optionally) writing the PID file, assume the user  ID  of
+   <emphasis>USER</emphasis>, and if included the GID of GROUP.  Exit if the
+   privileges are not sufficient to do so. Unix only.
+  </para>
+ </listitem>
+ <listitem>
+  <para>
+   <emphasis>--chroot</emphasis>
+  </para>
+  <para>
+   Before changing to the user ID given in the <emphasis>--user</emphasis> option, 
+   chroot to that user's home directory, i.e. make the kernel pretend to the &my-app;
+   process that the directory tree starts there. If set up carefully, this can limit 
+   the impact of possible vulnerabilities in &my-app; to the files contained in that hierarchy.
+   Unix only.
+  </para>
+ </listitem>
+ <listitem>
+  <para>
+   <emphasis>--pre-chroot-nslookup hostname</emphasis>
+  </para>
+  <para>
+   Specifies a hostname to look up before doing a chroot. On some systems, initializing the
+   resolver library involves reading config files from /etc and/or loading additional shared
+   libraries from /lib. On these systems, doing a hostname lookup before the chroot reduces
+   the number of files that must be copied into the chroot tree.
+  </para>
+  <para>
+   For fastest startup speed, a good value is a hostname that is not in /etc/hosts but that
+   your local name server (listed in /etc/resolv.conf) can resolve without recursion
+   (that is, without having to ask any other name servers). The hostname need not exist,
+   but if it doesn't, an error message (which can be ignored) will be output.
+  </para>
+ </listitem>
+
+ <listitem>
+  <para>
+    <emphasis>configfile</emphasis>
+  </para>
+  <para>
+    If no <emphasis>configfile</emphasis> is included on the command line, 
+    <application>Privoxy</application> will look for a file named 
+    <quote>config</quote> in the current directory (except on Win32 
+    where it will look for <quote>config.txt</quote> instead). Specify 
+    full path to avoid confusion. If no config file is found, 
+    <application>Privoxy</application> will fail to start.
+  </para>
+ </listitem> 
+
+ </itemizedlist>
+</para>
+
+<para>
+ On <application>MS Windows</application> only there are two additional 
+ command-line options to allow <application>Privoxy</application> to install and 
+ run as a <emphasis>service</emphasis>. See the 
+<link linkend="installation-pack-win">Window Installation section</link> 
+for details.
+</para>
+
+</sect2>
+
+</sect1>
+
+<!--  ~  End section  ~  -->
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect1 id="configuration"><title>Privoxy Configuration</title>
+ <para>
+  All <application>Privoxy</application> configuration is stored  
+  in text files. These files can be edited with a text editor.
+  Many important aspects of <application>Privoxy</application> can 
+  also be controlled easily with a web browser.
+ </para>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+
+<sect2>
+<title>Controlling Privoxy with Your Web Browser</title>
+<para>
+ <application>Privoxy</application>'s user interface can be reached through the special 
+ URL <ulink url="http://config.privoxy.org/">http://config.privoxy.org/</ulink>
+ (shortcut: <ulink url="http://p.p/">http://p.p/</ulink>), 
+ which is a built-in page and works without Internet access.
+ You will see the following section:
+
+</para>
+
+<!-- Needs to be put in a table and colorized  -->
+<screen>
+ <msgtext>
+ <bridgehead renderas="sect2">    Privoxy Menu</bridgehead>
+
+ <simplelist>
+ <member>
+          ▪  <ulink url="http://config.privoxy.org/show-status">View & change the current configuration</ulink>
+ </member>
+ <member>
+          ▪  <ulink url="http://config.privoxy.org/show-version">View the source code version numbers</ulink>
+ </member>
+ <member>
+          ▪  <ulink url="http://config.privoxy.org/show-request">View the request headers.</ulink>
+ </member>
+ <member>
+          ▪  <ulink url="http://config.privoxy.org/show-url-info">Look up which actions apply to a URL and why</ulink>
+ </member>
+ <member>
+          ▪  <ulink url="http://config.privoxy.org/toggle">Toggle Privoxy on or off</ulink>
+ </member>
+ <member>
+          ▪  <ulink
+  url="http://www.privoxy.org/&p-version;/user-manual/">Documentation</ulink>
+ </member>
+ </simplelist>
+ </msgtext>
+</screen>
+
+
+<para>
+ This should be self-explanatory. Note the first item leads to an editor for the
+ <link linkend="actions-file">actions files</link>, which is where the ad, banner,
+ cookie, and URL blocking magic is configured as well as other advanced features of
+ <application>Privoxy</application>. This is an easy way to adjust various
+ aspects of <application>Privoxy</application> configuration. The actions
+ file, and other configuration files, are explained in detail below. 
+</para>
+
+<para>
+ <quote>Toggle Privoxy On or Off</quote> is handy for sites that might 
+ have problems with your current actions and filters. You can in fact use
+ it as a test to see whether it is <application>Privoxy</application> 
+ causing the problem or not. <application>Privoxy</application> continues 
+ to run as a proxy in this case, but all manipulation is disabled, i.e.
+ <application>Privoxy</application> acts like a normal forwarding proxy. There
+ is even a toggle <link linkend="bookmarklets">Bookmarklet</link> offered, so
+ that you can toggle <application>Privoxy</application> with one click from
+ your browser.
+</para>
+
+<para>
+ Note that several of the features described above are disabled by default
+ in <application>Privoxy</application> 3.0.7 beta and later.
+ Check the
+ <ulink url="config.html">configuration file</ulink> to learn why
+ and in which cases it's safe to enable them again.
+</para>
+
+</sect2>
+
+<!--  ~  End section  ~  -->
+
+
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+
+<sect2 id="confoverview">
+<title>Configuration Files Overview</title>
+<para>
+ For Unix, *BSD and Linux, all configuration files are located in
+ <filename>/etc/privoxy/</filename> by default. For MS Windows, OS/2, and
+ AmigaOS these are all in the same directory as the 
+ <application>Privoxy</application> executable. <![%p-not-stable;[ The name
+ and number of configuration files has changed from previous versions, and is
+ subject to change as development progresses.]]>
+</para>
+
+<para>
+ The installed defaults provide a reasonable starting point, though 
+ some settings may be aggressive by some standards. For the time being, the
+ principle configuration files are:
+</para>
+
+<para>
+ <itemizedlist>
+
+  <listitem>
+   <para>
+     The <link linkend="config">main configuration file</link> is named <filename>config</filename>
+     on Linux, Unix, BSD, OS/2, and AmigaOS and <filename>config.txt</filename>
+     on Windows. This is a required file.
+   </para>
+  </listitem> 
+
+  <listitem>
+   <para>
+    <filename>match-all.action</filename> is used to define which <quote>actions</quote>
+    relating to banner-blocking, images, pop-ups, content modification, cookie handling
+    etc should be applied by default. It should be the first actions file loaded.
+   </para>
+   <para>
+    <filename>default.action</filename> defines many exceptions (both positive and negative)
+    from the default set of actions that's configured in <filename>match-all.action</filename>.
+    It should be the second actions file loaded and shouldn't be edited by the user.
+   </para>
+   <para>
+    Multiple actions files may be defined in <filename>config</filename>. These 
+    are processed in the order they are defined. Local customizations and locally 
+    preferred exceptions to the default policies as defined in
+    <filename>match-all.action</filename> (which you will most probably want
+    to define sooner or later) are best applied in <filename>user.action</filename>,
+    where you can preserve them across upgrades. The file isn't installed by all
+    installers, but you can easily create it yourself with a text editor.
+   </para>
+   <para>    
+    There is also a web based editor that can be accessed from
+    <ulink
+    url="http://config.privoxy.org/show-status">http://config.privoxy.org/show-status</ulink>
+    (Shortcut: <ulink
+    url="http://p.p/show-status">http://p.p/show-status</ulink>) for the
+    various actions files. 
+   </para>
+  </listitem> 
+
+  <listitem>
+   <para>
+    <quote>Filter files</quote> (the <link linkend="filter-file">filter
+    file</link>) can be used to re-write the raw page content, including
+    viewable text as well as embedded HTML and JavaScript, and whatever else
+    lurks on any given web page. The filtering jobs are only pre-defined here;
+    whether to apply them or not is up to the actions files. 
+    <filename>default.filter</filename> includes various filters made 
+    available for use by the developers. Some are much more intrusive than 
+    others, and all should be used with caution. You may define additional 
+    filter files in <filename>config</filename> as you can with 
+    actions files. We suggest <filename>user.filter</filename> for any 
+    locally defined filters or customizations.
+   </para>
+  </listitem> 
+
+ </itemizedlist>
+</para>
+
+<para>
+ The syntax of the configuration and filter files may change between different
+ Privoxy versions, unfortunately some enhancements cost backwards compatibility.
+ <!-- Add link to documentation-->
+</para>
+
+<para>
+ All files use the <quote><literal>#</literal></quote> character to denote a
+ comment (the rest of the line will be ignored) and understand line continuation
+ through placing a backslash ("<literal>\</literal>") as the very last character
+ in a line. If the <literal>#</literal> is preceded by a backslash, it looses
+ its special function. Placing a <literal>#</literal> in front of an otherwise
+ valid configuration line to prevent it from being interpreted is called "commenting
+ out" that line. Blank lines are ignored.
+</para>
+
+<para>
+ The actions files and filter files  
+ can use Perl style <link linkend="regex">regular expressions</link> for
+ maximum flexibility. 
+</para>
+
+<para>
+ After making any changes, there is no need to restart
+ <application>Privoxy</application> in order for the changes to take
+ effect. <application>Privoxy</application> detects such changes 
+ automatically. Note, however, that it may take one or two additional
+ requests for the change to take effect. When changing the listening address
+ of <application>Privoxy</application>, these <quote>wake up</quote> requests
+ must obviously be sent to the <emphasis>old</emphasis> listening address.
+</para>
+
+<![%p-not-stable;[
+<para>
+ While under development, the configuration content is subject to change. 
+ The below documentation may not be accurate by the time you read this. 
+ Also, what constitutes a <quote>default</quote> setting, may change, so 
+ please check all your configuration files on important issues.
+</para>
+]]>
+
+</sect2>
+</sect1>
+<!--  ~  End section  ~  -->
+
+
+<!--   ~~~~~~~~       New section Header    ~~~~~~~~~     -->
+
+<!-- **************************************************** -->
+<!-- Include config.sgml here -->
+<!-- This is where the entire config file is detailed. -->
+ &config;
+<!-- end include  -->
+
+
+<!--  ~  End section  ~  -->
+
+
+
+<!--   ~~~~~~~~       New section Header    ~~~~~~~~~     -->
+
+<sect1 id="actions-file"><title>Actions Files</title>
+
+
+<!--
+  XXX: similar descriptions are in the Configuration Files sections.
+  We should only describe them at one place.
+-->
+<para>
+ The actions files are used to define what <emphasis>actions</emphasis>
+ <application>Privoxy</application> takes for which URLs, and thus determines
+ how ad images, cookies and various other aspects of HTTP content and
+ transactions are handled, and on which sites (or even parts thereof). 
+ There are a number of such actions, with a wide range of functionality.
+ Each action does something a little different.
+ These actions give us a veritable arsenal of tools with which to exert 
+ our control, preferences and independence. Actions can be combined so that 
+ their effects are aggregated when applied against a given set of URLs.
+</para> 
+<para>
+ There 
+ are three action files included with <application>Privoxy</application> with
+ differing purposes:
+</para>
+<para>
+ <itemizedlist>
+  <listitem>
+   <para>
+    <filename>match-all.action</filename> - is used to define which
+    <quote>actions</quote> relating to banner-blocking, images, pop-ups,
+    content modification, cookie handling etc should be applied by default.
+    It should be the first actions file loaded
+   </para>
+  </listitem> 
+  <listitem>
+   <para>
+    <filename>default.action</filename> - defines many exceptions (both
+    positive and negative) from the default set of actions that's configured
+    in <filename>match-all.action</filename>. It is a set of rules that should
+    work reasonably well as-is for most users. This file is only supposed to
+    be edited by the developers. It should be the second actions file loaded.
+   </para>
+  </listitem> 
+  <listitem>
+   <para>
+    <filename>user.action</filename> - is intended to be for local site 
+    preferences and exceptions. As an example, if your ISP or your bank
+    has specific requirements, and need special handling, this kind of 
+    thing should go here. This file will not be upgraded.
+   </para>
+  </listitem> 
+  <listitem>
+   <para>
+    <guibutton>Edit</guibutton>  <guibutton>Set to Cautious</guibutton> <guibutton>Set to Medium</guibutton>  <guibutton>Set to Advanced</guibutton>
+   </para>
+   <para>
+    These have increasing levels of aggressiveness <emphasis>and have no
+    influence on your browsing unless you select them explicitly in the
+    editor</emphasis>. A default installation should be pre-set to 
+    <literal>Cautious</literal>. New users should try this for a while before
+    adjusting the settings to more aggressive levels. The more aggressive 
+    the settings, then the more likelihood there is of problems such as sites 
+    not working as they should.
+   </para>
+   <para>
+    The <guibutton>Edit</guibutton> button allows you to turn each 
+    action on/off individually for fine-tuning. The <guibutton>Cautious</guibutton>
+    button changes the actions list to low/safe settings which will activate 
+    ad blocking and a minimal set of &my-app;'s features, and subsequently
+    there will be less of a chance for accidental problems. The
+    <guibutton>Medium</guibutton> button sets the list to a medium level of
+    other features and a low level set of privacy features. The
+    <guibutton>Advanced</guibutton> button sets the list to a high level of
+    ad blocking and medium level of privacy. See the chart below. The latter
+    three buttons over-ride any changes via with the
+    <guibutton>Edit</guibutton> button. More fine-tuning can be done in the
+    lower sections of this internal page.
+   </para>
+   <para>
+    While the actions file editor allows to enable these settings in all
+    actions files, they are only supposed to be enabled in the first one
+    to make sure you don't unintentionally overrule earlier rules.
+   </para>
+   <para>
+    The default profiles, and their associated actions, as pre-defined in
+    <filename>default.action</filename> are:
+   </para>
+   <para>
+    <table frame=all><title>Default Configurations</title>
+    <tgroup cols=4 align=left colsep=1 rowsep=1>
+    <colspec colname=c1>
+    <colspec colname=c2>
+    <colspec colname=c3>
+    <colspec colname=c4>
+    <thead>
+    <row>
+      <entry>Feature</entry>
+      <entry>Cautious</entry>
+      <entry>Medium</entry>
+      <entry>Advanced</entry>
+    </row>
+    </thead>
+    <!--  <tfoot> -->
+    <!--  <row> -->
+    <!--    <entry>f1</entry> -->
+    <!--    <entry>f2</entry> -->
+    <!--    <entry>f3</entry> -->
+    <!--    <entry>f4</entry> -->
+    <!--  </row> -->
+    <!--  </tfoot> -->
+    <tbody>
+
+    <row>
+      <entry>Ad-blocking Aggressiveness</entry>
+      <entry>medium</entry>
+      <entry>high</entry>
+      <entry>high</entry>
+    </row>
+
+    <row>
+      <entry>Ad-filtering by size</entry>
+      <entry>no</entry>
+      <entry>yes</entry>
+      <entry>yes</entry>
+    </row>
+
+    <row>
+      <entry>Ad-filtering by link</entry>
+      <entry>no</entry>
+      <entry>no</entry>
+      <entry>yes</entry>
+    </row>
+    <row>
+      <entry>Pop-up killing</entry>
+      <entry>blocks only</entry>
+      <entry>blocks only</entry>
+      <entry>blocks only</entry>
+    </row>
+    
+    <row>
+      <entry>Privacy Features</entry>
+      <entry>low</entry>
+      <entry>medium</entry>
+      <entry>medium/high</entry>
+    </row>
+
+    <row>
+      <entry>Cookie handling</entry>
+      <entry>none</entry>
+      <entry>session-only</entry>
+      <entry>kill</entry>
+    </row>
+
+    <row>
+      <entry>Referer forging</entry>
+      <entry>no</entry>
+      <entry>yes</entry>
+      <entry>yes</entry>
+    </row>
+
+    <row>
+      <entry>GIF de-animation</entry>
+      <entry>no</entry>
+      <entry>yes</entry>
+      <entry>yes</entry>
+    </row>
+
+    <row>
+      <entry>Fast redirects</entry>
+      <entry>no</entry>
+      <entry>no</entry>
+      <entry>yes</entry>
+    </row>
+
+    <row>
+      <entry>HTML taming</entry>
+      <entry>no</entry>
+      <entry>no</entry>
+      <entry>yes</entry>
+    </row>
+
+    <row>
+      <entry>JavaScript taming</entry>
+      <entry>no</entry>
+      <entry>no</entry>
+      <entry>yes</entry>
+    </row>
+
+    <row>
+      <entry>Web-bug killing</entry>
+      <entry>no</entry>
+      <entry>yes</entry>
+      <entry>yes</entry>
+    </row>
+
+    <row>
+      <entry>Image tag reordering</entry>
+      <entry>no</entry>
+      <entry>yes</entry>
+      <entry>yes</entry>
+    </row>
+
+    </tbody>
+    </tgroup>
+    </table>
+    </para>
+
+  </listitem> 
+ </itemizedlist>
+</para> 
+
+<para>
+ The list of actions files to be used are defined in the main configuration 
+ file, and are processed in the order they are defined (e.g.
+ <filename>default.action</filename> is typically processed before
+ <filename>user.action</filename>). The content of these can all be viewed and
+ edited from <ulink
+ url="http://config.privoxy.org/show-status">http://config.privoxy.org/show-status</ulink>.
+ The over-riding principle when applying actions, is that the last action that
+ matches a given URL wins. The broadest, most general rules go first
+ (defined in <filename>default.action</filename>),
+ followed by any exceptions (typically also in
+ <filename>default.action</filename>), which are then followed lastly by any
+ local preferences (typically in <emphasis>user</emphasis><filename>.action</filename>). 
+ Generally, <filename>user.action</filename> has the last word.
+ </para>
+
+<para>
+ An actions file typically has multiple sections. If you want to use
+ <quote>aliases</quote> in an actions file, you have to place the (optional)
+ <link linkend="aliases">alias section</link> at the top of that file.
+ Then comes the default set of rules which will apply universally to all
+ sites and pages (be <emphasis>very careful</emphasis> with using such a
+ universal set in <filename>user.action</filename> or any other actions file after 
+ <filename>default.action</filename>, because it will override the result
+ from consulting any previous file). And then below that,
+ exceptions to the defined universal policies. You can regard
+ <filename>user.action</filename> as an appendix to <filename>default.action</filename>,
+ with the advantage that it is a separate file, which makes preserving your
+ personal settings across <application>Privoxy</application> upgrades easier.
+</para>
+
+<para> 
+ Actions can be used to block anything you want, including ads, banners, or
+ just some obnoxious URL whose content you would rather not see. Cookies can be accepted
+ or rejected, or accepted only during the current browser session (i.e. not
+ written to disk), content can be modified, some JavaScripts tamed, user-tracking
+ fooled, and much more. See below for a <link linkend="actions">complete list
+ of actions</link>.
+</para>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2>
+<title>Finding the Right Mix</title>
+<para>
+ Note that some <link linkend="actions">actions</link>, like cookie suppression
+ or script disabling, may render some sites unusable that rely on these
+ techniques to work properly. Finding the right mix of actions is not always easy and
+ certainly a matter of personal taste. And, things can always change, requiring 
+ refinements in the configuration. In general, it can be said that the more
+ <quote>aggressive</quote> your default settings (in the top section of the
+ actions file) are, the more exceptions for <quote>trusted</quote> sites you
+ will have to make later. If, for example, you want to crunch all cookies per
+ default, you'll have to make exceptions from that rule for sites that you
+ regularly use and that require cookies for actually useful purposes, like maybe
+ your bank, favorite shop, or newspaper.
+</para>
+
+<para>
+ We have tried to provide you with reasonable rules to start from in the
+ distribution actions files. But there is no general rule of thumb on these
+ things. There just are too many variables, and sites are constantly changing.
+ Sooner or later you will want to change the rules (and read this chapter again :).
+</para>
+</sect2>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2>
+<title>How to Edit</title>
+<para>
+ The easiest way to edit the actions files is with a browser by
+ using our browser-based editor, which can be reached from <ulink
+ url="http://config.privoxy.org/show-status">http://config.privoxy.org/show-status</ulink>.
+ Note: the config file option <link
+ linkend="enable-edit-actions">enable-edit-actions</link> must be enabled for
+ this to work. The editor allows both fine-grained control over every single
+ feature on a per-URL basis, and easy choosing from wholesale sets of defaults
+ like <quote>Cautious</quote>, <quote>Medium</quote> or
+ <quote>Advanced</quote>. Warning: the <quote>Advanced</quote> setting is more
+ aggressive, and will be more likely to cause problems for some sites.
+ Experienced users only! 
+ </para>
+
+<para>
+ If you prefer plain text editing to GUIs, you can of course also directly edit the
+ the actions files with your favorite text editor. Look at
+ <filename>default.action</filename> which is richly commented with many 
+ good examples.
+</para>
+</sect2>
+
+
+<sect2 id="actions-apply">
+<title>How Actions are Applied to Requests</title>
+<para>
+ Actions files are divided into sections. There are special sections,
+ like the <quote><link linkend="aliases">alias</link></quote> sections which will
+ be discussed later. For now let's concentrate on regular sections: They have a
+ heading line (often split up to multiple lines for readability) which consist
+ of a list of actions, separated by whitespace and enclosed in curly braces.
+ Below that, there is a list of URL and tag patterns, each on a separate line.
+</para>
+
+<para>
+ To determine which actions apply to a request, the URL of the request is
+ compared to all URL patterns in each <quote>action file</quote>.
+ Every time it matches, the list of applicable actions for the request is
+ incrementally updated, using the heading of the section in which the
+ pattern is located. The same is done again for tags and tag patterns later on.
+</para>
+
+<para>
+ If multiple applying sections set the same action differently,
+ the last match wins. If not, the effects are aggregated.
+ E.g. a URL might match a regular section with a heading line of <literal>{ 
+ +<link linkend="handle-as-image">handle-as-image</link> }</literal>,
+ then later another one with just <literal>{
+ +<link linkend="block">block</link> }</literal>, resulting
+ in <emphasis>both</emphasis> actions to apply. And there may well be 
+ cases where you will want to combine actions together. Such a section then 
+ might look like:
+</para>
+
+ <para>
+ <screen>
+  { +<literal>handle-as-image</literal>  +<literal>block{Banner ads.}</literal> }
+  # Block these as if they were images. Send no block page.
+   banners.example.com
+   media.example.com/.*banners
+   .example.com/images/ads/</screen>
+ </para>
+
+<para>
+ You can trace this process for URL patterns and any given URL by visiting <ulink
+ url="http://config.privoxy.org/show-url-info">http://config.privoxy.org/show-url-info</ulink>.
+</para>
+
+<para>
+ Examples and more detail on this is provided in the Appendix, <link linkend="ACTIONSANAT">
+ Troubleshooting: Anatomy of an Action</link> section.
+</para>
+</sect2>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2 id="af-patterns">
+<title>Patterns</title>
+<para> 
+ As mentioned, <application>Privoxy</application> uses <quote>patterns</quote>
+ to determine what <emphasis>actions</emphasis> might apply to which sites and
+ pages your browser attempts to access. These <quote>patterns</quote> use wild
+ card type <emphasis>pattern</emphasis> matching to achieve a high degree of
+ flexibility. This allows one expression to be expanded and potentially match
+ against many similar patterns.
+</para>
+ 
+<para>
+ Generally, an URL pattern has the form
+ <literal><domain>/<path></literal>, where both the
+ <literal><domain></literal> and <literal><path></literal> are
+ optional. (This is why the special <literal>/</literal> pattern matches all
+ URLs). Note that the protocol portion of the URL pattern (e.g.
+ <literal>http://</literal>) should <emphasis>not</emphasis> be included in
+ the pattern. This is assumed already!
+</para>
+<para>
+ The pattern matching syntax is different for the domain and path parts of
+ the URL. The domain part uses a simple globbing type matching technique, 
+ while the path part uses more flexible 
+ <ulink url="http://en.wikipedia.org/wiki/Regular_expressions"><quote>Regular
+  Expressions</quote></ulink> (POSIX 1003.2).
+</para>
+
+<variablelist>
+ <varlistentry>
+  <term><literal>www.example.com/</literal></term>
+  <listitem>
+   <para>
+    is a domain-only pattern and will match any request to <literal>www.example.com</literal>,
+    regardless of which document on that server is requested. So ALL pages in
+    this domain would be covered by the scope of this action. Note that a 
+    simple <literal>example.com</literal> is different and would NOT match.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term><literal>www.example.com</literal></term>
+  <listitem>
+   <para>
+    means exactly the same. For domain-only patterns, the trailing <literal>/</literal> may
+    be omitted.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term><literal>www.example.com/index.html</literal></term>
+  <listitem>
+   <para>
+    matches all the documents on <literal>www.example.com</literal>
+    whose name starts with <literal>/index.html</literal>.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term><literal>www.example.com/index.html$</literal></term>
+  <listitem>
+   <para>
+    matches only the single document <literal>/index.html</literal>
+    on <literal>www.example.com</literal>.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term><literal>/index.html$</literal></term>
+  <listitem>
+   <para>
+    matches the document <literal>/index.html</literal>, regardless of the domain,
+    i.e. on <emphasis>any</emphasis> web server anywhere.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term><literal>index.html</literal></term>
+  <listitem>
+   <para>
+    matches nothing, since it would be interpreted as a domain name and
+    there is no top-level domain called <literal>.html</literal>. So its 
+    a mistake.
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3><title>The Domain Pattern</title>
+
+<para>
+ The matching of the domain part offers some flexible options: if the
+ domain starts or ends with a dot, it becomes unanchored at that end. 
+ For example:
+</para>
+
+<variablelist>
+ <varlistentry>
+  <term><literal>.example.com</literal></term>
+  <listitem>
+   <para>
+    matches any domain with first-level domain <literal>com</literal>
+    and second-level domain <literal>example</literal>.
+    For example <literal>www.example.com</literal>,
+    <literal>example.com</literal> and <literal>foo.bar.baz.example.com</literal>.
+    Note that it wouldn't match if the second-level domain was <literal>another-example</literal>.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term><literal>www.</literal></term>
+  <listitem>
+   <para>
+    matches any domain that <emphasis>STARTS</emphasis> with
+    <literal>www.</literal> (It also matches the domain
+    <literal>www</literal> but most of the time that doesn't matter.)
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term><literal>.example.</literal></term>
+  <listitem>
+   <para>
+    matches any domain that <emphasis>CONTAINS</emphasis> <literal>.example.</literal>.
+    And, by the way, also included would be any files or documents that exist
+    within that domain since no path limitations are specified. (Correctly
+    speaking: It matches any FQDN that contains <literal>example</literal> as
+    a domain.) This might be <literal>www.example.com</literal>,
+    <literal>news.example.de</literal>, or
+    <literal>www.example.net/cgi/testing.pl</literal> for instance. All these
+    cases are matched. 
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<para>
+ Additionally, there are wild-cards that you can use in the domain names
+ themselves. These work similarly to shell globbing type wild-cards:
+ <quote>*</quote> represents zero or more arbitrary characters (this is
+ equivalent to the 
+ <ulink url="http://en.wikipedia.org/wiki/Regular_expressions"><quote>Regular
+ Expression</quote></ulink> based syntax of <quote>.*</quote>),
+ <quote>?</quote>  represents any single character (this is equivalent to the
+ regular expression syntax of a simple <quote>.</quote>), and you can define
+ <quote>character classes</quote> in square brackets which is similar to 
+ the same regular expression technique. All of this can be freely mixed:
+</para>
+
+<variablelist>
+ <varlistentry>
+  <term><literal>ad*.example.com</literal></term>
+  <listitem>
+   <para>
+    matches <quote>adserver.example.com</quote>, 
+    <quote>ads.example.com</quote>, etc but not <quote>sfads.example.com</quote>
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term><literal>*ad*.example.com</literal></term>
+  <listitem>
+   <para>
+    matches all of the above, and then some.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term><literal>.?pix.com</literal></term>
+  <listitem>
+   <para>
+    matches <literal>www.ipix.com</literal>,
+    <literal>pictures.epix.com</literal>, <literal>a.b.c.d.e.upix.com</literal> etc. 
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term><literal>www[1-9a-ez].example.c*</literal></term>
+  <listitem>
+   <para>
+     matches <literal>www1.example.com</literal>, 
+     <literal>www4.example.cc</literal>, <literal>wwwd.example.cy</literal>, 
+     <literal>wwwz.example.com</literal> etc., but <emphasis>not</emphasis> 
+     <literal>wwww.example.com</literal>.
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+
+<para>
+ While flexible, this is not the sophistication of full regular expression based syntax.
+</para>
+
+</sect3>
+
+<!--  ~  End section  ~  -->
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3><title>The Path Pattern</title>
+
+<para>
+ <application>Privoxy</application> uses <quote>modern</quote> POSIX 1003.2
+  <ulink url="http://en.wikipedia.org/wiki/Regular_expressions"><quote>Regular
+  Expressions</quote></ulink> for matching the path portion (after the slash),
+  and is thus more flexible.
+</para>
+
+<para>
+ There is an <link linkend="regex">Appendix</link> with a brief quick-start into regular
+ expressions, you also might want to have a look at your operating system's documentation
+ on regular expressions (try <literal>man re_format</literal>).
+</para>
+
+<para>
+ Note that the path pattern is automatically left-anchored at the <quote>/</quote>,
+ i.e. it matches as if it would start with a <quote>^</quote> (regular expression speak 
+ for the beginning of a line).
+</para>
+
+<para>
+ Please also note that matching in the path is <emphasis>CASE INSENSITIVE</emphasis>
+ by default, but you can switch to case sensitive at any point in the pattern by using the 
+ <quote>(?-i)</quote> switch: <literal>www.example.com/(?-i)PaTtErN.*</literal> will match
+ only documents whose path starts with <literal>PaTtErN</literal> in
+ <emphasis>exactly</emphasis> this capitalization.
+</para>
+
+<variablelist>
+ <varlistentry>
+  <term><literal>.example.com/.*</literal></term>
+  <listitem>
+   <para>
+     Is equivalent to just <quote>.example.com</quote>, since any documents 
+     within that domain are matched with or without the <quote>.*</quote>
+     regular expression. This is redundant
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term><literal>.example.com/.*/index.html$</literal></term>
+  <listitem>
+   <para>
+    Will match any page in the domain of <quote>example.com</quote> that is
+    named <quote>index.html</quote>, and that is part of some path. For
+    example, it matches <quote>www.example.com/testing/index.html</quote> but
+    NOT <quote>www.example.com/index.html</quote> because the regular
+    expression called for at least two <quote>/'s</quote>, thus the path 
+    requirement. It also would match 
+    <quote>www.example.com/testing/index_html</quote>, because of the 
+    special meta-character <quote>.</quote>.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term><literal>.example.com/(.*/)?index\.html$</literal></term>
+  <listitem>
+   <para>
+    This regular expression is conditional so it will match any page 
+    named <quote>index.html</quote> regardless of path which in this case can 
+    have one or more <quote>/'s</quote>. And this one must contain exactly 
+    <quote>.html</quote> (but does not have to end with that!).
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term><literal>.example.com/(.*/)(ads|banners?|junk)</literal></term>
+  <listitem>
+   <para>
+    This regular expression will match any path of <quote>example.com</quote>
+    that contains any of the words <quote>ads</quote>, <quote>banner</quote>, 
+    <quote>banners</quote> (because of the <quote>?</quote>) or <quote>junk</quote>.
+    The path does not have to end in these words, just contain them.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term><literal>.example.com/(.*/)(ads|banners?|junk)/.*\.(jpe?g|gif|png)$</literal></term>
+  <listitem>
+   <para>
+    This is very much the same as above, except now it must end in either 
+    <quote>.jpg</quote>, <quote>.jpeg</quote>, <quote>.gif</quote> or <quote>.png</quote>. So this 
+    one is limited to common image formats.
+   </para>
+  </listitem>
+ </varlistentry>
+
+</variablelist>
+<para>
+ There are many, many good examples to be found in <filename>default.action</filename>, 
+ and more tutorials below in <link linkend="regex">Appendix on regular expressions</link>.
+</para>
+
+</sect3>
+
+<!--  ~  End section  ~  -->
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 id="tag-pattern"><title>The Tag Pattern</title>
+
+<para>
+ Tag patterns are used to change the applying actions based on the
+ request's tags. Tags can be created with either the
+ <link linkend="CLIENT-HEADER-TAGGER">client-header-tagger</link>
+ or the  <link linkend="SERVER-HEADER-TAGGER">server-header-tagger</link> action.
+</para>
+
+<para>
+ Tag patterns have to start with <quote>TAG:</quote>, so &my-app;
+ can tell them apart from URL patterns. Everything after the colon
+ including white space, is interpreted as a regular expression with
+ path pattern syntax, except that tag patterns aren't left-anchored
+ automatically (&my-app; doesn't silently add a <quote>^</quote>,
+ you have to do it yourself if you need it).
+</para>
+
+<para>
+ To match all requests that are tagged with <quote>foo</quote>
+ your pattern line should be <quote>TAG:^foo$</quote>,
+ <quote>TAG:foo</quote> would work as well, but it would also
+ match requests whose tags contain <quote>foo</quote> somewhere.
+ <quote>TAG: foo</quote> wouldn't work as it requires white space.
+</para>
+
+<para>
+ Sections can contain URL and tag patterns at the same time,
+ but tag patterns are checked after the URL patterns and thus
+ always overrule them, even if they are located before the URL patterns.
+</para>
+
+<para>
+ Once a new tag is added, Privoxy checks right away if it's matched by one
+ of the tag patterns and updates the action settings accordingly. As a result
+ tags can be used to activate other tagger actions, as long as these other
+ taggers look for headers that haven't already be parsed.
+</para>
+
+<para>
+ For example you could tag client requests which use the
+ <literal>POST</literal> method,
+ then use this tag to activate another tagger that adds a tag if cookies
+ are sent, and then use a block action based on the cookie tag. This allows
+ the outcome of one action, to be input into a subsequent action. However if
+ you'd reverse the position of the described taggers, and activated the
+ method tagger based on the cookie tagger, no method tags would be created.
+ The method tagger would look for the request line, but at the time
+ the cookie tag is created, the request line has already been parsed.
+</para>
+
+<para>
+ While this is a limitation you should be aware of, this kind of
+ indirection is seldom needed anyway and even the example doesn't
+ make too much sense.
+</para>
+
+</sect3>
+
+</sect2>
+
+<!--  ~  End section  ~  -->
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+
+<sect2 id="actions">
+<title>Actions</title>
+<para>
+ All actions are disabled by default, until they are explicitly enabled
+ somewhere in an actions file. Actions are turned on if preceded with a
+ <quote>+</quote>, and turned off if preceded with a <quote>-</quote>. So a
+ <literal>+action</literal> means <quote>do that action</quote>, e.g.
+ <literal>+block</literal> means <quote>please block URLs that match the
+ following patterns</quote>, and <literal>-block</literal> means <quote>don't
+ block URLs that match the following patterns, even if <literal>+block</literal>
+ previously applied.</quote>
+
+</para>
+
+<para> 
+ Again, actions are invoked by placing them on a line, enclosed in curly braces and
+ separated by whitespace, like in 
+ <literal>{+some-action -some-other-action{some-parameter}}</literal>,
+ followed by a list of URL patterns, one per line, to which they apply.
+ Together, the actions line and the following pattern lines make up a section
+ of the actions file. 
+</para>
+
+<para> 
+ Actions fall into three categories:
+</para>
+
+<para>
+ <itemizedlist>
+ <listitem>
+  <para>  
+   Boolean, i.e the action can only be <quote>enabled</quote> or
+   <quote>disabled</quote>. Syntax:
+  </para>
+  <para>
+   <screen>
+  +<replaceable class="function">name</replaceable>        # enable action <replaceable class="parameter">name</replaceable>
+  -<replaceable class="function">name</replaceable>        # disable action <replaceable class="parameter">name</replaceable></screen>
+  </para>
+  <para>  
+   Example: <literal>+handle-as-image</literal>
+  </para>
+ </listitem>
+
+
+ <listitem>
+  <para>  
+   Parameterized, where some value is required in order to enable this type of action.
+   Syntax:
+  </para>
+  <para>
+   <screen>
+  +<replaceable class="function">name</replaceable>{<replaceable class="parameter">param</replaceable>}  # enable action and set parameter to <replaceable class="parameter">param</replaceable>,
+               # overwriting parameter from previous match if necessary
+  -<replaceable class="function">name</replaceable>         # disable action. The parameter can be omitted</screen>
+  </para>
+  <para>
+   Note that if the URL matches multiple positive forms of a parameterized action,
+   the last match wins, i.e. the params from earlier matches are simply ignored.
+  </para>
+  <para>  
+   Example: <literal>+hide-user-agent{Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.8.1.4) Gecko/20070602 Firefox/2.0.0.4}</literal>
+  </para>
+ </listitem>
+ 
+ <listitem>
+  <para>  
+   Multi-value. These look exactly like parameterized actions,
+   but they behave differently: If the action applies multiple times to the
+   same URL, but with different parameters, <emphasis>all</emphasis> the parameters
+   from <emphasis>all</emphasis> matches are remembered. This is used for actions
+   that can be executed for the same request repeatedly, like adding multiple
+   headers, or filtering through multiple filters. Syntax:
+  </para>
+  <para>
+   <screen>
+  +<replaceable class="function">name</replaceable>{<replaceable class="parameter">param</replaceable>}   # enable action and add <replaceable class="parameter">param</replaceable> to the list of parameters
+  -<replaceable class="function">name</replaceable>{<replaceable class="parameter">param</replaceable>}   # remove the parameter <replaceable class="parameter">param</replaceable> from the list of parameters
+                # If it was the last one left, disable the action.
+  <replaceable class="parameter">-name</replaceable>          # disable this action completely and remove all parameters from the list</screen>
+  </para>
+  <para>  
+   Examples: <literal>+add-header{X-Fun-Header: Some text}</literal> and
+   <literal>+filter{html-annoyances}</literal>
+  </para>
+ </listitem>
+
+ </itemizedlist>
+</para>
+
+<para>
+ If nothing is specified in any actions file, no <quote>actions</quote> are
+ taken. So in this case <application>Privoxy</application> would just be a
+ normal, non-blocking, non-filtering proxy. You must specifically enable the
+ privacy and blocking features you need (although the provided default actions
+ files will give a good starting point).
+</para>
+
+<para>
+ Later defined action sections always over-ride earlier ones of the same type.
+ So exceptions to any rules you make, should come in the latter part of the file (or 
+ in a file that is processed later when using multiple actions files such 
+ as <filename>user.action</filename>). For multi-valued actions, the actions
+ are applied in the order they are specified. Actions files are processed in
+ the order they are defined in <filename>config</filename> (the default
+ installation has three actions files). It also quite possible for any given
+ URL to match more than one <quote>pattern</quote> (because of wildcards and
+ regular expressions), and thus to trigger more than one set of actions! Last
+ match wins.
+</para>
+
+<!-- start actions listing -->
+<para>
+ The list of valid <application>Privoxy</application> actions are:
+</para>
+
+
+<!-- ********************************************************** -->
+<!-- Please note the below defined actions use id's that are    -->
+<!-- probably linked from other places, so please don't change. -->
+<!--                                                            -->
+<!-- ********************************************************** -->
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+
+<sect3 renderas="sect4" id="add-header">
+<title>add-header</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Confuse log analysis, custom applications</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Sends a user defined HTTP header to the web server.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- boolean, parameterized, Multi-value -->
+  <listitem>
+   <para>Multi-value.</para>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    Any string value is possible. Validity of the defined HTTP headers is not checked.
+    It is recommended that you use the <quote><literal>X-</literal></quote> prefix
+    for custom headers.
+   </para>
+  </listitem>
+ </varlistentry>
+ 
+<varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    This action may be specified multiple times, in order to define multiple 
+    headers. This is rarely needed for the typical user. If you don't know what 
+    <quote>HTTP headers</quote> are, you definitely don't need to worry about this 
+    one.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage:</term>
+  <listitem>
+    <para>
+     <screen>+add-header{X-User-Tracking: sucks}</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="block">
+<title>block</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Block ads or other unwanted content</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Requests for URLs to which this action applies are blocked, i.e. the
+    requests are trapped by &my-app; and the requested URL is never retrieved,
+    but is answered locally with a substitute page or image, as determined by
+    the <literal><link
+    linkend="handle-as-image">handle-as-image</link></literal>,
+    <literal><link
+    linkend="set-image-blocker">set-image-blocker</link></literal>, and 
+    <literal><link
+    linkend="handle-as-empty-document">handle-as-empty-document</link></literal> actions.
+    
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- boolean, parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>A block reason that should be given to the user.</para>
+  </listitem>
+ </varlistentry>
+ 
+<varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    <application>Privoxy</application> sends a special <quote>BLOCKED</quote> page
+    for requests to blocked pages. This page contains the block reason given as
+    parameter, a link to find out why the block action applies, and a click-through
+    to the blocked content (the latter only if the force feature is available and
+    enabled).
+   </para>
+   <para> 
+    A very important exception occurs if <emphasis>both</emphasis> 
+    <literal>block</literal> and <literal><link linkend="handle-as-image">handle-as-image</link></literal>,
+    apply to the same request: it will then be replaced by an image. If 
+    <literal><link linkend="set-image-blocker">set-image-blocker</link></literal>
+    (see below) also applies, the type of image will be determined by its parameter,
+    if not, the standard checkerboard pattern is sent.
+   </para>
+   <para>
+    It is important to understand this process, in order 
+    to understand how <application>Privoxy</application> deals with 
+    ads and other unwanted content. Blocking is a core feature, and one 
+    upon which various other features depend.
+   </para>
+   <para>
+    The <literal><link linkend="filter">filter</link></literal>
+    action can perform a very similar task, by <quote>blocking</quote>
+    banner images and other content through rewriting the relevant URLs in the
+    document's HTML source, so they don't get requested in the first place.
+    Note that this is a totally different technique, and it's easy to confuse the two.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage (section):</term>
+  <listitem>
+    <para>
+     <screen>{+block{No nasty stuff for you.}}
+# Block and replace with "blocked" page
+ .nasty-stuff.example.com
+
+{+block{Doubleclick banners.} +handle-as-image} 
+# Block and replace with image
+ .ad.doubleclick.net
+ .ads.r.us/banners/
+
+{+block{Layered ads.} +handle-as-empty-document} 
+# Block and then ignore
+ adserver.example.net/.*\.js$</screen>
+    </para>
+  </listitem>
+ </varlistentry>
+
+
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="change-x-forwarded-for">
+<title>change-x-forwarded-for</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Improve privacy by not forwarding the source of the request in the HTTP headers.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Deletes the <quote>X-Forwarded-For:</quote> HTTP header from the client request,
+    or adds a new one.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <itemizedlist>
+    <listitem>
+     <para><quote>block</quote> to delete the header.</para>
+    </listitem>
+    <listitem>
+     <para>
+       <quote>add</quote> to create the header (or append
+       the client's IP address to an already existing one).
+     </para>
+    </listitem>
+   </itemizedlist>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    It is safe and recommended to use <literal>block</literal>.
+   </para>
+   <para>
+    Forwarding the source address of the request may make
+    sense in some multi-user setups but is also a privacy risk.
+   </para>
+  </listitem>
+ </varlistentry>
+ <varlistentry>
+  <term>Example usage:</term>
+  <listitem>
+    <para>
+     <screen>+change-x-forwarded-for{block}</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="client-header-filter">
+<title>client-header-filter</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>
+   Rewrite or remove single client headers.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    All client headers to which this action applies are filtered on-the-fly through
+    the specified regular expression based substitutions.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- boolean, parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    The name of a client-header filter, as defined in one of the
+    <link linkend="filter-file">filter files</link>.
+   </para>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    Client-header filters are applied to each header on its own, not to
+    all at once. This makes it easier to diagnose problems, but on the downside
+    you can't write filters that only change header x if header y's value is z.
+    You can do that by using tags though.
+   </para>
+   <para>
+    Client-header filters are executed after the other header actions have finished
+    and use their output as input.
+   </para>
+   <para>
+    If the request URL gets changed, &my-app; will detect that and use the new
+    one. This can be used to rewrite the request destination behind the client's
+    back, for example to specify a Tor exit relay for certain requests.
+   </para>
+   <para>
+    Please refer to the <link linkend="filter-file">filter file chapter</link>
+    to learn which client-header filters are available by default, and how to
+    create your own.
+   </para>
+
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage (section):</term>
+  <listitem>
+    <para>
+     <screen>
+# Hide Tor exit notation in Host and Referer Headers
+{+client-header-filter{hide-tor-exit-notation}}
+/
+    </screen>
+    </para>
+  </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="client-header-tagger">
+<title>client-header-tagger</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>
+   Block requests based on their headers.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Client headers to which this action applies are filtered on-the-fly through
+    the specified regular expression based substitutions, the result is used as
+    tag. 
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- boolean, parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    The name of a client-header tagger, as defined in one of the
+    <link linkend="filter-file">filter files</link>.
+   </para>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    Client-header taggers are applied to each header on its own,
+    and as the header isn't modified, each tagger <quote>sees</quote>
+    the original.
+   </para>
+   <para>
+    Client-header taggers are the first actions that are executed
+    and their tags can be used to control every other action.
+   </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage (section):</term>
+  <listitem>
+    <para>
+     <screen>
+# Tag every request with the User-Agent header
+{+client-header-tagger{user-agent}}
+/
+
+# Tagging itself doesn't change the action
+# settings, sections with TAG patterns do:
+#
+# If it's a download agent, use a different forwarding proxy,
+# show the real User-Agent and make sure resume works.
+{+forward-override{forward-socks5 10.0.0.2:2222 .} \
+ -hide-if-modified-since      \
+ -overwrite-last-modified     \
+ -hide-user-agent             \
+ -filter                      \
+ -deanimate-gifs              \
+}
+TAG:^User-Agent: NetBSD-ftp/
+TAG:^User-Agent: Novell ZYPP Installer
+TAG:^User-Agent: RPM APT-HTTP/
+TAG:^User-Agent: fetch libfetch/
+TAG:^User-Agent: Ubuntu APT-HTTP/
+TAG:^User-Agent: MPlayer/
+    </screen>
+    </para>
+  </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="content-type-overwrite">
+<title>content-type-overwrite</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Stop useless download menus from popping up, or change the browser's rendering mode</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Replaces the <quote>Content-Type:</quote> HTTP server header.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    Any string. 
+   </para>    
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    The <quote>Content-Type:</quote> HTTP server header is used by the
+    browser to decide what to do with the document. The value of this
+    header can cause the browser to open a download menu instead of
+    displaying the document by itself, even if the document's format is
+    supported by the browser. 
+   </para>
+   <para>
+    The declared content type can also affect which rendering mode
+    the browser chooses. If XHTML is delivered as <quote>text/html</quote>,
+    many browsers treat it as yet another broken HTML document.
+    If it is send as <quote>application/xml</quote>, browsers with
+    XHTML support will only display it, if the syntax is correct.
+   </para>
+   <para>
+    If you see a web site that proudly uses XHTML buttons, but sets
+    <quote>Content-Type: text/html</quote>, you can use &my-app;
+    to overwrite it with <quote>application/xml</quote> and validate
+    the web master's claim inside your XHTML-supporting browser.
+    If the syntax is incorrect, the browser will complain loudly. 
+   </para>
+   <para>
+    You can also go the opposite direction: if your browser prints
+    error messages instead of rendering a document falsely declared
+    as XHTML, you can overwrite the content type with
+    <quote>text/html</quote> and have it rendered as broken HTML document. 
+   </para>
+   <para>
+    By default <literal>content-type-overwrite</literal> only replaces
+    <quote>Content-Type:</quote> headers that look like some kind of text.
+    If you want to overwrite it unconditionally, you have to combine it with
+    <literal><link linkend="force-text-mode">force-text-mode</link></literal>.
+    This limitation exists for a reason, think twice before circumventing it.
+   </para>
+   <para>
+    Most of the time it's easier to replace this action with a custom
+    <literal><link linkend="server-header-filter">server-header filter</link></literal>.
+    It allows you to activate it for every document of a certain site and it will still
+    only replace the content types you aimed at.
+   </para>
+   <para>
+    Of course you can apply <literal>content-type-overwrite</literal>
+    to a whole site and then make URL based exceptions, but it's a lot
+    more work to get the same precision. 
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage (sections):</term>
+  <listitem>
+    <para>
+     <screen># Check if www.example.net/ really uses valid XHTML
+{ +content-type-overwrite{application/xml} }
+www.example.net/
+
+# but leave the content type unmodified if the URL looks like a style sheet
+{-content-type-overwrite}
+www.example.net/.*\.css$
+www.example.net/.*style
+</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="crunch-client-header">
+<!--
+new action
+-->
+<title>crunch-client-header</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Remove a client header <application>Privoxy</application> has no dedicated action for.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Deletes every header sent by the client that contains the string the user supplied as parameter.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    Any string.
+   </para>    
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    This action allows you to block client headers for which no dedicated
+    <application>Privoxy</application> action exists.
+    <application>Privoxy</application> will remove every client header that
+    contains the string you supplied as parameter.
+   </para>
+   <para>
+    Regular expressions are <emphasis>not supported</emphasis> and you can't
+    use this action to block different headers in the same request, unless
+    they contain the same string.
+   </para>
+   <para>
+    <literal>crunch-client-header</literal> is only meant for quick tests.
+    If you have to block several different headers, or only want to modify
+    parts of them, you should use a
+    <literal><link linkend="client-header-filter">client-header filter</link></literal>.
+   </para>
+    <warning>
+     <para>
+      Don't block any header without understanding the consequences.
+     </para>
+    </warning>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage (section):</term>
+  <listitem>
+    <para>
+     <screen># Block the non-existent "Privacy-Violation:" client header 
+{ +crunch-client-header{Privacy-Violation:} }
+/
+    </screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="crunch-if-none-match">
+<title>crunch-if-none-match</title>
+<!--
+new action
+-->
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Prevent yet another way to track the user's steps between sessions.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Deletes the <quote>If-None-Match:</quote> HTTP client header.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Boolean.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    N/A
+   </para>    
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    Removing the <quote>If-None-Match:</quote> HTTP client header
+    is useful for filter testing, where you want to force a real
+    reload instead of getting status code <quote>304</quote> which
+    would cause the browser to use a cached copy of the page.
+   </para>
+   <para>
+    It is also useful to make sure the header isn't used as a cookie
+    replacement (unlikely but possible).
+   </para>
+   <para>
+    Blocking the <quote>If-None-Match:</quote> header shouldn't cause any
+    caching problems, as long as the <quote>If-Modified-Since:</quote> header
+    isn't blocked or missing as well.
+   </para>
+   <para>
+    It is recommended to use this action together with
+    <literal><link linkend="hide-if-modified-since">hide-if-modified-since</link></literal>
+    and
+    <literal><link linkend="overwrite-last-modified">overwrite-last-modified</link></literal>.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage (section):</term>
+  <listitem>
+    <para>
+     <screen># Let the browser revalidate cached documents but don't
+# allow the server to use the revalidation headers for user tracking.
+{+hide-if-modified-since{-60} \
+ +overwrite-last-modified{randomize} \
+ +crunch-if-none-match}
+/   </screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="crunch-incoming-cookies">
+<title>crunch-incoming-cookies</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>
+    Prevent the web server from setting HTTP cookies on your system
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Deletes any <quote>Set-Cookie:</quote> HTTP headers from server replies.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Boolean.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    N/A
+   </para>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    This action is only concerned with <emphasis>incoming</emphasis> HTTP cookies. For
+    <emphasis>outgoing</emphasis> HTTP cookies, use
+    <literal><link linkend="crunch-outgoing-cookies">crunch-outgoing-cookies</link></literal>.
+    Use <emphasis>both</emphasis> to disable HTTP cookies completely.
+   </para>
+   <para>
+    It makes <emphasis>no sense at all</emphasis> to use this action in conjunction
+    with the <literal><link linkend="session-cookies-only">session-cookies-only</link></literal> action,
+    since it would prevent the session cookies from being set. See also 
+    <literal><link linkend="filter-content-cookies">filter-content-cookies</link></literal>.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage:</term>
+  <listitem>
+   <para>
+    <screen>+crunch-incoming-cookies</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="crunch-server-header">
+<title>crunch-server-header</title>
+<!--
+new action
+-->
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Remove a server header <application>Privoxy</application> has no dedicated action for.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Deletes every header sent by the server that contains the string the user supplied as parameter.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    Any string.
+   </para>    
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    This action allows you to block server headers for which no dedicated
+    <application>Privoxy</application> action exists. <application>Privoxy</application>
+    will remove every server header that contains the string you supplied as parameter.
+   </para>
+   <para>
+    Regular expressions are <emphasis>not supported</emphasis> and you can't
+    use this action to block different headers in the same request, unless
+    they contain the same string.
+   </para>
+   <para>
+    <literal>crunch-server-header</literal> is only meant for quick tests.
+    If you have to block several different headers, or only want to modify
+    parts of them, you should use a custom
+    <literal><link linkend="server-header-filter">server-header filter</link></literal>.
+   </para>
+    <warning>
+     <para>
+     Don't block any header without understanding the consequences.
+     </para>
+    </warning>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage (section):</term>
+  <listitem>
+    <para>
+     <screen># Crunch server headers that try to prevent caching
+{ +crunch-server-header{no-cache} }
+/   </screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="crunch-outgoing-cookies">
+<title>crunch-outgoing-cookies</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>
+    Prevent the web server from reading any HTTP cookies from your system
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Deletes any <quote>Cookie:</quote> HTTP headers from client requests.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Boolean.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    N/A
+   </para>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    This action is only concerned with <emphasis>outgoing</emphasis> HTTP cookies. For
+    <emphasis>incoming</emphasis> HTTP cookies, use
+    <literal><link linkend="crunch-incoming-cookies">crunch-incoming-cookies</link></literal>.
+    Use <emphasis>both</emphasis> to disable HTTP cookies completely.
+   </para>
+   <para>
+    It makes <emphasis>no sense at all</emphasis> to use this action in conjunction
+    with the <literal><link linkend="session-cookies-only">session-cookies-only</link></literal> action,
+    since it would prevent the session cookies from being read.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage:</term>
+  <listitem>
+   <para>
+    <screen>+crunch-outgoing-cookies</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="deanimate-gifs">
+<title>deanimate-gifs</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Stop those annoying, distracting animated GIF images.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    De-animate GIF animations, i.e. reduce them to their first or last image.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- boolean, parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    <quote>last</quote> or <quote>first</quote>
+   </para>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    This will also shrink the images considerably (in bytes, not pixels!). If
+    the option <quote>first</quote> is given, the first frame of the animation
+    is used as the replacement. If <quote>last</quote> is given, the last
+    frame of the animation is used instead, which probably makes more sense for
+    most banner animations, but also has the risk of not showing the entire
+    last frame (if it is only a delta to an earlier frame).
+   </para>
+   <para>
+    You can safely use this action with patterns that will also match non-GIF
+    objects, because no attempt will be made at anything that doesn't look like
+    a GIF.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage:</term>
+  <listitem>
+    <para>
+      <screen>+deanimate-gifs{last}</screen>
+    </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="downgrade-http-version">
+<title>downgrade-http-version</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Work around (very rare) problems with HTTP/1.1</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Downgrades HTTP/1.1 client requests and server replies to HTTP/1.0.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- boolean, parameterized, Multi-value -->
+  <listitem>
+   <para>Boolean.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    N/A
+   </para>
+  </listitem>
+ </varlistentry>
+ 
+<varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    This is a left-over from the time when <application>Privoxy</application>
+    didn't support important HTTP/1.1 features well. It is left here for the
+    unlikely case that you experience HTTP/1.1 related problems with some server
+    out there. Not all HTTP/1.1 features and requirements are supported yet,
+    so there is a chance you might need this action.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage (section):</term>
+  <listitem>
+    <para>
+     <screen>{+downgrade-http-version}
+problem-host.example.com</screen>
+    </para>
+  </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="fast-redirects">
+<title>fast-redirects</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Fool some click-tracking scripts and speed up indirect links.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Detects redirection URLs and redirects the browser without contacting
+    the redirection server first.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- boolean, parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <itemizedlist>
+    <listitem>
+     <para>
+      <quote>simple-check</quote> to just search for the string <quote>http://</quote>
+      to detect redirection URLs.
+     </para>
+    </listitem>
+    <listitem>
+     <para>
+      <quote>check-decoded-url</quote> to decode URLs (if necessary) before searching
+      for redirection URLs.
+     </para>
+    </listitem>
+   </itemizedlist>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>  
+    Many sites, like yahoo.com, don't just link to other sites. Instead, they
+    will link to some script on their own servers, giving the destination as a
+    parameter, which will then redirect you to the final target. URLs
+    resulting from this scheme typically look like:
+    <quote>http://www.example.org/click-tracker.cgi?target=http%3a//www.example.net/</quote>.
+  </para>
+   <para>
+    Sometimes, there are even multiple consecutive redirects encoded in the
+    URL. These redirections via scripts make your web browsing more traceable,
+    since the server from which you follow such a link can see where you go
+    to. Apart from that, valuable bandwidth and time is wasted, while your
+    browser asks the server for one redirect after the other. Plus, it feeds
+    the advertisers.
+   </para>
+   <para>
+    This feature is currently not very smart and is scheduled for improvement.
+    If it is enabled by default, you will have to create some exceptions to
+    this action. It can lead to failures in several ways: 
+   </para>
+   <para>
+    Not every URLs with other URLs as parameters is evil.
+    Some sites offer a real service that requires this information to work.
+    For example a validation service needs to know, which document to validate.
+    <literal>fast-redirects</literal> assumes that every URL parameter that
+    looks like another URL is a redirection target, and will always redirect to
+    the last one. Most of the time the assumption is correct, but if it isn't,
+    the user gets redirected anyway.
+   </para>
+   <para>
+    Another failure occurs if the URL contains other parameters after the URL parameter.
+    The URL:
+    <quote>http://www.example.org/?redirect=http%3a//www.example.net/&foo=bar</quote>.
+    contains the redirection URL <quote>http://www.example.net/</quote>,
+    followed by another parameter. <literal>fast-redirects</literal> doesn't know that
+    and will cause a redirect to <quote>http://www.example.net/&foo=bar</quote>.
+    Depending on the target server configuration, the parameter will be silently ignored
+    or lead to a <quote>page not found</quote> error. You can prevent this problem by
+    first using the <literal><link linkend="redirect">redirect</link></literal> action
+    to remove the last part of the URL, but it requires a little effort.
+   </para>
+   <para>
+    To detect a redirection URL, <literal>fast-redirects</literal> only
+    looks for the string <quote>http://</quote>, either in plain text
+    (invalid but often used) or encoded as <quote>http%3a//</quote>.
+    Some sites use their own URL encoding scheme, encrypt the address
+    of the target server or replace it with a database id. In theses cases
+    <literal>fast-redirects</literal> is fooled and the request reaches the
+    redirection server where it probably gets logged.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage:</term>
+  <listitem>
+    <para>
+     <screen>
+ { +fast-redirects{simple-check} }
+   one.example.com 
+
+ { +fast-redirects{check-decoded-url} }
+   another.example.com/testing</screen>
+    </para>
+  </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="filter">
+<title>filter</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Get rid of HTML and JavaScript annoyances, banner advertisements (by size), 
+         do fun text replacements, add personalized effects, etc.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    All instances of text-based type, most notably HTML and JavaScript, to which
+    this action applies, can be filtered on-the-fly through the specified regular
+    expression based substitutions. (Note: as of version 3.0.3 plain text documents
+    are exempted from filtering, because web servers often use the
+   <literal>text/plain</literal> MIME type for all files whose type they don't know.)
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- boolean, parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    The name of a content filter, as defined in the <link linkend="filter-file">filter file</link>.
+    Filters can be defined in one or more  files as defined by the 
+    <literal><link linkend="filterfile">filterfile</link></literal>
+    option in the <link linkend="config">config file</link>. 
+    <filename>default.filter</filename> is the collection of filters 
+    supplied by the developers. Locally defined filters should go 
+    in their own file, such as <filename>user.filter</filename>.
+   </para>
+   <para>
+     When used in its negative form,
+     and without parameters, <emphasis>all</emphasis> filtering is completely disabled.
+  </para>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    For your convenience, there are a number of pre-defined filters available 
+    in the distribution filter file that you can use. See the examples below for
+    a list.
+   </para>
+   <para>
+    Filtering requires buffering the page content, which may appear to
+    slow down page rendering since nothing is displayed until all content has
+    passed the filters. (It does not really take longer, but seems that way
+    since the page is not incrementally displayed.) This effect will be more
+    noticeable on slower connections.
+   </para>
+   <para>
+   <quote>Rolling your own</quote>
+    filters requires a knowledge of 
+     <ulink url="http://en.wikipedia.org/wiki/Regular_expressions"><quote>Regular
+     Expressions</quote></ulink> and 
+      <ulink url="http://en.wikipedia.org/wiki/Html"><quote>HTML</quote></ulink>.
+    This is very powerful feature, and potentially very intrusive. 
+    Filters should be used with caution, and where an equivalent
+    <quote>action</quote> is not available.
+   </para>
+   <para>
+    The amount of data that can be filtered is limited to the 
+    <literal><link linkend="buffer-limit">buffer-limit</link></literal>
+    option in the main <link linkend="config">config file</link>. The 
+    default is 4096 KB (4 Megs). Once this limit is exceeded, the buffered
+    data, and all pending data, is passed through unfiltered. 
+   </para>
+   <para>
+    Inappropriate MIME types, such as zipped files, are not filtered at all.
+    (Again, only text-based types except plain text). Encrypted SSL data
+    (from HTTPS servers) cannot be filtered either, since this would violate
+    the integrity of the secure transaction. In some situations it might
+    be necessary to protect certain text, like source code, from filtering
+    by defining appropriate <literal>-filter</literal> exceptions.
+   </para>
+   <para>
+    Compressed content can't be filtered either, unless &my-app;
+    is compiled with zlib support (requires at least &my-app; 3.0.7),
+    in which case &my-app; will decompress the content before filtering
+    it.
+   </para>
+   <para>
+    If you use a &my-app; version without zlib support, but want filtering to work on
+    as much documents as possible, even those that would normally be sent compressed,
+    you must use the <literal><link linkend="prevent-compression">prevent-compression</link></literal>
+    action in conjunction with <literal>filter</literal>.
+   </para>
+   <para>
+    Content filtering can achieve some of the same effects as the 
+    <literal><link linkend="block">block</link></literal>
+    action, i.e. it can be used to block ads and banners. But the mechanism 
+    works quite differently. One effective use, is to block ad banners 
+    based on their size (see below), since many of these seem to be somewhat 
+    standardized.
+   </para>
+   <para>
+    <link linkend="contact">Feedback</link> with suggestions for new or
+    improved filters is particularly welcome!
+   </para>
+   <para>
+    The below list has only the names and a one-line description of each
+    predefined filter. There are <link linkend="predefined-filters">more
+    verbose explanations</link> of what these filters do in the <link
+    linkend="filter-file">filter file chapter</link>.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage (with filters from the distribution <filename>default.filter</filename> file).
+  See <link linkend="PREDEFINED-FILTERS">the Predefined Filters section</link> for 
+  more explanation on each:</term>
+  <listitem>
+   <para>
+    <anchor id="filter-js-annoyances">
+    <screen>+filter{js-annoyances}       # Get rid of particularly annoying JavaScript abuse.</screen>
+   </para>
+   <para>
+    <anchor id="filter-js-events">
+    <screen>+filter{js-events}           # Kill all JS event bindings and timers (Radically destructive! Only for extra nasty sites).</screen>
+   </para>
+   <para>
+    <anchor id="filter-html-annoyances">
+    <screen>+filter{html-annoyances}     # Get rid of particularly annoying HTML abuse.</screen>
+   </para>
+   <para>
+    <anchor id="filter-content-cookies">
+    <screen>+filter{content-cookies}     # Kill cookies that come in the HTML or JS content.</screen>
+   </para>
+   <para>
+    <anchor id="filter-refresh-tags">
+    <screen>+filter{refresh-tags}        # Kill automatic refresh tags (for dial-on-demand setups).</screen>
+   </para>
+   <para>
+    <anchor id="filter-unsolicited-popups">
+    <screen>+filter{unsolicited-popups}  # Disable only unsolicited pop-up windows. Useful if your browser lacks this ability.</screen>
+   </para>
+   <para>
+    <anchor id="filter-all-popups">
+    <screen>+filter{all-popups}          # Kill all popups in JavaScript and HTML. Useful if your browser lacks this ability.</screen>
+   </para>
+   <para>
+    <anchor id="filter-img-reorder">
+    <screen>+filter{img-reorder}         # Reorder attributes in <img> tags to make the banners-by-* filters more effective.</screen>
+   </para>
+   <para>
+    <anchor id="filter-banners-by-size">
+    <screen>+filter{banners-by-size}     # Kill banners by size.</screen>
+   </para>
+   <para>
+    <anchor id="filter-banners-by-link">
+    <screen>+filter{banners-by-link}     # Kill banners by their links to known clicktrackers.</screen>
+   </para>
+   <para>
+    <anchor id="filter-webbugs">
+    <screen>+filter{webbugs}             # Squish WebBugs (1x1 invisible GIFs used for user tracking).</screen>
+   </para>
+   <para>
+    <anchor id="filter-tiny-textforms">
+    <screen>+filter{tiny-textforms}      # Extend those tiny textareas up to 40x80 and kill the hard wrap.</screen>
+   </para>
+   <para>
+    <anchor id="filter-jumping-windows">
+    <screen>+filter{jumping-windows}     # Prevent windows from resizing and moving themselves.</screen>
+   </para>
+   <para>
+    <anchor id="filter-frameset-borders">
+    <screen>+filter{frameset-borders}    # Give frames a border and make them resizable.</screen>
+   </para>
+   <para>
+    <anchor id="filter-demoronizer">
+    <screen>+filter{demoronizer}         # Fix MS's non-standard use of standard charsets.</screen>
+   </para>
+   <para>
+    <anchor id="filter-shockwave-flash">
+    <screen>+filter{shockwave-flash}     # Kill embedded Shockwave Flash objects.</screen>
+   </para>
+   <para>
+    <anchor id="filter-quicktime-kioskmode">
+    <screen>+filter{quicktime-kioskmode} # Make Quicktime movies saveable.</screen>
+   </para>
+   <para>
+    <anchor id="filter-fun">
+    <screen>+filter{fun}                 # Text replacements for subversive browsing fun!</screen>
+   </para>
+   <para>
+    <anchor id="filter-crude-parental">
+    <screen>+filter{crude-parental}      # Crude parental filtering. Note that this filter doesn't work reliably.</screen>
+   </para>
+   <para>
+    <anchor id="filter-ie-exploits">
+    <screen>+filter{ie-exploits}         # Disable some known Internet Explorer bug exploits.</screen>
+   </para>
+   <para>
+    <anchor id="filter-site-specifics">
+    <screen>+filter{site-specifics}      # Cure for site-specific problems. Don't apply generally!</screen>
+   </para>
+   <para>
+    <anchor id="filter-no-ping">
+    <screen>+filter{no-ping}             # Removes non-standard ping attributes in <a> and <area> tags.</screen>
+   </para>
+   <para>
+    <anchor id="filter-google">
+    <screen>+filter{google}              # CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.</screen>
+   </para>
+   <para>
+    <anchor id="filter-yahoo">
+    <screen>+filter{yahoo}               # CSS-based block for Yahoo text ads. Also removes a width limitation.</screen>
+   </para>
+   <para>
+    <anchor id="filter-msn">
+    <screen>+filter{msn}                 # CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.</screen>
+   </para>
+   <para>
+    <anchor id="filter-blogspot">
+    <screen>+filter{blogspot}            # Cleans up some Blogspot blogs. Read the fine print before using this.</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="force-text-mode">
+<title>force-text-mode</title>
+<!--
+new action
+-->
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Force <application>Privoxy</application> to treat a document as if it was in some kind of <emphasis>text</emphasis> format.   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Declares a document as text, even if the <quote>Content-Type:</quote> isn't detected as such.
+   </para>    
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Boolean.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    N/A
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    As explained <literal><link linkend="filter">above</link></literal>,
+    <application>Privoxy</application> tries to only filter files that are
+    in some kind of text format. The same restrictions apply to
+    <literal><link linkend="content-type-overwrite">content-type-overwrite</link></literal>.
+    <literal>force-text-mode</literal> declares a document as text,
+    without looking at the <quote>Content-Type:</quote> first.
+   </para>
+   <warning> 
+    <para>
+     Think twice before activating this action. Filtering binary data
+     with regular expressions can cause file damage.
+    </para>
+   </warning>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Example usage:</term>
+  <listitem>
+   <para>
+     <screen>
++force-text-mode
+     </screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="forward-override">
+<title>forward-override</title>
+<!--
+new action
+-->
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Change the forwarding settings based on User-Agent or request origin</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Overrules the forward directives in the configuration file.
+   </para>    
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Multi-value.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <itemizedlist>
+    <listitem>
+     <para><quote>forward .</quote> to use a direct connection without any additional proxies.</para>
+    </listitem>
+    <listitem>
+     <para>
+      <quote>forward 127.0.0.1:8123</quote> to use the HTTP proxy listening at 127.0.0.1 port 8123.
+     </para>
+    </listitem>
+    <listitem>
+     <para>
+      <quote>forward-socks4a 127.0.0.1:9050 .</quote> to use the socks4a proxy listening at
+      127.0.0.1 port 9050. Replace <quote>forward-socks4a</quote> with <quote>forward-socks4</quote>
+      to use a socks4 connection  (with local DNS resolution) instead, use <quote>forward-socks5</quote>
+      for socks5 connections (with remote DNS resolution).
+     </para>
+    </listitem>
+    <listitem>
+     <para>
+      <quote>forward-socks4a 127.0.0.1:9050 proxy.example.org:8000</quote> to use the socks4a proxy
+      listening at 127.0.0.1 port 9050 to reach the HTTP proxy listening at proxy.example.org port 8000.
+      Replace <quote>forward-socks4a</quote> with <quote>forward-socks4</quote> to use a socks4 connection
+      (with local DNS resolution) instead, use <quote>forward-socks5</quote>
+      for socks5 connections (with remote DNS resolution).
+     </para>
+    </listitem>
+   </itemizedlist>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    This action takes parameters similar to the
+    <link linkend="forwarding">forward</link> directives in the configuration
+    file, but without the URL pattern. It can be used as replacement, but normally it's only
+    used in cases where matching based on the request URL isn't sufficient.
+   </para>
+   <warning> 
+    <para>
+     Please read the description for the <link linkend="forwarding">forward</link> directives before
+     using this action. Forwarding to the wrong people will reduce your privacy and increase the
+     chances of man-in-the-middle attacks.
+    </para>
+    <para>
+     If the ports are missing or invalid, default values will be used. This might change
+     in the future and you shouldn't rely on it. Otherwise incorrect syntax causes Privoxy
+     to exit.
+    </para>
+    <para>
+     Use the <ulink url="http://config.privoxy.org/show-url-info">show-url-info CGI page</ulink>
+     to verify that your forward settings do what you thought the do.
+    </para>
+   </warning>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Example usage:</term>
+  <listitem>
+   <para>
+     <screen>
+# Always use direct connections for requests previously tagged as
+# <quote>User-Agent: fetch libfetch/2.0</quote> and make sure
+# resuming downloads continues to work.
+# This way you can continue to use Tor for your normal browsing,
+# without overloading the Tor network with your FreeBSD ports updates
+# or downloads of bigger files like ISOs.
+# Note that HTTP headers are easy to fake and therefore their
+# values are as (un)trustworthy as your clients and users.
+{+forward-override{forward .} \
+ -hide-if-modified-since      \
+ -overwrite-last-modified     \
+}
+TAG:^User-Agent: fetch libfetch/2\.0$
+     </screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="handle-as-empty-document">
+<title>handle-as-empty-document</title>
+<!--
+new action
+-->
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Mark URLs that should be replaced by empty documents <emphasis>if they get blocked</emphasis></para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    This action alone doesn't do anything noticeable. It just marks URLs.
+    If the <literal><link linkend="block">block</link></literal> action <emphasis>also applies</emphasis>,
+    the presence or absence of this mark decides whether an HTML <quote>BLOCKED</quote>
+    page, or an empty document will be sent to the client as a substitute for the blocked content.
+    The <emphasis>empty</emphasis> document isn't literally empty, but actually contains a single space.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Boolean.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    N/A
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    Some browsers complain about syntax errors if JavaScript documents
+    are blocked with <application>Privoxy's</application>
+    default HTML page; this option can be used to silence them.
+    And of course this action can also be used to eliminate the &my-app;
+    BLOCKED message in frames.
+   </para>
+   <para>
+    The content type for the empty document can be specified with
+    <literal><link linkend="content-type-overwrite">content-type-overwrite{}</link></literal>,
+    but usually this isn't necessary.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage:</term>
+  <listitem>
+   <para>
+     <screen># Block all documents on example.org that end with ".js",
+# but send an empty document instead of the usual HTML message. 
+{+block{Blocked JavaScript} +handle-as-empty-document}
+example.org/.*\.js$
+     </screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="handle-as-image">
+<title>handle-as-image</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Mark URLs as belonging to images (so they'll be replaced by images <emphasis>if they do get blocked</emphasis>, rather than HTML pages)</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    This action alone doesn't do anything noticeable. It just marks URLs as images.
+    If the <literal><link linkend="block">block</link></literal> action <emphasis>also applies</emphasis>,
+    the presence or absence of this mark decides whether an HTML <quote>blocked</quote>
+    page, or a replacement image (as determined by the <literal><link
+    linkend="set-image-blocker">set-image-blocker</link></literal> action) will be sent to the
+    client as a substitute for the blocked content.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Boolean.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    N/A
+   </para>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    The below generic example section is actually part of <filename>default.action</filename>.
+    It marks all URLs with well-known image file name extensions as images and should
+    be left intact. 
+   </para>
+   <para>
+    Users will probably only want to use the handle-as-image action in conjunction with
+    <literal><link linkend="block">block</link></literal>, to block sources of banners, whose URLs don't
+    reflect the file type, like in the second example section.
+   </para>
+   <para>
+    Note that you cannot treat HTML pages as images in most cases. For instance, (in-line) ad
+    frames require an HTML page to be sent, or they won't display properly.
+    Forcing <literal>handle-as-image</literal> in this situation will not replace the
+    ad frame with an image, but lead to error messages.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage (sections):</term>
+  <listitem>
+   <para>
+     <screen># Generic image extensions:
+#
+{+handle-as-image}
+/.*\.(gif|jpg|jpeg|png|bmp|ico)$
+
+# These don't look like images, but they're banners and should be
+# blocked as images:
+#
+{+block{Nasty banners.} +handle-as-image}
+nasty-banner-server.example.com/junk.cgi\?output=trash
+</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="hide-accept-language">
+<title>hide-accept-language</title>
+<!--
+new action
+-->
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Pretend to use different language settings.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Deletes or replaces the <quote>Accept-Language:</quote> HTTP header in client requests.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    Keyword: <quote>block</quote>, or any user defined value.
+   </para>    
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    Faking the browser's language settings can be useful to make a
+    foreign User-Agent set with
+    <literal><link linkend="hide-user-agent">hide-user-agent</link></literal>
+    more believable.
+   </para>
+   <para>
+    However some sites with content in different languages check the
+    <quote>Accept-Language:</quote> to decide which one to take by default.
+    Sometimes it isn't possible to later switch to another language without
+    changing the <quote>Accept-Language:</quote> header first.
+   </para>
+   <para>
+    Therefore it's a good idea to either only change the
+    <quote>Accept-Language:</quote> header to languages you understand,
+    or to languages that aren't wide spread.
+   </para>
+   <para>
+    Before setting the <quote>Accept-Language:</quote> header
+    to a rare language, you should consider that it helps to
+    make your requests unique and thus easier to trace.
+    If you don't plan to change this header frequently,
+    you should stick to a common language. 
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage (section):</term>
+  <listitem>
+    <para>
+     <screen># Pretend to use Canadian language settings.
+{+hide-accept-language{en-ca} \
++hide-user-agent{Mozilla/5.0 (X11; U; OpenBSD i386; en-CA; rv:1.8.0.4) Gecko/20060628 Firefox/1.5.0.4} \
+}
+/   </screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="hide-content-disposition">
+<title>hide-content-disposition</title>
+<!--
+new action
+-->
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Prevent download menus for content you prefer to view inside the browser.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Deletes or replaces the <quote>Content-Disposition:</quote> HTTP header set by some servers.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    Keyword: <quote>block</quote>, or any user defined value.
+   </para>    
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    Some servers set the <quote>Content-Disposition:</quote> HTTP header for
+    documents they assume you want to save locally before viewing them.
+    The <quote>Content-Disposition:</quote> header contains the file name
+    the browser is supposed to use by default.
+   </para>
+   <para>
+    In most browsers that understand this header, it makes it impossible to
+    <emphasis>just view</emphasis> the document, without downloading it first,
+    even if it's just a simple text file or an image.
+   </para>
+   <para>
+    Removing the <quote>Content-Disposition:</quote> header helps
+    to prevent this annoyance, but some browsers additionally check the
+    <quote>Content-Type:</quote> header, before they decide if they can
+    display a document without saving it first. In these cases, you have
+    to change this header as well, before the browser stops displaying
+    download menus.
+   </para>
+   <para>
+    It is also possible to change the server's file name suggestion
+    to another one, but in most cases it isn't worth the time to set
+    it up.
+   </para>
+   <para>
+    This action will probably be removed in the future,
+    use server-header filters instead.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage:</term>
+  <listitem>
+    <para>
+     <screen># Disarm the download link in Sourceforge's patch tracker
+{ -filter \
+ +content-type-overwrite{text/plain}\
+ +hide-content-disposition{block} }
+ .sourceforge.net/tracker/download\.php</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="hide-if-modified-since">
+<title>hide-if-modified-since</title>
+<!--
+new action
+-->
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Prevent yet another way to track the user's steps between sessions.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Deletes the <quote>If-Modified-Since:</quote> HTTP client header or modifies its value. 
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    Keyword: <quote>block</quote>, or a user defined value that specifies a range of hours.
+   </para>    
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    Removing this header is useful for filter testing, where you want to force a real
+    reload instead of getting status code <quote>304</quote>, which would cause the
+    browser to use a cached copy of the page.
+   </para>
+   <para>
+    Instead of removing the header, <literal>hide-if-modified-since</literal> can
+    also add or subtract a random amount of time to/from the header's value.
+    You specify a range of minutes where the random factor should be chosen from and
+    <application>Privoxy</application> does the rest. A negative value means
+    subtracting, a positive value adding.
+   </para>
+   <para>
+    Randomizing the value of the <quote>If-Modified-Since:</quote> makes
+    it less likely that the server can use the time as a cookie replacement,
+    but you will run into caching problems if the random range is too high.
+   </para>
+   <para>
+    It is a good idea to only use a small negative value and let
+    <literal><link linkend="overwrite-last-modified">overwrite-last-modified</link></literal>
+    handle the greater changes.
+   </para>
+   <para>
+    It is also recommended to use this action together with
+    <literal><link linkend="crunch-if-none-match">crunch-if-none-match</link></literal>,
+    otherwise it's more or less pointless.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage (section):</term>
+  <listitem>
+    <para>
+     <screen># Let the browser revalidate but make tracking based on the time less likely.
+{+hide-if-modified-since{-60} \
+ +overwrite-last-modified{randomize} \
+ +crunch-if-none-match}
+/</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="hide-from-header">
+<title>hide-from-header</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Keep your (old and ill) browser from telling web servers your email address</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Deletes any existing <quote>From:</quote> HTTP header, or replaces it with the
+    specified string.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    Keyword: <quote>block</quote>, or any user defined value.
+   </para>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    The keyword <quote>block</quote> will completely remove the header 
+    (not to be confused with the <literal><link linkend="block">block</link></literal>
+    action).
+   </para>
+   <para>
+    Alternately, you can specify any value you prefer to be sent to the web
+    server. If you do, it is a matter of fairness not to use any address that
+    is actually used by a real person.
+   </para>
+   <para>
+    This action is rarely needed, as modern web browsers don't send
+    <quote>From:</quote> headers anymore.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage:</term>
+  <listitem>
+   <para>
+    <screen>+hide-from-header{block}</screen> or
+    <screen>+hide-from-header{spam-me-senseless at sittingduck.example.com}</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="hide-referrer">
+<title>hide-referrer</title>
+<anchor id="hide-referer">
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Conceal which link you followed to get to a particular site</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Deletes the <quote>Referer:</quote> (sic) HTTP header from the client request,
+    or replaces it with a forged one.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <itemizedlist>
+    <listitem>
+     <para><quote>conditional-block</quote> to delete the header completely if the host has changed.</para>
+    </listitem>
+    <listitem>
+     <para><quote>conditional-forge</quote> to forge the header if the host has changed.</para>
+    </listitem>
+    <listitem>
+     <para><quote>block</quote> to delete the header unconditionally.</para>
+    </listitem>
+    <listitem>
+     <para><quote>forge</quote> to pretend to be coming from the homepage of the server we are talking to.</para>
+    </listitem>
+    <listitem>
+     <para>Any other string to set a user defined referrer.</para>
+    </listitem>
+   </itemizedlist>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    <literal>conditional-block</literal> is the only parameter,
+    that isn't easily detected in the server's log file. If it blocks the
+    referrer, the request will look like the visitor used a bookmark or
+    typed in the address directly.
+   </para>
+   <para>
+    Leaving the referrer unmodified for requests on the same host
+    allows the server owner to see the visitor's <quote>click path</quote>,
+    but in most cases she could also get that information by comparing
+    other parts of the log file: for example the User-Agent if it isn't
+    a very common one, or the user's IP address if it doesn't change between
+    different requests.
+   </para>
+   <para>
+    Always blocking the referrer, or using a custom one, can lead to
+    failures on servers that check the referrer before they answer any
+    requests, in an attempt to prevent their content from being
+    embedded or linked to elsewhere.
+   </para>
+   <para>
+    Both <literal>conditional-block</literal> and <literal>forge</literal>
+    will work with referrer checks, as long as content and valid referring page
+    are on the same host. Most of the time that's the case.
+   </para>
+   <para>  
+    <literal>hide-referer</literal> is an alternate spelling of
+    <literal>hide-referrer</literal> and the two can be can be freely
+    substituted with each other. (<quote>referrer</quote> is the
+    correct English spelling, however the HTTP specification has a bug - it
+    requires it to be spelled as <quote>referer</quote>.) 
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage:</term>
+  <listitem>
+   <para>
+     <screen>+hide-referrer{forge}</screen> or
+     <screen>+hide-referrer{http://www.yahoo.com/}</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="hide-user-agent">
+<title>hide-user-agent</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Try to conceal your type of browser and client operating system</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Replaces the value of the <quote>User-Agent:</quote> HTTP header
+    in client requests with the specified value.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    Any user-defined string.
+   </para>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <warning> 
+    <para>
+     This can lead to problems on web sites that depend on looking at this header in
+     order to customize their content for different browsers (which, by the
+     way, is <emphasis>NOT</emphasis> the right thing to do: good web sites
+     work browser-independently). 
+    </para>
+   </warning>
+   <para>
+    Using this action in multi-user setups or wherever different types of
+    browsers will access the same <application>Privoxy</application> is
+    <emphasis>not recommended</emphasis>. In single-user, single-browser
+    setups, you might use it to delete your OS version information from
+    the headers, because it is an invitation to exploit known bugs for your
+    OS. It is also occasionally useful to forge this in order to access 
+    sites that won't let you in otherwise (though there may be a good 
+    reason in some cases). Example of this: some MSN sites will not 
+    let <application>Mozilla</application> enter, yet forging to a 
+    <application>Netscape 6.1</application> user-agent works just fine.
+    (Must be just a silly MS goof, I'm sure :-).
+   </para>
+   <para>
+     More information on known user-agent strings can be found at 
+     <ulink url="http://www.user-agents.org/">http://www.user-agents.org/</ulink>
+     and 
+     <ulink url="http://en.wikipedia.org/wiki/User_agent">http://en.wikipedia.org/wiki/User_agent</ulink>.
+   </para>
+   </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage:</term>
+  <listitem>
+   <para>
+     <screen>+hide-user-agent{Netscape 6.1 (X11; I; Linux 2.4.18 i686)}</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="limit-connect">
+<title>limit-connect</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Prevent abuse of <application>Privoxy</application> as a TCP proxy relay or disable SSL for untrusted sites</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Specifies to which ports HTTP CONNECT requests are allowable.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    A comma-separated list of ports or port ranges (the latter using dashes, with the minimum
+    defaulting to 0 and the maximum to 65K).
+   </para>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    By default, i.e. if no <literal>limit-connect</literal> action applies,
+    <application>Privoxy</application> allows HTTP CONNECT requests to all
+    ports. Use <literal>limit-connect</literal> if fine-grained control
+    is desired for some or all destinations.
+   </para>
+   <para>
+    The CONNECT methods exists in HTTP to allow access to secure websites
+    (<quote>https://</quote> URLs) through proxies. It works very simply:
+    the proxy connects to the server on the specified port, and then
+    short-circuits its connections to the client and to the remote server.
+    This means CONNECT-enabled proxies can be used as TCP relays very easily.
+  </para>
+  <para>
+   <application>Privoxy</application> relays HTTPS traffic without seeing
+   the decoded content. Websites can leverage this limitation to circumvent &my-app;'s
+   filters. By specifying an invalid port range you can disable HTTPS entirely.
+  </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usages:</term>
+  <listitem>
+   <!-- I had trouble getting the spacing to look right in my browser -->
+   <!-- I probably have the wrong font setup, bollocks. -->
+   <!-- Apparently the emphasis tag uses a proportional font no matter what -->
+    <para>
+     <screen>+limit-connect{443}                   # Port 443 is OK.
++limit-connect{80,443}                # Ports 80 and 443 are OK.
++limit-connect{-3, 7, 20-100, 500-}   # Ports less than 3, 7, 20 to 100 and above 500 are OK.
++limit-connect{-}                     # All ports are OK
++limit-connect{,}                     # No HTTPS/SSL traffic is allowed</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="prevent-compression">
+<title>prevent-compression</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>
+    Ensure that servers send the content uncompressed, so it can be
+    passed through <literal><link linkend="filter">filter</link></literal>s.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Removes the Accept-Encoding header which can be used to ask for compressed transfer.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Boolean.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    N/A
+   </para>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    More and more websites send their content compressed by default, which
+    is generally a good idea and saves bandwidth. But the <literal><link
+    linkend="filter">filter</link></literal> and
+    <literal><link linkend="deanimate-gifs">deanimate-gifs</link></literal>
+    actions need access to the uncompressed data.
+   </para>
+   <para>
+    When compiled with zlib support (available since &my-app; 3.0.7), content that should be
+    filtered is decompressed on-the-fly and you don't have to worry about this action.
+    If you are using an older &my-app; version, or one that hasn't been compiled with zlib
+    support, this action can be used to convince the server to send the content uncompressed.
+   </para>
+   <para>
+    Most text-based instances compress very well, the size is seldom decreased by less than 50%,
+    for markup-heavy instances like news feeds saving more than 90% of the original size isn't
+    unusual. 
+   </para>
+   <para>
+    Not using compression will therefore slow down the transfer, and you should only
+    enable this action if you really need it. As of &my-app; 3.0.7 it's disabled in all
+    predefined action settings.
+   </para>
+   <para>
+    Note that some (rare) ill-configured sites don't handle requests for uncompressed
+    documents correctly. Broken PHP applications tend to send an empty document body,
+    some IIS versions only send the beginning of the content. If you enable
+    <literal>prevent-compression</literal> per default, you might want to add
+    exceptions for those sites. See the example for how to do that.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage (sections):</term>
+  <listitem>
+   <para>
+    <screen>
+# Selectively turn off compression, and enable a filter
+#
+{ +filter{tiny-textforms} +prevent-compression }
+# Match only these sites
+ .google.
+ sourceforge.net
+ sf.net
+
+# Or instead, we could set a universal default:
+#
+{ +prevent-compression }
+ / # Match all sites
+
+# Then maybe make exceptions for broken sites:
+#
+{ -prevent-compression }
+.compusa.com/</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="overwrite-last-modified">
+<title>overwrite-last-modified</title>
+<!--
+new action
+-->
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Prevent yet another way to track the user's steps between sessions.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Deletes the <quote>Last-Modified:</quote> HTTP server header or modifies its value. 
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    One of the keywords: <quote>block</quote>, <quote>reset-to-request-time</quote>
+    and <quote>randomize</quote>
+   </para>    
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    Removing the <quote>Last-Modified:</quote> header is useful for filter
+    testing, where you want to force a real reload instead of getting status
+    code <quote>304</quote>, which would cause the browser to reuse the old
+    version of the page.
+   </para>
+   <para>
+    The <quote>randomize</quote> option overwrites the value of the
+    <quote>Last-Modified:</quote> header with a randomly chosen time
+    between the original value and the current time. In theory the server
+    could send each document with a different <quote>Last-Modified:</quote>
+    header to track visits without using cookies. <quote>Randomize</quote>
+    makes it impossible and the browser can still revalidate cached documents. 
+   </para>
+   <para>
+    <quote>reset-to-request-time</quote> overwrites the value of the
+    <quote>Last-Modified:</quote> header with the current time. You could use
+    this option together with
+    <literal><link linkend="hide-if-modified-since">hide-if-modified-since</link></literal>
+    to further customize your random range.
+   </para>
+   <para>
+    The preferred parameter here is <quote>randomize</quote>. It is safe
+    to use, as long as the time settings are more or less correct.
+    If the server sets the <quote>Last-Modified:</quote> header to the time
+    of the request, the random range becomes zero and the value stays the same.
+    Therefore you should later randomize it a second time with
+    <literal><link linkend="hide-if-modified-since">hided-if-modified-since</link></literal>,
+    just to be sure. 
+   </para>
+   <para>
+    It is also recommended to use this action together with
+    <literal><link linkend="crunch-if-none-match">crunch-if-none-match</link></literal>.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage:</term>
+  <listitem>
+    <para>
+     <screen># Let the browser revalidate without being tracked across sessions
+{ +hide-if-modified-since{-60} \
+ +overwrite-last-modified{randomize} \
+ +crunch-if-none-match}
+/</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="redirect">
+<title>redirect</title>
+<!--
+new action
+-->
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>
+    Redirect requests to other sites.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Convinces the browser that the requested document has been moved
+    to another location and the browser should get it from there.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    An absolute URL or a single pcrs command.
+   </para>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    Requests to which this action applies are answered with a
+    HTTP redirect to URLs of your choosing. The new URL is
+    either provided as parameter, or derived by applying a
+    single pcrs command to the original URL.
+   </para>
+   <para>
+    This action will be ignored if you use it together with
+    <literal><link linkend="block">block</link></literal>.
+    It can be combined with
+    <literal><link linkend="fast-redirects">fast-redirects{check-decoded-url}</link></literal>
+    to redirect to a decoded version of a rewritten URL.
+   </para>
+   <para>
+    Use this action carefully, make sure not to create redirection loops
+    and be aware that using your own redirects might make it
+    possible to fingerprint your requests.
+   </para>
+   <para>
+    In case of problems with your redirects, or simply to watch
+    them working, enable <link linkend="DEBUG">debug 128</link>.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usages:</term>
+  <listitem>
+   <para>
+    <screen># Replace example.com's style sheet with another one
+{ +redirect{http://localhost/css-replacements/example.com.css} }
+ example.com/stylesheet\.css
+
+# Create a short, easy to remember nickname for a favorite site
+# (relies on the browser accept and forward invalid URLs to &my-app;)
+{ +redirect{http://www.privoxy.org/user-manual/actions-file.html} }
+ a
+
+# Always use the expanded view for Undeadly.org articles
+# (Note the $ at the end of the URL pattern to make sure
+# the request for the rewritten URL isn't redirected as well)
+{+redirect{s@$@&mode=expanded@}}
+undeadly.org/cgi\?action=article&sid=\d*$
+
+# Redirect Google search requests to MSN
+{+redirect{s@^http://[^/]*/search\?q=([^&]*).*@http://search.msn.com/results.aspx?q=$1@}}
+.google.com/search
+
+# Redirect MSN search requests to Yahoo
+{+redirect{s@^http://[^/]*/results\.aspx\?q=([^&]*).*@http://search.yahoo.com/search?p=$1@}}
+search.msn.com//results\.aspx\?q=
+
+# Redirect remote requests for this manual
+# to the local version delivered by Privoxy
+{+redirect{s@^http://www@http://config@}}
+www.privoxy.org/user-manual/</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="server-header-filter">
+<title>server-header-filter</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>
+   Rewrite or remove single server headers.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    All server headers to which this action applies are filtered on-the-fly
+    through the specified regular expression based substitutions.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- boolean, parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    The name of a server-header filter, as defined in one of the
+    <link linkend="filter-file">filter files</link>.
+   </para>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    Server-header filters are applied to each header on its own, not to
+    all at once. This makes it easier to diagnose problems, but on the downside
+    you can't write filters that only change header x if header y's value is z.
+    You can do that by using tags though.
+   </para>
+   <para>
+    Server-header filters are executed after the other header actions have finished
+    and use their output as input.
+   </para>
+   <para>
+    Please refer to the <link linkend="filter-file">filter file chapter</link>
+    to learn which server-header filters are available by default, and how to
+    create your own.
+   </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage (section):</term>
+  <listitem>
+    <para>
+     <screen>
+{+server-header-filter{html-to-xml}}
+example.org/xml-instance-that-is-delivered-as-html
+
+{+server-header-filter{xml-to-html}}
+example.org/instance-that-is-delivered-as-xml-but-is-not
+    </screen>
+    </para>
+  </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="server-header-tagger">
+<title>server-header-tagger</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>
+   Enable or disable filters based on the Content-Type header.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Server headers to which this action applies are filtered on-the-fly through
+    the specified regular expression based substitutions, the result is used as
+    tag.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- boolean, parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    The name of a server-header tagger, as defined in one of the
+    <link linkend="filter-file">filter files</link>.
+   </para>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    Server-header taggers are applied to each header on its own,
+    and as the header isn't modified, each tagger <quote>sees</quote>
+    the original.
+   </para>
+   <para>
+    Server-header taggers are executed before all other header actions
+    that modify server headers. Their tags can be used to control
+    all of the other server-header actions, the content filters
+    and the crunch actions (<link linkend="redirect">redirect</link>
+    and <link linkend="block">block</link>).
+   </para>
+   <para>
+    Obviously crunching based on tags created by server-header taggers
+    doesn't prevent the request from showing up in the server's log file.
+   </para>
+
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage (section):</term>
+  <listitem>
+    <para>
+     <screen>
+# Tag every request with the content type declared by the server
+{+server-header-tagger{content-type}}
+/
+    </screen>
+    </para>
+  </listitem>
+ </varlistentry>
+
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="session-cookies-only">
+<title>session-cookies-only</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>
+    Allow only temporary <quote>session</quote> cookies (for the current
+    browser session <emphasis>only</emphasis>). 
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+    Deletes the <quote>expires</quote> field from <quote>Set-Cookie:</quote>
+    server headers. Most browsers will not store such cookies permanently and
+    forget them in between sessions.
+   </para>
+  </listitem>
+ </varlistentry>
+
+<varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Boolean.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <para>
+    N/A
+   </para>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    This is less strict than <literal><link linkend="crunch-incoming-cookies">crunch-incoming-cookies</link></literal> / 
+    <literal><link linkend="crunch-outgoing-cookies">crunch-outgoing-cookies</link></literal> and allows you to browse
+    websites that insist or rely on setting cookies, without compromising your privacy too badly.
+   </para>
+   <para>
+    Most browsers will not permanently store cookies that have been processed by
+    <literal>session-cookies-only</literal> and will forget about them between sessions.
+    This makes profiling cookies useless, but won't break sites which require cookies so
+    that you can log in for transactions. This is generally turned on for all 
+    sites, and is the recommended setting.
+   </para>
+   <para>
+    It makes <emphasis>no sense at all</emphasis> to use <literal>session-cookies-only</literal>
+    together with <literal><link linkend="crunch-incoming-cookies">crunch-incoming-cookies</link></literal> or
+    <literal><link linkend="crunch-outgoing-cookies">crunch-outgoing-cookies</link></literal>. If you do, cookies
+    will be plainly killed.
+   </para>
+   <para>
+    Note that it is up to the browser how it handles such cookies without an <quote>expires</quote>
+    field. If you use an exotic browser, you might want to try it out to be sure.
+   </para>
+   <para>
+    This setting also has no effect on cookies that may have been stored
+    previously by the browser before starting <application>Privoxy</application>.
+    These would have to be removed manually.
+   </para>
+   <para>
+     <application>Privoxy</application> also uses  
+     the <link linkend="filter-content-cookies">content-cookies filter</link> 
+     to block some types of cookies. Content cookies are not effected by 
+     <literal>session-cookies-only</literal>.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage:</term>
+  <listitem>
+   <para>
+     <screen>+session-cookies-only</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3 renderas="sect4" id="set-image-blocker">
+<title>set-image-blocker</title>
+
+<variablelist>
+ <varlistentry>
+  <term>Typical use:</term>
+  <listitem>
+   <para>Choose the replacement for blocked images</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Effect:</term>
+  <listitem>
+   <para>
+     This action alone doesn't do anything noticeable. If <emphasis>both</emphasis>
+     <literal><link linkend="block">block</link></literal> <emphasis>and</emphasis> <literal><link
+     linkend="handle-as-image">handle-as-image</link></literal> <emphasis>also</emphasis>
+     apply, i.e. if the request is to be blocked as an image,
+     <emphasis>then</emphasis> the parameter of this action decides what will be
+     sent as a replacement.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Type:</term>
+  <!-- Boolean, Parameterized, Multi-value -->
+  <listitem>
+   <para>Parameterized.</para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Parameter:</term>
+  <listitem>
+   <itemizedlist>
+    <listitem>
+     <para>
+      <quote>pattern</quote> to send a built-in checkerboard pattern image. The image is visually
+      decent, scales very well, and makes it obvious where banners were busted.
+     </para>
+    </listitem>
+    <listitem>
+     <para>
+      <quote>blank</quote> to send a built-in transparent image. This makes banners disappear
+      completely, but makes it hard to detect where <application>Privoxy</application> has blocked
+      images on a given page and complicates troubleshooting if <application>Privoxy</application>
+      has blocked innocent images, like navigation icons.
+     </para>
+    </listitem>
+    <listitem>
+     <para>
+      <quote><replaceable class="parameter">target-url</replaceable></quote> to
+      send a redirect to <replaceable class="parameter">target-url</replaceable>. You can redirect
+      to any image anywhere, even in your local filesystem via <quote>file:///</quote> URL. 
+      (But note that not all browsers support redirecting to a local file system).
+     </para>
+     <para>
+      A good application of redirects is to use special <application>Privoxy</application>-built-in
+      URLs, which send the built-in images, as <replaceable class="parameter">target-url</replaceable>.
+      This has the same visual effect as specifying <quote>blank</quote> or <quote>pattern</quote> in
+      the first place, but enables your browser to cache the replacement image, instead of requesting
+      it over and over again.
+     </para>
+    </listitem>
+   </itemizedlist>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Notes:</term>
+  <listitem>
+   <para>
+    The URLs for the built-in images are <quote>http://config.privoxy.org/send-banner?type=<replaceable
+    class="parameter">type</replaceable></quote>, where <replaceable class="parameter">type</replaceable> is
+    either <quote>blank</quote> or <quote>pattern</quote>.
+   </para>
+   <para>
+    There is a third (advanced) type, called <quote>auto</quote>. It is <emphasis>NOT</emphasis> to be
+    used in <literal>set-image-blocker</literal>, but meant for use from <link linkend="filter-file">filters</link>.
+    Auto will select the type of image that would have applied to the referring page, had it been an image.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term>Example usage:</term>
+  <listitem>
+   <para>
+    Built-in pattern:
+   </para>
+   <para>
+    <screen>+set-image-blocker{pattern}</screen>
+   </para>
+   <para>
+    Redirect to the BSD daemon:
+   </para>
+   <para>
+    <screen>+set-image-blocker{http://www.freebsd.org/gifs/dae_up3.gif}</screen>
+   </para>
+   <para>
+    Redirect to the built-in pattern for better caching:
+   </para>
+   <para>
+    <screen>+set-image-blocker{http://config.privoxy.org/send-banner?type=pattern}</screen>
+   </para>
+  </listitem>
+ </varlistentry>
+</variablelist>
+</sect3>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect3>
+<title>Summary</title>
+<para>
+ Note that many of these actions have the potential to cause a page to
+ misbehave, possibly even not to display at all. There are many ways 
+ a site designer may choose to design his site, and what HTTP header 
+ content, and other criteria, he may depend on. There is no way to have hard
+ and fast rules for all sites. See the <link
+ linkend="ACTIONSANAT">Appendix</link> for a brief example on troubleshooting
+ actions.
+</para>
+</sect3>
+</sect2>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2 id="aliases">
+<title>Aliases</title>
+<para>
+ Custom <quote>actions</quote>, known to <application>Privoxy</application>
+ as <quote>aliases</quote>, can be defined by combining other actions.
+ These can in turn be invoked just like the built-in actions.
+ Currently, an alias name can contain any character except space, tab,
+ <quote>=</quote>,
+ <quote>{</quote> and <quote>}</quote>, but we <emphasis>strongly 
+ recommend</emphasis> that you only use <quote>a</quote> to <quote>z</quote>,
+ <quote>0</quote> to <quote>9</quote>, <quote>+</quote>, and <quote>-</quote>.
+ Alias names are not case sensitive, and are not required to start with a
+ <quote>+</quote> or <quote>-</quote> sign, since they are merely textually
+ expanded.
+</para>
+<para>
+ Aliases can be used throughout the actions file, but they <emphasis>must be
+ defined in a special section at the top of the file!</emphasis>
+ And there can only be one such section per actions file. Each actions file may
+ have its own alias section, and the aliases defined in it are only visible
+ within that file.
+</para>
+<para>
+ There are two main reasons to use aliases: One is to save typing for frequently
+ used combinations of actions, the other one is a gain in flexibility: If you
+ decide once how you want to handle shops by defining an alias called
+ <quote>shop</quote>, you can later change your policy on shops in
+ <emphasis>one</emphasis> place, and your changes will take effect everywhere
+ in the actions file where the <quote>shop</quote> alias is used. Calling aliases
+ by their purpose also makes your actions files more readable.
+</para>
+<para>
+ Currently, there is one big drawback to using aliases, though:
+ <application>Privoxy</application>'s built-in web-based action file
+ editor honors aliases when reading the actions files, but it expands
+ them before writing. So the effects of your aliases are of course preserved,
+ but the aliases themselves are lost when you edit sections that use aliases
+ with it.
+</para>
+
+<para>
+ Now let's define some aliases...
+</para>
+
+<para>
+ <screen>
+ # Useful custom aliases we can use later.
+ #
+ # Note the (required!) section header line and that this section
+ # must be at the top of the actions file!
+ #
+ {{alias}}
+
+ # These aliases just save typing later:
+ # (Note that some already use other aliases!)
+ #
+ +crunch-all-cookies = +<link linkend="CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</link> +<link linkend="CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</link>
+ -crunch-all-cookies = -<link linkend="CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</link> -<link linkend="CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</link>
+ +block-as-image      = +block{Blocked image.} +handle-as-image
+ allow-all-cookies   = -crunch-all-cookies -<link linkend="SESSION-COOKIES-ONLY">session-cookies-only</link> -<link linkend="FILTER-CONTENT-COOKIES">filter{content-cookies}</link>
+
+ # These aliases define combinations of actions
+ # that are useful for certain types of sites:
+ #
+ fragile     = -<link linkend="BLOCK">block</link> -<link linkend="FILTER">filter</link> -crunch-all-cookies -<link linkend="FAST-REDIRECTS">fast-redirects</link> -<link linkend="HIDE-REFERER">hide-referrer</link> -<link linkend="PREVENT-COMPRESSION">prevent-compression</link>
+
+ shop        = -crunch-all-cookies -<link linkend="FILTER-ALL-POPUPS">filter{all-popups}</link>
+
+ # Short names for other aliases, for really lazy people ;-)
+ #
+ c0 = +crunch-all-cookies
+ c1 = -crunch-all-cookies</screen>
+</para>
+
+<para>
+ ...and put them to use. These sections would appear in the lower part of an 
+ actions file and define exceptions to the default actions (as specified further
+ up for the <quote>/</quote> pattern):
+</para>
+
+<para>
+ <screen>
+ # These sites are either very complex or very keen on
+ # user data and require minimal interference to work:
+ #
+ {fragile}
+ .office.microsoft.com
+ .windowsupdate.microsoft.com
+ # Gmail is really mail.google.com, not gmail.com
+ mail.google.com
+
+ # Shopping sites:
+ # Allow cookies (for setting and retrieving your customer data)
+ #           
+ {shop}
+ .quietpc.com
+ .worldpay.com   # for quietpc.com
+ mybank.example.com
+
+ # These shops require pop-ups:
+ #
+ {-filter{all-popups} -filter{unsolicited-popups}}
+  .dabs.com
+  .overclockers.co.uk</screen>
+</para>
+
+<para>
+ Aliases like <quote>shop</quote> and <quote>fragile</quote> are typically used for 
+ <quote>problem</quote> sites that require more than one action to be disabled 
+ in order to function properly.
+</para>
+</sect2>
+<!--
+hal stop here
+-->
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2 id="act-examples">
+<title>Actions Files Tutorial</title>
+<para>
+ The above chapters have shown <link linkend="actions-file">which actions files
+ there are and how they are organized</link>, how actions are <link
+ linkend="actions">specified</link> and <link linkend="actions-apply">applied
+ to URLs</link>, how <link linkend="af-patterns">patterns</link> work, and how to
+ define and use <link linkend="aliases">aliases</link>. Now, let's look at an
+ example <filename>match-all.action</filename>, <filename>default.action</filename>
+ and <filename>user.action</filename> file and see how all these pieces come together:
+</para>
+
+<sect3>
+<title>match-all.action</title>
+<para>
+ Remember <emphasis>all actions are disabled when matching starts</emphasis>,
+ so we have to explicitly enable the ones we want.
+</para>
+
+<para>
+ While the <filename>match-all.action</filename> file only contains a
+ single section, it is probably the most important one. It has only one
+ pattern, <quote><literal>/</literal></quote>, but this pattern
+ <link linkend="af-patterns">matches all URLs</link>. Therefore, the set of
+ actions used in this <quote>default</quote> section <emphasis>will
+ be applied to all requests as a start</emphasis>. It can  be partly or
+ wholly overridden by other actions files like <filename>default.action</filename>
+ and <filename>user.action</filename>, but it will still be largely responsible
+ for your overall browsing experience.
+</para>
+
+<para>
+ Again, at the start of matching, all actions are disabled, so there is
+ no need to disable any actions here. (Remember: a <quote>+</quote>
+ preceding the action name enables the action, a <quote>-</quote> disables!).
+ Also note how this long line has been made more readable by splitting it into
+ multiple lines with line continuation.
+</para> 
+
+<para>
+ <screen>
+{ \
+ +<link linkend="CHANGE-X-FORWARDED-FOR">change-x-forwarded-for{block}</link> \
+ +<link linkend="HIDE-FROM-HEADER">hide-from-header{block}</link> \
+ +<link linkend="SET-IMAGE-BLOCKER">set-image-blocker{pattern}</link> \
+}
+/ # Match all URLs
+ </screen>
+</para>
+
+<para>
+ The default behavior is now set.
+</para>
+</sect3>
+
+<sect3>
+<title>default.action</title>
+
+<para>
+ If you aren't a developer, there's no need for you to edit the
+ <filename>default.action</filename> file. It is maintained by
+ the &my-app; developers and if you disagree with some of the
+ sections, you should overrule them in your <filename>user.action</filename>.
+</para>
+
+<para>
+ Understanding the <filename>default.action</filename> file can
+ help you with your <filename>user.action</filename>, though.
+</para>
+
+<para>
+ The first section in this file is a special section for internal use
+ that prevents older &my-app; versions from reading the file:
+</para>
+
+<para>
+ <screen>
+##########################################################################
+# Settings -- Don't change! For internal Privoxy use ONLY.
+##########################################################################
+{{settings}}
+for-privoxy-version=3.0.11</screen>
+</para>
+
+<para>
+ After that comes the (optional) alias section. We'll use the example
+ section from the above <link linkend="aliases">chapter on aliases</link>,
+ that also explains why and how aliases are used:
+</para>
+
+<para>
+ <screen>
+##########################################################################
+# Aliases
+##########################################################################
+{{alias}}
+
+ # These aliases just save typing later:
+ # (Note that some already use other aliases!)
+ #
+ +crunch-all-cookies = +<link linkend="CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</link> +<link linkend="CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</link>
+ -crunch-all-cookies = -<link linkend="CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</link> -<link linkend="CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</link>
+ +block-as-image      = +block{Blocked image.} +handle-as-image
+ mercy-for-cookies   = -crunch-all-cookies -<link linkend="SESSION-COOKIES-ONLY">session-cookies-only</link> -<link linkend="FILTER-CONTENT-COOKIES">filter{content-cookies}</link>
+
+ # These aliases define combinations of actions
+ # that are useful for certain types of sites:
+ #
+ fragile     = -<link linkend="BLOCK">block</link> -<link linkend="FILTER">filter</link> -crunch-all-cookies -<link linkend="FAST-REDIRECTS">fast-redirects</link> -<link linkend="HIDE-REFERER">hide-referrer</link>
+ shop        = -crunch-all-cookies -<link linkend="FILTER-ALL-POPUPS">filter{all-popups}</link></screen>
+</para>
+
+<para>
+ The first of our specialized sections is concerned with <quote>fragile</quote>
+ sites, i.e. sites that require minimum interference, because they are either
+ very complex or very keen on tracking you (and have mechanisms in place that
+ make them unusable for people who avoid being tracked). We will simply use
+ our pre-defined <literal>fragile</literal> alias instead of stating the list
+ of actions explicitly:
+</para>
+
+<para>
+ <screen>
+##########################################################################
+# Exceptions for sites that'll break under the default action set:
+##########################################################################
+
+# "Fragile" Use a minimum set of actions for these sites (see alias above):
+#
+{ fragile }
+.office.microsoft.com           # surprise, surprise!
+.windowsupdate.microsoft.com
+mail.google.com</screen>
+</para>
+
+<para>
+ Shopping sites are not as fragile, but they typically
+ require cookies to log in, and pop-up windows for shopping
+ carts or item details. Again, we'll use a pre-defined alias:
+</para>
+ 
+<para>
+ <screen>
+# Shopping sites:
+#
+{ shop }
+.quietpc.com 
+.worldpay.com   # for quietpc.com
+.jungle.com
+.scan.co.uk</screen>
+</para>
+
+<para>
+ The <literal><link linkend="FAST-REDIRECTS">fast-redirects</link></literal>
+ action, which may have been enabled in <filename>match-all.action</filename>,
+ breaks some sites. So disable it for popular sites where we know it misbehaves:
+</para>
+
+<para>
+ <screen>
+{ -<link linkend="FAST-REDIRECTS">fast-redirects</link> }
+login.yahoo.com
+edit.*.yahoo.com
+.google.com
+.altavista.com/.*(like|url|link):http
+.altavista.com/trans.*urltext=http
+.nytimes.com</screen>
+</para>
+
+<para>
+ It is important that <application>Privoxy</application> knows which
+ URLs belong to images, so that <emphasis>if</emphasis> they are to
+ be blocked, a substitute image can be sent, rather than an HTML page.
+ Contacting the remote site to find out is not an option, since it
+ would destroy the loading time advantage of banner blocking, and it
+ would feed the advertisers information about you. We can mark any
+ URL as an image with the <literal><link
+ linkend="handle-as-image">handle-as-image</link></literal> action,
+ and marking all URLs that end in a known image file extension is a
+ good start:
+</para>
+
+<para>
+ <screen>
+##########################################################################
+# Images:
+##########################################################################
+
+# Define which file types will be treated as images, in case they get
+# blocked further down this file:
+#
+{ +<link linkend="HANDLE-AS-IMAGE">handle-as-image</link> }
+/.*\.(gif|jpe?g|png|bmp|ico)$</screen>
+</para>
+
+<para>
+ And then there are known banner sources. They often use scripts to
+ generate the banners, so it won't be visible from the URL that the
+ request is for an image. Hence we block them <emphasis>and</emphasis>
+ mark them as images in one go, with the help of our
+ <literal>+block-as-image</literal> alias defined above. (We could of
+ course just as well use <literal>+<link linkend="block">block</link>
+ +<link linkend="handle-as-image">handle-as-image</link></literal> here.)
+ Remember that the type of the replacement image is chosen by the
+ <literal><link linkend="set-image-blocker">set-image-blocker</link></literal>
+ action. Since all URLs have matched the default section with its
+ <literal>+<link linkend="set-image-blocker">set-image-blocker</link>{pattern}</literal>
+ action before, it still applies and needn't be repeated:
+</para>
+
+<para>
+ <screen>
+# Known ad generators:
+#
+{ +block-as-image }
+ar.atwola.com 
+.ad.doubleclick.net
+.ad.*.doubleclick.net
+.a.yimg.com/(?:(?!/i/).)*$
+.a[0-9].yimg.com/(?:(?!/i/).)*$
+bs*.gsanet.com
+.qkimg.net</screen>
+</para>
+
+<para>
+ One of the most important jobs of <application>Privoxy</application>
+ is to block banners. Many of these can be <quote>blocked</quote>
+ by the <literal><link linkend="filter">filter</link>{banners-by-size}</literal>
+ action, which we enabled above, and which deletes the references to banner
+ images from the pages while they are loaded, so the browser doesn't request
+ them anymore, and hence they don't need to be blocked here. But this naturally
+ doesn't catch all banners, and some people choose not to use filters, so we
+ need a comprehensive list of patterns for banner URLs here, and apply the
+ <literal><link linkend="block">block</link></literal> action to them.
+</para>
+<para>
+ First comes many generic patterns, which do most of the work, by
+ matching typical domain and path name components of banners. Then comes
+ a list of individual patterns for specific sites, which is omitted here
+ to keep the example short:
+</para>
+
+<para>
+ <screen>
+##########################################################################
+# Block these fine banners:
+##########################################################################
+{ <link linkend="BLOCK">+block{Banner ads.}</link> }
+
+# Generic patterns:
+# 
+ad*.
+.*ads.
+banner?.
+count*.
+/.*count(er)?\.(pl|cgi|exe|dll|asp|php[34]?)
+/(?:.*/)?(publicite|werbung|rekla(ma|me|am)|annonse|maino(kset|nta|s)?)/
+
+# Site-specific patterns (abbreviated):
+#
+.hitbox.com</screen>
+</para>
+
+<para>
+ It's quite remarkable how many advertisers actually call their banner
+ servers ads.<replaceable>company</replaceable>.com, or call the directory
+ in which the banners are stored simply <quote>banners</quote>. So the above
+ generic patterns are surprisingly effective.
+</para>
+<para>
+ But being very generic, they necessarily also catch URLs that we don't want
+ to block. The pattern <literal>.*ads.</literal> e.g. catches 
+ <quote>nasty-<emphasis>ads</emphasis>.nasty-corp.com</quote> as intended,
+ but also <quote>downlo<emphasis>ads</emphasis>.sourcefroge.net</quote> or
+ <quote><emphasis>ads</emphasis>l.some-provider.net.</quote> So here come some
+ well-known exceptions to the <literal>+<link linkend="BLOCK">block</link></literal>
+ section above.
+</para>
+<para>
+ Note that these are exceptions to exceptions from the default! Consider the URL
+ <quote>downloads.sourcefroge.net</quote>: Initially, all actions are deactivated,
+ so it wouldn't get blocked. Then comes the defaults section, which matches the
+ URL, but just deactivates the <literal><link linkend="BLOCK">block</link></literal>
+ action once again. Then it matches <literal>.*ads.</literal>, an exception to the
+ general non-blocking policy, and suddenly
+ <literal><link linkend="BLOCK">+block</link></literal> applies. And now, it'll match
+ <literal>.*loads.</literal>, where <literal><link linkend="BLOCK">-block</link></literal>
+ applies, so (unless it matches <emphasis>again</emphasis> further down) it ends up
+ with no <literal><link linkend="BLOCK">block</link></literal> action applying.
+</para>
+
+<para>
+ <screen>
+##########################################################################
+# Save some innocent victims of the above generic block patterns:
+##########################################################################
+
+# By domain:
+# 
+{ -<link linkend="BLOCK">block</link> }
+adv[io]*.  # (for advogato.org and advice.*)
+adsl.      # (has nothing to do with ads)
+adobe.     # (has nothing to do with ads either)
+ad[ud]*.   # (adult.* and add.*)
+.edu       # (universities don't host banners (yet!))
+.*loads.   # (downloads, uploads etc)
+
+# By path:
+#
+/.*loads/
+
+# Site-specific:
+#
+www.globalintersec.com/adv # (adv = advanced)
+www.ugu.com/sui/ugu/adv</screen>
+</para>
+
+<para>
+ Filtering source code can have nasty side effects,
+ so make an exception for our friends at sourceforge.net,
+ and all paths with <quote>cvs</quote> in them. Note that
+ <literal>-<link linkend="FILTER">filter</link></literal>
+ disables <emphasis>all</emphasis> filters in one fell swoop!
+</para>
+
+<para>
+ <screen>
+# Don't filter code!
+#
+{ -<link linkend="FILTER">filter</link> }
+/(.*/)?cvs
+bugzilla.
+developer.
+wiki.
+.sourceforge.net</screen>
+</para>
+
+<para>
+ The actual <filename>default.action</filename> is of course much more
+ comprehensive, but we hope this example made clear how it works.
+</para>
+
+</sect3>
+
+<sect3><title>user.action</title>
+
+<para>
+ So far we are painting with a broad brush by setting general policies,
+ which would be a reasonable starting point for many people. Now, 
+ you might want to be more specific and have customized rules that
+ are more suitable to your personal habits and preferences. These would
+ be for narrowly defined situations like your ISP or your bank, and should
+ be placed in <filename>user.action</filename>, which is parsed after all other 
+ actions files and hence has the last word, over-riding any previously
+ defined actions. <filename>user.action</filename> is also a 
+ <emphasis>safe</emphasis> place for your personal settings, since
+ <filename>default.action</filename> is actively maintained by the
+ <application>Privoxy</application> developers and you'll probably want
+ to install updated versions from time to time.
+</para>
+
+<para>
+ So let's look at a few examples of things that one might typically do in
+ <filename>user.action</filename>: 
+</para>
+
+
+<!-- brief sample user.action here -->
+
+<para>
+ <screen>
+# My user.action file. <fred at example.com></screen>
+</para>
+
+<para>
+ As <link linkend="aliases">aliases</link> are local to the actions
+ file that they are defined in, you can't use the ones from
+ <filename>default.action</filename>, unless you repeat them here:
+</para>
+
+<para>
+ <screen>
+# Aliases are local to the file they are defined in.
+# (Re-)define aliases for this file:
+#
+{{alias}}
+# 
+# These aliases just save typing later, and the alias names should 
+# be self explanatory.
+#
++crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
+-crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
+ allow-all-cookies  = -crunch-all-cookies -session-cookies-only
+ allow-popups       = -filter{all-popups}
++block-as-image     = +block{Blocked as image.} +handle-as-image
+-block-as-image     = -block
+
+# These aliases define combinations of actions that are useful for
+# certain types of sites:
+#
+fragile     = -block -crunch-all-cookies -filter -fast-redirects -hide-referrer
+shop        = -crunch-all-cookies allow-popups
+
+# Allow ads for selected useful free sites:
+#
+allow-ads   = -block -filter{banners-by-size} -filter{banners-by-link}
+
+# Alias for specific file types that are text, but might have conflicting
+# MIME types. We want the browser to force these to be text documents.
+handle-as-text = -<link linkend="FILTER">filter</link> +-<link linkend="content-type-overwrite">content-type-overwrite{text/plain}</link> +-<link linkend="FORCE-TEXT-MODE">force-text-mode</link> -<link linkend="HIDE-CONTENT-DISPOSITION">hide-content-disposition</link></screen>
+
+</para>
+
+<para>
+ Say you have accounts on some sites that you visit regularly, and
+ you don't want to have to log in manually each time. So you'd like
+ to allow persistent cookies for these sites. The
+ <literal>allow-all-cookies</literal> alias defined above does exactly
+ that, i.e. it disables crunching of cookies in any direction, and the 
+ processing of cookies to make them only temporary.
+</para>
+
+<para>
+ <screen>
+{ allow-all-cookies }
+ sourceforge.net
+ .yahoo.com
+ .msdn.microsoft.com
+ .redhat.com</screen>
+</para>
+
+<para>
+ Your bank is allergic to some filter, but you don't know which, so you disable them all:
+</para>
+
+<para>
+ <screen>
+{ -<link linkend="FILTER">filter</link> }
+ .your-home-banking-site.com</screen>
+</para>
+
+<para>
+ Some file types you may not want to filter for various reasons:
+</para>
+
+<para>
+ <screen>
+# Technical documentation is likely to contain strings that might
+# erroneously get altered by the JavaScript-oriented filters:
+#
+.tldp.org
+/(.*/)?selfhtml/
+
+# And this stupid host sends streaming video with a wrong MIME type,
+# so that Privoxy thinks it is getting HTML and starts filtering:
+#
+stupid-server.example.com/</screen>
+</para>
+
+<para>
+ Example of a simple <link linkend="BLOCK">block</link> action. Say you've
+ seen an ad on your favourite page on example.com that you want to get rid of.
+ You have right-clicked the image, selected <quote>copy image location</quote>
+ and pasted the URL below while removing the leading http://, into a 
+ <literal>{ +block{} }</literal> section. Note that <literal>{ +handle-as-image
+ }</literal> need not be specified, since all URLs ending in
+ <literal>.gif</literal> will be tagged as images by the general rules as set
+ in default.action anyway:
+</para>
+
+<para>
+ <screen>
+{ +<link linkend="BLOCK">block</link>{Nasty ads.} }
+ www.example.com/nasty-ads/sponsor\.gif
+ another.example.net/more/junk/here/</screen>
+</para>
+
+<para>
+ The URLs of dynamically generated banners, especially from large banner
+ farms, often don't use the well-known image file name extensions, which
+ makes it impossible for <application>Privoxy</application> to guess
+ the file type just by looking at the URL. 
+ You can use the <literal>+block-as-image</literal> alias defined above for
+ these cases.
+ Note that objects which match this rule but then turn out NOT to be an
+ image are typically rendered as a <quote>broken image</quote> icon by the
+ browser. Use cautiously.
+</para>
+
+<para>
+ <screen>
+{ +block-as-image }
+ .doubleclick.net
+ .fastclick.net
+ /Realmedia/ads/
+ ar.atwola.com/</screen>
+</para>
+
+<para>
+ Now you noticed that the default configuration breaks Forbes Magazine,
+ but you were too lazy to find out which action is the culprit, and you
+ were again too lazy to give <link linkend="contact">feedback</link>, so
+ you just used the <literal>fragile</literal> alias on the site, and
+ -- <emphasis>whoa!</emphasis> -- it worked. The <literal>fragile</literal>
+ aliases disables those actions that are most likely to break a site. Also,
+ good for testing purposes to see if it is <application>Privoxy</application>
+ that is causing the problem or not. We later find other regular sites 
+ that misbehave, and add those to our personalized list of troublemakers:
+</para>
+
+<para>
+<screen>
+{ fragile }
+ .forbes.com
+ webmail.example.com
+ .mybank.com</screen>
+</para>
+
+<para>
+ You like the <quote>fun</quote> text replacements in <filename>default.filter</filename>,
+ but it is disabled in the distributed actions file.
+ So you'd like to turn it on in your private,
+ update-safe config, once and for all:
+</para>
+
+<para>
+<screen>
+{ +<link linkend="filter-fun">filter{fun}</link> }
+ / # For ALL sites!</screen>
+</para>
+
+<para>
+ Note that the above is not really a good idea: There are exceptions
+ to the filters in <filename>default.action</filename> for things that
+ really shouldn't be filtered, like code on CVS->Web interfaces. Since
+ <filename>user.action</filename> has the last word, these exceptions
+ won't be valid for the <quote>fun</quote> filtering specified here.
+</para>
+
+<para>
+ You might also worry about how your favourite free websites are
+ funded, and find that they rely on displaying banner advertisements
+ to survive. So you might want to specifically allow banners for those
+ sites that you feel provide value to you:
+</para>
+
+<para>
+<screen>
+{ allow-ads }
+ .sourceforge.net
+ .slashdot.org
+ .osdn.net</screen>   
+</para>
+
+<para>
+ Note that <literal>allow-ads</literal> has been aliased to 
+ <literal>-<link linkend="block">block</link></literal>, 
+ <literal>-<link linkend="filter-banners-by-size">filter{banners-by-size}</link></literal>, and 
+ <literal>-<link linkend="filter-banners-by-link">filter{banners-by-link}</link></literal> above.
+</para>
+
+<para>
+ Invoke another alias here to force an over-ride of the MIME type <literal>
+ application/x-sh</literal> which typically would open a download type 
+ dialog. In my case, I want to look at the shell script, and then I can save
+ it should I choose to.
+</para>
+
+<para>
+<screen>
+{ handle-as-text }
+ /.*\.sh$</screen>   
+</para>
+
+<para>
+ <filename>user.action</filename> is generally the best place to define
+ exceptions and additions to the default policies of
+ <filename>default.action</filename>. Some actions are safe to have their
+ default policies set here though. So let's set a default policy to have a
+ <quote>blank</quote> image as opposed to the checkerboard pattern for
+ <emphasis>ALL</emphasis> sites. <quote>/</quote> of course matches all URL
+ paths and patterns:
+</para>
+
+<para>
+<screen>
+{ +<link linkend="set-image-blocker">set-image-blocker{blank}</link> }
+/ # ALL sites</screen>
+</para>
+
+</sect3>
+</sect2>
+
+<!--  ~  End section  ~  -->
+
+</sect1>
+
+<!--  ~  End section  ~  -->
+
+<!--   ~~~~~~~~       New section Header    ~~~~~~~~~     -->
+
+<sect1 id="filter-file">
+<title>Filter Files</title>
+
+<para>
+ On-the-fly text substitutions need
+ to be defined in a <quote>filter file</quote>. Once defined, they 
+ can then be invoked as an <quote>action</quote>.
+</para>
+
+<para>
+ &my-app; supports three different filter actions:
+ <literal><link linkend="filter">filter</link></literal> to
+ rewrite the content that is send to the client,
+ <literal><link linkend="client-header-filter">client-header-filter</link></literal>
+ to rewrite headers that are send by the client, and
+ <literal><link linkend="server-header-filter">server-header-filter</link></literal>
+ to rewrite headers that are send by the server.
+</para>
+
+<para>
+ &my-app; also supports two tagger actions:
+ <literal><link linkend="client-header-tagger">client-header-tagger</link></literal>
+ and
+ <literal><link linkend="server-header-tagger">server-header-tagger</link></literal>.
+ Taggers and filters use the same syntax in the filter files, the difference
+ is that taggers don't modify the text they are filtering, but use a rewritten
+ version of the filtered text as tag. The tags can then be used to change the
+ applying actions through sections with <link linkend="tag-pattern">tag-patterns</link>.
+</para>
+
+
+<para>
+ Multiple filter files can be defined through the <literal> <link
+ linkend="filterfile">filterfile</link></literal> config directive. The filters
+ as supplied by the developers are located in
+ <filename>default.filter</filename>. It is recommended that any locally
+ defined or modified filters go in a separately defined file such as
+ <filename>user.filter</filename>.
+ </para>
+
+<para>
+ Common tasks for content filters are to eliminate common annoyances in
+ HTML and JavaScript, such as pop-up windows,
+ exit consoles, crippled windows without navigation tools, the
+ infamous <BLINK> tag etc, to suppress images with certain
+ width and height attributes (standard banner sizes or web-bugs),
+ or just to have fun.
+</para>
+
+<para>
+ Enabled content filters are applied to any content whose
+ <quote>Content Type</quote> header is recognised as a sign
+ of text-based content, with the exception of <literal>text/plain</literal>.
+ Use the <link linkend="FORCE-TEXT-MODE">force-text-mode</link> action
+ to also filter other content.
+</para>
+
+<para>
+ Substitutions are made at the source level, so if you want to <quote>roll
+ your own</quote> filters, you should first be familiar with HTML syntax, 
+ and, of course, regular expressions.
+</para>
+
+<para>
+ Just like the <link linkend="actions-file">actions files</link>, the
+ filter file is organized in sections, which are called <emphasis>filters</emphasis>
+ here. Each filter consists of a heading line, that starts with one of the
+ <emphasis>keywords</emphasis> <literal>FILTER:</literal>,
+ <literal>CLIENT-HEADER-FILTER:</literal> or <literal>SERVER-HEADER-FILTER:</literal>
+ followed by the filter's <emphasis>name</emphasis>, and a short (one line) 
+ <emphasis>description</emphasis> of what it does. Below that line
+ come the <emphasis>jobs</emphasis>, i.e. lines that define the actual
+ text substitutions. By convention, the name of a filter
+ should describe what the filter <emphasis>eliminates</emphasis>. The
+ comment is used in the <ulink url="http://config.privoxy.org/">web-based
+ user interface</ulink>.
+</para>
+
+<para>
+ Once a filter called <replaceable>name</replaceable> has been defined
+ in the filter file, it can be invoked by using an action of the form
+ +<literal><link linkend="filter">filter</link>{<replaceable>name</replaceable>}</literal>
+ in any <link linkend="actions-file">actions file</link>.
+</para>
+ 
+<para>
+ Filter definitions start with a header line that contains the filter
+ type, the filter name and the filter description.
+ A content filter header line for a filter called <quote>foo</quote> could look
+ like this:
+</para>
+
+<para>
+ <screen>FILTER: foo Replace all "foo" with "bar"</screen>
+</para>
+
+<para>
+ Below that line, and up to the next header line, come the jobs that
+ define what text replacements the filter executes. They are specified
+ in a syntax that imitates <ulink url="http://www.perl.org/">Perl</ulink>'s
+ <literal>s///</literal> operator. If you are familiar with Perl, you
+ will find this to be quite intuitive, and may want to look at the
+ PCRS documentation for the subtle differences to Perl behaviour. Most
+ notably, the non-standard option letter <literal>U</literal> is supported,
+ which turns the default to ungreedy matching.
+</para>
+
+<para>
+ If you are new to 
+  <ulink url="http://en.wikipedia.org/wiki/Regular_expressions"><quote>Regular
+  Expressions</quote></ulink>, you might want to take a look at
+ the <link linkend="regex">Appendix on regular expressions</link>, and
+ see the <ulink url="http://perldoc.perl.org/perlre.html">Perl
+ manual</ulink> for
+ <ulink url="http://perldoc.perl.org/perlop.html">the 
+ <literal>s///</literal> operator's syntax</ulink> and <ulink
+ url="http://perldoc.perl.org/perlre.html">Perl-style regular
+ expressions</ulink> in general.
+ The below examples might also help to get you started.
+</para>
+
+
+<!--   ~~~~~~~~       New section Header    ~~~~~~~~~     -->
+
+<sect2><title>Filter File Tutorial</title>
+<para>
+ Now, let's complete our <quote>foo</quote> content filter. We have already defined
+ the heading, but the jobs are still missing. Since all it does is to replace
+ <quote>foo</quote> with <quote>bar</quote>, there is only one (trivial) job
+ needed:
+</para>
+
+<para>
+ <screen>s/foo/bar/</screen>
+</para>
+
+<para>
+ But wait! Didn't the comment say that <emphasis>all</emphasis> occurrences
+ of <quote>foo</quote> should be replaced? Our current job will only take
+ care of the first <quote>foo</quote> on each page. For global substitution,
+ we'll need to add the <literal>g</literal> option:
+</para>
+
+<para>
+ <screen>s/foo/bar/g</screen>
+</para>
+
+<para>
+ Our complete filter now looks like this:
+</para>
+<para>
+ <screen>FILTER: foo Replace all "foo" with "bar"
+s/foo/bar/g</screen>
+</para>
+
+<para>
+ Let's look at some real filters for more interesting examples. Here you see
+ a filter that protects against some common annoyances that arise from JavaScript
+ abuse. Let's look at its jobs one after the other:
+</para>
+
+
+<para>
+ <screen>
+FILTER: js-annoyances Get rid of particularly annoying JavaScript abuse
+
+# Get rid of JavaScript referrer tracking. Test page: http://www.randomoddness.com/untitled.htm
+#
+s|(<script.*)document\.referrer(.*</script>)|$1"Not Your Business!"$2|Usg</screen>
+</para>
+
+<para>
+ Following the header line and a comment, you see the job. Note that it uses
+ <literal>|</literal> as the delimiter instead of <literal>/</literal>, because
+ the pattern contains a forward slash, which would otherwise have to be escaped
+ by a backslash (<literal>\</literal>).
+</para>
+
+<para>
+ Now, let's examine the pattern: it starts with the text <literal><script.*</literal>
+ enclosed in parentheses. Since the dot matches any character, and <literal>*</literal>
+ means: <quote>Match an arbitrary number of the element left of myself</quote>, this
+ matches <quote><script</quote>, followed by <emphasis>any</emphasis> text, i.e.
+ it matches the whole page, from the start of the first <script> tag.
+</para>
+
+<para>
+ That's more than we want, but the pattern continues: <literal>document\.referrer</literal>
+ matches only the exact string <quote>document.referrer</quote>. The dot needed to
+ be <emphasis>escaped</emphasis>, i.e. preceded by a backslash, to take away its
+ special meaning as a joker, and make it just a regular dot. So far, the meaning is:
+ Match from the start of the first <script> tag in a the page, up to, and including,
+ the text <quote>document.referrer</quote>, if <emphasis>both</emphasis> are present
+ in the page (and appear in that order).
+</para>
+
+<para>
+ But there's still more pattern to go. The next element, again enclosed in parentheses,
+ is <literal>.*</script></literal>. You already know what <literal>.*</literal>
+ means, so the whole pattern translates to: Match from the start of the first  <script>
+ tag in a page to the end of the last <script> tag, provided that the text
+ <quote>document.referrer</quote> appears somewhere in between.
+</para>
+
+<para>
+ This is still not the whole story, since we have ignored the options and the parentheses:
+ The portions of the page matched by sub-patterns that are enclosed in parentheses, will be
+ remembered and be available through the variables <literal>$1, $2, ...</literal> in
+ the substitute. The <literal>U</literal> option switches to ungreedy matching, which means
+ that the first <literal>.*</literal> in the pattern will only <quote>eat up</quote> all
+ text in between <quote><script</quote> and the <emphasis>first</emphasis> occurrence
+ of <quote>document.referrer</quote>, and that the second <literal>.*</literal> will
+ only span the text up to the <emphasis>first</emphasis> <quote></script></quote>
+ tag. Furthermore, the <literal>s</literal> option says that the match may span
+ multiple lines in the page, and the <literal>g</literal> option again means that the
+ substitution is global.
+</para>
+
+<para>
+ So, to summarize, the pattern means: Match all scripts that contain the text
+ <quote>document.referrer</quote>. Remember the parts of the script from
+ (and including) the start tag up to (and excluding) the string
+ <quote>document.referrer</quote> as <literal>$1</literal>, and the part following
+ that string, up to and including the closing tag, as <literal>$2</literal>.
+</para>
+
+<para>
+ Now the pattern is deciphered, but wasn't this about substituting things? So
+ lets look at the substitute: <literal>$1"Not Your Business!"$2</literal> is
+ easy to read: The text remembered as <literal>$1</literal>, followed by 
+ <literal>"Not Your Business!"</literal> (<emphasis>including</emphasis>
+ the quotation marks!), followed by the text remembered as <literal>$2</literal>.
+ This produces an exact copy of the original string, with the middle part
+ (the <quote>document.referrer</quote>) replaced by <literal>"Not Your
+ Business!"</literal>.
+</para>
+
+<para>
+ The whole job now reads: Replace <quote>document.referrer</quote> by
+ <literal>"Not Your Business!"</literal> wherever it appears inside a
+ <script&gt tag. Note that this job won't break JavaScript syntax,
+ since both the original and the replacement are syntactically valid
+ string objects. The script just won't have access to the referrer
+ information anymore.
+</para>
+
+<para>
+ We'll show you two other jobs from the JavaScript taming department, but
+ this time only point out the constructs of special interest:
+</para>
+
+<para>
+ <screen>
+# The status bar is for displaying link targets, not pointless blahblah
+#
+s/window\.status\s*=\s*(['"]).*?\1/dUmMy=1/ig</screen>
+</para>
+
+<para>
+ <literal>\s</literal> stands for whitespace characters (space, tab, newline,
+ carriage return, form feed), so that <literal>\s*</literal> means: <quote>zero
+ or more whitespace</quote>. The <literal>?</literal> in <literal>.*?</literal>
+ makes this matching of arbitrary text ungreedy. (Note that the <literal>U</literal>
+ option is not set). The <literal>['"]</literal> construct means: <quote>a single
+ <emphasis>or</emphasis> a double quote</quote>. Finally, <literal>\1</literal> is
+ a back-reference to the first parenthesis just like <literal>$1</literal> above,
+ with the difference that in the <emphasis>pattern</emphasis>, a backslash indicates
+ a back-reference, whereas in the <emphasis>substitute</emphasis>, it's the dollar.
+</para>
+
+<para>
+ So what does this job do? It replaces assignments of single- or double-quoted
+ strings to the <quote>window.status</quote> object with a dummy assignment
+ (using a variable name that is hopefully odd enough not to conflict with
+ real variables in scripts). Thus, it catches many cases where e.g. pointless
+ descriptions are displayed in the status bar instead of the link target when
+ you move your mouse over links.
+</para>
+
+<para>
+ <screen>
+# Kill OnUnload popups. Yummy. Test: http://www.zdnet.com/zdsubs/yahoo/tree/yfs.html
+#
+s/(<body [^>]*)onunload(.*>)/$1never$2/iU</screen>
+</para>
+
+<para>
+ Including the
+ <ulink url="http://www.w3.org/TR/2000/REC-DOM-Level-2-Events-20001113/events.html#Events-eventgroupings-htmlevents">OnUnload
+ event binding</ulink> in the HTML DOM was a <emphasis>CRIME</emphasis>.
+ When I close a browser window, I want it to close and die. Basta.
+ This job replaces the <quote>onunload</quote> attribute in
+ <quote><body&gt</quote> tags with the dummy word <literal>never</literal>.
+ Note that the <literal>i</literal> option makes the pattern matching
+ case-insensitive. Also note that ungreedy matching alone doesn't always guarantee
+ a minimal match: In the first parenthesis, we had to use <literal>[^>]*</literal>
+ instead of <literal>.*</literal> to prevent the match from exceeding the 
+ <body&gt tag if it doesn't contain <quote>OnUnload</quote>, but the page's
+ content does.
+</para>
+
+<para>
+ The last example is from the fun department:
+</para>
+
+<para>
+ <screen>
+FILTER: fun Fun text replacements
+
+# Spice the daily news:
+#
+s/microsoft(?!\.com)/MicroSuck/ig</screen>
+</para>
+
+<para>
+ Note the <literal>(?!\.com)</literal> part (a so-called negative lookahead)
+ in the job's pattern, which means: Don't match, if the string 
+ <quote>.com</quote> appears directly following <quote>microsoft</quote>
+ in the page. This prevents links to microsoft.com from being trashed, while
+ still replacing the word everywhere else.
+</para>
+
+<para>
+ <screen>
+# Buzzword Bingo (example for extended regex syntax)
+#
+s* industry[ -]leading \
+|  cutting[ -]edge \
+|  customer[ -]focused \
+|  market[ -]driven \
+|  award[ -]winning # Comments are OK, too! \
+|  high[ -]performance \
+|  solutions[ -]based \
+|  unmatched \
+|  unparalleled \
+|  unrivalled \
+*<font color="red"><b>BINGO!</b></font> \
+*igx</screen>
+</para>
+
+<para>
+ The <literal>x</literal> option in this job turns on extended syntax, and allows for
+ e.g. the liberal use of (non-interpreted!) whitespace for nicer formatting. 
+</para>
+
+<para>
+ You get the idea?
+</para>
+</sect2>
+
+<!--   ~~~~~~~~       New section Header    ~~~~~~~~~     -->
+
+<sect2 id="predefined-filters"><title>The Pre-defined Filters</title>
+
+<!-- 
+
+ Note each filter is also listed in the +filter action section above. Please
+ keep these listings in sync.
+ 
+-->
+
+<para>
+The distribution <filename>default.filter</filename> file contains a selection of
+pre-defined filters for your convenience:
+</para>
+
+<variablelist>
+ <varlistentry>
+  <term><emphasis>js-annoyances</emphasis></term>
+  <listitem>
+   <para>
+    The purpose of this filter is to get rid of particularly annoying JavaScript abuse.
+    To that end, it
+   <itemizedlist>
+    <listitem>
+     <para>
+      replaces JavaScript references to the browser's referrer information
+      with the string "Not Your Business!". This compliments the <literal><link
+      linkend="hide-referrer">hide-referrer</link></literal> action on the content level.
+     </para>
+    </listitem>
+    <listitem>
+     <para>
+      removes the bindings to the DOM's
+      <ulink url="http://www.w3.org/TR/2000/REC-DOM-Level-2-Events-20001113/events.html#Events-eventgroupings-htmlevents">unload
+      event</ulink> which we feel has no right to exist and is responsible for most <quote>exit consoles</quote>, i.e.
+      nasty windows that pop up when you close another one.
+     </para>
+    </listitem>
+    <listitem>
+     <para>
+      removes code that causes new windows to be opened with undesired properties, such as being
+      full-screen, non-resizeable, without location, status or menu bar etc.
+     </para>
+    </listitem>
+   </itemizedlist>
+   </para>
+   <para>
+    Use with caution. This is an aggressive filter, and can break sites that 
+    rely heavily on JavaScript.
+   </para>
+  </listitem>
+ </varlistentry>
+ 
+ <varlistentry>
+  <term><emphasis>js-events</emphasis></term>
+  <listitem>
+   <para>
+    This is a very radical measure. It removes virtually all JavaScript event bindings, which
+    means that scripts can not react to user actions such as mouse movements or clicks, window
+    resizing etc, anymore. Use with caution!
+   </para>
+   <para>
+    We <emphasis>strongly discourage</emphasis> using this filter as a default since it breaks
+    many legitimate scripts. It is meant for use only on extra-nasty sites (should you really
+    need to go there).
+   </para>
+  </listitem>
+ </varlistentry>
+
+<varlistentry>
+  <term><emphasis>html-annoyances</emphasis></term>
+  <listitem>
+   <para>
+    This filter will undo many common instances of HTML based abuse.
+   </para>
+   <para>
+    The <literal>BLINK</literal> and <literal>MARQUEE</literal> tags 
+    are neutralized (yeah baby!), and browser windows will be created as
+    resizeable (as of course they should be!), and will have location,
+    scroll and menu bars -- even if specified otherwise.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>content-cookies</emphasis></term>
+  <listitem>
+   <para>
+    Most cookies are set in the HTTP dialog, where they can be intercepted
+    by the
+    <literal><link linkend="crunch-incoming-cookies">crunch-incoming-cookies</link></literal>
+    and <literal><link linkend="crunch-outgoing-cookies">crunch-outgoing-cookies</link></literal>
+    actions. But web sites increasingly make use of HTML meta tags and JavaScript
+    to sneak cookies to the browser on the content level.
+   </para>
+   <para>
+    This filter disables most HTML and JavaScript code that reads or sets
+    cookies. It cannot detect all clever uses of these types of code, so it 
+    should not be relied on as an absolute fix. Use it wherever you would also
+    use the cookie crunch actions. 
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>refresh tags</emphasis></term>
+  <listitem>
+   <para>
+    Disable any refresh tags if the interval is greater than nine seconds (so 
+    that redirections done via refresh tags are not destroyed). This is useful 
+    for dial-on-demand setups, or for those who find this HTML feature
+    annoying.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>unsolicited-popups</emphasis></term>
+  <listitem>
+   <para>
+    This filter attempts to prevent only <quote>unsolicited</quote> pop-up 
+    windows from opening, yet still allow pop-up windows that the user 
+    has explicitly chosen to open. It was added in version 3.0.1, 
+    as an improvement over earlier such filters.
+   </para>
+   <para>
+    Technical note: The filter works by redefining the window.open JavaScript
+    function to a dummy function, <literal>PrivoxyWindowOpen()</literal>,
+    during the loading and rendering phase of each HTML page access, and
+    restoring the function afterward.
+   </para>
+   <para>
+    This is recommended only for browsers that cannot perform this function
+    reliably themselves. And be aware that some sites require such windows 
+    in order to function normally. Use with caution.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>all-popups</emphasis></term>
+  <listitem>
+   <para>
+    Attempt to prevent <emphasis>all</emphasis> pop-up windows from opening.
+    Note this should be used with even more discretion than the above, since
+    it is more likely to break some sites that require pop-ups for normal
+    usage. Use with caution.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>img-reorder</emphasis></term>
+  <listitem>
+   <para>
+    This is a helper filter that has no value if used alone. It makes the
+    <literal>banners-by-size</literal> and <literal>banners-by-link</literal>
+    (see below) filters more effective and should be enabled together with them.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>banners-by-size</emphasis></term>
+  <listitem>
+   <para>
+    This filter removes image tags purely based on what size they are. Fortunately 
+    for us, many ads and banner images tend to conform to certain standardized
+    sizes, which makes this filter quite effective for ad stripping purposes.
+   </para>
+   <para>
+    Occasionally this filter will cause false positives on images that are not ads,
+    but just happen to be of one of the standard banner sizes.
+   </para>
+   <para>
+    Recommended only for those who require extreme ad blocking. The default 
+    block rules should catch 95+% of all ads <emphasis>without</emphasis> this filter enabled.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>banners-by-link</emphasis></term>
+  <listitem>
+   <para>
+    This is an experimental filter that attempts to kill any banners if 
+    their URLs seem to point to known or suspected click trackers. It is currently
+    not of much value and is not recommended for use by default.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>webbugs</emphasis></term>
+  <listitem>
+   <para>
+    Webbugs are small, invisible images (technically 1X1 GIF images), that 
+    are used to track users across websites, and collect information on them.
+    As an HTML page is loaded by the browser, an embedded image tag causes the
+    browser to contact a third-party site, disclosing the tracking information
+    through the requested URL and/or cookies for that third-party domain, without
+    the user ever becoming aware of the interaction with the third-party site.
+    HTML-ized spam also uses a similar technique to verify email addresses.
+   </para>
+   <para>
+    This filter removes the HTML code that loads such <quote>webbugs</quote>.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>tiny-textforms</emphasis></term>
+  <listitem>
+   <para>
+    A rather special-purpose filter that can be used to enlarge textareas (those
+    multi-line text boxes in web forms) and turn off hard word wrap in them. 
+    It was written for the sourceforge.net tracker system where such boxes are
+    a nuisance, but it can be handy on other sites, too.
+   </para>
+   <para>
+    It is not recommended to use this filter as a default.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>jumping-windows</emphasis></term>
+  <listitem>
+   <para>
+    Many consider windows that move, or resize themselves to be abusive. This filter
+    neutralizes the related JavaScript code. Note that some sites might not display
+    or behave as intended when using this filter. Use with caution.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>frameset-borders</emphasis></term>
+  <listitem>
+   <para>
+    Some web designers seem to assume that everyone in the world will view their
+    web sites using the same browser brand and version, screen resolution etc,
+    because only that assumption could explain why they'd use static frame sizes,
+    yet prevent their frames from being resized by the user, should they be too
+    small to show their whole content.
+   </para>
+   <para>
+    This filter removes the related HTML code. It should only be applied to sites
+    which need it.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>demoronizer</emphasis></term>
+  <listitem>
+   <para>
+    Many Microsoft products that generate HTML use non-standard extensions (read:
+    violations) of the ISO 8859-1 aka Latin-1 character set. This can cause those
+    HTML documents to display with errors on standard-compliant platforms. 
+   </para>
+   <para>
+    This filter translates the MS-only characters into Latin-1 equivalents. 
+    It is not necessary when using MS products, and will cause corruption of  
+    all documents that use 8-bit character sets other than Latin-1. It's mostly
+    worthwhile for Europeans on non-MS platforms, if weird garbage characters
+    sometimes appear on some pages, or user agents that don't correct for this on 
+    the fly.
+<!--
+    My version of Mozilla (ancient) shows litte square boxes for quote
+    characters, and apostrophes on moronized pages. So many pages have this, I
+    can read them fine now. HB 08/27/06
+--> 
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>shockwave-flash</emphasis></term>
+  <listitem>
+   <para>
+    A filter for shockwave haters. As the name suggests, this filter strips code
+    out of web pages that is used to embed shockwave flash objects. 
+   </para>
+   <para>
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>quicktime-kioskmode</emphasis></term>
+  <listitem>
+   <para>
+    Change HTML code that embeds Quicktime objects so that kioskmode, which
+    prevents saving, is disabled.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>fun</emphasis></term>
+  <listitem>
+   <para>
+    Text replacements for subversive browsing fun. Make fun of your favorite
+    Monopolist or play buzzword bingo.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>crude-parental</emphasis></term>
+  <listitem>
+   <para>
+    A demonstration-only filter that shows how <application>Privoxy</application>
+    can be used to delete web content on a keyword basis.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>ie-exploits</emphasis></term>
+  <listitem>
+   <para>
+    An experimental collection of text replacements to disable malicious HTML and JavaScript
+    code that exploits known security holes in Internet Explorer.
+   </para>
+   <para>
+    Presently, it only protects against Nimda and a cross-site scripting bug, and
+    would need active maintenance to provide more substantial protection.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>site-specifics</emphasis></term>
+  <listitem>
+   <para>
+    Some web sites have very specific problems, the cure for which doesn't apply
+    anywhere else, or could even cause damage on other sites.
+   </para>
+   <para>
+    This is a collection of such site-specific cures which should only be applied
+    to the sites they were intended for, which is what the supplied
+    <filename>default.action</filename> file does. Users shouldn't need to change
+    anything regarding this filter.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>google</emphasis></term>
+  <listitem>
+   <para>
+    A CSS based block for Google text ads. Also removes a width limitation
+    and the toolbar advertisement.
+   </para>
+  </listitem>
+ </varlistentry>
+ 
+  <varlistentry>
+  <term><emphasis>yahoo</emphasis></term>
+  <listitem>
+   <para>
+    Another CSS based block, this time for Yahoo text ads. And removes 
+    a width limitation as well.
+   </para>
+  </listitem>
+ </varlistentry>
+
+  <varlistentry>
+  <term><emphasis>msn</emphasis></term>
+  <listitem>
+   <para>
+    Another CSS based block, this time for MSN text ads. And removes 
+    tracking URLs, as well as a width limitation.
+   </para>
+  </listitem>
+ </varlistentry>
+
+ <varlistentry>
+  <term><emphasis>blogspot</emphasis></term>
+  <listitem>
+   <para>
+    Cleans up some Blogspot blogs. Read the fine print before using this one!
+   </para>
+   <para>
+    This filter also intentionally removes some navigation stuff and sets the
+    page width to 100%. As a result, some rounded <quote>corners</quote> would
+    appear to early or not at all and as fixing this would require a browser
+    that understands background-size (CSS3), they are removed instead.
+   </para>
+  </listitem>
+ </varlistentry>
+
+  <varlistentry>
+  <term><emphasis>xml-to-html</emphasis></term>
+  <listitem>
+   <para>
+    Server-header filter to change the Content-Type from xml to html.
+   </para>
+  </listitem>
+ </varlistentry>
+ 
+  <varlistentry>
+  <term><emphasis>html-to-xml</emphasis></term>
+  <listitem>
+   <para>
+    Server-header filter to change the Content-Type from html to xml.
+   </para>
+  </listitem>
+ </varlistentry>
+
+  <varlistentry>
+  <term><emphasis>no-ping</emphasis></term>
+  <listitem>
+   <para>
+    Removes the non-standard <literal>ping</literal> attribute from
+    anchor and area HTML tags.
+   </para>
+  </listitem>
+ </varlistentry>
+
+  <varlistentry>
+  <term><emphasis>hide-tor-exit-notation</emphasis></term>
+  <listitem>
+   <para>
+    Client-header filter to remove the <command>Tor</command> exit node notation
+    found in Host and Referer headers.
+   </para>
+   <para>
+    If &my-app; and <command>Tor</command> are chained and &my-app;
+    is configured to use socks4a, one can use <quote>http://www.example.org.foobar.exit/</quote>
+    to access the host <quote>www.example.org</quote> through the
+    <command>Tor</command> exit node <quote>foobar</quote>.
+   </para>
+   <para>
+    As the HTTP client isn't aware of this notation, it treats the
+    whole string <quote>www.example.org.foobar.exit</quote> as host and uses it
+    for the <quote>Host</quote> and <quote>Referer</quote> headers. From the
+    server's point of view the resulting headers are invalid and can cause problems.
+   </para>
+   <para>
+    An invalid <quote>Referer</quote> header can trigger <quote>hot-linking</quote>
+    protections, an invalid <quote>Host</quote> header will make it impossible for
+    the server to find the right vhost (several domains hosted on the same IP address).
+   </para>
+   <para>
+    This client-header filter removes the <quote>foo.exit</quote> part in those headers
+    to prevent the mentioned problems. Note that it only modifies
+    the HTTP headers, it doesn't make it impossible for the server
+    to detect your <command>Tor</command> exit node based on the IP address
+    the request is coming from.
+   </para>
+  </listitem>
+ </varlistentry>
+
+<!--
+ <varlistentry>
+  <term><emphasis> </emphasis></term>
+  <listitem>
+   <para>
+   </para>
+   <para>
+   </para>
+  </listitem>
+ </varlistentry>
+-->
+</variablelist>
+
+</sect2>
+</sect1>
+
+<!--  ~  End section  ~  -->
+
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+
+<sect1 id="templates">
+<title>Privoxy's Template Files</title>
+<para>
+ All <application>Privoxy</application> built-in pages, i.e. error pages such as the 
+ <ulink url="http://show-the-404-error.page"><quote>404 - No Such Domain</quote>
+ error page</ulink>, the <ulink
+ url="http://ads.bannerserver.example.com/nasty-ads/sponsor.html"><quote>BLOCKED</quote>
+ page</ulink>
+ and all pages of its <ulink url="http://config.privoxy.org/">web-based
+ user interface</ulink>, are generated from <emphasis>templates</emphasis>. 
+ (<application>Privoxy</application> must be running for the above links to work as
+ intended.)
+</para>
+
+<para>
+ These templates are stored in a subdirectory of the <link linkend="confdir">configuration
+ directory</link> called <filename>templates</filename>. On Unixish platforms,
+ this is typically
+ <ulink url="file:///etc/privoxy/templates/"><filename>/etc/privoxy/templates/</filename></ulink>.
+</para>
+
+<para>
+ The templates are basically normal HTML files, but with place-holders (called symbols
+ or exports), which <application>Privoxy</application> fills at run time. It
+ is possible to edit the templates with a normal text editor, should you want
+ to customize them. (<emphasis>Not recommended for the casual
+ user</emphasis>). Should you create your own custom templates, you should use 
+ the <filename>config</filename> setting <link linkend="templdir">templdir</link>
+ to specify an alternate location, so your templates do not get overwritten
+ during upgrades. 
+ </para>
+ <para>
+ Note that just like in configuration files, lines starting
+ with <literal>#</literal> are ignored when the templates are filled in.
+</para>
+
+<para>
+ The place-holders are of the form <literal>@name@</literal>, and you will
+ find a list of available symbols, which vary from template to template,
+ in the comments at the start of each file. Note that these comments are not
+ always accurate, and that it's probably best to look at the existing HTML
+ code to find out which symbols are supported and what they are filled in with.
+</para>
+
+<para>
+ A special application of this substitution mechanism is to make whole
+ blocks of HTML code disappear when a specific symbol is set. We use this
+ for many purposes, one of them being to include the beta warning in all
+ our user interface (CGI) pages when <application>Privoxy</application>
+ is in an alpha or beta development stage:
+</para>
+
+<para>
+ <screen>
+<!-- @if-unstable-start -->
+
+  ... beta warning HTML code goes here ...
+
+<!-- if-unstable-end@ --></screen>
+</para>
+
+<para>
+ If the "unstable" symbol is set, everything in between and including
+ <literal>@if-unstable-start</literal> and <literal>if-unstable-end@</literal>
+ will disappear, leaving nothing but an empty comment:
+</para>
+
+<para>
+ <screen><!--  --></screen>
+</para>
+
+<para>
+ There's also an if-then-else construct and an <literal>#include</literal>
+ mechanism, but you'll sure find out if you are inclined to edit the
+ templates ;-)
+</para>
+
+<para>
+ All templates refer to a style located at
+ <ulink url="http://config.privoxy.org/send-stylesheet"><literal>http://config.privoxy.org/send-stylesheet</literal></ulink>.
+ This is, of course, locally served by <application>Privoxy</application>
+ and the source for it can be found and edited in the
+ <filename>cgi-style.css</filename> template.
+</para>
+
+</sect1>
+
+<!--  ~  End section  ~  -->
+
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+
+<sect1 id="contact"><title>Contacting the Developers, Bug Reporting and Feature
+Requests</title>
+
+<!-- Include contacting.sgml boilerplate: -->
+ &contacting;
+<!-- end boilerplate -->
+
+</sect1>
+
+<!--  ~  End section  ~  -->
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect1 id="copyright"><title>Privoxy Copyright, License and History</title>
+
+<!-- Include copyright.sgml: -->
+ ©right;
+<!-- end copyright -->
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2><title>License</title>
+<!-- Include copyright.sgml: -->
+ &license;
+<!-- end copyright -->
+</sect2>
+<!--  ~  End section  ~  -->
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+
+<sect2 id="history"><title>History</title>
+<!-- Include history.sgml: -->
+ &history;
+<!-- end history -->
+</sect2>
+
+<sect2 id="authors"><title>Authors</title>
+<!-- Include p-authors.sgml: -->
+ &p-authors;
+<!-- end authors -->
+</sect2>
+
+</sect1>
+
+<!--  ~  End section  ~  -->
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect1 id="seealso"><title>See Also</title>
+<!-- Include seealso.sgml: -->
+ &seealso;
+<!-- end seealso -->
+</sect1>
+
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect1 id="appendix"><title>Appendix</title>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2 id="regex">
+<title>Regular Expressions</title>
+<para>
+ <application>Privoxy</application> uses Perl-style <quote>regular
+ expressions</quote> in its <link linkend="actions-file">actions
+ files</link> and <link linkend="filter-file">filter file</link>,
+ through the <ulink url="http://www.pcre.org/">PCRE</ulink> and
+<!-- 
+ dead 08/27/06
+ <ulink url="http://www.oesterhelt.org/pcrs/">PCRS</ulink> libraries.
+-->
+ <application>PCRS</application> libraries.
+</para>
+
+<para>
+ If you are reading this, you probably don't understand what <quote>regular
+ expressions</quote> are, or what they can do. So this will be a very brief
+ introduction only. A full explanation would require a <ulink
+ url="http://www.oreilly.com/catalog/regex/">book</ulink> ;-)
+</para>
+
+<para>
+ Regular expressions provide a language to describe patterns that can be
+ run against strings of characters (letter, numbers, etc), to see if they
+ match the string or not. The  patterns are themselves (sometimes complex)
+ strings of literal characters, combined with  wild-cards, and other special
+ characters, called meta-characters. The <quote>meta-characters</quote> have
+ special meanings and are used to build complex patterns to be matched against.
+ Perl Compatible Regular Expressions are an especially convenient
+ <quote>dialect</quote> of the regular expression language.
+</para>
+
+<para>
+ To make a simple analogy, we do something similar when we use wild-card
+ characters when listing files with the <command>dir</command> command in DOS. 
+ <literal>*.*</literal> matches all filenames. The <quote>special</quote>
+ character here is the asterisk which matches any and all characters. We can be
+ more specific and use <literal>?</literal> to match just individual
+ characters. So <quote>dir file?.text</quote> would match
+ <quote>file1.txt</quote>, <quote>file2.txt</quote>, etc. We are pattern
+ matching, using a similar technique to <quote>regular expressions</quote>!
+</para>
+
+<para>
+ Regular expressions do essentially the same thing, but are much, much more
+ powerful. There are many more <quote>special characters</quote> and ways of 
+ building complex patterns however. Let's look at a few of the common ones,
+ and then some examples:
+</para>
+
+<para><simplelist>
+ <member>
+  <emphasis>.</emphasis> - Matches any single character, e.g. <quote>a</quote>,
+  <quote>A</quote>, <quote>4</quote>, <quote>:</quote>, or <quote>@</quote>.
+ </member>
+</simplelist></para>
+
+<para><simplelist>
+ <member>
+  <emphasis>?</emphasis> - The preceding character or expression is matched ZERO or ONE
+  times. Either/or.
+ </member>
+</simplelist></para>
+
+<para><simplelist>
+ <member>
+  <emphasis>+</emphasis> - The preceding character or expression is matched ONE or MORE
+  times.
+ </member>
+</simplelist></para>
+
+<para><simplelist>
+ <member>
+  <emphasis>*</emphasis> - The preceding character or expression is matched ZERO or MORE
+  times.
+ </member>
+</simplelist></para>
+
+<para><simplelist>
+ <member>
+  <emphasis>\</emphasis> - The <quote>escape</quote> character denotes that
+  the following character should be taken literally. This is used where one of the 
+  special characters (e.g. <quote>.</quote>) needs to be taken literally and
+  not as a special meta-character. Example: <quote>example\.com</quote>, makes 
+  sure the period is recognized only as a period (and not expanded to its 
+  meta-character meaning of any single character).
+ </member>
+</simplelist></para>
+
+<para><simplelist>
+ <member>
+  <emphasis>[ ]</emphasis> - Characters enclosed in brackets will be matched if
+  any of the enclosed characters are encountered. For instance, <quote>[0-9]</quote>
+  matches any numeric digit (zero through nine). As an example, we can combine 
+  this with <quote>+</quote> to match any digit one of more times: <quote>[0-9]+</quote>.
+ </member>
+</simplelist></para>
+
+<para><simplelist>
+ <member>
+  <emphasis>( )</emphasis> - parentheses are used to group a sub-expression,
+  or multiple sub-expressions.
+ </member>
+</simplelist></para>
+
+<para><simplelist>
+ <member>
+  <emphasis>|</emphasis> - The <quote>bar</quote> character works like an
+  <quote>or</quote> conditional statement. A match is successful if the
+  sub-expression on either side of <quote>|</quote> matches. As an example:
+  <quote>/(this|that) example/</quote> uses grouping and the bar character 
+  and would match either <quote>this example</quote> or <quote>that
+  example</quote>, and nothing else.
+ </member>
+</simplelist></para>
+
+<para>
+ These are just some of the ones you are likely to use when matching URLs with 
+ <application>Privoxy</application>, and is a long way from a definitive
+ list. This is enough to get us started with a few simple examples which may
+ be more illuminating:
+</para>
+
+<para>
+ <emphasis><literal>/.*/banners/.*</literal></emphasis> - A  simple example
+ that uses the common combination of <quote>.</quote> and <quote>*</quote> to 
+ denote any character, zero or more times. In other words, any string at all.
+ So we start with a literal forward slash, then our regular expression pattern 
+ (<quote>.*</quote>) another literal forward slash, the string
+ <quote>banners</quote>, another forward slash, and lastly another
+ <quote>.*</quote>. We are building 
+ a directory path here. This will match any file with the path that has a
+ directory named <quote>banners</quote> in it. The <quote>.*</quote> matches
+ any characters, and this could conceivably be more forward slashes, so it
+ might expand into a much longer looking path. For example, this could match:
+ <quote>/eye/hate/spammers/banners/annoy_me_please.gif</quote>, or just
+ <quote>/banners/annoying.html</quote>, or almost an infinite number of other
+ possible combinations, just so it has <quote>banners</quote> in the path
+ somewhere.
+</para>
+
+<para>
+ And now something a little more complex:
+</para>
+
+<para>
+ <emphasis><literal>/.*/adv((er)?ts?|ertis(ing|ements?))?/</literal></emphasis> - 
+ We have several literal forward slashes again (<quote>/</quote>), so we are
+ building another expression that is a file path statement. We have another 
+ <quote>.*</quote>, so we are matching against any conceivable sub-path, just so
+ it matches our expression. The only true literal that <emphasis>must
+ match</emphasis> our pattern is <application>adv</application>, together with
+ the forward slashes. What comes after the <quote>adv</quote> string is the
+ interesting part. 
+</para>
+
+<para>
+ Remember the <quote>?</quote> means the preceding expression (either a
+ literal character or anything grouped with <quote>(...)</quote> in this case)
+ can exist or not, since this means either zero or one match. So
+ <quote>((er)?ts?|ertis(ing|ements?))</quote> is optional, as are the
+ individual sub-expressions: <quote>(er)</quote>,
+ <quote>(ing|ements?)</quote>, and the <quote>s</quote>. The <quote>|</quote>
+ means <quote>or</quote>. We have two of those. For instance, 
+ <quote>(ing|ements?)</quote>, can expand to match either <quote>ing</quote> 
+ <emphasis>OR</emphasis> <quote>ements?</quote>. What is being done here, is an
+ attempt at matching as many variations of <quote>advertisement</quote>, and 
+ similar, as possible. So this would expand to match just <quote>adv</quote>,
+ or <quote>advert</quote>, or <quote>adverts</quote>, or
+ <quote>advertising</quote>, or <quote>advertisement</quote>, or
+ <quote>advertisements</quote>. You get the idea. But it would not match 
+ <quote>advertizements</quote> (with a <quote>z</quote>). We could fix that by
+ changing our regular expression to: 
+ <quote>/.*/adv((er)?ts?|erti(s|z)(ing|ements?))?/</quote>, which would then match
+ either spelling.
+</para>
+
+<para>
+ <emphasis><literal>/.*/advert[0-9]+\.(gif|jpe?g)</literal></emphasis> - Again 
+ another path statement with forward slashes. Anything in the square brackets 
+ <quote>[ ]</quote> can be matched. This is using <quote>0-9</quote> as a
+ shorthand expression to mean any digit one through nine. It is the same as
+ saying <quote>0123456789</quote>. So any digit matches. The <quote>+</quote>
+ means one or more of the preceding expression must be included. The preceding 
+ expression here is what is in the square brackets -- in this case, any digit 
+ one through nine. Then, at the end, we have a grouping: <quote>(gif|jpe?g)</quote>. 
+ This includes a <quote>|</quote>, so this needs to match the expression on
+ either side of that bar character also. A simple <quote>gif</quote> on one side, and the other
+ side will in turn match either <quote>jpeg</quote> or <quote>jpg</quote>,
+ since the <quote>?</quote> means the letter <quote>e</quote> is optional and
+ can be matched once or not at all. So we are building an expression here to
+ match image GIF or JPEG type image file. It must include the literal
+ string <quote>advert</quote>, then one or more digits, and a <quote>.</quote>
+ (which is now a literal, and not a special character, since it is escaped
+ with <quote>\</quote>), and lastly either <quote>gif</quote>, or
+ <quote>jpeg</quote>, or <quote>jpg</quote>. Some possible matches would
+ include: <quote>//advert1.jpg</quote>,
+ <quote>/nasty/ads/advert1234.gif</quote>,
+ <quote>/banners/from/hell/advert99.jpg</quote>. It would not match
+ <quote>advert1.gif</quote> (no leading slash), or
+ <quote>/adverts232.jpg</quote> (the expression does not include an
+ <quote>s</quote>), or <quote>/advert1.jsp</quote> (<quote>jsp</quote> is not
+ in the expression anywhere).
+</para>
+
+<para>
+ We are barely scratching the surface of regular expressions here so that you
+ can understand the default <application>Privoxy</application>
+ configuration files, and maybe use this knowledge to customize your own
+ installation. There is much, much more that can be done with regular
+ expressions. Now that you know enough to get started, you can learn more on
+ your own :/
+</para>
+
+<para>
+ More reading on Perl Compatible Regular expressions: 
+ <ulink url="http://perldoc.perl.org/perlre.html">http://perldoc.perl.org/perlre.html</ulink>
+</para>
+
+<para>
+ For information on regular expression based substitutions and their applications
+ in filters, please see the <link linkend="filter-file">filter file tutorial</link>
+ in this manual.
+</para>
+</sect2>
+
+<!--  ~  End section  ~  -->
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2>
+<title>Privoxy's Internal Pages</title>
+
+<para>
+ Since <application>Privoxy</application> proxies each requested 
+ web page, it is easy for <application>Privoxy</application> to 
+ trap certain special URLs. In this way, we can talk directly to
+ <application>Privoxy</application>, and see how it is 
+ configured, see how our rules are being applied, change these 
+ rules and other configuration options, and even turn
+ <application>Privoxy's</application> filtering off, all with 
+ a web browser.
+
+</para>
+
+<para>
+ The URLs listed below are the special ones that allow direct access 
+ to <application>Privoxy</application>. Of course,
+ <application>Privoxy</application> must be running to access these. If 
+ not, you will get a friendly error message. Internet access is not 
+ necessary either.
+</para>
+
+<para>
+ <itemizedlist>
+
+ <listitem>
+  <para>  
+   Privoxy main page: 
+  </para>
+  <blockquote>
+   <para> 
+     <ulink url="http://config.privoxy.org/">http://config.privoxy.org/</ulink>
+   </para>
+  </blockquote>
+  <para>
+   There is a shortcut: <ulink url="http://p.p/">http://p.p/</ulink> (But it
+   doesn't provide a fall-back to a real page, in case the request is not
+   sent through <application>Privoxy</application>)
+  </para>
+ </listitem>
+
+ <listitem>
+  <para>  
+    Show information about the current configuration, including viewing and 
+    editing of actions files:
+  </para>
+   <blockquote>
+   <para> 
+    <ulink url="http://config.privoxy.org/show-status">http://config.privoxy.org/show-status</ulink>
+   </para>
+  </blockquote>
+ </listitem>
+ 
+ <listitem>
+  <para>  
+    Show the source code version numbers:
+  </para>
+  <blockquote>
+   <para> 
+    <ulink url="http://config.privoxy.org/show-version">http://config.privoxy.org/show-version</ulink>
+   </para>
+  </blockquote>
+ </listitem>
+ 
+ <listitem>
+  <para>  
+   Show the browser's request headers:
+  </para>
+  <blockquote>
+   <para> 
+    <ulink url="http://config.privoxy.org/show-request">http://config.privoxy.org/show-request</ulink>
+   </para>
+  </blockquote>
+ </listitem>
+ 
+ <listitem>
+  <para>  
+   Show which actions apply to a URL and why:
+  </para>
+   <blockquote>
+   <para> 
+    <ulink url="http://config.privoxy.org/show-url-info">http://config.privoxy.org/show-url-info</ulink>
+   </para>
+  </blockquote>
+ </listitem>
+ 
+ <listitem>
+  <para>  
+   Toggle Privoxy on or off. This feature can be turned off/on in the main 
+   <filename>config</filename> file. When toggled <quote>off</quote>, <quote>Privoxy</quote>
+   continues to run, but only as a pass-through proxy, with no actions taking
+   place:
+  </para>
+   <blockquote>
+   <para> 
+    <ulink url="http://config.privoxy.org/toggle">http://config.privoxy.org/toggle</ulink>
+   </para>
+  </blockquote>
+  <para>
+   Short cuts. Turn off, then on: 
+  </para>
+   <blockquote>
+   <para> 
+     <ulink url="http://config.privoxy.org/toggle?set=disable">http://config.privoxy.org/toggle?set=disable</ulink>
+   </para>
+  </blockquote>
+   <blockquote>
+   <para> 
+     <ulink url="http://config.privoxy.org/toggle?set=enable">http://config.privoxy.org/toggle?set=enable</ulink>
+   </para>
+  </blockquote>
+ </listitem>
+ 
+ </itemizedlist>
+</para>
+
+<para>
+ These may be bookmarked for quick reference. See next.
+
+</para>
+
+<sect3 id="bookmarklets">
+<title>Bookmarklets</title>
+<para>
+ Below are some <quote>bookmarklets</quote> to allow you to easily access a
+ <quote>mini</quote> version of some of <application>Privoxy's</application>
+ special pages. They are designed for MS Internet Explorer, but should work
+ equally well in Netscape, Mozilla, and other browsers which support
+ JavaScript. They are designed to run directly from your bookmarks - not by
+ clicking the links below (although that should work for testing).
+</para>
+<para>
+ To save them, right-click the link and choose <quote>Add to Favorites</quote>
+ (IE) or <quote>Add Bookmark</quote> (Netscape). You will get a warning that
+ the bookmark <quote>may not be safe</quote> - just click OK. Then you can run the
+ Bookmarklet directly from your favorites/bookmarks. For even faster access,
+ you can put them on the <quote>Links</quote> bar (IE) or the <quote>Personal
+ Toolbar</quote> (Netscape), and run them with a single click. 
+</para>
+
+<para>
+ <itemizedlist>
+
+  <listitem>
+   <para>
+    <ulink
+    url="javascript:void(window.open('http://config.privoxy.org/toggle?mini=y&set=enabled','ijbstatus','width=250,height=100,resizable=yes,scrollbars=no,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());">Privoxy - Enable</ulink>
+   </para>
+  </listitem> 
+
+  <listitem>
+   <para>
+    <ulink
+    url="javascript:void(window.open('http://config.privoxy.org/toggle?mini=y&set=disabled','ijbstatus','width=250,height=100,resizable=yes,scrollbars=no,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());">Privoxy - Disable</ulink>
+   </para>
+  </listitem> 
+
+  <listitem>
+   <para>
+    <ulink
+    url="javascript:void(window.open('http://config.privoxy.org/toggle?mini=y&set=toggle','ijbstatus','width=250,height=100,resizable=yes,scrollbars=no,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());">Privoxy - Toggle Privoxy</ulink> (Toggles between enabled and disabled)
+   </para>
+  </listitem> 
+
+  <listitem>
+   <para>
+    <ulink
+    url="javascript:void(window.open('http://config.privoxy.org/toggle?mini=y','ijbstatus','width=250,height=2,resizable=yes,scrollbars=no,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());">Privoxy- View Status</ulink>
+   </para>
+  </listitem> 
+<!--
+  <listitem>
+   <para>
+    <ulink url="javascript:w=Math.floor(screen.width/2);h=Math.floor(screen.height*0.9);void(window.open('http://www.privoxy.org/actions/index.php?url='+escape(location.href),'Feedback','screenx='+w+',width='+w+',height='+h+',scrollbars=yes,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());">Privoxy - Submit Actions File Feedback</ulink>
+   </para>
+  </listitem> 
+ --> 
+  <listitem>
+   <para>
+    <ulink url="javascript:void(window.open('http://config.privoxy.org/show-url-info?url='+escape(location.href),'Why').focus());">Privoxy - Why?</ulink>
+   </para>
+  </listitem> 
+ </itemizedlist>
+</para>
+
+<para>
+ Credit: The site which gave us the general idea for these bookmarklets is
+ <ulink url="http://www.bookmarklets.com/">www.bookmarklets.com</ulink>. They
+ have more information about bookmarklets. 
+</para>
+
+
+</sect3>
+
+</sect2>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2 id="chain">
+<title>Chain of Events</title>
+<para>
+ Let's take a quick look at how some of <application>Privoxy's</application> 
+ core features are triggered, and the ensuing sequence of events when a web
+ page is requested by your browser:
+</para>
+
+<para>
+ <itemizedlist>
+ <listitem>
+  <para>
+   First, your web browser requests a web page. The browser knows to send 
+   the request to <application>Privoxy</application>, which will in turn, 
+   relay the request to the remote web server after passing the following 
+   tests: 
+  </para>
+ </listitem> 
+ <listitem>
+  <para>
+   <application>Privoxy</application> traps any request for its own internal CGI 
+   pages (e.g <ulink url="http://p.p/">http://p.p/</ulink>) and sends the CGI page back to the browser.
+  </para>
+ </listitem> 
+ <listitem>
+  <para>
+   Next, <application>Privoxy</application> checks to see if the URL 
+   matches any <link
+   linkend="BLOCK"><quote>+block</quote></link> patterns. If
+   so, the URL is then blocked, and the remote web server will not be contacted.
+   <link linkend="HANDLE-AS-IMAGE"><quote>+handle-as-image</quote></link> 
+   and 
+   <link linkend="HANDLE-AS-EMPTY-DOCUMENT"><quote>+handle-as-empty-document</quote></link>
+   are then checked, and if there is no match, an 
+   HTML <quote>BLOCKED</quote> page is sent back to the browser. Otherwise, if
+   it does match, an image is returned for the former, and an empty text
+   document for the latter. The type of image would depend on the setting of
+   <link linkend="SET-IMAGE-BLOCKER"><quote>+set-image-blocker</quote></link>
+   (blank, checkerboard pattern, or an HTTP redirect to an image elsewhere).
+  </para>
+ </listitem> 
+ <listitem>
+  <para>
+   Untrusted URLs are blocked. If URLs are being added to the
+   <filename>trust</filename> file, then that is done.
+  </para>
+ </listitem> 
+ <listitem>
+  <para>
+   If the URL pattern matches the <link
+   linkend="FAST-REDIRECTS"><quote>+fast-redirects</quote></link> action,
+   it is then processed. Unwanted parts of the requested URL are stripped.
+  </para>
+ </listitem> 
+ <listitem>
+  <para>
+   Now the rest of the client browser's request headers are processed. If any
+   of these match any of the relevant actions (e.g. <link
+   linkend="HIDE-USER-AGENT"><quote>+hide-user-agent</quote></link>,
+   etc.), headers are suppressed or forged as determined by these actions and
+   their parameters.
+  </para>
+ </listitem> 
+ <listitem>
+  <para>
+   Now the web server starts sending its response back (i.e. typically a web
+   page).
+  </para>
+ </listitem> 
+ <listitem>
+  <para>
+   First, the server headers are read and processed to determine, among other
+   things, the MIME type (document type) and encoding. The headers are then
+   filtered as determined by the 
+   <link linkend="CRUNCH-INCOMING-COOKIES"><quote>+crunch-incoming-cookies</quote></link>,
+   <link linkend="SESSION-COOKIES-ONLY"><quote>+session-cookies-only</quote></link>,
+   and <link linkend="DOWNGRADE-HTTP-VERSION"><quote>+downgrade-http-version</quote></link>
+   actions.
+  </para>
+ </listitem> 
+ <listitem>
+  <para>
+   If any <link linkend="FILTER"><quote>+filter</quote></link> action
+   or <link
+   linkend="DEANIMATE-GIFS"><quote>+deanimate-gifs</quote></link>
+   action applies (and the document type fits the action), the rest of the page is
+   read into memory (up to a configurable limit). Then the filter rules (from
+   <filename>default.filter</filename> and any other filter files) are
+   processed against the buffered content. Filters are applied in the order
+   they are specified in one of the filter files. Animated GIFs, if present,
+   are reduced to either the first or last frame, depending on the action
+   setting.The entire page, which is now filtered, is then sent by
+   <application>Privoxy</application> back to your browser. 
+  </para>
+  <para>
+   If neither a <link linkend="FILTER"><quote>+filter</quote></link> action
+   or <link
+   linkend="DEANIMATE-GIFS"><quote>+deanimate-gifs</quote></link>
+   matches, then <application>Privoxy</application> passes the raw data through 
+   to the client browser as it becomes available.
+  </para>
+ </listitem> 
+ <listitem>
+  <para>
+   As the browser receives the now (possibly filtered) page content, it 
+   reads and then requests any URLs that may be embedded within the page
+   source, e.g. ad images, stylesheets, JavaScript, other HTML documents (e.g.
+   frames), sounds, etc. For each of these objects, the browser issues a
+   separate request (this is easily viewable in <application>Privoxy's</application>
+   logs). And each such request is in turn processed just as above. Note that a
+   complex web page will have many, many such embedded URLs. If these 
+   secondary requests are to a different server, then quite possibly a very 
+   differing set of actions is triggered.
+  </para>
+ </listitem> 
+ 
+ </itemizedlist>
+</para>
+<para>
+ NOTE: This is somewhat of a simplistic overview of what happens with each URL
+ request. For the sake of brevity and simplicity, we have focused on 
+ <application>Privoxy's</application> core features only.
+</para>
+
+</sect2>
+
+
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect2 id="actionsanat">
+<title>Troubleshooting: Anatomy of an Action</title>
+
+<para>
+ The way <application>Privoxy</application> applies 
+ <link linkend="ACTIONS">actions</link> and <link linkend="FILTER">filters</link>
+ to any given URL can be complex, and not always so
+ easy to understand what is happening. And sometimes we need to be able to
+ <emphasis>see</emphasis> just what <application>Privoxy</application> is
+ doing. Especially, if something <application>Privoxy</application> is doing
+ is causing us a problem inadvertently. It can be a little daunting to look at
+ the actions and filters files themselves, since they tend to be filled with
+ <link linkend="regex">regular expressions</link> whose consequences are not
+ always so obvious. 
+</para>
+
+<para>
+ One quick test to see if <application>Privoxy</application> is causing a problem 
+ or not, is to disable it temporarily. This should be the first troubleshooting 
+ step. See <link linkend="bookmarklets">the Bookmarklets</link> section on a quick 
+ and easy way to do this (be sure to flush caches afterward!). Looking at the 
+ logs is a good idea too. (Note that both the toggle feature and logging are 
+ enabled via <filename>config</filename> file settings, and may need to be 
+ turned <quote>on</quote>.)
+</para>
+<para>
+ Another easy troubleshooting step to try is if you have done any
+ customization of your installation, revert back to the installed
+ defaults and see if that helps. There are times the developers get complaints
+ about one thing or another, and the problem is more related to a customized
+ configuration issue.
+</para>
+
+<para>
+ <application>Privoxy</application> also provides the 
+ <ulink url="http://config.privoxy.org/show-url-info">http://config.privoxy.org/show-url-info</ulink>
+ page that can show us very specifically how <application>actions</application>
+ are being applied to any given URL. This is a big help for troubleshooting.
+</para>
+
+<para>
+ First, enter one URL (or partial URL) at the prompt, and then
+ <application>Privoxy</application> will tell us 
+ how the current configuration will handle it. This will not
+ help with filtering effects (i.e. the <link
+ linkend="FILTER"><quote>+filter</quote></link> action) from
+ one of the filter files since this is handled very
+ differently and not so easy to trap! It also will not tell you about any other
+ URLs that may be embedded within the URL you are testing. For instance, images
+ such as ads are expressed as URLs within the raw page source of HTML pages. So
+ you will only get info for the actual URL that is pasted into the prompt area
+ -- not any sub-URLs. If you want to know about embedded URLs like ads, you
+ will have to dig those out of the HTML source. Use your browser's <quote>View
+ Page Source</quote> option for this. Or right click on the ad, and grab the
+ URL.
+</para>
+
+<para>
+ Let's try an example, <ulink url="http://google.com">google.com</ulink>, 
+ and look at it one section at a time in a sample configuration (your real 
+ configuration may vary):
+</para>
+
+<para>
+ <screen>
+ Matches for http://www.google.com:
+
+ In file: default.action <guibutton>[ View ]</guibutton> <guibutton>[ Edit ]</guibutton>
+
+ {+change-x-forwarded-for{block}
+ +deanimate-gifs {last}
+ +fast-redirects {check-decoded-url}
+ +filter {refresh-tags}
+ +filter {img-reorder}
+ +filter {banners-by-size}
+ +filter {webbugs}
+ +filter {jumping-windows}
+ +filter {ie-exploits}
+ +hide-from-header {block}
+ +hide-referrer {forge}
+ +session-cookies-only
+ +set-image-blocker {pattern}
+/
+ 
+ { -session-cookies-only }
+ .google.com
+
+ { -fast-redirects }
+ .google.com
+
+In file: user.action <guibutton>[ View ]</guibutton> <guibutton>[ Edit ]</guibutton>
+(no matches in this file)  
+</screen>
+</para>
+
+<para>
+ This is telling us how we have defined our 
+ <link linkend="ACTIONS"><quote>actions</quote></link>, and
+ which ones match for our test case, <quote>google.com</quote>. 
+ Displayed is all the actions that are available to us. Remember,
+ the <literal>+</literal> sign denotes <quote>on</quote>. <literal>-</literal>
+ denotes <quote>off</quote>. So some are <quote>on</quote> here, but many 
+ are <quote>off</quote>. Each example we try may provide a slightly different
+ end result, depending on our configuration directives.
+</para>
+<para>
+ The first listing
+  is for our <filename>default.action</filename> file. The large, multi-line
+  listing, is how the actions are set to match for all URLs, i.e. our default
+  settings. If you look at your <quote>actions</quote> file, this would be the
+  section just below the <quote>aliases</quote> section near the top. This
+  will apply to all URLs as signified by the single forward slash at the end
+  of the listing -- <quote> / </quote>.
+</para>
+
+<para>
+ But we have defined additional actions that would be exceptions to these general
+ rules, and then we list specific URLs (or patterns) that these exceptions
+ would apply to. Last match wins. Just below this then are two explicit
+ matches for <quote>.google.com</quote>. The first is negating our previous
+ cookie setting, which was for <link
+ linkend="SESSION-COOKIES-ONLY"><quote>+session-cookies-only</quote></link>
+ (i.e. not persistent). So we will allow persistent cookies for google, at
+ least that is how it is in this example. The second turns
+ <emphasis>off</emphasis> any <link
+ linkend="FAST-REDIRECTS"><quote>+fast-redirects</quote></link>
+ action, allowing this to take place unmolested. Note that there is a leading
+ dot here -- <quote>.google.com</quote>. This will match any hosts and
+ sub-domains, in the google.com domain also, such as
+ <quote>www.google.com</quote> or <quote>mail.google.com</quote>. But it would not 
+ match <quote>www.google.de</quote>! So, apparently, we have these two actions
+ defined as exceptions to the general rules at the top somewhere in the lower
+ part of our <filename>default.action</filename> file, and
+ <quote>google.com</quote> is referenced somewhere in these latter sections.
+</para>
+
+<para>
+ Then, for our <filename>user.action</filename> file, we again have no hits.
+ So there is nothing google-specific that we might have added to our own, local
+ configuration. If there was, those actions would over-rule any actions from 
+ previously processed files, such as <filename>default.action</filename>.
+ <filename>user.action</filename> typically has the last word. This is the
+ best place to put hard and fast exceptions,
+</para>
+
+<para>
+ And finally we pull it all together in the bottom section and summarize how
+ <application>Privoxy</application> is applying all its <quote>actions</quote> 
+ to <quote>google.com</quote>:
+
+</para>
+
+<para>
+ <screen>
+
+ Final results:
+ 
+ -add-header
+ -block
+ +change-x-forwarded-for{block} 
+ -client-header-filter{hide-tor-exit-notation}
+ -content-type-overwrite
+ -crunch-client-header
+ -crunch-if-none-match
+ -crunch-incoming-cookies
+ -crunch-outgoing-cookies
+ -crunch-server-header
+ +deanimate-gifs {last}
+ -downgrade-http-version
+ -fast-redirects
+ -filter {js-events}
+ -filter {content-cookies}
+ -filter {all-popups}
+ -filter {banners-by-link}
+ -filter {tiny-textforms}
+ -filter {frameset-borders}
+ -filter {demoronizer}
+ -filter {shockwave-flash}
+ -filter {quicktime-kioskmode}
+ -filter {fun}
+ -filter {crude-parental}
+ -filter {site-specifics}
+ -filter {js-annoyances}
+ -filter {html-annoyances}
+ +filter {refresh-tags}
+ -filter {unsolicited-popups}
+ +filter {img-reorder}
+ +filter {banners-by-size}
+ +filter {webbugs}
+ +filter {jumping-windows}
+ +filter {ie-exploits}
+ -filter {google}
+ -filter {yahoo}
+ -filter {msn}
+ -filter {blogspot}
+ -filter {no-ping}
+ -force-text-mode
+ -handle-as-empty-document
+ -handle-as-image
+ -hide-accept-language
+ -hide-content-disposition
+ +hide-from-header {block}
+ -hide-if-modified-since
+ +hide-referrer {forge}
+ -hide-user-agent
+ -limit-connect
+ -overwrite-last-modified
+ -prevent-compression
+ -redirect
+ -server-header-filter{xml-to-html}
+ -server-header-filter{html-to-xml} 
+ -session-cookies-only
+ +set-image-blocker {pattern} </screen>
+</para>
+
+<para>
+ Notice the only difference here to the previous listing, is to 
+ <quote>fast-redirects</quote> and <quote>session-cookies-only</quote>,
+ which are activated specifically for this site in our configuration, 
+ and thus show in the <quote>Final Results</quote>.
+</para>
+
+<para>
+ Now another example, <quote>ad.doubleclick.net</quote>:
+</para>
+
+<para>
+ <screen>
+
+ { +block{Domains starts with "ad"} }
+  ad*.
+
+ { +block{Domain contains "ad"} }
+  .ad.
+
+ { +block{Doubleclick banner server} +handle-as-image }
+  .[a-vx-z]*.doubleclick.net
+</screen>
+</para>
+
+<para>
+ We'll just show the interesting part here - the explicit matches. It is 
+ matched three different times. Two <quote>+block{}</quote> sections, 
+ and a <quote>+block{} +handle-as-image</quote>,
+ which is the expanded form of one of our aliases that had been defined as: 
+ <quote>+block-as-image</quote>. (<link
+ linkend="ALIASES"><quote>Aliases</quote></link> are defined in
+ the first section of the actions file and typically used to combine more 
+ than one action.)
+</para>
+
+<para>
+ Any one of these would have done the trick and blocked this as an unwanted 
+ image. This is unnecessarily redundant since the last case effectively 
+ would also cover the first. No point in taking chances with these guys 
+ though ;-) Note that if you want an ad or obnoxious 
+ URL to be invisible, it should be defined as <quote>ad.doubleclick.net</quote>
+ is done here -- as both a <link
+ linkend="BLOCK"><quote>+block{}</quote></link>
+ <emphasis>and</emphasis> an 
+ <link linkend="HANDLE-AS-IMAGE"><quote>+handle-as-image</quote></link>.
+ The custom alias <quote><literal>+block-as-image</literal></quote> just
+ simplifies the process and make it more readable.
+</para>
+
+<para>
+ One last example. Let's try <quote>http://www.example.net/adsl/HOWTO/</quote>.
+ This one is giving us problems. We are getting a blank page. Hmmm ...
+</para>
+
+<para>
+ <screen>
+
+ Matches for http://www.example.net/adsl/HOWTO/:
+
+ In file: default.action <guibutton>[ View ]</guibutton> <guibutton>[ Edit ]</guibutton>
+
+ {-add-header 
+  -block
+  +change-x-forwarded-for{block} 
+  -client-header-filter{hide-tor-exit-notation}
+  -content-type-overwrite
+  -crunch-client-header
+  -crunch-if-none-match
+  -crunch-incoming-cookies
+  -crunch-outgoing-cookies
+  -crunch-server-header
+  +deanimate-gifs 
+  -downgrade-http-version 
+  +fast-redirects {check-decoded-url}
+  -filter {js-events}
+  -filter {content-cookies}
+  -filter {all-popups}
+  -filter {banners-by-link}
+  -filter {tiny-textforms}
+  -filter {frameset-borders}
+  -filter {demoronizer}
+  -filter {shockwave-flash}
+  -filter {quicktime-kioskmode}
+  -filter {fun}
+  -filter {crude-parental}
+  -filter {site-specifics}
+  -filter {js-annoyances}
+  -filter {html-annoyances}
+  +filter {refresh-tags}
+  -filter {unsolicited-popups}
+  +filter {img-reorder}
+  +filter {banners-by-size}
+  +filter {webbugs}
+  +filter {jumping-windows}
+  +filter {ie-exploits}
+  -filter {google}
+  -filter {yahoo}
+  -filter {msn}
+  -filter {blogspot}
+  -filter {no-ping}
+  -force-text-mode
+  -handle-as-empty-document
+  -handle-as-image 
+  -hide-accept-language
+  -hide-content-disposition  
+  +hide-from-header{block} 
+  +hide-referer{forge} 
+  -hide-user-agent 
+  -overwrite-last-modified
+  +prevent-compression 
+  -redirect
+  -server-header-filter{xml-to-html}
+  -server-header-filter{html-to-xml} 
+  +session-cookies-only 
+  +set-image-blocker{blank} }
+   /
+
+ { +block{Path contains "ads".} +handle-as-image }
+  /ads
+</screen>
+</para>
+
+<para>
+ Ooops, the <quote>/adsl/</quote> is matching <quote>/ads</quote> in our 
+ configuration! But we did not want this at all! Now we see why we get the
+ blank page. It is actually triggering two different actions here, and 
+ the effects are aggregated so that the URL is blocked, and &my-app; is told 
+ to treat the block as if it were an image. But this is, of course, all wrong.
+  We could now add a new action below this (or better in our own
+  <filename>user.action</filename> file) that explicitly
+  <emphasis>un</emphasis> blocks (
+  <link linkend="BLOCK"><quote>{-block}</quote></link>) paths with
+  <quote>adsl</quote> in them (remember, last match in the configuration
+  wins). There are various ways to handle such exceptions. Example:
+</para>
+
+<para>
+ <screen>
+
+ { -block }
+  /adsl
+</screen>
+</para>
+
+<para>
+ Now the page displays ;-) 
+ Remember to flush your browser's caches when making these kinds of changes to
+ your configuration to insure that you get a freshly delivered page! Or, try
+ using <literal>Shift+Reload</literal>.
+</para>
+
+<para>
+ But now what about a situation where we get no explicit matches like 
+ we did with:
+</para>
+
+<para>
+ <screen>
+
+ { +block{Path starts with "ads".} +handle-as-image }
+ /ads
+</screen>
+</para>
+
+<para>
+ That actually was very helpful and pointed us quickly to where the problem
+ was. If you don't get this kind of match, then it means one of the default 
+ rules in the first section of <filename>default.action</filename> is causing
+ the problem. This would require some guesswork, and maybe a little trial and
+ error to isolate the offending rule. One likely cause would be one of the
+ <link linkend="FILTER"><quote>+filter</quote></link> actions.
+ These tend to be harder to troubleshoot.
+ Try adding the URL for the site to one of aliases that turn off
+ <link linkend="FILTER"><quote>+filter</quote></link>:
+</para>
+
+<para>
+ <screen>
+
+ { shop }
+ .quietpc.com
+ .worldpay.com   # for quietpc.com
+ .jungle.com
+ .scan.co.uk
+ .forbes.com
+</screen>
+</para>
+
+<para>
+ <quote><literal>{ shop }</literal></quote> is an <quote>alias</quote> that expands to 
+ <quote><literal>{ -filter -session-cookies-only }</literal></quote>.
+ Or you could do your own exception to negate filtering:
+
+</para>
+
+<para>
+ <screen>
+
+ { -filter }
+ # Disable ALL filter actions for sites in this section
+ .forbes.com
+ developer.ibm.com
+ localhost
+</screen>
+</para>
+
+<para>
+ This would turn off all filtering for these sites. This is best
+ put in <filename>user.action</filename>, for local site
+ exceptions. Note that when a simple domain pattern is used by itself (without
+ the subsequent path portion), all sub-pages within that domain are included 
+ automatically in the scope of the action.
+</para>
+
+<para>
+ Images that are inexplicably being blocked, may well be hitting the 
+<link linkend="FILTER-BANNERS-BY-SIZE"><quote>+filter{banners-by-size}</quote></link>
+ rule, which assumes 
+ that images of certain sizes are ad banners (works well 
+ <emphasis>most of the time</emphasis>  since these tend to be standardized).
+</para>
+
+<para>
+ <quote><literal>{ fragile }</literal></quote> is an alias that disables most
+ actions that are the most likely to cause trouble. This can be used as a
+ last resort for problem sites. 
+</para> 
+<para>
+ <screen>
+
+ { fragile }
+ # Handle with care: easy to break
+ mail.google.
+ mybank.example.com</screen>
+</para>
+ 
+
+<para>
+ <emphasis>Remember to flush caches!</emphasis> Note that the 
+ <literal>mail.google</literal> reference lacks the TLD portion (e.g. 
+ <quote>.com</quote>). This will effectively match any TLD with 
+ <literal>google</literal> in it, such as <literal>mail.google.de.</literal>, 
+ just as an example.
+</para>
+<para> 
+ If this still does not work, you will have to go through the remaining
+ actions one by one to find which one(s) is causing the problem.
+</para>
+
+</sect2>
+
+</sect1>
+
+ <!--
+
+ This program is free software; you can redistribute it 
+ and/or modify it under the terms of the GNU General
+ Public License as published by the Free Software
+ Foundation; either version 2 of the License, or (at
+ your option) any later version.
+
+ This program is distributed in the hope that it will
+ be useful, but WITHOUT ANY WARRANTY; without even the
+ implied warranty of MERCHANTABILITY or FITNESS FOR A
+ PARTICULAR PURPOSE.  See the GNU General Public
+ License for more details.
+
+ The GNU General Public License should be included with
+ this file.  If not, you can view it at
+ http://www.gnu.org/copyleft/gpl.html
+ or write to the Free Software Foundation, Inc., 
+ 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, 
+ USA
+
+ $Log: user-manual.sgml,v $
+ Revision 2.103  2009/03/21 10:49:05  fabiankeil
+ Merge updated ChangeLog.
+
+ Revision 2.102  2009/03/15 19:31:36  fabiankeil
+ Update "What's New in this Release" section.
+
+ Revision 2.101  2009/02/25 19:01:56  fabiankeil
+ Fix typo.
+
+ Revision 2.100  2009/02/19 17:14:11  fabiankeil
+ - Copy the release cycle description from announce.txt into
+   the "What's New" section.
+ - Stop referring to the ChangeLog for a "complete list of changes".
+   The "What's New" section already contains the complete list.
+
+ Revision 2.99  2009/02/19 02:20:22  hal9
+ Make some links in seealso conditional. Man page is now privoxy only links.
+
+ Revision 2.98  2009/02/16 17:10:33  fabiankeil
+ Fix entry about shortened log messages. Noticed by Lee.
+
+ Revision 2.97  2009/02/14 18:01:00  fabiankeil
+ Import ChangeLog.
+
+ Revision 2.96  2009/02/14 13:14:03  fabiankeil
+ Unbreak syntax.
+
+ Revision 2.95  2009/02/14 12:51:26  fabiankeil
+ Mention match-all.action in the "Actions Files Tutorial" section.
+
+ Revision 2.94  2009/02/14 11:50:31  fabiankeil
+ Some indentation fixes.
+
+ Revision 2.93  2009/02/14 10:14:42  fabiankeil
+ Mention match-all.action in the action file descriptions.
+
+ Revision 2.92  2009/02/12 16:08:26  fabiankeil
+ Declare the code stable.
+
+ Revision 2.91  2009/01/13 16:50:35  fabiankeil
+ The standard.action file is gone.
+
+ Revision 2.90  2008/09/26 16:53:09  fabiankeil
+ Update "What's new" section.
+
+ Revision 2.89  2008/09/21 15:38:56  fabiankeil
+ Fix Portage tree sync instructions in Gentoo section.
+ Anonymously reported at ijbswa-developers at .
+
+ Revision 2.88  2008/09/21 14:42:52  fabiankeil
+ Add documentation for change-x-forwarded-for{},
+ remove documentation for hide-forwarded-for-headers.
+
+ Revision 2.87  2008/08/30 15:37:35  fabiankeil
+ Update entities.
+
+ Revision 2.86  2008/08/16 10:12:23  fabiankeil
+ Merge two sentences and move the URL to the end of the item.
+
+ Revision 2.85  2008/08/16 10:04:59  fabiankeil
+ Some more syntax fixes. This version actually builds.
+
+ Revision 2.84  2008/08/16 09:42:45  fabiankeil
+ Turns out building docs works better if the syntax is valid.
+
+ Revision 2.83  2008/08/16 09:32:02  fabiankeil
+ Mention changes since 3.0.9 beta.
+
+ Revision 2.82  2008/08/16 09:00:52  fabiankeil
+ Fix example URL pattern (once more with feeling).
+
+ Revision 2.81  2008/08/16 08:51:28  fabiankeil
+ Update version-related entities.
+
+ Revision 2.80  2008/07/18 16:54:30  fabiankeil
+ Remove erroneous whitespace in documentation link.
+ Reported by John Chronister in #2021611.
+
+ Revision 2.79  2008/06/27 18:00:53  markm68k
+ remove outdated startup information for mac os x
+
+ Revision 2.78  2008/06/21 17:03:03  fabiankeil
+ Fix typo.
+
+ Revision 2.77  2008/06/14 13:45:22  fabiankeil
+ Re-add a colon I unintentionally removed a few revisions ago.
+
+ Revision 2.76  2008/06/14 13:21:28  fabiankeil
+ Prepare for the upcoming 3.0.9 beta release.
+
+ Revision 2.75  2008/06/13 16:06:48  fabiankeil
+ Update the "What's New in this Release" section with
+ the ChangeLog entries changelog2doc.pl could handle.
+
+ Revision 2.74  2008/05/26 15:55:46  fabiankeil
+ - Update "default profiles" table.
+ - Add some more pcrs redirect examples and note that
+   enabling debug 128 helps to get redirects working.
+
+ Revision 2.73  2008/05/23 14:43:18  fabiankeil
+ Remove previously out-commented block that caused syntax problems.
+
+ Revision 2.72  2008/05/12 10:26:14  fabiankeil
+ Synchronize content filter descriptions with the ones in default.filter.
+
+ Revision 2.71  2008/04/10 17:37:16  fabiankeil
+ Actually we use "modern" POSIX 1003.2 regular
+ expressions in path patterns, not PCRE.
+
+ Revision 2.70  2008/04/10 15:59:12  fabiankeil
+ Add another section to the client-header-tagger example that shows
+ how to actually change the action settings once the tag is created.
+
+ Revision 2.69  2008/03/29 12:14:25  fabiankeil
+ Remove send-wafer and send-vanilla-wafer actions.
+
+ Revision 2.68  2008/03/28 15:13:43  fabiankeil
+ Remove inspect-jpegs action.
+
+ Revision 2.67  2008/03/27 18:31:21  fabiankeil
+ Remove kill-popups action.
+
+ Revision 2.66  2008/03/06 16:33:47  fabiankeil
+ If limit-connect isn't used, don't limit CONNECT requests to port 443.
+
+ Revision 2.65  2008/03/04 18:30:40  fabiankeil
+ Remove the treat-forbidden-connects-like-blocks action. We now
+ use the "blocked" page for forbidden CONNECT requests by default.
+
+ Revision 2.64  2008/03/01 14:10:28  fabiankeil
+ Use new block syntax. Still needs some polishing.
+
+ Revision 2.63  2008/02/22 05:50:37  markm68k
+ fix merge problem
+
+ Revision 2.62  2008/02/11 11:52:23  hal9
+ Fix entity ... s/&/&
+
+ Revision 2.61  2008/02/11 03:41:47  markm68k
+ more updates for mac os x
+
+ Revision 2.60  2008/02/11 03:40:25  markm68k
+ more updates for mac os x
+
+ Revision 2.59  2008/02/11 00:52:34  markm68k
+ reflect new changes for mac os x
+
+ Revision 2.58  2008/02/03 21:37:40  hal9
+ Apply patch from Mark: s/OSX/OS X/
+
+ Revision 2.57  2008/02/03 19:10:14  fabiankeil
+ Mention forward-socks5.
+
+ Revision 2.56  2008/01/31 19:11:35  fabiankeil
+ Let the +client-header-filter{hide-tor-exit-notation} example apply
+ to all requests as "tainted" Referers aren't limited to exit TLDs.
+
+ Revision 2.55  2008/01/19 21:26:37  hal9
+ Add IE7 to configuration section per Gerry.
+
+ Revision 2.54  2008/01/19 17:52:39  hal9
+ Re-commit to fix various minor issues for new release.
+
+ Revision 2.53  2008/01/19 15:03:05  hal9
+ Doc sources tagged for 3.0.8 release.
+
+ Revision 2.52  2008/01/17 01:49:51  hal9
+ Change copyright notice for docs s/2007/2008/. All these will be rebuilt soon
+ enough.
+
+ Revision 2.51  2007/12/23 16:48:24  fabiankeil
+ Use more precise example descriptions for the mysterious domain patterns.
+
+ Revision 2.50  2007/12/08 12:44:36  fabiankeil
+ - Remove already commented out pre-3.0.7 changes.
+ - Update the "new log defaults" paragraph.
+
+ Revision 2.49  2007/12/06 18:21:55  fabiankeil
+ Update hide-forwarded-for-headers description.
+
+ Revision 2.48  2007/11/24 19:07:17  fabiankeil
+ - Mention request rewriting.
+ - Enable the conditional-forge paragraph.
+ - Minor rewordings.
+
+ Revision 2.47  2007/11/18 14:59:47  fabiankeil
+ A few "Note to Upgraders" updates.
+
+ Revision 2.46  2007/11/17 17:24:44  fabiankeil
+ - Use new action defaults.
+ - Minor fixes and rewordings.
+
+ Revision 2.45  2007/11/16 11:48:46  hal9
+ Fix one typo, and add a couple of small refinements.
+
+ Revision 2.44  2007/11/15 03:30:20  hal9
+ Results of spell check.
+
+ Revision 2.43  2007/11/14 18:45:39  fabiankeil
+ - Mention some more contributors in the "New in this Release" list.
+ - Minor rewordings.
+
+ Revision 2.42  2007/11/12 03:32:40  hal9
+ Updates for "What's New" and "Notes to Upgraders". Various other changes in
+ preparation for new release. User Manual is almost ready.
+
+ Revision 2.41  2007/11/11 16:32:11  hal9
+ This is primarily syncing What's New and Note to Upgraders sections with the many
+ new features and changes (gleaned from memory but mostly from ChangeLog).
+
+ Revision 2.40  2007/11/10 17:10:59  fabiankeil
+ In the first third of the file, mention several times that
+ the action editor is disabled by default in 3.0.7 beta and later.
+
+ Revision 2.39  2007/11/05 02:34:49  hal9
+ Various changes in preparation for the upcoming release. Much yet to be done.
+
+ Revision 2.38  2007/09/22 16:01:42  fabiankeil
+ Update embedded show-url-info output.
+
+ Revision 2.37  2007/08/27 16:09:55  fabiankeil
+ Fix pre-chroot-nslookup description which I failed to
+ copy and paste properly. Reported by Stephen Gildea.
+
+ Revision 2.36  2007/08/26 16:47:14  fabiankeil
+ Add Stephen Gildea's pre-chroot-nslookup patch [#1276666],
+ extensive comments moved to user manual.
+
+ Revision 2.35  2007/08/26 14:59:49  fabiankeil
+ Minor rewordings and fixes.
+
+ Revision 2.34  2007/08/05 15:19:50  fabiankeil
+ - Don't claim HTTP/1.1 compliance.
+ - Use $ in some of the path pattern examples.
+ - Use a hide-user-agent example argument without
+   leading and trailing space.
+ - Make it clear that the cookie actions work with
+   HTTP cookies only.
+ - Rephrase the inspect-jpegs text to underline
+   that it's only meant to protect against a single
+   exploit.
+
+ Revision 2.33  2007/07/27 10:57:35  hal9
+ Add references for user-agent strings for hide-user-agenet
+
+ Revision 2.32  2007/06/07 12:36:22  fabiankeil
+ Apply Roland's 29_usermanual.dpatch to fix a bunch
+ of syntax errors I collected over the last months.
+
+ Revision 2.31  2007/06/02 14:01:37  fabiankeil
+ Start to document forward-override{}.
+
+ Revision 2.30  2007/04/25 15:10:36  fabiankeil
+ - Describe installation for FreeBSD.
+ - Start to document taggers and tag patterns.
+ - Don't confuse devils and daemons.
+
+ Revision 2.29  2007/04/05 11:47:51  fabiankeil
+ Some updates regarding header filtering,
+ handling of compressed content and redirect's
+ support for pcrs commands.
+
+ Revision 2.28  2006/12/10 23:42:48  hal9
+ Fix various typos reported by Adam P. Thanks.
+
+ Revision 2.27  2006/11/14 01:57:47  hal9
+ Dump all docs prior to 3.0.6 release. Various minor changes to faq and user
+ manual.
+
+ Revision 2.26  2006/10/24 11:16:44  hal9
+ Add new filters.
+
+ Revision 2.25  2006/10/18 10:50:33  hal9
+ Add note that since filters are off in Cautious, compression is ON. Turn off
+ compression to make filters work on all sites.
+
+ Revision 2.24  2006/10/03 11:13:54  hal9
+ More references to the new filters. Include html this time around.
+
+ Revision 2.23  2006/10/02 22:43:53  hal9
+ Contains new filter definitions from Fabian, and few other miscellaneous
+ touch-ups.
+
+ Revision 2.22  2006/09/22 01:27:55  hal9
+ Final commit of probably various minor changes here and there. Unless
+ something changes this should be ready for pending release.
+
+ Revision 2.21  2006/09/20 03:21:36  david__schmidt
+ Just the tiniest tweak.  Wafer thin!
+
+ Revision 2.20  2006/09/10 14:53:54  hal9
+ Results of spell check. User manual has some updates to standard.actions file
+ info.
+
+ Revision 2.19  2006/09/08 12:19:02  fabiankeil
+ Adjust hide-if-modified-since example values
+ to reflect the recent changes.
+
+ Revision 2.18  2006/09/08 02:38:57  hal9
+ Various changes:
+  -Fix a number of broken links.
+  -Migrate the new Windows service command line options, and reference as
+   needed.
+  -Rebuild so that can be used with the new "user-manual" config capabilities.
+  -Etc.
+
+ Revision 2.17  2006/09/05 13:25:12  david__schmidt
+ Add Windows service invocation stuff (duplicated) in FAQ and in user manual under Windows startup.  One probably ought to reference the other.
+
+ Revision 2.16  2006/09/02 12:49:37  hal9
+ Various small updates for new actions, filterfiles, etc.
+
+ Revision 2.15  2006/08/30 11:15:22  hal9
+ More work on the new actions, especially filter-*-headers, and What's New
+ section. User Manual is close to final form for 3.0.4 release. Some tinkering
+ and proof reading left to do.
+
+ Revision 2.14  2006/08/29 10:59:36  hal9
+ Add a "Whats New in this release" Section. Further work on multiple filter
+ files, and assorted other minor changes.
+
+ Revision 2.13  2006/08/22 11:04:59  hal9
+ Silence warnings and errors. This should build now. New filters were only
+ stubbed in. More to be done.
+
+ Revision 2.12  2006/08/14 08:40:39  fabiankeil
+ Documented new actions that were part of
+ the "minor Privoxy improvements".
+
+ Revision 2.11  2006/07/18 14:48:51  david__schmidt
+ Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ with what was really the latest development (the v_3_0_branch branch)
+
+ Revision 1.123.2.43  2005/05/23 09:59:10  hal9
+ Fix typo 'loose'
+
+ Revision 1.123.2.42  2004/12/04 14:39:57  hal9
+ Fix two minor typos per bug SF report.
+
+ Revision 1.123.2.41  2004/03/23 12:58:42  oes
+ Fixed an inaccuracy
+
+ Revision 1.123.2.40  2004/02/27 12:48:49  hal9
+ Add comment re: redirecting to local file system for set-image-blocker may
+ is dependent on browser.
+
+ Revision 1.123.2.39  2004/01/30 22:31:40  oes
+ Added a hint re bookmarklets to Quickstart section
+
+ Revision 1.123.2.38  2004/01/30 16:47:51  oes
+ Some minor clarifications
+
+ Revision 1.123.2.37  2004/01/29 22:36:11  hal9
+ Updates for no longer filtering text/plain, and demoronizer default settings,
+ and copyright notice dates.
+
+ Revision 1.123.2.36  2003/12/10 02:26:26  hal9
+ Changed the demoronizer filter description.
+
+ Revision 1.123.2.35  2003/11/06 13:36:37  oes
+ Updated link to nightly CVS tarball
+
+ Revision 1.123.2.34  2003/06/26 23:50:16  hal9
+ Add a small bit on filtering and problems re: source code being corrupted.
+
+ Revision 1.123.2.33  2003/05/08 18:17:33  roro
+ Use apt-get instead of dpkg to install Debian package, which is more
+ solid, uses the correct and most recent Debian version automatically.
+
+ Revision 1.123.2.32  2003/04/11 03:13:57  hal9
+ Add small note about only one filterfile (as opposed to multiple actions
+ files).
+
+ Revision 1.123.2.31  2003/03/26 02:03:43  oes
+ Updated hard-coded copyright dates
+
+ Revision 1.123.2.30  2003/03/24 12:58:56  hal9
+ Add new section on Predefined Filters.
+
+ Revision 1.123.2.29  2003/03/20 02:45:29  hal9
+ More problems with \-\-chroot causing markup problems :(
+
+ Revision 1.123.2.28  2003/03/19 00:35:24  hal9
+ Manual edit of revision log because 'chroot' (even inside a comment) was
+ causing Docbook to hang here (due to double hyphen and the processor thinking
+ it was a comment).
+
+ Revision 1.123.2.27  2003/03/18 19:37:14  oes
+ s/Advanced|Radical/Adventuresome/g to avoid complaints re fun filter
+
+ Revision 1.123.2.26  2003/03/17 16:50:53  oes
+ Added documentation for new chroot option
+
+ Revision 1.123.2.25  2003/03/15 18:36:55  oes
+ Adapted to the new filters
+
+ Revision 1.123.2.24  2002/11/17 06:41:06  hal9
+ Move default profiles table from FAQ to U-M, and other minor related changes.
+ Add faq on cookies.
+
+ Revision 1.123.2.23  2002/10/21 02:32:01  hal9
+ Updates to the user.action examples section. A few new ones.
+
+ Revision 1.123.2.22  2002/10/12 00:51:53  hal9
+ Add demoronizer to filter section.
+
+ Revision 1.123.2.21  2002/10/10 04:09:35  hal9
+ s/Advanced/Radical/ and added very brief note.
+
+ Revision 1.123.2.20  2002/10/10 03:49:21  hal9
+ Add notes to session-cookies-only and Quickstart about pre-existing
+ cookies. Also, note content-cookies work differently.
+
+ Revision 1.123.2.19  2002/09/26 01:25:36  hal9
+ More explanation on Privoxy patterns, more on content-cookies and SSL.
+
+ Revision 1.123.2.18  2002/08/22 23:47:58  hal9
+ Add 'Documentation' to Privoxy Menu shot in Configuration section to match
+ CGIs.
+
+ Revision 1.123.2.17  2002/08/18 01:13:05  hal9
+ Spell checked (only one typo this time!).
+
+ Revision 1.123.2.16  2002/08/09 19:20:54  david__schmidt
+ Update to Mac OS X startup script name
+
+ Revision 1.123.2.15  2002/08/07 17:32:11  oes
+ Converted some internal links from ulink to link for PDF creation; no content changed
+
+ Revision 1.123.2.14  2002/08/06 09:16:13  oes
+ Nits re: actions file download
+
+ Revision 1.123.2.13  2002/08/02 18:23:19  g_sauthoff
+ Just 2 small corrections to the Gentoo sections
+
+ Revision 1.123.2.12  2002/08/02 18:17:21  g_sauthoff
+ Added 2 Gentoo sections
+
+ Revision 1.123.2.11  2002/07/26 15:20:31  oes
+ - Added version info to title
+ - Added info on new filters
+ - Revised parts of the filter file tutorial
+ - Added info on where to get updated actions files
+
+ Revision 1.123.2.10  2002/07/25 21:42:29  hal9
+ Add brief notes on not proxying non-HTTP protocols.
+
+ Revision 1.123.2.9  2002/07/11 03:40:28  david__schmidt
+
+ Updated Mac OS X sections due to installation location change
+
+ Revision 1.123.2.8  2002/06/09 16:36:32  hal9
+ Clarifications on filtering and MIME. Hardcode 'latest release' in index.html.
+
+ Revision 1.123.2.7  2002/06/09 00:29:34  hal9
+ Touch ups on filtering, in actions section and Anatomy.
+
+ Revision 1.123.2.6  2002/06/06 23:11:03  hal9
+ Fix broken link. Linkchecked all docs.
+
+ Revision 1.123.2.5  2002/05/29 02:01:02  hal9
+ This is break out of the entire config section from u-m, so it can
+ eventually be used to generate the comments, etc in the main config file
+ so that these are in sync with each other.
+
+ Revision 1.123.2.4  2002/05/27 03:28:45  hal9
+ Ooops missed something from David.
+
+ Revision 1.123.2.3  2002/05/27 03:23:17  hal9
+ Fix FIXMEs for OS2 and Mac OS X startup. Fix Redhat typos (should be Red Hat).
+ That's a wrap, I think.
+
+ Revision 1.123.2.2  2002/05/26 19:02:09  hal9
+ Move Amiga stuff around to take of FIXME in start up section.
+
+ Revision 1.123.2.1  2002/05/26 17:04:25  hal9
+ -Spellcheck, very minor edits, and sync across branches
+
+ Revision 1.123  2002/05/24 23:19:23  hal9
+ Include new image (Proxy setup). More fun with guibutton.
+ Minor corrections/clarifications here and there.
+
+ Revision 1.122  2002/05/24 13:24:08  oes
+ Added Bookmarklet for one-click pre-filled access to show-url-info
+
+ Revision 1.121  2002/05/23 23:20:17  oes
+  - Changed more (all?) references to actions to the
+    <literal><link> style.
+  - Small fixes in the actions chapter
+  - Small clarifications in the quickstart to ad blocking
+  - Removed <emphasis> from <title>s since the new doc CSS
+    renders them red (bad in TOC).
+
+ Revision 1.120  2002/05/23 19:16:43  roro
+ Correct Debian specials (installation and startup).
+
+ Revision 1.119  2002/05/22 17:17:05  oes
+ Added Security hint
+
+ Revision 1.118  2002/05/21 04:54:55  hal9
+ -New Section: Quickstart to Ad Blocking
+ -Reformat Actions Anatomy to match new CGI layout
+
+ Revision 1.117  2002/05/17 13:56:16  oes
+  - Reworked & extended Templates chapter
+  - Small changes to Regex appendix
+  - #included authors.sgml into (C) and hist chapter
+
+ Revision 1.116  2002/05/17 03:23:46  hal9
+ Fixing merge conflict in Quickstart section.
+
+ Revision 1.115  2002/05/16 16:25:00  oes
+ Extended the Filter File chapter & minor fixes
+
+ Revision 1.114  2002/05/16 09:42:50  oes
+ More ulink->link, added some hints to Quickstart section
+
+ Revision 1.113  2002/05/15 21:07:25  oes
+ Extended and further commented the example actions files
+
+ Revision 1.112  2002/05/15 03:57:14  hal9
+ Spell check. A few minor edits here and there for better syntax and
+ clarification.
+
+ Revision 1.111  2002/05/14 23:01:36  oes
+ Fixing the fixes   
+
+ Revision 1.110  2002/05/14 19:10:45  oes
+ Restored alphabetical order of actions
+
+ Revision 1.109  2002/05/14 17:23:11  oes
+ Renamed the prevent-*-cookies actions, extended aliases section and moved it before the example AFs
+
+ Revision 1.108  2002/05/14 15:29:12  oes
+ Completed proofreading the actions chapter
+
+ Revision 1.107  2002/05/12 03:20:41  hal9
+ Small clarifications for 127.0.0.1 vs localhost for listen-address since this
+ apparently an important distinction for some OS's.
+
+ Revision 1.106  2002/05/10 01:48:20  hal9
+ This is mostly proposed copyright/licensing additions and changes. Docs
+ are still GPL, but licensing and copyright are more visible. Also, copyright
+ changed in doc header comments (eliminate references to JB except FAQ).
+
+ Revision 1.105  2002/05/05 20:26:02  hal9
+ Sorting out license vs copyright in these docs.
+
+ Revision 1.104  2002/05/04 08:44:45  swa
+ bumped version
+
+ Revision 1.103  2002/05/04 00:40:53  hal9
+ -Remove the TOC first page kludge. It's fixed proper now in ldp.dsl.in.
+ -Some minor additions to Quickstart.
+
+ Revision 1.102  2002/05/03 17:46:00  oes
+ Further proofread & reactivated short build instructions
+
+ Revision 1.101  2002/05/03 03:58:30  hal9
+ Move the user-manual config directive to top of section. Add note about
+ Privoxy needing read permissions for configs, and write for logs.
+
+ Revision 1.100  2002/04/29 03:05:55  hal9
+ Add clarification on differences of new actions files.
+
+ Revision 1.99  2002/04/28 16:59:05  swa
+ more structure in starting section
+
+ Revision 1.98  2002/04/28 05:43:59  hal9
+ This is the break up of configuration.html into multiple files. This
+ will probably break links elsewhere :(
+
+ Revision 1.97  2002/04/27 21:04:42  hal9
+ -Rewrite of Actions File example.
+ -Add section for user-manual directive in config.
+
+ Revision 1.96  2002/04/27 05:32:00  hal9
+ -Add short section to Filter Files to tie in with +filter action.
+ -Start rewrite of examples in Actions Examples (not finished).
+
+ Revision 1.95  2002/04/26 17:23:29  swa
+ bookmarks cleaned, changed structure of user manual, screen and programlisting cleanups, and numerous other changes that I forgot
+
+ Revision 1.94  2002/04/26 05:24:36  hal9
+ -Add most of Andreas suggestions to Chain of Events section.
+ -A few other minor corrections and touch up.
+
+ Revision 1.92  2002/04/25 18:55:13  hal9
+ More catchups on new actions files, and new actions names.
+ Other assorted cleanups, and minor modifications.
+
+ Revision 1.91  2002/04/24 02:39:31  hal9
+ Add 'Chain of Events' section.
+
+ Revision 1.90  2002/04/23 21:41:25  hal9
+ Linuxconf is deprecated on RH, substitute chkconfig.
+
+ Revision 1.89  2002/04/23 21:05:28  oes
+ Added hint for startup on Red Hat
+
+ Revision 1.88  2002/04/23 05:37:54  hal9
+ Add AmigaOS install stuff.
+
+ Revision 1.87  2002/04/23 02:53:15  david__schmidt
+ Updated Mac OS X installation section
+ Added a few English tweaks here an there
+
+ Revision 1.86  2002/04/21 01:46:32  hal9
+ Re-write actions section.
+
+ Revision 1.85  2002/04/18 21:23:23  hal9
+ Fix ugly typo (mine).
+
+ Revision 1.84  2002/04/18 21:17:13  hal9
+ Spell Redhat correctly (ie Red Hat). A few minor grammar corrections.
+
+ Revision 1.83  2002/04/18 18:21:12  oes
+ Added RPM install detail
+
+ Revision 1.82  2002/04/18 12:04:50  oes
+ Cosmetics
+
+ Revision 1.81  2002/04/18 11:50:24  oes
+ Extended Install section - needs fixing by packagers
+
+ Revision 1.80  2002/04/18 10:45:19  oes
+ Moved text to buildsource.sgml, renamed some filters, details
+
+ Revision 1.79  2002/04/18 03:18:06  hal9
+ Spellcheck, and minor touchups.
+
+ Revision 1.78  2002/04/17 18:04:16  oes
+ Proofreading part 2
+
+ Revision 1.77  2002/04/17 13:51:23  oes
+ Proofreading, part one
+
+ Revision 1.76  2002/04/16 04:25:51  hal9
+ -Added 'Note to Upgraders' and re-ordered the 'Quickstart' section.
+ -Note about proxy may need requests to re-read config files.
+
+ Revision 1.75  2002/04/12 02:08:48  david__schmidt
+ Remove OS/2 building info... it is already in the developer-manual
+
+ Revision 1.74  2002/04/11 00:54:38  hal9
+ Add small section on submitting actions.
+
+ Revision 1.73  2002/04/10 18:45:15  swa
+ generated
+
+ Revision 1.72  2002/04/10 04:06:19  hal9
+ Added actions feedback  to Bookmarklets section
+
+ Revision 1.71  2002/04/08 22:59:26  hal9
+ Version update. Spell chkconfig correctly :)
+
+ Revision 1.70  2002/04/08 20:53:56  swa
+ ?
+
+ Revision 1.69  2002/04/06 05:07:29  hal9
+ -Add privoxy-man-page.sgml, for man page.
+ -Add authors.sgml for AUTHORS (and p-authors.sgml)
+ -Reworked various aspects of various docs.
+ -Added additional comments to sub-docs.
+
+ Revision 1.68  2002/04/04 18:46:47  swa
+ consistent look. reuse of copyright, history et. al.
+
+ Revision 1.67  2002/04/04 17:27:57  swa
+ more single file to be included at multiple points. make maintaining easier
+
+ Revision 1.66  2002/04/04 06:48:37  hal9
+ Structural changes to allow for conditional inclusion/exclusion of content
+ based on entity toggles, e.g. 'entity % p-not-stable  "INCLUDE"'. And
+ definition of internal entities, e.g. 'entity p-version "2.9.13"' that will
+ eventually be set by Makefile.
+ More boilerplate text for use across multiple docs.
+
+ Revision 1.65  2002/04/03 19:52:07  swa
+ enhance squid section due to user suggestion
+
+ Revision 1.64  2002/04/03 03:53:43  hal9
+ A few minor bug fixes, and touch ups. Ready for review.
+
+ Revision 1.63  2002/04/01 16:24:49  hal9
+ Define entities to include boilerplate text. See doc/source/*.
+
+ Revision 1.62  2002/03/30 04:15:53  hal9
+ - Fix privoxy.org/config links.
+ - Paste in Bookmarklets from Toggle page.
+ - Move Quickstart nearer top, and minor rework.
+
+ Revision 1.61  2002/03/29 01:31:08  hal9
+ Minor update.
+
+ Revision 1.60  2002/03/27 01:57:34  hal9
+ Added more to Anatomy section.
+
+ Revision 1.59  2002/03/27 00:54:33  hal9
+ Touch up intro for new name.
+
+ Revision 1.58  2002/03/26 22:29:55  swa
+ we have a new homepage!
+
+ Revision 1.57  2002/03/24 20:33:30  hal9
+ A few minor catch ups with name change.
+
+ Revision 1.56  2002/03/24 16:17:06  swa
+ configure needs to be generated.
+
+ Revision 1.55  2002/03/24 16:08:08  swa
+ we are too lazy to make a block-built
+ privoxy logo. hence removed the option.
+
+ Revision 1.54  2002/03/24 15:46:20  swa
+ name change related issue.
+
+ Revision 1.53  2002/03/24 11:51:00  swa
+ name change. changed filenames.
+
+ Revision 1.52  2002/03/24 11:01:06  swa
+ name change
+
+ Revision 1.51  2002/03/23 15:13:11  swa
+ renamed every reference to the old name with foobar.
+ fixed "application foobar application" tag, fixed
+ "the foobar" with "foobar". left junkbustser in cvs
+ comments and remarks to history untouched.
+
+ Revision 1.50  2002/03/23 05:06:21  hal9
+ Touch up.
+
+ Revision 1.49  2002/03/21 17:01:05  hal9
+ New section in Appendix.
+
+ Revision 1.48  2002/03/12 06:33:01  hal9
+ Catching up to Andreas and re_filterfile changes.
+
+ Revision 1.47  2002/03/11 13:13:27  swa
+ correct feedback channels
+
+ Revision 1.46  2002/03/10 00:51:08  hal9
+ Added section on JB internal pages in Appendix.
+
+ Revision 1.45  2002/03/09 17:43:53  swa
+ more distros
+
+ Revision 1.44  2002/03/09 17:08:48  hal9
+ New section on Jon's actions file editor, and move some stuff around.
+
+ Revision 1.43  2002/03/08 00:47:32  hal9
+ Added imageblock{pattern}.
+
+ Revision 1.42  2002/03/07 18:16:55  swa
+ looks better
+
+ Revision 1.41  2002/03/07 16:46:43  hal9
+ Fix a few markup problems for jade.
+
+ Revision 1.40  2002/03/07 16:28:39  swa
+ provide correct feedback channels
+
+ Revision 1.39  2002/03/06 16:19:28  hal9
+ Note on perceived filtering slowdown per FR.
+
+ Revision 1.38  2002/03/05 23:55:14  hal9
+ Stupid I did it again. Double hyphen in comment breaks jade.
+
+ Revision 1.37  2002/03/05 23:53:49  hal9
+ jade barfs on '- -' embedded in comments. - -user option broke it.
+
+ Revision 1.36  2002/03/05 22:53:28  hal9
+ Add new - - user option.
+
+ Revision 1.35  2002/03/05 00:17:27  hal9
+ Added section on command line options.
+
+ Revision 1.34  2002/03/04 19:32:07  oes
+ Changed default port to 8118
+
+ Revision 1.33  2002/03/03 19:46:13  hal9
+ Emphasis on where/how to report bugs, etc
+
+ Revision 1.32  2002/03/03 09:26:06  joergs
+ AmigaOS changes, config is now loaded from PROGDIR: instead of
+ AmiTCP:db/junkbuster/ if no configuration file is specified on the
+ command line.
+
+ Revision 1.31  2002/03/02 22:45:52  david__schmidt
+ Just tweaking
+
+ Revision 1.30  2002/03/02 22:00:14  hal9
+ Updated 'New Features' list. Ran through spell-checker.
+
+ Revision 1.29  2002/03/02 20:34:07  david__schmidt
+ Update OS/2 build section
+
+ Revision 1.28  2002/02/24 14:34:24  jongfoster
+ Formatting changes.  Now changing the doctype to DocBook XML 4.1
+ will work - no other changes are needed.
+
+ Revision 1.27  2002/01/11 14:14:32  hal9
+ Added a very short section on Templates
+
+ Revision 1.26  2002/01/09 20:02:50  hal9
+ Fix bug re: auto-detect config file changes.
+
+ Revision 1.25  2002/01/09 18:20:30  hal9
+ Touch ups for *.action files.
+
+ Revision 1.24  2001/12/02 01:13:42  hal9
+ Fix typo.
+
+ Revision 1.23  2001/12/02 00:20:41  hal9
+ Updates for recent changes.
+
+ Revision 1.22  2001/11/05 23:57:51  hal9
+ Minor update for startup now daemon mode.
+
+ Revision 1.21  2001/10/31 21:11:03  hal9
+ Correct 2 minor errors
+
+ Revision 1.18  2001/10/24 18:45:26  hal9
+ *** empty log message ***
+
+ Revision 1.17  2001/10/24 17:10:55  hal9
+ Catching up with Jon's recent work, and a few other things.
+
+ Revision 1.16  2001/10/21 17:19:21  swa
+ wrong url in documentation
+
+ Revision 1.15  2001/10/14 23:46:24  hal9
+ Various minor changes. Fleshed out SEE ALSO section.
+
+ Revision 1.13  2001/10/10 17:28:33  hal9
+ Very minor changes.
+
+ Revision 1.12  2001/09/28 02:57:04  hal9
+ Ditto :/
+
+ Revision 1.11  2001/09/28 02:25:20  hal9
+ Ditto.
+
+ Revision 1.9  2001/09/27 23:50:29  hal9
+ A few changes. A short section on regular expression in appendix.
+
+ Revision 1.8  2001/09/25 00:34:59  hal9
+ Some additions, and re-arranging.
+
+ Revision 1.7  2001/09/24 14:31:36  hal9
+ Diddling.
+
+ Revision 1.6  2001/09/24 14:10:32  hal9
+ Including David's OS/2 installation instructions.
+
+ Revision 1.2  2001/09/13 15:27:40  swa
+ cosmetics
+
+ Revision 1.1  2001/09/12 15:36:41  swa
+ source files for junkbuster documentation
+
+ Revision 1.3  2001/09/10 17:43:59  swa
+ first proposal of a structure.
+
+ Revision 1.2  2001/06/13 14:28:31  swa
+ docs should have an author.
+
+ Revision 1.1  2001/06/13 14:20:37  swa
+ first import of project's documentation for the webserver.
+
+ -->
+
+</article>
diff --git a/external/privoxy/doc/source/webserver/index.sgml b/external/privoxy/doc/source/webserver/index.sgml
new file mode 100644
index 0000000..ef63867
--- /dev/null
+++ b/external/privoxy/doc/source/webserver/index.sgml
@@ -0,0 +1,372 @@
+<!DOCTYPE article PUBLIC "-//OASIS//DTD DocBook V3.1//EN" [
+<!entity % dummy "IGNORE"> 
+<!entity p-intro SYSTEM "privoxy.sgml">
+<!entity contacting SYSTEM "contacting.sgml">
+<!entity history SYSTEM "history.sgml">
+<!entity copyright SYSTEM "copyright.sgml">
+<!entity license SYSTEM "license.sgml">
+<!entity p-version "3.0.11">
+<!entity p-status "stable">
+<!entity % p-not-stable "IGNORE">
+<!entity % p-stable "INCLUDE">
+<!entity  my-copy "©">        <!-- kludge for docbook2man            -->
+<!entity % p-homepage "IGNORE">    <!-- toggle for webserver index.html   -->
+<!entity % p-index "IGNORE">       <!-- toggle for local doc index        -->
+]>
+<!--
+ File        :  $Source: /cvsroot/ijbswa/current/doc/source/webserver/index.sgml,v $
+
+ Purpose     :  Index file of the project's homepage and also documentation index
+                This file belongs into
+                ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/
+                
+ $Id: index.sgml,v 2.9 2009/02/19 14:12:02 fabiankeil Exp $
+
+ Copyright (C) 2001-2009 Privoxy Developers <ijbswa-developers at lists.sourceforge.net>
+ See LICENSE.
+
+ ========================================================================
+ NOTE: Please read developer-manual/documentation.html before touching 
+ anything in this, or other Privoxy documentation. 
+ ========================================================================
+
+ Note: This is the Privoxy home page *and* builds a page that can be 
+ used with local documentation as a focal point for docs or other points
+ of interest. The Makefile is adding additional meta data and content via
+ perl.
+
+ Generates: index.html, for webserver home page.
+            privoxy-index.html, for packaging with docs
+ 
+-->
+
+<article id="index">
+<artheader>
+ <title>Privoxy - <![%p-homepage;[Home Page]]><![%p-index;[The Privacy Enhancing Proxy]]></title>
+ <![%p-index;[<subtitle>Project Index Page v&p-version;</subtitle>]]>
+
+<!-- copyright is at bottom of page -->
+
+ <keywordset>
+  <keyword>privoxy</keyword> <keyword>HTTP</keyword> <keyword>proxy</keyword> <keyword>privacy</keyword>
+  <keyword>popups</keyword>  <keyword>po-ups</keyword> <keyword>HTML</keyword> <keyword>JavaScript</keyword>
+  <keyword>cleaning</keyword> <keyword>blocking</keyword> <keyword>cleaner</keyword> <keyword>blocker</keyword>
+  <keyword>filter</keyword> <keyword>proxy</keyword> <keyword>junk</keyword> <keyword>ad</keyword>
+  <keyword>advertisement</keyword> <keyword>banner</keyword> <keyword>webbugs</keyword>
+  <keyword>web-bugs</keyword> <keyword>werbung</keyword> <keyword>junkbusters</keyword>
+  <keyword>junkbuster</keyword>
+ </keywordset>
+
+ <abstract>
+
+<![%dummy;[
+  <para>
+   <comment>
+    This is here to keep vim syntax file from breaking :/
+    If I knew enough to fix it, I would.
+    PLEASE DO NOT REMOVE! HB: hal at foobox.net
+   </comment>
+  </para>
+]]>
+
+<!-- Include privoxy.sgml boilerplate: -->
+  &p-intro;
+<!-- end boilerplate -->
+
+<![%p-homepage;[
+  <para>
+   The most recent release is <ulink url="announce.txt">&p-version; (&p-status;)</ulink>. 
+  </para>
+]]>
+
+ </abstract>
+</artheader>
+
+<!--   ~~~~~       New section      ~~~~~     -->
+
+
+<sect1 renderas="sect2" id="download" label=""><title>Download</title>
+<para>
+ <itemizedlist>
+  <listitem>
+   <para>
+    <ulink url="https://sourceforge.net/project/showfiles.php?group_id=11118">Download recent releases</ulink>
+   </para>
+  </listitem>
+ <!-- 
+ deprecated
+  <listitem>
+   <para>
+    <ulink url="http://cvs.sourceforge.net/cvstarballs/ijbswa-cvsroot.tar.bz2">Download the latest CVS snapshot (source tarball)</ulink>
+   </para>
+  </listitem>
+ --> 
+  <listitem>
+   <para>
+    <ulink url="user-manual/quickstart.html">Quickstart after installation</ulink>
+   </para>
+  </listitem>
+ </itemizedlist>
+</para>
+</sect1>
+
+<sect1 renderas="sect2" id="docs" label=""><title>Documentation</title>
+<para>
+ <itemizedlist>
+  <listitem>
+   <para>
+    <ulink url="user-manual/index.html">User manual</ulink>
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    <ulink url="faq/index.html">Frequently Asked Questions</ulink>
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    <ulink url="developer-manual/index.html">Developer Manual</ulink>
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    <ulink url="man-page/privoxy-man-page.html">Classic Man Page</ulink>
+   </para>
+  </listitem>
+ </itemizedlist>
+</para>
+</sect1>
+
+<sect1 renderas="sect2" id="moreinfo" label=""><title>More information</title>
+<para>
+ <itemizedlist>
+  <listitem>
+   <para>
+    <ulink url="user-manual/contact.html">Support & Service</ulink>
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    <ulink url="user-manual/copyright.html">Copyright, License, History & Authors</ulink>
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    <ulink url="user-manual/introduction.html#FEATURES">List of (new) Features</ulink>
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    <ulink url="https://sourceforge.net/projects/ijbswa/">The project page</ulink>
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    <ulink url="user-manual/seealso.html">Related links</ulink>
+   </para>
+  </listitem>
+  <listitem>
+   <para>
+    <!-- please leave this link absolute so this file can be bundled with -->
+    <!-- documentation and still used locally -->
+    <ulink url="http://privoxy.org/team/index.html">Pictures of the Privoxy Team</ulink>
+   </para>
+  </listitem>
+ </itemizedlist>
+</para>
+</sect1>
+
+<![%p-homepage;[
+<!--   ~~~~~       New section      ~~~~~     -->
+<sect1 label="">
+<!-- dummy section, for spacing -->
+<title></title>
+<para>
+<!-- show the SF logo per AUP -->
+<informaltable frame=none label="" pgwide="1">
+ <tgroup cols=1 align="center" colsep=1 rowsep=1>
+  <colspec colname=c1 align="center">
+  <tbody>
+   <row>
+    <entry align="center">Privoxy is developed on:</entry>
+   </row>
+   <row>
+    <entry align="center">
+     <ulink url="http://sourceforge.net/">
+      <inlinegraphic  fileref="http://sourceforge.net/sflogo.php?group_id=11118&type=1&dummy=.gif"></inlinegraphic>
+     </ulink>
+    </entry>
+   </row>
+  </tbody>
+ </tgroup>
+</informaltable>
+</para>
+]]>
+
+<!--
+<informalfigure pgwide="1">
+ <ulink url="http://sourceforge.net/">
+  <inlinegraphic align="center" fileref="http://sourceforge.net/sflogo.php?group_id=11118&type=1&dummy=.gif"></inlinegraphic>
+ </ulink>
+</informalfigure>
+-->
+
+
+<![%p-index;[
+<sect1 label=""><title></title>
+<!-- dummy section for layout and spacing -->
+]]>
+
+<!-- Formal copyright markup does not work here. HB. -->
+<!-- NOTE: I could not get docbook to completely ignore © -->
+<!-- GNUMakefile is inserting this now -->
+<para>
+ <subscript>
+  Copyright __copy 2001-2009 by Privoxy Developers
+ </subscript>
+</para>
+
+</sect1>
+ 
+ <!--
+
+ This program is free software; you can redistribute it 
+ and/or modify it under the terms of the GNU General
+ Public License as published by the Free Software
+ Foundation; either version 2 of the License, or (at
+ your option) any later version.
+
+ This program is distributed in the hope that it will
+ be useful, but WITHOUT ANY WARRANTY; without even the
+ implied warranty of MERCHANTABILITY or FITNESS FOR A
+ PARTICULAR PURPOSE.  See the GNU General Public
+ License for more details.
+
+ The GNU General Public License should be included with
+ this file.  If not, you can view it at
+ http://www.gnu.org/copyleft/gpl.html
+ or write to the Free Software Foundation, Inc., 59
+ Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+
+ $Log: index.sgml,v $
+ Revision 2.9  2009/02/19 14:12:02  fabiankeil
+ Change link to the project page to https://.
+
+ Revision 2.8  2009/02/12 16:09:44  fabiankeil
+ Declare the code stable.
+
+ Revision 2.7  2009/01/13 16:50:36  fabiankeil
+ The standard.action file is gone.
+
+ Revision 2.6  2008/08/16 08:51:28  fabiankeil
+ Update version-related entities.
+
+ Revision 2.5  2008/06/18 17:42:13  fabiankeil
+ - Remove link to soon-to-be-removed PDFs.
+ - Use https for the download URL.
+ - Update copyright year.
+
+ Revision 2.4  2006/08/28 01:08:57  hal9
+ Remove reference to defunct nightly cvs tarballs.
+
+ Revision 2.3  2006/07/18 14:48:51  david__schmidt
+ Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ with what was really the latest development (the v_3_0_branch branch)
+
+ Revision 1.16.2.12  2004/01/30 14:33:41  oes
+ Vi(m) syntax voodoo now hidden; copyright updated
+
+ Revision 1.16.2.11  2003/08/16 12:16:30  hal9
+ Update cvs tarball URL (to bz2)
+
+ Revision 1.16.2.10  2003/03/28 03:33:09  hal9
+ Include link for announce.txt, and change handling of ©.
+
+ Revision 1.16.2.9  2003/03/26 02:03:45  oes
+ Updated hard-coded copyright dates
+
+ Revision 1.16.2.8  2002/08/16 03:05:42  hal9
+ Put all pdf docs in a zip archive now.
+
+ Revision 1.16.2.7  2002/08/14 16:40:00  hal9
+ Add links to pdf docs.
+
+ Revision 1.16.2.6  2002/07/26 15:22:15  oes
+ Most recent release now inserted automatically (again)
+
+ Revision 1.16.2.5  2002/06/09 18:59:16  hal9
+ Correct typo.
+
+ Revision 1.16.2.4  2002/06/09 16:36:33  hal9
+ Clarifications on filtering and MIME. Hardcode 'latest release' in index.html.
+
+ Revision 1.16.2.3  2002/05/28 02:31:38  hal9
+ New file, privoxy-index.html, for bundling with documentation. Built from
+ index.sgml, like homepage, but with content toggles more suitable for this use.
+
+ Revision 1.16.2.2  2002/05/26 22:04:46  hal9
+ Add several comments, and reworded 'most recent release', ie we don't officially
+ release odd numbered versions.
+
+ Revision 1.16.2.1  2002/05/26 17:40:02  hal9
+ Make team pictures link absolute for docs.
+
+ Revision 1.16  2002/05/24 10:06:31  oes
+ Nit
+
+ Revision 1.15  2002/05/24 00:02:05  oes
+ Tried to make more useful and concise:
+   Reordered, no more TOC, link to instead of include info,
+   added some links. Should we use the free space to better
+   describe what Privoxy is good for?
+
+ Revision 1.14  2002/05/10 01:48:20  hal9
+ This is mostly proposed copyright/licensing additions and changes. Docs
+ are still GPL, but licensing and copyright are more visible. Also, copyright
+ changed in doc header comments (eliminate references to JB except FAQ).
+
+ Revision 1.13  2002/05/05 20:29:59  hal9
+ Ooops, fixing an accidental delete of title element.
+
+ Revision 1.12  2002/05/05 20:26:02  hal9
+ Sorting out license vs copyright in these docs.
+
+ Revision 1.11  2002/05/04 08:44:45  swa
+ bumped version
+
+ Revision 1.10  2002/04/26 17:24:31  swa
+ bookmarks cleaned, changed structure of user manual, screen and programlisting cleanups, and numerous other changes that I forgot
+
+ Revision 1.9  2002/04/14 01:00:07  hal9
+ Fix the logo properly with docbook.
+
+ Revision 1.7  2002/04/12 10:11:53  swa
+ changed bookmarklet text so that users can easily find the bookmark
+
+ Revision 1.6  2002/04/12 08:34:18  swa
+ added link to new page
+
+ Revision 1.5  2002/04/12 02:05:19  david__schmidt
+ Tiny English fix: infos -> info
+ Add copyright date 2002
+
+ Revision 1.4  2002/04/08 20:42:07  swa
+ fixed JB spelling
+
+ Revision 1.3  2002/04/07 20:27:18  hal9
+ Fix meta data.
+
+ Revision 1.2  2002/04/07 09:06:45  swa
+ users can now completely browse offline
+
+ Revision 1.1  2002/04/07 08:10:48  swa
+ create some of the webserver docs
+ automatically (in particular if
+ those docs recycle other documentation
+ fragments). Now committed webserver's
+ index file.
+
+
+ -->
+
+</article>
diff --git a/external/privoxy/doc/webserver/README.txt b/external/privoxy/doc/webserver/README.txt
new file mode 100644
index 0000000..4221e3a
--- /dev/null
+++ b/external/privoxy/doc/webserver/README.txt
@@ -0,0 +1,9 @@
+All files contained in this directory should eventually be
+on the project's homepage 
+
+   ijbswa.sourceforge.net:/home/groups/i/ij/ijbswa/htdocs/
+
+which is indeed http://ijbswa.sourceforge.net 
+and http://www.privoxy.org/.
+
+-Stefan, April 2002
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/announce.txt b/external/privoxy/doc/webserver/announce.txt
new file mode 100644
index 0000000..be37205
--- /dev/null
+++ b/external/privoxy/doc/webserver/announce.txt
@@ -0,0 +1,126 @@
+                 Announcing Privoxy v.3.0.12
+-----------------------------------------------------------------
+
+Privoxy 3.0.12-stable is primarily a bugfix release.
+
+See http://www.privoxy.org/3.0.12/user-manual/whatsnew.html for details.
+
+--------------------------------------------------------------------
+ChangeLog for Privoxy
+--------------------------------------------------------------------
+*** Version 3.0.12  ***
+
+- The socket-timeout option now also works on platforms whose
+  select() implementation modifies the timeout structure.
+  Previously the timeout was triggered even if the connection
+  didn't stall. Reported by cyberpatrol.
+- The Connection: keep-alive code properly deals with files
+  larger than 2GB. Previously the connection was closed too
+  early.
+- The content length for files above 2GB is logged correctly.
+- The user-manual directive on the show-status page links to
+  the documentation location specified with the directive,
+  not to the Privoxy website.
+- When running in daemon mode, Privoxy doesn't log anything
+  to the console unless there are errors before the logfile
+  has been opened.
+- The show-status page prints warnings about invalid directives
+  on the same line as the directives themselves.
+- Fixed several justified (but harmless) compiler warnings,
+  mostly on 64 bit platforms.
+- The mingw32 version explicitly requests the default charset
+  to prevent display problems with some fonts available on more
+  recent Windows versions. Patch by Burberry.
+- The mingw32 version uses the Privoxy icon in the alt-tab
+  windows. Patch by Burberry.
+- The timestamp and the thread id is omitted in the "Fatal error"
+  message box on mingw32.
+- Fixed two related mingw32-only buffer overflows. Triggering
+  them required control over the configuration file, therefore
+  this isn't seen as a security issue.
+- In verbose mode, or if the new option --show-skipped-tests
+  is used, Privoxy-Regression-Test logs skipped tests and the
+  skip reason.
+
+
+-----------------------------------------------------------------
+About Privoxy:
+-----------------------------------------------------------------
+
+Privoxy is a non-caching web proxy with advanced filtering capabilities for
+enhancing privacy, modifying web page data and HTTP headers, controlling
+access, and removing ads and other obnoxious Internet junk. Privoxy has a
+flexible configuration and can be customized to suit individual needs and
+tastes. It has application for both stand-alone systems and multi-user
+networks.
+
+Privoxy is Free Software and licensed under the GPL2.
+
+Privoxy is an associated project of Software in the Public Interest (SPI).
+Donations are welcome: http://www.privoxy.org/faq/general.html#DONATE
+
+At present, Privoxy is known to run on Windows(95, 98, ME, 2000,
+XP, Vista), Linux (Ubuntu, RedHat, SuSE, Debian, Fedora, Gentoo and
+others), Mac OSX, OS/2, AmigaOS, FreeBSD, NetBSD, OpenBSD, Solaris, and
+various other flavors of Unix.
+
+In addition to the core features of ad blocking and cookie management,
+Privoxy provides many supplemental features, that give the end-user
+more control, more privacy and more freedom:
+
+
+    *  Can keep outgoing connections alive and reuse them later on.
+
+    *  Supports tagging which allows to change the behaviour based on client
+       and server headers.
+
+    *  Can be run as an "intercepting" proxy, which obviates the need to
+       configure browsers individually.
+
+    *  Sophisticated actions and filters for manipulating both server and
+       client headers.
+
+    *  Can be chained with other proxies.
+
+    *  Integrated browser based configuration and control utility at
+       http://config.privoxy.org/ (shortcut: http://p.p/). Browser-based
+       tracing of rule and filter effects. Remote toggling.
+
+    *  Web page filtering (text replacements, removes banners based on size,
+       invisible "web-bugs", JavaScript and HTML annoyances, pop-up windows,
+       etc.)
+
+    *  Modularized configuration that allows for standard settings and user
+       settings to reside in separate files, so that installing updated actions
+       files won't overwrite individual user settings.
+
+    *  Support for Perl Compatible Regular Expressions in the configuration
+       files, and a more sophisticated and flexible configuration syntax.
+
+    *  Improved cookie management features (e.g. session based cookies).
+
+    *  GIF de-animation.
+
+    *  Bypass many click-tracking scripts (avoids script redirection).
+
+    *  Multi-threaded (POSIX and native threads).
+
+    *  User-customizable HTML templates for most proxy-generated pages (e.g.
+       "blocked" page).
+
+    *  Auto-detection and re-reading of config file changes.
+
+    *  Improved signal handling, and a true daemon mode (Unix).
+    
+    *  Every feature now controllable on a per-site or per-location basis,
+       configuration more powerful and versatile over-all.
+    
+
+Download location: 
+   http://sourceforge.net/project/showfiles.php?group_id=11118
+ 
+Home Page: 
+   http://www.privoxy.org/
+
+
+  - Privoxy Developers <ijbswa-developers at lists.sourceforge.net>
diff --git a/external/privoxy/doc/webserver/developer-manual/coding.html b/external/privoxy/doc/webserver/developer-manual/coding.html
new file mode 100644
index 0000000..48259ed
--- /dev/null
+++ b/external/privoxy/doc/webserver/developer-manual/coding.html
@@ -0,0 +1,2602 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Coding Guidelines</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy Developer Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Documentation Guidelines"
+HREF="documentation.html"><LINK
+REL="NEXT"
+TITLE="Testing Guidelines"
+HREF="testing.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy Developer Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="documentation.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="testing.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="CODING"
+>4. Coding Guidelines</A
+></H1
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="S1"
+>4.1. Introduction</A
+></H2
+><P
+>This set of standards is designed to make our lives easier.  It is
+    developed with the simple goal of helping us keep the "new and improved
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>" consistent and reliable. Thus making
+    maintenance easier and increasing chances of success of the
+    project.</P
+><P
+>And that of course comes back to us as individuals. If we can
+    increase our development and product efficiencies then we can solve more
+    of the request for changes/improvements and in general feel good about
+    ourselves. ;-></P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="S2"
+>4.2. Using Comments</A
+></H2
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S3"
+>4.2.1. Comment, Comment, Comment</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>Comment as much as possible without commenting the obvious.
+    For example do not comment "variable_a is equal to variable_b".
+    Instead explain why variable_a should be equal to the variable_b.
+    Just because a person can read code does not mean they will
+    understand why or what is being done. A reader may spend a lot
+    more time figuring out what is going on when a simple comment
+    or explanation would have prevented the extra research. Please
+    help your brother IJB'ers out!</P
+><P
+>The comments will also help justify the intent of the code.
+    If the comment describes something different than what the code
+    is doing then maybe a programming error is occurring.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>/* if page size greater than 1k ... */
+if ( page_length() > 1024 )
+{
+    ... "block" the page up ...
+}
+
+/* if page size is small, send it in blocks */
+if ( page_length() > 1024 )
+{
+    ... "block" the page up ...
+}
+
+This demonstrates 2 cases of "what not to do".  The first is a
+"syntax comment".  The second is a comment that does not fit what
+is actually being done.</PRE
+></TD
+></TR
+></TABLE
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S4"
+>4.2.2. Use blocks for comments</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>Comments can help or they can clutter. They help when they
+    are differentiated from the code they describe. One line
+    comments do not offer effective separation between the comment
+    and the code. Block identifiers do, by surrounding the code
+    with a clear, definable pattern.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>/*********************************************************************
+ * This will stand out clearly in your code!
+ *********************************************************************/
+if ( this_variable == that_variable )
+{
+   do_something_very_important();
+}
+
+
+/* unfortunately, this may not */
+if ( this_variable == that_variable )
+{
+   do_something_very_important();
+}
+
+
+if ( this_variable == that_variable ) /* this may not either */
+{
+   do_something_very_important();
+}</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Exception:</I
+></SPAN
+></P
+><P
+>If you are trying to add a small logic comment and do not
+    wish to "disrupt" the flow of the code, feel free to use a 1
+    line comment which is NOT on the same line as the code.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S5"
+>4.2.3. Keep Comments on their own line</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>It goes back to the question of readability. If the comment
+    is on the same line as the code it will be harder to read than
+    the comment that is on its own line.</P
+><P
+>There are three exceptions to this rule, which should be
+    violated freely and often: during the definition of variables,
+    at the end of closing braces, when used to comment
+    parameters.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>/*********************************************************************
+ * This will stand out clearly in your code,
+ * But the second example won't.
+ *********************************************************************/
+if ( this_variable == this_variable )
+{
+   do_something_very_important();
+}
+
+if ( this_variable == this_variable ) /*can you see me?*/
+{
+   do_something_very_important(); /*not easily*/
+}
+
+
+/*********************************************************************
+ * But, the encouraged exceptions:
+ *********************************************************************/
+int urls_read     = 0;     /* # of urls read + rejected */
+int urls_rejected = 0;     /* # of urls rejected */
+
+if ( 1 == X )
+{
+   do_something_very_important();
+}
+
+
+short do_something_very_important(
+   short firstparam,   /* represents something */
+   short nextparam     /* represents something else */ )
+{
+   ...code here...
+
+}   /* -END- do_something_very_important */</PRE
+></TD
+></TR
+></TABLE
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S6"
+>4.2.4. Comment each logical step</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>Logical steps should be commented to help others follow the
+    intent of the written code and comments will make the code more
+    readable.</P
+><P
+>If you have 25 lines of code without a comment, you should
+    probably go back into it to see where you forgot to put
+    one.</P
+><P
+>Most "for", "while", "do", etc... loops _probably_ need a
+    comment. After all, these are usually major logic
+    containers.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S7"
+>4.2.5. Comment All Functions Thoroughly</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>A reader of the code should be able to look at the comments
+    just prior to the beginning of a function and discern the
+    reason for its existence and the consequences of using it. The
+    reader should not have to read through the code to determine if
+    a given function is safe for a desired use. The proper
+    information thoroughly presented at the introduction of a
+    function not only saves time for subsequent maintenance or
+    debugging, it more importantly aids in code reuse by allowing a
+    user to determine the safety and applicability of any function
+    for the problem at hand. As a result of such benefits, all
+    functions should contain the information presented in the
+    addendum section of this document.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S8"
+>4.2.6. Comment at the end of braces if the
+    content is more than one screen length</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>Each closing brace should be followed on the same line by a
+    comment that describes the origination of the brace if the
+    original brace is off of the screen, or otherwise far away from
+    the closing brace. This will simplify the debugging,
+    maintenance, and readability of the code.</P
+><P
+>As a suggestion , use the following flags to make the
+    comment and its brace more readable:</P
+><P
+>use following a closing brace: } /* -END- if() or while ()
+    or etc... */</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>if ( 1 == X )
+{
+   do_something_very_important();
+   ...some long list of commands...
+} /* -END- if x is 1 */
+
+or:
+
+if ( 1 == X )
+{
+   do_something_very_important();
+   ...some long list of commands...
+} /* -END- if ( 1 == X ) */</PRE
+></TD
+></TR
+></TABLE
+></DIV
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="S9"
+>4.3. Naming Conventions</A
+></H2
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S10"
+>4.3.1. Variable Names</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>Use all lowercase, and separate words via an underscore
+    ('_'). Do not start an identifier with an underscore. (ANSI C
+    reserves these for use by the compiler and system headers.) Do
+    not use identifiers which are reserved in ANSI C++. (E.g.
+    template, class, true, false, ...). This is in case we ever
+    decide to port Privoxy to C++.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>int ms_iis5_hack = 0;</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Instead of:</I
+></SPAN
+></P
+><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>int msiis5hack = 0; int msIis5Hack = 0;</PRE
+></TD
+></TR
+></TABLE
+></P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S11"
+>4.3.2. Function Names</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>Use all lowercase, and separate words via an underscore
+    ('_'). Do not start an identifier with an underscore. (ANSI C
+    reserves these for use by the compiler and system headers.) Do
+    not use identifiers which are reserved in ANSI C++. (E.g.
+    template, class, true, false, ...). This is in case we ever
+    decide to port Privoxy to C++.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>int load_some_file( struct client_state *csp )</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Instead of:</I
+></SPAN
+></P
+><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>int loadsomefile( struct client_state *csp )
+int loadSomeFile( struct client_state *csp )</PRE
+></TD
+></TR
+></TABLE
+></P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S12"
+>4.3.3. Header file prototypes</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>Use a descriptive parameter name in the function prototype
+    in header files. Use the same parameter name in the header file
+    that you use in the c file.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>(.h) extern int load_aclfile( struct client_state *csp );
+(.c) int load_aclfile( struct client_state *csp )</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Instead of:</I
+></SPAN
+>
+<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>(.h) extern int load_aclfile( struct client_state * ); or 
+(.h) extern int load_aclfile(); 
+(.c) int load_aclfile( struct client_state *csp )</PRE
+></TD
+></TR
+></TABLE
+></P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S13"
+>4.3.4. Enumerations, and #defines</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>Use all capital letters, with underscores between words. Do
+    not start an identifier with an underscore. (ANSI C reserves
+    these for use by the compiler and system headers.)</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>(enumeration) : enum Boolean { FALSE, TRUE };
+(#define) : #define DEFAULT_SIZE 100;</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Note:</I
+></SPAN
+> We have a standard naming scheme for #defines
+    that toggle a feature in the preprocessor: FEATURE_>, where
+    > is a short (preferably 1 or 2 word) description.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>#define FEATURE_FORCE 1
+
+#ifdef FEATURE_FORCE
+#define FORCE_PREFIX blah
+#endif /* def FEATURE_FORCE */</PRE
+></TD
+></TR
+></TABLE
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S14"
+>4.3.5. Constants</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>Spell common words out entirely (do not remove vowels).</P
+><P
+>Use only widely-known domain acronyms and abbreviations.
+    Capitalize all letters of an acronym.</P
+><P
+>Use underscore (_) to separate adjacent acronyms and
+    abbreviations. Never terminate a name with an underscore.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>#define USE_IMAGE_LIST 1</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Instead of:</I
+></SPAN
+></P
+><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>#define USE_IMG_LST 1 or 
+#define _USE_IMAGE_LIST 1 or
+#define USE_IMAGE_LIST_ 1 or 
+#define use_image_list 1 or
+#define UseImageList 1</PRE
+></TD
+></TR
+></TABLE
+></P
+></DIV
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="S15"
+>4.4. Using Space</A
+></H2
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S16"
+>4.4.1. Put braces on a line by themselves.</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>The brace needs to be on a line all by itself, not at the
+    end of the statement. Curly braces should line up with the
+    construct that they're associated with. This practice makes it
+    easier to identify the opening and closing braces for a
+    block.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>if ( this == that )
+{
+   ...
+}</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Instead of:</I
+></SPAN
+></P
+><P
+>if ( this == that ) { ... }</P
+><P
+>or</P
+><P
+>if ( this == that ) { ... }</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Note:</I
+></SPAN
+> In the special case that the if-statement is
+    inside a loop, and it is trivial, i.e. it tests for a
+    condition that is obvious from the purpose of the block,
+    one-liners as above may optically preserve the loop structure
+    and make it easier to read.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Status:</I
+></SPAN
+> developer-discretion.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example exception:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>while ( more lines are read )
+{
+   /* Please document what is/is not a comment line here */
+   if ( it's a comment ) continue;
+
+   do_something( line );
+}</PRE
+></TD
+></TR
+></TABLE
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S17"
+>4.4.2. ALL control statements should have a
+    block</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>Using braces to make a block will make your code more
+    readable and less prone to error. All control statements should
+    have a block defined.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>if ( this == that )
+{
+   do_something();
+   do_something_else();
+}</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Instead of:</I
+></SPAN
+></P
+><P
+>if ( this == that ) do_something(); do_something_else();</P
+><P
+>or</P
+><P
+>if ( this == that ) do_something();</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Note:</I
+></SPAN
+> The first example in "Instead of" will execute
+    in a manner other than that which the developer desired (per
+    indentation). Using code braces would have prevented this
+    "feature". The "explanation" and "exception" from the point
+    above also applies.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S18"
+>4.4.3. Do not belabor/blow-up boolean
+    expressions</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>structure->flag = ( condition );</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Instead of:</I
+></SPAN
+></P
+><P
+>if ( condition ) { structure->flag = 1; } else {
+    structure->flag = 0; }</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Note:</I
+></SPAN
+> The former is readable and concise. The later
+    is wordy and inefficient. Please assume that any developer new
+    to the project has at least a "good" knowledge of C/C++. (Hope
+    I do not offend by that last comment ... 8-)</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S19"
+>4.4.4. Use white space freely because it is
+    free</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>Make it readable. The notable exception to using white space
+    freely is listed in the next guideline.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>int first_value   = 0;
+int some_value    = 0;
+int another_value = 0;
+int this_variable = 0;
+
+if ( this_variable == this_variable )
+
+first_value = old_value + ( ( some_value - another_value ) - whatever )</PRE
+></TD
+></TR
+></TABLE
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S20"
+>4.4.5. Don't use white space around structure
+    operators</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>- structure pointer operator ( "->" ) - member operator (
+    "." ) - functions and parentheses</P
+><P
+>It is a general coding practice to put pointers, references,
+    and function parentheses next to names. With spaces, the
+    connection between the object and variable/function name is not
+    as clear.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>a_struct->a_member;
+a_struct.a_member;
+function_name();</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Instead of:</I
+></SPAN
+> a_struct -> a_member; a_struct . a_member;
+    function_name ();</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S21"
+>4.4.6. Make the last brace of a function stand
+    out</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>int function1( ... )
+{
+   ...code...
+   return( ret_code );
+
+}   /* -END- function1 */
+
+
+int function2( ... )
+{
+}   /* -END- function2 */</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Instead of:</I
+></SPAN
+></P
+><P
+>int function1( ... ) { ...code... return( ret_code ); } int
+    function2( ... ) { }</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Note:</I
+></SPAN
+> Use 1 blank line before the closing brace and 2
+    lines afterward. This makes the end of function standout to
+    the most casual viewer. Although function comments help
+    separate functions, this is still a good coding practice. In
+    fact, I follow these rules when using blocks in "for", "while",
+    "do" loops, and long if {} statements too. After all whitespace
+    is free!</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Status:</I
+></SPAN
+> developer-discretion on the number of blank
+    lines. Enforced is the end of function comments.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S22"
+>4.4.7. Use 3 character indentions</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>If some use 8 character TABs and some use 3 character TABs,
+    the code can look *very* ragged. So use 3 character indentions
+    only. If you like to use TABs, pass your code through a filter
+    such as "expand -t3" before checking in your code.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>static const char * const url_code_map[256] =
+{
+   NULL, ...
+};
+
+
+int function1( ... )
+{
+   if ( 1 )
+   {
+      return( ALWAYS_TRUE );
+   }
+   else
+   {
+      return( HOW_DID_YOU_GET_HERE );
+   }
+
+   return( NEVER_GETS_HERE );
+
+}</PRE
+></TD
+></TR
+></TABLE
+></DIV
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="S23"
+>4.5. Initializing</A
+></H2
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S24"
+>4.5.1. Initialize all variables</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>Do not assume that the variables declared will not be used
+    until after they have been assigned a value somewhere else in
+    the code. Remove the chance of accidentally using an unassigned
+    variable.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>short a_short = 0;
+float a_float  = 0;
+struct *ptr = NULL;</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Note:</I
+></SPAN
+> It is much easier to debug a SIGSEGV if the
+    message says you are trying to access memory address 00000000
+    and not 129FA012; or array_ptr[20] causes a SIGSEV vs.
+    array_ptr[0].</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Status:</I
+></SPAN
+> developer-discretion if and only if the
+    variable is assigned a value "shortly after" declaration.</P
+></DIV
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="S25"
+>4.6. Functions</A
+></H2
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S26"
+>4.6.1. Name functions that return a boolean as a
+    question.</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>Value should be phrased as a question that would logically
+    be answered as a true or false statement</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>should_we_block_this();
+contains_an_image();
+is_web_page_blank();</PRE
+></TD
+></TR
+></TABLE
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S27"
+>4.6.2. Always specify a return type for a
+    function.</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>The default return for a function is an int. To avoid
+    ambiguity, create a return for a function when the return has a
+    purpose, and create a void return type if the function does not
+    need to return anything.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S28"
+>4.6.3. Minimize function calls when iterating by
+    using variables</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>It is easy to write the following code, and a clear argument
+    can be made that the code is easy to understand:</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>for ( size_t cnt = 0; cnt < block_list_length(); cnt++ )
+{
+   ....
+}</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Note:</I
+></SPAN
+> Unfortunately, this makes a function call for
+    each and every iteration. This increases the overhead in the
+    program, because the compiler has to look up the function each
+    time, call it, and return a value. Depending on what occurs in
+    the block_list_length() call, it might even be creating and
+    destroying structures with each iteration, even though in each
+    case it is comparing "cnt" to the same value, over and over.
+    Remember too - even a call to block_list_length() is a function
+    call, with the same overhead.</P
+><P
+>Instead of using a function call during the iterations,
+    assign the value to a variable, and evaluate using the
+    variable.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>size_t len = block_list_length();
+
+for ( size_t cnt = 0; cnt < len; cnt++ )
+{
+   ....
+}</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Exceptions:</I
+></SPAN
+> if the value of block_list_length()
+    *may* change or could *potentially* change, then you must code the
+    function call in the for/while loop.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S29"
+>4.6.4. Pass and Return by Const Reference</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>This allows a developer to define a const pointer and call
+    your function. If your function does not have the const
+    keyword, we may not be able to use your function. Consider
+    strcmp, if it were defined as: extern int strcmp( char *s1,
+    char *s2 );</P
+><P
+>I could then not use it to compare argv's in main: int main(
+    int argc, const char *argv[] ) { strcmp( argv[0], "privoxy"
+    ); }</P
+><P
+>Both these pointers are *const*! If the c runtime library
+    maintainers do it, we should too.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S30"
+>4.6.5. Pass and Return by Value</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>Most structures cannot fit onto a normal stack entry (i.e.
+    they are not 4 bytes or less). Aka, a function declaration
+    like: int load_aclfile( struct client_state csp )</P
+><P
+>would not work. So, to be consistent, we should declare all
+    prototypes with "pass by value": int load_aclfile( struct
+    client_state *csp )</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S31"
+>4.6.6. Names of include files</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>Your include statements should contain the file name without
+    a path. The path should be listed in the Makefile, using -I as
+    processor directive to search the indicated paths. An exception
+    to this would be for some proprietary software that utilizes a
+    partial path to distinguish their header files from system or
+    other header files.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>#include <iostream.h>     /* This is not a local include */
+#include "config.h"       /* This IS a local include */</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Exception:</I
+></SPAN
+></P
+><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>/* This is not a local include, but requires a path element. */ 
+#include <sys/fileName.h></PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Note:</I
+></SPAN
+> Please! do not add "-I." to the Makefile
+    without a _very_ good reason. This duplicates the #include
+    "file.h" behavior.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S32"
+>4.6.7. Provide multiple inclusion
+    protection</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>Prevents compiler and linker errors resulting from
+    redefinition of items.</P
+><P
+>Wrap each header file with the following syntax to prevent
+    multiple inclusions of the file. Of course, replace PROJECT_H
+    with your file name, with "." Changed to "_", and make it
+    uppercase.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>#ifndef PROJECT_H_INCLUDED
+#define PROJECT_H_INCLUDED
+ ...
+#endif /* ndef PROJECT_H_INCLUDED */</PRE
+></TD
+></TR
+></TABLE
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S33"
+>4.6.8. Use `extern "C"` when appropriate</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>If our headers are included from C++, they must declare our
+    functions as `extern "C"`. This has no cost in C, but increases
+    the potential re-usability of our code.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>#ifdef __cplusplus
+extern "C"
+{
+#endif /* def __cplusplus */
+
+... function definitions here ...
+
+#ifdef __cplusplus
+}
+#endif /* def __cplusplus */</PRE
+></TD
+></TR
+></TABLE
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S34"
+>4.6.9. Where Possible, Use Forward Struct
+    Declaration Instead of Includes</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>Useful in headers that include pointers to other struct's.
+    Modifications to excess header files may cause needless
+    compiles.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>/*********************************************************************
+ * We're avoiding an include statement here!
+ *********************************************************************/
+struct file_list;
+extern file_list *xyz;</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Note:</I
+></SPAN
+> If you declare "file_list xyz;" (without the
+    pointer), then including the proper header file is necessary.
+    If you only want to prototype a pointer, however, the header
+    file is unnecessary.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Status:</I
+></SPAN
+> Use with discretion.</P
+></DIV
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="S35"
+>4.7. General Coding Practices</A
+></H2
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S36"
+>4.7.1. Turn on warnings</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation</I
+></SPAN
+></P
+><P
+>Compiler warnings are meant to help you find bugs. You
+    should turn on as many as possible. With GCC, the switch is
+    "-Wall". Try and fix as many warnings as possible.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S37"
+>4.7.2. Provide a default case for all switch
+    statements</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>What you think is guaranteed is never really guaranteed. The
+    value that you don't think you need to check is the one that
+    someday will be passed. So, to protect yourself from the
+    unknown, always have a default step in a switch statement.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>switch( hash_string( cmd ) )
+{
+   case hash_actions_file :
+      ... code ...
+      break;
+
+   case hash_confdir :
+      ... code ...
+      break;
+
+   default :
+      log_error( ... );
+      ... anomaly code goes here ...
+      continue; / break; / exit( 1 ); / etc ...
+
+} /* end switch( hash_string( cmd ) ) */</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Note:</I
+></SPAN
+> If you already have a default condition, you
+    are obviously exempt from this point. Of note, most of the
+    WIN32 code calls `DefWindowProc' after the switch statement.
+    This API call *should* be included in a default statement.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Another Note:</I
+></SPAN
+> This is not so much a readability issue
+    as a robust programming issue. The "anomaly code goes here" may
+    be no more than a print to the STDERR stream (as in
+    load_config). Or it may really be an abort condition.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Status:</I
+></SPAN
+> Programmer discretion is advised.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S38"
+>4.7.3. Try to avoid falling through cases in a
+    switch statement.</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>In general, you will want to have a 'break' statement within
+    each 'case' of a switch statement. This allows for the code to
+    be more readable and understandable, and furthermore can
+    prevent unwanted surprises if someone else later gets creative
+    and moves the code around.</P
+><P
+>The language allows you to plan the fall through from one
+    case statement to another simply by omitting the break
+    statement within the case statement. This feature does have
+    benefits, but should only be used in rare cases. In general,
+    use a break statement for each case statement.</P
+><P
+>If you choose to allow fall through, you should comment both
+    the fact of the fall through and reason why you felt it was
+    necessary.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S39"
+>4.7.4. Use 'long' or 'short' Instead of
+    'int'</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>On 32-bit platforms, int usually has the range of long. On
+    16-bit platforms, int has the range of short.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Status:</I
+></SPAN
+> open-to-debate. In the case of most FSF
+    projects (including X/GNU-Emacs), there are typedefs to int4,
+    int8, int16, (or equivalence ... I forget the exact typedefs
+    now). Should we add these to IJB now that we have a "configure"
+    script?</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S40"
+>4.7.5. Don't mix size_t and other types</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>The type of size_t varies across platforms. Do not make
+    assumptions about whether it is signed or unsigned, or about
+    how long it is. Do not compare a size_t against another
+    variable of a different type (or even against a constant)
+    without casting one of the values.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S41"
+>4.7.6. Declare each variable and struct on its
+    own line.</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>It can be tempting to declare a series of variables all on
+    one line. Don't.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>long a = 0;
+long b = 0;
+long c = 0;</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Instead of:</I
+></SPAN
+></P
+><P
+>long a, b, c;</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+> - there is more room for comments on the
+    individual variables - easier to add new variables without
+    messing up the original ones - when searching on a variable to
+    find its type, there is less clutter to "visually"
+    eliminate</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Exceptions:</I
+></SPAN
+> when you want to declare a bunch of loop
+    variables or other trivial variables; feel free to declare them
+    on one line. You should, although, provide a good comment on
+    their functions.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Status:</I
+></SPAN
+> developer-discretion.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S42"
+>4.7.7. Use malloc/zalloc sparingly</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>Create a local struct (on the stack) if the variable will
+    live and die within the context of one function call.</P
+><P
+>Only "malloc" a struct (on the heap) if the variable's life
+    will extend beyond the context of one function call.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>If a function creates a struct and stores a pointer to it in a
+list, then it should definitely be allocated via `malloc'.</PRE
+></TD
+></TR
+></TABLE
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S43"
+>4.7.8. The Programmer Who Uses 'malloc' is
+    Responsible for Ensuring 'free'</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>If you have to "malloc" an instance, you are responsible for
+    insuring that the instance is `free'd, even if the deallocation
+    event falls within some other programmer's code. You are also
+    responsible for ensuring that deletion is timely (i.e. not too
+    soon, not too late). This is known as "low-coupling" and is a
+    "good thing (tm)". You may need to offer a
+    free/unload/destructor type function to accommodate this.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>int load_re_filterfile( struct client_state *csp ) { ... }
+static void unload_re_filterfile( void *f ) { ... }</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Exceptions:</I
+></SPAN
+></P
+><P
+>The developer cannot be expected to provide `free'ing
+    functions for C run-time library functions ... such as
+    `strdup'.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Status:</I
+></SPAN
+> developer-discretion. The "main" use of this
+    standard is for allocating and freeing data structures (complex
+    or nested).</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S44"
+>4.7.9. Add loaders to the `file_list' structure
+    and in order</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>I have ordered all of the "blocker" file code to be in alpha
+    order. It is easier to add/read new blockers when you expect a
+    certain order.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Note:</I
+></SPAN
+> It may appear that the alpha order is broken in
+    places by POPUP tests coming before PCRS tests. But since
+    POPUPs can also be referred to as KILLPOPUPs, it is clear that
+    it should come first.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="S45"
+>4.7.10. "Uncertain" new code and/or changes to
+    existing code, use FIXME or XXX</A
+></H3
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Explanation:</I
+></SPAN
+></P
+><P
+>If you have enough confidence in new code or confidence in
+    your changes, but are not *quite* sure of the repercussions,
+    add this:</P
+><P
+>/* FIXME: this code has a logic error on platform XYZ, *
+    attempting to fix */ #ifdef PLATFORM ...changed code here...
+    #endif</P
+><P
+>or:</P
+><P
+>/* FIXME: I think the original author really meant this...
+    */ ...changed code here...</P
+><P
+>or:</P
+><P
+>/* FIXME: new code that *may* break something else... */
+    ...new code here...</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Note:</I
+></SPAN
+> If you make it clear that this may or may not
+    be a "good thing (tm)", it will be easier to identify and
+    include in the project (or conversely exclude from the
+    project).</P
+></DIV
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="S46"
+>4.8. Addendum: Template for files and function
+    comment blocks:</A
+></H2
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example for file comments:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>const char FILENAME_rcs[] = "$Id: coding.html,v 1.42 2009/03/21 12:59:32 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/doc/webserver/developer-manual/coding.html,v $
+ *
+ * Purpose     :  (Fill me in with a good description!)
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2009
+ *                the Privoxy team. http://www.privoxy.org/
+ *
+ *                This program is free software; you can redistribute it
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
+ *                or write to the Free Software Foundation, Inc., 
+ *                51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 ,
+ *                USA
+ *
+ * Revisions   :
+ *    $Log: coding.html,v $
+ *    Revision 1.42  2009/03/21 12:59:32  fabiankeil
+ *    Rebuild with recent changes.
+ *
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+   ...necessary include files for us to do our work...
+
+const char FILENAME_h_rcs[] = FILENAME_H_VERSION;</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Note:</I
+></SPAN
+> This declares the rcs variables that should be
+    added to the "show-proxy-args" page. If this is a brand new
+    creation by you, you are free to change the "Copyright" section
+    to represent the rights you wish to maintain.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Note:</I
+></SPAN
+> The formfeed character that is present right
+    after the comment flower box is handy for (X|GNU)Emacs users to
+    skip the verbiage and get to the heart of the code (via
+    `forward-page' and `backward-page'). Please include it if you
+    can.</P
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example for file header comments:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>#ifndef _FILENAME_H
+#define _FILENAME_H
+#define FILENAME_H_VERSION "$Id: coding.html,v 1.42 2009/03/21 12:59:32 fabiankeil Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/doc/webserver/developer-manual/coding.html,v $
+ *
+ * Purpose     :  (Fill me in with a good description!)
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2009
+ *                the Privoxy team. http://www.privoxy.org/
+ *
+ *                This program is free software; you can redistribute it
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/licenses/old-licenses/gpl-2.0.html
+ *                or write to the Free Software Foundation, Inc., 
+ *                51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 ,
+ *                USA
+ *
+ * Revisions   :
+ *    $Log: coding.html,v $
+ *    Revision 1.42  2009/03/21 12:59:32  fabiankeil
+ *    Rebuild with recent changes.
+ *
+ *
+ *********************************************************************/
+
+
+#include "project.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+   ... function headers here ...
+
+
+/* Revision control strings from this header and associated .c file */
+extern const char FILENAME_rcs[];
+extern const char FILENAME_h_rcs[];
+
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef _FILENAME_H */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Example for function comments:</I
+></SPAN
+></P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>/*********************************************************************
+ *
+ * Function    :  FUNCTION_NAME
+ *
+ * Description :  (Fill me in with a good description!)
+ *
+ * parameters  :
+ *          1  :  param1 = pointer to an important thing
+ *          2  :  x      = pointer to something else
+ *
+ * Returns     :  0 => Ok, everything else is an error.
+ *
+ *********************************************************************/
+int FUNCTION_NAME( void *param1, const char *x )
+{
+   ...
+   return( 0 );
+
+}</PRE
+></TD
+></TR
+></TABLE
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Note:</I
+></SPAN
+> If we all follow this practice, we should be
+    able to parse our code to create a "self-documenting" web
+    page.</P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="documentation.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="testing.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Documentation Guidelines</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Testing Guidelines</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/developer-manual/contact.html b/external/privoxy/doc/webserver/developer-manual/contact.html
new file mode 100644
index 0000000..3d8ddc0
--- /dev/null
+++ b/external/privoxy/doc/webserver/developer-manual/contact.html
@@ -0,0 +1,510 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Contacting the developers, Bug Reporting and Feature Requests</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy Developer Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Update the Webserver"
+HREF="webserver-update.html"><LINK
+REL="NEXT"
+TITLE="Privoxy Copyright, License and History"
+HREF="copyright.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy Developer Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="webserver-update.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="copyright.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="CONTACT"
+>8. Contacting the developers, Bug Reporting and Feature Requests</A
+></H1
+><P
+> We value your feedback. In fact, we rely on it to improve
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> and its configuration.
+ However, please note the following hints, so we can 
+ provide you with the best support:</P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="CONTACT-SUPPORT"
+>8.1. Get Support</A
+></H2
+><P
+> For casual users, our 
+ <A
+HREF="http://sourceforge.net/tracker/?group_id=11118&atid=211118"
+TARGET="_top"
+>support forum at SourceForge</A
+>
+ is probably best suited:
+ <A
+HREF="http://sourceforge.net/tracker/?group_id=11118&atid=211118"
+TARGET="_top"
+>http://sourceforge.net/tracker/?group_id=11118&atid=211118</A
+></P
+><P
+> All users are of course welcome to discuss their issues on the <A
+HREF="http://lists.sourceforge.net/lists/listinfo/ijbswa-users"
+TARGET="_top"
+>users
+ mailing list</A
+>, where the developers also hang around.</P
+><P
+> Please don't sent private support requests to individual Privoxy
+ developers, either use the mailing lists or the support trackers.</P
+><P
+> Note that the Privoxy mailing lists are moderated. Posts from unsubscribed
+ addresses have to be accepted manually by a moderator. This may cause a
+ delay of several days and if you use a subject that doesn't clearly
+ mention Privoxy or one of its features, your message may be accidentally
+ discarded as spam.</P
+><P
+> If you aren't subscribed, you should therefore spend a few seconds
+ to come up with a proper subject. Additionally you should make it clear
+ that you want to get CC'd. Otherwise some responses will be directed to
+ the mailing list only, and you won't see them.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="REPORTING"
+>8.2. Reporting Problems</A
+></H2
+><P
+><SPAN
+CLASS="QUOTE"
+>"Problems"</SPAN
+> for our purposes, come in two forms:</P
+><P
+></P
+><UL
+><LI
+><P
+>    Configuration issues, such as ads that slip through, or sites that 
+    don't function properly due to one <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 
+    <SPAN
+CLASS="QUOTE"
+>"action"</SPAN
+> or another being turned <SPAN
+CLASS="QUOTE"
+>"on"</SPAN
+>.
+   </P
+></LI
+><LI
+><P
+>    <SPAN
+CLASS="QUOTE"
+>"Bugs"</SPAN
+> in the programming code that makes up 
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, such as that might cause a crash.
+   </P
+></LI
+></UL
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="CONTACT-ADS"
+>8.2.1. Reporting Ads or Other Configuration Problems</A
+></H3
+><P
+> Please send feedback on ads that slipped through, innocent images that were
+ blocked, sites that don't work properly, and other configuration related problem of 
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+> file, to 
+ <A
+HREF="http://sourceforge.net/tracker/?group_id=11118&atid=460288"
+TARGET="_top"
+> http://sourceforge.net/tracker/?group_id=11118&atid=460288</A
+>,
+ the Actions File Tracker.</P
+><P
+> New, improved <TT
+CLASS="FILENAME"
+>default.action</TT
+> files may occasionally be made
+ available based on your feedback. These will be announced on the <A
+HREF="http://lists.sourceforge.net/lists/listinfo/ijbswa-announce"
+TARGET="_top"
+>ijbswa-announce</A
+>
+ list and available from our the <A
+HREF="http://sourceforge.net/project/showfiles.php?group_id=11118"
+TARGET="_top"
+>files section</A
+> of
+ our <A
+HREF="http://sf.net/projects/ijbswa/"
+TARGET="_top"
+>project page</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="CONTACT-BUGS"
+>8.2.2. Reporting Bugs</A
+></H3
+><P
+> Please report all bugs through our bug tracker: 
+ <A
+HREF="http://sourceforge.net/tracker/?group_id=11118&atid=111118"
+TARGET="_top"
+>http://sourceforge.net/tracker/?group_id=11118&atid=111118</A
+>. </P
+><P
+>  Before doing so, please make sure that the bug has <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not already been submitted</I
+></SPAN
+>
+  and observe the additional hints at the top of the <A
+HREF="http://sourceforge.net/tracker/?func=add&group_id=11118&atid=111118"
+TARGET="_top"
+>submit
+  form</A
+>. If already submitted, please feel free to add any info to the 
+  original report that might help to solve the issue.</P
+><P
+>  Please try to verify that it is a <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> bug,
+  and not a browser or site bug or documented behaviour that just happens
+  to be different than what you expected. If unsure,
+  try <A
+HREF="http://config.privoxy.org/toggle?set=disable"
+TARGET="_top"
+>toggling
+  off</A
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, and see if the problem persists.</P
+><P
+>  If you are using your own custom configuration, please try
+  the stock configs to see if the problem is configuration related.
+  If you're having problems with a feature that is disabled by default,
+  please ask around on the mailing list if others can reproduce the problem.</P
+><P
+>  If you aren't using the latest Privoxy version, the bug may have been found
+  and fixed in the meantime. We would appreciate if you could take the time
+  to <A
+HREF="http://www.privoxy.org/user-manual/installation.html"
+TARGET="_top"
+>upgrade
+  to the latest version</A
+> (or  even the latest CVS snapshot) and verify
+  that your bug still exists.</P
+><P
+>Please be sure to provide the following information:</P
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>    The exact <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> version you are using
+    (if you got the source from CVS, please also provide the source code revisions
+     as shown in <A
+HREF="http://config.privoxy.org/show-version"
+TARGET="_top"
+>http://config.privoxy.org/show-version</A
+>).
+   </P
+></LI
+><LI
+><P
+>    The operating system and versions you run
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> on, (e.g. <SPAN
+CLASS="APPLICATION"
+>Windows
+    XP SP2</SPAN
+>), if you are using a Unix flavor,
+    sending the output of <SPAN
+CLASS="QUOTE"
+>"uname -a"</SPAN
+> should do,
+    in case of GNU/Linux, please also name the distribution.
+   </P
+></LI
+><LI
+><P
+>    The name, platform, and version of the <SPAN
+CLASS="APPLICATION"
+>browser</SPAN
+> 
+    you were using (e.g. <SPAN
+CLASS="APPLICATION"
+>Internet Explorer v5.5</SPAN
+> for Mac).
+   </P
+></LI
+><LI
+><P
+>    The URL where the problem occurred, or some way for us to duplicate the
+    problem (e.g. <TT
+CLASS="LITERAL"
+>http://somesite.example.com/?somethingelse=123</TT
+>). 
+   </P
+></LI
+><LI
+><P
+>    Whether your version of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is one supplied
+    by the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> developers via SourceForge,
+    or if you got your copy somewhere else.
+   </P
+></LI
+><LI
+><P
+>    Whether you are using <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> in tandem with 
+    another proxy such as <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+>. If so, please
+    temporary disable the other proxy to see if the symptoms change.
+   </P
+></LI
+><LI
+><P
+>    Whether you are using a personal firewall product. If so, does 
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> work without it?
+   </P
+></LI
+><LI
+><P
+>    Any other pertinent information to help identify the problem such as config
+    or log file excerpts (yes, you should have log file entries for each
+    action taken).
+   </P
+></LI
+></UL
+></P
+><P
+> You don't have to tell us your actual name when filing a problem
+ report, but please use a nickname so we can differentiate between
+ your messages and the ones entered by other "anonymous" users that
+ may respond to your request if they have the same problem or already
+ found a solution.</P
+><P
+> Please also check the status of your request a few days after submitting
+ it, as we may request additional information. If you use a SF id,
+ you should automatically get a mail when someone responds to your request.</P
+><P
+>  The <A
+HREF="http://www.privoxy.org/user-manual/appendix.html#ACTIONSANAT"
+TARGET="_top"
+>appendix
+  of the Privoxy User Manual</A
+> also has helpful information 
+  on understanding <TT
+CLASS="LITERAL"
+>actions</TT
+>, and <TT
+CLASS="LITERAL"
+>action</TT
+> debugging. </P
+></DIV
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="CONTACT-FEATURE"
+>8.3. Request New Features</A
+></H2
+><P
+> You are welcome to submit ideas on new features or other proposals
+ for improvement through our feature request tracker at
+ <A
+HREF="http://sourceforge.net/tracker/?atid=361118&group_id=11118"
+TARGET="_top"
+>http://sourceforge.net/tracker/?atid=361118&group_id=11118</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="CONTACT-OTHER"
+>8.4. Other</A
+></H2
+><P
+>For any other issues, feel free to use the mailing lists. Technically interested users
+and people who wish to contribute to the project are also welcome on the developers list!
+You can find an overview of all <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>-related mailing lists,
+including list archives, at:
+<A
+HREF="http://sourceforge.net/mail/?group_id=11118"
+TARGET="_top"
+>http://sourceforge.net/mail/?group_id=11118</A
+>.</P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="webserver-update.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="copyright.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Update the Webserver</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Privoxy Copyright, License and History</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/developer-manual/copyright.html b/external/privoxy/doc/webserver/developer-manual/copyright.html
new file mode 100644
index 0000000..5fbe9a4
--- /dev/null
+++ b/external/privoxy/doc/webserver/developer-manual/copyright.html
@@ -0,0 +1,298 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Privoxy Copyright, License and History</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy Developer Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Contacting the developers, Bug Reporting and Feature Requests"
+HREF="contact.html"><LINK
+REL="NEXT"
+TITLE="See also"
+HREF="seealso.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy Developer Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="contact.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="seealso.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="COPYRIGHT"
+>9. Privoxy Copyright, License and History</A
+></H1
+><P
+> Copyright © 2001-2009 by Privoxy Developers <CODE
+CLASS="EMAIL"
+><<A
+HREF="mailto:ijbswa-developers at lists.sourceforge.net"
+>ijbswa-developers at lists.sourceforge.net</A
+>></CODE
+></P
+><P
+> Some source code is based on code Copyright © 1997 by Anonymous Coders
+ and Junkbusters, Inc. and licensed under the <I
+CLASS="CITETITLE"
+>GNU General Public
+ License</I
+>.</P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="AEN1223"
+>9.1. License</A
+></H2
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is free software; you can
+ redistribute it and/or modify it under the terms of the 
+ <I
+CLASS="CITETITLE"
+>GNU General Public License</I
+>, version 2,
+ as published by the Free Software Foundation.</P
+><P
+> This program is distributed in the hope that it will be useful, but WITHOUT
+ ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ FITNESS FOR A PARTICULAR PURPOSE.  See the <A
+HREF="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html"
+TARGET="_top"
+> <I
+CLASS="CITETITLE"
+>GNU General Public License</I
+></A
+> for details.</P
+><P
+> You should have received a copy of the <I
+CLASS="CITETITLE"
+>GNU GPL</I
+>
+ along with this program; if not, write to the <P
+CLASS="ADDRESS"
+> Free Software<br>
+ Foundation, Inc. <SPAN
+CLASS="STREET"
+>51 Franklin Street, Fifth Floor</SPAN
+><br>
+ <SPAN
+CLASS="CITY"
+>Boston</SPAN
+>, <SPAN
+CLASS="STATE"
+>MA</SPAN
+> <SPAN
+CLASS="POSTCODE"
+>02110-1301</SPAN
+><br>
+ <SPAN
+CLASS="COUNTRY"
+>USA</SPAN
+> </P
+></P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="AEN1239"
+>9.2. History</A
+></H2
+><P
+> A long time ago, there was the
+ <A
+HREF="http://www.junkbusters.com/ijb.html"
+TARGET="_top"
+><SPAN
+CLASS="APPLICATION"
+>Internet Junkbuster</SPAN
+></A
+>, 
+ by Anonymous Coders and <A
+HREF="http://www.junkbusters.com/"
+TARGET="_top"
+>Junkbusters
+ Corporation</A
+>. This saved many users a lot of pain in the early days of
+ web advertising and user tracking.</P
+><P
+> But the web, its protocols and standards, and with it, the techniques for
+ forcing ads on users, give up autonomy over their browsing, and
+ for tracking them, keeps evolving. Unfortunately, the <SPAN
+CLASS="APPLICATION"
+>Internet
+ Junkbuster</SPAN
+> did not. Version 2.0.2, published in 1998, was 
+ (and is) the last official
+ <A
+HREF="http://www.junkbusters.com/ijbdist.html#release"
+TARGET="_top"
+>release</A
+>
+ available from <A
+HREF="http://www.junkbusters.com"
+TARGET="_top"
+>Junkbusters Corporation</A
+>.
+ Fortunately, it had been released under the GNU
+ <A
+HREF="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html"
+TARGET="_top"
+>GPL</A
+>,
+ which allowed further development by others.</P
+><P
+> So Stefan Waldherr started maintaining an improved version of the
+ software, to which eventually a number of people contributed patches.
+ It could already replace banners with a transparent image, and had a first
+ version of pop-up killing, but it was still very closely based on the
+ original, with all its limitations, such as the lack of HTTP/1.1 support,
+ flexible per-site configuration, or content modification. The last release
+ from this effort was version 2.0.2-10, published in 2000.</P
+><P
+> Then, some
+ <A
+HREF="http://www.privoxy.org/user-manual/copyright.html#AUTHORS"
+TARGET="_top"
+>developers</A
+>
+ picked up the thread, and started turning the software inside out, upside down,
+ and then reassembled it, adding many
+ <A
+HREF="http://www.privoxy.org/user-manual/introduction.html#FEATURES"
+TARGET="_top"
+>new
+ features</A
+> along the way.</P
+><P
+> The result of this is <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, whose first
+ stable version, 3.0, was released August, 2002. 
+ </P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="contact.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="seealso.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Contacting the developers, Bug Reporting and Feature Requests</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>See also</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/developer-manual/cvs.html b/external/privoxy/doc/webserver/developer-manual/cvs.html
new file mode 100644
index 0000000..db1fb9e
--- /dev/null
+++ b/external/privoxy/doc/webserver/developer-manual/cvs.html
@@ -0,0 +1,330 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>The CVS Repository</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy Developer Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Introduction"
+HREF="introduction.html"><LINK
+REL="NEXT"
+TITLE="Documentation Guidelines"
+HREF="documentation.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy Developer Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="introduction.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="documentation.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="CVS"
+>2. The CVS Repository</A
+></H1
+><P
+>      If you become part of the active development team, you will eventually
+      need write access to our holy grail, the CVS repository. One of the 
+      team members will need to set this up for you. Please read
+      this chapter completely before accessing via CVS.
+    </P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="CVSACCESS"
+>2.1. Access to CVS</A
+></H2
+><P
+>        The project's CVS repository is hosted on
+        <A
+HREF="http://sourceforge.net/"
+TARGET="_top"
+>SourceForge.</A
+>
+        Please refer to the chapters 6 and 7 in
+        <A
+HREF="http://sourceforge.net/docman/?group_id=1"
+TARGET="_top"
+>SF's site
+        documentation</A
+> for the technical access details for your
+        operating system. For historical reasons, the CVS server is
+        called <TT
+CLASS="LITERAL"
+>ijbswa.cvs.sourceforge.net</TT
+>, the repository is
+        called <TT
+CLASS="LITERAL"
+>ijbswa</TT
+>, and the source tree module is called
+        <TT
+CLASS="LITERAL"
+>current</TT
+>.
+      </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="CVSBRANCHES"
+>2.2. Branches</A
+></H2
+><P
+>       Within the CVS repository, there are modules and branches. As
+       mentioned, the sources are in the <TT
+CLASS="LITERAL"
+>current</TT
+>
+       <SPAN
+CLASS="QUOTE"
+>"module"</SPAN
+>. Other modules are present for platform specific
+       issues. There is a webview of the CVS hierarchy at <A
+HREF="http://ijbswa.cvs.sourceforge.net/ijbswa/"
+TARGET="_top"
+>http://ijbswa.cvs.sourceforge.net/ijbswa/</A
+>,
+       which might help with visualizing how these pieces fit together.
+     </P
+><P
+>       Branches are used to fork a sub-development path from the main trunk.
+       Within the <TT
+CLASS="LITERAL"
+>current</TT
+> module where the sources are, there
+       is always at least one <SPAN
+CLASS="QUOTE"
+>"branch"</SPAN
+> from the main trunk
+       devoted to a stable release series. The main trunk is where active
+       development takes place for the next stable series (e.g. 3.2.x).
+       So just prior to each stable series (e.g. 3.0.x), a branch is created
+       just for stable series releases (e.g. 3.0.0 -> 3.0.1 -> 3.0.2, etc).
+       Once the initial stable release of any stable branch has taken place,
+       this branch is <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>only used for bugfixes</I
+></SPAN
+>, which have
+       had prior testing before being committed to CVS. (See <A
+HREF="newrelease.html#VERSIONNUMBERS"
+>Version Numbers</A
+> below for details on
+       versioning.)
+     </P
+><P
+>      At one time there were two distinct branches: stable and unstable. The
+      more drastic changes were to be in the unstable branch. These branches 
+      have now been merged to minimize time and effort of maintaining two 
+      branches.
+     </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="CVSCOMMIT"
+>2.3. CVS Commit Guidelines</A
+></H2
+><P
+>        The source tree is the heart of every software project. Every effort must
+        be made to ensure that it is readable, compilable and consistent at all
+        times. There are differing guidelines for the stable branch and the
+        main development trunk, and we ask anyone with CVS access to strictly
+        adhere to the following guidelines:
+      </P
+><P
+>       Basic Guidelines, for all branches:
+      </P
+><P
+>        <P
+></P
+><UL
+><LI
+><P
+>            Please don't commit even 
+            a small change without testing it thoroughly first. When we're
+            close to a public release, ask a fellow developer to review your 
+            changes.
+          </P
+></LI
+><LI
+><P
+>            Your commit message should give a concise overview of <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>what you
+            changed</I
+></SPAN
+> (no big details) and <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>why you changed it</I
+></SPAN
+>
+            Just check previous messages for good examples.
+          </P
+></LI
+><LI
+><P
+>            Don't use the same message on multiple files, unless it equally applies to
+            all those files.
+          </P
+></LI
+><LI
+><P
+>            If your changes span multiple files, and the code won't recompile unless
+            all changes are committed (e.g. when changing the signature of a function),
+            then commit all files one after another, without long delays in between.
+            If necessary, prepare the commit messages in advance.
+          </P
+></LI
+><LI
+><P
+>            Before changing things on CVS, make sure that your changes are in line
+            with the team's general consensus on what should be done.
+          </P
+></LI
+><LI
+><P
+>            Note that near a major public release, we get more cautious.
+            There is always the possibility to submit a patch to the <A
+HREF="http://sourceforge.net/tracker/?atid=311118&group_id=11118&func=browse"
+TARGET="_top"
+>patch
+            tracker</A
+> instead.
+          </P
+></LI
+></UL
+>
+      </P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="introduction.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="documentation.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Introduction</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Documentation Guidelines</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/developer-manual/documentation.html b/external/privoxy/doc/webserver/developer-manual/documentation.html
new file mode 100644
index 0000000..d547c23
--- /dev/null
+++ b/external/privoxy/doc/webserver/developer-manual/documentation.html
@@ -0,0 +1,944 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Documentation Guidelines</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy Developer Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="The CVS Repository"
+HREF="cvs.html"><LINK
+REL="NEXT"
+TITLE="Coding Guidelines"
+HREF="coding.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy Developer Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="cvs.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="coding.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="DOCUMENTATION"
+>3. Documentation Guidelines</A
+></H1
+><P
+>    All formal documents are maintained in Docbook SGML and located in the
+    <SAMP
+CLASS="COMPUTEROUTPUT"
+>doc/source/*</SAMP
+> directory. You will need
+    <A
+HREF="http://www.docbook.org"
+TARGET="_top"
+>Docbook</A
+>, the Docbook 
+    DTD's and the Docbook modular stylesheets (or comparable alternatives),
+    and either <SPAN
+CLASS="APPLICATION"
+>jade</SPAN
+> or
+    <SPAN
+CLASS="APPLICATION"
+>openjade</SPAN
+> (recommended) installed in order to
+    build docs from source. Currently there is <A
+HREF="../user-manual/index.html"
+TARGET="_top"
+><I
+CLASS="CITETITLE"
+>user-manual</I
+></A
+>,
+    <A
+HREF="../faq/index.html"
+TARGET="_top"
+><I
+CLASS="CITETITLE"
+>FAQ</I
+></A
+>, and, of
+    course this, the <I
+CLASS="CITETITLE"
+>developer-manual</I
+> in this format.
+    The <I
+CLASS="CITETITLE"
+>README</I
+>, <I
+CLASS="CITETITLE"
+>AUTHORS</I
+>,
+    <I
+CLASS="CITETITLE"
+>INSTALL</I
+>,
+    <I
+CLASS="CITETITLE"
+>privoxy.1</I
+> (man page), and
+    <I
+CLASS="CITETITLE"
+>config</I
+> files are also now maintained as Docbook
+    SGML. These files, when built, in the top-level source directory are
+    generated files! Also, the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> <TT
+CLASS="FILENAME"
+>index.html</TT
+> (and a 
+    variation on this file, <TT
+CLASS="FILENAME"
+>privoxy-index.html</TT
+>, 
+    meant for inclusion with doc packages), are maintained as SGML as well.
+    <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>DO NOT edit these directly</I
+></SPAN
+>. Edit the SGML source, or
+    contact someone involved in the documentation.
+    </P
+><P
+>     <TT
+CLASS="FILENAME"
+>config</TT
+> requires some special handling. The reason it
+     is maintained this way is so that the extensive comments in the file
+     mirror those in <I
+CLASS="CITETITLE"
+>user-manual</I
+>. But the conversion 
+     process requires going from SGML to HTML to text to special formatting 
+     required for the embedded comments. Some of this does not survive so
+     well. Especially some of the examples that are longer than 80 characters.
+     The build process for this file outputs to <TT
+CLASS="FILENAME"
+>config.new</TT
+>, 
+     which should be reviewed for errors and mis-formatting. Once satisfied
+     that it is correct, then it should be hand copied to
+     <TT
+CLASS="FILENAME"
+>config</TT
+>.
+    </P
+><P
+>     Other, less formal documents (e.g. <TT
+CLASS="FILENAME"
+>LICENSE</TT
+>) are
+     maintained as plain text files in the top-level source directory.
+    </P
+><P
+>     Packagers are encouraged to include this documentation. For those without
+     the ability to build the docs locally, text versions of each are kept in
+     CVS. HTML versions are also being kept in CVS under 
+     <TT
+CLASS="FILENAME"
+>doc/webserver/*</TT
+>. And PDF version are kept in 
+     <TT
+CLASS="FILENAME"
+>doc/pdf/*</TT
+>.
+    </P
+><P
+>     Formal documents are built with the Makefile targets of
+     <SAMP
+CLASS="COMPUTEROUTPUT"
+>make dok</SAMP
+>, or alternately
+     <SAMP
+CLASS="COMPUTEROUTPUT"
+>make redhat-dok</SAMP
+>. If you have problems,
+     try both. The build process uses the document SGML sources in
+     <SAMP
+CLASS="COMPUTEROUTPUT"
+>doc/source/*/*</SAMP
+> to update all text files in
+     <SAMP
+CLASS="COMPUTEROUTPUT"
+>doc/text/</SAMP
+> and to update all HTML
+     documents in <SAMP
+CLASS="COMPUTEROUTPUT"
+>doc/webserver/</SAMP
+>.
+    </P
+><P
+>     Documentation writers should please make sure documents build
+     successfully before committing to CVS, if possible.
+    </P
+><P
+>     How do you update the webserver (i.e. the pages on privoxy.org)?
+     
+     <P
+></P
+><OL
+TYPE="1"
+><LI
+><P
+>        First, build the docs by running <SAMP
+CLASS="COMPUTEROUTPUT"
+>make
+        dok</SAMP
+> (or alternately <SAMP
+CLASS="COMPUTEROUTPUT"
+>make
+        redhat-dok</SAMP
+>). For PDF docs, do <SAMP
+CLASS="COMPUTEROUTPUT"
+>make
+        dok-pdf</SAMP
+>.
+      </P
+></LI
+><LI
+><P
+>        Run <SAMP
+CLASS="COMPUTEROUTPUT"
+>make webserver</SAMP
+> which copies all
+        files from <SAMP
+CLASS="COMPUTEROUTPUT"
+>doc/webserver</SAMP
+> to the
+        sourceforge webserver via scp.
+      </P
+></LI
+></OL
+>
+  </P
+><P
+>   Finished docs should be occasionally submitted to CVS
+   (<TT
+CLASS="FILENAME"
+>doc/webserver/*/*.html</TT
+>) so that those without 
+   the ability to build them locally, have access to them if needed.
+   This is especially important just prior to a new release! Please
+   do this <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>after</I
+></SPAN
+> the <TT
+CLASS="LITERAL"
+>$VERSION</TT
+> and
+   other release specific data in <TT
+CLASS="FILENAME"
+>configure.in</TT
+> has been
+   updated (this is done just prior to a new release).
+  </P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="SGML"
+>3.1. Quickstart to Docbook and SGML</A
+></H2
+><P
+> If you are not familiar with SGML, it is a markup language similar to HTML. 
+ Actually, not a mark up language per se, but a language used to define 
+ markup languages. In fact, HTML is an SGML application. Both will use
+ <SPAN
+CLASS="QUOTE"
+>"tags"</SPAN
+> to format text and other content. SGML tags can be much
+ more varied, and flexible, but do much of the same kinds of things. The tags,
+ or <SPAN
+CLASS="QUOTE"
+>"elements"</SPAN
+>, are definable in SGML. There is no set
+ <SPAN
+CLASS="QUOTE"
+>"standards"</SPAN
+>. Since we are using
+ <SPAN
+CLASS="APPLICATION"
+>Docbook</SPAN
+>, our tags are those that are defined by 
+ <SPAN
+CLASS="APPLICATION"
+>Docbook</SPAN
+>. Much of how the finish document is
+ rendered is determined by the <SPAN
+CLASS="QUOTE"
+>"stylesheets"</SPAN
+>.
+ The stylesheets determine how each tag gets translated to HTML, or other
+ formats.</P
+><P
+> Tags in Docbook SGML need to be always <SPAN
+CLASS="QUOTE"
+>"closed"</SPAN
+>. If not, you
+ will likely generate errors. Example: <TT
+CLASS="LITERAL"
+><title>My
+ Title</title></TT
+>. They are also case-insensitive, but we
+ strongly suggest using all lower case. This keeps compatibility with
+ [Docbook] <SPAN
+CLASS="APPLICATION"
+>XML</SPAN
+>.</P
+><P
+> Our documents use <SPAN
+CLASS="QUOTE"
+>"sections"</SPAN
+> for the most part. Sections
+ will be processed into HTML headers (e.g. <TT
+CLASS="LITERAL"
+>h1</TT
+> for 
+ <TT
+CLASS="LITERAL"
+>sect1</TT
+>). The <SPAN
+CLASS="APPLICATION"
+>Docbook</SPAN
+> stylesheets
+ will use these to also generate the Table of Contents for each doc. Our 
+ TOC's are set to a depth of three. Meaning <TT
+CLASS="LITERAL"
+>sect1</TT
+>, 
+ <TT
+CLASS="LITERAL"
+>sect2</TT
+>, and <TT
+CLASS="LITERAL"
+>sect3</TT
+> will have TOC 
+ entries, but <TT
+CLASS="LITERAL"
+>sect4</TT
+> will not. Each section requires 
+ a <TT
+CLASS="LITERAL"
+><title></TT
+> element, and at least one 
+ <TT
+CLASS="LITERAL"
+><para></TT
+>. There is a limit of five section 
+ levels in Docbook, but generally three should be sufficient for our 
+ purposes.</P
+><P
+> Some common elements that you likely will use: </P
+><P
+>  <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>      <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+><para></para></I
+></SPAN
+>, paragraph delimiter. Most 
+      text needs to be within paragraph elements (there are some exceptions).
+    </TD
+></TR
+><TR
+><TD
+>      <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+><emphasis></emphasis></I
+></SPAN
+>, the stylesheets
+      make this italics.
+    </TD
+></TR
+><TR
+><TD
+>      <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+><filename></filename></I
+></SPAN
+>, files and directories.
+    </TD
+></TR
+><TR
+><TD
+>      <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+><command></command></I
+></SPAN
+>, command examples.
+    </TD
+></TR
+><TR
+><TD
+>      <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+><literallayout></literallayout></I
+></SPAN
+>, like 
+      <TT
+CLASS="LITERAL"
+><pre></TT
+>, more or less.
+    </TD
+></TR
+><TR
+><TD
+>      <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+><itemizedlist></itemizedlist></I
+></SPAN
+>, list with bullets.
+    </TD
+></TR
+><TR
+><TD
+>      <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+><listitem></listitem></I
+></SPAN
+>, member of the above.
+    </TD
+></TR
+><TR
+><TD
+>      <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+><screen></screen></I
+></SPAN
+>, screen output, implies 
+      <TT
+CLASS="LITERAL"
+><literallayout></TT
+>.
+    </TD
+></TR
+><TR
+><TD
+>      <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+><ulink url="example.com"></ulink></I
+></SPAN
+>, like 
+      HTML <TT
+CLASS="LITERAL"
+><a></TT
+> tag.
+    </TD
+></TR
+><TR
+><TD
+>      <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+><quote></quote></I
+></SPAN
+>, for, doh, quoting text. 
+    </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+></P
+><P
+> Look at any of the existing docs for examples of all these and more.</P
+><P
+> You might also find <SPAN
+CLASS="QUOTE"
+>"<A
+HREF="http://opensource.bureau-cornavin.com/crash-course/index.html"
+TARGET="_top"
+>Writing Documentation
+ Using DocBook - A Crash Course</A
+>"</SPAN
+> useful.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="DOCSTYLE"
+>3.2. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> Documentation Style</A
+></H2
+><P
+>    It will be easier if everyone follows a similar writing style. This 
+    just makes it easier to read what someone else has written if it 
+    is all done in a similar fashion.
+   </P
+><P
+>    Here it is:
+   </P
+><P
+>    <P
+></P
+><UL
+><LI
+><P
+>       All tags should be lower case.
+      </P
+></LI
+><LI
+><P
+>       Tags delimiting a <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>block</I
+></SPAN
+> of text (even small
+       blocks) should be on their own line. Like:
+       <P
+CLASS="LITERALLAYOUT"
+> <para><br>
+  Some text goes here.<br>
+ </para><br>
+       </P
+>
+       Tags marking individual words, or few words, should be in-line:
+       <P
+CLASS="LITERALLAYOUT"
+>  Just to <emphasis>emphasize</emphasis>, some text goes here.<br>
+       </P
+>
+     </P
+></LI
+><LI
+><P
+>      Tags should be nested and step indented for block text like: (except
+      in-line tags) 
+     <P
+CLASS="LITERALLAYOUT"
+> <para><br>
+  <itemizedlist><br>
+   <para><br>
+    <listitem><br>
+      Some text goes here in our list example.<br>
+     </listitem><br>
+   </para><br>
+  </itemizedlist><br>
+ </para><br>
+       </P
+>
+      This makes it easier to find the text amongst the tags ;-)
+    </P
+></LI
+><LI
+><P
+>     Use white space to separate logical divisions within a document, 
+     like between sections. Running everything together consistently 
+     makes it harder to read and work on.
+    </P
+></LI
+><LI
+><P
+>     Do not hesitate to make comments. Comments can either use the 
+     <comment> element, or the <!--  --> style comment 
+     familiar from HTML. (Note in Docbook v4.x <comment> is 
+     replaced by <remark>.)
+    </P
+></LI
+><LI
+><P
+>     We have an international audience. Refrain from slang, or English 
+     idiosyncrasies (too many to list :). Humor also does not translate 
+     well sometimes.
+   </P
+></LI
+><LI
+><P
+>    Try to keep overall line lengths in source files to 80 characters or less
+    for obvious reasons. This is not always possible, with lengthy URLs for
+    instance.
+   </P
+></LI
+><LI
+><P
+>    Our documents are available in differing formats. Right now, they 
+    are just plain text, HTML, and PDF, but others are always a 
+    future possibility. Be careful with URLs (<ulink>), and avoid 
+    this mistake:
+   </P
+><P
+>     My favorite site is <ulink url="http://example.com">here</ulink>.
+   </P
+><P
+>     This will render as <SPAN
+CLASS="QUOTE"
+>"My favorite site is here"</SPAN
+>, which is 
+     not real helpful in a text doc. Better like this:
+   </P
+><P
+>     My favorite site is <ulink url="http://example.com">example.com</ulink>.
+   </P
+></LI
+><LI
+><P
+>    All documents should be spell checked occasionally.
+    <SPAN
+CLASS="APPLICATION"
+>aspell</SPAN
+> can check SGML with the
+    <TT
+CLASS="LITERAL"
+>-H</TT
+> option. (<SPAN
+CLASS="APPLICATION"
+>ispell</SPAN
+> I think
+    too.)
+   </P
+></LI
+></UL
+>
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="AEN217"
+>3.3. Privoxy Custom Entities</A
+></H2
+><P
+>  <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> documentation is using 
+  a number of customized <SPAN
+CLASS="QUOTE"
+>"entities"</SPAN
+> to facilitate 
+  documentation maintenance. 
+ </P
+><P
+>  We are using a set of <SPAN
+CLASS="QUOTE"
+>"boilerplate"</SPAN
+> files with generic text,
+  that is used by multiple docs. This way we can write something once, and use
+  it repeatedly without having to re-write the same content over and over again.
+  If editing such a file, keep in mind that it should be
+  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>generic</I
+></SPAN
+>. That is the purpose; so it can be used in varying 
+  contexts without additional modifications.
+ </P
+><P
+>  We are also using what <SPAN
+CLASS="APPLICATION"
+>Docbook</SPAN
+> calls 
+  <SPAN
+CLASS="QUOTE"
+>"internal entities"</SPAN
+>. These are like variables in 
+  programming. Well, sort of. For instance, we have the
+  <TT
+CLASS="LITERAL"
+>p-version</TT
+> entity that contains the current 
+  <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> version string. You are strongly 
+  encouraged to use these where possible. Some of these obviously 
+  require re-setting with each release (done by the Makefile). A sampling of
+  custom entities are listed below. See any of the main docs for examples.
+ </P
+><P
+>  <P
+></P
+><UL
+><LI
+><P
+>    Re- <SPAN
+CLASS="QUOTE"
+>"boilerplate"</SPAN
+> text entities are defined like:
+   </P
+><P
+>    <TT
+CLASS="LITERAL"
+><!entity supported SYSTEM "supported.sgml"></TT
+>
+   </P
+><P
+>     In this example, the contents of the file,
+     <TT
+CLASS="FILENAME"
+>supported.sgml</TT
+> is available for inclusion anywhere 
+     in the doc. To make this happen, just reference the now defined 
+     entity: <TT
+CLASS="LITERAL"
+>&supported;</TT
+> (starts with an ampersand 
+     and ends with a semi-colon), and the contents will be dumped into 
+     the finished doc at that point.
+   </P
+></LI
+><LI
+><P
+>    Commonly used <SPAN
+CLASS="QUOTE"
+>"internal entities"</SPAN
+>:
+  </P
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>    <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>p-version</I
+></SPAN
+>: the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 
+    version string, e.g. <SPAN
+CLASS="QUOTE"
+>"3.0.12"</SPAN
+>.
+   </TD
+></TR
+><TR
+><TD
+>    <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>p-status</I
+></SPAN
+>: the project status, either 
+    <SPAN
+CLASS="QUOTE"
+>"alpha"</SPAN
+>, <SPAN
+CLASS="QUOTE"
+>"beta"</SPAN
+>, or <SPAN
+CLASS="QUOTE"
+>"stable"</SPAN
+>.
+   </TD
+></TR
+><TR
+><TD
+>    <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>p-not-stable</I
+></SPAN
+>: use to conditionally include 
+    text in <SPAN
+CLASS="QUOTE"
+>"not stable"</SPAN
+> releases (e.g. <SPAN
+CLASS="QUOTE"
+>"beta"</SPAN
+>).
+   </TD
+></TR
+><TR
+><TD
+>    <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>p-stable</I
+></SPAN
+>: just the opposite.
+   </TD
+></TR
+><TR
+><TD
+>    <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>p-text</I
+></SPAN
+>: this doc is only generated as text.
+   </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+></LI
+></UL
+>
+ </P
+><P
+>  There are others in various places that are defined for a specific 
+  purpose. Read the source!
+ </P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="cvs.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="coding.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>The CVS Repository</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Coding Guidelines</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/developer-manual/index.html b/external/privoxy/doc/webserver/developer-manual/index.html
new file mode 100644
index 0000000..4360e6b
--- /dev/null
+++ b/external/privoxy/doc/webserver/developer-manual/index.html
@@ -0,0 +1,688 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Privoxy Developer Manual</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="NEXT"
+TITLE="Introduction"
+HREF="introduction.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
+><BODY
+CLASS="ARTICLE"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="ARTICLE"
+><DIV
+CLASS="TITLEPAGE"
+><H1
+CLASS="TITLE"
+><A
+NAME="AEN2"
+>Privoxy Developer Manual</A
+></H1
+><P
+CLASS="PUBDATE"
+>     <SUB
+>    
+    
+      <A
+HREF="copyright.html"
+>Copyright</A
+> © 2001-2009 by 
+      <A
+HREF="http://www.privoxy.org/"
+TARGET="_top"
+>Privoxy Developers</A
+>
+     </SUB
+>
+    <BR></P
+><P
+CLASS="PUBDATE"
+>$Id: index.html,v 1.42 2009/03/21 12:59:32 fabiankeil Exp $<BR></P
+><DIV
+><DIV
+CLASS="ABSTRACT"
+><P
+></P
+><A
+NAME="AEN9"
+></A
+><P
+> The developer manual provides guidance on coding, testing, packaging, documentation
+ and other issues of importance to those involved with
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> development. It is mandatory (and helpful!) reading
+ for anyone who wants to join the team. Note that it's currently out of date
+ and may not be entirely correct. As always, patches are welcome.</P
+><P
+> Please note that this document is constantly evolving. This copy represents
+ the state at the release of version 3.0.12.
+ You can find the latest version of the this manual at <A
+HREF="http://www.privoxy.org/developer-manual/"
+TARGET="_top"
+>http://www.privoxy.org/developer-manual/</A
+>.
+ Please see <A
+HREF="contact.html"
+>the Contact section</A
+> 
+ on how to contact the developers.</P
+><P
+></P
+></DIV
+></DIV
+><HR></DIV
+><DIV
+CLASS="TOC"
+><DL
+><DT
+><B
+>Table of Contents</B
+></DT
+><DT
+>1. <A
+HREF="introduction.html"
+>Introduction</A
+></DT
+><DD
+><DL
+><DT
+>1.1. <A
+HREF="introduction.html#QUICKSTART"
+>Quickstart to Privoxy Development</A
+></DT
+></DL
+></DD
+><DT
+>2. <A
+HREF="cvs.html"
+>The CVS Repository</A
+></DT
+><DD
+><DL
+><DT
+>2.1. <A
+HREF="cvs.html#CVSACCESS"
+>Access to CVS</A
+></DT
+><DT
+>2.2. <A
+HREF="cvs.html#CVSBRANCHES"
+>Branches</A
+></DT
+><DT
+>2.3. <A
+HREF="cvs.html#CVSCOMMIT"
+>CVS Commit Guidelines</A
+></DT
+></DL
+></DD
+><DT
+>3. <A
+HREF="documentation.html"
+>Documentation Guidelines</A
+></DT
+><DD
+><DL
+><DT
+>3.1. <A
+HREF="documentation.html#SGML"
+>Quickstart to Docbook and SGML</A
+></DT
+><DT
+>3.2. <A
+HREF="documentation.html#DOCSTYLE"
+><SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> Documentation Style</A
+></DT
+><DT
+>3.3. <A
+HREF="documentation.html#AEN217"
+>Privoxy Custom Entities</A
+></DT
+></DL
+></DD
+><DT
+>4. <A
+HREF="coding.html"
+>Coding Guidelines</A
+></DT
+><DD
+><DL
+><DT
+>4.1. <A
+HREF="coding.html#S1"
+>Introduction</A
+></DT
+><DT
+>4.2. <A
+HREF="coding.html#S2"
+>Using Comments</A
+></DT
+><DD
+><DL
+><DT
+>4.2.1. <A
+HREF="coding.html#S3"
+>Comment, Comment, Comment</A
+></DT
+><DT
+>4.2.2. <A
+HREF="coding.html#S4"
+>Use blocks for comments</A
+></DT
+><DT
+>4.2.3. <A
+HREF="coding.html#S5"
+>Keep Comments on their own line</A
+></DT
+><DT
+>4.2.4. <A
+HREF="coding.html#S6"
+>Comment each logical step</A
+></DT
+><DT
+>4.2.5. <A
+HREF="coding.html#S7"
+>Comment All Functions Thoroughly</A
+></DT
+><DT
+>4.2.6. <A
+HREF="coding.html#S8"
+>Comment at the end of braces if the
+    content is more than one screen length</A
+></DT
+></DL
+></DD
+><DT
+>4.3. <A
+HREF="coding.html#S9"
+>Naming Conventions</A
+></DT
+><DD
+><DL
+><DT
+>4.3.1. <A
+HREF="coding.html#S10"
+>Variable Names</A
+></DT
+><DT
+>4.3.2. <A
+HREF="coding.html#S11"
+>Function Names</A
+></DT
+><DT
+>4.3.3. <A
+HREF="coding.html#S12"
+>Header file prototypes</A
+></DT
+><DT
+>4.3.4. <A
+HREF="coding.html#S13"
+>Enumerations, and #defines</A
+></DT
+><DT
+>4.3.5. <A
+HREF="coding.html#S14"
+>Constants</A
+></DT
+></DL
+></DD
+><DT
+>4.4. <A
+HREF="coding.html#S15"
+>Using Space</A
+></DT
+><DD
+><DL
+><DT
+>4.4.1. <A
+HREF="coding.html#S16"
+>Put braces on a line by themselves.</A
+></DT
+><DT
+>4.4.2. <A
+HREF="coding.html#S17"
+>ALL control statements should have a
+    block</A
+></DT
+><DT
+>4.4.3. <A
+HREF="coding.html#S18"
+>Do not belabor/blow-up boolean
+    expressions</A
+></DT
+><DT
+>4.4.4. <A
+HREF="coding.html#S19"
+>Use white space freely because it is
+    free</A
+></DT
+><DT
+>4.4.5. <A
+HREF="coding.html#S20"
+>Don't use white space around structure
+    operators</A
+></DT
+><DT
+>4.4.6. <A
+HREF="coding.html#S21"
+>Make the last brace of a function stand
+    out</A
+></DT
+><DT
+>4.4.7. <A
+HREF="coding.html#S22"
+>Use 3 character indentions</A
+></DT
+></DL
+></DD
+><DT
+>4.5. <A
+HREF="coding.html#S23"
+>Initializing</A
+></DT
+><DD
+><DL
+><DT
+>4.5.1. <A
+HREF="coding.html#S24"
+>Initialize all variables</A
+></DT
+></DL
+></DD
+><DT
+>4.6. <A
+HREF="coding.html#S25"
+>Functions</A
+></DT
+><DD
+><DL
+><DT
+>4.6.1. <A
+HREF="coding.html#S26"
+>Name functions that return a boolean as a
+    question.</A
+></DT
+><DT
+>4.6.2. <A
+HREF="coding.html#S27"
+>Always specify a return type for a
+    function.</A
+></DT
+><DT
+>4.6.3. <A
+HREF="coding.html#S28"
+>Minimize function calls when iterating by
+    using variables</A
+></DT
+><DT
+>4.6.4. <A
+HREF="coding.html#S29"
+>Pass and Return by Const Reference</A
+></DT
+><DT
+>4.6.5. <A
+HREF="coding.html#S30"
+>Pass and Return by Value</A
+></DT
+><DT
+>4.6.6. <A
+HREF="coding.html#S31"
+>Names of include files</A
+></DT
+><DT
+>4.6.7. <A
+HREF="coding.html#S32"
+>Provide multiple inclusion
+    protection</A
+></DT
+><DT
+>4.6.8. <A
+HREF="coding.html#S33"
+>Use `extern "C"` when appropriate</A
+></DT
+><DT
+>4.6.9. <A
+HREF="coding.html#S34"
+>Where Possible, Use Forward Struct
+    Declaration Instead of Includes</A
+></DT
+></DL
+></DD
+><DT
+>4.7. <A
+HREF="coding.html#S35"
+>General Coding Practices</A
+></DT
+><DD
+><DL
+><DT
+>4.7.1. <A
+HREF="coding.html#S36"
+>Turn on warnings</A
+></DT
+><DT
+>4.7.2. <A
+HREF="coding.html#S37"
+>Provide a default case for all switch
+    statements</A
+></DT
+><DT
+>4.7.3. <A
+HREF="coding.html#S38"
+>Try to avoid falling through cases in a
+    switch statement.</A
+></DT
+><DT
+>4.7.4. <A
+HREF="coding.html#S39"
+>Use 'long' or 'short' Instead of
+    'int'</A
+></DT
+><DT
+>4.7.5. <A
+HREF="coding.html#S40"
+>Don't mix size_t and other types</A
+></DT
+><DT
+>4.7.6. <A
+HREF="coding.html#S41"
+>Declare each variable and struct on its
+    own line.</A
+></DT
+><DT
+>4.7.7. <A
+HREF="coding.html#S42"
+>Use malloc/zalloc sparingly</A
+></DT
+><DT
+>4.7.8. <A
+HREF="coding.html#S43"
+>The Programmer Who Uses 'malloc' is
+    Responsible for Ensuring 'free'</A
+></DT
+><DT
+>4.7.9. <A
+HREF="coding.html#S44"
+>Add loaders to the `file_list' structure
+    and in order</A
+></DT
+><DT
+>4.7.10. <A
+HREF="coding.html#S45"
+>"Uncertain" new code and/or changes to
+    existing code, use FIXME or XXX</A
+></DT
+></DL
+></DD
+><DT
+>4.8. <A
+HREF="coding.html#S46"
+>Addendum: Template for files and function
+    comment blocks:</A
+></DT
+></DL
+></DD
+><DT
+>5. <A
+HREF="testing.html"
+>Testing Guidelines</A
+></DT
+><DD
+><DL
+><DT
+>5.1. <A
+HREF="testing.html#TESTING-PLAN"
+>Testplan for releases</A
+></DT
+><DT
+>5.2. <A
+HREF="testing.html#TESTING-REPORT"
+>Test reports</A
+></DT
+></DL
+></DD
+><DT
+>6. <A
+HREF="newrelease.html"
+>Releasing a New Version</A
+></DT
+><DD
+><DL
+><DT
+>6.1. <A
+HREF="newrelease.html#VERSIONNUMBERS"
+>Version numbers</A
+></DT
+><DT
+>6.2. <A
+HREF="newrelease.html#BEFORERELEASE"
+>Before the Release: Freeze</A
+></DT
+><DT
+>6.3. <A
+HREF="newrelease.html#THERELEASE"
+>Building and Releasing the Packages</A
+></DT
+><DD
+><DL
+><DT
+>6.3.1. <A
+HREF="newrelease.html#PACK-GUIDELINES"
+>Note on Privoxy Packaging</A
+></DT
+><DT
+>6.3.2. <A
+HREF="newrelease.html#NEWRELEASE-TARBALL"
+>Source Tarball</A
+></DT
+><DT
+>6.3.3. <A
+HREF="newrelease.html#NEWRELEASE-RPM"
+>SuSE, Conectiva or Red Hat RPM</A
+></DT
+><DT
+>6.3.4. <A
+HREF="newrelease.html#NEWRELEASE-OS2"
+>OS/2</A
+></DT
+><DT
+>6.3.5. <A
+HREF="newrelease.html#NEWRELEASE-SOLARIS"
+>Solaris</A
+></DT
+><DT
+>6.3.6. <A
+HREF="newrelease.html#NEWRELEASE-WINDOWS"
+>Windows</A
+></DT
+><DT
+>6.3.7. <A
+HREF="newrelease.html#NEWRELEASE-DEBIAN"
+>Debian</A
+></DT
+><DT
+>6.3.8. <A
+HREF="newrelease.html#NEWRELEASE-MACOSX"
+>Mac OS X</A
+></DT
+><DT
+>6.3.9. <A
+HREF="newrelease.html#NEWRELEASE-FREEBSD"
+>FreeBSD</A
+></DT
+><DT
+>6.3.10. <A
+HREF="newrelease.html#NEWRELEASE-HPUX"
+>HP-UX 11</A
+></DT
+><DT
+>6.3.11. <A
+HREF="newrelease.html#NEWRELEASE-AMIGA"
+>Amiga OS</A
+></DT
+><DT
+>6.3.12. <A
+HREF="newrelease.html#NEWRELEASE-AIX"
+>AIX</A
+></DT
+></DL
+></DD
+><DT
+>6.4. <A
+HREF="newrelease.html#RELEASING"
+>Uploading and Releasing Your Package</A
+></DT
+><DT
+>6.5. <A
+HREF="newrelease.html#AFTERRELEASE"
+>After the Release</A
+></DT
+></DL
+></DD
+><DT
+>7. <A
+HREF="webserver-update.html"
+>Update the Webserver</A
+></DT
+><DT
+>8. <A
+HREF="contact.html"
+>Contacting the developers, Bug Reporting and Feature Requests</A
+></DT
+><DD
+><DL
+><DT
+>8.1. <A
+HREF="contact.html#CONTACT-SUPPORT"
+>Get Support</A
+></DT
+><DT
+>8.2. <A
+HREF="contact.html#REPORTING"
+>Reporting Problems</A
+></DT
+><DD
+><DL
+><DT
+>8.2.1. <A
+HREF="contact.html#CONTACT-ADS"
+>Reporting Ads or Other Configuration Problems</A
+></DT
+><DT
+>8.2.2. <A
+HREF="contact.html#CONTACT-BUGS"
+>Reporting Bugs</A
+></DT
+></DL
+></DD
+><DT
+>8.3. <A
+HREF="contact.html#CONTACT-FEATURE"
+>Request New Features</A
+></DT
+><DT
+>8.4. <A
+HREF="contact.html#CONTACT-OTHER"
+>Other</A
+></DT
+></DL
+></DD
+><DT
+>9. <A
+HREF="copyright.html"
+>Privoxy Copyright, License and History</A
+></DT
+><DD
+><DL
+><DT
+>9.1. <A
+HREF="copyright.html#AEN1223"
+>License</A
+></DT
+><DT
+>9.2. <A
+HREF="copyright.html#AEN1239"
+>History</A
+></DT
+></DL
+></DD
+><DT
+>10. <A
+HREF="seealso.html"
+>See also</A
+></DT
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="introduction.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Introduction</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/developer-manual/introduction.html b/external/privoxy/doc/webserver/developer-manual/introduction.html
new file mode 100644
index 0000000..5ac1e59
--- /dev/null
+++ b/external/privoxy/doc/webserver/developer-manual/introduction.html
@@ -0,0 +1,199 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Introduction</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy Developer Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Privoxy Developer Manual"
+HREF="index.html"><LINK
+REL="NEXT"
+TITLE="The CVS Repository"
+HREF="cvs.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy Developer Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="index.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="cvs.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="INTRODUCTION"
+>1. Introduction</A
+></H1
+><P
+>     <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, as an heir to
+     <SPAN
+CLASS="APPLICATION"
+>Junkbuster</SPAN
+>, is a Free Software project 
+     and the code is licensed under the GNU General Public License version 2.
+     As such, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> development is potentially open
+     to anyone who has the time, knowledge, and desire to contribute
+     in any capacity. Our goals are simply to continue the mission,
+     to improve <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, and
+     to make it available to as wide an audience as possible. 
+    </P
+><P
+>     One does not have to be a programmer to contribute. Packaging, testing,
+     documenting and porting, are all important jobs as well.
+    </P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="QUICKSTART"
+>1.1. Quickstart to Privoxy Development</A
+></H2
+><P
+>    The first step is to join the <A
+HREF="mailto:ijbswa-developers at lists.sourceforge.net"
+TARGET="_top"
+>developer's mailing list</A
+>.
+    You can submit your ideas, or even better patches. Patches are best 
+    submitted to the Sourceforge tracker set up for this purpose, but 
+    can be sent to the list for review too.
+   </P
+><P
+>     You will also need to have a cvs package installed, which will 
+     entail having ssh installed as well (which seems to be a requirement of
+     SourceForge), in order to access the cvs repository. Having the GNU build
+     tools is also going to be important (particularly, autoconf and gmake).
+    </P
+><P
+>      For the time being (read, this section is under construction), you can 
+      also refer to the extensive comments in the source code. In fact, 
+      reading the code is recommended in any case.
+    </P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="cvs.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Privoxy Developer Manual</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>The CVS Repository</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/developer-manual/newrelease.html b/external/privoxy/doc/webserver/developer-manual/newrelease.html
new file mode 100644
index 0000000..0cdb485
--- /dev/null
+++ b/external/privoxy/doc/webserver/developer-manual/newrelease.html
@@ -0,0 +1,1956 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Releasing a New Version</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy Developer Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Testing Guidelines"
+HREF="testing.html"><LINK
+REL="NEXT"
+TITLE="Update the Webserver"
+HREF="webserver-update.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy Developer Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="testing.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="webserver-update.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="NEWRELEASE"
+>6. Releasing a New Version</A
+></H1
+><P
+>        When we release versions of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>,
+        our work leaves our cozy secret lab and has to work in the cold
+        RealWorld[tm]. Once it is released, there is no way to call it
+        back, so it is very important that great care is taken to ensure
+        that everything runs fine, and not to introduce problems in the
+        very last minute.
+    </P
+><P
+>        So when releasing a new version, please adhere exactly to the
+        procedure outlined in this chapter.
+    </P
+><P
+>	The following programs are required to follow this process:
+	<TT
+CLASS="FILENAME"
+>ncftpput</TT
+> (ncftp), <TT
+CLASS="FILENAME"
+>scp, ssh</TT
+> (ssh),
+        <TT
+CLASS="FILENAME"
+>gmake</TT
+> (GNU's version of make), autoconf, cvs.
+    </P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="VERSIONNUMBERS"
+>6.1. Version numbers</A
+></H2
+><P
+>      First you need to determine which version number the release will have. 
+      <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> version numbers consist of three numbers,
+      separated by dots, like in X.Y.Z (e.g. 3.0.0), where:
+        <P
+></P
+><UL
+><LI
+><P
+>              X, the version major, is rarely ever changed. It is increased by one if
+              turning a development branch into stable substantially changes the functionality,
+              user interface or configuration syntax. Majors 1 and 2 were 
+              <SPAN
+CLASS="APPLICATION"
+>Junkbuster</SPAN
+>, and 3 will be the first stable
+              <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> release.
+            </P
+></LI
+><LI
+><P
+>              Y, the version minor, represents the branch within the major version.
+              At any point in time, there are two branches being maintained:
+              The stable branch, with an even minor, say, 2N, in which no functionality is
+              being added and only bug-fixes are made, and 2N+1, the development branch, in
+              which the further development of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> takes
+              place.
+              This enables us to turn the code upside down and inside out, while at the same time
+              providing and maintaining a stable version.
+              The minor is reset to zero (and one) when the major is incremented. When a development
+              branch has matured to the point where it can be turned into stable, the old stable branch
+              2N is given up (i.e. no longer maintained), the former development branch 2N+1 becomes the
+              new stable branch 2N+2, and a new development branch 2N+3 is opened.
+            </P
+></LI
+><LI
+><P
+>              Z, the point or sub version, represents a release of the software within a branch.
+              It is therefore incremented immediately before each code freeze. 
+              In development branches, only the even point versions correspond to actual releases,
+              while the odd ones denote the evolving state of the sources on CVS in between.
+              It follows that Z is odd on CVS in development branches most of the time. There, it gets
+              increased to an even number immediately before a code freeze, and is increased to an odd
+              number again immediately thereafter.
+              This ensures that builds from CVS snapshots are easily distinguished from released versions.
+              The point version is reset to zero when the minor changes.
+            </P
+><P
+>              Stable branches work a little differently, since there should be
+              little to no development happening in such branches. Remember,
+              only bugfixes, which presumably should have had some testing
+              before being committed. Stable branches will then have their 
+              version reported as <TT
+CLASS="LITERAL"
+>0.0.0</TT
+>, during that period 
+              between releases when changes are being added. This is to denote 
+              that this code is <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not for release</I
+></SPAN
+>. Then 
+              as the release nears, the version is bumped according: e.g. 
+              <TT
+CLASS="LITERAL"
+>3.0.1 -> 0.0.0 -> 3.0.2</TT
+>.
+            </P
+></LI
+></UL
+>
+    </P
+><P
+>     In summary, the main CVS trunk is the development branch where new
+     features are being worked on for the next stable series. This should
+     almost always be where the most activity takes place. There is always at
+     least one stable branch from the trunk, e.g now it is
+     <TT
+CLASS="LITERAL"
+>3.0</TT
+>, which is only used to release stable versions.
+     Once the initial *.0 release of the stable branch has been done, then as a
+     rule, only bugfixes that have had prior testing should be committed to
+     the stable branch. Once there are enough bugfixes to justify a new
+     release, the version of this branch is again incremented Example: 3.0.0
+     -> 3.0.1 -> 3.0.2, etc are all stable releases from within the stable
+     branch. 3.1.x is currently the main trunk, and where work on 3.2.x is
+     taking place. If any questions, please post to the devel list
+     <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>before</I
+></SPAN
+> committing to a stable branch!
+    </P
+><P
+>     Developers should remember too that if they commit a bugfix to the stable 
+     branch, this will more than likely require a separate submission to the 
+     main trunk, since these are separate development trees within CVS. If you 
+     are working on both, then this would require at least two separate check
+     outs (i.e main trunk, <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>and</I
+></SPAN
+> the stable release branch,
+     which is <TT
+CLASS="LITERAL"
+>v_3_0_branch</TT
+> at the moment).
+    </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="BEFORERELEASE"
+>6.2. Before the Release: Freeze</A
+></H2
+><P
+>       The following <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>must be done by one of the
+       developers</I
+></SPAN
+> prior to each new release.
+     </P
+><P
+>      <P
+></P
+><UL
+><LI
+><P
+>         Make sure that everybody who has worked on the code in the last
+         couple of days has had a chance to yell <SPAN
+CLASS="QUOTE"
+>"no!"</SPAN
+> in case
+         they have pending changes/fixes in their pipelines. Announce the
+         freeze so that nobody will interfere with last minute changes.
+        </P
+></LI
+><LI
+><P
+>         Increment the version number (point from odd to even in development
+         branches!) in <TT
+CLASS="FILENAME"
+>configure.in</TT
+>. (RPM spec files 
+         will need to be incremented as well.)
+       </P
+></LI
+><LI
+><P
+>        If <TT
+CLASS="FILENAME"
+>default.action</TT
+> has changed since last
+        release (i.e. software release or standalone actions file release),
+        bump up its version info to A.B in this line:
+       </P
+><P
+> 
+        <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  {+add-header{X-Actions-File-Version: A.B} -filter -no-popups}</PRE
+></TD
+></TR
+></TABLE
+>
+       </P
+><P
+> 
+        Then change the version info in doc/webserver/actions/index.php,
+        line: '$required_actions_file_version = "A.B";'
+       </P
+></LI
+><LI
+><P
+>        All documentation should be rebuild after the version bump.
+        Finished docs should be then be committed to CVS (for those 
+        without the ability to build these). Some docs may require 
+        rather obscure processing tools. <TT
+CLASS="FILENAME"
+>config</TT
+>,
+        the man page (and the html version of the man page), and the PDF docs
+        fall in this category. REAMDE, the man page, AUTHORS, and config
+        should all also be committed to CVS for other packagers. The 
+        formal docs should be uploaded to the webserver. See the
+        Section "Updating the webserver" in this manual for details.
+       </P
+></LI
+><LI
+><P
+>         The <I
+CLASS="CITETITLE"
+>User Manual</I
+> is also used for context 
+         sensitive help for the CGI editor. This is version sensitive, so that
+         the user will get appropriate help for his/her release. So with 
+         each release a fresh version should be uploaded to the webserver
+         (this is in addition to the main <I
+CLASS="CITETITLE"
+>User Manual</I
+>
+         link from the main page since we need to keep manuals for various 
+         versions available). The CGI pages will link to something like 
+         <TT
+CLASS="LITERAL"
+>http://privoxy.org/$(VERSION)/user-manual/</TT
+>. This
+         will need to be updated for each new release. There is no Makefile
+         target for this at this time!!! It needs to be done manually.
+       </P
+></LI
+><LI
+><P
+>        All developers should look at the <TT
+CLASS="FILENAME"
+>ChangeLog</TT
+> and
+        make sure noteworthy changes are referenced.
+       </P
+></LI
+><LI
+><P
+>        <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Commit all files that were changed in the above steps!</I
+></SPAN
+>
+       </P
+></LI
+><LI
+><P
+>        Tag all files in CVS with the version number with
+        <SPAN
+CLASS="QUOTE"
+>"<B
+CLASS="COMMAND"
+>cvs tag v_X_Y_Z</B
+>"</SPAN
+>.
+        Don't use vX_Y_Z, ver_X_Y_Z, v_X.Y.Z (won't work) etc.
+       </P
+></LI
+><LI
+><P
+>        If the release was in a development branch, increase the point version
+        from even to odd (X.Y.(Z+1)) again in <TT
+CLASS="FILENAME"
+>configure.in</TT
+> and
+        commit your change.
+       </P
+></LI
+><LI
+><P
+>        On the webserver, copy the user manual to a new top-level directory
+        called <TT
+CLASS="FILENAME"
+>X.Y.Z</TT
+>. This ensures that help links from the CGI
+        pages, which have the version as a prefix, will go into the right version of the manual.
+        If this is a development branch release, also symlink <TT
+CLASS="FILENAME"
+>X.Y.(Z-1)</TT
+>
+        to <TT
+CLASS="FILENAME"
+>X.Y.Z</TT
+> and <TT
+CLASS="FILENAME"
+>X.Y.(Z+1)</TT
+> to
+        <TT
+CLASS="FILENAME"
+>.</TT
+> (i.e. dot). 
+       </P
+></LI
+></UL
+>
+     </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="THERELEASE"
+>6.3. Building and Releasing the Packages</A
+></H2
+><P
+>      Now the individual packages can be built and released. Note that for
+      GPL reasons the first package to be released is always the source tarball.
+     </P
+><P
+>      For <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>all</I
+></SPAN
+> types of packages, including the source tarball,
+      <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>you must make sure that you build from clean sources by exporting
+      the right version from CVS into an empty directory</I
+></SPAN
+> (just press return when
+      asked for a password):
+     </P
+><P
+>      <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  mkdir dist # delete or choose different name if it already exists
+  cd dist
+  cvs -d:pserver:anonymous at ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa login
+  cvs -z3 -d:pserver:anonymous at ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa export -r v_X_Y_Z current</PRE
+></TD
+></TR
+></TABLE
+>
+    </P
+><P
+>     <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Do NOT change</I
+></SPAN
+> a single bit, including, but not limited to
+     version information after export from CVS. This is to make sure that
+     all release packages, and with them, all future bug reports, are based
+     on exactly the same code.
+    </P
+><DIV
+CLASS="WARNING"
+><P
+></P
+><TABLE
+CLASS="WARNING"
+BORDER="1"
+WIDTH="100%"
+><TR
+><TD
+ALIGN="CENTER"
+><B
+>Warning</B
+></TD
+></TR
+><TR
+><TD
+ALIGN="LEFT"
+><P
+>      Every significant release of Privoxy has included at least one 
+      package that either had incorrect versions of files, missing files, 
+      or incidental leftovers from a previous build process that gave 
+      unknown numbers of users headaches to try to figure out what was 
+      wrong. PLEASE, make sure you are using pristene sources, and are
+      following the prescribed process!
+     </P
+></TD
+></TR
+></TABLE
+></DIV
+><P
+>     Please find additional instructions for the source tarball and the
+     individual platform dependent binary packages below. And details 
+     on the Sourceforge release process below that.
+    </P
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="PACK-GUIDELINES"
+>6.3.1. Note on Privoxy Packaging</A
+></H3
+><P
+>      Please keep these general guidelines in mind when putting together 
+      your package. These apply to <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>all</I
+></SPAN
+> platforms!
+     </P
+><P
+>      <P
+></P
+><UL
+><LI
+><P
+>          <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>requires</I
+></SPAN
+>
+          write access to: all <TT
+CLASS="FILENAME"
+>*.action</TT
+> files, all 
+          logfiles, and the <TT
+CLASS="FILENAME"
+>trust</TT
+> file. You will 
+          need to determine the best way to do this for your platform.
+        </P
+></LI
+><LI
+><P
+>          Please include up to date documentation. At a bare minimum:
+        </P
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>          <TT
+CLASS="FILENAME"
+>LICENSE</TT
+> (top-level directory)
+         </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>          <TT
+CLASS="FILENAME"
+>README</TT
+> (top-level directory)
+         </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>          <TT
+CLASS="FILENAME"
+>AUTHORS</TT
+> (top-level directory)
+         </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>          <TT
+CLASS="FILENAME"
+>man page</TT
+> (top-level directory, Unix-like
+          platforms only)
+         </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>          <TT
+CLASS="FILENAME"
+>The User Manual</TT
+> (doc/webserver/user-manual/)
+         </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>          <TT
+CLASS="FILENAME"
+>FAQ</TT
+> (doc/webserver/faq/)
+         </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+><P
+>          Also suggested: <TT
+CLASS="FILENAME"
+>Developer Manual</TT
+>
+          (doc/webserver/developer-manual) and <TT
+CLASS="FILENAME"
+>ChangeLog</TT
+>
+          (top-level directory). <TT
+CLASS="FILENAME"
+>FAQ</TT
+> and the manuals are
+          HTML docs. There are also text versions in
+          <TT
+CLASS="FILENAME"
+>doc/text/</TT
+> which could conceivably also be
+          included.
+        </P
+><P
+>         The documentation has been designed such that the manuals are linked
+         to each other from parallel directories, and should be packaged 
+         that way. <TT
+CLASS="FILENAME"
+>privoxy-index.html</TT
+> can also be
+         included and can serve as a focal point for docs and other links of
+         interest (and possibly renamed to <TT
+CLASS="FILENAME"
+>index.html</TT
+>).
+         This should be one level up from the manuals. There is a link also 
+         on this page to an HTMLized version of the man page. To avoid 404 for
+         this, it is in CVS as
+         <TT
+CLASS="FILENAME"
+>doc/webserver/man-page/privoxy-man-page.html</TT
+>,
+         and should be included along with the manuals. There is also a
+         css stylesheets that can be included for better presentation:
+         <TT
+CLASS="FILENAME"
+>p_doc.css</TT
+>. This should be in the same directory
+         with <TT
+CLASS="FILENAME"
+>privoxy-index.html</TT
+>, (i.e. one level up from
+         the manual directories).
+        </P
+></LI
+><LI
+><P
+>        <TT
+CLASS="FILENAME"
+>user.action</TT
+> and <TT
+CLASS="FILENAME"
+>user.filter</TT
+>
+        are designed for local preferences. Make sure these do not get overwritten!
+        <TT
+CLASS="FILENAME"
+>config</TT
+> should not be overwritten either. This 
+        has especially important configuration data in it.
+        <TT
+CLASS="FILENAME"
+>trust</TT
+> should be left in tact as well.
+       </P
+></LI
+><LI
+><P
+>        Other configuration files (<TT
+CLASS="FILENAME"
+>default.action</TT
+> and
+        <TT
+CLASS="FILENAME"
+>default.filter</TT
+>) should be installed as the new
+        defaults, but all previously installed configuration files should be
+        preserved as backups. This is just good manners :-) These files are
+        likely to change between releases and contain important new features
+        and bug fixes.
+       </P
+></LI
+><LI
+><P
+>       Please check platform specific notes in this doc, if you haven't 
+       done <SPAN
+CLASS="QUOTE"
+>"Privoxy"</SPAN
+> packaging before for other platform 
+       specific issues. Conversely, please add any notes that you know 
+       are important for your platform (or contact one of the doc 
+       maintainers to do this if you can't).
+      </P
+></LI
+><LI
+><P
+>       Packagers should do a <SPAN
+CLASS="QUOTE"
+>"clean"</SPAN
+> install of their 
+       package after building it. So any previous installs should be 
+       removed first to ensure the integrity of the newly built package. 
+       Then run the package for a while to make sure there are no 
+       obvious problems, before uploading.
+     </P
+></LI
+></UL
+>
+     </P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="NEWRELEASE-TARBALL"
+>6.3.2. Source Tarball</A
+></H3
+><P
+>	First, <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>make sure that you have freshly exported the right
+        version into an empty directory</I
+></SPAN
+>. (See "Building and releasing
+        packages" above). Then run:
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  cd current
+  autoheader && autoconf && ./configure</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	Then do:
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  make tarball-dist</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	To upload the package to Sourceforge, simply issue
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  make tarball-upload</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	Go to the displayed URL and release the file publicly on Sourceforge.
+        For the change log field, use the relevant section of the
+        <TT
+CLASS="FILENAME"
+>ChangeLog</TT
+> file.
+      </P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="NEWRELEASE-RPM"
+>6.3.3. SuSE, Conectiva or Red Hat RPM</A
+></H3
+><P
+>        In following text, replace <TT
+CLASS="REPLACEABLE"
+><I
+>dist</I
+></TT
+>
+        with either <SPAN
+CLASS="QUOTE"
+>"rh"</SPAN
+> for Red Hat or <SPAN
+CLASS="QUOTE"
+>"suse"</SPAN
+> for SuSE.
+        </P
+><P
+>	First, <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>make sure that you have freshly exported the right
+        version into an empty directory</I
+></SPAN
+>. (See "Building and releasing
+        packages" above). 
+	</P
+><P
+>        As the only exception to not changing anything after export from CVS,
+        now examine the file <TT
+CLASS="FILENAME"
+>privoxy-</TT
+><TT
+CLASS="REPLACEABLE"
+><I
+>dist</I
+></TT
+><TT
+CLASS="FILENAME"
+>.spec</TT
+>
+        and make sure that the version information and the RPM release number are
+        correct. The RPM release numbers for each version start at one. Hence it must
+        be reset to one if this is the first RPM for
+        <TT
+CLASS="REPLACEABLE"
+><I
+>dist</I
+></TT
+> which is built from version
+        X.Y.Z. Check the
+        <A
+HREF="http://sourceforge.net/project/showfiles.php?group_id=11118"
+TARGET="_top"
+>file
+        list</A
+> if unsure. Else, it must be set to the highest already available RPM
+        release number for that version plus one.
+	</P
+><P
+>        Then run:
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  cd current
+  autoheader && autoconf && ./configure</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	Then do
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  make <TT
+CLASS="REPLACEABLE"
+><I
+>dist</I
+></TT
+>-dist</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	To upload the package to Sourceforge, simply issue
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  make <TT
+CLASS="REPLACEABLE"
+><I
+>dist</I
+></TT
+>-upload <TT
+CLASS="REPLACEABLE"
+><I
+>rpm_packagerev</I
+></TT
+></PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>        where <TT
+CLASS="REPLACEABLE"
+><I
+>rpm_packagerev</I
+></TT
+> is the
+        RPM release number as determined above.
+	Go to the displayed URL and release the file publicly on Sourceforge.
+        Use the release notes and change log from the source tarball package.
+      </P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="NEWRELEASE-OS2"
+>6.3.4. OS/2</A
+></H3
+><P
+>	First, <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>make sure that you have freshly exported the right
+        version into an empty directory</I
+></SPAN
+>. (See "Building and releasing
+        packages" above). Then get the OS/2 Setup module:
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  cvs -z3 -d:pserver:anonymous at ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa co os2setup</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	You will need a mix of development tools.
+	The main compilation takes place with IBM Visual Age C++.
+	Some ancillary work takes place with GNU tools, available from
+	various sources like hobbes.nmsu.edu.
+	Specificially, you will need <TT
+CLASS="FILENAME"
+>autoheader</TT
+>,
+	<TT
+CLASS="FILENAME"
+>autoconf</TT
+> and <TT
+CLASS="FILENAME"
+>sh</TT
+> tools.
+	The packaging takes place with WarpIN, available from various sources, including
+	its home page: <A
+HREF="http://www.xworkplace.org/"
+TARGET="_top"
+>xworkplace</A
+>.
+	</P
+><P
+>	Change directory to the <TT
+CLASS="FILENAME"
+>os2setup</TT
+> directory.
+	Edit the os2build.cmd file to set the final executable filename.
+	For example, 
+	</P
+><P
+> 	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  installExeName='privoxyos2_setup_X.Y.Z.exe'</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+> 	Next, edit the <TT
+CLASS="FILENAME"
+>IJB.wis</TT
+> file so the release number matches
+ 	in the <TT
+CLASS="FILENAME"
+>PACKAGEID</TT
+> section:
+ 	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  PACKAGEID="Privoxy Team\Privoxy\Privoxy Package\X\Y\Z"</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	You're now ready to build.  Run:
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  os2build</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>         You will find the  WarpIN-installable executable in the
+        <TT
+CLASS="FILENAME"
+>./files</TT
+> directory. Upload this anonymously to
+         <TT
+CLASS="FILENAME"
+>uploads.sourceforge.net/incoming</TT
+>, create a release
+         for it, and you're done. Use the release notes and Change Log from the
+         source tarball package.
+	</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="NEWRELEASE-SOLARIS"
+>6.3.5. Solaris</A
+></H3
+><P
+>	Login to Sourceforge's compilefarm via ssh:
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  ssh cf.sourceforge.net</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	Choose the right operating system (not the Debian one).
+        When logged in, <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>make sure that you have freshly exported the right
+        version into an empty directory</I
+></SPAN
+>. (See "Building and releasing
+        packages" above). Then run:
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  cd current
+  autoheader && autoconf && ./configure</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	Then run
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  gmake solaris-dist</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	which creates a gzip'ed tar archive. Sadly, you cannot use <B
+CLASS="COMMAND"
+>make
+	solaris-upload</B
+> on the Sourceforge machine (no ncftpput). You now have
+	to manually upload the archive to Sourceforge's ftp server and release
+	the file publicly. Use the release notes and Change Log from the
+        source tarball package.
+	</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="NEWRELEASE-WINDOWS"
+>6.3.6. Windows</A
+></H3
+><P
+>        You should ensure you have the latest version of Cygwin (from
+        <A
+HREF="http://www.cygwin.com/"
+TARGET="_top"
+>http://www.cygwin.com/</A
+>).
+        Run the following commands from within a Cygwin bash shell.
+      </P
+><P
+>	First, <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>make sure that you have freshly exported the right
+        version into an empty directory</I
+></SPAN
+>. (See "Building and releasing
+        packages" above). Then get the Windows setup module:
+      </P
+><P
+>      <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  cvs -z3  -d:pserver:anonymous at ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa co winsetup</PRE
+></TD
+></TR
+></TABLE
+>
+      </P
+><P
+>        Then you can build the package.  This is fully automated, and is
+        controlled by <TT
+CLASS="FILENAME"
+>winsetup/GNUmakefile</TT
+>.
+        All you need to do is:
+      </P
+><P
+>      <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  cd winsetup
+  make</PRE
+></TD
+></TR
+></TABLE
+>
+      </P
+><P
+>        Now you can manually rename <TT
+CLASS="FILENAME"
+>privoxy_setup.exe</TT
+> to
+        <TT
+CLASS="FILENAME"
+>privoxy_setup_X_Y_Z.exe</TT
+>, and upload it to
+        SourceForge. When releasing the package on SourceForge, use the release notes
+        and Change Log from the source tarball package.
+      </P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="NEWRELEASE-DEBIAN"
+>6.3.7. Debian</A
+></H3
+><P
+>        First, <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>make sure that you have freshly exported the
+        right version into an empty directory</I
+></SPAN
+>. (See
+        "Building and releasing packages" above).  Then add a log
+        entry to <TT
+CLASS="FILENAME"
+>debian/changelog</TT
+>, if it is not
+        already there, for example by running:
+      </P
+><P
+>        <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  debchange -v 3.0.12-stable-1 "New upstream version"</PRE
+></TD
+></TR
+></TABLE
+>
+      </P
+><P
+>        Then, run: 
+      </P
+><P
+>        <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  dpkg-buildpackage -rfakeroot -us -uc -b</PRE
+></TD
+></TR
+></TABLE
+>
+      </P
+><P
+>        This will create
+        <TT
+CLASS="FILENAME"
+>../privoxy_3.0.12-stable-1_i386.deb</TT
+>
+        which can be uploaded.  To upload the package to Sourceforge, simply
+	issue
+      </P
+><P
+>        <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  make debian-upload</PRE
+></TD
+></TR
+></TABLE
+>
+      </P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="NEWRELEASE-MACOSX"
+>6.3.8. Mac OS X</A
+></H3
+><P
+>	First, <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>make sure that you have freshly exported the right
+        version into an empty directory</I
+></SPAN
+>. (See "Building and releasing
+        packages" above). Then get the Mac OS X setup module:
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  cvs -z3 -d:pserver:anonymous at ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa co osxsetup</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	Then run:
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  cd osxsetup
+  build</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	This will run <TT
+CLASS="FILENAME"
+>autoheader</TT
+>, <TT
+CLASS="FILENAME"
+>autoconf</TT
+> and
+	<TT
+CLASS="FILENAME"
+>configure</TT
+> as well as <TT
+CLASS="FILENAME"
+>make</TT
+>.
+	Finally, it will copy over the necessary files to the ./osxsetup/files directory
+	for further processing by <TT
+CLASS="FILENAME"
+>PackageMaker</TT
+>.
+	</P
+><P
+>	Bring up PackageMaker with the PrivoxyPackage.pmsp definition file, modify the package
+	name to match the release, and hit the "Create package" button.
+	If you specify ./Privoxy.pkg as the output package name, you can then create
+	the distributable zip file with the command:
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  zip -r privoxyosx_setup_x.y.z.zip Privoxy.pkg</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	You can then upload <TT
+CLASS="FILENAME"
+>privoxyosx_setup_x.y.z.zip</TT
+> anonymously to 
+	<TT
+CLASS="FILENAME"
+>uploads.sourceforge.net/incoming</TT
+>,
+	create a release for it, and you're done. Use the release notes
+        and Change Log from the source tarball package.
+	</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="NEWRELEASE-FREEBSD"
+>6.3.9. FreeBSD</A
+></H3
+><P
+>	Login to Sourceforge's compile-farm via ssh:
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  ssh cf.sourceforge.net</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	Choose the right operating system.
+        When logged in, <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>make sure that you have freshly exported the right
+        version into an empty directory</I
+></SPAN
+>. (See "Building and releasing
+        packages" above). Then run:
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  cd current
+  autoheader && autoconf && ./configure</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	Then run:
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  gmake freebsd-dist</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	which creates a gzip'ed tar archive. Sadly, you cannot use <B
+CLASS="COMMAND"
+>make
+	freebsd-upload</B
+> on the Sourceforge machine (no ncftpput). You now have
+	to manually upload the archive to Sourceforge's ftp server and release
+	the file publicly. Use the release notes and Change Log from the
+        source tarball package.
+	</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="NEWRELEASE-HPUX"
+>6.3.10. HP-UX 11</A
+></H3
+><P
+>	First, <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>make sure that you have freshly exported the right
+        version into an empty directory</I
+></SPAN
+>. (See "Building and releasing
+        packages" above). Then run:
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  cd current
+  autoheader && autoconf && ./configure</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	Then do FIXME.
+	</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="NEWRELEASE-AMIGA"
+>6.3.11. Amiga OS</A
+></H3
+><P
+>	First, <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>make sure that you have freshly exported the right
+        version into an empty directory</I
+></SPAN
+>. (See "Building and releasing
+        packages" above). Then run:
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  cd current
+  autoheader && autoconf && ./configure</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	Then do FIXME.
+	</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="NEWRELEASE-AIX"
+>6.3.12. AIX</A
+></H3
+><P
+>	Login to Sourceforge's compilefarm via ssh:
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  ssh cf.sourceforge.net</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	Choose the right operating system.
+        When logged in, <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>make sure that you have freshly exported the right
+        version into an empty directory</I
+></SPAN
+>. (See "Building and releasing
+        packages" above). Then run:
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  cd current
+  autoheader && autoconf && ./configure</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	Then run:
+	</P
+><P
+>	<TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  make aix-dist</PRE
+></TD
+></TR
+></TABLE
+>
+	</P
+><P
+>	which creates a gzip'ed tar archive. Sadly, you cannot use <B
+CLASS="COMMAND"
+>make
+	aix-upload</B
+> on the Sourceforge machine (no ncftpput). You now have
+	to manually upload the archive to Sourceforge's ftp server and release
+	the file publicly. Use the release notes and Change Log from the
+        source tarball package.
+	</P
+></DIV
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="RELEASING"
+>6.4. Uploading and Releasing Your Package</A
+></H2
+><P
+>      After the package is ready, it is time to upload it 
+      to SourceForge, and go through the release steps. The upload
+      is done via FTP:
+    </P
+><P
+>      <P
+></P
+><UL
+><LI
+><P
+>          Upload to: <A
+HREF="ftp://upload.sourceforge.net/incoming"
+TARGET="_top"
+>ftp://upload.sourceforge.net/incoming</A
+>
+        </P
+></LI
+><LI
+><P
+>         user: <TT
+CLASS="LITERAL"
+>anonymous</TT
+>
+       </P
+></LI
+><LI
+><P
+>         password: <TT
+CLASS="LITERAL"
+>ijbswa-developers at lists.sourceforge.net</TT
+>
+       </P
+></LI
+></UL
+>
+    </P
+><P
+>     Or use the <B
+CLASS="COMMAND"
+>make</B
+> targets as described above.
+    </P
+><P
+>     Once this done go to <A
+HREF="https://sourceforge.net/project/admin/editpackages.php?group_id=11118"
+TARGET="_top"
+>https://sourceforge.net/project/admin/editpackages.php?group_id=11118</A
+>, 
+     making sure you are logged in. Find your target platform in the 
+     second column, and click <TT
+CLASS="LITERAL"
+>Add Release</TT
+>. You will 
+     then need to create a new release for your package, using the format 
+     of <TT
+CLASS="LITERAL"
+>$VERSION ($CODE_STATUS)</TT
+>, e.g. <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>3.0.12
+     (beta)</I
+></SPAN
+>.
+    </P
+><P
+>     Now just follow the prompts. Be sure to add any appropriate Release
+     notes. You should see your freshly uploaded packages in 
+     <SPAN
+CLASS="QUOTE"
+>"Step 2. Add Files To This Release"</SPAN
+>. Check the 
+     appropriate box(es). Remember at each step to hit the 
+     <SPAN
+CLASS="QUOTE"
+>"Refresh/Submit"</SPAN
+> buttons! You should now see your 
+     file(s) listed in Step 3. Fill out the forms with the appropriate 
+     information for your platform, being sure to hit <SPAN
+CLASS="QUOTE"
+>"Update"</SPAN
+>
+     for each file. If anyone is monitoring your platform, check the 
+     <SPAN
+CLASS="QUOTE"
+>"email"</SPAN
+> box at the very bottom to notify them of 
+     the new package. This should do it!
+    </P
+><P
+>     If you have made errors, or need to make changes, you can go through 
+     essentially the same steps, but select <TT
+CLASS="LITERAL"
+>Edit Release</TT
+>, 
+     instead of <TT
+CLASS="LITERAL"
+>Add Release</TT
+>.
+    </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="AFTERRELEASE"
+>6.5. After the Release</A
+></H2
+><P
+>      When all (or: most of the) packages have been uploaded and made available,
+      send an email to the <A
+HREF="mailto:ijbswa-announce at lists.sourceforge.net"
+TARGET="_top"
+>announce
+      mailing list</A
+>, Subject: "Version X.Y.Z available for download". Be sure to
+      include the
+      <A
+HREF="http://sourceforge.net/project/showfiles.php?group_id=11118"
+TARGET="_top"
+>download
+      location</A
+>, the release notes and the Changelog. Also, post an
+      updated News item on the project page Sourceforge, and update the Home 
+      page and docs linked from the Home page (see below). Other news sites
+      and release oriented sites, such as Freshmeat, should also be notified.
+     </P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="testing.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="webserver-update.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Testing Guidelines</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Update the Webserver</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/developer-manual/quickstart.html b/external/privoxy/doc/webserver/developer-manual/quickstart.html
new file mode 100644
index 0000000..ba84f13
--- /dev/null
+++ b/external/privoxy/doc/webserver/developer-manual/quickstart.html
@@ -0,0 +1,150 @@
+<HTML
+><HEAD
+><TITLE
+>Quickstart to Privoxy Development</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.64
+"><LINK
+REL="HOME"
+TITLE="Privoxy Developer Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Introduction"
+HREF="introduction.html"><LINK
+REL="NEXT"
+TITLE="The CVS Repository"
+HREF="cvs.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"></HEAD
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy Developer Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="introduction.html"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="cvs.html"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="QUICKSTART"
+>3. Quickstart to Privoxy Development</A
+></H1
+><P
+>      You'll need an account on <A
+HREF="http://sourceforge.net/"
+TARGET="_top"
+>Sourceforge</A
+> to support our
+      development.  Mail your ID to <A
+HREF="mailto:developers at privoxy.org"
+TARGET="_top"
+>the list</A
+> and wait until a
+      project manager has added you.
+    </P
+><P
+>      For the time being (read, this section is under construction), please
+      refer to the extensive comments in the source code.
+    </P
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="introduction.html"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="cvs.html"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Introduction</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>The CVS Repository</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/developer-manual/seealso.html b/external/privoxy/doc/webserver/developer-manual/seealso.html
new file mode 100644
index 0000000..35ee27c
--- /dev/null
+++ b/external/privoxy/doc/webserver/developer-manual/seealso.html
@@ -0,0 +1,405 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>See also</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy Developer Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Privoxy Copyright, License and History"
+HREF="copyright.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy Developer Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="copyright.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+> </TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="SEEALSO"
+>10. See also</A
+></H1
+><P
+> Other references and sites of interest to <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ users:</P
+><P
+> <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.privoxy.org/"
+TARGET="_top"
+>http://www.privoxy.org/</A
+>, 
+   the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> Home page. 
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.privoxy.org/faq/"
+TARGET="_top"
+>http://www.privoxy.org/faq/</A
+>, 
+   the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> FAQ. 
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.privoxy.org/developer-manual/"
+TARGET="_top"
+>http://www.privoxy.org/developer-manual/</A
+>, 
+   the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> developer manual. 
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="https://sourceforge.net/projects/ijbswa/"
+TARGET="_top"
+>https://sourceforge.net/projects/ijbswa/</A
+>, 
+   the Project Page for <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> on 
+   <A
+HREF="http://sourceforge.net"
+TARGET="_top"
+>SourceForge</A
+>.
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://config.privoxy.org/"
+TARGET="_top"
+>http://config.privoxy.org/</A
+>,
+   the web-based user interface. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> must be
+   running for this to work. Shortcut: <A
+HREF="http://p.p/"
+TARGET="_top"
+>http://p.p/</A
+>
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="https://sourceforge.net/tracker/?group_id=11118&atid=460288"
+TARGET="_top"
+>https://sourceforge.net/tracker/?group_id=11118&atid=460288</A
+>, to submit <SPAN
+CLASS="QUOTE"
+>"misses"</SPAN
+> and other
+   configuration related suggestions to the developers. 
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ 
+ 
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.junkbusters.com/ht/en/cookies.html"
+TARGET="_top"
+>http://www.junkbusters.com/ht/en/cookies.html</A
+>,
+   an explanation how cookies are used to track web users.
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.junkbusters.com/ijb.html"
+TARGET="_top"
+>http://www.junkbusters.com/ijb.html</A
+>,
+   the original Internet Junkbuster.
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.squid-cache.org/"
+TARGET="_top"
+>http://www.squid-cache.org/</A
+>, a popular
+   caching proxy, which is often used together with <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>.
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.pps.jussieu.fr/~jch/software/polipo/"
+TARGET="_top"
+>http://www.pps.jussieu.fr/~jch/software/polipo/</A
+>,
+   <SPAN
+CLASS="APPLICATION"
+>Polipo</SPAN
+> is a caching proxy with advanced features
+   like pipelining, multiplexing and caching of partial instances. In many setups
+   it can be used as <SPAN
+CLASS="APPLICATION"
+>Squid</SPAN
+> replacement.
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="https://www.torproject.org/"
+TARGET="_top"
+>https://www.torproject.org/</A
+>, 
+   <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+> can help anonymize web browsing, 
+   web publishing, instant messaging, IRC, SSH, and other applications.
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ </P
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="copyright.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+> </TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Privoxy Copyright, License and History</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+> </TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/developer-manual/testing.html b/external/privoxy/doc/webserver/developer-manual/testing.html
new file mode 100644
index 0000000..80d3f29
--- /dev/null
+++ b/external/privoxy/doc/webserver/developer-manual/testing.html
@@ -0,0 +1,259 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Testing Guidelines</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy Developer Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Coding Guidelines"
+HREF="coding.html"><LINK
+REL="NEXT"
+TITLE="Releasing a New Version"
+HREF="newrelease.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy Developer Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="coding.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="newrelease.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="TESTING"
+>5. Testing Guidelines</A
+></H1
+><P
+>To be filled.</P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="TESTING-PLAN"
+>5.1. Testplan for releases</A
+></H2
+><P
+>       Explain release numbers. major, minor. developer releases. etc.
+
+<P
+></P
+><OL
+TYPE="1"
+><LI
+><P
+>Remove any existing rpm with rpm -e</P
+></LI
+><LI
+><P
+>Remove any file that was left over. This includes (but is not limited to)
+      <P
+></P
+><UL
+><LI
+><P
+>/var/log/privoxy</P
+></LI
+><LI
+><P
+>/etc/privoxy</P
+></LI
+><LI
+><P
+>/usr/sbin/privoxy</P
+></LI
+><LI
+><P
+>/etc/init.d/privoxy</P
+></LI
+><LI
+><P
+>/usr/doc/privoxy*</P
+></LI
+></UL
+></P
+></LI
+><LI
+><P
+>Install the rpm. Any error messages?</P
+></LI
+><LI
+><P
+>start,stop,status <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> with the specific script
+      (e.g. /etc/rc.d/init/privoxy stop). Reboot your machine. Does
+      autostart work?</P
+></LI
+><LI
+><P
+>Start browsing. Does <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> work? Logfile written?</P
+></LI
+><LI
+><P
+>Remove the rpm. Any error messages? All files removed?</P
+></LI
+></OL
+></P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="TESTING-REPORT"
+>5.2. Test reports</A
+></H2
+><P
+>Please submit test reports only with the <A
+HREF="http://sourceforge.net/tracker/?func=add&group_id=11118&atid=395005"
+TARGET="_top"
+>test form</A
+>
+at sourceforge. Three simple steps:
+        <P
+></P
+><UL
+><LI
+><P
+>Select category: the distribution you test on.</P
+></LI
+><LI
+><P
+>Select group: the version of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> that we are about to release.</P
+></LI
+><LI
+><P
+>Fill the Summary and Detailed Description with something
+              intelligent (keep it short and precise).</P
+></LI
+></UL
+>
+        Do not mail to the mailing list (we cannot keep track on issues there).
+      </P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="coding.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="newrelease.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Coding Guidelines</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Releasing a New Version</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/developer-manual/webserver-update.html b/external/privoxy/doc/webserver/developer-manual/webserver-update.html
new file mode 100644
index 0000000..b54d646
--- /dev/null
+++ b/external/privoxy/doc/webserver/developer-manual/webserver-update.html
@@ -0,0 +1,260 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Update the Webserver</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy Developer Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Releasing a New Version"
+HREF="newrelease.html"><LINK
+REL="NEXT"
+TITLE="Contacting the developers, Bug Reporting and Feature Requests"
+HREF="contact.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy Developer Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="newrelease.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="contact.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="WEBSERVER-UPDATE"
+>7. Update the Webserver</A
+></H1
+><P
+>    The webserver should be updated at least with each stable release. When
+    updating, please follow these steps to make sure that no broken links,
+    inconsistent contents or permission problems will occur (as it has many 
+    times in the past!):
+   </P
+><P
+>    If you have changed anything in the stable-branch documentation source
+    SGML files, do:
+   </P
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  make dok dok-pdf # (or 'make redhat-dok dok-pdf' if 'make dok' doesn't work for you)</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    That will generate <TT
+CLASS="FILENAME"
+>doc/webserver/user-manual</TT
+>,
+    <TT
+CLASS="FILENAME"
+>doc/webserver/developer-manual</TT
+>,
+    <TT
+CLASS="FILENAME"
+>doc/webserver/faq</TT
+>, 
+    <TT
+CLASS="FILENAME"
+>doc/pdf/*.pdf</TT
+> and
+    <TT
+CLASS="FILENAME"
+>doc/webserver/index.html</TT
+> automatically.
+   </P
+><P
+>    If you changed the manual page sources, generate
+    <TT
+CLASS="FILENAME"
+>doc/webserver/man-page/privoxy-man-page.html</TT
+>
+    by running <SPAN
+CLASS="QUOTE"
+>"<B
+CLASS="COMMAND"
+>make man</B
+>"</SPAN
+>. (This is
+    a separate target due to dependencies on some obscure perl scripts
+    [now in CVS, but not well tested]. See comments in <TT
+CLASS="FILENAME"
+>GNUmakefile</TT
+>.)
+   </P
+><P
+>    If you want to add new files to the webserver, create them locally in
+    the <TT
+CLASS="FILENAME"
+>doc/webserver/*</TT
+> directory (or
+    create new directories under <TT
+CLASS="FILENAME"
+>doc/webserver</TT
+>).
+   </P
+><P
+>    Next, commit any changes from the above steps to CVS. All set? 
+    If these are docs in the stable branch, then do:
+   </P
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  make webserver</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    This will do the upload to <A
+HREF="http://www.privoxy.org/"
+TARGET="_top"
+>the
+    webserver</A
+> (www.privoxy.org) and ensure all files and directories
+    there are group writable.
+   </P
+><P
+>    Please do <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>NOT</I
+></SPAN
+> use any other means of transferring
+    files to the webserver to avoid permission problems. Also, please do not
+    upload docs from development branches or versions. The publicly posted
+    docs should be in sync with the last official release.
+   </P
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="newrelease.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="contact.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Releasing a New Version</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Contacting the developers, Bug Reporting and Feature Requests</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/faq/configuration.html b/external/privoxy/doc/webserver/faq/configuration.html
new file mode 100644
index 0000000..01c001b
--- /dev/null
+++ b/external/privoxy/doc/webserver/faq/configuration.html
@@ -0,0 +1,1797 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Configuration</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy Frequently Asked Questions"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Installation"
+HREF="installation.html"><LINK
+REL="NEXT"
+TITLE="Miscellaneous"
+HREF="misc.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy Frequently Asked Questions</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="installation.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="misc.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="CONFIGURATION"
+>3. Configuration</A
+></H1
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN354"
+>3.1. What exactly is an <SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+> file?</A
+></H3
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> utilizes the concept of <SPAN
+CLASS="QUOTE"
+>" <A
+HREF="../user-manual/actions-file.html#ACTIONS"
+TARGET="_top"
+>actions</A
+>"</SPAN
+> 
+ that are used to manipulate and control web page data.
+ <A
+HREF="../user-manual/actions-file.html"
+TARGET="_top"
+>Actions files</A
+>
+ are where these <A
+HREF="../user-manual/actions-file.html#ACTIONS"
+TARGET="_top"
+>actions</A
+>
+ that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> could take while processing a certain
+ request, are configured. Typically, you would define a set of default actions
+ that apply globally to all URLs, then add exceptions to these defaults where needed.
+ There is a wide array of actions available that give the user a high degree
+ of control and flexibility on how to process each and every web page.</P
+><P
+> Actions can be defined on a <A
+HREF="../user-manual/actions-file.html#AF-PATTERNS"
+TARGET="_top"
+>URL pattern</A
+> basis, i.e.
+ for single URLs, whole web sites, groups or parts thereof etc. Actions can also be
+ grouped together and then applied to requests matching one or more patterns.
+ There are many possible actions that might apply to any given site. As an example,
+ if you are blocking <A
+HREF="http://en.wikipedia.org/wiki/Browser_cookie"
+TARGET="_top"
+>cookies</A
+>
+ as one of your default actions, but need to accept cookies from a given site,
+ you would need to define an exception for this site in one of your actions
+ files, preferably in <TT
+CLASS="FILENAME"
+>user.action</TT
+>.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="ACTIONSS"
+>3.2. The <SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+> concept confuses me. Please list 
+some of these <SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+>.</A
+></H3
+><P
+> For a comprehensive discussion of the actions concept, please refer
+ to the <A
+HREF="../user-manual/actions-file.html"
+TARGET="_top"
+>actions file
+ chapter</A
+> in the <A
+HREF="../user-manual/index.html"
+TARGET="_top"
+>User
+ Manual</A
+>. It includes a <A
+HREF="../user-manual/actions-file.html#ACTIONS"
+TARGET="_top"
+>list of all actions</A
+>
+ and an <A
+HREF="../user-manual/actions-file.html#ACT-EXAMPLES"
+TARGET="_top"
+>actions
+ file tutorial</A
+> to get you started.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN377"
+>3.3. How are actions files configured? What is the easiest
+way to do this?</A
+></H3
+><P
+> Actions files are just text files in a special syntax and can be edited
+ with a text editor. But probably the easiest way is to access
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>'s user interface with your web browser
+ at <A
+HREF="http://config.privoxy.org/"
+TARGET="_top"
+>http://config.privoxy.org/</A
+>
+ (Shortcut: <A
+HREF="http://p.p/"
+TARGET="_top"
+>http://p.p/</A
+>) and then select
+ <SPAN
+CLASS="QUOTE"
+>"<A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>View &
+ change the current configuration</A
+>"</SPAN
+> from the menu. Note 
+ that this feature must be explicitly enabled in the main config file 
+ (see <A
+HREF="../user-manual/config.html#ENABLE-EDIT-ACTIONS"
+TARGET="_top"
+>enable-edit-actions</A
+>).</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN386"
+>3.4. There are several different <SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+> files. What are
+the differences?</A
+></H3
+><P
+> Three actions files 
+ are being included by the developers, to be used for 
+ different purposes: These are 
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+>, the <SPAN
+CLASS="QUOTE"
+>"main"</SPAN
+> actions file
+ which is actively maintained by the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ developers and typically sets the default policies, <TT
+CLASS="FILENAME"
+>user.action</TT
+>,
+ where users are encouraged to make their private customizations.
+ Please see <A
+HREF="../user-manual/actions-file.html"
+TARGET="_top"
+>the actions chapter</A
+>
+ in the <A
+HREF="../user-manual/index.html"
+TARGET="_top"
+>User Manual</A
+> for a more
+ detailed explanation.</P
+><P
+> Earlier versions included three different versions of the 
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+> file. The new scheme allows for 
+ greater flexibility of local configuration, and for browser based 
+ selection of pre-defined <SPAN
+CLASS="QUOTE"
+>"aggressiveness"</SPAN
+> levels.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="GETUPDATES"
+>3.5. Where can I get updated Actions Files?</A
+></H3
+><P
+>  Based on your feedback and the continuing development, updates of 
+  <TT
+CLASS="FILENAME"
+>default.action</TT
+> will be
+  made available from time to time on the <A
+HREF="http://sourceforge.net/project/showfiles.php?group_id=11118"
+TARGET="_top"
+>files section</A
+> of
+  our <A
+HREF="http://sf.net/projects/ijbswa/"
+TARGET="_top"
+>project page</A
+>.
+ </P
+><P
+>  If you wish to receive an email notification whenever we release updates of
+  <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> or the actions file, <A
+HREF="http://lists.sourceforge.net/lists/listinfo/ijbswa-announce/"
+TARGET="_top"
+>subscribe
+  to our announce mailing list</A
+>, ijbswa-announce at lists.sourceforge.net.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="NEWCONFIG"
+>3.6. Can I use my old config files?</A
+></H3
+><P
+>  The syntax and purpose of configuration files has remained roughly the
+  same throughout the 3.x series, but backwards compatibility is not guaranteed.
+  Also each release contains updated, <SPAN
+CLASS="QUOTE"
+>"improved"</SPAN
+> versions and it is
+  therefore strongly recommended to install the newer configuration files
+  and merge back your modifications.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="DIFFICULT"
+>3.7. Why is the configuration so complicated?</A
+></H3
+><P
+>  <SPAN
+CLASS="QUOTE"
+>"Complicated"</SPAN
+> is in the eye of the beholder. Those that are 
+  familiar with some of the underlying concepts, such as regular expression
+  syntax, take to it like a fish takes to water. Also, software that tries
+  hard to be <SPAN
+CLASS="QUOTE"
+>"user friendly"</SPAN
+>, often lacks sophistication and
+  flexibility. There is always that trade-off there between power vs.
+  easy-of-use. Furthermore, anyone is welcome to contribute ideas and
+  implementations to enhance <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>. 
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="YAHOO"
+>3.8. How can I make my Yahoo/Hotmail/Gmail account work?</A
+></H3
+><P
+>  The default configuration shouldn't impact the usability of any of these services.
+  It may, however, make all <A
+HREF="http://en.wikipedia.org/wiki/Browser_cookie"
+TARGET="_top"
+>cookies</A
+> 
+  temporary, so that your browser will forget your
+  login credentials in between browser sessions. If you would like not to have to log
+  in manually each time you access those websites, simply turn off all cookie handling
+  for them in the <TT
+CLASS="FILENAME"
+>user.action</TT
+> file. An example for yahoo might
+  look like:
+ </P
+><P
+>  <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Allow all cookies for Yahoo login:
+#
+{ -<A
+HREF="../user-manual/actions-file.html#CRUNCH-INCOMING-COOKIES"
+TARGET="_top"
+>crunch-incoming-cookies</A
+> -<A
+HREF="../user-manual/actions-file.html#CRUNCH-OUTGOING-COOKIES"
+TARGET="_top"
+>crunch-outgoing-cookies</A
+> -<A
+HREF="../user-manual/actions-file.html#SESSION-COOKIES-ONLY"
+TARGET="_top"
+>session-cookies-only</A
+> }
+.login.yahoo.com</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+>  These kinds of sites are often quite complex and heavy with 
+  <A
+HREF="http://en.wikipedia.org/wiki/Javascript"
+TARGET="_top"
+>Javascript</A
+> and 
+  thus <SPAN
+CLASS="QUOTE"
+>"fragile"</SPAN
+>. So if <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>still</I
+></SPAN
+> a problem, 
+  we have an <A
+HREF="../user-manual/actions-file.html#ALIASES"
+TARGET="_top"
+>alias</A
+> just for such
+  sticky situations:
+ </P
+><P
+>  <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Gmail is a _fragile_ site:
+#
+{ <TT
+CLASS="LITERAL"
+>fragile</TT
+> }
+ # Gmail is ...
+ mail.google.com</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+>  Be sure to flush your browser's caches whenever making these kinds of
+  changes, just to make sure the changes <SPAN
+CLASS="QUOTE"
+>"take"</SPAN
+>.
+ </P
+><P
+>  Make sure the domain, host and path are appropriate as well. Your browser can
+  tell you where you are specifically and you should use that information for 
+  your configuration settings. Note that above it is not referenced as 
+  <TT
+CLASS="LITERAL"
+>gmail.com</TT
+>, which is a valid domain name.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="CONFIGFILES"
+>3.9. What's the difference between the
+<SPAN
+CLASS="QUOTE"
+>"Cautious"</SPAN
+>, <SPAN
+CLASS="QUOTE"
+>"Medium"</SPAN
+> and <SPAN
+CLASS="QUOTE"
+>"Advanced"</SPAN
+> defaults?</A
+></H3
+><P
+>  Configuring <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is not entirely trivial. To
+  help you get started, we provide you with three different default action
+  <SPAN
+CLASS="QUOTE"
+>"profiles"</SPAN
+> in the web based actions file editor at <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>http://config.privoxy.org/show-status</A
+>.
+  See the <A
+HREF="../user-manual/actions-file.html"
+TARGET="_top"
+><I
+CLASS="CITETITLE"
+>User
+  Manual</I
+></A
+> for a list of actions, and how the default 
+  profiles are set.
+ </P
+><P
+> Where the defaults are likely to break some sites, exceptions for
+ known popular <SPAN
+CLASS="QUOTE"
+>"problem"</SPAN
+> sites are included, but in
+ general, the more aggressive your default settings are, the more exceptions
+ you will have to make later. New users are best to start off in 
+ <SPAN
+CLASS="QUOTE"
+>"Cautious"</SPAN
+> setting. This is safest and will have the fewest 
+ problems. See the <A
+HREF="../user-manual/index.html"
+TARGET="_top"
+><I
+CLASS="CITETITLE"
+>User Manual</I
+></A
+>
+ for a more detailed discussion.</P
+><P
+> It should be noted that the <SPAN
+CLASS="QUOTE"
+>"Advanced"</SPAN
+> profile (formerly known 
+ as the <SPAN
+CLASS="QUOTE"
+>"Adventuresome"</SPAN
+> profile) is more
+ aggressive, and will make use of some of 
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> advanced features. Use at your own risk!</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="BROWSECONFIG"
+>3.10. Why can I change the configuration 
+with a browser? Does that not raise security issues?</A
+></H3
+><P
+>  It may seem strange that regular users can edit the config files with their
+  browsers, although the whole <TT
+CLASS="FILENAME"
+>/etc/privoxy</TT
+> hierarchy
+  belongs to the user <SPAN
+CLASS="QUOTE"
+>"privoxy"</SPAN
+>, with only 644 permissions.
+ </P
+><P
+>  When you use the browser-based editor, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+  itself is writing to the config files.  Because
+  <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is running as the user <SPAN
+CLASS="QUOTE"
+>"privoxy"</SPAN
+>,
+  it can update its own config files.
+ </P
+><P
+>  If you run <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> for multiple untrusted users (e.g. in
+  a LAN) or aren't entirely in control of your own browser, you will probably want
+  to make sure that the the web-based editor and remote toggle features are
+  <SPAN
+CLASS="QUOTE"
+>"off"</SPAN
+> by setting <SPAN
+CLASS="QUOTE"
+>"<TT
+CLASS="LITERAL"
+><A
+HREF="../user-manual/config.html#ENABLE-EDIT-ACTIONS"
+TARGET="_top"
+>enable-edit-actions</A
+>
+  0</TT
+>"</SPAN
+> and <SPAN
+CLASS="QUOTE"
+>"<TT
+CLASS="LITERAL"
+><A
+HREF="../user-manual/config.html#ENABLE-REMOTE-TOGGLE"
+TARGET="_top"
+>enable-remote-toggle</A
+>
+  0</TT
+>"</SPAN
+> in the <A
+HREF="../user-manual/config.html"
+TARGET="_top"
+>main configuration file</A
+>.
+ </P
+><P
+>  As of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 3.0.7 these options are disabled by default.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN481"
+>3.11. What is the <TT
+CLASS="FILENAME"
+>default.filter</TT
+> file? What is a <SPAN
+CLASS="QUOTE"
+>"filter"</SPAN
+>?</A
+></H3
+><P
+> The <A
+HREF="../user-manual/filter-file.html"
+TARGET="_top"
+><TT
+CLASS="FILENAME"
+>default.filter</TT
+></A
+>
+ file is where <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>filters</I
+></SPAN
+> as supplied by the developers are defined.
+ Filters are a special subset of actions that can be used to modify or
+ remove web page content or headers on the fly. Content filters can
+ be applied to <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>anything</I
+></SPAN
+> in the page source,
+ header filters can be applied to either server or client headers.
+ Regular expressions are used to accomplish this.</P
+><P
+> There are a number of pre-defined filters to deal with common annoyances. The
+ filters are only defined here, to invoke them, you need to use the
+ <A
+HREF="../user-manual/actions-file.html#FILTER"
+TARGET="_top"
+><TT
+CLASS="LITERAL"
+>filter</TT
+>
+ action</A
+> in one of the actions files. Content filtering is automatically
+ disabled for inappropriate MIME types, but if you now better than Privoxy
+ what should or should not be filtered you can filter any content you like.</P
+><P
+> Filters should
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not</I
+></SPAN
+> be confused with <A
+HREF="../user-manual/actions-file.html#BLOCK"
+TARGET="_top"
+><TT
+CLASS="LITERAL"
+>blocks</TT
+></A
+>, which
+ is a completely different action, and is more typically used to block ads and
+ unwanted sites.</P
+><P
+> If you are familiar with regular expressions, and HTML, you can look at 
+ the provided <TT
+CLASS="FILENAME"
+>default.filter</TT
+> with a text editor and define
+ your own filters.  This is potentially a very powerful feature, but
+ requires some expertise in both regular expressions and HTML/HTTP. 
+  You should 
+ place any modifications to the default filters, or any new ones you create 
+ in a separate file, such as <TT
+CLASS="FILENAME"
+>user.filter</TT
+>, so they won't 
+ be overwritten during upgrades. 
+ The ability to define multiple filter files 
+ in <TT
+CLASS="FILENAME"
+>config</TT
+> is a new feature as of v. 3.0.5.</P
+><P
+> There is no GUI editor option for this part of the configuration, 
+ but you can disable/enable the various pre-defined filters of the included 
+ <TT
+CLASS="FILENAME"
+>default.filter</TT
+> file with the <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>web-based actions file editor</A
+>.
+ Note that the custom actions editor must be explicitly enabled in
+ the main config file (see <A
+HREF="../user-manual/config.html#ENABLE-EDIT-ACTIONS"
+TARGET="_top"
+>enable-edit-actions</A
+>).</P
+><P
+> If you intend to develop your own filters, you might want to have a look at
+ <A
+HREF="http://www.fabiankeil.de/sourcecode/pft/"
+TARGET="_top"
+>Privoxy-Filter-Test</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="LANCONFIG"
+>3.12. How can I set up Privoxy to act as a proxy for my 
+ LAN?</A
+></H3
+><P
+> By default, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> only responds to requests 
+ from <TT
+CLASS="LITERAL"
+>127.0.0.1</TT
+> (localhost). To have it act as a server for
+ a network, this needs to be changed in the <A
+HREF="../user-manual/config.html"
+TARGET="_top"
+>main configuration file</A
+>. Look for
+ the <TT
+CLASS="LITERAL"
+><A
+HREF="../user-manual/config.html#LISTEN-ADDRESS"
+TARGET="_top"
+>listen-address</A
+></TT
+>
+ option, which may be commented out with a <SPAN
+CLASS="QUOTE"
+>"#"</SPAN
+> symbol. Make sure
+ it is uncommented, and assign it the address of the LAN gateway interface,
+ and port number to use. Assuming your LAN address is 192.168.1.1 and you
+ wish to run <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> on port 8118, this line
+ should look like:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  listen-address  192.168.1.1:8118</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Save the file, and restart <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>. Configure 
+ all browsers on the network then to use this address and port number.</P
+><P
+> Alternately, you can have <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> listen on 
+ all available interfaces:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  listen-address    :8118</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> And then use <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> 
+ <A
+HREF="../user-manual/config.html#PERMIT-ACCESS"
+TARGET="_top"
+>permit-access</A
+> 
+ feature to limit connections. A firewall in this situation is recommended 
+ as well.</P
+><P
+> The above steps should be the same for any TCP network, regardless of
+ operating system.</P
+><P
+> If you run <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> on a LAN with untrusted users,
+ we recommend that you double-check the <A
+HREF="../user-manual/config.html#ACCESS-CONTROL"
+TARGET="_top"
+>access control and security</A
+>
+ options!</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN532"
+>3.13. Instead of ads, now I get a checkerboard pattern. I don't want to see anything.</A
+></H3
+><P
+> The replacement for blocked images can be controlled with the <A
+HREF="../user-manual/actions-file.html#SET-IMAGE-BLOCKER"
+TARGET="_top"
+><TT
+CLASS="LITERAL"
+>set-image-blocker</TT
+>
+ action</A
+>. You have the choice of a checkerboard pattern, a transparent 1x1 GIF
+ image (aka <SPAN
+CLASS="QUOTE"
+>"blank"</SPAN
+>), or a redirect to a custom image of your choice.
+ Note that this choice only has effect for images which are blocked as images, i.e.
+ whose URLs match both a <TT
+CLASS="LITERAL"
+><A
+HREF="../user-manual/actions-file.html#HANDLE-AS-IMAGE"
+TARGET="_top"
+>handle-as-image</A
+></TT
+>
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>and</I
+></SPAN
+> <TT
+CLASS="LITERAL"
+><A
+HREF="../user-manual/actions-file.html#BLOCK"
+TARGET="_top"
+>block</A
+></TT
+> action.</P
+><P
+> If you want to see nothing, then change the <A
+HREF="../user-manual/actions-file.html#SET-IMAGE-BLOCKER"
+TARGET="_top"
+><TT
+CLASS="LITERAL"
+>set-image-blocker</TT
+>
+ action</A
+> to <SPAN
+CLASS="QUOTE"
+>"blank"</SPAN
+>. This can be done by editing the 
+ <TT
+CLASS="FILENAME"
+>user.action</TT
+> file, or through the <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>web-based actions file editor</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN549"
+>3.14. Why would anybody want to see a checkerboard pattern?</A
+></H3
+><P
+> Remember that <A
+HREF="general.html#WHATSANAD"
+>telling which image is an ad and which
+ isn't</A
+>, is an educated guess. While we hope that the standard configuration
+ is rather smart, it will make occasional mistakes. The checkerboard image is visually
+ decent, and it shows you where images have been blocked, which can be very
+ helpful in case some navigation aid or otherwise innocent image was
+ erroneously blocked. It is recommended for new users so they can 
+ <SPAN
+CLASS="QUOTE"
+>"see"</SPAN
+> what is happening. Some people might also enjoy seeing how
+ many banners they <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>don't</I
+></SPAN
+> have to see.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN555"
+>3.15. I see some images being replaced with text
+instead of the checkerboard image. Why and how do I get rid of this?</A
+></H3
+><P
+> This happens when the banners are not embedded in the HTML code of the
+ page itself, but in separate HTML (sub)documents that are loaded into (i)frames
+ or (i)layers, and these external HTML documents are blocked. Being non-images
+ they get replaced by a substitute HTML page rather than a substitute image,
+ which wouldn't work out technically, since the browser expects and accepts
+ only HTML when it has requested an HTML document. </P
+><P
+> The substitute page adapts to the available space and shows itself as a
+ miniature two-liner if loaded into small frames, or full-blown with a
+ large red "BLOCKED" banner if space allows.</P
+><P
+> If you prefer the banners to be blocked by images, you must see to it that
+ the HTML documents in which they are embedded are not blocked. Clicking
+ the <SPAN
+CLASS="QUOTE"
+>"See why"</SPAN
+> link offered in the substitute page will show
+ you which rule blocked the page. After changing the rule and un-blocking
+ the HTML documents, the browser will try to load the actual banner images
+ and the usual image blocking will (hopefully!) kick in.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="SRVANY"
+>3.16. Can Privoxy run as a service 
+on Win2K/NT/XP?</A
+></H3
+><P
+> Yes. Version 3.0.5 introduces full <SPAN
+CLASS="APPLICATION"
+>Windows</SPAN
+> service
+ functionality. See <A
+HREF="../user-manual/installation.html#installation-pack-win"
+TARGET="_top"
+> the <I
+CLASS="CITETITLE"
+>User Manual</I
+></A
+> for details on how to install and configure 
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> as a service.</P
+><P
+> Earlier 3.x versions could run as a system service using <B
+CLASS="COMMAND"
+>srvany.exe</B
+>.
+ See the discussion at <A
+HREF="http://sourceforge.net/tracker/?func=detail&atid=361118&aid=485617&group_id=11118"
+TARGET="_top"
+>http://sourceforge.net/tracker/?func=detail&atid=361118&aid=485617&group_id=11118</A
+>,
+ for details, and a sample configuration.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="OTHERPROXY"
+>3.17. How can I make Privoxy work with other 
+proxies like Squid or Tor?</A
+></H3
+><P
+> This can be done and is often useful to combine the benefits of
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> with those of a another proxy.
+ See the <A
+HREF="../user-manual/config.html#FORWARDING"
+TARGET="_top"
+>forwarding chapter</A
+>
+ in the <A
+HREF="../user-manual/index.html"
+TARGET="_top"
+>User Manual</A
+> which
+ describes how to do this, and the <A
+HREF="misc.html#TOR"
+> How do I use Privoxy together with 
+ Tor</A
+> section below.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="PORT-80"
+>3.18. Can I just set Privoxy to use port 80
+and thus avoid individual browser configuration?</A
+></H3
+><P
+> No, its more complicated than that. This only works with special kinds 
+ of proxies known as <SPAN
+CLASS="QUOTE"
+>"intercepting"</SPAN
+> proxies (see below).</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="TRANSPARENT"
+>3.19. Can Privoxy run as a <SPAN
+CLASS="QUOTE"
+>"transparent"</SPAN
+> proxy?</A
+></H3
+><P
+> The whole idea of Privoxy is to modify client requests
+ and server responses in all sorts of ways and therefore
+ it's not a transparent proxy as described in
+ <A
+HREF="http://tools.ietf.org/html/rfc2616"
+TARGET="_top"
+>RFC 2616</A
+>.</P
+><P
+> However, some people say <SPAN
+CLASS="QUOTE"
+>"transparent proxy"</SPAN
+> when they
+ mean <SPAN
+CLASS="QUOTE"
+>"intercepting proxy"</SPAN
+>. If you are one of them,
+ please read the <A
+HREF="#intercepting"
+TARGET="_top"
+>next entry</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="INTERCEPTING"
+>3.20. Can Privoxy run as a <SPAN
+CLASS="QUOTE"
+>"intercepting"</SPAN
+> proxy?</A
+></H3
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can't intercept traffic itself,
+  but it can handle requests that where intercepted and redirected
+  with a packet filter (like <SPAN
+CLASS="APPLICATION"
+>PF</SPAN
+> or
+  <SPAN
+CLASS="APPLICATION"
+>iptables</SPAN
+>), as long as the <TT
+CLASS="LITERAL"
+>Host</TT
+>
+  header is present. 
+  </P
+><P
+>  As the <TT
+CLASS="LITERAL"
+>Host</TT
+> header is required by HTTP/1.1 and as most
+  web sites rely on it anyway, this limitation shouldn't be a problem.</P
+><P
+>  Please refer to your packet filter's documentation to learn how to
+  intercept and redirect traffic into <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>.
+  Afterward you just have to configure <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to
+  <A
+HREF="../user-manual/config.html#ACCEPT-INTERCEPTED-REQUESTS"
+TARGET="_top"
+>accept
+  intercepted requests</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="OUTLOOK"
+>3.21. How can I configure Privoxy for use with Outlook?</A
+></H3
+><P
+> Versions of <SPAN
+CLASS="APPLICATION"
+>Outlook</SPAN
+> prior to Office 2007, use
+ <SPAN
+CLASS="APPLICATION"
+>Internet Explorer</SPAN
+> components to both render HTML,
+ and fetch any HTTP requests that may be embedded in an HTML email. So however
+ you have <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> configured to work with IE, this
+ configuration should automatically be shared, at least with older version of
+ Internet Explorer.</P
+><P
+> Starting with Office 2007, Microsoft is instead using the MS-Word rendering
+ engine with Outlook. It is unknown whether this can be configured to use a
+ proxy.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="OUTLOOK-MORE"
+>3.22. How can I have separate rules just for HTML mail?</A
+></H3
+><P
+> The short answer is, you can't. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> has no way
+ of knowing which particular application makes a request, so there is no way to
+ distinguish between web pages and HTML mail.
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> just blindly proxies all requests. In the
+ case of <SPAN
+CLASS="APPLICATION"
+>Outlook Express</SPAN
+> (see above), OE uses 
+ IE anyway, and there is no way for <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to ever 
+ be able to distinguish between them (nor could any other proxy type application for
+ that matter).</P
+><P
+> For a good discussion of some of the issues involved (including privacy and 
+ security issues), see 
+ <A
+HREF="http://sourceforge.net/tracker/?func=detail&atid=211118&aid=629518&group_id=11118"
+TARGET="_top"
+>http://sourceforge.net/tracker/?func=detail&atid=211118&aid=629518&group_id=11118</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="SNEAKY-COOKIES"
+>3.23. I sometimes notice cookies sneaking through. How?</A
+></H3
+><P
+> <A
+HREF="http://en.wikipedia.org/wiki/Browser_cookie"
+TARGET="_top"
+>Cookies</A
+> can be 
+ set in several ways. The classic method is via the 
+ <TT
+CLASS="LITERAL"
+>Set-Cookie</TT
+> HTTP header. This is straightforward, and an
+ easy one to manipulate, such as the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> concept of 
+ <A
+HREF="../user-manual/actions-file.html#SESSION-COOKIES-ONLY"
+TARGET="_top"
+>session-cookies-only</A
+>.
+ There is also the possibility of using 
+  <A
+HREF="http://en.wikipedia.org/wiki/Javascript"
+TARGET="_top"
+>Javascript</A
+> to
+ set cookies (<SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> calls these <TT
+CLASS="LITERAL"
+>content-cookies</TT
+>). This
+ is trickier because the syntax can vary widely, and thus requires a certain
+ amount of guesswork. It is not realistic to catch all of these short of
+ disabling Javascript, which would break many sites. And lastly, if the
+ cookies are embedded in a HTTPS/SSL secure session via Javascript, they are beyond
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> reach.</P
+><P
+> All in all, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can help manage cookies in general, can help minimize
+ the loss of privacy posed by cookies, but can't realistically stop all
+ cookies.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="EVIL-COOKIES"
+>3.24. Are all cookies bad? Why?</A
+></H3
+><P
+> No, in fact there are many beneficial uses of 
+ <A
+HREF="http://en.wikipedia.org/wiki/Browser_cookie"
+TARGET="_top"
+>cookies</A
+>. Cookies are just a
+ method that browsers can use to store data between pages, or between browser
+ sessions. Sometimes there is a good reason for this, and the user's life is a
+ bit easier as a result. But there is a long history of some websites taking
+ advantage of this layer of trust, and using the data they glean from you and 
+ your browsing habits for their own purposes, and maybe to your potential
+ detriment. Such sites are using you and storing their data on your system.
+ That is why the privacy conscious watch from whom those cookies come, and why
+ they really <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>need</I
+></SPAN
+> to be there.</P
+><P
+>  See the 
+   <A
+HREF="http://en.wikipedia.org/wiki/Browser_cookie"
+TARGET="_top"
+>Wikipedia cookie
+  definition</A
+> for more.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="ALLOW-COOKIES"
+>3.25. How can I allow permanent cookies for my trusted sites?</A
+></H3
+><P
+>  There are several actions that relate to cookies. The default behavior is to 
+  allow only <SPAN
+CLASS="QUOTE"
+>"session cookies"</SPAN
+>, which means the cookies only last
+  for the current browser session. This eliminates most kinds of abuse related 
+  to cookies. But there may be cases where you want cookies to last.</P
+><P
+>  To disable all cookie actions, so that cookies are allowed unrestricted,
+  both in and out, for <TT
+CLASS="LITERAL"
+>example.com</TT
+>: </P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> { -crunch-incoming-cookies -crunch-outgoing-cookies -session-cookies-only -filter{content-cookies} }
+  .example.com</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Place the above in <TT
+CLASS="FILENAME"
+>user.action</TT
+>. Note that some of these may
+ be off by default anyway, so this might be redundant, but there is no harm
+ being explicit in what you want to happen. <TT
+CLASS="FILENAME"
+>user.action</TT
+>
+ includes an alias for this situation, called
+ <TT
+CLASS="LITERAL"
+>allow-all-cookies</TT
+>.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="MULTIPLES"
+>3.26. Can I have separate configurations for different users?</A
+></H3
+><P
+> Each instance of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> has its own
+ configuration, including such attributes as the TCP port that it listens on.
+ What you can do is run multiple instances of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, each with 
+ a unique 
+ <A
+HREF="../user-manual/config.html#LISTEN-ADDRESS"
+TARGET="_top"
+>listen-address</A
+>
+ configuration setting, and configuration path, and then
+ each of these can have their own configurations. Think of it as per-port
+ configuration.</P
+><P
+> 
+ Simple enough for a few users, but for large installations, consider having
+ groups of users that might share like configurations.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="WHITELISTS"
+>3.27. Can I set-up Privoxy as a whitelist of
+<SPAN
+CLASS="QUOTE"
+>"good"</SPAN
+> sites?</A
+></H3
+><P
+> Sure. There are a couple of things you can do for simple white-listing.
+ Here's one real easy one:</P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> ############################################################
+ # Blacklist
+ ############################################################
+ { <A
+HREF="../user-manual/actions-file.html#BLOCK"
+TARGET="_top"
+>+block</A
+> }
+ / # Block *all* URLs
+ 
+ ############################################################
+ # Whitelist
+ ############################################################
+ { <A
+HREF="../user-manual/actions-file.html#BLOCK"
+TARGET="_top"
+>-block</A
+> }
+  kids.example.com
+  toys.example.com
+  games.example.com</PRE
+></TD
+></TR
+></TABLE
+><P
+> This allows access to only those three sites by first blocking all URLs, and 
+ then subsequently allowing three specific exceptions.</P
+><P
+> Another approach is <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> 
+ <TT
+CLASS="LITERAL"
+>trustfile</TT
+> concept, which incorporates the notion of 
+ <SPAN
+CLASS="QUOTE"
+>"trusted referrers"</SPAN
+>. See the <A
+HREF="../user-manual/config.html#TRUSTFILE"
+TARGET="_top"
+>Trust documentation</A
+>
+ for details.</P
+><P
+> These are fairly simple approaches and are not completely foolproof. There
+ are various other configuration options that should be disabled (described
+ elsewhere here and in <A
+HREF="../user-manual/"
+TARGET="_top"
+>the User Manual</A
+>)
+ so that users can't modify their own configuration and easily circumvent the
+ whitelist.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="NO-ADBLOCK"
+>3.28. How can I turn off ad-blocking?</A
+></H3
+><P
+> Ad blocking is achieved through a complex application of various <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 
+ <A
+HREF="../user-manual/actions-file.html"
+TARGET="_top"
+>actions</A
+>. These 
+ actions are deployed against simple images, banners, flash animations, 
+ text pages, JavaScript, pop-ups and pop-unders, etc., so its not as simple as
+ just turning one or two actions off. The various actions that make up
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> ad blocking are hard-coded into the default configuration files. It
+ has been assumed that everyone using <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is interested in this
+ particular feature. 
+ </P
+><P
+> If you want to do without this, there are several approaches you can take:
+ You can manually undo the many block rules in
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+>. Or even easier, just create your own
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+> file from scratch without the many ad
+ blocking rules, and corresponding exceptions. Or lastly, if you are not
+ concerned about the additional blocks that are done for privacy reasons, you
+ can very easily over-ride <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>all</I
+></SPAN
+> blocking with the
+ following very simple rule in your <TT
+CLASS="FILENAME"
+>user.action</TT
+>: 
+ </P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> # Unblock everybody, everywhere
+ { <A
+HREF="../user-manual/actions-file.html#BLOCK"
+TARGET="_top"
+>-block</A
+> }
+ / # UN-Block *all* URLs</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> 
+ Or even a more comprehensive reversing of various ad related actions:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> # Unblock everybody, everywhere, and turn off appropriate filtering, etc
+ { <A
+HREF="../user-manual/actions-file.html#BLOCK"
+TARGET="_top"
+>-block</A
+> \
+  <A
+HREF="../user-manual/actions-file.html#FILTER-BANNERS-BY-SIZE"
+TARGET="_top"
+>-filter{banners-by-size}</A
+> \
+  <A
+HREF="../user-manual/actions-file.html#FILTER-BANNERS-BY-LINK"
+TARGET="_top"
+>-filter{banners-by-link}</A
+> \
+  <TT
+CLASS="LITERAL"
+>allow-popups</TT
+> \
+ }
+ / # UN-Block *all* URLs and allow ads</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> This last <SPAN
+CLASS="QUOTE"
+>"action"</SPAN
+> in this compound statement,
+ <TT
+CLASS="LITERAL"
+>allow-popups</TT
+>, is an <A
+HREF="../user-manual/actions-file.html#ALIASES"
+TARGET="_top"
+>alias</A
+> that disables
+ various pop-up blocking features.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="TEMPLATES"
+>3.29. How can I have custom template pages, like the 
+<SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>BLOCKED</I
+></SPAN
+> page?</A
+></H3
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> <SPAN
+CLASS="QUOTE"
+>"templates"</SPAN
+> are specialized text files utilized by
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> for various purposes and can easily be modified using any text
+ editor. All the template pages are installed in a sub-directory appropriately
+ named: <TT
+CLASS="FILENAME"
+>templates</TT
+>.  Knowing something about HTML syntax
+ will of course be helpful.</P
+><P
+> Be forewarned that the default templates are subject to being overwritten
+ during upgrades. You can, however, create completely new templates,
+ place them in another directory and specify the alternate path in the main
+ <TT
+CLASS="FILENAME"
+>config</TT
+>. For details, have a look at the <A
+HREF="../user-manual/config.html#templdir"
+TARGET="_top"
+>templdir</A
+> option. </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="BLOCKALL"
+>3.30. How can I remove the <SPAN
+CLASS="QUOTE"
+>"Go There Anyway"</SPAN
+> link from 
+the <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>BLOCKED</I
+></SPAN
+> page?</A
+></H3
+><P
+> There is more than one way to do it (although Perl is not involved).</P
+><P
+> Editing the BLOCKED template page (see above) may dissuade some users, but
+ this method is easily circumvented. Where you need this level of control, you
+ might want to build <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> from source, and disable various features that are
+ available as compile-time options. You should 
+ <B
+CLASS="COMMAND"
+>configure</B
+> the sources as follows:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> ./configure  --disable-toggle  --disable-editor  --disable-force</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> This will create an executable with hard-coded security features so that
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> does not allow easy bypassing of blocked sites, or changing the
+ current configuration via any connected user's web browser.</P
+><P
+> Finally, all of these features can also be toggled on/off via options in
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> main  <A
+HREF="../user-manual/config.html#ACCESS-CONTROL"
+TARGET="_top"
+>config</A
+> file which
+ means you don't have to recompile anything.</P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="installation.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="misc.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Installation</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Miscellaneous</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/faq/contact.html b/external/privoxy/doc/webserver/faq/contact.html
new file mode 100644
index 0000000..c9d18c7
--- /dev/null
+++ b/external/privoxy/doc/webserver/faq/contact.html
@@ -0,0 +1,510 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Contacting the developers, Bug Reporting and Feature Requests</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy Frequently Asked Questions"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Troubleshooting"
+HREF="trouble.html"><LINK
+REL="NEXT"
+TITLE="Privoxy Copyright, License and History"
+HREF="copyright.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy Frequently Asked Questions</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="trouble.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="copyright.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="CONTACT"
+>6. Contacting the developers, Bug Reporting and Feature Requests</A
+></H1
+><P
+> We value your feedback. In fact, we rely on it to improve
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> and its configuration.
+ However, please note the following hints, so we can 
+ provide you with the best support:</P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="CONTACT-SUPPORT"
+>6.1. Get Support</A
+></H2
+><P
+> For casual users, our 
+ <A
+HREF="http://sourceforge.net/tracker/?group_id=11118&atid=211118"
+TARGET="_top"
+>support forum at SourceForge</A
+>
+ is probably best suited:
+ <A
+HREF="http://sourceforge.net/tracker/?group_id=11118&atid=211118"
+TARGET="_top"
+>http://sourceforge.net/tracker/?group_id=11118&atid=211118</A
+></P
+><P
+> All users are of course welcome to discuss their issues on the <A
+HREF="http://lists.sourceforge.net/lists/listinfo/ijbswa-users"
+TARGET="_top"
+>users
+ mailing list</A
+>, where the developers also hang around.</P
+><P
+> Please don't sent private support requests to individual Privoxy
+ developers, either use the mailing lists or the support trackers.</P
+><P
+> Note that the Privoxy mailing lists are moderated. Posts from unsubscribed
+ addresses have to be accepted manually by a moderator. This may cause a
+ delay of several days and if you use a subject that doesn't clearly
+ mention Privoxy or one of its features, your message may be accidentally
+ discarded as spam.</P
+><P
+> If you aren't subscribed, you should therefore spend a few seconds
+ to come up with a proper subject. Additionally you should make it clear
+ that you want to get CC'd. Otherwise some responses will be directed to
+ the mailing list only, and you won't see them.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="REPORTING"
+>6.2. Reporting Problems</A
+></H2
+><P
+><SPAN
+CLASS="QUOTE"
+>"Problems"</SPAN
+> for our purposes, come in two forms:</P
+><P
+></P
+><UL
+><LI
+><P
+>    Configuration issues, such as ads that slip through, or sites that 
+    don't function properly due to one <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 
+    <SPAN
+CLASS="QUOTE"
+>"action"</SPAN
+> or another being turned <SPAN
+CLASS="QUOTE"
+>"on"</SPAN
+>.
+   </P
+></LI
+><LI
+><P
+>    <SPAN
+CLASS="QUOTE"
+>"Bugs"</SPAN
+> in the programming code that makes up 
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, such as that might cause a crash.
+   </P
+></LI
+></UL
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="CONTACT-ADS"
+>6.2.1. Reporting Ads or Other Configuration Problems</A
+></H3
+><P
+> Please send feedback on ads that slipped through, innocent images that were
+ blocked, sites that don't work properly, and other configuration related problem of 
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+> file, to 
+ <A
+HREF="http://sourceforge.net/tracker/?group_id=11118&atid=460288"
+TARGET="_top"
+> http://sourceforge.net/tracker/?group_id=11118&atid=460288</A
+>,
+ the Actions File Tracker.</P
+><P
+> New, improved <TT
+CLASS="FILENAME"
+>default.action</TT
+> files may occasionally be made
+ available based on your feedback. These will be announced on the <A
+HREF="http://lists.sourceforge.net/lists/listinfo/ijbswa-announce"
+TARGET="_top"
+>ijbswa-announce</A
+>
+ list and available from our the <A
+HREF="http://sourceforge.net/project/showfiles.php?group_id=11118"
+TARGET="_top"
+>files section</A
+> of
+ our <A
+HREF="http://sf.net/projects/ijbswa/"
+TARGET="_top"
+>project page</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="CONTACT-BUGS"
+>6.2.2. Reporting Bugs</A
+></H3
+><P
+> Please report all bugs through our bug tracker: 
+ <A
+HREF="http://sourceforge.net/tracker/?group_id=11118&atid=111118"
+TARGET="_top"
+>http://sourceforge.net/tracker/?group_id=11118&atid=111118</A
+>. </P
+><P
+>  Before doing so, please make sure that the bug has <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not already been submitted</I
+></SPAN
+>
+  and observe the additional hints at the top of the <A
+HREF="http://sourceforge.net/tracker/?func=add&group_id=11118&atid=111118"
+TARGET="_top"
+>submit
+  form</A
+>. If already submitted, please feel free to add any info to the 
+  original report that might help to solve the issue.</P
+><P
+>  Please try to verify that it is a <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> bug,
+  and not a browser or site bug or documented behaviour that just happens
+  to be different than what you expected. If unsure,
+  try <A
+HREF="http://config.privoxy.org/toggle?set=disable"
+TARGET="_top"
+>toggling
+  off</A
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, and see if the problem persists.</P
+><P
+>  If you are using your own custom configuration, please try
+  the stock configs to see if the problem is configuration related.
+  If you're having problems with a feature that is disabled by default,
+  please ask around on the mailing list if others can reproduce the problem.</P
+><P
+>  If you aren't using the latest Privoxy version, the bug may have been found
+  and fixed in the meantime. We would appreciate if you could take the time
+  to <A
+HREF="http://www.privoxy.org/user-manual/installation.html"
+TARGET="_top"
+>upgrade
+  to the latest version</A
+> (or  even the latest CVS snapshot) and verify
+  that your bug still exists.</P
+><P
+>Please be sure to provide the following information:</P
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>    The exact <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> version you are using
+    (if you got the source from CVS, please also provide the source code revisions
+     as shown in <A
+HREF="http://config.privoxy.org/show-version"
+TARGET="_top"
+>http://config.privoxy.org/show-version</A
+>).
+   </P
+></LI
+><LI
+><P
+>    The operating system and versions you run
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> on, (e.g. <SPAN
+CLASS="APPLICATION"
+>Windows
+    XP SP2</SPAN
+>), if you are using a Unix flavor,
+    sending the output of <SPAN
+CLASS="QUOTE"
+>"uname -a"</SPAN
+> should do,
+    in case of GNU/Linux, please also name the distribution.
+   </P
+></LI
+><LI
+><P
+>    The name, platform, and version of the <SPAN
+CLASS="APPLICATION"
+>browser</SPAN
+> 
+    you were using (e.g. <SPAN
+CLASS="APPLICATION"
+>Internet Explorer v5.5</SPAN
+> for Mac).
+   </P
+></LI
+><LI
+><P
+>    The URL where the problem occurred, or some way for us to duplicate the
+    problem (e.g. <TT
+CLASS="LITERAL"
+>http://somesite.example.com/?somethingelse=123</TT
+>). 
+   </P
+></LI
+><LI
+><P
+>    Whether your version of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is one supplied
+    by the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> developers via SourceForge,
+    or if you got your copy somewhere else.
+   </P
+></LI
+><LI
+><P
+>    Whether you are using <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> in tandem with 
+    another proxy such as <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+>. If so, please
+    temporary disable the other proxy to see if the symptoms change.
+   </P
+></LI
+><LI
+><P
+>    Whether you are using a personal firewall product. If so, does 
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> work without it?
+   </P
+></LI
+><LI
+><P
+>    Any other pertinent information to help identify the problem such as config
+    or log file excerpts (yes, you should have log file entries for each
+    action taken).
+   </P
+></LI
+></UL
+></P
+><P
+> You don't have to tell us your actual name when filing a problem
+ report, but please use a nickname so we can differentiate between
+ your messages and the ones entered by other "anonymous" users that
+ may respond to your request if they have the same problem or already
+ found a solution.</P
+><P
+> Please also check the status of your request a few days after submitting
+ it, as we may request additional information. If you use a SF id,
+ you should automatically get a mail when someone responds to your request.</P
+><P
+>  The <A
+HREF="http://www.privoxy.org/user-manual/appendix.html#ACTIONSANAT"
+TARGET="_top"
+>appendix
+  of the Privoxy User Manual</A
+> also has helpful information 
+  on understanding <TT
+CLASS="LITERAL"
+>actions</TT
+>, and <TT
+CLASS="LITERAL"
+>action</TT
+> debugging. </P
+></DIV
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="CONTACT-FEATURE"
+>6.3. Request New Features</A
+></H2
+><P
+> You are welcome to submit ideas on new features or other proposals
+ for improvement through our feature request tracker at
+ <A
+HREF="http://sourceforge.net/tracker/?atid=361118&group_id=11118"
+TARGET="_top"
+>http://sourceforge.net/tracker/?atid=361118&group_id=11118</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="CONTACT-OTHER"
+>6.4. Other</A
+></H2
+><P
+>For any other issues, feel free to use the mailing lists. Technically interested users
+and people who wish to contribute to the project are also welcome on the developers list!
+You can find an overview of all <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>-related mailing lists,
+including list archives, at:
+<A
+HREF="http://sourceforge.net/mail/?group_id=11118"
+TARGET="_top"
+>http://sourceforge.net/mail/?group_id=11118</A
+>.</P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="trouble.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="copyright.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Troubleshooting</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Privoxy Copyright, License and History</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/faq/copyright.html b/external/privoxy/doc/webserver/faq/copyright.html
new file mode 100644
index 0000000..39b71a6
--- /dev/null
+++ b/external/privoxy/doc/webserver/faq/copyright.html
@@ -0,0 +1,301 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Privoxy Copyright, License and History</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy Frequently Asked Questions"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Contacting the developers, Bug Reporting and Feature Requests"
+HREF="contact.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy Frequently Asked Questions</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="contact.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+> </TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="COPYRIGHT"
+>7. Privoxy Copyright, License and History</A
+></H1
+><P
+> Copyright © 2001-2009 by Privoxy Developers <CODE
+CLASS="EMAIL"
+><<A
+HREF="mailto:ijbswa-developers at lists.sourceforge.net"
+>ijbswa-developers at lists.sourceforge.net</A
+>></CODE
+></P
+><P
+> Some source code is based on code Copyright © 1997 by Anonymous Coders
+ and Junkbusters, Inc. and licensed under the <I
+CLASS="CITETITLE"
+>GNU General Public
+ License</I
+>.</P
+><P
+>   Portions of this document are <SPAN
+CLASS="QUOTE"
+>"borrowed"</SPAN
+> from the original
+   <SPAN
+CLASS="APPLICATION"
+>Junkbuster</SPAN
+> (tm) FAQ, and modified as 
+   appropriate for <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>.
+  </P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="AEN1451"
+>7.1. License</A
+></H2
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is free software; you can
+ redistribute it and/or modify it under the terms of the 
+ <I
+CLASS="CITETITLE"
+>GNU General Public License</I
+>, version 2,
+ as published by the Free Software Foundation.</P
+><P
+> This program is distributed in the hope that it will be useful, but WITHOUT
+ ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ FITNESS FOR A PARTICULAR PURPOSE.  See the <A
+HREF="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html"
+TARGET="_top"
+> <I
+CLASS="CITETITLE"
+>GNU General Public License</I
+></A
+> for details.</P
+><P
+> You should have received a copy of the <I
+CLASS="CITETITLE"
+>GNU GPL</I
+>
+ along with this program; if not, write to the <P
+CLASS="ADDRESS"
+> Free Software<br>
+ Foundation, Inc. <SPAN
+CLASS="STREET"
+>51 Franklin Street, Fifth Floor</SPAN
+><br>
+ <SPAN
+CLASS="CITY"
+>Boston</SPAN
+>, <SPAN
+CLASS="STATE"
+>MA</SPAN
+> <SPAN
+CLASS="POSTCODE"
+>02110-1301</SPAN
+><br>
+ <SPAN
+CLASS="COUNTRY"
+>USA</SPAN
+> </P
+></P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="AEN1467"
+>7.2. History</A
+></H2
+><P
+> A long time ago, there was the
+ <A
+HREF="http://www.junkbusters.com/ijb.html"
+TARGET="_top"
+><SPAN
+CLASS="APPLICATION"
+>Internet Junkbuster</SPAN
+></A
+>, 
+ by Anonymous Coders and <A
+HREF="http://www.junkbusters.com/"
+TARGET="_top"
+>Junkbusters
+ Corporation</A
+>. This saved many users a lot of pain in the early days of
+ web advertising and user tracking.</P
+><P
+> But the web, its protocols and standards, and with it, the techniques for
+ forcing ads on users, give up autonomy over their browsing, and
+ for tracking them, keeps evolving. Unfortunately, the <SPAN
+CLASS="APPLICATION"
+>Internet
+ Junkbuster</SPAN
+> did not. Version 2.0.2, published in 1998, was 
+ (and is) the last official
+ <A
+HREF="http://www.junkbusters.com/ijbdist.html#release"
+TARGET="_top"
+>release</A
+>
+ available from <A
+HREF="http://www.junkbusters.com"
+TARGET="_top"
+>Junkbusters Corporation</A
+>.
+ Fortunately, it had been released under the GNU
+ <A
+HREF="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html"
+TARGET="_top"
+>GPL</A
+>,
+ which allowed further development by others.</P
+><P
+> So Stefan Waldherr started maintaining an improved version of the
+ software, to which eventually a number of people contributed patches.
+ It could already replace banners with a transparent image, and had a first
+ version of pop-up killing, but it was still very closely based on the
+ original, with all its limitations, such as the lack of HTTP/1.1 support,
+ flexible per-site configuration, or content modification. The last release
+ from this effort was version 2.0.2-10, published in 2000.</P
+><P
+> Then, some
+ <A
+HREF="http://www.privoxy.org/user-manual/copyright.html#AUTHORS"
+TARGET="_top"
+>developers</A
+>
+ picked up the thread, and started turning the software inside out, upside down,
+ and then reassembled it, adding many
+ <A
+HREF="http://www.privoxy.org/user-manual/introduction.html#FEATURES"
+TARGET="_top"
+>new
+ features</A
+> along the way.</P
+><P
+> The result of this is <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, whose first
+ stable version, 3.0, was released August, 2002. 
+ </P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="contact.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+> </TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Contacting the developers, Bug Reporting and Feature Requests</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+> </TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/faq/general.html b/external/privoxy/doc/webserver/faq/general.html
new file mode 100644
index 0000000..7043b18
--- /dev/null
+++ b/external/privoxy/doc/webserver/faq/general.html
@@ -0,0 +1,1076 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>General Information</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy Frequently Asked Questions"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Privoxy Frequently Asked Questions"
+HREF="index.html"><LINK
+REL="NEXT"
+TITLE="Installation"
+HREF="installation.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy Frequently Asked Questions</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="index.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="installation.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="GENERAL"
+>1. General Information</A
+></H1
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="WHO-USES"
+>1.1. Who should give <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> a try?</A
+></H3
+><P
+>  Anyone who is interested in security, privacy, or in 
+  finer-grained control over their web and Internet experience.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="BESTCHOICE"
+>1.2. Is Privoxy the best choice for
+me?</A
+></H3
+><P
+>  <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is certainly a good choice, especially for those who want more 
+  control and security. Those with the willingness to read the documentation
+  and the ability to fine-tune their installation will benefit the most.
+ </P
+><P
+>  One of <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+>
+  strengths is that it is highly configurable giving you the ability to
+  completely personalize your installation. Being familiar with, or at least
+  having an interest in learning about <A
+HREF="http://en.wikipedia.org/wiki/Http"
+TARGET="_top"
+>HTTP</A
+> and other networking
+  protocols, <A
+HREF="http://en.wikipedia.org/wiki/Html"
+TARGET="_top"
+>HTML</A
+>, and 
+  <A
+HREF="http://en.wikipedia.org/wiki/Regular_expressions"
+TARGET="_top"
+><SPAN
+CLASS="QUOTE"
+>"Regular
+  Expressions"</SPAN
+></A
+>
+  will be a big plus and will help you get the most out of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>. 
+  A new installation just includes a very basic configuration. The user 
+  should take this as a starting point only, and enhance it as he or she 
+  sees fit. In fact, the user is encouraged, and expected to, fine-tune the 
+  configuration.
+ </P
+><P
+>  Much of <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> configuration can be done 
+  with a <A
+HREF="http://en.wikipedia.org/wiki/Web_browser"
+TARGET="_top"
+>Web browser</A
+>.
+  But there are areas where configuration is done using a 
+  <A
+HREF="http://en.wikipedia.org/wiki/Text_editors"
+TARGET="_top"
+>text editor</A
+>
+  to edit configuration files. Also note that the web-based action editor
+  doesn't use authentication and should only be enabled in environments
+  where all clients with access to <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> listening port can be trusted.
+  </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="PROXYMORON"
+>1.3. What is a <SPAN
+CLASS="QUOTE"
+>"proxy"</SPAN
+>? How does
+Privoxy work?</A
+></H3
+><P
+>  A <A
+HREF="http://en.wikipedia.org/wiki/Proxy_server"
+TARGET="_top"
+>web proxy</A
+>
+  is a service, based on a software such as <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, that clients
+  (i.e. browsers) can use instead of connecting to web servers directly.
+  The clients then ask the proxy to request objects (web pages, images, movies etc)
+  on their behalf and to forward the data to the clients.
+  It is a <SPAN
+CLASS="QUOTE"
+>"go-between"</SPAN
+>. For details, see
+  <A
+HREF="http://en.wikipedia.org/wiki/Proxy_server"
+TARGET="_top"
+>Wikipedia's proxy definition</A
+>.
+ </P
+><P
+>  There are many reasons to use web proxies, such as security (firewalling),
+  efficiency (caching) and others, and there are any number of proxies
+  to accommodate those needs.
+ </P
+><P
+>  <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is a proxy that is primarily focused on
+  privacy enhancement, ad and junk elimination and freeing the user from
+  restrictions placed on his activities. Sitting between your browser(s) and the Internet,
+  it is in a perfect position to filter outbound personal information that your
+  browser is leaking, as well as inbound junk. It uses a variety of techniques to do
+  this, all of which are under your complete control via the various configuration
+  files and options. Being a proxy also makes it easier to share
+  configurations among multiple browsers and/or users.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="OTHERSTUFF"
+>1.4. Does Privoxy do anything more than ad blocking?</A
+></H3
+><P
+> 
+  Yes, ad blocking is but one possible use. There are many, many ways <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 
+  can be used to sanitize and customize web browsing. </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="NEWJB"
+>1.5. What is this new version of 
+<SPAN
+CLASS="QUOTE"
+>"Junkbuster"</SPAN
+>?</A
+></H3
+><P
+> A long time ago, there was the
+ <A
+HREF="http://www.junkbusters.com/ijb.html"
+TARGET="_top"
+><SPAN
+CLASS="APPLICATION"
+>Internet Junkbuster</SPAN
+></A
+>, 
+ by Anonymous Coders and <A
+HREF="http://www.junkbusters.com/"
+TARGET="_top"
+>Junkbusters
+ Corporation</A
+>. This saved many users a lot of pain in the early days of
+ web advertising and user tracking.</P
+><P
+> But the web, its protocols and standards, and with it, the techniques for
+ forcing ads on users, give up autonomy over their browsing, and
+ for tracking them, keeps evolving. Unfortunately, the <SPAN
+CLASS="APPLICATION"
+>Internet
+ Junkbuster</SPAN
+> did not. Version 2.0.2, published in 1998, was 
+ (and is) the last official
+ <A
+HREF="http://www.junkbusters.com/ijbdist.html#release"
+TARGET="_top"
+>release</A
+>
+ available from <A
+HREF="http://www.junkbusters.com"
+TARGET="_top"
+>Junkbusters Corporation</A
+>.
+ Fortunately, it had been released under the GNU
+ <A
+HREF="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html"
+TARGET="_top"
+>GPL</A
+>,
+ which allowed further development by others.</P
+><P
+> So Stefan Waldherr started maintaining an improved version of the
+ software, to which eventually a number of people contributed patches.
+ It could already replace banners with a transparent image, and had a first
+ version of pop-up killing, but it was still very closely based on the
+ original, with all its limitations, such as the lack of HTTP/1.1 support,
+ flexible per-site configuration, or content modification. The last release
+ from this effort was version 2.0.2-10, published in 2000.</P
+><P
+> Then, some
+ <A
+HREF="http://www.privoxy.org/user-manual/copyright.html#AUTHORS"
+TARGET="_top"
+>developers</A
+>
+ picked up the thread, and started turning the software inside out, upside down,
+ and then reassembled it, adding many
+ <A
+HREF="http://www.privoxy.org/user-manual/introduction.html#FEATURES"
+TARGET="_top"
+>new
+ features</A
+> along the way.</P
+><P
+> The result of this is <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, whose first
+ stable version, 3.0, was released August, 2002. 
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN78"
+>1.6. Why <SPAN
+CLASS="QUOTE"
+>"Privoxy"</SPAN
+>? Why change the name from
+Junkbuster at all?</A
+></H3
+><P
+> Though outdated, <A
+HREF="http://junkbusters.com/"
+TARGET="_top"
+>Junkbusters Corporation</A
+>
+ continues to offer their original version of the <SPAN
+CLASS="APPLICATION"
+>Internet
+ Junkbuster</SPAN
+>, so publishing our
+ <SPAN
+CLASS="APPLICATION"
+> Junkbuster</SPAN
+>-derived software under the same name
+ led to confusion.</P
+><P
+> There are also potential legal complications from our use of the 
+ <SPAN
+CLASS="APPLICATION"
+>Junkbuster</SPAN
+> name, which is a registered trademark of 
+ <A
+HREF="http://junkbusters.com/"
+TARGET="_top"
+>Junkbusters Corporation</A
+>.
+ There are, however, no objections from Junkbusters Corporation to the 
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> project itself, and they, in fact, still
+ share our ideals and goals.</P
+><P
+> The developers also believed that there are so many improvements over the original 
+ code, that it was time to make a clean break from the past and make 
+ a name in their own right.</P
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is the 
+ <SPAN
+CLASS="QUOTE"
+>"<SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Privacy Enhancing Proxy</I
+></SPAN
+>"</SPAN
+>. Also, its content
+ modification and junk suppression gives <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>you</I
+></SPAN
+>, the user, more
+ control, more freedom, and allows you to browse your personal and
+ <SPAN
+CLASS="QUOTE"
+>"<SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>private</I
+></SPAN
+> edition"</SPAN
+> of the web.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="DIFFERS"
+>1.7. How does Privoxy differ
+from the old Junkbuster?</A
+></H3
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> picks up where
+ <SPAN
+CLASS="APPLICATION"
+>Junkbuster</SPAN
+> left off.
+ The new <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> still blocks ads and banners,
+ still manages <A
+HREF="http://en.wikipedia.org/wiki/Browser_cookie"
+TARGET="_top"
+>cookies</A
+>, and still
+ helps protect your privacy. But, most of these features have been enhanced,
+ and many new ones have been added, all in the same vein.
+ </P
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>'s new features include:</P
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>     Can keep outgoing connections alive and reuse them later on.
+  </P
+></LI
+><LI
+><P
+>     Supports tagging which allows to change the behaviour
+     based on client and server headers.
+  </P
+></LI
+><LI
+><P
+>     Can be run as an "intercepting" proxy, which obviates the need to
+     configure browsers individually.
+  </P
+></LI
+><LI
+><P
+>     Sophisticated actions and filters for manipulating both server and client
+     headers. 
+   </P
+></LI
+><LI
+><P
+>     Can be chained with other proxies.
+  </P
+></LI
+><LI
+><P
+>   Integrated browser based configuration and control utility at <A
+HREF="http://config.privoxy.org/"
+TARGET="_top"
+>http://config.privoxy.org/</A
+>
+   (shortcut: <A
+HREF="http://p.p/"
+TARGET="_top"
+>http://p.p/</A
+>). Browser-based
+   tracing of rule and filter effects. Remote toggling.
+  </P
+></LI
+><LI
+><P
+>   Web page filtering (text replacements, removes banners based on size,
+   invisible <SPAN
+CLASS="QUOTE"
+>"web-bugs"</SPAN
+>, JavaScript and HTML annoyances, 
+   pop-up windows, etc.)
+  </P
+></LI
+><LI
+><P
+>   Modularized configuration that allows for standard settings and
+   user settings to reside in separate files, so that installing updated
+   actions files won't overwrite individual user settings.
+  </P
+></LI
+><LI
+><P
+>   Support for Perl Compatible Regular Expressions in the configuration files, and 
+   a more sophisticated and flexible configuration syntax.
+  </P
+></LI
+><LI
+><P
+>   Improved cookie management features (e.g. session based cookies).
+  </P
+></LI
+><LI
+><P
+>   GIF de-animation. 
+  </P
+></LI
+><LI
+><P
+>   Bypass many click-tracking scripts (avoids script redirection).
+  </P
+></LI
+><LI
+><P
+>   Multi-threaded (POSIX and native threads).
+  </P
+></LI
+><LI
+><P
+>   User-customizable HTML templates for most proxy-generated pages (e.g. "blocked" page).
+  </P
+></LI
+><LI
+><P
+>   Auto-detection and re-reading of config file changes.
+  </P
+></LI
+><LI
+><P
+>   Improved signal handling, and a true daemon mode (Unix).
+  </P
+></LI
+><LI
+><P
+>   Every feature now controllable on a per-site or per-location basis, configuration
+   more powerful and versatile over-all.
+  </P
+></LI
+><LI
+><P
+>   Many smaller new features added, limitations and bugs removed.
+  </P
+></LI
+></UL
+></P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="WHATSANAD"
+>1.8. How does Privoxy know what is
+an ad, and what is not?</A
+></H3
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>'s approach to blocking ads is twofold:</P
+><P
+> First, there are certain patterns in the <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>locations</I
+></SPAN
+> (URLs)
+ of banner images. This applies to both the path (you wouldn't guess how many
+ web sites serve their banners from a directory called <SPAN
+CLASS="QUOTE"
+>"banners"</SPAN
+>!)
+ and the host (blocking the big banner hosting services like doublecklick.net
+ already helps a lot). <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> takes advantage of this
+ fact by using <A
+HREF="../user-manual/actions-file.html#AF-PATTERNS"
+TARGET="_top"
+>URL
+ patterns</A
+> to sort out and block the requests for things that sound 
+ like they would be ads or banners.</P
+><P
+> Second, banners tend to come in certain <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>sizes</I
+></SPAN
+>. But you
+ can't tell the size of an image by its URL without downloading it, and if you
+ do, it's too late to save bandwidth. Therefore, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ also inspects the HTML sources of web pages while they are loaded, and replaces
+ references to images with standard banner sizes by dummy references, so that
+ your browser doesn't request them anymore in the first place.</P
+><P
+> Both of this involves a certain amount of guesswork and is, of course, freely
+ and readily configurable.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN160"
+>1.9. Can Privoxy make mistakes? 
+This does not sound very scientific.</A
+></H3
+><P
+> Actually, it's a black art ;-) And yes, it is always possible to have a broad
+ rule accidentally block or change something by mistake. You will almost surely
+ run into such situations at some point. It is tricky writing rules to
+ cover every conceivable possibility, and not occasionally get false positives.</P
+><P
+> But this should not be a big concern since the
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> configuration is very flexible, and
+ includes tools to help identify these types of situations so they can be
+ addressed as needed, allowing you to customize your installation.
+ (<A
+HREF="trouble.html#BADSITE"
+>See the Troubleshooting section below</A
+>.)</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN166"
+>1.10. Will I have to configure Privoxy
+ before I can use it?</A
+></H3
+><P
+> That depends on your expectations.
+ The default installation should give you a good starting
+ point, and block <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>most</I
+></SPAN
+> ads and unwanted content,
+ but many of the more advanced features are off by default, and require
+ you to activate them. </P
+><P
+> You do have to set up your browser to use
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> (see the <A
+HREF="installation.html#FIRSTSTEP"
+>Installation section below</A
+>). </P
+><P
+> And you will certainly run into situations where there are false positives,
+ or ads not being blocked that you may not want to see. In these cases, you
+ would certainly benefit by customizing <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+>
+ configuration to more closely match your individual situation. And we
+ encourage you to do this. This is where the real power of
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> lies!</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="LAN"
+>1.11. Can Privoxy run as a server on a network?</A
+></H3
+><P
+> 
+  Yes, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> runs as a server already, and can easily be configured to
+  <SPAN
+CLASS="QUOTE"
+>"serve"</SPAN
+> more than one client. See <A
+HREF="configuration.html#LANCONFIG"
+>  How can I set up Privoxy to act as a proxy for my LAN</A
+> below.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="BROWSERS2"
+>1.12. My browser does the same things as
+Privoxy. Why should I use Privoxy at all?</A
+></H3
+><P
+>  Modern browsers do indeed have <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>some</I
+></SPAN
+> of the same
+  functionality as <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>. Maybe this is
+  adequate for you. But <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is very
+  versatile and powerful, and can probably do a number of things
+  your browser just can't.
+ </P
+><P
+>  In addition, a proxy is good choice if you use multiple browsers, or 
+  have a LAN with multiple computers since <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can run as a server  
+  application. This way all the configuration is in one place, and you don't
+  have to maintain a similar configuration for possibly many browsers or
+  users.
+ </P
+><P
+>  Note, however, that it's recommended to leverage both your browser's
+  and <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> privacy enhancing features
+  at the same time. While your browser probably lacks some features
+  <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> offers, it should also be able to do some things more
+  reliable, for example restricting and suppressing JavaScript.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="WHYTRUST"
+>1.13. Why should I trust Privoxy?</A
+></H3
+><P
+>  The most important reason is because you have access to
+  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>everything</I
+></SPAN
+>, and you can control everything. You can
+  check every line of every configuration file yourself. You can check every
+  last bit of source code should you desire. And even if you can't read code, 
+  there should be some comfort in knowing that other people can, 
+  and do read it. You can build the software from scratch, if you want,
+  so that you know the executable is clean, and that it is
+  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>yours</I
+></SPAN
+>. In fact, we encourage this level of scrutiny. It
+  is one reason we use <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> ourselves.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="LICENSE"
+>1.14. Is there is a license or fee? What about a 
+warranty? Registration?</A
+></H3
+><P
+>  <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is free software and licensed under the <A
+HREF="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html"
+TARGET="_top"
+>GNU General Public License (GPL) version 2</A
+>.
+  It is free to use, copy, modify or distribute as you wish under the terms of this
+  license.  Please see the <A
+HREF="copyright.html"
+>Copyright</A
+> section for more
+  information on the license and copyright. Or the <TT
+CLASS="FILENAME"
+>LICENSE</TT
+> file 
+  that should be included.
+ </P
+><P
+>  There is <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>no warranty</I
+></SPAN
+> of any kind, expressed, implied or otherwise.
+  That is something that would cost real money ;-) There is no registration either.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="SPYWARE"
+>1.15. Can Privoxy remove spyware? Adware? Viruses?</A
+></H3
+><P
+> No, at least not reliably enough to trust it. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is not designed to be
+ a malware removal tool and the default configuration doesn't even try to
+ filter out any malware.</P
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> could help prevent contact from (known) sites that use such
+ tactics with appropriate configuration rules, and thus could conceivably
+ prevent contamination from such sites. However, keeping such a configuration
+ up to date would require a lot of time and effort that would be better spend
+ on keeping your software itself up to date so it doesn't have known
+ vulnerabilities.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="OTHERADS"
+>1.16. Can I use Privoxy with other ad-blocking software?</A
+></H3
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> should work fine with other proxies and other software in general.</P
+><P
+> But it is probably not necessary to use <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> in conjunction with other
+ ad-blocking products, and this could conceivably cause undesirable results.
+ It might be better to choose one software or the other and work a little to
+ tweak its configuration to your liking.</P
+><P
+> Note that this is an advice specific to ad blocking.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="JOINTEAM"
+>1.17. I would like to help you, what can I do?</A
+></H3
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="JOINTEAM-WORK"
+>1.17.1. Would you like to participate?</A
+></H4
+><P
+>   Well, we <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>always</I
+></SPAN
+> need help. There is something for
+   everybody who wants to help us. We welcome new developers, packagers,
+   testers, documentation writers or really anyone with a desire to help in
+   any way. You <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>DO NOT</I
+></SPAN
+> need to be a
+   <SPAN
+CLASS="QUOTE"
+>"programmer"</SPAN
+>. There are many other tasks available. In fact,
+   the programmers often can't spend as much time programming because of some
+   of the other, more mundane things that need to be done, like checking the
+   Tracker feedback sections. 
+ </P
+><P
+>  So first thing, <A
+HREF="https://sourceforge.net/account/register.php"
+TARGET="_top"
+>get an account on SourceForge.net</A
+>
+   and mail your id to the <A
+HREF="mailto:ijbswa-developers at lists.sourceforge.net"
+TARGET="_top"
+>developers
+   mailing list</A
+>. Then, please read the <A
+HREF="../developer-manual/index.html"
+TARGET="_top"
+>Developer's Manual</A
+>, at least
+   the pertinent sections.</P
+><P
+>  You can also start helping out without SourceForge.net account,
+  simply by showing up on the mailing list, helping out other users,
+  providing general feedback or reporting problems you noticed.
+ </P
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="DONATE"
+>1.17.2. Would you like to donate?</A
+></H4
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is developed by unpaid volunteers
+ and thus our current running costs are pretty low. Nevertheless, we
+ have plans that will cost money in the future. We would like to get
+ this money through donations made by our users.</P
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> has therefore become an associated
+ project of <A
+HREF="http://www.spi-inc.org/about-spi/about-spi"
+TARGET="_top"
+>Software
+ in the Public Interest (SPI)</A
+>, which allows us to receive tax-deductible
+ donations in most western countries.</P
+><P
+> We intend to use the donations to pay for our domain after transfering
+ it to SPI. Our goal is to make sure there's no single point of failure
+ and the bill gets paid and the site keeps running even if a some of
+ the currently active developers were to suddenly disappear for a while.</P
+><P
+> We would also like to spend some money on more reliable hosting,
+ on hardware to help make sure <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ keeps running on platforms the developers currently can't test on,
+ and on technical books to educate our developers about said platforms
+ or to improve their knowledge in general.</P
+><P
+> If you enjoy our software and feel like helping out with a donation,
+ please have a look at
+ <A
+HREF="http://www.spi-inc.org/donations"
+TARGET="_top"
+>SPI's donation page</A
+>
+ to see what the options are.</P
+><P
+></P
+></DIV
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="installation.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Privoxy Frequently Asked Questions</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Installation</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/faq/index.html b/external/privoxy/doc/webserver/faq/index.html
new file mode 100644
index 0000000..cec0d7c
--- /dev/null
+++ b/external/privoxy/doc/webserver/faq/index.html
@@ -0,0 +1,999 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Privoxy Frequently Asked Questions</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="NEXT"
+TITLE="General Information"
+HREF="general.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
+><BODY
+CLASS="ARTICLE"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="ARTICLE"
+><DIV
+CLASS="TITLEPAGE"
+><H1
+CLASS="TITLE"
+><A
+NAME="AEN2"
+>Privoxy Frequently Asked Questions</A
+></H1
+><P
+CLASS="PUBDATE"
+> <SUB
+> <A
+HREF="copyright.html"
+>Copyright</A
+> © 2001-2009 by 
+ <A
+HREF="http://www.privoxy.org/"
+TARGET="_top"
+>Privoxy Developers</A
+>
+ </SUB
+><BR></P
+><P
+CLASS="PUBDATE"
+>$Id: index.html,v 1.51 2009/03/21 12:59:04 fabiankeil Exp $<BR></P
+><DIV
+><DIV
+CLASS="ABSTRACT"
+><P
+></P
+><A
+NAME="AEN9"
+></A
+><P
+> This FAQ gives quick answers to frequently asked questions about
+ <A
+HREF="http://www.privoxy.org/"
+TARGET="_top"
+>Privoxy</A
+>.
+ It is not a substitute for the 
+ <A
+HREF="../user-manual/index.html"
+TARGET="_top"
+><I
+CLASS="CITETITLE"
+>Privoxy User Manual</I
+></A
+>.
+ 
+ </P
+><P
+>What is Privoxy?</P
+><P
+> Privoxy is a non-caching web proxy with advanced filtering capabilities
+ for enhancing privacy, modifying web page data and HTTP headers, controlling
+ access, and removing ads and other obnoxious Internet junk. Privoxy has a
+ flexible configuration and can be customized to suit individual needs and tastes.
+ It has application for both stand-alone systems and multi-user networks.</P
+><P
+> Privoxy is Free Software and licensed under the GPL2.</P
+><P
+> Privoxy is an associated project of Software in the Public Interest (SPI).
+ <A
+HREF="http://www.privoxy.org/faq/general.html#DONATE"
+TARGET="_top"
+>Donations are welcome</A
+>.</P
+><P
+>  Please note that this document is a work in progress. This copy represents
+  the state at the release of version 3.0.12.
+  You can find the latest version of the document at <A
+HREF="http://www.privoxy.org/faq/"
+TARGET="_top"
+>http://www.privoxy.org/faq/</A
+>.
+  Please see the <A
+HREF="contact.html"
+>Contact section</A
+> if you want to
+  contact the developers. 
+ </P
+><P
+></P
+></DIV
+></DIV
+><HR></DIV
+><DIV
+CLASS="TOC"
+><DL
+><DT
+><B
+>Table of Contents</B
+></DT
+><DT
+>1. <A
+HREF="general.html"
+>General Information</A
+></DT
+><DD
+><DL
+><DT
+>1.1. <A
+HREF="general.html#WHO-USES"
+>Who should give <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> a try?</A
+></DT
+><DT
+>1.2. <A
+HREF="general.html#BESTCHOICE"
+>Is Privoxy the best choice for
+me?</A
+></DT
+><DT
+>1.3. <A
+HREF="general.html#PROXYMORON"
+>What is a <SPAN
+CLASS="QUOTE"
+>"proxy"</SPAN
+>? How does
+Privoxy work?</A
+></DT
+><DT
+>1.4. <A
+HREF="general.html#OTHERSTUFF"
+>Does Privoxy do anything more than ad blocking?</A
+></DT
+><DT
+>1.5. <A
+HREF="general.html#NEWJB"
+>What is this new version of 
+<SPAN
+CLASS="QUOTE"
+>"Junkbuster"</SPAN
+>?</A
+></DT
+><DT
+>1.6. <A
+HREF="general.html#AEN78"
+>Why <SPAN
+CLASS="QUOTE"
+>"Privoxy"</SPAN
+>? Why change the name from
+Junkbuster at all?</A
+></DT
+><DT
+>1.7. <A
+HREF="general.html#DIFFERS"
+>How does Privoxy differ
+from the old Junkbuster?</A
+></DT
+><DT
+>1.8. <A
+HREF="general.html#WHATSANAD"
+>How does Privoxy know what is
+an ad, and what is not?</A
+></DT
+><DT
+>1.9. <A
+HREF="general.html#AEN160"
+>Can Privoxy make mistakes? 
+This does not sound very scientific.</A
+></DT
+><DT
+>1.10. <A
+HREF="general.html#AEN166"
+>Will I have to configure Privoxy
+ before I can use it?</A
+></DT
+><DT
+>1.11. <A
+HREF="general.html#LAN"
+>Can Privoxy run as a server on a network?</A
+></DT
+><DT
+>1.12. <A
+HREF="general.html#BROWSERS2"
+>My browser does the same things as
+Privoxy. Why should I use Privoxy at all?</A
+></DT
+><DT
+>1.13. <A
+HREF="general.html#WHYTRUST"
+>Why should I trust Privoxy?</A
+></DT
+><DT
+>1.14. <A
+HREF="general.html#LICENSE"
+>Is there is a license or fee? What about a 
+warranty? Registration?</A
+></DT
+><DT
+>1.15. <A
+HREF="general.html#SPYWARE"
+>Can Privoxy remove spyware? Adware? Viruses?</A
+></DT
+><DT
+>1.16. <A
+HREF="general.html#OTHERADS"
+>Can I use Privoxy with other ad-blocking software?</A
+></DT
+><DT
+>1.17. <A
+HREF="general.html#JOINTEAM"
+>I would like to help you, what can I do?</A
+></DT
+><DD
+><DL
+><DT
+>1.17.1. <A
+HREF="general.html#JOINTEAM-WORK"
+>Would you like to participate?</A
+></DT
+><DT
+>1.17.2. <A
+HREF="general.html#DONATE"
+>Would you like to donate?</A
+></DT
+></DL
+></DD
+></DL
+></DD
+><DT
+>2. <A
+HREF="installation.html"
+>Installation</A
+></DT
+><DD
+><DL
+><DT
+>2.1. <A
+HREF="installation.html#WHICHBROWSERS"
+>Which browsers are supported by Privoxy?</A
+></DT
+><DT
+>2.2. <A
+HREF="installation.html#WHICHOS"
+>Which operating systems are supported?</A
+></DT
+><DT
+>2.3. <A
+HREF="installation.html#EMAIL-CLIENT"
+>Can I use Privoxy with my email client?</A
+></DT
+><DT
+>2.4. <A
+HREF="installation.html#FIRSTSTEP"
+>I just installed Privoxy. Is there anything 
+special I have to do now?</A
+></DT
+><DT
+>2.5. <A
+HREF="installation.html#LOCALHOST"
+>What is the proxy address of Privoxy?</A
+></DT
+><DT
+>2.6. <A
+HREF="installation.html#NOTHING"
+>I just installed Privoxy, and nothing is happening.
+All the ads are there. What's wrong?</A
+></DT
+><DT
+>2.7. <A
+HREF="installation.html#NOTUSED"
+>I get a <SPAN
+CLASS="QUOTE"
+>"Privoxy is not being used"</SPAN
+> dummy page although
+Privoxy is running and being used.</A
+></DT
+></DL
+></DD
+><DT
+>3. <A
+HREF="configuration.html"
+>Configuration</A
+></DT
+><DD
+><DL
+><DT
+>3.1. <A
+HREF="configuration.html#AEN354"
+>What exactly is an <SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+> file?</A
+></DT
+><DT
+>3.2. <A
+HREF="configuration.html#ACTIONSS"
+>The <SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+> concept confuses me. Please list 
+some of these <SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+>.</A
+></DT
+><DT
+>3.3. <A
+HREF="configuration.html#AEN377"
+>How are actions files configured? What is the easiest
+way to do this?</A
+></DT
+><DT
+>3.4. <A
+HREF="configuration.html#AEN386"
+>There are several different <SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+> files. What are
+the differences?</A
+></DT
+><DT
+>3.5. <A
+HREF="configuration.html#GETUPDATES"
+>Where can I get updated Actions Files?</A
+></DT
+><DT
+>3.6. <A
+HREF="configuration.html#NEWCONFIG"
+>Can I use my old config files?</A
+></DT
+><DT
+>3.7. <A
+HREF="configuration.html#DIFFICULT"
+>Why is the configuration so complicated?</A
+></DT
+><DT
+>3.8. <A
+HREF="configuration.html#YAHOO"
+>How can I make my Yahoo/Hotmail/Gmail account work?</A
+></DT
+><DT
+>3.9. <A
+HREF="configuration.html#CONFIGFILES"
+>What's the difference between the
+<SPAN
+CLASS="QUOTE"
+>"Cautious"</SPAN
+>, <SPAN
+CLASS="QUOTE"
+>"Medium"</SPAN
+> and <SPAN
+CLASS="QUOTE"
+>"Advanced"</SPAN
+> defaults?</A
+></DT
+><DT
+>3.10. <A
+HREF="configuration.html#BROWSECONFIG"
+>Why can I change the configuration 
+with a browser? Does that not raise security issues?</A
+></DT
+><DT
+>3.11. <A
+HREF="configuration.html#AEN481"
+>What is the <TT
+CLASS="FILENAME"
+>default.filter</TT
+> file? What is a <SPAN
+CLASS="QUOTE"
+>"filter"</SPAN
+>?</A
+></DT
+><DT
+>3.12. <A
+HREF="configuration.html#LANCONFIG"
+>How can I set up Privoxy to act as a proxy for my 
+ LAN?</A
+></DT
+><DT
+>3.13. <A
+HREF="configuration.html#AEN532"
+>Instead of ads, now I get a checkerboard pattern. I don't want to see anything.</A
+></DT
+><DT
+>3.14. <A
+HREF="configuration.html#AEN549"
+>Why would anybody want to see a checkerboard pattern?</A
+></DT
+><DT
+>3.15. <A
+HREF="configuration.html#AEN555"
+>I see some images being replaced with text
+instead of the checkerboard image. Why and how do I get rid of this?</A
+></DT
+><DT
+>3.16. <A
+HREF="configuration.html#SRVANY"
+>Can Privoxy run as a service 
+on Win2K/NT/XP?</A
+></DT
+><DT
+>3.17. <A
+HREF="configuration.html#OTHERPROXY"
+>How can I make Privoxy work with other 
+proxies like Squid or Tor?</A
+></DT
+><DT
+>3.18. <A
+HREF="configuration.html#PORT-80"
+>Can I just set Privoxy to use port 80
+and thus avoid individual browser configuration?</A
+></DT
+><DT
+>3.19. <A
+HREF="configuration.html#TRANSPARENT"
+>Can Privoxy run as a <SPAN
+CLASS="QUOTE"
+>"transparent"</SPAN
+> proxy?</A
+></DT
+><DT
+>3.20. <A
+HREF="configuration.html#INTERCEPTING"
+>Can Privoxy run as a <SPAN
+CLASS="QUOTE"
+>"intercepting"</SPAN
+> proxy?</A
+></DT
+><DT
+>3.21. <A
+HREF="configuration.html#OUTLOOK"
+>How can I configure Privoxy for use with Outlook?</A
+></DT
+><DT
+>3.22. <A
+HREF="configuration.html#OUTLOOK-MORE"
+>How can I have separate rules just for HTML mail?</A
+></DT
+><DT
+>3.23. <A
+HREF="configuration.html#SNEAKY-COOKIES"
+>I sometimes notice cookies sneaking through. How?</A
+></DT
+><DT
+>3.24. <A
+HREF="configuration.html#EVIL-COOKIES"
+>Are all cookies bad? Why?</A
+></DT
+><DT
+>3.25. <A
+HREF="configuration.html#ALLOW-COOKIES"
+>How can I allow permanent cookies for my trusted sites?</A
+></DT
+><DT
+>3.26. <A
+HREF="configuration.html#MULTIPLES"
+>Can I have separate configurations for different users?</A
+></DT
+><DT
+>3.27. <A
+HREF="configuration.html#WHITELISTS"
+>Can I set-up Privoxy as a whitelist of
+<SPAN
+CLASS="QUOTE"
+>"good"</SPAN
+> sites?</A
+></DT
+><DT
+>3.28. <A
+HREF="configuration.html#NO-ADBLOCK"
+>How can I turn off ad-blocking?</A
+></DT
+><DT
+>3.29. <A
+HREF="configuration.html#TEMPLATES"
+>How can I have custom template pages, like the 
+<SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>BLOCKED</I
+></SPAN
+> page?</A
+></DT
+><DT
+>3.30. <A
+HREF="configuration.html#BLOCKALL"
+>How can I remove the <SPAN
+CLASS="QUOTE"
+>"Go There Anyway"</SPAN
+> link from 
+the <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>BLOCKED</I
+></SPAN
+> page?</A
+></DT
+></DL
+></DD
+><DT
+>4. <A
+HREF="misc.html"
+>Miscellaneous</A
+></DT
+><DD
+><DL
+><DT
+>4.1. <A
+HREF="misc.html#AEN729"
+>How much does Privoxy slow my browsing down? This 
+has to add extra time to browsing.</A
+></DT
+><DT
+>4.2. <A
+HREF="misc.html#LOADINGTIMES"
+>I notice considerable
+delays in page requests. What's wrong?</A
+></DT
+><DT
+>4.3. <A
+HREF="misc.html#CONFIGURL"
+>What are "http://config.privoxy.org/" and
+"http://p.p/"?</A
+></DT
+><DT
+>4.4. <A
+HREF="misc.html#NEWADS"
+>How can I submit new ads, or report
+problems?</A
+></DT
+><DT
+>4.5. <A
+HREF="misc.html#NEWADS2"
+>If I do submit missed ads, will 
+they be included in future updates?</A
+></DT
+><DT
+>4.6. <A
+HREF="misc.html#NOONECARES"
+>Why doesn't anyone answer my support 
+request?</A
+></DT
+><DT
+>4.7. <A
+HREF="misc.html#IP"
+>How can I hide my IP address?</A
+></DT
+><DT
+>4.8. <A
+HREF="misc.html#AEN794"
+>Can Privoxy guarantee I am anonymous?</A
+></DT
+><DT
+>4.9. <A
+HREF="misc.html#AEN812"
+>A test site says I am not using a Proxy.</A
+></DT
+><DT
+>4.10. <A
+HREF="misc.html#TOR"
+>How do I use Privoxy
+ together with Tor?</A
+></DT
+><DT
+>4.11. <A
+HREF="misc.html#AEN868"
+>Might some things break because header information or
+content is being altered?</A
+></DT
+><DT
+>4.12. <A
+HREF="misc.html#AEN882"
+>Can Privoxy act as a <SPAN
+CLASS="QUOTE"
+>"caching"</SPAN
+> proxy to 
+speed up web browsing?</A
+></DT
+><DT
+>4.13. <A
+HREF="misc.html#AEN892"
+>What about as a firewall? Can Privoxy protect me?</A
+></DT
+><DT
+>4.14. <A
+HREF="misc.html#AEN897"
+>I have large empty spaces / a checkerboard pattern now where
+ads used to be. Why?</A
+></DT
+><DT
+>4.15. <A
+HREF="misc.html#AEN905"
+>How can Privoxy filter Secure (HTTPS) URLs?</A
+></DT
+><DT
+>4.16. <A
+HREF="misc.html#AEN919"
+>Privoxy runs as a <SPAN
+CLASS="QUOTE"
+>"server"</SPAN
+>. How 
+secure is it? Do I need to take any special precautions?</A
+></DT
+><DT
+>4.17. <A
+HREF="misc.html#TURNOFF"
+>Can I temporarily disable Privoxy?</A
+></DT
+><DT
+>4.18. <A
+HREF="misc.html#REALLYOFF"
+>When <SPAN
+CLASS="QUOTE"
+>"disabled"</SPAN
+> is Privoxy totally 
+out of the picture?</A
+></DT
+><DT
+>4.19. <A
+HREF="misc.html#TURNOFF2"
+>How can I tell Privoxy to totally ignore certain sites?</A
+></DT
+><DT
+>4.20. <A
+HREF="misc.html#CRUNCH"
+>My logs show Privoxy <SPAN
+CLASS="QUOTE"
+>"crunches"</SPAN
+> 
+ads, but also its own internal CGI pages. What is a <SPAN
+CLASS="QUOTE"
+>"crunch"</SPAN
+>?</A
+></DT
+><DT
+>4.21. <A
+HREF="misc.html#DOWNLOADS"
+>Can Privoxy effect files that I download
+from a webserver? FTP server?</A
+></DT
+><DT
+>4.22. <A
+HREF="misc.html#DOWNLOADS2"
+>I just downloaded a Perl script, and Privoxy
+altered it! Yikes, what is wrong!</A
+></DT
+><DT
+>4.23. <A
+HREF="misc.html#HOSTSFILE"
+>Should I continue to use a <SPAN
+CLASS="QUOTE"
+>"HOSTS"</SPAN
+> file for ad-blocking?</A
+></DT
+><DT
+>4.24. <A
+HREF="misc.html#SEEALSO"
+>Where can I find more information about Privoxy
+and related issues?</A
+></DT
+><DT
+>4.25. <A
+HREF="misc.html#MICROSUCK"
+>I've noticed that Privoxy changes <SPAN
+CLASS="QUOTE"
+>"Microsoft"</SPAN
+> to 
+<SPAN
+CLASS="QUOTE"
+>"MicroSuck"</SPAN
+>! Why are you manipulating my browsing?</A
+></DT
+><DT
+>4.26. <A
+HREF="misc.html#VALID"
+>Does Privoxy produce <SPAN
+CLASS="QUOTE"
+>"valid"</SPAN
+> HTML (or XHTML)?</A
+></DT
+></DL
+></DD
+><DT
+>5. <A
+HREF="trouble.html"
+>Troubleshooting</A
+></DT
+><DD
+><DL
+><DT
+>5.1. <A
+HREF="trouble.html#AEN1084"
+>I cannot connect to any websites. Or, I am getting
+<SPAN
+CLASS="QUOTE"
+>"connection refused"</SPAN
+> message with every web page. Why?</A
+></DT
+><DT
+>5.2. <A
+HREF="trouble.html#ERROR503"
+>Why am I getting a 503 Error (WSAECONNREFUSED) on every page?</A
+></DT
+><DT
+>5.3. <A
+HREF="trouble.html#AEN1107"
+>I just added a new rule, but the steenkin ad is 
+still getting through. How?</A
+></DT
+><DT
+>5.4. <A
+HREF="trouble.html#BADSITE"
+>One of my favorite sites does not work with Privoxy.
+What can I do?</A
+></DT
+><DT
+>5.5. <A
+HREF="trouble.html#DUN"
+>After installing Privoxy, I have to log in
+every time I start IE. What gives?</A
+></DT
+><DT
+>5.6. <A
+HREF="trouble.html#FTP"
+>I cannot connect to any FTP sites. Privoxy
+ is blocking me.</A
+></DT
+><DT
+>5.7. <A
+HREF="trouble.html#MACOSXIE"
+>In Mac OS X, I can't configure Microsoft Internet Explorer to use 
+ Privoxy as the HTTP proxy.</A
+></DT
+><DT
+>5.8. <A
+HREF="trouble.html#MACOSXUNINSTALL"
+>In Mac OS X, I dragged the Privoxy folder to the trash in order to 
+ uninstall it. Now the finder tells me I don't have sufficient privileges to
+ empty the trash.</A
+></DT
+><DT
+>5.9. <A
+HREF="trouble.html#MACOSXIMAGES"
+>In Mac OS X Panther (10.3), images often fail to load and/or I
+ experience random delays in page loading. I'm using
+ <TT
+CLASS="LITERAL"
+>localhost</TT
+> as my browser's proxy setting.</A
+></DT
+><DT
+>5.10. <A
+HREF="trouble.html#BLANKPAGE"
+>I get a completely blank page at one site. <SPAN
+CLASS="QUOTE"
+>"View Source"</SPAN
+>
+ shows only: <SPAN
+CLASS="MARKUP"
+><html><body></body></html></SPAN
+>. Without
+ Privoxy the page loads fine.</A
+></DT
+><DT
+>5.11. <A
+HREF="trouble.html#NOHOSTNAME"
+>My logs show many <SPAN
+CLASS="QUOTE"
+>"Unable to get my own hostname"</SPAN
+> lines.
+Why?</A
+></DT
+><DT
+>5.12. <A
+HREF="trouble.html#INUSE"
+>When I try to launch Privoxy, I get an 
+error message <SPAN
+CLASS="QUOTE"
+>"port 8118 is already in use"</SPAN
+> (or similar wording).
+Why?</A
+></DT
+><DT
+>5.13. <A
+HREF="trouble.html#DEMORONIZER"
+>Pages with UTF-8 fonts are garbled.</A
+></DT
+><DT
+>5.14. <A
+HREF="trouble.html#DEMORONIZER2"
+>Why are binary files (such as images) corrupted when Privoxy
+ is used?</A
+></DT
+><DT
+>5.15. <A
+HREF="trouble.html#DEMORONIZER3"
+>What is the <SPAN
+CLASS="QUOTE"
+>"demoronizer"</SPAN
+> and why is it there?</A
+></DT
+><DT
+>5.16. <A
+HREF="trouble.html#WINDOWOPEN"
+>Why do I keep seeing <SPAN
+CLASS="QUOTE"
+>"PrivoxyWindowOpen()"</SPAN
+> in raw source code?</A
+></DT
+><DT
+>5.17. <A
+HREF="trouble.html#DNSERRORS"
+>I am getting too many DNS errors like <SPAN
+CLASS="QUOTE"
+>"404 No Such Domain"</SPAN
+>. Why
+ can't Privoxy do this better?</A
+></DT
+><DT
+>5.18. <A
+HREF="trouble.html#ALLCPU"
+>At one site Privoxy just hangs, and starts taking 
+ all CPU. Why is this?</A
+></DT
+><DT
+>5.19. <A
+HREF="trouble.html#SLOWCRAWL"
+>I just installed Privoxy, and all my
+browsing has slowed to a crawl. What gives?</A
+></DT
+><DT
+>5.20. <A
+HREF="trouble.html#PREVENTCOMP"
+>Why do my filters work on some sites but not on others?</A
+></DT
+><DT
+>5.21. <A
+HREF="trouble.html#SSL-WARNINGS"
+>On some HTTPS sites my browser warns me about unauthenticated content,
+ the URL bar doesn't get highlighted and the lock symbol appears to be broken.
+ What's going on?</A
+></DT
+><DT
+>5.22. <A
+HREF="trouble.html#SE-LINUX"
+>I get selinux error messages. How can I fix this?</A
+></DT
+><DT
+>5.23. <A
+HREF="trouble.html#GENTOO-RICERS"
+>I compiled <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> with Gentoo's portage and it appears to be very slow. Why?</A
+></DT
+></DL
+></DD
+><DT
+>6. <A
+HREF="contact.html"
+>Contacting the developers, Bug Reporting and Feature Requests</A
+></DT
+><DD
+><DL
+><DT
+>6.1. <A
+HREF="contact.html#CONTACT-SUPPORT"
+>Get Support</A
+></DT
+><DT
+>6.2. <A
+HREF="contact.html#REPORTING"
+>Reporting Problems</A
+></DT
+><DD
+><DL
+><DT
+>6.2.1. <A
+HREF="contact.html#CONTACT-ADS"
+>Reporting Ads or Other Configuration Problems</A
+></DT
+><DT
+>6.2.2. <A
+HREF="contact.html#CONTACT-BUGS"
+>Reporting Bugs</A
+></DT
+></DL
+></DD
+><DT
+>6.3. <A
+HREF="contact.html#CONTACT-FEATURE"
+>Request New Features</A
+></DT
+><DT
+>6.4. <A
+HREF="contact.html#CONTACT-OTHER"
+>Other</A
+></DT
+></DL
+></DD
+><DT
+>7. <A
+HREF="copyright.html"
+>Privoxy Copyright, License and History</A
+></DT
+><DD
+><DL
+><DT
+>7.1. <A
+HREF="copyright.html#AEN1451"
+>License</A
+></DT
+><DT
+>7.2. <A
+HREF="copyright.html#AEN1467"
+>History</A
+></DT
+></DL
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="general.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>General Information</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/faq/installation.html b/external/privoxy/doc/webserver/faq/installation.html
new file mode 100644
index 0000000..1e99b30
--- /dev/null
+++ b/external/privoxy/doc/webserver/faq/installation.html
@@ -0,0 +1,569 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Installation</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy Frequently Asked Questions"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="General Information"
+HREF="general.html"><LINK
+REL="NEXT"
+TITLE="Configuration"
+HREF="configuration.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy Frequently Asked Questions</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="general.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="configuration.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="INSTALLATION"
+>2. Installation</A
+></H1
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="WHICHBROWSERS"
+>2.1. Which browsers are supported by Privoxy?</A
+></H3
+><P
+> Any browser that can be configured to use a proxy, which 
+ should be virtually all browsers, including
+ <SPAN
+CLASS="APPLICATION"
+>Firefox</SPAN
+>, <SPAN
+CLASS="APPLICATION"
+>Internet
+ Explorer</SPAN
+>, <SPAN
+CLASS="APPLICATION"
+>Opera</SPAN
+>, and 
+ <SPAN
+CLASS="APPLICATION"
+>Safari</SPAN
+> among others.
+ Direct browser support is not an absolute requirement since
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> runs as a separate application and talks
+ to the browser in the standardized HTTP protocol, just like a web server
+ does.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="WHICHOS"
+>2.2. Which operating systems are supported?</A
+></H3
+><P
+> At present, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is known to run on
+ Windows(95, 98, ME, 2000, XP, Vista), GNU/Linux (RedHat, SuSE, Debian,
+ Fedora, Gentoo, Slackware and others), Mac OSX, OS/2, AmigaOS, FreeBSD,
+ NetBSD, OpenBSD, Solaris, and various other flavors of Unix.</P
+><P
+> But any operating system that runs TCP/IP, can conceivably take advantage of
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> in a networked situation where
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> would run as a server on a LAN gateway. 
+ Then only the <SPAN
+CLASS="QUOTE"
+>"gateway"</SPAN
+> needs to be running one of the above
+ operating systems.</P
+><P
+> Source code is freely available, so porting to other operating systems 
+ is always a possibility.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="EMAIL-CLIENT"
+>2.3. Can I use Privoxy with my email client?</A
+></H3
+><P
+> As long as there is some way to set a HTTP proxy for the client, then yes,
+ any application can be used, whether it is strictly speaking a
+ <SPAN
+CLASS="QUOTE"
+>"browser"</SPAN
+> or not. Though this may not be the best approach for
+ dealing with some of the common abuses of HTML in email. See <A
+HREF="configuration.html#OUTLOOK"
+>How can I configure <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ with <SPAN
+CLASS="APPLICATION"
+>Outlook</SPAN
+>?</A
+> below for more on
+ this. </P
+><P
+> Be aware that HTML email presents a number of unique security and privacy
+ related issues, that can require advanced skills to overcome. The developers
+ recommend using email clients that can be configured to convert HTML to plain
+ text for these reasons.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="FIRSTSTEP"
+>2.4. I just installed Privoxy. Is there anything 
+special I have to do now?</A
+></H3
+><P
+> All browsers should be told to use <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 
+ as a proxy by specifying the correct proxy address and port number 
+ in the appropriate configuration area for the browser. It's possible
+ to combine <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> with a packet filter to intercept HTTP requests
+ even if the client isn't explicitly configured to use <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>,
+ but where possible, configuring the client is recommended. See 
+ <A
+HREF="../user-manual/startup.html"
+TARGET="_top"
+>the User Manual for more
+ details</A
+>. You should also flush your browser's memory and disk
+ cache to get rid of any cached junk items, and remove any stored 
+ <A
+HREF="http://en.wikipedia.org/wiki/Browser_cookie"
+TARGET="_top"
+>cookies</A
+>.
</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="LOCALHOST"
+>2.5. What is the proxy address of Privoxy?</A
+></H3
+><P
+>  If you set up the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to run on
+  the computer you browse from (rather than your ISP's server or some
+  networked computer on a LAN), the proxy will be on <TT
+CLASS="LITERAL"
+>127.0.0.1</TT
+> 
+  (sometimes referred to as <SPAN
+CLASS="QUOTE"
+>"localhost"</SPAN
+>,
+  which is the special name used by every computer on the Internet to refer
+  to itself) and the port will be 8118 (unless you used the <A
+HREF="../user-manual/config.html#LISTEN-ADDRESS"
+TARGET="_top"
+>listen-address</A
+>
+  config option to tell <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to run on
+  a different port).
+ </P
+><P
+>  When configuring your browser's proxy settings you typically enter
+  the word <SPAN
+CLASS="QUOTE"
+>"localhost"</SPAN
+> or the IP address <SPAN
+CLASS="QUOTE"
+>"127.0.0.1"</SPAN
+>
+  in the boxes next to <SPAN
+CLASS="QUOTE"
+>"HTTP"</SPAN
+> and <SPAN
+CLASS="QUOTE"
+>"Secure"</SPAN
+> (HTTPS) and
+  then the number <SPAN
+CLASS="QUOTE"
+>"8118"</SPAN
+> for <SPAN
+CLASS="QUOTE"
+>"port"</SPAN
+>. 
+  This tells your browser to send all web requests to <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+  instead of directly to the Internet.
+ </P
+><P
+>  <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can also be used to proxy for 
+  a Local Area Network. In this case, your would enter either the IP 
+  address of the LAN host where <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 
+  is running, or the equivalent hostname, e.g. <TT
+CLASS="LITERAL"
+>192.168.1.1</TT
+>.
+  Port assignment would be same as above. Note that
+  <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> doesn't listen on any LAN interfaces by
+  default.
+ </P
+><P
+>  <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> does not currently handle
+  any other protocols such as FTP, SMTP, IM, IRC, ICQ, etc.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="NOTHING"
+>2.6. I just installed Privoxy, and nothing is happening.
+All the ads are there. What's wrong?</A
+></H3
+><P
+> Did you configure your browser to use <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 
+ as a proxy? It does not sound like it. See above. You might also try flushing
+ the browser's caches to force a full re-reading of pages. You can verify 
+ that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is running, and your browser 
+ is correctly configured by entering the special URL: 
+ <A
+HREF="http://p.p/"
+TARGET="_top"
+>http://p.p/</A
+>. 
+ 
+ This should take you to a page titled <SPAN
+CLASS="QUOTE"
+>"This is Privoxy.."</SPAN
+> with
+ access to <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> internal configuration.
+ If you see this, then you are good to go. If you receive a page saying 
+ <SPAN
+CLASS="QUOTE"
+>"Privoxy is not running"</SPAN
+>, then the browser is not set up to use
+ your <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> installation.
+ If you receive anything else (probably nothing at all), it could either
+ be that the browser is not set up correctly, or that
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is not running at all. Check the <A
+HREF="../user-manual/config.html#LOGFILE"
+TARGET="_top"
+>log file</A
+>. For instructions
+ on starting <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> and browser configuration,
+ see the <A
+HREF="http://www.privoxy.org/user-manual/startup.html"
+TARGET="_top"
+>chapter
+ on starting <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+></A
+> in the
+ <A
+HREF="http://www.privoxy.org/user-manual/"
+TARGET="_top"
+>User Manual</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="NOTUSED"
+>2.7. I get a <SPAN
+CLASS="QUOTE"
+>"Privoxy is not being used"</SPAN
+> dummy page although
+Privoxy is running and being used.</A
+></H3
+><P
+> First, make sure that Privoxy is <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>really</I
+></SPAN
+> running and
+ being used by visiting <A
+HREF="http://p.p/"
+TARGET="_top"
+>http://p.p/</A
+>. You
+ should see the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> main page. If not, see
+ the <A
+HREF="http://www.privoxy.org/user-manual/startup.html"
+TARGET="_top"
+>chapter
+ on starting <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+></A
+> in the
+ <A
+HREF="http://www.privoxy.org/user-manual/"
+TARGET="_top"
+>User Manual</A
+>.</P
+><P
+> Now if <A
+HREF="http://p.p/"
+TARGET="_top"
+>http://p.p/</A
+> works for you, but
+ other parts of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>'s web interface show
+ the dummy page, your browser has cached a redirection it encountered before
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> was being used. You need to clear your
+ browser's cache. Note that shift-reloading the dummy page won't help, since
+ that'll only refresh the dummy page, not the redirection that lead you there.</P
+><P
+> The procedure for clearing the cache varies from browser to browser. For
+ example, <SPAN
+CLASS="APPLICATION"
+>Mozilla/Netscape</SPAN
+> users would click 
+ <SPAN
+CLASS="GUIBUTTON"
+>Edit</SPAN
+> --> <SPAN
+CLASS="GUIBUTTON"
+>Preferences</SPAN
+> -->
+ <SPAN
+CLASS="GUIBUTTON"
+>Advanced</SPAN
+> --> <SPAN
+CLASS="GUIBUTTON"
+>Cache</SPAN
+> and
+ then click both <SPAN
+CLASS="QUOTE"
+>"<SPAN
+CLASS="GUIBUTTON"
+>Clear Memory Cache</SPAN
+>"</SPAN
+>
+ and <SPAN
+CLASS="QUOTE"
+>"<SPAN
+CLASS="GUIBUTTON"
+>Clear Disk Cache</SPAN
+>"</SPAN
+>.
+ In some <SPAN
+CLASS="APPLICATION"
+>Firefox</SPAN
+> versions it's
+ <SPAN
+CLASS="GUIBUTTON"
+>Tools</SPAN
+> --> <SPAN
+CLASS="GUIBUTTON"
+>Options</SPAN
+> -->
+ <SPAN
+CLASS="GUIBUTTON"
+>Privacy</SPAN
+> --> <SPAN
+CLASS="GUIBUTTON"
+>Cache</SPAN
+> and
+ then click <SPAN
+CLASS="QUOTE"
+>"<SPAN
+CLASS="GUIBUTTON"
+>Clear Cache Now</SPAN
+>"</SPAN
+>.
+ </P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="general.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="configuration.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>General Information</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Configuration</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/faq/misc.html b/external/privoxy/doc/webserver/faq/misc.html
new file mode 100644
index 0000000..174722e
--- /dev/null
+++ b/external/privoxy/doc/webserver/faq/misc.html
@@ -0,0 +1,1745 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Miscellaneous</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy Frequently Asked Questions"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Configuration"
+HREF="configuration.html"><LINK
+REL="NEXT"
+TITLE="Troubleshooting"
+HREF="trouble.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy Frequently Asked Questions</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="configuration.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="trouble.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="MISC"
+>4. Miscellaneous</A
+></H1
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN729"
+>4.1. How much does Privoxy slow my browsing down? This 
+has to add extra time to browsing.</A
+></H3
+><P
+> How much of an impact depends on many things, including the CPU of the host
+ system, how aggressive the configuration is, which specific actions are being triggered, 
+ the size of the page, the bandwidth of the connection, etc.</P
+><P
+> Overall, it should not slow you down any in real terms, and may actually help 
+ speed things up since ads, banners and other junk are not typically being
+ retrieved and displayed. The actual processing time required by
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> itself for each page, is relatively small
+ in the overall scheme of things, and happens very quickly. This is typically
+ more than offset by time saved not downloading and rendering ad images and
+ other junk content (if ad blocking is being used).</P
+><P
+> <SPAN
+CLASS="QUOTE"
+>"Filtering"</SPAN
+> content via the <TT
+CLASS="LITERAL"
+><A
+HREF="../user-manual/actions-file.html#FILTER"
+TARGET="_top"
+>filter</A
+></TT
+> or
+ <TT
+CLASS="LITERAL"
+><A
+HREF="../user-manual/actions-file.html#DEANIMATE-GIFS"
+TARGET="_top"
+>deanimate-gifs</A
+></TT
+>
+ actions may cause a perceived slowdown, since the entire document
+ needs to be buffered before displaying. And on very large documents,
+ filtering may have some measurable impact. How much depends on the page size,
+ the actual definition of the filter(s), etc. See below. Most other actions
+ have little to no impact on speed.</P
+><P
+> Also, when filtering is enabled but zlib support isn't available, compression
+ is often disabled (see <A
+HREF="../user-manual/actions-file.html#PREVENT-COMPRESSION"
+TARGET="_top"
+>prevent-compression</A
+>).
+ This can have an impact on speed as well, although it's probably smaller than
+ you might think. Again, the page size, etc. will determine how much of an impact.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="LOADINGTIMES"
+>4.2. I notice considerable
+delays in page requests. What's wrong?</A
+></H3
+><P
+> If you use any <TT
+CLASS="LITERAL"
+><A
+HREF="../user-manual/actions-file.html#FILTER"
+TARGET="_top"
+>filter</A
+></TT
+> action,
+ such as filtering banners by size, web-bugs etc, or the <TT
+CLASS="LITERAL"
+><A
+HREF="../user-manual/actions-file.html#DEANIMATE-GIFS"
+TARGET="_top"
+>deanimate-gifs</A
+></TT
+>
+ action, the entire document must be loaded into memory in order for the filtering 
+ mechanism to work, and nothing is sent to the browser during this time.</P
+><P
+> The loading time typically does not really change much in real numbers, but
+ the feeling is different, because most browsers are able to start rendering
+ incomplete content, giving the user a feeling of "it works". This effect is
+ more noticeable on slower dialup connections. Extremely large documents
+ may have some impact on the time to load the page where there is filtering
+ being done. But overall, the difference should be very minimal. If there is a
+ big impact, then probably some other situation is contributing (like
+ anti-virus software).
+ </P
+><P
+> Filtering is automatically disabled for inappropriate MIME types. But note 
+ that if the web server mis-reports the MIME type, then content that should
+ not be filtered, could be. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> only knows how
+ to differentiate filterable content because of the MIME type as reported by
+ the server, or because of some configuration setting that enables/disables
+ filtering.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="CONFIGURL"
+>4.3. What are "http://config.privoxy.org/" and
+"http://p.p/"?</A
+></H3
+><P
+> <A
+HREF="http://config.privoxy.org/"
+TARGET="_top"
+>http://config.privoxy.org/</A
+> is the
+ address of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>'s built-in user interface, and 
+ <A
+HREF="http://p.p/"
+TARGET="_top"
+>http://p.p/</A
+> is a shortcut for it.</P
+><P
+> Since <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> sits between your web browser and the Internet, 
+ it can simply intercept requests for these addresses and answer them with its built-in
+ <SPAN
+CLASS="QUOTE"
+>"web server"</SPAN
+>.</P
+><P
+> This also makes for a good test for your browser configuration: If entering the
+ URL <A
+HREF="http://config.privoxy.org/"
+TARGET="_top"
+>http://config.privoxy.org/</A
+>
+ takes you to a page saying <SPAN
+CLASS="QUOTE"
+>"This is Privoxy ..."</SPAN
+>, everything is OK.
+ If you get a page saying <SPAN
+CLASS="QUOTE"
+>"Privoxy is not working"</SPAN
+> instead, then
+ your browser didn't use <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> for the request,
+ hence it could not be intercepted, and you have accessed the <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>real</I
+></SPAN
+>
+ web site at config.privoxy.org.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="NEWADS"
+>4.4. How can I submit new ads, or report
+problems?</A
+></H3
+><P
+>Please see the <A
+HREF="contact.html"
+>Contact section</A
+> for
+various ways to interact with the developers.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="NEWADS2"
+>4.5. If I do submit missed ads, will 
+they be included in future updates?</A
+></H3
+><P
+> Whether such submissions are eventually included in the
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+> configuration file depends on how 
+ significant the issue is. We of course want to address any potential 
+ problem with major, high-profile sites such as <I
+CLASS="CITETITLE"
+>Google</I
+>, 
+ <I
+CLASS="CITETITLE"
+>Yahoo</I
+>, etc. Any site with global or regional reach, 
+ has a good chance of being a candidate. But at the other end of the spectrum
+ are any number of smaller, low-profile sites such as for local clubs or
+ schools. Since their reach and impact are much less, they are best handled by
+ inclusion in the user's <TT
+CLASS="FILENAME"
+>user.action</TT
+>, and thus would be
+ unlikely to be included. </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="NOONECARES"
+>4.6. Why doesn't anyone answer my support 
+request?</A
+></H3
+><P
+>Rest assured that it has been read and considered. Why it is not answered,
+could be for various reasons, including no one has a good answer for it, no
+one has had time to yet investigate it thoroughly, it has been reported
+numerous times already, or because not enough information was provided to help
+us help you. Your efforts are not wasted, and we do appreciate them.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="IP"
+>4.7. How can I hide my IP address?</A
+></H3
+><P
+> If you run both the browser and <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> locally, you cannot hide your IP
+ address with <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> or ultimately any other
+ software alone. The server needs to know your IP address so that it knows
+ where to send the responses back. </P
+><P
+> There are many publicly usable "anonymous" proxies out there, which
+ provide a further level of indirection between you and the web server.</P
+><P
+> However, these proxies are called "anonymous" because you don't need
+ to authenticate, not because they would offer any real anonymity.
+ Most of them will log your IP address and make it available to the
+ authorities in case you violate the law of the country they run in. In fact
+ you can't even rule out that some of them only exist to *collect* information
+ on (those suspicious) people with a more than average preference for privacy.</P
+><P
+> If you want to hide your IP address from most adversaries,
+ you should consider chaining <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ with <A
+HREF="https://www.torproject.org/"
+TARGET="_top"
+>Tor</A
+>.
+ The configuration details can be found in
+ <A
+HREF="#TOR"
+TARGET="_top"
+>How do I use <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> together
+ with <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+> section</A
+>
+ just below.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN794"
+>4.8. Can Privoxy guarantee I am anonymous?</A
+></H3
+><P
+> No. Your chances of remaining anonymous are improved, but unless you
+ <A
+HREF="#TOR"
+TARGET="_top"
+>chain <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> with <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+></A
+>
+ or a similar proxy and know what you're doing when it comes to configuring
+ the rest of your system, you should assume that everything you do
+ on the Web can be traced back to you.</P
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can remove various information about you,
+ and allows <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>you</I
+></SPAN
+> more freedom to decide which sites 
+ you can trust, and what details you want to reveal. But it neither 
+ hides your IP address, nor can it guarantee that the rest of the system
+ behaves correctly. There are several possibilities how a web sites can find
+ out who you are, even if you are using a strict <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ configuration and chained it with <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+>.</P
+><P
+> Most of <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> privacy-enhancing features can be easily subverted
+ by an insecure browser configuration, therefore you should use a browser that can
+ be configured to only execute code from trusted sites, and be careful which sites you trust.
+ For example there is no point in having <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ modify the User-Agent header, if websites can get all the information they want
+ through JavaScript, ActiveX, Flash, Java etc.</P
+><P
+> A few browsers disclose the user's email address in certain situations, such
+ as when transferring a file by FTP. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ does not filter FTP. If you need this feature, or are concerned about the
+ mail handler of your browser disclosing your email address, you might
+ consider products such as <SPAN
+CLASS="APPLICATION"
+>NSClean</SPAN
+>.</P
+><P
+> Browsers available only as binaries could use non-standard headers to give
+ out any information they can have access to: see the manufacturer's license
+ agreement. It's impossible to anticipate and prevent every breach of privacy
+ that might occur. The professionally paranoid prefer browsers available as
+ source code, because anticipating their behavior is easier. Trust the source,
+ Luke!</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN812"
+>4.9. A test site says I am not using a Proxy.</A
+></H3
+><P
+> Good! Actually, they are probably testing for some other kinds of proxies.
+ Hiding yourself completely would require additional steps.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="TOR"
+>4.10. How do I use Privoxy
+ together with Tor?</A
+></H3
+><P
+> Before you configure <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to use
+ <A
+HREF="https://www.torproject.org/"
+TARGET="_top"
+>Tor</A
+>,
+ please follow the <I
+CLASS="CITETITLE"
+>User Manual</I
+> chapters
+ <A
+HREF="../user-manual/installation.html"
+TARGET="_top"
+>2. Installation</A
+> and
+ <A
+HREF="../user-manual/startup.html"
+TARGET="_top"
+>5. Startup</A
+> to make sure
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> itself is setup correctly.</P
+><P
+> 
+ If it is, refer to <A
+HREF="https://www.torproject.org/documentation.html"
+TARGET="_top"
+>Tor's
+ extensive documentation</A
+> to learn how to install <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+>,
+ and make sure <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+>'s logfile says that
+ <SPAN
+CLASS="QUOTE"
+>"Tor has successfully opened a circuit"</SPAN
+> and it
+ <SPAN
+CLASS="QUOTE"
+>"looks like client functionality is working"</SPAN
+>.</P
+><P
+> If either <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+> or <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ isn't working, their combination most likely will neither. Testing them on their
+ own will also help you to direct problem reports to the right audience.
+ If <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> isn't working, don't bother the
+ <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+> developers. If <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+>
+ isn't working, don't send bug reports to the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> Team.</P
+><P
+> If you verified that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> and <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+>
+ are working, it is time to connect them. As far as <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ is concerned, <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+> is just another proxy that can be reached
+ by socks4 or socks4a. Most likely you are interested in <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+>
+ to increase your anonymity level, therefore you should use socks4a, to make sure DNS requests are
+ done through <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+> and thus invisible to your local network.</P
+><P
+> Since <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 3.0.5, its
+ <A
+HREF="../user-manual/config.html"
+TARGET="_top"
+>main configuration file</A
+>
+ is already prepared for <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+>, if you are using a
+ default <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+> configuration and run it on the same
+ system as <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, you just have to edit the
+ <A
+HREF="../user-manual/config.html#FORWARDING"
+TARGET="_top"
+>forwarding section</A
+>
+ and uncomment the line:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>#        forward-socks4a             /     127.0.0.1:9050 .
+ </PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> This is enough to reach the Internet, but additionally you might want to
+ uncomment the following forward rules, to make sure your local network is still
+ reachable through Privoxy:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>#        forward         192.168.*.*/     .
+#        forward            10.*.*.*/     .
+#        forward           127.*.*.*/     .
+ </PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Unencrypted connections to systems in these address ranges will
+ be as (un)secure as the local network is, but the alternative is
+ that your browser can't reach the network at all. Then again,
+ that may actually be desired and if you don't know for sure
+ that your browser has to be able to reach the local network,
+ there's no reason to allow it.</P
+><P
+> If you want your browser to be able to reach servers in your local
+ network by using their names, you will need additional exceptions
+ that look like this:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>#        forward           localhost/     .
+ </PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Save the modified configuration file and open
+ <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>http://config.privoxy.org/show-status/</A
+>
+ in your browser, confirm that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> has reloaded its configuration
+ and that there are no other forward lines, unless you know that you need them. If everything looks good,
+ refer to
+ <A
+HREF="https://wiki.torproject.org/noreply/TheOnionRouter/TorFAQ#IsMyConnectionPrivate"
+TARGET="_top"
+>Tor
+ Faq 4.2</A
+> to learn how to verify that you are really using <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+>.</P
+><P
+> Afterward, please take the time to at least skim through the rest
+ of <SPAN
+CLASS="APPLICATION"
+>Tor's</SPAN
+> documentation. Make sure you understand
+ what <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+> does, why it is no replacement for
+ application level security, and why you probably don't want to
+ use it for unencrypted logins.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN868"
+>4.11. Might some things break because header information or
+content is being altered?</A
+></H3
+><P
+> Definitely. It is common for sites to use browser type, browser version, 
+ HTTP header content, and various other techniques in order to dynamically
+ decide what to display and how to display it. What you see, and what I see,
+ might be very different. There are many, many ways that this can be handled,
+ so having hard and fast rules, is tricky.</P
+><P
+> The <SPAN
+CLASS="QUOTE"
+>"User-Agent"</SPAN
+> is sometimes used in this way to identify
+ the browser, and adjust content accordingly.</P
+><P
+> Also, different browsers use different encodings of non-English
+ characters, certain web servers convert pages on-the-fly according to the
+ User Agent header. Giving a <SPAN
+CLASS="QUOTE"
+>"User Agent"</SPAN
+> with the wrong
+ operating system or browser manufacturer causes some sites in these languages
+ to be garbled; Surfers to Eastern European sites should change it to
+ something closer. And then some page access counters work by looking at the
+ <SPAN
+CLASS="QUOTE"
+>"Referer"</SPAN
+> header; they may fail or break if unavailable. The
+ weather maps of Intellicast have been blocked by their server when no
+ <SPAN
+CLASS="QUOTE"
+>"Referer"</SPAN
+> or cookie is provided, is another example. (But you
+ can forge both headers without giving information away). There are
+ many other ways things can go wrong when trying to fool a web server. The
+ results of which could inadvertently cause pages to load incorrectly,
+ partially, or even not at all. And there may be no obvious clues as to just
+ what went wrong, or why. Nowhere will there be a message that says 
+ <SPAN
+CLASS="QUOTE"
+>"<SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Turn off <TT
+CLASS="LITERAL"
+>fast-redirects</TT
+> or else!</I
+></SPAN
+> 
+ "</SPAN
+></P
+><P
+> Similar thoughts apply to modifying JavaScript, and, to a lesser degree,
+ HTML elements.</P
+><P
+> If you have problems with a site, you will have to adjust your configuration 
+ accordingly. Cookies are probably the most likely adjustment that may 
+ be required, but by no means the only one.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN882"
+>4.12. Can Privoxy act as a <SPAN
+CLASS="QUOTE"
+>"caching"</SPAN
+> proxy to 
+speed up web browsing?</A
+></H3
+><P
+> No, it does not have this ability at all. You want something like 
+ <A
+HREF="http://www.squid-cache.org/"
+TARGET="_top"
+>Squid</A
+> or
+ <A
+HREF="http://www.pps.jussieu.fr/~jch/software/polipo/"
+TARGET="_top"
+>Polipo</A
+> for this.
+ And, yes, before you ask, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can co-exist 
+ with other kinds of proxies like <SPAN
+CLASS="APPLICATION"
+>Squid</SPAN
+>.
+ See the <A
+HREF="../user-manual/config.html#FORWARDING"
+TARGET="_top"
+>forwarding
+ chapter</A
+> in the <A
+HREF="../user-manual/index.html"
+TARGET="_top"
+>user
+ manual</A
+> for details.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN892"
+>4.13. What about as a firewall? Can Privoxy protect me?</A
+></H3
+><P
+> Not in the way you mean, or in the way some firewall vendors claim they can. 
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can help protect your privacy, but can't
+ protect your system from intrusion attempts. It is, of course, perfectly possible
+ to use <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>both</I
+></SPAN
+>.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN897"
+>4.14. I have large empty spaces / a checkerboard pattern now where
+ads used to be. Why?</A
+></H3
+><P
+> It is technically possible to eliminate banners and ads in a way that frees
+ their allocated page space. This could easily be done by blocking with 
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> filters,
+ and eliminating the <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>entire</I
+></SPAN
+> image references from the
+ HTML page source. </P
+><P
+> But, this would consume considerably more CPU resources (IOW, slow things
+ down), would likely destroy the layout of some web pages which rely on the
+ banners utilizing a certain amount of page space, and might fail in other
+ cases, where the screen space is reserved (e.g. by HTML tables for instance).
+ Also, making ads and banners disappear without any trace complicates
+ troubleshooting, and would sooner or later be problematic.</P
+><P
+> The better alternative is to instead let them stay, and block the resulting
+ requests for the banners themselves as is now the case. This leaves either
+ empty space, or the familiar checkerboard pattern.</P
+><P
+> So the developers won't support this in the default configuration, but you
+ can of course define appropriate filters yourself to achieve this.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN905"
+>4.15. How can Privoxy filter Secure (HTTPS) URLs?</A
+></H3
+><P
+> Since secure HTTP connections are encrypted SSL sessions between your browser
+ and the secure site, and are meant to be reliably <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>secure</I
+></SPAN
+>,
+ there is little that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can do but hand the raw
+ gibberish data though from one end to the other unprocessed.</P
+><P
+> The only exception to this is blocking by host patterns, as the client needs
+ to tell <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> the name of the remote server,
+ so that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can establish the connection.
+ If that name matches a host-only pattern, the connection will be blocked.</P
+><P
+> As far as ad blocking is concerned, this is less of a restriction than it may
+ seem, since ad sources are often identifiable by the host name, and often
+ the banners to be placed in an encrypted page come unencrypted nonetheless
+ for efficiency reasons, which exposes them to the full power of 
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>'s ad blocking.</P
+><P
+> <SPAN
+CLASS="QUOTE"
+>"Content cookies"</SPAN
+> (those that are embedded in the actual HTML or
+ JS page content, see <TT
+CLASS="LITERAL"
+><A
+HREF="../user-manual/actions-file.html#FILTER-CONTENT-COOKIES"
+TARGET="_top"
+>filter{content-cookies}</A
+></TT
+>), 
+ in an SSL transaction will be impossible to block under these conditions. 
+ Fortunately, this does not seem to be a very common scenario since most 
+ cookies come by traditional means.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN919"
+>4.16. Privoxy runs as a <SPAN
+CLASS="QUOTE"
+>"server"</SPAN
+>. How 
+secure is it? Do I need to take any special precautions?</A
+></H3
+><P
+> On Unix-like systems, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can run as a non-privileged 
+ user, which is how we recommend it be run. Also, by default
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> listens to requests from <SPAN
+CLASS="QUOTE"
+>"localhost"</SPAN
+>
+ only.</P
+><P
+> The server aspect of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is not itself directly 
+ exposed to the Internet in this configuration. If you want to have
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> serve as a LAN proxy, this will have to
+ be opened up to allow for LAN requests. In this case, we'd recommend
+ you specify only the LAN gateway address, e.g. 192.168.1.1, in the main 
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> configuration file and check all <A
+HREF="../user-manual/config.html#ACCESS-CONTROL"
+TARGET="_top"
+>access control and security
+ options</A
+>. All LAN hosts can then use this as their proxy address
+ in the browser proxy configuration, but <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ will not listen on any external interfaces. ACLs can be defined in addition,
+ and using a firewall is always good too. Better safe than sorry.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="TURNOFF"
+>4.17. Can I temporarily disable Privoxy?</A
+></H3
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> doesn't have a transparent proxy mode,
+ but you can toggle off blocking and content filtering.</P
+><P
+> The easiest way to do that is to point your browser
+ to the remote toggle URL: <A
+HREF="http://config.privoxy.org/toggle"
+TARGET="_top"
+>http://config.privoxy.org/toggle</A
+>.</P
+><P
+> See the <A
+HREF="../user-manual/appendix.html#BOOKMARKLETS"
+TARGET="_top"
+>Bookmarklets section</A
+> 
+ of the <I
+CLASS="CITETITLE"
+>User Manual</I
+> for an easy way to access this 
+ feature. Note that this is a feature that may need to be enabled in the main 
+ <TT
+CLASS="FILENAME"
+>config</TT
+> file.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="REALLYOFF"
+>4.18. When <SPAN
+CLASS="QUOTE"
+>"disabled"</SPAN
+> is Privoxy totally 
+out of the picture?</A
+></H3
+><P
+> No, this just means all optional filtering and actions are disabled.
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is still acting as a proxy, but just 
+ doing less of the things that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> would
+ normally be expected to do. It is still a <SPAN
+CLASS="QUOTE"
+>"middle-man"</SPAN
+> in 
+ the interaction between your browser and web sites. See below to bypass 
+ the proxy.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="TURNOFF2"
+>4.19. How can I tell Privoxy to totally ignore certain sites?</A
+></H3
+><P
+> Bypassing a proxy, or proxying based on arbitrary criteria, is purely a browser
+ configuration issue, not a <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> issue. Modern browsers typically do have
+ settings for not proxying certain sites. Check your browser's help files.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="CRUNCH"
+>4.20. My logs show Privoxy <SPAN
+CLASS="QUOTE"
+>"crunches"</SPAN
+> 
+ads, but also its own internal CGI pages. What is a <SPAN
+CLASS="QUOTE"
+>"crunch"</SPAN
+>?</A
+></H3
+><P
+> A <SPAN
+CLASS="QUOTE"
+>"crunch"</SPAN
+> simply means <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> intercepted 
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>something</I
+></SPAN
+>, nothing more. Often this is indeed ads or
+ banners, but <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> uses the same mechanism for
+ trapping requests for its own internal pages. For instance, a request for
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> configuration page at: <A
+HREF="http://config.privoxy.org"
+TARGET="_top"
+>http://config.privoxy.org</A
+>, is
+ intercepted (i.e. it does not go out to the 'net), and the familiar CGI
+ configuration is returned to the browser, and the log consequently will show
+ a <SPAN
+CLASS="QUOTE"
+>"crunch"</SPAN
+>.</P
+><P
+> Since version 3.0.7, Privoxy will also log the crunch reason.
+ If you are using an older version you might want to upgrade.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="DOWNLOADS"
+>4.21. Can Privoxy effect files that I download
+from a webserver? FTP server?</A
+></H3
+><P
+> From the webserver's perspective, there is no difference between
+ viewing a document (i.e. a page), and downloading a file. The same is true of
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>. If there is a match for a <TT
+CLASS="LITERAL"
+><A
+HREF="../user-manual/actions-file.html#BLOCK"
+TARGET="_top"
+>block</A
+></TT
+> pattern,
+ it will still be blocked, and of course this is obvious. 
+ </P
+><P
+> Filtering is potentially more of a concern since the results are not always
+ so obvious, and the effects of filtering are there whether the file is simply
+ viewed, or downloaded. And potentially whether the content is some obnoxious
+ advertisement, or Mr. Jimmy's latest/greatest source code jewel. Of course,
+ one of these presumably is <SPAN
+CLASS="QUOTE"
+>"bad"</SPAN
+> content that we don't want, and
+ the other is <SPAN
+CLASS="QUOTE"
+>"good"</SPAN
+> content that we do want.
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is blind to the differences, and can only
+ distinguish <SPAN
+CLASS="QUOTE"
+>"good from bad"</SPAN
+> by the configuration parameters
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>we</I
+></SPAN
+> give it.</P
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> knows the differences in files according
+ to the <SPAN
+CLASS="QUOTE"
+>"Content Type"</SPAN
+> as reported by the webserver. If this is
+ reported accurately (e.g. <SPAN
+CLASS="QUOTE"
+>"application/zip"</SPAN
+> for a zip archive),
+ then <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> knows to ignore these where
+ appropriate. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> potentially can filter HTML
+ as well as plain text documents, subject to configuration parameters of
+ course. Also, documents that are of an unknown type (generally assumed to be
+ <SPAN
+CLASS="QUOTE"
+>"text/plain"</SPAN
+>) can be filtered, as will those that might be
+ incorrectly reported by the webserver. If such a file is a downloaded file
+ that is intended to be saved to disk, then any content that might have been
+ altered by filtering, will be saved too, for these (probably rare) cases.</P
+><P
+> Note that versions later than 3.0.2 do NOT filter document types reported as 
+ <SPAN
+CLASS="QUOTE"
+>"text/plain"</SPAN
+>. Prior to this, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ did filter this document type.</P
+><P
+> In short, filtering is <SPAN
+CLASS="QUOTE"
+>"ON"</SPAN
+> if a) the content type as reported
+ by the webserver is appropriate <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>and</I
+></SPAN
+> b) the configuration
+ allows it (or at least does not disallow it). That's it. There is no magic
+ cookie anywhere to say this is <SPAN
+CLASS="QUOTE"
+>"good"</SPAN
+> and this is
+ <SPAN
+CLASS="QUOTE"
+>"bad"</SPAN
+>. It's the configuration that lets it all happen or not.</P
+><P
+> If you download text files, you probably do not want these to be filtered,
+ particularly if the content is source code, or other critical content. Source
+ code sometimes might be mistaken for Javascript (i.e. the kind that might
+ open a pop-up window). It is recommended to turn off filtering for download
+ sites (particularly if the content may be plain text files and you are using
+ version 3.0.2 or earlier) in your <TT
+CLASS="FILENAME"
+>user.action</TT
+> file. And
+ also, for any site or page where making <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>any</I
+></SPAN
+> changes at
+ all to the content is to be avoided.</P
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> does not do FTP at all, only HTTP 
+ and HTTPS (SSL) protocols.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="DOWNLOADS2"
+>4.22. I just downloaded a Perl script, and Privoxy
+altered it! Yikes, what is wrong!</A
+></H3
+><P
+> Please read above.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="HOSTSFILE"
+>4.23. Should I continue to use a <SPAN
+CLASS="QUOTE"
+>"HOSTS"</SPAN
+> file for ad-blocking?</A
+></H3
+><P
+> One time-tested technique to defeat common ads is to trick the local DNS
+ system by giving a phony IP address for the ad generator in the local 
+ <TT
+CLASS="FILENAME"
+>HOSTS</TT
+> file, typically using <TT
+CLASS="LITERAL"
+>127.0.0.1</TT
+>, aka 
+ <TT
+CLASS="LITERAL"
+>localhost</TT
+>. This effectively blocks the ad.</P
+><P
+> There is no reason to use this technique in conjunction with 
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ does essentially the same thing, much more elegantly and with much more 
+ flexibility. A large <TT
+CLASS="FILENAME"
+>HOSTS</TT
+> file, in fact, not only
+ duplicates effort, but may get in the way and seriously slow down your system.
+ It is recommended to remove such entries from your <TT
+CLASS="FILENAME"
+>HOSTS</TT
+> file. If you think 
+ your hosts list is neglected by <SPAN
+CLASS="APPLICATION"
+>Privoxy's </SPAN
+> 
+ configuration, consider adding your list to your <TT
+CLASS="FILENAME"
+>user.action</TT
+> file:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  { +block }
+   www.ad.example1.com
+   ad.example2.com
+   ads.galore.example.com
+   etc.example.com</PRE
+></TD
+></TR
+></TABLE
+></P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="SEEALSO"
+>4.24. Where can I find more information about Privoxy
+and related issues?</A
+></H3
+><P
+> Other references and sites of interest to <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ users:</P
+><P
+> <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.privoxy.org/"
+TARGET="_top"
+>http://www.privoxy.org/</A
+>, 
+   the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> Home page. 
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.privoxy.org/faq/"
+TARGET="_top"
+>http://www.privoxy.org/faq/</A
+>, 
+   the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> FAQ. 
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.privoxy.org/developer-manual/"
+TARGET="_top"
+>http://www.privoxy.org/developer-manual/</A
+>, 
+   the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> developer manual. 
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="https://sourceforge.net/projects/ijbswa/"
+TARGET="_top"
+>https://sourceforge.net/projects/ijbswa/</A
+>, 
+   the Project Page for <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> on 
+   <A
+HREF="http://sourceforge.net"
+TARGET="_top"
+>SourceForge</A
+>.
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://config.privoxy.org/"
+TARGET="_top"
+>http://config.privoxy.org/</A
+>,
+   the web-based user interface. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> must be
+   running for this to work. Shortcut: <A
+HREF="http://p.p/"
+TARGET="_top"
+>http://p.p/</A
+>
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="https://sourceforge.net/tracker/?group_id=11118&atid=460288"
+TARGET="_top"
+>https://sourceforge.net/tracker/?group_id=11118&atid=460288</A
+>, to submit <SPAN
+CLASS="QUOTE"
+>"misses"</SPAN
+> and other
+   configuration related suggestions to the developers. 
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ 
+ 
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.junkbusters.com/ht/en/cookies.html"
+TARGET="_top"
+>http://www.junkbusters.com/ht/en/cookies.html</A
+>,
+   an explanation how cookies are used to track web users.
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.junkbusters.com/ijb.html"
+TARGET="_top"
+>http://www.junkbusters.com/ijb.html</A
+>,
+   the original Internet Junkbuster.
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.squid-cache.org/"
+TARGET="_top"
+>http://www.squid-cache.org/</A
+>, a popular
+   caching proxy, which is often used together with <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>.
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.pps.jussieu.fr/~jch/software/polipo/"
+TARGET="_top"
+>http://www.pps.jussieu.fr/~jch/software/polipo/</A
+>,
+   <SPAN
+CLASS="APPLICATION"
+>Polipo</SPAN
+> is a caching proxy with advanced features
+   like pipelining, multiplexing and caching of partial instances. In many setups
+   it can be used as <SPAN
+CLASS="APPLICATION"
+>Squid</SPAN
+> replacement.
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="https://www.torproject.org/"
+TARGET="_top"
+>https://www.torproject.org/</A
+>, 
+   <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+> can help anonymize web browsing, 
+   web publishing, instant messaging, IRC, SSH, and other applications.
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="MICROSUCK"
+>4.25. I've noticed that Privoxy changes <SPAN
+CLASS="QUOTE"
+>"Microsoft"</SPAN
+> to 
+<SPAN
+CLASS="QUOTE"
+>"MicroSuck"</SPAN
+>! Why are you manipulating my browsing?</A
+></H3
+><P
+> We're not. The text substitutions that you are seeing are disabled
+ in the default configuration as shipped. You have either manually
+ activated the <SPAN
+CLASS="QUOTE"
+>"<TT
+CLASS="LITERAL"
+>fun</TT
+>"</SPAN
+> filter which
+ is clearly labeled <SPAN
+CLASS="QUOTE"
+>"Text replacements for subversive browsing
+ fun!"</SPAN
+> or you are using an older Privoxy version and have implicitly
+ activated it by choosing the <SPAN
+CLASS="QUOTE"
+>"Advanced"</SPAN
+> profile in the
+ web-based editor. Please upgrade.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="VALID"
+>4.26. Does Privoxy produce <SPAN
+CLASS="QUOTE"
+>"valid"</SPAN
+> HTML (or XHTML)?</A
+></H3
+><P
+> Privoxy generates HTML in both its own <SPAN
+CLASS="QUOTE"
+>"templates"</SPAN
+>, and possibly
+ whenever there are text substitutions via a <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> filter. While this
+ should always conform to the HTML 4.01 specifications, it has not been
+ validated against this or any other standard. </P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="configuration.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="trouble.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Configuration</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Troubleshooting</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/faq/trouble.html b/external/privoxy/doc/webserver/faq/trouble.html
new file mode 100644
index 0000000..8bc5b70
--- /dev/null
+++ b/external/privoxy/doc/webserver/faq/trouble.html
@@ -0,0 +1,1276 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Troubleshooting</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy Frequently Asked Questions"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Miscellaneous"
+HREF="misc.html"><LINK
+REL="NEXT"
+TITLE="Contacting the developers, Bug Reporting and Feature Requests"
+HREF="contact.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1"></HEAD
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy Frequently Asked Questions</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="misc.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="contact.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="TROUBLE"
+>5. Troubleshooting</A
+></H1
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN1084"
+>5.1. I cannot connect to any websites. Or, I am getting
+<SPAN
+CLASS="QUOTE"
+>"connection refused"</SPAN
+> message with every web page. Why?</A
+></H3
+><P
+> There are several possibilities:</P
+><P
+><P
+></P
+><UL
+><LI
+><P
+><SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is not running. Solution: verify 
+ that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is installed correctly, has not crashed, and is indeed running.
+ Turn on <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> logging, and look at the logs to see what they say.</P
+></LI
+><LI
+><P
+>Or your browser is configured for a different port than what
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is using. Solution: verify that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ and your browser are set to the same port (<TT
+CLASS="LITERAL"
+>listen-address</TT
+>).</P
+></LI
+><LI
+><P
+>Or if using a forwarding rule, you have a configuration problem or a
+ problem with a host in the forwarding chain. Solution: temporarily alter your
+ configuration and take the forwarders out of the equation.</P
+></LI
+><LI
+><P
+>  Or you have a firewall that is interfering and blocking you. Solution: 
+  try disabling or removing the firewall as a simple test.
+ </P
+></LI
+></UL
+></P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="ERROR503"
+>5.2. Why am I getting a 503 Error (WSAECONNREFUSED) on every page?</A
+></H3
+><P
+>  More than likely this is a problem with your TCP/IP networking. ZoneAlarm has
+  been reported to cause this symptom -- even if not running! The solution is
+  to either fight the ZA configuration, or uninstall ZoneAlarm, and then find
+  something better behaved in its place. Other personal firewall type products
+  may cause similar type problems if not configured correctly.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="AEN1107"
+>5.3. I just added a new rule, but the steenkin ad is 
+still getting through. How?</A
+></H3
+><P
+> If the ad had been displayed before you added its URL, it will probably be
+ held in the browser's cache for some time, so it will be displayed without
+ the need for any request to the server, and <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ will not be involved. Flush the browser's caches, and then try again.</P
+><P
+> If this doesn't help, you probably have an error in the rule you
+ applied. Try pasting the full URL of the offending ad into <A
+HREF="http://config.privoxy.org/show-url-info"
+TARGET="_top"
+>http://config.privoxy.org/show-url-info</A
+>
+ and see if it really matches your new rule. Blocking ads is like blocking
+ spam: a lot of tinkering is required to stay ahead of the game. And 
+ remember you need to block the URL of the ad in question, which may be 
+ entirely different from the site URL itself. Most ads are hosted on different
+ servers than the main site itself. If you right-click on the ad, you should
+ be able to get all the relevant information you need. Alternately, you can 
+ find the correct URL by looking at <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> logs
+ (you may need to enable logging in the main config file if its disabled).</P
+><P
+> Below is a slightly modified real-life log snippet that originates with one 
+ requested URL: <TT
+CLASS="LITERAL"
+>www.example.com</TT
+> (name of site was changed
+ for this example, the number of requests is real). You can see in this the
+ complexity of what goes into making up this one <SPAN
+CLASS="QUOTE"
+>"page"</SPAN
+>. There
+ are eight different domains involved here, with thirty two separate URLs
+ requested in all, making up all manner of images, Shockwave Flash,
+ JavaScript, CSS stylesheets, scripts, and other related content. Some of this
+ content is obviously <SPAN
+CLASS="QUOTE"
+>"good"</SPAN
+> or <SPAN
+CLASS="QUOTE"
+>"bad"</SPAN
+>, but not all.
+ Many of the more questionable looking requests, are going to outside domains
+ that seem to be identifying themselves with suspicious looking names, making
+ our job a little easier. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> has <SPAN
+CLASS="QUOTE"
+>"crunched"</SPAN
+> (meaning caught 
+ and BLOCKED) quite a few items in this example, but perhaps missed a few as well. </P
+><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>Request: www.example.com/
+Request: www.example.com/favicon.ico
+Request: img.example.com/main.css
+Request: img.example.com/sr.js
+Request: example.betamarker.com/example.html
+Request: www.lik-sang.com/Banners/bestsellers/skyscraper.php?likref=BSellers
+Request: img.example.com/pb.png
+Request: www.google-analytics.com/urchin.js crunch! (Blocked)
+Request: www.advertising-department.com/ats/switch.ps.php?26856 crunch! (Blocked)
+Request: img.example.com/p.gif
+Request: www.popuptraffic.com/assign.php?l=example&mode=behind crunch! (Blocked)
+Request: www.popuptraffic.com/scripts/popup.php?hid=5c3cf&tmpl=PBa.tmpl crunch! (Blocked)
+Request: www.popuptraffic.com/assign.php?l=example crunch! (Blocked)
+Request: www.lik-sang.com/Banners/best_sellers/best_sellers.css
+Request: www.adtrak.net/adx.js crunch! (Blocked)
+Request: img.example.com/hbg.gif
+Request: img.example.com/example.jpg
+Request: img.example.com/mt.png
+Request: img.example.com/mm.png
+Request: img.example.com/mb.png
+Request: www.popuptraffic.com/scripts/popup.php?hid=a71b91fa5&tmpl=Ua.tmp crunch! (Blocked)
+Request: www.example.com/tracker.js
+Request: www.lik-sang.com/Banners/best_sellers/lsi_head.gif
+Request: www.adtrak.net/adjs.php?n=020548130&what=zone:61 crunch! (Blocked)
+Request: www.adtrak.net/adjs.php?n=463594413&what=zone:58&source=Ua crunch! (Blocked)
+Request: www.lik-sang.com/Banners/best_sellers/bottomani.swf
+Request: mmm.elitemediagroup.net/install.php?allowpop=no&popupmincook=0&allowsp2=1 crunch! (Blocked)
+Request: www.example.com/tracker.js?screen=1400x1050&win=962x693
+Request: www.adtrak.net/adlog.php?bannerid=1309&clientid=439&zoneid=61 crunch! (Blocked)
+Request: 66.70.21.80/scripts/click.php?hid=5c3cf599a9efd0320d26&si
+Request: 66.70.21.80/img/pixel.gif
+Request: www.adtrak.net/adlog.php?bannerid=1309&clientid=439&zoneid=58&source=Ua&block=86400 crunch! (Blocked)
+Request: 66.70.21.80/scripts/click.php?hid=a71b9f6504b0c5681fa5&si=Ua</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Despite 12 out of 32 requests being blocked, the page looked, and seemed to
+ behave perfectly <SPAN
+CLASS="QUOTE"
+>"normal"</SPAN
+> (minus some ads, of course).</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="BADSITE"
+>5.4. One of my favorite sites does not work with Privoxy.
+What can I do?</A
+></H3
+><P
+> First verify that it is indeed a <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> problem, 
+ by toggling off <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> through <A
+HREF="http://config.privoxy.org/toggle"
+TARGET="_top"
+>http://config.privoxy.org/toggle</A
+>
+ (the toggle feature may need to be enabled in the main
+ <TT
+CLASS="FILENAME"
+>config</TT
+>),
+ and then shift-reloading the problem page (i.e. holding down the shift key
+ while clicking reload. Alternatively, flush your browser's disk and memory
+ caches).</P
+><P
+> If the problem went away, we know we have a configuration related problem.
+ Now go to <A
+HREF="http://config.privoxy.org/show-url-info"
+TARGET="_top"
+>http://config.privoxy.org/show-url-info</A
+>
+ and paste the full URL of the page in question into the prompt. See which
+ actions are being applied to the URL, and which matches in which actions
+ files are responsible for that. It might be helpful also to look at your logs
+ for this site too, to see what else might be happening (note: logging may need
+ to be enabled in the main config file). Many sites are
+ complex and require a number of related pages to help present their content.
+ Look at what else might be used by the page in question, and what of that
+ might be <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>required</I
+></SPAN
+>.
+ Now, armed with this information, go to
+ <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>http://config.privoxy.org/show-status</A
+>
+ and select the appropriate actions files for editing. </P
+><P
+> You can now either look for a section which disables the actions that
+ you suspect to cause the problem and add a pattern for your site there,
+ or make up a completely new section for your site. In any case, the recommended
+ way is to disable only the prime suspect, reload the problem page, and only
+ if the problem persists, disable more and more actions until you have
+ identified the culprit. You may or may not want to turn the other actions
+ on again. Remember to flush your browser's caches in between any such changes!</P
+><P
+> Alternately, if you are comfortable with a text editor, you can accomplish 
+ the same thing by editing the appropriate actions file. Probably the easiest 
+ way to deal with such problems when editing by hand is to add your
+ site to a <TT
+CLASS="LITERAL"
+>{ fragile }</TT
+> section in <TT
+CLASS="FILENAME"
+>user.action</TT
+>,
+ which is an alias that turns off most <SPAN
+CLASS="QUOTE"
+>"dangerous"</SPAN
+>
+ actions, but is also likely to turn off more actions then needed, and thus lower
+ your privacy and protection more than necessary, </P
+><P
+> Troubleshooting actions is discussed in more detail in the <A
+HREF="../user-manual/appendix.html#ACTIONSANAT"
+TARGET="_top"
+>User Manual appendix,
+ Troubleshooting: the Anatomy of an Action</A
+>.
+ There is also an <A
+HREF="../user-manual/actions-file.html#ACT-EXAMPLES"
+TARGET="_top"
+>actions tutorial</A
+>
+ with general configuration information and examples.</P
+><P
+> As a last resort, you can always see if your browser has a setting that will 
+ bypass the proxy setting for selective sites. Modern browsers can do this.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="DUN"
+>5.5. After installing Privoxy, I have to log in
+every time I start IE. What gives?</A
+></H3
+><P
+> This is a quirk that effects the installation of
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, in conjunction with Internet Explorer and
+ Internet Connection Sharing on Windows 2000 and Windows XP. The symptoms may
+ appear to be corrupted or invalid DUN settings, or passwords.</P
+><P
+> When setting up an NT based Windows system with
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> you may find that things do not seem to be
+ doing what you expect. When you set your system up you will probably have set
+ up Internet Connection Sharing (ICS) with Dial up Networking (DUN) when
+ logged in with administrator privileges. You will probably have made this DUN
+ connection available to other accounts that you may have set-up on your
+ system. E.g. Mum or Dad sets up the system and makes accounts suitably
+ configured for the kids.</P
+><P
+> When setting up <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> in this environment you
+ will have to alter the proxy set-up of Internet Explorer (IE) for the
+ specific DUN connection on which you wish to use
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>. When you do this the ICS DUN set-up
+ becomes user specific. In this instance you will see no difference if you
+ change the DUN connection under the account used to set-up the connection.
+ However when you do this from another user you will notice that the DUN
+ connection changes to make available to "Me only". You will also find that
+ you have to store the password under each different user!</P
+><P
+> The reason for this is that each user's set-up for IE is user specific. Each
+ set-up DUN connection and each LAN connection in IE store the settings for
+ each user individually. As such this enforces individual configurations
+ rather than common ones. Hence the first time you use a DUN connection after
+ re-booting your system it may not perform as you expect, and prompt you for 
+ the password. Just set and save the password again and all should be OK.</P
+><P
+>[Thanks to Ray Griffith for this submission.]</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="FTP"
+>5.6. I cannot connect to any FTP sites. Privoxy
+ is blocking me.</A
+></H3
+><P
+>  <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> cannot act as a proxy for FTP traffic, 
+  so do not configure your browser to use <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+  as an FTP proxy. The same is true for <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>any protocol other than HTTP
+  or HTTPS (SSL)</I
+></SPAN
+>. 
+ </P
+><P
+>  Most browsers understand FTP as well as HTTP. If you connect to a site, with
+  a URL like <TT
+CLASS="LITERAL"
+>ftp://ftp.example.com</TT
+>, your browser is making
+  an FTP connection, and not a HTTP connection. So while your browser may 
+  speak FTP, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> does not, and cannot proxy 
+  such traffic.
+ </P
+><P
+>  To complicate matters, some systems may have a generic <SPAN
+CLASS="QUOTE"
+>"proxy"</SPAN
+>
+  setting, which will enable various protocols, including
+  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>both</I
+></SPAN
+> HTTP and FTP proxying! So it is possible to
+  accidentally enable FTP proxying in these cases. And of course, if this
+  happens, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will indeed cause problems since
+  it does not know FTP. Newer version will give a sane error
+  message if a FTP connection is attempted. Just disable the FTP setting 
+  and all will be well again.
+ </P
+><P
+>  Will <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> ever proxy FTP traffic? Unlikely.
+  There just is not much reason, and the work to make this happen is more than
+  it may seem.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="MACOSXIE"
+>5.7. In Mac OS X, I can't configure Microsoft Internet Explorer to use 
+ Privoxy as the HTTP proxy.</A
+></H3
+><P
+>  Microsoft Internet Explorer (in versions like 5.1) respects system-wide
+  network settings.  In order to change the HTTP proxy, open System
+  Preferences, and click on the Network icon.  In the settings pane that
+  comes up, click on the Proxies tab.  Ensure the "Web Proxy (HTTP)" checkbox 
+  is checked and enter <TT
+CLASS="LITERAL"
+>127.0.0.1</TT
+> in the entry field.  
+  Enter <TT
+CLASS="LITERAL"
+>8118</TT
+> in the Port field.  The next time you start
+  IE, it should reflect these values.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="MACOSXUNINSTALL"
+>5.8. In Mac OS X, I dragged the Privoxy folder to the trash in order to 
+ uninstall it. Now the finder tells me I don't have sufficient privileges to
+ empty the trash.</A
+></H3
+><P
+> Note: This ONLY applies to privoxy 3.0.6 and earlier.
+ </P
+><P
+>  Just dragging the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> folder to the trash is
+  not enough to delete it. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> supplies an
+  <SPAN
+CLASS="APPLICATION"
+>uninstall.command</SPAN
+> file that takes care of
+  these details. Open the trash, drag the <SPAN
+CLASS="APPLICATION"
+>uninstall.command</SPAN
+>
+  file out of the trash and double-click on it. You will be prompted for
+  confirmation and the administration password.
+ </P
+><P
+>  The trash may still appear full after this command; emptying the trash 
+  from the desktop should make it appear empty again.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="MACOSXIMAGES"
+>5.9. In Mac OS X Panther (10.3), images often fail to load and/or I
+ experience random delays in page loading. I'm using
+ <TT
+CLASS="LITERAL"
+>localhost</TT
+> as my browser's proxy setting.</A
+></H3
+><P
+>  We believe this is due to an IPv6-related bug in Mac OS X, but don't fully
+  understand the issue yet. In any case, changing the proxy setting to 
+  <TT
+CLASS="LITERAL"
+>127.0.0.1</TT
+> instead of <TT
+CLASS="LITERAL"
+>localhost</TT
+>
+  works around the problem.
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="BLANKPAGE"
+>5.10. I get a completely blank page at one site. <SPAN
+CLASS="QUOTE"
+>"View Source"</SPAN
+>
+ shows only: <SPAN
+CLASS="MARKUP"
+><html><body></body></html></SPAN
+>. Without
+ Privoxy the page loads fine.</A
+></H3
+><P
+>  Chances are that the site suffers from a bug in
+  <A
+HREF="http://www.php.net/"
+TARGET="_top"
+><SPAN
+CLASS="APPLICATION"
+>PHP</SPAN
+></A
+>,
+  which results in empty pages being sent if the client explicitly requests
+  an uncompressed page, like <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> does.
+  This bug has been fixed in PHP 4.2.3.
+ </P
+><P
+>  To find out if this is in fact the source of the problem, try adding
+  the site to a <TT
+CLASS="LITERAL"
+>-prevent-compression</TT
+> section in
+  <TT
+CLASS="FILENAME"
+>user.action</TT
+>:
+ </P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>   # Make exceptions for ill-behaved sites:                                     
+   #                                                                    
+   {-prevent-compression}                                               
+    .example.com</PRE
+></TD
+></TR
+></TABLE
+><P
+>  If that works, you may also want to report the problem to the
+  site's webmasters, telling them to use zlib.output_compression
+  instead of ob_gzhandler in their PHP applications (workaround)
+  or upgrade to PHP 4.2.3 or later (fix).
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="NOHOSTNAME"
+>5.11. My logs show many <SPAN
+CLASS="QUOTE"
+>"Unable to get my own hostname"</SPAN
+> lines.
+Why?</A
+></H3
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> tries to get the hostname of the system
+ its running on from the IP address of the system interface it is bound to
+ (from the <TT
+CLASS="FILENAME"
+>config</TT
+> file
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>listen-address</I
+></SPAN
+> setting). If the system cannot supply
+ this information, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> logs this condition. </P
+><P
+> Typically, this would be considered a minor system configuration error. It is
+ not a fatal error to <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> however, but may
+ result in a much slower response from <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> on
+ some platforms due to DNS timeouts.</P
+><P
+> This can be caused by a problem with the local <TT
+CLASS="FILENAME"
+>hosts</TT
+>
+ file. If this file has been changed from the original, try reverting it to
+ see if that helps. Make sure whatever name(s) are used for the local system,
+ that they resolve both ways.</P
+><P
+> You should also be able to work around the problem with the
+ <A
+HREF="../user-manual/config.html#HOSTNAME"
+TARGET="_top"
+>hostname option</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="INUSE"
+>5.12. When I try to launch Privoxy, I get an 
+error message <SPAN
+CLASS="QUOTE"
+>"port 8118 is already in use"</SPAN
+> (or similar wording).
+Why?</A
+></H3
+><P
+> Port 8118 is <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> default TCP 
+ <SPAN
+CLASS="QUOTE"
+>"listening"</SPAN
+> port. Typically this message would mean that there
+ is already one instance of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> running, and
+ your system is actually trying to start a second
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> on the same port, which will not work.
+ (You can have multiple instances but they must be assigned different ports.)
+ How and why this might happen varies from platform to platform, but you need
+ to check your installation and start-up procedures.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="DEMORONIZER"
+>5.13. Pages with UTF-8 fonts are garbled.</A
+></H3
+><P
+> This is caused by the <SPAN
+CLASS="QUOTE"
+>"demoronizer"</SPAN
+> filter. You should either
+ upgrade <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, or at least upgrade to the most
+ recent <TT
+CLASS="FILENAME"
+>default.action</TT
+> file available from <A
+HREF="http://sourceforge.net/project/showfiles.php?group_id=11118"
+TARGET="_top"
+>SourceForge</A
+>.
+ Or you can simply disable the demoronizer filter.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="DEMORONIZER2"
+>5.14. Why are binary files (such as images) corrupted when Privoxy
+ is used?</A
+></H3
+><P
+> This may also be caused by the <SPAN
+CLASS="QUOTE"
+>"demoronizer"</SPAN
+> filter, 
+ in conjunction with a web server that is misreporting the content type. Binary 
+ files are exempted from <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> filtering
+ (unless the web server by mistake says the file is something else). Either
+ upgrade <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, or go to the most recent
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+> file available from <A
+HREF="http://sourceforge.net/project/showfiles.php?group_id=11118"
+TARGET="_top"
+>SourceForge</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="DEMORONIZER3"
+>5.15. What is the <SPAN
+CLASS="QUOTE"
+>"demoronizer"</SPAN
+> and why is it there?</A
+></H3
+><P
+> The original demoronizer was a Perl script that cleaned up HTML pages which 
+ were created with certain Microsoft products. MS has used proprietary extensions 
+ to standardized font encodings (ISO 8859-1), which has caused problems for pages
+ that are viewed with non-Microsoft products (and are expecting to see a
+ standard set of fonts). The demoronizer corrected these errors so the pages
+ displayed correctly. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> borrowed from this
+ script, introducing a filter based on the original demoronizer, which in turn could
+ correct these errors on the fly. </P
+><P
+> But this is only needed in some situations, and will cause serious problems in some 
+ other situations.</P
+><P
+> If you are using Microsoft products, you do not need it. If you need to view 
+ pages with UTF-8 characters (such as Cyrillic or Chinese), then it will 
+ cause corruption of the fonts, and thus <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>should not be on</I
+></SPAN
+>.</P
+><P
+> On the other hand, if you use non-Microsoft products, and you occasionally 
+ notice weird characters on pages, you might want to try it.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="WINDOWOPEN"
+>5.16. Why do I keep seeing <SPAN
+CLASS="QUOTE"
+>"PrivoxyWindowOpen()"</SPAN
+> in raw source code?</A
+></H3
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is attempting to disable malicious 
+  <A
+HREF="http://en.wikipedia.org/wiki/Javascript"
+TARGET="_top"
+>Javascript</A
+> 
+  in this case, with the <TT
+CLASS="LITERAL"
+>unsolicited-popups</TT
+>
+ filter. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> cannot tell very well 
+ <SPAN
+CLASS="QUOTE"
+>"good"</SPAN
+> code snippets from <SPAN
+CLASS="QUOTE"
+>"bad"</SPAN
+> code snippets.</P
+><P
+> If you see this in HTML source, and the page displays without problems, then 
+ this is good, and likely some pop-up window was disabled. If you see this 
+ where it is causing a problem, such as a downloaded program source code file, 
+ then you should set an exception for this site or page such that the
+ integrity of the page stays in tact by disabling all filtering.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="DNSERRORS"
+>5.17. I am getting too many DNS errors like <SPAN
+CLASS="QUOTE"
+>"404 No Such Domain"</SPAN
+>. Why
+ can't Privoxy do this better?</A
+></H3
+><P
+> There are potentially several factors here. First of all, the DNS resolution
+ is done by the underlying operating system -- not
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> itself. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ merely initiates the process and hands it off, and then later reports
+ whatever the outcome was and tries to give a coherent message if there seems
+ to be a problem. In some cases, this might otherwise be mitigated by the
+ browser itself which might try some work-arounds and alternate approaches (e.g
+ adding <SPAN
+CLASS="QUOTE"
+>"www."</SPAN
+> to the URL).</P
+><P
+> In other cases, if <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is being chained
+ with another proxy, this could complicate the issue, and cause undue
+ delays and timeouts. In the case of a <SPAN
+CLASS="QUOTE"
+>"socks4a"</SPAN
+> proxy, the socks
+ server handles all the DNS.  <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> would just be
+ the <SPAN
+CLASS="QUOTE"
+>"messenger"</SPAN
+> which is reporting whatever problem occurred
+ downstream, and not the root cause of the error.</P
+><P
+> In any case, versions newer than 3.0.3 include various improvements to help
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> better handle these cases.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="ALLCPU"
+>5.18. At one site Privoxy just hangs, and starts taking 
+ all CPU. Why is this?</A
+></H3
+><P
+> This is probably a manifestation of the <SPAN
+CLASS="QUOTE"
+>"100% cpu"</SPAN
+> problem that
+ occurs on pages containing many (thousands upon thousands) of blank lines. The blank lines 
+ are in the raw HTML source of the page, and the browser just ignores them. But the 
+ pattern matching in <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> page filtering
+ mechanism is trying to match against absurdly long strings and this becomes
+ very CPU-intensive, taking a long, long time to complete.</P
+><P
+> Until a better solution comes along, disable filtering on these pages,
+ particularly the <TT
+CLASS="LITERAL"
+>js-annoyances</TT
+> and
+ <TT
+CLASS="LITERAL"
+>unsolicited-popups</TT
+> filters. If you run into this problem
+ with a recent <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> version, please send a problem report.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="SLOWCRAWL"
+>5.19. I just installed Privoxy, and all my
+browsing has slowed to a crawl. What gives?</A
+></H3
+><P
+> This should not happen, and for the overwhelming number of users world-wide,
+ it does not happen. I would suspect some inadvertent interaction of software
+ components such as anti-virus software, spyware protectors, personal
+ firewalls or similar components. Try disabling (or uninstalling) these one
+ at a time and see if that helps. Either way, if you are using a
+ recent <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> version, please report the problem.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="PREVENTCOMP"
+>5.20. Why do my filters work on some sites but not on others?</A
+></H3
+><P
+> It's probably due to compression. It is a common practice for web servers to
+ send their content <SPAN
+CLASS="QUOTE"
+>"compressed"</SPAN
+> in order to speed things up, and
+ then let the browser <SPAN
+CLASS="QUOTE"
+>"uncompress"</SPAN
+> them. When compiled with zlib support
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can decompress content before filtering, otherwise you may want to enable
+<A
+HREF="../user-manual/actions-file.html#PREVENT-COMPRESSION"
+TARGET="_top"
+>prevent-compression</A
+>.</P
+><P
+> As of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 3.0.9, zlib support is enabled in the default builds.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="SSL-WARNINGS"
+>5.21. On some HTTPS sites my browser warns me about unauthenticated content,
+ the URL bar doesn't get highlighted and the lock symbol appears to be broken.
+ What's going on?</A
+></H3
+><P
+> Probably the browser is requesting ads through HTTPS and <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ is blocking the requests. Privoxy's error messages are delivered
+ unencrypted and while it's obvious for the browser that the HTTPS
+ request is already blocked by the proxy, some warn about unauthenticated
+ content anyway.</P
+><P
+> To work around the problem you can redirect those requests to an invalid
+ local address instead of blocking them. While the redirects aren't
+ encrypted either, many browsers don't care. They simply follow the
+ redirect, fail to reach a server and display an error message instead
+ of the ad.</P
+><P
+> To do that, enable logging to figure out which requests get blocked by
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> and add the hosts (no path patterns) to a section like this:</P
+><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>{+redirect{http://127.0.0.1:0/} -block -limit-connect}
+.ivwbox.de:443/</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Additionally you have to configure your browser to contact
+ <SPAN
+CLASS="QUOTE"
+>"127.0.0.1:0"</SPAN
+> directly (instead of through <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>).</P
+><P
+> To add a proxy exception in <SPAN
+CLASS="APPLICATION"
+>Mozilla Firefox</SPAN
+>
+ open the <SPAN
+CLASS="QUOTE"
+>"Preferences"</SPAN
+>, click the <SPAN
+CLASS="QUOTE"
+>"Settings"</SPAN
+>
+ button located on the <SPAN
+CLASS="QUOTE"
+>"Network"</SPAN
+> tab in the <SPAN
+CLASS="QUOTE"
+>"Advanced"</SPAN
+>
+ section, and add <SPAN
+CLASS="QUOTE"
+>"127.0.0.1:0"</SPAN
+> in the <SPAN
+CLASS="QUOTE"
+>"No Proxy for:"</SPAN
+>
+ field.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="SE-LINUX"
+>5.22. I get selinux error messages. How can I fix this?</A
+></H3
+><P
+> Please report the problem to the creator of your selinux policies.</P
+><P
+> The problem is that some selinux policy writers aren't familiar
+ with the application they are trying to <SPAN
+CLASS="QUOTE"
+>"secure"</SPAN
+> and
+ thus create policies that make no sense.</P
+><P
+> In <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> case the problem usually
+ is that the policy only allows outgoing connections for certain
+ destination ports (e.g. 80 and 443). While this may cover the
+ standard ports, websites occasionally use other ports as well.
+ This isn't a security problem and therefore <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+>
+ default configuration doesn't block these requests.</P
+><P
+> If you really want to block these ports (and don't be able
+ to load websites that don't use standard ports), you should
+ configure Privoxy to block these ports as well, so it doesn't
+ trigger the selinux warnings.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H3
+CLASS="SECT2"
+><A
+NAME="GENTOO-RICERS"
+>5.23. I compiled <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> with Gentoo's portage and it appears to be very slow. Why?</A
+></H3
+><P
+> Probably you unintentionally compiled <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> without threading support
+ in which case requests have to be serialized and only one can be served
+ at the same time.</P
+><P
+> Check your <SPAN
+CLASS="QUOTE"
+>"USE"</SPAN
+> flags and make sure they include
+ <SPAN
+CLASS="QUOTE"
+>"threads"</SPAN
+>. If they don't, add the flag and rebuild <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>.</P
+><P
+> If you compiled <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> with threading support (on POSIX-based systems),
+ the <SPAN
+CLASS="QUOTE"
+>"Conditional #defines"</SPAN
+> section on <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>http://config.privoxy.org/show-status</A
+>
+ will list <SPAN
+CLASS="QUOTE"
+>"FEATURE_PTHREAD"</SPAN
+> as <SPAN
+CLASS="QUOTE"
+>"enabled"</SPAN
+>. </P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="misc.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="contact.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Miscellaneous</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Contacting the developers, Bug Reporting and Feature Requests</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/images/files-in-use.jpg b/external/privoxy/doc/webserver/images/files-in-use.jpg
new file mode 100644
index 0000000..207b6f7
Binary files /dev/null and b/external/privoxy/doc/webserver/images/files-in-use.jpg differ
diff --git a/external/privoxy/doc/webserver/images/proxy_setup.jpg b/external/privoxy/doc/webserver/images/proxy_setup.jpg
new file mode 100644
index 0000000..9e80f97
Binary files /dev/null and b/external/privoxy/doc/webserver/images/proxy_setup.jpg differ
diff --git a/external/privoxy/doc/webserver/index.html b/external/privoxy/doc/webserver/index.html
new file mode 100644
index 0000000..3afc2d9
--- /dev/null
+++ b/external/privoxy/doc/webserver/index.html
@@ -0,0 +1,328 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Privoxy - Home Page</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><META
+NAME="KEYWORD"
+CONTENT="privoxy"><META
+NAME="KEYWORD"
+CONTENT="HTTP"><META
+NAME="KEYWORD"
+CONTENT="proxy"><META
+NAME="KEYWORD"
+CONTENT="privacy"><META
+NAME="KEYWORD"
+CONTENT="popups"><META
+NAME="KEYWORD"
+CONTENT="po-ups"><META
+NAME="KEYWORD"
+CONTENT="HTML"><META
+NAME="KEYWORD"
+CONTENT="JavaScript"><META
+NAME="KEYWORD"
+CONTENT="cleaning"><META
+NAME="KEYWORD"
+CONTENT="blocking"><META
+NAME="KEYWORD"
+CONTENT="cleaner"><META
+NAME="KEYWORD"
+CONTENT="blocker"><META
+NAME="KEYWORD"
+CONTENT="filter"><META
+NAME="KEYWORD"
+CONTENT="proxy"><META
+NAME="KEYWORD"
+CONTENT="junk"><META
+NAME="KEYWORD"
+CONTENT="ad"><META
+NAME="KEYWORD"
+CONTENT="advertisement"><META
+NAME="KEYWORD"
+CONTENT="banner"><META
+NAME="KEYWORD"
+CONTENT="webbugs"><META
+NAME="KEYWORD"
+CONTENT="web-bugs"><META
+NAME="KEYWORD"
+CONTENT="werbung"><META
+NAME="KEYWORD"
+CONTENT="junkbusters"><META
+NAME="KEYWORD"
+CONTENT="junkbuster"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
+<meta name="description" content="Privoxy helps users to protect their privacy.">
+<meta name="MSSmartTagsPreventParsing" content="TRUE"></HEAD
+><BODY
+CLASS="ARTICLE"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="ARTICLE"
+><DIV
+CLASS="TITLEPAGE"
+><H1
+CLASS="TITLE"
+><A
+NAME="AEN2"
+>Privoxy - Home Page</A
+></H1
+><DIV
+><DIV
+CLASS="ABSTRACT"
+><P
+></P
+><A
+NAME="AEN28"
+></A
+><P
+> Privoxy is a non-caching web proxy with advanced filtering capabilities
+ for enhancing privacy, modifying web page data and HTTP headers, controlling
+ access, and removing ads and other obnoxious Internet junk. Privoxy has a
+ flexible configuration and can be customized to suit individual needs and tastes.
+ It has application for both stand-alone systems and multi-user networks.</P
+><P
+> Privoxy is Free Software and licensed under the GPL2.</P
+><P
+> Privoxy is an associated project of Software in the Public Interest (SPI).
+ <A
+HREF="http://www.privoxy.org/faq/general.html#DONATE"
+TARGET="_top"
+>Donations are welcome</A
+>.</P
+><P
+>   The most recent release is <A
+HREF="announce.txt"
+TARGET="_top"
+>3.0.12 (stable)</A
+>. 
+  </P
+><P
+></P
+></DIV
+></DIV
+><HR></DIV
+><DIV
+CLASS="SECT1"
+><H3
+CLASS="SECT1"
+><A
+NAME="DOWNLOAD"
+>Download</A
+></H3
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>    <A
+HREF="https://sourceforge.net/project/showfiles.php?group_id=11118"
+TARGET="_top"
+>Download recent releases</A
+>
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="user-manual/quickstart.html"
+TARGET="_top"
+>Quickstart after installation</A
+>
+   </P
+></LI
+></UL
+></P
+></DIV
+><DIV
+CLASS="SECT1"
+><HR><H3
+CLASS="SECT1"
+><A
+NAME="DOCS"
+>Documentation</A
+></H3
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>    <A
+HREF="user-manual/index.html"
+TARGET="_top"
+>User manual</A
+>
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="faq/index.html"
+TARGET="_top"
+>Frequently Asked Questions</A
+>
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="developer-manual/index.html"
+TARGET="_top"
+>Developer Manual</A
+>
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="man-page/privoxy-man-page.html"
+TARGET="_top"
+>Classic Man Page</A
+>
+   </P
+></LI
+></UL
+></P
+></DIV
+><DIV
+CLASS="SECT1"
+><HR><H3
+CLASS="SECT1"
+><A
+NAME="MOREINFO"
+>More information</A
+></H3
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>    <A
+HREF="user-manual/contact.html"
+TARGET="_top"
+>Support & Service</A
+>
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="user-manual/copyright.html"
+TARGET="_top"
+>Copyright, License, History & Authors</A
+>
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="user-manual/introduction.html#FEATURES"
+TARGET="_top"
+>List of (new) Features</A
+>
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="https://sourceforge.net/projects/ijbswa/"
+TARGET="_top"
+>The project page</A
+>
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="user-manual/seealso.html"
+TARGET="_top"
+>Related links</A
+>
+   </P
+></LI
+><LI
+><P
+>    
+    
+    <A
+HREF="http://privoxy.org/team/index.html"
+TARGET="_top"
+>Pictures of the Privoxy Team</A
+>
+   </P
+></LI
+></UL
+></P
+></DIV
+><DIV
+CLASS="SECT1"
+><HR><H2
+CLASS="SECT1"
+><A
+NAME="AEN83"
+></A
+></H2
+><P
+><DIV
+CLASS="INFORMALTABLE"
+><P
+></P
+><A
+NAME="AEN86"
+></A
+><TABLE
+BORDER="0"
+FRAME="void"
+RULES="all"
+WIDTH="100%"
+CLASS="CALSTABLE"
+><COL
+WIDTH="100%"
+ALIGN="CENTER"
+TITLE="C1"><TBODY
+><TR
+><TD
+ALIGN="CENTER"
+>Privoxy is developed on:</TD
+></TR
+><TR
+><TD
+ALIGN="CENTER"
+>     <A
+HREF="http://sourceforge.net/"
+TARGET="_top"
+>      <IMG
+SRC="http://sourceforge.net/sflogo.php?group_id=11118&type=1&dummy=.gif">
+     </A
+>
+    </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+></DIV
+></P
+><P
+> <SUB
+>  Copyright © 2001-2009 by Privoxy Developers
+ </SUB
+></P
+></DIV
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/man-page/privoxy-man-page.html b/external/privoxy/doc/webserver/man-page/privoxy-man-page.html
new file mode 100644
index 0000000..91f045d
--- /dev/null
+++ b/external/privoxy/doc/webserver/man-page/privoxy-man-page.html
@@ -0,0 +1,294 @@
+
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<HTML><HEAD><TITLE>Man page of PRIVOXY</TITLE>
+<LINK REL="STYLESHEET" TYPE="text/css" HREF="../p_doc.css"></HEAD><BODY>
+<H1>PRIVOXY</H1>
+Section:  (1)<BR>Updated: 21 March 2009<BR><A HREF="#index">Index</A>
+<HR>
+
+<A NAME="lbAB"> </A>
+<H2>NAME</H2>
+
+privoxy - Privacy Enhancing Proxy
+<A NAME="lbAC"> </A>
+<H2>SYNOPSIS</H2>
+
+<P>
+<B>privoxy</B> [<B>--help</B> ] [<B>--version</B> ] [<B>--no-daemon</B> ] [<B>--pidfile </B><I>pidfile</I><B></B> ] [<B>--user </B><I>user[.group]</I><B></B> ] [<B>--chroot</B> ] [<B>--pre-chroot-nslookup </B><I>hostname</I><B></B> ] [<B></B><I>configfile</I><B></B> ]
+<P>
+<A NAME="lbAD"> </A>
+<H2>OPTIONS</H2>
+
+<P>
+
+<B>Privoxy</B> may be invoked with the following command line
+options:
+<DL COMPACT>
+<DT><B>--help</B><DD>
+Print brief usage info and exit.
+<DT><B>--version</B><DD>
+Print version info and exit.
+<DT><B>--no-daemon</B><DD>
+Don't  become  a daemon, i.e. don't fork and become process group
+leader, don't detach from controlling tty, and do all logging there.
+<DT><B>--pidfile </B><I>pidfile</I><B></B><DD>
+On startup, write the process ID to <I>pidfile</I>.
+Delete the <I>pidfile</I> on exit.
+Failure to create or delete the <I>pidfile</I>
+is non-fatal. If no <B>--pidfile</B> option is given, no PID file will be used.
+<DT><B>--user </B><I>user[.group]</I><B></B><DD>
+After (optionally) writing the PID file, assume the user ID of
+<I>user</I> and the GID of
+<I>group</I>, or, if the optional
+<I>group</I> was not given, the default group of
+<I>user</I>. Exit if the privileges are not
+sufficient to do so.
+<DT><B>--chroot</B><DD>
+Before changing to the user ID given in the --user option, chroot to
+that user's home directory, i.e. make the kernel pretend to the
+<B>Privoxy</B> process that the directory tree starts
+there. If set up carefully, this can limit the impact of possible
+vulnerabilities in <B>Privoxy</B> to the files contained in
+that hierarchy. 
+<DT><B>--pre-chroot-nslookup </B><I>hostname</I><B></B><DD>
+Initialize the resolver library using <I>hostname</I>
+before chroot'ing. On some systems this reduces the number of files
+that must be copied into the chroot tree.
+</DL>
+<P>
+
+If the <I>configfile</I> is not specified on  the  command  line,
+<B>Privoxy</B>  will  look for a file named
+<I>config</I> in the current directory. If no
+<I>configfile</I> is found, <B>Privoxy</B> will 
+fail to start.
+<A NAME="lbAE"> </A>
+<H2>DESCRIPTION</H2>
+
+<P>
+
+Privoxy is a non-caching web proxy with advanced filtering capabilities
+for enhancing privacy, modifying web page data and HTTP headers, controlling
+access, and removing ads and other obnoxious Internet junk. Privoxy has a
+flexible configuration and can be customized to suit individual needs and tastes.
+It has application for both stand-alone systems and multi-user networks.
+<P>
+
+Privoxy is Free Software and licensed under the GPL2.
+<A NAME="lbAF"> </A>
+<H2>INSTALLATION AND USAGE</H2>
+
+<P>
+
+Browsers can either be individually configured to use
+<B>Privoxy</B> as a HTTP proxy (recommended),
+or <B>Privoxy</B> can be combined with a packet
+filter to build an intercepting proxy
+(see <I>config</I>).  The default setting is  for
+localhost,  on port  8118 (configurable in the main config file).  To set the
+HTTP proxy in Firefox, go through: <B>Tools</B>; 
+<B>Options</B>; <B>General</B>;
+<B>Connection Settings</B>;
+<B>Manual Proxy Configuration</B>. 
+<P>
+
+For Internet Explorer, go through: <B>Tools</B>; 
+<B>Internet Properties</B>; <B>Connections</B>;
+<B>LAN Settings</B>. 
+<P>
+
+The Secure (SSL) Proxy should also be set to the same values, otherwise
+https: URLs will not be proxied. Note: <B>Privoxy</B> can only
+proxy HTTP and HTTPS traffic. Do not try it with FTP or other protocols.
+HTTPS presents some limitations, and not all features will work with HTTPS 
+connections.
+<P>
+
+For other browsers, check the documentation.
+<A NAME="lbAG"> </A>
+<H2>CONFIGURATION</H2>
+
+<P>
+
+<B>Privoxy</B> can be configured with the various configuration
+files. The default configuration files are: <I>config</I>,
+<I>default.filter</I>, <I>default.action</I> and
+<I>default.action</I>. <I>user.action</I> should 
+be used for locally defined exceptions to the default rules in
+<I>match-all.action</I> and <I>default.action</I>,
+and <I>user.filter</I> for locally defined filters. These are
+well commented.  On Unix and Unix-like systems, these are located in
+<I>/etc/privoxy/</I> by default. 
+<P>
+
+<B>Privoxy</B> uses the concept of <B>actions</B> 
+in order to manipulate the data stream between the browser and remote sites.
+There are various actions available with specific functions for such things 
+as blocking web sites, managing cookies, etc. These actions can be invoked
+individually or combined, and used against individual URLs, or groups of URLs 
+that can be defined using wildcards and regular expressions. The result is
+that the user has greatly enhanced control and freedom.
+<P>
+
+The actions list (ad blocks, etc) can also be configured with your
+web browser at <A HREF="http://config.privoxy.org/">http://config.privoxy.org/</A> 
+(assuming the configuration allows it).
+<B>Privoxy's</B> configuration parameters  can also  be viewed at
+the same page. In addition, <B>Privoxy</B> can be toggled on/off.
+This is an internal page, and does not require Internet access.
+<P>
+
+See the <I>User Manual</I> for a detailed
+explanation of installation, general usage, all configuration options, new
+features and notes on upgrading.
+<A NAME="lbAH"> </A>
+<H2>FILES</H2>
+
+<P>
+<PRE>
+ 
+ <I>/usr/sbin/privoxy</I>
+ <I>/etc/privoxy/config</I>
+ <I>/etc/privoxy/match-all.action</I>
+ <I>/etc/privoxy/default.action</I>
+ <I>/etc/privoxy/user.action</I>
+ <I>/etc/privoxy/default.filter</I>
+ <I>/etc/privoxy/user.filter</I>
+ <I>/etc/privoxy/trust</I>
+ <I>/etc/privoxy/templates/*</I>
+ <I>/var/log/privoxy/logfile</I>
+</PRE>
+
+<P>
+
+Various other files should be included, but may vary depending on platform
+and build configuration. Additional documentation should be included in the local
+documentation directory.
+<A NAME="lbAI"> </A>
+<H2>SIGNALS</H2>
+
+<P>
+
+<B>Privoxy</B> terminates on the <B>SIGINT</B>,
+<B>SIGTERM</B> and <B>SIGABRT</B> signals. Log
+rotation scripts may cause a re-opening of the logfile by sending a 
+<B>SIGHUP</B> to <B>Privoxy</B>. Note that unlike
+other daemons,  <B>Privoxy</B> does not need to be made aware of
+config file changes by <B>SIGHUP</B> -- it will detect them
+automatically. 
+<A NAME="lbAJ"> </A>
+<H2>NOTES</H2>
+
+<P>
+
+Please see the <I>User Manual</I> on how to contact the
+developers, for feature requests, reporting problems, and other questions.
+<A NAME="lbAK"> </A>
+<H2>SEE ALSO</H2>
+
+<P>
+
+Other references and sites of interest to <B>Privoxy</B>
+users:
+<P>
+
+<P>
+<A HREF="http://www.privoxy.org/">http://www.privoxy.org/,</A> 
+the <B>Privoxy</B> Home page. 
+<P>
+<A HREF="http://www.privoxy.org/faq/">http://www.privoxy.org/faq/,</A> 
+the <B>Privoxy</B> FAQ. 
+<P>
+<A HREF="http://www.privoxy.org/developer-manual/">http://www.privoxy.org/developer-manual/,</A> 
+the <B>Privoxy</B> developer manual. 
+<P>
+<A HREF="https://sourceforge.net/projects/ijbswa/">https://sourceforge.net/projects/ijbswa/,</A> 
+the Project Page for <B>Privoxy</B> on 
+SourceForge.
+<P>
+<A HREF="http://config.privoxy.org/">http://config.privoxy.org/,</A>
+the web-based user interface. <B>Privoxy</B> must be
+running for this to work. Shortcut: <A HREF="http://p.p/">http://p.p/</A>
+<P>
+<A HREF="https://sourceforge.net/tracker/?group_id=11118">https://sourceforge.net/tracker/?group_id=11118</A>&atid=460288, to submit ``misses'' and other
+configuration related suggestions to the developers. 
+<A NAME="lbAL"> </A>
+<H2>DEVELOPMENT TEAM</H2>
+
+<P>
+<PRE>
+ Fabian Keil, lead developer
+ David Schmidt, developer
+
+ Hal Burgiss
+ Mark Miller
+ Gerry Murphy
+ Lee Rian
+ Roland Rosenfeld
+ Jörg Strohmayer
+</PRE>
+
+<A NAME="lbAM"> </A>
+<H2>COPYRIGHT AND LICENSE</H2>
+
+<A NAME="lbAN"> </A>
+<H3>COPYRIGHT</H3>
+
+<P>
+
+Copyright (C) 2001-2009 by Privoxy Developers <<A HREF="mailto:ijbswa-developers at lists.sourceforge.net">ijbswa-developers at lists.sourceforge.net</A>>
+<P>
+
+Some source code is based on code Copyright (C) 1997 by Anonymous Coders
+and Junkbusters, Inc. and licensed under the <I>GNU General Public
+License</I>.
+<A NAME="lbAO"> </A>
+<H3>LICENSE</H3>
+
+<P>
+
+<B>Privoxy</B> is free software; you can
+redistribute it and/or modify it under the terms of the 
+<I>GNU General Public License</I>, version 2,
+as published by the Free Software Foundation.
+<P>
+
+This program is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+FITNESS FOR A PARTICULAR PURPOSE.  See the  <I>GNU General Public License</I> for details.
+<P>
+
+You should have received a copy of the <I>GNU GPL</I>
+along with this program; if not, write to the  Free Software
+Foundation, Inc. 51 Franklin Street, Fifth Floor
+Boston, MA 02110-1301
+USA 
+<P>
+
+<HR>
+<A NAME="index"> </A><H2>Index</H2>
+<DL>
+<DT><A HREF="#lbAB">NAME</A><DD>
+<DT><A HREF="#lbAC">SYNOPSIS</A><DD>
+<DT><A HREF="#lbAD">OPTIONS</A><DD>
+<DT><A HREF="#lbAE">DESCRIPTION</A><DD>
+<DT><A HREF="#lbAF">INSTALLATION AND USAGE</A><DD>
+<DT><A HREF="#lbAG">CONFIGURATION</A><DD>
+<DT><A HREF="#lbAH">FILES</A><DD>
+<DT><A HREF="#lbAI">SIGNALS</A><DD>
+<DT><A HREF="#lbAJ">NOTES</A><DD>
+<DT><A HREF="#lbAK">SEE ALSO</A><DD>
+<DT><A HREF="#lbAL">DEVELOPMENT TEAM</A><DD>
+<DT><A HREF="#lbAM">COPYRIGHT AND LICENSE</A><DD>
+<DL>
+<DT><A HREF="#lbAN">COPYRIGHT</A><DD>
+<DT><A HREF="#lbAO">LICENSE</A><DD>
+</DL>
+</DL>
+<HR>
+This document was created by
+man2html,
+using the manual pages.<BR>
+Time: 11:32:52 GMT, March 21, 2009
+</BODY>
+</HTML>
diff --git a/external/privoxy/doc/webserver/p_doc.css b/external/privoxy/doc/webserver/p_doc.css
new file mode 100644
index 0000000..212610d
--- /dev/null
+++ b/external/privoxy/doc/webserver/p_doc.css
@@ -0,0 +1,66 @@
+/*
+ * CSS for Privoxy documentation
+ *
+ * $Id: p_doc.css,v 1.5 2006/09/09 19:13:42 hal9 Exp $
+ */
+
+/*
+ * Global fonts, colors, margins:
+ */ 
+body,td,th { font-family: arial, helvetica, sans-serif; }
+body { margin: 4%; color: #000000; background-color: #eeeeee; }
+
+/*
+ * Headings hierarchy in terms of size and color:
+ */
+h1 { color: #4c000f; font-size: 160%; }
+h2 { color: #660014; font-size: 140%; }
+h3 { color: #820019; font-size: 120%; }
+h4 { color: #99001d; font-size: 110%; }
+
+/*
+ * Make headings stand out:
+ * Indent all content in chapters, by additional 2%,
+ * and then pull the headings back left.
+ */
+div.sect1 { margin-left: 2%; }
+h1,h2,h3,h4 {margin-left: -2%; }
+h1.title { margin-left: 0; }
+h2.subtitle { margin-left: 0; }
+
+/*
+ * Underlined links disturb the examples;
+ * Let them get darker instead of purple after visited.
+ */
+a { text-decoration: none; }
+a:link { color: #0c29ff; }
+a:visited { color: #071899; }
+
+/*
+ * Special highlighting:
+ * Code examples in embedded in the text flow become half-bold,
+ * Emphasis gets h4-red.
+ * Warnings get the same bg as in privoxy.css
+ */
+tt.literal { font-weight: 600; }
+i.emphasis { color: #99001d; }
+table.warning { border: 0; background-color: #ffdddd;}
+span.guibutton { 
+  white-space: nowrap;
+  width: auto;
+  padding: 2px;
+  background-color: #dddddd;
+  color:            #000000;
+  text-decoration: none;
+  border-top:    1px solid #ffffff;
+  border-left:   1px solid #ffffff;
+  border-bottom: 1px solid #000000;
+  border-right:  1px solid #000000;
+}
+
+/*
+ * Misc:
+ */
+ul { list-style-type: square; }
+/* Privoxy, of course */
+.application {font-weight: bold; font-size:105%; color: #99001d;}
diff --git a/external/privoxy/doc/webserver/p_feedback.css b/external/privoxy/doc/webserver/p_feedback.css
new file mode 100644
index 0000000..e0b70a7
--- /dev/null
+++ b/external/privoxy/doc/webserver/p_feedback.css
@@ -0,0 +1,9 @@
+/*
+ * Vary the gereneral Privoxy Stlyesheet to
+ * meet the needs of small popups:
+ *
+ * $Id: p_feedback.css,v 1.4 2002/04/09 13:03:42 oes Exp $
+ */
+body,td,th  { font-size:10px; }
+div.info    { width: 60%; }
+div.warning { width: 60%; text-align: left; } 
diff --git a/external/privoxy/doc/webserver/privoxy-index.html b/external/privoxy/doc/webserver/privoxy-index.html
new file mode 100644
index 0000000..22cec35
--- /dev/null
+++ b/external/privoxy/doc/webserver/privoxy-index.html
@@ -0,0 +1,283 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Privoxy - The Privacy Enhancing Proxy</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><META
+NAME="KEYWORD"
+CONTENT="privoxy"><META
+NAME="KEYWORD"
+CONTENT="HTTP"><META
+NAME="KEYWORD"
+CONTENT="proxy"><META
+NAME="KEYWORD"
+CONTENT="privacy"><META
+NAME="KEYWORD"
+CONTENT="popups"><META
+NAME="KEYWORD"
+CONTENT="po-ups"><META
+NAME="KEYWORD"
+CONTENT="HTML"><META
+NAME="KEYWORD"
+CONTENT="JavaScript"><META
+NAME="KEYWORD"
+CONTENT="cleaning"><META
+NAME="KEYWORD"
+CONTENT="blocking"><META
+NAME="KEYWORD"
+CONTENT="cleaner"><META
+NAME="KEYWORD"
+CONTENT="blocker"><META
+NAME="KEYWORD"
+CONTENT="filter"><META
+NAME="KEYWORD"
+CONTENT="proxy"><META
+NAME="KEYWORD"
+CONTENT="junk"><META
+NAME="KEYWORD"
+CONTENT="ad"><META
+NAME="KEYWORD"
+CONTENT="advertisement"><META
+NAME="KEYWORD"
+CONTENT="banner"><META
+NAME="KEYWORD"
+CONTENT="webbugs"><META
+NAME="KEYWORD"
+CONTENT="web-bugs"><META
+NAME="KEYWORD"
+CONTENT="werbung"><META
+NAME="KEYWORD"
+CONTENT="junkbusters"><META
+NAME="KEYWORD"
+CONTENT="junkbuster"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
+<meta name="description" content="Privoxy helps users to protect their privacy.">
+<meta name="MSSmartTagsPreventParsing" content="TRUE"></HEAD
+><BODY
+CLASS="ARTICLE"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="ARTICLE"
+><DIV
+CLASS="TITLEPAGE"
+><H1
+CLASS="TITLE"
+><A
+NAME="AEN2"
+>Privoxy - The Privacy Enhancing Proxy</A
+></H1
+><H2
+CLASS="SUBTITLE"
+>Project Index Page v3.0.12</H2
+><DIV
+><DIV
+CLASS="ABSTRACT"
+><P
+></P
+><A
+NAME="AEN29"
+></A
+><P
+> Privoxy is a non-caching web proxy with advanced filtering capabilities
+ for enhancing privacy, modifying web page data and HTTP headers, controlling
+ access, and removing ads and other obnoxious Internet junk. Privoxy has a
+ flexible configuration and can be customized to suit individual needs and tastes.
+ It has application for both stand-alone systems and multi-user networks.</P
+><P
+> Privoxy is Free Software and licensed under the GPL2.</P
+><P
+> Privoxy is an associated project of Software in the Public Interest (SPI).
+ <A
+HREF="http://www.privoxy.org/faq/general.html#DONATE"
+TARGET="_top"
+>Donations are welcome</A
+>.</P
+><P
+></P
+></DIV
+></DIV
+><HR></DIV
+><DIV
+CLASS="SECT1"
+><H3
+CLASS="SECT1"
+><A
+NAME="DOWNLOAD"
+>Download</A
+></H3
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>    <A
+HREF="https://sourceforge.net/project/showfiles.php?group_id=11118"
+TARGET="_top"
+>Download recent releases</A
+>
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="user-manual/quickstart.html"
+TARGET="_top"
+>Quickstart after installation</A
+>
+   </P
+></LI
+></UL
+></P
+></DIV
+><DIV
+CLASS="SECT1"
+><HR><H3
+CLASS="SECT1"
+><A
+NAME="DOCS"
+>Documentation</A
+></H3
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>    <A
+HREF="user-manual/index.html"
+TARGET="_top"
+>User manual</A
+>
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="faq/index.html"
+TARGET="_top"
+>Frequently Asked Questions</A
+>
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="developer-manual/index.html"
+TARGET="_top"
+>Developer Manual</A
+>
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="man-page/privoxy-man-page.html"
+TARGET="_top"
+>Classic Man Page</A
+>
+   </P
+></LI
+></UL
+></P
+></DIV
+><DIV
+CLASS="SECT1"
+><HR><H3
+CLASS="SECT1"
+><A
+NAME="MOREINFO"
+>More information</A
+></H3
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>    <A
+HREF="user-manual/contact.html"
+TARGET="_top"
+>Support & Service</A
+>
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="user-manual/copyright.html"
+TARGET="_top"
+>Copyright, License, History & Authors</A
+>
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="user-manual/introduction.html#FEATURES"
+TARGET="_top"
+>List of (new) Features</A
+>
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="https://sourceforge.net/projects/ijbswa/"
+TARGET="_top"
+>The project page</A
+>
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="user-manual/seealso.html"
+TARGET="_top"
+>Related links</A
+>
+   </P
+></LI
+><LI
+><P
+>    
+    
+    <A
+HREF="http://privoxy.org/team/index.html"
+TARGET="_top"
+>Pictures of the Privoxy Team</A
+>
+   </P
+></LI
+></UL
+></P
+></DIV
+><DIV
+CLASS="SECT1"
+><HR><H2
+CLASS="SECT1"
+><A
+NAME="AEN82"
+></A
+></H2
+><P
+> <SUB
+>  Copyright © 2001-2009 by Privoxy Developers
+ </SUB
+></P
+></DIV
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/privoxy.css b/external/privoxy/doc/webserver/privoxy.css
new file mode 100644
index 0000000..b08cc4d
--- /dev/null
+++ b/external/privoxy/doc/webserver/privoxy.css
@@ -0,0 +1,69 @@
+/*
+ * CSS for Privoxy CGI and script output
+ *
+ * $Id: privoxy.css,v 1.2 2002/04/09 11:55:20 oes Exp $
+ */
+
+/*
+ * General rules: Font, Color, Headings, Margins, Links
+ */
+body,td,th { font-family: arial, helvetica, helv, sans-serif; }
+body { background-color: #ffffff; color: #000000; }
+
+h1 { font-size: 140%; margin: 0px; }
+h2 { font-size: 120%; margin: 0px; }
+h3 { font-size: 110%; margin: 0px; }
+
+p,pre  { margin-left: 15px; }
+li { margin: 2px 15px; }
+dl { margin: 2px 15px; }
+
+a:link    { color: #0000dd; text-decoration: none; }
+a:visited { color: #330099; text-decoration: none; }
+a:active  { color: #3333ff; text-decoration: none; }
+
+/*
+ * Boxen as Table elements:
+ */
+td.title   { border: solid black 1px; background-color: #dddddd; }
+td.box     { border: solid black 1px; background-color: #eeeeee; }
+td.info    { border: solid black 1px; background-color: #ccccff; }
+td.warning { border: solid black 1px; background-color: #ffdddd; }
+
+/*
+ * Special Table Boxen: for nesting, naked container and for
+ * the Status field in CGI Output:
+ */
+td.wrapbox { border: solid black 1px; padding: 5px; }
+td.container { padding: 0px; }
+td.status  { border: solid black 1px; background-color: #ff0000; color: #ffffff; font-size: 300%; font-weight: bolder; }
+
+/*
+ * Same Boxen as <div>s:
+ */
+div.title    { border: solid black 1px; background-color: #dddddd; margin: 20px; padding: 20px; }
+div.box      { border: solid black 1px; background-color: #eeeeee; margin: 20px; padding: 20px; }
+div.info     { border: solid black 1px; background-color: #ccccff; margin: 20px; padding: 20px; }
+div.warning  { border: solid black 1px; background-color: #ffdddd; margin: 20px; padding: 20px; }
+div.wrapbox  { border: solid black 1px;                            margin: 20px; padding:  5px; }
+
+
+/*
+ * Bold definitions in <dl>s, Grey BG for Table headings
+ */
+dt { font-weight: bold; }
+th { background-color: #dddddd; }
+
+/*
+ * Special purpose paragraphs: Small for page footers,
+ * Important for quoting wrong or dangerous examples,
+ * Whiteframed for the toggle?mini=y CGI
+ */
+p.small { font-size: 10px; margin: 0px; }
+p.important { border: solid black 1px; background-color: #ffdddd; font-weight: bold; padding: 2px; }
+p.whiteframed { margin: 5px; padding: 5px; border: solid black 1px; text-align: center; background-color: #eeeeee; }
+
+/*
+ * Special red emphasis:
+ */
+em.warning { color: #ff0000 }
diff --git a/external/privoxy/doc/webserver/robots.txt b/external/privoxy/doc/webserver/robots.txt
new file mode 100644
index 0000000..a9941db
--- /dev/null
+++ b/external/privoxy/doc/webserver/robots.txt
@@ -0,0 +1,17 @@
+# This is the Privoxy web site.
+#
+# If the robot is connecting through Privoxy, then the
+# control interface is at /config.   It isn't very useful
+# to index it, and you're likely to break stuff.  So go away!
+#
+# Even if you're not connected through Privoxy, the 
+# one "Privoxy is not working" page there is not very
+# interesting.
+
+User-agent: *
+Disallow: /config/
+Disallow: /actions/
+Disallow: /submit/
+
+
+
diff --git a/external/privoxy/doc/webserver/team/01stefanw.jpg b/external/privoxy/doc/webserver/team/01stefanw.jpg
new file mode 100644
index 0000000..920dece
Binary files /dev/null and b/external/privoxy/doc/webserver/team/01stefanw.jpg differ
diff --git a/external/privoxy/doc/webserver/team/01stefanw_t.jpg b/external/privoxy/doc/webserver/team/01stefanw_t.jpg
new file mode 100644
index 0000000..5a90642
Binary files /dev/null and b/external/privoxy/doc/webserver/team/01stefanw_t.jpg differ
diff --git a/external/privoxy/doc/webserver/team/02jon.jpg b/external/privoxy/doc/webserver/team/02jon.jpg
new file mode 100644
index 0000000..136b2dd
Binary files /dev/null and b/external/privoxy/doc/webserver/team/02jon.jpg differ
diff --git a/external/privoxy/doc/webserver/team/02jon_t.jpg b/external/privoxy/doc/webserver/team/02jon_t.jpg
new file mode 100644
index 0000000..32e470b
Binary files /dev/null and b/external/privoxy/doc/webserver/team/02jon_t.jpg differ
diff --git a/external/privoxy/doc/webserver/team/03andreas.jpg b/external/privoxy/doc/webserver/team/03andreas.jpg
new file mode 100644
index 0000000..78dc102
Binary files /dev/null and b/external/privoxy/doc/webserver/team/03andreas.jpg differ
diff --git a/external/privoxy/doc/webserver/team/03andreas_t.jpg b/external/privoxy/doc/webserver/team/03andreas_t.jpg
new file mode 100644
index 0000000..e23f580
Binary files /dev/null and b/external/privoxy/doc/webserver/team/03andreas_t.jpg differ
diff --git a/external/privoxy/doc/webserver/team/04rodney.jpg b/external/privoxy/doc/webserver/team/04rodney.jpg
new file mode 100644
index 0000000..bb4e02d
Binary files /dev/null and b/external/privoxy/doc/webserver/team/04rodney.jpg differ
diff --git a/external/privoxy/doc/webserver/team/04rodney_t.jpg b/external/privoxy/doc/webserver/team/04rodney_t.jpg
new file mode 100644
index 0000000..bba4f15
Binary files /dev/null and b/external/privoxy/doc/webserver/team/04rodney_t.jpg differ
diff --git a/external/privoxy/doc/webserver/team/05david.jpg b/external/privoxy/doc/webserver/team/05david.jpg
new file mode 100644
index 0000000..429723f
Binary files /dev/null and b/external/privoxy/doc/webserver/team/05david.jpg differ
diff --git a/external/privoxy/doc/webserver/team/05david_t.jpg b/external/privoxy/doc/webserver/team/05david_t.jpg
new file mode 100644
index 0000000..c04aa55
Binary files /dev/null and b/external/privoxy/doc/webserver/team/05david_t.jpg differ
diff --git a/external/privoxy/doc/webserver/team/05member.jpg b/external/privoxy/doc/webserver/team/05member.jpg
new file mode 100644
index 0000000..97042aa
Binary files /dev/null and b/external/privoxy/doc/webserver/team/05member.jpg differ
diff --git a/external/privoxy/doc/webserver/team/05member_t.jpg b/external/privoxy/doc/webserver/team/05member_t.jpg
new file mode 100644
index 0000000..c9ffd9b
Binary files /dev/null and b/external/privoxy/doc/webserver/team/05member_t.jpg differ
diff --git a/external/privoxy/doc/webserver/team/06member.jpg b/external/privoxy/doc/webserver/team/06member.jpg
new file mode 100644
index 0000000..97042aa
Binary files /dev/null and b/external/privoxy/doc/webserver/team/06member.jpg differ
diff --git a/external/privoxy/doc/webserver/team/06member_t.jpg b/external/privoxy/doc/webserver/team/06member_t.jpg
new file mode 100644
index 0000000..c9ffd9b
Binary files /dev/null and b/external/privoxy/doc/webserver/team/06member_t.jpg differ
diff --git a/external/privoxy/doc/webserver/team/07member.jpg b/external/privoxy/doc/webserver/team/07member.jpg
new file mode 100644
index 0000000..97042aa
Binary files /dev/null and b/external/privoxy/doc/webserver/team/07member.jpg differ
diff --git a/external/privoxy/doc/webserver/team/07member_t.jpg b/external/privoxy/doc/webserver/team/07member_t.jpg
new file mode 100644
index 0000000..c9ffd9b
Binary files /dev/null and b/external/privoxy/doc/webserver/team/07member_t.jpg differ
diff --git a/external/privoxy/doc/webserver/team/08member.jpg b/external/privoxy/doc/webserver/team/08member.jpg
new file mode 100644
index 0000000..97042aa
Binary files /dev/null and b/external/privoxy/doc/webserver/team/08member.jpg differ
diff --git a/external/privoxy/doc/webserver/team/08member_t.jpg b/external/privoxy/doc/webserver/team/08member_t.jpg
new file mode 100644
index 0000000..c9ffd9b
Binary files /dev/null and b/external/privoxy/doc/webserver/team/08member_t.jpg differ
diff --git a/external/privoxy/doc/webserver/team/20member.jpg b/external/privoxy/doc/webserver/team/20member.jpg
new file mode 100644
index 0000000..97042aa
Binary files /dev/null and b/external/privoxy/doc/webserver/team/20member.jpg differ
diff --git a/external/privoxy/doc/webserver/team/20member_t.jpg b/external/privoxy/doc/webserver/team/20member_t.jpg
new file mode 100644
index 0000000..c9ffd9b
Binary files /dev/null and b/external/privoxy/doc/webserver/team/20member_t.jpg differ
diff --git a/external/privoxy/doc/webserver/team/index.html b/external/privoxy/doc/webserver/team/index.html
new file mode 100644
index 0000000..2903bcf
--- /dev/null
+++ b/external/privoxy/doc/webserver/team/index.html
@@ -0,0 +1,26 @@
+<html>
+ <head>
+  <meta http-equiv="Content-Type"content="text/html; charset=iso-8859-1">
+  <title>Privoxy - Team Photos</title>
+  <link rel="stylesheet" type="text/css" href="../p_doc.css">
+ </head>
+ <body>
+  <h1 style="margin-left: 0%">Privoxy - Team Photos</h1>
+  <hr>
+  <p>In our day jobs, we're all models ;-)</p>
+  <table align="center">
+   <tr>
+    <td><a href="01stefanw.jpg"><img src="01stefanw_t.jpg"  width="80" height="80" border="0" title="Stefan Waldherr"></a></td>
+    <td><a href="02jon.jpg"><img src="02jon_t.jpg"  width="80" height="80" border="0" title="Jon Foster"></a></td>
+    <td><a href="03andreas.jpg"><img src="03andreas_t.jpg"  width="80" height="80" border="0" title="Andreas Oesterhelt"></a></td>
+    <td><a href="04rodney.jpg"><img src="04rodney_t.jpg"  width="80" height="80" border="0" title="Rodney Stromlund"></a></td>
+   </tr>
+   <tr>
+    <td><a href="05david.jpg"><img src="05david_t.jpg"  width="80" height="80" border="0" title="David Schmidt"></a></td>
+    <td><a href="06member.jpg"><img src="06member_t.jpg"  width="80" height="80" border="0" title="N/A"></a></td>
+    <td><a href="07member.jpg"><img src="07member_t.jpg"  width="80" height="80" border="0" title="N/A"></a></td>
+    <td><a href="08member.jpg"><img src="08member_t.jpg"  width="80" height="80" border="0" title="N/A"></a></td>
+   </tr>
+  </table>
+ </body>
+</html>
diff --git a/external/privoxy/doc/webserver/user-manual/actions-file.html b/external/privoxy/doc/webserver/user-manual/actions-file.html
new file mode 100644
index 0000000..be87aa7
--- /dev/null
+++ b/external/privoxy/doc/webserver/user-manual/actions-file.html
@@ -0,0 +1,8214 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Actions Files</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy 3.0.12 User Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="The Main Configuration File"
+HREF="config.html"><LINK
+REL="NEXT"
+TITLE="Filter Files"
+HREF="filter-file.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
+<LINK REL="STYLESHEET" TYPE="text/css" HREF="p_doc.css">
+</head
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy 3.0.12 User Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="config.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="filter-file.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="ACTIONS-FILE"
+>8. Actions Files</A
+></H1
+><P
+> The actions files are used to define what <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>actions</I
+></SPAN
+>
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> takes for which URLs, and thus determines
+ how ad images, cookies and various other aspects of HTTP content and
+ transactions are handled, and on which sites (or even parts thereof). 
+ There are a number of such actions, with a wide range of functionality.
+ Each action does something a little different.
+ These actions give us a veritable arsenal of tools with which to exert 
+ our control, preferences and independence. Actions can be combined so that 
+ their effects are aggregated when applied against a given set of URLs.</P
+><P
+> There 
+ are three action files included with <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> with
+ differing purposes:</P
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>    <TT
+CLASS="FILENAME"
+>match-all.action</TT
+> - is used to define which
+    <SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+> relating to banner-blocking, images, pop-ups,
+    content modification, cookie handling etc should be applied by default.
+    It should be the first actions file loaded
+   </P
+></LI
+><LI
+><P
+>    <TT
+CLASS="FILENAME"
+>default.action</TT
+> - defines many exceptions (both
+    positive and negative) from the default set of actions that's configured
+    in <TT
+CLASS="FILENAME"
+>match-all.action</TT
+>. It is a set of rules that should
+    work reasonably well as-is for most users. This file is only supposed to
+    be edited by the developers. It should be the second actions file loaded.
+   </P
+></LI
+><LI
+><P
+>    <TT
+CLASS="FILENAME"
+>user.action</TT
+> - is intended to be for local site 
+    preferences and exceptions. As an example, if your ISP or your bank
+    has specific requirements, and need special handling, this kind of 
+    thing should go here. This file will not be upgraded.
+   </P
+></LI
+><LI
+><P
+>    <SPAN
+CLASS="GUIBUTTON"
+>Edit</SPAN
+>  <SPAN
+CLASS="GUIBUTTON"
+>Set to Cautious</SPAN
+> <SPAN
+CLASS="GUIBUTTON"
+>Set to Medium</SPAN
+>  <SPAN
+CLASS="GUIBUTTON"
+>Set to Advanced</SPAN
+>
+   </P
+><P
+>    These have increasing levels of aggressiveness <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>and have no
+    influence on your browsing unless you select them explicitly in the
+    editor</I
+></SPAN
+>. A default installation should be pre-set to 
+    <TT
+CLASS="LITERAL"
+>Cautious</TT
+>. New users should try this for a while before
+    adjusting the settings to more aggressive levels. The more aggressive 
+    the settings, then the more likelihood there is of problems such as sites 
+    not working as they should.
+   </P
+><P
+>    The <SPAN
+CLASS="GUIBUTTON"
+>Edit</SPAN
+> button allows you to turn each 
+    action on/off individually for fine-tuning. The <SPAN
+CLASS="GUIBUTTON"
+>Cautious</SPAN
+>
+    button changes the actions list to low/safe settings which will activate 
+    ad blocking and a minimal set of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>'s features, and subsequently
+    there will be less of a chance for accidental problems. The
+    <SPAN
+CLASS="GUIBUTTON"
+>Medium</SPAN
+> button sets the list to a medium level of
+    other features and a low level set of privacy features. The
+    <SPAN
+CLASS="GUIBUTTON"
+>Advanced</SPAN
+> button sets the list to a high level of
+    ad blocking and medium level of privacy. See the chart below. The latter
+    three buttons over-ride any changes via with the
+    <SPAN
+CLASS="GUIBUTTON"
+>Edit</SPAN
+> button. More fine-tuning can be done in the
+    lower sections of this internal page.
+   </P
+><P
+>    While the actions file editor allows to enable these settings in all
+    actions files, they are only supposed to be enabled in the first one
+    to make sure you don't unintentionally overrule earlier rules.
+   </P
+><P
+>    The default profiles, and their associated actions, as pre-defined in
+    <TT
+CLASS="FILENAME"
+>default.action</TT
+> are:
+   </P
+><P
+>    <DIV
+CLASS="TABLE"
+><A
+NAME="AEN2189"
+></A
+><P
+><B
+>Table 1. Default Configurations</B
+></P
+><TABLE
+BORDER="1"
+FRAME="border"
+RULES="all"
+CLASS="CALSTABLE"
+><COL
+WIDTH="1*"
+TITLE="C1"><COL
+WIDTH="1*"
+TITLE="C2"><COL
+WIDTH="1*"
+TITLE="C3"><COL
+WIDTH="1*"
+TITLE="C4"><THEAD
+><TR
+><TH
+>Feature</TH
+><TH
+>Cautious</TH
+><TH
+>Medium</TH
+><TH
+>Advanced</TH
+></TR
+></THEAD
+><TBODY
+><TR
+><TD
+>Ad-blocking Aggressiveness</TD
+><TD
+>medium</TD
+><TD
+>high</TD
+><TD
+>high</TD
+></TR
+><TR
+><TD
+>Ad-filtering by size</TD
+><TD
+>no</TD
+><TD
+>yes</TD
+><TD
+>yes</TD
+></TR
+><TR
+><TD
+>Ad-filtering by link</TD
+><TD
+>no</TD
+><TD
+>no</TD
+><TD
+>yes</TD
+></TR
+><TR
+><TD
+>Pop-up killing</TD
+><TD
+>blocks only</TD
+><TD
+>blocks only</TD
+><TD
+>blocks only</TD
+></TR
+><TR
+><TD
+>Privacy Features</TD
+><TD
+>low</TD
+><TD
+>medium</TD
+><TD
+>medium/high</TD
+></TR
+><TR
+><TD
+>Cookie handling</TD
+><TD
+>none</TD
+><TD
+>session-only</TD
+><TD
+>kill</TD
+></TR
+><TR
+><TD
+>Referer forging</TD
+><TD
+>no</TD
+><TD
+>yes</TD
+><TD
+>yes</TD
+></TR
+><TR
+><TD
+>GIF de-animation</TD
+><TD
+>no</TD
+><TD
+>yes</TD
+><TD
+>yes</TD
+></TR
+><TR
+><TD
+>Fast redirects</TD
+><TD
+>no</TD
+><TD
+>no</TD
+><TD
+>yes</TD
+></TR
+><TR
+><TD
+>HTML taming</TD
+><TD
+>no</TD
+><TD
+>no</TD
+><TD
+>yes</TD
+></TR
+><TR
+><TD
+>JavaScript taming</TD
+><TD
+>no</TD
+><TD
+>no</TD
+><TD
+>yes</TD
+></TR
+><TR
+><TD
+>Web-bug killing</TD
+><TD
+>no</TD
+><TD
+>yes</TD
+><TD
+>yes</TD
+></TR
+><TR
+><TD
+>Image tag reordering</TD
+><TD
+>no</TD
+><TD
+>yes</TD
+><TD
+>yes</TD
+></TR
+></TBODY
+></TABLE
+></DIV
+>
+    </P
+></LI
+></UL
+></P
+><P
+> The list of actions files to be used are defined in the main configuration 
+ file, and are processed in the order they are defined (e.g.
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+> is typically processed before
+ <TT
+CLASS="FILENAME"
+>user.action</TT
+>). The content of these can all be viewed and
+ edited from <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>http://config.privoxy.org/show-status</A
+>.
+ The over-riding principle when applying actions, is that the last action that
+ matches a given URL wins. The broadest, most general rules go first
+ (defined in <TT
+CLASS="FILENAME"
+>default.action</TT
+>),
+ followed by any exceptions (typically also in
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+>), which are then followed lastly by any
+ local preferences (typically in <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>user</I
+></SPAN
+><TT
+CLASS="FILENAME"
+>.action</TT
+>). 
+ Generally, <TT
+CLASS="FILENAME"
+>user.action</TT
+> has the last word.
+ </P
+><P
+> An actions file typically has multiple sections. If you want to use
+ <SPAN
+CLASS="QUOTE"
+>"aliases"</SPAN
+> in an actions file, you have to place the (optional)
+ <A
+HREF="actions-file.html#ALIASES"
+>alias section</A
+> at the top of that file.
+ Then comes the default set of rules which will apply universally to all
+ sites and pages (be <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>very careful</I
+></SPAN
+> with using such a
+ universal set in <TT
+CLASS="FILENAME"
+>user.action</TT
+> or any other actions file after 
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+>, because it will override the result
+ from consulting any previous file). And then below that,
+ exceptions to the defined universal policies. You can regard
+ <TT
+CLASS="FILENAME"
+>user.action</TT
+> as an appendix to <TT
+CLASS="FILENAME"
+>default.action</TT
+>,
+ with the advantage that it is a separate file, which makes preserving your
+ personal settings across <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> upgrades easier.</P
+><P
+> 
+ Actions can be used to block anything you want, including ads, banners, or
+ just some obnoxious URL whose content you would rather not see. Cookies can be accepted
+ or rejected, or accepted only during the current browser session (i.e. not
+ written to disk), content can be modified, some JavaScripts tamed, user-tracking
+ fooled, and much more. See below for a <A
+HREF="actions-file.html#ACTIONS"
+>complete list
+ of actions</A
+>.</P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="AEN2288"
+>8.1. Finding the Right Mix</A
+></H2
+><P
+> Note that some <A
+HREF="actions-file.html#ACTIONS"
+>actions</A
+>, like cookie suppression
+ or script disabling, may render some sites unusable that rely on these
+ techniques to work properly. Finding the right mix of actions is not always easy and
+ certainly a matter of personal taste. And, things can always change, requiring 
+ refinements in the configuration. In general, it can be said that the more
+ <SPAN
+CLASS="QUOTE"
+>"aggressive"</SPAN
+> your default settings (in the top section of the
+ actions file) are, the more exceptions for <SPAN
+CLASS="QUOTE"
+>"trusted"</SPAN
+> sites you
+ will have to make later. If, for example, you want to crunch all cookies per
+ default, you'll have to make exceptions from that rule for sites that you
+ regularly use and that require cookies for actually useful purposes, like maybe
+ your bank, favorite shop, or newspaper.</P
+><P
+> We have tried to provide you with reasonable rules to start from in the
+ distribution actions files. But there is no general rule of thumb on these
+ things. There just are too many variables, and sites are constantly changing.
+ Sooner or later you will want to change the rules (and read this chapter again :).</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="AEN2295"
+>8.2. How to Edit</A
+></H2
+><P
+> The easiest way to edit the actions files is with a browser by
+ using our browser-based editor, which can be reached from <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>http://config.privoxy.org/show-status</A
+>.
+ Note: the config file option <A
+HREF="config.html#ENABLE-EDIT-ACTIONS"
+>enable-edit-actions</A
+> must be enabled for
+ this to work. The editor allows both fine-grained control over every single
+ feature on a per-URL basis, and easy choosing from wholesale sets of defaults
+ like <SPAN
+CLASS="QUOTE"
+>"Cautious"</SPAN
+>, <SPAN
+CLASS="QUOTE"
+>"Medium"</SPAN
+> or
+ <SPAN
+CLASS="QUOTE"
+>"Advanced"</SPAN
+>. Warning: the <SPAN
+CLASS="QUOTE"
+>"Advanced"</SPAN
+> setting is more
+ aggressive, and will be more likely to cause problems for some sites.
+ Experienced users only! 
+ </P
+><P
+> If you prefer plain text editing to GUIs, you can of course also directly edit the
+ the actions files with your favorite text editor. Look at
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+> which is richly commented with many 
+ good examples.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="ACTIONS-APPLY"
+>8.3. How Actions are Applied to Requests</A
+></H2
+><P
+> Actions files are divided into sections. There are special sections,
+ like the <SPAN
+CLASS="QUOTE"
+>"<A
+HREF="actions-file.html#ALIASES"
+>alias</A
+>"</SPAN
+> sections which will
+ be discussed later. For now let's concentrate on regular sections: They have a
+ heading line (often split up to multiple lines for readability) which consist
+ of a list of actions, separated by whitespace and enclosed in curly braces.
+ Below that, there is a list of URL and tag patterns, each on a separate line.</P
+><P
+> To determine which actions apply to a request, the URL of the request is
+ compared to all URL patterns in each <SPAN
+CLASS="QUOTE"
+>"action file"</SPAN
+>.
+ Every time it matches, the list of applicable actions for the request is
+ incrementally updated, using the heading of the section in which the
+ pattern is located. The same is done again for tags and tag patterns later on.</P
+><P
+> If multiple applying sections set the same action differently,
+ the last match wins. If not, the effects are aggregated.
+ E.g. a URL might match a regular section with a heading line of <TT
+CLASS="LITERAL"
+>{ 
+ +<A
+HREF="actions-file.html#HANDLE-AS-IMAGE"
+>handle-as-image</A
+> }</TT
+>,
+ then later another one with just <TT
+CLASS="LITERAL"
+>{
+ +<A
+HREF="actions-file.html#BLOCK"
+>block</A
+> }</TT
+>, resulting
+ in <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>both</I
+></SPAN
+> actions to apply. And there may well be 
+ cases where you will want to combine actions together. Such a section then 
+ might look like:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  { +<TT
+CLASS="LITERAL"
+>handle-as-image</TT
+>  +<TT
+CLASS="LITERAL"
+>block{Banner ads.}</TT
+> }
+  # Block these as if they were images. Send no block page.
+   banners.example.com
+   media.example.com/.*banners
+   .example.com/images/ads/</PRE
+></TD
+></TR
+></TABLE
+>
+ </P
+><P
+> You can trace this process for URL patterns and any given URL by visiting <A
+HREF="http://config.privoxy.org/show-url-info"
+TARGET="_top"
+>http://config.privoxy.org/show-url-info</A
+>.</P
+><P
+> Examples and more detail on this is provided in the Appendix, <A
+HREF="appendix.html#ACTIONSANAT"
+> Troubleshooting: Anatomy of an Action</A
+> section.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="AF-PATTERNS"
+>8.4. Patterns</A
+></H2
+><P
+> 
+ As mentioned, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> uses <SPAN
+CLASS="QUOTE"
+>"patterns"</SPAN
+>
+ to determine what <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>actions</I
+></SPAN
+> might apply to which sites and
+ pages your browser attempts to access. These <SPAN
+CLASS="QUOTE"
+>"patterns"</SPAN
+> use wild
+ card type <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>pattern</I
+></SPAN
+> matching to achieve a high degree of
+ flexibility. This allows one expression to be expanded and potentially match
+ against many similar patterns.</P
+><P
+> Generally, an URL pattern has the form
+ <TT
+CLASS="LITERAL"
+><domain>/<path></TT
+>, where both the
+ <TT
+CLASS="LITERAL"
+><domain></TT
+> and <TT
+CLASS="LITERAL"
+><path></TT
+> are
+ optional. (This is why the special <TT
+CLASS="LITERAL"
+>/</TT
+> pattern matches all
+ URLs). Note that the protocol portion of the URL pattern (e.g.
+ <TT
+CLASS="LITERAL"
+>http://</TT
+>) should <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not</I
+></SPAN
+> be included in
+ the pattern. This is assumed already!</P
+><P
+> The pattern matching syntax is different for the domain and path parts of
+ the URL. The domain part uses a simple globbing type matching technique, 
+ while the path part uses more flexible 
+ <A
+HREF="http://en.wikipedia.org/wiki/Regular_expressions"
+TARGET="_top"
+><SPAN
+CLASS="QUOTE"
+>"Regular
+  Expressions"</SPAN
+></A
+> (POSIX 1003.2).</P
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+><TT
+CLASS="LITERAL"
+>www.example.com/</TT
+></DT
+><DD
+><P
+>    is a domain-only pattern and will match any request to <TT
+CLASS="LITERAL"
+>www.example.com</TT
+>,
+    regardless of which document on that server is requested. So ALL pages in
+    this domain would be covered by the scope of this action. Note that a 
+    simple <TT
+CLASS="LITERAL"
+>example.com</TT
+> is different and would NOT match.
+   </P
+></DD
+><DT
+><TT
+CLASS="LITERAL"
+>www.example.com</TT
+></DT
+><DD
+><P
+>    means exactly the same. For domain-only patterns, the trailing <TT
+CLASS="LITERAL"
+>/</TT
+> may
+    be omitted.
+   </P
+></DD
+><DT
+><TT
+CLASS="LITERAL"
+>www.example.com/index.html</TT
+></DT
+><DD
+><P
+>    matches all the documents on <TT
+CLASS="LITERAL"
+>www.example.com</TT
+>
+    whose name starts with <TT
+CLASS="LITERAL"
+>/index.html</TT
+>.
+   </P
+></DD
+><DT
+><TT
+CLASS="LITERAL"
+>www.example.com/index.html$</TT
+></DT
+><DD
+><P
+>    matches only the single document <TT
+CLASS="LITERAL"
+>/index.html</TT
+>
+    on <TT
+CLASS="LITERAL"
+>www.example.com</TT
+>.
+   </P
+></DD
+><DT
+><TT
+CLASS="LITERAL"
+>/index.html$</TT
+></DT
+><DD
+><P
+>    matches the document <TT
+CLASS="LITERAL"
+>/index.html</TT
+>, regardless of the domain,
+    i.e. on <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>any</I
+></SPAN
+> web server anywhere.
+   </P
+></DD
+><DT
+><TT
+CLASS="LITERAL"
+>index.html</TT
+></DT
+><DD
+><P
+>    matches nothing, since it would be interpreted as a domain name and
+    there is no top-level domain called <TT
+CLASS="LITERAL"
+>.html</TT
+>. So its 
+    a mistake.
+   </P
+></DD
+></DL
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="AEN2386"
+>8.4.1. The Domain Pattern</A
+></H3
+><P
+> The matching of the domain part offers some flexible options: if the
+ domain starts or ends with a dot, it becomes unanchored at that end. 
+ For example:</P
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+><TT
+CLASS="LITERAL"
+>.example.com</TT
+></DT
+><DD
+><P
+>    matches any domain with first-level domain <TT
+CLASS="LITERAL"
+>com</TT
+>
+    and second-level domain <TT
+CLASS="LITERAL"
+>example</TT
+>.
+    For example <TT
+CLASS="LITERAL"
+>www.example.com</TT
+>,
+    <TT
+CLASS="LITERAL"
+>example.com</TT
+> and <TT
+CLASS="LITERAL"
+>foo.bar.baz.example.com</TT
+>.
+    Note that it wouldn't match if the second-level domain was <TT
+CLASS="LITERAL"
+>another-example</TT
+>.
+   </P
+></DD
+><DT
+><TT
+CLASS="LITERAL"
+>www.</TT
+></DT
+><DD
+><P
+>    matches any domain that <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>STARTS</I
+></SPAN
+> with
+    <TT
+CLASS="LITERAL"
+>www.</TT
+> (It also matches the domain
+    <TT
+CLASS="LITERAL"
+>www</TT
+> but most of the time that doesn't matter.)
+   </P
+></DD
+><DT
+><TT
+CLASS="LITERAL"
+>.example.</TT
+></DT
+><DD
+><P
+>    matches any domain that <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>CONTAINS</I
+></SPAN
+> <TT
+CLASS="LITERAL"
+>.example.</TT
+>.
+    And, by the way, also included would be any files or documents that exist
+    within that domain since no path limitations are specified. (Correctly
+    speaking: It matches any FQDN that contains <TT
+CLASS="LITERAL"
+>example</TT
+> as
+    a domain.) This might be <TT
+CLASS="LITERAL"
+>www.example.com</TT
+>,
+    <TT
+CLASS="LITERAL"
+>news.example.de</TT
+>, or
+    <TT
+CLASS="LITERAL"
+>www.example.net/cgi/testing.pl</TT
+> for instance. All these
+    cases are matched. 
+   </P
+></DD
+></DL
+></DIV
+><P
+> Additionally, there are wild-cards that you can use in the domain names
+ themselves. These work similarly to shell globbing type wild-cards:
+ <SPAN
+CLASS="QUOTE"
+>"*"</SPAN
+> represents zero or more arbitrary characters (this is
+ equivalent to the 
+ <A
+HREF="http://en.wikipedia.org/wiki/Regular_expressions"
+TARGET="_top"
+><SPAN
+CLASS="QUOTE"
+>"Regular
+ Expression"</SPAN
+></A
+> based syntax of <SPAN
+CLASS="QUOTE"
+>".*"</SPAN
+>),
+ <SPAN
+CLASS="QUOTE"
+>"?"</SPAN
+>  represents any single character (this is equivalent to the
+ regular expression syntax of a simple <SPAN
+CLASS="QUOTE"
+>"."</SPAN
+>), and you can define
+ <SPAN
+CLASS="QUOTE"
+>"character classes"</SPAN
+> in square brackets which is similar to 
+ the same regular expression technique. All of this can be freely mixed:</P
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+><TT
+CLASS="LITERAL"
+>ad*.example.com</TT
+></DT
+><DD
+><P
+>    matches <SPAN
+CLASS="QUOTE"
+>"adserver.example.com"</SPAN
+>, 
+    <SPAN
+CLASS="QUOTE"
+>"ads.example.com"</SPAN
+>, etc but not <SPAN
+CLASS="QUOTE"
+>"sfads.example.com"</SPAN
+>
+   </P
+></DD
+><DT
+><TT
+CLASS="LITERAL"
+>*ad*.example.com</TT
+></DT
+><DD
+><P
+>    matches all of the above, and then some.
+   </P
+></DD
+><DT
+><TT
+CLASS="LITERAL"
+>.?pix.com</TT
+></DT
+><DD
+><P
+>    matches <TT
+CLASS="LITERAL"
+>www.ipix.com</TT
+>,
+    <TT
+CLASS="LITERAL"
+>pictures.epix.com</TT
+>, <TT
+CLASS="LITERAL"
+>a.b.c.d.e.upix.com</TT
+> etc. 
+   </P
+></DD
+><DT
+><TT
+CLASS="LITERAL"
+>www[1-9a-ez].example.c*</TT
+></DT
+><DD
+><P
+>     matches <TT
+CLASS="LITERAL"
+>www1.example.com</TT
+>, 
+     <TT
+CLASS="LITERAL"
+>www4.example.cc</TT
+>, <TT
+CLASS="LITERAL"
+>wwwd.example.cy</TT
+>, 
+     <TT
+CLASS="LITERAL"
+>wwwz.example.com</TT
+> etc., but <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not</I
+></SPAN
+> 
+     <TT
+CLASS="LITERAL"
+>wwww.example.com</TT
+>.
+   </P
+></DD
+></DL
+></DIV
+><P
+> While flexible, this is not the sophistication of full regular expression based syntax.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="AEN2462"
+>8.4.2. The Path Pattern</A
+></H3
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> uses <SPAN
+CLASS="QUOTE"
+>"modern"</SPAN
+> POSIX 1003.2
+  <A
+HREF="http://en.wikipedia.org/wiki/Regular_expressions"
+TARGET="_top"
+><SPAN
+CLASS="QUOTE"
+>"Regular
+  Expressions"</SPAN
+></A
+> for matching the path portion (after the slash),
+  and is thus more flexible.</P
+><P
+> There is an <A
+HREF="appendix.html#REGEX"
+>Appendix</A
+> with a brief quick-start into regular
+ expressions, you also might want to have a look at your operating system's documentation
+ on regular expressions (try <TT
+CLASS="LITERAL"
+>man re_format</TT
+>).</P
+><P
+> Note that the path pattern is automatically left-anchored at the <SPAN
+CLASS="QUOTE"
+>"/"</SPAN
+>,
+ i.e. it matches as if it would start with a <SPAN
+CLASS="QUOTE"
+>"^"</SPAN
+> (regular expression speak 
+ for the beginning of a line).</P
+><P
+> Please also note that matching in the path is <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>CASE INSENSITIVE</I
+></SPAN
+>
+ by default, but you can switch to case sensitive at any point in the pattern by using the 
+ <SPAN
+CLASS="QUOTE"
+>"(?-i)"</SPAN
+> switch: <TT
+CLASS="LITERAL"
+>www.example.com/(?-i)PaTtErN.*</TT
+> will match
+ only documents whose path starts with <TT
+CLASS="LITERAL"
+>PaTtErN</TT
+> in
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>exactly</I
+></SPAN
+> this capitalization.</P
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+><TT
+CLASS="LITERAL"
+>.example.com/.*</TT
+></DT
+><DD
+><P
+>     Is equivalent to just <SPAN
+CLASS="QUOTE"
+>".example.com"</SPAN
+>, since any documents 
+     within that domain are matched with or without the <SPAN
+CLASS="QUOTE"
+>".*"</SPAN
+>
+     regular expression. This is redundant
+   </P
+></DD
+><DT
+><TT
+CLASS="LITERAL"
+>.example.com/.*/index.html$</TT
+></DT
+><DD
+><P
+>    Will match any page in the domain of <SPAN
+CLASS="QUOTE"
+>"example.com"</SPAN
+> that is
+    named <SPAN
+CLASS="QUOTE"
+>"index.html"</SPAN
+>, and that is part of some path. For
+    example, it matches <SPAN
+CLASS="QUOTE"
+>"www.example.com/testing/index.html"</SPAN
+> but
+    NOT <SPAN
+CLASS="QUOTE"
+>"www.example.com/index.html"</SPAN
+> because the regular
+    expression called for at least two <SPAN
+CLASS="QUOTE"
+>"/'s"</SPAN
+>, thus the path 
+    requirement. It also would match 
+    <SPAN
+CLASS="QUOTE"
+>"www.example.com/testing/index_html"</SPAN
+>, because of the 
+    special meta-character <SPAN
+CLASS="QUOTE"
+>"."</SPAN
+>.
+   </P
+></DD
+><DT
+><TT
+CLASS="LITERAL"
+>.example.com/(.*/)?index\.html$</TT
+></DT
+><DD
+><P
+>    This regular expression is conditional so it will match any page 
+    named <SPAN
+CLASS="QUOTE"
+>"index.html"</SPAN
+> regardless of path which in this case can 
+    have one or more <SPAN
+CLASS="QUOTE"
+>"/'s"</SPAN
+>. And this one must contain exactly 
+    <SPAN
+CLASS="QUOTE"
+>".html"</SPAN
+> (but does not have to end with that!).
+   </P
+></DD
+><DT
+><TT
+CLASS="LITERAL"
+>.example.com/(.*/)(ads|banners?|junk)</TT
+></DT
+><DD
+><P
+>    This regular expression will match any path of <SPAN
+CLASS="QUOTE"
+>"example.com"</SPAN
+>
+    that contains any of the words <SPAN
+CLASS="QUOTE"
+>"ads"</SPAN
+>, <SPAN
+CLASS="QUOTE"
+>"banner"</SPAN
+>, 
+    <SPAN
+CLASS="QUOTE"
+>"banners"</SPAN
+> (because of the <SPAN
+CLASS="QUOTE"
+>"?"</SPAN
+>) or <SPAN
+CLASS="QUOTE"
+>"junk"</SPAN
+>.
+    The path does not have to end in these words, just contain them.
+   </P
+></DD
+><DT
+><TT
+CLASS="LITERAL"
+>.example.com/(.*/)(ads|banners?|junk)/.*\.(jpe?g|gif|png)$</TT
+></DT
+><DD
+><P
+>    This is very much the same as above, except now it must end in either 
+    <SPAN
+CLASS="QUOTE"
+>".jpg"</SPAN
+>, <SPAN
+CLASS="QUOTE"
+>".jpeg"</SPAN
+>, <SPAN
+CLASS="QUOTE"
+>".gif"</SPAN
+> or <SPAN
+CLASS="QUOTE"
+>".png"</SPAN
+>. So this 
+    one is limited to common image formats.
+   </P
+></DD
+></DL
+></DIV
+><P
+> There are many, many good examples to be found in <TT
+CLASS="FILENAME"
+>default.action</TT
+>, 
+ and more tutorials below in <A
+HREF="appendix.html#REGEX"
+>Appendix on regular expressions</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="TAG-PATTERN"
+>8.4.3. The Tag Pattern</A
+></H3
+><P
+> Tag patterns are used to change the applying actions based on the
+ request's tags. Tags can be created with either the
+ <A
+HREF="actions-file.html#CLIENT-HEADER-TAGGER"
+>client-header-tagger</A
+>
+ or the  <A
+HREF="actions-file.html#SERVER-HEADER-TAGGER"
+>server-header-tagger</A
+> action.</P
+><P
+> Tag patterns have to start with <SPAN
+CLASS="QUOTE"
+>"TAG:"</SPAN
+>, so <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ can tell them apart from URL patterns. Everything after the colon
+ including white space, is interpreted as a regular expression with
+ path pattern syntax, except that tag patterns aren't left-anchored
+ automatically (<SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> doesn't silently add a <SPAN
+CLASS="QUOTE"
+>"^"</SPAN
+>,
+ you have to do it yourself if you need it).</P
+><P
+> To match all requests that are tagged with <SPAN
+CLASS="QUOTE"
+>"foo"</SPAN
+>
+ your pattern line should be <SPAN
+CLASS="QUOTE"
+>"TAG:^foo$"</SPAN
+>,
+ <SPAN
+CLASS="QUOTE"
+>"TAG:foo"</SPAN
+> would work as well, but it would also
+ match requests whose tags contain <SPAN
+CLASS="QUOTE"
+>"foo"</SPAN
+> somewhere.
+ <SPAN
+CLASS="QUOTE"
+>"TAG: foo"</SPAN
+> wouldn't work as it requires white space.</P
+><P
+> Sections can contain URL and tag patterns at the same time,
+ but tag patterns are checked after the URL patterns and thus
+ always overrule them, even if they are located before the URL patterns.</P
+><P
+> Once a new tag is added, Privoxy checks right away if it's matched by one
+ of the tag patterns and updates the action settings accordingly. As a result
+ tags can be used to activate other tagger actions, as long as these other
+ taggers look for headers that haven't already be parsed.</P
+><P
+> For example you could tag client requests which use the
+ <TT
+CLASS="LITERAL"
+>POST</TT
+> method,
+ then use this tag to activate another tagger that adds a tag if cookies
+ are sent, and then use a block action based on the cookie tag. This allows
+ the outcome of one action, to be input into a subsequent action. However if
+ you'd reverse the position of the described taggers, and activated the
+ method tagger based on the cookie tagger, no method tags would be created.
+ The method tagger would look for the request line, but at the time
+ the cookie tag is created, the request line has already been parsed.</P
+><P
+> While this is a limitation you should be aware of, this kind of
+ indirection is seldom needed anyway and even the example doesn't
+ make too much sense.</P
+></DIV
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="ACTIONS"
+>8.5. Actions</A
+></H2
+><P
+> All actions are disabled by default, until they are explicitly enabled
+ somewhere in an actions file. Actions are turned on if preceded with a
+ <SPAN
+CLASS="QUOTE"
+>"+"</SPAN
+>, and turned off if preceded with a <SPAN
+CLASS="QUOTE"
+>"-"</SPAN
+>. So a
+ <TT
+CLASS="LITERAL"
+>+action</TT
+> means <SPAN
+CLASS="QUOTE"
+>"do that action"</SPAN
+>, e.g.
+ <TT
+CLASS="LITERAL"
+>+block</TT
+> means <SPAN
+CLASS="QUOTE"
+>"please block URLs that match the
+ following patterns"</SPAN
+>, and <TT
+CLASS="LITERAL"
+>-block</TT
+> means <SPAN
+CLASS="QUOTE"
+>"don't
+ block URLs that match the following patterns, even if <TT
+CLASS="LITERAL"
+>+block</TT
+>
+ previously applied."</SPAN
+>
</P
+><P
+> 
+ Again, actions are invoked by placing them on a line, enclosed in curly braces and
+ separated by whitespace, like in 
+ <TT
+CLASS="LITERAL"
+>{+some-action -some-other-action{some-parameter}}</TT
+>,
+ followed by a list of URL patterns, one per line, to which they apply.
+ Together, the actions line and the following pattern lines make up a section
+ of the actions file. </P
+><P
+> 
+ Actions fall into three categories:</P
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>  
+   Boolean, i.e the action can only be <SPAN
+CLASS="QUOTE"
+>"enabled"</SPAN
+> or
+   <SPAN
+CLASS="QUOTE"
+>"disabled"</SPAN
+>. Syntax:
+  </P
+><P
+>   <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  +<TT
+CLASS="REPLACEABLE"
+><I
+>name</I
+></TT
+>        # enable action <TT
+CLASS="REPLACEABLE"
+><I
+>name</I
+></TT
+>
+  -<TT
+CLASS="REPLACEABLE"
+><I
+>name</I
+></TT
+>        # disable action <TT
+CLASS="REPLACEABLE"
+><I
+>name</I
+></TT
+></PRE
+></TD
+></TR
+></TABLE
+>
+  </P
+><P
+>  
+   Example: <TT
+CLASS="LITERAL"
+>+handle-as-image</TT
+>
+  </P
+></LI
+><LI
+><P
+>  
+   Parameterized, where some value is required in order to enable this type of action.
+   Syntax:
+  </P
+><P
+>   <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  +<TT
+CLASS="REPLACEABLE"
+><I
+>name</I
+></TT
+>{<TT
+CLASS="REPLACEABLE"
+><I
+>param</I
+></TT
+>}  # enable action and set parameter to <TT
+CLASS="REPLACEABLE"
+><I
+>param</I
+></TT
+>,
+               # overwriting parameter from previous match if necessary
+  -<TT
+CLASS="REPLACEABLE"
+><I
+>name</I
+></TT
+>         # disable action. The parameter can be omitted</PRE
+></TD
+></TR
+></TABLE
+>
+  </P
+><P
+>   Note that if the URL matches multiple positive forms of a parameterized action,
+   the last match wins, i.e. the params from earlier matches are simply ignored.
+  </P
+><P
+>  
+   Example: <TT
+CLASS="LITERAL"
+>+hide-user-agent{Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.8.1.4) Gecko/20070602 Firefox/2.0.0.4}</TT
+>
+  </P
+></LI
+><LI
+><P
+>  
+   Multi-value. These look exactly like parameterized actions,
+   but they behave differently: If the action applies multiple times to the
+   same URL, but with different parameters, <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>all</I
+></SPAN
+> the parameters
+   from <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>all</I
+></SPAN
+> matches are remembered. This is used for actions
+   that can be executed for the same request repeatedly, like adding multiple
+   headers, or filtering through multiple filters. Syntax:
+  </P
+><P
+>   <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  +<TT
+CLASS="REPLACEABLE"
+><I
+>name</I
+></TT
+>{<TT
+CLASS="REPLACEABLE"
+><I
+>param</I
+></TT
+>}   # enable action and add <TT
+CLASS="REPLACEABLE"
+><I
+>param</I
+></TT
+> to the list of parameters
+  -<TT
+CLASS="REPLACEABLE"
+><I
+>name</I
+></TT
+>{<TT
+CLASS="REPLACEABLE"
+><I
+>param</I
+></TT
+>}   # remove the parameter <TT
+CLASS="REPLACEABLE"
+><I
+>param</I
+></TT
+> from the list of parameters
+                # If it was the last one left, disable the action.
+  <TT
+CLASS="REPLACEABLE"
+><I
+>-name</I
+></TT
+>          # disable this action completely and remove all parameters from the list</PRE
+></TD
+></TR
+></TABLE
+>
+  </P
+><P
+>  
+   Examples: <TT
+CLASS="LITERAL"
+>+add-header{X-Fun-Header: Some text}</TT
+> and
+   <TT
+CLASS="LITERAL"
+>+filter{html-annoyances}</TT
+>
+  </P
+></LI
+></UL
+></P
+><P
+> If nothing is specified in any actions file, no <SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+> are
+ taken. So in this case <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> would just be a
+ normal, non-blocking, non-filtering proxy. You must specifically enable the
+ privacy and blocking features you need (although the provided default actions
+ files will give a good starting point).</P
+><P
+> Later defined action sections always over-ride earlier ones of the same type.
+ So exceptions to any rules you make, should come in the latter part of the file (or 
+ in a file that is processed later when using multiple actions files such 
+ as <TT
+CLASS="FILENAME"
+>user.action</TT
+>). For multi-valued actions, the actions
+ are applied in the order they are specified. Actions files are processed in
+ the order they are defined in <TT
+CLASS="FILENAME"
+>config</TT
+> (the default
+ installation has three actions files). It also quite possible for any given
+ URL to match more than one <SPAN
+CLASS="QUOTE"
+>"pattern"</SPAN
+> (because of wildcards and
+ regular expressions), and thus to trigger more than one set of actions! Last
+ match wins.</P
+><P
+> The list of valid <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> actions are:</P
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="ADD-HEADER"
+>8.5.1. add-header</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Confuse log analysis, custom applications</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Sends a user defined HTTP header to the web server.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Multi-value.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    Any string value is possible. Validity of the defined HTTP headers is not checked.
+    It is recommended that you use the <SPAN
+CLASS="QUOTE"
+>"<TT
+CLASS="LITERAL"
+>X-</TT
+>"</SPAN
+> prefix
+    for custom headers.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    This action may be specified multiple times, in order to define multiple 
+    headers. This is rarely needed for the typical user. If you don't know what 
+    <SPAN
+CLASS="QUOTE"
+>"HTTP headers"</SPAN
+> are, you definitely don't need to worry about this 
+    one.
+   </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+add-header{X-User-Tracking: sucks}</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="BLOCK"
+>8.5.2. block</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Block ads or other unwanted content</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Requests for URLs to which this action applies are blocked, i.e. the
+    requests are trapped by <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> and the requested URL is never retrieved,
+    but is answered locally with a substitute page or image, as determined by
+    the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#HANDLE-AS-IMAGE"
+>handle-as-image</A
+></TT
+>,
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#SET-IMAGE-BLOCKER"
+>set-image-blocker</A
+></TT
+>, and 
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#HANDLE-AS-EMPTY-DOCUMENT"
+>handle-as-empty-document</A
+></TT
+> actions.
+    
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>A block reason that should be given to the user.</P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> sends a special <SPAN
+CLASS="QUOTE"
+>"BLOCKED"</SPAN
+> page
+    for requests to blocked pages. This page contains the block reason given as
+    parameter, a link to find out why the block action applies, and a click-through
+    to the blocked content (the latter only if the force feature is available and
+    enabled).
+   </P
+><P
+> 
+    A very important exception occurs if <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>both</I
+></SPAN
+> 
+    <TT
+CLASS="LITERAL"
+>block</TT
+> and <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#HANDLE-AS-IMAGE"
+>handle-as-image</A
+></TT
+>,
+    apply to the same request: it will then be replaced by an image. If 
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#SET-IMAGE-BLOCKER"
+>set-image-blocker</A
+></TT
+>
+    (see below) also applies, the type of image will be determined by its parameter,
+    if not, the standard checkerboard pattern is sent.
+   </P
+><P
+>    It is important to understand this process, in order 
+    to understand how <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> deals with 
+    ads and other unwanted content. Blocking is a core feature, and one 
+    upon which various other features depend.
+   </P
+><P
+>    The <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#FILTER"
+>filter</A
+></TT
+>
+    action can perform a very similar task, by <SPAN
+CLASS="QUOTE"
+>"blocking"</SPAN
+>
+    banner images and other content through rewriting the relevant URLs in the
+    document's HTML source, so they don't get requested in the first place.
+    Note that this is a totally different technique, and it's easy to confuse the two.
+   </P
+></DD
+><DT
+>Example usage (section):</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>{+block{No nasty stuff for you.}}
+# Block and replace with "blocked" page
+ .nasty-stuff.example.com
+
+{+block{Doubleclick banners.} +handle-as-image} 
+# Block and replace with image
+ .ad.doubleclick.net
+ .ads.r.us/banners/
+
+{+block{Layered ads.} +handle-as-empty-document} 
+# Block and then ignore
+ adserver.example.net/.*\.js$</PRE
+></TD
+></TR
+></TABLE
+>
+    </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="CHANGE-X-FORWARDED-FOR"
+>8.5.3. change-x-forwarded-for</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Improve privacy by not forwarding the source of the request in the HTTP headers.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Deletes the <SPAN
+CLASS="QUOTE"
+>"X-Forwarded-For:"</SPAN
+> HTTP header from the client request,
+    or adds a new one.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+></P
+><UL
+><LI
+><P
+><SPAN
+CLASS="QUOTE"
+>"block"</SPAN
+> to delete the header.</P
+></LI
+><LI
+><P
+>       <SPAN
+CLASS="QUOTE"
+>"add"</SPAN
+> to create the header (or append
+       the client's IP address to an already existing one).
+     </P
+></LI
+></UL
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    It is safe and recommended to use <TT
+CLASS="LITERAL"
+>block</TT
+>.
+   </P
+><P
+>    Forwarding the source address of the request may make
+    sense in some multi-user setups but is also a privacy risk.
+   </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+change-x-forwarded-for{block}</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="CLIENT-HEADER-FILTER"
+>8.5.4. client-header-filter</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>   Rewrite or remove single client headers.
+   </P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    All client headers to which this action applies are filtered on-the-fly through
+    the specified regular expression based substitutions.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    The name of a client-header filter, as defined in one of the
+    <A
+HREF="filter-file.html"
+>filter files</A
+>.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    Client-header filters are applied to each header on its own, not to
+    all at once. This makes it easier to diagnose problems, but on the downside
+    you can't write filters that only change header x if header y's value is z.
+    You can do that by using tags though.
+   </P
+><P
+>    Client-header filters are executed after the other header actions have finished
+    and use their output as input.
+   </P
+><P
+>    If the request URL gets changed, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will detect that and use the new
+    one. This can be used to rewrite the request destination behind the client's
+    back, for example to specify a Tor exit relay for certain requests.
+   </P
+><P
+>    Please refer to the <A
+HREF="filter-file.html"
+>filter file chapter</A
+>
+    to learn which client-header filters are available by default, and how to
+    create your own.
+   </P
+></DD
+><DT
+>Example usage (section):</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Hide Tor exit notation in Host and Referer Headers
+{+client-header-filter{hide-tor-exit-notation}}
+/
+    </PRE
+></TD
+></TR
+></TABLE
+>
+    </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="CLIENT-HEADER-TAGGER"
+>8.5.5. client-header-tagger</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>   Block requests based on their headers.
+   </P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Client headers to which this action applies are filtered on-the-fly through
+    the specified regular expression based substitutions, the result is used as
+    tag. 
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    The name of a client-header tagger, as defined in one of the
+    <A
+HREF="filter-file.html"
+>filter files</A
+>.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    Client-header taggers are applied to each header on its own,
+    and as the header isn't modified, each tagger <SPAN
+CLASS="QUOTE"
+>"sees"</SPAN
+>
+    the original.
+   </P
+><P
+>    Client-header taggers are the first actions that are executed
+    and their tags can be used to control every other action.
+   </P
+></DD
+><DT
+>Example usage (section):</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Tag every request with the User-Agent header
+{+client-header-tagger{user-agent}}
+/
+
+# Tagging itself doesn't change the action
+# settings, sections with TAG patterns do:
+#
+# If it's a download agent, use a different forwarding proxy,
+# show the real User-Agent and make sure resume works.
+{+forward-override{forward-socks5 10.0.0.2:2222 .} \
+ -hide-if-modified-since      \
+ -overwrite-last-modified     \
+ -hide-user-agent             \
+ -filter                      \
+ -deanimate-gifs              \
+}
+TAG:^User-Agent: NetBSD-ftp/
+TAG:^User-Agent: Novell ZYPP Installer
+TAG:^User-Agent: RPM APT-HTTP/
+TAG:^User-Agent: fetch libfetch/
+TAG:^User-Agent: Ubuntu APT-HTTP/
+TAG:^User-Agent: MPlayer/
+    </PRE
+></TD
+></TR
+></TABLE
+>
+    </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="CONTENT-TYPE-OVERWRITE"
+>8.5.6. content-type-overwrite</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Stop useless download menus from popping up, or change the browser's rendering mode</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Replaces the <SPAN
+CLASS="QUOTE"
+>"Content-Type:"</SPAN
+> HTTP server header.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    Any string. 
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    The <SPAN
+CLASS="QUOTE"
+>"Content-Type:"</SPAN
+> HTTP server header is used by the
+    browser to decide what to do with the document. The value of this
+    header can cause the browser to open a download menu instead of
+    displaying the document by itself, even if the document's format is
+    supported by the browser. 
+   </P
+><P
+>    The declared content type can also affect which rendering mode
+    the browser chooses. If XHTML is delivered as <SPAN
+CLASS="QUOTE"
+>"text/html"</SPAN
+>,
+    many browsers treat it as yet another broken HTML document.
+    If it is send as <SPAN
+CLASS="QUOTE"
+>"application/xml"</SPAN
+>, browsers with
+    XHTML support will only display it, if the syntax is correct.
+   </P
+><P
+>    If you see a web site that proudly uses XHTML buttons, but sets
+    <SPAN
+CLASS="QUOTE"
+>"Content-Type: text/html"</SPAN
+>, you can use <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+    to overwrite it with <SPAN
+CLASS="QUOTE"
+>"application/xml"</SPAN
+> and validate
+    the web master's claim inside your XHTML-supporting browser.
+    If the syntax is incorrect, the browser will complain loudly. 
+   </P
+><P
+>    You can also go the opposite direction: if your browser prints
+    error messages instead of rendering a document falsely declared
+    as XHTML, you can overwrite the content type with
+    <SPAN
+CLASS="QUOTE"
+>"text/html"</SPAN
+> and have it rendered as broken HTML document. 
+   </P
+><P
+>    By default <TT
+CLASS="LITERAL"
+>content-type-overwrite</TT
+> only replaces
+    <SPAN
+CLASS="QUOTE"
+>"Content-Type:"</SPAN
+> headers that look like some kind of text.
+    If you want to overwrite it unconditionally, you have to combine it with
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#FORCE-TEXT-MODE"
+>force-text-mode</A
+></TT
+>.
+    This limitation exists for a reason, think twice before circumventing it.
+   </P
+><P
+>    Most of the time it's easier to replace this action with a custom
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#SERVER-HEADER-FILTER"
+>server-header filter</A
+></TT
+>.
+    It allows you to activate it for every document of a certain site and it will still
+    only replace the content types you aimed at.
+   </P
+><P
+>    Of course you can apply <TT
+CLASS="LITERAL"
+>content-type-overwrite</TT
+>
+    to a whole site and then make URL based exceptions, but it's a lot
+    more work to get the same precision. 
+   </P
+></DD
+><DT
+>Example usage (sections):</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Check if www.example.net/ really uses valid XHTML
+{ +content-type-overwrite{application/xml} }
+www.example.net/
+
+# but leave the content type unmodified if the URL looks like a style sheet
+{-content-type-overwrite}
+www.example.net/.*\.css$
+www.example.net/.*style</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="CRUNCH-CLIENT-HEADER"
+>8.5.7. crunch-client-header</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Remove a client header <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> has no dedicated action for.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Deletes every header sent by the client that contains the string the user supplied as parameter.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    Any string.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    This action allows you to block client headers for which no dedicated
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> action exists.
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will remove every client header that
+    contains the string you supplied as parameter.
+   </P
+><P
+>    Regular expressions are <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not supported</I
+></SPAN
+> and you can't
+    use this action to block different headers in the same request, unless
+    they contain the same string.
+   </P
+><P
+>    <TT
+CLASS="LITERAL"
+>crunch-client-header</TT
+> is only meant for quick tests.
+    If you have to block several different headers, or only want to modify
+    parts of them, you should use a
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#CLIENT-HEADER-FILTER"
+>client-header filter</A
+></TT
+>.
+   </P
+><DIV
+CLASS="WARNING"
+><P
+></P
+><TABLE
+CLASS="WARNING"
+BORDER="1"
+WIDTH="90%"
+><TR
+><TD
+ALIGN="CENTER"
+><B
+>Warning</B
+></TD
+></TR
+><TR
+><TD
+ALIGN="LEFT"
+><P
+>      Don't block any header without understanding the consequences.
+     </P
+></TD
+></TR
+></TABLE
+></DIV
+></DD
+><DT
+>Example usage (section):</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Block the non-existent "Privacy-Violation:" client header 
+{ +crunch-client-header{Privacy-Violation:} }
+/
+    </PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="CRUNCH-IF-NONE-MATCH"
+>8.5.8. crunch-if-none-match</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Prevent yet another way to track the user's steps between sessions.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Deletes the <SPAN
+CLASS="QUOTE"
+>"If-None-Match:"</SPAN
+> HTTP client header.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Boolean.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    N/A
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    Removing the <SPAN
+CLASS="QUOTE"
+>"If-None-Match:"</SPAN
+> HTTP client header
+    is useful for filter testing, where you want to force a real
+    reload instead of getting status code <SPAN
+CLASS="QUOTE"
+>"304"</SPAN
+> which
+    would cause the browser to use a cached copy of the page.
+   </P
+><P
+>    It is also useful to make sure the header isn't used as a cookie
+    replacement (unlikely but possible).
+   </P
+><P
+>    Blocking the <SPAN
+CLASS="QUOTE"
+>"If-None-Match:"</SPAN
+> header shouldn't cause any
+    caching problems, as long as the <SPAN
+CLASS="QUOTE"
+>"If-Modified-Since:"</SPAN
+> header
+    isn't blocked or missing as well.
+   </P
+><P
+>    It is recommended to use this action together with
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#HIDE-IF-MODIFIED-SINCE"
+>hide-if-modified-since</A
+></TT
+>
+    and
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#OVERWRITE-LAST-MODIFIED"
+>overwrite-last-modified</A
+></TT
+>.
+   </P
+></DD
+><DT
+>Example usage (section):</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Let the browser revalidate cached documents but don't
+# allow the server to use the revalidation headers for user tracking.
+{+hide-if-modified-since{-60} \
+ +overwrite-last-modified{randomize} \
+ +crunch-if-none-match}
+/   </PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="CRUNCH-INCOMING-COOKIES"
+>8.5.9. crunch-incoming-cookies</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>    Prevent the web server from setting HTTP cookies on your system
+   </P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Deletes any <SPAN
+CLASS="QUOTE"
+>"Set-Cookie:"</SPAN
+> HTTP headers from server replies.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Boolean.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    N/A
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    This action is only concerned with <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>incoming</I
+></SPAN
+> HTTP cookies. For
+    <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>outgoing</I
+></SPAN
+> HTTP cookies, use
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#CRUNCH-OUTGOING-COOKIES"
+>crunch-outgoing-cookies</A
+></TT
+>.
+    Use <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>both</I
+></SPAN
+> to disable HTTP cookies completely.
+   </P
+><P
+>    It makes <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>no sense at all</I
+></SPAN
+> to use this action in conjunction
+    with the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#SESSION-COOKIES-ONLY"
+>session-cookies-only</A
+></TT
+> action,
+    since it would prevent the session cookies from being set. See also 
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#FILTER-CONTENT-COOKIES"
+>filter-content-cookies</A
+></TT
+>.
+   </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+crunch-incoming-cookies</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="CRUNCH-SERVER-HEADER"
+>8.5.10. crunch-server-header</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Remove a server header <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> has no dedicated action for.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Deletes every header sent by the server that contains the string the user supplied as parameter.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    Any string.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    This action allows you to block server headers for which no dedicated
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> action exists. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+    will remove every server header that contains the string you supplied as parameter.
+   </P
+><P
+>    Regular expressions are <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not supported</I
+></SPAN
+> and you can't
+    use this action to block different headers in the same request, unless
+    they contain the same string.
+   </P
+><P
+>    <TT
+CLASS="LITERAL"
+>crunch-server-header</TT
+> is only meant for quick tests.
+    If you have to block several different headers, or only want to modify
+    parts of them, you should use a custom
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#SERVER-HEADER-FILTER"
+>server-header filter</A
+></TT
+>.
+   </P
+><DIV
+CLASS="WARNING"
+><P
+></P
+><TABLE
+CLASS="WARNING"
+BORDER="1"
+WIDTH="90%"
+><TR
+><TD
+ALIGN="CENTER"
+><B
+>Warning</B
+></TD
+></TR
+><TR
+><TD
+ALIGN="LEFT"
+><P
+>     Don't block any header without understanding the consequences.
+     </P
+></TD
+></TR
+></TABLE
+></DIV
+></DD
+><DT
+>Example usage (section):</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Crunch server headers that try to prevent caching
+{ +crunch-server-header{no-cache} }
+/   </PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="CRUNCH-OUTGOING-COOKIES"
+>8.5.11. crunch-outgoing-cookies</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>    Prevent the web server from reading any HTTP cookies from your system
+   </P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Deletes any <SPAN
+CLASS="QUOTE"
+>"Cookie:"</SPAN
+> HTTP headers from client requests.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Boolean.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    N/A
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    This action is only concerned with <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>outgoing</I
+></SPAN
+> HTTP cookies. For
+    <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>incoming</I
+></SPAN
+> HTTP cookies, use
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#CRUNCH-INCOMING-COOKIES"
+>crunch-incoming-cookies</A
+></TT
+>.
+    Use <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>both</I
+></SPAN
+> to disable HTTP cookies completely.
+   </P
+><P
+>    It makes <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>no sense at all</I
+></SPAN
+> to use this action in conjunction
+    with the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#SESSION-COOKIES-ONLY"
+>session-cookies-only</A
+></TT
+> action,
+    since it would prevent the session cookies from being read.
+   </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+crunch-outgoing-cookies</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="DEANIMATE-GIFS"
+>8.5.12. deanimate-gifs</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Stop those annoying, distracting animated GIF images.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    De-animate GIF animations, i.e. reduce them to their first or last image.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    <SPAN
+CLASS="QUOTE"
+>"last"</SPAN
+> or <SPAN
+CLASS="QUOTE"
+>"first"</SPAN
+>
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    This will also shrink the images considerably (in bytes, not pixels!). If
+    the option <SPAN
+CLASS="QUOTE"
+>"first"</SPAN
+> is given, the first frame of the animation
+    is used as the replacement. If <SPAN
+CLASS="QUOTE"
+>"last"</SPAN
+> is given, the last
+    frame of the animation is used instead, which probably makes more sense for
+    most banner animations, but also has the risk of not showing the entire
+    last frame (if it is only a delta to an earlier frame).
+   </P
+><P
+>    You can safely use this action with patterns that will also match non-GIF
+    objects, because no attempt will be made at anything that doesn't look like
+    a GIF.
+   </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+>      <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+deanimate-gifs{last}</PRE
+></TD
+></TR
+></TABLE
+>
+    </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="DOWNGRADE-HTTP-VERSION"
+>8.5.13. downgrade-http-version</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Work around (very rare) problems with HTTP/1.1</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Downgrades HTTP/1.1 client requests and server replies to HTTP/1.0.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Boolean.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    N/A
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    This is a left-over from the time when <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+    didn't support important HTTP/1.1 features well. It is left here for the
+    unlikely case that you experience HTTP/1.1 related problems with some server
+    out there. Not all HTTP/1.1 features and requirements are supported yet,
+    so there is a chance you might need this action.
+   </P
+></DD
+><DT
+>Example usage (section):</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>{+downgrade-http-version}
+problem-host.example.com</PRE
+></TD
+></TR
+></TABLE
+>
+    </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="FAST-REDIRECTS"
+>8.5.14. fast-redirects</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Fool some click-tracking scripts and speed up indirect links.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Detects redirection URLs and redirects the browser without contacting
+    the redirection server first.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+></P
+><UL
+><LI
+><P
+>      <SPAN
+CLASS="QUOTE"
+>"simple-check"</SPAN
+> to just search for the string <SPAN
+CLASS="QUOTE"
+>"http://"</SPAN
+>
+      to detect redirection URLs.
+     </P
+></LI
+><LI
+><P
+>      <SPAN
+CLASS="QUOTE"
+>"check-decoded-url"</SPAN
+> to decode URLs (if necessary) before searching
+      for redirection URLs.
+     </P
+></LI
+></UL
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>  
+    Many sites, like yahoo.com, don't just link to other sites. Instead, they
+    will link to some script on their own servers, giving the destination as a
+    parameter, which will then redirect you to the final target. URLs
+    resulting from this scheme typically look like:
+    <SPAN
+CLASS="QUOTE"
+>"http://www.example.org/click-tracker.cgi?target=http%3a//www.example.net/"</SPAN
+>.
+  </P
+><P
+>    Sometimes, there are even multiple consecutive redirects encoded in the
+    URL. These redirections via scripts make your web browsing more traceable,
+    since the server from which you follow such a link can see where you go
+    to. Apart from that, valuable bandwidth and time is wasted, while your
+    browser asks the server for one redirect after the other. Plus, it feeds
+    the advertisers.
+   </P
+><P
+>    This feature is currently not very smart and is scheduled for improvement.
+    If it is enabled by default, you will have to create some exceptions to
+    this action. It can lead to failures in several ways: 
+   </P
+><P
+>    Not every URLs with other URLs as parameters is evil.
+    Some sites offer a real service that requires this information to work.
+    For example a validation service needs to know, which document to validate.
+    <TT
+CLASS="LITERAL"
+>fast-redirects</TT
+> assumes that every URL parameter that
+    looks like another URL is a redirection target, and will always redirect to
+    the last one. Most of the time the assumption is correct, but if it isn't,
+    the user gets redirected anyway.
+   </P
+><P
+>    Another failure occurs if the URL contains other parameters after the URL parameter.
+    The URL:
+    <SPAN
+CLASS="QUOTE"
+>"http://www.example.org/?redirect=http%3a//www.example.net/&foo=bar"</SPAN
+>.
+    contains the redirection URL <SPAN
+CLASS="QUOTE"
+>"http://www.example.net/"</SPAN
+>,
+    followed by another parameter. <TT
+CLASS="LITERAL"
+>fast-redirects</TT
+> doesn't know that
+    and will cause a redirect to <SPAN
+CLASS="QUOTE"
+>"http://www.example.net/&foo=bar"</SPAN
+>.
+    Depending on the target server configuration, the parameter will be silently ignored
+    or lead to a <SPAN
+CLASS="QUOTE"
+>"page not found"</SPAN
+> error. You can prevent this problem by
+    first using the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#REDIRECT"
+>redirect</A
+></TT
+> action
+    to remove the last part of the URL, but it requires a little effort.
+   </P
+><P
+>    To detect a redirection URL, <TT
+CLASS="LITERAL"
+>fast-redirects</TT
+> only
+    looks for the string <SPAN
+CLASS="QUOTE"
+>"http://"</SPAN
+>, either in plain text
+    (invalid but often used) or encoded as <SPAN
+CLASS="QUOTE"
+>"http%3a//"</SPAN
+>.
+    Some sites use their own URL encoding scheme, encrypt the address
+    of the target server or replace it with a database id. In theses cases
+    <TT
+CLASS="LITERAL"
+>fast-redirects</TT
+> is fooled and the request reaches the
+    redirection server where it probably gets logged.
+   </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> { +fast-redirects{simple-check} }
+   one.example.com 
+
+ { +fast-redirects{check-decoded-url} }
+   another.example.com/testing</PRE
+></TD
+></TR
+></TABLE
+>
+    </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="FILTER"
+>8.5.15. filter</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Get rid of HTML and JavaScript annoyances, banner advertisements (by size), 
+         do fun text replacements, add personalized effects, etc.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    All instances of text-based type, most notably HTML and JavaScript, to which
+    this action applies, can be filtered on-the-fly through the specified regular
+    expression based substitutions. (Note: as of version 3.0.3 plain text documents
+    are exempted from filtering, because web servers often use the
+   <TT
+CLASS="LITERAL"
+>text/plain</TT
+> MIME type for all files whose type they don't know.)
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    The name of a content filter, as defined in the <A
+HREF="filter-file.html"
+>filter file</A
+>.
+    Filters can be defined in one or more  files as defined by the 
+    <TT
+CLASS="LITERAL"
+><A
+HREF="config.html#FILTERFILE"
+>filterfile</A
+></TT
+>
+    option in the <A
+HREF="config.html"
+>config file</A
+>. 
+    <TT
+CLASS="FILENAME"
+>default.filter</TT
+> is the collection of filters 
+    supplied by the developers. Locally defined filters should go 
+    in their own file, such as <TT
+CLASS="FILENAME"
+>user.filter</TT
+>.
+   </P
+><P
+>     When used in its negative form,
+     and without parameters, <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>all</I
+></SPAN
+> filtering is completely disabled.
+  </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    For your convenience, there are a number of pre-defined filters available 
+    in the distribution filter file that you can use. See the examples below for
+    a list.
+   </P
+><P
+>    Filtering requires buffering the page content, which may appear to
+    slow down page rendering since nothing is displayed until all content has
+    passed the filters. (It does not really take longer, but seems that way
+    since the page is not incrementally displayed.) This effect will be more
+    noticeable on slower connections.
+   </P
+><P
+>   <SPAN
+CLASS="QUOTE"
+>"Rolling your own"</SPAN
+>
+    filters requires a knowledge of 
+     <A
+HREF="http://en.wikipedia.org/wiki/Regular_expressions"
+TARGET="_top"
+><SPAN
+CLASS="QUOTE"
+>"Regular
+     Expressions"</SPAN
+></A
+> and 
+      <A
+HREF="http://en.wikipedia.org/wiki/Html"
+TARGET="_top"
+><SPAN
+CLASS="QUOTE"
+>"HTML"</SPAN
+></A
+>.
+    This is very powerful feature, and potentially very intrusive. 
+    Filters should be used with caution, and where an equivalent
+    <SPAN
+CLASS="QUOTE"
+>"action"</SPAN
+> is not available.
+   </P
+><P
+>    The amount of data that can be filtered is limited to the 
+    <TT
+CLASS="LITERAL"
+><A
+HREF="config.html#BUFFER-LIMIT"
+>buffer-limit</A
+></TT
+>
+    option in the main <A
+HREF="config.html"
+>config file</A
+>. The 
+    default is 4096 KB (4 Megs). Once this limit is exceeded, the buffered
+    data, and all pending data, is passed through unfiltered. 
+   </P
+><P
+>    Inappropriate MIME types, such as zipped files, are not filtered at all.
+    (Again, only text-based types except plain text). Encrypted SSL data
+    (from HTTPS servers) cannot be filtered either, since this would violate
+    the integrity of the secure transaction. In some situations it might
+    be necessary to protect certain text, like source code, from filtering
+    by defining appropriate <TT
+CLASS="LITERAL"
+>-filter</TT
+> exceptions.
+   </P
+><P
+>    Compressed content can't be filtered either, unless <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+    is compiled with zlib support (requires at least <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 3.0.7),
+    in which case <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will decompress the content before filtering
+    it.
+   </P
+><P
+>    If you use a <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> version without zlib support, but want filtering to work on
+    as much documents as possible, even those that would normally be sent compressed,
+    you must use the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#PREVENT-COMPRESSION"
+>prevent-compression</A
+></TT
+>
+    action in conjunction with <TT
+CLASS="LITERAL"
+>filter</TT
+>.
+   </P
+><P
+>    Content filtering can achieve some of the same effects as the 
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+>
+    action, i.e. it can be used to block ads and banners. But the mechanism 
+    works quite differently. One effective use, is to block ad banners 
+    based on their size (see below), since many of these seem to be somewhat 
+    standardized.
+   </P
+><P
+>    <A
+HREF="contact.html"
+>Feedback</A
+> with suggestions for new or
+    improved filters is particularly welcome!
+   </P
+><P
+>    The below list has only the names and a one-line description of each
+    predefined filter. There are <A
+HREF="filter-file.html#PREDEFINED-FILTERS"
+>more
+    verbose explanations</A
+> of what these filters do in the <A
+HREF="filter-file.html"
+>filter file chapter</A
+>.
+   </P
+></DD
+><DT
+>Example usage (with filters from the distribution <TT
+CLASS="FILENAME"
+>default.filter</TT
+> file).
+  See <A
+HREF="filter-file.html#PREDEFINED-FILTERS"
+>the Predefined Filters section</A
+> for 
+  more explanation on each:</DT
+><DD
+><P
+>    <A
+NAME="FILTER-JS-ANNOYANCES"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{js-annoyances}       # Get rid of particularly annoying JavaScript abuse.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-JS-EVENTS"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{js-events}           # Kill all JS event bindings and timers (Radically destructive! Only for extra nasty sites).</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-HTML-ANNOYANCES"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{html-annoyances}     # Get rid of particularly annoying HTML abuse.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-CONTENT-COOKIES"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{content-cookies}     # Kill cookies that come in the HTML or JS content.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-REFRESH-TAGS"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{refresh-tags}        # Kill automatic refresh tags (for dial-on-demand setups).</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-UNSOLICITED-POPUPS"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{unsolicited-popups}  # Disable only unsolicited pop-up windows. Useful if your browser lacks this ability.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-ALL-POPUPS"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{all-popups}          # Kill all popups in JavaScript and HTML. Useful if your browser lacks this ability.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-IMG-REORDER"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{img-reorder}         # Reorder attributes in <img> tags to make the banners-by-* filters more effective.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-BANNERS-BY-SIZE"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{banners-by-size}     # Kill banners by size.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-BANNERS-BY-LINK"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{banners-by-link}     # Kill banners by their links to known clicktrackers.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-WEBBUGS"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{webbugs}             # Squish WebBugs (1x1 invisible GIFs used for user tracking).</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-TINY-TEXTFORMS"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{tiny-textforms}      # Extend those tiny textareas up to 40x80 and kill the hard wrap.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-JUMPING-WINDOWS"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{jumping-windows}     # Prevent windows from resizing and moving themselves.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-FRAMESET-BORDERS"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{frameset-borders}    # Give frames a border and make them resizable.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-DEMORONIZER"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{demoronizer}         # Fix MS's non-standard use of standard charsets.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-SHOCKWAVE-FLASH"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{shockwave-flash}     # Kill embedded Shockwave Flash objects.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-QUICKTIME-KIOSKMODE"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{quicktime-kioskmode} # Make Quicktime movies saveable.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-FUN"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{fun}                 # Text replacements for subversive browsing fun!</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-CRUDE-PARENTAL"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{crude-parental}      # Crude parental filtering. Note that this filter doesn't work reliably.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-IE-EXPLOITS"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{ie-exploits}         # Disable some known Internet Explorer bug exploits.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-SITE-SPECIFICS"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{site-specifics}      # Cure for site-specific problems. Don't apply generally!</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-NO-PING"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{no-ping}             # Removes non-standard ping attributes in <a> and <area> tags.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-GOOGLE"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{google}              # CSS-based block for Google text ads. Also removes a width limitation and the toolbar advertisement.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-YAHOO"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{yahoo}               # CSS-based block for Yahoo text ads. Also removes a width limitation.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-MSN"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{msn}                 # CSS-based block for MSN text ads. Also removes tracking URLs and a width limitation.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    <A
+NAME="FILTER-BLOGSPOT"
+></A
+>
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+filter{blogspot}            # Cleans up some Blogspot blogs. Read the fine print before using this.</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="FORCE-TEXT-MODE"
+>8.5.16. force-text-mode</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Force <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to treat a document as if it was in some kind of <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>text</I
+></SPAN
+> format.   </P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Declares a document as text, even if the <SPAN
+CLASS="QUOTE"
+>"Content-Type:"</SPAN
+> isn't detected as such.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Boolean.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    N/A
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    As explained <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#FILTER"
+>above</A
+></TT
+>,
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> tries to only filter files that are
+    in some kind of text format. The same restrictions apply to
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#CONTENT-TYPE-OVERWRITE"
+>content-type-overwrite</A
+></TT
+>.
+    <TT
+CLASS="LITERAL"
+>force-text-mode</TT
+> declares a document as text,
+    without looking at the <SPAN
+CLASS="QUOTE"
+>"Content-Type:"</SPAN
+> first.
+   </P
+><DIV
+CLASS="WARNING"
+><P
+></P
+><TABLE
+CLASS="WARNING"
+BORDER="1"
+WIDTH="90%"
+><TR
+><TD
+ALIGN="CENTER"
+><B
+>Warning</B
+></TD
+></TR
+><TR
+><TD
+ALIGN="LEFT"
+><P
+>     Think twice before activating this action. Filtering binary data
+     with regular expressions can cause file damage.
+    </P
+></TD
+></TR
+></TABLE
+></DIV
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+force-text-mode
+     </PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="FORWARD-OVERRIDE"
+>8.5.17. forward-override</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Change the forwarding settings based on User-Agent or request origin</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Overrules the forward directives in the configuration file.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Multi-value.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+></P
+><UL
+><LI
+><P
+><SPAN
+CLASS="QUOTE"
+>"forward ."</SPAN
+> to use a direct connection without any additional proxies.</P
+></LI
+><LI
+><P
+>      <SPAN
+CLASS="QUOTE"
+>"forward 127.0.0.1:8123"</SPAN
+> to use the HTTP proxy listening at 127.0.0.1 port 8123.
+     </P
+></LI
+><LI
+><P
+>      <SPAN
+CLASS="QUOTE"
+>"forward-socks4a 127.0.0.1:9050 ."</SPAN
+> to use the socks4a proxy listening at
+      127.0.0.1 port 9050. Replace <SPAN
+CLASS="QUOTE"
+>"forward-socks4a"</SPAN
+> with <SPAN
+CLASS="QUOTE"
+>"forward-socks4"</SPAN
+>
+      to use a socks4 connection  (with local DNS resolution) instead, use <SPAN
+CLASS="QUOTE"
+>"forward-socks5"</SPAN
+>
+      for socks5 connections (with remote DNS resolution).
+     </P
+></LI
+><LI
+><P
+>      <SPAN
+CLASS="QUOTE"
+>"forward-socks4a 127.0.0.1:9050 proxy.example.org:8000"</SPAN
+> to use the socks4a proxy
+      listening at 127.0.0.1 port 9050 to reach the HTTP proxy listening at proxy.example.org port 8000.
+      Replace <SPAN
+CLASS="QUOTE"
+>"forward-socks4a"</SPAN
+> with <SPAN
+CLASS="QUOTE"
+>"forward-socks4"</SPAN
+> to use a socks4 connection
+      (with local DNS resolution) instead, use <SPAN
+CLASS="QUOTE"
+>"forward-socks5"</SPAN
+>
+      for socks5 connections (with remote DNS resolution).
+     </P
+></LI
+></UL
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    This action takes parameters similar to the
+    <A
+HREF="config.html#FORWARDING"
+>forward</A
+> directives in the configuration
+    file, but without the URL pattern. It can be used as replacement, but normally it's only
+    used in cases where matching based on the request URL isn't sufficient.
+   </P
+><DIV
+CLASS="WARNING"
+><P
+></P
+><TABLE
+CLASS="WARNING"
+BORDER="1"
+WIDTH="90%"
+><TR
+><TD
+ALIGN="CENTER"
+><B
+>Warning</B
+></TD
+></TR
+><TR
+><TD
+ALIGN="LEFT"
+><P
+>     Please read the description for the <A
+HREF="config.html#FORWARDING"
+>forward</A
+> directives before
+     using this action. Forwarding to the wrong people will reduce your privacy and increase the
+     chances of man-in-the-middle attacks.
+    </P
+><P
+>     If the ports are missing or invalid, default values will be used. This might change
+     in the future and you shouldn't rely on it. Otherwise incorrect syntax causes Privoxy
+     to exit.
+    </P
+><P
+>     Use the <A
+HREF="http://config.privoxy.org/show-url-info"
+TARGET="_top"
+>show-url-info CGI page</A
+>
+     to verify that your forward settings do what you thought the do.
+    </P
+></TD
+></TR
+></TABLE
+></DIV
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Always use direct connections for requests previously tagged as
+# <SPAN
+CLASS="QUOTE"
+>"User-Agent: fetch libfetch/2.0"</SPAN
+> and make sure
+# resuming downloads continues to work.
+# This way you can continue to use Tor for your normal browsing,
+# without overloading the Tor network with your FreeBSD ports updates
+# or downloads of bigger files like ISOs.
+# Note that HTTP headers are easy to fake and therefore their
+# values are as (un)trustworthy as your clients and users.
+{+forward-override{forward .} \
+ -hide-if-modified-since      \
+ -overwrite-last-modified     \
+}
+TAG:^User-Agent: fetch libfetch/2\.0$
+     </PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="HANDLE-AS-EMPTY-DOCUMENT"
+>8.5.18. handle-as-empty-document</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Mark URLs that should be replaced by empty documents <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>if they get blocked</I
+></SPAN
+></P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    This action alone doesn't do anything noticeable. It just marks URLs.
+    If the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+> action <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>also applies</I
+></SPAN
+>,
+    the presence or absence of this mark decides whether an HTML <SPAN
+CLASS="QUOTE"
+>"BLOCKED"</SPAN
+>
+    page, or an empty document will be sent to the client as a substitute for the blocked content.
+    The <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>empty</I
+></SPAN
+> document isn't literally empty, but actually contains a single space.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Boolean.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    N/A
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    Some browsers complain about syntax errors if JavaScript documents
+    are blocked with <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+>
+    default HTML page; this option can be used to silence them.
+    And of course this action can also be used to eliminate the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+    BLOCKED message in frames.
+   </P
+><P
+>    The content type for the empty document can be specified with
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#CONTENT-TYPE-OVERWRITE"
+>content-type-overwrite{}</A
+></TT
+>,
+    but usually this isn't necessary.
+   </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Block all documents on example.org that end with ".js",
+# but send an empty document instead of the usual HTML message. 
+{+block{Blocked JavaScript} +handle-as-empty-document}
+example.org/.*\.js$
+     </PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="HANDLE-AS-IMAGE"
+>8.5.19. handle-as-image</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Mark URLs as belonging to images (so they'll be replaced by images <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>if they do get blocked</I
+></SPAN
+>, rather than HTML pages)</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    This action alone doesn't do anything noticeable. It just marks URLs as images.
+    If the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+> action <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>also applies</I
+></SPAN
+>,
+    the presence or absence of this mark decides whether an HTML <SPAN
+CLASS="QUOTE"
+>"blocked"</SPAN
+>
+    page, or a replacement image (as determined by the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#SET-IMAGE-BLOCKER"
+>set-image-blocker</A
+></TT
+> action) will be sent to the
+    client as a substitute for the blocked content.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Boolean.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    N/A
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    The below generic example section is actually part of <TT
+CLASS="FILENAME"
+>default.action</TT
+>.
+    It marks all URLs with well-known image file name extensions as images and should
+    be left intact. 
+   </P
+><P
+>    Users will probably only want to use the handle-as-image action in conjunction with
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+>, to block sources of banners, whose URLs don't
+    reflect the file type, like in the second example section.
+   </P
+><P
+>    Note that you cannot treat HTML pages as images in most cases. For instance, (in-line) ad
+    frames require an HTML page to be sent, or they won't display properly.
+    Forcing <TT
+CLASS="LITERAL"
+>handle-as-image</TT
+> in this situation will not replace the
+    ad frame with an image, but lead to error messages.
+   </P
+></DD
+><DT
+>Example usage (sections):</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Generic image extensions:
+#
+{+handle-as-image}
+/.*\.(gif|jpg|jpeg|png|bmp|ico)$
+
+# These don't look like images, but they're banners and should be
+# blocked as images:
+#
+{+block{Nasty banners.} +handle-as-image}
+nasty-banner-server.example.com/junk.cgi\?output=trash</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="HIDE-ACCEPT-LANGUAGE"
+>8.5.20. hide-accept-language</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Pretend to use different language settings.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Deletes or replaces the <SPAN
+CLASS="QUOTE"
+>"Accept-Language:"</SPAN
+> HTTP header in client requests.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    Keyword: <SPAN
+CLASS="QUOTE"
+>"block"</SPAN
+>, or any user defined value.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    Faking the browser's language settings can be useful to make a
+    foreign User-Agent set with
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#HIDE-USER-AGENT"
+>hide-user-agent</A
+></TT
+>
+    more believable.
+   </P
+><P
+>    However some sites with content in different languages check the
+    <SPAN
+CLASS="QUOTE"
+>"Accept-Language:"</SPAN
+> to decide which one to take by default.
+    Sometimes it isn't possible to later switch to another language without
+    changing the <SPAN
+CLASS="QUOTE"
+>"Accept-Language:"</SPAN
+> header first.
+   </P
+><P
+>    Therefore it's a good idea to either only change the
+    <SPAN
+CLASS="QUOTE"
+>"Accept-Language:"</SPAN
+> header to languages you understand,
+    or to languages that aren't wide spread.
+   </P
+><P
+>    Before setting the <SPAN
+CLASS="QUOTE"
+>"Accept-Language:"</SPAN
+> header
+    to a rare language, you should consider that it helps to
+    make your requests unique and thus easier to trace.
+    If you don't plan to change this header frequently,
+    you should stick to a common language. 
+   </P
+></DD
+><DT
+>Example usage (section):</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Pretend to use Canadian language settings.
+{+hide-accept-language{en-ca} \
++hide-user-agent{Mozilla/5.0 (X11; U; OpenBSD i386; en-CA; rv:1.8.0.4) Gecko/20060628 Firefox/1.5.0.4} \
+}
+/   </PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="HIDE-CONTENT-DISPOSITION"
+>8.5.21. hide-content-disposition</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Prevent download menus for content you prefer to view inside the browser.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Deletes or replaces the <SPAN
+CLASS="QUOTE"
+>"Content-Disposition:"</SPAN
+> HTTP header set by some servers.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    Keyword: <SPAN
+CLASS="QUOTE"
+>"block"</SPAN
+>, or any user defined value.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    Some servers set the <SPAN
+CLASS="QUOTE"
+>"Content-Disposition:"</SPAN
+> HTTP header for
+    documents they assume you want to save locally before viewing them.
+    The <SPAN
+CLASS="QUOTE"
+>"Content-Disposition:"</SPAN
+> header contains the file name
+    the browser is supposed to use by default.
+   </P
+><P
+>    In most browsers that understand this header, it makes it impossible to
+    <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>just view</I
+></SPAN
+> the document, without downloading it first,
+    even if it's just a simple text file or an image.
+   </P
+><P
+>    Removing the <SPAN
+CLASS="QUOTE"
+>"Content-Disposition:"</SPAN
+> header helps
+    to prevent this annoyance, but some browsers additionally check the
+    <SPAN
+CLASS="QUOTE"
+>"Content-Type:"</SPAN
+> header, before they decide if they can
+    display a document without saving it first. In these cases, you have
+    to change this header as well, before the browser stops displaying
+    download menus.
+   </P
+><P
+>    It is also possible to change the server's file name suggestion
+    to another one, but in most cases it isn't worth the time to set
+    it up.
+   </P
+><P
+>    This action will probably be removed in the future,
+    use server-header filters instead.
+   </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Disarm the download link in Sourceforge's patch tracker
+{ -filter \
+ +content-type-overwrite{text/plain}\
+ +hide-content-disposition{block} }
+ .sourceforge.net/tracker/download\.php</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="HIDE-IF-MODIFIED-SINCE"
+>8.5.22. hide-if-modified-since</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Prevent yet another way to track the user's steps between sessions.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Deletes the <SPAN
+CLASS="QUOTE"
+>"If-Modified-Since:"</SPAN
+> HTTP client header or modifies its value. 
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    Keyword: <SPAN
+CLASS="QUOTE"
+>"block"</SPAN
+>, or a user defined value that specifies a range of hours.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    Removing this header is useful for filter testing, where you want to force a real
+    reload instead of getting status code <SPAN
+CLASS="QUOTE"
+>"304"</SPAN
+>, which would cause the
+    browser to use a cached copy of the page.
+   </P
+><P
+>    Instead of removing the header, <TT
+CLASS="LITERAL"
+>hide-if-modified-since</TT
+> can
+    also add or subtract a random amount of time to/from the header's value.
+    You specify a range of minutes where the random factor should be chosen from and
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> does the rest. A negative value means
+    subtracting, a positive value adding.
+   </P
+><P
+>    Randomizing the value of the <SPAN
+CLASS="QUOTE"
+>"If-Modified-Since:"</SPAN
+> makes
+    it less likely that the server can use the time as a cookie replacement,
+    but you will run into caching problems if the random range is too high.
+   </P
+><P
+>    It is a good idea to only use a small negative value and let
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#OVERWRITE-LAST-MODIFIED"
+>overwrite-last-modified</A
+></TT
+>
+    handle the greater changes.
+   </P
+><P
+>    It is also recommended to use this action together with
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#CRUNCH-IF-NONE-MATCH"
+>crunch-if-none-match</A
+></TT
+>,
+    otherwise it's more or less pointless.
+   </P
+></DD
+><DT
+>Example usage (section):</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Let the browser revalidate but make tracking based on the time less likely.
+{+hide-if-modified-since{-60} \
+ +overwrite-last-modified{randomize} \
+ +crunch-if-none-match}
+/</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="HIDE-FROM-HEADER"
+>8.5.23. hide-from-header</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Keep your (old and ill) browser from telling web servers your email address</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Deletes any existing <SPAN
+CLASS="QUOTE"
+>"From:"</SPAN
+> HTTP header, or replaces it with the
+    specified string.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    Keyword: <SPAN
+CLASS="QUOTE"
+>"block"</SPAN
+>, or any user defined value.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    The keyword <SPAN
+CLASS="QUOTE"
+>"block"</SPAN
+> will completely remove the header 
+    (not to be confused with the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+>
+    action).
+   </P
+><P
+>    Alternately, you can specify any value you prefer to be sent to the web
+    server. If you do, it is a matter of fairness not to use any address that
+    is actually used by a real person.
+   </P
+><P
+>    This action is rarely needed, as modern web browsers don't send
+    <SPAN
+CLASS="QUOTE"
+>"From:"</SPAN
+> headers anymore.
+   </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+hide-from-header{block}</PRE
+></TD
+></TR
+></TABLE
+> or
+    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+hide-from-header{spam-me-senseless at sittingduck.example.com}</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="HIDE-REFERRER"
+>8.5.24. hide-referrer</A
+></H4
+><A
+NAME="HIDE-REFERER"
+></A
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Conceal which link you followed to get to a particular site</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Deletes the <SPAN
+CLASS="QUOTE"
+>"Referer:"</SPAN
+> (sic) HTTP header from the client request,
+    or replaces it with a forged one.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+></P
+><UL
+><LI
+><P
+><SPAN
+CLASS="QUOTE"
+>"conditional-block"</SPAN
+> to delete the header completely if the host has changed.</P
+></LI
+><LI
+><P
+><SPAN
+CLASS="QUOTE"
+>"conditional-forge"</SPAN
+> to forge the header if the host has changed.</P
+></LI
+><LI
+><P
+><SPAN
+CLASS="QUOTE"
+>"block"</SPAN
+> to delete the header unconditionally.</P
+></LI
+><LI
+><P
+><SPAN
+CLASS="QUOTE"
+>"forge"</SPAN
+> to pretend to be coming from the homepage of the server we are talking to.</P
+></LI
+><LI
+><P
+>Any other string to set a user defined referrer.</P
+></LI
+></UL
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    <TT
+CLASS="LITERAL"
+>conditional-block</TT
+> is the only parameter,
+    that isn't easily detected in the server's log file. If it blocks the
+    referrer, the request will look like the visitor used a bookmark or
+    typed in the address directly.
+   </P
+><P
+>    Leaving the referrer unmodified for requests on the same host
+    allows the server owner to see the visitor's <SPAN
+CLASS="QUOTE"
+>"click path"</SPAN
+>,
+    but in most cases she could also get that information by comparing
+    other parts of the log file: for example the User-Agent if it isn't
+    a very common one, or the user's IP address if it doesn't change between
+    different requests.
+   </P
+><P
+>    Always blocking the referrer, or using a custom one, can lead to
+    failures on servers that check the referrer before they answer any
+    requests, in an attempt to prevent their content from being
+    embedded or linked to elsewhere.
+   </P
+><P
+>    Both <TT
+CLASS="LITERAL"
+>conditional-block</TT
+> and <TT
+CLASS="LITERAL"
+>forge</TT
+>
+    will work with referrer checks, as long as content and valid referring page
+    are on the same host. Most of the time that's the case.
+   </P
+><P
+>  
+    <TT
+CLASS="LITERAL"
+>hide-referer</TT
+> is an alternate spelling of
+    <TT
+CLASS="LITERAL"
+>hide-referrer</TT
+> and the two can be can be freely
+    substituted with each other. (<SPAN
+CLASS="QUOTE"
+>"referrer"</SPAN
+> is the
+    correct English spelling, however the HTTP specification has a bug - it
+    requires it to be spelled as <SPAN
+CLASS="QUOTE"
+>"referer"</SPAN
+>.) 
+   </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+hide-referrer{forge}</PRE
+></TD
+></TR
+></TABLE
+> or
+     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+hide-referrer{http://www.yahoo.com/}</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="HIDE-USER-AGENT"
+>8.5.25. hide-user-agent</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Try to conceal your type of browser and client operating system</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Replaces the value of the <SPAN
+CLASS="QUOTE"
+>"User-Agent:"</SPAN
+> HTTP header
+    in client requests with the specified value.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    Any user-defined string.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><DIV
+CLASS="WARNING"
+><P
+></P
+><TABLE
+CLASS="WARNING"
+BORDER="1"
+WIDTH="90%"
+><TR
+><TD
+ALIGN="CENTER"
+><B
+>Warning</B
+></TD
+></TR
+><TR
+><TD
+ALIGN="LEFT"
+><P
+>     This can lead to problems on web sites that depend on looking at this header in
+     order to customize their content for different browsers (which, by the
+     way, is <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>NOT</I
+></SPAN
+> the right thing to do: good web sites
+     work browser-independently). 
+    </P
+></TD
+></TR
+></TABLE
+></DIV
+><P
+>    Using this action in multi-user setups or wherever different types of
+    browsers will access the same <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is
+    <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not recommended</I
+></SPAN
+>. In single-user, single-browser
+    setups, you might use it to delete your OS version information from
+    the headers, because it is an invitation to exploit known bugs for your
+    OS. It is also occasionally useful to forge this in order to access 
+    sites that won't let you in otherwise (though there may be a good 
+    reason in some cases). Example of this: some MSN sites will not 
+    let <SPAN
+CLASS="APPLICATION"
+>Mozilla</SPAN
+> enter, yet forging to a 
+    <SPAN
+CLASS="APPLICATION"
+>Netscape 6.1</SPAN
+> user-agent works just fine.
+    (Must be just a silly MS goof, I'm sure :-).
+   </P
+><P
+>     More information on known user-agent strings can be found at 
+     <A
+HREF="http://www.user-agents.org/"
+TARGET="_top"
+>http://www.user-agents.org/</A
+>
+     and 
+     <A
+HREF="http://en.wikipedia.org/wiki/User_agent"
+TARGET="_top"
+>http://en.wikipedia.org/wiki/User_agent</A
+>.
+   </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+hide-user-agent{Netscape 6.1 (X11; I; Linux 2.4.18 i686)}</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="LIMIT-CONNECT"
+>8.5.26. limit-connect</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Prevent abuse of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> as a TCP proxy relay or disable SSL for untrusted sites</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Specifies to which ports HTTP CONNECT requests are allowable.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    A comma-separated list of ports or port ranges (the latter using dashes, with the minimum
+    defaulting to 0 and the maximum to 65K).
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    By default, i.e. if no <TT
+CLASS="LITERAL"
+>limit-connect</TT
+> action applies,
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> allows HTTP CONNECT requests to all
+    ports. Use <TT
+CLASS="LITERAL"
+>limit-connect</TT
+> if fine-grained control
+    is desired for some or all destinations.
+   </P
+><P
+>    The CONNECT methods exists in HTTP to allow access to secure websites
+    (<SPAN
+CLASS="QUOTE"
+>"https://"</SPAN
+> URLs) through proxies. It works very simply:
+    the proxy connects to the server on the specified port, and then
+    short-circuits its connections to the client and to the remote server.
+    This means CONNECT-enabled proxies can be used as TCP relays very easily.
+  </P
+><P
+>   <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> relays HTTPS traffic without seeing
+   the decoded content. Websites can leverage this limitation to circumvent <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>'s
+   filters. By specifying an invalid port range you can disable HTTPS entirely.
+  </P
+></DD
+><DT
+>Example usages:</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+limit-connect{443}                   # Port 443 is OK.
++limit-connect{80,443}                # Ports 80 and 443 are OK.
++limit-connect{-3, 7, 20-100, 500-}   # Ports less than 3, 7, 20 to 100 and above 500 are OK.
++limit-connect{-}                     # All ports are OK
++limit-connect{,}                     # No HTTPS/SSL traffic is allowed</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="PREVENT-COMPRESSION"
+>8.5.27. prevent-compression</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>    Ensure that servers send the content uncompressed, so it can be
+    passed through <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#FILTER"
+>filter</A
+></TT
+>s.
+   </P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Removes the Accept-Encoding header which can be used to ask for compressed transfer.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Boolean.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    N/A
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    More and more websites send their content compressed by default, which
+    is generally a good idea and saves bandwidth. But the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#FILTER"
+>filter</A
+></TT
+> and
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#DEANIMATE-GIFS"
+>deanimate-gifs</A
+></TT
+>
+    actions need access to the uncompressed data.
+   </P
+><P
+>    When compiled with zlib support (available since <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 3.0.7), content that should be
+    filtered is decompressed on-the-fly and you don't have to worry about this action.
+    If you are using an older <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> version, or one that hasn't been compiled with zlib
+    support, this action can be used to convince the server to send the content uncompressed.
+   </P
+><P
+>    Most text-based instances compress very well, the size is seldom decreased by less than 50%,
+    for markup-heavy instances like news feeds saving more than 90% of the original size isn't
+    unusual. 
+   </P
+><P
+>    Not using compression will therefore slow down the transfer, and you should only
+    enable this action if you really need it. As of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 3.0.7 it's disabled in all
+    predefined action settings.
+   </P
+><P
+>    Note that some (rare) ill-configured sites don't handle requests for uncompressed
+    documents correctly. Broken PHP applications tend to send an empty document body,
+    some IIS versions only send the beginning of the content. If you enable
+    <TT
+CLASS="LITERAL"
+>prevent-compression</TT
+> per default, you might want to add
+    exceptions for those sites. See the example for how to do that.
+   </P
+></DD
+><DT
+>Example usage (sections):</DT
+><DD
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Selectively turn off compression, and enable a filter
+#
+{ +filter{tiny-textforms} +prevent-compression }
+# Match only these sites
+ .google.
+ sourceforge.net
+ sf.net
+
+# Or instead, we could set a universal default:
+#
+{ +prevent-compression }
+ / # Match all sites
+
+# Then maybe make exceptions for broken sites:
+#
+{ -prevent-compression }
+.compusa.com/</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="OVERWRITE-LAST-MODIFIED"
+>8.5.28. overwrite-last-modified</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Prevent yet another way to track the user's steps between sessions.</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Deletes the <SPAN
+CLASS="QUOTE"
+>"Last-Modified:"</SPAN
+> HTTP server header or modifies its value. 
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    One of the keywords: <SPAN
+CLASS="QUOTE"
+>"block"</SPAN
+>, <SPAN
+CLASS="QUOTE"
+>"reset-to-request-time"</SPAN
+>
+    and <SPAN
+CLASS="QUOTE"
+>"randomize"</SPAN
+>
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    Removing the <SPAN
+CLASS="QUOTE"
+>"Last-Modified:"</SPAN
+> header is useful for filter
+    testing, where you want to force a real reload instead of getting status
+    code <SPAN
+CLASS="QUOTE"
+>"304"</SPAN
+>, which would cause the browser to reuse the old
+    version of the page.
+   </P
+><P
+>    The <SPAN
+CLASS="QUOTE"
+>"randomize"</SPAN
+> option overwrites the value of the
+    <SPAN
+CLASS="QUOTE"
+>"Last-Modified:"</SPAN
+> header with a randomly chosen time
+    between the original value and the current time. In theory the server
+    could send each document with a different <SPAN
+CLASS="QUOTE"
+>"Last-Modified:"</SPAN
+>
+    header to track visits without using cookies. <SPAN
+CLASS="QUOTE"
+>"Randomize"</SPAN
+>
+    makes it impossible and the browser can still revalidate cached documents. 
+   </P
+><P
+>    <SPAN
+CLASS="QUOTE"
+>"reset-to-request-time"</SPAN
+> overwrites the value of the
+    <SPAN
+CLASS="QUOTE"
+>"Last-Modified:"</SPAN
+> header with the current time. You could use
+    this option together with
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#HIDE-IF-MODIFIED-SINCE"
+>hide-if-modified-since</A
+></TT
+>
+    to further customize your random range.
+   </P
+><P
+>    The preferred parameter here is <SPAN
+CLASS="QUOTE"
+>"randomize"</SPAN
+>. It is safe
+    to use, as long as the time settings are more or less correct.
+    If the server sets the <SPAN
+CLASS="QUOTE"
+>"Last-Modified:"</SPAN
+> header to the time
+    of the request, the random range becomes zero and the value stays the same.
+    Therefore you should later randomize it a second time with
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#HIDE-IF-MODIFIED-SINCE"
+>hided-if-modified-since</A
+></TT
+>,
+    just to be sure. 
+   </P
+><P
+>    It is also recommended to use this action together with
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#CRUNCH-IF-NONE-MATCH"
+>crunch-if-none-match</A
+></TT
+>.
+   </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Let the browser revalidate without being tracked across sessions
+{ +hide-if-modified-since{-60} \
+ +overwrite-last-modified{randomize} \
+ +crunch-if-none-match}
+/</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="REDIRECT"
+>8.5.29. redirect</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>    Redirect requests to other sites.
+   </P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Convinces the browser that the requested document has been moved
+    to another location and the browser should get it from there.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    An absolute URL or a single pcrs command.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    Requests to which this action applies are answered with a
+    HTTP redirect to URLs of your choosing. The new URL is
+    either provided as parameter, or derived by applying a
+    single pcrs command to the original URL.
+   </P
+><P
+>    This action will be ignored if you use it together with
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+>.
+    It can be combined with
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#FAST-REDIRECTS"
+>fast-redirects{check-decoded-url}</A
+></TT
+>
+    to redirect to a decoded version of a rewritten URL.
+   </P
+><P
+>    Use this action carefully, make sure not to create redirection loops
+    and be aware that using your own redirects might make it
+    possible to fingerprint your requests.
+   </P
+><P
+>    In case of problems with your redirects, or simply to watch
+    them working, enable <A
+HREF="config.html#DEBUG"
+>debug 128</A
+>.
+   </P
+></DD
+><DT
+>Example usages:</DT
+><DD
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Replace example.com's style sheet with another one
+{ +redirect{http://localhost/css-replacements/example.com.css} }
+ example.com/stylesheet\.css
+
+# Create a short, easy to remember nickname for a favorite site
+# (relies on the browser accept and forward invalid URLs to <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>)
+{ +redirect{http://www.privoxy.org/user-manual/actions-file.html} }
+ a
+
+# Always use the expanded view for Undeadly.org articles
+# (Note the $ at the end of the URL pattern to make sure
+# the request for the rewritten URL isn't redirected as well)
+{+redirect{s@$@&mode=expanded@}}
+undeadly.org/cgi\?action=article&sid=\d*$
+
+# Redirect Google search requests to MSN
+{+redirect{s@^http://[^/]*/search\?q=([^&]*).*@http://search.msn.com/results.aspx?q=$1@}}
+.google.com/search
+
+# Redirect MSN search requests to Yahoo
+{+redirect{s@^http://[^/]*/results\.aspx\?q=([^&]*).*@http://search.yahoo.com/search?p=$1@}}
+search.msn.com//results\.aspx\?q=
+
+# Redirect remote requests for this manual
+# to the local version delivered by Privoxy
+{+redirect{s@^http://www@http://config@}}
+www.privoxy.org/user-manual/</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="SERVER-HEADER-FILTER"
+>8.5.30. server-header-filter</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>   Rewrite or remove single server headers.
+   </P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    All server headers to which this action applies are filtered on-the-fly
+    through the specified regular expression based substitutions.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    The name of a server-header filter, as defined in one of the
+    <A
+HREF="filter-file.html"
+>filter files</A
+>.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    Server-header filters are applied to each header on its own, not to
+    all at once. This makes it easier to diagnose problems, but on the downside
+    you can't write filters that only change header x if header y's value is z.
+    You can do that by using tags though.
+   </P
+><P
+>    Server-header filters are executed after the other header actions have finished
+    and use their output as input.
+   </P
+><P
+>    Please refer to the <A
+HREF="filter-file.html"
+>filter file chapter</A
+>
+    to learn which server-header filters are available by default, and how to
+    create your own.
+   </P
+></DD
+><DT
+>Example usage (section):</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>{+server-header-filter{html-to-xml}}
+example.org/xml-instance-that-is-delivered-as-html
+
+{+server-header-filter{xml-to-html}}
+example.org/instance-that-is-delivered-as-xml-but-is-not
+    </PRE
+></TD
+></TR
+></TABLE
+>
+    </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="SERVER-HEADER-TAGGER"
+>8.5.31. server-header-tagger</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>   Enable or disable filters based on the Content-Type header.
+   </P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Server headers to which this action applies are filtered on-the-fly through
+    the specified regular expression based substitutions, the result is used as
+    tag.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    The name of a server-header tagger, as defined in one of the
+    <A
+HREF="filter-file.html"
+>filter files</A
+>.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    Server-header taggers are applied to each header on its own,
+    and as the header isn't modified, each tagger <SPAN
+CLASS="QUOTE"
+>"sees"</SPAN
+>
+    the original.
+   </P
+><P
+>    Server-header taggers are executed before all other header actions
+    that modify server headers. Their tags can be used to control
+    all of the other server-header actions, the content filters
+    and the crunch actions (<A
+HREF="actions-file.html#REDIRECT"
+>redirect</A
+>
+    and <A
+HREF="actions-file.html#BLOCK"
+>block</A
+>).
+   </P
+><P
+>    Obviously crunching based on tags created by server-header taggers
+    doesn't prevent the request from showing up in the server's log file.
+   </P
+></DD
+><DT
+>Example usage (section):</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Tag every request with the content type declared by the server
+{+server-header-tagger{content-type}}
+/
+    </PRE
+></TD
+></TR
+></TABLE
+>
+    </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="SESSION-COOKIES-ONLY"
+>8.5.32. session-cookies-only</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>    Allow only temporary <SPAN
+CLASS="QUOTE"
+>"session"</SPAN
+> cookies (for the current
+    browser session <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>only</I
+></SPAN
+>). 
+   </P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>    Deletes the <SPAN
+CLASS="QUOTE"
+>"expires"</SPAN
+> field from <SPAN
+CLASS="QUOTE"
+>"Set-Cookie:"</SPAN
+>
+    server headers. Most browsers will not store such cookies permanently and
+    forget them in between sessions.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Boolean.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+>    N/A
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    This is less strict than <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#CRUNCH-INCOMING-COOKIES"
+>crunch-incoming-cookies</A
+></TT
+> / 
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#CRUNCH-OUTGOING-COOKIES"
+>crunch-outgoing-cookies</A
+></TT
+> and allows you to browse
+    websites that insist or rely on setting cookies, without compromising your privacy too badly.
+   </P
+><P
+>    Most browsers will not permanently store cookies that have been processed by
+    <TT
+CLASS="LITERAL"
+>session-cookies-only</TT
+> and will forget about them between sessions.
+    This makes profiling cookies useless, but won't break sites which require cookies so
+    that you can log in for transactions. This is generally turned on for all 
+    sites, and is the recommended setting.
+   </P
+><P
+>    It makes <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>no sense at all</I
+></SPAN
+> to use <TT
+CLASS="LITERAL"
+>session-cookies-only</TT
+>
+    together with <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#CRUNCH-INCOMING-COOKIES"
+>crunch-incoming-cookies</A
+></TT
+> or
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#CRUNCH-OUTGOING-COOKIES"
+>crunch-outgoing-cookies</A
+></TT
+>. If you do, cookies
+    will be plainly killed.
+   </P
+><P
+>    Note that it is up to the browser how it handles such cookies without an <SPAN
+CLASS="QUOTE"
+>"expires"</SPAN
+>
+    field. If you use an exotic browser, you might want to try it out to be sure.
+   </P
+><P
+>    This setting also has no effect on cookies that may have been stored
+    previously by the browser before starting <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>.
+    These would have to be removed manually.
+   </P
+><P
+>     <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> also uses  
+     the <A
+HREF="actions-file.html#FILTER-CONTENT-COOKIES"
+>content-cookies filter</A
+> 
+     to block some types of cookies. Content cookies are not effected by 
+     <TT
+CLASS="LITERAL"
+>session-cookies-only</TT
+>.
+   </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+>     <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+session-cookies-only</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="SET-IMAGE-BLOCKER"
+>8.5.33. set-image-blocker</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Typical use:</DT
+><DD
+><P
+>Choose the replacement for blocked images</P
+></DD
+><DT
+>Effect:</DT
+><DD
+><P
+>     This action alone doesn't do anything noticeable. If <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>both</I
+></SPAN
+>
+     <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+> <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>and</I
+></SPAN
+> <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#HANDLE-AS-IMAGE"
+>handle-as-image</A
+></TT
+> <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>also</I
+></SPAN
+>
+     apply, i.e. if the request is to be blocked as an image,
+     <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>then</I
+></SPAN
+> the parameter of this action decides what will be
+     sent as a replacement.
+   </P
+></DD
+><DT
+>Type:</DT
+><DD
+><P
+>Parameterized.</P
+></DD
+><DT
+>Parameter:</DT
+><DD
+><P
+></P
+><UL
+><LI
+><P
+>      <SPAN
+CLASS="QUOTE"
+>"pattern"</SPAN
+> to send a built-in checkerboard pattern image. The image is visually
+      decent, scales very well, and makes it obvious where banners were busted.
+     </P
+></LI
+><LI
+><P
+>      <SPAN
+CLASS="QUOTE"
+>"blank"</SPAN
+> to send a built-in transparent image. This makes banners disappear
+      completely, but makes it hard to detect where <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> has blocked
+      images on a given page and complicates troubleshooting if <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+      has blocked innocent images, like navigation icons.
+     </P
+></LI
+><LI
+><P
+>      <SPAN
+CLASS="QUOTE"
+>"<TT
+CLASS="REPLACEABLE"
+><I
+>target-url</I
+></TT
+>"</SPAN
+> to
+      send a redirect to <TT
+CLASS="REPLACEABLE"
+><I
+>target-url</I
+></TT
+>. You can redirect
+      to any image anywhere, even in your local filesystem via <SPAN
+CLASS="QUOTE"
+>"file:///"</SPAN
+> URL. 
+      (But note that not all browsers support redirecting to a local file system).
+     </P
+><P
+>      A good application of redirects is to use special <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>-built-in
+      URLs, which send the built-in images, as <TT
+CLASS="REPLACEABLE"
+><I
+>target-url</I
+></TT
+>.
+      This has the same visual effect as specifying <SPAN
+CLASS="QUOTE"
+>"blank"</SPAN
+> or <SPAN
+CLASS="QUOTE"
+>"pattern"</SPAN
+> in
+      the first place, but enables your browser to cache the replacement image, instead of requesting
+      it over and over again.
+     </P
+></LI
+></UL
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    The URLs for the built-in images are <SPAN
+CLASS="QUOTE"
+>"http://config.privoxy.org/send-banner?type=<TT
+CLASS="REPLACEABLE"
+><I
+>type</I
+></TT
+>"</SPAN
+>, where <TT
+CLASS="REPLACEABLE"
+><I
+>type</I
+></TT
+> is
+    either <SPAN
+CLASS="QUOTE"
+>"blank"</SPAN
+> or <SPAN
+CLASS="QUOTE"
+>"pattern"</SPAN
+>.
+   </P
+><P
+>    There is a third (advanced) type, called <SPAN
+CLASS="QUOTE"
+>"auto"</SPAN
+>. It is <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>NOT</I
+></SPAN
+> to be
+    used in <TT
+CLASS="LITERAL"
+>set-image-blocker</TT
+>, but meant for use from <A
+HREF="filter-file.html"
+>filters</A
+>.
+    Auto will select the type of image that would have applied to the referring page, had it been an image.
+   </P
+></DD
+><DT
+>Example usage:</DT
+><DD
+><P
+>    Built-in pattern:
+   </P
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+set-image-blocker{pattern}</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    Redirect to the BSD daemon:
+   </P
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+set-image-blocker{http://www.freebsd.org/gifs/dae_up3.gif}</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    Redirect to the built-in pattern for better caching:
+   </P
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>+set-image-blocker{http://config.privoxy.org/send-banner?type=pattern}</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="AEN4093"
+>8.5.34. Summary</A
+></H3
+><P
+> Note that many of these actions have the potential to cause a page to
+ misbehave, possibly even not to display at all. There are many ways 
+ a site designer may choose to design his site, and what HTTP header 
+ content, and other criteria, he may depend on. There is no way to have hard
+ and fast rules for all sites. See the <A
+HREF="appendix.html#ACTIONSANAT"
+>Appendix</A
+> for a brief example on troubleshooting
+ actions.</P
+></DIV
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="ALIASES"
+>8.6. Aliases</A
+></H2
+><P
+> Custom <SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+>, known to <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ as <SPAN
+CLASS="QUOTE"
+>"aliases"</SPAN
+>, can be defined by combining other actions.
+ These can in turn be invoked just like the built-in actions.
+ Currently, an alias name can contain any character except space, tab,
+ <SPAN
+CLASS="QUOTE"
+>"="</SPAN
+>,
+ <SPAN
+CLASS="QUOTE"
+>"{"</SPAN
+> and <SPAN
+CLASS="QUOTE"
+>"}"</SPAN
+>, but we <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>strongly 
+ recommend</I
+></SPAN
+> that you only use <SPAN
+CLASS="QUOTE"
+>"a"</SPAN
+> to <SPAN
+CLASS="QUOTE"
+>"z"</SPAN
+>,
+ <SPAN
+CLASS="QUOTE"
+>"0"</SPAN
+> to <SPAN
+CLASS="QUOTE"
+>"9"</SPAN
+>, <SPAN
+CLASS="QUOTE"
+>"+"</SPAN
+>, and <SPAN
+CLASS="QUOTE"
+>"-"</SPAN
+>.
+ Alias names are not case sensitive, and are not required to start with a
+ <SPAN
+CLASS="QUOTE"
+>"+"</SPAN
+> or <SPAN
+CLASS="QUOTE"
+>"-"</SPAN
+> sign, since they are merely textually
+ expanded.</P
+><P
+> Aliases can be used throughout the actions file, but they <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>must be
+ defined in a special section at the top of the file!</I
+></SPAN
+>
+ And there can only be one such section per actions file. Each actions file may
+ have its own alias section, and the aliases defined in it are only visible
+ within that file.</P
+><P
+> There are two main reasons to use aliases: One is to save typing for frequently
+ used combinations of actions, the other one is a gain in flexibility: If you
+ decide once how you want to handle shops by defining an alias called
+ <SPAN
+CLASS="QUOTE"
+>"shop"</SPAN
+>, you can later change your policy on shops in
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>one</I
+></SPAN
+> place, and your changes will take effect everywhere
+ in the actions file where the <SPAN
+CLASS="QUOTE"
+>"shop"</SPAN
+> alias is used. Calling aliases
+ by their purpose also makes your actions files more readable.</P
+><P
+> Currently, there is one big drawback to using aliases, though:
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>'s built-in web-based action file
+ editor honors aliases when reading the actions files, but it expands
+ them before writing. So the effects of your aliases are of course preserved,
+ but the aliases themselves are lost when you edit sections that use aliases
+ with it.</P
+><P
+> Now let's define some aliases...</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> # Useful custom aliases we can use later.
+ #
+ # Note the (required!) section header line and that this section
+ # must be at the top of the actions file!
+ #
+ {{alias}}
+
+ # These aliases just save typing later:
+ # (Note that some already use other aliases!)
+ #
+ +crunch-all-cookies = +<A
+HREF="actions-file.html#CRUNCH-INCOMING-COOKIES"
+>crunch-incoming-cookies</A
+> +<A
+HREF="actions-file.html#CRUNCH-OUTGOING-COOKIES"
+>crunch-outgoing-cookies</A
+>
+ -crunch-all-cookies = -<A
+HREF="actions-file.html#CRUNCH-INCOMING-COOKIES"
+>crunch-incoming-cookies</A
+> -<A
+HREF="actions-file.html#CRUNCH-OUTGOING-COOKIES"
+>crunch-outgoing-cookies</A
+>
+ +block-as-image      = +block{Blocked image.} +handle-as-image
+ allow-all-cookies   = -crunch-all-cookies -<A
+HREF="actions-file.html#SESSION-COOKIES-ONLY"
+>session-cookies-only</A
+> -<A
+HREF="actions-file.html#FILTER-CONTENT-COOKIES"
+>filter{content-cookies}</A
+>
+
+ # These aliases define combinations of actions
+ # that are useful for certain types of sites:
+ #
+ fragile     = -<A
+HREF="actions-file.html#BLOCK"
+>block</A
+> -<A
+HREF="actions-file.html#FILTER"
+>filter</A
+> -crunch-all-cookies -<A
+HREF="actions-file.html#FAST-REDIRECTS"
+>fast-redirects</A
+> -<A
+HREF="actions-file.html#HIDE-REFERER"
+>hide-referrer</A
+> -<A
+HREF="actions-file.html#PREVENT-COMPRESSION"
+>prevent-compression</A
+>
+
+ shop        = -crunch-all-cookies -<A
+HREF="actions-file.html#FILTER-ALL-POPUPS"
+>filter{all-popups}</A
+>
+
+ # Short names for other aliases, for really lazy people ;-)
+ #
+ c0 = +crunch-all-cookies
+ c1 = -crunch-all-cookies</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> ...and put them to use. These sections would appear in the lower part of an 
+ actions file and define exceptions to the default actions (as specified further
+ up for the <SPAN
+CLASS="QUOTE"
+>"/"</SPAN
+> pattern):</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> # These sites are either very complex or very keen on
+ # user data and require minimal interference to work:
+ #
+ {fragile}
+ .office.microsoft.com
+ .windowsupdate.microsoft.com
+ # Gmail is really mail.google.com, not gmail.com
+ mail.google.com
+
+ # Shopping sites:
+ # Allow cookies (for setting and retrieving your customer data)
+ #           
+ {shop}
+ .quietpc.com
+ .worldpay.com   # for quietpc.com
+ mybank.example.com
+
+ # These shops require pop-ups:
+ #
+ {-filter{all-popups} -filter{unsolicited-popups}}
+  .dabs.com
+  .overclockers.co.uk</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Aliases like <SPAN
+CLASS="QUOTE"
+>"shop"</SPAN
+> and <SPAN
+CLASS="QUOTE"
+>"fragile"</SPAN
+> are typically used for 
+ <SPAN
+CLASS="QUOTE"
+>"problem"</SPAN
+> sites that require more than one action to be disabled 
+ in order to function properly.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="ACT-EXAMPLES"
+>8.7. Actions Files Tutorial</A
+></H2
+><P
+> The above chapters have shown <A
+HREF="actions-file.html"
+>which actions files
+ there are and how they are organized</A
+>, how actions are <A
+HREF="actions-file.html#ACTIONS"
+>specified</A
+> and <A
+HREF="actions-file.html#ACTIONS-APPLY"
+>applied
+ to URLs</A
+>, how <A
+HREF="actions-file.html#AF-PATTERNS"
+>patterns</A
+> work, and how to
+ define and use <A
+HREF="actions-file.html#ALIASES"
+>aliases</A
+>. Now, let's look at an
+ example <TT
+CLASS="FILENAME"
+>match-all.action</TT
+>, <TT
+CLASS="FILENAME"
+>default.action</TT
+>
+ and <TT
+CLASS="FILENAME"
+>user.action</TT
+> file and see how all these pieces come together:</P
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="AEN4157"
+>8.7.1. match-all.action</A
+></H3
+><P
+> Remember <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>all actions are disabled when matching starts</I
+></SPAN
+>,
+ so we have to explicitly enable the ones we want.</P
+><P
+> While the <TT
+CLASS="FILENAME"
+>match-all.action</TT
+> file only contains a
+ single section, it is probably the most important one. It has only one
+ pattern, <SPAN
+CLASS="QUOTE"
+>"<TT
+CLASS="LITERAL"
+>/</TT
+>"</SPAN
+>, but this pattern
+ <A
+HREF="actions-file.html#AF-PATTERNS"
+>matches all URLs</A
+>. Therefore, the set of
+ actions used in this <SPAN
+CLASS="QUOTE"
+>"default"</SPAN
+> section <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>will
+ be applied to all requests as a start</I
+></SPAN
+>. It can  be partly or
+ wholly overridden by other actions files like <TT
+CLASS="FILENAME"
+>default.action</TT
+>
+ and <TT
+CLASS="FILENAME"
+>user.action</TT
+>, but it will still be largely responsible
+ for your overall browsing experience.</P
+><P
+> Again, at the start of matching, all actions are disabled, so there is
+ no need to disable any actions here. (Remember: a <SPAN
+CLASS="QUOTE"
+>"+"</SPAN
+>
+ preceding the action name enables the action, a <SPAN
+CLASS="QUOTE"
+>"-"</SPAN
+> disables!).
+ Also note how this long line has been made more readable by splitting it into
+ multiple lines with line continuation.</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>{ \
+ +<A
+HREF="actions-file.html#CHANGE-X-FORWARDED-FOR"
+>change-x-forwarded-for{block}</A
+> \
+ +<A
+HREF="actions-file.html#HIDE-FROM-HEADER"
+>hide-from-header{block}</A
+> \
+ +<A
+HREF="actions-file.html#SET-IMAGE-BLOCKER"
+>set-image-blocker{pattern}</A
+> \
+}
+/ # Match all URLs
+ </PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> The default behavior is now set.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="AEN4179"
+>8.7.2. default.action</A
+></H3
+><P
+> If you aren't a developer, there's no need for you to edit the
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+> file. It is maintained by
+ the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> developers and if you disagree with some of the
+ sections, you should overrule them in your <TT
+CLASS="FILENAME"
+>user.action</TT
+>.</P
+><P
+> Understanding the <TT
+CLASS="FILENAME"
+>default.action</TT
+> file can
+ help you with your <TT
+CLASS="FILENAME"
+>user.action</TT
+>, though.</P
+><P
+> The first section in this file is a special section for internal use
+ that prevents older <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> versions from reading the file:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>##########################################################################
+# Settings -- Don't change! For internal Privoxy use ONLY.
+##########################################################################
+{{settings}}
+for-privoxy-version=3.0.11</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> After that comes the (optional) alias section. We'll use the example
+ section from the above <A
+HREF="actions-file.html#ALIASES"
+>chapter on aliases</A
+>,
+ that also explains why and how aliases are used:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>##########################################################################
+# Aliases
+##########################################################################
+{{alias}}
+
+ # These aliases just save typing later:
+ # (Note that some already use other aliases!)
+ #
+ +crunch-all-cookies = +<A
+HREF="actions-file.html#CRUNCH-INCOMING-COOKIES"
+>crunch-incoming-cookies</A
+> +<A
+HREF="actions-file.html#CRUNCH-OUTGOING-COOKIES"
+>crunch-outgoing-cookies</A
+>
+ -crunch-all-cookies = -<A
+HREF="actions-file.html#CRUNCH-INCOMING-COOKIES"
+>crunch-incoming-cookies</A
+> -<A
+HREF="actions-file.html#CRUNCH-OUTGOING-COOKIES"
+>crunch-outgoing-cookies</A
+>
+ +block-as-image      = +block{Blocked image.} +handle-as-image
+ mercy-for-cookies   = -crunch-all-cookies -<A
+HREF="actions-file.html#SESSION-COOKIES-ONLY"
+>session-cookies-only</A
+> -<A
+HREF="actions-file.html#FILTER-CONTENT-COOKIES"
+>filter{content-cookies}</A
+>
+
+ # These aliases define combinations of actions
+ # that are useful for certain types of sites:
+ #
+ fragile     = -<A
+HREF="actions-file.html#BLOCK"
+>block</A
+> -<A
+HREF="actions-file.html#FILTER"
+>filter</A
+> -crunch-all-cookies -<A
+HREF="actions-file.html#FAST-REDIRECTS"
+>fast-redirects</A
+> -<A
+HREF="actions-file.html#HIDE-REFERER"
+>hide-referrer</A
+>
+ shop        = -crunch-all-cookies -<A
+HREF="actions-file.html#FILTER-ALL-POPUPS"
+>filter{all-popups}</A
+></PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> The first of our specialized sections is concerned with <SPAN
+CLASS="QUOTE"
+>"fragile"</SPAN
+>
+ sites, i.e. sites that require minimum interference, because they are either
+ very complex or very keen on tracking you (and have mechanisms in place that
+ make them unusable for people who avoid being tracked). We will simply use
+ our pre-defined <TT
+CLASS="LITERAL"
+>fragile</TT
+> alias instead of stating the list
+ of actions explicitly:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>##########################################################################
+# Exceptions for sites that'll break under the default action set:
+##########################################################################
+
+# "Fragile" Use a minimum set of actions for these sites (see alias above):
+#
+{ fragile }
+.office.microsoft.com           # surprise, surprise!
+.windowsupdate.microsoft.com
+mail.google.com</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Shopping sites are not as fragile, but they typically
+ require cookies to log in, and pop-up windows for shopping
+ carts or item details. Again, we'll use a pre-defined alias:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Shopping sites:
+#
+{ shop }
+.quietpc.com 
+.worldpay.com   # for quietpc.com
+.jungle.com
+.scan.co.uk</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> The <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#FAST-REDIRECTS"
+>fast-redirects</A
+></TT
+>
+ action, which may have been enabled in <TT
+CLASS="FILENAME"
+>match-all.action</TT
+>,
+ breaks some sites. So disable it for popular sites where we know it misbehaves:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>{ -<A
+HREF="actions-file.html#FAST-REDIRECTS"
+>fast-redirects</A
+> }
+login.yahoo.com
+edit.*.yahoo.com
+.google.com
+.altavista.com/.*(like|url|link):http
+.altavista.com/trans.*urltext=http
+.nytimes.com</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> It is important that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> knows which
+ URLs belong to images, so that <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>if</I
+></SPAN
+> they are to
+ be blocked, a substitute image can be sent, rather than an HTML page.
+ Contacting the remote site to find out is not an option, since it
+ would destroy the loading time advantage of banner blocking, and it
+ would feed the advertisers information about you. We can mark any
+ URL as an image with the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#HANDLE-AS-IMAGE"
+>handle-as-image</A
+></TT
+> action,
+ and marking all URLs that end in a known image file extension is a
+ good start:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>##########################################################################
+# Images:
+##########################################################################
+
+# Define which file types will be treated as images, in case they get
+# blocked further down this file:
+#
+{ +<A
+HREF="actions-file.html#HANDLE-AS-IMAGE"
+>handle-as-image</A
+> }
+/.*\.(gif|jpe?g|png|bmp|ico)$</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> And then there are known banner sources. They often use scripts to
+ generate the banners, so it won't be visible from the URL that the
+ request is for an image. Hence we block them <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>and</I
+></SPAN
+>
+ mark them as images in one go, with the help of our
+ <TT
+CLASS="LITERAL"
+>+block-as-image</TT
+> alias defined above. (We could of
+ course just as well use <TT
+CLASS="LITERAL"
+>+<A
+HREF="actions-file.html#BLOCK"
+>block</A
+>
+ +<A
+HREF="actions-file.html#HANDLE-AS-IMAGE"
+>handle-as-image</A
+></TT
+> here.)
+ Remember that the type of the replacement image is chosen by the
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#SET-IMAGE-BLOCKER"
+>set-image-blocker</A
+></TT
+>
+ action. Since all URLs have matched the default section with its
+ <TT
+CLASS="LITERAL"
+>+<A
+HREF="actions-file.html#SET-IMAGE-BLOCKER"
+>set-image-blocker</A
+>{pattern}</TT
+>
+ action before, it still applies and needn't be repeated:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Known ad generators:
+#
+{ +block-as-image }
+ar.atwola.com 
+.ad.doubleclick.net
+.ad.*.doubleclick.net
+.a.yimg.com/(?:(?!/i/).)*$
+.a[0-9].yimg.com/(?:(?!/i/).)*$
+bs*.gsanet.com
+.qkimg.net</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> One of the most important jobs of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ is to block banners. Many of these can be <SPAN
+CLASS="QUOTE"
+>"blocked"</SPAN
+>
+ by the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#FILTER"
+>filter</A
+>{banners-by-size}</TT
+>
+ action, which we enabled above, and which deletes the references to banner
+ images from the pages while they are loaded, so the browser doesn't request
+ them anymore, and hence they don't need to be blocked here. But this naturally
+ doesn't catch all banners, and some people choose not to use filters, so we
+ need a comprehensive list of patterns for banner URLs here, and apply the
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+> action to them.</P
+><P
+> First comes many generic patterns, which do most of the work, by
+ matching typical domain and path name components of banners. Then comes
+ a list of individual patterns for specific sites, which is omitted here
+ to keep the example short:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>##########################################################################
+# Block these fine banners:
+##########################################################################
+{ <A
+HREF="actions-file.html#BLOCK"
+>+block{Banner ads.}</A
+> }
+
+# Generic patterns:
+# 
+ad*.
+.*ads.
+banner?.
+count*.
+/.*count(er)?\.(pl|cgi|exe|dll|asp|php[34]?)
+/(?:.*/)?(publicite|werbung|rekla(ma|me|am)|annonse|maino(kset|nta|s)?)/
+
+# Site-specific patterns (abbreviated):
+#
+.hitbox.com</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> It's quite remarkable how many advertisers actually call their banner
+ servers ads.<TT
+CLASS="REPLACEABLE"
+><I
+>company</I
+></TT
+>.com, or call the directory
+ in which the banners are stored simply <SPAN
+CLASS="QUOTE"
+>"banners"</SPAN
+>. So the above
+ generic patterns are surprisingly effective.</P
+><P
+> But being very generic, they necessarily also catch URLs that we don't want
+ to block. The pattern <TT
+CLASS="LITERAL"
+>.*ads.</TT
+> e.g. catches 
+ <SPAN
+CLASS="QUOTE"
+>"nasty-<SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>ads</I
+></SPAN
+>.nasty-corp.com"</SPAN
+> as intended,
+ but also <SPAN
+CLASS="QUOTE"
+>"downlo<SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>ads</I
+></SPAN
+>.sourcefroge.net"</SPAN
+> or
+ <SPAN
+CLASS="QUOTE"
+>"<SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>ads</I
+></SPAN
+>l.some-provider.net."</SPAN
+> So here come some
+ well-known exceptions to the <TT
+CLASS="LITERAL"
+>+<A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+>
+ section above.</P
+><P
+> Note that these are exceptions to exceptions from the default! Consider the URL
+ <SPAN
+CLASS="QUOTE"
+>"downloads.sourcefroge.net"</SPAN
+>: Initially, all actions are deactivated,
+ so it wouldn't get blocked. Then comes the defaults section, which matches the
+ URL, but just deactivates the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+>
+ action once again. Then it matches <TT
+CLASS="LITERAL"
+>.*ads.</TT
+>, an exception to the
+ general non-blocking policy, and suddenly
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>+block</A
+></TT
+> applies. And now, it'll match
+ <TT
+CLASS="LITERAL"
+>.*loads.</TT
+>, where <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>-block</A
+></TT
+>
+ applies, so (unless it matches <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>again</I
+></SPAN
+> further down) it ends up
+ with no <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+> action applying.</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>##########################################################################
+# Save some innocent victims of the above generic block patterns:
+##########################################################################
+
+# By domain:
+# 
+{ -<A
+HREF="actions-file.html#BLOCK"
+>block</A
+> }
+adv[io]*.  # (for advogato.org and advice.*)
+adsl.      # (has nothing to do with ads)
+adobe.     # (has nothing to do with ads either)
+ad[ud]*.   # (adult.* and add.*)
+.edu       # (universities don't host banners (yet!))
+.*loads.   # (downloads, uploads etc)
+
+# By path:
+#
+/.*loads/
+
+# Site-specific:
+#
+www.globalintersec.com/adv # (adv = advanced)
+www.ugu.com/sui/ugu/adv</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Filtering source code can have nasty side effects,
+ so make an exception for our friends at sourceforge.net,
+ and all paths with <SPAN
+CLASS="QUOTE"
+>"cvs"</SPAN
+> in them. Note that
+ <TT
+CLASS="LITERAL"
+>-<A
+HREF="actions-file.html#FILTER"
+>filter</A
+></TT
+>
+ disables <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>all</I
+></SPAN
+> filters in one fell swoop!</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Don't filter code!
+#
+{ -<A
+HREF="actions-file.html#FILTER"
+>filter</A
+> }
+/(.*/)?cvs
+bugzilla.
+developer.
+wiki.
+.sourceforge.net</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> The actual <TT
+CLASS="FILENAME"
+>default.action</TT
+> is of course much more
+ comprehensive, but we hope this example made clear how it works.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="AEN4292"
+>8.7.3. user.action</A
+></H3
+><P
+> So far we are painting with a broad brush by setting general policies,
+ which would be a reasonable starting point for many people. Now, 
+ you might want to be more specific and have customized rules that
+ are more suitable to your personal habits and preferences. These would
+ be for narrowly defined situations like your ISP or your bank, and should
+ be placed in <TT
+CLASS="FILENAME"
+>user.action</TT
+>, which is parsed after all other 
+ actions files and hence has the last word, over-riding any previously
+ defined actions. <TT
+CLASS="FILENAME"
+>user.action</TT
+> is also a 
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>safe</I
+></SPAN
+> place for your personal settings, since
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+> is actively maintained by the
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> developers and you'll probably want
+ to install updated versions from time to time.</P
+><P
+> So let's look at a few examples of things that one might typically do in
+ <TT
+CLASS="FILENAME"
+>user.action</TT
+>: </P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># My user.action file. <fred at example.com></PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> As <A
+HREF="actions-file.html#ALIASES"
+>aliases</A
+> are local to the actions
+ file that they are defined in, you can't use the ones from
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+>, unless you repeat them here:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Aliases are local to the file they are defined in.
+# (Re-)define aliases for this file:
+#
+{{alias}}
+# 
+# These aliases just save typing later, and the alias names should 
+# be self explanatory.
+#
++crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
+-crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
+ allow-all-cookies  = -crunch-all-cookies -session-cookies-only
+ allow-popups       = -filter{all-popups}
++block-as-image     = +block{Blocked as image.} +handle-as-image
+-block-as-image     = -block
+
+# These aliases define combinations of actions that are useful for
+# certain types of sites:
+#
+fragile     = -block -crunch-all-cookies -filter -fast-redirects -hide-referrer
+shop        = -crunch-all-cookies allow-popups
+
+# Allow ads for selected useful free sites:
+#
+allow-ads   = -block -filter{banners-by-size} -filter{banners-by-link}
+
+# Alias for specific file types that are text, but might have conflicting
+# MIME types. We want the browser to force these to be text documents.
+handle-as-text = -<A
+HREF="actions-file.html#FILTER"
+>filter</A
+> +-<A
+HREF="actions-file.html#CONTENT-TYPE-OVERWRITE"
+>content-type-overwrite{text/plain}</A
+> +-<A
+HREF="actions-file.html#FORCE-TEXT-MODE"
+>force-text-mode</A
+> -<A
+HREF="actions-file.html#HIDE-CONTENT-DISPOSITION"
+>hide-content-disposition</A
+></PRE
+></TD
+></TR
+></TABLE
+>
</P
+><P
+> Say you have accounts on some sites that you visit regularly, and
+ you don't want to have to log in manually each time. So you'd like
+ to allow persistent cookies for these sites. The
+ <TT
+CLASS="LITERAL"
+>allow-all-cookies</TT
+> alias defined above does exactly
+ that, i.e. it disables crunching of cookies in any direction, and the 
+ processing of cookies to make them only temporary.</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>{ allow-all-cookies }
+ sourceforge.net
+ .yahoo.com
+ .msdn.microsoft.com
+ .redhat.com</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Your bank is allergic to some filter, but you don't know which, so you disable them all:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>{ -<A
+HREF="actions-file.html#FILTER"
+>filter</A
+> }
+ .your-home-banking-site.com</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Some file types you may not want to filter for various reasons:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Technical documentation is likely to contain strings that might
+# erroneously get altered by the JavaScript-oriented filters:
+#
+.tldp.org
+/(.*/)?selfhtml/
+
+# And this stupid host sends streaming video with a wrong MIME type,
+# so that Privoxy thinks it is getting HTML and starts filtering:
+#
+stupid-server.example.com/</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Example of a simple <A
+HREF="actions-file.html#BLOCK"
+>block</A
+> action. Say you've
+ seen an ad on your favourite page on example.com that you want to get rid of.
+ You have right-clicked the image, selected <SPAN
+CLASS="QUOTE"
+>"copy image location"</SPAN
+>
+ and pasted the URL below while removing the leading http://, into a 
+ <TT
+CLASS="LITERAL"
+>{ +block{} }</TT
+> section. Note that <TT
+CLASS="LITERAL"
+>{ +handle-as-image
+ }</TT
+> need not be specified, since all URLs ending in
+ <TT
+CLASS="LITERAL"
+>.gif</TT
+> will be tagged as images by the general rules as set
+ in default.action anyway:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>{ +<A
+HREF="actions-file.html#BLOCK"
+>block</A
+>{Nasty ads.} }
+ www.example.com/nasty-ads/sponsor\.gif
+ another.example.net/more/junk/here/</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> The URLs of dynamically generated banners, especially from large banner
+ farms, often don't use the well-known image file name extensions, which
+ makes it impossible for <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to guess
+ the file type just by looking at the URL. 
+ You can use the <TT
+CLASS="LITERAL"
+>+block-as-image</TT
+> alias defined above for
+ these cases.
+ Note that objects which match this rule but then turn out NOT to be an
+ image are typically rendered as a <SPAN
+CLASS="QUOTE"
+>"broken image"</SPAN
+> icon by the
+ browser. Use cautiously.</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>{ +block-as-image }
+ .doubleclick.net
+ .fastclick.net
+ /Realmedia/ads/
+ ar.atwola.com/</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Now you noticed that the default configuration breaks Forbes Magazine,
+ but you were too lazy to find out which action is the culprit, and you
+ were again too lazy to give <A
+HREF="contact.html"
+>feedback</A
+>, so
+ you just used the <TT
+CLASS="LITERAL"
+>fragile</TT
+> alias on the site, and
+ -- <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>whoa!</I
+></SPAN
+> -- it worked. The <TT
+CLASS="LITERAL"
+>fragile</TT
+>
+ aliases disables those actions that are most likely to break a site. Also,
+ good for testing purposes to see if it is <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ that is causing the problem or not. We later find other regular sites 
+ that misbehave, and add those to our personalized list of troublemakers:</P
+><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>{ fragile }
+ .forbes.com
+ webmail.example.com
+ .mybank.com</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> You like the <SPAN
+CLASS="QUOTE"
+>"fun"</SPAN
+> text replacements in <TT
+CLASS="FILENAME"
+>default.filter</TT
+>,
+ but it is disabled in the distributed actions file.
+ So you'd like to turn it on in your private,
+ update-safe config, once and for all:</P
+><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>{ +<A
+HREF="actions-file.html#FILTER-FUN"
+>filter{fun}</A
+> }
+ / # For ALL sites!</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Note that the above is not really a good idea: There are exceptions
+ to the filters in <TT
+CLASS="FILENAME"
+>default.action</TT
+> for things that
+ really shouldn't be filtered, like code on CVS->Web interfaces. Since
+ <TT
+CLASS="FILENAME"
+>user.action</TT
+> has the last word, these exceptions
+ won't be valid for the <SPAN
+CLASS="QUOTE"
+>"fun"</SPAN
+> filtering specified here.</P
+><P
+> You might also worry about how your favourite free websites are
+ funded, and find that they rely on displaying banner advertisements
+ to survive. So you might want to specifically allow banners for those
+ sites that you feel provide value to you:</P
+><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>{ allow-ads }
+ .sourceforge.net
+ .slashdot.org
+ .osdn.net</PRE
+></TD
+></TR
+></TABLE
+>   </P
+><P
+> Note that <TT
+CLASS="LITERAL"
+>allow-ads</TT
+> has been aliased to 
+ <TT
+CLASS="LITERAL"
+>-<A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+>, 
+ <TT
+CLASS="LITERAL"
+>-<A
+HREF="actions-file.html#FILTER-BANNERS-BY-SIZE"
+>filter{banners-by-size}</A
+></TT
+>, and 
+ <TT
+CLASS="LITERAL"
+>-<A
+HREF="actions-file.html#FILTER-BANNERS-BY-LINK"
+>filter{banners-by-link}</A
+></TT
+> above.</P
+><P
+> Invoke another alias here to force an over-ride of the MIME type <TT
+CLASS="LITERAL"
+> application/x-sh</TT
+> which typically would open a download type 
+ dialog. In my case, I want to look at the shell script, and then I can save
+ it should I choose to.</P
+><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>{ handle-as-text }
+ /.*\.sh$</PRE
+></TD
+></TR
+></TABLE
+>   </P
+><P
+> <TT
+CLASS="FILENAME"
+>user.action</TT
+> is generally the best place to define
+ exceptions and additions to the default policies of
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+>. Some actions are safe to have their
+ default policies set here though. So let's set a default policy to have a
+ <SPAN
+CLASS="QUOTE"
+>"blank"</SPAN
+> image as opposed to the checkerboard pattern for
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>ALL</I
+></SPAN
+> sites. <SPAN
+CLASS="QUOTE"
+>"/"</SPAN
+> of course matches all URL
+ paths and patterns:</P
+><P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>{ +<A
+HREF="actions-file.html#SET-IMAGE-BLOCKER"
+>set-image-blocker{blank}</A
+> }
+/ # ALL sites</PRE
+></TD
+></TR
+></TABLE
+></P
+></DIV
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="config.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="filter-file.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>The Main Configuration File</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Filter Files</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/user-manual/appendix.html b/external/privoxy/doc/webserver/user-manual/appendix.html
new file mode 100644
index 0000000..4df57a4
--- /dev/null
+++ b/external/privoxy/doc/webserver/user-manual/appendix.html
@@ -0,0 +1,2187 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Appendix</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy 3.0.12 User Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="See Also"
+HREF="seealso.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
+<LINK REL="STYLESHEET" TYPE="text/css" HREF="p_doc.css">
+</head
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy 3.0.12 User Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="seealso.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+> </TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="APPENDIX"
+>14. Appendix</A
+></H1
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="REGEX"
+>14.1. Regular Expressions</A
+></H2
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> uses Perl-style <SPAN
+CLASS="QUOTE"
+>"regular
+ expressions"</SPAN
+> in its <A
+HREF="actions-file.html"
+>actions
+ files</A
+> and <A
+HREF="filter-file.html"
+>filter file</A
+>,
+ through the <A
+HREF="http://www.pcre.org/"
+TARGET="_top"
+>PCRE</A
+> and
+ <SPAN
+CLASS="APPLICATION"
+>PCRS</SPAN
+> libraries.</P
+><P
+> If you are reading this, you probably don't understand what <SPAN
+CLASS="QUOTE"
+>"regular
+ expressions"</SPAN
+> are, or what they can do. So this will be a very brief
+ introduction only. A full explanation would require a <A
+HREF="http://www.oreilly.com/catalog/regex/"
+TARGET="_top"
+>book</A
+> ;-)</P
+><P
+> Regular expressions provide a language to describe patterns that can be
+ run against strings of characters (letter, numbers, etc), to see if they
+ match the string or not. The  patterns are themselves (sometimes complex)
+ strings of literal characters, combined with  wild-cards, and other special
+ characters, called meta-characters. The <SPAN
+CLASS="QUOTE"
+>"meta-characters"</SPAN
+> have
+ special meanings and are used to build complex patterns to be matched against.
+ Perl Compatible Regular Expressions are an especially convenient
+ <SPAN
+CLASS="QUOTE"
+>"dialect"</SPAN
+> of the regular expression language.</P
+><P
+> To make a simple analogy, we do something similar when we use wild-card
+ characters when listing files with the <B
+CLASS="COMMAND"
+>dir</B
+> command in DOS. 
+ <TT
+CLASS="LITERAL"
+>*.*</TT
+> matches all filenames. The <SPAN
+CLASS="QUOTE"
+>"special"</SPAN
+>
+ character here is the asterisk which matches any and all characters. We can be
+ more specific and use <TT
+CLASS="LITERAL"
+>?</TT
+> to match just individual
+ characters. So <SPAN
+CLASS="QUOTE"
+>"dir file?.text"</SPAN
+> would match
+ <SPAN
+CLASS="QUOTE"
+>"file1.txt"</SPAN
+>, <SPAN
+CLASS="QUOTE"
+>"file2.txt"</SPAN
+>, etc. We are pattern
+ matching, using a similar technique to <SPAN
+CLASS="QUOTE"
+>"regular expressions"</SPAN
+>!</P
+><P
+> Regular expressions do essentially the same thing, but are much, much more
+ powerful. There are many more <SPAN
+CLASS="QUOTE"
+>"special characters"</SPAN
+> and ways of 
+ building complex patterns however. Let's look at a few of the common ones,
+ and then some examples:</P
+><P
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>.</I
+></SPAN
+> - Matches any single character, e.g. <SPAN
+CLASS="QUOTE"
+>"a"</SPAN
+>,
+  <SPAN
+CLASS="QUOTE"
+>"A"</SPAN
+>, <SPAN
+CLASS="QUOTE"
+>"4"</SPAN
+>, <SPAN
+CLASS="QUOTE"
+>":"</SPAN
+>, or <SPAN
+CLASS="QUOTE"
+>"@"</SPAN
+>.
+ </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+></P
+><P
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>?</I
+></SPAN
+> - The preceding character or expression is matched ZERO or ONE
+  times. Either/or.
+ </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+></P
+><P
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>+</I
+></SPAN
+> - The preceding character or expression is matched ONE or MORE
+  times.
+ </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+></P
+><P
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>*</I
+></SPAN
+> - The preceding character or expression is matched ZERO or MORE
+  times.
+ </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+></P
+><P
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>\</I
+></SPAN
+> - The <SPAN
+CLASS="QUOTE"
+>"escape"</SPAN
+> character denotes that
+  the following character should be taken literally. This is used where one of the 
+  special characters (e.g. <SPAN
+CLASS="QUOTE"
+>"."</SPAN
+>) needs to be taken literally and
+  not as a special meta-character. Example: <SPAN
+CLASS="QUOTE"
+>"example\.com"</SPAN
+>, makes 
+  sure the period is recognized only as a period (and not expanded to its 
+  meta-character meaning of any single character).
+ </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+></P
+><P
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>[ ]</I
+></SPAN
+> - Characters enclosed in brackets will be matched if
+  any of the enclosed characters are encountered. For instance, <SPAN
+CLASS="QUOTE"
+>"[0-9]"</SPAN
+>
+  matches any numeric digit (zero through nine). As an example, we can combine 
+  this with <SPAN
+CLASS="QUOTE"
+>"+"</SPAN
+> to match any digit one of more times: <SPAN
+CLASS="QUOTE"
+>"[0-9]+"</SPAN
+>.
+ </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+></P
+><P
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>( )</I
+></SPAN
+> - parentheses are used to group a sub-expression,
+  or multiple sub-expressions.
+ </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+></P
+><P
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>|</I
+></SPAN
+> - The <SPAN
+CLASS="QUOTE"
+>"bar"</SPAN
+> character works like an
+  <SPAN
+CLASS="QUOTE"
+>"or"</SPAN
+> conditional statement. A match is successful if the
+  sub-expression on either side of <SPAN
+CLASS="QUOTE"
+>"|"</SPAN
+> matches. As an example:
+  <SPAN
+CLASS="QUOTE"
+>"/(this|that) example/"</SPAN
+> uses grouping and the bar character 
+  and would match either <SPAN
+CLASS="QUOTE"
+>"this example"</SPAN
+> or <SPAN
+CLASS="QUOTE"
+>"that
+  example"</SPAN
+>, and nothing else.
+ </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+></P
+><P
+> These are just some of the ones you are likely to use when matching URLs with 
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, and is a long way from a definitive
+ list. This is enough to get us started with a few simple examples which may
+ be more illuminating:</P
+><P
+> <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+><TT
+CLASS="LITERAL"
+>/.*/banners/.*</TT
+></I
+></SPAN
+> - A  simple example
+ that uses the common combination of <SPAN
+CLASS="QUOTE"
+>"."</SPAN
+> and <SPAN
+CLASS="QUOTE"
+>"*"</SPAN
+> to 
+ denote any character, zero or more times. In other words, any string at all.
+ So we start with a literal forward slash, then our regular expression pattern 
+ (<SPAN
+CLASS="QUOTE"
+>".*"</SPAN
+>) another literal forward slash, the string
+ <SPAN
+CLASS="QUOTE"
+>"banners"</SPAN
+>, another forward slash, and lastly another
+ <SPAN
+CLASS="QUOTE"
+>".*"</SPAN
+>. We are building 
+ a directory path here. This will match any file with the path that has a
+ directory named <SPAN
+CLASS="QUOTE"
+>"banners"</SPAN
+> in it. The <SPAN
+CLASS="QUOTE"
+>".*"</SPAN
+> matches
+ any characters, and this could conceivably be more forward slashes, so it
+ might expand into a much longer looking path. For example, this could match:
+ <SPAN
+CLASS="QUOTE"
+>"/eye/hate/spammers/banners/annoy_me_please.gif"</SPAN
+>, or just
+ <SPAN
+CLASS="QUOTE"
+>"/banners/annoying.html"</SPAN
+>, or almost an infinite number of other
+ possible combinations, just so it has <SPAN
+CLASS="QUOTE"
+>"banners"</SPAN
+> in the path
+ somewhere.</P
+><P
+> And now something a little more complex:</P
+><P
+> <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+><TT
+CLASS="LITERAL"
+>/.*/adv((er)?ts?|ertis(ing|ements?))?/</TT
+></I
+></SPAN
+> - 
+ We have several literal forward slashes again (<SPAN
+CLASS="QUOTE"
+>"/"</SPAN
+>), so we are
+ building another expression that is a file path statement. We have another 
+ <SPAN
+CLASS="QUOTE"
+>".*"</SPAN
+>, so we are matching against any conceivable sub-path, just so
+ it matches our expression. The only true literal that <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>must
+ match</I
+></SPAN
+> our pattern is <SPAN
+CLASS="APPLICATION"
+>adv</SPAN
+>, together with
+ the forward slashes. What comes after the <SPAN
+CLASS="QUOTE"
+>"adv"</SPAN
+> string is the
+ interesting part. </P
+><P
+> Remember the <SPAN
+CLASS="QUOTE"
+>"?"</SPAN
+> means the preceding expression (either a
+ literal character or anything grouped with <SPAN
+CLASS="QUOTE"
+>"(...)"</SPAN
+> in this case)
+ can exist or not, since this means either zero or one match. So
+ <SPAN
+CLASS="QUOTE"
+>"((er)?ts?|ertis(ing|ements?))"</SPAN
+> is optional, as are the
+ individual sub-expressions: <SPAN
+CLASS="QUOTE"
+>"(er)"</SPAN
+>,
+ <SPAN
+CLASS="QUOTE"
+>"(ing|ements?)"</SPAN
+>, and the <SPAN
+CLASS="QUOTE"
+>"s"</SPAN
+>. The <SPAN
+CLASS="QUOTE"
+>"|"</SPAN
+>
+ means <SPAN
+CLASS="QUOTE"
+>"or"</SPAN
+>. We have two of those. For instance, 
+ <SPAN
+CLASS="QUOTE"
+>"(ing|ements?)"</SPAN
+>, can expand to match either <SPAN
+CLASS="QUOTE"
+>"ing"</SPAN
+> 
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>OR</I
+></SPAN
+> <SPAN
+CLASS="QUOTE"
+>"ements?"</SPAN
+>. What is being done here, is an
+ attempt at matching as many variations of <SPAN
+CLASS="QUOTE"
+>"advertisement"</SPAN
+>, and 
+ similar, as possible. So this would expand to match just <SPAN
+CLASS="QUOTE"
+>"adv"</SPAN
+>,
+ or <SPAN
+CLASS="QUOTE"
+>"advert"</SPAN
+>, or <SPAN
+CLASS="QUOTE"
+>"adverts"</SPAN
+>, or
+ <SPAN
+CLASS="QUOTE"
+>"advertising"</SPAN
+>, or <SPAN
+CLASS="QUOTE"
+>"advertisement"</SPAN
+>, or
+ <SPAN
+CLASS="QUOTE"
+>"advertisements"</SPAN
+>. You get the idea. But it would not match 
+ <SPAN
+CLASS="QUOTE"
+>"advertizements"</SPAN
+> (with a <SPAN
+CLASS="QUOTE"
+>"z"</SPAN
+>). We could fix that by
+ changing our regular expression to: 
+ <SPAN
+CLASS="QUOTE"
+>"/.*/adv((er)?ts?|erti(s|z)(ing|ements?))?/"</SPAN
+>, which would then match
+ either spelling.</P
+><P
+> <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+><TT
+CLASS="LITERAL"
+>/.*/advert[0-9]+\.(gif|jpe?g)</TT
+></I
+></SPAN
+> - Again 
+ another path statement with forward slashes. Anything in the square brackets 
+ <SPAN
+CLASS="QUOTE"
+>"[ ]"</SPAN
+> can be matched. This is using <SPAN
+CLASS="QUOTE"
+>"0-9"</SPAN
+> as a
+ shorthand expression to mean any digit one through nine. It is the same as
+ saying <SPAN
+CLASS="QUOTE"
+>"0123456789"</SPAN
+>. So any digit matches. The <SPAN
+CLASS="QUOTE"
+>"+"</SPAN
+>
+ means one or more of the preceding expression must be included. The preceding 
+ expression here is what is in the square brackets -- in this case, any digit 
+ one through nine. Then, at the end, we have a grouping: <SPAN
+CLASS="QUOTE"
+>"(gif|jpe?g)"</SPAN
+>. 
+ This includes a <SPAN
+CLASS="QUOTE"
+>"|"</SPAN
+>, so this needs to match the expression on
+ either side of that bar character also. A simple <SPAN
+CLASS="QUOTE"
+>"gif"</SPAN
+> on one side, and the other
+ side will in turn match either <SPAN
+CLASS="QUOTE"
+>"jpeg"</SPAN
+> or <SPAN
+CLASS="QUOTE"
+>"jpg"</SPAN
+>,
+ since the <SPAN
+CLASS="QUOTE"
+>"?"</SPAN
+> means the letter <SPAN
+CLASS="QUOTE"
+>"e"</SPAN
+> is optional and
+ can be matched once or not at all. So we are building an expression here to
+ match image GIF or JPEG type image file. It must include the literal
+ string <SPAN
+CLASS="QUOTE"
+>"advert"</SPAN
+>, then one or more digits, and a <SPAN
+CLASS="QUOTE"
+>"."</SPAN
+>
+ (which is now a literal, and not a special character, since it is escaped
+ with <SPAN
+CLASS="QUOTE"
+>"\"</SPAN
+>), and lastly either <SPAN
+CLASS="QUOTE"
+>"gif"</SPAN
+>, or
+ <SPAN
+CLASS="QUOTE"
+>"jpeg"</SPAN
+>, or <SPAN
+CLASS="QUOTE"
+>"jpg"</SPAN
+>. Some possible matches would
+ include: <SPAN
+CLASS="QUOTE"
+>"//advert1.jpg"</SPAN
+>,
+ <SPAN
+CLASS="QUOTE"
+>"/nasty/ads/advert1234.gif"</SPAN
+>,
+ <SPAN
+CLASS="QUOTE"
+>"/banners/from/hell/advert99.jpg"</SPAN
+>. It would not match
+ <SPAN
+CLASS="QUOTE"
+>"advert1.gif"</SPAN
+> (no leading slash), or
+ <SPAN
+CLASS="QUOTE"
+>"/adverts232.jpg"</SPAN
+> (the expression does not include an
+ <SPAN
+CLASS="QUOTE"
+>"s"</SPAN
+>), or <SPAN
+CLASS="QUOTE"
+>"/advert1.jsp"</SPAN
+> (<SPAN
+CLASS="QUOTE"
+>"jsp"</SPAN
+> is not
+ in the expression anywhere).</P
+><P
+> We are barely scratching the surface of regular expressions here so that you
+ can understand the default <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ configuration files, and maybe use this knowledge to customize your own
+ installation. There is much, much more that can be done with regular
+ expressions. Now that you know enough to get started, you can learn more on
+ your own :/</P
+><P
+> More reading on Perl Compatible Regular expressions: 
+ <A
+HREF="http://perldoc.perl.org/perlre.html"
+TARGET="_top"
+>http://perldoc.perl.org/perlre.html</A
+></P
+><P
+> For information on regular expression based substitutions and their applications
+ in filters, please see the <A
+HREF="filter-file.html"
+>filter file tutorial</A
+>
+ in this manual.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="AEN5174"
+>14.2. Privoxy's Internal Pages</A
+></H2
+><P
+> Since <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> proxies each requested 
+ web page, it is easy for <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to 
+ trap certain special URLs. In this way, we can talk directly to
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, and see how it is 
+ configured, see how our rules are being applied, change these 
+ rules and other configuration options, and even turn
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> filtering off, all with 
+ a web browser.
</P
+><P
+> The URLs listed below are the special ones that allow direct access 
+ to <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>. Of course,
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> must be running to access these. If 
+ not, you will get a friendly error message. Internet access is not 
+ necessary either.</P
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>  
+   Privoxy main page: 
+  </P
+><A
+NAME="AEN5188"
+></A
+><BLOCKQUOTE
+CLASS="BLOCKQUOTE"
+><P
+> 
+     <A
+HREF="http://config.privoxy.org/"
+TARGET="_top"
+>http://config.privoxy.org/</A
+>
+   </P
+></BLOCKQUOTE
+><P
+>   There is a shortcut: <A
+HREF="http://p.p/"
+TARGET="_top"
+>http://p.p/</A
+> (But it
+   doesn't provide a fall-back to a real page, in case the request is not
+   sent through <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>)
+  </P
+></LI
+><LI
+><P
+>  
+    Show information about the current configuration, including viewing and 
+    editing of actions files:
+  </P
+><A
+NAME="AEN5196"
+></A
+><BLOCKQUOTE
+CLASS="BLOCKQUOTE"
+><P
+> 
+    <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>http://config.privoxy.org/show-status</A
+>
+   </P
+></BLOCKQUOTE
+></LI
+><LI
+><P
+>  
+    Show the source code version numbers:
+  </P
+><A
+NAME="AEN5201"
+></A
+><BLOCKQUOTE
+CLASS="BLOCKQUOTE"
+><P
+> 
+    <A
+HREF="http://config.privoxy.org/show-version"
+TARGET="_top"
+>http://config.privoxy.org/show-version</A
+>
+   </P
+></BLOCKQUOTE
+></LI
+><LI
+><P
+>  
+   Show the browser's request headers:
+  </P
+><A
+NAME="AEN5206"
+></A
+><BLOCKQUOTE
+CLASS="BLOCKQUOTE"
+><P
+> 
+    <A
+HREF="http://config.privoxy.org/show-request"
+TARGET="_top"
+>http://config.privoxy.org/show-request</A
+>
+   </P
+></BLOCKQUOTE
+></LI
+><LI
+><P
+>  
+   Show which actions apply to a URL and why:
+  </P
+><A
+NAME="AEN5211"
+></A
+><BLOCKQUOTE
+CLASS="BLOCKQUOTE"
+><P
+> 
+    <A
+HREF="http://config.privoxy.org/show-url-info"
+TARGET="_top"
+>http://config.privoxy.org/show-url-info</A
+>
+   </P
+></BLOCKQUOTE
+></LI
+><LI
+><P
+>  
+   Toggle Privoxy on or off. This feature can be turned off/on in the main 
+   <TT
+CLASS="FILENAME"
+>config</TT
+> file. When toggled <SPAN
+CLASS="QUOTE"
+>"off"</SPAN
+>, <SPAN
+CLASS="QUOTE"
+>"Privoxy"</SPAN
+>
+   continues to run, but only as a pass-through proxy, with no actions taking
+   place:
+  </P
+><A
+NAME="AEN5219"
+></A
+><BLOCKQUOTE
+CLASS="BLOCKQUOTE"
+><P
+> 
+    <A
+HREF="http://config.privoxy.org/toggle"
+TARGET="_top"
+>http://config.privoxy.org/toggle</A
+>
+   </P
+></BLOCKQUOTE
+><P
+>   Short cuts. Turn off, then on: 
+  </P
+><A
+NAME="AEN5223"
+></A
+><BLOCKQUOTE
+CLASS="BLOCKQUOTE"
+><P
+> 
+     <A
+HREF="http://config.privoxy.org/toggle?set=disable"
+TARGET="_top"
+>http://config.privoxy.org/toggle?set=disable</A
+>
+   </P
+></BLOCKQUOTE
+><A
+NAME="AEN5226"
+></A
+><BLOCKQUOTE
+CLASS="BLOCKQUOTE"
+><P
+> 
+     <A
+HREF="http://config.privoxy.org/toggle?set=enable"
+TARGET="_top"
+>http://config.privoxy.org/toggle?set=enable</A
+>
+   </P
+></BLOCKQUOTE
+></LI
+></UL
+></P
+><P
+> These may be bookmarked for quick reference. See next.
</P
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="BOOKMARKLETS"
+>14.2.1. Bookmarklets</A
+></H3
+><P
+> Below are some <SPAN
+CLASS="QUOTE"
+>"bookmarklets"</SPAN
+> to allow you to easily access a
+ <SPAN
+CLASS="QUOTE"
+>"mini"</SPAN
+> version of some of <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+>
+ special pages. They are designed for MS Internet Explorer, but should work
+ equally well in Netscape, Mozilla, and other browsers which support
+ JavaScript. They are designed to run directly from your bookmarks - not by
+ clicking the links below (although that should work for testing).</P
+><P
+> To save them, right-click the link and choose <SPAN
+CLASS="QUOTE"
+>"Add to Favorites"</SPAN
+>
+ (IE) or <SPAN
+CLASS="QUOTE"
+>"Add Bookmark"</SPAN
+> (Netscape). You will get a warning that
+ the bookmark <SPAN
+CLASS="QUOTE"
+>"may not be safe"</SPAN
+> - just click OK. Then you can run the
+ Bookmarklet directly from your favorites/bookmarks. For even faster access,
+ you can put them on the <SPAN
+CLASS="QUOTE"
+>"Links"</SPAN
+> bar (IE) or the <SPAN
+CLASS="QUOTE"
+>"Personal
+ Toolbar"</SPAN
+> (Netscape), and run them with a single click. </P
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>    <A
+HREF="javascript:void(window.open('http://config.privoxy.org/toggle?mini=y&set=enabled','ijbstatus','width=250,height=100,resizable=yes,scrollbars=no,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());"
+TARGET="_top"
+>Privoxy - Enable</A
+>
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="javascript:void(window.open('http://config.privoxy.org/toggle?mini=y&set=disabled','ijbstatus','width=250,height=100,resizable=yes,scrollbars=no,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());"
+TARGET="_top"
+>Privoxy - Disable</A
+>
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="javascript:void(window.open('http://config.privoxy.org/toggle?mini=y&set=toggle','ijbstatus','width=250,height=100,resizable=yes,scrollbars=no,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());"
+TARGET="_top"
+>Privoxy - Toggle Privoxy</A
+> (Toggles between enabled and disabled)
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="javascript:void(window.open('http://config.privoxy.org/toggle?mini=y','ijbstatus','width=250,height=2,resizable=yes,scrollbars=no,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());"
+TARGET="_top"
+>Privoxy- View Status</A
+>
+   </P
+></LI
+><LI
+><P
+>    <A
+HREF="javascript:void(window.open('http://config.privoxy.org/show-url-info?url='+escape(location.href),'Why').focus());"
+TARGET="_top"
+>Privoxy - Why?</A
+>
+   </P
+></LI
+></UL
+></P
+><P
+> Credit: The site which gave us the general idea for these bookmarklets is
+ <A
+HREF="http://www.bookmarklets.com/"
+TARGET="_top"
+>www.bookmarklets.com</A
+>. They
+ have more information about bookmarklets. </P
+></DIV
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="CHAIN"
+>14.3. Chain of Events</A
+></H2
+><P
+> Let's take a quick look at how some of <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> 
+ core features are triggered, and the ensuing sequence of events when a web
+ page is requested by your browser:</P
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>   First, your web browser requests a web page. The browser knows to send 
+   the request to <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, which will in turn, 
+   relay the request to the remote web server after passing the following 
+   tests: 
+  </P
+></LI
+><LI
+><P
+>   <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> traps any request for its own internal CGI 
+   pages (e.g <A
+HREF="http://p.p/"
+TARGET="_top"
+>http://p.p/</A
+>) and sends the CGI page back to the browser.
+  </P
+></LI
+><LI
+><P
+>   Next, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> checks to see if the URL 
+   matches any <A
+HREF="actions-file.html#BLOCK"
+><SPAN
+CLASS="QUOTE"
+>"+block"</SPAN
+></A
+> patterns. If
+   so, the URL is then blocked, and the remote web server will not be contacted.
+   <A
+HREF="actions-file.html#HANDLE-AS-IMAGE"
+><SPAN
+CLASS="QUOTE"
+>"+handle-as-image"</SPAN
+></A
+> 
+   and 
+   <A
+HREF="actions-file.html#HANDLE-AS-EMPTY-DOCUMENT"
+><SPAN
+CLASS="QUOTE"
+>"+handle-as-empty-document"</SPAN
+></A
+>
+   are then checked, and if there is no match, an 
+   HTML <SPAN
+CLASS="QUOTE"
+>"BLOCKED"</SPAN
+> page is sent back to the browser. Otherwise, if
+   it does match, an image is returned for the former, and an empty text
+   document for the latter. The type of image would depend on the setting of
+   <A
+HREF="actions-file.html#SET-IMAGE-BLOCKER"
+><SPAN
+CLASS="QUOTE"
+>"+set-image-blocker"</SPAN
+></A
+>
+   (blank, checkerboard pattern, or an HTTP redirect to an image elsewhere).
+  </P
+></LI
+><LI
+><P
+>   Untrusted URLs are blocked. If URLs are being added to the
+   <TT
+CLASS="FILENAME"
+>trust</TT
+> file, then that is done.
+  </P
+></LI
+><LI
+><P
+>   If the URL pattern matches the <A
+HREF="actions-file.html#FAST-REDIRECTS"
+><SPAN
+CLASS="QUOTE"
+>"+fast-redirects"</SPAN
+></A
+> action,
+   it is then processed. Unwanted parts of the requested URL are stripped.
+  </P
+></LI
+><LI
+><P
+>   Now the rest of the client browser's request headers are processed. If any
+   of these match any of the relevant actions (e.g. <A
+HREF="actions-file.html#HIDE-USER-AGENT"
+><SPAN
+CLASS="QUOTE"
+>"+hide-user-agent"</SPAN
+></A
+>,
+   etc.), headers are suppressed or forged as determined by these actions and
+   their parameters.
+  </P
+></LI
+><LI
+><P
+>   Now the web server starts sending its response back (i.e. typically a web
+   page).
+  </P
+></LI
+><LI
+><P
+>   First, the server headers are read and processed to determine, among other
+   things, the MIME type (document type) and encoding. The headers are then
+   filtered as determined by the 
+   <A
+HREF="actions-file.html#CRUNCH-INCOMING-COOKIES"
+><SPAN
+CLASS="QUOTE"
+>"+crunch-incoming-cookies"</SPAN
+></A
+>,
+   <A
+HREF="actions-file.html#SESSION-COOKIES-ONLY"
+><SPAN
+CLASS="QUOTE"
+>"+session-cookies-only"</SPAN
+></A
+>,
+   and <A
+HREF="actions-file.html#DOWNGRADE-HTTP-VERSION"
+><SPAN
+CLASS="QUOTE"
+>"+downgrade-http-version"</SPAN
+></A
+>
+   actions.
+  </P
+></LI
+><LI
+><P
+>   If any <A
+HREF="actions-file.html#FILTER"
+><SPAN
+CLASS="QUOTE"
+>"+filter"</SPAN
+></A
+> action
+   or <A
+HREF="actions-file.html#DEANIMATE-GIFS"
+><SPAN
+CLASS="QUOTE"
+>"+deanimate-gifs"</SPAN
+></A
+>
+   action applies (and the document type fits the action), the rest of the page is
+   read into memory (up to a configurable limit). Then the filter rules (from
+   <TT
+CLASS="FILENAME"
+>default.filter</TT
+> and any other filter files) are
+   processed against the buffered content. Filters are applied in the order
+   they are specified in one of the filter files. Animated GIFs, if present,
+   are reduced to either the first or last frame, depending on the action
+   setting.The entire page, which is now filtered, is then sent by
+   <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> back to your browser. 
+  </P
+><P
+>   If neither a <A
+HREF="actions-file.html#FILTER"
+><SPAN
+CLASS="QUOTE"
+>"+filter"</SPAN
+></A
+> action
+   or <A
+HREF="actions-file.html#DEANIMATE-GIFS"
+><SPAN
+CLASS="QUOTE"
+>"+deanimate-gifs"</SPAN
+></A
+>
+   matches, then <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> passes the raw data through 
+   to the client browser as it becomes available.
+  </P
+></LI
+><LI
+><P
+>   As the browser receives the now (possibly filtered) page content, it 
+   reads and then requests any URLs that may be embedded within the page
+   source, e.g. ad images, stylesheets, JavaScript, other HTML documents (e.g.
+   frames), sounds, etc. For each of these objects, the browser issues a
+   separate request (this is easily viewable in <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+>
+   logs). And each such request is in turn processed just as above. Note that a
+   complex web page will have many, many such embedded URLs. If these 
+   secondary requests are to a different server, then quite possibly a very 
+   differing set of actions is triggered.
+  </P
+></LI
+></UL
+></P
+><P
+> NOTE: This is somewhat of a simplistic overview of what happens with each URL
+ request. For the sake of brevity and simplicity, we have focused on 
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> core features only.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="ACTIONSANAT"
+>14.4. Troubleshooting: Anatomy of an Action</A
+></H2
+><P
+> The way <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> applies 
+ <A
+HREF="actions-file.html#ACTIONS"
+>actions</A
+> and <A
+HREF="actions-file.html#FILTER"
+>filters</A
+>
+ to any given URL can be complex, and not always so
+ easy to understand what is happening. And sometimes we need to be able to
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>see</I
+></SPAN
+> just what <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is
+ doing. Especially, if something <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is doing
+ is causing us a problem inadvertently. It can be a little daunting to look at
+ the actions and filters files themselves, since they tend to be filled with
+ <A
+HREF="appendix.html#REGEX"
+>regular expressions</A
+> whose consequences are not
+ always so obvious. </P
+><P
+> One quick test to see if <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is causing a problem 
+ or not, is to disable it temporarily. This should be the first troubleshooting 
+ step. See <A
+HREF="appendix.html#BOOKMARKLETS"
+>the Bookmarklets</A
+> section on a quick 
+ and easy way to do this (be sure to flush caches afterward!). Looking at the 
+ logs is a good idea too. (Note that both the toggle feature and logging are 
+ enabled via <TT
+CLASS="FILENAME"
+>config</TT
+> file settings, and may need to be 
+ turned <SPAN
+CLASS="QUOTE"
+>"on"</SPAN
+>.)</P
+><P
+> Another easy troubleshooting step to try is if you have done any
+ customization of your installation, revert back to the installed
+ defaults and see if that helps. There are times the developers get complaints
+ about one thing or another, and the problem is more related to a customized
+ configuration issue.</P
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> also provides the 
+ <A
+HREF="http://config.privoxy.org/show-url-info"
+TARGET="_top"
+>http://config.privoxy.org/show-url-info</A
+>
+ page that can show us very specifically how <SPAN
+CLASS="APPLICATION"
+>actions</SPAN
+>
+ are being applied to any given URL. This is a big help for troubleshooting.</P
+><P
+> First, enter one URL (or partial URL) at the prompt, and then
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will tell us 
+ how the current configuration will handle it. This will not
+ help with filtering effects (i.e. the <A
+HREF="actions-file.html#FILTER"
+><SPAN
+CLASS="QUOTE"
+>"+filter"</SPAN
+></A
+> action) from
+ one of the filter files since this is handled very
+ differently and not so easy to trap! It also will not tell you about any other
+ URLs that may be embedded within the URL you are testing. For instance, images
+ such as ads are expressed as URLs within the raw page source of HTML pages. So
+ you will only get info for the actual URL that is pasted into the prompt area
+ -- not any sub-URLs. If you want to know about embedded URLs like ads, you
+ will have to dig those out of the HTML source. Use your browser's <SPAN
+CLASS="QUOTE"
+>"View
+ Page Source"</SPAN
+> option for this. Or right click on the ad, and grab the
+ URL.</P
+><P
+> Let's try an example, <A
+HREF="http://google.com"
+TARGET="_top"
+>google.com</A
+>, 
+ and look at it one section at a time in a sample configuration (your real 
+ configuration may vary):</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> Matches for http://www.google.com:
+
+ In file: default.action <SPAN
+CLASS="GUIBUTTON"
+>[ View ]</SPAN
+> <SPAN
+CLASS="GUIBUTTON"
+>[ Edit ]</SPAN
+>
+
+ {+change-x-forwarded-for{block}
+ +deanimate-gifs {last}
+ +fast-redirects {check-decoded-url}
+ +filter {refresh-tags}
+ +filter {img-reorder}
+ +filter {banners-by-size}
+ +filter {webbugs}
+ +filter {jumping-windows}
+ +filter {ie-exploits}
+ +hide-from-header {block}
+ +hide-referrer {forge}
+ +session-cookies-only
+ +set-image-blocker {pattern}
+/
+ 
+ { -session-cookies-only }
+ .google.com
+
+ { -fast-redirects }
+ .google.com
+
+In file: user.action <SPAN
+CLASS="GUIBUTTON"
+>[ View ]</SPAN
+> <SPAN
+CLASS="GUIBUTTON"
+>[ Edit ]</SPAN
+>
+(no matches in this file)  </PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> This is telling us how we have defined our 
+ <A
+HREF="actions-file.html#ACTIONS"
+><SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+></A
+>, and
+ which ones match for our test case, <SPAN
+CLASS="QUOTE"
+>"google.com"</SPAN
+>. 
+ Displayed is all the actions that are available to us. Remember,
+ the <TT
+CLASS="LITERAL"
+>+</TT
+> sign denotes <SPAN
+CLASS="QUOTE"
+>"on"</SPAN
+>. <TT
+CLASS="LITERAL"
+>-</TT
+>
+ denotes <SPAN
+CLASS="QUOTE"
+>"off"</SPAN
+>. So some are <SPAN
+CLASS="QUOTE"
+>"on"</SPAN
+> here, but many 
+ are <SPAN
+CLASS="QUOTE"
+>"off"</SPAN
+>. Each example we try may provide a slightly different
+ end result, depending on our configuration directives.</P
+><P
+> The first listing
+  is for our <TT
+CLASS="FILENAME"
+>default.action</TT
+> file. The large, multi-line
+  listing, is how the actions are set to match for all URLs, i.e. our default
+  settings. If you look at your <SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+> file, this would be the
+  section just below the <SPAN
+CLASS="QUOTE"
+>"aliases"</SPAN
+> section near the top. This
+  will apply to all URLs as signified by the single forward slash at the end
+  of the listing -- <SPAN
+CLASS="QUOTE"
+>" / "</SPAN
+>.</P
+><P
+> But we have defined additional actions that would be exceptions to these general
+ rules, and then we list specific URLs (or patterns) that these exceptions
+ would apply to. Last match wins. Just below this then are two explicit
+ matches for <SPAN
+CLASS="QUOTE"
+>".google.com"</SPAN
+>. The first is negating our previous
+ cookie setting, which was for <A
+HREF="actions-file.html#SESSION-COOKIES-ONLY"
+><SPAN
+CLASS="QUOTE"
+>"+session-cookies-only"</SPAN
+></A
+>
+ (i.e. not persistent). So we will allow persistent cookies for google, at
+ least that is how it is in this example. The second turns
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>off</I
+></SPAN
+> any <A
+HREF="actions-file.html#FAST-REDIRECTS"
+><SPAN
+CLASS="QUOTE"
+>"+fast-redirects"</SPAN
+></A
+>
+ action, allowing this to take place unmolested. Note that there is a leading
+ dot here -- <SPAN
+CLASS="QUOTE"
+>".google.com"</SPAN
+>. This will match any hosts and
+ sub-domains, in the google.com domain also, such as
+ <SPAN
+CLASS="QUOTE"
+>"www.google.com"</SPAN
+> or <SPAN
+CLASS="QUOTE"
+>"mail.google.com"</SPAN
+>. But it would not 
+ match <SPAN
+CLASS="QUOTE"
+>"www.google.de"</SPAN
+>! So, apparently, we have these two actions
+ defined as exceptions to the general rules at the top somewhere in the lower
+ part of our <TT
+CLASS="FILENAME"
+>default.action</TT
+> file, and
+ <SPAN
+CLASS="QUOTE"
+>"google.com"</SPAN
+> is referenced somewhere in these latter sections.</P
+><P
+> Then, for our <TT
+CLASS="FILENAME"
+>user.action</TT
+> file, we again have no hits.
+ So there is nothing google-specific that we might have added to our own, local
+ configuration. If there was, those actions would over-rule any actions from 
+ previously processed files, such as <TT
+CLASS="FILENAME"
+>default.action</TT
+>.
+ <TT
+CLASS="FILENAME"
+>user.action</TT
+> typically has the last word. This is the
+ best place to put hard and fast exceptions,</P
+><P
+> And finally we pull it all together in the bottom section and summarize how
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is applying all its <SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+> 
+ to <SPAN
+CLASS="QUOTE"
+>"google.com"</SPAN
+>:
</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>
 Final results:
+ 
+ -add-header
+ -block
+ +change-x-forwarded-for{block} 
+ -client-header-filter{hide-tor-exit-notation}
+ -content-type-overwrite
+ -crunch-client-header
+ -crunch-if-none-match
+ -crunch-incoming-cookies
+ -crunch-outgoing-cookies
+ -crunch-server-header
+ +deanimate-gifs {last}
+ -downgrade-http-version
+ -fast-redirects
+ -filter {js-events}
+ -filter {content-cookies}
+ -filter {all-popups}
+ -filter {banners-by-link}
+ -filter {tiny-textforms}
+ -filter {frameset-borders}
+ -filter {demoronizer}
+ -filter {shockwave-flash}
+ -filter {quicktime-kioskmode}
+ -filter {fun}
+ -filter {crude-parental}
+ -filter {site-specifics}
+ -filter {js-annoyances}
+ -filter {html-annoyances}
+ +filter {refresh-tags}
+ -filter {unsolicited-popups}
+ +filter {img-reorder}
+ +filter {banners-by-size}
+ +filter {webbugs}
+ +filter {jumping-windows}
+ +filter {ie-exploits}
+ -filter {google}
+ -filter {yahoo}
+ -filter {msn}
+ -filter {blogspot}
+ -filter {no-ping}
+ -force-text-mode
+ -handle-as-empty-document
+ -handle-as-image
+ -hide-accept-language
+ -hide-content-disposition
+ +hide-from-header {block}
+ -hide-if-modified-since
+ +hide-referrer {forge}
+ -hide-user-agent
+ -limit-connect
+ -overwrite-last-modified
+ -prevent-compression
+ -redirect
+ -server-header-filter{xml-to-html}
+ -server-header-filter{html-to-xml} 
+ -session-cookies-only
+ +set-image-blocker {pattern} </PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Notice the only difference here to the previous listing, is to 
+ <SPAN
+CLASS="QUOTE"
+>"fast-redirects"</SPAN
+> and <SPAN
+CLASS="QUOTE"
+>"session-cookies-only"</SPAN
+>,
+ which are activated specifically for this site in our configuration, 
+ and thus show in the <SPAN
+CLASS="QUOTE"
+>"Final Results"</SPAN
+>.</P
+><P
+> Now another example, <SPAN
+CLASS="QUOTE"
+>"ad.doubleclick.net"</SPAN
+>:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>
 { +block{Domains starts with "ad"} }
+  ad*.
+
+ { +block{Domain contains "ad"} }
+  .ad.
+
+ { +block{Doubleclick banner server} +handle-as-image }
+  .[a-vx-z]*.doubleclick.net</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> We'll just show the interesting part here - the explicit matches. It is 
+ matched three different times. Two <SPAN
+CLASS="QUOTE"
+>"+block{}"</SPAN
+> sections, 
+ and a <SPAN
+CLASS="QUOTE"
+>"+block{} +handle-as-image"</SPAN
+>,
+ which is the expanded form of one of our aliases that had been defined as: 
+ <SPAN
+CLASS="QUOTE"
+>"+block-as-image"</SPAN
+>. (<A
+HREF="actions-file.html#ALIASES"
+><SPAN
+CLASS="QUOTE"
+>"Aliases"</SPAN
+></A
+> are defined in
+ the first section of the actions file and typically used to combine more 
+ than one action.)</P
+><P
+> Any one of these would have done the trick and blocked this as an unwanted 
+ image. This is unnecessarily redundant since the last case effectively 
+ would also cover the first. No point in taking chances with these guys 
+ though ;-) Note that if you want an ad or obnoxious 
+ URL to be invisible, it should be defined as <SPAN
+CLASS="QUOTE"
+>"ad.doubleclick.net"</SPAN
+>
+ is done here -- as both a <A
+HREF="actions-file.html#BLOCK"
+><SPAN
+CLASS="QUOTE"
+>"+block{}"</SPAN
+></A
+>
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>and</I
+></SPAN
+> an 
+ <A
+HREF="actions-file.html#HANDLE-AS-IMAGE"
+><SPAN
+CLASS="QUOTE"
+>"+handle-as-image"</SPAN
+></A
+>.
+ The custom alias <SPAN
+CLASS="QUOTE"
+>"<TT
+CLASS="LITERAL"
+>+block-as-image</TT
+>"</SPAN
+> just
+ simplifies the process and make it more readable.</P
+><P
+> One last example. Let's try <SPAN
+CLASS="QUOTE"
+>"http://www.example.net/adsl/HOWTO/"</SPAN
+>.
+ This one is giving us problems. We are getting a blank page. Hmmm ...</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>
 Matches for http://www.example.net/adsl/HOWTO/:
+
+ In file: default.action <SPAN
+CLASS="GUIBUTTON"
+>[ View ]</SPAN
+> <SPAN
+CLASS="GUIBUTTON"
+>[ Edit ]</SPAN
+>
+
+ {-add-header 
+  -block
+  +change-x-forwarded-for{block} 
+  -client-header-filter{hide-tor-exit-notation}
+  -content-type-overwrite
+  -crunch-client-header
+  -crunch-if-none-match
+  -crunch-incoming-cookies
+  -crunch-outgoing-cookies
+  -crunch-server-header
+  +deanimate-gifs 
+  -downgrade-http-version 
+  +fast-redirects {check-decoded-url}
+  -filter {js-events}
+  -filter {content-cookies}
+  -filter {all-popups}
+  -filter {banners-by-link}
+  -filter {tiny-textforms}
+  -filter {frameset-borders}
+  -filter {demoronizer}
+  -filter {shockwave-flash}
+  -filter {quicktime-kioskmode}
+  -filter {fun}
+  -filter {crude-parental}
+  -filter {site-specifics}
+  -filter {js-annoyances}
+  -filter {html-annoyances}
+  +filter {refresh-tags}
+  -filter {unsolicited-popups}
+  +filter {img-reorder}
+  +filter {banners-by-size}
+  +filter {webbugs}
+  +filter {jumping-windows}
+  +filter {ie-exploits}
+  -filter {google}
+  -filter {yahoo}
+  -filter {msn}
+  -filter {blogspot}
+  -filter {no-ping}
+  -force-text-mode
+  -handle-as-empty-document
+  -handle-as-image 
+  -hide-accept-language
+  -hide-content-disposition  
+  +hide-from-header{block} 
+  +hide-referer{forge} 
+  -hide-user-agent 
+  -overwrite-last-modified
+  +prevent-compression 
+  -redirect
+  -server-header-filter{xml-to-html}
+  -server-header-filter{html-to-xml} 
+  +session-cookies-only 
+  +set-image-blocker{blank} }
+   /
+
+ { +block{Path contains "ads".} +handle-as-image }
+  /ads</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Ooops, the <SPAN
+CLASS="QUOTE"
+>"/adsl/"</SPAN
+> is matching <SPAN
+CLASS="QUOTE"
+>"/ads"</SPAN
+> in our 
+ configuration! But we did not want this at all! Now we see why we get the
+ blank page. It is actually triggering two different actions here, and 
+ the effects are aggregated so that the URL is blocked, and <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is told 
+ to treat the block as if it were an image. But this is, of course, all wrong.
+  We could now add a new action below this (or better in our own
+  <TT
+CLASS="FILENAME"
+>user.action</TT
+> file) that explicitly
+  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>un</I
+></SPAN
+> blocks (
+  <A
+HREF="actions-file.html#BLOCK"
+><SPAN
+CLASS="QUOTE"
+>"{-block}"</SPAN
+></A
+>) paths with
+  <SPAN
+CLASS="QUOTE"
+>"adsl"</SPAN
+> in them (remember, last match in the configuration
+  wins). There are various ways to handle such exceptions. Example:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>
 { -block }
+  /adsl</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Now the page displays ;-) 
+ Remember to flush your browser's caches when making these kinds of changes to
+ your configuration to insure that you get a freshly delivered page! Or, try
+ using <TT
+CLASS="LITERAL"
+>Shift+Reload</TT
+>.</P
+><P
+> But now what about a situation where we get no explicit matches like 
+ we did with:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>
 { +block{Path starts with "ads".} +handle-as-image }
+ /ads</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> That actually was very helpful and pointed us quickly to where the problem
+ was. If you don't get this kind of match, then it means one of the default 
+ rules in the first section of <TT
+CLASS="FILENAME"
+>default.action</TT
+> is causing
+ the problem. This would require some guesswork, and maybe a little trial and
+ error to isolate the offending rule. One likely cause would be one of the
+ <A
+HREF="actions-file.html#FILTER"
+><SPAN
+CLASS="QUOTE"
+>"+filter"</SPAN
+></A
+> actions.
+ These tend to be harder to troubleshoot.
+ Try adding the URL for the site to one of aliases that turn off
+ <A
+HREF="actions-file.html#FILTER"
+><SPAN
+CLASS="QUOTE"
+>"+filter"</SPAN
+></A
+>:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>
 { shop }
+ .quietpc.com
+ .worldpay.com   # for quietpc.com
+ .jungle.com
+ .scan.co.uk
+ .forbes.com</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> <SPAN
+CLASS="QUOTE"
+>"<TT
+CLASS="LITERAL"
+>{ shop }</TT
+>"</SPAN
+> is an <SPAN
+CLASS="QUOTE"
+>"alias"</SPAN
+> that expands to 
+ <SPAN
+CLASS="QUOTE"
+>"<TT
+CLASS="LITERAL"
+>{ -filter -session-cookies-only }</TT
+>"</SPAN
+>.
+ Or you could do your own exception to negate filtering:
</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>
 { -filter }
+ # Disable ALL filter actions for sites in this section
+ .forbes.com
+ developer.ibm.com
+ localhost</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> This would turn off all filtering for these sites. This is best
+ put in <TT
+CLASS="FILENAME"
+>user.action</TT
+>, for local site
+ exceptions. Note that when a simple domain pattern is used by itself (without
+ the subsequent path portion), all sub-pages within that domain are included 
+ automatically in the scope of the action.</P
+><P
+> Images that are inexplicably being blocked, may well be hitting the 
+<A
+HREF="actions-file.html#FILTER-BANNERS-BY-SIZE"
+><SPAN
+CLASS="QUOTE"
+>"+filter{banners-by-size}"</SPAN
+></A
+>
+ rule, which assumes 
+ that images of certain sizes are ad banners (works well 
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>most of the time</I
+></SPAN
+>  since these tend to be standardized).</P
+><P
+> <SPAN
+CLASS="QUOTE"
+>"<TT
+CLASS="LITERAL"
+>{ fragile }</TT
+>"</SPAN
+> is an alias that disables most
+ actions that are the most likely to cause trouble. This can be used as a
+ last resort for problem sites. </P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>
 { fragile }
+ # Handle with care: easy to break
+ mail.google.
+ mybank.example.com</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Remember to flush caches!</I
+></SPAN
+> Note that the 
+ <TT
+CLASS="LITERAL"
+>mail.google</TT
+> reference lacks the TLD portion (e.g. 
+ <SPAN
+CLASS="QUOTE"
+>".com"</SPAN
+>). This will effectively match any TLD with 
+ <TT
+CLASS="LITERAL"
+>google</TT
+> in it, such as <TT
+CLASS="LITERAL"
+>mail.google.de.</TT
+>, 
+ just as an example.</P
+><P
+> 
+ If this still does not work, you will have to go through the remaining
+ actions one by one to find which one(s) is causing the problem.</P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="seealso.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+> </TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>See Also</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+> </TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/user-manual/config.html b/external/privoxy/doc/webserver/user-manual/config.html
new file mode 100644
index 0000000..05e19b3
--- /dev/null
+++ b/external/privoxy/doc/webserver/user-manual/config.html
@@ -0,0 +1,4121 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>The Main Configuration File</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy 3.0.12 User Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Privoxy Configuration"
+HREF="configuration.html"><LINK
+REL="NEXT"
+TITLE="Actions Files"
+HREF="actions-file.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
+<LINK REL="STYLESHEET" TYPE="text/css" HREF="p_doc.css">
+</head
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy 3.0.12 User Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="configuration.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="actions-file.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="CONFIG"
+>7. The Main Configuration File</A
+></H1
+><P
+> Again, the main configuration file is named <TT
+CLASS="FILENAME"
+>config</TT
+> on
+ Linux/Unix/BSD and OS/2, and <TT
+CLASS="FILENAME"
+>config.txt</TT
+> on Windows.
+ Configuration lines consist of an initial keyword followed by a list of
+ values, all separated by whitespace (any number of spaces or tabs). For
+ example:</P
+><P
+> <TT
+CLASS="LITERAL"
+>  <P
+CLASS="LITERALLAYOUT"
+>  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>confdir /etc/privoxy</I
+></SPAN
+></P
+>
+ </TT
+> </P
+><P
+> Assigns the value <TT
+CLASS="LITERAL"
+>/etc/privoxy</TT
+> to the option
+ <TT
+CLASS="LITERAL"
+>confdir</TT
+> and thus indicates that the configuration
+ directory is named <SPAN
+CLASS="QUOTE"
+>"/etc/privoxy/"</SPAN
+>.</P
+><P
+> All options in the config file except for <TT
+CLASS="LITERAL"
+>confdir</TT
+> and
+ <TT
+CLASS="LITERAL"
+>logdir</TT
+> are optional. Watch out in the below description
+ for what happens if you leave them unset.</P
+><P
+> The main config file controls all aspects of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>'s
+ operation that are not location dependent (i.e. they apply universally, no matter
+ where you may be surfing).</P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="LOCAL-SET-UP"
+>7.1. Local Set-up Documentation</A
+></H2
+><P
+>    If you intend to operate <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> for more users
+    than just yourself, it might be a good idea to let them know how to reach
+    you, what you block and why you do that, your policies, etc.
+   </P
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="USER-MANUAL"
+>7.1.1. user-manual</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    Location of the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> User Manual.
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>A fully qualified URI</P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Unset</I
+></SPAN
+></P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    <A
+HREF="http://www.privoxy.org/user-manual/"
+TARGET="_top"
+>http://www.privoxy.org/<TT
+CLASS="REPLACEABLE"
+><I
+>version</I
+></TT
+>/user-manual/</A
+>
+    will be used, where <TT
+CLASS="REPLACEABLE"
+><I
+>version</I
+></TT
+> is the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> version.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    The User Manual URI is the single best source of information on 
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, and is used for help links from some
+    of the internal CGI pages. The manual itself is normally packaged with the
+    binary distributions, so you probably want to set this to a locally
+    installed copy. 
+   </P
+><P
+>    Examples:
+   </P
+><P
+>   The best all purpose solution is simply to put the full local
+   <TT
+CLASS="LITERAL"
+>PATH</TT
+> to where the <I
+CLASS="CITETITLE"
+>User Manual</I
+> is
+   located:
+  </P
+><P
+>   <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  user-manual  /usr/share/doc/privoxy/user-manual</PRE
+></TD
+></TR
+></TABLE
+>
+  </P
+><P
+>   The User Manual is then available to anyone with access to
+   <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, by following the built-in URL:
+   <TT
+CLASS="LITERAL"
+>http://config.privoxy.org/user-manual/</TT
+>
+   (or the shortcut: <TT
+CLASS="LITERAL"
+>http://p.p/user-manual/</TT
+>).
+  </P
+><P
+>   If the documentation is not on the local system, it can be accessed 
+   from a remote server, as:
+  </P
+><P
+>   <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  user-manual  http://example.com/privoxy/user-manual/</PRE
+></TD
+></TR
+></TABLE
+>
+  </P
+><DIV
+CLASS="WARNING"
+><P
+></P
+><TABLE
+CLASS="WARNING"
+BORDER="1"
+WIDTH="90%"
+><TR
+><TD
+ALIGN="CENTER"
+><B
+>Warning</B
+></TD
+></TR
+><TR
+><TD
+ALIGN="LEFT"
+><P
+>     If set, this option should be <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>the first option in the config
+     file</I
+></SPAN
+>, because it is used while the config file is being read
+     on start-up.
+   </P
+></TD
+></TR
+></TABLE
+></DIV
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="TRUST-INFO-URL"
+>7.1.2. trust-info-url</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    A URL to be displayed in the error page that users will see if access to an untrusted page is denied.    
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>URL</P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Unset</I
+></SPAN
+></P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    No links are displayed on the "untrusted" error page.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    The value of this option only matters if the experimental trust mechanism has been
+    activated. (See <A
+HREF="config.html#TRUSTFILE"
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>trustfile</I
+></SPAN
+></A
+> below.)
+   </P
+><P
+>    If you use the trust mechanism, it is a good idea to write up some on-line
+    documentation about your trust policy and to specify the URL(s) here.
+    Use multiple times for multiple URLs.
+   </P
+><P
+>    The URL(s) should be added to the trustfile as well, so users don't end up
+    locked out from the information on why they were locked out in the first place!
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="ADMIN-ADDRESS"
+>7.1.3. admin-address</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    An email address to reach the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> administrator.
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>Email address</P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Unset</I
+></SPAN
+></P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    No email address is displayed on error pages and the CGI user interface.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    If both <TT
+CLASS="LITERAL"
+>admin-address</TT
+> and <TT
+CLASS="LITERAL"
+>proxy-info-url</TT
+>
+    are unset, the whole "Local Privoxy Support" box on all generated pages will
+    not be shown.
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="PROXY-INFO-URL"
+>7.1.4. proxy-info-url</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    A URL to documentation about the local <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> setup,
+    configuration or policies.
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>URL</P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Unset</I
+></SPAN
+></P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    No link to local documentation is displayed on error pages and the CGI user interface.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    If both <TT
+CLASS="LITERAL"
+>admin-address</TT
+> and <TT
+CLASS="LITERAL"
+>proxy-info-url</TT
+>
+    are unset, the whole "Local Privoxy Support" box on all generated pages will
+    not be shown.
+   </P
+><P
+>    This URL shouldn't be blocked ;-)
+   </P
+></DD
+></DL
+></DIV
+></DIV
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="CONF-LOG-LOC"
+>7.2. Configuration and Log File Locations</A
+></H2
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can (and normally does) use a number of
+ other files for additional configuration, help and logging.
+ This section of the configuration file tells <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ where to find those other files. </P
+><P
+> The user running <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, must have read
+ permission for all configuration files, and write permission to any files
+ that would be modified, such as log files and actions files.</P
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="CONFDIR"
+>7.2.1. confdir</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>The directory where the other configuration files are located.</P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>Path name</P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+>/etc/privoxy (Unix) <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>or</I
+></SPAN
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> installation dir (Windows) </P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Mandatory</I
+></SPAN
+></P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    No trailing <SPAN
+CLASS="QUOTE"
+>"<TT
+CLASS="LITERAL"
+>/</TT
+>"</SPAN
+>, please.
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="TEMPLDIR"
+>7.2.2. templdir</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>An alternative directory where the templates are loaded from.</P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>Path name</P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+>unset</P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>The templates are assumed to be located in confdir/template.</P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> original templates are usually
+    overwritten with each update. Use this option to relocate customized
+    templates that should be kept. As template variables might change
+    between updates, you shouldn't expect templates to work with
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> releases other than the one
+    they were part of, though.
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="LOGDIR"
+>7.2.3. logdir</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    The directory where all logging takes place
+    (i.e. where the <TT
+CLASS="FILENAME"
+>logfile</TT
+> is located).
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>Path name</P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+>/var/log/privoxy (Unix) <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>or</I
+></SPAN
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> installation dir (Windows) </P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Mandatory</I
+></SPAN
+></P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    No trailing <SPAN
+CLASS="QUOTE"
+>"<TT
+CLASS="LITERAL"
+>/</TT
+>"</SPAN
+>, please.
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="ACTIONSFILE"
+>7.2.4. actionsfile</A
+></H4
+><A
+NAME="DEFAULT.ACTION"
+></A
+><A
+NAME="STANDARD.ACTION"
+></A
+><A
+NAME="USER.ACTION"
+></A
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    The <A
+HREF="actions-file.html"
+>actions file(s)</A
+> to use
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>Complete file name, relative to <TT
+CLASS="LITERAL"
+>confdir</TT
+></P
+></DD
+><DT
+>Default values:</DT
+><DD
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>     <P
+CLASS="LITERALLAYOUT"
+>  match-all.action # Actions that are applied to all sites and maybe overruled later on.</P
+>
+    </TD
+></TR
+><TR
+><TD
+>     <P
+CLASS="LITERALLAYOUT"
+>  default.action   # Main actions file</P
+>
+    </TD
+></TR
+><TR
+><TD
+>     <P
+CLASS="LITERALLAYOUT"
+>  user.action      # User customizations</P
+>
+    </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    No actions are taken at all. More or less neutral proxying. 
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    Multiple <TT
+CLASS="LITERAL"
+>actionsfile</TT
+> lines are permitted, and are in fact recommended!
+   </P
+><P
+> 
+    The default values are <TT
+CLASS="FILENAME"
+>default.action</TT
+>, which is the
+    <SPAN
+CLASS="QUOTE"
+>"main"</SPAN
+> actions file maintained by the developers, and
+    <TT
+CLASS="FILENAME"
+>user.action</TT
+>, where you can make your personal additions.
+   </P
+><P
+> 
+    Actions files contain all the per site and per URL configuration for 
+    ad blocking, cookie management, privacy considerations, etc.
+    There is no point in using <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> without at 
+    least one actions file.
+   </P
+><P
+>    Note that since Privoxy 3.0.7, the complete filename, including the <SPAN
+CLASS="QUOTE"
+>".action"</SPAN
+>
+    extension has to be specified.  The syntax change was necessary to be consistent
+    with the other file options and to allow previously forbidden characters.
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="FILTERFILE"
+>7.2.5. filterfile</A
+></H4
+><A
+NAME="DEFAULT.FILTER"
+></A
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    The <A
+HREF="filter-file.html"
+>filter file(s)</A
+> to use
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>File name, relative to <TT
+CLASS="LITERAL"
+>confdir</TT
+></P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+>default.filter (Unix) <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>or</I
+></SPAN
+> default.filter.txt (Windows)</P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    No textual content filtering takes place, i.e. all
+    <TT
+CLASS="LITERAL"
+>+<A
+HREF="actions-file.html#FILTER"
+>filter</A
+>{<TT
+CLASS="REPLACEABLE"
+><I
+>name</I
+></TT
+>}</TT
+>
+    actions in the actions files are turned neutral.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    Multiple <TT
+CLASS="LITERAL"
+>filterfile</TT
+> lines are permitted.
+   </P
+><P
+>    The <A
+HREF="filter-file.html"
+>filter files</A
+> contain content modification
+    rules that use <A
+HREF="appendix.html#REGEX"
+>regular expressions</A
+>. These rules permit
+    powerful changes on the content of Web pages, and optionally the headers
+    as well, e.g., you could try to disable your favorite JavaScript annoyances,
+    re-write the actual displayed text, or just have some fun 
+    playing buzzword bingo with web pages.
+   </P
+><P
+>    The
+    <TT
+CLASS="LITERAL"
+>+<A
+HREF="actions-file.html#FILTER"
+>filter</A
+>{<TT
+CLASS="REPLACEABLE"
+><I
+>name</I
+></TT
+>}</TT
+>
+    actions rely on the relevant filter (<TT
+CLASS="REPLACEABLE"
+><I
+>name</I
+></TT
+>)
+    to be defined in a filter file!
+   </P
+><P
+>    A pre-defined filter file called <TT
+CLASS="FILENAME"
+>default.filter</TT
+> that contains
+    a number of useful filters for common problems is included in the distribution.
+    See the section on the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#FILTER"
+>filter</A
+></TT
+>
+    action for a list.
+   </P
+><P
+>    It is recommended to place any locally adapted filters into a separate
+    file, such as <TT
+CLASS="FILENAME"
+>user.filter</TT
+>.
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="LOGFILE"
+>7.2.6. logfile</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    The log file to use
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>File name, relative to <TT
+CLASS="LITERAL"
+>logdir</TT
+></P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Unset (commented out)</I
+></SPAN
+>. When activated: logfile (Unix) <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>or</I
+></SPAN
+> privoxy.log (Windows).</P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    No logfile is written.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    The logfile is where all logging and error messages are written. The level
+    of detail and number of messages are set with the <TT
+CLASS="LITERAL"
+>debug</TT
+>
+    option (see below). The logfile can be useful for tracking down a problem with
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> (e.g., it's not blocking an ad you
+    think it should block) and it can help you to monitor what your browser
+    is doing.
+   </P
+><P
+>    Depending on the debug options below, the logfile may be a privacy risk
+    if third parties can get access to it. As most users will never look
+    at it, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 3.0.7 and later only log fatal
+    errors by default.
+   </P
+><P
+>    For most troubleshooting purposes, you will have to change that,
+    please refer to the debugging section for details.
+   </P
+><P
+>    Your logfile will grow indefinitely, and you will probably want to
+    periodically remove it.  On Unix systems, you can do this with a cron job
+    (see <SPAN
+CLASS="QUOTE"
+>"man cron"</SPAN
+>). For Red Hat based Linux distributions, a
+    <B
+CLASS="COMMAND"
+>logrotate</B
+> script has been included.
+   </P
+><P
+>    Any log files must be writable by whatever user <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+    is being run as (on Unix, default user id is <SPAN
+CLASS="QUOTE"
+>"privoxy"</SPAN
+>).
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="TRUSTFILE"
+>7.2.7. trustfile</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    The name of the trust file to use
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>File name, relative to <TT
+CLASS="LITERAL"
+>confdir</TT
+></P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Unset (commented out)</I
+></SPAN
+>. When activated: trust (Unix) <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>or</I
+></SPAN
+> trust.txt (Windows)</P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    The entire trust mechanism is disabled.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    The trust mechanism is an experimental feature for building white-lists and should
+    be used with care. It is <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>NOT</I
+></SPAN
+> recommended for the casual user.
+   </P
+><P
+>    If you specify a trust file, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will only allow
+    access to sites that are specified in the trustfile. Sites can be listed 
+    in one of two ways:
+   </P
+><P
+>    Prepending a <TT
+CLASS="LITERAL"
+>~</TT
+> character limits access to this site 
+    only (and any sub-paths within this site), e.g. 
+    <TT
+CLASS="LITERAL"
+>~www.example.com</TT
+> allows access to
+    <TT
+CLASS="LITERAL"
+>~www.example.com/features/news.html</TT
+>, etc. 
+   </P
+><P
+>    Or, you can designate sites as <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>trusted referrers</I
+></SPAN
+>, by
+    prepending the name with a <TT
+CLASS="LITERAL"
+>+</TT
+> character. The effect is that
+    access to untrusted sites will be granted -- but only if a link from this
+    trusted referrer was used to get there. The link target will then be added
+    to the <SPAN
+CLASS="QUOTE"
+>"trustfile"</SPAN
+> so that future, direct accesses will be
+    granted. Sites added via this mechanism do not become trusted referrers
+    themselves (i.e. they are added with a <TT
+CLASS="LITERAL"
+>~</TT
+> designation).
+    There is a limit of 512 such entries, after which new entries will not be
+    made.
+   </P
+><P
+>    If you use the <TT
+CLASS="LITERAL"
+>+</TT
+> operator in the trust file, it may grow 
+    considerably over time.
+   </P
+><P
+>    It is recommended that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> be compiled with
+    the <TT
+CLASS="LITERAL"
+>--disable-force</TT
+>, <TT
+CLASS="LITERAL"
+>--disable-toggle</TT
+> and
+    <TT
+CLASS="LITERAL"
+> --disable-editor</TT
+> options, if this feature is to be
+    used.
+   </P
+><P
+>    Possible applications include limiting Internet access for children.
+   </P
+></DD
+></DL
+></DIV
+></DIV
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="DEBUGGING"
+>7.3. Debugging</A
+></H2
+><P
+>  These options are mainly useful when tracing a problem.
+  Note that you might also want to invoke
+  <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> with the <TT
+CLASS="LITERAL"
+>--no-daemon</TT
+>
+  command line option when debugging.
+ </P
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="DEBUG"
+>7.3.1. debug</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    Key values that determine what information gets logged.
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>Integer values</P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+>0 (i.e.: only fatal errors (that cause Privoxy to exit) are logged)</P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    Default value is used (see above).
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    The available debug levels are:
+   </P
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  debug     1 # Log the destination for each request <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> let through. See also debug 1024.
+  debug     2 # show each connection status
+  debug     4 # show I/O status
+  debug     8 # show header parsing
+  debug    16 # log all data written to the network into the logfile
+  debug    32 # debug force feature
+  debug    64 # debug regular expression filters
+  debug   128 # debug redirects
+  debug   256 # debug GIF de-animation
+  debug   512 # Common Log Format
+  debug  1024 # Log the destination for requests <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> didn't let through, and the reason why.
+  debug  2048 # CGI user interface
+  debug  4096 # Startup banner and warnings.
+  debug  8192 # Non-fatal errors</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    To select multiple debug levels, you can either add them or use
+    multiple <TT
+CLASS="LITERAL"
+>debug</TT
+> lines.
+   </P
+><P
+>    A debug level of 1 is informative because it will show you each request
+    as it happens. <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>1, 4096 and 8192 are recommended</I
+></SPAN
+>
+    so that you will notice when things go wrong. The other levels are
+    probably only of interest if you are hunting down a specific problem.
+    They can produce a hell of an output (especially 16).
+    
+   </P
+><P
+>    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> used to ship with the debug levels recommended above enabled by
+    default, but due to privacy concerns 3.0.7 and later are configured to
+    only log fatal errors.
+   </P
+><P
+>    If you are used to the more verbose settings, simply enable the debug lines
+    below again.
+   </P
+><P
+>    If you want to use pure CLF (Common Log Format), you should set <SPAN
+CLASS="QUOTE"
+>"debug
+    512"</SPAN
+> <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>ONLY</I
+></SPAN
+> and not enable anything else.
+   </P
+><P
+>    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> has a hard-coded limit for the
+    length of log messages. If it's reached, messages are logged truncated
+    and marked with <SPAN
+CLASS="QUOTE"
+>"... [too long, truncated]"</SPAN
+>.
+   </P
+><P
+>    Please don't file any support requests without trying to reproduce
+    the problem with increased debug level first. Once you read the log
+    messages, you may even be able to solve the problem on your own.
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="SINGLE-THREADED"
+>7.3.2. single-threaded</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    Whether to run only one server thread.
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>None</I
+></SPAN
+></P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Unset</I
+></SPAN
+></P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    Multi-threaded (or, where unavailable: forked) operation, i.e. the ability to
+    serve multiple requests simultaneously.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    This option is only there for debugging purposes.
+    <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>It will drastically reduce performance.</I
+></SPAN
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="HOSTNAME"
+>7.3.3. hostname</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    The hostname shown on the CGI pages.
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>Text</P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Unset</I
+></SPAN
+></P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    The hostname provided by the operating system is used.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    On some misconfigured systems resolving the hostname fails or
+    takes too much time and slows Privoxy down. Setting a fixed hostname
+    works around the problem.
+   </P
+><P
+>    In other circumstances it might be desirable to show a hostname
+    other than the one returned by the operating system. For example
+    if the system has several different hostnames and you don't want
+    to use the first one.
+   </P
+><P
+>    Note that Privoxy does not validate the specified hostname value.
+   </P
+></DD
+></DL
+></DIV
+></DIV
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="ACCESS-CONTROL"
+>7.4. Access Control and Security</A
+></H2
+><P
+>  This section of the config file controls the security-relevant aspects
+  of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>'s configuration.
+ </P
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="LISTEN-ADDRESS"
+>7.4.1. listen-address</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    The IP address and TCP port on which <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will
+    listen for client requests.
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>[<TT
+CLASS="REPLACEABLE"
+><I
+>IP-Address</I
+></TT
+>]:<TT
+CLASS="REPLACEABLE"
+><I
+>Port</I
+></TT
+></P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+>127.0.0.1:8118</P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    Bind to 127.0.0.1 (localhost), port 8118. This is suitable and recommended for
+    home users who run <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> on the same machine as
+    their browser.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    You will need to configure your browser(s) to this proxy address and port.
+   </P
+><P
+>    If you already have another service running on port 8118, or if you want to
+    serve requests from other machines (e.g. on your local network) as well, you
+    will need to override the default.
+   </P
+><P
+>    If you leave out the IP address, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will
+    bind to all interfaces (addresses) on your machine and may become reachable
+    from the Internet. In that case, consider using <A
+HREF="config.html#ACLS"
+>access control lists</A
+> (ACL's, see below), and/or
+    a firewall.
+   </P
+><P
+>    If you open <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to untrusted users, you will
+    also want to make sure that the following actions are disabled:  <TT
+CLASS="LITERAL"
+><A
+HREF="config.html#ENABLE-EDIT-ACTIONS"
+>enable-edit-actions</A
+></TT
+> and
+    <TT
+CLASS="LITERAL"
+><A
+HREF="config.html#ENABLE-REMOTE-TOGGLE"
+>enable-remote-toggle</A
+></TT
+>
+   </P
+></DD
+><DT
+>Example:</DT
+><DD
+><P
+>     Suppose you are running <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> on
+     a machine which has the address 192.168.0.1 on your local private network
+     (192.168.0.0) and has another outside connection with a different address.
+     You want it to serve requests from inside only:
+   </P
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="PROGRAMLISTING"
+>  listen-address  192.168.0.1:8118</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="TOGGLE"
+>7.4.2. toggle</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    Initial state of "toggle" status
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>1 or 0</P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+>1</P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    Act as if toggled on
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    If set to 0, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will start in
+    <SPAN
+CLASS="QUOTE"
+>"toggled off"</SPAN
+> mode, i.e. mostly behave like a normal,
+    content-neutral proxy with both ad blocking and content filtering
+    disabled. See <TT
+CLASS="LITERAL"
+>enable-remote-toggle</TT
+> below.
+   </P
+><P
+>    The windows version will only display the toggle icon in the system tray
+    if this option is present.
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="ENABLE-REMOTE-TOGGLE"
+>7.4.3. enable-remote-toggle</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    Whether or not the <A
+HREF="http://config.privoxy.org/toggle"
+TARGET="_top"
+>web-based toggle
+    feature</A
+> may be used
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>0 or 1</P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+>0</P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    The web-based toggle feature is disabled.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    When toggled off, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> mostly acts like a normal,
+    content-neutral proxy, i.e. doesn't block ads or filter content.
+   </P
+><P
+>    Access to the toggle feature can <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not</I
+></SPAN
+> be
+    controlled separately by <SPAN
+CLASS="QUOTE"
+>"ACLs"</SPAN
+> or HTTP authentication,
+    so that everybody who can access <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> (see
+    <SPAN
+CLASS="QUOTE"
+>"ACLs"</SPAN
+> and <TT
+CLASS="LITERAL"
+>listen-address</TT
+> above) can
+    toggle it for all users. So this option is <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not recommended</I
+></SPAN
+>
+    for multi-user environments with untrusted users.
+   </P
+><P
+>    Note that malicious client side code (e.g Java) is also
+    capable of using this option.
+   </P
+><P
+>    As a lot of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> users don't read
+    documentation, this feature is disabled by default.
+   </P
+><P
+>    Note that you must have compiled <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> with
+    support for this feature, otherwise this option has no effect. 
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="ENABLE-REMOTE-HTTP-TOGGLE"
+>7.4.4. enable-remote-http-toggle</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    Whether or not Privoxy recognizes special HTTP headers to change its behaviour.
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>0 or 1</P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+>0</P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    Privoxy ignores special HTTP headers.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    When toggled on, the client can change <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+>
+    behaviour by setting special HTTP headers. Currently the only supported
+    special header is <SPAN
+CLASS="QUOTE"
+>"X-Filter: No"</SPAN
+>, to disable filtering for
+    the ongoing request, even if it is enabled in one of the action files.
+   </P
+><P
+>    This feature is disabled by default. If you are using
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> in a environment with trusted clients,
+    you may enable this feature at your discretion. Note that malicious client
+    side code (e.g Java) is also capable of using this feature.
+   </P
+><P
+>    This option will be removed in future releases as it has been obsoleted
+    by the more general header taggers.
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="ENABLE-EDIT-ACTIONS"
+>7.4.5. enable-edit-actions</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    Whether or not the <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>web-based actions
+    file editor</A
+> may be used
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>0 or 1</P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+>0</P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    The web-based actions file editor is disabled.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    Access to the editor can <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not</I
+></SPAN
+> be
+    controlled separately by <SPAN
+CLASS="QUOTE"
+>"ACLs"</SPAN
+> or HTTP authentication,
+    so that everybody who can access <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> (see
+    <SPAN
+CLASS="QUOTE"
+>"ACLs"</SPAN
+> and <TT
+CLASS="LITERAL"
+>listen-address</TT
+> above) can
+    modify its configuration for all users.
+   </P
+><P
+>    This option is <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not recommended</I
+></SPAN
+> for environments
+    with untrusted users and as a lot of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+    users don't read documentation, this feature is disabled by default.
+   </P
+><P
+>    Note that malicious client side code (e.g Java) is also
+    capable of using the actions editor and you shouldn't enable
+    this options unless you understand the consequences and are
+    sure your browser is configured correctly.
+   </P
+><P
+>    Note that you must have compiled <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> with
+    support for this feature, otherwise this option has no effect. 
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="ENFORCE-BLOCKS"
+>7.4.6. enforce-blocks</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    Whether the user is allowed to ignore blocks and can <SPAN
+CLASS="QUOTE"
+>"go there anyway"</SPAN
+>.
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>    <TT
+CLASS="REPLACEABLE"
+><I
+>0 or 1</I
+></TT
+>
+   </P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>0</I
+></SPAN
+></P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    Blocks are not enforced.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is mainly used to block and filter
+    requests as a service to the user, for example to block ads and other
+    junk that clogs the pipes. <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> configuration
+    isn't perfect and sometimes innocent pages are blocked. In this situation it
+    makes sense to allow the user to enforce the request and have
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> ignore the block.
+   </P
+><P
+>    In the default configuration <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+>
+    <SPAN
+CLASS="QUOTE"
+>"Blocked"</SPAN
+> page contains a <SPAN
+CLASS="QUOTE"
+>"go there anyway"</SPAN
+>
+    link to adds a special string (the force prefix) to the request URL.
+    If that link is used, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will
+    detect the force prefix, remove it again and let the request pass.
+   </P
+><P
+>    Of course <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can also be used to enforce
+    a network policy. In that case the user obviously should not be able to
+    bypass any blocks, and that's what the <SPAN
+CLASS="QUOTE"
+>"enforce-blocks"</SPAN
+>
+    option is for. If it's enabled, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> hides
+    the <SPAN
+CLASS="QUOTE"
+>"go there anyway"</SPAN
+> link. If the user adds the force
+    prefix by hand, it will not be accepted and the circumvention attempt
+    is logged.
+   </P
+></DD
+><DT
+>Examples:</DT
+><DD
+><P
+>    enforce-blocks 1
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="ACLS"
+>7.4.7. ACLs: permit-access and deny-access</A
+></H4
+><A
+NAME="PERMIT-ACCESS"
+></A
+><A
+NAME="DENY-ACCESS"
+></A
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    Who can access what.
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>    <TT
+CLASS="REPLACEABLE"
+><I
+>src_addr</I
+></TT
+>[/<TT
+CLASS="REPLACEABLE"
+><I
+>src_masklen</I
+></TT
+>]
+    [<TT
+CLASS="REPLACEABLE"
+><I
+>dst_addr</I
+></TT
+>[/<TT
+CLASS="REPLACEABLE"
+><I
+>dst_masklen</I
+></TT
+>]]
+   </P
+><P
+>    Where <TT
+CLASS="REPLACEABLE"
+><I
+>src_addr</I
+></TT
+> and 
+   <TT
+CLASS="REPLACEABLE"
+><I
+>dst_addr</I
+></TT
+> are IP addresses in dotted decimal notation or valid
+    DNS names, and <TT
+CLASS="REPLACEABLE"
+><I
+>src_masklen</I
+></TT
+> and
+    <TT
+CLASS="REPLACEABLE"
+><I
+>dst_masklen</I
+></TT
+> are subnet masks in CIDR notation, i.e. integer
+    values from 2 to 30 representing the length (in bits) of the network address. The masks and the whole
+    destination part are optional.
+   </P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Unset</I
+></SPAN
+></P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    Don't restrict access further than implied by <TT
+CLASS="LITERAL"
+>listen-address</TT
+>
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    Access controls are included at the request of ISPs and systems
+    administrators, and <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>are not usually needed by individual users</I
+></SPAN
+>.
+    For a typical home user, it will normally suffice to ensure that 
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> only listens on the localhost
+    (127.0.0.1) or internal (home) network address by means of the
+    <A
+HREF="config.html#LISTEN-ADDRESS"
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>listen-address</I
+></SPAN
+></A
+>
+    option. 
+   </P
+><P
+>    Please see the warnings in the FAQ that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+    is not intended to be a substitute for a firewall or to encourage anyone
+    to defer addressing basic security weaknesses.
+   </P
+><P
+>    Multiple ACL lines are OK.
+    If any ACLs are specified, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> only talks
+    to IP addresses that match at least one <TT
+CLASS="LITERAL"
+>permit-access</TT
+> line
+    and don't match any subsequent <TT
+CLASS="LITERAL"
+>deny-access</TT
+> line. In other words, the
+    last match wins, with the default being <TT
+CLASS="LITERAL"
+>deny-access</TT
+>.
+   </P
+><P
+>    If <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is using a forwarder (see <TT
+CLASS="LITERAL"
+>forward</TT
+> below)
+    for a particular destination URL, the <TT
+CLASS="REPLACEABLE"
+><I
+>dst_addr</I
+></TT
+>
+    that is examined is the address of the forwarder and <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>NOT</I
+></SPAN
+> the address
+    of the ultimate target. This is necessary because it may be impossible for the local
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to determine the IP address of the
+    ultimate target (that's often what gateways are used for).
+   </P
+><P
+>    You should prefer using IP addresses over DNS names, because the address lookups take
+    time. All DNS names must resolve! You can <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not</I
+></SPAN
+> use domain patterns
+    like <SPAN
+CLASS="QUOTE"
+>"*.org"</SPAN
+> or partial domain names. If a DNS name resolves to multiple
+    IP addresses, only the first one is used.
+   </P
+><P
+>    Denying access to particular sites by ACL may have undesired side effects
+    if the site in question is hosted on a machine which also hosts other sites
+    (most sites are).
+   </P
+></DD
+><DT
+>Examples:</DT
+><DD
+><P
+>    Explicitly define the default behavior if no ACL and
+    <TT
+CLASS="LITERAL"
+>listen-address</TT
+> are set: <SPAN
+CLASS="QUOTE"
+>"localhost"</SPAN
+>
+    is OK. The absence of a <TT
+CLASS="REPLACEABLE"
+><I
+>dst_addr</I
+></TT
+> implies that
+    <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>all</I
+></SPAN
+> destination addresses are OK:
+   </P
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  permit-access  localhost</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    Allow any host on the same class C subnet as www.privoxy.org access to
+    nothing but www.example.com (or other domains hosted on the same system):
+   </P
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  permit-access  www.privoxy.org/24 www.example.com/32</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    Allow access from any host on the 26-bit subnet 192.168.45.64 to anywhere,
+    with the exception that 192.168.45.73 may not access the IP address behind
+    www.dirty-stuff.example.com:
+   </P
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  permit-access  192.168.45.64/26
+  deny-access    192.168.45.73    www.dirty-stuff.example.com</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="BUFFER-LIMIT"
+>7.4.8. buffer-limit</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    Maximum size of the buffer for content filtering.
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>Size in Kbytes</P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+>4096</P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    Use a 4MB (4096 KB) limit.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    For content filtering, i.e. the <TT
+CLASS="LITERAL"
+>+filter</TT
+> and
+    <TT
+CLASS="LITERAL"
+>+deanimate-gif</TT
+> actions, it is necessary that 
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> buffers the entire document body.
+    This can be potentially dangerous, since a server could just keep sending
+    data indefinitely and wait for your RAM to exhaust -- with nasty consequences.
+    Hence this option.
+   </P
+><P
+>    When a document buffer size reaches the <TT
+CLASS="LITERAL"
+>buffer-limit</TT
+>, it is
+    flushed to the client unfiltered and no further attempt to
+    filter the rest of the document is made. Remember that there may be multiple threads
+    running, which might require up to <TT
+CLASS="LITERAL"
+>buffer-limit</TT
+> Kbytes
+    <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>each</I
+></SPAN
+>, unless you have enabled <SPAN
+CLASS="QUOTE"
+>"single-threaded"</SPAN
+>
+    above.
+   </P
+></DD
+></DL
+></DIV
+></DIV
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="FORWARDING"
+>7.5. Forwarding</A
+></H2
+><P
+> This feature allows routing of HTTP requests through a chain of
+ multiple proxies.</P
+><P
+> Forwarding can be used to chain Privoxy with a caching proxy to speed
+ up browsing. Using a parent proxy may also be necessary if the machine
+ that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> runs on has no direct Internet access.</P
+><P
+> Note that parent proxies can severely decrease your privacy level.
+ For example a parent proxy could add your IP address to the request
+ headers and if it's a caching proxy it may add the <SPAN
+CLASS="QUOTE"
+>"Etag"</SPAN
+>
+ header to revalidation requests again, even though you configured Privoxy
+ to remove it. It may also ignore Privoxy's header time randomization and use the
+ original values which could be used by the server as cookie replacement
+ to track your steps between visits.</P
+><P
+> Also specified here are SOCKS proxies. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ supports the SOCKS 4 and SOCKS 4A protocols.</P
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="FORWARD"
+>7.5.1. forward</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    To which parent HTTP proxy specific requests should be routed.
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>    <TT
+CLASS="REPLACEABLE"
+><I
+>target_pattern</I
+></TT
+>
+    <TT
+CLASS="REPLACEABLE"
+><I
+>http_parent</I
+></TT
+>[:<TT
+CLASS="REPLACEABLE"
+><I
+>port</I
+></TT
+>]
+   </P
+><P
+>    where <TT
+CLASS="REPLACEABLE"
+><I
+>target_pattern</I
+></TT
+> is a <A
+HREF="actions-file.html#AF-PATTERNS"
+>URL pattern</A
+> 
+    that specifies to which requests (i.e. URLs) this forward rule shall apply. Use <TT
+CLASS="LITERAL"
+>/</TT
+> to
+    denote <SPAN
+CLASS="QUOTE"
+>"all URLs"</SPAN
+>.
+    <TT
+CLASS="REPLACEABLE"
+><I
+>http_parent</I
+></TT
+>[:<TT
+CLASS="REPLACEABLE"
+><I
+>port</I
+></TT
+>]
+    is the DNS name or IP address of the parent HTTP proxy through which the requests should be forwarded,
+    optionally followed by its listening port (default: 8080).
+    Use a single dot (<TT
+CLASS="LITERAL"
+>.</TT
+>) to denote <SPAN
+CLASS="QUOTE"
+>"no forwarding"</SPAN
+>.
+   </P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Unset</I
+></SPAN
+></P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    Don't use parent HTTP proxies.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    If <TT
+CLASS="REPLACEABLE"
+><I
+>http_parent</I
+></TT
+> is <SPAN
+CLASS="QUOTE"
+>"."</SPAN
+>, then requests are not
+    forwarded to another HTTP proxy but are made directly to the web servers.
+   </P
+><P
+>    Multiple lines are OK, they are checked in sequence, and the last match wins.
+   </P
+></DD
+><DT
+>Examples:</DT
+><DD
+><P
+>    Everything goes to an example parent proxy, except SSL on port 443 (which it doesn't handle):
+   </P
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  forward   /      parent-proxy.example.org:8080
+  forward   :443   .</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    Everything goes to our example ISP's caching proxy, except for requests
+    to that ISP's sites:
+   </P
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  forward   /                  caching-proxy.isp.example.net:8000
+  forward   .isp.example.net   .</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="SOCKS"
+>7.5.2. forward-socks4, forward-socks4a and forward-socks5</A
+></H4
+><A
+NAME="FORWARD-SOCKS4"
+></A
+><A
+NAME="FORWARD-SOCKS4A"
+></A
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    Through which SOCKS proxy (and optionally to which parent HTTP proxy) specific requests should be routed.
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>    <TT
+CLASS="REPLACEABLE"
+><I
+>target_pattern</I
+></TT
+>
+    <TT
+CLASS="REPLACEABLE"
+><I
+>socks_proxy</I
+></TT
+>[:<TT
+CLASS="REPLACEABLE"
+><I
+>port</I
+></TT
+>]
+    <TT
+CLASS="REPLACEABLE"
+><I
+>http_parent</I
+></TT
+>[:<TT
+CLASS="REPLACEABLE"
+><I
+>port</I
+></TT
+>]
+   </P
+><P
+>    where <TT
+CLASS="REPLACEABLE"
+><I
+>target_pattern</I
+></TT
+> is a
+    <A
+HREF="actions-file.html#AF-PATTERNS"
+>URL pattern</A
+> that specifies to which
+    requests (i.e. URLs) this forward rule shall apply. Use <TT
+CLASS="LITERAL"
+>/</TT
+> to
+    denote <SPAN
+CLASS="QUOTE"
+>"all URLs"</SPAN
+>. <TT
+CLASS="REPLACEABLE"
+><I
+>http_parent</I
+></TT
+>
+    and <TT
+CLASS="REPLACEABLE"
+><I
+>socks_proxy</I
+></TT
+>
+    are IP addresses in dotted decimal notation or valid DNS names
+    (<TT
+CLASS="REPLACEABLE"
+><I
+>http_parent</I
+></TT
+>
+    may be <SPAN
+CLASS="QUOTE"
+>"."</SPAN
+> to denote <SPAN
+CLASS="QUOTE"
+>"no HTTP forwarding"</SPAN
+>), and the optional 
+    <TT
+CLASS="REPLACEABLE"
+><I
+>port</I
+></TT
+> parameters are TCP ports,
+    i.e. integer values from 1 to 65535
+   </P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Unset</I
+></SPAN
+></P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    Don't use SOCKS proxies.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    Multiple lines are OK, they are checked in sequence, and the last match wins.
+   </P
+><P
+>    The difference between <TT
+CLASS="LITERAL"
+>forward-socks4</TT
+> and <TT
+CLASS="LITERAL"
+>forward-socks4a</TT
+>
+    is that in the SOCKS 4A protocol, the DNS resolution of the target hostname happens on the SOCKS
+    server, while in SOCKS 4 it happens locally.
+   </P
+><P
+>    With <TT
+CLASS="LITERAL"
+>forward-socks5</TT
+> the DNS resolution will happen on the remote server as well.
+   </P
+><P
+>    If <TT
+CLASS="REPLACEABLE"
+><I
+>http_parent</I
+></TT
+> is <SPAN
+CLASS="QUOTE"
+>"."</SPAN
+>, then requests are not
+    forwarded to another HTTP proxy but are made (HTTP-wise) directly to the web servers, albeit through
+    a SOCKS proxy.
+   </P
+></DD
+><DT
+>Examples:</DT
+><DD
+><P
+>     From the company example.com, direct connections are made to all
+     <SPAN
+CLASS="QUOTE"
+>"internal"</SPAN
+> domains, but everything outbound goes through
+     their ISP's proxy by way of example.com's corporate SOCKS 4A gateway to
+     the Internet.
+   </P
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  forward-socks4a   /              socks-gw.example.com:1080  www-cache.isp.example.net:8080
+  forward           .example.com   .</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    A rule that uses a SOCKS 4 gateway for all destinations but no HTTP parent looks like this:
+   </P
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  forward-socks4   /               socks-gw.example.com:1080  .</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    To chain Privoxy and Tor, both running on the same system, you would use 
+    something like:
+   </P
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  forward-socks4a   /               127.0.0.1:9050 .</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    The public <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+> network can't be used to
+    reach your local network, if you need to access local servers you
+    therefore might want to make some exceptions:
+   </P
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  forward         192.168.*.*/     .
+  forward            10.*.*.*/     .
+  forward           127.*.*.*/     .</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+><P
+>    Unencrypted connections to systems in these address ranges will
+    be as (un)secure as the local network is, but the alternative is that you
+    can't reach the local network through <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+    at all. Of course this may actually be desired and there is no reason
+    to make these exceptions if you aren't sure you need them.
+   </P
+><P
+>    If you also want to be able to reach servers in your local network by
+    using their names, you will need additional exceptions that look like
+    this:
+   </P
+><P
+>    <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="90%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> forward           localhost/     .</PRE
+></TD
+></TR
+></TABLE
+>
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="ADVANCED-FORWARDING-EXAMPLES"
+>7.5.3. Advanced Forwarding Examples</A
+></H4
+><P
+> If you have links to multiple ISPs that provide various special content 
+ only to their subscribers, you can configure multiple <SPAN
+CLASS="APPLICATION"
+>Privoxies</SPAN
+>
+ which have connections to the respective ISPs to act as forwarders to each other, so that
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>your</I
+></SPAN
+> users can see the internal content of all ISPs.</P
+><P
+> Assume that host-a has a PPP connection to isp-a.example.net. And host-b has a PPP connection to
+ isp-b.example.org. Both run <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>. Their forwarding
+ configuration can look like this:</P
+><P
+> host-a:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  forward    /           .
+  forward    .isp-b.example.net  host-b:8118</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> host-b:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  forward    /           .
+  forward    .isp-a.example.org  host-a:8118</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Now, your users can set their browser's proxy to use either
+ host-a or host-b and be able to browse the internal content
+ of both isp-a and isp-b.</P
+><P
+> If you intend to chain <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> and 
+ <SPAN
+CLASS="APPLICATION"
+>squid</SPAN
+> locally, then chaining as 
+ <TT
+CLASS="LITERAL"
+>browser -> squid -> privoxy</TT
+> is the recommended way. </P
+><P
+> Assuming that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> and <SPAN
+CLASS="APPLICATION"
+>squid</SPAN
+>
+ run on the same box, your <SPAN
+CLASS="APPLICATION"
+>squid</SPAN
+> configuration could then look like this:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  # Define Privoxy as parent proxy (without ICP) 
+  cache_peer 127.0.0.1 parent 8118 7 no-query 
+
+  # Define ACL for protocol FTP 
+  acl ftp proto FTP 
+
+  # Do not forward FTP requests to Privoxy
+  always_direct allow ftp 
+
+  # Forward all the rest to Privoxy
+  never_direct allow all</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> You would then need to change your browser's proxy settings to <SPAN
+CLASS="APPLICATION"
+>squid</SPAN
+>'s address and port.
+ Squid normally uses port 3128. If unsure consult <TT
+CLASS="LITERAL"
+>http_port</TT
+> in <TT
+CLASS="FILENAME"
+>squid.conf</TT
+>.</P
+><P
+> You could just as well decide to only forward requests you suspect
+ of leading to Windows executables through a virus-scanning parent proxy,
+ say, on <TT
+CLASS="LITERAL"
+>antivir.example.com</TT
+>, port 8010:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  forward   /                          .
+  forward   /.*\.(exe|com|dll|zip)$    antivir.example.com:8010</PRE
+></TD
+></TR
+></TABLE
+> </P
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="FORWARDED-CONNECT-RETRIES"
+>7.5.4. forwarded-connect-retries</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    How often Privoxy retries if a forwarded connection request fails. 
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>    <TT
+CLASS="REPLACEABLE"
+><I
+>Number of retries.</I
+></TT
+>
+   </P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>0</I
+></SPAN
+></P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    Connections forwarded through other proxies are treated like direct connections and no retry attempts are made.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    <TT
+CLASS="REPLACEABLE"
+><I
+>forwarded-connect-retries</I
+></TT
+> is mainly interesting
+    for socks4a connections, where <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can't detect why the connections failed.
+    The connection might have failed because of a DNS timeout in which case a retry makes sense,
+    but it might also have failed because the server doesn't exist or isn't reachable. In this
+    case the retry will just delay the appearance of Privoxy's error message.
+   </P
+><P
+>    Note that in the context of this option, <SPAN
+CLASS="QUOTE"
+>"forwarded connections"</SPAN
+> includes all connections
+    that Privoxy forwards through other proxies. This option is not limited to the HTTP CONNECT method.
+   </P
+><P
+>    Only use this option, if you are getting lots of forwarding-related error messages
+    that go away when you try again manually. Start with a small value and check Privoxy's
+    logfile from time to time, to see how many retries are usually needed.
+   </P
+></DD
+><DT
+>Examples:</DT
+><DD
+><P
+>    forwarded-connect-retries 1
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="ACCEPT-INTERCEPTED-REQUESTS"
+>7.5.5. accept-intercepted-requests</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    Whether intercepted requests should be treated as valid.
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>    <TT
+CLASS="REPLACEABLE"
+><I
+>0 or 1</I
+></TT
+>
+   </P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>0</I
+></SPAN
+></P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    Only proxy requests are accepted, intercepted requests are treated as invalid.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    If you don't trust your clients and want to force them
+    to use <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, enable this
+    option and configure your packet filter to redirect outgoing
+    HTTP connections into <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>. 
+   </P
+><P
+>    Make sure that <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> own requests
+    aren't redirected as well. Additionally take care that
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can't intentionally connect
+    to itself, otherwise you could run into redirection loops if
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> listening port is reachable
+    by the outside or an attacker has access to the pages you visit.
+   </P
+></DD
+><DT
+>Examples:</DT
+><DD
+><P
+>    accept-intercepted-requests 1
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="ALLOW-CGI-REQUEST-CRUNCHING"
+>7.5.6. allow-cgi-request-crunching</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    Whether requests to <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> CGI pages can be blocked or redirected.
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>    <TT
+CLASS="REPLACEABLE"
+><I
+>0 or 1</I
+></TT
+>
+   </P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>0</I
+></SPAN
+></P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> ignores block and redirect actions for its CGI pages.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    By default <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> ignores block or redirect actions
+    for its CGI pages. Intercepting these requests can be useful in multi-user
+    setups to implement fine-grained access control, but it can also render the complete
+    web interface useless and make debugging problems painful if done without care.
+   </P
+><P
+>    Don't enable this option unless you're sure that you really need it.
+   </P
+></DD
+><DT
+>Examples:</DT
+><DD
+><P
+>    allow-cgi-request-crunching 1
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="SPLIT-LARGE-FORMS"
+>7.5.7. split-large-forms</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    Whether the CGI interface should stay compatible with broken HTTP clients.
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>    <TT
+CLASS="REPLACEABLE"
+><I
+>0 or 1</I
+></TT
+>
+   </P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>0</I
+></SPAN
+></P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    The CGI form generate long GET URLs.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> CGI forms can lead to
+    rather long URLs. This isn't a problem as far as the HTTP
+    standard is concerned, but it can confuse clients with arbitrary
+    URL length limitations.
+   </P
+><P
+>    Enabling split-large-forms causes <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+    to divide big forms into smaller ones to keep the URL length down.
+    It makes editing a lot less convenient and you can no longer
+    submit all changes at once, but at least it works around this
+    browser bug.
+   </P
+><P
+>    If you don't notice any editing problems, there is no reason
+    to enable this option, but if one of the submit buttons appears
+    to be broken, you should give it a try.
+   </P
+></DD
+><DT
+>Examples:</DT
+><DD
+><P
+>    split-large-forms 1
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="KEEP-ALIVE-TIMEOUT"
+>7.5.8. keep-alive-timeout</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    Number of seconds after which an open connection will no longer be reused.
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>    <TT
+CLASS="REPLACEABLE"
+><I
+>Time in seconds.</I
+></TT
+>
+   </P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+>None</P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    Connections are not reused.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    This option has no effect if <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+    has been compiled without keep-alive support.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    Note that reusing connections doesn't necessary cause speedups.
+    There are also a few privacy implications you should be aware of.
+   </P
+><P
+>    Outgoing connections are shared between clients (if there are more
+    than one) and closing the client that initiated the outgoing connection
+    does not affect the connection between <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> and the server unless
+    the client's request hasn't been completed yet. If the outgoing connection
+    is idle, it will not be closed until either <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+>
+    or the server's timeout is reached. While it's open, the server knows
+    that the system running <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is still there.
+   </P
+></DD
+><DT
+>Examples:</DT
+><DD
+><P
+>    keep-alive-timeout 300
+   </P
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="SECT3"
+><H4
+CLASS="SECT3"
+><A
+NAME="SOCKET-TIMEOUT"
+>7.5.9. socket-timeout</A
+></H4
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Specifies:</DT
+><DD
+><P
+>    Number of seconds after which a socket times out if
+    no data is received.
+   </P
+></DD
+><DT
+>Type of value:</DT
+><DD
+><P
+>    <TT
+CLASS="REPLACEABLE"
+><I
+>Time in seconds.</I
+></TT
+>
+   </P
+></DD
+><DT
+>Default value:</DT
+><DD
+><P
+>None</P
+></DD
+><DT
+>Effect if unset:</DT
+><DD
+><P
+>    A default value of 300 seconds is used.
+   </P
+></DD
+><DT
+>Notes:</DT
+><DD
+><P
+>    For SOCKS requests the timeout currently doesn't start until
+    the SOCKS server accepted the request. This will be fixed in
+    the next release.
+   </P
+></DD
+><DT
+>Examples:</DT
+><DD
+><P
+>    socket-timeout 300
+   </P
+></DD
+></DL
+></DIV
+></DIV
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="WINDOWS-GUI"
+>7.6. Windows GUI Options</A
+></H2
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> has a number of options specific to the
+ Windows GUI interface:</P
+><A
+NAME="ACTIVITY-ANIMATION"
+></A
+><P
+> If <SPAN
+CLASS="QUOTE"
+>"activity-animation"</SPAN
+> is set to 1, the
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> icon will animate when
+ <SPAN
+CLASS="QUOTE"
+>"Privoxy"</SPAN
+> is active. To turn off, set to 0.</P
+><P
+> <TT
+CLASS="LITERAL"
+>  <P
+CLASS="LITERALLAYOUT"
+>  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>activity-animation   1</I
+></SPAN
+><br>
+   </P
+> 
+ </TT
+></P
+><A
+NAME="LOG-MESSAGES"
+></A
+><P
+> If <SPAN
+CLASS="QUOTE"
+>"log-messages"</SPAN
+> is set to 1,
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will log messages to the console
+ window:</P
+><P
+> <TT
+CLASS="LITERAL"
+>  <P
+CLASS="LITERALLAYOUT"
+>  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>log-messages       1</I
+></SPAN
+><br>
+   </P
+> 
+ </TT
+></P
+><A
+NAME="LOG-BUFFER-SIZE"
+></A
+><P
+> 
+ If <SPAN
+CLASS="QUOTE"
+>"log-buffer-size"</SPAN
+> is set to 1, the size of the log buffer,
+ i.e. the amount of memory used for the log messages displayed in the
+ console window, will be limited to <SPAN
+CLASS="QUOTE"
+>"log-max-lines"</SPAN
+> (see below).</P
+><P
+> Warning: Setting this to 0 will result in the buffer to grow infinitely and
+ eat up all your memory!</P
+><P
+> <TT
+CLASS="LITERAL"
+>  <P
+CLASS="LITERALLAYOUT"
+>  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>log-buffer-size      1</I
+></SPAN
+><br>
+   </P
+> 
+ </TT
+></P
+><A
+NAME="LOG-MAX-LINES"
+></A
+><P
+> <SPAN
+CLASS="APPLICATION"
+>log-max-lines</SPAN
+> is the maximum number of lines held
+ in the log buffer. See above.</P
+><P
+> <TT
+CLASS="LITERAL"
+>  <P
+CLASS="LITERALLAYOUT"
+>  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>log-max-lines      200</I
+></SPAN
+><br>
+   </P
+> 
+ </TT
+></P
+><A
+NAME="LOG-HIGHLIGHT-MESSAGES"
+></A
+><P
+> If <SPAN
+CLASS="QUOTE"
+>"log-highlight-messages"</SPAN
+> is set to 1,
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will highlight portions of the log
+ messages with a bold-faced font:</P
+><P
+> <TT
+CLASS="LITERAL"
+>  <P
+CLASS="LITERALLAYOUT"
+>  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>log-highlight-messages   1</I
+></SPAN
+><br>
+   </P
+> 
+ </TT
+></P
+><A
+NAME="LOG-FONT-NAME"
+></A
+><P
+> The font used in the console window:</P
+><P
+> <TT
+CLASS="LITERAL"
+>  <P
+CLASS="LITERALLAYOUT"
+>  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>log-font-name        Comic Sans MS</I
+></SPAN
+><br>
+   </P
+> 
+ </TT
+></P
+><A
+NAME="LOG-FONT-SIZE"
+></A
+><P
+> Font size used in the console window:</P
+><P
+> <TT
+CLASS="LITERAL"
+>  <P
+CLASS="LITERALLAYOUT"
+>  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>log-font-size        8</I
+></SPAN
+><br>
+   </P
+> 
+ </TT
+></P
+><A
+NAME="SHOW-ON-TASK-BAR"
+></A
+><P
+>  
+ <SPAN
+CLASS="QUOTE"
+>"show-on-task-bar"</SPAN
+> controls whether or not
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will appear as a button on the Task bar
+ when minimized:</P
+><P
+> <TT
+CLASS="LITERAL"
+>  <P
+CLASS="LITERALLAYOUT"
+>  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>show-on-task-bar     0</I
+></SPAN
+><br>
+   </P
+> 
+ </TT
+></P
+><A
+NAME="CLOSE-BUTTON-MINIMIZES"
+></A
+><P
+> If <SPAN
+CLASS="QUOTE"
+>"close-button-minimizes"</SPAN
+> is set to 1, the Windows close
+ button will minimize <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> instead of closing
+ the program (close with the exit option on the File menu).</P
+><P
+> <TT
+CLASS="LITERAL"
+>  <P
+CLASS="LITERALLAYOUT"
+>  <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>close-button-minimizes  1</I
+></SPAN
+><br>
+   </P
+> 
+ </TT
+></P
+><A
+NAME="HIDE-CONSOLE"
+></A
+><P
+> The <SPAN
+CLASS="QUOTE"
+>"hide-console"</SPAN
+> option is specific to the MS-Win console
+ version of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>. If this option is used,
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will disconnect from and hide the
+ command console.</P
+><P
+> <TT
+CLASS="LITERAL"
+>  <P
+CLASS="LITERALLAYOUT"
+>  #<SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>hide-console</I
+></SPAN
+><br>
+   </P
+> 
+ </TT
+></P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="configuration.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="actions-file.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Privoxy Configuration</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Actions Files</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/user-manual/configuration.html b/external/privoxy/doc/webserver/user-manual/configuration.html
new file mode 100644
index 0000000..b4f021e
--- /dev/null
+++ b/external/privoxy/doc/webserver/user-manual/configuration.html
@@ -0,0 +1,514 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Privoxy Configuration</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy 3.0.12 User Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Starting Privoxy"
+HREF="startup.html"><LINK
+REL="NEXT"
+TITLE="The Main Configuration File"
+HREF="config.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
+<LINK REL="STYLESHEET" TYPE="text/css" HREF="p_doc.css">
+</head
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy 3.0.12 User Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="startup.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="config.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="CONFIGURATION"
+>6. Privoxy Configuration</A
+></H1
+><P
+>  All <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> configuration is stored  
+  in text files. These files can be edited with a text editor.
+  Many important aspects of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can 
+  also be controlled easily with a web browser.
+ </P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="AEN776"
+>6.1. Controlling Privoxy with Your Web Browser</A
+></H2
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>'s user interface can be reached through the special 
+ URL <A
+HREF="http://config.privoxy.org/"
+TARGET="_top"
+>http://config.privoxy.org/</A
+>
+ (shortcut: <A
+HREF="http://p.p/"
+TARGET="_top"
+>http://p.p/</A
+>), 
+ which is a built-in page and works without Internet access.
+ You will see the following section:
</P
+><TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> <H2
+CLASS="BRIDGEHEAD"
+><A
+NAME="AEN784"
+></A
+>    Privoxy Menu</H2
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>          ▪  <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>View & change the current configuration</A
+>
+ </TD
+></TR
+><TR
+><TD
+>          ▪  <A
+HREF="http://config.privoxy.org/show-version"
+TARGET="_top"
+>View the source code version numbers</A
+>
+ </TD
+></TR
+><TR
+><TD
+>          ▪  <A
+HREF="http://config.privoxy.org/show-request"
+TARGET="_top"
+>View the request headers.</A
+>
+ </TD
+></TR
+><TR
+><TD
+>          ▪  <A
+HREF="http://config.privoxy.org/show-url-info"
+TARGET="_top"
+>Look up which actions apply to a URL and why</A
+>
+ </TD
+></TR
+><TR
+><TD
+>          ▪  <A
+HREF="http://config.privoxy.org/toggle"
+TARGET="_top"
+>Toggle Privoxy on or off</A
+>
+ </TD
+></TR
+><TR
+><TD
+>          ▪  <A
+HREF="http://www.privoxy.org/3.0.12/user-manual/"
+TARGET="_top"
+>Documentation</A
+>
+ </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+></PRE
+></TD
+></TR
+></TABLE
+><P
+> This should be self-explanatory. Note the first item leads to an editor for the
+ <A
+HREF="actions-file.html"
+>actions files</A
+>, which is where the ad, banner,
+ cookie, and URL blocking magic is configured as well as other advanced features of
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>. This is an easy way to adjust various
+ aspects of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> configuration. The actions
+ file, and other configuration files, are explained in detail below. </P
+><P
+> <SPAN
+CLASS="QUOTE"
+>"Toggle Privoxy On or Off"</SPAN
+> is handy for sites that might 
+ have problems with your current actions and filters. You can in fact use
+ it as a test to see whether it is <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 
+ causing the problem or not. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> continues 
+ to run as a proxy in this case, but all manipulation is disabled, i.e.
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> acts like a normal forwarding proxy. There
+ is even a toggle <A
+HREF="appendix.html#BOOKMARKLETS"
+>Bookmarklet</A
+> offered, so
+ that you can toggle <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> with one click from
+ your browser.</P
+><P
+> Note that several of the features described above are disabled by default
+ in <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 3.0.7 beta and later.
+ Check the
+ <A
+HREF="config.html"
+TARGET="_top"
+>configuration file</A
+> to learn why
+ and in which cases it's safe to enable them again.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="CONFOVERVIEW"
+>6.2. Configuration Files Overview</A
+></H2
+><P
+> For Unix, *BSD and Linux, all configuration files are located in
+ <TT
+CLASS="FILENAME"
+>/etc/privoxy/</TT
+> by default. For MS Windows, OS/2, and
+ AmigaOS these are all in the same directory as the 
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> executable. </P
+><P
+> The installed defaults provide a reasonable starting point, though 
+ some settings may be aggressive by some standards. For the time being, the
+ principle configuration files are:</P
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>     The <A
+HREF="config.html"
+>main configuration file</A
+> is named <TT
+CLASS="FILENAME"
+>config</TT
+>
+     on Linux, Unix, BSD, OS/2, and AmigaOS and <TT
+CLASS="FILENAME"
+>config.txt</TT
+>
+     on Windows. This is a required file.
+   </P
+></LI
+><LI
+><P
+>    <TT
+CLASS="FILENAME"
+>match-all.action</TT
+> is used to define which <SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+>
+    relating to banner-blocking, images, pop-ups, content modification, cookie handling
+    etc should be applied by default. It should be the first actions file loaded.
+   </P
+><P
+>    <TT
+CLASS="FILENAME"
+>default.action</TT
+> defines many exceptions (both positive and negative)
+    from the default set of actions that's configured in <TT
+CLASS="FILENAME"
+>match-all.action</TT
+>.
+    It should be the second actions file loaded and shouldn't be edited by the user.
+   </P
+><P
+>    Multiple actions files may be defined in <TT
+CLASS="FILENAME"
+>config</TT
+>. These 
+    are processed in the order they are defined. Local customizations and locally 
+    preferred exceptions to the default policies as defined in
+    <TT
+CLASS="FILENAME"
+>match-all.action</TT
+> (which you will most probably want
+    to define sooner or later) are best applied in <TT
+CLASS="FILENAME"
+>user.action</TT
+>,
+    where you can preserve them across upgrades. The file isn't installed by all
+    installers, but you can easily create it yourself with a text editor.
+   </P
+><P
+>    
+    There is also a web based editor that can be accessed from
+    <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>http://config.privoxy.org/show-status</A
+>
+    (Shortcut: <A
+HREF="http://p.p/show-status"
+TARGET="_top"
+>http://p.p/show-status</A
+>) for the
+    various actions files. 
+   </P
+></LI
+><LI
+><P
+>    <SPAN
+CLASS="QUOTE"
+>"Filter files"</SPAN
+> (the <A
+HREF="filter-file.html"
+>filter
+    file</A
+>) can be used to re-write the raw page content, including
+    viewable text as well as embedded HTML and JavaScript, and whatever else
+    lurks on any given web page. The filtering jobs are only pre-defined here;
+    whether to apply them or not is up to the actions files. 
+    <TT
+CLASS="FILENAME"
+>default.filter</TT
+> includes various filters made 
+    available for use by the developers. Some are much more intrusive than 
+    others, and all should be used with caution. You may define additional 
+    filter files in <TT
+CLASS="FILENAME"
+>config</TT
+> as you can with 
+    actions files. We suggest <TT
+CLASS="FILENAME"
+>user.filter</TT
+> for any 
+    locally defined filters or customizations.
+   </P
+></LI
+></UL
+></P
+><P
+> The syntax of the configuration and filter files may change between different
+ Privoxy versions, unfortunately some enhancements cost backwards compatibility.
+ </P
+><P
+> All files use the <SPAN
+CLASS="QUOTE"
+>"<TT
+CLASS="LITERAL"
+>#</TT
+>"</SPAN
+> character to denote a
+ comment (the rest of the line will be ignored) and understand line continuation
+ through placing a backslash ("<TT
+CLASS="LITERAL"
+>\</TT
+>") as the very last character
+ in a line. If the <TT
+CLASS="LITERAL"
+>#</TT
+> is preceded by a backslash, it looses
+ its special function. Placing a <TT
+CLASS="LITERAL"
+>#</TT
+> in front of an otherwise
+ valid configuration line to prevent it from being interpreted is called "commenting
+ out" that line. Blank lines are ignored.</P
+><P
+> The actions files and filter files  
+ can use Perl style <A
+HREF="appendix.html#REGEX"
+>regular expressions</A
+> for
+ maximum flexibility. </P
+><P
+> After making any changes, there is no need to restart
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> in order for the changes to take
+ effect. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> detects such changes 
+ automatically. Note, however, that it may take one or two additional
+ requests for the change to take effect. When changing the listening address
+ of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, these <SPAN
+CLASS="QUOTE"
+>"wake up"</SPAN
+> requests
+ must obviously be sent to the <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>old</I
+></SPAN
+> listening address.</P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="startup.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="config.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Starting Privoxy</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>The Main Configuration File</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/user-manual/contact.html b/external/privoxy/doc/webserver/user-manual/contact.html
new file mode 100644
index 0000000..3fd43eb
--- /dev/null
+++ b/external/privoxy/doc/webserver/user-manual/contact.html
@@ -0,0 +1,514 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Contacting the Developers, Bug Reporting and Feature
+Requests</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy 3.0.12 User Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Privoxy's Template Files"
+HREF="templates.html"><LINK
+REL="NEXT"
+TITLE="Privoxy Copyright, License and History"
+HREF="copyright.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
+<LINK REL="STYLESHEET" TYPE="text/css" HREF="p_doc.css">
+</head
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy 3.0.12 User Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="templates.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="copyright.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="CONTACT"
+>11. Contacting the Developers, Bug Reporting and Feature
+Requests</A
+></H1
+><P
+> We value your feedback. In fact, we rely on it to improve
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> and its configuration.
+ However, please note the following hints, so we can 
+ provide you with the best support:</P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="CONTACT-SUPPORT"
+>11.1. Get Support</A
+></H2
+><P
+> For casual users, our 
+ <A
+HREF="http://sourceforge.net/tracker/?group_id=11118&atid=211118"
+TARGET="_top"
+>support forum at SourceForge</A
+>
+ is probably best suited:
+ <A
+HREF="http://sourceforge.net/tracker/?group_id=11118&atid=211118"
+TARGET="_top"
+>http://sourceforge.net/tracker/?group_id=11118&atid=211118</A
+></P
+><P
+> All users are of course welcome to discuss their issues on the <A
+HREF="http://lists.sourceforge.net/lists/listinfo/ijbswa-users"
+TARGET="_top"
+>users
+ mailing list</A
+>, where the developers also hang around.</P
+><P
+> Please don't sent private support requests to individual Privoxy
+ developers, either use the mailing lists or the support trackers.</P
+><P
+> Note that the Privoxy mailing lists are moderated. Posts from unsubscribed
+ addresses have to be accepted manually by a moderator. This may cause a
+ delay of several days and if you use a subject that doesn't clearly
+ mention Privoxy or one of its features, your message may be accidentally
+ discarded as spam.</P
+><P
+> If you aren't subscribed, you should therefore spend a few seconds
+ to come up with a proper subject. Additionally you should make it clear
+ that you want to get CC'd. Otherwise some responses will be directed to
+ the mailing list only, and you won't see them.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="REPORTING"
+>11.2. Reporting Problems</A
+></H2
+><P
+><SPAN
+CLASS="QUOTE"
+>"Problems"</SPAN
+> for our purposes, come in two forms:</P
+><P
+></P
+><UL
+><LI
+><P
+>    Configuration issues, such as ads that slip through, or sites that 
+    don't function properly due to one <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 
+    <SPAN
+CLASS="QUOTE"
+>"action"</SPAN
+> or another being turned <SPAN
+CLASS="QUOTE"
+>"on"</SPAN
+>.
+   </P
+></LI
+><LI
+><P
+>    <SPAN
+CLASS="QUOTE"
+>"Bugs"</SPAN
+> in the programming code that makes up 
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, such as that might cause a crash.
+   </P
+></LI
+></UL
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="CONTACT-ADS"
+>11.2.1. Reporting Ads or Other Configuration Problems</A
+></H3
+><P
+> Please send feedback on ads that slipped through, innocent images that were
+ blocked, sites that don't work properly, and other configuration related problem of 
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+> file, to 
+ <A
+HREF="http://sourceforge.net/tracker/?group_id=11118&atid=460288"
+TARGET="_top"
+> http://sourceforge.net/tracker/?group_id=11118&atid=460288</A
+>,
+ the Actions File Tracker.</P
+><P
+> New, improved <TT
+CLASS="FILENAME"
+>default.action</TT
+> files may occasionally be made
+ available based on your feedback. These will be announced on the <A
+HREF="http://lists.sourceforge.net/lists/listinfo/ijbswa-announce"
+TARGET="_top"
+>ijbswa-announce</A
+>
+ list and available from our the <A
+HREF="http://sourceforge.net/project/showfiles.php?group_id=11118"
+TARGET="_top"
+>files section</A
+> of
+ our <A
+HREF="http://sf.net/projects/ijbswa/"
+TARGET="_top"
+>project page</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="CONTACT-BUGS"
+>11.2.2. Reporting Bugs</A
+></H3
+><P
+> Please report all bugs through our bug tracker: 
+ <A
+HREF="http://sourceforge.net/tracker/?group_id=11118&atid=111118"
+TARGET="_top"
+>http://sourceforge.net/tracker/?group_id=11118&atid=111118</A
+>. </P
+><P
+>  Before doing so, please make sure that the bug has <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not already been submitted</I
+></SPAN
+>
+  and observe the additional hints at the top of the <A
+HREF="http://sourceforge.net/tracker/?func=add&group_id=11118&atid=111118"
+TARGET="_top"
+>submit
+  form</A
+>. If already submitted, please feel free to add any info to the 
+  original report that might help to solve the issue.</P
+><P
+>  Please try to verify that it is a <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> bug,
+  and not a browser or site bug or documented behaviour that just happens
+  to be different than what you expected. If unsure,
+  try <A
+HREF="http://config.privoxy.org/toggle?set=disable"
+TARGET="_top"
+>toggling
+  off</A
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, and see if the problem persists.</P
+><P
+>  If you are using your own custom configuration, please try
+  the stock configs to see if the problem is configuration related.
+  If you're having problems with a feature that is disabled by default,
+  please ask around on the mailing list if others can reproduce the problem.</P
+><P
+>  If you aren't using the latest Privoxy version, the bug may have been found
+  and fixed in the meantime. We would appreciate if you could take the time
+  to <A
+HREF="http://www.privoxy.org/user-manual/installation.html"
+TARGET="_top"
+>upgrade
+  to the latest version</A
+> (or  even the latest CVS snapshot) and verify
+  that your bug still exists.</P
+><P
+>Please be sure to provide the following information:</P
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>    The exact <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> version you are using
+    (if you got the source from CVS, please also provide the source code revisions
+     as shown in <A
+HREF="http://config.privoxy.org/show-version"
+TARGET="_top"
+>http://config.privoxy.org/show-version</A
+>).
+   </P
+></LI
+><LI
+><P
+>    The operating system and versions you run
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> on, (e.g. <SPAN
+CLASS="APPLICATION"
+>Windows
+    XP SP2</SPAN
+>), if you are using a Unix flavor,
+    sending the output of <SPAN
+CLASS="QUOTE"
+>"uname -a"</SPAN
+> should do,
+    in case of GNU/Linux, please also name the distribution.
+   </P
+></LI
+><LI
+><P
+>    The name, platform, and version of the <SPAN
+CLASS="APPLICATION"
+>browser</SPAN
+> 
+    you were using (e.g. <SPAN
+CLASS="APPLICATION"
+>Internet Explorer v5.5</SPAN
+> for Mac).
+   </P
+></LI
+><LI
+><P
+>    The URL where the problem occurred, or some way for us to duplicate the
+    problem (e.g. <TT
+CLASS="LITERAL"
+>http://somesite.example.com/?somethingelse=123</TT
+>). 
+   </P
+></LI
+><LI
+><P
+>    Whether your version of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is one supplied
+    by the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> developers via SourceForge,
+    or if you got your copy somewhere else.
+   </P
+></LI
+><LI
+><P
+>    Whether you are using <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> in tandem with 
+    another proxy such as <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+>. If so, please
+    temporary disable the other proxy to see if the symptoms change.
+   </P
+></LI
+><LI
+><P
+>    Whether you are using a personal firewall product. If so, does 
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> work without it?
+   </P
+></LI
+><LI
+><P
+>    Any other pertinent information to help identify the problem such as config
+    or log file excerpts (yes, you should have log file entries for each
+    action taken).
+   </P
+></LI
+></UL
+></P
+><P
+> You don't have to tell us your actual name when filing a problem
+ report, but please use a nickname so we can differentiate between
+ your messages and the ones entered by other "anonymous" users that
+ may respond to your request if they have the same problem or already
+ found a solution.</P
+><P
+> Please also check the status of your request a few days after submitting
+ it, as we may request additional information. If you use a SF id,
+ you should automatically get a mail when someone responds to your request.</P
+><P
+>  The <A
+HREF="http://www.privoxy.org/user-manual/appendix.html#ACTIONSANAT"
+TARGET="_top"
+>appendix
+  of the Privoxy User Manual</A
+> also has helpful information 
+  on understanding <TT
+CLASS="LITERAL"
+>actions</TT
+>, and <TT
+CLASS="LITERAL"
+>action</TT
+> debugging. </P
+></DIV
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="CONTACT-FEATURE"
+>11.3. Request New Features</A
+></H2
+><P
+> You are welcome to submit ideas on new features or other proposals
+ for improvement through our feature request tracker at
+ <A
+HREF="http://sourceforge.net/tracker/?atid=361118&group_id=11118"
+TARGET="_top"
+>http://sourceforge.net/tracker/?atid=361118&group_id=11118</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="CONTACT-OTHER"
+>11.4. Other</A
+></H2
+><P
+>For any other issues, feel free to use the mailing lists. Technically interested users
+and people who wish to contribute to the project are also welcome on the developers list!
+You can find an overview of all <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>-related mailing lists,
+including list archives, at:
+<A
+HREF="http://sourceforge.net/mail/?group_id=11118"
+TARGET="_top"
+>http://sourceforge.net/mail/?group_id=11118</A
+>.</P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="templates.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="copyright.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Privoxy's Template Files</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Privoxy Copyright, License and History</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/user-manual/copyright.html b/external/privoxy/doc/webserver/user-manual/copyright.html
new file mode 100644
index 0000000..b2e1e96
--- /dev/null
+++ b/external/privoxy/doc/webserver/user-manual/copyright.html
@@ -0,0 +1,424 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Privoxy Copyright, License and History</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy 3.0.12 User Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Contacting the Developers, Bug Reporting and Feature
+Requests"
+HREF="contact.html"><LINK
+REL="NEXT"
+TITLE="See Also"
+HREF="seealso.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
+<LINK REL="STYLESHEET" TYPE="text/css" HREF="p_doc.css">
+</head
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy 3.0.12 User Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="contact.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="seealso.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="COPYRIGHT"
+>12. Privoxy Copyright, License and History</A
+></H1
+><P
+> Copyright © 2001-2009 by Privoxy Developers <CODE
+CLASS="EMAIL"
+><<A
+HREF="mailto:ijbswa-developers at lists.sourceforge.net"
+>ijbswa-developers at lists.sourceforge.net</A
+>></CODE
+></P
+><P
+> Some source code is based on code Copyright © 1997 by Anonymous Coders
+ and Junkbusters, Inc. and licensed under the <I
+CLASS="CITETITLE"
+>GNU General Public
+ License</I
+>.</P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="AEN4921"
+>12.1. License</A
+></H2
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is free software; you can
+ redistribute it and/or modify it under the terms of the 
+ <I
+CLASS="CITETITLE"
+>GNU General Public License</I
+>, version 2,
+ as published by the Free Software Foundation.</P
+><P
+> This program is distributed in the hope that it will be useful, but WITHOUT
+ ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ FITNESS FOR A PARTICULAR PURPOSE.  See the <A
+HREF="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html"
+TARGET="_top"
+> <I
+CLASS="CITETITLE"
+>GNU General Public License</I
+></A
+> for details.</P
+><P
+> You should have received a copy of the <I
+CLASS="CITETITLE"
+>GNU GPL</I
+>
+ along with this program; if not, write to the <P
+CLASS="ADDRESS"
+> Free Software<br>
+ Foundation, Inc. <SPAN
+CLASS="STREET"
+>51 Franklin Street, Fifth Floor</SPAN
+><br>
+ <SPAN
+CLASS="CITY"
+>Boston</SPAN
+>, <SPAN
+CLASS="STATE"
+>MA</SPAN
+> <SPAN
+CLASS="POSTCODE"
+>02110-1301</SPAN
+><br>
+ <SPAN
+CLASS="COUNTRY"
+>USA</SPAN
+> </P
+></P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="HISTORY"
+>12.2. History</A
+></H2
+><P
+> A long time ago, there was the
+ <A
+HREF="http://www.junkbusters.com/ijb.html"
+TARGET="_top"
+><SPAN
+CLASS="APPLICATION"
+>Internet Junkbuster</SPAN
+></A
+>, 
+ by Anonymous Coders and <A
+HREF="http://www.junkbusters.com/"
+TARGET="_top"
+>Junkbusters
+ Corporation</A
+>. This saved many users a lot of pain in the early days of
+ web advertising and user tracking.</P
+><P
+> But the web, its protocols and standards, and with it, the techniques for
+ forcing ads on users, give up autonomy over their browsing, and
+ for tracking them, keeps evolving. Unfortunately, the <SPAN
+CLASS="APPLICATION"
+>Internet
+ Junkbuster</SPAN
+> did not. Version 2.0.2, published in 1998, was 
+ (and is) the last official
+ <A
+HREF="http://www.junkbusters.com/ijbdist.html#release"
+TARGET="_top"
+>release</A
+>
+ available from <A
+HREF="http://www.junkbusters.com"
+TARGET="_top"
+>Junkbusters Corporation</A
+>.
+ Fortunately, it had been released under the GNU
+ <A
+HREF="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html"
+TARGET="_top"
+>GPL</A
+>,
+ which allowed further development by others.</P
+><P
+> So Stefan Waldherr started maintaining an improved version of the
+ software, to which eventually a number of people contributed patches.
+ It could already replace banners with a transparent image, and had a first
+ version of pop-up killing, but it was still very closely based on the
+ original, with all its limitations, such as the lack of HTTP/1.1 support,
+ flexible per-site configuration, or content modification. The last release
+ from this effort was version 2.0.2-10, published in 2000.</P
+><P
+> Then, some
+ <A
+HREF="http://www.privoxy.org/user-manual/copyright.html#AUTHORS"
+TARGET="_top"
+>developers</A
+>
+ picked up the thread, and started turning the software inside out, upside down,
+ and then reassembled it, adding many
+ <A
+HREF="http://www.privoxy.org/user-manual/introduction.html#FEATURES"
+TARGET="_top"
+>new
+ features</A
+> along the way.</P
+><P
+> The result of this is <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, whose first
+ stable version, 3.0, was released August, 2002. 
+ </P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="AUTHORS"
+>12.3. Authors</A
+></H2
+><P
+>Current Privoxy Team:</P
+><P
+CLASS="LITERALLAYOUT"
+> Fabian Keil, lead developer<br>
+ David Schmidt, developer<br>
+<br>
+ Hal Burgiss<br>
+ Mark Miller<br>
+ Gerry Murphy<br>
+ Lee Rian<br>
+ Roland Rosenfeld<br>
+ Jörg Strohmayer</P
+><P
+> Former Privoxy Team Members:</P
+><P
+CLASS="LITERALLAYOUT"
+> Johny Agotnes<br>
+ Rodrigo Barbosa<br>
+ Moritz Barsnick<br>
+ Ian Cummings<br>
+ Brian Dessent<br>
+ Jon Foster<br>
+ Karsten Hopp<br>
+ Alexander Lazic<br>
+ Daniel Leite<br>
+ Gábor Lipták<br>
+ Adam Lock<br>
+ Guy Laroche<br>
+ Justin McMurtry<br>
+ Andreas Oesterhelt<br>
+ Haroon Rafique<br>
+ Georg Sauthoff<br>
+ Thomas Steudten<br>
+ Rodney Stromlund<br>
+ Sviatoslav Sviridov<br>
+ Sarantis Paskalis<br>
+ Stefan Waldherr</P
+><P
+> Thanks to the many people who have tested Privoxy, reported bugs, provided
+ patches, made suggestions or contributed in some way. These include (in
+ alphabetical order):</P
+><P
+CLASS="LITERALLAYOUT"
+> Ken Arromdee<br>
+ Devin Bayer<br>
+ Gergely Bor<br>
+ Reiner Buehl<br>
+ Andrew J. Caines<br>
+ Clifford Caoile<br>
+ Frédéric Crozat<br>
+ Michael T. Davis<br>
+ Mattes Dolak<br>
+ Matthias Drochner<br>
+ Peter E.<br>
+ Florian Effenberger<br>
+ Markus Elfring<br>
+ Dean Gaudet<br>
+ Stephen Gildea<br>
+ Daniel Griscom<br>
+ Felix Gröbert<br>
+ Aaron Hamid<br>
+ Darel Henman<br>
+ Magnus Holmgren<br>
+ Eric M. Hopper<br>
+ Ralf Horstmann<br>
+ Stefan Huehner<br>
+ Peter Hyman<br>
+ Derek Jennings<br>
+ Petr Kadlec<br>
+ David Laight<br>
+ Bert van Leeuwen<br>
+ Don Libes<br>
+ Paul Lieverse<br>
+ Toby Lyward<br>
+ Wil Mahan<br>
+ Jindrich Makovicka<br>
+ David Mediavilla<br>
+ Raphael Moll<br>
+ Amuro Namie<br>
+ Adam Piggott<br>
+ Dan Price<br>
+ Roberto Ragusa<br>
+ Félix Rauch<br>
+ Maynard Riley<br>
+ Chung-chieh Shan<br>
+ Spinor S.<br>
+ Bart Schelstraete<br>
+ Oliver Stoeneberg<br>
+ Peter Thoenen<br>
+ Martin Thomas<br>
+ Bobby G. Vinyard<br>
+ Jochen Voss<br>
+ Glenn Washburn<br>
+ Song Weijia<br>
+ Jörg Weinmann<br>
+ Darren Wiebe<br>
+ Anduin Withers<br>
+ Oliver Yeoh<br>
+ Jamie Zawinski</P
+><P
+> Privoxy is based in part on code originally developed by
+ Junkbusters Corp. and Anonymous Coders.</P
+><P
+> Privoxy heavily relies on Philip Hazel's PCRE.</P
+><P
+> The code to filter compressed content makes use of zlib
+ which is written by Jean-loup Gailly and Mark Adler.</P
+><P
+> On systems that lack snprintf(), Privoxy is using a version
+ written by Mark Martinec. On systems that lack strptime(),
+ Privoxy is using the one from the GNU C Library written
+ by Ulrich Drepper.</P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="contact.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="seealso.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Contacting the Developers, Bug Reporting and Feature
+Requests</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>See Also</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/user-manual/files-in-use.jpg b/external/privoxy/doc/webserver/user-manual/files-in-use.jpg
new file mode 100644
index 0000000..207b6f7
Binary files /dev/null and b/external/privoxy/doc/webserver/user-manual/files-in-use.jpg differ
diff --git a/external/privoxy/doc/webserver/user-manual/filter-file.html b/external/privoxy/doc/webserver/user-manual/filter-file.html
new file mode 100644
index 0000000..3a2ec3a
--- /dev/null
+++ b/external/privoxy/doc/webserver/user-manual/filter-file.html
@@ -0,0 +1,1652 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Filter Files</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy 3.0.12 User Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Actions Files"
+HREF="actions-file.html"><LINK
+REL="NEXT"
+TITLE="Privoxy's Template Files"
+HREF="templates.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
+<LINK REL="STYLESHEET" TYPE="text/css" HREF="p_doc.css">
+</head
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy 3.0.12 User Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="actions-file.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="templates.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="FILTER-FILE"
+>9. Filter Files</A
+></H1
+><P
+> On-the-fly text substitutions need
+ to be defined in a <SPAN
+CLASS="QUOTE"
+>"filter file"</SPAN
+>. Once defined, they 
+ can then be invoked as an <SPAN
+CLASS="QUOTE"
+>"action"</SPAN
+>.</P
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> supports three different filter actions:
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#FILTER"
+>filter</A
+></TT
+> to
+ rewrite the content that is send to the client,
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#CLIENT-HEADER-FILTER"
+>client-header-filter</A
+></TT
+>
+ to rewrite headers that are send by the client, and
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#SERVER-HEADER-FILTER"
+>server-header-filter</A
+></TT
+>
+ to rewrite headers that are send by the server.</P
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> also supports two tagger actions:
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#CLIENT-HEADER-TAGGER"
+>client-header-tagger</A
+></TT
+>
+ and
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#SERVER-HEADER-TAGGER"
+>server-header-tagger</A
+></TT
+>.
+ Taggers and filters use the same syntax in the filter files, the difference
+ is that taggers don't modify the text they are filtering, but use a rewritten
+ version of the filtered text as tag. The tags can then be used to change the
+ applying actions through sections with <A
+HREF="actions-file.html#TAG-PATTERN"
+>tag-patterns</A
+>.</P
+><P
+> Multiple filter files can be defined through the <TT
+CLASS="LITERAL"
+> <A
+HREF="config.html#FILTERFILE"
+>filterfile</A
+></TT
+> config directive. The filters
+ as supplied by the developers are located in
+ <TT
+CLASS="FILENAME"
+>default.filter</TT
+>. It is recommended that any locally
+ defined or modified filters go in a separately defined file such as
+ <TT
+CLASS="FILENAME"
+>user.filter</TT
+>.
+ </P
+><P
+> Common tasks for content filters are to eliminate common annoyances in
+ HTML and JavaScript, such as pop-up windows,
+ exit consoles, crippled windows without navigation tools, the
+ infamous <BLINK> tag etc, to suppress images with certain
+ width and height attributes (standard banner sizes or web-bugs),
+ or just to have fun.</P
+><P
+> Enabled content filters are applied to any content whose
+ <SPAN
+CLASS="QUOTE"
+>"Content Type"</SPAN
+> header is recognised as a sign
+ of text-based content, with the exception of <TT
+CLASS="LITERAL"
+>text/plain</TT
+>.
+ Use the <A
+HREF="actions-file.html#FORCE-TEXT-MODE"
+>force-text-mode</A
+> action
+ to also filter other content.</P
+><P
+> Substitutions are made at the source level, so if you want to <SPAN
+CLASS="QUOTE"
+>"roll
+ your own"</SPAN
+> filters, you should first be familiar with HTML syntax, 
+ and, of course, regular expressions.</P
+><P
+> Just like the <A
+HREF="actions-file.html"
+>actions files</A
+>, the
+ filter file is organized in sections, which are called <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>filters</I
+></SPAN
+>
+ here. Each filter consists of a heading line, that starts with one of the
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>keywords</I
+></SPAN
+> <TT
+CLASS="LITERAL"
+>FILTER:</TT
+>,
+ <TT
+CLASS="LITERAL"
+>CLIENT-HEADER-FILTER:</TT
+> or <TT
+CLASS="LITERAL"
+>SERVER-HEADER-FILTER:</TT
+>
+ followed by the filter's <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>name</I
+></SPAN
+>, and a short (one line) 
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>description</I
+></SPAN
+> of what it does. Below that line
+ come the <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>jobs</I
+></SPAN
+>, i.e. lines that define the actual
+ text substitutions. By convention, the name of a filter
+ should describe what the filter <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>eliminates</I
+></SPAN
+>. The
+ comment is used in the <A
+HREF="http://config.privoxy.org/"
+TARGET="_top"
+>web-based
+ user interface</A
+>.</P
+><P
+> Once a filter called <TT
+CLASS="REPLACEABLE"
+><I
+>name</I
+></TT
+> has been defined
+ in the filter file, it can be invoked by using an action of the form
+ +<TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#FILTER"
+>filter</A
+>{<TT
+CLASS="REPLACEABLE"
+><I
+>name</I
+></TT
+>}</TT
+>
+ in any <A
+HREF="actions-file.html"
+>actions file</A
+>.</P
+><P
+> Filter definitions start with a header line that contains the filter
+ type, the filter name and the filter description.
+ A content filter header line for a filter called <SPAN
+CLASS="QUOTE"
+>"foo"</SPAN
+> could look
+ like this:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>FILTER: foo Replace all "foo" with "bar"</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Below that line, and up to the next header line, come the jobs that
+ define what text replacements the filter executes. They are specified
+ in a syntax that imitates <A
+HREF="http://www.perl.org/"
+TARGET="_top"
+>Perl</A
+>'s
+ <TT
+CLASS="LITERAL"
+>s///</TT
+> operator. If you are familiar with Perl, you
+ will find this to be quite intuitive, and may want to look at the
+ PCRS documentation for the subtle differences to Perl behaviour. Most
+ notably, the non-standard option letter <TT
+CLASS="LITERAL"
+>U</TT
+> is supported,
+ which turns the default to ungreedy matching.</P
+><P
+> If you are new to 
+  <A
+HREF="http://en.wikipedia.org/wiki/Regular_expressions"
+TARGET="_top"
+><SPAN
+CLASS="QUOTE"
+>"Regular
+  Expressions"</SPAN
+></A
+>, you might want to take a look at
+ the <A
+HREF="appendix.html#REGEX"
+>Appendix on regular expressions</A
+>, and
+ see the <A
+HREF="http://perldoc.perl.org/perlre.html"
+TARGET="_top"
+>Perl
+ manual</A
+> for
+ <A
+HREF="http://perldoc.perl.org/perlop.html"
+TARGET="_top"
+>the 
+ <TT
+CLASS="LITERAL"
+>s///</TT
+> operator's syntax</A
+> and <A
+HREF="http://perldoc.perl.org/perlre.html"
+TARGET="_top"
+>Perl-style regular
+ expressions</A
+> in general.
+ The below examples might also help to get you started.</P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="AEN4447"
+>9.1. Filter File Tutorial</A
+></H2
+><P
+> Now, let's complete our <SPAN
+CLASS="QUOTE"
+>"foo"</SPAN
+> content filter. We have already defined
+ the heading, but the jobs are still missing. Since all it does is to replace
+ <SPAN
+CLASS="QUOTE"
+>"foo"</SPAN
+> with <SPAN
+CLASS="QUOTE"
+>"bar"</SPAN
+>, there is only one (trivial) job
+ needed:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>s/foo/bar/</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> But wait! Didn't the comment say that <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>all</I
+></SPAN
+> occurrences
+ of <SPAN
+CLASS="QUOTE"
+>"foo"</SPAN
+> should be replaced? Our current job will only take
+ care of the first <SPAN
+CLASS="QUOTE"
+>"foo"</SPAN
+> on each page. For global substitution,
+ we'll need to add the <TT
+CLASS="LITERAL"
+>g</TT
+> option:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>s/foo/bar/g</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Our complete filter now looks like this:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>FILTER: foo Replace all "foo" with "bar"
+s/foo/bar/g</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Let's look at some real filters for more interesting examples. Here you see
+ a filter that protects against some common annoyances that arise from JavaScript
+ abuse. Let's look at its jobs one after the other:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>FILTER: js-annoyances Get rid of particularly annoying JavaScript abuse
+
+# Get rid of JavaScript referrer tracking. Test page: http://www.randomoddness.com/untitled.htm
+#
+s|(<script.*)document\.referrer(.*</script>)|$1"Not Your Business!"$2|Usg</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Following the header line and a comment, you see the job. Note that it uses
+ <TT
+CLASS="LITERAL"
+>|</TT
+> as the delimiter instead of <TT
+CLASS="LITERAL"
+>/</TT
+>, because
+ the pattern contains a forward slash, which would otherwise have to be escaped
+ by a backslash (<TT
+CLASS="LITERAL"
+>\</TT
+>).</P
+><P
+> Now, let's examine the pattern: it starts with the text <TT
+CLASS="LITERAL"
+><script.*</TT
+>
+ enclosed in parentheses. Since the dot matches any character, and <TT
+CLASS="LITERAL"
+>*</TT
+>
+ means: <SPAN
+CLASS="QUOTE"
+>"Match an arbitrary number of the element left of myself"</SPAN
+>, this
+ matches <SPAN
+CLASS="QUOTE"
+>"<script"</SPAN
+>, followed by <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>any</I
+></SPAN
+> text, i.e.
+ it matches the whole page, from the start of the first <script> tag.</P
+><P
+> That's more than we want, but the pattern continues: <TT
+CLASS="LITERAL"
+>document\.referrer</TT
+>
+ matches only the exact string <SPAN
+CLASS="QUOTE"
+>"document.referrer"</SPAN
+>. The dot needed to
+ be <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>escaped</I
+></SPAN
+>, i.e. preceded by a backslash, to take away its
+ special meaning as a joker, and make it just a regular dot. So far, the meaning is:
+ Match from the start of the first <script> tag in a the page, up to, and including,
+ the text <SPAN
+CLASS="QUOTE"
+>"document.referrer"</SPAN
+>, if <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>both</I
+></SPAN
+> are present
+ in the page (and appear in that order).</P
+><P
+> But there's still more pattern to go. The next element, again enclosed in parentheses,
+ is <TT
+CLASS="LITERAL"
+>.*</script></TT
+>. You already know what <TT
+CLASS="LITERAL"
+>.*</TT
+>
+ means, so the whole pattern translates to: Match from the start of the first  <script>
+ tag in a page to the end of the last <script> tag, provided that the text
+ <SPAN
+CLASS="QUOTE"
+>"document.referrer"</SPAN
+> appears somewhere in between.</P
+><P
+> This is still not the whole story, since we have ignored the options and the parentheses:
+ The portions of the page matched by sub-patterns that are enclosed in parentheses, will be
+ remembered and be available through the variables <TT
+CLASS="LITERAL"
+>$1, $2, ...</TT
+> in
+ the substitute. The <TT
+CLASS="LITERAL"
+>U</TT
+> option switches to ungreedy matching, which means
+ that the first <TT
+CLASS="LITERAL"
+>.*</TT
+> in the pattern will only <SPAN
+CLASS="QUOTE"
+>"eat up"</SPAN
+> all
+ text in between <SPAN
+CLASS="QUOTE"
+>"<script"</SPAN
+> and the <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>first</I
+></SPAN
+> occurrence
+ of <SPAN
+CLASS="QUOTE"
+>"document.referrer"</SPAN
+>, and that the second <TT
+CLASS="LITERAL"
+>.*</TT
+> will
+ only span the text up to the <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>first</I
+></SPAN
+> <SPAN
+CLASS="QUOTE"
+>"</script>"</SPAN
+>
+ tag. Furthermore, the <TT
+CLASS="LITERAL"
+>s</TT
+> option says that the match may span
+ multiple lines in the page, and the <TT
+CLASS="LITERAL"
+>g</TT
+> option again means that the
+ substitution is global.</P
+><P
+> So, to summarize, the pattern means: Match all scripts that contain the text
+ <SPAN
+CLASS="QUOTE"
+>"document.referrer"</SPAN
+>. Remember the parts of the script from
+ (and including) the start tag up to (and excluding) the string
+ <SPAN
+CLASS="QUOTE"
+>"document.referrer"</SPAN
+> as <TT
+CLASS="LITERAL"
+>$1</TT
+>, and the part following
+ that string, up to and including the closing tag, as <TT
+CLASS="LITERAL"
+>$2</TT
+>.</P
+><P
+> Now the pattern is deciphered, but wasn't this about substituting things? So
+ lets look at the substitute: <TT
+CLASS="LITERAL"
+>$1"Not Your Business!"$2</TT
+> is
+ easy to read: The text remembered as <TT
+CLASS="LITERAL"
+>$1</TT
+>, followed by 
+ <TT
+CLASS="LITERAL"
+>"Not Your Business!"</TT
+> (<SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>including</I
+></SPAN
+>
+ the quotation marks!), followed by the text remembered as <TT
+CLASS="LITERAL"
+>$2</TT
+>.
+ This produces an exact copy of the original string, with the middle part
+ (the <SPAN
+CLASS="QUOTE"
+>"document.referrer"</SPAN
+>) replaced by <TT
+CLASS="LITERAL"
+>"Not Your
+ Business!"</TT
+>.</P
+><P
+> The whole job now reads: Replace <SPAN
+CLASS="QUOTE"
+>"document.referrer"</SPAN
+> by
+ <TT
+CLASS="LITERAL"
+>"Not Your Business!"</TT
+> wherever it appears inside a
+ <script> tag. Note that this job won't break JavaScript syntax,
+ since both the original and the replacement are syntactically valid
+ string objects. The script just won't have access to the referrer
+ information anymore.</P
+><P
+> We'll show you two other jobs from the JavaScript taming department, but
+ this time only point out the constructs of special interest:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># The status bar is for displaying link targets, not pointless blahblah
+#
+s/window\.status\s*=\s*(['"]).*?\1/dUmMy=1/ig</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> <TT
+CLASS="LITERAL"
+>\s</TT
+> stands for whitespace characters (space, tab, newline,
+ carriage return, form feed), so that <TT
+CLASS="LITERAL"
+>\s*</TT
+> means: <SPAN
+CLASS="QUOTE"
+>"zero
+ or more whitespace"</SPAN
+>. The <TT
+CLASS="LITERAL"
+>?</TT
+> in <TT
+CLASS="LITERAL"
+>.*?</TT
+>
+ makes this matching of arbitrary text ungreedy. (Note that the <TT
+CLASS="LITERAL"
+>U</TT
+>
+ option is not set). The <TT
+CLASS="LITERAL"
+>['"]</TT
+> construct means: <SPAN
+CLASS="QUOTE"
+>"a single
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>or</I
+></SPAN
+> a double quote"</SPAN
+>. Finally, <TT
+CLASS="LITERAL"
+>\1</TT
+> is
+ a back-reference to the first parenthesis just like <TT
+CLASS="LITERAL"
+>$1</TT
+> above,
+ with the difference that in the <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>pattern</I
+></SPAN
+>, a backslash indicates
+ a back-reference, whereas in the <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>substitute</I
+></SPAN
+>, it's the dollar.</P
+><P
+> So what does this job do? It replaces assignments of single- or double-quoted
+ strings to the <SPAN
+CLASS="QUOTE"
+>"window.status"</SPAN
+> object with a dummy assignment
+ (using a variable name that is hopefully odd enough not to conflict with
+ real variables in scripts). Thus, it catches many cases where e.g. pointless
+ descriptions are displayed in the status bar instead of the link target when
+ you move your mouse over links.</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Kill OnUnload popups. Yummy. Test: http://www.zdnet.com/zdsubs/yahoo/tree/yfs.html
+#
+s/(<body [^>]*)onunload(.*>)/$1never$2/iU</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Including the
+ <A
+HREF="http://www.w3.org/TR/2000/REC-DOM-Level-2-Events-20001113/events.html#Events-eventgroupings-htmlevents"
+TARGET="_top"
+>OnUnload
+ event binding</A
+> in the HTML DOM was a <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>CRIME</I
+></SPAN
+>.
+ When I close a browser window, I want it to close and die. Basta.
+ This job replaces the <SPAN
+CLASS="QUOTE"
+>"onunload"</SPAN
+> attribute in
+ <SPAN
+CLASS="QUOTE"
+>"<body>"</SPAN
+> tags with the dummy word <TT
+CLASS="LITERAL"
+>never</TT
+>.
+ Note that the <TT
+CLASS="LITERAL"
+>i</TT
+> option makes the pattern matching
+ case-insensitive. Also note that ungreedy matching alone doesn't always guarantee
+ a minimal match: In the first parenthesis, we had to use <TT
+CLASS="LITERAL"
+>[^>]*</TT
+>
+ instead of <TT
+CLASS="LITERAL"
+>.*</TT
+> to prevent the match from exceeding the 
+ <body> tag if it doesn't contain <SPAN
+CLASS="QUOTE"
+>"OnUnload"</SPAN
+>, but the page's
+ content does.</P
+><P
+> The last example is from the fun department:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>FILTER: fun Fun text replacements
+
+# Spice the daily news:
+#
+s/microsoft(?!\.com)/MicroSuck/ig</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Note the <TT
+CLASS="LITERAL"
+>(?!\.com)</TT
+> part (a so-called negative lookahead)
+ in the job's pattern, which means: Don't match, if the string 
+ <SPAN
+CLASS="QUOTE"
+>".com"</SPAN
+> appears directly following <SPAN
+CLASS="QUOTE"
+>"microsoft"</SPAN
+>
+ in the page. This prevents links to microsoft.com from being trashed, while
+ still replacing the word everywhere else.</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+># Buzzword Bingo (example for extended regex syntax)
+#
+s* industry[ -]leading \
+|  cutting[ -]edge \
+|  customer[ -]focused \
+|  market[ -]driven \
+|  award[ -]winning # Comments are OK, too! \
+|  high[ -]performance \
+|  solutions[ -]based \
+|  unmatched \
+|  unparalleled \
+|  unrivalled \
+*<font color="red"><b>BINGO!</b></font> \
+*igx</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> The <TT
+CLASS="LITERAL"
+>x</TT
+> option in this job turns on extended syntax, and allows for
+ e.g. the liberal use of (non-interpreted!) whitespace for nicer formatting. </P
+><P
+> You get the idea?</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="PREDEFINED-FILTERS"
+>9.2. The Pre-defined Filters</A
+></H2
+><P
+>The distribution <TT
+CLASS="FILENAME"
+>default.filter</TT
+> file contains a selection of
+pre-defined filters for your convenience:</P
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>js-annoyances</I
+></SPAN
+></DT
+><DD
+><P
+>    The purpose of this filter is to get rid of particularly annoying JavaScript abuse.
+    To that end, it
+   <P
+></P
+><UL
+><LI
+><P
+>      replaces JavaScript references to the browser's referrer information
+      with the string "Not Your Business!". This compliments the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#HIDE-REFERRER"
+>hide-referrer</A
+></TT
+> action on the content level.
+     </P
+></LI
+><LI
+><P
+>      removes the bindings to the DOM's
+      <A
+HREF="http://www.w3.org/TR/2000/REC-DOM-Level-2-Events-20001113/events.html#Events-eventgroupings-htmlevents"
+TARGET="_top"
+>unload
+      event</A
+> which we feel has no right to exist and is responsible for most <SPAN
+CLASS="QUOTE"
+>"exit consoles"</SPAN
+>, i.e.
+      nasty windows that pop up when you close another one.
+     </P
+></LI
+><LI
+><P
+>      removes code that causes new windows to be opened with undesired properties, such as being
+      full-screen, non-resizeable, without location, status or menu bar etc.
+     </P
+></LI
+></UL
+>
+   </P
+><P
+>    Use with caution. This is an aggressive filter, and can break sites that 
+    rely heavily on JavaScript.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>js-events</I
+></SPAN
+></DT
+><DD
+><P
+>    This is a very radical measure. It removes virtually all JavaScript event bindings, which
+    means that scripts can not react to user actions such as mouse movements or clicks, window
+    resizing etc, anymore. Use with caution!
+   </P
+><P
+>    We <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>strongly discourage</I
+></SPAN
+> using this filter as a default since it breaks
+    many legitimate scripts. It is meant for use only on extra-nasty sites (should you really
+    need to go there).
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>html-annoyances</I
+></SPAN
+></DT
+><DD
+><P
+>    This filter will undo many common instances of HTML based abuse.
+   </P
+><P
+>    The <TT
+CLASS="LITERAL"
+>BLINK</TT
+> and <TT
+CLASS="LITERAL"
+>MARQUEE</TT
+> tags 
+    are neutralized (yeah baby!), and browser windows will be created as
+    resizeable (as of course they should be!), and will have location,
+    scroll and menu bars -- even if specified otherwise.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>content-cookies</I
+></SPAN
+></DT
+><DD
+><P
+>    Most cookies are set in the HTTP dialog, where they can be intercepted
+    by the
+    <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#CRUNCH-INCOMING-COOKIES"
+>crunch-incoming-cookies</A
+></TT
+>
+    and <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#CRUNCH-OUTGOING-COOKIES"
+>crunch-outgoing-cookies</A
+></TT
+>
+    actions. But web sites increasingly make use of HTML meta tags and JavaScript
+    to sneak cookies to the browser on the content level.
+   </P
+><P
+>    This filter disables most HTML and JavaScript code that reads or sets
+    cookies. It cannot detect all clever uses of these types of code, so it 
+    should not be relied on as an absolute fix. Use it wherever you would also
+    use the cookie crunch actions. 
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>refresh tags</I
+></SPAN
+></DT
+><DD
+><P
+>    Disable any refresh tags if the interval is greater than nine seconds (so 
+    that redirections done via refresh tags are not destroyed). This is useful 
+    for dial-on-demand setups, or for those who find this HTML feature
+    annoying.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>unsolicited-popups</I
+></SPAN
+></DT
+><DD
+><P
+>    This filter attempts to prevent only <SPAN
+CLASS="QUOTE"
+>"unsolicited"</SPAN
+> pop-up 
+    windows from opening, yet still allow pop-up windows that the user 
+    has explicitly chosen to open. It was added in version 3.0.1, 
+    as an improvement over earlier such filters.
+   </P
+><P
+>    Technical note: The filter works by redefining the window.open JavaScript
+    function to a dummy function, <TT
+CLASS="LITERAL"
+>PrivoxyWindowOpen()</TT
+>,
+    during the loading and rendering phase of each HTML page access, and
+    restoring the function afterward.
+   </P
+><P
+>    This is recommended only for browsers that cannot perform this function
+    reliably themselves. And be aware that some sites require such windows 
+    in order to function normally. Use with caution.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>all-popups</I
+></SPAN
+></DT
+><DD
+><P
+>    Attempt to prevent <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>all</I
+></SPAN
+> pop-up windows from opening.
+    Note this should be used with even more discretion than the above, since
+    it is more likely to break some sites that require pop-ups for normal
+    usage. Use with caution.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>img-reorder</I
+></SPAN
+></DT
+><DD
+><P
+>    This is a helper filter that has no value if used alone. It makes the
+    <TT
+CLASS="LITERAL"
+>banners-by-size</TT
+> and <TT
+CLASS="LITERAL"
+>banners-by-link</TT
+>
+    (see below) filters more effective and should be enabled together with them.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>banners-by-size</I
+></SPAN
+></DT
+><DD
+><P
+>    This filter removes image tags purely based on what size they are. Fortunately 
+    for us, many ads and banner images tend to conform to certain standardized
+    sizes, which makes this filter quite effective for ad stripping purposes.
+   </P
+><P
+>    Occasionally this filter will cause false positives on images that are not ads,
+    but just happen to be of one of the standard banner sizes.
+   </P
+><P
+>    Recommended only for those who require extreme ad blocking. The default 
+    block rules should catch 95+% of all ads <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>without</I
+></SPAN
+> this filter enabled.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>banners-by-link</I
+></SPAN
+></DT
+><DD
+><P
+>    This is an experimental filter that attempts to kill any banners if 
+    their URLs seem to point to known or suspected click trackers. It is currently
+    not of much value and is not recommended for use by default.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>webbugs</I
+></SPAN
+></DT
+><DD
+><P
+>    Webbugs are small, invisible images (technically 1X1 GIF images), that 
+    are used to track users across websites, and collect information on them.
+    As an HTML page is loaded by the browser, an embedded image tag causes the
+    browser to contact a third-party site, disclosing the tracking information
+    through the requested URL and/or cookies for that third-party domain, without
+    the user ever becoming aware of the interaction with the third-party site.
+    HTML-ized spam also uses a similar technique to verify email addresses.
+   </P
+><P
+>    This filter removes the HTML code that loads such <SPAN
+CLASS="QUOTE"
+>"webbugs"</SPAN
+>.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>tiny-textforms</I
+></SPAN
+></DT
+><DD
+><P
+>    A rather special-purpose filter that can be used to enlarge textareas (those
+    multi-line text boxes in web forms) and turn off hard word wrap in them. 
+    It was written for the sourceforge.net tracker system where such boxes are
+    a nuisance, but it can be handy on other sites, too.
+   </P
+><P
+>    It is not recommended to use this filter as a default.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>jumping-windows</I
+></SPAN
+></DT
+><DD
+><P
+>    Many consider windows that move, or resize themselves to be abusive. This filter
+    neutralizes the related JavaScript code. Note that some sites might not display
+    or behave as intended when using this filter. Use with caution.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>frameset-borders</I
+></SPAN
+></DT
+><DD
+><P
+>    Some web designers seem to assume that everyone in the world will view their
+    web sites using the same browser brand and version, screen resolution etc,
+    because only that assumption could explain why they'd use static frame sizes,
+    yet prevent their frames from being resized by the user, should they be too
+    small to show their whole content.
+   </P
+><P
+>    This filter removes the related HTML code. It should only be applied to sites
+    which need it.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>demoronizer</I
+></SPAN
+></DT
+><DD
+><P
+>    Many Microsoft products that generate HTML use non-standard extensions (read:
+    violations) of the ISO 8859-1 aka Latin-1 character set. This can cause those
+    HTML documents to display with errors on standard-compliant platforms. 
+   </P
+><P
+>    This filter translates the MS-only characters into Latin-1 equivalents. 
+    It is not necessary when using MS products, and will cause corruption of  
+    all documents that use 8-bit character sets other than Latin-1. It's mostly
+    worthwhile for Europeans on non-MS platforms, if weird garbage characters
+    sometimes appear on some pages, or user agents that don't correct for this on 
+    the fly.
+ 
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>shockwave-flash</I
+></SPAN
+></DT
+><DD
+><P
+>    A filter for shockwave haters. As the name suggests, this filter strips code
+    out of web pages that is used to embed shockwave flash objects. 
+   </P
+><P
+>   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>quicktime-kioskmode</I
+></SPAN
+></DT
+><DD
+><P
+>    Change HTML code that embeds Quicktime objects so that kioskmode, which
+    prevents saving, is disabled.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>fun</I
+></SPAN
+></DT
+><DD
+><P
+>    Text replacements for subversive browsing fun. Make fun of your favorite
+    Monopolist or play buzzword bingo.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>crude-parental</I
+></SPAN
+></DT
+><DD
+><P
+>    A demonstration-only filter that shows how <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+    can be used to delete web content on a keyword basis.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>ie-exploits</I
+></SPAN
+></DT
+><DD
+><P
+>    An experimental collection of text replacements to disable malicious HTML and JavaScript
+    code that exploits known security holes in Internet Explorer.
+   </P
+><P
+>    Presently, it only protects against Nimda and a cross-site scripting bug, and
+    would need active maintenance to provide more substantial protection.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>site-specifics</I
+></SPAN
+></DT
+><DD
+><P
+>    Some web sites have very specific problems, the cure for which doesn't apply
+    anywhere else, or could even cause damage on other sites.
+   </P
+><P
+>    This is a collection of such site-specific cures which should only be applied
+    to the sites they were intended for, which is what the supplied
+    <TT
+CLASS="FILENAME"
+>default.action</TT
+> file does. Users shouldn't need to change
+    anything regarding this filter.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>google</I
+></SPAN
+></DT
+><DD
+><P
+>    A CSS based block for Google text ads. Also removes a width limitation
+    and the toolbar advertisement.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>yahoo</I
+></SPAN
+></DT
+><DD
+><P
+>    Another CSS based block, this time for Yahoo text ads. And removes 
+    a width limitation as well.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>msn</I
+></SPAN
+></DT
+><DD
+><P
+>    Another CSS based block, this time for MSN text ads. And removes 
+    tracking URLs, as well as a width limitation.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>blogspot</I
+></SPAN
+></DT
+><DD
+><P
+>    Cleans up some Blogspot blogs. Read the fine print before using this one!
+   </P
+><P
+>    This filter also intentionally removes some navigation stuff and sets the
+    page width to 100%. As a result, some rounded <SPAN
+CLASS="QUOTE"
+>"corners"</SPAN
+> would
+    appear to early or not at all and as fixing this would require a browser
+    that understands background-size (CSS3), they are removed instead.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>xml-to-html</I
+></SPAN
+></DT
+><DD
+><P
+>    Server-header filter to change the Content-Type from xml to html.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>html-to-xml</I
+></SPAN
+></DT
+><DD
+><P
+>    Server-header filter to change the Content-Type from html to xml.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>no-ping</I
+></SPAN
+></DT
+><DD
+><P
+>    Removes the non-standard <TT
+CLASS="LITERAL"
+>ping</TT
+> attribute from
+    anchor and area HTML tags.
+   </P
+></DD
+><DT
+><SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>hide-tor-exit-notation</I
+></SPAN
+></DT
+><DD
+><P
+>    Client-header filter to remove the <B
+CLASS="COMMAND"
+>Tor</B
+> exit node notation
+    found in Host and Referer headers.
+   </P
+><P
+>    If <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> and <B
+CLASS="COMMAND"
+>Tor</B
+> are chained and <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+    is configured to use socks4a, one can use <SPAN
+CLASS="QUOTE"
+>"http://www.example.org.foobar.exit/"</SPAN
+>
+    to access the host <SPAN
+CLASS="QUOTE"
+>"www.example.org"</SPAN
+> through the
+    <B
+CLASS="COMMAND"
+>Tor</B
+> exit node <SPAN
+CLASS="QUOTE"
+>"foobar"</SPAN
+>.
+   </P
+><P
+>    As the HTTP client isn't aware of this notation, it treats the
+    whole string <SPAN
+CLASS="QUOTE"
+>"www.example.org.foobar.exit"</SPAN
+> as host and uses it
+    for the <SPAN
+CLASS="QUOTE"
+>"Host"</SPAN
+> and <SPAN
+CLASS="QUOTE"
+>"Referer"</SPAN
+> headers. From the
+    server's point of view the resulting headers are invalid and can cause problems.
+   </P
+><P
+>    An invalid <SPAN
+CLASS="QUOTE"
+>"Referer"</SPAN
+> header can trigger <SPAN
+CLASS="QUOTE"
+>"hot-linking"</SPAN
+>
+    protections, an invalid <SPAN
+CLASS="QUOTE"
+>"Host"</SPAN
+> header will make it impossible for
+    the server to find the right vhost (several domains hosted on the same IP address).
+   </P
+><P
+>    This client-header filter removes the <SPAN
+CLASS="QUOTE"
+>"foo.exit"</SPAN
+> part in those headers
+    to prevent the mentioned problems. Note that it only modifies
+    the HTTP headers, it doesn't make it impossible for the server
+    to detect your <B
+CLASS="COMMAND"
+>Tor</B
+> exit node based on the IP address
+    the request is coming from.
+   </P
+></DD
+></DL
+></DIV
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="actions-file.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="templates.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Actions Files</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Privoxy's Template Files</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/user-manual/index.html b/external/privoxy/doc/webserver/user-manual/index.html
new file mode 100644
index 0000000..366386b
--- /dev/null
+++ b/external/privoxy/doc/webserver/user-manual/index.html
@@ -0,0 +1,963 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Privoxy 3.0.12 User Manual</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="NEXT"
+TITLE="Introduction"
+HREF="introduction.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
+<LINK REL="STYLESHEET" TYPE="text/css" HREF="p_doc.css">
+</head
+><BODY
+CLASS="ARTICLE"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="ARTICLE"
+><DIV
+CLASS="TITLEPAGE"
+><H1
+CLASS="TITLE"
+><A
+NAME="AEN2"
+>Privoxy 3.0.12 User Manual</A
+></H1
+><P
+CLASS="PUBDATE"
+> <SUB
+> <A
+HREF="copyright.html"
+>Copyright</A
+> © 2001-2009 by 
+ <A
+HREF="http://www.privoxy.org/"
+TARGET="_top"
+>Privoxy Developers</A
+>
+ </SUB
+><BR></P
+><P
+CLASS="PUBDATE"
+>$Id: index.html,v 1.60 2009/03/21 12:58:53 fabiankeil Exp $<BR></P
+><DIV
+><DIV
+CLASS="ABSTRACT"
+><P
+></P
+><A
+NAME="AEN9"
+></A
+><P
+>  The <I
+CLASS="CITETITLE"
+>Privoxy User Manual</I
+> gives users information on how to
+  install, configure and use <A
+HREF="http://www.privoxy.org/"
+TARGET="_top"
+>Privoxy</A
+>.
+ </P
+><P
+> Privoxy is a non-caching web proxy with advanced filtering capabilities
+ for enhancing privacy, modifying web page data and HTTP headers, controlling
+ access, and removing ads and other obnoxious Internet junk. Privoxy has a
+ flexible configuration and can be customized to suit individual needs and tastes.
+ It has application for both stand-alone systems and multi-user networks.</P
+><P
+> Privoxy is Free Software and licensed under the GPL2.</P
+><P
+> Privoxy is an associated project of Software in the Public Interest (SPI).
+ <A
+HREF="http://www.privoxy.org/faq/general.html#DONATE"
+TARGET="_top"
+>Donations are welcome</A
+>.</P
+><P
+>  You can find the latest version of the <I
+CLASS="CITETITLE"
+>Privoxy User Manual</I
+> at  <A
+HREF="http://www.privoxy.org/user-manual/"
+TARGET="_top"
+>http://www.privoxy.org/user-manual/</A
+>.
+  Please see the <A
+HREF="contact.html"
+>Contact section</A
+> on how to
+  contact the developers.
+ </P
+><P
+></P
+></DIV
+></DIV
+><HR></DIV
+><DIV
+CLASS="TOC"
+><DL
+><DT
+><B
+>Table of Contents</B
+></DT
+><DT
+>1. <A
+HREF="introduction.html"
+>Introduction</A
+></DT
+><DD
+><DL
+><DT
+>1.1. <A
+HREF="introduction.html#FEATURES"
+>Features</A
+></DT
+></DL
+></DD
+><DT
+>2. <A
+HREF="installation.html"
+>Installation</A
+></DT
+><DD
+><DL
+><DT
+>2.1. <A
+HREF="installation.html#INSTALLATION-PACKAGES"
+>Binary Packages</A
+></DT
+><DD
+><DL
+><DT
+>2.1.1. <A
+HREF="installation.html#INSTALLATION-PACK-RPM"
+>Red Hat and Fedora RPMs</A
+></DT
+><DT
+>2.1.2. <A
+HREF="installation.html#INSTALLATION-DEB"
+>Debian and Ubuntu</A
+></DT
+><DT
+>2.1.3. <A
+HREF="installation.html#INSTALLATION-PACK-WIN"
+>Windows</A
+></DT
+><DT
+>2.1.4. <A
+HREF="installation.html#INSTALLATION-PACK-BINTGZ"
+>Solaris</A
+></DT
+><DT
+>2.1.5. <A
+HREF="installation.html#INSTALLATION-OS2"
+>OS/2</A
+></DT
+><DT
+>2.1.6. <A
+HREF="installation.html#INSTALLATION-MAC"
+>Mac OS X</A
+></DT
+><DT
+>2.1.7. <A
+HREF="installation.html#INSTALLATION-AMIGA"
+>AmigaOS</A
+></DT
+><DT
+>2.1.8. <A
+HREF="installation.html#INSTALLATION-TBZ"
+>FreeBSD</A
+></DT
+><DT
+>2.1.9. <A
+HREF="installation.html#INSTALLATTION-GENTOO"
+>Gentoo</A
+></DT
+></DL
+></DD
+><DT
+>2.2. <A
+HREF="installation.html#INSTALLATION-SOURCE"
+>Building from Source</A
+></DT
+><DT
+>2.3. <A
+HREF="installation.html#INSTALLATION-KEEPUPDATED"
+>Keeping your Installation Up-to-Date</A
+></DT
+></DL
+></DD
+><DT
+>3. <A
+HREF="whatsnew.html"
+>What's New in this Release</A
+></DT
+><DD
+><DL
+><DT
+>3.1. <A
+HREF="whatsnew.html#UPGRADERSNOTE"
+>Note to Upgraders</A
+></DT
+></DL
+></DD
+><DT
+>4. <A
+HREF="quickstart.html"
+>Quickstart to Using Privoxy</A
+></DT
+><DD
+><DL
+><DT
+>4.1. <A
+HREF="quickstart.html#QUICKSTART-AD-BLOCKING"
+>Quickstart to Ad Blocking</A
+></DT
+></DL
+></DD
+><DT
+>5. <A
+HREF="startup.html"
+>Starting Privoxy</A
+></DT
+><DD
+><DL
+><DT
+>5.1. <A
+HREF="startup.html#START-REDHAT"
+>Red Hat and Fedora</A
+></DT
+><DT
+>5.2. <A
+HREF="startup.html#START-DEBIAN"
+>Debian</A
+></DT
+><DT
+>5.3. <A
+HREF="startup.html#START-WINDOWS"
+>Windows</A
+></DT
+><DT
+>5.4. <A
+HREF="startup.html#START-UNICES"
+>Solaris, NetBSD, FreeBSD, HP-UX and others</A
+></DT
+><DT
+>5.5. <A
+HREF="startup.html#START-OS2"
+>OS/2</A
+></DT
+><DT
+>5.6. <A
+HREF="startup.html#START-MACOSX"
+>Mac OS X</A
+></DT
+><DT
+>5.7. <A
+HREF="startup.html#START-AMIGAOS"
+>AmigaOS</A
+></DT
+><DT
+>5.8. <A
+HREF="startup.html#START-GENTOO"
+>Gentoo</A
+></DT
+><DT
+>5.9. <A
+HREF="startup.html#CMDOPTIONS"
+>Command Line Options</A
+></DT
+></DL
+></DD
+><DT
+>6. <A
+HREF="configuration.html"
+>Privoxy Configuration</A
+></DT
+><DD
+><DL
+><DT
+>6.1. <A
+HREF="configuration.html#AEN776"
+>Controlling Privoxy with Your Web Browser</A
+></DT
+><DT
+>6.2. <A
+HREF="configuration.html#CONFOVERVIEW"
+>Configuration Files Overview</A
+></DT
+></DL
+></DD
+><DT
+>7. <A
+HREF="config.html"
+>The Main Configuration File</A
+></DT
+><DD
+><DL
+><DT
+>7.1. <A
+HREF="config.html#LOCAL-SET-UP"
+>Local Set-up Documentation</A
+></DT
+><DD
+><DL
+><DT
+>7.1.1. <A
+HREF="config.html#USER-MANUAL"
+>user-manual</A
+></DT
+><DT
+>7.1.2. <A
+HREF="config.html#TRUST-INFO-URL"
+>trust-info-url</A
+></DT
+><DT
+>7.1.3. <A
+HREF="config.html#ADMIN-ADDRESS"
+>admin-address</A
+></DT
+><DT
+>7.1.4. <A
+HREF="config.html#PROXY-INFO-URL"
+>proxy-info-url</A
+></DT
+></DL
+></DD
+><DT
+>7.2. <A
+HREF="config.html#CONF-LOG-LOC"
+>Configuration and Log File Locations</A
+></DT
+><DD
+><DL
+><DT
+>7.2.1. <A
+HREF="config.html#CONFDIR"
+>confdir</A
+></DT
+><DT
+>7.2.2. <A
+HREF="config.html#TEMPLDIR"
+>templdir</A
+></DT
+><DT
+>7.2.3. <A
+HREF="config.html#LOGDIR"
+>logdir</A
+></DT
+><DT
+>7.2.4. <A
+HREF="config.html#ACTIONSFILE"
+>actionsfile</A
+></DT
+><DT
+>7.2.5. <A
+HREF="config.html#FILTERFILE"
+>filterfile</A
+></DT
+><DT
+>7.2.6. <A
+HREF="config.html#LOGFILE"
+>logfile</A
+></DT
+><DT
+>7.2.7. <A
+HREF="config.html#TRUSTFILE"
+>trustfile</A
+></DT
+></DL
+></DD
+><DT
+>7.3. <A
+HREF="config.html#DEBUGGING"
+>Debugging</A
+></DT
+><DD
+><DL
+><DT
+>7.3.1. <A
+HREF="config.html#DEBUG"
+>debug</A
+></DT
+><DT
+>7.3.2. <A
+HREF="config.html#SINGLE-THREADED"
+>single-threaded</A
+></DT
+><DT
+>7.3.3. <A
+HREF="config.html#HOSTNAME"
+>hostname</A
+></DT
+></DL
+></DD
+><DT
+>7.4. <A
+HREF="config.html#ACCESS-CONTROL"
+>Access Control and Security</A
+></DT
+><DD
+><DL
+><DT
+>7.4.1. <A
+HREF="config.html#LISTEN-ADDRESS"
+>listen-address</A
+></DT
+><DT
+>7.4.2. <A
+HREF="config.html#TOGGLE"
+>toggle</A
+></DT
+><DT
+>7.4.3. <A
+HREF="config.html#ENABLE-REMOTE-TOGGLE"
+>enable-remote-toggle</A
+></DT
+><DT
+>7.4.4. <A
+HREF="config.html#ENABLE-REMOTE-HTTP-TOGGLE"
+>enable-remote-http-toggle</A
+></DT
+><DT
+>7.4.5. <A
+HREF="config.html#ENABLE-EDIT-ACTIONS"
+>enable-edit-actions</A
+></DT
+><DT
+>7.4.6. <A
+HREF="config.html#ENFORCE-BLOCKS"
+>enforce-blocks</A
+></DT
+><DT
+>7.4.7. <A
+HREF="config.html#ACLS"
+>ACLs: permit-access and deny-access</A
+></DT
+><DT
+>7.4.8. <A
+HREF="config.html#BUFFER-LIMIT"
+>buffer-limit</A
+></DT
+></DL
+></DD
+><DT
+>7.5. <A
+HREF="config.html#FORWARDING"
+>Forwarding</A
+></DT
+><DD
+><DL
+><DT
+>7.5.1. <A
+HREF="config.html#FORWARD"
+>forward</A
+></DT
+><DT
+>7.5.2. <A
+HREF="config.html#SOCKS"
+>forward-socks4, forward-socks4a and forward-socks5</A
+></DT
+><DT
+>7.5.3. <A
+HREF="config.html#ADVANCED-FORWARDING-EXAMPLES"
+>Advanced Forwarding Examples</A
+></DT
+><DT
+>7.5.4. <A
+HREF="config.html#FORWARDED-CONNECT-RETRIES"
+>forwarded-connect-retries</A
+></DT
+><DT
+>7.5.5. <A
+HREF="config.html#ACCEPT-INTERCEPTED-REQUESTS"
+>accept-intercepted-requests</A
+></DT
+><DT
+>7.5.6. <A
+HREF="config.html#ALLOW-CGI-REQUEST-CRUNCHING"
+>allow-cgi-request-crunching</A
+></DT
+><DT
+>7.5.7. <A
+HREF="config.html#SPLIT-LARGE-FORMS"
+>split-large-forms</A
+></DT
+><DT
+>7.5.8. <A
+HREF="config.html#KEEP-ALIVE-TIMEOUT"
+>keep-alive-timeout</A
+></DT
+><DT
+>7.5.9. <A
+HREF="config.html#SOCKET-TIMEOUT"
+>socket-timeout</A
+></DT
+></DL
+></DD
+><DT
+>7.6. <A
+HREF="config.html#WINDOWS-GUI"
+>Windows GUI Options</A
+></DT
+></DL
+></DD
+><DT
+>8. <A
+HREF="actions-file.html"
+>Actions Files</A
+></DT
+><DD
+><DL
+><DT
+>8.1. <A
+HREF="actions-file.html#AEN2288"
+>Finding the Right Mix</A
+></DT
+><DT
+>8.2. <A
+HREF="actions-file.html#AEN2295"
+>How to Edit</A
+></DT
+><DT
+>8.3. <A
+HREF="actions-file.html#ACTIONS-APPLY"
+>How Actions are Applied to Requests</A
+></DT
+><DT
+>8.4. <A
+HREF="actions-file.html#AF-PATTERNS"
+>Patterns</A
+></DT
+><DD
+><DL
+><DT
+>8.4.1. <A
+HREF="actions-file.html#AEN2386"
+>The Domain Pattern</A
+></DT
+><DT
+>8.4.2. <A
+HREF="actions-file.html#AEN2462"
+>The Path Pattern</A
+></DT
+><DT
+>8.4.3. <A
+HREF="actions-file.html#TAG-PATTERN"
+>The Tag Pattern</A
+></DT
+></DL
+></DD
+><DT
+>8.5. <A
+HREF="actions-file.html#ACTIONS"
+>Actions</A
+></DT
+><DD
+><DL
+><DT
+>8.5.1. <A
+HREF="actions-file.html#ADD-HEADER"
+>add-header</A
+></DT
+><DT
+>8.5.2. <A
+HREF="actions-file.html#BLOCK"
+>block</A
+></DT
+><DT
+>8.5.3. <A
+HREF="actions-file.html#CHANGE-X-FORWARDED-FOR"
+>change-x-forwarded-for</A
+></DT
+><DT
+>8.5.4. <A
+HREF="actions-file.html#CLIENT-HEADER-FILTER"
+>client-header-filter</A
+></DT
+><DT
+>8.5.5. <A
+HREF="actions-file.html#CLIENT-HEADER-TAGGER"
+>client-header-tagger</A
+></DT
+><DT
+>8.5.6. <A
+HREF="actions-file.html#CONTENT-TYPE-OVERWRITE"
+>content-type-overwrite</A
+></DT
+><DT
+>8.5.7. <A
+HREF="actions-file.html#CRUNCH-CLIENT-HEADER"
+>crunch-client-header</A
+></DT
+><DT
+>8.5.8. <A
+HREF="actions-file.html#CRUNCH-IF-NONE-MATCH"
+>crunch-if-none-match</A
+></DT
+><DT
+>8.5.9. <A
+HREF="actions-file.html#CRUNCH-INCOMING-COOKIES"
+>crunch-incoming-cookies</A
+></DT
+><DT
+>8.5.10. <A
+HREF="actions-file.html#CRUNCH-SERVER-HEADER"
+>crunch-server-header</A
+></DT
+><DT
+>8.5.11. <A
+HREF="actions-file.html#CRUNCH-OUTGOING-COOKIES"
+>crunch-outgoing-cookies</A
+></DT
+><DT
+>8.5.12. <A
+HREF="actions-file.html#DEANIMATE-GIFS"
+>deanimate-gifs</A
+></DT
+><DT
+>8.5.13. <A
+HREF="actions-file.html#DOWNGRADE-HTTP-VERSION"
+>downgrade-http-version</A
+></DT
+><DT
+>8.5.14. <A
+HREF="actions-file.html#FAST-REDIRECTS"
+>fast-redirects</A
+></DT
+><DT
+>8.5.15. <A
+HREF="actions-file.html#FILTER"
+>filter</A
+></DT
+><DT
+>8.5.16. <A
+HREF="actions-file.html#FORCE-TEXT-MODE"
+>force-text-mode</A
+></DT
+><DT
+>8.5.17. <A
+HREF="actions-file.html#FORWARD-OVERRIDE"
+>forward-override</A
+></DT
+><DT
+>8.5.18. <A
+HREF="actions-file.html#HANDLE-AS-EMPTY-DOCUMENT"
+>handle-as-empty-document</A
+></DT
+><DT
+>8.5.19. <A
+HREF="actions-file.html#HANDLE-AS-IMAGE"
+>handle-as-image</A
+></DT
+><DT
+>8.5.20. <A
+HREF="actions-file.html#HIDE-ACCEPT-LANGUAGE"
+>hide-accept-language</A
+></DT
+><DT
+>8.5.21. <A
+HREF="actions-file.html#HIDE-CONTENT-DISPOSITION"
+>hide-content-disposition</A
+></DT
+><DT
+>8.5.22. <A
+HREF="actions-file.html#HIDE-IF-MODIFIED-SINCE"
+>hide-if-modified-since</A
+></DT
+><DT
+>8.5.23. <A
+HREF="actions-file.html#HIDE-FROM-HEADER"
+>hide-from-header</A
+></DT
+><DT
+>8.5.24. <A
+HREF="actions-file.html#HIDE-REFERRER"
+>hide-referrer</A
+></DT
+><DT
+>8.5.25. <A
+HREF="actions-file.html#HIDE-USER-AGENT"
+>hide-user-agent</A
+></DT
+><DT
+>8.5.26. <A
+HREF="actions-file.html#LIMIT-CONNECT"
+>limit-connect</A
+></DT
+><DT
+>8.5.27. <A
+HREF="actions-file.html#PREVENT-COMPRESSION"
+>prevent-compression</A
+></DT
+><DT
+>8.5.28. <A
+HREF="actions-file.html#OVERWRITE-LAST-MODIFIED"
+>overwrite-last-modified</A
+></DT
+><DT
+>8.5.29. <A
+HREF="actions-file.html#REDIRECT"
+>redirect</A
+></DT
+><DT
+>8.5.30. <A
+HREF="actions-file.html#SERVER-HEADER-FILTER"
+>server-header-filter</A
+></DT
+><DT
+>8.5.31. <A
+HREF="actions-file.html#SERVER-HEADER-TAGGER"
+>server-header-tagger</A
+></DT
+><DT
+>8.5.32. <A
+HREF="actions-file.html#SESSION-COOKIES-ONLY"
+>session-cookies-only</A
+></DT
+><DT
+>8.5.33. <A
+HREF="actions-file.html#SET-IMAGE-BLOCKER"
+>set-image-blocker</A
+></DT
+><DT
+>8.5.34. <A
+HREF="actions-file.html#AEN4093"
+>Summary</A
+></DT
+></DL
+></DD
+><DT
+>8.6. <A
+HREF="actions-file.html#ALIASES"
+>Aliases</A
+></DT
+><DT
+>8.7. <A
+HREF="actions-file.html#ACT-EXAMPLES"
+>Actions Files Tutorial</A
+></DT
+><DD
+><DL
+><DT
+>8.7.1. <A
+HREF="actions-file.html#AEN4157"
+>match-all.action</A
+></DT
+><DT
+>8.7.2. <A
+HREF="actions-file.html#AEN4179"
+>default.action</A
+></DT
+><DT
+>8.7.3. <A
+HREF="actions-file.html#AEN4292"
+>user.action</A
+></DT
+></DL
+></DD
+></DL
+></DD
+><DT
+>9. <A
+HREF="filter-file.html"
+>Filter Files</A
+></DT
+><DD
+><DL
+><DT
+>9.1. <A
+HREF="filter-file.html#AEN4447"
+>Filter File Tutorial</A
+></DT
+><DT
+>9.2. <A
+HREF="filter-file.html#PREDEFINED-FILTERS"
+>The Pre-defined Filters</A
+></DT
+></DL
+></DD
+><DT
+>10. <A
+HREF="templates.html"
+>Privoxy's Template Files</A
+></DT
+><DT
+>11. <A
+HREF="contact.html"
+>Contacting the Developers, Bug Reporting and Feature
+Requests</A
+></DT
+><DD
+><DL
+><DT
+>11.1. <A
+HREF="contact.html#CONTACT-SUPPORT"
+>Get Support</A
+></DT
+><DT
+>11.2. <A
+HREF="contact.html#REPORTING"
+>Reporting Problems</A
+></DT
+><DD
+><DL
+><DT
+>11.2.1. <A
+HREF="contact.html#CONTACT-ADS"
+>Reporting Ads or Other Configuration Problems</A
+></DT
+><DT
+>11.2.2. <A
+HREF="contact.html#CONTACT-BUGS"
+>Reporting Bugs</A
+></DT
+></DL
+></DD
+><DT
+>11.3. <A
+HREF="contact.html#CONTACT-FEATURE"
+>Request New Features</A
+></DT
+><DT
+>11.4. <A
+HREF="contact.html#CONTACT-OTHER"
+>Other</A
+></DT
+></DL
+></DD
+><DT
+>12. <A
+HREF="copyright.html"
+>Privoxy Copyright, License and History</A
+></DT
+><DD
+><DL
+><DT
+>12.1. <A
+HREF="copyright.html#AEN4921"
+>License</A
+></DT
+><DT
+>12.2. <A
+HREF="copyright.html#HISTORY"
+>History</A
+></DT
+><DT
+>12.3. <A
+HREF="copyright.html#AUTHORS"
+>Authors</A
+></DT
+></DL
+></DD
+><DT
+>13. <A
+HREF="seealso.html"
+>See Also</A
+></DT
+><DT
+>14. <A
+HREF="appendix.html"
+>Appendix</A
+></DT
+><DD
+><DL
+><DT
+>14.1. <A
+HREF="appendix.html#REGEX"
+>Regular Expressions</A
+></DT
+><DT
+>14.2. <A
+HREF="appendix.html#AEN5174"
+>Privoxy's Internal Pages</A
+></DT
+><DD
+><DL
+><DT
+>14.2.1. <A
+HREF="appendix.html#BOOKMARKLETS"
+>Bookmarklets</A
+></DT
+></DL
+></DD
+><DT
+>14.3. <A
+HREF="appendix.html#CHAIN"
+>Chain of Events</A
+></DT
+><DT
+>14.4. <A
+HREF="appendix.html#ACTIONSANAT"
+>Troubleshooting: Anatomy of an Action</A
+></DT
+></DL
+></DD
+></DL
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="introduction.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Introduction</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/user-manual/installation.html b/external/privoxy/doc/webserver/user-manual/installation.html
new file mode 100644
index 0000000..f5fefc2
--- /dev/null
+++ b/external/privoxy/doc/webserver/user-manual/installation.html
@@ -0,0 +1,1082 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Installation</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy 3.0.12 User Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Introduction"
+HREF="introduction.html"><LINK
+REL="NEXT"
+TITLE="What's New in this Release"
+HREF="whatsnew.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
+<LINK REL="STYLESHEET" TYPE="text/css" HREF="p_doc.css">
+</head
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy 3.0.12 User Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="introduction.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="whatsnew.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="INSTALLATION"
+>2. Installation</A
+></H1
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is available both in convenient pre-compiled
+ packages for a wide range of operating systems, and as raw source code.
+ For most users, we recommend using the packages, which can be downloaded from our
+ <A
+HREF="http://sourceforge.net/projects/ijbswa/"
+TARGET="_top"
+>Privoxy Project
+ Page</A
+>.</P
+><P
+> Note: 
+ On some platforms, the installer may remove previously installed versions, if 
+ found. (See below for your platform). In any case <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>be sure to backup
+ your old configuration if it is valuable to you.</I
+></SPAN
+> See the <A
+HREF="whatsnew.html#UPGRADERSNOTE"
+>note to upgraders</A
+> section below.</P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="INSTALLATION-PACKAGES"
+>2.1. Binary Packages</A
+></H2
+><P
+>How to install the binary packages depends on your operating system:</P
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="INSTALLATION-PACK-RPM"
+>2.1.1. Red Hat and Fedora RPMs</A
+></H3
+><P
+> RPMs can be installed with <TT
+CLASS="LITERAL"
+>rpm -Uvh privoxy-3.0.12-1.rpm</TT
+>,
+ and will use <TT
+CLASS="FILENAME"
+>/etc/privoxy</TT
+> for the location 
+ of configuration files.</P
+><P
+> Note that on Red Hat, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>not</I
+></SPAN
+> be automatically started on system boot. You will
+ need to enable that using <B
+CLASS="COMMAND"
+>chkconfig</B
+>,
+ <B
+CLASS="COMMAND"
+>ntsysv</B
+>, or similar methods. </P
+><P
+> If you have problems with failed dependencies, try rebuilding the SRC RPM: 
+ <TT
+CLASS="LITERAL"
+>rpm --rebuild privoxy-3.0.12-1.src.rpm</TT
+>. This 
+ will use your locally installed libraries and RPM version. </P
+><P
+> Also note that if you have a <SPAN
+CLASS="APPLICATION"
+>Junkbuster</SPAN
+> RPM installed
+ on your system, you need to remove it first, because the packages conflict.
+ Otherwise, RPM will try to remove <SPAN
+CLASS="APPLICATION"
+>Junkbuster</SPAN
+>
+ automatically if found, before installing <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="INSTALLATION-DEB"
+>2.1.2. Debian and Ubuntu</A
+></H3
+><P
+> DEBs can be installed with <TT
+CLASS="LITERAL"
+>apt-get install privoxy</TT
+>,
+ and will use <TT
+CLASS="FILENAME"
+>/etc/privoxy</TT
+> for the location of 
+ configuration files.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="INSTALLATION-PACK-WIN"
+>2.1.3. Windows</A
+></H3
+><P
+> Just double-click the installer, which will guide you through
+ the installation process. You will find the configuration files
+ in the same directory as you installed <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> in. </P
+><P
+> Version 3.0.5 beta introduced full <SPAN
+CLASS="APPLICATION"
+>Windows</SPAN
+> service
+ functionality. On Windows only, the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ program has two new command line arguments to install and uninstall
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> as a <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>service</I
+></SPAN
+>.</P
+><P
+></P
+><DIV
+CLASS="VARIABLELIST"
+><DL
+><DT
+>Arguments:</DT
+><DD
+><P
+>     <TT
+CLASS="REPLACEABLE"
+><I
+>--install</I
+></TT
+>[:<TT
+CLASS="REPLACEABLE"
+><I
+>service_name</I
+></TT
+>]
+    </P
+><P
+>     <TT
+CLASS="REPLACEABLE"
+><I
+>--uninstall</I
+></TT
+>[:<TT
+CLASS="REPLACEABLE"
+><I
+>service_name</I
+></TT
+>]
+    </P
+></DD
+></DL
+></DIV
+><P
+> After invoking <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> with
+ <B
+CLASS="COMMAND"
+>--install</B
+>, you will need to bring up the
+ <SPAN
+CLASS="APPLICATION"
+>Windows</SPAN
+> service console to assign the user you
+ want <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to run under, and whether or not you
+ want it to run whenever the system starts. You can start the
+ <SPAN
+CLASS="APPLICATION"
+>Windows</SPAN
+> services console with the following
+ command: <B
+CLASS="COMMAND"
+>services.msc</B
+>.  If you do not take the manual step
+ of modifying <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> service settings, it will
+ not start.  Note too that you will need to give Privoxy a user account that
+ actually exists, or it will not be permitted to 
+ write to its log and configuration files.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="INSTALLATION-PACK-BINTGZ"
+>2.1.4. Solaris</A
+></H3
+><P
+> Create a new directory, <TT
+CLASS="LITERAL"
+>cd</TT
+> to it, then unzip and
+ untar the archive. For the most part, you'll have to figure out where
+ things go. </P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="INSTALLATION-OS2"
+>2.1.5. OS/2</A
+></H3
+><P
+> First, make sure that no previous installations of
+ <SPAN
+CLASS="APPLICATION"
+>Junkbuster</SPAN
+> and / or 
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> are left on your
+ system. Check that no <SPAN
+CLASS="APPLICATION"
+>Junkbuster</SPAN
+>
+ or <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> objects are in
+ your startup folder.
</P
+><P
+> Then, just double-click the WarpIN self-installing archive, which will
+ guide you through the installation process. A shadow of the
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> executable will be placed in your
+ startup folder so it will start automatically whenever OS/2 starts.</P
+><P
+> The directory you choose to install <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ into will contain all of the configuration files.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="INSTALLATION-MAC"
+>2.1.6. Mac OS X</A
+></H3
+><P
+> Unzip the downloaded file (you can either double-click on the zip file
+ icon from the Finder, or from the desktop if you downloaded it there).
+ Then, double-click on the package installer icon and follow the
+ installation process.</P
+><P
+> The privoxy service will automatically start after a successful
+ installation (in addition to every time your computer starts up).  To
+ prevent the privoxy service from automatically starting when your
+ computer starts up, remove or rename the folder named
+ <TT
+CLASS="LITERAL"
+>/Library/StartupItems/Privoxy</TT
+>. </P
+><P
+> To manually start or stop the privoxy service, use the Privoxy Utility
+ for Mac OS X.  This application controls the privoxy service (e.g.
+ starting and stopping the service as well as uninstalling the software).</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="INSTALLATION-AMIGA"
+>2.1.7. AmigaOS</A
+></H3
+><P
+> Copy and then unpack the <TT
+CLASS="FILENAME"
+>lha</TT
+> archive to a suitable location. 
+ All necessary files will be installed into <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ directory, including all configuration and log files. To uninstall, just 
+ remove this directory.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="INSTALLATION-TBZ"
+>2.1.8. FreeBSD</A
+></H3
+><P
+> Privoxy is part of FreeBSD's Ports Collection, you can build and install
+ it with <TT
+CLASS="LITERAL"
+>cd /usr/ports/www/privoxy; make install clean</TT
+>.</P
+><P
+> If you don't use the ports, you can fetch and install
+ the package with <TT
+CLASS="LITERAL"
+>pkg_add -r privoxy</TT
+>.</P
+><P
+> The port skeleton and the package can also be downloaded from the
+ <A
+HREF="https://sourceforge.net/project/showfiles.php?group_id=11118"
+TARGET="_top"
+>File Release
+ Page</A
+>, but there's no reason to use them unless you're interested in the
+ beta releases which are only available there.</P
+></DIV
+><DIV
+CLASS="SECT3"
+><H3
+CLASS="SECT3"
+><A
+NAME="INSTALLATTION-GENTOO"
+>2.1.9. Gentoo</A
+></H3
+><P
+> Gentoo source packages (Ebuilds) for <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> are 
+ contained in the Gentoo  Portage Tree (they are not on the download page, 
+ but there is a Gentoo section, where you can see when a new 
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> Version is added to the  Portage Tree).</P
+><P
+> Before installing <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> under Gentoo just do 
+ first <TT
+CLASS="LITERAL"
+>emerge --sync</TT
+> to get the latest changes from the 
+ Portage tree. With <TT
+CLASS="LITERAL"
+>emerge privoxy</TT
+> you install the latest 
+ version.</P
+><P
+> Configuration files are in <TT
+CLASS="FILENAME"
+>/etc/privoxy</TT
+>, the 
+ documentation is in <TT
+CLASS="FILENAME"
+>/usr/share/doc/privoxy-3.0.12</TT
+>
+ and the Log directory is in <TT
+CLASS="FILENAME"
+>/var/log/privoxy</TT
+>.</P
+></DIV
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="INSTALLATION-SOURCE"
+>2.2. Building from Source</A
+></H2
+><P
+> The most convenient way to obtain the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> sources
+ is to download the source tarball from our 
+ <A
+HREF="http://sourceforge.net/project/showfiles.php?group_id=11118&package_id=10571"
+TARGET="_top"
+>project download
+ page</A
+>.</P
+><P
+> If you like to live on the bleeding edge and are not afraid of using
+ possibly unstable development versions, you can check out the up-to-the-minute
+ version directly from <A
+HREF="http://sourceforge.net/cvs/?group_id=11118"
+TARGET="_top"
+>the
+ CVS repository</A
+>. </P
+><P
+> To build <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> from source, 
+ <A
+HREF="http://www.gnu.org/software/autoconf/autoconf.html"
+TARGET="_top"
+>autoconf</A
+>,
+ <A
+HREF="http://www.gnu.org/software/make/make.html"
+TARGET="_top"
+>GNU make
+ (gmake)</A
+>, and, of course, a C compiler like <A
+HREF="http://www.gnu.org/software/gcc/gcc.html"
+TARGET="_top"
+>gcc</A
+> are required.</P
+><P
+> When building from a source tarball,
+ first unpack the source: </P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> tar xzvf privoxy-3.0.12-stable-src.tar.gz
+ cd privoxy-3.0.12-stable</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> For retrieving the current CVS sources, you'll need a CVS client installed.
+ Note that sources from CVS are typically development quality, and may not be
+ stable, or well tested. To download CVS source, check the Sourceforge
+ documentation, which might give commands like:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  cvs -d:pserver:anonymous at ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa login
+  cvs -z3 -d:pserver:anonymous at ijbswa.cvs.sourceforge.net:/cvsroot/ijbswa co current
+  cd current</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> This will create a directory named <TT
+CLASS="FILENAME"
+>current/</TT
+>, which will 
+ contain the source tree.</P
+><P
+> You can also check out any <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ <SPAN
+CLASS="QUOTE"
+>"branch"</SPAN
+>, just exchange the <SPAN
+CLASS="APPLICATION"
+>current</SPAN
+>
+ name with the wanted branch name (Example: v_3_0_branch for the 3.0 cvs
+ tree).</P
+><P
+> It is also strongly recommended to not run <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ as root. You should configure/install/run <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> as
+ an unprivileged user, preferably by  creating a <SPAN
+CLASS="QUOTE"
+>"privoxy"</SPAN
+> user
+ and group just for this purpose. See your local documentation for the correct
+ command line to do add new users and groups (something like
+ <B
+CLASS="COMMAND"
+>adduser</B
+>, but the command syntax may vary from platform
+ to platform). </P
+><P
+> <TT
+CLASS="FILENAME"
+>/etc/passwd</TT
+> might then look like:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  privoxy:*:7777:7777:privoxy proxy:/no/home:/no/shell</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> And then <TT
+CLASS="FILENAME"
+>/etc/group</TT
+>, like:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  privoxy:*:7777:</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Some binary packages may do this for you.</P
+><P
+> Then, to build from either unpacked tarball or CVS source:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> autoheader
+ autoconf
+ ./configure      # (--help to see options)
+ make             # (the make from GNU, sometimes called gmake) 
+ su               # Possibly required
+ make -n install  # (to see where all the files will go)
+ make -s install  # (to really install, -s to silence output)</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+>  Using GNU <B
+CLASS="COMMAND"
+>make</B
+>, you can have the first four steps
+  automatically done for you by just typing:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+>  make</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+>  in the freshly downloaded or unpacked source directory.</P
+><P
+> To build an executable with security enhanced features so that 
+ users cannot easily bypass the proxy (e.g. <SPAN
+CLASS="QUOTE"
+>"Go There Anyway"</SPAN
+>), or
+ alter their own configurations, <B
+CLASS="COMMAND"
+>configure</B
+> like this:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> ./configure  --disable-toggle  --disable-editor  --disable-force</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+>Then build as above. In Privoxy 3.0.7 and later, all of these options
+can also be disabled through the configuration file.</P
+><P
+> <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>WARNING:</I
+></SPAN
+> If installing as root, the install will fail
+ unless a non-root user or group is specified, or a <TT
+CLASS="LITERAL"
+>privoxy</TT
+>
+ user and group already exist on the system. If a non-root user is specified,
+ and no group, then the installation will try to also use a group of the same name
+ as <SPAN
+CLASS="QUOTE"
+>"user"</SPAN
+>. If a group is specified (and no user), then the
+ support files will be installed as writable by that group, and owned by the
+ user running the installation.</P
+><P
+> <B
+CLASS="COMMAND"
+>configure</B
+> accepts <TT
+CLASS="LITERAL"
+>--with-user</TT
+> and
+ <TT
+CLASS="LITERAL"
+>--with-group</TT
+> options for setting user and group ownership
+ of the configuration files (which need to be writable by the daemon). The
+ specified <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>user must already exist</I
+></SPAN
+>. When starting
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, it must be run as this same user to
+ insure write access to configuration and log files!</P
+><P
+> Alternately, you can specify <TT
+CLASS="LITERAL"
+>user</TT
+> and <TT
+CLASS="LITERAL"
+>group</TT
+>
+ on the <B
+CLASS="COMMAND"
+>make</B
+> command line, but be sure both already exist:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> make -s install  USER=privoxy GROUP=privoxy</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> The default installation path for <B
+CLASS="COMMAND"
+>make install</B
+> is 
+ <TT
+CLASS="FILENAME"
+>/usr/local</TT
+>. This may of course be customized with 
+ the various <B
+CLASS="COMMAND"
+>./configure</B
+> path options. If you are doing 
+ an install to anywhere besides <TT
+CLASS="FILENAME"
+>/usr/local</TT
+>, be
+ sure to set the appropriate paths with the correct configure options
+ (<B
+CLASS="COMMAND"
+>./configure --help</B
+>). Non-privileged users must of course
+ have write access permissions to wherever the target installation is going.</P
+><P
+> If you do install to <TT
+CLASS="FILENAME"
+>/usr/local</TT
+>, the install will use
+ <TT
+CLASS="LITERAL"
+>sysconfdir=$prefix/etc/privoxy</TT
+> by default. All other
+ destinations, and the direct usage of <TT
+CLASS="LITERAL"
+>--sysconfdir</TT
+> flag
+ behave like normal, i.e. will not add the extra <TT
+CLASS="FILENAME"
+>privoxy</TT
+>
+ directory. This is for a safer install, as there may already exist another
+ program that uses a file with the <SPAN
+CLASS="QUOTE"
+>"config"</SPAN
+> name, and thus makes
+ <TT
+CLASS="FILENAME"
+>/usr/local/etc</TT
+> cleaner.</P
+><P
+> If installing to <TT
+CLASS="FILENAME"
+>/usr/local</TT
+>, the documentation will go
+ by default to <TT
+CLASS="FILENAME"
+>$prefix/share/doc</TT
+>. But if this directory
+ doesn't exist, it will then try <TT
+CLASS="FILENAME"
+>$prefix/doc</TT
+> and install
+ there before creating a new <TT
+CLASS="FILENAME"
+>$prefix/share/doc</TT
+> just for
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>.</P
+><P
+> Again, if the installs goes to <TT
+CLASS="FILENAME"
+>/usr/local</TT
+>, the
+ <TT
+CLASS="LITERAL"
+>localstatedir</TT
+> (ie: <TT
+CLASS="FILENAME"
+>var/</TT
+>) will default
+ to <TT
+CLASS="FILENAME"
+>/var</TT
+> instead of <TT
+CLASS="LITERAL"
+>$prefix/var</TT
+> so
+ the logs will go to <TT
+CLASS="FILENAME"
+>/var/log/privoxy/</TT
+>, and the pid file
+ will be created in <TT
+CLASS="FILENAME"
+>/var/run/privoxy.pid</TT
+>. </P
+><P
+> <B
+CLASS="COMMAND"
+>make install</B
+> will attempt to set the correct values 
+ in <TT
+CLASS="FILENAME"
+>config</TT
+> (main configuration file). You should  
+ check this to make sure all values are correct. If appropriate,
+ an init script will be installed, but it is up to the user to determine 
+ how and where to start <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>. The init 
+ script should be checked for correct paths and values, if anything other than
+ a default install is done.</P
+><P
+> If install finds previous versions of local configuration files, most of
+ these will not be overwritten, and the new ones will be installed with a
+ <SPAN
+CLASS="QUOTE"
+>"new"</SPAN
+> extension. default.action and default.filter
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>will be overwritten</I
+></SPAN
+>. You will then need
+ to manually update the other installed configuration files as needed. The
+ default template files <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>will</I
+></SPAN
+> be overwritten. If you have
+ customized, local templates, these should be stored safely in a separate
+ directory and defined in <TT
+CLASS="FILENAME"
+>config</TT
+> by the
+ <SPAN
+CLASS="QUOTE"
+>"templdir"</SPAN
+> directive. It is of course wise to always back-up any
+ important configuration files <SPAN
+CLASS="QUOTE"
+>"just in case"</SPAN
+>. If a previous
+ version of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is already running, you will
+ have to restart it manually.</P
+><P
+> For more detailed instructions on how to build Redhat RPMs,
+ Windows self-extracting installers, building on platforms with
+ special requirements etc, please consult the <A
+HREF="http://www.privoxy.org/developer-manual/newrelease.html"
+TARGET="_top"
+>developer manual</A
+>.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="INSTALLATION-KEEPUPDATED"
+>2.3. Keeping your Installation Up-to-Date</A
+></H2
+><P
+> As user feedback comes in and development continues, we will make updated versions
+ of both the main <A
+HREF="actions-file.html"
+>actions file</A
+> (as a <A
+HREF="http://sourceforge.net/project/showfiles.php?group_id=11118&release_id=103670"
+TARGET="_top"
+>separate
+ package</A
+>) and the software itself (including the actions file) available for
+ download.</P
+><P
+> If you wish to receive an email notification whenever we release updates of
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> or the actions file, <A
+HREF="http://lists.sourceforge.net/lists/listinfo/ijbswa-announce/"
+TARGET="_top"
+>subscribe
+ to our announce  mailing list</A
+>, ijbswa-announce at lists.sourceforge.net.</P
+><P
+> In order not to lose your personal changes and adjustments when updating
+ to the latest <TT
+CLASS="LITERAL"
+>default.action</TT
+> file we <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>strongly
+ recommend</I
+></SPAN
+> that you use <TT
+CLASS="LITERAL"
+>user.action</TT
+> and 
+ <TT
+CLASS="LITERAL"
+>user.filter</TT
+> for your local
+ customizations of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>. See the <A
+HREF="actions-file.html"
+>Chapter on actions files</A
+> for details.</P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="introduction.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="whatsnew.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Introduction</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>What's New in this Release</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/user-manual/introduction.html b/external/privoxy/doc/webserver/user-manual/introduction.html
new file mode 100644
index 0000000..aad9cc0
--- /dev/null
+++ b/external/privoxy/doc/webserver/user-manual/introduction.html
@@ -0,0 +1,292 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Introduction</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy 3.0.12 User Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Privoxy 3.0.12 User Manual"
+HREF="index.html"><LINK
+REL="NEXT"
+TITLE="Installation"
+HREF="installation.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
+<LINK REL="STYLESHEET" TYPE="text/css" HREF="p_doc.css">
+</head
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy 3.0.12 User Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="index.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="installation.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="INTRODUCTION"
+>1. Introduction</A
+></H1
+><P
+> This documentation is included with the current stable version of
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, v.3.0.12.</P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="FEATURES"
+>1.1. Features</A
+></H2
+><P
+> In addition to the core 
+ features of ad blocking and 
+ <A
+HREF="http://en.wikipedia.org/wiki/Browser_cookie"
+TARGET="_top"
+>cookie</A
+> management,
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> provides many supplemental
+ features, 
+ that give the end-user more control, more privacy and more freedom:</P
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>     Can keep outgoing connections alive and reuse them later on.
+  </P
+></LI
+><LI
+><P
+>     Supports tagging which allows to change the behaviour
+     based on client and server headers.
+  </P
+></LI
+><LI
+><P
+>     Can be run as an "intercepting" proxy, which obviates the need to
+     configure browsers individually.
+  </P
+></LI
+><LI
+><P
+>     Sophisticated actions and filters for manipulating both server and client
+     headers. 
+   </P
+></LI
+><LI
+><P
+>     Can be chained with other proxies.
+  </P
+></LI
+><LI
+><P
+>   Integrated browser based configuration and control utility at <A
+HREF="http://config.privoxy.org/"
+TARGET="_top"
+>http://config.privoxy.org/</A
+>
+   (shortcut: <A
+HREF="http://p.p/"
+TARGET="_top"
+>http://p.p/</A
+>). Browser-based
+   tracing of rule and filter effects. Remote toggling.
+  </P
+></LI
+><LI
+><P
+>   Web page filtering (text replacements, removes banners based on size,
+   invisible <SPAN
+CLASS="QUOTE"
+>"web-bugs"</SPAN
+>, JavaScript and HTML annoyances, 
+   pop-up windows, etc.)
+  </P
+></LI
+><LI
+><P
+>   Modularized configuration that allows for standard settings and
+   user settings to reside in separate files, so that installing updated
+   actions files won't overwrite individual user settings.
+  </P
+></LI
+><LI
+><P
+>   Support for Perl Compatible Regular Expressions in the configuration files, and 
+   a more sophisticated and flexible configuration syntax.
+  </P
+></LI
+><LI
+><P
+>   Improved cookie management features (e.g. session based cookies).
+  </P
+></LI
+><LI
+><P
+>   GIF de-animation. 
+  </P
+></LI
+><LI
+><P
+>   Bypass many click-tracking scripts (avoids script redirection).
+  </P
+></LI
+><LI
+><P
+>   Multi-threaded (POSIX and native threads).
+  </P
+></LI
+><LI
+><P
+>   User-customizable HTML templates for most proxy-generated pages (e.g. "blocked" page).
+  </P
+></LI
+><LI
+><P
+>   Auto-detection and re-reading of config file changes.
+  </P
+></LI
+><LI
+><P
+>   Improved signal handling, and a true daemon mode (Unix).
+  </P
+></LI
+><LI
+><P
+>   Every feature now controllable on a per-site or per-location basis, configuration
+   more powerful and versatile over-all.
+  </P
+></LI
+><LI
+><P
+>   Many smaller new features added, limitations and bugs removed.
+  </P
+></LI
+></UL
+></P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="installation.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Privoxy 3.0.12 User Manual</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Installation</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/user-manual/proxy2.jpg b/external/privoxy/doc/webserver/user-manual/proxy2.jpg
new file mode 100644
index 0000000..e6c50dc
Binary files /dev/null and b/external/privoxy/doc/webserver/user-manual/proxy2.jpg differ
diff --git a/external/privoxy/doc/webserver/user-manual/proxy_setup.jpg b/external/privoxy/doc/webserver/user-manual/proxy_setup.jpg
new file mode 100644
index 0000000..9e80f97
Binary files /dev/null and b/external/privoxy/doc/webserver/user-manual/proxy_setup.jpg differ
diff --git a/external/privoxy/doc/webserver/user-manual/quickstart.html b/external/privoxy/doc/webserver/user-manual/quickstart.html
new file mode 100644
index 0000000..0393689
--- /dev/null
+++ b/external/privoxy/doc/webserver/user-manual/quickstart.html
@@ -0,0 +1,943 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Quickstart to Using Privoxy</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy 3.0.12 User Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="What's New in this Release"
+HREF="whatsnew.html"><LINK
+REL="NEXT"
+TITLE="Starting Privoxy"
+HREF="startup.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
+<LINK REL="STYLESHEET" TYPE="text/css" HREF="p_doc.css">
+</head
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy 3.0.12 User Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="whatsnew.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="startup.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="QUICKSTART"
+>4. Quickstart to Using Privoxy</A
+></H1
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>  Install <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>. See the <A
+HREF="installation.html"
+>Installation Section</A
+> below for platform specific
+  information. 
+ </P
+></LI
+><LI
+><P
+>   Advanced users and those who want to offer <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+   service to more than just their local machine should check the <A
+HREF="config.html"
+>main config file</A
+>, especially the <A
+HREF="config.html#ACCESS-CONTROL"
+>security-relevant</A
+> options. These are 
+   off by default.
+  </P
+></LI
+><LI
+><P
+>  Start <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>, if the installation program has
+  not done this already (may vary according to platform). See the section
+  <A
+HREF="startup.html"
+>Starting <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+></A
+>.
+  </P
+></LI
+><LI
+><P
+>   Set your browser to use <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> as HTTP and
+   HTTPS (SSL)  <A
+HREF="http://en.wikipedia.org/wiki/Proxy_server"
+TARGET="_top"
+>proxy</A
+>
+   by setting the proxy configuration for address of
+   <TT
+CLASS="LITERAL"
+>127.0.0.1</TT
+> and port <TT
+CLASS="LITERAL"
+>8118</TT
+>.
+   <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>DO NOT</I
+></SPAN
+> activate proxying for <TT
+CLASS="LITERAL"
+>FTP</TT
+> or 
+   any protocols besides HTTP and HTTPS (SSL) unless you intend to prevent your
+   browser from using these protocols.
+  </P
+></LI
+><LI
+><P
+>    Flush your browser's disk and memory caches, to remove any cached ad images.
+    If using <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to manage 
+    <A
+HREF="http://en.wikipedia.org/wiki/Browser_cookie"
+TARGET="_top"
+>cookies</A
+>,
+    you should remove any currently stored cookies too.
+  </P
+></LI
+><LI
+><P
+>   A default installation should provide a reasonable starting point for 
+   most. There will undoubtedly be occasions where you will want to adjust the
+   configuration, but that can be dealt with as the need arises. Little 
+   to no initial configuration is required in most cases, you may want
+   to enable the
+   <A
+HREF="config.html#ENABLE-EDIT-ACTIONS"
+TARGET="_top"
+>web-based action editor</A
+> though.
+   Be sure to read the warnings first.
+  </P
+><P
+>   See the <A
+HREF="configuration.html"
+>Configuration section</A
+> for more
+   configuration options, and how to customize your installation.
+   You might also want to look at the <A
+HREF="quickstart.html#QUICKSTART-AD-BLOCKING"
+>next section</A
+> for a quick
+   introduction to how <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> blocks ads and
+   banners.</P
+></LI
+><LI
+><P
+>    If you experience ads that slip through, innocent images that are
+    blocked, or otherwise feel the need to fine-tune
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> behavior, take a look at the <A
+HREF="actions-file.html"
+>actions files</A
+>. As a quick start, you might
+    find the <A
+HREF="actions-file.html#ACT-EXAMPLES"
+>richly commented examples</A
+>
+    helpful. You can also view and edit the actions files through the <A
+HREF="http://config.privoxy.org"
+TARGET="_top"
+>web-based user interface</A
+>. The
+    Appendix <SPAN
+CLASS="QUOTE"
+>"<A
+HREF="appendix.html#ACTIONSANAT"
+>Troubleshooting: Anatomy of an
+    Action</A
+>"</SPAN
+> has hints on how to understand and debug actions that
+    <SPAN
+CLASS="QUOTE"
+>"misbehave"</SPAN
+>.
+  </P
+></LI
+><LI
+><P
+>   Please see the section <A
+HREF="contact.html"
+>Contacting the
+   Developers</A
+> on how to report bugs, problems with websites or to get
+   help. 
+  </P
+></LI
+><LI
+><P
+>   Now enjoy surfing with enhanced control, comfort and privacy!
+  </P
+></LI
+></UL
+></P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="QUICKSTART-AD-BLOCKING"
+>4.1. Quickstart to Ad Blocking</A
+></H2
+><P
+> Ad blocking is but one of <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+>
+ array of features. Many of these features are for the technically minded advanced 
+ user. But, ad and banner blocking is surely common ground for everybody.</P
+><P
+> 
+ This section will provide a quick summary of ad blocking so 
+ you can get up to speed quickly without having to read the more extensive
+ information provided below, though this is highly recommended.</P
+><P
+> First a bit of a warning ... blocking ads is much like blocking SPAM: the
+ more aggressive you are about it, the more likely you are to block 
+ things that were not intended. And the more likely that some things 
+ may not work as intended. So there is a trade off here. If you want
+ extreme ad free browsing, be prepared to deal with more
+ <SPAN
+CLASS="QUOTE"
+>"problem"</SPAN
+> sites, and to spend more time adjusting the
+ configuration to solve these unintended consequences. In short, there is 
+ not an easy way to eliminate <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>all</I
+></SPAN
+> ads. Either take 
+ the easy way and settle for <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>most</I
+></SPAN
+> ads blocked with the
+ default configuration, or jump in and tweak it for your personal surfing
+ habits and preferences.</P
+><P
+> Secondly, a brief explanation of <SPAN
+CLASS="APPLICATION"
+>Privoxy's </SPAN
+>
+ <SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+>. <SPAN
+CLASS="QUOTE"
+>"Actions"</SPAN
+> in this context, are 
+ the directives we use to tell <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to perform
+ some task relating to HTTP transactions (i.e. web browsing). We tell
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to take some <SPAN
+CLASS="QUOTE"
+>"action"</SPAN
+>. Each
+ action has a unique name and function. While there are many potential
+ <SPAN
+CLASS="APPLICATION"
+>actions</SPAN
+> in <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+>
+ arsenal, only a few are used for ad blocking. <A
+HREF="actions-file.html#ACTIONS"
+>Actions</A
+>, and <A
+HREF="actions-file.html"
+>action
+ configuration files</A
+>, are explained in depth below.</P
+><P
+> Actions are specified in <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> configuration,
+ followed by one or more URLs to which the action should apply. URLs 
+ can actually be URL type <A
+HREF="actions-file.html#AF-PATTERNS"
+>patterns</A
+> that use
+ wildcards so they can apply potentially to a range of similar URLs. The
+ actions, together with the URL patterns are called a section.</P
+><P
+> When you connect to a website, the full URL will either match one or more
+ of the sections as defined in <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> configuration,
+ or not. If so, then <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will perform the
+ respective actions. If not, then nothing special happens. Furthermore, web
+ pages may contain embedded, secondary URLs that your web browser will
+ use to load additional components of the page, as it parses the
+ original page's HTML content. An ad image for instance, is just an URL
+ embedded in the page somewhere. The image itself may be on the same server,
+ or a server somewhere else on the Internet. Complex web pages will have many
+ such embedded URLs. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can deal with each URL individually, so, for
+ instance, the main page text is not touched, but images from such-and-such
+ server are blocked.</P
+><P
+> The most important actions for basic ad blocking are:  <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+>, <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#HANDLE-AS-IMAGE"
+>handle-as-image</A
+></TT
+>, 
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#HANDLE-AS-EMPTY-DOCUMENT"
+>handle-as-empty-document</A
+></TT
+>,and
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#SET-IMAGE-BLOCKER"
+>set-image-blocker</A
+></TT
+>:</P
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>   <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+> - this is perhaps 
+   the single most used action, and is particularly important for ad blocking.
+   This action stops any contact between your browser and any URL patterns
+   that match this action's configuration. It can be used for blocking ads,
+   but also anything that is determined to be unwanted. By itself, it simply
+   stops any communication with the remote server and sends
+   <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>'s own built-in BLOCKED page instead to
+   let you now what has happened (with some exceptions, see below).
+  </P
+></LI
+><LI
+><P
+>   <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#HANDLE-AS-IMAGE"
+>handle-as-image</A
+></TT
+> - 
+   tells <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to treat this URL as an image.
+   <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>'s default configuration already does this
+   for all common image types (e.g. GIF), but there are many situations where this
+   is not so easy to determine. So we'll force it in these cases. This is particularly
+   important for ad blocking, since  only if we know that it's an image of
+   some kind, can we replace it with an image of our choosing, instead of the 
+   <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> BLOCKED page (which would only result in
+   a <SPAN
+CLASS="QUOTE"
+>"broken image"</SPAN
+> icon). There are some limitations to this
+   though. For instance, you can't just brute-force an image substitution for
+   an entire HTML page in most situations.
+  </P
+></LI
+><LI
+><P
+>   <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#HANDLE-AS-EMPTY-DOCUMENT"
+>handle-as-empty-document</A
+></TT
+> - 
+   sends an empty document instead of <SPAN
+CLASS="APPLICATION"
+>Privoxy's</SPAN
+> 
+   normal BLOCKED HTML page. This is useful for file types that are neither 
+   HTML nor images, such as blocking JavaScript files.
+  </P
+></LI
+><LI
+><P
+>   <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#SET-IMAGE-BLOCKER"
+>set-image-blocker</A
+></TT
+> - tells
+   <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> what to display in place of an ad image that
+   has hit a block rule. For this to come into play, the URL must match a
+   <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+> action somewhere in the
+   configuration, <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>and</I
+></SPAN
+>, it must also match an
+   <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#HANDLE-AS-IMAGE"
+>handle-as-image</A
+></TT
+> action.
+  </P
+><P
+>   The configuration options on what to display instead of the ad are:
+  </P
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>       <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>pattern</I
+></SPAN
+> - a checkerboard pattern, so that an ad 
+    replacement is obvious. This is the default.
+   </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>       <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>blank</I
+></SPAN
+> - A very small empty GIF image is displayed.
+    This is the so-called <SPAN
+CLASS="QUOTE"
+>"invisible"</SPAN
+> configuration option.
+   </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+><P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>       <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>http://<URL></I
+></SPAN
+> - A redirect to any image anywhere
+    of the user's choosing (advanced usage).
+   </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+></LI
+></UL
+></P
+><P
+> Advanced users will eventually want to explore <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#FILTER"
+>filters</A
+></TT
+> as well. Filters 
+ are very different from <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>blocks</A
+></TT
+>.
+ A <SPAN
+CLASS="QUOTE"
+>"block"</SPAN
+> blocks a site, page, or unwanted contented. Filters
+ are a way of filtering or modifying what is actually on the page. An example
+ filter usage: a text replacement of <SPAN
+CLASS="QUOTE"
+>"no-no"</SPAN
+> for
+ <SPAN
+CLASS="QUOTE"
+>"nasty-word"</SPAN
+>. That is a very simple example. This process can be
+ used for ad blocking, but it is more in the realm of advanced usage and has
+ some pitfalls to be wary off.</P
+><P
+> The quickest way to adjust any of these settings is with your browser through
+ the special <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> editor at <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>http://config.privoxy.org/show-status</A
+>
+ (shortcut: <A
+HREF="http://p.p/"
+TARGET="_top"
+>http://p.p/show-status</A
+>). This 
+ is an internal page, and does not require Internet access.</P
+><P
+> Note that as of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> 3.0.7 beta the
+ action editor is disabled by default. Check the
+ <A
+HREF="config.html#ENABLE-EDIT-ACTIONS"
+TARGET="_top"
+>enable-edit-actions
+  section in the configuration file</A
+> to learn why and in which
+ cases it's safe to enable again.</P
+><P
+> If you decided to enable the action editor, select the appropriate
+ <SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+> file, and click
+ <SPAN
+CLASS="QUOTE"
+>"<SPAN
+CLASS="GUIBUTTON"
+>Edit</SPAN
+>"</SPAN
+>. It is best to put personal or
+ local preferences in <TT
+CLASS="FILENAME"
+>user.action</TT
+> since this is not
+ meant to be overwritten during upgrades, and will over-ride the settings in
+ other files. Here you can insert new <SPAN
+CLASS="QUOTE"
+>"actions"</SPAN
+>, and URLs for ad
+ blocking or other purposes, and make other adjustments to the configuration.
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will detect these changes automatically.</P
+><P
+> A quick and simple step by step example:</P
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>     Right click on the ad image to be blocked, then select 
+     <SPAN
+CLASS="QUOTE"
+>"<SPAN
+CLASS="GUIMENUITEM"
+>Copy Link Location</SPAN
+>"</SPAN
+> from the
+     pop-up menu. 
+   </P
+></LI
+><LI
+><P
+>    Set your browser to 
+    <A
+HREF="http://config.privoxy.org/show-status"
+TARGET="_top"
+>http://config.privoxy.org/show-status</A
+>
+   </P
+></LI
+><LI
+><P
+>    Find <TT
+CLASS="FILENAME"
+>user.action</TT
+> in the top section, and click 
+    on <SPAN
+CLASS="QUOTE"
+>"<SPAN
+CLASS="GUIBUTTON"
+>Edit</SPAN
+>"</SPAN
+>:
+   </P
+><P
+>  <DIV
+CLASS="FIGURE"
+><A
+NAME="AEN530"
+></A
+><P
+><B
+>Figure 1. Actions Files in Use</B
+></P
+><DIV
+CLASS="MEDIAOBJECT"
+><P
+><IMG
+SRC="files-in-use.jpg"></P
+></DIV
+></DIV
+>
+ </P
+></LI
+><LI
+><P
+>   You should have a section with only
+   <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+> listed under 
+   <SPAN
+CLASS="QUOTE"
+>"Actions:"</SPAN
+>.
+   If not, click a <SPAN
+CLASS="QUOTE"
+>"<SPAN
+CLASS="GUIBUTTON"
+>Insert new section below</SPAN
+>"</SPAN
+>
+   button, and in the new section that just appeared, click the 
+   <SPAN
+CLASS="GUIBUTTON"
+>Edit</SPAN
+> button right under the word <SPAN
+CLASS="QUOTE"
+>"Actions:"</SPAN
+>.
+   This will bring up a list of all actions. Find
+   <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+> near the top, and click
+   in the <SPAN
+CLASS="QUOTE"
+>"Enabled"</SPAN
+> column, then <SPAN
+CLASS="QUOTE"
+>"<SPAN
+CLASS="GUIBUTTON"
+>Submit</SPAN
+>"</SPAN
+>
+   just below the list.
+  </P
+></LI
+><LI
+><P
+>   Now, in the <TT
+CLASS="LITERAL"
+><A
+HREF="actions-file.html#BLOCK"
+>block</A
+></TT
+> actions section,
+   click the <SPAN
+CLASS="QUOTE"
+>"<SPAN
+CLASS="GUIBUTTON"
+>Add</SPAN
+>"</SPAN
+> button, and paste the URL the
+   browser got from <SPAN
+CLASS="QUOTE"
+>"<SPAN
+CLASS="GUIMENUITEM"
+>Copy Link Location</SPAN
+>"</SPAN
+>.
+   Remove the <TT
+CLASS="LITERAL"
+>http://</TT
+> at the beginning of the URL. Then, click
+   <SPAN
+CLASS="QUOTE"
+>"<SPAN
+CLASS="GUIBUTTON"
+>Submit</SPAN
+>"</SPAN
+> (or
+   <SPAN
+CLASS="QUOTE"
+>"<SPAN
+CLASS="GUIBUTTON"
+>OK</SPAN
+>"</SPAN
+> if in a pop-up window).
+  </P
+></LI
+><LI
+><P
+>   Now go back to the original page, and press <B
+CLASS="KEYCAP"
+>SHIFT-Reload</B
+>
+   (or flush all browser caches). The image should be gone now.
+  </P
+></LI
+></UL
+></P
+><P
+> This is a very crude and simple example. There might be good reasons to use a 
+ wildcard pattern match to include potentially similar images from the same
+ site. For a more extensive explanation of <SPAN
+CLASS="QUOTE"
+>"patterns"</SPAN
+>, and 
+ the entire actions concept, see <A
+HREF="actions-file.html"
+>the Actions
+ section</A
+>.</P
+><P
+> For advanced users who want to hand edit their config files, you might want
+ to now go to the <A
+HREF="actions-file.html#ACT-EXAMPLES"
+>Actions Files Tutorial</A
+>.
+ The ideas explained therein also apply to the web-based editor.</P
+><P
+> There are also various 
+ <A
+HREF="actions-file.html#FILTER"
+>filters</A
+> that can be used for ad blocking 
+ (filters are a special subset of actions). These 
+ fall into the <SPAN
+CLASS="QUOTE"
+>"advanced"</SPAN
+> usage category, and are explained in
+ depth in later sections. </P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="whatsnew.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="startup.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>What's New in this Release</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Starting Privoxy</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/user-manual/seealso.html b/external/privoxy/doc/webserver/user-manual/seealso.html
new file mode 100644
index 0000000..93a8b2d
--- /dev/null
+++ b/external/privoxy/doc/webserver/user-manual/seealso.html
@@ -0,0 +1,418 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>See Also</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy 3.0.12 User Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Privoxy Copyright, License and History"
+HREF="copyright.html"><LINK
+REL="NEXT"
+TITLE="Appendix"
+HREF="appendix.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
+<LINK REL="STYLESHEET" TYPE="text/css" HREF="p_doc.css">
+</head
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy 3.0.12 User Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="copyright.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="appendix.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="SEEALSO"
+>13. See Also</A
+></H1
+><P
+> Other references and sites of interest to <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ users:</P
+><P
+> <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.privoxy.org/"
+TARGET="_top"
+>http://www.privoxy.org/</A
+>, 
+   the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> Home page. 
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.privoxy.org/faq/"
+TARGET="_top"
+>http://www.privoxy.org/faq/</A
+>, 
+   the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> FAQ. 
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.privoxy.org/developer-manual/"
+TARGET="_top"
+>http://www.privoxy.org/developer-manual/</A
+>, 
+   the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> developer manual. 
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="https://sourceforge.net/projects/ijbswa/"
+TARGET="_top"
+>https://sourceforge.net/projects/ijbswa/</A
+>, 
+   the Project Page for <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> on 
+   <A
+HREF="http://sourceforge.net"
+TARGET="_top"
+>SourceForge</A
+>.
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://config.privoxy.org/"
+TARGET="_top"
+>http://config.privoxy.org/</A
+>,
+   the web-based user interface. <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> must be
+   running for this to work. Shortcut: <A
+HREF="http://p.p/"
+TARGET="_top"
+>http://p.p/</A
+>
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="https://sourceforge.net/tracker/?group_id=11118&atid=460288"
+TARGET="_top"
+>https://sourceforge.net/tracker/?group_id=11118&atid=460288</A
+>, to submit <SPAN
+CLASS="QUOTE"
+>"misses"</SPAN
+> and other
+   configuration related suggestions to the developers. 
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ 
+ 
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.junkbusters.com/ht/en/cookies.html"
+TARGET="_top"
+>http://www.junkbusters.com/ht/en/cookies.html</A
+>,
+   an explanation how cookies are used to track web users.
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.junkbusters.com/ijb.html"
+TARGET="_top"
+>http://www.junkbusters.com/ijb.html</A
+>,
+   the original Internet Junkbuster.
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.squid-cache.org/"
+TARGET="_top"
+>http://www.squid-cache.org/</A
+>, a popular
+   caching proxy, which is often used together with <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>.
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="http://www.pps.jussieu.fr/~jch/software/polipo/"
+TARGET="_top"
+>http://www.pps.jussieu.fr/~jch/software/polipo/</A
+>,
+   <SPAN
+CLASS="APPLICATION"
+>Polipo</SPAN
+> is a caching proxy with advanced features
+   like pipelining, multiplexing and caching of partial instances. In many setups
+   it can be used as <SPAN
+CLASS="APPLICATION"
+>Squid</SPAN
+> replacement.
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ <P
+></P
+><TABLE
+BORDER="0"
+><TBODY
+><TR
+><TD
+>   <A
+HREF="https://www.torproject.org/"
+TARGET="_top"
+>https://www.torproject.org/</A
+>, 
+   <SPAN
+CLASS="APPLICATION"
+>Tor</SPAN
+> can help anonymize web browsing, 
+   web publishing, instant messaging, IRC, SSH, and other applications.
+  </TD
+></TR
+></TBODY
+></TABLE
+><P
+></P
+>
+ </P
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="copyright.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="appendix.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Privoxy Copyright, License and History</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Appendix</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/user-manual/startup.html b/external/privoxy/doc/webserver/user-manual/startup.html
new file mode 100644
index 0000000..e4f0c23
--- /dev/null
+++ b/external/privoxy/doc/webserver/user-manual/startup.html
@@ -0,0 +1,902 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Starting Privoxy</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy 3.0.12 User Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Quickstart to Using Privoxy"
+HREF="quickstart.html"><LINK
+REL="NEXT"
+TITLE="Privoxy Configuration"
+HREF="configuration.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
+<LINK REL="STYLESHEET" TYPE="text/css" HREF="p_doc.css">
+</head
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy 3.0.12 User Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="quickstart.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="configuration.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="STARTUP"
+>5. Starting Privoxy</A
+></H1
+><P
+> Before launching <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> for the first time, you
+ will want to configure your browser(s) to use
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> as a HTTP and HTTPS (SSL) 
+ <A
+HREF="http://en.wikipedia.org/wiki/Proxy_server"
+TARGET="_top"
+>proxy</A
+>. The default is
+ 127.0.0.1 (or localhost) for the proxy address, and port 8118 (earlier versions
+ used port 8000). This is the one configuration step <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>that must be done</I
+></SPAN
+>!</P
+><P
+> Please note that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can only proxy HTTP and 
+ HTTPS traffic. It will not work with FTP or other protocols.</P
+><P
+>  <DIV
+CLASS="FIGURE"
+><A
+NAME="AEN585"
+></A
+><P
+><B
+>Figure 2. Proxy Configuration Showing
+  Mozilla/Netscape HTTP and HTTPS (SSL) Settings</B
+></P
+><DIV
+CLASS="MEDIAOBJECT"
+><P
+><IMG
+SRC="proxy_setup.jpg"></P
+></DIV
+></DIV
+>
+ </P
+><P
+> 
+ With <SPAN
+CLASS="APPLICATION"
+>Firefox</SPAN
+>, this is typically set under:</P
+><P
+CLASS="LITERALLAYOUT"
+> <SPAN
+CLASS="GUIBUTTON"
+>Tools</SPAN
+> -> <SPAN
+CLASS="GUIBUTTON"
+>Options</SPAN
+> ->  <SPAN
+CLASS="GUIBUTTON"
+>Advanced</SPAN
+> -> <SPAN
+CLASS="GUIBUTTON"
+>Network</SPAN
+> -><SPAN
+CLASS="GUIBUTTON"
+>Connection</SPAN
+> -> <SPAN
+CLASS="GUIBUTTON"
+>Settings</SPAN
+><br>
</P
+><P
+> 
+ Or optionally on some platforms:</P
+><P
+CLASS="LITERALLAYOUT"
+> <SPAN
+CLASS="GUIBUTTON"
+>Edit</SPAN
+> -> <SPAN
+CLASS="GUIBUTTON"
+>Preferences</SPAN
+> -> <SPAN
+CLASS="GUIBUTTON"
+>General</SPAN
+> -> <SPAN
+CLASS="GUIBUTTON"
+>Connection Settings</SPAN
+> -> <SPAN
+CLASS="GUIBUTTON"
+>Manual Proxy Configuration</SPAN
+><br>
</P
+><P
+> 
+ With <SPAN
+CLASS="APPLICATION"
+>Netscape</SPAN
+> (and
+ <SPAN
+CLASS="APPLICATION"
+>Mozilla</SPAN
+>), this can be set under:</P
+><P
+CLASS="LITERALLAYOUT"
+> <SPAN
+CLASS="GUIBUTTON"
+>Edit</SPAN
+> -> <SPAN
+CLASS="GUIBUTTON"
+>Preferences</SPAN
+> -> <SPAN
+CLASS="GUIBUTTON"
+>Advanced</SPAN
+> -> <SPAN
+CLASS="GUIBUTTON"
+>Proxies</SPAN
+> -> <SPAN
+CLASS="GUIBUTTON"
+>HTTP Proxy</SPAN
+><br>
</P
+><P
+> For <SPAN
+CLASS="APPLICATION"
+>Internet Explorer v.5-7</SPAN
+>: </P
+><P
+CLASS="LITERALLAYOUT"
+> <SPAN
+CLASS="GUIBUTTON"
+>Tools</SPAN
+> -> <SPAN
+CLASS="GUIBUTTON"
+>Internet Options</SPAN
+> -> <SPAN
+CLASS="GUIBUTTON"
+>Connections</SPAN
+> -> <SPAN
+CLASS="GUIBUTTON"
+>LAN Settings</SPAN
+></P
+><P
+> Then, check <SPAN
+CLASS="QUOTE"
+>"Use Proxy"</SPAN
+> and fill in the appropriate info
+ (Address: 127.0.0.1, Port: 8118). Include HTTPS (SSL), if you want HTTPS
+ proxy support too (sometimes labeled <SPAN
+CLASS="QUOTE"
+>"Secure"</SPAN
+>). Make sure any
+ checkboxes like <SPAN
+CLASS="QUOTE"
+>"Use the same proxy server for all protocols"</SPAN
+> is
+ <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>UNCHECKED</I
+></SPAN
+>. You want only HTTP and HTTPS (SSL)!</P
+><P
+>  <DIV
+CLASS="FIGURE"
+><A
+NAME="AEN630"
+></A
+><P
+><B
+>Figure 3. Proxy Configuration Showing
+  Internet Explorer HTTP and HTTPS (Secure) Settings</B
+></P
+><DIV
+CLASS="MEDIAOBJECT"
+><P
+><IMG
+SRC="proxy2.jpg"></P
+></DIV
+></DIV
+>
+ </P
+><P
+> After doing this, flush your browser's disk and memory caches to force a
+ re-reading of all pages and to get rid of any ads that may be cached. Remove 
+ any <A
+HREF="http://en.wikipedia.org/wiki/Browser_cookie"
+TARGET="_top"
+>cookies</A
+>,
+ if you want <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to manage that. You are now
+ ready to start enjoying the benefits of using
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>!</P
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> itself is typically started by specifying the
+ main configuration file to be used on the command line. If no configuration
+ file is specified on the command line, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ will look for a file named <TT
+CLASS="FILENAME"
+>config</TT
+> in the current
+ directory. Except on Win32 where it will try <TT
+CLASS="FILENAME"
+>config.txt</TT
+>.</P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="START-REDHAT"
+>5.1. Red Hat and Fedora</A
+></H2
+><P
+> A default Red Hat installation may not start <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> upon boot. It will use
+ the file <TT
+CLASS="FILENAME"
+>/etc/privoxy/config</TT
+> as its main configuration
+ file.</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> # /etc/rc.d/init.d/privoxy start</PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Or ...</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> # service privoxy start</PRE
+></TD
+></TR
+></TABLE
+></P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="START-DEBIAN"
+>5.2. Debian</A
+></H2
+><P
+> We use a script. Note that Debian typically starts <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> upon booting per
+ default.  It will use the file
+ <TT
+CLASS="FILENAME"
+>/etc/privoxy/config</TT
+> as its main configuration
+ file.</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> # /etc/init.d/privoxy start</PRE
+></TD
+></TR
+></TABLE
+></P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="START-WINDOWS"
+>5.3. Windows</A
+></H2
+><P
+>Click on the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> Icon to start <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>. If no configuration file is
+ specified on the command line, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will look
+ for a file named <TT
+CLASS="FILENAME"
+>config.txt</TT
+>. Note that Windows will
+ automatically start <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> when the system starts if you chose that option
+ when installing.</P
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> can run with full Windows service functionality.
+ On Windows only, the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> program has two new command line arguments
+ to install and uninstall <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> as a service. See the 
+ <A
+HREF="installation.html#INSTALLATION-PACK-WIN"
+>Windows Installation
+ instructions</A
+> for details.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="START-UNICES"
+>5.4. Solaris, NetBSD, FreeBSD, HP-UX and others</A
+></H2
+><P
+>Example Unix startup command:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> # /usr/sbin/privoxy /etc/privoxy/config</PRE
+></TD
+></TR
+></TABLE
+></P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="START-OS2"
+>5.5. OS/2</A
+></H2
+><P
+> During installation, <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is configured to
+ start automatically when the system restarts. You can start it manually by
+ double-clicking on the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> icon in the
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> folder.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="START-MACOSX"
+>5.6. Mac OS X</A
+></H2
+><P
+>  After downloading the privoxy software, unzip the downloaded file by
+  double-clicking on the zip file icon.  Then, double-click on the
+  installer package icon and follow the installation process.</P
+><P
+>  The privoxy service will automatically start after a successful
+  installation.  In addition, the privoxy service will automatically
+  start every time your computer starts up.</P
+><P
+>  To prevent the privoxy service from automatically starting when your
+  computer starts up, remove or rename the folder named
+  /Library/StartupItems/Privoxy.</P
+><P
+>  A simple application named Privoxy Utility has been created which
+  enables administrators to easily start and stop the privoxy service.</P
+><P
+>  In addition, the Privoxy Utility presents a simple way for
+  administrators to edit the various privoxy config files.  A method
+  to uninstall the software is also available.</P
+><P
+>  An administrator username and password must be supplied in order for
+  the Privoxy Utility to perform any of the tasks.</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="START-AMIGAOS"
+>5.7. AmigaOS</A
+></H2
+><P
+> Start <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> (with RUN <>NIL:) in your
+ <TT
+CLASS="FILENAME"
+>startnet</TT
+> script (AmiTCP), in
+ <TT
+CLASS="FILENAME"
+>s:user-startup</TT
+> (RoadShow), as startup program in your
+ startup script (Genesis), or as startup action (Miami and MiamiDx). 
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will automatically quit when you quit your
+ TCP/IP stack (just ignore the harmless warning your TCP/IP stack may display that
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is still running).</P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="START-GENTOO"
+>5.8. Gentoo</A
+></H2
+><P
+> A script is again used. It will use the file <TT
+CLASS="FILENAME"
+>/etc/privoxy/config 
+ </TT
+> as its main configuration file.</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> /etc/init.d/privoxy start
+ </PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> Note that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is not automatically started at 
+ boot time by default. You can change this with the <TT
+CLASS="LITERAL"
+>rc-update</TT
+> 
+ command.</P
+><P
+> 
+ <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+> rc-update add privoxy default
+ </PRE
+></TD
+></TR
+></TABLE
+></P
+></DIV
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="CMDOPTIONS"
+>5.9. Command Line Options</A
+></H2
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> may be invoked with the following
+ command-line options:</P
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>    <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>--version</I
+></SPAN
+>
+  </P
+><P
+>     Print version info and exit. Unix only.
+  </P
+></LI
+><LI
+><P
+>    <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>--help</I
+></SPAN
+>
+  </P
+><P
+>   Print short usage info and exit. Unix only.
+  </P
+></LI
+><LI
+><P
+>   <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>--no-daemon</I
+></SPAN
+>
+  </P
+><P
+>   Don't become a daemon, i.e. don't fork and become process group
+   leader, and don't detach from controlling tty. Unix only.
+  </P
+></LI
+><LI
+><P
+>   <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>--pidfile FILE</I
+></SPAN
+>
+  </P
+><P
+>   On startup, write the process ID to <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>FILE</I
+></SPAN
+>. Delete the
+   <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>FILE</I
+></SPAN
+> on exit. Failure to create or delete the
+   <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>FILE</I
+></SPAN
+> is non-fatal. If no <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>FILE</I
+></SPAN
+>
+   option is given, no PID file will be used. Unix only.
+  </P
+></LI
+><LI
+><P
+>   <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>--user USER[.GROUP]</I
+></SPAN
+>
+  </P
+><P
+>   After (optionally) writing the PID file, assume the user  ID  of
+   <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>USER</I
+></SPAN
+>, and if included the GID of GROUP.  Exit if the
+   privileges are not sufficient to do so. Unix only.
+  </P
+></LI
+><LI
+><P
+>   <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>--chroot</I
+></SPAN
+>
+  </P
+><P
+>   Before changing to the user ID given in the <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>--user</I
+></SPAN
+> option, 
+   chroot to that user's home directory, i.e. make the kernel pretend to the <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+   process that the directory tree starts there. If set up carefully, this can limit 
+   the impact of possible vulnerabilities in <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to the files contained in that hierarchy.
+   Unix only.
+  </P
+></LI
+><LI
+><P
+>   <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>--pre-chroot-nslookup hostname</I
+></SPAN
+>
+  </P
+><P
+>   Specifies a hostname to look up before doing a chroot. On some systems, initializing the
+   resolver library involves reading config files from /etc and/or loading additional shared
+   libraries from /lib. On these systems, doing a hostname lookup before the chroot reduces
+   the number of files that must be copied into the chroot tree.
+  </P
+><P
+>   For fastest startup speed, a good value is a hostname that is not in /etc/hosts but that
+   your local name server (listed in /etc/resolv.conf) can resolve without recursion
+   (that is, without having to ask any other name servers). The hostname need not exist,
+   but if it doesn't, an error message (which can be ignored) will be output.
+  </P
+></LI
+><LI
+><P
+>    <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>configfile</I
+></SPAN
+>
+  </P
+><P
+>    If no <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>configfile</I
+></SPAN
+> is included on the command line, 
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will look for a file named 
+    <SPAN
+CLASS="QUOTE"
+>"config"</SPAN
+> in the current directory (except on Win32 
+    where it will look for <SPAN
+CLASS="QUOTE"
+>"config.txt"</SPAN
+> instead). Specify 
+    full path to avoid confusion. If no config file is found, 
+    <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> will fail to start.
+  </P
+></LI
+></UL
+></P
+><P
+> On <SPAN
+CLASS="APPLICATION"
+>MS Windows</SPAN
+> only there are two additional 
+ command-line options to allow <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> to install and 
+ run as a <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>service</I
+></SPAN
+>. See the 
+<A
+HREF="installation.html#INSTALLATION-PACK-WIN"
+>Window Installation section</A
+> 
+for details.</P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="quickstart.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="configuration.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Quickstart to Using Privoxy</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Privoxy Configuration</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/user-manual/templates.html b/external/privoxy/doc/webserver/user-manual/templates.html
new file mode 100644
index 0000000..7e31c75
--- /dev/null
+++ b/external/privoxy/doc/webserver/user-manual/templates.html
@@ -0,0 +1,321 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>Privoxy's Template Files</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy 3.0.12 User Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Filter Files"
+HREF="filter-file.html"><LINK
+REL="NEXT"
+TITLE="Contacting the Developers, Bug Reporting and Feature
+Requests"
+HREF="contact.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
+<LINK REL="STYLESHEET" TYPE="text/css" HREF="p_doc.css">
+</head
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy 3.0.12 User Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="filter-file.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="contact.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="TEMPLATES"
+>10. Privoxy's Template Files</A
+></H1
+><P
+> All <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> built-in pages, i.e. error pages such as the 
+ <A
+HREF="http://show-the-404-error.page"
+TARGET="_top"
+><SPAN
+CLASS="QUOTE"
+>"404 - No Such Domain"</SPAN
+>
+ error page</A
+>, the <A
+HREF="http://ads.bannerserver.example.com/nasty-ads/sponsor.html"
+TARGET="_top"
+><SPAN
+CLASS="QUOTE"
+>"BLOCKED"</SPAN
+>
+ page</A
+>
+ and all pages of its <A
+HREF="http://config.privoxy.org/"
+TARGET="_top"
+>web-based
+ user interface</A
+>, are generated from <SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>templates</I
+></SPAN
+>. 
+ (<SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> must be running for the above links to work as
+ intended.)</P
+><P
+> These templates are stored in a subdirectory of the <A
+HREF="config.html#CONFDIR"
+>configuration
+ directory</A
+> called <TT
+CLASS="FILENAME"
+>templates</TT
+>. On Unixish platforms,
+ this is typically
+ <A
+HREF="file:///etc/privoxy/templates/"
+TARGET="_top"
+><TT
+CLASS="FILENAME"
+>/etc/privoxy/templates/</TT
+></A
+>.</P
+><P
+> The templates are basically normal HTML files, but with place-holders (called symbols
+ or exports), which <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> fills at run time. It
+ is possible to edit the templates with a normal text editor, should you want
+ to customize them. (<SPAN
+CLASS="emphasis"
+><I
+CLASS="EMPHASIS"
+>Not recommended for the casual
+ user</I
+></SPAN
+>). Should you create your own custom templates, you should use 
+ the <TT
+CLASS="FILENAME"
+>config</TT
+> setting <A
+HREF="config.html#TEMPLDIR"
+>templdir</A
+>
+ to specify an alternate location, so your templates do not get overwritten
+ during upgrades. 
+ </P
+><P
+> Note that just like in configuration files, lines starting
+ with <TT
+CLASS="LITERAL"
+>#</TT
+> are ignored when the templates are filled in.</P
+><P
+> The place-holders are of the form <TT
+CLASS="LITERAL"
+>@name@</TT
+>, and you will
+ find a list of available symbols, which vary from template to template,
+ in the comments at the start of each file. Note that these comments are not
+ always accurate, and that it's probably best to look at the existing HTML
+ code to find out which symbols are supported and what they are filled in with.</P
+><P
+> A special application of this substitution mechanism is to make whole
+ blocks of HTML code disappear when a specific symbol is set. We use this
+ for many purposes, one of them being to include the beta warning in all
+ our user interface (CGI) pages when <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ is in an alpha or beta development stage:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+><!-- @if-unstable-start -->
+
+  ... beta warning HTML code goes here ...
+
+<!-- if-unstable-end@ --></PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> If the "unstable" symbol is set, everything in between and including
+ <TT
+CLASS="LITERAL"
+>@if-unstable-start</TT
+> and <TT
+CLASS="LITERAL"
+>if-unstable-end@</TT
+>
+ will disappear, leaving nothing but an empty comment:</P
+><P
+> <TABLE
+BORDER="0"
+BGCOLOR="#E0E0E0"
+WIDTH="100%"
+><TR
+><TD
+><PRE
+CLASS="SCREEN"
+><!--  --></PRE
+></TD
+></TR
+></TABLE
+></P
+><P
+> There's also an if-then-else construct and an <TT
+CLASS="LITERAL"
+>#include</TT
+>
+ mechanism, but you'll sure find out if you are inclined to edit the
+ templates ;-)</P
+><P
+> All templates refer to a style located at
+ <A
+HREF="http://config.privoxy.org/send-stylesheet"
+TARGET="_top"
+><TT
+CLASS="LITERAL"
+>http://config.privoxy.org/send-stylesheet</TT
+></A
+>.
+ This is, of course, locally served by <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+ and the source for it can be found and edited in the
+ <TT
+CLASS="FILENAME"
+>cgi-style.css</TT
+> template.</P
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="filter-file.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="contact.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Filter Files</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Contacting the Developers, Bug Reporting and Feature
+Requests</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/user-manual/upgradersnote.html b/external/privoxy/doc/webserver/user-manual/upgradersnote.html
new file mode 100644
index 0000000..36be7bc
--- /dev/null
+++ b/external/privoxy/doc/webserver/user-manual/upgradersnote.html
@@ -0,0 +1,296 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<HTML
+><HEAD
+><TITLE
+>Note to Upgraders</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.7"><LINK
+REL="HOME"
+TITLE="Privoxy 3.0.3 User Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Installation"
+HREF="installation.html"><LINK
+REL="NEXT"
+TITLE="Quickstart to Using Privoxy"
+HREF="quickstart.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"></HEAD
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy 3.0.3 User Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="installation.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="quickstart.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="UPGRADERSNOTE"
+>3. Note to Upgraders</A
+></H1
+><P
+> There are very significant changes from earlier 
+ <SPAN
+CLASS="APPLICATION"
+>Junkbuster</SPAN
+> versions to the current
+ <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>. The number, names, syntax, and
+ purposes of configuration files have substantially  changed.
+ <SPAN
+CLASS="APPLICATION"
+>Junkbuster 2.0.x</SPAN
+> configuration
+ files will not migrate, <SPAN
+CLASS="APPLICATION"
+>Junkbuster 2.9.x</SPAN
+>
+ and <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> configurations will need to be
+ ported. The functionalities of the old <TT
+CLASS="FILENAME"
+>blockfile</TT
+>,
+ <TT
+CLASS="FILENAME"
+>cookiefile</TT
+> and <TT
+CLASS="FILENAME"
+>imagelist</TT
+> 
+ are now combined into the <A
+HREF="actions-file.html"
+><SPAN
+CLASS="QUOTE"
+>"actions
+ files"</SPAN
+></A
+>.  
+ <TT
+CLASS="FILENAME"
+>default.action</TT
+>, is the main actions file. Local
+ exceptions should best be put into <TT
+CLASS="FILENAME"
+>user.action</TT
+>.</P
+><P
+> A <A
+HREF="filter-file.html"
+><SPAN
+CLASS="QUOTE"
+>"filter file"</SPAN
+></A
+> (typically
+ <TT
+CLASS="FILENAME"
+>default.filter</TT
+>) is new as of <SPAN
+CLASS="APPLICATION"
+>Privoxy
+ 2.9.x</SPAN
+>, and provides some of the new sophistication (explained
+ below). <TT
+CLASS="FILENAME"
+>config</TT
+> is much the same as before.</P
+><P
+> If upgrading from a 2.0.x version, you will have to use the new config 
+ files, and possibly adapt any personal rules from your older files.
+ When porting personal rules over from the old <TT
+CLASS="FILENAME"
+>blockfile</TT
+>
+ to the new actions files, please note that even the pattern syntax has
+ changed. If upgrading from 2.9.x development versions, it is still
+ recommended to use the new configuration files.</P
+><P
+> A quick list of things to be aware of before upgrading: </P
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>   The default listening port is now 8118 due to a conflict with another 
+   service (NAS).
+  </P
+></LI
+><LI
+><P
+>  
+    Some installers may remove earlier versions completely. Save any 
+    important configuration files!
+  </P
+></LI
+><LI
+><P
+>   <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is controllable with a web browser 
+   at the special URL: <A
+HREF="http://config.privoxy.org/"
+TARGET="_top"
+>http://config.privoxy.org/</A
+>
+   (Shortcut: <A
+HREF="http://p.p/"
+TARGET="_top"
+>http://p.p/</A
+>). Many
+   aspects of configuration can be done here, including temporarily disabling
+   <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>.
+  </P
+></LI
+><LI
+><P
+>   The primary configuration files for cookie management, ad and banner 
+   blocking, and many other aspects of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+   configuration are the <A
+HREF="actions-file.html"
+>actions
+   files</A
+>. It is strongly recommended to become familiar with the new
+   actions concept below, before modifying these files. Locally defined rules 
+   should go into <TT
+CLASS="FILENAME"
+>user.action</TT
+>.
+  </P
+></LI
+><LI
+><P
+>   
+   Some installers may not automatically start
+   <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> after installation.
+  </P
+></LI
+></UL
+></P
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="installation.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="quickstart.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Installation</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Quickstart to Using <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+></TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/doc/webserver/user-manual/whatsnew.html b/external/privoxy/doc/webserver/user-manual/whatsnew.html
new file mode 100644
index 0000000..5d7c0b2
--- /dev/null
+++ b/external/privoxy/doc/webserver/user-manual/whatsnew.html
@@ -0,0 +1,351 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN""http://www.w3.org/TR/html4/loose.dtd">
+<HTML
+><HEAD
+><TITLE
+>What's New in this Release</TITLE
+><META
+NAME="GENERATOR"
+CONTENT="Modular DocBook HTML Stylesheet Version 1.79"><LINK
+REL="HOME"
+TITLE="Privoxy 3.0.12 User Manual"
+HREF="index.html"><LINK
+REL="PREVIOUS"
+TITLE="Installation"
+HREF="installation.html"><LINK
+REL="NEXT"
+TITLE="Quickstart to Using Privoxy"
+HREF="quickstart.html"><LINK
+REL="STYLESHEET"
+TYPE="text/css"
+HREF="../p_doc.css"><META
+HTTP-EQUIV="Content-Type"
+CONTENT="text/html;
+charset=ISO-8859-1">
+<LINK REL="STYLESHEET" TYPE="text/css" HREF="p_doc.css">
+</head
+><BODY
+CLASS="SECT1"
+BGCOLOR="#EEEEEE"
+TEXT="#000000"
+LINK="#0000FF"
+VLINK="#840084"
+ALINK="#0000FF"
+><DIV
+CLASS="NAVHEADER"
+><TABLE
+SUMMARY="Header navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TH
+COLSPAN="3"
+ALIGN="center"
+>Privoxy 3.0.12 User Manual</TH
+></TR
+><TR
+><TD
+WIDTH="10%"
+ALIGN="left"
+VALIGN="bottom"
+><A
+HREF="installation.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="80%"
+ALIGN="center"
+VALIGN="bottom"
+></TD
+><TD
+WIDTH="10%"
+ALIGN="right"
+VALIGN="bottom"
+><A
+HREF="quickstart.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+></TABLE
+><HR
+ALIGN="LEFT"
+WIDTH="100%"></DIV
+><DIV
+CLASS="SECT1"
+><H1
+CLASS="SECT1"
+><A
+NAME="WHATSNEW"
+>3. What's New in this Release</A
+></H1
+><P
+> <SPAN
+CLASS="APPLICATION"
+>Privoxy 3.0.12</SPAN
+> is mainly a bugfix release:</P
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>    The socket-timeout option now also works on platforms whose
+    select() implementation modifies the timeout structure.
+    Previously the timeout was triggered even if the connection
+    didn't stall. Reported by cyberpatrol.
+   </P
+></LI
+><LI
+><P
+>    The Connection: keep-alive code properly deals with files
+    larger than 2GB. Previously the connection was closed too
+    early.
+   </P
+></LI
+><LI
+><P
+>    The content length for files above 2GB is logged correctly.
+   </P
+></LI
+><LI
+><P
+>    The user-manual directive on the show-status page links to
+    the documentation location specified with the directive,
+    not to the Privoxy website.
+   </P
+></LI
+><LI
+><P
+>    When running in daemon mode, Privoxy doesn't log anything
+    to the console unless there are errors before the logfile
+    has been opened.
+   </P
+></LI
+><LI
+><P
+>    The show-status page prints warnings about invalid directives
+    on the same line as the directives themselves.
+   </P
+></LI
+><LI
+><P
+>    Fixed several justified (but harmless) compiler warnings,
+    mostly on 64 bit platforms.
+   </P
+></LI
+><LI
+><P
+>    The mingw32 version explicitly requests the default charset
+    to prevent display problems with some fonts available on more
+    recent Windows versions. Patch by Burberry.
+   </P
+></LI
+><LI
+><P
+>    The mingw32 version uses the Privoxy icon in the alt-tab
+    windows. Patch by Burberry.
+   </P
+></LI
+><LI
+><P
+>    The timestamp and the thread id is omitted in the "Fatal error"
+    message box on mingw32.
+   </P
+></LI
+><LI
+><P
+>    Fixed two related mingw32-only buffer overflows. Triggering
+    them required control over the configuration file, therefore
+    this isn't seen as a security issue.
+   </P
+></LI
+><LI
+><P
+>    In verbose mode, or if the new option --show-skipped-tests
+    is used, Privoxy-Regression-Test logs skipped tests and the
+    skip reason.
+   </P
+></LI
+></UL
+></P
+><DIV
+CLASS="SECT2"
+><H2
+CLASS="SECT2"
+><A
+NAME="UPGRADERSNOTE"
+>3.1. Note to Upgraders</A
+></H2
+><P
+> A quick list of things to be aware of before upgrading from earlier 
+ versions of <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>:</P
+><P
+> <P
+></P
+><UL
+><LI
+><P
+>   The recommended way to upgrade <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> is to backup your old 
+   configuration files, install the new ones, verify that <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+>
+   is working correctly and finally merge back your changes using
+   <SPAN
+CLASS="APPLICATION"
+>diff</SPAN
+> and maybe <SPAN
+CLASS="APPLICATION"
+>patch</SPAN
+>.
+  </P
+><P
+>   There are a number of new features in each <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> release and
+   most of them have to be explicitly enabled in the configuration
+   files. Old configuration files obviously don't do that and due
+   to syntax changes using old configuration files with a new
+   <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> isn't always possible anyway.
+  </P
+></LI
+><LI
+><P
+>  
+    Note that some installers remove earlier versions completely,
+    including configuration files, therefore you should really save
+    any important configuration files!
+  </P
+></LI
+><LI
+><P
+>  
+   On the other hand, other installers don't overwrite existing configuration 
+   files, thinking you will want to do that yourself.
+  </P
+></LI
+><LI
+><P
+>  
+   <TT
+CLASS="FILENAME"
+>standard.action</TT
+> has been merged into
+   the <TT
+CLASS="FILENAME"
+>default.action</TT
+> file.
+  </P
+></LI
+><LI
+><P
+>   In the default configuration only fatal errors are logged now.
+   You can change that in the <A
+HREF="config.html#DEBUG"
+>debug section</A
+>
+   of the configuration file. You may also want to enable more verbose
+   logging until you verified that the new <SPAN
+CLASS="APPLICATION"
+>Privoxy</SPAN
+> version is working
+   as expected.
+  </P
+></LI
+><LI
+><P
+>     Three other config file settings are now off by default: 
+     <A
+HREF="config.html#ENABLE-REMOTE-TOGGLE"
+>enable-remote-toggle</A
+>,
+     <A
+HREF="config.html#ENABLE-REMOTE-HTTP-TOGGLE"
+>enable-remote-http-toggle</A
+>,
+     and  <A
+HREF="config.html#ENABLE-EDIT-ACTIONS"
+>enable-edit-actions</A
+>. 
+     If you use or want these, you will need to explicitly enable them, and
+     be aware of the security issues involved. 
+    </P
+></LI
+></UL
+></P
+></DIV
+></DIV
+><DIV
+CLASS="NAVFOOTER"
+><HR
+ALIGN="LEFT"
+WIDTH="100%"><TABLE
+SUMMARY="Footer navigation table"
+WIDTH="100%"
+BORDER="0"
+CELLPADDING="0"
+CELLSPACING="0"
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+><A
+HREF="installation.html"
+ACCESSKEY="P"
+>Prev</A
+></TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+><A
+HREF="index.html"
+ACCESSKEY="H"
+>Home</A
+></TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+><A
+HREF="quickstart.html"
+ACCESSKEY="N"
+>Next</A
+></TD
+></TR
+><TR
+><TD
+WIDTH="33%"
+ALIGN="left"
+VALIGN="top"
+>Installation</TD
+><TD
+WIDTH="34%"
+ALIGN="center"
+VALIGN="top"
+> </TD
+><TD
+WIDTH="33%"
+ALIGN="right"
+VALIGN="top"
+>Quickstart to Using Privoxy</TD
+></TR
+></TABLE
+></DIV
+></BODY
+></HTML
+>
\ No newline at end of file
diff --git a/external/privoxy/encode.c b/external/privoxy/encode.c
new file mode 100644
index 0000000..d4bb1ce
--- /dev/null
+++ b/external/privoxy/encode.c
@@ -0,0 +1,430 @@
+const char encode_rcs[] = "$Id: encode.c,v 1.14 2008/05/21 15:38:13 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/encode.c,v $
+ *
+ * Purpose     :  Functions to encode and decode URLs, and also to
+ *                encode cookies and HTML text.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: encode.c,v $
+ *    Revision 1.14  2008/05/21 15:38:13  fabiankeil
+ *    Garbage-collect cookie_encode().
+ *
+ *    Revision 1.13  2007/08/18 14:34:27  fabiankeil
+ *    Make xtoi() extern so it can be used in pcrs.c.
+ *
+ *    Revision 1.12  2007/08/04 10:15:51  fabiankeil
+ *    Use strlcpy() instead of strcpy().
+ *
+ *    Revision 1.11  2006/12/28 18:25:53  fabiankeil
+ *    Fixed gcc43 compiler warning.
+ *
+ *    Revision 1.10  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.8  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.7  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.6  2002/03/13 00:27:04  jongfoster
+ *    Killing warnings
+ *
+ *    Revision 1.5  2002/03/07 03:46:53  oes
+ *    Fixed compiler warnings etc
+ *
+ *    Revision 1.4  2002/01/22 23:28:07  jongfoster
+ *    Adding convenience function html_encode_and_free_original()
+ *    Making all functions accept NULL paramaters - in this case, they
+ *    simply return NULL.  This allows error-checking to be deferred.
+ *
+ *    Revision 1.3  2001/11/13 00:16:40  jongfoster
+ *    Replacing references to malloc.h with the standard stdlib.h
+ *    (See ANSI or K&R 2nd Ed)
+ *
+ *    Revision 1.2  2001/05/17 22:52:35  oes
+ *     - Cleaned CRLF's from the sources and related files
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:51  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <assert.h>
+
+#include "miscutil.h"
+#include "encode.h"
+
+const char encode_h_rcs[] = ENCODE_H_VERSION;
+
+/* Maps special characters in a URL to their equivalent % codes. */
+static const char * const url_code_map[256] = {
+   NULL, "%01", "%02", "%03", "%04", "%05", "%06", "%07", "%08", "%09",
+   "%0A", "%0B", "%0C", "%0D", "%0E", "%0F", "%10", "%11", "%12", "%13",
+   "%14", "%15", "%16", "%17", "%18", "%19", "%1A", "%1B", "%1C", "%1D",
+   "%1E", "%1F", "+",   "%21", "%22", "%23", "%24", "%25", "%26", "%27",
+   "%28", "%29", NULL,  "%2B", "%2C", NULL,  NULL,  "%2F", NULL,  NULL,
+   NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  "%3A", "%3B",
+   "%3C", "%3D", "%3E", "%3F", NULL,  NULL,  NULL,  NULL,  NULL,  NULL,
+   NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,
+   NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,
+   NULL,  "%5B", "%5C", "%5D", "%5E", NULL,  "%60", NULL,  NULL,  NULL,
+   NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,
+   NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,  NULL,
+   NULL,  NULL,  NULL,  "%7B", "%7C", "%7D", "%7E", "%7F", "%80", "%81",
+   "%82", "%83", "%84", "%85", "%86", "%87", "%88", "%89", "%8A", "%8B",
+   "%8C", "%8D", "%8E", "%8F", "%90", "%91", "%92", "%93", "%94", "%95",
+   "%96", "%97", "%98", "%99", "%9A", "%9B", "%9C", "%9D", "%9E", "%9F",
+   "%A0", "%A1", "%A2", "%A3", "%A4", "%A5", "%A6", "%A7", "%A8", "%A9",
+   "%AA", "%AB", "%AC", "%AD", "%AE", "%AF", "%B0", "%B1", "%B2", "%B3",
+   "%B4", "%B5", "%B6", "%B7", "%B8", "%B9", "%BA", "%BB", "%BC", "%BD",
+   "%BE", "%BF", "%C0", "%C1", "%C2", "%C3", "%C4", "%C5", "%C6", "%C7",
+   "%C8", "%C9", "%CA", "%CB", "%CC", "%CD", "%CE", "%CF", "%D0", "%D1",
+   "%D2", "%D3", "%D4", "%D5", "%D6", "%D7", "%D8", "%D9", "%DA", "%DB",
+   "%DC", "%DD", "%DE", "%DF", "%E0", "%E1", "%E2", "%E3", "%E4", "%E5",
+   "%E6", "%E7", "%E8", "%E9", "%EA", "%EB", "%EC", "%ED", "%EE", "%EF",
+   "%F0", "%F1", "%F2", "%F3", "%F4", "%F5", "%F6", "%F7", "%F8", "%F9",
+   "%FA", "%FB", "%FC", "%FD", "%FE", "%FF"
+};
+
+/* Maps special characters in HTML to their equivalent entites. */
+static const char * const html_code_map[256] = {
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL,""",NULL,NULL,NULL,"&",NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   "<",NULL,">",NULL,NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL, NULL
+};
+
+
+/*********************************************************************
+ *
+ * Function    :  html_encode
+ *
+ * Description :  Encodes a string so it's not interpreted as
+ *                containing HTML tags or entities.
+ *                Replaces <, >, &, and " with the appropriate HTML
+ *                entities.
+ *
+ * Parameters  :
+ *          1  :  s = String to encode.  Null-terminated.
+ *
+ * Returns     :  Encoded string, newly allocated on the heap. 
+ *                Caller is responsible for freeing it with free().
+ *                If s is NULL, or on out-of memory, returns NULL.
+ *
+ *********************************************************************/
+char * html_encode(const char *s)
+{
+   char * buf;
+   size_t buf_size;
+   
+   if (s == NULL)
+   {
+      return NULL;
+   }
+
+   /* each input char can expand to at most 6 chars */
+   buf_size = (strlen(s) * 6) + 1;
+   buf = (char *) malloc(buf_size);
+
+   if (buf)
+   {
+      char c;
+      char * p = buf;
+      while ( (c = *s++) != '\0')
+      {
+         const char * replace_with = html_code_map[(unsigned char) c];
+         if(replace_with != NULL)
+         {
+            const size_t bytes_written = (size_t)(p - buf);
+            assert(bytes_written < buf_size);
+            p += strlcpy(p, replace_with, buf_size - bytes_written);
+         }
+         else
+         {
+            *p++ = c;
+         }
+      }
+
+      *p = '\0';
+   }
+
+   assert(strlen(buf) < buf_size);
+   return(buf);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  html_encode_and_free_original
+ *
+ * Description :  Encodes a string so it's not interpreted as
+ *                containing HTML tags or entities.
+ *                Replaces <, >, &, and " with the appropriate HTML
+ *                entities.  Free()s original string.
+ *                If original string is NULL, simply returns NULL.
+ *
+ * Parameters  :
+ *          1  :  s = String to encode.  Null-terminated.
+ *
+ * Returns     :  Encoded string, newly allocated on the heap. 
+ *                Caller is responsible for freeing it with free().
+ *                If s is NULL, or on out-of memory, returns NULL.
+ *
+ *********************************************************************/
+char * html_encode_and_free_original(char *s)
+{
+   char * result;
+   
+   if (s == NULL)
+   {
+      return NULL;
+   }
+
+   result = html_encode(s);
+   free(s);
+
+   return result;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  url_encode
+ *
+ * Description :  Encodes a string so it can be used in a URL
+ *                query string.  Replaces special characters with
+ *                the appropriate %xx codes.
+ *
+ * Parameters  :
+ *          1  :  s = String to encode.  Null-terminated.
+ *
+ * Returns     :  Encoded string, newly allocated on the heap. 
+ *                Caller is responsible for freeing it with free().
+ *                If s is NULL, or on out-of memory, returns NULL.
+ *
+ *********************************************************************/
+char * url_encode(const char *s)
+{
+   char * buf;
+   size_t buf_size;
+
+   if (s == NULL)
+   {
+      return NULL;
+   }
+
+   /* each input char can expand to at most 3 chars */
+   buf_size = (strlen(s) * 3) + 1;
+   buf = (char *) malloc(buf_size);
+
+   if (buf)
+   {
+      char c;
+      char * p = buf;
+      while( (c = *s++) != '\0')
+      {
+         const char * replace_with = url_code_map[(unsigned char) c];
+         if (replace_with != NULL)
+         {
+            const size_t bytes_written = (size_t)(p - buf);
+            assert(bytes_written < buf_size);
+            p += strlcpy(p, replace_with, buf_size - bytes_written);
+         }
+         else
+         {
+            *p++ = c;
+         }
+      }
+
+      *p = '\0';
+
+   }
+
+   assert(strlen(buf) < buf_size);
+   return(buf);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  xdtoi
+ *
+ * Description :  Converts a single hex digit to an integer.
+ *
+ * Parameters  :
+ *          1  :  d = in the range of ['0'..'9', 'A'..'F', 'a'..'f']
+ *
+ * Returns     :  The integer value, or -1 for non-hex characters.
+ *
+ *********************************************************************/
+static int xdtoi(const int d)
+{
+   if ((d >= '0') && (d <= '9'))
+   {
+      return(d - '0');
+   }
+   else if ((d >= 'a') && (d <= 'f')) 
+   {
+      return(d - 'a' + 10);
+   }
+   else if ((d >= 'A') && (d <= 'F'))
+   {
+      return(d - 'A' + 10);
+   }
+   else
+   {
+      return(-1);
+   }
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  xtoi
+ *
+ * Description :  Hex string to integer conversion.
+ *
+ * Parameters  :
+ *          1  :  s = a 2 digit hex string (e.g. "1f").  Only the
+ *                    first two characters will be looked at.
+ *
+ * Returns     :  The integer value, or 0 for non-hex strings.
+ *
+ *********************************************************************/
+int xtoi(const char *s)
+{
+   int d1, d2;
+
+   d1 = xdtoi(*s);
+   if(d1 >= 0)
+   {
+      d2 = xdtoi(*(s+1));
+      if(d2 >= 0)
+      {
+         return (d1 << 4) + d2;
+      }
+   }
+
+   return 0;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  url_decode
+ *
+ * Description :  Decodes a URL query string, replacing %xx codes
+ *                with their decoded form.
+ *
+ * Parameters  :
+ *          1  :  s = String to decode.  Null-terminated.
+ *
+ * Returns     :  Decoded string, newly allocated on the heap. 
+ *                Caller is responsible for freeing it with free().
+ *
+ *********************************************************************/
+char *url_decode(const char * s)
+{
+   char *buf = malloc(strlen(s) + 1);
+   char *q = buf;
+
+   if (buf)
+   {
+      while (*s)
+      {
+         switch (*s)
+         {
+            case '+':
+               s++;
+               *q++ = ' ';
+               break;
+
+            case '%':
+               if ((*q = (char)xtoi(s + 1)) != '\0')
+               {
+                  s += 3;
+                  q++;
+               }
+               else
+               {
+                  /* malformed, just use it */
+                  *q++ = *s++;
+               }
+               break;
+
+            default:
+               *q++ = *s++;
+               break;
+         }
+      }
+      *q = '\0';
+   }
+
+   return(buf);
+
+}
+
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/encode.h b/external/privoxy/encode.h
new file mode 100644
index 0000000..728746b
--- /dev/null
+++ b/external/privoxy/encode.h
@@ -0,0 +1,94 @@
+#ifndef ENCODE_H_INCLUDED
+#define ENCODE_H_INCLUDED
+#define ENCODE_H_VERSION "$Id: encode.h,v 1.9 2008/05/21 15:38:13 fabiankeil Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/encode.h,v $
+ *
+ * Purpose     :  Functions to encode and decode URLs, and also to
+ *                encode cookies and HTML text.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: encode.h,v $
+ *    Revision 1.9  2008/05/21 15:38:13  fabiankeil
+ *    Garbage-collect cookie_encode().
+ *
+ *    Revision 1.8  2007/08/18 14:34:27  fabiankeil
+ *    Make xtoi() extern so it can be used in pcrs.c.
+ *
+ *    Revision 1.7  2006/07/18 14:48:45  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.5  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.4  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.3  2002/01/22 23:28:07  jongfoster
+ *    Adding convenience function html_encode_and_free_original()
+ *    Making all functions accept NULL paramaters - in this case, they
+ *    simply return NULL.  This allows error-checking to be deferred.
+ *
+ *    Revision 1.2  2001/07/29 18:43:08  jongfoster
+ *    Changing #ifdef _FILENAME_H to FILENAME_H_INCLUDED, to conform to
+ *    ANSI C rules.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:51  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+extern char * html_encode(const char *s);
+extern char * url_encode(const char *s);
+extern char * url_decode(const char *str);
+extern int    xtoi(const char *s);
+extern char * html_encode_and_free_original(char *s);
+
+/* Revision control strings from this header and associated .c file */
+extern const char encode_rcs[];
+extern const char encode_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef ENCODE_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/errlog.c b/external/privoxy/errlog.c
new file mode 100644
index 0000000..ca12d7f
--- /dev/null
+++ b/external/privoxy/errlog.c
@@ -0,0 +1,1547 @@
+const char errlog_rcs[] = "$Id: errlog.c,v 1.92 2009/03/20 03:39:31 ler762 Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/errlog.c,v $
+ *
+ * Purpose     :  Log errors to a designated destination in an elegant,
+ *                printf-like fashion.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2009 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: errlog.c,v $
+ *    Revision 1.92  2009/03/20 03:39:31  ler762
+ *    I like having the version logged at startup and the Windows GUI stopped logging
+ *    it after LOG_LEVEL_INFO was removed from
+ *      static int debug = (LOG_LEVEL_FATAL | LOG_LEVEL_ERROR | LOG_LEVEL_INFO);
+ *
+ *    Revision 1.91  2009/03/18 21:56:30  fabiankeil
+ *    In init_error_log(), suppress the "(Re-)Opening logfile" message if
+ *    we're still logging to stderr. This restores the "silent mode", but
+ *    with LOG_LEVEL_INFO enabled, the show_version() info is written to
+ *    the logfile as intended.
+ *
+ *    Revision 1.90  2009/03/18 20:43:19  fabiankeil
+ *    Don't enable LOG_LEVEL_INFO by default and don't apply the user's
+ *    debug settings until the logfile has been opened (if there is one).
+ *    Patch submitted by Roland in #2624120.
+ *
+ *    Revision 1.89  2009/03/07 12:56:12  fabiankeil
+ *    Add log_error() support for unsigned long long (%lld).
+ *
+ *    Revision 1.88  2009/03/07 11:34:36  fabiankeil
+ *    Omit timestamp and thread id in the mingw32 message box.
+ *
+ *    Revision 1.87  2009/03/01 18:28:24  fabiankeil
+ *    Help clang understand that we aren't dereferencing
+ *    NULL pointers here.
+ *
+ *    Revision 1.86  2009/02/09 21:21:15  fabiankeil
+ *    Now that init_log_module() is called earlier, call show_version()
+ *    later on from main() directly so it doesn't get called for --help
+ *    or --version.
+ *
+ *    Revision 1.85  2009/02/06 17:51:38  fabiankeil
+ *    Be prepared if I break the log module initialization again.
+ *
+ *    Revision 1.84  2008/12/14 15:46:22  fabiankeil
+ *    Give crunched requests their own log level.
+ *
+ *    Revision 1.83  2008/12/04 18:14:32  fabiankeil
+ *    Fix some cparser warnings.
+ *
+ *    Revision 1.82  2008/11/23 16:06:58  fabiankeil
+ *    Update a log message I missed in 1.80.
+ *
+ *    Revision 1.81  2008/11/23 15:59:27  fabiankeil
+ *    - Update copyright range.
+ *    - Remove stray line breaks in a log message
+ *      nobody is supposed to see anyway.
+ *
+ *    Revision 1.80  2008/11/23 15:49:49  fabiankeil
+ *    In log_error(), don't surround the thread id with "Privoxy(" and ")".
+ *
+ *    Revision 1.79  2008/10/20 17:09:25  fabiankeil
+ *    Update init_error_log() description to match reality.
+ *
+ *    Revision 1.78  2008/09/07 16:59:31  fabiankeil
+ *    Update a comment to reflect that we
+ *    have mutex support on mingw32 now.
+ *
+ *    Revision 1.77  2008/09/07 12:43:44  fabiankeil
+ *    Move the LogPutString() call in log_error() into the locked
+ *    region so the Windows GUI log is consistent with the logfile.
+ *
+ *    Revision 1.76  2008/09/07 12:35:05  fabiankeil
+ *    Add mutex lock support for _WIN32.
+ *
+ *    Revision 1.75  2008/09/04 08:13:58  fabiankeil
+ *    Prepare for critical sections on Windows by adding a
+ *    layer of indirection before the pthread mutex functions.
+ *
+ *    Revision 1.74  2008/08/06 18:33:36  fabiankeil
+ *    If the "close fd first" workaround doesn't work,
+ *    the fatal error message will be lost, so we better
+ *    explain the consequences while we still can.
+ *
+ *    Revision 1.73  2008/08/04 19:06:55  fabiankeil
+ *    Add a lame workaround for the "can't open an already open
+ *    logfile on OS/2" problem reported by Maynard in #2028842
+ *    and describe what a real solution would look like.
+ *
+ *    Revision 1.72  2008/07/27 12:04:28  fabiankeil
+ *    Fix a comment typo.
+ *
+ *    Revision 1.71  2008/06/28 17:17:15  fabiankeil
+ *    Remove another stray semicolon.
+ *
+ *    Revision 1.70  2008/06/28 17:10:29  fabiankeil
+ *    Remove stray semicolon in get_log_timestamp().
+ *    Reported by Jochen Voss in #2005221.
+ *
+ *    Revision 1.69  2008/05/30 15:55:25  fabiankeil
+ *    Declare variable "debug" static and complain about its name.
+ *
+ *    Revision 1.68  2008/04/27 16:50:46  fabiankeil
+ *    Remove an incorrect assertion. The value of debug may change if
+ *    the configuration is reloaded in another thread. While we could
+ *    cache the initial value, the assertion doesn't seem worth it.
+ *
+ *    Revision 1.67  2008/03/27 18:27:23  fabiankeil
+ *    Remove kill-popups action.
+ *
+ *    Revision 1.66  2008/01/31 15:38:14  fabiankeil
+ *    - Make the logfp assertion more strict. As of 1.63, the "||" could
+ *      have been an "&&", which means we can use two separate assertions
+ *      and skip on of them on Windows.
+ *    - Break a long commit message line in two.
+ *
+ *    Revision 1.65  2008/01/31 14:44:33  fabiankeil
+ *    Use (a != b) instead of !(a == b) so the sanity check looks less insane.
+ *
+ *    Revision 1.64  2008/01/21 18:56:46  david__schmidt
+ *    Swap #def from negative to positive, re-joined it so it didn't
+ *    span an assertion (compilation failure on OS/2)
+ *
+ *    Revision 1.63  2007/12/15 19:49:32  fabiankeil
+ *    Stop overloading logfile to control the mingw32 log window as well.
+ *    It's no longer necessary now that we disable all debug lines by default
+ *    and at least one user perceived it as a regression (added in 1.55).
+ *
+ *    Revision 1.62  2007/11/30 15:33:46  fabiankeil
+ *    Unbreak LOG_LEVEL_FATAL. It wasn't fatal with logging disabled
+ *    and on mingw32 fatal log messages didn't end up in the log file.
+ *
+ *    Revision 1.61  2007/11/04 19:03:01  fabiankeil
+ *    Fix another deadlock Hal spotted and that mysteriously didn't affect FreeBSD.
+ *
+ *    Revision 1.60  2007/11/03 19:03:31  fabiankeil
+ *    - Prevent the Windows GUI from showing the version two times in a row.
+ *    - Stop using the imperative in the "(Re-)Open logfile" message.
+ *    - Ditch the "Switching to daemon mode" message as the detection
+ *      whether or not we're already in daemon mode doesn't actually work.
+ *
+ *    Revision 1.59  2007/11/01 12:50:56  fabiankeil
+ *    Here's looking at you, deadlock.
+ *
+ *    Revision 1.58  2007/10/28 19:04:21  fabiankeil
+ *    Don't mention daemon mode in "Logging disabled" message. Some
+ *    platforms call it differently and it's not really relevant anyway.
+ *
+ *    Revision 1.57  2007/10/27 13:02:26  fabiankeil
+ *    Relocate daemon-mode-related log messages to make sure
+ *    they aren't shown again in case of configuration reloads.
+ *
+ *    Revision 1.56  2007/10/14 14:26:56  fabiankeil
+ *    Remove the old log_error() version.
+ *
+ *    Revision 1.55  2007/10/14 14:12:41  fabiankeil
+ *    When in daemon mode, close stderr after the configuration file has been
+ *    parsed the first time. If logfile isn't set, stop logging. Fixes BR#897436.
+ *
+ *    Revision 1.54  2007/09/22 16:15:34  fabiankeil
+ *    - Let it compile with pcc.
+ *    - Move our includes below system includes to prevent macro conflicts.
+ *
+ *    Revision 1.53  2007/08/05 13:53:14  fabiankeil
+ *    #1763173 from Stefan Huehner: declare some more functions
+ *    static and use void instead of empty parameter lists.
+ *
+ *    Revision 1.52  2007/07/14 07:28:47  fabiankeil
+ *    Add translation function for JB_ERR_FOO codes.
+ *
+ *    Revision 1.51  2007/05/11 11:51:34  fabiankeil
+ *    Fix a type mismatch warning.
+ *
+ *    Revision 1.50  2007/04/11 10:55:44  fabiankeil
+ *    Enforce some assertions that could be triggered
+ *    on mingw32 and other systems where we use threads
+ *    but no locks.
+ *
+ *    Revision 1.49  2007/04/08 16:44:15  fabiankeil
+ *    We need <sys/time.h> for gettimeofday(), not <time.h>.
+ *
+ *    Revision 1.48  2007/03/31 13:33:28  fabiankeil
+ *    Add alternative log_error() with timestamps
+ *    that contain milliseconds and without using
+ *    strcpy(), strcat() or sprintf().
+ *
+ *    Revision 1.47  2006/11/28 15:25:15  fabiankeil
+ *    Only unlink the pidfile if it's actually used.
+ *
+ *    Revision 1.46  2006/11/13 19:05:51  fabiankeil
+ *    Make pthread mutex locking more generic. Instead of
+ *    checking for OSX and OpenBSD, check for FEATURE_PTHREAD
+ *    and use mutex locking unless there is an _r function
+ *    available. Better safe than sorry.
+ *
+ *    Fixes "./configure --disable-pthread" and should result
+ *    in less threading-related problems on pthread-using platforms,
+ *    but it still doesn't fix BR#1122404.
+ *
+ *    Revision 1.45  2006/08/21 11:15:54  david__schmidt
+ *    MS Visual C++ build updates
+ *
+ *    Revision 1.44  2006/08/18 16:03:16  david__schmidt
+ *    Tweak for OS/2 build happiness.
+ *
+ *    Revision 1.43  2006/08/03 02:46:41  david__schmidt
+ *    Incorporate Fabian Keil's patch work:
+ *    http://www.fabiankeil.de/sourcecode/privoxy/
+ *
+ *    Revision 1.42  2006/07/18 14:48:46  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.40.2.4  2005/04/03 20:10:50  david__schmidt
+ *    Thanks to Jindrich Makovicka for a race condition fix for the log
+ *    file.  The race condition remains for non-pthread implementations.
+ *    Reference patch #1175720.
+ *
+ *    Revision 1.40.2.3  2003/03/07 03:41:04  david__schmidt
+ *    Wrapping all *_r functions (the non-_r versions of them) with mutex 
+ *    semaphores for OSX.  Hopefully this will take care of all of those pesky
+ *    crash reports.
+ *
+ *    Revision 1.40.2.2  2002/09/28 00:30:57  david__schmidt
+ *    Update error logging to give sane values for thread IDs on Mach kernels.
+ *    It's still a hack, but at least it looks farily normal.  We print the
+ *    absolute value of the first 4 bytes of the pthread_t modded with 1000.
+ *
+ *    Revision 1.40.2.1  2002/09/25 12:47:42  oes
+ *    Make log_error safe against NULL string arguments
+ *
+ *    Revision 1.40  2002/05/22 01:27:27  david__schmidt
+ *
+ *    Add os2_socket_strerr mirroring w32_socket_strerr.
+ *
+ *    Revision 1.39  2002/04/03 17:15:27  gliptak
+ *    zero padding thread ids in log
+ *
+ *    Revision 1.38  2002/03/31 17:18:59  jongfoster
+ *    Win32 only: Enabling STRICT to fix a VC++ compile warning.
+ *
+ *    Revision 1.37  2002/03/27 14:32:43  david__schmidt
+ *    More compiler warning message maintenance
+ *
+ *    Revision 1.36  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.35  2002/03/24 15:23:33  jongfoster
+ *    Name changes
+ *
+ *    Revision 1.34  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.33  2002/03/13 00:27:04  jongfoster
+ *    Killing warnings
+ *
+ *    Revision 1.32  2002/03/07 03:46:17  oes
+ *    Fixed compiler warnings
+ *
+ *    Revision 1.31  2002/03/06 23:02:57  jongfoster
+ *    Removing tabs
+ *
+ *    Revision 1.30  2002/03/05 22:43:45  david__schmidt
+ *    - Better error reporting on OS/2
+ *    - Fix double-slash comment (oops)
+ *
+ *    Revision 1.29  2002/03/04 23:45:13  jongfoster
+ *    Printing thread ID if using Win32 native threads
+ *
+ *    Revision 1.28  2002/03/04 17:59:59  oes
+ *    Deleted deletePidFile(), cosmetics
+ *
+ *    Revision 1.27  2002/03/04 02:08:01  david__schmidt
+ *    Enable web editing of actions file on OS/2 (it had been broken all this time!)
+ *
+ *    Revision 1.26  2002/01/09 19:05:45  steudten
+ *    Fix big memory leak.
+ *
+ *    Revision 1.25  2002/01/09 14:32:08  oes
+ *    Added support for gmtime_r and localtime_r.
+ *
+ *    Revision 1.24  2001/12/30 14:07:32  steudten
+ *    - Add signal handling (unix)
+ *    - Add SIGHUP handler (unix)
+ *    - Add creation of pidfile (unix)
+ *    - Add action 'top' in rc file (RH)
+ *    - Add entry 'SIGNALS' to manpage
+ *    - Add exit message to logfile (unix)
+ *
+ *    Revision 1.23  2001/11/07 00:02:13  steudten
+ *    Add line number in error output for lineparsing for
+ *    actionsfile and configfile.
+ *    Special handling for CLF added.
+ *
+ *    Revision 1.22  2001/11/05 23:43:05  steudten
+ *    Add time+date to log files.
+ *
+ *    Revision 1.21  2001/10/25 03:40:47  david__schmidt
+ *    Change in porting tactics: OS/2's EMX porting layer doesn't allow multiple
+ *    threads to call select() simultaneously.  So, it's time to do a real, live,
+ *    native OS/2 port.  See defines for __EMX__ (the porting layer) vs. __OS2__
+ *    (native). Both versions will work, but using __OS2__ offers multi-threading.
+ *
+ *    Revision 1.20  2001/09/16 23:04:34  jongfoster
+ *    Fixing a warning
+ *
+ *    Revision 1.19  2001/09/13 20:08:06  jongfoster
+ *    Adding support for LOG_LEVEL_CGI
+ *
+ *    Revision 1.18  2001/09/10 11:27:24  oes
+ *    Declaration of w32_socket_strerr now conditional
+ *
+ *    Revision 1.17  2001/09/10 10:17:13  oes
+ *    Removed unused variable; Fixed sprintf format
+ *
+ *    Revision 1.16  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.15  2001/07/29 17:41:10  jongfoster
+ *    Now prints thread ID for each message (pthreads only)
+ *
+ *    Revision 1.14  2001/07/19 19:03:48  haroon
+ *    - Added case for LOG_LEVEL_POPUPS
+ *
+ *    Revision 1.13  2001/07/13 13:58:58  oes
+ *     - Added case for LOG_LEVEL_DEANIMATE
+ *     - Removed all #ifdef PCRS
+ *
+ *    Revision 1.12  2001/06/09 10:55:28  jongfoster
+ *    Changing BUFSIZ ==> BUFFER_SIZE
+ *
+ *    Revision 1.11  2001/06/01 18:14:49  jongfoster
+ *    Changing the calls to strerr() to check HAVE_STRERR (which is defined
+ *    in config.h if appropriate) rather than the NO_STRERR macro.
+ *
+ *    Revision 1.10  2001/05/29 11:52:21  oes
+ *    Conditional compilation of w32_socket_error
+ *
+ *    Revision 1.9  2001/05/28 16:15:17  jongfoster
+ *    Improved reporting of errors under Win32.
+ *
+ *    Revision 1.8  2001/05/26 17:25:14  jongfoster
+ *    Added support for CLF (Common Log Format) and fixed LOG_LEVEL_LOG
+ *
+ *    Revision 1.7  2001/05/26 15:21:28  jongfoster
+ *    Activity animation in Win32 GUI now works even if debug==0
+ *
+ *    Revision 1.6  2001/05/25 21:55:08  jongfoster
+ *    Now cleans up properly on FATAL (removes taskbar icon etc)
+ *
+ *    Revision 1.5  2001/05/22 18:46:04  oes
+ *
+ *    - Enabled filtering banners by size rather than URL
+ *      by adding patterns that replace all standard banner
+ *      sizes with the "Junkbuster" gif to the re_filterfile
+ *
+ *    - Enabled filtering WebBugs by providing a pattern
+ *      which kills all 1x1 images
+ *
+ *    - Added support for PCRE_UNGREEDY behaviour to pcrs,
+ *      which is selected by the (nonstandard and therefore
+ *      capital) letter 'U' in the option string.
+ *      It causes the quantifiers to be ungreedy by default.
+ *      Appending a ? turns back to greedy (!).
+ *
+ *    - Added a new interceptor ijb-send-banner, which
+ *      sends back the "Junkbuster" gif. Without imagelist or
+ *      MSIE detection support, or if tinygif = 1, or the
+ *      URL isn't recognized as an imageurl, a lame HTML
+ *      explanation is sent instead.
+ *
+ *    - Added new feature, which permits blocking remote
+ *      script redirects and firing back a local redirect
+ *      to the browser.
+ *      The feature is conditionally compiled, i.e. it
+ *      can be disabled with --disable-fast-redirects,
+ *      plus it must be activated by a "fast-redirects"
+ *      line in the config file, has its own log level
+ *      and of course wants to be displayed by show-proxy-args
+ *      Note: Boy, all the #ifdefs in 1001 locations and
+ *      all the fumbling with configure.in and acconfig.h
+ *      were *way* more work than the feature itself :-(
+ *
+ *    - Because a generic redirect template was needed for
+ *      this, tinygif = 3 now uses the same.
+ *
+ *    - Moved GIFs, and other static HTTP response templates
+ *      to project.h
+ *
+ *    - Some minor fixes
+ *
+ *    - Removed some >400 CRs again (Jon, you really worked
+ *      a lot! ;-)
+ *
+ *    Revision 1.4  2001/05/21 19:32:54  jongfoster
+ *    Added another #ifdef _WIN_CONSOLE
+ *
+ *    Revision 1.3  2001/05/20 01:11:40  jongfoster
+ *    Added support for LOG_LEVEL_FATAL
+ *    Renamed LOG_LEVEL_FRC to LOG_LEVEL_FORCE,
+ *    and LOG_LEVEL_REF to LOG_LEVEL_RE_FILTER
+ *
+ *    Revision 1.2  2001/05/17 22:42:01  oes
+ *     - Cleaned CRLF's from the sources and related files
+ *     - Repaired logging for REF and FRC
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:51  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <stdarg.h>
+#include <string.h>
+
+#include "config.h"
+#include "miscutil.h"
+
+/* For gettimeofday() */
+#include <sys/time.h>
+
+#if !defined(_WIN32) && !defined(__OS2__)
+#include <unistd.h>
+#endif /* !defined(_WIN32) && !defined(__OS2__) */
+
+#include <errno.h>
+#include <assert.h>
+
+#ifdef _WIN32
+#ifndef STRICT
+#define STRICT
+#endif
+#include <windows.h>
+#ifndef _WIN_CONSOLE
+#include "w32log.h"
+#endif /* ndef _WIN_CONSOLE */
+#endif /* def _WIN32 */
+#ifdef _MSC_VER
+#define inline __inline
+#endif /* def _MSC_VER */
+
+#ifdef __OS2__
+#include <sys/socket.h> /* For sock_errno */
+#define INCL_DOS
+#include <os2.h>
+#endif
+
+#include "errlog.h"
+#include "project.h"
+#include "jcc.h"
+
+const char errlog_h_rcs[] = ERRLOG_H_VERSION;
+
+
+/*
+ * LOG_LEVEL_FATAL cannot be turned off.  (There are
+ * some exceptional situations where we need to get a
+ * message to the user).
+ */
+#define LOG_LEVEL_MINIMUM  LOG_LEVEL_FATAL
+
+/* where to log (default: stderr) */
+static FILE *logfp = NULL;
+
+/* logging detail level. XXX: stupid name. */
+static int debug = (LOG_LEVEL_FATAL | LOG_LEVEL_ERROR);
+
+/* static functions */
+static void fatal_error(const char * error_message);
+#ifdef _WIN32
+static char *w32_socket_strerr(int errcode, char *tmp_buf);
+#endif
+#ifdef __OS2__
+static char *os2_socket_strerr(int errcode, char *tmp_buf);
+#endif
+
+#ifdef MUTEX_LOCKS_AVAILABLE
+static inline void lock_logfile(void)
+{
+   privoxy_mutex_lock(&log_mutex);
+}
+static inline void unlock_logfile(void)
+{
+   privoxy_mutex_unlock(&log_mutex);
+}
+static inline void lock_loginit(void)
+{
+   privoxy_mutex_lock(&log_init_mutex);
+}
+static inline void unlock_loginit(void)
+{
+   privoxy_mutex_unlock(&log_init_mutex);
+}
+#else /* ! MUTEX_LOCKS_AVAILABLE */
+/*
+ * FIXME we need a cross-platform locking mechanism.
+ * The locking/unlocking functions below should be 
+ * fleshed out for non-pthread implementations.
+ */ 
+static inline void lock_logfile() {}
+static inline void unlock_logfile() {}
+static inline void lock_loginit() {}
+static inline void unlock_loginit() {}
+#endif
+
+/*********************************************************************
+ *
+ * Function    :  fatal_error
+ *
+ * Description :  Displays a fatal error to standard error (or, on 
+ *                a WIN32 GUI, to a dialog box), and exits Privoxy
+ *                with status code 1.
+ *
+ * Parameters  :
+ *          1  :  error_message = The error message to display.
+ *
+ * Returns     :  Does not return.
+ *
+ *********************************************************************/
+static void fatal_error(const char *error_message)
+{
+#if defined(_WIN32) && !defined(_WIN_CONSOLE)
+   /* Skip timestamp and thread id for the message box. */
+   const char *box_message = strstr(error_message, "Fatal error");
+   if (NULL == box_message)
+   {
+      /* Shouldn't happen but ... */
+      box_message = error_message;
+   }
+   MessageBox(g_hwndLogFrame, box_message, "Privoxy Error", 
+      MB_OK | MB_ICONERROR | MB_TASKMODAL | MB_SETFOREGROUND | MB_TOPMOST);  
+
+   /* Cleanup - remove taskbar icon etc. */
+   TermLogWindow();
+#endif /* defined(_WIN32) && !defined(_WIN_CONSOLE) */
+
+   if (logfp != NULL)
+   {
+      fputs(error_message, logfp);
+   }
+
+#if defined(unix)
+   if (pidfile)
+   {
+      unlink(pidfile);
+   }
+#endif /* unix */
+
+   exit(1);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  show_version
+ *
+ * Description :  Logs the Privoxy version and the program name.
+ *
+ * Parameters  :
+ *          1  :  prog_name = The program name.
+ *
+ * Returns     :  Nothing.
+ *
+ *********************************************************************/
+void show_version(const char *prog_name)
+{
+   log_error(LOG_LEVEL_INFO, "Privoxy version " VERSION);
+   if (prog_name != NULL)
+   {
+      log_error(LOG_LEVEL_INFO, "Program name: %s", prog_name);
+   }
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  init_log_module
+ *
+ * Description :  Initializes the logging module to log to stderr.
+ *                Can only be called while stderr hasn't been closed
+ *                yet and is only supposed to be called once.
+ *
+ * Parameters  :
+ *          1  :  prog_name = The program name.
+ *
+ * Returns     :  Nothing.
+ *
+ *********************************************************************/
+void init_log_module(void)
+{
+   lock_logfile();
+   logfp = stderr;
+   unlock_logfile();
+   set_debug_level(debug);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  set_debug_level
+ *
+ * Description :  Sets the debug level to the provided value
+ *                plus LOG_LEVEL_MINIMUM.
+ *
+ *                XXX: we should only use the LOG_LEVEL_MINIMUM
+ *                until the first time the configuration file has
+ *                been parsed.
+ *                
+ * Parameters  :  1: debug_level = The debug level to set.
+ *
+ * Returns     :  Nothing.
+ *
+ *********************************************************************/
+void set_debug_level(int debug_level)
+{
+   debug = debug_level | LOG_LEVEL_MINIMUM;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  disable_logging
+ *
+ * Description :  Disables logging.
+ *                
+ * Parameters  :  None.
+ *
+ * Returns     :  Nothing.
+ *
+ *********************************************************************/
+void disable_logging(void)
+{
+   if (logfp != NULL)
+   {
+      log_error(LOG_LEVEL_INFO,
+         "No logfile configured. Please enable it before reporting any problems.");
+      lock_logfile();
+      fclose(logfp);
+      logfp = NULL;
+      unlock_logfile();
+   }
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  init_error_log
+ *
+ * Description :  Initializes the logging module to log to a file.
+ *
+ *                XXX: should be renamed.
+ *
+ * Parameters  :
+ *          1  :  prog_name  = The program name.
+ *          2  :  logfname   = The logfile to (re)open.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void init_error_log(const char *prog_name, const char *logfname)
+{
+   FILE *fp;
+
+   assert(NULL != logfname);
+
+   lock_loginit();
+
+   if ((logfp != NULL) && (logfp != stderr))
+   {
+      log_error(LOG_LEVEL_INFO, "(Re-)Opening logfile \'%s\'", logfname);
+   }
+
+   /* set the designated log file */
+   fp = fopen(logfname, "a");
+   if ((NULL == fp) && (logfp != NULL))
+   {
+      /*
+       * Some platforms (like OS/2) don't allow us to open
+       * the same file twice, therefore we give it another
+       * shot after closing the old file descriptor first.
+       *
+       * We don't do it right away because it prevents us
+       * from logging the "can't open logfile" message to
+       * the old logfile.
+       *
+       * XXX: this is a lame workaround and once the next
+       * release is out we should stop bothering reopening
+       * the logfile unless we have to.
+       *
+       * Currently we reopen it every time the config file
+       * has been reloaded, but actually we only have to
+       * reopen it if the file name changed or if the
+       * configuration reloas was caused by a SIGHUP.
+       */
+      log_error(LOG_LEVEL_INFO, "Failed to reopen logfile: \'%s\'. "
+         "Retrying after closing the old file descriptor first. If that "
+         "doesn't work, Privoxy will exit without being able to log a message.",
+         logfname);
+      lock_logfile();
+      fclose(logfp);
+      logfp = NULL;
+      unlock_logfile();
+      fp = fopen(logfname, "a");
+   }
+
+   if (NULL == fp)
+   {
+      log_error(LOG_LEVEL_FATAL, "init_error_log(): can't open logfile: \'%s\'", logfname);
+   }
+
+   /* set logging to be completely unbuffered */
+   setbuf(fp, NULL);
+
+   lock_logfile();
+   if (logfp != NULL)
+   {
+      fclose(logfp);
+   }
+   logfp = fp;
+   unlock_logfile();
+
+   show_version(prog_name);
+
+   unlock_loginit();
+
+} /* init_error_log */
+
+
+/*********************************************************************
+ *
+ * Function    :  get_thread_id
+ *
+ * Description :  Returns a number that is different for each thread.
+ *
+ *                XXX: Should be moved elsewhere (miscutil.c?)
+ *                
+ * Parameters  :  None
+ *
+ * Returns     :  thread_id
+ *
+ *********************************************************************/
+static long get_thread_id(void)
+{
+   long this_thread = 1;  /* was: pthread_t this_thread;*/
+
+#ifdef __OS2__
+   PTIB     ptib;
+   APIRET   ulrc; /* XXX: I have no clue what this does */
+#endif /* __OS2__ */
+
+   /* FIXME get current thread id */
+#ifdef FEATURE_PTHREAD
+   this_thread = (long)pthread_self();
+#ifdef __MACH__
+   /*
+    * Mac OSX (and perhaps other Mach instances) doesn't have a debuggable
+    * value at the first 4 bytes of pthread_self()'s return value, a pthread_t.
+    * pthread_t is supposed to be opaque... but it's fairly random, though, so
+    * we make it mostly presentable.
+    */
+   this_thread = abs(this_thread % 1000);
+#endif /* def __MACH__ */
+#elif defined(_WIN32)
+   this_thread = GetCurrentThreadId();
+#elif defined(__OS2__)
+   ulrc = DosGetInfoBlocks(&ptib, NULL);
+   if (ulrc == 0)
+     this_thread = ptib -> tib_ptib2 -> tib2_ultid;
+#endif /* def FEATURE_PTHREAD */
+
+   return this_thread;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_log_timestamp
+ *
+ * Description :  Generates the time stamp for the log message prefix.
+ *
+ * Parameters  :
+ *          1  :  buffer = Storage buffer
+ *          2  :  buffer_size = Size of storage buffer
+ *
+ * Returns     :  Number of written characters or 0 for error.
+ *
+ *********************************************************************/
+static inline size_t get_log_timestamp(char *buffer, size_t buffer_size)
+{
+   size_t length;
+   time_t now; 
+   struct tm tm_now;
+   struct timeval tv_now; /* XXX: stupid name */
+   long msecs;
+   int msecs_length = 0;
+
+   gettimeofday(&tv_now, NULL);
+   msecs = tv_now.tv_usec / 1000;
+
+   time(&now);
+
+#ifdef HAVE_LOCALTIME_R
+   tm_now = *localtime_r(&now, &tm_now);
+#elif FEATURE_PTHREAD
+   privoxy_mutex_lock(&localtime_mutex);
+   tm_now = *localtime(&now); 
+   privoxy_mutex_unlock(&localtime_mutex);
+#else
+   tm_now = *localtime(&now); 
+#endif
+
+   length = strftime(buffer, buffer_size, "%b %d %H:%M:%S", &tm_now);
+   if (length > (size_t)0)
+   {
+      msecs_length = snprintf(buffer+length, buffer_size - length, ".%.3ld", msecs);               
+   }
+   if (msecs_length > 0)
+   {
+      length += (size_t)msecs_length;
+   }
+   else
+   {
+      length = 0;
+   }
+
+   return length;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_clf_timestamp
+ *
+ * Description :  Generates a Common Log Format time string.
+ *
+ * Parameters  :
+ *          1  :  buffer = Storage buffer
+ *          2  :  buffer_size = Size of storage buffer
+ *
+ * Returns     :  Number of written characters or 0 for error.
+ *
+ *********************************************************************/
+static inline size_t get_clf_timestamp(char *buffer, size_t buffer_size)
+{
+   /*
+    * Complex because not all OSs have tm_gmtoff or
+    * the %z field in strftime()
+    */
+   time_t now;
+   struct tm *tm_now; 
+   struct tm gmt;
+#ifdef HAVE_LOCALTIME_R
+   struct tm dummy;
+#endif
+   int days, hrs, mins;
+   size_t length;
+   int tz_length = 0;
+
+   time (&now); 
+#ifdef HAVE_GMTIME_R
+   gmt = *gmtime_r(&now, &gmt);
+#elif FEATURE_PTHREAD
+   privoxy_mutex_lock(&gmtime_mutex);
+   gmt = *gmtime(&now);
+   privoxy_mutex_unlock(&gmtime_mutex);
+#else
+   gmt = *gmtime(&now);
+#endif
+#ifdef HAVE_LOCALTIME_R
+   tm_now = localtime_r(&now, &dummy);
+#elif FEATURE_PTHREAD
+   privoxy_mutex_lock(&localtime_mutex);
+   tm_now = localtime(&now); 
+   privoxy_mutex_unlock(&localtime_mutex);
+#else
+   tm_now = localtime(&now); 
+#endif
+   days = tm_now->tm_yday - gmt.tm_yday; 
+   hrs = ((days < -1 ? 24 : 1 < days ? -24 : days * 24) + tm_now->tm_hour - gmt.tm_hour); 
+   mins = hrs * 60 + tm_now->tm_min - gmt.tm_min; 
+
+   length = strftime(buffer, buffer_size, "%d/%b/%Y:%H:%M:%S ", tm_now);
+
+   if (length > (size_t)0)
+   {
+      tz_length = snprintf(buffer+length, buffer_size-length,
+                     "%+03d%02d", mins / 60, abs(mins) % 60);
+   }
+   if (tz_length > 0)
+   {
+      length += (size_t)tz_length;
+   }
+   else
+   {
+      length = 0;
+   }
+
+   return length;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_log_level_string
+ *
+ * Description :  Translates a numerical loglevel into a string.
+ *
+ * Parameters  :  
+ *          1  :  loglevel = LOG_LEVEL_FOO
+ *
+ * Returns     :  Log level string.
+ *
+ *********************************************************************/
+static inline const char *get_log_level_string(int loglevel)
+{
+   char *log_level_string = NULL;
+
+   assert(0 < loglevel);
+
+   switch (loglevel)
+   {
+      case LOG_LEVEL_ERROR:
+         log_level_string = "Error";
+         break;
+      case LOG_LEVEL_FATAL:
+         log_level_string = "Fatal error";
+         break;
+      case LOG_LEVEL_GPC:
+         log_level_string = "Request";
+         break;
+      case LOG_LEVEL_CONNECT:
+         log_level_string = "Connect";
+         break;
+      case LOG_LEVEL_LOG:
+         log_level_string = "Writing";
+         break;
+      case LOG_LEVEL_HEADER:
+         log_level_string = "Header";
+         break;
+      case LOG_LEVEL_INFO:
+         log_level_string = "Info";
+         break;
+      case LOG_LEVEL_RE_FILTER:
+         log_level_string = "Re-Filter";
+         break;
+#ifdef FEATURE_FORCE_LOAD
+      case LOG_LEVEL_FORCE:
+         log_level_string = "Force";
+         break;
+#endif /* def FEATURE_FORCE_LOAD */
+#ifdef FEATURE_FAST_REDIRECTS
+      case LOG_LEVEL_REDIRECTS:
+         log_level_string = "Redirect";
+         break;
+#endif /* def FEATURE_FAST_REDIRECTS */
+      case LOG_LEVEL_DEANIMATE:
+         log_level_string = "Gif-Deanimate";
+         break;
+      case LOG_LEVEL_CRUNCH:
+         log_level_string = "Crunch";
+         break;
+      case LOG_LEVEL_CGI:
+         log_level_string = "CGI";
+         break;
+      default:
+         log_level_string = "Unknown log level";
+         break;
+   }
+   assert(NULL != log_level_string);
+
+   return log_level_string;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  log_error
+ *
+ * Description :  This is the error-reporting and logging function.
+ *
+ * Parameters  :
+ *          1  :  loglevel  = the type of message to be logged
+ *          2  :  fmt       = the main string we want logged, printf-like
+ *          3  :  ...       = arguments to be inserted in fmt (printf-like).
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void log_error(int loglevel, const char *fmt, ...)
+{
+   va_list ap;
+   char *outbuf = NULL;
+   static char *outbuf_save = NULL;
+   char tempbuf[BUFFER_SIZE];
+   size_t length = 0;
+   const char * src = fmt;
+   long thread_id;
+   char timestamp[30];
+   /*
+    * XXX: Make this a config option,
+    * why else do we allocate instead of using
+    * an array?
+    */
+   size_t log_buffer_size = BUFFER_SIZE;
+
+#if defined(_WIN32) && !defined(_WIN_CONSOLE)
+   /*
+    * Irrespective of debug setting, a GET/POST/CONNECT makes
+    * the taskbar icon animate.  (There is an option to disable
+    * this but checking that is handled inside LogShowActivity()).
+    */
+   if ((loglevel == LOG_LEVEL_GPC) || (loglevel == LOG_LEVEL_CRUNCH))
+   {
+      LogShowActivity();
+   }
+#endif /* defined(_WIN32) && !defined(_WIN_CONSOLE) */
+
+   /*
+    * verify that the loglevel applies to current
+    * settings and that logging is enabled.
+    * Bail out otherwise.
+    */
+   if ((0 == (loglevel & debug))
+#ifndef _WIN32
+      || (logfp == NULL)
+#endif
+      )
+   {
+      if (loglevel == LOG_LEVEL_FATAL)
+      {
+         fatal_error("Fatal error. You're not supposed to"
+            "see this message. Please file a bug report.");
+      }
+      return;
+   }
+
+   thread_id = get_thread_id();
+   get_log_timestamp(timestamp, sizeof(timestamp));
+
+   /* protect the whole function because of the static buffer (outbuf) */
+   lock_logfile();
+
+   if (NULL == outbuf_save) 
+   {
+      outbuf_save = (char*)zalloc(log_buffer_size + 1); /* +1 for paranoia */
+      if (NULL == outbuf_save)
+      {
+         snprintf(tempbuf, sizeof(tempbuf),
+            "%s %08lx Fatal error: Out of memory in log_error().",
+            timestamp, thread_id);
+         fatal_error(tempbuf); /* Exit */
+         return;
+      }
+   }
+   outbuf = outbuf_save;
+
+   /*
+    * Memsetting the whole buffer to zero (in theory)
+    * makes things easier later on.
+    */
+   memset(outbuf, 0, log_buffer_size);
+
+   /* Add prefix for everything but Common Log Format messages */
+   if (loglevel != LOG_LEVEL_CLF)
+   {
+      length = (size_t)snprintf(outbuf, log_buffer_size, "%s %08lx %s: ",
+         timestamp, thread_id, get_log_level_string(loglevel));
+   }
+
+   /* get ready to scan var. args. */
+   va_start(ap, fmt);
+
+   /* build formatted message from fmt and var-args */
+   while ((*src) && (length < log_buffer_size-2))
+   {
+      const char *sval = NULL; /* %N string  */
+      int ival;                /* %N string length or an error code */
+      unsigned uval;           /* %u value */
+      long lval;               /* %l value */
+      unsigned long ulval;     /* %ul value */
+      char ch;
+      const char *format_string = tempbuf;
+
+      ch = *src++;
+      if (ch != '%')
+      {
+         outbuf[length++] = ch;
+         /*
+          * XXX: Only necessary on platforms where multiple threads
+          * can write to the buffer at the same time because we
+          * don't support mutexes (OS/2 for example).
+          */
+         outbuf[length] = '\0';
+         continue;
+      }
+      outbuf[length] = '\0';
+      ch = *src++;
+      switch (ch) {
+         case '%':
+            tempbuf[0] = '%';
+            tempbuf[1] = '\0';
+            break;
+         case 'd':
+            ival = va_arg( ap, int );
+            snprintf(tempbuf, sizeof(tempbuf), "%d", ival);
+            break;
+         case 'u':
+            uval = va_arg( ap, unsigned );
+            snprintf(tempbuf, sizeof(tempbuf), "%u", uval);
+            break;
+         case 'l':
+            /* this is a modifier that must be followed by u, lu, or d */
+            ch = *src++;
+            if (ch == 'd')
+            {
+               lval = va_arg( ap, long );
+               snprintf(tempbuf, sizeof(tempbuf), "%ld", lval);
+            }
+            else if (ch == 'u')
+            {
+               ulval = va_arg( ap, unsigned long );
+               snprintf(tempbuf, sizeof(tempbuf), "%lu", ulval);
+            }
+            else if ((ch == 'l') && (*src == 'u'))
+            {
+               unsigned long long lluval = va_arg(ap, unsigned long long);
+               snprintf(tempbuf, sizeof(tempbuf), "%llu", lluval);
+               ch = *src++;
+            }
+            else
+            {
+               snprintf(tempbuf, sizeof(tempbuf), "Bad format string: \"%s\"", fmt);
+               loglevel = LOG_LEVEL_FATAL;
+            }
+            break;
+         case 'c':
+            /*
+             * Note that char paramaters are converted to int, so we need to
+             * pass "int" to va_arg.  (See K&R, 2nd ed, section A7.3.2, page 202)
+             */
+            tempbuf[0] = (char) va_arg(ap, int);
+            tempbuf[1] = '\0';
+            break;
+         case 's':
+            format_string = va_arg(ap, char *);
+            if (format_string == NULL)
+            {
+               format_string = "[null]";
+            }
+            break;
+         case 'N':
+            /*
+             * Non-standard: Print a counted unterminated string.
+             * Takes 2 parameters: int length, const char * string.
+             */
+            ival = va_arg(ap, int);
+            sval = va_arg(ap, char *);
+            if (sval == NULL)
+            {
+               format_string = "[null]";
+            }
+            else if (ival <= 0)
+            {
+               if (0 == ival)
+               {
+                  /* That's ok (but stupid) */
+                  tempbuf[0] = '\0';
+               }
+               else
+               {
+                  /*
+                   * That's not ok (and even more stupid)
+                   */
+                  assert(ival >= 0);
+                  format_string = "[counted string lenght < 0]";
+               }
+            }
+            else if ((size_t)ival >= sizeof(tempbuf))
+            {
+               /*
+                * String is too long, copy as much as possible.
+                * It will be further truncated later.
+                */
+               memcpy(tempbuf, sval, sizeof(tempbuf)-1);
+               tempbuf[sizeof(tempbuf)-1] = '\0';
+            }
+            else
+            {
+               memcpy(tempbuf, sval, (size_t) ival);
+               tempbuf[ival] = '\0';
+            }
+            break;
+         case 'E':
+            /* Non-standard: Print error code from errno */
+#ifdef _WIN32
+            ival = WSAGetLastError();
+            format_string = w32_socket_strerr(ival, tempbuf);
+#elif __OS2__
+            ival = sock_errno();
+            if (ival != 0)
+            {
+               format_string = os2_socket_strerr(ival, tempbuf);
+            }
+            else
+            {
+               ival = errno;
+               format_string = strerror(ival);
+            }
+#else /* ifndef _WIN32 */
+            ival = errno; 
+#ifdef HAVE_STRERROR
+            format_string = strerror(ival);
+#else /* ifndef HAVE_STRERROR */
+            format_string = NULL;
+#endif /* ndef HAVE_STRERROR */
+            if (sval == NULL)
+            {
+               snprintf(tempbuf, sizeof(tempbuf), "(errno = %d)", ival);
+            }
+#endif /* ndef _WIN32 */
+            break;
+         case 'T':
+            /* Non-standard: Print a Common Log File timestamp */
+            get_clf_timestamp(tempbuf, sizeof(tempbuf));
+            break;
+         default:
+            snprintf(tempbuf, sizeof(tempbuf), "Bad format string: \"%s\"", fmt);
+            loglevel = LOG_LEVEL_FATAL;
+            break;
+      } /* switch( p ) */
+
+      assert(length < log_buffer_size);
+      length += strlcpy(outbuf + length, format_string, log_buffer_size - length);
+
+      if (length >= log_buffer_size-2)
+      {
+         static char warning[] = "... [too long, truncated]";
+
+         length = log_buffer_size - sizeof(warning) - 1;
+         length += strlcpy(outbuf + length, warning, log_buffer_size - length);
+         assert(length < log_buffer_size);
+
+         break;
+      }
+   } /* for( p ... ) */
+
+   /* done with var. args */
+   va_end(ap);
+
+   assert(length < log_buffer_size);
+   length += strlcpy(outbuf + length, "\n", log_buffer_size - length);
+
+   /* Some sanity checks */
+   if ((length >= log_buffer_size)
+    || (outbuf[log_buffer_size-1] != '\0')
+    || (outbuf[log_buffer_size] != '\0')
+      )
+   {
+      /* Repeat as assertions */
+      assert(length < log_buffer_size);
+      assert(outbuf[log_buffer_size-1] == '\0');
+      /*
+       * outbuf's real size is log_buffer_size+1,
+       * so while this looks like an off-by-one,
+       * we're only checking our paranoia byte.
+       */
+      assert(outbuf[log_buffer_size] == '\0');
+
+      snprintf(outbuf, log_buffer_size,
+         "%s %08lx Fatal error: log_error()'s sanity checks failed."
+         "length: %d. Exiting.",
+         timestamp, thread_id, (int)length);
+      loglevel = LOG_LEVEL_FATAL;
+   }
+
+#ifndef _WIN32
+   /*
+    * On Windows this is acceptable in case
+    * we are logging to the GUI window only.
+    */
+   assert(NULL != logfp);
+#endif
+
+   if (loglevel == LOG_LEVEL_FATAL)
+   {
+      fatal_error(outbuf_save);
+      /* Never get here */
+   }
+   if (logfp != NULL)
+   {
+      fputs(outbuf_save, logfp);
+   }
+
+#if defined(_WIN32) && !defined(_WIN_CONSOLE)
+   /* Write to display */
+   LogPutString(outbuf_save);
+#endif /* defined(_WIN32) && !defined(_WIN_CONSOLE) */
+
+   unlock_logfile();
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  jb_err_to_string
+ *
+ * Description :  Translates JB_ERR_FOO codes into strings.
+ *
+ *                XXX: the type of error codes is jb_err
+ *                but the typedef'inition is currently not
+ *                visible to all files that include errlog.h.
+ *
+ * Parameters  :
+ *          1  :  error = a valid jb_err code
+ *
+ * Returns     :  A string with the jb_err translation
+ *
+ *********************************************************************/
+const char *jb_err_to_string(int error)
+{
+   switch (error)
+   {
+      case JB_ERR_OK:
+         return "Success, no error";
+      case JB_ERR_MEMORY:
+         return "Out of memory";
+      case JB_ERR_CGI_PARAMS:
+         return "Missing or corrupt CGI parameters";
+      case JB_ERR_FILE:
+         return "Error opening, reading or writing a file";
+      case JB_ERR_PARSE:
+         return "Parse error";
+      case JB_ERR_MODIFIED:
+         return "File has been modified outside of the CGI actions editor.";
+      case JB_ERR_COMPRESS:
+         return "(De)compression failure";
+      default:
+         assert(0);
+         return "Unknown error";
+   }
+   assert(0);
+   return "Internal error";
+}
+
+#ifdef _WIN32
+/*********************************************************************
+ *
+ * Function    :  w32_socket_strerr
+ *
+ * Description :  Translate the return value from WSAGetLastError()
+ *                into a string.
+ *
+ * Parameters  :
+ *          1  :  errcode = The return value from WSAGetLastError().
+ *          2  :  tmp_buf = A temporary buffer that might be used to
+ *                          store the string.
+ *
+ * Returns     :  String representing the error code.  This may be
+ *                a global string constant or a string stored in
+ *                tmp_buf.
+ *
+ *********************************************************************/
+static char *w32_socket_strerr(int errcode, char *tmp_buf)
+{
+#define TEXT_FOR_ERROR(code,text) \
+   if (errcode == code)           \
+   {                              \
+      return #code " - " text;    \
+   }
+
+   TEXT_FOR_ERROR(WSAEACCES, "Permission denied")
+   TEXT_FOR_ERROR(WSAEADDRINUSE, "Address already in use.")
+   TEXT_FOR_ERROR(WSAEADDRNOTAVAIL, "Cannot assign requested address.");
+   TEXT_FOR_ERROR(WSAEAFNOSUPPORT, "Address family not supported by protocol family.");
+   TEXT_FOR_ERROR(WSAEALREADY, "Operation already in progress.");
+   TEXT_FOR_ERROR(WSAECONNABORTED, "Software caused connection abort.");
+   TEXT_FOR_ERROR(WSAECONNREFUSED, "Connection refused.");
+   TEXT_FOR_ERROR(WSAECONNRESET, "Connection reset by peer.");
+   TEXT_FOR_ERROR(WSAEDESTADDRREQ, "Destination address required.");
+   TEXT_FOR_ERROR(WSAEFAULT, "Bad address.");
+   TEXT_FOR_ERROR(WSAEHOSTDOWN, "Host is down.");
+   TEXT_FOR_ERROR(WSAEHOSTUNREACH, "No route to host.");
+   TEXT_FOR_ERROR(WSAEINPROGRESS, "Operation now in progress.");
+   TEXT_FOR_ERROR(WSAEINTR, "Interrupted function call.");
+   TEXT_FOR_ERROR(WSAEINVAL, "Invalid argument.");
+   TEXT_FOR_ERROR(WSAEISCONN, "Socket is already connected.");
+   TEXT_FOR_ERROR(WSAEMFILE, "Too many open sockets.");
+   TEXT_FOR_ERROR(WSAEMSGSIZE, "Message too long.");
+   TEXT_FOR_ERROR(WSAENETDOWN, "Network is down.");
+   TEXT_FOR_ERROR(WSAENETRESET, "Network dropped connection on reset.");
+   TEXT_FOR_ERROR(WSAENETUNREACH, "Network is unreachable.");
+   TEXT_FOR_ERROR(WSAENOBUFS, "No buffer space available.");
+   TEXT_FOR_ERROR(WSAENOPROTOOPT, "Bad protocol option.");
+   TEXT_FOR_ERROR(WSAENOTCONN, "Socket is not connected.");
+   TEXT_FOR_ERROR(WSAENOTSOCK, "Socket operation on non-socket.");
+   TEXT_FOR_ERROR(WSAEOPNOTSUPP, "Operation not supported.");
+   TEXT_FOR_ERROR(WSAEPFNOSUPPORT, "Protocol family not supported.");
+   TEXT_FOR_ERROR(WSAEPROCLIM, "Too many processes.");
+   TEXT_FOR_ERROR(WSAEPROTONOSUPPORT, "Protocol not supported.");
+   TEXT_FOR_ERROR(WSAEPROTOTYPE, "Protocol wrong type for socket.");
+   TEXT_FOR_ERROR(WSAESHUTDOWN, "Cannot send after socket shutdown.");
+   TEXT_FOR_ERROR(WSAESOCKTNOSUPPORT, "Socket type not supported.");
+   TEXT_FOR_ERROR(WSAETIMEDOUT, "Connection timed out.");
+   TEXT_FOR_ERROR(WSAEWOULDBLOCK, "Resource temporarily unavailable.");
+   TEXT_FOR_ERROR(WSAHOST_NOT_FOUND, "Host not found.");
+   TEXT_FOR_ERROR(WSANOTINITIALISED, "Successful WSAStartup not yet performed.");
+   TEXT_FOR_ERROR(WSANO_DATA, "Valid name, no data record of requested type.");
+   TEXT_FOR_ERROR(WSANO_RECOVERY, "This is a non-recoverable error.");
+   TEXT_FOR_ERROR(WSASYSNOTREADY, "Network subsystem is unavailable.");
+   TEXT_FOR_ERROR(WSATRY_AGAIN, "Non-authoritative host not found.");
+   TEXT_FOR_ERROR(WSAVERNOTSUPPORTED, "WINSOCK.DLL version out of range.");
+   TEXT_FOR_ERROR(WSAEDISCON, "Graceful shutdown in progress.");
+   /*
+    * The following error codes are documented in the Microsoft WinSock
+    * reference guide, but don't actually exist.
+    *
+    * TEXT_FOR_ERROR(WSA_INVALID_HANDLE, "Specified event object handle is invalid.");
+    * TEXT_FOR_ERROR(WSA_INVALID_PARAMETER, "One or more parameters are invalid.");
+    * TEXT_FOR_ERROR(WSAINVALIDPROCTABLE, "Invalid procedure table from service provider.");
+    * TEXT_FOR_ERROR(WSAINVALIDPROVIDER, "Invalid service provider version number.");
+    * TEXT_FOR_ERROR(WSA_IO_PENDING, "Overlapped operations will complete later.");
+    * TEXT_FOR_ERROR(WSA_IO_INCOMPLETE, "Overlapped I/O event object not in signaled state.");
+    * TEXT_FOR_ERROR(WSA_NOT_ENOUGH_MEMORY, "Insufficient memory available.");
+    * TEXT_FOR_ERROR(WSAPROVIDERFAILEDINIT, "Unable to initialize a service provider.");
+    * TEXT_FOR_ERROR(WSASYSCALLFAILURE, "System call failure.");
+    * TEXT_FOR_ERROR(WSA_OPERATION_ABORTED, "Overlapped operation aborted.");
+    */
+
+   sprintf(tmp_buf, "(error number %d)", errcode);
+   return tmp_buf;
+}
+#endif /* def _WIN32 */
+
+
+#ifdef __OS2__
+/*********************************************************************
+ *
+ * Function    :  os2_socket_strerr
+ *
+ * Description :  Translate the return value from sock_errno()
+ *                into a string.
+ *
+ * Parameters  :
+ *          1  :  errcode = The return value from sock_errno().
+ *          2  :  tmp_buf = A temporary buffer that might be used to
+ *                          store the string.
+ *
+ * Returns     :  String representing the error code.  This may be
+ *                a global string constant or a string stored in
+ *                tmp_buf.
+ *
+ *********************************************************************/
+static char *os2_socket_strerr(int errcode, char *tmp_buf)
+{
+#define TEXT_FOR_ERROR(code,text) \
+   if (errcode == code)           \
+   {                              \
+      return #code " - " text;    \
+   }
+
+   TEXT_FOR_ERROR(SOCEPERM          , "Not owner.")
+   TEXT_FOR_ERROR(SOCESRCH          , "No such process.")
+   TEXT_FOR_ERROR(SOCEINTR          , "Interrupted system call.")
+   TEXT_FOR_ERROR(SOCENXIO          , "No such device or address.")
+   TEXT_FOR_ERROR(SOCEBADF          , "Bad file number.")
+   TEXT_FOR_ERROR(SOCEACCES         , "Permission denied.")
+   TEXT_FOR_ERROR(SOCEFAULT         , "Bad address.")
+   TEXT_FOR_ERROR(SOCEINVAL         , "Invalid argument.")
+   TEXT_FOR_ERROR(SOCEMFILE         , "Too many open files.")
+   TEXT_FOR_ERROR(SOCEPIPE          , "Broken pipe.")
+   TEXT_FOR_ERROR(SOCEWOULDBLOCK    , "Operation would block.")
+   TEXT_FOR_ERROR(SOCEINPROGRESS    , "Operation now in progress.")
+   TEXT_FOR_ERROR(SOCEALREADY       , "Operation already in progress.")
+   TEXT_FOR_ERROR(SOCENOTSOCK       , "Socket operation on non-socket.")
+   TEXT_FOR_ERROR(SOCEDESTADDRREQ   , "Destination address required.")
+   TEXT_FOR_ERROR(SOCEMSGSIZE       , "Message too long.")
+   TEXT_FOR_ERROR(SOCEPROTOTYPE     , "Protocol wrong type for socket.")
+   TEXT_FOR_ERROR(SOCENOPROTOOPT    , "Protocol not available.")
+   TEXT_FOR_ERROR(SOCEPROTONOSUPPORT, "Protocol not supported.")
+   TEXT_FOR_ERROR(SOCESOCKTNOSUPPORT, "Socket type not supported.")
+   TEXT_FOR_ERROR(SOCEOPNOTSUPP     , "Operation not supported.")
+   TEXT_FOR_ERROR(SOCEPFNOSUPPORT   , "Protocol family not supported.")
+   TEXT_FOR_ERROR(SOCEAFNOSUPPORT   , "Address family not supported by protocol family.")
+   TEXT_FOR_ERROR(SOCEADDRINUSE     , "Address already in use.")
+   TEXT_FOR_ERROR(SOCEADDRNOTAVAIL  , "Can't assign requested address.")
+   TEXT_FOR_ERROR(SOCENETDOWN       , "Network is down.")
+   TEXT_FOR_ERROR(SOCENETUNREACH    , "Network is unreachable.")
+   TEXT_FOR_ERROR(SOCENETRESET      , "Network dropped connection on reset.")
+   TEXT_FOR_ERROR(SOCECONNABORTED   , "Software caused connection abort.")
+   TEXT_FOR_ERROR(SOCECONNRESET     , "Connection reset by peer.")
+   TEXT_FOR_ERROR(SOCENOBUFS        , "No buffer space available.")
+   TEXT_FOR_ERROR(SOCEISCONN        , "Socket is already connected.")
+   TEXT_FOR_ERROR(SOCENOTCONN       , "Socket is not connected.")
+   TEXT_FOR_ERROR(SOCESHUTDOWN      , "Can't send after socket shutdown.")
+   TEXT_FOR_ERROR(SOCETOOMANYREFS   , "Too many references: can't splice.")
+   TEXT_FOR_ERROR(SOCETIMEDOUT      , "Operation timed out.")
+   TEXT_FOR_ERROR(SOCECONNREFUSED   , "Connection refused.")
+   TEXT_FOR_ERROR(SOCELOOP          , "Too many levels of symbolic links.")
+   TEXT_FOR_ERROR(SOCENAMETOOLONG   , "File name too long.")
+   TEXT_FOR_ERROR(SOCEHOSTDOWN      , "Host is down.")
+   TEXT_FOR_ERROR(SOCEHOSTUNREACH   , "No route to host.")
+   TEXT_FOR_ERROR(SOCENOTEMPTY      , "Directory not empty.")
+   TEXT_FOR_ERROR(SOCEOS2ERR        , "OS/2 Error.")
+
+   sprintf(tmp_buf, "(error number %d)", errcode);
+   return tmp_buf;
+}
+#endif /* def __OS2__ */
+
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/errlog.h b/external/privoxy/errlog.h
new file mode 100644
index 0000000..4906331
--- /dev/null
+++ b/external/privoxy/errlog.h
@@ -0,0 +1,215 @@
+#ifndef ERRLOG_H_INCLUDED
+#define ERRLOG_H_INCLUDED
+#define ERRLOG_H_VERSION "$Id: errlog.h,v 1.22 2009/02/09 21:21:15 fabiankeil Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/errlog.h,v $
+ *
+ * Purpose     :  Log errors to a designated destination in an elegant,
+ *                printf-like fashion.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2009 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: errlog.h,v $
+ *    Revision 1.22  2009/02/09 21:21:15  fabiankeil
+ *    Now that init_log_module() is called earlier, call show_version()
+ *    later on from main() directly so it doesn't get called for --help
+ *    or --version.
+ *
+ *    Revision 1.21  2008/12/14 15:46:22  fabiankeil
+ *    Give crunched requests their own log level.
+ *
+ *    Revision 1.20  2008/03/27 18:27:23  fabiankeil
+ *    Remove kill-popups action.
+ *
+ *    Revision 1.19  2007/10/14 14:12:41  fabiankeil
+ *    When in daemon mode, close stderr after the configuration file has been
+ *    parsed the first time. If logfile isn't set, stop logging. Fixes BR#897436.
+ *
+ *    Revision 1.18  2007/07/14 07:28:47  fabiankeil
+ *    Add translation function for JB_ERR_FOO codes.
+ *
+ *    Revision 1.17  2007/03/31 13:33:28  fabiankeil
+ *    Add alternative log_error() with timestamps
+ *    that contain milliseconds and without using
+ *    strcpy(), strcat() or sprintf().
+ *
+ *    Revision 1.16  2006/11/28 15:29:50  fabiankeil
+ *    Define LOG_LEVEL_REDIRECTS independently of
+ *    FEATURE_FAST_REDIRECTS. It is used by redirect{}
+ *    as well.
+ *
+ *    Revision 1.15  2006/07/18 14:48:46  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.13.2.1  2002/08/05 17:57:06  oes
+ *    Cosmetic change
+ *
+ *    Revision 1.13  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.12  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.11  2002/03/06 23:02:57  jongfoster
+ *    Removing tabs
+ *
+ *    Revision 1.10  2001/09/13 20:08:06  jongfoster
+ *    Adding support for LOG_LEVEL_CGI
+ *
+ *    Revision 1.9  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.8  2001/07/29 18:43:08  jongfoster
+ *    Changing #ifdef _FILENAME_H to FILENAME_H_INCLUDED, to conform to
+ *    ANSI C rules.
+ *
+ *    Revision 1.7  2001/07/19 19:02:53  haroon
+ *    Added define for LOG_LEVEL_POPUPS
+ *
+ *    Revision 1.6  2001/07/13 13:59:22  oes
+ *     - Added LOG_LEVEL_DEANIMATE
+ *     - Changed LOG_LEVEL_CLF
+ *     - Removed all #ifdef PCRS
+ *
+ *    Revision 1.5  2001/05/26 17:25:14  jongfoster
+ *    Added support for CLF (Common Log Format) and fixed LOG_LEVEL_LOG
+ *
+ *    Revision 1.4  2001/05/25 21:56:06  jongfoster
+ *    Added FIXME comment to (broken) LOG_LEVEL_LOG
+ *
+ *    Revision 1.3  2001/05/22 18:46:04  oes
+ *
+ *    - Enabled filtering banners by size rather than URL
+ *      by adding patterns that replace all standard banner
+ *      sizes with the "Junkbuster" gif to the re_filterfile
+ *
+ *    - Enabled filtering WebBugs by providing a pattern
+ *      which kills all 1x1 images
+ *
+ *    - Added support for PCRE_UNGREEDY behaviour to pcrs,
+ *      which is selected by the (nonstandard and therefore
+ *      capital) letter 'U' in the option string.
+ *      It causes the quantifiers to be ungreedy by default.
+ *      Appending a ? turns back to greedy (!).
+ *
+ *    - Added a new interceptor ijb-send-banner, which
+ *      sends back the "Junkbuster" gif. Without imagelist or
+ *      MSIE detection support, or if tinygif = 1, or the
+ *      URL isn't recognized as an imageurl, a lame HTML
+ *      explanation is sent instead.
+ *
+ *    - Added new feature, which permits blocking remote
+ *      script redirects and firing back a local redirect
+ *      to the browser.
+ *      The feature is conditionally compiled, i.e. it
+ *      can be disabled with --disable-fast-redirects,
+ *      plus it must be activated by a "fast-redirects"
+ *      line in the config file, has its own log level
+ *      and of course wants to be displayed by show-proxy-args
+ *      Note: Boy, all the #ifdefs in 1001 locations and
+ *      all the fumbling with configure.in and acconfig.h
+ *      were *way* more work than the feature itself :-(
+ *
+ *    - Because a generic redirect template was needed for
+ *      this, tinygif = 3 now uses the same.
+ *
+ *    - Moved GIFs, and other static HTTP response templates
+ *      to project.h
+ *
+ *    - Some minor fixes
+ *
+ *    - Removed some >400 CRs again (Jon, you really worked
+ *      a lot! ;-)
+ *
+ *    Revision 1.2  2001/05/20 01:11:40  jongfoster
+ *    Added support for LOG_LEVEL_FATAL
+ *    Renamed LOG_LEVEL_FRC to LOG_LEVEL_FORCE,
+ *    and LOG_LEVEL_REF to LOG_LEVEL_RE_FILTER
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:51  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Debug level for errors */
+
+/* XXX: Should be renamed. */
+#define LOG_LEVEL_GPC        0x0001
+#define LOG_LEVEL_CONNECT    0x0002
+#define LOG_LEVEL_IO         0x0004
+#define LOG_LEVEL_HEADER     0x0008
+#define LOG_LEVEL_LOG        0x0010
+#ifdef FEATURE_FORCE_LOAD
+#define LOG_LEVEL_FORCE      0x0020
+#endif /* def FEATURE_FORCE_LOAD */
+#define LOG_LEVEL_RE_FILTER  0x0040
+#define LOG_LEVEL_REDIRECTS  0x0080
+#define LOG_LEVEL_DEANIMATE  0x0100
+#define LOG_LEVEL_CLF        0x0200 /* Common Log File format */
+#define LOG_LEVEL_CRUNCH     0x0400
+#define LOG_LEVEL_CGI        0x0800 /* CGI / templates */
+
+/* Following are always on: */
+#define LOG_LEVEL_INFO    0x1000
+#define LOG_LEVEL_ERROR   0x2000
+#define LOG_LEVEL_FATAL   0x4000 /* Exits after writing log */
+
+extern void init_error_log(const char *prog_name, const char *logfname);
+extern void set_debug_level(int debuglevel);
+extern void disable_logging(void);
+extern void init_log_module(void);
+extern void show_version(const char *prog_name);
+extern void log_error(int loglevel, const char *fmt, ...);
+extern const char *jb_err_to_string(int error);
+
+/* Revision control strings from this header and associated .c file */
+extern const char errlog_rcs[];
+extern const char errlog_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef ERRLOG_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
+
diff --git a/external/privoxy/filters.c b/external/privoxy/filters.c
new file mode 100644
index 0000000..8fa1d4e
--- /dev/null
+++ b/external/privoxy/filters.c
@@ -0,0 +1,2709 @@
+const char filters_rcs[] = "$Id: filters.c,v 1.113 2009/03/08 14:19:23 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/filters.c,v $
+ *
+ * Purpose     :  Declares functions to parse/crunch headers and pages.
+ *                Functions declared include:
+ *                   `acl_addr', `add_stats', `block_acl', `block_imageurl',
+ *                   `block_url', `url_actions', `domain_split',
+ *                   `filter_popups', `forward_url', 'redirect_url',
+ *                   `ij_untrusted_url', `intercept_url', `pcrs_filter_respose',
+ *                   `ijb_send_banner', `trust_url', `gif_deanimate_response',
+ *                   `execute_single_pcrs_command', `rewrite_url',
+ *                   `get_last_url'
+ *
+ * Copyright   :  Written by and Copyright (C) 2001, 2004-2008 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: filters.c,v $
+ *    Revision 1.113  2009/03/08 14:19:23  fabiankeil
+ *    Fix justified (but harmless) compiler warnings
+ *    on platforms where sizeof(int) < sizeof(long).
+ *
+ *    Revision 1.112  2009/03/01 18:28:23  fabiankeil
+ *    Help clang understand that we aren't dereferencing
+ *    NULL pointers here.
+ *
+ *    Revision 1.111  2008/12/04 18:13:46  fabiankeil
+ *    Fix a cparser warning.
+ *
+ *    Revision 1.110  2008/11/10 16:40:25  fabiankeil
+ *    Fix a gcc44 warning.
+ *
+ *    Revision 1.109  2008/11/08 15:48:41  fabiankeil
+ *    Mention actual values when complaining about
+ *    the chunk size exceeding the buffer size.
+ *
+ *    Revision 1.108  2008/05/21 15:35:08  fabiankeil
+ *    - Mark csp as immutable for block_acl().
+ *    - Remove an obsolete complaint about filter_popups().
+ *
+ *    Revision 1.107  2008/05/04 17:52:56  fabiankeil
+ *    Adjust parse_http_url() call to new prototype.
+ *
+ *    Revision 1.106  2008/05/03 16:40:44  fabiankeil
+ *    Change content_filters_enabled()'s parameter from
+ *    csp->action to action so it can be also used in the
+ *    CGI code. Don't bother checking if there are filters
+ *    loaded, as that's somewhat besides the point.
+ *
+ *    Revision 1.105  2008/03/28 15:13:39  fabiankeil
+ *    Remove inspect-jpegs action.
+ *
+ *    Revision 1.104  2008/03/27 18:27:24  fabiankeil
+ *    Remove kill-popups action.
+ *
+ *    Revision 1.103  2008/03/06 16:33:45  fabiankeil
+ *    If limit-connect isn't used, don't limit CONNECT requests to port 443.
+ *
+ *    Revision 1.102  2008/03/01 14:00:44  fabiankeil
+ *    Let the block action take the reason for the block
+ *    as argument and show it on the "blocked" page.
+ *
+ *    Revision 1.101  2008/02/23 16:57:12  fabiankeil
+ *    Rename url_actions() to get_url_actions() and let it
+ *    use the standard parameter ordering.
+ *
+ *    Revision 1.100  2008/02/23 16:33:43  fabiankeil
+ *    Let forward_url() use the standard parameter ordering
+ *    and mark its second parameter immutable.
+ *
+ *    Revision 1.99  2008/02/03 13:57:58  fabiankeil
+ *    Add SOCKS5 support for forward-override{}.
+ *
+ *    Revision 1.98  2008/01/04 17:43:45  fabiankeil
+ *    Improve the warning messages that get logged if the action files
+ *    "enable" filters but no filters of that type have been loaded.
+ *
+ *    Revision 1.97  2007/11/30 15:37:03  fabiankeil
+ *    Use freez instead of free.
+ *
+ *    Revision 1.96  2007/10/19 16:53:28  fabiankeil
+ *    Add helper function to check if any content filters are enabled.
+ *
+ *    Revision 1.95  2007/10/17 19:31:20  fabiankeil
+ *    Omitting the zero chunk that ends the chunk transfer encoding seems
+ *    to be the new black. Log the problem and continue filtering anyway.
+ *
+ *    Revision 1.94  2007/09/29 13:20:20  fabiankeil
+ *    Remove two redundant and one useless log messages.
+ *
+ *    Revision 1.93  2007/09/29 10:21:16  fabiankeil
+ *    - Move get_filter_function() from jcc.c to filters.c
+ *      so the filter functions can be static.
+ *    - Don't bother filtering body-less responses.
+ *
+ *    Revision 1.92  2007/09/28 16:38:55  fabiankeil
+ *    - Execute content filters through execute_content_filter().
+ *    - Add prepare_for_filtering() so filter functions don't have to
+ *      care about de-chunking and decompression. As a side effect this enables
+ *      decompression for gif_deanimate_response() and jpeg_inspect_response().
+ *    - Change remove_chunked_transfer_coding()'s return type to jb_err.
+ *      Some clowns feel like chunking empty responses in which case
+ *      (size == 0) is valid but previously would be interpreted as error.
+ *
+ *    Revision 1.91  2007/09/02 15:31:20  fabiankeil
+ *    Move match_portlist() from filter.c to urlmatch.c.
+ *    It's used for url matching, not for filtering.
+ *
+ *    Revision 1.90  2007/09/02 12:44:17  fabiankeil
+ *    Remove newline at the end of a log_error() message.
+ *
+ *    Revision 1.89  2007/08/05 13:42:23  fabiankeil
+ *    #1763173 from Stefan Huehner: declare some more functions static.
+ *
+ *    Revision 1.88  2007/06/01 16:41:11  fabiankeil
+ *    Add forward-override{} to change the forwarding settings through
+ *    action sections. This is mainly interesting to forward different
+ *    clients differently (for example based on User-Agent or request
+ *    origin).
+ *
+ *    Revision 1.87  2007/04/30 15:53:10  fabiankeil
+ *    Make sure filters with dynamic jobs actually use them.
+ *
+ *    Revision 1.86  2007/04/30 15:03:28  fabiankeil
+ *    - Introduce dynamic pcrs jobs that can resolve variables.
+ *    - Don't run redirect functions more than once,
+ *      unless they are activated more than once.
+ *
+ *    Revision 1.85  2007/03/21 12:24:47  fabiankeil
+ *    - Log the content size after decompression in decompress_iob()
+ *      instead of pcrs_filter_response().
+ *
+ *    Revision 1.84  2007/03/20 15:16:34  fabiankeil
+ *    Use dedicated header filter actions instead of abusing "filter".
+ *    Replace "filter-client-headers" and "filter-client-headers"
+ *    with "server-header-filter" and "client-header-filter".
+ *
+ *    Revision 1.83  2007/03/17 15:20:05  fabiankeil
+ *    New config option: enforce-blocks.
+ *
+ *    Revision 1.82  2007/03/13 11:28:43  fabiankeil
+ *    - Fix port handling in acl_addr() and use a temporary acl spec
+ *      copy so error messages don't contain a truncated version.
+ *    - Log size of iob before and after decompression.
+ *
+ *    Revision 1.81  2007/03/05 14:40:53  fabiankeil
+ *    - Cosmetical changes for LOG_LEVEL_RE_FILTER messages.
+ *    - Hide the "Go there anyway" link for blocked CONNECT
+ *      requests where going there anyway doesn't work anyway.
+ *
+ *    Revision 1.80  2007/02/07 10:55:20  fabiankeil
+ *    - Save the reason for generating http_responses.
+ *    - Block (+block) with status code 403 instead of 404.
+ *    - Use a different kludge to remember a failed decompression.
+ *
+ *    Revision 1.79  2007/01/31 16:21:38  fabiankeil
+ *    Search for Max-Forwards headers case-insensitive,
+ *    don't generate the "501 unsupported" message for invalid
+ *    Max-Forwards values and don't increase negative ones.
+ *
+ *    Revision 1.78  2007/01/28 13:41:18  fabiankeil
+ *    - Add HEAD support to finish_http_response.
+ *    - Add error favicon to internal HTML error messages.
+ *
+ *    Revision 1.77  2007/01/12 15:36:44  fabiankeil
+ *    Mark *csp as immutable for is_untrusted_url()
+ *    and is_imageurl(). Closes FR 1237736.
+ *
+ *    Revision 1.76  2007/01/01 19:36:37  fabiankeil
+ *    Integrate a modified version of Wil Mahan's
+ *    zlib patch (PR #895531).
+ *
+ *    Revision 1.75  2006/12/29 18:30:46  fabiankeil
+ *    Fixed gcc43 conversion warnings,
+ *    changed sprintf calls to snprintf.
+ *
+ *    Revision 1.74  2006/12/24 17:37:38  fabiankeil
+ *    Adjust comment in pcrs_filter_response()
+ *    to recent pcrs changes. Hohoho.
+ *
+ *    Revision 1.73  2006/12/23 16:01:02  fabiankeil
+ *    Don't crash if pcre returns an error code
+ *    that pcrs didn't expect. Fixes BR 1621173.
+ *
+ *    Revision 1.72  2006/12/22 18:52:53  fabiankeil
+ *    Modified is_untrusted_url to complain in case of
+ *    write errors and to give a reason when adding new
+ *    entries to the trustfile. Closes FR 1097611.
+ *
+ *    Revision 1.71  2006/12/22 14:24:52  fabiankeil
+ *    Skip empty filter files in pcrs_filter_response,
+ *    but don't ignore the ones that come afterwards.
+ *    Fixes parts of BR 1619208.
+ *
+ *    Revision 1.70  2006/12/09 13:33:15  fabiankeil
+ *    Added some sanity checks for get_last_url().
+ *    Fixed possible segfault caused by my last commit.
+ *
+ *    Revision 1.69  2006/12/08 12:39:13  fabiankeil
+ *    Let get_last_url() catch https URLs as well.
+ *
+ *    Revision 1.68  2006/12/05 14:45:48  fabiankeil
+ *    Make sure get_last_url() behaves like advertised
+ *    and fast-redirects{} can be combined with redirect{}.
+ *
+ *    Revision 1.67  2006/11/28 15:19:43  fabiankeil
+ *    Implemented +redirect{s at foo@bar@} to generate
+ *    a redirect based on a rewritten version of the
+ *    original URL.
+ *
+ *    Revision 1.66  2006/09/23 13:26:38  roro
+ *    Replace TABs by spaces in source code.
+ *
+ *    Revision 1.65  2006/09/21 12:54:43  fabiankeil
+ *    Fix +redirect{}. Didn't work with -fast-redirects.
+ *
+ *    Revision 1.64  2006/08/31 10:55:49  fabiankeil
+ *    Block requests for untrusted URLs with status
+ *    code 403 instead of 200.
+ *
+ *    Revision 1.63  2006/08/31 10:11:28  fabiankeil
+ *    Don't free p which is still in use and will be later
+ *    freed by free_map(). Don't claim the referrer is unknown
+ *    when the client didn't set one.
+ *
+ *    Revision 1.62  2006/08/14 00:27:47  david__schmidt
+ *    Feature request 595948: Re-Filter logging in single line
+ *
+ *    Revision 1.61  2006/08/03 02:46:41  david__schmidt
+ *    Incorporate Fabian Keil's patch work:http://www.fabiankeil.de/sourcecode/privoxy/
+ *
+ *    Revision 1.60  2006/07/18 14:48:46  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.58.2.9  2006/01/29 23:10:56  david__schmidt
+ *    Multiple filter file support
+ *
+ *    Revision 1.58.2.8  2005/05/07 21:50:55  david__schmidt
+ *    A few memory leaks plugged (mostly on error paths)
+ *
+ *    Revision 1.58.2.7  2004/10/03 12:53:32  david__schmidt
+ *    Add the ability to check jpeg images for invalid
+ *    lengths of comment blocks.  Defensive strategy
+ *    against the exploit:
+ *       Microsoft Security Bulletin MS04-028
+ *       Buffer Overrun in JPEG Processing (GDI+) Could
+ *       Allow Code Execution (833987)
+ *    Enabled with +inspect-jpegs in actions files.
+ *
+ *    Revision 1.58.2.6  2003/12/06 22:18:27  gliptak
+ *    Correcting compile problem with FEATURE_IMAGE_BLOCKING
+ *
+ *    Revision 1.58.2.5  2003/11/11 13:10:31  oes
+ *    Fixed bug #839859: "See why" link URL now gets url-encoded.
+ *
+ *    Revision 1.58.2.4  2003/02/28 12:52:45  oes
+ *    Fixed a typo
+ *
+ *    Revision 1.58.2.3  2002/09/25 14:51:51  oes
+ *    Added basic support for OPTIONS and TRACE HTTP methods:
+ *    New function direct_response which handles OPTIONS and
+ *    TRACE requests whose Max-Forwards header field is zero.
+ *
+ *    Revision 1.58.2.2  2002/08/01 17:18:28  oes
+ *    Fixed BR 537651 / SR 579724 (MSIE image detect improper for IE/Mac)
+ *
+ *    Revision 1.58.2.1  2002/07/26 15:18:53  oes
+ *    - Bugfix: Executing a filters without jobs no longer results in
+ *      turing off *all* filters.
+ *    - Security fix: Malicious web servers can't cause a seg fault
+ *      through bogus chunk sizes anymore
+ *
+ *    Revision 1.58  2002/04/24 02:11:17  oes
+ *    Jon's multiple AF patch: url_actions now evaluates rules
+ *    from all AFs.
+ *
+ *    Revision 1.57  2002/04/08 20:38:34  swa
+ *    fixed JB spelling
+ *
+ *    Revision 1.56  2002/04/05 15:51:24  oes
+ *     - bugfix: error-pages now get correct request protocol
+ *     - fix for invalid HTML in trust info
+ *
+ *    Revision 1.55  2002/04/02 16:13:51  oes
+ *    Fix: No "Go there anyway" for SSL
+ *
+ *    Revision 1.54  2002/04/02 14:55:56  oes
+ *    Bugfix: is_untrusted_url() now depends on FEATURE_TRUST, not FEATURE_COOKIE_JAR
+ *
+ *    Revision 1.53  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.52  2002/03/24 16:35:57  jongfoster
+ *    Removing logo
+ *
+ *    Revision 1.51  2002/03/24 15:23:33  jongfoster
+ *    Name changes
+ *
+ *    Revision 1.50  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.49  2002/03/16 20:29:14  oes
+ *    Cosmetics
+ *
+ *    Revision 1.48  2002/03/13 20:25:34  oes
+ *    Better logging for content filters
+ *
+ *    Revision 1.47  2002/03/13 00:30:52  jongfoster
+ *    Killing warnings
+ *    Added option of always sending redirect for imageblock,
+ *    currently disabled with #if 0.
+ *
+ *    Revision 1.46  2002/03/12 01:42:49  oes
+ *    Introduced modular filters
+ *
+ *    Revision 1.45  2002/03/08 16:47:50  oes
+ *    Added choice beween GIF and PNG built-in images
+ *
+ *    Revision 1.44  2002/03/07 03:49:31  oes
+ *     - Fixed compiler warnings etc
+ *     - Changed built-in images from GIF to PNG
+ *       (with regard to Unisys patent issue)
+ *     - Added a 4x4 pattern PNG which is less intrusive
+ *       than the logo but also clearly marks the deleted banners
+ *
+ *    Revision 1.43  2002/01/22 23:51:59  jongfoster
+ *    Replacing strsav() with the safer string_append().
+ *
+ *    Adding missing html_encode() to error message generators.  Where encoded
+ *    and unencoded versions of a string were provided, removing the unencoded
+ *    one.
+ *
+ *    Revision 1.42  2002/01/17 21:00:32  jongfoster
+ *    Moving all our URL and URL pattern parsing code to urlmatch.c.
+ *
+ *    Using a single, simple url_match(pattern,url) function - rather than
+ *    the 3-line match routine which was repeated all over the place.
+ *
+ *    Renaming free_url to free_url_spec, since it frees a struct url_spec.
+ *
+ *    Using parse_http_url() to parse URLs without faking a HTTP
+ *    request line for parse_http_request().
+ *
+ *    Revision 1.41  2001/11/13 00:14:07  jongfoster
+ *    Fixing stupid bug now I've figured out what || means.
+ *    (It always returns 0 or 1, not one of it's paramaters.)
+ *
+ *    Revision 1.40  2001/10/26 17:37:55  oes
+ *    - Re-enabled Netscape 200/404 bug workaround in block_url():
+ *      - Removed OS/2 special case
+ *      - Made block_url() independant from sed() having been run
+ *    - Made trust_url independant from sed() having been run
+ *    - Made is_imageurl independant from sed() having been run.
+ *      It now checks User-Agent: and Accept: by itself.
+ *
+ *
+ *    Revision 1.39  2001/10/25 03:40:48  david__schmidt
+ *    Change in porting tactics: OS/2's EMX porting layer doesn't allow multiple
+ *    threads to call select() simultaneously.  So, it's time to do a real, live,
+ *    native OS/2 port.  See defines for __EMX__ (the porting layer) vs. __OS2__
+ *    (native). Both versions will work, but using __OS2__ offers multi-threading.
+ *
+ *    Revision 1.38  2001/10/23 21:32:33  jongfoster
+ *    Adding error-checking to selected functions
+ *
+ *    Revision 1.37  2001/10/22 15:33:56  david__schmidt
+ *    Special-cased OS/2 out of the Netscape-abort-on-404-in-js problem in
+ *    filters.c.  Added a FIXME in front of the offending code.  I'll gladly
+ *    put in a better/more robust fix for all parties if one is presented...
+ *    It seems that just returning 200 instead of 404 would pretty much fix
+ *    it for everyone, but I don't know all the history of the problem.
+ *
+ *    Revision 1.36  2001/10/10 16:44:16  oes
+ *    Added match_portlist function
+ *
+ *    Revision 1.35  2001/10/07 15:41:23  oes
+ *    Replaced 6 boolean members of csp with one bitmap (csp->flags)
+ *
+ *    New function remove_chunked_transfer_coding that strips chunked
+ *      transfer coding to plain and is called by pcrs_filter_response
+ *      and gif_deanimate_response if neccessary
+ *
+ *    Improved handling of zero-change re_filter runs
+ *
+ *    pcrs_filter_response and gif_deanimate_response now remove
+ *      chunked transfer codeing before processing the body.
+ *
+ *    Revision 1.34  2001/09/20 15:49:36  steudten
+ *
+ *    Fix BUG: Change int size to size_t size in pcrs_filter_response().
+ *    See cgi.c fill_template().
+ *
+ *    Revision 1.33  2001/09/16 17:05:14  jongfoster
+ *    Removing unused #include showarg.h
+ *
+ *    Revision 1.32  2001/09/16 13:21:27  jongfoster
+ *    Changes to use new list functions.
+ *
+ *    Revision 1.31  2001/09/16 11:38:02  jongfoster
+ *    Splitting fill_template() into 2 functions:
+ *    template_load() loads the file
+ *    template_fill() performs the PCRS regexps.
+ *    This is because the CGI edit interface has a "table row"
+ *    template which is used many times in the page - this
+ *    change means it's only loaded from disk once.
+ *
+ *    Revision 1.30  2001/09/16 11:00:10  jongfoster
+ *    New function alloc_http_response, for symmetry with free_http_response
+ *
+ *    Revision 1.29  2001/09/13 23:32:40  jongfoster
+ *    Moving image data to cgi.c rather than cgi.h
+ *    Fixing a GPF under Win32 (and any other OS that protects global
+ *    constants from being written to).
+ *
+ *    Revision 1.28  2001/09/10 10:18:51  oes
+ *    Silenced compiler warnings
+ *
+ *    Revision 1.27  2001/08/05 16:06:20  jongfoster
+ *    Modifiying "struct map" so that there are now separate header and
+ *    "map_entry" structures.  This means that functions which modify a
+ *    map no longer need to return a pointer to the modified map.
+ *    Also, it no longer reverses the order of the entries (which may be
+ *    important with some advanced template substitutions).
+ *
+ *    Revision 1.26  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.25  2001/07/26 10:09:46  oes
+ *    Made browser detection a little less naive
+ *
+ *    Revision 1.24  2001/07/25 17:22:51  oes
+ *    Added workaround for Netscape bug that prevents display of page when loading a component fails.
+ *
+ *    Revision 1.23  2001/07/23 13:40:12  oes
+ *    Fixed bug that caused document body to be dropped when pcrs joblist was empty.
+ *
+ *    Revision 1.22  2001/07/18 12:29:34  oes
+ *    - Made gif_deanimate_response respect
+ *      csp->action->string[ACTION_STRING_DEANIMATE]
+ *    - Logging cosmetics
+ *
+ *    Revision 1.21  2001/07/13 13:59:53  oes
+ *     - Introduced gif_deanimate_response which shares the
+ *       generic content modification interface of pcrs_filter_response
+ *       and acts as a wrapper to deanimate.c:gif_deanimate()
+ *     - Renamed re_process_buffer to pcrs_filter_response
+ *     - pcrs_filter_response now returns NULL on failiure
+ *     - Removed all #ifdef PCRS
+ *
+ *    Revision 1.20  2001/07/01 17:01:04  oes
+ *    Added comments and missing return statement in is_untrusted_url()
+ *
+ *    Revision 1.19  2001/06/29 21:45:41  oes
+ *    Indentation, CRLF->LF, Tab-> Space
+ *
+ *    Revision 1.18  2001/06/29 13:27:38  oes
+ *    - Cleaned up, renamed and reorderd functions
+ *      and improved comments
+ *
+ *    - block_url:
+ *      - Ported to CGI platform. Now delivers
+ *        http_response or NULL
+ *      - Unified HTML and GIF generation (moved image detection
+ *        and GIF generation here from jcc.c:chat())
+ *      - Fixed HTTP status to:
+ *       -  403 (Forbidden) for the "blocked" HTML message
+ *       -  200 (OK) for GIF answers
+ *       -  302 (Redirect) for redirect to GIF
+ *
+ *    - trust_url:
+ *      - Ported to CGI platform. Now delivers
+ *        http_response or NULL
+ *      - Separated detection of untrusted URL into
+ *        (bool)is_untrusted_url
+ *      - Added enforcement of untrusted requests
+ *
+ *    - Moved redirect_url() from cgi.c to here
+ *      and ported it to the CGI platform
+ *
+ *    - Removed logentry from cancelled commit
+ *
+ *    Revision 1.17  2001/06/09 10:55:28  jongfoster
+ *    Changing BUFSIZ ==> BUFFER_SIZE
+ *
+ *    Revision 1.16  2001/06/07 23:10:26  jongfoster
+ *    Allowing unanchored domain patterns to back off and retry
+ *    if they partially match.  Optimized right-anchored patterns.
+ *    Moving ACL and forward files into config file.
+ *    Replacing struct gateway with struct forward_spec
+ *
+ *    Revision 1.15  2001/06/03 19:12:00  oes
+ *    extracted-CGI relevant stuff
+ *
+ *    Revision 1.14  2001/06/01 10:30:55  oes
+ *    Added optional left-anchoring to domaincmp
+ *
+ *    Revision 1.13  2001/05/31 21:21:30  jongfoster
+ *    Permissionsfile / actions file changes:
+ *    - Changed "permission" to "action" throughout
+ *    - changes to file format to allow string parameters
+ *    - Moved helper functions to actions.c
+ *
+ *    Revision 1.12  2001/05/31 17:35:20  oes
+ *
+ *     - Enhanced domain part globbing with infix and prefix asterisk
+ *       matching and optional unanchored operation
+ *
+ *    Revision 1.11  2001/05/29 11:53:23  oes
+ *    "See why" link added to "blocked" page
+ *
+ *    Revision 1.10  2001/05/29 09:50:24  jongfoster
+ *    Unified blocklist/imagelist/permissionslist.
+ *    File format is still under discussion, but the internal changes
+ *    are (mostly) done.
+ *
+ *    Also modified interceptor behaviour:
+ *    - We now intercept all URLs beginning with one of the following
+ *      prefixes (and *only* these prefixes):
+ *        * http://i.j.b/
+ *        * http://ijbswa.sf.net/config/
+ *        * http://ijbswa.sourceforge.net/config/
+ *    - New interceptors "home page" - go to http://i.j.b/ to see it.
+ *    - Internal changes so that intercepted and fast redirect pages
+ *      are not replaced with an image.
+ *    - Interceptors now have the option to send a binary page direct
+ *      to the client. (i.e. ijb-send-banner uses this)
+ *    - Implemented show-url-info interceptor.  (Which is why I needed
+ *      the above interceptors changes - a typical URL is
+ *      "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ *      The previous mechanism would not have intercepted that, and
+ *      if it had been intercepted then it then it would have replaced
+ *      it with an image.)
+ *
+ *    Revision 1.9  2001/05/27 22:17:04  oes
+ *
+ *    - re_process_buffer no longer writes the modified buffer
+ *      to the client, which was very ugly. It now returns the
+ *      buffer, which it is then written by chat.
+ *
+ *    - content_length now adjusts the Content-Length: header
+ *      for modified documents rather than crunch()ing it.
+ *      (Length info in csp->content_length, which is 0 for
+ *      unmodified documents)
+ *
+ *    - For this to work, sed() is called twice when filtering.
+ *
+ *    Revision 1.8  2001/05/26 17:13:28  jongfoster
+ *    Filled in a function comment.
+ *
+ *    Revision 1.7  2001/05/26 15:26:15  jongfoster
+ *    ACL feature now provides more security by immediately dropping
+ *    connections from untrusted hosts.
+ *
+ *    Revision 1.6  2001/05/26 00:28:36  jongfoster
+ *    Automatic reloading of config file.
+ *    Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32).
+ *    Most of the global variables have been moved to a new
+ *    struct configuration_spec, accessed through csp->config->globalname
+ *    Most of the globals remaining are used by the Win32 GUI.
+ *
+ *    Revision 1.5  2001/05/25 22:34:30  jongfoster
+ *    Hard tabs->Spaces
+ *
+ *    Revision 1.4  2001/05/22 18:46:04  oes
+ *
+ *    - Enabled filtering banners by size rather than URL
+ *      by adding patterns that replace all standard banner
+ *      sizes with the "Junkbuster" gif to the re_filterfile
+ *
+ *    - Enabled filtering WebBugs by providing a pattern
+ *      which kills all 1x1 images
+ *
+ *    - Added support for PCRE_UNGREEDY behaviour to pcrs,
+ *      which is selected by the (nonstandard and therefore
+ *      capital) letter 'U' in the option string.
+ *      It causes the quantifiers to be ungreedy by default.
+ *      Appending a ? turns back to greedy (!).
+ *
+ *    - Added a new interceptor ijb-send-banner, which
+ *      sends back the "Junkbuster" gif. Without imagelist or
+ *      MSIE detection support, or if tinygif = 1, or the
+ *      URL isn't recognized as an imageurl, a lame HTML
+ *      explanation is sent instead.
+ *
+ *    - Added new feature, which permits blocking remote
+ *      script redirects and firing back a local redirect
+ *      to the browser.
+ *      The feature is conditionally compiled, i.e. it
+ *      can be disabled with --disable-fast-redirects,
+ *      plus it must be activated by a "fast-redirects"
+ *      line in the config file, has its own log level
+ *      and of course wants to be displayed by show-proxy-args
+ *      Note: Boy, all the #ifdefs in 1001 locations and
+ *      all the fumbling with configure.in and acconfig.h
+ *      were *way* more work than the feature itself :-(
+ *
+ *    - Because a generic redirect template was needed for
+ *      this, tinygif = 3 now uses the same.
+ *
+ *    - Moved GIFs, and other static HTTP response templates
+ *      to project.h
+ *
+ *    - Some minor fixes
+ *
+ *    - Removed some >400 CRs again (Jon, you really worked
+ *      a lot! ;-)
+ *
+ *    Revision 1.3  2001/05/20 16:44:47  jongfoster
+ *    Removing last hardcoded Junkbusters.com URLs.
+ *
+ *    Revision 1.2  2001/05/20 01:21:20  jongfoster
+ *    Version 2.9.4 checkin.
+ *    - Merged popupfile and cookiefile, and added control over PCRS
+ *      filtering, in new "permissionsfile".
+ *    - Implemented LOG_LEVEL_FATAL, so that if there is a configuration
+ *      file error you now get a message box (in the Win32 GUI) rather
+ *      than the program exiting with no explanation.
+ *    - Made killpopup use the PCRS MIME-type checking and HTTP-header
+ *      skipping.
+ *    - Removed tabs from "config"
+ *    - Moved duplicated url parsing code in "loaders.c" to a new funcition.
+ *    - Bumped up version number.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:52  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <stdlib.h>
+#include <ctype.h>
+#include <string.h>
+#include <assert.h>
+
+#ifndef _WIN32
+#ifndef __OS2__
+#include <unistd.h>
+#endif /* ndef __OS2__ */
+#include <netinet/in.h>
+#else
+#include <winsock2.h>
+#endif /* ndef _WIN32 */
+
+#ifdef __OS2__
+#include <utils.h>
+#endif /* def __OS2__ */
+
+#include "project.h"
+#include "filters.h"
+#include "encode.h"
+#include "parsers.h"
+#include "ssplit.h"
+#include "errlog.h"
+#include "jbsockets.h"
+#include "miscutil.h"
+#include "actions.h"
+#include "cgi.h"
+#include "list.h"
+#include "deanimate.h"
+#include "urlmatch.h"
+#include "loaders.h"
+
+#ifdef _WIN32
+#include "win32.h"
+#endif
+
+const char filters_h_rcs[] = FILTERS_H_VERSION;
+
+/* Fix a problem with Solaris.  There should be no effect on other
+ * platforms.
+ * Solaris's isspace() is a macro which uses it's argument directly
+ * as an array index.  Therefore we need to make sure that high-bit
+ * characters generate +ve values, and ideally we also want to make
+ * the argument match the declared parameter type of "int".
+ */
+#define ijb_isdigit(__X) isdigit((int)(unsigned char)(__X))
+
+static jb_err remove_chunked_transfer_coding(char *buffer, size_t *size);
+static jb_err prepare_for_filtering(struct client_state *csp);
+
+#ifdef FEATURE_ACL
+/*********************************************************************
+ *
+ * Function    :  block_acl
+ *
+ * Description :  Block this request?
+ *                Decide yes or no based on ACL file.
+ *
+ * Parameters  :
+ *          1  :  dst = The proxy or gateway address this is going to.
+ *                      Or NULL to check all possible targets.
+ *          2  :  csp = Current client state (buffers, headers, etc...)
+ *                      Also includes the client IP address.
+ *
+ * Returns     : 0 = FALSE (don't block) and 1 = TRUE (do block)
+ *
+ *********************************************************************/
+int block_acl(const struct access_control_addr *dst, const struct client_state *csp)
+{
+   struct access_control_list *acl = csp->config->acl;
+
+   /* if not using an access control list, then permit the connection */
+   if (acl == NULL)
+   {
+      return(0);
+   }
+
+   /* search the list */
+   while (acl != NULL)
+   {
+      if ((csp->ip_addr_long & acl->src->mask) == acl->src->addr)
+      {
+         if (dst == NULL)
+         {
+            /* Just want to check if they have any access */
+            if (acl->action == ACL_PERMIT)
+            {
+               return(0);
+            }
+         }
+         else if ( ((dst->addr & acl->dst->mask) == acl->dst->addr)
+           && ((dst->port == acl->dst->port) || (acl->dst->port == 0)))
+         {
+            if (acl->action == ACL_PERMIT)
+            {
+               return(0);
+            }
+            else
+            {
+               return(1);
+            }
+         }
+      }
+      acl = acl->next;
+   }
+
+   return(1);
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  acl_addr
+ *
+ * Description :  Called from `load_config' to parse an ACL address.
+ *
+ * Parameters  :
+ *          1  :  aspec = String specifying ACL address.
+ *          2  :  aca = struct access_control_addr to fill in.
+ *
+ * Returns     :  0 => Ok, everything else is an error.
+ *
+ *********************************************************************/
+int acl_addr(const char *aspec, struct access_control_addr *aca)
+{
+   int i, masklength;
+   long port;
+   char *p;
+   char *acl_spec = NULL;
+
+   masklength = 32;
+   port       =  0;
+
+   /*
+    * Use a temporary acl spec copy so we can log
+    * the unmodified original in case of parse errors.
+    */
+   acl_spec = strdup(aspec);
+   if (acl_spec == NULL)
+   {
+      /* XXX: This will be logged as parse error. */
+      return(-1);
+   }
+
+   if ((p = strchr(acl_spec, '/')) != NULL)
+   {
+      *p++ = '\0';
+      if (ijb_isdigit(*p) == 0)
+      {
+         freez(acl_spec);
+         return(-1);
+      }
+      masklength = atoi(p);
+   }
+
+   if ((masklength < 0) || (masklength > 32))
+   {
+      freez(acl_spec);
+      return(-1);
+   }
+
+   if ((p = strchr(acl_spec, ':')) != NULL)
+   {
+      char *endptr;
+
+      *p++ = '\0';
+      port = strtol(p, &endptr, 10);
+
+      if (port <= 0 || port > 65535 || *endptr != '\0')
+      {
+         freez(acl_spec);
+         return(-1);
+      }
+   }
+
+   aca->port = (unsigned long)port;
+
+   aca->addr = ntohl(resolve_hostname_to_ip(acl_spec));
+   freez(acl_spec);
+
+   if (aca->addr == INADDR_NONE)
+   {
+      /* XXX: This will be logged as parse error. */
+      return(-1);
+   }
+
+   /* build the netmask */
+   aca->mask = 0;
+   for (i=1; i <= masklength ; i++)
+   {
+      aca->mask |= (1U << (32 - i));
+   }
+
+   /* now mask off the host portion of the ip address
+    * (i.e. save on the network portion of the address).
+    */
+   aca->addr = aca->addr & aca->mask;
+
+   return(0);
+
+}
+#endif /* def FEATURE_ACL */
+
+
+/*********************************************************************
+ *
+ * Function    :  connect_port_is_forbidden
+ *
+ * Description :  Check to see if CONNECT requests to the destination
+ *                port of this request are forbidden. The check is
+ *                independend of the actual request method.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  True if yes, false otherwise.
+ *
+ *********************************************************************/
+int connect_port_is_forbidden(const struct client_state *csp)
+{
+   return ((csp->action->flags & ACTION_LIMIT_CONNECT) &&
+     !match_portlist(csp->action->string[ACTION_STRING_LIMIT_CONNECT],
+        csp->http->port));
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  block_url
+ *
+ * Description :  Called from `chat'.  Check to see if we need to block this.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  NULL => unblocked, else HTTP block response
+ *
+ *********************************************************************/
+struct http_response *block_url(struct client_state *csp)
+{
+   struct http_response *rsp;
+   const char *new_content_type = NULL;
+
+   /*
+    * If it's not blocked, don't block it ;-)
+    */
+   if ((csp->action->flags & ACTION_BLOCK) == 0)
+   {
+      return NULL;
+   }
+   if (csp->action->flags & ACTION_REDIRECT)
+   {
+      log_error(LOG_LEVEL_ERROR, "redirect{} overruled by block.");     
+   }
+   /*
+    * Else, prepare a response
+    */
+   if (NULL == (rsp = alloc_http_response()))
+   {
+      return cgi_error_memory();
+   }
+
+   /*
+    * If it's an image-url, send back an image or redirect
+    * as specified by the relevant +image action
+    */
+#ifdef FEATURE_IMAGE_BLOCKING
+   if (((csp->action->flags & ACTION_IMAGE_BLOCKER) != 0)
+        && is_imageurl(csp))
+   {
+      char *p;
+      /* determine HOW images should be blocked */
+      p = csp->action->string[ACTION_STRING_IMAGE_BLOCKER];
+
+      if(csp->action->flags & ACTION_HANDLE_AS_EMPTY_DOCUMENT)
+      {
+         log_error(LOG_LEVEL_ERROR, "handle-as-empty-document overruled by handle-as-image.");
+      }
+#if 1 /* Two alternative strategies, use this one for now: */
+
+      /* and handle accordingly: */
+      if ((p == NULL) || (0 == strcmpic(p, "pattern")))
+      {
+         rsp->status = strdup("403 Request blocked by Privoxy");
+         if (rsp->status == NULL)
+         {
+            free_http_response(rsp);
+            return cgi_error_memory();
+         }
+         rsp->body = bindup(image_pattern_data, image_pattern_length);
+         if (rsp->body == NULL)
+         {
+            free_http_response(rsp);
+            return cgi_error_memory();
+         }
+         rsp->content_length = image_pattern_length;
+
+         if (enlist_unique_header(rsp->headers, "Content-Type", BUILTIN_IMAGE_MIMETYPE))
+         {
+            free_http_response(rsp);
+            return cgi_error_memory();
+         }
+      }
+
+      else if (0 == strcmpic(p, "blank"))
+      {
+         rsp->status = strdup("403 Request blocked by Privoxy");
+         if (rsp->status == NULL)
+         {
+            free_http_response(rsp);
+            return cgi_error_memory();
+         }
+         rsp->body = bindup(image_blank_data, image_blank_length);
+         if (rsp->body == NULL)
+         {
+            free_http_response(rsp);
+            return cgi_error_memory();
+         }
+         rsp->content_length = image_blank_length;
+
+         if (enlist_unique_header(rsp->headers, "Content-Type", BUILTIN_IMAGE_MIMETYPE))
+         {
+            free_http_response(rsp);
+            return cgi_error_memory();
+         }
+      }
+
+      else
+      {
+         rsp->status = strdup("302 Local Redirect from Privoxy");
+         if (rsp->status == NULL)
+         {
+            free_http_response(rsp);
+            return cgi_error_memory();
+         }
+
+         if (enlist_unique_header(rsp->headers, "Location", p))
+         {
+            free_http_response(rsp);
+            return cgi_error_memory();
+         }
+      }
+
+#else /* Following code is disabled for now */
+
+      /* and handle accordingly: */
+      if ((p == NULL) || (0 == strcmpic(p, "pattern")))
+      {
+         p = CGI_PREFIX "send-banner?type=pattern";
+      }
+      else if (0 == strcmpic(p, "blank"))
+      {
+         p = CGI_PREFIX "send-banner?type=blank";
+      }
+      rsp->status = strdup("302 Local Redirect from Privoxy");
+      if (rsp->status == NULL)
+      {
+         free_http_response(rsp);
+         return cgi_error_memory();
+      }
+
+      if (enlist_unique_header(rsp->headers, "Location", p))
+      {
+         free_http_response(rsp);
+         return cgi_error_memory();
+      }
+#endif /* Preceeding code is disabled for now */
+   }
+   else if(csp->action->flags & ACTION_HANDLE_AS_EMPTY_DOCUMENT)
+   {
+     /*
+      *  Send empty document.               
+      */
+      new_content_type = csp->action->string[ACTION_STRING_CONTENT_TYPE];
+
+      freez(rsp->body);
+      rsp->body = strdup(" ");
+      rsp->content_length = 1;
+
+      rsp->status = strdup("403 Request blocked by Privoxy");
+      if (rsp->status == NULL)
+      {
+         free_http_response(rsp);
+         return cgi_error_memory();
+      }
+      if (new_content_type != 0)
+      {
+         log_error(LOG_LEVEL_HEADER, "Overwriting Content-Type with %s", new_content_type);
+         if (enlist_unique_header(rsp->headers, "Content-Type", new_content_type))
+         {
+            free_http_response(rsp);
+            return cgi_error_memory();
+         }
+      }
+   }
+   else
+#endif /* def FEATURE_IMAGE_BLOCKING */
+
+   /*
+    * Else, generate an HTML "blocked" message:
+    */
+   {
+      jb_err err;
+      struct map * exports;
+      char *p;
+
+      /*
+       * Workaround for stupid Netscape bug which prevents
+       * pages from being displayed if loading a referenced
+       * JavaScript or style sheet fails. So make it appear
+       * as if it succeeded.
+       */
+      if ( NULL != (p = get_header_value(csp->headers, "User-Agent:"))
+           && !strncmpic(p, "mozilla", 7) /* Catch Netscape but */
+           && !strstr(p, "Gecko")         /* save Mozilla, */
+           && !strstr(p, "compatible")    /* MSIE */
+           && !strstr(p, "Opera"))        /* and Opera. */
+      {
+         rsp->status = strdup("200 Request for blocked URL");
+      }
+      else
+      {
+         rsp->status = strdup("403 Request for blocked URL");
+      }
+
+      if (rsp->status == NULL)
+      {
+         free_http_response(rsp);
+         return cgi_error_memory();
+      }
+
+      exports = default_exports(csp, NULL);
+      if (exports == NULL)
+      {
+         free_http_response(rsp);
+         return cgi_error_memory();
+      }
+
+#ifdef FEATURE_FORCE_LOAD
+      err = map(exports, "force-prefix", 1, FORCE_PREFIX, 1);
+      /*
+       * Export the force conditional block killer if
+       *
+       * - Privoxy was compiled without FEATURE_FORCE_LOAD, or
+       * - Privoxy is configured to enforce blocks, or
+       * - it's a CONNECT request and enforcing wouldn't work anyway.
+       */
+      if ((csp->config->feature_flags & RUNTIME_FEATURE_ENFORCE_BLOCKS)
+       || (0 == strcmpic(csp->http->gpc, "connect")))
+#endif /* ndef FEATURE_FORCE_LOAD */
+      {
+         err = map_block_killer(exports, "force-support");
+      }
+
+      if (!err) err = map(exports, "protocol", 1, csp->http->ssl ? "https://" : "http://", 1);
+      if (!err) err = map(exports, "hostport", 1, html_encode(csp->http->hostport), 0);
+      if (!err) err = map(exports, "path", 1, html_encode(csp->http->path), 0);
+      if (!err) err = map(exports, "path-ue", 1, url_encode(csp->http->path), 0);
+      if (!err)
+      {
+         const char *block_reason;
+         if (csp->action->string[ACTION_STRING_BLOCK] != NULL)
+         {
+            block_reason = csp->action->string[ACTION_STRING_BLOCK];
+         }
+         else
+         {
+            assert(connect_port_is_forbidden(csp));
+            block_reason = "Forbidden CONNECT port.";
+         }
+         err = map(exports, "block-reason", 1, html_encode(block_reason), 0);
+      }
+      if (err)
+      {
+         free_map(exports);
+         free_http_response(rsp);
+         return cgi_error_memory();
+      }
+
+      err = template_fill_for_cgi(csp, "blocked", exports, rsp);
+      if (err)
+      {
+         free_http_response(rsp);
+         return cgi_error_memory();
+      }
+   }
+   rsp->reason = RSP_REASON_BLOCKED;
+
+   return finish_http_response(csp, rsp);
+
+}
+
+
+#ifdef FEATURE_TRUST
+/*********************************************************************
+ *
+ * Function    :  trust_url FIXME: I should be called distrust_url
+ *
+ * Description :  Calls is_untrusted_url to determine if the URL is trusted
+ *                and if not, returns a HTTP 403 response with a reject message.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  NULL => trusted, else http_response.
+ *
+ *********************************************************************/
+struct http_response *trust_url(struct client_state *csp)
+{
+   struct http_response *rsp;
+   struct map * exports;
+   char buf[BUFFER_SIZE];
+   char *p;
+   struct url_spec **tl;
+   struct url_spec *t;
+   jb_err err;
+
+   /*
+    * Don't bother to work on trusted URLs
+    */
+   if (!is_untrusted_url(csp))
+   {
+      return NULL;
+   }
+
+   /*
+    * Else, prepare a response:
+    */
+   if (NULL == (rsp = alloc_http_response()))
+   {
+      return cgi_error_memory();
+   }
+
+   rsp->status = strdup("403 Request blocked by Privoxy");
+   exports = default_exports(csp, NULL);
+   if (exports == NULL || rsp->status == NULL)
+   {
+      free_http_response(rsp);
+      return cgi_error_memory();
+   }
+
+   /*
+    * Export the protocol, host, port, and referrer information
+    */
+   err = map(exports, "hostport", 1, csp->http->hostport, 1);
+   if (!err) err = map(exports, "protocol", 1, csp->http->ssl ? "https://" : "http://", 1); 
+   if (!err) err = map(exports, "path", 1, csp->http->path, 1);
+
+   if (NULL != (p = get_header_value(csp->headers, "Referer:")))
+   {
+      if (!err) err = map(exports, "referrer", 1, html_encode(p), 0);
+   }
+   else
+   {
+      if (!err) err = map(exports, "referrer", 1, "none set", 1);
+   }
+
+   if (err)
+   {
+      free_map(exports);
+      free_http_response(rsp);
+      return cgi_error_memory();
+   }
+
+   /*
+    * Export the trust list
+    */
+   p = strdup("");
+   for (tl = csp->config->trust_list; (t = *tl) != NULL ; tl++)
+   {
+      snprintf(buf, sizeof(buf), "<li>%s</li>\n", t->spec);
+      string_append(&p, buf);
+   }
+   err = map(exports, "trusted-referrers", 1, p, 0);
+
+   if (err)
+   {
+      free_map(exports);
+      free_http_response(rsp);
+      return cgi_error_memory();
+   }
+
+   /*
+    * Export the trust info, if available
+    */
+   if (csp->config->trust_info->first)
+   {
+      struct list_entry *l;
+
+      p = strdup("");
+      for (l = csp->config->trust_info->first; l ; l = l->next)
+      {
+         snprintf(buf, sizeof(buf), "<li> <a href=\"%s\">%s</a><br>\n", l->str, l->str);
+         string_append(&p, buf);
+      }
+      err = map(exports, "trust-info", 1, p, 0);
+   }
+   else
+   {
+      err = map_block_killer(exports, "have-trust-info");
+   }
+
+   if (err)
+   {
+      free_map(exports);
+      free_http_response(rsp);
+      return cgi_error_memory();
+   }
+
+   /*
+    * Export the force conditional block killer if
+    *
+    * - Privoxy was compiled without FEATURE_FORCE_LOAD, or
+    * - Privoxy is configured to enforce blocks, or
+    * - it's a CONNECT request and enforcing wouldn't work anyway.
+    */
+#ifdef FEATURE_FORCE_LOAD
+   if ((csp->config->feature_flags & RUNTIME_FEATURE_ENFORCE_BLOCKS)
+    || (0 == strcmpic(csp->http->gpc, "connect")))
+   {
+      err = map_block_killer(exports, "force-support");
+   }
+   else
+   {
+      err = map(exports, "force-prefix", 1, FORCE_PREFIX, 1);
+   }
+#else /* ifndef FEATURE_FORCE_LOAD */
+   err = map_block_killer(exports, "force-support");
+#endif /* ndef FEATURE_FORCE_LOAD */
+
+   if (err)
+   {
+      free_map(exports);
+      free_http_response(rsp);
+      return cgi_error_memory();
+   }
+
+   /*
+    * Build the response
+    */
+   err = template_fill_for_cgi(csp, "untrusted", exports, rsp);
+   if (err)
+   {
+      free_http_response(rsp);
+      return cgi_error_memory();
+   }
+   rsp->reason = RSP_REASON_UNTRUSTED;
+
+   return finish_http_response(csp, rsp);
+}
+#endif /* def FEATURE_TRUST */
+
+
+/*********************************************************************
+ *
+ * Function    :  compile_dynamic_pcrs_job_list
+ *
+ * Description :  Compiles a dynamic pcrs job list (one with variables
+ *                resolved at request time)
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  b = The filter list to compile
+ *
+ * Returns     :  NULL in case of errors, otherwise the
+ *                pcrs job list.  
+ *
+ *********************************************************************/
+pcrs_job *compile_dynamic_pcrs_job_list(const struct client_state *csp, const struct re_filterfile_spec *b)
+{
+   struct list_entry *pattern;
+   pcrs_job *job_list = NULL;
+   pcrs_job *dummy = NULL;
+   pcrs_job *lastjob = NULL;
+   int error = 0;
+
+   const struct pcrs_variable variables[] =
+   {
+      {"url",    csp->http->url,   1},
+      {"path",   csp->http->path,  1},
+      {"host",   csp->http->host,  1},
+      {"origin", csp->ip_addr_str, 1},
+      {NULL,     NULL,             1}
+   };
+
+   for (pattern = b->patterns->first; pattern != NULL; pattern = pattern->next)
+   {
+      assert(pattern->str != NULL);
+
+      dummy = pcrs_compile_dynamic_command(pattern->str, variables, &error);
+      if (NULL == dummy)
+      {
+         assert(error < 0);
+         log_error(LOG_LEVEL_ERROR,
+            "Adding filter job \'%s\' to dynamic filter %s failed: %s",
+            pattern->str, b->name, pcrs_strerror(error));
+         continue;
+      }
+      else
+      {
+         if (error == PCRS_WARN_TRUNCATION)
+         {
+            log_error(LOG_LEVEL_ERROR,
+               "At least one of the variables in \'%s\' had to "
+               "be truncated before compilation", pattern->str);
+         }
+         if (job_list == NULL)
+         {
+            job_list = dummy;
+         }
+         else
+         {
+            lastjob->next = dummy;
+         }
+         lastjob = dummy;
+      }
+   }
+
+   return job_list;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  rewrite_url
+ *
+ * Description :  Rewrites a URL with a single pcrs command
+ *                and returns the result if it differs from the
+ *                original and isn't obviously invalid.
+ *
+ * Parameters  :
+ *          1  :  old_url = URL to rewrite.
+ *          2  :  pcrs_command = pcrs command formatted as string (s at foo@bar@)
+ *
+ *
+ * Returns     :  NULL if the pcrs_command didn't change the url, or 
+ *                the result of the modification.
+ *
+ *********************************************************************/
+char *rewrite_url(char *old_url, const char *pcrs_command)
+{
+   char *new_url = NULL;
+   int hits;
+
+   assert(old_url);
+   assert(pcrs_command);
+
+   new_url = pcrs_execute_single_command(old_url, pcrs_command, &hits);
+
+   if (hits == 0)
+   {
+      log_error(LOG_LEVEL_REDIRECTS,
+         "pcrs command \"%s\" didn't change \"%s\".",
+         pcrs_command, old_url);
+      freez(new_url);
+   }
+   else if (hits < 0)
+   {
+      log_error(LOG_LEVEL_REDIRECTS,
+         "executing pcrs command \"%s\" to rewrite %s failed: %s",
+         pcrs_command, old_url, pcrs_strerror(hits));
+      freez(new_url);
+   }
+   else if (strncmpic(new_url, "http://", 7) && strncmpic(new_url, "https://", 8))
+   {
+      log_error(LOG_LEVEL_ERROR,
+         "pcrs command \"%s\" changed \"%s\" to \"%s\" (%u hi%s), "
+         "but the result doesn't look like a valid URL and will be ignored.",
+         pcrs_command, old_url, new_url, hits, (hits == 1) ? "t" : "ts");
+      freez(new_url);
+   }
+   else
+   {
+      log_error(LOG_LEVEL_REDIRECTS,
+         "pcrs command \"%s\" changed \"%s\" to \"%s\" (%u hi%s).",
+         pcrs_command, old_url, new_url, hits, (hits == 1) ? "t" : "ts");
+   }
+
+   return new_url;
+
+}
+
+
+#ifdef FEATURE_FAST_REDIRECTS
+/*********************************************************************
+ *
+ * Function    :  get_last_url
+ *
+ * Description :  Search for the last URL inside a string.
+ *                If the string already is a URL, it will
+ *                be the first URL found.
+ *
+ * Parameters  :
+ *          1  :  subject = the string to check
+ *          2  :  redirect_mode = +fast-redirect{} mode 
+ *
+ * Returns     :  NULL if no URL was found, or
+ *                the last URL found.
+ *
+ *********************************************************************/
+char *get_last_url(char *subject, const char *redirect_mode)
+{
+   char *new_url = NULL;
+   char *tmp;
+
+   assert(subject);
+   assert(redirect_mode);
+
+   subject = strdup(subject);
+   if (subject == NULL)
+   {
+      log_error(LOG_LEVEL_ERROR, "Out of memory while searching for redirects.");
+      return NULL;
+   }
+
+   if (0 == strcmpic(redirect_mode, "check-decoded-url"))
+   {  
+      log_error(LOG_LEVEL_REDIRECTS, "Decoding \"%s\" if necessary.", subject);
+      new_url = url_decode(subject);
+      if (new_url != NULL)
+      {
+         freez(subject);
+         subject = new_url;
+      }
+      else
+      {
+         log_error(LOG_LEVEL_ERROR, "Unable to decode \"%s\".", subject);
+      }
+   }
+
+   log_error(LOG_LEVEL_REDIRECTS, "Checking \"%s\" for redirects.", subject);
+
+   /*
+    * Find the last URL encoded in the request
+    */
+   tmp = subject;
+   while ((tmp = strstr(tmp, "http://")) != NULL)
+   {
+      new_url = tmp++;
+   }
+   tmp = (new_url != NULL) ? new_url : subject;
+   while ((tmp = strstr(tmp, "https://")) != NULL)
+   {
+      new_url = tmp++;
+   }
+
+   if ((new_url != NULL)
+      && (  (new_url != subject)
+         || (0 == strncmpic(subject, "http://", 7))
+         || (0 == strncmpic(subject, "https://", 8))
+         ))
+   {
+      /*
+       * Return new URL if we found a redirect 
+       * or if the subject already was a URL.
+       *
+       * The second case makes sure that we can
+       * chain get_last_url after another redirection check
+       * (like rewrite_url) without losing earlier redirects.
+       */
+      new_url = strdup(new_url);
+      freez(subject);
+      return new_url;
+   }
+
+   freez(subject);
+   return NULL;
+
+}
+#endif /* def FEATURE_FAST_REDIRECTS */
+
+
+/*********************************************************************
+ *
+ * Function    :  redirect_url
+ *
+ * Description :  Checks if Privoxy should answer the request with
+ *                a HTTP redirect and generates the redirect if
+ *                necessary.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  NULL if the request can pass, HTTP redirect otherwise.
+ *
+ *********************************************************************/
+struct http_response *redirect_url(struct client_state *csp)
+{
+   struct http_response *rsp;
+#ifdef FEATURE_FAST_REDIRECTS
+   /*
+    * XXX: Do we still need FEATURE_FAST_REDIRECTS
+    * as compile-time option? The user can easily disable
+    * it in his action file.
+    */
+   char * redirect_mode;
+#endif /* def FEATURE_FAST_REDIRECTS */
+   char *old_url = NULL;
+   char *new_url = NULL;
+   char *redirection_string;
+
+   if ((csp->action->flags & ACTION_REDIRECT))
+   {
+      redirection_string = csp->action->string[ACTION_STRING_REDIRECT];
+
+      /*
+       * If the redirection string begins with 's',
+       * assume it's a pcrs command, otherwise treat it as
+       * properly formatted URL and use it for the redirection
+       * directly.
+       *
+       * According to RFC 2616 section 14.30 the URL
+       * has to be absolute and if the user tries:
+       * +redirect{shit/this/will/be/parsed/as/pcrs_command.html}
+       * she would get undefined results anyway.
+       *
+       */
+
+      if (*redirection_string == 's')
+      {
+         old_url = csp->http->url;
+         new_url = rewrite_url(old_url, redirection_string);
+      }
+      else
+      {
+         log_error(LOG_LEVEL_REDIRECTS,
+            "No pcrs command recognized, assuming that \"%s\" is already properly formatted.",
+            redirection_string);
+         new_url = strdup(redirection_string);
+      }
+   }
+
+#ifdef FEATURE_FAST_REDIRECTS
+   if ((csp->action->flags & ACTION_FAST_REDIRECTS))
+   {
+      redirect_mode = csp->action->string[ACTION_STRING_FAST_REDIRECTS];
+
+      /*
+       * If it exists, use the previously rewritten URL as input
+       * otherwise just use the old path.
+       */
+      old_url = (new_url != NULL) ? new_url : strdup(csp->http->path);
+      new_url = get_last_url(old_url, redirect_mode);
+      freez(old_url);
+   }
+
+   /*
+    * Disable redirect checkers, so that they
+    * will be only run more than once if the user
+    * also enables them through tags.
+    *
+    * From a performance point of view
+    * it doesn't matter, but the duplicated
+    * log messages are annoying.
+    */
+   csp->action->flags &= ~ACTION_FAST_REDIRECTS;
+#endif /* def FEATURE_FAST_REDIRECTS */
+   csp->action->flags &= ~ACTION_REDIRECT;
+
+   /* Did any redirect action trigger? */   
+   if (new_url)
+   {
+      if (0 == strcmpic(new_url, csp->http->url))
+      {
+         log_error(LOG_LEVEL_ERROR,
+            "New URL \"%s\" and old URL \"%s\" are the same. Redirection loop prevented.",
+            csp->http->url, new_url);
+            freez(new_url);
+      }
+      else
+      {
+         log_error(LOG_LEVEL_REDIRECTS, "New URL is: %s", new_url);
+
+         if (NULL == (rsp = alloc_http_response()))
+         {
+            freez(new_url);
+            return cgi_error_memory();
+         }
+
+         if ( enlist_unique_header(rsp->headers, "Location", new_url)
+           || (NULL == (rsp->status = strdup("302 Local Redirect from Privoxy"))) )
+         {
+            freez(new_url);
+            free_http_response(rsp);
+            return cgi_error_memory();
+         }
+         rsp->reason = RSP_REASON_REDIRECTED;
+         freez(new_url);
+
+         return finish_http_response(csp, rsp);
+      }
+   }
+
+   /* Only reached if no redirect is required */
+   return NULL;
+
+}
+
+
+#ifdef FEATURE_IMAGE_BLOCKING
+/*********************************************************************
+ *
+ * Function    :  is_imageurl
+ *
+ * Description :  Given a URL, decide whether it is an image or not,
+ *                using either the info from a previous +image action
+ *                or, #ifdef FEATURE_IMAGE_DETECT_MSIE, and the browser
+ *                is MSIE and not on a Mac, tell from the browser's accept
+ *                header.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  True (nonzero) if URL is an image, false (0)
+ *                otherwise
+ *
+ *********************************************************************/
+int is_imageurl(const struct client_state *csp)
+{
+#ifdef FEATURE_IMAGE_DETECT_MSIE
+   char *tmp;
+
+   tmp = get_header_value(csp->headers, "User-Agent:");
+   if (tmp && strstr(tmp, "MSIE") && !strstr(tmp, "Mac_"))
+   {
+      tmp = get_header_value(csp->headers, "Accept:");
+      if (tmp && strstr(tmp, "image/gif"))
+      {
+         /* Client will accept HTML.  If this seems counterintuitive,
+          * blame Microsoft.
+          */
+         return(0);
+      }
+      else
+      {
+         return(1);
+      }
+   }
+#endif /* def FEATURE_IMAGE_DETECT_MSIE */
+
+   return ((csp->action->flags & ACTION_IMAGE) != 0);
+
+}
+#endif /* def FEATURE_IMAGE_BLOCKING */
+
+
+#ifdef FEATURE_TRUST
+/*********************************************************************
+ *
+ * Function    :  is_untrusted_url
+ *
+ * Description :  Should we "distrust" this URL (and block it)?
+ *
+ *                Yes if it matches a line in the trustfile, or if the
+ *                    referrer matches a line starting with "+" in the
+ *                    trustfile.
+ *                No  otherwise.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  0 => trusted, 1 => untrusted
+ *
+ *********************************************************************/
+int is_untrusted_url(const struct client_state *csp)
+{
+   struct file_list *fl;
+   struct block_spec *b;
+   struct url_spec **trusted_url;
+   struct http_request rhttp[1];
+   const char * referer;
+   jb_err err;
+
+   /*
+    * If we don't have a trustlist, we trust everybody
+    */
+   if (((fl = csp->tlist) == NULL) || ((b  = fl->f) == NULL))
+   {
+      return 0;
+   }
+
+   memset(rhttp, '\0', sizeof(*rhttp));
+
+   /*
+    * Do we trust the request URL itself?
+    */
+   for (b = b->next; b ; b = b->next)
+   {
+      if (url_match(b->url, csp->http))
+      {
+         return b->reject;
+      }
+   }
+
+   if (NULL == (referer = get_header_value(csp->headers, "Referer:")))
+   {
+      /* no referrer was supplied */
+      return 1;
+   }
+
+
+   /*
+    * If not, do we maybe trust its referrer?
+    */
+   err = parse_http_url(referer, rhttp, REQUIRE_PROTOCOL);
+   if (err)
+   {
+      return 1;
+   }
+
+   for (trusted_url = csp->config->trust_list; *trusted_url != NULL; trusted_url++)
+   {
+      if (url_match(*trusted_url, rhttp))
+      {
+         /* if the URL's referrer is from a trusted referrer, then
+          * add the target spec to the trustfile as an unblocked
+          * domain and return 0 (which means it's OK).
+          */
+
+         FILE *fp;
+
+         if (NULL != (fp = fopen(csp->config->trustfile, "a")))
+         {
+            char * path;
+            char * path_end;
+            char * new_entry = strdup("~");
+
+            string_append(&new_entry, csp->http->hostport);
+
+            path = csp->http->path;
+            if ( (path[0] == '/')
+              && (path[1] == '~')
+              && ((path_end = strchr(path + 2, '/')) != NULL))
+            {
+               /* since this path points into a user's home space
+                * be sure to include this spec in the trustfile.
+                */
+               long path_len = path_end - path; /* save offset */
+               path = strdup(path); /* Copy string */
+               if (path != NULL)
+               {
+                  path_end = path + path_len; /* regenerate ptr to new buffer */
+                  *(path_end + 1) = '\0'; /* Truncate path after '/' */
+               }
+               string_join(&new_entry, path);
+            }
+
+            /*
+             * Give a reason for generating this entry.
+             */
+            string_append(&new_entry, " # Trusted referrer was: ");
+            string_append(&new_entry, referer);
+
+            if (new_entry != NULL)
+            {
+               if (-1 == fprintf(fp, "%s\n", new_entry))
+               {
+                  log_error(LOG_LEVEL_ERROR, "Failed to append \'%s\' to trustfile \'%s\': %E",
+                     new_entry, csp->config->trustfile);
+               }
+               freez(new_entry);
+            }
+            else
+            {
+               /* FIXME: No way to handle out-of memory, so mostly ignoring it */
+               log_error(LOG_LEVEL_ERROR, "Out of memory adding pattern to trust file");
+            }
+
+            fclose(fp);
+         }
+         else
+         {
+            log_error(LOG_LEVEL_ERROR, "Failed to append new entry for \'%s\' to trustfile \'%s\': %E",
+               csp->http->hostport, csp->config->trustfile);
+         }
+         return 0;
+      }
+   }
+
+   return 1;
+}
+#endif /* def FEATURE_TRUST */
+
+
+/*********************************************************************
+ *
+ * Function    :  pcrs_filter_response
+ *
+ * Description :  Execute all text substitutions from all applying
+ *                +filter actions on the text buffer that's been
+ *                accumulated in csp->iob->buf.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  a pointer to the (newly allocated) modified buffer.
+ *                or NULL if there were no hits or something went wrong
+ *
+ *********************************************************************/
+static char *pcrs_filter_response(struct client_state *csp)
+{
+   int hits=0;
+   size_t size, prev_size;
+
+   char *old = NULL;
+   char *new = NULL;
+   pcrs_job *job;
+
+   struct file_list *fl;
+   struct re_filterfile_spec *b;
+   struct list_entry *filtername;
+
+   int i, found_filters = 0;
+
+   /* 
+    * Sanity first
+    */
+   if (csp->iob->cur >= csp->iob->eod)
+   {
+      return(NULL);
+   }
+
+   /*
+    * Need to check the set of re_filterfiles...
+    */
+   for (i = 0; i < MAX_AF_FILES; i++)
+   {
+      fl = csp->rlist[i];
+      if (NULL != fl)
+      {
+         if (NULL != fl->f)
+         {
+           found_filters = 1;
+           break;
+         }
+      }
+   }
+
+   if (0 == found_filters)
+   {
+      log_error(LOG_LEVEL_ERROR, "Inconsistent configuration: "
+         "content filtering enabled, but no content filters available.");
+      return(NULL);
+   }
+
+   size = (size_t)(csp->iob->eod - csp->iob->cur);
+   old = csp->iob->cur;
+
+   for (i = 0; i < MAX_AF_FILES; i++)
+   {
+     fl = csp->rlist[i];
+     if ((NULL == fl) || (NULL == fl->f))
+     {
+        /*
+         * Either there are no filter files
+         * left, or this filter file just
+         * contains no valid filters.
+         *
+         * Continue to be sure we don't miss
+         * valid filter files that are chained
+         * after empty or invalid ones.
+         */
+        continue;
+     }
+   /*
+    * For all applying +filter actions, look if a filter by that
+    * name exists and if yes, execute it's pcrs_joblist on the
+    * buffer.
+    */
+   for (b = fl->f; b; b = b->next)
+   {
+      if (b->type != FT_CONTENT_FILTER)
+      {
+         /* Skip header filters */
+         continue;
+      }
+
+      for (filtername = csp->action->multi[ACTION_MULTI_FILTER]->first;
+           filtername ; filtername = filtername->next)
+      {
+         if (strcmp(b->name, filtername->str) == 0)
+         {
+            int current_hits = 0; /* Number of hits caused by this filter */
+            int job_number   = 0; /* Which job we're currently executing  */
+            int job_hits     = 0; /* How many hits the current job caused */
+            pcrs_job *joblist = b->joblist;
+
+            if (b->dynamic) joblist = compile_dynamic_pcrs_job_list(csp, b);
+
+            if (NULL == joblist)
+            {
+               log_error(LOG_LEVEL_RE_FILTER, "Filter %s has empty joblist. Nothing to do.", b->name);
+               continue;
+            }
+
+            prev_size = size;
+            /* Apply all jobs from the joblist */
+            for (job = joblist; NULL != job; job = job->next)
+            {
+               job_number++;
+               job_hits = pcrs_execute(job, old, size, &new, &size);
+
+               if (job_hits >= 0)
+               {
+                  /*
+                   * That went well. Continue filtering
+                   * and use the result of this job as
+                   * input for the next one.
+                   */
+                  current_hits += job_hits;
+                  if (old != csp->iob->cur)
+                  {
+                     freez(old);
+                  }
+                  old = new;
+               }
+               else
+               {
+                  /*
+                   * This job caused an unexpected error. Inform the user
+                   * and skip the rest of the jobs in this filter. We could
+                   * continue with the next job, but usually the jobs
+                   * depend on each other or are similar enough to
+                   * fail for the same reason.
+                   *
+                   * At the moment our pcrs expects the error codes of pcre 3.4,
+                   * but newer pcre versions can return additional error codes.
+                   * As a result pcrs_strerror()'s error message might be
+                   * "Unknown error ...", therefore we print the numerical value
+                   * as well.
+                   *
+                   * XXX: Is this important enough for LOG_LEVEL_ERROR or
+                   * should we use LOG_LEVEL_RE_FILTER instead?
+                   */
+                  log_error(LOG_LEVEL_ERROR, "Skipped filter \'%s\' after job number %u: %s (%d)",
+                     b->name, job_number, pcrs_strerror(job_hits), job_hits);
+                  break;
+               }
+            }
+
+            if (b->dynamic) pcrs_free_joblist(joblist);
+
+            log_error(LOG_LEVEL_RE_FILTER,
+               "filtering %s%s (size %d) with \'%s\' produced %d hits (new size %d).",
+               csp->http->hostport, csp->http->path, prev_size, b->name, current_hits, size);
+
+            hits += current_hits;
+         }
+      }
+   }
+   }
+
+   /*
+    * If there were no hits, destroy our copy and let
+    * chat() use the original in csp->iob
+    */
+   if (!hits)
+   {
+      freez(new);
+      return(NULL);
+   }
+
+   csp->flags |= CSP_FLAG_MODIFIED;
+   csp->content_length = size;
+   IOB_RESET(csp);
+
+   return(new);
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  gif_deanimate_response
+ *
+ * Description :  Deanimate the GIF image that has been accumulated in
+ *                csp->iob->buf, set csp->content_length to the modified
+ *                size and raise the CSP_FLAG_MODIFIED flag.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  a pointer to the (newly allocated) modified buffer.
+ *                or NULL in case something went wrong.
+ *
+ *********************************************************************/
+static char *gif_deanimate_response(struct client_state *csp)
+{
+   struct binbuffer *in, *out;
+   char *p;
+   size_t size;
+
+   size = (size_t)(csp->iob->eod - csp->iob->cur);
+
+   if (  (NULL == (in =  (struct binbuffer *)zalloc(sizeof *in )))
+      || (NULL == (out = (struct binbuffer *)zalloc(sizeof *out))) )
+   {
+      log_error(LOG_LEVEL_DEANIMATE, "failed! (no mem)");
+      return NULL;
+   }
+
+   in->buffer = csp->iob->cur;
+   in->size = size;
+
+   if (gif_deanimate(in, out, strncmp("last", csp->action->string[ACTION_STRING_DEANIMATE], 4)))
+   {
+      log_error(LOG_LEVEL_DEANIMATE, "failed! (gif parsing)");
+      freez(in);
+      buf_free(out);
+      return(NULL);
+   }
+   else
+   {
+      if ((int)size == out->offset)
+      {
+         log_error(LOG_LEVEL_DEANIMATE, "GIF not changed.");
+      }
+      else
+      {
+         log_error(LOG_LEVEL_DEANIMATE, "Success! GIF shrunk from %d bytes to %d.", size, out->offset);
+      }
+      csp->content_length = out->offset;
+      csp->flags |= CSP_FLAG_MODIFIED;
+      p = out->buffer;
+      freez(in);
+      freez(out);
+      return(p);
+   }
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_filter_function
+ *
+ * Description :  Decides which content filter function has
+ *                to be applied (if any).
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  The content filter function to run, or
+ *                NULL if no content filter is active
+ *
+ *********************************************************************/
+filter_function_ptr get_filter_function(struct client_state *csp)
+{
+   filter_function_ptr filter_function = NULL;
+
+   /*
+    * Are we enabling text mode by force?
+    */
+   if (csp->action->flags & ACTION_FORCE_TEXT_MODE)
+   {
+      /*
+       * Do we really have to?
+       */
+      if (csp->content_type & CT_TEXT)
+      {
+         log_error(LOG_LEVEL_HEADER, "Text mode is already enabled.");   
+      }
+      else
+      {
+         csp->content_type |= CT_TEXT;
+         log_error(LOG_LEVEL_HEADER, "Text mode enabled by force. Take cover!");   
+      }
+   }
+
+   if (!(csp->content_type & CT_DECLARED))
+   {
+      /*
+       * The server didn't bother to declare a MIME-Type.
+       * Assume it's text that can be filtered.
+       *
+       * This also regulary happens with 304 responses,
+       * therefore logging anything here would cause
+       * too much noise.
+       */
+      csp->content_type |= CT_TEXT;
+   }
+
+   /*
+    * Choose the applying filter function based on
+    * the content type and action settings.
+    */
+   if ((csp->content_type & CT_TEXT) &&
+       (csp->rlist != NULL) &&
+       (!list_is_empty(csp->action->multi[ACTION_MULTI_FILTER])))
+   {
+      filter_function = pcrs_filter_response;
+   }
+   else if ((csp->content_type & CT_GIF)  &&
+            (csp->action->flags & ACTION_DEANIMATE))
+   {
+      filter_function = gif_deanimate_response;
+   }
+
+   return filter_function;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  remove_chunked_transfer_coding
+ *
+ * Description :  In-situ remove the "chunked" transfer coding as defined
+ *                in rfc2616 from a buffer.
+ *
+ * Parameters  :
+ *          1  :  buffer = Pointer to the text buffer
+ *          2  :  size =  In: Number of bytes to be processed,
+ *                       Out: Number of bytes after de-chunking.
+ *                       (undefined in case of errors)
+ *
+ * Returns     :  JB_ERR_OK for success,
+ *                JB_ERR_PARSE otherwise
+ *
+ *********************************************************************/
+static jb_err remove_chunked_transfer_coding(char *buffer, size_t *size)
+{
+   size_t newsize = 0;
+   unsigned int chunksize = 0;
+   char *from_p, *to_p;
+
+   assert(buffer);
+   from_p = to_p = buffer;
+
+   if (sscanf(buffer, "%x", &chunksize) != 1)
+   {
+      log_error(LOG_LEVEL_ERROR, "Invalid first chunksize while stripping \"chunked\" transfer coding");
+      return JB_ERR_PARSE;
+   }
+
+   while (chunksize > 0U)
+   {
+      if (NULL == (from_p = strstr(from_p, "\r\n")))
+      {
+         log_error(LOG_LEVEL_ERROR, "Parse error while stripping \"chunked\" transfer coding");
+         return JB_ERR_PARSE;
+      }
+
+      if ((newsize += chunksize) >= *size)
+      {
+         log_error(LOG_LEVEL_ERROR,
+            "Chunk size %d exceeds buffer size %d in  \"chunked\" transfer coding",
+            chunksize, *size);
+         return JB_ERR_PARSE;
+      }
+      from_p += 2;
+
+      memmove(to_p, from_p, (size_t) chunksize);
+      to_p = buffer + newsize;
+      from_p += chunksize + 2;
+
+      if (sscanf(from_p, "%x", &chunksize) != 1)
+      {
+         log_error(LOG_LEVEL_INFO, "Invalid \"chunked\" transfer encoding detected and ignored.");
+         break;
+      }
+   }
+   
+   /* XXX: Should get its own loglevel. */
+   log_error(LOG_LEVEL_RE_FILTER, "De-chunking successful. Shrunk from %d to %d", *size, newsize);
+
+   *size = newsize;
+
+   return JB_ERR_OK;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  prepare_for_filtering
+ *
+ * Description :  If necessary, de-chunks and decompresses
+ *                the content so it can get filterd.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  JB_ERR_OK for success,
+ *                JB_ERR_PARSE otherwise
+ *
+ *********************************************************************/
+static jb_err prepare_for_filtering(struct client_state *csp)
+{
+   jb_err err = JB_ERR_OK;
+
+   /*
+    * If the body has a "chunked" transfer-encoding,
+    * get rid of it, adjusting size and iob->eod
+    */
+   if (csp->flags & CSP_FLAG_CHUNKED)
+   {
+      size_t size = (size_t)(csp->iob->eod - csp->iob->cur);
+
+      log_error(LOG_LEVEL_RE_FILTER, "Need to de-chunk first");
+      err = remove_chunked_transfer_coding(csp->iob->cur, &size);
+      if (JB_ERR_OK == err)
+      {
+         csp->iob->eod = csp->iob->cur + size;
+         csp->flags |= CSP_FLAG_MODIFIED;
+      }
+      else
+      {
+         return JB_ERR_PARSE;
+      }
+   }
+
+#ifdef FEATURE_ZLIB
+   /*
+    * If the body has a supported transfer-encoding,
+    * decompress it, adjusting size and iob->eod.
+    */
+   if (csp->content_type & (CT_GZIP|CT_DEFLATE))
+   {
+      if (0 == csp->iob->eod - csp->iob->cur)
+      {
+         /* Nothing left after de-chunking. */
+         return JB_ERR_OK;
+      }
+
+      err = decompress_iob(csp);
+
+      if (JB_ERR_OK == err)
+      {
+         csp->flags |= CSP_FLAG_MODIFIED;
+         csp->content_type &= ~CT_TABOO;
+      }
+      else
+      {
+         /*
+          * Unset CT_GZIP and CT_DEFLATE to remember not
+          * to modify the Content-Encoding header later.
+          */
+         csp->content_type &= ~CT_GZIP;
+         csp->content_type &= ~CT_DEFLATE;
+      }
+   }
+#endif
+
+   return err;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  execute_content_filter
+ *
+ * Description :  Executes a given content filter.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  content_filter = The filter function to execute
+ *
+ * Returns     :  Pointer to the modified buffer, or
+ *                NULL if filtering failed or wasn't necessary.
+ *
+ *********************************************************************/
+char *execute_content_filter(struct client_state *csp, filter_function_ptr content_filter)
+{
+   if (0 == csp->iob->eod - csp->iob->cur)
+   {
+      /*
+       * No content (probably status code 301, 302 ...),
+       * no filtering necessary.
+       */
+      return NULL;
+   }
+
+   if (JB_ERR_OK != prepare_for_filtering(csp))
+   {
+      /*
+       * failed to de-chunk or decompress.
+       */
+      return NULL;
+   }
+
+   if (0 == csp->iob->eod - csp->iob->cur)
+   {
+      /*
+       * Clown alarm: chunked and/or compressed nothing delivered.
+       */
+      return NULL;
+   }
+
+   return ((*content_filter)(csp));
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_url_actions
+ *
+ * Description :  Gets the actions for this URL.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  http = http_request request for blocked URLs
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void get_url_actions(struct client_state *csp, struct http_request *http)
+{
+   struct file_list *fl;
+   struct url_actions *b;
+   int i;
+
+   init_current_action(csp->action);
+
+   for (i = 0; i < MAX_AF_FILES; i++)
+   {
+      if (((fl = csp->actions_list[i]) == NULL) || ((b = fl->f) == NULL))
+      {
+         return;
+      }
+
+      apply_url_actions(csp->action, http, b);
+   }
+
+   return;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  apply_url_actions
+ *
+ * Description :  Applies a list of URL actions.
+ *
+ * Parameters  :
+ *          1  :  action = Destination.
+ *          2  :  http = Current URL
+ *          3  :  b = list of URL actions to apply
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void apply_url_actions(struct current_action_spec *action,
+                       struct http_request *http,
+                       struct url_actions *b)
+{
+   if (b == NULL)
+   {
+      /* Should never happen */
+      return;
+   }
+
+   for (b = b->next; NULL != b; b = b->next)
+   {
+      if (url_match(b->url, http))
+      {
+         merge_current_action(action, b->action);
+      }
+   }
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_forward_override_settings
+ *
+ * Description :  Returns forward settings as specified with the
+ *                forward-override{} action. forward-override accepts
+ *                forward lines similar to the one used in the
+ *                configuration file, but without the URL pattern.
+ *
+ *                For example:
+ *
+ *                   forward / .
+ *
+ *                in the configuration file can be replaced with
+ *                the action section:
+ *
+ *                 {+forward-override{forward .}}
+ *                 /
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  Pointer to forwarding structure in case of success.
+ *                Invalid syntax is fatal.
+ *
+ *********************************************************************/
+const static struct forward_spec *get_forward_override_settings(struct client_state *csp)
+{
+   const char *forward_override_line = csp->action->string[ACTION_STRING_FORWARD_OVERRIDE];
+   char forward_settings[BUFFER_SIZE];
+   char *http_parent = NULL;
+   /* variable names were chosen for consistency reasons. */
+   struct forward_spec *fwd = NULL;
+   int vec_count;
+   char *vec[3];
+
+   assert(csp->action->flags & ACTION_FORWARD_OVERRIDE);
+   /* Should be enforced by load_one_actions_file() */
+   assert(strlen(forward_override_line) < sizeof(forward_settings) - 1);
+
+   /* Create a copy ssplit can modify */
+   strlcpy(forward_settings, forward_override_line, sizeof(forward_settings));
+
+   if (NULL != csp->fwd)
+   {
+      /*
+       * XXX: Currently necessary to prevent memory
+       * leaks when the show-url-info cgi page is visited.
+       */
+      unload_forward_spec(csp->fwd);
+   }
+
+   /*
+    * allocate a new forward node, valid only for
+    * the lifetime of this request. Save its location
+    * in csp as well, so sweep() can free it later on.
+    */
+   fwd = csp->fwd = zalloc(sizeof(*fwd));
+   if (NULL == fwd)
+   {
+      log_error(LOG_LEVEL_FATAL,
+         "can't allocate memory for forward-override{%s}", forward_override_line);
+      /* Never get here - LOG_LEVEL_FATAL causes program exit */
+      return NULL;
+   }
+
+   vec_count = ssplit(forward_settings, " \t", vec, SZ(vec), 1, 1);
+   if ((vec_count == 2) && !strcasecmp(vec[0], "forward"))
+   {
+      fwd->type = SOCKS_NONE;
+
+      /* Parse the parent HTTP proxy host:port */
+      http_parent = vec[1];
+
+   }
+   else if (vec_count == 3)
+   {
+      char *socks_proxy = NULL;
+
+      if  (!strcasecmp(vec[0], "forward-socks4"))
+      {
+         fwd->type = SOCKS_4;
+         socks_proxy = vec[1];
+      }
+      else if (!strcasecmp(vec[0], "forward-socks4a"))
+      {
+         fwd->type = SOCKS_4A;
+         socks_proxy = vec[1];
+      }
+      else if (!strcasecmp(vec[0], "forward-socks5"))
+      {
+         fwd->type = SOCKS_5;
+         socks_proxy = vec[1];
+      }
+
+      if (NULL != socks_proxy)
+      {
+         /* Parse the SOCKS proxy host[:port] */
+         fwd->gateway_host = strdup(socks_proxy);
+
+         if (NULL != (socks_proxy = strchr(fwd->gateway_host, ':')))
+         {
+            *socks_proxy++ = '\0';
+            fwd->gateway_port = (int)strtol(socks_proxy, NULL, 0);
+         }
+
+         if (fwd->gateway_port <= 0)
+         {
+            fwd->gateway_port = 1080;
+         }
+
+         http_parent = vec[2];
+      }
+   }
+
+   if (NULL == http_parent)
+   {
+      log_error(LOG_LEVEL_FATAL,
+         "Invalid forward-override syntax in: %s", forward_override_line);
+      /* Never get here - LOG_LEVEL_FATAL causes program exit */
+   }
+
+   /* Parse http forwarding settings */
+   if (strcmp(http_parent, ".") != 0)
+   {
+      fwd->forward_host = strdup(http_parent);
+
+      if (NULL != (http_parent = strchr(fwd->forward_host, ':')))
+      {
+         *http_parent++ = '\0';
+         fwd->forward_port = (int)strtol(http_parent, NULL, 0);
+      }
+
+      if (fwd->forward_port <= 0)
+      {
+         fwd->forward_port = 8000;
+      }
+   }
+
+   assert (NULL != fwd);
+
+   log_error(LOG_LEVEL_CONNECT,
+      "Overriding forwarding settings based on \'%s\'", forward_override_line);
+
+   return fwd;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  forward_url
+ *
+ * Description :  Should we forward this to another proxy?
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  http = http_request request for current URL
+ *
+ * Returns     :  Pointer to forwarding information.
+ *
+ *********************************************************************/
+const struct forward_spec *forward_url(struct client_state *csp,
+                                       const struct http_request *http)
+{
+   static const struct forward_spec fwd_default[1] = { FORWARD_SPEC_INITIALIZER };
+   struct forward_spec *fwd = csp->config->forward;
+
+   if (csp->action->flags & ACTION_FORWARD_OVERRIDE)
+   {
+      return get_forward_override_settings(csp);
+   }
+
+   if (fwd == NULL)
+   {
+      return fwd_default;
+   }
+
+   while (fwd != NULL)
+   {
+      if (url_match(fwd->url, http))
+      {
+         return fwd;
+      }
+      fwd = fwd->next;
+   }
+
+   return fwd_default;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  direct_response 
+ *
+ * Description :  Check if Max-Forwards == 0 for an OPTIONS or TRACE
+ *                request and if so, return a HTTP 501 to the client.
+ *
+ *                FIXME: I have a stupid name and I should handle the
+ *                requests properly. Still, what we do here is rfc-
+ *                compliant, whereas ignoring or forwarding are not.
+ *
+ * Parameters  :  
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  http_response if , NULL if nonmatch or handler fail
+ *
+ *********************************************************************/
+struct http_response *direct_response(struct client_state *csp)
+{
+   struct http_response *rsp;
+   struct list_entry *p;
+
+   if ((0 == strcmpic(csp->http->gpc, "trace"))
+      || (0 == strcmpic(csp->http->gpc, "options")))
+   {
+      for (p = csp->headers->first; (p != NULL) ; p = p->next)
+      {
+         if (!strncmpic("Max-Forwards:", p->str, 13))
+         {
+            unsigned int max_forwards;
+
+            /*
+             * If it's a Max-Forwards value of zero,
+             * we have to intercept the request.
+             */
+            if (1 == sscanf(p->str+12, ": %u", &max_forwards) && max_forwards == 0)
+            {
+               /*
+                * FIXME: We could handle at least TRACE here,
+                * but that would require a verbatim copy of
+                * the request which we don't have anymore
+                */
+                log_error(LOG_LEVEL_HEADER,
+                  "Detected header \'%s\' in OPTIONS or TRACE request. Returning 501.",
+                  p->str);
+
+               /* Get mem for response or fail*/
+               if (NULL == (rsp = alloc_http_response()))
+               {
+                  return cgi_error_memory();
+               }
+            
+               if (NULL == (rsp->status = strdup("501 Not Implemented")))
+               {
+                  free_http_response(rsp);
+                  return cgi_error_memory();
+               }
+
+               rsp->is_static = 1;
+               rsp->reason = RSP_REASON_UNSUPPORTED;
+
+               return(finish_http_response(csp, rsp));
+            }
+         }
+      }
+   }
+   return NULL;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  content_filters_enabled
+ *
+ * Description :  Checks whether there are any content filters
+ *                enabled for the current request.
+ *
+ * Parameters  :  
+ *          1  :  action = Action spec to check.
+ *
+ * Returns     :  TRUE for yes, FALSE otherwise
+ *
+ *********************************************************************/
+int content_filters_enabled(const struct current_action_spec *action)
+{
+   return ((action->flags & ACTION_DEANIMATE) ||
+      !list_is_empty(action->multi[ACTION_MULTI_FILTER]));
+}
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/filters.h b/external/privoxy/filters.h
new file mode 100644
index 0000000..66794e1
--- /dev/null
+++ b/external/privoxy/filters.h
@@ -0,0 +1,382 @@
+#ifndef FILTERS_H_INCLUDED
+#define FILTERS_H_INCLUDED
+#define FILTERS_H_VERSION "$Id: filters.h,v 1.36 2008/05/21 15:35:08 fabiankeil Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/filters.h,v $
+ *
+ * Purpose     :  Declares functions to parse/crunch headers and pages.
+ *                Functions declared include:
+ *                   `acl_addr', `add_stats', `block_acl', `block_imageurl',
+ *                   `block_url', `url_actions', `filter_popups', `forward_url'
+ *                   `ij_untrusted_url', `intercept_url', `re_process_buffer',
+ *                   `show_proxy_args', and `trust_url'
+ *
+ * Copyright   :  Written by and Copyright (C) 2001, 2004 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: filters.h,v $
+ *    Revision 1.36  2008/05/21 15:35:08  fabiankeil
+ *    - Mark csp as immutable for block_acl().
+ *    - Remove an obsolete complaint about filter_popups().
+ *
+ *    Revision 1.35  2008/05/03 16:40:45  fabiankeil
+ *    Change content_filters_enabled()'s parameter from
+ *    csp->action to action so it can be also used in the
+ *    CGI code. Don't bother checking if there are filters
+ *    loaded, as that's somewhat besides the point.
+ *
+ *    Revision 1.34  2008/03/02 12:25:25  fabiankeil
+ *    Also use shiny new connect_port_is_forbidden() in jcc.c.
+ *
+ *    Revision 1.33  2008/02/23 16:57:12  fabiankeil
+ *    Rename url_actions() to get_url_actions() and let it
+ *    use the standard parameter ordering.
+ *
+ *    Revision 1.32  2008/02/23 16:33:43  fabiankeil
+ *    Let forward_url() use the standard parameter ordering
+ *    and mark its second parameter immutable.
+ *
+ *    Revision 1.31  2007/10/19 16:53:28  fabiankeil
+ *    Add helper function to check if any content filters are enabled.
+ *
+ *    Revision 1.30  2007/09/29 10:21:16  fabiankeil
+ *    - Move get_filter_function() from jcc.c to filters.c
+ *      so the filter functions can be static.
+ *    - Don't bother filtering body-less responses.
+ *
+ *    Revision 1.29  2007/09/28 16:38:55  fabiankeil
+ *    - Execute content filters through execute_content_filter().
+ *    - Add prepare_for_filtering() so filter functions don't have to
+ *      care about de-chunking and decompression. As a side effect this enables
+ *      decompression for gif_deanimate_response() and jpeg_inspect_response().
+ *    - Change remove_chunked_transfer_coding()'s return type to jb_err.
+ *      Some clowns feel like chunking empty responses in which case
+ *      (size == 0) is valid but previously would be interpreted as error.
+ *
+ *    Revision 1.28  2007/09/02 15:31:20  fabiankeil
+ *    Move match_portlist() from filter.c to urlmatch.c.
+ *    It's used for url matching, not for filtering.
+ *
+ *    Revision 1.27  2007/04/30 15:02:18  fabiankeil
+ *    Introduce dynamic pcrs jobs that can resolve variables.
+ *
+ *    Revision 1.26  2007/03/13 11:28:43  fabiankeil
+ *    - Fix port handling in acl_addr() and use a temporary acl spec
+ *      copy so error messages don't contain a truncated version.
+ *    - Log size of iob before and after decompression.
+ *
+ *    Revision 1.25  2007/01/12 15:36:44  fabiankeil
+ *    Mark *csp as immutable for is_untrusted_url()
+ *    and is_imageurl(). Closes FR 1237736.
+ *
+ *    Revision 1.24  2006/12/29 18:30:46  fabiankeil
+ *    Fixed gcc43 conversion warnings,
+ *    changed sprintf calls to snprintf.
+ *
+ *    Revision 1.23  2006/11/28 15:19:43  fabiankeil
+ *    Implemented +redirect{s at foo@bar@} to generate
+ *    a redirect based on a rewritten version of the
+ *    original URL.
+ *
+ *    Revision 1.22  2006/07/18 14:48:46  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.20.2.2  2004/10/03 12:53:32  david__schmidt
+ *    Add the ability to check jpeg images for invalid
+ *    lengths of comment blocks.  Defensive strategy
+ *    against the exploit:
+ *       Microsoft Security Bulletin MS04-028
+ *       Buffer Overrun in JPEG Processing (GDI+) Could
+ *       Allow Code Execution (833987)
+ *    Enabled with +inspect-jpegs in actions files.
+ *
+ *    Revision 1.20.2.1  2002/09/25 14:51:51  oes
+ *    Added basic support for OPTIONS and TRACE HTTP methods:
+ *    New function direct_response which handles OPTIONS and
+ *    TRACE requests whose Max-Forwards header field is zero.
+ *
+ *    Revision 1.20  2002/04/02 14:56:16  oes
+ *    Bugfix: is_untrusted_url() and trust_url() now depend on FEATURE_TRUST, not FEATURE_COOKIE_JAR
+ *
+ *    Revision 1.19  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.18  2002/03/25 22:12:45  oes
+ *    Added fix for undefined INADDR_NONE on Solaris by Bart Schelstraete
+ *
+ *    Revision 1.17  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.16  2002/01/17 21:01:02  jongfoster
+ *    Moving all our URL and URL pattern parsing code to urlmatch.c.
+ *
+ *    Revision 1.15  2001/10/10 16:44:16  oes
+ *    Added match_portlist function
+ *
+ *    Revision 1.14  2001/10/07 15:41:40  oes
+ *    Added prototype for remove_chunked_transfer_coding
+ *
+ *    Revision 1.13  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.12  2001/07/29 19:01:11  jongfoster
+ *    Changed _FILENAME_H to FILENAME_H_INCLUDED.
+ *    Added forward declarations for needed structures.
+ *
+ *    Revision 1.11  2001/07/13 14:00:18  oes
+ *     - Introduced gif_deanimate_response
+ *     - Renamed re_process_buffer to pcrs_filter_response
+ *     - Removed all #ifdef PCRS
+ *
+ *    Revision 1.10  2001/06/29 13:29:01  oes
+ *    Cleaned up and updated to reflect the changesin
+ *    filters.c
+ *
+ *    Revision 1.9  2001/06/07 23:10:53  jongfoster
+ *    Replacing struct gateway with struct forward_spec
+ *
+ *    Revision 1.8  2001/06/03 19:12:00  oes
+ *    extracted-CGI relevant stuff
+ *
+ *    Revision 1.7  2001/05/31 21:21:30  jongfoster
+ *    Permissionsfile / actions file changes:
+ *    - Changed "permission" to "action" throughout
+ *    - changes to file format to allow string parameters
+ *    - Moved helper functions to actions.c
+ *
+ *    Revision 1.6  2001/05/29 09:50:24  jongfoster
+ *    Unified blocklist/imagelist/permissionslist.
+ *    File format is still under discussion, but the internal changes
+ *    are (mostly) done.
+ *
+ *    Also modified interceptor behaviour:
+ *    - We now intercept all URLs beginning with one of the following
+ *      prefixes (and *only* these prefixes):
+ *        * http://i.j.b/
+ *        * http://ijbswa.sf.net/config/
+ *        * http://ijbswa.sourceforge.net/config/
+ *    - New interceptors "home page" - go to http://i.j.b/ to see it.
+ *    - Internal changes so that intercepted and fast redirect pages
+ *      are not replaced with an image.
+ *    - Interceptors now have the option to send a binary page direct
+ *      to the client. (i.e. ijb-send-banner uses this)
+ *    - Implemented show-url-info interceptor.  (Which is why I needed
+ *      the above interceptors changes - a typical URL is
+ *      "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ *      The previous mechanism would not have intercepted that, and
+ *      if it had been intercepted then it then it would have replaced
+ *      it with an image.)
+ *
+ *    Revision 1.5  2001/05/27 22:17:04  oes
+ *
+ *    - re_process_buffer no longer writes the modified buffer
+ *      to the client, which was very ugly. It now returns the
+ *      buffer, which it is then written by chat.
+ *
+ *    - content_length now adjusts the Content-Length: header
+ *      for modified documents rather than crunch()ing it.
+ *      (Length info in csp->content_length, which is 0 for
+ *      unmodified documents)
+ *
+ *    - For this to work, sed() is called twice when filtering.
+ *
+ *    Revision 1.4  2001/05/26 15:26:15  jongfoster
+ *    ACL feature now provides more security by immediately dropping
+ *    connections from untrusted hosts.
+ *
+ *    Revision 1.3  2001/05/22 18:46:04  oes
+ *
+ *    - Enabled filtering banners by size rather than URL
+ *      by adding patterns that replace all standard banner
+ *      sizes with the "Junkbuster" gif to the re_filterfile
+ *
+ *    - Enabled filtering WebBugs by providing a pattern
+ *      which kills all 1x1 images
+ *
+ *    - Added support for PCRE_UNGREEDY behaviour to pcrs,
+ *      which is selected by the (nonstandard and therefore
+ *      capital) letter 'U' in the option string.
+ *      It causes the quantifiers to be ungreedy by default.
+ *      Appending a ? turns back to greedy (!).
+ *
+ *    - Added a new interceptor ijb-send-banner, which
+ *      sends back the "Junkbuster" gif. Without imagelist or
+ *      MSIE detection support, or if tinygif = 1, or the
+ *      URL isn't recognized as an imageurl, a lame HTML
+ *      explanation is sent instead.
+ *
+ *    - Added new feature, which permits blocking remote
+ *      script redirects and firing back a local redirect
+ *      to the browser.
+ *      The feature is conditionally compiled, i.e. it
+ *      can be disabled with --disable-fast-redirects,
+ *      plus it must be activated by a "fast-redirects"
+ *      line in the config file, has its own log level
+ *      and of course wants to be displayed by show-proxy-args
+ *      Note: Boy, all the #ifdefs in 1001 locations and
+ *      all the fumbling with configure.in and acconfig.h
+ *      were *way* more work than the feature itself :-(
+ *
+ *    - Because a generic redirect template was needed for
+ *      this, tinygif = 3 now uses the same.
+ *
+ *    - Moved GIFs, and other static HTTP response templates
+ *      to project.h
+ *
+ *    - Some minor fixes
+ *
+ *    - Removed some >400 CRs again (Jon, you really worked
+ *      a lot! ;-)
+ *
+ *    Revision 1.2  2001/05/20 01:21:20  jongfoster
+ *    Version 2.9.4 checkin.
+ *    - Merged popupfile and cookiefile, and added control over PCRS
+ *      filtering, in new "permissionsfile".
+ *    - Implemented LOG_LEVEL_FATAL, so that if there is a configuration
+ *      file error you now get a message box (in the Win32 GUI) rather
+ *      than the program exiting with no explanation.
+ *    - Made killpopup use the PCRS MIME-type checking and HTTP-header
+ *      skipping.
+ *    - Removed tabs from "config"
+ *    - Moved duplicated url parsing code in "loaders.c" to a new funcition.
+ *    - Bumped up version number.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:52  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include "project.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+struct access_control_addr;
+struct client_state;
+struct http_request;
+struct http_response;
+struct current_action_spec;
+struct url_actions;
+struct url_spec;
+
+
+/*
+ * ACL checking
+ */
+#ifdef FEATURE_ACL
+extern int block_acl(const struct access_control_addr *dst, const struct client_state *csp);
+extern int acl_addr(const char *aspec, struct access_control_addr *aca);
+#endif /* def FEATURE_ACL */
+
+/*
+ * Interceptors
+ */
+extern struct http_response *block_url(struct client_state *csp);
+extern struct http_response *redirect_url(struct client_state *csp);
+#ifdef FEATURE_TRUST
+extern struct http_response *trust_url(struct client_state *csp);
+#endif /* def FEATURE_TRUST */
+
+/*
+ * Request inspectors
+ */
+#ifdef FEATURE_TRUST
+extern int is_untrusted_url(const struct client_state *csp);
+#endif /* def FEATURE_TRUST */
+#ifdef FEATURE_IMAGE_BLOCKING
+extern int is_imageurl(const struct client_state *csp);
+#endif /* def FEATURE_IMAGE_BLOCKING */
+extern int connect_port_is_forbidden(const struct client_state *csp);
+
+/*
+ * Determining applicable actions
+ */
+extern void get_url_actions(struct client_state *csp,
+                            struct http_request *http);
+extern void apply_url_actions(struct current_action_spec *action, 
+                              struct http_request *http, 
+                              struct url_actions *b);
+/*
+ * Determining parent proxies
+ */
+extern const struct forward_spec *forward_url(struct client_state *csp,
+                                              const struct http_request *http);
+
+/*
+ * Content modification
+ */
+
+typedef char *(*filter_function_ptr)();
+extern char *execute_content_filter(struct client_state *csp, filter_function_ptr content_filter);
+
+extern filter_function_ptr get_filter_function(struct client_state *csp);
+extern char *execute_single_pcrs_command(char *subject, const char *pcrs_command, int *hits);
+extern char *rewrite_url(char *old_url, const char *pcrs_command);
+extern char *get_last_url(char *subject, const char *redirect_mode);
+
+extern pcrs_job *compile_dynamic_pcrs_job_list(const struct client_state *csp, const struct re_filterfile_spec *b);
+
+extern int content_filters_enabled(const struct current_action_spec *action);
+
+/*
+ * Handling Max-Forwards:
+ */
+extern struct http_response *direct_response(struct client_state *csp);
+
+
+/*
+ * Solaris fix:
+ */
+#ifndef INADDR_NONE
+#define INADDR_NONE -1
+#endif     
+
+/* 
+ * Revision control strings from this header and associated .c file
+ */
+extern const char filters_rcs[];
+extern const char filters_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef FILTERS_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/gateway.c b/external/privoxy/gateway.c
new file mode 100644
index 0000000..1e4ffd0
--- /dev/null
+++ b/external/privoxy/gateway.c
@@ -0,0 +1,1379 @@
+const char gateway_rcs[] = "$Id: gateway.c,v 1.48 2009/02/13 17:20:36 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/gateway.c,v $
+ *
+ * Purpose     :  Contains functions to connect to a server, possibly
+ *                using a "forwarder" (i.e. HTTP proxy and/or a SOCKS4
+ *                or SOCKS5 proxy).
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2009 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: gateway.c,v $
+ *    Revision 1.48  2009/02/13 17:20:36  fabiankeil
+ *    Reword keep-alive support warning and only show
+ *    it #if !defined(HAVE_POLL) && !defined(_WIN32).
+ *
+ *    Revision 1.47  2008/12/24 17:06:19  fabiankeil
+ *    Keep a thread around to timeout alive connections
+ *    even if no new requests are coming in.
+ *
+ *    Revision 1.46  2008/12/13 11:07:23  fabiankeil
+ *    Remove duplicated debugging checks
+ *    in connection_destination_matches().
+ *
+ *    Revision 1.45  2008/12/04 18:17:07  fabiankeil
+ *    Fix some cparser warnings.
+ *
+ *    Revision 1.44  2008/11/22 11:54:04  fabiankeil
+ *    Move log message around to include the socket number.
+ *
+ *    Revision 1.43  2008/11/13 09:15:51  fabiankeil
+ *    Make keep_alive_timeout static.
+ *
+ *    Revision 1.42  2008/11/13 09:08:42  fabiankeil
+ *    Add new config option: keep-alive-timeout.
+ *
+ *    Revision 1.41  2008/11/08 15:29:58  fabiankeil
+ *    Unify two debug messages.
+ *
+ *    Revision 1.40  2008/11/08 15:14:05  fabiankeil
+ *    Fix duplicated debugging check.
+ *
+ *    Revision 1.39  2008/10/25 11:33:01  fabiankeil
+ *    Remove already out-commented line left over from debugging.
+ *
+ *    Revision 1.38  2008/10/24 17:33:00  fabiankeil
+ *    - Tone the "keep-alive support is experimental" warning
+ *      down a bit as hackish 0-chunk detection has been
+ *      implemented recently.
+ *    - Only show the "ndef HAVE_POLL" warning once on start-up.
+ *
+ *    Revision 1.37  2008/10/23 17:40:53  fabiankeil
+ *    Fix forget_connection() and mark_connection_unused(),
+ *    which would both under certain circumstances access
+ *    reusable_connection[MAX_REUSABLE_CONNECTIONS]. Oops.
+ *
+ *    Revision 1.36  2008/10/18 19:49:15  fabiankeil
+ *    - Factor close_unusable_connections() out of
+ *      get_reusable_connection() to make sure we really check
+ *      all the remembered connections, not just the ones before
+ *      the next reusable one.
+ *    - Plug two file descriptor leaks. Internally marking
+ *      connections as closed doesn't cut it.
+ *
+ *    Revision 1.35  2008/10/17 17:12:01  fabiankeil
+ *    In socket_is_still_usable(), use select()
+ *    and FD_ISSET() if poll() isn't available.
+ *
+ *    Revision 1.34  2008/10/17 17:07:13  fabiankeil
+ *    Add preliminary timeout support.
+ *
+ *    Revision 1.33  2008/10/16 16:34:21  fabiankeil
+ *    Fix two gcc44 warnings.
+ *
+ *    Revision 1.32  2008/10/16 16:27:22  fabiankeil
+ *    Fix compiler warning.
+ *
+ *    Revision 1.31  2008/10/16 07:31:11  fabiankeil
+ *    - Factor socket_is_still_usable() out of get_reusable_connection().
+ *    - If poll() isn't available, show a warning and assume the socket
+ *      is still usable.
+ *
+ *    Revision 1.30  2008/10/13 17:31:03  fabiankeil
+ *    If a remembered connection is no longer usable and
+ *    has been marked closed, don't bother checking if the
+ *    destination matches.
+ *
+ *    Revision 1.29  2008/10/11 16:59:41  fabiankeil
+ *    Add missing dots for two log messages.
+ *
+ *    Revision 1.28  2008/10/09 18:21:41  fabiankeil
+ *    Flush work-in-progress changes to keep outgoing connections
+ *    alive where possible. Incomplete and mostly #ifdef'd out.
+ *
+ *    Revision 1.27  2008/09/27 15:05:51  fabiankeil
+ *    Return only once in forwarded_connect().
+ *
+ *    Revision 1.26  2008/08/18 17:42:06  fabiankeil
+ *    Fix typo in macro name.
+ *
+ *    Revision 1.25  2008/02/07 18:09:46  fabiankeil
+ *    In socks5_connect:
+ *    - make the buffers quite a bit smaller.
+ *    - properly report "socks5 server unreachable" failures.
+ *    - let strncpy() use the whole buffer. Using a length of 0xffu wasn't actually
+ *      wrong, but requires too much thinking as it doesn't depend on the buffer size.
+ *    - log a message if the socks5 server sends more data than expected.
+ *    - add some assertions and comments.
+ *
+ *    Revision 1.24  2008/02/04 14:56:29  fabiankeil
+ *    - Fix a compiler warning.
+ *    - Stop assuming that htonl(INADDR_NONE) equals INADDR_NONE.
+ *
+ *    Revision 1.23  2008/02/04 13:11:35  fabiankeil
+ *    Remember the cause of the SOCKS5 error for the CGI message.
+ *
+ *    Revision 1.22  2008/02/03 13:46:15  fabiankeil
+ *    Add SOCKS5 support. Patch #1862863 by Eric M. Hopper with minor changes.
+ *
+ *    Revision 1.21  2007/07/28 12:30:03  fabiankeil
+ *    Modified patch from Song Weijia (#1762559) to
+ *    fix socks requests on big-endian platforms.
+ *
+ *    Revision 1.20  2007/05/14 10:23:48  fabiankeil
+ *    - Use strlcpy() instead of strcpy().
+ *    - Use the same buffer for socks requests and socks responses.
+ *    - Fix bogus warning about web_server_addr being used uninitialized.
+ *
+ *    Revision 1.19  2007/01/25 14:09:45  fabiankeil
+ *    - Save errors in socks4_connect() to csp->error_message.
+ *    - Silence some gcc43 warnings, hopefully the right way.
+ *
+ *    Revision 1.18  2006/07/18 14:48:46  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.16  2002/05/12 21:36:29  jongfoster
+ *    Correcting function comments
+ *
+ *    Revision 1.15  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.14  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.13  2002/03/13 00:29:59  jongfoster
+ *    Killing warnings
+ *
+ *    Revision 1.12  2002/03/09 20:03:52  jongfoster
+ *    - Making various functions return int rather than size_t.
+ *      (Undoing a recent change).  Since size_t is unsigned on
+ *      Windows, functions like read_socket that return -1 on
+ *      error cannot return a size_t.
+ *
+ *      THIS WAS A MAJOR BUG - it caused frequent, unpredictable
+ *      crashes, and also frequently caused JB to jump to 100%
+ *      CPU and stay there.  (Because it thought it had just
+ *      read ((unsigned)-1) == 4Gb of data...)
+ *
+ *    - The signature of write_socket has changed, it now simply
+ *      returns success=0/failure=nonzero.
+ *
+ *    - Trying to get rid of a few warnings --with-debug on
+ *      Windows, I've introduced a new type "jb_socket".  This is
+ *      used for the socket file descriptors.  On Windows, this
+ *      is SOCKET (a typedef for unsigned).  Everywhere else, it's
+ *      an int.  The error value can't be -1 any more, so it's
+ *      now JB_INVALID_SOCKET (which is -1 on UNIX, and in
+ *      Windows it maps to the #define INVALID_SOCKET.)
+ *
+ *    - The signature of bind_port has changed.
+ *
+ *    Revision 1.11  2002/03/08 17:46:04  jongfoster
+ *    Fixing int/size_t warnings
+ *
+ *    Revision 1.10  2002/03/07 03:50:19  oes
+ *     - Improved handling of failed DNS lookups
+ *     - Fixed compiler warnings
+ *
+ *    Revision 1.9  2001/10/25 03:40:48  david__schmidt
+ *    Change in porting tactics: OS/2's EMX porting layer doesn't allow multiple
+ *    threads to call select() simultaneously.  So, it's time to do a real, live,
+ *    native OS/2 port.  See defines for __EMX__ (the porting layer) vs. __OS2__
+ *    (native). Both versions will work, but using __OS2__ offers multi-threading.
+ *
+ *    Revision 1.8  2001/09/13 20:10:12  jongfoster
+ *    Fixing missing #include under Windows
+ *
+ *    Revision 1.7  2001/09/12 17:58:26  steudten
+ *
+ *    add #include <string.h>
+ *
+ *    Revision 1.6  2001/09/10 10:41:16  oes
+ *    Added #include in.h
+ *
+ *    Revision 1.5  2001/07/29 18:47:57  jongfoster
+ *    Adding missing #include project.h
+ *
+ *    Revision 1.4  2001/07/24 12:47:06  oes
+ *    Applied BeOS support update by Eugenia
+ *
+ *    Revision 1.3  2001/06/09 10:55:28  jongfoster
+ *    Changing BUFSIZ ==> BUFFER_SIZE
+ *
+ *    Revision 1.2  2001/06/07 23:11:38  jongfoster
+ *    Removing gateways[] list - no longer used.
+ *    Replacing function pointer in struct gateway with a directly
+ *    called function forwarded_connect(), which can do the common
+ *    task of deciding whether to connect to the web server or HTTP
+ *    proxy.
+ *    Replacing struct gateway with struct forward_spec
+ *    Fixing bug with SOCKS4A and HTTP proxy server in combination.
+ *    It was a bug which led to the connection being made to the web
+ *    server rather than the HTTP proxy, and also a buffer overrun.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:54  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+#include <stdio.h>
+#include <sys/types.h>
+
+#ifndef _WIN32
+#include <netinet/in.h>
+#endif
+
+#include <errno.h>
+#include <string.h>
+#include "assert.h"
+
+#ifdef _WIN32
+#include <winsock2.h>
+#endif /* def _WIN32 */
+
+#ifdef __BEOS__
+#include <netdb.h>
+#endif /* def __BEOS__ */
+
+#ifdef __OS2__
+#include <utils.h>
+#endif /* def __OS2__ */
+
+#include "project.h"
+#include "jcc.h"
+#include "errlog.h"
+#include "jbsockets.h"
+#include "gateway.h"
+#include "miscutil.h"
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+#ifdef HAVE_POLL
+#ifdef __GLIBC__ 
+#include <sys/poll.h>
+#else
+#include <poll.h>
+#endif /* def __GLIBC__ */
+#endif /* HAVE_POLL */
+#endif /* def FEATURE_CONNECTION_KEEP_ALIVE */
+
+const char gateway_h_rcs[] = GATEWAY_H_VERSION;
+
+static jb_socket socks4_connect(const struct forward_spec * fwd,
+                                const char * target_host,
+                                int target_port,
+                                struct client_state *csp);
+
+static jb_socket socks5_connect(const struct forward_spec *fwd,
+                                const char *target_host,
+                                int target_port,
+                                struct client_state *csp);
+
+
+#define SOCKS_REQUEST_GRANTED          90
+#define SOCKS_REQUEST_REJECT           91
+#define SOCKS_REQUEST_IDENT_FAILED     92
+#define SOCKS_REQUEST_IDENT_CONFLICT   93
+
+#define SOCKS5_REQUEST_GRANTED             0
+#define SOCKS5_REQUEST_FAILED              1
+#define SOCKS5_REQUEST_DENIED              2
+#define SOCKS5_REQUEST_NETWORK_UNREACHABLE 3
+#define SOCKS5_REQUEST_HOST_UNREACHABLE    4
+#define SOCKS5_REQUEST_CONNECTION_REFUSED  5
+#define SOCKS5_REQUEST_TTL_EXPIRED         6
+#define SOCKS5_REQUEST_PROTOCOL_ERROR      7
+#define SOCKS5_REQUEST_BAD_ADDRESS_TYPE    8
+
+/* structure of a socks client operation */
+struct socks_op {
+   unsigned char vn;          /* socks version number */
+   unsigned char cd;          /* command code */
+   unsigned char dstport[2];  /* destination port */
+   unsigned char dstip[4];    /* destination address */
+   char userid;               /* first byte of userid */
+   char padding[3];           /* make sure sizeof(struct socks_op) is endian-independent. */
+   /* more bytes of the userid follow, terminated by a NULL */
+};
+
+/* structure of a socks server reply */
+struct socks_reply {
+   unsigned char vn;          /* socks version number */
+   unsigned char cd;          /* command code */
+   unsigned char dstport[2];  /* destination port */
+   unsigned char dstip[4];    /* destination address */
+};
+
+static const char socks_userid[] = "anonymous";
+
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+
+#define MAX_REUSABLE_CONNECTIONS 100
+static int keep_alive_timeout = DEFAULT_KEEP_ALIVE_TIMEOUT;
+
+struct reusable_connection
+{
+   jb_socket sfd;
+   int       in_use;
+   char      *host;
+   int       port;
+   time_t    timestamp;
+
+   int       forwarder_type;
+   char      *gateway_host;
+   int       gateway_port;
+   char      *forward_host;
+   int       forward_port;
+};
+
+static struct reusable_connection reusable_connection[MAX_REUSABLE_CONNECTIONS];
+
+static int mark_connection_unused(jb_socket sfd);
+static void mark_connection_closed(struct reusable_connection *closed_connection);
+static int socket_is_still_usable(jb_socket sfd);
+
+
+/*********************************************************************
+ *
+ * Function    :  initialize_reusable_connections
+ *
+ * Description :  Initializes the reusable_connection structures.
+ *                Must be called with connection_reuse_mutex locked.
+ *
+ * Parameters  : N/A
+ *
+ * Returns     : void
+ *
+ *********************************************************************/
+extern void initialize_reusable_connections(void)
+{
+   unsigned int slot = 0;
+
+#if !defined(HAVE_POLL) && !defined(_WIN32)
+   log_error(LOG_LEVEL_INFO,
+      "Detecting already dead connections might not work "
+      "correctly on your platform. In case of problems, "
+      "unset the keep-alive-timeout option.");
+#endif
+
+   for (slot = 0; slot < SZ(reusable_connection); slot++)
+   {
+      mark_connection_closed(&reusable_connection[slot]);
+   }
+
+   log_error(LOG_LEVEL_CONNECT, "Initialized %d socket slots.", slot);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  remember_connection
+ *
+ * Description :  Remembers a connection for reuse later on.
+ *
+ * Parameters  :
+ *          1  :  sfd  = Open socket to remember.
+ *          2  :  http = The destination for the connection.
+ *          3  :  fwd  = The forwarder settings used.
+ *
+ * Returns     : void
+ *
+ *********************************************************************/
+void remember_connection(jb_socket sfd, const struct http_request *http,
+                                        const struct forward_spec *fwd)
+{
+   unsigned int slot = 0;
+   int free_slot_found = FALSE;
+
+   assert(sfd != JB_INVALID_SOCKET);
+
+   if (mark_connection_unused(sfd))
+   {
+      return;
+   }
+
+   privoxy_mutex_lock(&connection_reuse_mutex);
+
+   /* Find free socket slot. */
+   for (slot = 0; slot < SZ(reusable_connection); slot++)
+   {
+      if (reusable_connection[slot].sfd == JB_INVALID_SOCKET)
+      {
+         assert(reusable_connection[slot].in_use == 0);
+         log_error(LOG_LEVEL_CONNECT,
+            "Remembering socket %d for %s:%d in slot %d.",
+            sfd, http->host, http->port, slot);
+         free_slot_found = TRUE;
+         break;
+      }
+   }
+
+   if (!free_slot_found)
+   {
+      log_error(LOG_LEVEL_CONNECT,
+        "No free slots found to remembering socket for %s:%d. Last slot %d.",
+        http->host, http->port, slot);
+      privoxy_mutex_unlock(&connection_reuse_mutex);
+      close_socket(sfd);
+      return;
+   }
+
+   assert(NULL != http->host);
+   reusable_connection[slot].host = strdup(http->host);
+   if (NULL == reusable_connection[slot].host)
+   {
+      log_error(LOG_LEVEL_FATAL, "Out of memory saving socket.");
+   }
+   reusable_connection[slot].sfd = sfd;
+   reusable_connection[slot].port = http->port;
+   reusable_connection[slot].in_use = 0;
+   reusable_connection[slot].timestamp = time(NULL);
+
+   assert(NULL != fwd);
+   assert(reusable_connection[slot].gateway_host == NULL);
+   assert(reusable_connection[slot].gateway_port == 0);
+   assert(reusable_connection[slot].forwarder_type == SOCKS_NONE);
+   assert(reusable_connection[slot].forward_host == NULL);
+   assert(reusable_connection[slot].forward_port == 0);
+
+   reusable_connection[slot].forwarder_type = fwd->type;
+   if (NULL != fwd->gateway_host)
+   {
+      reusable_connection[slot].gateway_host = strdup(fwd->gateway_host);
+      if (NULL == reusable_connection[slot].gateway_host)
+      {
+         log_error(LOG_LEVEL_FATAL, "Out of memory saving gateway_host.");
+      }
+   }
+   else
+   {
+      reusable_connection[slot].gateway_host = NULL;
+   }
+   reusable_connection[slot].gateway_port = fwd->gateway_port;
+
+   if (NULL != fwd->forward_host)
+   {
+      reusable_connection[slot].forward_host = strdup(fwd->forward_host);
+      if (NULL == reusable_connection[slot].forward_host)
+      {
+         log_error(LOG_LEVEL_FATAL, "Out of memory saving forward_host.");
+      }
+   }
+   else
+   {
+      reusable_connection[slot].forward_host = NULL;
+   }
+   reusable_connection[slot].forward_port = fwd->forward_port;
+
+   privoxy_mutex_unlock(&connection_reuse_mutex);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  mark_connection_closed
+ *
+ * Description : Marks a reused connection closed.
+ *               Must be called with connection_reuse_mutex locked.
+ *
+ * Parameters  :
+ *          1  :  closed_connection = The connection to mark as closed.
+ *
+ * Returns     : void
+ *
+ *********************************************************************/
+static void mark_connection_closed(struct reusable_connection *closed_connection)
+{
+   closed_connection->in_use = FALSE;
+   closed_connection->sfd = JB_INVALID_SOCKET;
+   freez(closed_connection->host);
+   closed_connection->port = 0;
+   closed_connection->timestamp = 0;
+   closed_connection->forwarder_type = SOCKS_NONE;
+   freez(closed_connection->gateway_host);
+   closed_connection->gateway_port = 0;
+   freez(closed_connection->forward_host);
+   closed_connection->forward_port = 0;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  forget_connection
+ *
+ * Description :  Removes a previously remembered connection from
+ *                the list of reusable connections.
+ *
+ * Parameters  :
+ *          1  :  sfd = The socket belonging to the connection in question.
+ *
+ * Returns     : void
+ *
+ *********************************************************************/
+void forget_connection(jb_socket sfd)
+{
+   unsigned int slot = 0;
+
+   assert(sfd != JB_INVALID_SOCKET);
+
+   privoxy_mutex_lock(&connection_reuse_mutex);
+
+   for (slot = 0; slot < SZ(reusable_connection); slot++)
+   {
+      if (reusable_connection[slot].sfd == sfd)
+      {
+         assert(reusable_connection[slot].in_use);
+
+         log_error(LOG_LEVEL_CONNECT,
+            "Forgetting socket %d for %s:%d in slot %d.",
+            sfd, reusable_connection[slot].host,
+            reusable_connection[slot].port, slot);
+         mark_connection_closed(&reusable_connection[slot]);
+         privoxy_mutex_unlock(&connection_reuse_mutex);
+
+         return;
+      }
+   }
+
+   log_error(LOG_LEVEL_CONNECT,
+      "Socket %d already forgotten or never remembered.", sfd);
+
+   privoxy_mutex_unlock(&connection_reuse_mutex);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  connection_destination_matches
+ *
+ * Description :  Determines whether a remembered connection can
+ *                be reused. That is, whether the destination and
+ *                the forwarding settings match.
+ *
+ * Parameters  :
+ *          1  :  connection = The connection to check.
+ *          2  :  http = The destination for the connection.
+ *          3  :  fwd  = The forwarder settings.
+ *
+ * Returns     :  TRUE for yes, FALSE otherwise.
+ *
+ *********************************************************************/
+static int connection_destination_matches(const struct reusable_connection *connection,
+                                          const struct http_request *http,
+                                          const struct forward_spec *fwd)
+{
+   if ((connection->forwarder_type != fwd->type)
+    || (connection->gateway_port   != fwd->gateway_port)
+    || (connection->forward_port   != fwd->forward_port)
+    || (connection->port           != http->port))
+   {
+      return FALSE;
+   }
+
+   if ((    (NULL != connection->gateway_host)
+         && (NULL != fwd->gateway_host)
+         && strcmpic(connection->gateway_host, fwd->gateway_host))
+       && (connection->gateway_host != fwd->gateway_host))
+   {
+      log_error(LOG_LEVEL_CONNECT, "Gateway mismatch.");
+      return FALSE;
+   }
+
+   if ((    (NULL != connection->forward_host)
+         && (NULL != fwd->forward_host)
+         && strcmpic(connection->forward_host, fwd->forward_host))
+      && (connection->forward_host != fwd->forward_host))
+   {
+      log_error(LOG_LEVEL_CONNECT, "Forwarding proxy mismatch.");
+      return FALSE;
+   }
+
+   return (!strcmpic(connection->host, http->host));
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  close_unusable_connections
+ *
+ * Description :  Closes remembered connections that have timed
+ *                out or have been closed on the other side.
+ *
+ * Parameters  :  none
+ *
+ * Returns     :  Number of connections that are still alive.
+ *
+ *********************************************************************/
+int close_unusable_connections(void)
+{
+   unsigned int slot = 0;
+   int connections_alive = 0;
+
+   privoxy_mutex_lock(&connection_reuse_mutex);
+
+   for (slot = 0; slot < SZ(reusable_connection); slot++)
+   {
+      if (!reusable_connection[slot].in_use
+         && (JB_INVALID_SOCKET != reusable_connection[slot].sfd))
+      {
+         time_t time_open = time(NULL) - reusable_connection[slot].timestamp;
+
+         if (keep_alive_timeout < time_open)
+         {
+            log_error(LOG_LEVEL_CONNECT,
+               "The connection to %s:%d in slot %d timed out. "
+               "Closing socket %d. Timeout is: %d.",
+               reusable_connection[slot].host,
+               reusable_connection[slot].port, slot,
+               reusable_connection[slot].sfd, keep_alive_timeout);
+            close_socket(reusable_connection[slot].sfd);
+            mark_connection_closed(&reusable_connection[slot]);
+         }
+         else if (!socket_is_still_usable(reusable_connection[slot].sfd))
+         {
+            log_error(LOG_LEVEL_CONNECT,
+               "The connection to %s:%d in slot %d is no longer usable. "
+               "Closing socket %d.", reusable_connection[slot].host,
+               reusable_connection[slot].port, slot,
+               reusable_connection[slot].sfd);
+            close_socket(reusable_connection[slot].sfd);
+            mark_connection_closed(&reusable_connection[slot]);
+         }
+         else
+         {
+            connections_alive++;
+         }
+      }
+   }
+
+   privoxy_mutex_unlock(&connection_reuse_mutex);
+
+   return connections_alive;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  socket_is_still_usable
+ *
+ * Description :  Decides whether or not an open socket is still usable.
+ *
+ * Parameters  :
+ *          1  :  sfd = The socket to check.
+ *
+ * Returns     :  TRUE for yes, otherwise FALSE.
+ *
+ *********************************************************************/
+static int socket_is_still_usable(jb_socket sfd)
+{
+#ifdef HAVE_POLL
+   int poll_result;
+   struct pollfd poll_fd[1];
+
+   memset(poll_fd, 0, sizeof(poll_fd));
+   poll_fd[0].fd = sfd;
+   poll_fd[0].events = POLLIN;
+
+   poll_result = poll(poll_fd, 1, 0);
+
+   if (-1 != poll_result)
+   {
+      return !(poll_fd[0].revents & POLLIN);
+   }
+   else
+   {
+      log_error(LOG_LEVEL_CONNECT, "Polling socket %d failed.", sfd);
+      return FALSE;
+   }
+#else
+   fd_set readable_fds;
+   struct timeval timeout;
+   int ret;
+   int socket_is_alive = 0;
+
+   memset(&timeout, '\0', sizeof(timeout));
+   FD_ZERO(&readable_fds);
+   FD_SET(sfd, &readable_fds);
+
+   ret = select((int)sfd+1, &readable_fds, NULL, NULL, &timeout);
+   if (ret < 0)
+   {
+      log_error(LOG_LEVEL_ERROR, "select() failed!: %E");
+   }
+
+   /*
+    * XXX: I'm not sure why !FD_ISSET() works,
+    * but apparently it does.
+    */
+   socket_is_alive = !FD_ISSET(sfd, &readable_fds);
+
+   return socket_is_alive;
+#endif /* def HAVE_POLL */
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_reusable_connection
+ *
+ * Description :  Returns an open socket to a previously remembered
+ *                open connection (if there is one).
+ *
+ * Parameters  :
+ *          1  :  http = The destination for the connection.
+ *          2  :  fwd  = The forwarder settings.
+ *
+ * Returns     :  JB_INVALID_SOCKET => No reusable connection found,
+ *                otherwise a usable socket.
+ *
+ *********************************************************************/
+static jb_socket get_reusable_connection(const struct http_request *http,
+                                         const struct forward_spec *fwd)
+{
+   jb_socket sfd = JB_INVALID_SOCKET;
+   unsigned int slot = 0;
+
+   close_unusable_connections();
+
+   privoxy_mutex_lock(&connection_reuse_mutex);
+
+   for (slot = 0; slot < SZ(reusable_connection); slot++)
+   {
+      if (!reusable_connection[slot].in_use
+         && (JB_INVALID_SOCKET != reusable_connection[slot].sfd))
+      {
+         if (connection_destination_matches(&reusable_connection[slot], http, fwd))
+         {
+            reusable_connection[slot].in_use = TRUE;
+            sfd = reusable_connection[slot].sfd;
+            log_error(LOG_LEVEL_CONNECT,
+               "Found reusable socket %d for %s:%d in slot %d.",
+               sfd, reusable_connection[slot].host, reusable_connection[slot].port, slot);
+            break;
+         }
+      }
+   }
+
+   privoxy_mutex_unlock(&connection_reuse_mutex);
+
+   return sfd;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  mark_connection_unused
+ *
+ * Description :  Gives a remembered connection free for reuse.
+ *
+ * Parameters  :
+ *          1  :  sfd = The socket belonging to the connection in question.
+ *
+ * Returns     :  TRUE => Socket found and marked as unused.
+ *                FALSE => Socket not found.
+ *
+ *********************************************************************/
+static int mark_connection_unused(jb_socket sfd)
+{
+   unsigned int slot = 0;
+   int socket_found = FALSE;
+
+   assert(sfd != JB_INVALID_SOCKET);
+
+   privoxy_mutex_lock(&connection_reuse_mutex);
+
+   for (slot = 0; slot < SZ(reusable_connection); slot++)
+   {
+      if (reusable_connection[slot].sfd == sfd)
+      {
+         assert(reusable_connection[slot].in_use);
+         socket_found = TRUE;
+         log_error(LOG_LEVEL_CONNECT,
+            "Marking open socket %d for %s:%d in slot %d as unused.",
+            sfd, reusable_connection[slot].host,
+            reusable_connection[slot].port, slot);
+         reusable_connection[slot].in_use = 0;
+         reusable_connection[slot].timestamp = time(NULL);
+         break;
+      }
+   }
+
+   privoxy_mutex_unlock(&connection_reuse_mutex);
+
+   return socket_found;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  set_keep_alive_timeout
+ *
+ * Description :  Sets the timeout after which open
+ *                connections will no longer be reused.
+ *
+ * Parameters  :
+ *          1  :  timeout = The timeout in seconds.
+ *
+ * Returns     :  void
+ *
+ *********************************************************************/
+void set_keep_alive_timeout(int timeout)
+{
+   keep_alive_timeout = timeout;
+}
+#endif /* def FEATURE_CONNECTION_KEEP_ALIVE */
+
+
+/*********************************************************************
+ *
+ * Function    :  forwarded_connect
+ *
+ * Description :  Connect to a specified web server, possibly via
+ *                a HTTP proxy and/or a SOCKS proxy.
+ *
+ * Parameters  :
+ *          1  :  fwd = the proxies to use when connecting.
+ *          2  :  http = the http request and apropos headers
+ *          3  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  JB_INVALID_SOCKET => failure, else it is the socket file descriptor.
+ *
+ *********************************************************************/
+jb_socket forwarded_connect(const struct forward_spec * fwd,
+                            struct http_request *http,
+                            struct client_state *csp)
+{
+   const char * dest_host;
+   int dest_port;
+   jb_socket sfd = JB_INVALID_SOCKET;
+
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+   sfd = get_reusable_connection(http, fwd);
+   if (JB_INVALID_SOCKET != sfd)
+   {
+      return sfd;
+   }
+#endif /* def FEATURE_CONNECTION_KEEP_ALIVE */
+
+   /* Figure out if we need to connect to the web server or a HTTP proxy. */
+   if (fwd->forward_host)
+   {
+      /* HTTP proxy */
+      dest_host = fwd->forward_host;
+      dest_port = fwd->forward_port;
+   }
+   else
+   {
+      /* Web server */
+      dest_host = http->host;
+      dest_port = http->port;
+   }
+
+   /* Connect, maybe using a SOCKS proxy */
+   switch (fwd->type)
+   {
+      case SOCKS_NONE:
+         sfd = connect_to(dest_host, dest_port, csp);
+         break;
+      case SOCKS_4:
+      case SOCKS_4A:
+         sfd = socks4_connect(fwd, dest_host, dest_port, csp);
+         break;
+      case SOCKS_5:
+         sfd = socks5_connect(fwd, dest_host, dest_port, csp);
+         break;
+      default:
+         /* Should never get here */
+         log_error(LOG_LEVEL_FATAL,
+            "SOCKS4 impossible internal error - bad SOCKS type.");
+   }
+
+   if (JB_INVALID_SOCKET != sfd)
+   {
+      log_error(LOG_LEVEL_CONNECT,
+         "Created new connection to %s:%d on socket %d.",
+         http->host, http->port, sfd);
+   }
+
+   return sfd;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  socks4_connect
+ *
+ * Description :  Connect to the SOCKS server, and connect through
+ *                it to the specified server.   This handles
+ *                all the SOCKS negotiation, and returns a file
+ *                descriptor for a socket which can be treated as a
+ *                normal (non-SOCKS) socket.
+ *
+ *                Logged error messages are saved to csp->error_message
+ *                and later reused by error_response() for the CGI
+ *                message. strdup allocation failures are handled there.
+ *
+ * Parameters  :
+ *          1  :  fwd = Specifies the SOCKS proxy to use.
+ *          2  :  target_host = The final server to connect to.
+ *          3  :  target_port = The final port to connect to.
+ *          4  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  JB_INVALID_SOCKET => failure, else a socket file descriptor.
+ *
+ *********************************************************************/
+static jb_socket socks4_connect(const struct forward_spec * fwd,
+                                const char * target_host,
+                                int target_port,
+                                struct client_state *csp)
+{
+   unsigned int web_server_addr;
+   char buf[BUFFER_SIZE];
+   struct socks_op    *c = (struct socks_op    *)buf;
+   struct socks_reply *s = (struct socks_reply *)buf;
+   size_t n;
+   size_t csiz;
+   jb_socket sfd;
+   int err = 0;
+   char *errstr = NULL;
+
+   if ((fwd->gateway_host == NULL) || (*fwd->gateway_host == '\0'))
+   {
+      /* XXX: Shouldn't the config file parser prevent this? */
+      errstr = "NULL gateway host specified.";
+      err = 1;
+   }
+
+   if (fwd->gateway_port <= 0)
+   {
+      errstr = "invalid gateway port specified.";
+      err = 1;
+   }
+
+   if (err)
+   {
+      log_error(LOG_LEVEL_CONNECT, "socks4_connect: %s", errstr);
+      csp->error_message = strdup(errstr); 
+      errno = EINVAL;
+      return(JB_INVALID_SOCKET);
+   }
+
+   /* build a socks request for connection to the web server */
+
+   strlcpy(&(c->userid), socks_userid, sizeof(buf) - sizeof(struct socks_op));
+
+   csiz = sizeof(*c) + sizeof(socks_userid) - sizeof(c->userid) - sizeof(c->padding);
+
+   switch (fwd->type)
+   {
+      case SOCKS_4:
+         web_server_addr = resolve_hostname_to_ip(target_host);
+         if (web_server_addr == INADDR_NONE)
+         {
+            errstr = "could not resolve target host";
+            log_error(LOG_LEVEL_CONNECT, "socks4_connect: %s %s", errstr, target_host);
+            err = 1;
+         }
+         else
+         {
+            web_server_addr = htonl(web_server_addr);
+         }
+         break;
+      case SOCKS_4A:
+         web_server_addr = 0x00000001;
+         n = csiz + strlen(target_host) + 1;
+         if (n > sizeof(buf))
+         {
+            errno = EINVAL;
+            errstr = "buffer cbuf too small.";
+            log_error(LOG_LEVEL_CONNECT, "socks4_connect: %s", errstr);
+            err = 1;
+         }
+         else
+         {
+            strlcpy(buf + csiz, target_host, sizeof(buf) - sizeof(struct socks_op) - csiz);
+            /*
+             * What we forward to the socks4a server should have the
+             * size of socks_op, plus the length of the userid plus
+             * its \0 byte (which we don't have to add because the
+             * first byte of the userid is counted twice as it's also
+             * part of sock_op) minus the padding bytes (which are part
+             * of the userid as well), plus the length of the target_host
+             * (which is stored csiz bytes after the beginning of the buffer),
+             * plus another \0 byte.
+             */
+            assert(n == sizeof(struct socks_op) + strlen(&(c->userid)) - sizeof(c->padding) + strlen(buf + csiz) + 1);
+            csiz = n;
+         }
+         break;
+      default:
+         /* Should never get here */
+         log_error(LOG_LEVEL_FATAL,
+            "socks4_connect: SOCKS4 impossible internal error - bad SOCKS type.");
+         /* Not reached */
+         return(JB_INVALID_SOCKET);
+   }
+
+   if (err)
+   {
+      csp->error_message = strdup(errstr);
+      return(JB_INVALID_SOCKET);
+   }
+
+   c->vn          = 4;
+   c->cd          = 1;
+   c->dstport[0]  = (unsigned char)((target_port       >> 8  ) & 0xff);
+   c->dstport[1]  = (unsigned char)((target_port             ) & 0xff);
+   c->dstip[0]    = (unsigned char)((web_server_addr   >> 24 ) & 0xff);
+   c->dstip[1]    = (unsigned char)((web_server_addr   >> 16 ) & 0xff);
+   c->dstip[2]    = (unsigned char)((web_server_addr   >>  8 ) & 0xff);
+   c->dstip[3]    = (unsigned char)((web_server_addr         ) & 0xff);
+
+   /* pass the request to the socks server */
+   sfd = connect_to(fwd->gateway_host, fwd->gateway_port, csp);
+
+   if (sfd == JB_INVALID_SOCKET)
+   {
+      /*
+       * XXX: connect_to should fill in the exact reason.
+       * Most likely resolving the IP of the forwarder failed.
+       */
+      errstr = "connect_to failed: see logfile for details";
+      err = 1;
+   }
+   else if (write_socket(sfd, (char *)c, csiz))
+   {
+      errstr = "SOCKS4 negotiation write failed.";
+      log_error(LOG_LEVEL_CONNECT, "socks4_connect: %s", errstr);
+      err = 1;
+      close_socket(sfd);
+   }
+   else if (read_socket(sfd, buf, sizeof(buf)) != sizeof(*s))
+   {
+      errstr = "SOCKS4 negotiation read failed.";
+      log_error(LOG_LEVEL_CONNECT, "socks4_connect: %s", errstr);
+      err = 1;
+      close_socket(sfd);
+   }
+
+   if (err)
+   {
+      csp->error_message = strdup(errstr);      
+      return(JB_INVALID_SOCKET);
+   }
+
+   switch (s->cd)
+   {
+      case SOCKS_REQUEST_GRANTED:
+         return(sfd);
+      case SOCKS_REQUEST_REJECT:
+         errstr = "SOCKS request rejected or failed.";
+         errno = EINVAL;
+         break;
+      case SOCKS_REQUEST_IDENT_FAILED:
+         errstr = "SOCKS request rejected because "
+            "SOCKS server cannot connect to identd on the client.";
+         errno = EACCES;
+         break;
+      case SOCKS_REQUEST_IDENT_CONFLICT:
+         errstr = "SOCKS request rejected because "
+            "the client program and identd report "
+            "different user-ids.";
+         errno = EACCES;
+         break;
+      default:
+         errno = ENOENT;
+         snprintf(buf, sizeof(buf),
+            "SOCKS request rejected for reason code %d.", s->cd);
+         errstr = buf;
+   }
+
+   log_error(LOG_LEVEL_CONNECT, "socks4_connect: %s", errstr);
+   csp->error_message = strdup(errstr);
+   close_socket(sfd);
+
+   return(JB_INVALID_SOCKET);
+
+}
+
+/*********************************************************************
+ *
+ * Function    :  translate_socks5_error
+ *
+ * Description :  Translates a SOCKS errors to a string.
+ *
+ * Parameters  :
+ *          1  :  socks_error = The error code to translate.
+ *
+ * Returns     :  The string translation.
+ *
+ *********************************************************************/
+static const char *translate_socks5_error(int socks_error)
+{
+   switch (socks_error)
+   {
+      /* XXX: these should be more descriptive */
+      case SOCKS5_REQUEST_FAILED:
+         return "SOCKS5 request failed";
+      case SOCKS5_REQUEST_DENIED:
+         return "SOCKS5 request denied";
+      case SOCKS5_REQUEST_NETWORK_UNREACHABLE:
+         return "SOCKS5 network unreachable";
+      case SOCKS5_REQUEST_HOST_UNREACHABLE:
+         return "SOCKS5 host unreachable";
+      case SOCKS5_REQUEST_CONNECTION_REFUSED:
+         return "SOCKS5 connection refused";
+      case SOCKS5_REQUEST_TTL_EXPIRED:
+         return "SOCKS5 TTL expired";
+      case SOCKS5_REQUEST_PROTOCOL_ERROR:
+         return "SOCKS5 client protocol error";
+      case SOCKS5_REQUEST_BAD_ADDRESS_TYPE:
+         return "SOCKS5 domain names unsupported";
+      case SOCKS5_REQUEST_GRANTED:
+         return "everything's peachy";
+      default:
+         return "SOCKS5 negotiation protocol error";
+   }
+}
+
+/*********************************************************************
+ *
+ * Function    :  socks5_connect
+ *
+ * Description :  Connect to the SOCKS server, and connect through
+ *                it to the specified server.   This handles
+ *                all the SOCKS negotiation, and returns a file
+ *                descriptor for a socket which can be treated as a
+ *                normal (non-SOCKS) socket.
+ *
+ * Parameters  :
+ *          1  :  fwd = Specifies the SOCKS proxy to use.
+ *          2  :  target_host = The final server to connect to.
+ *          3  :  target_port = The final port to connect to.
+ *          4  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  JB_INVALID_SOCKET => failure, else a socket file descriptor.
+ *
+ *********************************************************************/
+static jb_socket socks5_connect(const struct forward_spec *fwd,
+                                const char *target_host,
+                                int target_port,
+                                struct client_state *csp)
+{
+   int err = 0;
+   char cbuf[300];
+   char sbuf[30];
+   size_t client_pos = 0;
+   int server_size = 0;
+   size_t hostlen = 0;
+   jb_socket sfd;
+   const char *errstr = NULL;
+
+   assert(fwd->gateway_host);
+   if ((fwd->gateway_host == NULL) || (*fwd->gateway_host == '\0'))
+   {
+      errstr = "NULL gateway host specified";
+      err = 1;
+   }
+
+   if (fwd->gateway_port <= 0)
+   {
+      /*
+       * XXX: currently this can't happen because in
+       * case of invalid gateway ports we use the defaults.
+       * Of course we really shouldn't do that.
+       */
+      errstr = "invalid gateway port specified";
+      err = 1;
+   }
+
+   hostlen = strlen(target_host);
+   if (hostlen > (size_t)255)
+   {
+      errstr = "target host name is longer than 255 characters";
+      err = 1;
+   }
+
+   if (fwd->type != SOCKS_5)
+   {
+      /* Should never get here */
+      log_error(LOG_LEVEL_FATAL,
+         "SOCKS5 impossible internal error - bad SOCKS type");
+      err = 1;
+   }
+
+   if (err)
+   {
+      errno = EINVAL;
+      assert(errstr != NULL);
+      log_error(LOG_LEVEL_CONNECT, "socks5_connect: %s", errstr);
+      csp->error_message = strdup(errstr);
+      return(JB_INVALID_SOCKET);
+   }
+
+   /* pass the request to the socks server */
+   sfd = connect_to(fwd->gateway_host, fwd->gateway_port, csp);
+
+   if (sfd == JB_INVALID_SOCKET)
+   {
+      errstr = "socks5 server unreachable";
+      log_error(LOG_LEVEL_CONNECT, "socks5_connect: %s", errstr);
+      csp->error_message = strdup(errstr);
+      return(JB_INVALID_SOCKET);
+   }
+
+   client_pos = 0;
+   cbuf[client_pos++] = '\x05'; /* Version */
+   cbuf[client_pos++] = '\x01'; /* One authentication method supported */
+   cbuf[client_pos++] = '\x00'; /* The no authentication authentication method */
+
+   if (write_socket(sfd, cbuf, client_pos))
+   {
+      errstr = "SOCKS5 negotiation write failed";
+      csp->error_message = strdup(errstr);
+      log_error(LOG_LEVEL_CONNECT, "%s", errstr);
+      close_socket(sfd);
+      return(JB_INVALID_SOCKET);
+   }
+
+   if (read_socket(sfd, sbuf, sizeof(sbuf)) != 2)
+   {
+      errstr = "SOCKS5 negotiation read failed";
+      err = 1;
+   }
+
+   if (!err && (sbuf[0] != '\x05'))
+   {
+      errstr = "SOCKS5 negotiation protocol version error";
+      err = 1;
+   }
+
+   if (!err && (sbuf[1] == '\xff'))
+   {
+      errstr = "SOCKS5 authentication required";
+      err = 1;
+   }
+
+   if (!err && (sbuf[1] != '\x00'))
+   {
+      errstr = "SOCKS5 negotiation protocol error";
+      err = 1;
+   }
+
+   if (err)
+   {
+      assert(errstr != NULL);
+      log_error(LOG_LEVEL_CONNECT, "socks5_connect: %s", errstr);
+      csp->error_message = strdup(errstr);
+      close_socket(sfd);
+      errno = EINVAL;
+      return(JB_INVALID_SOCKET);
+   }
+
+   client_pos = 0;
+   cbuf[client_pos++] = '\x05'; /* Version */
+   cbuf[client_pos++] = '\x01'; /* TCP connect */
+   cbuf[client_pos++] = '\x00'; /* Reserved, must be 0x00 */
+   cbuf[client_pos++] = '\x03'; /* Address is domain name */
+   cbuf[client_pos++] = (char)(hostlen & 0xffu);
+   assert(sizeof(cbuf) - client_pos > (size_t)255);
+   /* Using strncpy because we really want the nul byte padding. */
+   strncpy(cbuf + client_pos, target_host, sizeof(cbuf) - client_pos);
+   client_pos += (hostlen & 0xffu);
+   cbuf[client_pos++] = (char)((target_port >> 8) & 0xff);
+   cbuf[client_pos++] = (char)((target_port     ) & 0xff);
+
+   if (write_socket(sfd, cbuf, client_pos))
+   {
+      errstr = "SOCKS5 negotiation read failed";
+      csp->error_message = strdup(errstr);
+      log_error(LOG_LEVEL_CONNECT, "%s", errstr);
+      close_socket(sfd);
+      errno = EINVAL;
+      return(JB_INVALID_SOCKET);
+   }
+
+   server_size = read_socket(sfd, sbuf, sizeof(sbuf));
+   if (server_size < 3)
+   {
+      errstr = "SOCKS5 negotiation read failed";
+      err = 1;
+   }
+   else if (server_size > 20)
+   {
+      /* This is somewhat unexpected but doesn't realy matter. */
+      log_error(LOG_LEVEL_CONNECT, "socks5_connect: read %d bytes "
+         "from socks server. Would have accepted up to %d.",
+         server_size, sizeof(sbuf));
+   }
+
+   if (!err && (sbuf[0] != '\x05'))
+   {
+      errstr = "SOCKS5 negotiation protocol version error";
+      err = 1;
+   }
+
+   if (!err && (sbuf[2] != '\x00'))
+   {
+      errstr = "SOCKS5 negotiation protocol error";
+      err = 1;
+   }
+
+   if (!err)
+   {
+      if (sbuf[1] == SOCKS5_REQUEST_GRANTED)
+      {
+         return(sfd);
+      }
+      errstr = translate_socks5_error(sbuf[1]);
+      err = 1;
+   }
+
+   assert(errstr != NULL);
+   csp->error_message = strdup(errstr);
+   log_error(LOG_LEVEL_CONNECT, "socks5_connect: %s", errstr);
+   close_socket(sfd);
+   errno = EINVAL;
+
+   return(JB_INVALID_SOCKET);
+
+}
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/gateway.h b/external/privoxy/gateway.h
new file mode 100644
index 0000000..94115f7
--- /dev/null
+++ b/external/privoxy/gateway.h
@@ -0,0 +1,158 @@
+#ifndef GATEWAY_H_INCLUDED
+#define GATEWAY_H_INCLUDED
+#define GATEWAY_H_VERSION "$Id: gateway.h,v 1.12 2008/12/24 17:06:19 fabiankeil Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/gateway.h,v $
+ *
+ * Purpose     :  Contains functions to connect to a server, possibly
+ *                using a "gateway" (i.e. HTTP proxy and/or SOCKS4
+ *                proxy).  Also contains the list of gateway types.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: gateway.h,v $
+ *    Revision 1.12  2008/12/24 17:06:19  fabiankeil
+ *    Keep a thread around to timeout alive connections
+ *    even if no new requests are coming in.
+ *
+ *    Revision 1.11  2008/11/13 09:08:42  fabiankeil
+ *    Add new config option: keep-alive-timeout.
+ *
+ *    Revision 1.10  2008/10/09 18:21:41  fabiankeil
+ *    Flush work-in-progress changes to keep outgoing connections
+ *    alive where possible. Incomplete and mostly #ifdef'd out.
+ *
+ *    Revision 1.9  2006/07/18 14:48:46  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.7  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.6  2002/03/25 22:12:45  oes
+ *    Added fix for undefined INADDR_NONE on Solaris by Bart Schelstraete
+ *
+ *    Revision 1.5  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.4  2002/03/09 20:03:52  jongfoster
+ *    - Making various functions return int rather than size_t.
+ *      (Undoing a recent change).  Since size_t is unsigned on
+ *      Windows, functions like read_socket that return -1 on
+ *      error cannot return a size_t.
+ *
+ *      THIS WAS A MAJOR BUG - it caused frequent, unpredictable
+ *      crashes, and also frequently caused JB to jump to 100%
+ *      CPU and stay there.  (Because it thought it had just
+ *      read ((unsigned)-1) == 4Gb of data...)
+ *
+ *    - The signature of write_socket has changed, it now simply
+ *      returns success=0/failure=nonzero.
+ *
+ *    - Trying to get rid of a few warnings --with-debug on
+ *      Windows, I've introduced a new type "jb_socket".  This is
+ *      used for the socket file descriptors.  On Windows, this
+ *      is SOCKET (a typedef for unsigned).  Everywhere else, it's
+ *      an int.  The error value can't be -1 any more, so it's
+ *      now JB_INVALID_SOCKET (which is -1 on UNIX, and in
+ *      Windows it maps to the #define INVALID_SOCKET.)
+ *
+ *    - The signature of bind_port has changed.
+ *
+ *    Revision 1.3  2001/07/29 18:58:15  jongfoster
+ *    Removing nested #includes, adding forward declarations for needed
+ *    structures, and changing the #define _FILENAME_H to FILENAME_H_INCLUDED.
+ *
+ *    Revision 1.2  2001/06/07 23:12:14  jongfoster
+ *    Removing gateways[] list - no longer used.
+ *    Replacing function pointer in struct gateway with a directly
+ *    called function forwarded_connect(), which can do the common
+ *    task of deciding whether to connect to the web server or HTTP
+ *    proxy.
+ *    Replacing struct gateway with struct forward_spec
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:54  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct forward_spec;
+struct http_request;
+struct client_state;
+
+extern jb_socket forwarded_connect(const struct forward_spec * fwd, 
+                                   struct http_request *http, 
+                                   struct client_state *csp);
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+
+/*
+ * Default number of seconds after which an
+ * open connection will no longer be reused.
+ */
+#define DEFAULT_KEEP_ALIVE_TIMEOUT 180
+
+extern void set_keep_alive_timeout(int timeout);
+extern void initialize_reusable_connections(void);
+extern void forget_connection(jb_socket sfd);
+extern void remember_connection(jb_socket sfd,
+                                const struct http_request *http,
+                                const struct forward_spec *fwd);
+extern int close_unusable_connections(void);
+#endif /* FEATURE_CONNECTION_KEEP_ALIVE */
+
+
+/*
+ * Solaris fix
+ */
+#ifndef INADDR_NONE
+#define INADDR_NONE -1
+#endif
+
+/*
+ * Revision control strings from this header and associated .c file
+ */
+extern const char gateway_rcs[];
+extern const char gateway_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef GATEWAY_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/genclspec.sh b/external/privoxy/genclspec.sh
new file mode 100755
index 0000000..376e992
--- /dev/null
+++ b/external/privoxy/genclspec.sh
@@ -0,0 +1,55 @@
+#!/bin/sh
+#
+# $Id: genclspec.sh,v 1.2 2002/04/27 04:49:11 morcego Exp $
+#
+# Written by and Copyright (C) 2001 the SourceForge
+# Privoxy team. http://www.privoxy.org/
+#
+# This program is free software; you can redistribute it 
+# and/or modify it under the terms of the GNU General
+# Public License as published by the Free Software
+# Foundation; either version 2 of the License, or (at
+# your option) any later version.
+#
+# This program is distributed in the hope that it will
+# be useful, but WITHOUT ANY WARRANTY; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.  See the GNU General Public
+# License for more details.
+#
+# The GNU General Public License should be included with
+# this file.  If not, you can view it at
+# http://www.gnu.org/copyleft/gpl.html
+# or write to the Free Software Foundation, Inc., 59
+# Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
+# $Log: genclspec.sh,v $
+# Revision 1.2  2002/04/27 04:49:11  morcego
+# Adding license and copyright comments.
+#
+#
+
+VERSION=`cat privoxy-rh.spec | sed -n -e 's/^Version:[ ]*//p'`
+RELEASE=`cat privoxy-rh.spec | sed -n -e 's/^Release:[ ]*//p'`
+CLTAG=${VERSION}-${RELEASE}cl
+
+PACKAGER=`rpm --eval "%{packager}"`
+if [ "${PACKAGER}" = "%{packager}" ]; then
+	PACKAGER="genclspec script <developers at privoxy.org>"
+fi
+
+export LC_ALL=
+export LANG=
+DATETAG=`date "+%a %b %d %Y"`
+
+if [ -r privoxy-cl.spec ]; then
+	echo Old CL specfile found. Removing it.
+fi
+
+cat privoxy-rh.spec | sed -e 's/^\(Release:[ ]*[^ ]\+\)[ ]*$/\1cl/' \
+			  -e "/^%changelog/a* ${DATETAG} ${PACKAGER}" \
+			  -e "/^%changelog/a+ privoxy-${CLTAG}" \
+			  -e "/^%changelog/a- Packaging for Conectiva Linux (automatic genarated specfile)" \
+			  -e '/^%changelog/a \
+' > privoxy-cl.spec
+
diff --git a/external/privoxy/icons/ico00001.ico b/external/privoxy/icons/ico00001.ico
new file mode 100644
index 0000000..a01ccfc
Binary files /dev/null and b/external/privoxy/icons/ico00001.ico differ
diff --git a/external/privoxy/icons/ico00002.ico b/external/privoxy/icons/ico00002.ico
new file mode 100644
index 0000000..b7de068
Binary files /dev/null and b/external/privoxy/icons/ico00002.ico differ
diff --git a/external/privoxy/icons/ico00003.ico b/external/privoxy/icons/ico00003.ico
new file mode 100644
index 0000000..99e0980
Binary files /dev/null and b/external/privoxy/icons/ico00003.ico differ
diff --git a/external/privoxy/icons/ico00004.ico b/external/privoxy/icons/ico00004.ico
new file mode 100644
index 0000000..35b76d4
Binary files /dev/null and b/external/privoxy/icons/ico00004.ico differ
diff --git a/external/privoxy/icons/ico00005.ico b/external/privoxy/icons/ico00005.ico
new file mode 100644
index 0000000..db9bddf
Binary files /dev/null and b/external/privoxy/icons/ico00005.ico differ
diff --git a/external/privoxy/icons/ico00006.ico b/external/privoxy/icons/ico00006.ico
new file mode 100644
index 0000000..5e1f3fa
Binary files /dev/null and b/external/privoxy/icons/ico00006.ico differ
diff --git a/external/privoxy/icons/ico00007.ico b/external/privoxy/icons/ico00007.ico
new file mode 100644
index 0000000..6ec504d
Binary files /dev/null and b/external/privoxy/icons/ico00007.ico differ
diff --git a/external/privoxy/icons/ico00008.ico b/external/privoxy/icons/ico00008.ico
new file mode 100644
index 0000000..e6bc72f
Binary files /dev/null and b/external/privoxy/icons/ico00008.ico differ
diff --git a/external/privoxy/icons/idle.ico b/external/privoxy/icons/idle.ico
new file mode 100644
index 0000000..5ef20fc
Binary files /dev/null and b/external/privoxy/icons/idle.ico differ
diff --git a/external/privoxy/icons/off.ico b/external/privoxy/icons/off.ico
new file mode 100644
index 0000000..cea8778
Binary files /dev/null and b/external/privoxy/icons/off.ico differ
diff --git a/external/privoxy/icons/os2.ico b/external/privoxy/icons/os2.ico
new file mode 100644
index 0000000..0ad4f56
Binary files /dev/null and b/external/privoxy/icons/os2.ico differ
diff --git a/external/privoxy/icons/os20.ico b/external/privoxy/icons/os20.ico
new file mode 100644
index 0000000..ef5995b
Binary files /dev/null and b/external/privoxy/icons/os20.ico differ
diff --git a/external/privoxy/icons/os21.ico b/external/privoxy/icons/os21.ico
new file mode 100644
index 0000000..cc61b61
Binary files /dev/null and b/external/privoxy/icons/os21.ico differ
diff --git a/external/privoxy/icons/os22.ico b/external/privoxy/icons/os22.ico
new file mode 100644
index 0000000..d357dfb
Binary files /dev/null and b/external/privoxy/icons/os22.ico differ
diff --git a/external/privoxy/icons/os23.ico b/external/privoxy/icons/os23.ico
new file mode 100644
index 0000000..8ac037f
Binary files /dev/null and b/external/privoxy/icons/os23.ico differ
diff --git a/external/privoxy/icons/os24.ico b/external/privoxy/icons/os24.ico
new file mode 100644
index 0000000..f2b87f7
Binary files /dev/null and b/external/privoxy/icons/os24.ico differ
diff --git a/external/privoxy/icons/os25.ico b/external/privoxy/icons/os25.ico
new file mode 100644
index 0000000..5bc68b5
Binary files /dev/null and b/external/privoxy/icons/os25.ico differ
diff --git a/external/privoxy/icons/os26.ico b/external/privoxy/icons/os26.ico
new file mode 100644
index 0000000..408d89e
Binary files /dev/null and b/external/privoxy/icons/os26.ico differ
diff --git a/external/privoxy/icons/os27.ico b/external/privoxy/icons/os27.ico
new file mode 100644
index 0000000..00a8814
Binary files /dev/null and b/external/privoxy/icons/os27.ico differ
diff --git a/external/privoxy/icons/os28.ico b/external/privoxy/icons/os28.ico
new file mode 100644
index 0000000..9153636
Binary files /dev/null and b/external/privoxy/icons/os28.ico differ
diff --git a/external/privoxy/icons/privoxy.ico b/external/privoxy/icons/privoxy.ico
new file mode 100644
index 0000000..4c96d0b
Binary files /dev/null and b/external/privoxy/icons/privoxy.ico differ
diff --git a/external/privoxy/install-sh b/external/privoxy/install-sh
new file mode 100755
index 0000000..e9de238
--- /dev/null
+++ b/external/privoxy/install-sh
@@ -0,0 +1,251 @@
+#!/bin/sh
+#
+# install - install a program, script, or datafile
+# This comes from X11R5 (mit/util/scripts/install.sh).
+#
+# Copyright 1991 by the Massachusetts Institute of Technology
+#
+# Permission to use, copy, modify, distribute, and sell this software and its
+# documentation for any purpose is hereby granted without fee, provided that
+# the above copyright notice appear in all copies and that both that
+# copyright notice and this permission notice appear in supporting
+# documentation, and that the name of M.I.T. not be used in advertising or
+# publicity pertaining to distribution of the software without specific,
+# written prior permission.  M.I.T. makes no representations about the
+# suitability of this software for any purpose.  It is provided "as is"
+# without express or implied warranty.
+#
+# Calling this script install-sh is preferred over install.sh, to prevent
+# `make' implicit rules from creating a file called install from it
+# when there is no Makefile.
+#
+# This script is compatible with the BSD install script, but was written
+# from scratch.  It can only install one file at a time, a restriction
+# shared with many OS's install programs.
+
+
+# set DOITPROG to echo to test this script
+
+# Don't use :- since 4.3BSD and earlier shells don't like it.
+doit="${DOITPROG-}"
+
+
+# put in absolute paths if you don't have them in your path; or use env. vars.
+
+mvprog="${MVPROG-mv}"
+cpprog="${CPPROG-cp}"
+chmodprog="${CHMODPROG-chmod}"
+chownprog="${CHOWNPROG-chown}"
+chgrpprog="${CHGRPPROG-chgrp}"
+stripprog="${STRIPPROG-strip}"
+rmprog="${RMPROG-rm}"
+mkdirprog="${MKDIRPROG-mkdir}"
+
+transformbasename=""
+transform_arg=""
+instcmd="$mvprog"
+chmodcmd="$chmodprog 0755"
+chowncmd=""
+chgrpcmd=""
+stripcmd=""
+rmcmd="$rmprog -f"
+mvcmd="$mvprog"
+src=""
+dst=""
+dir_arg=""
+
+while [ x"$1" != x ]; do
+    case $1 in
+	-c) instcmd="$cpprog"
+	    shift
+	    continue;;
+
+	-d) dir_arg=true
+	    shift
+	    continue;;
+
+	-m) chmodcmd="$chmodprog $2"
+	    shift
+	    shift
+	    continue;;
+
+	-o) chowncmd="$chownprog $2"
+	    shift
+	    shift
+	    continue;;
+
+	-g) chgrpcmd="$chgrpprog $2"
+	    shift
+	    shift
+	    continue;;
+
+	-s) stripcmd="$stripprog"
+	    shift
+	    continue;;
+
+	-t=*) transformarg=`echo $1 | sed 's/-t=//'`
+	    shift
+	    continue;;
+
+	-b=*) transformbasename=`echo $1 | sed 's/-b=//'`
+	    shift
+	    continue;;
+
+	*)  if [ x"$src" = x ]
+	    then
+		src=$1
+	    else
+		# this colon is to work around a 386BSD /bin/sh bug
+		:
+		dst=$1
+	    fi
+	    shift
+	    continue;;
+    esac
+done
+
+if [ x"$src" = x ]
+then
+	echo "install:	no input file specified"
+	exit 1
+else
+	true
+fi
+
+if [ x"$dir_arg" != x ]; then
+	dst=$src
+	src=""
+	
+	if [ -d $dst ]; then
+		instcmd=:
+		chmodcmd=""
+	else
+		instcmd=mkdir
+	fi
+else
+
+# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
+# might cause directories to be created, which would be especially bad 
+# if $src (and thus $dsttmp) contains '*'.
+
+	if [ -f $src -o -d $src ]
+	then
+		true
+	else
+		echo "install:  $src does not exist"
+		exit 1
+	fi
+	
+	if [ x"$dst" = x ]
+	then
+		echo "install:	no destination specified"
+		exit 1
+	else
+		true
+	fi
+
+# If destination is a directory, append the input filename; if your system
+# does not like double slashes in filenames, you may need to add some logic
+
+	if [ -d $dst ]
+	then
+		dst="$dst"/`basename $src`
+	else
+		true
+	fi
+fi
+
+## this sed command emulates the dirname command
+dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
+
+# Make sure that the destination directory exists.
+#  this part is taken from Noah Friedman's mkinstalldirs script
+
+# Skip lots of stat calls in the usual case.
+if [ ! -d "$dstdir" ]; then
+defaultIFS='	
+'
+IFS="${IFS-${defaultIFS}}"
+
+oIFS="${IFS}"
+# Some sh's can't handle IFS=/ for some reason.
+IFS='%'
+set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'`
+IFS="${oIFS}"
+
+pathcomp=''
+
+while [ $# -ne 0 ] ; do
+	pathcomp="${pathcomp}${1}"
+	shift
+
+	if [ ! -d "${pathcomp}" ] ;
+        then
+		$mkdirprog "${pathcomp}"
+	else
+		true
+	fi
+
+	pathcomp="${pathcomp}/"
+done
+fi
+
+if [ x"$dir_arg" != x ]
+then
+	$doit $instcmd $dst &&
+
+	if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
+	if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
+	if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
+	if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
+else
+
+# If we're going to rename the final executable, determine the name now.
+
+	if [ x"$transformarg" = x ] 
+	then
+		dstfile=`basename $dst`
+	else
+		dstfile=`basename $dst $transformbasename | 
+			sed $transformarg`$transformbasename
+	fi
+
+# don't allow the sed command to completely eliminate the filename
+
+	if [ x"$dstfile" = x ] 
+	then
+		dstfile=`basename $dst`
+	else
+		true
+	fi
+
+# Make a temp file name in the proper directory.
+
+	dsttmp=$dstdir/#inst.$$#
+
+# Move or copy the file name to the temp name
+
+	$doit $instcmd $src $dsttmp &&
+
+	trap "rm -f ${dsttmp}" 0 &&
+
+# and set any options; do chmod last to preserve setuid bits
+
+# If any of these fail, we abort the whole thing.  If we want to
+# ignore errors from any of these, just make sure not to ignore
+# errors from the above "$doit $instcmd $src $dsttmp" command.
+
+	if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
+	if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
+	if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
+	if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
+
+# Now rename the file to the real destination.
+
+	$doit $rmcmd -f $dstdir/$dstfile &&
+	$doit $mvcmd $dsttmp $dstdir/$dstfile 
+
+fi &&
+
+
+exit 0
diff --git a/external/privoxy/jarfile b/external/privoxy/jarfile
new file mode 100644
index 0000000..e69de29
diff --git a/external/privoxy/jbsockets.c b/external/privoxy/jbsockets.c
new file mode 100644
index 0000000..4548ff2
--- /dev/null
+++ b/external/privoxy/jbsockets.c
@@ -0,0 +1,1054 @@
+const char jbsockets_rcs[] = "$Id: jbsockets.c,v 1.50 2008/12/20 14:53:55 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/jbsockets.c,v $
+ *
+ * Purpose     :  Contains wrappers for system-specific sockets code,
+ *                so that the rest of Junkbuster can be more
+ *                OS-independent.  Contains #ifdefs to make this work
+ *                on many platforms.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2007 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: jbsockets.c,v $
+ *    Revision 1.50  2008/12/20 14:53:55  fabiankeil
+ *    Add config option socket-timeout to control the time
+ *    Privoxy waits for data to arrive on a socket. Useful
+ *    in case of stale ssh tunnels or when fuzz-testing.
+ *
+ *    Revision 1.49  2008/11/10 17:03:57  fabiankeil
+ *    Fix a gcc44 warning and remove a now-obsolete cast.
+ *
+ *    Revision 1.48  2008/09/04 08:13:58  fabiankeil
+ *    Prepare for critical sections on Windows by adding a
+ *    layer of indirection before the pthread mutex functions.
+ *
+ *    Revision 1.47  2008/03/26 18:07:07  fabiankeil
+ *    Add hostname directive. Closes PR#1918189.
+ *
+ *    Revision 1.46  2008/03/21 11:13:57  fabiankeil
+ *    Only gather host information if it's actually needed.
+ *    Also move the code out of accept_connection() so it's less likely
+ *    to delay other incoming connections if the host is misconfigured.
+ *
+ *    Revision 1.45  2007/09/30 16:59:22  fabiankeil
+ *    Set the maximum listen() backlog to 128. Apparently SOMAXCONN is
+ *    neither high enough, nor a hard limit on mingw32. Again for BR#1795281.
+ *
+ *    Revision 1.44  2007/09/15 13:01:31  fabiankeil
+ *    Increase listen() backlog to SOMAXCONN (or 128) to decrease
+ *    chances of dropped connections under load. Problem reported
+ *    and fix suggested by nobody in BR#1795281.
+ *
+ *    Revision 1.43  2007/06/01 18:16:36  fabiankeil
+ *    Use the same mutex for gethostbyname() and gethostbyaddr() to prevent
+ *    deadlocks and crashes on OpenBSD and possibly other OS with neither
+ *    gethostbyname_r() nor gethostaddr_r(). Closes BR#1729174.
+ *    Thanks to Ralf Horstmann for report and solution.
+ *
+ *    Revision 1.42  2007/04/01 17:37:07  fabiankeil
+ *    - Add DNS retries for Solaris and other systems
+ *      whose gethostbyname_r version takes five arguments.
+ *    - Move maximum number of DNS retries into a macro.
+ *
+ *    Revision 1.41  2006/11/13 19:05:51  fabiankeil
+ *    Make pthread mutex locking more generic. Instead of
+ *    checking for OSX and OpenBSD, check for FEATURE_PTHREAD
+ *    and use mutex locking unless there is an _r function
+ *    available. Better safe than sorry.
+ *
+ *    Fixes "./configure --disable-pthread" and should result
+ *    in less threading-related problems on pthread-using platforms,
+ *    but it still doesn't fix BR#1122404.
+ *
+ *    Revision 1.40  2006/09/02 15:36:42  fabiankeil
+ *    Follow the OpenBSD port's lead and protect the resolve
+ *    functions on OpenBSD as well.
+ *
+ *    Revision 1.39  2006/08/03 02:46:41  david__schmidt
+ *    Incorporate Fabian Keil's patch work:http://www.fabiankeil.de/sourcecode/privoxy/
+ *
+ *    Revision 1.38  2006/07/18 14:48:46  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.35.2.8  2006/01/21 16:16:08  david__schmidt
+ *    Thanks to  Edward Carrel for his patch to modernize OSX'spthreads support.  See bug #1409623.
+ *
+ *    Revision 1.35.2.7  2005/05/07 21:50:55  david__schmidt
+ *    A few memory leaks plugged (mostly on error paths)
+ *
+ *    Revision 1.35.2.6  2003/12/17 16:34:40  oes
+ *    Cosmetics
+ *
+ *    Revision 1.35.2.5  2003/04/29 11:32:54  oes
+ *    Don't rely on h_addr being non-NULL after gethostbyname.
+ *    Works around an oddness in Max OSX and closes bug #724796
+ *
+ *    Revision 1.35.2.4  2003/04/04 12:40:20  oes
+ *    Made sure the errno set by bind, not close[socket] is used in
+ *    bind_port. Probably fixes bugs #713777, #705562.
+ *
+ *    Revision 1.35.2.3  2003/03/07 03:41:04  david__schmidt
+ *    Wrapping all *_r functions (the non-_r versions of them) with mutex semaphores for OSX.  Hopefully this will take care of all of those pesky crash reports.
+ *
+ *    Revision 1.35.2.2  2002/11/20 14:37:24  oes
+ *    Fixed Win32 error logging in bind_port.
+ *    Thanks to Oliver Stoeneberg for the hint.
+ *
+ *    Revision 1.35.2.1  2002/05/26 23:41:27  joergs
+ *    AmigaOS: Fixed wrong type of len in write_socket()
+ *
+ *    Revision 1.35  2002/04/26 15:50:04  joergs
+ *    AmigaOS: No socklen_t, added AMIGA to the systems using int instead.
+ *
+ *    Revision 1.34  2002/04/08 20:31:41  swa
+ *    fixed JB spelling
+ *
+ *    Revision 1.33  2002/04/03 16:02:18  gliptak
+ *    Correcting compile warning with older gcc
+ *
+ *    Revision 1.32  2002/03/31 17:18:59  jongfoster
+ *    Win32 only: Enabling STRICT to fix a VC++ compile warning.
+ *
+ *    Revision 1.31  2002/03/29 03:33:13  david__schmidt
+ *    Fix Mac OSX compiler warnings
+ *
+ *    Revision 1.30  2002/03/27 14:32:43  david__schmidt
+ *    More compiler warning message maintenance
+ *
+ *    Revision 1.29  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.28  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.27  2002/03/13 00:27:05  jongfoster
+ *    Killing warnings
+ *
+ *    Revision 1.26  2002/03/11 22:07:02  david__schmidt
+ *    OS/2 port maintenance:
+ *    - Fixed EMX build - it had decayed a little
+ *    - Fixed inexplicable crash during FD_ZERO - must be due to a bad macro.
+ *      substituted a memset for now.
+ *
+ *    Revision 1.25  2002/03/09 20:03:52  jongfoster
+ *    - Making various functions return int rather than size_t.
+ *      (Undoing a recent change).  Since size_t is unsigned on
+ *      Windows, functions like read_socket that return -1 on
+ *      error cannot return a size_t.
+ *
+ *      THIS WAS A MAJOR BUG - it caused frequent, unpredictable
+ *      crashes, and also frequently caused JB to jump to 100%
+ *      CPU and stay there.  (Because it thought it had just
+ *      read ((unsigned)-1) == 4Gb of data...)
+ *
+ *    - The signature of write_socket has changed, it now simply
+ *      returns success=0/failure=nonzero.
+ *
+ *    - Trying to get rid of a few warnings --with-debug on
+ *      Windows, I've introduced a new type "jb_socket".  This is
+ *      used for the socket file descriptors.  On Windows, this
+ *      is SOCKET (a typedef for unsigned).  Everywhere else, it's
+ *      an int.  The error value can't be -1 any more, so it's
+ *      now JB_INVALID_SOCKET (which is -1 on UNIX, and in
+ *      Windows it maps to the #define INVALID_SOCKET.)
+ *
+ *    - The signature of bind_port has changed.
+ *
+ *    Revision 1.24  2002/03/07 03:51:36  oes
+ *     - Improved handling of failed DNS lookups
+ *     - Fixed compiler warnings etc
+ *
+ *    Revision 1.23  2002/03/05 00:36:01  jongfoster
+ *    Fixing bug 514988 - unable to restart Junkbuster
+ *
+ *    Revision 1.22  2002/03/04 02:08:02  david__schmidt
+ *    Enable web editing of actions file on OS/2 (it had been broken all this time!)
+ *
+ *    Revision 1.21  2002/01/09 14:32:33  oes
+ *    Added support for gethostbyname_r and gethostbyaddr_r.
+ *
+ *    Revision 1.20  2001/11/16 00:48:48  jongfoster
+ *    Enabling duplicate-socket detection for all platforms, not
+ *    just Win32.
+ *
+ *    Revision 1.19  2001/10/25 03:40:47  david__schmidt
+ *    Change in porting tactics: OS/2's EMX porting layer doesn't allow multiple
+ *    threads to call select() simultaneously.  So, it's time to do a real, live,
+ *    native OS/2 port.  See defines for __EMX__ (the porting layer) vs. __OS2__
+ *    (native). Both versions will work, but using __OS2__ offers multi-threading.
+ *
+ *    Revision 1.18  2001/09/21 23:02:02  david__schmidt
+ *    Cleaning up 2 compiler warnings on OS/2.
+ *
+ *    Revision 1.17  2001/09/13 20:11:46  jongfoster
+ *    Fixing 2 compiler warnings under Win32
+ *
+ *    Revision 1.16  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.15  2001/07/29 17:40:43  jongfoster
+ *    Fixed compiler warning by adding a cast
+ *
+ *    Revision 1.14  2001/07/18 13:47:59  oes
+ *    Eliminated dirty hack for getsockbyname()
+ *
+ *    Revision 1.13  2001/07/15 13:56:57  jongfoster
+ *    Removing unused local variable.
+ *
+ *    Revision 1.12  2001/07/01 17:04:11  oes
+ *    Bugfix: accept_connection no longer uses the obsolete hstrerror() function
+ *
+ *    Revision 1.11  2001/06/29 21:45:41  oes
+ *    Indentation, CRLF->LF, Tab-> Space
+ *
+ *    Revision 1.10  2001/06/29 13:29:15  oes
+ *    - Added remote (server) host IP to csp->http->host_ip_addr_str
+ *    - Added detection of local socket IP and fqdn
+ *    - Removed logentry from cancelled commit
+ *
+ *    Revision 1.9  2001/06/07 23:06:09  jongfoster
+ *    The host parameter to connect_to() is now const.
+ *
+ *    Revision 1.8  2001/06/03 19:12:07  oes
+ *    filled comment
+ *
+ *    Revision 1.7  2001/05/28 16:14:00  jongfoster
+ *    Fixing bug in LOG_LEVEL_LOG
+ *
+ *    Revision 1.6  2001/05/26 17:28:32  jongfoster
+ *    Fixed LOG_LEVEL_LOG
+ *
+ *    Revision 1.5  2001/05/26 15:26:15  jongfoster
+ *    ACL feature now provides more security by immediately dropping
+ *    connections from untrusted hosts.
+ *
+ *    Revision 1.4  2001/05/26 00:37:42  jongfoster
+ *    Cosmetic indentation correction.
+ *
+ *    Revision 1.3  2001/05/25 21:57:54  jongfoster
+ *    Now gives a warning under Windows if you try to bind
+ *    it to a port that's already in use.
+ *
+ *    Revision 1.2  2001/05/17 23:01:01  oes
+ *     - Cleaned CRLF's from the sources and related files
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:54  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+#include <stdlib.h>
+#include <stdio.h>
+#include <string.h>
+#include <errno.h>
+#include <fcntl.h>
+#include <sys/types.h>
+
+#ifdef _WIN32
+
+#ifndef STRICT
+#define STRICT
+#endif
+#include <windows.h>
+#include <sys/timeb.h>
+#include <io.h>
+
+#else
+
+#ifndef __OS2__
+#include <unistd.h>
+#endif
+#include <sys/time.h>
+#include <netinet/in.h>
+#include <sys/ioctl.h>
+#include <netdb.h>
+#include <sys/socket.h>
+
+#ifndef __BEOS__
+#include <netinet/tcp.h>
+#ifndef __OS2__
+#include <arpa/inet.h>
+#endif
+#else
+#include <socket.h>
+#endif
+
+#if defined(__EMX__) || defined (__OS2__)
+#include <sys/select.h>  /* OS/2/EMX needs a little help with select */
+#ifdef __OS2__
+#include <nerrno.h>
+#endif
+#endif
+
+#endif
+
+#include "project.h"
+
+#ifdef FEATURE_PTHREAD
+#include "jcc.h"
+/* jcc.h is for mutex semaphores only */
+#endif /* def FEATURE_PTHREAD */
+
+#include "jbsockets.h"
+#include "filters.h"
+#include "errlog.h"
+
+const char jbsockets_h_rcs[] = JBSOCKETS_H_VERSION;
+
+/*
+ * Maximum number of gethostbyname(_r) retries in case of
+ * soft errors (TRY_AGAIN).
+ * XXX: Does it make sense to make this a config option?
+ */
+#define MAX_DNS_RETRIES 10
+
+#define MAX_LISTEN_BACKLOG 128
+
+
+/*********************************************************************
+ *
+ * Function    :  connect_to
+ *
+ * Description :  Open a socket and connect to it.  Will check
+ *                that this is allowed according to ACL.
+ *
+ * Parameters  :
+ *          1  :  host = hostname to connect to
+ *          2  :  portnum = port to connent on (XXX: should be unsigned)
+ *          3  :  csp = Current client state (buffers, headers, etc...)
+ *                      Not modified, only used for source IP and ACL.
+ *
+ * Returns     :  JB_INVALID_SOCKET => failure, else it is the socket
+ *                file descriptor.
+ *
+ *********************************************************************/
+jb_socket connect_to(const char *host, int portnum, struct client_state *csp)
+{
+   struct sockaddr_in inaddr;
+   jb_socket fd;
+   unsigned int addr;
+   fd_set wfds;
+   struct timeval tv[1];
+#if !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA)
+   int   flags;
+#endif /* !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) */
+
+#ifdef FEATURE_ACL
+   struct access_control_addr dst[1];
+#endif /* def FEATURE_ACL */
+
+   memset((char *)&inaddr, 0, sizeof inaddr);
+
+   if ((addr = resolve_hostname_to_ip(host)) == INADDR_NONE)
+   {
+      csp->http->host_ip_addr_str = strdup("unknown");
+      return(JB_INVALID_SOCKET);
+   }
+
+#ifdef FEATURE_ACL
+   dst->addr = ntohl(addr);
+   dst->port = portnum;
+
+   if (block_acl(dst, csp))
+   {
+#ifdef __OS2__
+      errno = SOCEPERM;
+#else
+      errno = EPERM;
+#endif
+      return(JB_INVALID_SOCKET);
+   }
+#endif /* def FEATURE_ACL */
+
+   inaddr.sin_addr.s_addr = addr;
+   inaddr.sin_family      = AF_INET;
+   csp->http->host_ip_addr_str = strdup(inet_ntoa(inaddr.sin_addr));
+
+#ifndef _WIN32
+   if (sizeof(inaddr.sin_port) == sizeof(short))
+#endif /* ndef _WIN32 */
+   {
+      inaddr.sin_port = htons((unsigned short) portnum);
+   }
+#ifndef _WIN32
+   else
+   {
+      inaddr.sin_port = htonl((unsigned long)portnum);
+   }
+#endif /* ndef _WIN32 */
+
+#ifdef _WIN32
+   if ((fd = socket(inaddr.sin_family, SOCK_STREAM, 0)) == JB_INVALID_SOCKET)
+#else
+   if ((fd = socket(inaddr.sin_family, SOCK_STREAM, 0)) < 0)
+#endif
+   {
+      return(JB_INVALID_SOCKET);
+   }
+
+#ifdef TCP_NODELAY
+   {  /* turn off TCP coalescence */
+      int mi = 1;
+      setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, (char *) &mi, sizeof (int));
+   }
+#endif /* def TCP_NODELAY */
+
+#if !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) && !defined(__OS2__)
+   if ((flags = fcntl(fd, F_GETFL, 0)) != -1)
+   {
+      flags |= O_NDELAY;
+      fcntl(fd, F_SETFL, flags);
+   }
+#endif /* !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) && !defined(__OS2__) */
+
+   while (connect(fd, (struct sockaddr *) & inaddr, sizeof inaddr) == JB_INVALID_SOCKET)
+   {
+#ifdef _WIN32
+      if (errno == WSAEINPROGRESS)
+#elif __OS2__ 
+      if (sock_errno() == EINPROGRESS)
+#else /* ifndef _WIN32 */
+      if (errno == EINPROGRESS)
+#endif /* ndef _WIN32 || __OS2__ */
+      {
+         break;
+      }
+
+#ifdef __OS2__ 
+      if (sock_errno() != EINTR)
+#else
+      if (errno != EINTR)
+#endif /* __OS2__ */
+      {
+         close_socket(fd);
+         return(JB_INVALID_SOCKET);
+      }
+   }
+
+#if !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) && !defined(__OS2__)
+   if (flags != -1)
+   {
+      flags &= ~O_NDELAY;
+      fcntl(fd, F_SETFL, flags);
+   }
+#endif /* !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) && !defined(__OS2__) */
+
+   /* wait for connection to complete */
+   FD_ZERO(&wfds);
+   FD_SET(fd, &wfds);
+
+   tv->tv_sec  = 30;
+   tv->tv_usec = 0;
+
+   /* MS Windows uses int, not SOCKET, for the 1st arg of select(). Wierd! */
+   if (select((int)fd + 1, NULL, &wfds, NULL, tv) <= 0)
+   {
+      close_socket(fd);
+      return(JB_INVALID_SOCKET);
+   }
+   return(fd);
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  write_socket
+ *
+ * Description :  Write the contents of buf (for n bytes) to socket fd.
+ *
+ * Parameters  :
+ *          1  :  fd = file descriptor (aka. handle) of socket to write to.
+ *          2  :  buf = pointer to data to be written.
+ *          3  :  len = length of data to be written to the socket "fd".
+ *
+ * Returns     :  0 on success (entire buffer sent).
+ *                nonzero on error.
+ *
+ *********************************************************************/
+#ifdef AMIGA
+int write_socket(jb_socket fd, const char *buf, ssize_t len)
+#else
+int write_socket(jb_socket fd, const char *buf, size_t len)
+#endif
+{
+   if (len == 0)
+   {
+      return 0;
+   }
+
+   if (len < 0) /* constant condition - size_t isn't ever negative */ 
+   {
+      return 1;
+   }
+
+   log_error(LOG_LEVEL_LOG, "%N", len, buf);
+
+#if defined(_WIN32)
+   return (send(fd, buf, (int)len, 0) != (int)len);
+#elif defined(__BEOS__) || defined(AMIGA)
+   return (send(fd, buf, len, 0) != len);
+#elif defined(__OS2__)
+   /*
+    * Break the data up into SOCKET_SEND_MAX chunks for sending...
+    * OS/2 seemed to complain when the chunks were too large.
+    */
+#define SOCKET_SEND_MAX 65000
+   {
+      int write_len = 0, send_len, send_rc = 0, i = 0;
+      while ((i < len) && (send_rc != -1))
+      {
+         if ((i + SOCKET_SEND_MAX) > len)
+            send_len = len - i;
+         else
+            send_len = SOCKET_SEND_MAX;
+         send_rc = send(fd,(char*)buf + i, send_len, 0);
+         if (send_rc == -1)
+            return 1;
+         i = i + send_len;
+      }
+      return 0;
+   }
+#else
+   return (write(fd, buf, len) != len);
+#endif
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  read_socket
+ *
+ * Description :  Read from a TCP/IP socket in a platform independent way.
+ *
+ * Parameters  :
+ *          1  :  fd = file descriptor of the socket to read
+ *          2  :  buf = pointer to buffer where data will be written
+ *                Must be >= len bytes long.
+ *          3  :  len = maximum number of bytes to read
+ *
+ * Returns     :  On success, the number of bytes read is returned (zero
+ *                indicates end of file), and the file position is advanced
+ *                by this number.  It is not an error if this number is
+ *                smaller than the number of bytes requested; this may hap-
+ *                pen for example because fewer bytes are actually available
+ *                right now (maybe because we were close to end-of-file, or
+ *                because we are reading from a pipe, or from a terminal,
+ *                or because read() was interrupted by a signal).  On error,
+ *                -1 is returned, and errno is set appropriately.  In this
+ *                case it is left unspecified whether the file position (if
+ *                any) changes.
+ *
+ *********************************************************************/
+int read_socket(jb_socket fd, char *buf, int len)
+{
+   if (len <= 0)
+   {
+      return(0);
+   }
+
+#if defined(_WIN32)
+   return(recv(fd, buf, len, 0));
+#elif defined(__BEOS__) || defined(AMIGA) || defined(__OS2__)
+   return(recv(fd, buf, (size_t)len, 0));
+#else
+   return(read(fd, buf, (size_t)len));
+#endif
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  data_is_available
+ *
+ * Description :  Waits for data to arrive on a socket.
+ *
+ * Parameters  :
+ *          1  :  fd = file descriptor of the socket to read
+ *          2  :  seconds_to_wait = number of seconds after which we give up.
+ *
+ * Returns     :  TRUE if data arrived in time,
+ *                FALSE otherwise.
+ *
+ *********************************************************************/
+int data_is_available(jb_socket fd, int seconds_to_wait)
+{
+   fd_set rfds;
+   struct timeval timeout;
+   int n;
+
+   memset(&timeout, 0, sizeof(timeout));
+   timeout.tv_sec = seconds_to_wait;
+
+#ifdef __OS2__
+   /* Copy and pasted from jcc.c ... */
+   memset(&rfds, 0, sizeof(fd_set));
+#else
+   FD_ZERO(&rfds);
+#endif
+   FD_SET(fd, &rfds);
+
+   n = select(fd+1, &rfds, NULL, NULL, &timeout);
+
+   /*
+    * XXX: Do we care about the different error conditions?
+    */
+   return (n == 1);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  close_socket
+ *
+ * Description :  Closes a TCP/IP socket
+ *
+ * Parameters  :
+ *          1  :  fd = file descriptor of socket to be closed
+ *
+ * Returns     :  void
+ *
+ *********************************************************************/
+void close_socket(jb_socket fd)
+{
+#if defined(_WIN32) || defined(__BEOS__)
+   closesocket(fd);
+#elif defined(AMIGA)
+   CloseSocket(fd); 
+#elif defined(__OS2__)
+   soclose(fd);
+#else
+   close(fd);
+#endif
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  bind_port
+ *
+ * Description :  Call socket, set socket options, and listen.
+ *                Called by listen_loop to "boot up" our proxy address.
+ *
+ * Parameters  :
+ *          1  :  hostnam = TCP/IP address to bind/listen to
+ *          2  :  portnum = port to listen on
+ *          3  :  pfd = pointer used to return file descriptor.
+ *
+ * Returns     :  if success, returns 0 and sets *pfd.
+ *                if failure, returns -3 if address is in use,
+ *                                    -2 if address unresolvable,
+ *                                    -1 otherwise
+ *********************************************************************/
+int bind_port(const char *hostnam, int portnum, jb_socket *pfd)
+{
+   struct sockaddr_in inaddr;
+   jb_socket fd;
+#ifndef _WIN32
+   int one = 1;
+#endif /* ndef _WIN32 */
+
+   *pfd = JB_INVALID_SOCKET;
+
+   memset((char *)&inaddr, '\0', sizeof inaddr);
+
+   inaddr.sin_family      = AF_INET;
+   inaddr.sin_addr.s_addr = resolve_hostname_to_ip(hostnam);
+
+   if (inaddr.sin_addr.s_addr == INADDR_NONE)
+   {
+      return(-2);
+   }
+
+#ifndef _WIN32
+   if (sizeof(inaddr.sin_port) == sizeof(short))
+#endif /* ndef _WIN32 */
+   {
+      inaddr.sin_port = htons((unsigned short) portnum);
+   }
+#ifndef _WIN32
+   else
+   {
+      inaddr.sin_port = htonl((unsigned long) portnum);
+   }
+#endif /* ndef _WIN32 */
+
+   fd = socket(AF_INET, SOCK_STREAM, 0);
+
+#ifdef _WIN32
+   if (fd == JB_INVALID_SOCKET)
+#else
+   if (fd < 0)
+#endif
+   {
+      return(-1);
+   }
+
+#ifndef _WIN32
+   /*
+    * This is not needed for Win32 - in fact, it stops
+    * duplicate instances of Privoxy from being caught.
+    *
+    * On UNIX, we assume the user is sensible enough not
+    * to start Privoxy multiple times on the same IP.
+    * Without this, stopping and restarting Privoxy
+    * from a script fails.
+    * Note: SO_REUSEADDR is meant to only take over
+    * sockets which are *not* in listen state in Linux,
+    * e.g. sockets in TIME_WAIT. YMMV.
+    */
+   setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, (char *)&one, sizeof(one));
+#endif /* ndef _WIN32 */
+
+   if (bind(fd, (struct sockaddr *)&inaddr, sizeof(inaddr)) < 0)
+   {
+#ifdef _WIN32
+      errno = WSAGetLastError();
+      if (errno == WSAEADDRINUSE)
+#else
+      if (errno == EADDRINUSE)
+#endif
+      {
+         close_socket(fd);
+         return(-3);
+      }
+      else
+      {
+         close_socket(fd);
+         return(-1);
+      }
+   }
+
+   while (listen(fd, MAX_LISTEN_BACKLOG) == -1)
+   {
+      if (errno != EINTR)
+      {
+         return(-1);
+      }
+   }
+
+   *pfd = fd;
+   return 0;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_host_information
+ *
+ * Description :  Determines the IP address the client used to
+ *                reach us and the hostname associated with it.
+ *
+ *                XXX: Most of the code has been copy and pasted
+ *                from accept_connection() and not all of the
+ *                ifdefs paths have been tested afterwards.
+ *
+ * Parameters  :
+ *          1  :  afd = File descriptor returned from accept().
+ *          2  :  ip_address = Pointer to return the pointer to
+ *                             the ip address string.
+ *          3  :  hostname =   Pointer to return the pointer to
+ *                             the hostname or NULL if the caller
+ *                             isn't interested in it.
+ *
+ * Returns     :  void.
+ *
+ *********************************************************************/
+void get_host_information(jb_socket afd, char **ip_address, char **hostname)
+{
+   struct sockaddr_in server;
+   struct hostent *host = NULL;
+#if defined(_WIN32) || defined(__OS2__) || defined(__APPLE_CC__) || defined(AMIGA)
+   /* according to accept_connection() this fixes a warning. */
+   int s_length;
+#else
+   socklen_t s_length;
+#endif
+#if defined(HAVE_GETHOSTBYADDR_R_8_ARGS) ||  defined(HAVE_GETHOSTBYADDR_R_7_ARGS) || defined(HAVE_GETHOSTBYADDR_R_5_ARGS)
+   struct hostent result;
+#if defined(HAVE_GETHOSTBYADDR_R_5_ARGS)
+   struct hostent_data hdata;
+#else
+   char hbuf[HOSTENT_BUFFER_SIZE];
+   int thd_err;
+#endif /* def HAVE_GETHOSTBYADDR_R_5_ARGS */
+#endif /* def HAVE_GETHOSTBYADDR_R_(8|7|5)_ARGS */
+   s_length = sizeof(server);
+
+   if (NULL != hostname)
+   {
+      *hostname = NULL;
+   }
+   *ip_address = NULL;
+
+   if (!getsockname(afd, (struct sockaddr *) &server, &s_length))
+   {
+      *ip_address = strdup(inet_ntoa(server.sin_addr));
+
+      if (NULL == hostname)
+      {
+         /*
+          * We're done here, the caller isn't
+          * interested in knowing the hostname.
+          */
+         return;
+      }
+#if defined(HAVE_GETHOSTBYADDR_R_8_ARGS)
+      gethostbyaddr_r((const char *)&server.sin_addr,
+                      sizeof(server.sin_addr), AF_INET,
+                      &result, hbuf, HOSTENT_BUFFER_SIZE,
+                      &host, &thd_err);
+#elif defined(HAVE_GETHOSTBYADDR_R_7_ARGS)
+      host = gethostbyaddr_r((const char *)&server.sin_addr,
+                      sizeof(server.sin_addr), AF_INET,
+                      &result, hbuf, HOSTENT_BUFFER_SIZE, &thd_err);
+#elif defined(HAVE_GETHOSTBYADDR_R_5_ARGS)
+      if (0 == gethostbyaddr_r((const char *)&server.sin_addr,
+                               sizeof(server.sin_addr), AF_INET,
+                               &result, &hdata))
+      {
+         host = &result;
+      }
+      else
+      {
+         host = NULL;
+      }
+#elif FEATURE_PTHREAD
+      privoxy_mutex_lock(&resolver_mutex);
+      host = gethostbyaddr((const char *)&server.sin_addr, 
+                           sizeof(server.sin_addr), AF_INET);
+      privoxy_mutex_unlock(&resolver_mutex);
+#else
+      host = gethostbyaddr((const char *)&server.sin_addr, 
+                           sizeof(server.sin_addr), AF_INET);
+#endif
+      if (host == NULL)
+      {
+         log_error(LOG_LEVEL_ERROR, "Unable to get my own hostname: %E\n");
+      }
+      else
+      {
+         *hostname = strdup(host->h_name);
+      }
+   }
+
+   return;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  accept_connection
+ *
+ * Description :  Accepts a connection on a socket.  Socket must have
+ *                been created using bind_port().
+ *
+ * Parameters  :
+ *          1  :  csp = Client state, cfd, ip_addr_str, and 
+ *                ip_addr_long will be set by this routine.
+ *          2  :  fd  = file descriptor returned from bind_port
+ *
+ * Returns     :  when a connection is accepted, it returns 1 (TRUE).
+ *                On an error it returns 0 (FALSE).
+ *
+ *********************************************************************/
+int accept_connection(struct client_state * csp, jb_socket fd)
+{
+   struct sockaddr_in client;
+   jb_socket afd;
+#if defined(_WIN32) || defined(__OS2__) || defined(__APPLE_CC__) || defined(AMIGA)
+   /* Wierdness - fix a warning. */
+   int c_length;
+#else
+   socklen_t c_length;
+#endif
+
+   c_length = sizeof(client);
+
+#ifdef _WIN32
+   afd = accept (fd, (struct sockaddr *) &client, &c_length);
+   if (afd == JB_INVALID_SOCKET)
+   {
+      return 0;
+   }
+#else
+   do
+   {
+      afd = accept (fd, (struct sockaddr *) &client, &c_length);
+   } while (afd < 1 && errno == EINTR);
+   if (afd < 0)
+   {
+      return 0;
+   }
+#endif
+
+   csp->cfd = afd;
+   csp->ip_addr_str  = strdup(inet_ntoa(client.sin_addr));
+   csp->ip_addr_long = ntohl(client.sin_addr.s_addr);
+
+   return 1;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  resolve_hostname_to_ip
+ *
+ * Description :  Resolve a hostname to an internet tcp/ip address.
+ *                NULL or an empty string resolve to INADDR_ANY.
+ *
+ * Parameters  :
+ *          1  :  host = hostname to resolve
+ *
+ * Returns     :  INADDR_NONE => failure, INADDR_ANY or tcp/ip address if succesful.
+ *
+ *********************************************************************/
+unsigned long resolve_hostname_to_ip(const char *host)
+{
+   struct sockaddr_in inaddr;
+   struct hostent *hostp;
+   unsigned int dns_retries = 0;
+#if defined(HAVE_GETHOSTBYNAME_R_6_ARGS) || defined(HAVE_GETHOSTBYNAME_R_5_ARGS) || defined(HAVE_GETHOSTBYNAME_R_3_ARGS)
+   struct hostent result;
+#if defined(HAVE_GETHOSTBYNAME_R_6_ARGS) || defined(HAVE_GETHOSTBYNAME_R_5_ARGS)
+   char hbuf[HOSTENT_BUFFER_SIZE];
+   int thd_err;
+#else /* defined(HAVE_GETHOSTBYNAME_R_3_ARGS) */
+   struct hostent_data hdata;
+#endif /* def HAVE_GETHOSTBYNAME_R_(6|5)_ARGS */
+#endif /* def HAVE_GETHOSTBYNAME_R_(6|5|3)_ARGS */
+
+   if ((host == NULL) || (*host == '\0'))
+   {
+      return(INADDR_ANY);
+   }
+
+   memset((char *) &inaddr, 0, sizeof inaddr);
+
+   if ((inaddr.sin_addr.s_addr = inet_addr(host)) == -1)
+   {
+#if defined(HAVE_GETHOSTBYNAME_R_6_ARGS)
+      while (gethostbyname_r(host, &result, hbuf,
+                HOSTENT_BUFFER_SIZE, &hostp, &thd_err)
+             && (thd_err == TRY_AGAIN) && (dns_retries++ < MAX_DNS_RETRIES))
+      {   
+         log_error(LOG_LEVEL_ERROR,
+            "Timeout #%u while trying to resolve %s. Trying again.",
+            dns_retries, host);
+      }
+#elif defined(HAVE_GETHOSTBYNAME_R_5_ARGS)
+      while (NULL == (hostp = gethostbyname_r(host, &result,
+                                 hbuf, HOSTENT_BUFFER_SIZE, &thd_err))
+             && (thd_err == TRY_AGAIN) && (dns_retries++ < MAX_DNS_RETRIES))
+      {   
+         log_error(LOG_LEVEL_ERROR,
+            "Timeout #%u while trying to resolve %s. Trying again.",
+            dns_retries, host);
+      }
+#elif defined(HAVE_GETHOSTBYNAME_R_3_ARGS)
+      /*
+       * XXX: Doesn't retry in case of soft errors.
+       * Does this gethostbyname_r version set h_errno?
+       */
+      if (0 == gethostbyname_r(host, &result, &hdata))
+      {
+         hostp = &result;
+      }
+      else
+      {
+         hostp = NULL;
+      }
+#elif FEATURE_PTHREAD
+      privoxy_mutex_lock(&resolver_mutex);
+      while (NULL == (hostp = gethostbyname(host))
+             && (h_errno == TRY_AGAIN) && (dns_retries++ < MAX_DNS_RETRIES))
+      {   
+         log_error(LOG_LEVEL_ERROR,
+            "Timeout #%u while trying to resolve %s. Trying again.",
+            dns_retries, host);
+      }
+      privoxy_mutex_unlock(&resolver_mutex);
+#else
+      while (NULL == (hostp = gethostbyname(host))
+             && (h_errno == TRY_AGAIN) && (dns_retries++ < MAX_DNS_RETRIES))
+      {
+         log_error(LOG_LEVEL_ERROR,
+            "Timeout #%u while trying to resolve %s. Trying again.",
+            dns_retries, host);
+      }
+#endif /* def HAVE_GETHOSTBYNAME_R_(6|5|3)_ARGS */
+      /*
+       * On Mac OSX, if a domain exists but doesn't have a type A
+       * record associated with it, the h_addr member of the struct
+       * hostent returned by gethostbyname is NULL, even if h_length
+       * is 4. Therefore the second test below.
+       */
+      if (hostp == NULL || hostp->h_addr == NULL)
+      {
+         errno = EINVAL;
+         log_error(LOG_LEVEL_ERROR, "could not resolve hostname %s", host);
+         return(INADDR_NONE);
+      }
+      if (hostp->h_addrtype != AF_INET)
+      {
+#ifdef _WIN32
+         errno = WSAEPROTOTYPE;
+#else
+         errno = EPROTOTYPE;
+#endif 
+         log_error(LOG_LEVEL_ERROR, "hostname %s resolves to unknown address type.", host);
+         return(INADDR_NONE);
+      }
+      memcpy(
+         (char *) &inaddr.sin_addr,
+         (char *) hostp->h_addr,
+         sizeof(inaddr.sin_addr)
+      );
+   }
+   return(inaddr.sin_addr.s_addr);
+
+}
+
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/jbsockets.h b/external/privoxy/jbsockets.h
new file mode 100644
index 0000000..115cb6a
--- /dev/null
+++ b/external/privoxy/jbsockets.h
@@ -0,0 +1,149 @@
+#ifndef JBSOCKETS_H_INCLUDED
+#define JBSOCKETS_H_INCLUDED
+#define JBSOCKETS_H_VERSION "$Id: jbsockets.h,v 1.14 2008/12/20 14:53:55 fabiankeil Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/jbsockets.h,v $
+ *
+ * Purpose     :  Contains wrappers for system-specific sockets code,
+ *                so that the rest of Junkbuster can be more
+ *                OS-independent.  Contains #ifdefs to make this work
+ *                on many platforms.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: jbsockets.h,v $
+ *    Revision 1.14  2008/12/20 14:53:55  fabiankeil
+ *    Add config option socket-timeout to control the time
+ *    Privoxy waits for data to arrive on a socket. Useful
+ *    in case of stale ssh tunnels or when fuzz-testing.
+ *
+ *    Revision 1.13  2008/03/21 11:13:59  fabiankeil
+ *    Only gather host information if it's actually needed.
+ *    Also move the code out of accept_connection() so it's less likely
+ *    to delay other incoming connections if the host is misconfigured.
+ *
+ *    Revision 1.12  2006/07/18 14:48:46  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.9.2.1  2002/05/26 23:41:27  joergs
+ *    AmigaOS: Fixed wrong type of len in write_socket()
+ *
+ *    Revision 1.9  2002/04/08 20:31:41  swa
+ *    fixed JB spelling
+ *
+ *    Revision 1.8  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.7  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.6  2002/03/13 00:27:05  jongfoster
+ *    Killing warnings
+ *
+ *    Revision 1.5  2002/03/09 20:03:52  jongfoster
+ *    - Making various functions return int rather than size_t.
+ *      (Undoing a recent change).  Since size_t is unsigned on
+ *      Windows, functions like read_socket that return -1 on
+ *      error cannot return a size_t.
+ *
+ *      THIS WAS A MAJOR BUG - it caused frequent, unpredictable
+ *      crashes, and also frequently caused JB to jump to 100%
+ *      CPU and stay there.  (Because it thought it had just
+ *      read ((unsigned)-1) == 4Gb of data...)
+ *
+ *    - The signature of write_socket has changed, it now simply
+ *      returns success=0/failure=nonzero.
+ *
+ *    - Trying to get rid of a few warnings --with-debug on
+ *      Windows, I've introduced a new type "jb_socket".  This is
+ *      used for the socket file descriptors.  On Windows, this
+ *      is SOCKET (a typedef for unsigned).  Everywhere else, it's
+ *      an int.  The error value can't be -1 any more, so it's
+ *      now JB_INVALID_SOCKET (which is -1 on UNIX, and in
+ *      Windows it maps to the #define INVALID_SOCKET.)
+ *
+ *    - The signature of bind_port has changed.
+ *
+ *    Revision 1.4  2002/03/07 03:51:36  oes
+ *     - Improved handling of failed DNS lookups
+ *     - Fixed compiler warnings etc
+ *
+ *    Revision 1.3  2001/07/29 19:01:11  jongfoster
+ *    Changed _FILENAME_H to FILENAME_H_INCLUDED.
+ *    Added forward declarations for needed structures.
+ *
+ *    Revision 1.2  2001/06/07 23:06:09  jongfoster
+ *    The host parameter to connect_to() is now const.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:54  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include "project.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct client_state;
+
+extern jb_socket connect_to(const char *host, int portnum, struct client_state *csp);
+#ifdef AMIGA
+extern int write_socket(jb_socket fd, const char *buf, ssize_t n);
+#else
+extern int write_socket(jb_socket fd, const char *buf, size_t n);
+#endif
+extern int read_socket(jb_socket fd, char *buf, int n);
+extern int data_is_available(jb_socket fd, int seconds_to_wait);
+extern void close_socket(jb_socket fd);
+
+extern int bind_port(const char *hostnam, int portnum, jb_socket *pfd);
+extern int accept_connection(struct client_state * csp, jb_socket fd);
+extern void get_host_information(jb_socket afd, char **ip_address, char **hostname);
+
+extern unsigned long resolve_hostname_to_ip(const char *host);
+
+/* Revision control strings from this header and associated .c file */
+extern const char jbsockets_rcs[];
+extern const char jbsockets_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef JBSOCKETS_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/jcc.c b/external/privoxy/jcc.c
new file mode 100644
index 0000000..1007128
--- /dev/null
+++ b/external/privoxy/jcc.c
@@ -0,0 +1,4486 @@
+const char jcc_rcs[] = "$Id: jcc.c,v 1.235 2009/03/18 21:01:20 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/jcc.c,v $
+ *
+ * Purpose     :  Main file.  Contains main() method, main loop, and
+ *                the main connection-handling function.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2009 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: jcc.c,v $
+ *    Revision 1.235  2009/03/18 21:01:20  fabiankeil
+ *    Comment fix. Spotted by Roland.
+ *
+ *    Revision 1.234  2009/03/18 20:48:42  fabiankeil
+ *    If the --no-daemon option is used, enable LOG_LEVEL_INFO
+ *    before the config file has been parsed (as we always did).
+ *
+ *    Revision 1.233  2009/03/13 14:10:07  fabiankeil
+ *    Fix some more harmless warnings on amd64.
+ *
+ *    Revision 1.232  2009/03/08 19:29:16  fabiankeil
+ *    Reinitialize the timeout structure every time before passing
+ *    it to select(). Apparently some implementations mess with it.
+ *    Probably fixes #2669131 reported by cyberpatrol.
+ *
+ *    Revision 1.231  2009/03/08 14:19:23  fabiankeil
+ *    Fix justified (but harmless) compiler warnings
+ *    on platforms where sizeof(int) < sizeof(long).
+ *
+ *    Revision 1.230  2009/03/07 13:09:17  fabiankeil
+ *    Change csp->expected_content and_csp->expected_content_length from
+ *    size_t to unsigned long long to reduce the likelihood of integer
+ *    overflows that would let us close the connection prematurely.
+ *    Bug found while investigating #2669131, reported by cyberpatrol.
+ *
+ *    Revision 1.229  2009/03/07 11:17:01  fabiankeil
+ *    Fix compiler warning.
+ *
+ *    Revision 1.228  2009/03/06 20:30:13  fabiankeil
+ *    Log unsigned values as such.
+ *
+ *    Revision 1.227  2009/03/02 19:18:11  fabiankeil
+ *    Streamline parse_http_request()'s prototype. As
+ *    cparser pointed out it doesn't actually use csp.
+ *
+ *    Revision 1.226  2009/03/01 18:28:24  fabiankeil
+ *    Help clang understand that we aren't dereferencing
+ *    NULL pointers here.
+ *
+ *    Revision 1.225  2009/02/19 18:09:32  fabiankeil
+ *    Unbreak build without FEATURE_CONNECTION_KEEP_ALIVE.
+ *    Noticed by David.
+ *
+ *    Revision 1.224  2009/02/14 15:32:04  fabiankeil
+ *    Add the request URL to the timeout message in chat().
+ *    Suggested by Lee.
+ *
+ *    Revision 1.223  2009/02/09 21:21:16  fabiankeil
+ *    Now that init_log_module() is called earlier, call show_version()
+ *    later on from main() directly so it doesn't get called for --help
+ *    or --version.
+ *
+ *    Revision 1.222  2009/02/08 12:56:51  fabiankeil
+ *    Call initialize_mutexes() before init_log_module() again.
+ *    Broken since r220, might be the cause of Lee's #2579448.
+ *
+ *    Revision 1.221  2009/02/06 18:02:58  fabiankeil
+ *    When dropping privileges, also give up membership in supplementary
+ *    groups. Thanks to Matthias Drochner for reporting the problem,
+ *    providing the initial patch and testing the final version.
+ *
+ *    Revision 1.220  2009/02/04 18:29:07  fabiankeil
+ *    Initialize the log module before parsing arguments.
+ *    Thanks to Matthias Drochner for the report.
+ *
+ *    Revision 1.219  2009/01/31 16:08:21  fabiankeil
+ *    Remove redundant error check in receive_client_request().
+ *
+ *    Revision 1.218  2009/01/31 12:25:54  fabiankeil
+ *    Flatten indentation in receive_client_request().
+ *
+ *    Revision 1.217  2009/01/07 19:50:09  fabiankeil
+ *    - If the socket-timeout has been reached and the client
+ *      hasn't received any data yet, send an explanation before
+ *      closing the connection.
+ *    - In get_request_line(), signal timeouts the right way.
+ *
+ *    Revision 1.216  2008/12/24 22:13:11  ler762
+ *    fix GCC 3.4.4 warning
+ *
+ *    Revision 1.215  2008/12/24 17:06:19  fabiankeil
+ *    Keep a thread around to timeout alive connections
+ *    even if no new requests are coming in.
+ *
+ *    Revision 1.214  2008/12/20 14:53:55  fabiankeil
+ *    Add config option socket-timeout to control the time
+ *    Privoxy waits for data to arrive on a socket. Useful
+ *    in case of stale ssh tunnels or when fuzz-testing.
+ *
+ *    Revision 1.213  2008/12/15 18:45:51  fabiankeil
+ *    When logging crunches, log the whole URL, so one can easily
+ *    differentiate between vanilla HTTP and CONNECT requests.
+ *
+ *    Revision 1.212  2008/12/14 15:46:22  fabiankeil
+ *    Give crunched requests their own log level.
+ *
+ *    Revision 1.211  2008/12/06 10:05:03  fabiankeil
+ *    Downgrade "Received x bytes while expecting y." message to
+ *    LOG_LEVEL_CONNECT as it doesn't necessarily indicate an error.
+ *
+ *    Revision 1.210  2008/12/02 22:03:18  fabiankeil
+ *    Don't miscalculate byte_count if we don't get all the
+ *    server headers with one read_socket() call. With keep-alive
+ *    support enabled, this caused delays until the server closed
+ *    the connection.
+ *
+ *    Revision 1.209  2008/11/27 09:44:04  fabiankeil
+ *    Cosmetics for the last commit: Don't watch out for
+ *    the last chunk if the content isn't chunk-encoded or
+ *    if we already determined the content length previously.
+ *
+ *    Revision 1.208  2008/11/26 18:24:17  fabiankeil
+ *    Recognize that the server response is complete if the
+ *    last chunk is read together with the server headers.
+ *    Reported by Lee.
+ *
+ *    Revision 1.207  2008/11/25 17:25:16  fabiankeil
+ *    Don't convert the client-header list to text until we need to.
+ *
+ *    Revision 1.206  2008/11/23 17:00:11  fabiankeil
+ *    Some more chat() cosmetics.
+ *
+ *    Revision 1.205  2008/11/16 12:43:49  fabiankeil
+ *    Turn keep-alive support into a runtime feature
+ *    that is disabled by setting keep-alive-timeout
+ *    to a negative value.
+ *
+ *    Revision 1.204  2008/11/06 19:42:17  fabiankeil
+ *    Fix last-chunk detection hack to also apply
+ *    if buf[] contains nothing but the last-chunk.
+ *
+ *    Revision 1.203  2008/11/06 18:34:35  fabiankeil
+ *    Factor receive_client_request() and
+ *    parse_client_request() out of chat().
+ *
+ *    Revision 1.202  2008/11/02 18:40:34  fabiankeil
+ *    If we received a different amount of data than we expected,
+ *    log a warning and make sure the server socket isn't reused.
+ *
+ *    Revision 1.201  2008/11/02 16:48:20  fabiankeil
+ *    Revert revision 1.195 and try again.
+ *
+ *    Revision 1.200  2008/10/26 16:53:18  fabiankeil
+ *    Fix gcc44 warning.
+ *
+ *    Revision 1.199  2008/10/26 15:36:10  fabiankeil
+ *    Remove two debug messages with LOG_LEVEL_INFO.
+ *
+ *    Revision 1.198  2008/10/22 15:19:55  fabiankeil
+ *    Once More, With Feeling: if there is no logfile
+ *    because the user didn't specify one, we shouldn't
+ *    call init_error_log() after receiving SIGHUP either.
+ *
+ *    Revision 1.197  2008/10/20 17:02:40  fabiankeil
+ *    If SIGHUP is received while we aren't running in daemon
+ *    mode, calling init_error_log() would be a mistake.
+ *
+ *    Revision 1.196  2008/10/16 09:16:41  fabiankeil
+ *    - Fix two gcc44 conversion warnings.
+ *    - Don't bother logging the last five bytes
+ *      of the 0-chunk.
+ *
+ *    Revision 1.195  2008/10/13 16:04:37  fabiankeil
+ *    Make sure we don't try to reuse tainted server sockets.
+ *
+ *    Revision 1.194  2008/10/12 18:35:18  fabiankeil
+ *    The last commit was a bit too ambitious, apparently the content
+ *    length adjustment is only necessary if we aren't buffering.
+ *
+ *    Revision 1.193  2008/10/12 15:57:35  fabiankeil
+ *    Fix content length calculation if we read headers
+ *    and the start of the body at once. Now that we have
+ *    FEATURE_CONNECTION_KEEP_ALIVE, it actually matters.
+ *
+ *    Revision 1.192  2008/10/11 18:19:14  fabiankeil
+ *    Even more chat() cosmetics.
+ *
+ *    Revision 1.191  2008/10/11 18:00:14  fabiankeil
+ *    Reformat some comments in chat().
+ *
+ *    Revision 1.190  2008/10/11 14:58:00  fabiankeil
+ *    In case of chunk-encoded content, stop reading if
+ *    the buffer looks like it ends with the last chunk.
+ *
+ *    Revision 1.189  2008/10/11 09:53:00  fabiankeil
+ *    Let server_response_is_complete() deal properly with
+ *    content that is neither buffered nor read all at once.
+ *
+ *    Revision 1.188  2008/10/09 18:21:41  fabiankeil
+ *    Flush work-in-progress changes to keep outgoing connections
+ *    alive where possible. Incomplete and mostly #ifdef'd out.
+ *
+ *    Revision 1.187  2008/09/07 12:35:05  fabiankeil
+ *    Add mutex lock support for _WIN32.
+ *
+ *    Revision 1.186  2008/09/04 08:13:58  fabiankeil
+ *    Prepare for critical sections on Windows by adding a
+ *    layer of indirection before the pthread mutex functions.
+ *
+ *    Revision 1.185  2008/08/30 12:03:07  fabiankeil
+ *    Remove FEATURE_COOKIE_JAR.
+ *
+ *    Revision 1.184  2008/08/22 15:34:45  fabiankeil
+ *    - Silence LLVM/Clang complaint.
+ *    - Make received_hup_signal static.
+ *    - Hide definitions for basedir, pidfile and received_hup_signal
+ *      from __EMX__ as they only seem to be used in case of #ifdef unix.
+ *
+ *    Revision 1.183  2008/08/21 07:09:35  fabiankeil
+ *    Accept Shoutcast responses again. Problem reported
+ *    and fix suggested by Stefan in #2062860.
+ *
+ *    Revision 1.182  2008/06/27 11:13:56  fabiankeil
+ *    Fix possible NULL-pointer dereference reported
+ *    by din_a4 in #2003937. Pointy hat to me.
+ *
+ *    Revision 1.181  2008/05/21 15:47:15  fabiankeil
+ *    Streamline sed()'s prototype and declare
+ *    the header parse and add structures static.
+ *
+ *    Revision 1.180  2008/05/21 15:26:32  fabiankeil
+ *    - Mark csp as immutable for send_crunch_response().
+ *    - Fix comment spelling.
+ *
+ *    Revision 1.179  2008/05/20 20:13:32  fabiankeil
+ *    Factor update_server_headers() out of sed(), ditch the
+ *    first_run hack and make server_patterns_light static.
+ *
+ *    Revision 1.178  2008/05/10 13:23:38  fabiankeil
+ *    Don't provide get_header() with the whole client state
+ *    structure when it only needs access to csp->iob.
+ *
+ *    Revision 1.177  2008/05/10 11:51:12  fabiankeil
+ *    Make the "read the rest of the headers" loop a bit more readable.
+ *
+ *    Revision 1.176  2008/05/10 11:37:57  fabiankeil
+ *    - Instead of logging when the IIS5 hack is enabled, log when it fails.
+ *    - Remove useless comment.
+ *
+ *    Revision 1.175  2008/05/09 18:53:59  fabiankeil
+ *    Fix comment grammar.
+ *
+ *    Revision 1.174  2008/05/07 18:05:53  fabiankeil
+ *    Remove the pointless buffer in client_protocol_is_unsupported().
+ *
+ *    Revision 1.173  2008/05/06 15:09:00  fabiankeil
+ *    Least-effort fix for bug #1821930 (reported by Lee):
+ *    If the response doesn't look like HTTP,
+ *    tell the client and log the problem.
+ *
+ *    Revision 1.172  2008/04/16 16:38:21  fabiankeil
+ *    Don't pass the whole csp structure to flush_socket()
+ *    when it only needs a file descriptor and a buffer.
+ *
+ *    Revision 1.171  2008/03/27 18:27:25  fabiankeil
+ *    Remove kill-popups action.
+ *
+ *    Revision 1.170  2008/03/06 16:33:46  fabiankeil
+ *    If limit-connect isn't used, don't limit CONNECT requests to port 443.
+ *
+ *    Revision 1.169  2008/03/04 18:30:39  fabiankeil
+ *    Remove the treat-forbidden-connects-like-blocks action. We now
+ *    use the "blocked" page for forbidden CONNECT requests by default.
+ *
+ *    Revision 1.168  2008/03/02 12:25:25  fabiankeil
+ *    Also use shiny new connect_port_is_forbidden() in jcc.c.
+ *
+ *    Revision 1.167  2008/02/23 16:57:12  fabiankeil
+ *    Rename url_actions() to get_url_actions() and let it
+ *    use the standard parameter ordering.
+ *
+ *    Revision 1.166  2008/02/23 16:33:43  fabiankeil
+ *    Let forward_url() use the standard parameter ordering
+ *    and mark its second parameter immutable.
+ *
+ *    Revision 1.165  2008/02/02 19:36:56  fabiankeil
+ *    Remove the "Listening ... for local connections only" log message.
+ *    Whether or not remote connections are able to reach Privoxy is up
+ *    to the operating system.
+ *
+ *    Revision 1.164  2007/12/16 18:32:46  fabiankeil
+ *    Prevent the log messages for CONNECT requests to unacceptable
+ *    ports from printing the limit-connect argument as [null] if
+ *    limit-connect hasn't been explicitly enabled.
+ *
+ *    Revision 1.163  2007/12/13 01:47:11  david__schmidt
+ *    Make sure all console-mode apps get a usage() instance
+ *
+ *    Revision 1.162  2007/12/06 17:54:57  fabiankeil
+ *    Reword NO_SERVER_DATA_RESPONSE to make it harder
+ *    to misunderstand what the message is all about.
+ *
+ *    Revision 1.161  2007/12/04 19:44:22  fabiankeil
+ *    Unbreak trustfile which previously didn't work without
+ *    FEATURE_TOGGLE. Fixes BR#1843585, reported by Lee.
+ *
+ *    Revision 1.160  2007/11/29 18:00:29  fabiankeil
+ *    Plug memory leak. Spotted by Valgrind, triggered by
+ *    Privoxy-Regression-Test feeding proxyfuzz.py.
+ *
+ *    Revision 1.159  2007/11/24 14:34:09  fabiankeil
+ *    In the HTTP snipplets, refer to the client as client.
+ *
+ *    Revision 1.158  2007/11/11 16:44:17  fabiankeil
+ *    Emit a log message when activating the MS IIS5 hack.
+ *
+ *    Revision 1.157  2007/11/03 17:34:49  fabiankeil
+ *    Log the "weak randomization factor" warning only
+ *    once for mingw32 and provide some more details.
+ *
+ *    Revision 1.156  2007/11/01 18:20:58  fabiankeil
+ *    Initialize log module after initializing mutexes, future
+ *    deadlocks in that code should now work cross-platform.
+ *
+ *    Revision 1.155  2007/10/23 20:12:45  fabiankeil
+ *    Fix first CSUCCEED line to end in \r\n as required by RFC1945.
+ *    Reported by Bert van Leeuwen in BR#1818808.
+ *
+ *    Revision 1.154  2007/10/19 17:00:08  fabiankeil
+ *    Downgrade "Flushing header and buffers" message to LOG_LEVEL_INFO.
+ *
+ *    Revision 1.153  2007/10/14 14:12:41  fabiankeil
+ *    When in daemon mode, close stderr after the configuration file has been
+ *    parsed the first time. If logfile isn't set, stop logging. Fixes BR#897436.
+ *
+ *    Revision 1.152  2007/10/04 18:03:34  fabiankeil
+ *    - Fix a crash when parsing invalid requests whose first header
+ *      is rejected by get_header(). Regression (re?)introduced
+ *      in r1.143 by yours truly.
+ *    - Move ACTION_VANILLA_WAFER handling into parsers.c's
+ *      client_cookie_adder() to make sure send-vanilla-wafer can be
+ *      controlled through tags (and thus regression-tested).
+ *
+ *    Revision 1.151  2007/09/29 10:21:16  fabiankeil
+ *    - Move get_filter_function() from jcc.c to filters.c
+ *      so the filter functions can be static.
+ *    - Don't bother filtering body-less responses.
+ *
+ *    Revision 1.150  2007/09/28 16:39:29  fabiankeil
+ *    Execute content filters through execute_content_filter().
+ *
+ *    Revision 1.149  2007/09/04 15:08:48  fabiankeil
+ *    Initialize req to NULL to make sure it's defined if the
+ *    first read_socket() call fails. Reported by icmp30.
+ *
+ *    Revision 1.148  2007/08/26 16:47:13  fabiankeil
+ *    Add Stephen Gildea's --pre-chroot-nslookup patch [#1276666],
+ *    extensive comments moved to user manual.
+ *
+ *    Revision 1.147  2007/08/25 14:42:40  fabiankeil
+ *    Don't crash if a broken header filter wiped out the request line.
+ *
+ *    Revision 1.146  2007/08/20 17:09:32  fabiankeil
+ *    Fix byte_count calculation in case of flushes
+ *    and don't parse the server headers a second time.
+ *
+ *    Revision 1.145  2007/08/19 13:13:31  fabiankeil
+ *    - If there's a connection problem after we already forwarded
+ *      parts of the original content, just hang up. Fixes BR#1776724.
+ *    - Fix warnings about unused code on mingw32.
+ *    - In case of flushes, calculate the byte count
+ *      less incorrectly (I think).
+ *
+ *    Revision 1.144  2007/08/11 14:43:22  fabiankeil
+ *    Add some more prototypes for static functions.
+ *
+ *    Revision 1.143  2007/08/05 13:58:19  fabiankeil
+ *    Comment out request_contains_null_bytes() until it's used again.
+ *
+ *    Revision 1.142  2007/08/05 13:50:26  fabiankeil
+ *    #1763173 from Stefan Huehner: s at const static at static const@
+ *    and declare some more functions static.
+ *
+ *    Revision 1.141  2007/08/04 09:56:23  fabiankeil
+ *    - Log rejected CONNECT requests with LOG_LEVEL_INFO
+ *      and explain why they were rejected in the first place.
+ *    - Fix the LOG_LEVEL_CLF message for crunches of unallowed
+ *      CONNECT requests. The request line was missing.
+ *    - Add two more XXX reminders as we don't have enough already.
+ *
+ *    Revision 1.140  2007/07/21 11:51:36  fabiankeil
+ *    As Hal noticed, checking dispatch_cgi() as the last cruncher
+ *    looks like a bug if CGI requests are blocked unintentionally,
+ *    so don't do it unless the user enabled the new config option
+ *    "allow-cgi-request-crunching".
+ *
+ *    Revision 1.139  2007/07/14 07:46:41  fabiankeil
+ *    - Allow to rewrite the request destination behind the client's back.
+ *    - Turn the weird-looking unconditional for loop that
+ *      reads the client request into a conditional while loop.
+ *      Move the stuff that only runs once out of the loop.
+ *    - Move parts of chat(), server_content_type() and the
+ *      necessary stuff to fix BR#1750917 into get_filter_function().
+ *
+ *    Revision 1.138  2007/06/03 18:45:18  fabiankeil
+ *    Temporary workaround for BR#1730105.
+ *
+ *    Revision 1.137  2007/06/01 18:16:36  fabiankeil
+ *    Use the same mutex for gethostbyname() and gethostbyaddr() to prevent
+ *    deadlocks and crashes on OpenBSD and possibly other OS with neither
+ *    gethostbyname_r() nor gethostaddr_r(). Closes BR#1729174.
+ *    Thanks to Ralf Horstmann for report and solution.
+ *
+ *    Revision 1.136  2007/06/01 16:41:11  fabiankeil
+ *    Add forward-override{} to change the forwarding settings through
+ *    action sections. This is mainly interesting to forward different
+ *    clients differently (for example based on User-Agent or request
+ *    origin).
+ *
+ *    Revision 1.135  2007/05/24 17:03:50  fabiankeil
+ *    - Let usage() mention the --chroot parameter.
+ *    - Use read_socket() consistently and always leave
+ *      the last buffer byte alone, even in cases where
+ *      null termination (currently) doesn't matter.
+ *
+ *    Revision 1.134  2007/05/16 14:59:46  fabiankeil
+ *    - Fix config file loading on Unix if no config file is specified.
+ *      Since r1.97 Privoxy would always interpret the last argument as
+ *      config file, even if it's a valid command line option.
+ *    - Abort in case of unrecognized command line options. Closes #1719696.
+ *    - Remove a bunch of unnecessary strcpy() calls (yay for c&p without thinking).
+ *    - Replace the remaining strcpy() and strcat() calls with strlcpy() and strcat().
+ *
+ *    Revision 1.133  2007/05/04 11:23:19  fabiankeil
+ *    - Don't rerun crunchers that only depend on the request URL.
+ *    - Don't count redirects and CGI requests as "blocked requests".
+ *
+ *    Revision 1.132  2007/04/25 15:15:17  fabiankeil
+ *    Support crunching based on tags created by server-header taggers.
+ *
+ *    Revision 1.131  2007/04/22 13:24:50  fabiankeil
+ *    Make HTTP snippets static (again). Add a Content-Type for those
+ *    with content so the browser doesn't guess it based on the URL.
+ *
+ *    Revision 1.130  2007/04/19 13:47:34  fabiankeil
+ *    Move crunching and request line rebuilding out of chat().
+ *
+ *    Revision 1.129  2007/04/15 16:39:20  fabiankeil
+ *    Introduce tags as alternative way to specify which
+ *    actions apply to a request. At the moment tags can be
+ *    created based on client and server headers.
+ *
+ *    Revision 1.128  2007/03/25 16:55:54  fabiankeil
+ *    Don't CLF-log CONNECT requests twice.
+ *
+ *    Revision 1.127  2007/03/20 13:53:17  fabiankeil
+ *    Log the source address for ACL-related connection drops.
+ *
+ *    Revision 1.126  2007/03/17 15:20:05  fabiankeil
+ *    New config option: enforce-blocks.
+ *
+ *    Revision 1.125  2007/03/09 14:12:00  fabiankeil
+ *    - Move null byte check into separate function.
+ *    - Don't confuse the client with error pages
+ *      if a CONNECT request was already confirmed.
+ *
+ *    Revision 1.124  2007/02/23 14:59:54  fabiankeil
+ *    Speed up NULL byte escaping and only log the complete
+ *    NULL byte requests with header debugging enabled.
+ *
+ *    Revision 1.123  2007/02/21 18:42:10  fabiankeil
+ *    Answer requests that contain NULL bytes with
+ *    a custom response instead of waiting for more
+ *    data until the client eventually hangs up.
+ *
+ *    Revision 1.122  2007/02/07 11:12:02  fabiankeil
+ *    - Move delivery and logging of crunched responses
+ *      from chat() into send_crunch_response().
+ *    - Display the reason for generating http_responses.
+ *    - Log the content length for LOG_LEVEL_CLF correctly
+ *      (still incorrect for some fixed responses).
+ *    - Reword an incorrect comment about
+ *      treat-forbidden-connects-like-blocks violating
+ *      the specs.
+ *    - Add some log messages.
+ *
+ *    Revision 1.121  2007/01/27 10:52:56  fabiankeil
+ *    Move mutex initialization into separate
+ *    function and exit in case of errors.
+ *
+ *    Revision 1.120  2007/01/26 14:18:42  fabiankeil
+ *    - Start to reduce chat()'s line count and move
+ *      parts of it into separate functions.
+ *    - Add "HTTP/1.1 100 Continue" hack for BR 756734.
+ *
+ *    Revision 1.119  2007/01/25 14:02:30  fabiankeil
+ *    - Add Proxy-Agent header to HTTP snippets that are
+ *      supposed to reach HTTP clients only.
+ *    - Made a few CONNECT log messages more descriptive.
+ *    - Catch completely empty server responses (as seen
+ *      with Tor's fake ".noconnect" top level domain).
+ *    - Use shiny new "forwarding-failed" template for socks errors.
+ *
+ *    Revision 1.118  2007/01/07 07:43:43  joergs
+ *    AmigaOS4 support added.
+ *
+ *    Revision 1.117  2006/12/31 17:56:37  fabiankeil
+ *    Added config option accept-intercepted-requests
+ *    and disabled it by default.
+ *
+ *    Revision 1.116  2006/12/29 19:08:22  fabiankeil
+ *    Reverted parts of my last commit
+ *    to keep error handling working.
+ *
+ *    Revision 1.115  2006/12/29 17:38:57  fabiankeil
+ *    Fixed gcc43 conversion warnings.
+ *
+ *    Revision 1.114  2006/12/27 18:52:02  fabiankeil
+ *    Fix -pedantic ISO C warning about converting
+ *    from function pointer to object pointer.
+ *
+ *    Revision 1.113  2006/12/26 17:38:50  fabiankeil
+ *    Silence compiler warning I introduced with my last commit.
+ *
+ *    Revision 1.112  2006/12/26 17:31:41  fabiankeil
+ *    Mutex protect rand() if POSIX threading
+ *    is used, warn the user if that's not possible
+ *    and stop using it on _WIN32 where it could
+ *    cause crashes.
+ *
+ *    Revision 1.111  2006/12/23 16:15:06  fabiankeil
+ *    Don't prevent core dumps by catching SIGABRT.
+ *    It's rude and makes debugging unreasonable painful.
+ *
+ *    Revision 1.110  2006/12/13 14:52:53  etresoft
+ *    Fix build failure on MacOS X. Global symbols can be either static or extern, but not both.
+ *
+ *    Revision 1.109  2006/12/06 19:41:40  fabiankeil
+ *    Privoxy is now able to run as intercepting
+ *    proxy in combination with any packet filter
+ *    that does the port redirection. The destination
+ *    is extracted from the "Host:" header which
+ *    should be available for nearly all requests.
+ *
+ *    Moved HTTP snipplets into jcc.c.
+ *    Added error message for gopher proxy requests.
+ *
+ *    Revision 1.108  2006/11/28 15:38:51  fabiankeil
+ *    Only unlink the pidfile if it's actually used.
+ *
+ *    Change order of interception checks to make
+ *    it possible to block or redirect requests for
+ *    the cgi pages.
+ *
+ *    Revision 1.107  2006/11/13 19:05:51  fabiankeil
+ *    Make pthread mutex locking more generic. Instead of
+ *    checking for OSX and OpenBSD, check for FEATURE_PTHREAD
+ *    and use mutex locking unless there is an _r function
+ *    available. Better safe than sorry.
+ *
+ *    Fixes "./configure --disable-pthread" and should result
+ *    in less threading-related problems on pthread-using platforms,
+ *    but it still doesn't fix BR#1122404.
+ *
+ *    Revision 1.106  2006/11/06 19:58:23  fabiankeil
+ *    Move pthread.h inclusion from jcc.c to jcc.h.
+ *    Fixes build on x86-freebsd1 (FreeBSD 5.4-RELEASE).
+ *
+ *    Revision 1.105  2006/11/06 14:26:02  fabiankeil
+ *    Don't exit after receiving the second SIGHUP on Solaris.
+ *
+ *    Fixes BR 1052235, but the same problem may exist on other
+ *    systems. Once 3.0.6 is out we should use sigset()
+ *    where available and see if it breaks anything.
+ *
+ *    Revision 1.104  2006/09/23 13:26:38  roro
+ *    Replace TABs by spaces in source code.
+ *
+ *    Revision 1.103  2006/09/21 12:54:43  fabiankeil
+ *    Fix +redirect{}. Didn't work with -fast-redirects.
+ *
+ *    Revision 1.102  2006/09/06 13:03:04  fabiankeil
+ *    Respond with 400 and a short text message
+ *    if the client tries to use Privoxy as FTP proxy.
+ *
+ *    Revision 1.101  2006/09/06 09:23:37  fabiankeil
+ *    Make number of retries in case of forwarded-connect problems
+ *    a config file option (forwarded-connect-retries) and use 0 as
+ *    default.
+ *
+ *    Revision 1.100  2006/09/03 19:42:59  fabiankeil
+ *    Set random(3) seed.
+ *
+ *    Revision 1.99  2006/09/02 15:36:42  fabiankeil
+ *    Follow the OpenBSD port's lead and protect the resolve
+ *    functions on OpenBSD as well.
+ *
+ *    Revision 1.98  2006/08/24 11:01:34  fabiankeil
+ *    --user fix. Only use the user as group if no group is specified.
+ *    Solves BR 1492612. Thanks to Spinor S. and David Laight.
+ *
+ *    Revision 1.97  2006/08/18 15:23:17  david__schmidt
+ *    Windows service (re-)integration
+ *
+ *    The new args are:
+ *
+ *    --install[:service_name]
+ *    --uninstall[:service_name]
+ *    --service
+ *
+ *    They work as follows:
+ *    --install will create a service for you and then terminate.
+ *    By default the service name will be "privoxy" (without the quotes).
+ *    However you can run multiple services if you wish, just by adding
+ *    a colon and then a name (no spaces).
+ *
+ *    --uninstall follows the exact same rules a --install.
+ *
+ *    --service is used when the program is executed by the service
+ *    control manager, and in normal circumstances would never be
+ *    used as a command line argument.
+ *
+ *    Revision 1.96  2006/08/15 20:12:36  david__schmidt
+ *    Windows service integration
+ *
+ *    Revision 1.95  2006/08/03 02:46:41  david__schmidt
+ *    Incorporate Fabian Keil's patch work:
+http://www.fabiankeil.de/sourcecode/privoxy/
+ *
+ *    Revision 1.94  2006/07/18 14:48:46  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.92.2.16  2005/04/03 20:10:50  david__schmidt
+ *    Thanks to Jindrich Makovicka for a race condition fix for the log
+ *    file.  The race condition remains for non-pthread implementations.
+ *    Reference patch #1175720.
+ *
+ *    Revision 1.92.2.15  2004/10/03 12:53:32  david__schmidt
+ *    Add the ability to check jpeg images for invalid
+ *    lengths of comment blocks.  Defensive strategy
+ *    against the exploit:
+ *       Microsoft Security Bulletin MS04-028
+ *       Buffer Overrun in JPEG Processing (GDI+) Could
+ *       Allow Code Execution (833987)
+ *    Enabled with +inspect-jpegs in actions files.
+ *
+ *    Revision 1.92.2.14  2003/12/12 12:52:53  oes
+ *    - Fixed usage info for non-unix platforms
+ *    - Fixed small cmdline parsing bug
+ *
+ *    Revision 1.92.2.13  2003/11/27 19:20:27  oes
+ *    Diagnostics: Now preserve the returncode of pthread_create
+ *    in errno. Closes BR #775721. Thanks to Geoffrey Hausheer.
+ *
+ *    Revision 1.92.2.12  2003/07/11 11:34:19  oes
+ *    No longer ignore SIGCHLD. Fixes bug #769381
+ *
+ *    Revision 1.92.2.11  2003/05/14 12:32:02  oes
+ *    Close jarfile on graceful exit, remove stray line
+ *
+ *    Revision 1.92.2.10  2003/05/08 15:13:46  oes
+ *    Cosmetics: Killed a warning, a typo and an allocation left at exit
+ *
+ *    Revision 1.92.2.9  2003/04/03 15:08:42  oes
+ *    No longer rely on non-POSIX.1 extensions of getcwd().
+ *    Fixes bug #711001
+ *
+ *    Revision 1.92.2.8  2003/03/31 13:12:32  oes
+ *    Replaced setenv() by posix-compliant putenv()
+ *    Thanks to Neil McCalden (nmcc AT users.sf.net).
+ *
+ *    Revision 1.92.2.7  2003/03/17 16:48:59  oes
+ *    Added chroot ability, thanks to patch by Sviatoslav Sviridov
+ *
+ *    Revision 1.92.2.6  2003/03/11 11:55:00  oes
+ *    Clean-up and extension of improvements for forked mode:
+ *     - Child's return code now consists of flags RC_FLAG_*
+ *     - Reporting toggle to parent now properly #ifdef'ed
+ *     - Children now report blocking to parent. This enables
+ *       statistics in forked mode
+ *
+ *    Revision 1.92.2.5  2003/03/10 23:45:32  oes
+ *    Fixed bug #700381: Non-Threaded version now capable of being toggled.
+ *    Children now report having been toggled through _exit(17), parents
+ *    watch for that code and toggle themselves if found.
+ *
+ *    Revision 1.92.2.4  2003/03/07 03:41:04  david__schmidt
+ *    Wrapping all *_r functions (the non-_r versions of them) with 
+ *    mutex semaphores for OSX.  Hopefully this will take care of all 
+ *    of those pesky crash reports.
+ *
+ *    Revision 1.92.2.3  2003/02/28 12:53:06  oes
+ *    Fixed two mostly harmless mem leaks
+ *
+ *    Revision 1.92.2.2  2002/11/20 14:37:47  oes
+ *    Fix: Head of global clients list now initialized to NULL
+ *
+ *    Revision 1.92.2.1  2002/09/25 14:52:24  oes
+ *    Added basic support for OPTIONS and TRACE HTTP methods:
+ *     - New interceptor direct_response() added in chat().
+ *     - sed() moved to earlier in the process, so that the
+ *       Host: header is evaluated before actions and forwarding
+ *       are decided on.
+ *
+ *    Revision 1.92  2002/05/08 16:00:46  oes
+ *    Chat's buffer handling:
+ *     - Fixed bug with unchecked out-of-mem conditions
+ *       while reading client request & server headers
+ *     - No longer predict if the buffer limit will be exceeded
+ *       in the next read -- check add_to_iob's new
+ *       return code. If buffer couldn't be extended
+ *       (policy or out-of-mem) while
+ *       - reading from client: abort
+ *       - reading server headers: send error page
+ *       - buffering server body for filter: flush,
+ *         and if that fails: send error page
+ *
+ *    Revision 1.91  2002/04/08 20:35:58  swa
+ *    fixed JB spelling
+ *
+ *    Revision 1.90  2002/04/02 14:57:28  oes
+ *    Made sending wafers independent of FEATURE_COOKIE_JAR
+ *
+ *    Revision 1.89  2002/03/31 17:18:59  jongfoster
+ *    Win32 only: Enabling STRICT to fix a VC++ compile warning.
+ *
+ *    Revision 1.88  2002/03/27 14:32:43  david__schmidt
+ *    More compiler warning message maintenance
+ *
+ *    Revision 1.87  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.86  2002/03/25 17:04:55  david__schmidt
+ *    Workaround for closing the jarfile before load_config() comes around again
+ *
+ *    Revision 1.85  2002/03/24 15:23:33  jongfoster
+ *    Name changes
+ *
+ *    Revision 1.84  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.83  2002/03/16 23:54:06  jongfoster
+ *    Adding graceful termination feature, to help look for memory leaks.
+ *    If you enable this (which, by design, has to be done by hand
+ *    editing config.h) and then go to http://i.j.b/die, then the program
+ *    will exit cleanly after the *next* request.  It should free all the
+ *    memory that was used.
+ *
+ *    Revision 1.82  2002/03/13 00:27:05  jongfoster
+ *    Killing warnings
+ *
+ *    Revision 1.81  2002/03/12 01:42:50  oes
+ *    Introduced modular filters
+ *
+ *    Revision 1.80  2002/03/11 22:07:05  david__schmidt
+ *    OS/2 port maintenance:
+ *    - Fixed EMX build - it had decayed a little
+ *    - Fixed inexplicable crash during FD_ZERO - must be due to a bad macro.
+ *      substituted a memset for now.
+ *
+ *    Revision 1.79  2002/03/09 20:03:52  jongfoster
+ *    - Making various functions return int rather than size_t.
+ *      (Undoing a recent change).  Since size_t is unsigned on
+ *      Windows, functions like read_socket that return -1 on
+ *      error cannot return a size_t.
+ *
+ *      THIS WAS A MAJOR BUG - it caused frequent, unpredictable
+ *      crashes, and also frequently caused JB to jump to 100%
+ *      CPU and stay there.  (Because it thought it had just
+ *      read ((unsigned)-1) == 4Gb of data...)
+ *
+ *    - The signature of write_socket has changed, it now simply
+ *      returns success=0/failure=nonzero.
+ *
+ *    - Trying to get rid of a few warnings --with-debug on
+ *      Windows, I've introduced a new type "jb_socket".  This is
+ *      used for the socket file descriptors.  On Windows, this
+ *      is SOCKET (a typedef for unsigned).  Everywhere else, it's
+ *      an int.  The error value can't be -1 any more, so it's
+ *      now JB_INVALID_SOCKET (which is -1 on UNIX, and in
+ *      Windows it maps to the #define INVALID_SOCKET.)
+ *
+ *    - The signature of bind_port has changed.
+ *
+ *    Revision 1.78  2002/03/08 21:35:04  oes
+ *    Added optional group supplement to --user option. Will now use default group of user if no group given
+ *
+ *    Revision 1.77  2002/03/07 03:52:06  oes
+ *     - Fixed compiler warnings etc
+ *     - Improved handling of failed DNS lookups
+ *
+ *    Revision 1.76  2002/03/06 22:54:35  jongfoster
+ *    Automated function-comment nitpicking.
+ *
+ *    Revision 1.75  2002/03/06 10:02:19  oes
+ *    Fixed stupid bug when --user was not given
+ *
+ *    Revision 1.74  2002/03/06 00:49:31  jongfoster
+ *    Fixing warning on Windows
+ *    Making #ifdefs that refer to the same variable consistently
+ *    use #ifdef unix rather than mixing #ifdef unix & #ifndef OS2
+ *
+ *    Revision 1.73  2002/03/05 23:57:30  hal9
+ *    Stray character 's' on line 1618 was breaking build.
+ *
+ *    Revision 1.72  2002/03/05 21:33:45  david__schmidt
+ *    - Re-enable OS/2 building after new parms were added
+ *    - Fix false out of memory report when resolving CGI templates when no IP
+ *      address is available of failed attempt (a la no such domain)
+ *
+ *    Revision 1.71  2002/03/05 18:13:56  oes
+ *    Added --user option
+ *
+ *    Revision 1.70  2002/03/05 04:52:42  oes
+ *    Deleted non-errlog debugging code
+ *
+ *    Revision 1.69  2002/03/04 23:50:00  jongfoster
+ *    Splitting off bind_port() call into bind_port_helper(), with
+ *    improved logging.
+ *
+ *    Revision 1.68  2002/03/04 20:17:32  oes
+ *    Fixed usage info
+ *
+ *    Revision 1.67  2002/03/04 18:18:57  oes
+ *    - Removed _DEBUG mode
+ *    - Cleand up cmdline parsing
+ *    - Introduced --no-daemon, --pidfile options
+ *    - Cleaned up signal handling:
+ *      - Terminate cleanly on INT, TERM and ABRT
+ *      - Schedule logfile for re-opening on HUP
+ *      - Ignore CHLD and PIPE
+ *      - Leave the rest with their default handlers
+ *      - Uniform handler registration
+ *    - Added usage() function
+ *    - Played styleguide police
+ *
+ *    Revision 1.66  2002/03/03 15:06:55  oes
+ *    Re-enabled automatic config reloading
+ *
+ *    Revision 1.65  2002/03/03 14:49:11  oes
+ *    Fixed CLF logging: Now uses client's original HTTP request
+ *
+ *    Revision 1.64  2002/03/03 09:18:03  joergs
+ *    Made jumbjuster work on AmigaOS again.
+ *
+ *    Revision 1.63  2002/03/02 04:14:50  david__schmidt
+ *    Clean up a little CRLF unpleasantness that suddenly appeared
+ *
+ *    Revision 1.62  2002/02/20 23:17:23  jongfoster
+ *    Detecting some out-of memory conditions and exiting with a log message.
+ *
+ *    Revision 1.61  2002/01/17 21:01:52  jongfoster
+ *    Moving all our URL and URL pattern parsing code to urlmatch.c.
+ *
+ *    Revision 1.60  2001/12/30 14:07:32  steudten
+ *    - Add signal handling (unix)
+ *    - Add SIGHUP handler (unix)
+ *    - Add creation of pidfile (unix)
+ *    - Add action 'top' in rc file (RH)
+ *    - Add entry 'SIGNALS' to manpage
+ *    - Add exit message to logfile (unix)
+ *
+ *    Revision 1.59  2001/12/13 14:07:18  oes
+ *    Fixed Bug: 503 error page now sent OK
+ *
+ *    Revision 1.58  2001/11/30 23:37:24  jongfoster
+ *    Renaming the Win32 config file to config.txt - this is almost the
+ *    same as the corresponding UNIX name "config"
+ *
+ *    Revision 1.57  2001/11/16 00:47:43  jongfoster
+ *    Changing the tty-disconnection code to use setsid().
+ *
+ *    Revision 1.56  2001/11/13 20:20:54  jongfoster
+ *    Tabs->spaces, fixing a bug with missing {} around an if()
+ *
+ *    Revision 1.55  2001/11/13 20:14:53  jongfoster
+ *    Patch for FreeBSD setpgrp() as suggested by Alexander Lazic
+ *
+ *    Revision 1.54  2001/11/07 00:03:14  steudten
+ *    Give reliable return value if an error
+ *    occurs not just 0 with new daemon mode.
+ *
+ *    Revision 1.53  2001/11/05 21:41:43  steudten
+ *    Add changes to be a real daemon just for unix os.
+ *    (change cwd to /, detach from controlling tty, set
+ *    process group and session leader to the own process.
+ *    Add DBG() Macro.
+ *    Add some fatal-error log message for failed malloc().
+ *    Add '-d' if compiled with 'configure --with-debug' to
+ *    enable debug output.
+ *
+ *    Revision 1.52  2001/10/26 20:11:20  jongfoster
+ *    Fixing type mismatch
+ *
+ *    Revision 1.51  2001/10/26 17:38:28  oes
+ *    Cosmetics
+ *
+ *    Revision 1.50  2001/10/25 03:40:48  david__schmidt
+ *    Change in porting tactics: OS/2's EMX porting layer doesn't allow multiple
+ *    threads to call select() simultaneously.  So, it's time to do a real, live,
+ *    native OS/2 port.  See defines for __EMX__ (the porting layer) vs. __OS2__
+ *    (native). Both versions will work, but using __OS2__ offers multi-threading.
+ *
+ *    Revision 1.49  2001/10/23 21:41:35  jongfoster
+ *    Added call to initialize the (statically-allocated of course)
+ *    "out of memory" CGI response.
+ *
+ *    Revision 1.48  2001/10/10 19:56:46  jongfoster
+ *    Moving some code that wasn't cookie-related out of an #ifdef
+ *    FEATURE_COOKIE_JAR
+ *
+ *    Revision 1.47  2001/10/10 16:44:36  oes
+ *    Added CONNECT destination port limitation check
+ *
+ *    Revision 1.46  2001/10/08 15:17:41  oes
+ *    Re-enabled SSL forwarding
+ *
+ *    Revision 1.45  2001/10/07 15:42:11  oes
+ *    Replaced 6 boolean members of csp with one bitmap (csp->flags)
+ *
+ *    Moved downgrading of the HTTP version from parse_http_request to
+ *      chat(), since we can't decide if it is necessary before we have
+ *      determined the actions for the URL. The HTTP command is now
+ *      *always* re-built so the repairs need no longer be special-cased.
+ *
+ *    filter_popups now gets a csp pointer so it can raise the new
+ *      CSP_FLAG_MODIFIED flag.
+ *
+ *    Bugfix
+ *
+ *    Added configurable size limit for the IOB. If the IOB grows so
+ *      large that the next read would exceed the limit, the header
+ *      is generated, and the header & unfiltered buffer are flushed
+ *      to the client. Chat then continues in non-buffering,
+ *      non-filtering body mode.
+ *
+ *    Revision 1.44  2001/10/02 18:13:57  oes
+ *    Ooops
+ *
+ *    Revision 1.43  2001/10/02 15:32:13  oes
+ *    Moved generation of hdr
+ *
+ *    Revision 1.42  2001/09/21 23:02:02  david__schmidt
+ *    Cleaning up 2 compiler warnings on OS/2.
+ *
+ *    Revision 1.41  2001/09/16 17:05:14  jongfoster
+ *    Removing unused #include showarg.h
+ *
+ *    Revision 1.40  2001/09/16 15:41:45  jongfoster
+ *    Fixing signed/unsigned comparison warning.
+ *
+ *    Revision 1.39  2001/09/16 13:21:27  jongfoster
+ *    Changes to use new list functions.
+ *
+ *    Revision 1.38  2001/09/16 13:01:46  jongfoster
+ *    Removing redundant function call that zeroed zalloc()'d memory.
+ *
+ *    Revision 1.37  2001/09/10 11:12:24  oes
+ *    Deleted unused variable
+ *
+ *    Revision 1.36  2001/09/10 10:56:15  oes
+ *    Silenced compiler warnings
+ *
+ *    Revision 1.35  2001/07/31 14:44:22  oes
+ *    Deleted unused size parameter from filter_popups()
+ *
+ *    Revision 1.34  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.33  2001/07/29 19:32:00  jongfoster
+ *    Renaming _main() [mingw32 only] to real_main(), for ANSI compliance.
+ *
+ *    Revision 1.32  2001/07/29 18:47:05  jongfoster
+ *    Adding missing #include "loadcfg.h"
+ *
+ *    Revision 1.31  2001/07/29 12:17:48  oes
+ *    Applied pthread fix by Paul Lieverse
+ *
+ *    Revision 1.30  2001/07/25 22:57:13  jongfoster
+ *    __BEOS__ no longer overrides FEATURE_PTHREAD.
+ *    This is because FEATURE_PTHREAD will soon be widely used, so I
+ *    want to keep it simple.
+ *
+ *    Revision 1.29  2001/07/24 12:47:06  oes
+ *    Applied BeOS support update by Eugenia
+ *
+ *    Revision 1.28  2001/07/23 13:26:12  oes
+ *    Fixed bug in popup-killing for the first read that caused binary garbage to be sent between headers and body
+ *
+ *    Revision 1.27  2001/07/19 19:09:47  haroon
+ *    - Added code to take care of the situation where while processing the first
+ *      server response (which includes the server header), after finding the end
+ *      of the headers we were not looking past the end of the headers for
+ *      content modification. I enabled it for filter_popups.
+ *      Someone else should look to see if other similar operations should be
+ *      done to the discarded portion of the buffer.
+ *
+ *      Note 2001/07/20: No, the other content modification mechanisms will process
+ *                       the whole iob later anyway. --oes
+ *
+ *    Revision 1.26  2001/07/18 12:31:36  oes
+ *    cosmetics
+ *
+ *    Revision 1.25  2001/07/15 19:43:49  jongfoster
+ *    Supports POSIX threads.
+ *    Also removed some unused #includes.
+ *
+ *    Revision 1.24  2001/07/13 14:00:40  oes
+ *     - Generic content modification scheme:
+ *       Each feature has its own applicability flag that is set
+ *       from csp->action->flags.
+ *       Replaced the "filtering" int flag , by a function pointer
+ *       "content_filter" to the function that will do the content
+ *       modification. If it is != NULL, the document will be buffered
+ *       and processed through *content_filter, which must set
+ *       csp->content_length and return a modified copy of the body
+ *       or return NULL (on failiure).
+ *     - Changed csp->is_text to the more generic bitmap csp->content_type
+ *       which can currently take the valued CT_TEXT or CT_GIF
+ *     - Reformatting etc
+ *     - Removed all #ifdef PCRS
+ *
+ *    Revision 1.23  2001/07/02 02:28:25  iwanttokeepanon
+ *    Added "#ifdef ACL_FILES" conditional compilation to line 1291 to exclude
+ *    the `block_acl' call.  This prevents a compilation error when the user
+ *    does not wish to use the "ACL" feature.
+ *
+ *    Revision 1.22  2001/06/29 21:45:41  oes
+ *    Indentation, CRLF->LF, Tab-> Space
+ *
+ *    Revision 1.21  2001/06/29 13:29:36  oes
+ *    - Cleaned up, improved comments
+ *    - Unified all possible interceptors (CGI,
+ *      block, trust, fast_redirect) in one
+ *      place, with one (CGI) answer generation
+ *      mechansim. Much clearer now.
+ *    - Removed the GIF image generation, which
+ *      is now done in filters.c:block_url()
+ *    - Made error conditions like domain lookup
+ *      failiure or (various) problems while talking
+ *      to the server use cgi.c:error_response()
+ *      instead of generating HTML/HTTP in chat() (yuck!)
+ *    - Removed logentry from cancelled commit
+ *
+ *    Revision 1.20  2001/06/09 10:55:28  jongfoster
+ *    Changing BUFSIZ ==> BUFFER_SIZE
+ *
+ *    Revision 1.19  2001/06/07 23:12:52  jongfoster
+ *    Replacing function pointer in struct gateway with a directly
+ *    called function forwarded_connect().
+ *    Replacing struct gateway with struct forward_spec
+ *
+ *    Revision 1.18  2001/06/03 19:12:16  oes
+ *    introduced new cgi handling
+ *
+ *    Revision 1.17  2001/06/01 20:07:23  jongfoster
+ *    Now uses action +image-blocker{} rather than config->tinygif
+ *
+ *    Revision 1.16  2001/06/01 18:49:17  jongfoster
+ *    Replaced "list_share" with "list" - the tiny memory gain was not
+ *    worth the extra complexity.
+ *
+ *    Revision 1.15  2001/05/31 21:24:47  jongfoster
+ *    Changed "permission" to "action" throughout.
+ *    Removed DEFAULT_USER_AGENT - it must now be specified manually.
+ *    Moved vanilla wafer check into chat(), since we must now
+ *    decide whether or not to add it based on the URL.
+ *
+ *    Revision 1.14  2001/05/29 20:14:01  joergs
+ *    AmigaOS bugfix: PCRS needs a lot of stack, stacksize for child threads
+ *    increased.
+ *
+ *    Revision 1.13  2001/05/29 09:50:24  jongfoster
+ *    Unified blocklist/imagelist/permissionslist.
+ *    File format is still under discussion, but the internal changes
+ *    are (mostly) done.
+ *
+ *    Also modified interceptor behaviour:
+ *    - We now intercept all URLs beginning with one of the following
+ *      prefixes (and *only* these prefixes):
+ *        * http://i.j.b/
+ *        * http://ijbswa.sf.net/config/
+ *        * http://ijbswa.sourceforge.net/config/
+ *    - New interceptors "home page" - go to http://i.j.b/ to see it.
+ *    - Internal changes so that intercepted and fast redirect pages
+ *      are not replaced with an image.
+ *    - Interceptors now have the option to send a binary page direct
+ *      to the client. (i.e. ijb-send-banner uses this)
+ *    - Implemented show-url-info interceptor.  (Which is why I needed
+ *      the above interceptors changes - a typical URL is
+ *      "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ *      The previous mechanism would not have intercepted that, and
+ *      if it had been intercepted then it then it would have replaced
+ *      it with an image.)
+ *
+ *    Revision 1.12  2001/05/27 22:17:04  oes
+ *
+ *    - re_process_buffer no longer writes the modified buffer
+ *      to the client, which was very ugly. It now returns the
+ *      buffer, which it is then written by chat.
+ *
+ *    - content_length now adjusts the Content-Length: header
+ *      for modified documents rather than crunch()ing it.
+ *      (Length info in csp->content_length, which is 0 for
+ *      unmodified documents)
+ *
+ *    - For this to work, sed() is called twice when filtering.
+ *
+ *    Revision 1.11  2001/05/26 17:27:53  jongfoster
+ *    Added support for CLF and fixed LOG_LEVEL_LOG.
+ *    Also did CRLF->LF fix of my previous patch.
+ *
+ *    Revision 1.10  2001/05/26 15:26:15  jongfoster
+ *    ACL feature now provides more security by immediately dropping
+ *    connections from untrusted hosts.
+ *
+ *    Revision 1.9  2001/05/26 00:28:36  jongfoster
+ *    Automatic reloading of config file.
+ *    Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32).
+ *    Most of the global variables have been moved to a new
+ *    struct configuration_spec, accessed through csp->config->globalname
+ *    Most of the globals remaining are used by the Win32 GUI.
+ *
+ *    Revision 1.8  2001/05/25 22:43:18  jongfoster
+ *    Fixing minor memory leak and buffer overflow.
+ *
+ *    Revision 1.7  2001/05/25 22:34:30  jongfoster
+ *    Hard tabs->Spaces
+ *
+ *    Revision 1.6  2001/05/23 00:13:58  joergs
+ *    AmigaOS support fixed.
+ *
+ *    Revision 1.5  2001/05/22 18:46:04  oes
+ *
+ *    - Enabled filtering banners by size rather than URL
+ *      by adding patterns that replace all standard banner
+ *      sizes with the "Junkbuster" gif to the re_filterfile
+ *
+ *    - Enabled filtering WebBugs by providing a pattern
+ *      which kills all 1x1 images
+ *
+ *    - Added support for PCRE_UNGREEDY behaviour to pcrs,
+ *      which is selected by the (nonstandard and therefore
+ *      capital) letter 'U' in the option string.
+ *      It causes the quantifiers to be ungreedy by default.
+ *      Appending a ? turns back to greedy (!).
+ *
+ *    - Added a new interceptor ijb-send-banner, which
+ *      sends back the "Junkbuster" gif. Without imagelist or
+ *      MSIE detection support, or if tinygif = 1, or the
+ *      URL isn't recognized as an imageurl, a lame HTML
+ *      explanation is sent instead.
+ *
+ *    - Added new feature, which permits blocking remote
+ *      script redirects and firing back a local redirect
+ *      to the browser.
+ *      The feature is conditionally compiled, i.e. it
+ *      can be disabled with --disable-fast-redirects,
+ *      plus it must be activated by a "fast-redirects"
+ *      line in the config file, has its own log level
+ *      and of course wants to be displayed by show-proxy-args
+ *      Note: Boy, all the #ifdefs in 1001 locations and
+ *      all the fumbling with configure.in and acconfig.h
+ *      were *way* more work than the feature itself :-(
+ *
+ *    - Because a generic redirect template was needed for
+ *      this, tinygif = 3 now uses the same.
+ *
+ *    - Moved GIFs, and other static HTTP response templates
+ *      to project.h
+ *
+ *    - Some minor fixes
+ *
+ *    - Removed some >400 CRs again (Jon, you really worked
+ *      a lot! ;-)
+ *
+ *    Revision 1.4  2001/05/21 19:34:01  jongfoster
+ *    Made failure to bind() a fatal error.
+ *
+ *    Revision 1.3  2001/05/20 01:21:20  jongfoster
+ *    Version 2.9.4 checkin.
+ *    - Merged popupfile and cookiefile, and added control over PCRS
+ *      filtering, in new "permissionsfile".
+ *    - Implemented LOG_LEVEL_FATAL, so that if there is a configuration
+ *      file error you now get a message box (in the Win32 GUI) rather
+ *      than the program exiting with no explanation.
+ *    - Made killpopup use the PCRS MIME-type checking and HTTP-header
+ *      skipping.
+ *    - Removed tabs from "config"
+ *    - Moved duplicated url parsing code in "loaders.c" to a new funcition.
+ *    - Bumped up version number.
+ *
+ *    Revision 1.2  2001/05/17 22:34:44  oes
+ *     - Added hint on GIF char array generation to jcc.c
+ *     - Cleaned CRLF's from the sources and related files
+ *     - Repaired logging for REF and FRC
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:56  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <stdlib.h>
+#include <string.h>
+#include <signal.h>
+#include <fcntl.h>
+#include <errno.h>
+#include <assert.h>
+
+#ifdef _WIN32
+# ifndef FEATURE_PTHREAD
+#  ifndef STRICT
+#   define STRICT
+#  endif
+#  include <windows.h>
+#  include <process.h>
+# endif /* ndef FEATURE_PTHREAD */
+
+# include "win32.h"
+# ifndef _WIN_CONSOLE
+#  include "w32log.h"
+# endif /* ndef _WIN_CONSOLE */
+# include "w32svrapi.h"
+
+#else /* ifndef _WIN32 */
+
+# if !defined (__OS2__)
+# include <unistd.h>
+# include <sys/wait.h>
+# endif /* ndef __OS2__ */
+# include <sys/time.h>
+# include <sys/stat.h>
+# include <sys/ioctl.h>
+
+#ifdef sun
+#include <sys/termios.h>
+#endif /* sun */
+
+#ifdef unix
+#include <pwd.h>
+#include <grp.h>
+#endif
+
+# include <signal.h>
+
+# ifdef __BEOS__
+#  include <socket.h>  /* BeOS has select() for sockets only. */
+#  include <OS.h>      /* declarations for threads and stuff. */
+# endif
+
+# if defined(__EMX__) || defined(__OS2__)
+#  include <sys/select.h>  /* OS/2/EMX needs a little help with select */
+# endif
+# ifdef __OS2__
+#define INCL_DOS
+# include <os2.h>
+#define bzero(B,N) memset(B,0x00,n)
+# endif
+
+# ifndef FD_ZERO
+#  include <select.h>
+# endif
+
+#endif
+
+#include "project.h"
+#include "list.h"
+#include "jcc.h"
+#include "filters.h"
+#include "loaders.h"
+#include "parsers.h"
+#include "miscutil.h"
+#include "errlog.h"
+#include "jbsockets.h"
+#include "gateway.h"
+#include "actions.h"
+#include "cgi.h"
+#include "loadcfg.h"
+#include "urlmatch.h"
+
+const char jcc_h_rcs[] = JCC_H_VERSION;
+const char project_h_rcs[] = PROJECT_H_VERSION;
+
+int no_daemon = 0;
+struct client_state  clients[1];
+struct file_list     files[1];
+
+#ifdef FEATURE_STATISTICS
+int urls_read     = 0;     /* total nr of urls read inc rejected */
+int urls_rejected = 0;     /* total nr of urls rejected */
+#endif /* def FEATURE_STATISTICS */
+
+#ifdef FEATURE_GRACEFUL_TERMINATION
+int g_terminate = 0;
+#endif
+
+#if !defined(_WIN32) && !defined(__OS2__) && !defined(AMIGA)
+static void sig_handler(int the_signal);
+#endif
+static int client_protocol_is_unsupported(const struct client_state *csp, char *req);
+static jb_err get_request_destination_elsewhere(struct client_state *csp, struct list *headers);
+static jb_err get_server_headers(struct client_state *csp);
+static const char *crunch_reason(const struct http_response *rsp);
+static void send_crunch_response(const struct client_state *csp, struct http_response *rsp);
+static char *get_request_line(struct client_state *csp);
+static jb_err receive_client_request(struct client_state *csp);
+static jb_err parse_client_request(struct client_state *csp);
+static void build_request_line(struct client_state *csp, const struct forward_spec *fwd, char **request_line);
+static jb_err change_request_destination(struct client_state *csp);
+static void chat(struct client_state *csp);
+static void serve(struct client_state *csp);
+#if !defined(_WIN32) || defined(_WIN_CONSOLE)
+static void usage(const char *myname);
+#endif
+static void initialize_mutexes(void);
+static jb_socket bind_port_helper(struct configuration_spec *config);
+static void listen_loop(void);
+
+#ifdef AMIGA
+void serve(struct client_state *csp);
+#else /* ifndef AMIGA */
+static void serve(struct client_state *csp);
+#endif /* def AMIGA */
+
+#ifdef __BEOS__
+static int32 server_thread(void *data);
+#endif /* def __BEOS__ */
+
+#ifdef _WIN32
+#define sleep(N)  Sleep(((N) * 1000))
+#endif
+
+#ifdef __OS2__
+#define sleep(N)  DosSleep(((N) * 100))
+#endif
+
+#ifdef MUTEX_LOCKS_AVAILABLE
+/*
+ * XXX: Does the locking stuff really belong in this file?
+ */
+privoxy_mutex_t log_mutex;
+privoxy_mutex_t log_init_mutex;
+privoxy_mutex_t connection_reuse_mutex;
+
+#if !defined(HAVE_GETHOSTBYADDR_R) || !defined(HAVE_GETHOSTBYNAME_R)
+privoxy_mutex_t resolver_mutex;
+#endif /* !defined(HAVE_GETHOSTBYADDR_R) || !defined(HAVE_GETHOSTBYNAME_R) */
+
+#ifndef HAVE_GMTIME_R
+privoxy_mutex_t gmtime_mutex;
+#endif /* ndef HAVE_GMTIME_R */
+
+#ifndef HAVE_LOCALTIME_R
+privoxy_mutex_t localtime_mutex;
+#endif /* ndef HAVE_GMTIME_R */
+
+#ifndef HAVE_RANDOM
+privoxy_mutex_t rand_mutex;
+#endif /* ndef HAVE_RANDOM */
+
+#endif /* def MUTEX_LOCKS_AVAILABLE */
+
+#if defined(unix)
+const char *basedir = NULL;
+const char *pidfile = NULL;
+static int received_hup_signal = 0;
+#endif /* defined unix */
+
+/* HTTP snipplets. */
+static const char CSUCCEED[] =
+   "HTTP/1.0 200 Connection established\r\n"
+   "Proxy-Agent: Privoxy/" VERSION "\r\n\r\n";
+
+static const char CHEADER[] =
+   "HTTP/1.0 400 Invalid header received from client\r\n"
+   "Proxy-Agent: Privoxy " VERSION "\r\n"
+   "Content-Type: text/plain\r\n"
+   "Connection: close\r\n\r\n"
+   "Invalid header received from client.\r\n";
+
+static const char FTP_RESPONSE[] =
+   "HTTP/1.0 400 Invalid request received from client\r\n"
+   "Content-Type: text/plain\r\n"
+   "Connection: close\r\n\r\n"
+   "Invalid request. Privoxy doesn't support FTP.\r\n";
+
+static const char GOPHER_RESPONSE[] =
+   "HTTP/1.0 400 Invalid request received from client\r\n"
+   "Content-Type: text/plain\r\n"
+   "Connection: close\r\n\r\n"
+   "Invalid request. Privoxy doesn't support gopher.\r\n";
+
+/* XXX: should be a template */
+static const char MISSING_DESTINATION_RESPONSE[] =
+   "HTTP/1.0 400 Bad request received from client\r\n"
+   "Proxy-Agent: Privoxy " VERSION "\r\n"
+   "Content-Type: text/plain\r\n"
+   "Connection: close\r\n\r\n"
+   "Bad request. Privoxy was unable to extract the destination.\r\n";
+
+/* XXX: should be a template */
+static const char NO_SERVER_DATA_RESPONSE[] =
+   "HTTP/1.0 502 Server or forwarder response empty\r\n"
+   "Proxy-Agent: Privoxy " VERSION "\r\n"
+   "Content-Type: text/plain\r\n"
+   "Connection: close\r\n\r\n"
+   "Empty server or forwarder response.\r\n"
+   "The connection has been closed but Privoxy didn't receive any data.\r\n";
+
+/* XXX: should be a template */
+static const char INVALID_SERVER_HEADERS_RESPONSE[] =
+   "HTTP/1.0 502 Server or forwarder response invalid\r\n"
+   "Proxy-Agent: Privoxy " VERSION "\r\n"
+   "Content-Type: text/plain\r\n"
+   "Connection: close\r\n\r\n"
+   "Bad response. The server or forwarder response doesn't look like HTTP.\r\n";
+
+#if 0
+/* XXX: should be a template */
+static const char NULL_BYTE_RESPONSE[] =
+   "HTTP/1.0 400 Bad request received from client\r\n"
+   "Proxy-Agent: Privoxy " VERSION "\r\n"
+   "Content-Type: text/plain\r\n"
+   "Connection: close\r\n\r\n"
+   "Bad request. Null byte(s) before end of request.\r\n";
+#endif
+
+/* XXX: should be a template */
+static const char MESSED_UP_REQUEST_RESPONSE[] =
+   "HTTP/1.0 400 Malformed request after rewriting\r\n"
+   "Proxy-Agent: Privoxy " VERSION "\r\n"
+   "Content-Type: text/plain\r\n"
+   "Connection: close\r\n\r\n"
+   "Bad request. Messed up with header filters.\r\n";
+
+/* XXX: should be a template */
+static const char CONNECTION_TIMEOUT_RESPONSE[] =
+   "HTTP/1.0 502 Connection timeout\r\n"
+   "Proxy-Agent: Privoxy " VERSION "\r\n"
+   "Content-Type: text/plain\r\n"
+   "Connection: close\r\n\r\n"
+   "The connection timed out.\r\n";
+
+/* A function to crunch a response */
+typedef struct http_response *(*crunch_func_ptr)(struct client_state *);
+
+/* Crunch function flags */
+#define CF_NO_FLAGS        0
+/* Cruncher applies to forced requests as well */
+#define CF_IGNORE_FORCE    1
+/* Crunched requests are counted for the block statistics */
+#define CF_COUNT_AS_REJECT 2
+
+/* A crunch function and its flags */
+struct cruncher
+{
+   const crunch_func_ptr cruncher;
+   const int flags;
+};
+
+static int crunch_response_triggered(struct client_state *csp, const struct cruncher crunchers[]);
+
+/* Complete list of cruncher functions */
+static const struct cruncher crunchers_all[] = {
+   { direct_response, CF_COUNT_AS_REJECT|CF_IGNORE_FORCE},
+   { block_url,       CF_COUNT_AS_REJECT },
+#ifdef FEATURE_TRUST
+   { trust_url,       CF_COUNT_AS_REJECT },
+#endif /* def FEATURE_TRUST */
+   { redirect_url,    CF_NO_FLAGS  },
+   { dispatch_cgi,    CF_IGNORE_FORCE},
+   { NULL,            0 }
+};
+
+/* Light version, used after tags are applied */
+static const struct cruncher crunchers_light[] = {
+   { block_url,       CF_COUNT_AS_REJECT },
+   { redirect_url,    CF_NO_FLAGS },
+   { NULL,            0 }
+};
+
+
+/*
+ * XXX: Don't we really mean
+ *
+ * #if defined(unix)
+ *
+ * here?
+ */
+#if !defined(_WIN32) && !defined(__OS2__) && !defined(AMIGA)
+/*********************************************************************
+ *
+ * Function    :  sig_handler 
+ *
+ * Description :  Signal handler for different signals.
+ *                Exit gracefully on TERM and INT
+ *                or set a flag that will cause the errlog
+ *                to be reopened by the main thread on HUP.
+ *
+ * Parameters  :
+ *          1  :  the_signal = the signal cause this function to call
+ *
+ * Returns     :  - 
+ *
+ *********************************************************************/
+static void sig_handler(int the_signal)
+{
+   switch(the_signal)
+   {
+      case SIGTERM:
+      case SIGINT:
+         log_error(LOG_LEVEL_INFO, "exiting by signal %d .. bye", the_signal);
+#if defined(unix)
+         if(pidfile)
+         {
+            unlink(pidfile);
+         }
+#endif /* unix */
+         exit(the_signal);
+         break;
+
+      case SIGHUP:
+#if defined(unix)
+         received_hup_signal = 1;
+#endif
+         break;         
+
+      default:
+         /* 
+          * We shouldn't be here, unless we catch signals
+          * in main() that we can't handle here!
+          */
+         log_error(LOG_LEVEL_FATAL, "sig_handler: exiting on unexpected signal %d", the_signal);
+   }
+   return;
+
+}
+#endif
+
+
+/*********************************************************************
+ *
+ * Function    :  client_protocol_is_unsupported
+ *
+ * Description :  Checks if the client used a known unsupported
+ *                protocol and deals with it by sending an error
+ *                response.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  req = the first request line send by the client
+ *
+ * Returns     :  TRUE if an error response has been generated, or
+ *                FALSE if the request doesn't look invalid.
+ *
+ *********************************************************************/
+static int client_protocol_is_unsupported(const struct client_state *csp, char *req)
+{
+   /*
+    * If it's a FTP or gopher request, we don't support it.
+    *
+    * These checks are better than nothing, but they might
+    * not work in all configurations and some clients might
+    * have problems digesting the answer.
+    *
+    * They should, however, never cause more problems than
+    * Privoxy's old behaviour (returning the misleading HTML
+    * error message:
+    *
+    * "Could not resolve http://(ftp|gopher)://example.org").
+    */
+   if (!strncmpic(req, "GET ftp://", 10) || !strncmpic(req, "GET gopher://", 13))
+   {
+      const char *response = NULL;
+      const char *protocol = NULL;
+
+      if (!strncmpic(req, "GET ftp://", 10))
+      {
+         response = FTP_RESPONSE;
+         protocol = "FTP";
+      }
+      else
+      {
+         response = GOPHER_RESPONSE;
+         protocol = "GOPHER";
+      }
+      log_error(LOG_LEVEL_ERROR,
+         "%s tried to use Privoxy as %s proxy: %s",
+         csp->ip_addr_str, protocol, req);
+      log_error(LOG_LEVEL_CLF,
+         "%s - - [%T] \"%s\" 400 0", csp->ip_addr_str, req);
+      freez(req);
+      write_socket(csp->cfd, response, strlen(response));
+
+      return TRUE;
+   }
+
+   return FALSE;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_request_destination_elsewhere
+ *
+ * Description :  If the client's request was redirected into
+ *                Privoxy without the client's knowledge,
+ *                the request line lacks the destination host.
+ *
+ *                This function tries to get it elsewhere,
+ *                provided accept-intercepted-requests is enabled.
+ *
+ *                "Elsewhere" currently only means "Host: header",
+ *                but in the future we may ask the redirecting
+ *                packet filter to look the destination up.
+ *
+ *                If the destination stays unknown, an error
+ *                response is send to the client and headers
+ *                are freed so that chat() can return directly.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  headers = a header list
+ *
+ * Returns     :  JB_ERR_OK if the destination is now known, or
+ *                JB_ERR_PARSE if it isn't.
+ *
+ *********************************************************************/
+static jb_err get_request_destination_elsewhere(struct client_state *csp, struct list *headers)
+{
+   char *req;
+
+   if (!(csp->config->feature_flags & RUNTIME_FEATURE_ACCEPT_INTERCEPTED_REQUESTS))
+   {
+      log_error(LOG_LEVEL_ERROR, "%s's request: \'%s\' is invalid."
+         " Privoxy isn't configured to accept intercepted requests.",
+         csp->ip_addr_str, csp->http->cmd);
+      /* XXX: Use correct size */
+      log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s\" 400 0",
+         csp->ip_addr_str, csp->http->cmd);
+
+      write_socket(csp->cfd, CHEADER, strlen(CHEADER));
+      destroy_list(headers);
+
+      return JB_ERR_PARSE;
+   }
+   else if (JB_ERR_OK == get_destination_from_headers(headers, csp->http))
+   {
+      /* Split the domain we just got for pattern matching */
+      init_domain_components(csp->http);
+
+      return JB_ERR_OK;
+   }
+   else
+   {
+      /* We can't work without destination. Go spread the news.*/
+
+      req = list_to_text(headers);
+      chomp(req);
+      /* XXX: Use correct size */
+      log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s\" 400 0",
+         csp->ip_addr_str, csp->http->cmd);
+      log_error(LOG_LEVEL_ERROR,
+         "Privoxy was unable to get the destination for %s's request:\n%s\n%s",
+         csp->ip_addr_str, csp->http->cmd, req);
+      freez(req);
+
+      write_socket(csp->cfd, MISSING_DESTINATION_RESPONSE, strlen(MISSING_DESTINATION_RESPONSE));
+      destroy_list(headers);
+
+      return JB_ERR_PARSE;
+   }
+   /*
+    * TODO: If available, use PF's ioctl DIOCNATLOOK as last resort
+    * to get the destination IP address, use it as host directly
+    * or do a reverse DNS lookup first.
+    */
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_server_headers
+ *
+ * Description :  Parses server headers in iob and fills them
+ *                into csp->headers so that they can later be
+ *                handled by sed().
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  JB_ERR_OK if everything went fine, or
+ *                JB_ERR_PARSE if the headers were incomplete.
+ *
+ *********************************************************************/
+static jb_err get_server_headers(struct client_state *csp)
+{
+   int continue_hack_in_da_house = 0;
+   char * header;
+
+   while (((header = get_header(csp->iob)) != NULL) || continue_hack_in_da_house)
+   {
+      if (header == NULL)
+      {
+         /*
+          * continue hack in da house. Ignore the ending of
+          * this head and continue enlisting header lines.
+          * The reason is described below.
+          */
+         enlist(csp->headers, "");
+         continue_hack_in_da_house = 0;
+         continue;
+      }
+      else if (0 == strncmpic(header, "HTTP/1.1 100", 12))
+      {
+         /*
+          * It's a bodyless continue response, don't
+          * stop header parsing after reaching its end.
+          *
+          * As a result Privoxy will concatenate the
+          * next response's head and parse and deliver
+          * the headers as if they belonged to one request.
+          *
+          * The client will separate them because of the
+          * empty line between them.
+          *
+          * XXX: What we're doing here is clearly against
+          * the intended purpose of the continue header,
+          * and under some conditions (HTTP/1.0 client request)
+          * it's a standard violation.
+          *
+          * Anyway, "sort of against the spec" is preferable
+          * to "always getting confused by Continue responses"
+          * (Privoxy's behaviour before this hack was added)
+          */
+         log_error(LOG_LEVEL_HEADER, "Continue hack in da house.");
+         continue_hack_in_da_house = 1;
+      }
+      else if (*header == '\0') 
+      {
+         /*
+          * If the header is empty, but the Continue hack
+          * isn't active, we can assume that we reached the
+          * end of the buffer before we hit the end of the
+          * head.
+          *
+          * Inform the caller an let it decide how to handle it.
+          */
+         return JB_ERR_PARSE;
+      }
+
+      if (JB_ERR_MEMORY == enlist(csp->headers, header))
+      {
+         /*
+          * XXX: Should we quit the request and return a
+          * out of memory error page instead?
+          */
+         log_error(LOG_LEVEL_ERROR,
+            "Out of memory while enlisting server headers. %s lost.",
+            header);
+      }
+      freez(header);
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  crunch_reason
+ *
+ * Description :  Translates the crunch reason code into a string.
+ *
+ * Parameters  :
+ *          1  :  rsp = a http_response
+ *
+ * Returns     :  A string with the crunch reason or an error description.
+ *
+ *********************************************************************/
+static const char *crunch_reason(const struct http_response *rsp)
+{
+   char * reason = NULL;
+
+   assert(rsp != NULL);
+   if (rsp == NULL)
+   {
+      return "Internal error while searching for crunch reason";
+   }
+
+   switch (rsp->reason)
+   {
+      case RSP_REASON_UNSUPPORTED:
+         reason = "Unsupported HTTP feature";
+         break;
+      case RSP_REASON_BLOCKED:
+         reason = "Blocked";
+         break;
+      case RSP_REASON_UNTRUSTED:
+         reason = "Untrusted";
+         break;
+      case RSP_REASON_REDIRECTED:
+         reason = "Redirected";
+         break;
+      case RSP_REASON_CGI_CALL:
+         reason = "CGI Call";
+         break;
+      case RSP_REASON_NO_SUCH_DOMAIN:
+         reason = "DNS failure";
+         break;
+      case RSP_REASON_FORWARDING_FAILED:
+         reason = "Forwarding failed";
+         break;
+      case RSP_REASON_CONNECT_FAILED:
+         reason = "Connection failure";
+         break;
+      case RSP_REASON_OUT_OF_MEMORY:
+         reason = "Out of memory (may mask other reasons)";
+         break;
+      default:
+         reason = "No reason recorded";
+         break;
+   }
+
+   return reason;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  send_crunch_response
+ *
+ * Description :  Delivers already prepared response for
+ *                intercepted requests, logs the interception
+ *                and frees the response.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          1  :  rsp = Fully prepared response. Will be freed on exit.
+ *
+ * Returns     :  Nothing.
+ *
+ *********************************************************************/
+static void send_crunch_response(const struct client_state *csp, struct http_response *rsp)
+{
+      const struct http_request *http = csp->http;
+      char status_code[4];
+
+      assert(rsp != NULL);
+      assert(rsp->head != NULL);
+
+      if (rsp == NULL)
+      {
+         /*
+          * Not supposed to happen. If it does
+          * anyway, treat it as an unknown error.
+          */
+         cgi_error_unknown(csp, rsp, RSP_REASON_INTERNAL_ERROR);
+         /* return code doesn't matter */
+      }
+
+      if (rsp == NULL)
+      {
+         /* If rsp is still NULL, we have serious internal problems. */
+         log_error(LOG_LEVEL_FATAL,
+            "NULL response in send_crunch_response and cgi_error_unknown failed as well.");
+      }
+
+      /*
+       * Extract the status code from the actual head
+       * that was send to the client. It is the only
+       * way to get it right for all requests, including
+       * the fixed ones for out-of-memory problems.
+       *
+       * A head starts like this: 'HTTP/1.1 200...'
+       *                           0123456789|11
+       *                                     10
+       */
+      status_code[0] = rsp->head[9];
+      status_code[1] = rsp->head[10];
+      status_code[2] = rsp->head[11];
+      status_code[3] = '\0';
+
+      /* Write the answer to the client */
+      if (write_socket(csp->cfd, rsp->head, rsp->head_length)
+       || write_socket(csp->cfd, rsp->body, rsp->content_length))
+      {
+         /* There is nothing we can do about it. */
+         log_error(LOG_LEVEL_ERROR, "write to: %s failed: %E", csp->http->host);
+      }
+
+      /* Log that the request was crunched and why. */
+      log_error(LOG_LEVEL_CRUNCH, "%s: %s", crunch_reason(rsp), http->url);
+      log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s\" %s %u",
+         csp->ip_addr_str, http->ocmd, status_code, rsp->content_length);
+
+      /* Clean up and return */
+      if (cgi_error_memory() != rsp)
+      {
+         free_http_response(rsp);
+      } 
+      return;
+}
+
+
+#if 0
+/*********************************************************************
+ *
+ * Function    :  request_contains_null_bytes
+ *
+ * Description :  Checks for NULL bytes in the request and sends
+ *                an error message to the client if any were found.
+ *
+ *                XXX: currently not used, see comment in chat().
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  buf = Data from the client's request to check.
+ *          3  :  len = The data length.
+ *
+ * Returns     :  TRUE if the request contained one or more NULL bytes, or
+ *                FALSE otherwise.
+ *
+ *********************************************************************/
+static int request_contains_null_bytes(const struct client_state *csp, char *buf, int len)
+{
+   size_t c_len; /* Request lenght when treated as C string */
+
+   c_len = strlen(buf);
+
+   if (c_len < len)
+   {
+      /*
+       * Null byte(s) found. Log the request,
+       * return an error response and hang up.
+       */
+      size_t tmp_len = c_len;
+
+      do
+      {
+        /*
+         * Replace NULL byte(s) with '°' characters
+         * so the request can be logged as string.
+         * XXX: Is there a better replacement character?
+         */
+         buf[tmp_len]='°';
+         tmp_len += strlen(buf+tmp_len);
+      } while (tmp_len < len);
+
+      log_error(LOG_LEVEL_ERROR, "%s\'s request contains at least one NULL byte "
+         "(length=%d, strlen=%u).", csp->ip_addr_str, len, c_len);
+      log_error(LOG_LEVEL_HEADER, 
+         "Offending request data with NULL bytes turned into \'°\' characters: %s", buf);
+
+      write_socket(csp->cfd, NULL_BYTE_RESPONSE, strlen(NULL_BYTE_RESPONSE));
+
+      /* XXX: Log correct size */
+      log_error(LOG_LEVEL_CLF, "%s - - [%T] \"Invalid request\" 400 0", csp->ip_addr_str);
+
+      return TRUE;
+   }
+
+   return FALSE;
+}
+#endif
+
+
+/*********************************************************************
+ *
+ * Function    :  crunch_response_triggered
+ *
+ * Description :  Checks if the request has to be crunched,
+ *                and delivers the crunch response if necessary.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  crunchers = list of cruncher functions to run
+ *
+ * Returns     :  TRUE if the request was answered with a crunch response
+ *                FALSE otherwise.
+ *
+ *********************************************************************/
+static int crunch_response_triggered(struct client_state *csp, const struct cruncher crunchers[])
+{
+   struct http_response *rsp = NULL;
+   const struct cruncher *c;
+
+   /*
+    * If CGI request crunching is disabled,
+    * check the CGI dispatcher out of order to
+    * prevent unintentional blocks or redirects. 
+    */
+   if (!(csp->config->feature_flags & RUNTIME_FEATURE_CGI_CRUNCHING)
+       && (NULL != (rsp = dispatch_cgi(csp))))
+   {
+      /* Deliver, log and free the interception response. */
+      send_crunch_response(csp, rsp);
+      return TRUE;
+   }
+
+   for (c = crunchers; c->cruncher != NULL; c++)
+   {
+      /*
+       * Check the cruncher if either Privoxy is toggled
+       * on and the request isn't forced, or if the cruncher
+       * applies to forced requests as well.
+       */
+      if (((csp->flags & CSP_FLAG_TOGGLED_ON) &&
+          !(csp->flags & CSP_FLAG_FORCED)) ||
+          (c->flags & CF_IGNORE_FORCE))
+      {
+         rsp = c->cruncher(csp);
+         if (NULL != rsp)
+         {
+            /* Deliver, log and free the interception response. */
+            send_crunch_response(csp, rsp);
+#ifdef FEATURE_STATISTICS
+            if (c->flags & CF_COUNT_AS_REJECT)
+            {
+               csp->flags |= CSP_FLAG_REJECTED;
+            }
+#endif /* def FEATURE_STATISTICS */
+
+            return TRUE;
+         }
+      }
+   }
+
+   return FALSE;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  build_request_line
+ *
+ * Description :  Builds the HTTP request line.
+ *
+ *                If a HTTP forwarder is used it expects the whole URL,
+ *                web servers only get the path.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  fwd = The forwarding spec used for the request
+ *                XXX: Should use http->fwd instead.
+ *          3  :  request_line = The old request line which will be replaced.
+ *
+ * Returns     :  Nothing. Terminates in case of memory problems.
+ *
+ *********************************************************************/
+static void build_request_line(struct client_state *csp, const struct forward_spec *fwd, char **request_line)
+{
+   struct http_request *http = csp->http;
+
+   assert(http->ssl == 0);
+
+   /*
+    * Downgrade http version from 1.1 to 1.0
+    * if +downgrade action applies.
+    */
+   if ( (csp->action->flags & ACTION_DOWNGRADE)
+     && (!strcmpic(http->ver, "HTTP/1.1")))
+   {
+      freez(http->ver);
+      http->ver = strdup("HTTP/1.0");
+
+      if (http->ver == NULL)
+      {
+         log_error(LOG_LEVEL_FATAL, "Out of memory downgrading HTTP version");
+      }
+   }
+
+   /*
+    * Rebuild the request line.
+    */
+   freez(*request_line);
+   *request_line = strdup(http->gpc);
+   string_append(request_line, " ");
+
+   if (fwd->forward_host)
+   {
+      string_append(request_line, http->url);
+   }
+   else
+   {
+      string_append(request_line, http->path);
+   }
+   string_append(request_line, " ");
+   string_append(request_line, http->ver);
+
+   if (*request_line == NULL)
+   {
+      log_error(LOG_LEVEL_FATAL, "Out of memory writing HTTP command");
+   }
+   log_error(LOG_LEVEL_HEADER, "New HTTP Request-Line: %s", *request_line);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  change_request_destination
+ *
+ * Description :  Parse a (rewritten) request line and regenerate
+ *                the http request data.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  Forwards the parse_http_request() return code.
+ *                Terminates in case of memory problems.
+ *
+ *********************************************************************/
+static jb_err change_request_destination(struct client_state *csp)
+{
+   struct http_request *http = csp->http;
+   jb_err err;
+
+   log_error(LOG_LEVEL_INFO, "Rewrite detected: %s", csp->headers->first->str);
+   free_http_request(http);
+   err = parse_http_request(csp->headers->first->str, http);
+   if (JB_ERR_OK != err)
+   {
+      log_error(LOG_LEVEL_ERROR, "Couldn't parse rewritten request: %s.",
+         jb_err_to_string(err));
+   }
+   else
+   {
+      /* XXX: ocmd is a misleading name */
+      http->ocmd = strdup(http->cmd);
+      if (http->ocmd == NULL)
+      {
+         log_error(LOG_LEVEL_FATAL,
+            "Out of memory copying rewritten HTTP request line");
+      }
+   }
+
+   return err;
+}
+
+
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+/*********************************************************************
+ *
+ * Function    :  server_response_is_complete
+ *
+ * Description :  Determines whether we should stop reading
+ *                from the server socket.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  content_length = Length of content received so far.
+ *
+ * Returns     :  TRUE if the response is complete,
+ *                FALSE otherwise.
+ *
+ *********************************************************************/
+static int server_response_is_complete(struct client_state *csp,
+   unsigned long long content_length)
+{
+   int content_length_known = !!(csp->flags & CSP_FLAG_CONTENT_LENGTH_SET);
+
+   if (!strcmpic(csp->http->gpc, "HEAD"))
+   {
+      /*
+       * "HEAD" implies no body, we are thus expecting
+       * no content. XXX: incomplete "list" of methods?
+       */
+      csp->expected_content_length = 0;
+      content_length_known = TRUE;
+   }
+
+   if (csp->http->status == 304)
+   {
+      /*
+       * Expect no body. XXX: incomplete "list" of status codes?
+       */
+      csp->expected_content_length = 0;
+      content_length_known = TRUE;
+   }
+
+   return (content_length_known && ((0 == csp->expected_content_length)
+            || (csp->expected_content_length <= content_length)));
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  wait_for_alive_connections
+ *
+ * Description :  Waits for alive connections to timeout.
+ *
+ * Parameters  :  N/A
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+static void wait_for_alive_connections()
+{
+   int connections_alive = close_unusable_connections();
+
+   while (0 < connections_alive)
+   {
+      log_error(LOG_LEVEL_CONNECT,
+         "Waiting for %d connections to timeout.",
+         connections_alive);
+      sleep(60);
+      connections_alive = close_unusable_connections();
+   }
+
+   log_error(LOG_LEVEL_CONNECT, "No connections to wait for left.");
+
+}
+#endif /* FEATURE_CONNECTION_KEEP_ALIVE */
+
+
+/*********************************************************************
+ *
+ * Function    :  mark_server_socket_tainted
+ *
+ * Description :  Makes sure we don't reuse a server socket
+ *                (if we didn't read everything the server sent
+ *                us reusing the socket would lead to garbage).
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  void.
+ *
+ *********************************************************************/
+static void mark_server_socket_tainted(struct client_state *csp)
+{
+   if ((csp->flags & CSP_FLAG_SERVER_CONNECTION_KEEP_ALIVE))
+   {
+      log_error(LOG_LEVEL_CONNECT, "Unsetting keep-alive flag.");
+      csp->flags &= ~CSP_FLAG_SERVER_CONNECTION_KEEP_ALIVE;
+   }
+}
+
+/*********************************************************************
+ *
+ * Function    :  get_request_line
+ *
+ * Description : Read the client request line.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  Pointer to request line or NULL in case of errors.
+ *
+ *********************************************************************/
+static char *get_request_line(struct client_state *csp)
+{
+   char buf[BUFFER_SIZE];
+   char *request_line = NULL;
+   int len;
+
+   memset(buf, 0, sizeof(buf));
+
+   do
+   {
+      if (!data_is_available(csp->cfd, csp->config->socket_timeout))
+      {
+         log_error(LOG_LEVEL_ERROR,
+            "Stopped waiting for the request line.");
+         write_socket(csp->cfd, CONNECTION_TIMEOUT_RESPONSE,
+            strlen(CONNECTION_TIMEOUT_RESPONSE));
+         return NULL;
+      }
+
+      len = read_socket(csp->cfd, buf, sizeof(buf) - 1);
+
+      if (len <= 0) return NULL;
+
+      /*
+       * If there is no memory left for buffering the
+       * request, there is nothing we can do but hang up
+       */
+      if (add_to_iob(csp, buf, len))
+      {
+         return NULL;
+      }
+
+      request_line = get_header(csp->iob);
+
+   } while ((NULL != request_line) && ('\0' == *request_line));
+
+   return request_line;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  receive_client_request
+ *
+ * Description : Read the client's request (more precisely the
+ *               client headers) and answer it if necessary.
+ *
+ *               Note that since we're not using select() we could get
+ *               blocked here if a client connected, then didn't say
+ *               anything!
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  JB_ERR_OK, JB_ERR_PARSE or JB_ERR_MEMORY
+ *
+ *********************************************************************/
+static jb_err receive_client_request(struct client_state *csp)
+{
+   char buf[BUFFER_SIZE];
+   char *p;
+   char *req = NULL;
+   struct http_request *http;
+   int len;
+   jb_err err;
+
+   /* Temporary copy of the client's headers before they get enlisted in csp->headers */
+   struct list header_list;
+   struct list *headers = &header_list;
+
+   http = csp->http;
+
+   memset(buf, 0, sizeof(buf));
+
+   req = get_request_line(csp);
+   if (req == NULL)
+   {
+      return JB_ERR_PARSE;
+   }
+   assert(*req != '\0');
+
+   if (client_protocol_is_unsupported(csp, req))
+   {
+      return JB_ERR_PARSE;
+   }
+
+#ifdef FEATURE_FORCE_LOAD
+   /*
+    * If this request contains the FORCE_PREFIX and blocks
+    * aren't enforced, get rid of it and set the force flag.
+    */
+   if (strstr(req, FORCE_PREFIX))
+   {
+      if (csp->config->feature_flags & RUNTIME_FEATURE_ENFORCE_BLOCKS)
+      {
+         log_error(LOG_LEVEL_FORCE,
+            "Ignored force prefix in request: \"%s\".", req);
+      }
+      else
+      {
+         strclean(req, FORCE_PREFIX);
+         log_error(LOG_LEVEL_FORCE, "Enforcing request: \"%s\".", req);
+         csp->flags |= CSP_FLAG_FORCED;
+      }
+   }
+#endif /* def FEATURE_FORCE_LOAD */
+
+   err = parse_http_request(req, http);
+   freez(req);
+   if (JB_ERR_OK != err)
+   {
+      write_socket(csp->cfd, CHEADER, strlen(CHEADER));
+      /* XXX: Use correct size */
+      log_error(LOG_LEVEL_CLF, "%s - - [%T] \"Invalid request\" 400 0", csp->ip_addr_str);
+      log_error(LOG_LEVEL_ERROR,
+         "Couldn't parse request line received from %s: %s",
+         csp->ip_addr_str, jb_err_to_string(err));
+
+      free_http_request(http);
+      return JB_ERR_PARSE;
+   }
+
+   /* grab the rest of the client's headers */
+   init_list(headers);
+   for (;;)
+   {
+      p = get_header(csp->iob);
+
+      if (p == NULL)
+      {
+         /* There are no additional headers to read. */
+         break;
+      }
+
+      if (*p == '\0')
+      {
+         /*
+          * We didn't receive a complete header
+          * line yet, get the rest of it.
+          */
+         if (!data_is_available(csp->cfd, csp->config->socket_timeout))
+         {
+            log_error(LOG_LEVEL_ERROR,
+               "Stopped grabbing the client headers.");
+            return JB_ERR_PARSE;
+         }
+
+         len = read_socket(csp->cfd, buf, sizeof(buf) - 1);
+         if (len <= 0)
+         {
+            log_error(LOG_LEVEL_ERROR, "read from client failed: %E");
+            destroy_list(headers);
+            return JB_ERR_PARSE;
+         }
+         
+         if (add_to_iob(csp, buf, len))
+         {
+            /*
+             * If there is no memory left for buffering the
+             * request, there is nothing we can do but hang up
+             */
+            destroy_list(headers);
+            return JB_ERR_MEMORY;
+         }
+      }
+      else
+      {
+         /*
+          * We were able to read a complete
+          * header and can finaly enlist it.
+          */
+         enlist(headers, p);
+         freez(p);
+      }
+   }
+
+   if (http->host == NULL)
+   {
+      /*
+       * If we still don't know the request destination,
+       * the request is invalid or the client uses
+       * Privoxy without its knowledge.
+       */
+      if (JB_ERR_OK != get_request_destination_elsewhere(csp, headers))
+      {
+         /*
+          * Our attempts to get the request destination
+          * elsewhere failed or Privoxy is configured
+          * to only accept proxy requests.
+          *
+          * An error response has already been send
+          * and we're done here.
+          */
+         return JB_ERR_PARSE;
+      }
+   }
+
+   /*
+    * Determine the actions for this URL
+    */
+#ifdef FEATURE_TOGGLE
+   if (!(csp->flags & CSP_FLAG_TOGGLED_ON))
+   {
+      /* Most compatible set of actions (i.e. none) */
+      init_current_action(csp->action);
+   }
+   else
+#endif /* ndef FEATURE_TOGGLE */
+   {
+      get_url_actions(csp, http);
+   }
+
+   /* 
+    * Save a copy of the original request for logging
+    */
+   http->ocmd = strdup(http->cmd);
+   if (http->ocmd == NULL)
+   {
+      log_error(LOG_LEVEL_FATAL,
+         "Out of memory copying HTTP request line");
+   }
+   enlist(csp->headers, http->cmd);
+
+   /* Append the previously read headers */
+   list_append_list_unique(csp->headers, headers);
+   destroy_list(headers);
+
+   return JB_ERR_OK;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    : parse_client_request
+ *
+ * Description : Parses the client's request and decides what to do
+ *               with it.
+ *
+ *               Note that since we're not using select() we could get
+ *               blocked here if a client connected, then didn't say
+ *               anything!
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  JB_ERR_OK or JB_ERR_PARSE
+ *
+ *********************************************************************/
+static jb_err parse_client_request(struct client_state *csp)
+{
+   struct http_request *http = csp->http;
+   jb_err err;
+
+   err = sed(csp, FILTER_CLIENT_HEADERS);
+   if (JB_ERR_OK != err)
+   {
+      /* XXX: Should be handled in sed(). */
+      assert(err == JB_ERR_PARSE);
+      log_error(LOG_LEVEL_FATAL, "Failed to parse client headers.");
+   }
+   csp->flags |= CSP_FLAG_CLIENT_HEADER_PARSING_DONE;
+
+   /* Check request line for rewrites. */
+   if ((NULL == csp->headers->first->str)
+      || (strcmp(http->cmd, csp->headers->first->str) &&
+         (JB_ERR_OK != change_request_destination(csp))))
+   {
+      /*
+       * A header filter broke the request line - bail out.
+       */
+      write_socket(csp->cfd, MESSED_UP_REQUEST_RESPONSE, strlen(MESSED_UP_REQUEST_RESPONSE));
+      /* XXX: Use correct size */
+      log_error(LOG_LEVEL_CLF,
+         "%s - - [%T] \"Invalid request generated\" 500 0", csp->ip_addr_str);
+      log_error(LOG_LEVEL_ERROR,
+         "Invalid request line after applying header filters.");
+      free_http_request(http);
+
+      return JB_ERR_PARSE;
+   }
+
+   return JB_ERR_OK;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  chat
+ *
+ * Description :  Once a connection to the client has been accepted,
+ *                this function is called (via serve()) to handle the
+ *                main business of the communication.  When this
+ *                function returns, the caller must close the client
+ *                socket handle.
+ *
+ *                FIXME: chat is nearly thousand lines long.
+ *                Ridiculous.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  Nothing.
+ *
+ *********************************************************************/
+static void chat(struct client_state *csp)
+{
+   char buf[BUFFER_SIZE];
+   char *hdr;
+   char *p;
+   fd_set rfds;
+   int n;
+   jb_socket maxfd;
+   int server_body;
+   int ms_iis5_hack = 0;
+   unsigned long long byte_count = 0;
+   int forwarded_connect_retries = 0;
+   int max_forwarded_connect_retries = csp->config->forwarded_connect_retries;
+   const struct forward_spec *fwd;
+   struct http_request *http;
+   long len = 0; /* for buffer sizes (and negative error codes) */
+
+   /* Function that does the content filtering for the current request */
+   filter_function_ptr content_filter = NULL;
+
+   /* Skeleton for HTTP response, if we should intercept the request */
+   struct http_response *rsp;
+   struct timeval timeout;
+
+   memset(buf, 0, sizeof(buf));
+
+   http = csp->http;
+
+   if (receive_client_request(csp) != JB_ERR_OK)
+   {
+      return;
+   }
+   if (parse_client_request(csp) != JB_ERR_OK)
+   {
+      return;
+   }
+
+   /* decide how to route the HTTP request */
+   fwd = forward_url(csp, http);
+   if (NULL == fwd)
+   {
+      log_error(LOG_LEVEL_FATAL, "gateway spec is NULL!?!?  This can't happen!");
+      /* Never get here - LOG_LEVEL_FATAL causes program exit */
+      return;
+   }
+
+   /*
+    * build the http request to send to the server
+    * we have to do one of the following:
+    *
+    * create = use the original HTTP request to create a new
+    *          HTTP request that has either the path component
+    *          without the http://domainspec (w/path) or the
+    *          full orininal URL (w/url)
+    *          Note that the path and/or the HTTP version may
+    *          have been altered by now.
+    *
+    * connect = Open a socket to the host:port of the server
+    *           and short-circuit server and client socket.
+    *
+    * pass =  Pass the request unchanged if forwarding a CONNECT
+    *         request to a parent proxy. Note that we'll be sending
+    *         the CFAIL message ourselves if connecting to the parent
+    *         fails, but we won't send a CSUCCEED message if it works,
+    *         since that would result in a double message (ours and the
+    *         parent's). After sending the request to the parent, we simply
+    *         tunnel.
+    *
+    * here's the matrix:
+    *                        SSL
+    *                    0        1
+    *                +--------+--------+
+    *                |        |        |
+    *             0  | create | connect|
+    *                | w/path |        |
+    *  Forwarding    +--------+--------+
+    *                |        |        |
+    *             1  | create | pass   |
+    *                | w/url  |        |
+    *                +--------+--------+
+    *
+    */
+
+   if (http->ssl && connect_port_is_forbidden(csp))
+   {
+      const char *acceptable_connect_ports =
+         csp->action->string[ACTION_STRING_LIMIT_CONNECT];
+      assert(NULL != acceptable_connect_ports);
+      log_error(LOG_LEVEL_INFO, "Request from %s marked for blocking. "
+         "limit-connect{%s} doesn't allow CONNECT requests to port %d.",
+         csp->ip_addr_str, acceptable_connect_ports, csp->http->port);
+      csp->action->flags |= ACTION_BLOCK;
+      http->ssl = 0;
+   }
+
+   if (http->ssl == 0)
+   {
+      freez(csp->headers->first->str);
+      build_request_line(csp, fwd, &csp->headers->first->str);
+   }
+
+   /*
+    * We have a request. Check if one of the crunchers wants it.
+    */
+   if (crunch_response_triggered(csp, crunchers_all))
+   {
+      /*
+       * Yes. The client got the crunch response
+       * and we are done here after cleaning up.
+       */
+      /* XXX: why list_remove_all()? */
+      list_remove_all(csp->headers);
+
+      return;
+   }
+
+   log_error(LOG_LEVEL_GPC, "%s%s", http->hostport, http->path);
+
+   if (fwd->forward_host)
+   {
+      log_error(LOG_LEVEL_CONNECT, "via %s:%d to: %s",
+         fwd->forward_host, fwd->forward_port, http->hostport);
+   }
+   else
+   {
+      log_error(LOG_LEVEL_CONNECT, "to %s", http->hostport);
+   }
+
+   /* here we connect to the server, gateway, or the forwarder */
+
+   while ((csp->sfd = forwarded_connect(fwd, http, csp))
+      && (errno == EINVAL)
+      && (forwarded_connect_retries++ < max_forwarded_connect_retries))
+   {
+      log_error(LOG_LEVEL_ERROR,
+         "failed request #%u to connect to %s. Trying again.",
+         forwarded_connect_retries, http->hostport);
+   }
+
+   if (csp->sfd == JB_INVALID_SOCKET)
+   {
+      if (fwd->type != SOCKS_NONE)
+      {
+         /* Socks error. */
+         rsp = error_response(csp, "forwarding-failed", errno);
+      }
+      else if (errno == EINVAL)
+      {
+         rsp = error_response(csp, "no-such-domain", errno);
+      }
+      else
+      {
+         rsp = error_response(csp, "connect-failed", errno);
+         log_error(LOG_LEVEL_CONNECT, "connect to: %s failed: %E",
+            http->hostport);
+      }
+
+      /* Write the answer to the client */
+      if (rsp != NULL)
+      {
+         send_crunch_response(csp, rsp);
+      }
+
+      return;
+   }
+
+   hdr = list_to_text(csp->headers);
+   if (hdr == NULL)
+   {
+      /* FIXME Should handle error properly */
+      log_error(LOG_LEVEL_FATAL, "Out of memory parsing client header");
+   }
+   list_remove_all(csp->headers);
+
+   if (fwd->forward_host || (http->ssl == 0))
+   {
+      /*
+       * Write the client's (modified) header to the server
+       * (along with anything else that may be in the buffer)
+       */
+      if (write_socket(csp->sfd, hdr, strlen(hdr))
+       || (flush_socket(csp->sfd, csp->iob) <  0))
+      {
+         log_error(LOG_LEVEL_CONNECT,
+            "write header to: %s failed: %E", http->hostport);
+
+         rsp = error_response(csp, "connect-failed", errno);
+         if (rsp)
+         {
+            send_crunch_response(csp, rsp);
+         }
+
+         freez(hdr);
+         return;
+      }
+   }
+   else
+   {
+      /*
+       * We're running an SSL tunnel and we're not forwarding,
+       * so just send the "connect succeeded" message to the
+       * client, flush the rest, and get out of the way.
+       */
+      if (write_socket(csp->cfd, CSUCCEED, strlen(CSUCCEED)))
+      {
+         freez(hdr);
+         return;
+      }
+      IOB_RESET(csp);
+   }
+
+   log_error(LOG_LEVEL_CONNECT, "to %s successful", http->hostport);
+
+   /* we're finished with the client's header */
+   freez(hdr);
+
+   maxfd = (csp->cfd > csp->sfd) ? csp->cfd : csp->sfd;
+
+   /* pass data between the client and server
+    * until one or the other shuts down the connection.
+    */
+
+   server_body = 0;
+
+   for (;;)
+   {
+#ifdef __OS2__
+      /*
+       * FD_ZERO here seems to point to an errant macro which crashes.
+       * So do this by hand for now...
+       */
+      memset(&rfds,0x00,sizeof(fd_set));
+#else
+      FD_ZERO(&rfds);
+#endif
+      FD_SET(csp->cfd, &rfds);
+      FD_SET(csp->sfd, &rfds);
+
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+      if ((csp->flags & CSP_FLAG_CHUNKED)
+         && !(csp->flags & CSP_FLAG_CONTENT_LENGTH_SET)
+         && ((csp->iob->eod - csp->iob->cur) >= 5)
+         && !memcmp(csp->iob->eod-5, "0\r\n\r\n", 5))
+      {
+         log_error(LOG_LEVEL_CONNECT,
+            "Looks like we read the last chunk together with "
+            "the server headers. We better stop reading.");
+         byte_count = (unsigned long long)(csp->iob->eod - csp->iob->cur);
+         csp->expected_content_length = byte_count;
+         csp->flags |= CSP_FLAG_CONTENT_LENGTH_SET;
+      }
+      if (server_body && server_response_is_complete(csp, byte_count))
+      {
+         log_error(LOG_LEVEL_CONNECT,
+            "Done reading from server. Expected content length: %llu. "
+            "Actual content length: %llu. Most recently received: %d.",
+            csp->expected_content_length, byte_count, len);
+         len = 0;
+         /*
+          * XXX: should not jump around,
+          * chat() is complicated enough already.
+          */
+         goto reading_done;
+      }
+#endif  /* FEATURE_CONNECTION_KEEP_ALIVE */
+
+      timeout.tv_sec = csp->config->socket_timeout;
+      timeout.tv_usec = 0;
+      n = select((int)maxfd+1, &rfds, NULL, NULL, &timeout);
+
+      if (n == 0)
+      {
+         log_error(LOG_LEVEL_ERROR,
+            "Didn't receive data in time: %s", http->url);
+         if ((byte_count == 0) && (http->ssl == 0))
+         {
+            write_socket(csp->cfd, CONNECTION_TIMEOUT_RESPONSE,
+               strlen(CONNECTION_TIMEOUT_RESPONSE));
+         }
+         mark_server_socket_tainted(csp);
+         return;
+      }
+      else if (n < 0)
+      {
+         log_error(LOG_LEVEL_ERROR, "select() failed!: %E");
+         mark_server_socket_tainted(csp);
+         return;
+      }
+
+      /*
+       * This is the body of the browser's request,
+       * just read and write it.
+       */
+      if (FD_ISSET(csp->cfd, &rfds))
+      {
+         len = read_socket(csp->cfd, buf, sizeof(buf) - 1);
+
+         if (len <= 0)
+         {
+            /* XXX: not sure if this is necessary. */
+            mark_server_socket_tainted(csp);
+            break; /* "game over, man" */
+         }
+
+         if (write_socket(csp->sfd, buf, (size_t)len))
+         {
+            log_error(LOG_LEVEL_ERROR, "write to: %s failed: %E", http->host);
+            mark_server_socket_tainted(csp);
+            return;
+         }
+         continue;
+      }
+
+      /*
+       * The server wants to talk. It could be the header or the body.
+       * If `hdr' is null, then it's the header otherwise it's the body.
+       * FIXME: Does `hdr' really mean `host'? No.
+       */
+      if (FD_ISSET(csp->sfd, &rfds))
+      {
+         fflush(0);
+         len = read_socket(csp->sfd, buf, sizeof(buf) - 1);
+
+         if (len < 0)
+         {
+            log_error(LOG_LEVEL_ERROR, "read from: %s failed: %E", http->host);
+
+            if (http->ssl && (fwd->forward_host == NULL))
+            {
+               /*
+                * Just hang up. We already confirmed the client's CONNECT
+                * request with status code 200 and unencrypted content is
+                * no longer welcome.
+                */
+               log_error(LOG_LEVEL_ERROR,
+                  "CONNECT already confirmed. Unable to tell the client about the problem.");
+               return;
+            }
+            else if (byte_count)
+            {
+               /*
+                * Just hang up. We already transmitted the original headers
+                * and parts of the original content and therefore missed the
+                * chance to send an error message (without risking data corruption).
+                *
+                * XXX: we could retry with a fancy range request here.
+                */
+               log_error(LOG_LEVEL_ERROR, "Already forwarded the original headers. "
+                  "Unable to tell the client about the problem.");
+               mark_server_socket_tainted(csp);
+               return;
+            }
+
+            rsp = error_response(csp, "connect-failed", errno);
+            if (rsp)
+            {
+               send_crunch_response(csp, rsp);
+            }
+
+            return;
+         }
+
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+         if (csp->flags & CSP_FLAG_CHUNKED)
+         {
+            if ((len >= 5) && !memcmp(buf+len-5, "0\r\n\r\n", 5))
+            {
+               /* XXX: this is a temporary hack */
+               log_error(LOG_LEVEL_CONNECT,
+                  "Looks like we reached the end of the last chunk. "
+                  "We better stop reading.");
+               csp->expected_content_length = byte_count + (unsigned long long)len;
+               csp->flags |= CSP_FLAG_CONTENT_LENGTH_SET;
+            }
+         }
+         reading_done:
+#endif  /* FEATURE_CONNECTION_KEEP_ALIVE */
+
+         /*
+          * Add a trailing zero to let be able to use string operations.
+          * XXX: do we still need this with filter_popups gone?
+          */
+         buf[len] = '\0';
+
+         /*
+          * Normally, this would indicate that we've read
+          * as much as the server has sent us and we can
+          * close the client connection.  However, Microsoft
+          * in its wisdom has released IIS/5 with a bug that
+          * prevents it from sending the trailing \r\n in
+          * a 302 redirect header (and possibly other headers).
+          * To work around this if we've haven't parsed
+          * a full header we'll append a trailing \r\n
+          * and see if this now generates a valid one.
+          *
+          * This hack shouldn't have any impacts.  If we've
+          * already transmitted the header or if this is a
+          * SSL connection, then we won't bother with this
+          * hack.  So we only work on partially received
+          * headers.  If we append a \r\n and this still
+          * doesn't generate a valid header, then we won't
+          * transmit anything to the client.
+          */
+         if (len == 0)
+         {
+
+            if (server_body || http->ssl)
+            {
+               /*
+                * If we have been buffering up the document,
+                * now is the time to apply content modification
+                * and send the result to the client.
+                */
+               if (content_filter)
+               {
+                  p = execute_content_filter(csp, content_filter);
+                  /*
+                   * If the content filter fails, use the original
+                   * buffer and length.
+                   * (see p != NULL ? p : csp->iob->cur below)
+                   */
+                  if (NULL == p)
+                  {
+                     csp->content_length = (size_t)(csp->iob->eod - csp->iob->cur);
+                  }
+
+                  if (JB_ERR_OK != update_server_headers(csp))
+                  {
+                     log_error(LOG_LEVEL_FATAL,
+                        "Failed to update server headers. after filtering.");
+                  }
+
+                  hdr = list_to_text(csp->headers);
+                  if (hdr == NULL)
+                  {
+                     /* FIXME Should handle error properly */
+                     log_error(LOG_LEVEL_FATAL, "Out of memory parsing server header");
+                  }
+
+                  if (write_socket(csp->cfd, hdr, strlen(hdr))
+                   || write_socket(csp->cfd,
+                         ((p != NULL) ? p : csp->iob->cur), (size_t)csp->content_length))
+                  {
+                     log_error(LOG_LEVEL_ERROR, "write modified content to client failed: %E");
+                     freez(hdr);
+                     freez(p);
+                     mark_server_socket_tainted(csp);
+                     return;
+                  }
+
+                  freez(hdr);
+                  freez(p);
+               }
+
+               break; /* "game over, man" */
+            }
+
+            /*
+             * This is NOT the body, so
+             * Let's pretend the server just sent us a blank line.
+             */
+            snprintf(buf, sizeof(buf), "\r\n");
+            len = (int)strlen(buf);
+
+            /*
+             * Now, let the normal header parsing algorithm below do its
+             * job.  If it fails, we'll exit instead of continuing.
+             */
+
+            ms_iis5_hack = 1;
+         }
+
+         /*
+          * If this is an SSL connection or we're in the body
+          * of the server document, just write it to the client,
+          * unless we need to buffer the body for later content-filtering
+          */
+         if (server_body || http->ssl)
+         {
+            if (content_filter)
+            {
+               /*
+                * If there is no memory left for buffering the content, or the buffer limit
+                * has been reached, switch to non-filtering mode, i.e. make & write the
+                * header, flush the iob and buf, and get out of the way.
+                */
+               if (add_to_iob(csp, buf, len))
+               {
+                  size_t hdrlen;
+                  long flushed;
+
+                  log_error(LOG_LEVEL_INFO,
+                     "Flushing header and buffers. Stepping back from filtering.");
+
+                  hdr = list_to_text(csp->headers);
+                  if (hdr == NULL)
+                  {
+                     /* 
+                      * Memory is too tight to even generate the header.
+                      * Send our static "Out-of-memory" page.
+                      */
+                     log_error(LOG_LEVEL_ERROR, "Out of memory while trying to flush.");
+                     rsp = cgi_error_memory();
+                     send_crunch_response(csp, rsp);
+                     mark_server_socket_tainted(csp);
+                     return;
+                  }
+                  hdrlen = strlen(hdr);
+
+                  if (write_socket(csp->cfd, hdr, hdrlen)
+                   || ((flushed = flush_socket(csp->cfd, csp->iob)) < 0)
+                   || (write_socket(csp->cfd, buf, (size_t)len)))
+                  {
+                     log_error(LOG_LEVEL_CONNECT,
+                        "Flush header and buffers to client failed: %E");
+                     freez(hdr);
+                     mark_server_socket_tainted(csp);
+                     return;
+                  }
+
+                  /*
+                   * Reset the byte_count to the amount of bytes
+                   * we just flushed. len will be added a few lines below,
+                   * hdrlen doesn't matter for LOG_LEVEL_CLF.
+                   */
+                  byte_count = (unsigned long long)flushed;
+                  freez(hdr);
+                  content_filter = NULL;
+                  server_body = 1;
+               }
+            }
+            else
+            {
+               if (write_socket(csp->cfd, buf, (size_t)len))
+               {
+                  log_error(LOG_LEVEL_ERROR, "write to client failed: %E");
+                  mark_server_socket_tainted(csp);
+                  return;
+               }
+            }
+            byte_count += (unsigned long long)len;
+            continue;
+         }
+         else
+         {
+            const char *header_start;
+            /*
+             * We're still looking for the end of the server's header.
+             * Buffer up the data we just read.  If that fails, there's
+             * little we can do but send our static out-of-memory page.
+             */
+            if (add_to_iob(csp, buf, len))
+            {
+               log_error(LOG_LEVEL_ERROR, "Out of memory while looking for end of server headers.");
+               rsp = cgi_error_memory();
+               send_crunch_response(csp, rsp);               
+               mark_server_socket_tainted(csp);
+               return;
+            }
+
+            header_start = csp->iob->cur;
+
+            /* Convert iob into something sed() can digest */
+            if (JB_ERR_PARSE == get_server_headers(csp))
+            {
+               if (ms_iis5_hack)
+               {
+                  /*
+                   * Well, we tried our MS IIS/5 hack and it didn't work.
+                   * The header is incomplete and there isn't anything
+                   * we can do about it.
+                   */
+                  log_error(LOG_LEVEL_INFO,
+                     "MS IIS5 hack didn't produce valid headers.");
+                  break;
+               }
+               else
+               {
+                  /*
+                   * Since we have to wait for more from the server before
+                   * we can parse the headers we just continue here.
+                   */
+                  long header_offset = csp->iob->cur - header_start;
+                  assert(csp->iob->cur >= header_start);
+                  byte_count += (unsigned long long)(len - header_offset);
+                  log_error(LOG_LEVEL_CONNECT, "Continuing buffering headers. "
+                     "byte_count: %llu. header_offset: %d. len: %d.",
+                     byte_count, header_offset, len);
+                  continue;
+               }
+            }
+
+            /* Did we actually get anything? */
+            if (NULL == csp->headers->first)
+            {
+               log_error(LOG_LEVEL_ERROR, "Empty server or forwarder response.");
+               log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s\" 502 0", csp->ip_addr_str, http->cmd);
+               write_socket(csp->cfd, NO_SERVER_DATA_RESPONSE, strlen(NO_SERVER_DATA_RESPONSE));
+               free_http_request(http);
+               mark_server_socket_tainted(csp);
+               return;
+            }
+
+            assert(csp->headers->first->str);
+            assert(!http->ssl);
+            if (strncmpic(csp->headers->first->str, "HTTP", 4) &&
+                strncmpic(csp->headers->first->str, "ICY", 3))
+            {
+               /*
+                * It doesn't look like a HTTP (or Shoutcast) response:
+                * tell the client and log the problem.
+                */
+               if (strlen(csp->headers->first->str) > 30)
+               {
+                  csp->headers->first->str[30] = '\0';
+               }
+               log_error(LOG_LEVEL_ERROR,
+                  "Invalid server or forwarder response. Starts with: %s",
+                  csp->headers->first->str);
+               log_error(LOG_LEVEL_CLF,
+                  "%s - - [%T] \"%s\" 502 0", csp->ip_addr_str, http->cmd);
+               write_socket(csp->cfd, INVALID_SERVER_HEADERS_RESPONSE,
+                  strlen(INVALID_SERVER_HEADERS_RESPONSE));
+               free_http_request(http);
+               mark_server_socket_tainted(csp);
+               return;
+            }
+
+            /*
+             * We have now received the entire server header,
+             * filter it and send the result to the client
+             */
+            if (JB_ERR_OK != sed(csp, FILTER_SERVER_HEADERS))
+            {
+               log_error(LOG_LEVEL_FATAL, "Failed to parse server headers.");
+            }
+            hdr = list_to_text(csp->headers);
+            if (hdr == NULL)
+            {
+               /* FIXME Should handle error properly */
+               log_error(LOG_LEVEL_FATAL, "Out of memory parsing server header");
+            }
+
+            if (crunch_response_triggered(csp, crunchers_light))
+            {
+               /*
+                * One of the tags created by a server-header
+                * tagger triggered a crunch. We already
+                * delivered the crunch response to the client
+                * and are done here after cleaning up.
+                */
+                freez(hdr);
+                mark_server_socket_tainted(csp);
+                return;
+            }
+            /* Buffer and pcrs filter this if appropriate. */
+
+            if (!http->ssl) /* We talk plaintext */
+            {
+               content_filter = get_filter_function(csp);
+            }
+            /*
+             * Only write if we're not buffering for content modification
+             */
+            if (!content_filter)
+            {
+               /*
+                * Write the server's (modified) header to
+                * the client (along with anything else that
+                * may be in the buffer)
+                */
+
+               if (write_socket(csp->cfd, hdr, strlen(hdr))
+                || ((len = flush_socket(csp->cfd, csp->iob)) < 0))
+               {
+                  log_error(LOG_LEVEL_CONNECT, "write header to client failed: %E");
+
+                  /*
+                   * The write failed, so don't bother mentioning it
+                   * to the client... it probably can't hear us anyway.
+                   */
+                  freez(hdr);
+                  mark_server_socket_tainted(csp);
+                  return;
+               }
+
+               byte_count += (unsigned long long)len;
+            }
+            else
+            {
+               /*
+                * XXX: the header lenght should probably
+                * be calculated by get_server_headers().
+                */
+               long header_length = csp->iob->cur - header_start;
+               assert(csp->iob->cur > header_start);
+               byte_count += (unsigned long long)(len - header_length);
+            }
+
+            /* we're finished with the server's header */
+
+            freez(hdr);
+            server_body = 1;
+
+            /*
+             * If this was a MS IIS/5 hack then it means the server
+             * has already closed the connection. Nothing more to read.
+             * Time to bail.
+             */
+            if (ms_iis5_hack)
+            {
+               log_error(LOG_LEVEL_INFO,
+                  "Closed server connection detected with MS IIS5 hack enabled.");
+               break;
+            }
+         }
+         continue;
+      }
+      mark_server_socket_tainted(csp);
+      return; /* huh? we should never get here */
+   }
+
+   if (csp->content_length == 0)
+   {
+      /*
+       * If Privoxy didn't recalculate the Content-Lenght,
+       * byte_count is still correct.
+       */
+      csp->content_length = byte_count;
+   }
+
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+   if ((csp->flags & CSP_FLAG_CONTENT_LENGTH_SET)
+      && (csp->expected_content_length != byte_count))
+   {
+      log_error(LOG_LEVEL_CONNECT,
+         "Received %llu bytes while expecting %llu.",
+         byte_count, csp->expected_content_length);
+      mark_server_socket_tainted(csp);
+   }
+#endif
+
+   log_error(LOG_LEVEL_CLF, "%s - - [%T] \"%s\" 200 %llu",
+      csp->ip_addr_str, http->ocmd, csp->content_length);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  serve
+ *
+ * Description :  This is little more than chat.  We only "serve" to
+ *                to close any socket that chat may have opened.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+#ifdef AMIGA
+void serve(struct client_state *csp)
+#else /* ifndef AMIGA */
+static void serve(struct client_state *csp)
+#endif /* def AMIGA */
+{
+   chat(csp);
+   close_socket(csp->cfd);
+
+   if (csp->sfd != JB_INVALID_SOCKET)
+   {
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+      static int monitor_thread_running = 0;
+
+      if ((csp->config->feature_flags & RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE)
+       && (csp->flags & CSP_FLAG_SERVER_CONNECTION_KEEP_ALIVE))
+      {
+         remember_connection(csp->sfd, csp->http, forward_url(csp, csp->http));
+         privoxy_mutex_lock(&connection_reuse_mutex);
+         if (!monitor_thread_running)
+         {
+            monitor_thread_running = 1;
+            privoxy_mutex_unlock(&connection_reuse_mutex);
+            wait_for_alive_connections();
+            privoxy_mutex_lock(&connection_reuse_mutex);
+            monitor_thread_running = 0;
+         }
+         privoxy_mutex_unlock(&connection_reuse_mutex);
+      }
+      else
+      {
+         forget_connection(csp->sfd);
+         close_socket(csp->sfd);
+      }
+#else
+      close_socket(csp->sfd);
+#endif /* def FEATURE_CONNECTION_KEEP_ALIVE */
+   }
+
+   csp->flags &= ~CSP_FLAG_ACTIVE;
+
+}
+
+
+#ifdef __BEOS__
+/*********************************************************************
+ *
+ * Function    :  server_thread
+ *
+ * Description :  We only exist to call `serve' in a threaded environment.
+ *
+ * Parameters  :
+ *          1  :  data = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  Always 0.
+ *
+ *********************************************************************/
+static int32 server_thread(void *data)
+{
+   serve((struct client_state *) data);
+   return 0;
+
+}
+#endif
+
+
+#if !defined(_WIN32) || defined(_WIN_CONSOLE)
+/*********************************************************************
+ *
+ * Function    :  usage
+ *
+ * Description :  Print usage info & exit.
+ *
+ * Parameters  :  Pointer to argv[0] for identifying ourselves
+ *
+ * Returns     :  No. ,-)
+ *
+ *********************************************************************/
+static void usage(const char *myname)
+{
+   printf("Privoxy version " VERSION " (" HOME_PAGE_URL ")\n"
+          "Usage: %s "
+#if defined(unix)
+          "[--chroot] "
+#endif /* defined(unix) */
+          "[--help] "
+#if defined(unix)
+          "[--no-daemon] [--pidfile pidfile] [--pre-chroot-nslookup hostname] [--user user[.group]] "
+#endif /* defined(unix) */
+          "[--version] [configfile]\n"
+          "Aborting\n", myname);
+
+   exit(2);
+
+}
+#endif /* #if !defined(_WIN32) || defined(_WIN_CONSOLE) */
+
+
+#ifdef MUTEX_LOCKS_AVAILABLE
+/*********************************************************************
+ *
+ * Function    :  privoxy_mutex_lock
+ *
+ * Description :  Locks a mutex.
+ *
+ * Parameters  :
+ *          1  :  mutex = The mutex to lock.
+ *
+ * Returns     :  Void. May exit in case of errors.
+ *
+ *********************************************************************/
+void privoxy_mutex_lock(privoxy_mutex_t *mutex)
+{
+#ifdef FEATURE_PTHREAD
+   int err = pthread_mutex_lock(mutex);
+   if (err)
+   {
+      if (mutex != &log_mutex)
+      {
+         log_error(LOG_LEVEL_FATAL,
+            "Mutex locking failed: %s.\n", strerror(err));
+      }
+      exit(1);
+   }
+#else
+   EnterCriticalSection(mutex);
+#endif /* def FEATURE_PTHREAD */
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  privoxy_mutex_unlock
+ *
+ * Description :  Unlocks a mutex.
+ *
+ * Parameters  :
+ *          1  :  mutex = The mutex to unlock.
+ *
+ * Returns     :  Void. May exit in case of errors.
+ *
+ *********************************************************************/
+void privoxy_mutex_unlock(privoxy_mutex_t *mutex)
+{
+#ifdef FEATURE_PTHREAD
+   int err = pthread_mutex_unlock(mutex);
+   if (err)
+   {
+      if (mutex != &log_mutex)
+      {
+         log_error(LOG_LEVEL_FATAL,
+            "Mutex unlocking failed: %s.\n", strerror(err));
+      }
+      exit(1);
+   }
+#else
+   LeaveCriticalSection(mutex);
+#endif /* def FEATURE_PTHREAD */
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  privoxy_mutex_init
+ *
+ * Description :  Prepares a mutex.
+ *
+ * Parameters  :
+ *          1  :  mutex = The mutex to initialize.
+ *
+ * Returns     :  Void. May exit in case of errors.
+ *
+ *********************************************************************/
+static void privoxy_mutex_init(privoxy_mutex_t *mutex)
+{
+#ifdef FEATURE_PTHREAD
+   int err = pthread_mutex_init(mutex, 0);
+   if (err)
+   {
+      printf("Fatal error. Mutex initialization failed: %s.\n",
+         strerror(err));
+      exit(1);
+   }
+#else
+   InitializeCriticalSection(mutex);
+#endif /* def FEATURE_PTHREAD */
+}
+#endif /* def MUTEX_LOCKS_AVAILABLE */
+
+/*********************************************************************
+ *
+ * Function    :  initialize_mutexes
+ *
+ * Description :  Prepares mutexes if mutex support is available.
+ *
+ * Parameters  :  None
+ *
+ * Returns     :  Void, exits in case of errors.
+ *
+ *********************************************************************/
+static void initialize_mutexes(void)
+{
+#ifdef MUTEX_LOCKS_AVAILABLE
+   /*
+    * Prepare global mutex semaphores
+    */
+   privoxy_mutex_init(&log_mutex);
+   privoxy_mutex_init(&log_init_mutex);
+   privoxy_mutex_init(&connection_reuse_mutex);
+
+   /*
+    * XXX: The assumptions below are a bit naive
+    * and can cause locks that aren't necessary.
+    *
+    * For example older FreeBSD versions (< 6.x?)
+    * have no gethostbyname_r, but gethostbyname is
+    * thread safe.
+    */
+#if !defined(HAVE_GETHOSTBYADDR_R) || !defined(HAVE_GETHOSTBYNAME_R)
+   privoxy_mutex_init(&resolver_mutex);
+#endif /* !defined(HAVE_GETHOSTBYADDR_R) || !defined(HAVE_GETHOSTBYNAME_R) */
+   /*
+    * XXX: should we use a single mutex for
+    * localtime() and gmtime() as well?
+    */
+#ifndef HAVE_GMTIME_R
+   privoxy_mutex_init(&gmtime_mutex);
+#endif /* ndef HAVE_GMTIME_R */
+
+#ifndef HAVE_LOCALTIME_R
+   privoxy_mutex_init(&localtime_mutex);
+#endif /* ndef HAVE_GMTIME_R */
+
+#ifndef HAVE_RANDOM
+   privoxy_mutex_init(&rand_mutex);
+#endif /* ndef HAVE_RANDOM */
+#endif /* def MUTEX_LOCKS_AVAILABLE */
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  main
+ *
+ * Description :  Load the config file and start the listen loop.
+ *                This function is a lot more *sane* with the `load_config'
+ *                and `listen_loop' functions; although it stills does
+ *                a *little* too much for my taste.
+ *
+ * Parameters  :
+ *          1  :  argc = Number of parameters (including $0).
+ *          2  :  argv = Array of (char *)'s to the parameters.
+ *
+ * Returns     :  1 if : can't open config file, unrecognized directive,
+ *                stats requested in multi-thread mode, can't open the
+ *                log file, can't open the jar file, listen port is invalid,
+ *                any load fails, and can't bind port.
+ *
+ *                Else main never returns, the process must be signaled
+ *                to terminate execution.  Or, on Windows, use the
+ *                "File", "Exit" menu option.
+ *
+ *********************************************************************/
+#ifdef __MINGW32__
+int real_main(int argc, const char *argv[])
+#else
+int main(int argc, const char *argv[])
+#endif
+{
+   int argc_pos = 0;
+   unsigned int random_seed;
+#ifdef unix
+   struct passwd *pw = NULL;
+   struct group *grp = NULL;
+   char *p;
+   int do_chroot = 0;
+   char *pre_chroot_nslookup_to_load_resolver = NULL;
+#endif
+
+   Argc = argc;
+   Argv = argv;
+
+   configfile =
+#if !defined(_WIN32)
+   "config"
+#else
+   "config.txt"
+#endif
+      ;
+
+   /* Prepare mutexes if supported and necessary. */
+   initialize_mutexes();
+
+   /* Enable logging until further notice. */
+   init_log_module();
+
+   /*
+    * Parse the command line arguments
+    *
+    * XXX: simply printing usage information in case of
+    * invalid arguments isn't particularly user friendly.
+    */
+   while (++argc_pos < argc)
+   {
+#ifdef _WIN32
+      /* Check to see if the service must be installed or uninstalled */
+      if (strncmp(argv[argc_pos], "--install", 9) == 0)
+      {
+         const char *pName = argv[argc_pos] + 9;
+         if (*pName == ':')
+            pName++;
+         exit( (install_service(pName)) ? 0 : 1 );
+      }
+      else if (strncmp(argv[argc_pos], "--uninstall", + 11) == 0)
+      {
+         const char *pName = argv[argc_pos] + 11;
+         if (*pName == ':')
+            pName++;
+         exit((uninstall_service(pName)) ? 0 : 1);
+      }
+      else if (strcmp(argv[argc_pos], "--service" ) == 0)
+      {
+         bRunAsService = TRUE;
+         w32_set_service_cwd();
+         atexit(w32_service_exit_notify);
+      }
+      else
+#endif /* defined(_WIN32) */
+
+
+#if !defined(_WIN32) || defined(_WIN_CONSOLE)
+
+      if (strcmp(argv[argc_pos], "--help") == 0)
+      {
+         usage(argv[0]);
+      }
+
+      else if(strcmp(argv[argc_pos], "--version") == 0)
+      {
+         printf("Privoxy version " VERSION " (" HOME_PAGE_URL ")\n");
+         exit(0);
+      }
+
+#if defined(unix)
+
+      else if (strcmp(argv[argc_pos], "--no-daemon" ) == 0)
+      {
+         set_debug_level(LOG_LEVEL_FATAL | LOG_LEVEL_ERROR | LOG_LEVEL_INFO);
+         no_daemon = 1;
+      }
+
+      else if (strcmp(argv[argc_pos], "--pidfile" ) == 0)
+      {
+         if (++argc_pos == argc) usage(argv[0]);
+         pidfile = strdup(argv[argc_pos]);
+      }
+
+      else if (strcmp(argv[argc_pos], "--user" ) == 0)
+      {
+         if (++argc_pos == argc) usage(argv[argc_pos]);
+
+         if ((NULL != (p = strchr(argv[argc_pos], '.'))) && *(p + 1) != '0')
+         {
+            *p++ = '\0';
+            if (NULL == (grp = getgrnam(p)))
+            {
+               log_error(LOG_LEVEL_FATAL, "Group %s not found.", p);
+            }
+         }
+
+         if (NULL == (pw = getpwnam(argv[argc_pos])))
+         {
+            log_error(LOG_LEVEL_FATAL, "User %s not found.", argv[argc_pos]);
+         }
+
+         if (p != NULL) *--p = '\0';
+      }
+
+      else if (strcmp(argv[argc_pos], "--pre-chroot-nslookup" ) == 0)
+      {
+         if (++argc_pos == argc) usage(argv[0]);
+         pre_chroot_nslookup_to_load_resolver = strdup(argv[argc_pos]);
+      }
+
+      else if (strcmp(argv[argc_pos], "--chroot" ) == 0)
+      {
+         do_chroot = 1;
+      }
+#endif /* defined(unix) */
+
+      else if (argc_pos + 1 != argc)
+      {
+         /*
+          * This is neither the last command line
+          * option, nor was it recognized before,
+          * therefore it must be invalid.
+          */
+         usage(argv[0]);
+      }
+      else
+
+#endif /* defined(_WIN32) && !defined(_WIN_CONSOLE) */
+      {
+         configfile = argv[argc_pos];
+      }
+
+   } /* -END- while (more arguments) */
+
+   show_version(Argv[0]);
+
+#if defined(unix)
+   if ( *configfile != '/' )
+   {
+      char cwd[BUFFER_SIZE];
+      char *abs_file;
+      size_t abs_file_size; 
+
+      /* make config-filename absolute here */
+      if (NULL == getcwd(cwd, sizeof(cwd)))
+      {
+         perror("failed to get current working directory");
+         exit( 1 );
+      }
+
+      /* XXX: why + 5? */
+      abs_file_size = strlen(cwd) + strlen(configfile) + 5;
+      basedir = strdup(cwd);
+
+      if (NULL == basedir ||
+          NULL == (abs_file = malloc(abs_file_size)))
+      {
+         perror("malloc failed");
+         exit( 1 );
+      }
+      strlcpy(abs_file, basedir, abs_file_size);
+      strlcat(abs_file, "/", abs_file_size );
+      strlcat(abs_file, configfile, abs_file_size);
+      configfile = abs_file;
+   }
+#endif /* defined unix */
+
+
+   files->next = NULL;
+   clients->next = NULL;
+
+   /* XXX: factor out initialising after the next stable release. */
+#ifdef AMIGA
+   InitAmiga();
+#elif defined(_WIN32)
+   InitWin32();
+#endif
+
+   random_seed = (unsigned int)time(NULL);
+#ifdef HAVE_RANDOM
+   srandom(random_seed);
+#else
+   srand(random_seed);
+#endif /* ifdef HAVE_RANDOM */
+
+   /*
+    * Unix signal handling
+    *
+    * Catch the abort, interrupt and terminate signals for a graceful exit
+    * Catch the hangup signal so the errlog can be reopened.
+    * Ignore the broken pipe signals (FIXME: Why?)
+    */
+#if !defined(_WIN32) && !defined(__OS2__) && !defined(AMIGA)
+{
+   int idx;
+   const int catched_signals[] = { SIGTERM, SIGINT, SIGHUP, 0 };
+   const int ignored_signals[] = { SIGPIPE, 0 };
+
+   for (idx = 0; catched_signals[idx] != 0; idx++)
+   {
+#ifdef sun /* FIXME: Is it safe to check for HAVE_SIGSET instead? */ 
+      if (sigset(catched_signals[idx], sig_handler) == SIG_ERR)
+#else
+      if (signal(catched_signals[idx], sig_handler) == SIG_ERR)
+#endif /* ifdef sun */
+      {
+         log_error(LOG_LEVEL_FATAL, "Can't set signal-handler for signal %d: %E", catched_signals[idx]);
+      }
+   }
+
+   for (idx = 0; ignored_signals[idx] != 0; idx++)
+   {
+      if (signal(ignored_signals[idx], SIG_IGN) == SIG_ERR)
+      {
+         log_error(LOG_LEVEL_FATAL, "Can't set ignore-handler for signal %d: %E", ignored_signals[idx]);
+      }
+   }
+
+}
+#else /* ifdef _WIN32 */
+# ifdef _WIN_CONSOLE
+   /*
+    * We *are* in a windows console app.
+    * Print a verbose messages about FAQ's and such
+    */
+   printf("%s", win32_blurb);
+# endif /* def _WIN_CONSOLE */
+#endif /* def _WIN32 */
+
+
+   /* Initialize the CGI subsystem */
+   cgi_init_error_messages();
+
+   /*
+    * If runnig on unix and without the --nodaemon
+    * option, become a daemon. I.e. fork, detach
+    * from tty and get process group leadership
+    */
+#if defined(unix)
+{
+   pid_t pid = 0;
+#if 0
+   int   fd;
+#endif
+
+   if (!no_daemon)
+   {
+      pid  = fork();
+
+      if ( pid < 0 ) /* error */
+      {
+         perror("fork");
+         exit( 3 );
+      }
+      else if ( pid != 0 ) /* parent */
+      {
+         int status;
+         pid_t wpid;
+         /*
+          * must check for errors
+          * child died due to missing files aso
+          */
+         sleep( 1 );
+         wpid = waitpid( pid, &status, WNOHANG );
+         if ( wpid != 0 )
+         {
+            exit( 1 );
+         }
+         exit( 0 );
+      }
+      /* child */
+#if 1
+      /* Should be more portable, but not as well tested */
+      setsid();
+#else /* !1 */
+#ifdef __FreeBSD__
+      setpgrp(0,0);
+#else /* ndef __FreeBSD__ */
+      setpgrp();
+#endif /* ndef __FreeBSD__ */
+      fd = open("/dev/tty", O_RDONLY);
+      if ( fd )
+      {
+         /* no error check here */
+         ioctl( fd, TIOCNOTTY,0 );
+         close ( fd );
+      }
+#endif /* 1 */
+      /*
+       * stderr (fd 2) will be closed later on,
+       * when the config file has been parsed.
+       */
+
+      close( 0 );
+      close( 1 );
+      chdir("/");
+
+   } /* -END- if (!no_daemon) */
+
+   /*
+    * As soon as we have written the PID file, we can switch
+    * to the user and group ID indicated by the --user option
+    */
+   write_pid_file();
+
+   if (NULL != pw)
+   {
+      if (setgid((NULL != grp) ? grp->gr_gid : pw->pw_gid))
+      {
+         log_error(LOG_LEVEL_FATAL, "Cannot setgid(): Insufficient permissions.");
+      }
+      if (NULL != grp)
+      {
+         if (setgroups(1, &grp->gr_gid))
+         {
+            log_error(LOG_LEVEL_FATAL, "setgroups() failed: %E");
+         }
+      }
+      else if (initgroups(pw->pw_name, pw->pw_gid))
+      {
+         log_error(LOG_LEVEL_FATAL, "initgroups() failed: %E");
+      }
+      if (do_chroot)
+      {
+         if (!pw->pw_dir)
+         {
+            log_error(LOG_LEVEL_FATAL, "Home directory for %s undefined", pw->pw_name);
+         }
+         /* Read the time zone file from /etc before doing chroot. */
+         tzset();
+         if (NULL != pre_chroot_nslookup_to_load_resolver
+             && '\0' != pre_chroot_nslookup_to_load_resolver[0])
+         {
+            /* Initialize resolver library. */
+            (void) resolve_hostname_to_ip(pre_chroot_nslookup_to_load_resolver);
+         }
+         if (chroot(pw->pw_dir) < 0)
+         {
+            log_error(LOG_LEVEL_FATAL, "Cannot chroot to %s", pw->pw_dir);
+         }
+         if (chdir ("/"))
+         {
+            log_error(LOG_LEVEL_FATAL, "Cannot chdir /");
+         }
+      }
+      if (setuid(pw->pw_uid))
+      {
+         log_error(LOG_LEVEL_FATAL, "Cannot setuid(): Insufficient permissions.");
+      }
+      if (do_chroot)
+      {
+         char putenv_dummy[64];
+
+         strlcpy(putenv_dummy, "HOME=/", sizeof(putenv_dummy));
+         if (putenv(putenv_dummy) != 0)
+         {
+            log_error(LOG_LEVEL_FATAL, "Cannot putenv(): HOME");
+         }                
+
+         snprintf(putenv_dummy, sizeof(putenv_dummy), "USER=%s", pw->pw_name);
+         if (putenv(putenv_dummy) != 0)
+         {
+            log_error(LOG_LEVEL_FATAL, "Cannot putenv(): USER");
+         }
+      }
+   }
+   else if (do_chroot)
+   {
+      log_error(LOG_LEVEL_FATAL, "Cannot chroot without --user argument.");
+   }
+}
+#endif /* defined unix */
+
+#ifdef _WIN32
+   /* This will be FALSE unless the command line specified --service
+    */
+   if (bRunAsService)
+   {
+      /* Yup, so now we must attempt to establish a connection 
+       * with the service dispatcher. This will only work if this
+       * process was launched by the service control manager to
+       * actually run as a service. If this isn't the case, i've
+       * known it take around 30 seconds or so for the call to return.
+       */
+
+      /* The StartServiceCtrlDispatcher won't return until the service is stopping */
+      if (w32_start_service_ctrl_dispatcher(w32ServiceDispatchTable))
+      {
+         /* Service has run, and at this point is now being stopped, so just return */
+         return 0;
+      }
+
+#ifdef _WIN_CONSOLE
+      printf("Warning: Failed to connect to Service Control Dispatcher\nwhen starting as a service!\n");
+#endif
+      /* An error occurred. Usually it's because --service was wrongly specified
+       * and we were unable to connect to the Service Control Dispatcher because
+       * it wasn't expecting us and is therefore not listening.
+       *
+       * For now, just continue below to call the listen_loop function.
+       */
+   }
+#endif /* def _WIN32 */
+
+   listen_loop();
+
+   /* NOTREACHED */
+   return(-1);
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  bind_port_helper
+ *
+ * Description :  Bind the listen port.  Handles logging, and aborts
+ *                on failure.
+ *
+ * Parameters  :
+ *          1  :  config = Privoxy configuration.  Specifies port
+ *                         to bind to.
+ *
+ * Returns     :  Port that was opened.
+ *
+ *********************************************************************/
+static jb_socket bind_port_helper(struct configuration_spec * config)
+{
+   int result;
+   jb_socket bfd;
+
+   if (config->haddr == NULL)
+   {
+      log_error(LOG_LEVEL_INFO, "Listening on port %d on all IP addresses",
+                config->hport);
+   }
+   else
+   {
+      log_error(LOG_LEVEL_INFO, "Listening on port %d on IP address %s",
+                config->hport, config->haddr);
+   }
+
+   result = bind_port(config->haddr, config->hport, &bfd);
+
+   if (result < 0)
+   {
+      switch(result)
+      {
+         case -3 :
+            log_error(LOG_LEVEL_FATAL, "can't bind to %s:%d: "
+               "There may be another Privoxy or some other "
+               "proxy running on port %d",
+               (NULL != config->haddr) ? config->haddr : "INADDR_ANY",
+                      config->hport, config->hport);
+
+         case -2 :
+            log_error(LOG_LEVEL_FATAL, "can't bind to %s:%d: " 
+               "The hostname is not resolvable",
+               (NULL != config->haddr) ? config->haddr : "INADDR_ANY", config->hport);
+
+         default :
+            log_error(LOG_LEVEL_FATAL, "can't bind to %s:%d: because %E",
+               (NULL != config->haddr) ? config->haddr : "INADDR_ANY", config->hport);
+      }
+
+      /* shouldn't get here */
+      return JB_INVALID_SOCKET;
+   }
+
+   config->need_bind = 0;
+
+   return bfd;
+}
+
+
+#ifdef _WIN32
+/* Without this simple workaround we get this compiler warning from _beginthread
+ *     warning C4028: formal parameter 1 different from declaration
+ */
+void w32_service_listen_loop(void *p)
+{
+   listen_loop();
+}
+#endif /* def _WIN32 */
+
+
+/*********************************************************************
+ *
+ * Function    :  listen_loop
+ *
+ * Description :  bind the listen port and enter a "FOREVER" listening loop.
+ *
+ * Parameters  :  N/A
+ *
+ * Returns     :  Never.
+ *
+ *********************************************************************/
+static void listen_loop(void)
+{
+   struct client_state *csp = NULL;
+   jb_socket bfd;
+   struct configuration_spec * config;
+
+   config = load_config();
+
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+   /*
+    * XXX: Should be relocated once it no
+    * longer needs to emit log messages.
+    */
+   initialize_reusable_connections();
+#endif /* def FEATURE_CONNECTION_KEEP_ALIVE */
+
+   bfd = bind_port_helper(config);
+
+#ifdef FEATURE_GRACEFUL_TERMINATION
+   while (!g_terminate)
+#else
+   for (;;)
+#endif
+   {
+#if !defined(FEATURE_PTHREAD) && !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) && !defined(__OS2__)
+      while (waitpid(-1, NULL, WNOHANG) > 0)
+      {
+         /* zombie children */
+      }
+#endif /* !defined(FEATURE_PTHREAD) && !defined(_WIN32) && !defined(__BEOS__) && !defined(AMIGA) */
+
+      /*
+       * Free data that was used by died threads
+       */
+      sweep();
+
+#if defined(unix)
+      /*
+       * Re-open the errlog after HUP signal
+       */
+      if (received_hup_signal)
+      {
+         if (NULL != config->logfile)
+         {
+            init_error_log(Argv[0], config->logfile);
+         }
+         received_hup_signal = 0;
+      }
+#endif
+
+      if ( NULL == (csp = (struct client_state *) zalloc(sizeof(*csp))) )
+      {
+         log_error(LOG_LEVEL_FATAL, "malloc(%d) for csp failed: %E", sizeof(*csp));
+         continue;
+      }
+
+      csp->flags |= CSP_FLAG_ACTIVE;
+      csp->sfd    = JB_INVALID_SOCKET;
+
+      csp->config = config = load_config();
+
+      if ( config->need_bind )
+      {
+         /*
+          * Since we were listening to the "old port", we will not see
+          * a "listen" param change until the next IJB request.  So, at
+          * least 1 more request must be made for us to find the new
+          * setting.  I am simply closing the old socket and binding the
+          * new one.
+          *
+          * Which-ever is correct, we will serve 1 more page via the
+          * old settings.  This should probably be a "show-proxy-args"
+          * request.  This should not be a so common of an operation
+          * that this will hurt people's feelings.
+          */
+
+         close_socket(bfd);
+
+         bfd = bind_port_helper(config);
+      }
+
+      log_error(LOG_LEVEL_CONNECT, "Listening for new connections ... ");
+
+      if (!accept_connection(csp, bfd))
+      {
+         log_error(LOG_LEVEL_CONNECT, "accept failed: %E");
+
+#ifdef AMIGA
+         if(!childs)
+         {
+            exit(1);
+         }
+#endif
+         freez(csp);
+         continue;
+      }
+      else
+      {
+         log_error(LOG_LEVEL_CONNECT, "accepted connection from %s", csp->ip_addr_str);
+      }
+
+#ifdef FEATURE_TOGGLE
+      if (global_toggle_state)
+#endif /* def FEATURE_TOGGLE */
+      {
+         csp->flags |= CSP_FLAG_TOGGLED_ON;
+      }
+
+      if (run_loader(csp))
+      {
+         log_error(LOG_LEVEL_FATAL, "a loader failed - must exit");
+         /* Never get here - LOG_LEVEL_FATAL causes program exit */
+      }
+
+#ifdef FEATURE_ACL
+      if (block_acl(NULL,csp))
+      {
+         log_error(LOG_LEVEL_CONNECT, "Connection from %s dropped due to ACL", csp->ip_addr_str);
+         close_socket(csp->cfd);
+         freez(csp);
+         continue;
+      }
+#endif /* def FEATURE_ACL */
+
+      /* add it to the list of clients */
+      csp->next = clients->next;
+      clients->next = csp;
+
+      if (config->multi_threaded)
+      {
+         int child_id;
+
+/* this is a switch () statment in the C preprocessor - ugh */
+#undef SELECTED_ONE_OPTION
+
+/* Use Pthreads in preference to native code */
+#if defined(FEATURE_PTHREAD) && !defined(SELECTED_ONE_OPTION)
+#define SELECTED_ONE_OPTION
+         {
+            pthread_t the_thread;
+            pthread_attr_t attrs;
+
+            pthread_attr_init(&attrs);
+            pthread_attr_setdetachstate(&attrs, PTHREAD_CREATE_DETACHED);
+            errno = pthread_create(&the_thread, &attrs,
+               (void * (*)(void *))serve, csp);
+            child_id = errno ? -1 : 0;
+            pthread_attr_destroy(&attrs);
+         }
+#endif
+
+#if defined(_WIN32) && !defined(_CYGWIN) && !defined(SELECTED_ONE_OPTION)
+#define SELECTED_ONE_OPTION
+         child_id = _beginthread(
+            (void (*)(void *))serve,
+            64 * 1024,
+            csp);
+#endif
+
+#if defined(__OS2__) && !defined(SELECTED_ONE_OPTION)
+#define SELECTED_ONE_OPTION
+         child_id = _beginthread(
+            (void(* _Optlink)(void*))serve,
+            NULL,
+            64 * 1024,
+            csp);
+#endif
+
+#if defined(__BEOS__) && !defined(SELECTED_ONE_OPTION)
+#define SELECTED_ONE_OPTION
+         {
+            thread_id tid = spawn_thread
+               (server_thread, "server", B_NORMAL_PRIORITY, csp);
+
+            if ((tid >= 0) && (resume_thread(tid) == B_OK))
+            {
+               child_id = (int) tid;
+            }
+            else
+            {
+               child_id = -1;
+            }
+         }
+#endif
+
+#if defined(AMIGA) && !defined(SELECTED_ONE_OPTION)
+#define SELECTED_ONE_OPTION
+         csp->cfd = ReleaseSocket(csp->cfd, -1);
+         
+#ifdef __amigaos4__
+         child_id = (int)CreateNewProcTags(NP_Entry, (ULONG)server_thread,
+                                           NP_Output, Output(),
+                                           NP_CloseOutput, FALSE,
+                                           NP_Name, (ULONG)"privoxy child",
+                                           NP_Child, TRUE,
+                                           TAG_DONE);
+#else
+         child_id = (int)CreateNewProcTags(NP_Entry, (ULONG)server_thread,
+                                           NP_Output, Output(),
+                                           NP_CloseOutput, FALSE,
+                                           NP_Name, (ULONG)"privoxy child",
+                                           NP_StackSize, 200*1024,
+                                           TAG_DONE);
+#endif
+         if(0 != child_id)
+         {
+            childs++;
+            ((struct Task *)child_id)->tc_UserData = csp;
+            Signal((struct Task *)child_id, SIGF_SINGLE);
+            Wait(SIGF_SINGLE);
+         }
+#endif
+
+#if !defined(SELECTED_ONE_OPTION)
+         child_id = fork();
+
+         /* This block is only needed when using fork().
+          * When using threads, the server thread was
+          * created and run by the call to _beginthread().
+          */
+         if (child_id == 0)   /* child */
+         {
+            int rc = 0;
+#ifdef FEATURE_TOGGLE
+            int inherited_toggle_state = global_toggle_state;
+#endif /* def FEATURE_TOGGLE */
+
+            serve(csp);
+
+            /* 
+             * If we've been toggled or we've blocked the request, tell Mom
+             */
+
+#ifdef FEATURE_TOGGLE
+            if (inherited_toggle_state != global_toggle_state)
+            {
+               rc |= RC_FLAG_TOGGLED;
+            }
+#endif /* def FEATURE_TOGGLE */
+
+#ifdef FEATURE_STATISTICS  
+            if (csp->flags & CSP_FLAG_REJECTED)
+            {
+               rc |= RC_FLAG_BLOCKED;
+            }
+#endif /* ndef FEATURE_STATISTICS */
+
+            _exit(rc);
+         }
+         else if (child_id > 0) /* parent */
+         {
+            /* in a fork()'d environment, the parent's
+             * copy of the client socket and the CSP
+             * are not used.
+             */
+            int child_status;
+#if !defined(_WIN32) && !defined(__CYGWIN__)
+
+            wait( &child_status );
+
+            /* 
+             * Evaluate child's return code: If the child has
+             *  - been toggled, toggle ourselves
+             *  - blocked its request, bump up the stats counter
+             */
+
+#ifdef FEATURE_TOGGLE
+            if (WIFEXITED(child_status) && (WEXITSTATUS(child_status) & RC_FLAG_TOGGLED))
+            {
+               global_toggle_state = !global_toggle_state;
+            }
+#endif /* def FEATURE_TOGGLE */
+
+#ifdef FEATURE_STATISTICS
+            urls_read++;
+            if (WIFEXITED(child_status) && (WEXITSTATUS(child_status) & RC_FLAG_BLOCKED))
+            {
+               urls_rejected++;
+            }
+#endif /* def FEATURE_STATISTICS */ 
+
+#endif /* !defined(_WIN32) && defined(__CYGWIN__) */
+            close_socket(csp->cfd);
+            csp->flags &= ~CSP_FLAG_ACTIVE;
+         }
+#endif
+
+#undef SELECTED_ONE_OPTION
+/* end of cpp switch () */
+
+         if (child_id < 0) /* failed */
+         {
+            char buf[BUFFER_SIZE];
+
+            log_error(LOG_LEVEL_ERROR, "can't fork: %E");
+
+            snprintf(buf , sizeof(buf), "Privoxy: can't fork: errno = %d", errno);
+
+            write_socket(csp->cfd, buf, strlen(buf));
+            close_socket(csp->cfd);
+            csp->flags &= ~CSP_FLAG_ACTIVE;
+            sleep(5);
+            continue;
+         }
+      }
+      else
+      {
+         serve(csp);
+      }
+   }
+
+   /* NOTREACHED unless FEATURE_GRACEFUL_TERMINATION is defined */
+
+   /* Clean up.  Aim: free all memory (no leaks) */
+#ifdef FEATURE_GRACEFUL_TERMINATION
+
+   log_error(LOG_LEVEL_ERROR, "Graceful termination requested");
+
+   unload_current_config_file();
+   unload_current_actions_file();
+   unload_current_re_filterfile();
+#ifdef FEATURE_TRUST
+   unload_current_trust_file();
+#endif
+
+   if (config->multi_threaded)
+   {
+      int i = 60;
+      do
+      {
+         sleep(1);
+         sweep();
+      } while ((clients->next != NULL) && (--i > 0));
+
+      if (i <= 0)
+      {
+         log_error(LOG_LEVEL_ERROR, "Graceful termination failed - still some live clients after 1 minute wait.");
+      }
+   }
+   sweep();
+   sweep();
+
+#if defined(unix)
+   freez(basedir);
+#endif
+   freez(configfile);
+
+#if defined(_WIN32) && !defined(_WIN_CONSOLE)
+   /* Cleanup - remove taskbar icon etc. */
+   TermLogWindow();
+#endif
+
+   exit(0);
+#endif /* FEATURE_GRACEFUL_TERMINATION */
+
+}
+
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/jcc.c.rej b/external/privoxy/jcc.c.rej
new file mode 100644
index 0000000..7a1bbdc
--- /dev/null
+++ b/external/privoxy/jcc.c.rej
@@ -0,0 +1,20 @@
+***************
+*** 3110,3118 ****
+           }
+           continue;
+        }
+-       log_error(LOG_LEVEL_INFO,
+-          "Shouldn't get here but did.");
+-       return;
+     }
+  
+     if (csp->content_length == 0)
+--- 3120,3127 ----
+           }
+           continue;
+        }
++       mark_server_socket_tainted(csp);
++       return; /* huh? we should never get here */
+     }
+  
+     if (csp->content_length == 0)
diff --git a/external/privoxy/jcc.h b/external/privoxy/jcc.h
new file mode 100644
index 0000000..add854c
--- /dev/null
+++ b/external/privoxy/jcc.h
@@ -0,0 +1,261 @@
+#ifndef JCC_H_INCLUDED
+#define JCC_H_INCLUDED
+#define JCC_H_VERSION "$Id: jcc.h,v 1.25 2008/10/09 18:21:41 fabiankeil Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/jcc.h,v $
+ *
+ * Purpose     :  Main file.  Contains main() method, main loop, and 
+ *                the main connection-handling function.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2006 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: jcc.h,v $
+ *    Revision 1.25  2008/10/09 18:21:41  fabiankeil
+ *    Flush work-in-progress changes to keep outgoing connections
+ *    alive where possible. Incomplete and mostly #ifdef'd out.
+ *
+ *    Revision 1.24  2008/09/07 12:35:05  fabiankeil
+ *    Add mutex lock support for _WIN32.
+ *
+ *    Revision 1.23  2008/09/04 08:13:58  fabiankeil
+ *    Prepare for critical sections on Windows by adding a
+ *    layer of indirection before the pthread mutex functions.
+ *
+ *    Revision 1.22  2007/06/01 18:16:36  fabiankeil
+ *    Use the same mutex for gethostbyname() and gethostbyaddr() to prevent
+ *    deadlocks and crashes on OpenBSD and possibly other OS with neither
+ *    gethostbyname_r() nor gethostaddr_r(). Closes BR#1729174.
+ *    Thanks to Ralf Horstmann for report and solution.
+ *
+ *    Revision 1.21  2007/04/22 13:18:06  fabiankeil
+ *    Keep the HTTP snippets local.
+ *
+ *    Revision 1.20  2006/12/26 17:31:41  fabiankeil
+ *    Mutex protect rand() if POSIX threading
+ *    is used, warn the user if that's not possible
+ *    and stop using it on _WIN32 where it could
+ *    cause crashes.
+ *
+ *    Revision 1.19  2006/12/06 19:41:39  fabiankeil
+ *    Privoxy is now able to run as intercepting
+ *    proxy in combination with any packet filter
+ *    that does the port redirection. The destination
+ *    is extracted from the "Host:" header which
+ *    should be available for nearly all requests.
+ *
+ *    Moved HTTP snipplets into jcc.c.
+ *    Added error message for gopher proxy requests.
+ *
+ *    Revision 1.18  2006/11/13 19:05:51  fabiankeil
+ *    Make pthread mutex locking more generic. Instead of
+ *    checking for OSX and OpenBSD, check for FEATURE_PTHREAD
+ *    and use mutex locking unless there is an _r function
+ *    available. Better safe than sorry.
+ *
+ *    Fixes "./configure --disable-pthread" and should result
+ *    in less threading-related problems on pthread-using platforms,
+ *    but it still doesn't fix BR#1122404.
+ *
+ *    Revision 1.17  2006/11/06 19:58:23  fabiankeil
+ *    Move pthread.h inclusion from jcc.c to jcc.h.
+ *    Fixes build on x86-freebsd1 (FreeBSD 5.4-RELEASE).
+ *
+ *    Revision 1.16  2006/09/02 15:36:42  fabiankeil
+ *    Follow the OpenBSD port's lead and protect the resolve
+ *    functions on OpenBSD as well.
+ *
+ *    Revision 1.15  2006/09/02 10:24:30  fabiankeil
+ *    Include pthread.h for OpenBSD to make Privoxy build again.
+ *
+ *    Tested shortly on OpenBSD 3.9 without problems, but the OpenBSD
+ *    port has additional patches to use the mutexes OSX_DARWIN needs,
+ *    and it should be investigated if they are still required for
+ *    reliable operation.
+ *
+ *    Revision 1.14  2006/07/18 14:48:46  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.12.2.3  2006/01/21 16:16:08  david__schmidt
+ *    Thanks to  Edward Carrel for his patch to modernize OSX'spthreads support.  See bug #1409623.
+ *
+ *    Revision 1.12.2.2  2005/04/03 20:10:50  david__schmidt
+ *    Thanks to Jindrich Makovicka for a race condition fix for the log
+ *    file.  The race condition remains for non-pthread implementations.
+ *    Reference patch #1175720.
+ *
+ *    Revision 1.12.2.1  2003/03/07 03:41:05  david__schmidt
+ *    Wrapping all *_r functions (the non-_r versions of them) with mutex 
+ *    semaphores for OSX.  Hopefully this will take care of all of those pesky
+ *    crash reports.
+ *
+ *    Revision 1.12  2002/03/26 22:29:55  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.11  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.10  2002/03/16 23:54:06  jongfoster
+ *    Adding graceful termination feature, to help look for memory leaks.
+ *    If you enable this (which, by design, has to be done by hand
+ *    editing config.h) and then go to http://i.j.b/die, then the program
+ *    will exit cleanly after the *next* request.  It should free all the
+ *    memory that was used.
+ *
+ *    Revision 1.9  2002/03/07 03:52:44  oes
+ *    Set logging to tty for --no-daemon mode
+ *
+ *    Revision 1.8  2002/03/04 18:19:49  oes
+ *    Added extern const char *pidfile
+ *
+ *    Revision 1.7  2001/11/05 21:41:43  steudten
+ *    Add changes to be a real daemon just for unix os.
+ *    (change cwd to /, detach from controlling tty, set
+ *    process group and session leader to the own process.
+ *    Add DBG() Macro.
+ *    Add some fatal-error log message for failed malloc().
+ *    Add '-d' if compiled with 'configure --with-debug' to
+ *    enable debug output.
+ *
+ *    Revision 1.6  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.5  2001/07/29 19:32:00  jongfoster
+ *    Renaming _main() [mingw32 only] to real_main(), for ANSI compliance.
+ *
+ *    Revision 1.4  2001/07/29 18:58:15  jongfoster
+ *    Removing nested #includes, adding forward declarations for needed
+ *    structures, and changing the #define _FILENAME_H to FILENAME_H_INCLUDED.
+ *
+ *    Revision 1.3  2001/07/18 12:31:58  oes
+ *    moved #define freez from jcc.h to project.h
+ *
+ *    Revision 1.2  2001/05/31 21:24:47  jongfoster
+ *    Changed "permission" to "action" throughout.
+ *    Removed DEFAULT_USER_AGENT - it must now be specified manually.
+ *    Moved vanilla wafer check into chat(), since we must now
+ *    decide whether or not to add it based on the URL.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:56  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+struct client_state;
+struct file_list;
+
+/* Global variables */
+
+#ifdef FEATURE_STATISTICS
+extern int urls_read;
+extern int urls_rejected;
+#endif /*def FEATURE_STATISTICS*/
+
+extern struct client_state clients[1];
+extern struct file_list    files[1];
+
+#ifdef unix
+extern const char *pidfile;
+#endif
+extern int no_daemon;
+
+#ifdef FEATURE_GRACEFUL_TERMINATION
+extern int g_terminate;
+#endif
+
+#if defined(FEATURE_PTHREAD) || defined(_WIN32)
+#define MUTEX_LOCKS_AVAILABLE
+
+#ifdef FEATURE_PTHREAD
+#include <pthread.h>
+
+typedef pthread_mutex_t privoxy_mutex_t;
+
+#else
+
+typedef CRITICAL_SECTION privoxy_mutex_t;
+
+#endif
+
+extern void privoxy_mutex_lock(privoxy_mutex_t *mutex);
+extern void privoxy_mutex_unlock(privoxy_mutex_t *mutex);
+
+extern privoxy_mutex_t log_mutex;
+extern privoxy_mutex_t log_init_mutex;
+extern privoxy_mutex_t connection_reuse_mutex;
+
+#ifndef HAVE_GMTIME_R
+extern privoxy_mutex_t gmtime_mutex;
+#endif /* ndef HAVE_GMTIME_R */
+
+#ifndef HAVE_LOCALTIME_R
+extern privoxy_mutex_t localtime_mutex;
+#endif /* ndef HAVE_GMTIME_R */
+
+#if !defined(HAVE_GETHOSTBYADDR_R) || !defined(HAVE_GETHOSTBYNAME_R)
+extern privoxy_mutex_t resolver_mutex;
+#endif /* !defined(HAVE_GETHOSTBYADDR_R) || !defined(HAVE_GETHOSTBYNAME_R) */
+
+#ifndef HAVE_RANDOM
+extern privoxy_mutex_t rand_mutex;
+#endif /* ndef HAVE_RANDOM */
+
+#endif /* FEATURE_PTHREAD */
+
+/* Functions */
+
+#ifdef __MINGW32__
+int real_main(int argc, const char *argv[]);
+#else
+int main(int argc, const char *argv[]);
+#endif
+
+/* Revision control strings from this header and associated .c file */
+extern const char jcc_rcs[];
+extern const char jcc_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef JCC_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/list.c b/external/privoxy/list.c
new file mode 100644
index 0000000..c158129
--- /dev/null
+++ b/external/privoxy/list.c
@@ -0,0 +1,1229 @@
+const char list_rcs[] = "$Id: list.c,v 1.20 2007/05/14 16:56:07 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/list.c,v $
+ *
+ * Purpose     :  Declares functions to handle lists.
+ *                Functions declared include:
+ *                   `destroy_list', `enlist' and `list_to_text'
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2007 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: list.c,v $
+ *    Revision 1.20  2007/05/14 16:56:07  fabiankeil
+ *    - Stop using strcpy().
+ *    - enlist_unique_header() now behaves as advertised
+ *      and checks for existing headers with the same name
+ *      but ignores the values.
+ *
+ *    Revision 1.19  2007/04/17 18:14:06  fabiankeil
+ *    Add list_contains_item().
+ *
+ *    Revision 1.18  2006/12/28 19:21:23  fabiankeil
+ *    Fixed gcc43 warning and enabled list_is_valid()'s loop
+ *    detection again. It was ineffective since the removal of
+ *    the arbitrary list length limit two years ago.
+ *
+ *    Revision 1.17  2006/07/18 14:48:46  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.15.2.2  2004/05/25 02:04:23  david__schmidt
+ *    Removed the "arbitrary" 1000 filter limit in file.c.  See tracker #911950.
+ *
+ *    Revision 1.15.2.1  2002/11/28 18:14:54  oes
+ *    Added unmap function that removes all items with a given
+ *    name from a map.
+ *
+ *    Revision 1.15  2002/03/26 22:29:55  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.14  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.13  2002/03/07 03:46:17  oes
+ *    Fixed compiler warnings
+ *
+ *    Revision 1.12  2001/10/25 03:40:48  david__schmidt
+ *    Change in porting tactics: OS/2's EMX porting layer doesn't allow multiple
+ *    threads to call select() simultaneously.  So, it's time to do a real, live,
+ *    native OS/2 port.  See defines for __EMX__ (the porting layer) vs. __OS2__
+ *    (native). Both versions will work, but using __OS2__ offers multi-threading.
+ *
+ *    Revision 1.11  2001/10/23 21:21:03  jongfoster
+ *    New error handling - error codes are now jb_errs, not ints.
+ *    Changed the way map() handles out-of-memory, to dramatically
+ *    reduce the amount of error-checking clutter needed.
+ *
+ *    Revision 1.10  2001/09/16 17:30:24  jongfoster
+ *    Fixing a compiler warning.
+ *
+ *    Revision 1.9  2001/09/16 13:20:29  jongfoster
+ *    Rewrite of list library.  Now has seperate header and list_entry
+ *    structures.  Also added a large sprinking of assert()s to the list
+ *    code.
+ *
+ *    Revision 1.8  2001/08/07 14:00:20  oes
+ *    Fixed comment
+ *
+ *    Revision 1.7  2001/08/05 16:06:20  jongfoster
+ *    Modifiying "struct map" so that there are now separate header and
+ *    "map_entry" structures.  This means that functions which modify a
+ *    map no longer need to return a pointer to the modified map.
+ *    Also, it no longer reverses the order of the entries (which may be
+ *    important with some advanced template substitutions).
+ *
+ *    Revision 1.6  2001/07/31 14:44:51  oes
+ *    list_to_text() now appends empty line at end
+ *
+ *    Revision 1.5  2001/06/29 21:45:41  oes
+ *    Indentation, CRLF->LF, Tab-> Space
+ *
+ *    Revision 1.4  2001/06/29 13:30:22  oes
+ *    - Added Convenience function enlist_unique_header(),
+ *      which takes the Header name and value as separate
+ *      arguments and thus saves the pain of sprintf()ing
+ *      and determining the Header name length to enlist_unique
+ *    - Improved comments
+ *    - Removed logentry from cancelled commit
+ *
+ *    Revision 1.3  2001/06/03 19:12:24  oes
+ *    functions for new struct map, extended enlist_unique
+ *
+ *    Revision 1.2  2001/06/01 18:49:17  jongfoster
+ *    Replaced "list_share" with "list" - the tiny memory gain was not
+ *    worth the extra complexity.
+ *
+ *    Revision 1.1  2001/05/31 21:11:53  jongfoster
+ *    - Moved linked list support to new "list.c" file.
+ *      Structure definitions are still in project.h,
+ *      function prototypes are now in "list.h".
+ *    - Added support for "struct list_share", which is identical
+ *      to "struct list" except it saves memory by not duplicating
+ *      the strings.  Obviously, this only works if there is some
+ *      other way of managing the memory used by the strings.
+ *      (These list_share lists are used for lists which last
+ *      for only 1 request, and where all the list entries are
+ *      just coming directly from entries in the actionsfile.)
+ *      Note that you still need to destroy list_share lists
+ *      properly to free the nodes - it's only the strings
+ *      which are shared.
+ *
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+#ifndef _WIN32
+/* FIXME: The following headers are not needed for Win32.  Are they
+ * needed on other platforms?
+ */
+#include <stdio.h>
+#include <sys/types.h>
+#include <stdlib.h>
+#include <ctype.h>
+#endif
+#include <string.h>
+
+#if !defined(_WIN32) && !defined(__OS2__)
+#include <unistd.h>
+#endif
+
+#include <assert.h>
+
+#include "project.h"
+#include "list.h"
+#include "miscutil.h"
+
+const char list_h_rcs[] = LIST_H_VERSION;
+
+
+static int list_is_valid (const struct list *the_list);
+
+
+/*********************************************************************
+ *
+ * Function    :  init_list
+ *
+ * Description :  Create a new, empty list in user-allocated memory.
+ *                Caller should allocate a "struct list" variable,
+ *                then pass it to this function.
+ *                (Implementation note:  Rather than calling this
+ *                function, you can also just memset the memory to
+ *                zero, e.g. if you have a larger structure you
+ *                want to initialize quickly.  However, that isn't
+ *                really good design.)
+ *
+ * Parameters  :
+ *          1  :  the_list = pointer to list
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void init_list(struct list *the_list)
+{
+   memset(the_list, '\0', sizeof(*the_list));
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  destroy_list
+ *
+ * Description :  Destroy a string list (opposite of list_init).
+ *                On return, the memory used by the list entries has
+ *                been freed, but not the memory used by the_list
+ *                itself.  You should not re-use the_list without
+ *                calling list_init().
+ *
+ *                (Implementation note:  You *can* reuse the_list
+ *                without calling list_init(), but please don't.
+ *                If you want to remove all entries from a list
+ *                and still have a usable list, then use
+ *                list_remove_all().)
+ *
+ * Parameters  :
+ *          1  :  the_list = pointer to list
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void destroy_list (struct list *the_list)
+{
+   struct list_entry *cur_entry, *next_entry;
+
+   assert(the_list);
+
+   for (cur_entry = the_list->first; cur_entry ; cur_entry = next_entry)
+   {
+      next_entry = cur_entry->next;
+      freez(cur_entry->str);
+      free(cur_entry);
+   }
+
+   the_list->first = NULL;
+   the_list->last = NULL;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  list_is_valid
+ *
+ * Description :  Check that a string list is valid.  The intended
+ *                usage is "assert(list_is_valid(the_list))".
+ *                Currently this checks that "the_list->last"
+ *                is correct, and that the list dosn't contain
+ *                circular references.  It is likely to crash if
+ *                it's passed complete garbage.
+ *
+ * Parameters  :
+ *          1  :  the_list = pointer to list.  Must be non-null.
+ *
+ * Returns     :  1 if list is valid, 0 otherwise.
+ *
+ *********************************************************************/
+static int list_is_valid (const struct list *the_list)
+{
+   /*
+    * If you don't want this check, just change the line below
+    * from "#if 1" to "#if 0".
+    */
+#if 1
+   const struct list_entry *cur_entry;
+   const struct list_entry *last_entry = NULL;
+   int entry = 0;
+
+   assert(the_list);
+
+   for (cur_entry = the_list->first; cur_entry ; cur_entry = cur_entry->next)
+   {
+      last_entry = cur_entry;
+
+      if (cur_entry->str)
+      {
+         /*
+          * Just check that this string can be accessed - i.e. it's a valid
+          * pointer.
+          */
+         (void)strlen(cur_entry->str);
+      }
+
+      /*
+       * Check for looping back to first
+       */
+      if ((entry++ != 0) && (cur_entry == the_list->first))
+      {
+         return 0;
+      }
+
+      /*
+       * Arbitrarily limit list length to prevent infinite loops.
+       * Note that the 1000 limit was hit by a real user in tracker 911950;
+       * removing it for now.  Real circular references should eventually
+       * be caught by the check above, anyway.
+       */         
+      /*
+      if (entry > 1000)
+      {           
+         return 0;
+      }           
+      */          
+
+      /*
+       * Check this isn't marked as the last entry, unless of course it's
+       * *really* the last entry.
+       */
+      if ((the_list->last == cur_entry) && (cur_entry->next != NULL))
+      {
+         /* This is the last entry, but there's data after it !!?? */
+         return 0;
+      }
+   }
+
+   return (the_list->last == last_entry);
+#else
+   return 1;
+#endif
+}
+
+/*********************************************************************
+ *
+ * Function    :  enlist
+ *
+ * Description :  Append a string into a specified string list.
+ *
+ * Parameters  :
+ *          1  :  the_list = pointer to list
+ *          2  :  str = string to add to the list (maybe NULL)
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *                On error, the_list will be unchanged.
+ *
+ *********************************************************************/
+jb_err enlist(struct list *the_list, const char *str)
+{
+   struct list_entry *cur;
+
+   assert(the_list);
+   assert(list_is_valid(the_list));
+
+   if (NULL == (cur = (struct list_entry *)zalloc(sizeof(*cur))))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   if (str)
+   {
+      if (NULL == (cur->str = strdup(str)))
+      {
+         free(cur);
+         return JB_ERR_MEMORY;
+      }
+   }
+   /* else { cur->str = NULL; }  - implied by zalloc */
+
+   /* cur->next = NULL;  - implied by zalloc */
+
+   if (the_list->last)
+   {
+      the_list->last->next = cur;
+      the_list->last = cur;
+   }
+   else
+   {
+      the_list->first = cur;
+      the_list->last = cur;
+   }
+
+   assert(list_is_valid(the_list));
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  enlist_first
+ *
+ * Description :  Append a string as first element into a specified
+ *                string list.
+ *
+ * Parameters  :
+ *          1  :  the_list = pointer to list
+ *          2  :  str = string to add to the list (maybe NULL)
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *                On error, the_list will be unchanged.
+ *
+ *********************************************************************/
+jb_err enlist_first(struct list *the_list, const char *str)
+{
+   struct list_entry *cur;
+
+   assert(the_list);
+   assert(list_is_valid(the_list));
+
+   if (NULL == (cur = (struct list_entry *)zalloc(sizeof(*cur))))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   if (str)
+   {
+      if (NULL == (cur->str = strdup(str)))
+      {
+         free(cur);
+         return JB_ERR_MEMORY;
+      }
+   }
+   /* else { cur->str = NULL; }  - implied by zalloc */
+
+   cur->next = the_list->first;
+
+   the_list->first = cur;
+   if (the_list->last == NULL)
+   {
+      the_list->last = cur;
+   }
+
+   assert(list_is_valid(the_list));
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  enlist_unique
+ *
+ * Description :  Append a string into a specified string list,
+ *                if & only if it's not there already.
+ *                If the num_significant_chars argument is nonzero,
+ *                only compare up to the nth character.
+ *
+ * Parameters  :
+ *          1  :  the_list = pointer to list
+ *          2  :  str = string to add to the list
+ *          3  :  num_significant_chars = number of chars to use
+ *                for uniqueness test, or 0 to require an exact match.
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *                On error, the_list will be unchanged.
+ *                "Success" does not indicate whether or not the
+ *                item was already in the list.
+ *
+ *********************************************************************/
+jb_err enlist_unique(struct list *the_list, const char *str,
+                     size_t num_significant_chars)
+{
+   struct list_entry *cur_entry;
+
+   assert(the_list);
+   assert(list_is_valid(the_list));
+   assert(str);
+   assert(num_significant_chars >= 0);
+   assert(num_significant_chars <= strlen(str));
+
+   if (num_significant_chars > 0)
+   {
+      for (cur_entry = the_list->first; cur_entry != NULL; cur_entry = cur_entry->next)
+      {
+         if ( (cur_entry->str != NULL)
+           && (0 == strncmp(str, cur_entry->str, num_significant_chars)))
+         {
+            /* Already there */
+            return JB_ERR_OK;
+         }
+      }
+   }
+   else
+   {
+      /* Test whole string */
+      for (cur_entry = the_list->first; cur_entry != NULL; cur_entry = cur_entry->next)
+      {
+         if ( (cur_entry->str != NULL) && (0 == strcmp(str, cur_entry->str)))
+         {
+            /* Already there */
+            return JB_ERR_OK;
+         }
+      }
+   }
+
+   return enlist(the_list, str);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  enlist_unique_header
+ *
+ * Description :  Make a HTTP header from the two strings name and value,
+ *                and append the result into a specified string list,
+ *                if & only if there isn't already a header with that name.
+ *
+ * Parameters  :
+ *          1  :  the_list = pointer to list
+ *          2  :  name = HTTP header name (e.g. "Content-type")
+ *          3  :  value = HTTP header value (e.g. "text/html")
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *                On error, the_list will be unchanged.
+ *                "Success" does not indicate whether or not the
+ *                header was already in the list.
+ *
+ *********************************************************************/
+jb_err enlist_unique_header(struct list *the_list, const char *name,
+                            const char *value)
+{
+   jb_err result = JB_ERR_MEMORY;
+   char *header;
+   size_t header_size;
+
+   assert(the_list);
+   assert(list_is_valid(the_list));
+   assert(name);
+   assert(value);
+
+   /* + 2 for the ': ', + 1 for the \0 */
+   header_size = strlen(name) + 2 + strlen(value) + 1;
+   header = (char *)malloc(header_size);
+
+   if (NULL != header)
+   {
+      const size_t bytes_to_compare = strlen(name) + 2;
+
+      snprintf(header, header_size, "%s: %s", name, value);
+      result = enlist_unique(the_list, header, bytes_to_compare);
+      free(header);
+      assert(list_is_valid(the_list));
+   }
+
+   return result;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  list_remove_all
+ *
+ * Description :  Remove all entries from a list.  On return, the_list
+ *                is a valid, empty list.  Note that this is similar
+ *                to destroy_list(), but the difference is that this
+ *                function guarantees that the list structure is still
+ *                valid after the call.
+ *
+ * Parameters  :
+ *          1  :  the_list = pointer to list
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void list_remove_all(struct list *the_list)
+{
+   struct list_entry *cur_entry;
+   struct list_entry *next_entry;
+
+   assert(the_list);
+   assert(list_is_valid(the_list));
+
+   for (cur_entry = the_list->first; cur_entry ; cur_entry = next_entry)
+   {
+      next_entry = cur_entry->next;
+      freez(cur_entry->str);
+      free(cur_entry);
+   }
+
+   the_list->first = the_list->last = NULL;
+
+   assert(list_is_valid(the_list));
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  list_to_text
+ *
+ * Description :  "Flatten" a string list into 1 long \r\n delimited string,
+ *                adding an empty line at the end.  NULL entries are ignored.
+ *                This function does not change the_list.
+ *
+ *                XXX: Should probably be renamed as it's only
+ *                useful (and used) to flatten header lists.
+ *
+ * Parameters  :
+ *          1  :  the_list = pointer to list
+ *
+ * Returns     :  NULL on malloc error, else new long string.
+ *                Caller must free() it.
+ *
+ *********************************************************************/
+char *list_to_text(const struct list *the_list)
+{
+   struct list_entry *cur_entry;
+   char *text;
+   size_t text_length;
+   char *cursor;
+   size_t bytes_left;
+
+   assert(the_list);
+   assert(list_is_valid(the_list));
+
+   /*
+    * Calculate the lenght of the final text.
+    * '2' because of the '\r\n' at the end of
+    * each string and at the end of the text.
+    */
+   text_length = 2;
+   for (cur_entry = the_list->first; cur_entry; cur_entry = cur_entry->next)
+   {
+      if (cur_entry->str)
+      {
+         text_length += strlen(cur_entry->str) + 2;
+      }
+   }
+
+   bytes_left = text_length + 1;
+
+   text = (char *)malloc(bytes_left);
+   if (NULL == text)
+   {
+      return NULL;
+   }
+
+   cursor = text;
+
+   for (cur_entry = the_list->first; cur_entry; cur_entry = cur_entry->next)
+   {
+      if (cur_entry->str)
+      {
+         const int written = snprintf(cursor, bytes_left, "%s\r\n", cur_entry->str);
+
+         assert(written > 0);
+         assert(written < bytes_left);
+
+         bytes_left -= (size_t)written;
+         cursor += (size_t)written;
+      }
+   }
+
+   assert(bytes_left == 3);
+
+   *cursor++ = '\r';
+   *cursor++ = '\n';
+   *cursor   = '\0';
+
+   assert(text_length == cursor - text);
+   assert(text[text_length] == '\0');
+
+   return text;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  list_remove_item
+ *
+ * Description :  Remove a string from a specified string list.
+ *
+ * Parameters  :
+ *          1  :  the_list = pointer to list
+ *          2  :  str = string to remove from the list - non-NULL
+ *
+ * Returns     :  Number of times it was removed.
+ *
+ *********************************************************************/
+int list_remove_item(struct list *the_list, const char *str)
+{
+   struct list_entry *prev = NULL;
+   struct list_entry *cur;
+   struct list_entry *next;
+   int count = 0;
+
+   assert(the_list);
+   assert(list_is_valid(the_list));
+   assert(str);
+
+   cur = the_list->first;
+
+   while (cur != NULL)
+   {
+      next = cur->next;
+
+      if ((cur->str != NULL) && (0 == strcmp(str, cur->str)))
+      {
+         count++;
+
+         if (prev != NULL)
+         {
+            prev->next = next;
+         }
+         else
+         {
+            the_list->first = next;
+         }
+         free((char *)cur->str);
+         free(cur);
+      }
+      else
+      {
+         prev = cur;
+      }
+      cur = next;
+   }
+
+   the_list->last = prev;
+
+   assert(list_is_valid(the_list));
+
+   return count;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  list_remove_list
+ *
+ * Description :  Remove all strings in one list from another list.
+ *                This is currently a brute-force algorithm
+ *                (it compares every pair of strings).
+ *
+ * Parameters  :
+ *          1  :  dest = list to change
+ *          2  :  src = list of strings to remove
+ *
+ * Returns     :  Total number of strings removed.
+ *
+ *********************************************************************/
+int list_remove_list(struct list *dest, const struct list *src)
+{
+   struct list_entry *cur;
+   int count = 0;
+
+   assert(src);
+   assert(dest);
+   assert(list_is_valid(src));
+   assert(list_is_valid(dest));
+
+   for (cur = src->first; cur != NULL; cur = cur->next)
+   {
+      if (cur->str != NULL)
+      {
+         count += list_remove_item(dest, cur->str);
+      }
+   }
+
+   assert(list_is_valid(src));
+   assert(list_is_valid(dest));
+
+   return count;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  list_duplicate
+ *
+ * Description :  Copy a string list
+ *
+ * Parameters  :
+ *          1  :  dest = Destination list.  Must be a valid list.
+ *                       All existing entries will be removed.
+ *          1  :  src = pointer to source list for copy.
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *                On error, dest will be empty.
+ *
+ *********************************************************************/
+jb_err list_duplicate(struct list *dest, const struct list *src)
+{
+   struct list_entry * cur_src;
+   struct list_entry * cur_dest;
+
+   assert(src);
+   assert(dest);
+   assert(list_is_valid(src));
+   assert(list_is_valid(dest));
+
+   list_remove_all(dest);
+
+   /* Need to process first entry specially so we can set dest->first */
+   cur_src = src->first;
+   if (cur_src)
+   {
+      cur_dest = dest->first = (struct list_entry *)zalloc(sizeof(*cur_dest));
+      if (cur_dest == NULL)
+      {
+         destroy_list(dest);
+
+         assert(list_is_valid(src));
+         assert(list_is_valid(dest));
+
+         return JB_ERR_MEMORY;
+      }
+
+      if (cur_src->str)
+      {
+         cur_dest->str = strdup(cur_src->str);
+         if (cur_dest->str == NULL)
+         {
+            destroy_list(dest);
+
+            assert(list_is_valid(src));
+            assert(list_is_valid(dest));
+
+            return JB_ERR_MEMORY;
+         }
+      }
+      /* else { cur_dest->str = NULL; }  - implied by zalloc */
+
+      /* Now process the rest */
+      for (cur_src = cur_src->next; cur_src; cur_src = cur_src->next)
+      {
+         cur_dest = cur_dest->next = (struct list_entry *)zalloc(sizeof(*cur_dest));
+         if (cur_dest == NULL)
+         {
+            destroy_list(dest);
+
+            assert(list_is_valid(src));
+            assert(list_is_valid(dest));
+
+            return JB_ERR_MEMORY;
+         }
+         if (cur_src->str)
+         {
+            cur_dest->str = strdup(cur_src->str);
+            if (cur_dest->str == NULL)
+            {
+               destroy_list(dest);
+
+               assert(list_is_valid(src));
+               assert(list_is_valid(dest));
+
+               return JB_ERR_MEMORY;
+            }
+         }
+         /* else { cur_dest->str = NULL; }  - implied by zalloc */
+      }
+
+      dest->last = cur_dest;
+   }
+
+   assert(list_is_valid(src));
+   assert(list_is_valid(dest));
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  list_append_list_unique
+ *
+ * Description :  Append a string list to another list.
+ *                Duplicate items are not added.
+ *
+ * Parameters  :
+ *          1  :  dest = pointer to destination list for merge.
+ *          2  :  src = pointer to source for merge.
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *                On error, some (but not all) of src might have
+ *                been copied into dest.
+ *
+ *********************************************************************/
+jb_err list_append_list_unique(struct list *dest, const struct list *src)
+{
+   struct list_entry * cur;
+
+   assert(src);
+   assert(dest);
+   assert(list_is_valid(src));
+   assert(list_is_valid(dest));
+
+   for (cur = src->first; cur; cur = cur->next)
+   {
+      if (cur->str)
+      {
+         if (enlist_unique(dest, cur->str, 0))
+         {
+            assert(list_is_valid(src));
+            assert(list_is_valid(dest));
+
+            return JB_ERR_MEMORY;
+         }
+      }
+   }
+
+   assert(list_is_valid(src));
+   assert(list_is_valid(dest));
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  list_is_empty
+ *
+ * Description :  Test whether a list is empty.  Does not change the list.
+ *
+ * Parameters  :
+ *          1  :  the_list = pointer to list to test.
+ *
+ * Returns     :  Nonzero if the list contains no entries.
+ *
+ *********************************************************************/
+int list_is_empty(const struct list *the_list)
+{
+   assert(the_list);
+   assert(list_is_valid(the_list));
+
+   return (the_list->first == NULL);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  list_contains_item
+ *
+ * Description :  Tests whether a list item is already set.
+ *                Does not change the list.
+ *
+ * Parameters  :
+ *          1  :  the_list = list to search in
+ *          2  :  str = string to search for
+ *
+ * Returns     :  TRUE if the item was found,
+ *                FALSE otherwise.
+ *
+ *********************************************************************/
+int list_contains_item(const struct list *the_list, const char *str)
+{
+   struct list_entry *entry;
+
+   assert(the_list);
+   assert(list_is_valid(the_list));
+   assert(str);
+
+   for (entry = the_list->first; entry != NULL; entry = entry->next)
+   {
+      if (entry->str == NULL)
+      {
+         /*
+          * NULL pointers are allowed in some lists. 
+          * For example for csp->headers in case a
+          * header was removed.
+          */
+         continue;
+      }
+
+      if (0 == strcmp(str, entry->str))
+      {
+         /* Item found */
+         return TRUE;
+      }
+   }
+
+   return FALSE;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  new_map
+ *
+ * Description :  Create a new, empty map.
+ *
+ * Parameters  :  N/A
+ *
+ * Returns     :  A new, empty map, or NULL if out of memory.
+ *
+ *********************************************************************/
+struct map *new_map(void)
+{
+   return (struct map *) zalloc(sizeof(struct map));
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  free_map
+ *
+ * Description :  Free the memory occupied by a map and its
+ *                depandant strings
+ *
+ * Parameters  :
+ *          1  :  the_map = map to be freed.  May be NULL.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void free_map(struct map *the_map)
+{
+   struct map_entry *cur_entry;
+   struct map_entry *next_entry;
+
+   if (the_map == NULL)
+   {
+      return;
+   }
+
+   for (cur_entry = the_map->first; cur_entry != NULL; cur_entry = next_entry)
+   {
+      freez(cur_entry->name);
+      freez(cur_entry->value);
+
+      next_entry = cur_entry->next;
+      free(cur_entry);
+   }
+
+   the_map->first = the_map->last = NULL;
+
+   free(the_map);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  map
+ *
+ * Description :  Add a mapping from given name to given value to a
+ *                given map.
+ *
+ *                Note: Since all strings will be free()d in free_map()
+ *                      later, set the copy flags for constants or
+ *                      strings that will be independantly free()d.
+ *
+ *                Note2: This function allows NULL parameters - it
+ *                       returns JB_ERR_MEMORY in that case.
+ *
+ *                Note3: If this function returns JB_ERR_MEMORY,
+ *                       it will free(name) unless you specify
+ *                       name_needs_copying, and similarly it will
+ *                       free(value) unless you specify
+ *                       value_needs_copying.
+ *
+ *                Due to Note2 and Note3 above, the following code
+ *                is legal, and will never crash or leak memory even
+ *                if the system runs out of memory:
+ *
+ *                    err = map(mymap, "xyz", 1, html_encode(somestring), 0);
+ *
+ *                err will be set to JB_ERR_MEMORY if either call runs
+ *                out-of-memory.  Without these features, you would
+ *                need to check the return value of html_encode in the
+ *                above example for NULL, which (at least) doubles the
+ *                amount of error-checking code needed.
+ *
+ * Parameters  :
+ *          1  :  the_map = map to add to
+ *          2  :  name = name to add
+ *          3  :  name_needs_copying = flag set if a copy of name should be used
+ *          4  :  value = value to add
+ *          5  :  value_needs_copying = flag set if a copy of value should be used
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err map(struct map *the_map,
+           const char *name, int name_needs_copying,
+           const char *value, int value_needs_copying)
+{
+   struct map_entry *new_entry;
+
+   assert(the_map);
+
+   if ( (NULL == value)
+     || (NULL == name)
+     || (NULL == (new_entry = zalloc(sizeof(*new_entry)))) )
+   {
+      if ((name != NULL) && (!name_needs_copying))
+      {
+          free((char *)name);
+      }
+      if ((value != NULL) && (!value_needs_copying))
+      {
+          free((char *)value);
+      }
+      return JB_ERR_MEMORY;
+   }
+
+   if (name_needs_copying)
+   {
+      if (NULL == (name = strdup(name)))
+      {
+         free(new_entry);
+         if (!value_needs_copying)
+         {
+             free((char *)value);
+         }
+         return JB_ERR_MEMORY;
+      }
+   }
+
+   if (value_needs_copying)
+   {
+      if (NULL == (value = strdup(value)))
+      {
+         free((char *)name);
+         free(new_entry);
+         return JB_ERR_MEMORY;
+      }
+   }
+
+   new_entry->name = name;
+   new_entry->value = value;
+   /* new_entry->next = NULL;  - implied by zalloc */
+
+   if (the_map->last)
+   {
+      the_map->last->next = new_entry;
+      the_map->last = new_entry;
+   }
+   else
+   {
+      the_map->first = new_entry;
+      the_map->last = new_entry;
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  unmap
+ *
+ * Description :  Remove all map_entry structs with a given name from
+ *                a given map.
+ *
+ * Parameters  :
+ *          1  :  the_map = map to look in
+ *          2  :  name = name to unmap
+ *
+ * Returns     :  JB_ERR_OK
+ *
+ *********************************************************************/
+jb_err unmap(struct map *the_map, const char *name)
+{
+   struct map_entry *cur_entry, *last_entry;
+
+   assert(the_map);
+   assert(name);
+   
+   last_entry = the_map->first;
+
+   for (cur_entry = the_map->first; cur_entry != NULL; cur_entry = cur_entry->next)
+   {
+      if (!strcmp(name, cur_entry->name))
+      {
+         /*
+          * Update the incoming pointer
+          */
+         if (cur_entry == the_map->first)
+         {
+            the_map->first = cur_entry->next;
+         }
+         else
+         {
+            last_entry->next = cur_entry->next;
+         }
+
+         /*
+          * Update the map's last pointer 
+          */
+         if (cur_entry == the_map->last)
+         {
+            the_map->last = last_entry;
+         }
+         
+         /*
+          * Free the map_entry
+          */
+         freez(cur_entry->name);
+         freez(cur_entry->value);
+         freez(cur_entry);
+
+         cur_entry = last_entry;
+      }
+      else
+      {
+         last_entry = cur_entry;
+      }
+   }
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  lookup
+ *
+ * Description :  Look up an item with a given name in a map, and
+ *                return its value
+ *
+ * Parameters  :
+ *          1  :  the_map = map to look in
+ *          2  :  name = name parameter to look for
+ *
+ * Returns     :  the value if found, else the empty string.
+ *                Return value is alloced as part of the map, so
+ *                it is freed when the map is destroyed.  Caller
+ *                must not free or modify it.
+ *
+ *********************************************************************/
+const char *lookup(const struct map *the_map, const char *name)
+{
+   const struct map_entry *cur_entry;
+
+   assert(the_map);
+   assert(name);
+
+   for (cur_entry = the_map->first; cur_entry != NULL; cur_entry = cur_entry->next)
+   {
+      if (!strcmp(name, cur_entry->name))
+      {
+         return cur_entry->value;
+      }
+   }
+   return "";
+}
+
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/list.h b/external/privoxy/list.h
new file mode 100644
index 0000000..b116237
--- /dev/null
+++ b/external/privoxy/list.h
@@ -0,0 +1,181 @@
+#ifndef LIST_H_INCLUDED
+#define LIST_H_INCLUDED
+#define LIST_H_VERSION "$Id: list.h,v 1.15 2007/04/17 18:14:06 fabiankeil Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/list.h,v $
+ *
+ * Purpose     :  Declares functions to handle lists.
+ *                Functions declared include:
+ *                   `destroy_list', `enlist' and `list_to_text'
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2007 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: list.h,v $
+ *    Revision 1.15  2007/04/17 18:14:06  fabiankeil
+ *    Add list_contains_item().
+ *
+ *    Revision 1.14  2006/07/18 14:48:46  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.12.2.1  2002/11/28 18:14:54  oes
+ *    Added unmap function that removes all items with a given
+ *    name from a map.
+ *
+ *    Revision 1.12  2002/03/26 22:29:55  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.11  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.10  2002/03/07 03:46:17  oes
+ *    Fixed compiler warnings
+ *
+ *    Revision 1.9  2001/10/23 21:21:03  jongfoster
+ *    New error handling - error codes are now jb_errs, not ints.
+ *    Changed the way map() handles out-of-memory, to dramatically
+ *    reduce the amount of error-checking clutter needed.
+ *
+ *    Revision 1.8  2001/09/16 17:30:24  jongfoster
+ *    Fixing a compiler warning.
+ *
+ *    Revision 1.7  2001/09/16 13:20:29  jongfoster
+ *    Rewrite of list library.  Now has seperate header and list_entry
+ *    structures.  Also added a large sprinking of assert()s to the list
+ *    code.
+ *
+ *    Revision 1.6  2001/08/05 16:06:20  jongfoster
+ *    Modifiying "struct map" so that there are now separate header and
+ *    "map_entry" structures.  This means that functions which modify a
+ *    map no longer need to return a pointer to the modified map.
+ *    Also, it no longer reverses the order of the entries (which may be
+ *    important with some advanced template substitutions).
+ *
+ *    Revision 1.5  2001/07/29 18:43:08  jongfoster
+ *    Changing #ifdef _FILENAME_H to FILENAME_H_INCLUDED, to conform to
+ *    ANSI C rules.
+ *
+ *    Revision 1.4  2001/06/29 13:30:37  oes
+ *    - Introduced enlist_unique_header()
+ *    - Removed logentry from cancelled commit
+ *
+ *    Revision 1.3  2001/06/03 11:03:48  oes
+ *    introduced functions for new list type "map": map(), lookup(),
+ *    free_map(), and extended enlist_unique
+ *
+ *    Revision 1.2  2001/06/01 18:49:17  jongfoster
+ *    Replaced "list_share" with "list" - the tiny memory gain was not
+ *    worth the extra complexity.
+ *
+ *    Revision 1.1  2001/05/31 21:11:53  jongfoster
+ *    - Moved linked list support to new "list.c" file.
+ *      Structure definitions are still in project.h,
+ *      function prototypes are now in "list.h".
+ *    - Added support for "struct list_share", which is identical
+ *      to "struct list" except it saves memory by not duplicating
+ *      the strings.  Obviously, this only works if there is some
+ *      other way of managing the memory used by the strings.
+ *      (These list_share lists are used for lists which last
+ *      for only 1 request, and where all the list entries are
+ *      just coming directly from entries in the actionsfile.)
+ *      Note that you still need to destroy list_share lists
+ *      properly to free the nodes - it's only the strings
+ *      which are shared.
+ *
+ *
+ *********************************************************************/
+
+
+#include "project.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+/*
+ * struct list
+ *
+ * A linked list class.
+ */
+
+extern void init_list    (struct list *the_list);
+extern void destroy_list (struct list *the_list);
+
+extern jb_err enlist                 (struct list *the_list, const char *str);
+extern jb_err enlist_unique          (struct list *the_list, const char *str, size_t num_significant_chars);
+extern jb_err enlist_unique_header   (struct list *the_list, const char *name, const char *value);
+extern jb_err enlist_first           (struct list *the_list, const char *str);
+extern jb_err list_append_list_unique(struct list *dest,     const struct list *src);
+extern jb_err list_duplicate         (struct list *dest,     const struct list *src);
+
+extern int    list_remove_item(struct list *the_list, const char *str);
+extern int    list_remove_list(struct list *dest,     const struct list *src);
+extern void   list_remove_all (struct list *the_list);
+
+extern int    list_is_empty(const struct list *the_list);
+
+extern char * list_to_text(const struct list *the_list);
+
+extern int    list_contains_item(const struct list *the_list, const char *str);
+
+/*
+ * struct map
+ *
+ * A class which maps names to values.
+ *
+ * Note: You must allocate this through new_map() and free it
+ * through free_map().
+ */
+
+extern struct map * new_map  (void);
+extern void         free_map (struct map * the_map);
+
+extern jb_err       map      (struct map * the_map,
+                              const char * name, int name_needs_copying,
+                              const char * value, int value_needs_copying);
+extern jb_err       unmap    (struct map *the_map,
+                              const char *name);
+extern const char * lookup   (const struct map * the_map, const char * name);
+
+
+/* Revision control strings from this header and associated .c file */
+extern const char list_rcs[];
+extern const char list_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef LIST_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/loadcfg.c b/external/privoxy/loadcfg.c
new file mode 100644
index 0000000..c2e3bd1
--- /dev/null
+++ b/external/privoxy/loadcfg.c
@@ -0,0 +1,2041 @@
+const char loadcfg_rcs[] = "$Id: loadcfg.c,v 1.93 2009/03/18 21:46:26 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/loadcfg.c,v $
+ *
+ * Purpose     :  Loads settings from the configuration file into
+ *                global variables.  This file contains both the
+ *                routine to load the configuration and the global
+ *                variables it writes to.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2009 the
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: loadcfg.c,v $
+ *    Revision 1.93  2009/03/18 21:46:26  fabiankeil
+ *    Revert the last commit as there's a better way.
+ *
+ *    Revision 1.92  2009/03/18 20:43:19  fabiankeil
+ *    Don't enable LOG_LEVEL_INFO by default and don't apply the user's
+ *    debug settings until the logfile has been opened (if there is one).
+ *    Patch submitted by Roland in #2624120.
+ *
+ *    Revision 1.91  2009/03/09 17:29:08  fabiankeil
+ *    As of r1.88, the show-status page can use a single line for
+ *    warnings about ignored directives and the names of the ignored
+ *    directives themselves. Reminded by Lee, finally closes #1856559.
+ *
+ *    Revision 1.90  2009/03/07 17:58:02  fabiankeil
+ *    Fix two mingw32-only buffer overflows. Note that triggering
+ *    them requires control over the configuration file in which
+ *    case all bets are off anyway.
+ *
+ *    Revision 1.89  2009/03/01 18:46:33  fabiankeil
+ *    - Help clang understand that we aren't
+ *      dereferencing NULL pointers here.
+ *    - Some style fixes in the modified region.
+ *
+ *    Revision 1.88  2009/02/28 10:57:10  fabiankeil
+ *    Gimme a break or two. Don't let the show-status page
+ *    link to the website documentation for the user-manual
+ *    directive itself.
+ *
+ *    Revision 1.87  2009/02/15 07:56:13  fabiankeil
+ *    Increase default socket timeout to 300 seconds.
+ *
+ *    Revision 1.86  2009/02/08 19:18:57  fabiankeil
+ *    Now that we have the match-all.action file, the other action
+ *    files changed their position in config->actions_file[] back
+ *    to the way it was before standard.action got removed and the
+ *    changes from revision 1.84 have to be reverted.
+ *
+ *    Revision 1.85  2009/01/22 12:06:26  fabiankeil
+ *    Don't keep connections alive when running single-threaded.
+ *
+ *    Revision 1.84  2009/01/14 16:14:36  fabiankeil
+ *    Due to the standard.action file removal, the other action
+ *    files changed their position in config->actions_file[].
+ *    Update mingw32 kludge accordingly.
+ *
+ *    Revision 1.83  2008/12/20 14:53:55  fabiankeil
+ *    Add config option socket-timeout to control the time
+ *    Privoxy waits for data to arrive on a socket. Useful
+ *    in case of stale ssh tunnels or when fuzz-testing.
+ *
+ *    Revision 1.82  2008/11/16 12:43:49  fabiankeil
+ *    Turn keep-alive support into a runtime feature
+ *    that is disabled by setting keep-alive-timeout
+ *    to a negative value.
+ *
+ *    Revision 1.81  2008/11/13 09:08:42  fabiankeil
+ *    Add new config option: keep-alive-timeout.
+ *
+ *    Revision 1.80  2008/08/31 15:59:03  fabiankeil
+ *    There's no reason to let remote toggling support depend
+ *    on FEATURE_CGI_EDIT_ACTIONS, so make sure it doesn't.
+ *
+ *    Revision 1.79  2008/08/30 12:03:07  fabiankeil
+ *    Remove FEATURE_COOKIE_JAR.
+ *
+ *    Revision 1.78  2008/08/02 08:23:22  fabiankeil
+ *    If the enforce-blocks directive is used with FEATURE_FORCE_LOAD
+ *    disabled, log a message that blocks will always be enforced
+ *    instead of complaining about an unrecognized directive.
+ *    Reported by Pietro Leone.
+ *
+ *    Revision 1.77  2008/05/26 16:13:22  fabiankeil
+ *    Reuse directive_hash and don't hash the same directive twice.
+ *
+ *    Revision 1.76  2008/05/10 09:03:16  fabiankeil
+ *    - Merge three string_append() calls.
+ *    - Remove useless assertion.
+ *
+ *    Revision 1.75  2008/03/30 14:52:05  fabiankeil
+ *    Rename load_actions_file() and load_re_filterfile()
+ *    as they load multiple files "now".
+ *
+ *    Revision 1.74  2008/03/26 18:07:07  fabiankeil
+ *    Add hostname directive. Closes PR#1918189.
+ *
+ *    Revision 1.73  2008/02/16 16:54:51  fabiankeil
+ *    Fix typo.
+ *
+ *    Revision 1.72  2008/02/03 13:46:15  fabiankeil
+ *    Add SOCKS5 support. Patch #1862863 by Eric M. Hopper with minor changes.
+ *
+ *    Revision 1.71  2007/12/23 15:24:56  fabiankeil
+ *    Reword "unrecognized directive" warning, use better
+ *    mark up and add a <br>. Fixes parts of #1856559.
+ *
+ *    Revision 1.70  2007/12/15 14:24:05  fabiankeil
+ *    Plug memory leak if listen-address only specifies the port.
+ *
+ *    Revision 1.69  2007/10/27 13:02:27  fabiankeil
+ *    Relocate daemon-mode-related log messages to make sure
+ *    they aren't shown again in case of configuration reloads.
+ *
+ *    Revision 1.68  2007/10/19 16:32:34  fabiankeil
+ *    Plug memory leak introduced with my last commit.
+ *
+ *    Revision 1.67  2007/10/14 14:12:41  fabiankeil
+ *    When in daemon mode, close stderr after the configuration file has been
+ *    parsed the first time. If logfile isn't set, stop logging. Fixes BR#897436.
+ *
+ *    Revision 1.66  2007/08/05 14:02:09  fabiankeil
+ *    #1763173 from Stefan Huehner: declare unload_configfile() static.
+ *
+ *    Revision 1.65  2007/07/21 11:51:36  fabiankeil
+ *    As Hal noticed, checking dispatch_cgi() as the last cruncher
+ *    looks like a bug if CGI requests are blocked unintentionally,
+ *    so don't do it unless the user enabled the new config option
+ *    "allow-cgi-request-crunching".
+ *
+ *    Revision 1.64  2007/05/21 10:44:08  fabiankeil
+ *    - Use strlcpy() instead of strcpy().
+ *    - Stop treating actions files special. Expect a complete file name
+ *      (with or without path) like it's done for the rest of the files.
+ *      Closes FR#588084.
+ *    - Remove an unnecessary temporary memory allocation.
+ *    - Don't log anything to the console when running as
+ *      daemon and no errors occurred.
+ *
+ *    Revision 1.63  2007/04/09 18:11:36  fabiankeil
+ *    Don't mistake VC++'s _snprintf() for a snprintf() replacement.
+ *
+ *    Revision 1.62  2007/03/17 15:20:05  fabiankeil
+ *    New config option: enforce-blocks.
+ *
+ *    Revision 1.61  2007/03/16 16:47:35  fabiankeil
+ *    - Mention other reasons why acl directive loading might have failed.
+ *    - Don't log the acl source if the acl destination is to blame.
+ *
+ *    Revision 1.60  2007/01/27 13:09:16  fabiankeil
+ *    Add new config option "templdir" to
+ *    change the templates directory.
+ *
+ *    Revision 1.59  2006/12/31 17:56:38  fabiankeil
+ *    Added config option accept-intercepted-requests
+ *    and disabled it by default.
+ *
+ *    Revision 1.58  2006/12/31 14:24:29  fabiankeil
+ *    Fix gcc43 compiler warnings.
+ *
+ *    Revision 1.57  2006/12/21 12:57:48  fabiankeil
+ *    Add config option "split-large-forms"
+ *    to work around the browser bug reported
+ *    in BR #1570678.
+ *
+ *    Revision 1.56  2006/12/17 17:04:51  fabiankeil
+ *    Move the <br> in the generated HTML for the config
+ *    options from the beginning of the string to its end.
+ *    Keeps the white space in balance.
+ *
+ *    Revision 1.55  2006/11/28 15:31:52  fabiankeil
+ *    Fix memory leak in case of config file reloads.
+ *
+ *    Revision 1.54  2006/10/21 16:04:22  fabiankeil
+ *    Modified kludge for win32 to make ming32 menu
+ *    "Options/Edit Filters" (sort of) work again.
+ *    Same limitations as for the action files apply.
+ *    Fixes BR 1567373.
+ *
+ *    Revision 1.53  2006/09/06 18:45:03  fabiankeil
+ *    Incorporate modified version of Roland Rosenfeld's patch to
+ *    optionally access the user-manual via Privoxy. Closes patch 679075.
+ *
+ *    Formatting changed to Privoxy style, added call to
+ *    cgi_error_no_template if the requested file doesn't
+ *    exist and modified check whether or not Privoxy itself
+ *    should serve the manual. Should work cross-platform now.
+ *
+ *    Revision 1.52  2006/09/06 10:43:32  fabiankeil
+ *    Added config option enable-remote-http-toggle
+ *    to specify if Privoxy should recognize special
+ *    headers (currently only X-Filter) to change its
+ *    behaviour. Disabled by default.
+ *
+ *    Revision 1.51  2006/09/06 09:23:37  fabiankeil
+ *    Make number of retries in case of forwarded-connect problems
+ *    a config file option (forwarded-connect-retries) and use 0 as
+ *    default.
+ *
+ *    Revision 1.50  2006/07/18 14:48:46  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.48.2.7  2006/02/02 17:29:16  david__schmidt
+ *    Don't forget to malloc space for the null terminator...
+ *
+ *    Revision 1.48.2.6  2006/01/29 23:10:56  david__schmidt
+ *    Multiple filter file support
+ *
+ *    Revision 1.48.2.5  2003/05/08 15:17:25  oes
+ *    Closed two memory leaks; hopefully the last remaining ones
+ *    (in the main execution paths, anyway).
+ *
+ *    Revision 1.48.2.4  2003/04/11 12:06:14  oes
+ *    Addressed bug #719435
+ *     - Extraneous filterfile directives now logged as errors
+ *     - This and unrecnonised directives now really obvious on status page
+ *
+ *    Revision 1.48.2.3  2003/03/11 11:53:59  oes
+ *    Cosmetic: Renamed cryptic variable
+ *
+ *    Revision 1.48.2.2  2002/11/12 16:28:20  oes
+ *    Move unrelated variable declaration out of #ifdef FEATURE_ACL; fixes bug #636655
+ *
+ *    Revision 1.48.2.1  2002/08/21 17:58:05  oes
+ *    Temp kludge to let user and default action file be edited through win32 GUI (FR 592080)
+ *
+ *    Revision 1.48  2002/05/14 21:30:38  oes
+ *    savearg now uses own linking code instead of (now special-cased) add_help_link
+ *
+ *    Revision 1.47  2002/05/12 21:36:29  jongfoster
+ *    Correcting function comments
+ *
+ *    Revision 1.46  2002/04/26 12:55:14  oes
+ *     - New option "user-manual", defaults to our site
+ *       via project.h #define
+ *     - savearg now embeds option names in help links
+ *
+ *    Revision 1.45  2002/04/24 02:11:54  oes
+ *    Jon's multiple AF patch: Allow up to MAX_AF_FILES actionsfile options
+ *
+ *    Revision 1.44  2002/04/08 20:37:13  swa
+ *    fixed JB spelling
+ *
+ *    Revision 1.43  2002/04/08 20:36:50  swa
+ *    fixed JB spelling
+ *
+ *    Revision 1.42  2002/04/05 15:50:15  oes
+ *    fix for invalid HTML proxy_args
+ *
+ *    Revision 1.41  2002/03/31 17:19:00  jongfoster
+ *    Win32 only: Enabling STRICT to fix a VC++ compile warning.
+ *
+ *    Revision 1.40  2002/03/26 22:29:55  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.39  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.38  2002/03/24 13:05:48  jongfoster
+ *    Renaming re_filterfile to filterfile
+ *
+ *    Revision 1.37  2002/03/16 23:54:06  jongfoster
+ *    Adding graceful termination feature, to help look for memory leaks.
+ *    If you enable this (which, by design, has to be done by hand
+ *    editing config.h) and then go to http://i.j.b/die, then the program
+ *    will exit cleanly after the *next* request.  It should free all the
+ *    memory that was used.
+ *
+ *    Revision 1.36  2002/03/13 00:27:05  jongfoster
+ *    Killing warnings
+ *
+ *    Revision 1.35  2002/03/07 03:52:44  oes
+ *    Set logging to tty for --no-daemon mode
+ *
+ *    Revision 1.34  2002/03/06 23:14:35  jongfoster
+ *    Trivial cosmetic changes to make function comments easier to find.
+ *
+ *    Revision 1.33  2002/03/05 04:52:42  oes
+ *    Deleted non-errlog debugging code
+ *
+ *    Revision 1.32  2002/03/04 18:24:53  oes
+ *    Re-enabled output of unknown config directive hash
+ *
+ *    Revision 1.31  2002/03/03 15:07:20  oes
+ *    Re-enabled automatic config reloading
+ *
+ *    Revision 1.30  2002/01/22 23:31:43  jongfoster
+ *    Replacing strsav() with string_append()
+ *
+ *    Revision 1.29  2002/01/17 21:02:30  jongfoster
+ *    Moving all our URL and URL pattern parsing code to urlmatch.c.
+ *
+ *    Renaming free_url to free_url_spec, since it frees a struct url_spec.
+ *
+ *    Revision 1.28  2001/12/30 14:07:32  steudten
+ *    - Add signal handling (unix)
+ *    - Add SIGHUP handler (unix)
+ *    - Add creation of pidfile (unix)
+ *    - Add action 'top' in rc file (RH)
+ *    - Add entry 'SIGNALS' to manpage
+ *    - Add exit message to logfile (unix)
+ *
+ *    Revision 1.27  2001/11/07 00:02:13  steudten
+ *    Add line number in error output for lineparsing for
+ *    actionsfile and configfile.
+ *    Special handling for CLF added.
+ *
+ *    Revision 1.26  2001/11/05 21:41:43  steudten
+ *    Add changes to be a real daemon just for unix os.
+ *    (change cwd to /, detach from controlling tty, set
+ *    process group and session leader to the own process.
+ *    Add DBG() Macro.
+ *    Add some fatal-error log message for failed malloc().
+ *    Add '-d' if compiled with 'configure --with-debug' to
+ *    enable debug output.
+ *
+ *    Revision 1.25  2001/10/25 03:40:48  david__schmidt
+ *    Change in porting tactics: OS/2's EMX porting layer doesn't allow multiple
+ *    threads to call select() simultaneously.  So, it's time to do a real, live,
+ *    native OS/2 port.  See defines for __EMX__ (the porting layer) vs. __OS2__
+ *    (native). Both versions will work, but using __OS2__ offers multi-threading.
+ *
+ *    Revision 1.24  2001/10/23 21:40:30  jongfoster
+ *    Added support for enable-edit-actions and enable-remote-toggle config
+ *    file options.
+ *
+ *    Revision 1.23  2001/10/07 15:36:00  oes
+ *    Introduced new config option "buffer-limit"
+ *
+ *    Revision 1.22  2001/09/22 16:36:59  jongfoster
+ *    Removing unused parameter fs from read_config_line()
+ *
+ *    Revision 1.21  2001/09/16 17:10:43  jongfoster
+ *    Moving function savearg() here, since it was the only thing left in
+ *    showargs.c.
+ *
+ *    Revision 1.20  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.19  2001/07/15 17:45:16  jongfoster
+ *    Removing some unused #includes
+ *
+ *    Revision 1.18  2001/07/13 14:01:14  oes
+ *     - Removed all #ifdef PCRS
+ *     - Removed vim-settings
+ *
+ *    Revision 1.17  2001/06/29 13:31:03  oes
+ *    - Improved comments
+ *    - Fixed (actionsfile) and sorted hashes
+ *    - Introduced admin_address and proxy-info-url
+ *      as config parameters
+ *    - Renamed config->proxy_args_invocation (which didn't have
+ *      the invocation but the options!) to config->proxy_args
+ *    - Various adaptions
+ *    - Removed logentry from cancelled commit
+ *
+ *    Revision 1.16  2001/06/09 10:55:28  jongfoster
+ *    Changing BUFSIZ ==> BUFFER_SIZE
+ *
+ *    Revision 1.15  2001/06/07 23:13:40  jongfoster
+ *    Merging ACL and forward files into config file.
+ *    Cosmetic: Sorting config file options alphabetically.
+ *    Cosmetic: Adding brief syntax comments to config file options.
+ *
+ *    Revision 1.14  2001/06/07 14:46:25  joergs
+ *    Missing make_path() added for re_filterfile.
+ *
+ *    Revision 1.13  2001/06/05 22:33:54  jongfoster
+ *
+ *    Fixed minor memory leak.
+ *    Also now uses make_path to prepend the pathnames.
+ *
+ *    Revision 1.12  2001/06/05 20:04:09  jongfoster
+ *    Now uses _snprintf() in place of snprintf() under Win32.
+ *
+ *    Revision 1.11  2001/06/04 18:31:58  swa
+ *    files are now prefixed with either `confdir' or `logdir'.
+ *    `make redhat-dist' replaces both entries confdir and logdir
+ *    with redhat values
+ *
+ *    Revision 1.10  2001/06/03 19:11:54  oes
+ *    introduced confdir option
+ *
+ *    Revision 1.9  2001/06/01 20:06:24  jongfoster
+ *    Removed support for "tinygif" option - moved to actions file.
+ *
+ *    Revision 1.8  2001/05/31 21:27:13  jongfoster
+ *    Removed many options from the config file and into the
+ *    "actions" file: add_forwarded, suppress_vanilla_wafer,
+ *    wafer, add_header, user_agent, referer, from
+ *    Also globally replaced "permission" with "action".
+ *
+ *    Revision 1.7  2001/05/29 09:50:24  jongfoster
+ *    Unified blocklist/imagelist/permissionslist.
+ *    File format is still under discussion, but the internal changes
+ *    are (mostly) done.
+ *
+ *    Also modified interceptor behaviour:
+ *    - We now intercept all URLs beginning with one of the following
+ *      prefixes (and *only* these prefixes):
+ *        * http://i.j.b/
+ *        * http://ijbswa.sf.net/config/
+ *        * http://ijbswa.sourceforge.net/config/
+ *    - New interceptors "home page" - go to http://i.j.b/ to see it.
+ *    - Internal changes so that intercepted and fast redirect pages
+ *      are not replaced with an image.
+ *    - Interceptors now have the option to send a binary page direct
+ *      to the client. (i.e. ijb-send-banner uses this)
+ *    - Implemented show-url-info interceptor.  (Which is why I needed
+ *      the above interceptors changes - a typical URL is
+ *      "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ *      The previous mechanism would not have intercepted that, and
+ *      if it had been intercepted then it then it would have replaced
+ *      it with an image.)
+ *
+ *    Revision 1.6  2001/05/26 00:28:36  jongfoster
+ *    Automatic reloading of config file.
+ *    Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32).
+ *    Most of the global variables have been moved to a new
+ *    struct configuration_spec, accessed through csp->config->globalname
+ *    Most of the globals remaining are used by the Win32 GUI.
+ *
+ *    Revision 1.5  2001/05/25 22:34:30  jongfoster
+ *    Hard tabs->Spaces
+ *
+ *    Revision 1.4  2001/05/22 18:46:04  oes
+ *
+ *    - Enabled filtering banners by size rather than URL
+ *      by adding patterns that replace all standard banner
+ *      sizes with the "Junkbuster" gif to the re_filterfile
+ *
+ *    - Enabled filtering WebBugs by providing a pattern
+ *      which kills all 1x1 images
+ *
+ *    - Added support for PCRE_UNGREEDY behaviour to pcrs,
+ *      which is selected by the (nonstandard and therefore
+ *      capital) letter 'U' in the option string.
+ *      It causes the quantifiers to be ungreedy by default.
+ *      Appending a ? turns back to greedy (!).
+ *
+ *    - Added a new interceptor ijb-send-banner, which
+ *      sends back the "Junkbuster" gif. Without imagelist or
+ *      MSIE detection support, or if tinygif = 1, or the
+ *      URL isn't recognized as an imageurl, a lame HTML
+ *      explanation is sent instead.
+ *
+ *    - Added new feature, which permits blocking remote
+ *      script redirects and firing back a local redirect
+ *      to the browser.
+ *      The feature is conditionally compiled, i.e. it
+ *      can be disabled with --disable-fast-redirects,
+ *      plus it must be activated by a "fast-redirects"
+ *      line in the config file, has its own log level
+ *      and of course wants to be displayed by show-proxy-args
+ *      Note: Boy, all the #ifdefs in 1001 locations and
+ *      all the fumbling with configure.in and acconfig.h
+ *      were *way* more work than the feature itself :-(
+ *
+ *    - Because a generic redirect template was needed for
+ *      this, tinygif = 3 now uses the same.
+ *
+ *    - Moved GIFs, and other static HTTP response templates
+ *      to project.h
+ *
+ *    - Some minor fixes
+ *
+ *    - Removed some >400 CRs again (Jon, you really worked
+ *      a lot! ;-)
+ *
+ *    Revision 1.3  2001/05/20 01:21:20  jongfoster
+ *    Version 2.9.4 checkin.
+ *    - Merged popupfile and cookiefile, and added control over PCRS
+ *      filtering, in new "permissionsfile".
+ *    - Implemented LOG_LEVEL_FATAL, so that if there is a configuration
+ *      file error you now get a message box (in the Win32 GUI) rather
+ *      than the program exiting with no explanation.
+ *    - Made killpopup use the PCRS MIME-type checking and HTTP-header
+ *      skipping.
+ *    - Removed tabs from "config"
+ *    - Moved duplicated url parsing code in "loaders.c" to a new funcition.
+ *    - Bumped up version number.
+ *
+ *    Revision 1.2  2001/05/17 23:01:01  oes
+ *     - Cleaned CRLF's from the sources and related files
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:58  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <stdlib.h>
+#include <string.h>
+#include <signal.h>
+#include <fcntl.h>
+#include <errno.h>
+#include <ctype.h>
+#include <assert.h>
+
+#ifdef _WIN32
+
+# ifndef STRICT
+#  define STRICT
+# endif
+# include <windows.h>
+
+# include "win32.h"
+# ifndef _WIN_CONSOLE
+#  include "w32log.h"
+# endif /* ndef _WIN_CONSOLE */
+
+#else /* ifndef _WIN32 */
+
+#ifndef __OS2__
+# include <unistd.h>
+# include <sys/wait.h>
+#endif
+# include <sys/time.h>
+# include <sys/stat.h>
+# include <signal.h>
+
+#endif
+
+#include "loadcfg.h"
+#include "list.h"
+#include "jcc.h"
+#include "filters.h"
+#include "loaders.h"
+#include "miscutil.h"
+#include "errlog.h"
+#include "ssplit.h"
+#include "encode.h"
+#include "urlmatch.h"
+#include "cgi.h"
+#include "gateway.h"
+
+const char loadcfg_h_rcs[] = LOADCFG_H_VERSION;
+
+/*
+ * Fix a problem with Solaris.  There should be no effect on other
+ * platforms.
+ * Solaris's isspace() is a macro which uses it's argument directly
+ * as an array index.  Therefore we need to make sure that high-bit
+ * characters generate +ve values, and ideally we also want to make
+ * the argument match the declared parameter type of "int".
+ */
+#define ijb_isupper(__X) isupper((int)(unsigned char)(__X))
+#define ijb_tolower(__X) tolower((int)(unsigned char)(__X))
+
+#ifdef FEATURE_TOGGLE
+/* Privoxy is enabled by default. */
+int global_toggle_state = 1;
+#endif /* def FEATURE_TOGGLE */
+
+/* The filename of the configfile */
+const char *configfile  = NULL;
+
+/*
+ * CGI functions will later need access to the invocation args,
+ * so we will make argc and argv global.
+ */
+int Argc = 0;
+const char **Argv = NULL;
+
+static struct file_list *current_configfile = NULL;
+
+
+/*
+ * This takes the "cryptic" hash of each keyword and aliases them to
+ * something a little more readable.  This also makes changing the
+ * hash values easier if they should change or the hash algorthm changes.
+ * Use the included "hash" program to find out what the hash will be
+ * for any string supplied on the command line.  (Or just put it in the
+ * config file and read the number from the error message in the log).
+ *
+ * Please keep this list sorted alphabetically (but with the Windows
+ * console and GUI specific options last).
+ */
+
+#define hash_actions_file                1196306641ul /* "actionsfile" */
+#define hash_accept_intercepted_requests 1513024973ul /* "accept-intercepted-requests" */
+#define hash_admin_address               4112573064ul /* "admin-address" */
+#define hash_allow_cgi_request_crunching  258915987ul /* "allow-cgi-request-crunching" */
+#define hash_buffer_limit                1881726070ul /* "buffer-limit */
+#define hash_confdir                        1978389ul /* "confdir" */
+#define hash_debug                            78263ul /* "debug" */
+#define hash_deny_access                 1227333715ul /* "deny-access" */
+#define hash_enable_edit_actions         2517097536ul /* "enable-edit-actions" */
+#define hash_enable_remote_toggle        2979744683ul /* "enable-remote-toggle" */
+#define hash_enable_remote_http_toggle    110543988ul /* "enable-remote-http-toggle" */
+#define hash_enforce_blocks              1862427469ul /* "enforce-blocks" */
+#define hash_filterfile                   250887266ul /* "filterfile" */
+#define hash_forward                        2029845ul /* "forward" */
+#define hash_forward_socks4              3963965521ul /* "forward-socks4" */
+#define hash_forward_socks4a             2639958518ul /* "forward-socks4a" */
+#define hash_forward_socks5              3963965522ul /* "forward-socks5" */
+#define hash_forwarded_connect_retries    101465292ul /* "forwarded-connect-retries" */
+#define hash_hostname                      10308071ul /* "hostname" */
+#define hash_keep_alive_timeout          3878599515ul /* "keep-alive-timeout" */
+#define hash_listen_address              1255650842ul /* "listen-address" */
+#define hash_logdir                          422889ul /* "logdir" */
+#define hash_logfile                        2114766ul /* "logfile" */
+#define hash_permit_access               3587953268ul /* "permit-access" */
+#define hash_proxy_info_url              3903079059ul /* "proxy-info-url" */
+#define hash_single_threaded             4250084780ul /* "single-threaded" */
+#define hash_socket_timeout              1809001761ul /* "socket-timeout" */
+#define hash_split_large_cgi_forms        671658948ul /* "split-large-cgi-forms" */
+#define hash_suppress_blocklists         1948693308ul /* "suppress-blocklists" */
+#define hash_templdir                      11067889ul /* "templdir" */
+#define hash_toggle                          447966ul /* "toggle" */
+#define hash_trust_info_url               430331967ul /* "trust-info-url" */
+#define hash_trustfile                     56494766ul /* "trustfile" */
+#define hash_usermanual                  1416668518ul /* "user-manual" */
+#define hash_activity_animation          1817904738ul /* "activity-animation" */
+#define hash_close_button_minimizes      3651284693ul /* "close-button-minimizes" */
+#define hash_hide_console                2048809870ul /* "hide-console" */
+#define hash_log_buffer_size             2918070425ul /* "log-buffer-size" */
+#define hash_log_font_name               2866730124ul /* "log-font-name" */
+#define hash_log_font_size               2866731014ul /* "log-font-size" */
+#define hash_log_highlight_messages      4032101240ul /* "log-highlight-messages" */
+#define hash_log_max_lines               2868344173ul /* "log-max-lines" */
+#define hash_log_messages                2291744899ul /* "log-messages" */
+#define hash_show_on_task_bar             215410365ul /* "show-on-task-bar" */
+
+
+static void savearg(char *command, char *argument, struct configuration_spec * config);
+
+/*********************************************************************
+ *
+ * Function    :  unload_configfile
+ *
+ * Description :  Free the config structure and all components.
+ *
+ * Parameters  :
+ *          1  :  data: struct configuration_spec to unload
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+static void unload_configfile (void * data)
+{
+   struct configuration_spec * config = (struct configuration_spec *)data;
+   struct forward_spec *cur_fwd = config->forward;
+   int i;
+
+#ifdef FEATURE_ACL
+   struct access_control_list *cur_acl = config->acl;
+
+   while (cur_acl != NULL)
+   {
+      struct access_control_list * next_acl = cur_acl->next;
+      free(cur_acl);
+      cur_acl = next_acl;
+   }
+   config->acl = NULL;
+#endif /* def FEATURE_ACL */
+
+   while (cur_fwd != NULL)
+   {
+      struct forward_spec * next_fwd = cur_fwd->next;
+      free_url_spec(cur_fwd->url);
+
+      freez(cur_fwd->gateway_host);
+      freez(cur_fwd->forward_host);
+      free(cur_fwd);
+      cur_fwd = next_fwd;
+   }
+   config->forward = NULL;
+
+   freez(config->confdir);
+   freez(config->logdir);
+   freez(config->templdir);
+   freez(config->hostname);
+
+   freez(config->haddr);
+   freez(config->logfile);
+
+   for (i = 0; i < MAX_AF_FILES; i++)
+   {
+      freez(config->actions_file_short[i]);
+      freez(config->actions_file[i]);
+      freez(config->re_filterfile_short[i]);
+      freez(config->re_filterfile[i]);
+   }
+
+   freez(config->admin_address);
+   freez(config->proxy_info_url);
+   freez(config->proxy_args);
+   freez(config->usermanual);
+
+#ifdef FEATURE_TRUST
+   freez(config->trustfile);
+   list_remove_all(config->trust_info);
+#endif /* def FEATURE_TRUST */
+
+   for (i = 0; i < MAX_AF_FILES; i++)
+   {
+      freez(config->re_filterfile[i]);
+   }
+
+   freez(config);
+}
+
+
+#ifdef FEATURE_GRACEFUL_TERMINATION
+/*********************************************************************
+ *
+ * Function    :  unload_current_config_file
+ *
+ * Description :  Unloads current config file - reset to state at
+ *                beginning of program.
+ *
+ * Parameters  :  None
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void unload_current_config_file(void)
+{
+   if (current_configfile)
+   {
+      current_configfile->unloader = unload_configfile;
+      current_configfile = NULL;
+   }
+}
+#endif
+
+
+/*********************************************************************
+ *
+ * Function    :  load_config
+ *
+ * Description :  Load the config file and all parameters.
+ *
+ *                XXX: more than thousand lines long
+ *                and thus in serious need of refactoring.
+ *
+ * Parameters  :  None
+ *
+ * Returns     :  The configuration_spec, or NULL on error.
+ *
+ *********************************************************************/
+struct configuration_spec * load_config(void)
+{
+   char buf[BUFFER_SIZE];
+   char *p, *q;
+   FILE *configfp = NULL;
+   struct configuration_spec * config = NULL;
+   struct client_state * fake_csp;
+   struct file_list *fs;
+   unsigned long linenum = 0;
+   int i;
+   char *logfile = NULL;
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+   int keep_alive_timeout = DEFAULT_KEEP_ALIVE_TIMEOUT;
+#endif
+
+   if (!check_file_changed(current_configfile, configfile, &fs))
+   {
+      /* No need to load */
+      return ((struct configuration_spec *)current_configfile->f);
+   }
+   if (NULL == fs)
+   {
+      log_error(LOG_LEVEL_FATAL,
+         "can't check configuration file '%s':  %E", configfile);
+      return NULL;
+   }
+
+   if (NULL != current_configfile)
+   {
+      log_error(LOG_LEVEL_INFO, "Reloading configuration file '%s'", configfile);
+   }
+
+#ifdef FEATURE_TOGGLE
+   global_toggle_state = 1;
+#endif /* def FEATURE_TOGGLE */
+
+   fs->f = config = (struct configuration_spec *)zalloc(sizeof(*config));
+
+   if (NULL == config)
+   {
+      freez(fs->filename);
+      freez(fs);
+      log_error(LOG_LEVEL_FATAL, "can't allocate memory for configuration");
+      return NULL;
+   }
+
+   /*
+    * This is backwards from how it's usually done.
+    * Following the usual pattern, "fs" would be stored in a member
+    * variable in "csp", and then we'd access "config" from "fs->f",
+    * using a cast.  However, "config" is used so often that a
+    * cast each time would be very ugly, and the extra indirection
+    * would waste CPU cycles.  Therefore we store "config" in
+    * "csp->config", and "fs" in "csp->config->config_file_list".
+    */
+   config->config_file_list = fs;
+
+   /*
+    * Set to defaults
+    */
+   config->multi_threaded            = 1;
+   config->hport                     = HADDR_PORT;
+   config->buffer_limit              = 4096 * 1024;
+   config->usermanual                = strdup(USER_MANUAL_URL);
+   config->proxy_args                = strdup("");
+   config->forwarded_connect_retries = 0;
+   config->socket_timeout            = 300; /* XXX: Should be a macro. */
+   config->feature_flags            &= ~RUNTIME_FEATURE_CGI_TOGGLE;
+   config->feature_flags            &= ~RUNTIME_FEATURE_SPLIT_LARGE_FORMS;
+   config->feature_flags            &= ~RUNTIME_FEATURE_ACCEPT_INTERCEPTED_REQUESTS;
+
+   configfp = fopen(configfile, "r");
+   if (NULL == configfp)
+   {
+      log_error(LOG_LEVEL_FATAL,
+         "can't open configuration file '%s':  %E", configfile);
+      /* Never get here - LOG_LEVEL_FATAL causes program exit */
+   }
+
+   while (read_config_line(buf, sizeof(buf), configfp, &linenum) != NULL)
+   {
+      char cmd[BUFFER_SIZE];
+      char arg[BUFFER_SIZE];
+      char tmp[BUFFER_SIZE];
+#ifdef FEATURE_ACL
+      struct access_control_list *cur_acl;
+#endif /* def FEATURE_ACL */
+      struct forward_spec *cur_fwd;
+      int vec_count;
+      char *vec[3];
+      unsigned long directive_hash;
+
+      strlcpy(tmp, buf, sizeof(tmp));
+
+      /* Copy command (i.e. up to space or tab) into cmd */
+      p = buf;
+      q = cmd;
+      while (*p && (*p != ' ') && (*p != '\t'))
+      {
+         *q++ = *p++;
+      }
+      *q = '\0';
+
+      /* Skip over the whitespace in buf */
+      while (*p && ((*p == ' ') || (*p == '\t')))
+      {
+         p++;
+      }
+
+      /* Copy the argument into arg */
+      strlcpy(arg, p, sizeof(arg));
+
+      /* Should never happen, but check this anyway */
+      if (*cmd == '\0')
+      {
+         continue;
+      }
+
+      /* Make sure the command field is lower case */
+      for (p = cmd; *p; p++)
+      {
+         if (ijb_isupper(*p))
+         {
+            *p = (char)ijb_tolower(*p);
+         }
+      }
+
+      directive_hash = hash_string(cmd);
+      switch (directive_hash)
+      {
+/* *************************************************************************
+ * actionsfile actions-file-name
+ * In confdir by default
+ * *************************************************************************/
+         case hash_actions_file :
+            i = 0;
+            while ((i < MAX_AF_FILES) && (NULL != config->actions_file[i]))
+            {
+               i++;
+            }
+
+            if (i >= MAX_AF_FILES)
+            {
+               log_error(LOG_LEVEL_FATAL, "Too many 'actionsfile' directives in config file - limit is %d.\n"
+                  "(You can increase this limit by changing MAX_AF_FILES in project.h and recompiling).",
+                  MAX_AF_FILES);
+            }
+            config->actions_file_short[i] = strdup(arg);
+            config->actions_file[i] = make_path(config->confdir, arg);
+
+            break;
+/* *************************************************************************
+ * accept-intercepted-requests
+ * *************************************************************************/
+         case hash_accept_intercepted_requests:
+            if ((*arg != '\0') && (0 != atoi(arg)))
+            {
+               config->feature_flags |= RUNTIME_FEATURE_ACCEPT_INTERCEPTED_REQUESTS;
+            }
+            else
+            {
+               config->feature_flags &= ~RUNTIME_FEATURE_ACCEPT_INTERCEPTED_REQUESTS;
+            }
+            break;
+
+/* *************************************************************************
+ * admin-address email-address
+ * *************************************************************************/
+         case hash_admin_address :
+            freez(config->admin_address);
+            config->admin_address = strdup(arg);
+            break;
+
+/* *************************************************************************
+ * allow-cgi-request-crunching
+ * *************************************************************************/
+         case hash_allow_cgi_request_crunching:
+            if ((*arg != '\0') && (0 != atoi(arg)))
+            {
+               config->feature_flags |= RUNTIME_FEATURE_CGI_CRUNCHING;
+            }
+            else
+            {
+               config->feature_flags &= ~RUNTIME_FEATURE_CGI_CRUNCHING;
+            }
+            break;
+
+/* *************************************************************************
+ * buffer-limit n
+ * *************************************************************************/
+         case hash_buffer_limit :
+            config->buffer_limit = (size_t)(1024 * atoi(arg));
+            break;
+
+/* *************************************************************************
+ * confdir directory-name
+ * *************************************************************************/
+         case hash_confdir :
+            freez(config->confdir);
+            config->confdir = make_path( NULL, arg);
+            break;
+
+/* *************************************************************************
+ * debug n
+ * Specifies debug level, multiple values are ORed together.
+ * *************************************************************************/
+         case hash_debug :
+            config->debug |= atoi(arg);
+            break;
+
+/* *************************************************************************
+ * deny-access source-ip[/significant-bits] [dest-ip[/significant-bits]]
+ * *************************************************************************/
+#ifdef FEATURE_ACL
+         case hash_deny_access:
+            strlcpy(tmp, arg, sizeof(tmp));
+            vec_count = ssplit(tmp, " \t", vec, SZ(vec), 1, 1);
+
+            if ((vec_count != 1) && (vec_count != 2))
+            {
+               log_error(LOG_LEVEL_ERROR, "Wrong number of parameters for "
+                     "deny-access directive in configuration file.");
+               string_append(&config->proxy_args,
+                  "<br>\nWARNING: Wrong number of parameters for "
+                  "deny-access directive in configuration file.<br><br>\n");
+               break;
+            }
+
+            /* allocate a new node */
+            cur_acl = (struct access_control_list *) zalloc(sizeof(*cur_acl));
+
+            if (cur_acl == NULL)
+            {
+               log_error(LOG_LEVEL_FATAL, "can't allocate memory for configuration");
+               /* Never get here - LOG_LEVEL_FATAL causes program exit */
+               break;
+            }
+            cur_acl->action = ACL_DENY;
+
+            if (acl_addr(vec[0], cur_acl->src) < 0)
+            {
+               log_error(LOG_LEVEL_ERROR, "Invalid source address, port or netmask "
+                  "for deny-access directive in configuration file: \"%s\"", vec[0]);
+               string_append(&config->proxy_args,
+                  "<br>\nWARNING: Invalid source address, port or netmask "
+                  "for deny-access directive in configuration file: \"");
+               string_append(&config->proxy_args,
+                  vec[0]);
+               string_append(&config->proxy_args,
+                  "\"<br><br>\n");
+               freez(cur_acl);
+               break;
+            }
+            if (vec_count == 2)
+            {
+               if (acl_addr(vec[1], cur_acl->dst) < 0)
+               {
+                  log_error(LOG_LEVEL_ERROR, "Invalid destination address, port or netmask "
+                     "for deny-access directive in configuration file: \"%s\"", vec[1]);
+                  string_append(&config->proxy_args,
+                     "<br>\nWARNING: Invalid destination address, port or netmask "
+                     "for deny-access directive in configuration file: \"");
+                  string_append(&config->proxy_args,
+                     vec[1]);
+                  string_append(&config->proxy_args,
+                     "\"<br><br>\n");
+                  freez(cur_acl);
+                  break;
+               }
+            }
+
+            /*
+             * Add it to the list.  Note we reverse the list to get the
+             * behaviour the user expects.  With both the ACL and
+             * actions file, the last match wins.  However, the internal
+             * implementations are different:  The actions file is stored
+             * in the same order as the file, and scanned completely.
+             * With the ACL, we reverse the order as we load it, then
+             * when we scan it we stop as soon as we get a match.
+             */
+            cur_acl->next  = config->acl;
+            config->acl = cur_acl;
+
+            break;
+#endif /* def FEATURE_ACL */
+
+/* *************************************************************************
+ * enable-edit-actions 0|1
+ * *************************************************************************/
+#ifdef FEATURE_CGI_EDIT_ACTIONS
+         case hash_enable_edit_actions:
+            if ((*arg != '\0') && (0 != atoi(arg)))
+            {
+               config->feature_flags |= RUNTIME_FEATURE_CGI_EDIT_ACTIONS;
+            }
+            else
+            {
+               config->feature_flags &= ~RUNTIME_FEATURE_CGI_EDIT_ACTIONS;
+            }
+            break;
+#endif /* def FEATURE_CGI_EDIT_ACTIONS */
+
+/* *************************************************************************
+ * enable-remote-toggle 0|1
+ * *************************************************************************/
+#ifdef FEATURE_TOGGLE
+         case hash_enable_remote_toggle:
+            if ((*arg != '\0') && (0 != atoi(arg)))
+            {
+               config->feature_flags |= RUNTIME_FEATURE_CGI_TOGGLE;
+            }
+            else
+            {
+               config->feature_flags &= ~RUNTIME_FEATURE_CGI_TOGGLE;
+            }
+            break;
+#endif /* def FEATURE_TOGGLE */
+
+/* *************************************************************************
+ * enable-remote-http-toggle 0|1
+ * *************************************************************************/
+         case hash_enable_remote_http_toggle:
+            if ((*arg != '\0') && (0 != atoi(arg)))
+            {
+               config->feature_flags |= RUNTIME_FEATURE_HTTP_TOGGLE;
+            }
+            else
+            {
+               config->feature_flags &= ~RUNTIME_FEATURE_HTTP_TOGGLE;
+            }
+            break;
+
+/* *************************************************************************
+ * enforce-blocks 0|1
+ * *************************************************************************/
+         case hash_enforce_blocks:
+#ifdef FEATURE_FORCE_LOAD
+            if ((*arg != '\0') && (0 != atoi(arg)))
+            {
+               config->feature_flags |= RUNTIME_FEATURE_ENFORCE_BLOCKS;
+            }
+            else
+            {
+               config->feature_flags &= ~RUNTIME_FEATURE_ENFORCE_BLOCKS;
+            }
+#else
+            log_error(LOG_LEVEL_ERROR, "Ignoring directive 'enforce-blocks'. "
+               "FEATURE_FORCE_LOAD is disabled, blocks will always be enforced.");
+#endif /* def FEATURE_FORCE_LOAD */
+            break;
+
+/* *************************************************************************
+ * filterfile file-name
+ * In confdir by default.
+ * *************************************************************************/
+         case hash_filterfile :
+            i = 0;
+            while ((i < MAX_AF_FILES) && (NULL != config->re_filterfile[i]))
+            {
+               i++;
+            }
+
+            if (i >= MAX_AF_FILES)
+            {
+               log_error(LOG_LEVEL_FATAL, "Too many 'filterfile' directives in config file - limit is %d.\n"
+                  "(You can increase this limit by changing MAX_AF_FILES in project.h and recompiling).",
+                  MAX_AF_FILES);
+            }
+            config->re_filterfile_short[i] = strdup(arg);
+            config->re_filterfile[i] = make_path(config->confdir, arg);
+
+            break;
+
+/* *************************************************************************
+ * forward url-pattern (.|http-proxy-host[:port])
+ * *************************************************************************/
+         case hash_forward:
+            strlcpy(tmp, arg, sizeof(tmp));
+            vec_count = ssplit(tmp, " \t", vec, SZ(vec), 1, 1);
+
+            if (vec_count != 2)
+            {
+               log_error(LOG_LEVEL_ERROR, "Wrong number of parameters for forward "
+                     "directive in configuration file.");
+               string_append(&config->proxy_args,
+                  "<br>\nWARNING: Wrong number of parameters for "
+                  "forward directive in configuration file.");
+               break;
+            }
+
+            /* allocate a new node */
+            cur_fwd = zalloc(sizeof(*cur_fwd));
+            if (cur_fwd == NULL)
+            {
+               log_error(LOG_LEVEL_FATAL, "can't allocate memory for configuration");
+               /* Never get here - LOG_LEVEL_FATAL causes program exit */
+               break;
+            }
+
+            cur_fwd->type = SOCKS_NONE;
+
+            /* Save the URL pattern */
+            if (create_url_spec(cur_fwd->url, vec[0]))
+            {
+               log_error(LOG_LEVEL_ERROR, "Bad URL specifier for forward "
+                     "directive in configuration file.");
+               string_append(&config->proxy_args,
+                  "<br>\nWARNING: Bad URL specifier for "
+                  "forward directive in configuration file.");
+               break;
+            }
+
+            /* Parse the parent HTTP proxy host:port */
+            p = vec[1];
+
+            if (strcmp(p, ".") != 0)
+            {
+               cur_fwd->forward_host = strdup(p);
+
+               if (NULL != (p = strchr(cur_fwd->forward_host, ':')))
+               {
+                  *p++ = '\0';
+                  cur_fwd->forward_port = atoi(p);
+               }
+
+               if (cur_fwd->forward_port <= 0)
+               {
+                  cur_fwd->forward_port = 8000;
+               }
+            }
+
+            /* Add to list. */
+            cur_fwd->next = config->forward;
+            config->forward = cur_fwd;
+
+            break;
+
+/* *************************************************************************
+ * forward-socks4 url-pattern socks-proxy[:port] (.|http-proxy[:port])
+ * *************************************************************************/
+         case hash_forward_socks4:
+            strlcpy(tmp, arg, sizeof(tmp));
+            vec_count = ssplit(tmp, " \t", vec, SZ(vec), 1, 1);
+
+            if (vec_count != 3)
+            {
+               log_error(LOG_LEVEL_ERROR, "Wrong number of parameters for "
+                     "forward-socks4 directive in configuration file.");
+               string_append(&config->proxy_args,
+                  "<br>\nWARNING: Wrong number of parameters for "
+                  "forward-socks4 directive in configuration file.");
+               break;
+            }
+
+            /* allocate a new node */
+            cur_fwd = zalloc(sizeof(*cur_fwd));
+            if (cur_fwd == NULL)
+            {
+               log_error(LOG_LEVEL_FATAL, "can't allocate memory for configuration");
+               /* Never get here - LOG_LEVEL_FATAL causes program exit */
+               break;
+            }
+
+            cur_fwd->type = SOCKS_4;
+
+            /* Save the URL pattern */
+            if (create_url_spec(cur_fwd->url, vec[0]))
+            {
+               log_error(LOG_LEVEL_ERROR, "Bad URL specifier for forward-socks4 "
+                     "directive in configuration file.");
+               string_append(&config->proxy_args,
+                  "<br>\nWARNING: Bad URL specifier for "
+                  "forward-socks4 directive in configuration file.");
+               break;
+            }
+
+            /* Parse the SOCKS proxy host[:port] */
+            p = vec[1];
+
+            if (strcmp(p, ".") != 0)
+            {
+               cur_fwd->gateway_host = strdup(p);
+
+               if (NULL != (p = strchr(cur_fwd->gateway_host, ':')))
+               {
+                  *p++ = '\0';
+                  cur_fwd->gateway_port = atoi(p);
+               }
+               if (cur_fwd->gateway_port <= 0)
+               {
+                  cur_fwd->gateway_port = 1080;
+               }
+            }
+
+            /* Parse the parent HTTP proxy host[:port] */
+            p = vec[2];
+
+            if (strcmp(p, ".") != 0)
+            {
+               cur_fwd->forward_host = strdup(p);
+
+               if (NULL != (p = strchr(cur_fwd->forward_host, ':')))
+               {
+                  *p++ = '\0';
+                  cur_fwd->forward_port = atoi(p);
+               }
+
+               if (cur_fwd->forward_port <= 0)
+               {
+                  cur_fwd->forward_port = 8000;
+               }
+            }
+
+            /* Add to list. */
+            cur_fwd->next = config->forward;
+            config->forward = cur_fwd;
+
+            break;
+
+/* *************************************************************************
+ * forward-socks4a url-pattern socks-proxy[:port] (.|http-proxy[:port])
+ * *************************************************************************/
+         case hash_forward_socks4a:
+         case hash_forward_socks5:
+            strlcpy(tmp, arg, sizeof(tmp));
+            vec_count = ssplit(tmp, " \t", vec, SZ(vec), 1, 1);
+
+            if (vec_count != 3)
+            {
+               log_error(LOG_LEVEL_ERROR, "Wrong number of parameters for "
+                     "forward-socks4a directive in configuration file.");
+               string_append(&config->proxy_args,
+                  "<br>\nWARNING: Wrong number of parameters for "
+                  "forward-socks4a directive in configuration file.");
+               break;
+            }
+
+            /* allocate a new node */
+            cur_fwd = zalloc(sizeof(*cur_fwd));
+            if (cur_fwd == NULL)
+            {
+               log_error(LOG_LEVEL_FATAL, "can't allocate memory for configuration");
+               /* Never get here - LOG_LEVEL_FATAL causes program exit */
+               break;
+            }
+
+            if (directive_hash == hash_forward_socks4a)
+            {
+               cur_fwd->type = SOCKS_4A;
+            }
+            else
+            {
+               cur_fwd->type = SOCKS_5;
+            }
+
+            /* Save the URL pattern */
+            if (create_url_spec(cur_fwd->url, vec[0]))
+            {
+               log_error(LOG_LEVEL_ERROR, "Bad URL specifier for forward-socks4a "
+                     "directive in configuration file.");
+               string_append(&config->proxy_args,
+                  "<br>\nWARNING: Bad URL specifier for "
+                  "forward-socks4a directive in configuration file.");
+               break;
+            }
+
+            /* Parse the SOCKS proxy host[:port] */
+            p = vec[1];
+
+            cur_fwd->gateway_host = strdup(p);
+
+            if (NULL != (p = strchr(cur_fwd->gateway_host, ':')))
+            {
+               *p++ = '\0';
+               cur_fwd->gateway_port = atoi(p);
+            }
+            if (cur_fwd->gateway_port <= 0)
+            {
+               cur_fwd->gateway_port = 1080;
+            }
+
+            /* Parse the parent HTTP proxy host[:port] */
+            p = vec[2];
+
+            if (strcmp(p, ".") != 0)
+            {
+               cur_fwd->forward_host = strdup(p);
+
+               if (NULL != (p = strchr(cur_fwd->forward_host, ':')))
+               {
+                  *p++ = '\0';
+                  cur_fwd->forward_port = atoi(p);
+               }
+
+               if (cur_fwd->forward_port <= 0)
+               {
+                  cur_fwd->forward_port = 8000;
+               }
+            }
+
+            /* Add to list. */
+            cur_fwd->next = config->forward;
+            config->forward = cur_fwd;
+
+            break;
+
+/* *************************************************************************
+ * forwarded-connect-retries n
+ * *************************************************************************/
+         case hash_forwarded_connect_retries :
+            config->forwarded_connect_retries = atoi(arg);
+            break;
+
+/* *************************************************************************
+ * hostname hostname-to-show-on-cgi-pages
+ * *************************************************************************/
+         case hash_hostname :
+            freez(config->hostname);
+            config->hostname = strdup(arg);
+            if (NULL == config->hostname)
+            {
+               log_error(LOG_LEVEL_FATAL, "Out of memory saving hostname.");
+            }
+            break;
+
+/* *************************************************************************
+ * keep-alive-timeout timeout
+ * *************************************************************************/
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+         case hash_keep_alive_timeout :
+            if (*arg != '\0')
+            {
+               int timeout = atoi(arg);
+               if (0 <= timeout)
+               {
+                  config->feature_flags |= RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE;
+                  keep_alive_timeout = timeout;
+               }
+               else
+               {
+                  config->feature_flags &= ~RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE;
+               }
+            }
+            break;
+#endif
+
+/* *************************************************************************
+ * listen-address [ip][:port]
+ * *************************************************************************/
+         case hash_listen_address :
+            freez(config->haddr);
+            config->haddr = strdup(arg);
+            break;
+
+/* *************************************************************************
+ * logdir directory-name
+ * *************************************************************************/
+         case hash_logdir :
+            freez(config->logdir);
+            config->logdir = make_path(NULL, arg);
+            break;
+
+/* *************************************************************************
+ * logfile log-file-name
+ * In logdir by default
+ * *************************************************************************/
+         case hash_logfile :
+            if (!no_daemon)
+            {
+               logfile = make_path(config->logdir, arg);
+               if (NULL == logfile)
+               {
+                  log_error(LOG_LEVEL_FATAL, "Out of memory while creating logfile path");
+               }
+            }
+            break;
+
+/* *************************************************************************
+ * permit-access source-ip[/significant-bits] [dest-ip[/significant-bits]]
+ * *************************************************************************/
+#ifdef FEATURE_ACL
+         case hash_permit_access:
+            strlcpy(tmp, arg, sizeof(tmp));
+            vec_count = ssplit(tmp, " \t", vec, SZ(vec), 1, 1);
+
+            if ((vec_count != 1) && (vec_count != 2))
+            {
+               log_error(LOG_LEVEL_ERROR, "Wrong number of parameters for "
+                     "permit-access directive in configuration file.");
+               string_append(&config->proxy_args,
+                  "<br>\nWARNING: Wrong number of parameters for "
+                  "permit-access directive in configuration file.<br><br>\n");
+
+               break;
+            }
+
+            /* allocate a new node */
+            cur_acl = (struct access_control_list *) zalloc(sizeof(*cur_acl));
+
+            if (cur_acl == NULL)
+            {
+               log_error(LOG_LEVEL_FATAL, "can't allocate memory for configuration");
+               /* Never get here - LOG_LEVEL_FATAL causes program exit */
+               break;
+            }
+            cur_acl->action = ACL_PERMIT;
+
+            if (acl_addr(vec[0], cur_acl->src) < 0)
+            {
+               log_error(LOG_LEVEL_ERROR, "Invalid source address, port or netmask "
+                  "for permit-access directive in configuration file: \"%s\"", vec[0]);
+               string_append(&config->proxy_args,
+                  "<br>\nWARNING: Invalid source address, port or netmask for "
+                  "permit-access directive in configuration file: \"");
+               string_append(&config->proxy_args,
+                  vec[0]);
+               string_append(&config->proxy_args,
+                  "\"<br><br>\n");
+               freez(cur_acl);
+               break;
+            }
+            if (vec_count == 2)
+            {
+               if (acl_addr(vec[1], cur_acl->dst) < 0)
+               {
+                  log_error(LOG_LEVEL_ERROR, "Invalid destination address, port or netmask "
+                     "for permit-access directive in configuration file: \"%s\"", vec[1]);
+                  string_append(&config->proxy_args,
+                     "<br>\nWARNING: Invalid destination address, port or netmask for "
+                     "permit-access directive in configuration file: \"");
+                  string_append(&config->proxy_args,
+                     vec[1]);
+                  string_append(&config->proxy_args,
+                     "\"<br><br>\n");
+                  freez(cur_acl);
+                  break;
+               }
+            }
+
+            /*
+             * Add it to the list.  Note we reverse the list to get the
+             * behaviour the user expects.  With both the ACL and
+             * actions file, the last match wins.  However, the internal
+             * implementations are different:  The actions file is stored
+             * in the same order as the file, and scanned completely.
+             * With the ACL, we reverse the order as we load it, then
+             * when we scan it we stop as soon as we get a match.
+             */
+            cur_acl->next  = config->acl;
+            config->acl = cur_acl;
+
+            break;
+#endif /* def FEATURE_ACL */
+
+/* *************************************************************************
+ * proxy-info-url url
+ * *************************************************************************/
+         case hash_proxy_info_url :
+            freez(config->proxy_info_url);
+            config->proxy_info_url = strdup(arg);
+            break;
+
+/* *************************************************************************
+ * single-threaded
+ * *************************************************************************/
+         case hash_single_threaded :
+            config->multi_threaded = 0;
+            break;
+
+/* *************************************************************************
+ * socket-timeout numer_of_seconds
+ * *************************************************************************/
+         case hash_socket_timeout :
+            if (*arg != '\0')
+            {
+               int socket_timeout = atoi(arg);
+               if (0 < socket_timeout)
+               {
+                  config->socket_timeout = socket_timeout;
+               }
+               else
+               {
+                  log_error(LOG_LEVEL_FATAL,
+                     "Invalid socket-timeout: '%s'", arg);
+               }
+            }
+            break;
+
+/* *************************************************************************
+ * split-large-cgi-forms
+ * *************************************************************************/
+         case hash_split_large_cgi_forms :
+            if ((*arg != '\0') && (0 != atoi(arg)))
+            {
+               config->feature_flags |= RUNTIME_FEATURE_SPLIT_LARGE_FORMS;
+            }
+            else
+            {
+               config->feature_flags &= ~RUNTIME_FEATURE_SPLIT_LARGE_FORMS;
+            }
+            break;
+
+/* *************************************************************************
+ * templdir directory-name
+ * *************************************************************************/
+         case hash_templdir :
+            freez(config->templdir);
+            config->templdir = make_path(NULL, arg);
+            break;
+
+/* *************************************************************************
+ * toggle (0|1)
+ * *************************************************************************/
+#ifdef FEATURE_TOGGLE
+         case hash_toggle :
+            global_toggle_state = atoi(arg);
+            break;
+#endif /* def FEATURE_TOGGLE */
+
+/* *************************************************************************
+ * trust-info-url url
+ * *************************************************************************/
+#ifdef FEATURE_TRUST
+         case hash_trust_info_url :
+            enlist(config->trust_info, arg);
+            break;
+#endif /* def FEATURE_TRUST */
+
+/* *************************************************************************
+ * trustfile filename
+ * (In confdir by default.)
+ * *************************************************************************/
+#ifdef FEATURE_TRUST
+         case hash_trustfile :
+            freez(config->trustfile);
+            config->trustfile = make_path(config->confdir, arg);
+            break;
+#endif /* def FEATURE_TRUST */
+
+/* *************************************************************************
+ * usermanual url
+ * *************************************************************************/
+         case hash_usermanual :
+            /*
+             * XXX: If this isn't the first config directive, the
+             * show-status page links to the website documentation
+             * for the directives that were already parsed. Lame.
+             */
+            freez(config->usermanual);
+            config->usermanual = strdup(arg);
+            break;
+
+/* *************************************************************************
+ * Win32 Console options:
+ * *************************************************************************/
+
+/* *************************************************************************
+ * hide-console
+ * *************************************************************************/
+#ifdef _WIN_CONSOLE
+         case hash_hide_console :
+            hideConsole = 1;
+            break;
+#endif /*def _WIN_CONSOLE*/
+
+
+/* *************************************************************************
+ * Win32 GUI options:
+ * *************************************************************************/
+
+#if defined(_WIN32) && ! defined(_WIN_CONSOLE)
+/* *************************************************************************
+ * activity-animation (0|1)
+ * *************************************************************************/
+         case hash_activity_animation :
+            g_bShowActivityAnimation = atoi(arg);
+            break;
+
+/* *************************************************************************
+ *  close-button-minimizes (0|1)
+ * *************************************************************************/
+         case hash_close_button_minimizes :
+            g_bCloseHidesWindow = atoi(arg);
+            break;
+
+/* *************************************************************************
+ * log-buffer-size (0|1)
+ * *************************************************************************/
+         case hash_log_buffer_size :
+            g_bLimitBufferSize = atoi(arg);
+            break;
+
+/* *************************************************************************
+ * log-font-name fontname
+ * *************************************************************************/
+         case hash_log_font_name :
+            if (strlcpy(g_szFontFaceName, arg,
+                   sizeof(g_szFontFaceName)) >= sizeof(g_szFontFaceName))
+            {
+               log_error(LOG_LEVEL_FATAL,
+                  "log-font-name argument '%s' is longer than %u characters.",
+                  arg, sizeof(g_szFontFaceName)-1);
+            }
+            break;
+
+/* *************************************************************************
+ * log-font-size n
+ * *************************************************************************/
+         case hash_log_font_size :
+            g_nFontSize = atoi(arg);
+            break;
+
+/* *************************************************************************
+ * log-highlight-messages (0|1)
+ * *************************************************************************/
+         case hash_log_highlight_messages :
+            g_bHighlightMessages = atoi(arg);
+            break;
+
+/* *************************************************************************
+ * log-max-lines n
+ * *************************************************************************/
+         case hash_log_max_lines :
+            g_nMaxBufferLines = atoi(arg);
+            break;
+
+/* *************************************************************************
+ * log-messages (0|1)
+ * *************************************************************************/
+         case hash_log_messages :
+            g_bLogMessages = atoi(arg);
+            break;
+
+/* *************************************************************************
+ * show-on-task-bar (0|1)
+ * *************************************************************************/
+         case hash_show_on_task_bar :
+            g_bShowOnTaskBar = atoi(arg);
+            break;
+
+#endif /* defined(_WIN32) && ! defined(_WIN_CONSOLE) */
+
+
+/* *************************************************************************
+ * Warnings about unsupported features
+ * *************************************************************************/
+#ifndef FEATURE_ACL
+         case hash_deny_access:
+#endif /* ndef FEATURE_ACL */
+#ifndef FEATURE_CGI_EDIT_ACTIONS
+         case hash_enable_edit_actions:
+#endif /* ndef FEATURE_CGI_EDIT_ACTIONS */
+#ifndef FEATURE_TOGGLE
+         case hash_enable_remote_toggle:
+#endif /* ndef FEATURE_TOGGLE */
+#ifndef FEATURE_ACL
+         case hash_permit_access:
+#endif /* ndef FEATURE_ACL */
+#ifndef FEATURE_TOGGLE
+         case hash_toggle :
+#endif /* ndef FEATURE_TOGGLE */
+#ifndef FEATURE_TRUST
+         case hash_trustfile :
+         case hash_trust_info_url :
+#endif /* ndef FEATURE_TRUST */
+
+#ifndef _WIN_CONSOLE
+         case hash_hide_console :
+#endif /* ndef _WIN_CONSOLE */
+
+#if defined(_WIN_CONSOLE) || ! defined(_WIN32)
+         case hash_activity_animation :
+         case hash_close_button_minimizes :
+         case hash_log_buffer_size :
+         case hash_log_font_name :
+         case hash_log_font_size :
+         case hash_log_highlight_messages :
+         case hash_log_max_lines :
+         case hash_log_messages :
+         case hash_show_on_task_bar :
+#endif /* defined(_WIN_CONSOLE) || ! defined(_WIN32) */
+            /* These warnings are annoying - so hide them. -- Jon */
+            /* log_error(LOG_LEVEL_INFO, "Unsupported directive \"%s\" ignored.", cmd); */
+            break;
+
+/* *************************************************************************/
+         default :
+/* *************************************************************************/
+            /*
+             * I decided that I liked this better as a warning than an
+             * error.  To change back to an error, just change log level
+             * to LOG_LEVEL_FATAL.
+             */
+            log_error(LOG_LEVEL_ERROR, "Ignoring unrecognized directive '%s' (%luul) in line %lu "
+                  "in configuration file (%s).",  buf, directive_hash, linenum, configfile);
+            string_append(&config->proxy_args,
+               " <strong class='warning'>Warning: Ignoring unrecognized directive:</strong>");
+            break;
+
+/* *************************************************************************/
+      } /* end switch( hash_string(cmd) ) */
+
+      /* Save the argument for the show-status page. */
+      savearg(cmd, arg, config);
+
+   } /* end while ( read_config_line(...) ) */
+
+   fclose(configfp);
+
+   set_debug_level(config->debug);
+
+   freez(config->logfile);
+
+   if (!no_daemon)
+   {
+      if (NULL != logfile)
+      {
+         config->logfile = logfile;
+         init_error_log(Argv[0], config->logfile);
+      }
+      else
+      {
+         disable_logging();
+      }
+   }
+
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+   if (config->feature_flags & RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE)
+   {
+      if (config->multi_threaded)
+      {
+         set_keep_alive_timeout(keep_alive_timeout);
+      }
+      else
+      {
+         /*
+          * While we could use keep-alive without multiple threads
+          * if we didn't bother with enforcing the connection timeout,
+          * that might make Tor users sad, even though they shouldn't
+          * enable the single-threaded option anyway.
+          */
+         config->feature_flags &= ~RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE;
+         log_error(LOG_LEVEL_ERROR,
+            "Config option single-threaded disables connection keep-alive.");
+      }
+   }
+#endif
+
+   if (NULL == config->proxy_args)
+   {
+      log_error(LOG_LEVEL_FATAL, "Out of memory loading config - insufficient memory for config->proxy_args");
+   }
+
+   if (config->actions_file[0])
+   {
+      add_loader(load_action_files, config);
+   }
+
+   if (config->re_filterfile[0])
+   {
+      add_loader(load_re_filterfiles, config);
+   }
+
+#ifdef FEATURE_TRUST
+   if (config->trustfile)
+   {
+      add_loader(load_trustfile, config);
+   }
+#endif /* def FEATURE_TRUST */
+
+   if ( NULL == config->haddr )
+   {
+      config->haddr = strdup( HADDR_DEFAULT );
+   }
+
+   if ( NULL != config->haddr )
+   {
+      if (NULL != (p = strchr(config->haddr, ':')))
+      {
+         *p++ = '\0';
+         if (*p)
+         {
+            config->hport = atoi(p);
+         }
+      }
+
+      if (config->hport <= 0)
+      {
+         *--p = ':';
+         log_error(LOG_LEVEL_FATAL, "invalid bind port spec %s", config->haddr);
+         /* Never get here - LOG_LEVEL_FATAL causes program exit */
+      }
+      if (*config->haddr == '\0')
+      {
+         /*
+          * Only the port specified. We stored it in config->hport
+          * and don't need its text representation anymore.
+          */
+         freez(config->haddr);
+      }
+   }
+
+   /*
+    * Want to run all the loaders once now.
+    *
+    * Need to set up a fake csp, so they can get to the config.
+    */
+   fake_csp = (struct client_state *) zalloc (sizeof(*fake_csp));
+   fake_csp->config = config;
+
+   if (run_loader(fake_csp))
+   {
+      freez(fake_csp);
+      log_error(LOG_LEVEL_FATAL, "A loader failed while loading config file. Exiting.");
+      /* Never get here - LOG_LEVEL_FATAL causes program exit */
+   }
+   freez(fake_csp);
+
+/* FIXME: this is a kludge for win32 */
+#if defined(_WIN32) && !defined (_WIN_CONSOLE)
+
+   g_default_actions_file = config->actions_file[1]; /* FIXME Hope this is default.action */
+   g_user_actions_file = config->actions_file[2]; /* FIXME Hope this is user.action */
+   g_re_filterfile    = config->re_filterfile[0]; /* FIXME Hope this is default.filter */
+
+#ifdef FEATURE_TRUST
+   g_trustfile        = config->trustfile;
+#endif /* def FEATURE_TRUST */
+
+
+#endif /* defined(_WIN32) && !defined (_WIN_CONSOLE) */
+/* FIXME: end kludge */
+
+
+   config->need_bind = 1;
+
+   if (current_configfile)
+   {
+      struct configuration_spec * oldcfg = (struct configuration_spec *)
+                                           current_configfile->f;
+      /*
+       * Check if config->haddr,hport == oldcfg->haddr,hport
+       *
+       * The following could be written more compactly as a single,
+       * (unreadably long) if statement.
+       */
+      config->need_bind = 0;
+      if (config->hport != oldcfg->hport)
+      {
+         config->need_bind = 1;
+      }
+      else if (config->haddr == NULL)
+      {
+         if (oldcfg->haddr != NULL)
+         {
+            config->need_bind = 1;
+         }
+      }
+      else if (oldcfg->haddr == NULL)
+      {
+         config->need_bind = 1;
+      }
+      else if (0 != strcmp(config->haddr, oldcfg->haddr))
+      {
+         config->need_bind = 1;
+      }
+
+      current_configfile->unloader = unload_configfile;
+   }
+
+   fs->next = files->next;
+   files->next = fs;
+
+   current_configfile = fs;
+
+   return (config);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  savearg
+ *
+ * Description :  Called from `load_config'.  It saves each non-empty
+ *                and non-comment line from config into
+ *                config->proxy_args.  This is used to create the
+ *                show-proxy-args page.  On error, frees
+ *                config->proxy_args and sets it to NULL
+ *
+ * Parameters  :
+ *          1  :  command = config setting that was found
+ *          2  :  argument = the setting's argument (if any)
+ *          3  :  config = Configuration to save into.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+static void savearg(char *command, char *argument, struct configuration_spec * config)
+{
+   char * buf;
+   char * s;
+
+   assert(command);
+   assert(argument);
+
+   /*
+    * Add config option name embedded in
+    * link to its section in the user-manual
+    */
+   buf = strdup("\n<a href=\"");
+   if (!strncmpic(config->usermanual, "file://", 7) ||
+       !strncmpic(config->usermanual, "http", 4))
+   {
+      string_append(&buf, config->usermanual);
+   }
+   else
+   {
+      string_append(&buf, "http://" CGI_SITE_2_HOST "/user-manual/");
+   }
+   string_append(&buf, CONFIG_HELP_PREFIX);
+   string_join  (&buf, string_toupper(command));
+   string_append(&buf, "\">");
+   string_append(&buf, command);
+   string_append(&buf, "</a> ");
+
+   if (NULL == buf)
+   {
+      freez(config->proxy_args);
+      return;
+   }
+
+   if ( (NULL != argument) && ('\0' != *argument) )
+   {
+      s = html_encode(argument);
+      if (NULL == s)
+      {
+         freez(buf);
+         freez(config->proxy_args);
+         return;
+      }
+
+      if (strncmpic(argument, "http://", 7) == 0)
+      {
+         string_append(&buf, "<a href=\"");
+         string_append(&buf, s);
+         string_append(&buf, "\">");
+         string_join  (&buf, s);
+         string_append(&buf, "</a>");
+      }
+      else
+      {
+         string_join  (&buf, s);
+      }
+   }
+
+   string_append(&buf, "<br>");
+   string_join(&config->proxy_args, buf);
+}
+
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/loadcfg.h b/external/privoxy/loadcfg.h
new file mode 100644
index 0000000..80fc184
--- /dev/null
+++ b/external/privoxy/loadcfg.h
@@ -0,0 +1,199 @@
+#ifndef LOADCFG_H_INCLUDED
+#define LOADCFG_H_INCLUDED
+#define LOADCFG_H_VERSION "$Id: loadcfg.h,v 1.13 2006/07/18 14:48:46 david__schmidt Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/loadcfg.h,v $
+ *
+ * Purpose     :  Loads settings from the configuration file into
+ *                global variables.  This file contains both the 
+ *                routine to load the configuration and the global
+ *                variables it writes to.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: loadcfg.h,v $
+ *    Revision 1.13  2006/07/18 14:48:46  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.11.2.1  2003/03/11 11:53:59  oes
+ *    Cosmetic: Renamed cryptic variable
+ *
+ *    Revision 1.11  2002/03/26 22:29:55  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.10  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.9  2002/03/16 23:54:06  jongfoster
+ *    Adding graceful termination feature, to help look for memory leaks.
+ *    If you enable this (which, by design, has to be done by hand
+ *    editing config.h) and then go to http://i.j.b/die, then the program
+ *    will exit cleanly after the *next* request.  It should free all the
+ *    memory that was used.
+ *
+ *    Revision 1.8  2001/12/30 14:07:32  steudten
+ *    - Add signal handling (unix)
+ *    - Add SIGHUP handler (unix)
+ *    - Add creation of pidfile (unix)
+ *    - Add action 'top' in rc file (RH)
+ *    - Add entry 'SIGNALS' to manpage
+ *    - Add exit message to logfile (unix)
+ *
+ *    Revision 1.7  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.6  2001/07/29 18:58:15  jongfoster
+ *    Removing nested #includes, adding forward declarations for needed
+ *    structures, and changing the #define _FILENAME_H to FILENAME_H_INCLUDED.
+ *
+ *    Revision 1.5  2001/05/26 00:28:36  jongfoster
+ *    Automatic reloading of config file.
+ *    Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32).
+ *    Most of the global variables have been moved to a new
+ *    struct configuration_spec, accessed through csp->config->globalname
+ *    Most of the globals remaining are used by the Win32 GUI.
+ *
+ *    Revision 1.4  2001/05/22 18:46:04  oes
+ *
+ *    - Enabled filtering banners by size rather than URL
+ *      by adding patterns that replace all standard banner
+ *      sizes with the "Junkbuster" gif to the re_filterfile
+ *
+ *    - Enabled filtering WebBugs by providing a pattern
+ *      which kills all 1x1 images
+ *
+ *    - Added support for PCRE_UNGREEDY behaviour to pcrs,
+ *      which is selected by the (nonstandard and therefore
+ *      capital) letter 'U' in the option string.
+ *      It causes the quantifiers to be ungreedy by default.
+ *      Appending a ? turns back to greedy (!).
+ *
+ *    - Added a new interceptor ijb-send-banner, which
+ *      sends back the "Junkbuster" gif. Without imagelist or
+ *      MSIE detection support, or if tinygif = 1, or the
+ *      URL isn't recognized as an imageurl, a lame HTML
+ *      explanation is sent instead.
+ *
+ *    - Added new feature, which permits blocking remote
+ *      script redirects and firing back a local redirect
+ *      to the browser.
+ *      The feature is conditionally compiled, i.e. it
+ *      can be disabled with --disable-fast-redirects,
+ *      plus it must be activated by a "fast-redirects"
+ *      line in the config file, has its own log level
+ *      and of course wants to be displayed by show-proxy-args
+ *      Note: Boy, all the #ifdefs in 1001 locations and
+ *      all the fumbling with configure.in and acconfig.h
+ *      were *way* more work than the feature itself :-(
+ *
+ *    - Because a generic redirect template was needed for
+ *      this, tinygif = 3 now uses the same.
+ *
+ *    - Moved GIFs, and other static HTTP response templates
+ *      to project.h
+ *
+ *    - Some minor fixes
+ *
+ *    - Removed some >400 CRs again (Jon, you really worked
+ *      a lot! ;-)
+ *
+ *    Revision 1.3  2001/05/20 01:21:20  jongfoster
+ *    Version 2.9.4 checkin.
+ *    - Merged popupfile and cookiefile, and added control over PCRS
+ *      filtering, in new "permissionsfile".
+ *    - Implemented LOG_LEVEL_FATAL, so that if there is a configuration
+ *      file error you now get a message box (in the Win32 GUI) rather
+ *      than the program exiting with no explanation.
+ *    - Made killpopup use the PCRS MIME-type checking and HTTP-header
+ *      skipping.
+ *    - Removed tabs from "config"
+ *    - Moved duplicated url parsing code in "loaders.c" to a new funcition.
+ *    - Bumped up version number.
+ *
+ *    Revision 1.2  2001/05/17 23:01:01  oes
+ *     - Cleaned CRLF's from the sources and related files
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:58  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Don't need project.h, only this: */
+struct configuration_spec;
+
+/* Global variables */
+
+#ifdef FEATURE_TOGGLE
+/* Privoxy's toggle state */
+extern int global_toggle_state;
+#endif /* def FEATURE_TOGGLE */
+
+extern const char *configfile;
+
+
+/* The load_config function is now going to call:
+ * init_proxy_args, so it will need argc and argv.
+ * Since load_config will also be a signal handler,
+ * we need to have these globally available.
+ */
+extern int Argc;
+extern const char **Argv;
+extern short int MustReload;
+
+
+extern struct configuration_spec * load_config(void);
+
+#ifdef FEATURE_GRACEFUL_TERMINATION
+void unload_current_config_file(void);
+#endif
+
+/* Revision control strings from this header and associated .c file */
+extern const char loadcfg_rcs[];
+extern const char loadcfg_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef LOADCFG_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/loaders.c b/external/privoxy/loaders.c
new file mode 100644
index 0000000..b796634
--- /dev/null
+++ b/external/privoxy/loaders.c
@@ -0,0 +1,1762 @@
+const char loaders_rcs[] = "$Id: loaders.c,v 1.71 2009/03/04 18:24:47 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/loaders.c,v $
+ *
+ * Purpose     :  Functions to load and unload the various
+ *                configuration files.  Also contains code to manage
+ *                the list of active loaders, and to automatically
+ *                unload files that are no longer in use.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2009 the
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: loaders.c,v $
+ *    Revision 1.71  2009/03/04 18:24:47  fabiankeil
+ *    No need to create empty strings manually, strdup("") FTW.
+ *
+ *    Revision 1.70  2009/03/01 18:34:24  fabiankeil
+ *    Help clang understand that we aren't dereferencing
+ *    NULL pointers here.
+ *
+ *    Revision 1.69  2008/09/21 13:36:52  fabiankeil
+ *    If change-x-forwarded-for{add} is used and the client
+ *    sends multiple X-Forwarded-For headers, append the client's
+ *    IP address to each one of them. "Traditionally" we would
+ *    lose all but the last one.
+ *
+ *    Revision 1.68  2008/09/19 15:26:28  fabiankeil
+ *    Add change-x-forwarded-for{} action to block or add
+ *    X-Forwarded-For headers. Mostly based on code removed
+ *    before 3.0.7.
+ *
+ *    Revision 1.67  2008/03/30 14:52:08  fabiankeil
+ *    Rename load_actions_file() and load_re_filterfile()
+ *    as they load multiple files "now".
+ *
+ *    Revision 1.66  2008/03/21 11:16:30  fabiankeil
+ *    Garbage-collect csp->my_ip_addr_str and csp->my_hostname.
+ *
+ *    Revision 1.65  2007/12/07 18:29:23  fabiankeil
+ *    Remove now-obsolete csp member x_forwarded.
+ *
+ *    Revision 1.64  2007/06/01 14:12:38  fabiankeil
+ *    Add unload_forward_spec() in preparation for forward-override{}.
+ *
+ *    Revision 1.63  2007/05/14 10:41:15  fabiankeil
+ *    Ditch the csp member cookie_list[] which isn't used anymore.
+ *
+ *    Revision 1.62  2007/04/30 15:02:18  fabiankeil
+ *    Introduce dynamic pcrs jobs that can resolve variables.
+ *
+ *    Revision 1.61  2007/04/15 16:39:21  fabiankeil
+ *    Introduce tags as alternative way to specify which
+ *    actions apply to a request. At the moment tags can be
+ *    created based on client and server headers.
+ *
+ *    Revision 1.60  2007/03/20 15:16:34  fabiankeil
+ *    Use dedicated header filter actions instead of abusing "filter".
+ *    Replace "filter-client-headers" and "filter-client-headers"
+ *    with "server-header-filter" and "client-header-filter".
+ *
+ *    Revision 1.59  2007/01/25 13:38:20  fabiankeil
+ *    Freez csp->error_message in sweep().
+ *
+ *    Revision 1.58  2006/12/31 14:25:20  fabiankeil
+ *    Fix gcc43 compiler warnings.
+ *
+ *    Revision 1.57  2006/12/21 12:22:22  fabiankeil
+ *    html_encode filter descriptions.
+ *
+ *    Have "Ignoring job ..." error messages
+ *    print the filter file name correctly.
+ *
+ *    Revision 1.56  2006/09/07 10:40:30  fabiankeil
+ *    Turns out trusted referrers above our arbitrary
+ *    limit are downgraded too ordinary trusted URLs.
+ *    Adjusted error message.
+ *
+ *    Revision 1.55  2006/09/07 10:25:39  fabiankeil
+ *    Fix typo.
+ *
+ *    Revision 1.54  2006/09/07 10:22:20  fabiankeil
+ *    If too many trusted referrers are used,
+ *    print only one error message instead of logging
+ *    every single trusted referrer above the arbitrary
+ *    limit.
+ *
+ *    Revision 1.53  2006/08/31 16:25:06  fabiankeil
+ *    Work around a buffer overflow that caused Privoxy to
+ *    segfault if too many trusted referrers were used. Good
+ *    enough for now, but should be replaced with a real
+ *    solution after the next release.
+ *
+ *    Revision 1.52  2006/07/18 14:48:46  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.50.2.8  2006/01/30 15:16:25  david__schmidt
+ *    Remove a little residual debugging info
+ *
+ *    Revision 1.50.2.7  2006/01/29 23:10:56  david__schmidt
+ *    Multiple filter file support
+ *
+ *    Revision 1.50.2.6  2003/10/24 10:17:54  oes
+ *    Nit: Allowed tabs as separators in filter headings
+ *
+ *    Revision 1.50.2.5  2003/05/08 15:19:15  oes
+ *    sweep: Made loop structure of sweep step mirror that of mark step
+ *
+ *    Revision 1.50.2.4  2003/05/06 15:57:12  oes
+ *    Bugfix: Update last_active pointer in sweep() before
+ *    leaving an active client. Closes bugs #724395, #727882
+ *
+ *    Revision 1.50.2.3  2002/11/20 17:12:30  oes
+ *    Ooops, forgot one change.
+ *
+ *    Revision 1.50.2.2  2002/11/20 14:38:15  oes
+ *    Fixed delayed/incomplete freeing of client resources and
+ *    simplified loop structure in sweep.
+ *    Thanks to Oliver Stoeneberg for the hint.
+ *
+ *    Revision 1.50.2.1  2002/07/26 15:19:24  oes
+ *    - PCRS jobs now chained in order of appearance. Previous
+ *      reverse chaining was counter-intuitive.
+ *    - Changed loglevel of PCRS job compile errors to
+ *      LOG_LEVEL_ERROR
+ *
+ *    Revision 1.50  2002/04/24 02:12:16  oes
+ *    Jon's multiple AF patch: Sweep now takes care of all AFs
+ *
+ *    Revision 1.49  2002/04/19 16:53:25  jongfoster
+ *    Optimize away a function call by using an equivalent macro
+ *
+ *    Revision 1.48  2002/04/05 00:56:09  gliptak
+ *    Correcting typo to clean up on realloc failure
+ *
+ *    Revision 1.47  2002/03/26 22:29:55  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.46  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.45  2002/03/16 23:54:06  jongfoster
+ *    Adding graceful termination feature, to help look for memory leaks.
+ *    If you enable this (which, by design, has to be done by hand
+ *    editing config.h) and then go to http://i.j.b/die, then the program
+ *    will exit cleanly after the *next* request.  It should free all the
+ *    memory that was used.
+ *
+ *    Revision 1.44  2002/03/16 21:51:00  jongfoster
+ *    Fixing free(NULL).
+ *
+ *    Revision 1.43  2002/03/16 20:28:34  oes
+ *    Added descriptions to the filters so users will know what they select in the cgi editor
+ *
+ *    Revision 1.42  2002/03/13 00:27:05  jongfoster
+ *    Killing warnings
+ *
+ *    Revision 1.41  2002/03/12 01:42:50  oes
+ *    Introduced modular filters
+ *
+ *    Revision 1.40  2002/03/08 17:46:04  jongfoster
+ *    Fixing int/size_t warnings
+ *
+ *    Revision 1.39  2002/03/07 03:46:17  oes
+ *    Fixed compiler warnings
+ *
+ *    Revision 1.38  2002/03/06 22:54:35  jongfoster
+ *    Automated function-comment nitpicking.
+ *
+ *    Revision 1.37  2002/03/03 15:07:49  oes
+ *    Re-enabled automatic config reloading
+ *
+ *    Revision 1.36  2002/01/22 23:46:18  jongfoster
+ *    Moving edit_read_line() and simple_read_line() to loaders.c, and
+ *    extending them to support reading MS-DOS, Mac and UNIX style files
+ *    on all platforms.
+ *
+ *    Modifying read_config_line() (without changing it's prototype) to
+ *    be a trivial wrapper for edit_read_line().  This means that we have
+ *    one function to read a line and handle comments, which is common
+ *    between the initialization code and the edit interface.
+ *
+ *    Revision 1.35  2002/01/17 21:03:08  jongfoster
+ *    Moving all our URL and URL pattern parsing code to urlmatch.c.
+ *
+ *    Renaming free_url to free_url_spec, since it frees a struct url_spec.
+ *
+ *    Revision 1.34  2001/12/30 14:07:32  steudten
+ *    - Add signal handling (unix)
+ *    - Add SIGHUP handler (unix)
+ *    - Add creation of pidfile (unix)
+ *    - Add action 'top' in rc file (RH)
+ *    - Add entry 'SIGNALS' to manpage
+ *    - Add exit message to logfile (unix)
+ *
+ *    Revision 1.33  2001/11/13 00:16:38  jongfoster
+ *    Replacing references to malloc.h with the standard stdlib.h
+ *    (See ANSI or K&R 2nd Ed)
+ *
+ *    Revision 1.32  2001/11/07 00:02:13  steudten
+ *    Add line number in error output for lineparsing for
+ *    actionsfile and configfile.
+ *    Special handling for CLF added.
+ *
+ *    Revision 1.31  2001/10/26 17:39:01  oes
+ *    Removed csp->referrer
+ *    Moved ijb_isspace and ijb_tolower to project.h
+ *
+ *    Revision 1.30  2001/10/25 03:40:48  david__schmidt
+ *    Change in porting tactics: OS/2's EMX porting layer doesn't allow multiple
+ *    threads to call select() simultaneously.  So, it's time to do a real, live,
+ *    native OS/2 port.  See defines for __EMX__ (the porting layer) vs. __OS2__
+ *    (native). Both versions will work, but using __OS2__ offers multi-threading.
+ *
+ *    Revision 1.29  2001/10/23 21:38:53  jongfoster
+ *    Adding error-checking to create_url_spec()
+ *
+ *    Revision 1.28  2001/10/07 15:40:39  oes
+ *    Replaced 6 boolean members of csp with one bitmap (csp->flags)
+ *
+ *    Revision 1.27  2001/09/22 16:36:59  jongfoster
+ *    Removing unused parameter fs from read_config_line()
+ *
+ *    Revision 1.26  2001/09/22 14:05:22  jongfoster
+ *    Bugfix: Multiple escaped "#" characters in a configuration
+ *    file are now permitted.
+ *    Also removing 3 unused headers.
+ *
+ *    Revision 1.25  2001/09/13 22:44:03  jongfoster
+ *    Adding {} to an if statement
+ *
+ *    Revision 1.24  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.23  2001/07/20 15:51:54  oes
+ *    Fixed indentation of prepocessor commands
+ *
+ *    Revision 1.22  2001/07/20 15:16:17  haroon
+ *    - per Guy's suggestion, added a while loop in sweep() to catch not just
+ *      the last inactive CSP but all other consecutive inactive CSPs after that
+ *      as well
+ *
+ *    Revision 1.21  2001/07/18 17:26:24  oes
+ *    Changed to conform to new pcrs interface
+ *
+ *    Revision 1.20  2001/07/17 13:07:01  oes
+ *    Fixed segv when last line in config files
+ *     lacked a terminating (\r)\n
+ *
+ *    Revision 1.19  2001/07/13 14:01:54  oes
+ *    Removed all #ifdef PCRS
+ *
+ *    Revision 1.18  2001/06/29 21:45:41  oes
+ *    Indentation, CRLF->LF, Tab-> Space
+ *
+ *    Revision 1.17  2001/06/29 13:31:51  oes
+ *    Various adaptions
+ *
+ *    Revision 1.16  2001/06/09 10:55:28  jongfoster
+ *    Changing BUFSIZ ==> BUFFER_SIZE
+ *
+ *    Revision 1.15  2001/06/07 23:14:14  jongfoster
+ *    Removing ACL and forward file loaders - these
+ *    files have been merged into the config file.
+ *    Cosmetic: Moving unloader funcs next to their
+ *    respective loader funcs
+ *
+ *    Revision 1.14  2001/06/01 03:27:04  oes
+ *    Fixed line continuation problem
+ *
+ *    Revision 1.13  2001/05/31 21:28:49  jongfoster
+ *    Removed all permissionsfile code - it's now called the actions
+ *    file, and (almost) all the code is in actions.c
+ *
+ *    Revision 1.12  2001/05/31 17:32:31  oes
+ *
+ *     - Enhanced domain part globbing with infix and prefix asterisk
+ *       matching and optional unanchored operation
+ *
+ *    Revision 1.11  2001/05/29 23:25:24  oes
+ *
+ *     - load_config_line() and load_permissions_file() now use chomp()
+ *
+ *    Revision 1.10  2001/05/29 09:50:24  jongfoster
+ *    Unified blocklist/imagelist/permissionslist.
+ *    File format is still under discussion, but the internal changes
+ *    are (mostly) done.
+ *
+ *    Also modified interceptor behaviour:
+ *    - We now intercept all URLs beginning with one of the following
+ *      prefixes (and *only* these prefixes):
+ *        * http://i.j.b/
+ *        * http://ijbswa.sf.net/config/
+ *        * http://ijbswa.sourceforge.net/config/
+ *    - New interceptors "home page" - go to http://i.j.b/ to see it.
+ *    - Internal changes so that intercepted and fast redirect pages
+ *      are not replaced with an image.
+ *    - Interceptors now have the option to send a binary page direct
+ *      to the client. (i.e. ijb-send-banner uses this)
+ *    - Implemented show-url-info interceptor.  (Which is why I needed
+ *      the above interceptors changes - a typical URL is
+ *      "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ *      The previous mechanism would not have intercepted that, and
+ *      if it had been intercepted then it then it would have replaced
+ *      it with an image.)
+ *
+ *    Revision 1.9  2001/05/26 17:12:07  jongfoster
+ *    Fatal errors loading configuration files now give better error messages.
+ *
+ *    Revision 1.8  2001/05/26 00:55:20  jongfoster
+ *    Removing duplicated code.  load_forwardfile() now uses create_url_spec()
+ *
+ *    Revision 1.7  2001/05/26 00:28:36  jongfoster
+ *    Automatic reloading of config file.
+ *    Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32).
+ *    Most of the global variables have been moved to a new
+ *    struct configuration_spec, accessed through csp->config->globalname
+ *    Most of the globals remaining are used by the Win32 GUI.
+ *
+ *    Revision 1.6  2001/05/23 12:27:33  oes
+ *
+ *    Fixed ugly indentation of my last changes
+ *
+ *    Revision 1.5  2001/05/23 10:39:05  oes
+ *    - Added support for escaping the comment character
+ *      in config files by a backslash
+ *    - Added support for line continuation in config
+ *      files
+ *    - Fixed a buffer overflow bug with long config lines
+ *
+ *    Revision 1.4  2001/05/22 18:56:28  oes
+ *    CRLF -> LF
+ *
+ *    Revision 1.3  2001/05/20 01:21:20  jongfoster
+ *    Version 2.9.4 checkin.
+ *    - Merged popupfile and cookiefile, and added control over PCRS
+ *      filtering, in new "permissionsfile".
+ *    - Implemented LOG_LEVEL_FATAL, so that if there is a configuration
+ *      file error you now get a message box (in the Win32 GUI) rather
+ *      than the program exiting with no explanation.
+ *    - Made killpopup use the PCRS MIME-type checking and HTTP-header
+ *      skipping.
+ *    - Removed tabs from "config"
+ *    - Moved duplicated url parsing code in "loaders.c" to a new funcition.
+ *    - Bumped up version number.
+ *
+ *    Revision 1.2  2001/05/17 23:01:01  oes
+ *     - Cleaned CRLF's from the sources and related files
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:59  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <sys/types.h>
+#include <string.h>
+#include <errno.h>
+#include <sys/stat.h>
+#include <ctype.h>
+#include <assert.h>
+
+#if !defined(_WIN32) && !defined(__OS2__)
+#include <unistd.h>
+#endif
+
+#include "project.h"
+#include "list.h"
+#include "loaders.h"
+#include "filters.h"
+#include "parsers.h"
+#include "jcc.h"
+#include "miscutil.h"
+#include "errlog.h"
+#include "actions.h"
+#include "urlmatch.h"
+#include "encode.h"
+
+const char loaders_h_rcs[] = LOADERS_H_VERSION;
+
+/*
+ * Currently active files.
+ * These are also entered in the main linked list of files.
+ */
+
+#ifdef FEATURE_TRUST
+static struct file_list *current_trustfile      = NULL;
+#endif /* def FEATURE_TRUST */
+
+static int load_one_re_filterfile(struct client_state *csp, int fileid);
+
+static struct file_list *current_re_filterfile[MAX_AF_FILES]  = {
+   NULL, NULL, NULL, NULL, NULL,
+   NULL, NULL, NULL, NULL, NULL
+};
+
+/*
+ * Pseudo filter type for load_one_re_filterfile
+ */
+#define NO_NEW_FILTER -1
+
+
+/*********************************************************************
+ *
+ * Function    :  sweep
+ *
+ * Description :  Basically a mark and sweep garbage collector, it is run
+ *                (by the parent thread) every once in a while to reclaim memory.
+ *
+ * It uses a mark and sweep strategy:
+ *   1) mark all files as inactive
+ *
+ *   2) check with each client:
+ *       if it is active,   mark its files as active
+ *       if it is inactive, free its resources
+ *
+ *   3) free the resources of all of the files that
+ *      are still marked as inactive (and are obsolete).
+ *
+ *   N.B. files that are not obsolete don't have an unloader defined.
+ *
+ * Parameters  :  None
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void sweep(void)
+{
+   struct file_list *fl, *nfl;
+   struct client_state *csp, *last_active;
+   int i;
+
+   /* clear all of the file's active flags */
+   for ( fl = files->next; NULL != fl; fl = fl->next )
+   {
+      fl->active = 0;
+   }
+
+   last_active = clients;
+   csp = clients->next;
+
+   while (NULL != csp)
+   {
+      if (csp->flags & CSP_FLAG_ACTIVE)
+      {
+         /* Mark this client's files as active */
+
+         /*
+          * Always have a configuration file.
+          * (Also note the slightly non-standard extra
+          * indirection here.)
+          */
+         csp->config->config_file_list->active = 1;
+
+         /* 
+          * Actions files
+          */
+         for (i = 0; i < MAX_AF_FILES; i++)
+         {
+            if (csp->actions_list[i])     
+            {
+               csp->actions_list[i]->active = 1;
+            }
+         }
+
+         /*
+          * Filter files
+          */
+         for (i = 0; i < MAX_AF_FILES; i++)
+         {
+            if (csp->rlist[i])     
+            {
+               csp->rlist[i]->active = 1;
+            }
+         }
+
+         /*
+          * Trust file
+          */
+#ifdef FEATURE_TRUST
+         if (csp->tlist)
+         {
+            csp->tlist->active = 1;
+         }
+#endif /* def FEATURE_TRUST */
+         
+         last_active = csp;
+         csp = csp->next;
+
+      }
+      else 
+      /*
+       * This client is not active. Free its resources.
+       */
+      {
+         last_active->next = csp->next;
+
+         freez(csp->ip_addr_str);
+         freez(csp->iob->buf);
+         freez(csp->error_message);
+
+         if (csp->action->flags & ACTION_FORWARD_OVERRIDE &&
+             NULL != csp->fwd)
+         {
+            unload_forward_spec(csp->fwd);
+         }
+         free_http_request(csp->http);
+
+         destroy_list(csp->headers);
+         destroy_list(csp->tags);
+
+         free_current_action(csp->action);
+
+#ifdef FEATURE_STATISTICS
+         urls_read++;
+         if (csp->flags & CSP_FLAG_REJECTED)
+         {
+            urls_rejected++;
+         }
+#endif /* def FEATURE_STATISTICS */
+
+         freez(csp);
+         
+         csp = last_active->next;
+      }
+   }
+
+   nfl = files;
+   fl = files->next;
+
+   while (fl != NULL)
+   {
+      if ( ( 0 == fl->active ) && ( NULL != fl->unloader ) )
+      {
+         nfl->next = fl->next;
+
+         (fl->unloader)(fl->f);
+
+         freez(fl->filename);
+         freez(fl);
+
+         fl = nfl->next;
+      }
+      else
+      {
+         nfl = fl;
+         fl = fl->next;
+      }
+   }
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  check_file_changed
+ *
+ * Description :  Helper function to check if a file needs reloading.
+ *                If "current" is still current, return it.  Otherwise
+ *                allocates a new (zeroed) "struct file_list", fills
+ *                in the disk file name and timestamp, and returns it.
+ *
+ * Parameters  :
+ *          1  :  current = The file_list currently being used - will
+ *                          be checked to see if it is out of date.
+ *                          May be NULL (which is treated as out of
+ *                          date).
+ *          2  :  filename = Name of file to check.
+ *          3  :  newfl    = New file list. [Output only]
+ *                           This will be set to NULL, OR a struct
+ *                           file_list newly allocated on the
+ *                           heap, with the filename and lastmodified
+ *                           fields filled, and all others zeroed.
+ *
+ * Returns     :  If file unchanged: 0 (and sets newfl == NULL)
+ *                If file changed: 1 and sets newfl != NULL
+ *                On error: 1 and sets newfl == NULL
+ *
+ *********************************************************************/
+int check_file_changed(const struct file_list * current,
+                       const char * filename,
+                       struct file_list ** newfl)
+{
+   struct file_list *fs;
+   struct stat statbuf[1];
+
+   *newfl = NULL;
+
+   if (stat(filename, statbuf) < 0)
+   {
+      /* Error, probably file not found. */
+      return 1;
+   }
+
+   if (current
+       && (current->lastmodified == statbuf->st_mtime)
+       && (0 == strcmp(current->filename, filename)))
+   {
+      return 0;
+   }
+
+   fs = (struct file_list *)zalloc(sizeof(struct file_list));
+   if (fs == NULL)
+   {
+      /* Out of memory error */
+      return 1;
+   }
+
+
+   fs->filename = strdup(filename);
+   fs->lastmodified = statbuf->st_mtime;
+
+   if (fs->filename == NULL)
+   {
+      /* Out of memory error */
+      freez (fs);
+      return 1;
+   }
+   *newfl = fs;
+   return 1;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  simple_read_line
+ *
+ * Description :  Read a single line from a file and return it.
+ *                This is basically a version of fgets() that malloc()s
+ *                it's own line buffer.  Note that the buffer will
+ *                always be a multiple of BUFFER_SIZE bytes long.
+ *                Therefore if you are going to keep the string for
+ *                an extended period of time, you should probably
+ *                strdup() it and free() the original, to save memory.
+ *
+ *
+ * Parameters  :
+ *          1  :  dest = destination for newly malloc'd pointer to
+ *                line data.  Will be set to NULL on error.
+ *          2  :  fp = File to read from
+ *          3  :  newline = Standard for newlines in the file.
+ *                Will be unchanged if it's value on input is not
+ *                NEWLINE_UNKNOWN.
+ *                On output, may be changed from NEWLINE_UNKNOWN to
+ *                actual convention in file.
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_FILE   on EOF.
+ *
+ *********************************************************************/
+jb_err simple_read_line(FILE *fp, char **dest, int *newline)
+{
+   size_t len = 0;
+   size_t buflen = BUFFER_SIZE;
+   char * buf;
+   char * p;
+   int ch;
+   int realnewline = NEWLINE_UNKNOWN;
+
+   if (NULL == (buf = malloc(buflen)))
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   p = buf;
+
+/*
+ * Character codes.  If you have a wierd compiler and the following are
+ * incorrect, you also need to fix NEWLINE() in loaders.h
+ */
+#define CHAR_CR '\r' /* ASCII 13 */
+#define CHAR_LF '\n' /* ASCII 10 */
+
+   for (;;)
+   {
+      ch = getc(fp);
+      if (ch == EOF)
+      {
+         if (len > 0)
+         {
+            *p = '\0';
+            *dest = buf;
+            return JB_ERR_OK;
+         }
+         else
+         {
+            free(buf);
+            *dest = NULL;
+            return JB_ERR_FILE;
+         }
+      }
+      else if (ch == CHAR_CR)
+      {
+         ch = getc(fp);
+         if (ch == CHAR_LF)
+         {
+            if (*newline == NEWLINE_UNKNOWN)
+            {
+               *newline = NEWLINE_DOS;
+            }
+         }
+         else
+         {
+            if (ch != EOF)
+            {
+               ungetc(ch, fp);
+            }
+            if (*newline == NEWLINE_UNKNOWN)
+            {
+               *newline = NEWLINE_MAC;
+            }
+         }
+         *p = '\0';
+         *dest = buf;
+         if (*newline == NEWLINE_UNKNOWN)
+         {
+            *newline = realnewline;
+         }
+         return JB_ERR_OK;
+      }
+      else if (ch == CHAR_LF)
+      {
+         *p = '\0';
+         *dest = buf;
+         if (*newline == NEWLINE_UNKNOWN)
+         {
+            *newline = NEWLINE_UNIX;
+         }
+         return JB_ERR_OK;
+      }
+      else if (ch == 0)
+      {
+         *p = '\0';
+         *dest = buf;
+         return JB_ERR_OK;
+      }
+
+      *p++ = (char)ch;
+
+      if (++len >= buflen)
+      {
+         buflen += BUFFER_SIZE;
+         if (NULL == (p = realloc(buf, buflen)))
+         {
+            free(buf);
+            return JB_ERR_MEMORY;
+         }
+         buf = p;
+         p = buf + len;
+      }
+   }
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  edit_read_line
+ *
+ * Description :  Read a single non-empty line from a file and return
+ *                it.  Trims comments, leading and trailing whitespace
+ *                and respects escaping of newline and comment char.
+ *                Provides the line in 2 alternative forms: raw and
+ *                preprocessed.
+ *                - raw is the raw data read from the file.  If the
+ *                  line is not modified, then this should be written
+ *                  to the new file.
+ *                - prefix is any comments and blank lines that were
+ *                  read from the file.  If the line is modified, then
+ *                  this should be written out to the file followed
+ *                  by the modified data.  (If this string is non-empty
+ *                  then it will have a newline at the end).
+ *                - data is the actual data that will be parsed
+ *                  further by appropriate routines.
+ *                On EOF, the 3 strings will all be set to NULL and
+ *                0 will be returned.
+ *
+ * Parameters  :
+ *          1  :  fp = File to read from
+ *          2  :  raw_out = destination for newly malloc'd pointer to
+ *                raw line data.  May be NULL if you don't want it.
+ *          3  :  prefix_out = destination for newly malloc'd pointer to
+ *                comments.  May be NULL if you don't want it.
+ *          4  :  data_out = destination for newly malloc'd pointer to
+ *                line data with comments and leading/trailing spaces
+ *                removed, and line continuation performed.  May be
+ *                NULL if you don't want it.
+ *          5  :  newline = Standard for newlines in the file.
+ *                On input, set to value to use or NEWLINE_UNKNOWN.
+ *                On output, may be changed from NEWLINE_UNKNOWN to
+ *                actual convention in file.  May be NULL if you
+ *                don't want it.
+ *          6  :  line_number = Line number in file.  In "lines" as
+ *                reported by a text editor, not lines containing data.
+ *
+ * Returns     :  JB_ERR_OK     on success
+ *                JB_ERR_MEMORY on out-of-memory
+ *                JB_ERR_FILE   on EOF.
+ *
+ *********************************************************************/
+jb_err edit_read_line(FILE *fp,
+                      char **raw_out,
+                      char **prefix_out,
+                      char **data_out,
+                      int *newline,
+                      unsigned long *line_number)
+{
+   char *p;          /* Temporary pointer   */
+   char *linebuf;    /* Line read from file */
+   char *linestart;  /* Start of linebuf, usually first non-whitespace char */
+   int contflag = 0; /* Nonzero for line continuation - i.e. line ends '\' */
+   int is_empty = 1; /* Flag if not got any data yet */
+   char *raw    = NULL; /* String to be stored in raw_out    */
+   char *prefix = NULL; /* String to be stored in prefix_out */
+   char *data   = NULL; /* String to be stored in data_out   */
+   int scrapnewline;    /* Used for (*newline) if newline==NULL */
+   jb_err rval = JB_ERR_OK;
+
+   assert(fp);
+   assert(raw_out || data_out);
+   assert(newline == NULL
+       || *newline == NEWLINE_UNKNOWN
+       || *newline == NEWLINE_UNIX
+       || *newline == NEWLINE_DOS
+       || *newline == NEWLINE_MAC);
+
+   if (newline == NULL)
+   {
+      scrapnewline = NEWLINE_UNKNOWN;
+      newline = &scrapnewline;
+   }
+
+   /* Set output parameters to NULL */
+   if (raw_out)
+   {
+      *raw_out    = NULL;
+   }
+   if (prefix_out)
+   {
+      *prefix_out = NULL;
+   }
+   if (data_out)
+   {
+      *data_out   = NULL;
+   }
+
+   /* Set string variables to new, empty strings. */
+
+   if (raw_out)
+   {
+      raw = strdup("");
+      if (NULL == raw)
+      {
+         return JB_ERR_MEMORY;
+      }
+   }
+   if (prefix_out)
+   {
+      prefix = strdup("");
+      if (NULL == prefix)
+      {
+         freez(raw);
+         return JB_ERR_MEMORY;
+      }
+   }
+   if (data_out)
+   {
+      data = strdup("");
+      if (NULL == data)
+      {
+         freez(raw);
+         freez(prefix);
+         return JB_ERR_MEMORY;
+      }
+   }
+
+   /* Main loop.  Loop while we need more data & it's not EOF. */
+
+   while ( (contflag || is_empty)
+        && (JB_ERR_OK == (rval = simple_read_line(fp, &linebuf, newline))))
+   {
+      if (line_number)
+      {
+         (*line_number)++;
+      }
+      if (raw)
+      {
+         string_append(&raw,linebuf);
+         if (string_append(&raw,NEWLINE(*newline)))
+         {
+            freez(prefix);
+            freez(data);
+            free(linebuf);
+            return JB_ERR_MEMORY;
+         }
+      }
+
+      /* Line continuation? Trim escape and set flag. */
+      p = linebuf + strlen(linebuf) - 1;
+      contflag = ((*linebuf != '\0') && (*p == '\\'));
+      if (contflag)
+      {
+         *p = '\0';
+      }
+
+      /* Trim leading spaces if we're at the start of the line */
+      linestart = linebuf;
+      assert(NULL != data);
+      if (*data == '\0')
+      {
+         /* Trim leading spaces */
+         while (*linestart && isspace((int)(unsigned char)*linestart))
+         {
+            linestart++;
+         }
+      }
+
+      /* Handle comment characters. */
+      p = linestart;
+      while ((p = strchr(p, '#')) != NULL)
+      {
+         /* Found a comment char.. */
+         if ((p != linebuf) && (*(p-1) == '\\'))
+         {
+            /* ..and it's escaped, left-shift the line over the escape. */
+            char *q = p - 1;
+            while ((*q = *(q + 1)) != '\0')
+            {
+               q++;
+            }
+            /* Now scan from just after the "#". */
+         }
+         else
+         {
+            /* Real comment.  Save it... */
+            if (p == linestart)
+            {
+               /* Special case:  Line only contains a comment, so all the
+                * previous whitespace is considered part of the comment.
+                * Undo the whitespace skipping, if any.
+                */
+               linestart = linebuf;
+               p = linestart;
+            }
+            if (prefix)
+            {
+               string_append(&prefix,p);
+               if (string_append(&prefix, NEWLINE(*newline)))
+               {
+                  freez(raw);
+                  freez(data);
+                  free(linebuf);
+                  return JB_ERR_MEMORY;
+               }
+            }
+
+            /* ... and chop off the rest of the line */
+            *p = '\0';
+         }
+      } /* END while (there's a # character) */
+
+      /* Write to the buffer */
+      if (*linestart)
+      {
+         is_empty = 0;
+         if (data)
+         {
+            if (string_append(&data, linestart))
+            {
+               freez(raw);
+               freez(prefix);
+               free(linebuf);
+               return JB_ERR_MEMORY;
+            }
+         }
+      }
+
+      free(linebuf);
+   } /* END while(we need more data) */
+
+   /* Handle simple_read_line() errors - ignore EOF */
+   if ((rval != JB_ERR_OK) && (rval != JB_ERR_FILE))
+   {
+      freez(raw);
+      freez(prefix);
+      freez(data);
+      return rval;
+   }
+
+   if (raw ? (*raw == '\0') : is_empty)
+   {
+      /* EOF and no data there.  (Definition of "data" depends on whether
+       * the caller cares about "raw" or just "data").
+       */
+
+      freez(raw);
+      freez(prefix);
+      freez(data);
+
+      return JB_ERR_FILE;
+   }
+   else
+   {
+      /* Got at least some data */
+
+      /* Remove trailing whitespace */
+      chomp(data);
+
+      if (raw_out)
+      {
+         *raw_out    = raw;
+      }
+      else
+      {
+         freez(raw);
+      }
+      if (prefix_out)
+      {
+         *prefix_out = prefix;
+      }
+      else
+      {
+         freez(prefix);
+      }
+      if (data_out)
+      {
+         *data_out   = data;
+      }
+      else
+      {
+         freez(data);
+      }
+      return JB_ERR_OK;
+   }
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  read_config_line
+ *
+ * Description :  Read a single non-empty line from a file and return
+ *                it.  Trims comments, leading and trailing whitespace
+ *                and respects escaping of newline and comment char.
+ *
+ * Parameters  :
+ *          1  :  buf = Buffer to use.
+ *          2  :  buflen = Size of buffer in bytes.
+ *          3  :  fp = File to read from
+ *          4  :  linenum = linenumber in file
+ *
+ * Returns     :  NULL on EOF or error
+ *                Otherwise, returns buf.
+ *
+ *********************************************************************/
+char *read_config_line(char *buf, size_t buflen, FILE *fp, unsigned long *linenum)
+{
+   jb_err err;
+   char *buf2 = NULL;
+   err = edit_read_line(fp, NULL, NULL, &buf2, NULL, linenum);
+   if (err)
+   {
+      if (err == JB_ERR_MEMORY)
+      {
+         log_error(LOG_LEVEL_FATAL, "Out of memory loading a config file");
+      }
+      return NULL;
+   }
+   else
+   {
+      assert(buf2);
+      assert(strlen(buf2) + 1U < buflen);
+      strncpy(buf, buf2, buflen - 1);
+      free(buf2);
+      buf[buflen - 1] = '\0';
+      return buf;
+   }
+}
+
+
+#ifdef FEATURE_TRUST
+/*********************************************************************
+ *
+ * Function    :  unload_trustfile
+ *
+ * Description :  Unloads a trustfile.
+ *
+ * Parameters  :
+ *          1  :  f = the data structure associated with the trustfile.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+static void unload_trustfile(void *f)
+{
+   struct block_spec *cur = (struct block_spec *)f;
+   struct block_spec *next;
+
+   while (cur != NULL)
+   {
+      next = cur->next;
+
+      free_url_spec(cur->url);
+      free(cur);
+
+      cur = next;
+   }
+
+}
+
+
+#ifdef FEATURE_GRACEFUL_TERMINATION
+/*********************************************************************
+ *
+ * Function    :  unload_current_trust_file
+ *
+ * Description :  Unloads current trust file - reset to state at
+ *                beginning of program.
+ *
+ * Parameters  :  None
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void unload_current_trust_file(void)
+{
+   if (current_trustfile)
+   {
+      current_trustfile->unloader = unload_trustfile;
+      current_trustfile = NULL;
+   }
+}
+#endif /* FEATURE_GRACEFUL_TERMINATION */
+
+
+/*********************************************************************
+ *
+ * Function    :  load_trustfile
+ *
+ * Description :  Read and parse a trustfile and add to files list.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  0 => Ok, everything else is an error.
+ *
+ *********************************************************************/
+int load_trustfile(struct client_state *csp)
+{
+   FILE *fp;
+
+   struct block_spec *b, *bl;
+   struct url_spec **tl;
+
+   char  buf[BUFFER_SIZE], *p, *q;
+   int reject, trusted;
+   struct file_list *fs;
+   unsigned long linenum = 0;
+   int trusted_referrers = 0;
+
+   if (!check_file_changed(current_trustfile, csp->config->trustfile, &fs))
+   {
+      /* No need to load */
+      if (csp)
+      {
+         csp->tlist = current_trustfile;
+      }
+      return(0);
+   }
+   if (!fs)
+   {
+      goto load_trustfile_error;
+   }
+
+   fs->f = bl = (struct block_spec *)zalloc(sizeof(*bl));
+   if (bl == NULL)
+   {
+      goto load_trustfile_error;
+   }
+
+   if ((fp = fopen(csp->config->trustfile, "r")) == NULL)
+   {
+      goto load_trustfile_error;
+   }
+
+   tl = csp->config->trust_list;
+
+   while (read_config_line(buf, sizeof(buf), fp, &linenum) != NULL)
+   {
+      trusted = 0;
+      reject  = 1;
+
+      if (*buf == '+')
+      {
+         trusted = 1;
+         *buf = '~';
+      }
+
+      if (*buf == '~')
+      {
+         reject = 0;
+         p = buf;
+         q = p+1;
+         while ((*p++ = *q++) != '\0')
+         {
+            /* nop */
+         }
+      }
+
+      /* skip blank lines */
+      if (*buf == '\0')
+      {
+         continue;
+      }
+
+      /* allocate a new node */
+      if ((b = zalloc(sizeof(*b))) == NULL)
+      {
+         fclose(fp);
+         goto load_trustfile_error;
+      }
+
+      /* add it to the list */
+      b->next  = bl->next;
+      bl->next = b;
+
+      b->reject = reject;
+
+      /* Save the URL pattern */
+      if (create_url_spec(b->url, buf))
+      {
+         fclose(fp);
+         goto load_trustfile_error;
+      }
+
+      /*
+       * save a pointer to URL's spec in the list of trusted URL's, too
+       */
+      if (trusted)
+      {
+         if(++trusted_referrers < MAX_TRUSTED_REFERRERS)
+         {
+            *tl++ = b->url;
+         }
+      }
+   }
+
+   if(trusted_referrers >= MAX_TRUSTED_REFERRERS) 
+   {
+      /*
+       * FIXME: ... after Privoxy 3.0.4 is out.
+       */
+       log_error(LOG_LEVEL_ERROR, "Too many trusted referrers. Current limit is %d, you are using %d.\n"
+          "  Additional trusted referrers are treated like ordinary trusted URLs.\n"
+          "  (You can increase this limit by changing MAX_TRUSTED_REFERRERS in project.h and recompiling).",
+          MAX_TRUSTED_REFERRERS, trusted_referrers);
+   }
+
+   *tl = NULL;
+
+   fclose(fp);
+
+   /* the old one is now obsolete */
+   if (current_trustfile)
+   {
+      current_trustfile->unloader = unload_trustfile;
+   }
+
+   fs->next    = files->next;
+   files->next = fs;
+   current_trustfile = fs;
+
+   if (csp)
+   {
+      csp->tlist = fs;
+   }
+
+   return(0);
+
+load_trustfile_error:
+   log_error(LOG_LEVEL_FATAL, "can't load trustfile '%s': %E",
+             csp->config->trustfile);
+   return(-1);
+
+}
+#endif /* def FEATURE_TRUST */
+
+
+/*********************************************************************
+ *
+ * Function    :  unload_re_filterfile
+ *
+ * Description :  Unload the re_filter list by freeing all chained
+ *                re_filterfile specs and their data.
+ *
+ * Parameters  :
+ *          1  :  f = the data structure associated with the filterfile.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+static void unload_re_filterfile(void *f)
+{
+   struct re_filterfile_spec *a, *b = (struct re_filterfile_spec *)f;
+
+   while (b != NULL)
+   {
+      a = b->next;
+
+      destroy_list(b->patterns);
+      pcrs_free_joblist(b->joblist);
+      freez(b->name);
+      freez(b->description);
+      freez(b);
+
+      b = a;
+   }
+
+   return;
+}
+
+/*********************************************************************
+ *
+ * Function    :  unload_forward_spec
+ *
+ * Description :  Unload the forward spec settings by freeing all 
+ *                memory referenced by members and the memory for
+ *                the spec itself.
+ *
+ * Parameters  :
+ *          1  :  fwd = the forward spec.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void unload_forward_spec(struct forward_spec *fwd)
+{
+   free_url_spec(fwd->url);
+   freez(fwd->gateway_host);
+   freez(fwd->forward_host);
+   free(fwd);
+
+   return;
+}
+
+
+#ifdef FEATURE_GRACEFUL_TERMINATION
+/*********************************************************************
+ *
+ * Function    :  unload_current_re_filterfile
+ *
+ * Description :  Unloads current re_filter file - reset to state at
+ *                beginning of program.
+ *
+ * Parameters  :  None
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void unload_current_re_filterfile(void)
+{
+   int i;
+
+   for (i = 0; i < MAX_AF_FILES; i++)
+   {
+      if (current_re_filterfile[i])
+      {
+         current_re_filterfile[i]->unloader = unload_re_filterfile;
+         current_re_filterfile[i] = NULL;
+      }
+   }
+}
+#endif
+
+
+/*********************************************************************
+ *
+ * Function    :  load_re_filterfiles
+ *
+ * Description :  Loads all the filterfiles. 
+ *                Generate a chained list of re_filterfile_spec's from
+ *                the "FILTER: " blocks, compiling all their substitutions
+ *                into chained lists of pcrs_job structs.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  0 => Ok, everything else is an error.
+ *
+ *********************************************************************/
+int load_re_filterfiles(struct client_state *csp)
+{
+   int i;
+   int result;
+
+   for (i = 0; i < MAX_AF_FILES; i++)
+   {
+      if (csp->config->re_filterfile[i])
+      {
+         result = load_one_re_filterfile(csp, i);
+         if (result)
+         {
+            return result;
+         }
+      }
+      else if (current_re_filterfile[i])
+      {
+         current_re_filterfile[i]->unloader = unload_re_filterfile;
+         current_re_filterfile[i] = NULL;
+      }
+   }
+
+   return 0;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  load_one_re_filterfile
+ *
+ * Description :  Load a re_filterfile. 
+ *                Generate a chained list of re_filterfile_spec's from
+ *                the "FILTER: " blocks, compiling all their substitutions
+ *                into chained lists of pcrs_job structs.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  0 => Ok, everything else is an error.
+ *
+ *********************************************************************/
+int load_one_re_filterfile(struct client_state *csp, int fileid)
+{
+   FILE *fp;
+
+   struct re_filterfile_spec *new_bl, *bl = NULL;
+   struct file_list *fs;
+
+   char  buf[BUFFER_SIZE];
+   int error;
+   unsigned long linenum = 0;
+   pcrs_job *dummy, *lastjob = NULL;
+
+   /*
+    * No need to reload if unchanged
+    */
+   if (!check_file_changed(current_re_filterfile[fileid], csp->config->re_filterfile[fileid], &fs))
+   {
+      if (csp)
+      {
+         csp->rlist[fileid] = current_re_filterfile[fileid];
+      }
+      return(0);
+   }
+   if (!fs)
+   {
+      goto load_re_filterfile_error;
+   }
+
+   /* 
+    * Open the file or fail
+    */
+   if ((fp = fopen(csp->config->re_filterfile[fileid], "r")) == NULL)
+   {
+      goto load_re_filterfile_error;
+   }
+
+   /* 
+    * Read line by line
+    */
+   while (read_config_line(buf, sizeof(buf), fp, &linenum) != NULL)
+   {
+      int new_filter = NO_NEW_FILTER;
+
+      if (strncmp(buf, "FILTER:", 7) == 0)
+      {
+         new_filter = FT_CONTENT_FILTER;
+      }
+      else if (strncmp(buf, "SERVER-HEADER-FILTER:", 21) == 0)
+      {
+         new_filter = FT_SERVER_HEADER_FILTER;
+      }
+      else if (strncmp(buf, "CLIENT-HEADER-FILTER:", 21) == 0)
+      {
+         new_filter = FT_CLIENT_HEADER_FILTER;
+      }
+      else if (strncmp(buf, "CLIENT-HEADER-TAGGER:", 21) == 0)
+      {
+         new_filter = FT_CLIENT_HEADER_TAGGER;
+      }
+      else if (strncmp(buf, "SERVER-HEADER-TAGGER:", 21) == 0)
+      {
+         new_filter = FT_SERVER_HEADER_TAGGER;
+      }
+
+      /*
+       * If this is the head of a new filter block, make it a
+       * re_filterfile spec of its own and chain it to the list:
+       */
+      if (new_filter != NO_NEW_FILTER)
+      {
+         new_bl = (struct re_filterfile_spec  *)zalloc(sizeof(*bl));
+         if (new_bl == NULL)
+         {
+            goto load_re_filterfile_error;
+         }
+         if (new_filter == FT_CONTENT_FILTER)
+         {
+            new_bl->name = chomp(buf + 7);
+         }
+         else
+         {
+            new_bl->name = chomp(buf + 21);
+         }
+         new_bl->type = new_filter;
+
+         /*
+          * If a filter description is available,
+          * encode it to HTML and save it.
+          */
+         if (NULL != (new_bl->description = strpbrk(new_bl->name, " \t")))
+         {
+            *new_bl->description++ = '\0';
+            new_bl->description = html_encode(chomp(new_bl->description));
+            if (NULL == new_bl->description)
+            {
+               new_bl->description = strdup("Out of memory while encoding this filter's description to HTML");
+            }
+         }
+         else
+         {
+            new_bl->description = strdup("No description available for this filter");
+         }
+
+         new_bl->name = strdup(chomp(new_bl->name));
+         
+         /*
+          * If this is the first filter block, chain it
+          * to the file_list rather than its (nonexistant)
+          * predecessor
+          */
+         if (fs->f == NULL)
+         {
+            fs->f = new_bl;
+         }
+         else
+         {
+            assert(NULL != bl);
+            bl->next = new_bl;
+         }
+         bl = new_bl;
+
+         log_error(LOG_LEVEL_RE_FILTER, "Reading in filter \"%s\" (\"%s\")", bl->name, bl->description);
+
+         continue;
+      }
+
+      /* 
+       * Else, save the expression, make it a pcrs_job
+       * and chain it into the current filter's joblist 
+       */
+      if (bl != NULL)
+      {
+         error = enlist(bl->patterns, buf);
+         if (JB_ERR_MEMORY == error)
+         {
+            log_error(LOG_LEVEL_FATAL,
+               "Out of memory while enlisting re_filter job \'%s\' for filter %s.", buf, bl->name);
+         }
+         assert(JB_ERR_OK == error);
+
+         if (pcrs_job_is_dynamic(buf))
+         {
+            /*
+             * Dynamic pattern that might contain variables
+             * and has to be recompiled for every request
+             */
+            if (bl->joblist != NULL)
+            {
+                pcrs_free_joblist(bl->joblist);
+                bl->joblist = NULL;
+            }
+            bl->dynamic = 1;
+            log_error(LOG_LEVEL_RE_FILTER,
+               "Adding dynamic re_filter job \'%s\' to filter %s succeeded.", buf, bl->name);
+            continue;             
+         }
+         else if (bl->dynamic)
+         {
+            /*
+             * A previous job was dynamic and as we
+             * recompile the whole filter anyway, it
+             * makes no sense to compile this job now.
+             */
+            log_error(LOG_LEVEL_RE_FILTER,
+               "Adding static re_filter job \'%s\' to dynamic filter %s succeeded.", buf, bl->name);
+            continue;
+         }
+
+         if ((dummy = pcrs_compile_command(buf, &error)) == NULL)
+         {
+            log_error(LOG_LEVEL_ERROR,
+               "Adding re_filter job \'%s\' to filter %s failed with error %d.", buf, bl->name, error);
+            continue;
+         }
+         else
+         {
+            if (bl->joblist == NULL)
+            {
+               bl->joblist = dummy;
+            }
+            else if (NULL != lastjob)
+            {
+               lastjob->next = dummy;
+            }
+            lastjob = dummy;
+            log_error(LOG_LEVEL_RE_FILTER, "Adding re_filter job \'%s\' to filter %s succeeded.", buf, bl->name);
+         }
+      }
+      else
+      {
+         log_error(LOG_LEVEL_ERROR, "Ignoring job %s outside filter block in %s, line %d",
+            buf, csp->config->re_filterfile[fileid], linenum);
+      }
+   }
+
+   fclose(fp);
+
+   /* 
+    * Schedule the now-obsolete old data for unloading
+    */
+   if ( NULL != current_re_filterfile[fileid] )
+   {
+      current_re_filterfile[fileid]->unloader = unload_re_filterfile;
+   }
+
+   /*
+    * Chain this file into the global list of loaded files
+    */
+   fs->next    = files->next;
+   files->next = fs;
+   current_re_filterfile[fileid] = fs;
+
+   if (csp)
+   {
+      csp->rlist[fileid] = fs;
+   }
+
+   return( 0 );
+
+load_re_filterfile_error:
+   log_error(LOG_LEVEL_FATAL, "can't load re_filterfile '%s': %E",
+             csp->config->re_filterfile[fileid]);
+   return(-1);
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  add_loader
+ *
+ * Description :  Called from `load_config'.  Called once for each input
+ *                file found in config.
+ *
+ * Parameters  :
+ *          1  :  loader = pointer to a function that can parse and load
+ *                the appropriate config file.
+ *          2  :  config = The configuration_spec to add the loader to.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void add_loader(int (*loader)(struct client_state *),
+                struct configuration_spec * config)
+{
+   int i;
+
+   for (i=0; i < NLOADERS; i++)
+   {
+      if (config->loaders[i] == NULL)
+      {
+         config->loaders[i] = loader;
+         break;
+      }
+   }
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  run_loader
+ *
+ * Description :  Called from `load_config' and `listen_loop'.  This
+ *                function keeps the "csp" current with any file mods
+ *                since the last loop.  If a file is unchanged, the
+ *                loader functions do NOT reload the file.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *                      Must be non-null.  Reads: "csp->config"
+ *                      Writes: various data members.
+ *
+ * Returns     :  0 => Ok, everything else is an error.
+ *
+ *********************************************************************/
+int run_loader(struct client_state *csp)
+{
+   int ret = 0;
+   int i;
+
+   for (i=0; i < NLOADERS; i++)
+   {
+      if (csp->config->loaders[i] == NULL)
+      {
+         break;
+      }
+      ret |= (csp->config->loaders[i])(csp);
+   }
+   return(ret);
+
+}
+
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/loaders.h b/external/privoxy/loaders.h
new file mode 100644
index 0000000..ded18e3
--- /dev/null
+++ b/external/privoxy/loaders.h
@@ -0,0 +1,250 @@
+#ifndef LOADERS_H_INCLUDED
+#define LOADERS_H_INCLUDED
+#define LOADERS_H_VERSION "$Id: loaders.h,v 1.23 2008/03/30 14:52:10 fabiankeil Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/loaders.h,v $
+ *
+ * Purpose     :  Functions to load and unload the various
+ *                configuration files.  Also contains code to manage
+ *                the list of active loaders, and to automatically 
+ *                unload files that are no longer in use.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: loaders.h,v $
+ *    Revision 1.23  2008/03/30 14:52:10  fabiankeil
+ *    Rename load_actions_file() and load_re_filterfile()
+ *    as they load multiple files "now".
+ *
+ *    Revision 1.22  2007/06/01 14:12:38  fabiankeil
+ *    Add unload_forward_spec() in preparation for forward-override{}.
+ *
+ *    Revision 1.21  2006/07/18 14:48:46  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.19  2002/03/26 22:29:55  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.18  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.17  2002/03/16 23:54:06  jongfoster
+ *    Adding graceful termination feature, to help look for memory leaks.
+ *    If you enable this (which, by design, has to be done by hand
+ *    editing config.h) and then go to http://i.j.b/die, then the program
+ *    will exit cleanly after the *next* request.  It should free all the
+ *    memory that was used.
+ *
+ *    Revision 1.16  2002/03/07 03:46:17  oes
+ *    Fixed compiler warnings
+ *
+ *    Revision 1.15  2002/01/22 23:46:18  jongfoster
+ *    Moving edit_read_line() and simple_read_line() to loaders.c, and
+ *    extending them to support reading MS-DOS, Mac and UNIX style files
+ *    on all platforms.
+ *
+ *    Modifying read_config_line() (without changing it's prototype) to
+ *    be a trivial wrapper for edit_read_line().  This means that we have
+ *    one function to read a line and handle comments, which is common
+ *    between the initialization code and the edit interface.
+ *
+ *    Revision 1.14  2002/01/17 21:03:08  jongfoster
+ *    Moving all our URL and URL pattern parsing code to urlmatch.c.
+ *
+ *    Renaming free_url to free_url_spec, since it frees a struct url_spec.
+ *
+ *    Revision 1.13  2001/12/30 14:07:32  steudten
+ *    - Add signal handling (unix)
+ *    - Add SIGHUP handler (unix)
+ *    - Add creation of pidfile (unix)
+ *    - Add action 'top' in rc file (RH)
+ *    - Add entry 'SIGNALS' to manpage
+ *    - Add exit message to logfile (unix)
+ *
+ *    Revision 1.12  2001/11/07 00:02:13  steudten
+ *    Add line number in error output for lineparsing for
+ *    actionsfile and configfile.
+ *    Special handling for CLF added.
+ *
+ *    Revision 1.11  2001/10/23 21:38:53  jongfoster
+ *    Adding error-checking to create_url_spec()
+ *
+ *    Revision 1.10  2001/09/22 16:36:59  jongfoster
+ *    Removing unused parameter fs from read_config_line()
+ *
+ *    Revision 1.9  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.8  2001/07/29 18:58:15  jongfoster
+ *    Removing nested #includes, adding forward declarations for needed
+ *    structures, and changing the #define _FILENAME_H to FILENAME_H_INCLUDED.
+ *
+ *    Revision 1.7  2001/07/13 14:01:54  oes
+ *    Removed all #ifdef PCRS
+ *
+ *    Revision 1.6  2001/06/07 23:14:38  jongfoster
+ *    Removing ACL and forward file loaders - these files have
+ *    been merged into the config file.
+ *
+ *    Revision 1.5  2001/05/31 21:28:49  jongfoster
+ *    Removed all permissionsfile code - it's now called the actions
+ *    file, and (almost) all the code is in actions.c
+ *
+ *    Revision 1.4  2001/05/29 09:50:24  jongfoster
+ *    Unified blocklist/imagelist/permissionslist.
+ *    File format is still under discussion, but the internal changes
+ *    are (mostly) done.
+ *
+ *    Also modified interceptor behaviour:
+ *    - We now intercept all URLs beginning with one of the following
+ *      prefixes (and *only* these prefixes):
+ *        * http://i.j.b/
+ *        * http://ijbswa.sf.net/config/
+ *        * http://ijbswa.sourceforge.net/config/
+ *    - New interceptors "home page" - go to http://i.j.b/ to see it.
+ *    - Internal changes so that intercepted and fast redirect pages
+ *      are not replaced with an image.
+ *    - Interceptors now have the option to send a binary page direct
+ *      to the client. (i.e. ijb-send-banner uses this)
+ *    - Implemented show-url-info interceptor.  (Which is why I needed
+ *      the above interceptors changes - a typical URL is
+ *      "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ *      The previous mechanism would not have intercepted that, and
+ *      if it had been intercepted then it then it would have replaced
+ *      it with an image.)
+ *
+ *    Revision 1.3  2001/05/26 00:28:36  jongfoster
+ *    Automatic reloading of config file.
+ *    Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32).
+ *    Most of the global variables have been moved to a new
+ *    struct configuration_spec, accessed through csp->config->globalname
+ *    Most of the globals remaining are used by the Win32 GUI.
+ *
+ *    Revision 1.2  2001/05/20 01:21:20  jongfoster
+ *    Version 2.9.4 checkin.
+ *    - Merged popupfile and cookiefile, and added control over PCRS
+ *      filtering, in new "permissionsfile".
+ *    - Implemented LOG_LEVEL_FATAL, so that if there is a configuration
+ *      file error you now get a message box (in the Win32 GUI) rather
+ *      than the program exiting with no explanation.
+ *    - Made killpopup use the PCRS MIME-type checking and HTTP-header
+ *      skipping.
+ *    - Removed tabs from "config"
+ *    - Moved duplicated url parsing code in "loaders.c" to a new funcition.
+ *    - Bumped up version number.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:59:00  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Structures taken from project.h */
+struct client_state;
+struct file_list;
+struct configuration_spec;
+struct url_spec;
+
+extern void sweep(void);
+extern char *read_config_line(char *buf, size_t buflen, FILE *fp, unsigned long *linenum);
+extern int check_file_changed(const struct file_list * current,
+                              const char * filename,
+                              struct file_list ** newfl);
+
+extern jb_err edit_read_line(FILE *fp,
+                             char **raw_out,
+                             char **prefix_out,
+                             char **data_out,
+                             int *newline,
+                             unsigned long *line_number);
+
+extern jb_err simple_read_line(FILE *fp, char **dest, int *newline);
+
+/*
+ * Various types of newlines that a file may contain.
+ */
+#define NEWLINE_UNKNOWN 0  /* Newline convention in file is unknown */
+#define NEWLINE_UNIX    1  /* Newline convention in file is '\n'   (ASCII 10) */
+#define NEWLINE_DOS     2  /* Newline convention in file is '\r\n' (ASCII 13,10) */
+#define NEWLINE_MAC     3  /* Newline convention in file is '\r'   (ASCII 13) */
+
+/*
+ * Types of newlines that a file may contain, as strings.  If you have an
+ * extremely wierd compiler that does not have '\r' == CR == ASCII 13 and
+ * '\n' == LF == ASCII 10), then fix CHAR_CR and CHAR_LF in loaders.c as
+ * well as these definitions.
+ */
+#define NEWLINE(style) ((style)==NEWLINE_DOS ? "\r\n" : \
+                        ((style)==NEWLINE_MAC ? "\r" : "\n"))
+
+
+extern short int MustReload;
+extern int load_action_files(struct client_state *csp);
+extern int load_re_filterfiles(struct client_state *csp);
+
+#ifdef FEATURE_TRUST
+extern int load_trustfile(struct client_state *csp);
+#endif /* def FEATURE_TRUST */
+
+#ifdef FEATURE_GRACEFUL_TERMINATION
+#ifdef FEATURE_TRUST
+void unload_current_trust_file(void);
+#endif
+void unload_current_re_filterfile(void);
+#endif /* FEATURE_GRACEFUL_TERMINATION */
+
+void unload_forward_spec(struct forward_spec *fwd);
+
+extern void add_loader(int (*loader)(struct client_state *), 
+                       struct configuration_spec * config);
+extern int run_loader(struct client_state *csp);
+
+/* Revision control strings from this header and associated .c file */
+extern const char loaders_rcs[];
+extern const char loaders_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef LOADERS_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/match-all.action b/external/privoxy/match-all.action
new file mode 100644
index 0000000..904d85b
--- /dev/null
+++ b/external/privoxy/match-all.action
@@ -0,0 +1,14 @@
+#############################################################################
+# $Id: match-all.action,v 1.2 2009/02/14 10:41:07 fabiankeil Exp $
+#
+# This file contains the actions that are applied to all requests and
+# may be overruled later on by other actions files. Less experienced
+# users should only edit this file through the actions file editor.
+#
+#############################################################################
+{ \
++change-x-forwarded-for{block} \
++hide-from-header{block} \
++set-image-blocker{pattern} \
+}
+/ # Match all URLs
diff --git a/external/privoxy/miscutil.c b/external/privoxy/miscutil.c
new file mode 100644
index 0000000..74aa32e
--- /dev/null
+++ b/external/privoxy/miscutil.c
@@ -0,0 +1,1907 @@
+const char miscutil_rcs[] = "$Id: miscutil.c,v 1.62 2008/12/04 18:16:41 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/miscutil.c,v $
+ *
+ * Purpose     :  zalloc, hash_string, safe_strerror, strcmpic,
+ *                strncmpic, chomp, and MinGW32 strdup
+ *                functions. 
+ *                These are each too small to deserve their own file
+ *                but don't really fit in any other file.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2007
+ *                the SourceForge Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                The timegm replacement function was taken from GnuPG,
+ *                Copyright (C) 2004 Free Software Foundation, Inc.
+ *
+ *                The snprintf replacement function is written by
+ *                Mark Martinec who also holds the copyright. It can be
+ *                used under the terms of the GPL or the terms of the
+ *                "Frontier Artistic License".
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: miscutil.c,v $
+ *    Revision 1.62  2008/12/04 18:16:41  fabiankeil
+ *    Fix some cparser warnings.
+ *
+ *    Revision 1.61  2008/10/18 11:09:23  fabiankeil
+ *    Improve seed used by pick_from_range() on mingw32.
+ *
+ *    Revision 1.60  2008/09/07 12:35:05  fabiankeil
+ *    Add mutex lock support for _WIN32.
+ *
+ *    Revision 1.59  2008/09/04 08:13:58  fabiankeil
+ *    Prepare for critical sections on Windows by adding a
+ *    layer of indirection before the pthread mutex functions.
+ *
+ *    Revision 1.58  2008/04/17 14:53:30  fabiankeil
+ *    Move simplematch() into urlmatch.c as it's only
+ *    used to match (old-school) domain patterns.
+ *
+ *    Revision 1.57  2008/03/24 15:29:51  fabiankeil
+ *    Pet gcc43.
+ *
+ *    Revision 1.56  2007/12/01 12:59:05  fabiankeil
+ *    Some sanity checks for pick_from_range().
+ *
+ *    Revision 1.55  2007/11/03 17:34:49  fabiankeil
+ *    Log the "weak randomization factor" warning only
+ *    once for mingw32 and provide some more details.
+ *
+ *    Revision 1.54  2007/09/19 20:28:37  fabiankeil
+ *    If privoxy_strlcpy() is called with a "buffer" size
+ *    of 0, don't touch whatever destination points to.
+ *
+ *    Revision 1.53  2007/09/09 18:20:20  fabiankeil
+ *    Turn privoxy_strlcpy() into a function and try to work with
+ *    b0rked snprintf() implementations too. Reported by icmp30.
+ *
+ *    Revision 1.52  2007/08/19 12:32:34  fabiankeil
+ *    Fix a conversion warning.
+ *
+ *    Revision 1.51  2007/06/17 16:12:22  fabiankeil
+ *    #ifdef _WIN32 the last commit. According to David Shaw,
+ *    one of the gnupg developers, the changes are mingw32-specific.
+ *
+ *    Revision 1.50  2007/06/10 14:59:59  fabiankeil
+ *    Change replacement timegm() to better match our style, plug a small
+ *    but guaranteed memory leak and fix "time zone breathing" on mingw32.
+ *
+ *    Revision 1.49  2007/05/11 11:48:15  fabiankeil
+ *    - Delete strsav() which was replaced
+ *      by string_append() years ago.
+ *    - Add a strlcat() look-alike.
+ *    - Use strlcat() and strlcpy() in those parts
+ *      of the code that are run on unixes.
+ *
+ *    Revision 1.48  2007/04/09 17:48:51  fabiankeil
+ *    Check for HAVE_SNPRINTF instead of __OS2__
+ *    before including the portable snprintf() code.
+ *
+ *    Revision 1.47  2007/03/17 11:52:15  fabiankeil
+ *    - Use snprintf instead of sprintf.
+ *    - Mention copyright for the replacement
+ *      functions in the copyright header.
+ *
+ *    Revision 1.46  2007/01/18 15:03:20  fabiankeil
+ *    Don't include replacement timegm() if
+ *    putenv() or tzset() isn't available.
+ *
+ *    Revision 1.45  2006/12/26 17:31:41  fabiankeil
+ *    Mutex protect rand() if POSIX threading
+ *    is used, warn the user if that's not possible
+ *    and stop using it on _WIN32 where it could
+ *    cause crashes.
+ *
+ *    Revision 1.44  2006/11/07 12:46:43  fabiankeil
+ *    Silence compiler warning on NetBSD 3.1.
+ *
+ *    Revision 1.43  2006/09/23 13:26:38  roro
+ *    Replace TABs by spaces in source code.
+ *
+ *    Revision 1.42  2006/09/09 14:01:45  fabiankeil
+ *    Integrated Oliver Yeoh's domain pattern fix
+ *    to make sure *x matches xx. Closes Patch 1217393
+ *    and Bug 1170767.
+ *
+ *    Revision 1.41  2006/08/18 16:03:17  david__schmidt
+ *    Tweak for OS/2 build happiness.
+ *
+ *    Revision 1.40  2006/08/17 17:15:10  fabiankeil
+ *    - Back to timegm() using GnuPG's replacement if necessary.
+ *      Using mktime() and localtime() could add a on hour offset if
+ *      the randomize factor was big enough to lead to a summer/wintertime
+ *      switch.
+ *
+ *    - Removed now-useless Privoxy 3.0.3 compatibility glue.
+ *
+ *    - Moved randomization code into pick_from_range().
+ *
+ *    - Changed parse_header_time definition.
+ *      time_t isn't guaranteed to be signed and
+ *      if it isn't, -1 isn't available as error code.
+ *      Changed some variable types in client_if_modified_since()
+ *      because of the same reason.
+ *
+ *    Revision 1.39  2006/07/18 14:48:46  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.37.2.4  2003/12/01 14:45:14  oes
+ *    Fixed two more problems with wildcarding in simplematch()
+ *
+ *    Revision 1.37.2.3  2003/11/20 11:39:24  oes
+ *    Bugfix: The "?" wildcard for domain names had never been implemented. Ooops\!
+ *
+ *    Revision 1.37.2.2  2002/11/12 14:28:18  oes
+ *    Proper backtracking in simplematch; fixes bug #632888
+ *
+ *    Revision 1.37.2.1  2002/09/25 12:58:51  oes
+ *    Made strcmpic and strncmpic safe against NULL arguments
+ *    (which are now treated as empty strings).
+ *
+ *    Revision 1.37  2002/04/26 18:29:43  jongfoster
+ *    Fixing this Visual C++ warning:
+ *    miscutil.c(710) : warning C4090: '=' : different 'const' qualifiers
+ *
+ *    Revision 1.36  2002/04/26 12:55:38  oes
+ *    New function string_toupper
+ *
+ *    Revision 1.35  2002/03/26 22:29:55  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.34  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.33  2002/03/07 03:46:53  oes
+ *    Fixed compiler warnings etc
+ *
+ *    Revision 1.32  2002/03/06 23:02:57  jongfoster
+ *    Removing tabs
+ *
+ *    Revision 1.31  2002/03/05 04:52:42  oes
+ *    Deleted non-errlog debugging code
+ *
+ *    Revision 1.30  2002/03/04 18:27:42  oes
+ *    - Deleted deletePidFile
+ *    - Made write_pid_file use the --pidfile option value
+ *      (or no PID file, if the option was absent)
+ *    - Played styleguide police
+ *
+ *    Revision 1.29  2002/03/04 02:08:02  david__schmidt
+ *    Enable web editing of actions file on OS/2 (it had been broken all this time!)
+ *
+ *    Revision 1.28  2002/03/03 09:18:03  joergs
+ *    Made jumbjuster work on AmigaOS again.
+ *
+ *    Revision 1.27  2002/01/21 00:52:32  jongfoster
+ *    Adding string_join()
+ *
+ *    Revision 1.26  2001/12/30 14:07:32  steudten
+ *    - Add signal handling (unix)
+ *    - Add SIGHUP handler (unix)
+ *    - Add creation of pidfile (unix)
+ *    - Add action 'top' in rc file (RH)
+ *    - Add entry 'SIGNALS' to manpage
+ *    - Add exit message to logfile (unix)
+ *
+ *    Revision 1.25  2001/11/13 00:16:38  jongfoster
+ *    Replacing references to malloc.h with the standard stdlib.h
+ *    (See ANSI or K&R 2nd Ed)
+ *
+ *    Revision 1.24  2001/11/05 21:41:43  steudten
+ *    Add changes to be a real daemon just for unix os.
+ *    (change cwd to /, detach from controlling tty, set
+ *    process group and session leader to the own process.
+ *    Add DBG() Macro.
+ *    Add some fatal-error log message for failed malloc().
+ *    Add '-d' if compiled with 'configure --with-debug' to
+ *    enable debug output.
+ *
+ *    Revision 1.23  2001/10/29 03:48:10  david__schmidt
+ *    OS/2 native needed a snprintf() routine.  Added one to miscutil, brackedted
+ *    by and __OS2__ ifdef.
+ *
+ *    Revision 1.22  2001/10/26 17:39:38  oes
+ *    Moved ijb_isspace and ijb_tolower to project.h
+ *
+ *    Revision 1.21  2001/10/23 21:27:50  jongfoster
+ *    Standardising error codes in string_append
+ *    make_path() no longer adds '\\' if the dir already ends in '\\' (this
+ *    is just copying a UNIX-specific fix to the Windows-specific part)
+ *
+ *    Revision 1.20  2001/10/22 15:33:56  david__schmidt
+ *    Special-cased OS/2 out of the Netscape-abort-on-404-in-js problem in
+ *    filters.c.  Added a FIXME in front of the offending code.  I'll gladly
+ *    put in a better/more robust fix for all parties if one is presented...
+ *    It seems that just returning 200 instead of 404 would pretty much fix
+ *    it for everyone, but I don't know all the history of the problem.
+ *
+ *    Revision 1.19  2001/10/14 22:02:57  jongfoster
+ *    New function string_append() which is like strsav(), but running
+ *    out of memory isn't automatically FATAL.
+ *
+ *    Revision 1.18  2001/09/20 13:33:43  steudten
+ *
+ *    change long to int as return value in hash_string(). Remember the wraparound
+ *    for int = long = sizeof(4) - thats maybe not what we want.
+ *
+ *    Revision 1.17  2001/09/13 20:51:29  jongfoster
+ *    Fixing potential problems with characters >=128 in simplematch()
+ *    This was also a compiler warning.
+ *
+ *    Revision 1.16  2001/09/10 10:56:59  oes
+ *    Silenced compiler warnings
+ *
+ *    Revision 1.15  2001/07/13 14:02:24  oes
+ *    Removed vim-settings
+ *
+ *    Revision 1.14  2001/06/29 21:45:41  oes
+ *    Indentation, CRLF->LF, Tab-> Space
+ *
+ *    Revision 1.13  2001/06/29 13:32:14  oes
+ *    Removed logentry from cancelled commit
+ *
+ *    Revision 1.12  2001/06/09 10:55:28  jongfoster
+ *    Changing BUFSIZ ==> BUFFER_SIZE
+ *
+ *    Revision 1.11  2001/06/07 23:09:19  jongfoster
+ *    Cosmetic indentation changes.
+ *
+ *    Revision 1.10  2001/06/07 14:51:38  joergs
+ *    make_path() no longer adds '/' if the dir already ends in '/'.
+ *
+ *    Revision 1.9  2001/06/07 14:43:17  swa
+ *    slight mistake in make_path, unix path style is /.
+ *
+ *    Revision 1.8  2001/06/05 22:32:01  jongfoster
+ *    New function make_path() to splice directory and file names together.
+ *
+ *    Revision 1.7  2001/06/03 19:12:30  oes
+ *    introduced bindup()
+ *
+ *    Revision 1.6  2001/06/01 18:14:49  jongfoster
+ *    Changing the calls to strerr() to check HAVE_STRERR (which is defined
+ *    in config.h if appropriate) rather than the NO_STRERR macro.
+ *
+ *    Revision 1.5  2001/06/01 10:31:51  oes
+ *    Added character class matching to trivimatch; renamed to simplematch
+ *
+ *    Revision 1.4  2001/05/31 17:32:31  oes
+ *
+ *     - Enhanced domain part globbing with infix and prefix asterisk
+ *       matching and optional unanchored operation
+ *
+ *    Revision 1.3  2001/05/29 23:10:09  oes
+ *
+ *
+ *     - Introduced chomp()
+ *     - Moved strsav() from showargs to miscutil
+ *
+ *    Revision 1.2  2001/05/29 09:50:24  jongfoster
+ *    Unified blocklist/imagelist/permissionslist.
+ *    File format is still under discussion, but the internal changes
+ *    are (mostly) done.
+ *
+ *    Also modified interceptor behaviour:
+ *    - We now intercept all URLs beginning with one of the following
+ *      prefixes (and *only* these prefixes):
+ *        * http://i.j.b/
+ *        * http://ijbswa.sf.net/config/
+ *        * http://ijbswa.sourceforge.net/config/
+ *    - New interceptors "home page" - go to http://i.j.b/ to see it.
+ *    - Internal changes so that intercepted and fast redirect pages
+ *      are not replaced with an image.
+ *    - Interceptors now have the option to send a binary page direct
+ *      to the client. (i.e. ijb-send-banner uses this)
+ *    - Implemented show-url-info interceptor.  (Which is why I needed
+ *      the above interceptors changes - a typical URL is
+ *      "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ *      The previous mechanism would not have intercepted that, and
+ *      if it had been intercepted then it then it would have replaced
+ *      it with an image.)
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:59:00  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+#include <stdio.h>
+#include <sys/types.h>
+#include <stdlib.h>
+#if !defined(_WIN32) && !defined(__OS2__)
+#include <unistd.h>
+#endif /* #if !defined(_WIN32) && !defined(__OS2__) */
+#include <string.h>
+#include <ctype.h>
+#include <assert.h>
+
+#if !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV)
+#include <time.h>
+#endif /* !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV) */
+
+#include "project.h"
+#include "miscutil.h"
+#include "errlog.h"
+#include "jcc.h"
+
+const char miscutil_h_rcs[] = MISCUTIL_H_VERSION;
+
+/*********************************************************************
+ *
+ * Function    :  zalloc
+ *
+ * Description :  Malloc some memory and set it to '\0'.
+ *                The way calloc() ought to be -acjc
+ *
+ * Parameters  :
+ *          1  :  size = Size of memory chunk to return.
+ *
+ * Returns     :  Pointer to newly malloc'd memory chunk.
+ *
+ *********************************************************************/
+void *zalloc(size_t size)
+{
+   void * ret;
+
+   if ((ret = (void *)malloc(size)) != NULL)
+   {
+      memset(ret, 0, size);
+   }
+
+   return(ret);
+
+}
+
+
+#if defined(unix)
+/*********************************************************************
+ *
+ * Function    :  write_pid_file 
+ *
+ * Description :  Writes a pid file with the pid of the main process 
+ *
+ * Parameters  :  None
+ *
+ * Returns     :  N/A 
+ *
+ *********************************************************************/
+void write_pid_file(void)
+{
+   FILE   *fp;
+   
+   /*
+    * If no --pidfile option was given,
+    * we can live without one.
+    */
+   if (pidfile == NULL) return;
+
+   if ((fp = fopen(pidfile, "w")) == NULL)
+   {
+      log_error(LOG_LEVEL_INFO, "can't open pidfile '%s': %E", pidfile);
+   }
+   else
+   {
+      fprintf(fp, "%u\n", (unsigned int) getpid());
+      fclose (fp);
+   }
+   return;
+
+}
+#endif /* def unix */
+
+
+/*********************************************************************
+ *
+ * Function    :  hash_string
+ *
+ * Description :  Take a string and compute a (hopefuly) unique numeric
+ *                integer value.  This has several uses, but being able
+ *                to "switch" a string the one of my favorites.
+ *
+ * Parameters  :
+ *          1  :  s : string to be hashed.
+ *
+ * Returns     :  an unsigned long variable with the hashed value.
+ *
+ *********************************************************************/
+unsigned int hash_string( const char* s )
+{
+   unsigned int h = 0; 
+
+   for ( ; *s; ++s )
+   {
+      h = 5 * h + (unsigned int)*s;
+   }
+
+   return (h);
+
+}
+
+
+#ifdef __MINGW32__
+/*********************************************************************
+ *
+ * Function    :  strdup
+ *
+ * Description :  For some reason (which is beyond me), gcc and WIN32
+ *                don't like strdup.  When a "free" is executed on a
+ *                strdup'd ptr, it can at times freez up!  So I just
+ *                replaced it and problem was solved.
+ *
+ * Parameters  :
+ *          1  :  s = string to duplicate
+ *
+ * Returns     :  Pointer to newly malloc'ed copy of the string.
+ *
+ *********************************************************************/
+char *strdup( const char *s )
+{
+   char * result = (char *)malloc( strlen(s)+1 );
+
+   if (result != NULL)
+   {
+      strcpy( result, s );
+   }
+
+   return( result );
+}
+
+#endif /* def __MINGW32__ */
+
+
+
+/*********************************************************************
+ *
+ * Function    :  safe_strerror
+ *
+ * Description :  Variant of the library routine strerror() which will
+ *                work on systems without the library routine, and
+ *                which should never return NULL.
+ *
+ * Parameters  :
+ *          1  :  err = the `errno' of the last operation.
+ *
+ * Returns     :  An "English" string of the last `errno'.  Allocated
+ *                with strdup(), so caller frees.  May be NULL if the
+ *                system is out of memory.
+ *
+ *********************************************************************/
+char *safe_strerror(int err)
+{
+   char *s = NULL;
+   char buf[BUFFER_SIZE];
+
+
+#ifdef HAVE_STRERROR
+   s = strerror(err);
+#endif /* HAVE_STRERROR */
+
+   if (s == NULL)
+   {
+      snprintf(buf, sizeof(buf), "(errno = %d)", err);
+      s = buf;
+   }
+
+   return(strdup(s));
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  strcmpic
+ *
+ * Description :  Case insensitive string comparison
+ *
+ * Parameters  :
+ *          1  :  s1 = string 1 to compare
+ *          2  :  s2 = string 2 to compare
+ *
+ * Returns     :  0 if s1==s2, Negative if s1<s2, Positive if s1>s2
+ *
+ *********************************************************************/
+int strcmpic(const char *s1, const char *s2)
+{
+   if (!s1) s1 = "";
+   if (!s2) s2 = "";
+
+   while (*s1 && *s2)
+   {
+      if ( ( *s1 != *s2 ) && ( ijb_tolower(*s1) != ijb_tolower(*s2) ) )
+      {
+         break;
+      }
+      s1++, s2++;
+   }
+   return(ijb_tolower(*s1) - ijb_tolower(*s2));
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  strncmpic
+ *
+ * Description :  Case insensitive string comparison (upto n characters)
+ *
+ * Parameters  :
+ *          1  :  s1 = string 1 to compare
+ *          2  :  s2 = string 2 to compare
+ *          3  :  n = maximum characters to compare
+ *
+ * Returns     :  0 if s1==s2, Negative if s1<s2, Positive if s1>s2
+ *
+ *********************************************************************/
+int strncmpic(const char *s1, const char *s2, size_t n)
+{
+   if (n <= (size_t)0) return(0);
+   if (!s1) s1 = "";
+   if (!s2) s2 = "";
+   
+   while (*s1 && *s2)
+   {
+      if ( ( *s1 != *s2 ) && ( ijb_tolower(*s1) != ijb_tolower(*s2) ) )
+      {
+         break;
+      }
+
+      if (--n <= (size_t)0) break;
+
+      s1++, s2++;
+   }
+   return(ijb_tolower(*s1) - ijb_tolower(*s2));
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  chomp
+ *
+ * Description :  In-situ-eliminate all leading and trailing whitespace
+ *                from a string.
+ *
+ * Parameters  :
+ *          1  :  s : string to be chomped.
+ *
+ * Returns     :  chomped string
+ *
+ *********************************************************************/
+char *chomp(char *string)
+{
+   char *p, *q, *r;
+
+   /* 
+    * strip trailing whitespace
+    */
+   p = string + strlen(string);
+   while (p > string && ijb_isspace(*(p-1)))
+   {
+      p--;
+   }
+   *p = '\0';
+
+   /* 
+    * find end of leading whitespace 
+    */
+   q = r = string;
+   while (*q && ijb_isspace(*q))
+   {
+      q++;
+   }
+
+   /*
+    * if there was any, move the rest forwards
+    */
+   if (q != string)
+   {
+      while (q <= p)
+      {
+         *r++ = *q++;
+      }
+   }
+
+   return(string);
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  string_append
+ *
+ * Description :  Reallocate target_string and append text to it.  
+ *                This makes it easier to append to malloc'd strings.
+ *                This is similar to the (removed) strsav(), but
+ *                running out of memory isn't catastrophic.
+ *
+ *                Programming style:
+ *
+ *                The following style provides sufficient error
+ *                checking for this routine, with minimal clutter
+ *                in the source code.  It is recommended if you
+ *                have many calls to this function:
+ *
+ *                char * s = strdup(...); // don't check for error
+ *                string_append(&s, ...);  // don't check for error
+ *                string_append(&s, ...);  // don't check for error
+ *                string_append(&s, ...);  // don't check for error
+ *                if (NULL == s) { ... handle error ... }
+ *
+ *                OR, equivalently:
+ *
+ *                char * s = strdup(...); // don't check for error
+ *                string_append(&s, ...);  // don't check for error
+ *                string_append(&s, ...);  // don't check for error
+ *                if (string_append(&s, ...)) {... handle error ...}
+ *
+ * Parameters  :
+ *          1  :  target_string = Pointer to old text that is to be
+ *                extended.  *target_string will be free()d by this
+ *                routine.  target_string must be non-NULL.
+ *                If *target_string is NULL, this routine will
+ *                do nothing and return with an error - this allows
+ *                you to make many calls to this routine and only
+ *                check for errors after the last one.
+ *          2  :  text_to_append = Text to be appended to old.
+ *                Must not be NULL.
+ *
+ * Returns     :  JB_ERR_OK on success, and sets *target_string
+ *                   to newly malloc'ed appended string.  Caller
+ *                   must free(*target_string).
+ *                JB_ERR_MEMORY on out-of-memory.  (And free()s
+ *                   *target_string and sets it to NULL).
+ *                JB_ERR_MEMORY if *target_string is NULL.
+ *
+ *********************************************************************/
+jb_err string_append(char **target_string, const char *text_to_append)
+{
+   size_t old_len;
+   char *new_string;
+   size_t new_size;
+
+   assert(target_string);
+   assert(text_to_append);
+
+   if (*target_string == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   if (*text_to_append == '\0')
+   {
+      return JB_ERR_OK;
+   }
+
+   old_len = strlen(*target_string);
+
+   new_size = strlen(text_to_append) + old_len + 1;
+
+   if (NULL == (new_string = realloc(*target_string, new_size)))
+   {
+      free(*target_string);
+
+      *target_string = NULL;
+      return JB_ERR_MEMORY;
+   }
+
+   strlcpy(new_string + old_len, text_to_append, new_size - old_len);
+
+   *target_string = new_string;
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  string_join
+ *
+ * Description :  Join two strings together.  Frees BOTH the original
+ *                strings.  If either or both input strings are NULL,
+ *                fails as if it had run out of memory.
+ *
+ *                For comparison, string_append requires that the
+ *                second string is non-NULL, and doesn't free it.
+ *
+ *                Rationale: Too often, we want to do
+ *                string_append(s, html_encode(s2)).  That assert()s
+ *                if s2 is NULL or if html_encode() runs out of memory.
+ *                It also leaks memory.  Proper checking is cumbersome.
+ *                The solution: string_join(s, html_encode(s2)) is safe,
+ *                and will free the memory allocated by html_encode().
+ *
+ * Parameters  :
+ *          1  :  target_string = Pointer to old text that is to be
+ *                extended.  *target_string will be free()d by this
+ *                routine.  target_string must be non-NULL.
+ *          2  :  text_to_append = Text to be appended to old.
+ *
+ * Returns     :  JB_ERR_OK on success, and sets *target_string
+ *                   to newly malloc'ed appended string.  Caller
+ *                   must free(*target_string).
+ *                JB_ERR_MEMORY on out-of-memory, or if
+ *                   *target_string or text_to_append is NULL.  (In
+ *                   this case, frees *target_string and text_to_append,
+ *                   sets *target_string to NULL).
+ *
+ *********************************************************************/
+jb_err string_join(char **target_string, char *text_to_append)
+{
+   jb_err err;
+
+   assert(target_string);
+
+   if (text_to_append == NULL)
+   {
+      freez(*target_string);
+      return JB_ERR_MEMORY;
+   }
+
+   err = string_append(target_string, text_to_append);
+
+   freez(text_to_append);
+
+   return err;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  string_toupper
+ *
+ * Description :  Produce a copy of string with all convertible
+ *                characters converted to uppercase.
+ *
+ * Parameters  :
+ *          1  :  string = string to convert
+ *
+ * Returns     :  Uppercase copy of string if possible, 
+ *                NULL on out-of-memory or if string was NULL.
+ *
+ *********************************************************************/
+char *string_toupper(const char *string)
+{
+   char *result, *p;
+   const char *q;
+
+   if (!string || ((result = (char *) zalloc(strlen(string) + 1)) == NULL))
+   {
+      return NULL;
+   }
+   
+   q = string;
+   p = result;
+
+   while (*q != '\0')
+   {
+      *p++ = (char)toupper((int) *q++);
+   }
+
+   return result;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  bindup
+ *
+ * Description :  Duplicate the first n characters of a string that may
+ *                contain '\0' characters.
+ *
+ * Parameters  :
+ *          1  :  string = string to be duplicated
+ *          2  :  len = number of bytes to duplicate
+ *
+ * Returns     :  pointer to copy, or NULL if failiure
+ *
+ *********************************************************************/
+char *bindup(const char *string, size_t len)
+{
+   char *duplicate;
+
+   if (NULL == (duplicate = (char *)malloc(len)))
+   {
+      return NULL;
+   }
+   else
+   {
+     memcpy(duplicate, string, len);
+   }
+
+   return duplicate;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  make_path
+ *
+ * Description :  Takes a directory name and a file name, returns 
+ *                the complete path.  Handles windows/unix differences.
+ *                If the file name is already an absolute path, or if
+ *                the directory name is NULL or empty, it returns 
+ *                the filename. 
+ *
+ * Parameters  :
+ *          1  :  dir: Name of directory or NULL for none.
+ *          2  :  file: Name of file.  Should not be NULL or empty.
+ *
+ * Returns     :  "dir/file" (Or on windows, "dir\file").
+ *                It allocates the string on the heap.  Caller frees.
+ *                Returns NULL in error (i.e. NULL file or out of
+ *                memory) 
+ *
+ *********************************************************************/
+char * make_path(const char * dir, const char * file)
+{
+#ifdef AMIGA
+   char path[512];
+
+   if(dir)
+   {
+      if(dir[0] == '.')
+      {
+         if(dir[1] == '/')
+         {
+            strncpy(path,dir+2,512);
+         }
+         else
+         {
+            strncpy(path,dir+1,512);
+         }
+      }
+      else
+      {
+         strncpy(path,dir,512);
+      }
+      path[511]=0;
+   }
+   else
+   {
+      path[0]=0;
+   }
+   if(AddPart(path,file,512))
+   {
+      return strdup(path);
+   }
+   else
+   {
+      return NULL;
+   }
+#else /* ndef AMIGA */
+
+   if ((file == NULL) || (*file == '\0'))
+   {
+      return NULL; /* Error */
+   }
+
+   if ((dir == NULL) || (*dir == '\0') /* No directory specified */
+#if defined(_WIN32) || defined(__OS2__)
+      || (*file == '\\') || (file[1] == ':') /* Absolute path (DOS) */
+#else /* ifndef _WIN32 || __OS2__ */
+      || (*file == '/') /* Absolute path (U*ix) */
+#endif /* ifndef _WIN32 || __OS2__  */
+      )
+   {
+      return strdup(file);
+   }
+   else
+   {
+      char * path;
+      size_t path_size = strlen(dir) + strlen(file) + 2; /* +2 for trailing (back)slash and \0 */
+
+#if defined(unix)
+      if ( *dir != '/' && basedir && *basedir )
+      {
+         /*
+          * Relative path, so start with the base directory.
+          */
+         path_size += strlen(basedir) + 1; /* +1 for the slash */
+         path = malloc(path_size);
+         if (!path ) log_error(LOG_LEVEL_FATAL, "malloc failed!");
+         strlcpy(path, basedir, path_size);
+         strlcat(path, "/", path_size);
+         strlcat(path, dir, path_size);
+      }
+      else
+#endif /* defined unix */
+      {
+         path = malloc(path_size);
+         if (!path ) log_error(LOG_LEVEL_FATAL, "malloc failed!");
+         strlcpy(path, dir, path_size);
+      }
+
+#if defined(_WIN32) || defined(__OS2__)
+      if(path[strlen(path)-1] != '\\')
+      {
+         strlcat(path, "\\", path_size);
+      }
+#else /* ifndef _WIN32 || __OS2__ */
+      if(path[strlen(path)-1] != '/')
+      {
+         strlcat(path, "/", path_size);
+      }
+#endif /* ifndef _WIN32 || __OS2__ */
+      strlcat(path, file, path_size);
+
+      return path;
+   }
+#endif /* ndef AMIGA */
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  pick_from_range
+ *
+ * Description :  Pick a positive number out of a given range.
+ *                Should only be used if randomness would be nice,
+ *                but isn't really necessary.
+ *
+ * Parameters  :
+ *          1  :  range: Highest possible number to pick.
+ *
+ * Returns     :  Picked number. 
+ *
+ *********************************************************************/
+long int pick_from_range(long int range)
+{
+   long int number;
+#ifdef _WIN32
+   static unsigned long seed = 0;
+#endif /* def _WIN32 */
+
+   assert(range != 0);
+   assert(range > 0);
+
+   if (range <= 0) return 0;
+
+#ifdef HAVE_RANDOM
+   number = random() % range + 1; 
+#elif defined(MUTEX_LOCKS_AVAILABLE)
+   privoxy_mutex_lock(&rand_mutex);
+#ifdef _WIN32
+   if (!seed)
+   {
+      seed = (unsigned long)(GetCurrentThreadId()+GetTickCount());
+   }
+   srand(seed);
+   seed = (unsigned long)((rand() << 16) + rand());
+#endif /* def _WIN32 */
+   number = (unsigned long)((rand() << 16) + (rand())) % (unsigned long)(range + 1);
+   privoxy_mutex_unlock(&rand_mutex);
+#else
+   /*
+    * XXX: Which platforms reach this and are there
+    * better options than just using rand() and hoping
+    * that it's safe?
+    */
+   log_error(LOG_LEVEL_INFO, "No thread-safe PRNG available? Header time randomization "
+      "might cause crashes, predictable results or even combine these fine options.");
+   number = rand() % (long int)(range + 1);
+
+#endif /* (def HAVE_RANDOM) */
+
+   return number;
+}
+
+
+#ifdef USE_PRIVOXY_STRLCPY
+/*********************************************************************
+ *
+ * Function    :  privoxy_strlcpy
+ *
+ * Description :  strlcpy(3) look-alike for those without decent libc.
+ *
+ * Parameters  :
+ *          1  :  destination: buffer to copy into.
+ *          2  :  source: String to copy.
+ *          3  :  size: Size of destination buffer.
+ *
+ * Returns     :  The length of the string that privoxy_strlcpy() tried to create.
+ *
+ *********************************************************************/
+size_t privoxy_strlcpy(char *destination, const char *source, const size_t size)
+{
+   if (0 < size)
+   {
+      snprintf(destination, size, "%s", source);
+      /*
+       * Platforms that lack strlcpy() also tend to have
+       * a broken snprintf implementation that doesn't
+       * guarantee nul termination.
+       *
+       * XXX: the configure script should detect and reject those.
+       */
+      destination[size-1] = '\0';
+   }
+   return strlen(source);
+}
+#endif /* def USE_PRIVOXY_STRLCPY */
+
+
+#ifndef HAVE_STRLCAT
+/*********************************************************************
+ *
+ * Function    :  privoxy_strlcat
+ *
+ * Description :  strlcat(3) look-alike for those without decent libc.
+ *
+ * Parameters  :
+ *          1  :  destination: C string.
+ *          2  :  source: String to copy.
+ *          3  :  size: Size of destination buffer.
+ *
+ * Returns     :  The length of the string that privoxy_strlcat() tried to create.
+ *
+ *********************************************************************/
+size_t privoxy_strlcat(char *destination, const char *source, const size_t size)
+{
+   const size_t old_length = strlen(destination);
+   return old_length + strlcpy(destination + old_length, source, size - old_length);
+}
+#endif /* ndef HAVE_STRLCAT */
+
+
+#if !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV)
+/*********************************************************************
+ *
+ * Function    :  timegm
+ *
+ * Description :  libc replacement function for the inverse of gmtime().
+ *                Copyright (C) 2004 Free Software Foundation, Inc.
+ *
+ *                Code originally copied from GnuPG, modifications done
+ *                for Privoxy: style changed, #ifdefs for _WIN32 added
+ *                to have it work on mingw32.
+ *
+ *                XXX: It's very unlikely to happen, but if the malloc()
+ *                call fails the time zone will be permanently set to UTC.
+ *
+ * Parameters  :
+ *          1  :  tm: Broken-down time struct.
+ *
+ * Returns     :  tm converted into time_t seconds. 
+ *
+ *********************************************************************/
+time_t timegm(struct tm *tm)
+{
+   time_t answer;
+   char *zone;
+
+   zone = getenv("TZ");
+   putenv("TZ=UTC");
+   tzset();
+   answer = mktime(tm);
+   if (zone)
+   {
+      char *old_zone;
+
+      old_zone = malloc(3 + strlen(zone) + 1);
+      if (old_zone)
+      {
+         strcpy(old_zone, "TZ=");
+         strcat(old_zone, zone);
+         putenv(old_zone);
+#ifdef _WIN32
+         free(old_zone);
+#endif /* def _WIN32 */
+      }
+   }
+   else
+   {
+#ifdef HAVE_UNSETENV
+      unsetenv("TZ");
+#elif defined(_WIN32)
+      putenv("TZ=");
+#else
+      putenv("TZ");
+#endif
+   }
+   tzset();
+
+   return answer;
+}
+#endif /* !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV) */
+
+
+#ifndef HAVE_SNPRINTF
+/*
+ * What follows is a portable snprintf routine, written by Mark Martinec.
+ * See: http://www.ijs.si/software/snprintf/
+
+                                  snprintf.c
+                   - a portable implementation of snprintf,
+       including vsnprintf.c, asnprintf, vasnprintf, asprintf, vasprintf
+                                       
+   snprintf is a routine to convert numeric and string arguments to
+   formatted strings. It is similar to sprintf(3) provided in a system's
+   C library, yet it requires an additional argument - the buffer size -
+   and it guarantees never to store anything beyond the given buffer,
+   regardless of the format or arguments to be formatted. Some newer
+   operating systems do provide snprintf in their C library, but many do
+   not or do provide an inadequate (slow or idiosyncratic) version, which
+   calls for a portable implementation of this routine.
+
+Author
+
+   Mark Martinec <mark.martinec at ijs.si>, April 1999, June 2000
+   Copyright © 1999, Mark Martinec
+
+ */
+
+#define PORTABLE_SNPRINTF_VERSION_MAJOR 2
+#define PORTABLE_SNPRINTF_VERSION_MINOR 2
+
+#if defined(NEED_ASPRINTF) || defined(NEED_ASNPRINTF) || defined(NEED_VASPRINTF) || defined(NEED_VASNPRINTF)
+# if defined(NEED_SNPRINTF_ONLY)
+# undef NEED_SNPRINTF_ONLY
+# endif
+# if !defined(PREFER_PORTABLE_SNPRINTF)
+# define PREFER_PORTABLE_SNPRINTF
+# endif
+#endif
+
+#if defined(SOLARIS_BUG_COMPATIBLE) && !defined(SOLARIS_COMPATIBLE)
+#define SOLARIS_COMPATIBLE
+#endif
+
+#if defined(HPUX_BUG_COMPATIBLE) && !defined(HPUX_COMPATIBLE)
+#define HPUX_COMPATIBLE
+#endif
+
+#if defined(DIGITAL_UNIX_BUG_COMPATIBLE) && !defined(DIGITAL_UNIX_COMPATIBLE)
+#define DIGITAL_UNIX_COMPATIBLE
+#endif
+
+#if defined(PERL_BUG_COMPATIBLE) && !defined(PERL_COMPATIBLE)
+#define PERL_COMPATIBLE
+#endif
+
+#if defined(LINUX_BUG_COMPATIBLE) && !defined(LINUX_COMPATIBLE)
+#define LINUX_COMPATIBLE
+#endif
+
+#include <sys/types.h>
+#include <string.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <stdarg.h>
+#include <assert.h>
+#include <errno.h>
+
+#ifdef isdigit
+#undef isdigit
+#endif
+#define isdigit(c) ((c) >= '0' && (c) <= '9')
+
+/* For copying strings longer or equal to 'breakeven_point'
+ * it is more efficient to call memcpy() than to do it inline.
+ * The value depends mostly on the processor architecture,
+ * but also on the compiler and its optimization capabilities.
+ * The value is not critical, some small value greater than zero
+ * will be just fine if you don't care to squeeze every drop
+ * of performance out of the code.
+ *
+ * Small values favor memcpy, large values favor inline code.
+ */
+#if defined(__alpha__) || defined(__alpha)
+#  define breakeven_point   2    /* AXP (DEC Alpha)     - gcc or cc or egcs */
+#endif
+#if defined(__i386__)  || defined(__i386)
+#  define breakeven_point  12    /* Intel Pentium/Linux - gcc 2.96 */
+#endif
+#if defined(__hppa)
+#  define breakeven_point  10    /* HP-PA               - gcc */
+#endif
+#if defined(__sparc__) || defined(__sparc)
+#  define breakeven_point  33    /* Sun Sparc 5         - gcc 2.8.1 */
+#endif
+
+/* some other values of possible interest: */
+/* #define breakeven_point  8 */ /* VAX 4000          - vaxc */
+/* #define breakeven_point 19 */ /* VAX 4000          - gcc 2.7.0 */
+
+#ifndef breakeven_point
+#  define breakeven_point   6    /* some reasonable one-size-fits-all value */
+#endif
+
+#define fast_memcpy(d,s,n) \
+  { register size_t nn = (size_t)(n); \
+    if (nn >= breakeven_point) memcpy((d), (s), nn); \
+    else if (nn > 0) { /* proc call overhead is worth only for large strings*/\
+      register char *dd; register const char *ss; \
+      for (ss=(s), dd=(d); nn>0; nn--) *dd++ = *ss++; } }
+
+#define fast_memset(d,c,n) \
+  { register size_t nn = (size_t)(n); \
+    if (nn >= breakeven_point) memset((d), (int)(c), nn); \
+    else if (nn > 0) { /* proc call overhead is worth only for large strings*/\
+      register char *dd; register const int cc=(int)(c); \
+      for (dd=(d); nn>0; nn--) *dd++ = cc; } }
+
+/* prototypes */
+
+#if defined(NEED_ASPRINTF)
+int asprintf   (char **ptr, const char *fmt, /*args*/ ...);
+#endif
+#if defined(NEED_VASPRINTF)
+int vasprintf  (char **ptr, const char *fmt, va_list ap);
+#endif
+#if defined(NEED_ASNPRINTF)
+int asnprintf  (char **ptr, size_t str_m, const char *fmt, /*args*/ ...);
+#endif
+#if defined(NEED_VASNPRINTF)
+int vasnprintf (char **ptr, size_t str_m, const char *fmt, va_list ap);
+#endif
+
+#if defined(HAVE_SNPRINTF)
+/* declare our portable snprintf  routine under name portable_snprintf  */
+/* declare our portable vsnprintf routine under name portable_vsnprintf */
+#else
+/* declare our portable routines under names snprintf and vsnprintf */
+#define portable_snprintf snprintf
+#if !defined(NEED_SNPRINTF_ONLY)
+#define portable_vsnprintf vsnprintf
+#endif
+#endif
+
+#if !defined(HAVE_SNPRINTF) || defined(PREFER_PORTABLE_SNPRINTF)
+int portable_snprintf(char *str, size_t str_m, const char *fmt, /*args*/ ...);
+#if !defined(NEED_SNPRINTF_ONLY)
+int portable_vsnprintf(char *str, size_t str_m, const char *fmt, va_list ap);
+#endif
+#endif
+
+/* declarations */
+
+static char credits[] = "\n\
+@(#)snprintf.c, v2.2: Mark Martinec, <mark.martinec at ijs.si>\n\
+@(#)snprintf.c, v2.2: Copyright 1999, Mark Martinec. Frontier Artistic License applies.\n\
+@(#)snprintf.c, v2.2: http://www.ijs.si/software/snprintf/\n";
+
+#if defined(NEED_ASPRINTF)
+int asprintf(char **ptr, const char *fmt, /*args*/ ...) {
+  va_list ap;
+  size_t str_m;
+  int str_l;
+
+  *ptr = NULL;
+  va_start(ap, fmt);                            /* measure the required size */
+  str_l = portable_vsnprintf(NULL, (size_t)0, fmt, ap);
+  va_end(ap);
+  assert(str_l >= 0);        /* possible integer overflow if str_m > INT_MAX */
+  *ptr = (char *) malloc(str_m = (size_t)str_l + 1);
+  if (*ptr == NULL) { errno = ENOMEM; str_l = -1; }
+  else {
+    int str_l2;
+    va_start(ap, fmt);
+    str_l2 = portable_vsnprintf(*ptr, str_m, fmt, ap);
+    va_end(ap);
+    assert(str_l2 == str_l);
+  }
+  return str_l;
+}
+#endif
+
+#if defined(NEED_VASPRINTF)
+int vasprintf(char **ptr, const char *fmt, va_list ap) {
+  size_t str_m;
+  int str_l;
+
+  *ptr = NULL;
+  { va_list ap2;
+    va_copy(ap2, ap);  /* don't consume the original ap, we'll need it again */
+    str_l = portable_vsnprintf(NULL, (size_t)0, fmt, ap2);/*get required size*/
+    va_end(ap2);
+  }
+  assert(str_l >= 0);        /* possible integer overflow if str_m > INT_MAX */
+  *ptr = (char *) malloc(str_m = (size_t)str_l + 1);
+  if (*ptr == NULL) { errno = ENOMEM; str_l = -1; }
+  else {
+    int str_l2 = portable_vsnprintf(*ptr, str_m, fmt, ap);
+    assert(str_l2 == str_l);
+  }
+  return str_l;
+}
+#endif
+
+#if defined(NEED_ASNPRINTF)
+int asnprintf (char **ptr, size_t str_m, const char *fmt, /*args*/ ...) {
+  va_list ap;
+  int str_l;
+
+  *ptr = NULL;
+  va_start(ap, fmt);                            /* measure the required size */
+  str_l = portable_vsnprintf(NULL, (size_t)0, fmt, ap);
+  va_end(ap);
+  assert(str_l >= 0);        /* possible integer overflow if str_m > INT_MAX */
+  if ((size_t)str_l + 1 < str_m) str_m = (size_t)str_l + 1;      /* truncate */
+  /* if str_m is 0, no buffer is allocated, just set *ptr to NULL */
+  if (str_m == 0) {  /* not interested in resulting string, just return size */
+  } else {
+    *ptr = (char *) malloc(str_m);
+    if (*ptr == NULL) { errno = ENOMEM; str_l = -1; }
+    else {
+      int str_l2;
+      va_start(ap, fmt);
+      str_l2 = portable_vsnprintf(*ptr, str_m, fmt, ap);
+      va_end(ap);
+      assert(str_l2 == str_l);
+    }
+  }
+  return str_l;
+}
+#endif
+
+#if defined(NEED_VASNPRINTF)
+int vasnprintf (char **ptr, size_t str_m, const char *fmt, va_list ap) {
+  int str_l;
+
+  *ptr = NULL;
+  { va_list ap2;
+    va_copy(ap2, ap);  /* don't consume the original ap, we'll need it again */
+    str_l = portable_vsnprintf(NULL, (size_t)0, fmt, ap2);/*get required size*/
+    va_end(ap2);
+  }
+  assert(str_l >= 0);        /* possible integer overflow if str_m > INT_MAX */
+  if ((size_t)str_l + 1 < str_m) str_m = (size_t)str_l + 1;      /* truncate */
+  /* if str_m is 0, no buffer is allocated, just set *ptr to NULL */
+  if (str_m == 0) {  /* not interested in resulting string, just return size */
+  } else {
+    *ptr = (char *) malloc(str_m);
+    if (*ptr == NULL) { errno = ENOMEM; str_l = -1; }
+    else {
+      int str_l2 = portable_vsnprintf(*ptr, str_m, fmt, ap);
+      assert(str_l2 == str_l);
+    }
+  }
+  return str_l;
+}
+#endif
+
+/*
+ * If the system does have snprintf and the portable routine is not
+ * specifically required, this module produces no code for snprintf/vsnprintf.
+ */
+#if !defined(HAVE_SNPRINTF) || defined(PREFER_PORTABLE_SNPRINTF)
+
+#if !defined(NEED_SNPRINTF_ONLY)
+int portable_snprintf(char *str, size_t str_m, const char *fmt, /*args*/ ...) {
+  va_list ap;
+  int str_l;
+
+  va_start(ap, fmt);
+  str_l = portable_vsnprintf(str, str_m, fmt, ap);
+  va_end(ap);
+  return str_l;
+}
+#endif
+
+#if defined(NEED_SNPRINTF_ONLY)
+int portable_snprintf(char *str, size_t str_m, const char *fmt, /*args*/ ...) {
+#else
+int portable_vsnprintf(char *str, size_t str_m, const char *fmt, va_list ap) {
+#endif
+
+#if defined(NEED_SNPRINTF_ONLY)
+  va_list ap;
+#endif
+  size_t str_l = 0;
+  const char *p = fmt;
+
+/* In contrast with POSIX, the ISO C99 now says
+ * that str can be NULL and str_m can be 0.
+ * This is more useful than the old:  if (str_m < 1) return -1; */
+
+#if defined(NEED_SNPRINTF_ONLY)
+  va_start(ap, fmt);
+#endif
+  if (!p) p = "";
+  while (*p) {
+    if (*p != '%') {
+   /* if (str_l < str_m) str[str_l++] = *p++;    -- this would be sufficient */
+   /* but the following code achieves better performance for cases
+    * where format string is long and contains few conversions */
+      const char *q = strchr(p+1,'%');
+      size_t n = !q ? strlen(p) : (q-p);
+      if (str_l < str_m) {
+        size_t avail = str_m-str_l;
+        fast_memcpy(str+str_l, p, (n>avail?avail:n));
+      }
+      p += n; str_l += n;
+    } else {
+      const char *starting_p;
+      size_t min_field_width = 0, precision = 0;
+      int zero_padding = 0, precision_specified = 0, justify_left = 0;
+      int alternate_form = 0, force_sign = 0;
+      int space_for_positive = 1; /* If both the ' ' and '+' flags appear,
+                                     the ' ' flag should be ignored. */
+      char length_modifier = '\0';            /* allowed values: \0, h, l, L */
+      char tmp[32];/* temporary buffer for simple numeric->string conversion */
+
+      const char *str_arg;      /* string address in case of string argument */
+      size_t str_arg_l;         /* natural field width of arg without padding
+                                   and sign */
+      unsigned char uchar_arg;
+        /* unsigned char argument value - only defined for c conversion.
+           N.B. standard explicitly states the char argument for
+           the c conversion is unsigned */
+
+      size_t number_of_zeros_to_pad = 0;
+        /* number of zeros to be inserted for numeric conversions
+           as required by the precision or minimal field width */
+
+      size_t zero_padding_insertion_ind = 0;
+        /* index into tmp where zero padding is to be inserted */
+
+      char fmt_spec = '\0';
+        /* current conversion specifier character */
+
+      str_arg = credits;/* just to make compiler happy (defined but not used)*/
+      str_arg = NULL;
+      starting_p = p; p++;  /* skip '%' */
+   /* parse flags */
+      while (*p == '0' || *p == '-' || *p == '+' ||
+             *p == ' ' || *p == '#' || *p == '\'') {
+        switch (*p) {
+        case '0': zero_padding = 1; break;
+        case '-': justify_left = 1; break;
+        case '+': force_sign = 1; space_for_positive = 0; break;
+        case ' ': force_sign = 1;
+     /* If both the ' ' and '+' flags appear, the ' ' flag should be ignored */
+#ifdef PERL_COMPATIBLE
+     /* ... but in Perl the last of ' ' and '+' applies */
+                  space_for_positive = 1;
+#endif
+                  break;
+        case '#': alternate_form = 1; break;
+        case '\'': break;
+        }
+        p++;
+      }
+   /* If the '0' and '-' flags both appear, the '0' flag should be ignored. */
+
+   /* parse field width */
+      if (*p == '*') {
+        int j;
+        p++; j = va_arg(ap, int);
+        if (j >= 0) min_field_width = j;
+        else { min_field_width = -j; justify_left = 1; }
+      } else if (isdigit((int)(*p))) {
+        /* size_t could be wider than unsigned int;
+           make sure we treat argument like common implementations do */
+        unsigned int uj = *p++ - '0';
+        while (isdigit((int)(*p))) uj = 10*uj + (unsigned int)(*p++ - '0');
+        min_field_width = uj;
+      }
+   /* parse precision */
+      if (*p == '.') {
+        p++; precision_specified = 1;
+        if (*p == '*') {
+          int j = va_arg(ap, int);
+          p++;
+          if (j >= 0) precision = j;
+          else {
+            precision_specified = 0; precision = 0;
+         /* NOTE:
+          *   Solaris 2.6 man page claims that in this case the precision
+          *   should be set to 0.  Digital Unix 4.0, HPUX 10 and BSD man page
+          *   claim that this case should be treated as unspecified precision,
+          *   which is what we do here.
+          */
+          }
+        } else if (isdigit((int)(*p))) {
+          /* size_t could be wider than unsigned int;
+             make sure we treat argument like common implementations do */
+          unsigned int uj = *p++ - '0';
+          while (isdigit((int)(*p))) uj = 10*uj + (unsigned int)(*p++ - '0');
+          precision = uj;
+        }
+      }
+   /* parse 'h', 'l' and 'll' length modifiers */
+      if (*p == 'h' || *p == 'l') {
+        length_modifier = *p; p++;
+        if (length_modifier == 'l' && *p == 'l') {   /* double l = long long */
+#ifdef SNPRINTF_LONGLONG_SUPPORT
+          length_modifier = '2';                  /* double l encoded as '2' */
+#else
+          length_modifier = 'l';                 /* treat it as a single 'l' */
+#endif
+          p++;
+        }
+      }
+      fmt_spec = *p;
+   /* common synonyms: */
+      switch (fmt_spec) {
+      case 'i': fmt_spec = 'd'; break;
+      case 'D': fmt_spec = 'd'; length_modifier = 'l'; break;
+      case 'U': fmt_spec = 'u'; length_modifier = 'l'; break;
+      case 'O': fmt_spec = 'o'; length_modifier = 'l'; break;
+      default: break;
+      }
+   /* get parameter value, do initial processing */
+      switch (fmt_spec) {
+      case '%': /* % behaves similar to 's' regarding flags and field widths */
+      case 'c': /* c behaves similar to 's' regarding flags and field widths */
+      case 's':
+        length_modifier = '\0';          /* wint_t and wchar_t not supported */
+     /* the result of zero padding flag with non-numeric conversion specifier*/
+     /* is undefined. Solaris and HPUX 10 does zero padding in this case,    */
+     /* Digital Unix and Linux does not. */
+#if !defined(SOLARIS_COMPATIBLE) && !defined(HPUX_COMPATIBLE)
+        zero_padding = 0;    /* turn zero padding off for string conversions */
+#endif
+        str_arg_l = 1;
+        switch (fmt_spec) {
+        case '%':
+          str_arg = p; break;
+        case 'c': {
+          int j = va_arg(ap, int);
+          uchar_arg = (unsigned char) j;   /* standard demands unsigned char */
+          str_arg = (const char *) &uchar_arg;
+          break;
+        }
+        case 's':
+          str_arg = va_arg(ap, const char *);
+          if (!str_arg) str_arg_l = 0;
+       /* make sure not to address string beyond the specified precision !!! */
+          else if (!precision_specified) str_arg_l = strlen(str_arg);
+       /* truncate string if necessary as requested by precision */
+          else if (precision == 0) str_arg_l = 0;
+          else {
+       /* memchr on HP does not like n > 2^31  !!! */
+            const char *q = memchr(str_arg, '\0',
+                             precision <= 0x7fffffff ? precision : 0x7fffffff);
+            str_arg_l = !q ? precision : (q-str_arg);
+          }
+          break;
+        default: break;
+        }
+        break;
+      case 'd': case 'u': case 'o': case 'x': case 'X': case 'p': {
+        /* NOTE: the u, o, x, X and p conversion specifiers imply
+                 the value is unsigned;  d implies a signed value */
+
+        int arg_sign = 0;
+          /* 0 if numeric argument is zero (or if pointer is NULL for 'p'),
+            +1 if greater than zero (or nonzero for unsigned arguments),
+            -1 if negative (unsigned argument is never negative) */
+
+        int int_arg = 0;  unsigned int uint_arg = 0;
+          /* only defined for length modifier h, or for no length modifiers */
+
+        long int long_arg = 0;  unsigned long int ulong_arg = 0;
+          /* only defined for length modifier l */
+
+        void *ptr_arg = NULL;
+          /* pointer argument value -only defined for p conversion */
+
+#ifdef SNPRINTF_LONGLONG_SUPPORT
+        long long int long_long_arg = 0;
+        unsigned long long int ulong_long_arg = 0;
+          /* only defined for length modifier ll */
+#endif
+        if (fmt_spec == 'p') {
+        /* HPUX 10: An l, h, ll or L before any other conversion character
+         *   (other than d, i, u, o, x, or X) is ignored.
+         * Digital Unix:
+         *   not specified, but seems to behave as HPUX does.
+         * Solaris: If an h, l, or L appears before any other conversion
+         *   specifier (other than d, i, u, o, x, or X), the behavior
+         *   is undefined. (Actually %hp converts only 16-bits of address
+         *   and %llp treats address as 64-bit data which is incompatible
+         *   with (void *) argument on a 32-bit system).
+         */
+#ifdef SOLARIS_COMPATIBLE
+#  ifdef SOLARIS_BUG_COMPATIBLE
+          /* keep length modifiers even if it represents 'll' */
+#  else
+          if (length_modifier == '2') length_modifier = '\0';
+#  endif
+#else
+          length_modifier = '\0';
+#endif
+          ptr_arg = va_arg(ap, void *);
+          if (ptr_arg != NULL) arg_sign = 1;
+        } else if (fmt_spec == 'd') {  /* signed */
+          switch (length_modifier) {
+          case '\0':
+          case 'h':
+         /* It is non-portable to specify a second argument of char or short
+          * to va_arg, because arguments seen by the called function
+          * are not char or short.  C converts char and short arguments
+          * to int before passing them to a function.
+          */
+            int_arg = va_arg(ap, int);
+            if      (int_arg > 0) arg_sign =  1;
+            else if (int_arg < 0) arg_sign = -1;
+            break;
+          case 'l':
+            long_arg = va_arg(ap, long int);
+            if      (long_arg > 0) arg_sign =  1;
+            else if (long_arg < 0) arg_sign = -1;
+            break;
+#ifdef SNPRINTF_LONGLONG_SUPPORT
+          case '2':
+            long_long_arg = va_arg(ap, long long int);
+            if      (long_long_arg > 0) arg_sign =  1;
+            else if (long_long_arg < 0) arg_sign = -1;
+            break;
+#endif
+          }
+        } else {  /* unsigned */
+          switch (length_modifier) {
+          case '\0':
+          case 'h':
+            uint_arg = va_arg(ap, unsigned int);
+            if (uint_arg) arg_sign = 1;
+            break;
+          case 'l':
+            ulong_arg = va_arg(ap, unsigned long int);
+            if (ulong_arg) arg_sign = 1;
+            break;
+#ifdef SNPRINTF_LONGLONG_SUPPORT
+          case '2':
+            ulong_long_arg = va_arg(ap, unsigned long long int);
+            if (ulong_long_arg) arg_sign = 1;
+            break;
+#endif
+          }
+        }
+        str_arg = tmp; str_arg_l = 0;
+     /* NOTE:
+      *   For d, i, u, o, x, and X conversions, if precision is specified,
+      *   the '0' flag should be ignored. This is so with Solaris 2.6,
+      *   Digital UNIX 4.0, HPUX 10, Linux, FreeBSD, NetBSD; but not with Perl.
+      */
+#ifndef PERL_COMPATIBLE
+        if (precision_specified) zero_padding = 0;
+#endif
+        if (fmt_spec == 'd') {
+          if (force_sign && arg_sign >= 0)
+            tmp[str_arg_l++] = space_for_positive ? ' ' : '+';
+         /* leave negative numbers for sprintf to handle,
+            to avoid handling tricky cases like (short int)(-32768) */
+#ifdef LINUX_COMPATIBLE
+        } else if (fmt_spec == 'p' && force_sign && arg_sign > 0) {
+          tmp[str_arg_l++] = space_for_positive ? ' ' : '+';
+#endif
+        } else if (alternate_form) {
+          if (arg_sign != 0 && (fmt_spec == 'x' || fmt_spec == 'X') )
+            { tmp[str_arg_l++] = '0'; tmp[str_arg_l++] = fmt_spec; }
+         /* alternate form should have no effect for p conversion, but ... */
+#ifdef HPUX_COMPATIBLE
+          else if (fmt_spec == 'p'
+         /* HPUX 10: for an alternate form of p conversion,
+          *          a nonzero result is prefixed by 0x. */
+#ifndef HPUX_BUG_COMPATIBLE
+         /* Actually it uses 0x prefix even for a zero value. */
+                   && arg_sign != 0
+#endif
+                  ) { tmp[str_arg_l++] = '0'; tmp[str_arg_l++] = 'x'; }
+#endif
+        }
+        zero_padding_insertion_ind = str_arg_l;
+        if (!precision_specified) precision = 1;   /* default precision is 1 */
+        if (precision == 0 && arg_sign == 0
+#if defined(HPUX_BUG_COMPATIBLE) || defined(LINUX_COMPATIBLE)
+            && fmt_spec != 'p'
+         /* HPUX 10 man page claims: With conversion character p the result of
+          * converting a zero value with a precision of zero is a null string.
+          * Actually HP returns all zeroes, and Linux returns "(nil)". */
+#endif
+        ) {
+         /* converted to null string */
+         /* When zero value is formatted with an explicit precision 0,
+            the resulting formatted string is empty (d, i, u, o, x, X, p).   */
+        } else {
+          char f[5]; int f_l = 0;
+          f[f_l++] = '%';    /* construct a simple format string for sprintf */
+          if (!length_modifier) { }
+          else if (length_modifier=='2') { f[f_l++] = 'l'; f[f_l++] = 'l'; }
+          else f[f_l++] = length_modifier;
+          f[f_l++] = fmt_spec; f[f_l++] = '\0';
+          if (fmt_spec == 'p') str_arg_l += sprintf(tmp+str_arg_l, f, ptr_arg);
+          else if (fmt_spec == 'd') {  /* signed */
+            switch (length_modifier) {
+            case '\0':
+            case 'h': str_arg_l+=sprintf(tmp+str_arg_l, f, int_arg);  break;
+            case 'l': str_arg_l+=sprintf(tmp+str_arg_l, f, long_arg); break;
+#ifdef SNPRINTF_LONGLONG_SUPPORT
+            case '2': str_arg_l+=sprintf(tmp+str_arg_l,f,long_long_arg); break;
+#endif
+            }
+          } else {  /* unsigned */
+            switch (length_modifier) {
+            case '\0':
+            case 'h': str_arg_l+=sprintf(tmp+str_arg_l, f, uint_arg);  break;
+            case 'l': str_arg_l+=sprintf(tmp+str_arg_l, f, ulong_arg); break;
+#ifdef SNPRINTF_LONGLONG_SUPPORT
+            case '2': str_arg_l+=sprintf(tmp+str_arg_l,f,ulong_long_arg);break;
+#endif
+            }
+          }
+         /* include the optional minus sign and possible "0x"
+            in the region before the zero padding insertion point */
+          if (zero_padding_insertion_ind < str_arg_l &&
+              tmp[zero_padding_insertion_ind] == '-') {
+            zero_padding_insertion_ind++;
+          }
+          if (zero_padding_insertion_ind+1 < str_arg_l &&
+              tmp[zero_padding_insertion_ind]   == '0' &&
+             (tmp[zero_padding_insertion_ind+1] == 'x' ||
+              tmp[zero_padding_insertion_ind+1] == 'X') ) {
+            zero_padding_insertion_ind += 2;
+          }
+        }
+        { size_t num_of_digits = str_arg_l - zero_padding_insertion_ind;
+          if (alternate_form && fmt_spec == 'o'
+#ifdef HPUX_COMPATIBLE                                  /* ("%#.o",0) -> ""  */
+              && (str_arg_l > 0)
+#endif
+#ifdef DIGITAL_UNIX_BUG_COMPATIBLE                      /* ("%#o",0) -> "00" */
+#else
+              /* unless zero is already the first character */
+              && !(zero_padding_insertion_ind < str_arg_l
+                   && tmp[zero_padding_insertion_ind] == '0')
+#endif
+          ) {        /* assure leading zero for alternate-form octal numbers */
+            if (!precision_specified || precision < num_of_digits+1) {
+             /* precision is increased to force the first character to be zero,
+                except if a zero value is formatted with an explicit precision
+                of zero */
+              precision = num_of_digits+1; precision_specified = 1;
+            }
+          }
+       /* zero padding to specified precision? */
+          if (num_of_digits < precision) 
+            number_of_zeros_to_pad = precision - num_of_digits;
+        }
+     /* zero padding to specified minimal field width? */
+        if (!justify_left && zero_padding) {
+          int n = min_field_width - (str_arg_l+number_of_zeros_to_pad);
+          if (n > 0) number_of_zeros_to_pad += n;
+        }
+        break;
+      }
+      default: /* unrecognized conversion specifier, keep format string as-is*/
+        zero_padding = 0;  /* turn zero padding off for non-numeric convers. */
+#ifndef DIGITAL_UNIX_COMPATIBLE
+        justify_left = 1; min_field_width = 0;                /* reset flags */
+#endif
+#if defined(PERL_COMPATIBLE) || defined(LINUX_COMPATIBLE)
+     /* keep the entire format string unchanged */
+        str_arg = starting_p; str_arg_l = p - starting_p;
+     /* well, not exactly so for Linux, which does something inbetween,
+      * and I don't feel an urge to imitate it: "%+++++hy" -> "%+y"  */
+#else
+     /* discard the unrecognized conversion, just keep *
+      * the unrecognized conversion character          */
+        str_arg = p; str_arg_l = 0;
+#endif
+        if (*p) str_arg_l++;  /* include invalid conversion specifier unchanged
+                                 if not at end-of-string */
+        break;
+      }
+      if (*p) p++;      /* step over the just processed conversion specifier */
+   /* insert padding to the left as requested by min_field_width;
+      this does not include the zero padding in case of numerical conversions*/
+      if (!justify_left) {                /* left padding with blank or zero */
+        int n = min_field_width - (str_arg_l+number_of_zeros_to_pad);
+        if (n > 0) {
+          if (str_l < str_m) {
+            size_t avail = str_m-str_l;
+            fast_memset(str+str_l, (zero_padding?'0':' '), (n>avail?avail:n));
+          }
+          str_l += n;
+        }
+      }
+   /* zero padding as requested by the precision or by the minimal field width
+    * for numeric conversions required? */
+      if (number_of_zeros_to_pad <= 0) {
+     /* will not copy first part of numeric right now, *
+      * force it to be copied later in its entirety    */
+        zero_padding_insertion_ind = 0;
+      } else {
+     /* insert first part of numerics (sign or '0x') before zero padding */
+        int n = zero_padding_insertion_ind;
+        if (n > 0) {
+          if (str_l < str_m) {
+            size_t avail = str_m-str_l;
+            fast_memcpy(str+str_l, str_arg, (n>avail?avail:n));
+          }
+          str_l += n;
+        }
+     /* insert zero padding as requested by the precision or min field width */
+        n = number_of_zeros_to_pad;
+        if (n > 0) {
+          if (str_l < str_m) {
+            size_t avail = str_m-str_l;
+            fast_memset(str+str_l, '0', (n>avail?avail:n));
+          }
+          str_l += n;
+        }
+      }
+   /* insert formatted string
+    * (or as-is conversion specifier for unknown conversions) */
+      { int n = str_arg_l - zero_padding_insertion_ind;
+        if (n > 0) {
+          if (str_l < str_m) {
+            size_t avail = str_m-str_l;
+            fast_memcpy(str+str_l, str_arg+zero_padding_insertion_ind,
+                        (n>avail?avail:n));
+          }
+          str_l += n;
+        }
+      }
+   /* insert right padding */
+      if (justify_left) {          /* right blank padding to the field width */
+        int n = min_field_width - (str_arg_l+number_of_zeros_to_pad);
+        if (n > 0) {
+          if (str_l < str_m) {
+            size_t avail = str_m-str_l;
+            fast_memset(str+str_l, ' ', (n>avail?avail:n));
+          }
+          str_l += n;
+        }
+      }
+    }
+  }
+#if defined(NEED_SNPRINTF_ONLY)
+  va_end(ap);
+#endif
+  if (str_m > 0) { /* make sure the string is null-terminated
+                      even at the expense of overwriting the last character
+                      (shouldn't happen, but just in case) */
+    str[str_l <= str_m-1 ? str_l : str_m-1] = '\0';
+  }
+  /* Return the number of characters formatted (excluding trailing null
+   * character), that is, the number of characters that would have been
+   * written to the buffer if it were large enough.
+   *
+   * The value of str_l should be returned, but str_l is of unsigned type
+   * size_t, and snprintf is int, possibly leading to an undetected
+   * integer overflow, resulting in a negative return value, which is illegal.
+   * Both XSH5 and ISO C99 (at least the draft) are silent on this issue.
+   * Should errno be set to EOVERFLOW and EOF returned in this case???
+   */
+  return (int) str_l;
+}
+#endif
+#endif /* ndef HAVE_SNPRINTF */
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/miscutil.h b/external/privoxy/miscutil.h
new file mode 100644
index 0000000..a0498ac
--- /dev/null
+++ b/external/privoxy/miscutil.h
@@ -0,0 +1,259 @@
+#ifndef MISCUTIL_H_INCLUDED
+#define MISCUTIL_H_INCLUDED
+#define MISCUTIL_H_VERSION "$Id: miscutil.h,v 1.30 2008/04/17 14:53:31 fabiankeil Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/miscutil.h,v $
+ *
+ * Purpose     :  zalloc, hash_string, safe_strerror, strcmpic,
+ *                strncmpic, and MinGW32 strdup functions.  These are
+ *                each too small to deserve their own file but don't 
+ *                really fit in any other file.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2007 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: miscutil.h,v $
+ *    Revision 1.30  2008/04/17 14:53:31  fabiankeil
+ *    Move simplematch() into urlmatch.c as it's only
+ *    used to match (old-school) domain patterns.
+ *
+ *    Revision 1.29  2007/09/09 18:20:20  fabiankeil
+ *    Turn privoxy_strlcpy() into a function and try to work with
+ *    b0rked snprintf() implementations too. Reported by icmp30.
+ *
+ *    Revision 1.28  2007/05/11 11:48:16  fabiankeil
+ *    - Delete strsav() which was replaced
+ *      by string_append() years ago.
+ *    - Add a strlcat() look-alike.
+ *    - Use strlcat() and strlcpy() in those parts
+ *      of the code that are run on unixes.
+ *
+ *    Revision 1.27  2007/04/09 17:48:51  fabiankeil
+ *    Check for HAVE_SNPRINTF instead of __OS2__
+ *    before including the portable snprintf() code.
+ *
+ *    Revision 1.26  2007/04/08 17:04:51  fabiankeil
+ *    Add macro for strlcpy() in case the libc lacks it.
+ *
+ *    Revision 1.25  2007/01/18 15:03:20  fabiankeil
+ *    Don't include replacement timegm() if
+ *    putenv() or tzset() isn't available.
+ *
+ *    Revision 1.24  2006/08/17 17:15:10  fabiankeil
+ *    - Back to timegm() using GnuPG's replacement if necessary.
+ *      Using mktime() and localtime() could add a on hour offset if
+ *      the randomize factor was big enough to lead to a summer/wintertime
+ *      switch.
+ *
+ *    - Removed now-useless Privoxy 3.0.3 compatibility glue.
+ *
+ *    - Moved randomization code into pick_from_range().
+ *
+ *    - Changed parse_header_time definition.
+ *      time_t isn't guaranteed to be signed and
+ *      if it isn't, -1 isn't available as error code.
+ *      Changed some variable types in client_if_modified_since()
+ *      because of the same reason.
+ *
+ *    Revision 1.23  2006/07/18 14:48:47  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.21  2002/04/26 12:55:38  oes
+ *    New function string_toupper
+ *
+ *    Revision 1.20  2002/03/26 22:29:55  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.19  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.18  2002/03/07 03:46:17  oes
+ *    Fixed compiler warnings
+ *
+ *    Revision 1.17  2002/03/04 18:28:32  oes
+ *    Deleted deletePidFile, played syleguide police
+ *
+ *    Revision 1.16  2002/01/21 00:53:36  jongfoster
+ *    Adding string_join()
+ *
+ *    Revision 1.15  2001/12/30 14:07:32  steudten
+ *    - Add signal handling (unix)
+ *    - Add SIGHUP handler (unix)
+ *    - Add creation of pidfile (unix)
+ *    - Add action 'top' in rc file (RH)
+ *    - Add entry 'SIGNALS' to manpage
+ *    - Add exit message to logfile (unix)
+ *
+ *    Revision 1.14  2001/11/05 21:43:48  steudten
+ *    Add global var 'basedir' for unix os.
+ *
+ *    Revision 1.13  2001/10/29 03:48:10  david__schmidt
+ *    OS/2 native needed a snprintf() routine.  Added one to miscutil, brackedted
+ *    by and __OS2__ ifdef.
+ *
+ *    Revision 1.12  2001/10/23 21:27:50  jongfoster
+ *    Standardising error codes in string_append
+ *    make_path() no longer adds '\\' if the dir already ends in '\\' (this
+ *    is just copying a UNIX-specific fix to the Windows-specific part)
+ *
+ *    Revision 1.11  2001/10/14 22:02:57  jongfoster
+ *    New function string_append() which is like strsav(), but running
+ *    out of memory isn't automatically FATAL.
+ *
+ *    Revision 1.10  2001/09/20 13:34:09  steudten
+ *
+ *    change long to int for prototype hash_string()
+ *
+ *    Revision 1.9  2001/07/29 18:43:08  jongfoster
+ *    Changing #ifdef _FILENAME_H to FILENAME_H_INCLUDED, to conform to
+ *    ANSI C rules.
+ *
+ *    Revision 1.8  2001/06/29 13:32:14  oes
+ *    Removed logentry from cancelled commit
+ *
+ *    Revision 1.7  2001/06/05 22:32:01  jongfoster
+ *    New function make_path() to splice directory and file names together.
+ *
+ *    Revision 1.6  2001/06/03 19:12:30  oes
+ *    introduced bindup()
+ *
+ *    Revision 1.5  2001/06/01 10:31:51  oes
+ *    Added character class matching to trivimatch; renamed to simplematch
+ *
+ *    Revision 1.4  2001/05/31 17:32:31  oes
+ *
+ *     - Enhanced domain part globbing with infix and prefix asterisk
+ *       matching and optional unanchored operation
+ *
+ *    Revision 1.3  2001/05/29 23:10:09  oes
+ *
+ *
+ *     - Introduced chomp()
+ *     - Moved strsav() from showargs to miscutil
+ *
+ *    Revision 1.2  2001/05/29 09:50:24  jongfoster
+ *    Unified blocklist/imagelist/permissionslist.
+ *    File format is still under discussion, but the internal changes
+ *    are (mostly) done.
+ *
+ *    Also modified interceptor behaviour:
+ *    - We now intercept all URLs beginning with one of the following
+ *      prefixes (and *only* these prefixes):
+ *        * http://i.j.b/
+ *        * http://ijbswa.sf.net/config/
+ *        * http://ijbswa.sourceforge.net/config/
+ *    - New interceptors "home page" - go to http://i.j.b/ to see it.
+ *    - Internal changes so that intercepted and fast redirect pages
+ *      are not replaced with an image.
+ *    - Interceptors now have the option to send a binary page direct
+ *      to the client. (i.e. ijb-send-banner uses this)
+ *    - Implemented show-url-info interceptor.  (Which is why I needed
+ *      the above interceptors changes - a typical URL is
+ *      "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ *      The previous mechanism would not have intercepted that, and
+ *      if it had been intercepted then it then it would have replaced
+ *      it with an image.)
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:59:00  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include "project.h"
+
+#if defined(__cplusplus)
+extern "C" {
+#endif
+
+extern const char *basedir;
+extern void *zalloc(size_t size);
+
+#if defined(unix)
+extern void write_pid_file(void);
+#endif /* unix */
+
+extern unsigned int hash_string(const char* s);
+
+extern char *safe_strerror(int err);
+
+extern int strcmpic(const char *s1, const char *s2);
+extern int strncmpic(const char *s1, const char *s2, size_t n);
+
+extern jb_err string_append(char **target_string, const char *text_to_append);
+extern jb_err string_join  (char **target_string,       char *text_to_append);
+
+extern char *string_toupper(const char *string);
+extern char *chomp(char *string);
+extern char *bindup(const char *string, size_t len);
+
+extern char *make_path(const char * dir, const char * file);
+
+long int pick_from_range(long int range);
+
+#ifdef __MINGW32__
+extern char *strdup(const char *s);
+#endif /* def __MINGW32__ */
+
+#ifndef HAVE_SNPRINTF
+extern int snprintf(char *, size_t, const char *, /*args*/ ...);
+#endif /* ndef HAVE_SNPRINTF */
+
+#if !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV)
+time_t timegm(struct tm *tm);
+#endif /* !defined(HAVE_TIMEGM) && defined(HAVE_TZSET) && defined(HAVE_PUTENV) */
+
+/* Here's looking at you, Ulrich. */
+#if !defined(HAVE_STRLCPY)
+size_t privoxy_strlcpy(char *destination, const char *source, size_t size);
+#define strlcpy privoxy_strlcpy
+#define USE_PRIVOXY_STRLCPY 1
+#define HAVE_STRLCPY 1
+#endif /* ndef HAVE_STRLCPY*/
+
+#ifndef HAVE_STRLCAT
+size_t privoxy_strlcat(char *destination, const char *source, size_t size);
+#define strlcat privoxy_strlcat
+#endif /* ndef HAVE_STRLCAT */
+
+/* Revision control strings from this header and associated .c file */
+extern const char miscutil_rcs[];
+extern const char miscutil_h_rcs[];
+
+#if defined(__cplusplus)
+}
+#endif
+
+#endif /* ndef MISCUTIL_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/mkinstalldirs b/external/privoxy/mkinstalldirs
new file mode 100755
index 0000000..3f681b3
--- /dev/null
+++ b/external/privoxy/mkinstalldirs
@@ -0,0 +1,40 @@
+#! /bin/sh
+# mkinstalldirs --- make directory hierarchy
+# Author: Noah Friedman <friedman at prep.ai.mit.edu>
+# Created: 1993-05-16
+# Public domain
+
+# $Id: mkinstalldirs,v 1.4 2006/07/18 14:48:47 david__schmidt Exp $
+
+errstatus=0
+
+for file
+do
+   set fnord `echo ":$file" | sed -ne 's/^:\//#/;s/^://;s/\// /g;s/^#/\//;p'`
+   shift
+
+   pathcomp=
+   for d
+   do
+     pathcomp="$pathcomp$d"
+     case "$pathcomp" in
+       -* ) pathcomp=./$pathcomp ;;
+     esac
+
+     if test ! -d "$pathcomp"; then
+        echo "mkdir $pathcomp"
+
+        mkdir "$pathcomp" || lasterr=$?
+
+        if test ! -d "$pathcomp"; then
+  	  errstatus=$lasterr
+        fi
+     fi
+
+     pathcomp="$pathcomp/"
+   done
+done
+
+exit $errstatus
+
+# mkinstalldirs ends here
diff --git a/external/privoxy/parsers.c b/external/privoxy/parsers.c
new file mode 100644
index 0000000..021762e
--- /dev/null
+++ b/external/privoxy/parsers.c
@@ -0,0 +1,4740 @@
+const char parsers_rcs[] = "$Id: parsers.c,v 1.154 2009/03/13 14:10:07 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/parsers.c,v $
+ *
+ * Purpose     :  Declares functions to parse/crunch headers and pages.
+ *                Functions declared include:
+ *                   `add_to_iob', `client_cookie_adder', `client_from',
+ *                   `client_referrer', `client_send_cookie', `client_ua',
+ *                   `client_uagent', `client_x_forwarded',
+ *                   `client_x_forwarded_adder', `client_xtra_adder',
+ *                   `content_type', `crumble', `destroy_list', `enlist',
+ *                   `flush_socket', ``get_header', `sed', `filter_header'
+ *                   `server_content_encoding', `server_content_disposition',
+ *                   `server_last_modified', `client_accept_language',
+ *                   `crunch_client_header', `client_if_modified_since',
+ *                   `client_if_none_match', `get_destination_from_headers',
+ *                   `parse_header_time', `decompress_iob' and `server_set_cookie'.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2009 the
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: parsers.c,v $
+ *    Revision 1.154  2009/03/13 14:10:07  fabiankeil
+ *    Fix some more harmless warnings on amd64.
+ *
+ *    Revision 1.153  2009/03/07 13:09:17  fabiankeil
+ *    Change csp->expected_content and_csp->expected_content_length from
+ *    size_t to unsigned long long to reduce the likelihood of integer
+ *    overflows that would let us close the connection prematurely.
+ *    Bug found while investigating #2669131, reported by cyberpatrol.
+ *
+ *    Revision 1.152  2009/03/01 18:43:48  fabiankeil
+ *    Help clang understand that we aren't dereferencing
+ *    NULL pointers here.
+ *
+ *    Revision 1.151  2009/02/15 14:46:35  fabiankeil
+ *    Don't let hide-referrer{conditional-*}} pass
+ *    Referer headers without http URLs.
+ *
+ *    Revision 1.150  2008/12/04 18:12:19  fabiankeil
+ *    Fix some cparser warnings.
+ *
+ *    Revision 1.149  2008/11/21 18:39:53  fabiankeil
+ *    In case of CONNECT requests there's no point
+ *    in trying to keep the connection alive.
+ *
+ *    Revision 1.148  2008/11/16 12:43:49  fabiankeil
+ *    Turn keep-alive support into a runtime feature
+ *    that is disabled by setting keep-alive-timeout
+ *    to a negative value.
+ *
+ *    Revision 1.147  2008/11/04 17:20:31  fabiankeil
+ *    HTTP/1.1 responses without Connection
+ *    header imply keep-alive. Act accordingly.
+ *
+ *    Revision 1.146  2008/10/12 16:46:35  fabiankeil
+ *    Remove obsolete warning about delayed delivery with chunked
+ *    transfer encoding and FEATURE_CONNECTION_KEEP_ALIVE enabled.
+ *
+ *    Revision 1.145  2008/10/09 18:21:41  fabiankeil
+ *    Flush work-in-progress changes to keep outgoing connections
+ *    alive where possible. Incomplete and mostly #ifdef'd out.
+ *
+ *    Revision 1.144  2008/09/21 13:59:33  fabiankeil
+ *    Treat unknown change-x-forwarded-for parameters as fatal errors.
+ *
+ *    Revision 1.143  2008/09/21 13:36:52  fabiankeil
+ *    If change-x-forwarded-for{add} is used and the client
+ *    sends multiple X-Forwarded-For headers, append the client's
+ *    IP address to each one of them. "Traditionally" we would
+ *    lose all but the last one.
+ *
+ *    Revision 1.142  2008/09/20 10:04:33  fabiankeil
+ *    Remove hide-forwarded-for-headers action which has
+ *    been obsoleted by change-x-forwarded-for{block}.
+ *
+ *    Revision 1.141  2008/09/19 15:26:28  fabiankeil
+ *    Add change-x-forwarded-for{} action to block or add
+ *    X-Forwarded-For headers. Mostly based on code removed
+ *    before 3.0.7.
+ *
+ *    Revision 1.140  2008/09/12 17:51:43  fabiankeil
+ *    - A few style fixes.
+ *    - Remove a pointless cast.
+ *
+ *    Revision 1.139  2008/09/04 08:13:58  fabiankeil
+ *    Prepare for critical sections on Windows by adding a
+ *    layer of indirection before the pthread mutex functions.
+ *
+ *    Revision 1.138  2008/08/30 12:03:07  fabiankeil
+ *    Remove FEATURE_COOKIE_JAR.
+ *
+ *    Revision 1.137  2008/05/30 15:50:08  fabiankeil
+ *    Remove questionable micro-optimizations
+ *    whose usefulness has never been measured.
+ *
+ *    Revision 1.136  2008/05/26 16:02:24  fabiankeil
+ *    s at Insufficent@Insufficient@
+ *
+ *    Revision 1.135  2008/05/21 20:12:10  fabiankeil
+ *    The whole point of strclean() is to modify the
+ *    first parameter, so don't mark it immutable,
+ *    even though the compiler lets us get away with it.
+ *
+ *    Revision 1.134  2008/05/21 19:27:25  fabiankeil
+ *    As the wafer actions are gone, we can stop including encode.h.
+ *
+ *    Revision 1.133  2008/05/21 15:50:47  fabiankeil
+ *    Ditch cast from (char **) to (char **).
+ *
+ *    Revision 1.132  2008/05/21 15:47:14  fabiankeil
+ *    Streamline sed()'s prototype and declare
+ *    the header parse and add structures static.
+ *
+ *    Revision 1.131  2008/05/20 20:13:30  fabiankeil
+ *    Factor update_server_headers() out of sed(), ditch the
+ *    first_run hack and make server_patterns_light static.
+ *
+ *    Revision 1.130  2008/05/19 17:18:04  fabiankeil
+ *    Wrap memmove() calls in string_move()
+ *    to document the purpose in one place.
+ *
+ *    Revision 1.129  2008/05/17 14:02:07  fabiankeil
+ *    Normalize linear header white space.
+ *
+ *    Revision 1.128  2008/05/16 16:39:03  fabiankeil
+ *    If a header is split across multiple lines,
+ *    merge them to a single line before parsing them.
+ *
+ *    Revision 1.127  2008/05/10 13:23:38  fabiankeil
+ *    Don't provide get_header() with the whole client state
+ *    structure when it only needs access to csp->iob.
+ *
+ *    Revision 1.126  2008/05/03 16:40:45  fabiankeil
+ *    Change content_filters_enabled()'s parameter from
+ *    csp->action to action so it can be also used in the
+ *    CGI code. Don't bother checking if there are filters
+ *    loaded, as that's somewhat besides the point.
+ *
+ *    Revision 1.125  2008/04/17 14:40:49  fabiankeil
+ *    Provide get_http_time() with the buffer size so it doesn't
+ *    have to blindly assume that the buffer is big enough.
+ *
+ *    Revision 1.124  2008/04/16 16:38:21  fabiankeil
+ *    Don't pass the whole csp structure to flush_socket()
+ *    when it only needs a file descriptor and a buffer.
+ *
+ *    Revision 1.123  2008/03/29 12:13:46  fabiankeil
+ *    Remove send-wafer and send-vanilla-wafer actions.
+ *
+ *    Revision 1.122  2008/03/28 15:13:39  fabiankeil
+ *    Remove inspect-jpegs action.
+ *
+ *    Revision 1.121  2008/01/05 21:37:03  fabiankeil
+ *    Let client_range() also handle Request-Range headers
+ *    which apparently are still supported by many servers.
+ *
+ *    Revision 1.120  2008/01/04 17:43:45  fabiankeil
+ *    Improve the warning messages that get logged if the action files
+ *    "enable" filters but no filters of that type have been loaded.
+ *
+ *    Revision 1.119  2007/12/28 18:32:51  fabiankeil
+ *    In server_content_type():
+ *    - Don't require leading white space when detecting image content types.
+ *    - Change '... not replaced ...' message to sound less crazy if the text
+ *      type actually is 'text/plain'.
+ *    - Mark the 'text/plain == binary data' assumption for removal.
+ *    - Remove a bunch of trailing white space.
+ *
+ *    Revision 1.118  2007/12/28 16:56:35  fabiankeil
+ *    Minor server_content_disposition() changes:
+ *    - Don't regenerate the header name all lower-case.
+ *    - Some white space fixes.
+ *    - Remove useless log message in case of ENOMEM.
+ *
+ *    Revision 1.117  2007/12/06 18:11:50  fabiankeil
+ *    Garbage-collect the code to add a X-Forwarded-For
+ *    header as it seems to be mostly used by accident.
+ *
+ *    Revision 1.116  2007/12/01 13:04:22  fabiankeil
+ *    Fix a crash on mingw32 with some Last Modified times in the future.
+ *
+ *    Revision 1.115  2007/11/02 16:52:50  fabiankeil
+ *    Remove a "can't happen" error block which, over
+ *    time, mutated into a "guaranteed to happen" block.
+ *
+ *    Revision 1.114  2007/10/19 16:56:26  fabiankeil
+ *    - Downgrade "Buffer limit reached" message to LOG_LEVEL_INFO.
+ *    - Use shiny new content_filters_enabled() in client_range().
+ *
+ *    Revision 1.113  2007/10/10 17:29:57  fabiankeil
+ *    I forgot about Poland.
+ *
+ *    Revision 1.112  2007/10/09 16:38:40  fabiankeil
+ *    Remove Range and If-Range headers if content filtering is enabled.
+ *
+ *    Revision 1.111  2007/10/04 18:07:00  fabiankeil
+ *    Move ACTION_VANILLA_WAFER handling from jcc's chat() into
+ *    client_cookie_adder() to make sure send-vanilla-wafer can be
+ *    controlled through tags (and thus regression-tested).
+ *
+ *    Revision 1.110  2007/09/29 10:42:37  fabiankeil
+ *    - Remove "scanning headers for" log message again.
+ *    - Some more whitespace fixes.
+ *
+ *    Revision 1.109  2007/09/08 14:25:48  fabiankeil
+ *    Refactor client_referrer() and add conditional-forge parameter.
+ *
+ *    Revision 1.108  2007/08/28 18:21:03  fabiankeil
+ *    A bunch of whitespace fixes, pointy hat to me.
+ *
+ *    Revision 1.107  2007/08/28 18:16:32  fabiankeil
+ *    Fix possible memory corruption in server_http, make sure it's not
+ *    executed for ordinary server headers and mark some problems for later.
+ *
+ *    Revision 1.106  2007/08/18 14:30:32  fabiankeil
+ *    Let content-type-overwrite{} honour force-text-mode again.
+ *
+ *    Revision 1.105  2007/08/11 14:49:49  fabiankeil
+ *    - Add prototpyes for the header parsers and make them static.
+ *    - Comment out client_accept_encoding_adder() which isn't used right now.
+ *
+ *    Revision 1.104  2007/07/14 07:38:19  fabiankeil
+ *    Move the ACTION_FORCE_TEXT_MODE check out of
+ *    server_content_type(). Signal other functions
+ *    whether or not a content type has been declared.
+ *    Part of the fix for BR#1750917.
+ *
+ *    Revision 1.103  2007/06/01 16:31:54  fabiankeil
+ *    Change sed() to return a jb_err in preparation for forward-override{}.
+ *
+ *    Revision 1.102  2007/05/27 12:39:32  fabiankeil
+ *    Adjust "X-Filter: No" to disable dedicated header filters.
+ *
+ *    Revision 1.101  2007/05/14 10:16:41  fabiankeil
+ *    Streamline client_cookie_adder().
+ *
+ *    Revision 1.100  2007/04/30 15:53:11  fabiankeil
+ *    Make sure filters with dynamic jobs actually use them.
+ *
+ *    Revision 1.99  2007/04/30 15:06:26  fabiankeil
+ *    - Introduce dynamic pcrs jobs that can resolve variables.
+ *    - Remove unnecessary update_action_bits_for_all_tags() call.
+ *
+ *    Revision 1.98  2007/04/17 18:32:10  fabiankeil
+ *    - Make tagging based on tags set by earlier taggers
+ *      of the same kind possible.
+ *    - Log whether or not new tags cause action bits updates
+ *      (in which case a matching tag-pattern section exists).
+ *    - Log if the user tries to set a tag that is already set.
+ *
+ *    Revision 1.97  2007/04/15 16:39:21  fabiankeil
+ *    Introduce tags as alternative way to specify which
+ *    actions apply to a request. At the moment tags can be
+ *    created based on client and server headers.
+ *
+ *    Revision 1.96  2007/04/12 12:53:58  fabiankeil
+ *    Log a warning if the content is compressed, filtering is
+ *    enabled and Privoxy was compiled without zlib support.
+ *    Closes FR#1673938.
+ *
+ *    Revision 1.95  2007/03/25 14:26:40  fabiankeil
+ *    - Fix warnings when compiled with glibc.
+ *    - Don't use crumble() for cookie crunching.
+ *    - Move cookie time parsing into parse_header_time().
+ *    - Let parse_header_time() return a jb_err code
+ *      instead of a pointer that can only be used to
+ *      check for NULL anyway.
+ *
+ *    Revision 1.94  2007/03/21 12:23:53  fabiankeil
+ *    - Add better protection against malicious gzip headers.
+ *    - Stop logging the first hundred bytes of decompressed content.
+ *      It looks like it's working and there is always debug 16.
+ *    - Log the content size after decompression in decompress_iob()
+ *      instead of pcrs_filter_response().
+ *
+ *    Revision 1.93  2007/03/20 15:21:44  fabiankeil
+ *    - Use dedicated header filter actions instead of abusing "filter".
+ *      Replace "filter-client-headers" and "filter-client-headers"
+ *      with "server-header-filter" and "client-header-filter".
+ *    - Remove filter_client_header() and filter_client_header(),
+ *      filter_header() now checks the shiny new
+ *      CSP_FLAG_CLIENT_HEADER_PARSING_DONE flag instead.
+ *
+ *    Revision 1.92  2007/03/05 13:25:32  fabiankeil
+ *    - Cosmetical changes for LOG_LEVEL_RE_FILTER messages.
+ *    - Handle "Cookie:" and "Connection:" headers a bit smarter
+ *      (don't crunch them just to recreate them later on).
+ *    - Add another non-standard time format for the cookie
+ *      expiration date detection.
+ *    - Fix a valgrind warning.
+ *
+ *    Revision 1.91  2007/02/24 12:27:32  fabiankeil
+ *    Improve cookie expiration date detection.
+ *
+ *    Revision 1.90  2007/02/08 19:12:35  fabiankeil
+ *    Don't run server_content_length() the first time
+ *    sed() parses server headers; only adjust the
+ *    Content-Length header if the page was modified.
+ *
+ *    Revision 1.89  2007/02/07 16:52:11  fabiankeil
+ *    Fix log messages regarding the cookie time format
+ *    (cookie and request URL were mixed up).
+ *
+ *    Revision 1.88  2007/02/07 11:27:12  fabiankeil
+ *    - Let decompress_iob()
+ *      - not corrupt the content if decompression fails
+ *        early. (the first byte(s) were lost).
+ *      - use pointer arithmetics with defined outcome for
+ *        a change.
+ *    - Use a different kludge to remember a failed decompression.
+ *
+ *    Revision 1.87  2007/01/31 16:21:38  fabiankeil
+ *    Search for Max-Forwards headers case-insensitive,
+ *    don't generate the "501 unsupported" message for invalid
+ *    Max-Forwards values and don't increase negative ones.
+ *
+ *    Revision 1.86  2007/01/30 13:05:26  fabiankeil
+ *    - Let server_set_cookie() check the expiration date
+ *      of cookies and don't touch the ones that are already
+ *      expired. Fixes problems with low quality web applications
+ *      as described in BR 932612.
+ *
+ *    - Adjust comment in client_max_forwards to reality;
+ *      remove invalid Max-Forwards headers.
+ *
+ *    Revision 1.85  2007/01/26 15:33:46  fabiankeil
+ *    Stop filter_header() from unintentionally removing
+ *    empty header lines that were enlisted by the continue
+ *    hack.
+ *
+ *    Revision 1.84  2007/01/24 12:56:52  fabiankeil
+ *    - Repeat the request URL before logging any headers.
+ *      Makes reading the log easier in case of simultaneous requests.
+ *    - If there are more than one Content-Type headers in one request,
+ *      use the first one and remove the others.
+ *    - Remove "newval" variable in server_content_type().
+ *      It's only used once.
+ *
+ *    Revision 1.83  2007/01/12 15:03:02  fabiankeil
+ *    Correct a cast, check inflateEnd() exit code
+ *    to see if we have to, replace sprintf calls
+ *    with snprintf.
+ *
+ *    Revision 1.82  2007/01/01 19:36:37  fabiankeil
+ *    Integrate a modified version of Wil Mahan's
+ *    zlib patch (PR #895531).
+ *
+ *    Revision 1.81  2006/12/31 22:21:33  fabiankeil
+ *    Skip empty filter files in filter_header()
+ *    but don't ignore the ones that come afterwards.
+ *    Fixes BR 1619208, this time for real.
+ *
+ *    Revision 1.80  2006/12/29 19:08:22  fabiankeil
+ *    Reverted parts of my last commit
+ *    to keep error handling working.
+ *
+ *    Revision 1.79  2006/12/29 18:04:40  fabiankeil
+ *    Fixed gcc43 conversion warnings.
+ *
+ *    Revision 1.78  2006/12/26 17:19:20  fabiankeil
+ *    Bringing back the "useless" localtime() call
+ *    I removed in revision 1.67. On some platforms
+ *    it's necessary to prevent time zone offsets.
+ *
+ *    Revision 1.77  2006/12/07 18:44:26  fabiankeil
+ *    Rebuild request URL in get_destination_from_headers()
+ *    to make sure redirect{pcrs command} works as expected
+ *    for intercepted requests.
+ *
+ *    Revision 1.76  2006/12/06 19:52:25  fabiankeil
+ *    Added get_destination_from_headers().
+ *
+ *    Revision 1.75  2006/11/13 19:05:51  fabiankeil
+ *    Make pthread mutex locking more generic. Instead of
+ *    checking for OSX and OpenBSD, check for FEATURE_PTHREAD
+ *    and use mutex locking unless there is an _r function
+ *    available. Better safe than sorry.
+ *
+ *    Fixes "./configure --disable-pthread" and should result
+ *    in less threading-related problems on pthread-using platforms,
+ *    but it still doesn't fix BR#1122404.
+ *
+ *    Revision 1.74  2006/10/02 16:59:12  fabiankeil
+ *    The special header "X-Filter: No" now disables
+ *    header filtering as well.
+ *
+ *    Revision 1.73  2006/09/23 13:26:38  roro
+ *    Replace TABs by spaces in source code.
+ *
+ *    Revision 1.72  2006/09/23 12:37:21  fabiankeil
+ *    Don't print a log message every time filter_headers is
+ *    entered or left. It only creates noise without any real
+ *    information.
+ *
+ *    Revision 1.71  2006/09/21 19:55:17  fabiankeil
+ *    Fix +hide-if-modified-since{-n}.
+ *
+ *    Revision 1.70  2006/09/08 12:06:34  fabiankeil
+ *    Have hide-if-modified-since interpret the random
+ *    range value as minutes instead of hours. Allows
+ *    more fine-grained configuration.
+ *
+ *    Revision 1.69  2006/09/06 16:25:51  fabiankeil
+ *    Always have parse_header_time return a pointer
+ *    that actual makes sense, even though we currently
+ *    only need it to detect problems.
+ *
+ *    Revision 1.68  2006/09/06 10:43:32  fabiankeil
+ *    Added config option enable-remote-http-toggle
+ *    to specify if Privoxy should recognize special
+ *    headers (currently only X-Filter) to change its
+ *    behaviour. Disabled by default.
+ *
+ *    Revision 1.67  2006/09/04 11:01:26  fabiankeil
+ *    After filtering de-chunked instances, remove
+ *    "Transfer-Encoding" header entirely instead of changing
+ *    it to "Transfer-Encoding: identity", which is invalid.
+ *    Thanks Michael Shields <shields at msrl.com>. Fixes PR 1318658.
+ *
+ *    Don't use localtime in parse_header_time. An empty time struct
+ *    is good enough, it gets overwritten by strptime anyway.
+ *
+ *    Revision 1.66  2006/09/03 19:38:28  fabiankeil
+ *    Use gmtime_r if available, fallback to gmtime with mutex
+ *    protection for MacOSX and use vanilla gmtime for the rest.
+ *
+ *    Revision 1.65  2006/08/22 10:55:56  fabiankeil
+ *    Changed client_referrer to use the right type (size_t) for
+ *    hostlenght and to shorten the temporary referrer string with
+ *    '\0' instead of adding a useless line break.
+ *
+ *    Revision 1.64  2006/08/17 17:15:10  fabiankeil
+ *    - Back to timegm() using GnuPG's replacement if necessary.
+ *      Using mktime() and localtime() could add a on hour offset if
+ *      the randomize factor was big enough to lead to a summer/wintertime
+ *      switch.
+ *
+ *    - Removed now-useless Privoxy 3.0.3 compatibility glue.
+ *
+ *    - Moved randomization code into pick_from_range().
+ *
+ *    - Changed parse_header_time definition.
+ *      time_t isn't guaranteed to be signed and
+ *      if it isn't, -1 isn't available as error code.
+ *      Changed some variable types in client_if_modified_since()
+ *      because of the same reason.
+ *
+ *    Revision 1.63  2006/08/14 13:18:08  david__schmidt
+ *    OS/2 compilation compatibility fixups
+ *
+ *    Revision 1.62  2006/08/14 08:58:42  fabiankeil
+ *    Changed include from strptime.c to strptime.h
+ *
+ *    Revision 1.61  2006/08/14 08:25:19  fabiankeil
+ *    Split filter-headers{} into filter-client-headers{}
+ *    and filter-server-headers{}.
+ *    Added parse_header_time() to share some code.
+ *    Replaced timegm() with mktime().
+ *
+ *    Revision 1.60  2006/08/12 03:54:37  david__schmidt
+ *    Windows service integration
+ *
+ *    Revision 1.59  2006/08/03 02:46:41  david__schmidt
+ *    Incorporate Fabian Keil's patch work:http://www.fabiankeil.de/sourcecode/privoxy/
+ *
+ *    Revision 1.58  2006/07/18 14:48:47  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.56.2.10  2006/01/21 16:16:08  david__schmidt
+ *    Thanks to  Edward Carrel for his patch to modernize OSX'spthreads support.  See bug #1409623.
+ *
+ *    Revision 1.56.2.9  2004/10/03 12:53:45  david__schmidt
+ *    Add the ability to check jpeg images for invalid
+ *    lengths of comment blocks.  Defensive strategy
+ *    against the exploit:
+ *       Microsoft Security Bulletin MS04-028
+ *       Buffer Overrun in JPEG Processing (GDI+) Could
+ *       Allow Code Execution (833987)
+ *    Enabled with +inspect-jpegs in actions files.
+ *
+ *    Revision 1.56.2.8  2003/07/11 13:21:25  oes
+ *    Excluded text/plain objects from filtering. This fixes a
+ *    couple of client-crashing, download corruption and
+ *    Privoxy performance issues, whose root cause lies in
+ *    web servers labelling content of unknown type as text/plain.
+ *
+ *    Revision 1.56.2.7  2003/05/06 12:07:26  oes
+ *    Fixed bug #729900: Suspicious HOST: headers are now killed and regenerated if necessary
+ *
+ *    Revision 1.56.2.6  2003/04/14 21:28:30  oes
+ *    Completing the previous change
+ *
+ *    Revision 1.56.2.5  2003/04/14 12:08:16  oes
+ *    Added temporary workaround for bug in PHP < 4.2.3
+ *
+ *    Revision 1.56.2.4  2003/03/07 03:41:05  david__schmidt
+ *    Wrapping all *_r functions (the non-_r versions of them) with mutex semaphores for OSX.  Hopefully this will take care of all of those pesky crash reports.
+ *
+ *    Revision 1.56.2.3  2002/11/10 04:20:02  hal9
+ *    Fix typo: supressed -> suppressed
+ *
+ *    Revision 1.56.2.2  2002/09/25 14:59:53  oes
+ *    Improved cookie logging
+ *
+ *    Revision 1.56.2.1  2002/09/25 14:52:45  oes
+ *    Added basic support for OPTIONS and TRACE HTTP methods:
+ *     - New parser function client_max_forwards which decrements
+ *       the Max-Forwards HTTP header field of OPTIONS and TRACE
+ *       requests by one before forwarding
+ *     - New parser function client_host which extracts the host
+ *       and port information from the HTTP header field if the
+ *       request URI was not absolute
+ *     - Don't crumble and re-add the Host: header, but only generate
+ *       and append if missing
+ *
+ *    Revision 1.56  2002/05/12 15:34:22  jongfoster
+ *    Fixing typo in a comment
+ *
+ *    Revision 1.55  2002/05/08 16:01:07  oes
+ *    Optimized add_to_iob:
+ *     - Use realloc instead of malloc(), memcpy(), free()
+ *     - Expand to powers of two if possible, to get
+ *       O(log n) reallocs instead of O(n).
+ *     - Moved check for buffer limit here from chat
+ *     - Report failure via returncode
+ *
+ *    Revision 1.54  2002/04/02 15:03:16  oes
+ *    Tiny code cosmetics
+ *
+ *    Revision 1.53  2002/03/26 22:29:55  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.52  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.51  2002/03/13 00:27:05  jongfoster
+ *    Killing warnings
+ *
+ *    Revision 1.50  2002/03/12 01:45:35  oes
+ *    More verbose logging
+ *
+ *    Revision 1.49  2002/03/09 20:03:52  jongfoster
+ *    - Making various functions return int rather than size_t.
+ *      (Undoing a recent change).  Since size_t is unsigned on
+ *      Windows, functions like read_socket that return -1 on
+ *      error cannot return a size_t.
+ *
+ *      THIS WAS A MAJOR BUG - it caused frequent, unpredictable
+ *      crashes, and also frequently caused JB to jump to 100%
+ *      CPU and stay there.  (Because it thought it had just
+ *      read ((unsigned)-1) == 4Gb of data...)
+ *
+ *    - The signature of write_socket has changed, it now simply
+ *      returns success=0/failure=nonzero.
+ *
+ *    - Trying to get rid of a few warnings --with-debug on
+ *      Windows, I've introduced a new type "jb_socket".  This is
+ *      used for the socket file descriptors.  On Windows, this
+ *      is SOCKET (a typedef for unsigned).  Everywhere else, it's
+ *      an int.  The error value can't be -1 any more, so it's
+ *      now JB_INVALID_SOCKET (which is -1 on UNIX, and in
+ *      Windows it maps to the #define INVALID_SOCKET.)
+ *
+ *    - The signature of bind_port has changed.
+ *
+ *    Revision 1.48  2002/03/07 03:46:53  oes
+ *    Fixed compiler warnings etc
+ *
+ *    Revision 1.47  2002/02/20 23:15:13  jongfoster
+ *    Parsing functions now handle out-of-memory gracefully by returning
+ *    an error code.
+ *
+ *    Revision 1.46  2002/01/17 21:03:47  jongfoster
+ *    Moving all our URL and URL pattern parsing code to urlmatch.c.
+ *
+ *    Revision 1.45  2002/01/09 14:33:03  oes
+ *    Added support for localtime_r.
+ *
+ *    Revision 1.44  2001/12/14 01:22:54  steudten
+ *    Remove 'user:pass@' from 'proto://user:pass@host' for the
+ *    new added header 'Host: ..'. (See Req ID 491818)
+ *
+ *    Revision 1.43  2001/11/23 00:26:38  jongfoster
+ *    Fixing two really stupid errors in my previous commit
+ *
+ *    Revision 1.42  2001/11/22 21:59:30  jongfoster
+ *    Adding code to handle +no-cookies-keep
+ *
+ *    Revision 1.41  2001/11/05 23:43:05  steudten
+ *    Add time+date to log files.
+ *
+ *    Revision 1.40  2001/10/26 20:13:09  jongfoster
+ *    ctype.h is needed in Windows, too.
+ *
+ *    Revision 1.39  2001/10/26 17:40:04  oes
+ *    Introduced get_header_value()
+ *    Removed http->user_agent, csp->referrer and csp->accept_types
+ *    Removed client_accept()
+ *
+ *    Revision 1.38  2001/10/25 03:40:48  david__schmidt
+ *    Change in porting tactics: OS/2's EMX porting layer doesn't allow multiple
+ *    threads to call select() simultaneously.  So, it's time to do a real, live,
+ *    native OS/2 port.  See defines for __EMX__ (the porting layer) vs. __OS2__
+ *    (native). Both versions will work, but using __OS2__ offers multi-threading.
+ *
+ *    Revision 1.37  2001/10/23 21:36:02  jongfoster
+ *    Documenting sed()'s error behaviou (doc change only)
+ *
+ *    Revision 1.36  2001/10/13 12:51:51  joergs
+ *    Removed client_host, (was only required for the old 2.0.2-11 http://noijb.
+ *    force-load), instead crumble Host: and add it (again) in client_host_adder
+ *    (in case we get a HTTP/1.0 request without Host: header and forward it to
+ *    a HTTP/1.1 server/proxy).
+ *
+ *    Revision 1.35  2001/10/09 22:39:21  jongfoster
+ *    assert.h is also required under Win32, so moving out of #ifndef _WIN32
+ *    block.
+ *
+ *    Revision 1.34  2001/10/07 18:50:55  oes
+ *    Added server_content_encoding, renamed server_transfer_encoding
+ *
+ *    Revision 1.33  2001/10/07 18:04:49  oes
+ *    Changed server_http11 to server_http and its pattern to "HTTP".
+ *      Additional functionality: it now saves the HTTP status into
+ *      csp->http->status and sets CT_TABOO for Status 206 (partial range)
+ *
+ *    Revision 1.32  2001/10/07 15:43:28  oes
+ *    Removed FEATURE_DENY_GZIP and replaced it with client_accept_encoding,
+ *       client_te and client_accept_encoding_adder, triggered by the new
+ *       +no-compression action. For HTTP/1.1 the Accept-Encoding header is
+ *       changed to allow only identity and chunked, and the TE header is
+ *       crunched. For HTTP/1.0, Accept-Encoding is crunched.
+ *
+ *    parse_http_request no longer does anything than parsing. The rewriting
+ *      of http->cmd and version mangling are gone. It now also recognizes
+ *      the put and delete methods and saves the url in http->url. Removed
+ *      unused variable.
+ *
+ *    renamed content_type and content_length to have the server_ prefix
+ *
+ *    server_content_type now only works if csp->content_type != CT_TABOO
+ *
+ *    added server_transfer_encoding, which
+ *      - Sets CT_TABOO to prohibit filtering if encoding compresses
+ *      - Raises the CSP_FLAG_CHUNKED flag if Encoding is "chunked"
+ *      - Change from "chunked" to "identity" if body was chunked
+ *        but has been de-chunked for filtering.
+ *
+ *    added server_content_md5 which crunches any Content-MD5 headers
+ *      if the body was modified.
+ *
+ *    made server_http11 conditional on +downgrade action
+ *
+ *    Replaced 6 boolean members of csp with one bitmap (csp->flags)
+ *
+ *    Revision 1.31  2001/10/05 14:25:02  oes
+ *    Crumble Keep-Alive from Server
+ *
+ *    Revision 1.30  2001/09/29 12:56:03  joergs
+ *    IJB now changes HTTP/1.1 to HTTP/1.0 in requests and answers.
+ *
+ *    Revision 1.29  2001/09/24 21:09:24  jongfoster
+ *    Fixing 2 memory leaks that Guy spotted, where the paramater to
+ *    enlist() was not being free()d.
+ *
+ *    Revision 1.28  2001/09/22 16:32:28  jongfoster
+ *    Removing unused #includes.
+ *
+ *    Revision 1.27  2001/09/20 15:45:25  steudten
+ *
+ *    add casting from size_t to int for printf()
+ *    remove local variable shadow s2
+ *
+ *    Revision 1.26  2001/09/16 17:05:14  jongfoster
+ *    Removing unused #include showarg.h
+ *
+ *    Revision 1.25  2001/09/16 13:21:27  jongfoster
+ *    Changes to use new list functions.
+ *
+ *    Revision 1.24  2001/09/13 23:05:50  jongfoster
+ *    Changing the string paramater to the header parsers a "const".
+ *
+ *    Revision 1.23  2001/09/12 18:08:19  steudten
+ *
+ *    In parse_http_request() header rewriting miss the host value, so
+ *    from http://www.mydomain.com the result was just " / " not
+ *    http://www.mydomain.com/ in case we forward.
+ *
+ *    Revision 1.22  2001/09/10 10:58:53  oes
+ *    Silenced compiler warnings
+ *
+ *    Revision 1.21  2001/07/31 14:46:00  oes
+ *     - Persistant connections now suppressed
+ *     - sed() no longer appends empty header to csp->headers
+ *
+ *    Revision 1.20  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.19  2001/07/25 17:21:54  oes
+ *    client_uagent now saves copy of User-Agent: header value
+ *
+ *    Revision 1.18  2001/07/13 14:02:46  oes
+ *     - Included fix to repair broken HTTP requests that
+ *       don't contain a path, not even '/'.
+ *     - Removed all #ifdef PCRS
+ *     - content_type now always inspected and classified as
+ *       text, gif or other.
+ *     - formatting / comments
+ *
+ *    Revision 1.17  2001/06/29 21:45:41  oes
+ *    Indentation, CRLF->LF, Tab-> Space
+ *
+ *    Revision 1.16  2001/06/29 13:32:42  oes
+ *    - Fixed a comment
+ *    - Adapted free_http_request
+ *    - Removed logentry from cancelled commit
+ *
+ *    Revision 1.15  2001/06/03 19:12:38  oes
+ *    deleted const struct interceptors
+ *
+ *    Revision 1.14  2001/06/01 18:49:17  jongfoster
+ *    Replaced "list_share" with "list" - the tiny memory gain was not
+ *    worth the extra complexity.
+ *
+ *    Revision 1.13  2001/05/31 21:30:33  jongfoster
+ *    Removed list code - it's now in list.[ch]
+ *    Renamed "permission" to "action", and changed many features
+ *    to use the actions file rather than the global config.
+ *
+ *    Revision 1.12  2001/05/31 17:33:13  oes
+ *
+ *    CRLF -> LF
+ *
+ *    Revision 1.11  2001/05/29 20:11:19  joergs
+ *    '/ * inside comment' warning removed.
+ *
+ *    Revision 1.10  2001/05/29 09:50:24  jongfoster
+ *    Unified blocklist/imagelist/permissionslist.
+ *    File format is still under discussion, but the internal changes
+ *    are (mostly) done.
+ *
+ *    Also modified interceptor behaviour:
+ *    - We now intercept all URLs beginning with one of the following
+ *      prefixes (and *only* these prefixes):
+ *        * http://i.j.b/
+ *        * http://ijbswa.sf.net/config/
+ *        * http://ijbswa.sourceforge.net/config/
+ *    - New interceptors "home page" - go to http://i.j.b/ to see it.
+ *    - Internal changes so that intercepted and fast redirect pages
+ *      are not replaced with an image.
+ *    - Interceptors now have the option to send a binary page direct
+ *      to the client. (i.e. ijb-send-banner uses this)
+ *    - Implemented show-url-info interceptor.  (Which is why I needed
+ *      the above interceptors changes - a typical URL is
+ *      "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ *      The previous mechanism would not have intercepted that, and
+ *      if it had been intercepted then it then it would have replaced
+ *      it with an image.)
+ *
+ *    Revision 1.9  2001/05/28 17:26:33  jongfoster
+ *    Fixing segfault if last header was crunched.
+ *    Fixing Windows build (snprintf() is _snprintf() under Win32, but we
+ *    can use the cross-platform sprintf() instead.)
+ *
+ *    Revision 1.8  2001/05/27 22:17:04  oes
+ *
+ *    - re_process_buffer no longer writes the modified buffer
+ *      to the client, which was very ugly. It now returns the
+ *      buffer, which it is then written by chat.
+ *
+ *    - content_length now adjusts the Content-Length: header
+ *      for modified documents rather than crunch()ing it.
+ *      (Length info in csp->content_length, which is 0 for
+ *      unmodified documents)
+ *
+ *    - For this to work, sed() is called twice when filtering.
+ *
+ *    Revision 1.7  2001/05/27 13:19:06  oes
+ *    Patched Joergs solution for the content-length in.
+ *
+ *    Revision 1.6  2001/05/26 13:39:32  jongfoster
+ *    Only crunches Content-Length header if applying RE filtering.
+ *    Without this fix, Microsoft Windows Update wouldn't work.
+ *
+ *    Revision 1.5  2001/05/26 00:28:36  jongfoster
+ *    Automatic reloading of config file.
+ *    Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32).
+ *    Most of the global variables have been moved to a new
+ *    struct configuration_spec, accessed through csp->config->globalname
+ *    Most of the globals remaining are used by the Win32 GUI.
+ *
+ *    Revision 1.4  2001/05/22 18:46:04  oes
+ *
+ *    - Enabled filtering banners by size rather than URL
+ *      by adding patterns that replace all standard banner
+ *      sizes with the "Junkbuster" gif to the re_filterfile
+ *
+ *    - Enabled filtering WebBugs by providing a pattern
+ *      which kills all 1x1 images
+ *
+ *    - Added support for PCRE_UNGREEDY behaviour to pcrs,
+ *      which is selected by the (nonstandard and therefore
+ *      capital) letter 'U' in the option string.
+ *      It causes the quantifiers to be ungreedy by default.
+ *      Appending a ? turns back to greedy (!).
+ *
+ *    - Added a new interceptor ijb-send-banner, which
+ *      sends back the "Junkbuster" gif. Without imagelist or
+ *      MSIE detection support, or if tinygif = 1, or the
+ *      URL isn't recognized as an imageurl, a lame HTML
+ *      explanation is sent instead.
+ *
+ *    - Added new feature, which permits blocking remote
+ *      script redirects and firing back a local redirect
+ *      to the browser.
+ *      The feature is conditionally compiled, i.e. it
+ *      can be disabled with --disable-fast-redirects,
+ *      plus it must be activated by a "fast-redirects"
+ *      line in the config file, has its own log level
+ *      and of course wants to be displayed by show-proxy-args
+ *      Note: Boy, all the #ifdefs in 1001 locations and
+ *      all the fumbling with configure.in and acconfig.h
+ *      were *way* more work than the feature itself :-(
+ *
+ *    - Because a generic redirect template was needed for
+ *      this, tinygif = 3 now uses the same.
+ *
+ *    - Moved GIFs, and other static HTTP response templates
+ *      to project.h
+ *
+ *    - Some minor fixes
+ *
+ *    - Removed some >400 CRs again (Jon, you really worked
+ *      a lot! ;-)
+ *
+ *    Revision 1.3  2001/05/20 01:21:20  jongfoster
+ *    Version 2.9.4 checkin.
+ *    - Merged popupfile and cookiefile, and added control over PCRS
+ *      filtering, in new "permissionsfile".
+ *    - Implemented LOG_LEVEL_FATAL, so that if there is a configuration
+ *      file error you now get a message box (in the Win32 GUI) rather
+ *      than the program exiting with no explanation.
+ *    - Made killpopup use the PCRS MIME-type checking and HTTP-header
+ *      skipping.
+ *    - Removed tabs from "config"
+ *    - Moved duplicated url parsing code in "loaders.c" to a new funcition.
+ *    - Bumped up version number.
+ *
+ *    Revision 1.2  2001/05/17 23:02:36  oes
+ *     - Made referrer option accept 'L' as a substitute for '§'
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:59:01  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+#ifndef _WIN32
+#include <stdio.h>
+#include <sys/types.h>
+#endif
+
+#include <stdlib.h>
+#include <ctype.h>
+#include <assert.h>
+#include <string.h>
+
+#ifdef __GLIBC__
+/*
+ * Convince GNU's libc to provide a strptime prototype.
+ */
+#define __USE_XOPEN
+#endif /*__GLIBC__ */
+#include <time.h>
+
+#ifdef FEATURE_ZLIB
+#include <zlib.h>
+#endif
+
+#if !defined(_WIN32) && !defined(__OS2__)
+#include <unistd.h>
+#endif
+
+#include "project.h"
+
+#ifdef FEATURE_PTHREAD
+#include "jcc.h"
+/* jcc.h is for mutex semapores only */
+#endif /* def FEATURE_PTHREAD */
+#include "list.h"
+#include "parsers.h"
+#include "ssplit.h"
+#include "errlog.h"
+#include "jbsockets.h"
+#include "miscutil.h"
+#include "list.h"
+#include "actions.h"
+#include "filters.h"
+
+#ifndef HAVE_STRPTIME
+#include "strptime.h"
+#endif
+
+const char parsers_h_rcs[] = PARSERS_H_VERSION;
+
+/* Fix a problem with Solaris.  There should be no effect on other
+ * platforms.
+ * Solaris's isspace() is a macro which uses its argument directly
+ * as an array index.  Therefore we need to make sure that high-bit
+ * characters generate +ve values, and ideally we also want to make
+ * the argument match the declared parameter type of "int".
+ *
+ * Why did they write a character function that can't take a simple
+ * "char" argument?  Doh!
+ */
+#define ijb_isupper(__X) isupper((int)(unsigned char)(__X))
+#define ijb_tolower(__X) tolower((int)(unsigned char)(__X))
+
+static char *get_header_line(struct iob *iob);
+static jb_err scan_headers(struct client_state *csp);
+static jb_err header_tagger(struct client_state *csp, char *header);
+static jb_err parse_header_time(const char *header_time, time_t *result);
+
+static jb_err crumble                   (struct client_state *csp, char **header);
+static jb_err filter_header             (struct client_state *csp, char **header);
+static jb_err client_connection         (struct client_state *csp, char **header);
+static jb_err client_referrer           (struct client_state *csp, char **header);
+static jb_err client_uagent             (struct client_state *csp, char **header);
+static jb_err client_ua                 (struct client_state *csp, char **header);
+static jb_err client_from               (struct client_state *csp, char **header);
+static jb_err client_send_cookie        (struct client_state *csp, char **header);
+static jb_err client_x_forwarded        (struct client_state *csp, char **header);
+static jb_err client_accept_encoding    (struct client_state *csp, char **header);
+static jb_err client_te                 (struct client_state *csp, char **header);
+static jb_err client_max_forwards       (struct client_state *csp, char **header);
+static jb_err client_host               (struct client_state *csp, char **header);
+static jb_err client_if_modified_since  (struct client_state *csp, char **header);
+static jb_err client_accept_language    (struct client_state *csp, char **header);
+static jb_err client_if_none_match      (struct client_state *csp, char **header);
+static jb_err crunch_client_header      (struct client_state *csp, char **header);
+static jb_err client_x_filter           (struct client_state *csp, char **header);
+static jb_err client_range              (struct client_state *csp, char **header);
+static jb_err server_set_cookie         (struct client_state *csp, char **header);
+static jb_err server_connection         (struct client_state *csp, char **header);
+static jb_err server_content_type       (struct client_state *csp, char **header);
+static jb_err server_adjust_content_length(struct client_state *csp, char **header);
+static jb_err server_content_md5        (struct client_state *csp, char **header);
+static jb_err server_content_encoding   (struct client_state *csp, char **header);
+static jb_err server_transfer_coding    (struct client_state *csp, char **header);
+static jb_err server_http               (struct client_state *csp, char **header);
+static jb_err crunch_server_header      (struct client_state *csp, char **header);
+static jb_err server_last_modified      (struct client_state *csp, char **header);
+static jb_err server_content_disposition(struct client_state *csp, char **header);
+
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+static jb_err server_save_content_length(struct client_state *csp, char **header);
+#endif /* def FEATURE_CONNECTION_KEEP_ALIVE */
+
+static jb_err client_host_adder       (struct client_state *csp);
+static jb_err client_xtra_adder       (struct client_state *csp);
+static jb_err client_x_forwarded_for_adder(struct client_state *csp);
+static jb_err client_connection_header_adder(struct client_state *csp);
+static jb_err server_connection_close_adder(struct client_state *csp);
+
+static jb_err create_forged_referrer(char **header, const char *hostport);
+static jb_err create_fake_referrer(char **header, const char *fake_referrer);
+static jb_err handle_conditional_hide_referrer_parameter(char **header,
+   const char *host, const int parameter_conditional_block);
+static const char *get_appropiate_connection_header(const struct client_state *csp);
+
+/*
+ * List of functions to run on a list of headers.
+ */
+struct parsers
+{
+   /** The header prefix to match */
+   const char *str;
+   
+   /** The length of the prefix to match */
+   const size_t len;
+   
+   /** The function to apply to this line */
+   const parser_func_ptr parser;
+};
+
+static const struct parsers client_patterns[] = {
+   { "referer:",                  8,   client_referrer },
+   { "user-agent:",              11,   client_uagent },
+   { "ua-",                       3,   client_ua },
+   { "from:",                     5,   client_from },
+   { "cookie:",                   7,   client_send_cookie },
+   { "x-forwarded-for:",         16,   client_x_forwarded },
+   { "Accept-Encoding:",         16,   client_accept_encoding },
+   { "TE:",                       3,   client_te },
+   { "Host:",                     5,   client_host },
+   { "if-modified-since:",       18,   client_if_modified_since },
+   { "Keep-Alive:",              11,   crumble },
+   { "connection:",              11,   client_connection },
+   { "proxy-connection:",        17,   crumble },
+   { "max-forwards:",            13,   client_max_forwards },
+   { "Accept-Language:",         16,   client_accept_language },
+   { "if-none-match:",           14,   client_if_none_match },
+   { "Range:",                    6,   client_range },
+   { "Request-Range:",           14,   client_range },
+   { "If-Range:",                 9,   client_range },
+   { "X-Filter:",                 9,   client_x_filter },
+   { "*",                         0,   crunch_client_header },
+   { "*",                         0,   filter_header },
+   { NULL,                        0,   NULL }
+};
+
+static const struct parsers server_patterns[] = {
+   { "HTTP/",                     5, server_http },
+   { "set-cookie:",              11, server_set_cookie },
+   { "connection:",              11, server_connection },
+   { "Content-Type:",            13, server_content_type },
+   { "Content-MD5:",             12, server_content_md5 },
+   { "Content-Encoding:",        17, server_content_encoding },
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+   { "Content-Length:",          15, server_save_content_length },
+#endif /* def FEATURE_CONNECTION_KEEP_ALIVE */
+   { "Transfer-Encoding:",       18, server_transfer_coding },
+   { "Keep-Alive:",              11, crumble },
+   { "content-disposition:",     20, server_content_disposition },
+   { "Last-Modified:",           14, server_last_modified },
+   { "*",                         0, crunch_server_header },
+   { "*",                         0, filter_header },
+   { NULL,                        0, NULL }
+};
+
+static const add_header_func_ptr add_client_headers[] = {
+   client_host_adder,
+   client_x_forwarded_for_adder,
+   client_xtra_adder,
+   /* Temporarily disabled:    client_accept_encoding_adder, */
+   client_connection_header_adder,
+   NULL
+};
+
+static const add_header_func_ptr add_server_headers[] = {
+   server_connection_close_adder,
+   NULL
+};
+
+/*********************************************************************
+ *
+ * Function    :  flush_socket
+ *
+ * Description :  Write any pending "buffered" content.
+ *
+ * Parameters  :
+ *          1  :  fd = file descriptor of the socket to read
+ *          2  :  iob = The I/O buffer to flush, usually csp->iob.
+ *
+ * Returns     :  On success, the number of bytes written are returned (zero
+ *                indicates nothing was written).  On error, -1 is returned,
+ *                and errno is set appropriately.  If count is zero and the
+ *                file descriptor refers to a regular file, 0 will be
+ *                returned without causing any other effect.  For a special
+ *                file, the results are not portable.
+ *
+ *********************************************************************/
+long flush_socket(jb_socket fd, struct iob *iob)
+{
+   long len = iob->eod - iob->cur;
+
+   if (len <= 0)
+   {
+      return(0);
+   }
+
+   if (write_socket(fd, iob->cur, (size_t)len))
+   {
+      return(-1);
+   }
+   iob->eod = iob->cur = iob->buf;
+   return(len);
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  add_to_iob
+ *
+ * Description :  Add content to the buffered page, expanding the
+ *                buffer if necessary.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  buf = holds the content to be added to the page
+ *          3  :  n = number of bytes to be added
+ *
+ * Returns     :  JB_ERR_OK on success, JB_ERR_MEMORY if out-of-memory
+ *                or buffer limit reached.
+ *
+ *********************************************************************/
+jb_err add_to_iob(struct client_state *csp, char *buf, long n)
+{
+   struct iob *iob = csp->iob;
+   size_t used, offset, need, want;
+   char *p;
+
+   if (n <= 0) return JB_ERR_OK;
+
+   used   = (size_t)(iob->eod - iob->buf);
+   offset = (size_t)(iob->cur - iob->buf);
+   need   = used + (size_t)n + 1;
+
+   /*
+    * If the buffer can't hold the new data, extend it first.
+    * Use the next power of two if possible, else use the actual need.
+    */
+   if (need > csp->config->buffer_limit)
+   {
+      log_error(LOG_LEVEL_INFO,
+         "Buffer limit reached while extending the buffer (iob). Needed: %d. Limit: %d",
+         need, csp->config->buffer_limit);
+      return JB_ERR_MEMORY;
+   }
+
+   if (need > iob->size)
+   {
+      for (want = csp->iob->size ? csp->iob->size : 512; want <= need;) want *= 2;
+      
+      if (want <= csp->config->buffer_limit && NULL != (p = (char *)realloc(iob->buf, want)))
+      {
+         iob->size = want;
+      }
+      else if (NULL != (p = (char *)realloc(iob->buf, need)))
+      {
+         iob->size = need;
+      }
+      else
+      {
+         log_error(LOG_LEVEL_ERROR, "Extending the buffer (iob) failed: %E");
+         return JB_ERR_MEMORY;
+      }
+
+      /* Update the iob pointers */
+      iob->cur = p + offset;
+      iob->eod = p + used;
+      iob->buf = p;
+   }
+
+   /* copy the new data into the iob buffer */
+   memcpy(iob->eod, buf, (size_t)n);
+
+   /* point to the end of the data */
+   iob->eod += n;
+
+   /* null terminate == cheap insurance */
+   *iob->eod = '\0';
+
+   return JB_ERR_OK;
+
+}
+
+
+#ifdef FEATURE_ZLIB
+/*********************************************************************
+ *
+ * Function    :  decompress_iob
+ *
+ * Description :  Decompress buffered page, expanding the
+ *                buffer as necessary.  csp->iob->cur
+ *                should point to the the beginning of the
+ *                compressed data block.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  JB_ERR_OK on success,
+ *                JB_ERR_MEMORY if out-of-memory limit reached, and
+ *                JB_ERR_COMPRESS if error decompressing buffer.
+ *
+ *********************************************************************/
+jb_err decompress_iob(struct client_state *csp)
+{
+   char  *buf;       /* new, uncompressed buffer */
+   char  *cur;       /* Current iob position (to keep the original 
+                      * iob->cur unmodified if we return early) */
+   size_t bufsize;   /* allocated size of the new buffer */
+   size_t old_size;  /* Content size before decompression */
+   size_t skip_size; /* Number of bytes at the beginning of the iob
+                        that we should NOT decompress. */
+   int status;       /* return status of the inflate() call */
+   z_stream zstr;    /* used by calls to zlib */
+
+   assert(csp->iob->cur - csp->iob->buf > 0);
+   assert(csp->iob->eod - csp->iob->cur > 0);
+
+   bufsize = csp->iob->size;
+   skip_size = (size_t)(csp->iob->cur - csp->iob->buf);
+   old_size = (size_t)(csp->iob->eod - csp->iob->cur);
+
+   cur = csp->iob->cur;
+
+   if (bufsize < (size_t)10)
+   {
+      /*
+       * This is to protect the parsing of gzipped data,
+       * but it should(?) be valid for deflated data also.
+       */
+      log_error(LOG_LEVEL_ERROR, "Buffer too small decompressing iob");
+      return JB_ERR_COMPRESS;
+   }
+
+   if (csp->content_type & CT_GZIP)
+   {
+      /*
+       * Our task is slightly complicated by the facts that data
+       * compressed by gzip does not include a zlib header, and
+       * that there is no easily accessible interface in zlib to
+       * handle a gzip header. We strip off the gzip header by
+       * hand, and later inform zlib not to expect a header.
+       */
+
+      /*
+       * Strip off the gzip header. Please see RFC 1952 for more
+       * explanation of the appropriate fields.
+       */
+      if ((*cur++ != (char)0x1f)
+       || (*cur++ != (char)0x8b)
+       || (*cur++ != Z_DEFLATED))
+      {
+         log_error(LOG_LEVEL_ERROR, "Invalid gzip header when decompressing");
+         return JB_ERR_COMPRESS;
+      }
+      else
+      {
+         int flags = *cur++;
+         /*
+          * XXX: These magic numbers should be replaced
+          * with macros to give a better idea what they do.
+          */
+         if (flags & 0xe0)
+         {
+            /* The gzip header has reserved bits set; bail out. */
+            log_error(LOG_LEVEL_ERROR, "Invalid gzip header flags when decompressing");
+            return JB_ERR_COMPRESS;
+         }
+         cur += 6;
+
+         /* Skip extra fields if necessary. */
+         if (flags & 0x04)
+         {
+            /*
+             * Skip a given number of bytes, specified
+             * as a 16-bit little-endian value.
+             */
+            /*
+             * XXX: This code used to be:
+             * 
+             * csp->iob->cur += *csp->iob->cur++ + (*csp->iob->cur++ << 8);
+             *
+             * which I had to change into:
+             *
+             * cur += *cur++ + (*cur++ << 8);
+             *
+             * at which point gcc43 finally noticed that the value
+             * of cur is undefined (it depends on which of the
+             * summands is evaluated first).
+             *
+             * I haven't come across a site where this
+             * code is actually executed yet, but I hope
+             * it works anyway.
+             */
+            int skip_bytes;
+            skip_bytes = *cur++;
+            skip_bytes = *cur++ << 8;
+
+            assert(skip_bytes == *csp->iob->cur - 2 + ((*csp->iob->cur - 1) << 8));
+
+            /*
+             * The number of bytes to skip should be positive
+             * and we'd like to stay in the buffer.
+             */
+            if ((skip_bytes < 0) || (skip_bytes >= (csp->iob->eod - cur)))
+            {
+               log_error(LOG_LEVEL_ERROR,
+                  "Unreasonable amount of bytes to skip (%d). Stopping decompression",
+                  skip_bytes);
+               return JB_ERR_COMPRESS;
+            }
+            log_error(LOG_LEVEL_INFO,
+               "Skipping %d bytes for gzip compression. Does this sound right?",
+               skip_bytes);
+            cur += skip_bytes;
+         }
+
+         /* Skip the filename if necessary. */
+         if (flags & 0x08)
+         {
+            /* A null-terminated string is supposed to follow. */
+            while (*cur++ && (cur < csp->iob->eod));
+
+         }
+
+         /* Skip the comment if necessary. */
+         if (flags & 0x10)
+         {
+            /* A null-terminated string is supposed to follow. */
+            while (*cur++ && (cur < csp->iob->eod));
+         }
+
+         /* Skip the CRC if necessary. */
+         if (flags & 0x02)
+         {
+            cur += 2;
+         }
+
+         if (cur >= csp->iob->eod)
+         {
+            /*
+             * If the current position pointer reached or passed
+             * the buffer end, we were obviously tricked to skip
+             * too much.
+             */
+            log_error(LOG_LEVEL_ERROR,
+               "Malformed gzip header detected. Aborting decompression.");
+            return JB_ERR_COMPRESS;
+         }
+      }
+   }
+   else if (csp->content_type & CT_DEFLATE)
+   {
+      /*
+       * XXX: The debug level should be lowered
+       * before the next stable release.
+       */
+      log_error(LOG_LEVEL_INFO, "Decompressing deflated iob: %d", *cur);
+      /*
+       * In theory (that is, according to RFC 1950), deflate-compressed
+       * data should begin with a two-byte zlib header and have an
+       * adler32 checksum at the end. It seems that in practice only
+       * the raw compressed data is sent. Note that this means that
+       * we are not RFC 1950-compliant here, but the advantage is that
+       * this actually works. :)
+       *
+       * We add a dummy null byte to tell zlib where the data ends,
+       * and later inform it not to expect a header.
+       *
+       * Fortunately, add_to_iob() has thoughtfully null-terminated
+       * the buffer; we can just increment the end pointer to include
+       * the dummy byte.  
+       */
+      csp->iob->eod++;
+   }
+   else
+   {
+      log_error(LOG_LEVEL_ERROR,
+         "Unable to determine compression format for decompression");
+      return JB_ERR_COMPRESS;
+   }
+
+   /* Set up the fields required by zlib. */
+   zstr.next_in  = (Bytef *)cur;
+   zstr.avail_in = (unsigned int)(csp->iob->eod - cur);
+   zstr.zalloc   = Z_NULL;
+   zstr.zfree    = Z_NULL;
+   zstr.opaque   = Z_NULL;
+
+   /*
+    * Passing -MAX_WBITS to inflateInit2 tells the library
+    * that there is no zlib header.
+    */
+   if (inflateInit2 (&zstr, -MAX_WBITS) != Z_OK)
+   {
+      log_error(LOG_LEVEL_ERROR, "Error initializing decompression");
+      return JB_ERR_COMPRESS;
+   }
+
+   /*
+    * Next, we allocate new storage for the inflated data.
+    * We don't modify the existing iob yet, so in case there
+    * is error in decompression we can recover gracefully.
+    */
+   buf = zalloc(bufsize);
+   if (NULL == buf)
+   {
+      log_error(LOG_LEVEL_ERROR, "Out of memory decompressing iob");
+      return JB_ERR_MEMORY;
+   }
+
+   assert(bufsize >= skip_size);
+   memcpy(buf, csp->iob->buf, skip_size);
+   zstr.avail_out = bufsize - skip_size;
+   zstr.next_out  = (Bytef *)buf + skip_size;
+
+   /* Try to decompress the whole stream in one shot. */
+   while (Z_BUF_ERROR == (status = inflate(&zstr, Z_FINISH)))
+   {
+      /* We need to allocate more memory for the output buffer. */
+
+      char *tmpbuf;                /* used for realloc'ing the buffer */
+      size_t oldbufsize = bufsize; /* keep track of the old bufsize */
+
+      /*
+       * If zlib wants more data then there's a problem, because
+       * the complete compressed file should have been buffered.
+       */
+      if (0 == zstr.avail_in)
+      {
+         log_error(LOG_LEVEL_ERROR, "Unexpected end of compressed iob");
+         return JB_ERR_COMPRESS;
+      }
+
+      /*
+       * If we tried the limit and still didn't have enough
+       * memory, just give up.
+       */
+      if (bufsize == csp->config->buffer_limit)
+      {
+         log_error(LOG_LEVEL_ERROR, "Buffer limit reached while decompressing iob");
+         return JB_ERR_MEMORY;
+      }
+
+      /* Try doubling the buffer size each time. */
+      bufsize *= 2;
+
+      /* Don't exceed the buffer limit. */
+      if (bufsize > csp->config->buffer_limit)
+      {
+         bufsize = csp->config->buffer_limit;
+      }
+    
+      /* Try to allocate the new buffer. */
+      tmpbuf = realloc(buf, bufsize);
+      if (NULL == tmpbuf)
+      {
+         log_error(LOG_LEVEL_ERROR, "Out of memory decompressing iob");
+         freez(buf);
+         return JB_ERR_MEMORY;
+      }
+      else
+      {
+         char *oldnext_out = (char *)zstr.next_out;
+
+         /*
+          * Update the fields for inflate() to use the new
+          * buffer, which may be in a location different from
+          * the old one.
+          */
+         zstr.avail_out += bufsize - oldbufsize;
+         zstr.next_out   = (Bytef *)tmpbuf + bufsize - zstr.avail_out;
+
+         /*
+          * Compare with an uglier method of calculating these values
+          * that doesn't require the extra oldbufsize variable.
+          */
+         assert(zstr.avail_out == tmpbuf + bufsize - (char *)zstr.next_out);
+         assert((char *)zstr.next_out == tmpbuf + ((char *)oldnext_out - buf));
+         assert(zstr.avail_out > 0U);
+
+         buf = tmpbuf;
+      }
+   }
+
+   if (Z_STREAM_ERROR == inflateEnd(&zstr))
+   {
+      log_error(LOG_LEVEL_ERROR,
+         "Inconsistent stream state after decompression: %s", zstr.msg);
+      /*
+       * XXX: Intentionally no return.
+       *
+       * According to zlib.h, Z_STREAM_ERROR is returned
+       * "if the stream state was inconsistent".
+       *
+       * I assume in this case inflate()'s status
+       * would also be something different than Z_STREAM_END
+       * so this check should be redundant, but lets see.
+       */
+   }
+
+   if (status != Z_STREAM_END)
+   {
+      /* We failed to decompress the stream. */
+      log_error(LOG_LEVEL_ERROR,
+         "Error in decompressing to the buffer (iob): %s", zstr.msg);
+      return JB_ERR_COMPRESS;
+   }
+
+   /*
+    * Finally, we can actually update the iob, since the
+    * decompression was successful. First, free the old
+    * buffer.
+    */
+   freez(csp->iob->buf);
+
+   /* Now, update the iob to use the new buffer. */
+   csp->iob->buf  = buf;
+   csp->iob->cur  = csp->iob->buf + skip_size;
+   csp->iob->eod  = (char *)zstr.next_out;
+   csp->iob->size = bufsize;
+  
+   /*
+    * Make sure the new uncompressed iob obeys some minimal
+    * consistency conditions.
+    */
+   if ((csp->iob->buf <  csp->iob->cur)
+    && (csp->iob->cur <= csp->iob->eod)
+    && (csp->iob->eod <= csp->iob->buf + csp->iob->size))
+   {
+      const size_t new_size = (size_t)(csp->iob->eod - csp->iob->cur);
+      if (new_size > (size_t)0)
+      {
+         log_error(LOG_LEVEL_RE_FILTER,
+            "Decompression successful. Old size: %d, new size: %d.",
+            old_size, new_size);
+      }
+      else
+      {
+         /* zlib thinks this is OK, so lets do the same. */
+         log_error(LOG_LEVEL_INFO, "Decompression didn't result in any content.");
+      }
+   }
+   else
+   {
+      /* It seems that zlib did something weird. */
+      log_error(LOG_LEVEL_ERROR,
+         "Unexpected error decompressing the buffer (iob): %d==%d, %d>%d, %d<%d",
+         csp->iob->cur, csp->iob->buf + skip_size, csp->iob->eod, csp->iob->buf,
+         csp->iob->eod, csp->iob->buf + csp->iob->size);
+      return JB_ERR_COMPRESS;
+   }
+
+   return JB_ERR_OK;
+
+}
+#endif /* defined(FEATURE_ZLIB) */
+
+
+/*********************************************************************
+ *
+ * Function    :  string_move
+ *
+ * Description :  memmove wrapper to move the last part of a string
+ *                towards the beginning, overwriting the part in
+ *                the middle. strlcpy() can't be used here as the
+ *                strings overlap.
+ *
+ * Parameters  :
+ *          1  :  dst = Destination to overwrite
+ *          2  :  src = Source to move.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+static void string_move(char *dst, char *src)
+{
+   assert(dst < src);
+
+   /* +1 to copy the terminating nul as well. */
+   memmove(dst, src, strlen(src)+1);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  normalize_lws
+ *
+ * Description :  Reduces unquoted linear white space in headers
+ *                to a single space in accordance with RFC 2616 2.2.
+ *                This simplifies parsing and filtering later on.
+ *
+ *                XXX: Remove log messages before
+ *                     the next stable release?
+ *
+ * Parameters  :
+ *          1  :  header = A header with linear white space to reduce.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+static void normalize_lws(char *header)
+{
+   char *p = header;
+
+   while (*p != '\0')
+   {
+      if (ijb_isspace(*p) && ijb_isspace(*(p+1)))
+      {
+         char *q = p+1;
+
+         while (ijb_isspace(*q))
+         {
+            q++;
+         }
+         log_error(LOG_LEVEL_HEADER, "Reducing white space in '%s'", header);
+         string_move(p+1, q);
+      }
+
+      if (*p == '\t')
+      {
+         log_error(LOG_LEVEL_HEADER,
+            "Converting tab to space in '%s'", header);
+         *p = ' ';
+      }
+      else if (*p == '"')
+      {
+         char *end_of_token = strstr(p+1, "\"");
+
+         if (NULL != end_of_token)
+         {
+            /* Don't mess with quoted text. */
+            p = end_of_token;
+         }
+         else
+         {
+            log_error(LOG_LEVEL_HEADER,
+               "Ignoring single quote in '%s'", header);
+         }
+      }
+      p++;
+   }
+
+   p = strchr(header, ':');
+   if ((p != NULL) && (p != header) && ijb_isspace(*(p-1)))
+   {
+      /*
+       * There's still space before the colon.
+       * We don't want it.
+       */
+      string_move(p-1, p);
+   }
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_header
+ *
+ * Description :  This (odd) routine will parse the csp->iob
+ *                to get the next complete header.
+ *
+ * Parameters  :
+ *          1  :  iob = The I/O buffer to parse, usually csp->iob.
+ *
+ * Returns     :  Any one of the following:
+ *
+ * 1) a pointer to a dynamically allocated string that contains a header line
+ * 2) NULL  indicating that the end of the header was reached
+ * 3) ""    indicating that the end of the iob was reached before finding
+ *          a complete header line.
+ *
+ *********************************************************************/
+char *get_header(struct iob *iob)
+{
+   char *header;
+
+   header = get_header_line(iob);
+
+   if ((header == NULL) || (*header == '\0'))
+   {
+      /*
+       * No complete header read yet, tell the client.
+       */
+      return header;
+   }
+
+   while ((iob->cur[0] == ' ') || (iob->cur[0] == '\t'))
+   {
+      /*
+       * Header spans multiple lines, append the next one.
+       */
+      char *continued_header;
+      
+      continued_header = get_header_line(iob);
+      if ((continued_header == NULL) || (*continued_header == '\0'))
+      {
+         /*
+          * No complete header read yet, return what we got.
+          * XXX: Should "unread" header instead.
+          */
+         log_error(LOG_LEVEL_INFO,
+            "Failed to read a multi-line header properly: '%s'",
+            header);
+         break;
+      }
+
+      if (JB_ERR_OK != string_join(&header, continued_header))
+      {
+         log_error(LOG_LEVEL_FATAL,
+            "Out of memory while appending multiple headers.");
+      }
+      else
+      {
+         /* XXX: remove before next stable release. */
+         log_error(LOG_LEVEL_HEADER,
+            "Merged multiple header lines to: '%s'",
+            header);
+      }
+   }
+
+   normalize_lws(header);
+
+   return header;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_header_line
+ *
+ * Description :  This (odd) routine will parse the csp->iob
+ *                to get the next header line.
+ *
+ * Parameters  :
+ *          1  :  iob = The I/O buffer to parse, usually csp->iob.
+ *
+ * Returns     :  Any one of the following:
+ *
+ * 1) a pointer to a dynamically allocated string that contains a header line
+ * 2) NULL  indicating that the end of the header was reached
+ * 3) ""    indicating that the end of the iob was reached before finding
+ *          a complete header line.
+ *
+ *********************************************************************/
+static char *get_header_line(struct iob *iob)
+{
+   char *p, *q, *ret;
+
+   if ((iob->cur == NULL)
+      || ((p = strchr(iob->cur, '\n')) == NULL))
+   {
+      return(""); /* couldn't find a complete header */
+   }
+
+   *p = '\0';
+
+   ret = strdup(iob->cur);
+   if (ret == NULL)
+   {
+      /* FIXME No way to handle error properly */
+      log_error(LOG_LEVEL_FATAL, "Out of memory in get_header_line()");
+   }
+   assert(ret != NULL);
+
+   iob->cur = p+1;
+
+   if ((q = strchr(ret, '\r')) != NULL) *q = '\0';
+
+   /* is this a blank line (i.e. the end of the header) ? */
+   if (*ret == '\0')
+   {
+      freez(ret);
+      return NULL;
+   }
+
+   return ret;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_header_value
+ *
+ * Description :  Get the value of a given header from a chained list
+ *                of header lines or return NULL if no such header is
+ *                present in the list.
+ *
+ * Parameters  :
+ *          1  :  header_list = pointer to list
+ *          2  :  header_name = string with name of header to look for.
+ *                              Trailing colon required, capitalization
+ *                              doesn't matter.
+ *
+ * Returns     :  NULL if not found, else value of header
+ *
+ *********************************************************************/
+char *get_header_value(const struct list *header_list, const char *header_name)
+{
+   struct list_entry *cur_entry;
+   char *ret = NULL;
+   size_t length = 0;
+
+   assert(header_list);
+   assert(header_name);
+   length = strlen(header_name);
+
+   for (cur_entry = header_list->first; cur_entry ; cur_entry = cur_entry->next)
+   {
+      if (cur_entry->str)
+      {
+         if (!strncmpic(cur_entry->str, header_name, length))
+         {
+            /*
+             * Found: return pointer to start of value
+             */
+            ret = cur_entry->str + length;
+            while (*ret && ijb_isspace(*ret)) ret++;
+            return ret;
+         }
+      }
+   }
+
+   /* 
+    * Not found
+    */
+   return NULL;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  scan_headers
+ *
+ * Description :  Scans headers, applies tags and updates action bits. 
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  JB_ERR_OK
+ *
+ *********************************************************************/
+static jb_err scan_headers(struct client_state *csp)
+{
+   struct list_entry *h; /* Header */
+   jb_err err = JB_ERR_OK;
+
+   for (h = csp->headers->first; (err == JB_ERR_OK) && (h != NULL) ; h = h->next)
+   {
+      /* Header crunch()ed in previous run? -> ignore */
+      if (h->str == NULL) continue;
+      log_error(LOG_LEVEL_HEADER, "scan: %s", h->str);
+      err = header_tagger(csp, h->str);
+   }
+
+   return err;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  sed
+ *
+ * Description :  add, delete or modify lines in the HTTP header streams.
+ *                On entry, it receives a linked list of headers space
+ *                that was allocated dynamically (both the list nodes
+ *                and the header contents).
+ *
+ *                As a side effect it frees the space used by the original
+ *                header lines.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  filter_server_headers = Boolean to switch between
+ *                                        server and header filtering.
+ *
+ * Returns     :  JB_ERR_OK in case off success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err sed(struct client_state *csp, int filter_server_headers)
+{
+   /* XXX: use more descriptive names. */
+   struct list_entry *p;
+   const struct parsers *v;
+   const add_header_func_ptr *f;
+   jb_err err = JB_ERR_OK;
+
+   if (filter_server_headers)
+   {
+      v = server_patterns;
+      f = add_server_headers;
+   }
+   else
+   {
+      v = client_patterns;
+      f = add_client_headers;
+   }
+
+   scan_headers(csp);
+
+   while ((err == JB_ERR_OK) && (v->str != NULL))
+   {
+      for (p = csp->headers->first; (err == JB_ERR_OK) && (p != NULL); p = p->next)
+      {
+         /* Header crunch()ed in previous run? -> ignore */
+         if (p->str == NULL) continue;
+
+         /* Does the current parser handle this header? */
+         if ((strncmpic(p->str, v->str, v->len) == 0) ||
+             (v->len == CHECK_EVERY_HEADER_REMAINING))
+         {
+            err = v->parser(csp, &(p->str));
+         }
+      }
+      v++;
+   }
+
+   /* place additional headers on the csp->headers list */
+   while ((err == JB_ERR_OK) && (*f))
+   {
+      err = (*f)(csp);
+      f++;
+   }
+
+   return err;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  update_server_headers
+ *
+ * Description :  Updates server headers after the body has been modified.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  JB_ERR_OK in case off success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err update_server_headers(struct client_state *csp)
+{
+   jb_err err = JB_ERR_OK;
+
+   static const struct parsers server_patterns_light[] = {
+      { "Content-Length:",    15, server_adjust_content_length },
+      { "Transfer-Encoding:", 18, server_transfer_coding },
+#ifdef FEATURE_ZLIB
+      { "Content-Encoding:",  17, server_content_encoding },
+#endif /* def FEATURE_ZLIB */
+      { NULL,                  0, NULL }
+   };
+
+   if (strncmpic(csp->http->cmd, "HEAD", 4))
+   {
+      const struct parsers *v;
+      struct list_entry *p;
+
+      for (v = server_patterns_light; (err == JB_ERR_OK) && (v->str != NULL); v++)
+      {
+         for (p = csp->headers->first; (err == JB_ERR_OK) && (p != NULL); p = p->next)
+         {
+            /* Header crunch()ed in previous run? -> ignore */
+            if (p->str == NULL) continue;
+
+            /* Does the current parser handle this header? */
+            if (strncmpic(p->str, v->str, v->len) == 0)
+            {
+               err = v->parser(csp, (char **)&(p->str));
+            }
+         }
+      }
+   }
+
+   return err;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  header_tagger
+ *
+ * Description :  Executes all text substitutions from applying
+ *                tag actions and saves the result as tag.
+ *
+ *                XXX: Shares enough code with filter_header() and
+ *                pcrs_filter_response() to warrant some helper functions.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = Header that is used as tagger input
+ *
+ * Returns     :  JB_ERR_OK on success and always succeeds
+ *
+ *********************************************************************/
+static jb_err header_tagger(struct client_state *csp, char *header)
+{
+   int wanted_filter_type;
+   int multi_action_index;
+   int i;
+   pcrs_job *job;
+
+   struct file_list *fl;
+   struct re_filterfile_spec *b;
+   struct list_entry *tag_name;
+
+   int found_filters = 0;
+   const size_t header_length = strlen(header);
+
+   if (csp->flags & CSP_FLAG_CLIENT_HEADER_PARSING_DONE)
+   {
+      wanted_filter_type = FT_SERVER_HEADER_TAGGER;
+      multi_action_index = ACTION_MULTI_SERVER_HEADER_TAGGER;
+   }
+   else
+   {
+      wanted_filter_type = FT_CLIENT_HEADER_TAGGER;
+      multi_action_index = ACTION_MULTI_CLIENT_HEADER_TAGGER;
+   }
+
+   /* Check if there are any filters */
+   for (i = 0; i < MAX_AF_FILES; i++)
+   {
+      fl = csp->rlist[i];
+      if (NULL != fl)
+      {
+         if (NULL != fl->f)
+         {
+           found_filters = 1;
+           break;
+         }
+      }
+   }
+
+   if (0 == found_filters)
+   {
+      log_error(LOG_LEVEL_ERROR, "Inconsistent configuration: "
+         "tagging enabled, but no taggers available.");
+      return JB_ERR_OK;
+   }
+
+   for (i = 0; i < MAX_AF_FILES; i++)
+   {
+      fl = csp->rlist[i];
+      if ((NULL == fl) || (NULL == fl->f))
+      {
+         /*
+          * Either there are no filter files
+          * left, or this filter file just
+          * contains no valid filters.
+          *
+          * Continue to be sure we don't miss
+          * valid filter files that are chained
+          * after empty or invalid ones.
+          */
+         continue;
+      }
+
+      /* For all filters, */
+      for (b = fl->f; b; b = b->next)
+      {
+         if (b->type != wanted_filter_type)
+         {
+            /* skip the ones we don't care about, */
+            continue;
+         }
+         /* leaving only taggers that could apply, of which we use the ones, */
+         for (tag_name = csp->action->multi[multi_action_index]->first;
+              NULL != tag_name; tag_name = tag_name->next)
+         {
+            /* that do apply, and */
+            if (strcmp(b->name, tag_name->str) == 0)
+            {
+               char *modified_tag = NULL;
+               char *tag = header;
+               size_t size = header_length;
+               pcrs_job *joblist = b->joblist;
+
+               if (b->dynamic) joblist = compile_dynamic_pcrs_job_list(csp, b);
+
+               if (NULL == joblist)
+               {
+                  log_error(LOG_LEVEL_RE_FILTER,
+                     "Tagger %s has empty joblist. Nothing to do.", b->name);
+                  continue;
+               }
+
+               /* execute their pcrs_joblist on the header. */
+               for (job = joblist; NULL != job; job = job->next)
+               {
+                  const int hits = pcrs_execute(job, tag, size, &modified_tag, &size);
+
+                  if (0 < hits)
+                  {
+                     /* Success, continue with the modified version. */
+                     if (tag != header)
+                     {
+                        freez(tag);
+                     }
+                     tag = modified_tag;
+                  }
+                  else
+                  {
+                     /* Tagger doesn't match */
+                     if (0 > hits)
+                     {
+                        /* Regex failure, log it but continue anyway. */
+                        assert(NULL != header);
+                        log_error(LOG_LEVEL_ERROR,
+                           "Problems with tagger \'%s\' and header \'%s\': %s",
+                           b->name, *header, pcrs_strerror(hits));
+                     }
+                     freez(modified_tag);
+                  }
+               }
+
+               if (b->dynamic) pcrs_free_joblist(joblist);
+
+               /* If this tagger matched */
+               if (tag != header)
+               {
+                  if (0 == size)
+                  {
+                     /*
+                      * There is to technical limitation which makes
+                      * it impossible to use empty tags, but I assume
+                      * no one would do it intentionally.
+                      */
+                     freez(tag);
+                     log_error(LOG_LEVEL_INFO,
+                        "Tagger \'%s\' created an empty tag. Ignored.",
+                        b->name);
+                     continue;
+                  }
+ 
+                  if (!list_contains_item(csp->tags, tag))
+                  {
+                     if (JB_ERR_OK != enlist(csp->tags, tag))
+                     {
+                        log_error(LOG_LEVEL_ERROR,
+                           "Insufficient memory to add tag \'%s\', "
+                           "based on tagger \'%s\' and header \'%s\'",
+                           tag, b->name, *header);
+                     }
+                     else
+                     {
+                        char *action_message;
+                        /*
+                         * update the action bits right away, to make
+                         * tagging based on tags set by earlier taggers
+                         * of the same kind possible.
+                         */
+                        if (update_action_bits_for_tag(csp, tag))
+                        {
+                           action_message = "Action bits updated accordingly.";
+                        }
+                        else
+                        {
+                           action_message = "No action bits update necessary.";
+                        }
+
+                        log_error(LOG_LEVEL_HEADER,
+                           "Tagger \'%s\' added tag \'%s\'. %s",
+                           b->name, tag, action_message);
+                     }
+                  }
+                  else
+                  {
+                     /* XXX: Is this log-worthy? */
+                     log_error(LOG_LEVEL_HEADER,
+                        "Tagger \'%s\' didn't add tag \'%s\'. "
+                        "Tag already present", b->name, tag);
+                  }
+                  freez(tag);
+               } /* if the tagger matched */
+            } /* if the tagger applies */
+         } /* for every tagger that could apply */
+      } /* for all filters */
+   } /* for all filter files */
+
+   return JB_ERR_OK;
+}
+
+/* here begins the family of parser functions that reformat header lines */
+
+/*********************************************************************
+ *
+ * Function    :  filter_header
+ *
+ * Description :  Executes all text substitutions from all applying
+ *                +(server|client)-header-filter actions on the header.
+ *                Most of the code was copied from pcrs_filter_response,
+ *                including the rather short variable names
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success and always succeeds
+ *
+ *********************************************************************/
+static jb_err filter_header(struct client_state *csp, char **header)
+{
+   int hits=0;
+   int matches;
+   size_t size = strlen(*header);
+
+   char *newheader = NULL;
+   pcrs_job *job;
+
+   struct file_list *fl;
+   struct re_filterfile_spec *b;
+   struct list_entry *filtername;
+
+   int i, found_filters = 0;
+   int wanted_filter_type;
+   int multi_action_index;
+
+   if (csp->flags & CSP_FLAG_NO_FILTERING)
+   {
+      return JB_ERR_OK;
+   }
+
+   if (csp->flags & CSP_FLAG_CLIENT_HEADER_PARSING_DONE)
+   {
+      wanted_filter_type = FT_SERVER_HEADER_FILTER;
+      multi_action_index = ACTION_MULTI_SERVER_HEADER_FILTER;
+   }
+   else
+   {
+      wanted_filter_type = FT_CLIENT_HEADER_FILTER;
+      multi_action_index = ACTION_MULTI_CLIENT_HEADER_FILTER;
+   }
+
+   /*
+    * Need to check the set of re_filterfiles...
+    */
+   for (i = 0; i < MAX_AF_FILES; i++)
+   {
+      fl = csp->rlist[i];
+      if (NULL != fl)
+      {
+         if (NULL != fl->f)
+         {
+           found_filters = 1;
+           break;
+         }
+      }
+   }
+
+   if (0 == found_filters)
+   {
+      log_error(LOG_LEVEL_ERROR, "Inconsistent configuration: "
+         "header filtering enabled, but no matching filters available.");
+      return JB_ERR_OK;
+   }
+
+   for (i = 0; i < MAX_AF_FILES; i++)
+   {
+      fl = csp->rlist[i];
+      if ((NULL == fl) || (NULL == fl->f))
+      {
+         /*
+          * Either there are no filter files
+          * left, or this filter file just
+          * contains no valid filters.
+          *
+          * Continue to be sure we don't miss
+          * valid filter files that are chained
+          * after empty or invalid ones.
+          */
+         continue;
+      }
+      /*
+       * For all applying +filter actions, look if a filter by that
+       * name exists and if yes, execute its pcrs_joblist on the
+       * buffer.
+       */
+      for (b = fl->f; b; b = b->next)
+      {
+         if (b->type != wanted_filter_type)
+         {
+            /* Skip other filter types */
+            continue;
+         }
+
+         for (filtername = csp->action->multi[multi_action_index]->first;
+              filtername ; filtername = filtername->next)
+         {
+            if (strcmp(b->name, filtername->str) == 0)
+            {
+               int current_hits = 0;
+               pcrs_job *joblist = b->joblist;
+
+               if (b->dynamic) joblist = compile_dynamic_pcrs_job_list(csp, b);
+
+               if (NULL == joblist)
+               {
+                  log_error(LOG_LEVEL_RE_FILTER, "Filter %s has empty joblist. Nothing to do.", b->name);
+                  continue;
+               }
+
+               log_error(LOG_LEVEL_RE_FILTER, "filtering \'%s\' (size %d) with \'%s\' ...",
+                         *header, size, b->name);
+
+               /* Apply all jobs from the joblist */
+               for (job = joblist; NULL != job; job = job->next)
+               {
+                  matches = pcrs_execute(job, *header, size, &newheader, &size);
+                  if ( 0 < matches )
+                  {
+                     current_hits += matches; 
+                     log_error(LOG_LEVEL_HEADER, "Transforming \"%s\" to \"%s\"", *header, newheader);
+                     freez(*header);
+                     *header = newheader;
+                  }
+                  else if ( 0 == matches )
+                  {
+                     /* Filter doesn't change header */
+                     freez(newheader);
+                  }
+                  else
+                  {
+                     /* RegEx failure */
+                     log_error(LOG_LEVEL_ERROR, "Filtering \'%s\' with \'%s\' didn't work out: %s",
+                        *header, b->name, pcrs_strerror(matches));
+                     if (newheader != NULL)
+                     {
+                        log_error(LOG_LEVEL_ERROR, "Freeing what's left: %s", newheader);
+                        freez(newheader);
+                     }
+                  }
+               }
+
+               if (b->dynamic) pcrs_free_joblist(joblist);
+
+               log_error(LOG_LEVEL_RE_FILTER, "... produced %d hits (new size %d).", current_hits, size);
+               hits += current_hits;
+            }
+         }
+      }
+   }
+
+   /*
+    * Additionally checking for hits is important because if
+    * the continue hack is triggered, server headers can
+    * arrive empty to separate multiple heads from each other.
+    */
+   if ((0 == size) && hits)
+   {
+      log_error(LOG_LEVEL_HEADER, "Removing empty header %s", *header);
+      freez(*header);
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  server_connection
+ *
+ * Description :  Makes sure that the value of the Connection: header
+ *                is "close" and signals server_connection_close_adder 
+ *                to do nothing.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err server_connection(struct client_state *csp, char **header)
+{
+   char *old_header = *header;
+
+   /* Do we have a 'Connection: close' header? */
+   if (strcmpic(*header, "Connection: close"))
+   {
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+      if ((csp->config->feature_flags &
+           RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE)
+         && !strcmpic(*header, "Connection: keep-alive"))
+      {
+         /* Remember to keep the connection alive. */
+         csp->flags |= CSP_FLAG_SERVER_CONNECTION_KEEP_ALIVE;
+      }
+#endif /* FEATURE_CONNECTION_KEEP_ALIVE */
+
+      *header = strdup("Connection: close");
+      if (header == NULL)
+      { 
+         return JB_ERR_MEMORY;
+      }
+      log_error(LOG_LEVEL_HEADER, "Replaced: \'%s\' with \'%s\'", old_header, *header);
+      freez(old_header);
+   }
+
+   /* Signal server_connection_close_adder() to return early. */
+   csp->flags |= CSP_FLAG_SERVER_CONNECTION_CLOSE_SET;
+
+   return JB_ERR_OK;
+}
+
+/*********************************************************************
+ *
+ * Function    :  client_connection
+ *
+ * Description :  Makes sure a proper "Connection:" header is
+ *                set and signals connection_header_adder 
+ *                to do nothing.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err client_connection(struct client_state *csp, char **header)
+{
+   char *old_header = *header;
+   const char *wanted_header = get_appropiate_connection_header(csp);
+
+   if (strcmpic(*header, wanted_header))
+   {
+      *header = strdup(wanted_header);
+      if (header == NULL)
+      { 
+         return JB_ERR_MEMORY;
+      }
+      log_error(LOG_LEVEL_HEADER,
+         "Replaced: \'%s\' with \'%s\'", old_header, *header);
+      freez(old_header);
+   }
+
+   /* Signal client_connection_close_adder() to return early. */
+   csp->flags |= CSP_FLAG_CLIENT_CONNECTION_HEADER_SET;
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  crumble
+ *
+ * Description :  This is called if a header matches a pattern to "crunch"
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err crumble(struct client_state *csp, char **header)
+{
+   (void)csp;
+   log_error(LOG_LEVEL_HEADER, "crumble crunched: %s!", *header);
+   freez(*header);
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  crunch_server_header
+ *
+ * Description :  Crunch server header if it matches a string supplied by the
+ *                user. Called from `sed'.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success and always succeeds
+ *
+ *********************************************************************/
+static jb_err crunch_server_header(struct client_state *csp, char **header)
+{
+   const char *crunch_pattern;
+
+   /* Do we feel like crunching? */
+   if ((csp->action->flags & ACTION_CRUNCH_SERVER_HEADER))
+   {
+      crunch_pattern = csp->action->string[ACTION_STRING_SERVER_HEADER];
+
+      /* Is the current header the lucky one? */
+      if (strstr(*header, crunch_pattern))
+      {
+         log_error(LOG_LEVEL_HEADER, "Crunching server header: %s (contains: %s)", *header, crunch_pattern);  
+         freez(*header);
+      }
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  server_content_type
+ *
+ * Description :  Set the content-type for filterable types (text/.*,
+ *                .*xml.*, javascript and image/gif) unless filtering has been
+ *                forbidden (CT_TABOO) while parsing earlier headers.
+ *                NOTE: Since text/plain is commonly used by web servers
+ *                      for files whose correct type is unknown, we don't
+ *                      set CT_TEXT for it.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err server_content_type(struct client_state *csp, char **header)
+{
+   /* Remove header if it isn't the first Content-Type header */
+   if ((csp->content_type & CT_DECLARED))
+   {
+     /*
+      * Another, slightly slower, way to see if
+      * we already parsed another Content-Type header.
+      */
+      assert(NULL != get_header_value(csp->headers, "Content-Type:"));
+
+      log_error(LOG_LEVEL_ERROR,
+         "Multiple Content-Type headers. Removing and ignoring: \'%s\'",
+         *header);
+      freez(*header);
+
+      return JB_ERR_OK;
+   }
+
+   /*
+    * Signal that the Content-Type has been set.
+    */
+   csp->content_type |= CT_DECLARED;
+
+   if (!(csp->content_type & CT_TABOO))
+   {
+      /*
+       * XXX: The assumption that text/plain is a sign of
+       * binary data seems to be somewhat unreasonable nowadays
+       * and should be dropped after 3.0.8 is out.
+       */
+      if ((strstr(*header, "text/") && !strstr(*header, "plain"))
+        || strstr(*header, "xml")
+        || strstr(*header, "application/x-javascript"))
+      {
+         csp->content_type |= CT_TEXT;
+      }
+      else if (strstr(*header, "image/gif"))
+      {
+         csp->content_type |= CT_GIF;
+      }
+   }
+
+   /*
+    * Are we messing with the content type?
+    */
+   if (csp->action->flags & ACTION_CONTENT_TYPE_OVERWRITE)
+   {
+      /*
+       * Make sure the user doesn't accidently
+       * change the content type of binary documents. 
+       */
+      if ((csp->content_type & CT_TEXT) || (csp->action->flags & ACTION_FORCE_TEXT_MODE))
+      {
+         freez(*header);
+         *header = strdup("Content-Type: ");
+         string_append(header, csp->action->string[ACTION_STRING_CONTENT_TYPE]);
+
+         if (header == NULL)
+         {
+            log_error(LOG_LEVEL_HEADER, "Insufficient memory to replace Content-Type!");
+            return JB_ERR_MEMORY;
+         }
+         log_error(LOG_LEVEL_HEADER, "Modified: %s!", *header);
+      }
+      else
+      {
+         log_error(LOG_LEVEL_HEADER, "%s not replaced. "
+            "It doesn't look like a content type that should be filtered. "
+            "Enable force-text-mode if you know what you're doing.", *header);
+      }
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  server_transfer_coding
+ *
+ * Description :  - Prohibit filtering (CT_TABOO) if transfer coding compresses
+ *                - Raise the CSP_FLAG_CHUNKED flag if coding is "chunked"
+ *                - Remove header if body was chunked but has been
+ *                  de-chunked for filtering.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err server_transfer_coding(struct client_state *csp, char **header)
+{
+   /*
+    * Turn off pcrs and gif filtering if body compressed
+    */
+   if (strstr(*header, "gzip") || strstr(*header, "compress") || strstr(*header, "deflate"))
+   {
+#ifdef FEATURE_ZLIB
+      /*
+       * XXX: Added to test if we could use CT_GZIP and CT_DEFLATE here.
+       */
+      log_error(LOG_LEVEL_INFO, "Marking content type for %s as CT_TABOO because of %s.",
+         csp->http->cmd, *header);
+#endif /* def FEATURE_ZLIB */
+      csp->content_type = CT_TABOO;
+   }
+
+   /*
+    * Raise flag if body chunked
+    */
+   if (strstr(*header, "chunked"))
+   {
+      csp->flags |= CSP_FLAG_CHUNKED;
+
+      /*
+       * If the body was modified, it has been de-chunked first
+       * and the header must be removed.
+       *
+       * FIXME: If there is more than one transfer encoding,
+       * only the "chunked" part should be removed here.
+       */
+      if (csp->flags & CSP_FLAG_MODIFIED)
+      {
+         log_error(LOG_LEVEL_HEADER, "Removing: %s", *header);
+         freez(*header);
+      }
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  server_content_encoding
+ *
+ * Description :  This function is run twice for each request,
+ *                unless FEATURE_ZLIB and filtering are disabled.
+ *
+ *                The first run is used to check if the content
+ *                is compressed, if FEATURE_ZLIB is disabled
+ *                filtering is then disabled as well, if FEATURE_ZLIB
+ *                is enabled the content is marked for decompression.
+ *                
+ *                The second run is used to remove the Content-Encoding
+ *                header if the decompression was successful.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err server_content_encoding(struct client_state *csp, char **header)
+{
+#ifdef FEATURE_ZLIB
+   if ((csp->flags & CSP_FLAG_MODIFIED)
+    && (csp->content_type & (CT_GZIP | CT_DEFLATE)))
+   {
+      /*
+       * We successfully decompressed the content,
+       * and have to clean the header now, so the
+       * client no longer expects compressed data..
+       *
+       * XXX: There is a difference between cleaning
+       * and removing it completely.
+       */
+      log_error(LOG_LEVEL_HEADER, "Crunching: %s", *header);
+      freez(*header);
+   }
+   else if (strstr(*header, "gzip"))
+   {
+      /* Mark for gzip decompression */
+      csp->content_type |= CT_GZIP;
+   }
+   else if (strstr(*header, "deflate"))
+   {
+      /* Mark for zlib decompression */
+      csp->content_type |= CT_DEFLATE;
+   }
+   else if (strstr(*header, "compress"))
+   {
+      /*
+       * We can't decompress this; therefore we can't filter
+       * it either.
+       */
+      csp->content_type |= CT_TABOO;
+   }
+#else /* !defined(FEATURE_ZLIB) */
+   if (strstr(*header, "gzip") || strstr(*header, "compress") || strstr(*header, "deflate"))
+   {
+      /*
+       * Body is compressed, turn off pcrs and gif filtering.
+       */
+      csp->content_type |= CT_TABOO;
+
+      /*
+       * Log a warning if the user expects the content to be filtered.
+       */
+      if ((csp->rlist != NULL) &&
+         (!list_is_empty(csp->action->multi[ACTION_MULTI_FILTER])))
+      {
+         log_error(LOG_LEVEL_INFO,
+            "Compressed content detected, content filtering disabled. "
+            "Consider recompiling Privoxy with zlib support or "
+            "enable the prevent-compression action.");
+      }
+   }
+#endif /* defined(FEATURE_ZLIB) */
+
+   return JB_ERR_OK;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  server_adjust_content_length
+ *
+ * Description :  Adjust Content-Length header if we modified
+ *                the body.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err server_adjust_content_length(struct client_state *csp, char **header)
+{
+   const size_t max_header_length = 80;
+
+   /* Regenerate header if the content was modified. */
+   if (csp->flags & CSP_FLAG_MODIFIED)
+   {
+      freez(*header);
+      *header = (char *) zalloc(max_header_length);
+      if (*header == NULL)
+      {
+         return JB_ERR_MEMORY;
+      }
+
+      snprintf(*header, max_header_length, "Content-Length: %d",
+         (int)csp->content_length);
+      log_error(LOG_LEVEL_HEADER, "Adjusted Content-Length to %d",
+         (int)csp->content_length);
+   }
+
+   return JB_ERR_OK;
+}
+
+
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+/*********************************************************************
+ *
+ * Function    :  server_save_content_length
+ *
+ * Description :  Save the Content-Length sent by the server.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err server_save_content_length(struct client_state *csp, char **header)
+{
+   unsigned long long content_length = 0;
+
+   assert(*(*header+14) == ':');
+
+   if (1 != sscanf(*header+14, ": %llu", &content_length))
+   {
+      log_error(LOG_LEVEL_ERROR, "Crunching invalid header: %s", *header);
+      freez(*header);
+   }
+   else
+   {
+      csp->expected_content_length = content_length;
+      csp->flags |= CSP_FLAG_CONTENT_LENGTH_SET;
+   }
+
+   return JB_ERR_OK;
+}
+#endif /* def FEATURE_CONNECTION_KEEP_ALIVE */
+
+
+/*********************************************************************
+ *
+ * Function    :  server_content_md5
+ *
+ * Description :  Crumble any Content-MD5 headers if the document was
+ *                modified. FIXME: Should we re-compute instead?
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err server_content_md5(struct client_state *csp, char **header)
+{
+   if (csp->flags & CSP_FLAG_MODIFIED)
+   {
+      log_error(LOG_LEVEL_HEADER, "Crunching Content-MD5");
+      freez(*header);
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  server_content_disposition
+ *
+ * Description :  If enabled, blocks or modifies the "Content-Disposition" header.
+ *                Called from `sed'.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err server_content_disposition(struct client_state *csp, char **header)
+{
+   const char *newval;
+
+   /*
+    * Are we messing with the Content-Disposition header?
+    */
+   if ((csp->action->flags & ACTION_HIDE_CONTENT_DISPOSITION) == 0)
+   {
+      /* Me tinks not */
+      return JB_ERR_OK;
+   }
+
+   newval = csp->action->string[ACTION_STRING_CONTENT_DISPOSITION];
+
+   if ((newval == NULL) || (0 == strcmpic(newval, "block")))
+   {
+      /*
+       * Blocking content-disposition header
+       */
+      log_error(LOG_LEVEL_HEADER, "Crunching %s!", *header);
+      freez(*header);
+      return JB_ERR_OK;
+   }
+   else
+   {  
+      /*
+       * Replacing Content-Disposition header
+       */
+      freez(*header);
+      *header = strdup("Content-Disposition: ");
+      string_append(header, newval);
+
+      if (*header != NULL)
+      {
+         log_error(LOG_LEVEL_HEADER,
+            "Content-Disposition header crunched and replaced with: %s", *header);
+      }
+   }
+   return (*header == NULL) ? JB_ERR_MEMORY : JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  server_last_modified
+ *
+ * Description :  Changes Last-Modified header to the actual date
+ *                to help hide-if-modified-since.
+ *                Called from `sed'.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err server_last_modified(struct client_state *csp, char **header)
+{
+   const char *newval;
+   char buf[BUFFER_SIZE];
+
+   char newheader[50];
+#ifdef HAVE_GMTIME_R
+   struct tm gmt;
+#endif
+   struct tm *timeptr = NULL;
+   time_t now, last_modified;                  
+   long int rtime;
+   long int days, hours, minutes, seconds;
+   
+   /*
+    * Are we messing with the Last-Modified header?
+    */
+   if ((csp->action->flags & ACTION_OVERWRITE_LAST_MODIFIED) == 0)
+   {
+      /*Nope*/
+      return JB_ERR_OK;
+   }
+
+   newval = csp->action->string[ACTION_STRING_LAST_MODIFIED];
+
+   if (0 == strcmpic(newval, "block") )
+   {
+      /*
+       * Blocking Last-Modified header. Useless but why not.
+       */
+      log_error(LOG_LEVEL_HEADER, "Crunching %s!", *header);
+      freez(*header);
+      return JB_ERR_OK;
+   }
+   else if (0 == strcmpic(newval, "reset-to-request-time"))
+   {  
+      /*
+       * Setting Last-Modified Header to now.
+       */
+      get_http_time(0, buf, sizeof(buf));
+      freez(*header);
+      *header = strdup("Last-Modified: ");
+      string_append(header, buf);   
+
+      if (*header == NULL)
+      {
+         log_error(LOG_LEVEL_HEADER, "Insufficient memory. Last-Modified header got lost, boohoo.");  
+      }
+      else
+      {
+         log_error(LOG_LEVEL_HEADER, "Reset to present time: %s", *header);
+      }
+   }
+   else if (0 == strcmpic(newval, "randomize"))
+   {
+      const char *header_time = *header + sizeof("Last-Modified:");
+
+      log_error(LOG_LEVEL_HEADER, "Randomizing: %s", *header);
+      now = time(NULL);
+#ifdef HAVE_GMTIME_R
+      timeptr = gmtime_r(&now, &gmt);
+#elif FEATURE_PTHREAD
+      privoxy_mutex_lock(&gmtime_mutex);
+      timeptr = gmtime(&now);
+      privoxy_mutex_unlock(&gmtime_mutex);
+#else
+      timeptr = gmtime(&now);
+#endif
+      if (JB_ERR_OK != parse_header_time(header_time, &last_modified))
+      {
+         log_error(LOG_LEVEL_HEADER, "Couldn't parse: %s in %s (crunching!)", header_time, *header);
+         freez(*header);
+      }
+      else
+      {
+         rtime = (long int)difftime(now, last_modified);
+         if (rtime)
+         {
+            int negative = 0;
+
+            if (rtime < 0)
+            {
+               rtime *= -1; 
+               negative = 1;
+               log_error(LOG_LEVEL_HEADER, "Server time in the future.");
+            }
+            rtime = pick_from_range(rtime);
+            if (negative) rtime *= -1;
+            last_modified += rtime;
+#ifdef HAVE_GMTIME_R
+            timeptr = gmtime_r(&last_modified, &gmt);
+#elif FEATURE_PTHREAD
+            privoxy_mutex_lock(&gmtime_mutex);
+            timeptr = gmtime(&last_modified);
+            privoxy_mutex_unlock(&gmtime_mutex);
+#else
+            timeptr = gmtime(&last_modified);
+#endif
+            strftime(newheader, sizeof(newheader), "%a, %d %b %Y %H:%M:%S GMT", timeptr);
+            freez(*header);
+            *header = strdup("Last-Modified: ");
+            string_append(header, newheader);
+
+            if (*header == NULL)
+            {
+               log_error(LOG_LEVEL_ERROR, "Insufficient memory, header crunched without replacement.");
+               return JB_ERR_MEMORY;  
+            }
+
+            days    = rtime / (3600 * 24);
+            hours   = rtime / 3600 % 24;
+            minutes = rtime / 60 % 60;
+            seconds = rtime % 60;
+
+            log_error(LOG_LEVEL_HEADER,
+               "Randomized:  %s (added %d da%s %d hou%s %d minut%s %d second%s",
+               *header, days, (days == 1) ? "y" : "ys", hours, (hours == 1) ? "r" : "rs",
+               minutes, (minutes == 1) ? "e" : "es", seconds, (seconds == 1) ? ")" : "s)");
+         }
+         else
+         {
+            log_error(LOG_LEVEL_HEADER, "Randomized ... or not. No time difference to work with.");
+         }
+      }
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  client_accept_encoding
+ *
+ * Description :  Rewrite the client's Accept-Encoding header so that
+ *                if doesn't allow compression, if the action applies.
+ *                Note: For HTTP/1.0 the absence of the header is enough.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err client_accept_encoding(struct client_state *csp, char **header)
+{
+   if ((csp->action->flags & ACTION_NO_COMPRESSION) != 0)
+   {
+      log_error(LOG_LEVEL_HEADER, "Suppressed offer to compress content");
+
+      freez(*header);
+
+      /* Temporarily disable the correct behaviour to
+       * work around a PHP bug. 
+       *
+       * if (!strcmpic(csp->http->ver, "HTTP/1.1"))
+       * {
+       *    *header = strdup("Accept-Encoding: identity;q=1.0, *;q=0");
+       *    if (*header == NULL)
+       *    {
+       *       return JB_ERR_MEMORY;
+       *    }
+       * }
+       * 
+       */
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  client_te
+ *
+ * Description :  Rewrite the client's TE header so that
+ *                if doesn't allow compression, if the action applies.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err client_te(struct client_state *csp, char **header)
+{
+   if ((csp->action->flags & ACTION_NO_COMPRESSION) != 0)
+   {
+      freez(*header);
+      log_error(LOG_LEVEL_HEADER, "Suppressed offer to compress transfer");
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  client_referrer
+ *
+ * Description :  Handle the "referer" config setting properly.
+ *                Called from `sed'.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err client_referrer(struct client_state *csp, char **header)
+{
+   const char *parameter;
+   /* booleans for parameters we have to check multiple times */
+   int parameter_conditional_block;
+   int parameter_conditional_forge;
+ 
+#ifdef FEATURE_FORCE_LOAD
+   /*
+    * Since the referrer can include the prefix even
+    * if the request itself is non-forced, we must
+    * clean it unconditionally.
+    *
+    * XXX: strclean is too broad
+    */
+   strclean(*header, FORCE_PREFIX);
+#endif /* def FEATURE_FORCE_LOAD */
+
+   if ((csp->action->flags & ACTION_HIDE_REFERER) == 0)
+   {
+      /* Nothing left to do */
+      return JB_ERR_OK;
+   }
+
+   parameter = csp->action->string[ACTION_STRING_REFERER];
+   assert(parameter != NULL);
+   parameter_conditional_block = (0 == strcmpic(parameter, "conditional-block"));
+   parameter_conditional_forge = (0 == strcmpic(parameter, "conditional-forge"));
+
+   if (!parameter_conditional_block && !parameter_conditional_forge)
+   {
+      /*
+       * As conditional-block and conditional-forge are the only
+       * parameters that rely on the original referrer, we can
+       * remove it now for all the others.
+       */
+      freez(*header);
+   }
+
+   if (0 == strcmpic(parameter, "block"))
+   {
+      log_error(LOG_LEVEL_HEADER, "Referer crunched!");
+      return JB_ERR_OK;
+   }
+   else if (parameter_conditional_block || parameter_conditional_forge)
+   {
+      return handle_conditional_hide_referrer_parameter(header,
+         csp->http->hostport, parameter_conditional_block);
+   }
+   else if (0 == strcmpic(parameter, "forge"))
+   {
+      return create_forged_referrer(header, csp->http->hostport);
+   }
+   else
+   {
+      /* interpret parameter as user-supplied referer to fake */
+      return create_fake_referrer(header, parameter);
+   }
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  client_accept_language
+ *
+ * Description :  Handle the "Accept-Language" config setting properly.
+ *                Called from `sed'.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err client_accept_language(struct client_state *csp, char **header)
+{
+   const char *newval;
+
+   /*
+    * Are we messing with the Accept-Language?
+    */
+   if ((csp->action->flags & ACTION_HIDE_ACCEPT_LANGUAGE) == 0)
+   {
+      /*I don't think so*/
+      return JB_ERR_OK;
+   }
+
+   newval = csp->action->string[ACTION_STRING_LANGUAGE];
+
+   if ((newval == NULL) || (0 == strcmpic(newval, "block")) )
+   {
+      /*
+       * Blocking Accept-Language header
+       */
+      log_error(LOG_LEVEL_HEADER, "Crunching Accept-Language!");
+      freez(*header);
+      return JB_ERR_OK;
+   }
+   else
+   {  
+      /*
+       * Replacing Accept-Language header
+       */
+      freez(*header);
+      *header = strdup("Accept-Language: ");
+      string_append(header, newval);   
+
+      if (*header == NULL)
+      {
+         log_error(LOG_LEVEL_ERROR,
+            "Insufficient memory. Accept-Language header crunched without replacement.");  
+      }
+      else
+      {
+         log_error(LOG_LEVEL_HEADER,
+            "Accept-Language header crunched and replaced with: %s", *header);
+      }
+   }
+   return (*header == NULL) ? JB_ERR_MEMORY : JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  crunch_client_header
+ *
+ * Description :  Crunch client header if it matches a string supplied by the
+ *                user. Called from `sed'.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success and always succeeds
+ *
+ *********************************************************************/
+static jb_err crunch_client_header(struct client_state *csp, char **header)
+{
+   const char *crunch_pattern;
+
+   /* Do we feel like crunching? */
+   if ((csp->action->flags & ACTION_CRUNCH_CLIENT_HEADER))
+   {
+      crunch_pattern = csp->action->string[ACTION_STRING_CLIENT_HEADER];
+
+      /* Is the current header the lucky one? */
+      if (strstr(*header, crunch_pattern))
+      {
+         log_error(LOG_LEVEL_HEADER, "Crunching client header: %s (contains: %s)", *header, crunch_pattern);  
+         freez(*header);
+      }
+   }
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  client_uagent
+ *
+ * Description :  Handle the "user-agent" config setting properly
+ *                and remember its original value to enable browser
+ *                bug workarounds. Called from `sed'.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err client_uagent(struct client_state *csp, char **header)
+{
+   const char *newval;
+
+   if ((csp->action->flags & ACTION_HIDE_USER_AGENT) == 0)
+   {
+      return JB_ERR_OK;
+   }
+
+   newval = csp->action->string[ACTION_STRING_USER_AGENT];
+   if (newval == NULL)
+   {
+      return JB_ERR_OK;
+   }
+
+   freez(*header);
+   *header = strdup("User-Agent: ");
+   string_append(header, newval);
+
+   log_error(LOG_LEVEL_HEADER, "Modified: %s", *header);
+
+   return (*header == NULL) ? JB_ERR_MEMORY : JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  client_ua
+ *
+ * Description :  Handle "ua-" headers properly.  Called from `sed'.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err client_ua(struct client_state *csp, char **header)
+{
+   if ((csp->action->flags & ACTION_HIDE_USER_AGENT) != 0)
+   {
+      log_error(LOG_LEVEL_HEADER, "crunched User-Agent!");
+      freez(*header);
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  client_from
+ *
+ * Description :  Handle the "from" config setting properly.
+ *                Called from `sed'.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err client_from(struct client_state *csp, char **header)
+{
+   const char *newval;
+
+   if ((csp->action->flags & ACTION_HIDE_FROM) == 0)
+   {
+      return JB_ERR_OK;
+   }
+
+   freez(*header);
+
+   newval = csp->action->string[ACTION_STRING_FROM];
+
+   /*
+    * Are we blocking the e-mail address?
+    */
+   if ((newval == NULL) || (0 == strcmpic(newval, "block")) )
+   {
+      log_error(LOG_LEVEL_HEADER, "crunched From!");
+      return JB_ERR_OK;
+   }
+
+   log_error(LOG_LEVEL_HEADER, " modified");
+
+   *header = strdup("From: ");
+   string_append(header, newval);
+
+   return (*header == NULL) ? JB_ERR_MEMORY : JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  client_send_cookie
+ *
+ * Description :  Crunches the "cookie" header if necessary.
+ *                Called from `sed'.
+ *
+ *                XXX: Stupid name, doesn't send squat.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err client_send_cookie(struct client_state *csp, char **header)
+{
+   if (csp->action->flags & ACTION_NO_COOKIE_READ)
+   {
+      log_error(LOG_LEVEL_HEADER, "Crunched outgoing cookie: %s", *header);
+      freez(*header);
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  client_x_forwarded
+ *
+ * Description :  Handle the "x-forwarded-for" config setting properly,
+ *                also used in the add_client_headers list.  Called from `sed'.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+jb_err client_x_forwarded(struct client_state *csp, char **header)
+{
+   if (0 != (csp->action->flags & ACTION_CHANGE_X_FORWARDED_FOR))
+   {
+      const char *parameter = csp->action->string[ACTION_STRING_CHANGE_X_FORWARDED_FOR];
+
+      if (0 == strcmpic(parameter, "block"))
+      {
+         freez(*header);
+         log_error(LOG_LEVEL_HEADER, "crunched x-forwarded-for!");
+      }
+      else if (0 == strcmpic(parameter, "add"))
+      {
+         string_append(header, ", ");
+         string_append(header, csp->ip_addr_str);
+
+         if (*header == NULL)
+         {
+            return JB_ERR_MEMORY;
+         }
+         log_error(LOG_LEVEL_HEADER,
+            "Appended client IP address to %s", *header);
+         csp->flags |= CSP_FLAG_X_FORWARDED_FOR_APPENDED;
+      }
+      else
+      {
+         log_error(LOG_LEVEL_FATAL,
+            "Invalid change-x-forwarded-for parameter: '%s'", parameter);
+      }
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  client_max_forwards
+ *
+ * Description :  If the HTTP method is OPTIONS or TRACE, subtract one
+ *                from the value of the Max-Forwards header field.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err client_max_forwards(struct client_state *csp, char **header)
+{
+   int max_forwards;
+
+   if ((0 == strcmpic(csp->http->gpc, "trace")) ||
+       (0 == strcmpic(csp->http->gpc, "options")))
+   {
+      assert(*(*header+12) == ':');
+      if (1 == sscanf(*header+12, ": %d", &max_forwards))
+      {
+         if (max_forwards > 0)
+         {
+            snprintf(*header, strlen(*header)+1, "Max-Forwards: %d", --max_forwards);
+            log_error(LOG_LEVEL_HEADER,
+               "Max-Forwards value for %s request reduced to %d.",
+               csp->http->gpc, max_forwards);
+         }
+         else if (max_forwards < 0)
+         {
+            log_error(LOG_LEVEL_ERROR, "Crunching invalid header: %s", *header);
+            freez(*header);
+         }
+      }
+      else
+      {
+         log_error(LOG_LEVEL_ERROR, "Crunching invalid header: %s", *header);
+         freez(*header);
+      }
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  client_host
+ *
+ * Description :  If the request URI did not contain host and
+ *                port information, parse and evaluate the Host
+ *                header field.
+ *
+ *                Also, kill ill-formed HOST: headers as sent by
+ *                Apple's iTunes software when used with a proxy.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err client_host(struct client_state *csp, char **header)
+{
+   char *p, *q;
+
+   /*
+    * If the header field name is all upper-case, chances are that it's
+    * an ill-formed one from iTunes. BTW, killing innocent headers here is
+    * not a problem -- they are regenerated later.
+    */
+   if ((*header)[1] == 'O')
+   {
+      log_error(LOG_LEVEL_HEADER, "Killed all-caps Host header line: %s", *header);
+      freez(*header);
+      return JB_ERR_OK;
+   }
+
+   if (!csp->http->hostport || (*csp->http->hostport == '*') ||  
+       *csp->http->hostport == ' ' || *csp->http->hostport == '\0')
+   {
+      
+      if (NULL == (p = strdup((*header)+6)))
+      {
+         return JB_ERR_MEMORY;
+      }
+      chomp(p);
+      if (NULL == (q = strdup(p)))
+      {
+         freez(p);
+         return JB_ERR_MEMORY;
+      }
+
+      freez(csp->http->hostport);
+      csp->http->hostport = p;
+      freez(csp->http->host);
+      csp->http->host = q;
+      q = strchr(csp->http->host, ':');
+      if (q != NULL)
+      {
+         /* Terminate hostname and evaluate port string */
+         *q++ = '\0';
+         csp->http->port = atoi(q);
+      }
+      else
+      {
+         csp->http->port = csp->http->ssl ? 443 : 80;
+      }
+
+      log_error(LOG_LEVEL_HEADER, "New host and port from Host field: %s = %s:%d",
+                csp->http->hostport, csp->http->host, csp->http->port);
+   }
+
+   /* Signal client_host_adder() to return right away */
+   csp->flags |= CSP_FLAG_HOST_HEADER_IS_SET;
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  client_if_modified_since
+ *
+ * Description :  Remove or modify the If-Modified-Since header.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err client_if_modified_since(struct client_state *csp, char **header)
+{
+   char newheader[50];
+#ifdef HAVE_GMTIME_R
+   struct tm gmt;
+#endif
+   struct tm *timeptr = NULL;
+   time_t tm = 0;                  
+   const char *newval;
+   long int rtime;
+   long int hours, minutes, seconds;
+   int negative = 0;
+   char * endptr;
+   
+   if ( 0 == strcmpic(*header, "If-Modified-Since: Wed, 08 Jun 1955 12:00:00 GMT"))
+   {
+      /* 
+       * The client got an error message because of a temporary problem,
+       * the problem is gone and the client now tries to revalidate our
+       * error message on the real server. The revalidation would always
+       * end with the transmission of the whole document and there is
+       * no need to expose the bogus If-Modified-Since header.
+       */
+      log_error(LOG_LEVEL_HEADER, "Crunching useless If-Modified-Since header.");
+      freez(*header);
+   }
+   else if (csp->action->flags & ACTION_HIDE_IF_MODIFIED_SINCE)
+   {
+      newval = csp->action->string[ACTION_STRING_IF_MODIFIED_SINCE];
+
+      if ((0 == strcmpic(newval, "block")))
+      {
+         log_error(LOG_LEVEL_HEADER, "Crunching %s", *header);
+         freez(*header);
+      }
+      else /* add random value */
+      {
+         const char *header_time = *header + sizeof("If-Modified-Since:");
+
+         if (JB_ERR_OK != parse_header_time(header_time, &tm))
+         {
+            log_error(LOG_LEVEL_HEADER, "Couldn't parse: %s in %s (crunching!)", header_time, *header);
+            freez(*header);
+         }
+         else
+         {
+            rtime = strtol(newval, &endptr, 0);
+            if (rtime)
+            {
+               log_error(LOG_LEVEL_HEADER, "Randomizing: %s (random range: %d minut%s)",
+                  *header, rtime, (rtime == 1 || rtime == -1) ? "e": "es");
+               if (rtime < 0)
+               {
+                  rtime *= -1; 
+                  negative = 1;
+               }
+               rtime *= 60;
+               rtime = pick_from_range(rtime);
+            }
+            else
+            {
+               log_error(LOG_LEVEL_ERROR, "Random range is 0. Assuming time transformation test.",
+                  *header);
+            }
+            tm += rtime * (negative ? -1 : 1);
+#ifdef HAVE_GMTIME_R
+            timeptr = gmtime_r(&tm, &gmt);
+#elif FEATURE_PTHREAD
+            privoxy_mutex_lock(&gmtime_mutex);
+            timeptr = gmtime(&tm);
+            privoxy_mutex_unlock(&gmtime_mutex);
+#else
+            timeptr = gmtime(&tm);
+#endif
+            strftime(newheader, sizeof(newheader), "%a, %d %b %Y %H:%M:%S GMT", timeptr);
+
+            freez(*header);
+            *header = strdup("If-Modified-Since: ");
+            string_append(header, newheader);
+
+            if (*header == NULL)
+            {
+               log_error(LOG_LEVEL_HEADER, "Insufficient memory, header crunched without replacement.");
+               return JB_ERR_MEMORY;  
+            }
+
+            hours   = rtime / 3600;
+            minutes = rtime / 60 % 60;
+            seconds = rtime % 60;
+
+            log_error(LOG_LEVEL_HEADER,
+               "Randomized:  %s (%s %d hou%s %d minut%s %d second%s",
+               *header, (negative) ? "subtracted" : "added", hours,
+               (hours == 1) ? "r" : "rs", minutes, (minutes == 1) ? "e" : "es",
+               seconds, (seconds == 1) ? ")" : "s)");
+         }
+      }
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  client_if_none_match
+ *
+ * Description :  Remove the If-None-Match header.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err client_if_none_match(struct client_state *csp, char **header)
+{
+   if (csp->action->flags & ACTION_CRUNCH_IF_NONE_MATCH)
+   {  
+      log_error(LOG_LEVEL_HEADER, "Crunching %s", *header);
+      freez(*header);
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  client_x_filter
+ *
+ * Description :  Disables filtering if the client set "X-Filter: No".
+ *                Called from `sed'.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success
+ *
+ *********************************************************************/
+jb_err client_x_filter(struct client_state *csp, char **header)
+{
+   if ( 0 == strcmpic(*header, "X-Filter: No"))
+   {
+      if (!(csp->config->feature_flags & RUNTIME_FEATURE_HTTP_TOGGLE))
+      {
+         log_error(LOG_LEVEL_INFO, "Ignored the client's request to fetch without filtering.");
+      }
+      else
+      {
+         if (csp->action->flags & ACTION_FORCE_TEXT_MODE)
+         {
+            log_error(LOG_LEVEL_HEADER,
+               "force-text-mode overruled the client's request to fetch without filtering!");
+         }
+         else
+         {  
+            csp->content_type = CT_TABOO; /* XXX: This hack shouldn't be necessary */
+            csp->flags |= CSP_FLAG_NO_FILTERING;
+            log_error(LOG_LEVEL_HEADER, "Accepted the client's request to fetch without filtering.");
+         }
+         log_error(LOG_LEVEL_HEADER, "Crunching %s", *header);
+         freez(*header);
+      }
+   }
+   return JB_ERR_OK; 
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  client_range
+ *
+ * Description :  Removes Range, Request-Range and If-Range headers if
+ *                content filtering is enabled. If the client's version
+ *                of the document has been altered by Privoxy, the server
+ *                could interpret the range differently than the client
+ *                intended in which case the user could end up with
+ *                corrupted content.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK
+ *
+ *********************************************************************/
+static jb_err client_range(struct client_state *csp, char **header)
+{
+   if (content_filters_enabled(csp->action))
+   {
+      log_error(LOG_LEVEL_HEADER, "Content filtering is enabled."
+         " Crunching: \'%s\' to prevent range-mismatch problems.", *header);
+      freez(*header);
+   }
+
+   return JB_ERR_OK; 
+}
+
+/* the following functions add headers directly to the header list */
+
+/*********************************************************************
+ *
+ * Function    :  client_host_adder
+ *
+ * Description :  Adds the Host: header field if it is missing.
+ *                Called from `sed'.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err client_host_adder(struct client_state *csp)
+{
+   char *p;
+   jb_err err;
+
+   if (csp->flags & CSP_FLAG_HOST_HEADER_IS_SET)
+   {
+      /* Header already set by the client, nothing to do. */
+      return JB_ERR_OK;
+   }
+
+   if ( !csp->http->hostport || !*(csp->http->hostport))
+   {
+      /* XXX: When does this happen and why is it OK? */
+      log_error(LOG_LEVEL_INFO, "Weirdness in client_host_adder detected and ignored.");
+      return JB_ERR_OK;
+   }
+
+   /*
+    * remove 'user:pass@' from 'proto://user:pass@host'
+    */
+   if ( (p = strchr( csp->http->hostport, '@')) != NULL )
+   {
+      p++;
+   }
+   else
+   {
+      p = csp->http->hostport;
+   }
+
+   /* XXX: Just add it, we already made sure that it will be unique */
+   log_error(LOG_LEVEL_HEADER, "addh-unique: Host: %s", p);
+   err = enlist_unique_header(csp->headers, "Host", p);
+   return err;
+
+}
+
+
+#if 0
+/*********************************************************************
+ *
+ * Function    :  client_accept_encoding_adder
+ *
+ * Description :  Add an Accept-Encoding header to the client's request
+ *                that disables compression if the action applies, and
+ *                the header is not already there. Called from `sed'.
+ *                Note: For HTTP/1.0, the absence of the header is enough.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err client_accept_encoding_adder(struct client_state *csp)
+{
+   if (   ((csp->action->flags & ACTION_NO_COMPRESSION) != 0)
+       && (!strcmpic(csp->http->ver, "HTTP/1.1")) )
+   {
+      return enlist_unique(csp->headers, "Accept-Encoding: identity;q=1.0, *;q=0", 16);
+   }
+
+   return JB_ERR_OK;
+}
+#endif
+
+
+/*********************************************************************
+ *
+ * Function    :  client_xtra_adder
+ *
+ * Description :  Used in the add_client_headers list.  Called from `sed'.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err client_xtra_adder(struct client_state *csp)
+{
+   struct list_entry *lst;
+   jb_err err;
+
+   for (lst = csp->action->multi[ACTION_MULTI_ADD_HEADER]->first;
+        lst ; lst = lst->next)
+   {
+      log_error(LOG_LEVEL_HEADER, "addh: %s", lst->str);
+      err = enlist(csp->headers, lst->str);
+      if (err)
+      {
+         return err;
+      }
+
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  client_x_forwarded_for_adder
+ *
+ * Description :  Used in the add_client_headers list.  Called from `sed'.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err client_x_forwarded_for_adder(struct client_state *csp)
+{
+   char *header = NULL;
+   jb_err err;
+
+   if (!((csp->action->flags & ACTION_CHANGE_X_FORWARDED_FOR)
+         && (0 == strcmpic(csp->action->string[ACTION_STRING_CHANGE_X_FORWARDED_FOR], "add")))
+      || (csp->flags & CSP_FLAG_X_FORWARDED_FOR_APPENDED))
+   {
+      /*
+       * If we aren't adding X-Forwarded-For headers,
+       * or we already appended an existing X-Forwarded-For
+       * header, there's nothing left to do here.
+       */
+      return JB_ERR_OK;
+   }
+
+   header = strdup("X-Forwarded-For: ");
+   string_append(&header, csp->ip_addr_str);
+
+   if (header == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   log_error(LOG_LEVEL_HEADER, "addh: %s", header);
+   err = enlist(csp->headers, header);
+   freez(header);
+
+   return err;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  server_connection_close_adder
+ *
+ * Description :  "Temporary" fix for the needed but missing HTTP/1.1
+ *                support. Adds a "Connection: close" header to csp->headers
+ *                unless the header was already present. Called from `sed'.
+ *
+ *                FIXME: This whole function shouldn't be neccessary!
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err server_connection_close_adder(struct client_state *csp)
+{
+   const unsigned int flags = csp->flags;
+   const char *response_status_line = csp->headers->first->str;
+
+   if ((flags & CSP_FLAG_CLIENT_HEADER_PARSING_DONE)
+    && (flags & CSP_FLAG_SERVER_CONNECTION_CLOSE_SET))
+   {
+      return JB_ERR_OK;
+   }
+
+   /*
+    * XXX: if we downgraded the response, this check will fail.
+    */
+   if ((csp->config->feature_flags &
+        RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE)
+    && (NULL != response_status_line)
+    && !strncmpic(response_status_line, "HTTP/1.1", 8))
+   {
+      log_error(LOG_LEVEL_HEADER, "A HTTP/1.1 response "
+         "without Connection header implies keep-alive.");
+      csp->flags |= CSP_FLAG_SERVER_CONNECTION_KEEP_ALIVE;
+   }
+
+   log_error(LOG_LEVEL_HEADER, "Adding: Connection: close");
+
+   return enlist(csp->headers, "Connection: close");
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  client_connection_header_adder
+ *
+ * Description :  Adds a proper "Connection:" header to csp->headers
+ *                unless the header was already present. Called from `sed'.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err client_connection_header_adder(struct client_state *csp)
+{
+   const unsigned int flags = csp->flags;
+   const char *wanted_header = get_appropiate_connection_header(csp);
+
+   if (!(flags & CSP_FLAG_CLIENT_HEADER_PARSING_DONE)
+     && (flags & CSP_FLAG_CLIENT_CONNECTION_HEADER_SET))
+   {
+      return JB_ERR_OK;
+   }
+
+   log_error(LOG_LEVEL_HEADER, "Adding: %s", wanted_header);
+
+   return enlist(csp->headers, wanted_header);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  server_http
+ *
+ * Description :  - Save the HTTP Status into csp->http->status
+ *                - Set CT_TABOO to prevent filtering if the answer
+ *                  is a partial range (HTTP status 206)
+ *                - Rewrite HTTP/1.1 answers to HTTP/1.0 if +downgrade
+ *                  action applies.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err server_http(struct client_state *csp, char **header)
+{
+   sscanf(*header, "HTTP/%*d.%*d %d", &(csp->http->status));
+   if (csp->http->status == 206)
+   {
+      csp->content_type = CT_TABOO;
+   }
+
+   if ((csp->action->flags & ACTION_DOWNGRADE) != 0)
+   {
+      /* XXX: Should we do a real validity check here? */
+      if (strlen(*header) > 8)
+      {
+         (*header)[7] = '0';
+         log_error(LOG_LEVEL_HEADER, "Downgraded answer to HTTP/1.0");
+      }
+      else
+      {
+         /*
+          * XXX: Should we block the request or
+          * enlist a valid status code line here?
+          */
+         log_error(LOG_LEVEL_INFO, "Malformed server response detected. "
+            "Downgrading to HTTP/1.0 impossible.");
+      }
+   }
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  server_set_cookie
+ *
+ * Description :  Handle the server "cookie" header properly.
+ *                Log cookie to the jar file.  Then "crunch",
+ *                accept or rewrite it to a session cookie.
+ *                Called from `sed'.
+ *
+ *                TODO: Allow the user to specify a new expiration
+ *                time to cause the cookie to expire even before the
+ *                browser is closed.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  header = On input, pointer to header to modify.
+ *                On output, pointer to the modified header, or NULL
+ *                to remove the header.  This function frees the
+ *                original string if necessary.
+ *
+ * Returns     :  JB_ERR_OK on success, or
+ *                JB_ERR_MEMORY on out-of-memory error.
+ *
+ *********************************************************************/
+static jb_err server_set_cookie(struct client_state *csp, char **header)
+{
+   time_t now;
+   time_t cookie_time; 
+
+   time(&now);
+
+   if ((csp->action->flags & ACTION_NO_COOKIE_SET) != 0)
+   {
+      log_error(LOG_LEVEL_HEADER, "Crunching incoming cookie: %s", *header);
+      freez(*header);
+   }
+   else if ((csp->action->flags & ACTION_NO_COOKIE_KEEP) != 0)
+   {
+      /* Flag whether or not to log a message */
+      int changed = 0;
+
+      /* A variable to store the tag we're working on */
+      char *cur_tag;
+
+      /* Skip "Set-Cookie:" (11 characters) in header */
+      cur_tag = *header + 11;
+
+      /* skip whitespace between "Set-Cookie:" and value */
+      while (*cur_tag && ijb_isspace(*cur_tag))
+      {
+         cur_tag++;
+      }
+
+      /* Loop through each tag in the cookie */
+      while (*cur_tag)
+      {
+         /* Find next tag */
+         char *next_tag = strchr(cur_tag, ';');
+         if (next_tag != NULL)
+         {
+            /* Skip the ';' character itself */
+            next_tag++;
+
+            /* skip whitespace ";" and start of tag */
+            while (*next_tag && ijb_isspace(*next_tag))
+            {
+               next_tag++;
+            }
+         }
+         else
+         {
+            /* "Next tag" is the end of the string */
+            next_tag = cur_tag + strlen(cur_tag);
+         }
+
+         /*
+          * Check the expiration date to see
+          * if the cookie is still valid, if yes,
+          * rewrite it to a session cookie.
+          */
+         if ((strncmpic(cur_tag, "expires=", 8) == 0) && *(cur_tag + 8))
+         {
+            char *expiration_date = cur_tag + 8; /* Skip "[Ee]xpires=" */
+
+            /* Did we detect the date properly? */
+            if (JB_ERR_OK != parse_header_time(expiration_date, &cookie_time))
+            {
+               /*
+                * Nope, treat it as if it was still valid.
+                *
+                * XXX: Should we remove the whole cookie instead?
+                */
+               log_error(LOG_LEVEL_ERROR,
+                  "Can't parse \'%s\', send by %s. Unsupported time format?", cur_tag, csp->http->url);
+               string_move(cur_tag, next_tag);
+               changed = 1;
+            }
+            else
+            {
+               /*
+                * Yes. Check if the cookie is still valid.
+                *
+                * If the cookie is already expired it's probably
+                * a delete cookie and even if it isn't, the browser
+                * will discard it anyway.
+                */
+
+               /*
+                * XXX: timegm() isn't available on some AmigaOS
+                * versions and our replacement doesn't work.
+                *
+                * Our options are to either:
+                *
+                * - disable session-cookies-only completely if timegm
+                *   is missing,
+                *
+                * - to simply remove all expired tags, like it has
+                *   been done until Privoxy 3.0.6 and to live with
+                *    the consequence that it can cause login/logout
+                *   problems on servers that don't validate their
+                *   input properly, or
+                *
+                * - to replace it with mktime in which
+                *   case there is a slight chance of valid cookies
+                *   passing as already expired.
+                *
+                *   This is the way it's currently done and it's not
+                *   as bad as it sounds. If the missing GMT offset is
+                *   enough to change the result of the expiration check
+                *   the cookie will be only valid for a few hours
+                *   anyway, which in many cases will be shorter
+                *   than a browser session.
+                */
+               if (cookie_time - now < 0)
+               {
+                  log_error(LOG_LEVEL_HEADER,
+                     "Cookie \'%s\' is already expired and can pass unmodified.", *header);
+                  /* Just in case some clown sets more then one expiration date */
+                  cur_tag = next_tag;
+               }
+               else
+               {
+                  /*
+                   * Still valid, delete expiration date by copying
+                   * the rest of the string over it.
+                   */
+                  string_move(cur_tag, next_tag);
+
+                  /* That changed the header, need to issue a log message */
+                  changed = 1;
+
+                  /*
+                   * Note that the next tag has now been moved to *cur_tag,
+                   * so we do not need to update the cur_tag pointer.
+                   */
+               }
+            }
+
+         }
+         else
+         {
+            /* Move on to next cookie tag */
+            cur_tag = next_tag;
+         }
+      }
+
+      if (changed)
+      {
+         assert(NULL != *header);
+         log_error(LOG_LEVEL_HEADER, "Cookie rewritten to a temporary one: %s",
+            *header);
+      }
+   }
+
+   return JB_ERR_OK;
+}
+
+
+#ifdef FEATURE_FORCE_LOAD
+/*********************************************************************
+ *
+ * Function    :  strclean
+ *
+ * Description :  In-Situ-Eliminate all occurances of substring in
+ *                string
+ *
+ * Parameters  :
+ *          1  :  string = string to clean
+ *          2  :  substring = substring to eliminate
+ *
+ * Returns     :  Number of eliminations
+ *
+ *********************************************************************/
+int strclean(char *string, const char *substring)
+{
+   int hits = 0;
+   size_t len;
+   char *pos, *p;
+
+   len = strlen(substring);
+
+   while((pos = strstr(string, substring)) != NULL)
+   {
+      p = pos + len;
+      do
+      {
+         *(p - len) = *p;
+      }
+      while (*p++ != '\0');
+
+      hits++;
+   }
+
+   return(hits);
+}
+#endif /* def FEATURE_FORCE_LOAD */
+
+
+/*********************************************************************
+ *
+ * Function    :  parse_header_time
+ *
+ * Description :  Parses time formats used in HTTP header strings
+ *                to get the numerical respresentation.
+ *
+ * Parameters  :
+ *          1  :  header_time = HTTP header time as string. 
+ *          2  :  result = storage for header_time in seconds
+ *
+ * Returns     :  JB_ERR_OK if the time format was recognized, or
+ *                JB_ERR_PARSE otherwise.
+ *
+ *********************************************************************/
+static jb_err parse_header_time(const char *header_time, time_t *result)
+{
+   struct tm gmt;
+
+   /*
+    * Zero out gmt to prevent time zone offsets.
+    *
+    * While this is only necessary on some platforms
+    * (mingw32 for example), I don't know how to
+    * detect these automatically and doing it everywhere
+    * shouldn't hurt.
+    */
+   memset(&gmt, 0, sizeof(gmt));
+
+                            /* Tue, 02 Jun 2037 20:00:00 */
+   if ((NULL == strptime(header_time, "%a, %d %b %Y %H:%M:%S", &gmt))
+                            /* Tue, 02-Jun-2037 20:00:00 */
+    && (NULL == strptime(header_time, "%a, %d-%b-%Y %H:%M:%S", &gmt))
+                            /* Tue, 02-Jun-37 20:00:00 */
+    && (NULL == strptime(header_time, "%a, %d-%b-%y %H:%M:%S", &gmt))
+                        /* Tuesday, 02-Jun-2037 20:00:00 */
+    && (NULL == strptime(header_time, "%A, %d-%b-%Y %H:%M:%S", &gmt))
+                        /* Tuesday Jun 02 20:00:00 2037 */
+    && (NULL == strptime(header_time, "%A %b %d %H:%M:%S %Y", &gmt)))
+   {
+      return JB_ERR_PARSE;
+   }
+
+   *result = timegm(&gmt);
+
+   return JB_ERR_OK;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_destination_from_headers
+ *
+ * Description :  Parse the "Host:" header to get the request's destination.
+ *                Only needed if the client's request was forcefully
+ *                redirected into Privoxy.
+ *
+ *                Code mainly copied from client_host() which is currently
+ *                run too late for this purpose.
+ *
+ * Parameters  :
+ *          1  :  headers = List of headers (one of them hopefully being
+ *                the "Host:" header)
+ *          2  :  http = storage for the result (host, port and hostport). 
+ *
+ * Returns     :  JB_ERR_MEMORY in case of memory problems,
+ *                JB_ERR_PARSE if the host header couldn't be found,
+ *                JB_ERR_OK otherwise.
+ *
+ *********************************************************************/
+jb_err get_destination_from_headers(const struct list *headers, struct http_request *http)
+{
+   char *q;
+   char *p;
+   char *host;
+
+   host = get_header_value(headers, "Host:");
+
+   if (NULL == host)
+   {
+      log_error(LOG_LEVEL_ERROR, "No \"Host:\" header found.");
+      return JB_ERR_PARSE;
+   }
+
+   if (NULL == (p = strdup((host))))
+   {
+      log_error(LOG_LEVEL_ERROR, "Out of memory while parsing \"Host:\" header");
+      return JB_ERR_MEMORY;
+   }
+   chomp(p);
+   if (NULL == (q = strdup(p)))
+   {
+      freez(p);
+      log_error(LOG_LEVEL_ERROR, "Out of memory while parsing \"Host:\" header");
+      return JB_ERR_MEMORY;
+   }
+
+   freez(http->hostport);
+   http->hostport = p;
+   freez(http->host);
+   http->host = q;
+   q = strchr(http->host, ':');
+   if (q != NULL)
+   {
+      /* Terminate hostname and evaluate port string */
+      *q++ = '\0';
+      http->port = atoi(q);
+   }
+   else
+   {
+      http->port = http->ssl ? 443 : 80;
+   }
+
+   /* Rebuild request URL */
+   freez(http->url);
+   http->url = strdup(http->ssl ? "https://" : "http://");
+   string_append(&http->url, http->hostport);
+   string_append(&http->url, http->path);
+   if (http->url == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   log_error(LOG_LEVEL_HEADER, "Destination extracted from \"Host:\" header. New request URL: %s",
+      http->url);
+
+   return JB_ERR_OK;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  create_forged_referrer
+ *
+ * Description :  Helper for client_referrer to forge a referer as
+ *                'http://[hostname:port/' to fool stupid
+ *                checks for in-site links 
+ *
+ * Parameters  :
+ *          1  :  header   = Pointer to header pointer
+ *          2  :  hostport = Host and optionally port as string
+ *
+ * Returns     :  JB_ERR_OK in case of success, or
+ *                JB_ERR_MEMORY in case of memory problems.
+ *
+ *********************************************************************/
+static jb_err create_forged_referrer(char **header, const char *hostport)
+{
+    assert(NULL == *header);
+
+    *header = strdup("Referer: http://");
+    string_append(header, hostport);
+    string_append(header, "/");
+
+    if (NULL == *header)
+    {
+       return JB_ERR_MEMORY;
+    }
+
+    log_error(LOG_LEVEL_HEADER, "Referer forged to: %s", *header);
+
+    return JB_ERR_OK;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  create_fake_referrer
+ *
+ * Description :  Helper for client_referrer to create a fake referrer
+ *                based on a string supplied by the user.
+ *
+ * Parameters  :
+ *          1  :  header   = Pointer to header pointer
+ *          2  :  hosthost = Referrer to fake
+ *
+ * Returns     :  JB_ERR_OK in case of success, or
+ *                JB_ERR_MEMORY in case of memory problems.
+ *
+ *********************************************************************/
+static jb_err create_fake_referrer(char **header, const char *fake_referrer)
+{
+   assert(NULL == *header);
+
+   if ((0 != strncmpic(fake_referrer, "http://", 7)) && (0 != strncmpic(fake_referrer, "https://", 8)))
+   {
+      log_error(LOG_LEVEL_HEADER,
+         "Parameter: +hide-referrer{%s} is a bad idea, but I don't care.", fake_referrer);
+   }
+   *header = strdup("Referer: ");
+   string_append(header, fake_referrer);
+
+   if (NULL == *header)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   log_error(LOG_LEVEL_HEADER, "Referer replaced with: %s", *header);
+
+   return JB_ERR_OK;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  handle_conditional_hide_referrer_parameter
+ *
+ * Description :  Helper for client_referrer to crunch or forge
+ *                the referrer header if the host has changed.
+ *
+ * Parameters  :
+ *          1  :  header = Pointer to header pointer
+ *          2  :  host   = The target host (may include the port)
+ *          3  :  parameter_conditional_block = Boolean to signal
+ *                if we're in conditional-block mode. If not set,
+ *                we're in conditional-forge mode.
+ *
+ * Returns     :  JB_ERR_OK in case of success, or
+ *                JB_ERR_MEMORY in case of memory problems.
+ *
+ *********************************************************************/
+static jb_err handle_conditional_hide_referrer_parameter(char **header,
+   const char *host, const int parameter_conditional_block)
+{
+   char *referer = strdup(*header);
+   const size_t hostlenght = strlen(host);
+   const char *referer_url = NULL;
+
+   if (NULL == referer)
+   {
+      freez(*header);
+      return JB_ERR_MEMORY;
+   }
+
+   /* referer begins with 'Referer: http[s]://' */
+   if ((hostlenght+17) < strlen(referer))
+   {
+      /*
+       * Shorten referer to make sure the referer is blocked
+       * if www.example.org/www.example.com-shall-see-the-referer/
+       * links to www.example.com/
+       */
+      referer[hostlenght+17] = '\0';
+   }
+   referer_url = strstr(referer, "http://");
+   if ((NULL == referer_url) || (NULL == strstr(referer_url, host)))
+   {
+      /* Host has changed, Referer is invalid or a https URL. */
+      if (parameter_conditional_block)
+      {
+         log_error(LOG_LEVEL_HEADER, "New host is: %s. Crunching %s!", host, *header);
+         freez(*header);
+      }
+      else
+      {
+         freez(*header);
+         freez(referer);
+         return create_forged_referrer(header, host);
+      }
+   }
+   freez(referer);
+
+   return JB_ERR_OK;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  get_appropiate_connection_header
+ *
+ * Description :  Returns an appropiate Connection header
+ *                depending on whether or not we try to keep
+ *                the connection to the server alive.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *
+ * Returns     :  Pointer to statically allocated header buffer.
+ *
+ *********************************************************************/
+static const char *get_appropiate_connection_header(const struct client_state *csp)
+{
+   static const char connection_keep_alive[] = "Connection: keep-alive";
+   static const char connection_close[] = "Connection: close";
+
+   if ((csp->config->feature_flags & RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE)
+    && (csp->http->ssl == 0))
+   {
+      return connection_keep_alive;
+   }
+   return connection_close;
+}
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/parsers.c.rej b/external/privoxy/parsers.c.rej
new file mode 100644
index 0000000..84b4ba7
--- /dev/null
+++ b/external/privoxy/parsers.c.rej
@@ -0,0 +1,16 @@
+***************
+*** 986,991 ****
+  const add_header_func_ptr add_client_headers[] = {
+     client_host_adder,
+     client_cookie_adder,
+     client_xtra_adder,
+     /* Temporarily disabled:    client_accept_encoding_adder, */
+     connection_close_adder,
+--- 983,989 ----
+  const add_header_func_ptr add_client_headers[] = {
+     client_host_adder,
+     client_cookie_adder,
++    client_x_forwarded_adder,
+     client_xtra_adder,
+     /* Temporarily disabled:    client_accept_encoding_adder, */
+     connection_close_adder,
diff --git a/external/privoxy/parsers.h b/external/privoxy/parsers.h
new file mode 100644
index 0000000..cf70be4
--- /dev/null
+++ b/external/privoxy/parsers.h
@@ -0,0 +1,323 @@
+#ifndef PARSERS_H_INCLUDED
+#define PARSERS_H_INCLUDED
+#define PARSERS_H_VERSION "$Id: parsers.h,v 1.49 2009/03/13 14:10:07 fabiankeil Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/parsers.h,v $
+ *
+ * Purpose     :  Declares functions to parse/crunch headers and pages.
+ *                Functions declared include:
+ *                   `add_to_iob', `client_cookie_adder', `client_from',
+ *                   `client_referrer', `client_send_cookie', `client_ua',
+ *                   `client_uagent', `client_x_forwarded',
+ *                   `client_x_forwarded_adder', `client_xtra_adder',
+ *                   `content_type', `crumble', `destroy_list', `enlist',
+ *                   `flush_socket', `free_http_request', `get_header',
+ *                   `list_to_text', `parse_http_request', `sed',
+ *                   and `server_set_cookie'.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: parsers.h,v $
+ *    Revision 1.49  2009/03/13 14:10:07  fabiankeil
+ *    Fix some more harmless warnings on amd64.
+ *
+ *    Revision 1.48  2008/05/30 15:57:23  fabiankeil
+ *    Remove now-useless reference to debug.
+ *
+ *    Revision 1.47  2008/05/21 20:12:11  fabiankeil
+ *    The whole point of strclean() is to modify the
+ *    first parameter, so don't mark it immutable,
+ *    even though the compiler lets us get away with it.
+ *
+ *    Revision 1.46  2008/05/21 15:47:14  fabiankeil
+ *    Streamline sed()'s prototype and declare
+ *    the header parse and add structures static.
+ *
+ *    Revision 1.45  2008/05/20 20:13:30  fabiankeil
+ *    Factor update_server_headers() out of sed(), ditch the
+ *    first_run hack and make server_patterns_light static.
+ *
+ *    Revision 1.44  2008/05/20 16:05:09  fabiankeil
+ *    Move parsers structure definition from project.h to parsers.h.
+ *
+ *    Revision 1.43  2008/05/10 13:23:38  fabiankeil
+ *    Don't provide get_header() with the whole client state
+ *    structure when it only needs access to csp->iob.
+ *
+ *    Revision 1.42  2008/04/17 14:40:49  fabiankeil
+ *    Provide get_http_time() with the buffer size so it doesn't
+ *    have to blindly assume that the buffer is big enough.
+ *
+ *    Revision 1.41  2008/04/16 16:38:21  fabiankeil
+ *    Don't pass the whole csp structure to flush_socket()
+ *    when it only needs a file descriptor and a buffer.
+ *
+ *    Revision 1.40  2007/08/11 14:47:26  fabiankeil
+ *    Remove the prototypes for functions that are only
+ *    used in parsers.c and thus should be static.
+ *
+ *    Revision 1.39  2007/06/01 16:31:55  fabiankeil
+ *    Change sed() to return a jb_err in preparation for forward-override{}.
+ *
+ *    Revision 1.38  2007/03/25 14:27:11  fabiankeil
+ *    Let parse_header_time() return a jb_err code
+ *    instead of a pointer that can only be used to
+ *    check for NULL anyway.
+ *
+ *    Revision 1.37  2007/03/20 15:22:17  fabiankeil
+ *    - Remove filter_client_header() and filter_client_header(),
+ *      filter_header() now checks the shiny new
+ *      CSP_FLAG_CLIENT_HEADER_PARSING_DONE flag instead.
+ *
+ *    Revision 1.36  2007/03/05 13:25:32  fabiankeil
+ *    - Cosmetical changes for LOG_LEVEL_RE_FILTER messages.
+ *    - Handle "Cookie:" and "Connection:" headers a bit smarter
+ *      (don't crunch them just to recreate them later on).
+ *    - Add another non-standard time format for the cookie
+ *      expiration date detection.
+ *    - Fix a valgrind warning.
+ *
+ *    Revision 1.35  2007/01/01 19:36:37  fabiankeil
+ *    Integrate a modified version of Wil Mahan's
+ *    zlib patch (PR #895531).
+ *
+ *    Revision 1.34  2006/12/29 19:08:22  fabiankeil
+ *    Reverted parts of my last commit
+ *    to keep error handling working.
+ *
+ *    Revision 1.33  2006/12/29 18:04:40  fabiankeil
+ *    Fixed gcc43 conversion warnings.
+ *
+ *    Revision 1.32  2006/12/06 19:14:23  fabiankeil
+ *    Added prototype for get_destination_from_headers().
+ *
+ *    Revision 1.31  2006/08/17 17:15:10  fabiankeil
+ *    - Back to timegm() using GnuPG's replacement if necessary.
+ *      Using mktime() and localtime() could add a on hour offset if
+ *      the randomize factor was big enough to lead to a summer/wintertime
+ *      switch.
+ *
+ *    - Removed now-useless Privoxy 3.0.3 compatibility glue.
+ *
+ *    - Moved randomization code into pick_from_range().
+ *
+ *    - Changed parse_header_time definition.
+ *      time_t isn't guaranteed to be signed and
+ *      if it isn't, -1 isn't available as error code.
+ *      Changed some variable types in client_if_modified_since()
+ *      because of the same reason.
+ *
+ *    Revision 1.30  2006/08/14 08:25:19  fabiankeil
+ *    Split filter-headers{} into filter-client-headers{}
+ *    and filter-server-headers{}.
+ *    Added parse_header_time() to share some code.
+ *    Replaced timegm() with mktime().
+ *
+ *    Revision 1.29  2006/08/03 02:46:41  david__schmidt
+ *    Incorporate Fabian Keil's patch work:http://www.fabiankeil.de/sourcecode/privoxy/
+ *
+ *    Revision 1.28  2006/07/18 14:48:47  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.26.2.1  2002/09/25 14:52:46  oes
+ *    Added basic support for OPTIONS and TRACE HTTP methods:
+ *     - New parser function client_max_forwards which decrements
+ *       the Max-Forwards HTTP header field of OPTIONS and TRACE
+ *       requests by one before forwarding
+ *     - New parser function client_host which extracts the host
+ *       and port information from the HTTP header field if the
+ *       request URI was not absolute
+ *     - Don't crumble and re-add the Host: header, but only generate
+ *       and append if missing
+ *
+ *    Revision 1.26  2002/05/08 15:59:53  oes
+ *    Changed add_to_iob signature (now returns jb_err)
+ *
+ *    Revision 1.25  2002/03/26 22:29:55  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.24  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.23  2002/03/13 00:27:05  jongfoster
+ *    Killing warnings
+ *
+ *    Revision 1.22  2002/03/09 20:03:52  jongfoster
+ *    - Making various functions return int rather than size_t.
+ *      (Undoing a recent change).  Since size_t is unsigned on
+ *      Windows, functions like read_socket that return -1 on
+ *      error cannot return a size_t.
+ *
+ *      THIS WAS A MAJOR BUG - it caused frequent, unpredictable
+ *      crashes, and also frequently caused JB to jump to 100%
+ *      CPU and stay there.  (Because it thought it had just
+ *      read ((unsigned)-1) == 4Gb of data...)
+ *
+ *    - The signature of write_socket has changed, it now simply
+ *      returns success=0/failure=nonzero.
+ *
+ *    - Trying to get rid of a few warnings --with-debug on
+ *      Windows, I've introduced a new type "jb_socket".  This is
+ *      used for the socket file descriptors.  On Windows, this
+ *      is SOCKET (a typedef for unsigned).  Everywhere else, it's
+ *      an int.  The error value can't be -1 any more, so it's
+ *      now JB_INVALID_SOCKET (which is -1 on UNIX, and in
+ *      Windows it maps to the #define INVALID_SOCKET.)
+ *
+ *    - The signature of bind_port has changed.
+ *
+ *    Revision 1.21  2002/03/07 03:46:17  oes
+ *    Fixed compiler warnings
+ *
+ *    Revision 1.20  2002/02/20 23:15:13  jongfoster
+ *    Parsing functions now handle out-of-memory gracefully by returning
+ *    an error code.
+ *
+ *    Revision 1.19  2002/01/17 21:03:47  jongfoster
+ *    Moving all our URL and URL pattern parsing code to urlmatch.c.
+ *
+ *    Revision 1.18  2001/10/26 17:40:23  oes
+ *    Introduced get_header_value()
+ *    Removed client_accept()
+ *
+ *    Revision 1.17  2001/10/13 12:47:32  joergs
+ *    Removed client_host, added client_host_adder
+ *
+ *    Revision 1.16  2001/10/07 18:50:16  oes
+ *    Added server_content_encoding, renamed server_transfer_encoding
+ *
+ *    Revision 1.15  2001/10/07 18:01:55  oes
+ *    Changed server_http11 to server_http
+ *
+ *    Revision 1.14  2001/10/07 15:45:48  oes
+ *    added client_accept_encoding, client_te, client_accept_encoding_adder
+ *
+ *    renamed content_type and content_length
+ *
+ *    fixed client_host and strclean prototypes
+ *
+ *    Revision 1.13  2001/09/29 12:56:03  joergs
+ *    IJB now changes HTTP/1.1 to HTTP/1.0 in requests and answers.
+ *
+ *    Revision 1.12  2001/09/13 23:05:50  jongfoster
+ *    Changing the string paramater to the header parsers a "const".
+ *
+ *    Revision 1.11  2001/07/31 14:46:53  oes
+ *    Added prototype for connection_close_adder
+ *
+ *    Revision 1.10  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.9  2001/07/29 18:43:08  jongfoster
+ *    Changing #ifdef _FILENAME_H to FILENAME_H_INCLUDED, to conform to
+ *    ANSI C rules.
+ *
+ *    Revision 1.8  2001/07/13 14:01:54  oes
+ *    Removed all #ifdef PCRS
+ *
+ *    Revision 1.7  2001/06/29 13:32:14  oes
+ *    Removed logentry from cancelled commit
+ *
+ *    Revision 1.6  2001/06/03 19:12:38  oes
+ *    deleted const struct interceptors
+ *
+ *    Revision 1.5  2001/05/31 21:30:33  jongfoster
+ *    Removed list code - it's now in list.[ch]
+ *    Renamed "permission" to "action", and changed many features
+ *    to use the actions file rather than the global config.
+ *
+ *    Revision 1.4  2001/05/27 13:19:06  oes
+ *    Patched Joergs solution for the content-length in.
+ *
+ *    Revision 1.3  2001/05/26 13:39:32  jongfoster
+ *    Only crunches Content-Length header if applying RE filtering.
+ *    Without this fix, Microsoft Windows Update wouldn't work.
+ *
+ *    Revision 1.2  2001/05/20 01:21:20  jongfoster
+ *    Version 2.9.4 checkin.
+ *    - Merged popupfile and cookiefile, and added control over PCRS
+ *      filtering, in new "permissionsfile".
+ *    - Implemented LOG_LEVEL_FATAL, so that if there is a configuration
+ *      file error you now get a message box (in the Win32 GUI) rather
+ *      than the program exiting with no explanation.
+ *    - Made killpopup use the PCRS MIME-type checking and HTTP-header
+ *      skipping.
+ *    - Removed tabs from "config"
+ *    - Moved duplicated url parsing code in "loaders.c" to a new funcition.
+ *    - Bumped up version number.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:59:01  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include "project.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Used for sed()'s second argument. */
+#define FILTER_CLIENT_HEADERS 0
+#define FILTER_SERVER_HEADERS 1
+
+extern long flush_socket(jb_socket fd, struct iob *iob);
+extern jb_err add_to_iob(struct client_state *csp, char *buf, long n);
+extern jb_err decompress_iob(struct client_state *csp);
+extern char *get_header(struct iob *iob);
+extern char *get_header_value(const struct list *header_list, const char *header_name);
+extern jb_err sed(struct client_state *csp, int filter_server_headers);
+extern jb_err update_server_headers(struct client_state *csp);
+extern void get_http_time(int time_offset, char *buf, size_t buffer_size);
+extern jb_err get_destination_from_headers(const struct list *headers, struct http_request *http);
+
+#ifdef FEATURE_FORCE_LOAD
+extern int strclean(char *string, const char *substring);
+#endif /* def FEATURE_FORCE_LOAD */
+
+/* Revision control strings from this header and associated .c file */
+extern const char parsers_rcs[];
+extern const char parsers_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef PARSERS_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/pcre/Makefile.in b/external/privoxy/pcre/Makefile.in
new file mode 100644
index 0000000..94edf49
--- /dev/null
+++ b/external/privoxy/pcre/Makefile.in
@@ -0,0 +1,219 @@
+
+# Makefile.in for PCRE (Perl-Compatible Regular Expression) library.
+
+#---------------------------------------------------------------------------#
+# To build mingw32 DLL uncomment the next two lines. This addition for      #
+# mingw32 was contributed by <Paul.Sokolovsky at technologist.com>. I (Philip  #
+# Hazel) don't know anything about it! There are some additional targets at #
+# the bottom of this Makefile.                                              #
+#---------------------------------------------------------------------------#
+#
+# include dll.mk
+# DLL_LDFLAGS=-s
+
+
+#---------------------------------------------------------------------------#
+# The next few lines are modified by "configure" to insert data that it is  #
+# given in its arguments, or which it finds out for itself.                 #
+#---------------------------------------------------------------------------#
+
+# BINDIR is the directory in which the pcregrep command is installed.
+# INCDIR is the directory in which the public header file pcre.h is installed.
+# LIBDIR is the directory in which the libraries are installed.
+# MANDIR is the directory in which the man pages are installed.
+# The pcretest program, as it is a test program, does not get installed
+# anywhere.
+
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+
+BINDIR = @bindir@
+LIBDIR = @libdir@
+INCDIR = @includedir@
+MANDIR = @mandir@
+
+CC = @CC@
+CFLAGS = @CFLAGS@
+RANLIB = @RANLIB@
+UTF8   = @UTF8@
+
+# LIBTOOL defaults to "./libtool", which enables the building of shared
+# libraries. If "configure" is called with --disable-shared-libraries, LIBTOOL
+# is set to "", which stops shared libraries from being built, and LIBSUFFIX
+# is set to "a" instead of "la", which causes the shared libraries not to be
+# installed.
+
+LIBTOOL = @LIBTOOL@
+LIBSUFFIX = @LIBSUFFIX@
+
+# These are the version numbers for the shared libraries
+
+PCRELIBVERSION = @PCRE_LIB_VERSION@
+PCREPOSIXLIBVERSION = @PCRE_POSIXLIB_VERSION@
+
+
+#---------------------------------------------------------------------------#
+# A copy of install-sh is in this distribution and is used by default.      #
+#---------------------------------------------------------------------------#
+
+INSTALL = ./install-sh -c
+INSTALL_DATA = ${INSTALL} -m 644
+
+
+#---------------------------------------------------------------------------#
+# For almost all systems, the command to create a library is "ar cq", but   #
+# there is at least one where it is different, so this command must be      #
+# configurable. However, I haven't got round to learning how to make        #
+# "configure" find this out for itself. It is necessary to use a command    #
+# such as "make AR='ar -rc'" if you need to vary this. The setting of AR is #
+# *not* passed over to ./ltconfig, because it does its own setting up.      #
+#---------------------------------------------------------------------------#
+
+AR = ar cq
+
+
+##############################################################################
+
+
+OBJ = maketables.o get.o study.o pcre.o
+LOBJ = maketables.lo get.lo study.lo pcre.lo
+
+all:            libtool libpcre.$(LIBSUFFIX) libpcreposix.$(LIBSUFFIX) pcretest pcregrep
+
+libtool:        config.guess config.sub ltconfig ltmain.sh
+		@if test "$(LIBTOOL)" = "./libtool"; then \
+		  echo '--- Building libtool ---'; \
+		  CC=$(CC) CFLAGS='$(CFLAGS)' RANLIB='$(RANLIB)' ./ltconfig ./ltmain.sh; \
+		  echo '--- Built libtool ---'; fi
+
+pcregrep:       libpcre.$(LIBSUFFIX) pcregrep.o
+		  @echo ' '
+		  @echo '--- Building pcregrep utility'
+		  @echo ' '
+		$(LIBTOOL) $(CC) $(CFLAGS) -o pcregrep pcregrep.o libpcre.$(LIBSUFFIX)
+
+pcretest:       libpcre.$(LIBSUFFIX) libpcreposix.$(LIBSUFFIX) pcretest.o
+		  @echo ' '
+		  @echo '--- Building pcretest testing program'
+		  @echo ' '
+		$(LIBTOOL) $(PURIFY) $(CC) $(CFLAGS) -o pcretest pcretest.o \
+		  libpcre.$(LIBSUFFIX) libpcreposix.$(LIBSUFFIX)
+
+libpcre.a:      $(OBJ)
+		@echo ' '
+		@echo '--- Building static library: libpcre'
+		@echo ' '
+		-rm -f libpcre.a
+		$(AR) libpcre.a $(OBJ)
+		$(RANLIB) libpcre.a
+
+libpcre.la:     $(OBJ)
+		@echo ' '
+		@echo '--- Building shared library: libpcre'
+		@echo ' '
+		-rm -f libpcre.la
+		./libtool $(CC) -version-info '$(PCRELIBVERSION)' -o libpcre.la -rpath $(LIBDIR) $(LOBJ)
+
+libpcreposix.a: pcreposix.o
+		@echo ' '
+		@echo '--- Building static library: libpcreposix'
+		@echo ' '
+		-rm -f libpcreposix.a
+		$(AR) libpcreposix.a pcreposix.o
+		$(RANLIB) libpcreposix.a
+
+libpcreposix.la: pcreposix.o
+		@echo ' '
+		@echo '--- Building shared library: libpcreposix'
+		@echo ' '
+		-rm -f libpcreposix.la
+		./libtool $(CC) -version-info '$(PCREPOSIXLIBVERSION)' -o libpcreposix.la -rpath $(LIBDIR) pcreposix.lo
+
+pcre.o:         chartables.c pcre.c pcre.h internal.h config.h Makefile
+		$(LIBTOOL) $(CC) -c $(CFLAGS) $(UTF8) pcre.c
+
+pcreposix.o:    pcreposix.c pcreposix.h internal.h pcre.h config.h Makefile
+		$(LIBTOOL) $(CC) -c $(CFLAGS) pcreposix.c
+
+maketables.o:   maketables.c pcre.h internal.h config.h Makefile
+		$(LIBTOOL) $(CC) -c $(CFLAGS) maketables.c
+
+get.o:          get.c pcre.h internal.h config.h Makefile
+		$(LIBTOOL) $(CC) -c $(CFLAGS) get.c
+
+study.o:        study.c pcre.h internal.h config.h Makefile
+		$(LIBTOOL) $(CC) -c $(CFLAGS) $(UTF8) study.c
+
+pcretest.o:     pcretest.c pcre.h config.h Makefile
+		$(CC) -c $(CFLAGS) $(UTF8) pcretest.c
+
+pcregrep.o:     pcregrep.c pcre.h Makefile config.h
+		$(CC) -c $(CFLAGS) $(UTF8) pcregrep.c
+
+# An auxiliary program makes the default character table source
+
+chartables.c:   dftables
+		./dftables >chartables.c
+
+dftables:       dftables.c maketables.c pcre.h internal.h config.h Makefile
+		$(CC) -o dftables $(CFLAGS) dftables.c
+
+install:        all
+		$(LIBTOOL) $(INSTALL_DATA) libpcre.$(LIBSUFFIX) $(DESTDIR)/$(LIBDIR)/libpcre.$(LIBSUFFIX)
+		$(LIBTOOL) $(INSTALL_DATA) libpcreposix.$(LIBSUFFIX) $(DESTDIR)/$(LIBDIR)/libpcreposix.$(LIBSUFFIX)
+		$(INSTALL_DATA) pcre.h $(DESTDIR)/$(INCDIR)/pcre.h
+		$(INSTALL_DATA) pcreposix.h $(DESTDIR)/$(INCDIR)/pcreposix.h
+		$(INSTALL_DATA) doc/pcre.3 $(DESTDIR)/$(MANDIR)/man3/pcre.3
+		$(INSTALL_DATA) doc/pcreposix.3 $(DESTDIR)/$(MANDIR)/man3/pcreposix.3
+		$(INSTALL_DATA) doc/pcregrep.1 $(DESTDIR)/$(MANDIR)/man1/pcregrep.1
+		@if test "$(LIBTOOL)" = "./libtool"; then \
+		  echo ' '; \
+		  echo '--- Rebuilding pcregrep to use installed shared library ---'; \
+		  echo $(CC) $(CFLAGS) -o pcregrep pcregrep.o -L$(DESTDIR)/$(LIBDIR) -lpcre; \
+		  $(CC) $(CFLAGS) -o pcregrep pcregrep.o -L$(DESTDIR)/$(LIBDIR) -lpcre; \
+		  echo '--- Rebuilding pcretest to use installed shared library ---'; \
+		  echo $(CC) $(CFLAGS) -o pcretest pcretest.o -L$(DESTDIR)/$(LIBDIR) -lpcre -lpcreposix; \
+		  $(CC) $(CFLAGS) -o pcretest pcretest.o -L$(DESTDIR)/$(LIBDIR) -lpcre -lpcreposix; \
+		fi
+		$(INSTALL)	pcregrep $(DESTDIR)/$(BINDIR)/pcregrep
+		$(INSTALL)	pcre-config $(DESTDIR)/$(BINDIR)/pcre-config
+
+# We deliberately omit dftables and chartables.c from 'make clean'; once made
+# chartables.c shouldn't change, and if people have edited the tables by hand,
+# you don't want to throw them away.
+
+clean:;         -rm -rf *.o *.lo *.a *.la .libs pcretest pcregrep testtry
+
+# But "make distclean" should get back to a virgin distribution
+
+distclean:      clean
+		-rm -f chartables.c libtool pcre-config pcre.h \
+		Makefile config.h config.status config.log config.cache
+
+check:          runtest
+
+test:           runtest
+
+runtest:        all
+		./RunTest
+
+######## MINGW32 ############### MINGW32 ############### MINGW32 #############
+
+# This addition for mingw32 was contributed by  Paul Sokolovsky
+# <Paul.Sokolovsky at technologist.com>. I (PH) don't know anything about it!
+
+dll:            _dll libpcre.dll.a pcregrep_d pcretest_d
+
+_dll:
+		$(MAKE) CFLAGS=-DSTATIC pcre.dll
+
+pcre.dll:       $(OBJ) pcreposix.o pcre.def
+libpcre.dll.a:  pcre.def
+
+pcregrep_d:     libpcre.dll.a pcregrep.o
+		$(CC) $(CFLAGS) -L. -o pcregrep pcregrep.o -lpcre.dll
+
+pcretest_d:     libpcre.dll.a pcretest.o
+		$(PURIFY) $(CC) $(CFLAGS) -L. -o pcretest pcretest.o -lpcre.dll
+
+# End
diff --git a/external/privoxy/pcre/RunTest.in b/external/privoxy/pcre/RunTest.in
new file mode 100644
index 0000000..6e4eb08
--- /dev/null
+++ b/external/privoxy/pcre/RunTest.in
@@ -0,0 +1,148 @@
+#! /bin/sh
+
+# This file is generated by configure from RunTest.in. Make any changes
+# to that file.
+
+# Run PCRE tests
+
+cf=diff
+
+# Select which tests to run; if no selection, run all
+
+do1=no
+do2=no
+do3=no
+do4=no
+do5=no
+do6=no
+
+while [ $# -gt 0 ] ; do
+  case $1 in
+    1) do1=yes;;
+    2) do2=yes;;
+    3) do3=yes;;
+    4) do4=yes;;
+    5) do5=yes;; 
+    6) do6=yes;; 
+    *) echo "Unknown test number $1"; exit 1;;
+  esac
+  shift
+done
+
+if [ "@UTF8@" = "" ] ; then
+  if [ $do5 = yes ] ; then
+    echo "Can't run test 5 because UFT8 support is not configured"
+    exit 1
+  fi   
+  if [ $do6 = yes ] ; then
+    echo "Can't run test 6 because UFT8 support is not configured"
+    exit 1
+  fi   
+fi    
+
+if [ $do1 = no -a $do2 = no -a $do3 = no -a $do4 = no -a\
+     $do5 = no -a $do6 = no ] ; then
+  do1=yes
+  do2=yes
+  do3=yes
+  do4=yes
+  if [ "@UTF8@" != "" ] ; then do5=yes; fi
+  if [ "@UTF8@" != "" ] ; then do6=yes; fi
+fi
+
+# Primary test, Perl-compatible
+
+if [ $do1 = yes ] ; then
+  echo "Testing main functionality (Perl compatible)"
+  ./pcretest testdata/testinput1 testtry
+  if [ $? = 0 ] ; then
+    $cf testtry testdata/testoutput1
+    if [ $? != 0 ] ; then exit 1; fi
+  else exit 1
+  fi
+fi
+
+# PCRE tests that are not Perl-compatible - API & error tests, mostly
+
+if [ $do2 = yes ] ; then
+  echo "Testing API and error handling (not Perl compatible)"
+  ./pcretest -i testdata/testinput2 testtry
+  if [ $? = 0 ] ; then
+    $cf testtry testdata/testoutput2
+    if [ $? != 0 ] ; then exit 1; fi
+  else exit 1
+  fi
+fi
+
+# Additional Perl-compatible tests for Perl 5.005's new features
+
+if [ $do3 = yes ] ; then
+  echo "Testing Perl 5.005 features (Perl 5.005 compatible)"
+  ./pcretest testdata/testinput3 testtry
+  if [ $? = 0 ] ; then
+    $cf testtry testdata/testoutput3
+    if [ $? != 0 ] ; then exit 1; fi
+  else exit 1
+  fi
+fi
+
+if [ $do1 = yes -a $do2 = yes -a $do3 = yes ] ; then
+  echo " " 
+  echo "The three main tests all ran OK"
+  echo " " 
+fi
+
+# Locale-specific tests, provided the "fr" locale is available
+
+if [ $do4 = yes ] ; then
+  locale -a | grep '^fr$' >/dev/null
+  if [ $? -eq 0 ] ; then
+    echo "Testing locale-specific features (using 'fr' locale)"
+    ./pcretest testdata/testinput4 testtry
+    if [ $? = 0 ] ; then
+      $cf testtry testdata/testoutput4
+      if [ $? != 0 ] ; then 
+        echo " "
+        echo "Locale test did not run entirely successfully."
+        echo "This usually means that there is a problem with the locale"
+        echo "settings rather than a bug in PCRE."    
+      else
+      echo "Locale test ran OK" 
+      fi 
+      echo " " 
+    else exit 1
+    fi
+  else
+    echo "Cannot test locale-specific features - 'fr' locale not found,"
+    echo "or the \"locale\" command is not available to check for it."
+    echo " " 
+  fi
+fi
+
+# Additional tests for UTF8 support
+
+if [ $do5 = yes ] ; then
+  echo "Testing experimental, incomplete UTF8 support (Perl compatible)"
+  ./pcretest testdata/testinput5 testtry 
+  if [ $? = 0 ] ; then
+    $cf testtry testdata/testoutput5
+    if [ $? != 0 ] ; then exit 1; fi
+  else exit 1
+  fi
+  echo "UTF8 test ran OK"
+  echo " "
+fi
+
+if [ $do6 = yes ] ; then
+  echo "Testing API and internals for UTF8 support (not Perl compatible)"
+  ./pcretest testdata/testinput6 testtry 
+  if [ $? = 0 ] ; then
+    $cf testtry testdata/testoutput6
+    if [ $? != 0 ] ; then exit 1; fi
+  else exit 1
+  fi
+  echo "UTF8 internals test ran OK"
+  echo " "
+fi
+
+# End
diff --git a/external/privoxy/pcre/chartables.c b/external/privoxy/pcre/chartables.c
new file mode 100644
index 0000000..9055da2
--- /dev/null
+++ b/external/privoxy/pcre/chartables.c
@@ -0,0 +1,183 @@
+/*************************************************
+*      Perl-Compatible Regular Expressions       *
+*************************************************/
+
+/* This file is automatically written by the dftables auxiliary 
+program. If you edit it by hand, you might like to edit the Makefile to 
+prevent its ever being regenerated.
+
+This file is #included in the compilation of pcre.c to build the default
+character tables which are used when no tables are passed to the compile
+function. */
+
+static unsigned char pcre_default_tables[] = {
+
+/* This table is a lower casing table. */
+
+    0,  1,  2,  3,  4,  5,  6,  7,
+    8,  9, 10, 11, 12, 13, 14, 15,
+   16, 17, 18, 19, 20, 21, 22, 23,
+   24, 25, 26, 27, 28, 29, 30, 31,
+   32, 33, 34, 35, 36, 37, 38, 39,
+   40, 41, 42, 43, 44, 45, 46, 47,
+   48, 49, 50, 51, 52, 53, 54, 55,
+   56, 57, 58, 59, 60, 61, 62, 63,
+   64, 97, 98, 99,100,101,102,103,
+  104,105,106,107,108,109,110,111,
+  112,113,114,115,116,117,118,119,
+  120,121,122, 91, 92, 93, 94, 95,
+   96, 97, 98, 99,100,101,102,103,
+  104,105,106,107,108,109,110,111,
+  112,113,114,115,116,117,118,119,
+  120,121,122,123,124,125,126,127,
+  128,129,130,131,132,133,134,135,
+  136,137,138,139,140,141,142,143,
+  144,145,146,147,148,149,150,151,
+  152,153,154,155,156,157,158,159,
+  160,161,162,163,164,165,166,167,
+  168,169,170,171,172,173,174,175,
+  176,177,178,179,180,181,182,183,
+  184,185,186,187,188,189,190,191,
+  192,193,194,195,196,197,198,199,
+  200,201,202,203,204,205,206,207,
+  208,209,210,211,212,213,214,215,
+  216,217,218,219,220,221,222,223,
+  224,225,226,227,228,229,230,231,
+  232,233,234,235,236,237,238,239,
+  240,241,242,243,244,245,246,247,
+  248,249,250,251,252,253,254,255,
+
+/* This table is a case flipping table. */
+
+    0,  1,  2,  3,  4,  5,  6,  7,
+    8,  9, 10, 11, 12, 13, 14, 15,
+   16, 17, 18, 19, 20, 21, 22, 23,
+   24, 25, 26, 27, 28, 29, 30, 31,
+   32, 33, 34, 35, 36, 37, 38, 39,
+   40, 41, 42, 43, 44, 45, 46, 47,
+   48, 49, 50, 51, 52, 53, 54, 55,
+   56, 57, 58, 59, 60, 61, 62, 63,
+   64, 97, 98, 99,100,101,102,103,
+  104,105,106,107,108,109,110,111,
+  112,113,114,115,116,117,118,119,
+  120,121,122, 91, 92, 93, 94, 95,
+   96, 65, 66, 67, 68, 69, 70, 71,
+   72, 73, 74, 75, 76, 77, 78, 79,
+   80, 81, 82, 83, 84, 85, 86, 87,
+   88, 89, 90,123,124,125,126,127,
+  128,129,130,131,132,133,134,135,
+  136,137,138,139,140,141,142,143,
+  144,145,146,147,148,149,150,151,
+  152,153,154,155,156,157,158,159,
+  160,161,162,163,164,165,166,167,
+  168,169,170,171,172,173,174,175,
+  176,177,178,179,180,181,182,183,
+  184,185,186,187,188,189,190,191,
+  192,193,194,195,196,197,198,199,
+  200,201,202,203,204,205,206,207,
+  208,209,210,211,212,213,214,215,
+  216,217,218,219,220,221,222,223,
+  224,225,226,227,228,229,230,231,
+  232,233,234,235,236,237,238,239,
+  240,241,242,243,244,245,246,247,
+  248,249,250,251,252,253,254,255,
+
+/* This table contains bit maps for various character classes.
+Each map is 32 bytes long and the bits run from the least
+significant end of each byte. The classes that have their own
+maps are: space, xdigit, digit, upper, lower, word, graph
+print, punct, and cntrl. Other classes are built from combinations. */
+
+  0x00,0x3e,0x00,0x00,0x01,0x00,0x00,0x00,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+
+  0x00,0x00,0x00,0x00,0x00,0x00,0xff,0x03,
+  0x7e,0x00,0x00,0x00,0x7e,0x00,0x00,0x00,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+
+  0x00,0x00,0x00,0x00,0x00,0x00,0xff,0x03,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+  0xfe,0xff,0xff,0x07,0x00,0x00,0x00,0x00,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+  0x00,0x00,0x00,0x00,0xfe,0xff,0xff,0x07,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+
+  0x00,0x00,0x00,0x00,0x00,0x00,0xff,0x03,
+  0xfe,0xff,0xff,0x87,0xfe,0xff,0xff,0x07,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+
+  0x00,0x00,0x00,0x00,0xfe,0xff,0xff,0xff,
+  0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x7f,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+
+  0x00,0x00,0x00,0x00,0xff,0xff,0xff,0xff,
+  0xff,0xff,0xff,0xff,0xff,0xff,0xff,0x7f,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+
+  0x00,0x00,0x00,0x00,0xfe,0xff,0x00,0xfc,
+  0x01,0x00,0x00,0xf8,0x01,0x00,0x00,0x78,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+
+  0xff,0xff,0xff,0xff,0x00,0x00,0x00,0x00,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x80,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00,
+
+/* This table identifies various classes of character by individual bits:
+  0x01   white space character
+  0x02   letter
+  0x04   decimal digit
+  0x08   hexadecimal digit
+  0x10   alphanumeric or '_'
+  0x80   regular expression metacharacter or binary zero
+*/
+
+  0x80,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*   0-  7 */
+  0x00,0x01,0x01,0x01,0x01,0x01,0x00,0x00, /*   8- 15 */
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  16- 23 */
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /*  24- 31 */
+  0x01,0x00,0x00,0x00,0x80,0x00,0x00,0x00, /*    - '  */
+  0x80,0x80,0x80,0x80,0x00,0x00,0x80,0x00, /*  ( - /  */
+  0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c,0x1c, /*  0 - 7  */
+  0x1c,0x1c,0x00,0x00,0x00,0x00,0x00,0x80, /*  8 - ?  */
+  0x00,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /*  @ - G  */
+  0x12,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /*  H - O  */
+  0x12,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /*  P - W  */
+  0x12,0x12,0x12,0x80,0x00,0x00,0x80,0x10, /*  X - _  */
+  0x00,0x1a,0x1a,0x1a,0x1a,0x1a,0x1a,0x12, /*  ` - g  */
+  0x12,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /*  h - o  */
+  0x12,0x12,0x12,0x12,0x12,0x12,0x12,0x12, /*  p - w  */
+  0x12,0x12,0x12,0x80,0x80,0x00,0x00,0x00, /*  x -127 */
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 128-135 */
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 136-143 */
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 144-151 */
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 152-159 */
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 160-167 */
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 168-175 */
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 176-183 */
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 184-191 */
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 192-199 */
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 200-207 */
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 208-215 */
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 216-223 */
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 224-231 */
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 232-239 */
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00, /* 240-247 */
+  0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x00};/* 248-255 */
+
+/* End of chartables.c */
diff --git a/external/privoxy/pcre/config.guess b/external/privoxy/pcre/config.guess
new file mode 100644
index 0000000..e1b5871
--- /dev/null
+++ b/external/privoxy/pcre/config.guess
@@ -0,0 +1,1121 @@
+#! /bin/sh
+# Attempt to guess a canonical system name.
+#   Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999
+#   Free Software Foundation, Inc.
+#
+# This file is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# Written by Per Bothner <bothner at cygnus.com>.
+# The master version of this file is at the FSF in /home/gd/gnu/lib.
+# Please send patches to <autoconf-patches at gnu.org>.
+#
+# This script attempts to guess a canonical system name similar to
+# config.sub.  If it succeeds, it prints the system name on stdout, and
+# exits with 0.  Otherwise, it exits with 1.
+#
+# The plan is that this can be called by configure scripts if you
+# don't specify an explicit system type (host/target name).
+#
+# Only a few systems have been added to this list; please add others
+# (but try to keep the structure clean).
+#
+
+# Use $HOST_CC if defined. $CC may point to a cross-compiler
+if test x"$CC_FOR_BUILD" = x; then
+  if test x"$HOST_CC" != x; then
+    CC_FOR_BUILD="$HOST_CC"
+  else
+    if test x"$CC" != x; then
+      CC_FOR_BUILD="$CC"
+    else
+      CC_FOR_BUILD=cc
+    fi
+  fi
+fi
+
+
+# This is needed to find uname on a Pyramid OSx when run in the BSD universe.
+# (ghazi at noc.rutgers.edu 8/24/94.)
+if (test -f /.attbin/uname) >/dev/null 2>&1 ; then
+	PATH=$PATH:/.attbin ; export PATH
+fi
+
+UNAME_MACHINE=`(uname -m) 2>/dev/null` || UNAME_MACHINE=unknown
+UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown
+UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown
+UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown
+
+dummy=dummy-$$
+trap 'rm -f $dummy.c $dummy.o $dummy; exit 1' 1 2 15
+
+# Note: order is significant - the case branches are not exclusive.
+
+case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in
+    alpha:OSF1:*:*)
+	if test $UNAME_RELEASE = "V4.0"; then
+		UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'`
+	fi
+	# A Vn.n version is a released version.
+	# A Tn.n version is a released field test version.
+	# A Xn.n version is an unreleased experimental baselevel.
+	# 1.2 uses "1.2" for uname -r.
+	cat <<EOF >$dummy.s
+	.globl main
+	.ent main
+main:
+	.frame \$30,0,\$26,0
+	.prologue 0
+	.long 0x47e03d80 # implver $0
+	lda \$2,259
+	.long 0x47e20c21 # amask $2,$1
+	srl \$1,8,\$2
+	sll \$2,2,\$2
+	sll \$0,3,\$0
+	addl \$1,\$0,\$0
+	addl \$2,\$0,\$0
+	ret \$31,(\$26),1
+	.end main
+EOF
+	$CC_FOR_BUILD $dummy.s -o $dummy 2>/dev/null
+	if test "$?" = 0 ; then
+		./$dummy
+		case "$?" in
+			7)
+				UNAME_MACHINE="alpha"
+				;;
+			15)
+				UNAME_MACHINE="alphaev5"
+				;;
+			14)
+				UNAME_MACHINE="alphaev56"
+				;;
+			10)
+				UNAME_MACHINE="alphapca56"
+				;;
+			16)
+				UNAME_MACHINE="alphaev6"
+				;;
+		esac
+	fi
+	rm -f $dummy.s $dummy
+	echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[VTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'`
+	exit 0 ;;
+    Alpha\ *:Windows_NT*:*)
+	# How do we know it's Interix rather than the generic POSIX subsystem?
+	# Should we change UNAME_MACHINE based on the output of uname instead
+	# of the specific Alpha model?
+	echo alpha-pc-interix
+	exit 0 ;;
+    21064:Windows_NT:50:3)
+	echo alpha-dec-winnt3.5
+	exit 0 ;;
+    Amiga*:UNIX_System_V:4.0:*)
+	echo m68k-cbm-sysv4
+	exit 0;;
+    amiga:NetBSD:*:*)
+      echo m68k-cbm-netbsd${UNAME_RELEASE}
+      exit 0 ;;
+    amiga:OpenBSD:*:*)
+	echo m68k-unknown-openbsd${UNAME_RELEASE}
+	exit 0 ;;
+    *:[Aa]miga[Oo][Ss]:*:*)
+	echo ${UNAME_MACHINE}-unknown-amigaos
+	exit 0 ;;
+    arc64:OpenBSD:*:*)
+	echo mips64el-unknown-openbsd${UNAME_RELEASE}
+	exit 0 ;;
+    arc:OpenBSD:*:*)
+	echo mipsel-unknown-openbsd${UNAME_RELEASE}
+	exit 0 ;;
+    hkmips:OpenBSD:*:*)
+	echo mips-unknown-openbsd${UNAME_RELEASE}
+	exit 0 ;;
+    pmax:OpenBSD:*:*)
+	echo mipsel-unknown-openbsd${UNAME_RELEASE}
+	exit 0 ;;
+    sgi:OpenBSD:*:*)
+	echo mips-unknown-openbsd${UNAME_RELEASE}
+	exit 0 ;;
+    wgrisc:OpenBSD:*:*)
+	echo mipsel-unknown-openbsd${UNAME_RELEASE}
+	exit 0 ;;
+    *:OS/390:*:*)
+	echo i370-ibm-openedition
+	exit 0 ;;
+    arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*)
+	echo arm-acorn-riscix${UNAME_RELEASE}
+	exit 0;;
+    arm32:NetBSD:*:*)
+	echo arm-unknown-netbsd`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'`
+	exit 0 ;;
+    SR2?01:HI-UX/MPP:*:*)
+	echo hppa1.1-hitachi-hiuxmpp
+	exit 0;;
+    Pyramid*:OSx*:*:* | MIS*:OSx*:*:* | MIS*:SMP_DC-OSx*:*:*)
+	# akee at wpdis03.wpafb.af.mil (Earle F. Ake) contributed MIS and NILE.
+	if test "`(/bin/universe) 2>/dev/null`" = att ; then
+		echo pyramid-pyramid-sysv3
+	else
+		echo pyramid-pyramid-bsd
+	fi
+	exit 0 ;;
+    NILE*:*:*:dcosx)
+	echo pyramid-pyramid-svr4
+	exit 0 ;;
+    sun4H:SunOS:5.*:*)
+	echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit 0 ;;
+    sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*)
+	echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit 0 ;;
+    i86pc:SunOS:5.*:*)
+	echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit 0 ;;
+    sun4*:SunOS:6*:*)
+	# According to config.sub, this is the proper way to canonicalize
+	# SunOS6.  Hard to guess exactly what SunOS6 will be like, but
+	# it's likely to be more like Solaris than SunOS4.
+	echo sparc-sun-solaris3`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit 0 ;;
+    sun4*:SunOS:*:*)
+	case "`/usr/bin/arch -k`" in
+	    Series*|S4*)
+		UNAME_RELEASE=`uname -v`
+		;;
+	esac
+	# Japanese Language versions have a version number like `4.1.3-JL'.
+	echo sparc-sun-sunos`echo ${UNAME_RELEASE}|sed -e 's/-/_/'`
+	exit 0 ;;
+    sun3*:SunOS:*:*)
+	echo m68k-sun-sunos${UNAME_RELEASE}
+	exit 0 ;;
+    sun*:*:4.2BSD:*)
+	UNAME_RELEASE=`(head -1 /etc/motd | awk '{print substr($5,1,3)}') 2>/dev/null`
+	test "x${UNAME_RELEASE}" = "x" && UNAME_RELEASE=3
+	case "`/bin/arch`" in
+	    sun3)
+		echo m68k-sun-sunos${UNAME_RELEASE}
+		;;
+	    sun4)
+		echo sparc-sun-sunos${UNAME_RELEASE}
+		;;
+	esac
+	exit 0 ;;
+    aushp:SunOS:*:*)
+	echo sparc-auspex-sunos${UNAME_RELEASE}
+	exit 0 ;;
+    atari*:NetBSD:*:*)
+	echo m68k-atari-netbsd${UNAME_RELEASE}
+	exit 0 ;;
+    atari*:OpenBSD:*:*)
+	echo m68k-unknown-openbsd${UNAME_RELEASE}
+	exit 0 ;;
+    # The situation for MiNT is a little confusing.  The machine name
+    # can be virtually everything (everything which is not
+    # "atarist" or "atariste" at least should have a processor 
+    # > m68000).  The system name ranges from "MiNT" over "FreeMiNT"
+    # to the lowercase version "mint" (or "freemint").  Finally
+    # the system name "TOS" denotes a system which is actually not
+    # MiNT.  But MiNT is downward compatible to TOS, so this should
+    # be no problem.
+    atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*)
+        echo m68k-atari-mint${UNAME_RELEASE}
+	exit 0 ;;
+    atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*)
+	echo m68k-atari-mint${UNAME_RELEASE}
+        exit 0 ;;
+    *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*)
+        echo m68k-atari-mint${UNAME_RELEASE}
+	exit 0 ;;
+    milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*)
+        echo m68k-milan-mint${UNAME_RELEASE}
+        exit 0 ;;
+    hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*)
+        echo m68k-hades-mint${UNAME_RELEASE}
+        exit 0 ;;
+    *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*)
+        echo m68k-unknown-mint${UNAME_RELEASE}
+        exit 0 ;;
+    sun3*:NetBSD:*:*)
+	echo m68k-sun-netbsd${UNAME_RELEASE}
+	exit 0 ;;
+    sun3*:OpenBSD:*:*)
+	echo m68k-unknown-openbsd${UNAME_RELEASE}
+	exit 0 ;;
+    mac68k:NetBSD:*:*)
+	echo m68k-apple-netbsd${UNAME_RELEASE}
+	exit 0 ;;
+    mac68k:OpenBSD:*:*)
+	echo m68k-unknown-openbsd${UNAME_RELEASE}
+	exit 0 ;;
+    mvme68k:OpenBSD:*:*)
+	echo m68k-unknown-openbsd${UNAME_RELEASE}
+	exit 0 ;;
+    mvme88k:OpenBSD:*:*)
+	echo m88k-unknown-openbsd${UNAME_RELEASE}
+	exit 0 ;;
+    powerpc:machten:*:*)
+	echo powerpc-apple-machten${UNAME_RELEASE}
+	exit 0 ;;
+    macppc:NetBSD:*:*)
+        echo powerpc-apple-netbsd${UNAME_RELEASE}
+        exit 0 ;;
+    RISC*:Mach:*:*)
+	echo mips-dec-mach_bsd4.3
+	exit 0 ;;
+    RISC*:ULTRIX:*:*)
+	echo mips-dec-ultrix${UNAME_RELEASE}
+	exit 0 ;;
+    VAX*:ULTRIX*:*:*)
+	echo vax-dec-ultrix${UNAME_RELEASE}
+	exit 0 ;;
+    2020:CLIX:*:* | 2430:CLIX:*:*)
+	echo clipper-intergraph-clix${UNAME_RELEASE}
+	exit 0 ;;
+    mips:*:*:UMIPS | mips:*:*:RISCos)
+	sed 's/^	//' << EOF >$dummy.c
+#ifdef __cplusplus
+	int main (int argc, char *argv[]) {
+#else
+	int main (argc, argv) int argc; char *argv[]; {
+#endif
+	#if defined (host_mips) && defined (MIPSEB)
+	#if defined (SYSTYPE_SYSV)
+	  printf ("mips-mips-riscos%ssysv\n", argv[1]); exit (0);
+	#endif
+	#if defined (SYSTYPE_SVR4)
+	  printf ("mips-mips-riscos%ssvr4\n", argv[1]); exit (0);
+	#endif
+	#if defined (SYSTYPE_BSD43) || defined(SYSTYPE_BSD)
+	  printf ("mips-mips-riscos%sbsd\n", argv[1]); exit (0);
+	#endif
+	#endif
+	  exit (-1);
+	}
+EOF
+	$CC_FOR_BUILD $dummy.c -o $dummy \
+	  && ./$dummy `echo "${UNAME_RELEASE}" | sed -n 's/\([0-9]*\).*/\1/p'` \
+	  && rm $dummy.c $dummy && exit 0
+	rm -f $dummy.c $dummy
+	echo mips-mips-riscos${UNAME_RELEASE}
+	exit 0 ;;
+    Night_Hawk:Power_UNIX:*:*)
+	echo powerpc-harris-powerunix
+	exit 0 ;;
+    m88k:CX/UX:7*:*)
+	echo m88k-harris-cxux7
+	exit 0 ;;
+    m88k:*:4*:R4*)
+	echo m88k-motorola-sysv4
+	exit 0 ;;
+    m88k:*:3*:R3*)
+	echo m88k-motorola-sysv3
+	exit 0 ;;
+    AViiON:dgux:*:*)
+        # DG/UX returns AViiON for all architectures
+        UNAME_PROCESSOR=`/usr/bin/uname -p`
+	if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110]
+	then
+	    if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \
+	       [ ${TARGET_BINARY_INTERFACE}x = x ]
+	    then
+		echo m88k-dg-dgux${UNAME_RELEASE}
+	    else
+		echo m88k-dg-dguxbcs${UNAME_RELEASE}
+	    fi
+	else
+	    echo i586-dg-dgux${UNAME_RELEASE}
+	fi
+ 	exit 0 ;;
+    M88*:DolphinOS:*:*)	# DolphinOS (SVR3)
+	echo m88k-dolphin-sysv3
+	exit 0 ;;
+    M88*:*:R3*:*)
+	# Delta 88k system running SVR3
+	echo m88k-motorola-sysv3
+	exit 0 ;;
+    XD88*:*:*:*) # Tektronix XD88 system running UTekV (SVR3)
+	echo m88k-tektronix-sysv3
+	exit 0 ;;
+    Tek43[0-9][0-9]:UTek:*:*) # Tektronix 4300 system running UTek (BSD)
+	echo m68k-tektronix-bsd
+	exit 0 ;;
+    *:IRIX*:*:*)
+	echo mips-sgi-irix`echo ${UNAME_RELEASE}|sed -e 's/-/_/g'`
+	exit 0 ;;
+    ????????:AIX?:[12].1:2)   # AIX 2.2.1 or AIX 2.1.1 is RT/PC AIX.
+	echo romp-ibm-aix      # uname -m gives an 8 hex-code CPU id
+	exit 0 ;;              # Note that: echo "'`uname -s`'" gives 'AIX '
+    i?86:AIX:*:*)
+	echo i386-ibm-aix
+	exit 0 ;;
+    *:AIX:2:3)
+	if grep bos325 /usr/include/stdio.h >/dev/null 2>&1; then
+		sed 's/^		//' << EOF >$dummy.c
+		#include <sys/systemcfg.h>
+
+		main()
+			{
+			if (!__power_pc())
+				exit(1);
+			puts("powerpc-ibm-aix3.2.5");
+			exit(0);
+			}
+EOF
+		$CC_FOR_BUILD $dummy.c -o $dummy && ./$dummy && rm $dummy.c $dummy && exit 0
+		rm -f $dummy.c $dummy
+		echo rs6000-ibm-aix3.2.5
+	elif grep bos324 /usr/include/stdio.h >/dev/null 2>&1; then
+		echo rs6000-ibm-aix3.2.4
+	else
+		echo rs6000-ibm-aix3.2
+	fi
+	exit 0 ;;
+    *:AIX:*:4)
+	IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | head -1 | awk '{ print $1 }'`
+	if /usr/sbin/lsattr -EHl ${IBM_CPU_ID} | grep POWER >/dev/null 2>&1; then
+		IBM_ARCH=rs6000
+	else
+		IBM_ARCH=powerpc
+	fi
+	if [ -x /usr/bin/oslevel ] ; then
+		IBM_REV=`/usr/bin/oslevel`
+	else
+		IBM_REV=4.${UNAME_RELEASE}
+	fi
+	echo ${IBM_ARCH}-ibm-aix${IBM_REV}
+	exit 0 ;;
+    *:AIX:*:*)
+	echo rs6000-ibm-aix
+	exit 0 ;;
+    ibmrt:4.4BSD:*|romp-ibm:BSD:*)
+	echo romp-ibm-bsd4.4
+	exit 0 ;;
+    ibmrt:*BSD:*|romp-ibm:BSD:*)            # covers RT/PC NetBSD and
+	echo romp-ibm-bsd${UNAME_RELEASE}   # 4.3 with uname added to
+	exit 0 ;;                           # report: romp-ibm BSD 4.3
+    *:BOSX:*:*)
+	echo rs6000-bull-bosx
+	exit 0 ;;
+    DPX/2?00:B.O.S.:*:*)
+	echo m68k-bull-sysv3
+	exit 0 ;;
+    9000/[34]??:4.3bsd:1.*:*)
+	echo m68k-hp-bsd
+	exit 0 ;;
+    hp300:4.4BSD:*:* | 9000/[34]??:4.3bsd:2.*:*)
+	echo m68k-hp-bsd4.4
+	exit 0 ;;
+    9000/[34678]??:HP-UX:*:*)
+	case "${UNAME_MACHINE}" in
+	    9000/31? )            HP_ARCH=m68000 ;;
+	    9000/[34]?? )         HP_ARCH=m68k ;;
+	    9000/[678][0-9][0-9])
+              sed 's/^              //' << EOF >$dummy.c
+              #include <stdlib.h>
+              #include <unistd.h>
+
+              int main ()
+              {
+              #if defined(_SC_KERNEL_BITS)
+                  long bits = sysconf(_SC_KERNEL_BITS);
+              #endif
+                  long cpu  = sysconf (_SC_CPU_VERSION);
+
+                  switch (cpu)
+              	{
+              	case CPU_PA_RISC1_0: puts ("hppa1.0"); break;
+              	case CPU_PA_RISC1_1: puts ("hppa1.1"); break;
+              	case CPU_PA_RISC2_0:
+              #if defined(_SC_KERNEL_BITS)
+              	    switch (bits)
+              		{
+              		case 64: puts ("hppa2.0w"); break;
+              		case 32: puts ("hppa2.0n"); break;
+              		default: puts ("hppa2.0"); break;
+              		} break;
+              #else  /* !defined(_SC_KERNEL_BITS) */
+              	    puts ("hppa2.0"); break;
+              #endif
+              	default: puts ("hppa1.0"); break;
+              	}
+                  exit (0);
+              }
+EOF
+	(CCOPTS= $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null ) && HP_ARCH=`./$dummy`
+	rm -f $dummy.c $dummy
+	esac
+	HPUX_REV=`echo ${UNAME_RELEASE}|sed -e 's/[^.]*.[0B]*//'`
+	echo ${HP_ARCH}-hp-hpux${HPUX_REV}
+	exit 0 ;;
+    3050*:HI-UX:*:*)
+	sed 's/^	//' << EOF >$dummy.c
+	#include <unistd.h>
+	int
+	main ()
+	{
+	  long cpu = sysconf (_SC_CPU_VERSION);
+	  /* The order matters, because CPU_IS_HP_MC68K erroneously returns
+	     true for CPU_PA_RISC1_0.  CPU_IS_PA_RISC returns correct
+	     results, however.  */
+	  if (CPU_IS_PA_RISC (cpu))
+	    {
+	      switch (cpu)
+		{
+		  case CPU_PA_RISC1_0: puts ("hppa1.0-hitachi-hiuxwe2"); break;
+		  case CPU_PA_RISC1_1: puts ("hppa1.1-hitachi-hiuxwe2"); break;
+		  case CPU_PA_RISC2_0: puts ("hppa2.0-hitachi-hiuxwe2"); break;
+		  default: puts ("hppa-hitachi-hiuxwe2"); break;
+		}
+	    }
+	  else if (CPU_IS_HP_MC68K (cpu))
+	    puts ("m68k-hitachi-hiuxwe2");
+	  else puts ("unknown-hitachi-hiuxwe2");
+	  exit (0);
+	}
+EOF
+	$CC_FOR_BUILD $dummy.c -o $dummy && ./$dummy && rm $dummy.c $dummy && exit 0
+	rm -f $dummy.c $dummy
+	echo unknown-hitachi-hiuxwe2
+	exit 0 ;;
+    9000/7??:4.3bsd:*:* | 9000/8?[79]:4.3bsd:*:* )
+	echo hppa1.1-hp-bsd
+	exit 0 ;;
+    9000/8??:4.3bsd:*:*)
+	echo hppa1.0-hp-bsd
+	exit 0 ;;
+    *9??*:MPE/iX:*:*)
+	echo hppa1.0-hp-mpeix
+	exit 0 ;;
+    hp7??:OSF1:*:* | hp8?[79]:OSF1:*:* )
+	echo hppa1.1-hp-osf
+	exit 0 ;;
+    hp8??:OSF1:*:*)
+	echo hppa1.0-hp-osf
+	exit 0 ;;
+    i?86:OSF1:*:*)
+	if [ -x /usr/sbin/sysversion ] ; then
+	    echo ${UNAME_MACHINE}-unknown-osf1mk
+	else
+	    echo ${UNAME_MACHINE}-unknown-osf1
+	fi
+	exit 0 ;;
+    parisc*:Lites*:*:*)
+	echo hppa1.1-hp-lites
+	exit 0 ;;
+    hppa*:OpenBSD:*:*)
+	echo hppa-unknown-openbsd
+	exit 0 ;;
+    C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*)
+	echo c1-convex-bsd
+        exit 0 ;;
+    C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*)
+	if getsysinfo -f scalar_acc
+	then echo c32-convex-bsd
+	else echo c2-convex-bsd
+	fi
+        exit 0 ;;
+    C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*)
+	echo c34-convex-bsd
+        exit 0 ;;
+    C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*)
+	echo c38-convex-bsd
+        exit 0 ;;
+    C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*)
+	echo c4-convex-bsd
+        exit 0 ;;
+    CRAY*X-MP:*:*:*)
+	echo xmp-cray-unicos
+        exit 0 ;;
+    CRAY*Y-MP:*:*:*)
+	echo ymp-cray-unicos${UNAME_RELEASE}
+	exit 0 ;;
+    CRAY*[A-Z]90:*:*:*)
+	echo ${UNAME_MACHINE}-cray-unicos${UNAME_RELEASE} \
+	| sed -e 's/CRAY.*\([A-Z]90\)/\1/' \
+	      -e y/ABCDEFGHIJKLMNOPQRSTUVWXYZ/abcdefghijklmnopqrstuvwxyz/
+	exit 0 ;;
+    CRAY*TS:*:*:*)
+	echo t90-cray-unicos${UNAME_RELEASE}
+	exit 0 ;;
+    CRAY*T3E:*:*:*)
+	echo alpha-cray-unicosmk${UNAME_RELEASE}
+	exit 0 ;;
+    CRAY-2:*:*:*)
+	echo cray2-cray-unicos
+        exit 0 ;;
+    F300:UNIX_System_V:*:*)
+        FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'`
+        FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'`
+        echo "f300-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}"
+        exit 0 ;;
+    F301:UNIX_System_V:*:*)
+       echo f301-fujitsu-uxpv`echo $UNAME_RELEASE | sed 's/ .*//'`
+       exit 0 ;;
+    hp3[0-9][05]:NetBSD:*:*)
+	echo m68k-hp-netbsd${UNAME_RELEASE}
+	exit 0 ;;
+    hp300:OpenBSD:*:*)
+	echo m68k-unknown-openbsd${UNAME_RELEASE}
+	exit 0 ;;
+    i?86:BSD/386:*:* | i?86:BSD/OS:*:*)
+	echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE}
+	exit 0 ;;
+    sparc*:BSD/OS:*:*)
+	echo sparc-unknown-bsdi${UNAME_RELEASE}
+	exit 0 ;;
+    *:BSD/OS:*:*)
+	echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE}
+	exit 0 ;;
+    *:FreeBSD:*:*)
+	if test -x /usr/bin/objformat; then
+	    if test "elf" = "`/usr/bin/objformat`"; then
+		echo ${UNAME_MACHINE}-unknown-freebsdelf`echo ${UNAME_RELEASE}|sed -e 's/[-_].*//'`
+		exit 0
+	    fi
+	fi
+	echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`
+	exit 0 ;;
+    *:NetBSD:*:*)
+	echo ${UNAME_MACHINE}-unknown-netbsd`echo ${UNAME_RELEASE}|sed -e 's/[-_].*//'`
+	exit 0 ;;
+    *:OpenBSD:*:*)
+	echo ${UNAME_MACHINE}-unknown-openbsd`echo ${UNAME_RELEASE}|sed -e 's/[-_].*/\./'`
+	exit 0 ;;
+    i*:CYGWIN*:*)
+	echo ${UNAME_MACHINE}-pc-cygwin
+	exit 0 ;;
+    i*:MINGW*:*)
+	echo ${UNAME_MACHINE}-pc-mingw32
+	exit 0 ;;
+    i*:Windows_NT*:* | Pentium*:Windows_NT*:*)
+	# How do we know it's Interix rather than the generic POSIX subsystem?
+	# It also conflicts with pre-2.0 versions of AT&T UWIN. Should we
+	# UNAME_MACHINE based on the output of uname instead of i386?
+	echo i386-pc-interix
+	exit 0 ;;
+    i*:UWIN*:*)
+	echo ${UNAME_MACHINE}-pc-uwin
+	exit 0 ;;
+    p*:CYGWIN*:*)
+	echo powerpcle-unknown-cygwin
+	exit 0 ;;
+    prep*:SunOS:5.*:*)
+	echo powerpcle-unknown-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'`
+	exit 0 ;;
+    *:GNU:*:*)
+	echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'`
+	exit 0 ;;
+    *:Linux:*:*)
+
+	# The BFD linker knows what the default object file format is, so
+	# first see if it will tell us. cd to the root directory to prevent
+	# problems with other programs or directories called `ld' in the path.
+	ld_help_string=`cd /; ld --help 2>&1`
+	ld_supported_emulations=`echo $ld_help_string \
+			 | sed -ne '/supported emulations:/!d
+				    s/[ 	][ 	]*/ /g
+				    s/.*supported emulations: *//
+				    s/ .*//
+				    p'`
+        case "$ld_supported_emulations" in
+	  *ia64)
+		echo "${UNAME_MACHINE}-unknown-linux"
+		exit 0
+		;;
+	  i?86linux)
+		echo "${UNAME_MACHINE}-pc-linux-gnuaout"
+		exit 0
+		;;
+	  i?86coff)
+		echo "${UNAME_MACHINE}-pc-linux-gnucoff"
+		exit 0
+		;;
+	  sparclinux)
+		echo "${UNAME_MACHINE}-unknown-linux-gnuaout"
+		exit 0
+		;;
+	  armlinux)
+		echo "${UNAME_MACHINE}-unknown-linux-gnuaout"
+		exit 0
+		;;
+	  elf32arm*)
+		echo "${UNAME_MACHINE}-unknown-linux-gnu"
+		exit 0
+		;;
+	  armelf_linux*)
+		echo "${UNAME_MACHINE}-unknown-linux-gnu"
+		exit 0
+		;;
+	  m68klinux)
+		echo "${UNAME_MACHINE}-unknown-linux-gnuaout"
+		exit 0
+		;;
+	  elf32ppc)
+		# Determine Lib Version
+		cat >$dummy.c <<EOF
+#include <features.h>
+#if defined(__GLIBC__)
+extern char __libc_version[];
+extern char __libc_release[];
+#endif
+main(argc, argv)
+     int argc;
+     char *argv[];
+{
+#if defined(__GLIBC__)
+  printf("%s %s\n", __libc_version, __libc_release);
+#else
+  printf("unkown\n");
+#endif
+  return 0;
+}
+EOF
+		LIBC=""
+		$CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null
+		if test "$?" = 0 ; then
+			./$dummy | grep 1\.99 > /dev/null
+			if test "$?" = 0 ; then
+				LIBC="libc1"
+			fi
+		fi	
+		rm -f $dummy.c $dummy
+		echo powerpc-unknown-linux-gnu${LIBC}
+		exit 0
+		;;
+	esac
+
+	if test "${UNAME_MACHINE}" = "alpha" ; then
+		sed 's/^	//'  <<EOF >$dummy.s
+		.globl main
+		.ent main
+	main:
+		.frame \$30,0,\$26,0
+		.prologue 0
+		.long 0x47e03d80 # implver $0
+		lda \$2,259
+		.long 0x47e20c21 # amask $2,$1
+		srl \$1,8,\$2
+		sll \$2,2,\$2
+		sll \$0,3,\$0
+		addl \$1,\$0,\$0
+		addl \$2,\$0,\$0
+		ret \$31,(\$26),1
+		.end main
+EOF
+		LIBC=""
+		$CC_FOR_BUILD $dummy.s -o $dummy 2>/dev/null
+		if test "$?" = 0 ; then
+			./$dummy
+			case "$?" in
+			7)
+				UNAME_MACHINE="alpha"
+				;;
+			15)
+				UNAME_MACHINE="alphaev5"
+				;;
+			14)
+				UNAME_MACHINE="alphaev56"
+				;;
+			10)
+				UNAME_MACHINE="alphapca56"
+				;;
+			16)
+				UNAME_MACHINE="alphaev6"
+				;;
+			esac
+
+			objdump --private-headers $dummy | \
+			  grep ld.so.1 > /dev/null
+			if test "$?" = 0 ; then
+				LIBC="libc1"
+			fi
+		fi
+		rm -f $dummy.s $dummy
+		echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} ; exit 0
+	elif test "${UNAME_MACHINE}" = "mips" ; then
+	  cat >$dummy.c <<EOF
+#ifdef __cplusplus
+	int main (int argc, char *argv[]) {
+#else
+	int main (argc, argv) int argc; char *argv[]; {
+#endif
+#ifdef __MIPSEB__
+  printf ("%s-unknown-linux-gnu\n", argv[1]);
+#endif
+#ifdef __MIPSEL__
+  printf ("%sel-unknown-linux-gnu\n", argv[1]);
+#endif
+  return 0;
+}
+EOF
+	  $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null && ./$dummy "${UNAME_MACHINE}" && rm $dummy.c $dummy && exit 0
+	  rm -f $dummy.c $dummy
+	else
+	  # Either a pre-BFD a.out linker (linux-gnuoldld)
+	  # or one that does not give us useful --help.
+	  # GCC wants to distinguish between linux-gnuoldld and linux-gnuaout.
+	  # If ld does not provide *any* "supported emulations:"
+	  # that means it is gnuoldld.
+	  echo "$ld_help_string" | grep >/dev/null 2>&1 "supported emulations:"
+	  test $? != 0 && echo "${UNAME_MACHINE}-pc-linux-gnuoldld" && exit 0
+
+	  case "${UNAME_MACHINE}" in
+	  i?86)
+	    VENDOR=pc;
+	    ;;
+	  *)
+	    VENDOR=unknown;
+	    ;;
+	  esac
+	  # Determine whether the default compiler is a.out or elf
+	  cat >$dummy.c <<EOF
+#include <features.h>
+#ifdef __cplusplus
+	int main (int argc, char *argv[]) {
+#else
+	int main (argc, argv) int argc; char *argv[]; {
+#endif
+#ifdef __ELF__
+# ifdef __GLIBC__
+#  if __GLIBC__ >= 2
+    printf ("%s-${VENDOR}-linux-gnu\n", argv[1]);
+#  else
+    printf ("%s-${VENDOR}-linux-gnulibc1\n", argv[1]);
+#  endif
+# else
+   printf ("%s-${VENDOR}-linux-gnulibc1\n", argv[1]);
+# endif
+#else
+  printf ("%s-${VENDOR}-linux-gnuaout\n", argv[1]);
+#endif
+  return 0;
+}
+EOF
+	  $CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null && ./$dummy "${UNAME_MACHINE}" && rm $dummy.c $dummy && exit 0
+	  rm -f $dummy.c $dummy
+	fi ;;
+# ptx 4.0 does uname -s correctly, with DYNIX/ptx in there.  earlier versions
+# are messed up and put the nodename in both sysname and nodename.
+    i?86:DYNIX/ptx:4*:*)
+	echo i386-sequent-sysv4
+	exit 0 ;;
+    i?86:UNIX_SV:4.2MP:2.*)
+        # Unixware is an offshoot of SVR4, but it has its own version
+        # number series starting with 2...
+        # I am not positive that other SVR4 systems won't match this,
+	# I just have to hope.  -- rms.
+        # Use sysv4.2uw... so that sysv4* matches it.
+	echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION}
+	exit 0 ;;
+    i?86:*:4.*:* | i?86:SYSTEM_V:4.*:*)
+	UNAME_REL=`echo ${UNAME_RELEASE} | sed 's/\/MP$//'`
+	if grep Novell /usr/include/link.h >/dev/null 2>/dev/null; then
+		echo ${UNAME_MACHINE}-univel-sysv${UNAME_REL}
+	else
+		echo ${UNAME_MACHINE}-pc-sysv${UNAME_REL}
+	fi
+	exit 0 ;;
+    i?86:*:5:7*)
+        # Fixed at (any) Pentium or better
+        UNAME_MACHINE=i586
+        if [ ${UNAME_SYSTEM} = "UnixWare" ] ; then
+	    echo ${UNAME_MACHINE}-sco-sysv${UNAME_RELEASE}uw${UNAME_VERSION}
+	else
+	    echo ${UNAME_MACHINE}-pc-sysv${UNAME_RELEASE}
+	fi
+	exit 0 ;;
+    i?86:*:3.2:*)
+	if test -f /usr/options/cb.name; then
+		UNAME_REL=`sed -n 's/.*Version //p' </usr/options/cb.name`
+		echo ${UNAME_MACHINE}-pc-isc$UNAME_REL
+	elif /bin/uname -X 2>/dev/null >/dev/null ; then
+		UNAME_REL=`(/bin/uname -X|egrep Release|sed -e 's/.*= //')`
+		(/bin/uname -X|egrep i80486 >/dev/null) && UNAME_MACHINE=i486
+		(/bin/uname -X|egrep '^Machine.*Pentium' >/dev/null) \
+			&& UNAME_MACHINE=i586
+		(/bin/uname -X|egrep '^Machine.*Pent ?II' >/dev/null) \
+			&& UNAME_MACHINE=i686
+		(/bin/uname -X|egrep '^Machine.*Pentium Pro' >/dev/null) \
+			&& UNAME_MACHINE=i686
+		echo ${UNAME_MACHINE}-pc-sco$UNAME_REL
+	else
+		echo ${UNAME_MACHINE}-pc-sysv32
+	fi
+	exit 0 ;;
+    pc:*:*:*)
+        # uname -m prints for DJGPP always 'pc', but it prints nothing about
+        # the processor, so we play safe by assuming i386.
+	echo i386-pc-msdosdjgpp
+        exit 0 ;;
+    Intel:Mach:3*:*)
+	echo i386-pc-mach3
+	exit 0 ;;
+    paragon:*:*:*)
+	echo i860-intel-osf1
+	exit 0 ;;
+    i860:*:4.*:*) # i860-SVR4
+	if grep Stardent /usr/include/sys/uadmin.h >/dev/null 2>&1 ; then
+	  echo i860-stardent-sysv${UNAME_RELEASE} # Stardent Vistra i860-SVR4
+	else # Add other i860-SVR4 vendors below as they are discovered.
+	  echo i860-unknown-sysv${UNAME_RELEASE}  # Unknown i860-SVR4
+	fi
+	exit 0 ;;
+    mini*:CTIX:SYS*5:*)
+	# "miniframe"
+	echo m68010-convergent-sysv
+	exit 0 ;;
+    M68*:*:R3V[567]*:*)
+	test -r /sysV68 && echo 'm68k-motorola-sysv' && exit 0 ;;
+    3[34]??:*:4.0:3.0 | 3[34]??,*:*:4.0:3.0 | 4850:*:4.0:3.0)
+	OS_REL=''
+	test -r /etc/.relid \
+	&& OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid`
+	/bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+	  && echo i486-ncr-sysv4.3${OS_REL} && exit 0
+	/bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \
+	  && echo i586-ncr-sysv4.3${OS_REL} && exit 0 ;;
+    3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*)
+        /bin/uname -p 2>/dev/null | grep 86 >/dev/null \
+          && echo i486-ncr-sysv4 && exit 0 ;;
+    m68*:LynxOS:2.*:*)
+	echo m68k-unknown-lynxos${UNAME_RELEASE}
+	exit 0 ;;
+    mc68030:UNIX_System_V:4.*:*)
+	echo m68k-atari-sysv4
+	exit 0 ;;
+    i?86:LynxOS:2.*:* | i?86:LynxOS:3.[01]*:*)
+	echo i386-unknown-lynxos${UNAME_RELEASE}
+	exit 0 ;;
+    TSUNAMI:LynxOS:2.*:*)
+	echo sparc-unknown-lynxos${UNAME_RELEASE}
+	exit 0 ;;
+    rs6000:LynxOS:2.*:* | PowerPC:LynxOS:2.*:*)
+	echo rs6000-unknown-lynxos${UNAME_RELEASE}
+	exit 0 ;;
+    SM[BE]S:UNIX_SV:*:*)
+	echo mips-dde-sysv${UNAME_RELEASE}
+	exit 0 ;;
+    RM*:ReliantUNIX-*:*:*)
+	echo mips-sni-sysv4
+	exit 0 ;;
+    RM*:SINIX-*:*:*)
+	echo mips-sni-sysv4
+	exit 0 ;;
+    *:SINIX-*:*:*)
+	if uname -p 2>/dev/null >/dev/null ; then
+		UNAME_MACHINE=`(uname -p) 2>/dev/null`
+		echo ${UNAME_MACHINE}-sni-sysv4
+	else
+		echo ns32k-sni-sysv
+	fi
+	exit 0 ;;
+    PENTIUM:CPunix:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort
+                           # says <Richard.M.Bartel at ccMail.Census.GOV>
+        echo i586-unisys-sysv4
+        exit 0 ;;
+    *:UNIX_System_V:4*:FTX*)
+	# From Gerald Hewes <hewes at openmarket.com>.
+	# How about differentiating between stratus architectures? -djm
+	echo hppa1.1-stratus-sysv4
+	exit 0 ;;
+    *:*:*:FTX*)
+	# From seanf at swdc.stratus.com.
+	echo i860-stratus-sysv4
+	exit 0 ;;
+    mc68*:A/UX:*:*)
+	echo m68k-apple-aux${UNAME_RELEASE}
+	exit 0 ;;
+    news*:NEWS-OS:*:6*)
+	echo mips-sony-newsos6
+	exit 0 ;;
+    R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*)
+	if [ -d /usr/nec ]; then
+	        echo mips-nec-sysv${UNAME_RELEASE}
+	else
+	        echo mips-unknown-sysv${UNAME_RELEASE}
+	fi
+        exit 0 ;;
+    BeBox:BeOS:*:*)	# BeOS running on hardware made by Be, PPC only.
+	echo powerpc-be-beos
+	exit 0 ;;
+    BeMac:BeOS:*:*)	# BeOS running on Mac or Mac clone, PPC only.
+	echo powerpc-apple-beos
+	exit 0 ;;
+    BePC:BeOS:*:*)	# BeOS running on Intel PC compatible.
+	echo i586-pc-beos
+	exit 0 ;;
+    SX-4:SUPER-UX:*:*)
+	echo sx4-nec-superux${UNAME_RELEASE}
+	exit 0 ;;
+    SX-5:SUPER-UX:*:*)
+	echo sx5-nec-superux${UNAME_RELEASE}
+	exit 0 ;;
+    Power*:Rhapsody:*:*)
+	echo powerpc-apple-rhapsody${UNAME_RELEASE}
+	exit 0 ;;
+    *:Rhapsody:*:*)
+	echo ${UNAME_MACHINE}-apple-rhapsody${UNAME_RELEASE}
+	exit 0 ;;
+    *:QNX:*:4*)
+	echo i386-qnx-qnx${UNAME_VERSION}
+	exit 0 ;;
+esac
+
+#echo '(No uname command or uname output not recognized.)' 1>&2
+#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2
+
+cat >$dummy.c <<EOF
+#ifdef _SEQUENT_
+# include <sys/types.h>
+# include <sys/utsname.h>
+#endif
+main ()
+{
+#if defined (sony)
+#if defined (MIPSEB)
+  /* BFD wants "bsd" instead of "newsos".  Perhaps BFD should be changed,
+     I don't know....  */
+  printf ("mips-sony-bsd\n"); exit (0);
+#else
+#include <sys/param.h>
+  printf ("m68k-sony-newsos%s\n",
+#ifdef NEWSOS4
+          "4"
+#else
+	  ""
+#endif
+         ); exit (0);
+#endif
+#endif
+
+#if defined (__arm) && defined (__acorn) && defined (__unix)
+  printf ("arm-acorn-riscix"); exit (0);
+#endif
+
+#if defined (hp300) && !defined (hpux)
+  printf ("m68k-hp-bsd\n"); exit (0);
+#endif
+
+#if defined (NeXT)
+#if !defined (__ARCHITECTURE__)
+#define __ARCHITECTURE__ "m68k"
+#endif
+  int version;
+  version=`(hostinfo | sed -n 's/.*NeXT Mach \([0-9]*\).*/\1/p') 2>/dev/null`;
+  if (version < 4)
+    printf ("%s-next-nextstep%d\n", __ARCHITECTURE__, version);
+  else
+    printf ("%s-next-openstep%d\n", __ARCHITECTURE__, version);
+  exit (0);
+#endif
+
+#if defined (MULTIMAX) || defined (n16)
+#if defined (UMAXV)
+  printf ("ns32k-encore-sysv\n"); exit (0);
+#else
+#if defined (CMU)
+  printf ("ns32k-encore-mach\n"); exit (0);
+#else
+  printf ("ns32k-encore-bsd\n"); exit (0);
+#endif
+#endif
+#endif
+
+#if defined (__386BSD__)
+  printf ("i386-pc-bsd\n"); exit (0);
+#endif
+
+#if defined (sequent)
+#if defined (i386)
+  printf ("i386-sequent-dynix\n"); exit (0);
+#endif
+#if defined (ns32000)
+  printf ("ns32k-sequent-dynix\n"); exit (0);
+#endif
+#endif
+
+#if defined (_SEQUENT_)
+    struct utsname un;
+
+    uname(&un);
+
+    if (strncmp(un.version, "V2", 2) == 0) {
+	printf ("i386-sequent-ptx2\n"); exit (0);
+    }
+    if (strncmp(un.version, "V1", 2) == 0) { /* XXX is V1 correct? */
+	printf ("i386-sequent-ptx1\n"); exit (0);
+    }
+    printf ("i386-sequent-ptx\n"); exit (0);
+
+#endif
+
+#if defined (vax)
+#if !defined (ultrix)
+  printf ("vax-dec-bsd\n"); exit (0);
+#else
+  printf ("vax-dec-ultrix\n"); exit (0);
+#endif
+#endif
+
+#if defined (alliant) && defined (i860)
+  printf ("i860-alliant-bsd\n"); exit (0);
+#endif
+
+  exit (1);
+}
+EOF
+
+$CC_FOR_BUILD $dummy.c -o $dummy 2>/dev/null && ./$dummy && rm $dummy.c $dummy && exit 0
+rm -f $dummy.c $dummy
+
+# Apollos put the system type in the environment.
+
+test -d /usr/apollo && { echo ${ISP}-apollo-${SYSTYPE}; exit 0; }
+
+# Convex versions that predate uname can use getsysinfo(1)
+
+if [ -x /usr/convex/getsysinfo ]
+then
+    case `getsysinfo -f cpu_type` in
+    c1*)
+	echo c1-convex-bsd
+	exit 0 ;;
+    c2*)
+	if getsysinfo -f scalar_acc
+	then echo c32-convex-bsd
+	else echo c2-convex-bsd
+	fi
+	exit 0 ;;
+    c34*)
+	echo c34-convex-bsd
+	exit 0 ;;
+    c38*)
+	echo c38-convex-bsd
+	exit 0 ;;
+    c4*)
+	echo c4-convex-bsd
+	exit 0 ;;
+    esac
+fi
+
+#echo '(Unable to guess system type)' 1>&2
+
+exit 1
diff --git a/external/privoxy/pcre/config.h b/external/privoxy/pcre/config.h
new file mode 100644
index 0000000..c767cbb
--- /dev/null
+++ b/external/privoxy/pcre/config.h
@@ -0,0 +1,5 @@
+
+/* For Privoxy, we just use Privoxy's config.h */
+
+#include "../config.h"
+
diff --git a/external/privoxy/pcre/config.in b/external/privoxy/pcre/config.in
new file mode 100644
index 0000000..02f4259
--- /dev/null
+++ b/external/privoxy/pcre/config.in
@@ -0,0 +1,33 @@
+
+/* On Unix systems config.in is converted by configure into config.h. PCRE is
+written in Standard C, but there are a few non-standard things it can cope
+with, allowing it to run on SunOS4 and other "close to standard" systems.
+
+On a non-Unix system you should just copy this file into config.h and change
+the definitions of HAVE_STRERROR and HAVE_MEMMOVE to 1. Unfortunately, because
+of the way autoconf works, these cannot be made the defaults. If your system
+has bcopy() and not memmove(), change the definition of HAVE_BCOPY instead of
+HAVE_MEMMOVE. If your system has neither bcopy() nor memmove(), leave them both
+as 0; an emulation function will be used. */
+
+/* Define to empty if the keyword does not work. */
+
+#undef const
+
+/* Define to `unsigned' if <stddef.h> doesn't define size_t. */
+
+#undef size_t
+
+/* The following two definitions are mainly for the benefit of SunOS4, which
+doesn't have the strerror() or memmove() functions that should be present in
+all Standard C libraries. The macros HAVE_STRERROR and HAVE_MEMMOVE should
+normally be defined with the value 1 for other systems, but unfortunately we
+can't make this the default because "configure" files generated by autoconf
+will only change 0 to 1; they won't change 1 to 0 if the functions are not
+found. If HAVE_MEMMOVE is set to 1, the value of HAVE_BCOPY is not relevant. */
+
+#define HAVE_STRERROR 0
+#define HAVE_MEMMOVE  0
+#define HAVE_BCOPY    0
+
+/* End */
diff --git a/external/privoxy/pcre/config.sub b/external/privoxy/pcre/config.sub
new file mode 100644
index 0000000..28426bb
--- /dev/null
+++ b/external/privoxy/pcre/config.sub
@@ -0,0 +1,1232 @@
+#! /bin/sh
+# Configuration validation subroutine script, version 1.1.
+#   Copyright (C) 1991, 92-97, 1998, 1999 Free Software Foundation, Inc.
+# This file is (in principle) common to ALL GNU software.
+# The presence of a machine in this file suggests that SOME GNU software
+# can handle that machine.  It does not imply ALL GNU software can.
+#
+# This file is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330,
+# Boston, MA 02111-1307, USA.
+
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# Configuration subroutine to validate and canonicalize a configuration type.
+# Supply the specified configuration type as an argument.
+# If it is invalid, we print an error message on stderr and exit with code 1.
+# Otherwise, we print the canonical config type on stdout and succeed.
+
+# This file is supposed to be the same for all GNU packages
+# and recognize all the CPU types, system types and aliases
+# that are meaningful with *any* GNU software.
+# Each package is responsible for reporting which valid configurations
+# it does not support.  The user should be able to distinguish
+# a failure to support a valid configuration from a meaningless
+# configuration.
+
+# The goal of this file is to map all the various variations of a given
+# machine specification into a single specification in the form:
+#	CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM
+# or in some cases, the newer four-part form:
+#	CPU_TYPE-MANUFACTURER-KERNEL-OPERATING_SYSTEM
+# It is wrong to echo any other type of specification.
+
+if [ x$1 = x ]
+then
+	echo Configuration name missing. 1>&2
+	echo "Usage: $0 CPU-MFR-OPSYS" 1>&2
+	echo "or     $0 ALIAS" 1>&2
+	echo where ALIAS is a recognized configuration type. 1>&2
+	exit 1
+fi
+
+# First pass through any local machine types.
+case $1 in
+	*local*)
+		echo $1
+		exit 0
+		;;
+	*)
+	;;
+esac
+
+# Separate what the user gave into CPU-COMPANY and OS or KERNEL-OS (if any).
+# Here we must recognize all the valid KERNEL-OS combinations.
+maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'`
+case $maybe_os in
+  linux-gnu*)
+    os=-$maybe_os
+    basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`
+    ;;
+  *)
+    basic_machine=`echo $1 | sed 's/-[^-]*$//'`
+    if [ $basic_machine != $1 ]
+    then os=`echo $1 | sed 's/.*-/-/'`
+    else os=; fi
+    ;;
+esac
+
+### Let's recognize common machines as not being operating systems so
+### that things like config.sub decstation-3100 work.  We also
+### recognize some manufacturers as not being operating systems, so we
+### can provide default operating systems below.
+case $os in
+	-sun*os*)
+		# Prevent following clause from handling this invalid input.
+		;;
+	-dec* | -mips* | -sequent* | -encore* | -pc532* | -sgi* | -sony* | \
+	-att* | -7300* | -3300* | -delta* | -motorola* | -sun[234]* | \
+	-unicom* | -ibm* | -next | -hp | -isi* | -apollo | -altos* | \
+	-convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\
+	-c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \
+	-harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \
+	-apple)
+		os=
+		basic_machine=$1
+		;;
+	-sim | -cisco | -oki | -wec | -winbond)
+		os=
+		basic_machine=$1
+		;;
+	-scout)
+		;;
+	-wrs)
+		os=-vxworks
+		basic_machine=$1
+		;;
+	-hiux*)
+		os=-hiuxwe2
+		;;
+	-sco5)
+		os=-sco3.2v5
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-sco4)
+		os=-sco3.2v4
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-sco3.2.[4-9]*)
+		os=`echo $os | sed -e 's/sco3.2./sco3.2v/'`
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-sco3.2v[4-9]*)
+		# Don't forget version if it is 3.2v4 or newer.
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-sco*)
+		os=-sco3.2v2
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-udk*)
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-isc)
+		os=-isc2.2
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-clix*)
+		basic_machine=clipper-intergraph
+		;;
+	-isc*)
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'`
+		;;
+	-lynx*)
+		os=-lynxos
+		;;
+	-ptx*)
+		basic_machine=`echo $1 | sed -e 's/86-.*/86-sequent/'`
+		;;
+	-windowsnt*)
+		os=`echo $os | sed -e 's/windowsnt/winnt/'`
+		;;
+	-psos*)
+		os=-psos
+		;;
+	-mint | -mint[0-9]*)
+		basic_machine=m68k-atari
+		os=-mint
+		;;
+esac
+
+# Decode aliases for certain CPU-COMPANY combinations.
+case $basic_machine in
+	# Recognize the basic CPU types without company name.
+	# Some are omitted here because they have special meanings below.
+	tahoe | i860 | ia64 | m32r | m68k | m68000 | m88k | ns32k | arc | arm \
+		| arme[lb] | pyramid | mn10200 | mn10300 | tron | a29k \
+		| 580 | i960 | h8300 \
+		| hppa | hppa1.0 | hppa1.1 | hppa2.0 | hppa2.0w | hppa2.0n \
+		| alpha | alphaev[4-7] | alphaev56 | alphapca5[67] \
+		| we32k | ns16k | clipper | i370 | sh | powerpc | powerpcle \
+		| 1750a | dsp16xx | pdp11 | mips16 | mips64 | mipsel | mips64el \
+		| mips64orion | mips64orionel | mipstx39 | mipstx39el \
+		| mips64vr4300 | mips64vr4300el | mips64vr4100 | mips64vr4100el \
+		| mips64vr5000 | miprs64vr5000el | mcore \
+		| sparc | sparclet | sparclite | sparc64 | sparcv9 | v850 | c4x \
+		| thumb | d10v | fr30)
+		basic_machine=$basic_machine-unknown
+		;;
+	m88110 | m680[12346]0 | m683?2 | m68360 | m5200 | z8k | v70 | h8500 | w65 | pj | pjl)
+		;;
+
+	# We use `pc' rather than `unknown'
+	# because (1) that's what they normally are, and
+	# (2) the word "unknown" tends to confuse beginning users.
+	i[34567]86)
+	  basic_machine=$basic_machine-pc
+	  ;;
+	# Object if more than one company name word.
+	*-*-*)
+		echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
+		exit 1
+		;;
+	# Recognize the basic CPU types with company name.
+	# FIXME: clean up the formatting here.
+	vax-* | tahoe-* | i[34567]86-* | i860-* | ia64-* | m32r-* | m68k-* | m68000-* \
+	      | m88k-* | sparc-* | ns32k-* | fx80-* | arc-* | arm-* | c[123]* \
+	      | mips-* | pyramid-* | tron-* | a29k-* | romp-* | rs6000-* \
+	      | power-* | none-* | 580-* | cray2-* | h8300-* | h8500-* | i960-* \
+	      | xmp-* | ymp-* \
+	      | hppa-* | hppa1.0-* | hppa1.1-* | hppa2.0-* | hppa2.0w-* | hppa2.0n-* \
+	      | alpha-* | alphaev[4-7]-* | alphaev56-* | alphapca5[67]-* \
+	      | we32k-* | cydra-* | ns16k-* | pn-* | np1-* | xps100-* \
+	      | clipper-* | orion-* \
+	      | sparclite-* | pdp11-* | sh-* | powerpc-* | powerpcle-* \
+	      | sparc64-* | sparcv9-* | sparc86x-* | mips16-* | mips64-* | mipsel-* \
+	      | mips64el-* | mips64orion-* | mips64orionel-* \
+	      | mips64vr4100-* | mips64vr4100el-* | mips64vr4300-* | mips64vr4300el-* \
+	      | mipstx39-* | mipstx39el-* | mcore-* \
+	      | f301-* | armv*-* | t3e-* \
+	      | m88110-* | m680[01234]0-* | m683?2-* | m68360-* | z8k-* | d10v-* \
+	      | thumb-* | v850-* | d30v-* | tic30-* | c30-* | fr30-* )
+		;;
+	# Recognize the various machine names and aliases which stand
+	# for a CPU type and a company and sometimes even an OS.
+	386bsd)
+		basic_machine=i386-unknown
+		os=-bsd
+		;;
+	3b1 | 7300 | 7300-att | att-7300 | pc7300 | safari | unixpc)
+		basic_machine=m68000-att
+		;;
+	3b*)
+		basic_machine=we32k-att
+		;;
+	a29khif)
+		basic_machine=a29k-amd
+		os=-udi
+		;;
+	adobe68k)
+		basic_machine=m68010-adobe
+		os=-scout
+		;;
+	alliant | fx80)
+		basic_machine=fx80-alliant
+		;;
+	altos | altos3068)
+		basic_machine=m68k-altos
+		;;
+	am29k)
+		basic_machine=a29k-none
+		os=-bsd
+		;;
+	amdahl)
+		basic_machine=580-amdahl
+		os=-sysv
+		;;
+	amiga | amiga-*)
+		basic_machine=m68k-cbm
+		;;
+	amigaos | amigados)
+		basic_machine=m68k-cbm
+		os=-amigaos
+		;;
+	amigaunix | amix)
+		basic_machine=m68k-cbm
+		os=-sysv4
+		;;
+	apollo68)
+		basic_machine=m68k-apollo
+		os=-sysv
+		;;
+	apollo68bsd)
+		basic_machine=m68k-apollo
+		os=-bsd
+		;;
+	aux)
+		basic_machine=m68k-apple
+		os=-aux
+		;;
+	balance)
+		basic_machine=ns32k-sequent
+		os=-dynix
+		;;
+	convex-c1)
+		basic_machine=c1-convex
+		os=-bsd
+		;;
+	convex-c2)
+		basic_machine=c2-convex
+		os=-bsd
+		;;
+	convex-c32)
+		basic_machine=c32-convex
+		os=-bsd
+		;;
+	convex-c34)
+		basic_machine=c34-convex
+		os=-bsd
+		;;
+	convex-c38)
+		basic_machine=c38-convex
+		os=-bsd
+		;;
+	cray | ymp)
+		basic_machine=ymp-cray
+		os=-unicos
+		;;
+	cray2)
+		basic_machine=cray2-cray
+		os=-unicos
+		;;
+	[ctj]90-cray)
+		basic_machine=c90-cray
+		os=-unicos
+		;;
+	crds | unos)
+		basic_machine=m68k-crds
+		;;
+	da30 | da30-*)
+		basic_machine=m68k-da30
+		;;
+	decstation | decstation-3100 | pmax | pmax-* | pmin | dec3100 | decstatn)
+		basic_machine=mips-dec
+		;;
+	delta | 3300 | motorola-3300 | motorola-delta \
+	      | 3300-motorola | delta-motorola)
+		basic_machine=m68k-motorola
+		;;
+	delta88)
+		basic_machine=m88k-motorola
+		os=-sysv3
+		;;
+	dpx20 | dpx20-*)
+		basic_machine=rs6000-bull
+		os=-bosx
+		;;
+	dpx2* | dpx2*-bull)
+		basic_machine=m68k-bull
+		os=-sysv3
+		;;
+	ebmon29k)
+		basic_machine=a29k-amd
+		os=-ebmon
+		;;
+	elxsi)
+		basic_machine=elxsi-elxsi
+		os=-bsd
+		;;
+	encore | umax | mmax)
+		basic_machine=ns32k-encore
+		;;
+	es1800 | OSE68k | ose68k | ose | OSE)
+		basic_machine=m68k-ericsson
+		os=-ose
+		;;
+	fx2800)
+		basic_machine=i860-alliant
+		;;
+	genix)
+		basic_machine=ns32k-ns
+		;;
+	gmicro)
+		basic_machine=tron-gmicro
+		os=-sysv
+		;;
+	h3050r* | hiux*)
+		basic_machine=hppa1.1-hitachi
+		os=-hiuxwe2
+		;;
+	h8300hms)
+		basic_machine=h8300-hitachi
+		os=-hms
+		;;
+	h8300xray)
+		basic_machine=h8300-hitachi
+		os=-xray
+		;;
+	h8500hms)
+		basic_machine=h8500-hitachi
+		os=-hms
+		;;
+	harris)
+		basic_machine=m88k-harris
+		os=-sysv3
+		;;
+	hp300-*)
+		basic_machine=m68k-hp
+		;;
+	hp300bsd)
+		basic_machine=m68k-hp
+		os=-bsd
+		;;
+	hp300hpux)
+		basic_machine=m68k-hp
+		os=-hpux
+		;;
+	hp3k9[0-9][0-9] | hp9[0-9][0-9])
+		basic_machine=hppa1.0-hp
+		;;
+	hp9k2[0-9][0-9] | hp9k31[0-9])
+		basic_machine=m68000-hp
+		;;
+	hp9k3[2-9][0-9])
+		basic_machine=m68k-hp
+		;;
+	hp9k6[0-9][0-9] | hp6[0-9][0-9])
+		basic_machine=hppa1.0-hp
+		;;
+	hp9k7[0-79][0-9] | hp7[0-79][0-9])
+		basic_machine=hppa1.1-hp
+		;;
+	hp9k78[0-9] | hp78[0-9])
+		# FIXME: really hppa2.0-hp
+		basic_machine=hppa1.1-hp
+		;;
+	hp9k8[67]1 | hp8[67]1 | hp9k80[24] | hp80[24] | hp9k8[78]9 | hp8[78]9 | hp9k893 | hp893)
+		# FIXME: really hppa2.0-hp
+		basic_machine=hppa1.1-hp
+		;;
+	hp9k8[0-9][13679] | hp8[0-9][13679])
+		basic_machine=hppa1.1-hp
+		;;
+	hp9k8[0-9][0-9] | hp8[0-9][0-9])
+		basic_machine=hppa1.0-hp
+		;;
+	hppa-next)
+		os=-nextstep3
+		;;
+	hppaosf)
+		basic_machine=hppa1.1-hp
+		os=-osf
+		;;
+	hppro)
+		basic_machine=hppa1.1-hp
+		os=-proelf
+		;;
+	i370-ibm* | ibm*)
+		basic_machine=i370-ibm
+		;;
+# I'm not sure what "Sysv32" means.  Should this be sysv3.2?
+	i[34567]86v32)
+		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+		os=-sysv32
+		;;
+	i[34567]86v4*)
+		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+		os=-sysv4
+		;;
+	i[34567]86v)
+		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+		os=-sysv
+		;;
+	i[34567]86sol2)
+		basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'`
+		os=-solaris2
+		;;
+	i386mach)
+		basic_machine=i386-mach
+		os=-mach
+		;;
+	i386-vsta | vsta)
+		basic_machine=i386-unknown
+		os=-vsta
+		;;
+	i386-go32 | go32)
+		basic_machine=i386-unknown
+		os=-go32
+		;;
+	i386-mingw32 | mingw32)
+		basic_machine=i386-unknown
+		os=-mingw32
+		;;
+	i386-qnx | qnx)
+		basic_machine=i386-qnx
+		;;
+	iris | iris4d)
+		basic_machine=mips-sgi
+		case $os in
+		    -irix*)
+			;;
+		    *)
+			os=-irix4
+			;;
+		esac
+		;;
+	isi68 | isi)
+		basic_machine=m68k-isi
+		os=-sysv
+		;;
+	m88k-omron*)
+		basic_machine=m88k-omron
+		;;
+	magnum | m3230)
+		basic_machine=mips-mips
+		os=-sysv
+		;;
+	merlin)
+		basic_machine=ns32k-utek
+		os=-sysv
+		;;
+	miniframe)
+		basic_machine=m68000-convergent
+		;;
+	*mint | -mint[0-9]* | *MiNT | *MiNT[0-9]*)
+		basic_machine=m68k-atari
+		os=-mint
+		;;
+	mipsel*-linux*)
+		basic_machine=mipsel-unknown
+		os=-linux-gnu
+		;;
+	mips*-linux*)
+		basic_machine=mips-unknown
+		os=-linux-gnu
+		;;
+	mips3*-*)
+		basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`
+		;;
+	mips3*)
+		basic_machine=`echo $basic_machine | sed -e 's/mips3/mips64/'`-unknown
+		;;
+	monitor)
+		basic_machine=m68k-rom68k
+		os=-coff
+		;;
+	msdos)
+		basic_machine=i386-unknown
+		os=-msdos
+		;;
+	mvs)
+		basic_machine=i370-ibm
+		os=-mvs
+		;;
+	ncr3000)
+		basic_machine=i486-ncr
+		os=-sysv4
+		;;
+	netbsd386)
+		basic_machine=i386-unknown
+		os=-netbsd
+		;;
+	netwinder)
+		basic_machine=armv4l-rebel
+		os=-linux
+		;;
+	news | news700 | news800 | news900)
+		basic_machine=m68k-sony
+		os=-newsos
+		;;
+	news1000)
+		basic_machine=m68030-sony
+		os=-newsos
+		;;
+	news-3600 | risc-news)
+		basic_machine=mips-sony
+		os=-newsos
+		;;
+	necv70)
+		basic_machine=v70-nec
+		os=-sysv
+		;;
+	next | m*-next )
+		basic_machine=m68k-next
+		case $os in
+		    -nextstep* )
+			;;
+		    -ns2*)
+		      os=-nextstep2
+			;;
+		    *)
+		      os=-nextstep3
+			;;
+		esac
+		;;
+	nh3000)
+		basic_machine=m68k-harris
+		os=-cxux
+		;;
+	nh[45]000)
+		basic_machine=m88k-harris
+		os=-cxux
+		;;
+	nindy960)
+		basic_machine=i960-intel
+		os=-nindy
+		;;
+	mon960)
+		basic_machine=i960-intel
+		os=-mon960
+		;;
+	np1)
+		basic_machine=np1-gould
+		;;
+	op50n-* | op60c-*)
+		basic_machine=hppa1.1-oki
+		os=-proelf
+		;;
+	OSE68000 | ose68000)
+		basic_machine=m68000-ericsson
+		os=-ose
+		;;
+	os68k)
+		basic_machine=m68k-none
+		os=-os68k
+		;;
+	pa-hitachi)
+		basic_machine=hppa1.1-hitachi
+		os=-hiuxwe2
+		;;
+	paragon)
+		basic_machine=i860-intel
+		os=-osf
+		;;
+	pbd)
+		basic_machine=sparc-tti
+		;;
+	pbb)
+		basic_machine=m68k-tti
+		;;
+        pc532 | pc532-*)
+		basic_machine=ns32k-pc532
+		;;
+	pentium | p5 | k5 | k6 | nexen)
+		basic_machine=i586-pc
+		;;
+	pentiumpro | p6 | 6x86)
+		basic_machine=i686-pc
+		;;
+	pentiumii | pentium2)
+		basic_machine=i786-pc
+		;;
+	pentium-* | p5-* | k5-* | k6-* | nexen-*)
+		basic_machine=i586-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	pentiumpro-* | p6-* | 6x86-*)
+		basic_machine=i686-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	pentiumii-* | pentium2-*)
+		basic_machine=i786-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	pn)
+		basic_machine=pn-gould
+		;;
+	power)	basic_machine=rs6000-ibm
+		;;
+	ppc)	basic_machine=powerpc-unknown
+	        ;;
+	ppc-*)	basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	ppcle | powerpclittle | ppc-le | powerpc-little)
+		basic_machine=powerpcle-unknown
+	        ;;
+	ppcle-* | powerpclittle-*)
+		basic_machine=powerpcle-`echo $basic_machine | sed 's/^[^-]*-//'`
+		;;
+	ps2)
+		basic_machine=i386-ibm
+		;;
+	rom68k)
+		basic_machine=m68k-rom68k
+		os=-coff
+		;;
+	rm[46]00)
+		basic_machine=mips-siemens
+		;;
+	rtpc | rtpc-*)
+		basic_machine=romp-ibm
+		;;
+	sa29200)
+		basic_machine=a29k-amd
+		os=-udi
+		;;
+	sequent)
+		basic_machine=i386-sequent
+		;;
+	sh)
+		basic_machine=sh-hitachi
+		os=-hms
+		;;
+	sparclite-wrs)
+		basic_machine=sparclite-wrs
+		os=-vxworks
+		;;
+	sps7)
+		basic_machine=m68k-bull
+		os=-sysv2
+		;;
+	spur)
+		basic_machine=spur-unknown
+		;;
+	st2000)
+		basic_machine=m68k-tandem
+		;;
+	stratus)
+		basic_machine=i860-stratus
+		os=-sysv4
+		;;
+	sun2)
+		basic_machine=m68000-sun
+		;;
+	sun2os3)
+		basic_machine=m68000-sun
+		os=-sunos3
+		;;
+	sun2os4)
+		basic_machine=m68000-sun
+		os=-sunos4
+		;;
+	sun3os3)
+		basic_machine=m68k-sun
+		os=-sunos3
+		;;
+	sun3os4)
+		basic_machine=m68k-sun
+		os=-sunos4
+		;;
+	sun4os3)
+		basic_machine=sparc-sun
+		os=-sunos3
+		;;
+	sun4os4)
+		basic_machine=sparc-sun
+		os=-sunos4
+		;;
+	sun4sol2)
+		basic_machine=sparc-sun
+		os=-solaris2
+		;;
+	sun3 | sun3-*)
+		basic_machine=m68k-sun
+		;;
+	sun4)
+		basic_machine=sparc-sun
+		;;
+	sun386 | sun386i | roadrunner)
+		basic_machine=i386-sun
+		;;
+	symmetry)
+		basic_machine=i386-sequent
+		os=-dynix
+		;;
+	t3e)
+		basic_machine=t3e-cray
+		os=-unicos
+		;;
+	tx39)
+		basic_machine=mipstx39-unknown
+		;;
+	tx39el)
+		basic_machine=mipstx39el-unknown
+		;;
+	tower | tower-32)
+		basic_machine=m68k-ncr
+		;;
+	udi29k)
+		basic_machine=a29k-amd
+		os=-udi
+		;;
+	ultra3)
+		basic_machine=a29k-nyu
+		os=-sym1
+		;;
+	v810 | necv810)
+		basic_machine=v810-nec
+		os=-none
+		;;
+	vaxv)
+		basic_machine=vax-dec
+		os=-sysv
+		;;
+	vms)
+		basic_machine=vax-dec
+		os=-vms
+		;;
+	vpp*|vx|vx-*)
+               basic_machine=f301-fujitsu
+               ;;
+	vxworks960)
+		basic_machine=i960-wrs
+		os=-vxworks
+		;;
+	vxworks68)
+		basic_machine=m68k-wrs
+		os=-vxworks
+		;;
+	vxworks29k)
+		basic_machine=a29k-wrs
+		os=-vxworks
+		;;
+	w65*)
+		basic_machine=w65-wdc
+		os=-none
+		;;
+	w89k-*)
+		basic_machine=hppa1.1-winbond
+		os=-proelf
+		;;
+	xmp)
+		basic_machine=xmp-cray
+		os=-unicos
+		;;
+        xps | xps100)
+		basic_machine=xps100-honeywell
+		;;
+	z8k-*-coff)
+		basic_machine=z8k-unknown
+		os=-sim
+		;;
+	none)
+		basic_machine=none-none
+		os=-none
+		;;
+
+# Here we handle the default manufacturer of certain CPU types.  It is in
+# some cases the only manufacturer, in others, it is the most popular.
+	w89k)
+		basic_machine=hppa1.1-winbond
+		;;
+	op50n)
+		basic_machine=hppa1.1-oki
+		;;
+	op60c)
+		basic_machine=hppa1.1-oki
+		;;
+	mips)
+		if [ x$os = x-linux-gnu ]; then
+			basic_machine=mips-unknown
+		else
+			basic_machine=mips-mips
+		fi
+		;;
+	romp)
+		basic_machine=romp-ibm
+		;;
+	rs6000)
+		basic_machine=rs6000-ibm
+		;;
+	vax)
+		basic_machine=vax-dec
+		;;
+	pdp11)
+		basic_machine=pdp11-dec
+		;;
+	we32k)
+		basic_machine=we32k-att
+		;;
+	sparc | sparcv9)
+		basic_machine=sparc-sun
+		;;
+        cydra)
+		basic_machine=cydra-cydrome
+		;;
+	orion)
+		basic_machine=orion-highlevel
+		;;
+	orion105)
+		basic_machine=clipper-highlevel
+		;;
+	mac | mpw | mac-mpw)
+		basic_machine=m68k-apple
+		;;
+	pmac | pmac-mpw)
+		basic_machine=powerpc-apple
+		;;
+	c4x*)
+		basic_machine=c4x-none
+		os=-coff
+		;;
+	*)
+		echo Invalid configuration \`$1\': machine \`$basic_machine\' not recognized 1>&2
+		exit 1
+		;;
+esac
+
+# Here we canonicalize certain aliases for manufacturers.
+case $basic_machine in
+	*-digital*)
+		basic_machine=`echo $basic_machine | sed 's/digital.*/dec/'`
+		;;
+	*-commodore*)
+		basic_machine=`echo $basic_machine | sed 's/commodore.*/cbm/'`
+		;;
+	*)
+		;;
+esac
+
+# Decode manufacturer-specific aliases for certain operating systems.
+
+if [ x"$os" != x"" ]
+then
+case $os in
+        # First match some system type aliases
+        # that might get confused with valid system types.
+	# -solaris* is a basic system type, with this one exception.
+	-solaris1 | -solaris1.*)
+		os=`echo $os | sed -e 's|solaris1|sunos4|'`
+		;;
+	-solaris)
+		os=-solaris2
+		;;
+	-svr4*)
+		os=-sysv4
+		;;
+	-unixware*)
+		os=-sysv4.2uw
+		;;
+	-gnu/linux*)
+		os=`echo $os | sed -e 's|gnu/linux|linux-gnu|'`
+		;;
+	# First accept the basic system types.
+	# The portable systems comes first.
+	# Each alternative MUST END IN A *, to match a version number.
+	# -sysv* is not here because it comes later, after sysvr4.
+	-gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \
+	      | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\
+	      | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \
+	      | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \
+	      | -aos* \
+	      | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \
+	      | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \
+	      | -hiux* | -386bsd* | -netbsd* | -openbsd* | -freebsd* | -riscix* \
+	      | -lynxos* | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \
+	      | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \
+	      | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \
+	      | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \
+	      | -mingw32* | -linux-gnu* | -uxpv* | -beos* | -mpeix* | -udk* \
+	      | -interix* | -uwin* | -rhapsody* | -opened* | -openstep* | -oskit*)
+	# Remember, each alternative MUST END IN *, to match a version number.
+		;;
+	-sim | -es1800* | -hms* | -xray | -os68k* | -none* | -v88r* \
+	      | -windows* | -osx | -abug | -netware* | -os9* | -beos* \
+	      | -macos* | -mpw* | -magic* | -mon960* | -lnews*)
+		;;
+	-mac*)
+		os=`echo $os | sed -e 's|mac|macos|'`
+		;;
+	-linux*)
+		os=`echo $os | sed -e 's|linux|linux-gnu|'`
+		;;
+	-sunos5*)
+		os=`echo $os | sed -e 's|sunos5|solaris2|'`
+		;;
+	-sunos6*)
+		os=`echo $os | sed -e 's|sunos6|solaris3|'`
+		;;
+	-opened*)
+		os=-openedition
+		;;
+	-osfrose*)
+		os=-osfrose
+		;;
+	-osf*)
+		os=-osf
+		;;
+	-utek*)
+		os=-bsd
+		;;
+	-dynix*)
+		os=-bsd
+		;;
+	-acis*)
+		os=-aos
+		;;
+	-386bsd)
+		os=-bsd
+		;;
+	-ctix* | -uts*)
+		os=-sysv
+		;;
+	-ns2 )
+	        os=-nextstep2
+		;;
+	# Preserve the version number of sinix5.
+	-sinix5.*)
+		os=`echo $os | sed -e 's|sinix|sysv|'`
+		;;
+	-sinix*)
+		os=-sysv4
+		;;
+	-triton*)
+		os=-sysv3
+		;;
+	-oss*)
+		os=-sysv3
+		;;
+        -qnx)
+		os=-qnx4
+		;;
+	-svr4)
+		os=-sysv4
+		;;
+	-svr3)
+		os=-sysv3
+		;;
+	-sysvr4)
+		os=-sysv4
+		;;
+	# This must come after -sysvr4.
+	-sysv*)
+		;;
+	-ose*)
+		os=-ose
+		;;
+	-es1800*)
+		os=-ose
+		;;
+	-xenix)
+		os=-xenix
+		;;
+        -*mint | -*MiNT)
+	        os=-mint
+		;;
+	-none)
+		;;
+	*)
+		# Get rid of the `-' at the beginning of $os.
+		os=`echo $os | sed 's/[^-]*-//'`
+		echo Invalid configuration \`$1\': system \`$os\' not recognized 1>&2
+		exit 1
+		;;
+esac
+else
+
+# Here we handle the default operating systems that come with various machines.
+# The value should be what the vendor currently ships out the door with their
+# machine or put another way, the most popular os provided with the machine.
+
+# Note that if you're going to try to match "-MANUFACTURER" here (say,
+# "-sun"), then you have to tell the case statement up towards the top
+# that MANUFACTURER isn't an operating system.  Otherwise, code above
+# will signal an error saying that MANUFACTURER isn't an operating
+# system, and we'll never get to this point.
+
+case $basic_machine in
+	*-acorn)
+		os=-riscix1.2
+		;;
+	arm*-rebel)
+		os=-linux
+		;;
+	arm*-semi)
+		os=-aout
+		;;
+        pdp11-*)
+		os=-none
+		;;
+	*-dec | vax-*)
+		os=-ultrix4.2
+		;;
+	m68*-apollo)
+		os=-domain
+		;;
+	i386-sun)
+		os=-sunos4.0.2
+		;;
+	m68000-sun)
+		os=-sunos3
+		# This also exists in the configure program, but was not the
+		# default.
+		# os=-sunos4
+		;;
+	m68*-cisco)
+		os=-aout
+		;;
+	mips*-cisco)
+		os=-elf
+		;;
+	mips*-*)
+		os=-elf
+		;;
+	*-tti)	# must be before sparc entry or we get the wrong os.
+		os=-sysv3
+		;;
+	sparc-* | *-sun)
+		os=-sunos4.1.1
+		;;
+	*-be)
+		os=-beos
+		;;
+	*-ibm)
+		os=-aix
+		;;
+	*-wec)
+		os=-proelf
+		;;
+	*-winbond)
+		os=-proelf
+		;;
+	*-oki)
+		os=-proelf
+		;;
+	*-hp)
+		os=-hpux
+		;;
+	*-hitachi)
+		os=-hiux
+		;;
+	i860-* | *-att | *-ncr | *-altos | *-motorola | *-convergent)
+		os=-sysv
+		;;
+	*-cbm)
+		os=-amigaos
+		;;
+	*-dg)
+		os=-dgux
+		;;
+	*-dolphin)
+		os=-sysv3
+		;;
+	m68k-ccur)
+		os=-rtu
+		;;
+	m88k-omron*)
+		os=-luna
+		;;
+	*-next )
+		os=-nextstep
+		;;
+	*-sequent)
+		os=-ptx
+		;;
+	*-crds)
+		os=-unos
+		;;
+	*-ns)
+		os=-genix
+		;;
+	i370-*)
+		os=-mvs
+		;;
+	*-next)
+		os=-nextstep3
+		;;
+        *-gould)
+		os=-sysv
+		;;
+        *-highlevel)
+		os=-bsd
+		;;
+	*-encore)
+		os=-bsd
+		;;
+        *-sgi)
+		os=-irix
+		;;
+        *-siemens)
+		os=-sysv4
+		;;
+	*-masscomp)
+		os=-rtu
+		;;
+	f301-fujitsu)
+		os=-uxpv
+		;;
+	*-rom68k)
+		os=-coff
+		;;
+	*-*bug)
+		os=-coff
+		;;
+	*-apple)
+		os=-macos
+		;;
+	*-atari*)
+		os=-mint
+		;;
+	*)
+		os=-none
+		;;
+esac
+fi
+
+# Here we handle the case where we know the os, and the CPU type, but not the
+# manufacturer.  We pick the logical manufacturer.
+vendor=unknown
+case $basic_machine in
+	*-unknown)
+		case $os in
+			-riscix*)
+				vendor=acorn
+				;;
+			-sunos*)
+				vendor=sun
+				;;
+			-aix*)
+				vendor=ibm
+				;;
+			-beos*)
+				vendor=be
+				;;
+			-hpux*)
+				vendor=hp
+				;;
+			-mpeix*)
+				vendor=hp
+				;;
+			-hiux*)
+				vendor=hitachi
+				;;
+			-unos*)
+				vendor=crds
+				;;
+			-dgux*)
+				vendor=dg
+				;;
+			-luna*)
+				vendor=omron
+				;;
+			-genix*)
+				vendor=ns
+				;;
+			-mvs* | -opened*)
+				vendor=ibm
+				;;
+			-ptx*)
+				vendor=sequent
+				;;
+			-vxsim* | -vxworks*)
+				vendor=wrs
+				;;
+			-aux*)
+				vendor=apple
+				;;
+			-hms*)
+				vendor=hitachi
+				;;
+			-mpw* | -macos*)
+				vendor=apple
+				;;
+			-*mint | -*MiNT)
+				vendor=atari
+				;;
+		esac
+		basic_machine=`echo $basic_machine | sed "s/unknown/$vendor/"`
+		;;
+esac
+
+echo $basic_machine$os
diff --git a/external/privoxy/pcre/configure b/external/privoxy/pcre/configure
new file mode 100644
index 0000000..fbd3831
--- /dev/null
+++ b/external/privoxy/pcre/configure
@@ -0,0 +1,1568 @@
+#! /bin/sh
+
+# Guess values for system-dependent variables and create Makefiles.
+# Generated automatically using autoconf version 2.13 
+# Copyright (C) 1992, 93, 94, 95, 96 Free Software Foundation, Inc.
+#
+# This configure script is free software; the Free Software Foundation
+# gives unlimited permission to copy, distribute and modify it.
+
+# Defaults:
+ac_help=
+ac_default_prefix=/usr/local
+# Any additions from configure.in:
+ac_help="$ac_help
+  --disable-shared        build PCRE as a static library"
+ac_help="$ac_help
+  --enable-utf8           enable UTF8 support (incomplete)"
+
+# Initialize some variables set by options.
+# The variables have the same names as the options, with
+# dashes changed to underlines.
+build=NONE
+cache_file=./config.cache
+exec_prefix=NONE
+host=NONE
+no_create=
+nonopt=NONE
+no_recursion=
+prefix=NONE
+program_prefix=NONE
+program_suffix=NONE
+program_transform_name=s,x,x,
+silent=
+site=
+srcdir=
+target=NONE
+verbose=
+x_includes=NONE
+x_libraries=NONE
+bindir='${exec_prefix}/bin'
+sbindir='${exec_prefix}/sbin'
+libexecdir='${exec_prefix}/libexec'
+datadir='${prefix}/share'
+sysconfdir='${prefix}/etc'
+sharedstatedir='${prefix}/com'
+localstatedir='${prefix}/var'
+libdir='${exec_prefix}/lib'
+includedir='${prefix}/include'
+oldincludedir='/usr/include'
+infodir='${prefix}/info'
+mandir='${prefix}/man'
+
+# Initialize some other variables.
+subdirs=
+MFLAGS= MAKEFLAGS=
+SHELL=${CONFIG_SHELL-/bin/sh}
+# Maximum number of lines to put in a shell here document.
+ac_max_here_lines=12
+
+ac_prev=
+for ac_option
+do
+
+  # If the previous option needs an argument, assign it.
+  if test -n "$ac_prev"; then
+    eval "$ac_prev=\$ac_option"
+    ac_prev=
+    continue
+  fi
+
+  case "$ac_option" in
+  -*=*) ac_optarg=`echo "$ac_option" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
+  *) ac_optarg= ;;
+  esac
+
+  # Accept the important Cygnus configure options, so we can diagnose typos.
+
+  case "$ac_option" in
+
+  -bindir | --bindir | --bindi | --bind | --bin | --bi)
+    ac_prev=bindir ;;
+  -bindir=* | --bindir=* | --bindi=* | --bind=* | --bin=* | --bi=*)
+    bindir="$ac_optarg" ;;
+
+  -build | --build | --buil | --bui | --bu)
+    ac_prev=build ;;
+  -build=* | --build=* | --buil=* | --bui=* | --bu=*)
+    build="$ac_optarg" ;;
+
+  -cache-file | --cache-file | --cache-fil | --cache-fi \
+  | --cache-f | --cache- | --cache | --cach | --cac | --ca | --c)
+    ac_prev=cache_file ;;
+  -cache-file=* | --cache-file=* | --cache-fil=* | --cache-fi=* \
+  | --cache-f=* | --cache-=* | --cache=* | --cach=* | --cac=* | --ca=* | --c=*)
+    cache_file="$ac_optarg" ;;
+
+  -datadir | --datadir | --datadi | --datad | --data | --dat | --da)
+    ac_prev=datadir ;;
+  -datadir=* | --datadir=* | --datadi=* | --datad=* | --data=* | --dat=* \
+  | --da=*)
+    datadir="$ac_optarg" ;;
+
+  -disable-* | --disable-*)
+    ac_feature=`echo $ac_option|sed -e 's/-*disable-//'`
+    # Reject names that are not valid shell variable names.
+    if test -n "`echo $ac_feature| sed 's/[-a-zA-Z0-9_]//g'`"; then
+      { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; }
+    fi
+    ac_feature=`echo $ac_feature| sed 's/-/_/g'`
+    eval "enable_${ac_feature}=no" ;;
+
+  -enable-* | --enable-*)
+    ac_feature=`echo $ac_option|sed -e 's/-*enable-//' -e 's/=.*//'`
+    # Reject names that are not valid shell variable names.
+    if test -n "`echo $ac_feature| sed 's/[-_a-zA-Z0-9]//g'`"; then
+      { echo "configure: error: $ac_feature: invalid feature name" 1>&2; exit 1; }
+    fi
+    ac_feature=`echo $ac_feature| sed 's/-/_/g'`
+    case "$ac_option" in
+      *=*) ;;
+      *) ac_optarg=yes ;;
+    esac
+    eval "enable_${ac_feature}='$ac_optarg'" ;;
+
+  -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \
+  | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \
+  | --exec | --exe | --ex)
+    ac_prev=exec_prefix ;;
+  -exec-prefix=* | --exec_prefix=* | --exec-prefix=* | --exec-prefi=* \
+  | --exec-pref=* | --exec-pre=* | --exec-pr=* | --exec-p=* | --exec-=* \
+  | --exec=* | --exe=* | --ex=*)
+    exec_prefix="$ac_optarg" ;;
+
+  -gas | --gas | --ga | --g)
+    # Obsolete; use --with-gas.
+    with_gas=yes ;;
+
+  -help | --help | --hel | --he)
+    # Omit some internal or obsolete options to make the list less imposing.
+    # The list generated by autoconf has been trimmed to remove many
+    # options that are totally irrelevant to PCRE (e.g. relating to X),
+    # or are not supported by its Makefile.
+    # The list generated by autoconf has been trimmed to remove many
+    # options that are totally irrelevant to PCRE (e.g. relating to X),
+    # or are not supported by its Makefile.
+    # The list generated by autoconf has been trimmed to remove many
+    # options that are totally irrelevant to PCRE (e.g. relating to X),
+    # or are not supported by its Makefile.
+    # This message is too long to be a string in the A/UX 3.1 sh.
+    cat << EOF
+Usage: ./configure [options]
+Options: [defaults in brackets after descriptions]
+Configuration:
+  --cache-file=FILE       cache test results in FILE
+  --help                  print this message
+  --no-create             do not create output files
+  --quiet, --silent       do not print \`checking...' messages
+  --version               print the version of autoconf that created configure
+Directory and file names:
+  --prefix=PREFIX         install architecture-independent files in PREFIX
+                          [$ac_default_prefix]
+  --exec-prefix=EPREFIX   install architecture-dependent files in EPREFIX
+                          [same as prefix]
+  --bindir=DIR            user executables in DIR [EPREFIX/bin]
+  --libdir=DIR            object code libraries in DIR [EPREFIX/lib]
+  --includedir=DIR        C header files in DIR [PREFIX/include]
+  --mandir=DIR            man documentation in DIR [PREFIX/man]
+EOF
+    cat << EOF
+EOF
+    if test -n "$ac_help"; then
+      echo "--enable and --with options recognized:$ac_help"
+    fi
+    exit 0 ;;
+
+  -host | --host | --hos | --ho)
+    ac_prev=host ;;
+  -host=* | --host=* | --hos=* | --ho=*)
+    host="$ac_optarg" ;;
+
+  -includedir | --includedir | --includedi | --included | --include \
+  | --includ | --inclu | --incl | --inc)
+    ac_prev=includedir ;;
+  -includedir=* | --includedir=* | --includedi=* | --included=* | --include=* \
+  | --includ=* | --inclu=* | --incl=* | --inc=*)
+    includedir="$ac_optarg" ;;
+
+  -infodir | --infodir | --infodi | --infod | --info | --inf)
+    ac_prev=infodir ;;
+  -infodir=* | --infodir=* | --infodi=* | --infod=* | --info=* | --inf=*)
+    infodir="$ac_optarg" ;;
+
+  -libdir | --libdir | --libdi | --libd)
+    ac_prev=libdir ;;
+  -libdir=* | --libdir=* | --libdi=* | --libd=*)
+    libdir="$ac_optarg" ;;
+
+  -libexecdir | --libexecdir | --libexecdi | --libexecd | --libexec \
+  | --libexe | --libex | --libe)
+    ac_prev=libexecdir ;;
+  -libexecdir=* | --libexecdir=* | --libexecdi=* | --libexecd=* | --libexec=* \
+  | --libexe=* | --libex=* | --libe=*)
+    libexecdir="$ac_optarg" ;;
+
+  -localstatedir | --localstatedir | --localstatedi | --localstated \
+  | --localstate | --localstat | --localsta | --localst \
+  | --locals | --local | --loca | --loc | --lo)
+    ac_prev=localstatedir ;;
+  -localstatedir=* | --localstatedir=* | --localstatedi=* | --localstated=* \
+  | --localstate=* | --localstat=* | --localsta=* | --localst=* \
+  | --locals=* | --local=* | --loca=* | --loc=* | --lo=*)
+    localstatedir="$ac_optarg" ;;
+
+  -mandir | --mandir | --mandi | --mand | --man | --ma | --m)
+    ac_prev=mandir ;;
+  -mandir=* | --mandir=* | --mandi=* | --mand=* | --man=* | --ma=* | --m=*)
+    mandir="$ac_optarg" ;;
+
+  -nfp | --nfp | --nf)
+    # Obsolete; use --without-fp.
+    with_fp=no ;;
+
+  -no-create | --no-create | --no-creat | --no-crea | --no-cre \
+  | --no-cr | --no-c)
+    no_create=yes ;;
+
+  -no-recursion | --no-recursion | --no-recursio | --no-recursi \
+  | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r)
+    no_recursion=yes ;;
+
+  -oldincludedir | --oldincludedir | --oldincludedi | --oldincluded \
+  | --oldinclude | --oldinclud | --oldinclu | --oldincl | --oldinc \
+  | --oldin | --oldi | --old | --ol | --o)
+    ac_prev=oldincludedir ;;
+  -oldincludedir=* | --oldincludedir=* | --oldincludedi=* | --oldincluded=* \
+  | --oldinclude=* | --oldinclud=* | --oldinclu=* | --oldincl=* | --oldinc=* \
+  | --oldin=* | --oldi=* | --old=* | --ol=* | --o=*)
+    oldincludedir="$ac_optarg" ;;
+
+  -prefix | --prefix | --prefi | --pref | --pre | --pr | --p)
+    ac_prev=prefix ;;
+  -prefix=* | --prefix=* | --prefi=* | --pref=* | --pre=* | --pr=* | --p=*)
+    prefix="$ac_optarg" ;;
+
+  -program-prefix | --program-prefix | --program-prefi | --program-pref \
+  | --program-pre | --program-pr | --program-p)
+    ac_prev=program_prefix ;;
+  -program-prefix=* | --program-prefix=* | --program-prefi=* \
+  | --program-pref=* | --program-pre=* | --program-pr=* | --program-p=*)
+    program_prefix="$ac_optarg" ;;
+
+  -program-suffix | --program-suffix | --program-suffi | --program-suff \
+  | --program-suf | --program-su | --program-s)
+    ac_prev=program_suffix ;;
+  -program-suffix=* | --program-suffix=* | --program-suffi=* \
+  | --program-suff=* | --program-suf=* | --program-su=* | --program-s=*)
+    program_suffix="$ac_optarg" ;;
+
+  -program-transform-name | --program-transform-name \
+  | --program-transform-nam | --program-transform-na \
+  | --program-transform-n | --program-transform- \
+  | --program-transform | --program-transfor \
+  | --program-transfo | --program-transf \
+  | --program-trans | --program-tran \
+  | --progr-tra | --program-tr | --program-t)
+    ac_prev=program_transform_name ;;
+  -program-transform-name=* | --program-transform-name=* \
+  | --program-transform-nam=* | --program-transform-na=* \
+  | --program-transform-n=* | --program-transform-=* \
+  | --program-transform=* | --program-transfor=* \
+  | --program-transfo=* | --program-transf=* \
+  | --program-trans=* | --program-tran=* \
+  | --progr-tra=* | --program-tr=* | --program-t=*)
+    program_transform_name="$ac_optarg" ;;
+
+  -q | -quiet | --quiet | --quie | --qui | --qu | --q \
+  | -silent | --silent | --silen | --sile | --sil)
+    silent=yes ;;
+
+  -sbindir | --sbindir | --sbindi | --sbind | --sbin | --sbi | --sb)
+    ac_prev=sbindir ;;
+  -sbindir=* | --sbindir=* | --sbindi=* | --sbind=* | --sbin=* \
+  | --sbi=* | --sb=*)
+    sbindir="$ac_optarg" ;;
+
+  -sharedstatedir | --sharedstatedir | --sharedstatedi \
+  | --sharedstated | --sharedstate | --sharedstat | --sharedsta \
+  | --sharedst | --shareds | --shared | --share | --shar \
+  | --sha | --sh)
+    ac_prev=sharedstatedir ;;
+  -sharedstatedir=* | --sharedstatedir=* | --sharedstatedi=* \
+  | --sharedstated=* | --sharedstate=* | --sharedstat=* | --sharedsta=* \
+  | --sharedst=* | --shareds=* | --shared=* | --share=* | --shar=* \
+  | --sha=* | --sh=*)
+    sharedstatedir="$ac_optarg" ;;
+
+  -site | --site | --sit)
+    ac_prev=site ;;
+  -site=* | --site=* | --sit=*)
+    site="$ac_optarg" ;;
+
+  -srcdir | --srcdir | --srcdi | --srcd | --src | --sr)
+    ac_prev=srcdir ;;
+  -srcdir=* | --srcdir=* | --srcdi=* | --srcd=* | --src=* | --sr=*)
+    srcdir="$ac_optarg" ;;
+
+  -sysconfdir | --sysconfdir | --sysconfdi | --sysconfd | --sysconf \
+  | --syscon | --sysco | --sysc | --sys | --sy)
+    ac_prev=sysconfdir ;;
+  -sysconfdir=* | --sysconfdir=* | --sysconfdi=* | --sysconfd=* | --sysconf=* \
+  | --syscon=* | --sysco=* | --sysc=* | --sys=* | --sy=*)
+    sysconfdir="$ac_optarg" ;;
+
+  -target | --target | --targe | --targ | --tar | --ta | --t)
+    ac_prev=target ;;
+  -target=* | --target=* | --targe=* | --targ=* | --tar=* | --ta=* | --t=*)
+    target="$ac_optarg" ;;
+
+  -v | -verbose | --verbose | --verbos | --verbo | --verb)
+    verbose=yes ;;
+
+  -version | --version | --versio | --versi | --vers)
+    echo "configure generated by autoconf version 2.13"
+    exit 0 ;;
+
+  -with-* | --with-*)
+    ac_package=`echo $ac_option|sed -e 's/-*with-//' -e 's/=.*//'`
+    # Reject names that are not valid shell variable names.
+    if test -n "`echo $ac_package| sed 's/[-_a-zA-Z0-9]//g'`"; then
+      { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; }
+    fi
+    ac_package=`echo $ac_package| sed 's/-/_/g'`
+    case "$ac_option" in
+      *=*) ;;
+      *) ac_optarg=yes ;;
+    esac
+    eval "with_${ac_package}='$ac_optarg'" ;;
+
+  -without-* | --without-*)
+    ac_package=`echo $ac_option|sed -e 's/-*without-//'`
+    # Reject names that are not valid shell variable names.
+    if test -n "`echo $ac_package| sed 's/[-a-zA-Z0-9_]//g'`"; then
+      { echo "configure: error: $ac_package: invalid package name" 1>&2; exit 1; }
+    fi
+    ac_package=`echo $ac_package| sed 's/-/_/g'`
+    eval "with_${ac_package}=no" ;;
+
+  --x)
+    # Obsolete; use --with-x.
+    with_x=yes ;;
+
+  -x-includes | --x-includes | --x-include | --x-includ | --x-inclu \
+  | --x-incl | --x-inc | --x-in | --x-i)
+    ac_prev=x_includes ;;
+  -x-includes=* | --x-includes=* | --x-include=* | --x-includ=* | --x-inclu=* \
+  | --x-incl=* | --x-inc=* | --x-in=* | --x-i=*)
+    x_includes="$ac_optarg" ;;
+
+  -x-libraries | --x-libraries | --x-librarie | --x-librari \
+  | --x-librar | --x-libra | --x-libr | --x-lib | --x-li | --x-l)
+    ac_prev=x_libraries ;;
+  -x-libraries=* | --x-libraries=* | --x-librarie=* | --x-librari=* \
+  | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*)
+    x_libraries="$ac_optarg" ;;
+
+  -*) { echo "configure: error: $ac_option: invalid option; use --help to show usage" 1>&2; exit 1; }
+    ;;
+
+  *)
+    if test -n "`echo $ac_option| sed 's/[-a-z0-9.]//g'`"; then
+      echo "configure: warning: $ac_option: invalid host type" 1>&2
+    fi
+    if test "x$nonopt" != xNONE; then
+      { echo "configure: error: can only configure for one host and one target at a time" 1>&2; exit 1; }
+    fi
+    nonopt="$ac_option"
+    ;;
+
+  esac
+done
+
+if test -n "$ac_prev"; then
+  { echo "configure: error: missing argument to --`echo $ac_prev | sed 's/_/-/g'`" 1>&2; exit 1; }
+fi
+
+trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15
+
+# File descriptor usage:
+# 0 standard input
+# 1 file creation
+# 2 errors and warnings
+# 3 some systems may open it to /dev/tty
+# 4 used on the Kubota Titan
+# 6 checking for... messages and results
+# 5 compiler messages saved in config.log
+if test "$silent" = yes; then
+  exec 6>/dev/null
+else
+  exec 6>&1
+fi
+exec 5>./config.log
+
+echo "\
+This file contains any messages produced by compilers while
+running configure, to aid debugging if configure makes a mistake.
+" 1>&5
+
+# Strip out --no-create and --no-recursion so they do not pile up.
+# Also quote any args containing shell metacharacters.
+ac_configure_args=
+for ac_arg
+do
+  case "$ac_arg" in
+  -no-create | --no-create | --no-creat | --no-crea | --no-cre \
+  | --no-cr | --no-c) ;;
+  -no-recursion | --no-recursion | --no-recursio | --no-recursi \
+  | --no-recurs | --no-recur | --no-recu | --no-rec | --no-re | --no-r) ;;
+  *" "*|*"	"*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?]*)
+  ac_configure_args="$ac_configure_args '$ac_arg'" ;;
+  *) ac_configure_args="$ac_configure_args $ac_arg" ;;
+  esac
+done
+
+# NLS nuisances.
+# Only set these to C if already set.  These must not be set unconditionally
+# because not all systems understand e.g. LANG=C (notably SCO).
+# Fixing LC_MESSAGES prevents Solaris sh from translating var values in `set'!
+# Non-C LC_CTYPE values break the ctype check.
+if test "${LANG+set}"   = set; then LANG=C;   export LANG;   fi
+if test "${LC_ALL+set}" = set; then LC_ALL=C; export LC_ALL; fi
+if test "${LC_MESSAGES+set}" = set; then LC_MESSAGES=C; export LC_MESSAGES; fi
+if test "${LC_CTYPE+set}"    = set; then LC_CTYPE=C;    export LC_CTYPE;    fi
+
+# confdefs.h avoids OS command line length limits that DEFS can exceed.
+rm -rf conftest* confdefs.h
+# AIX cpp loses on an empty file, so make sure it contains at least a newline.
+echo > confdefs.h
+
+# A filename unique to this package, relative to the directory that
+# configure is in, which we can look for to find out if srcdir is correct.
+ac_unique_file=dftables.c
+
+# Find the source files, if location was not specified.
+if test -z "$srcdir"; then
+  ac_srcdir_defaulted=yes
+  # Try the directory containing this script, then its parent.
+  ac_prog=$0
+  ac_confdir=`echo $ac_prog|sed 's%/[^/][^/]*$%%'`
+  test "x$ac_confdir" = "x$ac_prog" && ac_confdir=.
+  srcdir=$ac_confdir
+  if test ! -r $srcdir/$ac_unique_file; then
+    srcdir=..
+  fi
+else
+  ac_srcdir_defaulted=no
+fi
+if test ! -r $srcdir/$ac_unique_file; then
+  if test "$ac_srcdir_defaulted" = yes; then
+    { echo "configure: error: can not find sources in $ac_confdir or .." 1>&2; exit 1; }
+  else
+    { echo "configure: error: can not find sources in $srcdir" 1>&2; exit 1; }
+  fi
+fi
+srcdir=`echo "${srcdir}" | sed 's%\([^/]\)/*$%\1%'`
+
+# Prefer explicitly selected file to automatically selected ones.
+if test -z "$CONFIG_SITE"; then
+  if test "x$prefix" != xNONE; then
+    CONFIG_SITE="$prefix/share/config.site $prefix/etc/config.site"
+  else
+    CONFIG_SITE="$ac_default_prefix/share/config.site $ac_default_prefix/etc/config.site"
+  fi
+fi
+for ac_site_file in $CONFIG_SITE; do
+  if test -r "$ac_site_file"; then
+    echo "loading site script $ac_site_file"
+    . "$ac_site_file"
+  fi
+done
+
+if test -r "$cache_file"; then
+  echo "loading cache $cache_file"
+  . $cache_file
+else
+  echo "creating cache $cache_file"
+  > $cache_file
+fi
+
+ac_ext=c
+# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
+ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
+cross_compiling=$ac_cv_prog_cc_cross
+
+ac_exeext=
+ac_objext=o
+if (echo "testing\c"; echo 1,2,3) | grep c >/dev/null; then
+  # Stardent Vistra SVR4 grep lacks -e, says ghazi at caip.rutgers.edu.
+  if (echo -n testing; echo 1,2,3) | sed s/-n/xn/ | grep xn >/dev/null; then
+    ac_n= ac_c='
+' ac_t='	'
+  else
+    ac_n=-n ac_c= ac_t=
+  fi
+else
+  ac_n= ac_c='\c' ac_t=
+fi
+
+
+
+
+
+
+PCRE_MAJOR=3
+PCRE_MINOR=4
+PCRE_DATE=22-Aug-2000
+PCRE_VERSION=${PCRE_MAJOR}.${PCRE_MINOR}
+
+
+PCRE_LIB_VERSION=0:1:0
+PCRE_POSIXLIB_VERSION=0:0:0
+
+
+# Extract the first word of "gcc", so it can be a program name with args.
+set dummy gcc; ac_word=$2
+echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
+echo "configure:546: checking for $ac_word" >&5
+if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
+  ac_dummy="$PATH"
+  for ac_dir in $ac_dummy; do
+    test -z "$ac_dir" && ac_dir=.
+    if test -f $ac_dir/$ac_word; then
+      ac_cv_prog_CC="gcc"
+      break
+    fi
+  done
+  IFS="$ac_save_ifs"
+fi
+fi
+CC="$ac_cv_prog_CC"
+if test -n "$CC"; then
+  echo "$ac_t""$CC" 1>&6
+else
+  echo "$ac_t""no" 1>&6
+fi
+
+if test -z "$CC"; then
+  # Extract the first word of "cc", so it can be a program name with args.
+set dummy cc; ac_word=$2
+echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
+echo "configure:576: checking for $ac_word" >&5
+if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
+  ac_prog_rejected=no
+  ac_dummy="$PATH"
+  for ac_dir in $ac_dummy; do
+    test -z "$ac_dir" && ac_dir=.
+    if test -f $ac_dir/$ac_word; then
+      if test "$ac_dir/$ac_word" = "/usr/ucb/cc"; then
+        ac_prog_rejected=yes
+	continue
+      fi
+      ac_cv_prog_CC="cc"
+      break
+    fi
+  done
+  IFS="$ac_save_ifs"
+if test $ac_prog_rejected = yes; then
+  # We found a bogon in the path, so make sure we never use it.
+  set dummy $ac_cv_prog_CC
+  shift
+  if test $# -gt 0; then
+    # We chose a different compiler from the bogus one.
+    # However, it has the same basename, so the bogon will be chosen
+    # first if we set CC to just the basename; use the full file name.
+    shift
+    set dummy "$ac_dir/$ac_word" "$@"
+    shift
+    ac_cv_prog_CC="$@"
+  fi
+fi
+fi
+fi
+CC="$ac_cv_prog_CC"
+if test -n "$CC"; then
+  echo "$ac_t""$CC" 1>&6
+else
+  echo "$ac_t""no" 1>&6
+fi
+
+  if test -z "$CC"; then
+    case "`uname -s`" in
+    *win32* | *WIN32*)
+      # Extract the first word of "cl", so it can be a program name with args.
+set dummy cl; ac_word=$2
+echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
+echo "configure:627: checking for $ac_word" >&5
+if eval "test \"`echo '$''{'ac_cv_prog_CC'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  if test -n "$CC"; then
+  ac_cv_prog_CC="$CC" # Let the user override the test.
+else
+  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
+  ac_dummy="$PATH"
+  for ac_dir in $ac_dummy; do
+    test -z "$ac_dir" && ac_dir=.
+    if test -f $ac_dir/$ac_word; then
+      ac_cv_prog_CC="cl"
+      break
+    fi
+  done
+  IFS="$ac_save_ifs"
+fi
+fi
+CC="$ac_cv_prog_CC"
+if test -n "$CC"; then
+  echo "$ac_t""$CC" 1>&6
+else
+  echo "$ac_t""no" 1>&6
+fi
+ ;;
+    esac
+  fi
+  test -z "$CC" && { echo "configure: error: no acceptable cc found in \$PATH" 1>&2; exit 1; }
+fi
+
+echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works""... $ac_c" 1>&6
+echo "configure:659: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) works" >&5
+
+ac_ext=c
+# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
+ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
+cross_compiling=$ac_cv_prog_cc_cross
+
+cat > conftest.$ac_ext << EOF
+
+#line 670 "configure"
+#include "confdefs.h"
+
+main(){return(0);}
+EOF
+if { (eval echo configure:675: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+  ac_cv_prog_cc_works=yes
+  # If we can't run a trivial program, we are probably using a cross compiler.
+  if (./conftest; exit) 2>/dev/null; then
+    ac_cv_prog_cc_cross=no
+  else
+    ac_cv_prog_cc_cross=yes
+  fi
+else
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  ac_cv_prog_cc_works=no
+fi
+rm -fr conftest*
+ac_ext=c
+# CFLAGS is not in ac_cpp because -g, -O, etc. are not valid cpp options.
+ac_cpp='$CPP $CPPFLAGS'
+ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
+ac_link='${CC-cc} -o conftest${ac_exeext} $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
+cross_compiling=$ac_cv_prog_cc_cross
+
+echo "$ac_t""$ac_cv_prog_cc_works" 1>&6
+if test $ac_cv_prog_cc_works = no; then
+  { echo "configure: error: installation or configuration problem: C compiler cannot create executables." 1>&2; exit 1; }
+fi
+echo $ac_n "checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler""... $ac_c" 1>&6
+echo "configure:701: checking whether the C compiler ($CC $CFLAGS $LDFLAGS) is a cross-compiler" >&5
+echo "$ac_t""$ac_cv_prog_cc_cross" 1>&6
+cross_compiling=$ac_cv_prog_cc_cross
+
+echo $ac_n "checking whether we are using GNU C""... $ac_c" 1>&6
+echo "configure:706: checking whether we are using GNU C" >&5
+if eval "test \"`echo '$''{'ac_cv_prog_gcc'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.c <<EOF
+#ifdef __GNUC__
+  yes;
+#endif
+EOF
+if { ac_try='${CC-cc} -E conftest.c'; { (eval echo configure:715: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
+  ac_cv_prog_gcc=yes
+else
+  ac_cv_prog_gcc=no
+fi
+fi
+
+echo "$ac_t""$ac_cv_prog_gcc" 1>&6
+
+if test $ac_cv_prog_gcc = yes; then
+  GCC=yes
+else
+  GCC=
+fi
+
+ac_test_CFLAGS="${CFLAGS+set}"
+ac_save_CFLAGS="$CFLAGS"
+CFLAGS=
+echo $ac_n "checking whether ${CC-cc} accepts -g""... $ac_c" 1>&6
+echo "configure:734: checking whether ${CC-cc} accepts -g" >&5
+if eval "test \"`echo '$''{'ac_cv_prog_cc_g'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  echo 'void f(){}' > conftest.c
+if test -z "`${CC-cc} -g -c conftest.c 2>&1`"; then
+  ac_cv_prog_cc_g=yes
+else
+  ac_cv_prog_cc_g=no
+fi
+rm -f conftest*
+
+fi
+
+echo "$ac_t""$ac_cv_prog_cc_g" 1>&6
+if test "$ac_test_CFLAGS" = set; then
+  CFLAGS="$ac_save_CFLAGS"
+elif test $ac_cv_prog_cc_g = yes; then
+  if test "$GCC" = yes; then
+    CFLAGS="-g -O2"
+  else
+    CFLAGS="-g"
+  fi
+else
+  if test "$GCC" = yes; then
+    CFLAGS="-O2"
+  else
+    CFLAGS=
+  fi
+fi
+
+# Extract the first word of "ranlib", so it can be a program name with args.
+set dummy ranlib; ac_word=$2
+echo $ac_n "checking for $ac_word""... $ac_c" 1>&6
+echo "configure:768: checking for $ac_word" >&5
+if eval "test \"`echo '$''{'ac_cv_prog_RANLIB'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  if test -n "$RANLIB"; then
+  ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test.
+else
+  IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS=":"
+  ac_dummy="$PATH"
+  for ac_dir in $ac_dummy; do
+    test -z "$ac_dir" && ac_dir=.
+    if test -f $ac_dir/$ac_word; then
+      ac_cv_prog_RANLIB="ranlib"
+      break
+    fi
+  done
+  IFS="$ac_save_ifs"
+  test -z "$ac_cv_prog_RANLIB" && ac_cv_prog_RANLIB=":"
+fi
+fi
+RANLIB="$ac_cv_prog_RANLIB"
+if test -n "$RANLIB"; then
+  echo "$ac_t""$RANLIB" 1>&6
+else
+  echo "$ac_t""no" 1>&6
+fi
+
+
+
+echo $ac_n "checking how to run the C preprocessor""... $ac_c" 1>&6
+echo "configure:798: checking how to run the C preprocessor" >&5
+# On Suns, sometimes $CPP names a directory.
+if test -n "$CPP" && test -d "$CPP"; then
+  CPP=
+fi
+if test -z "$CPP"; then
+if eval "test \"`echo '$''{'ac_cv_prog_CPP'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+    # This must be in double quotes, not single quotes, because CPP may get
+  # substituted into the Makefile and "${CC-cc}" will confuse make.
+  CPP="${CC-cc} -E"
+  # On the NeXT, cc -E runs the code through the compiler's parser,
+  # not just through cpp.
+  cat > conftest.$ac_ext <<EOF
+#line 813 "configure"
+#include "confdefs.h"
+#include <assert.h>
+Syntax Error
+EOF
+ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
+{ (eval echo configure:819: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
+if test -z "$ac_err"; then
+  :
+else
+  echo "$ac_err" >&5
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  CPP="${CC-cc} -E -traditional-cpp"
+  cat > conftest.$ac_ext <<EOF
+#line 830 "configure"
+#include "confdefs.h"
+#include <assert.h>
+Syntax Error
+EOF
+ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
+{ (eval echo configure:836: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
+if test -z "$ac_err"; then
+  :
+else
+  echo "$ac_err" >&5
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  CPP="${CC-cc} -nologo -E"
+  cat > conftest.$ac_ext <<EOF
+#line 847 "configure"
+#include "confdefs.h"
+#include <assert.h>
+Syntax Error
+EOF
+ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
+{ (eval echo configure:853: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
+if test -z "$ac_err"; then
+  :
+else
+  echo "$ac_err" >&5
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  CPP=/lib/cpp
+fi
+rm -f conftest*
+fi
+rm -f conftest*
+fi
+rm -f conftest*
+  ac_cv_prog_CPP="$CPP"
+fi
+  CPP="$ac_cv_prog_CPP"
+else
+  ac_cv_prog_CPP="$CPP"
+fi
+echo "$ac_t""$CPP" 1>&6
+
+echo $ac_n "checking for ANSI C header files""... $ac_c" 1>&6
+echo "configure:878: checking for ANSI C header files" >&5
+if eval "test \"`echo '$''{'ac_cv_header_stdc'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 883 "configure"
+#include "confdefs.h"
+#include <stdlib.h>
+#include <stdarg.h>
+#include <string.h>
+#include <float.h>
+EOF
+ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
+{ (eval echo configure:891: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
+if test -z "$ac_err"; then
+  rm -rf conftest*
+  ac_cv_header_stdc=yes
+else
+  echo "$ac_err" >&5
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+if test $ac_cv_header_stdc = yes; then
+  # SunOS 4.x string.h does not declare mem*, contrary to ANSI.
+cat > conftest.$ac_ext <<EOF
+#line 908 "configure"
+#include "confdefs.h"
+#include <string.h>
+EOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  egrep "memchr" >/dev/null 2>&1; then
+  :
+else
+  rm -rf conftest*
+  ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+  # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI.
+cat > conftest.$ac_ext <<EOF
+#line 926 "configure"
+#include "confdefs.h"
+#include <stdlib.h>
+EOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  egrep "free" >/dev/null 2>&1; then
+  :
+else
+  rm -rf conftest*
+  ac_cv_header_stdc=no
+fi
+rm -f conftest*
+
+fi
+
+if test $ac_cv_header_stdc = yes; then
+  # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi.
+if test "$cross_compiling" = yes; then
+  :
+else
+  cat > conftest.$ac_ext <<EOF
+#line 947 "configure"
+#include "confdefs.h"
+#include <ctype.h>
+#define ISLOWER(c) ('a' <= (c) && (c) <= 'z')
+#define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c))
+#define XOR(e, f) (((e) && !(f)) || (!(e) && (f)))
+int main () { int i; for (i = 0; i < 256; i++)
+if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) exit(2);
+exit (0); }
+
+EOF
+if { (eval echo configure:958: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext} && (./conftest; exit) 2>/dev/null
+then
+  :
+else
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -fr conftest*
+  ac_cv_header_stdc=no
+fi
+rm -fr conftest*
+fi
+
+fi
+fi
+
+echo "$ac_t""$ac_cv_header_stdc" 1>&6
+if test $ac_cv_header_stdc = yes; then
+  cat >> confdefs.h <<\EOF
+#define STDC_HEADERS 1
+EOF
+
+fi
+
+for ac_hdr in limits.h
+do
+ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
+echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
+echo "configure:985: checking for $ac_hdr" >&5
+if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 990 "configure"
+#include "confdefs.h"
+#include <$ac_hdr>
+EOF
+ac_try="$ac_cpp conftest.$ac_ext >/dev/null 2>conftest.out"
+{ (eval echo configure:995: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
+if test -z "$ac_err"; then
+  rm -rf conftest*
+  eval "ac_cv_header_$ac_safe=yes"
+else
+  echo "$ac_err" >&5
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  eval "ac_cv_header_$ac_safe=no"
+fi
+rm -f conftest*
+fi
+if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+    ac_tr_hdr=HAVE_`echo $ac_hdr | sed 'y%abcdefghijklmnopqrstuvwxyz./-%ABCDEFGHIJKLMNOPQRSTUVWXYZ___%'`
+  cat >> confdefs.h <<EOF
+#define $ac_tr_hdr 1
+EOF
+ 
+else
+  echo "$ac_t""no" 1>&6
+fi
+done
+
+
+
+echo $ac_n "checking for working const""... $ac_c" 1>&6
+echo "configure:1024: checking for working const" >&5
+if eval "test \"`echo '$''{'ac_cv_c_const'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 1029 "configure"
+#include "confdefs.h"
+
+int main() {
+
+/* Ultrix mips cc rejects this.  */
+typedef int charset[2]; const charset x;
+/* SunOS 4.1.1 cc rejects this.  */
+char const *const *ccp;
+char **p;
+/* NEC SVR4.0.2 mips cc rejects this.  */
+struct point {int x, y;};
+static struct point const zero = {0,0};
+/* AIX XL C 1.02.0.0 rejects this.
+   It does not let you subtract one const X* pointer from another in an arm
+   of an if-expression whose if-part is not a constant expression */
+const char *g = "string";
+ccp = &g + (g ? g-g : 0);
+/* HPUX 7.0 cc rejects these. */
+++ccp;
+p = (char**) ccp;
+ccp = (char const *const *) p;
+{ /* SCO 3.2v4 cc rejects this.  */
+  char *t;
+  char const *s = 0 ? (char *) 0 : (char const *) 0;
+
+  *t++ = 0;
+}
+{ /* Someone thinks the Sun supposedly-ANSI compiler will reject this.  */
+  int x[] = {25, 17};
+  const int *foo = &x[0];
+  ++foo;
+}
+{ /* Sun SC1.0 ANSI compiler rejects this -- but not the above. */
+  typedef const int *iptr;
+  iptr p = 0;
+  ++p;
+}
+{ /* AIX XL C 1.02.0.0 rejects this saying
+     "k.c", line 2.27: 1506-025 (S) Operand must be a modifiable lvalue. */
+  struct s { int j; const int *ap[3]; };
+  struct s *b; b->j = 5;
+}
+{ /* ULTRIX-32 V3.1 (Rev 9) vcc rejects this */
+  const int foo = 10;
+}
+
+; return 0; }
+EOF
+if { (eval echo configure:1078: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; }; then
+  rm -rf conftest*
+  ac_cv_c_const=yes
+else
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  ac_cv_c_const=no
+fi
+rm -f conftest*
+fi
+
+echo "$ac_t""$ac_cv_c_const" 1>&6
+if test $ac_cv_c_const = no; then
+  cat >> confdefs.h <<\EOF
+#define const 
+EOF
+
+fi
+
+echo $ac_n "checking for size_t""... $ac_c" 1>&6
+echo "configure:1099: checking for size_t" >&5
+if eval "test \"`echo '$''{'ac_cv_type_size_t'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 1104 "configure"
+#include "confdefs.h"
+#include <sys/types.h>
+#if STDC_HEADERS
+#include <stdlib.h>
+#include <stddef.h>
+#endif
+EOF
+if (eval "$ac_cpp conftest.$ac_ext") 2>&5 |
+  egrep "(^|[^a-zA-Z_0-9])size_t[^a-zA-Z_0-9]" >/dev/null 2>&1; then
+  rm -rf conftest*
+  ac_cv_type_size_t=yes
+else
+  rm -rf conftest*
+  ac_cv_type_size_t=no
+fi
+rm -f conftest*
+
+fi
+echo "$ac_t""$ac_cv_type_size_t" 1>&6
+if test $ac_cv_type_size_t = no; then
+  cat >> confdefs.h <<\EOF
+#define size_t unsigned
+EOF
+
+fi
+
+
+
+for ac_func in bcopy memmove strerror
+do
+echo $ac_n "checking for $ac_func""... $ac_c" 1>&6
+echo "configure:1136: checking for $ac_func" >&5
+if eval "test \"`echo '$''{'ac_cv_func_$ac_func'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 1141 "configure"
+#include "confdefs.h"
+/* System header to define __stub macros and hopefully few prototypes,
+    which can conflict with char $ac_func(); below.  */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error.  */
+/* We use char because int might match the return type of a gcc2
+    builtin and then its argument prototype would still apply.  */
+char $ac_func();
+
+int main() {
+
+/* The GNU C library defines this for functions which it implements
+    to always fail with ENOSYS.  Some functions are actually named
+    something starting with __ and the normal name is an alias.  */
+#if defined (__stub_$ac_func) || defined (__stub___$ac_func)
+choke me
+#else
+$ac_func();
+#endif
+
+; return 0; }
+EOF
+if { (eval echo configure:1164: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=yes"
+else
+  echo "configure: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  eval "ac_cv_func_$ac_func=no"
+fi
+rm -f conftest*
+fi
+
+if eval "test \"`echo '$ac_cv_func_'$ac_func`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+    ac_tr_func=HAVE_`echo $ac_func | tr 'abcdefghijklmnopqrstuvwxyz' 'ABCDEFGHIJKLMNOPQRSTUVWXYZ'`
+  cat >> confdefs.h <<EOF
+#define $ac_tr_func 1
+EOF
+ 
+else
+  echo "$ac_t""no" 1>&6
+fi
+done
+
+
+
+LIBTOOL=./libtool
+LIBSUFFIX=la
+# Check whether --enable-shared or --disable-shared was given.
+if test "${enable_shared+set}" = set; then
+  enableval="$enable_shared"
+  if test "$enableval" = "no"; then
+  LIBTOOL=
+  LIBSUFFIX=a
+fi
+
+fi
+
+
+
+# Check whether --enable-utf8 or --disable-utf8 was given.
+if test "${enable_utf8+set}" = set; then
+  enableval="$enable_utf8"
+  if test "$enableval" = "yes"; then
+  UTF8=-DSUPPORT_UTF8
+fi
+
+fi
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+trap '' 1 2 15
+cat > confcache <<\EOF
+# This file is a shell script that caches the results of configure
+# tests run on this system so they can be shared between configure
+# scripts and configure runs.  It is not useful on other systems.
+# If it contains results you don't want to keep, you may remove or edit it.
+#
+# By default, configure uses ./config.cache as the cache file,
+# creating it if it does not exist already.  You can give configure
+# the --cache-file=FILE option to use a different cache file; that is
+# what configure does when it calls configure scripts in
+# subdirectories, so they share the cache.
+# Giving --cache-file=/dev/null disables caching, for debugging configure.
+# config.status only pays attention to the cache file if you give it the
+# --recheck option to rerun configure.
+#
+EOF
+# The following way of writing the cache mishandles newlines in values,
+# but we know of no workaround that is simple, portable, and efficient.
+# So, don't put newlines in cache variables' values.
+# Ultrix sh set writes to stderr and can't be redirected directly,
+# and sets the high bit in the cache file unless we assign to the vars.
+(set) 2>&1 |
+  case `(ac_space=' '; set | grep ac_space) 2>&1` in
+  *ac_space=\ *)
+    # `set' does not quote correctly, so add quotes (double-quote substitution
+    # turns \\\\ into \\, and sed turns \\ into \).
+    sed -n \
+      -e "s/'/'\\\\''/g" \
+      -e "s/^\\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\\)=\\(.*\\)/\\1=\${\\1='\\2'}/p"
+    ;;
+  *)
+    # `set' quotes correctly as required by POSIX, so do not add quotes.
+    sed -n -e 's/^\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\)=\(.*\)/\1=${\1=\2}/p'
+    ;;
+  esac >> confcache
+if cmp -s $cache_file confcache; then
+  :
+else
+  if test -w $cache_file; then
+    echo "updating cache $cache_file"
+    cat confcache > $cache_file
+  else
+    echo "not updating unwritable cache $cache_file"
+  fi
+fi
+rm -f confcache
+
+trap 'rm -fr conftest* confdefs* core core.* *.core $ac_clean_files; exit 1' 1 2 15
+
+test "x$prefix" = xNONE && prefix=$ac_default_prefix
+# Let make expand exec_prefix.
+test "x$exec_prefix" = xNONE && exec_prefix='${prefix}'
+
+# Any assignment to VPATH causes Sun make to only execute
+# the first set of double-colon rules, so remove it if not needed.
+# If there is a colon in the path, we need to keep it.
+if test "x$srcdir" = x.; then
+  ac_vpsub='/^[ 	]*VPATH[ 	]*=[^:]*$/d'
+fi
+
+trap 'rm -f $CONFIG_STATUS conftest*; exit 1' 1 2 15
+
+DEFS=-DHAVE_CONFIG_H
+
+# Without the "./", some shells look in PATH for config.status.
+: ${CONFIG_STATUS=./config.status}
+
+echo creating $CONFIG_STATUS
+rm -f $CONFIG_STATUS
+cat > $CONFIG_STATUS <<EOF
+#! /bin/sh
+# Generated automatically by configure.
+# Run this file to recreate the current configuration.
+# This directory was configured as follows,
+# on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
+#
+# $0 $ac_configure_args
+#
+# Compiler output produced by configure, useful for debugging
+# configure, is in ./config.log if it exists.
+
+ac_cs_usage="Usage: $CONFIG_STATUS [--recheck] [--version] [--help]"
+for ac_option
+do
+  case "\$ac_option" in
+  -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r)
+    echo "running \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion"
+    exec \${CONFIG_SHELL-/bin/sh} $0 $ac_configure_args --no-create --no-recursion ;;
+  -version | --version | --versio | --versi | --vers | --ver | --ve | --v)
+    echo "$CONFIG_STATUS generated by autoconf version 2.13"
+    exit 0 ;;
+  -help | --help | --hel | --he | --h)
+    echo "\$ac_cs_usage"; exit 0 ;;
+  *) echo "\$ac_cs_usage"; exit 1 ;;
+  esac
+done
+
+ac_given_srcdir=$srcdir
+
+trap 'rm -fr `echo "Makefile pcre.h:pcre.in pcre-config:pcre-config.in RunTest:RunTest.in config.h:config.in" | sed "s/:[^ ]*//g"` conftest*; exit 1' 1 2 15
+EOF
+cat >> $CONFIG_STATUS <<EOF
+
+# Protect against being on the right side of a sed subst in config.status.
+sed 's/%@/@@/; s/@%/@@/; s/%g\$/@g/; /@g\$/s/[\\\\&%]/\\\\&/g;
+ s/@@/%@/; s/@@/@%/; s/@g\$/%g/' > conftest.subs <<\\CEOF
+$ac_vpsub
+$extrasub
+s%@SHELL@%$SHELL%g
+s%@CFLAGS@%$CFLAGS%g
+s%@CPPFLAGS@%$CPPFLAGS%g
+s%@CXXFLAGS@%$CXXFLAGS%g
+s%@FFLAGS@%$FFLAGS%g
+s%@DEFS@%$DEFS%g
+s%@LDFLAGS@%$LDFLAGS%g
+s%@LIBS@%$LIBS%g
+s%@exec_prefix@%$exec_prefix%g
+s%@prefix@%$prefix%g
+s%@program_transform_name@%$program_transform_name%g
+s%@bindir@%$bindir%g
+s%@sbindir@%$sbindir%g
+s%@libexecdir@%$libexecdir%g
+s%@datadir@%$datadir%g
+s%@sysconfdir@%$sysconfdir%g
+s%@sharedstatedir@%$sharedstatedir%g
+s%@localstatedir@%$localstatedir%g
+s%@libdir@%$libdir%g
+s%@includedir@%$includedir%g
+s%@oldincludedir@%$oldincludedir%g
+s%@infodir@%$infodir%g
+s%@mandir@%$mandir%g
+s%@CC@%$CC%g
+s%@RANLIB@%$RANLIB%g
+s%@CPP@%$CPP%g
+s%@HAVE_MEMMOVE@%$HAVE_MEMMOVE%g
+s%@HAVE_STRERROR@%$HAVE_STRERROR%g
+s%@LIBTOOL@%$LIBTOOL%g
+s%@LIBSUFFIX@%$LIBSUFFIX%g
+s%@UTF8@%$UTF8%g
+s%@PCRE_MAJOR@%$PCRE_MAJOR%g
+s%@PCRE_MINOR@%$PCRE_MINOR%g
+s%@PCRE_DATE@%$PCRE_DATE%g
+s%@PCRE_VERSION@%$PCRE_VERSION%g
+s%@PCRE_LIB_VERSION@%$PCRE_LIB_VERSION%g
+s%@PCRE_POSIXLIB_VERSION@%$PCRE_POSIXLIB_VERSION%g
+
+CEOF
+EOF
+
+cat >> $CONFIG_STATUS <<\EOF
+
+# Split the substitutions into bite-sized pieces for seds with
+# small command number limits, like on Digital OSF/1 and HP-UX.
+ac_max_sed_cmds=90 # Maximum number of lines to put in a sed script.
+ac_file=1 # Number of current file.
+ac_beg=1 # First line for current file.
+ac_end=$ac_max_sed_cmds # Line after last line for current file.
+ac_more_lines=:
+ac_sed_cmds=""
+while $ac_more_lines; do
+  if test $ac_beg -gt 1; then
+    sed "1,${ac_beg}d; ${ac_end}q" conftest.subs > conftest.s$ac_file
+  else
+    sed "${ac_end}q" conftest.subs > conftest.s$ac_file
+  fi
+  if test ! -s conftest.s$ac_file; then
+    ac_more_lines=false
+    rm -f conftest.s$ac_file
+  else
+    if test -z "$ac_sed_cmds"; then
+      ac_sed_cmds="sed -f conftest.s$ac_file"
+    else
+      ac_sed_cmds="$ac_sed_cmds | sed -f conftest.s$ac_file"
+    fi
+    ac_file=`expr $ac_file + 1`
+    ac_beg=$ac_end
+    ac_end=`expr $ac_end + $ac_max_sed_cmds`
+  fi
+done
+if test -z "$ac_sed_cmds"; then
+  ac_sed_cmds=cat
+fi
+EOF
+
+cat >> $CONFIG_STATUS <<EOF
+
+CONFIG_FILES=\${CONFIG_FILES-"Makefile pcre.h:pcre.in pcre-config:pcre-config.in RunTest:RunTest.in"}
+EOF
+cat >> $CONFIG_STATUS <<\EOF
+for ac_file in .. $CONFIG_FILES; do if test "x$ac_file" != x..; then
+  # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
+  case "$ac_file" in
+  *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'`
+       ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;;
+  *) ac_file_in="${ac_file}.in" ;;
+  esac
+
+  # Adjust a relative srcdir, top_srcdir, and INSTALL for subdirectories.
+
+  # Remove last slash and all that follows it.  Not all systems have dirname.
+  ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'`
+  if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then
+    # The file is in a subdirectory.
+    test ! -d "$ac_dir" && mkdir "$ac_dir"
+    ac_dir_suffix="/`echo $ac_dir|sed 's%^\./%%'`"
+    # A "../" for each directory in $ac_dir_suffix.
+    ac_dots=`echo $ac_dir_suffix|sed 's%/[^/]*%../%g'`
+  else
+    ac_dir_suffix= ac_dots=
+  fi
+
+  case "$ac_given_srcdir" in
+  .)  srcdir=.
+      if test -z "$ac_dots"; then top_srcdir=.
+      else top_srcdir=`echo $ac_dots|sed 's%/$%%'`; fi ;;
+  /*) srcdir="$ac_given_srcdir$ac_dir_suffix"; top_srcdir="$ac_given_srcdir" ;;
+  *) # Relative path.
+    srcdir="$ac_dots$ac_given_srcdir$ac_dir_suffix"
+    top_srcdir="$ac_dots$ac_given_srcdir" ;;
+  esac
+
+
+  echo creating "$ac_file"
+  rm -f "$ac_file"
+  configure_input="Generated automatically from `echo $ac_file_in|sed 's%.*/%%'` by configure."
+  case "$ac_file" in
+  *Makefile*) ac_comsub="1i\\
+# $configure_input" ;;
+  *) ac_comsub= ;;
+  esac
+
+  ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"`
+  sed -e "$ac_comsub
+s%@configure_input@%$configure_input%g
+s%@srcdir@%$srcdir%g
+s%@top_srcdir@%$top_srcdir%g
+" $ac_file_inputs | (eval "$ac_sed_cmds") > $ac_file
+fi; done
+rm -f conftest.s*
+
+# These sed commands are passed to sed as "A NAME B NAME C VALUE D", where
+# NAME is the cpp macro being defined and VALUE is the value it is being given.
+#
+# ac_d sets the value in "#define NAME VALUE" lines.
+ac_dA='s%^\([ 	]*\)#\([ 	]*define[ 	][ 	]*\)'
+ac_dB='\([ 	][ 	]*\)[^ 	]*%\1#\2'
+ac_dC='\3'
+ac_dD='%g'
+# ac_u turns "#undef NAME" with trailing blanks into "#define NAME VALUE".
+ac_uA='s%^\([ 	]*\)#\([ 	]*\)undef\([ 	][ 	]*\)'
+ac_uB='\([ 	]\)%\1#\2define\3'
+ac_uC=' '
+ac_uD='\4%g'
+# ac_e turns "#undef NAME" without trailing blanks into "#define NAME VALUE".
+ac_eA='s%^\([ 	]*\)#\([ 	]*\)undef\([ 	][ 	]*\)'
+ac_eB='$%\1#\2define\3'
+ac_eC=' '
+ac_eD='%g'
+
+if test "${CONFIG_HEADERS+set}" != set; then
+EOF
+cat >> $CONFIG_STATUS <<EOF
+  CONFIG_HEADERS="config.h:config.in"
+EOF
+cat >> $CONFIG_STATUS <<\EOF
+fi
+for ac_file in .. $CONFIG_HEADERS; do if test "x$ac_file" != x..; then
+  # Support "outfile[:infile[:infile...]]", defaulting infile="outfile.in".
+  case "$ac_file" in
+  *:*) ac_file_in=`echo "$ac_file"|sed 's%[^:]*:%%'`
+       ac_file=`echo "$ac_file"|sed 's%:.*%%'` ;;
+  *) ac_file_in="${ac_file}.in" ;;
+  esac
+
+  echo creating $ac_file
+
+  rm -f conftest.frag conftest.in conftest.out
+  ac_file_inputs=`echo $ac_file_in|sed -e "s%^%$ac_given_srcdir/%" -e "s%:% $ac_given_srcdir/%g"`
+  cat $ac_file_inputs > conftest.in
+
+EOF
+
+# Transform confdefs.h into a sed script conftest.vals that substitutes
+# the proper values into config.h.in to produce config.h.  And first:
+# Protect against being on the right side of a sed subst in config.status.
+# Protect against being in an unquoted here document in config.status.
+rm -f conftest.vals
+cat > conftest.hdr <<\EOF
+s/[\\&%]/\\&/g
+s%[\\$`]%\\&%g
+s%#define \([A-Za-z_][A-Za-z0-9_]*\) *\(.*\)%${ac_dA}\1${ac_dB}\1${ac_dC}\2${ac_dD}%gp
+s%ac_d%ac_u%gp
+s%ac_u%ac_e%gp
+EOF
+sed -n -f conftest.hdr confdefs.h > conftest.vals
+rm -f conftest.hdr
+
+# This sed command replaces #undef with comments.  This is necessary, for
+# example, in the case of _POSIX_SOURCE, which is predefined and required
+# on some systems where configure will not decide to define it.
+cat >> conftest.vals <<\EOF
+s%^[ 	]*#[ 	]*undef[ 	][ 	]*[a-zA-Z_][a-zA-Z_0-9]*%/* & */%
+EOF
+
+# Break up conftest.vals because some shells have a limit on
+# the size of here documents, and old seds have small limits too.
+
+rm -f conftest.tail
+while :
+do
+  ac_lines=`grep -c . conftest.vals`
+  # grep -c gives empty output for an empty file on some AIX systems.
+  if test -z "$ac_lines" || test "$ac_lines" -eq 0; then break; fi
+  # Write a limited-size here document to conftest.frag.
+  echo '  cat > conftest.frag <<CEOF' >> $CONFIG_STATUS
+  sed ${ac_max_here_lines}q conftest.vals >> $CONFIG_STATUS
+  echo 'CEOF
+  sed -f conftest.frag conftest.in > conftest.out
+  rm -f conftest.in
+  mv conftest.out conftest.in
+' >> $CONFIG_STATUS
+  sed 1,${ac_max_here_lines}d conftest.vals > conftest.tail
+  rm -f conftest.vals
+  mv conftest.tail conftest.vals
+done
+rm -f conftest.vals
+
+cat >> $CONFIG_STATUS <<\EOF
+  rm -f conftest.frag conftest.h
+  echo "/* $ac_file.  Generated automatically by configure.  */" > conftest.h
+  cat conftest.in >> conftest.h
+  rm -f conftest.in
+  if cmp -s $ac_file conftest.h 2>/dev/null; then
+    echo "$ac_file is unchanged"
+    rm -f conftest.h
+  else
+    # Remove last slash and all that follows it.  Not all systems have dirname.
+      ac_dir=`echo $ac_file|sed 's%/[^/][^/]*$%%'`
+      if test "$ac_dir" != "$ac_file" && test "$ac_dir" != .; then
+      # The file is in a subdirectory.
+      test ! -d "$ac_dir" && mkdir "$ac_dir"
+    fi
+    rm -f $ac_file
+    mv conftest.h $ac_file
+  fi
+fi; done
+
+EOF
+cat >> $CONFIG_STATUS <<EOF
+
+EOF
+cat >> $CONFIG_STATUS <<\EOF
+chmod a+x RunTest pcre-config
+exit 0
+EOF
+chmod +x $CONFIG_STATUS
+rm -fr confdefs* $ac_clean_files
+test "$no_create" = yes || ${CONFIG_SHELL-/bin/sh} $CONFIG_STATUS || exit 1
+
diff --git a/external/privoxy/pcre/configure.in b/external/privoxy/pcre/configure.in
new file mode 100644
index 0000000..c98387d
--- /dev/null
+++ b/external/privoxy/pcre/configure.in
@@ -0,0 +1,85 @@
+dnl Process this file with autoconf to produce a configure script.
+
+dnl This is required at the start; the name is the name of a file
+dnl it should be seeing, to verify it is in the same directory.
+
+AC_INIT(dftables.c)
+
+dnl Arrange to build config.h from config.in. Note that pcre.h is
+dnl built differently, as it is just a "substitution" file.
+dnl Manual says this macro should come right after AC_INIT.
+AC_CONFIG_HEADER(config.h:config.in)
+
+dnl Provide the current PCRE version information. Do not use numbers
+dnl with leading zeros for the minor version, as they end up in a C
+dnl macro, and may be treated as octal constants. Stick to single
+dnl digits for minor numbers less than 10. There are unlikely to be
+dnl that many releases anyway.
+
+PCRE_MAJOR=3
+PCRE_MINOR=4
+PCRE_DATE=22-Aug-2000
+PCRE_VERSION=${PCRE_MAJOR}.${PCRE_MINOR}
+
+dnl Provide versioning information for libtool shared libraries that
+dnl are built by default on Unix systems.
+
+PCRE_LIB_VERSION=0:1:0
+PCRE_POSIXLIB_VERSION=0:0:0
+
+dnl Checks for programs.
+
+AC_PROG_CC
+AC_PROG_RANLIB
+
+dnl Checks for header files.
+
+AC_HEADER_STDC
+AC_CHECK_HEADERS(limits.h)
+
+dnl Checks for typedefs, structures, and compiler characteristics.
+
+AC_C_CONST
+AC_TYPE_SIZE_T
+
+dnl Checks for library functions.
+
+AC_CHECK_FUNCS(bcopy memmove strerror)
+
+dnl Handle --enable-shared-libraries
+
+LIBTOOL=./libtool
+LIBSUFFIX=la
+AC_ARG_ENABLE(shared,
+[  --disable-shared        build PCRE as a static library],
+if test "$enableval" = "no"; then
+  LIBTOOL=
+  LIBSUFFIX=a
+fi
+)
+
+dnl Handle --enable-utf8
+
+AC_ARG_ENABLE(utf8,
+[  --enable-utf8           enable UTF8 support (incomplete)],
+if test "$enableval" = "yes"; then
+  UTF8=-DSUPPORT_UTF8
+fi
+)
+
+dnl "Export" these variables
+
+AC_SUBST(HAVE_MEMMOVE)
+AC_SUBST(HAVE_STRERROR)
+AC_SUBST(LIBTOOL)
+AC_SUBST(LIBSUFFIX)
+AC_SUBST(UTF8)
+AC_SUBST(PCRE_MAJOR)
+AC_SUBST(PCRE_MINOR)
+AC_SUBST(PCRE_DATE)
+AC_SUBST(PCRE_VERSION)
+AC_SUBST(PCRE_LIB_VERSION)
+AC_SUBST(PCRE_POSIXLIB_VERSION)
+
+dnl This must be last; it determines what files are written
+AC_OUTPUT(Makefile pcre.h:pcre.in pcre-config:pcre-config.in RunTest:RunTest.in,[chmod a+x RunTest pcre-config])
diff --git a/external/privoxy/pcre/dftables b/external/privoxy/pcre/dftables
new file mode 100755
index 0000000..0e680da
Binary files /dev/null and b/external/privoxy/pcre/dftables differ
diff --git a/external/privoxy/pcre/dftables.c b/external/privoxy/pcre/dftables.c
new file mode 100644
index 0000000..d572dfd
--- /dev/null
+++ b/external/privoxy/pcre/dftables.c
@@ -0,0 +1,148 @@
+/*************************************************
+*      Perl-Compatible Regular Expressions       *
+*************************************************/
+
+/*
+PCRE is a library of functions to support regular expressions whose syntax
+and semantics are as close as possible to those of the Perl 5 language.
+
+Written by: Philip Hazel <ph10 at cam.ac.uk>
+
+           Copyright (c) 1997-2000 University of Cambridge
+
+-----------------------------------------------------------------------------
+Permission is granted to anyone to use this software for any purpose on any
+computer system, and to redistribute it freely, subject to the following
+restrictions:
+
+1. This software is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+2. The origin of this software must not be misrepresented, either by
+   explicit claim or by omission.
+
+3. Altered versions must be plainly marked as such, and must not be
+   misrepresented as being the original software.
+
+4. If PCRE is embedded in any software that is released under the GNU
+   General Purpose Licence (GPL), then the terms of that licence shall
+   supersede any condition above with which it is incompatible.
+-----------------------------------------------------------------------------
+
+See the file Tech.Notes for some information on the internals.
+*/
+
+
+/* This is a support program to generate the file chartables.c, containing
+character tables of various kinds. They are built according to the default C
+locale and used as the default tables by PCRE. Now that pcre_maketables is
+a function visible to the outside world, we make use of its code from here in
+order to be consistent. */
+
+#include <ctype.h>
+#include <stdio.h>
+#include <string.h>
+
+#include "internal.h"
+
+#define DFTABLES          /* maketables.c notices this */
+#include "maketables.c"
+
+
+int main(void)
+{
+int i;
+unsigned const char *tables = pcre_maketables();
+
+printf(
+  "/*************************************************\n"
+  "*      Perl-Compatible Regular Expressions       *\n"
+  "*************************************************/\n\n"
+  "/* This file is automatically written by the dftables auxiliary \n"
+  "program. If you edit it by hand, you might like to edit the Makefile to \n"
+  "prevent its ever being regenerated.\n\n"
+  "This file is #included in the compilation of pcre.c to build the default\n"
+  "character tables which are used when no tables are passed to the compile\n"
+  "function. */\n\n"
+  "static unsigned char pcre_default_tables[] = {\n\n"
+  "/* This table is a lower casing table. */\n\n");
+
+printf("  ");
+for (i = 0; i < 256; i++)
+  {
+  if ((i & 7) == 0 && i != 0) printf("\n  ");
+  printf("%3d", *tables++);
+  if (i != 255) printf(",");
+  }
+printf(",\n\n");
+
+printf("/* This table is a case flipping table. */\n\n");
+
+printf("  ");
+for (i = 0; i < 256; i++)
+  {
+  if ((i & 7) == 0 && i != 0) printf("\n  ");
+  printf("%3d", *tables++);
+  if (i != 255) printf(",");
+  }
+printf(",\n\n");
+
+printf(
+  "/* This table contains bit maps for various character classes.\n"
+  "Each map is 32 bytes long and the bits run from the least\n"
+  "significant end of each byte. The classes that have their own\n"
+  "maps are: space, xdigit, digit, upper, lower, word, graph\n"
+  "print, punct, and cntrl. Other classes are built from combinations. */\n\n");
+
+printf("  ");
+for (i = 0; i < cbit_length; i++)
+  {
+  if ((i & 7) == 0 && i != 0)
+    {
+    if ((i & 31) == 0) printf("\n");
+    printf("\n  ");
+    }
+  printf("0x%02x", *tables++);
+  if (i != cbit_length - 1) printf(",");
+  }
+printf(",\n\n");
+
+printf(
+  "/* This table identifies various classes of character by individual bits:\n"
+  "  0x%02x   white space character\n"
+  "  0x%02x   letter\n"
+  "  0x%02x   decimal digit\n"
+  "  0x%02x   hexadecimal digit\n"
+  "  0x%02x   alphanumeric or '_'\n"
+  "  0x%02x   regular expression metacharacter or binary zero\n*/\n\n",
+  ctype_space, ctype_letter, ctype_digit, ctype_xdigit, ctype_word,
+  ctype_meta);
+
+printf("  ");
+for (i = 0; i < 256; i++)
+  {
+  if ((i & 7) == 0 && i != 0)
+    {
+    printf(" /* ");
+    if (isprint(i-8)) printf(" %c -", i-8);
+      else printf("%3d-", i-8);
+    if (isprint(i-1)) printf(" %c ", i-1);
+      else printf("%3d", i-1);
+    printf(" */\n  ");
+    }
+  printf("0x%02x", *tables++);
+  if (i != 255) printf(",");
+  }
+
+printf("};/* ");
+if (isprint(i-8)) printf(" %c -", i-8);
+  else printf("%3d-", i-8);
+if (isprint(i-1)) printf(" %c ", i-1);
+  else printf("%3d", i-1);
+printf(" */\n\n/* End of chartables.c */\n");
+
+return 0;
+}
+
+/* End of dftables.c */
diff --git a/external/privoxy/pcre/dll.mk b/external/privoxy/pcre/dll.mk
new file mode 100644
index 0000000..d8b728e
--- /dev/null
+++ b/external/privoxy/pcre/dll.mk
@@ -0,0 +1,60 @@
+# dll.mk - auxilary Makefile to easy build dll's for mingw32 target
+# ver. 0.6 of 1999-03-25
+#
+# Homepage of this makefile - http://www.is.lg.ua/~paul/devel/
+# Homepage of original mingw32 project -
+#		      http://www.fu.is.saga-u.ac.jp/~colin/gcc.html
+#
+# How to use:
+# This makefile can:
+# 1. Create automatical .def file from list of objects
+# 2. Create .dll from objects and .def file, either automatical, or your
+#    hand-written (maybe) file, which must have same basename as dll
+# WARNING! There MUST be object, which name match dll's name. Make sux.
+# 3. Create import library from .def (as for .dll, only its name required,
+#    not dll itself)
+#    By convention implibs for dll have .dll.a suffix, e.g. libstuff.dll.a
+#    Why not just libstuff.a? 'Cos that's name for static lib, ok?
+# Process divided into 3 phases because:
+# 1. Pre-existent .def possible
+# 2. Generating implib is enough time-consuming
+#
+# Variables:
+#   DLL_LDLIBS  - libs for linking dll
+#   DLL_LDFLAGS - flags for linking dll
+#
+# By using $(DLL_SUFFIX) instead of 'dll', e.g. stuff.$(DLL_SUFFIX)
+# you may help porting makefiles to other platforms
+#
+# Put this file in your make's include path (e.g. main include dir, for
+# more information see include section in make doc). Put in the beginning
+# of your own Makefile line "include dll.mk". Specify dependences, e.g.:
+#
+# Do all stuff in one step
+# libstuff.dll.a: $(OBJECTS) stuff.def
+# stuff.def: $(OBJECTS)
+#
+# Steps separated, pre-provided .def, link with user32
+#
+# DLL_LDLIBS=-luser32
+# stuff.dll: $(OBJECTS)
+# libstuff.dll.a: $(OBJECTS)
+
+
+DLLWRAP=dllwrap
+DLLTOOL=dlltool
+
+DLL_SUFFIX=dll
+
+.SUFFIXES: .o .$(DLL_SUFFIX)
+
+_%.def: %.o
+      $(DLLTOOL) --export-all --output-def $@ $^
+
+%.$(DLL_SUFFIX): %.o
+      $(DLLWRAP) --dllname $(notdir $@) --driver-name $(CC) --def $*.def -o $@ $(filter %.o,$^) $(DLL_LDFLAGS) $(DLL_LDLIBS)
+
+lib%.$(DLL_SUFFIX).a:%.def
+      $(DLLTOOL) --dllname $(notdir $*.dll) --def $< --output-lib $@
+
+# End
diff --git a/external/privoxy/pcre/doc/ChangeLog b/external/privoxy/pcre/doc/ChangeLog
new file mode 100644
index 0000000..2133dd7
--- /dev/null
+++ b/external/privoxy/pcre/doc/ChangeLog
@@ -0,0 +1,655 @@
+ChangeLog for PCRE
+------------------
+
+
+Version 3.4 22-Aug-00
+---------------------
+
+1. Fixed typo in pcre.h: unsigned const char * changed to const unsigned char *.
+
+2. Diagnose condition (?(0) as an error instead of crashing on matching.
+
+
+Version 3.3 01-Aug-00
+---------------------
+
+1. If an octal character was given, but the value was greater than \377, it
+was not getting masked to the least significant bits, as documented. This could
+lead to crashes in some systems.
+
+2. Perl 5.6 (if not earlier versions) accepts classes like [a-\d] and treats
+the hyphen as a literal. PCRE used to give an error; it now behaves like Perl.
+
+3. Added the functions pcre_free_substring() and pcre_free_substring_list().
+These just pass their arguments on to (pcre_free)(), but they are provided
+because some uses of PCRE bind it to non-C systems that can call its functions,
+but cannot call free() or pcre_free() directly.
+
+4. Add "make test" as a synonym for "make check". Corrected some comments in
+the Makefile.
+
+5. Add $(DESTDIR)/ in front of all the paths in the "install" target in the
+Makefile.
+
+6. Changed the name of pgrep to pcregrep, because Solaris has introduced a
+command called pgrep for grepping around the active processes.
+
+7. Added the beginnings of support for UTF-8 character strings.
+
+8. Arranged for the Makefile to pass over the settings of CC, CFLAGS, and
+RANLIB to ./ltconfig so that they are used by libtool. I think these are all
+the relevant ones. (AR is not passed because ./ltconfig does its own figuring
+out for the ar command.)
+
+
+Version 3.2 12-May-00
+---------------------
+
+This is purely a bug fixing release.
+
+1. If the pattern /((Z)+|A)*/ was matched agained ZABCDEFG it matched Z instead
+of ZA. This was just one example of several cases that could provoke this bug,
+which was introduced by change 9 of version 2.00. The code for breaking
+infinite loops after an iteration that matches an empty string was't working
+correctly.
+
+2. The pcretest program was not imitating Perl correctly for the pattern /a*/g
+when matched against abbab (for example). After matching an empty string, it
+wasn't forcing anchoring when setting PCRE_NOTEMPTY for the next attempt; this
+caused it to match further down the string than it should.
+
+3. The code contained an inclusion of sys/types.h. It isn't clear why this
+was there because it doesn't seem to be needed, and it causes trouble on some
+systems, as it is not a Standard C header. It has been removed.
+
+4. Made 4 silly changes to the source to avoid stupid compiler warnings that
+were reported on the Macintosh. The changes were from
+
+  while ((c = *(++ptr)) != 0 && c != '\n');
+to
+  while ((c = *(++ptr)) != 0 && c != '\n') ;
+
+Totally extraordinary, but if that's what it takes...
+
+5. PCRE is being used in one environment where neither memmove() nor bcopy() is
+available. Added HAVE_BCOPY and an autoconf test for it; if neither
+HAVE_MEMMOVE nor HAVE_BCOPY is set, use a built-in emulation function which
+assumes the way PCRE uses memmove() (always moving upwards).
+
+6. PCRE is being used in one environment where strchr() is not available. There
+was only one use in pcre.c, and writing it out to avoid strchr() probably gives
+faster code anyway.
+
+
+Version 3.1 09-Feb-00
+---------------------
+
+The only change in this release is the fixing of some bugs in Makefile.in for
+the "install" target:
+
+(1) It was failing to install pcreposix.h.
+
+(2) It was overwriting the pcre.3 man page with the pcreposix.3 man page.
+
+
+Version 3.0 01-Feb-00
+---------------------
+
+1. Add support for the /+ modifier to perltest (to output $` like it does in
+pcretest).
+
+2. Add support for the /g modifier to perltest.
+
+3. Fix pcretest so that it behaves even more like Perl for /g when the pattern
+matches null strings.
+
+4. Fix perltest so that it doesn't do unwanted things when fed an empty
+pattern. Perl treats empty patterns specially - it reuses the most recent
+pattern, which is not what we want. Replace // by /(?#)/ in order to avoid this
+effect.
+
+5. The POSIX interface was broken in that it was just handing over the POSIX
+captured string vector to pcre_exec(), but (since release 2.00) PCRE has
+required a bigger vector, with some working space on the end. This means that
+the POSIX wrapper now has to get and free some memory, and copy the results.
+
+6. Added some simple autoconf support, placing the test data and the
+documentation in separate directories, re-organizing some of the
+information files, and making it build pcre-config (a GNU standard). Also added
+libtool support for building PCRE as a shared library, which is now the
+default.
+
+7. Got rid of the leading zero in the definition of PCRE_MINOR because 08 and
+09 are not valid octal constants. Single digits will be used for minor values
+less than 10.
+
+8. Defined REG_EXTENDED and REG_NOSUB as zero in the POSIX header, so that
+existing programs that set these in the POSIX interface can use PCRE without
+modification.
+
+9. Added a new function, pcre_fullinfo() with an extensible interface. It can
+return all that pcre_info() returns, plus additional data. The pcre_info()
+function is retained for compatibility, but is considered to be obsolete.
+
+10. Added experimental recursion feature (?R) to handle one common case that
+Perl 5.6 will be able to do with (?p{...}).
+
+11. Added support for POSIX character classes like [:alpha:], which Perl is
+adopting.
+
+
+Version 2.08 31-Aug-99
+----------------------
+
+1. When startoffset was not zero and the pattern began with ".*", PCRE was not
+trying to match at the startoffset position, but instead was moving forward to
+the next newline as if a previous match had failed.
+
+2. pcretest was not making use of PCRE_NOTEMPTY when repeating for /g and /G,
+and could get into a loop if a null string was matched other than at the start
+of the subject.
+
+3. Added definitions of PCRE_MAJOR and PCRE_MINOR to pcre.h so the version can
+be distinguished at compile time, and for completeness also added PCRE_DATE.
+
+5. Added Paul Sokolovsky's minor changes to make it easy to compile a Win32 DLL
+in GnuWin32 environments.
+
+
+Version 2.07 29-Jul-99
+----------------------
+
+1. The documentation is now supplied in plain text form and HTML as well as in
+the form of man page sources.
+
+2. C++ compilers don't like assigning (void *) values to other pointer types.
+In particular this affects malloc(). Although there is no problem in Standard
+C, I've put in casts to keep C++ compilers happy.
+
+3. Typo on pcretest.c; a cast of (unsigned char *) in the POSIX regexec() call
+should be (const char *).
+
+4. If NOPOSIX is defined, pcretest.c compiles without POSIX support. This may
+be useful for non-Unix systems who don't want to bother with the POSIX stuff.
+However, I haven't made this a standard facility. The documentation doesn't
+mention it, and the Makefile doesn't support it.
+
+5. The Makefile now contains an "install" target, with editable destinations at
+the top of the file. The pcretest program is not installed.
+
+6. pgrep -V now gives the PCRE version number and date.
+
+7. Fixed bug: a zero repetition after a literal string (e.g. /abcde{0}/) was
+causing the entire string to be ignored, instead of just the last character.
+
+8. If a pattern like /"([^\\"]+|\\.)*"/ is applied in the normal way to a
+non-matching string, it can take a very, very long time, even for strings of
+quite modest length, because of the nested recursion. PCRE now does better in
+some of these cases. It does this by remembering the last required literal
+character in the pattern, and pre-searching the subject to ensure it is present
+before running the real match. In other words, it applies a heuristic to detect
+some types of certain failure quickly, and in the above example, if presented
+with a string that has no trailing " it gives "no match" very quickly.
+
+9. A new runtime option PCRE_NOTEMPTY causes null string matches to be ignored;
+other alternatives are tried instead.
+
+
+Version 2.06 09-Jun-99
+----------------------
+
+1. Change pcretest's output for amount of store used to show just the code
+space, because the remainder (the data block) varies in size between 32-bit and
+64-bit systems.
+
+2. Added an extra argument to pcre_exec() to supply an offset in the subject to
+start matching at. This allows lookbehinds to work when searching for multiple
+occurrences in a string.
+
+3. Added additional options to pcretest for testing multiple occurrences:
+
+   /+   outputs the rest of the string that follows a match
+   /g   loops for multiple occurrences, using the new startoffset argument
+   /G   loops for multiple occurrences by passing an incremented pointer
+
+4. PCRE wasn't doing the "first character" optimization for patterns starting
+with \b or \B, though it was doing it for other lookbehind assertions. That is,
+it wasn't noticing that a match for a pattern such as /\bxyz/ has to start with
+the letter 'x'. On long subject strings, this gives a significant speed-up.
+
+
+Version 2.05 21-Apr-99
+----------------------
+
+1. Changed the type of magic_number from int to long int so that it works
+properly on 16-bit systems.
+
+2. Fixed a bug which caused patterns starting with .* not to work correctly
+when the subject string contained newline characters. PCRE was assuming
+anchoring for such patterns in all cases, which is not correct because .* will
+not pass a newline unless PCRE_DOTALL is set. It now assumes anchoring only if
+DOTALL is set at top level; otherwise it knows that patterns starting with .*
+must be retried after every newline in the subject.
+
+
+Version 2.04 18-Feb-99
+----------------------
+
+1. For parenthesized subpatterns with repeats whose minimum was zero, the
+computation of the store needed to hold the pattern was incorrect (too large).
+If such patterns were nested a few deep, this could multiply and become a real
+problem.
+
+2. Added /M option to pcretest to show the memory requirement of a specific
+pattern. Made -m a synonym of -s (which does this globally) for compatibility.
+
+3. Subpatterns of the form (regex){n,m} (i.e. limited maximum) were being
+compiled in such a way that the backtracking after subsequent failure was
+pessimal. Something like (a){0,3} was compiled as (a)?(a)?(a)? instead of
+((a)((a)(a)?)?)? with disastrous performance if the maximum was of any size.
+
+
+Version 2.03 02-Feb-99
+----------------------
+
+1. Fixed typo and small mistake in man page.
+
+2. Added 4th condition (GPL supersedes if conflict) and created separate
+LICENCE file containing the conditions.
+
+3. Updated pcretest so that patterns such as /abc\/def/ work like they do in
+Perl, that is the internal \ allows the delimiter to be included in the
+pattern. Locked out the use of \ as a delimiter. If \ immediately follows
+the final delimiter, add \ to the end of the pattern (to test the error).
+
+4. Added the convenience functions for extracting substrings after a successful
+match. Updated pcretest to make it able to test these functions.
+
+
+Version 2.02 14-Jan-99
+----------------------
+
+1. Initialized the working variables associated with each extraction so that
+their saving and restoring doesn't refer to uninitialized store.
+
+2. Put dummy code into study.c in order to trick the optimizer of the IBM C
+compiler for OS/2 into generating correct code. Apparently IBM isn't going to
+fix the problem.
+
+3. Pcretest: the timing code wasn't using LOOPREPEAT for timing execution
+calls, and wasn't printing the correct value for compiling calls. Increased the
+default value of LOOPREPEAT, and the number of significant figures in the
+times.
+
+4. Changed "/bin/rm" in the Makefile to "-rm" so it works on Windows NT.
+
+5. Renamed "deftables" as "dftables" to get it down to 8 characters, to avoid
+a building problem on Windows NT with a FAT file system.
+
+
+Version 2.01 21-Oct-98
+----------------------
+
+1. Changed the API for pcre_compile() to allow for the provision of a pointer
+to character tables built by pcre_maketables() in the current locale. If NULL
+is passed, the default tables are used.
+
+
+Version 2.00 24-Sep-98
+----------------------
+
+1. Since the (>?) facility is in Perl 5.005, don't require PCRE_EXTRA to enable
+it any more.
+
+2. Allow quantification of (?>) groups, and make it work correctly.
+
+3. The first character computation wasn't working for (?>) groups.
+
+4. Correct the implementation of \Z (it is permitted to match on the \n at the
+end of the subject) and add 5.005's \z, which really does match only at the
+very end of the subject.
+
+5. Remove the \X "cut" facility; Perl doesn't have it, and (?> is neater.
+
+6. Remove the ability to specify CASELESS, MULTILINE, DOTALL, and
+DOLLAR_END_ONLY at runtime, to make it possible to implement the Perl 5.005
+localized options. All options to pcre_study() were also removed.
+
+7. Add other new features from 5.005:
+
+   $(?<=           positive lookbehind
+   $(?<!           negative lookbehind
+   (?imsx-imsx)    added the unsetting capability
+                   such a setting is global if at outer level; local otherwise
+   (?imsx-imsx:)   non-capturing groups with option setting
+   (?(cond)re|re)  conditional pattern matching
+
+   A backreference to itself in a repeated group matches the previous
+   captured string.
+
+8. General tidying up of studying (both automatic and via "study")
+consequential on the addition of new assertions.
+
+9. As in 5.005, unlimited repeated groups that could match an empty substring
+are no longer faulted at compile time. Instead, the loop is forcibly broken at
+runtime if any iteration does actually match an empty substring.
+
+10. Include the RunTest script in the distribution.
+
+11. Added tests from the Perl 5.005_02 distribution. This showed up a few
+discrepancies, some of which were old and were also with respect to 5.004. They
+have now been fixed.
+
+
+Version 1.09 28-Apr-98
+----------------------
+
+1. A negated single character class followed by a quantifier with a minimum
+value of one (e.g.  [^x]{1,6}  ) was not compiled correctly. This could lead to
+program crashes, or just wrong answers. This did not apply to negated classes
+containing more than one character, or to minima other than one.
+
+
+Version 1.08 27-Mar-98
+----------------------
+
+1. Add PCRE_UNGREEDY to invert the greediness of quantifiers.
+
+2. Add (?U) and (?X) to set PCRE_UNGREEDY and PCRE_EXTRA respectively. The
+latter must appear before anything that relies on it in the pattern.
+
+
+Version 1.07 16-Feb-98
+----------------------
+
+1. A pattern such as /((a)*)*/ was not being diagnosed as in error (unlimited
+repeat of a potentially empty string).
+
+
+Version 1.06 23-Jan-98
+----------------------
+
+1. Added Markus Oberhumer's little patches for C++.
+
+2. Literal strings longer than 255 characters were broken.
+
+
+Version 1.05 23-Dec-97
+----------------------
+
+1. Negated character classes containing more than one character were failing if
+PCRE_CASELESS was set at run time.
+
+
+Version 1.04 19-Dec-97
+----------------------
+
+1. Corrected the man page, where some "const" qualifiers had been omitted.
+
+2. Made debugging output print "{0,xxx}" instead of just "{,xxx}" to agree with
+input syntax.
+
+3. Fixed memory leak which occurred when a regex with back references was
+matched with an offsets vector that wasn't big enough. The temporary memory
+that is used in this case wasn't being freed if the match failed.
+
+4. Tidied pcretest to ensure it frees memory that it gets.
+
+5. Temporary memory was being obtained in the case where the passed offsets
+vector was exactly big enough.
+
+6. Corrected definition of offsetof() from change 5 below.
+
+7. I had screwed up change 6 below and broken the rules for the use of
+setjmp(). Now fixed.
+
+
+Version 1.03 18-Dec-97
+----------------------
+
+1. A erroneous regex with a missing opening parenthesis was correctly
+diagnosed, but PCRE attempted to access brastack[-1], which could cause crashes
+on some systems.
+
+2. Replaced offsetof(real_pcre, code) by offsetof(real_pcre, code[0]) because
+it was reported that one broken compiler failed on the former because "code" is
+also an independent variable.
+
+3. The erroneous regex a[]b caused an array overrun reference.
+
+4. A regex ending with a one-character negative class (e.g. /[^k]$/) did not
+fail on data ending with that character. (It was going on too far, and checking
+the next character, typically a binary zero.) This was specific to the
+optimized code for single-character negative classes.
+
+5. Added a contributed patch from the TIN world which does the following:
+
+  + Add an undef for memmove, in case the the system defines a macro for it.
+
+  + Add a definition of offsetof(), in case there isn't one. (I don't know
+    the reason behind this - offsetof() is part of the ANSI standard - but
+    it does no harm).
+
+  + Reduce the ifdef's in pcre.c using macro DPRINTF, thereby eliminating
+    most of the places where whitespace preceded '#'. I have given up and
+    allowed the remaining 2 cases to be at the margin.
+
+  + Rename some variables in pcre to eliminate shadowing. This seems very
+    pedantic, but does no harm, of course.
+
+6. Moved the call to setjmp() into its own function, to get rid of warnings
+from gcc -Wall, and avoided calling it at all unless PCRE_EXTRA is used.
+
+7. Constructs such as \d{8,} were compiling into the equivalent of
+\d{8}\d{0,65527} instead of \d{8}\d* which didn't make much difference to the
+outcome, but in this particular case used more store than had been allocated,
+which caused the bug to be discovered because it threw up an internal error.
+
+8. The debugging code in both pcre and pcretest for outputting the compiled
+form of a regex was going wrong in the case of back references followed by
+curly-bracketed repeats.
+
+
+Version 1.02 12-Dec-97
+----------------------
+
+1. Typos in pcre.3 and comments in the source fixed.
+
+2. Applied a contributed patch to get rid of places where it used to remove
+'const' from variables, and fixed some signed/unsigned and uninitialized
+variable warnings.
+
+3. Added the "runtest" target to Makefile.
+
+4. Set default compiler flag to -O2 rather than just -O.
+
+
+Version 1.01 19-Nov-97
+----------------------
+
+1. PCRE was failing to diagnose unlimited repeat of empty string for patterns
+like /([ab]*)*/, that is, for classes with more than one character in them.
+
+2. Likewise, it wasn't diagnosing patterns with "once-only" subpatterns, such
+as /((?>a*))*/ (a PCRE_EXTRA facility).
+
+
+Version 1.00 18-Nov-97
+----------------------
+
+1. Added compile-time macros to support systems such as SunOS4 which don't have
+memmove() or strerror() but have other things that can be used instead.
+
+2. Arranged that "make clean" removes the executables.
+
+
+Version 0.99 27-Oct-97
+----------------------
+
+1. Fixed bug in code for optimizing classes with only one character. It was
+initializing a 32-byte map regardless, which could cause it to run off the end
+of the memory it had got.
+
+2. Added, conditional on PCRE_EXTRA, the proposed (?>REGEX) construction.
+
+
+Version 0.98 22-Oct-97
+----------------------
+
+1. Fixed bug in code for handling temporary memory usage when there are more
+back references than supplied space in the ovector. This could cause segfaults.
+
+
+Version 0.97 21-Oct-97
+----------------------
+
+1. Added the \X "cut" facility, conditional on PCRE_EXTRA.
+
+2. Optimized negated single characters not to use a bit map.
+
+3. Brought error texts together as macro definitions; clarified some of them;
+fixed one that was wrong - it said "range out of order" when it meant "invalid
+escape sequence".
+
+4. Changed some char * arguments to const char *.
+
+5. Added PCRE_NOTBOL and PCRE_NOTEOL (from POSIX).
+
+6. Added the POSIX-style API wrapper in pcreposix.a and testing facilities in
+pcretest.
+
+
+Version 0.96 16-Oct-97
+----------------------
+
+1. Added a simple "pgrep" utility to the distribution.
+
+2. Fixed an incompatibility with Perl: "{" is now treated as a normal character
+unless it appears in one of the precise forms "{ddd}", "{ddd,}", or "{ddd,ddd}"
+where "ddd" means "one or more decimal digits".
+
+3. Fixed serious bug. If a pattern had a back reference, but the call to
+pcre_exec() didn't supply a large enough ovector to record the related
+identifying subpattern, the match always failed. PCRE now remembers the number
+of the largest back reference, and gets some temporary memory in which to save
+the offsets during matching if necessary, in order to ensure that
+backreferences always work.
+
+4. Increased the compatibility with Perl in a number of ways:
+
+  (a) . no longer matches \n by default; an option PCRE_DOTALL is provided
+      to request this handling. The option can be set at compile or exec time.
+
+  (b) $ matches before a terminating newline by default; an option
+      PCRE_DOLLAR_ENDONLY is provided to override this (but not in multiline
+      mode). The option can be set at compile or exec time.
+
+  (c) The handling of \ followed by a digit other than 0 is now supposed to be
+      the same as Perl's. If the decimal number it represents is less than 10
+      or there aren't that many previous left capturing parentheses, an octal
+      escape is read. Inside a character class, it's always an octal escape,
+      even if it is a single digit.
+
+  (d) An escaped but undefined alphabetic character is taken as a literal,
+      unless PCRE_EXTRA is set. Currently this just reserves the remaining
+      escapes.
+
+  (e) {0} is now permitted. (The previous item is removed from the compiled
+      pattern).
+
+5. Changed all the names of code files so that the basic parts are no longer
+than 10 characters, and abolished the teeny "globals.c" file.
+
+6. Changed the handling of character classes; they are now done with a 32-byte
+bit map always.
+
+7. Added the -d and /D options to pcretest to make it possible to look at the
+internals of compilation without having to recompile pcre.
+
+
+Version 0.95 23-Sep-97
+----------------------
+
+1. Fixed bug in pre-pass concerning escaped "normal" characters such as \x5c or
+\x20 at the start of a run of normal characters. These were being treated as
+real characters, instead of the source characters being re-checked.
+
+
+Version 0.94 18-Sep-97
+----------------------
+
+1. The functions are now thread-safe, with the caveat that the global variables
+containing pointers to malloc() and free() or alternative functions are the
+same for all threads.
+
+2. Get pcre_study() to generate a bitmap of initial characters for non-
+anchored patterns when this is possible, and use it if passed to pcre_exec().
+
+
+Version 0.93 15-Sep-97
+----------------------
+
+1. /(b)|(:+)/ was computing an incorrect first character.
+
+2. Add pcre_study() to the API and the passing of pcre_extra to pcre_exec(),
+but not actually doing anything yet.
+
+3. Treat "-" characters in classes that cannot be part of ranges as literals,
+as Perl does (e.g. [-az] or [az-]).
+
+4. Set the anchored flag if a branch starts with .* or .*? because that tests
+all possible positions.
+
+5. Split up into different modules to avoid including unneeded functions in a
+compiled binary. However, compile and exec are still in one module. The "study"
+function is split off.
+
+6. The character tables are now in a separate module whose source is generated
+by an auxiliary program - but can then be edited by hand if required. There are
+now no calls to isalnum(), isspace(), isdigit(), isxdigit(), tolower() or
+toupper() in the code.
+
+7. Turn the malloc/free funtions variables into pcre_malloc and pcre_free and
+make them global. Abolish the function for setting them, as the caller can now
+set them directly.
+
+
+Version 0.92 11-Sep-97
+----------------------
+
+1. A repeat with a fixed maximum and a minimum of 1 for an ordinary character
+(e.g. /a{1,3}/) was broken (I mis-optimized it).
+
+2. Caseless matching was not working in character classes if the characters in
+the pattern were in upper case.
+
+3. Make ranges like [W-c] work in the same way as Perl for caseless matching.
+
+4. Make PCRE_ANCHORED public and accept as a compile option.
+
+5. Add an options word to pcre_exec() and accept PCRE_ANCHORED and
+PCRE_CASELESS at run time. Add escapes \A and \I to pcretest to cause it to
+pass them.
+
+6. Give an error if bad option bits passed at compile or run time.
+
+7. Add PCRE_MULTILINE at compile and exec time, and (?m) as well. Add \M to
+pcretest to cause it to pass that flag.
+
+8. Add pcre_info(), to get the number of identifying subpatterns, the stored
+options, and the first character, if set.
+
+9. Recognize C+ or C{n,m} where n >= 1 as providing a fixed starting character.
+
+
+Version 0.91 10-Sep-97
+----------------------
+
+1. PCRE was failing to diagnose unlimited repeats of subpatterns that could
+match the empty string as in /(a*)*/. It was looping and ultimately crashing.
+
+2. PCRE was looping on encountering an indefinitely repeated back reference to
+a subpattern that had matched an empty string, e.g. /(a|)\1*/. It now does what
+Perl does - treats the match as successful.
+
+****
diff --git a/external/privoxy/pcre/doc/NON-UNIX-USE b/external/privoxy/pcre/doc/NON-UNIX-USE
new file mode 100644
index 0000000..09a7432
--- /dev/null
+++ b/external/privoxy/pcre/doc/NON-UNIX-USE
@@ -0,0 +1,50 @@
+Compiling PCRE on non-Unix systems
+----------------------------------
+
+If you want to compile PCRE for a non-Unix system, note that it consists
+entirely of code written in Standard C, and so should compile successfully
+on any machine with a Standard C compiler and library, using normal compiling
+commands to do the following:
+
+(1) Copy or rename the file config.in as config.h, and change the macros that
+define HAVE_STRERROR and HAVE_MEMMOVE to define them as 1 rather than 0.
+Unfortunately, because of the way Unix autoconf works, the default setting has
+to be 0.
+
+(2) Copy or rename the file pcre.in as pcre.h, and change the macro definitions
+for PCRE_MAJOR, PCRE_MINOR, and PCRE_DATE near its start to the values set in
+configure.in.
+
+(3) Compile dftables.c as a stand-alone program, and then run it with
+the standard output sent to chartables.c. This generates a set of standard
+character tables.
+
+(4) Compile maketables.c, get.c, study.c and pcre.c and link them all
+together into an object library in whichever form your system keeps such
+libraries. This is the pcre library (chartables.c gets included by means of an
+#include directive).
+
+(5) Similarly, compile pcreposix.c and link it as the pcreposix library.
+
+(6) Compile the test program pcretest.c. This needs the functions in the
+pcre and pcreposix libraries when linking.
+
+(7) Run pcretest on the testinput files in the testdata directory, and check
+that the output matches the corresponding testoutput files. You must use the
+-i option when checking testinput2.
+
+If you have a system without "configure" but where you can use a Makefile, edit
+Makefile.in to create Makefile, substituting suitable values for the variables
+at the head of the file.
+
+Some help in building a Win32 DLL of PCRE in GnuWin32 environments was
+contributed by Paul.Sokolovsky at technologist.com. These environments are
+Mingw32 (http://www.xraylith.wisc.edu/~khan/software/gnu-win32/) and
+CygWin  (http://sourceware.cygnus.com/cygwin/). Paul comments:
+
+  For CygWin, set CFLAGS=-mno-cygwin, and do 'make dll'. You'll get
+  pcre.dll (containing pcreposix also), libpcre.dll.a, and dynamically
+  linked pgrep and pcretest. If you have /bin/sh, run RunTest (three
+  main test go ok, locale not supported).
+
+****
diff --git a/external/privoxy/pcre/doc/Tech.Notes b/external/privoxy/pcre/doc/Tech.Notes
new file mode 100644
index 0000000..7b96e5b
--- /dev/null
+++ b/external/privoxy/pcre/doc/Tech.Notes
@@ -0,0 +1,243 @@
+Technical Notes about PCRE
+--------------------------
+
+Many years ago I implemented some regular expression functions to an algorithm
+suggested by Martin Richards. These were not Unix-like in form, and were quite
+restricted in what they could do by comparison with Perl. The interesting part
+about the algorithm was that the amount of space required to hold the compiled
+form of an expression was known in advance. The code to apply an expression did
+not operate by backtracking, as the Henry Spencer and Perl code does, but
+instead checked all possibilities simultaneously by keeping a list of current
+states and checking all of them as it advanced through the subject string. (In
+the terminology of Jeffrey Friedl's book, it was a "DFA algorithm".) When the
+pattern was all used up, all remaining states were possible matches, and the
+one matching the longest subset of the subject string was chosen. This did not
+necessarily maximize the individual wild portions of the pattern, as is
+expected in Unix and Perl-style regular expressions.
+
+By contrast, the code originally written by Henry Spencer and subsequently
+heavily modified for Perl actually compiles the expression twice: once in a
+dummy mode in order to find out how much store will be needed, and then for
+real. The execution function operates by backtracking and maximizing (or,
+optionally, minimizing in Perl) the amount of the subject that matches
+individual wild portions of the pattern. This is an "NFA algorithm" in Friedl's
+terminology.
+
+For the set of functions that forms PCRE (which are unrelated to those
+mentioned above), I tried at first to invent an algorithm that used an amount
+of store bounded by a multiple of the number of characters in the pattern, to
+save on compiling time. However, because of the greater complexity in Perl
+regular expressions, I couldn't do this. In any case, a first pass through the
+pattern is needed, in order to find internal flag settings like (?i) at top
+level. So PCRE works by running a very degenerate first pass to calculate a
+maximum store size, and then a second pass to do the real compile - which may
+use a bit less than the predicted amount of store. The idea is that this is
+going to turn out faster because the first pass is degenerate and the second
+pass can just store stuff straight into the vector. It does make the compiling
+functions bigger, of course, but they have got quite big anyway to handle all
+the Perl stuff.
+
+The compiled form of a pattern is a vector of bytes, containing items of
+variable length. The first byte in an item is an opcode, and the length of the
+item is either implicit in the opcode or contained in the data bytes which
+follow it. A list of all the opcodes follows:
+
+Opcodes with no following data
+------------------------------
+
+These items are all just one byte long
+
+  OP_END                 end of pattern
+  OP_ANY                 match any character
+  OP_SOD                 match start of data: \A
+  OP_CIRC                ^ (start of data, or after \n in multiline)
+  OP_NOT_WORD_BOUNDARY   \W
+  OP_WORD_BOUNDARY       \w
+  OP_NOT_DIGIT           \D
+  OP_DIGIT               \d
+  OP_NOT_WHITESPACE      \S
+  OP_WHITESPACE          \s
+  OP_NOT_WORDCHAR        \W
+  OP_WORDCHAR            \w
+  OP_EODN                match end of data or \n at end: \Z
+  OP_EOD                 match end of data: \z
+  OP_DOLL                $ (end of data, or before \n in multiline)
+  OP_RECURSE             match the pattern recursively
+
+
+Repeating single characters
+---------------------------
+
+The common repeats (*, +, ?) when applied to a single character appear as
+two-byte items using the following opcodes:
+
+  OP_STAR
+  OP_MINSTAR
+  OP_PLUS
+  OP_MINPLUS
+  OP_QUERY
+  OP_MINQUERY
+
+Those with "MIN" in their name are the minimizing versions. Each is followed by
+the character that is to be repeated. Other repeats make use of
+
+  OP_UPTO
+  OP_MINUPTO
+  OP_EXACT
+
+which are followed by a two-byte count (most significant first) and the
+repeated character. OP_UPTO matches from 0 to the given number. A repeat with a
+non-zero minimum and a fixed maximum is coded as an OP_EXACT followed by an
+OP_UPTO (or OP_MINUPTO).
+
+
+Repeating character types
+-------------------------
+
+Repeats of things like \d are done exactly as for single characters, except
+that instead of a character, the opcode for the type is stored in the data
+byte. The opcodes are:
+
+  OP_TYPESTAR
+  OP_TYPEMINSTAR
+  OP_TYPEPLUS
+  OP_TYPEMINPLUS
+  OP_TYPEQUERY
+  OP_TYPEMINQUERY
+  OP_TYPEUPTO
+  OP_TYPEMINUPTO
+  OP_TYPEEXACT
+
+
+Matching a character string
+---------------------------
+
+The OP_CHARS opcode is followed by a one-byte count and then that number of
+characters. If there are more than 255 characters in sequence, successive
+instances of OP_CHARS are used.
+
+
+Character classes
+-----------------
+
+OP_CLASS is used for a character class, provided there are at least two
+characters in the class. If there is only one character, OP_CHARS is used for a
+positive class, and OP_NOT for a negative one (that is, for something like
+[^a]). Another set of repeating opcodes (OP_NOTSTAR etc.) are used for a
+repeated, negated, single-character class. The normal ones (OP_STAR etc.) are
+used for a repeated positive single-character class.
+
+OP_CLASS is followed by a 32-byte bit map containing a 1 bit for every
+character that is acceptable. The bits are counted from the least significant
+end of each byte.
+
+
+Back references
+---------------
+
+OP_REF is followed by a single byte containing the reference number.
+
+
+Repeating character classes and back references
+-----------------------------------------------
+
+Single-character classes are handled specially (see above). This applies to
+OP_CLASS and OP_REF. In both cases, the repeat information follows the base
+item. The matching code looks at the following opcode to see if it is one of
+
+  OP_CRSTAR
+  OP_CRMINSTAR
+  OP_CRPLUS
+  OP_CRMINPLUS
+  OP_CRQUERY
+  OP_CRMINQUERY
+  OP_CRRANGE
+  OP_CRMINRANGE
+
+All but the last two are just single-byte items. The others are followed by
+four bytes of data, comprising the minimum and maximum repeat counts.
+
+
+Brackets and alternation
+------------------------
+
+A pair of non-capturing (round) brackets is wrapped round each expression at
+compile time, so alternation always happens in the context of brackets.
+Non-capturing brackets use the opcode OP_BRA, while capturing brackets use
+OP_BRA+1, OP_BRA+2, etc. [Note for North Americans: "bracket" to some English
+speakers, including myself, can be round, square, curly, or pointy. Hence this
+usage.]
+
+A bracket opcode is followed by two bytes which give the offset to the next
+alternative OP_ALT or, if there aren't any branches, to the matching KET
+opcode. Each OP_ALT is followed by two bytes giving the offset to the next one,
+or to the KET opcode.
+
+OP_KET is used for subpatterns that do not repeat indefinitely, while
+OP_KETRMIN and OP_KETRMAX are used for indefinite repetitions, minimally or
+maximally respectively. All three are followed by two bytes giving (as a
+positive number) the offset back to the matching BRA opcode.
+
+If a subpattern is quantified such that it is permitted to match zero times, it
+is preceded by one of OP_BRAZERO or OP_BRAMINZERO. These are single-byte
+opcodes which tell the matcher that skipping this subpattern entirely is a
+valid branch.
+
+A subpattern with an indefinite maximum repetition is replicated in the
+compiled data its minimum number of times (or once with a BRAZERO if the
+minimum is zero), with the final copy terminating with a KETRMIN or KETRMAX as
+appropriate.
+
+A subpattern with a bounded maximum repetition is replicated in a nested
+fashion up to the maximum number of times, with BRAZERO or BRAMINZERO before
+each replication after the minimum, so that, for example, (abc){2,5} is
+compiled as (abc)(abc)((abc)((abc)(abc)?)?)?. The 200-bracket limit does not
+apply to these internally generated brackets.
+
+
+Assertions
+----------
+
+Forward assertions are just like other subpatterns, but starting with one of
+the opcodes OP_ASSERT or OP_ASSERT_NOT. Backward assertions use the opcodes
+OP_ASSERTBACK and OP_ASSERTBACK_NOT, and the first opcode inside the assertion
+is OP_REVERSE, followed by a two byte count of the number of characters to move
+back the pointer in the subject string. When operating in UTF-8 mode, the count
+is a character count rather than a byte count. A separate count is present in
+each alternative of a lookbehind assertion, allowing them to have different
+fixed lengths.
+
+
+Once-only subpatterns
+---------------------
+
+These are also just like other subpatterns, but they start with the opcode
+OP_ONCE.
+
+
+Conditional subpatterns
+-----------------------
+
+These are like other subpatterns, but they start with the opcode OP_COND. If
+the condition is a back reference, this is stored at the start of the
+subpattern using the opcode OP_CREF followed by one byte containing the
+reference number. Otherwise, a conditional subpattern will always start with
+one of the assertions.
+
+
+Changing options
+----------------
+
+If any of the /i, /m, or /s options are changed within a parenthesized group,
+an OP_OPT opcode is compiled, followed by one byte containing the new settings
+of these flags. If there are several alternatives in a group, there is an
+occurrence of OP_OPT at the start of all those following the first options
+change, to set appropriate options for the start of the alternative.
+Immediately after the end of the group there is another such item to reset the
+flags to their previous values. Other changes of flag within the pattern can be
+handled entirely at compile time, and so do not cause anything to be put into
+the compiled data.
+
+
+Philip Hazel
+August 2000
diff --git a/external/privoxy/pcre/doc/authors b/external/privoxy/pcre/doc/authors
new file mode 100644
index 0000000..bfe1b5d
--- /dev/null
+++ b/external/privoxy/pcre/doc/authors
@@ -0,0 +1,6 @@
+Written by: Philip Hazel <ph10 at cam.ac.uk>
+
+University of Cambridge Computing Service,
+Cambridge, England. Phone: +44 1223 334714.
+
+Copyright (c) 1997-2000 University of Cambridge
diff --git a/external/privoxy/pcre/doc/copying b/external/privoxy/pcre/doc/copying
new file mode 100644
index 0000000..34d20db
--- /dev/null
+++ b/external/privoxy/pcre/doc/copying
@@ -0,0 +1,46 @@
+PCRE LICENCE
+------------
+
+PCRE is a library of functions to support regular expressions whose syntax
+and semantics are as close as possible to those of the Perl 5 language.
+
+Written by: Philip Hazel <ph10 at cam.ac.uk>
+
+University of Cambridge Computing Service,
+Cambridge, England. Phone: +44 1223 334714.
+
+Copyright (c) 1997-2000 University of Cambridge
+
+Permission is granted to anyone to use this software for any purpose on any
+computer system, and to redistribute it freely, subject to the following
+restrictions:
+
+1. This software is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+2. The origin of this software must not be misrepresented, either by
+   explicit claim or by omission. In practice, this means that if you use
+   PCRE in software which you distribute to others, commercially or
+   otherwise, you must put a sentence like this
+
+     Regular expression support is provided by the PCRE library package,
+     which is open source software, written by Philip Hazel, and copyright
+     by the University of Cambridge, England.
+
+   somewhere reasonably visible in your documentation and in any relevant
+   files or online help data or similar. A reference to the ftp site for
+   the source, that is, to
+
+     ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/
+
+   should also be given in the documentation.
+
+3. Altered versions must be plainly marked as such, and must not be
+   misrepresented as being the original software.
+
+4. If PCRE is embedded in any software that is released under the GNU
+   General Purpose Licence (GPL), then the terms of that licence shall
+   supersede any condition above with which it is incompatible.
+
+End
diff --git a/external/privoxy/pcre/doc/news b/external/privoxy/pcre/doc/news
new file mode 100644
index 0000000..56fccdf
--- /dev/null
+++ b/external/privoxy/pcre/doc/news
@@ -0,0 +1,54 @@
+News about PCRE releases
+------------------------
+
+Release 3.3 01-Aug-00
+---------------------
+
+There is some support for UTF-8 character strings. This is incomplete and
+experimental. The documentation describes what is and what is not implemented.
+Otherwise, this is just a bug-fixing release.
+
+
+Release 3.0 01-Feb-00
+---------------------
+
+1. A "configure" script is now used to configure PCRE for Unix systems. It
+builds a Makefile, a config.h file, and the pcre-config script.
+
+2. PCRE is built as a shared library by default.
+
+3. There is support for POSIX classes such as [:alpha:].
+
+5. There is an experimental recursion feature.
+
+----------------------------------------------------------------------------
+          IMPORTANT FOR THOSE UPGRADING FROM VERSIONS BEFORE 2.00
+
+Please note that there has been a change in the API such that a larger
+ovector is required at matching time, to provide some additional workspace.
+The new man page has details. This change was necessary in order to support
+some of the new functionality in Perl 5.005.
+
+          IMPORTANT FOR THOSE UPGRADING FROM VERSION 2.00
+
+Another (I hope this is the last!) change has been made to the API for the
+pcre_compile() function. An additional argument has been added to make it
+possible to pass over a pointer to character tables built in the current
+locale by pcre_maketables(). To use the default tables, this new arguement
+should be passed as NULL.
+
+          IMPORTANT FOR THOSE UPGRADING FROM VERSION 2.05
+
+Yet another (and again I hope this really is the last) change has been made
+to the API for the pcre_exec() function. An additional argument has been
+added to make it possible to start the match other than at the start of the
+subject string. This is important if there are lookbehinds. The new man
+page has the details, but you just want to convert existing programs, all
+you need to do is to stick in a new fifth argument to pcre_exec(), with a
+value of zero. For example, change
+
+  pcre_exec(pattern, extra, subject, length, options, ovec, ovecsize)
+to
+  pcre_exec(pattern, extra, subject, length, 0, options, ovec, ovecsize)
+
+****
diff --git a/external/privoxy/pcre/doc/pcre.3 b/external/privoxy/pcre/doc/pcre.3
new file mode 100644
index 0000000..bb812f4
--- /dev/null
+++ b/external/privoxy/pcre/doc/pcre.3
@@ -0,0 +1,1810 @@
+.TH PCRE 3
+.SH NAME
+pcre - Perl-compatible regular expressions.
+.SH SYNOPSIS
+.B #include <pcre.h>
+.PP
+.SM
+.br
+.B pcre *pcre_compile(const char *\fIpattern\fR, int \fIoptions\fR,
+.ti +5n
+.B const char **\fIerrptr\fR, int *\fIerroffset\fR,
+.ti +5n
+.B const unsigned char *\fItableptr\fR);
+.PP
+.br
+.B pcre_extra *pcre_study(const pcre *\fIcode\fR, int \fIoptions\fR,
+.ti +5n
+.B const char **\fIerrptr\fR);
+.PP
+.br
+.B int pcre_exec(const pcre *\fIcode\fR, "const pcre_extra *\fIextra\fR,"
+.ti +5n
+.B "const char *\fIsubject\fR," int \fIlength\fR, int \fIstartoffset\fR,
+.ti +5n
+.B int \fIoptions\fR, int *\fIovector\fR, int \fIovecsize\fR);
+.PP
+.br
+.B int pcre_copy_substring(const char *\fIsubject\fR, int *\fIovector\fR,
+.ti +5n
+.B int \fIstringcount\fR, int \fIstringnumber\fR, char *\fIbuffer\fR,
+.ti +5n
+.B int \fIbuffersize\fR);
+.PP
+.br
+.B int pcre_get_substring(const char *\fIsubject\fR, int *\fIovector\fR,
+.ti +5n
+.B int \fIstringcount\fR, int \fIstringnumber\fR,
+.ti +5n
+.B const char **\fIstringptr\fR);
+.PP
+.br
+.B int pcre_get_substring_list(const char *\fIsubject\fR,
+.ti +5n
+.B int *\fIovector\fR, int \fIstringcount\fR, "const char ***\fIlistptr\fR);"
+.PP
+.br
+.B void pcre_free_substring(const char *\fIstringptr\fR);
+.PP
+.br
+.B void pcre_free_substring_list(const char **\fIstringptr\fR);
+.PP
+.br
+.B const unsigned char *pcre_maketables(void);
+.PP
+.br
+.B int pcre_fullinfo(const pcre *\fIcode\fR, "const pcre_extra *\fIextra\fR,"
+.ti +5n
+.B int \fIwhat\fR, void *\fIwhere\fR);
+.PP
+.br
+.B int pcre_info(const pcre *\fIcode\fR, int *\fIoptptr\fR, int
+.B *\fIfirstcharptr\fR);
+.PP
+.br
+.B char *pcre_version(void);
+.PP
+.br
+.B void *(*pcre_malloc)(size_t);
+.PP
+.br
+.B void (*pcre_free)(void *);
+
+
+
+.SH DESCRIPTION
+The PCRE library is a set of functions that implement regular expression
+pattern matching using the same syntax and semantics as Perl 5, with just a few
+differences (see below). The current implementation corresponds to Perl 5.005,
+with some additional features from later versions. This includes some
+experimental, incomplete support for UTF-8 encoded strings. Details of exactly
+what is and what is not supported are given below.
+
+PCRE has its own native API, which is described in this document. There is also
+a set of wrapper functions that correspond to the POSIX regular expression API.
+These are described in the \fBpcreposix\fR documentation.
+
+The native API function prototypes are defined in the header file \fBpcre.h\fR,
+and on Unix systems the library itself is called \fBlibpcre.a\fR, so can be
+accessed by adding \fB-lpcre\fR to the command for linking an application which
+calls it. The header file defines the macros PCRE_MAJOR and PCRE_MINOR to
+contain the major and minor release numbers for the library. Applications can
+use these to include support for different releases.
+
+The functions \fBpcre_compile()\fR, \fBpcre_study()\fR, and \fBpcre_exec()\fR
+are used for compiling and matching regular expressions.
+
+The functions \fBpcre_copy_substring()\fR, \fBpcre_get_substring()\fR, and
+\fBpcre_get_substring_list()\fR are convenience functions for extracting
+captured substrings from a matched subject string; \fBpcre_free_substring()\fR
+and \fBpcre_free_substring_list()\fR are also provided, to free the memory used
+for extracted strings.
+
+The function \fBpcre_maketables()\fR is used (optionally) to build a set of
+character tables in the current locale for passing to \fBpcre_compile()\fR.
+
+The function \fBpcre_fullinfo()\fR is used to find out information about a
+compiled pattern; \fBpcre_info()\fR is an obsolete version which returns only
+some of the available information, but is retained for backwards compatibility.
+The function \fBpcre_version()\fR returns a pointer to a string containing the
+version of PCRE and its date of release.
+
+The global variables \fBpcre_malloc\fR and \fBpcre_free\fR initially contain
+the entry points of the standard \fBmalloc()\fR and \fBfree()\fR functions
+respectively. PCRE calls the memory management functions via these variables,
+so a calling program can replace them if it wishes to intercept the calls. This
+should be done before calling any PCRE functions.
+
+
+.SH MULTI-THREADING
+The PCRE functions can be used in multi-threading applications, with the
+proviso that the memory management functions pointed to by \fBpcre_malloc\fR
+and \fBpcre_free\fR are shared by all threads.
+
+The compiled form of a regular expression is not altered during matching, so
+the same compiled pattern can safely be used by several threads at once.
+
+
+.SH COMPILING A PATTERN
+The function \fBpcre_compile()\fR is called to compile a pattern into an
+internal form. The pattern is a C string terminated by a binary zero, and
+is passed in the argument \fIpattern\fR. A pointer to a single block of memory
+that is obtained via \fBpcre_malloc\fR is returned. This contains the
+compiled code and related data. The \fBpcre\fR type is defined for this for
+convenience, but in fact \fBpcre\fR is just a typedef for \fBvoid\fR, since the
+contents of the block are not externally defined. It is up to the caller to
+free the memory when it is no longer required.
+.PP
+The size of a compiled pattern is roughly proportional to the length of the
+pattern string, except that each character class (other than those containing
+just a single character, negated or not) requires 33 bytes, and repeat
+quantifiers with a minimum greater than one or a bounded maximum cause the
+relevant portions of the compiled pattern to be replicated.
+.PP
+The \fIoptions\fR argument contains independent bits that affect the
+compilation. It should be zero if no options are required. Some of the options,
+in particular, those that are compatible with Perl, can also be set and unset
+from within the pattern (see the detailed description of regular expressions
+below). For these options, the contents of the \fIoptions\fR argument specifies
+their initial settings at the start of compilation and execution. The
+PCRE_ANCHORED option can be set at the time of matching as well as at compile
+time.
+.PP
+If \fIerrptr\fR is NULL, \fBpcre_compile()\fR returns NULL immediately.
+Otherwise, if compilation of a pattern fails, \fBpcre_compile()\fR returns
+NULL, and sets the variable pointed to by \fIerrptr\fR to point to a textual
+error message. The offset from the start of the pattern to the character where
+the error was discovered is placed in the variable pointed to by
+\fIerroffset\fR, which must not be NULL. If it is, an immediate error is given.
+.PP
+If the final argument, \fItableptr\fR, is NULL, PCRE uses a default set of
+character tables which are built when it is compiled, using the default C
+locale. Otherwise, \fItableptr\fR must be the result of a call to
+\fBpcre_maketables()\fR. See the section on locale support below.
+.PP
+The following option bits are defined in the header file:
+
+  PCRE_ANCHORED
+
+If this bit is set, the pattern is forced to be "anchored", that is, it is
+constrained to match only at the start of the string which is being searched
+(the "subject string"). This effect can also be achieved by appropriate
+constructs in the pattern itself, which is the only way to do it in Perl.
+
+  PCRE_CASELESS
+
+If this bit is set, letters in the pattern match both upper and lower case
+letters. It is equivalent to Perl's /i option.
+
+  PCRE_DOLLAR_ENDONLY
+
+If this bit is set, a dollar metacharacter in the pattern matches only at the
+end of the subject string. Without this option, a dollar also matches
+immediately before the final character if it is a newline (but not before any
+other newlines). The PCRE_DOLLAR_ENDONLY option is ignored if PCRE_MULTILINE is
+set. There is no equivalent to this option in Perl.
+
+  PCRE_DOTALL
+
+If this bit is set, a dot metacharater in the pattern matches all characters,
+including newlines. Without it, newlines are excluded. This option is
+equivalent to Perl's /s option. A negative class such as [^a] always matches a
+newline character, independent of the setting of this option.
+
+  PCRE_EXTENDED
+
+If this bit is set, whitespace data characters in the pattern are totally
+ignored except when escaped or inside a character class, and characters between
+an unescaped # outside a character class and the next newline character,
+inclusive, are also ignored. This is equivalent to Perl's /x option, and makes
+it possible to include comments inside complicated patterns. Note, however,
+that this applies only to data characters. Whitespace characters may never
+appear within special character sequences in a pattern, for example within the
+sequence (?( which introduces a conditional subpattern.
+
+  PCRE_EXTRA
+
+This option was invented in order to turn on additional functionality of PCRE
+that is incompatible with Perl, but it is currently of very little use. When
+set, any backslash in a pattern that is followed by a letter that has no
+special meaning causes an error, thus reserving these combinations for future
+expansion. By default, as in Perl, a backslash followed by a letter with no
+special meaning is treated as a literal. There are at present no other features
+controlled by this option. It can also be set by a (?X) option setting within a
+pattern.
+
+  PCRE_MULTILINE
+
+By default, PCRE treats the subject string as consisting of a single "line" of
+characters (even if it actually contains several newlines). The "start of line"
+metacharacter (^) matches only at the start of the string, while the "end of
+line" metacharacter ($) matches only at the end of the string, or before a
+terminating newline (unless PCRE_DOLLAR_ENDONLY is set). This is the same as
+Perl.
+
+When PCRE_MULTILINE it is set, the "start of line" and "end of line" constructs
+match immediately following or immediately before any newline in the subject
+string, respectively, as well as at the very start and end. This is equivalent
+to Perl's /m option. If there are no "\\n" characters in a subject string, or
+no occurrences of ^ or $ in a pattern, setting PCRE_MULTILINE has no
+effect.
+
+  PCRE_UNGREEDY
+
+This option inverts the "greediness" of the quantifiers so that they are not
+greedy by default, but become greedy if followed by "?". It is not compatible
+with Perl. It can also be set by a (?U) option setting within the pattern.
+
+  PCRE_UTF8
+
+This option causes PCRE to regard both the pattern and the subject as strings
+of UTF-8 characters instead of just byte strings. However, it is available only
+if PCRE has been built to include UTF-8 support. If not, the use of this option
+provokes an error. Support for UTF-8 is new, experimental, and incomplete.
+Details of exactly what it entails are given below.
+
+
+.SH STUDYING A PATTERN
+When a pattern is going to be used several times, it is worth spending more
+time analyzing it in order to speed up the time taken for matching. The
+function \fBpcre_study()\fR takes a pointer to a compiled pattern as its first
+argument, and returns a pointer to a \fBpcre_extra\fR block (another \fBvoid\fR
+typedef) containing additional information about the pattern; this can be
+passed to \fBpcre_exec()\fR. If no additional information is available, NULL
+is returned.
+
+The second argument contains option bits. At present, no options are defined
+for \fBpcre_study()\fR, and this argument should always be zero.
+
+The third argument for \fBpcre_study()\fR is a pointer to an error message. If
+studying succeeds (even if no data is returned), the variable it points to is
+set to NULL. Otherwise it points to a textual error message.
+
+At present, studying a pattern is useful only for non-anchored patterns that do
+not have a single fixed starting character. A bitmap of possible starting
+characters is created.
+
+
+.SH LOCALE SUPPORT
+PCRE handles caseless matching, and determines whether characters are letters,
+digits, or whatever, by reference to a set of tables. The library contains a
+default set of tables which is created in the default C locale when PCRE is
+compiled. This is used when the final argument of \fBpcre_compile()\fR is NULL,
+and is sufficient for many applications.
+
+An alternative set of tables can, however, be supplied. Such tables are built
+by calling the \fBpcre_maketables()\fR function, which has no arguments, in the
+relevant locale. The result can then be passed to \fBpcre_compile()\fR as often
+as necessary. For example, to build and use tables that are appropriate for the
+French locale (where accented characters with codes greater than 128 are
+treated as letters), the following code could be used:
+
+  setlocale(LC_CTYPE, "fr");
+  tables = pcre_maketables();
+  re = pcre_compile(..., tables);
+
+The tables are built in memory that is obtained via \fBpcre_malloc\fR. The
+pointer that is passed to \fBpcre_compile\fR is saved with the compiled
+pattern, and the same tables are used via this pointer by \fBpcre_study()\fR
+and \fBpcre_exec()\fR. Thus for any single pattern, compilation, studying and
+matching all happen in the same locale, but different patterns can be compiled
+in different locales. It is the caller's responsibility to ensure that the
+memory containing the tables remains available for as long as it is needed.
+
+
+.SH INFORMATION ABOUT A PATTERN
+The \fBpcre_fullinfo()\fR function returns information about a compiled
+pattern. It replaces the obsolete \fBpcre_info()\fR function, which is
+nevertheless retained for backwards compability (and is documented below).
+
+The first argument for \fBpcre_fullinfo()\fR is a pointer to the compiled
+pattern. The second argument is the result of \fBpcre_study()\fR, or NULL if
+the pattern was not studied. The third argument specifies which piece of
+information is required, while the fourth argument is a pointer to a variable
+to receive the data. The yield of the function is zero for success, or one of
+the following negative numbers:
+
+  PCRE_ERROR_NULL       the argument \fIcode\fR was NULL
+                        the argument \fIwhere\fR was NULL
+  PCRE_ERROR_BADMAGIC   the "magic number" was not found
+  PCRE_ERROR_BADOPTION  the value of \fIwhat\fR was invalid
+
+The possible values for the third argument are defined in \fBpcre.h\fR, and are
+as follows:
+
+  PCRE_INFO_OPTIONS
+
+Return a copy of the options with which the pattern was compiled. The fourth
+argument should point to au \fBunsigned long int\fR variable. These option bits
+are those specified in the call to \fBpcre_compile()\fR, modified by any
+top-level option settings within the pattern itself, and with the PCRE_ANCHORED
+bit forcibly set if the form of the pattern implies that it can match only at
+the start of a subject string.
+
+  PCRE_INFO_SIZE
+
+Return the size of the compiled pattern, that is, the value that was passed as
+the argument to \fBpcre_malloc()\fR when PCRE was getting memory in which to
+place the compiled data. The fourth argument should point to a \fBsize_t\fR
+variable.
+
+  PCRE_INFO_CAPTURECOUNT
+
+Return the number of capturing subpatterns in the pattern. The fourth argument
+should point to an \fbint\fR variable.
+
+  PCRE_INFO_BACKREFMAX
+
+Return the number of the highest back reference in the pattern. The fourth
+argument should point to an \fBint\fR variable. Zero is returned if there are
+no back references.
+
+  PCRE_INFO_FIRSTCHAR
+
+Return information about the first character of any matched string, for a
+non-anchored pattern. If there is a fixed first character, e.g. from a pattern
+such as (cat|cow|coyote), it is returned in the integer pointed to by
+\fIwhere\fR. Otherwise, if either
+
+(a) the pattern was compiled with the PCRE_MULTILINE option, and every branch
+starts with "^", or
+
+(b) every branch of the pattern starts with ".*" and PCRE_DOTALL is not set
+(if it were set, the pattern would be anchored),
+
+-1 is returned, indicating that the pattern matches only at the start of a
+subject string or after any "\\n" within the string. Otherwise -2 is returned.
+For anchored patterns, -2 is returned.
+
+  PCRE_INFO_FIRSTTABLE
+
+If the pattern was studied, and this resulted in the construction of a 256-bit
+table indicating a fixed set of characters for the first character in any
+matching string, a pointer to the table is returned. Otherwise NULL is
+returned. The fourth argument should point to an \fBunsigned char *\fR
+variable.
+
+  PCRE_INFO_LASTLITERAL
+
+For a non-anchored pattern, return the value of the rightmost literal character
+which must exist in any matched string, other than at its start. The fourth
+argument should point to an \fBint\fR variable. If there is no such character,
+or if the pattern is anchored, -1 is returned. For example, for the pattern
+/a\\d+z\\d+/ the returned value is 'z'.
+
+The \fBpcre_info()\fR function is now obsolete because its interface is too
+restrictive to return all the available data about a compiled pattern. New
+programs should use \fBpcre_fullinfo()\fR instead. The yield of
+\fBpcre_info()\fR is the number of capturing subpatterns, or one of the
+following negative numbers:
+
+  PCRE_ERROR_NULL       the argument \fIcode\fR was NULL
+  PCRE_ERROR_BADMAGIC   the "magic number" was not found
+
+If the \fIoptptr\fR argument is not NULL, a copy of the options with which the
+pattern was compiled is placed in the integer it points to (see
+PCRE_INFO_OPTIONS above).
+
+If the pattern is not anchored and the \fIfirstcharptr\fR argument is not NULL,
+it is used to pass back information about the first character of any matched
+string (see PCRE_INFO_FIRSTCHAR above).
+
+
+.SH MATCHING A PATTERN
+The function \fBpcre_exec()\fR is called to match a subject string against a
+pre-compiled pattern, which is passed in the \fIcode\fR argument. If the
+pattern has been studied, the result of the study should be passed in the
+\fIextra\fR argument. Otherwise this must be NULL.
+
+The PCRE_ANCHORED option can be passed in the \fIoptions\fR argument, whose
+unused bits must be zero. However, if a pattern was compiled with
+PCRE_ANCHORED, or turned out to be anchored by virtue of its contents, it
+cannot be made unachored at matching time.
+
+There are also three further options that can be set only at matching time:
+
+  PCRE_NOTBOL
+
+The first character of the string is not the beginning of a line, so the
+circumflex metacharacter should not match before it. Setting this without
+PCRE_MULTILINE (at compile time) causes circumflex never to match.
+
+  PCRE_NOTEOL
+
+The end of the string is not the end of a line, so the dollar metacharacter
+should not match it nor (except in multiline mode) a newline immediately before
+it. Setting this without PCRE_MULTILINE (at compile time) causes dollar never
+to match.
+
+  PCRE_NOTEMPTY
+
+An empty string is not considered to be a valid match if this option is set. If
+there are alternatives in the pattern, they are tried. If all the alternatives
+match the empty string, the entire match fails. For example, if the pattern
+
+  a?b?
+
+is applied to a string not beginning with "a" or "b", it matches the empty
+string at the start of the subject. With PCRE_NOTEMPTY set, this match is not
+valid, so PCRE searches further into the string for occurrences of "a" or "b".
+
+Perl has no direct equivalent of PCRE_NOTEMPTY, but it does make a special case
+of a pattern match of the empty string within its \fBsplit()\fR function, and
+when using the /g modifier. It is possible to emulate Perl's behaviour after
+matching a null string by first trying the match again at the same offset with
+PCRE_NOTEMPTY set, and then if that fails by advancing the starting offset (see
+below) and trying an ordinary match again.
+
+The subject string is passed as a pointer in \fIsubject\fR, a length in
+\fIlength\fR, and a starting offset in \fIstartoffset\fR. Unlike the pattern
+string, it may contain binary zero characters. When the starting offset is
+zero, the search for a match starts at the beginning of the subject, and this
+is by far the most common case.
+
+A non-zero starting offset is useful when searching for another match in the
+same subject by calling \fBpcre_exec()\fR again after a previous success.
+Setting \fIstartoffset\fR differs from just passing over a shortened string and
+setting PCRE_NOTBOL in the case of a pattern that begins with any kind of
+lookbehind. For example, consider the pattern
+
+  \\Biss\\B
+
+which finds occurrences of "iss" in the middle of words. (\\B matches only if
+the current position in the subject is not a word boundary.) When applied to
+the string "Mississipi" the first call to \fBpcre_exec()\fR finds the first
+occurrence. If \fBpcre_exec()\fR is called again with just the remainder of the
+subject, namely "issipi", it does not match, because \\B is always false at the
+start of the subject, which is deemed to be a word boundary. However, if
+\fBpcre_exec()\fR is passed the entire string again, but with \fIstartoffset\fR
+set to 4, it finds the second occurrence of "iss" because it is able to look
+behind the starting point to discover that it is preceded by a letter.
+
+If a non-zero starting offset is passed when the pattern is anchored, one
+attempt to match at the given offset is tried. This can only succeed if the
+pattern does not require the match to be at the start of the subject.
+
+In general, a pattern matches a certain portion of the subject, and in
+addition, further substrings from the subject may be picked out by parts of the
+pattern. Following the usage in Jeffrey Friedl's book, this is called
+"capturing" in what follows, and the phrase "capturing subpattern" is used for
+a fragment of a pattern that picks out a substring. PCRE supports several other
+kinds of parenthesized subpattern that do not cause substrings to be captured.
+
+Captured substrings are returned to the caller via a vector of integer offsets
+whose address is passed in \fIovector\fR. The number of elements in the vector
+is passed in \fIovecsize\fR. The first two-thirds of the vector is used to pass
+back captured substrings, each substring using a pair of integers. The
+remaining third of the vector is used as workspace by \fBpcre_exec()\fR while
+matching capturing subpatterns, and is not available for passing back
+information. The length passed in \fIovecsize\fR should always be a multiple of
+three. If it is not, it is rounded down.
+
+When a match has been successful, information about captured substrings is
+returned in pairs of integers, starting at the beginning of \fIovector\fR, and
+continuing up to two-thirds of its length at the most. The first element of a
+pair is set to the offset of the first character in a substring, and the second
+is set to the offset of the first character after the end of a substring. The
+first pair, \fIovector[0]\fR and \fIovector[1]\fR, identify the portion of the
+subject string matched by the entire pattern. The next pair is used for the
+first capturing subpattern, and so on. The value returned by \fBpcre_exec()\fR
+is the number of pairs that have been set. If there are no capturing
+subpatterns, the return value from a successful match is 1, indicating that
+just the first pair of offsets has been set.
+
+Some convenience functions are provided for extracting the captured substrings
+as separate strings. These are described in the following section.
+
+It is possible for an capturing subpattern number \fIn+1\fR to match some
+part of the subject when subpattern \fIn\fR has not been used at all. For
+example, if the string "abc" is matched against the pattern (a|(z))(bc)
+subpatterns 1 and 3 are matched, but 2 is not. When this happens, both offset
+values corresponding to the unused subpattern are set to -1.
+
+If a capturing subpattern is matched repeatedly, it is the last portion of the
+string that it matched that gets returned.
+
+If the vector is too small to hold all the captured substrings, it is used as
+far as possible (up to two-thirds of its length), and the function returns a
+value of zero. In particular, if the substring offsets are not of interest,
+\fBpcre_exec()\fR may be called with \fIovector\fR passed as NULL and
+\fIovecsize\fR as zero. However, if the pattern contains back references and
+the \fIovector\fR isn't big enough to remember the related substrings, PCRE has
+to get additional memory for use during matching. Thus it is usually advisable
+to supply an \fIovector\fR.
+
+Note that \fBpcre_info()\fR can be used to find out how many capturing
+subpatterns there are in a compiled pattern. The smallest size for
+\fIovector\fR that will allow for \fIn\fR captured substrings in addition to
+the offsets of the substring matched by the whole pattern is (\fIn\fR+1)*3.
+
+If \fBpcre_exec()\fR fails, it returns a negative number. The following are
+defined in the header file:
+
+  PCRE_ERROR_NOMATCH        (-1)
+
+The subject string did not match the pattern.
+
+  PCRE_ERROR_NULL           (-2)
+
+Either \fIcode\fR or \fIsubject\fR was passed as NULL, or \fIovector\fR was
+NULL and \fIovecsize\fR was not zero.
+
+  PCRE_ERROR_BADOPTION      (-3)
+
+An unrecognized bit was set in the \fIoptions\fR argument.
+
+  PCRE_ERROR_BADMAGIC       (-4)
+
+PCRE stores a 4-byte "magic number" at the start of the compiled code, to catch
+the case when it is passed a junk pointer. This is the error it gives when the
+magic number isn't present.
+
+  PCRE_ERROR_UNKNOWN_NODE   (-5)
+
+While running the pattern match, an unknown item was encountered in the
+compiled pattern. This error could be caused by a bug in PCRE or by overwriting
+of the compiled pattern.
+
+  PCRE_ERROR_NOMEMORY       (-6)
+
+If a pattern contains back references, but the \fIovector\fR that is passed to
+\fBpcre_exec()\fR is not big enough to remember the referenced substrings, PCRE
+gets a block of memory at the start of matching to use for this purpose. If the
+call via \fBpcre_malloc()\fR fails, this error is given. The memory is freed at
+the end of matching.
+
+
+.SH EXTRACTING CAPTURED SUBSTRINGS
+Captured substrings can be accessed directly by using the offsets returned by
+\fBpcre_exec()\fR in \fIovector\fR. For convenience, the functions
+\fBpcre_copy_substring()\fR, \fBpcre_get_substring()\fR, and
+\fBpcre_get_substring_list()\fR are provided for extracting captured substrings
+as new, separate, zero-terminated strings. A substring that contains a binary
+zero is correctly extracted and has a further zero added on the end, but the
+result does not, of course, function as a C string.
+
+The first three arguments are the same for all three functions: \fIsubject\fR
+is the subject string which has just been successfully matched, \fIovector\fR
+is a pointer to the vector of integer offsets that was passed to
+\fBpcre_exec()\fR, and \fIstringcount\fR is the number of substrings that
+were captured by the match, including the substring that matched the entire
+regular expression. This is the value returned by \fBpcre_exec\fR if it
+is greater than zero. If \fBpcre_exec()\fR returned zero, indicating that it
+ran out of space in \fIovector\fR, the value passed as \fIstringcount\fR should
+be the size of the vector divided by three.
+
+The functions \fBpcre_copy_substring()\fR and \fBpcre_get_substring()\fR
+extract a single substring, whose number is given as \fIstringnumber\fR. A
+value of zero extracts the substring that matched the entire pattern, while
+higher values extract the captured substrings. For \fBpcre_copy_substring()\fR,
+the string is placed in \fIbuffer\fR, whose length is given by
+\fIbuffersize\fR, while for \fBpcre_get_substring()\fR a new block of memory is
+obtained via \fBpcre_malloc\fR, and its address is returned via
+\fIstringptr\fR. The yield of the function is the length of the string, not
+including the terminating zero, or one of
+
+  PCRE_ERROR_NOMEMORY       (-6)
+
+The buffer was too small for \fBpcre_copy_substring()\fR, or the attempt to get
+memory failed for \fBpcre_get_substring()\fR.
+
+  PCRE_ERROR_NOSUBSTRING    (-7)
+
+There is no substring whose number is \fIstringnumber\fR.
+
+The \fBpcre_get_substring_list()\fR function extracts all available substrings
+and builds a list of pointers to them. All this is done in a single block of
+memory which is obtained via \fBpcre_malloc\fR. The address of the memory block
+is returned via \fIlistptr\fR, which is also the start of the list of string
+pointers. The end of the list is marked by a NULL pointer. The yield of the
+function is zero if all went well, or
+
+  PCRE_ERROR_NOMEMORY       (-6)
+
+if the attempt to get the memory block failed.
+
+When any of these functions encounter a substring that is unset, which can
+happen when capturing subpattern number \fIn+1\fR matches some part of the
+subject, but subpattern \fIn\fR has not been used at all, they return an empty
+string. This can be distinguished from a genuine zero-length substring by
+inspecting the appropriate offset in \fIovector\fR, which is negative for unset
+substrings.
+
+The two convenience functions \fBpcre_free_substring()\fR and
+\fBpcre_free_substring_list()\fR can be used to free the memory returned by
+a previous call of \fBpcre_get_substring()\fR or
+\fBpcre_get_substring_list()\fR, respectively. They do nothing more than call
+the function pointed to by \fBpcre_free\fR, which of course could be called
+directly from a C program. However, PCRE is used in some situations where it is
+linked via a special interface to another programming language which cannot use
+\fBpcre_free\fR directly; it is for these cases that the functions are
+provided.
+
+
+.SH LIMITATIONS
+There are some size limitations in PCRE but it is hoped that they will never in
+practice be relevant.
+The maximum length of a compiled pattern is 65539 (sic) bytes.
+All values in repeating quantifiers must be less than 65536.
+The maximum number of capturing subpatterns is 99.
+The maximum number of all parenthesized subpatterns, including capturing
+subpatterns, assertions, and other types of subpattern, is 200.
+
+The maximum length of a subject string is the largest positive number that an
+integer variable can hold. However, PCRE uses recursion to handle subpatterns
+and indefinite repetition. This means that the available stack space may limit
+the size of a subject string that can be processed by certain patterns.
+
+
+.SH DIFFERENCES FROM PERL
+The differences described here are with respect to Perl 5.005.
+
+1. By default, a whitespace character is any character that the C library
+function \fBisspace()\fR recognizes, though it is possible to compile PCRE with
+alternative character type tables. Normally \fBisspace()\fR matches space,
+formfeed, newline, carriage return, horizontal tab, and vertical tab. Perl 5
+no longer includes vertical tab in its set of whitespace characters. The \\v
+escape that was in the Perl documentation for a long time was never in fact
+recognized. However, the character itself was treated as whitespace at least
+up to 5.002. In 5.004 and 5.005 it does not match \\s.
+
+2. PCRE does not allow repeat quantifiers on lookahead assertions. Perl permits
+them, but they do not mean what you might think. For example, (?!a){3} does
+not assert that the next three characters are not "a". It just asserts that the
+next character is not "a" three times.
+
+3. Capturing subpatterns that occur inside negative lookahead assertions are
+counted, but their entries in the offsets vector are never set. Perl sets its
+numerical variables from any such patterns that are matched before the
+assertion fails to match something (thereby succeeding), but only if the
+negative lookahead assertion contains just one branch.
+
+4. Though binary zero characters are supported in the subject string, they are
+not allowed in a pattern string because it is passed as a normal C string,
+terminated by zero. The escape sequence "\\0" can be used in the pattern to
+represent a binary zero.
+
+5. The following Perl escape sequences are not supported: \\l, \\u, \\L, \\U,
+\\E, \\Q. In fact these are implemented by Perl's general string-handling and
+are not part of its pattern matching engine.
+
+6. The Perl \\G assertion is not supported as it is not relevant to single
+pattern matches.
+
+7. Fairly obviously, PCRE does not support the (?{code}) and (?p{code})
+constructions. However, there is some experimental support for recursive
+patterns using the non-Perl item (?R).
+
+8. There are at the time of writing some oddities in Perl 5.005_02 concerned
+with the settings of captured strings when part of a pattern is repeated. For
+example, matching "aba" against the pattern /^(a(b)?)+$/ sets $2 to the value
+"b", but matching "aabbaa" against /^(aa(bb)?)+$/ leaves $2 unset. However, if
+the pattern is changed to /^(aa(b(b))?)+$/ then $2 (and $3) are set.
+
+In Perl 5.004 $2 is set in both cases, and that is also true of PCRE. If in the
+future Perl changes to a consistent state that is different, PCRE may change to
+follow.
+
+9. Another as yet unresolved discrepancy is that in Perl 5.005_02 the pattern
+/^(a)?(?(1)a|b)+$/ matches the string "a", whereas in PCRE it does not.
+However, in both Perl and PCRE /^(a)?a/ matched against "a" leaves $1 unset.
+
+10. PCRE provides some extensions to the Perl regular expression facilities:
+
+(a) Although lookbehind assertions must match fixed length strings, each
+alternative branch of a lookbehind assertion can match a different length of
+string. Perl 5.005 requires them all to have the same length.
+
+(b) If PCRE_DOLLAR_ENDONLY is set and PCRE_MULTILINE is not set, the $ meta-
+character matches only at the very end of the string.
+
+(c) If PCRE_EXTRA is set, a backslash followed by a letter with no special
+meaning is faulted.
+
+(d) If PCRE_UNGREEDY is set, the greediness of the repetition quantifiers is
+inverted, that is, by default they are not greedy, but if followed by a
+question mark they are.
+
+(e) PCRE_ANCHORED can be used to force a pattern to be tried only at the start
+of the subject.
+
+(f) The PCRE_NOTBOL, PCRE_NOTEOL, and PCRE_NOTEMPTY options for
+\fBpcre_exec()\fR have no Perl equivalents.
+
+(g) The (?R) construct allows for recursive pattern matching (Perl 5.6 can do
+this using the (?p{code}) construct, which PCRE cannot of course support.)
+
+
+.SH REGULAR EXPRESSION DETAILS
+The syntax and semantics of the regular expressions supported by PCRE are
+described below. Regular expressions are also described in the Perl
+documentation and in a number of other books, some of which have copious
+examples. Jeffrey Friedl's "Mastering Regular Expressions", published by
+O'Reilly (ISBN 1-56592-257), covers them in great detail.
+
+The description here is intended as reference documentation. The basic
+operation of PCRE is on strings of bytes. However, there is the beginnings of
+some support for UTF-8 character strings. To use this support you must
+configure PCRE to include it, and then call \fBpcre_compile()\fR with the
+PCRE_UTF8 option. How this affects the pattern matching is described in the
+final section of this document.
+
+A regular expression is a pattern that is matched against a subject string from
+left to right. Most characters stand for themselves in a pattern, and match the
+corresponding characters in the subject. As a trivial example, the pattern
+
+  The quick brown fox
+
+matches a portion of a subject string that is identical to itself. The power of
+regular expressions comes from the ability to include alternatives and
+repetitions in the pattern. These are encoded in the pattern by the use of
+\fImeta-characters\fR, which do not stand for themselves but instead are
+interpreted in some special way.
+
+There are two different sets of meta-characters: those that are recognized
+anywhere in the pattern except within square brackets, and those that are
+recognized in square brackets. Outside square brackets, the meta-characters are
+as follows:
+
+  \\      general escape character with several uses
+  ^      assert start of subject (or line, in multiline mode)
+  $      assert end of subject (or line, in multiline mode)
+  .      match any character except newline (by default)
+  [      start character class definition
+  |      start of alternative branch
+  (      start subpattern
+  )      end subpattern
+  ?      extends the meaning of (
+         also 0 or 1 quantifier
+         also quantifier minimizer
+  *      0 or more quantifier
+  +      1 or more quantifier
+  {      start min/max quantifier
+
+Part of a pattern that is in square brackets is called a "character class". In
+a character class the only meta-characters are:
+
+  \\      general escape character
+  ^      negate the class, but only if the first character
+  -      indicates character range
+  ]      terminates the character class
+
+The following sections describe the use of each of the meta-characters.
+
+
+.SH BACKSLASH
+The backslash character has several uses. Firstly, if it is followed by a
+non-alphameric character, it takes away any special meaning that character may
+have. This use of backslash as an escape character applies both inside and
+outside character classes.
+
+For example, if you want to match a "*" character, you write "\\*" in the
+pattern. This applies whether or not the following character would otherwise be
+interpreted as a meta-character, so it is always safe to precede a
+non-alphameric with "\\" to specify that it stands for itself. In particular,
+if you want to match a backslash, you write "\\\\".
+
+If a pattern is compiled with the PCRE_EXTENDED option, whitespace in the
+pattern (other than in a character class) and characters between a "#" outside
+a character class and the next newline character are ignored. An escaping
+backslash can be used to include a whitespace or "#" character as part of the
+pattern.
+
+A second use of backslash provides a way of encoding non-printing characters
+in patterns in a visible manner. There is no restriction on the appearance of
+non-printing characters, apart from the binary zero that terminates a pattern,
+but when a pattern is being prepared by text editing, it is usually easier to
+use one of the following escape sequences than the binary character it
+represents:
+
+  \\a     alarm, that is, the BEL character (hex 07)
+  \\cx    "control-x", where x is any character
+  \\e     escape (hex 1B)
+  \\f     formfeed (hex 0C)
+  \\n     newline (hex 0A)
+  \\r     carriage return (hex 0D)
+  \\t     tab (hex 09)
+  \\xhh   character with hex code hh
+  \\ddd   character with octal code ddd, or backreference
+
+The precise effect of "\\cx" is as follows: if "x" is a lower case letter, it
+is converted to upper case. Then bit 6 of the character (hex 40) is inverted.
+Thus "\\cz" becomes hex 1A, but "\\c{" becomes hex 3B, while "\\c;" becomes hex
+7B.
+
+After "\\x", up to two hexadecimal digits are read (letters can be in upper or
+lower case).
+
+After "\\0" up to two further octal digits are read. In both cases, if there
+are fewer than two digits, just those that are present are used. Thus the
+sequence "\\0\\x\\07" specifies two binary zeros followed by a BEL character.
+Make sure you supply two digits after the initial zero if the character that
+follows is itself an octal digit.
+
+The handling of a backslash followed by a digit other than 0 is complicated.
+Outside a character class, PCRE reads it and any following digits as a decimal
+number. If the number is less than 10, or if there have been at least that many
+previous capturing left parentheses in the expression, the entire sequence is
+taken as a \fIback reference\fR. A description of how this works is given
+later, following the discussion of parenthesized subpatterns.
+
+Inside a character class, or if the decimal number is greater than 9 and there
+have not been that many capturing subpatterns, PCRE re-reads up to three octal
+digits following the backslash, and generates a single byte from the least
+significant 8 bits of the value. Any subsequent digits stand for themselves.
+For example:
+
+  \\040   is another way of writing a space
+  \\40    is the same, provided there are fewer than 40
+            previous capturing subpatterns
+  \\7     is always a back reference
+  \\11    might be a back reference, or another way of
+            writing a tab
+  \\011   is always a tab
+  \\0113  is a tab followed by the character "3"
+  \\113   is the character with octal code 113 (since there
+            can be no more than 99 back references)
+  \\377   is a byte consisting entirely of 1 bits
+  \\81    is either a back reference, or a binary zero
+            followed by the two characters "8" and "1"
+
+Note that octal values of 100 or greater must not be introduced by a leading
+zero, because no more than three octal digits are ever read.
+
+All the sequences that define a single byte value can be used both inside and
+outside character classes. In addition, inside a character class, the sequence
+"\\b" is interpreted as the backspace character (hex 08). Outside a character
+class it has a different meaning (see below).
+
+The third use of backslash is for specifying generic character types:
+
+  \\d     any decimal digit
+  \\D     any character that is not a decimal digit
+  \\s     any whitespace character
+  \\S     any character that is not a whitespace character
+  \\w     any "word" character
+  \\W     any "non-word" character
+
+Each pair of escape sequences partitions the complete set of characters into
+two disjoint sets. Any given character matches one, and only one, of each pair.
+
+A "word" character is any letter or digit or the underscore character, that is,
+any character which can be part of a Perl "word". The definition of letters and
+digits is controlled by PCRE's character tables, and may vary if locale-
+specific matching is taking place (see "Locale support" above). For example, in
+the "fr" (French) locale, some character codes greater than 128 are used for
+accented letters, and these are matched by \\w.
+
+These character type sequences can appear both inside and outside character
+classes. They each match one character of the appropriate type. If the current
+matching point is at the end of the subject string, all of them fail, since
+there is no character to match.
+
+The fourth use of backslash is for certain simple assertions. An assertion
+specifies a condition that has to be met at a particular point in a match,
+without consuming any characters from the subject string. The use of
+subpatterns for more complicated assertions is described below. The backslashed
+assertions are
+
+  \\b     word boundary
+  \\B     not a word boundary
+  \\A     start of subject (independent of multiline mode)
+  \\Z     end of subject or newline at end (independent of multiline mode)
+  \\z     end of subject (independent of multiline mode)
+
+These assertions may not appear in character classes (but note that "\\b" has a
+different meaning, namely the backspace character, inside a character class).
+
+A word boundary is a position in the subject string where the current character
+and the previous character do not both match \\w or \\W (i.e. one matches
+\\w and the other matches \\W), or the start or end of the string if the
+first or last character matches \\w, respectively.
+
+The \\A, \\Z, and \\z assertions differ from the traditional circumflex and
+dollar (described below) in that they only ever match at the very start and end
+of the subject string, whatever options are set. They are not affected by the
+PCRE_NOTBOL or PCRE_NOTEOL options. If the \fIstartoffset\fR argument of
+\fBpcre_exec()\fR is non-zero, \\A can never match. The difference between \\Z
+and \\z is that \\Z matches before a newline that is the last character of the
+string as well as at the end of the string, whereas \\z matches only at the
+end.
+
+
+.SH CIRCUMFLEX AND DOLLAR
+Outside a character class, in the default matching mode, the circumflex
+character is an assertion which is true only if the current matching point is
+at the start of the subject string. If the \fIstartoffset\fR argument of
+\fBpcre_exec()\fR is non-zero, circumflex can never match. Inside a character
+class, circumflex has an entirely different meaning (see below).
+
+Circumflex need not be the first character of the pattern if a number of
+alternatives are involved, but it should be the first thing in each alternative
+in which it appears if the pattern is ever to match that branch. If all
+possible alternatives start with a circumflex, that is, if the pattern is
+constrained to match only at the start of the subject, it is said to be an
+"anchored" pattern. (There are also other constructs that can cause a pattern
+to be anchored.)
+
+A dollar character is an assertion which is true only if the current matching
+point is at the end of the subject string, or immediately before a newline
+character that is the last character in the string (by default). Dollar need
+not be the last character of the pattern if a number of alternatives are
+involved, but it should be the last item in any branch in which it appears.
+Dollar has no special meaning in a character class.
+
+The meaning of dollar can be changed so that it matches only at the very end of
+the string, by setting the PCRE_DOLLAR_ENDONLY option at compile or matching
+time. This does not affect the \\Z assertion.
+
+The meanings of the circumflex and dollar characters are changed if the
+PCRE_MULTILINE option is set. When this is the case, they match immediately
+after and immediately before an internal "\\n" character, respectively, in
+addition to matching at the start and end of the subject string. For example,
+the pattern /^abc$/ matches the subject string "def\\nabc" in multiline mode,
+but not otherwise. Consequently, patterns that are anchored in single line mode
+because all branches start with "^" are not anchored in multiline mode, and a
+match for circumflex is possible when the \fIstartoffset\fR argument of
+\fBpcre_exec()\fR is non-zero. The PCRE_DOLLAR_ENDONLY option is ignored if
+PCRE_MULTILINE is set.
+
+Note that the sequences \\A, \\Z, and \\z can be used to match the start and
+end of the subject in both modes, and if all branches of a pattern start with
+\\A is it always anchored, whether PCRE_MULTILINE is set or not.
+
+
+.SH FULL STOP (PERIOD, DOT)
+Outside a character class, a dot in the pattern matches any one character in
+the subject, including a non-printing character, but not (by default) newline.
+If the PCRE_DOTALL option is set, dots match newlines as well. The handling of
+dot is entirely independent of the handling of circumflex and dollar, the only
+relationship being that they both involve newline characters. Dot has no
+special meaning in a character class.
+
+
+.SH SQUARE BRACKETS
+An opening square bracket introduces a character class, terminated by a closing
+square bracket. A closing square bracket on its own is not special. If a
+closing square bracket is required as a member of the class, it should be the
+first data character in the class (after an initial circumflex, if present) or
+escaped with a backslash.
+
+A character class matches a single character in the subject; the character must
+be in the set of characters defined by the class, unless the first character in
+the class is a circumflex, in which case the subject character must not be in
+the set defined by the class. If a circumflex is actually required as a member
+of the class, ensure it is not the first character, or escape it with a
+backslash.
+
+For example, the character class [aeiou] matches any lower case vowel, while
+[^aeiou] matches any character that is not a lower case vowel. Note that a
+circumflex is just a convenient notation for specifying the characters which
+are in the class by enumerating those that are not. It is not an assertion: it
+still consumes a character from the subject string, and fails if the current
+pointer is at the end of the string.
+
+When caseless matching is set, any letters in a class represent both their
+upper case and lower case versions, so for example, a caseless [aeiou] matches
+"A" as well as "a", and a caseless [^aeiou] does not match "A", whereas a
+caseful version would.
+
+The newline character is never treated in any special way in character classes,
+whatever the setting of the PCRE_DOTALL or PCRE_MULTILINE options is. A class
+such as [^a] will always match a newline.
+
+The minus (hyphen) character can be used to specify a range of characters in a
+character class. For example, [d-m] matches any letter between d and m,
+inclusive. If a minus character is required in a class, it must be escaped with
+a backslash or appear in a position where it cannot be interpreted as
+indicating a range, typically as the first or last character in the class.
+
+It is not possible to have the literal character "]" as the end character of a
+range. A pattern such as [W-]46] is interpreted as a class of two characters
+("W" and "-") followed by a literal string "46]", so it would match "W46]" or
+"-46]". However, if the "]" is escaped with a backslash it is interpreted as
+the end of range, so [W-\\]46] is interpreted as a single class containing a
+range followed by two separate characters. The octal or hexadecimal
+representation of "]" can also be used to end a range.
+
+Ranges operate in ASCII collating sequence. They can also be used for
+characters specified numerically, for example [\\000-\\037]. If a range that
+includes letters is used when caseless matching is set, it matches the letters
+in either case. For example, [W-c] is equivalent to [][\\^_`wxyzabc], matched
+caselessly, and if character tables for the "fr" locale are in use,
+[\\xc8-\\xcb] matches accented E characters in both cases.
+
+The character types \\d, \\D, \\s, \\S, \\w, and \\W may also appear in a
+character class, and add the characters that they match to the class. For
+example, [\\dABCDEF] matches any hexadecimal digit. A circumflex can
+conveniently be used with the upper case character types to specify a more
+restricted set of characters than the matching lower case type. For example,
+the class [^\\W_] matches any letter or digit, but not underscore.
+
+All non-alphameric characters other than \\, -, ^ (at the start) and the
+terminating ] are non-special in character classes, but it does no harm if they
+are escaped.
+
+
+.SH POSIX CHARACTER CLASSES
+Perl 5.6 (not yet released at the time of writing) is going to support the
+POSIX notation for character classes, which uses names enclosed by [: and :]
+within the enclosing square brackets. PCRE supports this notation. For example,
+
+  [01[:alpha:]%]
+
+matches "0", "1", any alphabetic character, or "%". The supported class names
+are
+
+  alnum    letters and digits
+  alpha    letters
+  ascii    character codes 0 - 127
+  cntrl    control characters
+  digit    decimal digits (same as \\d)
+  graph    printing characters, excluding space
+  lower    lower case letters
+  print    printing characters, including space
+  punct    printing characters, excluding letters and digits
+  space    white space (same as \\s)
+  upper    upper case letters
+  word     "word" characters (same as \\w)
+  xdigit   hexadecimal digits
+
+The names "ascii" and "word" are Perl extensions. Another Perl extension is
+negation, which is indicated by a ^ character after the colon. For example,
+
+  [12[:^digit:]]
+
+matches "1", "2", or any non-digit. PCRE (and Perl) also recogize the POSIX
+syntax [.ch.] and [=ch=] where "ch" is a "collating element", but these are not
+supported, and an error is given if they are encountered.
+
+
+.SH VERTICAL BAR
+Vertical bar characters are used to separate alternative patterns. For example,
+the pattern
+
+  gilbert|sullivan
+
+matches either "gilbert" or "sullivan". Any number of alternatives may appear,
+and an empty alternative is permitted (matching the empty string).
+The matching process tries each alternative in turn, from left to right,
+and the first one that succeeds is used. If the alternatives are within a
+subpattern (defined below), "succeeds" means matching the rest of the main
+pattern as well as the alternative in the subpattern.
+
+
+.SH INTERNAL OPTION SETTING
+The settings of PCRE_CASELESS, PCRE_MULTILINE, PCRE_DOTALL, and PCRE_EXTENDED
+can be changed from within the pattern by a sequence of Perl option letters
+enclosed between "(?" and ")". The option letters are
+
+  i  for PCRE_CASELESS
+  m  for PCRE_MULTILINE
+  s  for PCRE_DOTALL
+  x  for PCRE_EXTENDED
+
+For example, (?im) sets caseless, multiline matching. It is also possible to
+unset these options by preceding the letter with a hyphen, and a combined
+setting and unsetting such as (?im-sx), which sets PCRE_CASELESS and
+PCRE_MULTILINE while unsetting PCRE_DOTALL and PCRE_EXTENDED, is also
+permitted. If a letter appears both before and after the hyphen, the option is
+unset.
+
+The scope of these option changes depends on where in the pattern the setting
+occurs. For settings that are outside any subpattern (defined below), the
+effect is the same as if the options were set or unset at the start of
+matching. The following patterns all behave in exactly the same way:
+
+  (?i)abc
+  a(?i)bc
+  ab(?i)c
+  abc(?i)
+
+which in turn is the same as compiling the pattern abc with PCRE_CASELESS set.
+In other words, such "top level" settings apply to the whole pattern (unless
+there are other changes inside subpatterns). If there is more than one setting
+of the same option at top level, the rightmost setting is used.
+
+If an option change occurs inside a subpattern, the effect is different. This
+is a change of behaviour in Perl 5.005. An option change inside a subpattern
+affects only that part of the subpattern that follows it, so
+
+  (a(?i)b)c
+
+matches abc and aBc and no other strings (assuming PCRE_CASELESS is not used).
+By this means, options can be made to have different settings in different
+parts of the pattern. Any changes made in one alternative do carry on
+into subsequent branches within the same subpattern. For example,
+
+  (a(?i)b|c)
+
+matches "ab", "aB", "c", and "C", even though when matching "C" the first
+branch is abandoned before the option setting. This is because the effects of
+option settings happen at compile time. There would be some very weird
+behaviour otherwise.
+
+The PCRE-specific options PCRE_UNGREEDY and PCRE_EXTRA can be changed in the
+same way as the Perl-compatible options by using the characters U and X
+respectively. The (?X) flag setting is special in that it must always occur
+earlier in the pattern than any of the additional features it turns on, even
+when it is at top level. It is best put at the start.
+
+
+.SH SUBPATTERNS
+Subpatterns are delimited by parentheses (round brackets), which can be nested.
+Marking part of a pattern as a subpattern does two things:
+
+1. It localizes a set of alternatives. For example, the pattern
+
+  cat(aract|erpillar|)
+
+matches one of the words "cat", "cataract", or "caterpillar". Without the
+parentheses, it would match "cataract", "erpillar" or the empty string.
+
+2. It sets up the subpattern as a capturing subpattern (as defined above).
+When the whole pattern matches, that portion of the subject string that matched
+the subpattern is passed back to the caller via the \fIovector\fR argument of
+\fBpcre_exec()\fR. Opening parentheses are counted from left to right (starting
+from 1) to obtain the numbers of the capturing subpatterns.
+
+For example, if the string "the red king" is matched against the pattern
+
+  the ((red|white) (king|queen))
+
+the captured substrings are "red king", "red", and "king", and are numbered 1,
+2, and 3.
+
+The fact that plain parentheses fulfil two functions is not always helpful.
+There are often times when a grouping subpattern is required without a
+capturing requirement. If an opening parenthesis is followed by "?:", the
+subpattern does not do any capturing, and is not counted when computing the
+number of any subsequent capturing subpatterns. For example, if the string "the
+white queen" is matched against the pattern
+
+  the ((?:red|white) (king|queen))
+
+the captured substrings are "white queen" and "queen", and are numbered 1 and
+2. The maximum number of captured substrings is 99, and the maximum number of
+all subpatterns, both capturing and non-capturing, is 200.
+
+As a convenient shorthand, if any option settings are required at the start of
+a non-capturing subpattern, the option letters may appear between the "?" and
+the ":". Thus the two patterns
+
+  (?i:saturday|sunday)
+  (?:(?i)saturday|sunday)
+
+match exactly the same set of strings. Because alternative branches are tried
+from left to right, and options are not reset until the end of the subpattern
+is reached, an option setting in one branch does affect subsequent branches, so
+the above patterns match "SUNDAY" as well as "Saturday".
+
+
+.SH REPETITION
+Repetition is specified by quantifiers, which can follow any of the following
+items:
+
+  a single character, possibly escaped
+  the . metacharacter
+  a character class
+  a back reference (see next section)
+  a parenthesized subpattern (unless it is an assertion - see below)
+
+The general repetition quantifier specifies a minimum and maximum number of
+permitted matches, by giving the two numbers in curly brackets (braces),
+separated by a comma. The numbers must be less than 65536, and the first must
+be less than or equal to the second. For example:
+
+  z{2,4}
+
+matches "zz", "zzz", or "zzzz". A closing brace on its own is not a special
+character. If the second number is omitted, but the comma is present, there is
+no upper limit; if the second number and the comma are both omitted, the
+quantifier specifies an exact number of required matches. Thus
+
+  [aeiou]{3,}
+
+matches at least 3 successive vowels, but may match many more, while
+
+  \\d{8}
+
+matches exactly 8 digits. An opening curly bracket that appears in a position
+where a quantifier is not allowed, or one that does not match the syntax of a
+quantifier, is taken as a literal character. For example, {,6} is not a
+quantifier, but a literal string of four characters.
+
+The quantifier {0} is permitted, causing the expression to behave as if the
+previous item and the quantifier were not present.
+
+For convenience (and historical compatibility) the three most common
+quantifiers have single-character abbreviations:
+
+  *    is equivalent to {0,}
+  +    is equivalent to {1,}
+  ?    is equivalent to {0,1}
+
+It is possible to construct infinite loops by following a subpattern that can
+match no characters with a quantifier that has no upper limit, for example:
+
+  (a?)*
+
+Earlier versions of Perl and PCRE used to give an error at compile time for
+such patterns. However, because there are cases where this can be useful, such
+patterns are now accepted, but if any repetition of the subpattern does in fact
+match no characters, the loop is forcibly broken.
+
+By default, the quantifiers are "greedy", that is, they match as much as
+possible (up to the maximum number of permitted times), without causing the
+rest of the pattern to fail. The classic example of where this gives problems
+is in trying to match comments in C programs. These appear between the
+sequences /* and */ and within the sequence, individual * and / characters may
+appear. An attempt to match C comments by applying the pattern
+
+  /\\*.*\\*/
+
+to the string
+
+  /* first command */  not comment  /* second comment */
+
+fails, because it matches the entire string owing to the greediness of the .*
+item.
+
+However, if a quantifier is followed by a question mark, it ceases to be
+greedy, and instead matches the minimum number of times possible, so the
+pattern
+
+  /\\*.*?\\*/
+
+does the right thing with the C comments. The meaning of the various
+quantifiers is not otherwise changed, just the preferred number of matches.
+Do not confuse this use of question mark with its use as a quantifier in its
+own right. Because it has two uses, it can sometimes appear doubled, as in
+
+  \\d??\\d
+
+which matches one digit by preference, but can match two if that is the only
+way the rest of the pattern matches.
+
+If the PCRE_UNGREEDY option is set (an option which is not available in Perl),
+the quantifiers are not greedy by default, but individual ones can be made
+greedy by following them with a question mark. In other words, it inverts the
+default behaviour.
+
+When a parenthesized subpattern is quantified with a minimum repeat count that
+is greater than 1 or with a limited maximum, more store is required for the
+compiled pattern, in proportion to the size of the minimum or maximum.
+
+If a pattern starts with .* or .{0,} and the PCRE_DOTALL option (equivalent
+to Perl's /s) is set, thus allowing the . to match newlines, the pattern is
+implicitly anchored, because whatever follows will be tried against every
+character position in the subject string, so there is no point in retrying the
+overall match at any position after the first. PCRE treats such a pattern as
+though it were preceded by \\A. In cases where it is known that the subject
+string contains no newlines, it is worth setting PCRE_DOTALL when the pattern
+begins with .* in order to obtain this optimization, or alternatively using ^
+to indicate anchoring explicitly.
+
+When a capturing subpattern is repeated, the value captured is the substring
+that matched the final iteration. For example, after
+
+  (tweedle[dume]{3}\\s*)+
+
+has matched "tweedledum tweedledee" the value of the captured substring is
+"tweedledee". However, if there are nested capturing subpatterns, the
+corresponding captured values may have been set in previous iterations. For
+example, after
+
+  /(a|(b))+/
+
+matches "aba" the value of the second captured substring is "b".
+
+
+.SH BACK REFERENCES
+Outside a character class, a backslash followed by a digit greater than 0 (and
+possibly further digits) is a back reference to a capturing subpattern earlier
+(i.e. to its left) in the pattern, provided there have been that many previous
+capturing left parentheses.
+
+However, if the decimal number following the backslash is less than 10, it is
+always taken as a back reference, and causes an error only if there are not
+that many capturing left parentheses in the entire pattern. In other words, the
+parentheses that are referenced need not be to the left of the reference for
+numbers less than 10. See the section entitled "Backslash" above for further
+details of the handling of digits following a backslash.
+
+A back reference matches whatever actually matched the capturing subpattern in
+the current subject string, rather than anything matching the subpattern
+itself. So the pattern
+
+  (sens|respons)e and \\1ibility
+
+matches "sense and sensibility" and "response and responsibility", but not
+"sense and responsibility". If caseful matching is in force at the time of the
+back reference, the case of letters is relevant. For example,
+
+  ((?i)rah)\\s+\\1
+
+matches "rah rah" and "RAH RAH", but not "RAH rah", even though the original
+capturing subpattern is matched caselessly.
+
+There may be more than one back reference to the same subpattern. If a
+subpattern has not actually been used in a particular match, any back
+references to it always fail. For example, the pattern
+
+  (a|(bc))\\2
+
+always fails if it starts to match "a" rather than "bc". Because there may be
+up to 99 back references, all digits following the backslash are taken
+as part of a potential back reference number. If the pattern continues with a
+digit character, some delimiter must be used to terminate the back reference.
+If the PCRE_EXTENDED option is set, this can be whitespace. Otherwise an empty
+comment can be used.
+
+A back reference that occurs inside the parentheses to which it refers fails
+when the subpattern is first used, so, for example, (a\\1) never matches.
+However, such references can be useful inside repeated subpatterns. For
+example, the pattern
+
+  (a|b\\1)+
+
+matches any number of "a"s and also "aba", "ababbaa" etc. At each iteration of
+the subpattern, the back reference matches the character string corresponding
+to the previous iteration. In order for this to work, the pattern must be such
+that the first iteration does not need to match the back reference. This can be
+done using alternation, as in the example above, or by a quantifier with a
+minimum of zero.
+
+
+.SH ASSERTIONS
+An assertion is a test on the characters following or preceding the current
+matching point that does not actually consume any characters. The simple
+assertions coded as \\b, \\B, \\A, \\Z, \\z, ^ and $ are described above. More
+complicated assertions are coded as subpatterns. There are two kinds: those
+that look ahead of the current position in the subject string, and those that
+look behind it.
+
+An assertion subpattern is matched in the normal way, except that it does not
+cause the current matching position to be changed. Lookahead assertions start
+with (?= for positive assertions and (?! for negative assertions. For example,
+
+  \\w+(?=;)
+
+matches a word followed by a semicolon, but does not include the semicolon in
+the match, and
+
+  foo(?!bar)
+
+matches any occurrence of "foo" that is not followed by "bar". Note that the
+apparently similar pattern
+
+  (?!foo)bar
+
+does not find an occurrence of "bar" that is preceded by something other than
+"foo"; it finds any occurrence of "bar" whatsoever, because the assertion
+(?!foo) is always true when the next three characters are "bar". A
+lookbehind assertion is needed to achieve this effect.
+
+Lookbehind assertions start with (?<= for positive assertions and (?<! for
+negative assertions. For example,
+
+  (?<!foo)bar
+
+does find an occurrence of "bar" that is not preceded by "foo". The contents of
+a lookbehind assertion are restricted such that all the strings it matches must
+have a fixed length. However, if there are several alternatives, they do not
+all have to have the same fixed length. Thus
+
+  (?<=bullock|donkey)
+
+is permitted, but
+
+  (?<!dogs?|cats?)
+
+causes an error at compile time. Branches that match different length strings
+are permitted only at the top level of a lookbehind assertion. This is an
+extension compared with Perl 5.005, which requires all branches to match the
+same length of string. An assertion such as
+
+  (?<=ab(c|de))
+
+is not permitted, because its single top-level branch can match two different
+lengths, but it is acceptable if rewritten to use two top-level branches:
+
+  (?<=abc|abde)
+
+The implementation of lookbehind assertions is, for each alternative, to
+temporarily move the current position back by the fixed width and then try to
+match. If there are insufficient characters before the current position, the
+match is deemed to fail. Lookbehinds in conjunction with once-only subpatterns
+can be particularly useful for matching at the ends of strings; an example is
+given at the end of the section on once-only subpatterns.
+
+Several assertions (of any sort) may occur in succession. For example,
+
+  (?<=\\d{3})(?<!999)foo
+
+matches "foo" preceded by three digits that are not "999". Notice that each of
+the assertions is applied independently at the same point in the subject
+string. First there is a check that the previous three characters are all
+digits, and then there is a check that the same three characters are not "999".
+This pattern does \fInot\fR match "foo" preceded by six characters, the first
+of which are digits and the last three of which are not "999". For example, it
+doesn't match "123abcfoo". A pattern to do that is
+
+  (?<=\\d{3}...)(?<!999)foo
+
+This time the first assertion looks at the preceding six characters, checking
+that the first three are digits, and then the second assertion checks that the
+preceding three characters are not "999".
+
+Assertions can be nested in any combination. For example,
+
+  (?<=(?<!foo)bar)baz
+
+matches an occurrence of "baz" that is preceded by "bar" which in turn is not
+preceded by "foo", while
+
+  (?<=\\d{3}(?!999)...)foo
+
+is another pattern which matches "foo" preceded by three digits and any three
+characters that are not "999".
+
+Assertion subpatterns are not capturing subpatterns, and may not be repeated,
+because it makes no sense to assert the same thing several times. If any kind
+of assertion contains capturing subpatterns within it, these are counted for
+the purposes of numbering the capturing subpatterns in the whole pattern.
+However, substring capturing is carried out only for positive assertions,
+because it does not make sense for negative assertions.
+
+Assertions count towards the maximum of 200 parenthesized subpatterns.
+
+
+.SH ONCE-ONLY SUBPATTERNS
+With both maximizing and minimizing repetition, failure of what follows
+normally causes the repeated item to be re-evaluated to see if a different
+number of repeats allows the rest of the pattern to match. Sometimes it is
+useful to prevent this, either to change the nature of the match, or to cause
+it fail earlier than it otherwise might, when the author of the pattern knows
+there is no point in carrying on.
+
+Consider, for example, the pattern \\d+foo when applied to the subject line
+
+  123456bar
+
+After matching all 6 digits and then failing to match "foo", the normal
+action of the matcher is to try again with only 5 digits matching the \\d+
+item, and then with 4, and so on, before ultimately failing. Once-only
+subpatterns provide the means for specifying that once a portion of the pattern
+has matched, it is not to be re-evaluated in this way, so the matcher would
+give up immediately on failing to match "foo" the first time. The notation is
+another kind of special parenthesis, starting with (?> as in this example:
+
+  (?>\\d+)bar
+
+This kind of parenthesis "locks up" the  part of the pattern it contains once
+it has matched, and a failure further into the pattern is prevented from
+backtracking into it. Backtracking past it to previous items, however, works as
+normal.
+
+An alternative description is that a subpattern of this type matches the string
+of characters that an identical standalone pattern would match, if anchored at
+the current point in the subject string.
+
+Once-only subpatterns are not capturing subpatterns. Simple cases such as the
+above example can be thought of as a maximizing repeat that must swallow
+everything it can. So, while both \\d+ and \\d+? are prepared to adjust the
+number of digits they match in order to make the rest of the pattern match,
+(?>\\d+) can only match an entire sequence of digits.
+
+This construction can of course contain arbitrarily complicated subpatterns,
+and it can be nested.
+
+Once-only subpatterns can be used in conjunction with lookbehind assertions to
+specify efficient matching at the end of the subject string. Consider a simple
+pattern such as
+
+  abcd$
+
+when applied to a long string which does not match. Because matching proceeds
+from left to right, PCRE will look for each "a" in the subject and then see if
+what follows matches the rest of the pattern. If the pattern is specified as
+
+  ^.*abcd$
+
+the initial .* matches the entire string at first, but when this fails (because
+there is no following "a"), it backtracks to match all but the last character,
+then all but the last two characters, and so on. Once again the search for "a"
+covers the entire string, from right to left, so we are no better off. However,
+if the pattern is written as
+
+  ^(?>.*)(?<=abcd)
+
+there can be no backtracking for the .* item; it can match only the entire
+string. The subsequent lookbehind assertion does a single test on the last four
+characters. If it fails, the match fails immediately. For long strings, this
+approach makes a significant difference to the processing time.
+
+When a pattern contains an unlimited repeat inside a subpattern that can itself
+be repeated an unlimited number of times, the use of a once-only subpattern is
+the only way to avoid some failing matches taking a very long time indeed.
+The pattern
+
+  (\\D+|<\\d+>)*[!?]
+
+matches an unlimited number of substrings that either consist of non-digits, or
+digits enclosed in <>, followed by either ! or ?. When it matches, it runs
+quickly. However, if it is applied to
+
+  aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+
+it takes a long time before reporting failure. This is because the string can
+be divided between the two repeats in a large number of ways, and all have to
+be tried. (The example used [!?] rather than a single character at the end,
+because both PCRE and Perl have an optimization that allows for fast failure
+when a single character is used. They remember the last single character that
+is required for a match, and fail early if it is not present in the string.)
+If the pattern is changed to
+
+  ((?>\\D+)|<\\d+>)*[!?]
+
+sequences of non-digits cannot be broken, and failure happens quickly.
+
+
+.SH CONDITIONAL SUBPATTERNS
+It is possible to cause the matching process to obey a subpattern
+conditionally or to choose between two alternative subpatterns, depending on
+the result of an assertion, or whether a previous capturing subpattern matched
+or not. The two possible forms of conditional subpattern are
+
+  (?(condition)yes-pattern)
+  (?(condition)yes-pattern|no-pattern)
+
+If the condition is satisfied, the yes-pattern is used; otherwise the
+no-pattern (if present) is used. If there are more than two alternatives in the
+subpattern, a compile-time error occurs.
+
+There are two kinds of condition. If the text between the parentheses consists
+of a sequence of digits, the condition is satisfied if the capturing subpattern
+of that number has previously matched. The number must be greater than zero.
+Consider the following pattern, which contains non-significant white space to
+make it more readable (assume the PCRE_EXTENDED option) and to divide it into
+three parts for ease of discussion:
+
+  ( \\( )?    [^()]+    (?(1) \\) )
+
+The first part matches an optional opening parenthesis, and if that
+character is present, sets it as the first captured substring. The second part
+matches one or more characters that are not parentheses. The third part is a
+conditional subpattern that tests whether the first set of parentheses matched
+or not. If they did, that is, if subject started with an opening parenthesis,
+the condition is true, and so the yes-pattern is executed and a closing
+parenthesis is required. Otherwise, since no-pattern is not present, the
+subpattern matches nothing. In other words, this pattern matches a sequence of
+non-parentheses, optionally enclosed in parentheses.
+
+If the condition is not a sequence of digits, it must be an assertion. This may
+be a positive or negative lookahead or lookbehind assertion. Consider this
+pattern, again containing non-significant white space, and with the two
+alternatives on the second line:
+
+  (?(?=[^a-z]*[a-z])
+  \\d{2}-[a-z]{3}-\\d{2}  |  \\d{2}-\\d{2}-\\d{2} )
+
+The condition is a positive lookahead assertion that matches an optional
+sequence of non-letters followed by a letter. In other words, it tests for the
+presence of at least one letter in the subject. If a letter is found, the
+subject is matched against the first alternative; otherwise it is matched
+against the second. This pattern matches strings in one of the two forms
+dd-aaa-dd or dd-dd-dd, where aaa are letters and dd are digits.
+
+
+.SH COMMENTS
+The sequence (?# marks the start of a comment which continues up to the next
+closing parenthesis. Nested parentheses are not permitted. The characters
+that make up a comment play no part in the pattern matching at all.
+
+If the PCRE_EXTENDED option is set, an unescaped # character outside a
+character class introduces a comment that continues up to the next newline
+character in the pattern.
+
+
+.SH RECURSIVE PATTERNS
+Consider the problem of matching a string in parentheses, allowing for
+unlimited nested parentheses. Without the use of recursion, the best that can
+be done is to use a pattern that matches up to some fixed depth of nesting. It
+is not possible to handle an arbitrary nesting depth. Perl 5.6 has provided an
+experimental facility that allows regular expressions to recurse (amongst other
+things). It does this by interpolating Perl code in the expression at run time,
+and the code can refer to the expression itself. A Perl pattern to solve the
+parentheses problem can be created like this:
+
+  $re = qr{\\( (?: (?>[^()]+) | (?p{$re}) )* \\)}x;
+
+The (?p{...}) item interpolates Perl code at run time, and in this case refers
+recursively to the pattern in which it appears. Obviously, PCRE cannot support
+the interpolation of Perl code. Instead, the special item (?R) is provided for
+the specific case of recursion. This PCRE pattern solves the parentheses
+problem (assume the PCRE_EXTENDED option is set so that white space is
+ignored):
+
+  \\( ( (?>[^()]+) | (?R) )* \\)
+
+First it matches an opening parenthesis. Then it matches any number of
+substrings which can either be a sequence of non-parentheses, or a recursive
+match of the pattern itself (i.e. a correctly parenthesized substring). Finally
+there is a closing parenthesis.
+
+This particular example pattern contains nested unlimited repeats, and so the
+use of a once-only subpattern for matching strings of non-parentheses is
+important when applying the pattern to strings that do not match. For example,
+when it is applied to
+
+  (aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa()
+
+it yields "no match" quickly. However, if a once-only subpattern is not used,
+the match runs for a very long time indeed because there are so many different
+ways the + and * repeats can carve up the subject, and all have to be tested
+before failure can be reported.
+
+The values set for any capturing subpatterns are those from the outermost level
+of the recursion at which the subpattern value is set. If the pattern above is
+matched against
+
+  (ab(cd)ef)
+
+the value for the capturing parentheses is "ef", which is the last value taken
+on at the top level. If additional parentheses are added, giving
+
+  \\( ( ( (?>[^()]+) | (?R) )* ) \\)
+     ^                        ^
+     ^                        ^
+the string they capture is "ab(cd)ef", the contents of the top level
+parentheses. If there are more than 15 capturing parentheses in a pattern, PCRE
+has to obtain extra memory to store data during a recursion, which it does by
+using \fBpcre_malloc\fR, freeing it via \fBpcre_free\fR afterwards. If no
+memory can be obtained, it saves data for the first 15 capturing parentheses
+only, as there is no way to give an out-of-memory error from within a
+recursion.
+
+
+.SH PERFORMANCE
+Certain items that may appear in patterns are more efficient than others. It is
+more efficient to use a character class like [aeiou] than a set of alternatives
+such as (a|e|i|o|u). In general, the simplest construction that provides the
+required behaviour is usually the most efficient. Jeffrey Friedl's book
+contains a lot of discussion about optimizing regular expressions for efficient
+performance.
+
+When a pattern begins with .* and the PCRE_DOTALL option is set, the pattern is
+implicitly anchored by PCRE, since it can match only at the start of a subject
+string. However, if PCRE_DOTALL is not set, PCRE cannot make this optimization,
+because the . metacharacter does not then match a newline, and if the subject
+string contains newlines, the pattern may match from the character immediately
+following one of them instead of from the very start. For example, the pattern
+
+  (.*) second
+
+matches the subject "first\\nand second" (where \\n stands for a newline
+character) with the first captured substring being "and". In order to do this,
+PCRE has to retry the match starting after every newline in the subject.
+
+If you are using such a pattern with subject strings that do not contain
+newlines, the best performance is obtained by setting PCRE_DOTALL, or starting
+the pattern with ^.* to indicate explicit anchoring. That saves PCRE from
+having to scan along the subject looking for a newline to restart at.
+
+Beware of patterns that contain nested indefinite repeats. These can take a
+long time to run when applied to a string that does not match. Consider the
+pattern fragment
+
+  (a+)*
+
+This can match "aaaa" in 33 different ways, and this number increases very
+rapidly as the string gets longer. (The * repeat can match 0, 1, 2, 3, or 4
+times, and for each of those cases other than 0, the + repeats can match
+different numbers of times.) When the remainder of the pattern is such that the
+entire match is going to fail, PCRE has in principle to try every possible
+variation, and this can take an extremely long time.
+
+An optimization catches some of the more simple cases such as
+
+  (a+)*b
+
+where a literal character follows. Before embarking on the standard matching
+procedure, PCRE checks that there is a "b" later in the subject string, and if
+there is not, it fails the match immediately. However, when there is no
+following literal this optimization cannot be used. You can see the difference
+by comparing the behaviour of
+
+  (a+)*\\d
+
+with the pattern above. The former gives a failure almost instantly when
+applied to a whole line of "a" characters, whereas the latter takes an
+appreciable time with strings longer than about 20 characters.
+
+
+.SH UTF-8 SUPPORT
+Starting at release 3.3, PCRE has some support for character strings encoded
+in the UTF-8 format. This is incomplete, and is regarded as experimental. In
+order to use it, you must configure PCRE to include UTF-8 support in the code,
+and, in addition, you must call \fBpcre_compile()\fR with the PCRE_UTF8 option
+flag. When you do this, both the pattern and any subject strings that are
+matched against it are treated as UTF-8 strings instead of just strings of
+bytes, but only in the cases that are mentioned below.
+
+If you compile PCRE with UTF-8 support, but do not use it at run time, the
+library will be a bit bigger, but the additional run time overhead is limited
+to testing the PCRE_UTF8 flag in several places, so should not be very large.
+
+PCRE assumes that the strings it is given contain valid UTF-8 codes. It does
+not diagnose invalid UTF-8 strings. If you pass invalid UTF-8 strings to PCRE,
+the results are undefined.
+
+Running with PCRE_UTF8 set causes these changes in the way PCRE works:
+
+1. In a pattern, the escape sequence \\x{...}, where the contents of the braces
+is a string of hexadecimal digits, is interpreted as a UTF-8 character whose
+code number is the given hexadecimal number, for example: \\x{1234}. This
+inserts from one to six literal bytes into the pattern, using the UTF-8
+encoding. If a non-hexadecimal digit appears between the braces, the item is
+not recognized.
+
+2. The original hexadecimal escape sequence, \\xhh, generates a two-byte UTF-8
+character if its value is greater than 127.
+
+3. Repeat quantifiers are NOT correctly handled if they follow a multibyte
+character. For example, \\x{100}* and \\xc3+ do not work. If you want to
+repeat such characters, you must enclose them in non-capturing parentheses,
+for example (?:\\x{100}), at present.
+
+4. The dot metacharacter matches one UTF-8 character instead of a single byte.
+
+5. Unlike literal UTF-8 characters, the dot metacharacter followed by a
+repeat quantifier does operate correctly on UTF-8 characters instead of
+single bytes.
+
+4. Although the \\x{...} escape is permitted in a character class, characters
+whose values are greater than 255 cannot be included in a class.
+
+5. A class is matched against a UTF-8 character instead of just a single byte,
+but it can match only characters whose values are less than 256. Characters
+with greater values always fail to match a class.
+
+6. Repeated classes work correctly on multiple characters.
+
+7. Classes containing just a single character whose value is greater than 127
+(but less than 256), for example, [\\x80] or [^\\x{93}], do not work because
+these are optimized into single byte matches. In the first case, of course,
+the class brackets are just redundant.
+
+8. Lookbehind assertions move backwards in the subject by a fixed number of
+characters instead of a fixed number of bytes. Simple cases have been tested
+to work correctly, but there may be hidden gotchas herein.
+
+9. The character types such as \\d and \\w do not work correctly with UTF-8
+characters. They continue to test a single byte.
+
+10. Anything not explicitly mentioned here continues to work in bytes rather
+than in characters.
+
+The following UTF-8 features of Perl 5.6 are not implemented:
+
+1. The escape sequence \\C to match a single byte.
+
+2. The use of Unicode tables and properties and escapes \\p, \\P, and \\X.
+
+.SH AUTHOR
+Philip Hazel <ph10 at cam.ac.uk>
+.br
+University Computing Service,
+.br
+New Museums Site,
+.br
+Cambridge CB2 3QG, England.
+.br
+Phone: +44 1223 334714
+
+Last updated: 28 August 2000,
+.br
+  the 250th anniversary of the death of J.S. Bach.
+.br
+Copyright (c) 1997-2000 University of Cambridge.
diff --git a/external/privoxy/pcre/doc/pcre.html b/external/privoxy/pcre/doc/pcre.html
new file mode 100644
index 0000000..b12b212
--- /dev/null
+++ b/external/privoxy/pcre/doc/pcre.html
@@ -0,0 +1,2397 @@
+<HTML>
+<HEAD>
+<TITLE>pcre specification</TITLE>
+</HEAD>
+<body bgcolor="#FFFFFF" text="#00005A">
+<H1>pcre specification</H1>
+This HTML document has been generated automatically from the original man page.
+If there is any nonsense in it, please consult the man page in case the
+conversion went wrong.
+<UL>
+<LI><A NAME="TOC1" HREF="#SEC1">NAME</A>
+<LI><A NAME="TOC2" HREF="#SEC2">SYNOPSIS</A>
+<LI><A NAME="TOC3" HREF="#SEC3">DESCRIPTION</A>
+<LI><A NAME="TOC4" HREF="#SEC4">MULTI-THREADING</A>
+<LI><A NAME="TOC5" HREF="#SEC5">COMPILING A PATTERN</A>
+<LI><A NAME="TOC6" HREF="#SEC6">STUDYING A PATTERN</A>
+<LI><A NAME="TOC7" HREF="#SEC7">LOCALE SUPPORT</A>
+<LI><A NAME="TOC8" HREF="#SEC8">INFORMATION ABOUT A PATTERN</A>
+<LI><A NAME="TOC9" HREF="#SEC9">MATCHING A PATTERN</A>
+<LI><A NAME="TOC10" HREF="#SEC10">EXTRACTING CAPTURED SUBSTRINGS</A>
+<LI><A NAME="TOC11" HREF="#SEC11">LIMITATIONS</A>
+<LI><A NAME="TOC12" HREF="#SEC12">DIFFERENCES FROM PERL</A>
+<LI><A NAME="TOC13" HREF="#SEC13">REGULAR EXPRESSION DETAILS</A>
+<LI><A NAME="TOC14" HREF="#SEC14">BACKSLASH</A>
+<LI><A NAME="TOC15" HREF="#SEC15">CIRCUMFLEX AND DOLLAR</A>
+<LI><A NAME="TOC16" HREF="#SEC16">FULL STOP (PERIOD, DOT)</A>
+<LI><A NAME="TOC17" HREF="#SEC17">SQUARE BRACKETS</A>
+<LI><A NAME="TOC18" HREF="#SEC18">POSIX CHARACTER CLASSES</A>
+<LI><A NAME="TOC19" HREF="#SEC19">VERTICAL BAR</A>
+<LI><A NAME="TOC20" HREF="#SEC20">INTERNAL OPTION SETTING</A>
+<LI><A NAME="TOC21" HREF="#SEC21">SUBPATTERNS</A>
+<LI><A NAME="TOC22" HREF="#SEC22">REPETITION</A>
+<LI><A NAME="TOC23" HREF="#SEC23">BACK REFERENCES</A>
+<LI><A NAME="TOC24" HREF="#SEC24">ASSERTIONS</A>
+<LI><A NAME="TOC25" HREF="#SEC25">ONCE-ONLY SUBPATTERNS</A>
+<LI><A NAME="TOC26" HREF="#SEC26">CONDITIONAL SUBPATTERNS</A>
+<LI><A NAME="TOC27" HREF="#SEC27">COMMENTS</A>
+<LI><A NAME="TOC28" HREF="#SEC28">RECURSIVE PATTERNS</A>
+<LI><A NAME="TOC29" HREF="#SEC29">PERFORMANCE</A>
+<LI><A NAME="TOC30" HREF="#SEC30">UTF-8 SUPPORT</A>
+<LI><A NAME="TOC31" HREF="#SEC31">AUTHOR</A>
+</UL>
+<LI><A NAME="SEC1" HREF="#TOC1">NAME</A>
+<P>
+pcre - Perl-compatible regular expressions.
+</P>
+<LI><A NAME="SEC2" HREF="#TOC1">SYNOPSIS</A>
+<P>
+<B>#include <pcre.h></B>
+</P>
+<P>
+<B>pcre *pcre_compile(const char *<I>pattern</I>, int <I>options</I>,</B>
+<B>const char **<I>errptr</I>, int *<I>erroffset</I>,</B>
+<B>const unsigned char *<I>tableptr</I>);</B>
+</P>
+<P>
+<B>pcre_extra *pcre_study(const pcre *<I>code</I>, int <I>options</I>,</B>
+<B>const char **<I>errptr</I>);</B>
+</P>
+<P>
+<B>int pcre_exec(const pcre *<I>code</I>, const pcre_extra *<I>extra</I>,</B>
+<B>const char *<I>subject</I>, int <I>length</I>, int <I>startoffset</I>,</B>
+<B>int <I>options</I>, int *<I>ovector</I>, int <I>ovecsize</I>);</B>
+</P>
+<P>
+<B>int pcre_copy_substring(const char *<I>subject</I>, int *<I>ovector</I>,</B>
+<B>int <I>stringcount</I>, int <I>stringnumber</I>, char *<I>buffer</I>,</B>
+<B>int <I>buffersize</I>);</B>
+</P>
+<P>
+<B>int pcre_get_substring(const char *<I>subject</I>, int *<I>ovector</I>,</B>
+<B>int <I>stringcount</I>, int <I>stringnumber</I>,</B>
+<B>const char **<I>stringptr</I>);</B>
+</P>
+<P>
+<B>int pcre_get_substring_list(const char *<I>subject</I>,</B>
+<B>int *<I>ovector</I>, int <I>stringcount</I>, const char ***<I>listptr</I>);</B>
+</P>
+<P>
+<B>void pcre_free_substring(const char *<I>stringptr</I>);</B>
+</P>
+<P>
+<B>void pcre_free_substring_list(const char **<I>stringptr</I>);</B>
+</P>
+<P>
+<B>const unsigned char *pcre_maketables(void);</B>
+</P>
+<P>
+<B>int pcre_fullinfo(const pcre *<I>code</I>, const pcre_extra *<I>extra</I>,</B>
+<B>int <I>what</I>, void *<I>where</I>);</B>
+</P>
+<P>
+<B>int pcre_info(const pcre *<I>code</I>, int *<I>optptr</I>, int</B>
+<B>*<I>firstcharptr</I>);</B>
+</P>
+<P>
+<B>char *pcre_version(void);</B>
+</P>
+<P>
+<B>void *(*pcre_malloc)(size_t);</B>
+</P>
+<P>
+<B>void (*pcre_free)(void *);</B>
+</P>
+<LI><A NAME="SEC3" HREF="#TOC1">DESCRIPTION</A>
+<P>
+The PCRE library is a set of functions that implement regular expression
+pattern matching using the same syntax and semantics as Perl 5, with just a few
+differences (see below). The current implementation corresponds to Perl 5.005,
+with some additional features from later versions. This includes some
+experimental, incomplete support for UTF-8 encoded strings. Details of exactly
+what is and what is not supported are given below.
+</P>
+<P>
+PCRE has its own native API, which is described in this document. There is also
+a set of wrapper functions that correspond to the POSIX regular expression API.
+These are described in the <B>pcreposix</B> documentation.
+</P>
+<P>
+The native API function prototypes are defined in the header file <B>pcre.h</B>,
+and on Unix systems the library itself is called <B>libpcre.a</B>, so can be
+accessed by adding <B>-lpcre</B> to the command for linking an application which
+calls it. The header file defines the macros PCRE_MAJOR and PCRE_MINOR to
+contain the major and minor release numbers for the library. Applications can
+use these to include support for different releases.
+</P>
+<P>
+The functions <B>pcre_compile()</B>, <B>pcre_study()</B>, and <B>pcre_exec()</B>
+are used for compiling and matching regular expressions.
+</P>
+<P>
+The functions <B>pcre_copy_substring()</B>, <B>pcre_get_substring()</B>, and
+<B>pcre_get_substring_list()</B> are convenience functions for extracting
+captured substrings from a matched subject string; <B>pcre_free_substring()</B>
+and <B>pcre_free_substring_list()</B> are also provided, to free the memory used
+for extracted strings.
+</P>
+<P>
+The function <B>pcre_maketables()</B> is used (optionally) to build a set of
+character tables in the current locale for passing to <B>pcre_compile()</B>.
+</P>
+<P>
+The function <B>pcre_fullinfo()</B> is used to find out information about a
+compiled pattern; <B>pcre_info()</B> is an obsolete version which returns only
+some of the available information, but is retained for backwards compatibility.
+The function <B>pcre_version()</B> returns a pointer to a string containing the
+version of PCRE and its date of release.
+</P>
+<P>
+The global variables <B>pcre_malloc</B> and <B>pcre_free</B> initially contain
+the entry points of the standard <B>malloc()</B> and <B>free()</B> functions
+respectively. PCRE calls the memory management functions via these variables,
+so a calling program can replace them if it wishes to intercept the calls. This
+should be done before calling any PCRE functions.
+</P>
+<LI><A NAME="SEC4" HREF="#TOC1">MULTI-THREADING</A>
+<P>
+The PCRE functions can be used in multi-threading applications, with the
+proviso that the memory management functions pointed to by <B>pcre_malloc</B>
+and <B>pcre_free</B> are shared by all threads.
+</P>
+<P>
+The compiled form of a regular expression is not altered during matching, so
+the same compiled pattern can safely be used by several threads at once.
+</P>
+<LI><A NAME="SEC5" HREF="#TOC1">COMPILING A PATTERN</A>
+<P>
+The function <B>pcre_compile()</B> is called to compile a pattern into an
+internal form. The pattern is a C string terminated by a binary zero, and
+is passed in the argument <I>pattern</I>. A pointer to a single block of memory
+that is obtained via <B>pcre_malloc</B> is returned. This contains the
+compiled code and related data. The <B>pcre</B> type is defined for this for
+convenience, but in fact <B>pcre</B> is just a typedef for <B>void</B>, since the
+contents of the block are not externally defined. It is up to the caller to
+free the memory when it is no longer required.
+</P>
+<P>
+The size of a compiled pattern is roughly proportional to the length of the
+pattern string, except that each character class (other than those containing
+just a single character, negated or not) requires 33 bytes, and repeat
+quantifiers with a minimum greater than one or a bounded maximum cause the
+relevant portions of the compiled pattern to be replicated.
+</P>
+<P>
+The <I>options</I> argument contains independent bits that affect the
+compilation. It should be zero if no options are required. Some of the options,
+in particular, those that are compatible with Perl, can also be set and unset
+from within the pattern (see the detailed description of regular expressions
+below). For these options, the contents of the <I>options</I> argument specifies
+their initial settings at the start of compilation and execution. The
+PCRE_ANCHORED option can be set at the time of matching as well as at compile
+time.
+</P>
+<P>
+If <I>errptr</I> is NULL, <B>pcre_compile()</B> returns NULL immediately.
+Otherwise, if compilation of a pattern fails, <B>pcre_compile()</B> returns
+NULL, and sets the variable pointed to by <I>errptr</I> to point to a textual
+error message. The offset from the start of the pattern to the character where
+the error was discovered is placed in the variable pointed to by
+<I>erroffset</I>, which must not be NULL. If it is, an immediate error is given.
+</P>
+<P>
+If the final argument, <I>tableptr</I>, is NULL, PCRE uses a default set of
+character tables which are built when it is compiled, using the default C
+locale. Otherwise, <I>tableptr</I> must be the result of a call to
+<B>pcre_maketables()</B>. See the section on locale support below.
+</P>
+<P>
+The following option bits are defined in the header file:
+</P>
+<P>
+<PRE>
+  PCRE_ANCHORED
+</PRE>
+</P>
+<P>
+If this bit is set, the pattern is forced to be "anchored", that is, it is
+constrained to match only at the start of the string which is being searched
+(the "subject string"). This effect can also be achieved by appropriate
+constructs in the pattern itself, which is the only way to do it in Perl.
+</P>
+<P>
+<PRE>
+  PCRE_CASELESS
+</PRE>
+</P>
+<P>
+If this bit is set, letters in the pattern match both upper and lower case
+letters. It is equivalent to Perl's /i option.
+</P>
+<P>
+<PRE>
+  PCRE_DOLLAR_ENDONLY
+</PRE>
+</P>
+<P>
+If this bit is set, a dollar metacharacter in the pattern matches only at the
+end of the subject string. Without this option, a dollar also matches
+immediately before the final character if it is a newline (but not before any
+other newlines). The PCRE_DOLLAR_ENDONLY option is ignored if PCRE_MULTILINE is
+set. There is no equivalent to this option in Perl.
+</P>
+<P>
+<PRE>
+  PCRE_DOTALL
+</PRE>
+</P>
+<P>
+If this bit is set, a dot metacharater in the pattern matches all characters,
+including newlines. Without it, newlines are excluded. This option is
+equivalent to Perl's /s option. A negative class such as [^a] always matches a
+newline character, independent of the setting of this option.
+</P>
+<P>
+<PRE>
+  PCRE_EXTENDED
+</PRE>
+</P>
+<P>
+If this bit is set, whitespace data characters in the pattern are totally
+ignored except when escaped or inside a character class, and characters between
+an unescaped # outside a character class and the next newline character,
+inclusive, are also ignored. This is equivalent to Perl's /x option, and makes
+it possible to include comments inside complicated patterns. Note, however,
+that this applies only to data characters. Whitespace characters may never
+appear within special character sequences in a pattern, for example within the
+sequence (?( which introduces a conditional subpattern.
+</P>
+<P>
+<PRE>
+  PCRE_EXTRA
+</PRE>
+</P>
+<P>
+This option was invented in order to turn on additional functionality of PCRE
+that is incompatible with Perl, but it is currently of very little use. When
+set, any backslash in a pattern that is followed by a letter that has no
+special meaning causes an error, thus reserving these combinations for future
+expansion. By default, as in Perl, a backslash followed by a letter with no
+special meaning is treated as a literal. There are at present no other features
+controlled by this option. It can also be set by a (?X) option setting within a
+pattern.
+</P>
+<P>
+<PRE>
+  PCRE_MULTILINE
+</PRE>
+</P>
+<P>
+By default, PCRE treats the subject string as consisting of a single "line" of
+characters (even if it actually contains several newlines). The "start of line"
+metacharacter (^) matches only at the start of the string, while the "end of
+line" metacharacter ($) matches only at the end of the string, or before a
+terminating newline (unless PCRE_DOLLAR_ENDONLY is set). This is the same as
+Perl.
+</P>
+<P>
+When PCRE_MULTILINE it is set, the "start of line" and "end of line" constructs
+match immediately following or immediately before any newline in the subject
+string, respectively, as well as at the very start and end. This is equivalent
+to Perl's /m option. If there are no "\n" characters in a subject string, or
+no occurrences of ^ or $ in a pattern, setting PCRE_MULTILINE has no
+effect.
+</P>
+<P>
+<PRE>
+  PCRE_UNGREEDY
+</PRE>
+</P>
+<P>
+This option inverts the "greediness" of the quantifiers so that they are not
+greedy by default, but become greedy if followed by "?". It is not compatible
+with Perl. It can also be set by a (?U) option setting within the pattern.
+</P>
+<P>
+<PRE>
+  PCRE_UTF8
+</PRE>
+</P>
+<P>
+This option causes PCRE to regard both the pattern and the subject as strings
+of UTF-8 characters instead of just byte strings. However, it is available only
+if PCRE has been built to include UTF-8 support. If not, the use of this option
+provokes an error. Support for UTF-8 is new, experimental, and incomplete.
+Details of exactly what it entails are given below.
+</P>
+<LI><A NAME="SEC6" HREF="#TOC1">STUDYING A PATTERN</A>
+<P>
+When a pattern is going to be used several times, it is worth spending more
+time analyzing it in order to speed up the time taken for matching. The
+function <B>pcre_study()</B> takes a pointer to a compiled pattern as its first
+argument, and returns a pointer to a <B>pcre_extra</B> block (another <B>void</B>
+typedef) containing additional information about the pattern; this can be
+passed to <B>pcre_exec()</B>. If no additional information is available, NULL
+is returned.
+</P>
+<P>
+The second argument contains option bits. At present, no options are defined
+for <B>pcre_study()</B>, and this argument should always be zero.
+</P>
+<P>
+The third argument for <B>pcre_study()</B> is a pointer to an error message. If
+studying succeeds (even if no data is returned), the variable it points to is
+set to NULL. Otherwise it points to a textual error message.
+</P>
+<P>
+At present, studying a pattern is useful only for non-anchored patterns that do
+not have a single fixed starting character. A bitmap of possible starting
+characters is created.
+</P>
+<LI><A NAME="SEC7" HREF="#TOC1">LOCALE SUPPORT</A>
+<P>
+PCRE handles caseless matching, and determines whether characters are letters,
+digits, or whatever, by reference to a set of tables. The library contains a
+default set of tables which is created in the default C locale when PCRE is
+compiled. This is used when the final argument of <B>pcre_compile()</B> is NULL,
+and is sufficient for many applications.
+</P>
+<P>
+An alternative set of tables can, however, be supplied. Such tables are built
+by calling the <B>pcre_maketables()</B> function, which has no arguments, in the
+relevant locale. The result can then be passed to <B>pcre_compile()</B> as often
+as necessary. For example, to build and use tables that are appropriate for the
+French locale (where accented characters with codes greater than 128 are
+treated as letters), the following code could be used:
+</P>
+<P>
+<PRE>
+  setlocale(LC_CTYPE, "fr");
+  tables = pcre_maketables();
+  re = pcre_compile(..., tables);
+</PRE>
+</P>
+<P>
+The tables are built in memory that is obtained via <B>pcre_malloc</B>. The
+pointer that is passed to <B>pcre_compile</B> is saved with the compiled
+pattern, and the same tables are used via this pointer by <B>pcre_study()</B>
+and <B>pcre_exec()</B>. Thus for any single pattern, compilation, studying and
+matching all happen in the same locale, but different patterns can be compiled
+in different locales. It is the caller's responsibility to ensure that the
+memory containing the tables remains available for as long as it is needed.
+</P>
+<LI><A NAME="SEC8" HREF="#TOC1">INFORMATION ABOUT A PATTERN</A>
+<P>
+The <B>pcre_fullinfo()</B> function returns information about a compiled
+pattern. It replaces the obsolete <B>pcre_info()</B> function, which is
+nevertheless retained for backwards compability (and is documented below).
+</P>
+<P>
+The first argument for <B>pcre_fullinfo()</B> is a pointer to the compiled
+pattern. The second argument is the result of <B>pcre_study()</B>, or NULL if
+the pattern was not studied. The third argument specifies which piece of
+information is required, while the fourth argument is a pointer to a variable
+to receive the data. The yield of the function is zero for success, or one of
+the following negative numbers:
+</P>
+<P>
+<PRE>
+  PCRE_ERROR_NULL       the argument <I>code</I> was NULL
+                        the argument <I>where</I> was NULL
+  PCRE_ERROR_BADMAGIC   the "magic number" was not found
+  PCRE_ERROR_BADOPTION  the value of <I>what</I> was invalid
+</PRE>
+</P>
+<P>
+The possible values for the third argument are defined in <B>pcre.h</B>, and are
+as follows:
+</P>
+<P>
+<PRE>
+  PCRE_INFO_OPTIONS
+</PRE>
+</P>
+<P>
+Return a copy of the options with which the pattern was compiled. The fourth
+argument should point to au <B>unsigned long int</B> variable. These option bits
+are those specified in the call to <B>pcre_compile()</B>, modified by any
+top-level option settings within the pattern itself, and with the PCRE_ANCHORED
+bit forcibly set if the form of the pattern implies that it can match only at
+the start of a subject string.
+</P>
+<P>
+<PRE>
+  PCRE_INFO_SIZE
+</PRE>
+</P>
+<P>
+Return the size of the compiled pattern, that is, the value that was passed as
+the argument to <B>pcre_malloc()</B> when PCRE was getting memory in which to
+place the compiled data. The fourth argument should point to a <B>size_t</B>
+variable.
+</P>
+<P>
+<PRE>
+  PCRE_INFO_CAPTURECOUNT
+</PRE>
+</P>
+<P>
+Return the number of capturing subpatterns in the pattern. The fourth argument
+should point to an \fbint\fR variable.
+</P>
+<P>
+<PRE>
+  PCRE_INFO_BACKREFMAX
+</PRE>
+</P>
+<P>
+Return the number of the highest back reference in the pattern. The fourth
+argument should point to an <B>int</B> variable. Zero is returned if there are
+no back references.
+</P>
+<P>
+<PRE>
+  PCRE_INFO_FIRSTCHAR
+</PRE>
+</P>
+<P>
+Return information about the first character of any matched string, for a
+non-anchored pattern. If there is a fixed first character, e.g. from a pattern
+such as (cat|cow|coyote), it is returned in the integer pointed to by
+<I>where</I>. Otherwise, if either
+</P>
+<P>
+(a) the pattern was compiled with the PCRE_MULTILINE option, and every branch
+starts with "^", or
+</P>
+<P>
+(b) every branch of the pattern starts with ".*" and PCRE_DOTALL is not set
+(if it were set, the pattern would be anchored),
+</P>
+<P>
+-1 is returned, indicating that the pattern matches only at the start of a
+subject string or after any "\n" within the string. Otherwise -2 is returned.
+For anchored patterns, -2 is returned.
+</P>
+<P>
+<PRE>
+  PCRE_INFO_FIRSTTABLE
+</PRE>
+</P>
+<P>
+If the pattern was studied, and this resulted in the construction of a 256-bit
+table indicating a fixed set of characters for the first character in any
+matching string, a pointer to the table is returned. Otherwise NULL is
+returned. The fourth argument should point to an <B>unsigned char *</B>
+variable.
+</P>
+<P>
+<PRE>
+  PCRE_INFO_LASTLITERAL
+</PRE>
+</P>
+<P>
+For a non-anchored pattern, return the value of the rightmost literal character
+which must exist in any matched string, other than at its start. The fourth
+argument should point to an <B>int</B> variable. If there is no such character,
+or if the pattern is anchored, -1 is returned. For example, for the pattern
+/a\d+z\d+/ the returned value is 'z'.
+</P>
+<P>
+The <B>pcre_info()</B> function is now obsolete because its interface is too
+restrictive to return all the available data about a compiled pattern. New
+programs should use <B>pcre_fullinfo()</B> instead. The yield of
+<B>pcre_info()</B> is the number of capturing subpatterns, or one of the
+following negative numbers:
+</P>
+<P>
+<PRE>
+  PCRE_ERROR_NULL       the argument <I>code</I> was NULL
+  PCRE_ERROR_BADMAGIC   the "magic number" was not found
+</PRE>
+</P>
+<P>
+If the <I>optptr</I> argument is not NULL, a copy of the options with which the
+pattern was compiled is placed in the integer it points to (see
+PCRE_INFO_OPTIONS above).
+</P>
+<P>
+If the pattern is not anchored and the <I>firstcharptr</I> argument is not NULL,
+it is used to pass back information about the first character of any matched
+string (see PCRE_INFO_FIRSTCHAR above).
+</P>
+<LI><A NAME="SEC9" HREF="#TOC1">MATCHING A PATTERN</A>
+<P>
+The function <B>pcre_exec()</B> is called to match a subject string against a
+pre-compiled pattern, which is passed in the <I>code</I> argument. If the
+pattern has been studied, the result of the study should be passed in the
+<I>extra</I> argument. Otherwise this must be NULL.
+</P>
+<P>
+The PCRE_ANCHORED option can be passed in the <I>options</I> argument, whose
+unused bits must be zero. However, if a pattern was compiled with
+PCRE_ANCHORED, or turned out to be anchored by virtue of its contents, it
+cannot be made unachored at matching time.
+</P>
+<P>
+There are also three further options that can be set only at matching time:
+</P>
+<P>
+<PRE>
+  PCRE_NOTBOL
+</PRE>
+</P>
+<P>
+The first character of the string is not the beginning of a line, so the
+circumflex metacharacter should not match before it. Setting this without
+PCRE_MULTILINE (at compile time) causes circumflex never to match.
+</P>
+<P>
+<PRE>
+  PCRE_NOTEOL
+</PRE>
+</P>
+<P>
+The end of the string is not the end of a line, so the dollar metacharacter
+should not match it nor (except in multiline mode) a newline immediately before
+it. Setting this without PCRE_MULTILINE (at compile time) causes dollar never
+to match.
+</P>
+<P>
+<PRE>
+  PCRE_NOTEMPTY
+</PRE>
+</P>
+<P>
+An empty string is not considered to be a valid match if this option is set. If
+there are alternatives in the pattern, they are tried. If all the alternatives
+match the empty string, the entire match fails. For example, if the pattern
+</P>
+<P>
+<PRE>
+  a?b?
+</PRE>
+</P>
+<P>
+is applied to a string not beginning with "a" or "b", it matches the empty
+string at the start of the subject. With PCRE_NOTEMPTY set, this match is not
+valid, so PCRE searches further into the string for occurrences of "a" or "b".
+</P>
+<P>
+Perl has no direct equivalent of PCRE_NOTEMPTY, but it does make a special case
+of a pattern match of the empty string within its <B>split()</B> function, and
+when using the /g modifier. It is possible to emulate Perl's behaviour after
+matching a null string by first trying the match again at the same offset with
+PCRE_NOTEMPTY set, and then if that fails by advancing the starting offset (see
+below) and trying an ordinary match again.
+</P>
+<P>
+The subject string is passed as a pointer in <I>subject</I>, a length in
+<I>length</I>, and a starting offset in <I>startoffset</I>. Unlike the pattern
+string, it may contain binary zero characters. When the starting offset is
+zero, the search for a match starts at the beginning of the subject, and this
+is by far the most common case.
+</P>
+<P>
+A non-zero starting offset is useful when searching for another match in the
+same subject by calling <B>pcre_exec()</B> again after a previous success.
+Setting <I>startoffset</I> differs from just passing over a shortened string and
+setting PCRE_NOTBOL in the case of a pattern that begins with any kind of
+lookbehind. For example, consider the pattern
+</P>
+<P>
+<PRE>
+  \Biss\B
+</PRE>
+</P>
+<P>
+which finds occurrences of "iss" in the middle of words. (\B matches only if
+the current position in the subject is not a word boundary.) When applied to
+the string "Mississipi" the first call to <B>pcre_exec()</B> finds the first
+occurrence. If <B>pcre_exec()</B> is called again with just the remainder of the
+subject, namely "issipi", it does not match, because \B is always false at the
+start of the subject, which is deemed to be a word boundary. However, if
+<B>pcre_exec()</B> is passed the entire string again, but with <I>startoffset</I>
+set to 4, it finds the second occurrence of "iss" because it is able to look
+behind the starting point to discover that it is preceded by a letter.
+</P>
+<P>
+If a non-zero starting offset is passed when the pattern is anchored, one
+attempt to match at the given offset is tried. This can only succeed if the
+pattern does not require the match to be at the start of the subject.
+</P>
+<P>
+In general, a pattern matches a certain portion of the subject, and in
+addition, further substrings from the subject may be picked out by parts of the
+pattern. Following the usage in Jeffrey Friedl's book, this is called
+"capturing" in what follows, and the phrase "capturing subpattern" is used for
+a fragment of a pattern that picks out a substring. PCRE supports several other
+kinds of parenthesized subpattern that do not cause substrings to be captured.
+</P>
+<P>
+Captured substrings are returned to the caller via a vector of integer offsets
+whose address is passed in <I>ovector</I>. The number of elements in the vector
+is passed in <I>ovecsize</I>. The first two-thirds of the vector is used to pass
+back captured substrings, each substring using a pair of integers. The
+remaining third of the vector is used as workspace by <B>pcre_exec()</B> while
+matching capturing subpatterns, and is not available for passing back
+information. The length passed in <I>ovecsize</I> should always be a multiple of
+three. If it is not, it is rounded down.
+</P>
+<P>
+When a match has been successful, information about captured substrings is
+returned in pairs of integers, starting at the beginning of <I>ovector</I>, and
+continuing up to two-thirds of its length at the most. The first element of a
+pair is set to the offset of the first character in a substring, and the second
+is set to the offset of the first character after the end of a substring. The
+first pair, <I>ovector[0]</I> and <I>ovector[1]</I>, identify the portion of the
+subject string matched by the entire pattern. The next pair is used for the
+first capturing subpattern, and so on. The value returned by <B>pcre_exec()</B>
+is the number of pairs that have been set. If there are no capturing
+subpatterns, the return value from a successful match is 1, indicating that
+just the first pair of offsets has been set.
+</P>
+<P>
+Some convenience functions are provided for extracting the captured substrings
+as separate strings. These are described in the following section.
+</P>
+<P>
+It is possible for an capturing subpattern number <I>n+1</I> to match some
+part of the subject when subpattern <I>n</I> has not been used at all. For
+example, if the string "abc" is matched against the pattern (a|(z))(bc)
+subpatterns 1 and 3 are matched, but 2 is not. When this happens, both offset
+values corresponding to the unused subpattern are set to -1.
+</P>
+<P>
+If a capturing subpattern is matched repeatedly, it is the last portion of the
+string that it matched that gets returned.
+</P>
+<P>
+If the vector is too small to hold all the captured substrings, it is used as
+far as possible (up to two-thirds of its length), and the function returns a
+value of zero. In particular, if the substring offsets are not of interest,
+<B>pcre_exec()</B> may be called with <I>ovector</I> passed as NULL and
+<I>ovecsize</I> as zero. However, if the pattern contains back references and
+the <I>ovector</I> isn't big enough to remember the related substrings, PCRE has
+to get additional memory for use during matching. Thus it is usually advisable
+to supply an <I>ovector</I>.
+</P>
+<P>
+Note that <B>pcre_info()</B> can be used to find out how many capturing
+subpatterns there are in a compiled pattern. The smallest size for
+<I>ovector</I> that will allow for <I>n</I> captured substrings in addition to
+the offsets of the substring matched by the whole pattern is (<I>n</I>+1)*3.
+</P>
+<P>
+If <B>pcre_exec()</B> fails, it returns a negative number. The following are
+defined in the header file:
+</P>
+<P>
+<PRE>
+  PCRE_ERROR_NOMATCH        (-1)
+</PRE>
+</P>
+<P>
+The subject string did not match the pattern.
+</P>
+<P>
+<PRE>
+  PCRE_ERROR_NULL           (-2)
+</PRE>
+</P>
+<P>
+Either <I>code</I> or <I>subject</I> was passed as NULL, or <I>ovector</I> was
+NULL and <I>ovecsize</I> was not zero.
+</P>
+<P>
+<PRE>
+  PCRE_ERROR_BADOPTION      (-3)
+</PRE>
+</P>
+<P>
+An unrecognized bit was set in the <I>options</I> argument.
+</P>
+<P>
+<PRE>
+  PCRE_ERROR_BADMAGIC       (-4)
+</PRE>
+</P>
+<P>
+PCRE stores a 4-byte "magic number" at the start of the compiled code, to catch
+the case when it is passed a junk pointer. This is the error it gives when the
+magic number isn't present.
+</P>
+<P>
+<PRE>
+  PCRE_ERROR_UNKNOWN_NODE   (-5)
+</PRE>
+</P>
+<P>
+While running the pattern match, an unknown item was encountered in the
+compiled pattern. This error could be caused by a bug in PCRE or by overwriting
+of the compiled pattern.
+</P>
+<P>
+<PRE>
+  PCRE_ERROR_NOMEMORY       (-6)
+</PRE>
+</P>
+<P>
+If a pattern contains back references, but the <I>ovector</I> that is passed to
+<B>pcre_exec()</B> is not big enough to remember the referenced substrings, PCRE
+gets a block of memory at the start of matching to use for this purpose. If the
+call via <B>pcre_malloc()</B> fails, this error is given. The memory is freed at
+the end of matching.
+</P>
+<LI><A NAME="SEC10" HREF="#TOC1">EXTRACTING CAPTURED SUBSTRINGS</A>
+<P>
+Captured substrings can be accessed directly by using the offsets returned by
+<B>pcre_exec()</B> in <I>ovector</I>. For convenience, the functions
+<B>pcre_copy_substring()</B>, <B>pcre_get_substring()</B>, and
+<B>pcre_get_substring_list()</B> are provided for extracting captured substrings
+as new, separate, zero-terminated strings. A substring that contains a binary
+zero is correctly extracted and has a further zero added on the end, but the
+result does not, of course, function as a C string.
+</P>
+<P>
+The first three arguments are the same for all three functions: <I>subject</I>
+is the subject string which has just been successfully matched, <I>ovector</I>
+is a pointer to the vector of integer offsets that was passed to
+<B>pcre_exec()</B>, and <I>stringcount</I> is the number of substrings that
+were captured by the match, including the substring that matched the entire
+regular expression. This is the value returned by <B>pcre_exec</B> if it
+is greater than zero. If <B>pcre_exec()</B> returned zero, indicating that it
+ran out of space in <I>ovector</I>, the value passed as <I>stringcount</I> should
+be the size of the vector divided by three.
+</P>
+<P>
+The functions <B>pcre_copy_substring()</B> and <B>pcre_get_substring()</B>
+extract a single substring, whose number is given as <I>stringnumber</I>. A
+value of zero extracts the substring that matched the entire pattern, while
+higher values extract the captured substrings. For <B>pcre_copy_substring()</B>,
+the string is placed in <I>buffer</I>, whose length is given by
+<I>buffersize</I>, while for <B>pcre_get_substring()</B> a new block of memory is
+obtained via <B>pcre_malloc</B>, and its address is returned via
+<I>stringptr</I>. The yield of the function is the length of the string, not
+including the terminating zero, or one of
+</P>
+<P>
+<PRE>
+  PCRE_ERROR_NOMEMORY       (-6)
+</PRE>
+</P>
+<P>
+The buffer was too small for <B>pcre_copy_substring()</B>, or the attempt to get
+memory failed for <B>pcre_get_substring()</B>.
+</P>
+<P>
+<PRE>
+  PCRE_ERROR_NOSUBSTRING    (-7)
+</PRE>
+</P>
+<P>
+There is no substring whose number is <I>stringnumber</I>.
+</P>
+<P>
+The <B>pcre_get_substring_list()</B> function extracts all available substrings
+and builds a list of pointers to them. All this is done in a single block of
+memory which is obtained via <B>pcre_malloc</B>. The address of the memory block
+is returned via <I>listptr</I>, which is also the start of the list of string
+pointers. The end of the list is marked by a NULL pointer. The yield of the
+function is zero if all went well, or
+</P>
+<P>
+<PRE>
+  PCRE_ERROR_NOMEMORY       (-6)
+</PRE>
+</P>
+<P>
+if the attempt to get the memory block failed.
+</P>
+<P>
+When any of these functions encounter a substring that is unset, which can
+happen when capturing subpattern number <I>n+1</I> matches some part of the
+subject, but subpattern <I>n</I> has not been used at all, they return an empty
+string. This can be distinguished from a genuine zero-length substring by
+inspecting the appropriate offset in <I>ovector</I>, which is negative for unset
+substrings.
+</P>
+<P>
+The two convenience functions <B>pcre_free_substring()</B> and
+<B>pcre_free_substring_list()</B> can be used to free the memory returned by
+a previous call of <B>pcre_get_substring()</B> or
+<B>pcre_get_substring_list()</B>, respectively. They do nothing more than call
+the function pointed to by <B>pcre_free</B>, which of course could be called
+directly from a C program. However, PCRE is used in some situations where it is
+linked via a special interface to another programming language which cannot use
+<B>pcre_free</B> directly; it is for these cases that the functions are
+provided.
+</P>
+<LI><A NAME="SEC11" HREF="#TOC1">LIMITATIONS</A>
+<P>
+There are some size limitations in PCRE but it is hoped that they will never in
+practice be relevant.
+The maximum length of a compiled pattern is 65539 (sic) bytes.
+All values in repeating quantifiers must be less than 65536.
+The maximum number of capturing subpatterns is 99.
+The maximum number of all parenthesized subpatterns, including capturing
+subpatterns, assertions, and other types of subpattern, is 200.
+</P>
+<P>
+The maximum length of a subject string is the largest positive number that an
+integer variable can hold. However, PCRE uses recursion to handle subpatterns
+and indefinite repetition. This means that the available stack space may limit
+the size of a subject string that can be processed by certain patterns.
+</P>
+<LI><A NAME="SEC12" HREF="#TOC1">DIFFERENCES FROM PERL</A>
+<P>
+The differences described here are with respect to Perl 5.005.
+</P>
+<P>
+1. By default, a whitespace character is any character that the C library
+function <B>isspace()</B> recognizes, though it is possible to compile PCRE with
+alternative character type tables. Normally <B>isspace()</B> matches space,
+formfeed, newline, carriage return, horizontal tab, and vertical tab. Perl 5
+no longer includes vertical tab in its set of whitespace characters. The \v
+escape that was in the Perl documentation for a long time was never in fact
+recognized. However, the character itself was treated as whitespace at least
+up to 5.002. In 5.004 and 5.005 it does not match \s.
+</P>
+<P>
+2. PCRE does not allow repeat quantifiers on lookahead assertions. Perl permits
+them, but they do not mean what you might think. For example, (?!a){3} does
+not assert that the next three characters are not "a". It just asserts that the
+next character is not "a" three times.
+</P>
+<P>
+3. Capturing subpatterns that occur inside negative lookahead assertions are
+counted, but their entries in the offsets vector are never set. Perl sets its
+numerical variables from any such patterns that are matched before the
+assertion fails to match something (thereby succeeding), but only if the
+negative lookahead assertion contains just one branch.
+</P>
+<P>
+4. Though binary zero characters are supported in the subject string, they are
+not allowed in a pattern string because it is passed as a normal C string,
+terminated by zero. The escape sequence "\0" can be used in the pattern to
+represent a binary zero.
+</P>
+<P>
+5. The following Perl escape sequences are not supported: \l, \u, \L, \U,
+\E, \Q. In fact these are implemented by Perl's general string-handling and
+are not part of its pattern matching engine.
+</P>
+<P>
+6. The Perl \G assertion is not supported as it is not relevant to single
+pattern matches.
+</P>
+<P>
+7. Fairly obviously, PCRE does not support the (?{code}) and (?p{code})
+constructions. However, there is some experimental support for recursive
+patterns using the non-Perl item (?R).
+</P>
+<P>
+8. There are at the time of writing some oddities in Perl 5.005_02 concerned
+with the settings of captured strings when part of a pattern is repeated. For
+example, matching "aba" against the pattern /^(a(b)?)+$/ sets $2 to the value
+"b", but matching "aabbaa" against /^(aa(bb)?)+$/ leaves $2 unset. However, if
+the pattern is changed to /^(aa(b(b))?)+$/ then $2 (and $3) are set.
+</P>
+<P>
+In Perl 5.004 $2 is set in both cases, and that is also true of PCRE. If in the
+future Perl changes to a consistent state that is different, PCRE may change to
+follow.
+</P>
+<P>
+9. Another as yet unresolved discrepancy is that in Perl 5.005_02 the pattern
+/^(a)?(?(1)a|b)+$/ matches the string "a", whereas in PCRE it does not.
+However, in both Perl and PCRE /^(a)?a/ matched against "a" leaves $1 unset.
+</P>
+<P>
+10. PCRE provides some extensions to the Perl regular expression facilities:
+</P>
+<P>
+(a) Although lookbehind assertions must match fixed length strings, each
+alternative branch of a lookbehind assertion can match a different length of
+string. Perl 5.005 requires them all to have the same length.
+</P>
+<P>
+(b) If PCRE_DOLLAR_ENDONLY is set and PCRE_MULTILINE is not set, the $ meta-
+character matches only at the very end of the string.
+</P>
+<P>
+(c) If PCRE_EXTRA is set, a backslash followed by a letter with no special
+meaning is faulted.
+</P>
+<P>
+(d) If PCRE_UNGREEDY is set, the greediness of the repetition quantifiers is
+inverted, that is, by default they are not greedy, but if followed by a
+question mark they are.
+</P>
+<P>
+(e) PCRE_ANCHORED can be used to force a pattern to be tried only at the start
+of the subject.
+</P>
+<P>
+(f) The PCRE_NOTBOL, PCRE_NOTEOL, and PCRE_NOTEMPTY options for
+<B>pcre_exec()</B> have no Perl equivalents.
+</P>
+<P>
+(g) The (?R) construct allows for recursive pattern matching (Perl 5.6 can do
+this using the (?p{code}) construct, which PCRE cannot of course support.)
+</P>
+<LI><A NAME="SEC13" HREF="#TOC1">REGULAR EXPRESSION DETAILS</A>
+<P>
+The syntax and semantics of the regular expressions supported by PCRE are
+described below. Regular expressions are also described in the Perl
+documentation and in a number of other books, some of which have copious
+examples. Jeffrey Friedl's "Mastering Regular Expressions", published by
+O'Reilly (ISBN 1-56592-257), covers them in great detail.
+</P>
+<P>
+The description here is intended as reference documentation. The basic
+operation of PCRE is on strings of bytes. However, there is the beginnings of
+some support for UTF-8 character strings. To use this support you must
+configure PCRE to include it, and then call <B>pcre_compile()</B> with the
+PCRE_UTF8 option. How this affects the pattern matching is described in the
+final section of this document.
+</P>
+<P>
+A regular expression is a pattern that is matched against a subject string from
+left to right. Most characters stand for themselves in a pattern, and match the
+corresponding characters in the subject. As a trivial example, the pattern
+</P>
+<P>
+<PRE>
+  The quick brown fox
+</PRE>
+</P>
+<P>
+matches a portion of a subject string that is identical to itself. The power of
+regular expressions comes from the ability to include alternatives and
+repetitions in the pattern. These are encoded in the pattern by the use of
+<I>meta-characters</I>, which do not stand for themselves but instead are
+interpreted in some special way.
+</P>
+<P>
+There are two different sets of meta-characters: those that are recognized
+anywhere in the pattern except within square brackets, and those that are
+recognized in square brackets. Outside square brackets, the meta-characters are
+as follows:
+</P>
+<P>
+<PRE>
+  \      general escape character with several uses
+  ^      assert start of subject (or line, in multiline mode)
+  $      assert end of subject (or line, in multiline mode)
+  .      match any character except newline (by default)
+  [      start character class definition
+  |      start of alternative branch
+  (      start subpattern
+  )      end subpattern
+  ?      extends the meaning of (
+         also 0 or 1 quantifier
+         also quantifier minimizer
+  *      0 or more quantifier
+  +      1 or more quantifier
+  {      start min/max quantifier
+</PRE>
+</P>
+<P>
+Part of a pattern that is in square brackets is called a "character class". In
+a character class the only meta-characters are:
+</P>
+<P>
+<PRE>
+  \      general escape character
+  ^      negate the class, but only if the first character
+  -      indicates character range
+  ]      terminates the character class
+</PRE>
+</P>
+<P>
+The following sections describe the use of each of the meta-characters.
+</P>
+<LI><A NAME="SEC14" HREF="#TOC1">BACKSLASH</A>
+<P>
+The backslash character has several uses. Firstly, if it is followed by a
+non-alphameric character, it takes away any special meaning that character may
+have. This use of backslash as an escape character applies both inside and
+outside character classes.
+</P>
+<P>
+For example, if you want to match a "*" character, you write "\*" in the
+pattern. This applies whether or not the following character would otherwise be
+interpreted as a meta-character, so it is always safe to precede a
+non-alphameric with "\" to specify that it stands for itself. In particular,
+if you want to match a backslash, you write "\\".
+</P>
+<P>
+If a pattern is compiled with the PCRE_EXTENDED option, whitespace in the
+pattern (other than in a character class) and characters between a "#" outside
+a character class and the next newline character are ignored. An escaping
+backslash can be used to include a whitespace or "#" character as part of the
+pattern.
+</P>
+<P>
+A second use of backslash provides a way of encoding non-printing characters
+in patterns in a visible manner. There is no restriction on the appearance of
+non-printing characters, apart from the binary zero that terminates a pattern,
+but when a pattern is being prepared by text editing, it is usually easier to
+use one of the following escape sequences than the binary character it
+represents:
+</P>
+<P>
+<PRE>
+  \a     alarm, that is, the BEL character (hex 07)
+  \cx    "control-x", where x is any character
+  \e     escape (hex 1B)
+  \f     formfeed (hex 0C)
+  \n     newline (hex 0A)
+  \r     carriage return (hex 0D)
+  \t     tab (hex 09)
+  \xhh   character with hex code hh
+  \ddd   character with octal code ddd, or backreference
+</PRE>
+</P>
+<P>
+The precise effect of "\cx" is as follows: if "x" is a lower case letter, it
+is converted to upper case. Then bit 6 of the character (hex 40) is inverted.
+Thus "\cz" becomes hex 1A, but "\c{" becomes hex 3B, while "\c;" becomes hex
+7B.
+</P>
+<P>
+After "\x", up to two hexadecimal digits are read (letters can be in upper or
+lower case).
+</P>
+<P>
+After "\0" up to two further octal digits are read. In both cases, if there
+are fewer than two digits, just those that are present are used. Thus the
+sequence "\0\x\07" specifies two binary zeros followed by a BEL character.
+Make sure you supply two digits after the initial zero if the character that
+follows is itself an octal digit.
+</P>
+<P>
+The handling of a backslash followed by a digit other than 0 is complicated.
+Outside a character class, PCRE reads it and any following digits as a decimal
+number. If the number is less than 10, or if there have been at least that many
+previous capturing left parentheses in the expression, the entire sequence is
+taken as a <I>back reference</I>. A description of how this works is given
+later, following the discussion of parenthesized subpatterns.
+</P>
+<P>
+Inside a character class, or if the decimal number is greater than 9 and there
+have not been that many capturing subpatterns, PCRE re-reads up to three octal
+digits following the backslash, and generates a single byte from the least
+significant 8 bits of the value. Any subsequent digits stand for themselves.
+For example:
+</P>
+<P>
+<PRE>
+  \040   is another way of writing a space
+  \40    is the same, provided there are fewer than 40
+            previous capturing subpatterns
+  \7     is always a back reference
+  \11    might be a back reference, or another way of
+            writing a tab
+  \011   is always a tab
+  \0113  is a tab followed by the character "3"
+  \113   is the character with octal code 113 (since there
+            can be no more than 99 back references)
+  \377   is a byte consisting entirely of 1 bits
+  \81    is either a back reference, or a binary zero
+            followed by the two characters "8" and "1"
+</PRE>
+</P>
+<P>
+Note that octal values of 100 or greater must not be introduced by a leading
+zero, because no more than three octal digits are ever read.
+</P>
+<P>
+All the sequences that define a single byte value can be used both inside and
+outside character classes. In addition, inside a character class, the sequence
+"\b" is interpreted as the backspace character (hex 08). Outside a character
+class it has a different meaning (see below).
+</P>
+<P>
+The third use of backslash is for specifying generic character types:
+</P>
+<P>
+<PRE>
+  \d     any decimal digit
+  \D     any character that is not a decimal digit
+  \s     any whitespace character
+  \S     any character that is not a whitespace character
+  \w     any "word" character
+  \W     any "non-word" character
+</PRE>
+</P>
+<P>
+Each pair of escape sequences partitions the complete set of characters into
+two disjoint sets. Any given character matches one, and only one, of each pair.
+</P>
+<P>
+A "word" character is any letter or digit or the underscore character, that is,
+any character which can be part of a Perl "word". The definition of letters and
+digits is controlled by PCRE's character tables, and may vary if locale-
+specific matching is taking place (see "Locale support" above). For example, in
+the "fr" (French) locale, some character codes greater than 128 are used for
+accented letters, and these are matched by \w.
+</P>
+<P>
+These character type sequences can appear both inside and outside character
+classes. They each match one character of the appropriate type. If the current
+matching point is at the end of the subject string, all of them fail, since
+there is no character to match.
+</P>
+<P>
+The fourth use of backslash is for certain simple assertions. An assertion
+specifies a condition that has to be met at a particular point in a match,
+without consuming any characters from the subject string. The use of
+subpatterns for more complicated assertions is described below. The backslashed
+assertions are
+</P>
+<P>
+<PRE>
+  \b     word boundary
+  \B     not a word boundary
+  \A     start of subject (independent of multiline mode)
+  \Z     end of subject or newline at end (independent of multiline mode)
+  \z     end of subject (independent of multiline mode)
+</PRE>
+</P>
+<P>
+These assertions may not appear in character classes (but note that "\b" has a
+different meaning, namely the backspace character, inside a character class).
+</P>
+<P>
+A word boundary is a position in the subject string where the current character
+and the previous character do not both match \w or \W (i.e. one matches
+\w and the other matches \W), or the start or end of the string if the
+first or last character matches \w, respectively.
+</P>
+<P>
+The \A, \Z, and \z assertions differ from the traditional circumflex and
+dollar (described below) in that they only ever match at the very start and end
+of the subject string, whatever options are set. They are not affected by the
+PCRE_NOTBOL or PCRE_NOTEOL options. If the <I>startoffset</I> argument of
+<B>pcre_exec()</B> is non-zero, \A can never match. The difference between \Z
+and \z is that \Z matches before a newline that is the last character of the
+string as well as at the end of the string, whereas \z matches only at the
+end.
+</P>
+<LI><A NAME="SEC15" HREF="#TOC1">CIRCUMFLEX AND DOLLAR</A>
+<P>
+Outside a character class, in the default matching mode, the circumflex
+character is an assertion which is true only if the current matching point is
+at the start of the subject string. If the <I>startoffset</I> argument of
+<B>pcre_exec()</B> is non-zero, circumflex can never match. Inside a character
+class, circumflex has an entirely different meaning (see below).
+</P>
+<P>
+Circumflex need not be the first character of the pattern if a number of
+alternatives are involved, but it should be the first thing in each alternative
+in which it appears if the pattern is ever to match that branch. If all
+possible alternatives start with a circumflex, that is, if the pattern is
+constrained to match only at the start of the subject, it is said to be an
+"anchored" pattern. (There are also other constructs that can cause a pattern
+to be anchored.)
+</P>
+<P>
+A dollar character is an assertion which is true only if the current matching
+point is at the end of the subject string, or immediately before a newline
+character that is the last character in the string (by default). Dollar need
+not be the last character of the pattern if a number of alternatives are
+involved, but it should be the last item in any branch in which it appears.
+Dollar has no special meaning in a character class.
+</P>
+<P>
+The meaning of dollar can be changed so that it matches only at the very end of
+the string, by setting the PCRE_DOLLAR_ENDONLY option at compile or matching
+time. This does not affect the \Z assertion.
+</P>
+<P>
+The meanings of the circumflex and dollar characters are changed if the
+PCRE_MULTILINE option is set. When this is the case, they match immediately
+after and immediately before an internal "\n" character, respectively, in
+addition to matching at the start and end of the subject string. For example,
+the pattern /^abc$/ matches the subject string "def\nabc" in multiline mode,
+but not otherwise. Consequently, patterns that are anchored in single line mode
+because all branches start with "^" are not anchored in multiline mode, and a
+match for circumflex is possible when the <I>startoffset</I> argument of
+<B>pcre_exec()</B> is non-zero. The PCRE_DOLLAR_ENDONLY option is ignored if
+PCRE_MULTILINE is set.
+</P>
+<P>
+Note that the sequences \A, \Z, and \z can be used to match the start and
+end of the subject in both modes, and if all branches of a pattern start with
+\A is it always anchored, whether PCRE_MULTILINE is set or not.
+</P>
+<LI><A NAME="SEC16" HREF="#TOC1">FULL STOP (PERIOD, DOT)</A>
+<P>
+Outside a character class, a dot in the pattern matches any one character in
+the subject, including a non-printing character, but not (by default) newline.
+If the PCRE_DOTALL option is set, dots match newlines as well. The handling of
+dot is entirely independent of the handling of circumflex and dollar, the only
+relationship being that they both involve newline characters. Dot has no
+special meaning in a character class.
+</P>
+<LI><A NAME="SEC17" HREF="#TOC1">SQUARE BRACKETS</A>
+<P>
+An opening square bracket introduces a character class, terminated by a closing
+square bracket. A closing square bracket on its own is not special. If a
+closing square bracket is required as a member of the class, it should be the
+first data character in the class (after an initial circumflex, if present) or
+escaped with a backslash.
+</P>
+<P>
+A character class matches a single character in the subject; the character must
+be in the set of characters defined by the class, unless the first character in
+the class is a circumflex, in which case the subject character must not be in
+the set defined by the class. If a circumflex is actually required as a member
+of the class, ensure it is not the first character, or escape it with a
+backslash.
+</P>
+<P>
+For example, the character class [aeiou] matches any lower case vowel, while
+[^aeiou] matches any character that is not a lower case vowel. Note that a
+circumflex is just a convenient notation for specifying the characters which
+are in the class by enumerating those that are not. It is not an assertion: it
+still consumes a character from the subject string, and fails if the current
+pointer is at the end of the string.
+</P>
+<P>
+When caseless matching is set, any letters in a class represent both their
+upper case and lower case versions, so for example, a caseless [aeiou] matches
+"A" as well as "a", and a caseless [^aeiou] does not match "A", whereas a
+caseful version would.
+</P>
+<P>
+The newline character is never treated in any special way in character classes,
+whatever the setting of the PCRE_DOTALL or PCRE_MULTILINE options is. A class
+such as [^a] will always match a newline.
+</P>
+<P>
+The minus (hyphen) character can be used to specify a range of characters in a
+character class. For example, [d-m] matches any letter between d and m,
+inclusive. If a minus character is required in a class, it must be escaped with
+a backslash or appear in a position where it cannot be interpreted as
+indicating a range, typically as the first or last character in the class.
+</P>
+<P>
+It is not possible to have the literal character "]" as the end character of a
+range. A pattern such as [W-]46] is interpreted as a class of two characters
+("W" and "-") followed by a literal string "46]", so it would match "W46]" or
+"-46]". However, if the "]" is escaped with a backslash it is interpreted as
+the end of range, so [W-\]46] is interpreted as a single class containing a
+range followed by two separate characters. The octal or hexadecimal
+representation of "]" can also be used to end a range.
+</P>
+<P>
+Ranges operate in ASCII collating sequence. They can also be used for
+characters specified numerically, for example [\000-\037]. If a range that
+includes letters is used when caseless matching is set, it matches the letters
+in either case. For example, [W-c] is equivalent to [][\^_`wxyzabc], matched
+caselessly, and if character tables for the "fr" locale are in use,
+[\xc8-\xcb] matches accented E characters in both cases.
+</P>
+<P>
+The character types \d, \D, \s, \S, \w, and \W may also appear in a
+character class, and add the characters that they match to the class. For
+example, [\dABCDEF] matches any hexadecimal digit. A circumflex can
+conveniently be used with the upper case character types to specify a more
+restricted set of characters than the matching lower case type. For example,
+the class [^\W_] matches any letter or digit, but not underscore.
+</P>
+<P>
+All non-alphameric characters other than \, -, ^ (at the start) and the
+terminating ] are non-special in character classes, but it does no harm if they
+are escaped.
+</P>
+<LI><A NAME="SEC18" HREF="#TOC1">POSIX CHARACTER CLASSES</A>
+<P>
+Perl 5.6 (not yet released at the time of writing) is going to support the
+POSIX notation for character classes, which uses names enclosed by [: and :]
+within the enclosing square brackets. PCRE supports this notation. For example,
+</P>
+<P>
+<PRE>
+  [01[:alpha:]%]
+</PRE>
+</P>
+<P>
+matches "0", "1", any alphabetic character, or "%". The supported class names
+are
+</P>
+<P>
+<PRE>
+  alnum    letters and digits
+  alpha    letters
+  ascii    character codes 0 - 127
+  cntrl    control characters
+  digit    decimal digits (same as \d)
+  graph    printing characters, excluding space
+  lower    lower case letters
+  print    printing characters, including space
+  punct    printing characters, excluding letters and digits
+  space    white space (same as \s)
+  upper    upper case letters
+  word     "word" characters (same as \w)
+  xdigit   hexadecimal digits
+</PRE>
+</P>
+<P>
+The names "ascii" and "word" are Perl extensions. Another Perl extension is
+negation, which is indicated by a ^ character after the colon. For example,
+</P>
+<P>
+<PRE>
+  [12[:^digit:]]
+</PRE>
+</P>
+<P>
+matches "1", "2", or any non-digit. PCRE (and Perl) also recogize the POSIX
+syntax [.ch.] and [=ch=] where "ch" is a "collating element", but these are not
+supported, and an error is given if they are encountered.
+</P>
+<LI><A NAME="SEC19" HREF="#TOC1">VERTICAL BAR</A>
+<P>
+Vertical bar characters are used to separate alternative patterns. For example,
+the pattern
+</P>
+<P>
+<PRE>
+  gilbert|sullivan
+</PRE>
+</P>
+<P>
+matches either "gilbert" or "sullivan". Any number of alternatives may appear,
+and an empty alternative is permitted (matching the empty string).
+The matching process tries each alternative in turn, from left to right,
+and the first one that succeeds is used. If the alternatives are within a
+subpattern (defined below), "succeeds" means matching the rest of the main
+pattern as well as the alternative in the subpattern.
+</P>
+<LI><A NAME="SEC20" HREF="#TOC1">INTERNAL OPTION SETTING</A>
+<P>
+The settings of PCRE_CASELESS, PCRE_MULTILINE, PCRE_DOTALL, and PCRE_EXTENDED
+can be changed from within the pattern by a sequence of Perl option letters
+enclosed between "(?" and ")". The option letters are
+</P>
+<P>
+<PRE>
+  i  for PCRE_CASELESS
+  m  for PCRE_MULTILINE
+  s  for PCRE_DOTALL
+  x  for PCRE_EXTENDED
+</PRE>
+</P>
+<P>
+For example, (?im) sets caseless, multiline matching. It is also possible to
+unset these options by preceding the letter with a hyphen, and a combined
+setting and unsetting such as (?im-sx), which sets PCRE_CASELESS and
+PCRE_MULTILINE while unsetting PCRE_DOTALL and PCRE_EXTENDED, is also
+permitted. If a letter appears both before and after the hyphen, the option is
+unset.
+</P>
+<P>
+The scope of these option changes depends on where in the pattern the setting
+occurs. For settings that are outside any subpattern (defined below), the
+effect is the same as if the options were set or unset at the start of
+matching. The following patterns all behave in exactly the same way:
+</P>
+<P>
+<PRE>
+  (?i)abc
+  a(?i)bc
+  ab(?i)c
+  abc(?i)
+</PRE>
+</P>
+<P>
+which in turn is the same as compiling the pattern abc with PCRE_CASELESS set.
+In other words, such "top level" settings apply to the whole pattern (unless
+there are other changes inside subpatterns). If there is more than one setting
+of the same option at top level, the rightmost setting is used.
+</P>
+<P>
+If an option change occurs inside a subpattern, the effect is different. This
+is a change of behaviour in Perl 5.005. An option change inside a subpattern
+affects only that part of the subpattern that follows it, so
+</P>
+<P>
+<PRE>
+  (a(?i)b)c
+</PRE>
+</P>
+<P>
+matches abc and aBc and no other strings (assuming PCRE_CASELESS is not used).
+By this means, options can be made to have different settings in different
+parts of the pattern. Any changes made in one alternative do carry on
+into subsequent branches within the same subpattern. For example,
+</P>
+<P>
+<PRE>
+  (a(?i)b|c)
+</PRE>
+</P>
+<P>
+matches "ab", "aB", "c", and "C", even though when matching "C" the first
+branch is abandoned before the option setting. This is because the effects of
+option settings happen at compile time. There would be some very weird
+behaviour otherwise.
+</P>
+<P>
+The PCRE-specific options PCRE_UNGREEDY and PCRE_EXTRA can be changed in the
+same way as the Perl-compatible options by using the characters U and X
+respectively. The (?X) flag setting is special in that it must always occur
+earlier in the pattern than any of the additional features it turns on, even
+when it is at top level. It is best put at the start.
+</P>
+<LI><A NAME="SEC21" HREF="#TOC1">SUBPATTERNS</A>
+<P>
+Subpatterns are delimited by parentheses (round brackets), which can be nested.
+Marking part of a pattern as a subpattern does two things:
+</P>
+<P>
+1. It localizes a set of alternatives. For example, the pattern
+</P>
+<P>
+<PRE>
+  cat(aract|erpillar|)
+</PRE>
+</P>
+<P>
+matches one of the words "cat", "cataract", or "caterpillar". Without the
+parentheses, it would match "cataract", "erpillar" or the empty string.
+</P>
+<P>
+2. It sets up the subpattern as a capturing subpattern (as defined above).
+When the whole pattern matches, that portion of the subject string that matched
+the subpattern is passed back to the caller via the <I>ovector</I> argument of
+<B>pcre_exec()</B>. Opening parentheses are counted from left to right (starting
+from 1) to obtain the numbers of the capturing subpatterns.
+</P>
+<P>
+For example, if the string "the red king" is matched against the pattern
+</P>
+<P>
+<PRE>
+  the ((red|white) (king|queen))
+</PRE>
+</P>
+<P>
+the captured substrings are "red king", "red", and "king", and are numbered 1,
+2, and 3.
+</P>
+<P>
+The fact that plain parentheses fulfil two functions is not always helpful.
+There are often times when a grouping subpattern is required without a
+capturing requirement. If an opening parenthesis is followed by "?:", the
+subpattern does not do any capturing, and is not counted when computing the
+number of any subsequent capturing subpatterns. For example, if the string "the
+white queen" is matched against the pattern
+</P>
+<P>
+<PRE>
+  the ((?:red|white) (king|queen))
+</PRE>
+</P>
+<P>
+the captured substrings are "white queen" and "queen", and are numbered 1 and
+2. The maximum number of captured substrings is 99, and the maximum number of
+all subpatterns, both capturing and non-capturing, is 200.
+</P>
+<P>
+As a convenient shorthand, if any option settings are required at the start of
+a non-capturing subpattern, the option letters may appear between the "?" and
+the ":". Thus the two patterns
+</P>
+<P>
+<PRE>
+  (?i:saturday|sunday)
+  (?:(?i)saturday|sunday)
+</PRE>
+</P>
+<P>
+match exactly the same set of strings. Because alternative branches are tried
+from left to right, and options are not reset until the end of the subpattern
+is reached, an option setting in one branch does affect subsequent branches, so
+the above patterns match "SUNDAY" as well as "Saturday".
+</P>
+<LI><A NAME="SEC22" HREF="#TOC1">REPETITION</A>
+<P>
+Repetition is specified by quantifiers, which can follow any of the following
+items:
+</P>
+<P>
+<PRE>
+  a single character, possibly escaped
+  the . metacharacter
+  a character class
+  a back reference (see next section)
+  a parenthesized subpattern (unless it is an assertion - see below)
+</PRE>
+</P>
+<P>
+The general repetition quantifier specifies a minimum and maximum number of
+permitted matches, by giving the two numbers in curly brackets (braces),
+separated by a comma. The numbers must be less than 65536, and the first must
+be less than or equal to the second. For example:
+</P>
+<P>
+<PRE>
+  z{2,4}
+</PRE>
+</P>
+<P>
+matches "zz", "zzz", or "zzzz". A closing brace on its own is not a special
+character. If the second number is omitted, but the comma is present, there is
+no upper limit; if the second number and the comma are both omitted, the
+quantifier specifies an exact number of required matches. Thus
+</P>
+<P>
+<PRE>
+  [aeiou]{3,}
+</PRE>
+</P>
+<P>
+matches at least 3 successive vowels, but may match many more, while
+</P>
+<P>
+<PRE>
+  \d{8}
+</PRE>
+</P>
+<P>
+matches exactly 8 digits. An opening curly bracket that appears in a position
+where a quantifier is not allowed, or one that does not match the syntax of a
+quantifier, is taken as a literal character. For example, {,6} is not a
+quantifier, but a literal string of four characters.
+</P>
+<P>
+The quantifier {0} is permitted, causing the expression to behave as if the
+previous item and the quantifier were not present.
+</P>
+<P>
+For convenience (and historical compatibility) the three most common
+quantifiers have single-character abbreviations:
+</P>
+<P>
+<PRE>
+  *    is equivalent to {0,}
+  +    is equivalent to {1,}
+  ?    is equivalent to {0,1}
+</PRE>
+</P>
+<P>
+It is possible to construct infinite loops by following a subpattern that can
+match no characters with a quantifier that has no upper limit, for example:
+</P>
+<P>
+<PRE>
+  (a?)*
+</PRE>
+</P>
+<P>
+Earlier versions of Perl and PCRE used to give an error at compile time for
+such patterns. However, because there are cases where this can be useful, such
+patterns are now accepted, but if any repetition of the subpattern does in fact
+match no characters, the loop is forcibly broken.
+</P>
+<P>
+By default, the quantifiers are "greedy", that is, they match as much as
+possible (up to the maximum number of permitted times), without causing the
+rest of the pattern to fail. The classic example of where this gives problems
+is in trying to match comments in C programs. These appear between the
+sequences /* and */ and within the sequence, individual * and / characters may
+appear. An attempt to match C comments by applying the pattern
+</P>
+<P>
+<PRE>
+  /\*.*\*/
+</PRE>
+</P>
+<P>
+to the string
+</P>
+<P>
+<PRE>
+  /* first command */  not comment  /* second comment */
+</PRE>
+</P>
+<P>
+fails, because it matches the entire string owing to the greediness of the .*
+item.
+</P>
+<P>
+However, if a quantifier is followed by a question mark, it ceases to be
+greedy, and instead matches the minimum number of times possible, so the
+pattern
+</P>
+<P>
+<PRE>
+  /\*.*?\*/
+</PRE>
+</P>
+<P>
+does the right thing with the C comments. The meaning of the various
+quantifiers is not otherwise changed, just the preferred number of matches.
+Do not confuse this use of question mark with its use as a quantifier in its
+own right. Because it has two uses, it can sometimes appear doubled, as in
+</P>
+<P>
+<PRE>
+  \d??\d
+</PRE>
+</P>
+<P>
+which matches one digit by preference, but can match two if that is the only
+way the rest of the pattern matches.
+</P>
+<P>
+If the PCRE_UNGREEDY option is set (an option which is not available in Perl),
+the quantifiers are not greedy by default, but individual ones can be made
+greedy by following them with a question mark. In other words, it inverts the
+default behaviour.
+</P>
+<P>
+When a parenthesized subpattern is quantified with a minimum repeat count that
+is greater than 1 or with a limited maximum, more store is required for the
+compiled pattern, in proportion to the size of the minimum or maximum.
+</P>
+<P>
+If a pattern starts with .* or .{0,} and the PCRE_DOTALL option (equivalent
+to Perl's /s) is set, thus allowing the . to match newlines, the pattern is
+implicitly anchored, because whatever follows will be tried against every
+character position in the subject string, so there is no point in retrying the
+overall match at any position after the first. PCRE treats such a pattern as
+though it were preceded by \A. In cases where it is known that the subject
+string contains no newlines, it is worth setting PCRE_DOTALL when the pattern
+begins with .* in order to obtain this optimization, or alternatively using ^
+to indicate anchoring explicitly.
+</P>
+<P>
+When a capturing subpattern is repeated, the value captured is the substring
+that matched the final iteration. For example, after
+</P>
+<P>
+<PRE>
+  (tweedle[dume]{3}\s*)+
+</PRE>
+</P>
+<P>
+has matched "tweedledum tweedledee" the value of the captured substring is
+"tweedledee". However, if there are nested capturing subpatterns, the
+corresponding captured values may have been set in previous iterations. For
+example, after
+</P>
+<P>
+<PRE>
+  /(a|(b))+/
+</PRE>
+</P>
+<P>
+matches "aba" the value of the second captured substring is "b".
+</P>
+<LI><A NAME="SEC23" HREF="#TOC1">BACK REFERENCES</A>
+<P>
+Outside a character class, a backslash followed by a digit greater than 0 (and
+possibly further digits) is a back reference to a capturing subpattern earlier
+(i.e. to its left) in the pattern, provided there have been that many previous
+capturing left parentheses.
+</P>
+<P>
+However, if the decimal number following the backslash is less than 10, it is
+always taken as a back reference, and causes an error only if there are not
+that many capturing left parentheses in the entire pattern. In other words, the
+parentheses that are referenced need not be to the left of the reference for
+numbers less than 10. See the section entitled "Backslash" above for further
+details of the handling of digits following a backslash.
+</P>
+<P>
+A back reference matches whatever actually matched the capturing subpattern in
+the current subject string, rather than anything matching the subpattern
+itself. So the pattern
+</P>
+<P>
+<PRE>
+  (sens|respons)e and \1ibility
+</PRE>
+</P>
+<P>
+matches "sense and sensibility" and "response and responsibility", but not
+"sense and responsibility". If caseful matching is in force at the time of the
+back reference, the case of letters is relevant. For example,
+</P>
+<P>
+<PRE>
+  ((?i)rah)\s+\1
+</PRE>
+</P>
+<P>
+matches "rah rah" and "RAH RAH", but not "RAH rah", even though the original
+capturing subpattern is matched caselessly.
+</P>
+<P>
+There may be more than one back reference to the same subpattern. If a
+subpattern has not actually been used in a particular match, any back
+references to it always fail. For example, the pattern
+</P>
+<P>
+<PRE>
+  (a|(bc))\2
+</PRE>
+</P>
+<P>
+always fails if it starts to match "a" rather than "bc". Because there may be
+up to 99 back references, all digits following the backslash are taken
+as part of a potential back reference number. If the pattern continues with a
+digit character, some delimiter must be used to terminate the back reference.
+If the PCRE_EXTENDED option is set, this can be whitespace. Otherwise an empty
+comment can be used.
+</P>
+<P>
+A back reference that occurs inside the parentheses to which it refers fails
+when the subpattern is first used, so, for example, (a\1) never matches.
+However, such references can be useful inside repeated subpatterns. For
+example, the pattern
+</P>
+<P>
+<PRE>
+  (a|b\1)+
+</PRE>
+</P>
+<P>
+matches any number of "a"s and also "aba", "ababbaa" etc. At each iteration of
+the subpattern, the back reference matches the character string corresponding
+to the previous iteration. In order for this to work, the pattern must be such
+that the first iteration does not need to match the back reference. This can be
+done using alternation, as in the example above, or by a quantifier with a
+minimum of zero.
+</P>
+<LI><A NAME="SEC24" HREF="#TOC1">ASSERTIONS</A>
+<P>
+An assertion is a test on the characters following or preceding the current
+matching point that does not actually consume any characters. The simple
+assertions coded as \b, \B, \A, \Z, \z, ^ and $ are described above. More
+complicated assertions are coded as subpatterns. There are two kinds: those
+that look ahead of the current position in the subject string, and those that
+look behind it.
+</P>
+<P>
+An assertion subpattern is matched in the normal way, except that it does not
+cause the current matching position to be changed. Lookahead assertions start
+with (?= for positive assertions and (?! for negative assertions. For example,
+</P>
+<P>
+<PRE>
+  \w+(?=;)
+</PRE>
+</P>
+<P>
+matches a word followed by a semicolon, but does not include the semicolon in
+the match, and
+</P>
+<P>
+<PRE>
+  foo(?!bar)
+</PRE>
+</P>
+<P>
+matches any occurrence of "foo" that is not followed by "bar". Note that the
+apparently similar pattern
+</P>
+<P>
+<PRE>
+  (?!foo)bar
+</PRE>
+</P>
+<P>
+does not find an occurrence of "bar" that is preceded by something other than
+"foo"; it finds any occurrence of "bar" whatsoever, because the assertion
+(?!foo) is always true when the next three characters are "bar". A
+lookbehind assertion is needed to achieve this effect.
+</P>
+<P>
+Lookbehind assertions start with (?<= for positive assertions and (?<! for
+negative assertions. For example,
+</P>
+<P>
+<PRE>
+  (?<!foo)bar
+</PRE>
+</P>
+<P>
+does find an occurrence of "bar" that is not preceded by "foo". The contents of
+a lookbehind assertion are restricted such that all the strings it matches must
+have a fixed length. However, if there are several alternatives, they do not
+all have to have the same fixed length. Thus
+</P>
+<P>
+<PRE>
+  (?<=bullock|donkey)
+</PRE>
+</P>
+<P>
+is permitted, but
+</P>
+<P>
+<PRE>
+  (?<!dogs?|cats?)
+</PRE>
+</P>
+<P>
+causes an error at compile time. Branches that match different length strings
+are permitted only at the top level of a lookbehind assertion. This is an
+extension compared with Perl 5.005, which requires all branches to match the
+same length of string. An assertion such as
+</P>
+<P>
+<PRE>
+  (?<=ab(c|de))
+</PRE>
+</P>
+<P>
+is not permitted, because its single top-level branch can match two different
+lengths, but it is acceptable if rewritten to use two top-level branches:
+</P>
+<P>
+<PRE>
+  (?<=abc|abde)
+</PRE>
+</P>
+<P>
+The implementation of lookbehind assertions is, for each alternative, to
+temporarily move the current position back by the fixed width and then try to
+match. If there are insufficient characters before the current position, the
+match is deemed to fail. Lookbehinds in conjunction with once-only subpatterns
+can be particularly useful for matching at the ends of strings; an example is
+given at the end of the section on once-only subpatterns.
+</P>
+<P>
+Several assertions (of any sort) may occur in succession. For example,
+</P>
+<P>
+<PRE>
+  (?<=\d{3})(?<!999)foo
+</PRE>
+</P>
+<P>
+matches "foo" preceded by three digits that are not "999". Notice that each of
+the assertions is applied independently at the same point in the subject
+string. First there is a check that the previous three characters are all
+digits, and then there is a check that the same three characters are not "999".
+This pattern does <I>not</I> match "foo" preceded by six characters, the first
+of which are digits and the last three of which are not "999". For example, it
+doesn't match "123abcfoo". A pattern to do that is
+</P>
+<P>
+<PRE>
+  (?<=\d{3}...)(?<!999)foo
+</PRE>
+</P>
+<P>
+This time the first assertion looks at the preceding six characters, checking
+that the first three are digits, and then the second assertion checks that the
+preceding three characters are not "999".
+</P>
+<P>
+Assertions can be nested in any combination. For example,
+</P>
+<P>
+<PRE>
+  (?<=(?<!foo)bar)baz
+</PRE>
+</P>
+<P>
+matches an occurrence of "baz" that is preceded by "bar" which in turn is not
+preceded by "foo", while
+</P>
+<P>
+<PRE>
+  (?<=\d{3}(?!999)...)foo
+</PRE>
+</P>
+<P>
+is another pattern which matches "foo" preceded by three digits and any three
+characters that are not "999".
+</P>
+<P>
+Assertion subpatterns are not capturing subpatterns, and may not be repeated,
+because it makes no sense to assert the same thing several times. If any kind
+of assertion contains capturing subpatterns within it, these are counted for
+the purposes of numbering the capturing subpatterns in the whole pattern.
+However, substring capturing is carried out only for positive assertions,
+because it does not make sense for negative assertions.
+</P>
+<P>
+Assertions count towards the maximum of 200 parenthesized subpatterns.
+</P>
+<LI><A NAME="SEC25" HREF="#TOC1">ONCE-ONLY SUBPATTERNS</A>
+<P>
+With both maximizing and minimizing repetition, failure of what follows
+normally causes the repeated item to be re-evaluated to see if a different
+number of repeats allows the rest of the pattern to match. Sometimes it is
+useful to prevent this, either to change the nature of the match, or to cause
+it fail earlier than it otherwise might, when the author of the pattern knows
+there is no point in carrying on.
+</P>
+<P>
+Consider, for example, the pattern \d+foo when applied to the subject line
+</P>
+<P>
+<PRE>
+  123456bar
+</PRE>
+</P>
+<P>
+After matching all 6 digits and then failing to match "foo", the normal
+action of the matcher is to try again with only 5 digits matching the \d+
+item, and then with 4, and so on, before ultimately failing. Once-only
+subpatterns provide the means for specifying that once a portion of the pattern
+has matched, it is not to be re-evaluated in this way, so the matcher would
+give up immediately on failing to match "foo" the first time. The notation is
+another kind of special parenthesis, starting with (?> as in this example:
+</P>
+<P>
+<PRE>
+  (?>\d+)bar
+</PRE>
+</P>
+<P>
+This kind of parenthesis "locks up" the  part of the pattern it contains once
+it has matched, and a failure further into the pattern is prevented from
+backtracking into it. Backtracking past it to previous items, however, works as
+normal.
+</P>
+<P>
+An alternative description is that a subpattern of this type matches the string
+of characters that an identical standalone pattern would match, if anchored at
+the current point in the subject string.
+</P>
+<P>
+Once-only subpatterns are not capturing subpatterns. Simple cases such as the
+above example can be thought of as a maximizing repeat that must swallow
+everything it can. So, while both \d+ and \d+? are prepared to adjust the
+number of digits they match in order to make the rest of the pattern match,
+(?>\d+) can only match an entire sequence of digits.
+</P>
+<P>
+This construction can of course contain arbitrarily complicated subpatterns,
+and it can be nested.
+</P>
+<P>
+Once-only subpatterns can be used in conjunction with lookbehind assertions to
+specify efficient matching at the end of the subject string. Consider a simple
+pattern such as
+</P>
+<P>
+<PRE>
+  abcd$
+</PRE>
+</P>
+<P>
+when applied to a long string which does not match. Because matching proceeds
+from left to right, PCRE will look for each "a" in the subject and then see if
+what follows matches the rest of the pattern. If the pattern is specified as
+</P>
+<P>
+<PRE>
+  ^.*abcd$
+</PRE>
+</P>
+<P>
+the initial .* matches the entire string at first, but when this fails (because
+there is no following "a"), it backtracks to match all but the last character,
+then all but the last two characters, and so on. Once again the search for "a"
+covers the entire string, from right to left, so we are no better off. However,
+if the pattern is written as
+</P>
+<P>
+<PRE>
+  ^(?>.*)(?<=abcd)
+</PRE>
+</P>
+<P>
+there can be no backtracking for the .* item; it can match only the entire
+string. The subsequent lookbehind assertion does a single test on the last four
+characters. If it fails, the match fails immediately. For long strings, this
+approach makes a significant difference to the processing time.
+</P>
+<P>
+When a pattern contains an unlimited repeat inside a subpattern that can itself
+be repeated an unlimited number of times, the use of a once-only subpattern is
+the only way to avoid some failing matches taking a very long time indeed.
+The pattern
+</P>
+<P>
+<PRE>
+  (\D+|<\d+>)*[!?]
+</PRE>
+</P>
+<P>
+matches an unlimited number of substrings that either consist of non-digits, or
+digits enclosed in <>, followed by either ! or ?. When it matches, it runs
+quickly. However, if it is applied to
+</P>
+<P>
+<PRE>
+  aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+</PRE>
+</P>
+<P>
+it takes a long time before reporting failure. This is because the string can
+be divided between the two repeats in a large number of ways, and all have to
+be tried. (The example used [!?] rather than a single character at the end,
+because both PCRE and Perl have an optimization that allows for fast failure
+when a single character is used. They remember the last single character that
+is required for a match, and fail early if it is not present in the string.)
+If the pattern is changed to
+</P>
+<P>
+<PRE>
+  ((?>\D+)|<\d+>)*[!?]
+</PRE>
+</P>
+<P>
+sequences of non-digits cannot be broken, and failure happens quickly.
+</P>
+<LI><A NAME="SEC26" HREF="#TOC1">CONDITIONAL SUBPATTERNS</A>
+<P>
+It is possible to cause the matching process to obey a subpattern
+conditionally or to choose between two alternative subpatterns, depending on
+the result of an assertion, or whether a previous capturing subpattern matched
+or not. The two possible forms of conditional subpattern are
+</P>
+<P>
+<PRE>
+  (?(condition)yes-pattern)
+  (?(condition)yes-pattern|no-pattern)
+</PRE>
+</P>
+<P>
+If the condition is satisfied, the yes-pattern is used; otherwise the
+no-pattern (if present) is used. If there are more than two alternatives in the
+subpattern, a compile-time error occurs.
+</P>
+<P>
+There are two kinds of condition. If the text between the parentheses consists
+of a sequence of digits, the condition is satisfied if the capturing subpattern
+of that number has previously matched. The number must be greater than zero.
+Consider the following pattern, which contains non-significant white space to
+make it more readable (assume the PCRE_EXTENDED option) and to divide it into
+three parts for ease of discussion:
+</P>
+<P>
+<PRE>
+  ( \( )?    [^()]+    (?(1) \) )
+</PRE>
+</P>
+<P>
+The first part matches an optional opening parenthesis, and if that
+character is present, sets it as the first captured substring. The second part
+matches one or more characters that are not parentheses. The third part is a
+conditional subpattern that tests whether the first set of parentheses matched
+or not. If they did, that is, if subject started with an opening parenthesis,
+the condition is true, and so the yes-pattern is executed and a closing
+parenthesis is required. Otherwise, since no-pattern is not present, the
+subpattern matches nothing. In other words, this pattern matches a sequence of
+non-parentheses, optionally enclosed in parentheses.
+</P>
+<P>
+If the condition is not a sequence of digits, it must be an assertion. This may
+be a positive or negative lookahead or lookbehind assertion. Consider this
+pattern, again containing non-significant white space, and with the two
+alternatives on the second line:
+</P>
+<P>
+<PRE>
+  (?(?=[^a-z]*[a-z])
+  \d{2}-[a-z]{3}-\d{2}  |  \d{2}-\d{2}-\d{2} )
+</PRE>
+</P>
+<P>
+The condition is a positive lookahead assertion that matches an optional
+sequence of non-letters followed by a letter. In other words, it tests for the
+presence of at least one letter in the subject. If a letter is found, the
+subject is matched against the first alternative; otherwise it is matched
+against the second. This pattern matches strings in one of the two forms
+dd-aaa-dd or dd-dd-dd, where aaa are letters and dd are digits.
+</P>
+<LI><A NAME="SEC27" HREF="#TOC1">COMMENTS</A>
+<P>
+The sequence (?# marks the start of a comment which continues up to the next
+closing parenthesis. Nested parentheses are not permitted. The characters
+that make up a comment play no part in the pattern matching at all.
+</P>
+<P>
+If the PCRE_EXTENDED option is set, an unescaped # character outside a
+character class introduces a comment that continues up to the next newline
+character in the pattern.
+</P>
+<LI><A NAME="SEC28" HREF="#TOC1">RECURSIVE PATTERNS</A>
+<P>
+Consider the problem of matching a string in parentheses, allowing for
+unlimited nested parentheses. Without the use of recursion, the best that can
+be done is to use a pattern that matches up to some fixed depth of nesting. It
+is not possible to handle an arbitrary nesting depth. Perl 5.6 has provided an
+experimental facility that allows regular expressions to recurse (amongst other
+things). It does this by interpolating Perl code in the expression at run time,
+and the code can refer to the expression itself. A Perl pattern to solve the
+parentheses problem can be created like this:
+</P>
+<P>
+<PRE>
+  $re = qr{\( (?: (?>[^()]+) | (?p{$re}) )* \)}x;
+</PRE>
+</P>
+<P>
+The (?p{...}) item interpolates Perl code at run time, and in this case refers
+recursively to the pattern in which it appears. Obviously, PCRE cannot support
+the interpolation of Perl code. Instead, the special item (?R) is provided for
+the specific case of recursion. This PCRE pattern solves the parentheses
+problem (assume the PCRE_EXTENDED option is set so that white space is
+ignored):
+</P>
+<P>
+<PRE>
+  \( ( (?>[^()]+) | (?R) )* \)
+</PRE>
+</P>
+<P>
+First it matches an opening parenthesis. Then it matches any number of
+substrings which can either be a sequence of non-parentheses, or a recursive
+match of the pattern itself (i.e. a correctly parenthesized substring). Finally
+there is a closing parenthesis.
+</P>
+<P>
+This particular example pattern contains nested unlimited repeats, and so the
+use of a once-only subpattern for matching strings of non-parentheses is
+important when applying the pattern to strings that do not match. For example,
+when it is applied to
+</P>
+<P>
+<PRE>
+  (aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa()
+</PRE>
+</P>
+<P>
+it yields "no match" quickly. However, if a once-only subpattern is not used,
+the match runs for a very long time indeed because there are so many different
+ways the + and * repeats can carve up the subject, and all have to be tested
+before failure can be reported.
+</P>
+<P>
+The values set for any capturing subpatterns are those from the outermost level
+of the recursion at which the subpattern value is set. If the pattern above is
+matched against
+</P>
+<P>
+<PRE>
+  (ab(cd)ef)
+</PRE>
+</P>
+<P>
+the value for the capturing parentheses is "ef", which is the last value taken
+on at the top level. If additional parentheses are added, giving
+</P>
+<P>
+<PRE>
+  \( ( ( (?>[^()]+) | (?R) )* ) \)
+     ^                        ^
+     ^                        ^
+</PRE>
+the string they capture is "ab(cd)ef", the contents of the top level
+parentheses. If there are more than 15 capturing parentheses in a pattern, PCRE
+has to obtain extra memory to store data during a recursion, which it does by
+using <B>pcre_malloc</B>, freeing it via <B>pcre_free</B> afterwards. If no
+memory can be obtained, it saves data for the first 15 capturing parentheses
+only, as there is no way to give an out-of-memory error from within a
+recursion.
+</P>
+<LI><A NAME="SEC29" HREF="#TOC1">PERFORMANCE</A>
+<P>
+Certain items that may appear in patterns are more efficient than others. It is
+more efficient to use a character class like [aeiou] than a set of alternatives
+such as (a|e|i|o|u). In general, the simplest construction that provides the
+required behaviour is usually the most efficient. Jeffrey Friedl's book
+contains a lot of discussion about optimizing regular expressions for efficient
+performance.
+</P>
+<P>
+When a pattern begins with .* and the PCRE_DOTALL option is set, the pattern is
+implicitly anchored by PCRE, since it can match only at the start of a subject
+string. However, if PCRE_DOTALL is not set, PCRE cannot make this optimization,
+because the . metacharacter does not then match a newline, and if the subject
+string contains newlines, the pattern may match from the character immediately
+following one of them instead of from the very start. For example, the pattern
+</P>
+<P>
+<PRE>
+  (.*) second
+</PRE>
+</P>
+<P>
+matches the subject "first\nand second" (where \n stands for a newline
+character) with the first captured substring being "and". In order to do this,
+PCRE has to retry the match starting after every newline in the subject.
+</P>
+<P>
+If you are using such a pattern with subject strings that do not contain
+newlines, the best performance is obtained by setting PCRE_DOTALL, or starting
+the pattern with ^.* to indicate explicit anchoring. That saves PCRE from
+having to scan along the subject looking for a newline to restart at.
+</P>
+<P>
+Beware of patterns that contain nested indefinite repeats. These can take a
+long time to run when applied to a string that does not match. Consider the
+pattern fragment
+</P>
+<P>
+<PRE>
+  (a+)*
+</PRE>
+</P>
+<P>
+This can match "aaaa" in 33 different ways, and this number increases very
+rapidly as the string gets longer. (The * repeat can match 0, 1, 2, 3, or 4
+times, and for each of those cases other than 0, the + repeats can match
+different numbers of times.) When the remainder of the pattern is such that the
+entire match is going to fail, PCRE has in principle to try every possible
+variation, and this can take an extremely long time.
+</P>
+<P>
+An optimization catches some of the more simple cases such as
+</P>
+<P>
+<PRE>
+  (a+)*b
+</PRE>
+</P>
+<P>
+where a literal character follows. Before embarking on the standard matching
+procedure, PCRE checks that there is a "b" later in the subject string, and if
+there is not, it fails the match immediately. However, when there is no
+following literal this optimization cannot be used. You can see the difference
+by comparing the behaviour of
+</P>
+<P>
+<PRE>
+  (a+)*\d
+</PRE>
+</P>
+<P>
+with the pattern above. The former gives a failure almost instantly when
+applied to a whole line of "a" characters, whereas the latter takes an
+appreciable time with strings longer than about 20 characters.
+</P>
+<LI><A NAME="SEC30" HREF="#TOC1">UTF-8 SUPPORT</A>
+<P>
+Starting at release 3.3, PCRE has some support for character strings encoded
+in the UTF-8 format. This is incomplete, and is regarded as experimental. In
+order to use it, you must configure PCRE to include UTF-8 support in the code,
+and, in addition, you must call <B>pcre_compile()</B> with the PCRE_UTF8 option
+flag. When you do this, both the pattern and any subject strings that are
+matched against it are treated as UTF-8 strings instead of just strings of
+bytes, but only in the cases that are mentioned below.
+</P>
+<P>
+If you compile PCRE with UTF-8 support, but do not use it at run time, the
+library will be a bit bigger, but the additional run time overhead is limited
+to testing the PCRE_UTF8 flag in several places, so should not be very large.
+</P>
+<P>
+PCRE assumes that the strings it is given contain valid UTF-8 codes. It does
+not diagnose invalid UTF-8 strings. If you pass invalid UTF-8 strings to PCRE,
+the results are undefined.
+</P>
+<P>
+Running with PCRE_UTF8 set causes these changes in the way PCRE works:
+</P>
+<P>
+1. In a pattern, the escape sequence \x{...}, where the contents of the braces
+is a string of hexadecimal digits, is interpreted as a UTF-8 character whose
+code number is the given hexadecimal number, for example: \x{1234}. This
+inserts from one to six literal bytes into the pattern, using the UTF-8
+encoding. If a non-hexadecimal digit appears between the braces, the item is
+not recognized.
+</P>
+<P>
+2. The original hexadecimal escape sequence, \xhh, generates a two-byte UTF-8
+character if its value is greater than 127.
+</P>
+<P>
+3. Repeat quantifiers are NOT correctly handled if they follow a multibyte
+character. For example, \x{100}* and \xc3+ do not work. If you want to
+repeat such characters, you must enclose them in non-capturing parentheses,
+for example (?:\x{100}), at present.
+</P>
+<P>
+4. The dot metacharacter matches one UTF-8 character instead of a single byte.
+</P>
+<P>
+5. Unlike literal UTF-8 characters, the dot metacharacter followed by a
+repeat quantifier does operate correctly on UTF-8 characters instead of
+single bytes.
+</P>
+<P>
+4. Although the \x{...} escape is permitted in a character class, characters
+whose values are greater than 255 cannot be included in a class.
+</P>
+<P>
+5. A class is matched against a UTF-8 character instead of just a single byte,
+but it can match only characters whose values are less than 256. Characters
+with greater values always fail to match a class.
+</P>
+<P>
+6. Repeated classes work correctly on multiple characters.
+</P>
+<P>
+7. Classes containing just a single character whose value is greater than 127
+(but less than 256), for example, [\x80] or [^\x{93}], do not work because
+these are optimized into single byte matches. In the first case, of course,
+the class brackets are just redundant.
+</P>
+<P>
+8. Lookbehind assertions move backwards in the subject by a fixed number of
+characters instead of a fixed number of bytes. Simple cases have been tested
+to work correctly, but there may be hidden gotchas herein.
+</P>
+<P>
+9. The character types such as \d and \w do not work correctly with UTF-8
+characters. They continue to test a single byte.
+</P>
+<P>
+10. Anything not explicitly mentioned here continues to work in bytes rather
+than in characters.
+</P>
+<P>
+The following UTF-8 features of Perl 5.6 are not implemented:
+</P>
+<P>
+1. The escape sequence \C to match a single byte.
+</P>
+<P>
+2. The use of Unicode tables and properties and escapes \p, \P, and \X.
+</P>
+<LI><A NAME="SEC31" HREF="#TOC1">AUTHOR</A>
+<P>
+Philip Hazel <ph10 at cam.ac.uk>
+<BR>
+University Computing Service,
+<BR>
+New Museums Site,
+<BR>
+Cambridge CB2 3QG, England.
+<BR>
+Phone: +44 1223 334714
+</P>
+<P>
+Last updated: 28 August 2000,
+<BR>
+<PRE>
+  the 250th anniversary of the death of J.S. Bach.
+<BR>
+</PRE>
+Copyright (c) 1997-2000 University of Cambridge.
diff --git a/external/privoxy/pcre/doc/pcre.txt b/external/privoxy/pcre/doc/pcre.txt
new file mode 100644
index 0000000..1db4b53
--- /dev/null
+++ b/external/privoxy/pcre/doc/pcre.txt
@@ -0,0 +1,2125 @@
+NAME
+     pcre - Perl-compatible regular expressions.
+
+
+
+SYNOPSIS
+     #include <pcre.h>
+
+     pcre *pcre_compile(const char *pattern, int options,
+          const char **errptr, int *erroffset,
+          const unsigned char *tableptr);
+
+     pcre_extra *pcre_study(const pcre *code, int options,
+          const char **errptr);
+
+     int pcre_exec(const pcre *code, const pcre_extra *extra,
+          const char *subject, int length, int startoffset,
+          int options, int *ovector, int ovecsize);
+
+     int pcre_copy_substring(const char *subject, int *ovector,
+          int stringcount, int stringnumber, char *buffer,
+          int buffersize);
+
+     int pcre_get_substring(const char *subject, int *ovector,
+          int stringcount, int stringnumber,
+          const char **stringptr);
+
+     int pcre_get_substring_list(const char *subject,
+          int *ovector, int stringcount, const char ***listptr);
+
+     void pcre_free_substring(const char *stringptr);
+
+     void pcre_free_substring_list(const char **stringptr);
+
+     const unsigned char *pcre_maketables(void);
+
+     int pcre_fullinfo(const pcre *code, const pcre_extra *extra,
+          int what, void *where);
+
+     int pcre_info(const pcre *code, int *optptr, *firstcharptr);
+
+     char *pcre_version(void);
+
+     void *(*pcre_malloc)(size_t);
+
+     void (*pcre_free)(void *);
+
+
+
+
+DESCRIPTION
+     The PCRE library is a set of functions that implement  regu-
+     lar  expression  pattern  matching using the same syntax and
+     semantics as Perl  5,  with  just  a  few  differences  (see
+
+     below).  The  current  implementation  corresponds  to  Perl
+     5.005, with some additional features  from  later  versions.
+     This  includes  some  experimental,  incomplete  support for
+     UTF-8 encoded strings. Details of exactly what is  and  what
+     is not supported are given below.
+
+     PCRE has its own native API,  which  is  described  in  this
+     document.  There  is  also  a  set of wrapper functions that
+     correspond to the POSIX regular expression API.   These  are
+     described in the pcreposix documentation.
+
+     The native API function prototypes are defined in the header
+     file  pcre.h,  and  on  Unix  systems  the library itself is
+     called libpcre.a, so can be accessed by adding -lpcre to the
+     command  for  linking  an  application  which  calls it. The
+     header file defines the macros PCRE_MAJOR and PCRE_MINOR  to
+     contain the major and minor release numbers for the library.
+     Applications can use these to include support for  different
+     releases.
+
+     The functions pcre_compile(), pcre_study(), and  pcre_exec()
+     are used for compiling and matching regular expressions.
+
+     The functions  pcre_copy_substring(),  pcre_get_substring(),
+     and  pcre_get_substring_list() are convenience functions for
+     extracting  captured  substrings  from  a  matched   subject
+     string; pcre_free_substring() and pcre_free_substring_list()
+     are also provided, to free the  memory  used  for  extracted
+     strings.
+
+     The function pcre_maketables() is used (optionally) to build
+     a  set of character tables in the current locale for passing
+     to pcre_compile().
+
+     The function pcre_fullinfo() is used to find out information
+     about a compiled pattern; pcre_info() is an obsolete version
+     which returns only some of the available information, but is
+     retained   for   backwards   compatibility.    The  function
+     pcre_version() returns a pointer to a string containing  the
+     version of PCRE and its date of release.
+
+     The global variables  pcre_malloc  and  pcre_free  initially
+     contain the entry points of the standard malloc() and free()
+     functions respectively. PCRE  calls  the  memory  management
+     functions  via  these  variables,  so  a calling program can
+     replace them if it  wishes  to  intercept  the  calls.  This
+     should be done before calling any PCRE functions.
+
+
+
+MULTI-THREADING
+     The  PCRE  functions  can   be   used   in   multi-threading
+
+
+
+
+
+SunOS 5.8                 Last change:                          2
+
+
+
+     applications,  with  the  proviso that the memory management
+     functions pointed to by pcre_malloc and pcre_free are shared
+     by all threads.
+
+     The compiled form of a regular  expression  is  not  altered
+     during  matching, so the same compiled pattern can safely be
+     used by several threads at once.
+
+
+
+COMPILING A PATTERN
+     The function pcre_compile() is called to compile  a  pattern
+     into  an internal form. The pattern is a C string terminated
+     by a binary zero, and is passed in the argument  pattern.  A
+     pointer  to  a  single  block of memory that is obtained via
+     pcre_malloc is returned. This contains the compiled code and
+     related data. The pcre type is defined for this for conveni-
+     ence, but in fact pcre is just a typedef for void, since the
+     contents  of  the block are not externally defined. It is up
+     to the caller to free  the  memory  when  it  is  no  longer
+     required.
+
+     The size of a compiled pattern is  roughly  proportional  to
+     the length of the pattern string, except that each character
+     class (other than those containing just a single  character,
+     negated  or  not)  requires 33 bytes, and repeat quantifiers
+     with a minimum greater than one or a bounded  maximum  cause
+     the  relevant  portions of the compiled pattern to be repli-
+     cated.
+
+     The options argument contains independent bits  that  affect
+     the  compilation.  It  should  be  zero  if  no  options are
+     required. Some of the options, in particular, those that are
+     compatible  with Perl, can also be set and unset from within
+     the pattern (see the detailed description of regular expres-
+     sions below). For these options, the contents of the options
+     argument specifies their initial settings at  the  start  of
+     compilation  and  execution. The PCRE_ANCHORED option can be
+     set at the time of matching as well as at compile time.
+
+     If errptr is NULL, pcre_compile() returns NULL  immediately.
+     Otherwise, if compilation of a pattern fails, pcre_compile()
+     returns NULL, and sets the variable pointed to by errptr  to
+     point  to a textual error message. The offset from the start
+     of  the  pattern  to  the  character  where  the  error  was
+     discovered   is   placed  in  the  variable  pointed  to  by
+     erroffset, which must not be NULL. If it  is,  an  immediate
+     error is given.
+
+     If the final  argument,  tableptr,  is  NULL,  PCRE  uses  a
+     default  set  of character tables which are built when it is
+     compiled, using the default C  locale.  Otherwise,  tableptr
+     must  be  the result of a call to pcre_maketables(). See the
+     section on locale support below.
+
+     The following option bits are defined in the header file:
+
+       PCRE_ANCHORED
+
+     If this bit is set, the pattern is forced to be  "anchored",
+     that is, it is constrained to match only at the start of the
+     string which is being searched (the "subject string").  This
+     effect can also be achieved by appropriate constructs in the
+     pattern itself, which is the only way to do it in Perl.
+
+       PCRE_CASELESS
+
+     If this bit is set, letters in the pattern match both  upper
+     and  lower  case  letters.  It  is  equivalent  to Perl's /i
+     option.
+
+       PCRE_DOLLAR_ENDONLY
+
+     If this bit is set, a dollar metacharacter  in  the  pattern
+     matches  only at the end of the subject string. Without this
+     option, a dollar also matches immediately before  the  final
+     character  if it is a newline (but not before any other new-
+     lines).  The  PCRE_DOLLAR_ENDONLY  option  is   ignored   if
+     PCRE_MULTILINE is set. There is no equivalent to this option
+     in Perl.
+
+       PCRE_DOTALL
+
+     If this bit is  set,  a  dot  metacharater  in  the  pattern
+     matches all characters, including newlines. Without it, new-
+     lines are excluded. This option is equivalent to  Perl's  /s
+     option.  A negative class such as [^a] always matches a new-
+     line character, independent of the setting of this option.
+
+       PCRE_EXTENDED
+
+     If this bit is set, whitespace data characters in  the  pat-
+     tern  are  totally  ignored  except when escaped or inside a
+     character class, and characters between an unescaped #  out-
+     side  a  character  class  and  the  next newline character,
+     inclusive, are also ignored. This is equivalent to Perl's /x
+     option,  and  makes  it  possible to include comments inside
+     complicated patterns. Note, however, that this applies  only
+     to  data  characters. Whitespace characters may never appear
+     within special character sequences in a pattern, for example
+     within  the sequence (?( which introduces a conditional sub-
+     pattern.
+
+       PCRE_EXTRA
+
+     This option was invented in  order  to  turn  on  additional
+     functionality of PCRE that is incompatible with Perl, but it
+     is currently of very little use. When set, any backslash  in
+     a  pattern  that is followed by a letter that has no special
+     meaning causes an error, thus reserving  these  combinations
+     for  future  expansion.  By default, as in Perl, a backslash
+     followed by a letter with no special meaning is treated as a
+     literal.  There  are at present no other features controlled
+     by this option. It can also be set by a (?X) option  setting
+     within a pattern.
+
+       PCRE_MULTILINE
+
+     By default, PCRE treats the subject string as consisting  of
+     a  single "line" of characters (even if it actually contains
+     several newlines). The "start  of  line"  metacharacter  (^)
+     matches  only  at the start of the string, while the "end of
+     line" metacharacter ($) matches  only  at  the  end  of  the
+     string,    or   before   a   terminating   newline   (unless
+     PCRE_DOLLAR_ENDONLY is set). This is the same as Perl.
+
+     When PCRE_MULTILINE it is set, the "start of line" and  "end
+     of  line"  constructs match immediately following or immedi-
+     ately before any newline  in  the  subject  string,  respec-
+     tively,  as  well  as  at  the  very  start and end. This is
+     equivalent to Perl's /m option. If there are no "\n" charac-
+     ters  in  a subject string, or no occurrences of ^ or $ in a
+     pattern, setting PCRE_MULTILINE has no effect.
+
+       PCRE_UNGREEDY
+
+     This option inverts the "greediness" of the  quantifiers  so
+     that  they  are  not greedy by default, but become greedy if
+     followed by "?". It is not compatible with Perl. It can also
+     be set by a (?U) option setting within the pattern.
+
+       PCRE_UTF8
+
+     This option causes PCRE to regard both the pattern  and  the
+     subject  as strings of UTF-8 characters instead of just byte
+     strings. However, it is available  only  if  PCRE  has  been
+     built  to  include  UTF-8  support.  If not, the use of this
+     option provokes an error. Support for UTF-8 is new,  experi-
+     mental,  and incomplete.  Details of exactly what it entails
+     are given below.
+
+
+
+STUDYING A PATTERN
+     When a pattern is going to be  used  several  times,  it  is
+     worth  spending  more time analyzing it in order to speed up
+     the time taken for matching. The function pcre_study() takes
+
+     a  pointer  to a compiled pattern as its first argument, and
+     returns a  pointer  to  a  pcre_extra  block  (another  void
+     typedef)  containing  additional  information about the pat-
+     tern; this can be passed to pcre_exec().  If  no  additional
+     information is available, NULL is returned.
+
+     The second argument contains option  bits.  At  present,  no
+     options  are  defined  for  pcre_study(),  and this argument
+     should always be zero.
+
+     The third argument for pcre_study() is a pointer to an error
+     message. If studying succeeds (even if no data is returned),
+     the variable it points to  is  set  to  NULL.  Otherwise  it
+     points to a textual error message.
+
+     At present, studying a  pattern  is  useful  only  for  non-
+     anchored  patterns  that do not have a single fixed starting
+     character. A  bitmap  of  possible  starting  characters  is
+     created.
+
+
+
+LOCALE SUPPORT
+     PCRE handles caseless matching, and determines whether char-
+     acters  are  letters, digits, or whatever, by reference to a
+     set of tables. The library contains a default set of  tables
+     which  is  created in the default C locale when PCRE is com-
+     piled.  This  is   used   when   the   final   argument   of
+     pcre_compile()  is NULL, and is sufficient for many applica-
+     tions.
+
+     An alternative set of tables can, however, be supplied. Such
+     tables  are built by calling the pcre_maketables() function,
+     which has no arguments, in the relevant locale.  The  result
+     can  then be passed to pcre_compile() as often as necessary.
+     For example, to build and use tables  that  are  appropriate
+     for  the French locale (where accented characters with codes
+     greater than 128 are treated as letters), the following code
+     could be used:
+
+       setlocale(LC_CTYPE, "fr");
+       tables = pcre_maketables();
+       re = pcre_compile(..., tables);
+
+     The  tables  are  built  in  memory  that  is  obtained  via
+     pcre_malloc.  The  pointer that is passed to pcre_compile is
+     saved with the compiled pattern, and  the  same  tables  are
+     used  via this pointer by pcre_study() and pcre_exec(). Thus
+     for any single pattern, compilation, studying  and  matching
+     all happen in the same locale, but different patterns can be
+     compiled in different locales. It is the caller's  responsi-
+     bility  to  ensure  that  the  memory  containing the tables
+     remains available for as long as it is needed.
+
+
+
+INFORMATION ABOUT A PATTERN
+     The pcre_fullinfo() function  returns  information  about  a
+     compiled pattern. It replaces the obsolete pcre_info() func-
+     tion, which is nevertheless retained for backwards compabil-
+     ity (and is documented below).
+
+     The first argument for pcre_fullinfo() is a pointer  to  the
+     compiled  pattern.  The  second  argument  is  the result of
+     pcre_study(), or NULL if the pattern was  not  studied.  The
+     third  argument  specifies  which  piece  of  information is
+     required, while the fourth argument is a pointer to a  vari-
+     able  to receive the data. The yield of the function is zero
+     for success, or one of the following negative numbers:
+
+       PCRE_ERROR_NULL       the argument code was NULL
+                             the argument where was NULL
+       PCRE_ERROR_BADMAGIC   the "magic number" was not found
+       PCRE_ERROR_BADOPTION  the value of what was invalid
+
+     The possible values for the third argument  are  defined  in
+     pcre.h, and are as follows:
+
+       PCRE_INFO_OPTIONS
+
+     Return a copy of the options with which the pattern was com-
+     piled.  The fourth argument should point to au unsigned long
+     int variable. These option bits are those specified  in  the
+     call  to  pcre_compile(),  modified  by any top-level option
+     settings  within  the   pattern   itself,   and   with   the
+     PCRE_ANCHORED  bit  forcibly  set if the form of the pattern
+     implies that it can match only at the  start  of  a  subject
+     string.
+
+       PCRE_INFO_SIZE
+
+     Return the size of the compiled pattern, that is, the  value
+     that  was  passed as the argument to pcre_malloc() when PCRE
+     was getting memory in which to place the compiled data.  The
+     fourth argument should point to a size_t variable.
+
+       PCRE_INFO_CAPTURECOUNT
+
+     Return the number of capturing subpatterns in  the  pattern.
+     The fourth argument should point to an int variable.
+
+       PCRE_INFO_BACKREFMAX
+
+     Return the number of  the  highest  back  reference  in  the
+     pattern.  The  fourth  argument should point to an int vari-
+     able. Zero is returned if there are no back references.
+
+       PCRE_INFO_FIRSTCHAR
+
+     Return information about the first character of any  matched
+     string,  for  a  non-anchored  pattern.  If there is a fixed
+     first   character,   e.g.   from   a   pattern    such    as
+     (cat|cow|coyote),  it  is returned in the integer pointed to
+     by where. Otherwise, if either
+
+     (a) the pattern was compiled with the PCRE_MULTILINE option,
+     and every branch starts with "^", or
+
+     (b) every  branch  of  the  pattern  starts  with  ".*"  and
+     PCRE_DOTALL is not set (if it were set, the pattern would be
+     anchored),
+
+     -1 is returned, indicating that the pattern matches only  at
+     the  start  of a subject string or after any "\n" within the
+     string. Otherwise -2 is returned.  For anchored patterns, -2
+     is returned.
+
+       PCRE_INFO_FIRSTTABLE
+
+     If the pattern was studied, and this resulted  in  the  con-
+     struction of a 256-bit table indicating a fixed set of char-
+     acters for the first character in  any  matching  string,  a
+     pointer   to  the  table  is  returned.  Otherwise  NULL  is
+     returned. The fourth argument should point  to  an  unsigned
+     char * variable.
+
+       PCRE_INFO_LASTLITERAL
+
+     For a non-anchored pattern, return the value of  the  right-
+     most  literal  character  which  must  exist  in any matched
+     string, other than at its start. The fourth argument  should
+     point  to an int variable. If there is no such character, or
+     if the pattern is anchored, -1 is returned. For example, for
+     the pattern /a\d+z\d+/ the returned value is 'z'.
+
+     The pcre_info() function is now obsolete because its  inter-
+     face  is  too  restrictive  to return all the available data
+     about  a  compiled  pattern.   New   programs   should   use
+     pcre_fullinfo()  instead.  The  yield  of pcre_info() is the
+     number of capturing subpatterns, or  one  of  the  following
+     negative numbers:
+
+       PCRE_ERROR_NULL       the argument code was NULL
+       PCRE_ERROR_BADMAGIC   the "magic number" was not found
+
+     If the optptr argument is not NULL, a copy  of  the  options
+     with which the pattern was compiled is placed in the integer
+     it points to (see PCRE_INFO_OPTIONS above).
+
+     If the pattern is not anchored and the firstcharptr argument
+     is  not  NULL, it is used to pass back information about the
+     first    character    of    any    matched    string    (see
+     PCRE_INFO_FIRSTCHAR above).
+
+
+
+MATCHING A PATTERN
+     The function pcre_exec() is called to match a subject string
+     against  a pre-compiled pattern, which is passed in the code
+     argument. If the pattern has been studied, the result of the
+     study should be passed in the extra argument. Otherwise this
+     must be NULL.
+
+     The PCRE_ANCHORED option can be passed in the options  argu-
+     ment,  whose unused bits must be zero. However, if a pattern
+     was  compiled  with  PCRE_ANCHORED,  or  turned  out  to  be
+     anchored  by  virtue  of  its  contents,  it  cannot be made
+     unachored at matching time.
+
+     There are also three further options that can be set only at
+     matching time:
+
+       PCRE_NOTBOL
+
+     The first character of the string is not the beginning of  a
+     line,  so  the  circumflex  metacharacter  should  not match
+     before it. Setting this without PCRE_MULTILINE  (at  compile
+     time) causes circumflex never to match.
+
+       PCRE_NOTEOL
+
+     The end of the string is not the end of a line, so the  dol-
+     lar  metacharacter should not match it nor (except in multi-
+     line mode) a newline immediately  before  it.  Setting  this
+     without PCRE_MULTILINE (at compile time) causes dollar never
+     to match.
+
+       PCRE_NOTEMPTY
+
+     An empty string is not considered to be  a  valid  match  if
+     this  option  is  set. If there are alternatives in the pat-
+     tern, they are tried. If  all  the  alternatives  match  the
+     empty  string,  the  entire match fails. For example, if the
+     pattern
+
+       a?b?
+
+     is applied to a string not beginning with  "a"  or  "b",  it
+     matches  the  empty string at the start of the subject. With
+     PCRE_NOTEMPTY set, this match is not valid, so PCRE searches
+     further into the string for occurrences of "a" or "b".
+
+     Perl has no direct equivalent of PCRE_NOTEMPTY, but it  does
+     make  a  special case of a pattern match of the empty string
+     within its split() function, and when using the /g modifier.
+     It  is possible to emulate Perl's behaviour after matching a
+     null string by first trying the  match  again  at  the  same
+     offset  with  PCRE_NOTEMPTY  set,  and then if that fails by
+     advancing the starting offset  (see  below)  and  trying  an
+     ordinary match again.
+
+     The subject string is passed as  a  pointer  in  subject,  a
+     length  in  length,  and  a  starting offset in startoffset.
+     Unlike the pattern string, it may contain binary zero  char-
+     acters.  When  the starting offset is zero, the search for a
+     match starts at the beginning of the subject, and this is by
+     far the most common case.
+
+     A non-zero starting offset  is  useful  when  searching  for
+     another  match  in  the  same subject by calling pcre_exec()
+     again after a previous success.  Setting startoffset differs
+     from  just  passing  over  a  shortened  string  and setting
+     PCRE_NOTBOL in the case of a pattern that  begins  with  any
+     kind of lookbehind. For example, consider the pattern
+
+       \Biss\B
+
+     which finds occurrences of "iss" in the middle of words. (\B
+     matches only if the current position in the subject is not a
+     word boundary.) When applied to the string "Mississipi"  the
+     first  call  to  pcre_exec()  finds the first occurrence. If
+     pcre_exec() is called again with just the remainder  of  the
+     subject,  namely  "issipi", it does not match, because \B is
+     always false at the start of the subject, which is deemed to
+     be  a  word  boundary. However, if pcre_exec() is passed the
+     entire string again, but with startoffset set to 4, it finds
+     the  second  occurrence  of "iss" because it is able to look
+     behind the starting point to discover that it is preceded by
+     a letter.
+
+     If a non-zero starting offset is passed when the pattern  is
+     anchored, one attempt to match at the given offset is tried.
+     This can only succeed if the pattern does  not  require  the
+     match to be at the start of the subject.
+
+     In general, a pattern matches a certain portion of the  sub-
+     ject,  and  in addition, further substrings from the subject
+     may be picked out by parts of  the  pattern.  Following  the
+     usage  in  Jeffrey Friedl's book, this is called "capturing"
+     in what follows, and the phrase  "capturing  subpattern"  is
+     used for a fragment of a pattern that picks out a substring.
+     PCRE supports several other kinds of  parenthesized  subpat-
+     tern that do not cause substrings to be captured.
+
+     Captured substrings are returned to the caller via a  vector
+     of  integer  offsets whose address is passed in ovector. The
+     number of elements in the vector is passed in ovecsize.  The
+     first two-thirds of the vector is used to pass back captured
+     substrings, each substring using a  pair  of  integers.  The
+     remaining  third  of  the  vector  is  used  as workspace by
+     pcre_exec() while matching capturing subpatterns, and is not
+     available for passing back information. The length passed in
+     ovecsize should always be a multiple of three. If it is not,
+     it is rounded down.
+
+     When a match has been successful, information about captured
+     substrings is returned in pairs of integers, starting at the
+     beginning of ovector, and continuing up to two-thirds of its
+     length  at  the  most. The first element of a pair is set to
+     the offset of the first character in a  substring,  and  the
+     second is set to the offset of the first character after the
+     end of a substring. The first  pair,  ovector[0]  and  ovec-
+     tor[1],  identify  the portion of the subject string matched
+     by the entire pattern. The next pair is used for  the  first
+     capturing  subpattern,  and  so  on.  The  value returned by
+     pcre_exec() is the number of pairs that have  been  set.  If
+     there  are no capturing subpatterns, the return value from a
+     successful match is 1, indicating that just the  first  pair
+     of offsets has been set.
+
+     Some convenience functions are provided for  extracting  the
+     captured substrings as separate strings. These are described
+     in the following section.
+
+     It is possible for an capturing  subpattern  number  n+1  to
+     match  some  part  of  the subject when subpattern n has not
+     been used at all.  For  example,  if  the  string  "abc"  is
+     matched  against the pattern (a|(z))(bc) subpatterns 1 and 3
+     are matched, but 2 is not. When this  happens,  both  offset
+     values corresponding to the unused subpattern are set to -1.
+
+     If a capturing subpattern is matched repeatedly, it  is  the
+     last  portion  of  the  string  that  it  matched  that gets
+     returned.
+
+     If the vector is too small to hold  all  the  captured  sub-
+     strings,  it is used as far as possible (up to two-thirds of
+     its length), and the function returns a value  of  zero.  In
+     particular,  if  the  substring offsets are not of interest,
+     pcre_exec() may be called with ovector passed  as  NULL  and
+     ovecsize  as  zero.  However,  if  the pattern contains back
+     references and the ovector isn't big enough to remember  the
+     related  substrings,  PCRE  has to get additional memory for
+     use during matching. Thus it is usually advisable to  supply
+     an ovector.
+
+     Note that pcre_info() can be used to find out how many  cap-
+     turing  subpatterns  there  are  in  a compiled pattern. The
+     smallest size for ovector that will  allow  for  n  captured
+     substrings  in  addition  to  the  offsets  of the substring
+     matched by the whole pattern is (n+1)*3.
+
+     If pcre_exec() fails, it returns a negative number. The fol-
+     lowing are defined in the header file:
+
+       PCRE_ERROR_NOMATCH        (-1)
+
+     The subject string did not match the pattern.
+
+       PCRE_ERROR_NULL           (-2)
+
+     Either code or subject was passed as NULL,  or  ovector  was
+     NULL and ovecsize was not zero.
+
+       PCRE_ERROR_BADOPTION      (-3)
+
+     An unrecognized bit was set in the options argument.
+
+       PCRE_ERROR_BADMAGIC       (-4)
+
+     PCRE stores a 4-byte "magic number" at the start of the com-
+     piled  code,  to  catch  the  case  when it is passed a junk
+     pointer. This is the error it gives when  the  magic  number
+     isn't present.
+
+       PCRE_ERROR_UNKNOWN_NODE   (-5)
+
+     While running the pattern match, an unknown item was encoun-
+     tered in the compiled pattern. This error could be caused by
+     a bug in PCRE or by overwriting of the compiled pattern.
+
+       PCRE_ERROR_NOMEMORY       (-6)
+
+     If a pattern contains back references, but the ovector  that
+     is  passed  to pcre_exec() is not big enough to remember the
+     referenced substrings, PCRE gets a block of  memory  at  the
+     start  of  matching to use for this purpose. If the call via
+     pcre_malloc() fails, this error  is  given.  The  memory  is
+     freed at the end of matching.
+
+
+
+EXTRACTING CAPTURED SUBSTRINGS
+     Captured substrings can be accessed directly  by  using  the
+
+
+
+
+
+SunOS 5.8                 Last change:                         12
+
+
+
+     offsets returned by pcre_exec() in ovector. For convenience,
+     the functions  pcre_copy_substring(),  pcre_get_substring(),
+     and  pcre_get_substring_list()  are  provided for extracting
+     captured  substrings  as  new,   separate,   zero-terminated
+     strings.   A  substring  that  contains  a  binary  zero  is
+     correctly extracted and has a further zero added on the end,
+     but the result does not, of course, function as a C string.
+
+     The first three arguments are the same for all  three  func-
+     tions:  subject  is  the  subject string which has just been
+     successfully matched, ovector is a pointer to the vector  of
+     integer   offsets   that  was  passed  to  pcre_exec(),  and
+     stringcount is the number of substrings that  were  captured
+     by  the  match,  including  the  substring  that matched the
+     entire regular expression. This is  the  value  returned  by
+     pcre_exec  if  it  is  greater  than  zero.  If  pcre_exec()
+     returned zero, indicating that it ran out of space in  ovec-
+     tor,  the  value passed as stringcount should be the size of
+     the vector divided by three.
+
+     The functions pcre_copy_substring() and pcre_get_substring()
+     extract a single substring, whose number is given as string-
+     number. A value of zero extracts the substring that  matched
+     the entire pattern, while higher values extract the captured
+     substrings. For pcre_copy_substring(), the string is  placed
+     in  buffer,  whose  length is given by buffersize, while for
+     pcre_get_substring() a new block of memory is  obtained  via
+     pcre_malloc,  and its address is returned via stringptr. The
+     yield of the function is  the  length  of  the  string,  not
+     including the terminating zero, or one of
+
+       PCRE_ERROR_NOMEMORY       (-6)
+
+     The buffer was too small for pcre_copy_substring(),  or  the
+     attempt to get memory failed for pcre_get_substring().
+
+       PCRE_ERROR_NOSUBSTRING    (-7)
+
+     There is no substring whose number is stringnumber.
+
+     The pcre_get_substring_list() function extracts  all  avail-
+     able  substrings  and builds a list of pointers to them. All
+     this is done in a single block of memory which  is  obtained
+     via pcre_malloc. The address of the memory block is returned
+     via listptr, which is also the start of the list  of  string
+     pointers.  The  end of the list is marked by a NULL pointer.
+     The yield of the function is zero if all went well, or
+
+       PCRE_ERROR_NOMEMORY       (-6)
+
+     if the attempt to get the memory block failed.
+
+     When any of these functions encounter a  substring  that  is
+     unset, which can happen when capturing subpattern number n+1
+     matches some part of the subject, but subpattern n  has  not
+     been  used  at all, they return an empty string. This can be
+     distinguished  from  a  genuine  zero-length  substring   by
+     inspecting the appropriate offset in ovector, which is nega-
+     tive for unset substrings.
+
+     The  two  convenience  functions  pcre_free_substring()  and
+     pcre_free_substring_list()  can  be  used to free the memory
+     returned by  a  previous  call  of  pcre_get_substring()  or
+     pcre_get_substring_list(),  respectively.  They  do  nothing
+     more than call the function pointed to by  pcre_free,  which
+     of  course  could  be called directly from a C program. How-
+     ever, PCRE is used in some situations where it is linked via
+     a  special  interface  to another programming language which
+     cannot use pcre_free directly; it is for  these  cases  that
+     the functions are provided.
+
+
+
+LIMITATIONS
+     There are some size limitations in PCRE but it is hoped that
+     they will never in practice be relevant.  The maximum length
+     of a compiled pattern is 65539 (sic) bytes.  All  values  in
+     repeating  quantifiers must be less than 65536.  The maximum
+     number of capturing subpatterns is 99.  The  maximum  number
+     of  all  parenthesized subpatterns, including capturing sub-
+     patterns, assertions, and other types of subpattern, is 200.
+
+     The maximum length of a subject string is the largest  posi-
+     tive number that an integer variable can hold. However, PCRE
+     uses recursion to handle subpatterns and indefinite  repeti-
+     tion.  This  means  that the available stack space may limit
+     the size of a subject string that can be processed  by  cer-
+     tain patterns.
+
+
+
+DIFFERENCES FROM PERL
+     The differences described here  are  with  respect  to  Perl
+     5.005.
+
+     1. By default, a whitespace character is any character  that
+     the  C  library  function isspace() recognizes, though it is
+     possible to compile PCRE  with  alternative  character  type
+     tables. Normally isspace() matches space, formfeed, newline,
+     carriage return, horizontal tab, and vertical tab. Perl 5 no
+     longer  includes vertical tab in its set of whitespace char-
+     acters. The \v escape that was in the Perl documentation for
+     a long time was never in fact recognized. However, the char-
+     acter itself was treated as whitespace at least up to 5.002.
+     In 5.004 and 5.005 it does not match \s.
+
+     2. PCRE does  not  allow  repeat  quantifiers  on  lookahead
+     assertions. Perl permits them, but they do not mean what you
+     might think. For example, (?!a){3} does not assert that  the
+     next  three characters are not "a". It just asserts that the
+     next character is not "a" three times.
+
+     3. Capturing subpatterns that occur inside  negative  looka-
+     head  assertions  are  counted,  but  their  entries  in the
+     offsets vector are never set. Perl sets its numerical  vari-
+     ables  from  any  such  patterns that are matched before the
+     assertion fails to match something (thereby succeeding), but
+     only  if  the negative lookahead assertion contains just one
+     branch.
+
+     4. Though binary zero characters are supported in  the  sub-
+     ject  string,  they  are  not  allowed  in  a pattern string
+     because it is passed as a normal  C  string,  terminated  by
+     zero. The escape sequence "\0" can be used in the pattern to
+     represent a binary zero.
+
+     5. The following Perl escape sequences  are  not  supported:
+     \l,  \u,  \L,  \U,  \E, \Q. In fact these are implemented by
+     Perl's general string-handling and are not part of its  pat-
+     tern matching engine.
+
+     6. The Perl \G assertion is  not  supported  as  it  is  not
+     relevant to single pattern matches.
+
+     7. Fairly obviously, PCRE does not support the (?{code}) and
+     (?p{code})  constructions. However, there is some experimen-
+     tal support for recursive patterns using the  non-Perl  item
+     (?R).
+
+     8. There are at the time of writing some  oddities  in  Perl
+     5.005_02  concerned  with  the  settings of captured strings
+     when part of a pattern is repeated.  For  example,  matching
+     "aba"  against the pattern /^(a(b)?)+$/ sets $2 to the value
+     "b", but matching "aabbaa" against /^(aa(bb)?)+$/ leaves  $2
+     unset.    However,    if   the   pattern   is   changed   to
+     /^(aa(b(b))?)+$/ then $2 (and $3) are set.
+
+     In Perl 5.004 $2 is set in both cases, and that is also true
+     of PCRE. If in the future Perl changes to a consistent state
+     that is different, PCRE may change to follow.
+
+     9. Another as yet unresolved discrepancy  is  that  in  Perl
+     5.005_02  the  pattern /^(a)?(?(1)a|b)+$/ matches the string
+     "a", whereas in PCRE it does not.  However, in both Perl and
+     PCRE /^(a)?a/ matched against "a" leaves $1 unset.
+
+     10. PCRE  provides  some  extensions  to  the  Perl  regular
+     expression facilities:
+
+     (a) Although lookbehind assertions must match  fixed  length
+     strings,  each  alternative branch of a lookbehind assertion
+     can match a different length of string. Perl 5.005  requires
+     them all to have the same length.
+
+     (b) If PCRE_DOLLAR_ENDONLY is set and PCRE_MULTILINE is  not
+     set,  the  $ meta- character matches only at the very end of
+     the string.
+
+     (c) If PCRE_EXTRA is set, a backslash followed by  a  letter
+     with no special meaning is faulted.
+
+     (d) If PCRE_UNGREEDY is set, the greediness of  the  repeti-
+     tion  quantifiers  is inverted, that is, by default they are
+     not greedy, but if followed by a question mark they are.
+
+     (e) PCRE_ANCHORED can be used to force a pattern to be tried
+     only at the start of the subject.
+
+     (f) The PCRE_NOTBOL, PCRE_NOTEOL, and PCRE_NOTEMPTY  options
+     for pcre_exec() have no Perl equivalents.
+
+     (g) The (?R) construct allows for recursive pattern matching
+     (Perl  5.6 can do this using the (?p{code}) construct, which
+     PCRE cannot of course support.)
+
+
+
+REGULAR EXPRESSION DETAILS
+     The syntax and semantics of  the  regular  expressions  sup-
+     ported  by PCRE are described below. Regular expressions are
+     also described in the Perl documentation and in a number  of
+     other  books,  some  of which have copious examples. Jeffrey
+     Friedl's  "Mastering  Regular  Expressions",  published   by
+     O'Reilly (ISBN 1-56592-257), covers them in great detail.
+
+     The description here is intended as reference documentation.
+     The basic operation of PCRE is on strings of bytes. However,
+     there is the beginnings of some support for UTF-8  character
+     strings.  To  use  this  support  you must configure PCRE to
+     include it, and then call pcre_compile() with the  PCRE_UTF8
+     option.  How  this affects the pattern matching is described
+     in the final section of this document.
+
+     A regular expression is a pattern that is matched against  a
+     subject string from left to right. Most characters stand for
+     themselves in a pattern, and match the corresponding charac-
+     ters in the subject. As a trivial example, the pattern
+
+       The quick brown fox
+
+     matches a portion of a subject string that is  identical  to
+     itself.  The  power  of  regular  expressions comes from the
+     ability to include alternatives and repetitions in the  pat-
+     tern.  These  are encoded in the pattern by the use of meta-
+     characters, which do not stand for  themselves  but  instead
+     are interpreted in some special way.
+
+     There are two different sets of meta-characters: those  that
+     are  recognized anywhere in the pattern except within square
+     brackets, and those that are recognized in square  brackets.
+     Outside square brackets, the meta-characters are as follows:
+
+       \      general escape character with several uses
+       ^      assert start of  subject  (or  line,  in  multiline
+     mode)
+       $      assert end of subject (or line, in multiline mode)
+       .      match any character except newline (by default)
+       [      start character class definition
+       |      start of alternative branch
+       (      start subpattern
+       )      end subpattern
+       ?      extends the meaning of (
+              also 0 or 1 quantifier
+              also quantifier minimizer
+       *      0 or more quantifier
+       +      1 or more quantifier
+       {      start min/max quantifier
+
+     Part of a pattern that is in square  brackets  is  called  a
+     "character  class".  In  a  character  class  the only meta-
+     characters are:
+
+       \      general escape character
+       ^      negate the class, but only if the first character
+       -      indicates character range
+       ]      terminates the character class
+
+     The following sections describe  the  use  of  each  of  the
+     meta-characters.
+
+
+
+BACKSLASH
+     The backslash character has several uses. Firstly, if it  is
+     followed  by  a  non-alphameric character, it takes away any
+     special  meaning  that  character  may  have.  This  use  of
+     backslash  as  an  escape  character applies both inside and
+     outside character classes.
+
+     For example, if you want to match a "*" character, you write
+     "\*" in the pattern. This applies whether or not the follow-
+     ing character would otherwise  be  interpreted  as  a  meta-
+     character,  so it is always safe to precede a non-alphameric
+     with "\" to specify that it stands for itself.  In  particu-
+     lar, if you want to match a backslash, you write "\\".
+
+     If a pattern is compiled with the PCRE_EXTENDED option, whi-
+     tespace in the pattern (other than in a character class) and
+     characters between a "#" outside a character class  and  the
+     next  newline  character  are ignored. An escaping backslash
+     can be used to include a whitespace or "#" character as part
+     of the pattern.
+
+     A second use of backslash provides a way  of  encoding  non-
+     printing  characters  in patterns in a visible manner. There
+     is no restriction on the appearance of non-printing  charac-
+     ters,  apart from the binary zero that terminates a pattern,
+     but when a pattern is being prepared by text editing, it  is
+     usually  easier to use one of the following escape sequences
+     than the binary character it represents:
+
+       \a     alarm, that is, the BEL character (hex 07)
+       \cx    "control-x", where x is any character
+       \e     escape (hex 1B)
+       \f     formfeed (hex 0C)
+       \n     newline (hex 0A)
+       \r     carriage return (hex 0D)
+       \t     tab (hex 09)
+       \xhh   character with hex code hh
+       \ddd   character with octal code ddd, or backreference
+
+     The precise effect of "\cx" is as follows: if "x" is a lower
+     case  letter,  it  is converted to upper case. Then bit 6 of
+     the character (hex 40) is inverted.  Thus "\cz" becomes  hex
+     1A, but "\c{" becomes hex 3B, while "\c;" becomes hex 7B.
+
+     After "\x", up to two hexadecimal digits are  read  (letters
+     can be in upper or lower case).
+
+     After "\0" up to two further octal digits are read. In  both
+     cases,  if  there are fewer than two digits, just those that
+     are present are used. Thus the sequence "\0\x\07"  specifies
+     two binary zeros followed by a BEL character.  Make sure you
+     supply two digits after the initial zero  if  the  character
+     that follows is itself an octal digit.
+
+     The handling of a backslash followed by a digit other than 0
+     is  complicated.   Outside  a character class, PCRE reads it
+     and any following digits as a decimal number. If the  number
+     is  less  than  10, or if there have been at least that many
+     previous capturing left parentheses in the  expression,  the
+     entire  sequence is taken as a back reference. A description
+     of how this works is given later, following  the  discussion
+     of parenthesized subpatterns.
+
+     Inside a character  class,  or  if  the  decimal  number  is
+     greater  than  9 and there have not been that many capturing
+     subpatterns, PCRE re-reads up to three octal digits  follow-
+     ing  the  backslash,  and  generates  a single byte from the
+     least significant 8 bits of the value. Any subsequent digits
+     stand for themselves.  For example:
+
+       \040   is another way of writing a space
+       \40    is the same, provided there are fewer than 40
+                 previous capturing subpatterns
+       \7     is always a back reference
+       \11    might be a back reference, or another way of
+                 writing a tab
+       \011   is always a tab
+       \0113  is a tab followed by the character "3"
+       \113   is the character with octal code 113 (since there
+                 can be no more than 99 back references)
+       \377   is a byte consisting entirely of 1 bits
+       \81    is either a back reference, or a binary zero
+                 followed by the two characters "8" and "1"
+
+     Note that octal values of 100 or greater must not be  intro-
+     duced  by  a  leading zero, because no more than three octal
+     digits are ever read.
+
+     All the sequences that define a single  byte  value  can  be
+     used both inside and outside character classes. In addition,
+     inside a character class, the sequence "\b"  is  interpreted
+     as  the  backspace  character  (hex 08). Outside a character
+     class it has a different meaning (see below).
+
+     The third use of backslash is for specifying generic charac-
+     ter types:
+
+       \d     any decimal digit
+       \D     any character that is not a decimal digit
+       \s     any whitespace character
+       \S     any character that is not a whitespace character
+       \w     any "word" character
+       \W     any "non-word" character
+
+     Each pair of escape sequences partitions the complete set of
+     characters  into  two  disjoint  sets.  Any  given character
+     matches one, and only one, of each pair.
+
+     A "word" character is any letter or digit or the  underscore
+     character,  that  is,  any  character which can be part of a
+     Perl "word". The definition of letters and  digits  is  con-
+     trolled  by PCRE's character tables, and may vary if locale-
+     specific matching is  taking  place  (see  "Locale  support"
+     above). For example, in the "fr" (French) locale, some char-
+     acter codes greater than 128 are used for accented  letters,
+     and these are matched by \w.
+
+     These character type sequences can appear  both  inside  and
+     outside  character classes. They each match one character of
+     the appropriate type. If the current matching  point  is  at
+     the end of the subject string, all of them fail, since there
+     is no character to match.
+
+     The fourth use of backslash is  for  certain  simple  asser-
+     tions. An assertion specifies a condition that has to be met
+     at a particular point in  a  match,  without  consuming  any
+     characters  from  the subject string. The use of subpatterns
+     for more complicated  assertions  is  described  below.  The
+     backslashed assertions are
+
+       \b     word boundary
+       \B     not a word boundary
+       \A     start of subject (independent of multiline mode)
+       \Z     end of subject or newline at  end  (independent  of
+     multiline mode)
+       \z     end of subject (independent of multiline mode)
+
+     These assertions may not appear in  character  classes  (but
+     note that "\b" has a different meaning, namely the backspace
+     character, inside a character class).
+
+     A word boundary is a position in the  subject  string  where
+     the current character and the previous character do not both
+     match \w or \W (i.e. one matches \w and  the  other  matches
+     \W),  or the start or end of the string if the first or last
+     character matches \w, respectively.
+
+     The \A, \Z, and \z assertions differ  from  the  traditional
+     circumflex  and  dollar  (described below) in that they only
+     ever match at the very start and end of the subject  string,
+     whatever  options  are  set.  They  are  not affected by the
+     PCRE_NOTBOL or PCRE_NOTEOL options. If the startoffset argu-
+     ment  of  pcre_exec()  is  non-zero, \A can never match. The
+     difference between \Z and \z is that  \Z  matches  before  a
+     newline  that is the last character of the string as well as
+     at the end of the string, whereas \z  matches  only  at  the
+     end.
+
+
+
+CIRCUMFLEX AND DOLLAR
+     Outside a character class, in the default matching mode, the
+     circumflex  character  is an assertion which is true only if
+     the current matching point is at the start  of  the  subject
+
+     string.  If  the startoffset argument of pcre_exec() is non-
+     zero, circumflex can never match. Inside a character  class,
+     circumflex has an entirely different meaning (see below).
+
+     Circumflex need not be the first character of the pattern if
+     a  number of alternatives are involved, but it should be the
+     first thing in each alternative in which it appears  if  the
+     pattern is ever to match that branch. If all possible alter-
+     natives start with a circumflex, that is, if the pattern  is
+     constrained to match only at the start of the subject, it is
+     said to be an "anchored" pattern. (There are also other con-
+     structs that can cause a pattern to be anchored.)
+
+     A dollar character is an assertion which is true only if the
+     current  matching point is at the end of the subject string,
+     or immediately before a newline character that is  the  last
+     character in the string (by default). Dollar need not be the
+     last character of the pattern if a  number  of  alternatives
+     are  involved,  but it should be the last item in any branch
+     in which it appears.  Dollar has no  special  meaning  in  a
+     character class.
+
+     The meaning of dollar can be changed so that it matches only
+     at   the   very   end   of   the   string,  by  setting  the
+     PCRE_DOLLAR_ENDONLY option at compile or matching time. This
+     does not affect the \Z assertion.
+
+     The meanings of the circumflex  and  dollar  characters  are
+     changed  if  the  PCRE_MULTILINE option is set. When this is
+     the case,  they  match  immediately  after  and  immediately
+     before an internal "\n" character, respectively, in addition
+     to matching at the start and end of the subject string.  For
+     example,  the  pattern  /^abc$/  matches  the subject string
+     "def\nabc" in multiline  mode,  but  not  otherwise.  Conse-
+     quently,  patterns  that  are  anchored  in single line mode
+     because all branches start with "^" are not anchored in mul-
+     tiline mode, and a match for circumflex is possible when the
+     startoffset  argument  of  pcre_exec()  is   non-zero.   The
+     PCRE_DOLLAR_ENDONLY  option  is ignored if PCRE_MULTILINE is
+     set.
+
+     Note that the sequences \A, \Z, and \z can be used to  match
+     the  start  and end of the subject in both modes, and if all
+     branches of a pattern start with \A is it  always  anchored,
+     whether PCRE_MULTILINE is set or not.
+
+
+
+FULL STOP (PERIOD, DOT)
+     Outside a character class, a dot in the pattern matches  any
+     one character in the subject, including a non-printing char-
+     acter, but not (by default)  newline.   If  the  PCRE_DOTALL
+
+     option  is set, dots match newlines as well. The handling of
+     dot is entirely independent of the  handling  of  circumflex
+     and  dollar,  the  only  relationship  being  that they both
+     involve newline characters. Dot has no special meaning in  a
+     character class.
+
+
+
+SQUARE BRACKETS
+     An opening square bracket introduces a character class, ter-
+     minated  by  a  closing  square  bracket.  A  closing square
+     bracket on its own is  not  special.  If  a  closing  square
+     bracket  is  required as a member of the class, it should be
+     the first data character in the class (after an initial cir-
+     cumflex, if present) or escaped with a backslash.
+
+     A character class matches a single character in the subject;
+     the  character  must  be in the set of characters defined by
+     the class, unless the first character in the class is a cir-
+     cumflex,  in which case the subject character must not be in
+     the set defined by the class. If a  circumflex  is  actually
+     required  as  a  member  of  the class, ensure it is not the
+     first character, or escape it with a backslash.
+
+     For example, the character class [aeiou] matches  any  lower
+     case vowel, while [^aeiou] matches any character that is not
+     a lower case vowel. Note that a circumflex is  just  a  con-
+     venient  notation for specifying the characters which are in
+     the class by enumerating those that are not. It  is  not  an
+     assertion:  it  still  consumes a character from the subject
+     string, and fails if the current pointer is at  the  end  of
+     the string.
+
+     When caseless matching  is  set,  any  letters  in  a  class
+     represent  both their upper case and lower case versions, so
+     for example, a caseless [aeiou] matches "A" as well as  "a",
+     and  a caseless [^aeiou] does not match "A", whereas a case-
+     ful version would.
+
+     The newline character is never treated in any special way in
+     character  classes,  whatever the setting of the PCRE_DOTALL
+     or PCRE_MULTILINE options is. A  class  such  as  [^a]  will
+     always match a newline.
+
+     The minus (hyphen) character can be used to specify a  range
+     of  characters  in  a  character  class.  For example, [d-m]
+     matches any letter between d and m, inclusive.  If  a  minus
+     character  is required in a class, it must be escaped with a
+     backslash or appear in a position where it cannot be  inter-
+     preted as indicating a range, typically as the first or last
+     character in the class.
+
+     It is not possible to have the literal character "]" as  the
+     end  character  of  a  range.  A  pattern such as [W-]46] is
+     interpreted as a class of two characters ("W" and "-")  fol-
+     lowed by a literal string "46]", so it would match "W46]" or
+     "-46]". However, if the "]" is escaped with a  backslash  it
+     is  interpreted  as  the end of range, so [W-\]46] is inter-
+     preted as a single class containing a range followed by  two
+     separate characters. The octal or hexadecimal representation
+     of "]" can also be used to end a range.
+
+     Ranges operate in ASCII collating sequence. They can also be
+     used  for  characters  specified  numerically,  for  example
+     [\000-\037]. If a range that includes letters is  used  when
+     caseless  matching  is set, it matches the letters in either
+     case. For example, [W-c] is equivalent  to  [][\^_`wxyzabc],
+     matched  caselessly,  and  if  character tables for the "fr"
+     locale are in use, [\xc8-\xcb] matches accented E characters
+     in both cases.
+
+     The character types \d, \D, \s, \S,  \w,  and  \W  may  also
+     appear  in  a  character  class, and add the characters that
+     they match to the class. For example, [\dABCDEF] matches any
+     hexadecimal  digit.  A  circumflex  can conveniently be used
+     with the upper case character types to specify a  more  res-
+     tricted set of characters than the matching lower case type.
+     For example, the class [^\W_] matches any letter  or  digit,
+     but not underscore.
+
+     All non-alphameric characters other than \,  -,  ^  (at  the
+     start)  and  the  terminating ] are non-special in character
+     classes, but it does no harm if they are escaped.
+
+
+
+POSIX CHARACTER CLASSES
+     Perl 5.6 (not yet released at the time of writing) is  going
+     to  support  the POSIX notation for character classes, which
+     uses names enclosed by  [:  and  :]   within  the  enclosing
+     square brackets. PCRE supports this notation. For example,
+
+       [01[:alpha:]%]
+
+     matches "0", "1", any alphabetic character, or "%". The sup-
+     ported class names are
+
+       alnum    letters and digits
+       alpha    letters
+       ascii    character codes 0 - 127
+       cntrl    control characters
+       digit    decimal digits (same as \d)
+       graph    printing characters, excluding space
+       lower    lower case letters
+       print    printing characters, including space
+       punct    printing characters, excluding letters and digits
+       space    white space (same as \s)
+       upper    upper case letters
+       word     "word" characters (same as \w)
+       xdigit   hexadecimal digits
+
+     The names "ascii" and "word" are  Perl  extensions.  Another
+     Perl  extension is negation, which is indicated by a ^ char-
+     acter after the colon. For example,
+
+       [12[:^digit:]]
+
+     matches "1", "2", or any non-digit.  PCRE  (and  Perl)  also
+     recogize  the POSIX syntax [.ch.] and [=ch=] where "ch" is a
+     "collating element", but these are  not  supported,  and  an
+     error is given if they are encountered.
+
+
+
+VERTICAL BAR
+     Vertical bar characters are  used  to  separate  alternative
+     patterns. For example, the pattern
+
+       gilbert|sullivan
+
+     matches either "gilbert" or "sullivan". Any number of alter-
+     natives  may  appear,  and an empty alternative is permitted
+     (matching the empty string).   The  matching  process  tries
+     each  alternative in turn, from left to right, and the first
+     one that succeeds is used. If the alternatives are within  a
+     subpattern  (defined  below),  "succeeds" means matching the
+     rest of the main pattern as well as the alternative  in  the
+     subpattern.
+
+
+
+INTERNAL OPTION SETTING
+     The settings of PCRE_CASELESS, PCRE_MULTILINE,  PCRE_DOTALL,
+     and  PCRE_EXTENDED can be changed from within the pattern by
+     a sequence of Perl option letters enclosed between "(?"  and
+     ")". The option letters are
+
+       i  for PCRE_CASELESS
+       m  for PCRE_MULTILINE
+       s  for PCRE_DOTALL
+       x  for PCRE_EXTENDED
+
+     For example, (?im) sets caseless, multiline matching. It  is
+     also possible to unset these options by preceding the letter
+     with a hyphen, and a combined setting and unsetting such  as
+     (?im-sx),  which sets PCRE_CASELESS and PCRE_MULTILINE while
+     unsetting PCRE_DOTALL and PCRE_EXTENDED, is also  permitted.
+     If  a  letter  appears both before and after the hyphen, the
+     option is unset.
+
+     The scope of these option changes depends on  where  in  the
+     pattern  the  setting  occurs. For settings that are outside
+     any subpattern (defined below), the effect is the same as if
+     the  options were set or unset at the start of matching. The
+     following patterns all behave in exactly the same way:
+
+       (?i)abc
+       a(?i)bc
+       ab(?i)c
+       abc(?i)
+
+     which in turn is the same as compiling the pattern abc  with
+     PCRE_CASELESS  set.   In  other words, such "top level" set-
+     tings apply to the whole pattern  (unless  there  are  other
+     changes  inside subpatterns). If there is more than one set-
+     ting of the same option at top level, the rightmost  setting
+     is used.
+
+     If an option change occurs inside a subpattern,  the  effect
+     is  different.  This is a change of behaviour in Perl 5.005.
+     An option change inside a subpattern affects only that  part
+     of the subpattern that follows it, so
+
+       (a(?i)b)c
+
+     matches  abc  and  aBc  and  no  other   strings   (assuming
+     PCRE_CASELESS  is  not used).  By this means, options can be
+     made to have different settings in different  parts  of  the
+     pattern.  Any  changes  made  in one alternative do carry on
+     into subsequent branches within  the  same  subpattern.  For
+     example,
+
+       (a(?i)b|c)
+
+     matches "ab", "aB", "c", and "C", even though when  matching
+     "C" the first branch is abandoned before the option setting.
+     This is because the effects of  option  settings  happen  at
+     compile  time. There would be some very weird behaviour oth-
+     erwise.
+
+     The PCRE-specific options PCRE_UNGREEDY and  PCRE_EXTRA  can
+     be changed in the same way as the Perl-compatible options by
+     using the characters U and X  respectively.  The  (?X)  flag
+     setting  is  special in that it must always occur earlier in
+     the pattern than any of the additional features it turns on,
+     even when it is at top level. It is best put at the start.
+
+
+
+SUBPATTERNS
+     Subpatterns are delimited by parentheses  (round  brackets),
+     which can be nested.  Marking part of a pattern as a subpat-
+     tern does two things:
+
+     1. It localizes a set of alternatives. For example, the pat-
+     tern
+
+       cat(aract|erpillar|)
+
+     matches one of the words "cat",  "cataract",  or  "caterpil-
+     lar".  Without  the  parentheses, it would match "cataract",
+     "erpillar" or the empty string.
+
+     2. It sets up the subpattern as a capturing  subpattern  (as
+     defined  above).   When the whole pattern matches, that por-
+     tion of the subject string that matched  the  subpattern  is
+     passed  back  to  the  caller  via  the  ovector argument of
+     pcre_exec(). Opening parentheses are counted  from  left  to
+     right (starting from 1) to obtain the numbers of the captur-
+     ing subpatterns.
+
+     For example, if the string "the red king" is matched against
+     the pattern
+
+       the ((red|white) (king|queen))
+
+     the captured substrings are "red king", "red",  and  "king",
+     and are numbered 1, 2, and 3.
+
+     The fact that plain parentheses fulfil two functions is  not
+     always  helpful.  There are often times when a grouping sub-
+     pattern is required without a capturing requirement.  If  an
+     opening parenthesis is followed by "?:", the subpattern does
+     not do any capturing, and is not counted when computing  the
+     number of any subsequent capturing subpatterns. For example,
+     if the string "the white queen" is matched against the  pat-
+     tern
+
+       the ((?:red|white) (king|queen))
+
+     the captured substrings are "white queen" and  "queen",  and
+     are  numbered  1  and 2. The maximum number of captured sub-
+     strings is 99, and the maximum number  of  all  subpatterns,
+     both capturing and non-capturing, is 200.
+
+     As a  convenient  shorthand,  if  any  option  settings  are
+     required  at  the  start  of a non-capturing subpattern, the
+     option letters may appear between the "?" and the ":".  Thus
+     the two patterns
+
+       (?i:saturday|sunday)
+       (?:(?i)saturday|sunday)
+
+     match exactly the same set of strings.  Because  alternative
+     branches  are  tried from left to right, and options are not
+     reset until the end of the subpattern is reached, an  option
+     setting  in  one  branch does affect subsequent branches, so
+     the above patterns match "SUNDAY" as well as "Saturday".
+
+
+
+REPETITION
+     Repetition is specified by quantifiers, which can follow any
+     of the following items:
+
+       a single character, possibly escaped
+       the . metacharacter
+       a character class
+       a back reference (see next section)
+       a parenthesized subpattern (unless it is  an  assertion  -
+     see below)
+
+     The general repetition quantifier specifies  a  minimum  and
+     maximum  number  of  permitted  matches,  by  giving the two
+     numbers in curly brackets (braces), separated  by  a  comma.
+     The  numbers  must be less than 65536, and the first must be
+     less than or equal to the second. For example:
+
+       z{2,4}
+
+     matches "zz", "zzz", or "zzzz". A closing brace on  its  own
+     is not a special character. If the second number is omitted,
+     but the comma is present, there is no upper  limit;  if  the
+     second number and the comma are both omitted, the quantifier
+     specifies an exact number of required matches. Thus
+
+       [aeiou]{3,}
+
+     matches at least 3 successive vowels,  but  may  match  many
+     more, while
+
+       \d{8}
+
+     matches exactly 8 digits.  An  opening  curly  bracket  that
+     appears  in a position where a quantifier is not allowed, or
+     one that does not match the syntax of a quantifier, is taken
+     as  a literal character. For example, {,6} is not a quantif-
+     ier, but a literal string of four characters.
+
+     The quantifier {0} is permitted, causing the  expression  to
+     behave  as  if the previous item and the quantifier were not
+     present.
+
+     For convenience (and  historical  compatibility)  the  three
+     most common quantifiers have single-character abbreviations:
+
+       *    is equivalent to {0,}
+       +    is equivalent to {1,}
+       ?    is equivalent to {0,1}
+
+     It is possible to construct infinite loops  by  following  a
+     subpattern  that  can  match no characters with a quantifier
+     that has no upper limit, for example:
+
+       (a?)*
+
+     Earlier versions of Perl and PCRE used to give an  error  at
+     compile  time  for such patterns. However, because there are
+     cases where this  can  be  useful,  such  patterns  are  now
+     accepted,  but  if  any repetition of the subpattern does in
+     fact match no characters, the loop is forcibly broken.
+
+     By default, the quantifiers  are  "greedy",  that  is,  they
+     match  as much as possible (up to the maximum number of per-
+     mitted times), without causing the rest of  the  pattern  to
+     fail. The classic example of where this gives problems is in
+     trying to match comments in C programs. These appear between
+     the  sequences /* and */ and within the sequence, individual
+     * and / characters may appear. An attempt to  match  C  com-
+     ments by applying the pattern
+
+       /\*.*\*/
+
+     to the string
+
+       /* first command */  not comment  /* second comment */
+
+     fails, because it matches the entire  string  owing  to  the
+     greediness of the .*  item.
+
+     However, if a quantifier is followed by a question mark,  it
+     ceases  to be greedy, and instead matches the minimum number
+     of times possible, so the pattern
+
+       /\*.*?\*/
+
+     does the right thing with the C comments. The meaning of the
+     various  quantifiers is not otherwise changed, just the pre-
+     ferred number of matches.  Do not confuse this use of  ques-
+     tion  mark  with  its  use as a quantifier in its own right.
+     Because it has two uses, it can sometimes appear doubled, as
+     in
+
+       \d??\d
+
+     which matches one digit by preference, but can match two  if
+     that is the only way the rest of the pattern matches.
+
+     If the PCRE_UNGREEDY option is set (an option which  is  not
+     available  in  Perl),  the  quantifiers  are  not  greedy by
+     default, but individual ones can be made greedy by following
+     them  with  a  question mark. In other words, it inverts the
+     default behaviour.
+
+     When a parenthesized subpattern is quantified with a minimum
+     repeat  count  that is greater than 1 or with a limited max-
+     imum, more store is required for the  compiled  pattern,  in
+     proportion to the size of the minimum or maximum.
+
+     If a pattern starts with .* or  .{0,}  and  the  PCRE_DOTALL
+     option (equivalent to Perl's /s) is set, thus allowing the .
+     to match  newlines,  the  pattern  is  implicitly  anchored,
+     because whatever follows will be tried against every charac-
+     ter position in the subject string, so there is no point  in
+     retrying  the overall match at any position after the first.
+     PCRE treats such a pattern as though it were preceded by \A.
+     In  cases where it is known that the subject string contains
+     no newlines, it is worth setting PCRE_DOTALL when  the  pat-
+     tern begins with .* in order to obtain this optimization, or
+     alternatively using ^ to indicate anchoring explicitly.
+
+     When a capturing subpattern is repeated, the value  captured
+     is the substring that matched the final iteration. For exam-
+     ple, after
+
+       (tweedle[dume]{3}\s*)+
+
+     has matched "tweedledum tweedledee" the value  of  the  cap-
+     tured  substring  is  "tweedledee".  However,  if  there are
+     nested capturing  subpatterns,  the  corresponding  captured
+     values  may  have been set in previous iterations. For exam-
+     ple, after
+
+       /(a|(b))+/
+
+     matches "aba" the value of the second captured substring  is
+     "b".
+
+
+
+BACK REFERENCES
+     Outside a character class, a backslash followed by  a  digit
+     greater  than  0  (and  possibly  further  digits) is a back
+     reference to a capturing subpattern  earlier  (i.e.  to  its
+     left)  in  the  pattern,  provided there have been that many
+     previous capturing left parentheses.
+
+     However, if the decimal number following  the  backslash  is
+     less  than  10,  it is always taken as a back reference, and
+     causes an error only if there are not  that  many  capturing
+     left  parentheses in the entire pattern. In other words, the
+     parentheses that are referenced need not be to the  left  of
+     the  reference  for  numbers  less  than 10. See the section
+     entitled "Backslash" above for further details of  the  han-
+     dling of digits following a backslash.
+
+     A back reference matches whatever actually matched the  cap-
+     turing subpattern in the current subject string, rather than
+     anything matching the subpattern itself. So the pattern
+
+       (sens|respons)e and \1ibility
+
+     matches "sense and sensibility" and "response and  responsi-
+     bility",  but  not  "sense  and  responsibility". If caseful
+     matching is in force at the time of the back reference,  the
+     case of letters is relevant. For example,
+
+       ((?i)rah)\s+\1
+
+     matches "rah rah" and "RAH RAH", but  not  "RAH  rah",  even
+     though  the  original  capturing subpattern is matched case-
+     lessly.
+
+     There may be more than one back reference to the  same  sub-
+     pattern.  If  a  subpattern  has not actually been used in a
+     particular match, any back references to it always fail. For
+     example, the pattern
+
+       (a|(bc))\2
+
+     always fails if it starts to match  "a"  rather  than  "bc".
+     Because  there  may  be up to 99 back references, all digits
+     following the backslash are taken as  part  of  a  potential
+     back reference number. If the pattern continues with a digit
+     character, some delimiter must be used to terminate the back
+     reference.   If the PCRE_EXTENDED option is set, this can be
+     whitespace. Otherwise an empty comment can be used.
+
+     A back reference that occurs inside the parentheses to which
+     it  refers  fails when the subpattern is first used, so, for
+     example, (a\1) never matches.  However, such references  can
+     be useful inside repeated subpatterns. For example, the pat-
+     tern
+
+       (a|b\1)+
+
+     matches any number of "a"s and also "aba", "ababbaa" etc. At
+     each iteration of the subpattern, the back reference matches
+     the  character  string   corresponding   to   the   previous
+     iteration.  In  order  for this to work, the pattern must be
+     such that the first iteration does not  need  to  match  the
+     back  reference.  This  can be done using alternation, as in
+     the example above, or by a  quantifier  with  a  minimum  of
+     zero.
+
+
+
+ASSERTIONS
+     An assertion is  a  test  on  the  characters  following  or
+     preceding  the current matching point that does not actually
+     consume any characters. The simple assertions coded  as  \b,
+     \B,  \A,  \Z,  \z, ^ and $ are described above. More compli-
+     cated assertions are coded as  subpatterns.  There  are  two
+     kinds:  those that look ahead of the current position in the
+     subject string, and those that look behind it.
+
+     An assertion subpattern is matched in the normal way, except
+     that  it  does not cause the current matching position to be
+     changed. Lookahead assertions start with  (?=  for  positive
+     assertions and (?! for negative assertions. For example,
+
+       \w+(?=;)
+
+     matches a word followed by a semicolon, but does not include
+     the semicolon in the match, and
+
+       foo(?!bar)
+
+     matches any occurrence of "foo"  that  is  not  followed  by
+     "bar". Note that the apparently similar pattern
+
+       (?!foo)bar
+
+     does not find an occurrence of "bar"  that  is  preceded  by
+     something other than "foo"; it finds any occurrence of "bar"
+     whatsoever, because the assertion  (?!foo)  is  always  true
+     when  the  next  three  characters  are  "bar". A lookbehind
+     assertion is needed to achieve this effect.
+
+     Lookbehind assertions start with (?<=  for  positive  asser-
+     tions and (?<! for negative assertions. For example,
+
+       (?<!foo)bar
+
+     does find an occurrence of "bar" that  is  not  preceded  by
+     "foo". The contents of a lookbehind assertion are restricted
+     such that all the strings  it  matches  must  have  a  fixed
+     length.  However, if there are several alternatives, they do
+     not all have to have the same fixed length. Thus
+
+       (?<=bullock|donkey)
+
+     is permitted, but
+
+       (?<!dogs?|cats?)
+
+     causes an error at compile time. Branches  that  match  dif-
+     ferent length strings are permitted only at the top level of
+     a lookbehind assertion. This is an extension  compared  with
+     Perl  5.005,  which  requires all branches to match the same
+     length of string. An assertion such as
+
+       (?<=ab(c|de))
+
+     is not permitted, because its single  top-level  branch  can
+     match two different lengths, but it is acceptable if rewrit-
+     ten to use two top-level branches:
+
+       (?<=abc|abde)
+
+     The implementation of lookbehind  assertions  is,  for  each
+     alternative,  to  temporarily move the current position back
+     by the fixed width and then  try  to  match.  If  there  are
+     insufficient  characters  before  the  current position, the
+     match is deemed to fail.  Lookbehinds  in  conjunction  with
+     once-only  subpatterns can be particularly useful for match-
+     ing at the ends of strings; an example is given at  the  end
+     of the section on once-only subpatterns.
+
+     Several assertions (of any sort) may  occur  in  succession.
+     For example,
+
+       (?<=\d{3})(?<!999)foo
+
+     matches "foo" preceded by three digits that are  not  "999".
+     Notice  that each of the assertions is applied independently
+     at the same point in the subject string. First  there  is  a
+     check that the previous three characters are all digits, and
+     then there is a check that the same three characters are not
+     "999".   This  pattern  does not match "foo" preceded by six
+     characters, the first of which are digits and the last three
+     of  which  are  not  "999".  For  example,  it doesn't match
+     "123abcfoo". A pattern to do that is
+
+       (?<=\d{3}...)(?<!999)foo
+
+     This time the first assertion looks  at  the  preceding  six
+     characters,  checking  that  the first three are digits, and
+     then the second assertion checks that  the  preceding  three
+     characters are not "999".
+
+     Assertions can be nested in any combination. For example,
+
+       (?<=(?<!foo)bar)baz
+
+     matches an occurrence of "baz" that  is  preceded  by  "bar"
+     which in turn is not preceded by "foo", while
+
+       (?<=\d{3}(?!999)...)foo
+
+     is another pattern which matches  "foo"  preceded  by  three
+     digits and any three characters that are not "999".
+
+     Assertion subpatterns are not capturing subpatterns, and may
+     not  be  repeated,  because  it makes no sense to assert the
+     same thing several times. If any kind of assertion  contains
+     capturing  subpatterns  within it, these are counted for the
+     purposes of numbering the capturing subpatterns in the whole
+     pattern.   However,  substring capturing is carried out only
+     for positive assertions, because it does not make sense  for
+     negative assertions.
+
+     Assertions count towards the maximum  of  200  parenthesized
+     subpatterns.
+
+
+
+ONCE-ONLY SUBPATTERNS
+     With both maximizing and minimizing repetition,  failure  of
+     what  follows  normally  causes  the repeated item to be re-
+     evaluated to see if a different number of repeats allows the
+     rest  of  the  pattern  to  match. Sometimes it is useful to
+     prevent this, either to change the nature of the  match,  or
+     to  cause  it fail earlier than it otherwise might, when the
+     author of the pattern knows there is no  point  in  carrying
+     on.
+
+     Consider, for example, the pattern \d+foo  when  applied  to
+     the subject line
+
+       123456bar
+
+     After matching all 6 digits and then failing to match "foo",
+     the normal action of the matcher is to try again with only 5
+     digits matching the \d+ item, and then with 4,  and  so  on,
+     before ultimately failing. Once-only subpatterns provide the
+     means for specifying that once a portion of the pattern  has
+     matched,  it  is  not to be re-evaluated in this way, so the
+     matcher would give up immediately on failing to match  "foo"
+     the  first  time.  The  notation  is another kind of special
+     parenthesis, starting with (?> as in this example:
+
+       (?>\d+)bar
+
+     This kind of parenthesis "locks up" the  part of the pattern
+     it  contains once it has matched, and a failure further into
+     the  pattern  is  prevented  from  backtracking   into   it.
+     Backtracking  past  it  to previous items, however, works as
+     normal.
+
+     An alternative description is that a subpattern of this type
+     matches  the  string  of  characters that an identical stan-
+     dalone pattern would match, if anchored at the current point
+     in the subject string.
+
+     Once-only subpatterns are not capturing subpatterns.  Simple
+     cases  such as the above example can be thought of as a max-
+     imizing repeat that must  swallow  everything  it  can.  So,
+     while both \d+ and \d+? are prepared to adjust the number of
+     digits they match in order to make the rest of  the  pattern
+     match, (?>\d+) can only match an entire sequence of digits.
+
+     This construction can of course contain arbitrarily  compli-
+     cated subpatterns, and it can be nested.
+
+     Once-only subpatterns can be used in conjunction with  look-
+     behind  assertions  to specify efficient matching at the end
+     of the subject string. Consider a simple pattern such as
+
+       abcd$
+
+     when applied to a long string which does not match.  Because
+     matching  proceeds  from  left  to right, PCRE will look for
+     each "a" in the subject and then see if what follows matches
+     the rest of the pattern. If the pattern is specified as
+
+       ^.*abcd$
+
+     the initial .* matches the entire string at first, but  when
+     this  fails  (because  there  is no following "a"), it back-
+     tracks to match all but the last character, then all but the
+     last  two  characters,  and so on. Once again the search for
+     "a" covers the entire string, from right to left, so we  are
+     no better off. However, if the pattern is written as
+
+       ^(?>.*)(?<=abcd)
+
+     there can be no backtracking for the .* item; it  can  match
+     only  the entire string. The subsequent lookbehind assertion
+     does a single test on the last four characters. If it fails,
+     the match fails immediately. For long strings, this approach
+     makes a significant difference to the processing time.
+
+     When a pattern contains an unlimited repeat inside a subpat-
+     tern  that  can  itself  be  repeated an unlimited number of
+     times, the use of a once-only subpattern is the only way  to
+     avoid  some  failing matches taking a very long time indeed.
+     The pattern
+
+       (\D+|<\d+>)*[!?]
+
+     matches an unlimited number of substrings that  either  con-
+     sist  of  non-digits,  or digits enclosed in <>, followed by
+     either ! or ?. When it matches, it runs quickly. However, if
+     it is applied to
+
+       aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
+
+     it takes a long  time  before  reporting  failure.  This  is
+     because the string can be divided between the two repeats in
+     a large number of ways, and all have to be tried. (The exam-
+     ple  used  [!?]  rather  than a single character at the end,
+     because both PCRE and Perl have an optimization that  allows
+     for  fast  failure  when  a  single  character is used. They
+     remember the last single character that is  required  for  a
+     match,  and  fail early if it is not present in the string.)
+     If the pattern is changed to
+
+       ((?>\D+)|<\d+>)*[!?]
+
+     sequences of non-digits cannot be broken, and  failure  hap-
+     pens quickly.
+
+
+
+CONDITIONAL SUBPATTERNS
+     It is possible to cause the matching process to obey a  sub-
+     pattern  conditionally  or to choose between two alternative
+     subpatterns, depending on the result  of  an  assertion,  or
+     whether  a previous capturing subpattern matched or not. The
+     two possible forms of conditional subpattern are
+
+       (?(condition)yes-pattern)
+       (?(condition)yes-pattern|no-pattern)
+
+     If the condition is satisfied, the yes-pattern is used; oth-
+     erwise  the  no-pattern  (if  present) is used. If there are
+     more than two alternatives in the subpattern, a compile-time
+     error occurs.
+
+     There are two kinds of condition. If the  text  between  the
+     parentheses  consists of a sequence of digits, the condition
+     is satisfied if the capturing subpattern of that number  has
+     previously  matched.  The  number must be greater than zero.
+     Consider  the  following  pattern,   which   contains   non-
+     significant white space to make it more readable (assume the
+     PCRE_EXTENDED option) and to divide it into three parts  for
+     ease of discussion:
+
+       ( \( )?    [^()]+    (?(1) \) )
+
+     The first part matches an optional opening parenthesis,  and
+     if  that character is present, sets it as the first captured
+     substring. The second part matches one  or  more  characters
+     that  are  not  parentheses. The third part is a conditional
+     subpattern that tests whether the first set  of  parentheses
+     matched  or  not.  If  they did, that is, if subject started
+     with an opening parenthesis, the condition is true,  and  so
+     the  yes-pattern  is  executed  and a closing parenthesis is
+     required. Otherwise, since no-pattern is  not  present,  the
+     subpattern  matches  nothing.  In  other words, this pattern
+     matches a sequence of non-parentheses,  optionally  enclosed
+     in parentheses.
+
+     If the condition is not a sequence of digits, it must be  an
+     assertion.  This  may be a positive or negative lookahead or
+     lookbehind assertion. Consider this pattern, again  contain-
+     ing  non-significant  white space, and with the two alterna-
+     tives on the second line:
+
+       (?(?=[^a-z]*[a-z])
+       \d{2}-[a-z]{3}-\d{2}  |  \d{2}-\d{2}-\d{2} )
+
+     The condition is a positive lookahead assertion that matches
+     an optional sequence of non-letters followed by a letter. In
+     other words, it tests for  the  presence  of  at  least  one
+     letter  in the subject. If a letter is found, the subject is
+     matched against  the  first  alternative;  otherwise  it  is
+     matched  against the second. This pattern matches strings in
+     one of the two forms dd-aaa-dd or dd-dd-dd,  where  aaa  are
+     letters and dd are digits.
+
+
+
+COMMENTS
+     The sequence (?# marks the start of a comment which  contin-
+     ues  up  to the next closing parenthesis. Nested parentheses
+     are not permitted. The characters that  make  up  a  comment
+     play no part in the pattern matching at all.
+
+     If the PCRE_EXTENDED option is set, an unescaped # character
+     outside  a character class introduces a comment that contin-
+     ues up to the next newline character in the pattern.
+
+
+
+RECURSIVE PATTERNS
+     Consider the problem of matching a  string  in  parentheses,
+     allowing  for  unlimited nested parentheses. Without the use
+     of recursion, the best that can be done is to use a  pattern
+     that  matches  up  to some fixed depth of nesting. It is not
+     possible to handle an arbitrary nesting depth. Perl 5.6  has
+     provided   an  experimental  facility  that  allows  regular
+     expressions to recurse (amongst other things). It does  this
+     by  interpolating  Perl  code in the expression at run time,
+     and the code can refer to the expression itself. A Perl pat-
+     tern  to  solve  the parentheses problem can be created like
+     this:
+
+       $re = qr{\( (?: (?>[^()]+) | (?p{$re}) )* \)}x;
+
+     The (?p{...}) item interpolates Perl code at run  time,  and
+     in  this  case refers recursively to the pattern in which it
+     appears. Obviously, PCRE cannot support the interpolation of
+     Perl  code.  Instead,  the special item (?R) is provided for
+     the specific case of recursion. This PCRE pattern solves the
+     parentheses  problem (assume the PCRE_EXTENDED option is set
+     so that white space is ignored):
+
+       \( ( (?>[^()]+) | (?R) )* \)
+
+     First it matches an opening parenthesis. Then it matches any
+     number  of substrings which can either be a sequence of non-
+     parentheses, or a recursive  match  of  the  pattern  itself
+     (i.e. a correctly parenthesized substring). Finally there is
+     a closing parenthesis.
+
+     This particular example pattern  contains  nested  unlimited
+     repeats, and so the use of a once-only subpattern for match-
+     ing strings of non-parentheses is  important  when  applying
+     the  pattern to strings that do not match. For example, when
+     it is applied to
+
+       (aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa()
+
+     it yields "no match" quickly. However, if a  once-only  sub-
+     pattern  is  not  used,  the match runs for a very long time
+     indeed because there are so many different ways the + and  *
+     repeats  can carve up the subject, and all have to be tested
+     before failure can be reported.
+
+     The values set for any capturing subpatterns are those  from
+     the outermost level of the recursion at which the subpattern
+     value is set. If the pattern above is matched against
+
+       (ab(cd)ef)
+
+     the value for the capturing parentheses is  "ef",  which  is
+     the  last  value  taken  on  at the top level. If additional
+     parentheses are added, giving
+
+       \( ( ( (?>[^()]+) | (?R) )* ) \)
+          ^                        ^
+          ^                        ^ the string they  capture  is
+     "ab(cd)ef",  the  contents  of the top level parentheses. If
+     there are more than 15 capturing parentheses in  a  pattern,
+     PCRE  has  to  obtain  extra  memory  to store data during a
+     recursion, which it does by using  pcre_malloc,  freeing  it
+     via  pcre_free  afterwards. If no memory can be obtained, it
+     saves data for the first 15 capturing parentheses  only,  as
+     there is no way to give an out-of-memory error from within a
+     recursion.
+
+
+
+PERFORMANCE
+     Certain items that may appear in patterns are more efficient
+     than  others.  It is more efficient to use a character class
+     like [aeiou] than a set of alternatives such as (a|e|i|o|u).
+     In  general,  the  simplest  construction  that provides the
+     required behaviour is usually the  most  efficient.  Jeffrey
+     Friedl's  book contains a lot of discussion about optimizing
+     regular expressions for efficient performance.
+
+     When a pattern begins with .* and the PCRE_DOTALL option  is
+     set,  the  pattern  is implicitly anchored by PCRE, since it
+     can match only at the start of a subject string. However, if
+     PCRE_DOTALL  is not set, PCRE cannot make this optimization,
+     because the . metacharacter does not then match  a  newline,
+     and if the subject string contains newlines, the pattern may
+     match from the character immediately following one  of  them
+     instead of from the very start. For example, the pattern
+
+       (.*) second
+
+     matches the subject "first\nand second" (where \n stands for
+     a newline character) with the first captured substring being
+     "and". In order to do this, PCRE  has  to  retry  the  match
+     starting after every newline in the subject.
+
+     If you are using such a pattern with subject strings that do
+     not  contain  newlines,  the best performance is obtained by
+     setting PCRE_DOTALL, or starting the  pattern  with  ^.*  to
+     indicate  explicit anchoring. That saves PCRE from having to
+     scan along the subject looking for a newline to restart at.
+
+     Beware of patterns that contain nested  indefinite  repeats.
+     These  can  take a long time to run when applied to a string
+     that does not match. Consider the pattern fragment
+
+       (a+)*
+
+     This can match "aaaa" in 33 different ways, and this  number
+     increases  very  rapidly  as  the string gets longer. (The *
+     repeat can match 0, 1, 2, 3, or 4 times,  and  for  each  of
+     those  cases other than 0, the + repeats can match different
+     numbers of times.) When the remainder of the pattern is such
+     that  the entire match is going to fail, PCRE has in princi-
+     ple to try every possible variation, and this  can  take  an
+     extremely long time.
+
+     An optimization catches some of the more simple  cases  such
+     as
+
+       (a+)*b
+
+     where a literal character follows. Before embarking  on  the
+     standard matching procedure, PCRE checks that there is a "b"
+     later in the subject string, and if there is not,  it  fails
+     the  match  immediately. However, when there is no following
+     literal this optimization cannot be used. You  can  see  the
+     difference by comparing the behaviour of
+
+       (a+)*\d
+
+     with the pattern above. The former gives  a  failure  almost
+     instantly  when  applied  to a whole line of "a" characters,
+     whereas the latter takes an appreciable  time  with  strings
+     longer than about 20 characters.
+
+
+
+UTF-8 SUPPORT
+     Starting at release 3.3, PCRE has some support for character
+     strings encoded in the UTF-8 format. This is incomplete, and
+     is regarded as experimental. In order to use  it,  you  must
+     configure PCRE to include UTF-8 support in the code, and, in
+     addition, you must call pcre_compile()  with  the  PCRE_UTF8
+     option flag. When you do this, both the pattern and any sub-
+     ject strings that are matched  against  it  are  treated  as
+     UTF-8  strings instead of just strings of bytes, but only in
+     the cases that are mentioned below.
+
+     If you compile PCRE with UTF-8 support, but do not use it at
+     run  time,  the  library will be a bit bigger, but the addi-
+     tional run time overhead is limited to testing the PCRE_UTF8
+     flag in several places, so should not be very large.
+
+     PCRE assumes that the strings  it  is  given  contain  valid
+     UTF-8  codes. It does not diagnose invalid UTF-8 strings. If
+     you pass invalid UTF-8 strings  to  PCRE,  the  results  are
+     undefined.
+
+     Running with PCRE_UTF8 set causes these changes in  the  way
+     PCRE works:
+
+     1. In a pattern, the escape sequence \x{...}, where the con-
+     tents  of  the  braces is a string of hexadecimal digits, is
+     interpreted as a UTF-8 character whose code  number  is  the
+     given   hexadecimal  number,  for  example:  \x{1234}.  This
+     inserts from one to six  literal  bytes  into  the  pattern,
+     using the UTF-8 encoding. If a non-hexadecimal digit appears
+     between the braces, the item is not recognized.
+
+     2. The original hexadecimal escape sequence, \xhh, generates
+     a two-byte UTF-8 character if its value is greater than 127.
+
+     3. Repeat quantifiers are NOT correctly handled if they fol-
+     low  a  multibyte character. For example, \x{100}* and \xc3+
+     do not work. If you want to repeat such characters, you must
+     enclose  them  in  non-capturing  parentheses,  for  example
+     (?:\x{100}), at present.
+
+     4. The dot metacharacter matches one UTF-8 character instead
+     of a single byte.
+
+     5. Unlike literal UTF-8 characters,  the  dot  metacharacter
+     followed  by  a  repeat quantifier does operate correctly on
+     UTF-8 characters instead of single bytes.
+
+     4. Although the \x{...} escape is permitted in  a  character
+     class,  characters  whose values are greater than 255 cannot
+     be included in a class.
+
+     5. A class is matched against a UTF-8 character  instead  of
+     just  a  single byte, but it can match only characters whose
+     values are less than 256.  Characters  with  greater  values
+     always fail to match a class.
+
+     6. Repeated classes work correctly on multiple characters.
+
+     7. Classes containing just a single character whose value is
+     greater than 127 (but less than 256), for example, [\x80] or
+     [^\x{93}], do not work because these are optimized into sin-
+     gle  byte  matches.  In the first case, of course, the class
+     brackets are just redundant.
+
+     8. Lookbehind assertions move backwards in the subject by  a
+     fixed  number  of  characters  instead  of a fixed number of
+     bytes. Simple cases have been tested to work correctly,  but
+     there may be hidden gotchas herein.
+
+     9. The character types  such  as  \d  and  \w  do  not  work
+     correctly  with  UTF-8  characters.  They continue to test a
+     single byte.
+
+     10. Anything not explicitly mentioned here continues to work
+     in bytes rather than in characters.
+
+     The following UTF-8 features of  Perl  5.6  are  not  imple-
+     mented:
+     1. The escape sequence \C to match a single byte.
+
+     2. The use of Unicode tables and properties and escapes  \p,
+     \P, and \X.
+
+
+
+AUTHOR
+     Philip Hazel <ph10 at cam.ac.uk>
+     University Computing Service,
+     New Museums Site,
+     Cambridge CB2 3QG, England.
+     Phone: +44 1223 334714
+
+     Last updated: 28 August 2000,
+       the 250th anniversary of the death of J.S. Bach.
+     Copyright (c) 1997-2000 University of Cambridge.
diff --git a/external/privoxy/pcre/doc/pcregrep.1 b/external/privoxy/pcre/doc/pcregrep.1
new file mode 100644
index 0000000..ec733fa
--- /dev/null
+++ b/external/privoxy/pcre/doc/pcregrep.1
@@ -0,0 +1,76 @@
+.TH PCREGREP 1
+.SH NAME
+pcregrep - a grep with Perl-compatible regular expressions.
+.SH SYNOPSIS
+.B pcregrep [-Vchilnsvx] pattern [file] ...
+
+
+.SH DESCRIPTION
+\fBpcregrep\fR searches files for character patterns, in the same way as other
+grep commands do, but it uses the PCRE regular expression library to support
+patterns that are compatible with the regular expressions of Perl 5. See
+\fBpcre(3)\fR for a full description of syntax and semantics.
+
+If no files are specified, \fBpcregrep\fR reads the standard input. By default,
+each line that matches the pattern is copied to the standard output, and if
+there is more than one file, the file name is printed before each line of
+output. However, there are options that can change how \fBpcregrep\fR behaves.
+
+Lines are limited to BUFSIZ characters. BUFSIZ is defined in \fB<stdio.h>\fR.
+The newline character is removed from the end of each line before it is matched
+against the pattern.
+
+
+.SH OPTIONS
+.TP 10
+\fB-V\fR
+Write the version number of the PCRE library being used to the standard error
+stream.
+.TP
+\fB-c\fR
+Do not print individual lines; instead just print a count of the number of
+lines that would otherwise have been printed. If several files are given, a
+count is printed for each of them.
+.TP
+\fB-h\fR
+Suppress printing of filenames when searching multiple files.
+.TP
+\fB-i\fR
+Ignore upper/lower case distinctions during comparisons.
+.TP
+\fB-l\fR
+Instead of printing lines from the files, just print the names of the files
+containing lines that would have been printed. Each file name is printed
+once, on a separate line.
+.TP
+\fB-n\fR
+Precede each line by its line number in the file.
+.TP
+\fB-s\fR
+Work silently, that is, display nothing except error messages.
+The exit status indicates whether any matches were found.
+.TP
+\fB-v\fR
+Invert the sense of the match, so that lines which do \fInot\fR match the
+pattern are now the ones that are found.
+.TP
+\fB-x\fR
+Force the pattern to be anchored (it must start matching at the beginning of
+the line) and in addition, require it to match the entire line. This is
+equivalent to having ^ and $ characters at the start and end of each
+alternative branch in the regular expression.
+
+
+.SH SEE ALSO
+\fBpcre(3)\fR, Perl 5 documentation
+
+
+.SH DIAGNOSTICS
+Exit status is 0 if any matches were found, 1 if no matches were found, and 2
+for syntax errors or inacessible files (even if matches were found).
+
+
+.SH AUTHOR
+Philip Hazel <ph10 at cam.ac.uk>
+.br
+Copyright (c) 1997-2000 University of Cambridge.
diff --git a/external/privoxy/pcre/doc/pcregrep.html b/external/privoxy/pcre/doc/pcregrep.html
new file mode 100644
index 0000000..19f733c
--- /dev/null
+++ b/external/privoxy/pcre/doc/pcregrep.html
@@ -0,0 +1,105 @@
+<HTML>
+<HEAD>
+<TITLE>pcregrep specification</TITLE>
+</HEAD>
+<body bgcolor="#FFFFFF" text="#00005A">
+<H1>pcregrep specification</H1>
+This HTML document has been generated automatically from the original man page.
+If there is any nonsense in it, please consult the man page in case the
+conversion went wrong.
+<UL>
+<LI><A NAME="TOC1" HREF="#SEC1">NAME</A>
+<LI><A NAME="TOC2" HREF="#SEC2">SYNOPSIS</A>
+<LI><A NAME="TOC3" HREF="#SEC3">DESCRIPTION</A>
+<LI><A NAME="TOC4" HREF="#SEC4">OPTIONS</A>
+<LI><A NAME="TOC5" HREF="#SEC5">SEE ALSO</A>
+<LI><A NAME="TOC6" HREF="#SEC6">DIAGNOSTICS</A>
+<LI><A NAME="TOC7" HREF="#SEC7">AUTHOR</A>
+</UL>
+<LI><A NAME="SEC1" HREF="#TOC1">NAME</A>
+<P>
+pcregrep - a grep with Perl-compatible regular expressions.
+</P>
+<LI><A NAME="SEC2" HREF="#TOC1">SYNOPSIS</A>
+<P>
+<B>pcregrep [-Vchilnsvx] pattern [file] ...</B>
+</P>
+<LI><A NAME="SEC3" HREF="#TOC1">DESCRIPTION</A>
+<P>
+<B>pcregrep</B> searches files for character patterns, in the same way as other
+grep commands do, but it uses the PCRE regular expression library to support
+patterns that are compatible with the regular expressions of Perl 5. See
+<B>pcre(3)</B> for a full description of syntax and semantics.
+</P>
+<P>
+If no files are specified, <B>pcregrep</B> reads the standard input. By default,
+each line that matches the pattern is copied to the standard output, and if
+there is more than one file, the file name is printed before each line of
+output. However, there are options that can change how <B>pcregrep</B> behaves.
+</P>
+<P>
+Lines are limited to BUFSIZ characters. BUFSIZ is defined in <B><stdio.h></B>.
+The newline character is removed from the end of each line before it is matched
+against the pattern.
+</P>
+<LI><A NAME="SEC4" HREF="#TOC1">OPTIONS</A>
+<P>
+<B>-V</B>
+Write the version number of the PCRE library being used to the standard error
+stream.
+</P>
+<P>
+<B>-c</B>
+Do not print individual lines; instead just print a count of the number of
+lines that would otherwise have been printed. If several files are given, a
+count is printed for each of them.
+</P>
+<P>
+<B>-h</B>
+Suppress printing of filenames when searching multiple files.
+</P>
+<P>
+<B>-i</B>
+Ignore upper/lower case distinctions during comparisons.
+</P>
+<P>
+<B>-l</B>
+Instead of printing lines from the files, just print the names of the files
+containing lines that would have been printed. Each file name is printed
+once, on a separate line.
+</P>
+<P>
+<B>-n</B>
+Precede each line by its line number in the file.
+</P>
+<P>
+<B>-s</B>
+Work silently, that is, display nothing except error messages.
+The exit status indicates whether any matches were found.
+</P>
+<P>
+<B>-v</B>
+Invert the sense of the match, so that lines which do <I>not</I> match the
+pattern are now the ones that are found.
+</P>
+<P>
+<B>-x</B>
+Force the pattern to be anchored (it must start matching at the beginning of
+the line) and in addition, require it to match the entire line. This is
+equivalent to having ^ and $ characters at the start and end of each
+alternative branch in the regular expression.
+</P>
+<LI><A NAME="SEC5" HREF="#TOC1">SEE ALSO</A>
+<P>
+<B>pcre(3)</B>, Perl 5 documentation
+</P>
+<LI><A NAME="SEC6" HREF="#TOC1">DIAGNOSTICS</A>
+<P>
+Exit status is 0 if any matches were found, 1 if no matches were found, and 2
+for syntax errors or inacessible files (even if matches were found).
+</P>
+<LI><A NAME="SEC7" HREF="#TOC1">AUTHOR</A>
+<P>
+Philip Hazel <ph10 at cam.ac.uk>
+<BR>
+Copyright (c) 1997-2000 University of Cambridge.
diff --git a/external/privoxy/pcre/doc/pcregrep.txt b/external/privoxy/pcre/doc/pcregrep.txt
new file mode 100644
index 0000000..871350c
--- /dev/null
+++ b/external/privoxy/pcre/doc/pcregrep.txt
@@ -0,0 +1,87 @@
+NAME
+     pcregrep - a grep with Perl-compatible regular expressions.
+
+
+
+SYNOPSIS
+     pcregrep [-Vchilnsvx] pattern [file] ...
+
+
+
+DESCRIPTION
+     pcregrep searches files for character patterns, in the  same
+     way  as other grep commands do, but it uses the PCRE regular
+     expression library to support patterns that  are  compatible
+     with  the  regular  expressions of Perl 5. See pcre(3) for a
+     full description of syntax and semantics.
+
+     If no files  are  specified,  pcregrep  reads  the  standard
+     input.  By  default,  each  line that matches the pattern is
+     copied to the standard output, and if there is more than one
+     file,  the  file name is printed before each line of output.
+     However, there are options  that  can  change  how  pcregrep
+     behaves.
+
+     Lines are limited to BUFSIZ characters. BUFSIZ is defined in
+     <stdio.h>.  The newline character is removed from the end of
+     each line before it is matched against the pattern.
+
+
+
+OPTIONS
+     -V        Write the version number of the PCRE library being
+               used to the standard error stream.
+
+     -c        Do not print individual lines; instead just  print
+               a  count  of the number of lines that would other-
+               wise have  been  printed.  If  several  files  are
+               given, a count is printed for each of them.
+
+     -h        Suppress printing of filenames when searching mul-
+               tiple files.
+
+     -i        Ignore upper/lower case distinctions  during  com-
+               parisons.
+
+     -l        Instead of printing lines  from  the  files,  just
+               print the names of the files containing lines that
+               would have been printed. Each file name is printed
+               once, on a separate line.
+
+     -n        Precede each line by its line number in the file.
+
+     -s        Work silently, that  is,  display  nothing  except
+               error messages.  The exit status indicates whether
+               any matches were found.
+
+     -v        Invert the sense of the match, so that lines which
+               do not match the pattern are now the ones that are
+               found.
+
+     -x        Force the pattern to be anchored  (it  must  start
+               matching  at  the  beginning  of  the line) and in
+               addition, require it to  match  the  entire  line.
+               This is equivalent to having ^ and $ characters at
+               the start and end of each  alternative  branch  in
+               the regular expression.
+
+
+
+SEE ALSO
+     pcre(3), Perl 5 documentation
+
+
+
+
+
+DIAGNOSTICS
+     Exit status is 0 if any matches were found, 1 if no  matches
+     were  found,  and  2  for syntax errors or inacessible files
+     (even if matches were found).
+
+
+
+AUTHOR
+     Philip Hazel <ph10 at cam.ac.uk>
+     Copyright (c) 1997-2000 University of Cambridge.
+
diff --git a/external/privoxy/pcre/doc/pcreposix.3 b/external/privoxy/pcre/doc/pcreposix.3
new file mode 100644
index 0000000..4853a97
--- /dev/null
+++ b/external/privoxy/pcre/doc/pcreposix.3
@@ -0,0 +1,149 @@
+.TH PCRE 3
+.SH NAME
+pcreposix - POSIX API for Perl-compatible regular expressions.
+.SH SYNOPSIS
+.B #include <pcreposix.h>
+.PP
+.SM
+.br
+.B int regcomp(regex_t *\fIpreg\fR, const char *\fIpattern\fR,
+.ti +5n
+.B int \fIcflags\fR);
+.PP
+.br
+.B int regexec(regex_t *\fIpreg\fR, const char *\fIstring\fR,
+.ti +5n
+.B size_t \fInmatch\fR, regmatch_t \fIpmatch\fR[], int \fIeflags\fR);
+.PP
+.br
+.B size_t regerror(int \fIerrcode\fR, const regex_t *\fIpreg\fR,
+.ti +5n
+.B char *\fIerrbuf\fR, size_t \fIerrbuf_size\fR);
+.PP
+.br
+.B void regfree(regex_t *\fIpreg\fR);
+
+
+.SH DESCRIPTION
+This set of functions provides a POSIX-style API to the PCRE regular expression
+package. See the \fBpcre\fR documentation for a description of the native API,
+which contains additional functionality.
+
+The functions described here are just wrapper functions that ultimately call
+the native API. Their prototypes are defined in the \fBpcreposix.h\fR header
+file, and on Unix systems the library itself is called \fBpcreposix.a\fR, so
+can be accessed by adding \fB-lpcreposix\fR to the command for linking an
+application which uses them. Because the POSIX functions call the native ones,
+it is also necessary to add \fR-lpcre\fR.
+
+I have implemented only those option bits that can be reasonably mapped to PCRE
+native options. In addition, the options REG_EXTENDED and REG_NOSUB are defined
+with the value zero. They have no effect, but since programs that are written
+to the POSIX interface often use them, this makes it easier to slot in PCRE as
+a replacement library. Other POSIX options are not even defined.
+
+When PCRE is called via these functions, it is only the API that is POSIX-like
+in style. The syntax and semantics of the regular expressions themselves are
+still those of Perl, subject to the setting of various PCRE options, as
+described below.
+
+The header for these functions is supplied as \fBpcreposix.h\fR to avoid any
+potential clash with other POSIX libraries. It can, of course, be renamed or
+aliased as \fBregex.h\fR, which is the "correct" name. It provides two
+structure types, \fIregex_t\fR for compiled internal forms, and
+\fIregmatch_t\fR for returning captured substrings. It also defines some
+constants whose names start with "REG_"; these are used for setting options and
+identifying error codes.
+
+
+.SH COMPILING A PATTERN
+
+The function \fBregcomp()\fR is called to compile a pattern into an
+internal form. The pattern is a C string terminated by a binary zero, and
+is passed in the argument \fIpattern\fR. The \fIpreg\fR argument is a pointer
+to a regex_t structure which is used as a base for storing information about
+the compiled expression.
+
+The argument \fIcflags\fR is either zero, or contains one or more of the bits
+defined by the following macros:
+
+  REG_ICASE
+
+The PCRE_CASELESS option is set when the expression is passed for compilation
+to the native function.
+
+  REG_NEWLINE
+
+The PCRE_MULTILINE option is set when the expression is passed for compilation
+to the native function.
+
+In the absence of these flags, no options are passed to the native function.
+This means the the regex is compiled with PCRE default semantics. In
+particular, the way it handles newline characters in the subject string is the
+Perl way, not the POSIX way. Note that setting PCRE_MULTILINE has only
+\fIsome\fR of the effects specified for REG_NEWLINE. It does not affect the way
+newlines are matched by . (they aren't) or a negative class such as [^a] (they
+are).
+
+The yield of \fBregcomp()\fR is zero on success, and non-zero otherwise. The
+\fIpreg\fR structure is filled in on success, and one member of the structure
+is publicized: \fIre_nsub\fR contains the number of capturing subpatterns in
+the regular expression. Various error codes are defined in the header file.
+
+
+.SH MATCHING A PATTERN
+The function \fBregexec()\fR is called to match a pre-compiled pattern
+\fIpreg\fR against a given \fIstring\fR, which is terminated by a zero byte,
+subject to the options in \fIeflags\fR. These can be:
+
+  REG_NOTBOL
+
+The PCRE_NOTBOL option is set when calling the underlying PCRE matching
+function.
+
+  REG_NOTEOL
+
+The PCRE_NOTEOL option is set when calling the underlying PCRE matching
+function.
+
+The portion of the string that was matched, and also any captured substrings,
+are returned via the \fIpmatch\fR argument, which points to an array of
+\fInmatch\fR structures of type \fIregmatch_t\fR, containing the members
+\fIrm_so\fR and \fIrm_eo\fR. These contain the offset to the first character of
+each substring and the offset to the first character after the end of each
+substring, respectively. The 0th element of the vector relates to the entire
+portion of \fIstring\fR that was matched; subsequent elements relate to the
+capturing subpatterns of the regular expression. Unused entries in the array
+have both structure members set to -1.
+
+A successful match yields a zero return; various error codes are defined in the
+header file, of which REG_NOMATCH is the "expected" failure code.
+
+
+.SH ERROR MESSAGES
+The \fBregerror()\fR function maps a non-zero errorcode from either
+\fBregcomp\fR or \fBregexec\fR to a printable message. If \fIpreg\fR is not
+NULL, the error should have arisen from the use of that structure. A message
+terminated by a binary zero is placed in \fIerrbuf\fR. The length of the
+message, including the zero, is limited to \fIerrbuf_size\fR. The yield of the
+function is the size of buffer needed to hold the whole message.
+
+
+.SH STORAGE
+Compiling a regular expression causes memory to be allocated and associated
+with the \fIpreg\fR structure. The function \fBregfree()\fR frees all such
+memory, after which \fIpreg\fR may no longer be used as a compiled expression.
+
+
+.SH AUTHOR
+Philip Hazel <ph10 at cam.ac.uk>
+.br
+University Computing Service,
+.br
+New Museums Site,
+.br
+Cambridge CB2 3QG, England.
+.br
+Phone: +44 1223 334714
+
+Copyright (c) 1997-2000 University of Cambridge.
diff --git a/external/privoxy/pcre/doc/pcreposix.html b/external/privoxy/pcre/doc/pcreposix.html
new file mode 100644
index 0000000..79ff544
--- /dev/null
+++ b/external/privoxy/pcre/doc/pcreposix.html
@@ -0,0 +1,191 @@
+<HTML>
+<HEAD>
+<TITLE>pcreposix specification</TITLE>
+</HEAD>
+<body bgcolor="#FFFFFF" text="#00005A">
+<H1>pcreposix specification</H1>
+This HTML document has been generated automatically from the original man page.
+If there is any nonsense in it, please consult the man page in case the
+conversion went wrong.
+<UL>
+<LI><A NAME="TOC1" HREF="#SEC1">NAME</A>
+<LI><A NAME="TOC2" HREF="#SEC2">SYNOPSIS</A>
+<LI><A NAME="TOC3" HREF="#SEC3">DESCRIPTION</A>
+<LI><A NAME="TOC4" HREF="#SEC4">COMPILING A PATTERN</A>
+<LI><A NAME="TOC5" HREF="#SEC5">MATCHING A PATTERN</A>
+<LI><A NAME="TOC6" HREF="#SEC6">ERROR MESSAGES</A>
+<LI><A NAME="TOC7" HREF="#SEC7">STORAGE</A>
+<LI><A NAME="TOC8" HREF="#SEC8">AUTHOR</A>
+</UL>
+<LI><A NAME="SEC1" HREF="#TOC1">NAME</A>
+<P>
+pcreposix - POSIX API for Perl-compatible regular expressions.
+</P>
+<LI><A NAME="SEC2" HREF="#TOC1">SYNOPSIS</A>
+<P>
+<B>#include <pcreposix.h></B>
+</P>
+<P>
+<B>int regcomp(regex_t *<I>preg</I>, const char *<I>pattern</I>,</B>
+<B>int <I>cflags</I>);</B>
+</P>
+<P>
+<B>int regexec(regex_t *<I>preg</I>, const char *<I>string</I>,</B>
+<B>size_t <I>nmatch</I>, regmatch_t <I>pmatch</I>[], int <I>eflags</I>);</B>
+</P>
+<P>
+<B>size_t regerror(int <I>errcode</I>, const regex_t *<I>preg</I>,</B>
+<B>char *<I>errbuf</I>, size_t <I>errbuf_size</I>);</B>
+</P>
+<P>
+<B>void regfree(regex_t *<I>preg</I>);</B>
+</P>
+<LI><A NAME="SEC3" HREF="#TOC1">DESCRIPTION</A>
+<P>
+This set of functions provides a POSIX-style API to the PCRE regular expression
+package. See the <B>pcre</B> documentation for a description of the native API,
+which contains additional functionality.
+</P>
+<P>
+The functions described here are just wrapper functions that ultimately call
+the native API. Their prototypes are defined in the <B>pcreposix.h</B> header
+file, and on Unix systems the library itself is called <B>pcreposix.a</B>, so
+can be accessed by adding <B>-lpcreposix</B> to the command for linking an
+application which uses them. Because the POSIX functions call the native ones,
+it is also necessary to add \fR-lpcre\fR.
+</P>
+<P>
+I have implemented only those option bits that can be reasonably mapped to PCRE
+native options. In addition, the options REG_EXTENDED and REG_NOSUB are defined
+with the value zero. They have no effect, but since programs that are written
+to the POSIX interface often use them, this makes it easier to slot in PCRE as
+a replacement library. Other POSIX options are not even defined.
+</P>
+<P>
+When PCRE is called via these functions, it is only the API that is POSIX-like
+in style. The syntax and semantics of the regular expressions themselves are
+still those of Perl, subject to the setting of various PCRE options, as
+described below.
+</P>
+<P>
+The header for these functions is supplied as <B>pcreposix.h</B> to avoid any
+potential clash with other POSIX libraries. It can, of course, be renamed or
+aliased as <B>regex.h</B>, which is the "correct" name. It provides two
+structure types, <I>regex_t</I> for compiled internal forms, and
+<I>regmatch_t</I> for returning captured substrings. It also defines some
+constants whose names start with "REG_"; these are used for setting options and
+identifying error codes.
+</P>
+<LI><A NAME="SEC4" HREF="#TOC1">COMPILING A PATTERN</A>
+<P>
+The function <B>regcomp()</B> is called to compile a pattern into an
+internal form. The pattern is a C string terminated by a binary zero, and
+is passed in the argument <I>pattern</I>. The <I>preg</I> argument is a pointer
+to a regex_t structure which is used as a base for storing information about
+the compiled expression.
+</P>
+<P>
+The argument <I>cflags</I> is either zero, or contains one or more of the bits
+defined by the following macros:
+</P>
+<P>
+<PRE>
+  REG_ICASE
+</PRE>
+</P>
+<P>
+The PCRE_CASELESS option is set when the expression is passed for compilation
+to the native function.
+</P>
+<P>
+<PRE>
+  REG_NEWLINE
+</PRE>
+</P>
+<P>
+The PCRE_MULTILINE option is set when the expression is passed for compilation
+to the native function.
+</P>
+<P>
+In the absence of these flags, no options are passed to the native function.
+This means the the regex is compiled with PCRE default semantics. In
+particular, the way it handles newline characters in the subject string is the
+Perl way, not the POSIX way. Note that setting PCRE_MULTILINE has only
+<I>some</I> of the effects specified for REG_NEWLINE. It does not affect the way
+newlines are matched by . (they aren't) or a negative class such as [^a] (they
+are).
+</P>
+<P>
+The yield of <B>regcomp()</B> is zero on success, and non-zero otherwise. The
+<I>preg</I> structure is filled in on success, and one member of the structure
+is publicized: <I>re_nsub</I> contains the number of capturing subpatterns in
+the regular expression. Various error codes are defined in the header file.
+</P>
+<LI><A NAME="SEC5" HREF="#TOC1">MATCHING A PATTERN</A>
+<P>
+The function <B>regexec()</B> is called to match a pre-compiled pattern
+<I>preg</I> against a given <I>string</I>, which is terminated by a zero byte,
+subject to the options in <I>eflags</I>. These can be:
+</P>
+<P>
+<PRE>
+  REG_NOTBOL
+</PRE>
+</P>
+<P>
+The PCRE_NOTBOL option is set when calling the underlying PCRE matching
+function.
+</P>
+<P>
+<PRE>
+  REG_NOTEOL
+</PRE>
+</P>
+<P>
+The PCRE_NOTEOL option is set when calling the underlying PCRE matching
+function.
+</P>
+<P>
+The portion of the string that was matched, and also any captured substrings,
+are returned via the <I>pmatch</I> argument, which points to an array of
+<I>nmatch</I> structures of type <I>regmatch_t</I>, containing the members
+<I>rm_so</I> and <I>rm_eo</I>. These contain the offset to the first character of
+each substring and the offset to the first character after the end of each
+substring, respectively. The 0th element of the vector relates to the entire
+portion of <I>string</I> that was matched; subsequent elements relate to the
+capturing subpatterns of the regular expression. Unused entries in the array
+have both structure members set to -1.
+</P>
+<P>
+A successful match yields a zero return; various error codes are defined in the
+header file, of which REG_NOMATCH is the "expected" failure code.
+</P>
+<LI><A NAME="SEC6" HREF="#TOC1">ERROR MESSAGES</A>
+<P>
+The <B>regerror()</B> function maps a non-zero errorcode from either
+<B>regcomp</B> or <B>regexec</B> to a printable message. If <I>preg</I> is not
+NULL, the error should have arisen from the use of that structure. A message
+terminated by a binary zero is placed in <I>errbuf</I>. The length of the
+message, including the zero, is limited to <I>errbuf_size</I>. The yield of the
+function is the size of buffer needed to hold the whole message.
+</P>
+<LI><A NAME="SEC7" HREF="#TOC1">STORAGE</A>
+<P>
+Compiling a regular expression causes memory to be allocated and associated
+with the <I>preg</I> structure. The function <B>regfree()</B> frees all such
+memory, after which <I>preg</I> may no longer be used as a compiled expression.
+</P>
+<LI><A NAME="SEC8" HREF="#TOC1">AUTHOR</A>
+<P>
+Philip Hazel <ph10 at cam.ac.uk>
+<BR>
+University Computing Service,
+<BR>
+New Museums Site,
+<BR>
+Cambridge CB2 3QG, England.
+<BR>
+Phone: +44 1223 334714
+</P>
+<P>
+Copyright (c) 1997-2000 University of Cambridge.
diff --git a/external/privoxy/pcre/doc/pcreposix.txt b/external/privoxy/pcre/doc/pcreposix.txt
new file mode 100644
index 0000000..2d76f7c
--- /dev/null
+++ b/external/privoxy/pcre/doc/pcreposix.txt
@@ -0,0 +1,159 @@
+NAME
+     pcreposix - POSIX API for  Perl-compatible  regular  expres-
+     sions.
+
+
+
+SYNOPSIS
+     #include <pcreposix.h>
+
+     int regcomp(regex_t *preg, const char *pattern,
+          int cflags);
+
+     int regexec(regex_t *preg, const char *string,
+          size_t nmatch, regmatch_t pmatch[], int eflags);
+
+     size_t regerror(int errcode, const regex_t *preg,
+          char *errbuf, size_t errbuf_size);
+
+     void regfree(regex_t *preg);
+
+
+
+DESCRIPTION
+     This set of functions provides a POSIX-style API to the PCRE
+     regular expression package. See the pcre documentation for a
+     description of the native  API,  which  contains  additional
+     functionality.
+
+     The functions described here are just wrapper functions that
+     ultimately call the native API. Their prototypes are defined
+     in the pcreposix.h header file,  and  on  Unix  systems  the
+     library  itself is called pcreposix.a, so can be accessed by
+     adding -lpcreposix to the command for linking an application
+     which uses them. Because the POSIX functions call the native
+     ones, it is also necessary to add -lpcre.
+
+     I have implemented only those option bits that can  be  rea-
+     sonably  mapped  to  PCRE  native  options. In addition, the
+     options REG_EXTENDED and  REG_NOSUB  are  defined  with  the
+     value zero. They have no effect, but since programs that are
+     written to the POSIX interface often use them, this makes it
+     easier to slot in PCRE as a replacement library. Other POSIX
+     options are not even defined.
+
+     When PCRE is called via these functions, it is only the  API
+     that is POSIX-like in style. The syntax and semantics of the
+     regular expressions themselves are still those of Perl, sub-
+     ject  to  the  setting of various PCRE options, as described
+     below.
+
+     The header for these functions is supplied as pcreposix.h to
+     avoid  any  potential  clash  with other POSIX libraries. It
+     can, of course, be renamed or aliased as regex.h,  which  is
+     the "correct" name. It provides two structure types, regex_t
+     for compiled internal forms, and  regmatch_t  for  returning
+     captured  substrings.  It  also defines some constants whose
+     names start with "REG_"; these are used for setting  options
+     and identifying error codes.
+
+
+
+COMPILING A PATTERN
+     The function regcomp() is called to compile a  pattern  into
+     an  internal form. The pattern is a C string terminated by a
+     binary zero, and is passed in the argument pattern. The preg
+     argument  is  a pointer to a regex_t structure which is used
+     as a base for storing information about the compiled expres-
+     sion.
+
+     The argument cflags is either zero, or contains one or  more
+     of the bits defined by the following macros:
+
+       REG_ICASE
+
+     The PCRE_CASELESS option  is  set  when  the  expression  is
+     passed for compilation to the native function.
+
+       REG_NEWLINE
+
+     The PCRE_MULTILINE option is  set  when  the  expression  is
+     passed for compilation to the native function.
+
+     In the absence of these flags, no options are passed to  the
+     native  function.  This means the the regex is compiled with
+     PCRE default semantics. In particular, the  way  it  handles
+     newline  characters  in  the subject string is the Perl way,
+     not the POSIX way. Note that setting PCRE_MULTILINE has only
+     some  of  the effects specified for REG_NEWLINE. It does not
+     affect the way newlines are matched by . (they aren't) or  a
+     negative class such as [^a] (they are).
+
+     The yield of regcomp() is zero on success, and non-zero oth-
+     erwise.  The preg structure is filled in on success, and one
+     member of the structure is publicized: re_nsub contains  the
+     number  of  capturing subpatterns in the regular expression.
+     Various error codes are defined in the header file.
+
+
+
+MATCHING A PATTERN
+     The function regexec() is called  to  match  a  pre-compiled
+     pattern  preg against a given string, which is terminated by
+     a zero byte, subject to the options in eflags. These can be:
+
+       REG_NOTBOL
+
+     The PCRE_NOTBOL option is set when  calling  the  underlying
+     PCRE matching function.
+
+       REG_NOTEOL
+
+     The PCRE_NOTEOL option is set when  calling  the  underlying
+     PCRE matching function.
+
+     The portion of the string that was  matched,  and  also  any
+     captured  substrings,  are returned via the pmatch argument,
+     which points to  an  array  of  nmatch  structures  of  type
+     regmatch_t,  containing  the  members rm_so and rm_eo. These
+     contain the offset to the first character of each  substring
+     and  the offset to the first character after the end of each
+     substring, respectively.  The  0th  element  of  the  vector
+     relates  to  the  entire portion of string that was matched;
+     subsequent elements relate to the capturing  subpatterns  of
+     the  regular  expression.  Unused  entries in the array have
+     both structure members set to -1.
+
+     A successful match yields a zero return; various error codes
+     are  defined in the header file, of which REG_NOMATCH is the
+     "expected" failure code.
+
+
+
+ERROR MESSAGES
+     The regerror()  function  maps  a  non-zero  errorcode  from
+     either regcomp or regexec to a printable message. If preg is
+     not NULL, the error should have arisen from the use of  that
+     structure.  A  message terminated by a binary zero is placed
+     in errbuf. The length of the message, including the zero, is
+     limited  to  errbuf_size.  The  yield of the function is the
+     size of buffer needed to hold the whole message.
+
+
+
+STORAGE
+     Compiling a regular expression causes memory to be allocated
+     and  associated  with  the preg structure. The function reg-
+     free() frees all such memory, after which preg may no longer
+     be used as a compiled expression.
+
+
+
+AUTHOR
+     Philip Hazel <ph10 at cam.ac.uk>
+     University Computing Service,
+     New Museums Site,
+     Cambridge CB2 3QG, England.
+     Phone: +44 1223 334714
+
+     Copyright (c) 1997-2000 University of Cambridge.
diff --git a/external/privoxy/pcre/doc/pcretest.txt b/external/privoxy/pcre/doc/pcretest.txt
new file mode 100644
index 0000000..722e6b8
--- /dev/null
+++ b/external/privoxy/pcre/doc/pcretest.txt
@@ -0,0 +1,246 @@
+The pcretest program
+--------------------
+
+This program is intended for testing PCRE, but it can also be used for
+experimenting with regular expressions.
+
+If it is given two filename arguments, it reads from the first and writes to
+the second. If it is given only one filename argument, it reads from that file
+and writes to stdout. Otherwise, it reads from stdin and writes to stdout, and
+prompts for each line of input, using "re>" to prompt for regular expressions,
+and "data>" to prompt for data lines.
+
+The program handles any number of sets of input on a single input file. Each
+set starts with a regular expression, and continues with any number of data
+lines to be matched against the pattern. An empty line signals the end of the
+data lines, at which point a new regular expression is read. The regular
+expressions are given enclosed in any non-alphameric delimiters other than
+backslash, for example
+
+  /(a|bc)x+yz/
+
+White space before the initial delimiter is ignored. A regular expression may
+be continued over several input lines, in which case the newline characters are
+included within it. See the test input files in the testdata directory for many
+examples. It is possible to include the delimiter within the pattern by
+escaping it, for example
+
+  /abc\/def/
+
+If you do so, the escape and the delimiter form part of the pattern, but since
+delimiters are always non-alphameric, this does not affect its interpretation.
+If the terminating delimiter is immediately followed by a backslash, for
+example,
+
+  /abc/\
+
+then a backslash is added to the end of the pattern. This is done to provide a
+way of testing the error condition that arises if a pattern finishes with a
+backslash, because
+
+  /abc\/
+
+is interpreted as the first line of a pattern that starts with "abc/", causing
+pcretest to read the next line as a continuation of the regular expression.
+
+
+PATTERN MODIFIERS
+-----------------
+
+The pattern may be followed by i, m, s, or x to set the PCRE_CASELESS,
+PCRE_MULTILINE, PCRE_DOTALL, or PCRE_EXTENDED options, respectively. For
+example:
+
+  /caseless/i
+
+These modifier letters have the same effect as they do in Perl. There are
+others which set PCRE options that do not correspond to anything in Perl: /A,
+/E, and /X set PCRE_ANCHORED, PCRE_DOLLAR_ENDONLY, and PCRE_EXTRA respectively.
+
+Searching for all possible matches within each subject string can be requested
+by the /g or /G modifier. After finding a match, PCRE is called again to search
+the remainder of the subject string. The difference between /g and /G is that
+the former uses the startoffset argument to pcre_exec() to start searching at
+a new point within the entire string (which is in effect what Perl does),
+whereas the latter passes over a shortened substring. This makes a difference
+to the matching process if the pattern begins with a lookbehind assertion
+(including \b or \B).
+
+If any call to pcre_exec() in a /g or /G sequence matches an empty string, the
+next call is done with the PCRE_NOTEMPTY and PCRE_ANCHORED flags set in order
+to search for another, non-empty, match at the same point. If this second match
+fails, the start offset is advanced by one, and the normal match is retried.
+This imitates the way Perl handles such cases when using the /g modifier or the
+split() function.
+
+There are a number of other modifiers for controlling the way pcretest
+operates.
+
+The /+ modifier requests that as well as outputting the substring that matched
+the entire pattern, pcretest should in addition output the remainder of the
+subject string. This is useful for tests where the subject contains multiple
+copies of the same substring.
+
+The /L modifier must be followed directly by the name of a locale, for example,
+
+  /pattern/Lfr
+
+For this reason, it must be the last modifier letter. The given locale is set,
+pcre_maketables() is called to build a set of character tables for the locale,
+and this is then passed to pcre_compile() when compiling the regular
+expression. Without an /L modifier, NULL is passed as the tables pointer; that
+is, /L applies only to the expression on which it appears.
+
+The /I modifier requests that pcretest output information about the compiled
+expression (whether it is anchored, has a fixed first character, and so on). It
+does this by calling pcre_fullinfo() after compiling an expression, and
+outputting the information it gets back. If the pattern is studied, the results
+of that are also output.
+
+The /D modifier is a PCRE debugging feature, which also assumes /I. It causes
+the internal form of compiled regular expressions to be output after
+compilation.
+
+The /S modifier causes pcre_study() to be called after the expression has been
+compiled, and the results used when the expression is matched.
+
+The /M modifier causes the size of memory block used to hold the compiled
+pattern to be output.
+
+The /P modifier causes pcretest to call PCRE via the POSIX wrapper API rather
+than its native API. When this is done, all other modifiers except /i, /m, and
+/+ are ignored. REG_ICASE is set if /i is present, and REG_NEWLINE is set if /m
+is present. The wrapper functions force PCRE_DOLLAR_ENDONLY always, and
+PCRE_DOTALL unless REG_NEWLINE is set.
+
+The /8 modifier causes pcretest to call PCRE with the PCRE_UTF8 option set.
+This turns on the (currently incomplete) support for UTF-8 character handling
+in PCRE, provided that it was compiled with this support enabled. This modifier
+also causes any non-printing characters in output strings to be printed using
+the \x{hh...} notation if they are valid UTF-8 sequences.
+
+
+DATA LINES
+----------
+
+Before each data line is passed to pcre_exec(), leading and trailing whitespace
+is removed, and it is then scanned for \ escapes. The following are recognized:
+
+  \a         alarm (= BEL)
+  \b         backspace
+  \e         escape
+  \f         formfeed
+  \n         newline
+  \r         carriage return
+  \t         tab
+  \v         vertical tab
+  \nnn       octal character (up to 3 octal digits)
+  \xhh       hexadecimal character (up to 2 hex digits)
+  \x{hh...}  hexadecimal UTF-8 character
+
+  \A         pass the PCRE_ANCHORED option to pcre_exec()
+  \B         pass the PCRE_NOTBOL option to pcre_exec()
+  \Cdd       call pcre_copy_substring() for substring dd after a successful
+               match (any decimal number less than 32)
+  \Gdd       call pcre_get_substring() for substring dd after a successful
+               match (any decimal number less than 32)
+  \L         call pcre_get_substringlist() after a successful match
+  \N         pass the PCRE_NOTEMPTY option to pcre_exec()
+  \Odd       set the size of the output vector passed to pcre_exec() to dd
+               (any number of decimal digits)
+  \Z         pass the PCRE_NOTEOL option to pcre_exec()
+
+A backslash followed by anything else just escapes the anything else. If the
+very last character is a backslash, it is ignored. This gives a way of passing
+an empty line as data, since a real empty line terminates the data input.
+
+If /P was present on the regex, causing the POSIX wrapper API to be used, only
+\B, and \Z have any effect, causing REG_NOTBOL and REG_NOTEOL to be passed to
+regexec() respectively.
+
+The use of \x{hh...} to represent UTF-8 characters is not dependent on the use
+of the /8 modifier on the pattern. It is recognized always. There may be any
+number of hexadecimal digits inside the braces. The result is from one to six
+bytes, encoded according to the UTF-8 rules.
+
+
+OUTPUT FROM PCRETEST
+--------------------
+
+When a match succeeds, pcretest outputs the list of captured substrings that
+pcre_exec() returns, starting with number 0 for the string that matched the
+whole pattern. Here is an example of an interactive pcretest run.
+
+  $ pcretest
+  PCRE version 2.06 08-Jun-1999
+
+    re> /^abc(\d+)/
+  data> abc123
+   0: abc123
+   1: 123
+  data> xyz
+  No match
+
+If the strings contain any non-printing characters, they are output as \0x
+escapes, or as \x{...} escapes if the /8 modifier was present on the pattern.
+If the pattern has the /+ modifier, then the output for substring 0 is followed
+by the the rest of the subject string, identified by "0+" like this:
+
+    re> /cat/+
+  data> cataract
+   0: cat
+   0+ aract
+
+If the pattern has the /g or /G modifier, the results of successive matching
+attempts are output in sequence, like this:
+
+    re> /\Bi(\w\w)/g
+  data> Mississippi
+   0: iss
+   1: ss
+   0: iss
+   1: ss
+   0: ipp
+   1: pp
+
+"No match" is output only if the first match attempt fails.
+
+If any of \C, \G, or \L are present in a data line that is successfully
+matched, the substrings extracted by the convenience functions are output with
+C, G, or L after the string number instead of a colon. This is in addition to
+the normal full list. The string length (that is, the return from the
+extraction function) is given in parentheses after each string for \C and \G.
+
+Note that while patterns can be continued over several lines (a plain ">"
+prompt is used for continuations), data lines may not. However newlines can be
+included in data by means of the \n escape.
+
+
+COMMAND LINE OPTIONS
+--------------------
+
+If the -p option is given to pcretest, it is equivalent to adding /P to each
+regular expression: the POSIX wrapper API is used to call PCRE. None of the
+following flags has any effect in this case.
+
+If the option -d is given to pcretest, it is equivalent to adding /D to each
+regular expression: the internal form is output after compilation.
+
+If the option -i is given to pcretest, it is equivalent to adding /I to each
+regular expression: information about the compiled pattern is given after
+compilation.
+
+If the option -m is given to pcretest, it outputs the size of each compiled
+pattern after it has been compiled. It is equivalent to adding /M to each
+regular expression. For compatibility with earlier versions of pcretest, -s is
+a synonym for -m.
+
+If the -t option is given, each compile, study, and match is run 20000 times
+while being timed, and the resulting time per compile or match is output in
+milliseconds. Do not set -t with -m, because you will then get the size output
+20000 times and the timing will be distorted. If you want to change the number
+of repetitions used for timing, edit the definition of LOOPREPEAT at the top of
+pcretest.c
+
+Philip Hazel <ph10 at cam.ac.uk>
+August 2000
diff --git a/external/privoxy/pcre/doc/perltest.txt b/external/privoxy/pcre/doc/perltest.txt
new file mode 100644
index 0000000..33155c1
--- /dev/null
+++ b/external/privoxy/pcre/doc/perltest.txt
@@ -0,0 +1,29 @@
+The perltest program
+--------------------
+
+The perltest program tests Perl's regular expressions; it has the same
+specification as pcretest, and so can be given identical input, except that
+input patterns can be followed only by Perl's lower case modifiers and /+ (as
+used by pcretest), which is recognized and handled by the program.
+
+The data lines are processed as Perl double-quoted strings, so if they contain
+" \ $ or @ characters, these have to be escaped. For this reason, all such
+characters in testinput1 and testinput3 are escaped so that they can be used
+for perltest as well as for pcretest, and the special upper case modifiers such
+as /A that pcretest recognizes are not used in these files. The output should
+be identical, apart from the initial identifying banner.
+
+For testing UTF-8 features, an alternative form of perltest, called perltest8,
+is supplied. This requires Perl 5.6 or higher. It recognizes the special
+modifier /8 that pcretest uses to invoke UTF-8 functionality. The testinput5
+file can be fed to perltest8.
+
+The testinput2 and testinput4 files are not suitable for feeding to perltest,
+since they do make use of the special upper case modifiers and escapes that
+pcretest uses to test some features of PCRE. The first of these files also
+contains malformed regular expressions, in order to check that PCRE diagnoses
+them correctly. Similarly, testinput6 tests UTF-8 features that do not relate
+to Perl.
+
+Philip Hazel <ph10 at cam.ac.uk>
+August 2000
diff --git a/external/privoxy/pcre/doc/readme b/external/privoxy/pcre/doc/readme
new file mode 100644
index 0000000..d124ee0
--- /dev/null
+++ b/external/privoxy/pcre/doc/readme
@@ -0,0 +1,270 @@
+README file for PCRE (Perl-compatible regular expression library)
+-----------------------------------------------------------------
+
+The latest release of PCRE is always available from
+
+  ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/pcre-xxx.tar.gz
+
+Please read the NEWS file if you are upgrading from a previous release.
+
+PCRE has its own native API, but a set of "wrapper" functions that are based on
+the POSIX API are also supplied in the library libpcreposix. Note that this
+just provides a POSIX calling interface to PCRE: the regular expressions
+themselves still follow Perl syntax and semantics. The header file
+for the POSIX-style functions is called pcreposix.h. The official POSIX name is
+regex.h, but I didn't want to risk possible problems with existing files of
+that name by distributing it that way. To use it with an existing program that
+uses the POSIX API, it will have to be renamed or pointed at by a link.
+
+
+Building PCRE on a Unix system
+------------------------------
+
+To build PCRE on a Unix system, run the "configure" command in the PCRE
+distribution directory. This is a standard GNU "autoconf" configuration script,
+for which generic instructions are supplied in INSTALL. On many systems just
+running "./configure" is sufficient, but the usual methods of changing standard
+defaults are available. For example,
+
+CFLAGS='-O2 -Wall' ./configure --prefix=/opt/local
+
+specifies that the C compiler should be run with the flags '-O2 -Wall' instead
+of the default, and that "make install" should install PCRE under /opt/local
+instead of the default /usr/local.
+
+If you want to make use of the experimential, incomplete support for UTF-8
+character strings in PCRE, you must add --enable-utf8 to the "configure"
+command. Without it, the code for handling UTF-8 is not included in the
+library. (Even when included, it still has to be enabled by an option at run
+time.)
+
+The "configure" script builds four files:
+
+. Makefile is built by copying Makefile.in and making substitutions.
+. config.h is built by copying config.in and making substitutions.
+. pcre-config is built by copying pcre-config.in and making substitutions.
+. RunTest is a script for running tests
+
+Once "configure" has run, you can run "make". It builds two libraries called
+libpcre and libpcreposix, a test program called pcretest, and the pcregrep
+command. You can use "make install" to copy these, and the public header file
+pcre.h, to appropriate live directories on your system, in the normal way.
+
+Running "make install" also installs the command pcre-config, which can be used
+to recall information about the PCRE configuration and installation. For
+example,
+
+  pcre-config --version
+
+prints the version number, and
+
+ pcre-config --libs
+
+outputs information about where the library is installed. This command can be
+included in makefiles for programs that use PCRE, saving the programmer from
+having to remember too many details.
+
+
+Shared libraries on Unix systems
+--------------------------------
+
+The default distribution builds PCRE as two shared libraries. This support is
+new and experimental and may not work on all systems. It relies on the
+"libtool" scripts - these are distributed with PCRE. It should build a
+"libtool" script and use this to compile and link shared libraries, which are
+placed in a subdirectory called .libs. The programs pcretest and pcregrep are
+built to use these uninstalled libraries by means of wrapper scripts. When you
+use "make install" to install shared libraries, pcregrep and pcretest are
+automatically re-built to use the newly installed libraries. However, only
+pcregrep is installed, as pcretest is really just a test program.
+
+To build PCRE using static libraries you must use --disable-shared when
+configuring it. For example
+
+./configure --prefix=/usr/gnu --disable-shared
+
+Then run "make" in the usual way.
+
+
+Building on non-Unix systems
+----------------------------
+
+For a non-Unix system, read the comments in the file NON-UNIX-USE. PCRE has
+been compiled on Windows systems and on Macintoshes, but I don't know the
+details because I don't use those systems. It should be straightforward to
+build PCRE on any system that has a Standard C compiler, because it uses only
+Standard C functions.
+
+
+Testing PCRE
+------------
+
+To test PCRE on a Unix system, run the RunTest script in the pcre directory.
+(This can also be run by "make runtest", "make check", or "make test".) For
+other systems, see the instruction in NON-UNIX-USE.
+
+The script runs the pcretest test program (which is documented in
+doc/pcretest.txt) on each of the testinput files (in the testdata directory) in
+turn, and compares the output with the contents of the corresponding testoutput
+file. A file called testtry is used to hold the output from pcretest. To run
+pcretest on just one of the test files, give its number as an argument to
+RunTest, for example:
+
+  RunTest 3
+
+The first and third test files can also be fed directly into the perltest
+script to check that Perl gives the same results. The third file requires the
+additional features of release 5.005, which is why it is kept separate from the
+main test input, which needs only Perl 5.004. In the long run, when 5.005 (or
+higher) is widespread, these two test files may get amalgamated.
+
+The second set of tests check pcre_fullinfo(), pcre_info(), pcre_study(),
+pcre_copy_substring(), pcre_get_substring(), pcre_get_substring_list(), error
+detection, and run-time flags that are specific to PCRE, as well as the POSIX
+wrapper API. It also uses the debugging flag to check some of the internals of
+pcre_compile().
+
+If you build PCRE with a locale setting that is not the standard C locale, the
+character tables may be different (see next paragraph). In some cases, this may
+cause failures in the second set of tests. For example, in a locale where the
+isprint() function yields TRUE for characters in the range 128-255, the use of
+[:isascii:] inside a character class defines a different set of characters, and
+this shows up in this test as a difference in the compiled code, which is being
+listed for checking. Where the comparison test output contains [\x00-\x7f] the
+test will contain [\x00-\xff], and similarly in some other cases. This is not a
+bug in PCRE.
+
+The fourth set of tests checks pcre_maketables(), the facility for building a
+set of character tables for a specific locale and using them instead of the
+default tables. The tests make use of the "fr" (French) locale. Before running
+the test, the script checks for the presence of this locale by running the
+"locale" command. If that command fails, or if it doesn't include "fr" in the
+list of available locales, the fourth test cannot be run, and a comment is
+output to say why. If running this test produces instances of the error
+
+  ** Failed to set locale "fr"
+
+in the comparison output, it means that locale is not available on your system,
+despite being listed by "locale". This does not mean that PCRE is broken.
+
+The fifth test checks the experimental, incomplete UTF-8 support. It is not run
+automatically unless PCRE is built with UTF-8 support. This file can be fed
+directly to the perltest8 script, which requires Perl 5.6 or higher. The sixth
+file tests internal UTF-8 features of PCRE that are not relevant to Perl.
+
+
+Character tables
+----------------
+
+PCRE uses four tables for manipulating and identifying characters. The final
+argument of the pcre_compile() function is a pointer to a block of memory
+containing the concatenated tables. A call to pcre_maketables() can be used to
+generate a set of tables in the current locale. If the final argument for
+pcre_compile() is passed as NULL, a set of default tables that is built into
+the binary is used.
+
+The source file called chartables.c contains the default set of tables. This is
+not supplied in the distribution, but is built by the program dftables
+(compiled from dftables.c), which uses the ANSI C character handling functions
+such as isalnum(), isalpha(), isupper(), islower(), etc. to build the table
+sources. This means that the default C locale which is set for your system will
+control the contents of these default tables. You can change the default tables
+by editing chartables.c and then re-building PCRE. If you do this, you should
+probably also edit Makefile to ensure that the file doesn't ever get
+re-generated.
+
+The first two 256-byte tables provide lower casing and case flipping functions,
+respectively. The next table consists of three 32-byte bit maps which identify
+digits, "word" characters, and white space, respectively. These are used when
+building 32-byte bit maps that represent character classes.
+
+The final 256-byte table has bits indicating various character types, as
+follows:
+
+    1   white space character
+    2   letter
+    4   decimal digit
+    8   hexadecimal digit
+   16   alphanumeric or '_'
+  128   regular expression metacharacter or binary zero
+
+You should not alter the set of characters that contain the 128 bit, as that
+will cause PCRE to malfunction.
+
+
+Manifest
+--------
+
+The distribution should contain the following files:
+
+(A) The actual source files of the PCRE library functions and their
+    headers:
+
+  dftables.c            auxiliary program for building chartables.c
+  get.c                 )
+  maketables.c          )
+  study.c               ) source of
+  pcre.c                )   the functions
+  pcreposix.c           )
+  pcre.in               "source" for the header for the external API; pcre.h
+                          is built from this by "configure"
+  pcreposix.h           header for the external POSIX wrapper API
+  internal.h            header for internal use
+  config.in             template for config.h, which is built by configure
+
+(B) Auxiliary files:
+
+  AUTHORS               information about the author of PCRE
+  ChangeLog             log of changes to the code
+  INSTALL               generic installation instructions
+  LICENCE               conditions for the use of PCRE
+  COPYING               the same, using GNU's standard name
+  Makefile.in           template for Unix Makefile, which is built by configure
+  NEWS                  important changes in this release
+  NON-UNIX-USE          notes on building PCRE on non-Unix systems
+  README                this file
+  RunTest.in            template for a Unix shell script for running tests
+  config.guess          ) files used by libtool,
+  config.sub            )   used only when building a shared library
+  configure             a configuring shell script (built by autoconf)
+  configure.in          the autoconf input used to build configure
+  doc/Tech.Notes        notes on the encoding
+  doc/pcre.3            man page source for the PCRE functions
+  doc/pcre.html         HTML version
+  doc/pcre.txt          plain text version
+  doc/pcreposix.3       man page source for the POSIX wrapper API
+  doc/pcreposix.html    HTML version
+  doc/pcreposix.txt     plain text version
+  doc/pcretest.txt      documentation of test program
+  doc/perltest.txt      documentation of Perl test program
+  doc/pcregrep.1        man page source for the pcregrep utility
+  doc/pcregrep.html     HTML version
+  doc/pcregrep.txt      plain text version
+  install-sh            a shell script for installing files
+  ltconfig              ) files used to build "libtool",
+  ltmain.sh             )   used only when building a shared library
+  pcretest.c            test program
+  perltest              Perl test program
+  perltest8             Perl test program for UTF-8 tests
+  pcregrep.c            source of a grep utility that uses PCRE
+  pcre-config.in        source of script which retains PCRE information
+  testdata/testinput1   test data, compatible with Perl 5.004 and 5.005
+  testdata/testinput2   test data for error messages and non-Perl things
+  testdata/testinput3   test data, compatible with Perl 5.005
+  testdata/testinput4   test data for locale-specific tests
+  testdata/testinput5   test data for UTF-8 tests compatible with Perl 5.6
+  testdata/testinput6   test data for other UTF-8 tests
+  testdata/testoutput1  test results corresponding to testinput1
+  testdata/testoutput2  test results corresponding to testinput2
+  testdata/testoutput3  test results corresponding to testinput3
+  testdata/testoutput4  test results corresponding to testinput4
+  testdata/testoutput5  test results corresponding to testinput5
+  testdata/testoutput6  test results corresponding to testinput6
+
+(C) Auxiliary files for Win32 DLL
+
+  dll.mk
+  pcre.def
+
+Philip Hazel <ph10 at cam.ac.uk>
+August 2000
diff --git a/external/privoxy/pcre/get.c b/external/privoxy/pcre/get.c
new file mode 100644
index 0000000..42e9bd4
--- /dev/null
+++ b/external/privoxy/pcre/get.c
@@ -0,0 +1,227 @@
+/*************************************************
+*      Perl-Compatible Regular Expressions       *
+*************************************************/
+
+/*
+This is a library of functions to support regular expressions whose syntax
+and semantics are as close as possible to those of the Perl 5 language. See
+the file Tech.Notes for some information on the internals.
+
+Written by: Philip Hazel <ph10 at cam.ac.uk>
+
+           Copyright (c) 1997-2000 University of Cambridge
+
+-----------------------------------------------------------------------------
+Permission is granted to anyone to use this software for any purpose on any
+computer system, and to redistribute it freely, subject to the following
+restrictions:
+
+1. This software is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+2. The origin of this software must not be misrepresented, either by
+   explicit claim or by omission.
+
+3. Altered versions must be plainly marked as such, and must not be
+   misrepresented as being the original software.
+
+4. If PCRE is embedded in any software that is released under the GNU
+   General Purpose Licence (GPL), then the terms of that licence shall
+   supersede any condition above with which it is incompatible.
+-----------------------------------------------------------------------------
+*/
+
+/* This module contains some convenience functions for extracting substrings
+from the subject string after a regex match has succeeded. The original idea
+for these functions came from Scott Wimer <scottw at cgibuilder.com>. */
+
+
+/* Include the internals header, which itself includes Standard C headers plus
+the external pcre header. */
+
+#include "internal.h"
+
+
+
+/*************************************************
+*      Copy captured string to given buffer      *
+*************************************************/
+
+/* This function copies a single captured substring into a given buffer.
+Note that we use memcpy() rather than strncpy() in case there are binary zeros
+in the string.
+
+Arguments:
+  subject        the subject string that was matched
+  ovector        pointer to the offsets table
+  stringcount    the number of substrings that were captured
+                   (i.e. the yield of the pcre_exec call, unless
+                   that was zero, in which case it should be 1/3
+                   of the offset table size)
+  stringnumber   the number of the required substring
+  buffer         where to put the substring
+  size           the size of the buffer
+
+Returns:         if successful:
+                   the length of the copied string, not including the zero
+                   that is put on the end; can be zero
+                 if not successful:
+                   PCRE_ERROR_NOMEMORY (-6) buffer too small
+                   PCRE_ERROR_NOSUBSTRING (-7) no such captured substring
+*/
+
+int
+pcre_copy_substring(const char *subject, int *ovector, int stringcount,
+  int stringnumber, char *buffer, int size)
+{
+int yield;
+if (stringnumber < 0 || stringnumber >= stringcount)
+  return PCRE_ERROR_NOSUBSTRING;
+stringnumber *= 2;
+yield = ovector[stringnumber+1] - ovector[stringnumber];
+if (size < yield + 1) return PCRE_ERROR_NOMEMORY;
+memcpy(buffer, subject + ovector[stringnumber], yield);
+buffer[yield] = 0;
+return yield;
+}
+
+
+
+/*************************************************
+*      Copy all captured strings to new store    *
+*************************************************/
+
+/* This function gets one chunk of store and builds a list of pointers and all
+of the captured substrings in it. A NULL pointer is put on the end of the list.
+
+Arguments:
+  subject        the subject string that was matched
+  ovector        pointer to the offsets table
+  stringcount    the number of substrings that were captured
+                   (i.e. the yield of the pcre_exec call, unless
+                   that was zero, in which case it should be 1/3
+                   of the offset table size)
+  listptr        set to point to the list of pointers
+
+Returns:         if successful: 0
+                 if not successful:
+                   PCRE_ERROR_NOMEMORY (-6) failed to get store
+*/
+
+int
+pcre_get_substring_list(const char *subject, int *ovector, int stringcount,
+  const char ***listptr)
+{
+int i;
+int size = sizeof(char *);
+int double_count = stringcount * 2;
+char **stringlist;
+char *p;
+
+for (i = 0; i < double_count; i += 2)
+  size += sizeof(char *) + ovector[i+1] - ovector[i] + 1;
+
+stringlist = (char **)(pcre_malloc)(size);
+if (stringlist == NULL) return PCRE_ERROR_NOMEMORY;
+
+*listptr = (const char **)stringlist;
+p = (char *)(stringlist + stringcount + 1);
+
+for (i = 0; i < double_count; i += 2)
+  {
+  int len = ovector[i+1] - ovector[i];
+  memcpy(p, subject + ovector[i], len);
+  *stringlist++ = p;
+  p += len;
+  *p++ = 0;
+  }
+
+*stringlist = NULL;
+return 0;
+}
+
+
+
+/*************************************************
+*   Free store obtained by get_substring_list    *
+*************************************************/
+
+/* This function exists for the benefit of people calling PCRE from non-C
+programs that can call its functions, but not free() or (pcre_free)() directly.
+
+Argument:   the result of a previous pcre_get_substring_list()
+Returns:    nothing
+*/
+
+void
+pcre_free_substring_list(const char **pointer)
+{
+(pcre_free)((void *)pointer);
+}
+
+
+
+/*************************************************
+*      Copy captured string to new store         *
+*************************************************/
+
+/* This function copies a single captured substring into a piece of new
+store
+
+Arguments:
+  subject        the subject string that was matched
+  ovector        pointer to the offsets table
+  stringcount    the number of substrings that were captured
+                   (i.e. the yield of the pcre_exec call, unless
+                   that was zero, in which case it should be 1/3
+                   of the offset table size)
+  stringnumber   the number of the required substring
+  stringptr      where to put a pointer to the substring
+
+Returns:         if successful:
+                   the length of the string, not including the zero that
+                   is put on the end; can be zero
+                 if not successful:
+                   PCRE_ERROR_NOMEMORY (-6) failed to get store
+                   PCRE_ERROR_NOSUBSTRING (-7) substring not present
+*/
+
+int
+pcre_get_substring(const char *subject, int *ovector, int stringcount,
+  int stringnumber, const char **stringptr)
+{
+int yield;
+char *substring;
+if (stringnumber < 0 || stringnumber >= stringcount)
+  return PCRE_ERROR_NOSUBSTRING;
+stringnumber *= 2;
+yield = ovector[stringnumber+1] - ovector[stringnumber];
+substring = (char *)(pcre_malloc)(yield + 1);
+if (substring == NULL) return PCRE_ERROR_NOMEMORY;
+memcpy(substring, subject + ovector[stringnumber], yield);
+substring[yield] = 0;
+*stringptr = substring;
+return yield;
+}
+
+
+
+/*************************************************
+*       Free store obtained by get_substring     *
+*************************************************/
+
+/* This function exists for the benefit of people calling PCRE from non-C
+programs that can call its functions, but not free() or (pcre_free)() directly.
+
+Argument:   the result of a previous pcre_get_substring()
+Returns:    nothing
+*/
+
+void
+pcre_free_substring(const char *pointer)
+{
+(pcre_free)((void *)pointer);
+}
+
+/* End of get.c */
diff --git a/external/privoxy/pcre/install b/external/privoxy/pcre/install
new file mode 100644
index 0000000..0880281
--- /dev/null
+++ b/external/privoxy/pcre/install
@@ -0,0 +1,185 @@
+Basic Installation
+==================
+
+   These are generic installation instructions that apply to systems that
+can run the `configure' shell script - Unix systems and any that imitate
+it. They are not specific to PCRE. There are PCRE-specific instructions
+for non-Unix systems in the file NON-UNIX-USE.
+
+   The `configure' shell script attempts to guess correct values for
+various system-dependent variables used during compilation.  It uses
+those values to create a `Makefile' in each directory of the package.
+It may also create one or more `.h' files containing system-dependent
+definitions.  Finally, it creates a shell script `config.status' that
+you can run in the future to recreate the current configuration, a file
+`config.cache' that saves the results of its tests to speed up
+reconfiguring, and a file `config.log' containing compiler output
+(useful mainly for debugging `configure').
+
+   If you need to do unusual things to compile the package, please try
+to figure out how `configure' could check whether to do them, and mail
+diffs or instructions to the address given in the `README' so they can
+be considered for the next release.  If at some point `config.cache'
+contains results you don't want to keep, you may remove or edit it.
+
+   The file `configure.in' is used to create `configure' by a program
+called `autoconf'.  You only need `configure.in' if you want to change
+it or regenerate `configure' using a newer version of `autoconf'.
+
+The simplest way to compile this package is:
+
+  1. `cd' to the directory containing the package's source code and type
+     `./configure' to configure the package for your system.  If you're
+     using `csh' on an old version of System V, you might need to type
+     `sh ./configure' instead to prevent `csh' from trying to execute
+     `configure' itself.
+
+     Running `configure' takes awhile.  While running, it prints some
+     messages telling which features it is checking for.
+
+  2. Type `make' to compile the package.
+
+  3. Optionally, type `make check' to run any self-tests that come with
+     the package.
+
+  4. Type `make install' to install the programs and any data files and
+     documentation.
+
+  5. You can remove the program binaries and object files from the
+     source code directory by typing `make clean'.  To also remove the
+     files that `configure' created (so you can compile the package for
+     a different kind of computer), type `make distclean'.  There is
+     also a `make maintainer-clean' target, but that is intended mainly
+     for the package's developers.  If you use it, you may have to get
+     all sorts of other programs in order to regenerate files that came
+     with the distribution.
+
+Compilers and Options
+=====================
+
+   Some systems require unusual options for compilation or linking that
+the `configure' script does not know about.  You can give `configure'
+initial values for variables by setting them in the environment.  Using
+a Bourne-compatible shell, you can do that on the command line like
+this:
+     CC=c89 CFLAGS=-O2 LIBS=-lposix ./configure
+
+Or on systems that have the `env' program, you can do it like this:
+     env CPPFLAGS=-I/usr/local/include LDFLAGS=-s ./configure
+
+Compiling For Multiple Architectures
+====================================
+
+   You can compile the package for more than one kind of computer at the
+same time, by placing the object files for each architecture in their
+own directory.  To do this, you must use a version of `make' that
+supports the `VPATH' variable, such as GNU `make'.  `cd' to the
+directory where you want the object files and executables to go and run
+the `configure' script.  `configure' automatically checks for the
+source code in the directory that `configure' is in and in `..'.
+
+   If you have to use a `make' that does not supports the `VPATH'
+variable, you have to compile the package for one architecture at a time
+in the source code directory.  After you have installed the package for
+one architecture, use `make distclean' before reconfiguring for another
+architecture.
+
+Installation Names
+==================
+
+   By default, `make install' will install the package's files in
+`/usr/local/bin', `/usr/local/man', etc.  You can specify an
+installation prefix other than `/usr/local' by giving `configure' the
+option `--prefix=PATH'.
+
+   You can specify separate installation prefixes for
+architecture-specific files and architecture-independent files.  If you
+give `configure' the option `--exec-prefix=PATH', the package will use
+PATH as the prefix for installing programs and libraries.
+Documentation and other data files will still use the regular prefix.
+
+   In addition, if you use an unusual directory layout you can give
+options like `--bindir=PATH' to specify different values for particular
+kinds of files.  Run `configure --help' for a list of the directories
+you can set and what kinds of files go in them.
+
+   If the package supports it, you can cause programs to be installed
+with an extra prefix or suffix on their names by giving `configure' the
+option `--program-prefix=PREFIX' or `--program-suffix=SUFFIX'.
+
+Optional Features
+=================
+
+   Some packages pay attention to `--enable-FEATURE' options to
+`configure', where FEATURE indicates an optional part of the package.
+They may also pay attention to `--with-PACKAGE' options, where PACKAGE
+is something like `gnu-as' or `x' (for the X Window System).  The
+`README' should mention any `--enable-' and `--with-' options that the
+package recognizes.
+
+   For packages that use the X Window System, `configure' can usually
+find the X include and library files automatically, but if it doesn't,
+you can use the `configure' options `--x-includes=DIR' and
+`--x-libraries=DIR' to specify their locations.
+
+Specifying the System Type
+==========================
+
+   There may be some features `configure' can not figure out
+automatically, but needs to determine by the type of host the package
+will run on.  Usually `configure' can figure that out, but if it prints
+a message saying it can not guess the host type, give it the
+`--host=TYPE' option.  TYPE can either be a short name for the system
+type, such as `sun4', or a canonical name with three fields:
+     CPU-COMPANY-SYSTEM
+
+See the file `config.sub' for the possible values of each field.  If
+`config.sub' isn't included in this package, then this package doesn't
+need to know the host type.
+
+   If you are building compiler tools for cross-compiling, you can also
+use the `--target=TYPE' option to select the type of system they will
+produce code for and the `--build=TYPE' option to select the type of
+system on which you are compiling the package.
+
+Sharing Defaults
+================
+
+   If you want to set default values for `configure' scripts to share,
+you can create a site shell script called `config.site' that gives
+default values for variables like `CC', `cache_file', and `prefix'.
+`configure' looks for `PREFIX/share/config.site' if it exists, then
+`PREFIX/etc/config.site' if it exists.  Or, you can set the
+`CONFIG_SITE' environment variable to the location of the site script.
+A warning: not all `configure' scripts look for a site script.
+
+Operation Controls
+==================
+
+   `configure' recognizes the following options to control how it
+operates.
+
+`--cache-file=FILE'
+     Use and save the results of the tests in FILE instead of
+     `./config.cache'.  Set FILE to `/dev/null' to disable caching, for
+     debugging `configure'.
+
+`--help'
+     Print a summary of the options to `configure', and exit.
+
+`--quiet'
+`--silent'
+`-q'
+     Do not print messages saying which checks are being made.  To
+     suppress all normal output, redirect it to `/dev/null' (any error
+     messages will still be shown).
+
+`--srcdir=DIR'
+     Look for the package's source code in directory DIR.  Usually
+     `configure' can determine that directory automatically.
+
+`--version'
+     Print the version of Autoconf used to generate the `configure'
+     script, and exit.
+
+`configure' also accepts some other, not widely useful, options.
diff --git a/external/privoxy/pcre/install-sh b/external/privoxy/pcre/install-sh
new file mode 100644
index 0000000..e9de238
--- /dev/null
+++ b/external/privoxy/pcre/install-sh
@@ -0,0 +1,251 @@
+#!/bin/sh
+#
+# install - install a program, script, or datafile
+# This comes from X11R5 (mit/util/scripts/install.sh).
+#
+# Copyright 1991 by the Massachusetts Institute of Technology
+#
+# Permission to use, copy, modify, distribute, and sell this software and its
+# documentation for any purpose is hereby granted without fee, provided that
+# the above copyright notice appear in all copies and that both that
+# copyright notice and this permission notice appear in supporting
+# documentation, and that the name of M.I.T. not be used in advertising or
+# publicity pertaining to distribution of the software without specific,
+# written prior permission.  M.I.T. makes no representations about the
+# suitability of this software for any purpose.  It is provided "as is"
+# without express or implied warranty.
+#
+# Calling this script install-sh is preferred over install.sh, to prevent
+# `make' implicit rules from creating a file called install from it
+# when there is no Makefile.
+#
+# This script is compatible with the BSD install script, but was written
+# from scratch.  It can only install one file at a time, a restriction
+# shared with many OS's install programs.
+
+
+# set DOITPROG to echo to test this script
+
+# Don't use :- since 4.3BSD and earlier shells don't like it.
+doit="${DOITPROG-}"
+
+
+# put in absolute paths if you don't have them in your path; or use env. vars.
+
+mvprog="${MVPROG-mv}"
+cpprog="${CPPROG-cp}"
+chmodprog="${CHMODPROG-chmod}"
+chownprog="${CHOWNPROG-chown}"
+chgrpprog="${CHGRPPROG-chgrp}"
+stripprog="${STRIPPROG-strip}"
+rmprog="${RMPROG-rm}"
+mkdirprog="${MKDIRPROG-mkdir}"
+
+transformbasename=""
+transform_arg=""
+instcmd="$mvprog"
+chmodcmd="$chmodprog 0755"
+chowncmd=""
+chgrpcmd=""
+stripcmd=""
+rmcmd="$rmprog -f"
+mvcmd="$mvprog"
+src=""
+dst=""
+dir_arg=""
+
+while [ x"$1" != x ]; do
+    case $1 in
+	-c) instcmd="$cpprog"
+	    shift
+	    continue;;
+
+	-d) dir_arg=true
+	    shift
+	    continue;;
+
+	-m) chmodcmd="$chmodprog $2"
+	    shift
+	    shift
+	    continue;;
+
+	-o) chowncmd="$chownprog $2"
+	    shift
+	    shift
+	    continue;;
+
+	-g) chgrpcmd="$chgrpprog $2"
+	    shift
+	    shift
+	    continue;;
+
+	-s) stripcmd="$stripprog"
+	    shift
+	    continue;;
+
+	-t=*) transformarg=`echo $1 | sed 's/-t=//'`
+	    shift
+	    continue;;
+
+	-b=*) transformbasename=`echo $1 | sed 's/-b=//'`
+	    shift
+	    continue;;
+
+	*)  if [ x"$src" = x ]
+	    then
+		src=$1
+	    else
+		# this colon is to work around a 386BSD /bin/sh bug
+		:
+		dst=$1
+	    fi
+	    shift
+	    continue;;
+    esac
+done
+
+if [ x"$src" = x ]
+then
+	echo "install:	no input file specified"
+	exit 1
+else
+	true
+fi
+
+if [ x"$dir_arg" != x ]; then
+	dst=$src
+	src=""
+	
+	if [ -d $dst ]; then
+		instcmd=:
+		chmodcmd=""
+	else
+		instcmd=mkdir
+	fi
+else
+
+# Waiting for this to be detected by the "$instcmd $src $dsttmp" command
+# might cause directories to be created, which would be especially bad 
+# if $src (and thus $dsttmp) contains '*'.
+
+	if [ -f $src -o -d $src ]
+	then
+		true
+	else
+		echo "install:  $src does not exist"
+		exit 1
+	fi
+	
+	if [ x"$dst" = x ]
+	then
+		echo "install:	no destination specified"
+		exit 1
+	else
+		true
+	fi
+
+# If destination is a directory, append the input filename; if your system
+# does not like double slashes in filenames, you may need to add some logic
+
+	if [ -d $dst ]
+	then
+		dst="$dst"/`basename $src`
+	else
+		true
+	fi
+fi
+
+## this sed command emulates the dirname command
+dstdir=`echo $dst | sed -e 's,[^/]*$,,;s,/$,,;s,^$,.,'`
+
+# Make sure that the destination directory exists.
+#  this part is taken from Noah Friedman's mkinstalldirs script
+
+# Skip lots of stat calls in the usual case.
+if [ ! -d "$dstdir" ]; then
+defaultIFS='	
+'
+IFS="${IFS-${defaultIFS}}"
+
+oIFS="${IFS}"
+# Some sh's can't handle IFS=/ for some reason.
+IFS='%'
+set - `echo ${dstdir} | sed -e 's@/@%@g' -e 's@^%@/@'`
+IFS="${oIFS}"
+
+pathcomp=''
+
+while [ $# -ne 0 ] ; do
+	pathcomp="${pathcomp}${1}"
+	shift
+
+	if [ ! -d "${pathcomp}" ] ;
+        then
+		$mkdirprog "${pathcomp}"
+	else
+		true
+	fi
+
+	pathcomp="${pathcomp}/"
+done
+fi
+
+if [ x"$dir_arg" != x ]
+then
+	$doit $instcmd $dst &&
+
+	if [ x"$chowncmd" != x ]; then $doit $chowncmd $dst; else true ; fi &&
+	if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dst; else true ; fi &&
+	if [ x"$stripcmd" != x ]; then $doit $stripcmd $dst; else true ; fi &&
+	if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dst; else true ; fi
+else
+
+# If we're going to rename the final executable, determine the name now.
+
+	if [ x"$transformarg" = x ] 
+	then
+		dstfile=`basename $dst`
+	else
+		dstfile=`basename $dst $transformbasename | 
+			sed $transformarg`$transformbasename
+	fi
+
+# don't allow the sed command to completely eliminate the filename
+
+	if [ x"$dstfile" = x ] 
+	then
+		dstfile=`basename $dst`
+	else
+		true
+	fi
+
+# Make a temp file name in the proper directory.
+
+	dsttmp=$dstdir/#inst.$$#
+
+# Move or copy the file name to the temp name
+
+	$doit $instcmd $src $dsttmp &&
+
+	trap "rm -f ${dsttmp}" 0 &&
+
+# and set any options; do chmod last to preserve setuid bits
+
+# If any of these fail, we abort the whole thing.  If we want to
+# ignore errors from any of these, just make sure not to ignore
+# errors from the above "$doit $instcmd $src $dsttmp" command.
+
+	if [ x"$chowncmd" != x ]; then $doit $chowncmd $dsttmp; else true;fi &&
+	if [ x"$chgrpcmd" != x ]; then $doit $chgrpcmd $dsttmp; else true;fi &&
+	if [ x"$stripcmd" != x ]; then $doit $stripcmd $dsttmp; else true;fi &&
+	if [ x"$chmodcmd" != x ]; then $doit $chmodcmd $dsttmp; else true;fi &&
+
+# Now rename the file to the real destination.
+
+	$doit $rmcmd -f $dstdir/$dstfile &&
+	$doit $mvcmd $dsttmp $dstdir/$dstfile 
+
+fi &&
+
+
+exit 0
diff --git a/external/privoxy/pcre/internal.h b/external/privoxy/pcre/internal.h
new file mode 100644
index 0000000..25bb7f8
--- /dev/null
+++ b/external/privoxy/pcre/internal.h
@@ -0,0 +1,381 @@
+/*************************************************
+*      Perl-Compatible Regular Expressions       *
+*************************************************/
+
+
+/* This is a library of functions to support regular expressions whose syntax
+and semantics are as close as possible to those of the Perl 5 language. See
+the file Tech.Notes for some information on the internals.
+
+Written by: Philip Hazel <ph10 at cam.ac.uk>
+
+           Copyright (c) 1997-2000 University of Cambridge
+
+-----------------------------------------------------------------------------
+Permission is granted to anyone to use this software for any purpose on any
+computer system, and to redistribute it freely, subject to the following
+restrictions:
+
+1. This software is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+2. The origin of this software must not be misrepresented, either by
+   explicit claim or by omission.
+
+3. Altered versions must be plainly marked as such, and must not be
+   misrepresented as being the original software.
+
+4. If PCRE is embedded in any software that is released under the GNU
+   General Purpose Licence (GPL), then the terms of that licence shall
+   supersede any condition above with which it is incompatible.
+-----------------------------------------------------------------------------
+*/
+
+/* This header contains definitions that are shared between the different
+modules, but which are not relevant to the outside. */
+
+/* Get the definitions provided by running "configure" */
+
+#include "config.h"
+
+/* To cope with SunOS4 and other systems that lack memmove() but have bcopy(),
+define a macro for memmove() if HAVE_MEMMOVE is false, provided that HAVE_BCOPY
+is set. Otherwise, include an emulating function for those systems that have
+neither (there some non-Unix environments where this is the case). This assumes
+that all calls to memmove are moving strings upwards in store, which is the
+case in PCRE. */
+
+#if ! HAVE_MEMMOVE
+#undef  memmove        /* some systems may have a macro */
+#if HAVE_BCOPY
+#define memmove(a, b, c) bcopy(b, a, c)
+#else
+void *
+pcre_memmove(unsigned char *dest, const unsigned char *src, size_t n)
+{
+int i;
+dest += n;
+src += n;
+for (i = 0; i < n; ++i) *(--dest) =  *(--src);
+}
+#define memmove(a, b, c) pcre_memmove(a, b, c)
+#endif
+#endif
+
+/* Standard C headers plus the external interface definition */
+
+#include <ctype.h>
+#include <limits.h>
+#include <stddef.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include "pcre.h"
+
+/* In case there is no definition of offsetof() provided - though any proper
+Standard C system should have one. */
+
+#ifndef offsetof
+#define offsetof(p_type,field) ((size_t)&(((p_type *)0)->field))
+#endif
+
+/* These are the public options that can change during matching. */
+
+#define PCRE_IMS (PCRE_CASELESS|PCRE_MULTILINE|PCRE_DOTALL)
+
+/* Private options flags start at the most significant end of the four bytes,
+but skip the top bit so we can use ints for convenience without getting tangled
+with negative values. The public options defined in pcre.h start at the least
+significant end. Make sure they don't overlap, though now that we have expanded
+to four bytes there is plenty of space. */
+
+#define PCRE_FIRSTSET      0x40000000  /* first_char is set */
+#define PCRE_REQCHSET      0x20000000  /* req_char is set */
+#define PCRE_STARTLINE     0x10000000  /* start after \n for multiline */
+#define PCRE_INGROUP       0x08000000  /* compiling inside a group */
+#define PCRE_ICHANGED      0x04000000  /* i option changes within regex */
+
+/* Options for the "extra" block produced by pcre_study(). */
+
+#define PCRE_STUDY_MAPPED   0x01     /* a map of starting chars exists */
+
+/* Masks for identifying the public options which are permitted at compile
+time, run time or study time, respectively. */
+
+#define PUBLIC_OPTIONS \
+  (PCRE_CASELESS|PCRE_EXTENDED|PCRE_ANCHORED|PCRE_MULTILINE| \
+   PCRE_DOTALL|PCRE_DOLLAR_ENDONLY|PCRE_EXTRA|PCRE_UNGREEDY|PCRE_UTF8)
+
+#define PUBLIC_EXEC_OPTIONS \
+  (PCRE_ANCHORED|PCRE_NOTBOL|PCRE_NOTEOL|PCRE_NOTEMPTY)
+
+#define PUBLIC_STUDY_OPTIONS 0   /* None defined */
+
+/* Magic number to provide a small check against being handed junk. */
+
+#define MAGIC_NUMBER  0x50435245UL   /* 'PCRE' */
+
+/* Miscellaneous definitions */
+
+typedef int BOOL;
+
+#define FALSE   0
+#define TRUE    1
+
+/* These are escaped items that aren't just an encoding of a particular data
+value such as \n. They must have non-zero values, as check_escape() returns
+their negation. Also, they must appear in the same order as in the opcode
+definitions below, up to ESC_z. The final one must be ESC_REF as subsequent
+values are used for \1, \2, \3, etc. There is a test in the code for an escape
+greater than ESC_b and less than ESC_X to detect the types that may be
+repeated. If any new escapes are put in-between that don't consume a character,
+that code will have to change. */
+
+enum { ESC_A = 1, ESC_B, ESC_b, ESC_D, ESC_d, ESC_S, ESC_s, ESC_W, ESC_w,
+       ESC_Z, ESC_z, ESC_REF };
+
+/* Opcode table: OP_BRA must be last, as all values >= it are used for brackets
+that extract substrings. Starting from 1 (i.e. after OP_END), the values up to
+OP_EOD must correspond in order to the list of escapes immediately above. */
+
+enum {
+  OP_END,            /* End of pattern */
+
+  /* Values corresponding to backslashed metacharacters */
+
+  OP_SOD,            /* Start of data: \A */
+  OP_NOT_WORD_BOUNDARY,  /* \B */
+  OP_WORD_BOUNDARY,      /* \b */
+  OP_NOT_DIGIT,          /* \D */
+  OP_DIGIT,              /* \d */
+  OP_NOT_WHITESPACE,     /* \S */
+  OP_WHITESPACE,         /* \s */
+  OP_NOT_WORDCHAR,       /* \W */
+  OP_WORDCHAR,           /* \w */
+  OP_EODN,           /* End of data or \n at end of data: \Z. */
+  OP_EOD,            /* End of data: \z */
+
+  OP_OPT,            /* Set runtime options */
+  OP_CIRC,           /* Start of line - varies with multiline switch */
+  OP_DOLL,           /* End of line - varies with multiline switch */
+  OP_ANY,            /* Match any character */
+  OP_CHARS,          /* Match string of characters */
+  OP_NOT,            /* Match anything but the following char */
+
+  OP_STAR,           /* The maximizing and minimizing versions of */
+  OP_MINSTAR,        /* all these opcodes must come in pairs, with */
+  OP_PLUS,           /* the minimizing one second. */
+  OP_MINPLUS,        /* This first set applies to single characters */
+  OP_QUERY,
+  OP_MINQUERY,
+  OP_UPTO,           /* From 0 to n matches */
+  OP_MINUPTO,
+  OP_EXACT,          /* Exactly n matches */
+
+  OP_NOTSTAR,        /* The maximizing and minimizing versions of */
+  OP_NOTMINSTAR,     /* all these opcodes must come in pairs, with */
+  OP_NOTPLUS,        /* the minimizing one second. */
+  OP_NOTMINPLUS,     /* This first set applies to "not" single characters */
+  OP_NOTQUERY,
+  OP_NOTMINQUERY,
+  OP_NOTUPTO,        /* From 0 to n matches */
+  OP_NOTMINUPTO,
+  OP_NOTEXACT,       /* Exactly n matches */
+
+  OP_TYPESTAR,       /* The maximizing and minimizing versions of */
+  OP_TYPEMINSTAR,    /* all these opcodes must come in pairs, with */
+  OP_TYPEPLUS,       /* the minimizing one second. These codes must */
+  OP_TYPEMINPLUS,    /* be in exactly the same order as those above. */
+  OP_TYPEQUERY,      /* This set applies to character types such as \d */
+  OP_TYPEMINQUERY,
+  OP_TYPEUPTO,       /* From 0 to n matches */
+  OP_TYPEMINUPTO,
+  OP_TYPEEXACT,      /* Exactly n matches */
+
+  OP_CRSTAR,         /* The maximizing and minimizing versions of */
+  OP_CRMINSTAR,      /* all these opcodes must come in pairs, with */
+  OP_CRPLUS,         /* the minimizing one second. These codes must */
+  OP_CRMINPLUS,      /* be in exactly the same order as those above. */
+  OP_CRQUERY,        /* These are for character classes and back refs */
+  OP_CRMINQUERY,
+  OP_CRRANGE,        /* These are different to the three seta above. */
+  OP_CRMINRANGE,
+
+  OP_CLASS,          /* Match a character class */
+  OP_REF,            /* Match a back reference */
+  OP_RECURSE,        /* Match this pattern recursively */
+
+  OP_ALT,            /* Start of alternation */
+  OP_KET,            /* End of group that doesn't have an unbounded repeat */
+  OP_KETRMAX,        /* These two must remain together and in this */
+  OP_KETRMIN,        /* order. They are for groups the repeat for ever. */
+
+  /* The assertions must come before ONCE and COND */
+
+  OP_ASSERT,         /* Positive lookahead */
+  OP_ASSERT_NOT,     /* Negative lookahead */
+  OP_ASSERTBACK,     /* Positive lookbehind */
+  OP_ASSERTBACK_NOT, /* Negative lookbehind */
+  OP_REVERSE,        /* Move pointer back - used in lookbehind assertions */
+
+  /* ONCE and COND must come after the assertions, with ONCE first, as there's
+  a test for >= ONCE for a subpattern that isn't an assertion. */
+
+  OP_ONCE,           /* Once matched, don't back up into the subpattern */
+  OP_COND,           /* Conditional group */
+  OP_CREF,           /* Used to hold an extraction string number */
+
+  OP_BRAZERO,        /* These two must remain together and in this */
+  OP_BRAMINZERO,     /* order. */
+
+  OP_BRA             /* This and greater values are used for brackets that
+                        extract substrings. */
+};
+
+/* The highest extraction number. This is limited by the number of opcodes
+left after OP_BRA, i.e. 255 - OP_BRA. We actually set it somewhat lower. */
+
+#define EXTRACT_MAX  99
+
+/* The texts of compile-time error messages are defined as macros here so that
+they can be accessed by the POSIX wrapper and converted into error codes.  Yes,
+I could have used error codes in the first place, but didn't feel like changing
+just to accommodate the POSIX wrapper. */
+
+#define ERR1  "\\ at end of pattern"
+#define ERR2  "\\c at end of pattern"
+#define ERR3  "unrecognized character follows \\"
+#define ERR4  "numbers out of order in {} quantifier"
+#define ERR5  "number too big in {} quantifier"
+#define ERR6  "missing terminating ] for character class"
+#define ERR7  "invalid escape sequence in character class"
+#define ERR8  "range out of order in character class"
+#define ERR9  "nothing to repeat"
+#define ERR10 "operand of unlimited repeat could match the empty string"
+#define ERR11 "internal error: unexpected repeat"
+#define ERR12 "unrecognized character after (?"
+#define ERR13 "too many capturing parenthesized sub-patterns"
+#define ERR14 "missing )"
+#define ERR15 "back reference to non-existent subpattern"
+#define ERR16 "erroffset passed as NULL"
+#define ERR17 "unknown option bit(s) set"
+#define ERR18 "missing ) after comment"
+#define ERR19 "too many sets of parentheses"
+#define ERR20 "regular expression too large"
+#define ERR21 "failed to get memory"
+#define ERR22 "unmatched parentheses"
+#define ERR23 "internal error: code overflow"
+#define ERR24 "unrecognized character after (?<"
+#define ERR25 "lookbehind assertion is not fixed length"
+#define ERR26 "malformed number after (?("
+#define ERR27 "conditional group contains more than two branches"
+#define ERR28 "assertion expected after (?("
+#define ERR29 "(?p must be followed by )"
+#define ERR30 "unknown POSIX class name"
+#define ERR31 "POSIX collating elements are not supported"
+#define ERR32 "this version of PCRE is not compiled with PCRE_UTF8 support"
+#define ERR33 "characters with values > 255 are not yet supported in classes"
+#define ERR34 "character value in \\x{...} sequence is too large"
+#define ERR35 "invalid condition (?(0)"
+
+/* All character handling must be done as unsigned characters. Otherwise there
+are problems with top-bit-set characters and functions such as isspace().
+However, we leave the interface to the outside world as char *, because that
+should make things easier for callers. We define a short type for unsigned char
+to save lots of typing. I tried "uchar", but it causes problems on Digital
+Unix, where it is defined in sys/types, so use "uschar" instead. */
+
+typedef unsigned char uschar;
+
+/* The real format of the start of the pcre block; the actual code vector
+runs on as long as necessary after the end. */
+
+typedef struct real_pcre {
+  unsigned long int magic_number;
+  size_t size;
+  const unsigned char *tables;
+  unsigned long int options;
+  uschar top_bracket;
+  uschar top_backref;
+  uschar first_char;
+  uschar req_char;
+  uschar code[1];
+} real_pcre;
+
+/* The real format of the extra block returned by pcre_study(). */
+
+typedef struct real_pcre_extra {
+  uschar options;
+  uschar start_bits[32];
+} real_pcre_extra;
+
+
+/* Structure for passing "static" information around between the functions
+doing the compiling, so that they are thread-safe. */
+
+typedef struct compile_data {
+  const uschar *lcc;            /* Points to lower casing table */
+  const uschar *fcc;            /* Points to case-flipping table */
+  const uschar *cbits;          /* Points to character type table */
+  const uschar *ctypes;         /* Points to table of type maps */
+} compile_data;
+
+/* Structure for passing "static" information around between the functions
+doing the matching, so that they are thread-safe. */
+
+typedef struct match_data {
+  int    errorcode;             /* As it says */
+  int   *offset_vector;         /* Offset vector */
+  int    offset_end;            /* One past the end */
+  int    offset_max;            /* The maximum usable for return data */
+  const uschar *lcc;            /* Points to lower casing table */
+  const uschar *ctypes;         /* Points to table of type maps */
+  BOOL   offset_overflow;       /* Set if too many extractions */
+  BOOL   notbol;                /* NOTBOL flag */
+  BOOL   noteol;                /* NOTEOL flag */
+  BOOL   utf8;                  /* UTF8 flag */
+  BOOL   endonly;               /* Dollar not before final \n */
+  BOOL   notempty;              /* Empty string match not wanted */
+  const uschar *start_pattern;  /* For use when recursing */
+  const uschar *start_subject;  /* Start of the subject string */
+  const uschar *end_subject;    /* End of the subject string */
+  const uschar *start_match;    /* Start of this match attempt */
+  const uschar *end_match_ptr;  /* Subject position at end match */
+  int    end_offset_top;        /* Highwater mark at end of match */
+} match_data;
+
+/* Bit definitions for entries in the pcre_ctypes table. */
+
+#define ctype_space   0x01
+#define ctype_letter  0x02
+#define ctype_digit   0x04
+#define ctype_xdigit  0x08
+#define ctype_word    0x10   /* alphameric or '_' */
+#define ctype_meta    0x80   /* regexp meta char or zero (end pattern) */
+
+/* Offsets for the bitmap tables in pcre_cbits. Each table contains a set
+of bits for a class map. Some classes are built by combining these tables. */
+
+#define cbit_space     0      /* [:space:] or \s */
+#define cbit_xdigit   32      /* [:xdigit:] */
+#define cbit_digit    64      /* [:digit:] or \d */
+#define cbit_upper    96      /* [:upper:] */
+#define cbit_lower   128      /* [:lower:] */
+#define cbit_word    160      /* [:word:] or \w */
+#define cbit_graph   192      /* [:graph:] */
+#define cbit_print   224      /* [:print:] */
+#define cbit_punct   256      /* [:punct:] */
+#define cbit_cntrl   288      /* [:cntrl:] */
+#define cbit_length  320      /* Length of the cbits table */
+
+/* Offsets of the various tables from the base tables pointer, and
+total length. */
+
+#define lcc_offset      0
+#define fcc_offset    256
+#define cbits_offset  512
+#define ctypes_offset (cbits_offset + cbit_length)
+#define tables_length (ctypes_offset + 256)
+
+/* End of internal.h */
diff --git a/external/privoxy/pcre/licence b/external/privoxy/pcre/licence
new file mode 100644
index 0000000..34d20db
--- /dev/null
+++ b/external/privoxy/pcre/licence
@@ -0,0 +1,46 @@
+PCRE LICENCE
+------------
+
+PCRE is a library of functions to support regular expressions whose syntax
+and semantics are as close as possible to those of the Perl 5 language.
+
+Written by: Philip Hazel <ph10 at cam.ac.uk>
+
+University of Cambridge Computing Service,
+Cambridge, England. Phone: +44 1223 334714.
+
+Copyright (c) 1997-2000 University of Cambridge
+
+Permission is granted to anyone to use this software for any purpose on any
+computer system, and to redistribute it freely, subject to the following
+restrictions:
+
+1. This software is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+2. The origin of this software must not be misrepresented, either by
+   explicit claim or by omission. In practice, this means that if you use
+   PCRE in software which you distribute to others, commercially or
+   otherwise, you must put a sentence like this
+
+     Regular expression support is provided by the PCRE library package,
+     which is open source software, written by Philip Hazel, and copyright
+     by the University of Cambridge, England.
+
+   somewhere reasonably visible in your documentation and in any relevant
+   files or online help data or similar. A reference to the ftp site for
+   the source, that is, to
+
+     ftp://ftp.csx.cam.ac.uk/pub/software/programming/pcre/
+
+   should also be given in the documentation.
+
+3. Altered versions must be plainly marked as such, and must not be
+   misrepresented as being the original software.
+
+4. If PCRE is embedded in any software that is released under the GNU
+   General Purpose Licence (GPL), then the terms of that licence shall
+   supersede any condition above with which it is incompatible.
+
+End
diff --git a/external/privoxy/pcre/ltconfig b/external/privoxy/pcre/ltconfig
new file mode 100644
index 0000000..a01334f
--- /dev/null
+++ b/external/privoxy/pcre/ltconfig
@@ -0,0 +1,3078 @@
+#! /bin/sh
+
+# ltconfig - Create a system-specific libtool.
+# Copyright (C) 1996-1999 Free Software Foundation, Inc.
+# Originally by Gordon Matzigkeit <gord at gnu.ai.mit.edu>, 1996
+#
+# This file is free software; you can redistribute it and/or modify it
+# under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# A lot of this script is taken from autoconf-2.10.
+
+# Check that we are running under the correct shell.
+SHELL=${CONFIG_SHELL-/bin/sh}
+echo=echo
+if test "X$1" = X--no-reexec; then
+  # Discard the --no-reexec flag, and continue.
+  shift
+elif test "X$1" = X--fallback-echo; then
+  # Avoid inline document here, it may be left over
+  :
+elif test "X`($echo '\t') 2>/dev/null`" = 'X\t'; then
+  # Yippee, $echo works!
+  :
+else
+  # Restart under the correct shell.
+  exec "$SHELL" "$0" --no-reexec ${1+"$@"}
+fi
+
+if test "X$1" = X--fallback-echo; then
+  # used as fallback echo
+  shift
+  cat <<EOF
+$*
+EOF
+  exit 0
+fi
+
+# Find the correct PATH separator.  Usually this is `:', but
+# DJGPP uses `;' like DOS.
+if test "X${PATH_SEPARATOR+set}" != Xset; then
+  UNAME=${UNAME-`uname 2>/dev/null`}
+  case X$UNAME in
+    *-DOS) PATH_SEPARATOR=';' ;;
+    *)     PATH_SEPARATOR=':' ;;
+  esac
+fi
+
+# The HP-UX ksh and POSIX shell print the target directory to stdout
+# if CDPATH is set.
+if test "X${CDPATH+set}" = Xset; then CDPATH=:; export CDPATH; fi
+
+if test "X${echo_test_string+set}" != Xset; then
+  # find a string as large as possible, as long as the shell can cope with it
+  for cmd in 'sed 50q "$0"' 'sed 20q "$0"' 'sed 10q "$0"' 'sed 2q "$0"' 'echo test'; do
+    # expected sizes: less than 2Kb, 1Kb, 512 bytes, 16 bytes, ...
+    if (echo_test_string="`eval $cmd`") 2>/dev/null &&
+       echo_test_string="`eval $cmd`" &&
+       (test "X$echo_test_string" = "X$echo_test_string") 2>/dev/null; then
+      break
+    fi
+  done
+fi
+
+if test "X`($echo '\t') 2>/dev/null`" != 'X\t' ||
+   test "X`($echo "$echo_test_string") 2>/dev/null`" != X"$echo_test_string"; then
+  # The Solaris, AIX, and Digital Unix default echo programs unquote
+  # backslashes.  This makes it impossible to quote backslashes using
+  #   echo "$something" | sed 's/\\/\\\\/g'
+  #
+  # So, first we look for a working echo in the user's PATH.
+
+  IFS="${IFS= 	}"; save_ifs="$IFS"; IFS="${IFS}${PATH_SEPARATOR}"
+  for dir in $PATH /usr/ucb; do
+    if (test -f $dir/echo || test -f $dir/echo$ac_exeext) &&
+       test "X`($dir/echo '\t') 2>/dev/null`" = 'X\t' &&
+       test "X`($dir/echo "$echo_test_string") 2>/dev/null`" = X"$echo_test_string"; then
+      echo="$dir/echo"
+      break
+    fi
+  done
+  IFS="$save_ifs"
+
+  if test "X$echo" = Xecho; then
+    # We didn't find a better echo, so look for alternatives.
+    if test "X`(print -r '\t') 2>/dev/null`" = 'X\t' &&
+       test "X`(print -r "$echo_test_string") 2>/dev/null`" = X"$echo_test_string"; then
+      # This shell has a builtin print -r that does the trick.
+      echo='print -r'
+    elif (test -f /bin/ksh || test -f /bin/ksh$ac_exeext) &&
+	 test "X$CONFIG_SHELL" != X/bin/ksh; then
+      # If we have ksh, try running ltconfig again with it.
+      ORIGINAL_CONFIG_SHELL="${CONFIG_SHELL-/bin/sh}"
+      export ORIGINAL_CONFIG_SHELL
+      CONFIG_SHELL=/bin/ksh
+      export CONFIG_SHELL
+      exec "$CONFIG_SHELL" "$0" --no-reexec ${1+"$@"}
+    else
+      # Try using printf.
+      echo='printf "%s\n"'
+      if test "X`($echo '\t') 2>/dev/null`" = 'X\t' &&
+	 test "X`($echo "$echo_test_string") 2>/dev/null`" = X"$echo_test_string"; then
+	# Cool, printf works
+	:
+      elif test "X`("$ORIGINAL_CONFIG_SHELL" "$0" --fallback-echo '\t') 2>/dev/null`" = 'X\t' &&
+	   test "X`("$ORIGINAL_CONFIG_SHELL" "$0" --fallback-echo "$echo_test_string") 2>/dev/null`" = X"$echo_test_string"; then
+	CONFIG_SHELL="$ORIGINAL_CONFIG_SHELL"
+	export CONFIG_SHELL
+	SHELL="$CONFIG_SHELL"
+	export SHELL
+	echo="$CONFIG_SHELL $0 --fallback-echo"
+      elif test "X`("$CONFIG_SHELL" "$0" --fallback-echo '\t') 2>/dev/null`" = 'X\t' &&
+	   test "X`("$CONFIG_SHELL" "$0" --fallback-echo "$echo_test_string") 2>/dev/null`" = X"$echo_test_string"; then
+	echo="$CONFIG_SHELL $0 --fallback-echo"
+      else
+	# maybe with a smaller string...
+	prev=:
+
+	for cmd in 'echo test' 'sed 2q "$0"' 'sed 10q "$0"' 'sed 20q "$0"' 'sed 50q "$0"'; do
+	  if (test "X$echo_test_string" = "X`eval $cmd`") 2>/dev/null; then
+	    break
+	  fi
+	  prev="$cmd"
+	done
+
+	if test "$prev" != 'sed 50q "$0"'; then
+	  echo_test_string=`eval $prev`
+	  export echo_test_string
+	  exec "${ORIGINAL_CONFIG_SHELL}" "$0" ${1+"$@"}
+	else
+	  # Oops.  We lost completely, so just stick with echo.
+	  echo=echo
+	fi
+      fi
+    fi
+  fi
+fi
+
+# Sed substitution that helps us do robust quoting.  It backslashifies
+# metacharacters that are still active within double-quoted strings.
+Xsed='sed -e s/^X//'
+sed_quote_subst='s/\([\\"\\`$\\\\]\)/\\\1/g'
+
+# Same as above, but do not quote variable references.
+double_quote_subst='s/\([\\"\\`\\\\]\)/\\\1/g'
+
+# Sed substitution to delay expansion of an escaped shell variable in a
+# double_quote_subst'ed string.
+delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g'
+
+# The name of this program.
+progname=`$echo "X$0" | $Xsed -e 's%^.*/%%'`
+
+# Constants:
+PROGRAM=ltconfig
+PACKAGE=libtool
+VERSION=1.3.4
+TIMESTAMP=" (1.385.2.196 1999/12/07 21:47:57)"
+ac_compile='${CC-cc} -c $CFLAGS $CPPFLAGS conftest.$ac_ext 1>&5'
+ac_link='${CC-cc} -o conftest $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS 1>&5'
+rm="rm -f"
+
+help="Try \`$progname --help' for more information."
+
+# Global variables:
+default_ofile=libtool
+can_build_shared=yes
+enable_shared=yes
+# All known linkers require a `.a' archive for static linking (except M$VC,
+# which needs '.lib').
+enable_static=yes
+enable_fast_install=yes
+enable_dlopen=unknown
+enable_win32_dll=no
+ltmain=
+silent=
+srcdir=
+ac_config_guess=
+ac_config_sub=
+host=
+nonopt=
+ofile="$default_ofile"
+verify_host=yes
+with_gcc=no
+with_gnu_ld=no
+need_locks=yes
+ac_ext=c
+objext=o
+libext=a
+exeext=
+cache_file=
+
+old_AR="$AR"
+old_CC="$CC"
+old_CFLAGS="$CFLAGS"
+old_CPPFLAGS="$CPPFLAGS"
+old_LDFLAGS="$LDFLAGS"
+old_LD="$LD"
+old_LN_S="$LN_S"
+old_LIBS="$LIBS"
+old_NM="$NM"
+old_RANLIB="$RANLIB"
+old_DLLTOOL="$DLLTOOL"
+old_OBJDUMP="$OBJDUMP"
+old_AS="$AS"
+
+# Parse the command line options.
+args=
+prev=
+for option
+do
+  case "$option" in
+  -*=*) optarg=`echo "$option" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
+  *) optarg= ;;
+  esac
+
+  # If the previous option needs an argument, assign it.
+  if test -n "$prev"; then
+    eval "$prev=\$option"
+    prev=
+    continue
+  fi
+
+  case "$option" in
+  --help) cat <<EOM
+Usage: $progname [OPTION]... [HOST [LTMAIN]]
+
+Generate a system-specific libtool script.
+
+    --debug                enable verbose shell tracing
+    --disable-shared       do not build shared libraries
+    --disable-static       do not build static libraries
+    --disable-fast-install do not optimize for fast installation
+    --enable-dlopen        enable dlopen support
+    --enable-win32-dll     enable building dlls on win32 hosts
+    --help                 display this help and exit
+    --no-verify            do not verify that HOST is a valid host type
+-o, --output=FILE          specify the output file [default=$default_ofile]
+    --quiet                same as \`--silent'
+    --silent               do not print informational messages
+    --srcdir=DIR           find \`config.guess' in DIR
+    --version              output version information and exit
+    --with-gcc             assume that the GNU C compiler will be used
+    --with-gnu-ld          assume that the C compiler uses the GNU linker
+    --disable-lock         disable file locking
+    --cache-file=FILE      configure cache file
+
+LTMAIN is the \`ltmain.sh' shell script fragment or \`ltmain.c' program
+that provides basic libtool functionality.
+
+HOST is the canonical host system name [default=guessed].
+EOM
+  exit 0
+  ;;
+
+  --debug)
+    echo "$progname: enabling shell trace mode"
+    set -x
+    ;;
+
+  --disable-shared) enable_shared=no ;;
+
+  --disable-static) enable_static=no ;;
+
+  --disable-fast-install) enable_fast_install=no ;;
+
+  --enable-dlopen) enable_dlopen=yes ;;
+
+  --enable-win32-dll) enable_win32_dll=yes ;;
+
+  --quiet | --silent) silent=yes ;;
+
+  --srcdir) prev=srcdir ;;
+  --srcdir=*) srcdir="$optarg" ;;
+
+  --no-verify) verify_host=no ;;
+
+  --output | -o) prev=ofile ;;
+  --output=*) ofile="$optarg" ;;
+
+  --version) echo "$PROGRAM (GNU $PACKAGE) $VERSION$TIMESTAMP"; exit 0 ;;
+
+  --with-gcc) with_gcc=yes ;;
+  --with-gnu-ld) with_gnu_ld=yes ;;
+
+  --disable-lock) need_locks=no ;;
+
+  --cache-file=*) cache_file="$optarg" ;;
+
+  -*)
+    echo "$progname: unrecognized option \`$option'" 1>&2
+    echo "$help" 1>&2
+    exit 1
+    ;;
+
+  *)
+    if test -z "$ltmain"; then
+      ltmain="$option"
+    elif test -z "$host"; then
+# This generates an unnecessary warning for sparc-sun-solaris4.1.3_U1
+#      if test -n "`echo $option| sed 's/[-a-z0-9.]//g'`"; then
+#        echo "$progname: warning \`$option' is not a valid host type" 1>&2
+#      fi
+      host="$option"
+    else
+      echo "$progname: too many arguments" 1>&2
+      echo "$help" 1>&2
+      exit 1
+    fi ;;
+  esac
+done
+
+if test -z "$ltmain"; then
+  echo "$progname: you must specify a LTMAIN file" 1>&2
+  echo "$help" 1>&2
+  exit 1
+fi
+
+if test ! -f "$ltmain"; then
+  echo "$progname: \`$ltmain' does not exist" 1>&2
+  echo "$help" 1>&2
+  exit 1
+fi
+
+# Quote any args containing shell metacharacters.
+ltconfig_args=
+for arg
+do
+  case "$arg" in
+  *" "*|*"	"*|*[\[\]\~\#\$\^\&\*\(\)\{\}\\\|\;\<\>\?]*)
+  ltconfig_args="$ltconfig_args '$arg'" ;;
+  *) ltconfig_args="$ltconfig_args $arg" ;;
+  esac
+done
+
+# A relevant subset of AC_INIT.
+
+# File descriptor usage:
+# 0 standard input
+# 1 file creation
+# 2 errors and warnings
+# 3 some systems may open it to /dev/tty
+# 4 used on the Kubota Titan
+# 5 compiler messages saved in config.log
+# 6 checking for... messages and results
+if test "$silent" = yes; then
+  exec 6>/dev/null
+else
+  exec 6>&1
+fi
+exec 5>>./config.log
+
+# NLS nuisances.
+# Only set LANG and LC_ALL to C if already set.
+# These must not be set unconditionally because not all systems understand
+# e.g. LANG=C (notably SCO).
+if test "X${LC_ALL+set}" = Xset; then LC_ALL=C; export LC_ALL; fi
+if test "X${LANG+set}"   = Xset; then LANG=C;   export LANG;   fi
+
+if test -n "$cache_file" && test -r "$cache_file"; then
+  echo "loading cache $cache_file within ltconfig"
+  . $cache_file
+fi
+
+if (echo "testing\c"; echo 1,2,3) | grep c >/dev/null; then
+  # Stardent Vistra SVR4 grep lacks -e, says ghazi at caip.rutgers.edu.
+  if (echo -n testing; echo 1,2,3) | sed s/-n/xn/ | grep xn >/dev/null; then
+    ac_n= ac_c='
+' ac_t='	'
+  else
+    ac_n=-n ac_c= ac_t=
+  fi
+else
+  ac_n= ac_c='\c' ac_t=
+fi
+
+if test -z "$srcdir"; then
+  # Assume the source directory is the same one as the path to LTMAIN.
+  srcdir=`$echo "X$ltmain" | $Xsed -e 's%/[^/]*$%%'`
+  test "$srcdir" = "$ltmain" && srcdir=.
+fi
+
+trap "$rm conftest*; exit 1" 1 2 15
+if test "$verify_host" = yes; then
+  # Check for config.guess and config.sub.
+  ac_aux_dir=
+  for ac_dir in $srcdir $srcdir/.. $srcdir/../..; do
+    if test -f $ac_dir/config.guess; then
+      ac_aux_dir=$ac_dir
+      break
+    fi
+  done
+  if test -z "$ac_aux_dir"; then
+    echo "$progname: cannot find config.guess in $srcdir $srcdir/.. $srcdir/../.." 1>&2
+    echo "$help" 1>&2
+    exit 1
+  fi
+  ac_config_guess=$ac_aux_dir/config.guess
+  ac_config_sub=$ac_aux_dir/config.sub
+
+  # Make sure we can run config.sub.
+  if $SHELL $ac_config_sub sun4 >/dev/null 2>&1; then :
+  else
+    echo "$progname: cannot run $ac_config_sub" 1>&2
+    echo "$help" 1>&2
+    exit 1
+  fi
+
+  echo $ac_n "checking host system type""... $ac_c" 1>&6
+
+  host_alias=$host
+  case "$host_alias" in
+  "")
+    if host_alias=`$SHELL $ac_config_guess`; then :
+    else
+      echo "$progname: cannot guess host type; you must specify one" 1>&2
+      echo "$help" 1>&2
+      exit 1
+    fi ;;
+  esac
+  host=`$SHELL $ac_config_sub $host_alias`
+  echo "$ac_t$host" 1>&6
+
+  # Make sure the host verified.
+  test -z "$host" && exit 1
+
+elif test -z "$host"; then
+  echo "$progname: you must specify a host type if you use \`--no-verify'" 1>&2
+  echo "$help" 1>&2
+  exit 1
+else
+  host_alias=$host
+fi
+
+# Transform linux* to *-*-linux-gnu*, to support old configure scripts.
+case "$host_os" in
+linux-gnu*) ;;
+linux*) host=`echo $host | sed 's/^\(.*-.*-linux\)\(.*\)$/\1-gnu\2/'`
+esac
+
+host_cpu=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\1/'`
+host_vendor=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\2/'`
+host_os=`echo $host | sed 's/^\([^-]*\)-\([^-]*\)-\(.*\)$/\3/'`
+
+case "$host_os" in
+aix3*)
+  # AIX sometimes has problems with the GCC collect2 program.  For some
+  # reason, if we set the COLLECT_NAMES environment variable, the problems
+  # vanish in a puff of smoke.
+  if test "X${COLLECT_NAMES+set}" != Xset; then
+    COLLECT_NAMES=
+    export COLLECT_NAMES
+  fi
+  ;;
+esac
+
+# Determine commands to create old-style static archives.
+old_archive_cmds='$AR cru $oldlib$oldobjs'
+old_postinstall_cmds='chmod 644 $oldlib'
+old_postuninstall_cmds=
+
+# Set a sane default for `AR'.
+test -z "$AR" && AR=ar
+
+# Set a sane default for `OBJDUMP'.
+test -z "$OBJDUMP" && OBJDUMP=objdump
+
+# If RANLIB is not set, then run the test.
+if test "${RANLIB+set}" != "set"; then
+  result=no
+
+  echo $ac_n "checking for ranlib... $ac_c" 1>&6
+  IFS="${IFS= 	}"; save_ifs="$IFS"; IFS="${IFS}${PATH_SEPARATOR}"
+  for dir in $PATH; do
+    test -z "$dir" && dir=.
+    if test -f $dir/ranlib || test -f $dir/ranlib$ac_exeext; then
+      RANLIB="ranlib"
+      result="ranlib"
+      break
+    fi
+  done
+  IFS="$save_ifs"
+
+  echo "$ac_t$result" 1>&6
+fi
+
+if test -n "$RANLIB"; then
+  old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib"
+  old_postinstall_cmds="\$RANLIB \$oldlib~$old_postinstall_cmds"
+fi
+
+# Set sane defaults for `DLLTOOL', `OBJDUMP', and `AS', used on cygwin.
+test -z "$DLLTOOL" && DLLTOOL=dlltool
+test -z "$OBJDUMP" && OBJDUMP=objdump
+test -z "$AS" && AS=as
+
+# Check to see if we are using GCC.
+if test "$with_gcc" != yes || test -z "$CC"; then
+  # If CC is not set, then try to find GCC or a usable CC.
+  if test -z "$CC"; then
+    echo $ac_n "checking for gcc... $ac_c" 1>&6
+    IFS="${IFS= 	}"; save_ifs="$IFS"; IFS="${IFS}${PATH_SEPARATOR}"
+    for dir in $PATH; do
+      test -z "$dir" && dir=.
+      if test -f $dir/gcc || test -f $dir/gcc$ac_exeext; then
+	CC="gcc"
+	break
+      fi
+    done
+    IFS="$save_ifs"
+
+    if test -n "$CC"; then
+      echo "$ac_t$CC" 1>&6
+    else
+      echo "$ac_t"no 1>&6
+    fi
+  fi
+
+  # Not "gcc", so try "cc", rejecting "/usr/ucb/cc".
+  if test -z "$CC"; then
+    echo $ac_n "checking for cc... $ac_c" 1>&6
+    IFS="${IFS= 	}"; save_ifs="$IFS"; IFS="${IFS}${PATH_SEPARATOR}"
+    cc_rejected=no
+    for dir in $PATH; do
+      test -z "$dir" && dir=.
+      if test -f $dir/cc || test -f $dir/cc$ac_exeext; then
+	if test "$dir/cc" = "/usr/ucb/cc"; then
+	  cc_rejected=yes
+	  continue
+	fi
+	CC="cc"
+	break
+      fi
+    done
+    IFS="$save_ifs"
+    if test $cc_rejected = yes; then
+      # We found a bogon in the path, so make sure we never use it.
+      set dummy $CC
+      shift
+      if test $# -gt 0; then
+	# We chose a different compiler from the bogus one.
+	# However, it has the same name, so the bogon will be chosen
+	# first if we set CC to just the name; use the full file name.
+	shift
+	set dummy "$dir/cc" "$@"
+	shift
+	CC="$@"
+      fi
+    fi
+
+    if test -n "$CC"; then
+      echo "$ac_t$CC" 1>&6
+    else
+      echo "$ac_t"no 1>&6
+    fi
+
+    if test -z "$CC"; then
+      echo "$progname: error: no acceptable cc found in \$PATH" 1>&2
+      exit 1
+    fi
+  fi
+
+  # Now see if the compiler is really GCC.
+  with_gcc=no
+  echo $ac_n "checking whether we are using GNU C... $ac_c" 1>&6
+  echo "$progname:581: checking whether we are using GNU C" >&5
+
+  $rm conftest.c
+  cat > conftest.c <<EOF
+#ifdef __GNUC__
+  yes;
+#endif
+EOF
+  if { ac_try='${CC-cc} -E conftest.c'; { (eval echo $progname:589: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }; } | egrep yes >/dev/null 2>&1; then
+    with_gcc=yes
+  fi
+  $rm conftest.c
+  echo "$ac_t$with_gcc" 1>&6
+fi
+
+# Allow CC to be a program name with arguments.
+set dummy $CC
+compiler="$2"
+
+echo $ac_n "checking for object suffix... $ac_c" 1>&6
+$rm conftest*
+echo 'int i = 1;' > conftest.c
+echo "$progname:603: checking for object suffix" >& 5
+if { (eval echo $progname:604: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>conftest.err; }; then
+  # Append any warnings to the config.log.
+  cat conftest.err 1>&5
+
+  for ac_file in conftest.*; do
+    case $ac_file in
+    *.c) ;;
+    *) objext=`echo $ac_file | sed -e s/conftest.//` ;;
+    esac
+  done
+else
+  cat conftest.err 1>&5
+  echo "$progname: failed program was:" >&5
+  cat conftest.c >&5
+fi
+$rm conftest*
+echo "$ac_t$objext" 1>&6
+
+echo $ac_n "checking for executable suffix... $ac_c" 1>&6
+if eval "test \"`echo '$''{'ac_cv_exeext'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  ac_cv_exeext="no"
+  $rm conftest*
+  echo 'main () { return 0; }' > conftest.c
+  echo "$progname:629: checking for executable suffix" >& 5
+  if { (eval echo $progname:630: \"$ac_link\") 1>&5; (eval $ac_link) 2>conftest.err; }; then
+    # Append any warnings to the config.log.
+    cat conftest.err 1>&5
+
+    for ac_file in conftest.*; do
+      case $ac_file in
+      *.c | *.err | *.$objext ) ;;
+      *) ac_cv_exeext=.`echo $ac_file | sed -e s/conftest.//` ;;
+      esac
+    done
+  else
+    cat conftest.err 1>&5
+    echo "$progname: failed program was:" >&5
+    cat conftest.c >&5
+  fi
+  $rm conftest*
+fi
+if test "X$ac_cv_exeext" = Xno; then
+  exeext=""
+else
+  exeext="$ac_cv_exeext"
+fi
+echo "$ac_t$ac_cv_exeext" 1>&6
+
+echo $ac_n "checking for $compiler option to produce PIC... $ac_c" 1>&6
+pic_flag=
+special_shlib_compile_flags=
+wl=
+link_static_flag=
+no_builtin_flag=
+
+if test "$with_gcc" = yes; then
+  wl='-Wl,'
+  link_static_flag='-static'
+
+  case "$host_os" in
+  beos* | irix5* | irix6* | osf3* | osf4* | osf5*)
+    # PIC is the default for these OSes.
+    ;;
+  aix*)
+    # Below there is a dirty hack to force normal static linking with -ldl
+    # The problem is because libdl dynamically linked with both libc and
+    # libC (AIX C++ library), which obviously doesn't included in libraries
+    # list by gcc. This cause undefined symbols with -static flags.
+    # This hack allows C programs to be linked with "-static -ldl", but
+    # we not sure about C++ programs.
+    link_static_flag="$link_static_flag ${wl}-lC"
+    ;;
+  cygwin* | mingw* | os2*)
+    # We can build DLLs from non-PIC.
+    ;;
+  amigaos*)
+    # FIXME: we need at least 68020 code to build shared libraries, but
+    # adding the `-m68020' flag to GCC prevents building anything better,
+    # like `-m68040'.
+    pic_flag='-m68020 -resident32 -malways-restore-a4'
+    ;;
+  sysv4*MP*)
+    if test -d /usr/nec; then
+       pic_flag=-Kconform_pic
+    fi
+    ;;
+  *)
+    pic_flag='-fPIC'
+    ;;
+  esac
+else
+  # PORTME Check for PIC flags for the system compiler.
+  case "$host_os" in
+  aix3* | aix4*)
+    # All AIX code is PIC.
+    link_static_flag='-bnso -bI:/lib/syscalls.exp'
+    ;;
+
+  hpux9* | hpux10* | hpux11*)
+    # Is there a better link_static_flag that works with the bundled CC?
+    wl='-Wl,'
+    link_static_flag="${wl}-a ${wl}archive"
+    pic_flag='+Z'
+    ;;
+
+  irix5* | irix6*)
+    wl='-Wl,'
+    link_static_flag='-non_shared'
+    # PIC (with -KPIC) is the default.
+    ;;
+
+  cygwin* | mingw* | os2*)
+    # We can build DLLs from non-PIC.
+    ;;
+
+  osf3* | osf4* | osf5*)
+    # All OSF/1 code is PIC.
+    wl='-Wl,'
+    link_static_flag='-non_shared'
+    ;;
+
+  sco3.2v5*)
+    pic_flag='-Kpic'
+    link_static_flag='-dn'
+    special_shlib_compile_flags='-belf'
+    ;;
+
+  solaris*)
+    pic_flag='-KPIC'
+    link_static_flag='-Bstatic'
+    wl='-Wl,'
+    ;;
+
+  sunos4*)
+    pic_flag='-PIC'
+    link_static_flag='-Bstatic'
+    wl='-Qoption ld '
+    ;;
+
+  sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*)
+    pic_flag='-KPIC'
+    link_static_flag='-Bstatic'
+    wl='-Wl,'
+    ;;
+
+  uts4*)
+    pic_flag='-pic'
+    link_static_flag='-Bstatic'
+    ;;
+  sysv4*MP*)
+    if test -d /usr/nec ;then
+      pic_flag='-Kconform_pic'
+      link_static_flag='-Bstatic'
+    fi
+    ;;
+  *)
+    can_build_shared=no
+    ;;
+  esac
+fi
+
+if test -n "$pic_flag"; then
+  echo "$ac_t$pic_flag" 1>&6
+
+  # Check to make sure the pic_flag actually works.
+  echo $ac_n "checking if $compiler PIC flag $pic_flag works... $ac_c" 1>&6
+  $rm conftest*
+  echo "int some_variable = 0;" > conftest.c
+  save_CFLAGS="$CFLAGS"
+  CFLAGS="$CFLAGS $pic_flag -DPIC"
+  echo "$progname:776: checking if $compiler PIC flag $pic_flag works" >&5
+  if { (eval echo $progname:777: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>conftest.err; } && test -s conftest.$objext; then
+    # Append any warnings to the config.log.
+    cat conftest.err 1>&5
+    
+    case "$host_os" in
+    hpux9* | hpux10* | hpux11*)
+      # On HP-UX, both CC and GCC only warn that PIC is supported... then they
+      # create non-PIC objects.  So, if there were any warnings, we assume that
+      # PIC is not supported.
+      if test -s conftest.err; then
+	echo "$ac_t"no 1>&6
+	can_build_shared=no
+	pic_flag=
+      else
+	echo "$ac_t"yes 1>&6
+	pic_flag=" $pic_flag"
+      fi
+      ;;
+    *)
+      echo "$ac_t"yes 1>&6
+      pic_flag=" $pic_flag"
+      ;;
+    esac
+  else
+    # Append any errors to the config.log.
+    cat conftest.err 1>&5
+    can_build_shared=no
+    pic_flag=
+    echo "$ac_t"no 1>&6
+  fi
+  CFLAGS="$save_CFLAGS"
+  $rm conftest*
+else
+  echo "$ac_t"none 1>&6
+fi
+
+# Check to see if options -o and -c are simultaneously supported by compiler
+echo $ac_n "checking if $compiler supports -c -o file.o... $ac_c" 1>&6
+$rm -r conftest 2>/dev/null
+mkdir conftest
+cd conftest
+$rm conftest*
+echo "int some_variable = 0;" > conftest.c
+mkdir out
+# According to Tom Tromey, Ian Lance Taylor reported there are C compilers
+# that will create temporary files in the current directory regardless of
+# the output directory.  Thus, making CWD read-only will cause this test
+# to fail, enabling locking or at least warning the user not to do parallel
+# builds.
+chmod -w .
+save_CFLAGS="$CFLAGS"
+CFLAGS="$CFLAGS -o out/conftest2.o"
+echo "$progname:829: checking if $compiler supports -c -o file.o" >&5
+if { (eval echo $progname:830: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>out/conftest.err; } && test -s out/conftest2.o; then
+
+  # The compiler can only warn and ignore the option if not recognized
+  # So say no if there are warnings
+    if test -s out/conftest.err; then
+      echo "$ac_t"no 1>&6
+      compiler_c_o=no
+    else
+      echo "$ac_t"yes 1>&6
+      compiler_c_o=yes
+    fi
+else
+  # Append any errors to the config.log.
+  cat out/conftest.err 1>&5
+  compiler_c_o=no
+  echo "$ac_t"no 1>&6
+fi
+CFLAGS="$save_CFLAGS"
+chmod u+w .
+$rm conftest* out/*
+rmdir out
+cd ..
+rmdir conftest
+$rm -r conftest 2>/dev/null
+
+if test x"$compiler_c_o" = x"yes"; then
+  # Check to see if we can write to a .lo
+  echo $ac_n "checking if $compiler supports -c -o file.lo... $ac_c" 1>&6
+  $rm conftest*
+  echo "int some_variable = 0;" > conftest.c
+  save_CFLAGS="$CFLAGS"
+  CFLAGS="$CFLAGS -c -o conftest.lo"
+  echo "$progname:862: checking if $compiler supports -c -o file.lo" >&5
+if { (eval echo $progname:863: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>conftest.err; } && test -s conftest.lo; then
+
+    # The compiler can only warn and ignore the option if not recognized
+    # So say no if there are warnings
+      if test -s conftest.err; then
+	echo "$ac_t"no 1>&6
+	compiler_o_lo=no
+      else
+	echo "$ac_t"yes 1>&6
+	compiler_o_lo=yes
+      fi
+  else
+    # Append any errors to the config.log.
+    cat conftest.err 1>&5
+    compiler_o_lo=no
+    echo "$ac_t"no 1>&6
+  fi
+  CFLAGS="$save_CFLAGS"
+  $rm conftest*
+else
+  compiler_o_lo=no
+fi
+
+# Check to see if we can do hard links to lock some files if needed
+hard_links="nottested"
+if test "$compiler_c_o" = no && test "$need_locks" != no; then
+  # do not overwrite the value of need_locks provided by the user
+  echo $ac_n "checking if we can lock with hard links... $ac_c" 1>&6
+  hard_links=yes
+  $rm conftest*
+  ln conftest.a conftest.b 2>/dev/null && hard_links=no
+  touch conftest.a
+  ln conftest.a conftest.b 2>&5 || hard_links=no
+  ln conftest.a conftest.b 2>/dev/null && hard_links=no
+  echo "$ac_t$hard_links" 1>&6
+  $rm conftest*
+  if test "$hard_links" = no; then
+    echo "*** WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2
+    need_locks=warn
+  fi
+else
+  need_locks=no
+fi
+
+if test "$with_gcc" = yes; then
+  # Check to see if options -fno-rtti -fno-exceptions are supported by compiler
+  echo $ac_n "checking if $compiler supports -fno-rtti -fno-exceptions ... $ac_c" 1>&6
+  $rm conftest*
+  echo "int some_variable = 0;" > conftest.c
+  save_CFLAGS="$CFLAGS"
+  CFLAGS="$CFLAGS -fno-rtti -fno-exceptions -c conftest.c"
+  echo "$progname:914: checking if $compiler supports -fno-rtti -fno-exceptions" >&5
+  if { (eval echo $progname:915: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>conftest.err; } && test -s conftest.o; then
+
+    # The compiler can only warn and ignore the option if not recognized
+    # So say no if there are warnings
+      if test -s conftest.err; then
+	echo "$ac_t"no 1>&6
+	compiler_rtti_exceptions=no
+      else
+	echo "$ac_t"yes 1>&6
+	compiler_rtti_exceptions=yes
+      fi
+  else
+    # Append any errors to the config.log.
+    cat conftest.err 1>&5
+    compiler_rtti_exceptions=no
+    echo "$ac_t"no 1>&6
+  fi
+  CFLAGS="$save_CFLAGS"
+  $rm conftest*
+
+  if test "$compiler_rtti_exceptions" = "yes"; then
+    no_builtin_flag=' -fno-builtin -fno-rtti -fno-exceptions'
+  else
+    no_builtin_flag=' -fno-builtin'
+  fi
+  
+fi
+
+# Check for any special shared library compilation flags.
+if test -n "$special_shlib_compile_flags"; then
+  echo "$progname: warning: \`$CC' requires \`$special_shlib_compile_flags' to build shared libraries" 1>&2
+  if echo "$old_CC $old_CFLAGS " | egrep -e "[ 	]$special_shlib_compile_flags[ 	]" >/dev/null; then :
+  else
+    echo "$progname: add \`$special_shlib_compile_flags' to the CC or CFLAGS env variable and reconfigure" 1>&2
+    can_build_shared=no
+  fi
+fi
+
+echo $ac_n "checking if $compiler static flag $link_static_flag works... $ac_c" 1>&6
+$rm conftest*
+echo 'main(){return(0);}' > conftest.c
+save_LDFLAGS="$LDFLAGS"
+LDFLAGS="$LDFLAGS $link_static_flag"
+echo "$progname:958: checking if $compiler static flag $link_static_flag works" >&5
+if { (eval echo $progname:959: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+  echo "$ac_t$link_static_flag" 1>&6
+else
+  echo "$ac_t"none 1>&6
+  link_static_flag=
+fi
+LDFLAGS="$save_LDFLAGS"
+$rm conftest*
+
+if test -z "$LN_S"; then
+  # Check to see if we can use ln -s, or we need hard links.
+  echo $ac_n "checking whether ln -s works... $ac_c" 1>&6
+  $rm conftest.dat
+  if ln -s X conftest.dat 2>/dev/null; then
+    $rm conftest.dat
+    LN_S="ln -s"
+  else
+    LN_S=ln
+  fi
+  if test "$LN_S" = "ln -s"; then
+    echo "$ac_t"yes 1>&6
+  else
+    echo "$ac_t"no 1>&6
+  fi
+fi
+
+# Make sure LD is an absolute path.
+if test -z "$LD"; then
+  ac_prog=ld
+  if test "$with_gcc" = yes; then
+    # Check if gcc -print-prog-name=ld gives a path.
+    echo $ac_n "checking for ld used by GCC... $ac_c" 1>&6
+    echo "$progname:991: checking for ld used by GCC" >&5
+    ac_prog=`($CC -print-prog-name=ld) 2>&5`
+    case "$ac_prog" in
+    # Accept absolute paths.
+    [\\/]* | [A-Za-z]:[\\/]*)
+      re_direlt='/[^/][^/]*/\.\./'
+      # Canonicalize the path of ld
+      ac_prog=`echo $ac_prog| sed 's%\\\\%/%g'`
+      while echo $ac_prog | grep "$re_direlt" > /dev/null 2>&1; do
+	ac_prog=`echo $ac_prog| sed "s%$re_direlt%/%"`
+      done
+      test -z "$LD" && LD="$ac_prog"
+      ;;
+    "")
+      # If it fails, then pretend we are not using GCC.
+      ac_prog=ld
+      ;;
+    *)
+      # If it is relative, then search for the first ld in PATH.
+      with_gnu_ld=unknown
+      ;;
+    esac
+  elif test "$with_gnu_ld" = yes; then
+    echo $ac_n "checking for GNU ld... $ac_c" 1>&6
+    echo "$progname:1015: checking for GNU ld" >&5
+  else
+    echo $ac_n "checking for non-GNU ld""... $ac_c" 1>&6
+    echo "$progname:1018: checking for non-GNU ld" >&5
+  fi
+
+  if test -z "$LD"; then
+    IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS="${IFS}${PATH_SEPARATOR}"
+    for ac_dir in $PATH; do
+      test -z "$ac_dir" && ac_dir=.
+      if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then
+	LD="$ac_dir/$ac_prog"
+	# Check to see if the program is GNU ld.  I'd rather use --version,
+	# but apparently some GNU ld's only accept -v.
+	# Break only if it was the GNU/non-GNU ld that we prefer.
+	if "$LD" -v 2>&1 < /dev/null | egrep '(GNU|with BFD)' > /dev/null; then
+	  test "$with_gnu_ld" != no && break
+	else
+	  test "$with_gnu_ld" != yes && break
+	fi
+      fi
+    done
+    IFS="$ac_save_ifs"
+  fi
+
+  if test -n "$LD"; then
+    echo "$ac_t$LD" 1>&6
+  else
+    echo "$ac_t"no 1>&6
+  fi
+
+  if test -z "$LD"; then
+    echo "$progname: error: no acceptable ld found in \$PATH" 1>&2
+    exit 1
+  fi
+fi
+
+# Check to see if it really is or is not GNU ld.
+echo $ac_n "checking if the linker ($LD) is GNU ld... $ac_c" 1>&6
+# I'd rather use --version here, but apparently some GNU ld's only accept -v.
+if $LD -v 2>&1 </dev/null | egrep '(GNU|with BFD)' 1>&5; then
+  with_gnu_ld=yes
+else
+  with_gnu_ld=no
+fi
+echo "$ac_t$with_gnu_ld" 1>&6
+
+# See if the linker supports building shared libraries.
+echo $ac_n "checking whether the linker ($LD) supports shared libraries... $ac_c" 1>&6
+
+allow_undefined_flag=
+no_undefined_flag=
+need_lib_prefix=unknown
+need_version=unknown
+# when you set need_version to no, make sure it does not cause -set_version
+# flags to be left without arguments
+archive_cmds=
+archive_expsym_cmds=
+old_archive_from_new_cmds=
+export_dynamic_flag_spec=
+whole_archive_flag_spec=
+thread_safe_flag_spec=
+hardcode_libdir_flag_spec=
+hardcode_libdir_separator=
+hardcode_direct=no
+hardcode_minus_L=no
+hardcode_shlibpath_var=unsupported
+runpath_var=
+always_export_symbols=no
+export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | sed '\''s/.* //'\'' | sort | uniq > $export_symbols'
+# include_expsyms should be a list of space-separated symbols to be *always*
+# included in the symbol list
+include_expsyms=
+# exclude_expsyms can be an egrep regular expression of symbols to exclude
+# it will be wrapped by ` (' and `)$', so one must not match beginning or
+# end of line.  Example: `a|bc|.*d.*' will exclude the symbols `a' and `bc',
+# as well as any symbol that contains `d'.
+exclude_expsyms="_GLOBAL_OFFSET_TABLE_"
+# Although _GLOBAL_OFFSET_TABLE_ is a valid symbol C name, most a.out
+# platforms (ab)use it in PIC code, but their linkers get confused if
+# the symbol is explicitly referenced.  Since portable code cannot
+# rely on this symbol name, it's probably fine to never include it in
+# preloaded symbol tables.
+
+case "$host_os" in
+cygwin* | mingw*)
+  # FIXME: the MSVC++ port hasn't been tested in a loooong time
+  # When not using gcc, we currently assume that we are using
+  # Microsoft Visual C++.
+  if test "$with_gcc" != yes; then
+    with_gnu_ld=no
+  fi
+  ;;
+
+esac
+
+ld_shlibs=yes
+if test "$with_gnu_ld" = yes; then
+  # If archive_cmds runs LD, not CC, wlarc should be empty
+  wlarc='${wl}'
+
+  # See if GNU ld supports shared libraries.
+  case "$host_os" in
+  aix3* | aix4*)
+    # On AIX, the GNU linker is very broken
+    ld_shlibs=no
+    cat <<EOF 1>&2
+
+*** Warning: the GNU linker, at least up to release 2.9.1, is reported
+*** to be unable to reliably create shared libraries on AIX.
+*** Therefore, libtool is disabling shared libraries support.  If you
+*** really care for shared libraries, you may want to modify your PATH
+*** so that a non-GNU linker is found, and then restart.
+
+EOF
+    ;;
+
+  amigaos*)
+    archive_cmds='$rm $objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $objdir/a2ixlibrary.data~$AR cru $lib $libobjs~$RANLIB $lib~(cd $objdir && a2ixlibrary -32)'
+    hardcode_libdir_flag_spec='-L$libdir'
+    hardcode_minus_L=yes
+
+    # Samuel A. Falvo II <kc5tja at dolphin.openprojects.net> reports
+    # that the semantics of dynamic libraries on AmigaOS, at least up
+    # to version 4, is to share data among multiple programs linked
+    # with the same dynamic library.  Since this doesn't match the
+    # behavior of shared libraries on other platforms, we can use
+    # them.
+    ld_shlibs=no
+    ;;
+
+  beos*)
+    if $LD --help 2>&1 | egrep ': supported targets:.* elf' > /dev/null; then
+      allow_undefined_flag=unsupported
+      # Joseph Beckenbach <jrb3 at best.com> says some releases of gcc
+      # support --undefined.  This deserves some investigation.  FIXME
+      archive_cmds='$CC -nostart $libobjs $deplibs $linkopts ${wl}-soname $wl$soname -o $lib'
+    else
+      ld_shlibs=no
+    fi
+    ;;
+
+  cygwin* | mingw*)
+    # hardcode_libdir_flag_spec is actually meaningless, as there is
+    # no search path for DLLs.
+    hardcode_libdir_flag_spec='-L$libdir'
+    allow_undefined_flag=unsupported
+    always_export_symbols=yes
+
+    # Extract the symbol export list from an `--export-all' def file,
+    # then regenerate the def file from the symbol export list, so that
+    # the compiled dll only exports the symbol export list.
+    export_symbols_cmds='test -f $objdir/$soname-ltdll.c || sed -e "/^# \/\* ltdll\.c starts here \*\//,/^# \/\* ltdll.c ends here \*\// { s/^# //; p; }" -e d < $0 > $objdir/$soname-ltdll.c~
+      test -f $objdir/$soname-ltdll.$objext || (cd $objdir && $CC -c $soname-ltdll.c)~
+      $DLLTOOL --export-all --exclude-symbols DllMain at 12,_cygwin_dll_entry at 12,_cygwin_noncygwin_dll_entry at 12 --output-def $objdir/$soname-def  $objdir/$soname-ltdll.$objext $libobjs $convenience~
+      sed -e "1,/EXPORTS/d" -e "s/ @ [0-9]* ; *//" < $objdir/$soname-def > $export_symbols'
+
+    archive_expsym_cmds='echo EXPORTS > $objdir/$soname-def~
+      _lt_hint=1;
+      for symbol in `cat $export_symbols`; do
+	echo "	\$symbol @ \$_lt_hint ; " >> $objdir/$soname-def;
+	_lt_hint=`expr 1 + \$_lt_hint`;
+      done~
+      test -f $objdir/$soname-ltdll.c || sed -e "/^# \/\* ltdll\.c starts here \*\//,/^# \/\* ltdll.c ends here \*\// { s/^# //; p; }" -e d < $0 > $objdir/$soname-ltdll.c~
+      test -f $objdir/$soname-ltdll.$objext || (cd $objdir && $CC -c $soname-ltdll.c)~
+      $CC -Wl,--base-file,$objdir/$soname-base -Wl,--dll -nostartfiles -Wl,-e,__cygwin_dll_entry at 12 -o $lib $objdir/$soname-ltdll.$objext $libobjs $deplibs $linkopts~
+      $DLLTOOL --as=$AS --dllname $soname --exclude-symbols DllMain at 12,_cygwin_dll_entry at 12,_cygwin_noncygwin_dll_entry at 12 --def $objdir/$soname-def --base-file $objdir/$soname-base --output-exp $objdir/$soname-exp~
+      $CC -Wl,--base-file,$objdir/$soname-base $objdir/$soname-exp -Wl,--dll -nostartfiles -Wl,-e,__cygwin_dll_entry at 12 -o $lib $objdir/$soname-ltdll.$objext $libobjs $deplibs $linkopts~
+      $DLLTOOL --as=$AS --dllname $soname --exclude-symbols DllMain at 12,_cygwin_dll_entry at 12,_cygwin_noncygwin_dll_entry at 12 --def $objdir/$soname-def --base-file $objdir/$soname-base --output-exp $objdir/$soname-exp~
+      $CC $objdir/$soname-exp -Wl,--dll -nostartfiles -Wl,-e,__cygwin_dll_entry at 12 -o $lib $objdir/$soname-ltdll.$objext $libobjs $deplibs $linkopts'
+
+      old_archive_from_new_cmds='$DLLTOOL --as=$AS --dllname $soname --def $objdir/$soname-def --output-lib $objdir/$libname.a' 
+    ;;
+
+  netbsd*)
+    if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
+      archive_cmds='$CC -shared $libobjs $deplibs $linkopts ${wl}-soname $wl$soname -o $lib'
+      archive_expsym_cmds='$CC -shared $libobjs $deplibs $linkopts ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+    else
+      archive_cmds='$LD -Bshareable $libobjs $deplibs $linkopts -o $lib'
+      # can we support soname and/or expsyms with a.out? -oliva
+    fi
+    ;;
+
+  solaris* | sysv5*)
+    if $LD -v 2>&1 | egrep 'BFD 2\.8' > /dev/null; then
+      ld_shlibs=no
+      cat <<EOF 1>&2
+
+*** Warning: The releases 2.8.* of the GNU linker cannot reliably
+*** create shared libraries on Solaris systems.  Therefore, libtool
+*** is disabling shared libraries support.  We urge you to upgrade GNU
+*** binutils to release 2.9.1 or newer.  Another option is to modify
+*** your PATH or compiler configuration so that the native linker is
+*** used, and then restart.
+
+EOF
+    elif $LD --help 2>&1 | egrep ': supported targets:.* elf' > /dev/null; then
+      archive_cmds='$CC -shared $libobjs $deplibs $linkopts ${wl}-soname $wl$soname -o $lib'
+      archive_expsym_cmds='$CC -shared $libobjs $deplibs $linkopts ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+    else
+      ld_shlibs=no
+    fi
+    ;;      
+
+  sunos4*)
+    archive_cmds='$LD -assert pure-text -Bshareable -o $lib $libobjs $deplibs $linkopts'
+    wlarc=
+    hardcode_direct=yes
+    hardcode_shlibpath_var=no
+    ;;
+
+  *)
+    if $LD --help 2>&1 | egrep ': supported targets:.* elf' > /dev/null; then
+      archive_cmds='$CC -shared $libobjs $deplibs $linkopts ${wl}-soname $wl$soname -o $lib'
+      archive_expsym_cmds='$CC -shared $libobjs $deplibs $linkopts ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib'
+    else
+      ld_shlibs=no
+    fi
+    ;;
+  esac
+
+  if test "$ld_shlibs" = yes; then
+    runpath_var=LD_RUN_PATH
+    hardcode_libdir_flag_spec='${wl}--rpath ${wl}$libdir'
+    export_dynamic_flag_spec='${wl}--export-dynamic'
+    case $host_os in
+    cygwin* | mingw*)
+      # dlltool doesn't understand --whole-archive et. al.
+      whole_archive_flag_spec=
+      ;;
+    *)
+      # ancient GNU ld didn't support --whole-archive et. al.
+      if $LD --help 2>&1 | egrep 'no-whole-archive' > /dev/null; then
+        whole_archive_flag_spec="$wlarc"'--whole-archive$convenience '"$wlarc"'--no-whole-archive'
+      else
+        whole_archive_flag_spec=
+      fi
+      ;;
+    esac
+  fi
+else
+  # PORTME fill in a description of your system's linker (not GNU ld)
+  case "$host_os" in
+  aix3*)
+    allow_undefined_flag=unsupported
+    always_export_symbols=yes
+    archive_expsym_cmds='$LD -o $objdir/$soname $libobjs $deplibs $linkopts -bE:$export_symbols -T512 -H512 -bM:SRE~$AR cru $lib $objdir/$soname'
+    # Note: this linker hardcodes the directories in LIBPATH if there
+    # are no directories specified by -L.
+    hardcode_minus_L=yes
+    if test "$with_gcc" = yes && test -z "$link_static_flag"; then
+      # Neither direct hardcoding nor static linking is supported with a
+      # broken collect2.
+      hardcode_direct=unsupported
+    fi
+    ;;
+
+  aix4*)
+    hardcode_libdir_flag_spec='${wl}-b ${wl}nolibpath ${wl}-b ${wl}libpath:$libdir:/usr/lib:/lib'
+    hardcode_libdir_separator=':'
+    if test "$with_gcc" = yes; then
+      collect2name=`${CC} -print-prog-name=collect2`
+      if test -f "$collect2name" && \
+	 strings "$collect2name" | grep resolve_lib_name >/dev/null
+      then
+	# We have reworked collect2
+	hardcode_direct=yes
+      else
+	# We have old collect2
+	hardcode_direct=unsupported
+	# It fails to find uninstalled libraries when the uninstalled
+	# path is not listed in the libpath.  Setting hardcode_minus_L
+	# to unsupported forces relinking
+	hardcode_minus_L=yes
+	hardcode_libdir_flag_spec='-L$libdir'
+	hardcode_libdir_separator=
+      fi
+      shared_flag='-shared'
+    else
+      shared_flag='${wl}-bM:SRE'
+      hardcode_direct=yes
+    fi
+    allow_undefined_flag=' ${wl}-berok'
+    archive_cmds="\$CC $shared_flag"' -o $objdir/$soname $libobjs $deplibs $linkopts ${wl}-bexpall ${wl}-bnoentry${allow_undefined_flag}'
+    archive_expsym_cmds="\$CC $shared_flag"' -o $objdir/$soname $libobjs $deplibs $linkopts ${wl}-bE:$export_symbols ${wl}-bnoentry${allow_undefined_flag}'
+    case "$host_os" in aix4.[01]|aix4.[01].*)
+      # According to Greg Wooledge, -bexpall is only supported from AIX 4.2 on
+      always_export_symbols=yes ;;
+    esac
+   ;;
+
+  amigaos*)
+    archive_cmds='$rm $objdir/a2ixlibrary.data~$echo "#define NAME $libname" > $objdir/a2ixlibrary.data~$echo "#define LIBRARY_ID 1" >> $objdir/a2ixlibrary.data~$echo "#define VERSION $major" >> $objdir/a2ixlibrary.data~$echo "#define REVISION $revision" >> $objdir/a2ixlibrary.data~$AR cru $lib $libobjs~$RANLIB $lib~(cd $objdir && a2ixlibrary -32)'
+    hardcode_libdir_flag_spec='-L$libdir'
+    hardcode_minus_L=yes
+    # see comment about different semantics on the GNU ld section
+    ld_shlibs=no
+    ;;
+
+  cygwin* | mingw*)
+    # When not using gcc, we currently assume that we are using
+    # Microsoft Visual C++.
+    # hardcode_libdir_flag_spec is actually meaningless, as there is
+    # no search path for DLLs.
+    hardcode_libdir_flag_spec=' '
+    allow_undefined_flag=unsupported
+    # Tell ltmain to make .lib files, not .a files.
+    libext=lib
+    # FIXME: Setting linknames here is a bad hack.
+    archive_cmds='$CC -o $lib $libobjs $linkopts `echo "$deplibs" | sed -e '\''s/ -lc$//'\''` -link -dll~linknames='
+    # The linker will automatically build a .lib file if we build a DLL.
+    old_archive_from_new_cmds='true'
+    # FIXME: Should let the user specify the lib program.
+    old_archive_cmds='lib /OUT:$oldlib$oldobjs'
+    fix_srcfile_path='`cygpath -w $srcfile`'
+    ;;
+
+  freebsd1*)
+    ld_shlibs=no
+    ;;
+
+  # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor
+  # support.  Future versions do this automatically, but an explicit c++rt0.o
+  # does not break anything, and helps significantly (at the cost of a little
+  # extra space).
+  freebsd2.2*)
+    archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linkopts /usr/lib/c++rt0.o'
+    hardcode_libdir_flag_spec='-R$libdir'
+    hardcode_direct=yes
+    hardcode_shlibpath_var=no
+    ;;
+
+  # Unfortunately, older versions of FreeBSD 2 do not have this feature.
+  freebsd2*)
+    archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linkopts'
+    hardcode_direct=yes
+    hardcode_minus_L=yes
+    hardcode_shlibpath_var=no
+    ;;
+
+  # FreeBSD 3 and greater uses gcc -shared to do shared libraries.
+  freebsd*)
+    archive_cmds='$CC -shared -o $lib $libobjs $deplibs $linkopts'
+    hardcode_libdir_flag_spec='-R$libdir'
+    hardcode_direct=yes
+    hardcode_shlibpath_var=no
+    ;;
+
+  hpux9* | hpux10* | hpux11*)
+    case "$host_os" in
+    hpux9*) archive_cmds='$rm $objdir/$soname~$LD -b +b $install_libdir -o $objdir/$soname $libobjs $deplibs $linkopts~test $objdir/$soname = $lib || mv $objdir/$soname $lib' ;;
+    *) archive_cmds='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linkopts' ;;
+    esac
+    hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir'
+    hardcode_libdir_separator=:
+    hardcode_direct=yes
+    hardcode_minus_L=yes # Not in the search PATH, but as the default
+			 # location of the library.
+    export_dynamic_flag_spec='${wl}-E'
+    ;;
+
+  irix5* | irix6*)
+    if test "$with_gcc" = yes; then
+      archive_cmds='$CC -shared $libobjs $deplibs $linkopts ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${objdir}/so_locations -o $lib'
+    else
+      archive_cmds='$LD -shared $libobjs $deplibs $linkopts -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${objdir}/so_locations -o $lib'
+    fi
+    hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+    hardcode_libdir_separator=:
+    ;;
+
+  netbsd*)
+    if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
+      archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linkopts'  # a.out
+    else
+      archive_cmds='$LD -shared -o $lib $libobjs $deplibs $linkopts'      # ELF
+    fi
+    hardcode_libdir_flag_spec='${wl}-R$libdir'
+    hardcode_direct=yes
+    hardcode_shlibpath_var=no
+    ;;
+
+  openbsd*)
+    archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linkopts'
+    hardcode_libdir_flag_spec='-R$libdir'
+    hardcode_direct=yes
+    hardcode_shlibpath_var=no
+    ;;
+
+  os2*)
+    hardcode_libdir_flag_spec='-L$libdir'
+    hardcode_minus_L=yes
+    allow_undefined_flag=unsupported
+    archive_cmds='$echo "LIBRARY $libname INITINSTANCE" > $objdir/$libname.def~$echo "DESCRIPTION \"$libname\"" >> $objdir/$libname.def~$echo DATA >> $objdir/$libname.def~$echo " SINGLE NONSHARED" >> $objdir/$libname.def~$echo EXPORTS >> $objdir/$libname.def~emxexp $libobjs >> $objdir/$libname.def~$CC -Zdll -Zcrtdll -o $lib $libobjs $deplibs $linkopts $objdir/$libname.def'
+    old_archive_from_new_cmds='emximp -o $objdir/$libname.a $objdir/$libname.def'
+    ;;
+
+  osf3*)
+    if test "$with_gcc" = yes; then
+      allow_undefined_flag=' ${wl}-expect_unresolved ${wl}\*'
+      archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $linkopts ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${objdir}/so_locations -o $lib'
+    else
+      allow_undefined_flag=' -expect_unresolved \*'
+      archive_cmds='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linkopts -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${objdir}/so_locations -o $lib'
+    fi
+    hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+    hardcode_libdir_separator=:
+    ;;
+
+  osf4* | osf5*)  # As osf3* with the addition of the -msym flag
+    if test "$with_gcc" = yes; then
+      allow_undefined_flag=' ${wl}-expect_unresolved ${wl}\*'
+      archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $linkopts ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && echo ${wl}-set_version ${wl}$verstring` ${wl}-update_registry ${wl}${objdir}/so_locations -o $lib'
+    else
+      allow_undefined_flag=' -expect_unresolved \*'
+      archive_cmds='$LD -shared${allow_undefined_flag} $libobjs $deplibs $linkopts -msym -soname $soname `test -n "$verstring" && echo -set_version $verstring` -update_registry ${objdir}/so_locations -o $lib'
+    fi
+    hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir'
+    hardcode_libdir_separator=:
+    ;;
+
+  sco3.2v5*)
+    archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linkopts'
+    hardcode_shlibpath_var=no
+    runpath_var=LD_RUN_PATH
+    hardcode_runpath_var=yes
+    ;;
+
+  solaris*)
+    no_undefined_flag=' -z text'
+    # $CC -shared without GNU ld will not create a library from C++
+    # object files and a static libstdc++, better avoid it by now
+    archive_cmds='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linkopts'
+    archive_expsym_cmds='$echo "{ global:" > $lib.exp~cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
+		$LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linkopts~$rm $lib.exp'
+    hardcode_libdir_flag_spec='-R$libdir'
+    hardcode_shlibpath_var=no
+    case "$host_os" in
+    solaris2.[0-5] | solaris2.[0-5].*) ;;
+    *) # Supported since Solaris 2.6 (maybe 2.5.1?)
+      whole_archive_flag_spec='-z allextract$convenience -z defaultextract' ;;
+    esac
+    ;;
+
+  sunos4*)
+    archive_cmds='$LD -assert pure-text -Bstatic -o $lib $libobjs $deplibs $linkopts'
+    hardcode_libdir_flag_spec='-L$libdir'
+    hardcode_direct=yes
+    hardcode_minus_L=yes
+    hardcode_shlibpath_var=no
+    ;;
+
+  sysv4)
+    archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linkopts'
+    runpath_var='LD_RUN_PATH'
+    hardcode_shlibpath_var=no
+    hardcode_direct=no #Motorola manual says yes, but my tests say they lie 
+    ;;  
+
+  sysv4.3*)
+    archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linkopts'
+    hardcode_shlibpath_var=no
+    export_dynamic_flag_spec='-Bexport'
+    ;;
+
+  sysv5*)
+    no_undefined_flag=' -z text'
+    # $CC -shared without GNU ld will not create a library from C++
+    # object files and a static libstdc++, better avoid it by now
+    archive_cmds='$LD -G${allow_undefined_flag} -h $soname -o $lib $libobjs $deplibs $linkopts'
+    archive_expsym_cmds='$echo "{ global:" > $lib.exp~cat $export_symbols | sed -e "s/\(.*\)/\1;/" >> $lib.exp~$echo "local: *; };" >> $lib.exp~
+		$LD -G${allow_undefined_flag} -M $lib.exp -h $soname -o $lib $libobjs $deplibs $linkopts~$rm $lib.exp'
+    hardcode_libdir_flag_spec=
+    hardcode_shlibpath_var=no
+    runpath_var='LD_RUN_PATH'
+    ;;
+
+  uts4*)
+    archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linkopts'
+    hardcode_libdir_flag_spec='-L$libdir'
+    hardcode_shlibpath_var=no
+    ;;
+
+  dgux*)
+    archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linkopts'
+    hardcode_libdir_flag_spec='-L$libdir'
+    hardcode_shlibpath_var=no
+    ;;
+
+  sysv4*MP*)
+    if test -d /usr/nec; then
+      archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linkopts'
+      hardcode_shlibpath_var=no
+      runpath_var=LD_RUN_PATH
+      hardcode_runpath_var=yes
+      ld_shlibs=yes
+    fi
+    ;;
+
+  sysv4.2uw2*)
+    archive_cmds='$LD -G -o $lib $libobjs $deplibs $linkopts'
+    hardcode_direct=yes
+    hardcode_minus_L=no
+    hardcode_shlibpath_var=no
+    hardcode_runpath_var=yes
+    runpath_var=LD_RUN_PATH
+    ;;
+
+  unixware7*)
+    archive_cmds='$LD -G -h $soname -o $lib $libobjs $deplibs $linkopts'
+    runpath_var='LD_RUN_PATH'
+    hardcode_shlibpath_var=no
+    ;;
+
+  *)
+    ld_shlibs=no
+    ;;
+  esac
+fi
+echo "$ac_t$ld_shlibs" 1>&6
+test "$ld_shlibs" = no && can_build_shared=no
+
+if test -z "$NM"; then
+  echo $ac_n "checking for BSD-compatible nm... $ac_c" 1>&6
+  case "$NM" in
+  [\\/]* | [A-Za-z]:[\\/]*) ;; # Let the user override the test with a path.
+  *)
+    IFS="${IFS= 	}"; ac_save_ifs="$IFS"; IFS="${IFS}${PATH_SEPARATOR}"
+    for ac_dir in $PATH /usr/ucb /usr/ccs/bin /bin; do
+      test -z "$ac_dir" && ac_dir=.
+      if test -f $ac_dir/nm || test -f $ac_dir/nm$ac_exeext; then
+	# Check to see if the nm accepts a BSD-compat flag.
+	# Adding the `sed 1q' prevents false positives on HP-UX, which says:
+	#   nm: unknown option "B" ignored
+	if ($ac_dir/nm -B /dev/null 2>&1 | sed '1q'; exit 0) | egrep /dev/null >/dev/null; then
+	  NM="$ac_dir/nm -B"
+	  break
+	elif ($ac_dir/nm -p /dev/null 2>&1 | sed '1q'; exit 0) | egrep /dev/null >/dev/null; then
+	  NM="$ac_dir/nm -p"
+	  break
+	else
+	  NM=${NM="$ac_dir/nm"} # keep the first match, but
+	  continue # so that we can try to find one that supports BSD flags
+	fi
+      fi
+    done
+    IFS="$ac_save_ifs"
+    test -z "$NM" && NM=nm
+    ;;
+  esac
+  echo "$ac_t$NM" 1>&6
+fi
+
+# Check for command to grab the raw symbol name followed by C symbol from nm.
+echo $ac_n "checking command to parse $NM output... $ac_c" 1>&6
+
+# These are sane defaults that work on at least a few old systems.
+# [They come from Ultrix.  What could be older than Ultrix?!! ;)]
+
+# Character class describing NM global symbol codes.
+symcode='[BCDEGRST]'
+
+# Regexp to match symbols that can be accessed directly from C.
+sympat='\([_A-Za-z][_A-Za-z0-9]*\)'
+
+# Transform the above into a raw symbol and a C symbol.
+symxfrm='\1 \2\3 \3'
+
+# Transform an extracted symbol line into a proper C declaration
+global_symbol_to_cdecl="sed -n -e 's/^. .* \(.*\)$/extern char \1;/p'"
+
+# Define system-specific variables.
+case "$host_os" in
+aix*)
+  symcode='[BCDT]'
+  ;;
+cygwin* | mingw*)
+  symcode='[ABCDGISTW]'
+  ;;
+hpux*) # Its linker distinguishes data from code symbols
+  global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern char \1();/p' -e 's/^. .* \(.*\)$/extern char \1;/p'"
+  ;;
+irix*)
+  symcode='[BCDEGRST]'
+  ;;
+solaris*)
+  symcode='[BDT]'
+  ;;
+sysv4)
+  symcode='[DFNSTU]'
+  ;;
+esac
+
+# If we're using GNU nm, then use its standard symbol codes.
+if $NM -V 2>&1 | egrep '(GNU|with BFD)' > /dev/null; then
+  symcode='[ABCDGISTW]'
+fi
+
+# Try without a prefix undercore, then with it.
+for ac_symprfx in "" "_"; do
+
+  # Write the raw and C identifiers.
+  global_symbol_pipe="sed -n -e 's/^.*[ 	]\($symcode\)[ 	][ 	]*\($ac_symprfx\)$sympat$/$symxfrm/p'"
+
+  # Check to see that the pipe works correctly.
+  pipe_works=no
+  $rm conftest*
+  cat > conftest.c <<EOF
+#ifdef __cplusplus
+extern "C" {
+#endif
+char nm_test_var;
+void nm_test_func(){}
+#ifdef __cplusplus
+}
+#endif
+main(){nm_test_var='a';nm_test_func();return(0);}
+EOF
+
+  echo "$progname:1635: checking if global_symbol_pipe works" >&5
+  if { (eval echo $progname:1636: \"$ac_compile\") 1>&5; (eval $ac_compile) 2>&5; } && test -s conftest.$objext; then
+    # Now try to grab the symbols.
+    nlist=conftest.nm
+    if { echo "$progname:1639: eval \"$NM conftest.$objext | $global_symbol_pipe > $nlist\"" >&5; eval "$NM conftest.$objext | $global_symbol_pipe > $nlist 2>&5"; } && test -s "$nlist"; then
+
+      # Try sorting and uniquifying the output.
+      if sort "$nlist" | uniq > "$nlist"T; then
+	mv -f "$nlist"T "$nlist"
+      else
+	rm -f "$nlist"T
+      fi
+
+      # Make sure that we snagged all the symbols we need.
+      if egrep ' nm_test_var$' "$nlist" >/dev/null; then
+	if egrep ' nm_test_func$' "$nlist" >/dev/null; then
+	  cat <<EOF > conftest.c
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+EOF
+	  # Now generate the symbol file.
+	  eval "$global_symbol_to_cdecl"' < "$nlist" >> conftest.c'
+
+	  cat <<EOF >> conftest.c
+#if defined (__STDC__) && __STDC__
+# define lt_ptr_t void *
+#else
+# define lt_ptr_t char *
+# define const
+#endif
+
+/* The mapping between symbol names and symbols. */
+const struct {
+  const char *name;
+  lt_ptr_t address;
+}
+lt_preloaded_symbols[] =
+{
+EOF
+	  sed 's/^. \(.*\) \(.*\)$/  {"\2", (lt_ptr_t) \&\2},/' < "$nlist" >> conftest.c
+	  cat <<\EOF >> conftest.c
+  {0, (lt_ptr_t) 0}
+};
+
+#ifdef __cplusplus
+}
+#endif
+EOF
+	  # Now try linking the two files.
+	  mv conftest.$objext conftstm.$objext
+	  save_LIBS="$LIBS"
+	  save_CFLAGS="$CFLAGS"
+	  LIBS="conftstm.$objext"
+	  CFLAGS="$CFLAGS$no_builtin_flag"
+	  if { (eval echo $progname:1691: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest; then
+	    pipe_works=yes
+	  else
+	    echo "$progname: failed program was:" >&5
+	    cat conftest.c >&5
+	  fi
+	  LIBS="$save_LIBS"
+	else
+	  echo "cannot find nm_test_func in $nlist" >&5
+	fi
+      else
+	echo "cannot find nm_test_var in $nlist" >&5
+      fi
+    else
+      echo "cannot run $global_symbol_pipe" >&5
+    fi
+  else
+    echo "$progname: failed program was:" >&5
+    cat conftest.c >&5
+  fi
+  $rm conftest* conftst*
+
+  # Do not use the global_symbol_pipe unless it works.
+  if test "$pipe_works" = yes; then
+    break
+  else
+    global_symbol_pipe=
+  fi
+done
+if test "$pipe_works" = yes; then
+  echo "${ac_t}ok" 1>&6
+else
+  echo "${ac_t}failed" 1>&6
+fi
+
+if test -z "$global_symbol_pipe"; then
+  global_symbol_to_cdecl=
+fi
+
+# Check hardcoding attributes.
+echo $ac_n "checking how to hardcode library paths into programs... $ac_c" 1>&6
+hardcode_action=
+if test -n "$hardcode_libdir_flag_spec" || \
+   test -n "$runpath_var"; then
+
+  # We can hardcode non-existant directories.
+  if test "$hardcode_direct" != no &&
+     # If the only mechanism to avoid hardcoding is shlibpath_var, we
+     # have to relink, otherwise we might link with an installed library
+     # when we should be linking with a yet-to-be-installed one
+     ## test "$hardcode_shlibpath_var" != no &&
+     test "$hardcode_minus_L" != no; then
+    # Linking always hardcodes the temporary library directory.
+    hardcode_action=relink
+  else
+    # We can link without hardcoding, and we can hardcode nonexisting dirs.
+    hardcode_action=immediate
+  fi
+else
+  # We cannot hardcode anything, or else we can only hardcode existing
+  # directories.
+  hardcode_action=unsupported
+fi
+echo "$ac_t$hardcode_action" 1>&6
+
+
+reload_flag=
+reload_cmds='$LD$reload_flag -o $output$reload_objs'
+echo $ac_n "checking for $LD option to reload object files... $ac_c" 1>&6
+# PORTME Some linkers may need a different reload flag.
+reload_flag='-r'
+echo "$ac_t$reload_flag" 1>&6
+test -n "$reload_flag" && reload_flag=" $reload_flag"
+
+# PORTME Fill in your ld.so characteristics
+library_names_spec=
+libname_spec='lib$name'
+soname_spec=
+postinstall_cmds=
+postuninstall_cmds=
+finish_cmds=
+finish_eval=
+shlibpath_var=
+shlibpath_overrides_runpath=unknown
+version_type=none
+dynamic_linker="$host_os ld.so"
+sys_lib_dlsearch_path_spec="/lib /usr/lib"
+sys_lib_search_path_spec="/lib /usr/lib /usr/local/lib"
+file_magic_cmd=
+file_magic_test_file=
+deplibs_check_method='unknown'
+# Need to set the preceding variable on all platforms that support
+# interlibrary dependencies.
+# 'none' -- dependencies not supported.
+# `unknown' -- same as none, but documents that we really don't know.
+# 'pass_all' -- all dependencies passed with no checks.
+# 'test_compile' -- check by making test program.
+# 'file_magic [regex]' -- check by looking for files in library path
+# which responds to the $file_magic_cmd with a given egrep regex.
+# If you have `file' or equivalent on your system and you're not sure
+# whether `pass_all' will *always* work, you probably want this one.
+echo $ac_n "checking dynamic linker characteristics... $ac_c" 1>&6
+case "$host_os" in
+aix3*)
+  version_type=linux
+  library_names_spec='${libname}${release}.so$versuffix $libname.a'
+  shlibpath_var=LIBPATH
+
+  # AIX has no versioning support, so we append a major version to the name.
+  soname_spec='${libname}${release}.so$major'
+  ;;
+
+aix4*)
+  version_type=linux
+  # AIX has no versioning support, so currently we can not hardcode correct
+  # soname into executable. Probably we can add versioning support to
+  # collect2, so additional links can be useful in future.
+  # We preserve .a as extension for shared libraries though AIX4.2
+  # and later linker supports .so
+  library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.a'
+  shlibpath_var=LIBPATH
+  deplibs_check_method=pass_all
+  ;;
+
+amigaos*)
+  library_names_spec='$libname.ixlibrary $libname.a'
+  # Create ${libname}_ixlibrary.a entries in /sys/libs.
+  finish_eval='for lib in `ls $libdir/*.ixlibrary 2>/dev/null`; do libname=`$echo "X$lib" | $Xsed -e '\''s%^.*/\([^/]*\)\.ixlibrary$%\1%'\''`; test $rm /sys/libs/${libname}_ixlibrary.a; $show "(cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a)"; (cd /sys/libs && $LN_S $lib ${libname}_ixlibrary.a) || exit 1; done'
+  ;;
+
+beos*)
+  library_names_spec='${libname}.so'
+  dynamic_linker="$host_os ld.so"
+  shlibpath_var=LIBRARY_PATH
+  deplibs_check_method=pass_all
+  lt_cv_dlopen="load_add_on"
+  lt_cv_dlopen_libs=
+  lt_cv_dlopen_self=yes
+  ;;
+
+bsdi4*)
+  version_type=linux
+  need_version=no
+  library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.so'
+  soname_spec='${libname}${release}.so$major'
+  finish_cmds='PATH="\$PATH:/sbin" ldconfig $libdir'
+  shlibpath_var=LD_LIBRARY_PATH
+  deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib)'
+  file_magic_cmd=/usr/bin/file
+  file_magic_test_file=/shlib/libc.so
+  sys_lib_search_path_spec="/shlib /usr/lib /usr/X11/lib /usr/contrib/lib /lib /usr/local/lib"
+  sys_lib_dlsearch_path_spec="/shlib /usr/lib /usr/local/lib"
+  export_dynamic_flag_spec=-rdynamic
+  # the default ld.so.conf also contains /usr/contrib/lib and
+  # /usr/X11R6/lib (/usr/X11 is a link to /usr/X11R6), but let us allow
+  # libtool to hard-code these into programs
+  ;;
+
+cygwin* | mingw*)
+  version_type=windows
+  need_version=no
+  need_lib_prefix=no
+  if test "$with_gcc" = yes; then
+    library_names_spec='${libname}`echo ${release} | sed -e 's/[.]/-/g'`${versuffix}.dll $libname.a'
+  else
+    library_names_spec='${libname}`echo ${release} | sed -e 's/[.]/-/g'`${versuffix}.dll $libname.lib'
+  fi
+  dynamic_linker='Win32 ld.exe'
+  deplibs_check_method='file_magic file format pei*-i386(.*architecture: i386)?'
+  file_magic_cmd='${OBJDUMP} -f'
+  # FIXME: first we should search . and the directory the executable is in
+  shlibpath_var=PATH
+  lt_cv_dlopen="LoadLibrary"
+  lt_cv_dlopen_libs=
+  ;;
+
+freebsd1*)
+  dynamic_linker=no
+  ;;
+  
+freebsd*)
+  objformat=`test -x /usr/bin/objformat && /usr/bin/objformat || echo aout`
+  version_type=freebsd-$objformat
+  case "$version_type" in
+    freebsd-elf*)
+      deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [LM]SB shared object'
+      file_magic_cmd=/usr/bin/file
+      file_magic_test_file=`echo /usr/lib/libc.so*`
+      library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so $libname.so'
+      need_version=no
+      need_lib_prefix=no
+      ;;
+    freebsd-*)
+      deplibs_check_method=unknown
+      library_names_spec='${libname}${release}.so$versuffix $libname.so$versuffix'
+      need_version=yes
+      ;;
+  esac
+  shlibpath_var=LD_LIBRARY_PATH
+  case "$host_os" in
+  freebsd2* | freebsd3.[01]* | freebsdelf3.[01]*)
+    shlibpath_overrides_runpath=yes
+    ;;
+  *) # from 3.2 on
+    shlibpath_overrides_runpath=no
+    ;;
+  esac
+  ;;
+
+gnu*)
+  version_type=linux
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so${major} ${libname}.so'
+  soname_spec='${libname}${release}.so$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  ;;
+
+hpux9* | hpux10* | hpux11*)
+  # Give a soname corresponding to the major version so that dld.sl refuses to
+  # link against other versions.
+  dynamic_linker="$host_os dld.sl"
+  version_type=sunos
+  need_lib_prefix=no
+  need_version=no
+  shlibpath_var=SHLIB_PATH
+  shlibpath_overrides_runpath=no # +s is required to enable SHLIB_PATH
+  library_names_spec='${libname}${release}.sl$versuffix ${libname}${release}.sl$major $libname.sl'
+  soname_spec='${libname}${release}.sl$major'
+  # HP-UX runs *really* slowly unless shared libraries are mode 555.
+  postinstall_cmds='chmod 555 $lib'
+  ;;
+
+irix5* | irix6*)
+  version_type=irix
+  need_lib_prefix=no
+  need_version=no
+  soname_spec='${libname}${release}.so.$major'
+  library_names_spec='${libname}${release}.so.$versuffix ${libname}${release}.so.$major ${libname}${release}.so $libname.so'
+  case "$host_os" in
+  irix5*)
+    libsuff= shlibsuff=
+    # this will be overridden with pass_all, but let us keep it just in case
+    deplibs_check_method="file_magic ELF 32-bit MSB dynamic lib MIPS - version 1"
+    ;;
+  *)
+    case "$LD" in # libtool.m4 will add one of these switches to LD
+    *-32|*"-32 ") libsuff= shlibsuff= libmagic=32-bit;;
+    *-n32|*"-n32 ") libsuff=32 shlibsuff=N32 libmagic=N32;;
+    *-64|*"-64 ") libsuff=64 shlibsuff=64 libmagic=64-bit;;
+    *) libsuff= shlibsuff= libmagic=never-match;;
+    esac
+    ;;
+  esac
+  shlibpath_var=LD_LIBRARY${shlibsuff}_PATH
+  shlibpath_overrides_runpath=no
+  sys_lib_search_path_spec="/usr/lib${libsuff} /lib${libsuff} /usr/local/lib${libsuff}"
+  sys_lib_dlsearch_path_spec="/usr/lib${libsuff} /lib${libsuff}"
+  file_magic_cmd=/usr/bin/file
+  file_magic_test_file=`echo /lib${libsuff}/libc.so*`
+  deplibs_check_method='pass_all'
+  ;;
+
+# No shared lib support for Linux oldld, aout, or coff.
+linux-gnuoldld* | linux-gnuaout* | linux-gnucoff*)
+  dynamic_linker=no
+  ;;
+
+# This must be Linux ELF.
+linux-gnu*)
+  version_type=linux
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.so'
+  soname_spec='${libname}${release}.so$major'
+  finish_cmds='PATH="\$PATH:/sbin" ldconfig -n $libdir'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=no
+  deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [LM]SB (shared object|dynamic lib )'
+  file_magic_cmd=/usr/bin/file
+  file_magic_test_file=`echo /lib/libc.so* /lib/libc-*.so`
+
+  if test -f /lib/ld.so.1; then
+    dynamic_linker='GNU ld.so'
+  else
+    # Only the GNU ld.so supports shared libraries on MkLinux.
+    case "$host_cpu" in
+    powerpc*) dynamic_linker=no ;;
+    *) dynamic_linker='Linux ld.so' ;;
+    esac
+  fi
+  ;;
+
+netbsd*)
+  version_type=sunos
+  if echo __ELF__ | $CC -E - | grep __ELF__ >/dev/null; then
+    library_names_spec='${libname}${release}.so$versuffix ${libname}.so$versuffix'
+    finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+    dynamic_linker='NetBSD (a.out) ld.so'
+  else
+    library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major ${libname}${release}.so ${libname}.so'
+    soname_spec='${libname}${release}.so$major'
+    dynamic_linker='NetBSD ld.elf_so'
+  fi
+  shlibpath_var=LD_LIBRARY_PATH
+  ;;
+
+openbsd*)
+  version_type=sunos
+  if test "$with_gnu_ld" = yes; then
+    need_lib_prefix=no
+    need_version=no
+  fi
+  library_names_spec='${libname}${release}.so$versuffix ${libname}.so$versuffix'
+  finish_cmds='PATH="\$PATH:/sbin" ldconfig -m $libdir'
+  shlibpath_var=LD_LIBRARY_PATH
+  ;;
+
+os2*)
+  libname_spec='$name'
+  need_lib_prefix=no
+  library_names_spec='$libname.dll $libname.a'
+  dynamic_linker='OS/2 ld.exe'
+  shlibpath_var=LIBPATH
+  ;;
+
+osf3* | osf4* | osf5*)
+  version_type=osf
+  need_version=no
+  soname_spec='${libname}${release}.so'
+  library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so $libname.so'
+  shlibpath_var=LD_LIBRARY_PATH
+  # this will be overridden with pass_all, but let us keep it just in case
+  deplibs_check_method='file_magic COFF format alpha shared library'
+  file_magic_cmd=/usr/bin/file
+  file_magic_test_file=/shlib/libc.so
+  deplibs_check_method='pass_all'
+  sys_lib_search_path_spec="/usr/shlib /usr/ccs/lib /usr/lib/cmplrs/cc /usr/lib /usr/local/lib /var/shlib"
+  sys_lib_dlsearch_path_spec="$sys_lib_search_path_spec"
+  ;;
+
+sco3.2v5*)
+  version_type=osf
+  soname_spec='${libname}${release}.so$major'
+  library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.so'
+  shlibpath_var=LD_LIBRARY_PATH
+  ;;
+
+solaris*)
+  version_type=linux
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.so'
+  soname_spec='${libname}${release}.so$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  # ldd complains unless libraries are executable
+  postinstall_cmds='chmod +x $lib'
+  deplibs_check_method="file_magic ELF [0-9][0-9]-bit [LM]SB dynamic lib"
+  file_magic_cmd=/usr/bin/file
+  file_magic_test_file=/lib/libc.so
+  ;;
+
+sunos4*)
+  version_type=sunos
+  library_names_spec='${libname}${release}.so$versuffix ${libname}.so$versuffix'
+  finish_cmds='PATH="\$PATH:/usr/etc" ldconfig $libdir'
+  shlibpath_var=LD_LIBRARY_PATH
+  shlibpath_overrides_runpath=yes
+  if test "$with_gnu_ld" = yes; then
+    need_lib_prefix=no
+  fi
+  need_version=yes
+  ;;
+
+sysv4 | sysv4.2uw2* | sysv4.3* | sysv5*)
+  version_type=linux
+  library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.so'
+  soname_spec='${libname}${release}.so$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  case "$host_vendor" in
+    ncr)
+      deplibs_check_method='pass_all'
+      ;;
+    motorola)
+      need_lib_prefix=no
+      need_version=no
+      shlibpath_overrides_runpath=no
+      sys_lib_search_path_spec='/lib /usr/lib /usr/ccs/lib'
+      deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib) M[0-9][0-9]* Version [0-9]'
+      file_magic_cmd=/usr/bin/file
+      file_magic_test_file=`echo /usr/lib/libc.so*`
+      ;;
+  esac
+  ;;
+
+uts4*)
+  version_type=linux
+  library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.so'
+  soname_spec='${libname}${release}.so$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  ;;
+
+dgux*)
+  version_type=linux
+  need_lib_prefix=no
+  need_version=no
+  library_names_spec='${libname}${release}.so$versuffix ${libname}${release}.so$major $libname.so'
+  soname_spec='${libname}${release}.so$major'
+  shlibpath_var=LD_LIBRARY_PATH
+  ;;
+
+sysv4*MP*)
+  if test -d /usr/nec ;then
+    version_type=linux
+    library_names_spec='$libname.so.$versuffix $libname.so.$major $libname.so'
+    soname_spec='$libname.so.$major'
+    shlibpath_var=LD_LIBRARY_PATH
+  fi
+  ;;
+
+*)
+  dynamic_linker=no
+  ;;
+esac
+echo "$ac_t$dynamic_linker" 1>&6
+test "$dynamic_linker" = no && can_build_shared=no
+
+# Report the final consequences.
+echo "checking if libtool supports shared libraries... $can_build_shared" 1>&6
+
+# Only try to build win32 dlls if AC_LIBTOOL_WIN32_DLL was used in
+# configure.in, otherwise build static only libraries.
+case "$host_os" in
+cygwin* | mingw* | os2*)
+  if test x$can_build_shared = xyes; then
+    test x$enable_win32_dll = xno && can_build_shared=no
+    echo "checking if package supports dlls... $can_build_shared" 1>&6
+  fi
+;;
+esac
+
+if test -n "$file_magic_test_file" && test -n "$file_magic_cmd"; then
+  case "$deplibs_check_method" in
+  "file_magic "*)
+    file_magic_regex="`expr \"$deplibs_check_method\" : \"file_magic \(.*\)\"`"
+    if eval $file_magic_cmd \$file_magic_test_file 2> /dev/null |
+       egrep "$file_magic_regex" > /dev/null; then
+      :
+    else
+      cat <<EOF 1>&2
+
+*** Warning: the command libtool uses to detect shared libraries,
+*** $file_magic_cmd, produces output that libtool cannot recognize.
+*** The result is that libtool may fail to recognize shared libraries
+*** as such.  This will affect the creation of libtool libraries that
+*** depend on shared libraries, but programs linked with such libtool
+*** libraries will work regardless of this problem.  Nevertheless, you
+*** may want to report the problem to your system manager and/or to
+*** bug-libtool at gnu.org
+
+EOF
+    fi ;;
+  esac
+fi
+
+echo $ac_n "checking whether to build shared libraries... $ac_c" 1>&6
+test "$can_build_shared" = "no" && enable_shared=no
+
+# On AIX, shared libraries and static libraries use the same namespace, and
+# are all built from PIC.
+case "$host_os" in
+aix3*)
+  test "$enable_shared" = yes && enable_static=no
+  if test -n "$RANLIB"; then
+    archive_cmds="$archive_cmds~\$RANLIB \$lib"
+    postinstall_cmds='$RANLIB $lib'
+  fi
+  ;;
+
+aix4*)
+  test "$enable_shared" = yes && enable_static=no
+  ;;
+esac
+
+echo "$ac_t$enable_shared" 1>&6
+
+# Make sure either enable_shared or enable_static is yes.
+test "$enable_shared" = yes || enable_static=yes
+
+echo "checking whether to build static libraries... $enable_static" 1>&6
+
+if test "$hardcode_action" = relink; then
+  # Fast installation is not supported
+  enable_fast_install=no
+elif test "$shlibpath_overrides_runpath" = yes ||
+     test "$enable_shared" = no; then
+  # Fast installation is not necessary
+  enable_fast_install=needless
+fi
+
+echo $ac_n "checking for objdir... $ac_c" 1>&6
+rm -f .libs 2>/dev/null
+mkdir .libs 2>/dev/null
+if test -d .libs; then
+  objdir=.libs
+else
+  # MS-DOS does not allow filenames that begin with a dot.
+  objdir=_libs
+fi
+rmdir .libs 2>/dev/null
+echo "$ac_t$objdir" 1>&6
+
+if test "x$enable_dlopen" != xyes; then
+  enable_dlopen=unknown
+  enable_dlopen_self=unknown
+  enable_dlopen_self_static=unknown
+else
+if eval "test \"`echo '$''{'lt_cv_dlopen'+set}'`\" != set"; then
+  lt_cv_dlopen=no lt_cv_dlopen_libs=
+echo $ac_n "checking for dlopen in -ldl""... $ac_c" 1>&6
+echo "$progname:2212: checking for dlopen in -ldl" >&5
+ac_lib_var=`echo dl'_'dlopen | sed 'y%./+-%__p_%'`
+if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  ac_save_LIBS="$LIBS"
+LIBS="-ldl  $LIBS"
+cat > conftest.$ac_ext <<EOF
+#line 2220 "ltconfig"
+/* Override any gcc2 internal prototype to avoid an error.  */
+/* We use char because int might match the return type of a gcc2
+    builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char dlopen();
+
+int main() {
+dlopen()
+; return 0; }
+EOF
+if { (eval echo $progname:2233: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+  rm -rf conftest*
+  eval "ac_cv_lib_$ac_lib_var=yes"
+else
+  echo "$progname: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  eval "ac_cv_lib_$ac_lib_var=no"
+fi
+rm -f conftest*
+LIBS="$ac_save_LIBS"
+
+fi
+if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+  lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl"
+else
+  echo "$ac_t""no" 1>&6
+echo $ac_n "checking for dlopen""... $ac_c" 1>&6
+echo "$progname:2252: checking for dlopen" >&5
+if eval "test \"`echo '$''{'ac_cv_func_dlopen'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 2257 "ltconfig"
+/* System header to define __stub macros and hopefully few prototypes,
+    which can conflict with char dlopen(); below.  */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error.  */
+/* We use char because int might match the return type of a gcc2
+    builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char dlopen();
+
+int main() {
+
+/* The GNU C library defines this for functions which it implements
+    to always fail with ENOSYS.  Some functions are actually named
+    something starting with __ and the normal name is an alias.  */
+#if defined (__stub_dlopen) || defined (__stub___dlopen)
+choke me
+#else
+dlopen();
+#endif
+
+; return 0; }
+EOF
+if { (eval echo $progname:2282: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+  rm -rf conftest*
+  eval "ac_cv_func_dlopen=yes"
+else
+  echo "$progname: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  eval "ac_cv_func_dlopen=no"
+fi
+rm -f conftest*
+fi
+if eval "test \"`echo '$ac_cv_func_'dlopen`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+  lt_cv_dlopen="dlopen"
+else
+  echo "$ac_t""no" 1>&6
+echo $ac_n "checking for dld_link in -ldld""... $ac_c" 1>&6
+echo "$progname:2299: checking for dld_link in -ldld" >&5
+ac_lib_var=`echo dld'_'dld_link | sed 'y%./+-%__p_%'`
+if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  ac_save_LIBS="$LIBS"
+LIBS="-ldld  $LIBS"
+cat > conftest.$ac_ext <<EOF
+#line 2307 "ltconfig"
+/* Override any gcc2 internal prototype to avoid an error.  */
+/* We use char because int might match the return type of a gcc2
+    builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char dld_link();
+
+int main() {
+dld_link()
+; return 0; }
+EOF
+if { (eval echo $progname:2320: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+  rm -rf conftest*
+  eval "ac_cv_lib_$ac_lib_var=yes"
+else
+  echo "$progname: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  eval "ac_cv_lib_$ac_lib_var=no"
+fi
+rm -f conftest*
+LIBS="$ac_save_LIBS"
+
+fi
+if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+  lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-ldld"
+else
+  echo "$ac_t""no" 1>&6
+echo $ac_n "checking for shl_load""... $ac_c" 1>&6
+echo "$progname:2339: checking for shl_load" >&5
+if eval "test \"`echo '$''{'ac_cv_func_shl_load'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 2344 "ltconfig"
+/* System header to define __stub macros and hopefully few prototypes,
+    which can conflict with char shl_load(); below.  */
+#include <assert.h>
+/* Override any gcc2 internal prototype to avoid an error.  */
+/* We use char because int might match the return type of a gcc2
+    builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char shl_load();
+
+int main() {
+
+/* The GNU C library defines this for functions which it implements
+    to always fail with ENOSYS.  Some functions are actually named
+    something starting with __ and the normal name is an alias.  */
+#if defined (__stub_shl_load) || defined (__stub___shl_load)
+choke me
+#else
+shl_load();
+#endif
+
+; return 0; }
+EOF
+if { (eval echo $progname:2369: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+  rm -rf conftest*
+  eval "ac_cv_func_shl_load=yes"
+else
+  echo "$progname: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  eval "ac_cv_func_shl_load=no"
+fi
+rm -f conftest*
+fi
+
+if eval "test \"`echo '$ac_cv_func_'shl_load`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+  lt_cv_dlopen="shl_load"
+else
+  echo "$ac_t""no" 1>&6
+echo $ac_n "checking for shl_load in -ldld""... $ac_c" 1>&6
+echo "$progname:2387: checking for shl_load in -ldld" >&5
+ac_lib_var=`echo dld'_'shl_load | sed 'y%./+-%__p_%'`
+if eval "test \"`echo '$''{'ac_cv_lib_$ac_lib_var'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  ac_save_LIBS="$LIBS"
+LIBS="-ldld  $LIBS"
+cat > conftest.$ac_ext <<EOF
+#line 2395 "ltconfig"
+#include "confdefs.h"
+/* Override any gcc2 internal prototype to avoid an error.  */
+/* We use char because int might match the return type of a gcc2
+    builtin and then its argument prototype would still apply.  */
+#ifdef __cplusplus
+extern "C"
+#endif
+char shl_load();
+
+int main() {
+shl_load()
+; return 0; }
+EOF
+if { (eval echo $progname:2409: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest${ac_exeext}; then
+  rm -rf conftest*
+  eval "ac_cv_lib_$ac_lib_var=yes"
+else
+  echo "$progname: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  eval "ac_cv_lib_$ac_lib_var=no"
+fi
+rm -f conftest*
+LIBS="$ac_save_LIBS"
+
+fi
+if eval "test \"`echo '$ac_cv_lib_'$ac_lib_var`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+  lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld"
+else
+  echo "$ac_t""no" 1>&6
+fi
+
+
+fi
+
+    
+fi
+
+  
+fi
+
+
+fi
+
+fi
+
+  if test "x$lt_cv_dlopen" != xno; then
+    enable_dlopen=yes
+  fi
+
+  case "$lt_cv_dlopen" in
+  dlopen)
+for ac_hdr in dlfcn.h; do
+ac_safe=`echo "$ac_hdr" | sed 'y%./+-%__p_%'`
+echo $ac_n "checking for $ac_hdr""... $ac_c" 1>&6
+echo "$progname:2452: checking for $ac_hdr" >&5
+if eval "test \"`echo '$''{'ac_cv_header_$ac_safe'+set}'`\" = set"; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  cat > conftest.$ac_ext <<EOF
+#line 2457 "ltconfig"
+#include <$ac_hdr>
+int fnord = 0;
+EOF
+ac_try="$ac_compile >/dev/null 2>conftest.out"
+{ (eval echo $progname:2462: \"$ac_try\") 1>&5; (eval $ac_try) 2>&5; }
+ac_err=`grep -v '^ *+' conftest.out | grep -v "^conftest.${ac_ext}\$"`
+if test -z "$ac_err"; then
+  rm -rf conftest*
+  eval "ac_cv_header_$ac_safe=yes"
+else
+  echo "$ac_err" >&5
+  echo "$progname: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -rf conftest*
+  eval "ac_cv_header_$ac_safe=no"
+fi
+rm -f conftest*
+fi
+if eval "test \"`echo '$ac_cv_header_'$ac_safe`\" = yes"; then
+  echo "$ac_t""yes" 1>&6
+else
+  echo "$ac_t""no" 1>&6
+fi
+done
+
+    if test "x$ac_cv_header_dlfcn_h" = xyes; then
+      CPPFLAGS="$CPPFLAGS -DHAVE_DLFCN_H"
+    fi
+    eval LDFLAGS=\"\$LDFLAGS $export_dynamic_flag_spec\"
+    LIBS="$lt_cv_dlopen_libs $LIBS"
+
+  echo $ac_n "checking whether a program can dlopen itself""... $ac_c" 1>&6
+echo "$progname:2490: checking whether a program can dlopen itself" >&5
+if test "${lt_cv_dlopen_self+set}" = set; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  if test "$cross_compiling" = yes; then
+    lt_cv_dlopen_self=cross
+  else
+    cat > conftest.c <<EOF
+#line 2498 "ltconfig"
+
+#if HAVE_DLFCN_H
+#include <dlfcn.h>
+#endif
+
+#include <stdio.h>
+
+#ifdef RTLD_GLOBAL
+# define LTDL_GLOBAL	RTLD_GLOBAL
+#else
+# ifdef DL_GLOBAL
+#  define LTDL_GLOBAL	DL_GLOBAL
+# else
+#  define LTDL_GLOBAL	0
+# endif
+#endif
+
+/* We may have to define LTDL_LAZY_OR_NOW in the command line if we
+   find out it does not work in some platform. */
+#ifndef LTDL_LAZY_OR_NOW
+# ifdef RTLD_LAZY
+#  define LTDL_LAZY_OR_NOW	RTLD_LAZY
+# else
+#  ifdef DL_LAZY
+#   define LTDL_LAZY_OR_NOW	DL_LAZY
+#  else
+#   ifdef RTLD_NOW
+#    define LTDL_LAZY_OR_NOW	RTLD_NOW
+#   else
+#    ifdef DL_NOW
+#     define LTDL_LAZY_OR_NOW	DL_NOW
+#    else
+#     define LTDL_LAZY_OR_NOW	0
+#    endif
+#   endif
+#  endif
+# endif
+#endif
+
+fnord() { int i=42;}
+main() { void *self, *ptr1, *ptr2; self=dlopen(0,LTDL_GLOBAL|LTDL_LAZY_OR_NOW);
+    if(self) { ptr1=dlsym(self,"fnord"); ptr2=dlsym(self,"_fnord");
+	       if(ptr1 || ptr2) { dlclose(self); exit(0); } } exit(1); } 
+
+EOF
+if { (eval echo $progname:2544: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+then
+  lt_cv_dlopen_self=yes
+else
+  echo "$progname: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -fr conftest*
+  lt_cv_dlopen_self=no
+fi
+rm -fr conftest*
+fi
+
+fi
+
+echo "$ac_t""$lt_cv_dlopen_self" 1>&6
+
+  if test "$lt_cv_dlopen_self" = yes; then
+    LDFLAGS="$LDFLAGS $link_static_flag"
+  echo $ac_n "checking whether a statically linked program can dlopen itself""... $ac_c" 1>&6
+echo "$progname:2563: checking whether a statically linked program can dlopen itself" >&5
+if test "${lt_cv_dlopen_self_static+set}" = set; then
+  echo $ac_n "(cached) $ac_c" 1>&6
+else
+  if test "$cross_compiling" = yes; then
+    lt_cv_dlopen_self_static=cross
+  else
+    cat > conftest.c <<EOF
+#line 2571 "ltconfig"
+
+#if HAVE_DLFCN_H
+#include <dlfcn.h>
+#endif
+
+#include <stdio.h>
+
+#ifdef RTLD_GLOBAL
+# define LTDL_GLOBAL	RTLD_GLOBAL
+#else
+# ifdef DL_GLOBAL
+#  define LTDL_GLOBAL	DL_GLOBAL
+# else
+#  define LTDL_GLOBAL	0
+# endif
+#endif
+
+/* We may have to define LTDL_LAZY_OR_NOW in the command line if we
+   find out it does not work in some platform. */
+#ifndef LTDL_LAZY_OR_NOW
+# ifdef RTLD_LAZY
+#  define LTDL_LAZY_OR_NOW	RTLD_LAZY
+# else
+#  ifdef DL_LAZY
+#   define LTDL_LAZY_OR_NOW	DL_LAZY
+#  else
+#   ifdef RTLD_NOW
+#    define LTDL_LAZY_OR_NOW	RTLD_NOW
+#   else
+#    ifdef DL_NOW
+#     define LTDL_LAZY_OR_NOW	DL_NOW
+#    else
+#     define LTDL_LAZY_OR_NOW	0
+#    endif
+#   endif
+#  endif
+# endif
+#endif
+
+fnord() { int i=42;}
+main() { void *self, *ptr1, *ptr2; self=dlopen(0,LTDL_GLOBAL|LTDL_LAZY_OR_NOW);
+    if(self) { ptr1=dlsym(self,"fnord"); ptr2=dlsym(self,"_fnord");
+    if(ptr1 || ptr2) { dlclose(self); exit(0); } } exit(1); } 
+
+EOF
+if { (eval echo $progname:2617: \"$ac_link\") 1>&5; (eval $ac_link) 2>&5; } && test -s conftest && (./conftest; exit) 2>/dev/null
+then
+  lt_cv_dlopen_self_static=yes
+else
+  echo "$progname: failed program was:" >&5
+  cat conftest.$ac_ext >&5
+  rm -fr conftest*
+  lt_cv_dlopen_self_static=no
+fi
+rm -fr conftest*
+fi
+
+fi
+
+echo "$ac_t""$lt_cv_dlopen_self_static" 1>&6
+fi
+    ;;
+  esac
+
+  case "$lt_cv_dlopen_self" in
+  yes|no) enable_dlopen_self=$lt_cv_dlopen_self ;;
+  *) enable_dlopen_self=unknown ;;
+  esac
+
+  case "$lt_cv_dlopen_self_static" in
+  yes|no) enable_dlopen_self_static=$lt_cv_dlopen_self_static ;;
+  *) enable_dlopen_self_static=unknown ;;
+  esac
+fi
+
+# Copy echo and quote the copy, instead of the original, because it is
+# used later.
+ltecho="$echo"
+if test "X$ltecho" = "X$CONFIG_SHELL $0 --fallback-echo"; then
+   ltecho="$CONFIG_SHELL \$0 --fallback-echo"
+fi
+LTSHELL="$SHELL"
+
+LTCONFIG_VERSION="$VERSION"
+
+# Only quote variables if we're using ltmain.sh.
+case "$ltmain" in
+*.sh)
+  # Now quote all the things that may contain metacharacters.
+  for var in ltecho old_CC old_CFLAGS old_CPPFLAGS \
+    old_LD old_LDFLAGS old_LIBS \
+    old_NM old_RANLIB old_LN_S old_DLLTOOL old_OBJDUMP old_AS \
+    AR CC LD LN_S NM LTSHELL LTCONFIG_VERSION \
+    reload_flag reload_cmds wl \
+    pic_flag link_static_flag no_builtin_flag export_dynamic_flag_spec \
+    thread_safe_flag_spec whole_archive_flag_spec libname_spec \
+    library_names_spec soname_spec \
+    RANLIB old_archive_cmds old_archive_from_new_cmds old_postinstall_cmds \
+    old_postuninstall_cmds archive_cmds archive_expsym_cmds postinstall_cmds postuninstall_cmds \
+    file_magic_cmd export_symbols_cmds deplibs_check_method allow_undefined_flag no_undefined_flag \
+    finish_cmds finish_eval global_symbol_pipe global_symbol_to_cdecl \
+    hardcode_libdir_flag_spec hardcode_libdir_separator  \
+    sys_lib_search_path_spec sys_lib_dlsearch_path_spec \
+    compiler_c_o compiler_o_lo need_locks exclude_expsyms include_expsyms; do
+
+    case "$var" in
+    reload_cmds | old_archive_cmds | old_archive_from_new_cmds | \
+    old_postinstall_cmds | old_postuninstall_cmds | \
+    export_symbols_cmds | archive_cmds | archive_expsym_cmds | \
+    postinstall_cmds | postuninstall_cmds | \
+    finish_cmds | sys_lib_search_path_spec | sys_lib_dlsearch_path_spec)
+      # Double-quote double-evaled strings.
+      eval "$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$double_quote_subst\" -e \"\$sed_quote_subst\" -e \"\$delay_variable_subst\"\`\\\""
+      ;;
+    *)
+      eval "$var=\\\"\`\$echo \"X\$$var\" | \$Xsed -e \"\$sed_quote_subst\"\`\\\""
+      ;;
+    esac
+  done
+
+  case "$ltecho" in
+  *'\$0 --fallback-echo"')
+    ltecho=`$echo "X$ltecho" | $Xsed -e 's/\\\\\\\$0 --fallback-echo"$/$0 --fallback-echo"/'`
+    ;;
+  esac
+
+  trap "$rm \"$ofile\"; exit 1" 1 2 15
+  echo "creating $ofile"
+  $rm "$ofile"
+  cat <<EOF > "$ofile"
+#! $SHELL
+
+# `$echo "$ofile" | sed 's%^.*/%%'` - Provide generalized library-building support services.
+# Generated automatically by $PROGRAM (GNU $PACKAGE $VERSION$TIMESTAMP)
+# NOTE: Changes made to this file will be lost: look at ltconfig or ltmain.sh.
+#
+# Copyright (C) 1996-1999 Free Software Foundation, Inc.
+# Originally by Gordon Matzigkeit <gord at gnu.ai.mit.edu>, 1996
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# Sed that helps us avoid accidentally triggering echo(1) options like -n.
+Xsed="sed -e s/^X//"
+
+# The HP-UX ksh and POSIX shell print the target directory to stdout
+# if CDPATH is set.
+if test "X\${CDPATH+set}" = Xset; then CDPATH=:; export CDPATH; fi
+
+### BEGIN LIBTOOL CONFIG
+EOF
+  cfgfile="$ofile"
+  ;;
+
+*)
+  # Double-quote the variables that need it (for aesthetics).
+  for var in old_CC old_CFLAGS old_CPPFLAGS \
+    old_LD old_LDFLAGS old_LIBS \
+    old_NM old_RANLIB old_LN_S old_DLLTOOL old_OBJDUMP old_AS; do
+    eval "$var=\\\"\$var\\\""
+  done
+
+  # Just create a config file.
+  cfgfile="$ofile.cfg"
+  trap "$rm \"$cfgfile\"; exit 1" 1 2 15
+  echo "creating $cfgfile"
+  $rm "$cfgfile"
+  cat <<EOF > "$cfgfile"
+# `$echo "$cfgfile" | sed 's%^.*/%%'` - Libtool configuration file.
+# Generated automatically by $PROGRAM (GNU $PACKAGE $VERSION$TIMESTAMP)
+EOF
+  ;;
+esac
+
+cat <<EOF >> "$cfgfile"
+# Libtool was configured as follows, on host `(hostname || uname -n) 2>/dev/null | sed 1q`:
+#
+# CC=$old_CC CFLAGS=$old_CFLAGS CPPFLAGS=$old_CPPFLAGS \\
+# LD=$old_LD LDFLAGS=$old_LDFLAGS LIBS=$old_LIBS \\
+# NM=$old_NM RANLIB=$old_RANLIB LN_S=$old_LN_S \\
+# DLLTOOL=$old_DLLTOOL OBJDUMP=$old_OBJDUMP AS=$old_AS \\
+#   $0$ltconfig_args
+#
+# Compiler and other test output produced by $progname, useful for
+# debugging $progname, is in ./config.log if it exists.
+
+# The version of $progname that generated this script.
+LTCONFIG_VERSION=$LTCONFIG_VERSION
+
+# Shell to use when invoking shell scripts.
+SHELL=$LTSHELL
+
+# Whether or not to build shared libraries.
+build_libtool_libs=$enable_shared
+
+# Whether or not to build static libraries.
+build_old_libs=$enable_static
+
+# Whether or not to optimize for fast installation.
+fast_install=$enable_fast_install
+
+# The host system.
+host_alias=$host_alias
+host=$host
+
+# An echo program that does not interpret backslashes.
+echo=$ltecho
+
+# The archiver.
+AR=$AR
+
+# The default C compiler.
+CC=$CC
+
+# The linker used to build libraries.
+LD=$LD
+
+# Whether we need hard or soft links.
+LN_S=$LN_S
+
+# A BSD-compatible nm program.
+NM=$NM
+
+# Used on cygwin: DLL creation program.
+DLLTOOL="$DLLTOOL"
+
+# Used on cygwin: object dumper.
+OBJDUMP="$OBJDUMP"
+
+# Used on cygwin: assembler.
+AS="$AS"
+
+# The name of the directory that contains temporary libtool files.
+objdir=$objdir
+
+# How to create reloadable object files.
+reload_flag=$reload_flag
+reload_cmds=$reload_cmds
+
+# How to pass a linker flag through the compiler.
+wl=$wl
+
+# Object file suffix (normally "o").
+objext="$objext"
+
+# Old archive suffix (normally "a").
+libext="$libext"
+
+# Executable file suffix (normally "").
+exeext="$exeext"
+
+# Additional compiler flags for building library objects.
+pic_flag=$pic_flag
+
+# Does compiler simultaneously support -c and -o options?
+compiler_c_o=$compiler_c_o
+
+# Can we write directly to a .lo ?
+compiler_o_lo=$compiler_o_lo
+
+# Must we lock files when doing compilation ?
+need_locks=$need_locks
+
+# Do we need the lib prefix for modules?
+need_lib_prefix=$need_lib_prefix
+
+# Do we need a version for libraries?
+need_version=$need_version
+
+# Whether dlopen is supported.
+dlopen=$enable_dlopen
+
+# Whether dlopen of programs is supported.
+dlopen_self=$enable_dlopen_self
+
+# Whether dlopen of statically linked programs is supported.
+dlopen_self_static=$enable_dlopen_self_static
+
+# Compiler flag to prevent dynamic linking.
+link_static_flag=$link_static_flag
+
+# Compiler flag to turn off builtin functions.
+no_builtin_flag=$no_builtin_flag
+
+# Compiler flag to allow reflexive dlopens.
+export_dynamic_flag_spec=$export_dynamic_flag_spec
+
+# Compiler flag to generate shared objects directly from archives.
+whole_archive_flag_spec=$whole_archive_flag_spec
+
+# Compiler flag to generate thread-safe objects.
+thread_safe_flag_spec=$thread_safe_flag_spec
+
+# Library versioning type.
+version_type=$version_type
+
+# Format of library name prefix.
+libname_spec=$libname_spec
+
+# List of archive names.  First name is the real one, the rest are links.
+# The last name is the one that the linker finds with -lNAME.
+library_names_spec=$library_names_spec
+
+# The coded name of the library, if different from the real name.
+soname_spec=$soname_spec
+
+# Commands used to build and install an old-style archive.
+RANLIB=$RANLIB
+old_archive_cmds=$old_archive_cmds
+old_postinstall_cmds=$old_postinstall_cmds
+old_postuninstall_cmds=$old_postuninstall_cmds
+
+# Create an old-style archive from a shared archive.
+old_archive_from_new_cmds=$old_archive_from_new_cmds
+
+# Commands used to build and install a shared archive.
+archive_cmds=$archive_cmds
+archive_expsym_cmds=$archive_expsym_cmds
+postinstall_cmds=$postinstall_cmds
+postuninstall_cmds=$postuninstall_cmds
+
+# Method to check whether dependent libraries are shared objects.
+deplibs_check_method=$deplibs_check_method
+
+# Command to use when deplibs_check_method == file_magic.
+file_magic_cmd=$file_magic_cmd
+
+# Flag that allows shared libraries with undefined symbols to be built.
+allow_undefined_flag=$allow_undefined_flag
+
+# Flag that forces no undefined symbols.
+no_undefined_flag=$no_undefined_flag
+
+# Commands used to finish a libtool library installation in a directory.
+finish_cmds=$finish_cmds
+
+# Same as above, but a single script fragment to be evaled but not shown.
+finish_eval=$finish_eval
+
+# Take the output of nm and produce a listing of raw symbols and C names.
+global_symbol_pipe=$global_symbol_pipe
+
+# Transform the output of nm in a proper C declaration
+global_symbol_to_cdecl=$global_symbol_to_cdecl
+
+# This is the shared library runtime path variable.
+runpath_var=$runpath_var
+
+# This is the shared library path variable.
+shlibpath_var=$shlibpath_var
+
+# Is shlibpath searched before the hard-coded library search path?
+shlibpath_overrides_runpath=$shlibpath_overrides_runpath
+
+# How to hardcode a shared library path into an executable.
+hardcode_action=$hardcode_action
+
+# Flag to hardcode \$libdir into a binary during linking.
+# This must work even if \$libdir does not exist.
+hardcode_libdir_flag_spec=$hardcode_libdir_flag_spec
+
+# Whether we need a single -rpath flag with a separated argument.
+hardcode_libdir_separator=$hardcode_libdir_separator
+
+# Set to yes if using DIR/libNAME.so during linking hardcodes DIR into the
+# resulting binary.
+hardcode_direct=$hardcode_direct
+
+# Set to yes if using the -LDIR flag during linking hardcodes DIR into the
+# resulting binary.
+hardcode_minus_L=$hardcode_minus_L
+
+# Set to yes if using SHLIBPATH_VAR=DIR during linking hardcodes DIR into
+# the resulting binary.
+hardcode_shlibpath_var=$hardcode_shlibpath_var
+
+# Compile-time system search path for libraries
+sys_lib_search_path_spec=$sys_lib_search_path_spec
+
+# Run-time system search path for libraries
+sys_lib_dlsearch_path_spec=$sys_lib_dlsearch_path_spec
+
+# Fix the shell variable \$srcfile for the compiler.
+fix_srcfile_path="$fix_srcfile_path"
+
+# Set to yes if exported symbols are required.
+always_export_symbols=$always_export_symbols
+
+# The commands to list exported symbols.
+export_symbols_cmds=$export_symbols_cmds
+
+# Symbols that should not be listed in the preloaded symbols.
+exclude_expsyms=$exclude_expsyms
+
+# Symbols that must always be exported.
+include_expsyms=$include_expsyms
+
+EOF
+
+case "$ltmain" in
+*.sh)
+  echo '### END LIBTOOL CONFIG' >> "$ofile"
+  echo >> "$ofile"
+  case "$host_os" in
+  aix3*)
+    cat <<\EOF >> "$ofile"
+
+# AIX sometimes has problems with the GCC collect2 program.  For some
+# reason, if we set the COLLECT_NAMES environment variable, the problems
+# vanish in a puff of smoke.
+if test "X${COLLECT_NAMES+set}" != Xset; then
+  COLLECT_NAMES=
+  export COLLECT_NAMES
+fi
+EOF
+    ;;
+  esac
+
+  # Append the ltmain.sh script.
+  sed '$q' "$ltmain" >> "$ofile" || (rm -f "$ofile"; exit 1)
+  # We use sed instead of cat because bash on DJGPP gets confused if
+  # if finds mixed CR/LF and LF-only lines.  Since sed operates in
+  # text mode, it properly converts lines to CR/LF.  This bash problem
+  # is reportedly fixed, but why not run on old versions too?
+
+  chmod +x "$ofile"
+  ;;
+
+*)
+  # Compile the libtool program.
+  echo "FIXME: would compile $ltmain"
+  ;;
+esac
+
+test -n "$cache_file" || exit 0
+
+# AC_CACHE_SAVE
+trap '' 1 2 15
+cat > confcache <<\EOF
+# This file is a shell script that caches the results of configure
+# tests run on this system so they can be shared between configure
+# scripts and configure runs.  It is not useful on other systems.
+# If it contains results you don't want to keep, you may remove or edit it.
+#
+# By default, configure uses ./config.cache as the cache file,
+# creating it if it does not exist already.  You can give configure
+# the --cache-file=FILE option to use a different cache file; that is
+# what configure does when it calls configure scripts in
+# subdirectories, so they share the cache.
+# Giving --cache-file=/dev/null disables caching, for debugging configure.
+# config.status only pays attention to the cache file if you give it the
+# --recheck option to rerun configure.
+#
+EOF
+# The following way of writing the cache mishandles newlines in values,
+# but we know of no workaround that is simple, portable, and efficient.
+# So, don't put newlines in cache variables' values.
+# Ultrix sh set writes to stderr and can't be redirected directly,
+# and sets the high bit in the cache file unless we assign to the vars.
+(set) 2>&1 |
+  case `(ac_space=' '; set | grep ac_space) 2>&1` in
+  *ac_space=\ *)
+    # `set' does not quote correctly, so add quotes (double-quote substitution
+    # turns \\\\ into \\, and sed turns \\ into \).
+    sed -n \
+      -e "s/'/'\\\\''/g" \
+      -e "s/^\\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\\)=\\(.*\\)/\\1=\${\\1='\\2'}/p"
+    ;;
+  *)
+    # `set' quotes correctly as required by POSIX, so do not add quotes.
+    sed -n -e 's/^\([a-zA-Z0-9_]*_cv_[a-zA-Z0-9_]*\)=\(.*\)/\1=${\1=\2}/p'
+    ;;
+  esac >> confcache
+if cmp -s $cache_file confcache; then
+  :
+else
+  if test -w $cache_file; then
+    echo "updating cache $cache_file"
+    cat confcache > $cache_file
+  else
+    echo "not updating unwritable cache $cache_file"
+  fi
+fi
+rm -f confcache
+
+exit 0
+
+# Local Variables:
+# mode:shell-script
+# sh-indentation:2
+# End:
diff --git a/external/privoxy/pcre/ltmain.sh b/external/privoxy/pcre/ltmain.sh
new file mode 100644
index 0000000..ab65054
--- /dev/null
+++ b/external/privoxy/pcre/ltmain.sh
@@ -0,0 +1,4012 @@
+# ltmain.sh - Provide generalized library-building support services.
+# NOTE: Changing this file will not affect anything until you rerun ltconfig.
+#
+# Copyright (C) 1996-1999 Free Software Foundation, Inc.
+# Originally by Gordon Matzigkeit <gord at gnu.ai.mit.edu>, 1996
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# This program is distributed in the hope that it will be useful, but
+# WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+# General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program; if not, write to the Free Software
+# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+#
+# As a special exception to the GNU General Public License, if you
+# distribute this file as part of a program that contains a
+# configuration script generated by Autoconf, you may include it under
+# the same distribution terms that you use for the rest of that program.
+
+# Check that we have a working $echo.
+if test "X$1" = X--no-reexec; then
+  # Discard the --no-reexec flag, and continue.
+  shift
+elif test "X$1" = X--fallback-echo; then
+  # Avoid inline document here, it may be left over
+  :
+elif test "X`($echo '\t') 2>/dev/null`" = 'X\t'; then
+  # Yippee, $echo works!
+  :
+else
+  # Restart under the correct shell, and then maybe $echo will work.
+  exec $SHELL "$0" --no-reexec ${1+"$@"}
+fi
+
+if test "X$1" = X--fallback-echo; then
+  # used as fallback echo
+  shift
+  cat <<EOF
+$*
+EOF
+  exit 0
+fi
+
+# The name of this program.
+progname=`$echo "$0" | sed 's%^.*/%%'`
+modename="$progname"
+
+# Constants.
+PROGRAM=ltmain.sh
+PACKAGE=libtool
+VERSION=1.3.4
+TIMESTAMP=" (1.385.2.196 1999/12/07 21:47:57)"
+
+default_mode=
+help="Try \`$progname --help' for more information."
+magic="%%%MAGIC variable%%%"
+mkdir="mkdir"
+mv="mv -f"
+rm="rm -f"
+
+# Sed substitution that helps us do robust quoting.  It backslashifies
+# metacharacters that are still active within double-quoted strings.
+Xsed='sed -e 1s/^X//'
+sed_quote_subst='s/\([\\`\\"$\\\\]\)/\\\1/g'
+SP2NL='tr \040 \012'
+NL2SP='tr \015\012 \040\040'
+
+# NLS nuisances.
+# Only set LANG and LC_ALL to C if already set.
+# These must not be set unconditionally because not all systems understand
+# e.g. LANG=C (notably SCO).
+# We save the old values to restore during execute mode.
+if test "${LC_ALL+set}" = set; then
+  save_LC_ALL="$LC_ALL"; LC_ALL=C; export LC_ALL
+fi
+if test "${LANG+set}" = set; then
+  save_LANG="$LANG"; LANG=C; export LANG
+fi
+
+if test "$LTCONFIG_VERSION" != "$VERSION"; then
+  echo "$modename: ltconfig version \`$LTCONFIG_VERSION' does not match $PROGRAM version \`$VERSION'" 1>&2
+  echo "Fatal configuration error.  See the $PACKAGE docs for more information." 1>&2
+  exit 1
+fi
+
+if test "$build_libtool_libs" != yes && test "$build_old_libs" != yes; then
+  echo "$modename: not configured to build any kind of library" 1>&2
+  echo "Fatal configuration error.  See the $PACKAGE docs for more information." 1>&2
+  exit 1
+fi
+
+# Global variables.
+mode=$default_mode
+nonopt=
+prev=
+prevopt=
+run=
+show="$echo"
+show_help=
+execute_dlfiles=
+lo2o="s/\\.lo\$/.${objext}/"
+o2lo="s/\\.${objext}\$/.lo/"
+
+# Parse our command line options once, thoroughly.
+while test $# -gt 0
+do
+  arg="$1"
+  shift
+
+  case "$arg" in
+  -*=*) optarg=`$echo "X$arg" | $Xsed -e 's/[-_a-zA-Z0-9]*=//'` ;;
+  *) optarg= ;;
+  esac
+
+  # If the previous option needs an argument, assign it.
+  if test -n "$prev"; then
+    case "$prev" in
+    execute_dlfiles)
+      eval "$prev=\"\$$prev \$arg\""
+      ;;
+    *)
+      eval "$prev=\$arg"
+      ;;
+    esac
+
+    prev=
+    prevopt=
+    continue
+  fi
+
+  # Have we seen a non-optional argument yet?
+  case "$arg" in
+  --help)
+    show_help=yes
+    ;;
+
+  --version)
+    echo "$PROGRAM (GNU $PACKAGE) $VERSION$TIMESTAMP"
+    exit 0
+    ;;
+
+  --config)
+    sed -e '1,/^### BEGIN LIBTOOL CONFIG/d' -e '/^### END LIBTOOL CONFIG/,$d' $0
+    exit 0
+    ;;
+
+  --debug)
+    echo "$progname: enabling shell trace mode"
+    set -x
+    ;;
+
+  --dry-run | -n)
+    run=:
+    ;;
+
+  --features)
+    echo "host: $host"
+    if test "$build_libtool_libs" = yes; then
+      echo "enable shared libraries"
+    else
+      echo "disable shared libraries"
+    fi
+    if test "$build_old_libs" = yes; then
+      echo "enable static libraries"
+    else
+      echo "disable static libraries"
+    fi
+    exit 0
+    ;;
+
+  --finish) mode="finish" ;;
+
+  --mode) prevopt="--mode" prev=mode ;;
+  --mode=*) mode="$optarg" ;;
+
+  --quiet | --silent)
+    show=:
+    ;;
+
+  -dlopen)
+    prevopt="-dlopen"
+    prev=execute_dlfiles
+    ;;
+
+  -*)
+    $echo "$modename: unrecognized option \`$arg'" 1>&2
+    $echo "$help" 1>&2
+    exit 1
+    ;;
+
+  *)
+    nonopt="$arg"
+    break
+    ;;
+  esac
+done
+
+if test -n "$prevopt"; then
+  $echo "$modename: option \`$prevopt' requires an argument" 1>&2
+  $echo "$help" 1>&2
+  exit 1
+fi
+
+if test -z "$show_help"; then
+
+  # Infer the operation mode.
+  if test -z "$mode"; then
+    case "$nonopt" in
+    *cc | *++ | gcc* | *-gcc*)
+      mode=link
+      for arg
+      do
+	case "$arg" in
+	-c)
+	   mode=compile
+	   break
+	   ;;
+	esac
+      done
+      ;;
+    *db | *dbx | *strace | *truss)
+      mode=execute
+      ;;
+    *install*|cp|mv)
+      mode=install
+      ;;
+    *rm)
+      mode=uninstall
+      ;;
+    *)
+      # If we have no mode, but dlfiles were specified, then do execute mode.
+      test -n "$execute_dlfiles" && mode=execute
+
+      # Just use the default operation mode.
+      if test -z "$mode"; then
+	if test -n "$nonopt"; then
+	  $echo "$modename: warning: cannot infer operation mode from \`$nonopt'" 1>&2
+	else
+	  $echo "$modename: warning: cannot infer operation mode without MODE-ARGS" 1>&2
+	fi
+      fi
+      ;;
+    esac
+  fi
+
+  # Only execute mode is allowed to have -dlopen flags.
+  if test -n "$execute_dlfiles" && test "$mode" != execute; then
+    $echo "$modename: unrecognized option \`-dlopen'" 1>&2
+    $echo "$help" 1>&2
+    exit 1
+  fi
+
+  # Change the help message to a mode-specific one.
+  generic_help="$help"
+  help="Try \`$modename --help --mode=$mode' for more information."
+
+  # These modes are in order of execution frequency so that they run quickly.
+  case "$mode" in
+  # libtool compile mode
+  compile)
+    modename="$modename: compile"
+    # Get the compilation command and the source file.
+    base_compile=
+    lastarg=
+    srcfile="$nonopt"
+    suppress_output=
+
+    user_target=no
+    for arg
+    do
+      # Accept any command-line options.
+      case "$arg" in
+      -o)
+	if test "$user_target" != "no"; then
+	  $echo "$modename: you cannot specify \`-o' more than once" 1>&2
+	  exit 1
+	fi
+	user_target=next
+	;;
+
+      -static)
+	build_old_libs=yes
+	continue
+	;;
+      esac
+
+      case "$user_target" in
+      next)
+	# The next one is the -o target name
+	user_target=yes
+	continue
+	;;
+      yes)
+	# We got the output file
+	user_target=set
+	libobj="$arg"
+	continue
+	;;
+      esac
+
+      # Accept the current argument as the source file.
+      lastarg="$srcfile"
+      srcfile="$arg"
+
+      # Aesthetically quote the previous argument.
+
+      # Backslashify any backslashes, double quotes, and dollar signs.
+      # These are the only characters that are still specially
+      # interpreted inside of double-quoted scrings.
+      lastarg=`$echo "X$lastarg" | $Xsed -e "$sed_quote_subst"`
+
+      # Double-quote args containing other shell metacharacters.
+      # Many Bourne shells cannot handle close brackets correctly in scan
+      # sets, so we specify it separately.
+      case "$lastarg" in
+      *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \	]*|*]*)
+	lastarg="\"$lastarg\""
+	;;
+      esac
+
+      # Add the previous argument to base_compile.
+      if test -z "$base_compile"; then
+	base_compile="$lastarg"
+      else
+	base_compile="$base_compile $lastarg"
+      fi
+    done
+
+    case "$user_target" in
+    set)
+      ;;
+    no)
+      # Get the name of the library object.
+      libobj=`$echo "X$srcfile" | $Xsed -e 's%^.*/%%'`
+      ;;
+    *)
+      $echo "$modename: you must specify a target with \`-o'" 1>&2
+      exit 1
+      ;;
+    esac
+
+    # Recognize several different file suffixes.
+    # If the user specifies -o file.o, it is replaced with file.lo
+    xform='[cCFSfmso]'
+    case "$libobj" in
+    *.ada) xform=ada ;;
+    *.adb) xform=adb ;;
+    *.ads) xform=ads ;;
+    *.asm) xform=asm ;;
+    *.c++) xform=c++ ;;
+    *.cc) xform=cc ;;
+    *.cpp) xform=cpp ;;
+    *.cxx) xform=cxx ;;
+    *.f90) xform=f90 ;;
+    *.for) xform=for ;;
+    esac
+
+    libobj=`$echo "X$libobj" | $Xsed -e "s/\.$xform$/.lo/"`
+
+    case "$libobj" in
+    *.lo) obj=`$echo "X$libobj" | $Xsed -e "$lo2o"` ;;
+    *)
+      $echo "$modename: cannot determine name of library object from \`$libobj'" 1>&2
+      exit 1
+      ;;
+    esac
+
+    if test -z "$base_compile"; then
+      $echo "$modename: you must specify a compilation command" 1>&2
+      $echo "$help" 1>&2
+      exit 1
+    fi
+
+    # Delete any leftover library objects.
+    if test "$build_old_libs" = yes; then
+      removelist="$obj $libobj"
+    else
+      removelist="$libobj"
+    fi
+
+    $run $rm $removelist
+    trap "$run $rm $removelist; exit 1" 1 2 15
+
+    # Calculate the filename of the output object if compiler does
+    # not support -o with -c
+    if test "$compiler_c_o" = no; then
+      output_obj=`$echo "X$srcfile" | $Xsed -e 's%^.*/%%' -e 's%\..*$%%'`.${objext}
+      lockfile="$output_obj.lock"
+      removelist="$removelist $output_obj $lockfile"
+      trap "$run $rm $removelist; exit 1" 1 2 15
+    else
+      need_locks=no
+      lockfile=
+    fi
+
+    # Lock this critical section if it is needed
+    # We use this script file to make the link, it avoids creating a new file
+    if test "$need_locks" = yes; then
+      until ln "$0" "$lockfile" 2>/dev/null; do
+	$show "Waiting for $lockfile to be removed"
+	sleep 2
+      done
+    elif test "$need_locks" = warn; then
+      if test -f "$lockfile"; then
+	echo "\
+*** ERROR, $lockfile exists and contains:
+`cat $lockfile 2>/dev/null`
+
+This indicates that another process is trying to use the same
+temporary object file, and libtool could not work around it because
+your compiler does not support \`-c' and \`-o' together.  If you
+repeat this compilation, it may succeed, by chance, but you had better
+avoid parallel builds (make -j) in this platform, or get a better
+compiler."
+
+	$run $rm $removelist
+	exit 1
+      fi
+      echo $srcfile > "$lockfile"
+    fi
+
+    if test -n "$fix_srcfile_path"; then
+      eval srcfile=\"$fix_srcfile_path\"
+    fi
+
+    # Only build a PIC object if we are building libtool libraries.
+    if test "$build_libtool_libs" = yes; then
+      # Without this assignment, base_compile gets emptied.
+      fbsd_hideous_sh_bug=$base_compile
+
+      # All platforms use -DPIC, to notify preprocessed assembler code.
+      command="$base_compile $srcfile $pic_flag -DPIC"
+      if test "$build_old_libs" = yes; then
+	lo_libobj="$libobj"
+	dir=`$echo "X$libobj" | $Xsed -e 's%/[^/]*$%%'`
+	if test "X$dir" = "X$libobj"; then
+	  dir="$objdir"
+	else
+	  dir="$dir/$objdir"
+	fi
+	libobj="$dir/"`$echo "X$libobj" | $Xsed -e 's%^.*/%%'`
+
+	if test -d "$dir"; then
+	  $show "$rm $libobj"
+	  $run $rm $libobj
+	else
+	  $show "$mkdir $dir"
+	  $run $mkdir $dir
+	  status=$?
+	  if test $status -ne 0 && test ! -d $dir; then
+	    exit $status
+	  fi
+	fi
+      fi
+      if test "$compiler_o_lo" = yes; then
+	output_obj="$libobj"
+	command="$command -o $output_obj"
+      elif test "$compiler_c_o" = yes; then
+	output_obj="$obj"
+	command="$command -o $output_obj"
+      fi
+
+      $run $rm "$output_obj"
+      $show "$command"
+      if $run eval "$command"; then :
+      else
+	test -n "$output_obj" && $run $rm $removelist
+	exit 1
+      fi
+
+      if test "$need_locks" = warn &&
+	 test x"`cat $lockfile 2>/dev/null`" != x"$srcfile"; then
+	echo "\
+*** ERROR, $lockfile contains:
+`cat $lockfile 2>/dev/null`
+
+but it should contain:
+$srcfile
+
+This indicates that another process is trying to use the same
+temporary object file, and libtool could not work around it because
+your compiler does not support \`-c' and \`-o' together.  If you
+repeat this compilation, it may succeed, by chance, but you had better
+avoid parallel builds (make -j) in this platform, or get a better
+compiler."
+
+	$run $rm $removelist
+	exit 1
+      fi
+
+      # Just move the object if needed, then go on to compile the next one
+      if test x"$output_obj" != x"$libobj"; then
+	$show "$mv $output_obj $libobj"
+	if $run $mv $output_obj $libobj; then :
+	else
+	  error=$?
+	  $run $rm $removelist
+	  exit $error
+	fi
+      fi
+
+      # If we have no pic_flag, then copy the object into place and finish.
+      if test -z "$pic_flag" && test "$build_old_libs" = yes; then
+	# Rename the .lo from within objdir to obj
+	if test -f $obj; then
+	  $show $rm $obj
+	  $run $rm $obj
+	fi
+
+	$show "$mv $libobj $obj"
+	if $run $mv $libobj $obj; then :
+	else
+	  error=$?
+	  $run $rm $removelist
+	  exit $error
+	fi
+
+	xdir=`$echo "X$obj" | $Xsed -e 's%/[^/]*$%%'`
+	if test "X$xdir" = "X$obj"; then
+	  xdir="."
+	else
+	  xdir="$xdir"
+	fi
+	baseobj=`$echo "X$obj" | $Xsed -e "s%.*/%%"`
+	libobj=`$echo "X$baseobj" | $Xsed -e "$o2lo"`
+	# Now arrange that obj and lo_libobj become the same file
+	$show "(cd $xdir && $LN_S $baseobj $libobj)"
+	if $run eval '(cd $xdir && $LN_S $baseobj $libobj)'; then
+	  exit 0
+	else
+	  error=$?
+	  $run $rm $removelist
+	  exit $error
+	fi
+      fi
+
+      # Allow error messages only from the first compilation.
+      suppress_output=' >/dev/null 2>&1'
+    fi
+
+    # Only build a position-dependent object if we build old libraries.
+    if test "$build_old_libs" = yes; then
+      command="$base_compile $srcfile"
+      if test "$compiler_c_o" = yes; then
+	command="$command -o $obj"
+	output_obj="$obj"
+      fi
+
+      # Suppress compiler output if we already did a PIC compilation.
+      command="$command$suppress_output"
+      $run $rm "$output_obj"
+      $show "$command"
+      if $run eval "$command"; then :
+      else
+	$run $rm $removelist
+	exit 1
+      fi
+
+      if test "$need_locks" = warn &&
+	 test x"`cat $lockfile 2>/dev/null`" != x"$srcfile"; then
+	echo "\
+*** ERROR, $lockfile contains:
+`cat $lockfile 2>/dev/null`
+
+but it should contain:
+$srcfile
+
+This indicates that another process is trying to use the same
+temporary object file, and libtool could not work around it because
+your compiler does not support \`-c' and \`-o' together.  If you
+repeat this compilation, it may succeed, by chance, but you had better
+avoid parallel builds (make -j) in this platform, or get a better
+compiler."
+
+	$run $rm $removelist
+	exit 1
+      fi
+
+      # Just move the object if needed
+      if test x"$output_obj" != x"$obj"; then
+	$show "$mv $output_obj $obj"
+	if $run $mv $output_obj $obj; then :
+	else
+	  error=$?
+	  $run $rm $removelist
+	  exit $error
+	fi
+      fi
+
+      # Create an invalid libtool object if no PIC, so that we do not
+      # accidentally link it into a program.
+      if test "$build_libtool_libs" != yes; then
+	$show "echo timestamp > $libobj"
+	$run eval "echo timestamp > \$libobj" || exit $?
+      else
+	# Move the .lo from within objdir
+	$show "$mv $libobj $lo_libobj"
+	if $run $mv $libobj $lo_libobj; then :
+	else
+	  error=$?
+	  $run $rm $removelist
+	  exit $error
+	fi
+      fi
+    fi
+
+    # Unlock the critical section if it was locked
+    if test "$need_locks" != no; then
+      $rm "$lockfile"
+    fi
+
+    exit 0
+    ;;
+
+  # libtool link mode
+  link)
+    modename="$modename: link"
+    case "$host" in
+    *-*-cygwin* | *-*-mingw* | *-*-os2*)
+      # It is impossible to link a dll without this setting, and
+      # we shouldn't force the makefile maintainer to figure out
+      # which system we are compiling for in order to pass an extra
+      # flag for every libtool invokation.
+      # allow_undefined=no
+
+      # FIXME: Unfortunately, there are problems with the above when trying
+      # to make a dll which has undefined symbols, in which case not
+      # even a static library is built.  For now, we need to specify
+      # -no-undefined on the libtool link line when we can be certain
+      # that all symbols are satisfied, otherwise we get a static library.
+      allow_undefined=yes
+
+      # This is a source program that is used to create dlls on Windows
+      # Don't remove nor modify the starting and closing comments
+# /* ltdll.c starts here */
+# #define WIN32_LEAN_AND_MEAN
+# #include <windows.h>
+# #undef WIN32_LEAN_AND_MEAN
+# #include <stdio.h>
+#
+# #ifndef __CYGWIN__
+# #  ifdef __CYGWIN32__
+# #    define __CYGWIN__ __CYGWIN32__
+# #  endif
+# #endif
+#
+# #ifdef __cplusplus
+# extern "C" {
+# #endif
+# BOOL APIENTRY DllMain (HINSTANCE hInst, DWORD reason, LPVOID reserved);
+# #ifdef __cplusplus
+# }
+# #endif
+#
+# #ifdef __CYGWIN__
+# #include <cygwin/cygwin_dll.h>
+# DECLARE_CYGWIN_DLL( DllMain );
+# #endif
+# HINSTANCE __hDllInstance_base;
+#
+# BOOL APIENTRY
+# DllMain (HINSTANCE hInst, DWORD reason, LPVOID reserved)
+# {
+#   __hDllInstance_base = hInst;
+#   return TRUE;
+# }
+# /* ltdll.c ends here */
+      # This is a source program that is used to create import libraries
+      # on Windows for dlls which lack them. Don't remove nor modify the
+      # starting and closing comments
+# /* impgen.c starts here */
+# /*   Copyright (C) 1999 Free Software Foundation, Inc.
+# 
+#  This file is part of GNU libtool.
+# 
+#  This program is free software; you can redistribute it and/or modify
+#  it under the terms of the GNU General Public License as published by
+#  the Free Software Foundation; either version 2 of the License, or
+#  (at your option) any later version.
+# 
+#  This program is distributed in the hope that it will be useful,
+#  but WITHOUT ANY WARRANTY; without even the implied warranty of
+#  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+#  GNU General Public License for more details.
+# 
+#  You should have received a copy of the GNU General Public License
+#  along with this program; if not, write to the Free Software
+#  Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+#  */
+# 
+#  #include <stdio.h>		/* for printf() */
+#  #include <unistd.h>		/* for open(), lseek(), read() */
+#  #include <fcntl.h>		/* for O_RDONLY, O_BINARY */
+#  #include <string.h>		/* for strdup() */
+# 
+#  static unsigned int
+#  pe_get16 (fd, offset)
+#       int fd;
+#       int offset;
+#  {
+#    unsigned char b[2];
+#    lseek (fd, offset, SEEK_SET);
+#    read (fd, b, 2);
+#    return b[0] + (b[1]<<8);
+#  }
+# 
+#  static unsigned int
+#  pe_get32 (fd, offset)
+#      int fd;
+#      int offset;
+#  {
+#    unsigned char b[4];
+#    lseek (fd, offset, SEEK_SET);
+#    read (fd, b, 4);
+#    return b[0] + (b[1]<<8) + (b[2]<<16) + (b[3]<<24);
+#  }
+# 
+#  static unsigned int
+#  pe_as32 (ptr)
+#       void *ptr;
+#  {
+#    unsigned char *b = ptr;
+#    return b[0] + (b[1]<<8) + (b[2]<<16) + (b[3]<<24);
+#  }
+# 
+#  int
+#  main (argc, argv)
+#      int argc;
+#      char *argv[];
+#  {
+#      int dll;
+#      unsigned long pe_header_offset, opthdr_ofs, num_entries, i;
+#      unsigned long export_rva, export_size, nsections, secptr, expptr;
+#      unsigned long name_rvas, nexp;
+#      unsigned char *expdata, *erva;
+#      char *filename, *dll_name;
+# 
+#      filename = argv[1];
+# 
+#      dll = open(filename, O_RDONLY|O_BINARY);
+#      if (!dll)
+#  	return 1;
+# 
+#      dll_name = filename;
+#    
+#      for (i=0; filename[i]; i++)
+#  	if (filename[i] == '/' || filename[i] == '\\'  || filename[i] == ':')
+#  	    dll_name = filename + i +1;
+# 
+#      pe_header_offset = pe_get32 (dll, 0x3c);
+#      opthdr_ofs = pe_header_offset + 4 + 20;
+#      num_entries = pe_get32 (dll, opthdr_ofs + 92);
+# 
+#      if (num_entries < 1) /* no exports */
+#  	return 1;
+# 
+#      export_rva = pe_get32 (dll, opthdr_ofs + 96);
+#      export_size = pe_get32 (dll, opthdr_ofs + 100);
+#      nsections = pe_get16 (dll, pe_header_offset + 4 +2);
+#      secptr = (pe_header_offset + 4 + 20 +
+#  	      pe_get16 (dll, pe_header_offset + 4 + 16));
+# 
+#      expptr = 0;
+#      for (i = 0; i < nsections; i++)
+#      {
+#  	char sname[8];
+#  	unsigned long secptr1 = secptr + 40 * i;
+#  	unsigned long vaddr = pe_get32 (dll, secptr1 + 12);
+#  	unsigned long vsize = pe_get32 (dll, secptr1 + 16);
+#  	unsigned long fptr = pe_get32 (dll, secptr1 + 20);
+#  	lseek(dll, secptr1, SEEK_SET);
+#  	read(dll, sname, 8);
+#  	if (vaddr <= export_rva && vaddr+vsize > export_rva)
+#  	{
+#  	    expptr = fptr + (export_rva - vaddr);
+#  	    if (export_rva + export_size > vaddr + vsize)
+#  		export_size = vsize - (export_rva - vaddr);
+#  	    break;
+#  	}
+#      }
+# 
+#      expdata = (unsigned char*)malloc(export_size);
+#      lseek (dll, expptr, SEEK_SET);
+#      read (dll, expdata, export_size);
+#      erva = expdata - export_rva;
+# 
+#      nexp = pe_as32 (expdata+24);
+#      name_rvas = pe_as32 (expdata+32);
+# 
+#      printf ("EXPORTS\n");
+#      for (i = 0; i<nexp; i++)
+#      {
+#  	unsigned long name_rva = pe_as32 (erva+name_rvas+i*4);
+#  	printf ("\t%s @ %ld ;\n", erva+name_rva, 1+ i);
+#      }
+# 
+#      return 0;
+#  }
+# /* impgen.c ends here */
+      ;;
+    *)
+      allow_undefined=yes
+      ;;
+    esac
+    compile_command="$nonopt"
+    finalize_command="$nonopt"
+
+    compile_rpath=
+    finalize_rpath=
+    compile_shlibpath=
+    finalize_shlibpath=
+    convenience=
+    old_convenience=
+    deplibs=
+    linkopts=
+
+    if test -n "$shlibpath_var"; then
+      # get the directories listed in $shlibpath_var
+      eval lib_search_path=\`\$echo \"X \${$shlibpath_var}\" \| \$Xsed -e \'s/:/ /g\'\`
+    else
+      lib_search_path=
+    fi
+    # now prepend the system-specific ones
+    eval lib_search_path=\"$sys_lib_search_path_spec\$lib_search_path\"
+    eval sys_lib_dlsearch_path=\"$sys_lib_dlsearch_path_spec\"
+    
+    avoid_version=no
+    dlfiles=
+    dlprefiles=
+    dlself=no
+    export_dynamic=no
+    export_symbols=
+    export_symbols_regex=
+    generated=
+    libobjs=
+    link_against_libtool_libs=
+    ltlibs=
+    module=no
+    objs=
+    prefer_static_libs=no
+    preload=no
+    prev=
+    prevarg=
+    release=
+    rpath=
+    xrpath=
+    perm_rpath=
+    temp_rpath=
+    thread_safe=no
+    vinfo=
+
+    # We need to know -static, to get the right output filenames.
+    for arg
+    do
+      case "$arg" in
+      -all-static | -static)
+	if test "X$arg" = "X-all-static"; then
+	  if test "$build_libtool_libs" = yes && test -z "$link_static_flag"; then
+	    $echo "$modename: warning: complete static linking is impossible in this configuration" 1>&2
+	  fi
+	  if test -n "$link_static_flag"; then
+	    dlopen_self=$dlopen_self_static
+	  fi
+	else
+	  if test -z "$pic_flag" && test -n "$link_static_flag"; then
+	    dlopen_self=$dlopen_self_static
+	  fi
+	fi
+	build_libtool_libs=no
+	build_old_libs=yes
+	prefer_static_libs=yes
+	break
+	;;
+      esac
+    done
+
+    # See if our shared archives depend on static archives.
+    test -n "$old_archive_from_new_cmds" && build_old_libs=yes
+
+    # Go through the arguments, transforming them on the way.
+    while test $# -gt 0; do
+      arg="$1"
+      shift
+
+      # If the previous option needs an argument, assign it.
+      if test -n "$prev"; then
+	case "$prev" in
+	output)
+	  compile_command="$compile_command @OUTPUT@"
+	  finalize_command="$finalize_command @OUTPUT@"
+	  ;;
+	esac
+
+	case "$prev" in
+	dlfiles|dlprefiles)
+	  if test "$preload" = no; then
+	    # Add the symbol object into the linking commands.
+	    compile_command="$compile_command @SYMFILE@"
+	    finalize_command="$finalize_command @SYMFILE@"
+	    preload=yes
+	  fi
+	  case "$arg" in
+	  *.la | *.lo) ;;  # We handle these cases below.
+	  force)
+	    if test "$dlself" = no; then
+	      dlself=needless
+	      export_dynamic=yes
+	    fi
+	    prev=
+	    continue
+	    ;;
+	  self)
+	    if test "$prev" = dlprefiles; then
+	      dlself=yes
+	    elif test "$prev" = dlfiles && test "$dlopen_self" != yes; then
+	      dlself=yes
+	    else
+	      dlself=needless
+	      export_dynamic=yes
+	    fi
+	    prev=
+	    continue
+	    ;;
+	  *)
+	    if test "$prev" = dlfiles; then
+	      dlfiles="$dlfiles $arg"
+	    else
+	      dlprefiles="$dlprefiles $arg"
+	    fi
+	    prev=
+	    ;;
+	  esac
+	  ;;
+	expsyms)
+	  export_symbols="$arg"
+	  if test ! -f "$arg"; then
+	    $echo "$modename: symbol file \`$arg' does not exist"
+	    exit 1
+	  fi
+	  prev=
+	  continue
+	  ;;
+	expsyms_regex)
+	  export_symbols_regex="$arg"
+	  prev=
+	  continue
+	  ;;
+	release)
+	  release="-$arg"
+	  prev=
+	  continue
+	  ;;
+	rpath | xrpath)
+	  # We need an absolute path.
+	  case "$arg" in
+	  [\\/]* | [A-Za-z]:[\\/]*) ;;
+	  *)
+	    $echo "$modename: only absolute run-paths are allowed" 1>&2
+	    exit 1
+	    ;;
+	  esac
+	  if test "$prev" = rpath; then
+	    case "$rpath " in
+	    *" $arg "*) ;;
+	    *) rpath="$rpath $arg" ;;
+	    esac
+	  else
+	    case "$xrpath " in
+	    *" $arg "*) ;;
+	    *) xrpath="$xrpath $arg" ;;
+	    esac
+	  fi
+	  prev=
+	  continue
+	  ;;
+	*)
+	  eval "$prev=\"\$arg\""
+	  prev=
+	  continue
+	  ;;
+	esac
+      fi
+
+      prevarg="$arg"
+
+      case "$arg" in
+      -all-static)
+	if test -n "$link_static_flag"; then
+	  compile_command="$compile_command $link_static_flag"
+	  finalize_command="$finalize_command $link_static_flag"
+	fi
+	continue
+	;;
+
+      -allow-undefined)
+	# FIXME: remove this flag sometime in the future.
+	$echo "$modename: \`-allow-undefined' is deprecated because it is the default" 1>&2
+	continue
+	;;
+
+      -avoid-version)
+	avoid_version=yes
+	continue
+	;;
+
+      -dlopen)
+	prev=dlfiles
+	continue
+	;;
+
+      -dlpreopen)
+	prev=dlprefiles
+	continue
+	;;
+
+      -export-dynamic)
+	export_dynamic=yes
+	continue
+	;;
+
+      -export-symbols | -export-symbols-regex)
+	if test -n "$export_symbols" || test -n "$export_symbols_regex"; then
+	  $echo "$modename: not more than one -exported-symbols argument allowed"
+	  exit 1
+	fi
+	if test "X$arg" = "X-export-symbols"; then
+	  prev=expsyms
+	else
+	  prev=expsyms_regex
+	fi
+	continue
+	;;
+
+      -L*)
+	dir=`$echo "X$arg" | $Xsed -e 's/^-L//'`
+	# We need an absolute path.
+	case "$dir" in
+	[\\/]* | [A-Za-z]:[\\/]*) ;;
+	*)
+	  absdir=`cd "$dir" && pwd`
+	  if test -z "$absdir"; then
+	    $echo "$modename: warning: cannot determine absolute directory name of \`$dir'" 1>&2
+	    $echo "$modename: passing it literally to the linker, although it might fail" 1>&2
+	    absdir="$dir"
+	  fi
+	  dir="$absdir"
+	  ;;
+	esac
+	case " $deplibs " in
+	*" $arg "*) ;;
+	*) deplibs="$deplibs $arg";;
+	esac
+	case " $lib_search_path " in
+	*" $dir "*) ;;
+	*) lib_search_path="$lib_search_path $dir";;
+	esac
+	case "$host" in
+	*-*-cygwin* | *-*-mingw* | *-*-os2*)
+	  dllsearchdir=`cd "$dir" && pwd || echo "$dir"`
+	  case ":$dllsearchpath:" in
+	  ::) dllsearchpath="$dllsearchdir";;
+	  *":$dllsearchdir:"*) ;;
+	  *) dllsearchpath="$dllsearchpath:$dllsearchdir";;
+	  esac
+	  ;;
+	esac
+	;;
+
+      -l*)
+	if test "$arg" = "-lc"; then
+	  case "$host" in
+	  *-*-cygwin* | *-*-mingw* | *-*-os2* | *-*-beos*)
+	    # These systems don't actually have c library (as such)
+	    continue
+	    ;;
+	  esac
+	elif test "$arg" = "-lm"; then
+	  case "$host" in
+	  *-*-cygwin* | *-*-beos*)
+	    # These systems don't actually have math library (as such)
+	    continue
+	    ;;
+	  esac
+	fi
+	deplibs="$deplibs $arg"
+	;;
+
+      -module)
+	module=yes
+	continue
+	;;
+
+      -no-undefined)
+	allow_undefined=no
+	continue
+	;;
+
+      -o) prev=output ;;
+
+      -release)
+	prev=release
+	continue
+	;;
+
+      -rpath)
+	prev=rpath
+	continue
+	;;
+
+      -R)
+	prev=xrpath
+	continue
+	;;
+
+      -R*)
+	dir=`$echo "X$arg" | $Xsed -e 's/^-R//'`
+	# We need an absolute path.
+	case "$dir" in
+	[\\/]* | [A-Za-z]:[\\/]*) ;;
+	*)
+	  $echo "$modename: only absolute run-paths are allowed" 1>&2
+	  exit 1
+	  ;;
+	esac
+	case "$xrpath " in
+	*" $dir "*) ;;
+	*) xrpath="$xrpath $dir" ;;
+	esac
+	continue
+	;;
+
+      -static)
+	# If we have no pic_flag, then this is the same as -all-static.
+	if test -z "$pic_flag" && test -n "$link_static_flag"; then
+	  compile_command="$compile_command $link_static_flag"
+	  finalize_command="$finalize_command $link_static_flag"
+	fi
+	continue
+	;;
+
+      -thread-safe)
+	thread_safe=yes
+	continue
+	;;
+
+      -version-info)
+	prev=vinfo
+	continue
+	;;
+
+      # Some other compiler flag.
+      -* | +*)
+	# Unknown arguments in both finalize_command and compile_command need
+	# to be aesthetically quoted because they are evaled later.
+	arg=`$echo "X$arg" | $Xsed -e "$sed_quote_subst"`
+	case "$arg" in
+	*[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \	]*|*]*)
+	  arg="\"$arg\""
+	  ;;
+	esac
+	;;
+
+      *.o | *.obj | *.a | *.lib)
+	# A standard object.
+	objs="$objs $arg"
+	;;
+
+      *.lo)
+	# A library object.
+	if test "$prev" = dlfiles; then
+	  dlfiles="$dlfiles $arg"
+	  if test "$build_libtool_libs" = yes && test "$dlopen" = yes; then
+	    prev=
+	    continue
+	  else
+	    # If libtool objects are unsupported, then we need to preload.
+	    prev=dlprefiles
+	  fi
+	fi
+
+	if test "$prev" = dlprefiles; then
+	  # Preload the old-style object.
+	  dlprefiles="$dlprefiles "`$echo "X$arg" | $Xsed -e "$lo2o"`
+	  prev=
+	fi
+	libobjs="$libobjs $arg"
+	;;
+
+      *.la)
+	# A libtool-controlled library.
+
+	dlname=
+	libdir=
+	library_names=
+	old_library=
+
+	# Check to see that this really is a libtool archive.
+	if (sed -e '2q' $arg | egrep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then :
+	else
+	  $echo "$modename: \`$arg' is not a valid libtool archive" 1>&2
+	  exit 1
+	fi
+
+	# If the library was installed with an old release of libtool,
+	# it will not redefine variable installed.
+	installed=yes
+
+	# Read the .la file
+	# If there is no directory component, then add one.
+	case "$arg" in
+	*/* | *\\*) . $arg ;;
+	*) . ./$arg ;;
+	esac
+
+	# Get the name of the library we link against.
+	linklib=
+	for l in $old_library $library_names; do
+	  linklib="$l"
+	done
+
+	if test -z "$linklib"; then
+	  $echo "$modename: cannot find name of link library for \`$arg'" 1>&2
+	  exit 1
+	fi
+
+	# Find the relevant object directory and library name.
+	name=`$echo "X$arg" | $Xsed -e 's%^.*/%%' -e 's/\.la$//' -e 's/^lib//'`
+
+	if test "X$installed" = Xyes; then
+	  dir="$libdir"
+	else
+	  dir=`$echo "X$arg" | $Xsed -e 's%/[^/]*$%%'`
+	  if test "X$dir" = "X$arg"; then
+	    dir="$objdir"
+	  else
+	    dir="$dir/$objdir"
+	  fi
+	fi
+
+	if test -n "$dependency_libs"; then
+	  # Extract -R and -L from dependency_libs
+	  temp_deplibs=
+	  for deplib in $dependency_libs; do
+	    case "$deplib" in
+	    -R*) temp_xrpath=`$echo "X$deplib" | $Xsed -e 's/^-R//'`
+		 case " $rpath $xrpath " in
+		 *" $temp_xrpath "*) ;;
+		 *) xrpath="$xrpath $temp_xrpath";;
+		 esac;;
+	    -L*) case "$compile_command $temp_deplibs " in
+		 *" $deplib "*) ;;
+		 *) temp_deplibs="$temp_deplibs $deplib";;
+		 esac
+		 temp_dir=`$echo "X$deplib" | $Xsed -e 's/^-L//'`
+		 case " $lib_search_path " in
+		 *" $temp_dir "*) ;;
+		 *) lib_search_path="$lib_search_path $temp_dir";;
+		 esac
+		 ;;
+	    *) temp_deplibs="$temp_deplibs $deplib";;
+	    esac
+	  done
+	  dependency_libs="$temp_deplibs"
+	fi
+
+	if test -z "$libdir"; then
+	  # It is a libtool convenience library, so add in its objects.
+	  convenience="$convenience $dir/$old_library"
+	  old_convenience="$old_convenience $dir/$old_library"
+	  deplibs="$deplibs$dependency_libs"
+	  compile_command="$compile_command $dir/$old_library$dependency_libs"
+	  finalize_command="$finalize_command $dir/$old_library$dependency_libs"
+	  continue
+	fi
+
+	# This library was specified with -dlopen.
+	if test "$prev" = dlfiles; then
+	  dlfiles="$dlfiles $arg"
+	  if test -z "$dlname" || test "$dlopen" != yes || test "$build_libtool_libs" = no; then
+	    # If there is no dlname, no dlopen support or we're linking statically,
+	    # we need to preload.
+	    prev=dlprefiles
+	  else
+	    # We should not create a dependency on this library, but we
+	    # may need any libraries it requires.
+	    compile_command="$compile_command$dependency_libs"
+	    finalize_command="$finalize_command$dependency_libs"
+	    prev=
+	    continue
+	  fi
+	fi
+
+	# The library was specified with -dlpreopen.
+	if test "$prev" = dlprefiles; then
+	  # Prefer using a static library (so that no silly _DYNAMIC symbols
+	  # are required to link).
+	  if test -n "$old_library"; then
+	    dlprefiles="$dlprefiles $dir/$old_library"
+	  else
+	    dlprefiles="$dlprefiles $dir/$linklib"
+	  fi
+	  prev=
+	fi
+
+	if test -n "$library_names" &&
+	   { test "$prefer_static_libs" = no || test -z "$old_library"; }; then
+	  link_against_libtool_libs="$link_against_libtool_libs $arg"
+	  if test -n "$shlibpath_var"; then
+	    # Make sure the rpath contains only unique directories.
+	    case "$temp_rpath " in
+	    *" $dir "*) ;;
+	    *) temp_rpath="$temp_rpath $dir" ;;
+	    esac
+	  fi
+
+	  # We need an absolute path.
+	  case "$dir" in
+	  [\\/] | [A-Za-z]:[\\/]*) absdir="$dir" ;;
+	  *)
+	    absdir=`cd "$dir" && pwd`
+	    if test -z "$absdir"; then
+	      $echo "$modename: warning: cannot determine absolute directory name of \`$dir'" 1>&2
+	      $echo "$modename: passing it literally to the linker, although it might fail" 1>&2
+	      absdir="$dir"
+	    fi
+	    ;;
+	  esac
+	  
+	  # This is the magic to use -rpath.
+	  # Skip directories that are in the system default run-time
+	  # search path, unless they have been requested with -R.
+	  case " $sys_lib_dlsearch_path " in
+	  *" $absdir "*) ;;
+	  *)
+	    case "$compile_rpath " in
+	    *" $absdir "*) ;;
+	    *) compile_rpath="$compile_rpath $absdir" 
+	    esac
+	    ;;
+	  esac
+
+	  case " $sys_lib_dlsearch_path " in
+	  *" $libdir "*) ;;
+	  *)
+	    case "$finalize_rpath " in
+	    *" $libdir "*) ;;
+	    *) finalize_rpath="$finalize_rpath $libdir"
+	    esac
+	    ;;
+	  esac
+
+	  lib_linked=yes
+	  case "$hardcode_action" in
+	  immediate | unsupported)
+	    if test "$hardcode_direct" = no; then
+	      compile_command="$compile_command $dir/$linklib"
+	      deplibs="$deplibs $dir/$linklib"
+	      case "$host" in
+	      *-*-cygwin* | *-*-mingw* | *-*-os2*)
+		dllsearchdir=`cd "$dir" && pwd || echo "$dir"`
+		if test -n "$dllsearchpath"; then
+		  dllsearchpath="$dllsearchpath:$dllsearchdir"
+		else
+		  dllsearchpath="$dllsearchdir"
+		fi
+		;;
+	      esac
+	    elif test "$hardcode_minus_L" = no; then
+	      case "$host" in
+	      *-*-sunos*)
+		compile_shlibpath="$compile_shlibpath$dir:"
+		;;
+	      esac
+	      case "$compile_command " in
+	      *" -L$dir "*) ;;
+	      *) compile_command="$compile_command -L$dir";;
+	      esac
+	      compile_command="$compile_command -l$name"
+	      deplibs="$deplibs -L$dir -l$name"
+	    elif test "$hardcode_shlibpath_var" = no; then
+	      case ":$compile_shlibpath:" in
+	      *":$dir:"*) ;;
+	      *) compile_shlibpath="$compile_shlibpath$dir:";;
+	      esac
+	      compile_command="$compile_command -l$name"
+	      deplibs="$deplibs -l$name"
+	    else
+	      lib_linked=no
+	    fi
+	    ;;
+
+	  relink)
+	    if test "$hardcode_direct" = yes; then
+	      compile_command="$compile_command $absdir/$linklib"
+	      deplibs="$deplibs $absdir/$linklib"
+	    elif test "$hardcode_minus_L" = yes; then
+	      case "$compile_command " in
+	      *" -L$absdir "*) ;;
+	      *) compile_command="$compile_command -L$absdir";;
+	      esac
+	      compile_command="$compile_command -l$name"
+	      deplibs="$deplibs -L$absdir -l$name"
+	    elif test "$hardcode_shlibpath_var" = yes; then
+	      case ":$compile_shlibpath:" in
+	      *":$absdir:"*) ;;
+	      *) compile_shlibpath="$compile_shlibpath$absdir:";;
+	      esac
+	      compile_command="$compile_command -l$name"
+	      deplibs="$deplibs -l$name"
+	    else
+	      lib_linked=no
+	    fi
+	    ;;
+
+	  *)
+	    lib_linked=no
+	    ;;
+	  esac
+
+	  if test "$lib_linked" != yes; then
+	    $echo "$modename: configuration error: unsupported hardcode properties"
+	    exit 1
+	  fi
+
+	  # Finalize command for both is simple: just hardcode it.
+	  if test "$hardcode_direct" = yes; then
+	    finalize_command="$finalize_command $libdir/$linklib"
+	  elif test "$hardcode_minus_L" = yes; then
+	    case "$finalize_command " in
+	    *" -L$libdir "*) ;;
+	    *) finalize_command="$finalize_command -L$libdir";;
+	    esac
+	    finalize_command="$finalize_command -l$name"
+	  elif test "$hardcode_shlibpath_var" = yes; then
+	    case ":$finalize_shlibpath:" in
+	    *":$libdir:"*) ;;
+	    *) finalize_shlibpath="$finalize_shlibpath$libdir:";;
+	    esac
+	    finalize_command="$finalize_command -l$name"
+	  else
+	    # We cannot seem to hardcode it, guess we'll fake it.
+	    case "$finalize_command " in
+	    *" -L$dir "*) ;;
+	    *) finalize_command="$finalize_command -L$libdir";;
+	    esac
+	    finalize_command="$finalize_command -l$name"
+	  fi
+	else
+	  # Transform directly to old archives if we don't build new libraries.
+	  if test -n "$pic_flag" && test -z "$old_library"; then
+	    $echo "$modename: cannot find static library for \`$arg'" 1>&2
+	    exit 1
+	  fi
+
+	  # Here we assume that one of hardcode_direct or hardcode_minus_L
+	  # is not unsupported.  This is valid on all known static and
+	  # shared platforms.
+	  if test "$hardcode_direct" != unsupported; then
+	    test -n "$old_library" && linklib="$old_library"
+	    compile_command="$compile_command $dir/$linklib"
+	    finalize_command="$finalize_command $dir/$linklib"
+	  else
+	    case "$compile_command " in
+	    *" -L$dir "*) ;;
+	    *) compile_command="$compile_command -L$dir";;
+	    esac
+	    compile_command="$compile_command -l$name"
+	    case "$finalize_command " in
+	    *" -L$dir "*) ;;
+	    *) finalize_command="$finalize_command -L$dir";;
+	    esac
+	    finalize_command="$finalize_command -l$name"
+	  fi
+	fi
+
+	# Add in any libraries that this one depends upon.
+	compile_command="$compile_command$dependency_libs"
+	finalize_command="$finalize_command$dependency_libs"
+	continue
+	;;
+
+      # Some other compiler argument.
+      *)
+	# Unknown arguments in both finalize_command and compile_command need
+	# to be aesthetically quoted because they are evaled later.
+	arg=`$echo "X$arg" | $Xsed -e "$sed_quote_subst"`
+	case "$arg" in
+	*[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \	]*|*]*)
+	  arg="\"$arg\""
+	  ;;
+	esac
+	;;
+      esac
+
+      # Now actually substitute the argument into the commands.
+      if test -n "$arg"; then
+	compile_command="$compile_command $arg"
+	finalize_command="$finalize_command $arg"
+      fi
+    done
+
+    if test -n "$prev"; then
+      $echo "$modename: the \`$prevarg' option requires an argument" 1>&2
+      $echo "$help" 1>&2
+      exit 1
+    fi
+
+    if test "$export_dynamic" = yes && test -n "$export_dynamic_flag_spec"; then
+      eval arg=\"$export_dynamic_flag_spec\"
+      compile_command="$compile_command $arg"
+      finalize_command="$finalize_command $arg"
+    fi
+
+    oldlibs=
+    # calculate the name of the file, without its directory
+    outputname=`$echo "X$output" | $Xsed -e 's%^.*/%%'`
+    libobjs_save="$libobjs"
+
+    case "$output" in
+    "")
+      $echo "$modename: you must specify an output file" 1>&2
+      $echo "$help" 1>&2
+      exit 1
+      ;;
+
+    *.a | *.lib)
+      if test -n "$link_against_libtool_libs"; then
+	$echo "$modename: error: cannot link libtool libraries into archives" 1>&2
+	exit 1
+      fi
+
+      if test -n "$deplibs"; then
+	$echo "$modename: warning: \`-l' and \`-L' are ignored for archives" 1>&2
+      fi
+
+      if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then
+	$echo "$modename: warning: \`-dlopen' is ignored for archives" 1>&2
+      fi
+
+      if test -n "$rpath"; then
+	$echo "$modename: warning: \`-rpath' is ignored for archives" 1>&2
+      fi
+
+      if test -n "$xrpath"; then
+	$echo "$modename: warning: \`-R' is ignored for archives" 1>&2
+      fi
+
+      if test -n "$vinfo"; then
+	$echo "$modename: warning: \`-version-info' is ignored for archives" 1>&2
+      fi
+
+      if test -n "$release"; then
+	$echo "$modename: warning: \`-release' is ignored for archives" 1>&2
+      fi
+
+      if test -n "$export_symbols" || test -n "$export_symbols_regex"; then
+	$echo "$modename: warning: \`-export-symbols' is ignored for archives" 1>&2
+      fi
+
+      # Now set the variables for building old libraries.
+      build_libtool_libs=no
+      oldlibs="$output"
+      ;;
+
+    *.la)
+      # Make sure we only generate libraries of the form `libNAME.la'.
+      case "$outputname" in
+      lib*)
+	name=`$echo "X$outputname" | $Xsed -e 's/\.la$//' -e 's/^lib//'`
+	eval libname=\"$libname_spec\"
+	;;
+      *)
+	if test "$module" = no; then
+	  $echo "$modename: libtool library \`$output' must begin with \`lib'" 1>&2
+	  $echo "$help" 1>&2
+	  exit 1
+	fi
+	if test "$need_lib_prefix" != no; then
+	  # Add the "lib" prefix for modules if required
+	  name=`$echo "X$outputname" | $Xsed -e 's/\.la$//'`
+	  eval libname=\"$libname_spec\"
+	else
+	  libname=`$echo "X$outputname" | $Xsed -e 's/\.la$//'`
+	fi
+	;;
+      esac
+
+      output_objdir=`$echo "X$output" | $Xsed -e 's%/[^/]*$%%'`
+      if test "X$output_objdir" = "X$output"; then
+	output_objdir="$objdir"
+      else
+	output_objdir="$output_objdir/$objdir"
+      fi
+
+      if test -n "$objs"; then
+	$echo "$modename: cannot build libtool library \`$output' from non-libtool objects:$objs" 2>&1
+	exit 1
+      fi
+
+      # How the heck are we supposed to write a wrapper for a shared library?
+      if test -n "$link_against_libtool_libs"; then
+	 $echo "$modename: error: cannot link shared libraries into libtool libraries" 1>&2
+	 exit 1
+      fi
+
+      if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then
+	$echo "$modename: warning: \`-dlopen' is ignored for libtool libraries" 1>&2
+      fi
+
+      set dummy $rpath
+      if test $# -gt 2; then
+	$echo "$modename: warning: ignoring multiple \`-rpath's for a libtool library" 1>&2
+      fi
+      install_libdir="$2"
+
+      oldlibs=
+      if test -z "$rpath"; then
+	if test "$build_libtool_libs" = yes; then
+	  # Building a libtool convenience library.
+	  libext=al
+	  oldlibs="$output_objdir/$libname.$libext $oldlibs"
+	  build_libtool_libs=convenience
+	  build_old_libs=yes
+	fi
+	dependency_libs="$deplibs"
+
+	if test -n "$vinfo"; then
+	  $echo "$modename: warning: \`-version-info' is ignored for convenience libraries" 1>&2
+	fi
+
+	if test -n "$release"; then
+	  $echo "$modename: warning: \`-release' is ignored for convenience libraries" 1>&2
+	fi
+      else
+
+	# Parse the version information argument.
+	IFS="${IFS= 	}"; save_ifs="$IFS"; IFS=':'
+	set dummy $vinfo 0 0 0
+	IFS="$save_ifs"
+
+	if test -n "$8"; then
+	  $echo "$modename: too many parameters to \`-version-info'" 1>&2
+	  $echo "$help" 1>&2
+	  exit 1
+	fi
+
+	current="$2"
+	revision="$3"
+	age="$4"
+
+	# Check that each of the things are valid numbers.
+	case "$current" in
+	0 | [1-9] | [1-9][0-9]*) ;;
+	*)
+	  $echo "$modename: CURRENT \`$current' is not a nonnegative integer" 1>&2
+	  $echo "$modename: \`$vinfo' is not valid version information" 1>&2
+	  exit 1
+	  ;;
+	esac
+
+	case "$revision" in
+	0 | [1-9] | [1-9][0-9]*) ;;
+	*)
+	  $echo "$modename: REVISION \`$revision' is not a nonnegative integer" 1>&2
+	  $echo "$modename: \`$vinfo' is not valid version information" 1>&2
+	  exit 1
+	  ;;
+	esac
+
+	case "$age" in
+	0 | [1-9] | [1-9][0-9]*) ;;
+	*)
+	  $echo "$modename: AGE \`$age' is not a nonnegative integer" 1>&2
+	  $echo "$modename: \`$vinfo' is not valid version information" 1>&2
+	  exit 1
+	  ;;
+	esac
+
+	if test $age -gt $current; then
+	  $echo "$modename: AGE \`$age' is greater than the current interface number \`$current'" 1>&2
+	  $echo "$modename: \`$vinfo' is not valid version information" 1>&2
+	  exit 1
+	fi
+
+	# Calculate the version variables.
+	major=
+	versuffix=
+	verstring=
+	case "$version_type" in
+	none) ;;
+
+	irix)
+	  major=`expr $current - $age + 1`
+	  versuffix="$major.$revision"
+	  verstring="sgi$major.$revision"
+
+	  # Add in all the interfaces that we are compatible with.
+	  loop=$revision
+	  while test $loop != 0; do
+	    iface=`expr $revision - $loop`
+	    loop=`expr $loop - 1`
+	    verstring="sgi$major.$iface:$verstring"
+	  done
+	  ;;
+
+	linux)
+	  major=.`expr $current - $age`
+	  versuffix="$major.$age.$revision"
+	  ;;
+
+	osf)
+	  major=`expr $current - $age`
+	  versuffix=".$current.$age.$revision"
+	  verstring="$current.$age.$revision"
+
+	  # Add in all the interfaces that we are compatible with.
+	  loop=$age
+	  while test $loop != 0; do
+	    iface=`expr $current - $loop`
+	    loop=`expr $loop - 1`
+	    verstring="$verstring:${iface}.0"
+	  done
+
+	  # Make executables depend on our current version.
+	  verstring="$verstring:${current}.0"
+	  ;;
+
+	sunos)
+	  major=".$current"
+	  versuffix=".$current.$revision"
+	  ;;
+
+	freebsd-aout)
+	  major=".$current"
+	  versuffix=".$current.$revision";
+	  ;;
+
+	freebsd-elf)
+	  major=".$current"
+	  versuffix=".$current";
+	  ;;
+
+	windows)
+	  # Like Linux, but with '-' rather than '.', since we only
+	  # want one extension on Windows 95.
+	  major=`expr $current - $age`
+	  versuffix="-$major-$age-$revision"
+	  ;;
+
+	*)
+	  $echo "$modename: unknown library version type \`$version_type'" 1>&2
+	  echo "Fatal configuration error.  See the $PACKAGE docs for more information." 1>&2
+	  exit 1
+	  ;;
+	esac
+
+	# Clear the version info if we defaulted, and they specified a release.
+	if test -z "$vinfo" && test -n "$release"; then
+	  major=
+	  verstring="0.0"
+	  if test "$need_version" = no; then
+	    versuffix=
+	  else
+	    versuffix=".0.0"
+	  fi
+	fi
+
+	# Remove version info from name if versioning should be avoided
+	if test "$avoid_version" = yes && test "$need_version" = no; then
+	  major=
+	  versuffix=
+	  verstring=""
+	fi
+	
+	# Check to see if the archive will have undefined symbols.
+	if test "$allow_undefined" = yes; then
+	  if test "$allow_undefined_flag" = unsupported; then
+	    $echo "$modename: warning: undefined symbols not allowed in $host shared libraries" 1>&2
+	    build_libtool_libs=no
+	    build_old_libs=yes
+	  fi
+	else
+	  # Don't allow undefined symbols.
+	  allow_undefined_flag="$no_undefined_flag"
+	fi
+
+	dependency_libs="$deplibs"
+	case "$host" in
+	*-*-cygwin* | *-*-mingw* | *-*-os2* | *-*-beos*)
+	  # these systems don't actually have a c library (as such)!
+	  ;;
+	*)
+	  # Add libc to deplibs on all other systems.
+	  deplibs="$deplibs -lc"
+	  ;;
+	esac
+      fi
+
+      # Create the output directory, or remove our outputs if we need to.
+      if test -d $output_objdir; then
+	$show "${rm}r $output_objdir/$outputname $output_objdir/$libname.* $output_objdir/${libname}${release}.*"
+	$run ${rm}r $output_objdir/$outputname $output_objdir/$libname.* $output_objdir/${libname}${release}.*
+      else
+	$show "$mkdir $output_objdir"
+	$run $mkdir $output_objdir
+	status=$?
+	if test $status -ne 0 && test ! -d $output_objdir; then
+	  exit $status
+	fi
+      fi
+
+      # Now set the variables for building old libraries.
+      if test "$build_old_libs" = yes && test "$build_libtool_libs" != convenience ; then
+	oldlibs="$oldlibs $output_objdir/$libname.$libext"
+
+	# Transform .lo files to .o files.
+	oldobjs="$objs "`$echo "X$libobjs" | $SP2NL | $Xsed -e '/\.'${libext}'$/d' -e "$lo2o" | $NL2SP`
+      fi
+
+      if test "$build_libtool_libs" = yes; then
+	# Transform deplibs into only deplibs that can be linked in shared.
+	name_save=$name
+	libname_save=$libname
+	release_save=$release
+	versuffix_save=$versuffix
+	major_save=$major
+	# I'm not sure if I'm treating the release correctly.  I think
+	# release should show up in the -l (ie -lgmp5) so we don't want to
+	# add it in twice.  Is that correct?
+	release=""
+	versuffix=""
+	major=""
+	newdeplibs=
+	droppeddeps=no
+	case "$deplibs_check_method" in
+	pass_all)
+	  # Don't check for shared/static.  Everything works.
+	  # This might be a little naive.  We might want to check
+	  # whether the library exists or not.  But this is on
+	  # osf3 & osf4 and I'm not really sure... Just
+	  # implementing what was already the behaviour.
+	  newdeplibs=$deplibs
+	  ;;
+	test_compile)
+	  # This code stresses the "libraries are programs" paradigm to its
+	  # limits. Maybe even breaks it.  We compile a program, linking it
+	  # against the deplibs as a proxy for the library.  Then we can check
+	  # whether they linked in statically or dynamically with ldd.
+	  $rm conftest.c
+	  cat > conftest.c <<EOF
+	  int main() { return 0; }
+EOF
+	  $rm conftest
+	  $CC -o conftest conftest.c $deplibs
+	  if test $? -eq 0 ; then
+	    ldd_output=`ldd conftest`
+	    for i in $deplibs; do
+	      name="`expr $i : '-l\(.*\)'`"
+	      # If $name is empty we are operating on a -L argument.
+	      if test "$name" != "" ; then
+		libname=`eval \\$echo \"$libname_spec\"`
+		deplib_matches=`eval \\$echo \"$library_names_spec\"`
+		set dummy $deplib_matches
+		deplib_match=$2
+		if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0 ; then
+		  newdeplibs="$newdeplibs $i"
+		else
+		  droppeddeps=yes
+		  echo
+		  echo "*** Warning: This library needs some functionality provided by $i."
+		  echo "*** I have the capability to make that library automatically link in when"
+		  echo "*** you link to this library.  But I can only do this if you have a"
+		  echo "*** shared version of the library, which you do not appear to have."
+		fi
+	      else
+		newdeplibs="$newdeplibs $i"
+	      fi
+	    done
+	  else
+	    # Error occured in the first compile.  Let's try to salvage the situation:
+	    # Compile a seperate program for each library.
+	    for i in $deplibs; do
+	      name="`expr $i : '-l\(.*\)'`"
+	     # If $name is empty we are operating on a -L argument.
+	      if test "$name" != "" ; then
+		$rm conftest
+		$CC -o conftest conftest.c $i
+		# Did it work?
+		if test $? -eq 0 ; then
+		  ldd_output=`ldd conftest`
+		  libname=`eval \\$echo \"$libname_spec\"`
+		  deplib_matches=`eval \\$echo \"$library_names_spec\"`
+		  set dummy $deplib_matches
+		  deplib_match=$2
+		  if test `expr "$ldd_output" : ".*$deplib_match"` -ne 0 ; then
+		    newdeplibs="$newdeplibs $i"
+		  else
+		    droppeddeps=yes
+		    echo
+		    echo "*** Warning: This library needs some functionality provided by $i."
+		    echo "*** I have the capability to make that library automatically link in when"
+		    echo "*** you link to this library.  But I can only do this if you have a"
+		    echo "*** shared version of the library, which you do not appear to have."
+		  fi
+		else
+		  droppeddeps=yes
+		  echo
+		  echo "*** Warning!  Library $i is needed by this library but I was not able to"
+		  echo "***  make it link in!  You will probably need to install it or some"
+		  echo "*** library that it depends on before this library will be fully"
+		  echo "*** functional.  Installing it before continuing would be even better."
+		fi
+	      else
+		newdeplibs="$newdeplibs $i"
+	      fi
+	    done
+	  fi
+	  ;;
+	file_magic*)
+	  set dummy $deplibs_check_method
+	  file_magic_regex="`expr \"$deplibs_check_method\" : \"$2 \(.*\)\"`"
+	  for a_deplib in $deplibs; do
+	    name="`expr $a_deplib : '-l\(.*\)'`"
+	    # If $name is empty we are operating on a -L argument.
+	    if test "$name" != "" ; then
+	      libname=`eval \\$echo \"$libname_spec\"`
+	      for i in $lib_search_path; do
+		    potential_libs=`ls $i/$libname[.-]* 2>/dev/null`
+		    for potent_lib in $potential_libs; do
+		      # Follow soft links.
+		      if ls -lLd "$potent_lib" 2>/dev/null \
+			 | grep " -> " >/dev/null; then
+			continue 
+		      fi
+		      # The statement above tries to avoid entering an
+		      # endless loop below, in case of cyclic links.
+		      # We might still enter an endless loop, since a link
+		      # loop can be closed while we follow links,
+		      # but so what?
+		      potlib="$potent_lib"
+		      while test -h "$potlib" 2>/dev/null; do
+			potliblink=`ls -ld $potlib | sed 's/.* -> //'`
+			case "$potliblink" in
+			[\\/]* | [A-Za-z]:[\\/]*) potlib="$potliblink";;
+			*) potlib=`$echo "X$potlib" | $Xsed -e 's,[^/]*$,,'`"$potliblink";;
+			esac
+		      done
+		      if eval $file_magic_cmd \"\$potlib\" 2>/dev/null \
+			 | sed 10q \
+			 | egrep "$file_magic_regex" > /dev/null; then
+			newdeplibs="$newdeplibs $a_deplib"
+			a_deplib=""
+			break 2
+		      fi
+		    done
+	      done
+	      if test -n "$a_deplib" ; then
+		droppeddeps=yes
+		echo
+		echo "*** Warning: This library needs some functionality provided by $a_deplib."
+		echo "*** I have the capability to make that library automatically link in when"
+		echo "*** you link to this library.  But I can only do this if you have a"
+		echo "*** shared version of the library, which you do not appear to have."
+	      fi
+	    else
+	      # Add a -L argument.
+	      newdeplibs="$newdeplibs $a_deplib"
+	    fi
+	  done # Gone through all deplibs.
+	  ;;
+	none | unknown | *)
+	  newdeplibs=""
+	  if $echo "X $deplibs" | $Xsed -e 's/ -lc$//' \
+	       -e 's/ -[LR][^ ]*//g' -e 's/[ 	]//g' |
+	     grep . >/dev/null; then
+	    echo
+	    if test "X$deplibs_check_method" = "Xnone"; then
+	      echo "*** Warning: inter-library dependencies are not supported in this platform."
+	    else
+	      echo "*** Warning: inter-library dependencies are not known to be supported."
+	    fi
+	    echo "*** All declared inter-library dependencies are being dropped."
+	    droppeddeps=yes
+	  fi
+	  ;;
+	esac
+	versuffix=$versuffix_save
+	major=$major_save
+	release=$release_save
+	libname=$libname_save
+	name=$name_save
+
+	if test "$droppeddeps" = yes; then
+	  if test "$module" = yes; then
+	    echo
+	    echo "*** Warning: libtool could not satisfy all declared inter-library"
+	    echo "*** dependencies of module $libname.  Therefore, libtool will create"
+	    echo "*** a static module, that should work as long as the dlopening"
+	    echo "*** application is linked with the -dlopen flag."
+	    if test -z "$global_symbol_pipe"; then
+	      echo
+	      echo "*** However, this would only work if libtool was able to extract symbol"
+	      echo "*** lists from a program, using \`nm' or equivalent, but libtool could"
+	      echo "*** not find such a program.  So, this module is probably useless."
+	      echo "*** \`nm' from GNU binutils and a full rebuild may help."
+	    fi
+	    if test "$build_old_libs" = no; then
+	      oldlibs="$output_objdir/$libname.$libext"
+	      build_libtool_libs=module
+	      build_old_libs=yes
+	    else
+	      build_libtool_libs=no
+	    fi
+	  else
+	    echo "*** The inter-library dependencies that have been dropped here will be"
+	    echo "*** automatically added whenever a program is linked with this library"
+	    echo "*** or is declared to -dlopen it."
+	  fi
+	fi
+	# Done checking deplibs!
+	deplibs=$newdeplibs
+      fi
+
+      # All the library-specific variables (install_libdir is set above).
+      library_names=
+      old_library=
+      dlname=
+      
+      # Test again, we may have decided not to build it any more
+      if test "$build_libtool_libs" = yes; then
+	# Get the real and link names of the library.
+	eval library_names=\"$library_names_spec\"
+	set dummy $library_names
+	realname="$2"
+	shift; shift
+
+	if test -n "$soname_spec"; then
+	  eval soname=\"$soname_spec\"
+	else
+	  soname="$realname"
+	fi
+
+	lib="$output_objdir/$realname"
+	for link
+	do
+	  linknames="$linknames $link"
+	done
+
+	# Ensure that we have .o objects for linkers which dislike .lo
+	# (e.g. aix) in case we are running --disable-static
+	for obj in $libobjs; do
+	  xdir=`$echo "X$obj" | $Xsed -e 's%/[^/]*$%%'`
+	  if test "X$xdir" = "X$obj"; then
+	    xdir="."
+	  else
+	    xdir="$xdir"
+	  fi
+	  baseobj=`$echo "X$obj" | $Xsed -e 's%^.*/%%'`
+	  oldobj=`$echo "X$baseobj" | $Xsed -e "$lo2o"`
+	  if test ! -f $xdir/$oldobj; then
+	    $show "(cd $xdir && ${LN_S} $baseobj $oldobj)"
+	    $run eval '(cd $xdir && ${LN_S} $baseobj $oldobj)' || exit $?
+	  fi
+	done
+
+	# Use standard objects if they are pic
+	test -z "$pic_flag" && libobjs=`$echo "X$libobjs" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
+
+	# Prepare the list of exported symbols
+	if test -z "$export_symbols"; then
+	  if test "$always_export_symbols" = yes || test -n "$export_symbols_regex"; then
+	    $show "generating symbol list for \`$libname.la'"
+	    export_symbols="$output_objdir/$libname.exp"
+	    $run $rm $export_symbols
+	    eval cmds=\"$export_symbols_cmds\"
+	    IFS="${IFS= 	}"; save_ifs="$IFS"; IFS='~'
+	    for cmd in $cmds; do
+	      IFS="$save_ifs"
+	      $show "$cmd"
+	      $run eval "$cmd" || exit $?
+	    done
+	    IFS="$save_ifs"
+	    if test -n "$export_symbols_regex"; then
+	      $show "egrep -e \"$export_symbols_regex\" \"$export_symbols\" > \"${export_symbols}T\""
+	      $run eval 'egrep -e "$export_symbols_regex" "$export_symbols" > "${export_symbols}T"'
+	      $show "$mv \"${export_symbols}T\" \"$export_symbols\""
+	      $run eval '$mv "${export_symbols}T" "$export_symbols"'
+	    fi
+	  fi
+	fi
+
+	if test -n "$export_symbols" && test -n "$include_expsyms"; then
+	  $run eval '$echo "X$include_expsyms" | $SP2NL >> "$export_symbols"'
+	fi
+
+	if test -n "$convenience"; then
+	  if test -n "$whole_archive_flag_spec"; then
+	    eval libobjs=\"\$libobjs $whole_archive_flag_spec\"
+	  else
+	    gentop="$output_objdir/${outputname}x"
+	    $show "${rm}r $gentop"
+	    $run ${rm}r "$gentop"
+	    $show "mkdir $gentop"
+	    $run mkdir "$gentop"
+	    status=$?
+	    if test $status -ne 0 && test ! -d "$gentop"; then
+	      exit $status
+	    fi
+	    generated="$generated $gentop"
+
+	    for xlib in $convenience; do
+	      # Extract the objects.
+	      case "$xlib" in
+	      [\\/]* | [A-Za-z]:[\\/]*) xabs="$xlib" ;;
+	      *) xabs=`pwd`"/$xlib" ;;
+	      esac
+	      xlib=`$echo "X$xlib" | $Xsed -e 's%^.*/%%'`
+	      xdir="$gentop/$xlib"
+
+	      $show "${rm}r $xdir"
+	      $run ${rm}r "$xdir"
+	      $show "mkdir $xdir"
+	      $run mkdir "$xdir"
+	      status=$?
+	      if test $status -ne 0 && test ! -d "$xdir"; then
+		exit $status
+	      fi
+	      $show "(cd $xdir && $AR x $xabs)"
+	      $run eval "(cd \$xdir && $AR x \$xabs)" || exit $?
+
+	      libobjs="$libobjs "`find $xdir -name \*.o -print -o -name \*.lo -print | $NL2SP`
+	    done
+	  fi
+	fi
+
+	if test "$thread_safe" = yes && test -n "$thread_safe_flag_spec"; then
+	  eval flag=\"$thread_safe_flag_spec\"
+	  linkopts="$linkopts $flag"
+	fi
+
+	# Do each of the archive commands.
+	if test -n "$export_symbols" && test -n "$archive_expsym_cmds"; then
+	  eval cmds=\"$archive_expsym_cmds\"
+	else
+	  eval cmds=\"$archive_cmds\"
+	fi
+	IFS="${IFS= 	}"; save_ifs="$IFS"; IFS='~'
+	for cmd in $cmds; do
+	  IFS="$save_ifs"
+	  $show "$cmd"
+	  $run eval "$cmd" || exit $?
+	done
+	IFS="$save_ifs"
+
+	# Create links to the real library.
+	for linkname in $linknames; do
+	  if test "$realname" != "$linkname"; then
+	    $show "(cd $output_objdir && $rm $linkname && $LN_S $realname $linkname)"
+	    $run eval '(cd $output_objdir && $rm $linkname && $LN_S $realname $linkname)' || exit $?
+	  fi
+	done
+
+	# If -module or -export-dynamic was specified, set the dlname.
+	if test "$module" = yes || test "$export_dynamic" = yes; then
+	  # On all known operating systems, these are identical.
+	  dlname="$soname"
+	fi
+      fi
+      ;;
+
+    *.lo | *.o | *.obj)
+      if test -n "$link_against_libtool_libs"; then
+	$echo "$modename: error: cannot link libtool libraries into objects" 1>&2
+	exit 1
+      fi
+
+      if test -n "$deplibs"; then
+	$echo "$modename: warning: \`-l' and \`-L' are ignored for objects" 1>&2
+      fi
+
+      if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then
+	$echo "$modename: warning: \`-dlopen' is ignored for objects" 1>&2
+      fi
+
+      if test -n "$rpath"; then
+	$echo "$modename: warning: \`-rpath' is ignored for objects" 1>&2
+      fi
+
+      if test -n "$xrpath"; then
+	$echo "$modename: warning: \`-R' is ignored for objects" 1>&2
+      fi
+
+      if test -n "$vinfo"; then
+	$echo "$modename: warning: \`-version-info' is ignored for objects" 1>&2
+      fi
+
+      if test -n "$release"; then
+	$echo "$modename: warning: \`-release' is ignored for objects" 1>&2
+      fi
+
+      case "$output" in
+      *.lo)
+	if test -n "$objs"; then
+	  $echo "$modename: cannot build library object \`$output' from non-libtool objects" 1>&2
+	  exit 1
+	fi
+	libobj="$output"
+	obj=`$echo "X$output" | $Xsed -e "$lo2o"`
+	;;
+      *)
+	libobj=
+	obj="$output"
+	;;
+      esac
+
+      # Delete the old objects.
+      $run $rm $obj $libobj
+
+      # Objects from convenience libraries.  This assumes
+      # single-version convenience libraries.  Whenever we create
+      # different ones for PIC/non-PIC, this we'll have to duplicate
+      # the extraction.
+      reload_conv_objs=
+      gentop=
+      # reload_cmds runs $LD directly, so let us get rid of
+      # -Wl from whole_archive_flag_spec
+      wl= 
+
+      if test -n "$convenience"; then
+	if test -n "$whole_archive_flag_spec"; then
+	  eval reload_conv_objs=\"\$reload_objs $whole_archive_flag_spec\"
+	else
+	  gentop="$output_objdir/${obj}x"
+	  $show "${rm}r $gentop"
+	  $run ${rm}r "$gentop"
+	  $show "mkdir $gentop"
+	  $run mkdir "$gentop"
+	  status=$?
+	  if test $status -ne 0 && test ! -d "$gentop"; then
+	    exit $status
+	  fi
+	  generated="$generated $gentop"
+
+	  for xlib in $convenience; do
+	    # Extract the objects.
+	    case "$xlib" in
+	    [\\/]* | [A-Za-z]:[\\/]*) xabs="$xlib" ;;
+	    *) xabs=`pwd`"/$xlib" ;;
+	    esac
+	    xlib=`$echo "X$xlib" | $Xsed -e 's%^.*/%%'`
+	    xdir="$gentop/$xlib"
+
+	    $show "${rm}r $xdir"
+	    $run ${rm}r "$xdir"
+	    $show "mkdir $xdir"
+	    $run mkdir "$xdir"
+	    status=$?
+	    if test $status -ne 0 && test ! -d "$xdir"; then
+	      exit $status
+	    fi
+	    $show "(cd $xdir && $AR x $xabs)"
+	    $run eval "(cd \$xdir && $AR x \$xabs)" || exit $?
+
+	    reload_conv_objs="$reload_objs "`find $xdir -name \*.o -print -o -name \*.lo -print | $NL2SP`
+	  done
+	fi
+      fi
+
+      # Create the old-style object.
+      reload_objs="$objs "`$echo "X$libobjs" | $SP2NL | $Xsed -e '/\.'${libext}$'/d' -e '/\.lib$/d' -e "$lo2o" | $NL2SP`" $reload_conv_objs"
+
+      output="$obj"
+      eval cmds=\"$reload_cmds\"
+      IFS="${IFS= 	}"; save_ifs="$IFS"; IFS='~'
+      for cmd in $cmds; do
+	IFS="$save_ifs"
+	$show "$cmd"
+	$run eval "$cmd" || exit $?
+      done
+      IFS="$save_ifs"
+
+      # Exit if we aren't doing a library object file.
+      if test -z "$libobj"; then
+	if test -n "$gentop"; then
+	  $show "${rm}r $gentop"
+	  $run ${rm}r $gentop
+	fi
+
+	exit 0
+      fi
+
+      if test "$build_libtool_libs" != yes; then
+	if test -n "$gentop"; then
+	  $show "${rm}r $gentop"
+	  $run ${rm}r $gentop
+	fi
+
+	# Create an invalid libtool object if no PIC, so that we don't
+	# accidentally link it into a program.
+	$show "echo timestamp > $libobj"
+	$run eval "echo timestamp > $libobj" || exit $?
+	exit 0
+      fi
+
+      if test -n "$pic_flag"; then
+	# Only do commands if we really have different PIC objects.
+	reload_objs="$libobjs $reload_conv_objs"
+	output="$libobj"
+	eval cmds=\"$reload_cmds\"
+	IFS="${IFS= 	}"; save_ifs="$IFS"; IFS='~'
+	for cmd in $cmds; do
+	  IFS="$save_ifs"
+	  $show "$cmd"
+	  $run eval "$cmd" || exit $?
+	done
+	IFS="$save_ifs"
+      else
+	# Just create a symlink.
+	$show $rm $libobj
+	$run $rm $libobj
+	xdir=`$echo "X$libobj" | $Xsed -e 's%/[^/]*$%%'`
+	if test "X$xdir" = "X$libobj"; then
+	  xdir="."
+	else
+	  xdir="$xdir"
+	fi
+	baseobj=`$echo "X$libobj" | $Xsed -e 's%^.*/%%'`
+	oldobj=`$echo "X$baseobj" | $Xsed -e "$lo2o"`
+	$show "(cd $xdir && $LN_S $oldobj $baseobj)"
+	$run eval '(cd $xdir && $LN_S $oldobj $baseobj)' || exit $?
+      fi
+
+      if test -n "$gentop"; then
+	$show "${rm}r $gentop"
+	$run ${rm}r $gentop
+      fi
+
+      exit 0
+      ;;
+
+    # Anything else should be a program.
+    *)
+      if test -n "$vinfo"; then
+	$echo "$modename: warning: \`-version-info' is ignored for programs" 1>&2
+      fi
+
+      if test -n "$release"; then
+	$echo "$modename: warning: \`-release' is ignored for programs" 1>&2
+      fi
+
+      if test "$preload" = yes; then
+	if test "$dlopen" = unknown && test "$dlopen_self" = unknown &&
+	   test "$dlopen_self_static" = unknown; then
+	  $echo "$modename: warning: \`AC_LIBTOOL_DLOPEN' not used. Assuming no dlopen support."
+	fi 
+      fi
+    
+      if test -n "$rpath$xrpath"; then
+	# If the user specified any rpath flags, then add them.
+	for libdir in $rpath $xrpath; do
+	  # This is the magic to use -rpath.
+	  case "$compile_rpath " in
+	  *" $libdir "*) ;;
+	  *) compile_rpath="$compile_rpath $libdir" ;;
+	  esac
+	  case "$finalize_rpath " in
+	  *" $libdir "*) ;;
+	  *) finalize_rpath="$finalize_rpath $libdir" ;;
+	  esac
+	done
+      fi
+
+      # Now hardcode the library paths
+      rpath=
+      hardcode_libdirs=
+      for libdir in $compile_rpath $finalize_rpath; do
+	if test -n "$hardcode_libdir_flag_spec"; then
+	  if test -n "$hardcode_libdir_separator"; then
+	    if test -z "$hardcode_libdirs"; then
+	      hardcode_libdirs="$libdir"
+	    else
+	      # Just accumulate the unique libdirs.
+	      case "$hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator" in
+	      *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*)
+		;;
+	      *)
+		hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir"
+		;;
+	      esac
+	    fi
+	  else
+	    eval flag=\"$hardcode_libdir_flag_spec\"
+	    rpath="$rpath $flag"
+	  fi
+	elif test -n "$runpath_var"; then
+	  case "$perm_rpath " in
+	  *" $libdir "*) ;;
+	  *) perm_rpath="$perm_rpath $libdir" ;;
+	  esac
+	fi
+      done
+      # Substitute the hardcoded libdirs into the rpath.
+      if test -n "$hardcode_libdir_separator" &&
+	 test -n "$hardcode_libdirs"; then
+	libdir="$hardcode_libdirs"
+	eval rpath=\" $hardcode_libdir_flag_spec\"
+      fi
+      compile_rpath="$rpath"
+
+      rpath=
+      hardcode_libdirs=
+      for libdir in $finalize_rpath; do
+	if test -n "$hardcode_libdir_flag_spec"; then
+	  if test -n "$hardcode_libdir_separator"; then
+	    if test -z "$hardcode_libdirs"; then
+	      hardcode_libdirs="$libdir"
+	    else
+	      # Just accumulate the unique libdirs.
+	      case "$hardcode_libdir_separator$hardcode_libdirs$hardcode_libdir_separator" in
+	      *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*)
+		;;
+	      *)
+		hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir"
+		;;
+	      esac
+	    fi
+	  else
+	    eval flag=\"$hardcode_libdir_flag_spec\"
+	    rpath="$rpath $flag"
+	  fi
+	elif test -n "$runpath_var"; then
+	  case "$finalize_perm_rpath " in
+	  *" $libdir "*) ;;
+	  *) finalize_perm_rpath="$finalize_perm_rpath $libdir" ;;
+	  esac
+	fi
+      done
+      # Substitute the hardcoded libdirs into the rpath.
+      if test -n "$hardcode_libdir_separator" &&
+	 test -n "$hardcode_libdirs"; then
+	libdir="$hardcode_libdirs"
+	eval rpath=\" $hardcode_libdir_flag_spec\"
+      fi
+      finalize_rpath="$rpath"
+
+      output_objdir=`$echo "X$output" | $Xsed -e 's%/[^/]*$%%'`
+      if test "X$output_objdir" = "X$output"; then
+	output_objdir="$objdir"
+      else
+	output_objdir="$output_objdir/$objdir"
+      fi
+
+      # Create the binary in the object directory, then wrap it.
+      if test ! -d $output_objdir; then
+	$show "$mkdir $output_objdir"
+	$run $mkdir $output_objdir
+	status=$?
+	if test $status -ne 0 && test ! -d $output_objdir; then
+	  exit $status
+	fi
+      fi
+
+      if test -n "$libobjs" && test "$build_old_libs" = yes; then
+	# Transform all the library objects into standard objects.
+	compile_command=`$echo "X$compile_command" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
+	finalize_command=`$echo "X$finalize_command" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
+      fi
+
+      dlsyms=
+      if test -n "$dlfiles$dlprefiles" || test "$dlself" != no; then
+	if test -n "$NM" && test -n "$global_symbol_pipe"; then
+	  dlsyms="${outputname}S.c"
+	else
+	  $echo "$modename: not configured to extract global symbols from dlpreopened files" 1>&2
+	fi
+      fi
+
+      if test -n "$dlsyms"; then
+	case "$dlsyms" in
+	"") ;;
+	*.c)
+	  # Discover the nlist of each of the dlfiles.
+	  nlist="$output_objdir/${outputname}.nm"
+
+	  $show "$rm $nlist ${nlist}S ${nlist}T"
+	  $run $rm "$nlist" "${nlist}S" "${nlist}T"
+
+	  # Parse the name list into a source file.
+	  $show "creating $output_objdir/$dlsyms"
+
+	  test -z "$run" && $echo > "$output_objdir/$dlsyms" "\
+/* $dlsyms - symbol resolution table for \`$outputname' dlsym emulation. */
+/* Generated by $PROGRAM - GNU $PACKAGE $VERSION$TIMESTAMP */
+
+#ifdef __cplusplus
+extern \"C\" {
+#endif
+
+/* Prevent the only kind of declaration conflicts we can make. */
+#define lt_preloaded_symbols some_other_symbol
+
+/* External symbol declarations for the compiler. */\
+"
+
+	  if test "$dlself" = yes; then
+	    $show "generating symbol list for \`$output'"
+
+	    test -z "$run" && $echo ': @PROGRAM@ ' > "$nlist"
+
+	    # Add our own program objects to the symbol list.
+	    progfiles=`$echo "X$objs" | $SP2NL | $Xsed -e "$lo2o" | $NL2SP`
+	    for arg in $progfiles; do
+	      $show "extracting global C symbols from \`$arg'"
+	      $run eval "$NM $arg | $global_symbol_pipe >> '$nlist'"
+	    done
+
+	    if test -n "$exclude_expsyms"; then
+	      $run eval 'egrep -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T'
+	      $run eval '$mv "$nlist"T "$nlist"'
+	    fi
+	    
+	    if test -n "$export_symbols_regex"; then
+	      $run eval 'egrep -e "$export_symbols_regex" "$nlist" > "$nlist"T'
+	      $run eval '$mv "$nlist"T "$nlist"'
+	    fi
+
+	    # Prepare the list of exported symbols
+	    if test -z "$export_symbols"; then
+	      export_symbols="$output_objdir/$output.exp"
+	      $run $rm $export_symbols
+	      $run eval "sed -n -e '/^: @PROGRAM@$/d' -e 's/^.* \(.*\)$/\1/p' "'< "$nlist" > "$export_symbols"'
+	    else
+	      $run eval "sed -e 's/\([][.*^$]\)/\\\1/g' -e 's/^/ /' -e 's/$/$/'"' < "$export_symbols" > "$output_objdir/$output.exp"'
+	      $run eval 'grep -f "$output_objdir/$output.exp" < "$nlist" > "$nlist"T'
+	      $run eval 'mv "$nlist"T "$nlist"'
+	    fi
+	  fi
+
+	  for arg in $dlprefiles; do
+	    $show "extracting global C symbols from \`$arg'"
+	    name=`echo "$arg" | sed -e 's%^.*/%%'`
+	    $run eval 'echo ": $name " >> "$nlist"'
+	    $run eval "$NM $arg | $global_symbol_pipe >> '$nlist'"
+	  done
+
+	  if test -z "$run"; then
+	    # Make sure we have at least an empty file.
+	    test -f "$nlist" || : > "$nlist"
+
+	    if test -n "$exclude_expsyms"; then
+	      egrep -v " ($exclude_expsyms)$" "$nlist" > "$nlist"T
+	      $mv "$nlist"T "$nlist"
+	    fi
+
+	    # Try sorting and uniquifying the output.
+	    if grep -v "^: " < "$nlist" | sort +2 | uniq > "$nlist"S; then
+	      :
+	    else
+	      grep -v "^: " < "$nlist" > "$nlist"S
+	    fi
+
+	    if test -f "$nlist"S; then
+	      eval "$global_symbol_to_cdecl"' < "$nlist"S >> "$output_objdir/$dlsyms"'
+	    else
+	      echo '/* NONE */' >> "$output_objdir/$dlsyms"
+	    fi
+
+	    $echo >> "$output_objdir/$dlsyms" "\
+
+#undef lt_preloaded_symbols
+
+#if defined (__STDC__) && __STDC__
+# define lt_ptr_t void *
+#else
+# define lt_ptr_t char *
+# define const
+#endif
+
+/* The mapping between symbol names and symbols. */
+const struct {
+  const char *name;
+  lt_ptr_t address;
+}
+lt_preloaded_symbols[] =
+{\
+"
+
+	    sed -n -e 's/^: \([^ ]*\) $/  {\"\1\", (lt_ptr_t) 0},/p' \
+		-e 's/^. \([^ ]*\) \([^ ]*\)$/  {"\2", (lt_ptr_t) \&\2},/p' \
+		  < "$nlist" >> "$output_objdir/$dlsyms"
+
+	    $echo >> "$output_objdir/$dlsyms" "\
+  {0, (lt_ptr_t) 0}
+};
+
+/* This works around a problem in FreeBSD linker */
+#ifdef FREEBSD_WORKAROUND
+static const void *lt_preloaded_setup() {
+  return lt_preloaded_symbols;
+}
+#endif
+
+#ifdef __cplusplus
+}
+#endif\
+"
+	  fi
+
+	  pic_flag_for_symtable=
+	  case "$host" in
+	  # compiling the symbol table file with pic_flag works around
+	  # a FreeBSD bug that causes programs to crash when -lm is
+	  # linked before any other PIC object.  But we must not use
+	  # pic_flag when linking with -static.  The problem exists in
+	  # FreeBSD 2.2.6 and is fixed in FreeBSD 3.1.
+	  *-*-freebsd2*|*-*-freebsd3.0*|*-*-freebsdelf3.0*)
+	    case "$compile_command " in
+	    *" -static "*) ;;
+	    *) pic_flag_for_symtable=" $pic_flag -DPIC -DFREEBSD_WORKAROUND";;
+	    esac;;
+	  *-*-hpux*)
+	    case "$compile_command " in
+	    *" -static "*) ;;
+	    *) pic_flag_for_symtable=" $pic_flag -DPIC";;
+	    esac
+	  esac
+
+	  # Now compile the dynamic symbol file.
+	  $show "(cd $output_objdir && $CC -c$no_builtin_flag$pic_flag_for_symtable \"$dlsyms\")"
+	  $run eval '(cd $output_objdir && $CC -c$no_builtin_flag$pic_flag_for_symtable "$dlsyms")' || exit $?
+
+	  # Clean up the generated files.
+	  $show "$rm $output_objdir/$dlsyms $nlist ${nlist}S ${nlist}T"
+	  $run $rm "$output_objdir/$dlsyms" "$nlist" "${nlist}S" "${nlist}T"
+
+	  # Transform the symbol file into the correct name.
+	  compile_command=`$echo "X$compile_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"`
+	  finalize_command=`$echo "X$finalize_command" | $Xsed -e "s%@SYMFILE@%$output_objdir/${outputname}S.${objext}%"`
+	  ;;
+	*)
+	  $echo "$modename: unknown suffix for \`$dlsyms'" 1>&2
+	  exit 1
+	  ;;
+	esac
+      else
+	# We keep going just in case the user didn't refer to
+	# lt_preloaded_symbols.  The linker will fail if global_symbol_pipe
+	# really was required.
+
+	# Nullify the symbol file.
+	compile_command=`$echo "X$compile_command" | $Xsed -e "s% @SYMFILE@%%"`
+	finalize_command=`$echo "X$finalize_command" | $Xsed -e "s% @SYMFILE@%%"`
+      fi
+
+      if test -z "$link_against_libtool_libs" || test "$build_libtool_libs" != yes; then
+	# Replace the output file specification.
+	compile_command=`$echo "X$compile_command" | $Xsed -e 's%@OUTPUT@%'"$output"'%g'`
+	link_command="$compile_command$compile_rpath"
+
+	# We have no uninstalled library dependencies, so finalize right now.
+	$show "$link_command"
+	$run eval "$link_command"
+	status=$?
+	
+	# Delete the generated files.
+	if test -n "$dlsyms"; then
+	  $show "$rm $output_objdir/${outputname}S.${objext}"
+	  $run $rm "$output_objdir/${outputname}S.${objext}"
+	fi
+
+	exit $status
+      fi
+
+      if test -n "$shlibpath_var"; then
+	# We should set the shlibpath_var
+	rpath=
+	for dir in $temp_rpath; do
+	  case "$dir" in
+	  [\\/]* | [A-Za-z]:[\\/]*)
+	    # Absolute path.
+	    rpath="$rpath$dir:"
+	    ;;
+	  *)
+	    # Relative path: add a thisdir entry.
+	    rpath="$rpath\$thisdir/$dir:"
+	    ;;
+	  esac
+	done
+	temp_rpath="$rpath"
+      fi
+
+      if test -n "$compile_shlibpath$finalize_shlibpath"; then
+	compile_command="$shlibpath_var=\"$compile_shlibpath$finalize_shlibpath\$$shlibpath_var\" $compile_command"
+      fi
+      if test -n "$finalize_shlibpath"; then
+	finalize_command="$shlibpath_var=\"$finalize_shlibpath\$$shlibpath_var\" $finalize_command"
+      fi
+
+      compile_var=
+      finalize_var=
+      if test -n "$runpath_var"; then
+	if test -n "$perm_rpath"; then
+	  # We should set the runpath_var.
+	  rpath=
+	  for dir in $perm_rpath; do
+	    rpath="$rpath$dir:"
+	  done
+	  compile_var="$runpath_var=\"$rpath\$$runpath_var\" "
+	fi
+	if test -n "$finalize_perm_rpath"; then
+	  # We should set the runpath_var.
+	  rpath=
+	  for dir in $finalize_perm_rpath; do
+	    rpath="$rpath$dir:"
+	  done
+	  finalize_var="$runpath_var=\"$rpath\$$runpath_var\" "
+	fi
+      fi
+
+      if test "$hardcode_action" = relink; then
+	# Fast installation is not supported
+	link_command="$compile_var$compile_command$compile_rpath"
+	relink_command="$finalize_var$finalize_command$finalize_rpath"
+	
+	$echo "$modename: warning: this platform does not like uninstalled shared libraries" 1>&2
+	$echo "$modename: \`$output' will be relinked during installation" 1>&2
+      else
+	if test "$fast_install" != no; then
+	  link_command="$finalize_var$compile_command$finalize_rpath"
+	  if test "$fast_install" = yes; then
+	    relink_command=`$echo "X$compile_var$compile_command$compile_rpath" | $Xsed -e 's%@OUTPUT@%\$progdir/\$file%g'`
+	  else
+	    # fast_install is set to needless
+	    relink_command=
+	  fi
+	else
+	  link_command="$compile_var$compile_command$compile_rpath"
+	  relink_command="$finalize_var$finalize_command$finalize_rpath"
+	fi
+      fi
+
+      # Replace the output file specification.
+      link_command=`$echo "X$link_command" | $Xsed -e 's%@OUTPUT@%'"$output_objdir/$outputname"'%g'`
+      
+      # Delete the old output files.
+      $run $rm $output $output_objdir/$outputname $output_objdir/lt-$outputname
+
+      $show "$link_command"
+      $run eval "$link_command" || exit $?
+
+      # Now create the wrapper script.
+      $show "creating $output"
+
+      # Quote the relink command for shipping.
+      if test -n "$relink_command"; then
+	relink_command=`$echo "X$relink_command" | $Xsed -e "$sed_quote_subst"`
+      fi
+
+      # Quote $echo for shipping.
+      if test "X$echo" = "X$SHELL $0 --fallback-echo"; then
+	case "$0" in
+	[\\/]* | [A-Za-z]:[\\/]*) qecho="$SHELL $0 --fallback-echo";;
+	*) qecho="$SHELL `pwd`/$0 --fallback-echo";;
+	esac
+	qecho=`$echo "X$qecho" | $Xsed -e "$sed_quote_subst"`
+      else
+	qecho=`$echo "X$echo" | $Xsed -e "$sed_quote_subst"`
+      fi
+
+      # Only actually do things if our run command is non-null.
+      if test -z "$run"; then
+	# win32 will think the script is a binary if it has
+	# a .exe suffix, so we strip it off here.
+	case $output in
+	  *.exe) output=`echo $output|sed 's,.exe$,,'` ;;
+	esac
+	$rm $output
+	trap "$rm $output; exit 1" 1 2 15
+
+	$echo > $output "\
+#! $SHELL
+
+# $output - temporary wrapper script for $objdir/$outputname
+# Generated by $PROGRAM - GNU $PACKAGE $VERSION$TIMESTAMP
+#
+# The $output program cannot be directly executed until all the libtool
+# libraries that it depends on are installed.
+#
+# This wrapper script should never be moved out of the build directory.
+# If it is, it will not operate correctly.
+
+# Sed substitution that helps us do robust quoting.  It backslashifies
+# metacharacters that are still active within double-quoted strings.
+Xsed='sed -e 1s/^X//'
+sed_quote_subst='$sed_quote_subst'
+
+# The HP-UX ksh and POSIX shell print the target directory to stdout
+# if CDPATH is set.
+if test \"\${CDPATH+set}\" = set; then CDPATH=:; export CDPATH; fi
+
+relink_command=\"$relink_command\"
+
+# This environment variable determines our operation mode.
+if test \"\$libtool_install_magic\" = \"$magic\"; then
+  # install mode needs the following variable:
+  link_against_libtool_libs='$link_against_libtool_libs'
+else
+  # When we are sourced in execute mode, \$file and \$echo are already set.
+  if test \"\$libtool_execute_magic\" != \"$magic\"; then
+    echo=\"$qecho\"
+    file=\"\$0\"
+    # Make sure echo works.
+    if test \"X\$1\" = X--no-reexec; then
+      # Discard the --no-reexec flag, and continue.
+      shift
+    elif test \"X\`(\$echo '\t') 2>/dev/null\`\" = 'X\t'; then
+      # Yippee, \$echo works!
+      :
+    else
+      # Restart under the correct shell, and then maybe \$echo will work.
+      exec $SHELL \"\$0\" --no-reexec \${1+\"\$@\"}
+    fi
+  fi\
+"
+	$echo >> $output "\
+
+  # Find the directory that this script lives in.
+  thisdir=\`\$echo \"X\$file\" | \$Xsed -e 's%/[^/]*$%%'\`
+  test \"x\$thisdir\" = \"x\$file\" && thisdir=.
+
+  # Follow symbolic links until we get to the real thisdir.
+  file=\`ls -ld \"\$file\" | sed -n 's/.*-> //p'\`
+  while test -n \"\$file\"; do
+    destdir=\`\$echo \"X\$file\" | \$Xsed -e 's%/[^/]*\$%%'\`
+
+    # If there was a directory component, then change thisdir.
+    if test \"x\$destdir\" != \"x\$file\"; then
+      case \"\$destdir\" in
+      [\\/]* | [A-Za-z]:[\\/]*) thisdir=\"\$destdir\" ;;
+      *) thisdir=\"\$thisdir/\$destdir\" ;;
+      esac
+    fi
+
+    file=\`\$echo \"X\$file\" | \$Xsed -e 's%^.*/%%'\`
+    file=\`ls -ld \"\$thisdir/\$file\" | sed -n 's/.*-> //p'\`
+  done
+
+  # Try to get the absolute directory name.
+  absdir=\`cd \"\$thisdir\" && pwd\`
+  test -n \"\$absdir\" && thisdir=\"\$absdir\"
+"
+
+	if test "$fast_install" = yes; then
+	  echo >> $output "\
+  program=lt-'$outputname'
+  progdir=\"\$thisdir/$objdir\"
+  
+  if test ! -f \"\$progdir/\$program\" || \\
+     { file=\`ls -1dt \"\$progdir/\$program\" \"\$progdir/../\$program\" 2>/dev/null | sed 1q\`; \\
+       test \"X\$file\" != \"X\$progdir/\$program\"; }; then
+
+    file=\"\$\$-\$program\"
+
+    if test ! -d \"\$progdir\"; then
+      $mkdir \"\$progdir\"
+    else
+      $rm \"\$progdir/\$file\"
+    fi"
+
+	  echo >> $output "\
+
+    # relink executable if necessary
+    if test -n \"\$relink_command\"; then
+      if (cd \"\$thisdir\" && eval \$relink_command); then :
+      else
+	$rm \"\$progdir/\$file\"
+	exit 1
+      fi
+    fi
+
+    $mv \"\$progdir/\$file\" \"\$progdir/\$program\" 2>/dev/null ||
+    { $rm \"\$progdir/\$program\";
+      $mv \"\$progdir/\$file\" \"\$progdir/\$program\"; }
+    $rm \"\$progdir/\$file\"
+  fi"
+	else
+	  echo >> $output "\
+  program='$outputname'
+  progdir=\"\$thisdir/$objdir\"
+"
+	fi
+
+	echo >> $output "\
+
+  if test -f \"\$progdir/\$program\"; then"
+
+	# Export our shlibpath_var if we have one.
+	if test "$shlibpath_overrides_runpath" = yes && test -n "$shlibpath_var" && test -n "$temp_rpath"; then
+	  $echo >> $output "\
+    # Add our own library path to $shlibpath_var
+    $shlibpath_var=\"$temp_rpath\$$shlibpath_var\"
+
+    # Some systems cannot cope with colon-terminated $shlibpath_var
+    # The second colon is a workaround for a bug in BeOS R4 sed
+    $shlibpath_var=\`\$echo \"X\$$shlibpath_var\" | \$Xsed -e 's/::*\$//'\`
+
+    export $shlibpath_var
+"
+	fi
+
+	# fixup the dll searchpath if we need to.
+	if test -n "$dllsearchpath"; then
+	  $echo >> $output "\
+    # Add the dll search path components to the executable PATH
+    PATH=$dllsearchpath:\$PATH
+"
+	fi
+
+	$echo >> $output "\
+    if test \"\$libtool_execute_magic\" != \"$magic\"; then
+      # Run the actual program with our arguments.
+"
+	case $host in
+	*-*-cygwin* | *-*-mingw | *-*-os2*)
+	  # win32 systems need to use the prog path for dll
+	  # lookup to work
+	  $echo >> $output "\
+      exec \$progdir\\\\\$program \${1+\"\$@\"}
+"
+	  ;;
+	*)
+	  $echo >> $output "\
+      # Export the path to the program.
+      PATH=\"\$progdir:\$PATH\"
+      export PATH
+
+      exec \$program \${1+\"\$@\"}
+"
+	  ;;
+	esac
+	$echo >> $output "\
+      \$echo \"\$0: cannot exec \$program \${1+\"\$@\"}\"
+      exit 1
+    fi
+  else
+    # The program doesn't exist.
+    \$echo \"\$0: error: \$progdir/\$program does not exist\" 1>&2
+    \$echo \"This script is just a wrapper for \$program.\" 1>&2
+    echo \"See the $PACKAGE documentation for more information.\" 1>&2
+    exit 1
+  fi
+fi\
+"
+	chmod +x $output
+      fi
+      exit 0
+      ;;
+    esac
+
+    # See if we need to build an old-fashioned archive.
+    for oldlib in $oldlibs; do
+
+      if test "$build_libtool_libs" = convenience; then
+	oldobjs="$libobjs_save"
+	addlibs="$convenience"
+	build_libtool_libs=no
+      else
+	if test "$build_libtool_libs" = module; then
+	  oldobjs="$libobjs_save"
+	  build_libtool_libs=no
+	else
+	  oldobjs="$objs "`$echo "X$libobjs_save" | $SP2NL | $Xsed -e '/\.'${libext}'$/d' -e '/\.lib$/d' -e "$lo2o" | $NL2SP`
+	fi
+	addlibs="$old_convenience"
+      fi
+
+      if test -n "$addlibs"; then
+	gentop="$output_objdir/${outputname}x"
+	$show "${rm}r $gentop"
+	$run ${rm}r "$gentop"
+	$show "mkdir $gentop"
+	$run mkdir "$gentop"
+	status=$?
+	if test $status -ne 0 && test ! -d "$gentop"; then
+	  exit $status
+	fi
+	generated="$generated $gentop"
+	  
+	# Add in members from convenience archives.
+	for xlib in $addlibs; do
+	  # Extract the objects.
+	  case "$xlib" in
+	  [\\/]* | [A-Za-z]:[\\/]*) xabs="$xlib" ;;
+	  *) xabs=`pwd`"/$xlib" ;;
+	  esac
+	  xlib=`$echo "X$xlib" | $Xsed -e 's%^.*/%%'`
+	  xdir="$gentop/$xlib"
+
+	  $show "${rm}r $xdir"
+	  $run ${rm}r "$xdir"
+	  $show "mkdir $xdir"
+	  $run mkdir "$xdir"
+	  status=$?
+	  if test $status -ne 0 && test ! -d "$xdir"; then
+	    exit $status
+	  fi
+	  $show "(cd $xdir && $AR x $xabs)"
+	  $run eval "(cd \$xdir && $AR x \$xabs)" || exit $?
+
+	  oldobjs="$oldobjs "`find $xdir -name \*.${objext} -print -o -name \*.lo -print | $NL2SP`
+	done
+      fi
+
+      # Do each command in the archive commands.
+      if test -n "$old_archive_from_new_cmds" && test "$build_libtool_libs" = yes; then
+	eval cmds=\"$old_archive_from_new_cmds\"
+      else
+	# Ensure that we have .o objects in place in case we decided
+	# not to build a shared library, and have fallen back to building
+	# static libs even though --disable-static was passed!
+	for oldobj in $oldobjs; do
+	  if test ! -f $oldobj; then
+	    xdir=`$echo "X$oldobj" | $Xsed -e 's%/[^/]*$%%'`
+	    if test "X$xdir" = "X$oldobj"; then
+	      xdir="."
+	    else
+	      xdir="$xdir"
+	    fi
+	    baseobj=`$echo "X$oldobj" | $Xsed -e 's%^.*/%%'`
+	    obj=`$echo "X$baseobj" | $Xsed -e "$o2lo"`
+	    $show "(cd $xdir && ${LN_S} $obj $baseobj)"
+	    $run eval '(cd $xdir && ${LN_S} $obj $baseobj)' || exit $?
+	  fi
+	done
+
+	eval cmds=\"$old_archive_cmds\"
+      fi
+      IFS="${IFS= 	}"; save_ifs="$IFS"; IFS='~'
+      for cmd in $cmds; do
+	IFS="$save_ifs"
+	$show "$cmd"
+	$run eval "$cmd" || exit $?
+      done
+      IFS="$save_ifs"
+    done
+
+    if test -n "$generated"; then
+      $show "${rm}r$generated"
+      $run ${rm}r$generated
+    fi
+
+    # Now create the libtool archive.
+    case "$output" in
+    *.la)
+      old_library=
+      test "$build_old_libs" = yes && old_library="$libname.$libext"
+      $show "creating $output"
+
+      if test -n "$xrpath"; then
+	temp_xrpath=
+	for libdir in $xrpath; do
+	  temp_xrpath="$temp_xrpath -R$libdir"
+	done
+	dependency_libs="$temp_xrpath $dependency_libs"
+      fi
+
+      # Only create the output if not a dry run.
+      if test -z "$run"; then
+	for installed in no yes; do
+	  if test "$installed" = yes; then
+	    if test -z "$install_libdir"; then
+	      break
+	    fi
+	    output="$output_objdir/$outputname"i
+	  fi
+	  $rm $output
+	  $echo > $output "\
+# $outputname - a libtool library file
+# Generated by $PROGRAM - GNU $PACKAGE $VERSION$TIMESTAMP
+#
+# Please DO NOT delete this file!
+# It is necessary for linking the library.
+
+# The name that we can dlopen(3).
+dlname='$dlname'
+
+# Names of this library.
+library_names='$library_names'
+
+# The name of the static archive.
+old_library='$old_library'
+
+# Libraries that this one depends upon.
+dependency_libs='$dependency_libs'
+
+# Version information for $libname.
+current=$current
+age=$age
+revision=$revision
+
+# Is this an already installed library?
+installed=$installed
+
+# Directory that this library needs to be installed in:
+libdir='$install_libdir'\
+"
+	done
+      fi
+
+      # Do a symbolic link so that the libtool archive can be found in
+      # LD_LIBRARY_PATH before the program is installed.
+      $show "(cd $output_objdir && $rm $outputname && $LN_S ../$outputname $outputname)"
+      $run eval "(cd $output_objdir && $rm $outputname && $LN_S ../$outputname $outputname)" || exit $?
+      ;;
+    esac
+    exit 0
+    ;;
+
+  # libtool install mode
+  install)
+    modename="$modename: install"
+
+    # There may be an optional sh(1) argument at the beginning of
+    # install_prog (especially on Windows NT).
+    if test "$nonopt" = "$SHELL" || test "$nonopt" = /bin/sh; then
+      # Aesthetically quote it.
+      arg=`$echo "X$nonopt" | $Xsed -e "$sed_quote_subst"`
+      case "$arg" in
+      *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \	]*|*]*)
+	arg="\"$arg\""
+	;;
+      esac
+      install_prog="$arg "
+      arg="$1"
+      shift
+    else
+      install_prog=
+      arg="$nonopt"
+    fi
+
+    # The real first argument should be the name of the installation program.
+    # Aesthetically quote it.
+    arg=`$echo "X$arg" | $Xsed -e "$sed_quote_subst"`
+    case "$arg" in
+    *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \	]*|*]*)
+      arg="\"$arg\""
+      ;;
+    esac
+    install_prog="$install_prog$arg"
+
+    # We need to accept at least all the BSD install flags.
+    dest=
+    files=
+    opts=
+    prev=
+    install_type=
+    isdir=no
+    stripme=
+    for arg
+    do
+      if test -n "$dest"; then
+	files="$files $dest"
+	dest="$arg"
+	continue
+      fi
+
+      case "$arg" in
+      -d) isdir=yes ;;
+      -f) prev="-f" ;;
+      -g) prev="-g" ;;
+      -m) prev="-m" ;;
+      -o) prev="-o" ;;
+      -s)
+	stripme=" -s"
+	continue
+	;;
+      -*) ;;
+
+      *)
+	# If the previous option needed an argument, then skip it.
+	if test -n "$prev"; then
+	  prev=
+	else
+	  dest="$arg"
+	  continue
+	fi
+	;;
+      esac
+
+      # Aesthetically quote the argument.
+      arg=`$echo "X$arg" | $Xsed -e "$sed_quote_subst"`
+      case "$arg" in
+      *[\[\~\#\^\&\*\(\)\{\}\|\;\<\>\?\'\ \	]*|*]*)
+	arg="\"$arg\""
+	;;
+      esac
+      install_prog="$install_prog $arg"
+    done
+
+    if test -z "$install_prog"; then
+      $echo "$modename: you must specify an install program" 1>&2
+      $echo "$help" 1>&2
+      exit 1
+    fi
+
+    if test -n "$prev"; then
+      $echo "$modename: the \`$prev' option requires an argument" 1>&2
+      $echo "$help" 1>&2
+      exit 1
+    fi
+
+    if test -z "$files"; then
+      if test -z "$dest"; then
+	$echo "$modename: no file or destination specified" 1>&2
+      else
+	$echo "$modename: you must specify a destination" 1>&2
+      fi
+      $echo "$help" 1>&2
+      exit 1
+    fi
+
+    # Strip any trailing slash from the destination.
+    dest=`$echo "X$dest" | $Xsed -e 's%/$%%'`
+
+    # Check to see that the destination is a directory.
+    test -d "$dest" && isdir=yes
+    if test "$isdir" = yes; then
+      destdir="$dest"
+      destname=
+    else
+      destdir=`$echo "X$dest" | $Xsed -e 's%/[^/]*$%%'`
+      test "X$destdir" = "X$dest" && destdir=.
+      destname=`$echo "X$dest" | $Xsed -e 's%^.*/%%'`
+
+      # Not a directory, so check to see that there is only one file specified.
+      set dummy $files
+      if test $# -gt 2; then
+	$echo "$modename: \`$dest' is not a directory" 1>&2
+	$echo "$help" 1>&2
+	exit 1
+      fi
+    fi
+    case "$destdir" in
+    [\\/]* | [A-Za-z]:[\\/]*) ;;
+    *)
+      for file in $files; do
+	case "$file" in
+	*.lo) ;;
+	*)
+	  $echo "$modename: \`$destdir' must be an absolute directory name" 1>&2
+	  $echo "$help" 1>&2
+	  exit 1
+	  ;;
+	esac
+      done
+      ;;
+    esac
+
+    # This variable tells wrapper scripts just to set variables rather
+    # than running their programs.
+    libtool_install_magic="$magic"
+
+    staticlibs=
+    future_libdirs=
+    current_libdirs=
+    for file in $files; do
+
+      # Do each installation.
+      case "$file" in
+      *.a | *.lib)
+	# Do the static libraries later.
+	staticlibs="$staticlibs $file"
+	;;
+
+      *.la)
+	# Check to see that this really is a libtool archive.
+	if (sed -e '2q' $file | egrep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then :
+	else
+	  $echo "$modename: \`$file' is not a valid libtool archive" 1>&2
+	  $echo "$help" 1>&2
+	  exit 1
+	fi
+
+	library_names=
+	old_library=
+	# If there is no directory component, then add one.
+	case "$file" in
+	*/* | *\\*) . $file ;;
+	*) . ./$file ;;
+	esac
+
+	# Add the libdir to current_libdirs if it is the destination.
+	if test "X$destdir" = "X$libdir"; then
+	  case "$current_libdirs " in
+	  *" $libdir "*) ;;
+	  *) current_libdirs="$current_libdirs $libdir" ;;
+	  esac
+	else
+	  # Note the libdir as a future libdir.
+	  case "$future_libdirs " in
+	  *" $libdir "*) ;;
+	  *) future_libdirs="$future_libdirs $libdir" ;;
+	  esac
+	fi
+
+	dir="`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'`/"
+	test "X$dir" = "X$file/" && dir=
+	dir="$dir$objdir"
+
+	# See the names of the shared library.
+	set dummy $library_names
+	if test -n "$2"; then
+	  realname="$2"
+	  shift
+	  shift
+
+	  # Install the shared library and build the symlinks.
+	  $show "$install_prog $dir/$realname $destdir/$realname"
+	  $run eval "$install_prog $dir/$realname $destdir/$realname" || exit $?
+
+	  if test $# -gt 0; then
+	    # Delete the old symlinks, and create new ones.
+	    for linkname
+	    do
+	      if test "$linkname" != "$realname"; then
+		$show "(cd $destdir && $rm $linkname && $LN_S $realname $linkname)"
+		$run eval "(cd $destdir && $rm $linkname && $LN_S $realname $linkname)"
+	      fi
+	    done
+	  fi
+
+	  # Do each command in the postinstall commands.
+	  lib="$destdir/$realname"
+	  eval cmds=\"$postinstall_cmds\"
+	  IFS="${IFS= 	}"; save_ifs="$IFS"; IFS='~'
+	  for cmd in $cmds; do
+	    IFS="$save_ifs"
+	    $show "$cmd"
+	    $run eval "$cmd" || exit $?
+	  done
+	  IFS="$save_ifs"
+	fi
+
+	# Install the pseudo-library for information purposes.
+	name=`$echo "X$file" | $Xsed -e 's%^.*/%%'`
+	instname="$dir/$name"i
+	$show "$install_prog $instname $destdir/$name"
+	$run eval "$install_prog $instname $destdir/$name" || exit $?
+
+	# Maybe install the static library, too.
+	test -n "$old_library" && staticlibs="$staticlibs $dir/$old_library"
+	;;
+
+      *.lo)
+	# Install (i.e. copy) a libtool object.
+
+	# Figure out destination file name, if it wasn't already specified.
+	if test -n "$destname"; then
+	  destfile="$destdir/$destname"
+	else
+	  destfile=`$echo "X$file" | $Xsed -e 's%^.*/%%'`
+	  destfile="$destdir/$destfile"
+	fi
+
+	# Deduce the name of the destination old-style object file.
+	case "$destfile" in
+	*.lo)
+	  staticdest=`$echo "X$destfile" | $Xsed -e "$lo2o"`
+	  ;;
+	*.o | *.obj)
+	  staticdest="$destfile"
+	  destfile=
+	  ;;
+	*)
+	  $echo "$modename: cannot copy a libtool object to \`$destfile'" 1>&2
+	  $echo "$help" 1>&2
+	  exit 1
+	  ;;
+	esac
+
+	# Install the libtool object if requested.
+	if test -n "$destfile"; then
+	  $show "$install_prog $file $destfile"
+	  $run eval "$install_prog $file $destfile" || exit $?
+	fi
+
+	# Install the old object if enabled.
+	if test "$build_old_libs" = yes; then
+	  # Deduce the name of the old-style object file.
+	  staticobj=`$echo "X$file" | $Xsed -e "$lo2o"`
+
+	  $show "$install_prog $staticobj $staticdest"
+	  $run eval "$install_prog \$staticobj \$staticdest" || exit $?
+	fi
+	exit 0
+	;;
+
+      *)
+	# Figure out destination file name, if it wasn't already specified.
+	if test -n "$destname"; then
+	  destfile="$destdir/$destname"
+	else
+	  destfile=`$echo "X$file" | $Xsed -e 's%^.*/%%'`
+	  destfile="$destdir/$destfile"
+	fi
+
+	# Do a test to see if this is really a libtool program.
+	if (sed -e '4q' $file | egrep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then
+	  link_against_libtool_libs=
+	  relink_command=
+
+	  # If there is no directory component, then add one.
+	  case "$file" in
+	  */* | *\\*) . $file ;;
+	  *) . ./$file ;;
+	  esac
+
+	  # Check the variables that should have been set.
+	  if test -z "$link_against_libtool_libs"; then
+	    $echo "$modename: invalid libtool wrapper script \`$file'" 1>&2
+	    exit 1
+	  fi
+
+	  finalize=yes
+	  for lib in $link_against_libtool_libs; do
+	    # Check to see that each library is installed.
+	    libdir=
+	    if test -f "$lib"; then
+	      # If there is no directory component, then add one.
+	      case "$lib" in
+	      */* | *\\*) . $lib ;;
+	      *) . ./$lib ;;
+	      esac
+	    fi
+	    libfile="$libdir/`$echo "X$lib" | $Xsed -e 's%^.*/%%g'`"
+	    if test -n "$libdir" && test ! -f "$libfile"; then
+	      $echo "$modename: warning: \`$lib' has not been installed in \`$libdir'" 1>&2
+	      finalize=no
+	    fi
+	  done
+
+	  outputname=
+	  if test "$fast_install" = no && test -n "$relink_command"; then
+	    if test "$finalize" = yes && test -z "$run"; then
+	      tmpdir="/tmp"
+	      test -n "$TMPDIR" && tmpdir="$TMPDIR"
+	      tmpdir="$tmpdir/libtool-$$"
+	      if $mkdir -p "$tmpdir" && chmod 700 "$tmpdir"; then :
+	      else
+		$echo "$modename: error: cannot create temporary directory \`$tmpdir'" 1>&2
+		continue
+	      fi
+	      outputname="$tmpdir/$file"
+	      # Replace the output file specification.
+	      relink_command=`$echo "X$relink_command" | $Xsed -e 's%@OUTPUT@%'"$outputname"'%g'`
+
+	      $show "$relink_command"
+	      if $run eval "$relink_command"; then :
+	      else
+		$echo "$modename: error: relink \`$file' with the above command before installing it" 1>&2
+		${rm}r "$tmpdir"
+		continue
+	      fi
+	      file="$outputname"
+	    else
+	      $echo "$modename: warning: cannot relink \`$file'" 1>&2
+	    fi
+	  else
+	    # Install the binary that we compiled earlier.
+	    file=`$echo "X$file" | $Xsed -e "s%\([^/]*\)$%$objdir/\1%"`
+	  fi
+	fi
+
+	$show "$install_prog$stripme $file $destfile"
+	$run eval "$install_prog\$stripme \$file \$destfile" || exit $?
+	test -n "$outputname" && ${rm}r "$tmpdir"
+	;;
+      esac
+    done
+
+    for file in $staticlibs; do
+      name=`$echo "X$file" | $Xsed -e 's%^.*/%%'`
+
+      # Set up the ranlib parameters.
+      oldlib="$destdir/$name"
+
+      $show "$install_prog $file $oldlib"
+      $run eval "$install_prog \$file \$oldlib" || exit $?
+
+      # Do each command in the postinstall commands.
+      eval cmds=\"$old_postinstall_cmds\"
+      IFS="${IFS= 	}"; save_ifs="$IFS"; IFS='~'
+      for cmd in $cmds; do
+	IFS="$save_ifs"
+	$show "$cmd"
+	$run eval "$cmd" || exit $?
+      done
+      IFS="$save_ifs"
+    done
+
+    if test -n "$future_libdirs"; then
+      $echo "$modename: warning: remember to run \`$progname --finish$future_libdirs'" 1>&2
+    fi
+
+    if test -n "$current_libdirs"; then
+      # Maybe just do a dry run.
+      test -n "$run" && current_libdirs=" -n$current_libdirs"
+      exec $SHELL $0 --finish$current_libdirs
+      exit 1
+    fi
+
+    exit 0
+    ;;
+
+  # libtool finish mode
+  finish)
+    modename="$modename: finish"
+    libdirs="$nonopt"
+    admincmds=
+
+    if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then
+      for dir
+      do
+	libdirs="$libdirs $dir"
+      done
+
+      for libdir in $libdirs; do
+	if test -n "$finish_cmds"; then
+	  # Do each command in the finish commands.
+	  eval cmds=\"$finish_cmds\"
+	  IFS="${IFS= 	}"; save_ifs="$IFS"; IFS='~'
+	  for cmd in $cmds; do
+	    IFS="$save_ifs"
+	    $show "$cmd"
+	    $run eval "$cmd" || admincmds="$admincmds
+       $cmd"
+	  done
+	  IFS="$save_ifs"
+	fi
+	if test -n "$finish_eval"; then
+	  # Do the single finish_eval.
+	  eval cmds=\"$finish_eval\"
+	  $run eval "$cmds" || admincmds="$admincmds
+       $cmds"
+	fi
+      done
+    fi
+
+    # Exit here if they wanted silent mode.
+    test "$show" = : && exit 0
+
+    echo "----------------------------------------------------------------------"
+    echo "Libraries have been installed in:"
+    for libdir in $libdirs; do
+      echo "   $libdir"
+    done
+    echo
+    echo "If you ever happen to want to link against installed libraries"
+    echo "in a given directory, LIBDIR, you must either use libtool, and"
+    echo "specify the full pathname of the library, or use \`-LLIBDIR'"
+    echo "flag during linking and do at least one of the following:"
+    if test -n "$shlibpath_var"; then
+      echo "   - add LIBDIR to the \`$shlibpath_var' environment variable"
+      echo "     during execution"
+    fi
+    if test -n "$runpath_var"; then
+      echo "   - add LIBDIR to the \`$runpath_var' environment variable"
+      echo "     during linking"
+    fi
+    if test -n "$hardcode_libdir_flag_spec"; then
+      libdir=LIBDIR
+      eval flag=\"$hardcode_libdir_flag_spec\"
+
+      echo "   - use the \`$flag' linker flag"
+    fi
+    if test -n "$admincmds"; then
+      echo "   - have your system administrator run these commands:$admincmds"
+    fi
+    if test -f /etc/ld.so.conf; then
+      echo "   - have your system administrator add LIBDIR to \`/etc/ld.so.conf'"
+    fi
+    echo
+    echo "See any operating system documentation about shared libraries for"
+    echo "more information, such as the ld(1) and ld.so(8) manual pages."
+    echo "----------------------------------------------------------------------"
+    exit 0
+    ;;
+
+  # libtool execute mode
+  execute)
+    modename="$modename: execute"
+
+    # The first argument is the command name.
+    cmd="$nonopt"
+    if test -z "$cmd"; then
+      $echo "$modename: you must specify a COMMAND" 1>&2
+      $echo "$help"
+      exit 1
+    fi
+
+    # Handle -dlopen flags immediately.
+    for file in $execute_dlfiles; do
+      if test ! -f "$file"; then
+	$echo "$modename: \`$file' is not a file" 1>&2
+	$echo "$help" 1>&2
+	exit 1
+      fi
+
+      dir=
+      case "$file" in
+      *.la)
+	# Check to see that this really is a libtool archive.
+	if (sed -e '2q' $file | egrep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then :
+	else
+	  $echo "$modename: \`$lib' is not a valid libtool archive" 1>&2
+	  $echo "$help" 1>&2
+	  exit 1
+	fi
+
+	# Read the libtool library.
+	dlname=
+	library_names=
+
+	# If there is no directory component, then add one.
+	case "$file" in
+	*/* | *\\*) . $file ;;
+	*) . ./$file ;;
+	esac
+
+	# Skip this library if it cannot be dlopened.
+	if test -z "$dlname"; then
+	  # Warn if it was a shared library.
+	  test -n "$library_names" && $echo "$modename: warning: \`$file' was not linked with \`-export-dynamic'"
+	  continue
+	fi
+
+	dir=`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'`
+	test "X$dir" = "X$file" && dir=.
+
+	if test -f "$dir/$objdir/$dlname"; then
+	  dir="$dir/$objdir"
+	else
+	  $echo "$modename: cannot find \`$dlname' in \`$dir' or \`$dir/$objdir'" 1>&2
+	  exit 1
+	fi
+	;;
+
+      *.lo)
+	# Just add the directory containing the .lo file.
+	dir=`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'`
+	test "X$dir" = "X$file" && dir=.
+	;;
+
+      *)
+	$echo "$modename: warning \`-dlopen' is ignored for non-libtool libraries and objects" 1>&2
+	continue
+	;;
+      esac
+
+      # Get the absolute pathname.
+      absdir=`cd "$dir" && pwd`
+      test -n "$absdir" && dir="$absdir"
+
+      # Now add the directory to shlibpath_var.
+      if eval "test -z \"\$$shlibpath_var\""; then
+	eval "$shlibpath_var=\"\$dir\""
+      else
+	eval "$shlibpath_var=\"\$dir:\$$shlibpath_var\""
+      fi
+    done
+
+    # This variable tells wrapper scripts just to set shlibpath_var
+    # rather than running their programs.
+    libtool_execute_magic="$magic"
+
+    # Check if any of the arguments is a wrapper script.
+    args=
+    for file
+    do
+      case "$file" in
+      -*) ;;
+      *)
+	# Do a test to see if this is really a libtool program.
+	if (sed -e '4q' $file | egrep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then
+	  # If there is no directory component, then add one.
+	  case "$file" in
+	  */* | *\\*) . $file ;;
+	  *) . ./$file ;;
+	  esac
+
+	  # Transform arg to wrapped name.
+	  file="$progdir/$program"
+	fi
+	;;
+      esac
+      # Quote arguments (to preserve shell metacharacters).
+      file=`$echo "X$file" | $Xsed -e "$sed_quote_subst"`
+      args="$args \"$file\""
+    done
+
+    if test -z "$run"; then
+      if test -n "$shlibpath_var"; then
+        # Export the shlibpath_var.
+        eval "export $shlibpath_var"
+      fi
+
+      # Restore saved enviroment variables
+      if test "${save_LC_ALL+set}" = set; then
+	LC_ALL="$save_LC_ALL"; export LC_ALL
+      fi
+      if test "${save_LANG+set}" = set; then
+	LANG="$save_LANG"; export LANG
+      fi
+
+      # Now actually exec the command.
+      eval "exec \$cmd$args"
+
+      $echo "$modename: cannot exec \$cmd$args"
+      exit 1
+    else
+      # Display what would be done.
+      if test -n "$shlibpath_var"; then
+        eval "\$echo \"\$shlibpath_var=\$$shlibpath_var\""
+        $echo "export $shlibpath_var"
+      fi
+      $echo "$cmd$args"
+      exit 0
+    fi
+    ;;
+
+  # libtool uninstall mode
+  uninstall)
+    modename="$modename: uninstall"
+    rm="$nonopt"
+    files=
+
+    for arg
+    do
+      case "$arg" in
+      -*) rm="$rm $arg" ;;
+      *) files="$files $arg" ;;
+      esac
+    done
+
+    if test -z "$rm"; then
+      $echo "$modename: you must specify an RM program" 1>&2
+      $echo "$help" 1>&2
+      exit 1
+    fi
+
+    for file in $files; do
+      dir=`$echo "X$file" | $Xsed -e 's%/[^/]*$%%'`
+      test "X$dir" = "X$file" && dir=.
+      name=`$echo "X$file" | $Xsed -e 's%^.*/%%'`
+
+      rmfiles="$file"
+
+      case "$name" in
+      *.la)
+	# Possibly a libtool archive, so verify it.
+	if (sed -e '2q' $file | egrep "^# Generated by .*$PACKAGE") >/dev/null 2>&1; then
+	  . $dir/$name
+
+	  # Delete the libtool libraries and symlinks.
+	  for n in $library_names; do
+	    rmfiles="$rmfiles $dir/$n"
+	  done
+	  test -n "$old_library" && rmfiles="$rmfiles $dir/$old_library"
+
+	  $show "$rm $rmfiles"
+	  $run $rm $rmfiles
+
+	  if test -n "$library_names"; then
+	    # Do each command in the postuninstall commands.
+	    eval cmds=\"$postuninstall_cmds\"
+	    IFS="${IFS= 	}"; save_ifs="$IFS"; IFS='~'
+	    for cmd in $cmds; do
+	      IFS="$save_ifs"
+	      $show "$cmd"
+	      $run eval "$cmd"
+	    done
+	    IFS="$save_ifs"
+	  fi
+
+	  if test -n "$old_library"; then
+	    # Do each command in the old_postuninstall commands.
+	    eval cmds=\"$old_postuninstall_cmds\"
+	    IFS="${IFS= 	}"; save_ifs="$IFS"; IFS='~'
+	    for cmd in $cmds; do
+	      IFS="$save_ifs"
+	      $show "$cmd"
+	      $run eval "$cmd"
+	    done
+	    IFS="$save_ifs"
+	  fi
+
+	  # FIXME: should reinstall the best remaining shared library.
+	fi
+	;;
+
+      *.lo)
+	if test "$build_old_libs" = yes; then
+	  oldobj=`$echo "X$name" | $Xsed -e "$lo2o"`
+	  rmfiles="$rmfiles $dir/$oldobj"
+	fi
+	$show "$rm $rmfiles"
+	$run $rm $rmfiles
+	;;
+
+      *)
+	$show "$rm $rmfiles"
+	$run $rm $rmfiles
+	;;
+      esac
+    done
+    exit 0
+    ;;
+
+  "")
+    $echo "$modename: you must specify a MODE" 1>&2
+    $echo "$generic_help" 1>&2
+    exit 1
+    ;;
+  esac
+
+  $echo "$modename: invalid operation mode \`$mode'" 1>&2
+  $echo "$generic_help" 1>&2
+  exit 1
+fi # test -z "$show_help"
+
+# We need to display help for each of the modes.
+case "$mode" in
+"") $echo \
+"Usage: $modename [OPTION]... [MODE-ARG]...
+
+Provide generalized library-building support services.
+
+    --config          show all configuration variables
+    --debug           enable verbose shell tracing
+-n, --dry-run         display commands without modifying any files
+    --features        display basic configuration information and exit
+    --finish          same as \`--mode=finish'
+    --help            display this help message and exit
+    --mode=MODE       use operation mode MODE [default=inferred from MODE-ARGS]
+    --quiet           same as \`--silent'
+    --silent          don't print informational messages
+    --version         print version information
+
+MODE must be one of the following:
+
+      compile         compile a source file into a libtool object
+      execute         automatically set library path, then run a program
+      finish          complete the installation of libtool libraries
+      install         install libraries or executables
+      link            create a library or an executable
+      uninstall       remove libraries from an installed directory
+
+MODE-ARGS vary depending on the MODE.  Try \`$modename --help --mode=MODE' for
+a more detailed description of MODE."
+  exit 0
+  ;;
+
+compile)
+  $echo \
+"Usage: $modename [OPTION]... --mode=compile COMPILE-COMMAND... SOURCEFILE
+
+Compile a source file into a libtool library object.
+
+This mode accepts the following additional options:
+
+  -o OUTPUT-FILE    set the output file name to OUTPUT-FILE
+  -static           always build a \`.o' file suitable for static linking
+
+COMPILE-COMMAND is a command to be used in creating a \`standard' object file
+from the given SOURCEFILE.
+
+The output file name is determined by removing the directory component from
+SOURCEFILE, then substituting the C source code suffix \`.c' with the
+library object suffix, \`.lo'."
+  ;;
+
+execute)
+  $echo \
+"Usage: $modename [OPTION]... --mode=execute COMMAND [ARGS]...
+
+Automatically set library path, then run a program.
+
+This mode accepts the following additional options:
+
+  -dlopen FILE      add the directory containing FILE to the library path
+
+This mode sets the library path environment variable according to \`-dlopen'
+flags.
+
+If any of the ARGS are libtool executable wrappers, then they are translated
+into their corresponding uninstalled binary, and any of their required library
+directories are added to the library path.
+
+Then, COMMAND is executed, with ARGS as arguments."
+  ;;
+
+finish)
+  $echo \
+"Usage: $modename [OPTION]... --mode=finish [LIBDIR]...
+
+Complete the installation of libtool libraries.
+
+Each LIBDIR is a directory that contains libtool libraries.
+
+The commands that this mode executes may require superuser privileges.  Use
+the \`--dry-run' option if you just want to see what would be executed."
+  ;;
+
+install)
+  $echo \
+"Usage: $modename [OPTION]... --mode=install INSTALL-COMMAND...
+
+Install executables or libraries.
+
+INSTALL-COMMAND is the installation command.  The first component should be
+either the \`install' or \`cp' program.
+
+The rest of the components are interpreted as arguments to that command (only
+BSD-compatible install options are recognized)."
+  ;;
+
+link)
+  $echo \
+"Usage: $modename [OPTION]... --mode=link LINK-COMMAND...
+
+Link object files or libraries together to form another library, or to
+create an executable program.
+
+LINK-COMMAND is a command using the C compiler that you would use to create
+a program from several object files.
+
+The following components of LINK-COMMAND are treated specially:
+
+  -all-static       do not do any dynamic linking at all
+  -avoid-version    do not add a version suffix if possible
+  -dlopen FILE      \`-dlpreopen' FILE if it cannot be dlopened at runtime
+  -dlpreopen FILE   link in FILE and add its symbols to lt_preloaded_symbols
+  -export-dynamic   allow symbols from OUTPUT-FILE to be resolved with dlsym(3)
+  -export-symbols SYMFILE
+		    try to export only the symbols listed in SYMFILE
+  -export-symbols-regex REGEX
+		    try to export only the symbols matching REGEX
+  -LLIBDIR          search LIBDIR for required installed libraries
+  -lNAME            OUTPUT-FILE requires the installed library libNAME
+  -module           build a library that can dlopened
+  -no-undefined     declare that a library does not refer to external symbols
+  -o OUTPUT-FILE    create OUTPUT-FILE from the specified objects
+  -release RELEASE  specify package release information
+  -rpath LIBDIR     the created library will eventually be installed in LIBDIR
+  -R[ ]LIBDIR       add LIBDIR to the runtime path of programs and libraries
+  -static           do not do any dynamic linking of libtool libraries
+  -version-info CURRENT[:REVISION[:AGE]]
+		    specify library version info [each variable defaults to 0]
+
+All other options (arguments beginning with \`-') are ignored.
+
+Every other argument is treated as a filename.  Files ending in \`.la' are
+treated as uninstalled libtool libraries, other files are standard or library
+object files.
+
+If the OUTPUT-FILE ends in \`.la', then a libtool library is created,
+only library objects (\`.lo' files) may be specified, and \`-rpath' is
+required, except when creating a convenience library.
+
+If OUTPUT-FILE ends in \`.a' or \`.lib', then a standard library is created
+using \`ar' and \`ranlib', or on Windows using \`lib'.
+
+If OUTPUT-FILE ends in \`.lo' or \`.${objext}', then a reloadable object file
+is created, otherwise an executable program is created."
+  ;;
+
+uninstall)
+  $echo \
+"Usage: $modename [OPTION]... --mode=uninstall RM [RM-OPTION]... FILE...
+
+Remove libraries from an installation directory.
+
+RM is the name of the program to use to delete files associated with each FILE
+(typically \`/bin/rm').  RM-OPTIONS are options (such as \`-f') to be passed
+to RM.
+
+If FILE is a libtool library, all the files associated with it are deleted.
+Otherwise, only FILE itself is deleted using RM."
+  ;;
+
+*)
+  $echo "$modename: invalid operation mode \`$mode'" 1>&2
+  $echo "$help" 1>&2
+  exit 1
+  ;;
+esac
+
+echo
+$echo "Try \`$modename --help' for more information about other modes."
+
+exit 0
+
+# Local Variables:
+# mode:shell-script
+# sh-indentation:2
+# End:
diff --git a/external/privoxy/pcre/maketables.c b/external/privoxy/pcre/maketables.c
new file mode 100644
index 0000000..c0f06c0
--- /dev/null
+++ b/external/privoxy/pcre/maketables.c
@@ -0,0 +1,132 @@
+/*************************************************
+*      Perl-Compatible Regular Expressions       *
+*************************************************/
+
+/*
+PCRE is a library of functions to support regular expressions whose syntax
+and semantics are as close as possible to those of the Perl 5 language.
+
+Written by: Philip Hazel <ph10 at cam.ac.uk>
+
+           Copyright (c) 1997-2000 University of Cambridge
+
+-----------------------------------------------------------------------------
+Permission is granted to anyone to use this software for any purpose on any
+computer system, and to redistribute it freely, subject to the following
+restrictions:
+
+1. This software is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+2. The origin of this software must not be misrepresented, either by
+   explicit claim or by omission.
+
+3. Altered versions must be plainly marked as such, and must not be
+   misrepresented as being the original software.
+
+4. If PCRE is embedded in any software that is released under the GNU
+   General Purpose Licence (GPL), then the terms of that licence shall
+   supersede any condition above with which it is incompatible.
+-----------------------------------------------------------------------------
+
+See the file Tech.Notes for some information on the internals.
+*/
+
+
+/* This file is compiled on its own as part of the PCRE library. However,
+it is also included in the compilation of dftables.c, in which case the macro
+DFTABLES is defined. */
+
+#ifndef DFTABLES
+#include "internal.h"
+#endif
+
+
+
+/*************************************************
+*           Create PCRE character tables         *
+*************************************************/
+
+/* This function builds a set of character tables for use by PCRE and returns
+a pointer to them. They are build using the ctype functions, and consequently
+their contents will depend upon the current locale setting. When compiled as
+part of the library, the store is obtained via pcre_malloc(), but when compiled
+inside dftables, use malloc().
+
+Arguments:   none
+Returns:     pointer to the contiguous block of data
+*/
+
+unsigned const char *
+pcre_maketables(void)
+{
+unsigned char *yield, *p;
+int i;
+
+#ifndef DFTABLES
+yield = (unsigned char*)(pcre_malloc)(tables_length);
+#else
+yield = (unsigned char*)malloc(tables_length);
+#endif
+
+if (yield == NULL) return NULL;
+p = yield;
+
+/* First comes the lower casing table */
+
+for (i = 0; i < 256; i++) *p++ = tolower(i);
+
+/* Next the case-flipping table */
+
+for (i = 0; i < 256; i++) *p++ = islower(i)? toupper(i) : tolower(i);
+
+/* Then the character class tables. Don't try to be clever and save effort
+on exclusive ones - in some locales things may be different. */
+
+memset(p, 0, cbit_length);
+for (i = 0; i < 256; i++)
+  {
+  if (isdigit(i))
+    {
+    p[cbit_digit  + i/8] |= 1 << (i&7);
+    p[cbit_word   + i/8] |= 1 << (i&7);
+    }
+  if (isupper(i))
+    {
+    p[cbit_upper  + i/8] |= 1 << (i&7);
+    p[cbit_word   + i/8] |= 1 << (i&7);
+    }
+  if (islower(i))
+    {
+    p[cbit_lower  + i/8] |= 1 << (i&7);
+    p[cbit_word   + i/8] |= 1 << (i&7);
+    }
+  if (i == '_')   p[cbit_word   + i/8] |= 1 << (i&7);
+  if (isspace(i)) p[cbit_space  + i/8] |= 1 << (i&7);
+  if (isxdigit(i))p[cbit_xdigit + i/8] |= 1 << (i&7);
+  if (isgraph(i)) p[cbit_graph  + i/8] |= 1 << (i&7);
+  if (isprint(i)) p[cbit_print  + i/8] |= 1 << (i&7);
+  if (ispunct(i)) p[cbit_punct  + i/8] |= 1 << (i&7);
+  if (iscntrl(i)) p[cbit_cntrl  + i/8] |= 1 << (i&7);
+  }
+p += cbit_length;
+
+/* Finally, the character type table */
+
+for (i = 0; i < 256; i++)
+  {
+  int x = 0;
+  if (isspace(i)) x += ctype_space;
+  if (isalpha(i)) x += ctype_letter;
+  if (isdigit(i)) x += ctype_digit;
+  if (isxdigit(i)) x += ctype_xdigit;
+  if (isalnum(i) || i == '_') x += ctype_word;
+  if (strchr("*+?{^.$|()[", i) != 0) x += ctype_meta;
+  *p++ = x;
+  }
+
+return yield;
+}
+
+/* End of maketables.c */
diff --git a/external/privoxy/pcre/pcre-config b/external/privoxy/pcre/pcre-config
new file mode 100755
index 0000000..ac9ccfe
--- /dev/null
+++ b/external/privoxy/pcre/pcre-config
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+prefix=/usr/local
+exec_prefix=${prefix}
+exec_prefix_set=no
+
+usage="\
+Usage: pcre-config [--prefix] [--exec-prefix] [--version] [--libs] [--libs-posix] [--cflags] [--cflags-posix]"
+
+if test $# -eq 0; then
+      echo "${usage}" 1>&2
+      exit 1
+fi
+
+while test $# -gt 0; do
+  case "$1" in
+  -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
+  *) optarg= ;;
+  esac
+
+  case $1 in
+    --prefix=*)
+      prefix=$optarg
+      if test $exec_prefix_set = no ; then
+        exec_prefix=$optarg
+      fi
+      ;;
+    --prefix)
+      echo $prefix
+      ;;
+    --exec-prefix=*)
+      exec_prefix=$optarg
+      exec_prefix_set=yes
+      ;;
+    --exec-prefix)
+      echo $exec_prefix
+      ;;
+    --version)
+      echo 3.4
+      ;;
+    --cflags | --cflags-posix)
+      if test ${prefix}/include != /usr/include ; then
+        includes=-I${prefix}/include
+      fi
+      echo $includes
+      ;;
+    --libs-posix)
+      echo -L${exec_prefix}/lib -lpcreposix -lpcre
+      ;;
+    --libs)
+      echo -L${exec_prefix}/lib -lpcre
+      ;;
+    *)
+      echo "${usage}" 1>&2
+      exit 1
+      ;;
+  esac
+  shift
+done
diff --git a/external/privoxy/pcre/pcre-config.in b/external/privoxy/pcre/pcre-config.in
new file mode 100644
index 0000000..8daded9
--- /dev/null
+++ b/external/privoxy/pcre/pcre-config.in
@@ -0,0 +1,59 @@
+#!/bin/sh
+
+prefix=@prefix@
+exec_prefix=@exec_prefix@
+exec_prefix_set=no
+
+usage="\
+Usage: pcre-config [--prefix] [--exec-prefix] [--version] [--libs] [--libs-posix] [--cflags] [--cflags-posix]"
+
+if test $# -eq 0; then
+      echo "${usage}" 1>&2
+      exit 1
+fi
+
+while test $# -gt 0; do
+  case "$1" in
+  -*=*) optarg=`echo "$1" | sed 's/[-_a-zA-Z0-9]*=//'` ;;
+  *) optarg= ;;
+  esac
+
+  case $1 in
+    --prefix=*)
+      prefix=$optarg
+      if test $exec_prefix_set = no ; then
+        exec_prefix=$optarg
+      fi
+      ;;
+    --prefix)
+      echo $prefix
+      ;;
+    --exec-prefix=*)
+      exec_prefix=$optarg
+      exec_prefix_set=yes
+      ;;
+    --exec-prefix)
+      echo $exec_prefix
+      ;;
+    --version)
+      echo @PCRE_VERSION@
+      ;;
+    --cflags | --cflags-posix)
+      if test @includedir@ != /usr/include ; then
+        includes=-I at includedir@
+      fi
+      echo $includes
+      ;;
+    --libs-posix)
+      echo -L at libdir@ -lpcreposix -lpcre
+      ;;
+    --libs)
+      echo -L at libdir@ -lpcre
+      ;;
+    *)
+      echo "${usage}" 1>&2
+      exit 1
+      ;;
+  esac
+  shift
+done
diff --git a/external/privoxy/pcre/pcre.c b/external/privoxy/pcre/pcre.c
new file mode 100644
index 0000000..5149f8d
--- /dev/null
+++ b/external/privoxy/pcre/pcre.c
@@ -0,0 +1,5151 @@
+/*************************************************
+*      Perl-Compatible Regular Expressions       *
+*************************************************/
+
+/*
+This is a library of functions to support regular expressions whose syntax
+and semantics are as close as possible to those of the Perl 5 language. See
+the file Tech.Notes for some information on the internals.
+
+Written by: Philip Hazel <ph10 at cam.ac.uk>
+
+           Copyright (c) 1997-2000 University of Cambridge
+
+-----------------------------------------------------------------------------
+Permission is granted to anyone to use this software for any purpose on any
+computer system, and to redistribute it freely, subject to the following
+restrictions:
+
+1. This software is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+2. The origin of this software must not be misrepresented, either by
+   explicit claim or by omission.
+
+3. Altered versions must be plainly marked as such, and must not be
+   misrepresented as being the original software.
+
+4. If PCRE is embedded in any software that is released under the GNU
+   General Purpose Licence (GPL), then the terms of that licence shall
+   supersede any condition above with which it is incompatible.
+-----------------------------------------------------------------------------
+*/
+
+
+/* Define DEBUG to get debugging output on stdout. */
+
+/* #define DEBUG */
+
+/* Use a macro for debugging printing, 'cause that eliminates the use of #ifdef
+inline, and there are *still* stupid compilers about that don't like indented
+pre-processor statements. I suppose it's only been 10 years... */
+
+#ifdef DEBUG
+#define DPRINTF(p) printf p
+#else
+#define DPRINTF(p) /*nothing*/
+#endif
+
+/* Include the internals header, which itself includes Standard C headers plus
+the external pcre header. */
+
+#include "internal.h"
+
+
+/* Allow compilation as C++ source code, should anybody want to do that. */
+
+#ifdef __cplusplus
+#define class pcre_class
+#endif
+
+
+/* Number of items on the nested bracket stacks at compile time. This should
+not be set greater than 200. */
+
+#define BRASTACK_SIZE 200
+
+
+/* The number of bytes in a literal character string above which we can't add
+any more is different when UTF-8 characters may be encountered. */
+
+#ifdef SUPPORT_UTF8
+#define MAXLIT 250
+#else
+#define MAXLIT 255
+#endif
+
+
+/* Min and max values for the common repeats; for the maxima, 0 => infinity */
+
+static const char rep_min[] = { 0, 0, 1, 1, 0, 0 };
+static const char rep_max[] = { 0, 0, 0, 0, 1, 1 };
+
+/* Text forms of OP_ values and things, for debugging (not all used) */
+
+#ifdef DEBUG
+static const char *OP_names[] = {
+  "End", "\\A", "\\B", "\\b", "\\D", "\\d",
+  "\\S", "\\s", "\\W", "\\w", "\\Z", "\\z",
+  "Opt", "^", "$", "Any", "chars", "not",
+  "*", "*?", "+", "+?", "?", "??", "{", "{", "{",
+  "*", "*?", "+", "+?", "?", "??", "{", "{", "{",
+  "*", "*?", "+", "+?", "?", "??", "{", "{", "{",
+  "*", "*?", "+", "+?", "?", "??", "{", "{",
+  "class", "Ref", "Recurse",
+  "Alt", "Ket", "KetRmax", "KetRmin", "Assert", "Assert not",
+  "AssertB", "AssertB not", "Reverse", "Once", "Cond", "Cref",
+  "Brazero", "Braminzero", "Bra"
+};
+#endif
+
+/* Table for handling escaped characters in the range '0'-'z'. Positive returns
+are simple data values; negative values are for special things like \d and so
+on. Zero means further processing is needed (for things like \x), or the escape
+is invalid. */
+
+static const short int escapes[] = {
+    0,      0,      0,      0,      0,      0,      0,      0,   /* 0 - 7 */
+    0,      0,    ':',    ';',    '<',    '=',    '>',    '?',   /* 8 - ? */
+  '@', -ESC_A, -ESC_B,      0, -ESC_D,      0,      0,      0,   /* @ - G */
+    0,      0,      0,      0,      0,      0,      0,      0,   /* H - O */
+    0,      0,      0, -ESC_S,      0,      0,      0, -ESC_W,   /* P - W */
+    0,      0, -ESC_Z,    '[',   '\\',    ']',    '^',    '_',   /* X - _ */
+  '`',      7, -ESC_b,      0, -ESC_d,     27,   '\f',      0,   /* ` - g */
+    0,      0,      0,      0,      0,      0,   '\n',      0,   /* h - o */
+    0,      0,   '\r', -ESC_s,   '\t',      0,      0, -ESC_w,   /* p - w */
+    0,      0, -ESC_z                                            /* x - z */
+};
+
+/* Tables of names of POSIX character classes and their lengths. The list is
+terminated by a zero length entry. The first three must be alpha, upper, lower,
+as this is assumed for handling case independence. */
+
+static const char *posix_names[] = {
+  "alpha", "lower", "upper",
+  "alnum", "ascii", "cntrl", "digit", "graph",
+  "print", "punct", "space", "word",  "xdigit" };
+
+static const uschar posix_name_lengths[] = {
+  5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 4, 6, 0 };
+
+/* Table of class bit maps for each POSIX class; up to three may be combined
+to form the class. */
+
+static const int posix_class_maps[] = {
+  cbit_lower, cbit_upper, -1,             /* alpha */
+  cbit_lower, -1,         -1,             /* lower */
+  cbit_upper, -1,         -1,             /* upper */
+  cbit_digit, cbit_lower, cbit_upper,     /* alnum */
+  cbit_print, cbit_cntrl, -1,             /* ascii */
+  cbit_cntrl, -1,         -1,             /* cntrl */
+  cbit_digit, -1,         -1,             /* digit */
+  cbit_graph, -1,         -1,             /* graph */
+  cbit_print, -1,         -1,             /* print */
+  cbit_punct, -1,         -1,             /* punct */
+  cbit_space, -1,         -1,             /* space */
+  cbit_word,  -1,         -1,             /* word */
+  cbit_xdigit,-1,         -1              /* xdigit */
+};
+
+
+/* Definition to allow mutual recursion */
+
+static BOOL
+  compile_regex(int, int, int *, uschar **, const uschar **, const char **,
+    BOOL, int, int *, int *, compile_data *);
+
+/* Structure for building a chain of data that actually lives on the
+stack, for holding the values of the subject pointer at the start of each
+subpattern, so as to detect when an empty string has been matched by a
+subpattern - to break infinite loops. */
+
+typedef struct eptrblock {
+  struct eptrblock *prev;
+  const uschar *saved_eptr;
+} eptrblock;
+
+/* Flag bits for the match() function */
+
+#define match_condassert   0x01    /* Called to check a condition assertion */
+#define match_isgroup      0x02    /* Set if start of bracketed group */
+
+
+
+/*************************************************
+*               Global variables                 *
+*************************************************/
+
+/* PCRE is thread-clean and doesn't use any global variables in the normal
+sense. However, it calls memory allocation and free functions via the two
+indirections below, which are can be changed by the caller, but are shared
+between all threads. */
+
+void *(*pcre_malloc)(size_t) = malloc;
+void  (*pcre_free)(void *) = free;
+
+
+
+/*************************************************
+*    Macros and tables for character handling    *
+*************************************************/
+
+/* When UTF-8 encoding is being used, a character is no longer just a single
+byte. The macros for character handling generate simple sequences when used in
+byte-mode, and more complicated ones for UTF-8 characters. */
+
+#ifndef SUPPORT_UTF8
+#define GETCHARINC(c, eptr) c = *eptr++;
+#define GETCHARLEN(c, eptr, len) c = *eptr;
+#define BACKCHAR(eptr)
+
+#else   /* SUPPORT_UTF8 */
+
+/* Get the next UTF-8 character, advancing the pointer */
+
+#define GETCHARINC(c, eptr) \
+  c = *eptr++; \
+  if (md->utf8 && (c & 0xc0) == 0xc0) \
+    { \
+    int a = utf8_table4[c & 0x3f];  /* Number of additional bytes */ \
+    int s = 6 - a;                  /* Amount to shift next byte */  \
+    c &= utf8_table3[a];            /* Low order bits from first byte */ \
+    while (a-- > 0) \
+      { \
+      c |= (*eptr++ & 0x3f) << s; \
+      s += 6; \
+      } \
+    }
+
+/* Get the next UTF-8 character, not advancing the pointer, setting length */
+
+#define GETCHARLEN(c, eptr, len) \
+  c = *eptr; \
+  len = 1; \
+  if (md->utf8 && (c & 0xc0) == 0xc0) \
+    { \
+    int i; \
+    int a = utf8_table4[c & 0x3f];  /* Number of additional bytes */ \
+    int s = 6 - a;                  /* Amount to shift next byte */  \
+    c &= utf8_table3[a];            /* Low order bits from first byte */ \
+    for (i = 1; i <= a; i++) \
+      { \
+      c |= (eptr[i] & 0x3f) << s; \
+      s += 6; \
+      } \
+    len += a; \
+    }
+
+/* If the pointer is not at the start of a character, move it back until
+it is. */
+
+#define BACKCHAR(eptr) while((*eptr & 0xc0) == 0x80) eptr--;
+
+#endif
+
+
+
+/*************************************************
+*             Default character tables           *
+*************************************************/
+
+/* A default set of character tables is included in the PCRE binary. Its source
+is built by the maketables auxiliary program, which uses the default C ctypes
+functions, and put in the file chartables.c. These tables are used by PCRE
+whenever the caller of pcre_compile() does not provide an alternate set of
+tables. */
+
+#include "chartables.c"
+
+
+
+#ifdef SUPPORT_UTF8
+/*************************************************
+*           Tables for UTF-8 support             *
+*************************************************/
+
+/* These are the breakpoints for different numbers of bytes in a UTF-8
+character. */
+
+static int utf8_table1[] = { 0x7f, 0x7ff, 0xffff, 0x1fffff, 0x3ffffff, 0x7fffffff};
+
+/* These are the indicator bits and the mask for the data bits to set in the
+first byte of a character, indexed by the number of additional bytes. */
+
+static int utf8_table2[] = { 0,    0xc0, 0xe0, 0xf0, 0xf8, 0xfc};
+static int utf8_table3[] = { 0xff, 0x1f, 0x0f, 0x07, 0x03, 0x01};
+
+/* Table of the number of extra characters, indexed by the first character
+masked with 0x3f. The highest number for a valid UTF-8 character is in fact
+0x3d. */
+
+static uschar utf8_table4[] = {
+  1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,
+  1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,
+  2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,2,
+  3,3,3,3,3,3,3,3,4,4,4,4,5,5,5,5 };
+
+
+/*************************************************
+*       Convert character value to UTF-8         *
+*************************************************/
+
+/* This function takes an integer value in the range 0 - 0x7fffffff
+and encodes it as a UTF-8 character in 0 to 6 bytes.
+
+Arguments:
+  cvalue     the character value
+  buffer     pointer to buffer for result - at least 6 bytes long
+
+Returns:     number of characters placed in the buffer
+*/
+
+static int
+ord2utf8(int cvalue, uschar *buffer)
+{
+register int i, j;
+for (i = 0; i < sizeof(utf8_table1)/sizeof(int); i++)
+  if (cvalue <= utf8_table1[i]) break;
+*buffer++ = utf8_table2[i] | (cvalue & utf8_table3[i]);
+cvalue >>= 6 - i;
+for (j = 0; j < i; j++)
+  {
+  *buffer++ = 0x80 | (cvalue & 0x3f);
+  cvalue >>= 6;
+  }
+return i + 1;
+}
+#endif
+
+
+
+/*************************************************
+*          Return version string                 *
+*************************************************/
+
+#define STRING(a)  # a
+#define XSTRING(s) STRING(s)
+
+const char *
+pcre_version(void)
+{
+return XSTRING(PCRE_MAJOR) "." XSTRING(PCRE_MINOR) " " XSTRING(PCRE_DATE);
+}
+
+
+
+
+/*************************************************
+* (Obsolete) Return info about compiled pattern  *
+*************************************************/
+
+/* This is the original "info" function. It picks potentially useful data out
+of the private structure, but its interface was too rigid. It remains for
+backwards compatibility. The public options are passed back in an int - though
+the re->options field has been expanded to a long int, all the public options
+at the low end of it, and so even on 16-bit systems this will still be OK.
+Therefore, I haven't changed the API for pcre_info().
+
+Arguments:
+  external_re   points to compiled code
+  optptr        where to pass back the options
+  first_char    where to pass back the first character,
+                or -1 if multiline and all branches start ^,
+                or -2 otherwise
+
+Returns:        number of capturing subpatterns
+                or negative values on error
+*/
+
+int
+pcre_info(const pcre *external_re, int *optptr, int *first_char)
+{
+const real_pcre *re = (const real_pcre *)external_re;
+if (re == NULL) return PCRE_ERROR_NULL;
+if (re->magic_number != MAGIC_NUMBER) return PCRE_ERROR_BADMAGIC;
+if (optptr != NULL) *optptr = (int)(re->options & PUBLIC_OPTIONS);
+if (first_char != NULL)
+  *first_char = ((re->options & PCRE_FIRSTSET) != 0)? re->first_char :
+     ((re->options & PCRE_STARTLINE) != 0)? -1 : -2;
+return re->top_bracket;
+}
+
+
+
+/*************************************************
+*        Return info about compiled pattern      *
+*************************************************/
+
+/* This is a newer "info" function which has an extensible interface so
+that additional items can be added compatibly.
+
+Arguments:
+  external_re      points to compiled code
+  external_study   points to study data, or NULL
+  what             what information is required
+  where            where to put the information
+
+Returns:           0 if data returned, negative on error
+*/
+
+int
+pcre_fullinfo(const pcre *external_re, const pcre_extra *study_data, int what,
+  void *where)
+{
+const real_pcre *re = (const real_pcre *)external_re;
+const real_pcre_extra *study = (const real_pcre_extra *)study_data;
+
+if (re == NULL || where == NULL) return PCRE_ERROR_NULL;
+if (re->magic_number != MAGIC_NUMBER) return PCRE_ERROR_BADMAGIC;
+
+switch (what)
+  {
+  case PCRE_INFO_OPTIONS:
+  *((unsigned long int *)where) = re->options & PUBLIC_OPTIONS;
+  break;
+
+  case PCRE_INFO_SIZE:
+  *((size_t *)where) = re->size;
+  break;
+
+  case PCRE_INFO_CAPTURECOUNT:
+  *((int *)where) = re->top_bracket;
+  break;
+
+  case PCRE_INFO_BACKREFMAX:
+  *((int *)where) = re->top_backref;
+  break;
+
+  case PCRE_INFO_FIRSTCHAR:
+  *((int *)where) =
+    ((re->options & PCRE_FIRSTSET) != 0)? re->first_char :
+    ((re->options & PCRE_STARTLINE) != 0)? -1 : -2;
+  break;
+
+  case PCRE_INFO_FIRSTTABLE:
+  *((const uschar **)where) =
+    (study != NULL && (study->options & PCRE_STUDY_MAPPED) != 0)?
+      study->start_bits : NULL;
+  break;
+
+  case PCRE_INFO_LASTLITERAL:
+  *((int *)where) =
+    ((re->options & PCRE_REQCHSET) != 0)? re->req_char : -1;
+  break;
+
+  default: return PCRE_ERROR_BADOPTION;
+  }
+
+return 0;
+}
+
+
+
+#ifdef DEBUG
+/*************************************************
+*        Debugging function to print chars       *
+*************************************************/
+
+/* Print a sequence of chars in printable format, stopping at the end of the
+subject if the requested.
+
+Arguments:
+  p           points to characters
+  length      number to print
+  is_subject  TRUE if printing from within md->start_subject
+  md          pointer to matching data block, if is_subject is TRUE
+
+Returns:     nothing
+*/
+
+static void
+pchars(const uschar *p, int length, BOOL is_subject, match_data *md)
+{
+int c;
+if (is_subject && length > md->end_subject - p) length = md->end_subject - p;
+while (length-- > 0)
+  if (isprint(c = *(p++))) printf("%c", c); else printf("\\x%02x", c);
+}
+#endif
+
+
+
+
+/*************************************************
+*            Handle escapes                      *
+*************************************************/
+
+/* This function is called when a \ has been encountered. It either returns a
+positive value for a simple escape such as \n, or a negative value which
+encodes one of the more complicated things such as \d. When UTF-8 is enabled,
+a positive value greater than 255 may be returned. On entry, ptr is pointing at
+the \. On exit, it is on the final character of the escape sequence.
+
+Arguments:
+  ptrptr     points to the pattern position pointer
+  errorptr   points to the pointer to the error message
+  bracount   number of previous extracting brackets
+  options    the options bits
+  isclass    TRUE if inside a character class
+  cd         pointer to char tables block
+
+Returns:     zero or positive => a data character
+             negative => a special escape sequence
+             on error, errorptr is set
+*/
+
+static int
+check_escape(const uschar **ptrptr, const char **errorptr, int bracount,
+  int options, BOOL isclass, compile_data *cd)
+{
+const uschar *ptr = *ptrptr;
+int c, i;
+
+/* If backslash is at the end of the pattern, it's an error. */
+
+c = *(++ptr);
+if (c == 0) *errorptr = ERR1;
+
+/* Digits or letters may have special meaning; all others are literals. */
+
+else if (c < '0' || c > 'z') {}
+
+/* Do an initial lookup in a table. A non-zero result is something that can be
+returned immediately. Otherwise further processing may be required. */
+
+else if ((i = escapes[c - '0']) != 0) c = i;
+
+/* Escapes that need further processing, or are illegal. */
+
+else
+  {
+  const uschar *oldptr;
+  switch (c)
+    {
+    /* The handling of escape sequences consisting of a string of digits
+    starting with one that is not zero is not straightforward. By experiment,
+    the way Perl works seems to be as follows:
+
+    Outside a character class, the digits are read as a decimal number. If the
+    number is less than 10, or if there are that many previous extracting
+    left brackets, then it is a back reference. Otherwise, up to three octal
+    digits are read to form an escaped byte. Thus \123 is likely to be octal
+    123 (cf \0123, which is octal 012 followed by the literal 3). If the octal
+    value is greater than 377, the least significant 8 bits are taken. Inside a
+    character class, \ followed by a digit is always an octal number. */
+
+    case '1': case '2': case '3': case '4': case '5':
+    case '6': case '7': case '8': case '9':
+
+    if (!isclass)
+      {
+      oldptr = ptr;
+      c -= '0';
+      while ((cd->ctypes[ptr[1]] & ctype_digit) != 0)
+        c = c * 10 + *(++ptr) - '0';
+      if (c < 10 || c <= bracount)
+        {
+        c = -(ESC_REF + c);
+        break;
+        }
+      ptr = oldptr;      /* Put the pointer back and fall through */
+      }
+
+    /* Handle an octal number following \. If the first digit is 8 or 9, Perl
+    generates a binary zero byte and treats the digit as a following literal.
+    Thus we have to pull back the pointer by one. */
+
+    if ((c = *ptr) >= '8')
+      {
+      ptr--;
+      c = 0;
+      break;
+      }
+
+    /* \0 always starts an octal number, but we may drop through to here with a
+    larger first octal digit. */
+
+    case '0':
+    c -= '0';
+    while(i++ < 2 && (cd->ctypes[ptr[1]] & ctype_digit) != 0 &&
+      ptr[1] != '8' && ptr[1] != '9')
+        c = c * 8 + *(++ptr) - '0';
+    c &= 255;     /* Take least significant 8 bits */
+    break;
+
+    /* \x is complicated when UTF-8 is enabled. \x{ddd} is a character number
+    which can be greater than 0xff, but only if the ddd are hex digits. */
+
+    case 'x':
+#ifdef SUPPORT_UTF8
+    if (ptr[1] == '{' && (options & PCRE_UTF8) != 0)
+      {
+      const uschar *pt = ptr + 2;
+      register int count = 0;
+      c = 0;
+      while ((cd->ctypes[*pt] & ctype_xdigit) != 0)
+        {
+        count++;
+        c = c * 16 + cd->lcc[*pt] -
+          (((cd->ctypes[*pt] & ctype_digit) != 0)? '0' : 'W');
+        pt++;
+        }
+      if (*pt == '}')
+        {
+        if (c < 0 || count > 8) *errorptr = ERR34;
+        ptr = pt;
+        break;
+        }
+      /* If the sequence of hex digits does not end with '}', then we don't
+      recognize this construct; fall through to the normal \x handling. */
+      }
+#endif
+
+    /* Read just a single hex char */
+
+    c = 0;
+    while (i++ < 2 && (cd->ctypes[ptr[1]] & ctype_xdigit) != 0)
+      {
+      ptr++;
+      c = c * 16 + cd->lcc[*ptr] -
+        (((cd->ctypes[*ptr] & ctype_digit) != 0)? '0' : 'W');
+      }
+    break;
+
+    /* Other special escapes not starting with a digit are straightforward */
+
+    case 'c':
+    c = *(++ptr);
+    if (c == 0)
+      {
+      *errorptr = ERR2;
+      return 0;
+      }
+
+    /* A letter is upper-cased; then the 0x40 bit is flipped */
+
+    if (c >= 'a' && c <= 'z') c = cd->fcc[c];
+    c ^= 0x40;
+    break;
+
+    /* PCRE_EXTRA enables extensions to Perl in the matter of escapes. Any
+    other alphameric following \ is an error if PCRE_EXTRA was set; otherwise,
+    for Perl compatibility, it is a literal. This code looks a bit odd, but
+    there used to be some cases other than the default, and there may be again
+    in future, so I haven't "optimized" it. */
+
+    default:
+    if ((options & PCRE_EXTRA) != 0) switch(c)
+      {
+      default:
+      *errorptr = ERR3;
+      break;
+      }
+    break;
+    }
+  }
+
+*ptrptr = ptr;
+return c;
+}
+
+
+
+/*************************************************
+*            Check for counted repeat            *
+*************************************************/
+
+/* This function is called when a '{' is encountered in a place where it might
+start a quantifier. It looks ahead to see if it really is a quantifier or not.
+It is only a quantifier if it is one of the forms {ddd} {ddd,} or {ddd,ddd}
+where the ddds are digits.
+
+Arguments:
+  p         pointer to the first char after '{'
+  cd        pointer to char tables block
+
+Returns:    TRUE or FALSE
+*/
+
+static BOOL
+is_counted_repeat(const uschar *p, compile_data *cd)
+{
+if ((cd->ctypes[*p++] & ctype_digit) == 0) return FALSE;
+while ((cd->ctypes[*p] & ctype_digit) != 0) p++;
+if (*p == '}') return TRUE;
+
+if (*p++ != ',') return FALSE;
+if (*p == '}') return TRUE;
+
+if ((cd->ctypes[*p++] & ctype_digit) == 0) return FALSE;
+while ((cd->ctypes[*p] & ctype_digit) != 0) p++;
+return (*p == '}');
+}
+
+
+
+/*************************************************
+*         Read repeat counts                     *
+*************************************************/
+
+/* Read an item of the form {n,m} and return the values. This is called only
+after is_counted_repeat() has confirmed that a repeat-count quantifier exists,
+so the syntax is guaranteed to be correct, but we need to check the values.
+
+Arguments:
+  p          pointer to first char after '{'
+  minp       pointer to int for min
+  maxp       pointer to int for max
+             returned as -1 if no max
+  errorptr   points to pointer to error message
+  cd         pointer to character tables clock
+
+Returns:     pointer to '}' on success;
+             current ptr on error, with errorptr set
+*/
+
+static const uschar *
+read_repeat_counts(const uschar *p, int *minp, int *maxp,
+  const char **errorptr, compile_data *cd)
+{
+int min = 0;
+int max = -1;
+
+while ((cd->ctypes[*p] & ctype_digit) != 0) min = min * 10 + *p++ - '0';
+
+if (*p == '}') max = min; else
+  {
+  if (*(++p) != '}')
+    {
+    max = 0;
+    while((cd->ctypes[*p] & ctype_digit) != 0) max = max * 10 + *p++ - '0';
+    if (max < min)
+      {
+      *errorptr = ERR4;
+      return p;
+      }
+    }
+  }
+
+/* Do paranoid checks, then fill in the required variables, and pass back the
+pointer to the terminating '}'. */
+
+if (min > 65535 || max > 65535)
+  *errorptr = ERR5;
+else
+  {
+  *minp = min;
+  *maxp = max;
+  }
+return p;
+}
+
+
+
+/*************************************************
+*        Find the fixed length of a pattern      *
+*************************************************/
+
+/* Scan a pattern and compute the fixed length of subject that will match it,
+if the length is fixed. This is needed for dealing with backward assertions.
+
+Arguments:
+  code     points to the start of the pattern (the bracket)
+  options  the compiling options
+
+Returns:   the fixed length, or -1 if there is no fixed length
+*/
+
+static int
+find_fixedlength(uschar *code, int options)
+{
+int length = -1;
+
+register int branchlength = 0;
+register uschar *cc = code + 3;
+
+/* Scan along the opcodes for this branch. If we get to the end of the
+branch, check the length against that of the other branches. */
+
+for (;;)
+  {
+  int d;
+  register int op = *cc;
+  if (op >= OP_BRA) op = OP_BRA;
+
+  switch (op)
+    {
+    case OP_BRA:
+    case OP_ONCE:
+    case OP_COND:
+    d = find_fixedlength(cc, options);
+    if (d < 0) return -1;
+    branchlength += d;
+    do cc += (cc[1] << 8) + cc[2]; while (*cc == OP_ALT);
+    cc += 3;
+    break;
+
+    /* Reached end of a branch; if it's a ket it is the end of a nested
+    call. If it's ALT it is an alternation in a nested call. If it is
+    END it's the end of the outer call. All can be handled by the same code. */
+
+    case OP_ALT:
+    case OP_KET:
+    case OP_KETRMAX:
+    case OP_KETRMIN:
+    case OP_END:
+    if (length < 0) length = branchlength;
+      else if (length != branchlength) return -1;
+    if (*cc != OP_ALT) return length;
+    cc += 3;
+    branchlength = 0;
+    break;
+
+    /* Skip over assertive subpatterns */
+
+    case OP_ASSERT:
+    case OP_ASSERT_NOT:
+    case OP_ASSERTBACK:
+    case OP_ASSERTBACK_NOT:
+    do cc += (cc[1] << 8) + cc[2]; while (*cc == OP_ALT);
+    cc += 3;
+    break;
+
+    /* Skip over things that don't match chars */
+
+    case OP_REVERSE:
+    cc++;
+    /* Fall through */
+
+    case OP_CREF:
+    case OP_OPT:
+    cc++;
+    /* Fall through */
+
+    case OP_SOD:
+    case OP_EOD:
+    case OP_EODN:
+    case OP_CIRC:
+    case OP_DOLL:
+    case OP_NOT_WORD_BOUNDARY:
+    case OP_WORD_BOUNDARY:
+    cc++;
+    break;
+
+    /* Handle char strings. In UTF-8 mode we must count characters, not bytes.
+    This requires a scan of the string, unfortunately. We assume valid UTF-8
+    strings, so all we do is reduce the length by one for byte whose bits are
+    10xxxxxx. */
+
+    case OP_CHARS:
+    branchlength += *(++cc);
+#ifdef SUPPORT_UTF8
+    for (d = 1; d <= *cc; d++)
+      if ((cc[d] & 0xc0) == 0x80) branchlength--;
+#endif
+    cc += *cc + 1;
+    break;
+
+    /* Handle exact repetitions */
+
+    case OP_EXACT:
+    case OP_TYPEEXACT:
+    branchlength += (cc[1] << 8) + cc[2];
+    cc += 4;
+    break;
+
+    /* Handle single-char matchers */
+
+    case OP_NOT_DIGIT:
+    case OP_DIGIT:
+    case OP_NOT_WHITESPACE:
+    case OP_WHITESPACE:
+    case OP_NOT_WORDCHAR:
+    case OP_WORDCHAR:
+    case OP_ANY:
+    branchlength++;
+    cc++;
+    break;
+
+
+    /* Check a class for variable quantification */
+
+    case OP_CLASS:
+    cc += (*cc == OP_REF)? 2 : 33;
+
+    switch (*cc)
+      {
+      case OP_CRSTAR:
+      case OP_CRMINSTAR:
+      case OP_CRQUERY:
+      case OP_CRMINQUERY:
+      return -1;
+
+      case OP_CRRANGE:
+      case OP_CRMINRANGE:
+      if ((cc[1] << 8) + cc[2] != (cc[3] << 8) + cc[4]) return -1;
+      branchlength += (cc[1] << 8) + cc[2];
+      cc += 5;
+      break;
+
+      default:
+      branchlength++;
+      }
+    break;
+
+    /* Anything else is variable length */
+
+    default:
+    return -1;
+    }
+  }
+/* Control never gets here */
+}
+
+
+
+
+/*************************************************
+*           Check for POSIX class syntax         *
+*************************************************/
+
+/* This function is called when the sequence "[:" or "[." or "[=" is
+encountered in a character class. It checks whether this is followed by an
+optional ^ and then a sequence of letters, terminated by a matching ":]" or
+".]" or "=]".
+
+Argument:
+  ptr      pointer to the initial [
+  endptr   where to return the end pointer
+  cd       pointer to compile data
+
+Returns:   TRUE or FALSE
+*/
+
+static BOOL
+check_posix_syntax(const uschar *ptr, const uschar **endptr, compile_data *cd)
+{
+int terminator;          /* Don't combine these lines; the Solaris cc */
+terminator = *(++ptr);   /* compiler warns about "non-constant" initializer. */
+if (*(++ptr) == '^') ptr++;
+while ((cd->ctypes[*ptr] & ctype_letter) != 0) ptr++;
+if (*ptr == terminator && ptr[1] == ']')
+  {
+  *endptr = ptr;
+  return TRUE;
+  }
+return FALSE;
+}
+
+
+
+
+/*************************************************
+*          Check POSIX class name                *
+*************************************************/
+
+/* This function is called to check the name given in a POSIX-style class entry
+such as [:alnum:].
+
+Arguments:
+  ptr        points to the first letter
+  len        the length of the name
+
+Returns:     a value representing the name, or -1 if unknown
+*/
+
+static int
+check_posix_name(const uschar *ptr, int len)
+{
+register int yield = 0;
+while (posix_name_lengths[yield] != 0)
+  {
+  if (len == posix_name_lengths[yield] &&
+    strncmp((const char *)ptr, posix_names[yield], len) == 0) return yield;
+  yield++;
+  }
+return -1;
+}
+
+
+
+
+/*************************************************
+*           Compile one branch                   *
+*************************************************/
+
+/* Scan the pattern, compiling it into the code vector.
+
+Arguments:
+  options      the option bits
+  brackets     points to number of brackets used
+  code         points to the pointer to the current code point
+  ptrptr       points to the current pattern pointer
+  errorptr     points to pointer to error message
+  optchanged   set to the value of the last OP_OPT item compiled
+  reqchar      set to the last literal character required, else -1
+  countlits    set to count of mandatory literal characters
+  cd           contains pointers to tables
+
+Returns:       TRUE on success
+               FALSE, with *errorptr set on error
+*/
+
+static BOOL
+compile_branch(int options, int *brackets, uschar **codeptr,
+  const uschar **ptrptr, const char **errorptr, int *optchanged,
+  int *reqchar, int *countlits, compile_data *cd)
+{
+int repeat_type, op_type;
+int repeat_min, repeat_max;
+int bravalue, length;
+int greedy_default, greedy_non_default;
+int prevreqchar;
+int condcount = 0;
+int subcountlits = 0;
+register int c;
+register uschar *code = *codeptr;
+uschar *tempcode;
+const uschar *ptr = *ptrptr;
+const uschar *tempptr;
+uschar *previous = NULL;
+uschar class[32];
+
+/* Set up the default and non-default settings for greediness */
+
+greedy_default = ((options & PCRE_UNGREEDY) != 0);
+greedy_non_default = greedy_default ^ 1;
+
+/* Initialize no required char, and count of literals */
+
+*reqchar = prevreqchar = -1;
+*countlits = 0;
+
+/* Switch on next character until the end of the branch */
+
+for (;; ptr++)
+  {
+  BOOL negate_class;
+  int class_charcount;
+  int class_lastchar;
+  int newoptions;
+  int condref;
+  int subreqchar;
+
+  c = *ptr;
+  if ((options & PCRE_EXTENDED) != 0)
+    {
+    if ((cd->ctypes[c] & ctype_space) != 0) continue;
+    if (c == '#')
+      {
+      /* The space before the ; is to avoid a warning on a silly compiler
+      on the Macintosh. */
+      while ((c = *(++ptr)) != 0 && c != '\n') ;
+      continue;
+      }
+    }
+
+  switch(c)
+    {
+    /* The branch terminates at end of string, |, or ). */
+
+    case 0:
+    case '|':
+    case ')':
+    *codeptr = code;
+    *ptrptr = ptr;
+    return TRUE;
+
+    /* Handle single-character metacharacters */
+
+    case '^':
+    previous = NULL;
+    *code++ = OP_CIRC;
+    break;
+
+    case '$':
+    previous = NULL;
+    *code++ = OP_DOLL;
+    break;
+
+    case '.':
+    previous = code;
+    *code++ = OP_ANY;
+    break;
+
+    /* Character classes. These always build a 32-byte bitmap of the permitted
+    characters, except in the special case where there is only one character.
+    For negated classes, we build the map as usual, then invert it at the end.
+    */
+
+    case '[':
+    previous = code;
+    *code++ = OP_CLASS;
+
+    /* If the first character is '^', set the negation flag and skip it. */
+
+    if ((c = *(++ptr)) == '^')
+      {
+      negate_class = TRUE;
+      c = *(++ptr);
+      }
+    else negate_class = FALSE;
+
+    /* Keep a count of chars so that we can optimize the case of just a single
+    character. */
+
+    class_charcount = 0;
+    class_lastchar = -1;
+
+    /* Initialize the 32-char bit map to all zeros. We have to build the
+    map in a temporary bit of store, in case the class contains only 1
+    character, because in that case the compiled code doesn't use the
+    bit map. */
+
+    memset(class, 0, 32 * sizeof(uschar));
+
+    /* Process characters until ] is reached. By writing this as a "do" it
+    means that an initial ] is taken as a data character. */
+
+    do
+      {
+      if (c == 0)
+        {
+        *errorptr = ERR6;
+        goto FAILED;
+        }
+
+      /* Handle POSIX class names. Perl allows a negation extension of the
+      form [:^name]. A square bracket that doesn't match the syntax is
+      treated as a literal. We also recognize the POSIX constructions
+      [.ch.] and [=ch=] ("collating elements") and fault them, as Perl
+      5.6 does. */
+
+      if (c == '[' &&
+          (ptr[1] == ':' || ptr[1] == '.' || ptr[1] == '=') &&
+          check_posix_syntax(ptr, &tempptr, cd))
+        {
+        BOOL local_negate = FALSE;
+        int posix_class, i;
+        register const uschar *cbits = cd->cbits;
+
+        if (ptr[1] != ':')
+          {
+          *errorptr = ERR31;
+          goto FAILED;
+          }
+
+        ptr += 2;
+        if (*ptr == '^')
+          {
+          local_negate = TRUE;
+          ptr++;
+          }
+
+        posix_class = check_posix_name(ptr, tempptr - ptr);
+        if (posix_class < 0)
+          {
+          *errorptr = ERR30;
+          goto FAILED;
+          }
+
+        /* If matching is caseless, upper and lower are converted to
+        alpha. This relies on the fact that the class table starts with
+        alpha, lower, upper as the first 3 entries. */
+
+        if ((options & PCRE_CASELESS) != 0 && posix_class <= 2)
+          posix_class = 0;
+
+        /* Or into the map we are building up to 3 of the static class
+        tables, or their negations. */
+
+        posix_class *= 3;
+        for (i = 0; i < 3; i++)
+          {
+          int taboffset = posix_class_maps[posix_class + i];
+          if (taboffset < 0) break;
+          if (local_negate)
+            for (c = 0; c < 32; c++) class[c] |= ~cbits[c+taboffset];
+          else
+            for (c = 0; c < 32; c++) class[c] |= cbits[c+taboffset];
+          }
+
+        ptr = tempptr + 1;
+        class_charcount = 10;  /* Set > 1; assumes more than 1 per class */
+        continue;
+        }
+
+      /* Backslash may introduce a single character, or it may introduce one
+      of the specials, which just set a flag. Escaped items are checked for
+      validity in the pre-compiling pass. The sequence \b is a special case.
+      Inside a class (and only there) it is treated as backspace. Elsewhere
+      it marks a word boundary. Other escapes have preset maps ready to
+      or into the one we are building. We assume they have more than one
+      character in them, so set class_count bigger than one. */
+
+      if (c == '\\')
+        {
+        c = check_escape(&ptr, errorptr, *brackets, options, TRUE, cd);
+        if (-c == ESC_b) c = '\b';
+        else if (c < 0)
+          {
+          register const uschar *cbits = cd->cbits;
+          class_charcount = 10;
+          switch (-c)
+            {
+            case ESC_d:
+            for (c = 0; c < 32; c++) class[c] |= cbits[c+cbit_digit];
+            continue;
+
+            case ESC_D:
+            for (c = 0; c < 32; c++) class[c] |= ~cbits[c+cbit_digit];
+            continue;
+
+            case ESC_w:
+            for (c = 0; c < 32; c++) class[c] |= cbits[c+cbit_word];
+            continue;
+
+            case ESC_W:
+            for (c = 0; c < 32; c++) class[c] |= ~cbits[c+cbit_word];
+            continue;
+
+            case ESC_s:
+            for (c = 0; c < 32; c++) class[c] |= cbits[c+cbit_space];
+            continue;
+
+            case ESC_S:
+            for (c = 0; c < 32; c++) class[c] |= ~cbits[c+cbit_space];
+            continue;
+
+            default:
+            *errorptr = ERR7;
+            goto FAILED;
+            }
+          }
+
+        /* Fall through if single character, but don't at present allow
+        chars > 255 in UTF-8 mode. */
+
+#ifdef SUPPORT_UTF8
+        if (c > 255)
+          {
+          *errorptr = ERR33;
+          goto FAILED;
+          }
+#endif
+        }
+
+      /* A single character may be followed by '-' to form a range. However,
+      Perl does not permit ']' to be the end of the range. A '-' character
+      here is treated as a literal. */
+
+      if (ptr[1] == '-' && ptr[2] != ']')
+        {
+        int d;
+        ptr += 2;
+        d = *ptr;
+
+        if (d == 0)
+          {
+          *errorptr = ERR6;
+          goto FAILED;
+          }
+
+        /* The second part of a range can be a single-character escape, but
+        not any of the other escapes. Perl 5.6 treats a hyphen as a literal
+        in such circumstances. */
+
+        if (d == '\\')
+          {
+          const uschar *oldptr = ptr;
+          d = check_escape(&ptr, errorptr, *brackets, options, TRUE, cd);
+
+#ifdef SUPPORT_UTF8
+          if (d > 255)
+            {
+            *errorptr = ERR33;
+            goto FAILED;
+            }
+#endif
+          /* \b is backslash; any other special means the '-' was literal */
+
+          if (d < 0)
+            {
+            if (d == -ESC_b) d = '\b'; else
+              {
+              ptr = oldptr - 2;
+              goto SINGLE_CHARACTER;  /* A few lines below */
+              }
+            }
+          }
+
+        if (d < c)
+          {
+          *errorptr = ERR8;
+          goto FAILED;
+          }
+
+        for (; c <= d; c++)
+          {
+          class[c/8] |= (1 << (c&7));
+          if ((options & PCRE_CASELESS) != 0)
+            {
+            int uc = cd->fcc[c];           /* flip case */
+            class[uc/8] |= (1 << (uc&7));
+            }
+          class_charcount++;                /* in case a one-char range */
+          class_lastchar = c;
+          }
+        continue;   /* Go get the next char in the class */
+        }
+
+      /* Handle a lone single character - we can get here for a normal
+      non-escape char, or after \ that introduces a single character. */
+
+      SINGLE_CHARACTER:
+
+      class [c/8] |= (1 << (c&7));
+      if ((options & PCRE_CASELESS) != 0)
+        {
+        c = cd->fcc[c];   /* flip case */
+        class[c/8] |= (1 << (c&7));
+        }
+      class_charcount++;
+      class_lastchar = c;
+      }
+
+    /* Loop until ']' reached; the check for end of string happens inside the
+    loop. This "while" is the end of the "do" above. */
+
+    while ((c = *(++ptr)) != ']');
+
+    /* If class_charcount is 1 and class_lastchar is not negative, we saw
+    precisely one character. This doesn't need the whole 32-byte bit map.
+    We turn it into a 1-character OP_CHAR if it's positive, or OP_NOT if
+    it's negative. */
+
+    if (class_charcount == 1 && class_lastchar >= 0)
+      {
+      if (negate_class)
+        {
+        code[-1] = OP_NOT;
+        }
+      else
+        {
+        code[-1] = OP_CHARS;
+        *code++ = 1;
+        }
+      *code++ = class_lastchar;
+      }
+
+    /* Otherwise, negate the 32-byte map if necessary, and copy it into
+    the code vector. */
+
+    else
+      {
+      if (negate_class)
+        for (c = 0; c < 32; c++) code[c] = ~class[c];
+      else
+        memcpy(code, class, 32);
+      code += 32;
+      }
+    break;
+
+    /* Various kinds of repeat */
+
+    case '{':
+    if (!is_counted_repeat(ptr+1, cd)) goto NORMAL_CHAR;
+    ptr = read_repeat_counts(ptr+1, &repeat_min, &repeat_max, errorptr, cd);
+    if (*errorptr != NULL) goto FAILED;
+    goto REPEAT;
+
+    case '*':
+    repeat_min = 0;
+    repeat_max = -1;
+    goto REPEAT;
+
+    case '+':
+    repeat_min = 1;
+    repeat_max = -1;
+    goto REPEAT;
+
+    case '?':
+    repeat_min = 0;
+    repeat_max = 1;
+
+    REPEAT:
+    if (previous == NULL)
+      {
+      *errorptr = ERR9;
+      goto FAILED;
+      }
+
+    /* If the next character is '?' this is a minimizing repeat, by default,
+    but if PCRE_UNGREEDY is set, it works the other way round. Advance to the
+    next character. */
+
+    if (ptr[1] == '?')
+      { repeat_type = greedy_non_default; ptr++; }
+    else repeat_type = greedy_default;
+
+    /* If previous was a string of characters, chop off the last one and use it
+    as the subject of the repeat. If there was only one character, we can
+    abolish the previous item altogether. A repeat with a zero minimum wipes
+    out any reqchar setting, backing up to the previous value. We must also
+    adjust the countlits value. */
+
+    if (*previous == OP_CHARS)
+      {
+      int len = previous[1];
+
+      if (repeat_min == 0) *reqchar = prevreqchar;
+      *countlits += repeat_min - 1;
+
+      if (len == 1)
+        {
+        c = previous[2];
+        code = previous;
+        }
+      else
+        {
+        c = previous[len+1];
+        previous[1]--;
+        code--;
+        }
+      op_type = 0;                 /* Use single-char op codes */
+      goto OUTPUT_SINGLE_REPEAT;   /* Code shared with single character types */
+      }
+
+    /* If previous was a single negated character ([^a] or similar), we use
+    one of the special opcodes, replacing it. The code is shared with single-
+    character repeats by adding a suitable offset into repeat_type. */
+
+    else if ((int)*previous == OP_NOT)
+      {
+      op_type = OP_NOTSTAR - OP_STAR;  /* Use "not" opcodes */
+      c = previous[1];
+      code = previous;
+      goto OUTPUT_SINGLE_REPEAT;
+      }
+
+    /* If previous was a character type match (\d or similar), abolish it and
+    create a suitable repeat item. The code is shared with single-character
+    repeats by adding a suitable offset into repeat_type. */
+
+    else if ((int)*previous < OP_EODN || *previous == OP_ANY)
+      {
+      op_type = OP_TYPESTAR - OP_STAR;  /* Use type opcodes */
+      c = *previous;
+      code = previous;
+
+      OUTPUT_SINGLE_REPEAT:
+
+      /* If the maximum is zero then the minimum must also be zero; Perl allows
+      this case, so we do too - by simply omitting the item altogether. */
+
+      if (repeat_max == 0) goto END_REPEAT;
+
+      /* Combine the op_type with the repeat_type */
+
+      repeat_type += op_type;
+
+      /* A minimum of zero is handled either as the special case * or ?, or as
+      an UPTO, with the maximum given. */
+
+      if (repeat_min == 0)
+        {
+        if (repeat_max == -1) *code++ = OP_STAR + repeat_type;
+          else if (repeat_max == 1) *code++ = OP_QUERY + repeat_type;
+        else
+          {
+          *code++ = OP_UPTO + repeat_type;
+          *code++ = repeat_max >> 8;
+          *code++ = (repeat_max & 255);
+          }
+        }
+
+      /* The case {1,} is handled as the special case + */
+
+      else if (repeat_min == 1 && repeat_max == -1)
+        *code++ = OP_PLUS + repeat_type;
+
+      /* The case {n,n} is just an EXACT, while the general case {n,m} is
+      handled as an EXACT followed by an UPTO. An EXACT of 1 is optimized. */
+
+      else
+        {
+        if (repeat_min != 1)
+          {
+          *code++ = OP_EXACT + op_type;  /* NB EXACT doesn't have repeat_type */
+          *code++ = repeat_min >> 8;
+          *code++ = (repeat_min & 255);
+          }
+
+        /* If the mininum is 1 and the previous item was a character string,
+        we either have to put back the item that got cancelled if the string
+        length was 1, or add the character back onto the end of a longer
+        string. For a character type nothing need be done; it will just get
+        put back naturally. Note that the final character is always going to
+        get added below. */
+
+        else if (*previous == OP_CHARS)
+          {
+          if (code == previous) code += 2; else previous[1]++;
+          }
+
+        /*  For a single negated character we also have to put back the
+        item that got cancelled. */
+
+        else if (*previous == OP_NOT) code++;
+
+        /* If the maximum is unlimited, insert an OP_STAR. */
+
+        if (repeat_max < 0)
+          {
+          *code++ = c;
+          *code++ = OP_STAR + repeat_type;
+          }
+
+        /* Else insert an UPTO if the max is greater than the min. */
+
+        else if (repeat_max != repeat_min)
+          {
+          *code++ = c;
+          repeat_max -= repeat_min;
+          *code++ = OP_UPTO + repeat_type;
+          *code++ = repeat_max >> 8;
+          *code++ = (repeat_max & 255);
+          }
+        }
+
+      /* The character or character type itself comes last in all cases. */
+
+      *code++ = c;
+      }
+
+    /* If previous was a character class or a back reference, we put the repeat
+    stuff after it, but just skip the item if the repeat was {0,0}. */
+
+    else if (*previous == OP_CLASS || *previous == OP_REF)
+      {
+      if (repeat_max == 0)
+        {
+        code = previous;
+        goto END_REPEAT;
+        }
+      if (repeat_min == 0 && repeat_max == -1)
+        *code++ = OP_CRSTAR + repeat_type;
+      else if (repeat_min == 1 && repeat_max == -1)
+        *code++ = OP_CRPLUS + repeat_type;
+      else if (repeat_min == 0 && repeat_max == 1)
+        *code++ = OP_CRQUERY + repeat_type;
+      else
+        {
+        *code++ = OP_CRRANGE + repeat_type;
+        *code++ = repeat_min >> 8;
+        *code++ = repeat_min & 255;
+        if (repeat_max == -1) repeat_max = 0;  /* 2-byte encoding for max */
+        *code++ = repeat_max >> 8;
+        *code++ = repeat_max & 255;
+        }
+      }
+
+    /* If previous was a bracket group, we may have to replicate it in certain
+    cases. */
+
+    else if ((int)*previous >= OP_BRA || (int)*previous == OP_ONCE ||
+             (int)*previous == OP_COND)
+      {
+      register int i;
+      int ketoffset = 0;
+      int len = code - previous;
+      uschar *bralink = NULL;
+
+      /* If the maximum repeat count is unlimited, find the end of the bracket
+      by scanning through from the start, and compute the offset back to it
+      from the current code pointer. There may be an OP_OPT setting following
+      the final KET, so we can't find the end just by going back from the code
+      pointer. */
+
+      if (repeat_max == -1)
+        {
+        register uschar *ket = previous;
+        do ket += (ket[1] << 8) + ket[2]; while (*ket != OP_KET);
+        ketoffset = code - ket;
+        }
+
+      /* The case of a zero minimum is special because of the need to stick
+      OP_BRAZERO in front of it, and because the group appears once in the
+      data, whereas in other cases it appears the minimum number of times. For
+      this reason, it is simplest to treat this case separately, as otherwise
+      the code gets far too mess. There are several special subcases when the
+      minimum is zero. */
+
+      if (repeat_min == 0)
+        {
+        /* If we set up a required char from the bracket, we must back off
+        to the previous value and reset the countlits value too. */
+
+        if (subcountlits > 0)
+          {
+          *reqchar = prevreqchar;
+          *countlits -= subcountlits;
+          }
+
+        /* If the maximum is also zero, we just omit the group from the output
+        altogether. */
+
+        if (repeat_max == 0)
+          {
+          code = previous;
+          goto END_REPEAT;
+          }
+
+        /* If the maximum is 1 or unlimited, we just have to stick in the
+        BRAZERO and do no more at this point. */
+
+        if (repeat_max <= 1)
+          {
+          memmove(previous+1, previous, len);
+          code++;
+          *previous++ = OP_BRAZERO + repeat_type;
+          }
+
+        /* If the maximum is greater than 1 and limited, we have to replicate
+        in a nested fashion, sticking OP_BRAZERO before each set of brackets.
+        The first one has to be handled carefully because it's the original
+        copy, which has to be moved up. The remainder can be handled by code
+        that is common with the non-zero minimum case below. We just have to
+        adjust the value or repeat_max, since one less copy is required. */
+
+        else
+          {
+          int offset;
+          memmove(previous+4, previous, len);
+          code += 4;
+          *previous++ = OP_BRAZERO + repeat_type;
+          *previous++ = OP_BRA;
+
+          /* We chain together the bracket offset fields that have to be
+          filled in later when the ends of the brackets are reached. */
+
+          offset = (bralink == NULL)? 0 : previous - bralink;
+          bralink = previous;
+          *previous++ = offset >> 8;
+          *previous++ = offset & 255;
+          }
+
+        repeat_max--;
+        }
+
+      /* If the minimum is greater than zero, replicate the group as many
+      times as necessary, and adjust the maximum to the number of subsequent
+      copies that we need. */
+
+      else
+        {
+        for (i = 1; i < repeat_min; i++)
+          {
+          memcpy(code, previous, len);
+          code += len;
+          }
+        if (repeat_max > 0) repeat_max -= repeat_min;
+        }
+
+      /* This code is common to both the zero and non-zero minimum cases. If
+      the maximum is limited, it replicates the group in a nested fashion,
+      remembering the bracket starts on a stack. In the case of a zero minimum,
+      the first one was set up above. In all cases the repeat_max now specifies
+      the number of additional copies needed. */
+
+      if (repeat_max >= 0)
+        {
+        for (i = repeat_max - 1; i >= 0; i--)
+          {
+          *code++ = OP_BRAZERO + repeat_type;
+
+          /* All but the final copy start a new nesting, maintaining the
+          chain of brackets outstanding. */
+
+          if (i != 0)
+            {
+            int offset;
+            *code++ = OP_BRA;
+            offset = (bralink == NULL)? 0 : code - bralink;
+            bralink = code;
+            *code++ = offset >> 8;
+            *code++ = offset & 255;
+            }
+
+          memcpy(code, previous, len);
+          code += len;
+          }
+
+        /* Now chain through the pending brackets, and fill in their length
+        fields (which are holding the chain links pro tem). */
+
+        while (bralink != NULL)
+          {
+          int oldlinkoffset;
+          int offset = code - bralink + 1;
+          uschar *bra = code - offset;
+          oldlinkoffset = (bra[1] << 8) + bra[2];
+          bralink = (oldlinkoffset == 0)? NULL : bralink - oldlinkoffset;
+          *code++ = OP_KET;
+          *code++ = bra[1] = offset >> 8;
+          *code++ = bra[2] = (offset & 255);
+          }
+        }
+
+      /* If the maximum is unlimited, set a repeater in the final copy. We
+      can't just offset backwards from the current code point, because we
+      don't know if there's been an options resetting after the ket. The
+      correct offset was computed above. */
+
+      else code[-ketoffset] = OP_KETRMAX + repeat_type;
+      }
+
+    /* Else there's some kind of shambles */
+
+    else
+      {
+      *errorptr = ERR11;
+      goto FAILED;
+      }
+
+    /* In all case we no longer have a previous item. */
+
+    END_REPEAT:
+    previous = NULL;
+    break;
+
+
+    /* Start of nested bracket sub-expression, or comment or lookahead or
+    lookbehind or option setting or condition. First deal with special things
+    that can come after a bracket; all are introduced by ?, and the appearance
+    of any of them means that this is not a referencing group. They were
+    checked for validity in the first pass over the string, so we don't have to
+    check for syntax errors here.  */
+
+    case '(':
+    newoptions = options;
+    condref = -1;
+
+    if (*(++ptr) == '?')
+      {
+      int set, unset;
+      int *optset;
+
+      switch (*(++ptr))
+        {
+        case '#':                 /* Comment; skip to ket */
+        ptr++;
+        while (*ptr != ')') ptr++;
+        continue;
+
+        case ':':                 /* Non-extracting bracket */
+        bravalue = OP_BRA;
+        ptr++;
+        break;
+
+        case '(':
+        bravalue = OP_COND;       /* Conditional group */
+        if ((cd->ctypes[*(++ptr)] & ctype_digit) != 0)
+          {
+          condref = *ptr - '0';
+          while (*(++ptr) != ')') condref = condref*10 + *ptr - '0';
+          if (condref == 0)
+            {
+            *errorptr = ERR35;
+            goto FAILED;
+            }
+          ptr++;
+          }
+        else ptr--;
+        break;
+
+        case '=':                 /* Positive lookahead */
+        bravalue = OP_ASSERT;
+        ptr++;
+        break;
+
+        case '!':                 /* Negative lookahead */
+        bravalue = OP_ASSERT_NOT;
+        ptr++;
+        break;
+
+        case '<':                 /* Lookbehinds */
+        switch (*(++ptr))
+          {
+          case '=':               /* Positive lookbehind */
+          bravalue = OP_ASSERTBACK;
+          ptr++;
+          break;
+
+          case '!':               /* Negative lookbehind */
+          bravalue = OP_ASSERTBACK_NOT;
+          ptr++;
+          break;
+
+          default:                /* Syntax error */
+          *errorptr = ERR24;
+          goto FAILED;
+          }
+        break;
+
+        case '>':                 /* One-time brackets */
+        bravalue = OP_ONCE;
+        ptr++;
+        break;
+
+        case 'R':                 /* Pattern recursion */
+        *code++ = OP_RECURSE;
+        ptr++;
+        continue;
+
+        default:                  /* Option setting */
+        set = unset = 0;
+        optset = &set;
+
+        while (*ptr != ')' && *ptr != ':')
+          {
+          switch (*ptr++)
+            {
+            case '-': optset = &unset; break;
+
+            case 'i': *optset |= PCRE_CASELESS; break;
+            case 'm': *optset |= PCRE_MULTILINE; break;
+            case 's': *optset |= PCRE_DOTALL; break;
+            case 'x': *optset |= PCRE_EXTENDED; break;
+            case 'U': *optset |= PCRE_UNGREEDY; break;
+            case 'X': *optset |= PCRE_EXTRA; break;
+
+            default:
+            *errorptr = ERR12;
+            goto FAILED;
+            }
+          }
+
+        /* Set up the changed option bits, but don't change anything yet. */
+
+        newoptions = (options | set) & (~unset);
+
+        /* If the options ended with ')' this is not the start of a nested
+        group with option changes, so the options change at this level. At top
+        level there is nothing else to be done (the options will in fact have
+        been set from the start of compiling as a result of the first pass) but
+        at an inner level we must compile code to change the ims options if
+        necessary, and pass the new setting back so that it can be put at the
+        start of any following branches, and when this group ends, a resetting
+        item can be compiled. */
+
+        if (*ptr == ')')
+          {
+          if ((options & PCRE_INGROUP) != 0 &&
+              (options & PCRE_IMS) != (newoptions & PCRE_IMS))
+            {
+            *code++ = OP_OPT;
+            *code++ = *optchanged = newoptions & PCRE_IMS;
+            }
+          options = newoptions;  /* Change options at this level */
+          previous = NULL;       /* This item can't be repeated */
+          continue;              /* It is complete */
+          }
+
+        /* If the options ended with ':' we are heading into a nested group
+        with possible change of options. Such groups are non-capturing and are
+        not assertions of any kind. All we need to do is skip over the ':';
+        the newoptions value is handled below. */
+
+        bravalue = OP_BRA;
+        ptr++;
+        }
+      }
+
+    /* Else we have a referencing group; adjust the opcode. */
+
+    else
+      {
+      if (++(*brackets) > EXTRACT_MAX)
+        {
+        *errorptr = ERR13;
+        goto FAILED;
+        }
+      bravalue = OP_BRA + *brackets;
+      }
+
+    /* Process nested bracketed re. Assertions may not be repeated, but other
+    kinds can be. We copy code into a non-register variable in order to be able
+    to pass its address because some compilers complain otherwise. Pass in a
+    new setting for the ims options if they have changed. */
+
+    previous = (bravalue >= OP_ONCE)? code : NULL;
+    *code = bravalue;
+    tempcode = code;
+
+    if (!compile_regex(
+         options | PCRE_INGROUP,       /* Set for all nested groups */
+         ((options & PCRE_IMS) != (newoptions & PCRE_IMS))?
+           newoptions & PCRE_IMS : -1, /* Pass ims options if changed */
+         brackets,                     /* Bracket level */
+         &tempcode,                    /* Where to put code (updated) */
+         &ptr,                         /* Input pointer (updated) */
+         errorptr,                     /* Where to put an error message */
+         (bravalue == OP_ASSERTBACK ||
+          bravalue == OP_ASSERTBACK_NOT), /* TRUE if back assert */
+         condref,                      /* Condition reference number */
+         &subreqchar,                  /* For possible last char */
+         &subcountlits,                /* For literal count */
+         cd))                          /* Tables block */
+      goto FAILED;
+
+    /* At the end of compiling, code is still pointing to the start of the
+    group, while tempcode has been updated to point past the end of the group
+    and any option resetting that may follow it. The pattern pointer (ptr)
+    is on the bracket. */
+
+    /* If this is a conditional bracket, check that there are no more than
+    two branches in the group. */
+
+    if (bravalue == OP_COND)
+      {
+      uschar *tc = code;
+      condcount = 0;
+
+      do {
+         condcount++;
+         tc += (tc[1] << 8) | tc[2];
+         }
+      while (*tc != OP_KET);
+
+      if (condcount > 2)
+        {
+        *errorptr = ERR27;
+        goto FAILED;
+        }
+      }
+
+    /* Handle updating of the required character. If the subpattern didn't
+    set one, leave it as it was. Otherwise, update it for normal brackets of
+    all kinds, forward assertions, and conditions with two branches. Don't
+    update the literal count for forward assertions, however. If the bracket
+    is followed by a quantifier with zero repeat, we have to back off. Hence
+    the definition of prevreqchar and subcountlits outside the main loop so
+    that they can be accessed for the back off. */
+
+    if (subreqchar > 0 &&
+         (bravalue >= OP_BRA || bravalue == OP_ONCE || bravalue == OP_ASSERT ||
+         (bravalue == OP_COND && condcount == 2)))
+      {
+      prevreqchar = *reqchar;
+      *reqchar = subreqchar;
+      if (bravalue != OP_ASSERT) *countlits += subcountlits;
+      }
+
+    /* Now update the main code pointer to the end of the group. */
+
+    code = tempcode;
+
+    /* Error if hit end of pattern */
+
+    if (*ptr != ')')
+      {
+      *errorptr = ERR14;
+      goto FAILED;
+      }
+    break;
+
+    /* Check \ for being a real metacharacter; if not, fall through and handle
+    it as a data character at the start of a string. Escape items are checked
+    for validity in the pre-compiling pass. */
+
+    case '\\':
+    tempptr = ptr;
+    c = check_escape(&ptr, errorptr, *brackets, options, FALSE, cd);
+
+    /* Handle metacharacters introduced by \. For ones like \d, the ESC_ values
+    are arranged to be the negation of the corresponding OP_values. For the
+    back references, the values are ESC_REF plus the reference number. Only
+    back references and those types that consume a character may be repeated.
+    We can test for values between ESC_b and ESC_Z for the latter; this may
+    have to change if any new ones are ever created. */
+
+    if (c < 0)
+      {
+      if (-c >= ESC_REF)
+        {
+        previous = code;
+        *code++ = OP_REF;
+        *code++ = -c - ESC_REF;
+        }
+      else
+        {
+        previous = (-c > ESC_b && -c < ESC_Z)? code : NULL;
+        *code++ = -c;
+        }
+      continue;
+      }
+
+    /* Data character: reset and fall through */
+
+    ptr = tempptr;
+    c = '\\';
+
+    /* Handle a run of data characters until a metacharacter is encountered.
+    The first character is guaranteed not to be whitespace or # when the
+    extended flag is set. */
+
+    NORMAL_CHAR:
+    default:
+    previous = code;
+    *code = OP_CHARS;
+    code += 2;
+    length = 0;
+
+    do
+      {
+      if ((options & PCRE_EXTENDED) != 0)
+        {
+        if ((cd->ctypes[c] & ctype_space) != 0) continue;
+        if (c == '#')
+          {
+          /* The space before the ; is to avoid a warning on a silly compiler
+          on the Macintosh. */
+          while ((c = *(++ptr)) != 0 && c != '\n') ;
+          if (c == 0) break;
+          continue;
+          }
+        }
+
+      /* Backslash may introduce a data char or a metacharacter. Escaped items
+      are checked for validity in the pre-compiling pass. Stop the string
+      before a metaitem. */
+
+      if (c == '\\')
+        {
+        tempptr = ptr;
+        c = check_escape(&ptr, errorptr, *brackets, options, FALSE, cd);
+        if (c < 0) { ptr = tempptr; break; }
+
+        /* If a character is > 127 in UTF-8 mode, we have to turn it into
+        two or more characters in the UTF-8 encoding. */
+
+#ifdef SUPPORT_UTF8
+        if (c > 127 && (options & PCRE_UTF8) != 0)
+          {
+          uschar buffer[8];
+          int len = ord2utf8(c, buffer);
+          for (c = 0; c < len; c++) *code++ = buffer[c];
+          length += len;
+          continue;
+          }
+#endif
+        }
+
+      /* Ordinary character or single-char escape */
+
+      *code++ = c;
+      length++;
+      }
+
+    /* This "while" is the end of the "do" above. */
+
+    while (length < MAXLIT && (cd->ctypes[c = *(++ptr)] & ctype_meta) == 0);
+
+    /* Update the last character and the count of literals */
+
+    prevreqchar = (length > 1)? code[-2] : *reqchar;
+    *reqchar = code[-1];
+    *countlits += length;
+
+    /* Compute the length and set it in the data vector, and advance to
+    the next state. */
+
+    previous[1] = length;
+    if (length < MAXLIT) ptr--;
+    break;
+    }
+  }                   /* end of big loop */
+
+/* Control never reaches here by falling through, only by a goto for all the
+error states. Pass back the position in the pattern so that it can be displayed
+to the user for diagnosing the error. */
+
+FAILED:
+*ptrptr = ptr;
+return FALSE;
+}
+
+
+
+
+/*************************************************
+*     Compile sequence of alternatives           *
+*************************************************/
+
+/* On entry, ptr is pointing past the bracket character, but on return
+it points to the closing bracket, or vertical bar, or end of string.
+The code variable is pointing at the byte into which the BRA operator has been
+stored. If the ims options are changed at the start (for a (?ims: group) or
+during any branch, we need to insert an OP_OPT item at the start of every
+following branch to ensure they get set correctly at run time, and also pass
+the new options into every subsequent branch compile.
+
+Argument:
+  options     the option bits
+  optchanged  new ims options to set as if (?ims) were at the start, or -1
+               for no change
+  brackets    -> int containing the number of extracting brackets used
+  codeptr     -> the address of the current code pointer
+  ptrptr      -> the address of the current pattern pointer
+  errorptr    -> pointer to error message
+  lookbehind  TRUE if this is a lookbehind assertion
+  condref     >= 0 for OPT_CREF setting at start of conditional group
+  reqchar     -> place to put the last required character, or a negative number
+  countlits   -> place to put the shortest literal count of any branch
+  cd          points to the data block with tables pointers
+
+Returns:      TRUE on success
+*/
+
+static BOOL
+compile_regex(int options, int optchanged, int *brackets, uschar **codeptr,
+  const uschar **ptrptr, const char **errorptr, BOOL lookbehind, int condref,
+  int *reqchar, int *countlits, compile_data *cd)
+{
+const uschar *ptr = *ptrptr;
+uschar *code = *codeptr;
+uschar *last_branch = code;
+uschar *start_bracket = code;
+uschar *reverse_count = NULL;
+int oldoptions = options & PCRE_IMS;
+int branchreqchar, branchcountlits;
+
+*reqchar = -1;
+*countlits = INT_MAX;
+code += 3;
+
+/* At the start of a reference-based conditional group, insert the reference
+number as an OP_CREF item. */
+
+if (condref >= 0)
+  {
+  *code++ = OP_CREF;
+  *code++ = condref;
+  }
+
+/* Loop for each alternative branch */
+
+for (;;)
+  {
+  int length;
+
+  /* Handle change of options */
+
+  if (optchanged >= 0)
+    {
+    *code++ = OP_OPT;
+    *code++ = optchanged;
+    options = (options & ~PCRE_IMS) | optchanged;
+    }
+
+  /* Set up dummy OP_REVERSE if lookbehind assertion */
+
+  if (lookbehind)
+    {
+    *code++ = OP_REVERSE;
+    reverse_count = code;
+    *code++ = 0;
+    *code++ = 0;
+    }
+
+  /* Now compile the branch */
+
+  if (!compile_branch(options, brackets, &code, &ptr, errorptr, &optchanged,
+      &branchreqchar, &branchcountlits, cd))
+    {
+    *ptrptr = ptr;
+    return FALSE;
+    }
+
+  /* Fill in the length of the last branch */
+
+  length = code - last_branch;
+  last_branch[1] = length >> 8;
+  last_branch[2] = length & 255;
+
+  /* Save the last required character if all branches have the same; a current
+  value of -1 means unset, while -2 means "previous branch had no last required
+  char".  */
+
+  if (*reqchar != -2)
+    {
+    if (branchreqchar >= 0)
+      {
+      if (*reqchar == -1) *reqchar = branchreqchar;
+      else if (*reqchar != branchreqchar) *reqchar = -2;
+      }
+    else *reqchar = -2;
+    }
+
+  /* Keep the shortest literal count */
+
+  if (branchcountlits < *countlits) *countlits = branchcountlits;
+  DPRINTF(("literal count = %d min=%d\n", branchcountlits, *countlits));
+
+  /* If lookbehind, check that this branch matches a fixed-length string,
+  and put the length into the OP_REVERSE item. Temporarily mark the end of
+  the branch with OP_END. */
+
+  if (lookbehind)
+    {
+    *code = OP_END;
+    length = find_fixedlength(last_branch, options);
+    DPRINTF(("fixed length = %d\n", length));
+    if (length < 0)
+      {
+      *errorptr = ERR25;
+      *ptrptr = ptr;
+      return FALSE;
+      }
+    reverse_count[0] = (length >> 8);
+    reverse_count[1] = length & 255;
+    }
+
+  /* Reached end of expression, either ')' or end of pattern. Insert a
+  terminating ket and the length of the whole bracketed item, and return,
+  leaving the pointer at the terminating char. If any of the ims options
+  were changed inside the group, compile a resetting op-code following. */
+
+  if (*ptr != '|')
+    {
+    length = code - start_bracket;
+    *code++ = OP_KET;
+    *code++ = length >> 8;
+    *code++ = length & 255;
+    if (optchanged >= 0)
+      {
+      *code++ = OP_OPT;
+      *code++ = oldoptions;
+      }
+    *codeptr = code;
+    *ptrptr = ptr;
+    return TRUE;
+    }
+
+  /* Another branch follows; insert an "or" node and advance the pointer. */
+
+  *code = OP_ALT;
+  last_branch = code;
+  code += 3;
+  ptr++;
+  }
+/* Control never reaches here */
+}
+
+
+
+
+/*************************************************
+*      Find first significant op code            *
+*************************************************/
+
+/* This is called by several functions that scan a compiled expression looking
+for a fixed first character, or an anchoring op code etc. It skips over things
+that do not influence this. For one application, a change of caseless option is
+important.
+
+Arguments:
+  code       pointer to the start of the group
+  options    pointer to external options
+  optbit     the option bit whose changing is significant, or
+             zero if none are
+  optstop    TRUE to return on option change, otherwise change the options
+               value and continue
+
+Returns:     pointer to the first significant opcode
+*/
+
+static const uschar*
+first_significant_code(const uschar *code, int *options, int optbit,
+  BOOL optstop)
+{
+for (;;)
+  {
+  switch ((int)*code)
+    {
+    case OP_OPT:
+    if (optbit > 0 && ((int)code[1] & optbit) != (*options & optbit))
+      {
+      if (optstop) return code;
+      *options = (int)code[1];
+      }
+    code += 2;
+    break;
+
+    case OP_CREF:
+    code += 2;
+    break;
+
+    case OP_WORD_BOUNDARY:
+    case OP_NOT_WORD_BOUNDARY:
+    code++;
+    break;
+
+    case OP_ASSERT_NOT:
+    case OP_ASSERTBACK:
+    case OP_ASSERTBACK_NOT:
+    do code += (code[1] << 8) + code[2]; while (*code == OP_ALT);
+    code += 3;
+    break;
+
+    default:
+    return code;
+    }
+  }
+/* Control never reaches here */
+}
+
+
+
+
+/*************************************************
+*          Check for anchored expression         *
+*************************************************/
+
+/* Try to find out if this is an anchored regular expression. Consider each
+alternative branch. If they all start with OP_SOD or OP_CIRC, or with a bracket
+all of whose alternatives start with OP_SOD or OP_CIRC (recurse ad lib), then
+it's anchored. However, if this is a multiline pattern, then only OP_SOD
+counts, since OP_CIRC can match in the middle.
+
+A branch is also implicitly anchored if it starts with .* and DOTALL is set,
+because that will try the rest of the pattern at all possible matching points,
+so there is no point trying them again.
+
+Arguments:
+  code       points to start of expression (the bracket)
+  options    points to the options setting
+
+Returns:     TRUE or FALSE
+*/
+
+static BOOL
+is_anchored(register const uschar *code, int *options)
+{
+do {
+   const uschar *scode = first_significant_code(code + 3, options,
+     PCRE_MULTILINE, FALSE);
+   register int op = *scode;
+   if (op >= OP_BRA || op == OP_ASSERT || op == OP_ONCE || op == OP_COND)
+     { if (!is_anchored(scode, options)) return FALSE; }
+   else if ((op == OP_TYPESTAR || op == OP_TYPEMINSTAR) &&
+            (*options & PCRE_DOTALL) != 0)
+     { if (scode[1] != OP_ANY) return FALSE; }
+   else if (op != OP_SOD &&
+           ((*options & PCRE_MULTILINE) != 0 || op != OP_CIRC))
+     return FALSE;
+   code += (code[1] << 8) + code[2];
+   }
+while (*code == OP_ALT);
+return TRUE;
+}
+
+
+
+/*************************************************
+*         Check for starting with ^ or .*        *
+*************************************************/
+
+/* This is called to find out if every branch starts with ^ or .* so that
+"first char" processing can be done to speed things up in multiline
+matching and for non-DOTALL patterns that start with .* (which must start at
+the beginning or after \n).
+
+Argument:  points to start of expression (the bracket)
+Returns:   TRUE or FALSE
+*/
+
+static BOOL
+is_startline(const uschar *code)
+{
+do {
+   const uschar *scode = first_significant_code(code + 3, NULL, 0, FALSE);
+   register int op = *scode;
+   if (op >= OP_BRA || op == OP_ASSERT || op == OP_ONCE || op == OP_COND)
+     { if (!is_startline(scode)) return FALSE; }
+   else if (op == OP_TYPESTAR || op == OP_TYPEMINSTAR)
+     { if (scode[1] != OP_ANY) return FALSE; }
+   else if (op != OP_CIRC) return FALSE;
+   code += (code[1] << 8) + code[2];
+   }
+while (*code == OP_ALT);
+return TRUE;
+}
+
+
+
+/*************************************************
+*          Check for fixed first char            *
+*************************************************/
+
+/* Try to find out if there is a fixed first character. This is called for
+unanchored expressions, as it speeds up their processing quite considerably.
+Consider each alternative branch. If they all start with the same char, or with
+a bracket all of whose alternatives start with the same char (recurse ad lib),
+then we return that char, otherwise -1.
+
+Arguments:
+  code       points to start of expression (the bracket)
+  options    pointer to the options (used to check casing changes)
+
+Returns:     -1 or the fixed first char
+*/
+
+static int
+find_firstchar(const uschar *code, int *options)
+{
+register int c = -1;
+do {
+   int d;
+   const uschar *scode = first_significant_code(code + 3, options,
+     PCRE_CASELESS, TRUE);
+   register int op = *scode;
+
+   if (op >= OP_BRA) op = OP_BRA;
+
+   switch(op)
+     {
+     default:
+     return -1;
+
+     case OP_BRA:
+     case OP_ASSERT:
+     case OP_ONCE:
+     case OP_COND:
+     if ((d = find_firstchar(scode, options)) < 0) return -1;
+     if (c < 0) c = d; else if (c != d) return -1;
+     break;
+
+     case OP_EXACT:       /* Fall through */
+     scode++;
+
+     case OP_CHARS:       /* Fall through */
+     scode++;
+
+     case OP_PLUS:
+     case OP_MINPLUS:
+     if (c < 0) c = scode[1]; else if (c != scode[1]) return -1;
+     break;
+     }
+
+   code += (code[1] << 8) + code[2];
+   }
+while (*code == OP_ALT);
+return c;
+}
+
+
+
+
+
+/*************************************************
+*        Compile a Regular Expression            *
+*************************************************/
+
+/* This function takes a string and returns a pointer to a block of store
+holding a compiled version of the expression.
+
+Arguments:
+  pattern      the regular expression
+  options      various option bits
+  errorptr     pointer to pointer to error text
+  erroroffset  ptr offset in pattern where error was detected
+  tables       pointer to character tables or NULL
+
+Returns:       pointer to compiled data block, or NULL on error,
+               with errorptr and erroroffset set
+*/
+
+pcre *
+pcre_compile(const char *pattern, int options, const char **errorptr,
+  int *erroroffset, const unsigned char *tables)
+{
+real_pcre *re;
+int length = 3;      /* For initial BRA plus length */
+int runlength;
+int c, reqchar, countlits;
+int bracount = 0;
+int top_backref = 0;
+int branch_extra = 0;
+int branch_newextra;
+unsigned int brastackptr = 0;
+size_t size;
+uschar *code;
+const uschar *ptr;
+compile_data compile_block;
+int brastack[BRASTACK_SIZE];
+uschar bralenstack[BRASTACK_SIZE];
+
+#ifdef DEBUG
+uschar *code_base, *code_end;
+#endif
+
+/* Can't support UTF8 unless PCRE has been compiled to include the code. */
+
+#ifndef SUPPORT_UTF8
+if ((options & PCRE_UTF8) != 0)
+  {
+  *errorptr = ERR32;
+  return NULL;
+  }
+#endif
+
+/* We can't pass back an error message if errorptr is NULL; I guess the best we
+can do is just return NULL. */
+
+if (errorptr == NULL) return NULL;
+*errorptr = NULL;
+
+/* However, we can give a message for this error */
+
+if (erroroffset == NULL)
+  {
+  *errorptr = ERR16;
+  return NULL;
+  }
+*erroroffset = 0;
+
+if ((options & ~PUBLIC_OPTIONS) != 0)
+  {
+  *errorptr = ERR17;
+  return NULL;
+  }
+
+/* Set up pointers to the individual character tables */
+
+if (tables == NULL) tables = pcre_default_tables;
+compile_block.lcc = tables + lcc_offset;
+compile_block.fcc = tables + fcc_offset;
+compile_block.cbits = tables + cbits_offset;
+compile_block.ctypes = tables + ctypes_offset;
+
+/* Reflect pattern for debugging output */
+
+DPRINTF(("------------------------------------------------------------------\n"));
+DPRINTF(("%s\n", pattern));
+
+/* The first thing to do is to make a pass over the pattern to compute the
+amount of store required to hold the compiled code. This does not have to be
+perfect as long as errors are overestimates. At the same time we can detect any
+internal flag settings. Make an attempt to correct for any counted white space
+if an "extended" flag setting appears late in the pattern. We can't be so
+clever for #-comments. */
+
+ptr = (const uschar *)(pattern - 1);
+while ((c = *(++ptr)) != 0)
+  {
+  int min, max;
+  int class_charcount;
+
+  if ((options & PCRE_EXTENDED) != 0)
+    {
+    if ((compile_block.ctypes[c] & ctype_space) != 0) continue;
+    if (c == '#')
+      {
+      /* The space before the ; is to avoid a warning on a silly compiler
+      on the Macintosh. */
+      while ((c = *(++ptr)) != 0 && c != '\n') ;
+      continue;
+      }
+    }
+
+  switch(c)
+    {
+    /* A backslashed item may be an escaped "normal" character or a
+    character type. For a "normal" character, put the pointers and
+    character back so that tests for whitespace etc. in the input
+    are done correctly. */
+
+    case '\\':
+      {
+      const uschar *save_ptr = ptr;
+      c = check_escape(&ptr, errorptr, bracount, options, FALSE, &compile_block);
+      if (*errorptr != NULL) goto PCRE_ERROR_RETURN;
+      if (c >= 0)
+        {
+        ptr = save_ptr;
+        c = '\\';
+        goto NORMAL_CHAR;
+        }
+      }
+    length++;
+
+    /* A back reference needs an additional char, plus either one or 5
+    bytes for a repeat. We also need to keep the value of the highest
+    back reference. */
+
+    if (c <= -ESC_REF)
+      {
+      int refnum = -c - ESC_REF;
+      if (refnum > top_backref) top_backref = refnum;
+      length++;   /* For single back reference */
+      if (ptr[1] == '{' && is_counted_repeat(ptr+2, &compile_block))
+        {
+        ptr = read_repeat_counts(ptr+2, &min, &max, errorptr, &compile_block);
+        if (*errorptr != NULL) goto PCRE_ERROR_RETURN;
+        if ((min == 0 && (max == 1 || max == -1)) ||
+          (min == 1 && max == -1))
+            length++;
+        else length += 5;
+        if (ptr[1] == '?') ptr++;
+        }
+      }
+    continue;
+
+    case '^':
+    case '.':
+    case '$':
+    case '*':     /* These repeats won't be after brackets; */
+    case '+':     /* those are handled separately */
+    case '?':
+    length++;
+    continue;
+
+    /* This covers the cases of repeats after a single char, metachar, class,
+    or back reference. */
+
+    case '{':
+    if (!is_counted_repeat(ptr+1, &compile_block)) goto NORMAL_CHAR;
+    ptr = read_repeat_counts(ptr+1, &min, &max, errorptr, &compile_block);
+    if (*errorptr != NULL) goto PCRE_ERROR_RETURN;
+    if ((min == 0 && (max == 1 || max == -1)) ||
+      (min == 1 && max == -1))
+        length++;
+    else
+      {
+      length--;   /* Uncount the original char or metachar */
+      if (min == 1) length++; else if (min > 0) length += 4;
+      if (max > 0) length += 4; else length += 2;
+      }
+    if (ptr[1] == '?') ptr++;
+    continue;
+
+    /* An alternation contains an offset to the next branch or ket. If any ims
+    options changed in the previous branch(es), and/or if we are in a
+    lookbehind assertion, extra space will be needed at the start of the
+    branch. This is handled by branch_extra. */
+
+    case '|':
+    length += 3 + branch_extra;
+    continue;
+
+    /* A character class uses 33 characters. Don't worry about character types
+    that aren't allowed in classes - they'll get picked up during the compile.
+    A character class that contains only one character uses 2 or 3 bytes,
+    depending on whether it is negated or not. Notice this where we can. */
+
+    case '[':
+    class_charcount = 0;
+    if (*(++ptr) == '^') ptr++;
+    do
+      {
+      if (*ptr == '\\')
+        {
+        int ch = check_escape(&ptr, errorptr, bracount, options, TRUE,
+          &compile_block);
+        if (*errorptr != NULL) goto PCRE_ERROR_RETURN;
+        if (-ch == ESC_b) class_charcount++; else class_charcount = 10;
+        }
+      else class_charcount++;
+      ptr++;
+      }
+    while (*ptr != 0 && *ptr != ']');
+
+    /* Repeats for negated single chars are handled by the general code */
+
+    if (class_charcount == 1) length += 3; else
+      {
+      length += 33;
+
+      /* A repeat needs either 1 or 5 bytes. */
+
+      if (*ptr != 0 && ptr[1] == '{' && is_counted_repeat(ptr+2, &compile_block))
+        {
+        ptr = read_repeat_counts(ptr+2, &min, &max, errorptr, &compile_block);
+        if (*errorptr != NULL) goto PCRE_ERROR_RETURN;
+        if ((min == 0 && (max == 1 || max == -1)) ||
+          (min == 1 && max == -1))
+            length++;
+        else length += 5;
+        if (ptr[1] == '?') ptr++;
+        }
+      }
+    continue;
+
+    /* Brackets may be genuine groups or special things */
+
+    case '(':
+    branch_newextra = 0;
+
+    /* Handle special forms of bracket, which all start (? */
+
+    if (ptr[1] == '?')
+      {
+      int set, unset;
+      int *optset;
+
+      switch (c = ptr[2])
+        {
+        /* Skip over comments entirely */
+        case '#':
+        ptr += 3;
+        while (*ptr != 0 && *ptr != ')') ptr++;
+        if (*ptr == 0)
+          {
+          *errorptr = ERR18;
+          goto PCRE_ERROR_RETURN;
+          }
+        continue;
+
+        /* Non-referencing groups and lookaheads just move the pointer on, and
+        then behave like a non-special bracket, except that they don't increment
+        the count of extracting brackets. Ditto for the "once only" bracket,
+        which is in Perl from version 5.005. */
+
+        case ':':
+        case '=':
+        case '!':
+        case '>':
+        ptr += 2;
+        break;
+
+        /* A recursive call to the regex is an extension, to provide the
+        facility which can be obtained by $(?p{perl-code}) in Perl 5.6. */
+
+        case 'R':
+        if (ptr[3] != ')')
+          {
+          *errorptr = ERR29;
+          goto PCRE_ERROR_RETURN;
+          }
+        ptr += 3;
+        length += 1;
+        break;
+
+        /* Lookbehinds are in Perl from version 5.005 */
+
+        case '<':
+        if (ptr[3] == '=' || ptr[3] == '!')
+          {
+          ptr += 3;
+          branch_newextra = 3;
+          length += 3;         /* For the first branch */
+          break;
+          }
+        *errorptr = ERR24;
+        goto PCRE_ERROR_RETURN;
+
+        /* Conditionals are in Perl from version 5.005. The bracket must either
+        be followed by a number (for bracket reference) or by an assertion
+        group. */
+
+        case '(':
+        if ((compile_block.ctypes[ptr[3]] & ctype_digit) != 0)
+          {
+          ptr += 4;
+          length += 2;
+          while ((compile_block.ctypes[*ptr] & ctype_digit) != 0) ptr++;
+          if (*ptr != ')')
+            {
+            *errorptr = ERR26;
+            goto PCRE_ERROR_RETURN;
+            }
+          }
+        else   /* An assertion must follow */
+          {
+          ptr++;   /* Can treat like ':' as far as spacing is concerned */
+          if (ptr[2] != '?' ||
+             (ptr[3] != '=' && ptr[3] != '!' && ptr[3] != '<') )
+            {
+            ptr += 2;    /* To get right offset in message */
+            *errorptr = ERR28;
+            goto PCRE_ERROR_RETURN;
+            }
+          }
+        break;
+
+        /* Else loop checking valid options until ) is met. Anything else is an
+        error. If we are without any brackets, i.e. at top level, the settings
+        act as if specified in the options, so massage the options immediately.
+        This is for backward compatibility with Perl 5.004. */
+
+        default:
+        set = unset = 0;
+        optset = &set;
+        ptr += 2;
+
+        for (;; ptr++)
+          {
+          c = *ptr;
+          switch (c)
+            {
+            case 'i':
+            *optset |= PCRE_CASELESS;
+            continue;
+
+            case 'm':
+            *optset |= PCRE_MULTILINE;
+            continue;
+
+            case 's':
+            *optset |= PCRE_DOTALL;
+            continue;
+
+            case 'x':
+            *optset |= PCRE_EXTENDED;
+            continue;
+
+            case 'X':
+            *optset |= PCRE_EXTRA;
+            continue;
+
+            case 'U':
+            *optset |= PCRE_UNGREEDY;
+            continue;
+
+            case '-':
+            optset = &unset;
+            continue;
+
+            /* A termination by ')' indicates an options-setting-only item;
+            this is global at top level; otherwise nothing is done here and
+            it is handled during the compiling process on a per-bracket-group
+            basis. */
+
+            case ')':
+            if (brastackptr == 0)
+              {
+              options = (options | set) & (~unset);
+              set = unset = 0;     /* To save length */
+              }
+            /* Fall through */
+
+            /* A termination by ':' indicates the start of a nested group with
+            the given options set. This is again handled at compile time, but
+            we must allow for compiled space if any of the ims options are
+            set. We also have to allow for resetting space at the end of
+            the group, which is why 4 is added to the length and not just 2.
+            If there are several changes of options within the same group, this
+            will lead to an over-estimate on the length, but this shouldn't
+            matter very much. We also have to allow for resetting options at
+            the start of any alternations, which we do by setting
+            branch_newextra to 2. Finally, we record whether the case-dependent
+            flag ever changes within the regex. This is used by the "required
+            character" code. */
+
+            case ':':
+            if (((set|unset) & PCRE_IMS) != 0)
+              {
+              length += 4;
+              branch_newextra = 2;
+              if (((set|unset) & PCRE_CASELESS) != 0) options |= PCRE_ICHANGED;
+              }
+            goto END_OPTIONS;
+
+            /* Unrecognized option character */
+
+            default:
+            *errorptr = ERR12;
+            goto PCRE_ERROR_RETURN;
+            }
+          }
+
+        /* If we hit a closing bracket, that's it - this is a freestanding
+        option-setting. We need to ensure that branch_extra is updated if
+        necessary. The only values branch_newextra can have here are 0 or 2.
+        If the value is 2, then branch_extra must either be 2 or 5, depending
+        on whether this is a lookbehind group or not. */
+
+        END_OPTIONS:
+        if (c == ')')
+          {
+          if (branch_newextra == 2 && (branch_extra == 0 || branch_extra == 3))
+            branch_extra += branch_newextra;
+          continue;
+          }
+
+        /* If options were terminated by ':' control comes here. Fall through
+        to handle the group below. */
+        }
+      }
+
+    /* Extracting brackets must be counted so we can process escapes in a
+    Perlish way. */
+
+    else bracount++;
+
+    /* Non-special forms of bracket. Save length for computing whole length
+    at end if there's a repeat that requires duplication of the group. Also
+    save the current value of branch_extra, and start the new group with
+    the new value. If non-zero, this will either be 2 for a (?imsx: group, or 3
+    for a lookbehind assertion. */
+
+    if (brastackptr >= sizeof(brastack)/sizeof(int))
+      {
+      *errorptr = ERR19;
+      goto PCRE_ERROR_RETURN;
+      }
+
+    bralenstack[brastackptr] = branch_extra;
+    branch_extra = branch_newextra;
+
+    brastack[brastackptr++] = length;
+    length += 3;
+    continue;
+
+    /* Handle ket. Look for subsequent max/min; for certain sets of values we
+    have to replicate this bracket up to that many times. If brastackptr is
+    0 this is an unmatched bracket which will generate an error, but take care
+    not to try to access brastack[-1] when computing the length and restoring
+    the branch_extra value. */
+
+    case ')':
+    length += 3;
+      {
+      int minval = 1;
+      int maxval = 1;
+      int duplength;
+
+      if (brastackptr > 0)
+        {
+        duplength = length - brastack[--brastackptr];
+        branch_extra = bralenstack[brastackptr];
+        }
+      else duplength = 0;
+
+      /* Leave ptr at the final char; for read_repeat_counts this happens
+      automatically; for the others we need an increment. */
+
+      if ((c = ptr[1]) == '{' && is_counted_repeat(ptr+2, &compile_block))
+        {
+        ptr = read_repeat_counts(ptr+2, &minval, &maxval, errorptr,
+          &compile_block);
+        if (*errorptr != NULL) goto PCRE_ERROR_RETURN;
+        }
+      else if (c == '*') { minval = 0; maxval = -1; ptr++; }
+      else if (c == '+') { maxval = -1; ptr++; }
+      else if (c == '?') { minval = 0; ptr++; }
+
+      /* If the minimum is zero, we have to allow for an OP_BRAZERO before the
+      group, and if the maximum is greater than zero, we have to replicate
+      maxval-1 times; each replication acquires an OP_BRAZERO plus a nesting
+      bracket set - hence the 7. */
+
+      if (minval == 0)
+        {
+        length++;
+        if (maxval > 0) length += (maxval - 1) * (duplength + 7);
+        }
+
+      /* When the minimum is greater than zero, 1 we have to replicate up to
+      minval-1 times, with no additions required in the copies. Then, if
+      there is a limited maximum we have to replicate up to maxval-1 times
+      allowing for a BRAZERO item before each optional copy and nesting
+      brackets for all but one of the optional copies. */
+
+      else
+        {
+        length += (minval - 1) * duplength;
+        if (maxval > minval)   /* Need this test as maxval=-1 means no limit */
+          length += (maxval - minval) * (duplength + 7) - 6;
+        }
+      }
+    continue;
+
+    /* Non-special character. For a run of such characters the length required
+    is the number of characters + 2, except that the maximum run length is 255.
+    We won't get a skipped space or a non-data escape or the start of a #
+    comment as the first character, so the length can't be zero. */
+
+    NORMAL_CHAR:
+    default:
+    length += 2;
+    runlength = 0;
+    do
+      {
+      if ((options & PCRE_EXTENDED) != 0)
+        {
+        if ((compile_block.ctypes[c] & ctype_space) != 0) continue;
+        if (c == '#')
+          {
+          /* The space before the ; is to avoid a warning on a silly compiler
+          on the Macintosh. */
+          while ((c = *(++ptr)) != 0 && c != '\n') ;
+          continue;
+          }
+        }
+
+      /* Backslash may introduce a data char or a metacharacter; stop the
+      string before the latter. */
+
+      if (c == '\\')
+        {
+        const uschar *saveptr = ptr;
+        c = check_escape(&ptr, errorptr, bracount, options, FALSE,
+          &compile_block);
+        if (*errorptr != NULL) goto PCRE_ERROR_RETURN;
+        if (c < 0) { ptr = saveptr; break; }
+
+#ifdef SUPPORT_UTF8
+        if (c > 127 && (options & PCRE_UTF8) != 0)
+          {
+          int i;
+          for (i = 0; i < sizeof(utf8_table1)/sizeof(int); i++)
+            if (c <= utf8_table1[i]) break;
+          runlength += i;
+          }
+#endif
+        }
+
+      /* Ordinary character or single-char escape */
+
+      runlength++;
+      }
+
+    /* This "while" is the end of the "do" above. */
+
+    while (runlength < MAXLIT &&
+      (compile_block.ctypes[c = *(++ptr)] & ctype_meta) == 0);
+
+    ptr--;
+    length += runlength;
+    continue;
+    }
+  }
+
+length += 4;    /* For final KET and END */
+
+if (length > 65539)
+  {
+  *errorptr = ERR20;
+  return NULL;
+  }
+
+/* Compute the size of data block needed and get it, either from malloc or
+externally provided function. We specify "code[0]" in the offsetof() expression
+rather than just "code", because it has been reported that one broken compiler
+fails on "code" because it is also an independent variable. It should make no
+difference to the value of the offsetof(). */
+
+size = length + offsetof(real_pcre, code[0]);
+re = (real_pcre *)(pcre_malloc)(size);
+
+if (re == NULL)
+  {
+  *errorptr = ERR21;
+  return NULL;
+  }
+
+/* Put in the magic number, and save the size, options, and table pointer */
+
+re->magic_number = MAGIC_NUMBER;
+re->size = size;
+re->options = options;
+re->tables = tables;
+
+/* Set up a starting, non-extracting bracket, then compile the expression. On
+error, *errorptr will be set non-NULL, so we don't need to look at the result
+of the function here. */
+
+ptr = (const uschar *)pattern;
+code = re->code;
+*code = OP_BRA;
+bracount = 0;
+(void)compile_regex(options, -1, &bracount, &code, &ptr, errorptr, FALSE, -1,
+  &reqchar, &countlits, &compile_block);
+re->top_bracket = bracount;
+re->top_backref = top_backref;
+
+/* If not reached end of pattern on success, there's an excess bracket. */
+
+if (*errorptr == NULL && *ptr != 0) *errorptr = ERR22;
+
+/* Fill in the terminating state and check for disastrous overflow, but
+if debugging, leave the test till after things are printed out. */
+
+*code++ = OP_END;
+
+#ifndef DEBUG
+if (code - re->code > length) *errorptr = ERR23;
+#endif
+
+/* Give an error if there's back reference to a non-existent capturing
+subpattern. */
+
+if (top_backref > re->top_bracket) *errorptr = ERR15;
+
+/* Failed to compile */
+
+if (*errorptr != NULL)
+  {
+  (pcre_free)(re);
+  PCRE_ERROR_RETURN:
+  *erroroffset = ptr - (const uschar *)pattern;
+  return NULL;
+  }
+
+/* If the anchored option was not passed, set flag if we can determine that the
+pattern is anchored by virtue of ^ characters or \A or anything else (such as
+starting with .* when DOTALL is set).
+
+Otherwise, see if we can determine what the first character has to be, because
+that speeds up unanchored matches no end. If not, see if we can set the
+PCRE_STARTLINE flag. This is helpful for multiline matches when all branches
+start with ^. and also when all branches start with .* for non-DOTALL matches.
+*/
+
+if ((options & PCRE_ANCHORED) == 0)
+  {
+  int temp_options = options;
+  if (is_anchored(re->code, &temp_options))
+    re->options |= PCRE_ANCHORED;
+  else
+    {
+    int ch = find_firstchar(re->code, &temp_options);
+    if (ch >= 0)
+      {
+      re->first_char = ch;
+      re->options |= PCRE_FIRSTSET;
+      }
+    else if (is_startline(re->code))
+      re->options |= PCRE_STARTLINE;
+    }
+  }
+
+/* Save the last required character if there are at least two literal
+characters on all paths, or if there is no first character setting. */
+
+if (reqchar >= 0 && (countlits > 1 || (re->options & PCRE_FIRSTSET) == 0))
+  {
+  re->req_char = reqchar;
+  re->options |= PCRE_REQCHSET;
+  }
+
+/* Print out the compiled data for debugging */
+
+#ifdef DEBUG
+
+printf("Length = %d top_bracket = %d top_backref = %d\n",
+  length, re->top_bracket, re->top_backref);
+
+if (re->options != 0)
+  {
+  printf("%s%s%s%s%s%s%s%s%s\n",
+    ((re->options & PCRE_ANCHORED) != 0)? "anchored " : "",
+    ((re->options & PCRE_CASELESS) != 0)? "caseless " : "",
+    ((re->options & PCRE_ICHANGED) != 0)? "case state changed " : "",
+    ((re->options & PCRE_EXTENDED) != 0)? "extended " : "",
+    ((re->options & PCRE_MULTILINE) != 0)? "multiline " : "",
+    ((re->options & PCRE_DOTALL) != 0)? "dotall " : "",
+    ((re->options & PCRE_DOLLAR_ENDONLY) != 0)? "endonly " : "",
+    ((re->options & PCRE_EXTRA) != 0)? "extra " : "",
+    ((re->options & PCRE_UNGREEDY) != 0)? "ungreedy " : "");
+  }
+
+if ((re->options & PCRE_FIRSTSET) != 0)
+  {
+  if (isprint(re->first_char)) printf("First char = %c\n", re->first_char);
+    else printf("First char = \\x%02x\n", re->first_char);
+  }
+
+if ((re->options & PCRE_REQCHSET) != 0)
+  {
+  if (isprint(re->req_char)) printf("Req char = %c\n", re->req_char);
+    else printf("Req char = \\x%02x\n", re->req_char);
+  }
+
+code_end = code;
+code_base = code = re->code;
+
+while (code < code_end)
+  {
+  int charlength;
+
+  printf("%3d ", code - code_base);
+
+  if (*code >= OP_BRA)
+    {
+    printf("%3d Bra %d", (code[1] << 8) + code[2], *code - OP_BRA);
+    code += 2;
+    }
+
+  else switch(*code)
+    {
+    case OP_OPT:
+    printf(" %.2x %s", code[1], OP_names[*code]);
+    code++;
+    break;
+
+    case OP_COND:
+    printf("%3d Cond", (code[1] << 8) + code[2]);
+    code += 2;
+    break;
+
+    case OP_CREF:
+    printf(" %.2d %s", code[1], OP_names[*code]);
+    code++;
+    break;
+
+    case OP_CHARS:
+    charlength = *(++code);
+    printf("%3d ", charlength);
+    while (charlength-- > 0)
+      if (isprint(c = *(++code))) printf("%c", c); else printf("\\x%02x", c);
+    break;
+
+    case OP_KETRMAX:
+    case OP_KETRMIN:
+    case OP_ALT:
+    case OP_KET:
+    case OP_ASSERT:
+    case OP_ASSERT_NOT:
+    case OP_ASSERTBACK:
+    case OP_ASSERTBACK_NOT:
+    case OP_ONCE:
+    printf("%3d %s", (code[1] << 8) + code[2], OP_names[*code]);
+    code += 2;
+    break;
+
+    case OP_REVERSE:
+    printf("%3d %s", (code[1] << 8) + code[2], OP_names[*code]);
+    code += 2;
+    break;
+
+    case OP_STAR:
+    case OP_MINSTAR:
+    case OP_PLUS:
+    case OP_MINPLUS:
+    case OP_QUERY:
+    case OP_MINQUERY:
+    case OP_TYPESTAR:
+    case OP_TYPEMINSTAR:
+    case OP_TYPEPLUS:
+    case OP_TYPEMINPLUS:
+    case OP_TYPEQUERY:
+    case OP_TYPEMINQUERY:
+    if (*code >= OP_TYPESTAR)
+      printf("    %s", OP_names[code[1]]);
+    else if (isprint(c = code[1])) printf("    %c", c);
+      else printf("    \\x%02x", c);
+    printf("%s", OP_names[*code++]);
+    break;
+
+    case OP_EXACT:
+    case OP_UPTO:
+    case OP_MINUPTO:
+    if (isprint(c = code[3])) printf("    %c{", c);
+      else printf("    \\x%02x{", c);
+    if (*code != OP_EXACT) printf("0,");
+    printf("%d}", (code[1] << 8) + code[2]);
+    if (*code == OP_MINUPTO) printf("?");
+    code += 3;
+    break;
+
+    case OP_TYPEEXACT:
+    case OP_TYPEUPTO:
+    case OP_TYPEMINUPTO:
+    printf("    %s{", OP_names[code[3]]);
+    if (*code != OP_TYPEEXACT) printf(",");
+    printf("%d}", (code[1] << 8) + code[2]);
+    if (*code == OP_TYPEMINUPTO) printf("?");
+    code += 3;
+    break;
+
+    case OP_NOT:
+    if (isprint(c = *(++code))) printf("    [^%c]", c);
+      else printf("    [^\\x%02x]", c);
+    break;
+
+    case OP_NOTSTAR:
+    case OP_NOTMINSTAR:
+    case OP_NOTPLUS:
+    case OP_NOTMINPLUS:
+    case OP_NOTQUERY:
+    case OP_NOTMINQUERY:
+    if (isprint(c = code[1])) printf("    [^%c]", c);
+      else printf("    [^\\x%02x]", c);
+    printf("%s", OP_names[*code++]);
+    break;
+
+    case OP_NOTEXACT:
+    case OP_NOTUPTO:
+    case OP_NOTMINUPTO:
+    if (isprint(c = code[3])) printf("    [^%c]{", c);
+      else printf("    [^\\x%02x]{", c);
+    if (*code != OP_NOTEXACT) printf(",");
+    printf("%d}", (code[1] << 8) + code[2]);
+    if (*code == OP_NOTMINUPTO) printf("?");
+    code += 3;
+    break;
+
+    case OP_REF:
+    printf("    \\%d", *(++code));
+    code ++;
+    goto CLASS_REF_REPEAT;
+
+    case OP_CLASS:
+      {
+      int i, min, max;
+      code++;
+      printf("    [");
+
+      for (i = 0; i < 256; i++)
+        {
+        if ((code[i/8] & (1 << (i&7))) != 0)
+          {
+          int j;
+          for (j = i+1; j < 256; j++)
+            if ((code[j/8] & (1 << (j&7))) == 0) break;
+          if (i == '-' || i == ']') printf("\\");
+          if (isprint(i)) printf("%c", i); else printf("\\x%02x", i);
+          if (--j > i)
+            {
+            printf("-");
+            if (j == '-' || j == ']') printf("\\");
+            if (isprint(j)) printf("%c", j); else printf("\\x%02x", j);
+            }
+          i = j;
+          }
+        }
+      printf("]");
+      code += 32;
+
+      CLASS_REF_REPEAT:
+
+      switch(*code)
+        {
+        case OP_CRSTAR:
+        case OP_CRMINSTAR:
+        case OP_CRPLUS:
+        case OP_CRMINPLUS:
+        case OP_CRQUERY:
+        case OP_CRMINQUERY:
+        printf("%s", OP_names[*code]);
+        break;
+
+        case OP_CRRANGE:
+        case OP_CRMINRANGE:
+        min = (code[1] << 8) + code[2];
+        max = (code[3] << 8) + code[4];
+        if (max == 0) printf("{%d,}", min);
+        else printf("{%d,%d}", min, max);
+        if (*code == OP_CRMINRANGE) printf("?");
+        code += 4;
+        break;
+
+        default:
+        code--;
+        }
+      }
+    break;
+
+    /* Anything else is just a one-node item */
+
+    default:
+    printf("    %s", OP_names[*code]);
+    break;
+    }
+
+  code++;
+  printf("\n");
+  }
+printf("------------------------------------------------------------------\n");
+
+/* This check is done here in the debugging case so that the code that
+was compiled can be seen. */
+
+if (code - re->code > length)
+  {
+  *errorptr = ERR23;
+  (pcre_free)(re);
+  *erroroffset = ptr - (uschar *)pattern;
+  return NULL;
+  }
+#endif
+
+return (pcre *)re;
+}
+
+
+
+/*************************************************
+*          Match a back-reference                *
+*************************************************/
+
+/* If a back reference hasn't been set, the length that is passed is greater
+than the number of characters left in the string, so the match fails.
+
+Arguments:
+  offset      index into the offset vector
+  eptr        points into the subject
+  length      length to be matched
+  md          points to match data block
+  ims         the ims flags
+
+Returns:      TRUE if matched
+*/
+
+static BOOL
+match_ref(int offset, register const uschar *eptr, int length, match_data *md,
+  unsigned long int ims)
+{
+const uschar *p = md->start_subject + md->offset_vector[offset];
+
+#ifdef DEBUG
+if (eptr >= md->end_subject)
+  printf("matching subject <null>");
+else
+  {
+  printf("matching subject ");
+  pchars(eptr, length, TRUE, md);
+  }
+printf(" against backref ");
+pchars(p, length, FALSE, md);
+printf("\n");
+#endif
+
+/* Always fail if not enough characters left */
+
+if (length > md->end_subject - eptr) return FALSE;
+
+/* Separate the caselesss case for speed */
+
+if ((ims & PCRE_CASELESS) != 0)
+  {
+  while (length-- > 0)
+    if (md->lcc[*p++] != md->lcc[*eptr++]) return FALSE;
+  }
+else
+  { while (length-- > 0) if (*p++ != *eptr++) return FALSE; }
+
+return TRUE;
+}
+
+
+
+/*************************************************
+*         Match from current position            *
+*************************************************/
+
+/* On entry ecode points to the first opcode, and eptr to the first character
+in the subject string, while eptrb holds the value of eptr at the start of the
+last bracketed group - used for breaking infinite loops matching zero-length
+strings.
+
+Arguments:
+   eptr        pointer in subject
+   ecode       position in code
+   offset_top  current top pointer
+   md          pointer to "static" info for the match
+   ims         current /i, /m, and /s options
+   eptrb       pointer to chain of blocks containing eptr at start of
+                 brackets - for testing for empty matches
+   flags       can contain
+                 match_condassert - this is an assertion condition
+                 match_isgroup - this is the start of a bracketed group
+
+Returns:       TRUE if matched
+*/
+
+static BOOL
+match(register const uschar *eptr, register const uschar *ecode,
+  int offset_top, match_data *md, unsigned long int ims, eptrblock *eptrb,
+  int flags)
+{
+unsigned long int original_ims = ims;   /* Save for resetting on ')' */
+eptrblock newptrb;
+
+/* At the start of a bracketed group, add the current subject pointer to the
+stack of such pointers, to be re-instated at the end of the group when we hit
+the closing ket. When match() is called in other circumstances, we don't add to
+the stack. */
+
+if ((flags & match_isgroup) != 0)
+  {
+  newptrb.prev = eptrb;
+  newptrb.saved_eptr = eptr;
+  eptrb = &newptrb;
+  }
+
+/* Now start processing the operations. */
+
+for (;;)
+  {
+  int op = (int)*ecode;
+  int min, max, ctype;
+  register int i;
+  register int c;
+  BOOL minimize = FALSE;
+
+  /* Opening capturing bracket. If there is space in the offset vector, save
+  the current subject position in the working slot at the top of the vector. We
+  mustn't change the current values of the data slot, because they may be set
+  from a previous iteration of this group, and be referred to by a reference
+  inside the group.
+
+  If the bracket fails to match, we need to restore this value and also the
+  values of the final offsets, in case they were set by a previous iteration of
+  the same bracket.
+
+  If there isn't enough space in the offset vector, treat this as if it were a
+  non-capturing bracket. Don't worry about setting the flag for the error case
+  here; that is handled in the code for KET. */
+
+  if (op > OP_BRA)
+    {
+    int number = op - OP_BRA;
+    int offset = number << 1;
+
+#ifdef DEBUG
+    printf("start bracket %d subject=", number);
+    pchars(eptr, 16, TRUE, md);
+    printf("\n");
+#endif
+
+    if (offset < md->offset_max)
+      {
+      int save_offset1 = md->offset_vector[offset];
+      int save_offset2 = md->offset_vector[offset+1];
+      int save_offset3 = md->offset_vector[md->offset_end - number];
+
+      DPRINTF(("saving %d %d %d\n", save_offset1, save_offset2, save_offset3));
+      md->offset_vector[md->offset_end - number] = eptr - md->start_subject;
+
+      do
+        {
+        if (match(eptr, ecode+3, offset_top, md, ims, eptrb, match_isgroup))
+          return TRUE;
+        ecode += (ecode[1] << 8) + ecode[2];
+        }
+      while (*ecode == OP_ALT);
+
+      DPRINTF(("bracket %d failed\n", number));
+
+      md->offset_vector[offset] = save_offset1;
+      md->offset_vector[offset+1] = save_offset2;
+      md->offset_vector[md->offset_end - number] = save_offset3;
+      return FALSE;
+      }
+
+    /* Insufficient room for saving captured contents */
+
+    else op = OP_BRA;
+    }
+
+  /* Other types of node can be handled by a switch */
+
+  switch(op)
+    {
+    case OP_BRA:     /* Non-capturing bracket: optimized */
+    DPRINTF(("start bracket 0\n"));
+    do
+      {
+      if (match(eptr, ecode+3, offset_top, md, ims, eptrb, match_isgroup))
+        return TRUE;
+      ecode += (ecode[1] << 8) + ecode[2];
+      }
+    while (*ecode == OP_ALT);
+    DPRINTF(("bracket 0 failed\n"));
+    return FALSE;
+
+    /* Conditional group: compilation checked that there are no more than
+    two branches. If the condition is false, skipping the first branch takes us
+    past the end if there is only one branch, but that's OK because that is
+    exactly what going to the ket would do. */
+
+    case OP_COND:
+    if (ecode[3] == OP_CREF)         /* Condition is extraction test */
+      {
+      int offset = ecode[4] << 1;    /* Doubled reference number */
+      return match(eptr,
+        ecode + ((offset < offset_top && md->offset_vector[offset] >= 0)?
+          5 : 3 + (ecode[1] << 8) + ecode[2]),
+        offset_top, md, ims, eptrb, match_isgroup);
+      }
+
+    /* The condition is an assertion. Call match() to evaluate it - setting
+    the final argument TRUE causes it to stop at the end of an assertion. */
+
+    else
+      {
+      if (match(eptr, ecode+3, offset_top, md, ims, NULL,
+          match_condassert | match_isgroup))
+        {
+        ecode += 3 + (ecode[4] << 8) + ecode[5];
+        while (*ecode == OP_ALT) ecode += (ecode[1] << 8) + ecode[2];
+        }
+      else ecode += (ecode[1] << 8) + ecode[2];
+      return match(eptr, ecode+3, offset_top, md, ims, eptrb, match_isgroup);
+      }
+    /* Control never reaches here */
+
+    /* Skip over conditional reference data if encountered (should not be) */
+
+    case OP_CREF:
+    ecode += 2;
+    break;
+
+    /* End of the pattern. If PCRE_NOTEMPTY is set, fail if we have matched
+    an empty string - recursion will then try other alternatives, if any. */
+
+    case OP_END:
+    if (md->notempty && eptr == md->start_match) return FALSE;
+    md->end_match_ptr = eptr;          /* Record where we ended */
+    md->end_offset_top = offset_top;   /* and how many extracts were taken */
+    return TRUE;
+
+    /* Change option settings */
+
+    case OP_OPT:
+    ims = ecode[1];
+    ecode += 2;
+    DPRINTF(("ims set to %02lx\n", ims));
+    break;
+
+    /* Assertion brackets. Check the alternative branches in turn - the
+    matching won't pass the KET for an assertion. If any one branch matches,
+    the assertion is true. Lookbehind assertions have an OP_REVERSE item at the
+    start of each branch to move the current point backwards, so the code at
+    this level is identical to the lookahead case. */
+
+    case OP_ASSERT:
+    case OP_ASSERTBACK:
+    do
+      {
+      if (match(eptr, ecode+3, offset_top, md, ims, NULL, match_isgroup)) break;
+      ecode += (ecode[1] << 8) + ecode[2];
+      }
+    while (*ecode == OP_ALT);
+    if (*ecode == OP_KET) return FALSE;
+
+    /* If checking an assertion for a condition, return TRUE. */
+
+    if ((flags & match_condassert) != 0) return TRUE;
+
+    /* Continue from after the assertion, updating the offsets high water
+    mark, since extracts may have been taken during the assertion. */
+
+    do ecode += (ecode[1] << 8) + ecode[2]; while (*ecode == OP_ALT);
+    ecode += 3;
+    offset_top = md->end_offset_top;
+    continue;
+
+    /* Negative assertion: all branches must fail to match */
+
+    case OP_ASSERT_NOT:
+    case OP_ASSERTBACK_NOT:
+    do
+      {
+      if (match(eptr, ecode+3, offset_top, md, ims, NULL, match_isgroup))
+        return FALSE;
+      ecode += (ecode[1] << 8) + ecode[2];
+      }
+    while (*ecode == OP_ALT);
+
+    if ((flags & match_condassert) != 0) return TRUE;
+
+    ecode += 3;
+    continue;
+
+    /* Move the subject pointer back. This occurs only at the start of
+    each branch of a lookbehind assertion. If we are too close to the start to
+    move back, this match function fails. When working with UTF-8 we move
+    back a number of characters, not bytes. */
+
+    case OP_REVERSE:
+#ifdef SUPPORT_UTF8
+    c = (ecode[1] << 8) + ecode[2];
+    for (i = 0; i < c; i++)
+      {
+      eptr--;
+      BACKCHAR(eptr)
+      }
+#else
+    eptr -= (ecode[1] << 8) + ecode[2];
+#endif
+
+    if (eptr < md->start_subject) return FALSE;
+    ecode += 3;
+    break;
+
+    /* Recursion matches the current regex, nested. If there are any capturing
+    brackets started but not finished, we have to save their starting points
+    and reinstate them after the recursion. However, we don't know how many
+    such there are (offset_top records the completed total) so we just have
+    to save all the potential data. There may be up to 99 such values, which
+    is a bit large to put on the stack, but using malloc for small numbers
+    seems expensive. As a compromise, the stack is used when there are fewer
+    than 16 values to store; otherwise malloc is used. A problem is what to do
+    if the malloc fails ... there is no way of returning to the top level with
+    an error. Save the top 15 values on the stack, and accept that the rest
+    may be wrong. */
+
+    case OP_RECURSE:
+      {
+      BOOL rc;
+      int *save;
+      int stacksave[15];
+
+      c = md->offset_max;
+
+      if (c < 16) save = stacksave; else
+        {
+        save = (int *)(pcre_malloc)((c+1) * sizeof(int));
+        if (save == NULL)
+          {
+          save = stacksave;
+          c = 15;
+          }
+        }
+
+      for (i = 1; i <= c; i++)
+        save[i] = md->offset_vector[md->offset_end - i];
+      rc = match(eptr, md->start_pattern, offset_top, md, ims, eptrb,
+        match_isgroup);
+      for (i = 1; i <= c; i++)
+        md->offset_vector[md->offset_end - i] = save[i];
+      if (save != stacksave) (pcre_free)(save);
+      if (!rc) return FALSE;
+
+      /* In case the recursion has set more capturing values, save the final
+      number, then move along the subject till after the recursive match,
+      and advance one byte in the pattern code. */
+
+      offset_top = md->end_offset_top;
+      eptr = md->end_match_ptr;
+      ecode++;
+      }
+    break;
+
+    /* "Once" brackets are like assertion brackets except that after a match,
+    the point in the subject string is not moved back. Thus there can never be
+    a move back into the brackets. Check the alternative branches in turn - the
+    matching won't pass the KET for this kind of subpattern. If any one branch
+    matches, we carry on as at the end of a normal bracket, leaving the subject
+    pointer. */
+
+    case OP_ONCE:
+      {
+      const uschar *prev = ecode;
+      const uschar *saved_eptr = eptr;
+
+      do
+        {
+        if (match(eptr, ecode+3, offset_top, md, ims, eptrb, match_isgroup))
+          break;
+        ecode += (ecode[1] << 8) + ecode[2];
+        }
+      while (*ecode == OP_ALT);
+
+      /* If hit the end of the group (which could be repeated), fail */
+
+      if (*ecode != OP_ONCE && *ecode != OP_ALT) return FALSE;
+
+      /* Continue as from after the assertion, updating the offsets high water
+      mark, since extracts may have been taken. */
+
+      do ecode += (ecode[1] << 8) + ecode[2]; while (*ecode == OP_ALT);
+
+      offset_top = md->end_offset_top;
+      eptr = md->end_match_ptr;
+
+      /* For a non-repeating ket, just continue at this level. This also
+      happens for a repeating ket if no characters were matched in the group.
+      This is the forcible breaking of infinite loops as implemented in Perl
+      5.005. If there is an options reset, it will get obeyed in the normal
+      course of events. */
+
+      if (*ecode == OP_KET || eptr == saved_eptr)
+        {
+        ecode += 3;
+        break;
+        }
+
+      /* The repeating kets try the rest of the pattern or restart from the
+      preceding bracket, in the appropriate order. We need to reset any options
+      that changed within the bracket before re-running it, so check the next
+      opcode. */
+
+      if (ecode[3] == OP_OPT)
+        {
+        ims = (ims & ~PCRE_IMS) | ecode[4];
+        DPRINTF(("ims set to %02lx at group repeat\n", ims));
+        }
+
+      if (*ecode == OP_KETRMIN)
+        {
+        if (match(eptr, ecode+3, offset_top, md, ims, eptrb, 0) ||
+            match(eptr, prev, offset_top, md, ims, eptrb, match_isgroup))
+              return TRUE;
+        }
+      else  /* OP_KETRMAX */
+        {
+        if (match(eptr, prev, offset_top, md, ims, eptrb, match_isgroup) ||
+            match(eptr, ecode+3, offset_top, md, ims, eptrb, 0)) return TRUE;
+        }
+      }
+    return FALSE;
+
+    /* An alternation is the end of a branch; scan along to find the end of the
+    bracketed group and go to there. */
+
+    case OP_ALT:
+    do ecode += (ecode[1] << 8) + ecode[2]; while (*ecode == OP_ALT);
+    break;
+
+    /* BRAZERO and BRAMINZERO occur just before a bracket group, indicating
+    that it may occur zero times. It may repeat infinitely, or not at all -
+    i.e. it could be ()* or ()? in the pattern. Brackets with fixed upper
+    repeat limits are compiled as a number of copies, with the optional ones
+    preceded by BRAZERO or BRAMINZERO. */
+
+    case OP_BRAZERO:
+      {
+      const uschar *next = ecode+1;
+      if (match(eptr, next, offset_top, md, ims, eptrb, match_isgroup))
+        return TRUE;
+      do next += (next[1] << 8) + next[2]; while (*next == OP_ALT);
+      ecode = next + 3;
+      }
+    break;
+
+    case OP_BRAMINZERO:
+      {
+      const uschar *next = ecode+1;
+      do next += (next[1] << 8) + next[2]; while (*next == OP_ALT);
+      if (match(eptr, next+3, offset_top, md, ims, eptrb, match_isgroup))
+        return TRUE;
+      ecode++;
+      }
+    break;
+
+    /* End of a group, repeated or non-repeating. If we are at the end of
+    an assertion "group", stop matching and return TRUE, but record the
+    current high water mark for use by positive assertions. Do this also
+    for the "once" (not-backup up) groups. */
+
+    case OP_KET:
+    case OP_KETRMIN:
+    case OP_KETRMAX:
+      {
+      const uschar *prev = ecode - (ecode[1] << 8) - ecode[2];
+      const uschar *saved_eptr = eptrb->saved_eptr;
+
+      eptrb = eptrb->prev;    /* Back up the stack of bracket start pointers */
+
+      if (*prev == OP_ASSERT || *prev == OP_ASSERT_NOT ||
+          *prev == OP_ASSERTBACK || *prev == OP_ASSERTBACK_NOT ||
+          *prev == OP_ONCE)
+        {
+        md->end_match_ptr = eptr;      /* For ONCE */
+        md->end_offset_top = offset_top;
+        return TRUE;
+        }
+
+      /* In all other cases except a conditional group we have to check the
+      group number back at the start and if necessary complete handling an
+      extraction by setting the offsets and bumping the high water mark. */
+
+      if (*prev != OP_COND)
+        {
+        int number = *prev - OP_BRA;
+        int offset = number << 1;
+
+#ifdef DEBUG
+        printf("end bracket %d", number);
+        printf("\n");
+#endif
+
+        if (number > 0)
+          {
+          if (offset >= md->offset_max) md->offset_overflow = TRUE; else
+            {
+            md->offset_vector[offset] =
+              md->offset_vector[md->offset_end - number];
+            md->offset_vector[offset+1] = eptr - md->start_subject;
+            if (offset_top <= offset) offset_top = offset + 2;
+            }
+          }
+        }
+
+      /* Reset the value of the ims flags, in case they got changed during
+      the group. */
+
+      ims = original_ims;
+      DPRINTF(("ims reset to %02lx\n", ims));
+
+      /* For a non-repeating ket, just continue at this level. This also
+      happens for a repeating ket if no characters were matched in the group.
+      This is the forcible breaking of infinite loops as implemented in Perl
+      5.005. If there is an options reset, it will get obeyed in the normal
+      course of events. */
+
+      if (*ecode == OP_KET || eptr == saved_eptr)
+        {
+        ecode += 3;
+        break;
+        }
+
+      /* The repeating kets try the rest of the pattern or restart from the
+      preceding bracket, in the appropriate order. */
+
+      if (*ecode == OP_KETRMIN)
+        {
+        if (match(eptr, ecode+3, offset_top, md, ims, eptrb, 0) ||
+            match(eptr, prev, offset_top, md, ims, eptrb, match_isgroup))
+              return TRUE;
+        }
+      else  /* OP_KETRMAX */
+        {
+        if (match(eptr, prev, offset_top, md, ims, eptrb, match_isgroup) ||
+            match(eptr, ecode+3, offset_top, md, ims, eptrb, 0)) return TRUE;
+        }
+      }
+    return FALSE;
+
+    /* Start of subject unless notbol, or after internal newline if multiline */
+
+    case OP_CIRC:
+    if (md->notbol && eptr == md->start_subject) return FALSE;
+    if ((ims & PCRE_MULTILINE) != 0)
+      {
+      if (eptr != md->start_subject && eptr[-1] != '\n') return FALSE;
+      ecode++;
+      break;
+      }
+    /* ... else fall through */
+
+    /* Start of subject assertion */
+
+    case OP_SOD:
+    if (eptr != md->start_subject) return FALSE;
+    ecode++;
+    break;
+
+    /* Assert before internal newline if multiline, or before a terminating
+    newline unless endonly is set, else end of subject unless noteol is set. */
+
+    case OP_DOLL:
+    if ((ims & PCRE_MULTILINE) != 0)
+      {
+      if (eptr < md->end_subject) { if (*eptr != '\n') return FALSE; }
+        else { if (md->noteol) return FALSE; }
+      ecode++;
+      break;
+      }
+    else
+      {
+      if (md->noteol) return FALSE;
+      if (!md->endonly)
+        {
+        if (eptr < md->end_subject - 1 ||
+           (eptr == md->end_subject - 1 && *eptr != '\n')) return FALSE;
+
+        ecode++;
+        break;
+        }
+      }
+    /* ... else fall through */
+
+    /* End of subject assertion (\z) */
+
+    case OP_EOD:
+    if (eptr < md->end_subject) return FALSE;
+    ecode++;
+    break;
+
+    /* End of subject or ending \n assertion (\Z) */
+
+    case OP_EODN:
+    if (eptr < md->end_subject - 1 ||
+       (eptr == md->end_subject - 1 && *eptr != '\n')) return FALSE;
+    ecode++;
+    break;
+
+    /* Word boundary assertions */
+
+    case OP_NOT_WORD_BOUNDARY:
+    case OP_WORD_BOUNDARY:
+      {
+      BOOL prev_is_word = (eptr != md->start_subject) &&
+        ((md->ctypes[eptr[-1]] & ctype_word) != 0);
+      BOOL cur_is_word = (eptr < md->end_subject) &&
+        ((md->ctypes[*eptr] & ctype_word) != 0);
+      if ((*ecode++ == OP_WORD_BOUNDARY)?
+           cur_is_word == prev_is_word : cur_is_word != prev_is_word)
+        return FALSE;
+      }
+    break;
+
+    /* Match a single character type; inline for speed */
+
+    case OP_ANY:
+    if ((ims & PCRE_DOTALL) == 0 && eptr < md->end_subject && *eptr == '\n')
+      return FALSE;
+    if (eptr++ >= md->end_subject) return FALSE;
+#ifdef SUPPORT_UTF8
+    if (md->utf8)
+      while (eptr < md->end_subject && (*eptr & 0xc0) == 0x80) eptr++;
+#endif
+    ecode++;
+    break;
+
+    case OP_NOT_DIGIT:
+    if (eptr >= md->end_subject ||
+       (md->ctypes[*eptr++] & ctype_digit) != 0)
+      return FALSE;
+    ecode++;
+    break;
+
+    case OP_DIGIT:
+    if (eptr >= md->end_subject ||
+       (md->ctypes[*eptr++] & ctype_digit) == 0)
+      return FALSE;
+    ecode++;
+    break;
+
+    case OP_NOT_WHITESPACE:
+    if (eptr >= md->end_subject ||
+       (md->ctypes[*eptr++] & ctype_space) != 0)
+      return FALSE;
+    ecode++;
+    break;
+
+    case OP_WHITESPACE:
+    if (eptr >= md->end_subject ||
+       (md->ctypes[*eptr++] & ctype_space) == 0)
+      return FALSE;
+    ecode++;
+    break;
+
+    case OP_NOT_WORDCHAR:
+    if (eptr >= md->end_subject ||
+       (md->ctypes[*eptr++] & ctype_word) != 0)
+      return FALSE;
+    ecode++;
+    break;
+
+    case OP_WORDCHAR:
+    if (eptr >= md->end_subject ||
+       (md->ctypes[*eptr++] & ctype_word) == 0)
+      return FALSE;
+    ecode++;
+    break;
+
+    /* Match a back reference, possibly repeatedly. Look past the end of the
+    item to see if there is repeat information following. The code is similar
+    to that for character classes, but repeated for efficiency. Then obey
+    similar code to character type repeats - written out again for speed.
+    However, if the referenced string is the empty string, always treat
+    it as matched, any number of times (otherwise there could be infinite
+    loops). */
+
+    case OP_REF:
+      {
+      int length;
+      int offset = ecode[1] << 1;                /* Doubled reference number */
+      ecode += 2;                                /* Advance past the item */
+
+      /* If the reference is unset, set the length to be longer than the amount
+      of subject left; this ensures that every attempt at a match fails. We
+      can't just fail here, because of the possibility of quantifiers with zero
+      minima. */
+
+      length = (offset >= offset_top || md->offset_vector[offset] < 0)?
+        md->end_subject - eptr + 1 :
+        md->offset_vector[offset+1] - md->offset_vector[offset];
+
+      /* Set up for repetition, or handle the non-repeated case */
+
+      switch (*ecode)
+        {
+        case OP_CRSTAR:
+        case OP_CRMINSTAR:
+        case OP_CRPLUS:
+        case OP_CRMINPLUS:
+        case OP_CRQUERY:
+        case OP_CRMINQUERY:
+        c = *ecode++ - OP_CRSTAR;
+        minimize = (c & 1) != 0;
+        min = rep_min[c];                 /* Pick up values from tables; */
+        max = rep_max[c];                 /* zero for max => infinity */
+        if (max == 0) max = INT_MAX;
+        break;
+
+        case OP_CRRANGE:
+        case OP_CRMINRANGE:
+        minimize = (*ecode == OP_CRMINRANGE);
+        min = (ecode[1] << 8) + ecode[2];
+        max = (ecode[3] << 8) + ecode[4];
+        if (max == 0) max = INT_MAX;
+        ecode += 5;
+        break;
+
+        default:               /* No repeat follows */
+        if (!match_ref(offset, eptr, length, md, ims)) return FALSE;
+        eptr += length;
+        continue;              /* With the main loop */
+        }
+
+      /* If the length of the reference is zero, just continue with the
+      main loop. */
+
+      if (length == 0) continue;
+
+      /* First, ensure the minimum number of matches are present. We get back
+      the length of the reference string explicitly rather than passing the
+      address of eptr, so that eptr can be a register variable. */
+
+      for (i = 1; i <= min; i++)
+        {
+        if (!match_ref(offset, eptr, length, md, ims)) return FALSE;
+        eptr += length;
+        }
+
+      /* If min = max, continue at the same level without recursion.
+      They are not both allowed to be zero. */
+
+      if (min == max) continue;
+
+      /* If minimizing, keep trying and advancing the pointer */
+
+      if (minimize)
+        {
+        for (i = min;; i++)
+          {
+          if (match(eptr, ecode, offset_top, md, ims, eptrb, 0))
+            return TRUE;
+          if (i >= max || !match_ref(offset, eptr, length, md, ims))
+            return FALSE;
+          eptr += length;
+          }
+        /* Control never gets here */
+        }
+
+      /* If maximizing, find the longest string and work backwards */
+
+      else
+        {
+        const uschar *pp = eptr;
+        for (i = min; i < max; i++)
+          {
+          if (!match_ref(offset, eptr, length, md, ims)) break;
+          eptr += length;
+          }
+        while (eptr >= pp)
+          {
+          if (match(eptr, ecode, offset_top, md, ims, eptrb, 0))
+            return TRUE;
+          eptr -= length;
+          }
+        return FALSE;
+        }
+      }
+    /* Control never gets here */
+
+
+
+    /* Match a character class, possibly repeatedly. Look past the end of the
+    item to see if there is repeat information following. Then obey similar
+    code to character type repeats - written out again for speed. */
+
+    case OP_CLASS:
+      {
+      const uschar *data = ecode + 1;  /* Save for matching */
+      ecode += 33;                     /* Advance past the item */
+
+      switch (*ecode)
+        {
+        case OP_CRSTAR:
+        case OP_CRMINSTAR:
+        case OP_CRPLUS:
+        case OP_CRMINPLUS:
+        case OP_CRQUERY:
+        case OP_CRMINQUERY:
+        c = *ecode++ - OP_CRSTAR;
+        minimize = (c & 1) != 0;
+        min = rep_min[c];                 /* Pick up values from tables; */
+        max = rep_max[c];                 /* zero for max => infinity */
+        if (max == 0) max = INT_MAX;
+        break;
+
+        case OP_CRRANGE:
+        case OP_CRMINRANGE:
+        minimize = (*ecode == OP_CRMINRANGE);
+        min = (ecode[1] << 8) + ecode[2];
+        max = (ecode[3] << 8) + ecode[4];
+        if (max == 0) max = INT_MAX;
+        ecode += 5;
+        break;
+
+        default:               /* No repeat follows */
+        min = max = 1;
+        break;
+        }
+
+      /* First, ensure the minimum number of matches are present. */
+
+      for (i = 1; i <= min; i++)
+        {
+        if (eptr >= md->end_subject) return FALSE;
+        GETCHARINC(c, eptr)         /* Get character; increment eptr */
+
+#ifdef SUPPORT_UTF8
+        /* We do not yet support class members > 255 */
+        if (c > 255) return FALSE;
+#endif
+
+        if ((data[c/8] & (1 << (c&7))) != 0) continue;
+        return FALSE;
+        }
+
+      /* If max == min we can continue with the main loop without the
+      need to recurse. */
+
+      if (min == max) continue;
+
+      /* If minimizing, keep testing the rest of the expression and advancing
+      the pointer while it matches the class. */
+
+      if (minimize)
+        {
+        for (i = min;; i++)
+          {
+          if (match(eptr, ecode, offset_top, md, ims, eptrb, 0))
+            return TRUE;
+          if (i >= max || eptr >= md->end_subject) return FALSE;
+          GETCHARINC(c, eptr)       /* Get character; increment eptr */
+
+#ifdef SUPPORT_UTF8
+          /* We do not yet support class members > 255 */
+          if (c > 255) return FALSE;
+#endif
+          if ((data[c/8] & (1 << (c&7))) != 0) continue;
+          return FALSE;
+          }
+        /* Control never gets here */
+        }
+
+      /* If maximizing, find the longest possible run, then work backwards. */
+
+      else
+        {
+        const uschar *pp = eptr;
+        int len = 1;
+        for (i = min; i < max; i++)
+          {
+          if (eptr >= md->end_subject) break;
+          GETCHARLEN(c, eptr, len)  /* Get character, set length if UTF-8 */
+
+#ifdef SUPPORT_UTF8
+          /* We do not yet support class members > 255 */
+          if (c > 255) break;
+#endif
+          if ((data[c/8] & (1 << (c&7))) == 0) break;
+          eptr += len;
+          }
+
+        while (eptr >= pp)
+          {
+          if (match(eptr--, ecode, offset_top, md, ims, eptrb, 0))
+            return TRUE;
+
+#ifdef SUPPORT_UTF8
+          BACKCHAR(eptr)
+#endif
+          }
+        return FALSE;
+        }
+      }
+    /* Control never gets here */
+
+    /* Match a run of characters */
+
+    case OP_CHARS:
+      {
+      register int length = ecode[1];
+      ecode += 2;
+
+#ifdef DEBUG    /* Sigh. Some compilers never learn. */
+      if (eptr >= md->end_subject)
+        printf("matching subject <null> against pattern ");
+      else
+        {
+        printf("matching subject ");
+        pchars(eptr, length, TRUE, md);
+        printf(" against pattern ");
+        }
+      pchars(ecode, length, FALSE, md);
+      printf("\n");
+#endif
+
+      if (length > md->end_subject - eptr) return FALSE;
+      if ((ims & PCRE_CASELESS) != 0)
+        {
+        while (length-- > 0)
+          if (md->lcc[*ecode++] != md->lcc[*eptr++])
+            return FALSE;
+        }
+      else
+        {
+        while (length-- > 0) if (*ecode++ != *eptr++) return FALSE;
+        }
+      }
+    break;
+
+    /* Match a single character repeatedly; different opcodes share code. */
+
+    case OP_EXACT:
+    min = max = (ecode[1] << 8) + ecode[2];
+    ecode += 3;
+    goto REPEATCHAR;
+
+    case OP_UPTO:
+    case OP_MINUPTO:
+    min = 0;
+    max = (ecode[1] << 8) + ecode[2];
+    minimize = *ecode == OP_MINUPTO;
+    ecode += 3;
+    goto REPEATCHAR;
+
+    case OP_STAR:
+    case OP_MINSTAR:
+    case OP_PLUS:
+    case OP_MINPLUS:
+    case OP_QUERY:
+    case OP_MINQUERY:
+    c = *ecode++ - OP_STAR;
+    minimize = (c & 1) != 0;
+    min = rep_min[c];                 /* Pick up values from tables; */
+    max = rep_max[c];                 /* zero for max => infinity */
+    if (max == 0) max = INT_MAX;
+
+    /* Common code for all repeated single-character matches. We can give
+    up quickly if there are fewer than the minimum number of characters left in
+    the subject. */
+
+    REPEATCHAR:
+    if (min > md->end_subject - eptr) return FALSE;
+    c = *ecode++;
+
+    /* The code is duplicated for the caseless and caseful cases, for speed,
+    since matching characters is likely to be quite common. First, ensure the
+    minimum number of matches are present. If min = max, continue at the same
+    level without recursing. Otherwise, if minimizing, keep trying the rest of
+    the expression and advancing one matching character if failing, up to the
+    maximum. Alternatively, if maximizing, find the maximum number of
+    characters and work backwards. */
+
+    DPRINTF(("matching %c{%d,%d} against subject %.*s\n", c, min, max,
+      max, eptr));
+
+    if ((ims & PCRE_CASELESS) != 0)
+      {
+      c = md->lcc[c];
+      for (i = 1; i <= min; i++)
+        if (c != md->lcc[*eptr++]) return FALSE;
+      if (min == max) continue;
+      if (minimize)
+        {
+        for (i = min;; i++)
+          {
+          if (match(eptr, ecode, offset_top, md, ims, eptrb, 0))
+            return TRUE;
+          if (i >= max || eptr >= md->end_subject ||
+              c != md->lcc[*eptr++])
+            return FALSE;
+          }
+        /* Control never gets here */
+        }
+      else
+        {
+        const uschar *pp = eptr;
+        for (i = min; i < max; i++)
+          {
+          if (eptr >= md->end_subject || c != md->lcc[*eptr]) break;
+          eptr++;
+          }
+        while (eptr >= pp)
+          if (match(eptr--, ecode, offset_top, md, ims, eptrb, 0))
+            return TRUE;
+        return FALSE;
+        }
+      /* Control never gets here */
+      }
+
+    /* Caseful comparisons */
+
+    else
+      {
+      for (i = 1; i <= min; i++) if (c != *eptr++) return FALSE;
+      if (min == max) continue;
+      if (minimize)
+        {
+        for (i = min;; i++)
+          {
+          if (match(eptr, ecode, offset_top, md, ims, eptrb, 0))
+            return TRUE;
+          if (i >= max || eptr >= md->end_subject || c != *eptr++) return FALSE;
+          }
+        /* Control never gets here */
+        }
+      else
+        {
+        const uschar *pp = eptr;
+        for (i = min; i < max; i++)
+          {
+          if (eptr >= md->end_subject || c != *eptr) break;
+          eptr++;
+          }
+        while (eptr >= pp)
+         if (match(eptr--, ecode, offset_top, md, ims, eptrb, 0))
+           return TRUE;
+        return FALSE;
+        }
+      }
+    /* Control never gets here */
+
+    /* Match a negated single character */
+
+    case OP_NOT:
+    if (eptr >= md->end_subject) return FALSE;
+    ecode++;
+    if ((ims & PCRE_CASELESS) != 0)
+      {
+      if (md->lcc[*ecode++] == md->lcc[*eptr++]) return FALSE;
+      }
+    else
+      {
+      if (*ecode++ == *eptr++) return FALSE;
+      }
+    break;
+
+    /* Match a negated single character repeatedly. This is almost a repeat of
+    the code for a repeated single character, but I haven't found a nice way of
+    commoning these up that doesn't require a test of the positive/negative
+    option for each character match. Maybe that wouldn't add very much to the
+    time taken, but character matching *is* what this is all about... */
+
+    case OP_NOTEXACT:
+    min = max = (ecode[1] << 8) + ecode[2];
+    ecode += 3;
+    goto REPEATNOTCHAR;
+
+    case OP_NOTUPTO:
+    case OP_NOTMINUPTO:
+    min = 0;
+    max = (ecode[1] << 8) + ecode[2];
+    minimize = *ecode == OP_NOTMINUPTO;
+    ecode += 3;
+    goto REPEATNOTCHAR;
+
+    case OP_NOTSTAR:
+    case OP_NOTMINSTAR:
+    case OP_NOTPLUS:
+    case OP_NOTMINPLUS:
+    case OP_NOTQUERY:
+    case OP_NOTMINQUERY:
+    c = *ecode++ - OP_NOTSTAR;
+    minimize = (c & 1) != 0;
+    min = rep_min[c];                 /* Pick up values from tables; */
+    max = rep_max[c];                 /* zero for max => infinity */
+    if (max == 0) max = INT_MAX;
+
+    /* Common code for all repeated single-character matches. We can give
+    up quickly if there are fewer than the minimum number of characters left in
+    the subject. */
+
+    REPEATNOTCHAR:
+    if (min > md->end_subject - eptr) return FALSE;
+    c = *ecode++;
+
+    /* The code is duplicated for the caseless and caseful cases, for speed,
+    since matching characters is likely to be quite common. First, ensure the
+    minimum number of matches are present. If min = max, continue at the same
+    level without recursing. Otherwise, if minimizing, keep trying the rest of
+    the expression and advancing one matching character if failing, up to the
+    maximum. Alternatively, if maximizing, find the maximum number of
+    characters and work backwards. */
+
+    DPRINTF(("negative matching %c{%d,%d} against subject %.*s\n", c, min, max,
+      max, eptr));
+
+    if ((ims & PCRE_CASELESS) != 0)
+      {
+      c = md->lcc[c];
+      for (i = 1; i <= min; i++)
+        if (c == md->lcc[*eptr++]) return FALSE;
+      if (min == max) continue;
+      if (minimize)
+        {
+        for (i = min;; i++)
+          {
+          if (match(eptr, ecode, offset_top, md, ims, eptrb, 0))
+            return TRUE;
+          if (i >= max || eptr >= md->end_subject ||
+              c == md->lcc[*eptr++])
+            return FALSE;
+          }
+        /* Control never gets here */
+        }
+      else
+        {
+        const uschar *pp = eptr;
+        for (i = min; i < max; i++)
+          {
+          if (eptr >= md->end_subject || c == md->lcc[*eptr]) break;
+          eptr++;
+          }
+        while (eptr >= pp)
+          if (match(eptr--, ecode, offset_top, md, ims, eptrb, 0))
+            return TRUE;
+        return FALSE;
+        }
+      /* Control never gets here */
+      }
+
+    /* Caseful comparisons */
+
+    else
+      {
+      for (i = 1; i <= min; i++) if (c == *eptr++) return FALSE;
+      if (min == max) continue;
+      if (minimize)
+        {
+        for (i = min;; i++)
+          {
+          if (match(eptr, ecode, offset_top, md, ims, eptrb, 0))
+            return TRUE;
+          if (i >= max || eptr >= md->end_subject || c == *eptr++) return FALSE;
+          }
+        /* Control never gets here */
+        }
+      else
+        {
+        const uschar *pp = eptr;
+        for (i = min; i < max; i++)
+          {
+          if (eptr >= md->end_subject || c == *eptr) break;
+          eptr++;
+          }
+        while (eptr >= pp)
+         if (match(eptr--, ecode, offset_top, md, ims, eptrb, 0))
+           return TRUE;
+        return FALSE;
+        }
+      }
+    /* Control never gets here */
+
+    /* Match a single character type repeatedly; several different opcodes
+    share code. This is very similar to the code for single characters, but we
+    repeat it in the interests of efficiency. */
+
+    case OP_TYPEEXACT:
+    min = max = (ecode[1] << 8) + ecode[2];
+    minimize = TRUE;
+    ecode += 3;
+    goto REPEATTYPE;
+
+    case OP_TYPEUPTO:
+    case OP_TYPEMINUPTO:
+    min = 0;
+    max = (ecode[1] << 8) + ecode[2];
+    minimize = *ecode == OP_TYPEMINUPTO;
+    ecode += 3;
+    goto REPEATTYPE;
+
+    case OP_TYPESTAR:
+    case OP_TYPEMINSTAR:
+    case OP_TYPEPLUS:
+    case OP_TYPEMINPLUS:
+    case OP_TYPEQUERY:
+    case OP_TYPEMINQUERY:
+    c = *ecode++ - OP_TYPESTAR;
+    minimize = (c & 1) != 0;
+    min = rep_min[c];                 /* Pick up values from tables; */
+    max = rep_max[c];                 /* zero for max => infinity */
+    if (max == 0) max = INT_MAX;
+
+    /* Common code for all repeated single character type matches */
+
+    REPEATTYPE:
+    ctype = *ecode++;      /* Code for the character type */
+
+    /* First, ensure the minimum number of matches are present. Use inline
+    code for maximizing the speed, and do the type test once at the start
+    (i.e. keep it out of the loop). Also we can test that there are at least
+    the minimum number of bytes before we start, except when doing '.' in
+    UTF8 mode. Leave the test in in all cases; in the special case we have
+    to test after each character. */
+
+    if (min > md->end_subject - eptr) return FALSE;
+    if (min > 0) switch(ctype)
+      {
+      case OP_ANY:
+#ifdef SUPPORT_UTF8
+      if (md->utf8)
+        {
+        for (i = 1; i <= min; i++)
+          {
+          if (eptr >= md->end_subject ||
+             (*eptr++ == '\n' && (ims & PCRE_DOTALL) == 0))
+            return FALSE;
+          while (eptr < md->end_subject && (*eptr & 0xc0) == 0x80) eptr++;
+          }
+        break;
+        }
+#endif
+      /* Non-UTF8 can be faster */
+      if ((ims & PCRE_DOTALL) == 0)
+        { for (i = 1; i <= min; i++) if (*eptr++ == '\n') return FALSE; }
+      else eptr += min;
+      break;
+
+      case OP_NOT_DIGIT:
+      for (i = 1; i <= min; i++)
+        if ((md->ctypes[*eptr++] & ctype_digit) != 0) return FALSE;
+      break;
+
+      case OP_DIGIT:
+      for (i = 1; i <= min; i++)
+        if ((md->ctypes[*eptr++] & ctype_digit) == 0) return FALSE;
+      break;
+
+      case OP_NOT_WHITESPACE:
+      for (i = 1; i <= min; i++)
+        if ((md->ctypes[*eptr++] & ctype_space) != 0) return FALSE;
+      break;
+
+      case OP_WHITESPACE:
+      for (i = 1; i <= min; i++)
+        if ((md->ctypes[*eptr++] & ctype_space) == 0) return FALSE;
+      break;
+
+      case OP_NOT_WORDCHAR:
+      for (i = 1; i <= min; i++)
+        if ((md->ctypes[*eptr++] & ctype_word) != 0)
+          return FALSE;
+      break;
+
+      case OP_WORDCHAR:
+      for (i = 1; i <= min; i++)
+        if ((md->ctypes[*eptr++] & ctype_word) == 0)
+          return FALSE;
+      break;
+      }
+
+    /* If min = max, continue at the same level without recursing */
+
+    if (min == max) continue;
+
+    /* If minimizing, we have to test the rest of the pattern before each
+    subsequent match. */
+
+    if (minimize)
+      {
+      for (i = min;; i++)
+        {
+        if (match(eptr, ecode, offset_top, md, ims, eptrb, 0)) return TRUE;
+        if (i >= max || eptr >= md->end_subject) return FALSE;
+
+        c = *eptr++;
+        switch(ctype)
+          {
+          case OP_ANY:
+          if ((ims & PCRE_DOTALL) == 0 && c == '\n') return FALSE;
+#ifdef SUPPORT_UTF8
+          if (md->utf8)
+            while (eptr < md->end_subject && (*eptr & 0xc0) == 0x80) eptr++;
+#endif
+          break;
+
+          case OP_NOT_DIGIT:
+          if ((md->ctypes[c] & ctype_digit) != 0) return FALSE;
+          break;
+
+          case OP_DIGIT:
+          if ((md->ctypes[c] & ctype_digit) == 0) return FALSE;
+          break;
+
+          case OP_NOT_WHITESPACE:
+          if ((md->ctypes[c] & ctype_space) != 0) return FALSE;
+          break;
+
+          case OP_WHITESPACE:
+          if  ((md->ctypes[c] & ctype_space) == 0) return FALSE;
+          break;
+
+          case OP_NOT_WORDCHAR:
+          if ((md->ctypes[c] & ctype_word) != 0) return FALSE;
+          break;
+
+          case OP_WORDCHAR:
+          if ((md->ctypes[c] & ctype_word) == 0) return FALSE;
+          break;
+          }
+        }
+      /* Control never gets here */
+      }
+
+    /* If maximizing it is worth using inline code for speed, doing the type
+    test once at the start (i.e. keep it out of the loop). */
+
+    else
+      {
+      const uschar *pp = eptr;
+      switch(ctype)
+        {
+        case OP_ANY:
+
+        /* Special code is required for UTF8, but when the maximum is unlimited
+        we don't need it. */
+
+#ifdef SUPPORT_UTF8
+        if (md->utf8 && max < INT_MAX)
+          {
+          if ((ims & PCRE_DOTALL) == 0)
+            {
+            for (i = min; i < max; i++)
+              {
+              if (eptr >= md->end_subject || *eptr++ == '\n') break;
+              while (eptr < md->end_subject && (*eptr & 0xc0) == 0x80) eptr++;
+              }
+            }
+          else
+            {
+            for (i = min; i < max; i++)
+              {
+              eptr++;
+              while (eptr < md->end_subject && (*eptr & 0xc0) == 0x80) eptr++;
+              }
+            }
+          break;
+          }
+#endif
+        /* Non-UTF8 can be faster */
+        if ((ims & PCRE_DOTALL) == 0)
+          {
+          for (i = min; i < max; i++)
+            {
+            if (eptr >= md->end_subject || *eptr == '\n') break;
+            eptr++;
+            }
+          }
+        else
+          {
+          c = max - min;
+          if (c > md->end_subject - eptr) c = md->end_subject - eptr;
+          eptr += c;
+          }
+        break;
+
+        case OP_NOT_DIGIT:
+        for (i = min; i < max; i++)
+          {
+          if (eptr >= md->end_subject || (md->ctypes[*eptr] & ctype_digit) != 0)
+            break;
+          eptr++;
+          }
+        break;
+
+        case OP_DIGIT:
+        for (i = min; i < max; i++)
+          {
+          if (eptr >= md->end_subject || (md->ctypes[*eptr] & ctype_digit) == 0)
+            break;
+          eptr++;
+          }
+        break;
+
+        case OP_NOT_WHITESPACE:
+        for (i = min; i < max; i++)
+          {
+          if (eptr >= md->end_subject || (md->ctypes[*eptr] & ctype_space) != 0)
+            break;
+          eptr++;
+          }
+        break;
+
+        case OP_WHITESPACE:
+        for (i = min; i < max; i++)
+          {
+          if (eptr >= md->end_subject || (md->ctypes[*eptr] & ctype_space) == 0)
+            break;
+          eptr++;
+          }
+        break;
+
+        case OP_NOT_WORDCHAR:
+        for (i = min; i < max; i++)
+          {
+          if (eptr >= md->end_subject || (md->ctypes[*eptr] & ctype_word) != 0)
+            break;
+          eptr++;
+          }
+        break;
+
+        case OP_WORDCHAR:
+        for (i = min; i < max; i++)
+          {
+          if (eptr >= md->end_subject || (md->ctypes[*eptr] & ctype_word) == 0)
+            break;
+          eptr++;
+          }
+        break;
+        }
+
+      while (eptr >= pp)
+        {
+        if (match(eptr--, ecode, offset_top, md, ims, eptrb, 0))
+          return TRUE;
+#ifdef SUPPORT_UTF8
+        if (md->utf8)
+          while (eptr > pp && (*eptr & 0xc0) == 0x80) eptr--;
+#endif
+        }
+      return FALSE;
+      }
+    /* Control never gets here */
+
+    /* There's been some horrible disaster. */
+
+    default:
+    DPRINTF(("Unknown opcode %d\n", *ecode));
+    md->errorcode = PCRE_ERROR_UNKNOWN_NODE;
+    return FALSE;
+    }
+
+  /* Do not stick any code in here without much thought; it is assumed
+  that "continue" in the code above comes out to here to repeat the main
+  loop. */
+
+  }             /* End of main loop */
+/* Control never reaches here */
+}
+
+
+
+
+/*************************************************
+*         Execute a Regular Expression           *
+*************************************************/
+
+/* This function applies a compiled re to a subject string and picks out
+portions of the string if it matches. Two elements in the vector are set for
+each substring: the offsets to the start and end of the substring.
+
+Arguments:
+  external_re     points to the compiled expression
+  external_extra  points to "hints" from pcre_study() or is NULL
+  subject         points to the subject string
+  length          length of subject string (may contain binary zeros)
+  start_offset    where to start in the subject string
+  options         option bits
+  offsets         points to a vector of ints to be filled in with offsets
+  offsetcount     the number of elements in the vector
+
+Returns:          > 0 => success; value is the number of elements filled in
+                  = 0 => success, but offsets is not big enough
+                   -1 => failed to match
+                 < -1 => some kind of unexpected problem
+*/
+
+int
+pcre_exec(const pcre *external_re, const pcre_extra *external_extra,
+  const char *subject, int length, int start_offset, int options, int *offsets,
+  int offsetcount)
+{
+int resetcount, ocount;
+int first_char = -1;
+int req_char = -1;
+int req_char2 = -1;
+unsigned long int ims = 0;
+match_data match_block;
+const uschar *start_bits = NULL;
+const uschar *start_match = (const uschar *)subject + start_offset;
+const uschar *end_subject;
+const uschar *req_char_ptr = start_match - 1;
+const real_pcre *re = (const real_pcre *)external_re;
+const real_pcre_extra *extra = (const real_pcre_extra *)external_extra;
+BOOL using_temporary_offsets = FALSE;
+BOOL anchored = ((re->options | options) & PCRE_ANCHORED) != 0;
+BOOL startline = (re->options & PCRE_STARTLINE) != 0;
+
+if ((options & ~PUBLIC_EXEC_OPTIONS) != 0) return PCRE_ERROR_BADOPTION;
+
+if (re == NULL || subject == NULL ||
+   (offsets == NULL && offsetcount > 0)) return PCRE_ERROR_NULL;
+if (re->magic_number != MAGIC_NUMBER) return PCRE_ERROR_BADMAGIC;
+
+match_block.start_pattern = re->code;
+match_block.start_subject = (const uschar *)subject;
+match_block.end_subject = match_block.start_subject + length;
+end_subject = match_block.end_subject;
+
+match_block.endonly = (re->options & PCRE_DOLLAR_ENDONLY) != 0;
+match_block.utf8 = (re->options & PCRE_UTF8) != 0;
+
+match_block.notbol = (options & PCRE_NOTBOL) != 0;
+match_block.noteol = (options & PCRE_NOTEOL) != 0;
+match_block.notempty = (options & PCRE_NOTEMPTY) != 0;
+
+match_block.errorcode = PCRE_ERROR_NOMATCH;     /* Default error */
+
+match_block.lcc = re->tables + lcc_offset;
+match_block.ctypes = re->tables + ctypes_offset;
+
+/* The ims options can vary during the matching as a result of the presence
+of (?ims) items in the pattern. They are kept in a local variable so that
+restoring at the exit of a group is easy. */
+
+ims = re->options & (PCRE_CASELESS|PCRE_MULTILINE|PCRE_DOTALL);
+
+/* If the expression has got more back references than the offsets supplied can
+hold, we get a temporary bit of working store to use during the matching.
+Otherwise, we can use the vector supplied, rounding down its size to a multiple
+of 3. */
+
+ocount = offsetcount - (offsetcount % 3);
+
+if (re->top_backref > 0 && re->top_backref >= ocount/3)
+  {
+  ocount = re->top_backref * 3 + 3;
+  match_block.offset_vector = (int *)(pcre_malloc)(ocount * sizeof(int));
+  if (match_block.offset_vector == NULL) return PCRE_ERROR_NOMEMORY;
+  using_temporary_offsets = TRUE;
+  DPRINTF(("Got memory to hold back references\n"));
+  }
+else match_block.offset_vector = offsets;
+
+match_block.offset_end = ocount;
+match_block.offset_max = (2*ocount)/3;
+match_block.offset_overflow = FALSE;
+
+/* Compute the minimum number of offsets that we need to reset each time. Doing
+this makes a huge difference to execution time when there aren't many brackets
+in the pattern. */
+
+resetcount = 2 + re->top_bracket * 2;
+if (resetcount > offsetcount) resetcount = ocount;
+
+/* Reset the working variable associated with each extraction. These should
+never be used unless previously set, but they get saved and restored, and so we
+initialize them to avoid reading uninitialized locations. */
+
+if (match_block.offset_vector != NULL)
+  {
+  register int *iptr = match_block.offset_vector + ocount;
+  register int *iend = iptr - resetcount/2 + 1;
+  while (--iptr >= iend) *iptr = -1;
+  }
+
+/* Set up the first character to match, if available. The first_char value is
+never set for an anchored regular expression, but the anchoring may be forced
+at run time, so we have to test for anchoring. The first char may be unset for
+an unanchored pattern, of course. If there's no first char and the pattern was
+studied, there may be a bitmap of possible first characters. */
+
+if (!anchored)
+  {
+  if ((re->options & PCRE_FIRSTSET) != 0)
+    {
+    first_char = re->first_char;
+    if ((ims & PCRE_CASELESS) != 0) first_char = match_block.lcc[first_char];
+    }
+  else
+    if (!startline && extra != NULL &&
+      (extra->options & PCRE_STUDY_MAPPED) != 0)
+        start_bits = extra->start_bits;
+  }
+
+/* For anchored or unanchored matches, there may be a "last known required
+character" set. If the PCRE_CASELESS is set, implying that the match starts
+caselessly, or if there are any changes of this flag within the regex, set up
+both cases of the character. Otherwise set the two values the same, which will
+avoid duplicate testing (which takes significant time). This covers the vast
+majority of cases. It will be suboptimal when the case flag changes in a regex
+and the required character in fact is caseful. */
+
+if ((re->options & PCRE_REQCHSET) != 0)
+  {
+  req_char = re->req_char;
+  req_char2 = ((re->options & (PCRE_CASELESS | PCRE_ICHANGED)) != 0)?
+    (re->tables + fcc_offset)[req_char] : req_char;
+  }
+
+/* Loop for handling unanchored repeated matching attempts; for anchored regexs
+the loop runs just once. */
+
+do
+  {
+  int rc;
+  register int *iptr = match_block.offset_vector;
+  register int *iend = iptr + resetcount;
+
+  /* Reset the maximum number of extractions we might see. */
+
+  while (iptr < iend) *iptr++ = -1;
+
+  /* Advance to a unique first char if possible */
+
+  if (first_char >= 0)
+    {
+    if ((ims & PCRE_CASELESS) != 0)
+      while (start_match < end_subject &&
+             match_block.lcc[*start_match] != first_char)
+        start_match++;
+    else
+      while (start_match < end_subject && *start_match != first_char)
+        start_match++;
+    }
+
+  /* Or to just after \n for a multiline match if possible */
+
+  else if (startline)
+    {
+    if (start_match > match_block.start_subject + start_offset)
+      {
+      while (start_match < end_subject && start_match[-1] != '\n')
+        start_match++;
+      }
+    }
+
+  /* Or to a non-unique first char after study */
+
+  else if (start_bits != NULL)
+    {
+    while (start_match < end_subject)
+      {
+      register int c = *start_match;
+      if ((start_bits[c/8] & (1 << (c&7))) == 0) start_match++; else break;
+      }
+    }
+
+#ifdef DEBUG  /* Sigh. Some compilers never learn. */
+  printf(">>>> Match against: ");
+  pchars(start_match, end_subject - start_match, TRUE, &match_block);
+  printf("\n");
+#endif
+
+  /* If req_char is set, we know that that character must appear in the subject
+  for the match to succeed. If the first character is set, req_char must be
+  later in the subject; otherwise the test starts at the match point. This
+  optimization can save a huge amount of backtracking in patterns with nested
+  unlimited repeats that aren't going to match. We don't know what the state of
+  case matching may be when this character is hit, so test for it in both its
+  cases if necessary. However, the different cased versions will not be set up
+  unless PCRE_CASELESS was given or the casing state changes within the regex.
+  Writing separate code makes it go faster, as does using an autoincrement and
+  backing off on a match. */
+
+  if (req_char >= 0)
+    {
+    register const uschar *p = start_match + ((first_char >= 0)? 1 : 0);
+
+    /* We don't need to repeat the search if we haven't yet reached the
+    place we found it at last time. */
+
+    if (p > req_char_ptr)
+      {
+      /* Do a single test if no case difference is set up */
+
+      if (req_char == req_char2)
+        {
+        while (p < end_subject)
+          {
+          if (*p++ == req_char) { p--; break; }
+          }
+        }
+
+      /* Otherwise test for either case */
+
+      else
+        {
+        while (p < end_subject)
+          {
+          register int pp = *p++;
+          if (pp == req_char || pp == req_char2) { p--; break; }
+          }
+        }
+
+      /* If we can't find the required character, break the matching loop */
+
+      if (p >= end_subject) break;
+
+      /* If we have found the required character, save the point where we
+      found it, so that we don't search again next time round the loop if
+      the start hasn't passed this character yet. */
+
+      req_char_ptr = p;
+      }
+    }
+
+  /* When a match occurs, substrings will be set for all internal extractions;
+  we just need to set up the whole thing as substring 0 before returning. If
+  there were too many extractions, set the return code to zero. In the case
+  where we had to get some local store to hold offsets for backreferences, copy
+  those back references that we can. In this case there need not be overflow
+  if certain parts of the pattern were not used. */
+
+  match_block.start_match = start_match;
+  if (!match(start_match, re->code, 2, &match_block, ims, NULL, match_isgroup))
+    continue;
+
+  /* Copy the offset information from temporary store if necessary */
+
+  if (using_temporary_offsets)
+    {
+    if (offsetcount >= 4)
+      {
+      memcpy(offsets + 2, match_block.offset_vector + 2,
+        (offsetcount - 2) * sizeof(int));
+      DPRINTF(("Copied offsets from temporary memory\n"));
+      }
+    if (match_block.end_offset_top > offsetcount)
+      match_block.offset_overflow = TRUE;
+
+    DPRINTF(("Freeing temporary memory\n"));
+    (pcre_free)(match_block.offset_vector);
+    }
+
+  rc = match_block.offset_overflow? 0 : match_block.end_offset_top/2;
+
+  if (match_block.offset_end < 2) rc = 0; else
+    {
+    offsets[0] = start_match - match_block.start_subject;
+    offsets[1] = match_block.end_match_ptr - match_block.start_subject;
+    }
+
+  DPRINTF((">>>> returning %d\n", rc));
+  return rc;
+  }
+
+/* This "while" is the end of the "do" above */
+
+while (!anchored &&
+       match_block.errorcode == PCRE_ERROR_NOMATCH &&
+       start_match++ < end_subject);
+
+if (using_temporary_offsets)
+  {
+  DPRINTF(("Freeing temporary memory\n"));
+  (pcre_free)(match_block.offset_vector);
+  }
+
+DPRINTF((">>>> returning %d\n", match_block.errorcode));
+
+return match_block.errorcode;
+}
+
+/* End of pcre.c */
diff --git a/external/privoxy/pcre/pcre.def b/external/privoxy/pcre/pcre.def
new file mode 100644
index 0000000..0e8cf3f
--- /dev/null
+++ b/external/privoxy/pcre/pcre.def
@@ -0,0 +1,19 @@
+EXPORTS
+
+pcre_malloc DATA
+pcre_free DATA
+
+pcre_compile
+pcre_copy_substring
+pcre_exec
+pcre_get_substring
+pcre_get_substring_list
+pcre_info
+pcre_maketables
+pcre_study
+pcre_version
+
+regcomp
+regexec
+regerror
+regfree
diff --git a/external/privoxy/pcre/pcre.h b/external/privoxy/pcre/pcre.h
new file mode 100644
index 0000000..d27ba85
--- /dev/null
+++ b/external/privoxy/pcre/pcre.h
@@ -0,0 +1,110 @@
+/*************************************************
+*       Perl-Compatible Regular Expressions      *
+*************************************************/
+
+/* Copyright (c) 1997-2000 University of Cambridge */
+
+#ifndef _PCRE_H
+#define _PCRE_H
+
+/* The file pcre.h is build by "configure". Do not edit it; instead
+make changes to pcre.in. */
+
+#define PCRE_MAJOR 3
+#define PCRE_MINOR 4
+#define PCRE_DATE  22-Aug-2000
+
+/* Win32 uses DLL by default */
+
+#ifdef _WIN32
+# ifdef STATIC_PCRE
+#  define PCRE_DL_IMPORT
+# else
+#  define PCRE_DL_IMPORT __declspec(dllimport)
+# endif
+#else
+# define PCRE_DL_IMPORT
+#endif
+
+/* Have to include stdlib.h in order to ensure that size_t is defined;
+it is needed here for malloc. */
+
+#include <stdlib.h>
+
+/* Allow for C++ users */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Options */
+
+#define PCRE_CASELESS        0x0001
+#define PCRE_MULTILINE       0x0002
+#define PCRE_DOTALL          0x0004
+#define PCRE_EXTENDED        0x0008
+#define PCRE_ANCHORED        0x0010
+#define PCRE_DOLLAR_ENDONLY  0x0020
+#define PCRE_EXTRA           0x0040
+#define PCRE_NOTBOL          0x0080
+#define PCRE_NOTEOL          0x0100
+#define PCRE_UNGREEDY        0x0200
+#define PCRE_NOTEMPTY        0x0400
+#define PCRE_UTF8            0x0800
+
+/* Exec-time and get-time error codes */
+
+#define PCRE_ERROR_NOMATCH        (-1)
+#define PCRE_ERROR_NULL           (-2)
+#define PCRE_ERROR_BADOPTION      (-3)
+#define PCRE_ERROR_BADMAGIC       (-4)
+#define PCRE_ERROR_UNKNOWN_NODE   (-5)
+#define PCRE_ERROR_NOMEMORY       (-6)
+#define PCRE_ERROR_NOSUBSTRING    (-7)
+
+/* Request types for pcre_fullinfo() */
+
+#define PCRE_INFO_OPTIONS         0
+#define PCRE_INFO_SIZE            1
+#define PCRE_INFO_CAPTURECOUNT    2
+#define PCRE_INFO_BACKREFMAX      3
+#define PCRE_INFO_FIRSTCHAR       4
+#define PCRE_INFO_FIRSTTABLE      5
+#define PCRE_INFO_LASTLITERAL     6
+
+/* Types */
+
+typedef void pcre;
+typedef void pcre_extra;
+
+/* Store get and free functions. These can be set to alternative malloc/free
+functions if required. Some magic is required for Win32 DLL; it is null on
+other OS. */
+
+PCRE_DL_IMPORT extern void *(*pcre_malloc)(size_t);
+PCRE_DL_IMPORT extern void  (*pcre_free)(void *);
+
+#undef PCRE_DL_IMPORT
+
+/* Functions */
+
+extern pcre *pcre_compile(const char *, int, const char **, int *,
+              const unsigned char *);
+extern int  pcre_copy_substring(const char *, int *, int, int, char *, int);
+extern int  pcre_exec(const pcre *, const pcre_extra *, const char *,
+              int, int, int, int *, int);
+extern void pcre_free_substring(const char *);
+extern void pcre_free_substring_list(const char **);
+extern int  pcre_get_substring(const char *, int *, int, int, const char **);
+extern int  pcre_get_substring_list(const char *, int *, int, const char ***);
+extern int  pcre_info(const pcre *, int *, int *);
+extern int  pcre_fullinfo(const pcre *, const pcre_extra *, int, void *);
+extern unsigned const char *pcre_maketables(void);
+extern pcre_extra *pcre_study(const pcre *, int, const char **);
+extern const char *pcre_version(void);
+
+#ifdef __cplusplus
+}  /* extern "C" */
+#endif
+
+#endif /* End of pcre.h */
diff --git a/external/privoxy/pcre/pcre.in b/external/privoxy/pcre/pcre.in
new file mode 100644
index 0000000..d698f40
--- /dev/null
+++ b/external/privoxy/pcre/pcre.in
@@ -0,0 +1,110 @@
+/*************************************************
+*       Perl-Compatible Regular Expressions      *
+*************************************************/
+
+/* Copyright (c) 1997-2000 University of Cambridge */
+
+#ifndef _PCRE_H
+#define _PCRE_H
+
+/* The file pcre.h is build by "configure". Do not edit it; instead
+make changes to pcre.in. */
+
+#define PCRE_MAJOR @PCRE_MAJOR@
+#define PCRE_MINOR @PCRE_MINOR@
+#define PCRE_DATE  @PCRE_DATE@
+
+/* Win32 uses DLL by default */
+
+#ifdef _WIN32
+# ifdef STATIC_PCRE
+#  define PCRE_DL_IMPORT
+# else
+#  define PCRE_DL_IMPORT __declspec(dllimport)
+# endif
+#else
+# define PCRE_DL_IMPORT
+#endif
+
+/* Have to include stdlib.h in order to ensure that size_t is defined;
+it is needed here for malloc. */
+
+#include <stdlib.h>
+
+/* Allow for C++ users */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Options */
+
+#define PCRE_CASELESS        0x0001
+#define PCRE_MULTILINE       0x0002
+#define PCRE_DOTALL          0x0004
+#define PCRE_EXTENDED        0x0008
+#define PCRE_ANCHORED        0x0010
+#define PCRE_DOLLAR_ENDONLY  0x0020
+#define PCRE_EXTRA           0x0040
+#define PCRE_NOTBOL          0x0080
+#define PCRE_NOTEOL          0x0100
+#define PCRE_UNGREEDY        0x0200
+#define PCRE_NOTEMPTY        0x0400
+#define PCRE_UTF8            0x0800
+
+/* Exec-time and get-time error codes */
+
+#define PCRE_ERROR_NOMATCH        (-1)
+#define PCRE_ERROR_NULL           (-2)
+#define PCRE_ERROR_BADOPTION      (-3)
+#define PCRE_ERROR_BADMAGIC       (-4)
+#define PCRE_ERROR_UNKNOWN_NODE   (-5)
+#define PCRE_ERROR_NOMEMORY       (-6)
+#define PCRE_ERROR_NOSUBSTRING    (-7)
+
+/* Request types for pcre_fullinfo() */
+
+#define PCRE_INFO_OPTIONS         0
+#define PCRE_INFO_SIZE            1
+#define PCRE_INFO_CAPTURECOUNT    2
+#define PCRE_INFO_BACKREFMAX      3
+#define PCRE_INFO_FIRSTCHAR       4
+#define PCRE_INFO_FIRSTTABLE      5
+#define PCRE_INFO_LASTLITERAL     6
+
+/* Types */
+
+typedef void pcre;
+typedef void pcre_extra;
+
+/* Store get and free functions. These can be set to alternative malloc/free
+functions if required. Some magic is required for Win32 DLL; it is null on
+other OS. */
+
+PCRE_DL_IMPORT extern void *(*pcre_malloc)(size_t);
+PCRE_DL_IMPORT extern void  (*pcre_free)(void *);
+
+#undef PCRE_DL_IMPORT
+
+/* Functions */
+
+extern pcre *pcre_compile(const char *, int, const char **, int *,
+              const unsigned char *);
+extern int  pcre_copy_substring(const char *, int *, int, int, char *, int);
+extern int  pcre_exec(const pcre *, const pcre_extra *, const char *,
+              int, int, int, int *, int);
+extern void pcre_free_substring(const char *);
+extern void pcre_free_substring_list(const char **);
+extern int  pcre_get_substring(const char *, int *, int, int, const char **);
+extern int  pcre_get_substring_list(const char *, int *, int, const char ***);
+extern int  pcre_info(const pcre *, int *, int *);
+extern int  pcre_fullinfo(const pcre *, const pcre_extra *, int, void *);
+extern unsigned const char *pcre_maketables(void);
+extern pcre_extra *pcre_study(const pcre *, int, const char **);
+extern const char *pcre_version(void);
+
+#ifdef __cplusplus
+}  /* extern "C" */
+#endif
+
+#endif /* End of pcre.h */
diff --git a/external/privoxy/pcre/pcregrep.c b/external/privoxy/pcre/pcregrep.c
new file mode 100644
index 0000000..e8c934e
--- /dev/null
+++ b/external/privoxy/pcre/pcregrep.c
@@ -0,0 +1,228 @@
+/*************************************************
+*               pcregrep program                 *
+*************************************************/
+
+/* This is a grep program that uses the PCRE regular expression library to do
+its pattern matching. */
+
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <errno.h>
+#include "config.h"
+#include "pcre.h"
+
+#define FALSE 0
+#define TRUE 1
+
+typedef int BOOL;
+
+
+
+/*************************************************
+*               Global variables                 *
+*************************************************/
+
+static pcre *pattern;
+static pcre_extra *hints;
+
+static BOOL count_only = FALSE;
+static BOOL filenames_only = FALSE;
+static BOOL invert = FALSE;
+static BOOL number = FALSE;
+static BOOL silent = FALSE;
+static BOOL whole_lines = FALSE;
+
+
+
+#if ! HAVE_STRERROR
+/*************************************************
+*     Provide strerror() for non-ANSI libraries  *
+*************************************************/
+
+/* Some old-fashioned systems still around (e.g. SunOS4) don't have strerror()
+in their libraries, but can provide the same facility by this simple
+alternative function. */
+
+extern int   sys_nerr;
+extern char *sys_errlist[];
+
+char *
+strerror(int n)
+{
+if (n < 0 || n >= sys_nerr) return "unknown error number";
+return sys_errlist[n];
+}
+#endif /* HAVE_STRERROR */
+
+
+
+/*************************************************
+*              Grep an individual file           *
+*************************************************/
+
+static int
+pcregrep(FILE *in, char *name)
+{
+int rc = 1;
+int linenumber = 0;
+int count = 0;
+int offsets[99];
+char buffer[BUFSIZ];
+
+while (fgets(buffer, sizeof(buffer), in) != NULL)
+  {
+  BOOL match;
+  int length = (int)strlen(buffer);
+  if (length > 0 && buffer[length-1] == '\n') buffer[--length] = 0;
+  linenumber++;
+
+  match = pcre_exec(pattern, hints, buffer, length, 0, 0, offsets, 99) >= 0;
+  if (match && whole_lines && offsets[1] != length) match = FALSE;
+
+  if (match != invert)
+    {
+    if (count_only) count++;
+
+    else if (filenames_only)
+      {
+      fprintf(stdout, "%s\n", (name == NULL)? "<stdin>" : name);
+      return 0;
+      }
+
+    else if (silent) return 0;
+
+    else
+      {
+      if (name != NULL) fprintf(stdout, "%s:", name);
+      if (number) fprintf(stdout, "%d:", linenumber);
+      fprintf(stdout, "%s\n", buffer);
+      }
+
+    rc = 0;
+    }
+  }
+
+if (count_only)
+  {
+  if (name != NULL) fprintf(stdout, "%s:", name);
+  fprintf(stdout, "%d\n", count);
+  }
+
+return rc;
+}
+
+
+
+
+/*************************************************
+*                Usage function                  *
+*************************************************/
+
+static int
+usage(int rc)
+{
+fprintf(stderr, "Usage: pcregrep [-Vchilnsvx] pattern [file] ...\n");
+return rc;
+}
+
+
+
+
+/*************************************************
+*                Main program                    *
+*************************************************/
+
+int
+main(int argc, char **argv)
+{
+int i;
+int rc = 1;
+int options = 0;
+int errptr;
+const char *error;
+BOOL filenames = TRUE;
+
+/* Process the options */
+
+for (i = 1; i < argc; i++)
+  {
+  char *s;
+  if (argv[i][0] != '-') break;
+  s = argv[i] + 1;
+  while (*s != 0)
+    {
+    switch (*s++)
+      {
+      case 'c': count_only = TRUE; break;
+      case 'h': filenames = FALSE; break;
+      case 'i': options |= PCRE_CASELESS; break;
+      case 'l': filenames_only = TRUE;
+      case 'n': number = TRUE; break;
+      case 's': silent = TRUE; break;
+      case 'v': invert = TRUE; break;
+      case 'x': whole_lines = TRUE; options |= PCRE_ANCHORED; break;
+
+      case 'V':
+      fprintf(stderr, "PCRE version %s\n", pcre_version());
+      break;
+
+      default:
+      fprintf(stderr, "pcregrep: unknown option %c\n", s[-1]);
+      return usage(2);
+      }
+    }
+  }
+
+/* There must be at least a regexp argument */
+
+if (i >= argc) return usage(0);
+
+/* Compile the regular expression. */
+
+pattern = pcre_compile(argv[i++], options, &error, &errptr, NULL);
+if (pattern == NULL)
+  {
+  fprintf(stderr, "pcregrep: error in regex at offset %d: %s\n", errptr, error);
+  return 2;
+  }
+
+/* Study the regular expression, as we will be running it may times */
+
+hints = pcre_study(pattern, 0, &error);
+if (error != NULL)
+  {
+  fprintf(stderr, "pcregrep: error while studing regex: %s\n", error);
+  return 2;
+  }
+
+/* If there are no further arguments, do the business on stdin and exit */
+
+if (i >= argc) return pcregrep(stdin, NULL);
+
+/* Otherwise, work through the remaining arguments as files. If there is only
+one, don't give its name on the output. */
+
+if (i == argc - 1) filenames = FALSE;
+if (filenames_only) filenames = TRUE;
+
+for (; i < argc; i++)
+  {
+  FILE *in = fopen(argv[i], "r");
+  if (in == NULL)
+    {
+    fprintf(stderr, "%s: failed to open: %s\n", argv[i], strerror(errno));
+    rc = 2;
+    }
+  else
+    {
+    int frc = pcregrep(in, filenames? argv[i] : NULL);
+    if (frc == 0 && rc == 1) rc = 0;
+    fclose(in);
+    }
+  }
+
+return rc;
+}
+
+/* End */
diff --git a/external/privoxy/pcre/pcreposix.c b/external/privoxy/pcre/pcreposix.c
new file mode 100644
index 0000000..519d2dd
--- /dev/null
+++ b/external/privoxy/pcre/pcreposix.c
@@ -0,0 +1,280 @@
+/*************************************************
+*      Perl-Compatible Regular Expressions       *
+*************************************************/
+
+/*
+This is a library of functions to support regular expressions whose syntax
+and semantics are as close as possible to those of the Perl 5 language. See
+the file Tech.Notes for some information on the internals.
+
+This module is a wrapper that provides a POSIX API to the underlying PCRE
+functions.
+
+Written by: Philip Hazel <ph10 at cam.ac.uk>
+
+           Copyright (c) 1997-2000 University of Cambridge
+
+-----------------------------------------------------------------------------
+Permission is granted to anyone to use this software for any purpose on any
+computer system, and to redistribute it freely, subject to the following
+restrictions:
+
+1. This software is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+2. The origin of this software must not be misrepresented, either by
+   explicit claim or by omission.
+
+3. Altered versions must be plainly marked as such, and must not be
+   misrepresented as being the original software.
+
+4. If PCRE is embedded in any software that is released under the GNU
+   General Purpose Licence (GPL), then the terms of that licence shall
+   supersede any condition above with which it is incompatible.
+-----------------------------------------------------------------------------
+*/
+
+#include "internal.h"
+#include "pcreposix.h"
+#include "stdlib.h"
+
+
+
+/* Corresponding tables of PCRE error messages and POSIX error codes. */
+
+static const char *estring[] = {
+  ERR1,  ERR2,  ERR3,  ERR4,  ERR5,  ERR6,  ERR7,  ERR8,  ERR9,  ERR10,
+  ERR11, ERR12, ERR13, ERR14, ERR15, ERR16, ERR17, ERR18, ERR19, ERR20,
+  ERR21, ERR22, ERR23, ERR24, ERR25, ERR26, ERR27, ERR29, ERR29, ERR30,
+  ERR31 };
+
+static int eint[] = {
+  REG_EESCAPE, /* "\\ at end of pattern" */
+  REG_EESCAPE, /* "\\c at end of pattern" */
+  REG_EESCAPE, /* "unrecognized character follows \\" */
+  REG_BADBR,   /* "numbers out of order in {} quantifier" */
+  REG_BADBR,   /* "number too big in {} quantifier" */
+  REG_EBRACK,  /* "missing terminating ] for character class" */
+  REG_ECTYPE,  /* "invalid escape sequence in character class" */
+  REG_ERANGE,  /* "range out of order in character class" */
+  REG_BADRPT,  /* "nothing to repeat" */
+  REG_BADRPT,  /* "operand of unlimited repeat could match the empty string" */
+  REG_ASSERT,  /* "internal error: unexpected repeat" */
+  REG_BADPAT,  /* "unrecognized character after (?" */
+  REG_ESIZE,   /* "too many capturing parenthesized sub-patterns" */
+  REG_EPAREN,  /* "missing )" */
+  REG_ESUBREG, /* "back reference to non-existent subpattern" */
+  REG_INVARG,  /* "erroffset passed as NULL" */
+  REG_INVARG,  /* "unknown option bit(s) set" */
+  REG_EPAREN,  /* "missing ) after comment" */
+  REG_ESIZE,   /* "too many sets of parentheses" */
+  REG_ESIZE,   /* "regular expression too large" */
+  REG_ESPACE,  /* "failed to get memory" */
+  REG_EPAREN,  /* "unmatched brackets" */
+  REG_ASSERT,  /* "internal error: code overflow" */
+  REG_BADPAT,  /* "unrecognized character after (?<" */
+  REG_BADPAT,  /* "lookbehind assertion is not fixed length" */
+  REG_BADPAT,  /* "malformed number after (?(" */
+  REG_BADPAT,  /* "conditional group containe more than two branches" */
+  REG_BADPAT,  /* "assertion expected after (?(" */
+  REG_BADPAT,  /* "(?p must be followed by )" */
+  REG_ECTYPE,  /* "unknown POSIX class name" */
+  REG_BADPAT,  /* "POSIX collating elements are not supported" */
+  REG_INVARG,  /* "this version of PCRE is not compiled with PCRE_UTF8 support" */
+  REG_BADPAT,  /* "characters with values > 255 are not yet supported in classes" */
+  REG_BADPAT,  /* "character value in \x{...} sequence is too large" */
+  REG_BADPAT   /* "invalid condition (?(0)" */
+};
+
+/* Table of texts corresponding to POSIX error codes */
+
+static const char *pstring[] = {
+  "",                                /* Dummy for value 0 */
+  "internal error",                  /* REG_ASSERT */
+  "invalid repeat counts in {}",     /* BADBR      */
+  "pattern error",                   /* BADPAT     */
+  "? * + invalid",                   /* BADRPT     */
+  "unbalanced {}",                   /* EBRACE     */
+  "unbalanced []",                   /* EBRACK     */
+  "collation error - not relevant",  /* ECOLLATE   */
+  "bad class",                       /* ECTYPE     */
+  "bad escape sequence",             /* EESCAPE    */
+  "empty expression",                /* EMPTY      */
+  "unbalanced ()",                   /* EPAREN     */
+  "bad range inside []",             /* ERANGE     */
+  "expression too big",              /* ESIZE      */
+  "failed to get memory",            /* ESPACE     */
+  "bad back reference",              /* ESUBREG    */
+  "bad argument",                    /* INVARG     */
+  "match failed"                     /* NOMATCH    */
+};
+
+
+
+
+/*************************************************
+*          Translate PCRE text code to int       *
+*************************************************/
+
+/* PCRE compile-time errors are given as strings defined as macros. We can just
+look them up in a table to turn them into POSIX-style error codes. */
+
+static int
+pcre_posix_error_code(const char *s)
+{
+size_t i;
+for (i = 0; i < sizeof(estring)/sizeof(char *); i++)
+  if (strcmp(s, estring[i]) == 0) return eint[i];
+return REG_ASSERT;
+}
+
+
+
+/*************************************************
+*          Translate error code to string        *
+*************************************************/
+
+size_t
+regerror(int errcode, const regex_t *preg, char *errbuf, size_t errbuf_size)
+{
+const char *message, *addmessage;
+size_t length, addlength;
+
+message = (errcode >= (int)(sizeof(pstring)/sizeof(char *)))?
+  "unknown error code" : pstring[errcode];
+length = strlen(message) + 1;
+
+addmessage = " at offset ";
+addlength = (preg != NULL && (int)preg->re_erroffset != -1)?
+  strlen(addmessage) + 6 : 0;
+
+if (errbuf_size > 0)
+  {
+  if (addlength > 0 && errbuf_size >= length + addlength)
+    sprintf(errbuf, "%s%s%-6d", message, addmessage, (int)preg->re_erroffset);
+  else
+    {
+    strncpy(errbuf, message, errbuf_size - 1);
+    errbuf[errbuf_size-1] = 0;
+    }
+  }
+
+return length + addlength;
+}
+
+
+
+
+/*************************************************
+*           Free store held by a regex           *
+*************************************************/
+
+void
+regfree(regex_t *preg)
+{
+(pcre_free)(preg->re_pcre);
+}
+
+
+
+
+/*************************************************
+*            Compile a regular expression        *
+*************************************************/
+
+/*
+Arguments:
+  preg        points to a structure for recording the compiled expression
+  pattern     the pattern to compile
+  cflags      compilation flags
+
+Returns:      0 on success
+              various non-zero codes on failure
+*/
+
+int
+regcomp(regex_t *preg, const char *pattern, int cflags)
+{
+const char *errorptr;
+int erroffset;
+int options = 0;
+
+if ((cflags & REG_ICASE) != 0) options |= PCRE_CASELESS;
+if ((cflags & REG_NEWLINE) != 0) options |= PCRE_MULTILINE;
+
+preg->re_pcre = pcre_compile(pattern, options, &errorptr, &erroffset, NULL);
+preg->re_erroffset = erroffset;
+
+if (preg->re_pcre == NULL) return pcre_posix_error_code(errorptr);
+
+preg->re_nsub = pcre_info(preg->re_pcre, NULL, NULL);
+return 0;
+}
+
+
+
+
+/*************************************************
+*              Match a regular expression        *
+*************************************************/
+
+/* Unfortunately, PCRE requires 3 ints of working space for each captured
+substring, so we have to get and release working store instead of just using
+the POSIX structures as was done in earlier releases when PCRE needed only 2
+ints. */
+
+int
+regexec(regex_t *preg, const char *string, size_t nmatch,
+  regmatch_t pmatch[], int eflags)
+{
+int rc;
+int options = 0;
+int *ovector = NULL;
+
+if ((eflags & REG_NOTBOL) != 0) options |= PCRE_NOTBOL;
+if ((eflags & REG_NOTEOL) != 0) options |= PCRE_NOTEOL;
+
+preg->re_erroffset = (size_t)(-1);   /* Only has meaning after compile */
+
+if (nmatch > 0)
+  {
+  ovector = (int *)malloc(sizeof(int) * nmatch * 3);
+  if (ovector == NULL) return REG_ESPACE;
+  }
+
+rc = pcre_exec(preg->re_pcre, NULL, string, (int)strlen(string), 0, options,
+  ovector, nmatch * 3);
+
+if (rc == 0) rc = nmatch;    /* All captured slots were filled in */
+
+if (rc >= 0)
+  {
+  size_t i;
+  for (i = 0; i < (size_t)rc; i++)
+    {
+    pmatch[i].rm_so = ovector[i*2];
+    pmatch[i].rm_eo = ovector[i*2+1];
+    }
+  if (ovector != NULL) free(ovector);
+  for (; i < nmatch; i++) pmatch[i].rm_so = pmatch[i].rm_eo = -1;
+  return 0;
+  }
+
+else
+  {
+  if (ovector != NULL) free(ovector);
+  switch(rc)
+    {
+    case PCRE_ERROR_NOMATCH: return REG_NOMATCH;
+    case PCRE_ERROR_NULL: return REG_INVARG;
+    case PCRE_ERROR_BADOPTION: return REG_INVARG;
+    case PCRE_ERROR_BADMAGIC: return REG_INVARG;
+    case PCRE_ERROR_UNKNOWN_NODE: return REG_ASSERT;
+    case PCRE_ERROR_NOMEMORY: return REG_ESPACE;
+    default: return REG_ASSERT;
+    }
+  }
+}
+
+/* End of pcreposix.c */
diff --git a/external/privoxy/pcre/pcreposix.h b/external/privoxy/pcre/pcreposix.h
new file mode 100644
index 0000000..7660acb
--- /dev/null
+++ b/external/privoxy/pcre/pcreposix.h
@@ -0,0 +1,88 @@
+/*************************************************
+*       Perl-Compatible Regular Expressions      *
+*************************************************/
+
+/* Copyright (c) 1997-2000 University of Cambridge */
+
+#ifndef _PCREPOSIX_H
+#define _PCREPOSIX_H
+
+/* This is the header for the POSIX wrapper interface to the PCRE Perl-
+Compatible Regular Expression library. It defines the things POSIX says should
+be there. I hope. */
+
+/* Have to include stdlib.h in order to ensure that size_t is defined. */
+
+#include <stdlib.h>
+
+/* Allow for C++ users */
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/* Options defined by POSIX. */
+
+#define REG_ICASE     0x01
+#define REG_NEWLINE   0x02
+#define REG_NOTBOL    0x04
+#define REG_NOTEOL    0x08
+
+/* These are not used by PCRE, but by defining them we make it easier
+to slot PCRE into existing programs that make POSIX calls. */
+
+#define REG_EXTENDED  0
+#define REG_NOSUB     0
+
+/* Error values. Not all these are relevant or used by the wrapper. */
+
+enum {
+  REG_ASSERT = 1,  /* internal error ? */
+  REG_BADBR,       /* invalid repeat counts in {} */
+  REG_BADPAT,      /* pattern error */
+  REG_BADRPT,      /* ? * + invalid */
+  REG_EBRACE,      /* unbalanced {} */
+  REG_EBRACK,      /* unbalanced [] */
+  REG_ECOLLATE,    /* collation error - not relevant */
+  REG_ECTYPE,      /* bad class */
+  REG_EESCAPE,     /* bad escape sequence */
+  REG_EMPTY,       /* empty expression */
+  REG_EPAREN,      /* unbalanced () */
+  REG_ERANGE,      /* bad range inside [] */
+  REG_ESIZE,       /* expression too big */
+  REG_ESPACE,      /* failed to get memory */
+  REG_ESUBREG,     /* bad back reference */
+  REG_INVARG,      /* bad argument */
+  REG_NOMATCH      /* match failed */
+};
+
+
+/* The structure representing a compiled regular expression. */
+
+typedef struct {
+  void *re_pcre;
+  size_t re_nsub;
+  size_t re_erroffset;
+} regex_t;
+
+/* The structure in which a captured offset is returned. */
+
+typedef int regoff_t;
+
+typedef struct {
+  regoff_t rm_so;
+  regoff_t rm_eo;
+} regmatch_t;
+
+/* The functions */
+
+extern int regcomp(regex_t *, const char *, int);
+extern int regexec(regex_t *, const char *, size_t, regmatch_t *, int);
+extern size_t regerror(int, const regex_t *, char *, size_t);
+extern void regfree(regex_t *);
+
+#ifdef __cplusplus
+}   /* extern "C" */
+#endif
+
+#endif /* End of pcreposix.h */
diff --git a/external/privoxy/pcre/pcretest.c b/external/privoxy/pcre/pcretest.c
new file mode 100644
index 0000000..ee5df5f
--- /dev/null
+++ b/external/privoxy/pcre/pcretest.c
@@ -0,0 +1,1225 @@
+/*************************************************
+*             PCRE testing program               *
+*************************************************/
+
+#include <ctype.h>
+#include <stdio.h>
+#include <string.h>
+#include <stdlib.h>
+#include <time.h>
+#include <locale.h>
+
+/* Use the internal info for displaying the results of pcre_study(). */
+
+#include "internal.h"
+
+/* It is possible to compile this test program without including support for
+testing the POSIX interface, though this is not available via the standard
+Makefile. */
+
+#if !defined NOPOSIX
+#include "pcreposix.h"
+#endif
+
+#ifndef CLOCKS_PER_SEC
+#ifdef CLK_TCK
+#define CLOCKS_PER_SEC CLK_TCK
+#else
+#define CLOCKS_PER_SEC 100
+#endif
+#endif
+
+#define LOOPREPEAT 20000
+
+
+static FILE *outfile;
+static int log_store = 0;
+static size_t gotten_store;
+
+
+
+static int utf8_table1[] = {
+  0x0000007f, 0x000007ff, 0x0000ffff, 0x001fffff, 0x03ffffff, 0x7fffffff};
+
+static int utf8_table2[] = {
+  0, 0xc0, 0xe0, 0xf0, 0xf8, 0xfc};
+
+static int utf8_table3[] = {
+  0xff, 0x1f, 0x0f, 0x07, 0x03, 0x01};
+
+
+/*************************************************
+*       Convert character value to UTF-8         *
+*************************************************/
+
+/* This function takes an integer value in the range 0 - 0x7fffffff
+and encodes it as a UTF-8 character in 0 to 6 bytes.
+
+Arguments:
+  cvalue     the character value
+  buffer     pointer to buffer for result - at least 6 bytes long
+
+Returns:     number of characters placed in the buffer
+             -1 if input character is negative
+             0 if input character is positive but too big (only when
+             int is longer than 32 bits)
+*/
+
+static int
+ord2utf8(int cvalue, unsigned char *buffer)
+{
+register int i, j;
+for (i = 0; i < sizeof(utf8_table1)/sizeof(int); i++)
+  if (cvalue <= utf8_table1[i]) break;
+if (i >= sizeof(utf8_table1)/sizeof(int)) return 0;
+if (cvalue < 0) return -1;
+*buffer++ = utf8_table2[i] | (cvalue & utf8_table3[i]);
+cvalue >>= 6 - i;
+for (j = 0; j < i; j++)
+  {
+  *buffer++ = 0x80 | (cvalue & 0x3f);
+  cvalue >>= 6;
+  }
+return i + 1;
+}
+
+
+/*************************************************
+*            Convert UTF-8 string to value       *
+*************************************************/
+
+/* This function takes one or more bytes that represents a UTF-8 character,
+and returns the value of the character.
+
+Argument:
+  buffer   a pointer to the byte vector
+  vptr     a pointer to an int to receive the value
+
+Returns:   >  0 => the number of bytes consumed
+           -6 to 0 => malformed UTF-8 character at offset = (-return)
+*/
+
+int
+utf82ord(unsigned char *buffer, int *vptr)
+{
+int c = *buffer++;
+int d = c;
+int i, j, s;
+
+for (i = -1; i < 6; i++)               /* i is number of additional bytes */
+  {
+  if ((d & 0x80) == 0) break;
+  d <<= 1;
+  }
+
+if (i == -1) { *vptr = c; return 1; }  /* ascii character */
+if (i == 0 || i == 6) return 0;        /* invalid UTF-8 */
+
+/* i now has a value in the range 1-5 */
+
+d = c & utf8_table3[i];
+s = 6 - i;
+
+for (j = 0; j < i; j++)
+  {
+  c = *buffer++;
+  if ((c & 0xc0) != 0x80) return -(j+1);
+  d |= (c & 0x3f) << s;
+  s += 6;
+  }
+
+/* Check that encoding was the correct unique one */
+
+for (j = 0; j < sizeof(utf8_table1)/sizeof(int); j++)
+  if (d <= utf8_table1[j]) break;
+if (j != i) return -(i+1);
+
+/* Valid value */
+
+*vptr = d;
+return i+1;
+}
+
+
+
+
+
+
+/* Debugging function to print the internal form of the regex. This is the same
+code as contained in pcre.c under the DEBUG macro. */
+
+static const char *OP_names[] = {
+  "End", "\\A", "\\B", "\\b", "\\D", "\\d",
+  "\\S", "\\s", "\\W", "\\w", "\\Z", "\\z",
+  "Opt", "^", "$", "Any", "chars", "not",
+  "*", "*?", "+", "+?", "?", "??", "{", "{", "{",
+  "*", "*?", "+", "+?", "?", "??", "{", "{", "{",
+  "*", "*?", "+", "+?", "?", "??", "{", "{", "{",
+  "*", "*?", "+", "+?", "?", "??", "{", "{",
+  "class", "Ref", "Recurse",
+  "Alt", "Ket", "KetRmax", "KetRmin", "Assert", "Assert not",
+  "AssertB", "AssertB not", "Reverse", "Once", "Cond", "Cref",
+  "Brazero", "Braminzero", "Bra"
+};
+
+
+static void print_internals(pcre *re)
+{
+unsigned char *code = ((real_pcre *)re)->code;
+
+fprintf(outfile, "------------------------------------------------------------------\n");
+
+for(;;)
+  {
+  int c;
+  int charlength;
+
+  fprintf(outfile, "%3d ", (int)(code - ((real_pcre *)re)->code));
+
+  if (*code >= OP_BRA)
+    {
+    fprintf(outfile, "%3d Bra %d", (code[1] << 8) + code[2], *code - OP_BRA);
+    code += 2;
+    }
+
+  else switch(*code)
+    {
+    case OP_END:
+    fprintf(outfile, "    %s\n", OP_names[*code]);
+    fprintf(outfile, "------------------------------------------------------------------\n");
+    return;
+
+    case OP_OPT:
+    fprintf(outfile, " %.2x %s", code[1], OP_names[*code]);
+    code++;
+    break;
+
+    case OP_COND:
+    fprintf(outfile, "%3d Cond", (code[1] << 8) + code[2]);
+    code += 2;
+    break;
+
+    case OP_CREF:
+    fprintf(outfile, " %.2d %s", code[1], OP_names[*code]);
+    code++;
+    break;
+
+    case OP_CHARS:
+    charlength = *(++code);
+    fprintf(outfile, "%3d ", charlength);
+    while (charlength-- > 0)
+      if (isprint(c = *(++code))) fprintf(outfile, "%c", c);
+        else fprintf(outfile, "\\x%02x", c);
+    break;
+
+    case OP_KETRMAX:
+    case OP_KETRMIN:
+    case OP_ALT:
+    case OP_KET:
+    case OP_ASSERT:
+    case OP_ASSERT_NOT:
+    case OP_ASSERTBACK:
+    case OP_ASSERTBACK_NOT:
+    case OP_ONCE:
+    fprintf(outfile, "%3d %s", (code[1] << 8) + code[2], OP_names[*code]);
+    code += 2;
+    break;
+
+    case OP_REVERSE:
+    fprintf(outfile, "%3d %s", (code[1] << 8) + code[2], OP_names[*code]);
+    code += 2;
+    break;
+
+    case OP_STAR:
+    case OP_MINSTAR:
+    case OP_PLUS:
+    case OP_MINPLUS:
+    case OP_QUERY:
+    case OP_MINQUERY:
+    case OP_TYPESTAR:
+    case OP_TYPEMINSTAR:
+    case OP_TYPEPLUS:
+    case OP_TYPEMINPLUS:
+    case OP_TYPEQUERY:
+    case OP_TYPEMINQUERY:
+    if (*code >= OP_TYPESTAR)
+      fprintf(outfile, "    %s", OP_names[code[1]]);
+    else if (isprint(c = code[1])) fprintf(outfile, "    %c", c);
+      else fprintf(outfile, "    \\x%02x", c);
+    fprintf(outfile, "%s", OP_names[*code++]);
+    break;
+
+    case OP_EXACT:
+    case OP_UPTO:
+    case OP_MINUPTO:
+    if (isprint(c = code[3])) fprintf(outfile, "    %c{", c);
+      else fprintf(outfile, "    \\x%02x{", c);
+    if (*code != OP_EXACT) fprintf(outfile, ",");
+    fprintf(outfile, "%d}", (code[1] << 8) + code[2]);
+    if (*code == OP_MINUPTO) fprintf(outfile, "?");
+    code += 3;
+    break;
+
+    case OP_TYPEEXACT:
+    case OP_TYPEUPTO:
+    case OP_TYPEMINUPTO:
+    fprintf(outfile, "    %s{", OP_names[code[3]]);
+    if (*code != OP_TYPEEXACT) fprintf(outfile, "0,");
+    fprintf(outfile, "%d}", (code[1] << 8) + code[2]);
+    if (*code == OP_TYPEMINUPTO) fprintf(outfile, "?");
+    code += 3;
+    break;
+
+    case OP_NOT:
+    if (isprint(c = *(++code))) fprintf(outfile, "    [^%c]", c);
+      else fprintf(outfile, "    [^\\x%02x]", c);
+    break;
+
+    case OP_NOTSTAR:
+    case OP_NOTMINSTAR:
+    case OP_NOTPLUS:
+    case OP_NOTMINPLUS:
+    case OP_NOTQUERY:
+    case OP_NOTMINQUERY:
+    if (isprint(c = code[1])) fprintf(outfile, "    [^%c]", c);
+      else fprintf(outfile, "    [^\\x%02x]", c);
+    fprintf(outfile, "%s", OP_names[*code++]);
+    break;
+
+    case OP_NOTEXACT:
+    case OP_NOTUPTO:
+    case OP_NOTMINUPTO:
+    if (isprint(c = code[3])) fprintf(outfile, "    [^%c]{", c);
+      else fprintf(outfile, "    [^\\x%02x]{", c);
+    if (*code != OP_NOTEXACT) fprintf(outfile, ",");
+    fprintf(outfile, "%d}", (code[1] << 8) + code[2]);
+    if (*code == OP_NOTMINUPTO) fprintf(outfile, "?");
+    code += 3;
+    break;
+
+    case OP_REF:
+    fprintf(outfile, "    \\%d", *(++code));
+    code++;
+    goto CLASS_REF_REPEAT;
+
+    case OP_CLASS:
+      {
+      int i, min, max;
+      code++;
+      fprintf(outfile, "    [");
+
+      for (i = 0; i < 256; i++)
+        {
+        if ((code[i/8] & (1 << (i&7))) != 0)
+          {
+          int j;
+          for (j = i+1; j < 256; j++)
+            if ((code[j/8] & (1 << (j&7))) == 0) break;
+          if (i == '-' || i == ']') fprintf(outfile, "\\");
+          if (isprint(i)) fprintf(outfile, "%c", i); else fprintf(outfile, "\\x%02x", i);
+          if (--j > i)
+            {
+            fprintf(outfile, "-");
+            if (j == '-' || j == ']') fprintf(outfile, "\\");
+            if (isprint(j)) fprintf(outfile, "%c", j); else fprintf(outfile, "\\x%02x", j);
+            }
+          i = j;
+          }
+        }
+      fprintf(outfile, "]");
+      code += 32;
+
+      CLASS_REF_REPEAT:
+
+      switch(*code)
+        {
+        case OP_CRSTAR:
+        case OP_CRMINSTAR:
+        case OP_CRPLUS:
+        case OP_CRMINPLUS:
+        case OP_CRQUERY:
+        case OP_CRMINQUERY:
+        fprintf(outfile, "%s", OP_names[*code]);
+        break;
+
+        case OP_CRRANGE:
+        case OP_CRMINRANGE:
+        min = (code[1] << 8) + code[2];
+        max = (code[3] << 8) + code[4];
+        if (max == 0) fprintf(outfile, "{%d,}", min);
+        else fprintf(outfile, "{%d,%d}", min, max);
+        if (*code == OP_CRMINRANGE) fprintf(outfile, "?");
+        code += 4;
+        break;
+
+        default:
+        code--;
+        }
+      }
+    break;
+
+    /* Anything else is just a one-node item */
+
+    default:
+    fprintf(outfile, "    %s", OP_names[*code]);
+    break;
+    }
+
+  code++;
+  fprintf(outfile, "\n");
+  }
+}
+
+
+
+/* Character string printing function. A "normal" and a UTF-8 version. */
+
+static void pchars(unsigned char *p, int length, int utf8)
+{
+int c;
+while (length-- > 0)
+  {
+  if (utf8)
+    {
+    int rc = utf82ord(p, &c);
+    if (rc > 0)
+      {
+      length -= rc - 1;
+      p += rc;
+      if (c < 256 && isprint(c)) fprintf(outfile, "%c", c);
+        else fprintf(outfile, "\\x{%02x}", c);
+      continue;
+      }
+    }
+
+   /* Not UTF-8, or malformed UTF-8  */
+
+  if (isprint(c = *(p++))) fprintf(outfile, "%c", c);
+    else fprintf(outfile, "\\x%02x", c);
+  }
+}
+
+
+
+/* Alternative malloc function, to test functionality and show the size of the
+compiled re. */
+
+static void *new_malloc(size_t size)
+{
+gotten_store = size;
+if (log_store)
+  fprintf(outfile, "Memory allocation (code space): %d\n",
+    (int)((int)size - offsetof(real_pcre, code[0])));
+return malloc(size);
+}
+
+
+
+
+/* Get one piece of information from the pcre_fullinfo() function */
+
+static void new_info(pcre *re, pcre_extra *study, int option, void *ptr)
+{
+int rc;
+if ((rc = pcre_fullinfo(re, study, option, ptr)) < 0)
+  fprintf(outfile, "Error %d from pcre_fullinfo(%d)\n", rc, option);
+}
+
+
+
+
+/* Read lines from named file or stdin and write to named file or stdout; lines
+consist of a regular expression, in delimiters and optionally followed by
+options, followed by a set of test data, terminated by an empty line. */
+
+int main(int argc, char **argv)
+{
+FILE *infile = stdin;
+int options = 0;
+int study_options = 0;
+int op = 1;
+int timeit = 0;
+int showinfo = 0;
+int showstore = 0;
+int posix = 0;
+int debug = 0;
+int done = 0;
+unsigned char buffer[30000];
+unsigned char dbuffer[1024];
+
+/* Static so that new_malloc can use it. */
+
+outfile = stdout;
+
+/* Scan options */
+
+while (argc > 1 && argv[op][0] == '-')
+  {
+  if (strcmp(argv[op], "-s") == 0 || strcmp(argv[op], "-m") == 0)
+    showstore = 1;
+  else if (strcmp(argv[op], "-t") == 0) timeit = 1;
+  else if (strcmp(argv[op], "-i") == 0) showinfo = 1;
+  else if (strcmp(argv[op], "-d") == 0) showinfo = debug = 1;
+  else if (strcmp(argv[op], "-p") == 0) posix = 1;
+  else
+    {
+    printf("*** Unknown option %s\n", argv[op]);
+    printf("Usage: pcretest [-d] [-i] [-p] [-s] [-t] [<input> [<output>]]\n");
+    printf("  -d   debug: show compiled code; implies -i\n"
+           "  -i   show information about compiled pattern\n"
+           "  -p   use POSIX interface\n"
+           "  -s   output store information\n"
+           "  -t   time compilation and execution\n");
+    return 1;
+    }
+  op++;
+  argc--;
+  }
+
+/* Sort out the input and output files */
+
+if (argc > 1)
+  {
+  infile = fopen(argv[op], "r");
+  if (infile == NULL)
+    {
+    printf("** Failed to open %s\n", argv[op]);
+    return 1;
+    }
+  }
+
+if (argc > 2)
+  {
+  outfile = fopen(argv[op+1], "w");
+  if (outfile == NULL)
+    {
+    printf("** Failed to open %s\n", argv[op+1]);
+    return 1;
+    }
+  }
+
+/* Set alternative malloc function */
+
+pcre_malloc = new_malloc;
+
+/* Heading line, then prompt for first regex if stdin */
+
+fprintf(outfile, "PCRE version %s\n\n", pcre_version());
+
+/* Main loop */
+
+while (!done)
+  {
+  pcre *re = NULL;
+  pcre_extra *extra = NULL;
+
+#if !defined NOPOSIX  /* There are still compilers that require no indent */
+  regex_t preg;
+  int do_posix = 0;
+#endif
+
+  const char *error;
+  unsigned char *p, *pp, *ppp;
+  unsigned const char *tables = NULL;
+  int do_study = 0;
+  int do_debug = debug;
+  int do_G = 0;
+  int do_g = 0;
+  int do_showinfo = showinfo;
+  int do_showrest = 0;
+  int utf8 = 0;
+  int erroroffset, len, delimiter;
+
+  if (infile == stdin) printf("  re> ");
+  if (fgets((char *)buffer, sizeof(buffer), infile) == NULL) break;
+  if (infile != stdin) fprintf(outfile, "%s", (char *)buffer);
+
+  p = buffer;
+  while (isspace(*p)) p++;
+  if (*p == 0) continue;
+
+  /* Get the delimiter and seek the end of the pattern; if is isn't
+  complete, read more. */
+
+  delimiter = *p++;
+
+  if (isalnum(delimiter) || delimiter == '\\')
+    {
+    fprintf(outfile, "** Delimiter must not be alphameric or \\\n");
+    goto SKIP_DATA;
+    }
+
+  pp = p;
+
+  for(;;)
+    {
+    while (*pp != 0)
+      {
+      if (*pp == '\\' && pp[1] != 0) pp++;
+        else if (*pp == delimiter) break;
+      pp++;
+      }
+    if (*pp != 0) break;
+
+    len = sizeof(buffer) - (pp - buffer);
+    if (len < 256)
+      {
+      fprintf(outfile, "** Expression too long - missing delimiter?\n");
+      goto SKIP_DATA;
+      }
+
+    if (infile == stdin) printf("    > ");
+    if (fgets((char *)pp, len, infile) == NULL)
+      {
+      fprintf(outfile, "** Unexpected EOF\n");
+      done = 1;
+      goto CONTINUE;
+      }
+    if (infile != stdin) fprintf(outfile, "%s", (char *)pp);
+    }
+
+  /* If the first character after the delimiter is backslash, make
+  the pattern end with backslash. This is purely to provide a way
+  of testing for the error message when a pattern ends with backslash. */
+
+  if (pp[1] == '\\') *pp++ = '\\';
+
+  /* Terminate the pattern at the delimiter */
+
+  *pp++ = 0;
+
+  /* Look for options after final delimiter */
+
+  options = 0;
+  study_options = 0;
+  log_store = showstore;  /* default from command line */
+
+  while (*pp != 0)
+    {
+    switch (*pp++)
+      {
+      case 'g': do_g = 1; break;
+      case 'i': options |= PCRE_CASELESS; break;
+      case 'm': options |= PCRE_MULTILINE; break;
+      case 's': options |= PCRE_DOTALL; break;
+      case 'x': options |= PCRE_EXTENDED; break;
+
+      case '+': do_showrest = 1; break;
+      case 'A': options |= PCRE_ANCHORED; break;
+      case 'D': do_debug = do_showinfo = 1; break;
+      case 'E': options |= PCRE_DOLLAR_ENDONLY; break;
+      case 'G': do_G = 1; break;
+      case 'I': do_showinfo = 1; break;
+      case 'M': log_store = 1; break;
+
+#if !defined NOPOSIX
+      case 'P': do_posix = 1; break;
+#endif
+
+      case 'S': do_study = 1; break;
+      case 'U': options |= PCRE_UNGREEDY; break;
+      case 'X': options |= PCRE_EXTRA; break;
+      case '8': options |= PCRE_UTF8; utf8 = 1; break;
+
+      case 'L':
+      ppp = pp;
+      while (*ppp != '\n' && *ppp != ' ') ppp++;
+      *ppp = 0;
+      if (setlocale(LC_CTYPE, (const char *)pp) == NULL)
+        {
+        fprintf(outfile, "** Failed to set locale \"%s\"\n", pp);
+        goto SKIP_DATA;
+        }
+      tables = pcre_maketables();
+      pp = ppp;
+      break;
+
+      case '\n': case ' ': break;
+      default:
+      fprintf(outfile, "** Unknown option '%c'\n", pp[-1]);
+      goto SKIP_DATA;
+      }
+    }
+
+  /* Handle compiling via the POSIX interface, which doesn't support the
+  timing, showing, or debugging options, nor the ability to pass over
+  local character tables. */
+
+#if !defined NOPOSIX
+  if (posix || do_posix)
+    {
+    int rc;
+    int cflags = 0;
+    if ((options & PCRE_CASELESS) != 0) cflags |= REG_ICASE;
+    if ((options & PCRE_MULTILINE) != 0) cflags |= REG_NEWLINE;
+    rc = regcomp(&preg, (char *)p, cflags);
+
+    /* Compilation failed; go back for another re, skipping to blank line
+    if non-interactive. */
+
+    if (rc != 0)
+      {
+      (void)regerror(rc, &preg, (char *)buffer, sizeof(buffer));
+      fprintf(outfile, "Failed: POSIX code %d: %s\n", rc, buffer);
+      goto SKIP_DATA;
+      }
+    }
+
+  /* Handle compiling via the native interface */
+
+  else
+#endif  /* !defined NOPOSIX */
+
+    {
+    if (timeit)
+      {
+      register int i;
+      clock_t time_taken;
+      clock_t start_time = clock();
+      for (i = 0; i < LOOPREPEAT; i++)
+        {
+        re = pcre_compile((char *)p, options, &error, &erroroffset, tables);
+        if (re != NULL) free(re);
+        }
+      time_taken = clock() - start_time;
+      fprintf(outfile, "Compile time %.3f milliseconds\n",
+        ((double)time_taken * 1000.0) /
+        ((double)LOOPREPEAT * (double)CLOCKS_PER_SEC));
+      }
+
+    re = pcre_compile((char *)p, options, &error, &erroroffset, tables);
+
+    /* Compilation failed; go back for another re, skipping to blank line
+    if non-interactive. */
+
+    if (re == NULL)
+      {
+      fprintf(outfile, "Failed: %s at offset %d\n", error, erroroffset);
+      SKIP_DATA:
+      if (infile != stdin)
+        {
+        for (;;)
+          {
+          if (fgets((char *)buffer, sizeof(buffer), infile) == NULL)
+            {
+            done = 1;
+            goto CONTINUE;
+            }
+          len = (int)strlen((char *)buffer);
+          while (len > 0 && isspace(buffer[len-1])) len--;
+          if (len == 0) break;
+          }
+        fprintf(outfile, "\n");
+        }
+      goto CONTINUE;
+      }
+
+    /* Compilation succeeded; print data if required. There are now two
+    info-returning functions. The old one has a limited interface and
+    returns only limited data. Check that it agrees with the newer one. */
+
+    if (do_showinfo)
+      {
+      int old_first_char, old_options, old_count;
+      int count, backrefmax, first_char, need_char;
+      size_t size;
+
+      if (do_debug) print_internals(re);
+
+      new_info(re, NULL, PCRE_INFO_OPTIONS, &options);
+      new_info(re, NULL, PCRE_INFO_SIZE, &size);
+      new_info(re, NULL, PCRE_INFO_CAPTURECOUNT, &count);
+      new_info(re, NULL, PCRE_INFO_BACKREFMAX, &backrefmax);
+      new_info(re, NULL, PCRE_INFO_FIRSTCHAR, &first_char);
+      new_info(re, NULL, PCRE_INFO_LASTLITERAL, &need_char);
+
+      old_count = pcre_info(re, &old_options, &old_first_char);
+      if (count < 0) fprintf(outfile,
+        "Error %d from pcre_info()\n", count);
+      else
+        {
+        if (old_count != count) fprintf(outfile,
+          "Count disagreement: pcre_fullinfo=%d pcre_info=%d\n", count,
+            old_count);
+
+        if (old_first_char != first_char) fprintf(outfile,
+          "First char disagreement: pcre_fullinfo=%d pcre_info=%d\n",
+            first_char, old_first_char);
+
+        if (old_options != options) fprintf(outfile,
+          "Options disagreement: pcre_fullinfo=%d pcre_info=%d\n", options,
+            old_options);
+        }
+
+      if (size != gotten_store) fprintf(outfile,
+        "Size disagreement: pcre_fullinfo=%d call to malloc for %d\n",
+        size, gotten_store);
+
+      fprintf(outfile, "Capturing subpattern count = %d\n", count);
+      if (backrefmax > 0)
+        fprintf(outfile, "Max back reference = %d\n", backrefmax);
+      if (options == 0) fprintf(outfile, "No options\n");
+        else fprintf(outfile, "Options:%s%s%s%s%s%s%s%s%s\n",
+          ((options & PCRE_ANCHORED) != 0)? " anchored" : "",
+          ((options & PCRE_CASELESS) != 0)? " caseless" : "",
+          ((options & PCRE_EXTENDED) != 0)? " extended" : "",
+          ((options & PCRE_MULTILINE) != 0)? " multiline" : "",
+          ((options & PCRE_DOTALL) != 0)? " dotall" : "",
+          ((options & PCRE_DOLLAR_ENDONLY) != 0)? " dollar_endonly" : "",
+          ((options & PCRE_EXTRA) != 0)? " extra" : "",
+          ((options & PCRE_UNGREEDY) != 0)? " ungreedy" : "",
+          ((options & PCRE_UTF8) != 0)? " utf8" : "");
+
+      if (((((real_pcre *)re)->options) & PCRE_ICHANGED) != 0)
+        fprintf(outfile, "Case state changes\n");
+
+      if (first_char == -1)
+        {
+        fprintf(outfile, "First char at start or follows \\n\n");
+        }
+      else if (first_char < 0)
+        {
+        fprintf(outfile, "No first char\n");
+        }
+      else
+        {
+        if (isprint(first_char))
+          fprintf(outfile, "First char = \'%c\'\n", first_char);
+        else
+          fprintf(outfile, "First char = %d\n", first_char);
+        }
+
+      if (need_char < 0)
+        {
+        fprintf(outfile, "No need char\n");
+        }
+      else
+        {
+        if (isprint(need_char))
+          fprintf(outfile, "Need char = \'%c\'\n", need_char);
+        else
+          fprintf(outfile, "Need char = %d\n", need_char);
+        }
+      }
+
+    /* If /S was present, study the regexp to generate additional info to
+    help with the matching. */
+
+    if (do_study)
+      {
+      if (timeit)
+        {
+        register int i;
+        clock_t time_taken;
+        clock_t start_time = clock();
+        for (i = 0; i < LOOPREPEAT; i++)
+          extra = pcre_study(re, study_options, &error);
+        time_taken = clock() - start_time;
+        if (extra != NULL) free(extra);
+        fprintf(outfile, "  Study time %.3f milliseconds\n",
+          ((double)time_taken * 1000.0)/
+          ((double)LOOPREPEAT * (double)CLOCKS_PER_SEC));
+        }
+
+      extra = pcre_study(re, study_options, &error);
+      if (error != NULL)
+        fprintf(outfile, "Failed to study: %s\n", error);
+      else if (extra == NULL)
+        fprintf(outfile, "Study returned NULL\n");
+
+      else if (do_showinfo)
+        {
+        uschar *start_bits = NULL;
+        new_info(re, extra, PCRE_INFO_FIRSTTABLE, &start_bits);
+        if (start_bits == NULL)
+          fprintf(outfile, "No starting character set\n");
+        else
+          {
+          int i;
+          int c = 24;
+          fprintf(outfile, "Starting character set: ");
+          for (i = 0; i < 256; i++)
+            {
+            if ((start_bits[i/8] & (1<<(i%8))) != 0)
+              {
+              if (c > 75)
+                {
+                fprintf(outfile, "\n  ");
+                c = 2;
+                }
+              if (isprint(i) && i != ' ')
+                {
+                fprintf(outfile, "%c ", i);
+                c += 2;
+                }
+              else
+                {
+                fprintf(outfile, "\\x%02x ", i);
+                c += 5;
+                }
+              }
+            }
+          fprintf(outfile, "\n");
+          }
+        }
+      }
+    }
+
+  /* Read data lines and test them */
+
+  for (;;)
+    {
+    unsigned char *q;
+    unsigned char *bptr = dbuffer;
+    int count, c;
+    int copystrings = 0;
+    int getstrings = 0;
+    int getlist = 0;
+    int gmatched = 0;
+    int start_offset = 0;
+    int g_notempty = 0;
+    int offsets[45];
+    int size_offsets = sizeof(offsets)/sizeof(int);
+
+    options = 0;
+
+    if (infile == stdin) printf("data> ");
+    if (fgets((char *)buffer, sizeof(buffer), infile) == NULL)
+      {
+      done = 1;
+      goto CONTINUE;
+      }
+    if (infile != stdin) fprintf(outfile, "%s", (char *)buffer);
+
+    len = (int)strlen((char *)buffer);
+    while (len > 0 && isspace(buffer[len-1])) len--;
+    buffer[len] = 0;
+    if (len == 0) break;
+
+    p = buffer;
+    while (isspace(*p)) p++;
+
+    q = dbuffer;
+    while ((c = *p++) != 0)
+      {
+      int i = 0;
+      int n = 0;
+      if (c == '\\') switch ((c = *p++))
+        {
+        case 'a': c =    7; break;
+        case 'b': c = '\b'; break;
+        case 'e': c =   27; break;
+        case 'f': c = '\f'; break;
+        case 'n': c = '\n'; break;
+        case 'r': c = '\r'; break;
+        case 't': c = '\t'; break;
+        case 'v': c = '\v'; break;
+
+        case '0': case '1': case '2': case '3':
+        case '4': case '5': case '6': case '7':
+        c -= '0';
+        while (i++ < 2 && isdigit(*p) && *p != '8' && *p != '9')
+          c = c * 8 + *p++ - '0';
+        break;
+
+        case 'x':
+
+        /* Handle \x{..} specially - new Perl thing for utf8 */
+
+        if (*p == '{')
+          {
+          unsigned char *pt = p;
+          c = 0;
+          while (isxdigit(*(++pt)))
+            c = c * 16 + tolower(*pt) - ((isdigit(*pt))? '0' : 'W');
+          if (*pt == '}')
+            {
+            unsigned char buffer[8];
+            int ii, utn;
+            utn = ord2utf8(c, buffer);
+            for (ii = 0; ii < utn - 1; ii++) *q++ = buffer[ii];
+            c = buffer[ii];   /* Last byte */
+            p = pt + 1;
+            break;
+            }
+          /* Not correct form; fall through */
+          }
+
+        /* Ordinary \x */
+
+        c = 0;
+        while (i++ < 2 && isxdigit(*p))
+          {
+          c = c * 16 + tolower(*p) - ((isdigit(*p))? '0' : 'W');
+          p++;
+          }
+        break;
+
+        case 0:   /* Allows for an empty line */
+        p--;
+        continue;
+
+        case 'A':  /* Option setting */
+        options |= PCRE_ANCHORED;
+        continue;
+
+        case 'B':
+        options |= PCRE_NOTBOL;
+        continue;
+
+        case 'C':
+        while(isdigit(*p)) n = n * 10 + *p++ - '0';
+        copystrings |= 1 << n;
+        continue;
+
+        case 'G':
+        while(isdigit(*p)) n = n * 10 + *p++ - '0';
+        getstrings |= 1 << n;
+        continue;
+
+        case 'L':
+        getlist = 1;
+        continue;
+
+        case 'N':
+        options |= PCRE_NOTEMPTY;
+        continue;
+
+        case 'O':
+        while(isdigit(*p)) n = n * 10 + *p++ - '0';
+        if (n <= (int)(sizeof(offsets)/sizeof(int))) size_offsets = n;
+        continue;
+
+        case 'Z':
+        options |= PCRE_NOTEOL;
+        continue;
+        }
+      *q++ = c;
+      }
+    *q = 0;
+    len = q - dbuffer;
+
+    /* Handle matching via the POSIX interface, which does not
+    support timing. */
+
+#if !defined NOPOSIX
+    if (posix || do_posix)
+      {
+      int rc;
+      int eflags = 0;
+      regmatch_t pmatch[sizeof(offsets)/sizeof(int)];
+      if ((options & PCRE_NOTBOL) != 0) eflags |= REG_NOTBOL;
+      if ((options & PCRE_NOTEOL) != 0) eflags |= REG_NOTEOL;
+
+      rc = regexec(&preg, (const char *)bptr, size_offsets, pmatch, eflags);
+
+      if (rc != 0)
+        {
+        (void)regerror(rc, &preg, (char *)buffer, sizeof(buffer));
+        fprintf(outfile, "No match: POSIX code %d: %s\n", rc, buffer);
+        }
+      else
+        {
+        size_t i;
+        for (i = 0; i < size_offsets; i++)
+          {
+          if (pmatch[i].rm_so >= 0)
+            {
+            fprintf(outfile, "%2d: ", (int)i);
+            pchars(dbuffer + pmatch[i].rm_so,
+              pmatch[i].rm_eo - pmatch[i].rm_so, utf8);
+            fprintf(outfile, "\n");
+            if (i == 0 && do_showrest)
+              {
+              fprintf(outfile, " 0+ ");
+              pchars(dbuffer + pmatch[i].rm_eo, len - pmatch[i].rm_eo, utf8);
+              fprintf(outfile, "\n");
+              }
+            }
+          }
+        }
+      }
+
+    /* Handle matching via the native interface - repeats for /g and /G */
+
+    else
+#endif  /* !defined NOPOSIX */
+
+    for (;; gmatched++)    /* Loop for /g or /G */
+      {
+      if (timeit)
+        {
+        register int i;
+        clock_t time_taken;
+        clock_t start_time = clock();
+        for (i = 0; i < LOOPREPEAT; i++)
+          count = pcre_exec(re, extra, (char *)bptr, len,
+            start_offset, options | g_notempty, offsets, size_offsets);
+        time_taken = clock() - start_time;
+        fprintf(outfile, "Execute time %.3f milliseconds\n",
+          ((double)time_taken * 1000.0)/
+          ((double)LOOPREPEAT * (double)CLOCKS_PER_SEC));
+        }
+
+      count = pcre_exec(re, extra, (char *)bptr, len,
+        start_offset, options | g_notempty, offsets, size_offsets);
+
+      if (count == 0)
+        {
+        fprintf(outfile, "Matched, but too many substrings\n");
+        count = size_offsets/3;
+        }
+
+      /* Matched */
+
+      if (count >= 0)
+        {
+        int i;
+        for (i = 0; i < count * 2; i += 2)
+          {
+          if (offsets[i] < 0)
+            fprintf(outfile, "%2d: <unset>\n", i/2);
+          else
+            {
+            fprintf(outfile, "%2d: ", i/2);
+            pchars(bptr + offsets[i], offsets[i+1] - offsets[i], utf8);
+            fprintf(outfile, "\n");
+            if (i == 0)
+              {
+              if (do_showrest)
+                {
+                fprintf(outfile, " 0+ ");
+                pchars(bptr + offsets[i+1], len - offsets[i+1], utf8);
+                fprintf(outfile, "\n");
+                }
+              }
+            }
+          }
+
+        for (i = 0; i < 32; i++)
+          {
+          if ((copystrings & (1 << i)) != 0)
+            {
+            char copybuffer[16];
+            int rc = pcre_copy_substring((char *)bptr, offsets, count,
+              i, copybuffer, sizeof(copybuffer));
+            if (rc < 0)
+              fprintf(outfile, "copy substring %d failed %d\n", i, rc);
+            else
+              fprintf(outfile, "%2dC %s (%d)\n", i, copybuffer, rc);
+            }
+          }
+
+        for (i = 0; i < 32; i++)
+          {
+          if ((getstrings & (1 << i)) != 0)
+            {
+            const char *substring;
+            int rc = pcre_get_substring((char *)bptr, offsets, count,
+              i, &substring);
+            if (rc < 0)
+              fprintf(outfile, "get substring %d failed %d\n", i, rc);
+            else
+              {
+              fprintf(outfile, "%2dG %s (%d)\n", i, substring, rc);
+              /* free((void *)substring); */
+              pcre_free_substring(substring);
+              }
+            }
+          }
+
+        if (getlist)
+          {
+          const char **stringlist;
+          int rc = pcre_get_substring_list((char *)bptr, offsets, count,
+            &stringlist);
+          if (rc < 0)
+            fprintf(outfile, "get substring list failed %d\n", rc);
+          else
+            {
+            for (i = 0; i < count; i++)
+              fprintf(outfile, "%2dL %s\n", i, stringlist[i]);
+            if (stringlist[i] != NULL)
+              fprintf(outfile, "string list not terminated by NULL\n");
+            /* free((void *)stringlist); */
+            pcre_free_substring_list(stringlist);
+            }
+          }
+        }
+
+      /* Failed to match. If this is a /g or /G loop and we previously set
+      g_notempty after a null match, this is not necessarily the end.
+      We want to advance the start offset, and continue. Fudge the offset
+      values to achieve this. We won't be at the end of the string - that
+      was checked before setting g_notempty. */
+
+      else
+        {
+        if (g_notempty != 0)
+          {
+          offsets[0] = start_offset;
+          offsets[1] = start_offset + 1;
+          }
+        else
+          {
+          if (gmatched == 0)   /* Error if no previous matches */
+            {
+            if (count == -1) fprintf(outfile, "No match\n");
+              else fprintf(outfile, "Error %d\n", count);
+            }
+          break;  /* Out of the /g loop */
+          }
+        }
+
+      /* If not /g or /G we are done */
+
+      if (!do_g && !do_G) break;
+
+      /* If we have matched an empty string, first check to see if we are at
+      the end of the subject. If so, the /g loop is over. Otherwise, mimic
+      what Perl's /g options does. This turns out to be rather cunning. First
+      we set PCRE_NOTEMPTY and PCRE_ANCHORED and try the match again at the
+      same point. If this fails (picked up above) we advance to the next
+      character. */
+
+      g_notempty = 0;
+      if (offsets[0] == offsets[1])
+        {
+        if (offsets[0] == len) break;
+        g_notempty = PCRE_NOTEMPTY | PCRE_ANCHORED;
+        }
+
+      /* For /g, update the start offset, leaving the rest alone */
+
+      if (do_g) start_offset = offsets[1];
+
+      /* For /G, update the pointer and length */
+
+      else
+        {
+        bptr += offsets[1];
+        len -= offsets[1];
+        }
+      }  /* End of loop for /g and /G */
+    }    /* End of loop for data lines */
+
+  CONTINUE:
+
+#if !defined NOPOSIX
+  if (posix || do_posix) regfree(&preg);
+#endif
+
+  if (re != NULL) free(re);
+  if (extra != NULL) free(extra);
+  if (tables != NULL)
+    {
+    free((void *)tables);
+    setlocale(LC_CTYPE, "C");
+    }
+  }
+
+fprintf(outfile, "\n");
+return 0;
+}
+
+/* End */
diff --git a/external/privoxy/pcre/study.c b/external/privoxy/pcre/study.c
new file mode 100644
index 0000000..676db94
--- /dev/null
+++ b/external/privoxy/pcre/study.c
@@ -0,0 +1,397 @@
+/*************************************************
+*      Perl-Compatible Regular Expressions       *
+*************************************************/
+
+/*
+This is a library of functions to support regular expressions whose syntax
+and semantics are as close as possible to those of the Perl 5 language. See
+the file Tech.Notes for some information on the internals.
+
+Written by: Philip Hazel <ph10 at cam.ac.uk>
+
+           Copyright (c) 1997-2000 University of Cambridge
+
+-----------------------------------------------------------------------------
+Permission is granted to anyone to use this software for any purpose on any
+computer system, and to redistribute it freely, subject to the following
+restrictions:
+
+1. This software is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
+
+2. The origin of this software must not be misrepresented, either by
+   explicit claim or by omission.
+
+3. Altered versions must be plainly marked as such, and must not be
+   misrepresented as being the original software.
+
+4. If PCRE is embedded in any software that is released under the GNU
+   General Purpose Licence (GPL), then the terms of that licence shall
+   supersede any condition above with which it is incompatible.
+-----------------------------------------------------------------------------
+*/
+
+
+/* Include the internals header, which itself includes Standard C headers plus
+the external pcre header. */
+
+#include "internal.h"
+
+
+
+/*************************************************
+*      Set a bit and maybe its alternate case    *
+*************************************************/
+
+/* Given a character, set its bit in the table, and also the bit for the other
+version of a letter if we are caseless.
+
+Arguments:
+  start_bits    points to the bit map
+  c             is the character
+  caseless      the caseless flag
+  cd            the block with char table pointers
+
+Returns:        nothing
+*/
+
+static void
+set_bit(uschar *start_bits, int c, BOOL caseless, compile_data *cd)
+{
+start_bits[c/8] |= (1 << (c&7));
+if (caseless && (cd->ctypes[c] & ctype_letter) != 0)
+  start_bits[cd->fcc[c]/8] |= (1 << (cd->fcc[c]&7));
+}
+
+
+
+/*************************************************
+*          Create bitmap of starting chars       *
+*************************************************/
+
+/* This function scans a compiled unanchored expression and attempts to build a
+bitmap of the set of initial characters. If it can't, it returns FALSE. As time
+goes by, we may be able to get more clever at doing this.
+
+Arguments:
+  code         points to an expression
+  start_bits   points to a 32-byte table, initialized to 0
+  caseless     the current state of the caseless flag
+  cd           the block with char table pointers
+
+Returns:       TRUE if table built, FALSE otherwise
+*/
+
+static BOOL
+set_start_bits(const uschar *code, uschar *start_bits, BOOL caseless,
+  compile_data *cd)
+{
+register int c;
+
+/* This next statement and the later reference to dummy are here in order to
+trick the optimizer of the IBM C compiler for OS/2 into generating correct
+code. Apparently IBM isn't going to fix the problem, and we would rather not
+disable optimization (in this module it actually makes a big difference, and
+the pcre module can use all the optimization it can get). */
+
+volatile int dummy;
+
+do
+  {
+  const uschar *tcode = code + 3;
+  BOOL try_next = TRUE;
+
+  while (try_next)
+    {
+    try_next = FALSE;
+
+    /* If a branch starts with a bracket or a positive lookahead assertion,
+    recurse to set bits from within them. That's all for this branch. */
+
+    if ((int)*tcode >= OP_BRA || *tcode == OP_ASSERT)
+      {
+      if (!set_start_bits(tcode, start_bits, caseless, cd))
+        return FALSE;
+      }
+
+    else switch(*tcode)
+      {
+      default:
+      return FALSE;
+
+      /* Skip over lookbehind and negative lookahead assertions */
+
+      case OP_ASSERT_NOT:
+      case OP_ASSERTBACK:
+      case OP_ASSERTBACK_NOT:
+      try_next = TRUE;
+      do tcode += (tcode[1] << 8) + tcode[2]; while (*tcode == OP_ALT);
+      tcode += 3;
+      break;
+
+      /* Skip over an option setting, changing the caseless flag */
+
+      case OP_OPT:
+      caseless = (tcode[1] & PCRE_CASELESS) != 0;
+      tcode += 2;
+      try_next = TRUE;
+      break;
+
+      /* BRAZERO does the bracket, but carries on. */
+
+      case OP_BRAZERO:
+      case OP_BRAMINZERO:
+      if (!set_start_bits(++tcode, start_bits, caseless, cd))
+        return FALSE;
+      dummy = 1;
+      do tcode += (tcode[1] << 8) + tcode[2]; while (*tcode == OP_ALT);
+      tcode += 3;
+      try_next = TRUE;
+      break;
+
+      /* Single-char * or ? sets the bit and tries the next item */
+
+      case OP_STAR:
+      case OP_MINSTAR:
+      case OP_QUERY:
+      case OP_MINQUERY:
+      set_bit(start_bits, tcode[1], caseless, cd);
+      tcode += 2;
+      try_next = TRUE;
+      break;
+
+      /* Single-char upto sets the bit and tries the next */
+
+      case OP_UPTO:
+      case OP_MINUPTO:
+      set_bit(start_bits, tcode[3], caseless, cd);
+      tcode += 4;
+      try_next = TRUE;
+      break;
+
+      /* At least one single char sets the bit and stops */
+
+      case OP_EXACT:       /* Fall through */
+      tcode++;
+
+      case OP_CHARS:       /* Fall through */
+      tcode++;
+
+      case OP_PLUS:
+      case OP_MINPLUS:
+      set_bit(start_bits, tcode[1], caseless, cd);
+      break;
+
+      /* Single character type sets the bits and stops */
+
+      case OP_NOT_DIGIT:
+      for (c = 0; c < 32; c++)
+        start_bits[c] |= ~cd->cbits[c+cbit_digit];
+      break;
+
+      case OP_DIGIT:
+      for (c = 0; c < 32; c++)
+        start_bits[c] |= cd->cbits[c+cbit_digit];
+      break;
+
+      case OP_NOT_WHITESPACE:
+      for (c = 0; c < 32; c++)
+        start_bits[c] |= ~cd->cbits[c+cbit_space];
+      break;
+
+      case OP_WHITESPACE:
+      for (c = 0; c < 32; c++)
+        start_bits[c] |= cd->cbits[c+cbit_space];
+      break;
+
+      case OP_NOT_WORDCHAR:
+      for (c = 0; c < 32; c++)
+        start_bits[c] |= ~cd->cbits[c+cbit_word];
+      break;
+
+      case OP_WORDCHAR:
+      for (c = 0; c < 32; c++)
+        start_bits[c] |= cd->cbits[c+cbit_word];
+      break;
+
+      /* One or more character type fudges the pointer and restarts, knowing
+      it will hit a single character type and stop there. */
+
+      case OP_TYPEPLUS:
+      case OP_TYPEMINPLUS:
+      tcode++;
+      try_next = TRUE;
+      break;
+
+      case OP_TYPEEXACT:
+      tcode += 3;
+      try_next = TRUE;
+      break;
+
+      /* Zero or more repeats of character types set the bits and then
+      try again. */
+
+      case OP_TYPEUPTO:
+      case OP_TYPEMINUPTO:
+      tcode += 2;               /* Fall through */
+
+      case OP_TYPESTAR:
+      case OP_TYPEMINSTAR:
+      case OP_TYPEQUERY:
+      case OP_TYPEMINQUERY:
+      switch(tcode[1])
+        {
+        case OP_NOT_DIGIT:
+        for (c = 0; c < 32; c++)
+          start_bits[c] |= ~cd->cbits[c+cbit_digit];
+        break;
+
+        case OP_DIGIT:
+        for (c = 0; c < 32; c++)
+          start_bits[c] |= cd->cbits[c+cbit_digit];
+        break;
+
+        case OP_NOT_WHITESPACE:
+        for (c = 0; c < 32; c++)
+          start_bits[c] |= ~cd->cbits[c+cbit_space];
+        break;
+
+        case OP_WHITESPACE:
+        for (c = 0; c < 32; c++)
+          start_bits[c] |= cd->cbits[c+cbit_space];
+        break;
+
+        case OP_NOT_WORDCHAR:
+        for (c = 0; c < 32; c++)
+          start_bits[c] |= ~cd->cbits[c+cbit_word];
+        break;
+
+        case OP_WORDCHAR:
+        for (c = 0; c < 32; c++)
+          start_bits[c] |= cd->cbits[c+cbit_word];
+        break;
+        }
+
+      tcode += 2;
+      try_next = TRUE;
+      break;
+
+      /* Character class: set the bits and either carry on or not,
+      according to the repeat count. */
+
+      case OP_CLASS:
+        {
+        tcode++;
+        for (c = 0; c < 32; c++) start_bits[c] |= tcode[c];
+        tcode += 32;
+        switch (*tcode)
+          {
+          case OP_CRSTAR:
+          case OP_CRMINSTAR:
+          case OP_CRQUERY:
+          case OP_CRMINQUERY:
+          tcode++;
+          try_next = TRUE;
+          break;
+
+          case OP_CRRANGE:
+          case OP_CRMINRANGE:
+          if (((tcode[1] << 8) + tcode[2]) == 0)
+            {
+            tcode += 5;
+            try_next = TRUE;
+            }
+          break;
+          }
+        }
+      break; /* End of class handling */
+
+      }      /* End of switch */
+    }        /* End of try_next loop */
+
+  code += (code[1] << 8) + code[2];   /* Advance to next branch */
+  }
+while (*code == OP_ALT);
+return TRUE;
+}
+
+
+
+/*************************************************
+*          Study a compiled expression           *
+*************************************************/
+
+/* This function is handed a compiled expression that it must study to produce
+information that will speed up the matching. It returns a pcre_extra block
+which then gets handed back to pcre_exec().
+
+Arguments:
+  re        points to the compiled expression
+  options   contains option bits
+  errorptr  points to where to place error messages;
+            set NULL unless error
+
+Returns:    pointer to a pcre_extra block,
+            NULL on error or if no optimization possible
+*/
+
+pcre_extra *
+pcre_study(const pcre *external_re, int options, const char **errorptr)
+{
+uschar start_bits[32];
+real_pcre_extra *extra;
+const real_pcre *re = (const real_pcre *)external_re;
+compile_data compile_block;
+
+*errorptr = NULL;
+
+if (re == NULL || re->magic_number != MAGIC_NUMBER)
+  {
+  *errorptr = "argument is not a compiled regular expression";
+  return NULL;
+  }
+
+if ((options & ~PUBLIC_STUDY_OPTIONS) != 0)
+  {
+  *errorptr = "unknown or incorrect option bit(s) set";
+  return NULL;
+  }
+
+/* For an anchored pattern, or an unchored pattern that has a first char, or a
+multiline pattern that matches only at "line starts", no further processing at
+present. */
+
+if ((re->options & (PCRE_ANCHORED|PCRE_FIRSTSET|PCRE_STARTLINE)) != 0)
+  return NULL;
+
+/* Set the character tables in the block which is passed around */
+
+compile_block.lcc = re->tables + lcc_offset;
+compile_block.fcc = re->tables + fcc_offset;
+compile_block.cbits = re->tables + cbits_offset;
+compile_block.ctypes = re->tables + ctypes_offset;
+
+/* See if we can find a fixed set of initial characters for the pattern. */
+
+memset(start_bits, 0, 32 * sizeof(uschar));
+if (!set_start_bits(re->code, start_bits, (re->options & PCRE_CASELESS) != 0,
+  &compile_block)) return NULL;
+
+/* Get an "extra" block and put the information therein. */
+
+extra = (real_pcre_extra *)(pcre_malloc)(sizeof(real_pcre_extra));
+
+if (extra == NULL)
+  {
+  *errorptr = "failed to get memory";
+  return NULL;
+  }
+
+extra->options = PCRE_STUDY_MAPPED;
+memcpy(extra->start_bits, start_bits, sizeof(start_bits));
+
+return (pcre_extra *)extra;
+}
+
+/* End of study.c */
diff --git a/external/privoxy/pcre/vc_dftables.dsp b/external/privoxy/pcre/vc_dftables.dsp
new file mode 100755
index 0000000..60404f8
--- /dev/null
+++ b/external/privoxy/pcre/vc_dftables.dsp
@@ -0,0 +1,296 @@
+# Microsoft Developer Studio Project File - Name="vc_dftables" - Package Owner=<4>
+# Microsoft Developer Studio Generated Build File, Format Version 5.00
+# ** DO NOT EDIT **
+
+# TARGTYPE "Win32 (x86) Console Application" 0x0103
+
+CFG=vc_dftables - Win32 Debug with Win32 threads
+!MESSAGE This is not a valid makefile. To build this project using NMAKE,
+!MESSAGE use the Export Makefile command and run
+!MESSAGE 
+!MESSAGE NMAKE /f "vc_dftables.mak".
+!MESSAGE 
+!MESSAGE You can specify a configuration when running NMAKE
+!MESSAGE by defining the macro CFG on the command line. For example:
+!MESSAGE 
+!MESSAGE NMAKE /f "vc_dftables.mak"\
+ CFG="vc_dftables - Win32 Debug with Win32 threads"
+!MESSAGE 
+!MESSAGE Possible choices for configuration are:
+!MESSAGE 
+!MESSAGE "vc_dftables - Win32 Release" (based on\
+ "Win32 (x86) Console Application")
+!MESSAGE "vc_dftables - Win32 Debug" (based on\
+ "Win32 (x86) Console Application")
+!MESSAGE "vc_dftables - Win32 Debug with Win32 threads" (based on\
+ "Win32 (x86) Console Application")
+!MESSAGE "vc_dftables - Win32 Release with Win32 threads" (based on\
+ "Win32 (x86) Console Application")
+!MESSAGE 
+
+# Begin Project
+# PROP Scc_ProjName ""
+# PROP Scc_LocalPath ""
+CPP=cl.exe
+RSC=rc.exe
+
+!IF  "$(CFG)" == "vc_dftables - Win32 Release"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 0
+# PROP BASE Output_Dir "Release"
+# PROP BASE Intermediate_Dir "Release"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 0
+# PROP Output_Dir "vc_dftables"
+# PROP Intermediate_Dir "vc_dftables"
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
+# ADD CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
+# ADD BASE RSC /l 0x809 /d "NDEBUG"
+# ADD RSC /l 0x809 /d "NDEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
+# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
+# Begin Special Build Tool
+OutDir=.\vc_dftables
+SOURCE=$(InputPath)
+PostBuild_Desc=Running program to generate chartables.c
+PostBuild_Cmds=$(OutDir)\vc_dftables.exe >$(OutDir)\..\chartables.c
+# End Special Build Tool
+
+!ELSEIF  "$(CFG)" == "vc_dftables - Win32 Debug"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 1
+# PROP BASE Output_Dir "Debug"
+# PROP BASE Intermediate_Dir "Debug"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 1
+# PROP Output_Dir "vc_dftables_dbg"
+# PROP Intermediate_Dir "vc_dftables_dbg"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
+# ADD CPP /nologo /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
+# ADD BASE RSC /l 0x809 /d "_DEBUG"
+# ADD RSC /l 0x809 /d "_DEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+# Begin Special Build Tool
+OutDir=.\vc_dftables_dbg
+SOURCE=$(InputPath)
+PostBuild_Desc=Running program to generate chartables.c
+PostBuild_Cmds=$(OutDir)\vc_dftables.exe >$(OutDir)\..\chartables.c
+# End Special Build Tool
+
+!ELSEIF  "$(CFG)" == "vc_dftables - Win32 Debug with Win32 threads"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 1
+# PROP BASE Output_Dir "vc_dftab"
+# PROP BASE Intermediate_Dir "vc_dftab"
+# PROP BASE Ignore_Export_Lib 0
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 1
+# PROP Output_Dir "vc_dftables_dbg"
+# PROP Intermediate_Dir "vc_dftables_dbg"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
+# ADD CPP /nologo /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
+# ADD BASE RSC /l 0x809 /d "_DEBUG"
+# ADD RSC /l 0x809 /d "_DEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+# Begin Special Build Tool
+OutDir=.\vc_dftables_dbg
+SOURCE=$(InputPath)
+PostBuild_Desc=Running program to generate chartables.c
+PostBuild_Cmds=$(OutDir)\vc_dftables.exe >$(OutDir)\..\chartables.c
+# End Special Build Tool
+
+!ELSEIF  "$(CFG)" == "vc_dftables - Win32 Release with Win32 threads"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 0
+# PROP BASE Output_Dir "vc_dfta0"
+# PROP BASE Intermediate_Dir "vc_dfta0"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 0
+# PROP Output_Dir "vc_dftables"
+# PROP Intermediate_Dir "vc_dftables"
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
+# ADD CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
+# ADD BASE RSC /l 0x809 /d "NDEBUG"
+# ADD RSC /l 0x809 /d "NDEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
+# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
+# Begin Special Build Tool
+OutDir=.\vc_dftables
+SOURCE=$(InputPath)
+PostBuild_Desc=Running program to generate chartables.c
+PostBuild_Cmds=$(OutDir)\vc_dftables.exe >$(OutDir)\..\chartables.c
+# End Special Build Tool
+
+!ENDIF 
+
+# Begin Target
+
+# Name "vc_dftables - Win32 Release"
+# Name "vc_dftables - Win32 Debug"
+# Name "vc_dftables - Win32 Debug with Win32 threads"
+# Name "vc_dftables - Win32 Release with Win32 threads"
+# Begin Group "File Copy"
+
+# PROP Default_Filter ""
+# Begin Source File
+
+SOURCE=..\vc_config_pthreads.h
+
+!IF  "$(CFG)" == "vc_dftables - Win32 Release"
+
+# PROP Ignore_Default_Tool 1
+# Begin Custom Build - Copying vc_config_pthreads.h
+WkspDir=.
+InputPath=..\vc_config_pthreads.h
+
+"$(WkspDir)\..\config.h" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"
+	copy "$(InputPath)" "$(WkspDir)\..\config.h"
+
+# End Custom Build
+
+!ELSEIF  "$(CFG)" == "vc_dftables - Win32 Debug"
+
+# PROP Ignore_Default_Tool 1
+# Begin Custom Build - Copying vc_config_pthreads.h
+WkspDir=.
+InputPath=..\vc_config_pthreads.h
+
+"$(WkspDir)\..\config.h" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"
+	copy "$(InputPath)" "$(WkspDir)\..\config.h"
+
+# End Custom Build
+
+!ELSEIF  "$(CFG)" == "vc_dftables - Win32 Debug with Win32 threads"
+
+# PROP Exclude_From_Build 1
+# PROP Ignore_Default_Tool 1
+
+!ELSEIF  "$(CFG)" == "vc_dftables - Win32 Release with Win32 threads"
+
+# PROP Exclude_From_Build 1
+# PROP Ignore_Default_Tool 1
+
+!ENDIF 
+
+# End Source File
+# Begin Source File
+
+SOURCE=..\vc_config_winthreads.h
+
+!IF  "$(CFG)" == "vc_dftables - Win32 Release"
+
+# PROP Exclude_From_Build 1
+# PROP Ignore_Default_Tool 1
+
+!ELSEIF  "$(CFG)" == "vc_dftables - Win32 Debug"
+
+# PROP Exclude_From_Build 1
+# PROP Ignore_Default_Tool 1
+
+!ELSEIF  "$(CFG)" == "vc_dftables - Win32 Debug with Win32 threads"
+
+# PROP Ignore_Default_Tool 1
+# Begin Custom Build - Copying vc_config_winthreads.h
+WkspDir=.
+InputPath=..\vc_config_winthreads.h
+
+"$(WkspDir)\..\config.h" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"
+	copy "$(InputPath)" "$(WkspDir)\..\config.h"
+
+# End Custom Build
+
+!ELSEIF  "$(CFG)" == "vc_dftables - Win32 Release with Win32 threads"
+
+# PROP Ignore_Default_Tool 1
+# Begin Custom Build - Copying vc_config_winthreads.h
+WkspDir=.
+InputPath=..\vc_config_winthreads.h
+
+"$(WkspDir)\..\config.h" : $(SOURCE) "$(INTDIR)" "$(OUTDIR)"
+	copy "$(InputPath)" "$(WkspDir)\..\config.h"
+
+# End Custom Build
+
+!ENDIF 
+
+# End Source File
+# End Group
+# Begin Source File
+
+SOURCE=..\config.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\config.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\dftables.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\internal.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\maketables.c
+
+!IF  "$(CFG)" == "vc_dftables - Win32 Release"
+
+# PROP Exclude_From_Build 1
+
+!ELSEIF  "$(CFG)" == "vc_dftables - Win32 Debug"
+
+# PROP Exclude_From_Build 1
+
+!ELSEIF  "$(CFG)" == "vc_dftables - Win32 Debug with Win32 threads"
+
+# PROP BASE Exclude_From_Build 1
+# PROP Exclude_From_Build 1
+
+!ELSEIF  "$(CFG)" == "vc_dftables - Win32 Release with Win32 threads"
+
+# PROP BASE Exclude_From_Build 1
+# PROP Exclude_From_Build 1
+
+!ENDIF 
+
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcre.h
+# End Source File
+# End Target
+# End Project
diff --git a/external/privoxy/pcrs.c b/external/privoxy/pcrs.c
new file mode 100644
index 0000000..1946ca7
--- /dev/null
+++ b/external/privoxy/pcrs.c
@@ -0,0 +1,1317 @@
+const char pcrs_rcs[] = "$Id: pcrs.c,v 1.29 2007/09/22 16:17:19 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/pcrs.c,v $
+ *
+ * Purpose     :  pcrs is a supplement to the pcre library by Philip Hazel
+ *                <ph10 at cam.ac.uk> and adds Perl-style substitution. That
+ *                is, it mimics Perl's 's' operator. See pcrs(3) for details.
+ *
+ *                WARNING: This file contains additional functions and bug
+ *                fixes that aren't part of the latest official pcrs package
+ *                (which apparently is no longer maintained).
+ *
+ * Copyright   :  Written and Copyright (C) 2000, 2001 by Andreas S. Oesterhelt
+ *                <andreas at oesterhelt.org>
+ *
+ *                Copyright (C) 2006, 2007 Fabian Keil <fk at fabiankeil.de>
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU Lesser
+ *                General Public License (LGPL), version 2.1, which  should
+ *                be included in this distribution (see LICENSE.txt), with
+ *                the exception that the permission to replace that license
+ *                with the GNU General Public License (GPL) given in section
+ *                3 is restricted to version 2 of the GPL.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the license for more details.
+ *
+ *                The GNU Lesser General Public License should be included
+ *                with this file.  If not, you can view it at
+ *                http://www.gnu.org/licenses/lgpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: pcrs.c,v $
+ *    Revision 1.29  2007/09/22 16:17:19  fabiankeil
+ *    Move our includes below system includes to prevent macro conflicts.
+ *
+ *    Revision 1.28  2007/08/18 14:37:27  fabiankeil
+ *    Ditch hex_to_byte() in favour of xtoi().
+ *
+ *    Revision 1.27  2007/08/05 13:47:04  fabiankeil
+ *    #1763173 from Stefan Huehner: s at const static at static const at .
+ *
+ *    Revision 1.26  2007/07/01 13:29:54  fabiankeil
+ *    Add limited hex notation support for the PCRS
+ *    substitution text ('\x7e' = '~'). Closes #1627140.
+ *
+ *    Revision 1.25  2007/04/30 15:02:18  fabiankeil
+ *    Introduce dynamic pcrs jobs that can resolve variables.
+ *
+ *    Revision 1.24  2007/01/05 15:46:12  fabiankeil
+ *    Don't use strlen() to calculate the length of
+ *    the pcrs substitutes. They don't have to be valid C
+ *    strings and getting their length wrong can result in
+ *    user-controlled memory corruption.
+ *
+ *    Thanks to Felix Gröbert for reporting the problem
+ *    and providing the fix [#1627140].
+ *
+ *    Revision 1.23  2006/12/29 17:53:05  fabiankeil
+ *    Fixed gcc43 conversion warnings.
+ *
+ *    Revision 1.22  2006/12/24 17:34:20  fabiankeil
+ *    Add pcrs_strerror() message for PCRE_ERROR_MATCHLIMIT
+ *    and give a hint why an error code might be unknown.
+ *
+ *    Catch NULL subjects early in pcrs_execute().
+ *
+ *    Revision 1.21  2006/07/18 14:48:47  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.19.2.4  2005/05/07 21:50:55  david__schmidt
+ *    A few memory leaks plugged (mostly on error paths)
+ *
+ *    Revision 1.19.2.3  2003/12/04 12:32:45  oes
+ *    Append a trailing nullbyte to result to facilitate string processing
+ *
+ *    Revision 1.19.2.2  2002/10/08 16:22:28  oes
+ *    Bugfix: Need to check validity of backreferences explicitly,
+ *    because when max_matches are reached and matches is expanded,
+ *    realloc() does not zero the memory. Fixes Bug # 606227
+ *
+ *    Revision 1.19.2.1  2002/08/10 11:23:40  oes
+ *    Include prce.h via project.h, where the appropriate
+ *    source will have been selected
+ *
+ *    Revision 1.19  2002/03/08 14:47:48  oes
+ *    Cosmetics
+ *
+ *    Revision 1.18  2002/03/08 14:17:14  oes
+ *    Fixing -Wconversion warnings
+ *
+ *    Revision 1.17  2002/03/08 13:45:48  oes
+ *    Hiding internal functions
+ *
+ *    Revision 1.16  2001/11/30 21:32:14  jongfoster
+ *    Fixing signed/unsigned comparison (Andreas please check this!)
+ *    One tab->space
+ *
+ *    Revision 1.15  2001/09/20 16:11:06  steudten
+ *
+ *    Add casting for some string functions.
+ *
+ *    Revision 1.14  2001/09/09 21:41:57  oes
+ *    Fixing yet another silly bug
+ *
+ *    Revision 1.13  2001/09/06 14:05:59  oes
+ *    Fixed silly bug
+ *
+ *    Revision 1.12  2001/08/18 11:35:00  oes
+ *    - Introduced pcrs_strerror()
+ *    - made some NULL arguments non-fatal
+ *    - added support for \n \r \e \b \t \f \a \0 in substitute
+ *    - made quoting adhere to standard rules
+ *    - added warning for bad backrefs
+ *    - added pcrs_execute_list()
+ *    - fixed comments
+ *    - bugfix & cosmetics
+ *
+ *    Revision 1.11  2001/08/15 15:32:03  oes
+ *     - Added support for Perl's special variables $+, $' and $`
+ *     - Improved the substitute parser
+ *     - Replaced the hard limit for the maximum number of matches
+ *       by dynamic reallocation
+ *
+ *    Revision 1.10  2001/08/05 13:13:11  jongfoster
+ *    Making parameters "const" where possible.
+ *
+ *    Revision 1.9  2001/07/18 17:27:00  oes
+ *    Changed interface; Cosmetics
+ *
+ *    Revision 1.8  2001/06/29 21:45:41  oes
+ *    Indentation, CRLF->LF, Tab-> Space
+ *
+ *    Revision 1.7  2001/06/29 13:33:04  oes
+ *    - Cleaned up, renamed and reordered functions,
+ *      improved comments
+ *    - Removed my_strsep
+ *    - Replaced globalflag with a general flags int
+ *      that holds PCRS_GLOBAL, PCRS_SUCCESS, and PCRS_TRIVIAL
+ *    - Introduced trivial option that will prevent pcrs
+ *      from honouring backreferences in the substitute,
+ *      which is useful for large substitutes that are
+ *      red in from somewhere and saves the pain of escaping
+ *      the backrefs
+ *    - Introduced convenience function pcrs_free_joblist()
+ *    - Split pcrs_make_job() into pcrs_compile(), which still
+ *      takes a complete s/// comand as argument and parses it,
+ *      and a new function pcrs_make_job, which takes the
+ *      three separate components. This should make for a
+ *      much friendlier frontend.
+ *    - Removed create_pcrs_job() which was useless
+ *    - Fixed a bug in pcrs_execute
+ *    - Success flag is now handled by pcrs instead of user
+ *
+ *    Revision 1.6  2001/06/03 19:12:45  oes
+ *    added FIXME
+ *
+ *    Revision 1.5  2001/05/29 09:50:24  jongfoster
+ *    (Fixed one int -> size_t)
+ *
+ *    Revision 1.4  2001/05/25 14:12:40  oes
+ *    Fixed bug: Empty substitutes now detected
+ *
+ *    Revision 1.3  2001/05/25 11:03:55  oes
+ *    Added sanity check for NULL jobs to pcrs_exec_substitution
+ *
+ *    Revision 1.2  2001/05/22 18:46:04  oes
+ *
+ *      Added support for PCRE_UNGREEDY behaviour to pcrs,
+ *      which is selected by the (nonstandard and therefore
+ *      capital) letter 'U' in the option string.
+ *      It causes the quantifiers to be ungreedy by default.
+ *      Appending a ? turns back to greedy (!).
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:59:02  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include <string.h>
+#include <ctype.h>
+#include <assert.h>
+
+/*
+ * Include project.h just so that the right pcre.h gets
+ * included from there
+ */
+#include "project.h"
+
+/* For snprintf only */
+#include "miscutil.h"
+/* For xtoi */
+#include "encode.h"
+
+#include "pcrs.h"
+
+const char pcrs_h_rcs[] = PCRS_H_VERSION;
+
+/*
+ * Internal prototypes
+ */
+
+static int              pcrs_parse_perl_options(const char *optstring, int *flags);
+static pcrs_substitute *pcrs_compile_replacement(const char *replacement, int trivialflag,
+                        int capturecount, int *errptr);
+static int              is_hex_sequence(const char *sequence);
+
+/*********************************************************************
+ *
+ * Function    :  pcrs_strerror
+ *
+ * Description :  Return a string describing a given error code.
+ *             
+ * Parameters  :
+ *          1  :  error = the error code
+ *
+ * Returns     :  char * to the descriptive string
+ *
+ *********************************************************************/
+const char *pcrs_strerror(const int error)
+{
+   if (error < 0)
+   {
+      switch (error)
+      {
+         /* Passed-through PCRE error: */
+         case PCRE_ERROR_NOMEMORY:     return "(pcre:) No memory";
+
+         /* Shouldn't happen unless PCRE or PCRS bug, or user messed with compiled job: */
+         case PCRE_ERROR_NULL:         return "(pcre:) NULL code or subject or ovector";
+         case PCRE_ERROR_BADOPTION:    return "(pcre:) Unrecognized option bit";
+         case PCRE_ERROR_BADMAGIC:     return "(pcre:) Bad magic number in code";
+         case PCRE_ERROR_UNKNOWN_NODE: return "(pcre:) Bad node in pattern";
+
+         /* Can't happen / not passed: */
+         case PCRE_ERROR_NOSUBSTRING:  return "(pcre:) Fire in power supply"; 
+         case PCRE_ERROR_NOMATCH:      return "(pcre:) Water in power supply";
+
+#ifdef PCRE_ERROR_MATCHLIMIT
+         /*
+          * Only reported by PCRE versions newer than our own.
+          */
+         case PCRE_ERROR_MATCHLIMIT:   return "(pcre:) Match limit reached";
+#endif /* def PCRE_ERROR_MATCHLIMIT */
+
+         /* PCRS errors: */
+         case PCRS_ERR_NOMEM:          return "(pcrs:) No memory";
+         case PCRS_ERR_CMDSYNTAX:      return "(pcrs:) Syntax error while parsing command";
+         case PCRS_ERR_STUDY:          return "(pcrs:) PCRE error while studying the pattern";
+         case PCRS_ERR_BADJOB:         return "(pcrs:) Bad job - NULL job, pattern or substitute";
+         case PCRS_WARN_BADREF:        return "(pcrs:) Backreference out of range";
+         case PCRS_WARN_TRUNCATION:
+            return "(pcrs:) At least one variable was too big and has been truncated before compilation";
+
+         /* 
+          * XXX: With the exception of PCRE_ERROR_MATCHLIMIT we
+          * only catch PCRE errors that can happen with our internal
+          * version. If Privoxy is linked against a newer
+          * PCRE version all bets are off ...
+          */
+         default:  return "Unknown error. Privoxy out of sync with PCRE?";
+      }
+   }
+   /* error >= 0: No error */
+   return "(pcrs:) Everything's just fine. Thanks for asking.";
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  pcrs_parse_perl_options
+ *
+ * Description :  This function parses a string containing the options to
+ *                Perl's s/// operator. It returns an integer that is the
+ *                pcre equivalent of the symbolic optstring.
+ *                Since pcre doesn't know about Perl's 'g' (global) or pcrs',
+ *                'T' (trivial) options but pcrs needs them, the corresponding
+ *                flags are set if 'g'or 'T' is encountered.
+ *                Note: The 'T' and 'U' options do not conform to Perl.
+ *             
+ * Parameters  :
+ *          1  :  optstring = string with options in perl syntax
+ *          2  :  flags = see description
+ *
+ * Returns     :  option integer suitable for pcre 
+ *
+ *********************************************************************/
+static int pcrs_parse_perl_options(const char *optstring, int *flags)
+{
+   size_t i;
+   int rc = 0;
+   *flags = 0;
+
+   if (NULL == optstring) return 0;
+
+   for (i = 0; i < strlen(optstring); i++)
+   {
+      switch(optstring[i])
+      {
+         case 'e': break; /* ToDo ;-) */
+         case 'g': *flags |= PCRS_GLOBAL; break;
+         case 'i': rc |= PCRE_CASELESS; break;
+         case 'm': rc |= PCRE_MULTILINE; break;
+         case 'o': break;
+         case 's': rc |= PCRE_DOTALL; break;
+         case 'x': rc |= PCRE_EXTENDED; break;
+         case 'U': rc |= PCRE_UNGREEDY; break;
+         case 'T': *flags |= PCRS_TRIVIAL; break;
+         default: break;
+      }
+   }
+   return rc;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  pcrs_compile_replacement
+ *
+ * Description :  This function takes a Perl-style replacement (2nd argument
+ *                to the s/// operator and returns a compiled pcrs_substitute,
+ *                or NULL if memory allocation for the substitute structure
+ *                fails.
+ *
+ * Parameters  :
+ *          1  :  replacement = replacement part of s/// operator
+ *                              in perl syntax
+ *          2  :  trivialflag = Flag that causes backreferences to be
+ *                              ignored.
+ *          3  :  capturecount = Number of capturing subpatterns in
+ *                               the pattern. Needed for $+ handling.
+ *          4  :  errptr = pointer to an integer in which error
+ *                         conditions can be returned.
+ *
+ * Returns     :  pcrs_substitute data structure, or NULL if an
+ *                error is encountered. In that case, *errptr has
+ *                the reason.
+ *
+ *********************************************************************/
+static pcrs_substitute *pcrs_compile_replacement(const char *replacement, int trivialflag, int capturecount, int *errptr)
+{
+   int i, k, l, quoted;
+   size_t length;
+   char *text;
+   pcrs_substitute *r;
+
+   i = k = l = quoted = 0;
+
+   /*
+    * Sanity check
+    */
+   if (NULL == replacement)
+   {
+      replacement = "";
+   }
+
+   /*
+    * Get memory or fail
+    */
+   if (NULL == (r = (pcrs_substitute *)malloc(sizeof(pcrs_substitute))))
+   {
+      *errptr = PCRS_ERR_NOMEM;
+      return NULL;
+   }
+   memset(r, '\0', sizeof(pcrs_substitute));
+
+   length = strlen(replacement);
+
+   if (NULL == (text = (char *)malloc(length + 1)))
+   {
+      free(r);
+      *errptr = PCRS_ERR_NOMEM;
+      return NULL;
+   }
+   memset(text, '\0', length + 1);
+   
+
+   /*
+    * In trivial mode, just copy the substitute text
+    */
+   if (trivialflag)
+   {
+      text = strncpy(text, replacement, length + 1);
+      k = (int)length;
+   }
+
+   /*
+    * Else, parse, cut out and record all backreferences
+    */
+   else
+   {
+      while (i < (int)length)
+      {
+         /* Quoting */
+         if (replacement[i] == '\\')
+         {
+            if (quoted)
+            {
+               text[k++] = replacement[i++];
+               quoted = 0;
+            }
+            else
+            {
+               if (replacement[i+1] && strchr("tnrfae0", replacement[i+1]))
+               {
+                  switch (replacement[++i])
+                  {
+                  case 't':
+                     text[k++] = '\t';
+                     break;
+                  case 'n':
+                     text[k++] = '\n';
+                     break;
+                  case 'r':
+                     text[k++] = '\r';
+                     break;
+                  case 'f':
+                     text[k++] = '\f';
+                     break;
+                  case 'a':
+                     text[k++] = 7;
+                     break;
+                  case 'e':
+                     text[k++] = 27;
+                     break;
+                  case '0':
+                     text[k++] = '\0';
+                     break;
+                  }
+                  i++;
+               }
+               else if (is_hex_sequence(&replacement[i]))
+               {
+                  /*
+                   * Replace a hex sequence with a single
+                   * character with the sequence's ascii value.
+                   * e.g.: '\x7e' => '~'
+                   */
+                  const int ascii_value = xtoi(&replacement[i+2]);
+
+                  assert(ascii_value > 0);
+                  assert(ascii_value < 256);
+                  text[k++] = (char)ascii_value;
+                  i += 4;
+               }               
+               else
+               {
+                  quoted = 1;
+                  i++;
+               }
+            }
+            continue;
+         }
+
+         /* Backreferences */
+         if (replacement[i] == '$' && !quoted && i < (int)(length - 1))
+         {
+            char *symbol, symbols[] = "'`+&";
+            r->block_length[l] = (size_t)(k - r->block_offset[l]);
+
+            /* Numerical backreferences */
+            if (isdigit((int)replacement[i + 1]))
+            {
+               while (i < (int)length && isdigit((int)replacement[++i]))
+               {
+                  r->backref[l] = r->backref[l] * 10 + replacement[i] - 48;
+               }
+               if (r->backref[l] > capturecount)
+               {
+                  *errptr = PCRS_WARN_BADREF;
+               }
+            }
+
+            /* Symbolic backreferences: */
+            else if (NULL != (symbol = strchr(symbols, replacement[i + 1])))
+            {
+               
+               if (symbol - symbols == 2) /* $+ */
+               {
+                  r->backref[l] = capturecount;
+               }
+               else if (symbol - symbols == 3) /* $& */
+               {
+                  r->backref[l] = 0;
+               }
+               else /* $' or $` */
+               {
+                  r->backref[l] = PCRS_MAX_SUBMATCHES + 1 - (symbol - symbols);
+               }
+               i += 2;
+            }
+
+            /* Invalid backref -> plain '$' */
+            else
+            {
+               goto plainchar;
+            }
+
+            /* Valid and in range? -> record */
+            if (r->backref[l] < PCRS_MAX_SUBMATCHES + 2)
+            {
+               r->backref_count[r->backref[l]] += 1;
+               r->block_offset[++l] = k;
+            }
+            else
+            {
+               *errptr = PCRS_WARN_BADREF;
+            }   
+            continue;
+         }
+         
+plainchar:
+         /* Plain chars are copied */
+         text[k++] = replacement[i++];
+         quoted = 0;
+      }
+   } /* -END- if (!trivialflag) */
+
+   /*
+    * Finish & return
+    */
+   r->text = text;
+   r->backrefs = l;
+   r->length = (size_t)k;
+   r->block_length[l] = (size_t)(k - r->block_offset[l]);
+
+   return r;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  pcrs_free_job
+ *
+ * Description :  Frees the memory used by a pcrs_job struct and its
+ *                dependant structures.
+ *
+ * Parameters  :
+ *          1  :  job = pointer to the pcrs_job structure to be freed
+ *
+ * Returns     :  a pointer to the next job, if there was any, or
+ *                NULL otherwise. 
+ *
+ *********************************************************************/
+pcrs_job *pcrs_free_job(pcrs_job *job)
+{
+   pcrs_job *next;
+
+   if (job == NULL)
+   {
+      return NULL;
+   }
+   else
+   {
+      next = job->next;
+      if (job->pattern != NULL) free(job->pattern);
+      if (job->hints != NULL) free(job->hints);
+      if (job->substitute != NULL)
+      {
+         if (job->substitute->text != NULL) free(job->substitute->text);
+         free(job->substitute);
+      }
+      free(job);
+   }
+   return next;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  pcrs_free_joblist
+ *
+ * Description :  Iterates through a chained list of pcrs_job's and
+ *                frees them using pcrs_free_job.
+ *
+ * Parameters  :
+ *          1  :  joblist = pointer to the first pcrs_job structure to
+ *                be freed
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void pcrs_free_joblist(pcrs_job *joblist)
+{
+   while ( NULL != (joblist = pcrs_free_job(joblist)) ) {};
+
+   return;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  pcrs_compile_command
+ *
+ * Description :  Parses a string with a Perl-style s/// command, 
+ *                calls pcrs_compile, and returns a corresponding
+ *                pcrs_job, or NULL if parsing or compiling the job
+ *                fails.
+ *
+ * Parameters  :
+ *          1  :  command = string with perl-style s/// command
+ *          2  :  errptr = pointer to an integer in which error
+ *                         conditions can be returned.
+ *
+ * Returns     :  a corresponding pcrs_job data structure, or NULL
+ *                if an error was encountered. In that case, *errptr
+ *                has the reason.
+ *
+ *********************************************************************/
+pcrs_job *pcrs_compile_command(const char *command, int *errptr)
+{
+   int i, k, l, quoted = FALSE;
+   size_t limit;
+   char delimiter;
+   char *tokens[4];   
+   pcrs_job *newjob;
+   
+   i = k = l = 0;
+   
+   /*
+    * Tokenize the perl command
+    */
+   limit = strlen(command);
+   if (limit < 4)
+   {
+      *errptr = PCRS_ERR_CMDSYNTAX;
+      return NULL;
+   }
+   else
+   {
+      delimiter = command[1];
+   }
+
+   tokens[l] = (char *) malloc(limit + 1);
+
+   for (i = 0; i <= (int)limit; i++)
+   {
+      
+      if (command[i] == delimiter && !quoted)
+      {
+         if (l == 3)
+         {
+            l = -1;
+            break;
+         }
+         tokens[0][k++] = '\0';
+         tokens[++l] = tokens[0] + k;
+         continue;
+      }
+      
+      else if (command[i] == '\\' && !quoted)
+      {
+         quoted = TRUE;
+         if (command[i+1] == delimiter) continue;
+      }
+      else
+      {
+         quoted = FALSE;
+      }
+      tokens[0][k++] = command[i];
+   }
+
+   /*
+    * Syntax error ?
+    */
+   if (l != 3)
+   {
+      *errptr = PCRS_ERR_CMDSYNTAX;
+      free(tokens[0]);
+      return NULL;
+   }
+   
+   newjob = pcrs_compile(tokens[1], tokens[2], tokens[3], errptr);
+   free(tokens[0]);
+   return newjob;
+   
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  pcrs_compile
+ *
+ * Description :  Takes the three arguments to a perl s/// command
+ *                and compiles a pcrs_job structure from them.
+ *
+ * Parameters  :
+ *          1  :  pattern = string with perl-style pattern
+ *          2  :  substitute = string with perl-style substitute
+ *          3  :  options = string with perl-style options
+ *          4  :  errptr = pointer to an integer in which error
+ *                         conditions can be returned.
+ *
+ * Returns     :  a corresponding pcrs_job data structure, or NULL
+ *                if an error was encountered. In that case, *errptr
+ *                has the reason.
+ *
+ *********************************************************************/
+pcrs_job *pcrs_compile(const char *pattern, const char *substitute, const char *options, int *errptr)
+{
+   pcrs_job *newjob;
+   int flags;
+   int capturecount;
+   const char *error;
+
+   *errptr = 0;
+
+   /* 
+    * Handle NULL arguments
+    */
+   if (pattern == NULL) pattern = "";
+   if (substitute == NULL) substitute = "";
+
+
+   /* 
+    * Get and init memory
+    */
+   if (NULL == (newjob = (pcrs_job *)malloc(sizeof(pcrs_job))))
+   {
+      *errptr = PCRS_ERR_NOMEM;
+      return NULL;
+   }
+   memset(newjob, '\0', sizeof(pcrs_job));
+
+
+   /*
+    * Evaluate the options
+    */
+   newjob->options = pcrs_parse_perl_options(options, &flags);
+   newjob->flags = flags;
+
+
+   /*
+    * Compile the pattern
+    */
+   newjob->pattern = pcre_compile(pattern, newjob->options, &error, errptr, NULL);
+   if (newjob->pattern == NULL)
+   {
+      pcrs_free_job(newjob);
+      return NULL;
+   }
+
+
+   /*
+    * Generate hints. This has little overhead, since the
+    * hints will be NULL for a boring pattern anyway.
+    */
+   newjob->hints = pcre_study(newjob->pattern, 0, &error);
+   if (error != NULL)
+   {
+      *errptr = PCRS_ERR_STUDY;
+      pcrs_free_job(newjob);
+      return NULL;
+   }
+ 
+
+   /* 
+    * Determine the number of capturing subpatterns. 
+    * This is needed for handling $+ in the substitute.
+    */
+   if (0 > (*errptr = pcre_fullinfo(newjob->pattern, newjob->hints, PCRE_INFO_CAPTURECOUNT, &capturecount)))
+   {
+      pcrs_free_job(newjob);
+      return NULL;
+   }
+ 
+
+   /*
+    * Compile the substitute
+    */
+   if (NULL == (newjob->substitute = pcrs_compile_replacement(substitute, newjob->flags & PCRS_TRIVIAL, capturecount, errptr)))
+   {
+      pcrs_free_job(newjob);
+      return NULL;
+   }
+ 
+   return newjob;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  pcrs_execute_list
+ *
+ * Description :  This is a multiple job wrapper for pcrs_execute().
+ *                Apply the regular substitutions defined by the jobs in
+ *                the joblist to the subject.
+ *                The subject itself is left untouched, memory for the result
+ *                is malloc()ed and it is the caller's responsibility to free
+ *                the result when it's no longer needed. 
+ *
+ *                Note: For convenient string handling, a null byte is
+ *                      appended to the result. It does not count towards the
+ *                      result_length, though.
+ *
+ *
+ * Parameters  :
+ *          1  :  joblist = the chained list of pcrs_jobs to be executed
+ *          2  :  subject = the subject string
+ *          3  :  subject_length = the subject's length 
+ *          4  :  result = char** for returning  the result 
+ *          5  :  result_length = size_t* for returning the result's length
+ *
+ * Returns     :  On success, the number of substitutions that were made.
+ *                 May be > 1 if job->flags contained PCRS_GLOBAL
+ *                On failure, the (negative) pcre error code describing the
+ *                 failure, which may be translated to text using pcrs_strerror().
+ *
+ *********************************************************************/
+int pcrs_execute_list(pcrs_job *joblist, char *subject, size_t subject_length, char **result, size_t *result_length)
+{
+   pcrs_job *job;
+   char *old, *new = NULL;
+   int hits, total_hits;
+ 
+   old = subject;
+   *result_length = subject_length;
+   hits = total_hits = 0;
+
+   for (job = joblist; job != NULL; job = job->next)
+   {
+      hits = pcrs_execute(job, old, *result_length, &new, result_length);
+
+      if (old != subject) free(old);
+
+      if (hits < 0)
+      {
+         return(hits);
+      }
+      else
+      {
+         total_hits += hits;
+         old = new;
+      }
+   }
+
+   *result = new;
+   return(total_hits);
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  pcrs_execute
+ *
+ * Description :  Apply the regular substitution defined by the job to the
+ *                subject.
+ *                The subject itself is left untouched, memory for the result
+ *                is malloc()ed and it is the caller's responsibility to free
+ *                the result when it's no longer needed.
+ *
+ *                Note: For convenient string handling, a null byte is
+ *                      appended to the result. It does not count towards the
+ *                      result_length, though.
+ *
+ * Parameters  :
+ *          1  :  job = the pcrs_job to be executed
+ *          2  :  subject = the subject (== original) string
+ *          3  :  subject_length = the subject's length 
+ *          4  :  result = char** for returning  the result 
+ *          5  :  result_length = size_t* for returning the result's length
+ *
+ * Returns     :  On success, the number of substitutions that were made.
+ *                 May be > 1 if job->flags contained PCRS_GLOBAL
+ *                On failure, the (negative) pcre error code describing the
+ *                 failure, which may be translated to text using pcrs_strerror().
+ *
+ *********************************************************************/
+int pcrs_execute(pcrs_job *job, const char *subject, size_t subject_length, char **result, size_t *result_length)
+{
+   int offsets[3 * PCRS_MAX_SUBMATCHES],
+       offset,
+       i, k,
+       matches_found,
+       submatches,
+       max_matches = PCRS_MAX_MATCH_INIT;
+   size_t newsize;
+   pcrs_match *matches, *dummy;
+   char *result_offset;
+
+   offset = i = k = 0;
+
+   /* 
+    * Sanity check & memory allocation
+    */
+   if (job == NULL || job->pattern == NULL || job->substitute == NULL || NULL == subject)
+   {
+      *result = NULL;
+      return(PCRS_ERR_BADJOB);
+   }
+
+   if (NULL == (matches = (pcrs_match *)malloc((size_t)max_matches * sizeof(pcrs_match))))
+   {
+      *result = NULL;
+      return(PCRS_ERR_NOMEM);
+   }
+   memset(matches, '\0', (size_t)max_matches * sizeof(pcrs_match));
+
+
+   /*
+    * Find the pattern and calculate the space
+    * requirements for the result
+    */
+   newsize = subject_length;
+
+   while ((submatches = pcre_exec(job->pattern, job->hints, subject, (int)subject_length, offset, 0, offsets, 3 * PCRS_MAX_SUBMATCHES)) > 0)
+   {
+      job->flags |= PCRS_SUCCESS;
+      matches[i].submatches = submatches;
+
+      for (k = 0; k < submatches; k++)
+      {
+         matches[i].submatch_offset[k] = offsets[2 * k];
+
+         /* Note: Non-found optional submatches have length -1-(-1)==0 */
+         matches[i].submatch_length[k] = (size_t)(offsets[2 * k + 1] - offsets[2 * k]); 
+
+         /* reserve mem for each submatch as often as it is ref'd */
+         newsize += matches[i].submatch_length[k] * (size_t)job->substitute->backref_count[k];
+      }
+      /* plus replacement text size minus match text size */
+      newsize += job->substitute->length - matches[i].submatch_length[0]; 
+
+      /* chunk before match */
+      matches[i].submatch_offset[PCRS_MAX_SUBMATCHES] = 0;
+      matches[i].submatch_length[PCRS_MAX_SUBMATCHES] = (size_t)offsets[0];
+      newsize += (size_t)offsets[0] * (size_t)job->substitute->backref_count[PCRS_MAX_SUBMATCHES];
+
+      /* chunk after match */
+      matches[i].submatch_offset[PCRS_MAX_SUBMATCHES + 1] = offsets[1];
+      matches[i].submatch_length[PCRS_MAX_SUBMATCHES + 1] = subject_length - (size_t)offsets[1] - 1;
+      newsize += (subject_length - (size_t)offsets[1]) * (size_t)job->substitute->backref_count[PCRS_MAX_SUBMATCHES + 1];
+
+      /* Storage for matches exhausted? -> Extend! */
+      if (++i >= max_matches)
+      {
+         max_matches = (int)(max_matches * PCRS_MAX_MATCH_GROW);
+         if (NULL == (dummy = (pcrs_match *)realloc(matches, (size_t)max_matches * sizeof(pcrs_match))))
+         {
+            free(matches);
+            *result = NULL;
+            return(PCRS_ERR_NOMEM);
+         }
+         matches = dummy;
+      }
+
+      /* Non-global search or limit reached? */
+      if (!(job->flags & PCRS_GLOBAL)) break;
+
+      /* Don't loop on empty matches */
+      if (offsets[1] == offset)
+         if ((size_t)offset < subject_length)
+            offset++;
+         else
+            break;
+      /* Go find the next one */
+      else
+         offset = offsets[1];
+   }
+   /* Pass pcre error through if (bad) failiure */
+   if (submatches < PCRE_ERROR_NOMATCH)
+   {
+      free(matches);
+      return submatches;   
+   }
+   matches_found = i;
+
+
+   /* 
+    * Get memory for the result (must be freed by caller!)
+    * and append terminating null byte.
+    */
+   if ((*result = (char *)malloc(newsize + 1)) == NULL)
+   {
+      free(matches);
+      return PCRS_ERR_NOMEM;
+   }
+   else
+   {
+      (*result)[newsize] = '\0';
+   }
+
+
+   /* 
+    * Replace
+    */
+   offset = 0;
+   result_offset = *result;
+
+   for (i = 0; i < matches_found; i++)
+   {
+      /* copy the chunk preceding the match */
+      memcpy(result_offset, subject + offset, (size_t)(matches[i].submatch_offset[0] - offset)); 
+      result_offset += matches[i].submatch_offset[0] - offset;
+
+      /* For every segment of the substitute.. */
+      for (k = 0; k <= job->substitute->backrefs; k++)
+      {
+         /* ...copy its text.. */
+         memcpy(result_offset, job->substitute->text + job->substitute->block_offset[k], job->substitute->block_length[k]);
+         result_offset += job->substitute->block_length[k];
+
+         /* ..plus, if it's not the last chunk, i.e.: There *is* a backref.. */
+         if (k != job->substitute->backrefs
+             /* ..in legal range.. */
+             && job->substitute->backref[k] < PCRS_MAX_SUBMATCHES + 2
+             /* ..and referencing a real submatch.. */
+             && job->substitute->backref[k] < matches[i].submatches
+             /* ..that is nonempty.. */
+             && matches[i].submatch_length[job->substitute->backref[k]] > 0)
+         {
+            /* ..copy the submatch that is ref'd. */
+            memcpy(
+               result_offset,
+               subject + matches[i].submatch_offset[job->substitute->backref[k]],
+               matches[i].submatch_length[job->substitute->backref[k]]
+            );
+            result_offset += matches[i].submatch_length[job->substitute->backref[k]];
+         }
+      }
+      offset =  matches[i].submatch_offset[0] + (int)matches[i].submatch_length[0];
+   }
+
+   /* Copy the rest. */
+   memcpy(result_offset, subject + offset, subject_length - (size_t)offset);
+
+   *result_length = newsize;
+   free(matches);
+   return matches_found;
+
+}
+
+
+#define is_hex_digit(x) ((x) && strchr("0123456789ABCDEF", toupper(x)))
+
+/*********************************************************************
+ *
+ * Function    :  is_hex_sequence
+ *
+ * Description :  Checks the first four characters of a string
+ *                and decides if they are a valid hex sequence
+ *                (like '\x40').
+ *
+ * Parameters  :
+ *          1  :  sequence = The string to check
+ *
+ * Returns     :  Non-zero if it's valid sequence, or
+ *                Zero if it isn't.
+ *
+ *********************************************************************/
+static int is_hex_sequence(const char *sequence)
+{
+   return (sequence[0] == '\\' &&
+           sequence[1] == 'x'  &&
+           is_hex_digit(sequence[2]) &&
+           is_hex_digit(sequence[3]));
+}
+
+
+/*
+ * Functions below this line are only part of the pcrs version
+ * included in Privoxy. If you use any of them you should not
+ * try to dynamically link against external pcrs versions.
+ */
+
+/*********************************************************************
+ *
+ * Function    :  pcrs_job_is_dynamic
+ *
+ * Description :  Checks if a job has the "D" (dynamic) option set.
+ *
+ * Parameters  :
+ *          1  :  job = The job to check
+ *
+ * Returns     :  TRUE if the job is indeed dynamic, otherwise
+ *                FALSE
+ *
+ *********************************************************************/
+int pcrs_job_is_dynamic (char *job)
+{
+   const char delimiter = job[1];
+   const size_t length = strlen(job);
+   char *option;
+
+   if (length < 5)
+   {
+      /*
+       * The shortest valid (but useless)
+       * dynamic pattern is "s@@@D"
+       */
+      return FALSE;
+   }
+
+   /*
+    * Everything between the last character
+    * and the last delimiter is an option ...
+    */
+   for (option = job + length; *option != delimiter; option--)
+   {
+      if (*option == 'D')
+      {
+         /*
+          * ... and if said option is 'D' the job is dynamic.
+          */
+         return TRUE;
+      }
+   }
+   return FALSE;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  pcrs_get_delimiter
+ *
+ * Description :  Tries to find a character that is safe to
+ *                be used as a pcrs delimiter for a certain string.
+ *
+ * Parameters  :
+ *          1  :  string = The string to search in
+ *
+ * Returns     :  A safe delimiter if one was found, otherwise '\0'.  
+ *
+ *********************************************************************/
+char pcrs_get_delimiter(const char *string)
+{
+   /*
+    * Some characters that are unlikely to
+    * be part of pcrs replacement strings.
+    */
+   char delimiters[] = "><§#+*~%^°-:;µ!@";
+   char *d = delimiters;
+
+   /* Take the first delimiter that isn't part of the string */
+   while (*d && NULL != strchr(string, *d))
+   {
+      d++;
+   }
+   return *d;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  pcrs_execute_single_command
+ *
+ * Description :  Apply single pcrs command to the subject.
+ *                The subject itself is left untouched, memory for the result
+ *                is malloc()ed and it is the caller's responsibility to free
+ *                the result when it's no longer needed.
+ *
+ * Parameters  :
+ *          1  :  subject = the subject (== original) string
+ *          2  :  pcrs_command = the pcrs command as string (s at foo@bar@) 
+ *          3  :  hits = int* for returning  the number of modifications 
+ *
+ * Returns     :  NULL in case of errors, otherwise the
+ *                result of the pcrs command.  
+ *
+ *********************************************************************/
+char *pcrs_execute_single_command(const char *subject, const char *pcrs_command, int *hits)
+{
+   size_t size;
+   char *result = NULL;
+   pcrs_job *job;
+
+   assert(subject);
+   assert(pcrs_command);
+
+   *hits = 0;
+   size = strlen(subject);
+
+   job = pcrs_compile_command(pcrs_command, hits);
+   if (NULL != job)
+   {
+      *hits = pcrs_execute(job, subject, size, &result, &size);
+      if (*hits < 0)
+      {
+         freez(result);
+      }
+      pcrs_free_job(job);
+   }
+   return result;
+
+}
+
+
+static const char warning[] = "... [too long, truncated]";
+/*********************************************************************
+ *
+ * Function    :  pcrs_compile_dynamic_command
+ *
+ * Description :  Takes a dynamic pcrs command, fills in the
+ *                values of the variables and compiles it.
+ *
+ * Parameters  :
+ *          1  :  csp = Current client state (buffers, headers, etc...)
+ *          2  :  pcrs_command = The dynamic pcrs command to compile
+ *          3  :  v = NULL terminated array of variables and their values.
+ *          4  :  error = pcrs error code
+ *
+ * Returns     :  NULL in case of hard errors, otherwise the
+ *                compiled pcrs job.   
+ *
+ *********************************************************************/
+pcrs_job *pcrs_compile_dynamic_command(char *pcrs_command, const struct pcrs_variable v[], int *error)
+{
+   char buf[PCRS_BUFFER_SIZE];
+   const char *original_pcrs_command = pcrs_command;
+   char *pcrs_command_tmp = NULL;
+   pcrs_job *job = NULL;
+   int truncation = 0;
+   char d;
+   int ret;
+
+   while ((NULL != v->name) && (NULL != pcrs_command))
+   {
+      assert(NULL != v->value);
+
+      if (NULL == strstr(pcrs_command, v->name))
+      {
+         /*
+          * Skip the substitution if the variable
+          * name isn't part of the pattern.
+          */
+         v++;
+         continue;
+      }
+
+      /* Use pcrs to replace the variable with its value. */
+      d = pcrs_get_delimiter(v->value);
+      if ('\0' == d)
+      {
+         /* No proper delimiter found */
+         *error = PCRS_ERR_CMDSYNTAX;
+         return NULL;
+      }
+
+      /*
+       * Variable names are supposed to contain alpha
+       * numerical characters plus '_' only.
+       */
+      assert(NULL == strchr(v->name, d));
+
+      ret = snprintf(buf, sizeof(buf), "s%c\\$%s%c%s%cgT", d, v->name, d, v->value, d);
+      assert(ret >= 0);
+      if (ret >= sizeof(buf))
+      {
+         /*
+          * Value didn't completely fit into buffer,
+          * overwrite the end of the substitution text
+          * with a truncation message and close the pattern
+          * properly.
+          */
+         const size_t trailer_size = sizeof(warning) + 3; /* 3 for d + "gT" */
+         char *trailer_start = buf + sizeof(buf) - trailer_size;
+
+         ret = snprintf(trailer_start, trailer_size, "%s%cgT", warning, d);
+         assert(ret == trailer_size - 1);
+         assert(sizeof(buf) == strlen(buf) + 1);
+         truncation = 1;
+      }
+
+      pcrs_command_tmp = pcrs_execute_single_command(pcrs_command, buf, error);
+      if (NULL == pcrs_command_tmp)
+      {
+         return NULL;
+      }
+
+      if (pcrs_command != original_pcrs_command)
+      {
+         freez(pcrs_command);
+      }
+      pcrs_command = pcrs_command_tmp;
+
+      v++;
+   }
+
+   job = pcrs_compile_command(pcrs_command, error);
+   if (pcrs_command != original_pcrs_command)
+   {
+      freez(pcrs_command);
+   }
+
+   if (truncation)
+   {
+      *error = PCRS_WARN_TRUNCATION;
+   }
+
+   return job;
+
+}
+
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/pcrs.h b/external/privoxy/pcrs.h
new file mode 100644
index 0000000..b8939c0
--- /dev/null
+++ b/external/privoxy/pcrs.h
@@ -0,0 +1,221 @@
+#ifndef PCRS_H_INCLUDED
+#define PCRS_H_INCLUDED
+
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/pcrs.h,v $
+ *
+ * Purpose     :  Header file for pcrs.c
+ *
+ * Copyright   :  see pcrs.c
+ *
+ * Revisions   :
+ *    $Log: pcrs.h,v $
+ *    Revision 1.16  2007/04/30 15:02:19  fabiankeil
+ *    Introduce dynamic pcrs jobs that can resolve variables.
+ *
+ *    Revision 1.15  2007/01/05 15:46:12  fabiankeil
+ *    Don't use strlen() to calculate the length of
+ *    the pcrs substitutes. They don't have to be valid C
+ *    strings and getting their length wrong can result in
+ *    user-controlled memory corruption.
+ *
+ *    Thanks to Felix Gröbert for reporting the problem
+ *    and providing the fix [#1627140].
+ *
+ *    Revision 1.14  2006/12/24 17:27:37  fabiankeil
+ *    Increase pcrs error code offset to prevent overlaps
+ *    with pcre versions newer than our own.
+ *
+ *    Revision 1.13  2006/07/18 14:48:47  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.11  2002/03/08 14:18:23  oes
+ *    Fixing -Wconversion warnings
+ *
+ *    Revision 1.10  2002/03/08 13:44:48  oes
+ *    Hiding internal functions, preventing double inclusion of pcre.h
+ *
+ *    Revision 1.9  2001/08/18 11:35:29  oes
+ *    - Introduced pcrs_strerror()
+ *    - added pcrs_execute_list()
+ *
+ *    Revision 1.8  2001/08/15 15:32:50  oes
+ *    Replaced the hard limit for the maximum number of matches
+ *    by dynamic reallocation
+ *
+ *    Revision 1.7  2001/08/05 13:13:11  jongfoster
+ *    Making parameters "const" where possible.
+ *
+ *    Revision 1.6  2001/07/29 18:52:06  jongfoster
+ *    Renaming _PCRS_H, and adding "extern C {}"
+ *
+ *    Revision 1.5  2001/07/18 17:27:00  oes
+ *    Changed interface; Cosmetics
+ *
+ *    Revision 1.4  2001/06/29 13:33:19  oes
+ *    - Cleaned up, commented and adapted to reflect the
+ *      changes in pcrs.c
+ *    - Introduced the PCRS_* flags
+ *
+ *    Revision 1.3  2001/06/09 10:58:57  jongfoster
+ *    Removing a single unused #define which referenced BUFSIZ
+ *
+ *    Revision 1.2  2001/05/25 11:03:55  oes
+ *    Added sanity check for NULL jobs to pcrs_exec_substitution
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:59:02  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *    Revision 1.4  2001/05/11 01:57:02  rodney
+ *    Added new file header standard w/RCS control tags.
+ *
+ *    revision 1.3  2001/05/08 02:38:13  rodney
+ *    Changed C++ "//" style comment to C style comments.
+ *
+ *    revision 1.2  2001/04/30 02:39:24  rodney
+ *    Made this pcrs.h file conditionally included.
+ *
+ *    revision 1.1  2001/04/16 21:10:38  rodney
+ *    Initial checkin
+ *
+ *********************************************************************/
+
+#define PCRS_H_VERSION "$Id: pcrs.h,v 1.16 2007/04/30 15:02:19 fabiankeil Exp $"
+
+
+#ifndef _PCRE_H
+#include <pcre.h>
+#endif
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+/*
+ * Constants:
+ */
+
+#define FALSE 0
+#define TRUE 1
+
+/* Capacity */
+#define PCRS_MAX_SUBMATCHES  33     /* Maximum number of capturing subpatterns allowed. MUST be <= 99! FIXME: Should be dynamic */
+#define PCRS_MAX_MATCH_INIT  40     /* Initial amount of matches that can be stored in global searches */
+#define PCRS_MAX_MATCH_GROW  1.6    /* Factor by which storage for matches is extended if exhausted */
+
+/*
+ * PCRS error codes
+ *
+ * They are supposed to be handled together with PCRE error
+ * codes and have to start with an offset to prevent overlaps.
+ *
+ * PCRE 6.7 uses error codes from -1 to -21, PCRS error codes
+ * below -100 should be safe for a while.
+ */
+#define PCRS_ERR_NOMEM           -100      /* Failed to acquire memory. */
+#define PCRS_ERR_CMDSYNTAX       -101      /* Syntax of s///-command */
+#define PCRS_ERR_STUDY           -102      /* pcre error while studying the pattern */
+#define PCRS_ERR_BADJOB          -103      /* NULL job pointer, pattern or substitute */
+#define PCRS_WARN_BADREF         -104      /* Backreference out of range */
+#define PCRS_WARN_TRUNCATION     -105      /* At least one pcrs variable was too big,
+                                            * only the first part was used. */
+
+/* Flags */
+#define PCRS_GLOBAL          1      /* Job should be applied globally, as with perl's g option */
+#define PCRS_TRIVIAL         2      /* Backreferences in the substitute are ignored */
+#define PCRS_SUCCESS         4      /* Job did previously match */
+
+
+/*
+ * Data types:
+ */
+
+/* A compiled substitute */
+
+typedef struct {
+  char  *text;                                   /* The plaintext part of the substitute, with all backreferences stripped */
+  size_t length;                                 /* The substitute may not be a valid C string so we can't rely on strlen(). */
+  int    backrefs;                               /* The number of backreferences */
+  int    block_offset[PCRS_MAX_SUBMATCHES];      /* Array with the offsets of all plaintext blocks in text */
+  size_t block_length[PCRS_MAX_SUBMATCHES];      /* Array with the lengths of all plaintext blocks in text */
+  int    backref[PCRS_MAX_SUBMATCHES];           /* Array with the backref number for all plaintext block borders */
+  int    backref_count[PCRS_MAX_SUBMATCHES + 2]; /* Array with the number of references to each backref index */
+} pcrs_substitute;
+
+
+/*
+ * A match, including all captured subpatterns (submatches)
+ * Note: The zeroth is the whole match, the PCRS_MAX_SUBMATCHES + 0th
+ * is the range before the match, the PCRS_MAX_SUBMATCHES + 1th is the
+ * range after the match.
+ */
+
+typedef struct {
+  int    submatches;                               /* Number of captured subpatterns */
+  int    submatch_offset[PCRS_MAX_SUBMATCHES + 2]; /* Offset for each submatch in the subject */
+  size_t submatch_length[PCRS_MAX_SUBMATCHES + 2]; /* Length of each submatch in the subject */
+} pcrs_match;
+
+
+/* A PCRS job */
+
+typedef struct PCRS_JOB {
+  pcre *pattern;                            /* The compiled pcre pattern */
+  pcre_extra *hints;                        /* The pcre hints for the pattern */
+  int options;                              /* The pcre options (numeric) */
+  int flags;                                /* The pcrs and user flags (see "Flags" above) */
+  pcrs_substitute *substitute;              /* The compiled pcrs substitute */
+  struct PCRS_JOB *next;                    /* Pointer for chaining jobs to joblists */
+} pcrs_job;
+
+
+/*
+ * Prototypes:
+ */
+
+/* Main usage */
+extern pcrs_job        *pcrs_compile_command(const char *command, int *errptr);
+extern pcrs_job        *pcrs_compile(const char *pattern, const char *substitute, const char *options, int *errptr);
+extern int              pcrs_execute(pcrs_job *job, const char *subject, size_t subject_length, char **result, size_t *result_length);
+extern int              pcrs_execute_list(pcrs_job *joblist, char *subject, size_t subject_length, char **result, size_t *result_length);
+
+/* Freeing jobs */
+extern pcrs_job        *pcrs_free_job(pcrs_job *job);
+extern void             pcrs_free_joblist(pcrs_job *joblist);
+
+/* Info on errors: */
+extern const char *pcrs_strerror(const int error);
+
+extern int pcrs_job_is_dynamic(char *job);
+extern char pcrs_get_delimiter(const char *string);
+extern char *pcrs_execute_single_command(const char *subject, const char *pcrs_command, int *hits);
+/*
+ * Variable/value pair for dynamic pcrs commands.
+ */
+struct pcrs_variable
+{
+   const char *name;
+   char *value;
+   int static_value;
+};
+
+extern pcrs_job *pcrs_compile_dynamic_command(char *pcrs_command, const struct pcrs_variable v[], int *error);
+
+/* Only relevant for maximum pcrs variable size */
+#ifndef PCRS_BUFFER_SIZE
+#define PCRS_BUFFER_SIZE 4000
+#endif /* ndef PCRS_BUFFER_SIZE */
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef PCRS_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/privoxy-generic.init b/external/privoxy/privoxy-generic.init
new file mode 100755
index 0000000..53b4127
--- /dev/null
+++ b/external/privoxy/privoxy-generic.init
@@ -0,0 +1,182 @@
+#!/bin/sh 
+# 
+#  ********************************************************************
+# 
+#  File        :  $Source: /cvsroot/ijbswa/current/privoxy-generic.init,v $
+# 
+#  Purpose     :  This shell script takes care of starting and stopping
+#                 privoxy.
+# 
+#  Copyright   :  Written by and Copyright (C) 2001,2002 the SourceForge
+#                 Privoxy team. http://www.privoxy.org/
+# 
+#                 Based on the Internet Junkbuster originally written
+#                 by and Copyright (C) 1997 Anonymous Coders and
+#                 Junkbusters Corporation.  http://www.junkbusters.com
+# 
+#                 This program is free software; you can redistribute it
+#                 and/or modify it under the terms of the GNU General
+#                 Public License as published by the Free Software
+#                 Foundation; either version 2 of the License, or (at
+#                 your option) any later version.
+# 
+#                 This program is distributed in the hope that it will
+#                 be useful, but WITHOUT ANY WARRANTY; without even the
+#                 implied warranty of MERCHANTABILITY or FITNESS FOR A
+#                 PARTICULAR PURPOSE.  See the GNU General Public
+#                 License for more details.
+# 
+#                 The GNU General Public License should be included with
+#                 this file.  If not, you can view it at
+#                 http://www.gnu.org/copyleft/gpl.html
+#                 or write to the Free Software Foundation, Inc., 59
+#                 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
+# Developer's NOTE: This script should be tested against a true /bin/sh, which
+# has notable differences from bash. By design, this script does not try to do
+# too much, so as to be as cross-platform as possible.
+#
+# 
+#  Revisions   :
+#     $Log: privoxy-generic.init,v $
+#     Revision 1.8  2007/06/09 12:35:54  fabiankeil
+#     Add /usr/xpg4/bin to the PATH to make sure the POSIX
+#     version of id is used on Solaris. Closes BR#1733788.
+#     Thanks to Brent Chivers for report and fix.
+#
+#     Revision 1.7  2006/10/14 14:12:22  fabiankeil
+#     Print warnings if the user tries to run Privoxy as root
+#     or if the script is run without root privileges;
+#     only use "--user" if run with root privileges and
+#     don't depend on $USER being set to root. Fixes BR 779781.
+#
+#     Apparently $USER isn't set on all systems,
+#     but it also didn't work if the user only
+#     increased her privileges with su or sudo,
+#     but still had her real uid in $USER.
+#
+#     Thanks to Florian Effenberger for reporting.
+#
+#     Revision 1.6  2006/07/18 14:48:47  david__schmidt
+#     Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+#     with what was really the latest development (the v_3_0_branch branch)
+#
+#     Revision 1.5.2.1  2002/10/17 17:04:22  hal9
+#     Add from main trunk. Will be needed for make install.
+#
+#     Revision 1.5  2002/10/17 17:01:29  hal9
+#     Set paths to match the defaults for a root install. Force remove PIDFILE on
+#     stop.
+#
+#     Revision 1.4  2002/09/11 01:15:02  hal9
+#     Fix typo in variable. Now tested on Solaris and Linux, with defaults.
+#
+#     Revision 1.3  2002/09/11 01:09:14  hal9
+#     Better handling of pidfile, and process owner.
+#
+#     Revision 1.2  2002/09/08 20:27:58  hal9
+#     -Rewrote script config section.
+#     -Added comments to script.
+#     -Tried to add logic to use a --user privoxy, if available.
+#     -Minor script changes due to 'echo -n' does not work on a true
+#      /bin/sh system.
+#
+#     Revision 1.1  2002/09/06 00:20:26  hal9
+#     Creating a generic init script, meant to be used on platforms where don't have
+#     a custom init script.
+#
+#     Revision 1.0  2002/09/05 17:14:32  hal9
+#
+#######################################################################
+
+# Is this needed by Solaris?
+#ident  "@(#)privoxy  1.0     02/09/05"
+
+# NOTE: This script may require editing to ensure proper location of 
+# config file, and the privoxy executable. Care should be taken to ensure 
+# logfile is writable by $P_USER (logfile is defined in config), and that 
+# there is suitable write access for $P_PIDFILE.
+
+PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/xpg4/bin:/usr/bin:/sbin:/bin
+P_NAME=Privoxy
+# Path to executable.
+P_DAEMON=privoxy
+# Full path to location of Privoxy config file. 
+P_CONF_FILE=/usr/local/etc/privoxy/config
+# Full path to PID file location. Location must be writable by 
+# whoever runs this script and by Privoxy itself.
+P_PIDFILE=/var/run/privoxy.pid
+# If uncommented, this script will try to run as USER=privoxy, which
+# may require special handling of config, *.action, trust, logfile, 
+# jarfile, and pidfile.
+P_USER=privoxy
+
+# If a privoxy user is specified, lets try that. /bin/sh does not seem to 
+# know about $UID.
+if [ 0 = `id -u` ]; then
+  if [ -n "$P_USER" ]; then
+    id $P_USER 2>/dev/null >/dev/null
+    if [ $? -eq 0 ]; then
+      P_USER_SETTINGS="--user $P_USER"
+    else
+      echo "User $P_USER doesn't exist, exiting."
+      exit 1
+    fi 
+  else
+    # The user has sufficient rights, but $P_USER isn't set
+    echo "Running Privoxy as root is not recommended!" 
+    P_USER_SETTINGS=""
+  fi
+else
+  # The user has insufficient rights to run Privoxy as $P_USER
+  # and may not be able to write or delete the PID file.
+  echo "You aren't root, expect trouble!"
+  P_USER_SETTINGS=""
+fi
+
+if [ ! -f $P_CONF_FILE ]; then
+  echo "Can't find $P_CONF_FILE, exiting."
+  exit 1
+fi
+
+case "$1" in
+ 
+ start)
+     if [ -f $P_PIDFILE ]; then
+       if kill -0 `cat $P_PIDFILE`; then
+         echo "Error: $P_NAME is already running, exiting."
+         exit 1
+       else
+         rm -f $P_PIDFILE
+       fi
+     fi
+
+	$P_DAEMON --pidfile $P_PIDFILE $P_USER_SETTINGS $P_CONF_FILE 2>/dev/null
+     
+     if [ $? -eq 0 ]; then
+       echo "Starting $P_NAME, OK." 
+     else
+       echo "Starting $P_NAME, Failed."
+       rm -f $P_PIDFILE
+     fi
+     ;;
+ 
+ restart)
+     $0 stop
+     $0 start
+     ;;
+ 
+ stop)
+     test ! -f $P_PIDFILE && echo "No $P_PIDFILE file found, exiting." && exit 1
+     kill `cat $P_PIDFILE` && rm -f $P_PIDFILE && \
+     echo "Stopping $P_NAME, OK." || echo "Stopping $P_NAME, failed."
+     ;;
+ 
+ *)
+     echo "Usage: $0 {start|stop|restart}"
+     exit 1
+     ;;
+
+esac
+
+exit 0
diff --git a/external/privoxy/privoxy-rh.spec b/external/privoxy/privoxy-rh.spec
new file mode 100644
index 0000000..40c82b4
--- /dev/null
+++ b/external/privoxy/privoxy-rh.spec
@@ -0,0 +1,1196 @@
+# $Id: privoxy-rh.spec,v 1.63 2009/03/21 10:46:15 fabiankeil Exp $
+#
+# Written by and Copyright (C) 2001-2006 the SourceForge
+# Privoxy team. http://www.privoxy.org/
+#
+# Based on the Internet Junkbuster originally written
+# by and Copyright (C) 1997 Anonymous Coders and 
+# Junkbusters Corporation.  http://www.junkbusters.com
+#
+# This program is free software; you can redistribute it 
+# and/or modify it under the terms of the GNU General
+# Public License as published by the Free Software
+# Foundation; either version 2 of the License, or (at
+# your option) any later version.
+#
+# This program is distributed in the hope that it will
+# be useful, but WITHOUT ANY WARRANTY; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.  See the GNU General Public
+# License for more details.
+#
+# The GNU General Public License should be included with
+# this file.  If not, you can view it at
+# http://www.gnu.org/copyleft/gpl.html
+# or write to the Free Software Foundation, Inc., 59
+# Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
+
+# Defines should happen in the begining of the file
+%define veryoldname junkbust
+%define oldname junkbuster
+%define privoxyconf %{_sysconfdir}/%{name}
+%define privoxy_uid 73
+%define privoxy_gid 73
+
+Name: privoxy
+# ATTENTION
+# Version and release should be updated accordingly on configure.in and
+# configure. Otherwise, the package can be build with the wrong value
+Version: 3.0.12
+Release: 1
+Summary: Privoxy - privacy enhancing proxy
+License: GPL
+Source0: http://dl.sf.net/ijbswa/%{name}-%{version}-stable-src.tar.gz
+BuildRoot: %{_tmppath}/%{name}-%{version}-root
+Group: System Environment/Daemons
+URL: http://www.privoxy.org/
+Obsoletes: junkbuster-raw junkbuster-blank junkbuster
+# Prereq: /usr/sbin/useradd , /sbin/chkconfig , /sbin/service 
+Prereq: shadow-utils, chkconfig, initscripts, sh-utils
+BuildRequires: perl gzip sed libtool autoconf 
+Conflicts: junkbuster-raw junkbuster-blank junkbuster
+
+%description 
+Privoxy is a web proxy with advanced filtering capabilities for
+protecting privacy, filtering web page data, managing cookies,
+controlling access, and removing ads, banners, pop-ups and other
+obnoxious Internet junk. Privoxy has a very flexible configuration and
+can be customized to suit individual needs and tastes. Privoxy has application
+for both stand-alone systems and multi-user networks.
+
+Privoxy is based on the Internet Junkbuster.
+
+%prep
+#%setup -q -c
+%setup -q -n "%{name}-%{version}-stable"
+
+%build
+
+# We check to see if versions match
+VERSION_MAJOR=3
+VERSION_MINOR=0
+VERSION_POINT=12
+
+# find CVS files and remove it.
+find -name CVS | xargs rm -rf
+
+CONFIG_VERSION=`cat configure.in | sed -n -e 's/^VERSION_MAJOR=\([0-9]*\)/\1./p' -e 's/^VERSION_MINOR=\([0-9]*\)/\1./p' -e 's/^VERSION_POINT=\([0-9]*\)/\1/p' | awk '{printf $1}'`
+if [ "%{version}" != "${CONFIG_VERSION}" ]; then
+	echo "The version declared on the specfile does not match the version"
+	echo "declared on configure.in. This should not happen. The build will"
+	echo "be interrupted now, so you can fix it."
+	exit 1
+fi
+autoheader
+autoconf
+%configure --disable-dynamic-pcre
+make 
+# Docs are in CVS and tarball now.
+#%%make dok
+
+## Explicitily stripping is not recomended.
+## This is handled altomaticaly by RPM, and can couse troubles if
+## anyone wants to build an unstriped version - morcego
+#strip %{name}
+
+%install
+[ "%{buildroot}" != "/" ] && rm -rf %{buildroot}
+mkdir -p %{buildroot}%{_sbindir} \
+         %{buildroot}%{_mandir}/man1 \
+         %{buildroot}%{_localstatedir}/log/%{name} \
+         %{buildroot}%{privoxyconf}/templates \
+         %{buildroot}%{_sysconfdir}/logrotate.d \
+         %{buildroot}%{_sysconfdir}/rc.d/init.d 
+
+## Manual gziping of manpages should not be done, once it can
+## break the building on some distributions. Anyway, rpm does it
+## automagicaly these days
+## Gziping the documentation files is not recomended - morcego
+#gzip README AUTHORS ChangeLog %{name}.1 || /bin/true
+
+install -s -m 744 %{name} %{buildroot}%{_sbindir}/%{name}
+
+# Using sed to "convert" from DOS format to UNIX
+# This is important behaviour, and should not be removed without some
+# other assurance that these files don't get packed in the the
+# wrong format
+for i in `ls *.action`
+do
+       cat $i | sed -e 's/[[:cntrl:]]*$//' > %{buildroot}%{privoxyconf}/$i
+done
+cat default.filter | sed -e 's/[[:cntrl:]]*$//' > %{buildroot}%{privoxyconf}/default.filter
+cat user.filter | sed -e 's/[[:cntrl:]]*$//' > %{buildroot}%{privoxyconf}/user.filter
+cat trust | sed -e 's/[[:cntrl:]]*$//' > %{buildroot}%{privoxyconf}/trust
+(
+cd templates
+for i in `ls`
+do
+	cat $i | sed -e 's/[[:cntrl:]]*$//' > %{buildroot}%{privoxyconf}/templates/$i
+done
+)
+
+cp -f %{name}.1 %{buildroot}%{_mandir}/man1/%{name}.1
+cp -f %{name}.logrotate %{buildroot}%{_sysconfdir}/logrotate.d/%{name}
+install -m 755 %{name}.init %{buildroot}%{_sysconfdir}/rc.d/init.d/%{name}
+install -m 711 -d %{buildroot}%{_localstatedir}/log/%{name}
+
+# verify all file locations, etc. in the config file
+# don't start with ^ or commented lines are not replaced
+## Changing the sed paramter delimiter to @, so we don't have to
+## escape the slashes
+cat config | \
+    sed 's@^confdir.*@confdir %{privoxyconf}@g' | \
+#    sed 's/^permissionsfile.*/permissionsfile \/etc\/%{name}\/permissionsfile/g' | \
+#    sed 's/^filterfile.*/default.filter \/etc\/%{name}\/default.filter/g' | \
+#    sed 's/^logfile.*/logfile \%{_localstatedir}\/log\/%{name}\/logfile/g' | \
+#    sed 's/^forward.*/forward \/etc\/%{name}\/forward/g' | \
+#    sed 's/^aclfile.*/aclfile \/etc\/%{name}\/aclfile/g' > \
+    sed 's@^logdir.*@logdir %{_localstatedir}/log/%{name}@g' | \
+    sed 's@#user-manual http://www.privoxy.org/user-manual/@user-manual %{_docdir}/%{name}-%{version}/user-manual/@g' | \
+    sed -e 's/[[:cntrl:]]*$//' > \
+    %{buildroot}%{privoxyconf}/config
+perl -pe 's/{-no-cookies}/{-no-cookies}\n\.redhat.com/' default.action >\
+    %{buildroot}%{privoxyconf}/default.action
+
+
+## Macros are expanded even on commentaries. So, we have to use %%
+## -- morcego
+#%%makeinstall
+
+%pre
+# This is where we handle old usernames (junkbust and junkbuster)
+# I'm not sure we should do that, but this is the way we have been
+# doing it for some time now -- morcego
+# We should do it for the group as well -- morcego
+# Doing it by brute force. Much cleaner (no more Mr. Nice Guy) -- morcego
+
+# Same for username
+usermod -u %{privoxy_uid} -g %{privoxy_gid} -l %{name} -d %{_sysconfdir}/%{name} -s "" %{oldname} > /dev/null 2>&1 || :
+usermod -u %{privoxy_uid} -g %{privoxy_gid} -l %{name} -d %{_sysconfdir}/%{name} -s "" %{veryoldname} > /dev/null 2>&1 || :
+userdel %{oldname} > /dev/null 2>&1 ||:
+userdel %{veryoldname} > /dev/null 2>&1 ||:
+
+# Change the group name. Remove anything left behind.
+groupmod -g %{privoxy_gid} -n %{name} %{oldname} > /dev/null 2>&1 ||:
+groupmod -g %{privoxy_gid} -n %{name} %{veryoldname} > /dev/null 2>&1 ||:
+groupdel %{oldname} > /dev/null 2>&1 ||:
+groupdel %{veryoldname} > /dev/null 2>&1 ||:
+
+# Doublecheck to see if the group exist, and that it has the correct gid
+/bin/grep -E '^%{name}:' %{_sysconfdir}/group > /dev/null 2>&1
+if [ $? -eq 1 ]; then
+	# Looks like it does not exist. Create it
+	groupadd -g %{privoxy_gid} %{name} > /dev/null 2>&1
+else
+	/bin/grep -E '^%{name}:[^:]*:%{privoxy_gid}:' %{_sysconfdir}/group > /dev/null 2>&1
+	if [ $? -eq 1 ]; then
+		# The group exists, but does not have the correct gid
+		groupmod -g %{privoxy_gid} %{name} > /dev/null 2>&1
+	fi
+fi
+
+# Check to see if everything is okey. Create user if it still does not
+# exist
+id %{name} > /dev/null 2>&1
+if [ $? -eq 1 ]; then
+	%{_sbindir}/useradd -u %{privoxy_uid} -g %{privoxy_gid} -d %{_sysconfdir}/%{name} -r -s "" %{name} > /dev/null 2>&1 
+fi
+
+# Double check that the group has the correct uid
+P_UID=`id -u %{name} 2>/dev/null`
+if [ $P_UID -ne %{privoxy_uid} ]; then
+	%{_sbindir}/usermod -u %{privoxy_uid} %{name}
+fi
+
+# The same for the gid
+P_GID=`id -g %{name} 2>/dev/null`
+if [ $P_GID -ne %{privoxy_gid} ]; then
+	%{_sbindir}/usermod -g %{privoxy_gid} %{name}
+fi
+
+%post
+# for upgrade from 2.0.x
+[ -f %{_localstatedir}/log/%{oldname}/logfile ] && {
+  mv -f %{_localstatedir}/log/%{oldname}/logfile %{_localstatedir}/log/%{name}/logfile ||: ;
+  chown -R %{name}:%{name} %{_localstatedir}/log/%{name} 2>/dev/null ||: ;
+}
+[ -f %{_localstatedir}/log/%{name}/%{name} ] && {
+  mv -f %{_localstatedir}/log/%{name}/%{name} %{_localstatedir}/log/%{name}/logfile ||: ;
+  chown -R %{name}:%{name} %{_sysconfdir}/%{name} 2>/dev/null ||: ;
+}
+/sbin/chkconfig --add privoxy
+if [ "$1" = "1" ]; then
+	/sbin/service %{name} condrestart > /dev/null 2>&1 ||:
+fi
+
+%preun
+/sbin/service %{veryoldname} stop > /dev/null 2>&1 ||:
+/sbin/service %{oldname} stop > /dev/null 2>&1 ||:
+
+if [ "$1" = "0" ]; then
+	/sbin/service %{name} stop > /dev/null 2>&1 ||:
+	/sbin/chkconfig --del privoxy
+fi
+
+%postun
+#if [ "$1" -ge "1" ]; then
+#	/sbin/service %{name} condrestart > /dev/null 2>&1
+#fi
+# We only remove it we this is not an upgrade
+if [ "$1" = "0" ]; then
+	id privoxy > /dev/null 2>&1 && %{_sbindir}/userdel privoxy || /bin/true
+	/bin/grep -E '^%{name}:' %{_sysconfdir}/group > /dev/null && %{_sbindir}/groupdel %{name} || /bin/true
+fi
+
+%clean
+[ "%{buildroot}" != "/" ] && rm -rf %{buildroot}
+
+%files
+%defattr(0644,root,root,0755)
+%doc README AUTHORS ChangeLog LICENSE 
+#%doc doc/text/developer-manual.txt doc/text/user-manual.txt doc/text/faq.txt
+%doc doc/webserver/developer-manual
+%doc doc/webserver/user-manual
+%doc doc/webserver/faq
+%doc doc/webserver/p_doc.css doc/webserver/privoxy-index.html
+%doc doc/webserver/images
+%doc doc/webserver/man-page
+
+# ATTENTION FOR defattr change here !
+%defattr(0644,%{name},%{name},0755)
+
+%dir %{privoxyconf}
+%dir %{privoxyconf}/templates
+%dir %{_localstatedir}/log/%{name}
+
+%attr(0744,%{name},%{name})%{_sbindir}/%{name}
+
+# WARNING ! WARNING ! WARNING ! WARNING ! WARNING ! WARNING ! WARNING !
+# We should not use wildchars here. This could mask missing files problems
+# -- morcego
+# WARNING ! WARNING ! WARNING ! WARNING ! WARNING ! WARNING ! WARNING !
+%config(noreplace) %{privoxyconf}/config
+%config(noreplace) %{privoxyconf}/user.action
+%config %{privoxyconf}/match-all.action
+%config %{privoxyconf}/default.action
+%config %{privoxyconf}/default.filter
+%config %{privoxyconf}/regression-tests.action
+%config(noreplace) %{privoxyconf}/user.filter
+%config(noreplace) %{privoxyconf}/trust
+
+# Please keep these alphabetized so its easier to find one that 
+# is not included.
+%config %{privoxyconf}/templates/blocked
+%config %{privoxyconf}/templates/cgi-error-404
+%config %{privoxyconf}/templates/cgi-error-bad-param
+%config %{privoxyconf}/templates/cgi-error-disabled
+%config %{privoxyconf}/templates/cgi-error-file
+%config %{privoxyconf}/templates/cgi-error-file-read-only
+%config %{privoxyconf}/templates/cgi-error-modified
+%config %{privoxyconf}/templates/cgi-error-parse
+%config %{privoxyconf}/templates/cgi-style.css
+%config %{privoxyconf}/templates/connect-failed
+%config %{privoxyconf}/templates/default
+%config %{privoxyconf}/templates/forwarding-failed
+%config %{privoxyconf}/templates/edit-actions-add-url-form
+%config %{privoxyconf}/templates/edit-actions-for-url
+%config %{privoxyconf}/templates/edit-actions-for-url-filter
+%config %{privoxyconf}/templates/edit-actions-list
+%config %{privoxyconf}/templates/edit-actions-list-button
+%config %{privoxyconf}/templates/edit-actions-list-section
+%config %{privoxyconf}/templates/edit-actions-list-url
+%config %{privoxyconf}/templates/edit-actions-remove-url-form
+%config %{privoxyconf}/templates/edit-actions-url-form
+%config %{privoxyconf}/templates/mod-local-help
+%config %{privoxyconf}/templates/mod-support-and-service
+%config %{privoxyconf}/templates/mod-title
+%config %{privoxyconf}/templates/mod-unstable-warning
+%config %{privoxyconf}/templates/no-such-domain
+%config %{privoxyconf}/templates/show-request
+%config %{privoxyconf}/templates/show-status
+%config %{privoxyconf}/templates/show-status-file
+%config %{privoxyconf}/templates/show-url-info
+%config %{privoxyconf}/templates/show-version
+%config %{privoxyconf}/templates/toggle
+%config %{privoxyconf}/templates/toggle-mini
+%config %{privoxyconf}/templates/untrusted
+%config %{privoxyconf}/templates/url-info-osd.xml
+
+# Attention, new defattr change here !
+%defattr(0644,root,root,0755)
+
+%config(noreplace) %{_sysconfdir}/logrotate.d/%{name}
+%config(noreplace) %attr(0755,root,root) %{_sysconfdir}/rc.d/init.d/%{name}
+
+%{_mandir}/man1/%{name}.*
+
+%changelog
+* Sat Jun 18 2008 Hal Burgiss <hal at foobox.net>
+- Remove reference to txt docs.
+
+* Sat Oct 18 2006 Hal Burgiss <hal at foobox.net>
+- Bump version to 3.0.6
+
+* Sat Sep 23 2006 Jochen Schlick <j.schlick_at_decagon_de> 3.0.5-1
+- let user-manual point to local documentation
+
+* Thu Sep 21 2006 Hal Burgiss <hal at foobox.net>
+- Fix user.filter install section and clean up CVS cruft in tarball.
+
+* Wed Sep 20 2006 Hal Burgiss <hal at foobox.net>
+- Bump version to 3.0.5
+
+* Fri Sep 08 2006 Hal Burgiss <hal at foobox.net>
+- Bump version to 3.0.4
+
+* Sat Sep 02 2006 Hal Burgiss <hal at foobox.net>
+- Include new file, user.filter. Do not overwrite "trust" file 
+  (does anyone use this?).
+
+* Wed Mar 26 2003 Andreas Oesterhelt <andreas at oesterhelt.org>
+- Bump version for 3.0.2.
+
+* Wed Mar 19 2003 Hal Burgiss <hal at foobox.net>
+- Bump version for 3.0.1.
+
+* Tue Aug 25 2002 Hal Burgiss <hal at foobox.net>
+- Bump version for 3.0.0 :)
+
+* Tue Aug 06 2002 Hal Burgiss <hal at foobox.net>
+- Reset version for 2.9.20.
+
+* Tue Jul 30 2002 Hal Burgiss <hal at foobox.net>
+- Reset version for 2.9.18.
+
+* Sat Jul 27 2002 Hal Burgiss <hal at foobox.net>
+- Reset version and release for 2.9.16.
+
+* Fri Jul 12 2002 Karsten Hopp <karsten at redhat.de>
+- don't use ghost files for rcX.d/*, using chkconfig is the 
+  correct way to do this job (#68619)
+
+* Fri Jul 05 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ privoxy-2.9.15-8
+- Changing delete order for groups and users (users should be first)
+
+* Wed Jul 03 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ privoxy-2.9.15-7
+- Changing sed expression that removed CR from the end of the lines. This
+  new one removes any control caracter, and should work with older versions
+  of sed
+
+* Tue Jul 02 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ privoxy-2.9.15-6
+- Fixing defattr values. File and directory modes where swapped
+
+* Tue Jul 02 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ privoxy-2.9.15-5
+- Bumping Release number (which should be changed every time the specfile
+  is)
+
+* Tue Jul 02 2002 Hal Burgiss <hal at foobox.net>
++ privoxy-2.9.15-4
+- Fix typo in templates creation.
+
+* Wed Jun 26 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ privoxy-2.9.15-4
+- Fixing issues created by specfile sync between branches
+  - Correcting the release number (WARNING)
+  - Reintroducing text file conversion (dos -> unix)
+  - Reconverting hardcoded directories to macros
+  - Refixing ownership of privoxy files (now using multiple defattr
+    definitions)
+
+* Thu Jun 20 2002 Karsten Hopp <karsten at redhat.de>
+- fix several .spec file issues to shut up rpmlint
+  - non-standard-dir-perm /var/log/privoxy 0744
+  - invalid-vendor Privoxy.Org (This is ok for binaries compiled by privoxy
+    members, but not for packages from Red Hat)
+  - non-standard-group Networking/Utilities
+  - logrotate and init scripts should be noreplace
+
+* Mon May 27 2002 Hal Burgiss <hal at foobox.net>
++ privoxy-2.9.15-1
+- Index.html is now privoxy-index.html for doc usage.
+
+* Sat May 25 2002 Hal Burgiss <hal at foobox.net>
++ privoxy-2.9.15-1
+- Add html man page so index.html does not 404.
+
+* Fri May 24 2002 Hal Burgiss <hal at foobox.net>
++ privoxy-2.9.15-1
+- Add another template and alphabetize these for easier tracking.
+- Add doc/images directory.
+
+* Wed May 15 2002 Hal Burgiss <hal at foobox.net>
++ privoxy-2.9.15-1
+- Add templates/edit-actions-list-button
+
+* Fri May 03 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ privoxy-2.9.15-1
+- Version bump
+- Adding noreplace for %%{privoxyconf}/config
+- Included a method to verify if the versions declared on the specfile and
+  configure.in match. Interrupt the build if they don't.
+
+* Fri Apr 26 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ privoxy-2.9.14-3
+- Changing Vendor to Privoxy.Org
+
+* Tue Apr 23 2002 Hal Burgiss <hal at foobox.net>
++ privoxy-2.9.14-2
+- Adjust for new *actions files.
+
+* Mon Apr 22 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ privoxy-2.9.14-2
+- Removed the redhat hack that prevented the user and group from
+  being dealocated. That was a misundestanding of my part regarding
+  redhat policy.
+
+* Mon Apr 22 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ privoxy-2.9.14-2
+- Using macros to define uid and gid values
+- Bumping release
+
+* Mon Apr 22 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ privoxy-2.9.14-1
+- Changes to fixate the uid and gid values as (both) 73. This is a 
+  value we hope to standarize for all distributions. RedHat already
+  uses it, and Conectiva should start as soon as I find where the heck
+  I left my cluebat :-)
+- Only remove the user and group on uninstall if this is not redhat, once
+  redhat likes to have the values allocated even if the package is not 
+  installed
+
+* Tue Apr 16 2002 Hal Burgiss <hal at foobox.net>
++ privoxy-2.9.13-6
+- Add --disable-dynamic-pcre to configure.
+
+* Wed Apr 10 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ privoxy-2.9.13-5
+- Relisting template files on the %%files section
+
+* Tue Apr 09 2002 Hal Burgiss <hal at foobox.net>
++ privoxy-2.9.13-4
+- Removed 'make dok'. Docs are all maintained in CVS (and tarball) now.
+
+* Mon Apr 08 2002 Hal Burgiss <hal at foobox.net>
++ privoxy-2.9.13-4
+- Add templates/cgi-style.css, faq.txt, p_web.css, LICENSE
+- Remove templates/blocked-compact.
+- Add more docbook stuff to Builderquires.
+
+* Thu Mar 28 2002 Sarantis Paskalis <sarantis at cnl.di.uoa.gr>
++ privoxy-2.9.13-3
+- Include correct documentation file.
+
+* Tue Mar 26 2002 Hal Burgiss <hal at foobox.net>
++ privoxy-2.9.13-3
+- Fix typo in Description.
+
+* Tue Mar 26 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ privoxy-2.9.13-3
+- Added commentary asking to update the release value on the configure
+  script
+
+* Tue Mar 25 2002 Hal Burgiss <hal at foobox.net>
++ privoxy-2.9.13-3
+- Added the missing edit-actions-for-url-filter to templates.
+
+* Mon Mar 25 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ privoxy-2.9.13-2
+- Fixing Release number
+
+* Sun Mar 24 2002 Hal Burgiss <hal at foobox.net>
++ privoxy-2.9.13-2
+- Added faq to docs.
+
+* Sun Mar 24 2002 Rodrigo Barbosa <rodrigob at suespammers.org>
++ privoxy-2.9.13-2
+- Fixed the init files entries. Now we use %%ghost
+- improved username (and groupname) handling on the %%pre section. By improved
+  I mean: we do it by brute force now. Much easier to maintain. Yeah, you
+  got it right. No more Mr. Nice Guy.
+- Removed the userdel call on %%post. No need, once it's complety handled on
+  the %%pre section
+
+* Sun Mar 24 2002 Hal Burgiss <hal at foobox.net>
++ junkbusterng-2.9.13-1
+  Added autoheader. Added autoconf to buildrequires.
+
+* Sun Mar 24 2002 Hal Burgiss <hal at foobox.net>
++ junkbusterng-2.9.13-1
+- Fixed build problems re: name conflicts with man page and logrotate.
+- Commented out rc?d/* configs for time being, which are causing a build 
+- failure. /etc/junkbuster is now /etc/privoxy. Stefan did other name 
+- changes. Fixed typo ';' should be ':' causing 'rpm -e' to fail.
+
+* Fri Mar 22 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ junkbusterng-2.9.13-1
+- References to the expression ijb where changed where possible
+- New package name: junkbusterng (all in lower case, acording to
+  the LSB recomendation)
+- Version changed to: 2.9.13
+- Release: 1
+- Added: junkbuster to obsoletes and conflicts (Not sure this is
+  right. If it obsoletes, why conflict ? Have to check it later)
+- Summary changed: Stefan, please check and aprove it
+- Changes description to use the new name
+- Sed string was NOT changed. Have to wait to the manpage to
+  change first
+- Keeping the user junkbuster for now. It will require some aditional
+  changes on the script (scheduled for the next specfile release)
+- Added post entry to move the old logfile to the new log directory
+- Removing "chkconfig --add" entry (not good to have it automaticaly
+  added to the startup list).
+- Added preun section to stop the service with the old name, as well
+  as remove it from the startup list
+- Removed the chkconfig --del entry from the conditional block on
+  the preun scriptlet (now handled on the %files section)
+
+* Thu Mar 21 2002 Hal Burgiss <hal at foobox.net>
+- added ijb_docs.css to docs.
+
+* Mon Mar 11 2002 Hal Burgiss <hal at foobox.net>
++ junkbuster-2.9.11-8 
+- Take out --enable-no-gifs, breaks some browsers.
+
+* Sun Mar 10 2002 Hal Burgiss <hal at foobox.net>
++ junkbuster-2.9.11-8 
+- Add --enable-no-gifs to configure.
+
+* Fri Mar 08 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ junkbuster-2.9.11-7
+- Added BuildRequires to libtool.
+
+* Tue Mar 06 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ junkbuster-2.9.11-6
+- Changed the routined that handle the junkbust and junkbuster users on
+  %%pre and %%post to work in a smoother manner
+- %%files now uses hardcoded usernames, to avoid problems with package
+  name changes in the future
+
+* Tue Mar 05 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ junkbuster-2.9.11-5
+- Added "make redhat-dok" to the build process
+- Added docbook-utils to BuildRequires
+
+* Tue Mar 05 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ junkbuster-2.9.11-4
+- Changing man section in the manpage from 1 to 8
+- We now require packages, not files, to avoid issues with apt
+
+* Mon Mar 04 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ junkbuster-2.9.11-3
+- Fixing permissions of the init script
+
+* Mon Mar 04 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ junkbuster-2.9.11-2
+- General specfile fixup, using the best recomended practices, including:
+	- Adding -q to %%setup
+	- Using macros whereever possible
+	- Not using wildchars on %%files section
+	- Doubling the percentage char on changelog and comments, to
+	  avoid rpm expanding them
+
+* Sun Mar 03 2002 Hal Burgiss <hal at foobox.net>
+- /bin/false for shell causes init script to fail. Reverting.
+
+* Wed Jan 09 2002 Hal Burgiss <hal at foobox.net>
+- Removed UID 73. Included user-manual and developer-manual in docs.
+  Include other actions files. Default shell is now /bin/false.
+  Userdel user=junkbust. ChangeLog was not zipped. Removed 
+  RPM_OPT_FLAGS kludge.
+
+* Fri Dec 28 2001 Thomas Steudten <thomas at steudten.ch>
+- add paranoia check for 'rm -rf %%{buildroot}'
+- add gzip to 'BuildRequires'
+
+* Sat Dec  1 2001 Hal Burgiss <hal at foobox.net>
+- actionsfile is now ijb.action.
+
+* Tue Nov  6 2001 Thomas Steudten <thomas at steudten.ch>
+- Compress manpage
+- Add more documents for installation
+- Add version string to name and source
+
+* Wed Oct 24 2001 Hal Burigss <hal at foobox.net>
+- Back to user 'junkbuster' and fix configure macro.
+
+* Wed Oct 10 2001 Hal Burigss <hal at foobox.net>
+- More changes for user 'junkbust'. Init script had 'junkbuster'.
+
+* Sun Sep 23 2001 Hal Burgiss <hal at foobox.net>
+- Change of $RPM_OPT_FLAGS handling. Added new HTML doc files.
+- Changed owner of /etc/junkbuster to shut up PAM/xauth log noise.
+
+* Thu Sep 13 2001 Hal Burgiss <hal at foobox.net>
+- Added $RPM_OPT_FLAGS support, renaming of old logfile, and 
+- made sure no default shell exists for user junkbust.
+
+* Sun Jun  3 2001 Stefan Waldherr <stefan at waldherr.org>
+- rework of RPM
+
+* Mon Sep 25 2000 Stefan Waldherr <stefan at waldherr.org>
+- CLF Logging patch by davep at cyw.uklinux.net
+- Hal DeVore <haldevore at earthling.net> fix akamaitech in blocklist
+
+* Sun Sep 17 2000 Stefan Waldherr <stefan at waldherr.org>
+- Steve Kemp skx at tardis.ed.ac.uk's javascript popup patch.
+- Markus Breitenbach breitenb at rbg.informatik.tu-darmstadt.de supplied
+  numerous fixes and enhancements for Steve's patch.
+- adamlock at netscape.com (Adam Lock) in the windows version:
+  - Taskbar activity spinner always spins even when logging is
+  turned off (which is the default) - people who don't
+  like the spinner can turn it off from a menu option.
+  - Taskbar popup menu has a options submenu - people can now
+  open the settings files for cookies, blockers etc.
+  without opening the JB window.
+  - Logging functionality works again
+  - Buffer overflow is fixed - new code uses a bigger buffer
+  and snprintf so it shouldn't overflow anymore.
+- Fixed userid swa, group learning problem while installing.
+  root must build RPM.
+- Added patch by Benjamin Low <ben at snrc.uow.edu.au> that prevents JB to
+  core dump when there is no log file.
+- Tweaked SuSE startup with the help of mohataj at gmx.net and Doc.B at gmx.de.
+- Fixed man page to include imagefile and popupfile.
+- Sanity check for the statistics function added.
+- "Patrick D'Cruze" <pdcruze at orac.iinet.net.au>: It seems Microsoft
+ are transitioning Hotmail from FreeBSD/Apache to Windows 2000/IIS.
+ With IIS/5, it appears to omit the trailing \r\n from http header
+ only messages.  eg, when I visit http://www.hotmail.com, IIS/5
+ responds with a HTTP 302 redirect header.  However, this header
+ message is missing the trailing \r\n.  IIS/5 then closes the
+ connection.  Junkbuster, unfortunately, discards the header becomes
+ it thinks it is incomplete - and it is.  MS have transmitted an
+ incomplete header!
+- Added bug reports and patch submission forms in the docs.
+
+* Mon Mar 20 2000 Stefan Waldherr <stefan at waldherr.org>
+       Andrew <anw at tirana.freewire.co.uk> extended the JB:
+       Display of statistics of the total number of requests and the number
+       of requests filtered by junkbuster, also the percentage of requests
+       filtered. Suppression of the listing of files on the proxy-args page.
+       All stuff optional and configurable.
+
+* Sun Sep 12 1999 Stefan Waldherr <stefan at waldherr.org>
+       Jan Willamowius (jan at janhh.shnet.org) fixed a bug in the 
+       code which prevented the JB from handling URLs of the form
+       user:password at www.foo.com. Fixed.
+
+* Mon Aug  2 1999 Stefan Waldherr <stefan at waldherr.org>
+	Blank images are no longer cached, thanks to a hint from Markus 
+        Breitenbach <breitenb at rbg.informatik.tu-darmstadt.de>. The user 
+        agent is NO longer set by the Junkbuster. Sadly, many sites depend 
+        on the correct browser version nowadays. Incorporated many 
+	suggestions from Jan "Yenya" Kasprzak <kas at fi.muni.cz> for the
+        spec file. Fixed logging problem and since runlevel 2 does not 
+        use networking, I replaced /etc/rc.d/rc2.d/S84junkbuster with
+        /etc/rc.d/rc2.d/K09junkbuster thanks to Shaw Walker 
+        <walker at netgate.net>. You should now be able to build this RPM as 
+        a non-root user (mathias at weidner.sem.lipsia.de).
+
+* Sun Jan 31 1999 Stefan Waldherr <stefan at waldherr.org>
+	%%{_localstatedir}/log/junkbuster set to nobody. Added /etc/junkbuster/imagelist
+	to allow more sophisticated matching of blocked images. Logrotate
+	logfile. Added files for auto-updating the blocklist et al.
+
+* Wed Dec 16 1998 Stefan Waldherr <stefan at waldherr.org>
+	Configure blank version via config file. No separate blank
+	version anymore. Added Roland's <roland at spinnaker.rhein.de>
+	patch to show a logo instead of a blank area. Added a suggestion
+	from Alex <alex at cocoa.demon.co.uk>: %%{_localstatedir}/lock/subsys/junkbuster.
+	More regexps in the blocklist. Prepared the forwardfile for
+	squid. Extended image regexp with help from gabriel 
+	<somlo at CS.ColoState.EDU>.
+
+* Thu Nov 19 1998 Stefan Waldherr <stefan at waldherr.org>
+	All RPMs now identify themselves in the show-proxy-args page.
+	Released Windoze version. Run junkbuster as nobody instead of
+	root. 
+
+* Fri Oct 30 1998 Stefan Waldherr <stefan at waldherr.org>
+	Newest version. First release (hence the little version number
+	mixture -- 2.0.2-0 instead of 2.0-7). This version tightens 
+	security over 2.0.1; some multi-user sites will need to change 
+	the listen-address in the configuration file. The blank version of
+        the Internet Junkbuster has a more sophisticated way of replacing
+	images. All RPMs identify themselves in the show-proxy-args page.
+
+* Thu Sep 23 1998 Stefan Waldherr <stefan at waldherr.org>
+	Modified the blocking feature, so that only GIFs and JPEGs are
+	blocked and replaced but not HTML pages. Thanks to 
+	"Gerd Flender" <plgerd at informatik.uni-siegen.de> for this nice
+	idea. Added numerous stuff to the blocklist. Keep patches in
+        seperate files and no longer in diffs (easier to maintain).
+
+* Tue Jun 16 1998 Stefan Waldherr <swa at cs.cmu.edu>
+        Moved config files to /etc/junkbuster directory, moved man page,
+	added BuildRoot directive (Thanks to Alexey Nogin <ayn2 at cornell.edu>)
+        Made new version junkbuster-raw (which is only a stripped version of 
+        the junkuster rpm, i.e. without my blocklist, etc.)
+
+* Tue Jun 16 1998 (2.0-1)
+	Uhm, not that much. Just a new junkbuster version that
+	fixes a couple of bugs ... and of course a bigger 
+	blocklist with the unique Now-less-ads-than-ever(SM)
+	feature.
+	Oh, one thing: I changed the default user agent to Linux -- no 
+	need anymore to support Apple.
+
+* Tue Jun 16 1998 (2.0-0)
+	Now-less-ads-than-ever (SM)
+	compiled with gcc instead of cc
+	compiled with -O3, thus it should be a little faster
+	show-proxy-args now works
+	/etc/junkbuster.init wasn't necessary
+
+* Tue Jun 16 1998 (1.4)
+	some more config files were put into /etc
+	The junkbuster-blank rpm returns a 1x1 pixel image, that gets 
+	displayed by Netscape instead of the blocked image.
+	Read http://www.waldherr.org/junkbuster/ for
+	further info.
+
+* Tue Jun 16 1998 (1.3)
+	The program has been moved to /usr/sbin (from /usr/local/bin)
+	Init- and stopscripts (/etc/rc.d/rc*) have been added so
+	that the junkbuster starts automatically during bootup.
+	The /etc/blocklist file is much more sophisticated. Theoretically
+	one should e.g. browse all major US and German newspapers without
+	seeing one annoying ad.
+	junkbuster.init was modified. It now starts junkbuster with an
+	additional "-r @" flag.
+
+# $Log: privoxy-rh.spec,v $
+# Revision 1.63  2009/03/21 10:46:15  fabiankeil
+# Bump version to 3.0.12.
+#
+# Revision 1.62  2009/02/15 17:17:23  fabiankeil
+# - Bump version to 3.0.11.
+# - List match-all.action as %config file.
+#
+# Revision 1.61  2009/01/13 16:47:34  fabiankeil
+# The standard.action file is gone.
+#
+# Revision 1.60  2008/08/30 12:46:49  fabiankeil
+# The jarfile directive is gone. Update accordingly.
+#
+# Revision 1.59  2008/08/13 16:57:46  fabiankeil
+# Change version to 3.0.10.
+#
+# Revision 1.58  2008/06/19 01:52:17  hal9
+# Remove txt docs from spec file.
+#
+# Revision 1.57  2008/05/30 15:06:42  fabiankeil
+# - Add %config directive for url-info-osd.xml.
+#   As usual, this hasn't been tested.
+# - Fix comment typo.
+#
+# Revision 1.56  2008/03/16 14:17:25  fabiankeil
+# Add %config lines for regression-tests.action and forwarding-failed.
+# This might or might not help with #1915185, reported by Bernardo Bacic.
+#
+# Revision 1.55  2008/03/02 17:36:43  fabiankeil
+# Set version to 3.0.9.
+#
+# Revision 1.54  2008/01/20 14:30:59  fabiankeil
+# Set version to 3.0.8.
+#
+# Revision 1.53  2006/11/28 11:34:35  hal9
+# Fix the prep section per Support request so it actually builds.
+#
+# Revision 1.52  2006/11/18 17:36:53  hal9
+# Ooops, bumping version to 3.0.6
+#
+# Revision 1.51  2006/11/18 14:37:12  fabiankeil
+# Bump version to 3.0.6.
+#
+# Revision 1.50  2006/09/24 01:19:03  hal9
+# Add changes for user-manual directive by nfopd submitted via SF.
+#
+# Revision 1.49  2006/09/22 01:02:08  hal9
+# Fix user.filter installation and CVS files cruft per support request.
+#
+# Revision 1.48  2006/09/20 23:51:26  hal9
+# Bump versions to 3.0.5
+#
+# Revision 1.47  2006/09/09 00:35:10  hal9
+# Bumped versions to 3.0.4. Both files should be checked further.
+#
+# Revision 1.46  2006/09/02 22:22:59  hal9
+# Include user.filter, and do not overwrite trust file on updates.
+#
+# Revision 1.45  2006/07/18 14:48:47  david__schmidt
+# Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+# with what was really the latest development (the v_3_0_branch branch)
+#
+# Revision 1.33.2.22  2004/01/30 17:09:29  oes
+# Bumped version for 3.0.3
+#
+# Revision 1.33.2.21  2003/03/26 00:25:00  oes
+# Bump version for 3.0.2
+#
+# Revision 1.33.2.20  2003/03/20 03:27:11  hal9
+# Bump version for 3.0.1 pending release.
+#
+# Revision 1.33.2.19  2002/08/25 23:36:03  hal9
+# Bump version for 3.0.0.
+#
+# Revision 1.33.2.18  2002/08/10 11:28:50  oes
+# Bumped version
+#
+# Revision 1.33.2.17  2002/08/07 01:08:49  hal9
+# Bumped version to 2.9.18.
+#
+# Revision 1.33.2.16  2002/08/05 08:42:13  kick_
+# same permissions, same runlevels as all the other initscripts
+#
+# Revision 1.33.2.15  2002/07/30 21:51:19  hal9
+# Bump version to 2.9.17.
+#
+# Revision 1.33.2.14  2002/07/27 21:58:16  kick_
+# bump version
+#
+# Revision 1.33.2.13  2002/07/27 21:39:41  kick_
+# condrestart raised an error during an fresh install when privoxy wasn't already running
+#
+# Revision 1.33.2.12  2002/07/27 15:47:10  hal9
+# Reset version and release for 2.9.16.
+#
+# Revision 1.33.2.11  2002/07/25 09:47:57  kick_
+# this caused some errors during a fresh installation. It's unnecessary to call an extra program (/bin/true) to set the error code to 0
+#
+# Revision 1.33.2.10  2002/07/12 09:14:26  kick_
+# don't use ghost files for rcX.d/*, chkconfig is available to do this job. Enable translation of error messge
+#
+# Revision 1.33.2.9  2002/07/05 17:16:19  morcego
+# - Changing delete order for groups and users (users should be first)
+#
+# Revision 1.33.2.8  2002/07/03 20:46:24  morcego
+# - Changing sed expression that removed CR from the end of the lines. This
+#   new one removes any control caracter, and should work with older versions
+#   of sed
+#
+# Revision 1.33.2.7  2002/07/02 18:16:48  morcego
+# - Fixing defattr values. File and directory modes where swapped
+#
+# Revision 1.33.2.6  2002/07/02 17:38:10  morcego
+# Bumping Release number
+#
+# Revision 1.33.2.5  2002/07/02 11:43:20  hal9
+# Fix typo in templates creation.
+#
+# Revision 1.33.2.4  2002/06/26 17:32:45  morcego
+# Integrating fixed from the main branch.
+#
+# Revision 1.33.2.3  2002/06/24 12:13:34  kick_
+# shut up rpmlint. btw: The vendor tag should be set in you .rpmmacros file, not in the spec file!
+#
+# Revision 1.33.2.2  2002/05/28 02:39:38  hal9
+# Replace index.html with privoxy-index.html for docs.
+#
+# Revision 1.33.2.1  2002/05/26 17:20:23  hal9
+# Add images to doc dirs.
+#
+# Revision 1.33  2002/05/25 02:08:23  hal9
+# Add doc/images directory.
+# Redhat: alphabetized list of templates (and I think added one in the process)
+#
+# Revision 1.32  2002/05/16 01:37:29  hal9
+# Add new template file so CGI stuff works :)
+#
+# Revision 1.31  2002/05/03 17:14:35  morcego
+# *.spec: Version bump to 2.9.15
+# -rh.spec: noreplace for %%{privoxyconf}/config
+#           Will interrupt the build if versions from configure.in and
+# 		specfile do not match
+#
+# Revision 1.30  2002/04/26 15:51:05  morcego
+# Changing Vendor value to Privoxy.Org
+#
+# Revision 1.29  2002/04/24 03:13:51  hal9
+# New actions files changes.
+#
+# Revision 1.28  2002/04/22 18:51:33  morcego
+# user and group now get removed on rh too.
+#
+# Revision 1.27  2002/04/22 16:32:31  morcego
+# configure.in, *.spec: Bumping release to 2 (2.9.14-2)
+# -rh.spec: uid and gid are now macros
+# -suse.spec: Changing the header Copyright to License (Copyright is
+#             deprecable)
+#
+# Revision 1.26  2002/04/22 16:24:36  morcego
+# - Changes to fixate the uid and gid values as (both) 73. This is a
+#   value we hope to standarize for all distributions. RedHat already
+#   uses it, and Conectiva should start as soon as I find where the heck
+#   I left my cluebat :-)
+# - Only remove the user and group on uninstall if this is not redhat, once
+#   redhat likes to have the values allocated even if the package is not
+#   installed
+#
+# Revision 1.25  2002/04/17 01:59:12  hal9
+# Add --disable-dynamic-pcre.
+#
+# Revision 1.24  2002/04/11 10:09:20  oes
+# Version 2.9.14
+#
+# Revision 1.23  2002/04/10 18:14:45  morcego
+# - (privoxy-rh.spec only) Relisting template files on the %%files section
+# - (configure.in, privoxy-rh.spec) Bumped package release to 5
+#
+# Revision 1.22  2002/04/09 22:06:12  hal9
+# Remove 'make dok'.
+#
+# Revision 1.21  2002/04/09 02:52:26  hal9
+# - Add templates/cgi-style.css, faq.txt, p_web.css, LICENSE
+# - Remove templates/blocked-compact.
+# - Add more docbook stuff to Buildrequires.
+#
+# Revision 1.20  2002/04/08 20:27:45  swa
+# fixed JB spelling
+#
+# Revision 1.19  2002/03/27 22:44:59  sarantis
+# Include correct documentation file.
+#
+# Revision 1.18  2002/03/27 22:10:14  sarantis
+# bumped Hal's last commit 1 day to the future to make rpm build again.
+#
+# Revision 1.17  2002/03/27 00:48:23  hal9
+# Fix up descrition.
+#
+# Revision 1.16  2002/03/26 22:29:55  swa
+# we have a new homepage!
+#
+# Revision 1.15  2002/03/26 17:39:54  morcego
+# Adding comment on the specfile to remember the packager to update
+# the release number on the configure script
+#
+# Revision 1.14  2002/03/26 14:25:15  hal9
+# Added edit-actions-for-url-filter to templates in %%config
+#
+# Revision 1.13  2002/03/25 13:31:04  morcego
+# Bumping Release tag.
+#
+# Revision 1.12  2002/03/25 03:11:40  hal9
+# Do it right way this time :/
+#
+# Revision 1.11  2002/03/25 03:09:51  hal9
+# Added faq to docs.
+#
+# Revision 1.10  2002/03/24 22:16:14  morcego
+# Just removing some old commentaries.
+#
+# Revision 1.9  2002/03/24 22:03:22  morcego
+# Should be working now. See %changelog for details
+#
+# Revision 1.8  2002/03/24 21:13:01  morcego
+# Tis broken.
+#
+# Revision 1.7  2002/03/24 21:07:18  hal9
+# Add autoheader, etc.
+#
+# Revision 1.6  2002/03/24 19:56:40  hal9
+# /etc/junkbuster is now /etc/privoxy. Fixed ';' typo.
+#
+# Revision 1.4  2002/03/24 13:32:42  swa
+# name change related issues
+#
+# Revision 1.3  2002/03/24 12:56:21  swa
+# name change related issues.
+#
+# Revision 1.2  2002/03/24 11:40:14  swa
+# name change
+#
+# Revision 1.1  2002/03/24 11:23:44  swa
+# name change
+#
+# Revision 1.1  2002/03/22 20:53:03  morcego
+# - Ongoing process to change name to JunkbusterNG
+# - configure/configure.in: no change needed
+# - GNUmakefile.in:
+#         - TAR_ARCH = /tmp/JunkbusterNG-$(RPM_VERSION).tar.gz
+#         - PROGRAM    = jbng at EXEEXT@
+#         - rh-spec now references as junkbusterng-rh.spec
+#         - redhat-upload: references changed to junkbusterng-* (package names)
+#         - tarball-dist: references changed to JunkbusterNG-distribution-*
+#         - tarball-src: now JunkbusterNG-*
+#         - install: initscript now junkbusterng.init and junkbusterng (when
+#                    installed)
+# - junkbuster-rh.spec: renamed to junkbusterng-rh.spec
+# - junkbusterng.spec:
+#         - References to the expression ijb where changed where possible
+#         - New package name: junkbusterng (all in lower case, acording to
+#           the LSB recomendation)
+#         - Version changed to: 2.9.13
+#         - Release: 1
+#         - Added: junkbuster to obsoletes and conflicts (Not sure this is
+#           right. If it obsoletes, why conflict ? Have to check it later)
+#         - Summary changed: Stefan, please check and aprove it
+#         - Changes description to use the new name
+#         - Sed string was NOT changed. Have to wait to the manpage to
+#           change first
+#         - Keeping the user junkbuster for now. It will require some aditional
+#           changes on the script (scheduled for the next specfile release)
+#         - Added post entry to move the old logfile to the new log directory
+#         - Removing "chkconfig --add" entry (not good to have it automaticaly
+#           added to the startup list).
+#         - Added preun section to stop the service with the old name, as well
+#           as remove it from the startup list
+#         - Removed the chkconfig --del entry from the conditional block on
+#           the preun scriptlet (now handled on the %files section)
+# - junkbuster.init: renamed to junkbusterng.init
+# - junkbusterng.init:
+#         - Changed JB_BIN to jbng
+#         - Created JB_OBIN with the old value of JB_BIN (junkbuster), to
+#           be used where necessary (config dir)
+#
+# Aditional notes:
+# - The config directory is /etc/junkbuster yet. Have to change it on the
+# specfile, after it is changes on the code
+# - The only files that got renamed on the cvs tree were the rh specfile and
+# the init file. Some file references got changes on the makefile and on the
+# rh-spec (as listed above)
+#
+# Revision 1.43  2002/03/21 16:04:10  hal9
+# added ijb_docs.css to %doc
+#
+# Revision 1.42  2002/03/12 13:41:18  sarantis
+# remove hard-coded "ijbswa" string in build phase
+#
+# Revision 1.41  2002/03/11 22:58:32  hal9
+# Remove --enable-no-gifs
+#
+# Revision 1.39  2002/03/08 18:57:29  swa
+# remove user junkbuster after de-installation.
+#
+# Revision 1.38  2002/03/08 13:45:27  morcego
+# Adding libtool to Buildrequires
+#
+# Revision 1.37  2002/03/07 19:23:49  swa
+# i hate to scroll. suse: wrong configdir.
+#
+# Revision 1.36  2002/03/07 05:06:54  morcego
+# Fixed %pre scriptlet. And, as a bonus, you can even understand it now. :-)
+#
+# Revision 1.34  2002/03/07 00:11:57  morcego
+# Few changes on the %pre and %post sections of the rh specfile to handle
+# usernames more cleanly
+#
+# Revision 1.33  2002/03/05 13:13:57  morcego
+# - Added "make redhat-dok" to the build phase
+# - Added docbook-utils to BuildRequires
+#
+# Revision 1.32  2002/03/05 12:34:24  morcego
+# - Changing section internaly on the manpage from 1 to 8
+# - We now require packages, not files, to avoid issues with apt
+#
+# Revision 1.31  2002/03/04 18:06:09  morcego
+# SPECFILE: fixing permissing of the init script (broken by the last change)
+#
+# Revision 1.30  2002/03/04 16:18:03  morcego
+# General cleanup of the rh specfile.
+#
+# %changelog
+# * Mon Mar 04 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
+# + junkbuster-2.9.11-2
+# - General specfile fixup, using the best recomended practices, including:
+#         - Adding -q to %%setup
+#         - Using macros whereever possible
+#         - Not using wildchars on %%files section
+#         - Doubling the percentage char on changelog and comments, to
+#           avoid rpm expanding them
+#
+# Revision 1.29  2002/03/03 19:21:22  hal9
+# Init script fails if shell is /bin/false.
+#
+# Revision 1.28  2002/01/09 18:34:03  hal9
+# nit.
+#
+# Revision 1.27  2002/01/09 18:32:02  hal9
+# Removed RPM_OPT_FLAGS kludge.
+#
+# Revision 1.26  2002/01/09 18:21:10  hal9
+# A few minor updates.
+#
+# Revision 1.25  2001/12/28 01:45:36  steudten
+# Add paranoia check and BuildReq: gzip
+#
+# Revision 1.24  2001/12/01 21:43:14  hal9
+# Allowed for new ijb.action file.
+#
+# Revision 1.23  2001/11/06 12:09:03  steudten
+# Compress doc files. Install README and AUTHORS at last as document.
+#
+# Revision 1.22  2001/11/05 21:37:34  steudten
+# Fix to include the actual version for name.
+# Let the 'real' packager be included - sorry stefan.
+#
+# Revision 1.21  2001/10/31 19:27:27  swa
+# consistent description. new name for suse since
+# we had troubles with rpms of identical names
+# on the webserver.
+#
+# Revision 1.20  2001/10/24 15:45:49  hal9
+# To keep Thomas happy (aka correcting my  mistakes)
+#
+# Revision 1.19  2001/10/15 03:23:59  hal9
+# Nits.
+#
+# Revision 1.17  2001/10/10 18:59:28  hal9
+# Minor change for init script.
+#
+# Revision 1.16  2001/09/24 20:56:23  hal9
+# Minor changes.
+#
+# Revision 1.13  2001/09/10 17:44:43  swa
+# integrate three pieces of documentation. needs work.
+# will not build cleanly under redhat.
+#
+# Revision 1.12  2001/09/10 16:25:04  swa
+# copy all templates. version updated.
+#
+# Revision 1.11  2001/07/03 11:00:25  sarantis
+# replaced permissionsfile with actionsfile
+#
+# Revision 1.10  2001/07/03 09:34:44  sarantis
+# bumped up version number.
+#
+# Revision 1.9  2001/06/12 18:15:29  swa
+# the %% in front of configure (see tag below) confused
+# the rpm build process on 7.1.
+#
+# Revision 1.8  2001/06/12 17:15:56  swa
+# fixes, because a clean build on rh6.1 was impossible.
+# GZIP confuses make, %% configure confuses rpm, etc.
+#
+# Revision 1.7  2001/06/11 12:17:26  sarantis
+# fix typo in %%post
+#
+# Revision 1.6  2001/06/11 11:28:25  sarantis
+# Further optimizations and adaptations in the spec file.
+#
+# Revision 1.5  2001/06/09 09:14:11  swa
+# shamelessly adapted RPM stuff from the newest rpm that
+# RedHat provided for the JB.
+#
+# Revision 1.4  2001/06/08 20:54:18  swa
+# type with status file. remove forward et. al from file list.
+#
+# Revision 1.3  2001/06/07 17:28:10  swa
+# cosmetics
+#
+# Revision 1.2  2001/06/04 18:31:58  swa
+# files are now prefixed with either `confdir' or `logdir'.
+# `make redhat-dist' replaces both entries confdir and logdir
+# with redhat values
+#
+# Revision 1.1  2001/06/04 10:44:57  swa
+# `make redhatr-dist' now works. Except for the paths
+# in the config file.
+#
+#
+#
diff --git a/external/privoxy/privoxy-suse.spec b/external/privoxy/privoxy-suse.spec
new file mode 100644
index 0000000..fc39938
--- /dev/null
+++ b/external/privoxy/privoxy-suse.spec
@@ -0,0 +1,556 @@
+# $Id: privoxy-suse.spec,v 1.33 2009/03/21 10:46:15 fabiankeil Exp $
+#
+# Written by and Copyright (C) 2001-2006 the SourceForge
+# Privoxy team. http://www.privoxy.org/
+#
+# Based on the Internet Junkbuster originally written
+# by and Copyright (C) 1997 Anonymous Coders and 
+# Junkbusters Corporation.  http://www.junkbusters.com
+#
+# This program is free software; you can redistribute it 
+# and/or modify it under the terms of the GNU General
+# Public License as published by the Free Software
+# Foundation; either version 2 of the License, or (at
+# your option) any later version.
+#
+# This program is distributed in the hope that it will
+# be useful, but WITHOUT ANY WARRANTY; without even the
+# implied warranty of MERCHANTABILITY or FITNESS FOR A
+# PARTICULAR PURPOSE.  See the GNU General Public 
+# License for more details.
+#
+# The GNU General Public License should be included with
+# this file.  If not, you can view it at
+# http://www.gnu.org/copyleft/gpl.html
+# or write to the Free Software Foundation, Inc., 59
+# Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
+
+# do not set to %{name}
+%define privoxyconf %{_sysconfdir}/privoxy
+%define privoxy_uid 73
+%define privoxy_gid 73
+
+
+Summary:      Privoxy - privacy enhancing proxy
+Vendor:       Privoxy.Org
+Name:         privoxy-suse
+Distribution: defineme
+Version: 3.0.12
+Release: 1
+# Needs makefile change: Source: http://prdownloads.sourceforge.net/ijbswa/privoxy-%{version}-%{status}-src.tar.gz
+Source: http://prdownloads.sourceforge.net/ijbswa/privoxy-%{version}.tar.gz
+# not sure if this works
+BuildRoot: %{_tmppath}/%{name}-%{version}-root
+Packager:     http://www.privoxy.org/
+License:     GPL
+Group:        Networking/Utilities
+URL:          http://www.privoxy.org/
+Autoreqprov:  on
+BuildRequires: perl gzip libtool autoconf
+Conflicts: junkbuster-raw junkbuster-blank junkbuster-suse junkbuster privoxy
+
+#
+# -----------------------------------------------------------------------------
+#
+%description
+Privoxy is a web proxy with advanced filtering capabilities for
+protecting privacy, modifying web page data, managing cookies,
+controlling access, and removing ads, banners, pop-ups and other
+obnoxious Internet junk. Privoxy has a very flexible configuration and
+can be customized to suit individual needs and tastes. Privoxy has 
+application for both stand-alone systems and multi-user networks.
+
+Privoxy is based on the Internet Junkbuster.
+
+Authors:
+--------
+    http://www.privoxy.org/
+
+SuSE series: n
+
+#
+# -----------------------------------------------------------------------------
+#
+%prep
+%setup -c
+
+#
+# -----------------------------------------------------------------------------
+#
+%build
+autoheader
+autoconf
+./configure --disable-dynamic-pcre
+make
+
+
+## Explicitily stripping is not recomended.
+## This is handled altomaticaly by RPM, and can couse troubles if
+## anyone wants to build an unstriped version - morcego
+#strip privoxy
+
+#
+# -----------------------------------------------------------------------------
+#
+%install
+[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
+mkdir -p ${RPM_BUILD_ROOT}%{_sbindir} \
+         ${RPM_BUILD_ROOT}%{_mandir}/man8 \
+         ${RPM_BUILD_ROOT}/var/log/privoxy \
+         ${RPM_BUILD_ROOT}%{privoxyconf}/templates \
+         ${RPM_BUILD_ROOT}%{_sysconfdir}/logrotate.d \
+         ${RPM_BUILD_ROOT}%{_sysconfdir}/init.d
+gzip README AUTHORS ChangeLog privoxy.1 LICENSE || /bin/true
+install -s -m 744 privoxy $RPM_BUILD_ROOT%{_sbindir}/privoxy
+cp -f privoxy.1.gz $RPM_BUILD_ROOT%{_mandir}/man8/privoxy.8.gz
+cp -f *.action $RPM_BUILD_ROOT%{privoxyconf}/
+cp -f default.filter $RPM_BUILD_ROOT%{privoxyconf}/default.filter
+cp -f trust $RPM_BUILD_ROOT%{privoxyconf}/trust
+cp -f templates/*  $RPM_BUILD_ROOT%{privoxyconf}/templates/
+cp -f privoxy.logrotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/privoxy
+install -m 755 privoxy.init.suse $RPM_BUILD_ROOT%{_sysconfdir}/init.d/privoxy
+install -m 711 -d $RPM_BUILD_ROOT/var/log/privoxy
+ln -sf /etc/init.d/privoxy $RPM_BUILD_ROOT/usr/sbin/rcprivoxy
+
+# verify all file locations, etc. in the config file
+# don't start with ^ or commented lines are not replaced
+cat config | \
+    sed 's/^confdir.*/confdir \/etc\/privoxy/g' | \
+#    sed 's/^permissionsfile.*/permissionsfile \/etc\/privoxy\/permissionsfile/g' | \
+#    sed 's/^filterfile.*/default.filter \/etc\/privoxy\/default.filter/g' | \
+#    sed 's/^logfile.*/logfile \/var\/log\/privoxy\/logfile/g' | \
+#    sed 's/^forward.*/forward \/etc\/privoxy\/forward/g' | \
+#    sed 's/^aclfile.*/aclfile \/etc\/privoxy\/aclfile/g' > \
+    sed 's/^logdir.*/logdir \/var\/log\/privoxy/g' > \
+    $RPM_BUILD_ROOT%{privoxyconf}/config
+
+#
+# -----------------------------------------------------------------------------
+#
+%pre
+# We check to see if the user privoxy exists.
+# If it does, we do nothing
+# If we don't, we check to see if the user junkbust exist and, in case it
+# does, we change it do privoxy. If it also does not exist, we create the
+# privoxy user -- morcego
+id privoxy > /dev/null 2>&1 
+if [ $? -eq 1 ]; then
+	id junkbust > /dev/null 2>&1 
+	if [ $? -eq 0 ]; then
+		/usr/sbin/usermod -u %{privoxy_uid} -g %{privoxy_gid} -l privoxy -d %{_sysconfdir}/privoxy -s "" junkbust  > /dev/null 2>&1
+	else
+# -r does not work on suse.
+		/usr/sbin/groupadd -g %{privoxy_gid} privoxy
+		/usr/sbin/useradd -u %{privoxy_uid} -d %{_sysconfdir}/privoxy -g privoxy -s "" privoxy > /dev/null 2>&1 
+	fi
+fi
+
+#
+# -----------------------------------------------------------------------------
+#
+%post
+[ -f /var/log/privoxy/privoxy ] &&\
+ mv -f /var/log/privoxy/privoxy /var/log/privoxy/logfile || /bin/true
+chown -R privoxy:privoxy /var/log/privoxy 2>/dev/null
+chown -R privoxy:privoxy /etc/privoxy 2>/dev/null
+# not available on suse
+#if [ "$1" = "1" ]; then
+#     /sbin/chkconfig --add privoxy
+#	/sbin/service privoxy condrestart > /dev/null 2>&1
+#fi
+# 01/09/02 HB, getting rid of any user=junkbust
+# Changed by morcego to use the id command.
+id junkbust > /dev/null 2>&1 && /usr/sbin/userdel junkbust || /bin/true
+sbin/insserv etc/init.d/privoxy
+
+#
+# -----------------------------------------------------------------------------
+#
+%preun
+# need to stop the service on suse. swa.
+#if [ "$1" = "0" ]; then
+#	/sbin/service privoxy stop > /dev/null 2>&1 ||:
+#fi
+
+#
+# -----------------------------------------------------------------------------
+#
+%postun
+sbin/insserv etc/init.d/
+# dont forget to remove user and group privoxy
+id privoxy > /dev/null 2>&1 && /usr/sbin/userdel privoxy || /bin/true
+
+#
+# -----------------------------------------------------------------------------
+#
+%clean
+[ "$RPM_BUILD_ROOT" != "/" ] && rm -rf $RPM_BUILD_ROOT
+
+#
+# -----------------------------------------------------------------------------
+#
+%files
+%defattr(-,root,root)
+%doc README.gz AUTHORS.gz ChangeLog.gz LICENSE.gz
+%doc doc/webserver/developer-manual
+%doc doc/webserver/user-manual
+%doc doc/webserver/faq
+%doc doc/webserver/p_doc.css
+%doc doc/webserver/privoxy-index.html
+%doc doc/webserver/images
+%doc doc/webserver/man-page
+
+%dir %{privoxyconf}
+%config %{privoxyconf}/*
+%attr(0740,privoxy,privoxy) %dir /var/log/privoxy
+%config %{_sysconfdir}/logrotate.d/privoxy
+%attr(0755,root,root)/usr/sbin/privoxy
+%{_mandir}/man8/*
+%config %{_sysconfdir}/init.d/privoxy
+/usr/sbin/rcprivoxy
+
+#
+# -----------------------------------------------------------------------------
+#
+%changelog
+* Wed Sep 20 2006 Hal Burgiss <hal at foobox.net>
+- Bump version for 3.0.5.
+
+* Fri Sep 08 2006 Hal Burgiss <hal at foobox.net>
+- Bump version for 3.0.4.
+
+* Wed Mar 26 2003 Andreas Oesterhelt <andreas at oesterhelt.org>
+- Bump version for 3.0.2.
+
+* Wed Mar 19 2003 Hal Burgiss <hal at foobox.net>
+- Bump version for 3.0.1.
+
+* Tue Aug 25 2002 Hal Burgiss <hal at foobox.net>
+- Bump version for 3.0.0 :) 
+
+* Tue Aug 06 2002 Hal Burgiss <hal at foobox.net>
+- Reset version for 2.9.18. 
+
+* Wed Jul 30 2002 Hal Burgiss <hal at foobox.net>
+- Reset version for 2.9.17.
+
+* Sat Jul 27 2002 Hal Burgiss <hal at foobox.net>
+- Reset version and release for 2.9.16.
+
+* Mon May 27 2002 Hal Burgiss <hal at foobox.net>
++ privoxy-2.9.15-1
+- Index.html is now privoxy-index.html for doc usage.
+
+* Mon May 27 2002 Hal Burgiss <hal at foobox.net>
++ privoxy-2.9.15-1
+- Index.html is now privoxy-index.html for doc usage.
+
+* Sat May 25 2002 Hal Burgiss <hal at foobox.net>
++ privoxy-2.9.15-1
+- Add html man page so index.html does not 404.
+
+* Fri May 24 2002 Hal Burgiss <hal at foobox.net>
++ privoxy-2.9.15-1
+- Add doc/images directory.
+
+* Fri May 03 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ privoxy-suse-2.9.15-1
+- Version bump
+
+* Fri Apr 26 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ privoxy-suse-2.9.14-3
+- Changing Vendor to Privoxy.Org
+
+* Mon Apr 22 2002 Rodrigo Barbosa <rodrigob at tisbrasil.com.br>
++ privoxy-suse-2.9.14-2
+- Bumping release to reflect the new value on configure.in
+- Taking the oportunity to change the header Copyright to License. The
+  Copyright headers is deprecated, and after all, GPL is a license, not a
+  Copyright
+
+* Mon Apr 08 2002 Hal Burgiss <hal at foobox.net>
++ privoxy-2.9.13-4
+- Add LICENSE.gz, p_web.css, and index.html. Add autoconf
+- to Buildrequires.
+
+* Wed Mar 27 2002 Hal Burgiss <hal at foobox.net>
++ privoxy-2.9.13-3
+- Doc css has changed names.
+
+* Tue Mar 25 2002 Hal Burgiss <hal at foobox.net>
++ privoxy-2.9.13-3
+- Minor fix to description.
+
+* Sun Mar 24 2002 Hal Burgiss <hal at foobox.net>
+- added faq to docs.
+
+* Thu Mar 21 2002 Hal Burgiss <hal at foobox.net>
+- added ijb_docs.css to docs.
+
+* Mon Mar 11 2002 Hal Burgiss <hal at foobox.net>
+- Remove --enable-no-gifs from configure.
+
+* Sun Mar 03 2002 Hal Burgiss <hal at foobox.net>
+- /bin/false for shell causes init script to fail. Reverting.
+
+* Wed Jan 09 2002 Hal Burgiss <hal at foobox.net>
+- Removed UID 73. Included user-manual and developer-manual in docs.
+  Include other actions files. Default shell is now /bin/false.
+  Userdel user=junkbust. ChangeLog was not zipped. Removed
+  RPM_OPT_FLAGS kludge.
+
+* Fri Dec 28 2001 Thomas Steudten <thomas at steudten.ch>
+- add paranoia check for 'rm -rf $RPM_BUILD_ROOT'
+- add gzip to 'BuildRequires'
+
+* Sat Dec  1 2001 Hal Burgiss <hal at foobox.net>
+- actionsfile is now ijb.action.
+
+* Tue Nov  6 2001 Thomas Steudten <thomas at steudten.ch>
+- Compress manpage
+- Add more documents for installation
+- Add version string to name and source
+
+* Wed Oct 24 2001 Hal Burigss <hal at foobox.net>
+- Back to user 'junkbuster' and fix configure macro.
+
+* Wed Oct 10 2001 Hal Burigss <hal at foobox.net>
+- More changes for user 'junkbust'. Init script had 'junkbuster'.
+
+* Sun Sep 23 2001 Hal Burgiss <hal at foobox.net>
+- Change of $RPM_OPT_FLAGS handling. Added new HTML doc files.
+- Changed owner of /etc/junkbuster to shut up PAM/xauth log noise.
+
+* Thu Sep 13 2001 Hal Burgiss <hal at foobox.net>
+- Added $RPM_OPT_FLAGS support, renaming of old logfile, and
+- made sure no default shell exists for user junkbust.
+
+* Sun Jun  3 2001 Stefan Waldherr <stefan at waldherr.org>
+- rework of RPM
+* Wed Feb 14 2001 - uli at suse.de
+- fixed init script
+* Wed Dec 06 2000 - bjacke at suse.de
+- renamed package to junkbuster
+- fixed copyright tag
+* Thu Nov 30 2000 - uli at suse.de
+- moved init script to /etc/init.d
+* Wed Feb 16 2000 - kukuk at suse.de
+- Move /usr/man -> /usr/share/man
+- Mark /etc/ijb as "config(noreplace)"
+* Mon Sep 20 1999 - uli at suse.de
+- fixed init script
+* Mon Sep 13 1999 - bs at suse.de
+- ran old prepare_spec on spec file to switch to new prepare_spec.
+* Thu Apr 01 1999 - daniel at suse.de
+- do not start ijb as root (security)
+* Tue Mar 30 1999 - daniel at suse.de
+- don´t use saclfile.ini
+* Tue Mar 30 1999 - daniel at suse.de
+- small fix to whitelist-configuration,
+  version is and was 2.0.2 WITHOUT Stefan Waldherr's patches
+  (http://www.waldherr.org/junkbuster/)
+* Mon Mar 01 1999 - daniel at suse.de
+- new package: version 2.0
+
+# $Log: privoxy-suse.spec,v $
+# Revision 1.33  2009/03/21 10:46:15  fabiankeil
+# Bump version to 3.0.12.
+#
+# Revision 1.32  2009/02/15 17:18:14  fabiankeil
+# - Bump version to 3.0.11.
+#
+# Revision 1.31  2008/08/30 12:46:49  fabiankeil
+# The jarfile directive is gone. Update accordingly.
+#
+# Revision 1.30  2008/08/13 16:57:46  fabiankeil
+# Change version to 3.0.10.
+#
+# Revision 1.29  2008/03/02 17:36:43  fabiankeil
+# Set version to 3.0.9.
+#
+# Revision 1.28  2008/01/20 14:30:59  fabiankeil
+# Set version to 3.0.8.
+#
+# Revision 1.27  2006/11/18 14:37:12  fabiankeil
+# Bump version to 3.0.6.
+#
+# Revision 1.26  2006/09/20 23:51:26  hal9
+# Bump versions to 3.0.5
+#
+# Revision 1.25  2006/09/09 00:35:10  hal9
+# Bumped versions to 3.0.4. Both files should be checked further.
+#
+# Revision 1.24  2006/07/18 14:48:47  david__schmidt
+# Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+# with what was really the latest development (the v_3_0_branch branch)
+#
+# Revision 1.20.2.10  2004/01/30 17:09:29  oes
+# Bumped version for 3.0.3
+#
+# Revision 1.20.2.9  2003/03/26 00:24:58  oes
+# Bump version for 3.0.2
+#
+# Revision 1.20.2.8  2003/03/20 03:27:11  hal9
+# Bump version for 3.0.1 pending release.
+#
+# Revision 1.20.2.7  2002/08/25 23:36:03  hal9
+# Bump version for 3.0.0.
+#
+# Revision 1.20.2.6  2002/08/10 11:28:50  oes
+# Bumped version
+#
+# Revision 1.20.2.5  2002/08/07 01:08:49  hal9
+# Bumped version to 2.9.18.
+#
+# Revision 1.20.2.4  2002/07/30 21:51:19  hal9
+# Bump version to 2.9.17.
+#
+# Revision 1.20.2.3  2002/07/27 15:47:10  hal9
+# Reset version and release for 2.9.16.
+#
+# Revision 1.20.2.2  2002/05/28 02:39:38  hal9
+# Replace index.html with privoxy-index.html for docs.
+#
+# Revision 1.20.2.1  2002/05/26 17:20:23  hal9
+# Add images to doc dirs.
+#
+# Revision 1.20  2002/05/25 02:08:23  hal9
+# Add doc/images directory.
+# Redhat: alphabetized list of templates (and I think added one in the process)
+#
+# Revision 1.19  2002/05/03 17:14:36  morcego
+# *.spec: Version bump to 2.9.15
+# -rh.spec: noreplace for %%{privoxyconf}/config
+#           Will interrupt the build if versions from configure.in and
+# 		specfile do not match
+#
+# Revision 1.18  2002/04/27 20:26:59  swa
+# uid, gui 73 incorporated
+#
+# Revision 1.17  2002/04/26 15:51:05  morcego
+# Changing Vendor value to Privoxy.Org
+#
+# Revision 1.16  2002/04/22 16:32:31  morcego
+# configure.in, *.spec: Bumping release to 2 (2.9.14-2)
+# -rh.spec: uid and gid are now macros
+# -suse.spec: Changing the header Copyright to License (Copyright is
+#             deprecable)
+#
+# Revision 1.15  2002/04/16 18:49:07  oes
+# Build with static built-in pcre
+#
+# Revision 1.14  2002/04/11 17:57:40  oes
+# Fixed(?) Conflicts: Provides: Obsoletes:
+#
+# Revision 1.13  2002/04/11 10:09:20  oes
+# Version 2.9.14
+#
+# Revision 1.12  2002/04/09 13:29:43  swa
+# build suse and gen-dist with html docs. do not generate docs while building rpm
+#
+# Revision 1.11  2002/04/09 03:12:37  hal9
+# Add LICENSE, p_web.css and index.html. Add autoconf to buildrequires.
+#
+# Revision 1.10  2002/04/08 20:24:13  swa
+# fixed JB spelling
+#
+# Revision 1.9  2002/03/30 09:01:52  swa
+# new release
+#
+# Revision 1.8  2002/03/27 23:46:41  hal9
+# ijb_docs.css to p_doc.css
+#
+# Revision 1.7  2002/03/27 00:49:39  hal9
+# Minor fix to description.
+#
+# Revision 1.6  2002/03/26 22:29:55  swa
+# we have a new homepage!
+#
+# Revision 1.5  2002/03/25 03:10:50  hal9
+# Added faq to docs.
+#
+# Revision 1.4  2002/03/24 12:56:21  swa
+# name change related issues.
+#
+# Revision 1.3  2002/03/24 12:44:31  swa
+# new version string
+#
+# Revision 1.2  2002/03/24 11:40:14  swa
+# name change
+#
+# Revision 1.1  2002/03/24 11:23:44  swa
+# name change
+#
+# Revision 1.21  2002/03/21 16:04:33  hal9
+# added ijb_docs.css to %%doc
+#
+# Revision 1.20  2002/03/12 13:42:14  sarantis
+# remove hardcoded "ijbswa" from build phase
+#
+# Revision 1.19  2002/03/11 22:59:05  hal9
+# Remove --enable-no-gifs
+#
+# Revision 1.18  2002/03/11 12:30:31  swa
+# be consistent with rh spec file
+#
+# Revision 1.17  2002/03/08 19:30:23  swa
+# remove user junkbuster after de-installation.
+# synced suse with rh-specfile. installation
+# and de-installation seem to work.
+#
+# Revision 1.16  2002/03/08 18:40:44  swa
+# build requires tools. useradd and del works
+# now.
+#
+# Revision 1.15  2002/03/07 19:23:50  swa
+# i hate to scroll. suse: wrong configdir.
+#
+# Revision 1.14  2002/03/07 19:10:21  swa
+# builds cleanly. thanks to kukuk at suse.de
+# not yet tested.
+#
+# Revision 1.13  2002/03/07 18:25:56  swa
+# synced redhat and suse build process
+#
+# Revision 1.12  2002/03/02 15:50:04  swa
+# 2.9.11 version. more input for docs.
+#
+# Revision 1.11  2001/12/02 10:29:26  swa
+# New version made these changes necessary.
+#
+# Revision 1.10  2001/10/31 19:27:27  swa
+# consistent description. new name for suse since
+# we had troubles with rpms of identical names
+# on the webserver.
+#
+# Revision 1.9  2001/10/26 18:17:23  swa
+# new version string
+#
+# Revision 1.8  2001/09/13 16:22:42  swa
+# man page is legacy. suse rpm now contains html
+# documentation.
+#
+# Revision 1.7  2001/09/10 17:44:22  swa
+# integrate three pieces of documentation.
+#
+# Revision 1.6  2001/09/10 16:29:23  swa
+# binary contained debug info.
+# buildroot definition fucks up the build process under suse.
+# program needs to write in varlogjunkbuster
+# install all templates
+# create varlogjunkbuster
+#
+# Revision 1.5  2001/06/09 09:13:29  swa
+# description shorter
+#
+# Revision 1.4  2001/06/08 20:53:36  swa
+# use buildroot, export init to separate file (better manageability)
+#
+# Revision 1.3  2001/06/07 17:28:10  swa
+# cosmetics
+#
+# Revision 1.2  2001/06/07 17:18:44  swa
+# header fixed
+#
+#
diff --git a/external/privoxy/privoxy.1 b/external/privoxy/privoxy.1
new file mode 100644
index 0000000..dca772a
--- /dev/null
+++ b/external/privoxy/privoxy.1
@@ -0,0 +1,216 @@
+.\" This manpage has been automatically generated by docbook2man 
+.\" from a DocBook document.  This tool can be found at:
+.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/> 
+.\" Please send any bug reports, improvements, comments, patches, 
+.\" etc. to Steve Cheng <steve at ggi-project.org>.
+.TH "PRIVOXY" "1" "21 March 2009" "Privoxy 3.0.12" ""
+.SH NAME
+privoxy \- Privacy Enhancing Proxy
+.SH SYNOPSIS
+
+\fBprivoxy\fR [\fB\-\-help\fR ] [\fB\-\-version\fR ] [\fB\-\-no-daemon\fR ] [\fB\-\-pidfile \fIpidfile\fB\fR ] [\fB\-\-user \fIuser[.group]\fB\fR ] [\fB\-\-chroot\fR ] [\fB\-\-pre-chroot-nslookup \fIhostname\fB\fR ] [\fB\fIconfigfile\fB\fR ]
+
+.SH "OPTIONS"
+.PP
+\fBPrivoxy\fR may be invoked with the following command line
+options:
+.TP
+\fB\-\-help\fR
+Print brief usage info and exit.
+.TP
+\fB\-\-version\fR
+Print version info and exit.
+.TP
+\fB\-\-no-daemon\fR
+Don't  become  a daemon, i.e. don't fork and become process group
+leader, don't detach from controlling tty, and do all logging there.
+.TP
+\fB\-\-pidfile \fIpidfile\fB\fR
+On startup, write the process ID to \fIpidfile\fR.
+Delete the \fIpidfile\fR on exit.
+Failure to create or delete the \fIpidfile\fR
+is non-fatal. If no \fB\-\-pidfile\fR option is given, no PID file will be used.
+.TP
+\fB\-\-user \fIuser[.group]\fB\fR
+After (optionally) writing the PID file, assume the user ID of
+\fIuser\fR and the GID of
+\fIgroup\fR, or, if the optional
+\fIgroup\fR was not given, the default group of
+\fIuser\fR. Exit if the privileges are not
+sufficient to do so.
+.TP
+\fB\-\-chroot\fR
+Before changing to the user ID given in the \-\-user option, chroot to
+that user's home directory, i.e. make the kernel pretend to the
+\fBPrivoxy\fR process that the directory tree starts
+there. If set up carefully, this can limit the impact of possible
+vulnerabilities in \fBPrivoxy\fR to the files contained in
+that hierarchy. 
+.TP
+\fB\-\-pre-chroot-nslookup \fIhostname\fB\fR
+Initialize the resolver library using \fIhostname\fR
+before chroot'ing. On some systems this reduces the number of files
+that must be copied into the chroot tree.
+.PP
+If the \fIconfigfile\fR is not specified on  the  command  line,
+\fBPrivoxy\fR  will  look for a file named
+\fIconfig\fR in the current directory. If no
+\fIconfigfile\fR is found, \fBPrivoxy\fR will 
+fail to start.
+.SH "DESCRIPTION"
+.PP
+Privoxy is a non-caching web proxy with advanced filtering capabilities
+for enhancing privacy, modifying web page data and HTTP headers, controlling
+access, and removing ads and other obnoxious Internet junk. Privoxy has a
+flexible configuration and can be customized to suit individual needs and tastes.
+It has application for both stand-alone systems and multi-user networks.
+.PP
+Privoxy is Free Software and licensed under the GPL2.
+.SH "INSTALLATION AND USAGE"
+.PP
+Browsers can either be individually configured to use
+\fBPrivoxy\fR as a HTTP proxy (recommended),
+or \fBPrivoxy\fR can be combined with a packet
+filter to build an intercepting proxy
+(see \fIconfig\fR).  The default setting is  for
+localhost,  on port  8118 (configurable in the main config file).  To set the
+HTTP proxy in Firefox, go through: \fBTools\fR; 
+\fBOptions\fR; \fBGeneral\fR;
+\fBConnection Settings\fR;
+\fBManual Proxy Configuration\fR. 
+.PP
+For Internet Explorer, go through: \fBTools\fR; 
+\fBInternet Properties\fR; \fBConnections\fR;
+\fBLAN Settings\fR. 
+.PP
+The Secure (SSL) Proxy should also be set to the same values, otherwise
+https: URLs will not be proxied. Note: \fBPrivoxy\fR can only
+proxy HTTP and HTTPS traffic. Do not try it with FTP or other protocols.
+HTTPS presents some limitations, and not all features will work with HTTPS 
+connections.
+.PP
+For other browsers, check the documentation.
+.SH "CONFIGURATION"
+.PP
+\fBPrivoxy\fR can be configured with the various configuration
+files. The default configuration files are: \fIconfig\fR,
+\fIdefault.filter\fR, \fIdefault.action\fR and
+\fIdefault.action\fR. \fIuser.action\fR should 
+be used for locally defined exceptions to the default rules in
+\fImatch-all.action\fR and \fIdefault.action\fR,
+and \fIuser.filter\fR for locally defined filters. These are
+well commented.  On Unix and Unix-like systems, these are located in
+\fI/etc/privoxy/\fR by default. 
+.PP
+\fBPrivoxy\fR uses the concept of \fBactions\fR 
+in order to manipulate the data stream between the browser and remote sites.
+There are various actions available with specific functions for such things 
+as blocking web sites, managing cookies, etc. These actions can be invoked
+individually or combined, and used against individual URLs, or groups of URLs 
+that can be defined using wildcards and regular expressions. The result is
+that the user has greatly enhanced control and freedom.
+.PP
+The actions list (ad blocks, etc) can also be configured with your
+web browser at http://config.privoxy.org/ 
+(assuming the configuration allows it).
+\fBPrivoxy's\fR configuration parameters  can also  be viewed at
+the same page. In addition, \fBPrivoxy\fR can be toggled on/off.
+This is an internal page, and does not require Internet access.
+.PP
+See the \fIUser Manual\fR for a detailed
+explanation of installation, general usage, all configuration options, new
+features and notes on upgrading.
+.SH "FILES"
+
+.nf
+ 
+ \fI/usr/sbin/privoxy\fR
+ \fI/etc/privoxy/config\fR
+ \fI/etc/privoxy/match-all.action\fR
+ \fI/etc/privoxy/default.action\fR
+ \fI/etc/privoxy/user.action\fR
+ \fI/etc/privoxy/default.filter\fR
+ \fI/etc/privoxy/user.filter\fR
+ \fI/etc/privoxy/trust\fR
+ \fI/etc/privoxy/templates/*\fR
+ \fI/var/log/privoxy/logfile\fR
+.fi
+.PP
+Various other files should be included, but may vary depending on platform
+and build configuration. Additional documentation should be included in the local
+documentation directory.
+.SH "SIGNALS"
+.PP
+\fBPrivoxy\fR terminates on the \fBSIGINT\fR,
+\fBSIGTERM\fR and \fBSIGABRT\fR signals. Log
+rotation scripts may cause a re-opening of the logfile by sending a 
+\fBSIGHUP\fR to \fBPrivoxy\fR. Note that unlike
+other daemons,  \fBPrivoxy\fR does not need to be made aware of
+config file changes by \fBSIGHUP\fR -- it will detect them
+automatically. 
+.SH "NOTES"
+.PP
+Please see the \fIUser Manual\fR on how to contact the
+developers, for feature requests, reporting problems, and other questions.
+.SH "SEE ALSO"
+.PP
+Other references and sites of interest to \fBPrivoxy\fR
+users:
+.PP
+
+http://www.privoxy.org/, 
+the \fBPrivoxy\fR Home page. 
+
+http://www.privoxy.org/faq/, 
+the \fBPrivoxy\fR FAQ. 
+
+http://www.privoxy.org/developer-manual/, 
+the \fBPrivoxy\fR developer manual. 
+
+https://sourceforge.net/projects/ijbswa/, 
+the Project Page for \fBPrivoxy\fR on 
+SourceForge.
+
+http://config.privoxy.org/,
+the web-based user interface. \fBPrivoxy\fR must be
+running for this to work. Shortcut: http://p.p/
+
+https://sourceforge.net/tracker/?group_id=11118&atid=460288, to submit ``misses'' and other
+configuration related suggestions to the developers. 
+.SH "DEVELOPMENT TEAM"
+
+.nf
+ Fabian Keil, lead developer
+ David Schmidt, developer
+
+ Hal Burgiss
+ Mark Miller
+ Gerry Murphy
+ Lee Rian
+ Roland Rosenfeld
+ J\[:o]rg Strohmayer
+.fi
+.SH "COPYRIGHT AND LICENSE"
+.SS "COPYRIGHT"
+.PP
+Copyright (C) 2001-2009 by Privoxy Developers <ijbswa-developers at lists.sourceforge.net>
+.PP
+Some source code is based on code Copyright (C) 1997 by Anonymous Coders
+and Junkbusters, Inc. and licensed under the \fIGNU General Public
+License\fR.
+.SS "LICENSE"
+.PP
+\fBPrivoxy\fR is free software; you can
+redistribute it and/or modify it under the terms of the 
+\fIGNU General Public License\fR, version 2,
+as published by the Free Software Foundation.
+.PP
+This program is distributed in the hope that it will be useful, but WITHOUT
+ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+FITNESS FOR A PARTICULAR PURPOSE.  See the  \fIGNU General Public License\fR for details.
+.PP
+You should have received a copy of the \fIGNU GPL\fR
+along with this program; if not, write to the  Free Software
+Foundation, Inc. 51 Franklin Street, Fifth Floor
+Boston, MA 02110-1301
+USA 
diff --git a/external/privoxy/privoxy.init b/external/privoxy/privoxy.init
new file mode 100644
index 0000000..3b3caf9
--- /dev/null
+++ b/external/privoxy/privoxy.init
@@ -0,0 +1,276 @@
+#!/bin/sh
+#
+# This is file /etc/rc.d/init.d/privoxy and was put here 
+# by the privoxy rpm
+#
+# chkconfig: 2345 84 09
+#
+# description: Web proxy with advanced filtering capabilities \
+#              such as filtering web page content, managing \
+#              cookies and removing ads
+#
+
+#  ********************************************************************
+# 
+#  File        :  $Source: /cvsroot/ijbswa/current/privoxy.init,v $
+# 
+#  Purpose     :  This shell script takes care of starting and stopping
+#                 privoxy.
+# 
+#  Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+#                 Privoxy team. http://www.privoxy.org/
+# 
+#                 Based on the Internet Junkbuster originally written
+#                 by and Copyright (C) 1997 Anonymous Coders and
+#                 Junkbusters Corporation.  http://www.junkbusters.com
+# 
+#                 This program is free software; you can redistribute it
+#                 and/or modify it under the terms of the GNU General
+#                 Public License as published by the Free Software
+#                 Foundation; either version 2 of the License, or (at
+#                 your option) any later version.
+# 
+#                 This program is distributed in the hope that it will
+#                 be useful, but WITHOUT ANY WARRANTY; without even the
+#                 implied warranty of MERCHANTABILITY or FITNESS FOR A
+#                 PARTICULAR PURPOSE.  See the GNU General Public
+#                 License for more details.
+# 
+#                 The GNU General Public License should be included with
+#                 this file.  If not, you can view it at
+#                 http://www.gnu.org/copyleft/gpl.html
+#                 or write to the Free Software Foundation, Inc., 59
+#                 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+# 
+#  Revisions   :
+#     $Log: privoxy.init,v $
+#     Revision 1.11  2006/07/18 14:48:47  david__schmidt
+#     Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+#     with what was really the latest development (the v_3_0_branch branch)
+#
+#     Revision 1.8.2.3  2002/12/10 20:52:16  kick_
+#     better service description. This text will be shown when the user configures the services
+#
+#     Revision 1.8.2.2  2002/08/05 08:42:13  kick_
+#     same permissions, same runlevels as all the other initscripts
+#
+#     Revision 1.8.2.1  2002/07/12 09:14:26  kick_
+#     don't use ghost files for rcX.d/*, chkconfig is available to do this job. Enable translation of error messge
+#
+#     Revision 1.8  2002/04/09 02:51:31  hal9
+#     Changed $JB to $PRIVOXY.
+#
+#     Revision 1.7  2002/04/08 14:54:51  morcego
+#     Moved the chkconfig comments to the begining of the file, couse Linuxconf
+#     was getting confused with it where it was.
+#
+#     Revision 1.6  2002/03/26 22:29:55  swa
+#     we have a new homepage!
+#
+#     Revision 1.5  2002/03/25 06:14:18  morcego
+#     Removing the OPRG definition (no longer needed)
+#
+#     Revision 1.4  2002/03/25 04:16:48  hal9
+#     Fix proper config file location.
+#
+#     Revision 1.3  2002/03/24 19:12:15  hal9
+#     Fixed some naming conflicts.
+#
+#     Revision 1.2  2002/03/24 11:40:14  swa
+#     name change
+#
+#     Revision 1.1  2002/03/24 11:23:44  swa
+#     name change
+#
+#     Revision 1.1  2002/03/22 20:53:03  morcego
+#     - Ongoing process to change name to JunkbusterNG
+#     - configure/configure.in: no change needed
+#     - GNUmakefile.in:
+#             - TAR_ARCH = /tmp/JunkbusterNG-$(RPM_VERSION).tar.gz
+#             - PROGRAM    = jbng at EXEEXT@
+#             - rh-spec now references as junkbusterng-rh.spec
+#             - redhat-upload: references changed to junkbusterng-* (package names)
+#             - tarball-dist: references changed to JunkbusterNG-distribution-*
+#             - tarball-src: now JunkbusterNG-*
+#             - install: initscript now junkbusterng.init and junkbusterng (when
+#                        installed)
+#     - junkbuster-rh.spec: renamed to junkbusterng-rh.spec
+#     - junkbusterng.spec:
+#             - References to the expression ijb where changed where possible
+#             - New package name: junkbusterng (all in lower case, acording to
+#               the LSB recomendation)
+#             - Version changed to: 2.9.13
+#             - Release: 1
+#             - Added: junkbuster to obsoletes and conflicts (Not sure this is
+#               right. If it obsoletes, why conflict ? Have to check it later)
+#             - Summary changed: Stefan, please check and aprove it
+#             - Changes description to use the new name
+#             - Sed string was NOT changed. Have to wait to the manpage to
+#               change first
+#             - Keeping the user junkbuster for now. It will require some aditional
+#               changes on the script (scheduled for the next specfile release)
+#             - Added post entry to move the old logfile to the new log directory
+#             - Removing "chkconfig --add" entry (not good to have it automaticaly
+#               added to the startup list).
+#             - Added preun section to stop the service with the old name, as well
+#               as remove it from the startup list
+#             - Removed the chkconfig --del entry from the conditional block on
+#               the preun scriptlet (now handled on the %files section)
+#     - junkbuster.init: renamed to junkbusterng.init
+#     - junkbusterng.init:
+#             - Changed JB_BIN to jbng
+#             - Created JB_OBIN with the old value of JB_BIN (junkbuster), to
+#               be used where necessary (config dir)
+#
+#     Aditional notes:
+#     - The config directory is /etc/junkbuster yet. Have to change it on the
+#     specfile, after it is changes on the code
+#     - The only files that got renamed on the cvs tree were the rh specfile and
+#     the init file. Some file references got changes on the makefile and on the
+#     rh-spec (as listed above)
+#
+#     Revision 1.15  2002/03/09 15:05:58  swa
+#     wrong user.group
+#
+#     Revision 1.14  2002/03/06 06:13:40  hal9
+#     Adapted for Andreas' changes for --user and --pidfile.
+#
+#     Revision 1.13  2002/03/05 05:10:10  oes
+#     Changed pidfile path to conform with FHS
+#
+#     Revision 1.12  2002/03/04 20:44:36  oes
+#     Changed to new cmdline syntax
+#
+#     Revision 1.11  2001/12/30 14:07:32  steudten
+#     - Add signal handling (unix)
+#     - Add SIGHUP handler (unix)
+#     - Add creation of pidfile (unix)
+#     - Add action 'top' in rc file (RH)
+#     - Add entry 'SIGNALS' to manpage
+#     - Add exit message to logfile (unix)
+#
+#     Revision 1.10  2001/11/05 21:30:23  steudten
+#     Make JB startup without & due to be a 'real' daemon right now.
+#     Make the script easy to change.
+#
+#     Revision 1.9  2001/09/15 01:53:12  steudten
+#
+#     Remove test for subsys flag in start. Some minor changes.
+#
+#     Revision 1.8  2001/06/28 13:50:36  sarantis
+#     swap ?$ with $?; remove bogus ";;"
+#
+#     Revision 1.7  2001/06/28 13:40:26  sarantis
+#     remove single quotes from $JB; it was not expanded.
+#
+#     Revision 1.6  2001/06/28 13:38:42  sarantis
+#     formatting changes; individual return values are returned from the init script.
+#
+#     Revision 1.5  2001/06/11 11:37:40  sarantis
+#     Minor editing changes.
+#
+#     Revision 1.4  2001/06/09 09:14:11  swa
+#     shamelessly adapted RPM stuff from the newest rpm that
+#     RedHat provided for the JB.
+#
+#     Revision 1.3  2001/05/25 10:12:44  oes
+#     Fixed default case in switch statement (# -> *)
+#
+#     Revision 1.2  2001/05/24 07:52:24  swa
+#     added header. removed ^M.
+#
+# 
+# ********************************************************************/
+
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+. /etc/sysconfig/network
+
+#  Check that networking is up.
+[ ${NETWORKING} = "no" ] && exit 0
+
+PRIVOXY_PRG="privoxy"
+PRIVOXY_BIN="/usr/sbin/$PRIVOXY_PRG"
+PRIVOXY_CONF="/etc/$PRIVOXY_PRG/config"
+PRIVOXY_USER="privoxy"
+PRIVOXY_PID=/var/run/$PRIVOXY_PRG.pid
+PRIVOXY_LOCK=/var/lock/subsys/$PRIVOXY_PRG
+PRIVOXY="$PRIVOXY_BIN --user $PRIVOXY_USER.$PRIVOXY_USER --pidfile $PRIVOXY_PID $PRIVOXY_CONF"
+
+# some checks for us
+! [ -x $PRIVOXY_BIN  ] && echo $"Can't find $PRIVOXY_BIN, exit." && exit 0
+! [ -f $PRIVOXY_CONF ] && echo $"Can't find $PRIVOXY_CONF, exit." && exit 0
+
+# See how we were called.
+
+start () {
+	# start daemon
+	echo -n $"Starting $PRIVOXY_PRG: "
+     if [ -f $PRIVOXY_PID ]; then 
+        killproc $PRIVOXY_PRG && rm -f $PRIVOXY_LOCK $PRIVOXY_PID
+        RETVAL=$?
+        [ $RETVAL != 0 ] && return $RETVAL
+     fi
+	daemon $PRIVOXY
+	RETVAL=$?
+	echo
+	[ $RETVAL = 0 ] && touch $PRIVOXY_LOCK
+	return $RETVAL
+}
+
+stop () {
+	# stop daemon
+	echo -n $"Stopping $PRIVOXY_PRG: "
+	killproc $PRIVOXY_PRG && rm -f $PRIVOXY_LOCK $PRIVOXY_PID
+	RETVAL=$?
+	echo
+	return $RETVAL
+}
+
+case "$1" in
+  start)
+	start	
+	;;
+  stop)
+	stop
+	;;
+  reload)
+	if [ -f $PRIVOXY_PID ] ; then
+        kill -HUP `cat $PRIVOXY_PID`
+        RETVAL=$?
+     fi
+	;;
+  restart)
+	stop
+	start
+	RETVAL=$?
+	;;
+  condrestart)
+	# restart only if already running
+	if [ -f $PRIVOXY_PID ] ; then
+        stop
+        start
+        RETVAL=$?
+	fi 
+	;;
+  status)
+	status $PRIVOXY_PRG 
+	RETVAL=$?
+	;;
+  top)
+     if [ -f $PRIVOXY_PID ]; then
+                a=""
+                for i in `pidof $PRIVOXY_PRG` ; do
+                        a="$a -p $i"
+                done
+                top $a
+     fi
+	;;
+  *)
+	echo $"Usage: $PRIVOXY_PRG {start|stop|reload|restart|condrestart|status|top}"
+	exit 1
+esac
+
+exit $RETVAL
diff --git a/external/privoxy/privoxy.init.suse b/external/privoxy/privoxy.init.suse
new file mode 100644
index 0000000..fee872a
--- /dev/null
+++ b/external/privoxy/privoxy.init.suse
@@ -0,0 +1,127 @@
+#! /bin/sh
+#  ********************************************************************
+# 
+#  File        :  $Source: /cvsroot/ijbswa/current/privoxy.init.suse,v $
+# 
+#  Purpose     :  This shell script takes care of starting and stopping
+#                 privoxy.
+# 
+#  Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+#                 Privoxy team. http://www.privoxy.org/
+# 
+#                 Based on the Internet Junkbuster originally written
+#                 by and Copyright (C) 1997 Anonymous Coders and
+#                 Junkbusters Corporation.  http://www.junkbusters.com
+# 
+#                 This program is free software; you can redistribute it
+#                 and/or modify it under the terms of the GNU General
+#                 Public License as published by the Free Software
+#                 Foundation; either version 2 of the License, or (at
+#                 your option) any later version.
+# 
+#                 This program is distributed in the hope that it will
+#                 be useful, but WITHOUT ANY WARRANTY; without even the
+#                 implied warranty of MERCHANTABILITY or FITNESS FOR A
+#                 PARTICULAR PURPOSE.  See the GNU General Public
+#                 License for more details.
+# 
+#                 The GNU General Public License should be included with
+#                 this file.  If not, you can view it at
+#                 http://www.gnu.org/copyleft/gpl.html
+#                 or write to the Free Software Foundation, Inc., 59
+#                 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+# 
+#  Revisions   :
+#     $Log: privoxy.init.suse,v $
+#     Revision 1.4  2006/07/18 14:48:47  david__schmidt
+#     Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+#     with what was really the latest development (the v_3_0_branch branch)
+#
+#     Revision 1.3.2.1  2003/03/17 14:04:16  oes
+#     No longer use obsolete rc.config
+#
+#     Revision 1.3  2002/03/26 22:29:55  swa
+#     we have a new homepage!
+#
+#     Revision 1.2  2002/03/24 11:40:14  swa
+#     name change
+#
+#     Revision 1.1  2002/03/24 11:23:44  swa
+#     name change
+#
+#     Revision 1.7  2002/03/11 11:44:46  oes
+#     Working in suggestions by Thorsten Kukuk <kukuk at suse.de>
+#
+#     Revision 1.6  2002/03/09 14:56:34  swa
+#     wrong user.group
+#
+#     Revision 1.5  2002/03/08 21:39:59  oes
+#     setgid to nogroup
+#
+#     Revision 1.4  2002/03/05 19:54:37  oes
+#     Preliminary version of SuSE 8.0-certified init script ,-)
+#
+#     Revision 1.3  2002/03/05 05:28:05  oes
+#     Added pidfile creation
+#
+#     Revision 1.2  2001/09/10 16:25:46  swa
+#     jb did not start. none of the arguments worked. fixed.
+#
+#     Revision 1.1  2001/06/08 20:53:36  swa
+#     use buildroot, export init to separate file (better manageability)
+#
+#
+# 
+# ********************************************************************/
+### BEGIN INIT INFO
+# Provides:       privoxy
+# Required-Start: $network $syslog $remote_fs
+# Required-Stop:
+# Default-Start:  3 5
+# Default-Stop:   0 1 2 6
+# Description:    Starts Privoxy
+### END INIT INFO
+
+. /etc/rc.status
+rc_reset  
+
+case "$1" in
+    start)
+        echo -n "Starting Privoxy"
+        if [ ! -f /var/run/privoxy.pid ] || ! kill -0 `cat /var/run/privoxy.pid` 2> /dev/null; then
+           /usr/sbin/privoxy --user privoxy.privoxy --pidfile /var/run/privoxy.pid /etc/privoxy/config 2> /dev/null
+        else     
+           false 
+        fi
+	rc_status -v
+        ;;
+    stop)
+        echo -n "Shutting down Privoxy"
+        killproc -TERM /usr/sbin/privoxy && rm -f /var/run/privoxy.pid
+	rc_status -v
+        ;;
+    reload)
+        echo -n "Reloading Privoxy"
+        kill -HUP `cat /var/run/privoxy.pid`
+        rc_status -v
+        ;;
+    try-restart)
+        $0 stop && $0 start
+	rc_status
+        ;;
+    restart)
+        $0 stop
+        $0 start
+        rc_status
+        ;;           
+    status)
+	echo -n "Checking for Privoxy"
+        checkproc /usr/sbin/privoxy
+	rc_status -v
+        ;;
+    *)
+        echo "Usage: $0 {start|restart|reload|status|stop}"
+        exit 1
+esac
+
+rc_exit
diff --git a/external/privoxy/privoxy.logrotate b/external/privoxy/privoxy.logrotate
new file mode 100644
index 0000000..bbfe652
--- /dev/null
+++ b/external/privoxy/privoxy.logrotate
@@ -0,0 +1,107 @@
+#
+# Logrotate file for Privoxy RPM
+#
+# ********************************************************************
+# 
+#  File        :  $Source: /cvsroot/ijbswa/current/privoxy.logrotate,v $
+# 
+#  Purpose     :  Rotates all potential Privoxy logfiles
+#                 
+# 
+#  Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+#                 Privoxy team. http://www.privoxy.org/
+# 
+#                 Based on the Internet Junkbuster originally written
+#                 by and Copyright (C) 1997 Anonymous Coders and 
+#                 Junkbusters Corporation.  http://www.junkbusters.com
+# 
+#                 This program is free software; you can redistribute it 
+#                 and/or modify it under the terms of the GNU General
+#                 Public License as published by the Free Software
+#                 Foundation; either version 2 of the License, or (at
+#                 your option) any later version.
+# 
+#                 This program is distributed in the hope that it will
+#                 be useful, but WITHOUT ANY WARRANTY; without even the
+#                 implied warranty of MERCHANTABILITY or FITNESS FOR A
+#                 PARTICULAR PURPOSE.  See the GNU General Public
+#                 License for more details.
+# 
+#                 The GNU General Public License should be included with
+#                 this file.  If not, you can view it at
+#                 http://www.gnu.org/copyleft/gpl.html
+#                 or write to the Free Software Foundation, Inc., 59
+#                 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+# 
+#  Revisions   :
+#     $Log: privoxy.logrotate,v $
+#     Revision 1.6  2006/07/18 14:48:47  david__schmidt
+#     Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+#     with what was really the latest development (the v_3_0_branch branch)
+#
+#     Revision 1.4.2.1  2002/06/25 17:33:07  kick_
+#     Avoid error messages if privoxy hasn't run at all and there is no logfile yet by adding missingok to the logrotate script
+#
+#     Revision 1.4  2002/03/26 22:29:55  swa
+#     we have a new homepage!
+#
+#     Revision 1.3  2002/03/24 15:19:57  swa
+#     name change related issue.
+#
+#     Revision 1.2  2002/03/24 11:40:14  swa
+#     name change
+#
+#     Revision 1.1  2002/03/24 11:23:44  swa
+#     name change
+#
+#     Revision 1.7  2001/12/30 14:07:32  steudten
+#     - Add signal handling (unix)
+#     - Add SIGHUP handler (unix)
+#     - Add creation of pidfile (unix)
+#     - Add action 'top' in rc file (RH)
+#     - Add entry 'SIGNALS' to manpage
+#     - Add exit message to logfile (unix)
+#
+#     Revision 1.6  2001/12/13 23:19:43  steudten
+#     Add 'restart' of junkbuster service after rotate logfiles.
+#     Better we could use the well known 'kill -HUP', but the handler
+#     isn't there at this time.
+#
+#     Revision 1.5  2001/11/05 21:31:51  steudten
+#     Change switch mode from weekly to size 1M
+#
+#     Revision 1.4  2001/06/28 13:30:22  sarantis
+#     add missingok for the jarfile entry
+#
+#     Revision 1.3  2001/06/04 18:31:58  swa
+#     files are now prefixed with either `confdir' or `logdir'.
+#     `make redhat-dist' replaces both entries confdir and logdir
+#     with redhat values
+#
+#     Revision 1.2  2001/05/24 07:52:24  swa
+#     added header. removed ^M.
+#
+#     Revision 1.3  2001/05/24 07:41:33  swa
+#     added header
+#
+# 
+# 
+# ********************************************************************/
+
+/var/log/privoxy/logfile {
+   missingok
+   compress
+   size 1M
+   postrotate
+        /sbin/service privoxy reload  2> /dev/null || true
+   endscript
+}
+
+/var/log/privoxy/jarfile {
+   missingok
+   compress
+   size 1M
+   postrotate
+        /sbin/service privoxy reload  2> /dev/null || true
+   endscript
+}
diff --git a/external/privoxy/project.h b/external/privoxy/project.h
new file mode 100644
index 0000000..300d9d6
--- /dev/null
+++ b/external/privoxy/project.h
@@ -0,0 +1,1885 @@
+#ifndef PROJECT_H_INCLUDED
+#define PROJECT_H_INCLUDED
+/** Version string. */
+#define PROJECT_H_VERSION "$Id: project.h,v 1.129 2009/03/08 14:12:51 fabiankeil Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/project.h,v $
+ *
+ * Purpose     :  Defines data structures which are widely used in the
+ *                project.  Does not define any variables or functions
+ *                (though it does declare some macros).
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2009 the
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: project.h,v $
+ *    Revision 1.129  2009/03/08 14:12:51  fabiankeil
+ *    All the CSP_FLAG_FOO bit masks should be unsigned ints.
+ *
+ *    Revision 1.128  2009/03/07 13:09:17  fabiankeil
+ *    Change csp->expected_content and_csp->expected_content_length from
+ *    size_t to unsigned long long to reduce the likelihood of integer
+ *    overflows that would let us close the connection prematurely.
+ *    Bug found while investigating #2669131, reported by cyberpatrol.
+ *
+ *    Revision 1.127  2008/12/20 14:53:55  fabiankeil
+ *    Add config option socket-timeout to control the time
+ *    Privoxy waits for data to arrive on a socket. Useful
+ *    in case of stale ssh tunnels or when fuzz-testing.
+ *
+ *    Revision 1.126  2008/12/14 17:02:54  fabiankeil
+ *    Fix a cparser warning.
+ *
+ *    Revision 1.125  2008/11/20 08:22:28  fabiankeil
+ *    Remove an obsolete comment.
+ *
+ *    Revision 1.124  2008/11/16 12:43:49  fabiankeil
+ *    Turn keep-alive support into a runtime feature
+ *    that is disabled by setting keep-alive-timeout
+ *    to a negative value.
+ *
+ *    Revision 1.123  2008/11/10 16:55:59  fabiankeil
+ *    Fix a gcc44 warning (in filters.c).
+ *
+ *    Revision 1.122  2008/10/16 07:11:34  fabiankeil
+ *    Fix a bunch of gcc44 conversion warnings.
+ *
+ *    Revision 1.121  2008/10/09 18:21:41  fabiankeil
+ *    Flush work-in-progress changes to keep outgoing connections
+ *    alive where possible. Incomplete and mostly #ifdef'd out.
+ *
+ *    Revision 1.120  2008/09/21 13:36:52  fabiankeil
+ *    If change-x-forwarded-for{add} is used and the client
+ *    sends multiple X-Forwarded-For headers, append the client's
+ *    IP address to each one of them. "Traditionally" we would
+ *    lose all but the last one.
+ *
+ *    Revision 1.119  2008/09/20 10:04:33  fabiankeil
+ *    Remove hide-forwarded-for-headers action which has
+ *    been obsoleted by change-x-forwarded-for{block}.
+ *
+ *    Revision 1.118  2008/09/19 15:26:29  fabiankeil
+ *    Add change-x-forwarded-for{} action to block or add
+ *    X-Forwarded-For headers. Mostly based on code removed
+ *    before 3.0.7.
+ *
+ *    Revision 1.117  2008/08/30 12:03:07  fabiankeil
+ *    Remove FEATURE_COOKIE_JAR.
+ *
+ *    Revision 1.116  2008/05/20 16:05:02  fabiankeil
+ *    Move parsers structure definition from project.h to parsers.h.
+ *
+ *    Revision 1.115  2008/05/19 16:57:20  fabiankeil
+ *    Declare all members of the parsers structure immutable.
+ *
+ *    Revision 1.114  2008/04/11 16:35:39  fabiankeil
+ *    Oops, I forgot to shorten the URL_SPEC_INITIALIZER in my last commit.
+ *
+ *    Revision 1.113  2008/04/10 14:41:04  fabiankeil
+ *    Ditch url_spec's path member now that it's no longer used.
+ *
+ *    Revision 1.112  2008/04/06 15:18:34  fabiankeil
+ *    Oh well, rename the --enable-pcre-host-patterns option to
+ *    --enable-extended-host-patterns as it's not really PCRE syntax.
+ *
+ *    Revision 1.111  2008/04/06 14:54:26  fabiankeil
+ *    Use PCRE syntax in host patterns when configured
+ *    with --enable-pcre-host-patterns.
+ *
+ *    Revision 1.110  2008/03/29 12:13:46  fabiankeil
+ *    Remove send-wafer and send-vanilla-wafer actions.
+ *
+ *    Revision 1.109  2008/03/28 15:13:41  fabiankeil
+ *    Remove inspect-jpegs action.
+ *
+ *    Revision 1.108  2008/03/27 18:27:36  fabiankeil
+ *    Remove kill-popups action.
+ *
+ *    Revision 1.107  2008/03/26 18:07:08  fabiankeil
+ *    Add hostname directive. Closes PR#1918189.
+ *
+ *    Revision 1.106  2008/03/24 11:21:03  fabiankeil
+ *    Share the action settings for multiple patterns in the same
+ *    section so we waste less memory for gigantic block lists
+ *    (and load them slightly faster). Reported by Franz Schwartau.
+ *
+ *    Revision 1.105  2008/03/21 11:16:27  fabiankeil
+ *    Garbage-collect csp->my_ip_addr_str and csp->my_hostname.
+ *
+ *    Revision 1.104  2008/03/04 18:30:40  fabiankeil
+ *    Remove the treat-forbidden-connects-like-blocks action. We now
+ *    use the "blocked" page for forbidden CONNECT requests by default.
+ *
+ *    Revision 1.103  2008/03/01 14:00:45  fabiankeil
+ *    Let the block action take the reason for the block
+ *    as argument and show it on the "blocked" page.
+ *
+ *    Revision 1.102  2008/02/03 13:46:14  fabiankeil
+ *    Add SOCKS5 support. Patch #1862863 by Eric M. Hopper with minor changes.
+ *
+ *    Revision 1.101  2007/12/07 18:29:23  fabiankeil
+ *    Remove now-obsolete csp member x_forwarded.
+ *
+ *    Revision 1.100  2007/09/02 13:42:11  fabiankeil
+ *    - Allow port lists in url patterns.
+ *    - Ditch unused url_spec member pathlen.
+ *
+ *    Revision 1.99  2007/07/21 11:51:36  fabiankeil
+ *    As Hal noticed, checking dispatch_cgi() as the last cruncher
+ *    looks like a bug if CGI requests are blocked unintentionally,
+ *    so don't do it unless the user enabled the new config option
+ *    "allow-cgi-request-crunching".
+ *
+ *    Revision 1.98  2007/07/14 07:31:26  fabiankeil
+ *    Add new csp->content_type flag (CT_DECLARED).
+ *
+ *    Revision 1.97  2007/05/27 12:38:08  fabiankeil
+ *    - Remove some left-overs from the switch to dedicated header filters.
+ *    - Adjust "X-Filter: No" to disable dedicated header filters.
+ *    - Prepare for forward-override{}
+ *
+ *    Revision 1.96  2007/05/14 10:41:15  fabiankeil
+ *    Ditch the csp member cookie_list[] which isn't used anymore.
+ *
+ *    Revision 1.95  2007/04/30 15:02:19  fabiankeil
+ *    Introduce dynamic pcrs jobs that can resolve variables.
+ *
+ *    Revision 1.94  2007/04/15 16:39:21  fabiankeil
+ *    Introduce tags as alternative way to specify which
+ *    actions apply to a request. At the moment tags can be
+ *    created based on client and server headers.
+ *
+ *    Revision 1.93  2007/03/20 15:16:34  fabiankeil
+ *    Use dedicated header filter actions instead of abusing "filter".
+ *    Replace "filter-client-headers" and "filter-client-headers"
+ *    with "server-header-filter" and "client-header-filter".
+ *
+ *    Revision 1.92  2007/03/17 15:20:05  fabiankeil
+ *    New config option: enforce-blocks.
+ *
+ *    Revision 1.91  2007/03/05 13:28:03  fabiankeil
+ *    Add some CSP_FLAGs for the header parsers.
+ *
+ *    Revision 1.90  2007/02/07 10:36:16  fabiankeil
+ *    Add new http_response member to save
+ *    the reason why the response was generated.
+ *
+ *    Revision 1.89  2007/01/27 13:09:16  fabiankeil
+ *    Add new config option "templdir" to
+ *    change the templates directory.
+ *
+ *    Revision 1.88  2007/01/25 13:36:59  fabiankeil
+ *    Add csp->error_message for failure reasons
+ *    that should be embedded into the CGI pages.
+ *
+ *    Revision 1.87  2007/01/01 19:36:37  fabiankeil
+ *    Integrate a modified version of Wil Mahan's
+ *    zlib patch (PR #895531).
+ *
+ *    Revision 1.86  2006/12/31 17:56:37  fabiankeil
+ *    Added config option accept-intercepted-requests
+ *    and disabled it by default.
+ *
+ *    Revision 1.85  2006/12/31 15:03:31  fabiankeil
+ *    Fix gcc43 compiler warnings and a comment.
+ *
+ *    Revision 1.84  2006/12/21 12:57:48  fabiankeil
+ *    Add config option "split-large-forms"
+ *    to work around the browser bug reported
+ *    in BR #1570678.
+ *
+ *    Revision 1.83  2006/12/06 19:26:29  fabiankeil
+ *    Moved HTTP snipplets into jcc.c. They aren't
+ *    used anywhere else.
+ *
+ *    Revision 1.82  2006/09/20 15:50:31  fabiankeil
+ *    Doubled size of HOSTENT_BUFFER_SIZE to mask
+ *    problems with gethostbyname_r and some
+ *    /etc/hosts configurations. Only a workaround
+ *    until we get the real fix ready.
+ *    Thanks Félix Rauch for reporting.
+ *
+ *    Increased value of MAX_TRUSTED_REFERRERS from 64 to 512.
+ *
+ *    Revision 1.81  2006/09/06 13:03:04  fabiankeil
+ *    Respond with 400 and a short text message
+ *    if the client tries to use Privoxy as FTP proxy.
+ *
+ *    Revision 1.80  2006/09/06 10:43:32  fabiankeil
+ *    Added config option enable-remote-http-toggle
+ *    to specify if Privoxy should recognize special
+ *    headers (currently only X-Filter) to change its
+ *    behaviour. Disabled by default.
+ *
+ *    Revision 1.79  2006/09/06 09:23:37  fabiankeil
+ *    Make number of retries in case of forwarded-connect problems
+ *    a config file option (forwarded-connect-retries) and use 0 as
+ *    default.
+ *
+ *    Revision 1.78  2006/08/31 16:25:06  fabiankeil
+ *    Work around a buffer overflow that caused Privoxy to
+ *    segfault if too many trusted referrers were used. Good
+ *    enough for now, but should be replaced with a real
+ *    solution after the next release.
+ *
+ *    Revision 1.77  2006/08/21 12:50:51  david__schmidt
+ *    Formatting cleanup
+ *
+ *    Revision 1.76  2006/08/14 08:25:19  fabiankeil
+ *    Split filter-headers{} into filter-client-headers{}
+ *    and filter-server-headers{}.
+ *    Added parse_header_time() to share some code.
+ *    Replaced timegm() with mktime().
+ *
+ *    Revision 1.75  2006/08/03 02:46:41  david__schmidt
+ *    Incorporate Fabian Keil's patch work: *    http://www.fabiankeil.de/sourcecode/privoxy/
+ *
+ *    Revision 1.74  2006/07/18 14:48:47  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.72.2.7  2006/01/29 23:10:56  david__schmidt
+ *    Multiple filter file support
+ *
+ *    Revision 1.72.2.6  2004/10/03 12:53:46  david__schmidt
+ *    Add the ability to check jpeg images for invalid
+ *    lengths of comment blocks.  Defensive strategy
+ *    against the exploit:
+ *       Microsoft Security Bulletin MS04-028
+ *       Buffer Overrun in JPEG Processing (GDI+) Could
+ *       Allow Code Execution (833987)
+ *    Enabled with +inspect-jpegs in actions files.
+ *
+ *    Revision 1.72.2.5  2004/01/30 15:29:29  oes
+ *    Updated the copyright note
+ *
+ *    Revision 1.72.2.4  2004/01/13 16:12:14  oes
+ *    Fixed double slash in USER_MANUAL_URL. Closes BR #867088.
+ *
+ *    Revision 1.72.2.3  2003/03/11 11:54:37  oes
+ *    Introduced RC_FLAG_* flags for use in child process return code
+ *
+ *    Revision 1.72.2.2  2002/11/28 18:15:44  oes
+ *    Added flag to each cgi_dispatcher that allows or denies
+ *    external linking and removed const qualifier from
+ *    struct list_entry.str.
+ *
+ *    Revision 1.72.2.1  2002/08/10 11:25:18  oes
+ *    - Include config.h for access to config data
+ *    - Include <pcre*.h> depending on where they are
+ *
+ *    Revision 1.72  2002/05/14 21:35:49  oes
+ *    Split HELP_LINK_PREFIX into ACTIONS_HELP_PREFIX and CONFIG_HELP_PREFIX
+ *    because of split in user-manual
+ *
+ *    Revision 1.71  2002/05/12 21:39:36  jongfoster
+ *    - Adding Doxygen-style comments to structures and #defines.
+ *
+ *    Revision 1.70  2002/05/12 16:05:50  jongfoster
+ *    Fixing ACTION_MASK_ALL to be unsigned long rather than
+ *    just unsigned int.  I don't know if anyone is porting
+ *    Privoxy to 16-bit platforms, but if so, +limit-connect
+ *    wouldn't have worked because of this bug.
+ *
+ *    Revision 1.69  2002/05/08 16:00:16  oes
+ *    Added size member to struct iob, so it can
+ *    be alloced larger than needed.
+ *
+ *    Revision 1.68  2002/04/26 12:56:00  oes
+ *    Killed REDIRECT_URL, added USER_MANUAL_URL and HELP_LINK_PREFIX
+ *
+ *    Revision 1.67  2002/04/24 02:12:43  oes
+ *     - Jon's multiple AF patch:
+ *       - Make csp->actions_list an array
+ *       - #define MAX_AF_FILES
+ *     - Moved CGI_PARAM_LEN_MAX (500) here
+ *
+ *    Revision 1.66  2002/04/15 19:06:43  jongfoster
+ *    Typos
+ *
+ *    Revision 1.65  2002/04/04 00:36:36  gliptak
+ *    always use pcre for matching
+ *
+ *    Revision 1.64  2002/04/03 22:28:03  gliptak
+ *    Removed references to gnu_regex
+ *
+ *    Revision 1.63  2002/03/31 17:19:00  jongfoster
+ *    Win32 only: Enabling STRICT to fix a VC++ compile warning.
+ *
+ *    Revision 1.62  2002/03/26 22:48:49  swa
+ *    new homepage url
+ *
+ *    Revision 1.61  2002/03/26 22:29:55  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.60  2002/03/24 15:52:17  jongfoster
+ *    Changing CGI URL prefixes for new name
+ *
+ *    Revision 1.59  2002/03/24 15:23:33  jongfoster
+ *    Name changes
+ *
+ *    Revision 1.58  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.57  2002/03/16 20:28:34  oes
+ *    Added descriptions to the filters so users will know what they select in the cgi editor
+ *
+ *    Revision 1.56  2002/03/13 20:27:30  oes
+ *    Fixing bug with CT_TABOO
+ *
+ *    Revision 1.55  2002/03/12 01:42:50  oes
+ *    Introduced modular filters
+ *
+ *    Revision 1.54  2002/03/09 20:03:52  jongfoster
+ *    - Making various functions return int rather than size_t.
+ *      (Undoing a recent change).  Since size_t is unsigned on
+ *      Windows, functions like read_socket that return -1 on
+ *      error cannot return a size_t.
+ *
+ *      THIS WAS A MAJOR BUG - it caused frequent, unpredictable
+ *      crashes, and also frequently caused JB to jump to 100%
+ *      CPU and stay there.  (Because it thought it had just
+ *      read ((unsigned)-1) == 4Gb of data...)
+ *
+ *    - The signature of write_socket has changed, it now simply
+ *      returns success=0/failure=nonzero.
+ *
+ *    - Trying to get rid of a few warnings --with-debug on
+ *      Windows, I've introduced a new type "jb_socket".  This is
+ *      used for the socket file descriptors.  On Windows, this
+ *      is SOCKET (a typedef for unsigned).  Everywhere else, it's
+ *      an int.  The error value can't be -1 any more, so it's
+ *      now JB_INVALID_SOCKET (which is -1 on UNIX, and in
+ *      Windows it maps to the #define INVALID_SOCKET.)
+ *
+ *    - The signature of bind_port has changed.
+ *
+ *    Revision 1.53  2002/03/08 16:48:55  oes
+ *    Added FEATURE_NO_GIFS and BUILTIN_IMAGE_MIMETYPE
+ *
+ *    Revision 1.52  2002/03/07 03:46:17  oes
+ *    Fixed compiler warnings
+ *
+ *    Revision 1.51  2002/03/05 04:52:42  oes
+ *    Deleted non-errlog debugging code
+ *
+ *    Revision 1.50  2002/03/04 19:32:07  oes
+ *    Changed default port to 8118
+ *
+ *    Revision 1.49  2002/03/04 18:28:55  oes
+ *    Deleted PID_FILE_NAME
+ *
+ *    Revision 1.48  2002/03/03 14:50:40  oes
+ *    Fixed CLF logging: Added ocmd member for client's request to struct http_request
+ *
+ *    Revision 1.47  2002/02/20 23:15:13  jongfoster
+ *    Parsing functions now handle out-of-memory gracefully by returning
+ *    an error code.
+ *
+ *    Revision 1.46  2002/01/17 21:06:09  jongfoster
+ *    Now #defining the URLs of the config interface
+ *
+ *    Minor changes to struct http_request and struct url_spec due to
+ *    standardizing that struct http_request is used to represent a URL, and
+ *    struct url_spec is used to represent a URL pattern.  (Before, URLs were
+ *    represented as seperate variables and a partially-filled-in url_spec).
+ *
+ *    Revision 1.45  2002/01/09 14:33:27  oes
+ *    Added HOSTENT_BUFFER_SIZE
+ *
+ *    Revision 1.44  2001/12/30 14:07:32  steudten
+ *    - Add signal handling (unix)
+ *    - Add SIGHUP handler (unix)
+ *    - Add creation of pidfile (unix)
+ *    - Add action 'top' in rc file (RH)
+ *    - Add entry 'SIGNALS' to manpage
+ *    - Add exit message to logfile (unix)
+ *
+ *    Revision 1.43  2001/11/22 21:57:51  jongfoster
+ *    Making action_spec->flags into an unsigned long rather than just an
+ *    unsigned int.
+ *    Adding ACTION_NO_COOKIE_KEEP
+ *
+ *    Revision 1.42  2001/11/05 21:42:41  steudten
+ *    Include DBG() macro.
+ *
+ *    Revision 1.41  2001/10/28 19:12:06  jongfoster
+ *    Adding ijb_toupper()
+ *
+ *    Revision 1.40  2001/10/26 17:40:47  oes
+ *    Moved ijb_isspace and ijb_tolower to project.h
+ *    Removed http->user_agent, csp->referrer and csp->accept_types
+ *
+ *    Revision 1.39  2001/10/25 03:45:02  david__schmidt
+ *    Adding a (void*) cast to freez() because Visual Age C++ won't expand the
+ *    macro when called with a cast; so moving the cast to the macro def'n
+ *    seems to both eliminate compiler warnings (on darwin and OS/2, anyway) and
+ *    doesn't make macro expansion complain.  Hope this works for everyone else
+ *    too...
+ *
+ *    Revision 1.38  2001/10/23 21:19:04  jongfoster
+ *    New error-handling support: jb_err type and JB_ERR_xxx constants
+ *    CGI functions now return a jb_err, and their parameters map is const.
+ *    Support for RUNTIME_FEATUREs to enable/disable config editor
+ *    Adding a few comments
+ *
+ *    Revision 1.37  2001/10/14 22:14:01  jongfoster
+ *    Removing name_length field from struct cgi_dispatcher, as this is
+ *    now calculated at runtime from the "name" field.
+ *
+ *    Revision 1.36  2001/10/10 16:45:15  oes
+ *    Added LIMIT_CONNECT action and string
+ *    Fixed HTTP message line termination
+ *    Added CFORBIDDEN HTTP message
+ *
+ *    Revision 1.35  2001/10/07 18:06:43  oes
+ *    Added status member to struct http_request
+ *
+ *    Revision 1.34  2001/10/07 15:45:25  oes
+ *    Added url member to struct http_request and commented all
+ *      members
+ *
+ *    Added CT_TABOO
+ *
+ *    Added ACTION_DOWNGRADE and ACTION_NO_COMPRESSION
+ *
+ *    Replaced struct client_state members rejected,
+ *      force, active and toggled_on with "flags" bitmap.
+ *
+ *    Added CSP_FLAG_MODIFIED and CSP_FLAG_CHUNKED
+ *
+ *    Added buffer_limit to struct configuration_spec
+ *
+ *    Revision 1.33  2001/09/20 13:30:08  steudten
+ *
+ *    Make freez() more secure in case of: if (exp) { free(z) ; a=*z }
+ *    Last case will set z to NULL in free(z) and thats bad..
+ *
+ *    Revision 1.32  2001/09/16 23:02:51  jongfoster
+ *    Fixing warning
+ *
+ *    Revision 1.31  2001/09/16 13:20:29  jongfoster
+ *    Rewrite of list library.  Now has seperate header and list_entry
+ *    structures.  Also added a large sprinking of assert()s to the list
+ *    code.
+ *
+ *    Revision 1.30  2001/09/13 23:52:00  jongfoster
+ *    Support for both static and dynamically generated CGI pages
+ *
+ *    Revision 1.29  2001/09/13 23:29:43  jongfoster
+ *    Defining FORWARD_SPEC_INITIALIZER
+ *
+ *    Revision 1.28  2001/09/13 23:05:50  jongfoster
+ *    Changing the string paramater to the header parsers a "const".
+ *
+ *    Revision 1.27  2001/08/05 16:06:20  jongfoster
+ *    Modifiying "struct map" so that there are now separate header and
+ *    "map_entry" structures.  This means that functions which modify a
+ *    map no longer need to return a pointer to the modified map.
+ *    Also, it no longer reverses the order of the entries (which may be
+ *    important with some advanced template substitutions).
+ *
+ *    Revision 1.26  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.25  2001/07/29 18:43:08  jongfoster
+ *    Changing #ifdef _FILENAME_H to FILENAME_H_INCLUDED, to conform to
+ *    ANSI C rules.
+ *
+ *    Revision 1.24  2001/07/25 17:20:27  oes
+ *    Introduced http->user_agent
+ *
+ *    Revision 1.23  2001/07/18 12:32:23  oes
+ *    - Added ACTION_STRING_DEANIMATE
+ *    - moved #define freez from jcc.h to project.h
+ *
+ *    Revision 1.22  2001/07/15 17:51:41  jongfoster
+ *    Renaming #define STATIC to STATIC_PCRE
+ *
+ *    Revision 1.21  2001/07/13 14:03:19  oes
+ *     - Reorganized regex header inclusion and #defines to
+ *       comply to the scheme in configure.in
+ *     - Added csp->content_type and its CT_* keys
+ *     - Added ACTION_DEANIMATE
+ *     - Removed all #ifdef PCRS
+ *
+ *    Revision 1.20  2001/06/29 21:45:41  oes
+ *    Indentation, CRLF->LF, Tab-> Space
+ *
+ *    Revision 1.19  2001/06/29 13:33:36  oes
+ *    - Improved comments
+ *    - Introduced http_request.host_ip_addr_str
+ *    - Introduced http_response.head_length
+ *    - Introduced config.my_ip_addr_str, config.my_hostname,
+ *      config.admin_address and config.proxy_info_url
+ *    - Removed config.proxy_args_header and config.proxy_args_trailer,
+ *      renamed config.proxy_args_invocation to config.proxy_args
+ *    - Removed HTML snipplets and GIFs
+ *    - Removed logentry from cancelled commit
+ *
+ *    Revision 1.18  2001/06/09 10:57:39  jongfoster
+ *    Adding definition of BUFFER_SIZE.
+ *    Changing struct cgi_dispatcher to use "const" strings.
+ *
+ *    Revision 1.17  2001/06/07 23:15:09  jongfoster
+ *    Merging ACL and forward files into config file.
+ *    Moving struct gateway members into struct forward_spec
+ *    Removing config->proxy_args_gateways
+ *    Cosmetic: Adding a few comments
+ *
+ *    Revision 1.16  2001/06/04 18:31:58  swa
+ *    files are now prefixed with either `confdir' or `logdir'.
+ *    `make redhat-dist' replaces both entries confdir and logdir
+ *    with redhat values
+ *
+ *    Revision 1.15  2001/06/04 11:28:53  swa
+ *    redirect did not work due to missing /
+ *
+ *    Revision 1.14  2001/06/03 11:03:48  oes
+ *    Added struct map,
+ *    added struct http_response,
+ *    changed struct interceptors to struct cgi_dispatcher,
+ *    moved HTML stuff to cgi.h
+ *
+ *    Revision 1.13  2001/06/01 20:05:36  jongfoster
+ *    Support for +image-blocker{}: added ACTION_IMAGE_BLOCKER
+ *    constant, and removed csp->tinygif.
+ *
+ *    Revision 1.12  2001/06/01 18:49:17  jongfoster
+ *    Replaced "list_share" with "list" - the tiny memory gain was not
+ *    worth the extra complexity.
+ *
+ *    Revision 1.11  2001/06/01 10:32:47  oes
+ *    Added constants for anchoring selection bitmap
+ *
+ *    Revision 1.10  2001/05/31 21:33:53  jongfoster
+ *    Changes for new actions file, replacing permissionsfile
+ *    and parts of the config file.  Also added support for
+ *    list_shared.
+ *
+ *    Revision 1.9  2001/05/31 17:32:31  oes
+ *
+ *     - Enhanced domain part globbing with infix and prefix asterisk
+ *       matching and optional unanchored operation
+ *
+ *    Revision 1.8  2001/05/29 20:09:15  joergs
+ *    HTTP_REDIRECT_TEMPLATE fixed.
+ *
+ *    Revision 1.7  2001/05/29 09:50:24  jongfoster
+ *    Unified blocklist/imagelist/actionslist.
+ *    File format is still under discussion, but the internal changes
+ *    are (mostly) done.
+ *
+ *    Also modified interceptor behaviour:
+ *    - We now intercept all URLs beginning with one of the following
+ *      prefixes (and *only* these prefixes):
+ *        * http://i.j.b/
+ *        * http://ijbswa.sf.net/config/
+ *        * http://ijbswa.sourceforge.net/config/
+ *    - New interceptors "home page" - go to http://i.j.b/ to see it.
+ *    - Internal changes so that intercepted and fast redirect pages
+ *      are not replaced with an image.
+ *    - Interceptors now have the option to send a binary page direct
+ *      to the client. (i.e. ijb-send-banner uses this)
+ *    - Implemented show-url-info interceptor.  (Which is why I needed
+ *      the above interceptors changes - a typical URL is
+ *      "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ *      The previous mechanism would not have intercepted that, and
+ *      if it had been intercepted then it then it would have replaced
+ *      it with an image.)
+ *
+ *    Revision 1.6  2001/05/27 22:17:04  oes
+ *
+ *    - re_process_buffer no longer writes the modified buffer
+ *      to the client, which was very ugly. It now returns the
+ *      buffer, which it is then written by chat.
+ *
+ *    - content_length now adjusts the Content-Length: header
+ *      for modified documents rather than crunch()ing it.
+ *      (Length info in csp->content_length, which is 0 for
+ *      unmodified documents)
+ *
+ *    - For this to work, sed() is called twice when filtering.
+ *
+ *    Revision 1.5  2001/05/26 00:28:36  jongfoster
+ *    Automatic reloading of config file.
+ *    Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32).
+ *    Most of the global variables have been moved to a new
+ *    struct configuration_spec, accessed through csp->config->globalname
+ *    Most of the globals remaining are used by the Win32 GUI.
+ *
+ *    Revision 1.4  2001/05/22 18:46:04  oes
+ *
+ *    - Enabled filtering banners by size rather than URL
+ *      by adding patterns that replace all standard banner
+ *      sizes with the "Junkbuster" gif to the re_filterfile
+ *
+ *    - Enabled filtering WebBugs by providing a pattern
+ *      which kills all 1x1 images
+ *
+ *    - Added support for PCRE_UNGREEDY behaviour to pcrs,
+ *      which is selected by the (nonstandard and therefore
+ *      capital) letter 'U' in the option string.
+ *      It causes the quantifiers to be ungreedy by default.
+ *      Appending a ? turns back to greedy (!).
+ *
+ *    - Added a new interceptor ijb-send-banner, which
+ *      sends back the "Junkbuster" gif. Without imagelist or
+ *      MSIE detection support, or if tinygif = 1, or the
+ *      URL isn't recognized as an imageurl, a lame HTML
+ *      explanation is sent instead.
+ *
+ *    - Added new feature, which permits blocking remote
+ *      script redirects and firing back a local redirect
+ *      to the browser.
+ *      The feature is conditionally compiled, i.e. it
+ *      can be disabled with --disable-fast-redirects,
+ *      plus it must be activated by a "fast-redirects"
+ *      line in the config file, has its own log level
+ *      and of course wants to be displayed by show-proxy-args
+ *      Note: Boy, all the #ifdefs in 1001 locations and
+ *      all the fumbling with configure.in and acconfig.h
+ *      were *way* more work than the feature itself :-(
+ *
+ *    - Because a generic redirect template was needed for
+ *      this, tinygif = 3 now uses the same.
+ *
+ *    - Moved GIFs, and other static HTTP response templates
+ *      to project.h
+ *
+ *    - Some minor fixes
+ *
+ *    - Removed some >400 CRs again (Jon, you really worked
+ *      a lot! ;-)
+ *
+ *    Revision 1.3  2001/05/20 01:21:20  jongfoster
+ *    Version 2.9.4 checkin.
+ *    - Merged popupfile and cookiefile, and added control over PCRS
+ *      filtering, in new "actionsfile".
+ *    - Implemented LOG_LEVEL_FATAL, so that if there is a configuration
+ *      file error you now get a message box (in the Win32 GUI) rather
+ *      than the program exiting with no explanation.
+ *    - Made killpopup use the PCRS MIME-type checking and HTTP-header
+ *      skipping.
+ *    - Removed tabs from "config"
+ *    - Moved duplicated url parsing code in "loaders.c" to a new funcition.
+ *    - Bumped up version number.
+ *
+ *    Revision 1.2  2001/05/17 23:01:01  oes
+ *     - Cleaned CRLF's from the sources and related files
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:59:03  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+/* Declare struct FILE for vars and funcs. */
+#include <stdio.h>
+
+/* Need time_t for file_list */
+#include <time.h>
+/* Needed for pcre choice */
+#include "config.h"
+
+/*
+ * Include appropriate regular expression libraries.
+ * Note that pcrs and pcre (native) are needed for cgi
+ * and are included anyway.
+ */
+
+#ifdef STATIC_PCRE
+#  include "pcre.h"
+#else
+#  ifdef PCRE_H_IN_SUBDIR
+#    include <pcre/pcre.h>
+#  else
+#    include <pcre.h>
+#  endif
+#endif
+
+#ifdef STATIC_PCRS
+#  include "pcrs.h"
+#else
+#  include <pcrs.h>
+#endif
+
+#ifdef STATIC_PCRE
+#  include "pcreposix.h"
+#else
+#  ifdef PCRE_H_IN_SUBDIR
+#    include <pcre/pcreposix.h>
+#  else
+#    include <pcreposix.h>
+#  endif
+#endif
+
+#ifdef AMIGA
+#include "amiga.h"
+#endif /* def AMIGA */
+
+#ifdef _WIN32
+/*
+ * I don't want to have to #include all this just for the declaration
+ * of SOCKET.  However, it looks like we have to...
+ */
+#ifndef STRICT
+#define STRICT
+#endif
+#include <windows.h>
+#endif
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifdef _WIN32
+
+typedef SOCKET jb_socket;
+
+#define JB_INVALID_SOCKET INVALID_SOCKET
+
+#else /* ndef _WIN32 */
+
+/**
+ * The type used by sockets.  On UNIX it's an int.  Microsoft decided to
+ * make it an unsigned.
+ */
+typedef int jb_socket;
+
+/**
+ * The error value used for variables of type jb_socket.  On UNIX this
+ * is -1, however Microsoft decided to make socket handles unsigned, so
+ * they use a different value.
+ */
+
+#define JB_INVALID_SOCKET (-1)
+
+#endif /* ndef _WIN32 */
+
+
+/**
+ * A standard error code.  This should be JB_ERR_OK or one of the JB_ERR_xxx
+ * series of errors.
+ */
+typedef int jb_err;
+
+#define JB_ERR_OK         0 /**< Success, no error                        */
+#define JB_ERR_MEMORY     1 /**< Out of memory                            */
+#define JB_ERR_CGI_PARAMS 2 /**< Missing or corrupt CGI parameters        */
+#define JB_ERR_FILE       3 /**< Error opening, reading or writing a file */
+#define JB_ERR_PARSE      4 /**< Error parsing file                       */
+#define JB_ERR_MODIFIED   5 /**< File has been modified outside of the  
+                                 CGI actions editor.                      */
+#define JB_ERR_COMPRESS   6 /**< Error on decompression                   */
+
+/**
+ * This macro is used to free a pointer that may be NULL.
+ * It also sets the variable to NULL after it's been freed.
+ * The paramater should be a simple variable without side effects.
+ */
+#define freez(X)  { if(X) { free((void*)X); X = NULL ; } }
+
+
+/**
+ * Fix a problem with Solaris.  There should be no effect on other
+ * platforms.
+ *
+ * Solaris's isspace() is a macro which uses it's argument directly
+ * as an array index.  Therefore we need to make sure that high-bit
+ * characters generate +ve values, and ideally we also want to make
+ * the argument match the declared parameter type of "int".
+ *
+ * Note: Remember to #include <ctype.h> if you use these macros.
+ */
+#define ijb_toupper(__X) toupper((int)(unsigned char)(__X))
+#define ijb_tolower(__X) tolower((int)(unsigned char)(__X))
+#define ijb_isspace(__X) isspace((int)(unsigned char)(__X))  
+
+/**
+ * Use for statically allocated buffers if you have no other choice.
+ * Remember to check the length of what you write into the buffer
+ * - we don't want any buffer overflows!
+ */
+#define BUFFER_SIZE 5000
+
+/**
+ * Max length of CGI parameters (arbitrary limit).
+ */
+#define CGI_PARAM_LEN_MAX 500U
+
+/**
+ * Buffer size for capturing struct hostent data in the
+ * gethostby(name|addr)_r library calls. Since we don't
+ * loop over gethostbyname_r, the buffer must be sufficient
+ * to accomodate multiple IN A RRs, as used in DNS round robin
+ * load balancing. W3C's wwwlib uses 1K, so that should be
+ * good enough for us, too.
+ */
+/**
+ * XXX: Temporary doubled, for some configurations
+ * 1K is still too small and we didn't get the
+ * real fix ready for inclusion.
+ */
+#define HOSTENT_BUFFER_SIZE 2048
+
+/**
+ * Do not use.  Originally this was so that you can
+ * say "while (FOREVER) { ...do something... }".
+ * However, this gives a warning with some compilers (e.g. VC++).
+ * Instead, use "for (;;) { ...do something... }".
+ */
+#define FOREVER 1
+
+/**
+ * Default IP address to listen on, as a string.
+ * Set to "127.0.0.1".
+ */
+#define HADDR_DEFAULT   "127.0.0.1"
+
+/**
+ * Default port to listen on, as a number.
+ * Set to 8118.
+ */
+#define HADDR_PORT      8118
+
+
+/* Forward def for struct client_state */
+struct configuration_spec;
+
+
+/**
+ * Entry in a linked list of strings.
+ */
+struct list_entry
+{
+   /**
+    * The string pointer. It must point to a dynamically malloc()ed
+    * string or be NULL for the list functions to work. In the latter
+    * case, just be careful next time you iterate through the list in
+    * your own code.
+    */
+   char *str;
+   
+   /** Next entry in the linked list, or NULL if no more. */
+   struct list_entry *next;
+};
+
+/**
+ * A header for a linked list of strings.
+ */
+struct list
+{
+   /** First entry in the list, or NULL if the list is empty. */
+   struct list_entry *first;
+
+   /** Last entry in the list, or NULL if the list is empty. */
+   struct list_entry *last;
+};
+
+
+/**
+ * An entry in a map.  This is a name=value pair.
+ */
+struct map_entry
+{
+   /** The key for the map. */
+   const char *name;
+   /** The value associated with that key. */
+   const char *value;
+   /** The next map entry, or NULL if none. */
+   struct map_entry *next;
+};
+
+/**
+ * A map from a string to another string.
+ * This is used for the paramaters passed in a HTTP GET request, and
+ * to store the exports when the CGI interface is filling in a template.
+ */
+struct map
+{
+   /** The first map entry, or NULL if the map is empty. */
+   struct map_entry *first;
+   /** The last map entry, or NULL if the map is empty. */
+   struct map_entry *last;
+};
+
+
+/**
+ * A HTTP request.  This includes the method (GET, POST) and
+ * the parsed URL.
+ *
+ * This is also used whenever we want to match a URL against a
+ * URL pattern.  This always contains the URL to match, and never
+ * a URL pattern.  (See struct url_spec).
+ */
+struct http_request
+{
+   char *cmd;      /**< Whole command line: method, URL, Version */
+   char *ocmd;     /**< Backup of original cmd for CLF logging */
+   char *gpc;      /**< HTTP method: GET, POST, ... */
+   char *url;      /**< The URL */
+   char *ver;      /**< Protocol version */
+   int status;     /**< HTTP Status */
+
+   char *host;     /**< Host part of URL */
+   int   port;     /**< Port of URL or 80 (default) */
+   char *path;     /**< Path of URL */
+   char *hostport; /**< host[:port] */
+   int   ssl;      /**< Flag if protocol is https */
+
+   char *host_ip_addr_str; /**< String with dotted decimal representation
+                                of host's IP. NULL before connect_to() */
+
+   char  *dbuffer; /**< Buffer with '\0'-delimited domain name.           */
+   char **dvec;    /**< List of pointers to the strings in dbuffer.       */
+   int    dcount;  /**< How many parts to this domain? (length of dvec)   */
+};
+
+/**
+ * Reasons for generating a http_response instead of delivering
+ * the requested resource. Mostly ordered the way they are checked
+ * for in chat().
+ */
+#define RSP_REASON_UNSUPPORTED        1
+#define RSP_REASON_BLOCKED            2
+#define RSP_REASON_UNTRUSTED          3
+#define RSP_REASON_REDIRECTED         4
+#define RSP_REASON_CGI_CALL           5
+#define RSP_REASON_NO_SUCH_DOMAIN     6
+#define RSP_REASON_FORWARDING_FAILED  7
+#define RSP_REASON_CONNECT_FAILED     8
+#define RSP_REASON_OUT_OF_MEMORY      9
+#define RSP_REASON_INTERNAL_ERROR     10
+
+/**
+ * Response generated by CGI, blocker, or error handler
+ */
+struct http_response
+{
+  char  *status;          /**< HTTP status (string). */
+  struct list headers[1]; /**< List of header lines. */
+  char  *head;            /**< Formatted http response head. */
+  size_t head_length;     /**< Length of http response head. */
+  char  *body;            /**< HTTP document body. */
+  size_t content_length;  /**< Length of body, REQUIRED if binary body. */
+  int    is_static;       /**< Nonzero if the content will never change and
+                               should be cached by the browser (e.g. images). */
+  int reason;             /**< Why the response was generated in the first place. */
+};
+
+/**
+ * A URL or a tag pattern.
+ */
+struct url_spec
+{
+   /** The string which was parsed to produce this url_spec.
+       Used for debugging or display only.  */
+   char  *spec;
+
+#ifdef FEATURE_EXTENDED_HOST_PATTERNS
+   regex_t *host_regex;/**< Regex for host matching                          */
+#else
+   char  *dbuffer;     /**< Buffer with '\0'-delimited domain name, or NULL to match all hosts. */
+   char **dvec;        /**< List of pointers to the strings in dbuffer.       */
+   int    dcount;      /**< How many parts to this domain? (length of dvec)   */
+   int    unanchored;  /**< Bitmap - flags are ANCHOR_LEFT and ANCHOR_RIGHT.  */
+#endif /* defined FEATURE_EXTENDED_HOST_PATTERNS */
+
+   char  *port_list;   /**< List of acceptable ports, or NULL to match all ports */
+
+   regex_t *preg;      /**< Regex for matching path part                      */
+   regex_t *tag_regex; /**< Regex for matching tags                           */
+};
+
+/**
+ * If you declare a static url_spec, this is the value to initialize it to zero.
+ */
+#ifndef FEATURE_EXTENDED_HOST_PATTERNS
+#define URL_SPEC_INITIALIZER { NULL, NULL, NULL, 0, 0, NULL, NULL, NULL }
+#else
+#define URL_SPEC_INITIALIZER { NULL, NULL, NULL, NULL, NULL }
+#endif /* def FEATURE_EXTENDED_HOST_PATTERNS */
+
+/**
+ * Constant for host part matching in URLs.  If set, indicates that the start of
+ * the pattern must match the start of the URL.  E.g. this is not set for the
+ * pattern ".example.com", so that it will match both "example.com" and
+ * "www.example.com".  It is set for the pattern "example.com", which makes it
+ * match "example.com" only, not "www.example.com".
+ */
+#define ANCHOR_LEFT  1
+
+/**
+ * Constant for host part matching in URLs.  If set, indicates that the end of
+ * the pattern must match the end of the URL.  E.g. this is not set for the
+ * pattern "ad.", so that it will match any host called "ad", irrespective
+ * of how many subdomains are in the fully-qualified domain name.
+ */
+#define ANCHOR_RIGHT 2
+
+
+/**
+ * An I/O buffer.  Holds a string which can be appended to, and can have data
+ * removed from the beginning.
+ */
+struct iob
+{
+   char *buf;    /**< Start of buffer        */
+   char *cur;    /**< Start of relevant data */
+   char *eod;    /**< End of relevant data   */
+   size_t size;  /**< Size as malloc()ed     */
+};
+
+
+/**
+ * Return the number of bytes in the I/O buffer associated with the passed
+ * client_state pointer.
+ * May be zero.
+ */
+#define IOB_PEEK(CSP) ((CSP->iob->cur > CSP->iob->eod) ? (CSP->iob->eod - CSP->iob->cur) : 0)
+
+
+/**
+ * Remove any data in the I/O buffer associated with the passed
+ * client_state pointer.
+ */
+#define IOB_RESET(CSP) if(CSP->iob->buf) free(CSP->iob->buf); memset(CSP->iob, '\0', sizeof(CSP->iob));
+
+/* Bits for csp->content_type bitmask: */
+#define CT_TEXT    0x0001U /**< Suitable for pcrs filtering. */
+#define CT_GIF     0x0002U /**< Suitable for GIF filtering.  */
+#define CT_TABOO   0x0004U /**< DO NOT filter, irrespective of other flags. */
+
+/* Although these are not, strictly speaking, content types
+ * (they are content encodings), it is simple to handle them
+ * as such.
+ */
+#define CT_GZIP    0x0010U /**< gzip-compressed data. */
+#define CT_DEFLATE 0x0020U /**< zlib-compressed data. */
+
+/**
+ * Flag to signal that the server declared the content type,
+ * so we can differentiate between unknown and undeclared
+ * content types.
+ */
+#define CT_DECLARED 0x0040U
+
+/**
+ * The mask which includes all actions.
+ */
+#define ACTION_MASK_ALL        (~0UL)
+
+/**
+ * The most compatible set of actions - i.e. none.
+ */
+#define ACTION_MOST_COMPATIBLE                       0x00000000UL
+
+/** Action bitmap: Block the request. */
+#define ACTION_BLOCK                                 0x00000001UL
+/** Action bitmap: Deanimate if it's a GIF. */
+#define ACTION_DEANIMATE                             0x00000002UL
+/** Action bitmap: Downgrade HTTP/1.1 to 1.0. */
+#define ACTION_DOWNGRADE                             0x00000004UL
+/** Action bitmap: Fast redirects. */
+#define ACTION_FAST_REDIRECTS                        0x00000008UL
+/** Action bitmap: Remove or add "X-Forwarded-For" header. */
+#define ACTION_CHANGE_X_FORWARDED_FOR                0x00000010UL
+/** Action bitmap: Hide "From" header. */
+#define ACTION_HIDE_FROM                             0x00000020UL
+/** Action bitmap: Hide "Referer" header.  (sic - follow HTTP, not English). */
+#define ACTION_HIDE_REFERER                          0x00000040UL
+/** Action bitmap: Hide "User-Agent" and similar headers. */
+#define ACTION_HIDE_USER_AGENT                       0x00000080UL
+/** Action bitmap: This is an image. */
+#define ACTION_IMAGE                                 0x00000100UL
+/** Action bitmap: Sets the image blocker. */
+#define ACTION_IMAGE_BLOCKER                         0x00000200UL
+/** Action bitmap: Prevent compression. */
+#define ACTION_NO_COMPRESSION                        0x00000400UL
+/** Action bitmap: Change cookies to session only cookies. */
+#define ACTION_NO_COOKIE_KEEP                        0x00000800UL
+/** Action bitmap: Block rending cookies. */
+#define ACTION_NO_COOKIE_READ                        0x00001000UL
+/** Action bitmap: Block setting cookies. */
+#define ACTION_NO_COOKIE_SET                         0x00002000UL
+/** Action bitmap: Override the forward settings in the config file */
+#define ACTION_FORWARD_OVERRIDE                      0x00004000UL
+/** Action bitmap: Block as empty document */
+#define  ACTION_HANDLE_AS_EMPTY_DOCUMENT             0x00008000UL
+/** Action bitmap: Limit CONNECT requests to safe ports. */
+#define ACTION_LIMIT_CONNECT                         0x00010000UL
+/** Action bitmap: Redirect request. */
+#define  ACTION_REDIRECT                             0x00020000UL
+/** Action bitmap: Crunch or modify "if-modified-since" header. */
+#define ACTION_HIDE_IF_MODIFIED_SINCE                0x00040000UL
+/** Action bitmap: Overwrite Content-Type header. */
+#define ACTION_CONTENT_TYPE_OVERWRITE                0x00080000UL
+/** Action bitmap: Crunch specified server header. */
+#define ACTION_CRUNCH_SERVER_HEADER                  0x00100000UL
+/** Action bitmap: Crunch specified client header */
+#define ACTION_CRUNCH_CLIENT_HEADER                  0x00200000UL
+/** Action bitmap: Enable text mode by force */
+#define ACTION_FORCE_TEXT_MODE                       0x00400000UL
+/** Action bitmap: Enable text mode by force */
+#define ACTION_CRUNCH_IF_NONE_MATCH                  0x00800000UL
+/** Action bitmap: Enable content-dispostion crunching */
+#define ACTION_HIDE_CONTENT_DISPOSITION              0x01000000UL
+/** Action bitmap: Replace or block Last-Modified header */
+#define ACTION_OVERWRITE_LAST_MODIFIED               0x02000000UL
+/** Action bitmap: Replace or block Accept-Language header */
+#define ACTION_HIDE_ACCEPT_LANGUAGE                  0x04000000UL
+
+
+/** Action string index: How to deanimate GIFs */
+#define ACTION_STRING_DEANIMATE             0
+/** Action string index: Replacement for "From:" header */
+#define ACTION_STRING_FROM                  1
+/** Action string index: How to block images */
+#define ACTION_STRING_IMAGE_BLOCKER         2
+/** Action string index: Replacement for "Referer:" header */
+#define ACTION_STRING_REFERER               3
+/** Action string index: Replacement for "User-Agent:" header */
+#define ACTION_STRING_USER_AGENT            4
+/** Action string index: Legal CONNECT ports. */
+#define ACTION_STRING_LIMIT_CONNECT         5
+/** Action string index: Server headers containing this pattern are crunched*/
+#define ACTION_STRING_SERVER_HEADER         6
+/** Action string index: Client headers containing this pattern are crunched*/
+#define ACTION_STRING_CLIENT_HEADER         7
+/** Action string index: Replacement for the "Accept-Language:" header*/
+#define ACTION_STRING_LANGUAGE              8
+/** Action string index: Replacement for the "Content-Type:" header*/
+#define ACTION_STRING_CONTENT_TYPE          9
+/** Action string index: Replacement for the "content-dispostion:" header*/
+#define ACTION_STRING_CONTENT_DISPOSITION  10
+/** Action string index: Replacement for the "If-Modified-Since:" header*/
+#define ACTION_STRING_IF_MODIFIED_SINCE    11
+/** Action string index: Replacement for the "Last-Modified:" header. */
+#define ACTION_STRING_LAST_MODIFIED        12
+/** Action string index: Redirect URL */
+#define ACTION_STRING_REDIRECT             13
+/** Action string index: Decode before redirect? */
+#define ACTION_STRING_FAST_REDIRECTS       14
+/** Action string index: Overriding forward rule. */
+#define ACTION_STRING_FORWARD_OVERRIDE     15
+/** Action string index: Reason for the block. */
+#define ACTION_STRING_BLOCK                16
+/** Action string index: what to do with the "X-Forwarded-For" header. */
+#define ACTION_STRING_CHANGE_X_FORWARDED_FOR 17
+/** Number of string actions. */
+#define ACTION_STRING_COUNT                18
+
+
+/* To make the ugly hack in sed easier to understand */
+#define CHECK_EVERY_HEADER_REMAINING 0
+
+
+/** Index into current_action_spec::multi[] for headers to add. */
+#define ACTION_MULTI_ADD_HEADER              0
+/** Index into current_action_spec::multi[] for content filters to apply. */
+#define ACTION_MULTI_FILTER                  1
+/** Index into current_action_spec::multi[] for server-header filters to apply. */
+#define ACTION_MULTI_SERVER_HEADER_FILTER    2
+/** Index into current_action_spec::multi[] for client-header filters to apply. */
+#define ACTION_MULTI_CLIENT_HEADER_FILTER    3
+/** Index into current_action_spec::multi[] for client-header tags to apply. */
+#define ACTION_MULTI_CLIENT_HEADER_TAGGER    4
+/** Index into current_action_spec::multi[] for server-header tags to apply. */
+#define ACTION_MULTI_SERVER_HEADER_TAGGER    5
+/** Number of multi-string actions. */
+#define ACTION_MULTI_COUNT                   6
+
+
+/**
+ * This structure contains a list of actions to apply to a URL.
+ * It only contains positive instructions - no "-" options.
+ * It is not used to store the actions list itself, only for
+ * url_actions() to return the current values.
+ */
+struct current_action_spec
+{
+   /** Actions to apply.  A bit set to "1" means perform the action. */
+   unsigned long flags;
+
+   /**
+    * Paramaters for those actions that require them.
+    * Each entry is valid if & only if the corresponding entry in "flags" is
+    * set.
+    */
+   char * string[ACTION_STRING_COUNT];
+
+   /** Lists of strings for multi-string actions. */
+   struct list multi[ACTION_MULTI_COUNT][1];
+};
+
+
+/**
+ * This structure contains a set of changes to actions.
+ * It can contain both positive and negative instructions.
+ * It is used to store an entry in the actions list.
+ */
+struct action_spec
+{
+   unsigned long mask; /**< Actions to keep. A bit set to "0" means remove action. */
+   unsigned long add;  /**< Actions to add.  A bit set to "1" means add action.    */
+
+   /**
+    * Paramaters for those actions that require them.
+    * Each entry is valid if & only if the corresponding entry in "flags" is
+    * set.
+    */
+   char * string[ACTION_STRING_COUNT];
+
+   /** Lists of strings to remove, for multi-string actions. */
+   struct list multi_remove[ACTION_MULTI_COUNT][1];
+
+   /** If nonzero, remove *all* strings from the multi-string action. */
+   int         multi_remove_all[ACTION_MULTI_COUNT];
+
+   /** Lists of strings to add, for multi-string actions. */
+   struct list multi_add[ACTION_MULTI_COUNT][1];
+};
+
+
+/**
+ * This structure is used to store action files.
+ *
+ * It contains an URL or tag pattern, and the changes to
+ * the actions. It's a linked list and should only be
+ * free'd through unload_actions_file() unless there's
+ * only a single entry.
+ */
+struct url_actions
+{
+   struct url_spec url[1];     /**< The URL or tag pattern. */
+
+   struct action_spec *action; /**< Action settings that might be shared with
+                                    the list entry before or after the current
+                                    one and can't be free'd willy nilly. */
+
+   struct url_actions *next;   /**< Next action section in file, or NULL. */
+};
+
+
+/*
+ * Flags for use in csp->flags
+ */
+ 
+/**
+ * Flag for csp->flags: Set if this client is processing data.
+ * Cleared when the thread associated with this structure dies.
+ */
+#define CSP_FLAG_ACTIVE     0x01U
+
+/**
+ * Flag for csp->flags: Set if the server's reply is in "chunked"
+ * transfer encoding
+ */
+#define CSP_FLAG_CHUNKED    0x02U
+
+/**
+ * Flag for csp->flags: Set if this request was enforced, although it would
+ * normally have been blocked.
+ */
+#define CSP_FLAG_FORCED     0x04U
+
+/**
+ * Flag for csp->flags: Set if any modification to the body was done.
+ */
+#define CSP_FLAG_MODIFIED   0x08U
+
+/**
+ * Flag for csp->flags: Set if request was blocked.
+ */
+#define CSP_FLAG_REJECTED   0x10U
+
+/**
+ * Flag for csp->flags: Set if we are toggled on (FEATURE_TOGGLE).
+ */
+#define CSP_FLAG_TOGGLED_ON 0x20U
+
+/**
+ * Flag for csp->flags: Set if an acceptable Connection header
+ * is already set.
+ */
+#define CSP_FLAG_CLIENT_CONNECTION_HEADER_SET  0x00000040U
+
+/**
+ * Flag for csp->flags: Set if adding the 'Connection: close' header
+ * for the server isn't necessary.
+ */
+#define CSP_FLAG_SERVER_CONNECTION_CLOSE_SET   0x00000080U
+
+/**
+ * Flag for csp->flags: Signals header parsers whether they
+ * are parsing server or client headers.
+ */
+#define CSP_FLAG_CLIENT_HEADER_PARSING_DONE    0x00000100U
+
+/**
+ * Flag for csp->flags: Set if adding the Host: header
+ * isn't necessary.
+ */
+#define CSP_FLAG_HOST_HEADER_IS_SET            0x00000200U
+
+/**
+ * Flag for csp->flags: Set if filtering is disabled by X-Filter: No
+ * XXX: As we now have tags we might as well ditch this.
+ */
+#define CSP_FLAG_NO_FILTERING                  0x00000400U
+
+/**
+ * Flag for csp->flags: Set the client IP has appended to
+ * an already existing X-Forwarded-For header in which case
+ * no new header has to be generated.
+ */
+#define CSP_FLAG_X_FORWARDED_FOR_APPENDED      0x00000800U
+
+/**
+ * Flag for csp->flags: Set if the server wants to keep
+ * the connection alive.
+ */
+#define CSP_FLAG_SERVER_CONNECTION_KEEP_ALIVE  0x00001000U
+
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+/**
+ * Flag for csp->flags: Set if the server specified the
+ * content length.
+ */
+#define CSP_FLAG_CONTENT_LENGTH_SET            0x00002000U
+#endif /* def FEATURE_CONNECTION_KEEP_ALIVE */
+
+/*
+ * Flags for use in return codes of child processes
+ */
+
+/**
+ * Flag for process return code: Set if exiting porcess has been toggled
+ * during its lifetime.
+ */
+#define RC_FLAG_TOGGLED   0x10
+
+/**
+ * Flag for process return code: Set if exiting porcess has blocked its
+ * request.
+ */
+#define RC_FLAG_BLOCKED   0x20
+
+/**
+ * Maximum number of actions/filter files.  This limit is arbitrary - it's just used
+ * to size an array.
+ */
+#define MAX_AF_FILES 10
+
+/**
+ * The state of a Privoxy processing thread.
+ */
+struct client_state
+{
+   /** The proxy's configuration */
+   struct configuration_spec * config;
+
+   /** The actions to perform on the current request */
+   struct current_action_spec  action[1];
+
+   /** socket to talk to client (web browser) */
+   jb_socket cfd;
+
+   /** socket to talk to server (web server or proxy) */
+   jb_socket sfd;
+
+   /** Multi-purpose flag container, see CSP_FLAG_* above */
+   unsigned int flags;
+
+   /** Client PC's IP address, as reported by the accept() function.
+       As a string. */
+   char *ip_addr_str;
+   /** Client PC's IP address, as reported by the accept() function.
+       As a number. */
+   unsigned long ip_addr_long;
+
+   /** The URL that was requested */
+   struct http_request http[1];
+
+   /*
+    * The final forwarding settings.
+    * XXX: Currently this is only used for forward-override,
+    * so we can free the space in sweep.
+    */
+   struct forward_spec * fwd;
+
+   /** An I/O buffer used for buffering data read from the network */
+   struct iob iob[1];
+
+   /** List of all headers for this request */
+   struct list headers[1];
+
+   /** List of all tags that apply to this request */
+   struct list tags[1];
+
+   /** MIME-Type key, see CT_* above */
+   unsigned int content_type;
+
+   /** Actions files associated with this client */
+   struct file_list *actions_list[MAX_AF_FILES];
+
+   /** pcrs job files. */
+   struct file_list *rlist[MAX_AF_FILES];
+
+   /** Length after content modification. */
+   unsigned long long content_length;
+
+#ifdef FEATURE_CONNECTION_KEEP_ALIVE
+   /** Expected length of content after which we
+    * should stop reading from the server socket.
+    */
+   /* XXX: is this the right location? */
+   unsigned long long expected_content_length;
+#endif /* def FEATURE_CONNECTION_KEEP_ALIVE */
+
+#ifdef FEATURE_TRUST
+
+   /** Trust file. */
+   struct file_list *tlist;
+
+#endif /* def FEATURE_TRUST */
+
+   /**
+    * Failure reason to embedded in the CGI error page,
+    * or NULL. Currently only used for socks errors.
+    */
+   char *error_message;
+
+   /** Next thread in linked list. Only read or modify from the main thread! */
+   struct client_state *next;
+};
+
+
+/**
+ * A function to add a header
+ */
+typedef jb_err (*add_header_func_ptr)(struct client_state *);
+
+/**
+ * A function to process a header
+ */
+typedef jb_err (*parser_func_ptr    )(struct client_state *, char **);
+
+
+/**
+ * List of available CGI functions.
+ */
+struct cgi_dispatcher
+{
+   /** The URL of the CGI, relative to the CGI root. */
+   const char * const name;
+
+   /** The handler function for the CGI */
+   jb_err    (* const handler)(struct client_state *csp, struct http_response *rsp, const struct map *parameters);
+
+   /** The description of the CGI, to appear on the main menu, or NULL to hide it. */
+   const char * const description;
+
+   /** A flag that indicates whether unintentional calls to this CGI can cause damage */
+   int harmless;
+};
+
+
+/**
+ * A data file used by Privoxy.  Kept in a linked list.
+ */
+struct file_list
+{
+   /**
+    * This is a pointer to the data structures associated with the file.
+    * Read-only once the structure has been created.
+    */
+   void *f;
+
+   /**
+    * The unloader function.
+    * Normally NULL.  When we are finished with file (i.e. when we have
+    * loaded a new one), set to a pointer to an unloader function.
+    * Unloader will be called by sweep() (called from main loop) when
+    * all clients using this file are done.  This prevents threading
+    * problems.
+    */
+   void (*unloader)(void *);
+
+   /**
+    * Used internally by sweep().  Do not access from elsewhere.
+    */
+   int active;
+
+   /**
+    * File last-modified time, so we can check if file has been changed.
+    * Read-only once the structure has been created.
+    */
+   time_t lastmodified;
+   
+   /**
+    * The full filename.
+    */
+   char * filename;
+
+   /**
+    * Pointer to next entry in the linked list of all "file_list"s.
+    * This linked list is so that sweep() can navigate it.
+    * Since sweep() can remove items from the list, we must be careful
+    * to only access this value from main thread (when we know sweep
+    * won't be running).
+    */
+   struct file_list *next;
+};
+
+
+#ifdef FEATURE_TRUST
+
+/**
+ * The format of a trust file when loaded into memory.
+ */
+struct block_spec
+{
+   struct url_spec url[1];   /**< The URL pattern              */
+   int    reject;            /**< FIXME: Please document this! */
+   struct block_spec *next;  /**< Next entry in linked list    */
+};
+
+/**
+ * Arbitrary limit for the number of trusted referrers.
+ */
+#define MAX_TRUSTED_REFERRERS 512
+
+#endif /* def FEATURE_TRUST */
+
+
+#define SOCKS_NONE    0    /**< Don't use a SOCKS server               */
+#define SOCKS_4      40    /**< original SOCKS 4 protocol              */
+#define SOCKS_4A     41    /**< as modified for hosts w/o external DNS */
+#define SOCKS_5      50    /**< as modified for hosts w/o external DNS */
+
+
+/**
+ * How to forward a connection to a parent proxy.
+ */
+struct forward_spec
+{
+   /** URL pattern that this forward_spec is for. */
+   struct url_spec url[1];
+
+   /** Connection type.  Must be SOCKS_NONE, SOCKS_4, SOCKS_4A or SOCKS_5. */
+   int   type;
+
+   /** SOCKS server hostname.  Only valid if "type" is SOCKS_4 or SOCKS_4A. */
+   char *gateway_host;
+
+   /** SOCKS server port. */
+   int   gateway_port;
+
+   /** Parent HTTP proxy hostname, or NULL for none. */
+   char *forward_host;
+
+   /** Parent HTTP proxy port. */
+   int   forward_port;
+
+   /** Next entry in the linked list. */
+   struct forward_spec *next;
+};
+
+
+/**
+ * Initializer for a static struct forward_spec.
+ */
+#define FORWARD_SPEC_INITIALIZER { { URL_SPEC_INITIALIZER }, 0, NULL, 0, NULL, 0, NULL }
+
+/* Supported filter types */
+#define FT_CONTENT_FILTER       0
+#define FT_CLIENT_HEADER_FILTER 1
+#define FT_SERVER_HEADER_FILTER 2
+#define FT_CLIENT_HEADER_TAGGER 3
+#define FT_SERVER_HEADER_TAGGER 4
+
+#define MAX_FILTER_TYPES        5
+
+/**
+ * This struct represents one filter (one block) from
+ * the re_filterfile. If there is more than one filter
+ * in the file, the file will be represented by a
+ * chained list of re_filterfile specs.
+ */
+struct re_filterfile_spec
+{
+   char *name;                      /**< Name from FILTER: statement in re_filterfile. */
+   char *description;               /**< Description from FILTER: statement in re_filterfile. */
+   struct list patterns[1];         /**< The patterns from the re_filterfile. */
+   pcrs_job *joblist;               /**< The resulting compiled pcrs_jobs. */
+   int type;                        /**< Filter type (content, client-header, server-header). */
+   int dynamic;                     /**< Set to one if the pattern might contain variables
+                                         and has to be recompiled for every request. */
+   struct re_filterfile_spec *next; /**< The pointer for chaining. */
+};
+
+
+#ifdef FEATURE_ACL
+
+#define ACL_PERMIT   1  /**< Accept connection request */
+#define ACL_DENY     2  /**< Reject connection request */
+
+/**
+ * An IP address pattern.  Used to specify networks in the ACL.
+ */
+struct access_control_addr
+{
+   unsigned long addr;  /**< The IP address as an integer. */
+   unsigned long mask;  /**< The network mask as an integer. */
+   unsigned long port;  /**< The port number. */
+};
+
+/**
+ * An access control list (ACL) entry.
+ *
+ * This is a linked list.
+ */
+struct access_control_list
+{
+   struct access_control_addr src[1];  /**< Client IP address */
+   struct access_control_addr dst[1];  /**< Website or parent proxy IP address */
+
+   short action;                       /**< ACL_PERMIT or ACL_DENY */
+   struct access_control_list *next;   /**< The next entry in the ACL. */
+};
+
+#endif /* def FEATURE_ACL */
+
+
+/** Maximum number of loaders (actions, re_filter, ...) */
+#define NLOADERS 8
+
+
+/** configuration_spec::feature_flags: CGI actions editor. */
+#define RUNTIME_FEATURE_CGI_EDIT_ACTIONS             1U
+
+/** configuration_spec::feature_flags: Web-based toggle. */
+#define RUNTIME_FEATURE_CGI_TOGGLE                   2U
+
+/** configuration_spec::feature_flags: HTTP-header-based toggle. */
+#define RUNTIME_FEATURE_HTTP_TOGGLE                  4U
+
+/** configuration_spec::feature_flags: Split large forms to limit the number of GET arguments. */
+#define RUNTIME_FEATURE_SPLIT_LARGE_FORMS            8U
+
+/** configuration_spec::feature_flags: Check the host header for requests with host-less request lines. */
+#define RUNTIME_FEATURE_ACCEPT_INTERCEPTED_REQUESTS 16U
+
+/** configuration_spec::feature_flags: Don't allow to circumvent blocks with the force prefix. */
+#define RUNTIME_FEATURE_ENFORCE_BLOCKS              32U
+
+/** configuration_spec::feature_flags: Allow to block or redirect CGI requests. */
+#define RUNTIME_FEATURE_CGI_CRUNCHING               64U
+
+/** configuration_spec::feature_flags: Try to keep the connection to the server alive. */
+#define RUNTIME_FEATURE_CONNECTION_KEEP_ALIVE      128U
+
+/**
+ * Data loaded from the configuration file.
+ *
+ * (Anomaly: toggle is still handled through a global, not this structure)
+ */
+struct configuration_spec
+{
+   /** What to log */
+   int debug;
+   
+   /** Nonzero to enable multithreading. */
+   int multi_threaded;
+
+   /**
+    * Bitmask of features that can be enabled/disabled through the config
+    * file.  Currently defined bits:
+    *
+    * - RUNTIME_FEATURE_CGI_EDIT_ACTIONS
+    * - RUNTIME_FEATURE_CGI_TOGGLE
+    * - RUNTIME_FEATURE_HTTP_TOGGLE
+    * - RUNTIME_FEATURE_SPLIT_LARGE_FORMS
+    */
+   unsigned feature_flags;
+
+   /** The log file name. */
+   const char *logfile;
+
+   /** The config file directory. */
+   const char *confdir;
+
+   /** The directory for customized CGI templates. */
+   const char *templdir;
+
+   /** The log file directory. */
+   const char *logdir;
+
+   /** The full paths to the actions files. */
+   const char *actions_file[MAX_AF_FILES];
+
+   /** The short names of the actions files. */
+   const char *actions_file_short[MAX_AF_FILES];
+
+   /** The administrator's email address */
+   char *admin_address;
+
+   /** A URL with info on this proxy */
+   char *proxy_info_url;
+
+   /** URL to the user manual (on our website or local copy) */
+   char *usermanual;
+
+   /** The file names of the pcre filter files. */
+   const char *re_filterfile[MAX_AF_FILES];
+
+   /** The short names of the pcre filter files. */
+   const char *re_filterfile_short[MAX_AF_FILES];
+
+   /** The hostname to show on CGI pages, or NULL to use the real one. */
+   const char *hostname;
+
+   /** IP address to bind to.  Defaults to HADDR_DEFAULT == 127.0.0.1. */
+   const char *haddr;
+
+   /** Port to bind to.  Defaults to HADDR_PORT == 8118. */
+   int         hport;
+
+   /** Size limit for IOB */
+   size_t buffer_limit;
+
+#ifdef FEATURE_TRUST
+
+   /** The file name of the trust file. */
+   const char * trustfile;
+
+   /** FIXME: DOCME: Document this. */
+   struct list trust_info[1];
+
+   /** FIXME: DOCME: Document this. */
+   struct url_spec *trust_list[MAX_TRUSTED_REFERRERS];
+
+#endif /* def FEATURE_TRUST */
+
+#ifdef FEATURE_ACL
+
+   /** The access control list (ACL). */
+   struct access_control_list *acl;
+
+#endif /* def FEATURE_ACL */
+
+   /** Information about parent proxies (forwarding). */
+   struct forward_spec *forward;
+
+   /** Number of retries in case a forwarded connection attempt fails */
+   int         forwarded_connect_retries;
+
+   /* Timeout when waiting on sockets for data to become available. */
+   int socket_timeout;
+
+   /** All options from the config file, HTML-formatted. */
+   char *proxy_args;
+
+   /** The configuration file object. */
+   struct file_list *config_file_list;
+
+   /** List of loaders */
+   int (*loaders[NLOADERS])(struct client_state *);
+
+   /** Nonzero if we need to bind() to the new port. */
+   int need_bind;
+};
+
+/** Calculates the number of elements in an array, using sizeof. */
+#define SZ(X)  (sizeof(X) / sizeof(*X))
+
+#ifdef FEATURE_FORCE_LOAD
+/** The force load URL prefix. */
+#define FORCE_PREFIX "/PRIVOXY-FORCE"
+#endif /* def FEATURE_FORCE_LOAD */
+
+#ifdef FEATURE_NO_GIFS
+/** The MIME type for images ("image/png" or "image/gif"). */
+#define BUILTIN_IMAGE_MIMETYPE "image/png"
+#else
+#define BUILTIN_IMAGE_MIMETYPE "image/gif"
+#endif /* def FEATURE_NO_GIFS */
+
+
+/* 
+ * Hardwired URLs
+ */
+
+/** URL for the Privoxy home page. */
+#define HOME_PAGE_URL     "http://www.privoxy.org/"
+
+/** URL for the Privoxy user manual. */
+#define USER_MANUAL_URL   HOME_PAGE_URL VERSION "/user-manual/"
+
+/** Prefix for actions help links  (append to USER_MANUAL_URL). */
+#define ACTIONS_HELP_PREFIX "actions-file.html#"
+
+/** Prefix for config option help links (append to USER_MANUAL_URL). */
+#define CONFIG_HELP_PREFIX  "config.html#"
+
+/*
+ * The "hosts" to intercept and display CGI pages.
+ * First one is a hostname only, second one can specify host and path.
+ *
+ * Notes:
+ * 1) Do not specify the http: prefix
+ * 2) CGI_SITE_2_PATH must not end with /, one will be added automatically.
+ * 3) CGI_SITE_2_PATH must start with /, unless it is the empty string.
+ */
+#define CGI_SITE_1_HOST "p.p"
+#define CGI_SITE_2_HOST "config.privoxy.org"
+#define CGI_SITE_2_PATH ""
+
+/**
+ * The prefix for CGI pages.  Written out in generated HTML.
+ * INCLUDES the trailing slash.
+ */
+#define CGI_PREFIX  "http://" CGI_SITE_2_HOST CGI_SITE_2_PATH "/"
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef PROJECT_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/regression-tests.action b/external/privoxy/regression-tests.action
new file mode 100644
index 0000000..bf12a31
--- /dev/null
+++ b/external/privoxy/regression-tests.action
@@ -0,0 +1,782 @@
+#############################################################################
+# $Id: regression-tests.action,v 1.22 2009/02/22 15:07:58 fabiankeil Exp $
+#############################################################################
+#
+# This is a configuration file for Privoxy-Regression-Test
+# (included in the source tarball's tools directory).
+#
+# After referencing it in your Privoxy configuration both Privoxy and
+# Privoxy-Regression-Test should be good to go.
+#
+#############################################################################
+#
+# Copyright (c) 2007-2009 Fabian Keil <fk at fabiankeil.de>
+#
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+#############################################################################
+
+{{settings}}
+for-privoxy-version=3.0.11
+
+# Some dependencies Privoxy-Regression-Test should know about:
+#
+# Level  9 needs = config line user-manual\s+(\.?\.?/|[A-Za-z]:)
+# Level 12 needs = config line enable-edit-actions\s+1
+# Level 13 needs = feature status FEATURE_CONNECTION_KEEP_ALIVE Yes
+# Level 14 needs = feature status FEATURE_CONNECTION_KEEP_ALIVE No
+
+#######################################################
+# Enable taggers to activate the tests on demand
+# and suppress hiding the User-Agent for
+# Privoxy-Regression-Test to save log space.
+#######################################################
+{\
+ +client-header-tagger{user-agent} \
+ +client-header-tagger{privoxy-control} \
+ +client-header-filter{privoxy-control} \
+}
+config.privoxy.org/
+p.p/
+127.0.0.1/
+
+{-hide-user-agent}
+TAG:^User-Agent: Privoxy-Regression-Test
+
+#######################################################
+# Test accept-language{}.
+#######################################################
+
+# Set Header    = Accept-Language: de-de
+# Expect Header = Accept-Language: en-gb
+{+hide-accept-language{en-gb}}
+TAG:^hide-accept-language\{en-gb\}$
+
+# Set Header    = Accept-Language: de-de
+# Expect Header = REMOVAL
+{+hide-accept-language{block}}
+TAG:^hide-accept-language\{block\}$
+
+#######################################################
+# Sections for hide-referrer{} to test:
+#
+# 1) conditional-block
+# 2) conditional-forge
+# 3) forge
+# 4) block
+# 5) a parameter that looks like a valid fake referrer 
+# 6) a parameter that looks like an invalid fake referrer
+#######################################################
+
+# Set Header    = Referer: http://www.example.org/foo 
+# Expect Header = REMOVAL
+#
+# Set Header    = Referer: http://p.p/foo
+# Expect Header = NO CHANGE
+#
+# Set Header    = Referer: p.p/
+# Expect Header = REMOVAL
+#
+# Set Header    = Referer: p
+# Expect Header = REMOVAL
+#
+# Set Header    = Referer: http://
+# Expect Header = REMOVAL
+#
+# Set Header    = Referer: https://p.p/
+# Expect Header = REMOVAL
+{+hide-referrer{conditional-block}}
+TAG:^hide-referrer\{conditional-block\}$
+
+# Set Header    = Referer: http://www.example.org/foo 
+# Expect Header = Referer: http://p.p/
+#
+# Set Header    = Referer: http://p.p/foo
+# Expect Header = NO CHANGE
+#
+# Set Header    = Referer: p.p/
+# Expect Header = Referer: http://p.p/
+#
+# Set Header    = Referer: p
+# Expect Header = Referer: http://p.p/
+#
+# Set Header    = Referer: http://
+# Expect Header = Referer: http://p.p/
+#
+# Set Header    = Referer: https://p.p/
+# Expect Header = Referer: http://p.p/
+{+hide-referrer{conditional-forge}}
+TAG:^hide-referrer\{conditional-forge\}$
+
+# Set Header    = Referer: http://www.example.org/foo 
+# Expect Header = Referer: http://p.p/
+{+hide-referrer{forge}}
+TAG:^hide-referrer\{forge\}$
+
+# Set Header    = Referer: http://www.example.org/foo 
+# Expect Header = REMOVAL
+{+hide-referrer{block}}
+TAG:^hide-referrer\{block\}$
+
+# Set Header    = Referer: http://www.example.org/foo 
+# Expect Header = Referer: invalid
+{+hide-referrer{invalid}}
+TAG:^hide-referrer\{invalid\}$
+
+# Set Header    = Referer: http://www.example.org/asdf
+# Expect Header = Referer: http://www.privoxy.org/
+{+hide-referrer{http://www.privoxy.org/}}
+TAG:^hide-referrer\{http://www.privoxy.org/\}$
+
+#{+hide-referrer{}}
+#TAG:^hide-referrer\{\}$
+
+#######################################################
+# Test hide-user-agent{}.
+#######################################################
+
+# Set Header    = User-Agent: Mozilla/5.0 (X11; U; NetBSD i386; de-CH; rv:1.8.1.6) Gecko/20070806 Firefox/2.0.0.6
+# Expect Header = User-Agent: Mozilla/5.0 (X11; U; FreeBSD alpha; en-GB; rv:1.8.1.6) Gecko/20070913 Firefox/2.0.0.6
+{+hide-user-agent{Mozilla/5.0 (X11; U; FreeBSD alpha; en-GB; rv:1.8.1.6) Gecko/20070913 Firefox/2.0.0.6}}
+TAG:^hide-user-agent\{Mozilla/5\.0 \(X11; U; FreeBSD alpha; en-GB; rv:1\.8\.1\.6\) Gecko/20070913 Firefox/2\.0\.0\.6\}$
+
+# XXX: Check the code that is tested here.
+# Set Header = ua-blah: blah
+# Expect Header = REMOVAL
+{+hide-user-agent{block}}
+TAG:^hide-user-agent{block}$
+
+# Set Header = ua-blah: blah
+# Expect Header = NO CHANGE
+{-hide-user-agent{}}
+TAG:^-hide-user-agent{block}$
+
+
+#######################################################
+# Test add-header{}.
+#######################################################
+
+# Set Header    = X-Whatever: foo
+# Expect Header = X-Custom-Header: yes, please
+
+{+add-header{X-Custom-Header: yes, please}}
+TAG:^add-header\{X-Custom-Header: yes, please\}$
+
+#######################################################
+# Test client-header-filter{hide-tor-exit-notation}.
+#######################################################
+
+# Set Header    = Referer: http://p.p.zwiebelsuppe.exit/
+# Expect Header = Referer: http://p.p/
+#
+# Set Header    = Referer: http://p.p.zwiebelsuppe.exit/foo/bar/baaz/
+# Expect Header = Referer: http://p.p/foo/bar/baaz/
+#
+# Set Header    = Referer: http://p.p/
+# Expect Header = NO CHANGE
+#
+# Set Header    = Referer: http://config.privoxy.org.zwiebelsuppe.exit/foo/bar/baaz.html
+# Expect Header = Referer: http://config.privoxy.org/foo/bar/baaz.html
+#
+# Set Header    = Host: p.p.zwiebelsuppe.exit
+# Expect Header = Host: p.p
+#
+# Set Header    = Host: p.p
+# Expect Header = NO CHANGE
+#
+# Set Header    = Referer: http://config.privoxy.org.ad356ef8e87a89e6c898b74500d58607ac691178.exit/foo/baaz.html
+# Expect Header = Referer: http://config.privoxy.org/foo/baaz.html
+
+{+client-header-filter{hide-tor-exit-notation} -hide-referer}
+TAG:^client-header-filter\{hide-tor-exit-notation\}$
+
+#######################################################
+# Test crunch-client-header{}.
+#######################################################
+
+# Set Header    = Content-Type: text/html
+# Expect Header = REMOVAL
+#
+# Set Header    = Content-Type: text/html; charset=4711
+# Expect Header = REMOVAL
+#
+# Set Header    = Content-Type: text/plain
+# Expect Header = NO CHANGE
+
+{+crunch-client-header{text/html}}
+TAG:^crunch-client-header\{text/plain\}$
+
+
+#######################################################
+# Test crunch-if-none-match.
+#######################################################
+
+# Set Header    = If-None-Match: 8987afd239d2093kd2309kd
+# Expect Header = REMOVAL
+
+# Set Header    = If-None-Match: 82c3cb50c984ef11b1fed749949b2a16
+# Expect Header = REMOVAL
+
+# Set Header    = If-Modified-Since: Thu, 04 Oct 2007 09:56:35 GMT
+# Expect Header = NO CHANGE
+
+{+crunch-if-none-match -hide-if-modified-since}
+TAG:^crunch-if-none-match$
+
+#######################################################
+# Test hide-if-modified-since
+#######################################################
+
+# Set Header    = If-Modified-Since: Thu, 04 Oct 2007 09:56:35 GMT
+# Expect Header = REMOVAL
+#
+# Set Header    = If-None-Match: 82c3cb50c984ef11b1fed749949b2a16
+# Expect Header = NO CHANGE
+
+{+hide-if-modified-since{block} -crunch-if-none-match}
+TAG:^hide-if-modified-since\{block\}$
+
+# Set Header    = If-Modified-Since: Gee, this date is invalid
+# Expect Header = REMOVAL
+# Set Header    = If-Modified-Since: Thu, 04 Oct 2007 09:56:35 GMT
+# Expect Header = SOME CHANGE
+
+{+hide-if-modified-since{-60} -crunch-if-none-match}
+TAG:^hide-if-modified-since\{-60\}$
+
+# Set Header    = If-Modified-Since: Gee, this date is invalid
+# Expect Header = REMOVAL
+# Set Header    = If-Modified-Since: Thu, 04 Oct 2007 09:56:35 GMT
+# Expect Header = SOME CHANGE
+
+{+hide-if-modified-since{+60} -crunch-if-none-match}
+TAG:^hide-if-modified-since\{\+60\}$
+
+# Set Header    = If-Modified-Since: Gee, this date is invalid
+# Expect Header = REMOVAL
+# Set Header    = If-Modified-Since: Thu, 04 Oct 2007 09:56:35 GMT
+# Expect Header = SOME CHANGE
+
+{+hide-if-modified-since{60} -crunch-if-none-match}
+TAG:^hide-if-modified-since\{60\}$
+
+# Set Header    = If-Modified-Since: Gee, this date is invalid
+# Expect Header = REMOVAL
+# Set Header    = If-Modified-Since: Thu, 04 Oct 2007 09:56:35 GMT
+# Expect Header = NO CHANGE
+
+{+hide-if-modified-since{+0} -crunch-if-none-match}
+TAG:^hide-if-modified-since\{\+0\}$
+
+# Set Header    = If-Modified-Since: Gee, this date is invalid
+# Expect Header = REMOVAL
+# Set Header    = If-Modified-Since: Thu, 04 Oct 2007 09:56:35 GMT
+# Expect Header = NO CHANGE
+
+{+hide-if-modified-since{-0} -crunch-if-none-match}
+TAG:^hide-if-modified-since\{-0\}$
+
+# Set Header    = If-Modified-Since: Gee, this date is invalid
+# Expect Header = REMOVAL
+# Set Header    = If-Modified-Since: Thu, 04 Oct 2007 09:56:35 GMT
+# Expect Header = NO CHANGE
+
+{+hide-if-modified-since{0} -crunch-if-none-match}
+TAG:^hide-if-modified-since\{0\}$
+
+# Set Header    = If-Modified-Since: Gee, this date is invalid
+# Expect Header = REMOVAL
+# Set Header    = If-Modified-Since: Thu, 04 Oct 2007 09:56:35 GMT
+# Expect Header = NO CHANGE
+
+{+hide-if-modified-since{NaN} -crunch-if-none-match}
+TAG:^hide-if-modified-since\{NaN\}$
+
+
+#######################################################
+# Test crunch-outgoing-cookies
+#######################################################
+
+# Set Header    = If-Modified-Since: Gee, this date is invalid
+# Expect Header = NO CHANGE
+#
+# Set Header    = Cookie: PREF=ID=6cf0abd34262:TM=117335617:LM=1617:S=jZypyJ7LPiwFi1_
+# Expect Header = REMOVAL
+{\
+ +crunch-outgoing-cookies \
+ -crunch-incoming-cookies \
+ -session-cookies-only    \
+ -hide-if-modified-since  \
+}
+TAG:^crunch-outgoing-cookies$
+
+#######################################################
+# Test session-cookies-only
+#
+# XXX: pretty useless as session-cookies-only doesn't
+# affect client headers.
+#######################################################
+
+# Set Header    = Cookie: NSC_gffe-iuuq-mc-wtfswfs=8efb330d3660;expires=Thu, 04-Oct-07 19:11:34 GMT;path=/
+# Expect Header = NO CHANGE
+#
+# Set Header    = Cookie: PREF=ID=6cf0abd34262:TM=117335617:LM=1617:S=jZypyJ7LPiwFi1_
+# Expect Header = NO CHANGE
+{\
+ -crunch-outgoing-cookies \
+ -crunch-incoming-cookies \
+ +session-cookies-only    \
+ -hide-if-modified-since  \
+}
+TAG:^session-cookies-only$
+
+#######################################################
+# Test change-x-forwarded-for
+#######################################################
+
+# Set Header    = X-Forwarded-For: 10.0.0.1
+# Expect Header = NO CHANGE
+{\
+ -change-x-forwarded-for \
+}
+TAG:^-change-x-forwarded-for$
+
+# Set Header    = X-Forwarded-For: 10.0.0.1
+# Expect Header = REMOVAL
+{\
+ +change-x-forwarded-for{block} \
+}
+TAG:^change-x-forwarded-for\{block\}$
+
+# Set Header    = X-Forwarded-For: 10.0.0.1
+# Expect Header = SOME CHANGE
+{\
+ +change-x-forwarded-for{add} \
+}
+TAG:^change-x-forwarded-for\{add\}$
+
+#######################################################
+# Test hide-from-header
+#######################################################
+
+# Set Header    = From: schneewitchen at example.org
+# Expect Header = REMOVAL
+{\
+ +hide-from-header{block}\
+}
+TAG:^hide-from-header\{block\}$
+
+# Set Header    = From: schneewitchen at example.org
+# Expect Header = From: siebenzwerge at example.org
+{\
+ +hide-from-header{siebenzwerge at example.org}\
+}
+TAG:^hide-from-header\{siebenzwerge at example.org\}$
+
+#######################################################
+# Test prevent-compression
+#######################################################
+
+# Set Header    = Accept-Encoding: gzip, deflate
+# Expect Header = REMOVAL
+#
+# Set Header    = Accept-Encoding: gzip
+# Expect Header = REMOVAL
+#
+# Set Header    = Accept-Encoding: deflate
+# Expect Header = REMOVAL
+{\
+ +prevent-compression\
+}
+TAG:^prevent-compression$
+
+#######################################################
+# Test content filters which could cause problems with
+# range requests.
+#######################################################
+
+# Set Header    = Range: bytes=1234-5678
+# Expect Header = REMOVAL
+# Set Header    = If-Range: bytes=1234-5678
+# Expect Header = REMOVAL
+# Set Header    = Request-Range: bytes=1234-5678
+# Expect Header = REMOVAL
+{\
+ +deanimate-gifs{last} \
+ -filter \
+}
+TAG:^deanimate-gifs\{last\}$
+
+# Set Header    = Range: bytes=1234-5678
+# Expect Header = REMOVAL
+# Set Header    = If-Range: bytes=1234-5678
+# Expect Header = REMOVAL
+# Set Header    = Request-Range: bytes=1234-5678
+# Expect Header = REMOVAL
+{\
+ -deanimate-gifs \
+ +filter{banners-by-size} \
+}
+TAG:^filter\{banners-by-size\}$
+
+# Set Header    = Range: bytes=1234-5678
+# Expect Header = NO CHANGE
+# Set Header    = If-Range: bytes=1234-5678
+# Expect Header = NO CHANGE
+# Set Header    = Request-Range: bytes=1234-5678
+# Expect Header = NO CHANGE
+{\
+ -deanimate-gifs \
+ -filter \
+}
+TAG:^no-content-filter$
+
+# Set Header    = Connection: close
+# Expect Header = Connection: keep-alive
+# Level = 13
+# Set Header    = Connection: keep-alive
+# Expect Header = NO CHANGE
+# Level = 13
+# Set Header    = Connection:
+# Expect Header = Connection: keep-alive
+# Level = 13
+{}
+TAG:^Connection: keep-alive$
+
+# Set Header    = Connection: keep-alive
+# Expect Header = Connection: close
+# Level = 14
+# Set Header    = Connection:
+# Expect Header = Connection: close
+# Level = 14
+{}
+TAG:^Connection: close$
+
+# XXX: Removing a header by not specifying a value is
+# an inherited curl feature and could be viewed as a
+# bug as far as Privoxy-Regression-Test is concerned.
+#
+# Set Header    = Host:
+# Expect Header = Host: p.p
+{}
+TAG:^No Host header$
+
+# Set Header    = Host: whatever.example.org
+# Expect Header = NO CHANGE
+{}
+TAG:^Host header other than the target host$
+
+# XXX: check the RFC to use a real value
+# Set Header = Keep-Alive: Yes
+# Expect Header = REMOVAL
+{}
+TAG:^Keep-Alive header removal$
+
+# XXX: check the RFC to use a real value
+# Set Header = proxy-connection: keep-alive
+# Expect Header = REMOVAL
+{}
+TAG:^Proxy-Connection removal$
+
+# Set Header = Proxy-Connection: keep-alive
+# Expect Header = REMOVAL
+{}
+TAG:^Proxy-Connection removal$
+
+# These are somewhat redundant when testing with
+# GET requests, but I want to remember then when
+# TRACE requests are supported.
+#
+# Set Header = Max-Forwards: 0
+# Expect Header = NO CHANGE
+# Set Header = Max-Forwards: 1
+# Expect Header = NO CHANGE
+# Set Header = Max-Forwards: -1
+# Expect Header = NO CHANGE
+# Set Header = Max-Forwards: 3
+# Expect Header = NO CHANGE
+{}
+TAG:^Max-Forwards header without TRACE method$
+
+################################################################
+#
+# Fairly dumb tests for Privoxy CGI pages.
+#
+# These are mainly useful for checking for memory leaks
+# with Valgrind or whether or not the user manual is installed
+# correctly and are unlikely to actually detect any
+#
+# Note that if "Expect Status Code" is missing, 200 is implied.
+#
+################################################################
+
+# Fetch Test = http://p.p/
+# Will fail if compiled with FEATURE_GRACEFUL_TERMINATION
+# Fetch Test = http://p.p/die
+# Expect Status Code = 404
+# Fetch Test = http://p.p/show-status
+# Fetch Test = http://config.privoxy.org/show-status?file=actions&index=0
+# Fetch Test = http://config.privoxy.org/show-status?file=filter&index=0
+# XXX: for the invalid ones we probably shouldn't return status code 200.
+# Fetch Test = http://config.privoxy.org/show-status?file=actions&index=100
+# Fetch Test = http://config.privoxy.org/show-status?file=actions&index=NaN
+# Fetch Test = http://config.privoxy.org/show-status?file=actions
+# Fetch Test = http://config.privoxy.org/show-status?file=filter&index=100
+# Fetch Test = http://config.privoxy.org/show-status?file=filter&index=NaN
+# Fetch Test = http://config.privoxy.org/show-status?file=filter
+# Fetch Test = http://config.privoxy.org/show-status?file=invalid
+# Fetch Test = http://config.privoxy.org/show-status?file=trust
+# Fetch Test = http://p.p/show-version
+# Fetch Test = http://p.p/show-request
+# Fetch Test = http://p.p/show-url-info
+# Fetch Test = http://p.p/show-url-info?url=www.privoxy.org%2F
+# Fetch Test = http://p.p/show-url-info?url=http:%2F%2Fwww.privoxy.org%2F
+# Fetch Test = http://p.p/show-url-info?url=HTTp:%2F%2Fwww.privoxy.org%2F
+# Fetch Test = http://p.p/show-url-info?url=https:%2F%2Fwww.privoxy.org%2F
+# Fetch Test = http://p.p/show-url-info?url=HtTps:%2F%2Fwww.privoxy.org%2F
+# Fetch Test = http://p.p/show-url-info?url=ftp:%2F%2Fwww.privoxy.org%2F
+# Fetch Test = http://p.p/show-url-info?url=FTp:%2F%2Fwww.privoxy.org%2F
+# Fetch Test = http://p.p/show-url-info?url=
+# Fetch Test = http://p.p/show-url-info?url=%2F
+# Fetch Test = http://p.p/toggle
+# Fetch Test = http://p.p/edit-actions
+# Fetch Test = http://p.p/eaa
+# Fetch Test = http://p.p/eau
+# Fetch Test = http://p.p/ear
+# Fetch Test = http://p.p/eal
+# Fetch Test = http://p.p/eafu
+# Fetch Test = http://p.p/eas
+# Fetch Test = http://p.p/easa
+# Fetch Test = http://p.p/easr
+# Fetch Test = http://p.p/eass
+# Fetch Test = http://p.p/edit-actions-for-url
+# Fetch Test = http://p.p/edit-actions-list
+# Fetch Test = http://p.p/edit-actions-submit
+# Fetch Test = http://p.p/edit-actions-url
+# Fetch Test = http://p.p/edit-actions-url-form
+# Fetch Test = http://p.p/edit-actions-add-url
+# Fetch Test = http://p.p/edit-actions-add-url-form
+# Fetch Test = http://p.p/edit-actions-remove-url
+# Fetch Test = http://p.p/edit-actions-remove-url-form
+# Fetch Test = http://p.p/edit-actions-section-add
+# Fetch Test = http://p.p/edit-actions-section-remove
+# Fetch Test = http://p.p/edit-actions-section-swap
+# Fetch Test = http://p.p/error-favicon.ico
+# Fetch Test = http://p.p/favicon.ico
+# Fetch Test = http://p.p/robots.txt
+# Fetch Test = http://p.p/send-banner
+# Fetch Test = http://p.p/send-stylesheet
+# Fetch Test = http://p.p/t
+# Fetch Test = http://p.p/url-info-osd.xml
+
+# Trusted CGI Request = http://p.p/edit-actions
+# Expect Status Code = 302
+# Level = 12 # Depends on the CGI editor being enabled
+# Fetch Test = http://p.p/does-not-exist
+# Expect Status Code = 404
+# Trusted CGI Request = http://p.p/eaa
+# Trusted CGI Request = http://p.p/eau
+# Trusted CGI Request = http://p.p/ear
+# Trusted CGI Request = http://p.p/eal
+# Trusted CGI Request = http://p.p/eafu
+# Trusted CGI Request = http://p.p/eas
+# Trusted CGI Request = http://p.p/easa
+# Trusted CGI Request = http://p.p/easr
+# Trusted CGI Request = http://p.p/eass
+# Trusted CGI Request = http://p.p/edit-actions-for-url
+# Trusted CGI Request = http://p.p/edit-actions-list
+# Trusted CGI Request = http://p.p/edit-actions-submit
+# Trusted CGI Request = http://p.p/edit-actions-url
+# Trusted CGI Request = http://p.p/edit-actions-url-form
+# Trusted CGI Request = http://p.p/edit-actions-add-url
+# Trusted CGI Request = http://p.p/edit-actions-add-url-form
+# Trusted CGI Request = http://p.p/edit-actions-remove-url
+# Trusted CGI Request = http://p.p/edit-actions-remove-url-form
+# Trusted CGI Request = http://p.p/edit-actions-section-add
+# Trusted CGI Request = http://p.p/edit-actions-section-remove
+# Trusted CGI Request = http://p.p/edit-actions-section-swap
+# Trusted CGI Request = http://p.p/send-stylesheet
+
+# The following tests depend on Privoxy being configured to deliver the user manual
+
+# Fetch Test = http://p.p/user-manual
+# Expect Status Code = 302
+# Level = 9
+# Fetch Test = http://p.p/user-manual/
+# Level = 9
+# Fetch Test = http://p.p/user-manual/actions-file.html
+# Level = 9
+# Fetch Test = http://p.p/user-manual/appendix.html
+# Level = 9
+# Fetch Test = http://p.p/user-manual/config.html
+# Level = 9
+# Fetch Test = http://p.p/user-manual/configuration.html
+# Level = 9
+# Fetch Test = http://p.p/user-manual/contact.html
+# Level = 9
+# Fetch Test = http://p.p/user-manual/copyright.html
+# Level = 9
+# Fetch Test = http://p.p/user-manual/files-in-use.jpg
+# Level = 9
+# Fetch Test = http://p.p/user-manual/filter-file.html
+# Level = 9
+# Fetch Test = http://p.p/user-manual/index.html
+# Level = 9
+# Fetch Test = http://p.p/user-manual/installation.html
+# Level = 9
+# Fetch Test = http://p.p/user-manual/introduction.html
+# Level = 9
+# Fetch Test = http://p.p/user-manual/p_doc.css
+# Level = 9
+# Fetch Test = http://p.p/user-manual/proxy2.jpg
+# Level = 9
+# Fetch Test = http://p.p/user-manual/proxy_setup.jpg
+# Level = 9
+# Fetch Test = http://p.p/user-manual/quickstart.html
+# Level = 9
+# Fetch Test = http://p.p/user-manual/seealso.html
+# Level = 9
+# Fetch Test = http://p.p/user-manual/startup.html
+# Level = 9
+# Fetch Test = http://p.p/user-manual/templates.html
+# Level = 9
+# Fetch Test = http://p.p/user-manual/upgradersnote.html
+# Level = 9
+# Fetch Test = http://p.p/user-manual/whatsnew.html
+# Level = 9
+
+
+# Method Test = OPTIONS
+# Method Test = GET
+# Method Test = get
+# Method Test = gEt
+# Method Test = HEAD
+# Method Test = POST
+# Method Test = PUT
+# Method Test = DELETE
+# Method Test = OPTIONS
+# Method Test = TRACE
+# Method Test = CONNECT
+# Method Test = PROPFIND
+# Method Test = PROPPATCH
+# Method Test = MOVE
+# Method Test = COPY
+# Method Test = MKCOL
+# Method Test = LOCK
+# Method Test = UNLOCK
+# Method Test = BCOPY
+# Method Test = BMOVE
+# Method Test = BDELETE
+# Method Test = BPROPFIND
+# Method Test = BPROPPATCH
+# Method Test = SUBSCRIBE
+# Method Test = UNSUBSCRIBE
+# Method Test = NOTIFY
+# Method Test = POLL
+# Method Test = VERSION-CONTROL
+# Method Test = REPORT
+# Method Test = CHECKOUT
+# Method Test = CHECKIN
+# Method Test = UNCHECKOUT
+# Method Test = MKWORKSPACE
+# Method Test = UPDATE
+# Method Test = LABEL
+# Method Test = MERGE
+# Method Test = BASELINE-CONTROL
+# Method Test = MKACTIVITY
+# Method Test = PRIVOXY-REGRESSION-TEST-IN-THE-HOUSE
+# Expect Status Code = 400
+
+{+block{Forbidden Port. You are not supposed to see this.}}
+config.privoxy.org:1-/
+p.p:1-/
+
+{-block}
+config.privoxy.org:3,79-81/
+p.p:3,22,79-81/
+
+# Fetch Test = http://oh-dear-this-hostname-is-so-very-long-that-it-can-not-possibly-be-forwarded-through-socks5-as-a-result-we-therefore-expect-privoxy-to-return-an-error-response-instead-of-forwarding-the-request-because-as-already-mentioned-this-host-is-really-very-long.example
+# Expect Status Code = 503
+{+forward-override{forward-socks5 127.0.0.1:12345 .}}
+oh-dear-this-hostname-is-so-very-long-that-it-can-not-possibly-be-forwarded-through-socks5-as-a-result-we-therefore-expect-privoxy-to-return-an-error-response-instead-of-forwarding-the-request-because-as-already-mentioned-this-host-is-really-very-long.example/
+
+# Fetch Test = http://oh-dear-this-hostname-is-short-enough-but-there-is-no-socks-server-listening.example
+# Expect Status Code = 503
+{+forward-override{forward-socks5 127.0.0.1:12345 .}}
+oh-dear-this-hostname-is-short-enough-but-there-is-no-socks-server-listening.example
+
+# This one currently triggers the same error condition as the
+# test above (socks5 server unreachable), but once Privoxy
+# starts to properly reject invalid ports it should become useful.
+
+# Fetch Test = http://invalid-forward5-gateway-port.example
+# Expect Status Code = 503
+{+forward-override{forward-socks5 127.0.0.1:-1 127.0.0.1:12345}}
+invalid-forward5-gateway-port.example
+
+# Fetch Test = http://forward5-null-gateway-host.example
+# Expect Status Code = 503
+{+forward-override{forward-socks5 :12345 127.0.0.1:12345}}
+forward5-null-gateway-host.example
+
+# Fetch Test = http://www.forbidden-connect.example:444/
+# Method = CONNECT
+# Expect Status Code = 403
+{+limit-connect{443}}
+www.forbidden-connect.example/
+
+# Fetch Test = http://www.blocked-request.example/blocked-request
+# Expect Status Code = 403
+{+block{This request failed to make it to the target destination which means the test succeeded.}}
+www.blocked-request.example/blocked-request
+
+# Fetch Test = http://www.blocked-request.example/blocked-request-with-no-reason-specified
+# Expect Status Code = 403
+{+block}
+www.blocked-request.example/blocked-request-with-no-reason-specified
+
+# Some domain pattern tests
+#
+{+block{domain pattern test}}
+# Blocked URL = http://domain-pattern-test.example/
+# Blocked URL = http://domain-pattern-test.example.org/
+domain-pattern-test.example.
+
+# Just in case there is no white-space fuzzer in the house ...
+#
+# Set Header = X-LWS-Test: no superfluous white space here
+# Expect Header = NO CHANGE
+# Set Header = X-LWS-Test:  superfluous   white space  in  the   house
+# Expect Header = X-LWS-Test: superfluous white space in the house
+# Set Header = X-LWS-Test   :  superfluous   white   space   in   the    house
+# Expect Header = X-LWS-Test: superfluous white space in the house
+# Set Header = X-LWS-Test:  :superfluous white space in the house
+# Expect Header = X-LWS-Test: :superfluous white space in the house
+# Set Header = X-LWS-Test: :no superfluous white space here
+# Expect Header = NO CHANGE
+# Set Header = X-LWS-Test:	superfluous 		white 			tabs in the house
+# Expect Header = X-LWS-Test: superfluous white tabs in the house
+# Set Header = X-LWS-Test	:	superfluous 		white 			tabs in the house
+# Expect Header = X-LWS-Test: superfluous white tabs in the house
+# Set Header = X-LWS-Test: "leave  quoted  lws alone"
+# Expect Header = X-LWS-Test: "leave  quoted  lws alone"
+# Set Header = X-LWS-Test:  "leave  quoted  lws alone"  thxbye
+# Expect Header = X-LWS-Test: "leave  quoted  lws alone" thxbye
+# Set Header = X-LWS-Test: " Do I Look like	quoted  text? Me    thinks  not.
+# Expect Header = X-LWS-Test: " Do I Look like quoted text? Me thinks not.
+# Set Header = X-LWS-Test: "This  is  quoted" this  is  not "but   this  is  again"
+# Expect Header = X-LWS-Test: "This  is  quoted" this is not "but   this  is  again"
+# Set Header = X-LWS-Test:  "This  is  quoted" this   is  not "this  is  "  but  "  this again   is  not
+# Expect Header = X-LWS-Test: "This  is  quoted" this is not "this  is  " but " this again is not
+{}
+TAG:^LWS Tests$
diff --git a/external/privoxy/slackware/rc.privoxy.orig b/external/privoxy/slackware/rc.privoxy.orig
new file mode 100644
index 0000000..cbd0db5
--- /dev/null
+++ b/external/privoxy/slackware/rc.privoxy.orig
@@ -0,0 +1,109 @@
+#!/bin/sh
+#  ********************************************************************
+#  This script uses exit to return proper error codes,
+#  sourcing (. /path/to/rc.privoxy) it in your system's
+#  rc files is a bad idea.
+#  ********************************************************************
+
+RETVAL=1
+
+PRIVOXY_PRG="%PROGRAM%"
+PRIVOXY_BIN="%SBIN_DEST%/$PRIVOXY_PRG"
+PRIVOXY_CONF="%CONF_DEST%/config"
+PRIVOXY_USER="%USER%"
+PRIVOXY_GROUP="%GROUP%"
+PRIVOXY_PID="/var/run/$PRIVOXY_PRG.pid"
+
+declare -i check
+check=(`/bin/ps -e|/bin/grep $PRIVOXY_PRG|/usr/bin/wc -l`)
+
+# some checks for us
+if [ ! -x $PRIVOXY_BIN  ] ; then exit 0 ;fi
+if [ ! -f $PRIVOXY_CONF ] ; then exit 0 ;fi
+
+# See how we were called.
+
+PRIVOXY="$PRIVOXY_BIN --user $PRIVOXY_USER.$PRIVOXY_GROUP --pidfile $PRIVOXY_PID $PRIVOXY_CONF"
+
+start () {
+	# start daemon
+	echo -n $"Starting $PRIVOXY_PRG: "
+
+	if [ ! -f $PRIVOXY_PID ]; then
+		( $PRIVOXY 2>/dev/tty9 ) \
+			&& echo " OK" \
+			&& /bin/touch /var/lock/$PRIVOXY_PRG \
+			&& RETVAL=0
+	elif [ $check -lt 3 ]; then 
+	        echo "Zombie lock file found"
+	        /bin/rm -f /var/lock/$PRIVOXY_PRG $PRIVOXY_PID
+		echo "Retrying..."
+		start
+	else
+		echo "Already running"
+	fi
+	echo
+}
+
+stop () {
+	# stop daemon
+	echo -n $"Stopping $PRIVOXY_PRG: "
+	if [ -f $PRIVOXY_PID ]; then
+		/bin/kill `/bin/cat $PRIVOXY_PID` \
+			&& /bin/rm -f /var/lock/$PRIVOXY_PRG $PRIVOXY_PID \
+			&& echo " OK" \
+			&& RETVAL=0
+		echo
+	else
+		echo " Not Running"
+	fi
+}
+
+case "$1" in
+  start)
+	start	
+	;;
+  stop)
+	stop	
+	;;
+  reload)
+	if [ -f $PRIVOXY_PID ] ; then
+                /bin/kill -HUP `cat $PRIVOXY_PID` \
+			&& RETVAL=0
+        fi
+	;;
+  restart)
+	stop 
+	start
+	;;
+  kill)
+	echo "Kill all Privoxy"
+	/bin/rm -f /var/lock/$PRIVOXY_PRG $PRIVOXY_PID 
+	/bin/killall $PRIVOXY
+	;;
+  condrestart)
+	# restart only if already running
+	if [ -f $PRIVOXY_PID ] ; then
+		stop
+		start
+	fi 
+	;;
+  status)
+	/bin/ps ax|/bin/grep $PRIVOXY_PRG|/bin/grep -v 'grep\|init\.d\|rc\.d'
+	RETVAL=0
+	;;
+  top)
+	if [ -f $PRIVOXY_PID ]; then
+                a=""
+                for i in `/sbin/pidof $PRIVOXY_PRG` ; do
+                        a="$a -p $i"
+                done
+                /usr/bin/top $a
+        fi
+	;;
+  *)
+	echo $"Usage: $PRIVOXY_PRG {start|stop|reload|restart|condrestart|status|top|kill}"
+	exit 1
+esac
+
+exit $RETVAL
diff --git a/external/privoxy/ssplit.c b/external/privoxy/ssplit.c
new file mode 100644
index 0000000..d916286
--- /dev/null
+++ b/external/privoxy/ssplit.c
@@ -0,0 +1,218 @@
+const char ssplit_rcs[] = "$Id: ssplit.c,v 1.9 2007/11/03 14:35:45 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/ssplit.c,v $
+ *
+ * Purpose     :  A function to split a string at specified delimiters.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: ssplit.c,v $
+ *    Revision 1.9  2007/11/03 14:35:45  fabiankeil
+ *    Fix spelling in Purpose line. Patch submitted by Simon Ruderich.
+ *
+ *    Revision 1.8  2006/07/18 14:48:47  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.6  2002/03/26 22:29:55  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.5  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.4  2001/11/13 00:16:38  jongfoster
+ *    Replacing references to malloc.h with the standard stdlib.h
+ *    (See ANSI or K&R 2nd Ed)
+ *
+ *    Revision 1.3  2001/05/29 08:54:25  jongfoster
+ *    Rewrote the innards of ssplit() to be easier to understand,
+ *    faster, and to use less memory.  Didn't change the interface
+ *    except to give the parameters meaningful names.
+ *
+ *    Revision 1.2  2001/05/17 23:01:01  oes
+ *     - Cleaned CRLF's from the sources and related files
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:59:04  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+#include <string.h>
+#include <stdlib.h>
+
+#include "ssplit.h"
+#include "miscutil.h"
+
+const char ssplit_h_rcs[] = SSPLIT_H_VERSION;
+
+/* Define this for lots of debugging information to stdout */
+#undef SSPLIT_VERBOSE
+/* #define SSPLIT_VERBOSE 1 */
+
+
+/*********************************************************************
+ *
+ * Function    :  ssplit
+ *
+ * Description :  Split a string using delimiters in `delim'.  Results
+ *                go into `vec'.
+ *
+ * Parameters  :
+ *          1  :  str = string to split.  Will be split in place
+ *                (i.e. do not free until you've finished with vec,
+ *                previous contents will be trashed by the call).
+ *          2  :  delim = array of delimiters (if NULL, uses " \t").
+ *          3  :  vec[] = results vector (aka. array) [out]
+ *          4  :  vec_len = number of usable slots in the vector (aka. array size)
+ *          5  :  dont_save_empty_fields = zero if consecutive delimiters
+ *                give a null output field(s), nonzero if they are just 
+ *                to be considered as single delimeter
+ *          6  :  ignore_leading = nonzero to ignore leading field
+ *                separators.
+ *
+ * Returns     :  -1 => Error: vec_len is too small to hold all the 
+ *                      data, or str == NULL.
+ *                >=0 => the number of fields put in `vec'.
+ *                On error, vec and str may still have been overwritten.
+ *
+ *********************************************************************/
+int ssplit(char *str, const char *delim, char *vec[], int vec_len, 
+           int dont_save_empty_fields, int ignore_leading)
+{
+   unsigned char is_delim[256];
+   unsigned char char_type;
+   int vec_count = 0;
+
+   if (!str)
+   {
+      return(-1);
+   }
+
+
+   /* Build is_delim array */
+
+   memset(is_delim, '\0', sizeof(is_delim));
+
+   if (!delim)
+   {
+      delim = " \t";  /* default field separators */
+   }
+
+   while (*delim)
+   {
+      is_delim[(unsigned)(unsigned char)*delim++] = 1;   /* separator  */
+   }
+
+   is_delim[(unsigned)(unsigned char)'\0'] = 2;   /* terminator */
+   is_delim[(unsigned)(unsigned char)'\n'] = 2;   /* terminator */
+
+
+   /* Parse string */
+
+   if (ignore_leading)
+   {
+      /* skip leading separators */
+      while (is_delim[(unsigned)(unsigned char)*str] == 1)
+      {
+         str++;
+      }
+   }
+
+   /* first pointer is the beginning of string */
+   /* Check if we want to save this field */
+   if ( (!dont_save_empty_fields)
+     || (is_delim[(unsigned)(unsigned char)*str] == 0) )
+      {
+      /*
+       * We want empty fields, or the first character in this 
+       * field is not a delimiter or the end of string.
+       * So save it.
+       */
+      if (vec_count >= vec_len)
+      {
+         return(-1); /* overflow */
+      }
+      vec[vec_count++] = (char *) str;   
+   }
+
+   while ((char_type = is_delim[(unsigned)(unsigned char)*str]) != 2)
+   {
+      if (char_type == 1)    
+      {
+         /* the char is a separator */
+
+         /* null terminate the substring */
+         *str++ = '\0';      
+
+         /* Check if we want to save this field */
+         if ( (!dont_save_empty_fields)
+           || (is_delim[(unsigned)(unsigned char)*str] == 0) )
+            {
+            /*
+             * We want empty fields, or the first character in this 
+             * field is not a delimiter or the end of string.
+             * So save it.
+             */
+            if (vec_count >= vec_len)
+            {
+               return(-1); /* overflow */
+            }
+            vec[vec_count++] = (char *) str;   
+         }
+      }
+      else
+      {
+         str++;
+      }
+   }
+   *str = '\0';     /* null terminate the substring */
+
+#ifdef SSPLIT_VERBOSE
+   {
+      int i;
+      printf("dump %d strings\n", vec_count);
+      for (i = 0; i < vec_count; i++)
+      {
+         printf("%d '%s'\n", i, vec[i]);
+      }
+   }
+#endif /* def SSPLIT_VERBOSE */
+
+   return(vec_count);
+}
+
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/ssplit.h b/external/privoxy/ssplit.h
new file mode 100644
index 0000000..3e9b991
--- /dev/null
+++ b/external/privoxy/ssplit.h
@@ -0,0 +1,84 @@
+#ifndef SSPLIT_H_INCLUDED
+#define SSPLIT_H_INCLUDED
+#define SSPLIT_H_VERSION "$Id: ssplit.h,v 1.7 2006/07/18 14:48:47 david__schmidt Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/ssplit.h,v $
+ *
+ * Purpose     :  A function to split a string at specified deliminters.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: ssplit.h,v $
+ *    Revision 1.7  2006/07/18 14:48:47  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.5  2002/03/26 22:29:55  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.4  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.3  2001/07/29 18:43:08  jongfoster
+ *    Changing #ifdef _FILENAME_H to FILENAME_H_INCLUDED, to conform to
+ *    ANSI C rules.
+ *
+ *    Revision 1.2  2001/05/29 08:54:25  jongfoster
+ *    Rewrote the innards of ssplit() to be easier to understand,
+ *    faster, and to use less memory.  Didn't change the interface
+ *    except to give the parameters meaningful names.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:59:04  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+extern int ssplit(char *str, const char *delim, char *vec[], int vec_len, 
+                  int dont_save_empty_fields, int ignore_leading);
+
+/* Revision control strings from this header and associated .c file */
+extern const char ssplit_rcs[];
+extern const char ssplit_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef SSPLIT_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/strptime.h b/external/privoxy/strptime.h
new file mode 100644
index 0000000..63ffe57
--- /dev/null
+++ b/external/privoxy/strptime.h
@@ -0,0 +1,1003 @@
+/* Convert a string representation of time to a time value.
+   Copyright (C) 1996, 1997, 1998, 1999, 2000 Free Software Foundation, Inc.
+   This file is part of the GNU C Library.
+   Contributed by Ulrich Drepper <drepper at cygnus.com>, 1996.
+
+   The GNU C Library is free software; you can redistribute it and/or
+   modify it under the terms of the GNU Library General Public License as
+   published by the Free Software Foundation; either version 2 of the
+   License, or (at your option) any later version.
+
+   The GNU C Library is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+   Library General Public License for more details.
+
+   You should have received a copy of the GNU Library General Public
+   License along with the GNU C Library; see the file COPYING.LIB.  If not,
+   write to the Free Software Foundation, Inc., 59 Temple Place - Suite 330,
+   Boston, MA 02111-1307, USA.  */
+
+/* XXX This version of the implementation is not really complete.
+   Some of the fields cannot add information alone.  But if seeing
+   some of them in the same format (such as year, week and weekday)
+   this is enough information for determining the date.  */
+
+#ifdef HAVE_CONFIG_H
+# include "config.h"
+#endif
+
+#include <ctype.h>
+#include <limits.h>
+#include <string.h>
+#include <time.h>
+
+#ifdef _LIBC
+# include "../locale/localeinfo.h"
+#endif
+
+
+#ifndef __P
+# if defined (__GNUC__) || (defined (__STDC__) && __STDC__)
+#  define __P(args) args
+# else
+#  define __P(args) ()
+# endif  /* GCC.  */
+#endif  /* Not __P.  */
+
+#if ! HAVE_LOCALTIME_R && ! defined localtime_r
+# ifdef _LIBC
+#  define localtime_r __localtime_r
+# else
+/* Approximate localtime_r as best we can in its absence.  */
+#  define localtime_r my_localtime_r
+static struct tm *localtime_r __P ((const time_t *, struct tm *));
+static struct tm *
+localtime_r (t, tp)
+     const time_t *t;
+     struct tm *tp;
+{
+  struct tm *l = localtime (t);
+  if (! l)
+    return 0;
+  *tp = *l;
+  return tp;
+}
+# endif /* ! _LIBC */
+#endif /* ! HAVE_LOCALTIME_R && ! defined (localtime_r) */
+
+
+#define match_char(ch1, ch2) if (ch1 != ch2) return NULL
+#if defined __GNUC__ && __GNUC__ >= 2
+# define match_string(cs1, s2) \
+  ({ size_t len = strlen (cs1);						      \
+     int result = strncasecmp ((cs1), (s2), len) == 0;			      \
+     if (result) (s2) += len;						      \
+     result; })
+#else
+/* Oh come on.  Get a reasonable compiler.  */
+# define match_string(cs1, s2) \
+  (strncasecmp ((cs1), (s2), strlen (cs1)) ? 0 : ((s2) += strlen (cs1), 1))
+#endif
+/* We intentionally do not use isdigit() for testing because this will
+   lead to problems with the wide character version.  */
+#define get_number(from, to, n) \
+  do {									      \
+    int __n = n;							      \
+    val = 0;								      \
+    while (*rp == ' ')							      \
+      ++rp;								      \
+    if (*rp < '0' || *rp > '9')						      \
+      return NULL;							      \
+    do {								      \
+      val *= 10;							      \
+      val += *rp++ - '0';						      \
+    } while (--__n > 0 && val * 10 <= to && *rp >= '0' && *rp <= '9');	      \
+    if (val < from || val > to)						      \
+      return NULL;							      \
+  } while (0)
+#ifdef _NL_CURRENT
+# define get_alt_number(from, to, n) \
+  ({									      \
+    __label__ do_normal;						      \
+    if (*decided != raw)						      \
+      {									      \
+	const char *alts = _NL_CURRENT (LC_TIME, ALT_DIGITS);		      \
+	int __n = n;							      \
+	int any = 0;							      \
+	while (*rp == ' ')						      \
+	  ++rp;								      \
+	val = 0;							      \
+	do {								      \
+	  val *= 10;							      \
+	  while (*alts != '\0')						      \
+	    {								      \
+	      size_t len = strlen (alts);				      \
+	      if (strncasecmp (alts, rp, len) == 0)			      \
+	        break;							      \
+	      alts += len + 1;						      \
+	      ++val;							      \
+	    }								      \
+	  if (*alts == '\0')						      \
+	    {								      \
+	      if (*decided == not && ! any)				      \
+		goto do_normal;						      \
+	      /* If we haven't read anything it's an error.  */		      \
+	      if (! any)						      \
+		return NULL;						      \
+	      /* Correct the premature multiplication.  */		      \
+	      val /= 10;						      \
+	      break;							      \
+	    }								      \
+	  else								      \
+	    *decided = loc;						      \
+	} while (--__n > 0 && val * 10 <= to);				      \
+	if (val < from || val > to)					      \
+	  return NULL;							      \
+      }									      \
+    else								      \
+      {									      \
+       do_normal:							      \
+        get_number (from, to, n);					      \
+      }									      \
+    0;									      \
+  })
+#else
+# define get_alt_number(from, to, n) \
+  /* We don't have the alternate representation.  */			      \
+  get_number(from, to, n)
+#endif
+#define recursive(new_fmt) \
+  (*(new_fmt) != '\0'							      \
+   && (rp = strptime_internal (rp, (new_fmt), tm, decided, era_cnt)) != NULL)
+
+
+#ifdef _LIBC
+/* This is defined in locale/C-time.c in the GNU libc.  */
+extern const struct locale_data _nl_C_LC_TIME;
+extern const unsigned short int __mon_yday[2][13];
+
+# define weekday_name (&_nl_C_LC_TIME.values[_NL_ITEM_INDEX (DAY_1)].string)
+# define ab_weekday_name \
+  (&_nl_C_LC_TIME.values[_NL_ITEM_INDEX (ABDAY_1)].string)
+# define month_name (&_nl_C_LC_TIME.values[_NL_ITEM_INDEX (MON_1)].string)
+# define ab_month_name (&_nl_C_LC_TIME.values[_NL_ITEM_INDEX (ABMON_1)].string)
+# define HERE_D_T_FMT (_nl_C_LC_TIME.values[_NL_ITEM_INDEX (D_T_FMT)].string)
+# define HERE_D_FMT (_nl_C_LC_TIME.values[_NL_ITEM_INDEX (D_FMT)].string)
+# define HERE_AM_STR (_nl_C_LC_TIME.values[_NL_ITEM_INDEX (AM_STR)].string)
+# define HERE_PM_STR (_nl_C_LC_TIME.values[_NL_ITEM_INDEX (PM_STR)].string)
+# define HERE_T_FMT_AMPM \
+  (_nl_C_LC_TIME.values[_NL_ITEM_INDEX (T_FMT_AMPM)].string)
+# define HERE_T_FMT (_nl_C_LC_TIME.values[_NL_ITEM_INDEX (T_FMT)].string)
+
+# define strncasecmp(s1, s2, n) __strncasecmp (s1, s2, n)
+#else
+static char const weekday_name[][10] =
+  {
+    "Sunday", "Monday", "Tuesday", "Wednesday",
+    "Thursday", "Friday", "Saturday"
+  };
+static char const ab_weekday_name[][4] =
+  {
+    "Sun", "Mon", "Tue", "Wed", "Thu", "Fri", "Sat"
+  };
+static char const month_name[][10] =
+  {
+    "January", "February", "March", "April", "May", "June",
+    "July", "August", "September", "October", "November", "December"
+  };
+static char const ab_month_name[][4] =
+  {
+    "Jan", "Feb", "Mar", "Apr", "May", "Jun",
+    "Jul", "Aug", "Sep", "Oct", "Nov", "Dec"
+  };
+# define HERE_D_T_FMT "%a %b %e %H:%M:%S %Y"
+# define HERE_D_FMT "%m/%d/%y"
+# define HERE_AM_STR "AM"
+# define HERE_PM_STR "PM"
+# define HERE_T_FMT_AMPM "%I:%M:%S %p"
+# define HERE_T_FMT "%H:%M:%S"
+
+const unsigned short int __mon_yday[2][13] =
+  {
+    /* Normal years.  */
+    { 0, 31, 59, 90, 120, 151, 181, 212, 243, 273, 304, 334, 365 },
+    /* Leap years.  */
+    { 0, 31, 60, 91, 121, 152, 182, 213, 244, 274, 305, 335, 366 }
+  };
+#endif
+
+/* Status of lookup: do we use the locale data or the raw data?  */
+enum locale_status { not, loc, raw };
+
+
+#ifndef __isleap
+/* Nonzero if YEAR is a leap year (every 4 years,
+   except every 100th isn't, and every 400th is).  */
+# define __isleap(year)	\
+  ((year) % 4 == 0 && ((year) % 100 != 0 || (year) % 400 == 0))
+#endif
+
+/* Compute the day of the week.  */
+static void
+day_of_the_week (struct tm *tm)
+{
+  /* We know that January 1st 1970 was a Thursday (= 4).  Compute the
+     the difference between this data in the one on TM and so determine
+     the weekday.  */
+  int corr_year = 1900 + tm->tm_year - (tm->tm_mon < 2);
+  int wday = (-473
+	      + (365 * (tm->tm_year - 70))
+	      + (corr_year / 4)
+	      - ((corr_year / 4) / 25) + ((corr_year / 4) % 25 < 0)
+	      + (((corr_year / 4) / 25) / 4)
+	      + __mon_yday[0][tm->tm_mon]
+	      + tm->tm_mday - 1);
+  tm->tm_wday = ((wday % 7) + 7) % 7;
+}
+
+/* Compute the day of the year.  */
+static void
+day_of_the_year (struct tm *tm)
+{
+  tm->tm_yday = (__mon_yday[__isleap (1900 + tm->tm_year)][tm->tm_mon]
+		 + (tm->tm_mday - 1));
+}
+
+static char *
+#ifdef _LIBC
+internal_function
+#endif
+strptime_internal __P ((const char *rp, const char *fmt, struct tm *tm,
+			enum locale_status *decided, int era_cnt));
+
+static char *
+#ifdef _LIBC
+internal_function
+#endif
+strptime_internal (rp, fmt, tm, decided, era_cnt)
+     const char *rp;
+     const char *fmt;
+     struct tm *tm;
+     enum locale_status *decided;
+     int era_cnt;
+{
+  const char *rp_backup;
+  int cnt;
+  size_t val;
+  int have_I, is_pm;
+  int century, want_century;
+  int want_era;
+  int have_wday, want_xday;
+  int have_yday;
+  int have_mon, have_mday;
+#ifdef _NL_CURRENT
+  size_t num_eras;
+#endif
+  struct era_entry *era;
+
+  have_I = is_pm = 0;
+  century = -1;
+  want_century = 0;
+  want_era = 0;
+  era = NULL;
+
+  have_wday = want_xday = have_yday = have_mon = have_mday = 0;
+
+  while (*fmt != '\0')
+    {
+      /* A white space in the format string matches 0 more or white
+	 space in the input string.  */
+      if (isspace (*fmt))
+	{
+	  while (isspace (*rp))
+	    ++rp;
+	  ++fmt;
+	  continue;
+	}
+
+      /* Any character but `%' must be matched by the same character
+	 in the iput string.  */
+      if (*fmt != '%')
+	{
+	  match_char (*fmt++, *rp++);
+	  continue;
+	}
+
+      ++fmt;
+#ifndef _NL_CURRENT
+      /* We need this for handling the `E' modifier.  */
+    start_over:
+#endif
+
+      /* Make back up of current processing pointer.  */
+      rp_backup = rp;
+
+      switch (*fmt++)
+	{
+	case '%':
+	  /* Match the `%' character itself.  */
+	  match_char ('%', *rp++);
+	  break;
+	case 'a':
+	case 'A':
+	  /* Match day of week.  */
+	  for (cnt = 0; cnt < 7; ++cnt)
+	    {
+#ifdef _NL_CURRENT
+	      if (*decided !=raw)
+		{
+		  if (match_string (_NL_CURRENT (LC_TIME, DAY_1 + cnt), rp))
+		    {
+		      if (*decided == not
+			  && strcmp (_NL_CURRENT (LC_TIME, DAY_1 + cnt),
+				     weekday_name[cnt]))
+			*decided = loc;
+		      break;
+		    }
+		  if (match_string (_NL_CURRENT (LC_TIME, ABDAY_1 + cnt), rp))
+		    {
+		      if (*decided == not
+			  && strcmp (_NL_CURRENT (LC_TIME, ABDAY_1 + cnt),
+				     ab_weekday_name[cnt]))
+			*decided = loc;
+		      break;
+		    }
+		}
+#endif
+	      if (*decided != loc
+		  && (match_string (weekday_name[cnt], rp)
+		      || match_string (ab_weekday_name[cnt], rp)))
+		{
+		  *decided = raw;
+		  break;
+		}
+	    }
+	  if (cnt == 7)
+	    /* Does not match a weekday name.  */
+	    return NULL;
+	  tm->tm_wday = cnt;
+	  have_wday = 1;
+	  break;
+	case 'b':
+	case 'B':
+	case 'h':
+	  /* Match month name.  */
+	  for (cnt = 0; cnt < 12; ++cnt)
+	    {
+#ifdef _NL_CURRENT
+	      if (*decided !=raw)
+		{
+		  if (match_string (_NL_CURRENT (LC_TIME, MON_1 + cnt), rp))
+		    {
+		      if (*decided == not
+			  && strcmp (_NL_CURRENT (LC_TIME, MON_1 + cnt),
+				     month_name[cnt]))
+			*decided = loc;
+		      break;
+		    }
+		  if (match_string (_NL_CURRENT (LC_TIME, ABMON_1 + cnt), rp))
+		    {
+		      if (*decided == not
+			  && strcmp (_NL_CURRENT (LC_TIME, ABMON_1 + cnt),
+				     ab_month_name[cnt]))
+			*decided = loc;
+		      break;
+		    }
+		}
+#endif
+	      if (match_string (month_name[cnt], rp)
+		  || match_string (ab_month_name[cnt], rp))
+		{
+		  *decided = raw;
+		  break;
+		}
+	    }
+	  if (cnt == 12)
+	    /* Does not match a month name.  */
+	    return NULL;
+	  tm->tm_mon = cnt;
+	  want_xday = 1;
+	  break;
+	case 'c':
+	  /* Match locale's date and time format.  */
+#ifdef _NL_CURRENT
+	  if (*decided != raw)
+	    {
+	      if (!recursive (_NL_CURRENT (LC_TIME, D_T_FMT)))
+		{
+		  if (*decided == loc)
+		    return NULL;
+		  else
+		    rp = rp_backup;
+		}
+	      else
+		{
+		  if (*decided == not &&
+		      strcmp (_NL_CURRENT (LC_TIME, D_T_FMT), HERE_D_T_FMT))
+		    *decided = loc;
+		  want_xday = 1;
+		  break;
+		}
+	      *decided = raw;
+	    }
+#endif
+	  if (!recursive (HERE_D_T_FMT))
+	    return NULL;
+	  want_xday = 1;
+	  break;
+	case 'C':
+	  /* Match century number.  */
+#ifdef _NL_CURRENT
+	match_century:
+#endif
+	  get_number (0, 99, 2);
+	  century = val;
+	  want_xday = 1;
+	  break;
+	case 'd':
+	case 'e':
+	  /* Match day of month.  */
+	  get_number (1, 31, 2);
+	  tm->tm_mday = val;
+	  have_mday = 1;
+	  want_xday = 1;
+	  break;
+	case 'F':
+	  if (!recursive ("%Y-%m-%d"))
+	    return NULL;
+	  want_xday = 1;
+	  break;
+	case 'x':
+#ifdef _NL_CURRENT
+	  if (*decided != raw)
+	    {
+	      if (!recursive (_NL_CURRENT (LC_TIME, D_FMT)))
+		{
+		  if (*decided == loc)
+		    return NULL;
+		  else
+		    rp = rp_backup;
+		}
+	      else
+		{
+		  if (*decided == not
+		      && strcmp (_NL_CURRENT (LC_TIME, D_FMT), HERE_D_FMT))
+		    *decided = loc;
+		  want_xday = 1;
+		  break;
+		}
+	      *decided = raw;
+	    }
+#endif
+	  /* Fall through.  */
+	case 'D':
+	  /* Match standard day format.  */
+	  if (!recursive (HERE_D_FMT))
+	    return NULL;
+	  want_xday = 1;
+	  break;
+	case 'k':
+	case 'H':
+	  /* Match hour in 24-hour clock.  */
+	  get_number (0, 23, 2);
+	  tm->tm_hour = val;
+	  have_I = 0;
+	  break;
+	case 'I':
+	  /* Match hour in 12-hour clock.  */
+	  get_number (1, 12, 2);
+	  tm->tm_hour = val % 12;
+	  have_I = 1;
+	  break;
+	case 'j':
+	  /* Match day number of year.  */
+	  get_number (1, 366, 3);
+	  tm->tm_yday = val - 1;
+	  have_yday = 1;
+	  break;
+	case 'm':
+	  /* Match number of month.  */
+	  get_number (1, 12, 2);
+	  tm->tm_mon = val - 1;
+	  have_mon = 1;
+	  want_xday = 1;
+	  break;
+	case 'M':
+	  /* Match minute.  */
+	  get_number (0, 59, 2);
+	  tm->tm_min = val;
+	  break;
+	case 'n':
+	case 't':
+	  /* Match any white space.  */
+	  while (isspace (*rp))
+	    ++rp;
+	  break;
+	case 'p':
+	  /* Match locale's equivalent of AM/PM.  */
+#ifdef _NL_CURRENT
+	  if (*decided != raw)
+	    {
+	      if (match_string (_NL_CURRENT (LC_TIME, AM_STR), rp))
+		{
+		  if (strcmp (_NL_CURRENT (LC_TIME, AM_STR), HERE_AM_STR))
+		    *decided = loc;
+		  break;
+		}
+	      if (match_string (_NL_CURRENT (LC_TIME, PM_STR), rp))
+		{
+		  if (strcmp (_NL_CURRENT (LC_TIME, PM_STR), HERE_PM_STR))
+		    *decided = loc;
+		  is_pm = 1;
+		  break;
+		}
+	      *decided = raw;
+	    }
+#endif
+	  if (!match_string (HERE_AM_STR, rp))
+	    if (match_string (HERE_PM_STR, rp))
+	      is_pm = 1;
+	    else
+	      return NULL;
+	  break;
+	case 'r':
+#ifdef _NL_CURRENT
+	  if (*decided != raw)
+	    {
+	      if (!recursive (_NL_CURRENT (LC_TIME, T_FMT_AMPM)))
+		{
+		  if (*decided == loc)
+		    return NULL;
+		  else
+		    rp = rp_backup;
+		}
+	      else
+		{
+		  if (*decided == not &&
+		      strcmp (_NL_CURRENT (LC_TIME, T_FMT_AMPM),
+			      HERE_T_FMT_AMPM))
+		    *decided = loc;
+		  break;
+		}
+	      *decided = raw;
+	    }
+#endif
+	  if (!recursive (HERE_T_FMT_AMPM))
+	    return NULL;
+	  break;
+	case 'R':
+	  if (!recursive ("%H:%M"))
+	    return NULL;
+	  break;
+	case 's':
+	  {
+	    /* The number of seconds may be very high so we cannot use
+	       the `get_number' macro.  Instead read the number
+	       character for character and construct the result while
+	       doing this.  */
+	    time_t secs = 0;
+	    if (*rp < '0' || *rp > '9')
+	      /* We need at least one digit.  */
+	      return NULL;
+
+	    do
+	      {
+		secs *= 10;
+		secs += *rp++ - '0';
+	      }
+	    while (*rp >= '0' && *rp <= '9');
+
+	    if (localtime_r (&secs, tm) == NULL)
+	      /* Error in function.  */
+	      return NULL;
+	  }
+	  break;
+	case 'S':
+	  get_number (0, 61, 2);
+	  tm->tm_sec = val;
+	  break;
+	case 'X':
+#ifdef _NL_CURRENT
+	  if (*decided != raw)
+	    {
+	      if (!recursive (_NL_CURRENT (LC_TIME, T_FMT)))
+		{
+		  if (*decided == loc)
+		    return NULL;
+		  else
+		    rp = rp_backup;
+		}
+	      else
+		{
+		  if (strcmp (_NL_CURRENT (LC_TIME, T_FMT), HERE_T_FMT))
+		    *decided = loc;
+		  break;
+		}
+	      *decided = raw;
+	    }
+#endif
+	  /* Fall through.  */
+	case 'T':
+	  if (!recursive (HERE_T_FMT))
+	    return NULL;
+	  break;
+	case 'u':
+	  get_number (1, 7, 1);
+	  tm->tm_wday = val % 7;
+	  have_wday = 1;
+	  break;
+	case 'g':
+	  get_number (0, 99, 2);
+	  /* XXX This cannot determine any field in TM.  */
+	  break;
+	case 'G':
+	  if (*rp < '0' || *rp > '9')
+	    return NULL;
+	  /* XXX Ignore the number since we would need some more
+	     information to compute a real date.  */
+	  do
+	    ++rp;
+	  while (*rp >= '0' && *rp <= '9');
+	  break;
+	case 'U':
+	case 'V':
+	case 'W':
+	  get_number (0, 53, 2);
+	  /* XXX This cannot determine any field in TM without some
+	     information.  */
+	  break;
+	case 'w':
+	  /* Match number of weekday.  */
+	  get_number (0, 6, 1);
+	  tm->tm_wday = val;
+	  have_wday = 1;
+	  break;
+	case 'y':
+#ifdef _NL_CURRENT
+	match_year_in_century:
+#endif
+	  /* Match year within century.  */
+	  get_number (0, 99, 2);
+	  /* The "Year 2000: The Millennium Rollover" paper suggests that
+	     values in the range 69-99 refer to the twentieth century.  */
+	  tm->tm_year = val >= 69 ? val : val + 100;
+	  /* Indicate that we want to use the century, if specified.  */
+	  want_century = 1;
+	  want_xday = 1;
+	  break;
+	case 'Y':
+	  /* Match year including century number.  */
+	  get_number (0, 9999, 4);
+	  tm->tm_year = val - 1900;
+	  want_century = 0;
+	  want_xday = 1;
+	  break;
+	case 'Z':
+	  /* XXX How to handle this?  */
+	  break;
+	case 'E':
+#ifdef _NL_CURRENT
+	  switch (*fmt++)
+	    {
+	    case 'c':
+	      /* Match locale's alternate date and time format.  */
+	      if (*decided != raw)
+		{
+		  const char *fmt = _NL_CURRENT (LC_TIME, ERA_D_T_FMT);
+
+		  if (*fmt == '\0')
+		    fmt = _NL_CURRENT (LC_TIME, D_T_FMT);
+
+		  if (!recursive (fmt))
+		    {
+		      if (*decided == loc)
+			return NULL;
+		      else
+			rp = rp_backup;
+		    }
+		  else
+		    {
+		      if (strcmp (fmt, HERE_D_T_FMT))
+			*decided = loc;
+		      want_xday = 1;
+		      break;
+		    }
+		  *decided = raw;
+		}
+	      /* The C locale has no era information, so use the
+		 normal representation.  */
+	      if (!recursive (HERE_D_T_FMT))
+		return NULL;
+	      want_xday = 1;
+	      break;
+	    case 'C':
+	      if (*decided != raw)
+		{
+		  if (era_cnt >= 0)
+		    {
+		      era = _nl_select_era_entry (era_cnt);
+		      if (match_string (era->era_name, rp))
+			{
+			  *decided = loc;
+			  break;
+			}
+		      else
+			return NULL;
+		    }
+		  else
+		    {
+		      num_eras = _NL_CURRENT_WORD (LC_TIME,
+						   _NL_TIME_ERA_NUM_ENTRIES);
+		      for (era_cnt = 0; era_cnt < (int) num_eras;
+			   ++era_cnt, rp = rp_backup)
+			{
+			  era = _nl_select_era_entry (era_cnt);
+			  if (match_string (era->era_name, rp))
+			    {
+			      *decided = loc;
+			      break;
+			    }
+			}
+		      if (era_cnt == (int) num_eras)
+			{
+			  era_cnt = -1;
+			  if (*decided == loc)
+			    return NULL;
+			}
+		      else
+			break;
+		    }
+
+		  *decided = raw;
+		}
+	      /* The C locale has no era information, so use the
+		 normal representation.  */
+	      goto match_century;
+ 	    case 'y':
+	      if (*decided == raw)
+		goto match_year_in_century;
+
+	      get_number(0, 9999, 4);
+	      tm->tm_year = val;
+	      want_era = 1;
+	      want_xday = 1;
+	      break;
+	    case 'Y':
+	      if (*decided != raw)
+		{
+		  num_eras = _NL_CURRENT_WORD (LC_TIME,
+					       _NL_TIME_ERA_NUM_ENTRIES);
+		  for (era_cnt = 0; era_cnt < (int) num_eras;
+		       ++era_cnt, rp = rp_backup)
+		    {
+		      era = _nl_select_era_entry (era_cnt);
+		      if (recursive (era->era_format))
+			break;
+		    }
+		  if (era_cnt == (int) num_eras)
+		    {
+		      era_cnt = -1;
+		      if (*decided == loc)
+			return NULL;
+		      else
+			rp = rp_backup;
+		    }
+		  else
+		    {
+		      *decided = loc;
+		      era_cnt = -1;
+		      break;
+		    }
+
+		  *decided = raw;
+		}
+	      get_number (0, 9999, 4);
+	      tm->tm_year = val - 1900;
+	      want_century = 0;
+	      want_xday = 1;
+	      break;
+	    case 'x':
+	      if (*decided != raw)
+		{
+		  const char *fmt = _NL_CURRENT (LC_TIME, ERA_D_FMT);
+
+		  if (*fmt == '\0')
+		    fmt = _NL_CURRENT (LC_TIME, D_FMT);
+
+		  if (!recursive (fmt))
+		    {
+		      if (*decided == loc)
+			return NULL;
+		      else
+			rp = rp_backup;
+		    }
+		  else
+		    {
+		      if (strcmp (fmt, HERE_D_FMT))
+			*decided = loc;
+		      break;
+		    }
+		  *decided = raw;
+		}
+	      if (!recursive (HERE_D_FMT))
+		return NULL;
+	      break;
+	    case 'X':
+	      if (*decided != raw)
+		{
+		  const char *fmt = _NL_CURRENT (LC_TIME, ERA_T_FMT);
+
+		  if (*fmt == '\0')
+		    fmt = _NL_CURRENT (LC_TIME, T_FMT);
+
+		  if (!recursive (fmt))
+		    {
+		      if (*decided == loc)
+			return NULL;
+		      else
+			rp = rp_backup;
+		    }
+		  else
+		    {
+		      if (strcmp (fmt, HERE_T_FMT))
+			*decided = loc;
+		      break;
+		    }
+		  *decided = raw;
+		}
+	      if (!recursive (HERE_T_FMT))
+		return NULL;
+	      break;
+	    default:
+	      return NULL;
+	    }
+	  break;
+#else
+	  /* We have no information about the era format.  Just use
+	     the normal format.  */
+	  if (*fmt != 'c' && *fmt != 'C' && *fmt != 'y' && *fmt != 'Y'
+	      && *fmt != 'x' && *fmt != 'X')
+	    /* This is an illegal format.  */
+	    return NULL;
+
+	  goto start_over;
+#endif
+	case 'O':
+	  switch (*fmt++)
+	    {
+	    case 'd':
+	    case 'e':
+	      /* Match day of month using alternate numeric symbols.  */
+	      get_alt_number (1, 31, 2);
+	      tm->tm_mday = val;
+	      have_mday = 1;
+	      want_xday = 1;
+	      break;
+	    case 'H':
+	      /* Match hour in 24-hour clock using alternate numeric
+		 symbols.  */
+	      get_alt_number (0, 23, 2);
+	      tm->tm_hour = val;
+	      have_I = 0;
+	      break;
+	    case 'I':
+	      /* Match hour in 12-hour clock using alternate numeric
+		 symbols.  */
+	      get_alt_number (1, 12, 2);
+	      tm->tm_hour = val - 1;
+	      have_I = 1;
+	      break;
+	    case 'm':
+	      /* Match month using alternate numeric symbols.  */
+	      get_alt_number (1, 12, 2);
+	      tm->tm_mon = val - 1;
+	      have_mon = 1;
+	      want_xday = 1;
+	      break;
+	    case 'M':
+	      /* Match minutes using alternate numeric symbols.  */
+	      get_alt_number (0, 59, 2);
+	      tm->tm_min = val;
+	      break;
+	    case 'S':
+	      /* Match seconds using alternate numeric symbols.  */
+	      get_alt_number (0, 61, 2);
+	      tm->tm_sec = val;
+	      break;
+	    case 'U':
+	    case 'V':
+	    case 'W':
+	      get_alt_number (0, 53, 2);
+	      /* XXX This cannot determine any field in TM without
+		 further information.  */
+	      break;
+	    case 'w':
+	      /* Match number of weekday using alternate numeric symbols.  */
+	      get_alt_number (0, 6, 1);
+	      tm->tm_wday = val;
+	      have_wday = 1;
+	      break;
+	    case 'y':
+	      /* Match year within century using alternate numeric symbols.  */
+	      get_alt_number (0, 99, 2);
+	      tm->tm_year = val >= 69 ? val : val + 100;
+	      want_xday = 1;
+	      break;
+	    default:
+	      return NULL;
+	    }
+	  break;
+	default:
+	  return NULL;
+	}
+    }
+
+  if (have_I && is_pm)
+    tm->tm_hour += 12;
+
+  if (century != -1)
+    {
+      if (want_century)
+	tm->tm_year = tm->tm_year % 100 + (century - 19) * 100;
+      else
+	/* Only the century, but not the year.  Strange, but so be it.  */
+	tm->tm_year = (century - 19) * 100;
+    }
+
+#ifdef _NL_CURRENT
+  if (era_cnt != -1)
+    {
+      era = _nl_select_era_entry(era_cnt);
+      if (want_era)
+	tm->tm_year = (era->start_date[0]
+		       + ((tm->tm_year - era->offset)
+			  * era->absolute_direction));
+      else
+	/* Era start year assumed.  */
+	tm->tm_year = era->start_date[0];
+    }
+  else
+#endif
+    if (want_era)
+      return NULL;
+
+  if (want_xday && !have_wday)
+    {
+      if ( !(have_mon && have_mday) && have_yday)
+	{
+	  /* We don't have tm_mon and/or tm_mday, compute them.  */
+	  int t_mon = 0;
+	  while (__mon_yday[__isleap(1900 + tm->tm_year)][t_mon] <= tm->tm_yday)
+	      t_mon++;
+	  if (!have_mon)
+	      tm->tm_mon = t_mon - 1;
+	  if (!have_mday)
+	      tm->tm_mday =
+		(tm->tm_yday
+		 - __mon_yday[__isleap(1900 + tm->tm_year)][t_mon - 1] + 1);
+	}
+      day_of_the_week (tm);
+    }
+  if (want_xday && !have_yday)
+    day_of_the_year (tm);
+
+  return (char *) rp;
+}
+
+
+char *
+strptime (buf, format, tm)
+     const char *buf;
+     const char *format;
+     struct tm *tm;
+{
+  enum locale_status decided;
+
+#ifdef _NL_CURRENT
+  decided = not;
+#else
+  decided = raw;
+#endif
+  return strptime_internal (buf, format, tm, &decided, -1);
+}
diff --git a/external/privoxy/templates/blocked b/external/privoxy/templates/blocked
new file mode 100644
index 0000000..3ebc22e
--- /dev/null
+++ b/external/privoxy/templates/blocked
@@ -0,0 +1,287 @@
+##########################################################
+#
+# "Blocked" Error Output template for Privoxy.
+#
+#  NOTE: UNLIKE THE OTHER TEMPLATES, THIS ONE USES
+#  JavaScript write() TO GENERATE THE PAGE IN JS_AWARE
+#  BROWSERS. SYMBOL SUBSTITUTIONS THAT RESULT IN MULTILINE
+#  STRINGS WILL BREAK THE JavaScript SYNTAX.
+#  USE WITH CAUTION.
+#
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written in plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach this proxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the pxoxy's administrator, as configured
+#    in the config file
+#  default-cgi:
+#    The URL for the "main menu" builtin CGI of this proxy
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    The version number of the proxy software
+#  code-status:
+#    The development status of the proxy software: "alpha", "beta",
+#    or "stable".
+#  homepage:
+#    The URL of the SourceForge ijbswa project, who maintains this
+#    software.
+#
+#  protocol:
+#    The request's protocol: http:// or https://
+#  hostport:
+#    The host and port part of the blocked request's URL.
+#  path:
+#    The path part of the blocked request's URL.
+#  path-ue:
+#    The path part of the blocked request's URL, url-encoded.
+#
+#
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    This is an alpha or beta release of the proxy software
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for online documentation about this proxy has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#  force-support:
+#    Privoxy has been compiled with support for forced loading
+#    of blocked content. In that case, the symbol "force-prefix" is
+#    avaiable, which translates to the FORCE_PREFIX  
+#
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+ <head>
+  <title>Request blocked (Privoxy@@my-hostname@)</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="shortcut icon" href="@default-cgi at error-favicon.ico" type="image/x-icon">
+  <style type="text/css">
+#include cgi-style.css
+  </style>
+  <script type="text/javascript" language="javascript">
+  <!--
+    /*
+     * Is this window or frame too small
+     * for the full-blown "blocked" page?
+     */
+    function isSmallFrame()
+    {
+       minWidth  = 650;
+       minHeight = 330;
+
+       /* 
+        * Navigator, Mozilla, Opera
+        */
+       if (window.innerWidth 
+           && (window.innerWidth >= minWidth) 
+           && (window.innerHeight >= minHeight))
+       {
+          return false;
+       }
+ 
+       /* 
+        * MSIE
+        */
+       else if (document.body && document.body.clientWidth 
+                && (document.body.clientWidth >= minWidth)
+                && (document.body.clientHeight >= minHeight))
+       {
+          return false;
+       }
+
+       /*
+        * Small window or unsupported browser
+        */
+       return true;
+   }
+  //-->
+  </script>
+ </head>
+ <body>
+  <script type="text/javascript" language="javascript">
+  <!--
+#   Note: The same small version is used at the bottom
+#         of this file in the <noscript> context. If you
+#         make changes here, keep the other version in sync!
+
+  if (isSmallFrame())
+  {
+     document.write('\
+   <p class="small" align="center"> \
+    Request blocked by <a href="@default-cgi@" target="_blank">Privoxy</a>: @block-reason@ \
+    <br>See <a href="@default-cgi at show-url-info?url=@hostport@@path-ue@" \
+     target="_blank">why this block applies</a> \
+    <!-- @if-force-support-start --> \
+    or <a href="http://@hostport@@force-prefix@@path@">go \
+    <!-- if-force-support-end@ --> \
+    to <b>@protocol@@hostport@@path@</b> \
+    <!-- @if-force-support-start --> \
+    anyway</a>. \
+    <!-- if-force-support-end@ --> \
+   </p> \
+   ');
+
+  }
+  else
+  {
+     document.write('\
+  <table cellpadding="20" cellspacing="10" border="0" width="100%">\
+    <tr> \
+      <td class="status"> \
+        BLOCKED \
+      </td> \
+      <td class="title" width=100%> \
+         <h1> \
+          This is <a href="@homepage@">Privoxy</a> @version@ on @my-hostname@ (@my-ip-address@), port @my-port@, \
+          @if-enabled-display-then at enabled@else-not-enabled-display at disabled@endif-enabled-display@ \
+        </h1> \
+      </td> \
+    </tr> \
+ \
+<!-- @if-unstable-start --> \
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in \
+    <tr> \
+      <td class="warning" colspan="2"> \
+        <h2>Warning:</h2> \
+        <p> \
+          <b>Please note that this <font color=red>@code-status@</font> release \
+          of the proxy software is not intended for production systems! \
+          <br>Use at your own risk. See the <a href="http://www.gnu.org/copyleft/gpl.html">license</a> for details.</b> \
+        </p> \
+      </td> \
+    </tr> \
+<!-- if-unstable-end@ --> \
+ \
+    <tr> \
+      <td class="box" colspan="2"> \
+        <h2>Request for blocked URL</h2> \
+        <p>Your request for <b>@protocol@@hostport@@path@</b> was blocked. \
+         <br>Block reason: @block-reason@ \
+         <br><a href="@default-cgi at show-url-info?url=@hostport@@path-ue@" \
+         target="_blank">See why this block applies</a> \
+<!-- @if-force-support-start --> \
+          or <a href="http://@hostport@@force-prefix@@path@">go there anyway</a>. \
+<!-- if-force-support-end@ --> \
+        </p> \
+      </td> \
+    </tr> \
+ \
+    <tr> \
+      <td class="box" colspan="2"> \
+        <h2>More Privoxy:</h2> \
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul> \
+      </td> \
+    </tr> \
+ \
+    <tr> \
+      <td class="info" colspan="2"> \
+        <big><b>Support and Service via Sourceforge:</b></big> \
+        <p> \
+          We value your feedback. To provide you with the best support, \
+          we ask that you: \
+        </p> \
+        <ul> \
+          <li> \
+            use the <a href="http://sourceforge.net/tracker/?group_id=11118&atid=211118">support forum</a> or (better) the \
+            <a href="http://sourceforge.net/mail/?group_id=11118">mailing lists</a> to get help. \
+          </li> \
+          <li> \
+            submit banners and all problems with the actions file only through the \
+            <a href="javascript:void(window.open(\'http://www.privoxy.org/actions\',\'Feedback\',\'width=600,scrollbars=yes,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no\').focus());">actions \
+            file feedback system</a>. \
+          </li> \
+          <li> \
+            submit bugs only through our <a href="http://sourceforge.net/tracker/?group_id=11118&atid=111118">bug tracker</a>. \
+            Make sure that the bug has not yet been submitted. \
+          </li> \
+          <li> \
+            submit feature requests only through our <a href="http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse">feature \
+            request tracker</a>. \
+          </li> \
+        </ul> \
+      </td> \
+    </tr> \
+ \
+<!-- @if-have-help-info-start --> \
+    <tr> \
+      <td class="info" colspan="2"> \
+        <h2>Local Privoxy support:</h2> \
+ \
+<!-- @if-have-proxy-info-start --> \
+        <p>You can consult the <a href="@proxy-info-url@">online documentation</a> for more information about this Privoxy installation.</p> \
+<!-- if-have-proxy-info-end@ --> \
+ \
+<!-- @if-have-adminaddr-info-start --> \
+        <p>Address e-mail questions about this service to \
+          <a href="mailto:@admin-address@"><code>@admin-address@</code></a>, \
+          who will be glad to help you. \
+        </p> \
+<!-- if-have-adminaddr-info-end@ --> \
+      </td> \
+    </tr> \
+<!-- if-have-help-info-end@ --> \
+ \
+  </table> \
+     ');
+  }
+  //-->
+  </script>
+
+#   Note: The same small version is used above via JavaScript
+#         If you make changes here, keep the other version in sync!
+
+  <noscript>
+   <p class="small" align="center">
+    Request blocked by <a href="@default-cgi@" target="_blank">Privoxy</a>: @block-reason@
+    <br>See <a href="@default-cgi at show-url-info?url=@hostport@@path-ue@"
+     target="_blank">why this block applies</a>
+    <!-- @if-force-support-start -->
+    or <a href="http://@hostport@@force-prefix@@path@">go
+    <!-- if-force-support-end@ -->
+    to <b>@protocol@@hostport@@path@</b>
+    <!-- @if-force-support-start -->
+    anyway</a>.
+    <!-- if-force-support-end@ -->
+   </p>
+  </noscript>
+
+ </body>
+</html>
diff --git a/external/privoxy/templates/cgi-error-404 b/external/privoxy/templates/cgi-error-404
new file mode 100644
index 0000000..c12b564
--- /dev/null
+++ b/external/privoxy/templates/cgi-error-404
@@ -0,0 +1,149 @@
+##########################################################
+#
+# No-Such-Domain Error Output template for Privoxy.
+#
+#
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written win plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach this proxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the pxoxy's administrator, as configured
+#    in the config file
+#  default-cgi:
+#    The URL for the "main menu" builtin CGI of this proxy
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    The version number of the proxy software
+#  code-status:
+#    The development status of the proxy software: "alpha", "beta",
+#    or "stable".
+#  homepage:
+#    The URL of the SourceForge ijbswa project, who maintains this
+#    software.
+#
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    this is an alpha or beta release of the proxy software
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for online documentation about this proxy has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <title>404 - Privoxy Configuration Page not found</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at error-favicon.ico">
+</head>
+
+<body>
+
+  <table cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="status">
+        404
+      </td>     
+      <td class="title" style="width: 100%">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning" colspan="2">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="warning" colspan="2">
+        <h2>Privoxy Configuration page not found</h2>
+            <p>You typed in what looks like a URL used to configure
+               Privoxy, but it cannot be recognised.  Maybe it's
+               for a different Privoxy version, or you typed it
+               in wrong?  Or maybe the Privoxy administrator
+               has decided to disable the feature.</p>
+            <p>If you got here by clicking a link in the
+               configuration interface, please file a bug report!</p>
+            <p>You can use the menu below to select from the available
+               configuration options</p>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box" colspan="2">
+        <h2>More Privoxy:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info" colspan="2">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info" colspan="2">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+        
+  </table>
+
+</body>
+</html>
diff --git a/external/privoxy/templates/cgi-error-bad-param b/external/privoxy/templates/cgi-error-bad-param
new file mode 100644
index 0000000..a1e3f05
--- /dev/null
+++ b/external/privoxy/templates/cgi-error-bad-param
@@ -0,0 +1,156 @@
+##########################################################
+#
+# No-Such-Domain Error Output template for Privoxy.
+#
+#
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written win plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach this proxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the pxoxy's administrator, as configured
+#    in the config file
+#  default-cgi:
+#    The URL for the "main menu" builtin CGI of this proxy
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    The version number of the proxy software
+#  code-status:
+#    The development status of the proxy software: "alpha", "beta",
+#    or "stable".
+#  homepage:
+#    The URL of the SourceForge ijbswa project, who maintains this
+#    software.
+#
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    this is an alpha or beta release of the proxy software
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for online documentation about this proxy has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <title>Privoxy: Bad parameter</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at error-favicon.ico">
+</head>
+
+<body>
+
+  <table cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="title">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="warning">
+        <h2>Bad parameter to Privoxy configuration page</h2>
+        <p>You've found a page used to configure Privoxy, but the
+           parameters (the part of the web page address after the
+           "?" mark) are wrong or missing.</p>
+        <p>Possible causes:</p>
+        <ul>
+          <li>If you just typed a URL pattern into a form, then you got
+             something wrong.  Press the "back" button on your browser
+             once and correct what you typed.</li>
+          <li>If you tried to type in the URL, then you've found a
+             page where you can't do that.  You can only view this
+             page by following links from elsewhere in the configuration
+             interface.</li>
+          <li>If you got here using your browser's "back" button, then
+             that is deliberately disabled for this page.</li>
+          <li>If you got here by clicking a link in the
+             configuration interface, please file a bug report!</li>
+        </ul>
+        <p>You can use the menu below to select from the available
+           configuration options</p>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box">
+        <h2>Privoxy Menu:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+    
+  </table>
+
+</body>
+</html>
diff --git a/external/privoxy/templates/cgi-error-disabled b/external/privoxy/templates/cgi-error-disabled
new file mode 100644
index 0000000..9faffc6
--- /dev/null
+++ b/external/privoxy/templates/cgi-error-disabled
@@ -0,0 +1,169 @@
+##########################################################
+#
+# Feature disabled or referrer untrusted Error Output template for Privoxy.
+#
+#
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written win plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach this proxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the pxoxy's administrator, as configured
+#    in the config file
+#  default-cgi:
+#    The URL for the "main menu" builtin CGI of this proxy
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    The version number of the proxy software
+#  code-status:
+#    The development status of the proxy software: "alpha", "beta",
+#    or "stable".
+#  homepage:
+#    The URL of the SourceForge ijbswa project, who maintains this
+#    software.
+#
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    this is an alpha or beta release of the proxy software
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for online documentation about this proxy has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <title>Configuration Page Disabled</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at error-favicon.ico">
+</head>
+
+<body>
+
+  <table summary="" cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="title">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="warning">
+        <h2>Privoxy Configuration access denied</h2>
+          <p>Access to <b>@url@</b> has been denied because:</p>
+
+          <ul>
+            <li>it requires a feature that has been disabled by the Privoxy administrator,</li>
+            <li>you didn't come here through one of Privoxy's CGI pages, or</li>
+            <li>the <q>Referer:</q> header is blocked.</li>
+          </ul>
+
+          <p>Note that the following features which used to be enabled in earlier
+             releases are now off by default:
+          </p>
+          <ul>
+           <li><a href="@user-manual at config.html#ENABLE-EDIT-ACTIONS">enable-edit-actions</a></li>
+           <li><a href="@user-manual at config.html#ENABLE-REMOTE-TOGGLE">enable-remote-toggle</a></li>
+           <li><a href="@user-manual at config.html#ENABLE-REMOTE-HTTP-TOGGLE">enable-remote-http-toggle</a>
+           (Most likely you don't need this anyway.)</li>
+          </ul>
+
+          <p>Please refer to the documentation behind the links to learn how to
+             enable them again and what the consequences are.</p>
+
+          <p>All enabled features are accessible from the
+             <a href="@default-cgi@">main menu</a>, some of them
+             are <em>protected</em> with a referrer check though.
+             If you got caught by the referrer check, but are <strong>absolutely</strong> sure
+             you know what you are doing, please <a title="Retry from a trusted referrer"
+              href="@url@">try again</a>.</p>
+
+          <p>If the <q>Referer:</q> header is blocked, you'll have to make an exception for
+             Privoxy's web interface first. Note that <em>dumb</em> referrer blocking
+             is a bad idea anyway, as it makes it easier to fingerprint your
+             requests. Consider using Privoxy's conditional referrer block instead.</p>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box">
+        <h2>More Privoxy:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+    
+  </table>
+
+</body>
+</html>
diff --git a/external/privoxy/templates/cgi-error-file b/external/privoxy/templates/cgi-error-file
new file mode 100644
index 0000000..09bf2cb
--- /dev/null
+++ b/external/privoxy/templates/cgi-error-file
@@ -0,0 +1,139 @@
+##########################################################
+#
+# No-Such-Domain Error Output template for Privoxy.
+#
+#
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written win plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach this proxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the pxoxy's administrator, as configured
+#    in the config file
+#  default-cgi:
+#    The URL for the "main menu" builtin CGI of this proxy
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    The version number of the proxy software
+#  code-status:
+#    The development status of the proxy software: "alpha", "beta",
+#    or "stable".
+#  homepage:
+#    The URL of the SourceForge ijbswa project, who maintains this
+#    software.
+#
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    this is an alpha or beta release of the proxy software
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for online documentation about this proxy has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <title>Privoxy: Actions file not found</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at error-favicon.ico">
+</head>
+
+<body>
+
+  <table cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="title">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="warning">
+        <h2>Actions file not found</h2>
+        <p>The actions file you are trying to edit (index <code>@f@</code>)
+           does not exist, or cannot be read.</p>
+      </td>
+    </tr>
+
+     <tr>
+      <td class="box">
+        <h2>Privoxy Menu:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+
+  </table>
+
+</body>
+</html>
diff --git a/external/privoxy/templates/cgi-error-file-read-only b/external/privoxy/templates/cgi-error-file-read-only
new file mode 100644
index 0000000..bfce277
--- /dev/null
+++ b/external/privoxy/templates/cgi-error-file-read-only
@@ -0,0 +1,146 @@
+##########################################################
+#
+# No-Such-Domain Error Output template for Privoxy.
+#
+#
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written win plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach this proxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the pxoxy's administrator, as configured
+#    in the config file
+#  default-cgi:
+#    The URL for the "main menu" builtin CGI of this proxy
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    The version number of the proxy software
+#  code-status:
+#    The development status of the proxy software: "alpha", "beta",
+#    or "stable".
+#  homepage:
+#    The URL of the SourceForge ijbswa project, who maintains this
+#    software.
+#
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    this is an alpha or beta release of the proxy software
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for online documentation about this proxy has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <title>Privoxy: Cannot write to actions file</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at error-favicon.ico">
+</head>
+
+<body>
+
+  <table cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="title">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="warning">
+        <h2>Cannot write to actions file</h2>
+        <p>The actions file you are trying to edit (<code>@f at .action</code>)
+           could not be written to.</p>
+        <p>You many not have permission to write to the file - check the file
+           permissions.  On Windows, right-click the file, choose Properties,
+           and make sure it is not read-only.</p>
+        <p>Another reason you may see this message is if you have run out of
+           disk space.  If that is the case, then the actions file has been
+           truncated - if you get further errors, you may need to fix it
+           using a text editor.</p>
+      </td>
+    </tr>
+
+     <tr>
+      <td class="box">
+        <h2>Privoxy Menu:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+
+  </table>
+
+</body>
+</html>
diff --git a/external/privoxy/templates/cgi-error-modified b/external/privoxy/templates/cgi-error-modified
new file mode 100644
index 0000000..3b04b4b
--- /dev/null
+++ b/external/privoxy/templates/cgi-error-modified
@@ -0,0 +1,157 @@
+##########################################################
+#
+# No-Such-Domain Error Output template for Privoxy.
+#
+#
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written win plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach this proxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the pxoxy's administrator, as configured
+#    in the config file
+#  default-cgi:
+#    The URL for the "main menu" builtin CGI of this proxy
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    The version number of the proxy software
+#  code-status:
+#    The development status of the proxy software: "alpha", "beta",
+#    or "stable".
+#  homepage:
+#    The URL of the SourceForge ijbswa project, who maintains this
+#    software.
+#
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    this is an alpha or beta release of the proxy software
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for online documentation about this proxy has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <title>Privoxy: URL out of date</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at error-favicon.ico">
+</head>
+
+<body>
+
+  <table cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="title">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="warning">
+        <h2>URL out of date - file has changed since it was generated</h2>
+        <p>The URL you're viewing is out of date.  To prevent possible
+           damage to your configuration file, this action has been ignored.
+        </p>
+        <p>Possible causes:</p>
+        <ul>
+          <li>If you got here using your browser's "back" button, then
+             that is deliberately disabled for this page.  Please 
+             navigate around the configuration editor using the
+             links provided.</li>
+          <li>Perhaps you've got more than one browser window open, and
+             you're trying to change the same file in both?  You can
+             only have one editor window open at a time.  Your other edit
+             window should continue to function.</li>
+          <li>You may have modified the file some other way - perhaps by
+             editing it with a text editor.  Simply go back in to the 
+             configuration interface using the links below.</li>
+        </ul>
+        <p>You can go back into the edit interface using the menu below,
+           or by clicking <a href="edit-actions-list?f=@f@">here</a>.
+        </p>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box">
+        <h2>More Privoxy:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+        
+  </table>
+
+</body>
+</html>
diff --git a/external/privoxy/templates/cgi-error-parse b/external/privoxy/templates/cgi-error-parse
new file mode 100644
index 0000000..695131c
--- /dev/null
+++ b/external/privoxy/templates/cgi-error-parse
@@ -0,0 +1,176 @@
+##########################################################
+#
+# No-Such-Domain Error Output template for Privoxy.
+#
+#
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written win plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach this proxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the pxoxy's administrator, as configured
+#    in the config file
+#  default-cgi:
+#    The URL for the "main menu" builtin CGI of this proxy
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    The version number of the proxy software
+#  code-status:
+#    The development status of the proxy software: "alpha", "beta",
+#    or "stable".
+#  homepage:
+#    The URL of the SourceForge ijbswa project, who maintains this
+#    software.
+#
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    this is an alpha or beta release of the proxy software
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for online documentation about this proxy has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <title>Privoxy: Parse error</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at error-favicon.ico">
+</head>
+
+<body>
+
+  <table cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="title">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="warning">
+        <h2>Parse error</h2>
+         <p>The file you're trying to edit is not valid.  You need to fix
+           it using a text editor before you can edit it using the
+           web-based editor.</p>
+        <p>This error should only occur if you edited the file using a text
+           editor.  If you managed to take a valid file and break it this
+           badly using the web-based editor, please file a bug report!</p>
+        <p>When you've fixed the problem, you can go back into the edit
+           interface using the menu below, or by clicking <a 
+           href="edit-actions-list?f=@f@">here</a>.
+        </p>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box">
+        <h2>Problem description:</h2>
+        <p>@parse-error@</p>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box">
+        <h2>The line which caused the problem:</h2>
+        <pre>@line-raw@</pre>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box">
+        <h2>The line which caused the problem, with comments removed</h2>
+        <p><code>@line-data@</code></p>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box">
+        <h2>Note</h2>
+        <p>Only the first error is reported - the file may contain other
+           errors, as well as the one reported above.</p>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box">
+        <h2>More Privoxy:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+    
+  </table>
+
+</body>
+</html>
diff --git a/external/privoxy/templates/cgi-style.css b/external/privoxy/templates/cgi-style.css
new file mode 100644
index 0000000..b66c580
--- /dev/null
+++ b/external/privoxy/templates/cgi-style.css
@@ -0,0 +1,173 @@
+##############################################################################
+#
+# File        :  $Source: /cvsroot/ijbswa/current/templates/cgi-style.css,v $
+#
+# Purpose     :  Style sheet for the web-based config interface.
+#
+# Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+#                Privoxy team. http://www.privoxy.org/
+#
+#                Original Author: Copyright (C) 2001 Jonathan Foster
+#                http://www.jon-foster.co.uk/
+#
+#                This program is free software; you can redistribute it 
+#                and/or modify it under the terms of the GNU General
+#                Public License as published by the Free Software
+#                Foundation; either version 2 of the License, or (at
+#                your option) any later version.
+#
+#                This program is distributed in the hope that it will
+#                be useful, but WITHOUT ANY WARRANTY; without even the
+#                implied warranty of MERCHANTABILITY or FITNESS FOR A
+#                PARTICULAR PURPOSE.  See the GNU General Public
+#                License for more details.
+#
+#                The GNU General Public License should be included with
+#                this file.  If not, you can view it at
+#                http://www.gnu.org/copyleft/gpl.html
+#                or write to the Free Software Foundation, Inc., 59
+#                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
+# Revisions   :
+#    $Log: cgi-style.css,v $
+#    Revision 1.12  2007/12/11 21:20:53  fabiankeil
+#    Make strong warnings red too.
+#
+#    Revision 1.11  2007/12/08 14:29:06  fabiankeil
+#    Use CSS to let the URL and pattern input fields scale with
+#    the browser width and try to prevent vertical scroll bars
+#    if the width is less than 80 characters. Closes #1843596,
+#    thanks to Gerry Murphy and Lee.
+#
+#    Revision 1.10  2007/01/22 13:12:43  fabiankeil
+#    White space cosmetics for #include.
+#
+#    Revision 1.9  2006/12/17 17:50:55  fabiankeil
+#    Add white space workaround for tables
+#    in show-status CGI page.
+#
+#    Revision 1.8  2002/05/12 15:53:41  jongfoster
+#    Adding standard comment header with license and CVS log.
+#
+#
+##############################################################################
+
+/*
+ * CSS for Privoxy CGI and script output
+ *
+ * $Id: cgi-style.css,v 1.12 2007/12/11 21:20:53 fabiankeil Exp $
+ */
+
+/*
+ * General rules: Font, Color, Headings, Margins, Links
+ */
+body,td,th { font-family: arial, helvetica, helv, sans-serif; }
+body { background-color: #ffffff; color: #000000; }
+
+h1 { font-size: 140%; margin: 0px; }
+h2 { font-size: 120%; margin: 0px; }
+h3 { font-size: 110%; margin: 0px; }
+
+p,pre  { margin-left: 15px; }
+li { margin: 2px 15px; }
+dl { margin: 2px 15px; }
+
+a:link    { color: #0000dd; text-decoration: none; }
+a:visited { color: #330099; text-decoration: none; }
+a:active  { color: #3333ff; text-decoration: none; }
+
+/*
+ * Boxen as Table elements:
+ */
+td.title   { border: solid black 1px; background-color: #dddddd; }
+td.box     { border: solid black 1px; background-color: #eeeeee; }
+td.info    { border: solid black 1px; background-color: #ccccff; }
+td.warning { border: solid black 1px; background-color: #ffdddd; }
+
+/*
+ * Special Table Boxen: for nesting, naked container and for
+ * the Status field in CGI Output:
+ */
+td.wrapbox { border: solid black 1px; padding: 5px; }
+td.container { padding: 0px; }
+td.status  { border: solid black 1px; background-color: #ff0000; color: #ffffff; font-size: 300%; font-weight: bolder; }
+
+/*
+ * Same Boxen as <div>s:
+ */
+div.title    { border: solid black 1px; background-color: #dddddd; margin: 20px; padding: 20px; }
+div.box      { border: solid black 1px; background-color: #eeeeee; margin: 20px; padding: 20px; }
+div.info     { border: solid black 1px; background-color: #ccccff; margin: 20px; padding: 20px; }
+div.warning  { border: solid black 1px; background-color: #ffdddd; margin: 20px; padding: 20px; }
+div.wrapbox  { border: solid black 1px;                            margin: 20px; padding:  5px; }
+
+
+/*
+ * Bold definitions in <dl>s, grey BG for table headings, transparent (no-bordered) table
+ */
+dt { font-weight: bold; }
+th { background-color: #dddddd; }
+table.transparent { border-style: none}
+
+/*
+ * Special purpose paragraphs: Small for page footers,
+ * Important for quoting wrong or dangerous examples,
+ * Whiteframed for the toggle?mini=y CGI
+ */
+p.small { font-size: 10px; margin: 0px; }
+p.important { border: solid black 1px; background-color: #ffdddd; font-weight: bold; padding: 2px; }
+p.whiteframed { margin: 5px; padding: 5px; border: solid black 1px; text-align: center; background-color: #eeeeee; }
+
+/*
+ * Links as buttons:
+ */
+
+td.buttons {
+  padding: 2px;
+}
+
+a.cmd, td.indentbuttons a, td.buttons a {
+  white-space: nowrap;
+  width: auto;
+  padding: 2px;
+  background-color: #dddddd;
+  color:            #000000;
+  text-decoration: none;
+  border-top:    1px solid #ffffff;
+  border-left:   1px solid #ffffff;
+  border-bottom: 1px solid #000000;
+  border-right:  1px solid #000000;
+}
+a.cmd:hover, td.indentbuttons a:hover, td.buttons a:hover {
+  background-color: #eeeeee;
+}
+a.cmd:active, td.indentbuttons a:active, td.buttons a:active {
+  border-top:    1px solid #000000;
+  border-left:   1px solid #000000;
+  border-bottom: 1px solid #ffffff;
+  border-right:  1px solid #ffffff;
+}
+
+
+/*
+ * Special red emphasis:
+ */
+em.warning, strong.warning { color: #ff0000 }
+
+/*
+ * In show-status we use tables directly behind headlines
+ * and for some reason or another the headlines are set to
+ * "margin:0" and leave the tables no air to breath.
+ *
+ * A proper fix would be to replace or remove the "margin:0",
+ * but as this affects every cgi page we do it another time
+ * and use this workaround until then.
+ */
+.box table { margin-top: 1em; }
+
+/*
+ * Let the URL and pattern input fields scale with the browser
+ * width and try to prevent vertical scroll bars if the width
+ * is less than 80 characters. 
+ */
+input.url, input.pattern { width: 95%; }
diff --git a/external/privoxy/templates/connect-failed b/external/privoxy/templates/connect-failed
new file mode 100644
index 0000000..3607552
--- /dev/null
+++ b/external/privoxy/templates/connect-failed
@@ -0,0 +1,156 @@
+##########################################################
+#
+# Connect-Failed Error Output template for Privoxy.
+#
+#
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written win plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach this proxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the pxoxy's administrator, as configured
+#    in the config file
+#  default-cgi:
+#    The URL for the "main menu" builtin CGI of this proxy
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    The version number of the proxy software
+#  code-status:
+#    The development status of the proxy software: "alpha", "beta",
+#    or "stable".
+#  homepage:
+#    The URL of the SourceForge ijbswa project, who maintains this
+#    software.
+#
+#  host-ip:
+#    The IP address of the host that could not be reached
+#  hostport:
+#    The host and port part of the request that lead to this problem
+#  path:
+#    The path part of the request that lead to this problem
+#
+#
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    this is an alpha or beta release of the proxy software
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for online documentation about this proxy has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <title>503 - Connect failed (Privoxy@@my-hostname@)</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="shortcut icon" href="@default-cgi at error-favicon.ico">
+  <style type="text/css">
+#include cgi-style.css
+  </style>
+</head>
+
+<body>
+
+  <table summary="" cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="status">
+        503
+      </td>     
+      <td class="title" style="width: 100%">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning" colspan="2">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="warning" colspan=2>
+        <h2>Connect failed</h2>
+          <p>Your request for <a href="@protocol@@hostport@@path@"><b>@protocol@@hostport@@path@</b></a> could
+            not be fulfilled, because the connection to <b>@host@</b> (@host-ip@) could not be established.
+          </p>
+          <p>This is often a temporary failure, so you might just
+            <a href="@protocol@@hostport@@path@">try again</a>.
+         </p>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box" colspan="2">
+        <h2>More Privoxy:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info" colspan="2">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info" colspan="2">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+
+  </table>
+
+</body>
+</html>
diff --git a/external/privoxy/templates/default b/external/privoxy/templates/default
new file mode 100644
index 0000000..065aedc
--- /dev/null
+++ b/external/privoxy/templates/default
@@ -0,0 +1,131 @@
+##########################################################
+#
+# Default-CGI Output template for Privoxy.
+#
+#
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written win plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach this proxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the pxoxy's administrator, as configured
+#    in the config file
+#  default-cgi:
+#    The URL for the "main menu" builtin CGI of this proxy
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    The version number of the proxy software
+#  code-status:
+#    The development status of the proxy software: "alpha", "beta",
+#    or "stable".
+#  homepage:
+#    The URL of the SourceForge ijbswa project, who maintains this
+#    software.
+#
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    this is an alpha or beta release of the proxy software
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for online documentation about this proxy has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <title>Privoxy@@my-hostname@</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at favicon.ico" type="image/x-icon">
+</head>
+
+<body>
+
+  <table cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="title">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="box">
+        <h2>Privoxy Menu:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+    
+  </table>
+
+</body>
+</html>
diff --git a/external/privoxy/templates/edit-actions-add-url-form b/external/privoxy/templates/edit-actions-add-url-form
new file mode 100644
index 0000000..32ee64f
--- /dev/null
+++ b/external/privoxy/templates/edit-actions-add-url-form
@@ -0,0 +1,216 @@
+##############################################################################
+#
+# File        :  $Source: /cvsroot/ijbswa/current/templates/edit-actions-add-url-form,v $
+#
+# Purpose     :  Template used to add a URL pattern to the actions file.
+#
+#
+# Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+#                Privoxy team. http://www.privoxy.org/
+#
+#                Original Author: Copyright (C) 2001 Jonathan Foster
+#                http://www.jon-foster.co.uk/
+#
+#                This program is free software; you can redistribute it 
+#                and/or modify it under the terms of the GNU General
+#                Public License as published by the Free Software
+#                Foundation; either version 2 of the License, or (at
+#                your option) any later version.
+#
+#                This program is distributed in the hope that it will
+#                be useful, but WITHOUT ANY WARRANTY; without even the
+#                implied warranty of MERCHANTABILITY or FITNESS FOR A
+#                PARTICULAR PURPOSE.  See the GNU General Public
+#                License for more details.
+#
+#                The GNU General Public License should be included with
+#                this file.  If not, you can view it at
+#                http://www.gnu.org/copyleft/gpl.html
+#                or write to the Free Software Foundation, Inc., 59
+#                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
+# Revisions   :
+#    $Log: edit-actions-add-url-form,v $
+#    Revision 1.18  2007/12/08 14:36:43  fabiankeil
+#    - Use the shiny new CSS "pattern" class.
+#    - s at URL Pattern at URL or TAG Pattern@
+#
+#    Revision 1.17  2007/01/23 16:03:16  fabiankeil
+#    - Add favicon links.
+#    - Remove useless W3C validator links.
+#
+#    Revision 1.16  2006/07/18 14:49:13  david__schmidt
+#    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+#    with what was really the latest development (the v_3_0_branch branch)
+#
+#    Revision 1.14.2.2  2002/08/23 02:22:53  hal9
+#    Fix a perl brain fart with <li> in comments.
+#
+#    Revision 1.14  2002/05/21 19:10:30  oes
+#     - Added jump target and button style to "cancel" link
+#     - Fixed title
+#
+#    Revision 1.13  2002/04/10 13:32:53  oes
+#    Made templates modular
+#
+#    Revision 1.12  2002/04/08 17:08:14  oes
+#    Cosmetic: make status in title lowercase
+#
+#    Revision 1.11  2002/04/05 16:01:33  oes
+#    Correct HTML, external Stylesheets, eye candy, some fixes
+#
+#    Revision 1.10  2002/03/26 22:29:56  swa
+#    we have a new homepage!
+#
+#    Revision 1.9  2002/03/24 15:23:33  jongfoster
+#    Name changes
+#
+#    Revision 1.8  2002/03/24 11:01:06  swa
+#    name change
+#
+#    Revision 1.7  2002/03/23 16:18:15  swa
+#    renamed every reference to the old name with foobar.
+#    fixed "application foobar application" tag, fixed
+#    "the foobar" with "foobar". left junkbuster in cvs
+#    comments and remarks to history untouched. should
+#    make final rename easier.
+#
+#    Revision 1.6  2002/03/16 15:22:19  jongfoster
+#    Moving 'alpha' warning to the end of the page
+#
+#    Revision 1.5  2002/03/03 10:29:12  swa
+#    point users to the right feedback forms,
+#    not necessarily the developer list.
+#
+#    Revision 1.4  2002/01/23 00:26:45  jongfoster
+#    Reducing length of URLs
+#    Where encoded and unencoded versions of a string existed, removing
+#    the unencoded one.
+#
+#    Revision 1.3  2002/01/17 21:33:00  jongfoster
+#    Replacing all references to the URL of the config interface
+#    with @default-cgi@
+#
+#    Revision 1.2  2002/01/17 21:21:03  jongfoster
+#    DOS->Unix line endings
+#
+#    Revision 1.1  2001/11/13 00:58:18  jongfoster
+#    New version of actions file editor templates
+#
+#
+##############################################################################
+#
+# Standard support:
+#
+# This file currently produces valid HTML 4.01 Strict.
+#
+# If you change it, please save the generated page from your web browser
+# and then upload it to http://validator.w3.org/ for checking.
+#
+#############################################################################
+#
+# Available variables include:
+#
+# filename
+# ver
+# section
+#
+#############################################################################
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+<head>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at favicon.ico" type="image/x-icon">
+
+  <title>Privoxy@@my-hostname@: Add URL Pattern</title>
+
+  <script type="text/javascript">
+<!--
+  function validate(text)
+  {
+  if (text=="")
+  {
+    alert("You need to type a pattern in order to continue!");
+    return false;
+  }
+
+  return true;
+}
+//-->
+  </script>
+</head>
+
+<body>
+
+  <table cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="title">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="box">
+        <h2>Add URL or TAG Pattern</h2>
+        <form method="GET" action="edit-actions-add-url"
+              onSubmit="return validate(u.value);">
+          <p>
+            <input type="hidden" name="f" value="@f@">
+            <input type="hidden" name="v" value="@v@">
+            <input type="hidden" name="s" value="@s@">
+            <input type="text" name="u" value="" size="78" class="pattern"><br>
+            <input type="submit" value="Submit">  
+            <input type="reset" value="Reset">  
+            <a class="cmd" href="edit-actions-list?f=@f@#l at s@">Cancel</a>
+          </p>
+        </form>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box">
+        <h2>More Privoxy:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+
+  </table>
+
+</body>
+</html>
+
diff --git a/external/privoxy/templates/edit-actions-for-url b/external/privoxy/templates/edit-actions-for-url
new file mode 100644
index 0000000..fd673af
--- /dev/null
+++ b/external/privoxy/templates/edit-actions-for-url
@@ -0,0 +1,1425 @@
+##############################################################################
+#
+# File        :  $Source: /cvsroot/ijbswa/current/templates/edit-actions-for-url,v $
+#
+# Purpose     :  Template used to edit the actions associated with a
+#                particular section in an actions file.
+# 
+#
+# Copyright   :  Written by and Copyright (C) 2001-2008 the SourceForge
+#                Privoxy team. http://www.privoxy.org/
+#
+#                Original Author: Copyright (C) 2001 Jonathan Foster
+#                http://www.jon-foster.co.uk/
+#
+#                This program is free software; you can redistribute it 
+#                and/or modify it under the terms of the GNU General
+#                Public License as published by the Free Software
+#                Foundation; either version 2 of the License, or (at
+#                your option) any later version.
+#
+#                This program is distributed in the hope that it will
+#                be useful, but WITHOUT ANY WARRANTY; without even the
+#                implied warranty of MERCHANTABILITY or FITNESS FOR A
+#                PARTICULAR PURPOSE.  See the GNU General Public
+#                License for more details.
+#
+#                The GNU General Public License should be included with
+#                this file.  If not, you can view it at
+#                http://www.gnu.org/copyleft/gpl.html
+#                or write to the Free Software Foundation, Inc., 59
+#                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
+# Revisions   :
+#    $Log: edit-actions-for-url,v $
+#    Revision 1.56  2008/09/20 10:04:33  fabiankeil
+#    Remove hide-forwarded-for-headers action which has
+#    been obsoleted by change-x-forwarded-for{block}.
+#
+#    Revision 1.55  2008/09/19 15:26:29  fabiankeil
+#    Add change-x-forwarded-for{} action to block or add
+#    X-Forwarded-For headers. Mostly based on code removed
+#    before 3.0.7.
+#
+#    Revision 1.54  2008/03/29 12:14:27  fabiankeil
+#    Remove send-wafer and send-vanilla-wafer actions.
+#
+#    Revision 1.53  2008/03/28 15:13:45  fabiankeil
+#    Remove inspect-jpegs action.
+#
+#    Revision 1.52  2008/03/15 14:52:36  fabiankeil
+#    Add CGI editor support for the "disable all filters of this type"
+#    directives "-client-header-filter", "-server-header-filter",
+#    "-client-header-tagger" and "-server-header-tagger".
+#
+#    Revision 1.51  2008/03/07 16:46:49  fabiankeil
+#    Reword limit-connect{} entry.
+#
+#    Revision 1.50  2008/03/04 18:30:44  fabiankeil
+#    Remove the treat-forbidden-connects-like-blocks action. We now
+#    use the "blocked" page for forbidden CONNECT requests by default.
+#
+#    Revision 1.49  2008/03/01 14:00:47  fabiankeil
+#    Let the block action take the reason for the block
+#    as argument and show it on the "blocked" page.
+#
+#    Revision 1.48  2007/12/11 21:18:55  fabiankeil
+#    Make forward-override accessible through the CGI editor.
+#
+#    Revision 1.47  2007/12/06 18:21:55  fabiankeil
+#    Update hide-forwarded-for-headers description.
+#
+#    Revision 1.46  2007/11/10 15:06:10  fabiankeil
+#    - Add support for +hide-referrer{conditional-forge}.
+#    - Minor rewordings.
+#
+#    Revision 1.45  2007/05/24 13:38:45  fabiankeil
+#    Two minor fixes.
+#
+#    Revision 1.44  2007/04/15 16:39:21  fabiankeil
+#    Introduce tags as alternative way to specify which
+#    actions apply to a request. At the moment tags can be
+#    created based on client and server headers.
+#
+#    Revision 1.43  2007/03/29 11:40:34  fabiankeil
+#    Divide @filter-params@ into @client-header-filter-params@
+#    @content-filter-params@ and @server-header-filter-params at .
+#
+#    Revision 1.42  2007/03/20 15:40:00  fabiankeil
+#    Adjust to new world order with dedicated header-filter actions.
+#
+#    Revision 1.41  2007/01/23 16:03:16  fabiankeil
+#    - Add favicon links.
+#    - Remove useless W3C validator links.
+#
+#    Revision 1.40  2006/12/21 13:01:03  fabiankeil
+#    Prepare for "split-large-forms".
+#
+#    Mention that redirect{} now also understands
+#    a single pcrs job as argument.
+#
+#    Add some table summaries and remove useless validator link.
+#
+#    Revision 1.39  2006/10/04 17:37:54  fabiankeil
+#    JavaScript fix for bug report #1570678.
+#
+#    Revision 1.38  2006/09/08 12:06:35  fabiankeil
+#    Have hide-if-modified-since interpret the random
+#    range value as minutes instead of hours. Allows
+#    more fine-grained configuration.
+#
+#    Revision 1.37  2006/09/05 18:20:14  fabiankeil
+#    Sorted alphabetically, fixed spelling mistakes
+#    and shortened some descriptions.
+#
+#    Revision 1.36  2006/08/14 08:29:17  fabiankeil
+#    Split filter-headers{} into filter-client-headers{}
+#    and filter-server-headers{}.
+#
+#    Revision 1.35  2006/08/03 02:46:42  david__schmidt
+#    Incorporate Fabian Keil's patch work:http://www.fabiankeil.de/sourcecode/privoxy/
+#
+#    Revision 1.34  2006/07/18 14:49:13  david__schmidt
+#    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+#    with what was really the latest development (the v_3_0_branch branch)
+#
+#    Revision 1.29.2.5  2004/10/05 03:17:26  david__schmidt
+#    Typo: inspect_jpegs, not inspect-jpegs in form
+#
+#    Revision 1.29.2.4  2004/10/03 12:53:46  david__schmidt
+#    Add the ability to check jpeg images for invalid
+#    lengths of comment blocks.  Defensive strategy
+#    against the exploit:
+#       Microsoft Security Bulletin MS04-028
+#       Buffer Overrun in JPEG Processing (GDI+) Could
+#       Allow Code Execution (833987)
+#    Enabled with +inspect-jpegs in actions files.
+#
+#    Revision 1.29.2.3  2002/08/23 02:22:53  hal9
+#    Fix a perl brain fart with <li> in comments.
+#
+#    Revision 1.29.2.1  2002/08/02 12:51:42  oes
+#    Added top submit button; Consistency with docs: Change default name for action from hide-referer to hide-referrer
+#
+#    Revision 1.29  2002/05/21 19:10:57  oes
+#    Fixed JavaScript error
+#
+#    Revision 1.28  2002/05/14 21:36:38  oes
+#     - Renamed prevent-(setting/reading)-cookies to
+#       crunch-(incoming/outgoing)-cookies
+#     - Renamed helplink export to actions-help-prefix
+#     - Restored alphabetical order of actions
+#
+#    Revision 1.27  2002/04/26 22:55:26  jongfoster
+#    Removing the alternating colors because they've been wrong
+#    since the actions renames, they're high maintenance, they
+#    don't look particularly good, and now there are gaps between
+#    the table cells we don't need them.
+#
+#    Revision 1.26  2002/04/26 21:55:17  jongfoster
+#    Cosmetic change: Making the +filter UI look the same as
+#    the other actions.
+#
+#    Revision 1.25  2002/04/26 21:37:50  jongfoster
+#    Fixing all(?) the substitutions that were broken in the
+#    recent actions rename.
+#
+#    Revision 1.24  2002/04/26 18:24:28  jongfoster
+#    Fixing typos in help hyperlinks
+#
+#    Revision 1.23  2002/04/26 12:57:02  oes
+#    Actions renamed, alphabetically sorted, comments fixed, and names linked to help
+#
+#    Revision 1.22  2002/04/10 13:32:53  oes
+#    Made templates modular
+#
+#    Revision 1.21  2002/04/08 17:05:18  oes
+#    Inline a style exception
+#
+#    Revision 1.20  2002/04/05 16:01:30  oes
+#    Correct HTML, external Stylesheets, eye candy, some fixes
+#
+#    Revision 1.19  2002/03/26 22:29:56  swa
+#    we have a new homepage!
+#
+#    Revision 1.18  2002/03/24 16:32:08  jongfoster
+#    Removing logo option
+#
+#    Revision 1.17  2002/03/24 15:23:33  jongfoster
+#    Name changes
+#
+#    Revision 1.16  2002/03/24 11:01:06  swa
+#    name change
+#
+#    Revision 1.15  2002/03/23 16:18:15  swa
+#    renamed every reference to the old name with foobar.
+#    fixed "application foobar application" tag, fixed
+#    "the foobar" with "foobar". left junkbuster in cvs
+#    comments and remarks to history untouched. should
+#    make final rename easier.
+#
+#    Revision 1.14  2002/03/16 15:22:19  jongfoster
+#    Moving 'alpha' warning to the end of the page
+#
+#    Revision 1.13  2002/03/16 14:28:38  jongfoster
+#    First version of modular filters support
+#
+#    Revision 1.12  2002/03/12 01:42:50  oes
+#    Introduced modular filters
+#
+#    Revision 1.11  2002/03/08 18:19:14  jongfoster
+#    Adding +image-blocker{pattern} option to edit interface
+#
+#    Revision 1.10  2002/03/03 10:29:12  swa
+#    point users to the right feedback forms,
+#    not necessarily the developer list.
+#
+#    Revision 1.9  2002/01/23 00:26:45  jongfoster
+#    Reducing length of URLs
+#    Where encoded and unencoded versions of a string existed, removing
+#    the unencoded one.
+#
+#    Revision 1.8  2002/01/17 21:33:00  jongfoster
+#    Replacing all references to the URL of the config interface
+#    with @default-cgi@
+#
+#    Revision 1.7  2002/01/17 21:21:03  jongfoster
+#    DOS->Unix line endings
+#
+#    Revision 1.6  2001/11/22 21:58:41  jongfoster
+#    Adding action +no-cookies-keep
+#
+#    Revision 1.5  2001/11/13 21:12:17  jongfoster
+#    Added support for the following actions:
+#    +downgrade, +limit-connect, +no-compression
+#
+#    Revision 1.4  2001/11/13 00:58:18  jongfoster
+#    New version of actions file editor templates
+#
+#
+##############################################################################
+#
+# Browser support for the JavaScript on this page:
+#   MS Internet Explorer 5.5 - Tested,   Yes
+#   Netscape 6.0             - Tested,   Yes
+#   Netscape 4.75            - Tested,   NO
+#   Opera 5.12               - Tested,   NO
+#   MS Internet Explorer 4+  - Untested, Yes
+#   MS IE 3.x, NS3.x         - Untested, NO
+#   Mozilla >=0.6            - Untested, Yes
+#
+# All browsers should work, you just might not get the pretty DHTML effects.
+#
+# The effects that only work under the browsers marked "Yes" above are:
+#  - Text edit boxes that won't have any effect are disabled.
+#  - Table rows containing additional settings are hidden if the feature in
+#    question is disabled.
+#
+# There are major kludges to get around these problems with NS4, but they
+# screw up the HTML too much for other browsers.  If anyone wants to try,
+# here's some descriptions of the kludges:
+#    http://www.webreference.com/js/tips/991114.html
+#    http://www.webreference.com/dhtml/column12/outDisplay.html
+#
+# If you're favorite browser isn't listed, please test and add it.
+#
+#
+#############################################################################
+#
+# Standard support:
+#
+# This file currently produces valid HTML 4.01 Strict.
+#
+# If you change it, please save the generated page from your web browser
+# and then upload it to http://validator.w3.org/ for checking.
+#
+#############################################################################
+#
+# Available variables include:
+#
+# action-name-y
+# action-name-n
+# action-name-x
+#
+# deanimate-gifs-param-first
+# deanimate-gifs-param-last
+# hide-from-param-block
+# hide-from-param-custom
+# hide-from-param
+# hide-referrer-param-forge
+# hide-referrer-param-block
+# hide-referrer-param-custom
+# hide-referrer-param
+# hide-user-agent-param
+# image-blocker-param-pattern
+# image-blocker-param-blank
+# image-blocker-param-custom
+#
+#
+#############################################################################
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at favicon.ico" type="image/x-icon">
+
+  <title>Privoxy@@my-hostname@: Edit actions</title>
+
+<style type="text/css">
+td.action    { font-weight: bold;
+               font-style: italic;
+               white-space: nowrap       }
+td.subaction { font-style: italic        }
+th           { font-weight: bold;        }
+# This is the key to the color names below:
+# bg=background, en="Enable", dis="Disable", noc="No Change", hdr=header
+# 1=odd rows, 2=even rows, h=Table header
+tr.hdr       { background-color: #999999 }
+tr.bg1       { background-color: #eeeeee }
+td.en1       { background-color: #ddffdd }
+td.dis1      { background-color: #ffdddd }
+td.noc1      { background-color: #ddddff }
+th.enh       { background-color: #99ff99 }
+th.dish      { background-color: #ff9999 }
+th.noch      { background-color: #9999ff }
+table.wide   { padding: 5px; }
+td.green     { border: solid black 1px; background-color: #ddffdd; }
+</style>
+
+<!--
+border-color: white;
+               border-style: solid;
+               border-left-width: 10px;
+               border-right-width: 10px;
+               border-top-width: 0px;
+               border-bottom-width: 0px  }
+-->
+
+<script type="text/javascript">
+<!--
+
+function hide_from_header_param_disable(tf)
+{
+    if (document.getElementById) {
+    	// NS6 or IE5
+        document.getElementById("hide_from_header_param").disabled = tf;
+    } else if (document.all) {
+        // IE4
+        document.myform.hide_from_header_param.disabled = tf;
+    }
+}
+
+function hide_referrer_param_disable(tf)
+{
+    if (document.getElementById) {
+        document.getElementById("hide_referrer_param").disabled = tf;
+    } else if (document.all) {
+        document.myform.hide_referrer_param.disabled = tf;
+    }
+}
+
+function set_image_blocker_param_disable(tf)
+{
+    if (document.getElementById) {
+        document.getElementById("set_image_blocker_param").disabled = tf;
+    } else if (document.all) {
+        document.myform.set_image_blocker_param.disabled = tf;
+    }
+}
+
+function show_add_header_opts(tf)
+{
+    if (document.getElementById) {
+        target = document.getElementById("add_header_opts");
+    } else if (document.all) {
+        target = document.add_header_opts;
+    } else {
+        return;
+    }
+    target.style.display = (tf ? "" : "none");
+}
+
+function show_deanimate_opts(tf)
+{
+    if (document.getElementById) {
+        target = document.getElementById("deanimate_opts");
+    } else if (document.all) {
+        target = document.deanimate_opts;
+    } else {
+        return;
+    }
+    target.style.display = (tf ? "" : "none");
+}
+
+function show_hide_from_header_opts(tf)
+{
+    if (document.getElementById) {
+        target = document.getElementById("hide_from_header_opts");
+    } else if (document.all) {
+        target = document.hide_from_header_opts;
+    } else {
+        return;
+    }
+    target.style.display = (tf ? "" : "none");
+}
+
+function show_hide_referrer_opts(tf)
+{
+    if (document.getElementById) {
+        target = document.getElementById("hide_referrer_opts");
+    } else if (document.all) {
+        target = document.hide_referrer_opts;
+    } else {
+        return;
+    }
+    target.style.display = (tf ? "" : "none");
+}
+
+function show_user_agent_opts(tf)
+{
+    if (document.getElementById) {
+        target = document.getElementById("user_agent_opts");
+    } else if (document.all) {
+        target = document.user_agent_opts;
+    } else {
+        return;
+    }
+    target.style.display = (tf ? "" : "none");
+}
+
+function show_set_image_blocker_opts(tf)
+{
+    if (document.getElementById) {
+        target = document.getElementById("set_image_blocker_opts");
+    } else if (document.all) {
+        target = document.set_image_blocker_opts;
+    } else {
+        return;
+    }
+    target.style.display = (tf ? "" : "none");
+}
+
+function show_limit_connect_opts(tf)
+{
+    if (document.getElementById) {
+        target = document.getElementById("limit_connect_opts");
+    } else if (document.all) {
+        target = document.limit_connect_opts;
+    } else {
+        return;
+    }
+    target.style.display = (tf ? "" : "none");
+}
+
+//-->
+</script>
+</head>
+
+<body>
+
+<!-- @if-one-form-only-start -->
+<form method="GET" action="edit-actions-submit" id="myform" name="myform">
+<!-- if-one-form-only-end@ -->
+
+  <table summary="" cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="title">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+<!-- @if-one-form-only-start -->
+    <tr>
+      <td class="box">
+        <h2>Edit Actions
+          <input type="hidden" name="f" value="@f@">
+          <input type="hidden" name="v" value="@v@">
+          <input type="hidden" name="s" value="@s@">
+        </h2>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="green" align="center">
+        <p><input type="submit" value="Submit" name="Submit"></p>
+      </td>
+    </tr>
+<!-- if-one-form-only-end@ -->
+
+<tr><td class="wrapbox">
+
+<!-- @if-multiple-forms-start -->
+<form method="GET" action="edit-actions-submit" id="myform" name="myform">
+  <h2>Edit Actions (Section 1)</h2>
+<!-- if-multiple-forms-end@ -->
+
+  <table summary="Action section 1" border="0" cellspacing="2" width="100%" class="wide">
+    <tr class="hdr" align="left">
+      <th class="enh" align="center">Enable</th>
+      <th class="dish" align="center">Disable</th>
+      <th class="noch" align="center">No Change</th>
+      <th>Action</th>
+      <th>Description</th>
+    </tr>
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="add_header" id="add_header_y" value="Y" @add-header-y@
+        onclick="show_add_header_opts(true)"></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="add_header" value="N" @add-header-n@
+        onclick="show_add_header_opts(false)"></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="add_header" value="X" @add-header-x@
+        onclick="show_add_header_opts(false)"></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at ADD-HEADER">add-header</a></td>
+      <td>Adds HTTP headers.</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top" id="add_header_opts">
+      <td class="en1"> </td>
+      <td class="dis1"> </td>
+      <td class="noc1"> </td>
+      <td> </td>
+      <td>Editing the settings for this option, or turning
+        it on if it was off, is not yet supported using this web-based
+        editor.</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="block" value="Y" @block-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="block" value="N" @block-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="block" value="X" @block-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at BLOCK">block</a></td>
+      <td>Block the request.</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top" id="block_opts">
+      <td class="en1"> </td>
+      <td class="dis1"> </td>
+      <td class="noc1"> </td>
+      <td> </td>
+      <td>Block reason to tell the user:<br>
+        <input type="text" name="block_mode" size="40" value="@block-param@">
+      </td>
+    </tr>
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="change_x_forwarded_for" id="change_x_forwarded_for_y" value="Y" @change-x-forwarded-for-y@
+        onclick="show_change_x_forwarded_for_opts(true)"></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="change_x_forwarded_for" value="N" @change-x-forwarded-for-n@
+        onclick="show_change_x_forwarded_for_opts(false)"></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="change_x_forwarded_for" value="X" @change-x-forwarded-for-x@
+        onclick="show_change_x_forwarded_for_opts(false)"></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at CHANGE-X-FORWARDED-FOR">change-x-forwarded-for</a></td>
+      <td>Specifies whether to block or add X-Forwarded-For headers.</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top" id="change_x_forwarded_for_opts">
+      <td class="en1"> </td>
+      <td class="dis1"> </td>
+      <td class="noc1"> </td>
+      <td> </td>
+      <td><input type="radio" name="change_x_forwarded_for_mode" value="block"
+        id="change_x_forwarded_for_mode_block" @change-x-forwarded-for-param-block@><label
+        for="change_x_forwarded_for_mode_block">Block the header.</label><br>
+        <input type="radio" name="change_x_forwarded_for_mode" value="add"
+        id="change_x_forwarded_for_mode_add" @change-x-forwarded-for-param-add@><label 
+        for="change_x_forwarded_for_mode_add">Add the header.</label><br>
+    </tr>
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1"> </td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="client_header_filter_all" id="client_header_filter_all_n" value="N" @client-header-filter-all-n@ ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="client_header_filter_all" id="client_header_filter_all_x" value="X" @client-header-filter-all-x@ ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at CLIENT-HEADER-FILTER">client-header-filter</a> *</td>
+      <td>Filter the client headers.
+        You can use the radio buttons on this line to disable
+        all client-header filters applied by previous rules, and/or
+        you can enable or disable the filters individually below.</td>
+    </tr>
+ at client-header-filter-params@
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1"> </td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="client_header_tagger_all" id="client_header_tagger_all_n" value="N" @client-header-tagger-all-n@ ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="client_header_tagger_all" id="client_header_tagger_all_x" value="X" @client-header-tagger-all-x@ ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at CLIENT-HEADER-TAGGER">client-header-tagger</a> *</td>
+      <td>Create tags based on the client headers.
+        You can use the radio buttons on this line to disable
+        all client-header taggers applied by previous rules, and/or
+        you can enable or disable the taggers individually below.</td>
+    </tr>
+ at client-header-tagger-params@
+   <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="content_type_overwrite" value="Y" @content-type-overwrite-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="content_type_overwrite" value="N" @content-type-overwrite-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="content_type_overwrite" value="X" @content-type-overwrite-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at CONTENT_TYPE_OVERWRITE">content-type-overwrite</a></td>
+      <td>Replace Content-Type header. By default it only applies to
+	 text documents, but if you know what you're doing you
+	 can enable force-text-mode to modify binary content types as well.</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top" id="content_type_overwrite_opts">
+      <td class="en1"> </td>
+      <td class="dis1"> </td>
+      <td class="noc1"> </td>
+      <td> </td>
+      <td>New Content-Type:<br>
+        <input type="text" name="content_type_overwrite_mode" size="40"
+        value="@content-type-overwrite-param@"></td>
+    </tr>
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="crunch_client_header" id="crunch_client_header_y" value="Y" @crunch-client-header-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="crunch_client_header" value="N" @crunch-client-header-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="crunch_client_header" value="X" @crunch-client-header-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at CRUNCH-CLIENT-HEADER">crunch-client-header</a></td>
+      <td>Remove header(s) matching the supplied pattern.</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top" id="crunch_client_header_opts">
+      <td class="en1"> </td>
+      <td class="dis1"> </td>
+      <td class="noc1"> </td>
+      <td> </td>
+      <td>Header string to suppress:<br>
+        <input type="text" name="crunch_client_header_mode" size="40"
+        value="@crunch-client-header-param@"></td>
+    </tr>
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="crunch_if_none_match" value="Y" @crunch-if-none-match-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="crunch_if_none_match" value="N" @crunch-if-none-match-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="crunch_if_none_match" value="X" @crunch-if-none-match-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at CRUNCH_IF_NONE_MATCH">crunch-if-none-match</a></td>
+      <td>Remove If-None-Match header. Useful for filter testing
+         and to make sure the header can't be used to track your visits.</td>
+    </tr>
+
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="crunch_incoming_cookies" value="Y" @crunch-incoming-cookies-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="crunch_incoming_cookies" value="N" @crunch-incoming-cookies-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="crunch_incoming_cookies" value="X" @crunch-incoming-cookies-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at CRUNCH-INCOMING-COOKIES">crunch-incoming-cookies</a></td>
+      <td>Prevent the website from setting HTTP cookies on your system.</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="crunch_outgoing_cookies" value="Y" @crunch-outgoing-cookies-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="crunch_outgoing_cookies" value="N" @crunch-outgoing-cookies-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="crunch_outgoing_cookies" value="X" @crunch-outgoing-cookies-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at CRUNCH-OUTGOING-COOKIES">crunch-outgoing-cookies</a></td>
+      <td>Prevent the website from reading HTTP cookies from your system.</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="crunch_server_header" id="crunch_server_header_y" value="Y" @crunch-server-header-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="crunch_server_header" value="N" @crunch-server-header-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="crunch_server_header" value="X" @crunch-server-header-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at CRUNCH-SERVER-HEADER">crunch-server-header</a></td>
+      <td>Remove server header(s) matching the supplied pattern.</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top" id="crunch_server_header_opts">
+      <td class="en1"> </td>
+      <td class="dis1"> </td>
+      <td class="noc1"> </td>
+      <td> </td>
+      <td>Header string to suppress:<br>
+        <input type="text" name="crunch_server_header_mode" size="40"
+        value="@crunch-server-header-param@"></td>
+    </tr>
+
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="deanimate_gifs" id="deanimate_gifs_y" value="Y" @deanimate-gifs-y@
+        onclick="show_deanimate_opts(true)"></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="deanimate_gifs" value="N" @deanimate-gifs-n@
+        onclick="show_deanimate_opts(false)"></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="deanimate_gifs" value="X" @deanimate-gifs-x@
+        onclick="show_deanimate_opts(false)"></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at DEANIMATE-GIFS">deanimate-gifs</a></td>
+      <td>Replace animated GIFs with their (first/last) frame.</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top" id="deanimate_opts">
+      <td class="en1"> </td>
+      <td class="dis1"> </td>
+      <td class="noc1"> </td>
+      <td> </td>
+      <td>Use the <input type="radio" name="deanimate_gifs_mode"
+        value="first" id="deanimate_first" @deanimate-gifs-param-first@><label
+        for="deanimate_first">first frame</label>   <input
+        type="radio" name="deanimate_gifs_mode" value="last" 
+        id="deanimate_last" @deanimate-gifs-param-last@><label
+        for="deanimate_last">last frame</label></td>
+    </tr>
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="downgrade_http_version" value="Y" @downgrade-http-version-y@></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="downgrade_http_version" value="N" @downgrade-http-version-n@></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="downgrade_http_version" value="X" @downgrade-http-version-x@></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at DOWNGRADE-HTTP-VERSION"
+       >downgrade-http-version</a></td>
+      <td>Change HTTP/1.1 requests to HTTP/1.0.  Only change if you know
+        what you're doing!</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="fast_redirects" value="Y" @fast-redirects-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="fast_redirects" value="N" @fast-redirects-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="fast_redirects" value="X" @fast-redirects-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at FAST-REDIRECTS">fast-redirects</a></td>
+      <td>Bypass some click-tracking URLs.</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top" id="fast-redirects_opts">
+      <td class="en1"> </td>
+      <td class="dis1"> </td>
+      <td class="noc1"> </td>
+      <td> </td>
+      <td>
+       <input type="radio" name="fast_redirects_mode"
+        value="simple-check" id="fast_redirects_simple_check" @fast-redirects-param-simple-check@><label
+        for="fast_redirects_simple_check">Simple check.</label>
+       <br>
+       <input type="radio" name="fast_redirects_mode" value="check-decoded-url" 
+        id="fast_redirects_check_decoded_url" @fast-redirects-param-check-decoded-url@><label
+        for="fast_redirects_check_decoded_url">Decode URL before checking.</label></td>
+    </tr>
+<!-- @if-multiple-forms-start -->
+   </table>
+   <p>
+    <input type="hidden" name="f" value="@f@">
+    <input type="hidden" name="v" value="@v@">
+    <input type="hidden" name="s" value="@s@">
+    <input type="submit" value="Submit changes in Section 1" name="Submit">
+  </p>
+  </form>
+ </td></tr>
+ <tr><td class="wrapbox">
+  <form method="GET" action="edit-actions-submit" id="myform-2" name="myform">
+  <h2>Edit Actions (Section 2)</h2>
+  <table summary="Action section 2" border="0" cellspacing="2" width="100%" class="wide">
+    <tr class="hdr" align="left">
+      <th class="enh" align="center">Enable</th>
+      <th class="dish" align="center">Disable</th>
+      <th class="noch" align="center">No Change</th>
+      <th>Action</th>
+      <th>Description</th>
+    </tr>
+<!-- if-multiple-forms-end@ -->
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1"> </td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="filter_all" id="filter_all_n" value="N" @filter-all-n@ ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="filter_all" id="filter_all_x" value="X" @filter-all-x@ ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at FILTER">filter</a> *</td>
+      <td>Filter the website through regular expression
+        filters.  You can use the radio buttons on this line to disable
+        all filters applied by previous rules, and/or you can enable or
+        disable the filters individually below.</td>
+    </tr>
+
+ at content-filter-params@
+
+<!-- @if-multiple-forms-start -->
+   </table>
+   <p>
+    <input type="hidden" name="f" value="@f@">
+    <input type="hidden" name="v" value="@v@">
+    <input type="hidden" name="s" value="@s@">
+    <input type="submit" value="Submit changes in Section 2" name="Submit">
+   </p>
+  </form>
+ </td></tr>
+ <tr><td class="wrapbox">
+  <form method="GET" action="edit-actions-submit" id="myform-3" name="myform">
+  <h2>Edit Actions (Section 3)</h2>
+  <table summary="Action section 3" border="0" cellspacing="2" width="100%" class="wide">
+    <tr class="hdr" align="left">
+      <th class="enh" align="center">Enable</th>
+      <th class="dish" align="center">Disable</th>
+      <th class="noch" align="center">No Change</th>
+      <th>Action</th>
+      <th>Description</th>
+    </tr>
+<!-- if-multiple-forms-end@ -->
+   <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="force_text_mode" value="Y" @force-text-mode-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="force_text_mode" value="N" @force-text-mode-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="force_text_mode" value="X" @force-text-mode-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at FORCE_TEXT_MODE">force-text-mode</a></td>
+      <td>
+       Enable filtering on documents whose Content-Type wasn't recognized as text.
+       Do think twice, nothing is alright.
+     </td>
+    </tr>
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="forward_override" id="forward_override_y" value="Y" @forward-override-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="forward_override" id="forward_override_n" value="N" @forward-override-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="forward_override" id="forward_override_x" value="X" @forward-override-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at FORWARD-OVERRIDE">forward-override</a></td>
+      <td>Override forward directives in the configuration file.
+          Note that the <a href="@user-manual at actions-file.html#FORWARD-OVERRIDE">parameter syntax</a>
+          isn't checked until the action is used. <strong class="warning">Syntax errors
+          will cause Privoxy to exit.</strong></td>
+    </tr>
+    <tr class="bg1" align="left" valign="top" id="forward_override_language_opts">
+      <td class="en1"> </td>
+      <td class="dis1"> </td>
+      <td class="noc1"> </td>
+      <td> </td>
+      <td>
+        Overriding forward directive:<br>
+        <input type="text" name="forward_override_param" 
+        id="forward_override_param" size="40"
+        value="@forward-override-param@"><br>
+     </td>
+    </tr>
+   <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="handle_as_empty_document" value="Y" @handle-as-empty-document-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="handle_as_empty_document" value="N" @handle-as-empty-document-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="handle_as_empty_document" value="X" @handle-as-empty-document-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at HANDLE_AS_EMPTY_DOCUMENT">handle-as-empty-document</a></td>
+      <td>
+       Block with an <em>empty</em> document instead of an Image or HTML message.
+       The <em>empty</em> document contains only a space and can safely be parsed
+       as JavaScript or Style Sheet. Use content-type-overwrite to specify the
+       Content-Type, default is <q>text/html</q>.
+     </td>
+    </tr>
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="handle_as_image" value="Y" @handle-as-image-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="handle_as_image" value="N" @handle-as-image-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="handle_as_image" value="X" @handle-as-image-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at HANDLE-AS-IMAGE">handle-as-image</a></td>
+      <td>Request is for an image (only useful in conjunction with the <i><b><a href="@user-manual@@actions-help-prefix at BLOCK">block</a></b></i>
+        and <i><b><a href="@user-manual@@actions-help-prefix at SET-IMAGE-BLOCKER">set-image-blocker</a></b></i> actions).</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="hide_accept_language" id="hide_accept_language_y" value="Y" @hide-accept-language-y@
+        onclick="show_hide_accept_language_opts(true)"></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="hide_accept_language" id="hide_accept_language_n" value="N" @hide-accept-language-n@
+        onclick="show_hide_accept_language_opts(false)"></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="hide_accept_language" id="hide_accept_language_x" value="X" @hide-accept-language-x@
+        onclick="show_hide_accept_language_opts(false)"
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at HIDE-ACCEPT-LANGUAGE">hide-accept-language</a></td>
+      <td>Pretend to have different language settings. (Makes a fake User-Agent more believable,
+          but you may end up with content in the language you pretended to understand.)</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top" id="hide_accept-language_opts">
+      <td class="en1"> </td>
+      <td class="dis1"> </td>
+      <td class="noc1"> </td>
+      <td> </td>
+      <td><input type="radio" name="hide_accept_language_mode" value="block"
+        onclick="hide_accept_language_param_disable(true)"
+        @hide-accept-language-param-block@ id="hide_accept_language_mode_block"><label
+        for="hide_accept_language_mode_block">Remove Accept-Language header without replacement.</label>
+        <br>
+        <input type="radio" name="hide_accept_language_mode" value="CUSTOM"
+        onclick="hide_accept_language_param_disable(false)"
+        @hide-accept-language-param-custom@ id="hide_accept_language_mode_set"><label
+        for="hide_accept_language_mode_set">Fake these language settings:</label><br>
+        <input type="text" name="hide_accept_language_param" 
+        id="hide_accept_language_param" size="40"
+        value="@hide-accept-language-param@"><br>
+     </td>
+    </tr>
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="hide_content_disposition" id="hide_content_disposition_y" value="Y" @hide-content-disposition-y@
+        onclick="show_hide_content_disposition_opts(true)"></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="hide_content_disposition" id="hide_content_disposition_n" value="N" @hide-content-disposition-n@
+        onclick="show_hide_content_disposition_opts(false)"></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="hide_content_disposition" id="hide_content_disposition_x" value="X" @hide-content-disposition-x@
+        onclick="show_hide_content_disposition_opts(false)"
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at HIDE-CONTENT-DISPOSITION">hide-content-disposition</a></td>
+      <td>Block or overwrite the content-disposition header. Useful to view a document inside the browser,
+       even if you were supposed to save it first, or to change the suggested file name.</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top" id="hide_content_disposition_opts">
+      <td class="en1"> </td>
+      <td class="dis1"> </td>
+      <td class="noc1"> </td>
+      <td> </td>
+      <td><input type="radio" name="hide_content_disposition_mode" value="block"
+        onclick="hide_content_disposition_param_disable(true)"
+        @hide-content-disposition-param-block@ id="hide_content_disposition_mode_block"><label
+        for="hide_content_disposition_mode_block">Remove content-disposition header without replacement.</label>
+        <br>
+        <input type="radio" name="hide_content_disposition_mode" value="CUSTOM"
+        onclick="hide_content_disposition_param_disable(false)"
+        @hide-content-disposition-param-custom@ id="hide_content_disposition_mode_set"><label
+        for="hide_content_disposition_mode_set">Overwrite content-dispostion header with:</label><br>
+        <input type="text" name="hide_content_disposition_param" 
+        id="hide_content_disposition_param" size="40"
+        value="@hide-content-disposition-param@"><br>
+     </td>
+    </tr>
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="hide_from_header" id="hide_from_header_y" value="Y" @hide-from-header-y@
+        onclick="show_hide_from_header_opts(true)"></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="hide_from_header" value="N" @hide-from-header-n@
+        onclick="show_hide_from_header_opts(false)"></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="hide_from_header" value="X" @hide-from-header-x@
+        onclick="show_hide_from_header_opts(false)"></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at HIDE-FROM-HEADER">hide-from-header</a></td>
+      <td>Stop old web browsers from sending the user's e-mail address with
+        every request.</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top" id="hide_from_header_opts">
+      <td class="en1"> </td>
+      <td class="dis1"> </td>
+      <td class="noc1"> </td>
+      <td> </td>
+      <td><input type="radio" name="hide_from_header_mode" value="block"
+        onclick="hide_from_header_param_disable(true);"
+        @hide-from-header-param-block@ id="hide_from_header_mode_block"><label
+        for="hide_from_header_mode_block">Remove completely</label><br>
+        <input type="radio" name="hide_from_header_mode" value="CUSTOM" 
+        onclick="hide_from_header_param_disable(false);"
+        @hide-from-header-param-custom@ id="hide_from_header_mode_set"><label
+        for="hide_from_header_mode_set">Fake e-mail address:</label><br>
+        <input type="text" name="hide_from_header_param" id="hide_from_header_param"
+        size="40" value="@hide-from-header-param@"></td>
+    </tr>
+
+   <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="hide_if_modified_since" value="Y" @hide-if-modified-since-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="hide_if_modified_since" value="N" @hide-if-modified-since-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="hide_if_modified_since" value="X" @hide-if-modified-since-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at HIDE_IF_MODIFIED_SINCE">hide-if-modified-since</a></td>
+      <td>Remove or randomize the If-Modified-Since header.</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top" id="hide_if-modifed-since_opts">
+      <td class="en1"> </td>
+      <td class="dis1"> </td>
+      <td class="noc1"> </td>
+      <td> </td>
+      <td><input type="radio" name="hide_if_modified_since_mode" value="block"
+        onclick="hide_if_modified_since_param_disable(true)"
+        @hide-if-modified-since-param-block@ id="hide_if_modified_since_mode_block"><label
+        for="hide_if_modified_since_mode_block">Remove without replacement.</label>
+        Useful for filter testing.<br>
+        <input type="radio" name="hide_if_modified_since_mode" value="CUSTOM"
+        onclick="hide_if_modified_since_param_disable(true)"
+        @hide-if-modified-since-param-custom@ id="hide_if_modified_since_mode_set"><label
+        for="hide_if_modified_since_mode_set">Add random amount of seconds in the range of</label>
+        <input type="text" name="hide_if_modified_since_param" 
+        id="hide_if_modified_since_param" size="4"
+        value="@hide-if-modified-since-param@"> minute(s).
+        To appreciate this option a small amount of paranoia is required,
+        but at least in theory the If-Modified-Since header could be used
+	to keep track of your visits.
+     </td>
+    </tr>
+<!-- @if-multiple-forms-start -->
+   </table>
+   <p>
+    <input type="hidden" name="f" value="@f@">
+    <input type="hidden" name="v" value="@v@">
+    <input type="hidden" name="s" value="@s@">
+    <input type="submit" value="Submit changes in Section 3" name="Submit">
+   </p>
+  </form>
+ </td></tr>
+ <tr><td class="wrapbox">
+  <form method="GET" action="edit-actions-submit" id="myform-4" name="myform">
+  <h2>Edit Actions (Section 4)</h2>
+  <table summary="Action section 4" border="0" cellspacing="2" width="100%" class="wide">
+    <tr class="hdr" align="left">
+      <th class="enh" align="center">Enable</th>
+      <th class="dish" align="center">Disable</th>
+      <th class="noch" align="center">No Change</th>
+      <th>Action</th>
+      <th>Description</th>
+    </tr>
+<!-- if-multiple-forms-end@ -->
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="hide_referrer" id="hide_referrer_y" value="Y" @hide-referrer-y@
+        onclick="show_hide_referrer_opts(true)"></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="hide_referrer" id="hide_referrer_n" value="N" @hide-referrer-n@
+        onclick="show_hide_referrer_opts(false)"></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="hide_referrer" id="hide_referrer_x" value="X" @hide-referrer-x@
+        onclick="show_hide_referrer_opts(false)"
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at HIDE-REFERRER">hide-referrer</a></td>
+      <td>Helps prevent tracking by not sending the URL of the previous web
+        page. </td>
+    </tr>
+    <tr class="bg1" align="left" valign="top" id="hide_referrer_opts">
+      <td class="en1"> </td>
+      <td class="dis1"> </td>
+      <td class="noc1"> </td>
+      <td> </td>
+      <td><input type="radio" name="hide_referrer_mode" value="block"
+        onclick="hide_referrer_param_disable(true)"
+        @hide-referrer-param-block@ id="hide_referrer_mode_block"><label
+        for="hide_referrer_mode_block">Remove completely</label> (breaks images
+        on some free web hosts).<br>
+        <input type="radio" name="hide_referrer_mode" value="forge"
+        onclick="hide_referrer_param_disable(true)"
+        @hide-referrer-param-forge@ id="hide_referrer_mode_forge"><label
+        for="hide_referrer_mode_forge">Fake as the root directory of the
+        site</label> (fools checks for in-site links.)<br>
+        <input type="radio" name="hide_referrer_mode" value="CUSTOM"
+        onclick="hide_referrer_param_disable(false)"
+        @hide-referrer-param-custom@ id="hide_referrer_mode_set"><label
+        for="hide_referrer_mode_set">Fake as this web address:</label><br>
+        <input type="text" name="hide_referrer_param" 
+        id="hide_referrer_param" size="40"
+        value="@hide-referrer-param@"><br>
+        <input type="radio" name="hide_referrer_mode" value="conditional-block"
+        onclick="hide_referrer_param_disable(true)"
+        @hide-referrer-param-conditional-block@ id="hide_referrer_mode_conditional-block"><label
+        for="hide_referrer_mode_conditional-block">Remove completely if host has changed,
+        but don't touch in-site referrers.
+        Less suspicious than the options above.</label><br>
+        <input type="radio" name="hide_referrer_mode" value="conditional-forge"
+        onclick="hide_referrer_param_disable(true)"
+        @hide-referrer-param-conditional-forge@ id="hide_referrer_mode_conditional-forge"><label
+        for="hide_referrer_mode_conditional-forge">Forge referrer if host has
+        changed, but don't touch in-site referrers.</label><br>
+      </td>
+    </tr>
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="hide_user_agent" id="hide_user_agent_y" value="Y" @hide-user-agent-y@
+        onclick="show_user_agent_opts(true)"></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="hide_user_agent" value="N" @hide-user-agent-n@
+        onclick="show_user_agent_opts(false)"></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="hide_user_agent" value="X" @hide-user-agent-x@
+        onclick="show_user_agent_opts(false)"></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at HIDE-USER-AGENT">hide-user-agent</a></td>
+      <td>Pretend to be using a different web browser.  (May cause problems with broken web sites).</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top" id="user_agent_opts">
+      <td class="en1"> </td>
+      <td class="dis1"> </td>
+      <td class="noc1"> </td>
+      <td> </td>
+      <td>User Agent string to send:<br>
+        <input type="text" name="hide_user_agent_mode" size="40"
+        value="@hide-user-agent-param@"></td>
+    </tr>
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="limit_connect" id="limit_connect_y" value="Y" @limit-connect-y@
+        onclick="show_limit_connect_opts(true)"></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="limit_connect" value="N" @limit-connect-n@
+        onclick="show_limit_connect_opts(false)"></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="limit_connect" value="X" @limit-connect-x@
+        onclick="show_limit_connect_opts(false)"></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at LIMIT-CONNECT">limit-connect</a></td>
+      <td>Limit which ports are allowed in HTTP CONNECT requests. These requests are
+        used to tunnel SSL and other protocols through HTTP proxies.</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top" id="limit_connect_opts">
+      <td class="en1"> </td>
+      <td class="dis1"> </td>
+      <td class="noc1"> </td>
+      <td> </td>
+      <td>Legal ports (comma separated, ranges allowed):<br>
+        <input type="text" name="limit_connect_mode" size="40"
+        value="@limit-connect-param@"></td>
+    </tr>
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="overwrite_last_modified" value="Y" @overwrite-last-modified-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="overwrite_last_modified" value="N" @overwrite-last-modified-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="overwrite_last_modified" value="X" @overwrite-last-modified-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at OVERWRITE_LAST_MODIFIED">overwrite-last-modified</a></td>
+      <td>Remove or randomize the Last-Modified header.</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top" id="overwrite_last_modified_opts">
+      <td class="en1"> </td>
+      <td class="dis1"> </td>
+      <td class="noc1"> </td>
+      <td> </td>
+      <td><input type="radio" name="overwrite_last_modified_mode" value="block"
+        onclick="overwrite_last_modified_param_disable(true)"
+        @overwrite-last-modified-param-block@ id="overwrite_last_modified_mode_block"><label
+        for="overwrite_last_modified_mode_block">Remove without replacement.</label>
+        <br>
+        <input type="radio" name="overwrite_last_modified_mode" value="reset-to-request-time"
+        onclick="overwrite_last_modified_param_disable(true)"
+        @overwrite-last-modified-param-reset-to-request-time@
+         id="overwrite_last_modified_mode_reset-to-request-time"><label
+        for="overwrite_last_modified_mode_reset-to-request-time">Reset to the time of the request.</label>
+        <br>
+        <input type="radio" name="overwrite_last_modified_mode" value="randomize"
+        onclick="overwrite_last_modified_param_disable(true)"
+        @overwrite-last-modified-param-randomize@
+         id="overwrite_last_modified_mode_randomize"><label
+        for="overwrite_last_modified_mode_randomize">Overwrite with random value
+        between original header value and the time of the request.</label>
+     </td>
+    </tr>
+
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="prevent_compression" value="Y" @prevent-compression-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="prevent_compression" value="N" @prevent-compression-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="prevent_compression" value="X" @prevent-compression-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at PREVENT-COMPRESSION">prevent-compression</a></td>
+      <td>Disables compression.  Compressed web pages are faster to
+        download, but cannot be filtered with <a href="@user-manual@@actions-help-prefix at FILTER"><b>filter</b></a>
+        or <a href="@user-manual@@actions-help-prefix at KILL-POPUPS"><b>kill-popups</b></a>
+        if your Privoxy version was build without zlib support.</td>
+    </tr>
+   <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="redirect" value="Y" @redirect-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="redirect" value="N" @redirect-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="redirect" value="X" @redirect-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at REDIRECT">redirect</a></td>
+      <td>Redirect to another address.
+    </tr>
+    <tr class="bg1" align="left" valign="top" id="redirect_opts">
+      <td class="en1"> </td>
+      <td class="dis1"> </td>
+      <td class="noc1"> </td>
+      <td> </td>
+      <td>Static address or a single pcrs command to redirect to a rewritten version of the original URL:<br>
+        <input type="text" name="redirect_mode" size="40"
+        value="@redirect-param@"></td>
+    </tr>
+
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1"> </td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="server_header_filter_all" id="server_header_filter_all_n" value="N" @server-header-filter-all-n@ ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="server_header_filter_all" id="server_header_filter_all_x" value="X" @server-header-filter-all-x@ ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at SERVER-HEADER-FILTER">server-header-filter</a> *</td>
+      <td>Filter the server headers.
+        You can use the radio buttons on this line to disable
+        all server-header filters applied by previous rules, and/or
+        you can enable or disable the filters individually below.</td>
+    </tr>
+ at server-header-filter-params@
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1"> </td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="server_header_tagger_all" id="server_header_tagger_all_n" value="N" @server-header-tagger-all-n@ ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="server_header_tagger_all" id="server_header_tagger_all_x" value="X" @server-header-tagger-all-x@ ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at SERVER-HEADER-TAGGER">server-header-tagger</a> *</td>
+      <td>Create tags based on the server headers.
+        You can use the radio buttons on this line to disable
+        all server-header taggers applied by previous rules, and/or
+        you can enable or disable the taggers individually below.</td>
+    </tr>
+ at server-header-tagger-params@
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="session_cookies_only" value="Y" @session-cookies-only-y@
+        ></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="session_cookies_only" value="N" @session-cookies-only-n@
+        ></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="session_cookies_only" value="X" @session-cookies-only-x@
+        ></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at SESSION-COOKIES-ONLY">session-cookies-only</a></td>
+      <td>HTTP cookies set by the website are changed to temporary
+        ("per-session") ones, which only last until you close your web
+        browser.  This will allow you to use sites that require cookies, but
+        sites will not be able to track you across sessions.  For this to
+        be useful, you should disable 
+        <a href="@user-manual@@actions-help-prefix at CRUNCH-OUTGOING-COOKIES"><b>crunch-outgoing-cookies</b></a> and
+        <a href="@user-manual@@actions-help-prefix at CRUNCH-INCOMING-COOKIES"><b>crunch-incoming-cookies</b></a>.</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top">
+      <td class="en1" align="center" valign="middle"><input type="radio"
+        name="set_image_blocker" id="set_image_blocker_y" value="Y" @set-image-blocker-y@
+        onclick="show_set_image_blocker_opts(true)"></td>
+      <td class="dis1" align="center" valign="middle"><input type="radio"
+        name="set_image_blocker" value="N" @set-image-blocker-n@
+        onclick="show_set_image_blocker_opts(false)"></td>
+      <td class="noc1" align="center" valign="middle"><input type="radio"
+        name="set_image_blocker" value="X" @set-image-blocker-x@
+        onclick="show_set_image_blocker_opts(false)"></td>
+      <td class="action"><a href="@user-manual@@actions-help-prefix at SET-IMAGE-BLOCKER">set-image-blocker</a></td>
+      <td>Specifies how to block images.</td>
+    </tr>
+    <tr class="bg1" align="left" valign="top" id="set_image_blocker_opts">
+      <td class="en1"> </td>
+      <td class="dis1"> </td>
+      <td class="noc1"> </td>
+      <td> </td>
+      <td><input type="radio" name="set_image_blocker_mode"
+        onclick="set_image_blocker_param_disable(true)"
+        value="pattern" id="set_image_blocker_mode_pattern"
+        @set-image-blocker-param-pattern@><label
+        for="set_image_blocker_mode_pattern">Send a pattern (<img
+        src="send-banner?type=p" width="12" height="12"
+        alt="pattern">)</label><br>
+        <input type="radio" name="set_image_blocker_mode" value="blank"
+        onclick="set_image_blocker_param_disable(true)"
+        id="set_image_blocker_mode_blank" @set-image-blocker-param-blank@><label 
+        for="set_image_blocker_mode_blank">Send a 1x1 transparent GIF</label><br>
+        <input type="radio" name="set_image_blocker_mode" value="CUSTOM"
+        onclick="set_image_blocker_param_disable(false)"
+        id="set_image_blocker_mode_set" @set-image-blocker-param-custom@><label
+        for="set_image_blocker_mode_set">Redirect
+        the browser to this image URL:</label><br>
+        <input type="text" name="set_image_blocker_param" id="set_image_blocker_param"
+        size="40" value="@set-image-blocker-param@"></td>
+    </tr>
+  </table>
+
+<!-- @if-multiple-forms-start -->
+  <p>
+   <input type="hidden" name="f" value="@f@">
+   <input type="hidden" name="v" value="@v@">
+   <input type="hidden" name="s" value="@s@">
+   <input type="submit" value="Submit changes in Section 4" name="Submit">
+  </p>
+ </form>
+<!-- if-multiple-forms-end@ -->
+</td></tr>
+<!-- @if-one-form-only-start -->
+    <tr>
+      <td class="green" align="center">
+        <p><input type="submit" value="Submit" name="Submit"></p>
+      </td>
+    </tr>
+<!-- if-one-form-only-end@ -->
+    <tr>
+      <td class="box">
+        <h2>More Privoxy:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+
+  </table>
+<!-- @if-one-form-only-start -->
+</form>
+<!-- if-one-form-only-end@ -->
+
+<script type="text/javascript">
+<!--
+
+if (document.getElementById) {
+    // alert("Netscape 6 or IE5");
+    document.getElementById("hide_from_header_param").disabled = !(document.getElementById("hide_from_header_mode_set").checked);
+    document.getElementById("hide_referrer_param").disabled = !(document.getElementById("hide_referrer_mode_set").checked);
+    document.getElementById("set_image_blocker_param").disabled = !(document.getElementById("set_image_blocker_mode_set").checked);
+
+    show_add_header_opts    (document.getElementById("add_header_y").checked);
+    show_deanimate_opts     (document.getElementById("deanimate_gifs_y").checked);
+    show_hide_from_header_opts(document.getElementById("hide_from_header_y").checked);
+    show_hide_referrer_opts (document.getElementById("hide_referrer_y").checked);
+    show_user_agent_opts    (document.getElementById("hide_user_agent_y").checked);
+    show_set_image_blocker_opts (document.getElementById("set_image_blocker_y").checked);
+    show_limit_connect_opts (document.getElementById("limit_connect_y").checked);
+    show_send_wafer_opts    (document.getElementById("send_wafer_y").checked);
+} else if (document.all) {
+    // alert("IE4");
+    document.myform.hide_from_header_param.disabled = !(document.myform.hide_from_header_mode_set.checked);
+    document.myform.hide_referrer_param.disabled = !(document.myform.hide_referrer_mode_set.checked);
+    document.myform.set_image_blocker_param.disabled = !(document.myform.set_image_blocker_mode_set.checked);
+
+    show_add_header_opts    (document.myform.add_header_y.checked);
+    show_deanimate_opts     (document.myform.deanimate_gifs_y.checked);
+    show_hide_from_header_opts (document.myform.hide_from_header_y.checked);
+    show_hide_referrer_opts (document.myform.hide_referrer_y.checked);
+    show_user_agent_opts    (document.myform.hide_user_agent_y.checked);
+    show_set_image_blocker_opts (document.myform.set_image_blocker_y.checked);
+    show_limit_connect_opts (document.myform.limit_connect_y.checked);
+    show_send_wafer_opts    (document.myform.send_wafer_y.checked);
+} else if (document.layers) {
+    // alert("Netscape 4");
+}
+//-->
+</script>
+
+
+</body>
+
+</html>
diff --git a/external/privoxy/templates/edit-actions-for-url-filter b/external/privoxy/templates/edit-actions-for-url-filter
new file mode 100644
index 0000000..d4dad90
--- /dev/null
+++ b/external/privoxy/templates/edit-actions-for-url-filter
@@ -0,0 +1,40 @@
+##############################################################################
+#
+# File        :  $Source: /cvsroot/ijbswa/current/templates/edit-actions-for-url-filter,v $
+#
+# Purpose     :  Template that is included from most of Privoxy's CGI pages
+#                to show the user how to get help or report problems.
+# 
+#
+# Copyright   :  Written by and Copyright (C) 2002-2007 members of
+#                the SourceForge Privoxy team. http://www.privoxy.org/
+#
+#                This template is free software; you can redistribute it 
+#                and/or modify it under the terms of the GNU General
+#                Public License as published by the Free Software
+#                Foundation; either version 2 of the License, or (at
+#                your option) any later version.
+#
+# Revisions   :
+#    $Log: edit-actions-for-url-filter,v $
+#    Revision 1.8  2007/03/29 11:40:34  fabiankeil
+#    Divide @filter-params@ into @client-header-filter-params@
+#    @content-filter-params@ and @server-header-filter-params at .
+#
+#    Revision 1.7  2007/03/20 15:40:00  fabiankeil
+#    Adjust to new world order with dedicated header-filter actions.
+#
+#
+##############################################################################
+
+<tr class="bg1" align="left" valign="top">
+  <td class="en1" align="center" valign="middle"><input type="radio" name="filter_r at index@" value="Y" @this-filter-y@></td>
+  <td class="dis1" align="center" valign="middle"><input type="radio" name="filter_r at index@" value="N" @this-filter-n@></td>
+  <td class="noc1" align="center" valign="middle"><input type="radio" name="filter_r at index@" value="X" @this-filter-x@></td>
+  <td class="action">
+    <input type="hidden" name="filter_t at index@" value="@abbr-filter-type@">
+    <input type="hidden" name="filter_n at index@" value="@name@">
+    <a href="@user-manual@@actions-help-prefix@@anchor@">@filter-type@</a> @name@
+  </td>
+  <td>@description@</td>
+</tr>
diff --git a/external/privoxy/templates/edit-actions-list b/external/privoxy/templates/edit-actions-list
new file mode 100644
index 0000000..85ec9b5
--- /dev/null
+++ b/external/privoxy/templates/edit-actions-list
@@ -0,0 +1,412 @@
+##############################################################################
+#
+# File        :  $Source: /cvsroot/ijbswa/current/templates/edit-actions-list,v $
+#
+# Purpose     :  Template used to edit the actions file.
+# 
+#
+# Copyright   :  Written by and Copyright (C) 2001-2007 the SourceForge
+#                Privoxy team. http://www.privoxy.org/
+#
+#                Original Author: Copyright (C) 2001 Jonathan Foster
+#                http://www.jon-foster.co.uk/
+#
+#                This program is free software; you can redistribute it 
+#                and/or modify it under the terms of the GNU General
+#                Public License as published by the Free Software
+#                Foundation; either version 2 of the License, or (at
+#                your option) any later version.
+#
+#                This program is distributed in the hope that it will
+#                be useful, but WITHOUT ANY WARRANTY; without even the
+#                implied warranty of MERCHANTABILITY or FITNESS FOR A
+#                PARTICULAR PURPOSE.  See the GNU General Public
+#                License for more details.
+#
+#                The GNU General Public License should be included with
+#                this file.  If not, you can view it at
+#                http://www.gnu.org/copyleft/gpl.html
+#                or write to the Free Software Foundation, Inc., 59
+#                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
+# Revisions   :
+#    $Log: edit-actions-list,v $
+#    Revision 1.34  2007/05/21 10:54:46  fabiankeil
+#    - Use strlcpy() instead of strcpy().
+#    - Stop treating actions files special. Expect a complete file name
+#      (with or without path) like it's done for the rest of the files.
+#      Closes FR#588084.
+#    - Don't rerun sed() in cgi_show_request().
+#
+#    Revision 1.33  2007/04/08 13:21:06  fabiankeil
+#    Reference action files in CGI URLs by id instead
+#    of using the first part of the file name.
+#    Fixes BR 1694250 and BR 1590556.
+#
+#    Revision 1.32  2007/01/23 16:03:16  fabiankeil
+#    - Add favicon links.
+#    - Remove useless W3C validator links.
+#
+#    Revision 1.31  2006/09/10 14:39:24  hal9
+#    Fix typo + minor change.
+#
+#    Revision 1.30  2006/09/09 01:12:15  hal9
+#    Soften actions files update interval.
+#
+#    Revision 1.29  2006/07/18 14:49:13  david__schmidt
+#    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+#    with what was really the latest development (the v_3_0_branch branch)
+#
+#    Revision 1.26.2.4  2003/12/17 16:35:17  oes
+#    Work around new & silly MSIE behaviour where the request resulting from
+#    changing window.location.href doesn't reveal the referrer anymore
+#
+#    Revision 1.26.2.3  2002/09/25 15:34:09  oes
+#    - Work around JS problem in NS 2.0 (no joke)
+#    - Make JS string edit popup remove the pattern
+#      if edited to empty; make JS add popup do nothing
+#      if pattern empty.
+#
+#    Revision 1.26.2.2  2002/08/23 02:22:53  hal9
+#    Fix a perl brain fart with <li> in comments.
+#
+#    Revision 1.26  2002/05/23 23:37:25  oes
+#    Nit
+#
+#    Revision 1.25  2002/05/21 21:02:52  oes
+#    Added more help links
+#
+#    Revision 1.24  2002/05/21 19:11:40  oes
+#     - Added client-side JavaScript versions of edit and add URL forms
+#     - Moved jump targets to before container table cell
+#     - Let earu determine the jump target when removing URLs via JS
+#     - Fixed broken help link
+#
+#    Revision 1.23  2002/05/12 15:53:10  jongfoster
+#    Restoring CVS log information accidentally removed in
+#    my previous commit.
+#
+#    Revision 1.22  2002/05/12 15:45:33  jongfoster
+#    Applying [Patch 552094] New templates for edit-actions-list
+#    This cleans up the templates by:
+#    - Removing the (confusing) alternating color scheme.
+#    - Making everything left-justified.
+#
+#    Revision 1.21  2002/05/03 22:58:15  jongfoster
+#    Fixing link target in all URLs section
+#
+#    Revision 1.20  2002/04/26 12:57:18  oes
+#     - Central "button" link style in cgi-style.css
+#     - Help links now dynamic
+#
+#    Revision 1.19  2002/04/24 02:19:16  oes
+#     - Show name of actions file being edited
+#     - Show context sensitive help
+#     - Add buttons for easy changing of defaults
+#     - Cosmetics and clarifications
+#
+#    Revision 1.18  2002/04/18 19:21:09  jongfoster
+#    Added code to detect "conventional" action files, that start
+#    with a set of actions for all URLs (the pattern "/").
+#    These are special-cased in the "edit-actions-list" CGI, so
+#    that a special UI can be written for them.
+#
+#    Revision 1.17  2002/04/10 13:32:53  oes
+#    Made templates modular
+#
+#    Revision 1.16  2002/04/08 17:08:14  oes
+#    Cosmetic: make status in title lowercase
+#
+#    Revision 1.15  2002/04/05 16:01:32  oes
+#    Correct HTML, external Stylesheets, eye candy, some fixes
+#
+#    Revision 1.14  2002/03/26 22:29:56  swa
+#    we have a new homepage!
+#
+#    Revision 1.13  2002/03/24 15:23:33  jongfoster
+#    Name changes
+#
+#    Revision 1.12  2002/03/24 11:01:06  swa
+#    name change
+#
+#    Revision 1.11  2002/03/23 16:18:15  swa
+#    renamed every reference to the old name with foobar.
+#    fixed "application foobar application" tag, fixed
+#    "the foobar" with "foobar". left junkbuster in cvs
+#    comments and remarks to history untouched. should
+#    make final rename easier.
+#
+#    Revision 1.10  2002/03/16 15:22:19  jongfoster
+#    Moving 'alpha' warning to the end of the page
+#
+#    Revision 1.9  2002/03/05 00:24:51  jongfoster
+#    Patch to always edit the current actions file.
+#
+#    Revision 1.8  2002/03/03 10:29:12  swa
+#    point users to the right feedback forms,
+#    not necessarily the developer list.
+#
+#    Revision 1.7  2002/01/23 00:26:45  jongfoster
+#    Reducing length of URLs
+#    Where encoded and unencoded versions of a string existed, removing
+#    the unencoded one.
+#
+#    Revision 1.6  2002/01/17 21:33:00  jongfoster
+#    Replacing all references to the URL of the config interface
+#    with @default-cgi@
+#
+#    Revision 1.5  2002/01/17 21:21:05  jongfoster
+#    DOS->Unix line endings
+#
+#    Revision 1.4  2001/11/13 00:58:18  jongfoster
+#    New version of actions file editor templates
+#
+#
+##############################################################################
+#
+# Browser support for the CSS on this page:
+#   MS Internet Explorer 5.5 - Yes - everything works.
+#   Netscape 6.2             - Yes - everything works.
+#   Netscape 4.75            - No  - CSS buttons look really bad, but they are
+#                                    usable.  Everything else works.
+#   Opera 5.12               - Yes - everything works.
+#   MS Internet Explorer 4+  - Untested
+#   MS IE 3.x, NS3.x         - Untested (Don't support CSS, so everything
+#                              should work, but will look ugly).
+#   Mozilla >=0.6            - Yes - everything works.
+#
+# All browsers should work, you just might not get the pretty CSS buttons.
+#
+# If your favorite browser isn't listed/tested, please test and add it.
+#
+#
+#############################################################################
+#
+# Standard support:
+#
+# This file currently produces valid HTML 4.01 Strict.
+#
+# If you change it, please save the generated page from your web browser
+# and then upload it to http://validator.w3.org/ for checking.
+#
+#############################################################################
+#
+# Available variables include:
+#
+# filename
+# ver
+#
+#
+#############################################################################
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at favicon.ico" type="image/x-icon">
+
+  <title>Privoxy: Edit actions file @actions-file@</title>
+
+  <style type="text/css">
+
+table.framed {
+  border: solid black 1px;
+  margin: 10px 0px;
+}
+tr.actions {
+  background-color: #eeffee;
+}
+tr.url {
+  background-color: #ddddff;
+}
+tr.adv {
+  background-color: #FFFFD0;
+}
+td.header {
+  font-weight: bold;
+  font-size: 110%;
+  padding: 10px 15px 2px 15px;
+}
+td.url {
+  font-weight: bold;
+}
+td.action {
+  font-weight: bold;
+  font-style: italic;
+  padding: 2px 30px;
+}
+td.nbr, td.buttons {
+  white-space: nowrap;
+}
+td.indentbuttons {
+  padding: 2px 30px;
+}
+</style>
+
+<script type="text/javascript">
+<!--
+
+// Non-JS capable browsers will follow the link to a HTML "are you sure?" page
+// JavaScript-capable browsers will call this function, which does a
+// client-side prompt for speed.  It may kick off the delete directly.
+// It always returns false to cancel following the link.
+function rm_p(link,pattern,curtext)
+{
+   if (window.confirm("Are you sure you want to delete this URL pattern?\nPattern is: "+unescape(curtext)))
+   {
+      link.href="edit-actions-remove-url?f=@f@&v=@v@&p="+pattern;
+      return true;
+   }
+   return false;
+}
+
+function e_p(link,pattern,curtext)
+{
+   if ((newtext=window.prompt("Edit the pattern to your needs:", unescape(curtext))) != null)
+   {
+      if (newtext != "")
+      { link.href="edit-actions-url?f=@f@&v=@v@&p="+pattern+"&u="+escape(newtext); }
+      else
+      { link.href="edit-actions-remove-url?f=@f@&v=@v@&p="+pattern; }
+      return true;
+   }
+   return false;
+}
+
+function a_p(link,section)
+{
+   if (((newtext=window.prompt("Enter the new pattern:", "")) != null ) && (newtext != ""))
+   {
+      link.href="edit-actions-add-url?f=@f@&v=@v@&s="+section+"&u="+escape(newtext);
+      return true;
+   }
+   return false;
+}
+//-->
+</script>
+</head>
+
+<body>
+
+  <table cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="title">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="info">
+	<h2>What is all this?</h2>
+        <p>
+         If you haven't already done so, it is <b>strongly recommended</b> that you at 
+         least skim <a href="@user-manual@@actions-help-prefix at ACTIONS-FILE">the
+         chapter on actions files</a> in the <a href="@user-manual@">User Manual</a>
+         before making any changes. You will also find a comprehensive list of
+         all available actions there, as well how the settings on this page
+         work.
+        </p>
+         <!-- @if-all-urls-present-then@ -->
+        <p>
+         Please note that <b>the first section has special importance</b>. It sets the default actions for
+         all URLs. The resulting actions for a particular URL may differ from these defaults if that
+         URL matches again further down, but this section is largely responsible for your browsing
+         experience. Edit manually with great care, or choose from the predefined sets of actions.
+        </p>
+        <!-- @else-not-all-urls-present@@endif-all-urls-present@ -->
+        <!-- @if-default-action-then@ -->
+        <p>
+         This is the default action file. Updates for it are available from
+         <a href="http://www.privoxy.org/">Privoxy.org</a> from time to time. 
+         It is therefore <b>not recommended</b> that you add your private
+         rules here, since they will be lost if you install an update in the future.
+         Put your rules in a separate actions file, like <tt>user.action</tt> instead.
+        </p>
+        <!-- @else-not-default-action@@endif-default-action@ -->
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box">
+        <div class="buttons">
+          <h2>Editing Actions File @actions-file@</h2>
+          <!-- @if-all-urls-present-then@@else-not-all-urls-present@ -->
+          <p><a class="cmd" href="edit-actions-section-add?f=@f@&v=@v@&s=0">Insert new section at top</a></p>
+          <!-- @endif-all-urls-present@ -->
+        </div>
+      </td>
+    </tr>
+
+    <!-- @if-all-urls-present-then@ -->
+    <tr>
+      <td class="container"><a name="l at all-urls-s@"></a>
+        <table border="0" width="100%" cellspacing="2" cellpadding="3" class="framed">
+          <tr class="actions"><td class="header"><a href="@user-manual@@actions-help-prefix at ACTIONS">Actions</a>:</td></tr>
+          <tr class="actions">
+            <td class="indentbuttons">
+              <a href="eafu?f=@f@&v=@v@&s=@all-urls-s@">Edit</a>
+              @all-urls-buttons@
+            </td>
+          </tr>
+          <tr class="actions"><td class="action">@all-urls-actions@</td></tr>
+          <tr class="url"><td class="header"><a href="@user-manual@@actions-help-prefix at AF-PATTERNS">URL patterns</a>:</td></tr>
+          <tr class="url"><td class="indentbuttons">/   <i>(Matches all requests)</a></td></tr>
+          <tr class="adv"><td class="header">Advanced:</td></tr>
+          <tr class="adv">
+            <td class="indentbuttons">
+              <a href="easa?f=@f@&v=@v@&s=@all-urls-s@#l at all-urls-s-next@">Insert new section below</a>
+            </td>
+          </tr>
+        </table>
+      </td>
+    </tr>
+    <!-- @else-not-all-urls-present@@endif-all-urls-present@ -->
+
+ at sections@
+
+    <tr>
+      <td class="box">
+        <h2>More Privoxy:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+
+  </table>
+</body>
+
+</html>
diff --git a/external/privoxy/templates/edit-actions-list-button b/external/privoxy/templates/edit-actions-list-button
new file mode 100644
index 0000000..fd0e8b9
--- /dev/null
+++ b/external/privoxy/templates/edit-actions-list-button
@@ -0,0 +1,49 @@
+##############################################################################
+#
+# File        :  $Source: /cvsroot/ijbswa/current/templates/edit-actions-list-button,v $
+#
+# Purpose     :  Template which forms part of edit-actions-list
+# 
+#
+# Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+#                Privoxy team. http://www.privoxy.org/
+#
+#                Original Author: Copyright (C) 2001 Jonathan Foster
+#                http://www.jon-foster.co.uk/
+#
+#                This program is free software; you can redistribute it 
+#                and/or modify it under the terms of the GNU General
+#                Public License as published by the Free Software
+#                Foundation; either version 2 of the License, or (at
+#                your option) any later version.
+#
+#                This program is distributed in the hope that it will
+#                be useful, but WITHOUT ANY WARRANTY; without even the
+#                implied warranty of MERCHANTABILITY or FITNESS FOR A
+#                PARTICULAR PURPOSE.  See the GNU General Public
+#                License for more details.
+#
+#                The GNU General Public License should be included with
+#                this file.  If not, you can view it at
+#                http://www.gnu.org/copyleft/gpl.html
+#                or write to the Free Software Foundation, Inc., 59
+#                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
+# Revisions   :
+#    $Log: edit-actions-list-button,v $
+#    Revision 1.3  2002/05/12 15:53:10  jongfoster
+#    Restoring CVS log information accidentally removed in
+#    my previous commit.
+#
+#    Revision 1.2  2002/05/12 15:45:33  jongfoster
+#    Applying [Patch 552094] New templates for edit-actions-list
+#    This cleans up the templates by:
+#    - Removing the (confusing) alternating color scheme.
+#    - Making everything left-justified.
+#
+#    Revision 1.1  2002/05/03 23:00:38  jongfoster
+#    Support for templates for "standard actions" buttons.
+#    See bug #549871
+#
+#############################################################################
+   <a href="eas?f=@f@&v=@v@&s=@all-urls-s@&p=@button-name@#l at all-urls-s@">Set to @button-name@</a>
diff --git a/external/privoxy/templates/edit-actions-list-section b/external/privoxy/templates/edit-actions-list-section
new file mode 100644
index 0000000..c8578ad
--- /dev/null
+++ b/external/privoxy/templates/edit-actions-list-section
@@ -0,0 +1,125 @@
+##############################################################################
+#
+# File        :  $Source: /cvsroot/ijbswa/current/templates/edit-actions-list-section,v $
+#
+# Purpose     :  Template which forms part of edit-actions-list
+# 
+#
+# Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+#                Privoxy team. http://www.privoxy.org/
+#
+#                Original Author: Copyright (C) 2001 Jonathan Foster
+#                http://www.jon-foster.co.uk/
+#
+#                This program is free software; you can redistribute it 
+#                and/or modify it under the terms of the GNU General
+#                Public License as published by the Free Software
+#                Foundation; either version 2 of the License, or (at
+#                your option) any later version.
+#
+#                This program is distributed in the hope that it will
+#                be useful, but WITHOUT ANY WARRANTY; without even the
+#                implied warranty of MERCHANTABILITY or FITNESS FOR A
+#                PARTICULAR PURPOSE.  See the GNU General Public
+#                License for more details.
+#
+#                The GNU General Public License should be included with
+#                this file.  If not, you can view it at
+#                http://www.gnu.org/copyleft/gpl.html
+#                or write to the Free Software Foundation, Inc., 59
+#                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
+# Revisions   :
+#    $Log: edit-actions-list-section,v $
+#    Revision 1.16  2006/07/18 14:49:13  david__schmidt
+#    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+#    with what was really the latest development (the v_3_0_branch branch)
+#
+#    Revision 1.15.2.1  2003/12/17 16:35:17  oes
+#    Work around new & silly MSIE behaviour where the request resulting from
+#    changing window.location.href doesn't reveal the referrer anymore
+#
+#    Revision 1.15  2002/05/21 21:02:52  oes
+#    Added more help links
+#
+#    Revision 1.14  2002/05/21 19:12:43  oes
+#     - Added client-side JavaScript versions of edit and add URL forms
+#     - Moved jump targets to before container table cell
+#
+#    Revision 1.13  2002/05/12 15:45:33  jongfoster
+#    Applying [Patch 552094] New templates for edit-actions-list
+#    This cleans up the templates by:
+#    - Removing the (confusing) alternating color scheme.
+#    - Making everything left-justified.
+#
+#    Revision 1.12  2002/04/26 12:58:11  oes
+#    Central "button" link style in cgi-style.css
+#
+#    Revision 1.11  2002/04/24 02:14:03  oes
+#    Changed shortcuts, Cosmetics
+#
+#    Revision 1.10  2002/04/17 21:27:26  jongfoster
+#    Adding #linenumber to the URLs which affect blocks, to make
+#    editing in long files easier.
+#
+#    Revision 1.9  2002/04/17 15:51:47  oes
+#    Args! Restoring CVS history
+#
+#    Revision 1.8  2002/04/17 15:04:16  oes
+#    Adapted to style change
+#
+#    Revision 1.7  2002/03/26 22:29:56  swa
+#    we have a new homepage!
+#
+#    Revision 1.6  2002/03/24 11:01:06  swa
+#    name change
+#
+#    Revision 1.5  2002/01/23 00:26:45  jongfoster
+#    Reducing length of URLs
+#    Where encoded and unencoded versions of a string existed, removing
+#    the unencoded one.
+#
+#    Revision 1.4  2002/01/17 21:33:00  jongfoster
+#    Replacing all references to the URL of the config interface
+#    with @default-cgi@
+#
+#    Revision 1.3  2001/11/13 00:58:18  jongfoster
+#    New version of actions file editor templates
+#
+#
+#############################################################################
+#
+# Available variables include:
+#
+# filename
+# ver
+# sectionid
+# urls
+#
+#############################################################################
+#
+# ** Important note: **
+#
+# It is important to keep this file small.  That's why all the
+# identifiers in the HTML are short and cryptic.  Currently, the main
+# edit-actions page is ~300k.  Before it was optimized, it was ~550k.
+#
+#############################################################################
+
+<tr><td class="container"><a name="l at s@"></a>
+<table border="0" width="100%" cellspacing="2" cellpadding="3" class="framed">
+<tr class="actions"><td class="header"><a href="@user-manual@@actions-help-prefix at ACTIONS">Actions</a>:</td></tr>
+<tr class="actions"><td class="indentbuttons"><a href="eafu?f=@f@&v=@v@&s=@s@">Edit</a></td></tr>
+<tr class="actions"><td class="action">@actions@</td></tr>
+<tr class="url"><td class="header"><a href="@user-manual@@actions-help-prefix at AF-PATTERNS">URL patterns</a>:</td></tr>
+<tr class="url"><td class="indentbuttons"><a href="eaa?f=@f@&v=@v@&s=@s@" onclick="return a_p(this, at s@);">Add</a></td></tr>
+ at urls@
+<tr class="adv"><td class="header">Advanced:</td></tr>
+<tr class="adv"><td class="indentbuttons">
+ at if-s-prev-exists-start@<a href="eass?f=@f@&v=@v@&s1=@s-prev@&s2=@s@#l at s-prev@">Move section up</a>   @if-s-prev-exists-end@
+ at if-s-next-exists-start@<a href="eass?f=@f@&v=@v@&s1=@s@&s2=@s-next@#l at s@">Move section down</a>   @if-s-next-exists-end@
+<a href="easa?f=@f@&v=@v@&s=@s@#l at s-next@">Insert new section below</a>
+ at if-empty-section-start@   <a href="easr?f=@f@&v=@v@&s=@s@#l at s@">Delete whole section</a>@if-empty-section-end@
+</td></tr>
+</table>
+</td></tr>
diff --git a/external/privoxy/templates/edit-actions-list-url b/external/privoxy/templates/edit-actions-list-url
new file mode 100644
index 0000000..08c1ea4
--- /dev/null
+++ b/external/privoxy/templates/edit-actions-list-url
@@ -0,0 +1,95 @@
+##############################################################################
+#
+# File        :  $Source: /cvsroot/ijbswa/current/templates/edit-actions-list-url,v $
+#
+# Purpose     :  Template which forms part of edit-actions-list
+# 
+#
+# Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+#                Privoxy team. http://www.privoxy.org/
+#
+#                Original Author: Copyright (C) 2001 Jonathan Foster
+#                http://www.jon-foster.co.uk/
+#
+#                This program is free software; you can redistribute it 
+#                and/or modify it under the terms of the GNU General
+#                Public License as published by the Free Software
+#                Foundation; either version 2 of the License, or (at
+#                your option) any later version.
+#
+#                This program is distributed in the hope that it will
+#                be useful, but WITHOUT ANY WARRANTY; without even the
+#                implied warranty of MERCHANTABILITY or FITNESS FOR A
+#                PARTICULAR PURPOSE.  See the GNU General Public
+#                License for more details.
+#
+#                The GNU General Public License should be included with
+#                this file.  If not, you can view it at
+#                http://www.gnu.org/copyleft/gpl.html
+#                or write to the Free Software Foundation, Inc., 59
+#                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
+# Revisions   :
+#    $Log: edit-actions-list-url,v $
+#    Revision 1.11  2006/07/18 14:49:14  david__schmidt
+#    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+#    with what was really the latest development (the v_3_0_branch branch)
+#
+#    Revision 1.10.2.1  2003/12/17 16:35:17  oes
+#    Work around new & silly MSIE behaviour where the request resulting from
+#    changing window.location.href doesn't reveal the referrer anymore
+#
+#    Revision 1.10  2002/05/21 19:13:14  oes
+#    Added client-side JavaScript versions of edit and add URL forms
+#
+#    Revision 1.9  2002/05/12 15:45:33  jongfoster
+#    Applying [Patch 552094] New templates for edit-actions-list
+#    This cleans up the templates by:
+#    - Removing the (confusing) alternating color scheme.
+#    - Making everything left-justified.
+#
+#    Revision 1.8  2002/04/26 12:58:11  oes
+#    Central "button" link style in cgi-style.css
+#
+#    Revision 1.7  2002/03/26 22:29:56  swa
+#    we have a new homepage!
+#
+#    Revision 1.6  2002/03/24 11:01:06  swa
+#    name change
+#
+#    Revision 1.5  2002/01/23 00:26:45  jongfoster
+#    Reducing length of URLs
+#    Where encoded and unencoded versions of a string existed, removing
+#    the unencoded one.
+#
+#    Revision 1.4  2002/01/17 21:33:00  jongfoster
+#    Replacing all references to the URL of the config interface
+#    with @default-cgi@
+#
+#    Revision 1.3  2001/11/13 00:58:18  jongfoster
+#    New version of actions file editor templates
+#
+#
+#############################################################################
+#
+# Available variables include:
+#
+# filename
+# ver
+# sectionid
+# urls
+#
+#############################################################################
+#
+# ** Important note: **
+#
+# It is *extremely* important to keep this file small.  That's why all the
+# identifiers in the HTML are short and cryptic.  Currently, the main
+# edit-actions page is ~300k.  Before it was optimized, it was ~550k.
+#
+#############################################################################
+<tr class="url" valign="top">
+<td class="indentbuttons"><a name="l at p@"
+href="ear?f=@f@&v=@v@&p=@p@" onclick="return rm_p(this, @p@,'@url@');">Remove</a>   <a
+href="eau?f=@f@&v=@v@&p=@p@" onclick="return  e_p(this, @p@,'@url@');">Edit</a>  @url-html@</td>
+</tr>
diff --git a/external/privoxy/templates/edit-actions-remove-url-form b/external/privoxy/templates/edit-actions-remove-url-form
new file mode 100644
index 0000000..17b9b22
--- /dev/null
+++ b/external/privoxy/templates/edit-actions-remove-url-form
@@ -0,0 +1,196 @@
+##############################################################################
+#
+# File        :  $Source: /cvsroot/ijbswa/current/templates/edit-actions-remove-url-form,v $
+#
+# Purpose     :  Template used to confirm removal of a particular URL
+#                pattern from an actions file.  Only used on browsers that
+#                don't support JavaScript.
+# 
+#
+# Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+#                Privoxy team. http://www.privoxy.org/
+#
+#                Original Author: Copyright (C) 2001 Jonathan Foster
+#                http://www.jon-foster.co.uk/
+#
+#                This program is free software; you can redistribute it 
+#                and/or modify it under the terms of the GNU General
+#                Public License as published by the Free Software
+#                Foundation; either version 2 of the License, or (at
+#                your option) any later version.
+#
+#                This program is distributed in the hope that it will
+#                be useful, but WITHOUT ANY WARRANTY; without even the
+#                implied warranty of MERCHANTABILITY or FITNESS FOR A
+#                PARTICULAR PURPOSE.  See the GNU General Public
+#                License for more details.
+#
+#                The GNU General Public License should be included with
+#                this file.  If not, you can view it at
+#                http://www.gnu.org/copyleft/gpl.html
+#                or write to the Free Software Foundation, Inc., 59
+#                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
+# Revisions   :
+#    $Log: edit-actions-remove-url-form,v $
+#    Revision 1.17  2007/01/23 16:03:16  fabiankeil
+#    - Add favicon links.
+#    - Remove useless W3C validator links.
+#
+#    Revision 1.16  2006/07/18 14:49:14  david__schmidt
+#    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+#    with what was really the latest development (the v_3_0_branch branch)
+#
+#    Revision 1.14.2.2  2002/08/23 02:22:53  hal9
+#    Fix a perl brain fart with <li> in comments.
+#
+#    Revision 1.14  2002/05/21 19:13:49  oes
+#    Added button style and jumptargets to "add" and "cancel" links
+#
+#    Revision 1.13  2002/04/10 13:32:53  oes
+#    Made templates modular
+#
+#    Revision 1.12  2002/04/08 17:08:14  oes
+#    Cosmetic: make status in title lowercase
+#
+#    Revision 1.11  2002/04/05 16:01:30  oes
+#    Correct HTML, external Stylesheets, eye candy, some fixes
+#
+#    Revision 1.10  2002/03/26 22:29:56  swa
+#    we have a new homepage!
+#
+#    Revision 1.9  2002/03/24 15:23:33  jongfoster
+#    Name changes
+#
+#    Revision 1.8  2002/03/24 11:01:06  swa
+#    name change
+#
+#    Revision 1.7  2002/03/23 16:18:15  swa
+#    renamed every reference to the old name with foobar.
+#    fixed "application foobar application" tag, fixed
+#    "the foobar" with "foobar". left junkbuster in cvs
+#    comments and remarks to history untouched. should
+#    make final rename easier.
+#
+#    Revision 1.6  2002/03/16 15:22:19  jongfoster
+#    Moving 'alpha' warning to the end of the page
+#
+#    Revision 1.5  2002/03/03 10:29:12  swa
+#    point users to the right feedback forms,
+#    not necessarily the developer list.
+#
+#    Revision 1.4  2002/01/23 00:26:45  jongfoster
+#    Reducing length of URLs
+#    Where encoded and unencoded versions of a string existed, removing
+#    the unencoded one.
+#
+#    Revision 1.3  2002/01/17 21:33:00  jongfoster
+#    Replacing all references to the URL of the config interface
+#    with @default-cgi@
+#
+#    Revision 1.2  2002/01/17 21:21:05  jongfoster
+#    DOS->Unix line endings
+#
+#    Revision 1.1  2001/11/13 00:58:18  jongfoster
+#    New version of actions file editor templates
+#
+#
+##############################################################################
+#
+# Standard support:
+#
+# This file currently produces valid HTML 4.01 Strict.
+#
+# If you change it, please save the generated page from your web browser
+# and then upload it to http://validator.w3.org/ for checking.
+#
+#############################################################################
+#
+# Available variables include:
+#
+# filename
+# ver
+# section
+# pattern
+# oldval
+# jumptarget - append to eal URL to jump to relevant section
+#
+#############################################################################
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at favicon.ico" type="image/x-icon">
+
+  <title>Privoxy@@my-hostname@: Remove URL Pattern</title>
+</head>
+
+<body>
+
+  <table cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="title">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="box">
+        <h2>Remove URL Pattern</h2>
+        <p>Are you sure you want to delete this URL pattern?  The pattern is:</p>
+        <p class="important">@u@</p>
+        <p>
+          <a class="cmd" href="edit-actions-remove-url?f=@f@&v=@v@&p=@p@">OK</a>
+           
+          <a class="cmd" href="edit-actions-list?f=@f@@jumptarget@">Cancel</a>
+        </p>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box">
+        <h2>More Privoxy:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+
+  </table>
+</body>
+
+</html>
diff --git a/external/privoxy/templates/edit-actions-url-form b/external/privoxy/templates/edit-actions-url-form
new file mode 100644
index 0000000..0b91035
--- /dev/null
+++ b/external/privoxy/templates/edit-actions-url-form
@@ -0,0 +1,219 @@
+##############################################################################
+#
+# File        :  $Source: /cvsroot/ijbswa/current/templates/edit-actions-url-form,v $
+#
+# Purpose     :  Template used to edit a URL pattern in an actions file.
+#
+#
+# Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+#                Privoxy team. http://www.privoxy.org/
+#
+#                Original Author: Copyright (C) 2001 Jonathan Foster
+#                http://www.jon-foster.co.uk/
+#
+#                This program is free software; you can redistribute it 
+#                and/or modify it under the terms of the GNU General
+#                Public License as published by the Free Software
+#                Foundation; either version 2 of the License, or (at
+#                your option) any later version.
+#
+#                This program is distributed in the hope that it will
+#                be useful, but WITHOUT ANY WARRANTY; without even the
+#                implied warranty of MERCHANTABILITY or FITNESS FOR A
+#                PARTICULAR PURPOSE.  See the GNU General Public
+#                License for more details.
+#
+#                The GNU General Public License should be included with
+#                this file.  If not, you can view it at
+#                http://www.gnu.org/copyleft/gpl.html
+#                or write to the Free Software Foundation, Inc., 59
+#                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
+# Revisions   :
+#    $Log: edit-actions-url-form,v $
+#    Revision 1.18  2007/12/08 14:38:55  fabiankeil
+#    - Use the shiny new CSS "pattern" class.
+#    - s at URL Pattern at URL or TAG Pattern@
+#    - Use the standard favicon as this ain't no error page.
+#
+#    Revision 1.17  2007/01/23 16:03:16  fabiankeil
+#    - Add favicon links.
+#    - Remove useless W3C validator links.
+#
+#    Revision 1.16  2006/07/18 14:49:14  david__schmidt
+#    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+#    with what was really the latest development (the v_3_0_branch branch)
+#
+#    Revision 1.14.2.2  2002/08/23 02:22:53  hal9
+#    Fix a perl brain fart with <li> in comments.
+#
+#    Revision 1.14  2002/05/21 19:14:10  oes
+#    Added button style and jumptarget "cancel" link
+#
+#    Revision 1.13  2002/04/10 13:32:53  oes
+#    Made templates modular
+#
+#    Revision 1.12  2002/04/08 17:08:14  oes
+#    Cosmetic: make status in title lowercase
+#
+#    Revision 1.11  2002/04/05 16:01:32  oes
+#    Correct HTML, external Stylesheets, eye candy, some fixes
+#
+#    Revision 1.10  2002/03/26 22:29:56  swa
+#    we have a new homepage!
+#
+#    Revision 1.9  2002/03/24 15:23:33  jongfoster
+#    Name changes
+#
+#    Revision 1.8  2002/03/24 11:01:06  swa
+#    name change
+#
+#    Revision 1.7  2002/03/23 16:18:15  swa
+#    renamed every reference to the old name with foobar.
+#    fixed "application foobar application" tag, fixed
+#    "the foobar" with "foobar". left junkbuster in cvs
+#    comments and remarks to history untouched. should
+#    make final rename easier.
+#
+#    Revision 1.6  2002/03/16 15:22:19  jongfoster
+#    Moving 'alpha' warning to the end of the page
+#
+#    Revision 1.5  2002/03/03 10:29:13  swa
+#    point users to the right feedback forms,
+#    not necessarily the developer list.
+#
+#    Revision 1.4  2002/01/23 00:26:45  jongfoster
+#    Reducing length of URLs
+#    Where encoded and unencoded versions of a string existed, removing
+#    the unencoded one.
+#
+#    Revision 1.3  2002/01/17 21:33:00  jongfoster
+#    Replacing all references to the URL of the config interface
+#    with @default-cgi@
+#
+#    Revision 1.2  2002/01/17 21:21:05  jongfoster
+#    DOS->Unix line endings
+#
+#    Revision 1.1  2001/11/13 00:58:18  jongfoster
+#    New version of actions file editor templates
+#
+#
+##############################################################################
+#
+# Standard support:
+#
+# This file currently produces valid HTML 4.01 Strict.
+#
+# If you change it, please save the generated page from your web browser
+# and then upload it to http://validator.w3.org/ for checking.
+#
+#############################################################################
+#
+# Available variables include:
+#
+# f - filename
+# v - version
+# s - section
+# p - pattern
+# u - old value of URL
+# jumptarget - append to eal URL to jump to relevant section
+#
+#############################################################################
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at favicon.ico">
+
+  <title>Privoxy@@my-hostname@: Edit URL Pattern</title>
+
+  <script type="text/javascript">
+<!--
+function validate(text)
+{
+  if (text=="")
+  {
+    alert("You need to type a pattern in order to continue!");
+    return false;
+  }
+
+  return true;
+}
+//-->
+  </script>
+</head>
+
+<body>
+
+  <table cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="title">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="box">
+        <h2>Edit URL or TAG Pattern</h2>
+        <form method="GET" action="edit-actions-url"
+              onSubmit="return validate(u.value);">
+          <p>
+            <input type="hidden" name="f" value="@f@">
+            <input type="hidden" name="v" value="@v@">
+            <input type="hidden" name="p" value="@p@">
+            <input type="text" name="u" value="@u@" size="78" class="pattern"><br>
+            <input type="submit" value="Submit">  
+            <input type="reset" value="Reset">  
+            <a class="cmd" href="edit-actions-list?f=@f@@jumptarget@">Cancel</a>
+          </p>
+        </form>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box">
+        <h2>More Privoxy:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+
+  </table>
+</body>
+
+</html>
diff --git a/external/privoxy/templates/forwarding-failed b/external/privoxy/templates/forwarding-failed
new file mode 100644
index 0000000..fca5c8c
--- /dev/null
+++ b/external/privoxy/templates/forwarding-failed
@@ -0,0 +1,167 @@
+##########################################################
+#
+# Forwarding-failed template for Privoxy.
+#
+#
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written in plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach this proxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the pxoxy's administrator, as configured
+#    in the config file
+#  default-cgi:
+#    The URL for the "main menu" builtin CGI of this proxy
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    The version number of the proxy software
+#  code-status:
+#    The development status of the proxy software: "alpha", "beta",
+#    or "stable".
+#  homepage:
+#    The URL of the SourceForge ijbswa project, who maintains this
+#    software.
+#
+#  gateway
+#    The IP or hostname of the forwarding server
+#  hostport:
+#    The host and port part of the request that lead to this problem
+#  path:
+#    The path part of the request that lead to this problem
+#  error-message:
+#    The failure reason.
+#  forwarding-type:
+#    The type of the forwarding request: "socks4-", "socks4a-"
+#    or (in the future) "" for direct connections to the forwarder.
+#
+#
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    this is an alpha or beta release of the proxy software
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for online documentation about this proxy has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <title>503 - Forwarding failure (Privoxy@@my-hostname@)</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="shortcut icon" href="@default-cgi at error-favicon.ico">
+  <style type="text/css">
+#include cgi-style.css
+  </style>
+</head>
+
+<body>
+
+  <table summary="" cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="status">
+        503
+      </td>     
+      <td class="title" style="width: 100%">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning" colspan="2">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="warning" colspan=2>
+        <h2>Forwarding failure</h2>
+          <p>Privoxy was unable to <b>@forwarding-type at forward</b> your request
+             <a  title="Repeat the request"
+              href="@protocol@@hostport@@path@"><b>@protocol@@hostport@@path@</b></a>
+             through <b>@gateway@</b>:
+            <strong>@error-message@</strong></p>
+          </p>
+          <p>Just <a title="Repeat the request" href="@protocol@@hostport@@path@">try again</a> to
+             see if this is a temporary problem, or check your <a title="Privoxy's show-status page"
+              href="@default-cgi at show-status">forwarding settings</a>
+             and make sure that all forwarding servers are working correctly and
+             listening where they are supposed to be listening.
+         </p>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box" colspan="2">
+        <h2>More Privoxy:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info" colspan="2">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info" colspan="2">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+
+  </table>
+
+</body>
+</html>
diff --git a/external/privoxy/templates/mod-local-help b/external/privoxy/templates/mod-local-help
new file mode 100644
index 0000000..21d6596
--- /dev/null
+++ b/external/privoxy/templates/mod-local-help
@@ -0,0 +1,12 @@
+        <h2>Local Privoxy support:</h2>
+
+<!-- @if-have-proxy-info-start -->
+        <p>You can consult the <a href="@proxy-info-url@">online documentation</a> for more information about this Privoxy installation.</p>        
+<!-- if-have-proxy-info-end@ -->
+
+<!-- @if-have-adminaddr-info-start -->
+        <p>Address e-mail questions about this service to
+          <a href="mailto:@admin-address@"><code>@admin-address@</code></a>,
+          who will be glad to help you.
+        </p>
+<!-- if-have-adminaddr-info-end@ -->
diff --git a/external/privoxy/templates/mod-support-and-service b/external/privoxy/templates/mod-support-and-service
new file mode 100644
index 0000000..9868761
--- /dev/null
+++ b/external/privoxy/templates/mod-support-and-service
@@ -0,0 +1,61 @@
+##############################################################################
+#
+# File        :  $Source: /cvsroot/ijbswa/current/templates/mod-support-and-service,v $
+#
+# Purpose     :  Template that is included from most of Privoxy's CGI pages
+#                to show the user how to get help or report problems.
+# 
+#
+# Copyright   :  Written by and Copyright (C) 2002-2007 members of
+#                the SourceForge Privoxy team. http://www.privoxy.org/
+#
+#                This template is free software; you can redistribute it 
+#                and/or modify it under the terms of the GNU General
+#                Public License as published by the Free Software
+#                Foundation; either version 2 of the License, or (at
+#                your option) any later version.
+#
+# Revisions   :
+#    $Log: mod-support-and-service,v $
+#    Revision 1.11  2008/01/02 18:06:58  fabiankeil
+#    Instead of linking to the "Contacting the developers ..." section
+#    in the FAQ, use the one from the User Manual. The latter can be
+#    delivered by Privoxy and thus possibly loads faster.
+#
+#    Revision 1.10  2007/03/17 11:31:36  fabiankeil
+#    - Add revision log and copyright header.
+#    - Reword instructions and link to the FAQ
+#      in an attempt to reduce the number of
+#      incomplete reports.
+#
+##############################################################################
+       <h2>Support and Service:</h2>
+        <p>
+          The Privoxy Team values your feedback. To provide you with the best support,
+          we ask that you:
+        </p>
+        <ul>
+          <li>
+            use the <a href="http://sourceforge.net/tracker/?group_id=11118&atid=211118">Support Tracker</a>
+            if you need help.
+          </li>
+          <li>
+            submit ads and configuration related problems with the actions files through the
+            <a href="http://sourceforge.net/tracker/?group_id=11118&atid=460288">Actionsfile Feedback Tracker</a>.
+          </li>
+          <li>
+            submit bugs only through the
+            <a href="http://sourceforge.net/tracker/?group_id=11118&atid=111118">Bug Tracker</a>.
+            Please make sure that the bug has not been submitted yet.
+          </li>
+          <li>
+            submit feature requests only through the
+            <a href="http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse">Feature
+            Request Tracker</a>.
+          </li>
+          <li>
+            read the <a title="Contacting the developers, Bug Reporting and Feature Requests"
+             href="@user-manual at contact.html">instructions in the User Manual</a>
+            to make sure your request contains all the information we need.
+          </li>
+        </ul>
diff --git a/external/privoxy/templates/mod-title b/external/privoxy/templates/mod-title
new file mode 100644
index 0000000..de73eba
--- /dev/null
+++ b/external/privoxy/templates/mod-title
@@ -0,0 +1,4 @@
+        <h1>
+          This is <a href="@homepage@">Privoxy</a> @version@ on @my-hostname@ (@my-ip-address@), port @my-port@<!-- @if-can-toggle-start -->,
+          @if-enabled-display-then at enabled@else-not-enabled-display at disabled@endif-enabled-display@<!-- if-can-toggle-end@ -->
+        </h1>
diff --git a/external/privoxy/templates/mod-unstable-warning b/external/privoxy/templates/mod-unstable-warning
new file mode 100644
index 0000000..dd77c29
--- /dev/null
+++ b/external/privoxy/templates/mod-unstable-warning
@@ -0,0 +1,7 @@
+        <h2>Warning:</h2>
+        <p>
+          <strong>This Privoxy version is based on <em class="warning">@code-status@</em> code and
+          not intended for production systems!
+          <br>Use at your own risk. See the <a title="GNU General Public License version 2"
+          href="http://www.gnu.org/licenses/old-licenses/gpl-2.0.html">license</a> for details.</strong>
+        </p>
diff --git a/external/privoxy/templates/no-such-domain b/external/privoxy/templates/no-such-domain
new file mode 100644
index 0000000..08cf5da
--- /dev/null
+++ b/external/privoxy/templates/no-such-domain
@@ -0,0 +1,158 @@
+##########################################################
+#
+# No-Such-Domain Error Output template for Privoxy.
+#
+#
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written win plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach this proxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the proxy's administrator, as configured
+#    in the 'config' file
+#  default-cgi:
+#    The URL for the "main menu" builtin CGI of this proxy
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    The version number of the proxy software
+#  code-status:
+#    The development status of the proxy software: "alpha", "beta",
+#    or "stable".
+#  homepage:
+#    The URL of the SourceForge ijbswa project, who maintains this
+#    software.
+#
+#  host:
+#    The host part of the request that lead to this problem
+#  hostport:
+#    The host and port part of the request that lead to this problem
+#  path:
+#    The path part of the request that lead to this problem
+#  proxy-info-url:
+#    The URL to local online Privoxy documentation, if define in the
+#    'config' file
+#
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    this is an alpha or beta release of the proxy software
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for online documentation about this proxy has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <title>404 - No such Domain (Privoxy@@my-hostname@)</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="shortcut icon" href="@default-cgi at error-favicon.ico">
+  <style type="text/css">
+#include cgi-style.css
+  </style>
+</head>
+
+<body>
+
+  <table summary="" cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="status">
+        404
+      </td>     
+      <td class="title" style="width: 100%">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning" colspan="2">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="warning" colspan="2">
+        <h2>No such domain</h2>
+          <p>Your request for <a href="@protocol@@hostport@@path@"><b>@protocol@@hostport@@path@</b></a>
+            could not be fulfilled, because the domain name <b>@host@</b> could not be resolved.
+          </p>
+          <p>This is often a temporary failure, so you might just
+            <a href="@protocol@@hostport@@path@">try again</a>.
+         </p>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box" colspan="2">
+        <h2>More Privoxy:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info" colspan="2">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info" colspan="2">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+    
+  </table>
+
+</body>
+</html>
diff --git a/external/privoxy/templates/show-request b/external/privoxy/templates/show-request
new file mode 100644
index 0000000..30a2529
--- /dev/null
+++ b/external/privoxy/templates/show-request
@@ -0,0 +1,154 @@
+##########################################################
+#
+# Show-Request-CGI Output template for Privoxy.
+#
+#
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written win plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach this proxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the pxoxy's administrator, as configured
+#    in the config file
+#  default-cgi:
+#    The URL for the "main menu" builtin CGI of this proxy
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    The version number of the proxy software
+#  code-status:
+#    The development status of the proxy software: "alpha", "beta",
+#    or "stable".
+#  homepage:
+#    The URL of the SourceForge ijbswa project, who maintains this
+#    software.
+#  client-request:
+#    The request and headers that the client sent.
+#  processed-request:
+#    What we would have rewritten this request to, if this had not
+#    been intercepted.
+#
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    this is an alpha or beta release of the proxy software
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for online documentation about this proxy has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <title>Privoxy@@my-hostname@</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at favicon.ico" type="image/x-icon">
+</head>
+
+<body>
+
+  <table cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="title">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="box">
+	<h2>Show-Request</h2>
+          <p>
+            Here you see the original headers that your client sent when requesting this page, along with
+            the headers that Privoxy would have sent to the remote server if this request hadn't been
+            intercepted. 
+          </p>
+
+        <h3>Original Client Request:</h3>
+        <pre>@client-request@</pre>
+
+        <h3>Processed Request:</h3>
+       <pre>@processed-request@</pre>
+
+      </td>
+    </tr>
+
+     <tr>
+      <td class="box">
+        <h2>More Privoxy:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+
+  </table>
+
+</body>
+</html>
diff --git a/external/privoxy/templates/show-status b/external/privoxy/templates/show-status
new file mode 100644
index 0000000..f71e2de
--- /dev/null
+++ b/external/privoxy/templates/show-status
@@ -0,0 +1,343 @@
+##########################################################
+#
+# Show-Status-CGI Output template for Privoxy.
+#
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written win plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach Privoxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the Privoxy administrator, as configured
+#    in the config file
+#  default-cgi:
+#    The URL for the "main menu" builtin CGI of Privoxy
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    The Privoxy version number
+#  code-status:
+#    The Privoxy development status: "alpha", "beta", or "stable".
+#  homepage:
+#    The URL of the SourceForge ijbswa project, who maintains this
+#    software.
+#
+#  redirect-url:
+#    The URL to a script that will redirect to the Privoxy
+#    documentation for a given item  
+#  invocation:
+#    The command line with which Privoxy was invoked
+#  options:
+#    The options read from the configfile, linked to their
+#    explanations, plus warnings if parsing acl or forward
+#    statements produced errors.
+#  sourceversions:
+#    A HTML-formatted list of the individual source file cvs versions
+#  defines:
+#    A HTML-formatted list of all conditional #defines used when
+#    Privoxy was compiled
+#
+#  
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    This is an alpha or beta Privoxy release
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for Privoxy's online documentation has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#  statistics:
+#    Privoxy was compiled with statistics support
+#  have-stats:
+#    There have been previous requests and statistics have
+#    been collected. In this case, the following symbols
+#    are available:
+#    requests-received:
+#      The number of requests received so far
+#    requests-blocked:
+#      The number of request blocked so far
+#    percent-blocked:
+#      The percentage of blocked requests
+#  have-no-stats:
+#    There haven't any statistics been collected yet
+#  pcrs-support:
+#    Privoxy was compiled with pcrs support
+#  trust-support:
+#    Privoxy was compiled with trust support
+#  actions-filenames:
+#    The path to the actions files.
+#  re-filter-filenames:
+#    The path to the re_filter files. Only available if
+#    pcrs-support is set
+#  trust-filename:
+#    The path to the trust file. Only available if
+#    trust-support is set
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <title>Privoxy@@my-hostname@: Proxy Status</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at favicon.ico" type="image/x-icon">
+</head>
+
+<body>
+
+  <table summary="" cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="title">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="box">
+        <h2>The following files are in use:</h2>
+        <table summary="Action, filter and trust files in use." class="transparent">
+          <tr>
+            <th colspan="2"><a href="@user-manual@@actions-help-prefix at ACTIONS-FILE">Actions Files:</a></th>
+          </tr>
+            @actions-filenames@
+          <tr>
+            <th colspan="2"><a href="@user-manual at filter-file.html">Filter Files:</a></th>
+          </tr>
+            @re-filter-filenames@
+<!-- @if-trust-support-start -->
+          <tr>
+            <th colspan="2"><a href="@user-manual at config.html#TRUSTFILE">Trust File:</a></th>
+          </tr>
+          <tr>
+            <td>
+              @trust-filename@
+            </td>
+            <td class="buttons">
+              <!-- @if-have-trustfile-start -->
+              <a href="show-status?file=trust">View</a>
+              <!-- if-have-trustfile-end@ -->
+            </td>
+          </tr>
+<!-- if-trust-support-end@ -->
+        </table>
+<!-- @if-cgi-editor-is-disabled-start -->
+        <p>
+          The CGI editor is currently disabled, thus no edit buttons are shown.<br>
+          Please have a look at the
+           <a href="@user-manual at config.html#ENABLE-EDIT-ACTIONS">enable-edit-actions documentation</a>
+          to learn how to enable it and what the risks are.
+        </p>
+<!--  if-cgi-editor-is-disabled-end@ -->
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box">
+        <h2>Privoxy was <a href="@user-manual at startup.html#CMDOPTIONS">invoked</a> as follows:</h2>
+        <p>@invocation@</p>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box">
+        <h2>The following options were given in the <a href="@user-manual at config.html">config file</a>:</h2>
+        <p>@options@</p>
+      </td>
+    </tr>
+
+<!-- @if-statistics-start -->
+    <tr>
+      <td class="box">
+        <h2>Blocking Statistics:</h2>
+        <p>
+  <!-- @if-have-stats-start -->
+          @requests-blocked@ out of @requests-received@ requests have been blocked,
+          which equals a block rate of @percent-blocked@%.
+<!-- if-have-stats-end@ -->
+<!-- @if-have-no-stats-start -->
+          There haven't been any requests so far.
+<!-- if-have-no-stats-end@ -->
+        </p>                                   
+      </td>
+    </tr>
+<!-- if-statistics-end@ -->
+
+    <tr>
+      <td class="box">
+        <h2>Conditional #defines:</h2>
+          <table summary="The state of some ./configure options and what they do." border="1" style="margin-left: 10px">
+            <tr> 
+              <th>#define</th> <th>Enabled?</th> <th>Effects when enabled</th>
+            </tr>
+            <tr>
+              <td><code>FEATURE_ACL</code></td>
+              <td>@if-FEATURE_ACL-then@ Yes @else-not-FEATURE_ACL@ No @endif-FEATURE_ACL@</td>
+              <td>Allows the use of an ACL to control access to Privoxy by IP address.</td>
+            </tr>
+            <tr>
+              <td><code>FEATURE_CGI_EDIT_ACTIONS</code></td>
+              <td>@if-FEATURE_CGI_EDIT_ACTIONS-then@ Yes @else-not-FEATURE_CGI_EDIT_ACTIONS@ No @endif-FEATURE_CGI_EDIT_ACTIONS@</td>
+              <td>Allows the use of the @if-FEATURE_CGI_EDIT_ACTIONS-then@<a
+                 href="@default-cgi at edit-actions">@else-not-FEATURE_CGI_EDIT_ACTIONS@
+                 @endif-FEATURE_CGI_EDIT_ACTIONS at web-based actions file
+                 editor at if-FEATURE_CGI_EDIT_ACTIONS-then@</a>@else-not-FEATURE_CGI_EDIT_ACTIONS@@endif-FEATURE_CGI_EDIT_ACTIONS at .</td>
+            </tr>
+            <tr>
+              <td><code>FEATURE_CONNECTION_KEEP_ALIVE</code></td>
+              <td>@if-FEATURE_CONNECTION_KEEP_ALIVE-then@ Yes @else-not-FEATURE_CONNECTION_KEEP_ALIVE@ No @endif-FEATURE_CONNECTION_KEEP_ALIVE@</td>
+              <td>
+               Allows to reuse outgoing connections if the server supports it.
+               Requires the keep-alive-timeout config directive to be set.
+              </td>
+            </tr>
+            <tr>
+              <td><code>FEATURE_FAST_REDIRECTS</code></td>
+              <td>@if-FEATURE_FAST_REDIRECTS-then@ Yes @else-not-FEATURE_FAST_REDIRECTS@ No @endif-FEATURE_FAST_REDIRECTS@</td>
+              <td>Allows the +fast-redirects action, to bypass redirect and logging scripts.</td>
+            </tr>
+            <tr>
+              <td><code>FEATURE_FORCE_LOAD</code></td>
+              <td>@if-FEATURE_FORCE_LOAD-then@ Yes @else-not-FEATURE_FORCE_LOAD@ No @endif-FEATURE_FORCE_LOAD@</td>
+              <td>Allows bypassing all filtering for a single page using the prefix
+                  <q><code>@FORCE_PREFIX@</code></q>.</td>
+            </tr>
+            <tr>
+              <td><code>FEATURE_GRACEFUL_TERMINATION</code></td>
+              <td>@if-FEATURE_GRACEFUL_TERMINATION-then@ Yes @else-not-FEATURE_GRACEFUL_TERMINATION@ No @endif-FEATURE_GRACEFUL_TERMINATION@</td>
+              <td>Allows to shutdown Privoxy through the web interface.</td>
+            </tr>
+            <tr>
+              <td><code>FEATURE_IMAGE_BLOCKING</code></td>
+              <td>@if-FEATURE_IMAGE_BLOCKING-then@ Yes @else-not-FEATURE_IMAGE_BLOCKING@ No @endif-FEATURE_IMAGE_BLOCKING@</td>
+              <td>Allows the +handle-as-image action, to send <q>blocked</q> images instead of HTML.</td>
+            </tr>
+            <tr>
+              <td><code>FEATURE_IMAGE_DETECT_MSIE</code></td>
+              <td>@if-FEATURE_IMAGE_DETECT_MSIE-then@ Yes @else-not-FEATURE_IMAGE_DETECT_MSIE@ No @endif-FEATURE_IMAGE_DETECT_MSIE@</td>
+              <td>Enables automatic detection of image and HTML requests from
+               Microsoft Internet Explorer users, overriding the setting of 
+               +image in the actions file.</td>
+            </tr>
+            <tr>
+              <td><code>FEATURE_NO_GIFS</code></td>
+              <td>@if-FEATURE_NO_GIFS-then@ Yes @else-not-FEATURE_NO_GIFS@ No @endif-FEATURE_NO_GIFS@</td>
+              <td>Use PNG instead of GIF for the built-in images.</td>
+            </tr>
+            <tr>
+              <td><code>FEATURE_PTHREAD</code></td>
+              <td>@if-FEATURE_PTHREAD-then@ Yes @else-not-FEATURE_PTHREAD@ No @endif-FEATURE_PTHREAD@</td>
+              <td>Use POSIX threads rather than native threads</td>
+            </tr>
+            <tr>
+              <td><code>FEATURE_STATISTICS</code></td>
+              <td>@if-FEATURE_STATISTICS-then@ Yes @else-not-FEATURE_STATISTICS@ No @endif-FEATURE_STATISTICS@</td>
+              <td>Enables the statistics function.</td>
+            </tr>
+            <tr>
+              <td><code>FEATURE_TOGGLE</code></td>
+              <td>@if-FEATURE_TOGGLE-then@ Yes @else-not-FEATURE_TOGGLE@ No @endif-FEATURE_TOGGLE@</td>
+              <td>Allow Privoxy to be <q>disabled</q> so it is just a normal non-blocking non-anonymizing proxy.</td>
+            </tr>
+            <tr>
+              <td><code>FEATURE_TRUST</code></td>
+              <td>@if-FEATURE_TRUST-then@ Yes @else-not-FEATURE_TRUST@ No @endif-FEATURE_TRUST@</td>
+              <td>Allows the use of trust files.</td>
+            </tr>
+            <tr>
+              <td><code>FEATURE_ZLIB</code></td>
+              <td>@if-FEATURE_ZLIB-then@ Yes @else-not-FEATURE_ZLIB@ No @endif-FEATURE_ZLIB@</td>
+              <td>Allows to decompress gzip and zlib compressed documents for filtering.
+                Requires external zlib library and hasn't been tested on all platforms.</td>
+            </tr>
+            <tr>
+              <td><code>STATIC_PCRE</code></td>
+              <td>@if-STATIC_PCRE-then@ Yes @else-not-STATIC_PCRE@ No @endif-STATIC_PCRE@</td>
+              <td>Use the supplied statically-linked PCRE library.  This is set automatically
+               by <code>./configure</code> if you do not have the libpcre installed.</td>
+            </tr>
+            <tr>
+              <td><code>STATIC_PCRS</code></td>
+              <td>@if-STATIC_PCRS-then@ Yes @else-not-STATIC_PCRS@ No @endif-STATIC_PCRS@</td>
+              <td>Use the supplied statically-linked PCRS library.  This is set automatically
+               by <code>./configure</code> if you do not have the libpcrs installed.</td>
+            </tr>
+          </table>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box">
+        <h2>More Privoxy:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+
+  </table>
+
+</body>
+</html>
diff --git a/external/privoxy/templates/show-status-file b/external/privoxy/templates/show-status-file
new file mode 100644
index 0000000..4fa9333
--- /dev/null
+++ b/external/privoxy/templates/show-status-file
@@ -0,0 +1,146 @@
+##########################################################
+#
+# Show-Status-CGI Output template for Privoxy.
+# (Variant for the show-file mode)
+#
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written win plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach this proxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the pxoxy's administrator, as configured
+#    in the config file
+#  default-cgi:
+#    The URL for the "main menu" builtin CGI of this proxy
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    The version number of the proxy software
+#  code-status:
+#    The development status of the proxy software: "alpha", "beta",
+#    or "stable".
+#  homepage:
+#    The URL of the SourceForge ijbswa project, who maintains this
+#    software.
+#
+#  file-description:
+#    A descriptive name for the file being shown
+#  contents:
+#    The contents of the file being shown
+#  filepath
+#    The complete filename of the file being shown
+#
+#  
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    This is an alpha or beta release of the proxy software
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for online documentation about this proxy has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <title>Privoxy@@my-hostname@: Contents of @file-description@</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at favicon.ico" type="image/x-icon">
+</head>
+
+<body>
+
+  <table cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="title">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="box">
+        <h2>Contents of @file-description@ @filepath@</h2>
+        <pre>@contents@</pre>
+      </td>
+    </tr>
+ 
+    <tr>
+      <td class="box">
+        <h2>More Privoxy:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+
+  </table>
+
+</body>
+</html>
diff --git a/external/privoxy/templates/show-url-info b/external/privoxy/templates/show-url-info
new file mode 100644
index 0000000..a5013f5
--- /dev/null
+++ b/external/privoxy/templates/show-url-info
@@ -0,0 +1,340 @@
+########################################################################
+#
+# File        :  $Source: /cvsroot/ijbswa/current/templates/show-url-info,v $
+#
+# Purpose     :  Template for Privoxy's show-url-info CGI page.
+#
+# Copyright   :  Written by and Copyright (C) 2001-2007 the SourceForge
+#                Privoxy team. http://www.privoxy.org/
+#
+#                This program is free software; you can redistribute it 
+#                and/or modify it under the terms of the GNU General
+#                Public License as published by the Free Software
+#                Foundation; either version 2 of the License, or (at
+#                your option) any later version.
+#
+#                This program is distributed in the hope that it will
+#                be useful, but WITHOUT ANY WARRANTY; without even the
+#                implied warranty of MERCHANTABILITY or FITNESS FOR A
+#                PARTICULAR PURPOSE.  See the GNU General Public
+#                License for more details.
+#
+#                The GNU General Public License should be included with
+#                this file.  If not, you can view it at
+#                http://www.gnu.org/copyleft/gpl.html
+#                or write to the Free Software Foundation, Inc., 59
+#                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+#
+# Revisions   :
+#    $Log: show-url-info,v $
+#    Revision 1.29  2009/01/01 17:36:41  ler762
+#    remove non-standard <nobr> tags
+#
+#    Revision 1.28  2009/01/01 14:51:21  ler762
+#    keep the input field and 'go' button on the same line.
+#
+#    Revision 1.27  2008/05/26 17:30:58  fabiankeil
+#    Provide an OpenSearch Description to access the
+#    show-url-info page through "search engine plugins".
+#
+#    Revision 1.26  2008/05/05 10:03:06  fabiankeil
+#    If the provided URL isn't valid, don't show the
+#    cgi-editor-is-disabled and filters-might-be-ineffective
+#    sections.
+#
+#    Revision 1.25  2008/04/26 10:34:18  fabiankeil
+#    If zlib support is unavailable and there are content filters active
+#    but the prevent-compression action is disabled, include a warning
+#    on the show-url-info page that compression might prevent filtering.
+#
+#    Revision 1.24  2008/02/10 17:26:52  fabiankeil
+#    Reduce superfluous white space by not marking
+#    up the final results list as paragraph.
+#
+#    Revision 1.23  2008/02/01 06:04:31  fabiankeil
+#    If edit buttons on the show-url-info CGI page are hidden, explain why.
+#
+#    Revision 1.22  2007/12/08 14:29:06  fabiankeil
+#    Use CSS to let the URL and pattern input fields scale with
+#    the browser width and try to prevent vertical scroll bars
+#    if the width is less than 80 characters. Closes #1843596,
+#    thanks to Gerry Murphy and Lee.
+#
+#    Revision 1.21  2007/11/15 19:11:11  fabiankeil
+#    Reword HTTPS URL information.
+#
+#    Revision 1.20  2007/07/21 12:19:50  fabiankeil
+#    If show-url-info is called with an URL that Privoxy
+#    would reject as invalid, don't show unresolved forwarding
+#    variables, "final matches" or claim the site's secure.
+#
+#    Revision 1.19  2007/02/10 16:55:22  fabiankeil
+#    - Show forwarding settings on the show-url-info page
+#    - Fix some HTML syntax errors.
+#
+#
+#########################################################################
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written win plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach Privoxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the Privoxy administrator, as configured
+#    in the config file
+#  default-cgi:
+#    The URL for Privoxy's "main menu" builtin CGI page
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    Privoxy's version number
+#  code-status:
+#    Privoxy's development status: "alpha", "beta", or "stable".
+#  homepage:
+#    The Privoxy web site.
+#
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    this is an alpha or beta release of the proxy software
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for online documentation about this proxy has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#  url-given:
+#    The CGI was called with a url parameter. In that case, the
+#    following symbols are available:
+#    url:
+#      The given URL
+#    default:
+#      The system default for actions
+#    matches:
+#      The list of all matches in the actions file that this URL
+#      produced, along with the actions that were triggered by
+#      these matches
+#    final:
+#      The actions that are associated with the URL at the end of
+#      the matching process
+#  no-forwarder: Requests to url will be made directly.
+#  http-forwarder:
+#      Requests to url will be made through a HTTP proxy
+#      forward-host:
+#         The IP address or its hostname
+#      forward-port.
+#         The proxy port
+#  socks-forwarder:
+#      Requests to url will be made through a socks proxy
+#      socks-type:
+#         The socks type: socks4 or socks4a
+#      gateway-host:
+#         The IP address or its hostname
+#      gateway-port:
+#         The proxy port.
+#
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <title>Privoxy@@my-hostname@ URL Info</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at favicon.ico" type="image/x-icon">
+  <link rel="search" type="application/opensearchdescription+xml" title="Privoxy URL Info" href="/url-info-osd.xml">
+</head>
+
+<body>
+
+  <table summary="" cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="title">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+<!-- @if-url-given-start -->
+    <tr>
+      <td class="box">
+<!-- @if-valid-url-start -->
+        <h2>Forwarding settings:</h2>
+        <p>
+          Requests for <a href="@url@">@url@</a> will be <!--
+
+# "Interesting" formatting to prevent white space at the end of the sentence.
+
+          @if-no-forwarder-start -->
+
+             made <b>directly</b>, no forwarding settings apply<!--
+
+          if-no-forwarder-end at --><!--
+          @if-http-forwarder-start --><!-- @if-socks-forwarder-start -->
+
+             first <!--
+
+          if-socks-forwarder-end@ --><!-- if-http-forwarder-end@ --><!--
+          @if-socks-forwarder-start -->
+
+             forwarded through <b>@socks-type at -proxy @gateway-host@:@gateway-port@</b><!--
+
+          if-socks-forwarder-end@ --><!--
+          @if-http-forwarder-start --><!-- @if-socks-forwarder-start -->
+
+             and then <!--
+
+          if-socks-forwarder-end@ --><!-- if-http-forwarder-end@ --><!--
+          @if-http-forwarder-start -->
+
+             forwarded through <b>HTTP-proxy @forward-host@:@forward-port@</b><!--
+
+          if-http-forwarder-end@ -->.
+      </td>
+    </tr>
+    <tr>
+      <td class="box">
+<!-- @if-https-start -->
+        <h2>NOTE:</h2>
+        <p>This is a HTTPS URL, so the part after the "/" is ignored
+          as Privoxy doesn't see the path for real HTTPS requests either.</p>
+<!-- if-https-end@ -->
+<!-- if-valid-url-end@ -->
+        <h2>Matches for <a href="@url@">@url@</a>:</h2>
+        @matches@
+<!-- @if-valid-url-start -->
+<!-- @if-cgi-editor-is-disabled-start -->
+        <p>
+          The CGI editor is currently disabled, thus no edit buttons are shown.<br>
+          Please have a look at the
+           <a href="@user-manual at config.html#ENABLE-EDIT-ACTIONS">enable-edit-actions documentation</a>
+          to learn how to enable it and what the risks are.
+        </p>
+<!--  if-cgi-editor-is-disabled-end@ -->
+<!-- @if-valid-url-end -->
+      </td>
+    </tr>
+<!-- @if-valid-url-start -->
+<!-- @if-filters-might-be-ineffective-start -->
+    <tr>
+      <td class="warning">
+        <h2>Warning:</h2>
+        <p>
+          This Privoxy version has been build without zlib support,
+          <strong>content filters will not work if the server sends compressed content.</strong>
+          Consider enabling the <a title="prevent-compression documentation"
+           href="@user-manual at actions-file.html#PREVENT-COMPRESSION">prevent-compression</a>
+          action for this URL or rebuild Privoxy with zlib support.
+        </p>
+      </td>
+    </tr>
+<!-- if-filters-might-be-ineffective-end@ -->
+    <tr>
+      <td class="box">
+        <h2>Final results:</h2>
+        <b>@final@</b>
+      </td>
+    </tr>
+<!-- if-valid-url-end@ -->
+<!-- if-url-given-end@ -->
+
+<!-- @if-privoxy-is-toggled-off-start -->
+
+    <tr>
+      <td class="warning">
+        <h2>Warning:</h2>
+        <p>
+          <strong>Privoxy is currently toggled off. Matching actions will not apply
+          unless you <a href="@default-cgi at toggle?set=enable">toggle Privoxy on</a> first.</strong>
+        </p>
+      </td>
+    </tr>
+<!-- if-privoxy-is-toggled-off-end@ -->
+
+    <tr>
+      <td class="box">
+        <h2>Look up the actions for a 
+<!-- @if-url-given-start -->new<!-- if-url-given-end@ -->
+          URL:</h2>
+        <form method="GET" action="@default-cgi at show-url-info">
+          <p>
+            <input type="text" name="url" size="80" value="@url@" class="url"> 
+            <input type="submit" value="Go">
+          </p>
+        </form>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box">
+        <h2>More Privoxy:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+
+  </table>
+
+</body>
+</html>
diff --git a/external/privoxy/templates/show-version b/external/privoxy/templates/show-version
new file mode 100644
index 0000000..9bdbbba
--- /dev/null
+++ b/external/privoxy/templates/show-version
@@ -0,0 +1,159 @@
+##########################################################
+#
+# Show-Status-CGI Output template for Privoxy.
+#
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written win plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach this proxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the pxoxy's administrator, as configured
+#    in the config file
+#  default-cgi:
+#    The URL for the "main menu" builtin CGI of this proxy
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    The version number of the proxy software
+#  code-status:
+#    The development status of the proxy software: "alpha", "beta",
+#    or "stable".
+#  homepage:
+#    The URL of the SourceForge ijbswa project, who maintains this
+#    software.
+#
+#  redirect-url:
+#    The URL to a script that will redirect to the Privoxy
+#    documentation for a given item  
+#  invocation:
+#    The command line with whitch Privoxy was invoked
+#  options:
+#    The options read from the configfile, linked to their
+#    explanations, plus warnings if parsing acl or forward
+#    statements produced errors.
+#  sourceversions:
+#    A HTML-formatted list of the individual source file cvs versions
+#  defines:
+#    A HTML-formatted list of all conditional #defines used when
+#    Privoxy was compiled
+#
+#  
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    This is an alpha or beta release of the proxy software
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for online documentation about this proxy has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#  sourceversions
+#    The versions.
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <title>Privoxy@@my-hostname@: Detailed proxy version information</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at favicon.ico" type="image/x-icon">
+</head>
+
+<body>
+
+  <table cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="title">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="box">
+        <h2>Source code versions:</h2>
+        <p><i>(Note: This information is only relevant if you checked out Privoxy from CVS
+           and compiled it yourself.  If you downloaded a binary, .exe, RPM, or a .tgz file, 
+           then when you ask for support just mention the version number <b>@version@</b> 
+           and the type of download you got.)</i>
+        </p>
+        <pre>@sourceversions@</pre>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box">
+        <h2>More Privoxy:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info">
+
+#include mod-support-and-service
+ 
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+
+  </table>
+
+</body>
+</html>
diff --git a/external/privoxy/templates/toggle b/external/privoxy/templates/toggle
new file mode 100644
index 0000000..3d63eb1
--- /dev/null
+++ b/external/privoxy/templates/toggle
@@ -0,0 +1,180 @@
+##########################################################
+#
+# Toggle Output template for Privoxy.
+#
+#
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written win plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach this proxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the pxoxy's administrator, as configured
+#    in the config file
+#  default-cgi:
+#    The URL for the "main menu" builtin CGI of this proxy
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    The version number of the proxy software
+#  code-status:
+#    The development status of the proxy software: "alpha", "beta",
+#    or "stable".
+#  homepage:
+#    The URL of the SourceForge ijbswa project, who maintains this
+#    software.
+#
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    this is an alpha or beta release of the proxy software
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for online documentation about this proxy has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#  @if-enabled-display-then@ on @else-not-enabled-display@ off @endif-enabled-display@
+#
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+
+<head>
+  <title>@if-enabled-display-then at Enabled@else-not-enabled-display at Disabled@endif-enabled-display@ - Privoxy@@my-hostname@</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at favicon.ico" type="image/x-icon">
+</head>
+
+<body>
+
+  <table cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="title">
+
+#include mod-title
+
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="box">
+        <h2>Privoxy is @if-enabled-display-then at Enabled@else-not-enabled-display at Disabled@endif-enabled-display@</h2>
+          <p>When enabled, Privoxy performs its magic - blocking
+            adverts, filtering cookies, regex-filtering, etc.</p>
+          <p>When disabled, Privoxy behaves as a normal HTTP proxy,
+            and will not affect your web browsing.</p>
+          <p><a href="@default-cgi at toggle?set=@if-enabled-display-then at disable@else-not-enabled-display at enable@endif-enabled-display@">Click
+            here</a> to @if-enabled-display-then at disable@else-not-enabled-display at enable@endif-enabled-display@ Privoxy.</p>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box">
+        <h2>Bookmarklets</h2>
+          <p>Here are some bookmarklets to allow you to easily access a
+            "mini" version of this page.  They are known to work with MS 
+            Internet Explorer, Netscape and Mozilla, but should work equally
+            well in other browsers which support JavaScript.  They are designed
+            to run directly from your bookmarks - <b>not</b> by clicking the
+            links below (although that will work for testing).
+          </p>
+          <p>To save them, right-click the link and choose
+            "Add to Favorites" (IE) or "Add Bookmark" (Netscape).  You
+            will get a warning that the bookmark "may not be safe" - just
+            click OK.  Then you can run the Bookmarklet directly from your
+            favourites/bookmarks.  For even faster access, you can put
+            them on the "Links" bar (IE) or the "Personal Toolbar"
+            (Netscape), and run them with a single click.
+          </p>
+
+          <ul>
+            <li><a href="javascript:void(window.open('@default-cgi at toggle?mini=y&set=enabled','ijbstatus','width=250,height=100,resizable=yes,scrollbars=no,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());">Privoxy - Enable</a></li>
+            <li><a href="javascript:void(window.open('@default-cgi at toggle?mini=y&set=disabled','ijbstatus','width=250,height=100,resizable=yes,scrollbars=no,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());">Privoxy - Disable</a></li>
+            <li><a href="javascript:void(window.open('@default-cgi at toggle?mini=y&set=toggle','ijbstatus','width=250,height=100,resizable=yes,scrollbars=no,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());">Privoxy - Toggle Privoxy</a>
+                  (Toggles between enabled and disabled)</li>
+            <li><a href="javascript:void(window.open('@default-cgi at toggle?mini=y','ijbstatus','width=250,height=100,resizable=yes,scrollbars=no,toolbar=no,location=no,directories=no,status=no,menubar=no,copyhistory=no').focus());">Privoxy - View Status</a></li>
+          </ul>
+
+          <p>
+            <b>Credit:</b> The site which gave us the general idea for these
+            bookmarklets is <a href="http://www.bookmarklets.com/">www.bookmarklets.com</a>.
+            They have <a href="http://www.bookmarklets.com/about/">more information</a> about them.
+          </p>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box">
+        <h2>More Privoxy:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+    
+  </table>
+
+</body>
+</html>
+
diff --git a/external/privoxy/templates/toggle-mini b/external/privoxy/templates/toggle-mini
new file mode 100644
index 0000000..3b5d5c9
--- /dev/null
+++ b/external/privoxy/templates/toggle-mini
@@ -0,0 +1,91 @@
+##########################################################
+#
+# Toggle Output template for Privoxy.
+#
+#
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written win plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach this proxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the pxoxy's administrator, as configured
+#    in the config file
+#  default-cgi:
+#    The URL for the "main menu" builtin CGI of this proxy
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    The version number of the proxy software
+#  code-status:
+#    The development status of the proxy software: "alpha", "beta",
+#    or "stable".
+#  homepage:
+#    The URL of the SourceForge ijbswa project, who maintains this
+#    software.
+#
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    this is an alpha or beta release of the proxy software
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for online documentation about this proxy has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#  @if-enabled-display-then@ on @else-not-enabled-display@ off @endif-enabled-display@
+#
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
+<html>
+
+<head>
+  <title>@if-enabled-display-then at Enabled@else-not-enabled-display at Disabled@endif-enabled-display@ - Privoxy@@my-hostname@</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="stylesheet" type="text/css" href="@default-cgi at send-stylesheet">
+  <link rel="shortcut icon" href="@default-cgi at favicon.ico" type="image/x-icon">
+</head>
+
+<body>
+  <p class="whiteframed">
+    <a href="@default-cgi@" target="_blank">Privoxy</a> is 
+    <b>@if-enabled-display-then at enabled@else-not-enabled-display at disabled@endif-enabled-display@</b>.
+    <br><a href="@default-cgi at toggle?mini=y&set=@if-enabled-display-then at disable@else-not-enabled-display at enable@endif-enabled-display@"
+    >@if-enabled-display-then@[Disable]@else-not-enabled-display@[Enable]@endif-enabled-display@</a> |
+    <a href="javascript:window.close();">[Close]</a>
+  </p>
+</body>
+</html>
diff --git a/external/privoxy/templates/untrusted b/external/privoxy/templates/untrusted
new file mode 100644
index 0000000..bd4015a
--- /dev/null
+++ b/external/privoxy/templates/untrusted
@@ -0,0 +1,191 @@
+##########################################################
+#
+# "Untrusted" Error Output template for Privoxy.
+#
+#
+# USING HTML TEMPLATES:
+# ---------------------
+#
+# Template files are written win plain HTML, with a few
+# additions:
+# 
+# - Lines that start with a '#' character like this one
+#   are ignored
+#
+# - Each item in the below list of exported symbols will
+#   be replaced by dynamically generated text, if they
+#   are enclosed in '@'-characters. E.g. The string @version@
+#   will be replaced by the version number of Privoxy.
+#
+# - One special application of this is to make whole blocks
+#   of the HTML template disappear if the condition <name>
+#   is not given. Simply enclose the block between the two
+#   strings @if-<name>start and if-<name>-end at . The strings
+#   should be placed in HTML comments (<!-- -->), so the
+#   html structure won't be messed when the magic happens.
+#   
+# USABLE SYMBOLS IN THIS TEMPLATE:
+# --------------------------------
+#
+#  my-ip-addr:
+#    The IP-address that the client used to reach this proxy
+#  my-hostname:
+#    The hostname associated with my-ip-addr
+#  admin-address:
+#    The email address of the pxoxy's administrator, as configured
+#    in the config file
+#  default-cgi:
+#    The URL for the "main menu" builtin CGI of this proxy
+#  menu:
+#    List of <li> elements linking to the other available CGIs
+#  version:
+#    The version number of the proxy software
+#  code-status:
+#    The development status of the proxy software: "alpha", "beta",
+#    or "stable".
+#  homepage:
+#    The URL of the SourceForge ijbswa project, who maintains this
+#    software.
+#
+#  hostport:
+#    The host and port part of the request that lead to this problem
+#  path:
+#    The path part of the request that lead to this problem
+#  referrer:
+#    The referrer of the request that lead to this problem
+#  trusted-referrers:
+#    An HTML-formatted list of referrers that are marked as trusted in
+#    the trustfile
+#
+#
+# CONDITIONAL SYMBOLS FOR THIS TEMPLATE AND THEIR DEPANDANT SYMBOLS:
+# ------------------------------------------------------------------
+#
+#  unstable:
+#    This is an alpha or beta release of the proxy software
+#  have-adminaddr-info:
+#    An e-mail address for the local Privoxy adminstrator has
+#    been specified and is available through the "admin-address"
+#    symbol
+#  have-proxy-info:
+#    A URL for online documentation about this proxy has been
+#    specified and is available through the "proxy-info-url"
+#    symbol
+#  have-help-info:
+#    If either have-proxy-info is true or have-adminaddr-info is
+#    true, have-help-info is true.  Used to conditionally include
+#    a grey box for any and all help info.
+#  force-support:
+#    Privoxy has been compiled with support for forced loading
+#    of blocked content. In that case, the symbol "force-prefix" is
+#    avaiable, which translates to the FORCE_PREFIX  
+#  have-trust-info:
+#    There were URLs with info on the trust policy defined in the config
+#    file. In this case the list of URLs is available through the
+#    "trust-info" symbol.
+#
+#
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"><html>
+
+<head>
+  <title>Untrusted request (Privoxy@@my-hostname@)</title>
+  <meta http-equiv="Content-Style-Type" content="text/css">
+  <meta http-equiv="Content-Script-Type" content="text/javascript">
+  <meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
+  <meta name="robots" content="noindex,nofollow">
+  <link rel="shortcut icon" href="@default-cgi at error-favicon.ico">
+  <style type="text/css">
+#include cgi-style.css
+  </style>
+</head>
+
+<body>
+
+  <table summary="" cellpadding="20" cellspacing="10" border="0" width="100%">
+    <tr>
+      <td class="status">
+        UNTRUSTED
+      </td>
+      <td class="title" style="width: 100%">
+ 
+#include mod-title
+ 
+      </td>
+    </tr>
+
+<!-- @if-unstable-start -->
+# This will only appear if CODE_STATUS is "alpha" or "beta". See configure.in
+    <tr>
+      <td class="warning" colspan="2">
+
+#include mod-unstable-warning
+
+      </td>
+    </tr>
+<!-- if-unstable-end@ -->
+
+    <tr>
+      <td class="warning" colspan="2">
+        <h2>Request for untrusted URL</h2>
+        <p>Your request for <b>@protocol@@hostport@@path@</b> was blocked,
+          because neither the request URL itself, nor its referrer
+          (<b>@referrer@</b>) were trusted.
+        </p>
+<!-- @if-force-support-start -->
+        <p>(You can <a href="@protocol@@hostport@@force-prefix@@path@">go there anyway</a>.)</p>
+<!-- if-force-support-end@ -->
+      </td>
+    </tr>
+
+    <tr>
+      <td class="box" colspan="2">
+        <h2>The following referrers are trusted:</h2>
+        <ul>
+          @trusted-referrers@
+        </ul>
+      </td>
+    </tr>
+
+<!-- @if-have-trust-info-start -->
+    <tr>
+      <td class="box" colspan="2">
+        <h2>More information on the trust policy:</h2>
+        <p>You can learn more about what this means and what you may be able to do about it by
+          reading the following documents:
+        </p>
+        <ol>
+            @trust-info@
+        </ol>
+      </td>
+    </tr>
+<!-- if-have-trust-info-end@ -->
+
+    <tr>
+      <td class="box" colspan="2">
+        <h2>More Privoxy:</h2>
+        <ul>@menu@<li><a href="@user-manual@">Documentation</a></li></ul>
+      </td>
+    </tr>
+
+    <tr>
+      <td class="info" colspan="2">
+
+#include mod-support-and-service
+
+      </td>
+    </tr>
+
+<!-- @if-have-help-info-start -->
+    <tr>
+      <td class="info" colspan="2">
+
+#include mod-local-help
+
+      </td>
+    </tr>
+<!-- if-have-help-info-end@ -->
+        
+  </table>
+
+</body>
+</html>
diff --git a/external/privoxy/templates/url-info-osd.xml b/external/privoxy/templates/url-info-osd.xml
new file mode 100644
index 0000000..3fbaaf1
--- /dev/null
+++ b/external/privoxy/templates/url-info-osd.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<OpenSearchDescription xmlns="http://a9.com/-/spec/opensearch/1.1/">
+  <ShortName>Privoxy URL Info</ShortName>
+  <Description>
+    Enter a URL to see which Privoxy actions apply.
+    Only works while the browser is configured to use Privoxy.
+  </Description>
+  <InputEncoding>ISO-8859-1</InputEncoding>
+  <OutputEncoding>ISO-8859-1</OutputEncoding>
+  <Developer>Privoxy Team</Developer>
+  <Contact>ijbswa-developers at lists.sourceforge.net</Contact>
+  <Image width="16" height="16" type="image/x-icon">@default-cgi at favicon.ico</Image>
+  <Url type="text/html" method="GET" template="@default-cgi at show-url-info?url={searchTerms}"/>
+</OpenSearchDescription>
diff --git a/external/privoxy/tools/privoxy-log-parser.pl b/external/privoxy/tools/privoxy-log-parser.pl
new file mode 100755
index 0000000..29839a4
--- /dev/null
+++ b/external/privoxy/tools/privoxy-log-parser.pl
@@ -0,0 +1,2064 @@
+#!/usr/bin/perl
+
+################################################################################
+# privoxy-log-parser
+#
+# A parser for Privoxy log messages. For incomplete documentation run
+# perldoc privoxy-log-parser(.pl), for fancy screenshots see:
+#
+# http://www.fabiankeil.de/sourcecode/privoxy-log-parser/
+#
+# $Id: privoxy-log-parser.pl,v 1.23 2009/03/14 15:31:58 fabiankeil Exp $
+#
+# TODO:
+#       - LOG_LEVEL_CGI, LOG_LEVEL_ERROR, LOG_LEVEL_WRITE content highlighting
+#       - create fancy statistics
+#       - grep through Privoxy sources to find unsupported log messages
+#       - hunt down substitutions that match content from variables which
+#         can contain stuff like ()?'[]
+#       - replace $h{'foo'} with h('foo') where possible
+#       - hunt down XXX comments instead of just creating them
+#       - add example log lines for every regex and mark them up for
+#         regression testing
+#       - Handle incomplete input without Perl warning about undefined variables.
+#       - Use generic highlighting function that takes a regex and the
+#         hash key as input.
+#
+# Copyright (c) 2007-2009 Fabian Keil <fk at fabiankeil.de>
+#
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+################################################################################
+
+use strict;
+use warnings;
+use Getopt::Long;
+
+use constant {
+    PRIVOXY_LOG_PARSER_VERSION => '0.5',
+    # Feel free to mess with these ...
+    DEFAULT_BACKGROUND => 'black',  # Choose registered colour (like 'black')
+    DEFAULT_TEXT_COLOUR => 'white', # Choose registered colour (like 'black')
+    HEADER_DEFAULT_COLOUR => 'yellow',
+    REGISTER_HEADERS_WITH_THE_SAME_COLOUR => 1,
+
+    CLI_OPTION_DEFAULT_TO_HTML_OUTPUT => 0,
+    CLI_OPTION_TITLE => 'Privoxy-Log-Parser in da house',
+    CLI_OPTION_NO_EMBEDDED_CSS => 0,
+    CLI_OPTION_NO_MSECS => 0,
+    CLI_OPTION_NO_SYNTAX_HIGHLIGHTING => 0,
+    CLI_OPTION_ERROR_LOG_FILE => '/var/log/privoxy-log.log',
+    CLI_OPTION_SHOW_INEFFECTIVE_FILTERS => 0,
+    CLI_OPTION_ACCEPT_UNKNOWN_MESSAGES => 0,
+    CLI_OPTION_STATISTIC => 0,
+
+    SUPPRESS_SUCCEEDED_FILTER_ADDITIONS => 1,
+    SHOW_SCAN_INTRO => 0,
+    SHOW_FILTER_READIN_IN => 0,
+    SUPPRESS_EMPTY_LINES => 1,
+    SUPPRESS_SUCCESSFUL_CONNECTIONS => 1,
+    SUPPRESS_ACCEPTED_CONNECTIONS => 1,
+    SUPPRESS_GIF_NOT_CHANGED => 1,
+    SUPPRESS_NEED_TO_DE_CHUNK_FIRST => 1,
+
+    DEBUG_HEADER_REGISTERING => 0,
+    DEBUG_HEADER_HIGHLIGHTING => 0,
+    DEBUG_TICKS => 0,
+    DEBUG_PAINT_IT => 0,
+    DEBUG_SUPPRESS_LOG_MESSAGES => 0,
+
+    PUNISH_MISSING_LOG_KNOWLEDGE_WITH_DEATH => 0,
+    PUNISH_MISSING_HIGHLIGHT_KNOWLEDGE_WITH_DEATH => 1,
+
+    LOG_UNPARSED_LINES_TO_EXTRA_FILE => 0,
+
+    # You better leave these alone unless you know what you're doing.
+    COLOUR_RESET      => "\033[0;0m",
+    ESCAPE => "\033[",
+};
+
+sub prepare_our_stuff () {
+
+    # Syntax Higlight hash
+    our @all_colours = (
+        'red', 'green', 'brown', 'blue', 'purple', 'cyan',
+        'light_gray', 'light_red', 'light_green', 'yellow',
+        'light_blue', 'pink', 'light_cyan', 'white'
+    );
+
+    our %h = (
+        # LOG_LEVEL
+        Info            => 'blue',
+        Header          => 'green',
+        Filter          => 'purple', # XXX: Used?
+        'Re-Filter'     => 'purple',
+        Connect         => 'brown',
+        Request         => 'light_cyan',
+        CGI             => 'light_green',
+        Redirect        => 'cyan',
+        Error           => 'light_red',
+        Crunch          => 'cyan',
+        'Fatal error'   => 'light_red',
+        'Gif-Deanimate' => 'blue',
+        Force           => 'red',
+        Writing         => 'light_green',
+        # ----------------------
+        URL                  => 'yellow',
+        path                 => 'brown',
+        request_             => 'brown', # host+path but no protocol
+        'ip-address'         => 'yellow',
+        Number               => 'yellow',
+        Standard             => 'reset',
+        Truncation           => 'light_red',
+        Status               => 'brown',
+        Timestamp            => 'brown',
+        Crunching            => 'light_red',
+        crunched             => 'light_red',
+        'Request-Line'       => 'pink',
+        method               => 'purple',
+        destination          => 'yellow',
+        'http-version'       => 'pink',
+        'crunch-pattern'     => 'pink',
+        not                  => 'brown',
+        file                 => 'brown',
+        signal               => 'yellow',
+        version              => 'green',
+        'program-name'       => 'cyan',
+        port                 => 'red',
+        host                 => 'red',
+        warning              => 'light_red',
+        debug                => 'light_red',
+        filter               => 'green',
+        tag                  => 'green',
+        tagger               => 'green',
+        'status-message'     => 'light_cyan',
+        'status-code'        => 'yellow',
+        'invalid-request'    => 'light_red',
+        'hits'               => 'yellow',
+        error                => 'light_red',
+        'rewritten-URL'      => 'light_red',
+        'pcrs-delimiter'     => 'light_red',
+        'ignored'            => 'light_red',
+        'action-bits-update' => 'light_red',
+        'configuration-line' => 'red',
+        'content-type'       => 'yellow',
+    );
+
+    our %h_colours = %h;
+
+    # Header colours need their own hash so the keys can be accessed properly
+    our %header_colours = (
+        # Prefilled with headers that should not appear with default header colours
+        Cookie => 'light_red',
+        'Set-Cookie' => 'light_red',
+        Warning => 'light_red',
+        Default => HEADER_DEFAULT_COLOUR,
+    );
+
+    # Crunch reasons need their own hash as well
+    our %reason_colours = (
+        'Unsupported HTTP feature'               => 'light_red',
+        Blocked                                  => 'light_red',
+        Untrusted                                => 'light_red',
+        Redirected                               => 'green', 
+        'CGI Call'                               => 'white',
+        'DNS failure'                            => 'red',
+        'Forwarding failed'                      => 'light_red',
+        'Connection failure'                     => 'light_red',
+        'Out of memory (may mask other reasons)' => 'light_red',
+        'No reason recorded'                     => 'light_red',
+    );
+
+    our @time_colours = ('white', 'light_gray');
+
+    # Translate highlight strings into highlight code
+    prepare_highlight_hash(\%header_colours);
+    prepare_highlight_hash(\%reason_colours);
+    prepare_highlight_hash(\%h);
+    prepare_colour_array(\@all_colours);
+    prepare_colour_array(\@time_colours);
+    init_css_colours();
+}
+
+sub paint_it ($) {
+###############################################################
+# Takes a colour string and returns an ANSI escape sequence
+# (unless --no-syntax-highlighting is used).
+# XXX: The Rolling Stones reference has to go.
+###############################################################
+
+    my $colour = shift @_;
+
+    return "" if cli_option_is_set('no-syntax-highlighting');
+
+    my %light = (
+        black       => 0,    
+        red         => 0,   
+        green       => 0,  
+        brown       => 0, 
+        blue        => 0,   
+        purple      => 0, 
+        cyan        => 0,  
+        light_gray  => 0,
+        gray        => 0,
+        dark_gray   => 1,
+        light_red   => 1,
+        light_green => 1,
+        yellow      => 1,
+        light_blue  => 1,
+        pink        => 1,
+        light_cyan  => 1,
+        white       => 1,
+    );
+
+    my %text = (
+        black       => 30,    
+        red         => 31,   
+        green       => 32,  
+        brown       => 33, 
+        blue        => 34,   
+        purple      => 35, 
+        cyan        => 36,  
+        gray        => 37,
+        light_gray  => 37,
+        dark_gray   => 30,
+        light_red   => 31,
+        light_green => 32,
+        yellow      => 33,
+        light_blue  => 34,
+        pink        => 35,
+        light_cyan  => 36,
+        white       => 37,
+    );
+
+    my $bg_code = get_background();
+    my $colour_code;
+    our $default = default_colours();
+
+    if (defined($text{$colour})) {
+        $colour_code  = ESCAPE;
+        $colour_code .= $text{$colour};
+        $colour_code .= ";";
+        $colour_code .= $light{$colour} ? "1" : "2";
+        $colour_code .= ";";
+        $colour_code .= $bg_code; 
+        $colour_code .= "m";
+        debug_message $colour . " is \'" . $colour_code . $colour . $default . "\'" if DEBUG_PAINT_IT; 
+
+    } elsif ($colour =~ /reset/) {
+
+        $colour_code = default_colours();
+
+    } else {
+
+        die "What's $colour supposed to mean?\n"; 
+    }
+
+    return $colour_code;
+}
+
+sub get_semantic_html_markup ($) {
+###############################################################
+# Takes a string and returns a span element
+###############################################################
+
+    my $type = shift @_;
+    my $code;
+
+    if ($type =~ /Standard/) {
+        $code = '</span>';
+    } else {
+        $type = lc($type);
+        $code = '<span title="' . $type . '" class="' . $type . '">';
+    }
+
+    return $code;
+}
+
+sub cli_option_is_set ($) {
+
+    our %cli_options;
+    my $cli_option = shift;
+
+    die "Unknown CLI option: $cli_option" unless defined $cli_options{$cli_option};
+
+    return $cli_options{$cli_option};
+}
+
+sub get_html_title () {
+
+    our %cli_options;
+    return $cli_options{'title'};
+
+}
+
+sub init_css_colours() {
+
+    our %css_colours = (
+        black       => "000",    
+        red         => "F00",   
+        green       => "0F0",  
+        brown       => "C90", 
+        blue        => "0F0",   
+        purple      => "F06", # XXX: wrong  
+        cyan        => "F09", # XXX: wrong  
+        light_gray  => "999",
+        gray        => "333",
+        dark_gray   => "222",
+        light_red   => "F33",
+        light_green => "33F",
+        yellow      => "FF0",
+        light_blue  => "30F",
+        pink        => "F0F",
+        light_cyan  => "66F",
+        white       => "FFF",
+    );
+}
+
+sub get_css_colour ($) {
+
+   our %css_colours;
+   my $colour = shift;
+
+   die "What's $colour supposed to mean?\n" unless defined($css_colours{$colour}); 
+
+   return '#' . $css_colours{$colour};
+}
+
+sub get_css_line ($) {
+
+    our %h_colours;
+
+    my $class = shift;
+    my $css_line;
+
+    $css_line .= '.' . lc($class) . ' {'; # XXX: lc() shouldn't be necessary
+    die "What's $class supposed to mean?\n" unless defined($h_colours{$class}); 
+    $css_line .= 'color:' . get_css_colour($h_colours{$class}) . ';';
+    $css_line .= 'background-color:' . get_css_colour(DEFAULT_BACKGROUND) . ';';
+    $css_line .= '}' . "\n"; 
+
+    return $css_line;
+}
+
+sub get_css_line_for_colour ($) {
+
+    our %h_colours;
+
+    my $colour = shift;
+    my $css_line;
+
+    $css_line .= '.' . lc($colour) . ' {'; # XXX: lc() shouldn't be necessary
+    $css_line .= 'color:' . get_css_colour($colour) . ';';
+    $css_line .= 'background-color:' . get_css_colour(DEFAULT_BACKGROUND) . ';';
+    $css_line .= '}' . "\n"; 
+
+    return $css_line;
+}
+
+# XXX: Wrong solution
+sub get_missing_css_lines () {
+
+    my $css_line;
+
+    $css_line .= '.' . 'default' . ' {'; # XXX: lc() shouldn't be necessary
+    $css_line .= 'color:' . HEADER_DEFAULT_COLOUR . ';';
+    $css_line .= 'background-color:' . get_css_colour(DEFAULT_BACKGROUND) . ';';
+    $css_line .= '}' . "\n"; 
+
+    return $css_line;
+}
+
+sub get_css () {
+
+    our %h_colours;
+    our %css_colours; #XXX: Wrong solution
+
+    my $css = '';
+
+    $css .= '.privoxy-log {';
+    $css .= 'color:' . get_css_colour(DEFAULT_TEXT_COLOUR) . ';';
+    $css .= 'background-color:' . get_css_colour(DEFAULT_BACKGROUND) . ';';
+    $css .= '}' . "\n"; 
+ 
+    foreach my $key (keys %h_colours) {
+
+        next if ($h_colours{$key} =~ m/reset/); #XXX: Wrong solution.
+        $css .= get_css_line($key);
+
+    }
+
+    foreach my $colour (keys %css_colours) {
+
+        $css .= get_css_line_for_colour($colour);
+
+    }
+
+    $css .= get_missing_css_lines(); #XXX: Wrong solution
+
+    return $css;
+}
+
+sub print_intro () {
+
+    my $intro = '';
+
+    if (cli_option_is_set('html-output')) {
+
+        my $title = get_html_title();
+
+        $intro .= '<html><head>';
+        $intro .= '<title>' . $title . '</title>';
+        $intro .= '<style>' . get_css() . '</style>' unless cli_option_is_set('no-embedded-css');
+        $intro .= '</head><body>';
+        $intro .= '<h1>' . $title . '</h1><p class="privoxy-log">';
+
+        print $intro;
+    }
+}
+
+sub print_outro () {
+
+    my $outro = '';
+
+    if (cli_option_is_set('html-output')) {
+
+        $outro = '</p></body></html>';
+        print $outro;
+
+    }
+}
+
+sub get_line_end () {
+
+    my $line_end = "\n";
+
+    $line_end = '<br>' . $line_end if cli_option_is_set('html-output');
+
+    return $line_end;
+}
+
+sub get_colour_html_markup ($) {
+###############################################################
+# Takes a colour string a span element. XXX: WHAT?
+# XXX: This function shouldn't be necessary, the
+# markup should always be semantically correct.
+###############################################################
+
+    my $type = shift @_;
+    my $code;
+
+    if ($type =~ /Standard/) {
+        $code = '</span>';
+    } else {
+        $code = '<span class="' . lc($type) . '">';
+    }
+
+    return $code;
+}
+
+sub default_colours () {
+    # XXX: Properly
+    our $bg_code;
+    return reset_colours();
+}
+
+sub show_colours () {
+    # XXX: Implement
+}
+
+sub reset_colours () {
+    return ESCAPE . "0m";
+}
+
+sub set_background ($){
+
+    my $colour = shift;
+    our $bg_code;
+    my %backgrounds = (
+              black       => "40",    
+              red         => "41",   
+              green       => "42",  
+              brown       => "43", 
+              blue        => "44",   
+              magenta     => "45",  
+              cyan        => "46",
+              white       => "47",  
+              default     => "49",  
+    );
+    
+    if (defined($backgrounds{$colour})) {
+        $bg_code = $backgrounds{$colour};
+    } else {
+        die "Invalid background colour: " . $colour;
+    }
+}
+
+sub get_background (){
+    return our $bg_code;
+}
+
+sub prepare_highlight_hash ($) {
+    my $ref = shift;
+
+    if (!cli_option_is_set('html-output')) {
+
+        foreach my $key (keys %$ref) {
+            $$ref{$key} = paint_it($$ref{$key}); 
+        }
+
+    } else {
+
+        foreach my $key (keys %$ref) {
+            $$ref{$key} = get_semantic_html_markup($key); 
+        }
+
+    } 
+}
+
+sub prepare_colour_array ($) {
+    my $ref = shift;
+
+    if (!cli_option_is_set('html-output')) {
+
+        foreach my $i (0 ... @$ref - 1) {
+            $$ref[$i] = paint_it($$ref[$i]); 
+        } 
+
+    } else {
+
+        foreach my $i (0 ... @$ref - 1) {
+            $$ref[$i] = get_colour_html_markup($$ref[$i]);
+        } 
+
+    }
+}
+
+sub found_unknown_content ($) {
+
+    my $unknown = shift;
+    my $message;
+
+    our %req;
+    our $t;
+
+    return if cli_option_is_set('accept-unknown-messages');
+
+    return if ($unknown =~ /\[too long, truncated\]$/);
+
+    $message = "found_unknown_content: Don't know how to highlight: ";
+    # Break line so the log file can later be parsed as Privoxy log file again
+    $message .= '"' . $unknown . '"' . " in:\n";
+    $message .= $req{$t}{'log-message'};
+    debug_message($message);
+    log_parse_error($req{$t}{'log-message'});
+
+    die "Unworthy content parser" if PUNISH_MISSING_LOG_KNOWLEDGE_WITH_DEATH;
+}
+
+sub log_parse_error ($) {
+
+    my $message = shift;
+
+    if (LOG_UNPARSED_LINES_TO_EXTRA_FILE) {
+        open(ERRORLOG, ">>" . ERROR_LOG_FILE) || die "Writing " . ERROR_LOG_FILE . " failed";
+        print ERRORLOG $message;
+        close(ERRORLOG);
+    }
+}
+
+sub debug_message (@) {
+    my @message = @_;
+    our %h;
+
+    print $h{'debug'} . "@message" . $h{'Standard'} . "\n";
+}
+
+################################################################################
+# highlighter functions that aren't loglevel-specific 
+################################################################################
+
+sub h ($) {
+
+    # Get highlight marker
+    our %h;
+    my $highlight = shift; # XXX: Stupid name;
+    my $result = '';
+    my $message;
+
+    if (defined($highlight)) {
+
+        $result = $h{$highlight};
+
+    } else {
+
+        $message = "h: Don't recognize highlighter $highlight.";
+        debug_message($message);
+        log_parser_error($message);
+        die "Unworthy highlighter function" if PUNISH_MISSING_HIGHLIGHT_KNOWLEDGE_WITH_DEATH;
+    }
+   
+    return $result;
+}
+
+sub highlight_known_headers ($) {
+
+    my $content = shift;
+    our %header_colours;
+    our %h;
+    my $headers = join ('|', keys %header_colours);
+
+    debug_message("Searching $content for things to highlight.") if DEBUG_HEADER_HIGHLIGHTING;
+
+    if ($content =~ m/(?<=\s)($headers):/) {
+        my $header = $1;
+        $content =~ s@(?<=[\s|'])($header)(?=:)@$header_colours{$header}$1$h{'Standard'}@ig;
+        debug_message("Highlighted $content") if DEBUG_HEADER_HIGHLIGHTING;
+    }
+
+    return $content;
+}
+
+sub highlight_matched_request_line ($$) {
+
+    my $result = shift; # XXX: Stupid name;
+    my $regex = shift;
+    if ($result =~ m@(.*)($regex)(.*)@) {
+        $result = $1 . highlight_request_line($2) . $3
+    }
+    return $result;
+}
+
+sub highlight_request_line ($) {
+
+    my $rl = shift;
+    my ($method, $url, $http_version);
+    our %h;
+
+    #GET http://images.sourceforge.net/sfx/icon_warning.gif HTTP/1.1
+    if ($rl =~ m/Invalid request/) {
+
+        $rl = h('invalid-request') . $rl . h('Standard');
+
+    } elsif ($rl =~ m/^([-\w]+) (.*) (HTTP\/\d\.\d)/) {
+
+        # XXX: might not match in case of HTTP method fuzzing.
+        # XXX: save these: ($method, $path, $http_version) = ($1, $2, $3);
+        $rl =~ s@^(\w+)@$h{'method'}$1$h{'Standard'}@;
+        if ($rl =~ /http:\/\//) {
+            $rl = highlight_matched_url($rl, '[^\s]*(?=\sHTTP)');
+        } else {
+            $rl = highlight_matched_pattern($rl, 'request_', '[^\s]*(?=\sHTTP)');
+        }
+
+        $rl =~ s@(HTTP\/\d\.\d)$@$h{'http-version'}$1$h{'Standard'}@;
+
+    } elsif ($rl =~ m/\.\.\. \[too long, truncated\]$/) {
+
+        $rl =~ s@^(\w+)@$h{'method'}$1$h{'Standard'}@;
+        $rl = highlight_matched_url($rl, '[^\s]*(?=\.\.\.)');
+
+    } elsif ($rl =~ m/^ $/) {
+
+        $rl = h('error') . "No request line specified!" . h('Standard');
+
+    } else {
+
+        debug_message ("Can't parse request line: $rl");
+
+    }
+
+    return $rl;
+}
+
+sub highlight_response_line ($) {
+
+    my $rl = shift;
+    my ($http_version, $status_code, $status_message);
+
+    #HTTP/1.1 200 OK
+    #ICY 200 OK
+
+    # TODO: Mark different status codes differently
+
+    if ($rl =~ m/((?:HTTP\/\d\.\d|ICY)) (\d+) (.*)/) {
+        ($http_version, $status_code, $status_message) = ($1, $2, $3);
+    } else {
+        debug_message ("Can't parse response line: $rl") and die 'Fix this';
+    }
+
+    # Rebuild highlighted
+    $rl= "";
+    $rl .= h('http-version') . $http_version . h('Standard');
+    $rl .= " ";
+    $rl .= h('status-code') . $status_code . h('Standard');
+    $rl .= " ";
+    $rl .= h('status-message') . $status_message . h('Standard');
+
+    return $rl;
+}
+
+sub highlight_matched_url ($$) {
+
+    my $result = shift; # XXX: Stupid name;
+    my $regex = shift;
+
+    #print "Got $result, regex ($regex)\n";
+
+    if ($result =~ m@(.*?)($regex)(.*)@) {
+        $result = $1 . highlight_url($2) . $3;
+        #print "Now the result is $result\n";
+    }
+
+    return $result;
+}
+
+sub highlight_matched_host ($$) {
+
+    my $result = shift; # XXX: Stupid name;
+    my $regex = shift;
+
+    if ($result =~ m@(.*?)($regex)(.*)@) {
+        $result = $1 . h('host') . $2 . h('Standard') . $3;
+    }
+
+    return $result;
+}
+
+sub highlight_matched_pattern ($$$) {
+
+    our %h;
+    my $result = shift; # XXX: Stupid name;
+    my $key = shift;
+    my $regex = shift;
+
+    die "Unknown key $key" unless defined $h{$key};
+
+    if ($result =~ m@(.*?)($regex)(.*)@) {
+        $result = $1 . h($key) . $2 . h('Standard') . $3;
+    }
+
+    return $result;
+}
+
+sub highlight_matched_path ($$) {
+
+    my $result = shift; # XXX: Stupid name;
+    my $regex = shift;
+
+    if ($result =~ m@(.*?)($regex)(.*)@) {
+        $result = $1 . h('path') . $2 . h('Standard') . $3;
+    }
+
+    return $result;
+}
+
+sub highlight_url ($) {
+
+    my $url = shift;
+
+    if (cli_option_is_set('html-output')) {
+
+        $url = '<a href="' . $url . '">' . $url . '</a>';
+
+    } else {
+
+        $url = h('URL') . $url . h('Standard');
+
+    }
+
+    return $url;
+}
+
+################################################################################
+# loglevel-specific highlighter functions
+################################################################################
+
+sub handle_loglevel_header ($) {
+
+    my $content = shift;
+    my $c = $content;
+    our $t;
+    our %req;
+    our %h;
+    our %header_colours;
+    our @all_colours;
+    our $header_colour_index;
+    our $no_special_header_highlighting;
+
+    # Register new headers
+    # scan: Accept: image/png,image/*;q=0.8,*/*;q=0.5
+    if ($c =~ m/^scan: ((?>[^:]+)):/) {
+        my $header = $1;
+        if (!defined($header_colours{$header}) and $header =~ /^[\d\w-]*$/) {
+            debug_message "Registering previously unknown header $1" if DEBUG_HEADER_REGISTERING;
+
+            if (REGISTER_HEADERS_WITH_THE_SAME_COLOUR) {
+                $header_colours{$header} =  $header_colours{'Default'};
+            } else {
+                $header_colours{$header} = $all_colours[$header_colour_index % @all_colours];
+                $header_colour_index++;
+            }
+        }
+    }
+
+    if ($c =~ m/^scan: ((\w*) (.*) (HTTP\/\d\.\d))/) {
+
+            # Client request line
+            # Save for statistics (XXX: Not implemented yet)
+            $req{$t}{'method'} = $2;
+            $req{$t}{'destination'} = $3;
+            $req{$t}{'http-version'} = $4;
+
+            $content = highlight_request_line($1);
+
+    } elsif ($c =~ m/^(scan: )((?:HTTP\/\d\.\d|ICY) (\d+) (.*))/) {
+
+            # Server response line
+            $req{$t}{'response_line'} = $2;
+            $req{$t}{'status_code'} = $3;
+            $req{$t}{'status_message'} = $4;
+            $content = $1 . highlight_response_line($req{$t}{'response_line'});
+
+    } elsif ($c =~ m/^Crunching (?:server|client) header: .* \(contains: ([^\)]*)\)/) {
+
+        # Crunching server header: Set-Cookie: trac_form_token=d5308c34e16d15e9e301a456; (contains: Cookie:)
+        $content =~ s@(?<=contains: )($1)@$h{'crunch-pattern'}$1$h{'Standard'}@;
+        $content =~ s@(Crunching)@$h{$1}$1$h{'Standard'}@;    
+
+    } elsif ($c =~ m/^New host is: ([^\s]*)\./) {
+
+        # New host is: trac.vidalia-project.net. Crunching Referer: http://www.vidalia-project.net/
+        $c = highlight_matched_host($c, '(?<=New host is: )[^\s]+');
+        $content = highlight_matched_url($c, '(?<=Crunching Referer: )[^\s]+');
+
+    } elsif ($c =~ m/^Text mode enabled by force. (Take cover)!/) {
+
+        # Text mode enabled by force. Take cover!
+        $content =~ s@($1)@$h{'warning'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^(New HTTP Request-Line: )(.*)/) {
+
+        # New HTTP Request-Line: GET http://www.privoxy.org/ HTTP/1.1
+        $content = $1 . highlight_request_line($2);
+
+    } elsif ($c =~ m/^Adjust(ed)? Content-Length to \d+/) {
+
+        # Adjusted Content-Length to 2132
+        # Adjust Content-Length to 33533
+        $content =~ s@(?<=Content-Length to )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+        $content = highlight_known_headers($content);
+
+    } elsif ($c =~ m/^Destination extracted from "Host:" header. New request URL:/) {
+
+        # Destination extracted from "Host:" header. New request URL: http://www.cccmz.de/~ridcully/blog/
+        $content = highlight_matched_url($content, '(?<=New request URL: ).*');
+
+    } elsif ($c =~ m/^Couldn\'t parse:/) {
+
+        # XXX: These should probable be logged with LOG_LEVEL_ERROR
+        # Couldn't parse: If-Modified-Since: Wed, 21 Mar 2007 16:34:50 GMT (crunching!)
+        # Couldn't parse: at, 24 Mar 2007 13:46:21 GMT in If-Modified-Since: Sat, 24 Mar 2007 13:46:21 GMT (crunching!)
+        $content =~ s@^(Couldn\'t parse)@$h{'error'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ /^Tagger \'([^\']*)\' added tag \'([^\']*)\'/ or
+             $c =~ m/^Adding tag \'([^\']*)\' created by header tagger \'([^\']*)\'/) {
+
+        # Adding tag 'GET request' created by header tagger 'method-man' (XXX: no longer used)
+        # Tagger 'revalidation' added tag 'REVALIDATION-REQUEST'. No action bit update necessary.
+        # Tagger 'revalidation' added tag 'REVALIDATION-REQUEST'. Action bits updated accordingly.
+
+        # XXX: Save tag and tagger
+
+        $content =~ s@(?<=^Tagger \')([^\']*)@$h{'tagger'}$1$h{'Standard'}@;
+        $content =~ s@(?<=added tag \')([^\']*)@$h{'tag'}$1$h{'Standard'}@;
+        $content =~ s@(?<=Action bits )(updated)@$h{'action-bits-update'}$1$h{'Standard'}@;
+        $no_special_header_highlighting = 1;
+
+    } elsif ($c =~ /^Tagger \'([^\']*)\' didn['']t add tag \'([^\']*)\'/) {
+
+        # Tagger 'revalidation' didn't add tag 'REVALIDATION-REQUEST'. Tag already present
+        # XXX: Save tag and tagger
+
+        $content =~ s@(?<=^Tagger \')([^\']*)@$h{'tag'}$1$h{'Standard'}@;
+        $content =~ s@(?<=didn['']t add tag \')([^\']*)@$h{'tagger'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^(?:scan:|Randomiz|addh:|Adding:|Removing:|Referer:|Modified:|Accept-Language header|[Cc]ookie)/
+          or $c =~ m/^(Text mode is already enabled|Denied request with NULL byte|Replaced:|add-unique:)/
+          or $c =~ m/^(Crunched (incoming|outgoing) cookie|Suppressed offer|Accepted the client)/
+          or $c =~ m/^(addh-unique|Referer forged to)/
+          or $c =~ m/^Downgraded answer to HTTP\/1.0/
+          or $c =~ m/^Parameter: \+hide-referrer\{[^\}]*\} is a bad idea, but I don\'t care./
+          or $c =~ m/^Referer (?:overwritten|replaced) with: Referer: / #XXX: should this be highlighted?
+          or $c =~ m/^Referer crunched!/
+          or $c =~ m/^crunched x-forwarded-for!/
+          or $c =~ m/^crunched From!/
+          or $c =~ m/^ modified$/
+          or $c =~ m/^Content filtering is enabled. Crunching:/
+          or $c =~ m/^force-text-mode overruled the client/
+          or $c =~ m/^Server time in the future\./
+          or $c =~ m/^content-disposition header crunched and replaced with:/i
+          or $c =~ m/^Reducing white space in /
+          or $c =~ m/^Ignoring single quote in /
+          or $c =~ m/^Converting tab to space in /
+          or $c =~ m/A HTTP\/1\.1 response without/
+          or $c =~ m/Disabled filter mode on behalf of the client/
+            )
+    {
+        # XXX: Some of these may need highlighting
+
+        # Modified: User-Agent: Mozilla/5.0 (X11; U; SunOS i86pc; pl-PL; rv:1.8.1.1) Gecko/20070214 Firefox/2.0.0.1
+        # Accept-Language header crunched and replaced with: Accept-Language: pl-pl
+        # cookie 'Set-Cookie: eZSessionCookie=07bfec287c197440d299f81580593c3d; \
+        #  expires=Thursday, 12-Apr-07 15:16:18 GMT; path=/' send by \
+        #  http://wirres.net/article/articleview/4265/1/6/ appears to be using time format 1 (XXX: gone with the wind)
+        # Cookie rewritten to a temporary one: Set-Cookie: NSC_gffe-iuuq-mc-wtfswfs=8efb33a53660;path=/
+        # Text mode is already enabled
+        # Denied request with NULL byte(s) turned into line break(s)
+        # Replaced: 'Connection: Yo, home to Bel Air' with 'Connection: close'
+        # addh-unique: Host: people.freebsd.org
+        # Suppressed offer to compress content
+        # Crunched incoming cookie -- yum!
+        # Accepted the client's request to fetch without filtering.
+        # Crunched outgoing cookie: Cookie: PREF=ID=6cf0abd347b30262:TM=1173357617:LM=1173357617:S=jZypyyJ7LPiwFi1_
+        # addh-unique: Host: subkeys.pgp.net:11371
+        # Referer forged to: Referer: http://10.0.0.1/
+        # Downgraded answer to HTTP/1.0
+        # Parameter: +hide-referrer{pille-palle} is a bad idea, but I don't care.
+        # Referer overwritten with: Referer: pille-palle
+        # Referer replaced with: Referer: pille-palle
+        # crunched x-forwarded-for!
+        # crunched From!
+        #  modified # XXX: pretty stupid log message
+        # Content filtering is enabled. Crunching: 'Range: 1234-5678' to prevent range-mismatch problems
+        # force-text-mode overruled the client's request to fetch without filtering!
+        # Server time in the future.
+        # content-disposition header crunched and replaced with: content-disposition: filename=baz
+        # Content-Disposition header crunched and replaced with: content-disposition: filename=baz
+        # Reducing white space in 'X-LWS-Test: "This  is  quoted" this is not "this  is  " but " this again   is  not'
+        # Ignoring single quote in 'X-LWS-Test: "This  is  quoted" this is not "this  is  " but "  this again   is  not'
+        # Converting tab to space in 'X-LWS-Test:   "This  is  quoted" this   is  not "this  is  "  but  "\
+        #  this again   is  not'
+        # A HTTP/1.1 response without Connection header implies keep-alive.
+        # Disabled filter mode on behalf of the client.
+
+    } elsif ($c =~ m/^scanning headers for:/) {
+
+        return '' unless SHOW_SCAN_INTRO;
+
+    } elsif ($c =~ m/^[Cc]runch(ing|ed)|crumble crunched:/) {
+        # crunched User-Agent!
+        # Crunching: Content-Encoding: gzip
+
+        $content =~ s@(Crunching|crunched)@$h{$1}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Offending request data with NULL bytes turned into \'°\' characters:/) {
+        
+        # Offending request data with NULL bytes turned into '°' characters: °°n°°(°°°
+
+        $content = h('warning') . $content . h('Standard');
+ 
+    } elsif ($c =~ m/^(Transforming \")(.*?)(\" to \")(.*?)(\")/) {
+
+        # Transforming "Proxy-Authenticate: Basic realm="Correos Proxy Server"" to\
+        #  "Proxy-Authenticate: Basic realm="Correos Proxy Server""
+
+       $content =~ s@(?<=^Transforming \")(.*)(?=\" to)@$h{'Header'}$1$h{'Standard'}@;
+       $content =~ s@(?<=to \")(.*)(?=\")@$h{'Header'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Removing empty header/) {
+
+        # Removing empty header
+        # Ignore for now
+
+    } elsif ($c =~ m/^Content-Type: .* not replaced/) {
+
+        # Content-Type: application/octet-stream not replaced. It doesn't look like text.\
+        #  Enable force-text-mode if you know what you're doing.
+        # XXX: Could highlight more here.
+        $content =~ s@(?<=^Content-Type: )(.*)(?= not replaced)@$h{'content-type'}$1$h{'Standard'}@;
+
+    } else {
+
+        found_unknown_content($content);
+    }
+
+    # Highlight headers   
+    unless ($c =~ m/^Transforming/) {
+        $content = highlight_known_headers($content) unless $no_special_header_highlighting;
+    }
+
+    return $content;
+}
+
+sub handle_loglevel_re_filter ($) {
+
+    my $content = shift;
+    my $c = $content;
+    my $key;
+    our $t;
+    our %req;
+    our %h;
+    our %header_colours;
+    our @all_colours;
+    our $header_colour_index;
+
+    if ($c =~ /\.{3}$/
+        and $c =~ m/^(?:re_)?filtering \'?(.*?)\'? \(size (\d*)\) with (?:filter )?\'?([^\s]*?)\'? ?\.{3}$/) {
+
+        # Used by Privoxy 3.0.5 and 3.0.6:
+        # XXX: Fill in ...
+        # Used by Privoxy 3.0.7:
+        # filtering 'Connection: close' (size 17) with 'generic-content-ads' ...
+
+        $req{$t}{'filtered_header'} = $1;
+        $req{$t}{'old_header_size'} = $2;
+        $req{$t}{'header_filter_name'} = $3;
+
+        unless (cli_option_is_set('show-ineffective-filters') or
+                $req{$t}{'header_filter_name'} =~ m/^privoxy-filter-test$/) {
+            return '';
+        }
+        $content =~ s@(?<=\(size )(\d+)@$h{'Number'}$1$h{'Standard'}@;   
+        $content =~ s@($req{$t}{'header_filter_name'})@$h{'filter'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^ ?\.\.\. ?produced (\d*) hits \(new size (\d*)\)\./) {
+
+        # ...produced 0 hits (new size 23).
+        #... produced 1 hits (new size 54).
+
+        $req{$t}{'header_filter_hits'} = $1;
+        $req{$t}{'new_header_size'} = $2;
+
+        unless (cli_option_is_set('show-ineffective-filters') or
+                (defined($req{$t}{'header_filter_name'}) and
+                 $req{$t}{'header_filter_name'} =~ m/^privoxy-filter-test$/)) {
+
+            if ($req{$t}{'header_filter_hits'} == 0 and
+                not (defined($req{$t}{'header_filter_name'}) and
+                 $req{$t}{'header_filter_name'} =~ m/^privoxy-filter-test$/)) {
+                return ''; 
+            }
+            # Reformat including information from the intro
+            $c = "'" . h('filter') . $req{$t}{'header_filter_name'} . h('Standard') . "'";
+            $c .= " hit ";
+            # XXX: Hide behind constant, it may be interesting if LOG_LEVEL_HEADER isn't enabled as well.
+            # $c .= $req{$t}{'filtered_header'} . " ";
+            $c .= h('Number') . $req{$t}{'header_filter_hits'}. h('Standard');
+            $c .= ($req{$t}{'header_filter_hits'} == 1) ? " time, " : " times, ";
+
+            if ($req{$t}{'old_header_size'} !=  $req{$t}{'new_header_size'}) {
+
+                $c .= "changing size from ";
+                $c .=  h('Number') . $req{$t}{'old_header_size'} . h('Standard');
+                $c .= " to ";
+                $c .= h('Number') . $req{$t}{'new_header_size'} . h('Standard');
+                $c .= ".";
+
+            } else {
+
+                $c .= "keeping the size at " . $req{$t}{'old_header_size'};
+
+            }
+
+            # Highlight from last line (XXX: What?)
+            # $c =~ s@(?<=produced )(\d+)@$h{'Number'}$1$h{'Standard'}@;   
+            # $c =~ s@($req{$t}{'header_filter_name'})@$h{'filter'}$1$h{'Standard'}@;
+
+        } else {
+
+           # XXX: Untested
+           $c =~ s@(?<=produced )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+           $c =~ s@(?<=new size )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+
+        }
+        $content = $c;
+
+    } elsif ($c =~ m/^(Tagger|Filter) ([^\s]*) has empty joblist. Nothing to do./) {
+
+        # Filter privoxy-filter-test has empty joblist. Nothing to do.
+        # Tagger variable-test has empty joblist. Nothing to do.
+
+        $content =~ s@(?<=$1 )([^\s]*)@$h{'filter'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^(?:re_)?filtering ([^\s]+) \(size (\d+)\) with (?:filter )?\'?([^\s]+?)\'? produced (\d+) hits \(new size (\d+)\)/) {
+
+        # XXX: only the second version gets highlighted properly.
+        # re_filtering www.lfk.de/favicon.ico (size 209) with filter untrackable-hulk produced 0 hits (new size 209).
+        # filtering aci.blogg.de/ (size 37988) with 'blogg.de' produced 3 hits (new size 38057)
+        $req{$t}{'content_source'} = $1;
+        $req{$t}{'content_size'}   = $2;
+        $req{$t}{'content_filter'} = $3;
+        $req{$t}{'content_hits'}   = $4;
+        $req{$t}{'new_content_size'} = $5;
+        $req{$t}{'content_size_change'} = $req{$t}{'new_content_size'} - $req{$t}{'content_size'};
+        #return '' if ($req{$t}{'content_hits'} == 0 && !cli_option_is_set('show-ineffective-filters'));
+        if ($req{$t}{'content_hits'} == 0 and
+            not (cli_option_is_set('show-ineffective-filters')
+                 or ($req{$t}{'content_filter'} =~ m/^privoxy-filter-test$/))) {
+                return ''; 
+        }
+
+        $c =~ s@(?<=\(size )(\d+)\)(?= with)@$h{'Number'}$1$h{'Standard'}@;
+        $c =~ s@(?<=\(new size )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+        $c =~ s@(?<=produced )(\d+)(?= hits)@$h{'Number'}$1$h{'Standard'}@;
+
+        $c =~ s@([^\s]+?)(\'? produced)@$h{'filter'}$1$h{'Standard'}$2@;
+        $c = highlight_matched_host($c, '(?<=filtering )[^\s]+');
+
+        $c =~ s@\.$@ @;
+        $c .= "(" . $h{'Number'};
+        $c .= "+" if ($req{$t}{'content_size_change'} >= 0);
+        $c .= $req{$t}{'content_size_change'} . $h{'Standard'} . ")";
+        $content = $c;
+
+    } elsif ($c =~ m/^De-chunking successful. Shrunk from (\d+) to (\d+)/) {
+
+        $req{$t}{'chunked-size'} = $1;
+        $req{$t}{'dechunked-size'} = $2;
+        $req{$t}{'dechunk-change'} = $req{$t}{'dechunked-size'} - $req{$t}{'chunked-size'};
+
+        $content .= " (" . h('Number') . $req{$t}{'dechunk-change'} . h('Standard') . ")";
+
+        $content =~ s@(?<=from )($req{$t}{'chunked-size'})@$h{'Number'}$1$h{'Standard'}@;
+        $content =~ s@(?<=to )($req{$t}{'dechunked-size'})@$h{'Number'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Decompression successful. Old size: (\d+), new size: (\d+)./) {
+
+        # Decompression successful. Old size: 670, new size: 1166.
+
+        $req{$t}{'size-compressed'} = $1;
+        $req{$t}{'size-decompressed'} = $2;
+        $req{$t}{'decompression-gain'} = $req{$t}{'size-decompressed'} - $req{$t}{'size-compressed'};
+
+        $content =~ s@(?<=Old size: )($req{$t}{'size-compressed'})@$h{'Number'}$1$h{'Standard'}@;
+        $content =~ s@(?<=new size: )($req{$t}{'size-decompressed'})@$h{'Number'}$1$h{'Standard'}@;
+
+        # XXX: Create sub get_percentage()
+        if ($req{$t}{'size-decompressed'}) {
+            $req{$t}{'decompression-gain-percent'} =
+                $req{$t}{'decompression-gain'} / $req{$t}{'size-decompressed'} * 100;
+
+            $content .= " (saved: ";
+            #$content .= h('Number') . $req{$t}{'decompression-gain'} . h('Standard');
+            #$content .= "/";
+            $content .= h('Number') . sprintf("%.2f%%", $req{$t}{'decompression-gain-percent'}) . h('Standard');
+            $content .= ")";
+        }
+
+    } elsif ($c =~ m/^(Need to de-chunk first)/) {
+
+        # Need to de-chunk first
+        return '' if SUPPRESS_NEED_TO_DE_CHUNK_FIRST;
+
+    } elsif ($c =~ m/^(Adding (?:dynamic )?re_filter job)/) {
+
+        return ''  if (SUPPRESS_SUCCEEDED_FILTER_ADDITIONS && m/succeeded/);
+
+        # Adding re_filter job ...
+        # Adding dynamic re_filter job s@^(?:\w*)\s+.*\s+HTTP/\d\.\d\s*@IP-ADDRESS: $origin at D\
+        #  to filter client-ip-address succeeded.
+
+    } elsif ($c =~ m/^Reading in filter/) {
+
+        return '' unless SHOW_FILTER_READIN_IN;
+
+    } else {
+
+        found_unknown_content($content);
+
+    }
+
+    return $content;
+}
+
+sub handle_loglevel_redirect ($) {
+
+    my $c = shift;
+    our $t;
+    our %req;
+    our %h;
+
+    if ($c =~ m/^Decoding "([^""]*)"/) {
+
+         $req{$t}{'original-destination'} = $1;
+         $c = highlight_matched_path($c, '(?<=Decoding ")[^"]*');
+         $c =~ s@\"@@g;
+
+    } elsif ($c =~ m/^Checking/) {
+
+         # Checking /_ylt=A0geu.Z76BRGR9k/**http://search.yahoo.com/search?p=view+odb+presentation+on+freebsd\
+         #  &ei=UTF-8&xargs=0&pstart=1&fr=moz2&b=11 for redirects.
+
+         # TODO: Change colour if really url-decoded
+         $req{$t}{'decoded-original-destination'} = $1;
+         $c = highlight_matched_path($c, '(?<=Checking ")[^"]*');
+         $c =~ s@\"@@g;
+
+    } elsif ($c =~ m/^pcrs command "([^""]*)" changed "([^""]*)" to "([^""]*)" \((\d+) hits?\)/) {
+
+        # pcrs command "s@&from=rss@@" changed "http://it.slashdot.org/article.pl?sid=07/03/02/1657247&from=rss"\
+        #  to "http://it.slashdot.org/article.pl?sid=07/03/02/1657247" (1 hit).
+
+        my ($pcrs_command, $url_before, $url_after, $hits) = ($1, $2, $3, $4); # XXX: save these?
+
+        $c =~ s@(?<=pcrs command )"([^""]*)"@$h{'filter'}$1$h{'Standard'}@;
+        $c = highlight_matched_url($c, '(?<=changed ")[^""]*');
+        $c =~ s@(?<=changed )"([^""]*)"@$1@; # Remove quotes
+        $c = highlight_matched_url($c, '(?<=to ")[^""]*');
+        $c =~ s@(?<=to )"([^""]*)"@$1@; # Remove quotes
+        $c =~ s@(\d+)(?= hits?)@$h{'hits'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/(^New URL is: )(.*)/) {
+
+        # New URL is: http://it.slashdot.org/article.pl?sid=07/03/04/1511210
+        # XXX: Use URL highlighter
+        # XXX: Save?
+        $c = $1 . h('rewritten-URL') . $2 . h('Standard');
+
+    } elsif ($c =~ m/No pcrs command recognized, assuming that/) {
+        # No pcrs command recognized, assuming that "http://config.privoxy.org/user-manual/favicon.png"\
+        #  is already properly formatted.
+        # XXX: assume the same?
+        $c = highlight_matched_url($c, '(?<=assuming that \")[^"]*');
+
+    } else {
+
+        found_unknown_content($c);
+
+    }
+
+    return $c;
+}
+
+sub handle_loglevel_gif_deanimate ($) {
+
+    my $content = shift;
+    our $t;
+    our %req;
+    our %h;
+
+    if ($content =~ m/Success! GIF shrunk from (\d+) bytes to (\d+)\./) {
+
+        my $bytes_from = $1;
+        my $bytes_to = $2;
+        # Gif-Deanimate: Success! GIF shrunk from 205 bytes to 133.
+        $content =~ s@$bytes_from@$h{'Number'}$bytes_from$h{'Standard'}@;
+        # XXX: Do we need g in case of ($1 == $2)?
+        $content =~ s@$bytes_to@$h{'Number'}$bytes_to$h{'Standard'}@;
+
+    } elsif ($content =~ m/GIF (not) changed/) {
+
+        # Gif-Deanimate: GIF not changed.
+        return '' if SUPPRESS_GIF_NOT_CHANGED;
+        $content =~ s@($1)@$h{'not'}$1$h{'Standard'}@;
+
+    } elsif ($content =~ m/^failed! \(gif parsing\)/) {
+
+        # failed! (gif parsing)
+        # XXX: Replace this error message with something less stupid 
+        $content =~ s@(failed!)@$h{'error'}$1$h{'Standard'}@;
+
+    } elsif ($content =~ m/^Need to de-chunk first/) {
+
+        # Need to de-chunk first
+        return '' if SUPPRESS_NEED_TO_DE_CHUNK_FIRST;
+
+    } elsif ($content =~ m/^(?:No GIF header found|failed while parsing)/) {
+
+        # No GIF header found (XXX: Did I ever commit this?)
+        # failed while parsing 195 134747048 (XXX: never commited)
+
+        # Ignore these for now
+
+    } else {
+
+        found_unknown_content($content);
+
+    }
+
+    return $content;
+}
+
+sub handle_loglevel_request ($) {
+
+    my $content = shift;
+    our $t;
+    our %req;
+    our %h;
+    our %reason_colours;
+
+    if ($content =~ m/crunch! /) {
+
+        # config.privoxy.org/send-stylesheet crunch! (CGI Call)
+
+        # Highlight crunch reasons
+        foreach my $reason (keys %reason_colours) {
+            $content =~ s@\(($reason)\)@$reason_colours{$reason}($1)$h{'Standard'}@g;
+        }
+        # Highlight request URL domain and ditch 'crunch!'
+        $content = highlight_matched_pattern($content, 'request_', '[^ ]*(?= crunch!)');
+        $content =~ s@ crunch!@@;
+
+    } elsif ($content =~ m/\[too long, truncated\]$/) {
+
+        # config.privoxy.org/edit-actions-submit?f=3&v=1176116716&s=7&Submit=Submit[...]&filter... [too long, truncated]
+        $content = highlight_matched_pattern($content, 'request_', '^.*(?=\.\.\. \[too long, truncated\]$)');
+
+    } elsif ($content =~ m/(.*)/) { # XXX: Pretty stupid
+
+        # trac.vidalia-project.net/wiki/Volunteer?format=txt
+        $content = h('request_') . $content . h('Standard');
+
+    } else {  # XXX: Nop
+
+        found_unknown_content($content);
+
+    }
+            
+    return $content;
+}
+
+sub handle_loglevel_crunch ($) {
+
+    my $content = shift;
+    our %h;
+    our %reason_colours;
+
+    # Highlight crunch reason
+    foreach my $reason (keys %reason_colours) {
+        $content =~ s@($reason)@$reason_colours{$reason}$1$h{'Standard'}@g;
+    }
+
+    if ($content =~ m/\[too long, truncated\]$/) {
+
+        # Blocked: config.privoxy.org/edit-actions-submit?f=3&v=1176116716&s=7&Submit=Submit\
+        #  [...]&filter... [too long, truncated]
+        $content = highlight_matched_pattern($content, 'request_', '^.*(?=\.\.\. \[too long, truncated\]$)');
+
+    } else {
+
+        # Blocked: http://ads.example.org/
+        $content = highlight_matched_pattern($content, 'request_', '(?<=: ).*');
+    }
+
+    return $content;
+}
+
+sub handle_loglevel_connect ($) {
+
+    my $c = shift;
+    our $t;
+    our %req;
+    our %h;
+
+    if ($c =~ m/^via [^\s]+ to: [^\s]+/) {
+
+        # Connect: via 10.0.0.1:8123 to: www.example.org.noconnect
+
+        $c = highlight_matched_host($c, '(?<=via )[^\s]+');
+        $c = highlight_matched_host($c, '(?<=to: )[^\s]+');
+
+    } elsif ($c =~ m/^connect to: .* failed: .*/) {
+
+        # connect to: www.example.org.noconnect failed: Operation not permitted
+
+        $c = highlight_matched_host($c, '(?<=connect to: )[^\s]+');
+
+        $c =~ s@(?<=failed: )(.*)@$h{'error'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^to ([^\s]*) successful$/) {
+
+        # Connect: to www.nzherald.co.nz successful
+
+        return '' if SUPPRESS_SUCCESSFUL_CONNECTIONS;
+        $c = highlight_matched_host($c, '(?<=to )[^\s]+');
+
+    } elsif ($c =~ m/^to ([^\s]*)$/) {
+
+        # Connect: to lists.sourceforge.net:443
+
+        $c = highlight_matched_host($c, '(?<=to )[^\s]+');
+
+    } elsif ($c =~ m/^accepted connection from .*/ or
+             $c =~ m/^OK/) {
+
+        # accepted connection from 10.0.0.1
+        # Privoxy 3.0.6 and earlier just say:
+        # OK
+        return '' if SUPPRESS_ACCEPTED_CONNECTIONS;
+        $c = highlight_matched_host($c, '(?<=connection from ).*');
+
+    } elsif ($c =~ m/^write header to: .* failed:/) {
+
+        # write header to: 10.0.0.1 failed: Broken pipe
+
+        $c = highlight_matched_host($c, '(?<=write header to: )[^\s]*');
+        $c =~ s@(?<=failed: )(.*)@$h{'Error'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^write header to client failed:/) {
+
+        # write header to client failed: Broken pipe
+        # XXX: Stil in use?
+        $c =~ s@(?<=failed: )(.*)@$h{'Error'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^socks4_connect:/) {
+
+        # socks4_connect: SOCKS request rejected or failed.
+        $c =~ s@(?<=socks4_connect: )(.*)@$h{'Error'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Listening for new connections/ or
+             $c =~ m/^accept connection/) {
+        # XXX: Highlight?
+        # Privoxy versions above 3.0.6 say:
+        # Listening for new connections ...
+        # earlier versions say:
+        # accept connection ...
+        return '';
+
+    } elsif ($c =~ m/^accept failed:/) {
+
+        $c =~ s@(?<=accept failed: )(.*)@$h{'Error'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Overriding forwarding settings/) {
+
+        # Overriding forwarding settings based on 'forward 10.0.0.1:8123'
+        $c =~ s@(?<=based on \')(.*)(?=\')@$h{'configuration-line'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Denying suspicious CONNECT request from/) {
+
+        # Denying suspicious CONNECT request from 10.0.0.1
+        $c = highlight_matched_host($c, '(?<=from )[^\s]+'); # XXX: not an URL
+
+    } elsif ($c =~ m/^socks5_connect:/) {
+    
+        $c =~ s@(?<=socks5_connect: )(.*)@$h{'error'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Created new connection to/) {
+
+        # Created new connection to www.privoxy.org:80 on socket 11.
+        $c = highlight_matched_host($c, '(?<=connection to )[^\s]+');
+        $c =~ s@(?<=on socket )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^^Found reusable socket/) {
+
+        # Found reusable socket 9 for www.privoxy.org:80 in slot 0.
+        $c =~ s@(?<=Found reusable socket )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+        $c = highlight_matched_host($c, '(?<=for )[^\s]+');
+        $c =~ s@(?<=in slot )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Marking open socket/) {
+
+        # Marking open socket 9 for www.privoxy.org:80 in slot 0 as unused.
+        $c =~ s@(?<=Marking open socket )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+        $c = highlight_matched_host($c, '(?<=for )[^\s]+');
+        $c =~ s@(?<=in slot )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^No reusable/) {
+
+        # No reusable socket for addons.mozilla.org:443 found. Opening a new one.
+        $c = highlight_matched_host($c, '(?<=for )[^\s]+');
+
+    } elsif ($c =~ m/^(Remembering|Forgetting) socket/) {
+
+        # Remembering socket 13 for www.privoxy.org:80 in slot 0.
+        # Forgetting socket 38 for www.privoxy.org:80 in slot 5.
+        $c =~ s@(?<=socket )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+        $c = highlight_matched_host($c, '(?<=for )[^\s]+');
+        $c =~ s@(?<=in slot )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Socket/) {
+
+        # Socket 16 already forgotten or never remembered.
+        $c =~ s@(?<=Socket )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^The connection to/) {
+
+        # The connection to www.privoxy.org:80 in slot 6 timed out. Closing socket 19. Timeout is: 61.
+        # The connection to 10.0.0.1:80 in slot 0 is no longer usable. Closing socket 4.
+        $c = highlight_matched_host($c, '(?<=connection to )[^\s]+');
+        $c =~ s@(?<=in slot )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+        $c =~ s@(?<=Closing socket )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+        $c =~ s@(?<=Timeout is: )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Waiting for/) {
+
+        # Waiting for 1 connections to timeout.
+        $c =~ s@(?<=^Waiting for )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Initialized/) {
+
+        # Initialized 20 socket slots.
+        $c =~ s@(?<=Initialized )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Done reading from server/) {
+
+        # Done reading from server. Expected content length: 24892. \
+        #  Actual content length: 24892. Most recently received: 4412.
+        $c =~ s@(?<=Expected content length: )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+        $c =~ s@(?<=Actual content length: )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+        $c =~ s@(?<=received: )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Continuing buffering headers/) {
+
+        # Continuing buffering headers. byte_count: 19. header_offset: 517. len: 536.
+        $c =~ s@(?<=byte_count: )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+        $c =~ s@(?<=header_offset: )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+        $c =~ s@(?<=len: )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Received \d+ bytes while/) {
+
+        # Received 206 bytes while expecting 12103.
+        $c =~ s@(?<=Received )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+        $c =~ s@(?<=expecting )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Connection from/) {
+
+        # Connection from 81.163.28.218 dropped due to ACL
+        $c =~ s@(?<=^Connection from )((?:\d+\.?){4})@$h{'Number'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Looks like we rea/ or
+             $c =~ m/^Unsetting keep-alive flag/ or
+             $c =~ m/^No connections to wait/) {
+
+        # Looks like we reached the end of the last chunk. We better stop reading.
+        # Looks like we read the end of the last chunk together with the server \
+        #  headers. We better stop reading.
+        # Unsetting keep-alive flag.
+        # No connections to wait for left.
+
+    } else {
+
+        found_unknown_content($c);
+
+    }
+            
+    return $c;
+}
+
+
+sub handle_loglevel_info ($) {
+
+    my $c = shift;
+    our $t;
+    our %req;
+    our %h;
+ 
+    if ($c =~ m/^Rewrite detected:/) {
+
+        # Rewrite detected: GET http://10.0.0.2:88/blah.txt HTTP/1.1
+        $c = highlight_matched_request_line($c, '(?<=^Rewrite detected: ).*');
+
+    } elsif ($c =~ m/^Decompress(ing deflated|ion didn)/ or
+             $c =~ m/^Compressed content detected/ or
+             $c =~ m/^Tagger/
+            ) {
+        # Decompressing deflated iob: 117
+        # Decompression didn't result in any content.
+        # Compressed content detected, content filtering disabled. Consider recompiling Privoxy\
+        #  with zlib support or enable the prevent-compression action.
+        # Tagger 'complete-url' created empty tag. Ignored.
+
+        # Ignored for now
+
+    } elsif ($c =~ m/^(Re)?loading configuration file /) {
+
+        # loading configuration file '/usr/local/etc/privoxy/config':
+        # Reloading configuration file '/usr/local/etc/privoxy/config'
+        $c =~ s@(?<=loading configuration file \')([^\']*)@$h{'file'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^exiting by signal/) {
+        
+        # exiting by signal 15 .. bye
+        $c =~ s@(?<=exiting by signal )(\d+)@$h{'signal'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Privoxy version/) {
+        
+        # Privoxy version 3.0.7
+        $c =~ s@(?<=^Privoxy version )(\d+\.\d+\.\d+)$@$h{'version'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Program name: /) {
+
+        # Program name: /usr/local/sbin/privoxy
+        $c =~ s@(?<=Program name: )(.*)@$h{'program-name'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Listening on port /) {
+
+        # Listening on port 8118 on IP address 10.0.0.1
+        $c =~ s@(?<=Listening on port )(\d+)@$h{'port'}$1$h{'Standard'}@;
+        $c =~ s@(?<=on IP address )(.*)@$h{'ip-address'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^\(Re-\)Open(?:ing)? logfile/) {
+
+        # (Re-)Open logfile /var/log/privoxy/privoxy.log
+        $c =~ s@(?<=Open logfile )(.*)@$h{'file'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^(Request from|Malformed server response detected)/) {
+
+        # Request from 10.0.0.1 denied. limit-connect{,} doesn't allow CONNECT requests to port 443.
+        # Request from 10.0.0.1 marked for blocking. limit-connect{,} doesn't allow CONNECT requests to port 443.
+        # Malformed server response detected. Downgrading to HTTP/1.0 impossible.
+
+        $c =~ s@(?<=Request from )([^\s]*)@$h{'ip-address'}$1$h{'Standard'}@;
+        $c =~ s@(denied|blocking)@$h{'warning'}$1$h{'Standard'}@;
+        $c =~ s@(CONNECT)@$h{'method'}$1$h{'Standard'}@;
+        $c =~ s@(?<=to port )(\d+)@$h{'port'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Status code/) {
+
+        # Status code 304 implies no body.
+        $c =~ s@(?<=Status code )(\d+)@$h{'status-code'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Method/) {
+
+        # Method HEAD implies no body.
+        $c =~ s@(?<=Method )([^\s]+)@$h{'method'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^Buffer limit reached while extending /) {
+
+        # Buffer limit reached while extending the buffer (iob). Needed: 4197470. Limit: 4194304
+        $c =~ s@(?<=Needed: )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+        $c =~ s@(?<=Limit: )(\d+)@$h{'Number'}$1$h{'Standard'}@;
+
+    } elsif ($c =~ m/^No logfile configured/ or
+             $c =~ m/^Malformerd HTTP headers detected and MS IIS5 hack enabled/ or
+             $c =~ m/^Invalid \"chunked\" transfer/ or
+             $c =~ m/^Support for/ or
+             $c =~ m/^Flushing header and buffers/
+             ) {
+
+        # No logfile configured. Please enable it before reporting any problems.
+        # Malformerd HTTP headers detected and MS IIS5 hack enabled. Expect an invalid \
+        #  response or even no response at all.
+        # No logfile configured. Logging disabled.
+        # Invalid "chunked" transfer encoding detected and ignored.
+        # Support for 'Connection: keep-alive' is experimental, incomplete and\
+        #  known not to work properly in some situations.
+        # Flushing header and buffers. Stepping back from filtering.
+
+    } else {
+
+        found_unknown_content($c);
+
+    }
+
+    return $c;
+}
+
+sub handle_loglevel_cgi ($) {
+
+    my $c = shift;
+    our $t;
+    our %req;
+    our %h;
+
+    if ($c =~ m/^Granting access to/) {
+      
+        #Granting access to http://config.privoxy.org/send-stylesheet, referrer http://p.p/ is trustworthy.
+
+    } elsif ($c =~ m/^Substituting: s(.)/) {
+      
+        # Substituting: s/@else-not-FEATURE_ZLIB at .*@endif-FEATURE_ZLIB@//sigTU
+        # XXX: prone to span several lines
+
+        my $delimiter = $1;
+        #$c =~ s@(?<=failed: )(.*)@$h{'error'}$1$h{'Standard'}@;
+        $c =~ s@(?!<=\\)($delimiter)@$h{'pcrs-delimiter'}$1$h{'Standard'}@g; # XXX: Too aggressive
+        #$c =~ s@(?!<=\\)($1)@$h{'pcrs-delimiter'}$1$h{'Standard'}@g;
+    }
+
+    return $c;
+}
+
+sub handle_loglevel_force ($) {
+
+    my $c = shift;
+    our $t;
+    our %req;
+    our %h;
+
+    if ($c =~ m/^Ignored force prefix in request:/) {
+      
+        # Ignored force prefix in request: "GET http://10.0.0.1/PRIVOXY-FORCE/block HTTP/1.1"
+        $c =~ s@^(Ignored)@$h{'ignored'}$1$h{'Standard'}@;
+        $c = highlight_matched_request_line($c, '(?<=request: ")[^"]*');
+
+    } elsif ($c =~ m/^Enforcing request:/) {
+      
+        # Enforcing request: "GET http://10.0.0.1/block HTTP/1.1".
+        $c = highlight_matched_request_line($c, '(?<=request: ")[^"]*');
+
+    } else {
+
+        found_unknown_content($c);
+
+    }
+
+    return $c;
+}
+
+sub handle_loglevel_ignore ($) {
+    return shift;
+}
+
+################################################################################
+# Functions that actually print stuff
+################################################################################
+
+sub print_clf_message () {
+
+    our ($ip, $timestamp, $request_line, $status_code, $size);
+    our %h;
+    my $output = '';
+
+    return if DEBUG_SUPPRESS_LOG_MESSAGES;
+
+    # Rebuild highlighted
+    $output .= $h{'Number'} . $ip . $h{'Standard'};
+    $output .= " - - ";
+    $output .= "[" . $h{'Timestamp'} . $timestamp . $h{'Standard'} . "]";
+    $output .= " ";
+    $output .= "\"" . highlight_request_line("$request_line") . "\"";
+    $output .= " ";
+    $output .= $h{'Status'} . $status_code . $h{'Standard'};
+    $output .= " ";
+    $output .= $h{'Number'} . $size . $h{'Standard'};
+    $output .= get_line_end();
+
+    print $output;
+}
+
+sub print_non_clf_message ($) {
+
+    our %req;
+    our %thread_colours;
+    our %h;
+    our $t;
+    our $time_colour_index;
+    our @time_colours;
+    my $output;
+    my $content = shift;
+    my ($day, $time_stamp, $msecs, $thread, $log_level)
+     = ($req{$t}{'day'}, $req{$t}{'time-stamp'}, $req{$t}{'msecs'}, $t, $req{$t}{'log-level'} );
+
+    return if DEBUG_SUPPRESS_LOG_MESSAGES;
+
+    $output .= $h{"Standard"} unless cli_option_is_set('html-output');
+    #    $output .= "$day ";
+    $output .= $time_colours[$time_colour_index % 2]; 
+
+    $output .= $time_stamp;
+    $output .= ".$msecs" unless cli_option_is_set('no-msecs');
+    $output .= $h{"Standard"};
+    $output .= " ";
+    $output .= $thread_colours{$thread} if (defined($thread_colours{$thread}));
+    $output .= $thread;
+    $output .= $h{"Standard"} . " ";
+    $output .= $h{$log_level} if (defined($h{$log_level}));
+    $output .= $log_level;
+    $output .= $h{"Standard"} . ": ";
+    $output .= "$content";
+    $output .= get_line_end();
+
+    print $output;
+}
+
+sub parse_loop () {
+
+    our $t;
+    our %req; # request data from previous lines
+    our %h;
+    our %thread_colours;
+    our @all_colours;
+    our @time_colours;
+    our $thread_colour_index = 0;
+    our $header_colour_index = 0;
+    our $time_colour_index = 0;
+
+    my ($day, $time_stamp, $thread, $log_level, $content, $c, $msecs);
+    my $last_msecs  = 0;
+    my $last_thread = 0;
+    my $last_timestamp = 0;
+    my $output;
+    my $filters_that_did_nothing;
+    my $key;
+    my $time_colour;
+    our $no_special_header_highlighting;
+    $time_colour = paint_it('white');
+    my %log_level_count;
+
+    my %log_level_handlers = (
+        'Re-Filter'     => \&handle_loglevel_re_filter,
+        'Header'        => \&handle_loglevel_header,
+        'Connect'       => \&handle_loglevel_connect,
+        'Redirect'      => \&handle_loglevel_redirect,
+        'Request'       => \&handle_loglevel_request,
+        'Crunch'        => \&handle_loglevel_crunch,
+        'Gif-Deanimate' => \&handle_loglevel_gif_deanimate,
+        'Info'          => \&handle_loglevel_info,
+        'CGI'           => \&handle_loglevel_cgi,
+        'Force'         => \&handle_loglevel_force,
+        'Error'         => \&handle_loglevel_ignore,
+        'Fatal error'   => \&handle_loglevel_ignore,
+        'Writing'       => \&handle_loglevel_ignore,
+    );
+
+    while (<>) {
+ 
+        $output = '';
+
+        if (m/^(\w{3} \d{2}) (\d\d:\d\d:\d\d)\.?(\d+)? (?:Privoxy\()?([^\)\s]*)[\)]? ([\w -]*): (.*)$/) {
+            # XXX: Put in req hash?
+            $day = $1;
+            $time_stamp = $2;
+            $msecs = $3 ? $3 : 0; # Only the cool kids have micro second resolution
+            $log_level = $5;
+            $content = $c = $6;
+            $thread = $t = $4;
+
+            $req{$t}{'day'} = $day;
+            $req{$t}{'time-stamp'} = $time_stamp;
+            $req{$t}{'msecs'} = $msecs; # Only the cool kids have micro second resolution;
+            $req{$t}{'log-level'} = $log_level;
+            $req{$t}{'content'} = $content;
+            $req{$t}{'log-message'} = $_;
+            $no_special_header_highlighting = 0;
+
+            $log_level_count{$log_level}++;
+
+            if (defined($log_level_handlers{$log_level})) {
+
+                $content = $log_level_handlers{$log_level}($content);
+
+            } else {
+
+                die "No handler found for log level \"$log_level\"\n";
+
+            }
+
+            # Highlight Truncations    
+            if (m/\.\.\. \[(too long, truncated)/) {
+                $content =~ s@($1)@$h{'Truncation'}$1$h{'Standard'}@g;
+            }
+
+            next unless $content;
+
+            # Register threads to keep the colour constant
+            if (!defined($thread_colours{$thread})) {
+                $thread_colours{$thread} = $all_colours[$thread_colour_index % @all_colours];
+                $thread_colour_index++;
+            }
+
+            # Switch timestamp colour if timestamps differ
+            if ($msecs != $last_msecs || !($time_stamp =~ m/$last_timestamp/)) {
+               debug_message("Tick tack!") if DEBUG_TICKS;
+               $time_colour = $time_colours[$time_colour_index % 2]; 
+               $time_colour_index++
+            }
+
+            $last_msecs = $msecs;
+            $last_thread = $thread;
+            $last_timestamp = $time_stamp;
+
+            print_non_clf_message($content);
+
+        } elsif (m/^(\d+\.\d+\.\d+\.\d+) - - \[(.*)\] "(.*)" (\d+) (\d+)/) {
+
+            # LOG_LEVEL_CLF lines look like this
+            # 61.152.239.32 - - [04/Mar/2007:18:28:23 +0100] "GET \
+            #  http://ad.yieldmanager.com/imp?z=1&Z=120x600&s=109339&u=http%3A%2F%2Fwww.365loan.co.uk%2F&r=1\
+            #  HTTP/1.1" 403 1730
+            our ($ip, $timestamp, $request_line, $status_code, $size) = ($1, $2, $3, $4, $5);
+
+            print_clf_message();
+    
+        } else {
+
+            # Some Privoxy log messages span more than one line,
+            # usually to dump lots of content that doesn't need any syntax highlighting.
+            # XXX: add mechanism to forward these lines to the right handler anyway.
+            chomp();
+            unless (DEBUG_SUPPRESS_LOG_MESSAGES or (SUPPRESS_EMPTY_LINES and m/^\s+$/)) {
+                print and print get_line_end(); # unless (SUPPRESS_EMPTY_LINES and m/^\s+$/);
+            }
+        }
+    }
+
+    if (cli_option_is_set('statistic')) {
+        foreach (keys %log_level_count) {
+            print $_ . ": " . $log_level_count{$_} . " ";
+        }
+    }
+}
+
+sub VersionMessage {
+    my $version_message;
+
+    $version_message .= 'Privoxy-Log-Parser ' . PRIVOXY_LOG_PARSER_VERSION  . "\n";
+    $version_message .= 'Copyright (C) 2007-2009 Fabian Keil <fk at fabiankeil.de>' . "\n";
+    $version_message .= 'http://www.fabiankeil.de/sourcecode/privoxy-log-parser/' . "\n";
+
+    print $version_message;
+}
+
+sub get_cli_options () {
+
+    our %cli_options = (
+        'html-output'              => CLI_OPTION_DEFAULT_TO_HTML_OUTPUT,
+        'title'                    => CLI_OPTION_TITLE,
+        'no-syntax-highlighting'   => CLI_OPTION_NO_SYNTAX_HIGHLIGHTING,
+        'no-embedded-css'          => CLI_OPTION_NO_EMBEDDED_CSS,
+        'no-msecs'                 => CLI_OPTION_NO_MSECS,
+        'show-ineffective-filters' => CLI_OPTION_SHOW_INEFFECTIVE_FILTERS,
+        'accept-unknown-messages'  => CLI_OPTION_ACCEPT_UNKNOWN_MESSAGES,
+        'statistic'                => CLI_OPTION_STATISTIC,
+    ); 
+
+    GetOptions (
+        'html-output'              => \$cli_options{'html-output'},
+        'title'                    => \$cli_options{'title'},
+        'no-syntax-highlighting'   => \$cli_options{'no-syntax-highlighting'},
+        'no-embedded-css'          => \$cli_options{'no-embedded-css'},
+        'no-msecs'                 => \$cli_options{'no-msecs'},
+        'show-ineffective-filters' => \$cli_options{'show-ineffective-filters'},
+        'accept-unknown-messages'  => \$cli_options{'accept-unknown-messages'},
+        'statistic'                => \$cli_options{'statistic'},
+        'version'                  => sub { VersionMessage && exit(0) }
+   );
+}
+
+
+
+################################################################################
+# main
+################################################################################
+sub main () {
+
+    get_cli_options();
+    set_background(DEFAULT_BACKGROUND);
+    prepare_our_stuff();
+
+    print_intro();
+
+    parse_loop();
+
+    print_outro();
+}
+
+main();
+
+=head1 NAME
+
+B<privoxy-log-parser> - A parser and syntax-highlighter for Privoxy log messages
+
+=head1 SYNOPSIS
+
+B<privoxy-log-parser> [B<--accept-unknown-messages>] [B<--html-output>]
+[B<--no-msecs>] [B<--no-syntax-higlighting>] [B<--show-ineffective-filters>]
+[B<--version>]
+
+=head1 DESCRIPTION
+
+B<privoxy-log-parser> reads Privoxy log messages and
+
+- syntax-highlights recognized lines,
+
+- reformats some of them for easier comprehension,
+
+- filters out less useful messages, and
+
+- (in some cases) calculates additional information,
+  like the compression ratio or how a filter affected
+  the content size.
+ 
+With B<privoxy-log-parser> you should be able to increase Privoxy's log level
+without getting confused by the resulting amount of output. For example for
+"debug 64" B<privoxy-log-parser> will (by default) only show messages that
+affect the content. If a filter doesn't cause any hits, B<privoxy-log-parser>
+will hide the "filter foo caused 0 hits" message.
+
+=head1 OPTIONS
+
+[B<--accept-unknown-messages>] Don't print warnings in case of unknown messages,
+just don't highlight them.
+
+[B<--html-output>] Use HTML and CSS for the syntax highlighting. If this option is
+omitted, ANSI escape sequences are used unless B<--no-syntax-highlighting> is active.
+This option is only intended to make embedding log excerpts in web pages easier.
+It does not excape any input!
+
+[B<--no-msecs>] Don't expect milisecond resolution
+
+[B<--no-syntax-highlighting>] Disable syntax-highlighting. Useful when
+the filtered output is piped into less in which case the ANSI control
+codes don't work, or if the terminal itself doesn't support the control
+codes.
+
+[B<--show-ineffective-filters>] Don't suppress log lines for filters
+that didn't modify the content.
+
+[B<--version>] Print version and exit.
+
+=head1 EXAMPLES
+
+To monitor a log file:
+
+tail -F /usr/jails/privoxy-jail/var/log/privoxy/privoxy.log | B<privoxy-log-parser>
+
+Replace '-F' with '-f' if your tail implementation lacks '-F' support
+or if the log won't get rotated anyway. The log file location depends
+on your system (Doh!).
+
+To monitor Privoxy without having it write to a log file:
+
+privoxy --no-daemon /usr/jails/privoxy-jail/usr/local/etc/privoxy/config 2>&1 | B<privoxy-log-parser>
+
+Again, the config file location depends on your system. Output redirection
+depends on your shell, the above works with bourne shells.
+
+To read a processed Privoxy log file from top to bottom, letting the content
+scroll by slightly faster than you can read:
+
+B<privoxy-log-parser> < /usr/jails/privoxy-jail/var/log/privoxy/privoxy.log
+
+This is probably only useful to fill screens in the background of haxor movies.
+
+=head1 CAVEATS
+
+Syntax highlighting with ANSI escape sequences will look strange
+if your background color isn't black.
+
+Some messages aren't recognized yet and will not be fully highlighted.
+
+B<privoxy-log-parser> is developed with Privoxy 3.0.7 or later in mind,
+using earlier Privoxy versions will probably result in an increased amount
+of unrecognized log lines.
+
+Privoxy's log files tend to be rather large. If you use HTML
+highlighting some browsers can't handle them, get confused and
+will eventually crash because of segmentation faults or unexpected
+exceptions. This is a problem in the browser and not B<privoxy-log-parser>'s
+fault.
+
+=head1 BUGS
+
+Many settings can't be controlled through command line options yet.
+
+=head1 SEE ALSO
+
+privoxy(1)
+
+=head1 AUTHOR
+
+Fabian Keil <fk at fabiankeil.de>
+
+=cut
diff --git a/external/privoxy/tools/privoxy-regression-test.pl b/external/privoxy/tools/privoxy-regression-test.pl
new file mode 100755
index 0000000..c7269b7
--- /dev/null
+++ b/external/privoxy/tools/privoxy-regression-test.pl
@@ -0,0 +1,1754 @@
+#!/usr/bin/perl
+
+############################################################################
+#
+# Privoxy-Regression-Test
+#
+# A regression test "framework" for Privoxy. For documentation see:
+# perldoc privoxy-regression-test.pl
+#
+# $Id: privoxy-regression-test.pl,v 1.34 2009/02/27 18:35:22 fabiankeil Exp $
+#
+# Wish list:
+#
+# - Update documentation
+# - Validate HTTP times.
+# - Implement a HTTP_VERSION directive or allow to
+#   specify whole request lines.
+# - Support filter regression tests.
+# - Document magic Expect Header values
+# - Internal fuzz support?
+#
+# Copyright (c) 2007-2009 Fabian Keil <fk at fabiankeil.de>
+#
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+############################################################################
+
+use warnings;
+use strict;
+use Getopt::Long;
+
+use constant {
+    PRT_VERSION => 'Privoxy-Regression-Test 0.3',
+ 
+    CURL => 'curl',
+
+    # CLI option defaults
+    CLI_RETRIES   => 1,
+    CLI_LOOPS     => 1,
+    CLI_MAX_TIME  => 5,
+    CLI_MIN_LEVEL => 0,
+    # XXX: why limit at all?
+    CLI_MAX_LEVEL => 100,
+    CLI_FORKS     => 0,
+
+    PRIVOXY_CGI_URL  => 'http://p.p/',
+    FELLATIO_URL     => 'http://127.0.0.1:8080/',
+    LEADING_LOG_DATE => 1,
+    LEADING_LOG_TIME => 1,
+
+    DEBUG_LEVEL_FILE_LOADING    => 0,
+    DEBUG_LEVEL_PAGE_FETCHING   => 0,
+    DEBUG_LEVEL_VERBOSE_FAILURE => 1,
+    # XXX: Only partly implemented and mostly useless.
+    DEBUG_LEVEL_VERBOSE_SUCCESS => 0,
+    DEBUG_LEVEL_STATUS          => 1,
+
+    VERBOSE_TEST_DESCRIPTION    => 1,
+
+    # Internal use, don't modify
+    # Available debug bits:
+    LL_ERROR            =>  1,
+    LL_VERBOSE_FAILURE  =>  2,
+    LL_PAGE_FETCHING    =>  4,
+    LL_FILE_LOADING     =>  8,
+    LL_VERBOSE_SUCCESS  => 16,
+    LL_STATUS           => 32,
+    LL_SOFT_ERROR       => 64,
+
+    CLIENT_HEADER_TEST  =>  1,
+    SERVER_HEADER_TEST  =>  2,
+    DUMB_FETCH_TEST     =>  3,
+    METHOD_TEST         =>  4,
+    STICKY_ACTIONS_TEST =>  5,
+    TRUSTED_CGI_REQUEST =>  6,
+    BLOCK_TEST          =>  7,
+};
+
+sub init_our_variables () {
+
+    our $leading_log_time = LEADING_LOG_TIME;
+    our $leading_log_date = LEADING_LOG_DATE;
+
+    our $privoxy_cgi_url  = PRIVOXY_CGI_URL;
+
+    our $verbose_test_description = VERBOSE_TEST_DESCRIPTION;
+
+    our $log_level = get_default_log_level();
+
+}
+
+sub get_default_log_level () {
+    
+    my $log_level = 0;
+
+    $log_level |= LL_FILE_LOADING    if DEBUG_LEVEL_FILE_LOADING;
+    $log_level |= LL_PAGE_FETCHING   if DEBUG_LEVEL_PAGE_FETCHING;
+    $log_level |= LL_VERBOSE_FAILURE if DEBUG_LEVEL_VERBOSE_FAILURE;
+    $log_level |= LL_VERBOSE_SUCCESS if DEBUG_LEVEL_VERBOSE_SUCCESS;
+    $log_level |= LL_STATUS          if DEBUG_LEVEL_STATUS;
+
+    # These are intended to be always on.
+    $log_level |= LL_SOFT_ERROR;
+    $log_level |= LL_ERROR;
+
+    return $log_level;
+}
+
+############################################################################
+#
+# File loading functions
+#
+############################################################################
+
+sub parse_tag ($) {
+
+    my $tag = shift;
+
+    # Remove anchors
+    $tag =~ s@[\$\^]@@g;
+    # Unescape brackets and dots
+    $tag =~ s@\\(?=[{}().+])@@g;
+
+    # log_message("Parsed tag: " . $tag);
+
+    check_for_forbidden_characters($tag);
+
+    return $tag;
+}
+
+sub check_for_forbidden_characters ($) {
+
+    my $tag = shift; # XXX: also used to check values though.
+    my $allowed = '[-=\dA-Za-z~{}:.\/();\s,+@"_%\?&*^]';
+
+    unless ($tag =~ m/^$allowed*$/) {
+        my $forbidden = $tag;
+        $forbidden =~ s@^$allowed*(.).*@$1@;
+
+        l(LL_ERROR, "'" . $tag . "' contains character '" . $forbidden. "' which is unacceptable.");
+    }
+}
+
+sub load_regressions_tests () {
+
+    our $privoxy_cgi_url;
+    our @privoxy_config;
+    our %privoxy_features;
+    my @actionfiles;
+    my $curl_url = '';
+    my $file_number = 0;
+    my $feature;
+
+    $curl_url .= $privoxy_cgi_url;
+    $curl_url .= 'show-status';
+
+    l(LL_STATUS, "Asking Privoxy for the number of action files available ...");
+
+    foreach (@{get_cgi_page_or_else($curl_url)}) {
+
+        chomp;
+        if (/<td>(.*?)<\/td><td class=\"buttons\"><a href=\"\/show-status\?file=actions&index=(\d+)\">/) {
+
+            my $url = $privoxy_cgi_url . 'show-status?file=actions&index=' . $2;
+            $actionfiles[$file_number++] = $url;
+
+        } elsif (m at config\.html#.*\">([^<]*)</a>\s+(.*)<br>@) {
+
+            my $directive = $1 . " " . $2;
+            push (@privoxy_config, $directive);
+
+        } elsif (m@<td><code>([^<]*)</code></td>@) {
+
+            $feature = $1;
+
+        } elsif (m@<td> (Yes|No) </td>@) {
+
+            $privoxy_features{$feature} = $1 if defined $feature;
+            $feature = undef;
+        }
+    }
+
+    l(LL_FILE_LOADING, "Recognized " . @actionfiles . " actions files");
+
+    load_action_files(\@actionfiles);
+}
+
+sub token_starts_new_test ($) {
+
+    my $token = shift;
+    my @new_test_directives = ('set header', 'fetch test',
+         'trusted cgi request', 'request header', 'method test',
+         'blocked url', 'url');
+
+    foreach my $new_test_directive (@new_test_directives) {
+        return 1 if $new_test_directive eq $token;
+    }
+
+    return 0;
+}
+
+sub tokenize ($) {
+
+    my ($token, $value) = (undef, undef);
+
+    # Remove leading and trailing white space.
+    s@^\s*@@;
+    s@\s*$@@;
+
+    # Reverse HTML-encoding
+    # XXX: Seriously imcomplete. 
+    s@"@"@g;
+    s@&@&@g;
+
+    # Tokenize
+    if (/^\#\s*([^=:]*?)\s*[=]\s*(.+?)\s*$/) {
+
+        $token = $1;
+        $value = $2;
+
+        $token =~ s@\s\s+@ @g;
+        $token =~ tr/[A-Z]/[a-z]/;
+
+    } elsif (/^TAG\s*:(.*)$/) {
+
+        $token = 'tag';
+        $value = $1;
+    }
+
+    return ($token, $value);
+}
+
+sub enlist_new_test ($$$$$$) {
+
+    my ($regression_tests, $token, $value, $si, $ri, $number) = @_;
+    my $type;
+
+    if ($token eq 'set header') {
+
+        l(LL_FILE_LOADING, "Header to set: " . $value);
+        $type = CLIENT_HEADER_TEST;
+
+    } elsif ($token eq 'request header') {
+
+        l(LL_FILE_LOADING, "Header to request: " . $value);
+        $type = SERVER_HEADER_TEST;
+        $$regression_tests[$si][$ri]{'expected-status-code'} = 200;
+
+    } elsif ($token eq 'trusted cgi request') {
+
+        l(LL_FILE_LOADING, "CGI URL to test in a dumb way: " . $value);
+        $type = TRUSTED_CGI_REQUEST;
+        $$regression_tests[$si][$ri]{'expected-status-code'} = 200;
+
+    } elsif ($token eq 'fetch test') {
+
+        l(LL_FILE_LOADING, "URL to test in a dumb way: " . $value);
+        $type = DUMB_FETCH_TEST;
+        $$regression_tests[$si][$ri]{'expected-status-code'} = 200;
+
+    } elsif ($token eq 'method test') {
+
+        l(LL_FILE_LOADING, "Method to test: " . $value);
+        $type = METHOD_TEST;
+        $$regression_tests[$si][$ri]{'expected-status-code'} = 200;
+
+    } elsif ($token eq 'blocked url') {
+
+        l(LL_FILE_LOADING, "URL to block-test: " . $value);
+        $type = BLOCK_TEST;
+
+    } elsif ($token eq 'url') {
+
+        l(LL_FILE_LOADING, "Sticky URL to test: " . $value);
+        $type = STICKY_ACTIONS_TEST;
+
+    } else {
+
+        die "Incomplete '" . $token . "' support detected."; 
+    }
+
+    $$regression_tests[$si][$ri]{'type'} = $type;
+    $$regression_tests[$si][$ri]{'level'} = $type;
+
+    check_for_forbidden_characters($value);
+
+    $$regression_tests[$si][$ri]{'data'} = $value;
+
+    # For function that only get passed single tests
+    $$regression_tests[$si][$ri]{'section-id'} = $si;
+    $$regression_tests[$si][$ri]{'regression-test-id'} = $ri;
+    $$regression_tests[$si][$ri]{'number'} = $number - 1;
+    l(LL_FILE_LOADING,
+      "Regression test " . $number . " (section:" . $si . "):");
+}
+
+sub load_action_files ($) {
+
+    # initialized here
+    our %actions;
+    our @regression_tests;
+
+    my $actionfiles_ref = shift;
+    my @actionfiles = @{$actionfiles_ref};
+
+    my $si = 0;  # Section index
+    my $ri = -1; # Regression test index
+    my $count = 0;
+
+    my $ignored = 0;
+
+    l(LL_STATUS, "Gathering regression tests from " .
+      @actionfiles . " action file(s) delivered by Privoxy.");
+
+    for my $file_number (0 .. @actionfiles - 1) {
+
+        my $curl_url = ' "' . $actionfiles[$file_number] . '"';
+        my $actionfile = undef;
+        my $sticky_actions = undef;
+
+        foreach (@{get_cgi_page_or_else($curl_url)}) {
+
+            my $no_checks = 0;
+            chomp;
+
+            if (/<h2>Contents of Actions File (.*?)</) {
+                $actionfile = $1;
+                next;
+            }
+            next unless defined $actionfile;
+
+            last if (/<\/pre>/);
+
+            my ($token, $value) = tokenize($_);
+
+            next unless defined $token;
+
+            # Load regression tests
+
+            if (token_starts_new_test($token)) {
+
+                # Beginning of new regression test.
+                $ri++;
+                $count++;
+                enlist_new_test(\@regression_tests, $token, $value, $si, $ri, $count);
+            }
+
+            if ($token =~ /level\s+(\d+)/i) {
+
+                my $level = $1;
+                register_dependency($level, $value);
+            }
+
+            if ($token eq 'sticky actions') {
+
+                # Will be used by each following Sticky URL.
+                $sticky_actions = $value;
+                if ($sticky_actions =~ /{[^}]*\s/) {
+                    l(LL_ERROR,
+                      "'Sticky Actions' with whitespace inside the " .
+                      "action parameters are currently unsupported.");
+                }
+            }
+            
+            if ($si == -1 || $ri == -1) {
+                # No beginning of a test detected yet,
+                # so we don't care about any other test
+                # attributes.
+                next;
+            }
+
+            if ($token eq 'expect header') {
+
+                l(LL_FILE_LOADING, "Detected expectation: " . $value);
+                $regression_tests[$si][$ri]{'expect-header'} = $value;
+
+            } elsif ($token eq 'tag') {
+                
+                next if ($ri == -1);
+
+                my $tag = parse_tag($value);
+
+                # We already checked in parse_tag() after filtering
+                $no_checks = 1;
+
+                l(LL_FILE_LOADING, "Detected TAG: " . $tag);
+
+                # Save tag for all tests in this section
+                do {
+                    $regression_tests[$si][$ri]{'tag'} = $tag; 
+                } while ($ri-- > 0);
+
+                $si++;
+                $ri = -1;
+
+            } elsif ($token eq 'ignore' && $value =~ /Yes/i) {
+
+                l(LL_FILE_LOADING, "Ignoring section: " . test_content_as_string($regression_tests[$si][$ri]));
+                $regression_tests[$si][$ri]{'ignore'} = 1;
+                $ignored++;
+
+            } elsif ($token eq 'expect status code') {
+
+                l(LL_FILE_LOADING, "Expecting status code: " . $value);
+                $regression_tests[$si][$ri]{'expected-status-code'} = $value;
+
+            } elsif ($token eq 'level') { # XXX: stupid name
+
+                $value =~ s@(\d+).*@$1@;
+                l(LL_FILE_LOADING, "Level: " . $value);
+                $regression_tests[$si][$ri]{'level'} = $value;
+
+            } elsif ($token eq 'method') {
+
+                l(LL_FILE_LOADING, "Method: " . $value);
+                $regression_tests[$si][$ri]{'method'} = $value;
+
+            } elsif ($token eq 'url') {
+
+                if (defined $sticky_actions) {
+                    die "WTF? Attempted to overwrite Sticky Actions"
+                        if defined ($regression_tests[$si][$ri]{'sticky-actions'});
+
+                    l(LL_FILE_LOADING, "Sticky actions: " . $sticky_actions);
+                    $regression_tests[$si][$ri]{'sticky-actions'} = $sticky_actions;
+                } else {
+                    l(LL_ERROR, "Sticky URL without Sticky Actions: $value");
+                }
+
+            } else {
+
+                # We don't use it, so we don't need
+                $no_checks = 1;
+            }
+            # XXX: Neccessary?
+            check_for_forbidden_characters($value) unless $no_checks;
+            check_for_forbidden_characters($token);
+        }
+    }
+
+    l(LL_FILE_LOADING, "Done loading " . $count . " regression tests." 
+      . " Of which " . $ignored. " will be ignored)\n");
+}
+
+############################################################################
+#
+# Regression test executing functions
+#
+############################################################################
+
+sub execute_regression_tests () {
+
+    our @regression_tests;
+    my $loops = get_cli_option('loops');
+    my $all_tests    = 0;
+    my $all_failures = 0;
+    my $all_successes = 0;
+
+    unless (@regression_tests) {
+
+        l(LL_STATUS, "No regression tests found.");
+        return;
+    }
+
+    l(LL_STATUS, "Executing regression tests ...");
+
+    while ($loops-- > 0) {
+
+        my $successes = 0;
+        my $tests = 0;
+        my $failures;
+        my $skipped = 0;
+
+        for my $s (0 .. @regression_tests - 1) {
+
+            my $r = 0;
+
+            while (defined $regression_tests[$s][$r]) {
+
+                die "Section id mismatch" if ($s != $regression_tests[$s][$r]{'section-id'});
+                die "Regression test id mismatch" if ($r != $regression_tests[$s][$r]{'regression-test-id'});
+
+                my $number = $regression_tests[$s][$r]{'number'};
+                my $skip_reason = undef;
+
+                if ($regression_tests[$s][$r]{'ignore'}) {
+
+                    $skip_reason = "Ignore flag is set";
+
+                } elsif (cli_option_is_set('test-number')
+                         and get_cli_option('test-number') != $number) {
+
+                    $skip_reason = "Only executing test " . get_cli_option('test-number');
+
+                } else {
+
+                    $skip_reason = level_is_unacceptable($regression_tests[$s][$r]{'level'});
+                }
+
+                if (defined $skip_reason) {
+
+                    my $message = "Skipping test " . $number . ": " . $skip_reason . ".";
+                    log_message($message) if (cli_option_is_set('verbose') or
+                                              cli_option_is_set('show-skipped-tests'));
+                    $skipped++;
+
+                } else {
+
+                    my $result = execute_regression_test($regression_tests[$s][$r]);
+
+                    log_result($regression_tests[$s][$r], $result, $tests);
+
+                    $successes += $result;
+                    $tests++;
+                }
+                $r++;
+            }
+        }
+        $failures = $tests - $successes;
+
+        log_message("Executed " . $tests . " regression tests. " .
+            'Skipped ' . $skipped . '. ' . 
+            $successes . " successes, " . $failures . " failures.");
+
+        $all_tests     += $tests;
+        $all_failures  += $failures;
+        $all_successes += $successes;
+
+    }
+
+    if (get_cli_option('loops') > 1) {
+        log_message("Total: Executed " . $all_tests . " regression tests. " .
+            $all_successes . " successes, " . $all_failures . " failures.");
+    }
+}
+
+sub level_is_unacceptable ($) {
+    my $level = shift;
+    my $min_level = get_cli_option('min-level');
+    my $max_level = get_cli_option('max-level');
+    my $required_level = cli_option_is_set('level') ?
+        get_cli_option('level') : $level;
+    my $reason = undef;
+
+    if ($required_level != $level) {
+
+        $reason = "Level doesn't match (" . $level .
+                  " != " . $required_level . ")"
+
+    } elsif ($level < $min_level) {
+
+        $reason = "Level to low (" . $level . " < " . $min_level . ")";
+
+    } elsif ($level > $max_level) {
+
+        $reason = "Level to high (" . $level . " > " . $max_level . ")";
+
+    } else {
+
+        $reason = dependency_unsatisfied($level);
+    }
+
+    return $reason;
+}
+
+sub dependency_unsatisfied ($) {
+
+    my $level = shift;
+    our %dependencies;
+    our @privoxy_config;
+    our %privoxy_features;
+
+    my $dependency_problem = undef;
+
+    if (defined ($dependencies{$level}{'config line'})) {
+
+        my $dependency = $dependencies{$level}{'config line'};
+        $dependency_problem = "depends on config line matching: '" . $dependency . "'";
+
+        foreach (@privoxy_config) {
+
+             $dependency_problem = undef if (/$dependency/);
+             last; # XXX: this looks ... interesting.
+        }
+
+    } elsif (defined ($dependencies{$level}{'feature status'})) {
+
+        my $dependency = $dependencies{$level}{'feature status'};
+        my ($feature, $status) = $dependency =~ /([^\s]*)\s+(Yes|No)/;
+
+        unless (defined($privoxy_features{$feature})
+                and ($privoxy_features{$feature} eq $status))
+        {
+            $dependency_problem = "depends on '" . $feature .
+                "' being set to '" . $status . "'";
+        }
+    }
+
+    return $dependency_problem;
+}
+
+sub register_dependency ($$) {
+
+    my $level = shift;
+    my $dependency = shift;
+    our %dependencies;
+
+    if ($dependency =~ /config line\s+(.*)/) {
+
+        $dependencies{$level}{'config line'} = $1;
+
+    } elsif ($dependency =~ /feature status\s+(.*)/) {
+
+        $dependencies{$level}{'feature status'} = $1;
+
+    }
+}
+
+# XXX: somewhat misleading name
+sub execute_regression_test ($) {
+
+    my $test_ref = shift;
+    my %test = %{$test_ref};
+    my $result = 0;
+
+    if ($test{'type'} == CLIENT_HEADER_TEST) {
+
+        $result = execute_client_header_regression_test($test_ref);
+
+    } elsif ($test{'type'} == SERVER_HEADER_TEST) {
+
+        $result = execute_server_header_regression_test($test_ref);
+
+    } elsif ($test{'type'} == DUMB_FETCH_TEST
+          or $test{'type'} == TRUSTED_CGI_REQUEST) {
+
+        $result = execute_dumb_fetch_test($test_ref);
+
+    } elsif ($test{'type'} == METHOD_TEST) {
+
+        $result = execute_method_test($test_ref);
+
+    } elsif ($test{'type'} == BLOCK_TEST) {
+
+        $result = execute_block_test($test_ref);
+
+    } elsif ($test{'type'} == STICKY_ACTIONS_TEST) {
+
+        $result = execute_sticky_actions_test($test_ref);
+
+    } else {
+
+        die "Unsupported test type detected: " . $test{'type'};
+    }
+
+    return $result;
+}
+
+sub execute_method_test ($) {
+
+    my $test_ref = shift;
+    my %test = %{$test_ref};
+    my $buffer_ref;
+    my $status_code;
+    my $method = $test{'data'};
+
+    my $curl_parameters = '';
+    my $expected_status_code = $test{'expected-status-code'};
+
+    $curl_parameters .= '--request ' . $method . ' ';
+    # Don't complain about the 'missing' body
+    $curl_parameters .= '--head ' if ($method =~ /^HEAD$/i);
+
+    $curl_parameters .= PRIVOXY_CGI_URL;
+
+    $buffer_ref = get_page_with_curl($curl_parameters);
+    $status_code = get_status_code($buffer_ref);
+
+    return check_status_code_result($status_code, $expected_status_code);
+}
+
+sub execute_dumb_fetch_test ($) {
+
+    my $test_ref = shift;
+    my %test = %{$test_ref};
+    my $buffer_ref;
+    my $status_code;
+
+    my $curl_parameters = '';
+    my $expected_status_code = $test{'expected-status-code'};
+
+    if (defined $test{method}) {
+        $curl_parameters .= '--request ' . $test{method} . ' ';
+    }
+    if ($test{type} == TRUSTED_CGI_REQUEST) {
+        $curl_parameters .= '--referer ' . PRIVOXY_CGI_URL . ' ';
+    }
+
+    $curl_parameters .= $test{'data'};
+
+    $buffer_ref = get_page_with_curl($curl_parameters);
+    $status_code = get_status_code($buffer_ref);
+
+    return check_status_code_result($status_code, $expected_status_code);
+}
+
+sub execute_block_test ($) {
+
+    my $test = shift;
+    my $url = $test->{'data'};
+    my $final_results = get_final_results($url);
+
+    return defined $final_results->{'+block'};
+}
+
+sub execute_sticky_actions_test ($) {
+
+    my $test = shift;
+    my $url = $test->{'data'};
+    my $verified_actions = 0;
+    # XXX: splitting currently doesn't work for actions whose parameters contain spaces.
+    my @sticky_actions = split(/\s+/, $test->{'sticky-actions'});
+    my $final_results = get_final_results($url);
+
+    foreach my $sticky_action (@sticky_actions) {
+        if (defined $final_results->{$sticky_action}) {
+            # Exact match
+            $verified_actions++;
+        }elsif ($sticky_action =~ /-.*\{/ and
+                not defined $final_results->{$sticky_action}) {
+            # Disabled multi actions aren't explicitly listed as
+            # disabled and thus have to be checked by verifying
+            # that they aren't enabled.
+            $verified_actions++;
+        } else {
+            l(LL_VERBOSE_FAILURE,
+              "Ooops. '$sticky_action' is not among the final results.");
+        }
+    }
+
+    return $verified_actions == @sticky_actions;
+}
+
+sub get_final_results ($) {
+
+    my $url = shift;
+    my $curl_parameters = '';
+    my %final_results = ();
+    my $final_results_reached = 0;
+
+    die "Unacceptable characters in $url" if $url =~ m@[\\'"]@;
+    # XXX: should be URL-encoded properly
+    $url =~ s@%@%25 at g;
+    $url =~ s@\s@%20 at g;
+    $url =~ s@&@%26 at g;
+    $url =~ s@:@%3A at g;
+    $url =~ s@/@%2F at g;
+
+    $curl_parameters .= quote(PRIVOXY_CGI_URL . 'show-url-info?url=' . $url);
+
+    foreach (@{get_cgi_page_or_else($curl_parameters)}) {
+
+        $final_results_reached = 1 if (m@<h2>Final results:</h2>@);
+
+        next unless ($final_results_reached);
+        last if (m@</td>@);
+
+        if (m@<br>([-+])<a.*>([^>]*)</a>(?: (\{.*\}))?@) {
+            my $action = $1.$2;
+            my $parameter = $3;
+            
+            if (defined $parameter) {
+                # In case the caller needs to check
+                # the action and its parameter
+                $final_results{$action . $parameter} = 1;
+            }
+            # In case the action doesn't have parameters
+            # or the caller doesn't care for the parameter.
+            $final_results{$action} = 1;
+        }
+    }
+
+    return \%final_results;
+}
+
+sub check_status_code_result ($$) {
+
+    my $status_code = shift;
+    my $expected_status_code = shift;
+    my $result = 0;
+
+    unless (defined $status_code) {
+
+        # XXX: should probably be caught earlier.
+        l(LL_VERBOSE_FAILURE,
+          "Ooops. We expected status code " . $expected_status_code . ", but didn't get any status code at all.");
+
+    } elsif ($expected_status_code == $status_code) {
+
+        $result = 1;
+        l(LL_VERBOSE_SUCCESS,
+          "Yay. We expected status code " . $expected_status_code . ", and received: " . $status_code . '.');
+
+    } elsif (cli_option_is_set('fuzzer-feeding') and $status_code == 123) {
+
+        l(LL_VERBOSE_FAILURE,
+          "Oh well. Status code lost while fuzzing. Can't check if it was " . $expected_status_code . '.');
+
+    } else {
+
+        l(LL_VERBOSE_FAILURE,
+          "Ooops. We expected status code " . $expected_status_code . ", but received: " . $status_code . '.');
+    }
+    
+    return $result;
+}
+
+sub execute_client_header_regression_test ($) {
+
+    my $test_ref = shift;
+    my $buffer_ref;
+    my $header;
+
+    $buffer_ref = get_show_request_with_curl($test_ref);
+
+    $header = get_header($buffer_ref, $test_ref);
+
+    return check_header_result($test_ref, $header);
+}
+
+sub execute_server_header_regression_test ($) {
+
+    my $test_ref = shift;
+    my $buffer_ref;
+    my $header;
+
+    $buffer_ref = get_head_with_curl($test_ref);
+
+    $header = get_server_header($buffer_ref, $test_ref);
+
+    return check_header_result($test_ref, $header);
+}
+
+sub interpret_result ($) {
+    my $success = shift;
+    return $success ? "Success" : "Failure";
+}
+
+sub check_header_result ($$) {
+
+    my $test_ref = shift;
+    my $header = shift;
+
+    my %test = %{$test_ref};
+    my $expect_header = $test{'expect-header'};
+    my $success = 0;
+
+    if ($expect_header eq 'NO CHANGE') {
+
+        if (defined($header) and $header eq $test{'data'}) {
+
+            $success = 1;
+
+        } else {
+
+            $header = "REMOVAL" unless defined $header;
+            l(LL_VERBOSE_FAILURE,
+              "Ooops. Got: " . $header . " while expecting: " . $expect_header);
+        }
+
+    } elsif ($expect_header eq 'REMOVAL') {
+
+        if (defined($header) and $header eq $test{'data'}) {
+
+            l(LL_VERBOSE_FAILURE,
+              "Ooops. Expected removal but: " . $header . " is still there.");
+
+        } else {
+
+            # XXX: Use more reliable check here and make sure
+            # the header has a different name.
+            $success = 1;
+        }
+
+    } elsif ($expect_header eq 'SOME CHANGE') {
+
+        if (defined($header) and not $header eq $test{'data'}) {
+
+            $success = 1;
+
+        } else {
+
+            $header = "REMOVAL" unless defined $header;
+            l(LL_VERBOSE_FAILURE,
+              "Ooops. Got: " . $header . " while expecting: SOME CHANGE");
+        }
+
+
+    } else {
+
+        if (defined($header) and $header eq $expect_header) {
+
+            $success = 1;
+
+        } else {
+
+            $header = "'No matching header'" unless defined $header; # XXX: No header detected to be precise
+            l(LL_VERBOSE_FAILURE,
+              "Ooops. Got: " . $header . " while expecting: " . $expect_header);
+        }
+    }
+    return $success;
+}
+
+sub get_header_name ($) {
+
+    my $header = shift;
+
+    $header =~ s@(.*?: ).*@$1@;
+
+    return $header;
+}
+
+sub get_header ($$) {
+
+    our $filtered_request = '';
+
+    my $buffer_ref = shift;
+    my $test_ref = shift;
+
+    my %test = %{$test_ref};
+    my @buffer = @{$buffer_ref};
+
+    my $expect_header = $test{'expect-header'};
+
+    die "get_header called with no expect header" unless defined $expect_header;
+
+    my $line;
+    my $processed_request_reached = 0;
+    my $read_header = 0;
+    my $processed_request = '';
+    my $header;
+    my $header_to_get;
+
+    if ($expect_header eq 'REMOVAL'
+     or $expect_header eq 'NO CHANGE'
+     or  $expect_header eq 'SOME CHANGE') {
+
+        $expect_header = $test{'data'};
+
+    }
+
+    $header_to_get = get_header_name($expect_header);
+
+    foreach (@buffer) {
+
+        # Skip everything before the Processed request
+        if (/Processed Request/) {
+            $processed_request_reached = 1;
+            next;
+        }
+        next unless $processed_request_reached;
+
+        # End loop after the Processed request
+        last if (/<\/pre>/);
+
+        # Ditch tags and leading/trailing white space.
+        s@^\s*<.*?>@@g;
+        s@\s*$@@g;
+
+        # Decode characters we care about. 
+        s@"@"@g;
+
+        $filtered_request .=  "\n" . $_;
+         
+        if (/^$header_to_get/) {
+            $read_header = 1;
+            $header = $_;
+            last;
+        }
+    }
+
+    return $header;
+}
+
+sub get_server_header ($$) {
+
+    my $buffer_ref = shift;
+    my $test_ref = shift;
+
+    my %test = %{$test_ref};
+    my @buffer = @{$buffer_ref};
+
+    my $expect_header = $test{'expect-header'};
+    my $header;
+    my $header_to_get;
+
+    # XXX: Should be caught before starting to test.
+    l(LL_ERROR, "No expect header for test " . $test{'number'})
+        unless defined $expect_header;
+
+    if ($expect_header eq 'REMOVAL'
+     or $expect_header eq 'NO CHANGE'
+     or $expect_header eq 'SOME CHANGE') {
+
+        $expect_header = $test{'data'};
+    }
+
+    $header_to_get = get_header_name($expect_header);
+
+    foreach (@buffer) {
+
+        # XXX: should probably verify that the request
+        # was actually answered by Fellatio.
+        if (/^$header_to_get/) {
+            $header = $_;
+            $header =~ s@\s*$@@g;
+            last;
+        }
+    }
+
+    return $header;
+}
+
+sub get_status_code ($) {
+
+    my $buffer_ref = shift;
+    my @buffer = @{$buffer_ref}; 
+
+    foreach (@buffer) {
+
+        if (/^HTTP\/\d\.\d (\d{3})/) {
+
+            return $1;
+
+        } else {
+
+            return '123' if cli_option_is_set('fuzzer-feeding');
+            chomp;
+            l(LL_ERROR, 'Unexpected buffer line: "' . $_ . '"');
+        }
+    }
+}
+
+sub get_test_keys () {
+    return ('tag', 'data', 'expect-header', 'ignore');
+}
+
+# XXX: incomplete
+sub test_content_as_string ($) {
+
+    my $test_ref = shift;
+    my %test = %{$test_ref};
+
+    my $s = "\n\t";
+
+    foreach my $key (get_test_keys()) {
+        $test{$key} = 'Not set' unless (defined $test{$key});
+    }
+
+    $s .= 'Tag: ' . $test{'tag'};
+    $s .= "\n\t";
+    $s .= 'Set header: ' . $test{'data'}; # XXX: adjust for other test types
+    $s .= "\n\t";
+    $s .= 'Expected header: ' . $test{'expect-header'};
+    $s .= "\n\t";
+    $s .= 'Ignore: ' . $test{'ignore'};
+
+    return $s;
+}
+
+sub fuzz_header($) {
+    my $header = shift;
+    my $white_space = int(rand(2)) - 1 ? " " : "\t";
+
+    $white_space = $white_space x (1 + int(rand(5)));
+
+    # Only fuzz white space before the first quoted token.
+    # (Privoxy doesn't touch white space inside quoted tokens
+    # and modifying it would cause the tests to fail).
+    $header =~ s@(^[^"]*?)\s@$1$white_space at g;
+
+    return $header;
+}
+
+############################################################################
+#
+# HTTP fetch functions
+#
+############################################################################
+
+sub check_for_curl () {
+    my $curl = CURL;
+    l(LL_ERROR, "No curl found.") unless (`which $curl`);
+}
+
+sub get_cgi_page_or_else ($) {
+
+    my $cgi_url = shift;
+    my $content_ref = get_page_with_curl($cgi_url);
+    my $status_code = get_status_code($content_ref);
+
+    if (200 != $status_code) {
+
+        my $log_message = "Failed to fetch Privoxy CGI Page. " .
+                          "Received status code ". $status_code .
+                          " while only 200 is acceptable.";
+
+        if (cli_option_is_set('fuzzer-feeding')) {
+
+            $log_message .= " Ignored due to fuzzer feeding.";
+            l(LL_SOFT_ERROR, $log_message)
+
+        } else {
+
+            l(LL_ERROR, $log_message);
+        }
+    }
+    
+    return $content_ref;
+}
+
+# XXX: misleading name
+sub get_show_request_with_curl ($) {
+
+    our $privoxy_cgi_url;
+    my $test_ref = shift;
+    my %test = %{$test_ref};
+
+    my $curl_parameters = ' ';
+    my $header = $test{'data'};
+
+    if (cli_option_is_set('header-fuzzing')) {
+        $header = fuzz_header($header);
+    }
+
+    # Enable the action to test
+    $curl_parameters .= '-H \'X-Privoxy-Control: ' . $test{'tag'} . '\' ';
+    # The header to filter
+    $curl_parameters .= '-H \'' . $header . '\' ';
+
+    $curl_parameters .= ' ';
+    $curl_parameters .= $privoxy_cgi_url;
+    $curl_parameters .= 'show-request';
+
+    return get_cgi_page_or_else($curl_parameters);
+}
+
+sub get_head_with_curl ($) {
+
+    our $fellatio_url = FELLATIO_URL;
+    my $test_ref = shift;
+    my %test = %{$test_ref};
+
+    my $curl_parameters = ' ';
+
+    # Enable the action to test
+    $curl_parameters .= '-H \'X-Privoxy-Control: ' . $test{'tag'} . '\' ';
+    # The header to filter
+    $curl_parameters .= '-H \'X-Gimme-Head-With: ' . $test{'data'} . '\' ';
+    $curl_parameters .= '--head ';
+
+    $curl_parameters .= ' ';
+    $curl_parameters .= $fellatio_url;
+
+    return get_page_with_curl($curl_parameters);
+}
+
+sub get_page_with_curl ($) {
+
+    our $proxy;
+
+    my $parameters = shift;
+    my @buffer;
+    my $curl_line = CURL;
+    my $retries_left = get_cli_option('retries') + 1;
+    my $failure_reason;
+
+    $curl_line .= ' --proxy ' . $proxy if (defined $proxy);
+
+    # We want to see the HTTP status code
+    $curl_line .= " --include ";
+    # Let Privoxy emit two log messages less.
+    $curl_line .= ' -H \'Proxy-Connection:\' ' unless $parameters =~ /Proxy-Connection:/;
+    $curl_line .= ' -H \'Connection: close\' ' unless $parameters =~ /Connection:/;
+    # We don't care about fetch statistic.
+    $curl_line .= " -s ";
+    # We do care about the failure reason if any.
+    $curl_line .= " -S ";
+    # We want to advertise ourselves
+    $curl_line .= " --user-agent '" . PRT_VERSION . "' ";
+    # We aren't too patient
+    $curl_line .= " --max-time '" . get_cli_option('max-time') . "' ";
+
+    $curl_line .= $parameters;
+    # XXX: still necessary?
+    $curl_line .= ' 2>&1';
+
+    l(LL_PAGE_FETCHING, "Executing: " . $curl_line);
+
+    do {
+        @buffer = `$curl_line`;
+
+        if ($?) {
+            $failure_reason = array_as_string(\@buffer);
+            chomp $failure_reason;
+            l(LL_SOFT_ERROR, "Fetch failure: '" . $failure_reason . $! ."'");
+        }
+    } while ($? && --$retries_left);
+
+    unless ($retries_left) {
+        l(LL_ERROR,
+          "Running curl failed " . get_cli_option('retries') .
+          " times in a row. Last error: '" . $failure_reason . "'.");
+    }
+
+    return \@buffer;
+}
+
+
+############################################################################
+#
+# Log functions
+#
+############################################################################
+
+sub array_as_string ($) {
+    my $array_ref = shift;
+    my $string = '';
+
+    foreach (@{$array_ref}) {
+        $string .= $_;
+    }
+
+    return $string;
+}
+
+sub show_test ($) {
+    my $test_ref = shift;
+    log_message('Test is:' . test_content_as_string($test_ref));
+}
+
+# Conditional log
+sub l ($$) {
+    our $log_level;
+    my $this_level = shift;
+    my $message = shift;
+
+    return unless ($log_level & $this_level);
+
+    if (LL_ERROR & $this_level) {
+        $message = 'Oh noes. ' . $message . ' Fatal error. Exiting.';
+    }
+
+    log_message($message);
+
+    if (LL_ERROR & $this_level) {
+        exit;
+    }
+}
+
+sub log_message ($) {
+
+    my $message = shift;
+
+    our $logfile;
+    our $no_logging;
+    our $leading_log_date;
+    our $leading_log_time;
+
+    my $time_stamp = '';
+    my ( $sec, $min, $hour, $mday, $mon, $year, $wday, $yday, $isdst ) = localtime time;
+
+    if ($leading_log_date || $leading_log_time) {
+
+        if ($leading_log_date) {
+            $year += 1900;
+            $mon  += 1;
+            $time_stamp = sprintf("%i/%.2i/%.2i", $year, $mon, $mday);
+        }
+
+        if ($leading_log_time) {
+            $time_stamp .= ' ' if $leading_log_date;
+            $time_stamp.= sprintf("%.2i:%.2i:%.2i", $hour, $min, $sec);
+        }
+        
+        $message = $time_stamp . ": " . $message;
+    }
+
+    printf(STDERR "%s\n", $message);
+}
+
+sub log_result ($$) {
+
+    our $verbose_test_description;
+    our $filtered_request;
+
+    my $test_ref = shift;
+    my $result = shift;
+    my $number = shift;
+
+    my %test = %{$test_ref};
+    my $message = '';
+
+    $message .= interpret_result($result);
+    $message .= " for test ";
+    $message .= $number;
+    $message .= '/';
+    $message .= $test{'number'};
+    $message .= '/';
+    $message .= $test{'section-id'};
+    $message .= '/';
+    $message .= $test{'regression-test-id'};
+    $message .= '.';
+
+    if ($verbose_test_description) {
+
+        if ($test{'type'} == CLIENT_HEADER_TEST) {
+
+            $message .= ' Header ';
+            $message .= quote($test{'data'});
+            $message .= ' and tag ';
+            $message .= quote($test{'tag'});
+
+        } elsif ($test{'type'} == SERVER_HEADER_TEST) {
+
+            $message .= ' Request Header ';
+            $message .= quote($test{'data'});
+            $message .= ' and tag ';
+            $message .= quote($test{'tag'});
+
+        } elsif ($test{'type'} == DUMB_FETCH_TEST) {
+
+            $message .= ' URL ';
+            $message .= quote($test{'data'});
+            $message .= ' and expected status code ';
+            $message .= quote($test{'expected-status-code'});
+
+        } elsif ($test{'type'} == TRUSTED_CGI_REQUEST) {
+
+            $message .= ' CGI URL ';
+            $message .= quote($test{'data'});
+            $message .= ' and expected status code ';
+            $message .= quote($test{'expected-status-code'});
+
+        } elsif ($test{'type'} == METHOD_TEST) {
+
+            $message .= ' HTTP method ';
+            $message .= quote($test{'data'});
+            $message .= ' and expected status code ';
+            $message .= quote($test{'expected-status-code'});
+
+        } elsif ($test{'type'} == BLOCK_TEST) {
+
+            $message .= ' Supposedly-blocked URL: ';
+            $message .= quote($test{'data'});
+
+        } elsif ($test{'type'} == STICKY_ACTIONS_TEST) {
+
+            $message .= ' Sticky Actions: ';
+            $message .= quote($test{'sticky-actions'});
+            $message .= ' and URL: ';
+            $message .= quote($test{'data'});
+
+        } else {
+
+            die "Incomplete support for test type " . $test{'type'} .  " detected.";
+        }
+    }
+
+    log_message($message) if (!$result or cli_option_is_set('verbose'));
+}
+
+sub quote ($) {
+    my $s = shift;
+    return '\'' . $s . '\'';
+}
+
+sub print_version () {
+    printf PRT_VERSION . "\n" . 'Copyright (C) 2007-2009 Fabian Keil <fk at fabiankeil.de>' . "\n";
+}
+
+sub help () {
+
+    our %cli_options;
+
+    print_version();
+
+    print << "    EOF"
+
+Options and their default values if they have any:
+    [--debug $cli_options{'debug'}]
+    [--forks $cli_options{'forks'}]
+    [--fuzzer-address]
+    [--fuzzer-feeding]
+    [--help]
+    [--header-fuzzing]
+    [--level]
+    [--loops $cli_options{'loops'}]
+    [--max-level $cli_options{'max-level'}]
+    [--max-time $cli_options{'max-time'}]
+    [--min-level $cli_options{'min-level'}]
+    [--privoxy-address]
+    [--retries $cli_options{'retries'}]
+    [--show-skipped-tests]
+    [--test-number]
+    [--verbose]
+    [--version]
+see "perldoc $0" for more information
+    EOF
+    ;
+    exit(0);
+}
+
+sub init_cli_options () {
+
+    our %cli_options;
+    our $log_level;
+
+    $cli_options{'debug'}     = $log_level;
+    $cli_options{'forks'}     = CLI_FORKS;
+    $cli_options{'loops'}     = CLI_LOOPS;
+    $cli_options{'max-level'} = CLI_MAX_LEVEL;
+    $cli_options{'max-time'}  = CLI_MAX_TIME;
+    $cli_options{'min-level'} = CLI_MIN_LEVEL;
+    $cli_options{'retries'}   = CLI_RETRIES;
+}
+
+sub parse_cli_options () {
+
+    our %cli_options;
+    our $log_level;
+
+    init_cli_options();
+
+    GetOptions (
+        'debug=s'            => \$cli_options{'debug'},
+        'forks=s'            => \$cli_options{'forks'},
+        'fuzzer-address=s'   => \$cli_options{'fuzzer-address'},
+        'fuzzer-feeding'     => \$cli_options{'fuzzer-feeding'},
+        'header-fuzzing'     => \$cli_options{'header-fuzzing'},
+        'help'               => sub {help},
+        'level=s'            => \$cli_options{'level'},
+        'loops=s'            => \$cli_options{'loops'},
+        'max-level=s'        => \$cli_options{'max-level'},
+        'max-time=s'         => \$cli_options{'max-time'},
+        'min-level=s'        => \$cli_options{'min-level'},
+        'privoxy-address=s'  => \$cli_options{'privoxy-address'},
+        'retries=s'          => \$cli_options{'retries'},
+        'show-skipped-tests' => \$cli_options{'show-skipped-tests'},
+        'test-number=s'      => \$cli_options{'test-number'},
+        'verbose'            => \$cli_options{'verbose'},
+        'version'            => sub {print_version && exit(0)}
+    );
+    $log_level |= $cli_options{'debug'};
+}
+
+sub cli_option_is_set ($) {
+
+    our %cli_options;
+    my $cli_option = shift;
+
+    return defined $cli_options{$cli_option};
+}
+
+sub get_cli_option ($) {
+
+    our %cli_options;
+    my $cli_option = shift;
+
+    die "Unknown CLI option: $cli_option" unless defined $cli_options{$cli_option};
+
+    return $cli_options{$cli_option};
+}
+
+sub init_proxy_settings($) {
+
+    my $choice = shift;
+    our $proxy = undef;
+
+    if (($choice eq 'fuzz-proxy') and cli_option_is_set('fuzzer-address')) {
+        $proxy = get_cli_option('fuzzer-address');
+    }
+
+    if ((not defined $proxy) or ($choice eq 'vanilla-proxy')) {
+
+        if (cli_option_is_set('privoxy-address')) {
+            $proxy .=  get_cli_option('privoxy-address');
+        }
+
+    }
+}
+
+sub start_forks($) {
+    my $forks = shift;
+
+    l(LL_ERROR, "Invalid --fork value: " . $forks . ".") if ($forks < 0); 
+
+    foreach my $fork (1 .. $forks) {
+        log_message("Starting fork $fork");
+        my $pid = fork();
+        if (defined $pid && !$pid) {
+            return;
+        }
+    }
+}
+
+sub main () {
+
+    init_our_variables();
+    parse_cli_options();
+    check_for_curl();
+    init_proxy_settings('vanilla-proxy');
+    load_regressions_tests();
+    init_proxy_settings('fuzz-proxy');
+    start_forks(get_cli_option('forks')) if cli_option_is_set('forks');
+    execute_regression_tests();
+}
+
+main();
+
+=head1 NAME
+
+B<privoxy-regression-test> - A regression test "framework" for Privoxy.
+
+=head1 SYNOPSIS
+
+B<privoxy-regression-test> [B<--debug bitmask>] [B<--forks> forks]
+[B<--fuzzer-feeding>] [B<--fuzzer-feeding>] [B<--help>] [B<--level level>]
+[B<--loops count>] [B<--max-level max-level>] [B<--max-time max-time>]
+[B<--min-level min-level>] B<--privoxy-address proxy-address>
+[B<--retries retries>] [B<--test-number test-number>]
+[B<--show-skipped-tests>] [B<--verbose>]
+[B<--version>]
+
+=head1 DESCRIPTION
+
+Privoxy-Regression-Test is supposed to one day become
+a regression test suite for Privoxy. It's not quite there
+yet, however, and can currently only test header actions,
+check the returned status code for requests to arbitrary
+URLs and verify which actions are applied to them.
+
+Client header actions are tested by requesting
+B<http://p.p/show-request> and checking whether
+or not Privoxy modified the original request as expected.
+
+The original request contains both the header the action-to-be-tested
+acts upon and an additional tagger-triggering header that enables
+the action to test.
+
+Applied actions are checked through B<http://p.p/show-url-info>.
+
+=head1 CONFIGURATION FILE SYNTAX
+
+Privoxy-Regression-Test's configuration is embedded in
+Privoxy action files and loaded through Privoxy's web interface.
+
+It makes testing a Privoxy version running on a remote system easier
+and should prevent you from updating your tests without updating Privoxy's
+configuration accordingly.
+
+A client-header-action test section looks like this:
+
+    # Set Header    = Referer: http://www.example.org.zwiebelsuppe.exit/
+    # Expect Header = Referer: http://www.example.org/
+    {+client-header-filter{hide-tor-exit-notation} -hide-referer}
+    TAG:^client-header-filter\{hide-tor-exit-notation\}$
+
+The example above causes Privoxy-Regression-Test to set
+the header B<Referer: http://www.example.org.zwiebelsuppe.exit/>
+and to expect it to be modified to
+B<Referer: http://www.example.org/>.
+
+When testing this section, Privoxy-Regression-Test will set the header
+B<X-Privoxy-Control: client-header-filter{hide-tor-exit-notation}>
+causing the B<privoxy-control> tagger to create the tag
+B<client-header-filter{hide-tor-exit-notation}> which will finally
+cause Privoxy to enable the action section.
+
+Note that the actions itself are only used by Privoxy,
+Privoxy-Regression-Test ignores them and will be happy
+as long as the expectations are satisfied.
+
+A fetch test looks like this:
+
+    # Fetch Test = http://p.p/user-manual
+    # Expect Status Code = 302
+
+It tells Privoxy-Regression-Test to request B<http://p.p/user-manual>
+and to expect a response with the HTTP status code B<302>. Obviously that's
+not a very thorough test and mainly useful to get some code coverage
+for Valgrind or to verify that the templates are installed correctly.
+
+If you want to test CGI pages that require a trusted
+referer, you can use:
+
+    # Trusted CGI Request = http://p.p/edit-actions
+
+It works like ordinary fetch tests, but sets the referer
+header to a trusted value.
+
+If no explicit status code expectation is set, B<200> is used.
+
+To verify that a URL is blocked, use:
+
+    # Blocked URL = http://www.example.com/blocked
+
+To verify that a specific set of actions is applied to an URL, use:
+
+    # Sticky Actions = +block{foo} +handle-as-empty-document -handle-as-image
+    # URL = http://www.example.org/my-first-url
+
+The sticky actions will be checked for all URLs below it
+until the next sticky actions directive.
+
+=head1 TEST LEVELS
+
+All tests have test levels to let the user
+control which ones to execute (see I<OPTIONS> below). 
+Test levels are either set with the B<Level> directive,
+or implicitly through the test type.
+
+Block tests default to level 7, fetch tests to level 6,
+"Sticky Actions" tests default to level 5, tests for trusted CGI
+requests to level 3 and client-header-action tests to level 1.
+
+=head1 OPTIONS
+
+B<--debug bitmask> Add the bitmask provided as integer
+to the debug settings.
+
+B<--forks forks> Number of forks to start before executing
+the regression tests. This is mainly useful for stress-testing.
+
+B<--fuzzer-address> Listening address used when executing
+the regression tests. Useful to make sure that the requests
+to load the regression tests don't fail due to fuzzing.
+
+B<--fuzzer-feeding> Ignore some errors that would otherwise
+cause Privoxy-Regression-Test to abort the test because
+they shouldn't happen in normal operation. This option is
+intended to be used if Privoxy-Regression-Test is only
+used to feed a fuzzer in which case there's a high chance
+that Privoxy gets an invalid request and returns an error
+message.
+
+B<--help> Shows available command line options.
+
+B<--header-fuzzing> Modifies linear white space in
+headers in a way that should not affect the test result.
+
+B<--level level> Only execute tests with the specified B<level>. 
+
+B<--loop count> Loop through the regression tests B<count> times. 
+Useful to feed a fuzzer, or when doing stress tests with
+several Privoxy-Regression-Test instances running at the same
+time.
+
+B<--max-level max-level> Only execute tests with a B<level>
+below or equal to the numerical B<max-level>.
+
+B<--max-time max-time> Give Privoxy B<max-time> seconds
+to return data. Increasing the default may make sense when
+Privoxy is run through Valgrind, decreasing the default may
+make sense when Privoxy-Regression-Test is used to feed
+a fuzzer.
+
+B<--min-level min-level> Only execute tests with a B<level>
+above or equal to the numerical B<min-level>.
+
+B<--privoxy-address proxy-address> Privoxy's listening address.
+If it's not set, the value of the environment variable http_proxy
+will be used. B<proxy-address> has to be specified in http_proxy
+syntax.
+
+B<--retries retries> Retry B<retries> times.
+
+B<--test-number test-number> Only run the test with the specified
+number.
+
+B<--show-skipped-tests> Log skipped tests even if verbose mode is off.
+
+B<--verbose> Log succesful and skipped tests.
+
+B<--version> Print version and exit.
+
+The second dash is optional, options can be shortened,
+as long as there are no ambiguities.
+
+=head1 PRIVOXY CONFIGURATION
+
+Privoxy-Regression-Test is shipped with B<regression-tests.action>
+which aims to test all official client-header modifying actions
+and can be used to verify that the templates and the user manual
+files are installed correctly.
+
+To use it, it has to be copied in Privoxy's configuration
+directory, and afterwards referenced in Privoxy's configuration
+file with the line:
+
+    actionsfile regression-tests.action
+
+In general, its tests are supposed to work without changing
+any other action files, unless you already added lots of
+taggers yourself. If you are using taggers that cause problems,
+you might have to temporary disable them for Privoxy's CGI pages.
+
+Some of the regression tests rely on Privoxy features that
+may be disabled in your configuration. Tests with a level below
+7 are supposed to work with all Privoxy configurations (provided
+you didn't build with FEATURE_GRACEFUL_TERMINATION).
+
+Tests with level 9 require Privoxy to deliver the User Manual,
+tests with level 12 require the CGI editor to be enabled.
+
+=head1 CAVEATS
+
+Expect the configuration file syntax to change with future releases.
+
+=head1 LIMITATIONS
+
+As Privoxy's B<show-request> page only shows client headers,
+Privoxy-Regression-Test can't use it to test Privoxy actions
+that modify server headers.
+
+As Privoxy-Regression-Test relies on Privoxy's tag feature to
+control the actions to test, it currently only works with
+Privoxy 3.0.7 or later.
+
+At the moment Privoxy-Regression-Test fetches Privoxy's
+configuration page through I<curl>(1), therefore you have to
+have I<curl> installed, otherwise you won't be able to run
+Privoxy-Regression-Test in a meaningful way.
+
+=head1 SEE ALSO
+
+privoxy(1) curl(1)
+
+=head1 AUTHOR
+
+Fabian Keil <fk at fabiankeil.de>
+
+=cut
diff --git a/external/privoxy/tools/url-pattern-translator.pl b/external/privoxy/tools/url-pattern-translator.pl
new file mode 100755
index 0000000..a575333
--- /dev/null
+++ b/external/privoxy/tools/url-pattern-translator.pl
@@ -0,0 +1,139 @@
+#!/usr/bin/perl
+
+############################################################################
+#
+# url-pattern-translator
+#
+# Filters Privoxy action files and changes old-school URL patterns to
+# use extended regular expressions for the host as well.
+#
+# While it works good enough to satisfy the regression tests in
+# default.action.master, it isn't perfect and you should double-check
+# the output and keep backups of your old action files.
+#
+# Usage:
+#
+# url-pattern-translator.pl old.action > new.action 
+#
+# Only convert your files once, or, as RoboCop used to say,
+# there will be... trouble.
+#
+# $Id: url-pattern-translator.pl,v 1.3 2009/01/13 17:01:04 fabiankeil Exp $
+#
+# Copyright (c) 2008 Fabian Keil <fk at fabiankeil.de>
+#
+# Permission to use, copy, modify, and distribute this software for any
+# purpose with or without fee is hereby granted, provided that the above
+# copyright notice and this permission notice appear in all copies.
+#
+# THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+# WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+# MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+# ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+# WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+# ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+# OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+#
+############################################################################
+
+use strict;
+use warnings;
+
+sub p ($) {
+    my $message = shift;
+    print $message . "\n";
+}
+
+sub convert_host_pattern ($) {
+    my $host_pattern = shift;
+    my $hp = $host_pattern;
+
+    $hp =~ s@\s@@g;
+
+    if ($hp =~ m@^\.@) {
+        # Not left-anchored
+        #
+        # XXX: This is somewhat ugly and while it's
+        # the equivalent pattern in most cases
+        # \. should be good enough.
+        $hp =~ s@^\.@(^|.)@;
+    } else {
+        # left-anchored
+        $hp = '^' . $hp;
+    }
+
+    # Match-all syntax has changed ...
+    $hp =~ s@\*@.*@g;
+
+    # Extended host patterns are right-anchored by default
+    $hp =~ s@\.$@(\..*)?@;
+
+    # Literal dots have to be escaped    
+    $hp =~ s@((?<!\\)\.[^*])@\\$1 at g;
+
+    # Match single character with a dot.
+    $hp =~ s@(?<!\))\?@. at g;
+
+    return $hp;
+}
+
+sub looks_interesting($) {
+    my $line = shift;
+    my $type_to_skip = undef;
+
+    if (/^\s*\#/) {
+
+        $type_to_skip = "comment";
+
+    } elsif (/[{}]/ or /\\$/) {
+
+        $type_to_skip = "action settings";
+
+    } elsif (m@^\s*$@) {
+
+        $type_to_skip = "whitespace";
+
+    } elsif (m@^\s*TAG:@) {
+
+        $type_to_skip = "tag patttern";
+
+    } elsif (m@^[^/]*=@) {
+
+        $type_to_skip = "macro or version definition";
+
+    } elsif (m@^\s*standard\.@) {
+
+        $type_to_skip = "predefined settings";
+
+    }
+
+    #p("Skipping " . $type_to_skip . ": " . $_) if defined $type_to_skip;
+
+    return not defined $type_to_skip;
+}
+
+sub main () {
+    my $host = undef;
+    my $path = undef;
+ 
+    while (<>) {
+        chomp;
+
+        if (looks_interesting($_)) {
+            if (m@^([^/]+)(/.*)$@) {
+                $host = $1;
+                $path = $2;
+                $host = convert_host_pattern($host);
+                $_ = $host . $path;
+            }
+            elsif (m@^([^/]*)$@) {
+                $host = $1;
+                $host = convert_host_pattern($host);
+                $_ = $host;
+            }
+        }
+        p($_);
+    }
+}
+
+main();
diff --git a/external/privoxy/trust b/external/privoxy/trust
new file mode 100644
index 0000000..5767363
--- /dev/null
+++ b/external/privoxy/trust
@@ -0,0 +1,85 @@
+######################################################################
+# 
+#  File        :  $Source: /cvsroot/ijbswa/current/trust,v $
+# 
+#  $Id: trust,v 1.6 2007/05/14 17:19:42 fabiankeil Exp $
+#
+#  Purpose     :  Trustfiles are an experimental feature and can be used
+#                 to build "whitelists" (versus the usual "blacklists"
+#                 techniques).
+# 
+#  Copyright   :  Written by and Copyright
+#                 Privoxy team. http://www.privoxy.org/
+#
+#                 Based on the Internet Junkbuster originally written
+#                 by and Copyright (C) 1997 Anonymous Coders and
+#                 Junkbusters Corporation.  http://www.junkbusters.com
+#
+# We value your feedback. However, to provide you with the best support,
+# please note:
+#  
+#  * Use the support forum to get help:
+#    http://sourceforge.net/tracker/?group_id=11118&atid=211118
+#  * Submit bugs only thru our bug forum:
+#    http://sourceforge.net/tracker/?group_id=11118&atid=111118 
+#    Make sure that the bug has not already been submitted. Please try
+#    to verify that it is a Privoxy bug, and not a browser or site
+#    bug first. If you are using your own custom configuration, please
+#    try the stock configs to see if the problem is a configuration
+#    related bug. And if not using the latest development snapshot,
+#    please try the latest one. Or even better, CVS sources.
+#  * Submit feature requests only thru our feature request tracker:
+#    http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse
+#      
+# For any other issues, feel free to use the mailing lists:
+# http://sourceforge.net/mail/?group_id=11118
+#    
+# Anyone interested in actively participating in development and related
+# discussions can join the appropriate mailing list here:
+# http://sourceforge.net/mail/?group_id=11118. Archives are available
+# here too.
+# 
+######################################################################
+#
+#                      Sample Trustfile for Privoxy
+
+# For this file to have any effect, the line in the main config file beginning
+# with "trustfile" must be uncommented, with the name of this file following the
+# word "trustfile".
+
+# Trustfiles are an experimental feature used for building "whitelists"
+# of "trusted" sites (versus the usual "blacklists" technique). For more
+# detail, see http://www.privoxy.org/user-manual/config.html#TRUSTFILE.
+
+# List trusted domains here. The default is to block any URL that is NOT
+# referenced. Access to trusted domains includes all paths within that
+# domain.
+
+# Preceding a domain with a '+' character will designate that domain
+# as a "trusted referrer", meaning any requests whose HTTP "Referer" headers
+# contain an URL from that domain will be allowed, and the previously untrusted
+# host will be dynamically added to this file. Thus, this builds a "white-list"
+# of hosts the user is allowed to visit.
+
+# Note this means that the file will grow with use!
+
+# Also note that you can only trust referrers if you control the user's
+# system and make sure that there are no programs available that allow
+# to set arbitrary headers.
+
+# Preceding the domain with '~' character allows access to that domain only
+# (including all paths within that domain), but does not allow access to links
+# to other, outside domains. Sites that are added dynamically by trusted 
+# referrers will include the '~' character, and thus do not become trusted
+# referrers themselves.
+
+# Example: to allow example.com and to white-list domains that appear to
+# be reached through links from example.com, uncomment this line:
+
+# +example.com 
+
+# The next two lines make sure that the user can access Privoxy's
+# CGI pages, without automatically trusting their links.
+
+~config.privoxy.org
+~p.p
diff --git a/external/privoxy/urlmatch.c b/external/privoxy/urlmatch.c
new file mode 100644
index 0000000..47b607c
--- /dev/null
+++ b/external/privoxy/urlmatch.c
@@ -0,0 +1,1452 @@
+const char urlmatch_rcs[] = "$Id: urlmatch.c,v 1.47 2009/03/02 19:18:10 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/urlmatch.c,v $
+ *
+ * Purpose     :  Declares functions to match URLs against URL
+ *                patterns.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2009
+ *                the Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: urlmatch.c,v $
+ *    Revision 1.47  2009/03/02 19:18:10  fabiankeil
+ *    Streamline parse_http_request()'s prototype. As
+ *    cparser pointed out it doesn't actually use csp.
+ *
+ *    Revision 1.46  2009/02/11 19:31:32  fabiankeil
+ *    Reject request lines that end with neither HTTP/1.0 nor HTTP/1.1.
+ *
+ *    Revision 1.45  2008/06/21 21:19:18  fabiankeil
+ *    Silence bogus compiler warning.
+ *
+ *    Revision 1.44  2008/05/04 16:18:32  fabiankeil
+ *    Provide parse_http_url() with a third parameter to specify
+ *    whether or not URLs without protocol are acceptable.
+ *
+ *    Revision 1.43  2008/05/04 13:30:55  fabiankeil
+ *    Streamline parse_http_url()'s prototype.
+ *
+ *    Revision 1.42  2008/05/04 13:24:16  fabiankeil
+ *    If the method isn't CONNECT, reject URLs without protocol.
+ *
+ *    Revision 1.41  2008/05/02 09:51:34  fabiankeil
+ *    In parse_http_url(), don't muck around with values
+ *    that are none of its business: require an initialized
+ *    http structure and never unset http->ssl.
+ *
+ *    Revision 1.40  2008/04/23 16:12:28  fabiankeil
+ *    Free with freez().
+ *
+ *    Revision 1.39  2008/04/22 16:27:42  fabiankeil
+ *    In parse_http_request(), remove a pointless
+ *    temporary variable and free the buffer earlier.
+ *
+ *    Revision 1.38  2008/04/18 05:17:18  fabiankeil
+ *    Mark simplematch()'s parameters as immutable.
+ *
+ *    Revision 1.37  2008/04/17 14:53:29  fabiankeil
+ *    Move simplematch() into urlmatch.c as it's only
+ *    used to match (old-school) domain patterns.
+ *
+ *    Revision 1.36  2008/04/14 18:19:48  fabiankeil
+ *    Remove now-pointless cast in create_url_spec().
+ *
+ *    Revision 1.35  2008/04/14 18:11:21  fabiankeil
+ *    The compiler might not notice it, but the buffer passed to
+ *    create_url_spec() is modified later on and thus shouldn't
+ *    be declared immutable.
+ *
+ *    Revision 1.34  2008/04/13 13:32:07  fabiankeil
+ *    Factor URL pattern compilation out of create_url_spec().
+ *
+ *    Revision 1.33  2008/04/12 14:03:13  fabiankeil
+ *    Remove an obvious comment and improve another one.
+ *
+ *    Revision 1.32  2008/04/12 12:38:06  fabiankeil
+ *    Factor out duplicated code to compile host, path and tag patterns.
+ *
+ *    Revision 1.31  2008/04/10 14:41:04  fabiankeil
+ *    Ditch url_spec's path member now that it's no longer used.
+ *
+ *    Revision 1.30  2008/04/10 04:24:24  fabiankeil
+ *    Stop duplicating the plain text representation of the path regex
+ *    (and keeping the copy around). Once the regex is compiled it's no
+ *    longer useful.
+ *
+ *    Revision 1.29  2008/04/10 04:17:56  fabiankeil
+ *    In url_match(), check the right member for NULL when determining
+ *    whether there's a path regex to execute. Looking for a plain-text
+ *    representation works as well, but it looks "interesting" and that
+ *    member will be removed soonish anyway.
+ *
+ *    Revision 1.28  2008/04/08 16:07:39  fabiankeil
+ *    Make it harder to mistake url_match()'s
+ *    second parameter for an url_spec.
+ *
+ *    Revision 1.27  2008/04/08 15:44:33  fabiankeil
+ *    Save a bit of memory (and a few cpu cycles) by not bothering to
+ *    compile slash-only path regexes that don't affect the result.
+ *
+ *    Revision 1.26  2008/04/07 16:57:18  fabiankeil
+ *    - Use free_url_spec() more consistently.
+ *    - Let it reset url->dcount just in case.
+ *
+ *    Revision 1.25  2008/04/06 15:18:38  fabiankeil
+ *    Oh well, rename the --enable-pcre-host-patterns option to
+ *    --enable-extended-host-patterns as it's not really PCRE syntax.
+ *
+ *    Revision 1.24  2008/04/06 14:54:26  fabiankeil
+ *    Use PCRE syntax in host patterns when configured
+ *    with --enable-pcre-host-patterns.
+ *
+ *    Revision 1.23  2008/04/05 12:19:20  fabiankeil
+ *    Factor compile_host_pattern() out of create_url_spec().
+ *
+ *    Revision 1.22  2008/03/30 15:02:32  fabiankeil
+ *    SZitify unknown_method().
+ *
+ *    Revision 1.21  2007/12/24 16:34:23  fabiankeil
+ *    Band-aid (and micro-optimization) that makes it less likely to run out of
+ *    stack space with overly-complex path patterns. Probably masks the problem
+ *    reported by Lee in #1856679. Hohoho.
+ *
+ *    Revision 1.20  2007/09/02 15:31:20  fabiankeil
+ *    Move match_portlist() from filter.c to urlmatch.c.
+ *    It's used for url matching, not for filtering.
+ *
+ *    Revision 1.19  2007/09/02 13:42:11  fabiankeil
+ *    - Allow port lists in url patterns.
+ *    - Ditch unused url_spec member pathlen.
+ *
+ *    Revision 1.18  2007/07/30 16:42:21  fabiankeil
+ *    Move the method check into unknown_method()
+ *    and loop through the known methods instead
+ *    of using a screen-long OR chain.
+ *
+ *    Revision 1.17  2007/04/15 16:39:21  fabiankeil
+ *    Introduce tags as alternative way to specify which
+ *    actions apply to a request. At the moment tags can be
+ *    created based on client and server headers.
+ *
+ *    Revision 1.16  2007/02/13 13:59:24  fabiankeil
+ *    Remove redundant log message.
+ *
+ *    Revision 1.15  2007/01/28 16:11:23  fabiankeil
+ *    Accept WebDAV methods for subversion
+ *    in parse_http_request(). Closes FR 1581425.
+ *
+ *    Revision 1.14  2007/01/06 14:23:56  fabiankeil
+ *    Fix gcc43 warnings. Mark *csp as immutable
+ *    for parse_http_url() and url_match().
+ *    Replace a sprintf call with snprintf.
+ *
+ *    Revision 1.13  2006/12/06 19:50:54  fabiankeil
+ *    parse_http_url() now handles intercepted
+ *    HTTP request lines as well. Moved parts
+ *    of parse_http_url()'s code into
+ *    init_domain_components() so that it can
+ *    be reused in chat().
+ *
+ *    Revision 1.12  2006/07/18 14:48:47  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.10.2.7  2003/05/17 15:57:24  oes
+ *     - parse_http_url now checks memory allocation failure for
+ *       duplication of "*" URL and rejects "*something" URLs
+ *       Closes bug #736344
+ *     - Added a comment to what might look like a bug in
+ *       create_url_spec (see !bug #736931)
+ *     - Comment cosmetics
+ *
+ *    Revision 1.10.2.6  2003/05/07 12:39:48  oes
+ *    Fix typo: Default port for https URLs is 443, not 143.
+ *    Thanks to Scott Tregear for spotting this one.
+ *
+ *    Revision 1.10.2.5  2003/02/28 13:09:29  oes
+ *    Fixed a rare double free condition as per Bug #694713
+ *
+ *    Revision 1.10.2.4  2003/02/28 12:57:44  oes
+ *    Moved freeing of http request structure to its owner
+ *    as per Dan Price's observations in Bug #694713
+ *
+ *    Revision 1.10.2.3  2002/11/12 16:50:40  oes
+ *    Fixed memory leak in parse_http_request() reported by Oliver Stoeneberg. Fixes bug #637073
+ *
+ *    Revision 1.10.2.2  2002/09/25 14:53:15  oes
+ *    Added basic support for OPTIONS and TRACE HTTP methods:
+ *    parse_http_url now recognizes the "*" URI as well as
+ *    the OPTIONS and TRACE method keywords.
+ *
+ *    Revision 1.10.2.1  2002/06/06 19:06:44  jongfoster
+ *    Adding support for proprietary Microsoft WebDAV extensions
+ *
+ *    Revision 1.10  2002/05/12 21:40:37  jongfoster
+ *    - Removing some unused code
+ *
+ *    Revision 1.9  2002/04/04 00:36:36  gliptak
+ *    always use pcre for matching
+ *
+ *    Revision 1.8  2002/04/03 23:32:47  jongfoster
+ *    Fixing memory leak on error
+ *
+ *    Revision 1.7  2002/03/26 22:29:55  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.6  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.5  2002/03/13 00:27:05  jongfoster
+ *    Killing warnings
+ *
+ *    Revision 1.4  2002/03/07 03:46:17  oes
+ *    Fixed compiler warnings
+ *
+ *    Revision 1.3  2002/03/03 14:51:11  oes
+ *    Fixed CLF logging: Added ocmd member for client's request to struct http_request
+ *
+ *    Revision 1.2  2002/01/21 00:14:09  jongfoster
+ *    Correcting comment style
+ *    Fixing an uninitialized memory bug in create_url_spec()
+ *
+ *    Revision 1.1  2002/01/17 20:53:46  jongfoster
+ *    Moving all our URL and URL pattern parsing code to the same file - it
+ *    was scattered around in filters.c, loaders.c and parsers.c.
+ *
+ *    Providing a single, simple url_match(pattern,url) function - rather than
+ *    the 3-line match routine which was repeated all over the place.
+ *
+ *    Renaming free_url to free_url_spec, since it frees a struct url_spec.
+ *
+ *    Providing parse_http_url() so that URLs can be parsed without faking a
+ *    HTTP request line for parse_http_request() or repeating the parsing
+ *    code (both of which were techniques that were actually in use).
+ *
+ *    Standardizing that struct http_request is used to represent a URL, and
+ *    struct url_spec is used to represent a URL pattern.  (Before, URLs were
+ *    represented as seperate variables and a partially-filled-in url_spec).
+ *
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+#ifndef _WIN32
+#include <stdio.h>
+#include <sys/types.h>
+#endif
+
+#include <stdlib.h>
+#include <ctype.h>
+#include <assert.h>
+#include <string.h>
+
+#if !defined(_WIN32) && !defined(__OS2__)
+#include <unistd.h>
+#endif
+
+#include "project.h"
+#include "urlmatch.h"
+#include "ssplit.h"
+#include "miscutil.h"
+#include "errlog.h"
+
+const char urlmatch_h_rcs[] = URLMATCH_H_VERSION;
+
+enum regex_anchoring {NO_ANCHORING, LEFT_ANCHORED, RIGHT_ANCHORED};
+static jb_err compile_host_pattern(struct url_spec *url, const char *host_pattern);
+
+/*********************************************************************
+ *
+ * Function    :  free_http_request
+ *
+ * Description :  Freez a http_request structure
+ *
+ * Parameters  :
+ *          1  :  http = points to a http_request structure to free
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void free_http_request(struct http_request *http)
+{
+   assert(http);
+
+   freez(http->cmd);
+   freez(http->ocmd);
+   freez(http->gpc);
+   freez(http->host);
+   freez(http->url);
+   freez(http->hostport);
+   freez(http->path);
+   freez(http->ver);
+   freez(http->host_ip_addr_str);
+   freez(http->dbuffer);
+   freez(http->dvec);
+   http->dcount = 0;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  init_domain_components
+ *
+ * Description :  Splits the domain name so we can compare it
+ *                against wildcards. It used to be part of
+ *                parse_http_url, but was separated because the
+ *                same code is required in chat in case of
+ *                intercepted requests.
+ *
+ * Parameters  :
+ *          1  :  http = pointer to the http structure to hold elements.
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out of memory
+ *                JB_ERR_PARSE on malformed command/URL
+ *                             or >100 domains deep.
+ *
+ *********************************************************************/
+jb_err init_domain_components(struct http_request *http)
+{
+   char *vec[BUFFER_SIZE];
+   size_t size;
+   char *p;
+
+   http->dbuffer = strdup(http->host);
+   if (NULL == http->dbuffer)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   /* map to lower case */
+   for (p = http->dbuffer; *p ; p++)
+   {
+      *p = (char)tolower((int)(unsigned char)*p);
+   }
+
+   /* split the domain name into components */
+   http->dcount = ssplit(http->dbuffer, ".", vec, SZ(vec), 1, 1);
+
+   if (http->dcount <= 0)
+   {
+      /*
+       * Error: More than SZ(vec) components in domain
+       *    or: no components in domain
+       */
+      log_error(LOG_LEVEL_ERROR, "More than SZ(vec) components in domain or none at all.");
+      return JB_ERR_PARSE;
+   }
+
+   /* save a copy of the pointers in dvec */
+   size = (size_t)http->dcount * sizeof(*http->dvec);
+
+   http->dvec = (char **)malloc(size);
+   if (NULL == http->dvec)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   memcpy(http->dvec, vec, size);
+
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  parse_http_url
+ *
+ * Description :  Parse out the host and port from the URL.  Find the
+ *                hostname & path, port (if ':'), and/or password (if '@')
+ *
+ * Parameters  :
+ *          1  :  url = URL (or is it URI?) to break down
+ *          2  :  http = pointer to the http structure to hold elements.
+ *                       Must be initialized with valid values (like NULLs).
+ *          3  :  require_protocol = Whether or not URLs without
+ *                                   protocol are acceptable.
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out of memory
+ *                JB_ERR_PARSE on malformed command/URL
+ *                             or >100 domains deep.
+ *
+ *********************************************************************/
+jb_err parse_http_url(const char *url, struct http_request *http, int require_protocol)
+{
+   int host_available = 1; /* A proxy can dream. */
+
+   /*
+    * Save our initial URL
+    */
+   http->url = strdup(url);
+   if (http->url == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+
+   /*
+    * Check for * URI. If found, we're done.
+    */  
+   if (*http->url == '*')
+   {
+      if  ( NULL == (http->path = strdup("*"))
+         || NULL == (http->hostport = strdup("")) ) 
+      {
+         return JB_ERR_MEMORY;
+      }
+      if (http->url[1] != '\0')
+      {
+         return JB_ERR_PARSE;
+      }
+      return JB_ERR_OK;
+   }
+
+
+   /*
+    * Split URL into protocol,hostport,path.
+    */
+   {
+      char *buf;
+      char *url_noproto;
+      char *url_path;
+
+      buf = strdup(url);
+      if (buf == NULL)
+      {
+         return JB_ERR_MEMORY;
+      }
+
+      /* Find the start of the URL in our scratch space */
+      url_noproto = buf;
+      if (strncmpic(url_noproto, "http://",  7) == 0)
+      {
+         url_noproto += 7;
+      }
+      else if (strncmpic(url_noproto, "https://", 8) == 0)
+      {
+         /*
+          * Should only happen when called from cgi_show_url_info().
+          */
+         url_noproto += 8;
+         http->ssl = 1;
+      }
+      else if (*url_noproto == '/')
+      {
+        /*
+         * Short request line without protocol and host.
+         * Most likely because the client's request
+         * was intercepted and redirected into Privoxy.
+         */
+         http->host = NULL;
+         host_available = 0;
+      }
+      else if (require_protocol)
+      {
+         freez(buf);
+         return JB_ERR_PARSE;
+      }
+
+      url_path = strchr(url_noproto, '/');
+      if (url_path != NULL)
+      {
+         /*
+          * Got a path.
+          *
+          * NOTE: The following line ignores the path for HTTPS URLS.
+          * This means that you get consistent behaviour if you type a
+          * https URL in and it's parsed by the function.  (When the
+          * URL is actually retrieved, SSL hides the path part).
+          */
+         http->path = strdup(http->ssl ? "/" : url_path);
+         *url_path = '\0';
+         http->hostport = strdup(url_noproto);
+      }
+      else
+      {
+         /*
+          * Repair broken HTTP requests that don't contain a path,
+          * or CONNECT requests
+          */
+         http->path = strdup("/");
+         http->hostport = strdup(url_noproto);
+      }
+
+      freez(buf);
+
+      if ( (http->path == NULL)
+        || (http->hostport == NULL))
+      {
+         return JB_ERR_MEMORY;
+      }
+   }
+
+   if (!host_available)
+   {
+      /* Without host, there is nothing left to do here */
+      return JB_ERR_OK;
+   }
+
+   /*
+    * Split hostport into user/password (ignored), host, port.
+    */
+   {
+      char *buf;
+      char *host;
+      char *port;
+
+      buf = strdup(http->hostport);
+      if (buf == NULL)
+      {
+         return JB_ERR_MEMORY;
+      }
+
+      /* check if url contains username and/or password */
+      host = strchr(buf, '@');
+      if (host != NULL)
+      {
+         /* Contains username/password, skip it and the @ sign. */
+         host++;
+      }
+      else
+      {
+         /* No username or password. */
+         host = buf;
+      }
+
+      /* check if url contains port */
+      port = strchr(host, ':');
+      if (port != NULL)
+      {
+         /* Contains port */
+         /* Terminate hostname and point to start of port string */
+         *port++ = '\0';
+         http->port = atoi(port);
+      }
+      else
+      {
+         /* No port specified. */
+         http->port = (http->ssl ? 443 : 80);
+      }
+
+      http->host = strdup(host);
+
+      freez(buf);
+
+      if (http->host == NULL)
+      {
+         return JB_ERR_MEMORY;
+      }
+   }
+
+   /*
+    * Split domain name so we can compare it against wildcards
+    */
+   return init_domain_components(http);
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  unknown_method
+ *
+ * Description :  Checks whether a method is unknown.
+ *
+ * Parameters  :
+ *          1  :  method = points to a http method
+ *
+ * Returns     :  TRUE if it's unknown, FALSE otherwise.
+ *
+ *********************************************************************/
+static int unknown_method(const char *method)
+{
+   static const char *known_http_methods[] = {
+      /* Basic HTTP request type */
+      "GET", "HEAD", "POST", "PUT", "DELETE", "OPTIONS", "TRACE", "CONNECT",
+      /* webDAV extensions (RFC2518) */
+      "PROPFIND", "PROPPATCH", "MOVE", "COPY", "MKCOL", "LOCK", "UNLOCK",
+      /*
+       * Microsoft webDAV extension for Exchange 2000.  See:
+       * http://lists.w3.org/Archives/Public/w3c-dist-auth/2002JanMar/0001.html
+       * http://msdn.microsoft.com/library/en-us/wss/wss/_webdav_methods.asp
+       */ 
+      "BCOPY", "BMOVE", "BDELETE", "BPROPFIND", "BPROPPATCH",
+      /*
+       * Another Microsoft webDAV extension for Exchange 2000.  See:
+       * http://systems.cs.colorado.edu/grunwald/MobileComputing/Papers/draft-cohen-gena-p-base-00.txt
+       * http://lists.w3.org/Archives/Public/w3c-dist-auth/2002JanMar/0001.html
+       * http://msdn.microsoft.com/library/en-us/wss/wss/_webdav_methods.asp
+       */ 
+      "SUBSCRIBE", "UNSUBSCRIBE", "NOTIFY", "POLL",
+      /*
+       * Yet another WebDAV extension, this time for
+       * Web Distributed Authoring and Versioning (RFC3253)
+       */
+      "VERSION-CONTROL", "REPORT", "CHECKOUT", "CHECKIN", "UNCHECKOUT",
+      "MKWORKSPACE", "UPDATE", "LABEL", "MERGE", "BASELINE-CONTROL", "MKACTIVITY",
+   };
+   int i;
+
+   for (i = 0; i < SZ(known_http_methods); i++)
+   {
+      if (0 == strcmpic(method, known_http_methods[i]))
+      {
+         return FALSE;
+      }
+   }
+
+   return TRUE;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  parse_http_request
+ *
+ * Description :  Parse out the host and port from the URL.  Find the
+ *                hostname & path, port (if ':'), and/or password (if '@')
+ *
+ * Parameters  :
+ *          1  :  req = HTTP request line to break down
+ *          2  :  http = pointer to the http structure to hold elements
+ *
+ * Returns     :  JB_ERR_OK on success
+ *                JB_ERR_MEMORY on out of memory
+ *                JB_ERR_CGI_PARAMS on malformed command/URL
+ *                                  or >100 domains deep.
+ *
+ *********************************************************************/
+jb_err parse_http_request(const char *req, struct http_request *http)
+{
+   char *buf;
+   char *v[10]; /* XXX: Why 10? We should only need three. */
+   int n;
+   jb_err err;
+
+   memset(http, '\0', sizeof(*http));
+
+   buf = strdup(req);
+   if (buf == NULL)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   n = ssplit(buf, " \r\n", v, SZ(v), 1, 1);
+   if (n != 3)
+   {
+      freez(buf);
+      return JB_ERR_PARSE;
+   }
+
+   /*
+    * Fail in case of unknown methods
+    * which we might not handle correctly.
+    *
+    * XXX: There should be a config option
+    * to forward requests with unknown methods
+    * anyway. Most of them don't need special
+    * steps.
+    */
+   if (unknown_method(v[0]))
+   {
+      log_error(LOG_LEVEL_ERROR, "Unknown HTTP method detected: %s", v[0]);
+      freez(buf);
+      return JB_ERR_PARSE;
+   }
+
+   if (strcmpic(v[2], "HTTP/1.1") && strcmpic(v[2], "HTTP/1.0"))
+   {
+      log_error(LOG_LEVEL_ERROR, "The only supported HTTP "
+         "versions are 1.0 and 1.1. This rules out: %s", v[2]);
+      freez(buf);
+      return JB_ERR_PARSE;
+   }
+
+   http->ssl = !strcmpic(v[0], "CONNECT");
+
+   err = parse_http_url(v[1], http, !http->ssl);
+   if (err)
+   {
+      freez(buf);
+      return err;
+   }
+
+   /*
+    * Copy the details into the structure
+    */
+   http->cmd = strdup(req);
+   http->gpc = strdup(v[0]);
+   http->ver = strdup(v[2]);
+
+   freez(buf);
+
+   if ( (http->cmd == NULL)
+     || (http->gpc == NULL)
+     || (http->ver == NULL) )
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   return JB_ERR_OK;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  compile_pattern
+ *
+ * Description :  Compiles a host, domain or TAG pattern.
+ *
+ * Parameters  :
+ *          1  :  pattern = The pattern to compile.
+ *          2  :  anchoring = How the regex should be anchored.
+ *                            Can be either one of NO_ANCHORING,
+ *                            LEFT_ANCHORED or RIGHT_ANCHORED.
+ *          3  :  url     = In case of failures, the spec member is
+ *                          logged and the structure freed.
+ *          4  :  regex   = Where the compiled regex should be stored.
+ *
+ * Returns     :  JB_ERR_OK - Success
+ *                JB_ERR_MEMORY - Out of memory
+ *                JB_ERR_PARSE - Cannot parse regex
+ *
+ *********************************************************************/
+static jb_err compile_pattern(const char *pattern, enum regex_anchoring anchoring,
+                              struct url_spec *url, regex_t **regex)
+{
+   int errcode;
+   char rebuf[BUFFER_SIZE];
+   const char *fmt = NULL;
+
+   assert(pattern);
+   assert(strlen(pattern) < sizeof(rebuf) - 2);
+
+   if (pattern[0] == '\0')
+   {
+      *regex = NULL;
+      return JB_ERR_OK;
+   }
+
+   switch (anchoring)
+   {
+      case NO_ANCHORING:
+         fmt = "%s";
+         break;
+      case RIGHT_ANCHORED:
+         fmt = "%s$";
+         break;
+      case LEFT_ANCHORED:
+         fmt = "^%s";
+         break;
+      default:
+         log_error(LOG_LEVEL_FATAL,
+            "Invalid anchoring in compile_pattern %d", anchoring);
+   }
+
+   *regex = zalloc(sizeof(**regex));
+   if (NULL == *regex)
+   {
+      free_url_spec(url);
+      return JB_ERR_MEMORY;
+   }
+
+   snprintf(rebuf, sizeof(rebuf), fmt, pattern);
+
+   errcode = regcomp(*regex, rebuf, (REG_EXTENDED|REG_NOSUB|REG_ICASE));
+
+   if (errcode)
+   {
+      size_t errlen = regerror(errcode, *regex, rebuf, sizeof(rebuf));
+      if (errlen > (sizeof(rebuf) - (size_t)1))
+      {
+         errlen = sizeof(rebuf) - (size_t)1;
+      }
+      rebuf[errlen] = '\0';
+      log_error(LOG_LEVEL_ERROR, "error compiling %s from %s: %s",
+         pattern, url->spec, rebuf);
+      free_url_spec(url);
+
+      return JB_ERR_PARSE;
+   }
+
+   return JB_ERR_OK;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  compile_url_pattern
+ *
+ * Description :  Compiles the three parts of an URL pattern.
+ *
+ * Parameters  :
+ *          1  :  url = Target url_spec to be filled in.
+ *          2  :  buf = The url pattern to compile. Will be messed up.
+ *
+ * Returns     :  JB_ERR_OK - Success
+ *                JB_ERR_MEMORY - Out of memory
+ *                JB_ERR_PARSE - Cannot parse regex
+ *
+ *********************************************************************/
+static jb_err compile_url_pattern(struct url_spec *url, char *buf)
+{
+   char *p;
+
+   p = strchr(buf, '/');
+   if (NULL != p)
+   {
+      /*
+       * Only compile the regex if it consists of more than
+       * a single slash, otherwise it wouldn't affect the result.
+       */
+      if (p[1] != '\0')
+      {
+         /*
+          * XXX: does it make sense to compile the slash at the beginning?
+          */
+         jb_err err = compile_pattern(p, LEFT_ANCHORED, url, &url->preg);
+
+         if (JB_ERR_OK != err)
+         {
+            return err;
+         }
+      }
+      *p = '\0';
+   }
+
+   p = strchr(buf, ':');
+   if (NULL != p)
+   {
+      *p++ = '\0';
+      url->port_list = strdup(p);
+      if (NULL == url->port_list)
+      {
+         return JB_ERR_MEMORY;
+      }
+   }
+   else
+   {
+      url->port_list = NULL;
+   }
+
+   if (buf[0] != '\0')
+   {
+      return compile_host_pattern(url, buf);
+   }
+
+   return JB_ERR_OK;
+
+}
+
+
+#ifdef FEATURE_EXTENDED_HOST_PATTERNS
+/*********************************************************************
+ *
+ * Function    :  compile_host_pattern
+ *
+ * Description :  Parses and compiles a host pattern..
+ *
+ * Parameters  :
+ *          1  :  url = Target url_spec to be filled in.
+ *          2  :  host_pattern = Host pattern to compile.
+ *
+ * Returns     :  JB_ERR_OK - Success
+ *                JB_ERR_MEMORY - Out of memory
+ *                JB_ERR_PARSE - Cannot parse regex
+ *
+ *********************************************************************/
+static jb_err compile_host_pattern(struct url_spec *url, const char *host_pattern)
+{
+   return compile_pattern(host_pattern, RIGHT_ANCHORED, url, &url->host_regex);
+}
+
+#else
+
+/*********************************************************************
+ *
+ * Function    :  compile_host_pattern
+ *
+ * Description :  Parses and "compiles" an old-school host pattern.
+ *
+ * Parameters  :
+ *          1  :  url = Target url_spec to be filled in.
+ *          2  :  host_pattern = Host pattern to parse.
+ *
+ * Returns     :  JB_ERR_OK - Success
+ *                JB_ERR_MEMORY - Out of memory
+ *                JB_ERR_PARSE - Cannot parse regex
+ *
+ *********************************************************************/
+static jb_err compile_host_pattern(struct url_spec *url, const char *host_pattern)
+{
+   char *v[150];
+   size_t size;
+   char *p;
+
+   /*
+    * Parse domain part
+    */
+   if (host_pattern[strlen(host_pattern) - 1] == '.')
+   {
+      url->unanchored |= ANCHOR_RIGHT;
+   }
+   if (host_pattern[0] == '.')
+   {
+      url->unanchored |= ANCHOR_LEFT;
+   }
+
+   /* 
+    * Split domain into components
+    */
+   url->dbuffer = strdup(host_pattern);
+   if (NULL == url->dbuffer)
+   {
+      free_url_spec(url);
+      return JB_ERR_MEMORY;
+   }
+
+   /* 
+    * Map to lower case
+    */
+   for (p = url->dbuffer; *p ; p++)
+   {
+      *p = (char)tolower((int)(unsigned char)*p);
+   }
+
+   /* 
+    * Split the domain name into components
+    */
+   url->dcount = ssplit(url->dbuffer, ".", v, SZ(v), 1, 1);
+
+   if (url->dcount < 0)
+   {
+      free_url_spec(url);
+      return JB_ERR_MEMORY;
+   }
+   else if (url->dcount != 0)
+   {
+      /* 
+       * Save a copy of the pointers in dvec
+       */
+      size = (size_t)url->dcount * sizeof(*url->dvec);
+      
+      url->dvec = (char **)malloc(size);
+      if (NULL == url->dvec)
+      {
+         free_url_spec(url);
+         return JB_ERR_MEMORY;
+      }
+
+      memcpy(url->dvec, v, size);
+   }
+   /*
+    * else dcount == 0 in which case we needn't do anything,
+    * since dvec will never be accessed and the pattern will
+    * match all domains.
+    */
+   return JB_ERR_OK;
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  simplematch
+ *
+ * Description :  String matching, with a (greedy) '*' wildcard that
+ *                stands for zero or more arbitrary characters and
+ *                character classes in [], which take both enumerations
+ *                and ranges.
+ *
+ * Parameters  :
+ *          1  :  pattern = pattern for matching
+ *          2  :  text    = text to be matched
+ *
+ * Returns     :  0 if match, else nonzero
+ *
+ *********************************************************************/
+static int simplematch(const char *pattern, const char *text)
+{
+   const unsigned char *pat = (const unsigned char *)pattern;
+   const unsigned char *txt = (const unsigned char *)text;
+   const unsigned char *fallback = pat; 
+   int wildcard = 0;
+  
+   unsigned char lastchar = 'a';
+   unsigned i;
+   unsigned char charmap[32];
+  
+   while (*txt)
+   {
+
+      /* EOF pattern but !EOF text? */
+      if (*pat == '\0')
+      {
+         if (wildcard)
+         {
+            pat = fallback;
+         }
+         else
+         {
+            return 1;
+         }
+      }
+
+      /* '*' in the pattern?  */
+      if (*pat == '*') 
+      {
+     
+         /* The pattern ends afterwards? Speed up the return. */
+         if (*++pat == '\0')
+         {
+            return 0;
+         }
+     
+         /* Else, set wildcard mode and remember position after '*' */
+         wildcard = 1;
+         fallback = pat;
+      }
+
+      /* Character range specification? */
+      if (*pat == '[')
+      {
+         memset(charmap, '\0', sizeof(charmap));
+
+         while (*++pat != ']')
+         {
+            if (!*pat)
+            { 
+               return 1;
+            }
+            else if (*pat == '-')
+            {
+               if ((*++pat == ']') || *pat == '\0')
+               {
+                  return(1);
+               }
+               for (i = lastchar; i <= *pat; i++)
+               {
+                  charmap[i / 8] |= (unsigned char)(1 << (i % 8));
+               } 
+            }
+            else
+            {
+               charmap[*pat / 8] |= (unsigned char)(1 << (*pat % 8));
+               lastchar = *pat;
+            }
+         }
+      } /* -END- if Character range specification */
+
+
+      /* 
+       * Char match, or char range match? 
+       */
+      if ( (*pat == *txt)
+      ||   (*pat == '?')
+      ||   ((*pat == ']') && (charmap[*txt / 8] & (1 << (*txt % 8)))) )
+      {
+         /* 
+          * Sucess: Go ahead
+          */
+         pat++;
+      }
+      else if (!wildcard)
+      {
+         /* 
+          * No match && no wildcard: No luck
+          */
+         return 1;
+      }
+      else if (pat != fallback)
+      {
+         /*
+          * Increment text pointer if in char range matching
+          */
+         if (*pat == ']')
+         {
+            txt++;
+         }
+         /*
+          * Wildcard mode && nonmatch beyond fallback: Rewind pattern
+          */
+         pat = fallback;
+         /*
+          * Restart matching from current text pointer
+          */
+         continue;
+      }
+      txt++;
+   }
+
+   /* Cut off extra '*'s */
+   if(*pat == '*')  pat++;
+
+   /* If this is the pattern's end, fine! */
+   return(*pat);
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  simple_domaincmp
+ *
+ * Description :  Domain-wise Compare fqdn's.  The comparison is
+ *                both left- and right-anchored.  The individual
+ *                domain names are compared with simplematch().
+ *                This is only used by domain_match.
+ *
+ * Parameters  :
+ *          1  :  pv = array of patterns to compare
+ *          2  :  fv = array of domain components to compare
+ *          3  :  len = length of the arrays (both arrays are the
+ *                      same length - if they weren't, it couldn't
+ *                      possibly be a match).
+ *
+ * Returns     :  0 => domains are equivalent, else no match.
+ *
+ *********************************************************************/
+static int simple_domaincmp(char **pv, char **fv, int len)
+{
+   int n;
+
+   for (n = 0; n < len; n++)
+   {
+      if (simplematch(pv[n], fv[n]))
+      {
+         return 1;
+      }
+   }
+
+   return 0;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  domain_match
+ *
+ * Description :  Domain-wise Compare fqdn's. Governed by the bimap in
+ *                pattern->unachored, the comparison is un-, left-,
+ *                right-anchored, or both.
+ *                The individual domain names are compared with
+ *                simplematch().
+ *
+ * Parameters  :
+ *          1  :  pattern = a domain that may contain a '*' as a wildcard.
+ *          2  :  fqdn = domain name against which the patterns are compared.
+ *
+ * Returns     :  0 => domains are equivalent, else no match.
+ *
+ *********************************************************************/
+static int domain_match(const struct url_spec *pattern, const struct http_request *fqdn)
+{
+   char **pv, **fv;  /* vectors  */
+   int    plen, flen;
+   int unanchored = pattern->unanchored & (ANCHOR_RIGHT | ANCHOR_LEFT);
+
+   plen = pattern->dcount;
+   flen = fqdn->dcount;
+
+   if (flen < plen)
+   {
+      /* fqdn is too short to match this pattern */
+      return 1;
+   }
+
+   pv   = pattern->dvec;
+   fv   = fqdn->dvec;
+
+   if (unanchored == ANCHOR_LEFT)
+   {
+      /*
+       * Right anchored.
+       *
+       * Convert this into a fully anchored pattern with
+       * the fqdn and pattern the same length
+       */
+      fv += (flen - plen); /* flen - plen >= 0 due to check above */
+      return simple_domaincmp(pv, fv, plen);
+   }
+   else if (unanchored == 0)
+   {
+      /* Fully anchored, check length */
+      if (flen != plen)
+      {
+         return 1;
+      }
+      return simple_domaincmp(pv, fv, plen);
+   }
+   else if (unanchored == ANCHOR_RIGHT)
+   {
+      /* Left anchored, ignore all extra in fqdn */
+      return simple_domaincmp(pv, fv, plen);
+   }
+   else
+   {
+      /* Unanchored */
+      int n;
+      int maxn = flen - plen;
+      for (n = 0; n <= maxn; n++)
+      {
+         if (!simple_domaincmp(pv, fv, plen))
+         {
+            return 0;
+         }
+         /*
+          * Doesn't match from start of fqdn
+          * Try skipping first part of fqdn
+          */
+         fv++;
+      }
+      return 1;
+   }
+
+}
+#endif /* def FEATURE_EXTENDED_HOST_PATTERNS */
+
+
+/*********************************************************************
+ *
+ * Function    :  create_url_spec
+ *
+ * Description :  Creates a "url_spec" structure from a string.
+ *                When finished, free with free_url_spec().
+ *
+ * Parameters  :
+ *          1  :  url = Target url_spec to be filled in.  Will be
+ *                      zeroed before use.
+ *          2  :  buf = Source pattern, null terminated.  NOTE: The
+ *                      contents of this buffer are destroyed by this
+ *                      function.  If this function succeeds, the
+ *                      buffer is copied to url->spec.  If this
+ *                      function fails, the contents of the buffer
+ *                      are lost forever.
+ *
+ * Returns     :  JB_ERR_OK - Success
+ *                JB_ERR_MEMORY - Out of memory
+ *                JB_ERR_PARSE - Cannot parse regex (Detailed message
+ *                               written to system log)
+ *
+ *********************************************************************/
+jb_err create_url_spec(struct url_spec *url, char *buf)
+{
+   assert(url);
+   assert(buf);
+
+   memset(url, '\0', sizeof(*url));
+
+   /* Remember the original specification for the CGI pages. */
+   url->spec = strdup(buf);
+   if (NULL == url->spec)
+   {
+      return JB_ERR_MEMORY;
+   }
+
+   /* Is it tag pattern? */
+   if (0 == strncmpic("TAG:", url->spec, 4))
+   {
+      /* The pattern starts with the first character after "TAG:" */
+      const char *tag_pattern = buf + 4;
+      return compile_pattern(tag_pattern, NO_ANCHORING, url, &url->tag_regex);
+   }
+
+   /* If it isn't a tag pattern it must be a URL pattern. */
+   return compile_url_pattern(url, buf);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  free_url_spec
+ *
+ * Description :  Called from the "unloaders".  Freez the url
+ *                structure elements.
+ *
+ * Parameters  :
+ *          1  :  url = pointer to a url_spec structure.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void free_url_spec(struct url_spec *url)
+{
+   if (url == NULL) return;
+
+   freez(url->spec);
+#ifdef FEATURE_EXTENDED_HOST_PATTERNS
+   if (url->host_regex)
+   {
+      regfree(url->host_regex);
+      freez(url->host_regex);
+   }
+#else
+   freez(url->dbuffer);
+   freez(url->dvec);
+   url->dcount = 0;
+#endif /* ndef FEATURE_EXTENDED_HOST_PATTERNS */
+   freez(url->port_list);
+   if (url->preg)
+   {
+      regfree(url->preg);
+      freez(url->preg);
+   }
+   if (url->tag_regex)
+   {
+      regfree(url->tag_regex);
+      freez(url->tag_regex);
+   }
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  url_match
+ *
+ * Description :  Compare a URL against a URL pattern.
+ *
+ * Parameters  :
+ *          1  :  pattern = a URL pattern
+ *          2  :  url = URL to match
+ *
+ * Returns     :  Nonzero if the URL matches the pattern, else 0.
+ *
+ *********************************************************************/
+int url_match(const struct url_spec *pattern,
+              const struct http_request *http)
+{
+   /* XXX: these should probably be functions. */
+#define PORT_MATCHES ((NULL == pattern->port_list) || match_portlist(pattern->port_list, http->port))
+#ifdef FEATURE_EXTENDED_HOST_PATTERNS
+#define DOMAIN_MATCHES ((NULL == pattern->host_regex) || (0 == regexec(pattern->host_regex, http->host, 0, NULL, 0)))
+#else
+#define DOMAIN_MATCHES ((NULL == pattern->dbuffer) || (0 == domain_match(pattern, http)))
+#endif
+#define PATH_MATCHES ((NULL == pattern->preg) || (0 == regexec(pattern->preg, http->path, 0, NULL, 0)))
+
+   if (pattern->tag_regex != NULL)
+   {
+      /* It's a tag pattern and shouldn't be matched against URLs */
+      return 0;
+   } 
+
+   return (PORT_MATCHES && DOMAIN_MATCHES && PATH_MATCHES);
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  match_portlist
+ *
+ * Description :  Check if a given number is covered by a comma
+ *                separated list of numbers and ranges (a,b-c,d,..)
+ *
+ * Parameters  :
+ *          1  :  portlist = String with list
+ *          2  :  port = port to check
+ *
+ * Returns     :  0 => no match
+ *                1 => match
+ *
+ *********************************************************************/
+int match_portlist(const char *portlist, int port)
+{
+   char *min, *max, *next, *portlist_copy;
+
+   min = next = portlist_copy = strdup(portlist);
+
+   /*
+    * Zero-terminate first item and remember offset for next
+    */
+   if (NULL != (next = strchr(portlist_copy, (int) ',')))
+   {
+      *next++ = '\0';
+   }
+
+   /*
+    * Loop through all items, checking for match
+    */
+   while(min)
+   {
+      if (NULL == (max = strchr(min, (int) '-')))
+      {
+         /*
+          * No dash, check for equality
+          */
+         if (port == atoi(min))
+         {
+            freez(portlist_copy);
+            return(1);
+         }
+      }
+      else
+      {
+         /*
+          * This is a range, so check if between min and max,
+          * or, if max was omitted, between min and 65K
+          */
+         *max++ = '\0';
+         if(port >= atoi(min) && port <= (atoi(max) ? atoi(max) : 65535))
+         {
+            freez(portlist_copy);
+            return(1);
+         }
+
+      }
+
+      /*
+       * Jump to next item
+       */
+      min = next;
+
+      /*
+       * Zero-terminate next item and remember offset for n+1
+       */
+      if ((NULL != next) && (NULL != (next = strchr(next, (int) ','))))
+      {
+         *next++ = '\0';
+      }
+   }
+
+   freez(portlist_copy);
+   return 0;
+
+}
+
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/urlmatch.h b/external/privoxy/urlmatch.h
new file mode 100644
index 0000000..db5c60b
--- /dev/null
+++ b/external/privoxy/urlmatch.h
@@ -0,0 +1,136 @@
+#ifndef URLMATCH_H_INCLUDED
+#define URLMATCH_H_INCLUDED
+#define URLMATCH_H_VERSION "$Id: urlmatch.h,v 1.13 2009/03/02 19:18:11 fabiankeil Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/urlmatch.h,v $
+ *
+ * Purpose     :  Declares functions to match URLs against URL
+ *                patterns.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2002, 2006 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: urlmatch.h,v $
+ *    Revision 1.13  2009/03/02 19:18:11  fabiankeil
+ *    Streamline parse_http_request()'s prototype. As
+ *    cparser pointed out it doesn't actually use csp.
+ *
+ *    Revision 1.12  2008/05/04 16:18:32  fabiankeil
+ *    Provide parse_http_url() with a third parameter to specify
+ *    whether or not URLs without protocol are acceptable.
+ *
+ *    Revision 1.11  2008/05/04 13:30:55  fabiankeil
+ *    Streamline parse_http_url()'s prototype.
+ *
+ *    Revision 1.10  2008/04/14 18:11:21  fabiankeil
+ *    The compiler might not notice it, but the buffer passed to
+ *    create_url_spec() is modified later on and thus shouldn't
+ *    be declared immutable.
+ *
+ *    Revision 1.9  2008/04/08 16:07:39  fabiankeil
+ *    Make it harder to mistake url_match()'s
+ *    second parameter for an url_spec.
+ *
+ *    Revision 1.8  2007/09/02 15:31:20  fabiankeil
+ *    Move match_portlist() from filter.c to urlmatch.c.
+ *    It's used for url matching, not for filtering.
+ *
+ *    Revision 1.7  2007/01/06 14:24:38  fabiankeil
+ *    Mark *csp as immutable for parse_http_url()
+ *    and url_match().
+ *
+ *    Revision 1.6  2006/12/06 19:12:43  fabiankeil
+ *    Added prototype for init_domain_components().
+ *
+ *    Revision 1.5  2006/07/18 14:48:47  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.3  2002/03/26 22:29:55  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.2  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.1  2002/01/17 20:53:46  jongfoster
+ *    Moving all our URL and URL pattern parsing code to the same file - it
+ *    was scattered around in filters.c, loaders.c and parsers.c.
+ *
+ *    Providing a single, simple url_match(pattern,url) function - rather than
+ *    the 3-line match routine which was repeated all over the place.
+ *
+ *    Renaming free_url to free_url_spec, since it frees a struct url_spec.
+ *
+ *    Providing parse_http_url() so that URLs can be parsed without faking a
+ *    HTTP request line for parse_http_request() or repeating the parsing
+ *    code (both of which were techniques that were actually in use).
+ *
+ *    Standardizing that struct http_request is used to represent a URL, and
+ *    struct url_spec is used to represent a URL pattern.  (Before, URLs were
+ *    represented as seperate variables and a partially-filled-in url_spec).
+ *
+ *
+ *********************************************************************/
+
+
+#include "project.h"
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+extern void free_http_request(struct http_request *http);
+extern jb_err init_domain_components(struct http_request *http);
+extern jb_err parse_http_request(const char *req, struct http_request *http);
+extern jb_err parse_http_url(const char *url,
+                             struct http_request *http,
+                             int require_protocol);
+#define REQUIRE_PROTOCOL 1
+
+extern int url_match(const struct url_spec *pattern,
+                     const struct http_request *http);
+
+extern jb_err create_url_spec(struct url_spec *url, char *buf);
+extern void free_url_spec(struct url_spec *url);
+extern int match_portlist(const char *portlist, int port);
+
+
+/* Revision control strings from this header and associated .c file */
+extern const char urlmatch_rcs[];
+extern const char urlmatch_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef URLMATCH_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/user.action b/external/privoxy/user.action
new file mode 100644
index 0000000..7b18dd9
--- /dev/null
+++ b/external/privoxy/user.action
@@ -0,0 +1,169 @@
+######################################################################
+# 
+#  File        :  $Source: /cvsroot/ijbswa/current/user.action,v $
+# 
+#  $Id: user.action,v 1.9 2008/03/27 18:27:37 fabiankeil Exp $
+#
+#  Purpose     :  User-maintained actions file, see
+#                 http://www.privoxy.org/user-manual/actions-file.html
+#
+######################################################################
+
+# This is the place to add your personal exceptions and additions to
+# the general policies as defined in default.action. (Here they will be
+# safe from updates to default.action.) Later defined actions always
+# take precedence, so anything defined here should have the last word.
+
+# See http://www.privoxy.org/user-manual/actions-file.html, or the 
+# comments in default.action, for an explanation of what an "action" is
+# and what each action does.
+
+# The examples included here either use bogus sites, or have the actual
+# rules commented out (with the '#' character). Useful aliases are
+# included in the top section as a convenience.
+
+#############################################################################
+# Aliases
+#############################################################################
+{{alias}}
+#############################################################################
+#
+# You can define a short form for a list of permissions - e.g., instead
+# of "-crunch-incoming-cookies -crunch-outgoing-cookies -filter -fast-redirects",
+# you can just write "shop". This is called an alias.
+#
+# Currently, an alias can contain any character except space, tab, '=', '{'
+# or '}'.
+# But please use only 'a'-'z', '0'-'9', '+', and '-'.
+#
+# Alias names are not case sensitive.
+#
+# Aliases beginning with '+' or '-' may be used for system action names 
+# in future releases - so try to avoid alias names like this.  (e.g. 
+# "+crunch-all-cookies" below is not a good name)
+#
+# Aliases must be defined before they are used.
+# 
+# These aliases just save typing later:
+#
++crunch-all-cookies = +crunch-incoming-cookies +crunch-outgoing-cookies
+-crunch-all-cookies = -crunch-incoming-cookies -crunch-outgoing-cookies
+ allow-all-cookies  = -crunch-all-cookies -session-cookies-only -filter{content-cookies}
+ allow-popups       = -filter{all-popups} -filter{unsolicited-popups}
++block-as-image     = +block{Blocked image request.} +handle-as-image
+-block-as-image     = -block
+
+# These aliases define combinations of actions
+# that are useful for certain types of sites:
+#
+fragile     = -block -crunch-all-cookies -filter -fast-redirects -hide-referer -prevent-compression
+shop        = -crunch-all-cookies allow-popups
+
+# Your favourite blend of filters:
+#
+myfilters   = +filter{html-annoyances} +filter{js-annoyances} +filter{all-popups}\
+              +filter{webbugs} +filter{banners-by-size}
+
+# Allow ads for selected useful free sites:
+#
+allow-ads   = -block -filter{banners-by-size} -filter{banners-by-link}
+#... etc.  Customize to your heart's content.
+
+## end aliases ########################################################
+#######################################################################
+
+# Begin examples: #####################################################
+
+# Say you have accounts on some sites that you visit regularly, and you
+# don't want to have to log in manually each time. So you'd like to allow
+# persistent cookies for these sites. The allow-all-cookies alias defined
+# above does exactly that, i.e. it disables crunching of cookies in any
+# direction, and the processing of cookies to make them only temporary.
+#
+{ allow-all-cookies }
+#.sourceforge.net
+#sunsolve.sun.com
+#slashdot.org
+#.yahoo.com
+#.msdn.microsoft.com
+#.redhat.com
+
+# Say the site where you do your homebanking needs to open popup
+# windows, but you have chosen to kill popups uncoditionally by default.
+# This will allow it for your-example-bank.com:
+#
+{ -filter{all-popups} }
+.banking.example.com
+
+# Some hosts and some file types you may not want to filter for
+# various reasons:
+#
+{ -filter }
+
+# Technical documentation is likely to contain strings that might
+# erroneously get altered by the JavaScript-oriented filters:
+#
+#.tldp.org
+#/(.*/)?selfhtml/
+
+# And this stupid host sends streaming video with a wrong MIME type,
+# so that Privoxy thinks it is getting HTML and starts filtering:
+#
+stupid-server.example.com/
+
+
+# Example of a simple "block" action. Say you've seen an ad on your
+# favourite page on example.com that you want to get rid of. You have
+# right-clicked the image, selected "copy image location" and pasted
+# the URL below while removing the leading http://, into a { +block{reason} }
+# section. Note that { +handle-as-image } need not be specified, since
+# all URLs ending in .gif will be tagged as images by the general rules
+# as set in default.action anyway:
+#
+{ +block{Nasty ads.} }
+www.example.com/nasty-ads/sponsor.gif
+
+# The URLs of dynamically generated banners, especially from large banner
+# farms, often don't use the well-known image file name extensions, which
+# makes it impossible for Privoxy to guess the file type just by looking
+# at the URL. 
+# You can use the +block-as-image alias defined above for these cases.
+# Note that objects which match this rule but then turn out NOT to be an
+# image are typically rendered as a "broken image" icon by the browser.
+# Use cautiously.
+#
+{ +block-as-image }
+#.doubleclick.net
+#/Realmedia/ads/
+#ar.atwola.com/
+
+# Now you noticed that the default configuration breaks Forbes
+# Magazine, but you were too lazy to find out which action is the
+# culprit, and you were again too lazy to give feedback, so you just
+# used the fragile alias on the site, and -- whoa! -- it worked. The
+# 'fragile' aliases disables those actions that are most likely to break
+# a site. Also, good for testing purposes to see if it is Privoxy that
+# is causing the problem or not.
+# 
+{ fragile }
+#.forbes.com
+
+# Here are some sites we wish to support, and we will allow their ads
+# through.
+#
+{ allow-ads }
+#.sourceforge.net
+#.slashdot.org
+#.osdn.net
+
+# user.action is generally the best place to define exceptions and
+# additions to the default policies of default.action. Some actions are
+# safe to have their default policies set here though. So let's set a
+# default policy to have a 'blank' image as opposed to the checkerboard
+# pattern for ALL sites. '/' of course matches all URLs.
+# patterns:
+#
+{ +set-image-blocker{blank} }
+#/
+
+## set vi:nowrap tw=72
diff --git a/external/privoxy/user.filter b/external/privoxy/user.filter
new file mode 100644
index 0000000..98de1c6
--- /dev/null
+++ b/external/privoxy/user.filter
@@ -0,0 +1,75 @@
+# ********************************************************************
+# 
+#  File        :  $Source: /cvsroot/ijbswa/current/user.filter,v $
+# 
+#  $Id: user.filter,v 1.3 2008/05/21 20:17:03 fabiankeil Exp $
+#
+#  Purpose     :  Rules to process the content of web pages
+# 
+#  Copyright   :  Written by and Copyright (C) 2006-2008 the
+#                 Privoxy team. http://www.privoxy.org/
+#
+# We value your feedback. However, to provide you with the best support,
+# please note:
+#  
+#  * Use the support forum to get help:
+#    http://sourceforge.net/tracker/?group_id=11118&atid=211118
+#  * Submit bugs only thru our bug forum:
+#    http://sourceforge.net/tracker/?group_id=11118&atid=111118 
+#    Make sure that the bug has not already been submitted. Please try
+#    to verify that it is a Privoxy bug, and not a browser or site
+#    bug first. If you are using your own custom configuration, please
+#    try the stock configs to see if the problem is a configuration
+#    related bug. And if not using the latest development snapshot,
+#    please try the latest one. Or even better, CVS sources.
+#  * Submit feature requests only thru our feature request forum:
+#    http://sourceforge.net/tracker/?atid=361118&group_id=11118&func=browse
+#      
+# For any other issues, feel free to use the mailing lists:
+# http://sourceforge.net/mail/?group_id=11118
+#    
+# Anyone interested in actively participating in development and related
+# discussions can join the appropriate mailing list here:
+# http://sourceforge.net/mail/?group_id=11118. Archives are available
+# here too.
+# 
+#################################################################################
+#
+# Syntax:
+#
+# Generally filters start with a line like "FILTER: name description".
+# They are then referrable from the actionsfile with +filter{name}
+#
+# FILTER marks a filter as content filter, other filter
+# types are CLIENT-HEADER-FILTER, CLIENT-HEADER-TAGGER,
+# SERVER-HEADER-FILTER and SERVER-HEADER-TAGGER.
+#
+# Inside the filters, write one Perl-Style substitution (job) per line.
+# Jobs that precede the first FILTER: line are ignored.
+#
+# For Details see the pcrs manpage contained in this distribution.
+# (and the perlre, perlop and pcre manpages)
+#
+# Note that you are free to choose the delimiter as you see fit.
+#
+# Note2: In addition to the Perl options gimsx, the following nonstandard
+# options are supported:
+# 
+# 'U' turns the default to ungreedy matching.  Add ? to quantifiers to
+#     switch back to greedy.
+#
+# 'T' (trivial) prevents parsing for backreferences in the substitute.
+#     Use if you want to include text like '$&' in your substitute without
+#     quoting.
+#
+# 'D' (Dynamic) allows the use of variables. Supported variables are:
+#     $host, $origin (the IP address the request came from), $path and $url.
+#
+#     Note that '$' is a bad choice as delimiter for dynamic filters as you
+#     might end up with unintended variables if you use a variable name
+#     directly after the delimiter. Variables will be resolved without
+#     escaping anything, therefore you also have to be careful not to chose
+#     delimiters that appear in the replacement text. For example '<' should
+#     be save, while '?' will sooner or later cause conflicts with $url.
+# 
+#################################################################################
diff --git a/external/privoxy/utils/changelog2doc.pl b/external/privoxy/utils/changelog2doc.pl
new file mode 100755
index 0000000..a12cb32
--- /dev/null
+++ b/external/privoxy/utils/changelog2doc.pl
@@ -0,0 +1,66 @@
+#!/usr/bin/perl
+
+# $Id: changelog2doc.pl,v 1.2 2008/09/26 16:49:09 fabiankeil Exp $
+# $Source: /cvsroot/ijbswa/current/utils/changelog2doc.pl,v $
+
+# Filter to parse the ChangeLog and translate the changes for
+# the most recent version into something that looks like markup
+# for the documentation but still needs fine-tuning.
+
+use strict;
+use warnings;
+
+my @entries;
+
+sub read_entries() {
+    my $section_reached = 0;
+    my $i = -1;
+
+    while (<>) {
+        if (/^\*{3} /) {
+            last if $section_reached;
+            $section_reached = 1;
+            next;
+        }
+        next unless $section_reached;
+        next if /^\s*$/;
+
+        if (/^-/) {
+            $i++; 
+            $entries[$i] = '';
+        }
+        s@^-?\s*@@;
+
+        $entries[$i] .= $_;
+    }
+    print "Parsed " . @entries . " entries.\n";
+}
+
+sub generate_markup() {
+    my $markup = '';
+
+    $markup .= "<para>\n" .
+               " <itemizedlist>\n";
+
+    foreach my $entry (@entries) {
+        chomp $entry;
+        $entry =~ s@\n@\n    @g;
+        $markup .= "  <listitem>\n" .
+                   "   <para>\n" .
+                   "    " . $entry . "\n" .
+                   "   </para>\n" .
+                   "  </listitem>\n"
+                   ;
+    }
+    $markup .= " </itemizedlist>\n" .
+               "</para>\n";
+
+    print $markup;
+}
+
+sub main () {
+    read_entries();
+    generate_markup();
+}
+
+main();
diff --git a/external/privoxy/utils/docbook2man/COPYING b/external/privoxy/utils/docbook2man/COPYING
new file mode 100644
index 0000000..d60c31a
--- /dev/null
+++ b/external/privoxy/utils/docbook2man/COPYING
@@ -0,0 +1,340 @@
+		    GNU GENERAL PUBLIC LICENSE
+		       Version 2, June 1991
+
+ Copyright (C) 1989, 1991 Free Software Foundation, Inc.
+     59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+			    Preamble
+
+  The licenses for most software are designed to take away your
+freedom to share and change it.  By contrast, the GNU General Public
+License is intended to guarantee your freedom to share and change free
+software--to make sure the software is free for all its users.  This
+General Public License applies to most of the Free Software
+Foundation's software and to any other program whose authors commit to
+using it.  (Some other Free Software Foundation software is covered by
+the GNU Library General Public License instead.)  You can apply it to
+your programs, too.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+this service if you wish), that you receive source code or can get it
+if you want it, that you can change the software or use pieces of it
+in new free programs; and that you know you can do these things.
+
+  To protect your rights, we need to make restrictions that forbid
+anyone to deny you these rights or to ask you to surrender the rights.
+These restrictions translate to certain responsibilities for you if you
+distribute copies of the software, or if you modify it.
+
+  For example, if you distribute copies of such a program, whether
+gratis or for a fee, you must give the recipients all the rights that
+you have.  You must make sure that they, too, receive or can get the
+source code.  And you must show them these terms so they know their
+rights.
+
+  We protect your rights with two steps: (1) copyright the software, and
+(2) offer you this license which gives you legal permission to copy,
+distribute and/or modify the software.
+
+  Also, for each author's protection and ours, we want to make certain
+that everyone understands that there is no warranty for this free
+software.  If the software is modified by someone else and passed on, we
+want its recipients to know that what they have is not the original, so
+that any problems introduced by others will not reflect on the original
+authors' reputations.
+
+  Finally, any free program is threatened constantly by software
+patents.  We wish to avoid the danger that redistributors of a free
+program will individually obtain patent licenses, in effect making the
+program proprietary.  To prevent this, we have made it clear that any
+patent must be licensed for everyone's free use or not licensed at all.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+		    GNU GENERAL PUBLIC LICENSE
+   TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
+
+  0. This License applies to any program or other work which contains
+a notice placed by the copyright holder saying it may be distributed
+under the terms of this General Public License.  The "Program", below,
+refers to any such program or work, and a "work based on the Program"
+means either the Program or any derivative work under copyright law:
+that is to say, a work containing the Program or a portion of it,
+either verbatim or with modifications and/or translated into another
+language.  (Hereinafter, translation is included without limitation in
+the term "modification".)  Each licensee is addressed as "you".
+
+Activities other than copying, distribution and modification are not
+covered by this License; they are outside its scope.  The act of
+running the Program is not restricted, and the output from the Program
+is covered only if its contents constitute a work based on the
+Program (independent of having been made by running the Program).
+Whether that is true depends on what the Program does.
+
+  1. You may copy and distribute verbatim copies of the Program's
+source code as you receive it, in any medium, provided that you
+conspicuously and appropriately publish on each copy an appropriate
+copyright notice and disclaimer of warranty; keep intact all the
+notices that refer to this License and to the absence of any warranty;
+and give any other recipients of the Program a copy of this License
+along with the Program.
+
+You may charge a fee for the physical act of transferring a copy, and
+you may at your option offer warranty protection in exchange for a fee.
+
+  2. You may modify your copy or copies of the Program or any portion
+of it, thus forming a work based on the Program, and copy and
+distribute such modifications or work under the terms of Section 1
+above, provided that you also meet all of these conditions:
+
+    a) You must cause the modified files to carry prominent notices
+    stating that you changed the files and the date of any change.
+
+    b) You must cause any work that you distribute or publish, that in
+    whole or in part contains or is derived from the Program or any
+    part thereof, to be licensed as a whole at no charge to all third
+    parties under the terms of this License.
+
+    c) If the modified program normally reads commands interactively
+    when run, you must cause it, when started running for such
+    interactive use in the most ordinary way, to print or display an
+    announcement including an appropriate copyright notice and a
+    notice that there is no warranty (or else, saying that you provide
+    a warranty) and that users may redistribute the program under
+    these conditions, and telling the user how to view a copy of this
+    License.  (Exception: if the Program itself is interactive but
+    does not normally print such an announcement, your work based on
+    the Program is not required to print an announcement.)
+
+These requirements apply to the modified work as a whole.  If
+identifiable sections of that work are not derived from the Program,
+and can be reasonably considered independent and separate works in
+themselves, then this License, and its terms, do not apply to those
+sections when you distribute them as separate works.  But when you
+distribute the same sections as part of a whole which is a work based
+on the Program, the distribution of the whole must be on the terms of
+this License, whose permissions for other licensees extend to the
+entire whole, and thus to each and every part regardless of who wrote it.
+
+Thus, it is not the intent of this section to claim rights or contest
+your rights to work written entirely by you; rather, the intent is to
+exercise the right to control the distribution of derivative or
+collective works based on the Program.
+
+In addition, mere aggregation of another work not based on the Program
+with the Program (or with a work based on the Program) on a volume of
+a storage or distribution medium does not bring the other work under
+the scope of this License.
+
+  3. You may copy and distribute the Program (or a work based on it,
+under Section 2) in object code or executable form under the terms of
+Sections 1 and 2 above provided that you also do one of the following:
+
+    a) Accompany it with the complete corresponding machine-readable
+    source code, which must be distributed under the terms of Sections
+    1 and 2 above on a medium customarily used for software interchange; or,
+
+    b) Accompany it with a written offer, valid for at least three
+    years, to give any third party, for a charge no more than your
+    cost of physically performing source distribution, a complete
+    machine-readable copy of the corresponding source code, to be
+    distributed under the terms of Sections 1 and 2 above on a medium
+    customarily used for software interchange; or,
+
+    c) Accompany it with the information you received as to the offer
+    to distribute corresponding source code.  (This alternative is
+    allowed only for noncommercial distribution and only if you
+    received the program in object code or executable form with such
+    an offer, in accord with Subsection b above.)
+
+The source code for a work means the preferred form of the work for
+making modifications to it.  For an executable work, complete source
+code means all the source code for all modules it contains, plus any
+associated interface definition files, plus the scripts used to
+control compilation and installation of the executable.  However, as a
+special exception, the source code distributed need not include
+anything that is normally distributed (in either source or binary
+form) with the major components (compiler, kernel, and so on) of the
+operating system on which the executable runs, unless that component
+itself accompanies the executable.
+
+If distribution of executable or object code is made by offering
+access to copy from a designated place, then offering equivalent
+access to copy the source code from the same place counts as
+distribution of the source code, even though third parties are not
+compelled to copy the source along with the object code.
+
+  4. You may not copy, modify, sublicense, or distribute the Program
+except as expressly provided under this License.  Any attempt
+otherwise to copy, modify, sublicense or distribute the Program is
+void, and will automatically terminate your rights under this License.
+However, parties who have received copies, or rights, from you under
+this License will not have their licenses terminated so long as such
+parties remain in full compliance.
+
+  5. You are not required to accept this License, since you have not
+signed it.  However, nothing else grants you permission to modify or
+distribute the Program or its derivative works.  These actions are
+prohibited by law if you do not accept this License.  Therefore, by
+modifying or distributing the Program (or any work based on the
+Program), you indicate your acceptance of this License to do so, and
+all its terms and conditions for copying, distributing or modifying
+the Program or works based on it.
+
+  6. Each time you redistribute the Program (or any work based on the
+Program), the recipient automatically receives a license from the
+original licensor to copy, distribute or modify the Program subject to
+these terms and conditions.  You may not impose any further
+restrictions on the recipients' exercise of the rights granted herein.
+You are not responsible for enforcing compliance by third parties to
+this License.
+
+  7. If, as a consequence of a court judgment or allegation of patent
+infringement or for any other reason (not limited to patent issues),
+conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot
+distribute so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you
+may not distribute the Program at all.  For example, if a patent
+license would not permit royalty-free redistribution of the Program by
+all those who receive copies directly or indirectly through you, then
+the only way you could satisfy both it and this License would be to
+refrain entirely from distribution of the Program.
+
+If any portion of this section is held invalid or unenforceable under
+any particular circumstance, the balance of the section is intended to
+apply and the section as a whole is intended to apply in other
+circumstances.
+
+It is not the purpose of this section to induce you to infringe any
+patents or other property right claims or to contest validity of any
+such claims; this section has the sole purpose of protecting the
+integrity of the free software distribution system, which is
+implemented by public license practices.  Many people have made
+generous contributions to the wide range of software distributed
+through that system in reliance on consistent application of that
+system; it is up to the author/donor to decide if he or she is willing
+to distribute software through any other system and a licensee cannot
+impose that choice.
+
+This section is intended to make thoroughly clear what is believed to
+be a consequence of the rest of this License.
+
+  8. If the distribution and/or use of the Program is restricted in
+certain countries either by patents or by copyrighted interfaces, the
+original copyright holder who places the Program under this License
+may add an explicit geographical distribution limitation excluding
+those countries, so that distribution is permitted only in or among
+countries not thus excluded.  In such case, this License incorporates
+the limitation as if written in the body of this License.
+
+  9. The Free Software Foundation may publish revised and/or new versions
+of the General Public License from time to time.  Such new versions will
+be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+Each version is given a distinguishing version number.  If the Program
+specifies a version number of this License which applies to it and "any
+later version", you have the option of following the terms and conditions
+either of that version or of any later version published by the Free
+Software Foundation.  If the Program does not specify a version number of
+this License, you may choose any version ever published by the Free Software
+Foundation.
+
+  10. If you wish to incorporate parts of the Program into other free
+programs whose distribution conditions are different, write to the author
+to ask for permission.  For software which is copyrighted by the Free
+Software Foundation, write to the Free Software Foundation; we sometimes
+make exceptions for this.  Our decision will be guided by the two goals
+of preserving the free status of all derivatives of our free software and
+of promoting the sharing and reuse of software generally.
+
+			    NO WARRANTY
+
+  11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
+FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW.  EXCEPT WHEN
+OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
+PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
+OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
+MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.  THE ENTIRE RISK AS
+TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU.  SHOULD THE
+PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
+REPAIR OR CORRECTION.
+
+  12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
+REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
+INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
+OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
+TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
+YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
+PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
+POSSIBILITY OF SUCH DAMAGES.
+
+		     END OF TERMS AND CONDITIONS
+
+	    How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+  To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+convey the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the program's name and a brief idea of what it does.>
+    Copyright (C) <year>  <name of author>
+
+    This program is free software; you can redistribute it and/or modify
+    it under the terms of the GNU General Public License as published by
+    the Free Software Foundation; either version 2 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU General Public License for more details.
+
+    You should have received a copy of the GNU General Public License
+    along with this program; if not, write to the Free Software
+    Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+
+
+Also add information on how to contact you by electronic and paper mail.
+
+If the program is interactive, make it output a short notice like this
+when it starts in an interactive mode:
+
+    Gnomovision version 69, Copyright (C) year  name of author
+    Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'.
+    This is free software, and you are welcome to redistribute it
+    under certain conditions; type `show c' for details.
+
+The hypothetical commands `show w' and `show c' should show the appropriate
+parts of the General Public License.  Of course, the commands you use may
+be called something other than `show w' and `show c'; they could even be
+mouse-clicks or menu items--whatever suits your program.
+
+You should also get your employer (if you work as a programmer) or your
+school, if any, to sign a "copyright disclaimer" for the program, if
+necessary.  Here is a sample; alter the names:
+
+  Yoyodyne, Inc., hereby disclaims all copyright interest in the program
+  `Gnomovision' (which makes passes at compilers) written by James Hacker.
+
+  <signature of Ty Coon>, 1 April 1989
+  Ty Coon, President of Vice
+
+This General Public License does not permit incorporating your program into
+proprietary programs.  If your program is a subroutine library, you may
+consider it more useful to permit linking proprietary applications with the
+library.  If this is what you want to do, use the GNU Library General
+Public License instead of this License.
diff --git a/external/privoxy/utils/docbook2man/docbook2man-spec.pl b/external/privoxy/utils/docbook2man/docbook2man-spec.pl
new file mode 100644
index 0000000..4e6d484
--- /dev/null
+++ b/external/privoxy/utils/docbook2man/docbook2man-spec.pl
@@ -0,0 +1,1229 @@
+=head1 NAME
+
+docbook2man-spec - convert DocBook RefEntries to Unix manpages
+
+=head1 SYNOPSIS
+
+The SGMLSpm package from CPAN.  This contains the sgmlspl script which
+is used to grok this file.  Use it like this:
+
+nsgmls some-docbook-document.sgml | sgmlspl docbook2man-spec.pl
+
+=head1 DESCRIPTION
+
+This is a sgmlspl spec file that produces Unix-style
+manpages from RefEntry markup.
+
+See the accompanying RefEntry man page for 'plain new' documentation. :)
+
+=head1 LIMITATIONS
+
+Trying docbook2man on non-DocBook or non-conformant SGML results in
+undefined behavior. :-)
+
+This program is a slow, dodgy Perl script.
+
+This program does not come close to supporting all the possible markup
+in DocBook, and will produce wrong output in some cases with supported
+markup.
+
+=head1 TODO
+
+Add new element handling and fix existing handling.  Be robust.
+Produce cleanest, readable man output as possible (unlike some
+other converters).  Follow Linux man(7) convention.
+If this results in added logic in this script,
+that's okay.  The code should still be reasonably organized.
+
+Make it faster.  If Perl sucks port it to another language.
+
+=head1 COPYRIGHT
+
+Copyright (C) 1998-1999 Steve Cheng <steve at ggi-project.org>
+
+This program is free software; you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by the Free
+Software Foundation; either version 2, or (at your option) any later
+version.
+
+You should have received a copy of the GNU General Public License along with
+this program; see the file COPYING.  If not, please write to the Free
+Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
+
+=cut
+
+# $Id: docbook2man-spec.pl,v 1.4 2006/07/18 14:49:14 david__schmidt Exp $
+
+use SGMLS;			# Use the SGMLS package.
+use SGMLS::Output;		# Use stack-based output.
+use SGMLS::Refs;
+
+########################################################################
+# SGMLSPL script produced automatically by the script sgmlspl.pl
+#
+# Document Type: any, but processes only RefEntries
+# Edited by: me :)
+########################################################################
+
+$write_manpages = 0;
+$blank_xrefs = 0;
+
+sgml('start', sub { 
+	push_output('nul');
+	$raw_cdata = 1;			# Makes it a bit faster.
+	
+	# Links file
+	open(LINKSFILE, ">manpage.links");
+
+	$Refs = new SGMLS::Refs("manpage.refs");
+});
+sgml('end', sub {
+	close(LINKSFILE);
+	if($blank_xrefs) {
+		print STDERR "Warning: output contains unresolved XRefs\n";
+	}
+});
+
+
+
+
+########################################################################
+#
+# Output helpers 
+#
+########################################################################
+
+# Our own version of sgml() and output() to allow simple string output
+# to play well with roff's stupid whitespace rules. 
+
+sub man_sgml
+{
+	if(ref($_[1]) eq 'CODE') {
+		return &sgml;
+	}
+	
+	my $s = $_[1];
+
+	$s =~ s/\\/\\\\/g;
+	$s =~ s/'/\\'/g;
+
+	# \n at the beginning means start at beginning of line
+	if($s =~ s/^\n//) {
+		$sub = 'sub { output "\n" unless $newline_last++; ';
+		if($s eq '') { 
+			sgml($_[0], eval('sub { output "\n" unless $newline_last++; }'));
+		} elsif($s =~ /\n$/) {
+			sgml($_[0], eval("sub { output \"\\n\" unless \$newline_last++; output '$s'; }"));
+		} else {
+			sgml($_[0], eval("sub { output \"\\n\" unless \$newline_last; output '$s'; \$newline_last = 0; }"));
+		}
+	} else {
+		if($s =~ /\n$/) {
+			sgml($_[0], eval("sub { output '$s'; \$newline_last = 1; }"));
+		} else {
+			sgml($_[0], eval("sub { output '$s'; \$newline_last = 0; }"));
+		}
+	}
+}
+
+sub man_output
+{
+	$_ = shift;
+	if(s/^\n//) {
+		output "\n" unless $newline_last++;
+	}
+	return if $_ eq '';
+	
+	output $_;
+
+	if(@_) {
+		output @_;
+		$newline_last = (pop(@_) =~ /\n$/);
+	} else {
+		$newline_last = ($_ =~ /\n$/)
+	}
+}
+
+# Fold lines into one, quote some characters
+sub fold_string
+{
+	$_ = shift;
+	
+	s/\\/\\\\/g;
+	s/"/\\\&"/g;
+
+	# Change tabs to spaces
+	tr/\t\n/  /;
+
+	# Trim whitespace from beginning and end.
+	s/^ +//;
+	s/ +$//;
+
+	return $_;
+}
+	
+sub save_cdata()
+{
+	$raw_cdata++;
+	push_output('string');
+}
+
+sub bold_on()
+{
+	# If the last font is also bold, don't change anything.
+	# Basically this is to just get more readable man output.
+	if($fontstack[$#fontstack] ne 'bold') {
+		if(!$raw_cdata) {
+			output '\fB';
+			$newline_last = 0;
+		}
+	}
+	push(@fontstack, 'bold');
+}
+
+sub italic_on()
+{
+	# If the last font is also italic, don't change anything.
+	if($fontstack[$#fontstack] ne 'italic') {
+		if(!$raw_cdata) {
+			output '\fI';
+			$newline_last = 0;
+		}
+	}
+	push(@fontstack, 'italic');
+}
+
+sub font_off()
+{
+	my $thisfont = pop(@fontstack);
+	my $lastfont = $fontstack[$#fontstack];
+	
+	# Only output font change if it is different
+	if($thisfont ne $lastfont) {
+		if($raw_cdata)			{ return; }
+		elsif($lastfont eq 'bold') 	{ output '\fB'; }
+		elsif($lastfont eq 'italic')	{ output '\fI'; }
+		else				{ output '\fR'; }
+	
+		$newline_last = 0;
+	}
+}
+
+
+
+
+
+
+########################################################################
+#
+# Manpage management
+#
+########################################################################
+
+sgml('<REFENTRY>', sub { 
+	# This will be overwritten at end of REFMETA, when we know the name of the page.
+	pop_output();
+	
+	$write_manpages = 1;		# Currently writing manpage.
+	
+	$nocollapse_whitespace = 0;	# Current whitespace collapse counter.
+	$newline_last = 1;		# At beginning of line?
+		# Just a bit of warning, you will see this variable manipulated
+		# manually a lot.  It makes the code harder to follow but it
+		# saves you from having to worry about collapsing at the end of
+		# parse, stopping at verbatims, etc.
+	$raw_cdata = 0;                 # Instructs certain output functions to
+					# leave CDATA alone, so we can assign
+					# it to a string and process it, etc.
+	@fontstack = ();		# Fonts being activated.
+	
+	$manpage_title = '';		# Needed for indexing.
+	$manpage_sect = '';
+	@manpage_names = ();
+	
+	$manpage_misc = '';
+	
+	$list_nestlevel = 0;		# Indent certain nested content.
+});
+sgml('</REFENTRY>', sub {
+	if(!$newline_last) {
+		output "\n";
+	}
+	
+	$write_manpages = 0;
+	$raw_cdata = 1;
+	push_output('nul');
+});
+
+sgml('</REFMETA>', sub {
+	push_output('file', "$manpage_title.$manpage_sect");
+
+	output <<_END_BANNER;
+.\\" This manpage has been automatically generated by docbook2man 
+.\\" from a DocBook document.  This tool can be found at:
+.\\" <http://shell.ipoline.com/~elmert/comp/docbook2X/> 
+.\\" Please send any bug reports, improvements, comments, patches, 
+.\\" etc. to Steve Cheng <steve\@ggi-project.org>.
+_END_BANNER
+
+	my $manpage_date = `date "+%d %B %Y"`;
+		
+	output '.TH "';
+	
+	# If the title is not mixed-case, convention says to
+	# uppercase the whole title.  (The canonical title is
+	# lowercase.)
+	if($manpage_title =~ /[A-Z]/) {
+		output fold_string($manpage_title);
+	} else {
+		output uc(fold_string($manpage_title));
+	}
+	
+	output  '" "', fold_string($manpage_sect), 
+		'" "', fold_string(`date "+%d %B %Y"`), 
+		'" "', $manpage_misc, 
+		'" "', $manpage_manual, 
+		"\"\n";
+
+	$newline_last = 1;
+
+	# References to this RefEntry.
+	my $id = $_[0]->parent->attribute('ID')->value;
+	if($id ne '') {
+		# The 'package name' part of the section should
+		# not be used when citing it.
+		my ($sectnum) = ($manpage_sect =~ /([0-9]*)/);
+		
+		if($_[0]->parent->attribute('XREFLABEL')->value eq '') {
+			$Refs->put("refentry:$id", "$manpage_title($sectnum)");
+		} else {
+			$Refs->put("refentry:$id",
+				$_[0]->parent->attribute('XREFLABEL')->value . 
+				"($sectnum)");
+		}
+	}
+});
+
+sgml('<REFENTRYTITLE>', sub { 
+	if($_[0]->in('REFMETA')) { 
+		save_cdata();
+	} else { 
+		# Manpage citations are in bold.
+		bold_on();
+	}
+});
+sgml('</REFENTRYTITLE>', sub { 
+	if($_[0]->in('REFMETA')) {
+		$raw_cdata--;
+		$manpage_title = pop_output();
+	}
+	else { font_off(); }
+});
+
+sgml('<MANVOLNUM>', sub { 
+	if($_[0]->in('REFMETA')) { 
+		save_cdata();	
+	} else {
+		# Manpage citations use ().
+		output '(';
+	}
+});
+sgml('</MANVOLNUM>', sub { 
+	if($_[0]->in('REFMETA')) {
+		$raw_cdata--;
+		$manpage_sect = pop_output();
+	}
+	else { output ')' }
+});
+
+sgml('<REFMISCINFO>', \&save_cdata);
+sgml('</REFMISCINFO>', sub { 
+	$raw_cdata--;
+	$manpage_misc = fold_string(pop_output());
+});
+
+
+# NAME section
+man_sgml('<REFNAMEDIV>', "\n.SH NAME\n");
+
+sgml('<REFNAME>', \&save_cdata);
+sgml('</REFNAME>', sub { 
+	$raw_cdata--;
+	push(@manpage_names, pop_output());
+});
+
+sgml('<REFPURPOSE>', \&save_cdata);
+sgml('</REFPURPOSE>', sub { 
+	$raw_cdata--;
+	my $manpage_purpose = fold_string(pop_output());
+	
+	for(my $i = 0; $i < $#manpage_names; $i++) {
+		output fold_string($manpage_names[$i]), ', ';
+	}
+
+	output fold_string($manpage_names[$#manpage_names]);
+	output " \\- $manpage_purpose\n";
+
+	$newline_last = 1;
+
+	foreach(@manpage_names) {
+		# Don't link to itself
+		if($_ ne $manpage_title) {
+			print LINKSFILE "$manpage_title.$manpage_sect	$_.$manpage_sect\n";
+		}
+	}
+});
+	
+man_sgml('<REFCLASS>', "\n.sp\n");
+
+#RefDescriptor
+
+
+
+
+
+########################################################################
+#
+# SYNOPSIS section and synopses
+#
+########################################################################
+
+man_sgml('<REFSYNOPSISDIV>', "\n.SH SYNOPSIS\n");
+man_sgml('</REFSYNOPSISDIV>', "\n");
+
+## FIXME! Must be made into block elements!!
+#sgml('<FUNCSYNOPSIS>', \&bold_on);
+#sgml('</FUNCSYNOPSIS>', \&font_off);
+#sgml('<CMDSYNOPSIS>', \&bold_on);
+#sgml('</CMDSYNOPSIS>', \&font_off);
+
+man_sgml('<FUNCSYNOPSIS>', sub {
+	man_output("\n.sp\n");
+	bold_on();
+});
+man_sgml('</FUNCSYNOPSIS>', sub {
+	font_off();
+	man_output("\n");
+});
+
+man_sgml('<CMDSYNOPSIS>', "\n\n");
+man_sgml('</CMDSYNOPSIS>', "\n\n");
+
+man_sgml('<FUNCPROTOTYPE>', "\n.sp\n");
+
+# Arguments to functions.  This is C convention.
+sub paramdef
+{
+	if($_[0]->parent->ext->{'inparams'}) {
+		output ', ';
+	} else {
+		output ' (';
+		$_[0]->parent->ext->{'inparams'} = 1;
+	}
+}
+man_sgml('<PARAMDEF>', \&paramdef);
+man_sgml('</FUNCPROTOTYPE>', ");\n");
+man_sgml('<VOID>', "(void");
+man_sgml('<VARARGS>', "(...");
+
+
+
+sub group_start
+{
+	if(not $_[0]->parent->in('TERM')) {
+		if($_[0]->attribute('CHOICE')->value =~ /opt/i) {
+			output ' [';
+		} elsif($_[0]->attribute('CHOICE')->value =~ /req/i) {
+			output ' {';
+		}
+	}
+	$_[0]->ext->{'count'} = 1;
+}
+sub group_end
+{
+	if($_[0]->attribute('REP')->value =~ /^Repeat/i) {
+		italic_on();
+		output ' ...';
+		font_off();
+	}
+	if(not $_[0]->parent->in('TERM')) {
+		if($_[0]->attribute('CHOICE')->value =~ /opt/i) {
+			output ' ]';
+		} elsif($_[0]->attribute('CHOICE')->value =~ /req/i) {
+			output ' }';
+		}
+	}
+}
+
+sub arg_start
+{
+	# my $choice = $_[0]->attribute('CHOICE')->value;
+
+	# The content model for CmdSynopsis doesn't include #PCDATA,
+	# so we won't see any of the whitespace in the source file,
+	# so we have to add it after each component.
+	output ' ';
+
+	if($_[0]->in('GROUP')) {
+		output '| ' if $_[0]->parent->ext->{'count'} > 1;
+		$_[0]->parent->ext->{'count'}++;
+	} elsif($_[0]->attribute('CHOICE')->value =~ /opt/i) {
+		output '[ ';
+	}
+	bold_on();
+}
+sub arg_end
+{
+	font_off();
+	if($_[0]->attribute('REP')->value =~ /^Repeat/i) {
+		italic_on();
+		output ' ...';
+		font_off();
+	}
+	if($_[0]->attribute('CHOICE')->value =~ /opt/i and
+           not $_[0]->in('GROUP')) {
+		output ' ]';
+	}
+}
+
+sgml('<ARG>', \&arg_start);
+sgml('</ARG>', \&arg_end);
+sgml('<GROUP>', \&group_start);
+sgml('</GROUP>', \&group_end);
+
+sgml('<OPTION>', \&bold_on);
+sgml('</OPTION>', \&font_off);
+
+man_sgml('<SBR>', "\n   ");
+
+
+########################################################################
+#
+# General sections
+#
+########################################################################
+
+# The name of the section is handled by TITLE.  This just sets
+# up the roff markup.
+man_sgml('<REFSECT1>', "\n.SH ");
+man_sgml('<REFSECT2>', "\n.SS ");
+man_sgml('<REFSECT3>', "\n.SS ");
+
+
+########################################################################
+#
+# Titles, metadata.
+#
+########################################################################
+
+sgml('<TITLE>', sub {
+	if($_[0]->in('REFERENCE') or $_[0]->in('BOOK')) {
+		$write_manpages = 1;
+	}
+	save_cdata();
+});
+sgml('</TITLE>', sub { 
+	my $title = fold_string(pop_output());
+	$raw_cdata--;
+	
+	if($_[0]->in('REFERENCE') or $_[0]->in('BOOK')) {
+		# We use TITLE of enclosing Reference or Book as manual name
+		$manpage_manual = $title;
+		$write_manpages = 0;
+	}
+	elsif(exists $_[0]->parent->ext->{'title'}) {
+		# By far the easiest case.  Just fold the string as
+		# above, and then set the parent element's variable.
+		$_[0]->parent->ext->{'title'} = $title;
+	}
+	else {
+		# If the parent element's handlers are lazy, 
+		# output the folded string for them :)
+		# We assume they want uppercase and a newline.
+		output '"', uc($title), "\"\n";
+		$newline_last = 1;
+	}
+});
+
+sgml('<ATTRIBUTION>', sub { push_output('string') });
+sgml('</ATTRIBUTION>', sub { $_[0]->parent->ext->{'attribution'} = pop_output(); });
+
+
+# IGNORE.
+sgml('<DOCINFO>', sub { push_output('nul'); });
+sgml('</DOCINFO>', sub { pop_output(); });
+sgml('<REFSECT1INFO>', sub { push_output('nul'); });
+sgml('</REFSECT1INFO>', sub { pop_output(); });
+sgml('<REFSECT2INFO>', sub { push_output('nul'); });
+sgml('</REFSECT2INFO>', sub { pop_output(); });
+sgml('<REFSECT3INFO>', sub { push_output('nul'); });
+sgml('</REFSECT3INFO>', sub { pop_output(); });
+
+sgml('<INDEXTERM>', sub { push_output('nul'); });
+sgml('</INDEXTERM>', sub { pop_output(); });
+
+
+########################################################################
+#
+# Set bold on enclosed content 
+#
+########################################################################
+
+sgml('<APPLICATION>', \&bold_on);	sgml('</APPLICATION>', \&font_off);
+
+sgml('<CLASSNAME>', \&bold_on);		sgml('</CLASSNAME>', \&font_off);
+sgml('<STRUCTNANE>', \&bold_on);	sgml('</STRUCTNAME>', \&font_off);
+sgml('<STRUCTFIELD>', \&bold_on);	sgml('</STRUCTFIELD>', \&font_off);
+sgml('<SYMBOL>', \&bold_on);		sgml('</SYMBOL>', \&font_off);
+sgml('<TYPE>', \&bold_on);		sgml('</TYPE>', \&font_off);
+
+sgml('<ENVAR>', \&bold_on);	sgml('</ENVAR>', \&font_off);
+
+sgml('<FUNCTION>', \&bold_on);	sgml('</FUNCTION>', \&font_off);
+
+sgml('<EMPHASIS>', \&bold_on);	sgml('</EMPHASIS>', \&font_off);
+
+sgml('<ERRORNAME>', \&bold_on);	sgml('</ERRORNAME>', \&font_off);
+# ERRORTYPE
+
+sgml('<COMMAND>', \&bold_on);	sgml('</COMMAND>', \&font_off);
+
+sgml('<GUIBUTTON>', \&bold_on);	sgml('</GUIBUTTON>', \&font_off);
+sgml('<GUIICON>', \&bold_on);	sgml('</GUIICON>', \&font_off);
+# GUILABEL
+# GUIMENU
+# GUIMENUITEM
+# GUISUBMENU
+# MENUCHOICE
+# MOUSEBUTTON
+
+sgml('<ACCEL>', \&bold_on);	sgml('</ACCEL>', \&font_off);
+sgml('<KEYCAP>', \&bold_on);	sgml('</KEYCAP>', \&font_off);
+sgml('<KEYSYM>', \&bold_on);	sgml('</KEYSYM>', \&font_off);
+# KEYCODE
+# KEYCOMBO
+# SHORTCUT
+
+sgml('<USERINPUT>', \&bold_on);	sgml('</USERINPUT>', \&font_off);
+
+sgml('<INTERFACEDEFINITION>', \&bold_on);
+sgml('</INTERFACEDEFINITION>', \&font_off);
+
+# May need to look at the CLASS
+sgml('<SYSTEMITEM>', \&bold_on);
+sgml('</SYSTEMITEM>', \&font_off);
+
+
+
+
+
+########################################################################
+#
+# Set italic on enclosed content 
+#
+########################################################################
+
+sgml('<FIRSTTERM>', \&italic_on);	sgml('</FIRSTTERM>', \&font_off);
+
+sgml('<FILENAME>', \&italic_on);	sgml('</FILENAME>', \&font_off);
+sgml('<PARAMETER>', \&italic_on);	sgml('</PARAMETER>', \&font_off);
+sgml('<PROPERTY>', \&italic_on);	sgml('</PROPERTY>', \&font_off);
+
+sgml('<REPLACEABLE>', sub {
+	italic_on();
+	if($_[0]->in('TOKEN')) {
+		# When tokenizing, follow more 'intuitive' convention
+		output "<";
+	}
+});
+sgml('</REPLACEABLE>', sub {
+	if($_[0]->in('TOKEN')) {
+		output ">";
+	}
+	font_off();
+});
+
+sgml('<CITETITLE>', \&italic_on);	sgml('</CITETITLE>', \&font_off);
+sgml('<FOREIGNPHRASE>', \&italic_on);	sgml('</FOREIGNPHRASE>', \&font_off);
+
+sgml('<LINEANNOTATION>', \&italic_on);	sgml('</LINEANNOTATION>', \&font_off);
+
+
+
+
+
+
+########################################################################
+#
+# Other 'inline' elements 
+#
+########################################################################
+
+man_sgml('<EMAIL>', '<');
+man_sgml('</EMAIL>', '>');
+man_sgml('<OPTIONAL>', '[');
+man_sgml('</OPTIONAL>', ']');
+
+man_sgml('</TRADEMARK>', "\\u\\s-2TM\\s+2\\d");
+
+man_sgml('<COMMENT>', "[Comment: ");
+man_sgml('</COMMENT>', "]");
+
+man_sgml('<QUOTE>', "``");
+man_sgml('</QUOTE>', "''");
+
+#man_sgml('<LITERAL>', '"');
+#man_sgml('</LITERAL>', '"');
+
+# No special presentation:
+
+# AUTHOR
+# AUTHORINITIALS
+
+# ABBREV
+# ACTION
+# ACRONYM
+# ALT
+# CITATION
+# PHRASE
+# QUOTE
+# WORDASWORD
+
+# COMPUTEROUTPUT
+# MARKUP
+# PROMPT
+# RETURNVALUE
+# SGMLTAG
+# TOKEN
+
+# DATABASE
+# HARDWARE
+# INTERFACE
+# MEDIALABEL
+
+# There doesn't seem to be a good way to represent LITERAL in -man
+
+
+
+########################################################################
+#
+# Paragraph and paragraph-like elements 
+#
+########################################################################
+
+sub para_start {
+	output "\n" unless $newline_last++;
+
+	# In lists, etc., don't start paragraph with .PP since
+	# the indentation will be gone.
+
+	if($_[0]->parent->ext->{'nobreak'}==1) {
+		# Usually this is the FIRST element of
+		# a hanging tag, so we MUST not do a full
+		# paragraph break.
+		$_[0]->parent->ext->{'nobreak'} = 2;
+	} elsif($_[0]->parent->ext->{'nobreak'}==2) {
+		# Usually these are the NEXT elements of
+		# a hanging tag.  If we break using a blank
+		# line, we're okay.
+		output "\n";
+	} else {
+		# Normal case. (For indented blocks too, at least
+		# -man isn't so braindead in this area.)
+		output ".PP\n";
+	}
+}
+# Actually applies to a few other block elements as well
+sub para_end {
+	output "\n" unless $newline_last++; 
+}
+
+sgml('<PARA>', \&para_start);
+sgml('</PARA>', \&para_end);
+sgml('<SIMPARA>', \&para_start);
+sgml('</SIMPARA>', \&para_end);
+
+# Nothing special, except maybe FIXME set nobreak.
+sgml('<INFORMALEXAMPLE>', \&para_start);
+sgml('</INFORMALEXAMPLE>', \&para_end);
+
+
+
+
+
+########################################################################
+#
+# Blocks using SS sections
+#
+########################################################################
+
+# FIXME: We need to consider the effects of SS
+# in a hanging tag :(
+
+# Complete with the optional-title dilemma (again).
+sgml('<ABSTRACT>', sub {
+	$_[0]->ext->{'title'} = 'ABSTRACT';
+	output "\n" unless $newline_last++;
+	push_output('string');
+});
+sgml('</ABSTRACT>', sub {
+	my $content = pop_output();
+	
+	# As ABSTRACT is never on the same level as RefSect1,
+	# this leaves us with only .SS in terms of -man macros.
+	output ".SS \"", uc($_[0]->ext->{'title'}), "\"\n";
+
+	output $content;
+	output "\n" unless $newline_last++;
+});
+
+# Ah, I needed a break.  Example always has a title.
+man_sgml('<EXAMPLE>', "\n.SS ");
+sgml('</EXAMPLE>', \&para_end);
+
+# Same with sidebar.
+man_sgml('<SIDEBAR>', "\n.SS ");
+sgml('</SIDEBAR>', \&para_end);
+
+# NO title.
+man_sgml('<HIGHLIGHTS>', "\n.SS HIGHLIGHTS\n");
+sgml('</HIGHLIGHTS>', \&para_end);
+
+
+
+
+########################################################################
+#
+# Indented 'Block' elements 
+#
+########################################################################
+
+sub indent_block_start
+{
+	output "\n" unless $newline_last++;
+	output ".sp\n.RS\n";
+}
+sub indent_block_end
+{
+	output "\n" unless $newline_last++;
+	output ".RE\n";
+}
+
+# This element is almost like an admonition (below),
+# only the default title is blank :)
+
+sgml('<BLOCKQUOTE>', sub { 
+	$_[0]->ext->{'title'} = ''; 
+	output "\n" unless $newline_last++;
+	push_output('string');
+});
+sgml('</BLOCKQUOTE>', sub {
+	my $content = pop_output();
+
+	indent_block_start();
+	
+	if($_[0]->ext->{'title'}) {
+		output ".B \"", $_[0]->ext->{'title'}, ":\"\n";
+	}
+	
+	output $content;
+
+	if($_[0]->ext->{'attribution'}) {
+		output "\n" unless $newline_last++;
+		# One place where roff's space-sensitivity makes sense :)
+		output "\n                -- ";
+		output $_[0]->ext->{'attribution'} . "\n";
+	}
+	
+	indent_block_end();
+});
+
+# Set off admonitions from the rest of the text by indenting.
+# FIXME: Need to check if this works inside paragraphs, not enclosing them.
+sub admonition_end {
+	my $content = pop_output();
+
+	indent_block_start();
+	
+	# When the admonition is only one paragraph,
+	# it looks nicer if the title was inline.
+	my $num_para;
+	while ($content =~ /^\.PP/gm) { $num_para++ }
+	if($num_para==1) {
+		$content =~ s/^\.PP\n//;
+	}
+	
+	output ".B \"" . $_[0]->ext->{'title'} . ":\"\n";
+	output $content;
+	
+	indent_block_end();
+}
+
+sgml('<NOTE>', sub {
+	# We can't see right now whether or not there is a TITLE
+	# element, so we have to save the output now and add it back
+	# at the end of this admonition.
+	$_[0]->ext->{'title'} = 'Note';
+
+	# Although admonition_end's indent_block_start will do this,
+	# we need to synchronize the output _now_
+	output "\n" unless $newline_last++;
+
+	push_output('string');
+});
+sgml('</NOTE>', \&admonition_end);
+
+# Same as above.
+sgml('<WARNING>', sub { 
+	$_[0]->ext->{'title'} = 'Warning'; 
+	output "\n" unless $newline_last++;
+	push_output('string');
+});
+sgml('</WARNING>', \&admonition_end);
+
+sgml('<TIP>', sub {
+	$_[0]->ext->{'title'} = 'Tip';
+	output "\n" unless $newline_last++;
+	push_output('string');
+});
+sgml('</TIP>', \&admonition_end);
+sgml('<CAUTION>', sub {
+	$_[0]->ext->{'title'} = 'Caution';
+	output "\n" unless $newline_last++;
+	push_output('string');
+});
+sgml('</CAUTION>', \&admonition_end);
+
+sgml('<IMPORTANT>', sub {
+	$_[0]->ext->{'title'} = 'Important';
+	output "\n" unless $newline_last++;
+	push_output('string');
+});
+sgml('</IMPORTANT>', \&admonition_end);
+
+
+
+
+
+
+
+
+
+
+
+
+########################################################################
+#
+# Verbatim displays. 
+#
+########################################################################
+
+sub verbatim_start {
+	output "\n" unless $newline_last++;
+	
+	if($_[0]->parent->ext->{'nobreak'}==1) {
+		# Usually this is the FIRST element of
+		# a hanging tag, so we MUST not do a full
+		# paragraph break.
+		$_[0]->parent->ext->{'nobreak'} = 2;
+	} else {
+		output "\n";
+	}
+	
+	output(".nf\n") unless $nocollapse_whitespace++;
+}
+
+sub verbatim_end {
+	output "\n" unless $newline_last++;
+	output(".fi\n") unless --$nocollapse_whitespace;
+}
+
+sgml('<PROGRAMLISTING>', \&verbatim_start); 
+sgml('</PROGRAMLISTING>', \&verbatim_end);
+
+sgml('<SCREEN>', \&verbatim_start); 
+sgml('</SCREEN>', \&verbatim_end);
+
+sgml('<LITERALLAYOUT>', \&verbatim_start); 
+sgml('</LITERALLAYOUT>', \&verbatim_end);
+
+#sgml('<SYNOPSIS>', sub {
+#	if($_[0]->attribute('FORMAT')->value =~ /linespecific/i) {
+#		&verbatim_start;
+#	} else {
+#		roffcmd("");
+#	}
+#});
+#
+#sgml('</SYNOPSIS>', sub {
+#	if($_[0]->attribute('FORMAT')->value =~ /linespecific/i) {
+#		&verbatim_end;
+#	}
+#	else {
+#		roffcmd("");# not sure about this.
+#	}
+#});
+sgml('<SYNOPSIS>', \&verbatim_start);
+sgml('</SYNOPSIS>', \&verbatim_end);
+
+
+
+
+
+
+
+
+
+########################################################################
+#
+# Lists
+#
+########################################################################
+
+# Indent nested lists.
+sub indent_list_start {
+	if($list_nestlevel++) {
+		output "\n" unless $newline_last++;
+		output ".RS\n";
+	}
+}
+sub indent_list_end {
+	if(--$list_nestlevel) {
+		output "\n" unless $newline_last++;
+		output ".RE\n";
+	}
+}
+
+sgml('<VARIABLELIST>', \&indent_list_start);
+sgml('</VARIABLELIST>', \&indent_list_end);
+sgml('<ITEMIZEDLIST>', \&indent_list_start);
+sgml('</ITEMIZEDLIST>', \&indent_list_end);
+sgml('<ORDEREDLIST>', sub { 
+	indent_list_start();
+	$_[0]->ext->{'count'} = 1;
+});
+sgml('</ORDEREDLIST>', \&indent_list_end);
+sgml('<GLOSSLIST>', \&indent_list_start);
+sgml('</GLOSSLIST>', \&indent_list_end);
+		
+# Output content on one line, bolded.
+sgml('<TERM>', sub { 
+	output "\n" unless $newline_last++;
+	output ".TP\n";
+	bold_on();
+	push_output('string');
+});
+sgml('</TERM>', sub { 
+	my $term = pop_output();
+	$term =~ tr/\n/ /;
+	output $term;
+	font_off();
+	output "\n";
+	$newline_last = 1;
+});
+sgml('<GLOSSTERM>', sub { 
+	output "\n" unless $newline_last++;
+	output ".TP\n";
+	bold_on();
+	push_output('string');
+});
+sgml('</GLOSSTERM>', sub { 
+	my $term = pop_output();
+	$term =~ tr/\n/ /;
+	output $term;
+	font_off();
+	output "\n";
+	$newline_last = 1;
+});
+	
+sgml('<LISTITEM>', sub {
+	# A bulleted list.
+	if($_[0]->in('ITEMIZEDLIST')) {
+		output "\n" unless $newline_last++;
+		output ".TP 0.2i\n\\(bu\n";
+	}
+
+	# Need numbers.
+	# Assume Arabic numeration for now.
+	elsif($_[0]->in('ORDEREDLIST')) {
+		output "\n" unless $newline_last++;
+		output ".TP 3\n", $_[0]->parent->ext->{'count'}++, ". \n";
+	}
+	
+	$_[0]->ext->{'nobreak'} = 1;
+});
+sgml('<GLOSSDEF>', sub {
+	$_[0]->ext->{'nobreak'} = 1;
+});
+
+sgml('<SIMPLELIST>', sub {
+	$_[0]->ext->{'first_member'} = 1;
+});
+
+sgml('<MEMBER>', sub {
+	my $parent = $_[0]->parent;
+	
+	if($parent->attribute('TYPE')->value =~ /Inline/i) {
+		if($parent->ext->{'first_member'}) { 
+			# If this is the first member don't put any commas
+			$parent->ext->{'first_member'} = 0;
+		} else {
+			output ", ";
+		}
+	} elsif($parent->attribute('TYPE')->value =~ /Vert/i) {
+		output "\n" unless $newline_last++;
+		output "\n";
+	}
+});
+
+
+
+
+
+########################################################################
+#
+# Stuff we don't know how to handle (yet) 
+#
+########################################################################
+
+# Address blocks:
+
+# Credit stuff:
+# ACKNO
+# ADDRESS
+# AFFILIATION
+# ARTPAGENUMS
+# ATTRIBUTION
+# AUTHORBLURB
+# AUTHORGROUP
+# OTHERCREDIT
+# HONORIFIC
+
+# Areas:
+# AREA
+# AREASET
+# AREASPEC
+
+
+
+
+
+########################################################################
+#
+# Linkage, cross references
+#
+########################################################################
+
+# Print the URL
+sgml('</ULINK>', sub {
+	output ' <URL:', $_[0]->attribute('URL')->value, '>';
+	$newline_last = 0;
+});
+
+# If cross reference target is a RefEntry, 
+# output CiteRefEntry-style references.
+sgml('<XREF>', sub {
+	my $id = $_[0]->attribute('LINKEND')->value;
+	my $manref = $Refs->get("refentry:$id");
+
+	if($manref) {
+		my ($title, $sect) = ($manref =~ /(.*)(\(.*\))/);
+		bold_on();
+		output $title;
+		font_off();
+		output $sect;
+	} else {
+		$blank_xrefs++ if $write_manpages;
+		output "[XRef to $id]";
+	}
+
+	$newline_last = 0;
+});
+
+# Anchor
+
+
+
+
+########################################################################
+#
+# Other handlers 
+#
+########################################################################
+
+man_sgml('|[lt    ]|', '<');
+man_sgml('|[gt    ]|', '>');
+man_sgml('|[amp   ]|', '&');
+
+#
+# Default handlers (uncomment these if needed).  Right now, these are set
+# up to gag on any unrecognised elements, sdata, processing-instructions,
+# or entities.
+#
+# sgml('start_element',sub { die "Unknown element: " . $_[0]->name; });
+# sgml('end_element','');
+
+# This is for weeding out and escaping certain characters.
+# This looks like it's inefficient since it's done on every line, but
+# in reality, SGMLSpm and sgmlspl parsing ESIS takes _much_ longer.
+
+sgml('cdata', sub
+{ 
+	if(!$write_manpages) { return; }
+	elsif($raw_cdata) { output $_[0]; return; }
+	
+	# Escape backslashes
+	$_[0] =~ s/\\/\\\\/g;
+
+	# In non-'pre'-type elements:
+	if(!$nocollapse_whitespace) {
+		# Change tabs to spaces
+		$_[0] =~ tr/\t/ /;
+
+		# Do not allow indents at beginning of line
+		# groff chokes on that.
+		if($newline_last) { 
+			$_[0] =~ s/^ +//;
+
+			# If the line is all blank, don't do anything.
+			if($_[0] eq '') { return; }
+			
+			$_[0] =~ s/^\./\\\&\./;
+
+			# Argh... roff doesn't like ' either...
+			$_[0] =~ s/^\'/\\\&\'/;
+		}
+	}
+
+	$newline_last = 0;
+
+	output $_[0];
+});
+
+
+# When in whitespace-collapsing mode, we disallow consecutive newlines.
+
+sgml('re', sub
+{
+	if($nocollapse_whitespace || !$newline_last) {
+		output "\n";
+	}
+
+	$newline_last = 1;
+});
+
+sgml('sdata',sub
+{
+	if($_[0] =~ /\[minus \]/) { output "-"; }
+	elsif($_[0] =~ /\[copy  \]/) { output "(C)"; }
+	elsif($_[0] =~ /\[nbsp  \]/) { output " "; }
+	else { die "Unknown SDATA: " . $_[0]; }
+});
+sgml('pi',sub { die "Unknown processing instruction: " . $_[0]; });
+sgml('entity',sub { die "Unknown external entity: " . $_[0]->name; });
+sgml('start_subdoc',sub { die "Unknown subdoc entity: " . $_[0]->name; });
+sgml('end_subdoc','');
+sgml('conforming','');
+
+1;
+
diff --git a/external/privoxy/utils/docbook2man/docbook2man-spec.pl.1 b/external/privoxy/utils/docbook2man/docbook2man-spec.pl.1
new file mode 100644
index 0000000..4d2bf3b
--- /dev/null
+++ b/external/privoxy/utils/docbook2man/docbook2man-spec.pl.1
@@ -0,0 +1,99 @@
+.\" This manpage has been automatically generated by docbook2man 
+.\" from a DocBook document.  This tool can be found at:
+.\" <http://shell.ipoline.com/~elmert/comp/docbook2X/> 
+.\" Please send any bug reports, improvements, comments, patches, 
+.\" etc. to Steve Cheng <steve at ggi-project.org>.
+.TH "DOCBOOK2MAN-SPEC.PL" "1" "27 June 2002" "" ""
+.SH NAME
+docbook2man-spec.pl \- convert DocBook RefEntries to man pages
+.SH SYNOPSIS
+
+\fBsgmlspl\fR \fBdocbook2man-spec.pl\fR
+
+
+\fBnsgmls\fR [ \fB\fIsgml document\fB\fR ]\fB| sgmlspl\fR \fBdocbook2man-spec.pl\fR
+
+.SH "DESCRIPTION"
+.PP
+\fBdocbook2man\fR is a sgmlspl spec file that produced man
+pages (using the -man macros) from DocBook RefEntry markup.
+.PP
+The program reads ESIS produced by nsgmls (or other SGML parsers) from
+standard input.  Markup not found in RefEntry is discarded.
+.PP
+Its output, the converted man pages, are written to the current directory.  If
+RefMeta information is not specified in a
+RefEntry, then the man page will be written to standard
+output.
+.PP
+The file \fImanpage.links\fR will also be created, which contains
+any aliases of the manpages generated.  This file is in the format:
+
+.nf
+\fI<man page>\fR \fI<alias
+manpage>\fR
+.fi
+.PP
+The \fImanpage.refs\fR file keeps track of
+XRef references.  Note that if the input document has any
+forward references, then \fBdocbook2man\fR may have to be
+invoked twice (the first time updating \fImanpage.refs\fR) to
+resolve them.
+.SH "REQUIREMENTS"
+
+The SGMLSpm package from CPAN.  This package includes the sgmlspl script
+that is also needed.
+.SH "LIMITATIONS"
+.PP
+Trying \fBdocbook2man\fR on non-DocBook or non-conformant
+SGML results in undefined behavior. :-)
+.PP
+This program is a slow, dodgy Perl script.
+.PP
+This program does not come close to supporting all the possible markup
+in DocBook, and may produce wrong output in some cases with supported
+markup.
+.SH "TO DO"
+.PP
+Obvious stuff:
+.TP 0.2i
+\(bu
+Fix \fBdocbook2man\fR breakages found in
+the test documents, especially
+\fIweird.sgml\fR.
+.TP 0.2i
+\(bu
+Add new element handling and fix existing handling.  
+Be robust.  
+.TP 0.2i
+\(bu
+Produce cleanest, readable man output as possible (unlike some
+other converters).  Follow Linux
+\fBman\fR(7)
+convention.  As conversion to man pages is usually not done very often, it is
+better to be slower/more complicated than to produce wrong output.  Also if
+someone wants to give up using DocBook for whatever reason, the last-converted
+man pages can then be maintained manually.  
+.TP 0.2i
+\(bu
+Make it faster. I think most of the speed problems so far is with parsing
+ESIS.  Rewrite \fISGMLS.pm\fR with C and/or get input directly
+from \fBSP\fR.
+.TP 0.2i
+\(bu
+Support other (human) languages.  But what to do with non-ASCII charsets?
+SGMLSpm doesn't report them and \fBroff\fR does not grok them.
+[Comment: text after enclosed lists (and SS blocks) will break docbook2man]
+If we do this, more people can use DocBook.
+.SH "COPYRIGHT"
+.PP
+Copyright (C) 1998-1999 Steve Cheng <steve at ggi-project.org>
+.PP
+This program is free software; you can redistribute it and/or modify it
+under the terms of the GNU General Public License as published by the
+Free Software Foundation; either version 2, or (at your option) any
+later version.
+.PP
+You should have received a copy of the GNU General Public License along with
+this program; see the file \fICOPYING\fR.  If not, please write
+to the Free Software Foundation, 675 Mass Ave, Cambridge, MA 02139, USA.
diff --git a/external/privoxy/utils/filter2docs.pl b/external/privoxy/utils/filter2docs.pl
new file mode 100755
index 0000000..b47e92e
--- /dev/null
+++ b/external/privoxy/utils/filter2docs.pl
@@ -0,0 +1,81 @@
+#!/usr/bin/perl
+
+# $Id: filter2docs.pl,v 1.6 2009/01/13 16:48:09 fabiankeil Exp $
+# $Source: /cvsroot/ijbswa/current/utils/filter2docs.pl,v $
+
+# Parse the filter names and descriptions from a filter file and
+# spit out copy&paste-ready markup for the various places in
+# configuration and documentation where all filters are listed.
+
+use strict;
+use warnings;
+
+my (%comment_lines, %action_lines, %sgml_source_1, %sgml_source_2);
+
+sub main() {
+
+    die "Usage: $0 filter-file\n" unless (@ARGV == 1) ;
+    open(INPUT, "< $ARGV[0]") or die "Coudln't open input file $ARGV[0] because $!\n";
+
+    parse_file();
+    print_markup();
+}
+
+sub parse_file() {
+    while (<INPUT>) {
+        if (/^((?:(?:SERVER|CLIENT)-HEADER-)?(?:FILTER|TAGGER)): ([-\w]+) (.*)$/) {
+            my $type_uc = $1;
+            my $name = $2;
+            my $description = $3;
+            my $type = lc($type_uc);
+
+            my $white_space = ' ' x (($type eq 'filter' ? 20 : 27) - length($name));
+
+            $comment_lines{$type} .= "#     $name:" . $white_space . "$description\n";
+            $action_lines{$type}  .= "+$type" . "{$name} \\\n";
+            $sgml_source_1{$type} .= "   <para>\n    <anchor id=\"$type-$name\">\n" .
+                "    <screen>+$type" . "{$name}" . $white_space .
+                "# $description</screen>\n   </para>\n";
+            $sgml_source_2{$type} .= ' -<link linkend="' . $type_uc . "-" .
+                uc($name) . "\">$type" . "{$name}</link> \\\n";
+        }
+    }
+}
+
+sub print_markup() {
+
+    my @filter_types = (
+        'filter',
+        'server-header-filter',
+        'client-header-filter',
+        'server-header-tagger',
+        'client-header-tagger'
+    );
+
+    foreach my $type (@filter_types) {
+
+        next unless defined $action_lines{$type};
+
+        print "=" x 90;
+        
+        print <<"        DOCMARKUP";
+
+Producing $type markup:
+
+Comment lines for default.action:
+
+$comment_lines{$type}
+Block of $type actions for default.action:
+
+$action_lines{$type}
+SGML Source for AF chapter in U-M:
+
+$sgml_source_1{$type}
+SGML Source for AF Tutorial chapter in U-M:
+
+$sgml_source_2{$type}
+        DOCMARKUP
+    }
+}
+
+main();
diff --git a/external/privoxy/utils/ldp_print/README b/external/privoxy/utils/ldp_print/README
new file mode 100644
index 0000000..833ae0b
--- /dev/null
+++ b/external/privoxy/utils/ldp_print/README
@@ -0,0 +1,80 @@
+
+######################################################################
+    ldp_print -  print tool/script for DocBook SGML/XML documents 
+######################################################################
+
+ Copyright (C) 2002-2000  - Greg Ferguson (gferg at metalab.unc.edu)
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 2 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program; if not, write to the Free Software
+ Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307 USA
+
+######################################################################
+
+This process/script is used in the production environment for the
+LDP.  It relies on the HTMLDOC software package (GPL'ed) which can be
+obtained from the Easy Software Products (c) web site:
+
+        http://www.easysw.com/htmldoc/
+
+This process creates a PDF variant from the single-file HTML
+representation of a DocBook SGML (or XML) instance. The simple
+wrapper script (ldp_print) assumes that the file was created using
+{open}jade in a manner similar to:
+
+        jade -t sgml -i html -V nochunks -d $style $fname > $fname.html
+
+Give the script the filename as an argument. It will then parse the
+file into 'title.html' and 'body.html' and send each to htmldoc (as
+the corresponding title page and body of the document).
+
+
+CAVEATS
+=======
+
+o  Assumes perl is in /usr/bin; adjust if necessary
+
+o  You may need to specify where the htmldoc executable resides.
+   The script assumes it's within your $PATH.
+
+o  If you want Postscript as an output variant, uncomment the
+   appropriate lines (see below).
+
+o  Relies on output from a DocBook instance created via DSSSL/{open}jade!
+
+o  Cleans up (removes) the intermediate files it creates (but not the
+   PDF or Postscript files, obviously!)
+
+o  Works silently; PDF (PostScript) will be created in the same directory
+   as was specified for the input (single-file HTML) file.
+
+o  Provided without warranty or support!
+
+o  I ran into a problem with htmldoc v1.8.8 which required a source
+   code change (I was getting a core dump from the htmldoc process).
+   Here is the change required:
+
+	htmldoc/ps-pdf.cxx :
+	3662,3665d3661
+	<      /* gjf = 11Oct2000 */
+	<      if( temprow == NULL )
+	<          break;
+	< 
+
+   UPDATE (2001-10-10): It appears that later versions of htmldoc
+   have this problem corrected. The patch is not required.
+
+====
+Greg Ferguson / gferg (at) metalab.unc.edu
+11 Jan 2000
+
diff --git a/external/privoxy/utils/ldp_print/VERSION b/external/privoxy/utils/ldp_print/VERSION
new file mode 100644
index 0000000..8f00eb7
--- /dev/null
+++ b/external/privoxy/utils/ldp_print/VERSION
@@ -0,0 +1 @@
+0.7.0, 2002-04-04
diff --git a/external/privoxy/utils/ldp_print/fix_print_html.lib b/external/privoxy/utils/ldp_print/fix_print_html.lib
new file mode 100644
index 0000000..fdb9ab4
--- /dev/null
+++ b/external/privoxy/utils/ldp_print/fix_print_html.lib
@@ -0,0 +1,227 @@
+#
+# fix_print_html.lib
+#
+#   Dan Scott  / <dan.scott (at) acm.org>
+#   Ferg       / <gferg (at) sgi.com>
+#
+#   Used to prepare single-file HTML variant for PDF/Postscript creation
+#   thru htmldoc.
+#
+# log:
+#     16Oct2000 - 0.1   - initial entry <gferg (at) sgi.com>
+#     03Apr2001 - 0.2   - fix for <preface>
+#     05Jul2001 - 0.3   - fix for <tt> and -f
+#     12Oct2001 - 0.4   - fix for sections; loop thru both files (body/title)
+#     27Nov2001 - 0.5   - fixed bug in determining where doc-index lies
+#     18Jan2002 - 0.5.1 - entity fix (822*)
+#     02Apr2002 - 0.6   - misc fixes (bibliography/appendix, etc).
+#     04Apr2002 - 0.7   - fix for newer DSSSL
+#
+
+sub fix_print_html {
+
+   my($in,$out,$ttl) = @_;
+
+   open(IN_FILE, "< $in") || do {
+        print "fix_print_html: cannot open $in: $!\n";
+        return 0;
+   };
+
+   my($buf, $ttl_buf) = '';
+   my($indx) = -1;
+   my($is_article) = 1;
+   while(<IN_FILE>) {
+
+         if( $indx == 1 ) {
+
+             # ignore everything until we see the chapter or sect
+             #
+             if( $_ =~ /CLASS="CHAP/i || $_ =~ /CLASS="PREF/i
+                 ||
+                 $_ =~ /CLASS="SECT/i )  {
+
+                 $buf .= $_;
+                 $indx++;
+
+             } else {
+                 next;
+             }
+
+         } elsif( $indx == 0 ) {
+
+             # write out the title page file
+             #
+             if( $_ =~ /CLASS="TOC"/ ) {
+
+                 $ttl_buf .= "></DIV>\n</BODY>\n</HTML>\n"; 
+                 $ttl_buf =~ s/<\/H1\n/<\/H1\n><P><BR><BR\n/ms;
+                 $ttl_buf =~ s/<HR><\/DIV\n><HR>/<HR><\/DIV\n>/ms;
+                 &fix_html(\$ttl_buf, 1);
+                 
+                 open(TOC_FILE, "> $ttl") || do {
+                      print "fix_print_html: cannot open $ttl: $!\n";
+                      close(IN_FILE);
+                      return 0;
+                 };
+                 print TOC_FILE $ttl_buf;
+                 close(TOC_FILE);
+                 $ttl_buf = '';
+                 $indx++;
+
+             } else {
+                $ttl_buf .= $_;
+             }
+
+         } elsif( $indx < 0 ) {
+
+             if( $_ =~ /CLASS="BOOK"/i ) {
+                 $is_article = 0;
+             }
+
+             # up to this point, both buffers get the line
+             #
+             if( $_ =~ /CLASS="TITLEPAGE"/ ) {
+
+                 $ttl_buf .= $_ . ">\n<P>\n<BR><BR><BR><BR>\n<\/P\n";
+                 $indx++;
+
+             } else {
+                 $buf .= $_;
+                 $ttl_buf .= $_;
+             }
+
+         } else {
+
+             $buf .= $_;
+         }
+   }
+   close(IN_FILE);
+
+
+   # fix body file
+   #
+   open(OUT_FILE, "> $out") || do {
+        print "fix_print_html: cannot open $out: $!\n";
+        return 0;
+   };
+
+   &fix_html(\$buf, $is_article);
+
+   print OUT_FILE $buf;
+   close(OUT_FILE);
+
+
+   return 1;
+}
+
+
+sub fix_html {
+   
+   my($buf, $is_article) = @_;
+   my($indx) = -1;
+
+
+   # make corrections and write out the file
+   #
+
+   $$buf =~ s/(\n><LI\n)><P\n(.*?)<\/P\n>/$1$2\n/gms;
+   $$buf =~ s/(\n><LI\n><DIV\nCLASS="FORMALPARA"\n)><P\n(.*?)<\/P\n>/$1$2\n/gms;
+   $$buf =~ s/(\n><LI\nSTYLE="[^\"]+"\n)><P\n(.*?)<\/P\n>/$1$2\n/gms;
+   if( $is_article == 0 ) {
+       $$buf =~ 
+         s/(\nCLASS="SECT[TION\d]+"\n>)<H1\n(.*?)<\/H1/$1<H0\n$2<\/H0/gims;
+       $$buf =~ 
+         s/(\nCLASS="SECT[TION\d]+"\n><HR>)<H1\n(.*?)<\/H1/$1<H0\n$2<\/H0/gims;
+   }
+   $$buf =~ s/<H1(\nCLASS="INDEXDIV"\n)(.*?)<\/H1/<H2$1$2<\/H2/gims;
+   if( ($indx = rindex($$buf, "<H1\n><A\nNAME=\"DOC-INDEX\"")) > -1 ) {
+       $$buf = substr($$buf, 0, $indx);
+       $$buf .= "\n<\/BODY>\n<\/HTML>\n\n";
+   } elsif( ($indx = rindex($$buf, "<H1\n><A\nNAME=\"doc-index\"")) > -1 ) {
+       $$buf = substr($$buf, 0, $indx);
+       $$buf .= "\n<\/BODY>\n<\/HTML>\n\n";
+   }
+
+   $$buf =~ s/\&\#13;//g;
+   $$buf =~ s/\&\#60;/\</g;
+   $$buf =~ s/\&\#62;/\>/g;
+   $$buf =~ s/\&\#8211;/\-/g;
+   $$buf =~ s/\&\#8220;/\"/g;
+   $$buf =~ s/\&\#8221;/\"/g;
+   $$buf =~ s/WIDTH=\"\d\"//g;
+   $$buf =~ s/><[\/]*TBODY//g;
+   $$buf =~ s/><[\/]*THEAD//g;
+   $$buf =~ s/TYPE=\"1\"\n//gim;
+
+   $$buf =~ s/<P\nCLASS="LITERALLAYOUT"(.*?)<\/P/<P CLASS="LITERALLAYOUT"><FONT FACE=\"courier\"$1<\/FONT><\/P/gms;
+
+   my($cnt, $j) = 0;
+
+   if( $$buf !~ /<H1/ ) {
+       
+       # for newer docbook styles, set h2 to h1, etc.
+       #
+       for($cnt=2; $cnt < 7; $cnt++ ) {
+           $j = $cnt - 1;
+           $$buf =~ s/<H${cnt}/<H${j}/g;
+           $$buf =~ s/<\/H${cnt}/<\/H${j}/g;
+       }
+
+   } elsif( $is_article == 0 ) {
+
+       # decrement the headers by 1 and then re-set the
+       # chapter level only to H1...
+       #
+       for($cnt=5; $cnt >= 0; $cnt--) {
+           $j = $cnt + 1;
+           if( $cnt == 0 ) {
+               $j = 2;
+           }
+           $$buf =~ s/<H${cnt}/<H${j}/g;
+           $$buf =~ s/<\/H${cnt}/<\/H${j}/g;
+       }
+
+       my(@l) = split(/\n/, $$buf);
+       for( $cnt=0; $cnt < (@l + 0); $cnt++ ) {
+
+            if( $j == 1 ) {
+                if( $l[$cnt] =~ /<DIV/ ) {
+                    $j = 0;
+                    next;
+                }
+                $l[$cnt] =~ s/<H2/<H1/g;
+                $l[$cnt] =~ s/<\/H2/<\/H1/g;
+            }
+
+            if( $l[$cnt] =~ /^CLASS=\"CHAP/i
+                ||
+                $l[$cnt] =~ /^NAME=\"BIBL/i
+                ||
+                $l[$cnt] =~ /^CLASS=\"APPENDIX/i
+                ||
+                $l[$cnt] =~ /^CLASS=\"GLOSSARY/i
+                ||
+                $l[$cnt] =~ /^CLASS=\"PREF/i ) {
+                $j = 1;
+            }
+       }
+
+       $$buf = join("\n", @l);
+
+   }
+   $$buf =~ s/><DIV\nCLASS="\w+"\n//gms;
+   $$buf =~ s/><\/DIV\n//gms;
+
+   $buf =~ s/<SPAN\n[^>]*?>//gms;
+   $buf =~ s/<\/SPAN\n>//gms;
+
+   $$buf =~ s/(><LI\n)><P\n(.*?)<\/P\n>(<\/LI\n)/$1$2$3/gms;
+
+   return;
+}
+
+
+# Return true from package include
+#
+1;
+
diff --git a/external/privoxy/utils/ldp_print/ldp_print b/external/privoxy/utils/ldp_print/ldp_print
new file mode 100755
index 0000000..35b6053
--- /dev/null
+++ b/external/privoxy/utils/ldp_print/ldp_print
@@ -0,0 +1,72 @@
+#!/usr/bin/perl -w
+#
+# usage: ldp_print <single_file.html>
+#
+# Creates a PDF variant of a single-file HTML representation of a
+# DocBook SGML (or XML) instance. This simple wrapper assumes that
+# the file was created using {open}jade in a manner similar to:
+#
+#	jade -t sgml -i html -V nochunks -d $style $fname > $fname.html
+#
+# Give this script the filename as an argument. It will then parse
+# the file into 'title.html' and 'body.html' and send each to
+# htmldoc (as the corresponding title page and body of the document).
+#
+#
+# CAVEATS:
+#
+# Assumes perl is in /usr/bin; adjust if necessary
+#
+# You may need to specify where the htmldoc executable resides.
+# The script assumes it's within your $PATH.
+#
+# If you want Postscript as an output variant, uncomment the 
+# appropriate lines (see below).
+#
+# Relies on output from a DocBook instance created via DSSSL/{open}jade!
+#
+# Cleans up (removes) the intermediate files it creates (but not the
+# PDF or Postscript files, obviously!)
+#
+# Works silently; PDF (PostScript) will be created in the same directory
+# as was specified for the input (single-file HTML) file.
+#
+# Provided without warranty or support!
+#
+#	gferg at sgi.com / Ferg (used as part of the LDP production env)
+#
+
+use strict;
+push(@INC, "./");
+require 'fix_print_html.lib';
+
+if( $ARGV[0] eq '' || !(-r $ARGV[0]) ) {
+    die "\nusage: ldp_print <single_file.html>\n\n";
+}
+
+my($fname_wo_ext) = $ARGV[0];
+$fname_wo_ext =~ s/\.[\w]+$//;
+
+
+# create new files from single HTML file to use for print
+#
+&fix_print_html($ARGV[0], 'body.html', 'title.html');
+
+my($cmd) = "htmldoc --size universal --bodyfont helvetica --fontsize 8 " .
+           "-t pdf -f ${fname_wo_ext}.pdf --firstpage p1 --titlefile title.html" .
+           " body.html --footer c.1";
+
+# For postscript output; append onto the above cmd string:
+#
+#          "; htmldoc --size universal -t ps -f ${fname_wo_ext}.ps " .
+#          "--firstpage p1 --titlefile title.html body.html";
+#
+system($cmd);
+die "\nldp_print: could not create ${fname_wo_ext}.pdf ($!)\n" if ($?);
+
+# cleanup
+#
+system("rm -f body.html title.html");
+
+exit(0);
+
diff --git a/external/privoxy/utils/prepare-configfile.pl b/external/privoxy/utils/prepare-configfile.pl
new file mode 100755
index 0000000..e3b2b55
--- /dev/null
+++ b/external/privoxy/utils/prepare-configfile.pl
@@ -0,0 +1,50 @@
+#!/usr/local/bin/perl
+
+use strict;
+use warnings;
+
+sub main() {
+    my $hit_header = 0;
+    my $hit_option = 0;
+    my $header_len;
+
+    while (<>) {
+        s/^1\. \@\@TITLE\@\@/     /i;
+
+        if (m/^(\d\.)(\d\.)(\d\.)?\s/) {
+            # Remove the first digit as it's the
+            # config file section in the User Manual.
+            s/^(\d\.)//;
+
+            # If it's a section header, uppercase it.
+            $_ = uc() if (/^\d\.\s+/);
+
+            # Remember to underline it.
+            $hit_header = 1;
+            $header_len = length($_);
+        }
+
+        s/^/#  /;
+
+        # XXX: someone should figure out what this stuff
+        # is supposed to do (and if it really does that).
+        s/^#  #/####/ if /^#  #{12,}/;
+        s/^.*$// if $hit_option;
+        $hit_option = 0;
+        s/^\n//;
+        s/^#\s*-{20,}//;
+        s/ *$//;
+        $hit_option = 1 if s/^#\s+@@//;
+    
+        print;
+
+        if ($hit_header) {
+            # The previous line was a section
+            # header so we better underline it.
+            die "Invalid header length" unless defined $header_len;
+            print "#  " . "=" x $header_len . "\n";
+            $hit_header = 0;
+        };
+    }
+}
+main();
diff --git a/external/privoxy/vc_config_pthreads.h b/external/privoxy/vc_config_pthreads.h
new file mode 100644
index 0000000..638f5bd
--- /dev/null
+++ b/external/privoxy/vc_config_pthreads.h
@@ -0,0 +1,484 @@
+#ifndef CONFIG_H_INCLUDED
+#define CONFIG_H_INCLUDED
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/vc_config_pthreads.h,v $
+ *
+ * Purpose     :  This file should be the first thing included in every
+ *                .c file.  (Before even system headers).  It contains 
+ *                #define statements for various features.  It was
+ *                introduced because the compile command line started
+ *                getting ludicrously long with feature defines.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: vc_config_pthreads.h,v $
+ *    Revision 1.6  2008/03/27 18:27:38  fabiankeil
+ *    Remove kill-popups action.
+ *
+ *    Revision 1.5  2006/07/18 14:48:47  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.3  2002/05/03 22:54:24  jongfoster
+ *    Version number bump to 2.9.15
+ *
+ *    Revision 1.2  2002/04/26 18:26:09  jongfoster
+ *    Bumping version numbers
+ *
+ *    Revision 1.1  2002/04/06 20:38:01  jongfoster
+ *    Renaming VC++ versions of config.h
+ *
+ *    Revision 1.20  2002/04/03 22:28:03  gliptak
+ *    Removed references to gnu_regex
+ *
+ *    Revision 1.19  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.18  2002/03/24 17:08:12  jongfoster
+ *    Version number bump
+ *
+ *    Revision 1.17  2002/03/24 13:33:26  swa
+ *    name change related issues
+ *
+ *    Revision 1.16  2002/03/16 14:27:22  jongfoster
+ *    Ignoring a very common warning.
+ *
+ *    Revision 1.15  2002/03/13 00:28:32  jongfoster
+ *    Hiding all the warnings generated by #include<windows.h>
+ *
+ *    Revision 1.14  2001/11/30 21:35:54  jongfoster
+ *    Bumping version number to 2.9.10
+ *
+ *    Revision 1.13  2001/10/23 21:24:09  jongfoster
+ *    Support for FEATURE_CGI_EDIT_ACTIONS
+ *
+ *    Revision 1.12  2001/10/07 15:33:14  oes
+ *    Removed FEATURE_DENY_GZIP
+ *    Bumped up version number
+ *
+ *    Revision 1.11  2001/09/16 16:59:34  jongfoster
+ *    Bugfix - couldn't build resources with previous version.
+ *
+ *    Revision 1.10  2001/09/16 16:19:02  jongfoster
+ *    New version based on latest configure.in and acconfig.h
+ *
+ *    Revision 1.9  2001/07/30 22:16:07  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.8  2001/07/25 19:16:27  oes
+ *    Bumping version number to 2.9.8
+ *
+ *    Revision 1.7  2001/07/21 18:00:07  jongfoster
+ *    Bumping version number to 2.9.7
+ *
+ *    Revision 1.6  2001/07/15 20:08:40  jongfoster
+ *    New build files for VC++ which provide the option of POSIX
+ *    or Win32 threads.
+ *
+ *    Revision 1.5  2001/07/15 18:00:46  jongfoster
+ *    Renaming STATIC to STATIC_PCRE.
+ *    Replacing this file with one built by "configure" from
+ *    "config.h.in", for consistency.
+ *
+ *    Revision 1.6  2001/07/15 17:54:29  jongfoster
+ *    Renaming #define STATIC to STATIC_PCRE
+ *    Adding new #define FEATURE_PTHREAD that will be used to enable
+ *    POSIX threads support.
+ *
+ *    Revision 1.5  2001/07/13 13:48:37  oes
+ *     - (Fix:) Copied CODE_STATUS #define from config.h.in
+ *     - split REGEX #define into REGEX_GNU and REGEX_PCRE
+ *       and removed PCRE.
+ *       (REGEX = REGEX_GNU || REGEX_PCRE per project.h)
+ *     - Moved STATIC (for pcre) here from Makefile.in
+ *     - Introduced STATIC_PCRS #define to allow for dynaimc linking with
+ *       libpcrs
+ *     - Removed PCRS #define, since pcrs is now needed for CGI anyway
+ *
+ *    Revision 1.4  2001/05/29 09:50:24  jongfoster
+ *    Unified blocklist/imagelist/permissionslist.
+ *    File format is still under discussion, but the internal changes
+ *    are (mostly) done.
+ *
+ *    Also modified interceptor behaviour:
+ *    - We now intercept all URLs beginning with one of the following
+ *      prefixes (and *only* these prefixes):
+ *        * http://i.j.b/
+ *        * http://ijbswa.sf.net/config/
+ *        * http://ijbswa.sourceforge.net/config/
+ *    - New interceptors "home page" - go to http://i.j.b/ to see it.
+ *    - Internal changes so that intercepted and fast redirect pages
+ *      are not replaced with an image.
+ *    - Interceptors now have the option to send a binary page direct
+ *      to the client. (i.e. ijb-send-banner uses this)
+ *    - Implemented show-url-info interceptor.  (Which is why I needed
+ *      the above interceptors changes - a typical URL is
+ *      "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ *      The previous mechanism would not have intercepted that, and
+ *      if it had been intercepted then it then it would have replaced
+ *      it with an image.)
+ *
+ *    Revision 1.3  2001/05/26 01:26:34  jongfoster
+ *    New #define, WIN_GUI_EDIT, enables the (embryonic) Win32 GUI editor.
+ *    This #define cannot be set from ./configure - there's no point, it
+ *    doesn't work yet.  See feature request # 425722
+ *
+ *    Revision 1.2  2001/05/22 17:43:35  oes
+ *
+ *    - Enabled filtering banners by size rather than URL
+ *      by adding patterns that replace all standard banner
+ *      sizes with the "Junkbuster" gif to the re_filterfile
+ *
+ *    - Enabled filtering WebBugs by providing a pattern
+ *      which kills all 1x1 images
+ *
+ *    - Added support for PCRE_UNGREEDY behaviour to pcrs,
+ *      which is selected by the (nonstandard and therefore
+ *      capital) letter 'U' in the option string.
+ *      It causes the quantifiers to be ungreedy by default.
+ *      Appending a ? turns back to greedy (!).
+ *
+ *    - Added a new interceptor ijb-send-banner, which
+ *      sends back the "Junkbuster" gif. Without imagelist or
+ *      MSIE detection support, or if tinygif = 1, or the
+ *      URL isn't recognized as an imageurl, a lame HTML
+ *      explanation is sent instead.
+ *
+ *    - Added new feature, which permits blocking remote
+ *      script redirects and firing back a local redirect
+ *      to the browser.
+ *      The feature is conditionally compiled, i.e. it
+ *      can be disabled with --disable-fast-redirects,
+ *      plus it must be activated by a "fast-redirects"
+ *      line in the config file, has its own log level
+ *      and of course wants to be displayed by show-proxy-args
+ *      Note: Boy, all the #ifdefs in 1001 locations and
+ *      all the fumbling with configure.in and acconfig.h
+ *      were *way* more work than the feature itself :-(
+ *
+ *    - Because a generic redirect template was needed for
+ *      this, tinygif = 3 now uses the same.
+ *
+ *    - Moved GIFs, and other static HTTP response templates
+ *      to project.h
+ *
+ *    - Many minor fixes
+ *
+ *    - Removed some >400 CRs again (Jon, you really worked
+ *      a lot! ;-)
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:45  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+/*
+ * Version number - Major (X._._)
+ */
+#define VERSION_MAJOR 2
+
+/*
+ * Version number - Minor (_.X._)
+ */
+#define VERSION_MINOR 9
+
+/*
+ * Version number - Point (_._.X)
+ */
+#define VERSION_POINT 15
+
+/*
+ * Version number, as a string
+ */
+#define VERSION "2.9.15"
+
+/*
+ * Status of the code: alpha, beta or stable
+ */
+#define CODE_STATUS "beta"
+
+/*
+ * Regular expression matching for URLs.  (Highly recommended).
+ * If neither of these are defined then you can ony use prefix matching.
+ * Don't bother to change this here! Use configure instead.
+ */
+#define REGEX_PCRE 1
+
+/* 
+ * Should pcre be statically built in instead of linkling with libpcre?
+ * (This is determined by configure depending on the availiability of
+ * libpcre and user preferences). The name is ugly, but pcre needs it.
+ * Don't bother to change this here! Use configure instead.
+ */
+#define STATIC_PCRE 1
+
+/* 
+ * Should pcrs be statically built in instead of linkling with libpcrs?
+ * (This is determined by configure depending on the availiability of
+ * libpcrs and user preferences).
+ * Don't bother to change this here! Use configure instead.
+ */
+#define STATIC_PCRS 1
+
+/*
+ * Allows the use of an ACL to control access to the proxy by IP address.
+ */
+#define FEATURE_ACL 1
+
+/*
+ * Enables the web-based configuration (actionsfile) editor.  If you
+ * have a shared proxy, you might want to turn this off.
+ */
+#define FEATURE_CGI_EDIT_ACTIONS 1
+
+/*
+ * Allows the use of jar files to capture cookies.
+ */
+#define FEATURE_COOKIE_JAR 1
+
+/*
+ * Locally redirect remote script-redirect URLs
+ */
+#define FEATURE_FAST_REDIRECTS 1
+
+/*
+ * Bypass filtering for 1 page only
+ */
+#define FEATURE_FORCE_LOAD 1
+
+/*
+ * Allow blocking using images as well as HTML.
+ * If you do not define this then everything is blocked as HTML.
+ *
+ * Note that this is required if you want to use FEATURE_IMAGE_DETECT_MSIE.
+ */
+#define FEATURE_IMAGE_BLOCKING 1
+
+/*
+ * Detect image requests automatically for MSIE.  Will fall back to
+ * other image-detection methods (i.e. "+image" permission) for other
+ * browsers.
+ *
+ * You must also define FEATURE_IMAGE_BLOCKING to use this feature.
+ *
+ * It detects the following header pair as an image request:
+ *
+ * User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
+ * Accept: * / *
+ *
+ * And the following as a HTML request:
+ *
+ * User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
+ * Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, * / *
+ *
+ * And no, I haven't got that backwards - IE is being wierd.
+ *
+ * Known limitations: 
+ * 1) If you press shift-reload on a blocked HTML page, you get
+ *    the image "blocked" page, not the HTML "blocked" page.
+ * 2) Once an image "blocked" page has been sent, viewing it 
+ *    in it's own browser window *should* bring up the HTML
+ *    "blocked" page, but it doesn't.  You need to clear the 
+ *    browser cache to get the HTML version again.
+ *
+ * These limitations are due to IE making inconsistent choices
+ * about which "Accept:" header to send.
+ */
+#define FEATURE_IMAGE_DETECT_MSIE 1
+
+/*
+ * Use POSIX threads instead of native threads.
+ */
+#define FEATURE_PTHREAD 1
+
+/*
+ * Enables statistics function.
+ */
+#define FEATURE_STATISTICS 1
+
+/*
+ * Allow JunkBuster to be "disabled" so it is just a normal non-blocking
+ * non-anonymizing proxy.  This is useful if you're trying to access a
+ * blocked or broken site - just change the setting in the config file,
+ * or use the handy "Disable" menu option in the Windows GUI.
+ */
+#define FEATURE_TOGGLE 1
+
+/*
+ * Allows the use of trust files.
+ */
+#define FEATURE_TRUST 1
+
+
+/****************************************************************************
+ * The following values are correct for MS VC++97.
+ * You should normally not change them.
+ ***************************************************************************/
+
+
+/*
+ * Defined on Solaris only.  Makes the system libraries thread safe.
+ */
+/* #define _REENTRANT 1 */
+
+/*
+ * Defined on Solaris only.  Without this, many important functions are not
+ * defined in the system headers.
+ */
+/* #define __EXTENSIONS__ 1 */
+
+/*
+ * Defined always.
+ * FIXME: Don't know what it does or why we need it.
+ * (presumably something to do with MultiThreading?)
+ */
+#define __MT__ 1
+
+
+/* Define if you have the `bcopy' function. */
+/* #define HAVE_BCOPY 1 */
+
+/* Define if you have the <inttypes.h> header file. */
+/* #define HAVE_INTTYPES_H 1 */
+
+/* Define if you have the `memmove' function. */
+#define HAVE_MEMMOVE 1
+
+/* Define if you have the <memory.h> header file. */
+#define HAVE_MEMORY_H 1
+
+/* Define if you have the <stdint.h> header file. */
+/* #define HAVE_STDINT_H 1 */
+
+/* Define if you have the <stdlib.h> header file. */
+#define HAVE_STDLIB_H 1
+
+/* Define if you have the `strerror' function. */
+#define HAVE_STRERROR 1
+
+/* Define if you have the <strings.h> header file. */
+/* #define HAVE_STRINGS_H 1 */
+
+/* Define if you have the <string.h> header file. */
+#define HAVE_STRING_H 1
+
+/* Define if you have the <sys/stat.h> header file. */
+#define HAVE_SYS_STAT_H 1
+
+/* Define if you have the <sys/types.h> header file. */
+#define HAVE_SYS_TYPES_H 1
+
+/* Define if you have the <unistd.h> header file. */
+/* #define HAVE_UNISTD_H 1 */
+
+/* The size of a `char *', as computed by sizeof. */
+#define SIZEOF_CHAR_P 4
+
+/* The size of a `int', as computed by sizeof. */
+#define SIZEOF_INT 4
+
+/* The size of a `long', as computed by sizeof. */
+#define SIZEOF_LONG 4
+
+/* The size of a `long long', as computed by sizeof. */
+/* #define SIZEOF_LONG_LONG ---not supported--- */
+
+/* The size of a `size_t', as computed by sizeof. */
+#define SIZEOF_SIZE_T 4
+
+/* Define if you have the ANSI C header files. */
+#define STDC_HEADERS 1
+
+/* Define to empty if `const' does not conform to ANSI C. */
+/* #define const */
+
+/* Define to `unsigned' if <sys/types.h> does not define. */
+/* #define size_t unsigned */
+
+/*
+ * Defined always.
+ * FIXME: Don't know what it does or why we need it.
+ * (presumably something to do with ANSI Standard C?)
+ */
+/* Don't define for MS VC++ or you don't get strdup() declared.
+#ifndef __STDC__
+#define __STDC__ 1
+#endif
+*/
+
+/*
+ * Need to set up this define only for the Pthreads library for
+ * Win32, available from http://sources.redhat.com/pthreads-win32/
+ */
+#if defined(FEATURE_PTHREAD) && defined(_WIN32)
+#define __CLEANUP_C
+#endif /* defined(FEATURE_PTHREAD) && defined(_WIN32) */
+
+/*
+ * BEOS does not currently support POSIX threads.
+ * This *should* be detected by ./configure, but let's be sure.
+ */
+#if defined(FEATURE_PTHREAD) && defined(__BEOS__)
+#error BEOS does not support pthread - please run ./configure again with "--disable-pthread"
+
+#endif /* defined(FEATURE_PTHREAD) && defined(__BEOS__) */
+
+
+#if (!defined(_MSC_VER)) && (!defined(RC_INVOKED))
+#error This file is only intended for MS VC++ on Win32.  For other compilers, please run configure.
+#endif /* (!defined(_MSC_VER)) && (!defined(RC_INVOKED)) */
+
+#pragma warning ( disable: 4100 4115 4201 4214 4244 4514 )
+
+/*
+ * C4100 : unreferenced formal parameter
+ * Very common, not a bug
+ * 
+ * C4115 : named type definition in parentheses
+ * #include <windows.h> causes a warning about one of these.
+ *
+ * C4201 : nonstandard extension used : nameless struct/union
+ * Endemic in <windows.h>
+ *
+ * C4214 nonstandard extension used : bit field types other than int
+ * Endemic in <windows.h>
+ *
+ * C4244 conversion from 'int' to 'char', possible loss of data
+ * Should really fix this one.  Throughout the JB code.
+ *
+ * C4514 unreferenced inline/local function has been removed
+ * Caused by #include <windows.h>
+ */
+
+#endif /* CONFIG_H_INCLUDED */
+
diff --git a/external/privoxy/vc_config_winthreads.h b/external/privoxy/vc_config_winthreads.h
new file mode 100644
index 0000000..ca863a9
--- /dev/null
+++ b/external/privoxy/vc_config_winthreads.h
@@ -0,0 +1,675 @@
+#ifndef CONFIG_H_INCLUDED
+#define CONFIG_H_INCLUDED
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/vc_config_winthreads.h,v $
+ *
+ * Purpose     :  This file should be the first thing included in every
+ *                .c file.  (Before even system headers).  It contains 
+ *                #define statements for various features.  It was
+ *                introduced because the compile command line started
+ *                getting ludicrously long with feature defines.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001 the SourceForge
+ *                Privoxy team. http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: vc_config_winthreads.h,v $
+ *    Revision 1.6  2008/03/27 18:27:39  fabiankeil
+ *    Remove kill-popups action.
+ *
+ *    Revision 1.5  2006/07/18 14:48:47  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.3.2.1  2006/04/08 21:57:26  david__schmidt
+ *    Synchronize with a more modern copy of config.h.
+ *
+ *    Revision 1.3  2002/05/03 22:54:24  jongfoster
+ *    Version number bump to 2.9.15
+ *
+ *    Revision 1.2  2002/04/26 18:26:09  jongfoster
+ *    Bumping version numbers
+ *
+ *    Revision 1.1  2002/04/06 20:38:01  jongfoster
+ *    Renaming VC++ versions of config.h
+ *
+ *    Revision 1.14  2002/03/26 22:29:54  swa
+ *    we have a new homepage!
+ *
+ *    Revision 1.13  2002/03/24 17:08:12  jongfoster
+ *    Version number bump
+ *
+ *    Revision 1.12  2002/03/24 13:25:43  swa
+ *    name change related issues
+ *
+ *    Revision 1.11  2002/03/16 14:27:22  jongfoster
+ *    Ignoring a very common warning.
+ *
+ *    Revision 1.10  2002/03/13 00:28:32  jongfoster
+ *    Hiding all the warnings generated by #include<windows.h>
+ *
+ *    Revision 1.9  2001/11/30 21:35:54  jongfoster
+ *    Bumping version number to 2.9.10
+ *
+ *    Revision 1.8  2001/10/23 21:24:09  jongfoster
+ *    Support for FEATURE_CGI_EDIT_ACTIONS
+ *
+ *    Revision 1.7  2001/10/07 15:33:14  oes
+ *    Removed FEATURE_DENY_GZIP
+ *    Bumped up version number
+ *
+ *    Revision 1.6  2001/09/16 16:59:34  jongfoster
+ *    Bugfix - couldn't build resources with previous version.
+ *
+ *    Revision 1.5  2001/09/16 16:19:02  jongfoster
+ *    New version based on latest configure.in and acconfig.h
+ *
+ *    Revision 1.9  2001/07/30 22:16:07  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.8  2001/07/25 19:16:27  oes
+ *    Bumping version number to 2.9.8
+ *
+ *    Revision 1.7  2001/07/21 18:00:07  jongfoster
+ *    Bumping version number to 2.9.7
+ *
+ *    Revision 1.6  2001/07/15 20:08:40  jongfoster
+ *    New build files for VC++ which provide the option of POSIX
+ *    or Win32 threads.
+ *
+ *    Revision 1.5  2001/07/15 18:00:46  jongfoster
+ *    Renaming STATIC to STATIC_PCRE.
+ *    Replacing this file with one built by "configure" from
+ *    "config.h.in", for consistency.
+ *
+ *    Revision 1.6  2001/07/15 17:54:29  jongfoster
+ *    Renaming #define STATIC to STATIC_PCRE
+ *    Adding new #define FEATURE_PTHREAD that will be used to enable
+ *    POSIX threads support.
+ *
+ *    Revision 1.5  2001/07/13 13:48:37  oes
+ *     - (Fix:) Copied CODE_STATUS #define from config.h.in
+ *     - split REGEX #define into REGEX_GNU and REGEX_PCRE
+ *       and removed PCRE.
+ *       (REGEX = REGEX_GNU || REGEX_PCRE per project.h)
+ *     - Moved STATIC (for pcre) here from Makefile.in
+ *     - Introduced STATIC_PCRS #define to allow for dynaimc linking with
+ *       libpcrs
+ *     - Removed PCRS #define, since pcrs is now needed for CGI anyway
+ *
+ *    Revision 1.4  2001/05/29 09:50:24  jongfoster
+ *    Unified blocklist/imagelist/permissionslist.
+ *    File format is still under discussion, but the internal changes
+ *    are (mostly) done.
+ *
+ *    Also modified interceptor behaviour:
+ *    - We now intercept all URLs beginning with one of the following
+ *      prefixes (and *only* these prefixes):
+ *        * http://i.j.b/
+ *        * http://ijbswa.sf.net/config/
+ *        * http://ijbswa.sourceforge.net/config/
+ *    - New interceptors "home page" - go to http://i.j.b/ to see it.
+ *    - Internal changes so that intercepted and fast redirect pages
+ *      are not replaced with an image.
+ *    - Interceptors now have the option to send a binary page direct
+ *      to the client. (i.e. ijb-send-banner uses this)
+ *    - Implemented show-url-info interceptor.  (Which is why I needed
+ *      the above interceptors changes - a typical URL is
+ *      "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ *      The previous mechanism would not have intercepted that, and
+ *      if it had been intercepted then it then it would have replaced
+ *      it with an image.)
+ *
+ *    Revision 1.3  2001/05/26 01:26:34  jongfoster
+ *    New #define, WIN_GUI_EDIT, enables the (embryonic) Win32 GUI editor.
+ *    This #define cannot be set from ./configure - there's no point, it
+ *    doesn't work yet.  See feature request # 425722
+ *
+ *    Revision 1.2  2001/05/22 17:43:35  oes
+ *
+ *    - Enabled filtering banners by size rather than URL
+ *      by adding patterns that replace all standard banner
+ *      sizes with the "Junkbuster" gif to the re_filterfile
+ *
+ *    - Enabled filtering WebBugs by providing a pattern
+ *      which kills all 1x1 images
+ *
+ *    - Added support for PCRE_UNGREEDY behaviour to pcrs,
+ *      which is selected by the (nonstandard and therefore
+ *      capital) letter 'U' in the option string.
+ *      It causes the quantifiers to be ungreedy by default.
+ *      Appending a ? turns back to greedy (!).
+ *
+ *    - Added a new interceptor ijb-send-banner, which
+ *      sends back the "Junkbuster" gif. Without imagelist or
+ *      MSIE detection support, or if tinygif = 1, or the
+ *      URL isn't recognized as an imageurl, a lame HTML
+ *      explanation is sent instead.
+ *
+ *    - Added new feature, which permits blocking remote
+ *      script redirects and firing back a local redirect
+ *      to the browser.
+ *      The feature is conditionally compiled, i.e. it
+ *      can be disabled with --disable-fast-redirects,
+ *      plus it must be activated by a "fast-redirects"
+ *      line in the config file, has its own log level
+ *      and of course wants to be displayed by show-proxy-args
+ *      Note: Boy, all the #ifdefs in 1001 locations and
+ *      all the fumbling with configure.in and acconfig.h
+ *      were *way* more work than the feature itself :-(
+ *
+ *    - Because a generic redirect template was needed for
+ *      this, tinygif = 3 now uses the same.
+ *
+ *    - Moved GIFs, and other static HTTP response templates
+ *      to project.h
+ *
+ *    - Many minor fixes
+ *
+ *    - Removed some >400 CRs again (Jon, you really worked
+ *      a lot! ;-)
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:58:45  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+/*
+ * Version number - Major (X._._)
+ */
+#define VERSION_MAJOR 0
+
+/*
+ * Version number - Minor (_.X._)
+ */
+#define VERSION_MINOR 0
+
+/*
+ * Version number - Point (_._.X)
+ */
+#define VERSION_POINT 0
+
+/*
+ * Version number, as a string
+ */
+#define VERSION "0.0.0"
+
+/*
+ * Status of the code: alpha, beta or stable
+ */
+#define CODE_STATUS "UNRELEASED"
+
+/*
+ * Regular expression matching for URLs.  (Highly recommended).
+ * If neither of these are defined then you can ony use prefix matching.
+ * Don't bother to change this here! Use configure instead.
+ */
+/* #define REGEX_GNU 1 */
+#define REGEX_PCRE 1
+
+/* 
+ * Should pcre be statically built in instead of linkling with libpcre?
+ * (This is determined by configure depending on the availiability of
+ * libpcre and user preferences). The name is ugly, but pcre needs it.
+ * Don't bother to change this here! Use configure instead.
+ */
+#define STATIC_PCRE 1
+
+/* 
+ * Should pcrs be statically built in instead of linkling with libpcrs?
+ * (This is determined by configure depending on the availiability of
+ * libpcrs and user preferences).
+ * Don't bother to change this here! Use configure instead.
+ */
+#define STATIC_PCRS 1
+
+/*
+ * Allows the use of an ACL to control access to the proxy by IP address.
+ */
+#define FEATURE_ACL 1
+
+/*
+ * Enables the web-based configuration (actionsfile) editor.  If you
+ * have a shared proxy, you might want to turn this off.
+ */
+#define FEATURE_CGI_EDIT_ACTIONS 1
+
+/*
+ * Allows the use of jar files to capture cookies.
+ */
+#define FEATURE_COOKIE_JAR 1
+
+/*
+ * Locally redirect remote script-redirect URLs
+ */
+#define FEATURE_FAST_REDIRECTS 1
+
+/*
+ * Bypass filtering for 1 page only
+ */
+#define FEATURE_FORCE_LOAD 1
+
+/*
+ * Allow blocking using images as well as HTML.
+ * If you do not define this then everything is blocked as HTML.
+ *
+ * Note that this is required if you want to use FEATURE_IMAGE_DETECT_MSIE.
+ */
+#define FEATURE_IMAGE_BLOCKING 1
+
+/*
+ * Detect image requests automatically for MSIE.  Will fall back to
+ * other image-detection methods (i.e. "+image" permission) for other
+ * browsers.
+ *
+ * You must also define FEATURE_IMAGE_BLOCKING to use this feature.
+ *
+ * It detects the following header pair as an image request:
+ *
+ * User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
+ * Accept: * / *
+ *
+ * And the following as a HTML request:
+ *
+ * User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 5.0)
+ * Accept: image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, * / *
+ *
+ * And no, I haven't got that backwards - IE is being wierd.
+ *
+ * Known limitations: 
+ * 1) If you press shift-reload on a blocked HTML page, you get
+ *    the image "blocked" page, not the HTML "blocked" page.
+ * 2) Once an image "blocked" page has been sent, viewing it 
+ *    in it's own browser window *should* bring up the HTML
+ *    "blocked" page, but it doesn't.  You need to clear the 
+ *    browser cache to get the HTML version again.
+ *
+ * These limitations are due to IE making inconsistent choices
+ * about which "Accept:" header to send.
+ */
+#define FEATURE_IMAGE_DETECT_MSIE 1
+
+/*
+ * Use PNG instead of GIF for built-in images
+ */
+/* #undef FEATURE_NO_GIFS */
+
+/*
+ * Use POSIX threads instead of native threads.
+ */
+/* #define FEATURE_PTHREAD 1 */
+
+/*
+ * Enables statistics function.
+ */
+#define FEATURE_STATISTICS 1
+
+/*
+ * Allow JunkBuster to be "disabled" so it is just a normal non-blocking
+ * non-anonymizing proxy.  This is useful if you're trying to access a
+ * blocked or broken site - just change the setting in the config file,
+ * or use the handy "Disable" menu option in the Windows GUI.
+ */
+#define FEATURE_TOGGLE 1
+
+/*
+ * Allows the use of trust files.
+ */
+#define FEATURE_TRUST 1
+
+
+/****************************************************************************
+ * The following values are correct for MS VC++97.
+ * You should normally not change them.
+ ***************************************************************************/
+
+
+/*
+ * Defined on Solaris only.  Makes the system libraries thread safe.
+ */
+/* #define _REENTRANT 1 */
+
+/*
+ * Defined on Solaris only.  Without this, many important functions are not
+ * defined in the system headers.
+ */
+/* #define __EXTENSIONS__ 1 */
+
+/*
+ * Defined always.
+ * FIXME: Don't know what it does or why we need it.
+ * (presumably something to do with MultiThreading?)
+ */
+#define __MT__ 1
+
+/* If the (nonstandard and thread-safe) function gethostbyname_r
+ * is available, select which signature to use
+ */
+/* #undef HAVE_GETHOSTBYNAME_R_6_ARGS */
+/* #undef HAVE_GETHOSTBYNAME_R_5_ARGS */
+/* #undef HAVE_GETHOSTBYNAME_R_3_ARGS */
+
+/* If the (nonstandard and thread-safe) function gethostbyaddr_r
+ * is available, select which signature to use
+ */
+/* #undef HAVE_GETHOSTBYADDR_R_8_ARGS */
+/* #undef HAVE_GETHOSTBYADDR_R_7_ARGS */
+/* #undef HAVE_GETHOSTBYADDR_R_5_ARGS */
+
+/* Defined if you have gmtime_r and localtime_r with a signature
+ * of (struct time *, struct tm *)
+ */
+#undef HAVE_GMTIME_R
+
+/* #define HAVE_LOCALTIME_R 1 */
+
+/* Define to 'int' if <sys/socket.h> doesn't have it.
+ */
+#define socklen_t int
+
+/* Define if pcre.h must be included as <pcre/pcre.h>
+ */
+/* #undef PCRE_H_IN_SUBDIR */
+
+/* Define if pcreposix.h must be included as <pcre/pcreposix.h>
+ */
+/* #undef PCREPOSIX_H_IN_SUBDIR */
+
+
+/* Define to 1 if you have the <arpa/inet.h> header file. */
+#define HAVE_ARPA_INET_H 1
+
+/* Define to 1 if you have the `atexit' function. */
+#define HAVE_ATEXIT 1
+
+/* Define if you have the `bcopy' function. */
+/* #define HAVE_BCOPY 1 */
+
+/* Define to 1 if you have the <dirent.h> header file, and it defines `DIR'.
+   */
+#define HAVE_DIRENT_H 1
+
+/* Define to 1 if you have the <errno.h> header file. */
+#define HAVE_ERRNO_H 1
+
+/* Define to 1 if you have the <fcntl.h> header file. */
+#define HAVE_FCNTL_H 1
+
+/* Define to 1 if you have the `getcwd' function. */
+#define HAVE_GETCWD 1
+
+/* Define to 1 if you have the `gethostbyaddr' function. */
+#define HAVE_GETHOSTBYADDR 1
+
+/* Define to 1 if you have the `gethostbyname' function. */
+#define HAVE_GETHOSTBYNAME 1
+
+/* Define to 1 if you have the `inet_ntoa' function. */
+#define HAVE_INET_NTOA 1
+
+/* Define if you have the <inttypes.h> header file. */
+/* #define HAVE_INTTYPES_H 1 */
+
+/* Define to 1 if you have the `nsl' library (-lnsl). */
+/* #undef HAVE_LIBNSL */
+
+/* Define to 1 if you have the <limits.h> header file. */
+#define HAVE_LIMITS_H 1
+
+/* Define to 1 if you have the <locale.h> header file. */
+#define HAVE_LOCALE_H 1
+
+/* Define to 1 if you have the `localtime_r' function. */
+#undef HAVE_LOCALTIME_R
+
+/* Define to 1 if you have the `memchr' function. */
+#define HAVE_MEMCHR 1
+
+/* Define if you have the `memmove' function. */
+#define HAVE_MEMMOVE 1
+
+/* Define if you have the <memory.h> header file. */
+#define HAVE_MEMORY_H 1
+
+/* Define to 1 if you have the `memset' function. */
+#define HAVE_MEMSET 1
+
+/* Define to 1 if you have the <ndir.h> header file, and it defines `DIR'. */
+/* #undef HAVE_NDIR_H */
+
+/* Define to 1 if you have the <netdb.h> header file. */
+#define HAVE_NETDB_H 1
+
+/* Define to 1 if you have the <netinet/in.h> header file. */
+#define HAVE_NETINET_IN_H 1
+
+/* Define to 1 if you have the <OS.h> header file. */
+/* #undef HAVE_OS_H */
+
+/* Define to 1 if you have the `regcomp' function. */
+#define HAVE_REGCOMP 1
+
+/* Define to 1 if you have the `select' function. */
+#define HAVE_SELECT 1
+
+/* Define to 1 if you have the `setlocale' function. */
+#define HAVE_SETLOCALE 1
+
+/* Define to 1 if you have the `socket' function. */
+#define HAVE_SOCKET 1
+
+/* Define to 1 if you have the <stddef.h> header file. */
+#define HAVE_STDDEF_H 1
+
+/* Define if you have the <stdint.h> header file. */
+/* #define HAVE_STDINT_H 1 */
+
+/* Define if you have the <stdlib.h> header file. */
+#define HAVE_STDLIB_H 1
+
+/* Define to 1 if you have the `strchr' function. */
+#define HAVE_STRCHR 1
+
+/* Define to 1 if you have the `strdup' function. */
+#define HAVE_STRDUP 1
+
+/* Define if you have the `strerror' function. */
+#define HAVE_STRERROR 1
+
+/* Define to 1 if you have the `strftime' function. */
+#define HAVE_STRFTIME 1
+
+/* Define if you have the <strings.h> header file. */
+/* #define HAVE_STRINGS_H 1 */
+
+/* Define if you have the <string.h> header file. */
+#define HAVE_STRING_H 1
+
+/* Define to 1 if you have the `strstr' function. */
+#define HAVE_STRSTR 1
+
+/* Define to 1 if you have the `strtoul' function. */
+#define HAVE_STRTOUL 1
+
+/* Define to 1 if you have the <sys/dir.h> header file, and it defines `DIR'.
+   */
+/* #undef HAVE_SYS_DIR_H */
+
+/* Define to 1 if you have the <sys/ioctl.h> header file. */
+#define HAVE_SYS_IOCTL_H 1
+
+/* Define to 1 if you have the <sys/ndir.h> header file, and it defines `DIR'.
+   */
+/* #undef HAVE_SYS_NDIR_H */
+
+/* Define to 1 if you have the <sys/socket.h> header file. */
+#define HAVE_SYS_SOCKET_H 1
+
+/* Define if you have the <sys/stat.h> header file. */
+#define HAVE_SYS_STAT_H 1
+
+/* Define to 1 if you have the <sys/timeb.h> header file. */
+#define HAVE_SYS_TIMEB_H 1
+
+/* Define to 1 if you have the <sys/time.h> header file. */
+#define HAVE_SYS_TIME_H 1
+
+/* Define to 1 if you have the <sys/types.h> header file. */
+#define HAVE_SYS_TYPES_H 1
+
+/* Define to 1 if you have the <sys/wait.h> header file. */
+#define HAVE_SYS_WAIT_H 1
+
+/* Define if you have the <unistd.h> header file. */
+/* #define HAVE_UNISTD_H 1 */
+
+/* Define to the address where bug reports for this package should be sent. */
+#define PACKAGE_BUGREPORT ""
+
+/* Define to the full name of this package. */
+#define PACKAGE_NAME ""
+
+/* Define to the full name and version of this package. */
+#define PACKAGE_STRING ""
+
+/* Define to the one symbol short name of this package. */
+#define PACKAGE_TARNAME ""
+
+/* Define to the version of this package. */
+#define PACKAGE_VERSION ""
+
+/* Define as the return type of signal handlers (`int' or `void'). */
+#define RETSIGTYPE void
+
+/* Define to 1 if the `setpgrp' function takes no argument. */
+#define SETPGRP_VOID 1
+
+/* The size of a `char *', as computed by sizeof. */
+#define SIZEOF_CHAR_P 4
+
+/* The size of a `int', as computed by sizeof. */
+#define SIZEOF_INT 4
+
+/* The size of a `long', as computed by sizeof. */
+#define SIZEOF_LONG 4
+
+/* The size of a `long long', as computed by sizeof. */
+/* #define SIZEOF_LONG_LONG ---not supported--- */
+
+/* The size of a `size_t', as computed by sizeof. */
+#define SIZEOF_SIZE_T 4
+
+/* Define if you have the ANSI C header files. */
+#define STDC_HEADERS 1
+
+/* Define to 1 if you can safely include both <sys/time.h> and <time.h>. */
+#define TIME_WITH_SYS_TIME 1
+
+/* Define to 1 if your <sys/time.h> declares `struct tm'. */
+/* #undef TM_IN_SYS_TIME */
+
+/* Define to empty if `const' does not conform to ANSI C. */
+/* #define const */
+
+/* Define to `int' if <sys/types.h> does not define. */
+/* #undef pid_t */
+
+/* Define to `unsigned' if <sys/types.h> does not define. */
+/* #define size_t unsigned */
+
+/* Define to 'int' if <sys/socket.h> doesn't have it. */
+#define socklen_t int
+
+/*
+ * Defined always.
+ * FIXME: Don't know what it does or why we need it.
+ * (presumably something to do with ANSI Standard C?)
+ */
+/* Don't define for MS VC++ or you don't get strdup() declared.
+#ifndef __STDC__
+#define __STDC__ 1
+#endif
+*/
+
+/*
+ * Need to set up this define only for the Pthreads library for
+ * Win32, available from http://sources.redhat.com/pthreads-win32/
+ */
+#if defined(FEATURE_PTHREAD) && defined(_WIN32)
+#define __CLEANUP_C
+#endif /* defined(FEATURE_PTHREAD) && defined(_WIN32) */
+
+/*
+ * Need to keep errlog.c from trying to inline the non-existent
+ * locking stubs.  Could be removed once a real platform-specific
+ * solution is generated.
+ */
+#define inline ""
+
+/*
+ * BEOS does not currently support POSIX threads.
+ * This *should* be detected by ./configure, but let's be sure.
+ */
+#if defined(FEATURE_PTHREAD) && defined(__BEOS__)
+#error BEOS does not support pthread - please run ./configure again with "--disable-pthread"
+
+#endif /* defined(FEATURE_PTHREAD) && defined(__BEOS__) */
+
+
+#if (!defined(_MSC_VER)) && (!defined(RC_INVOKED))
+#error This file is only intended for MS VC++ on Win32.  For other compilers, please run configure.
+#endif /* (!defined(_MSC_VER)) && (!defined(RC_INVOKED)) */
+
+#pragma warning ( disable: 4100 4115 4201 4214 4244 4514 )
+
+/*
+ * C4100 : unreferenced formal parameter
+ * Very common, not a bug
+ * 
+ * C4115 : named type definition in parentheses
+ * #include <windows.h> causes a warning about one of these.
+ *
+ * C4201 : nonstandard extension used : nameless struct/union
+ * Endemic in <windows.h>
+ *
+ * C4214 nonstandard extension used : bit field types other than int
+ * Endemic in <windows.h>
+ *
+ * C4244 conversion from 'int' to 'char', possible loss of data
+ * Should really fix this one.  Throughout the JB code.
+ *
+ * C4514 unreferenced inline/local function has been removed
+ * Caused by #include <windows.h>
+ */
+
+
+#endif /* CONFIG_H_INCLUDED */
+
diff --git a/external/privoxy/vc_console.dsp b/external/privoxy/vc_console.dsp
new file mode 100644
index 0000000..3561b5e
--- /dev/null
+++ b/external/privoxy/vc_console.dsp
@@ -0,0 +1,405 @@
+# Microsoft Developer Studio Project File - Name="vc_console" - Package Owner=<4>
+# Microsoft Developer Studio Generated Build File, Format Version 5.00
+# ** DO NOT EDIT **
+
+# TARGTYPE "Win32 (x86) Console Application" 0x0103
+
+CFG=vc_console - Win32 Debug with Win32 threads
+!MESSAGE This is not a valid makefile. To build this project using NMAKE,
+!MESSAGE use the Export Makefile command and run
+!MESSAGE 
+!MESSAGE NMAKE /f "vc_console.mak".
+!MESSAGE 
+!MESSAGE You can specify a configuration when running NMAKE
+!MESSAGE by defining the macro CFG on the command line. For example:
+!MESSAGE 
+!MESSAGE NMAKE /f "vc_console.mak"\
+ CFG="vc_console - Win32 Debug with Win32 threads"
+!MESSAGE 
+!MESSAGE Possible choices for configuration are:
+!MESSAGE 
+!MESSAGE "vc_console - Win32 Release" (based on\
+ "Win32 (x86) Console Application")
+!MESSAGE "vc_console - Win32 Debug" (based on\
+ "Win32 (x86) Console Application")
+!MESSAGE "vc_console - Win32 Debug with Win32 threads" (based on\
+ "Win32 (x86) Console Application")
+!MESSAGE "vc_console - Win32 Release with Win32 threads" (based on\
+ "Win32 (x86) Console Application")
+!MESSAGE 
+
+# Begin Project
+# PROP Scc_ProjName ""
+# PROP Scc_LocalPath ""
+CPP=cl.exe
+RSC=rc.exe
+
+!IF  "$(CFG)" == "vc_console - Win32 Release"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 0
+# PROP BASE Output_Dir "Release"
+# PROP BASE Intermediate_Dir "Release"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 0
+# PROP Output_Dir "console_release"
+# PROP Intermediate_Dir "console_release"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
+# ADD CPP /nologo /MT /W3 /GX /O2 /I "pcre" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /D "_WIN_CONSOLE" /D "STATIC" /YX /FD /c
+# ADD BASE RSC /l 0x809 /d "NDEBUG"
+# ADD RSC /l 0x809 /d "NDEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /machine:I386
+# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib ws2_32.lib comctl32.lib pthreadVC.lib /nologo /subsystem:console /machine:I386
+
+!ELSEIF  "$(CFG)" == "vc_console - Win32 Debug"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 1
+# PROP BASE Output_Dir "Debug"
+# PROP BASE Intermediate_Dir "Debug"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 1
+# PROP Output_Dir "console_debug"
+# PROP Intermediate_Dir "console_debug"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /YX /FD /c
+# ADD CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /I "pcre" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /D "_WIN_CONSOLE" /D "STATIC" /FR /YX /FD /c
+# ADD BASE RSC /l 0x809 /d "_DEBUG"
+# ADD RSC /l 0x809 /d "_DEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib ws2_32.lib comctl32.lib pthreadVC.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+
+!ELSEIF  "$(CFG)" == "vc_console - Win32 Debug with Win32 threads"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 1
+# PROP BASE Output_Dir "console_"
+# PROP BASE Intermediate_Dir "console_"
+# PROP BASE Ignore_Export_Lib 0
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 1
+# PROP Output_Dir "console_debug_winthr"
+# PROP Intermediate_Dir "console_debug_winthr"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /I "pcre" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /D "_WIN_CONSOLE" /D "STATIC" /FR /YX /FD /c
+# ADD CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /I "pcre" /D "WIN32" /D "_DEBUG" /D "_CONSOLE" /D "_MBCS" /D "_WIN_CONSOLE" /D "STATIC" /FR /YX /FD /c
+# ADD BASE RSC /l 0x809 /d "_DEBUG"
+# ADD RSC /l 0x809 /d "_DEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib ws2_32.lib comctl32.lib pthreadVC.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib ws2_32.lib comctl32.lib /nologo /subsystem:console /debug /machine:I386 /pdbtype:sept
+
+!ELSEIF  "$(CFG)" == "vc_console - Win32 Release with Win32 threads"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 0
+# PROP BASE Output_Dir "console0"
+# PROP BASE Intermediate_Dir "console0"
+# PROP BASE Ignore_Export_Lib 0
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 0
+# PROP Output_Dir "console_release_winthr"
+# PROP Intermediate_Dir "console_release_winthr"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /MT /W3 /GX /O2 /I "pcre" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /D "_WIN_CONSOLE" /D "STATIC" /YX /FD /c
+# ADD CPP /nologo /MT /W3 /GX /O2 /I "pcre" /D "WIN32" /D "NDEBUG" /D "_CONSOLE" /D "_MBCS" /D "_WIN_CONSOLE" /D "STATIC" /YX /FD /c
+# ADD BASE RSC /l 0x809 /d "NDEBUG"
+# ADD RSC /l 0x809 /d "NDEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib ws2_32.lib comctl32.lib pthreadVC.lib /nologo /subsystem:console /machine:I386
+# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib ws2_32.lib comctl32.lib /nologo /subsystem:console /machine:I386
+
+!ENDIF 
+
+# Begin Target
+
+# Name "vc_console - Win32 Release"
+# Name "vc_console - Win32 Debug"
+# Name "vc_console - Win32 Debug with Win32 threads"
+# Name "vc_console - Win32 Release with Win32 threads"
+# Begin Group "JunkBuster"
+
+# PROP Default_Filter ""
+# Begin Source File
+
+SOURCE=.\actionlist.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\actions.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\actions.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\cgi.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\cgi.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\cgiedit.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\cgiedit.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\cgisimple.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\cgisimple.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\config.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\deanimate.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\deanimate.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\errlog.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\errlog.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\filters.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\filters.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\jcc.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\jcc.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\loadcfg.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\loadcfg.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\loaders.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\loaders.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\parsers.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\parsers.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\project.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\urlmatch.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\urlmatch.h
+# End Source File
+# End Group
+# Begin Group "Win32"
+
+# PROP Default_Filter ""
+# Begin Source File
+
+SOURCE=.\cygwin.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\win32.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\win32.h
+# End Source File
+# End Group
+# Begin Group "PCRE"
+
+# PROP Default_Filter ""
+# Begin Source File
+
+SOURCE=.\pcre\chartables.c
+
+!IF  "$(CFG)" == "vc_console - Win32 Release"
+
+# PROP Exclude_From_Build 1
+
+!ELSEIF  "$(CFG)" == "vc_console - Win32 Debug"
+
+# PROP Exclude_From_Build 1
+
+!ELSEIF  "$(CFG)" == "vc_console - Win32 Debug with Win32 threads"
+
+# PROP BASE Exclude_From_Build 1
+# PROP Exclude_From_Build 1
+
+!ELSEIF  "$(CFG)" == "vc_console - Win32 Release with Win32 threads"
+
+# PROP BASE Exclude_From_Build 1
+# PROP Exclude_From_Build 1
+
+!ENDIF 
+
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcre\config.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcre\get.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcre\internal.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcre\maketables.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcre\pcre.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcre\pcre.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcre\pcreposix.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcre\pcreposix.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcre\study.c
+# End Source File
+# End Group
+# Begin Group "PCRS"
+
+# PROP Default_Filter ""
+# Begin Source File
+
+SOURCE=.\pcrs.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcrs.h
+# End Source File
+# End Group
+# Begin Group "Sockets"
+
+# PROP Default_Filter ""
+# Begin Source File
+
+SOURCE=.\gateway.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\gateway.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\jbsockets.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\jbsockets.h
+# End Source File
+# End Group
+# Begin Group "Utilities"
+
+# PROP Default_Filter ""
+# Begin Source File
+
+SOURCE=.\encode.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\encode.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\list.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\list.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\miscutil.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\miscutil.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\ssplit.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\ssplit.h
+# End Source File
+# End Group
+# End Target
+# End Project
diff --git a/external/privoxy/vc_privoxy.dsp b/external/privoxy/vc_privoxy.dsp
new file mode 100644
index 0000000..5afaec9
--- /dev/null
+++ b/external/privoxy/vc_privoxy.dsp
@@ -0,0 +1,488 @@
+# Microsoft Developer Studio Project File - Name="vc_privoxy" - Package Owner=<4>
+# Microsoft Developer Studio Generated Build File, Format Version 5.00
+# ** DO NOT EDIT **
+
+# TARGTYPE "Win32 (x86) Application" 0x0101
+
+CFG=vc_privoxy - Win32 Debug with Win32 threads
+!MESSAGE This is not a valid makefile. To build this project using NMAKE,
+!MESSAGE use the Export Makefile command and run
+!MESSAGE 
+!MESSAGE NMAKE /f "vc_privoxy.mak".
+!MESSAGE 
+!MESSAGE You can specify a configuration when running NMAKE
+!MESSAGE by defining the macro CFG on the command line. For example:
+!MESSAGE 
+!MESSAGE NMAKE /f "vc_privoxy.mak"\
+ CFG="vc_privoxy - Win32 Debug with Win32 threads"
+!MESSAGE 
+!MESSAGE Possible choices for configuration are:
+!MESSAGE 
+!MESSAGE "vc_privoxy - Win32 Release" (based on "Win32 (x86) Application")
+!MESSAGE "vc_privoxy - Win32 Debug" (based on "Win32 (x86) Application")
+!MESSAGE "vc_privoxy - Win32 Release with Win32 threads" (based on\
+ "Win32 (x86) Application")
+!MESSAGE "vc_privoxy - Win32 Debug with Win32 threads" (based on\
+ "Win32 (x86) Application")
+!MESSAGE 
+
+# Begin Project
+# PROP Scc_ProjName ""
+# PROP Scc_LocalPath ""
+CPP=cl.exe
+MTL=midl.exe
+RSC=rc.exe
+
+!IF  "$(CFG)" == "vc_privoxy - Win32 Release"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 0
+# PROP BASE Output_Dir "vc_release"
+# PROP BASE Intermediate_Dir "vc_release"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 0
+# PROP Output_Dir "vc_release"
+# PROP Intermediate_Dir "vc_release"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /GX /O2 /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /YX /FD /c
+# ADD CPP /nologo /MT /W3 /GX /O2 /Ob2 /I "pcre" /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "STATIC" /FR /YX /FD /c
+# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /o NUL /win32
+# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /o NUL /win32
+# ADD BASE RSC /l 0x809 /d "NDEBUG"
+# ADD RSC /l 0x809 /d "NDEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /machine:I386
+# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib ws2_32.lib comctl32.lib pthreadVC.lib /nologo /subsystem:windows /machine:I386
+
+!ELSEIF  "$(CFG)" == "vc_privoxy - Win32 Debug"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 1
+# PROP BASE Output_Dir "vc_debug"
+# PROP BASE Intermediate_Dir "vc_debug"
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 1
+# PROP Output_Dir "vc_debug"
+# PROP Intermediate_Dir "vc_debug"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /W3 /Gm /GX /Zi /Od /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /YX /FD /c
+# ADD CPP /nologo /MTd /W3 /Gm /GX /Zi /Od /I "pcre" /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "STATIC" /FR /YX /FD /c
+# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /o NUL /win32
+# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /o NUL /win32
+# ADD BASE RSC /l 0x809 /d "_DEBUG"
+# ADD RSC /l 0x809 /d "_DEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib odbc32.lib odbccp32.lib /nologo /subsystem:windows /debug /machine:I386 /pdbtype:sept
+# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib ws2_32.lib comctl32.lib pthreadVC.lib /nologo /subsystem:windows /debug /machine:I386 /pdbtype:sept
+
+!ELSEIF  "$(CFG)" == "vc_privoxy - Win32 Release with Win32 threads"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 0
+# PROP BASE Output_Dir "vc_junkb"
+# PROP BASE Intermediate_Dir "vc_junkb"
+# PROP BASE Ignore_Export_Lib 0
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 0
+# PROP Output_Dir "vc_release_winthr"
+# PROP Intermediate_Dir "vc_release_winthr"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /MT /W3 /GX /O2 /Ob2 /I "pcre" /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "STATIC" /FR /YX /FD /c
+# ADD CPP /nologo /MT /W3 /GX /O2 /Ob2 /I "pcre" /D "WIN32" /D "NDEBUG" /D "_WINDOWS" /D "STATIC" /FR /YX /FD /c
+# ADD BASE MTL /nologo /D "NDEBUG" /mktyplib203 /o NUL /win32
+# ADD MTL /nologo /D "NDEBUG" /mktyplib203 /o NUL /win32
+# ADD BASE RSC /l 0x809 /d "NDEBUG"
+# ADD RSC /l 0x809 /d "NDEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib ws2_32.lib comctl32.lib pthreadVC.lib /nologo /subsystem:windows /machine:I386
+# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib ws2_32.lib comctl32.lib /nologo /subsystem:windows /machine:I386
+
+!ELSEIF  "$(CFG)" == "vc_privoxy - Win32 Debug with Win32 threads"
+
+# PROP BASE Use_MFC 0
+# PROP BASE Use_Debug_Libraries 1
+# PROP BASE Output_Dir "vc_junk0"
+# PROP BASE Intermediate_Dir "vc_junk0"
+# PROP BASE Ignore_Export_Lib 0
+# PROP BASE Target_Dir ""
+# PROP Use_MFC 0
+# PROP Use_Debug_Libraries 1
+# PROP Output_Dir "vc_debug_winthr"
+# PROP Intermediate_Dir "vc_debug_winthr"
+# PROP Ignore_Export_Lib 0
+# PROP Target_Dir ""
+# ADD BASE CPP /nologo /MTd /W3 /Gm /GX /Zi /O2 /I "pcre" /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "STATIC" /YX /FD /c
+# ADD CPP /nologo /MTd /W4 /Gm /GX /Zi /Od /I "pcre" /D "WIN32" /D "_DEBUG" /D "_WINDOWS" /D "STATIC" /FR /YX /FD /c
+# ADD BASE MTL /nologo /D "_DEBUG" /mktyplib203 /o NUL /win32
+# ADD MTL /nologo /D "_DEBUG" /mktyplib203 /o NUL /win32
+# ADD BASE RSC /l 0x809 /d "_DEBUG"
+# ADD RSC /l 0x809 /d "_DEBUG"
+BSC32=bscmake.exe
+# ADD BASE BSC32 /nologo
+# ADD BSC32 /nologo
+LINK32=link.exe
+# ADD BASE LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib ws2_32.lib comctl32.lib pthreadVC.lib /nologo /subsystem:windows /debug /machine:I386 /pdbtype:sept
+# ADD LINK32 kernel32.lib user32.lib gdi32.lib winspool.lib comdlg32.lib advapi32.lib shell32.lib ole32.lib oleaut32.lib uuid.lib ws2_32.lib comctl32.lib /nologo /subsystem:windows /debug /machine:I386 /pdbtype:sept
+
+!ENDIF 
+
+# Begin Target
+
+# Name "vc_privoxy - Win32 Release"
+# Name "vc_privoxy - Win32 Debug"
+# Name "vc_privoxy - Win32 Release with Win32 threads"
+# Name "vc_privoxy - Win32 Debug with Win32 threads"
+# Begin Group "JunkBuster"
+
+# PROP Default_Filter ""
+# Begin Source File
+
+SOURCE=.\actionlist.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\actions.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\actions.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\cgi.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\cgi.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\cgiedit.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\cgiedit.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\cgisimple.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\cgisimple.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\config.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\deanimate.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\deanimate.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\errlog.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\errlog.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\filters.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\filters.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\jcc.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\jcc.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\loadcfg.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\loadcfg.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\loaders.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\loaders.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\parsers.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\parsers.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\project.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\urlmatch.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\urlmatch.h
+# End Source File
+# End Group
+# Begin Group "Win32"
+
+# PROP Default_Filter ""
+# Begin Source File
+
+SOURCE=.\cygwin.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\w32log.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\w32log.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\w32res.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\w32taskbar.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\w32taskbar.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\win32.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\win32.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\w32svrapi.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\w32svrapi.h
+# End Source File
+# End Group
+# Begin Group "Resources"
+
+# PROP Default_Filter "rc,ico,bmp"
+# Begin Source File
+
+SOURCE=.\icons\ico00001.ico
+# End Source File
+# Begin Source File
+
+SOURCE=.\icons\ico00002.ico
+# End Source File
+# Begin Source File
+
+SOURCE=.\icons\ico00003.ico
+# End Source File
+# Begin Source File
+
+SOURCE=.\icons\ico00004.ico
+# End Source File
+# Begin Source File
+
+SOURCE=.\icons\ico00005.ico
+# End Source File
+# Begin Source File
+
+SOURCE=.\icons\ico00006.ico
+# End Source File
+# Begin Source File
+
+SOURCE=.\icons\ico00007.ico
+# End Source File
+# Begin Source File
+
+SOURCE=.\icons\ico00008.ico
+# End Source File
+# Begin Source File
+
+SOURCE=.\icons\idle.ico
+# End Source File
+# Begin Source File
+
+SOURCE=.\icons\privoxy.ico
+# End Source File
+# Begin Source File
+
+SOURCE=.\w32.rc
+# End Source File
+# End Group
+# Begin Group "PCRE"
+
+# PROP Default_Filter ""
+# Begin Source File
+
+SOURCE=.\pcre\chartables.c
+
+!IF  "$(CFG)" == "vc_privoxy - Win32 Release"
+
+# PROP Exclude_From_Build 1
+
+!ELSEIF  "$(CFG)" == "vc_privoxy - Win32 Debug"
+
+# PROP Exclude_From_Build 1
+
+!ELSEIF  "$(CFG)" == "vc_privoxy - Win32 Release with Win32 threads"
+
+# PROP BASE Exclude_From_Build 1
+# PROP Exclude_From_Build 1
+
+!ELSEIF  "$(CFG)" == "vc_privoxy - Win32 Debug with Win32 threads"
+
+# PROP BASE Exclude_From_Build 1
+# PROP Exclude_From_Build 1
+
+!ENDIF 
+
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcre\config.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcre\get.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcre\internal.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcre\maketables.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcre\pcre.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcre\pcre.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcre\pcreposix.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcre\pcreposix.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcre\study.c
+# End Source File
+# End Group
+# Begin Group "PCRS"
+
+# PROP Default_Filter ""
+# Begin Source File
+
+SOURCE=.\pcrs.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\pcrs.h
+# End Source File
+# End Group
+# Begin Group "Sockets"
+
+# PROP Default_Filter ""
+# Begin Source File
+
+SOURCE=.\gateway.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\gateway.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\jbsockets.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\jbsockets.h
+# End Source File
+# End Group
+# Begin Group "Utilities"
+
+# PROP Default_Filter ""
+# Begin Source File
+
+SOURCE=.\encode.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\encode.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\list.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\list.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\miscutil.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\miscutil.h
+# End Source File
+# Begin Source File
+
+SOURCE=.\ssplit.c
+# End Source File
+# Begin Source File
+
+SOURCE=.\ssplit.h
+# End Source File
+# End Group
+# End Target
+# End Project
diff --git a/external/privoxy/vc_privoxy.dsw b/external/privoxy/vc_privoxy.dsw
new file mode 100644
index 0000000..9685de2
--- /dev/null
+++ b/external/privoxy/vc_privoxy.dsw
@@ -0,0 +1,59 @@
+Microsoft Developer Studio Workspace File, Format Version 5.00
+# WARNING: DO NOT EDIT OR DELETE THIS WORKSPACE FILE!
+
+###############################################################################
+
+Project: "vc_console"=".\vc_console.dsp" - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+    Begin Project Dependency
+    Project_Dep_Name vc_dftables
+    End Project Dependency
+}}}
+
+###############################################################################
+
+Project: "vc_dftables"=".\pcre\vc_dftables.dsp" - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+}}}
+
+###############################################################################
+
+Project: "vc_privoxy"=".\vc_privoxy.dsp" - Package Owner=<4>
+
+Package=<5>
+{{{
+}}}
+
+Package=<4>
+{{{
+    Begin Project Dependency
+    Project_Dep_Name vc_dftables
+    End Project Dependency
+}}}
+
+###############################################################################
+
+Global:
+
+Package=<5>
+{{{
+}}}
+
+Package=<3>
+{{{
+}}}
+
+###############################################################################
+
diff --git a/external/privoxy/w32.rc b/external/privoxy/w32.rc
new file mode 100644
index 0000000..93b518a
--- /dev/null
+++ b/external/privoxy/w32.rc
@@ -0,0 +1,343 @@
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/w32.rc,v $
+ *
+ * Purpose     :  Windows GUI resource script.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2002 members of
+ *                the Privoxy team.  http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: w32.rc,v $
+ *    Revision 1.22  2009/01/01 15:09:23  ler762
+ *    Change the Windows taskbar icon when privoxy is toggled off.
+ *
+ *    Revision 1.21  2008/11/02 14:37:47  ler762
+ *    commit the part of the patches I've been using that were written by torford and gjmurphy
+ *      [ 1824315 ] Minor code cleanup
+ *      [ 1781135 ] Patch - Add clear log, select all, and Accelerators for w32
+ *        http://sourceforge.net/tracker/?func=detail&atid=311118&aid=1781135&group_id=11118
+ *    The full patch adds control keys A(select all), C(copy) and D(delete all) to the
+ *    Privoxy log window menu.  Select all and copy work for me without the patch
+ *    (albeit without showing the accelerator keys on the menu), so the only part of the
+ *    patch I've been using for the last year or so has been the ctrl-d to delete
+ *    everything in the Privoxy log window.
+ *
+ *    Revision 1.20  2006/08/18 02:06:25  david__schmidt
+ *    Making icon go back to blue when idle.
+ *    See: bug #967648.
+ *
+ *    Revision 1.19  2006/07/18 14:48:48  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.17.2.1  2002/08/21 17:58:40  oes
+ *     - Reorder of Win32 menu
+ *     - "Show Privoxy Window" now a toggle
+ *     - Temp kludge to let user and default action file be edited through win32 GUI (FR 592080)
+ *
+ *    Revision 1.17  2002/03/31 17:19:00  jongfoster
+ *    Win32 only: Enabling STRICT to fix a VC++ compile warning.
+ *
+ *    Revision 1.16  2002/03/26 22:57:44  jongfoster
+ *    Web server name should begin www.
+ *
+ *    Revision 1.15  2002/03/24 14:29:25  jongfoster
+ *    Renaming icon file
+ *
+ *    Revision 1.14  2002/03/24 12:07:36  jongfoster
+ *    Consistern name for filters file
+ *
+ *    Revision 1.13  2002/03/24 12:03:47  jongfoster
+ *    Name change
+ *
+ *    Revision 1.12  2001/07/30 22:16:07  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.11  2001/07/21 17:53:41  jongfoster
+ *    Adding version information block.
+ *
+ *    Revision 1.10  2001/07/19 19:14:19  haroon
+ *    -  Removed all #ifdef PCRS. The .rc file extension had eluded Andreas.
+ *
+ *    Revision 1.9  2001/06/07 23:08:54  jongfoster
+ *    Forward and ACL edit options removed.
+ *    Config edit option renamed from "&Junkbuster" to "&Configuration".
+ *
+ *    Revision 1.8  2001/05/31 21:37:11  jongfoster
+ *    GUI changes to rename "permissions file" to "actions file".
+ *
+ *    Revision 1.7  2001/05/29 09:50:24  jongfoster
+ *    Unified blocklist/imagelist/permissionslist.
+ *    File format is still under discussion, but the internal changes
+ *    are (mostly) done.
+ *
+ *    Also modified interceptor behaviour:
+ *    - We now intercept all URLs beginning with one of the following
+ *      prefixes (and *only* these prefixes):
+ *        * http://i.j.b/
+ *        * http://ijbswa.sf.net/config/
+ *        * http://ijbswa.sourceforge.net/config/
+ *    - New interceptors "home page" - go to http://i.j.b/ to see it.
+ *    - Internal changes so that intercepted and fast redirect pages
+ *      are not replaced with an image.
+ *    - Interceptors now have the option to send a binary page direct
+ *      to the client. (i.e. ijb-send-banner uses this)
+ *    - Implemented show-url-info interceptor.  (Which is why I needed
+ *      the above interceptors changes - a typical URL is
+ *      "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ *      The previous mechanism would not have intercepted that, and
+ *      if it had been intercepted then it then it would have replaced
+ *      it with an image.)
+ *
+ *    Revision 1.6  2001/05/26 14:15:18  jongfoster
+ *    Cosmetic fix: // -> block comment
+ *
+ *    Revision 1.5  2001/05/26 13:24:31  jongfoster
+ *    New #define, WIN_GUI_EDIT, enables the (embryonic) Win32 GUI editor.
+ *    This #define cannot be set from ./configure - there's no point, it
+ *    doesn't work yet.  See feature request # 425722
+ *    (I missed this file in my original checkin)
+ *
+ *    Revision 1.4  2001/05/26 00:28:36  jongfoster
+ *    Automatic reloading of config file.
+ *    Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32).
+ *    Most of the global variables have been moved to a new
+ *    struct configuration_spec, accessed through csp->config->globalname
+ *    Most of the globals remaining are used by the Win32 GUI.
+ *
+ *    Revision 1.3  2001/05/25 22:33:40  jongfoster
+ *    CRLF->LF
+ *
+ *    Revision 1.2  2001/05/20 01:21:20  jongfoster
+ *    Version 2.9.4 checkin.
+ *    - Merged popupfile and cookiefile, and added control over PCRS
+ *      filtering, in new "permissionsfile".
+ *    - Implemented LOG_LEVEL_FATAL, so that if there is a configuration
+ *      file error you now get a message box (in the Win32 GUI) rather
+ *      than the program exiting with no explanation.
+ *    - Made killpopup use the PCRS MIME-type checking and HTTP-header
+ *      skipping.
+ *    - Removed tabs from "config"
+ *    - Moved duplicated url parsing code in "loaders.c" to a new funcition.
+ *    - Bumped up version number.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:59:07  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+#include "config.h"
+
+#ifndef STRICT
+#define STRICT
+#endif
+#include <windows.h>
+
+#include "w32res.h"
+
+#ifdef __MINGW32__
+#include "cygwin.h"
+#endif
+
+/****************************************************************************
+ *  Language-neutral resources
+ ****************************************************************************/
+
+#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_NEU)
+#ifdef _WIN32
+/* LANGUAGE LANG_NEUTRAL, SUBLANG_NEUTRAL */
+#pragma code_page(1252)
+#endif /* _WIN32 */
+
+/*
+ * Icons
+ *
+ * Icon with lowest ID value placed first to ensure application icon
+ * remains consistent on all systems.
+ */
+IDI_MAINICON            ICON    DISCARDABLE     "icons/privoxy.ico"
+IDI_ANIMATED1           ICON    DISCARDABLE     "icons/ico00001.ico"
+IDI_ANIMATED2           ICON    DISCARDABLE     "icons/ico00002.ico"
+IDI_ANIMATED3           ICON    DISCARDABLE     "icons/ico00003.ico"
+IDI_ANIMATED4           ICON    DISCARDABLE     "icons/ico00004.ico"
+IDI_ANIMATED5           ICON    DISCARDABLE     "icons/ico00005.ico"
+IDI_ANIMATED6           ICON    DISCARDABLE     "icons/ico00006.ico"
+IDI_ANIMATED7           ICON    DISCARDABLE     "icons/ico00007.ico"
+IDI_ANIMATED8           ICON    DISCARDABLE     "icons/ico00008.ico"
+IDI_IDLE                ICON    DISCARDABLE     "icons/privoxy.ico"
+IDI_OFF                 ICON    DISCARDABLE     "icons/off.ico"
+
+#endif /* Neutral resources */
+
+
+/****************************************************************************
+ *  English (U.S.) resources
+ ****************************************************************************/
+
+#if !defined(AFX_RESOURCE_DLL) || defined(AFX_TARG_ENU)
+#ifdef _WIN32
+/* LANGUAGE LANG_ENGLISH, SUBLANG_ENGLISH_US */
+#pragma code_page(1252)
+#endif /* def _WIN32 */
+
+/*
+ * File Version
+ */
+#ifndef _MAC
+
+VS_VERSION_INFO VERSIONINFO
+ FILEVERSION VERSION_MAJOR,VERSION_MINOR,VERSION_POINT,0
+ PRODUCTVERSION VERSION_MAJOR,VERSION_MINOR,VERSION_POINT,0
+ FILEFLAGSMASK 0x3fL
+#ifdef _DEBUG
+ FILEFLAGS 0x1L
+#else
+ FILEFLAGS 0x0L
+#endif
+ FILEOS 0x40004L
+ FILETYPE 0x1L
+ FILESUBTYPE 0x0L
+BEGIN
+    BLOCK "StringFileInfo"
+    BEGIN
+        BLOCK "040904b0"
+        BEGIN
+            VALUE "CompanyName", "The Privoxy team - www.privoxy.org\0"
+            VALUE "FileDescription", "Privoxy\0"
+            VALUE "FileVersion", VERSION "\0"
+            VALUE "InternalName", "Privoxy\0"
+            VALUE "LegalCopyright", "Distributed under the GNU GPL\0"
+            VALUE "OriginalFilename", "privoxy.exe\0"
+            VALUE "ProductName", "Privoxy\0"
+            VALUE "ProductVersion", VERSION "\0"
+        END
+    END
+    BLOCK "VarFileInfo"
+    BEGIN
+        VALUE "Translation", 0x409, 1200
+    END
+END
+
+#endif /* ndef _MAC */
+
+
+/*
+ * Menus
+ */
+
+IDR_TRAYMENU MENU DISCARDABLE
+BEGIN
+    POPUP "Popup"
+    BEGIN
+        MENUITEM "E&xit Privoxy",      ID_FILE_EXIT
+        MENUITEM                       SEPARATOR
+        POPUP "E&dit.."
+        BEGIN
+            MENUITEM "&Main Configuration",           ID_TOOLS_EDITCONFIG
+            MENUITEM "&Default Actions",              ID_TOOLS_EDITDEFAULTACTIONS
+            MENUITEM "&User Actions",                 ID_TOOLS_EDITUSERACTIONS
+            MENUITEM "&Filters",                      ID_TOOLS_EDITFILTERS
+#ifdef FEATURE_TRUST
+            MENUITEM "&Trust list",                   ID_TOOLS_EDITTRUST
+#endif /* def FEATURE_TRUST */
+        END
+        MENUITEM                              SEPARATOR
+#ifdef FEATURE_TOGGLE
+        MENUITEM "&Enable",                   ID_TOGGLE_ENABLED, CHECKED
+#endif /* def FEATURE_TOGGLE */
+        MENUITEM "Show Privoxy &Window",      ID_TOGGLE_SHOWWINDOW, CHECKED
+    END
+END
+
+IDR_LOGVIEW MENU DISCARDABLE
+BEGIN
+    POPUP "&File"
+    BEGIN
+        MENUITEM "E&xit",                       ID_FILE_EXIT
+    END
+    POPUP "&Edit"
+    BEGIN
+        MENUITEM "Copy",                        ID_EDIT_COPY
+    END
+    POPUP "&View"
+    BEGIN
+        MENUITEM "&Clear Log\tCtrl+D",          ID_VIEW_CLEARLOG
+        MENUITEM                                SEPARATOR
+        MENUITEM "&Log Messages",               ID_VIEW_LOGMESSAGES, CHECKED
+        MENUITEM "Message &Highlighting",       ID_VIEW_MESSAGEHIGHLIGHTING, CHECKED
+        MENUITEM "Limit &Buffer Size",          ID_VIEW_LIMITBUFFERSIZE, CHECKED
+        MENUITEM "&Activity Animation",         ID_VIEW_ACTIVITYANIMATION, CHECKED
+    END
+    POPUP "&Options"
+    BEGIN
+#ifdef FEATURE_TOGGLE
+        MENUITEM "&Enable",                     ID_TOGGLE_ENABLED, CHECKED
+        MENUITEM                                SEPARATOR
+#endif /* def FEATURE_TOGGLE */
+        MENUITEM "Edit Main &Configuration",      ID_TOOLS_EDITCONFIG
+        MENUITEM "Edit &Default Actions",         ID_TOOLS_EDITDEFAULTACTIONS
+        MENUITEM "Edit &User Actions",            ID_TOOLS_EDITUSERACTIONS
+        MENUITEM "Edit &Filters",                 ID_TOOLS_EDITFILTERS
+#ifdef FEATURE_TRUST
+        MENUITEM "Edit &Trust list",              ID_TOOLS_EDITTRUST
+#endif /* def FEATURE_TRUST */
+    END
+    POPUP "&Help"
+    BEGIN
+        MENUITEM "Privoxy &FAQ",                ID_HELP_FAQ
+        MENUITEM "Privoxy &Manual",             ID_HELP_MANUAL
+        MENUITEM "GNU &General Public Licence", ID_HELP_GPL
+        MENUITEM                                SEPARATOR
+        MENUITEM "Privoxy Status...",           ID_HELP_STATUS
+        MENUITEM                                SEPARATOR
+        MENUITEM "About Privoxy...",            ID_HELP_ABOUT
+    END
+END
+
+IDR_POPUP_SELECTION MENU DISCARDABLE
+BEGIN
+    POPUP "Popup"
+    BEGIN
+        MENUITEM "&Copy",                       ID_EDIT_COPY
+    END
+END
+
+
+/*
+ * Accelerators
+ */
+
+IDR_ACCELERATOR ACCELERATORS DISCARDABLE
+BEGIN
+    "C",            ID_EDIT_COPY,           VIRTKEY, CONTROL, NOINVERT
+    "D",            ID_VIEW_CLEARLOG,       VIRTKEY, CONTROL, NOINVERT
+END
+
+#endif /* English (U.S.) resources */
diff --git a/external/privoxy/w32log.c b/external/privoxy/w32log.c
new file mode 100644
index 0000000..e5df8b0
--- /dev/null
+++ b/external/privoxy/w32log.c
@@ -0,0 +1,1480 @@
+const char w32log_rcs[] = "$Id: w32log.c,v 1.33 2009/03/09 19:02:09 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/w32log.c,v $
+ *
+ * Purpose     :  Functions for creating and destroying the log window,
+ *                ouputting strings, processing messages and so on.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2009 members of
+ *                the Privoxy team.  http://www.privoxy.org/
+ *
+ *                Written by and Copyright (C) 1999 Adam Lock
+ *                <locka at iol.ie>
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: w32log.c,v $
+ *    Revision 1.33  2009/03/09 19:02:09  fabiankeil
+ *    Request the default charset in LogPutStringNoMatch().
+ *    Submitted by Burberry in #2674342 as fix for #2662382.
+ *
+ *    Revision 1.32  2009/03/09 18:32:48  fabiankeil
+ *    Use the Privoxy icon in the alt+tab window.
+ *    Patch submitted by Burberry in #2674342.
+ *
+ *    Revision 1.31  2009/03/07 17:58:02  fabiankeil
+ *    Fix two mingw32-only buffer overflows. Note that triggering
+ *    them requires control over the configuration file in which
+ *    case all bets are off anyway.
+ *
+ *    Revision 1.30  2009/01/01 15:09:23  ler762
+ *    Change the Windows taskbar icon when privoxy is toggled off.
+ *
+ *    Revision 1.29  2008/12/20 15:27:40  ler762
+ *    The crunch log message format changed, so update the strings to highlight
+ *    in the log window.
+ *
+ *    Revision 1.28  2008/11/02 14:37:47  ler762
+ *    commit the part of the patches I've been using that were written by torford and gjmurphy
+ *      [ 1824315 ] Minor code cleanup
+ *      [ 1781135 ] Patch - Add clear log, select all, and Accelerators for w32
+ *        http://sourceforge.net/tracker/?func=detail&atid=311118&aid=1781135&group_id=11118
+ *    The full patch adds control keys A(select all), C(copy) and D(delete all) to the
+ *    Privoxy log window menu.  Select all and copy work for me without the patch
+ *    (albeit without showing the accelerator keys on the menu), so the only part of the
+ *    patch I've been using for the last year or so has been the ctrl-d to delete
+ *    everything in the Privoxy log window.
+ *
+ *    Revision 1.27  2006/07/18 14:48:48  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.25.2.5  2003/04/04 12:48:51  oes
+ *    Fixed bug #711865:
+ *     - Made tray menu correctly reflect initial window visibility state
+ *     - Hopefully fixed problem where log window contents wasn't visible
+ *       until vertical scroll bar was clicked. Thanks to Guy for the fix!
+ *
+ *    Revision 1.25.2.4  2003/03/11 11:53:59  oes
+ *    Cosmetic: Renamed cryptic variable
+ *
+ *    Revision 1.25.2.3  2002/11/20 14:39:05  oes
+ *    Fixed compiler warning
+ *
+ *    Revision 1.25.2.2  2002/09/25 15:23:10  oes
+ *    Uncheck the "Show Privoxy Window" taskbar menu item when window gets minimized. Fixes bug #606804
+ *
+ *    Revision 1.25.2.1  2002/08/21 17:59:05  oes
+ *     - "Show Privoxy Window" now a toggle
+ *     - Temp kludge to let user and default action file be edited through win32 GUI (FR 592080)
+ *
+ *    Revision 1.25  2002/04/04 00:36:36  gliptak
+ *    always use pcre for matching
+ *
+ *    Revision 1.24  2002/03/31 17:19:00  jongfoster
+ *    Win32 only: Enabling STRICT to fix a VC++ compile warning.
+ *
+ *    Revision 1.23  2002/03/26 22:57:10  jongfoster
+ *    Web server name should begin www.
+ *
+ *    Revision 1.22  2002/03/24 12:48:23  jongfoster
+ *    Fixing doc links
+ *
+ *    Revision 1.21  2002/03/24 12:07:35  jongfoster
+ *    Consistern name for filters file
+ *
+ *    Revision 1.20  2002/03/24 12:03:47  jongfoster
+ *    Name change
+ *
+ *    Revision 1.19  2002/01/17 21:04:17  jongfoster
+ *    Replacing hard references to the URL of the config interface
+ *    with #defines from project.h
+ *
+ *    Revision 1.18  2001/11/30 23:37:24  jongfoster
+ *    Renaming the Win32 config file to config.txt - this is almost the
+ *    same as the corresponding UNIX name "config"
+ *
+ *    Revision 1.17  2001/11/16 00:46:31  jongfoster
+ *    Fixing compiler warnings
+ *
+ *    Revision 1.16  2001/08/01 19:58:12  jongfoster
+ *    Fixing documentation filenames in help menu, and making status
+ *    option work without needing the "Junkbuster Status.URL" file.
+ *
+ *    Revision 1.15  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.14  2001/07/29 18:47:05  jongfoster
+ *    Adding missing #include "loadcfg.h"
+ *
+ *    Revision 1.13  2001/07/19 19:15:14  haroon
+ *    - Added a FIXME for EditFile but didn't fix :-)
+ *
+ *    Revision 1.12  2001/07/13 14:04:59  oes
+ *    Removed all #ifdef PCRS
+ *
+ *    Revision 1.11  2001/06/07 23:08:12  jongfoster
+ *    Forward and ACL edit options removed.
+ *
+ *    Revision 1.10  2001/05/31 21:37:11  jongfoster
+ *    GUI changes to rename "permissions file" to "actions file".
+ *
+ *    Revision 1.9  2001/05/31 17:33:13  oes
+ *
+ *    CRLF -> LF
+ *
+ *    Revision 1.8  2001/05/29 09:50:24  jongfoster
+ *    Unified blocklist/imagelist/permissionslist.
+ *    File format is still under discussion, but the internal changes
+ *    are (mostly) done.
+ *
+ *    Also modified interceptor behaviour:
+ *    - We now intercept all URLs beginning with one of the following
+ *      prefixes (and *only* these prefixes):
+ *        * http://i.j.b/
+ *        * http://ijbswa.sf.net/config/
+ *        * http://ijbswa.sourceforge.net/config/
+ *    - New interceptors "home page" - go to http://i.j.b/ to see it.
+ *    - Internal changes so that intercepted and fast redirect pages
+ *      are not replaced with an image.
+ *    - Interceptors now have the option to send a binary page direct
+ *      to the client. (i.e. ijb-send-banner uses this)
+ *    - Implemented show-url-info interceptor.  (Which is why I needed
+ *      the above interceptors changes - a typical URL is
+ *      "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ *      The previous mechanism would not have intercepted that, and
+ *      if it had been intercepted then it then it would have replaced
+ *      it with an image.)
+ *
+ *    Revision 1.7  2001/05/26 01:26:34  jongfoster
+ *    New #define, WIN_GUI_EDIT, enables the (embryonic) Win32 GUI editor.
+ *    This #define cannot be set from ./configure - there's no point, it
+ *    doesn't work yet.  See feature request # 425722
+ *
+ *    Revision 1.6  2001/05/26 00:31:30  jongfoster
+ *    Fixing compiler warning about comparing signed/unsigned.
+ *
+ *    Revision 1.5  2001/05/26 00:28:36  jongfoster
+ *    Automatic reloading of config file.
+ *    Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32).
+ *    Most of the global variables have been moved to a new
+ *    struct configuration_spec, accessed through csp->config->globalname
+ *    Most of the globals remaining are used by the Win32 GUI.
+ *
+ *    Revision 1.4  2001/05/22 18:56:28  oes
+ *    CRLF -> LF
+ *
+ *    Revision 1.3  2001/05/20 15:07:54  jongfoster
+ *    File is now ignored if _WIN_CONSOLE is defined.
+ *
+ *    Revision 1.2  2001/05/20 01:21:20  jongfoster
+ *    Version 2.9.4 checkin.
+ *    - Merged popupfile and cookiefile, and added control over PCRS
+ *      filtering, in new "permissionsfile".
+ *    - Implemented LOG_LEVEL_FATAL, so that if there is a configuration
+ *      file error you now get a message box (in the Win32 GUI) rather
+ *      than the program exiting with no explanation.
+ *    - Made killpopup use the PCRS MIME-type checking and HTTP-header
+ *      skipping.
+ *    - Removed tabs from "config"
+ *    - Moved duplicated url parsing code in "loaders.c" to a new funcition.
+ *    - Bumped up version number.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:59:07  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+#include <assert.h>
+#include <stdio.h>
+
+#ifndef STRICT
+#define STRICT
+#endif
+#include <windows.h>
+#include <richedit.h>
+
+#include "project.h"
+#include "w32log.h"
+#include "w32taskbar.h"
+#include "win32.h"
+#include "w32res.h"
+#include "jcc.h"
+#include "miscutil.h"
+#include "errlog.h"
+#include "loadcfg.h"
+
+const char w32res_h_rcs[] = W32RES_H_VERSION;
+
+#ifdef __MINGW32__
+#include "cygwin.h"
+const char cygwin_h_rcs[] = CYGWIN_H_VERSION;
+#endif
+
+const char w32log_h_rcs[] = W32LOG_H_VERSION;
+
+#ifndef _WIN_CONSOLE /* entire file */
+
+/*
+ * Timers and the various durations
+ */
+#define TIMER_ANIM_ID               1
+#define TIMER_ANIM_TIME             100
+#define TIMER_ANIMSTOP_ID           2
+#define TIMER_ANIMSTOP_TIME         1000
+#define TIMER_CLIPBUFFER_ID         3
+#define TIMER_CLIPBUFFER_TIME       1000
+#define TIMER_CLIPBUFFER_FORCE_ID   4
+#define TIMER_CLIPBUFFER_FORCE_TIME 5000
+
+/*
+ * Styles of text that can be output
+ */
+#define STYLE_NONE      0
+#define STYLE_HIGHLIGHT 1
+#define STYLE_LINK      2
+#define STYLE_HEADER    3
+
+/*
+ * Number of frames of animation in tray activity sequence
+ */
+#define ANIM_FRAMES 8
+
+#define DEFAULT_MAX_BUFFER_LINES    200
+#define DEFAULT_LOG_FONT_NAME       "MS Sans Serif"
+#define DEFAULT_LOG_FONT_SIZE       8
+
+/*
+ * These values affect the way the log window behaves, they should be read
+ * from a file but for the moment, they are hardcoded here. Some options are
+ * configurable through the UI.
+ */
+
+/* Indicates whether task bar shows activity animation */
+BOOL g_bShowActivityAnimation = 1;
+
+/* Indicates whether the log window is shown */
+BOOL g_bShowLogWindow = 1;
+
+/* Indicates if the log window appears on the task bar */
+BOOL g_bShowOnTaskBar = 0;
+
+/* Indicates whether closing the log window really just hides it */
+BOOL g_bCloseHidesWindow = 1;
+
+/* Indicates if messages are logged at all */
+BOOL g_bLogMessages = 1;
+
+/* Indicates whether log messages are highlighted */
+BOOL g_bHighlightMessages = 1;
+
+/* Indicates if buffer is limited in size */
+BOOL g_bLimitBufferSize = 1;
+
+/* Maximum number of lines allowed in buffer when limited */
+int g_nMaxBufferLines = DEFAULT_MAX_BUFFER_LINES;
+
+/* Font to use */
+char g_szFontFaceName[32] = DEFAULT_LOG_FONT_NAME;
+
+/* Size of font to use */
+int g_nFontSize = DEFAULT_LOG_FONT_SIZE;
+
+
+/* FIXME: this is a kludge */
+
+const char * g_default_actions_file = NULL;
+const char * g_user_actions_file = NULL;
+const char * g_re_filterfile = NULL;
+#ifdef FEATURE_TRUST
+const char * g_trustfile = NULL;
+#endif /* def FEATURE_TRUST */
+
+/* FIXME: end kludge */
+
+/* Regular expression for detected URLs */
+#define RE_URL "http:[^ \n\r]*"
+
+/*
+ * Regular expressions that are used to perform highlight in the log window
+ */
+static struct _Pattern
+{
+   const char *str;
+   int style;
+   regex_t buffer;
+} patterns_to_highlight[] =
+{
+   /* url headers */
+   { RE_URL,                STYLE_LINK },
+/* { "[a-zA-Z0-9]+\\.[a-zA-Z0-9]+\\.[a-zA-Z0-9]+\\.[^ \n\r]*", STYLE_LINK }, */
+   /* interesting text to highlight */
+   /*   see jcc.c crunch_reason for the full list */
+   { "Crunch: Blocked:",            STYLE_HIGHLIGHT },
+   { "Crunch: Untrusted",           STYLE_HIGHLIGHT },
+   { "Crunch: Redirected:",         STYLE_HIGHLIGHT },
+   { "Crunch: DNS failure",         STYLE_HIGHLIGHT },
+   { "Crunch: Forwarding failed",   STYLE_HIGHLIGHT },
+   { "Crunch: Connection failure",  STYLE_HIGHLIGHT },
+   { "Crunch: Out of memory",       STYLE_HIGHLIGHT },
+   /* what are all the possible error strings?? */
+   { "Error:",                      STYLE_HIGHLIGHT },
+   /* http headers */
+   { "referer:",            STYLE_HEADER },
+   { "proxy-connection:",   STYLE_HEADER },
+   { "proxy-agent:",        STYLE_HEADER },
+   { "user-agent:",         STYLE_HEADER },
+   { "host:",               STYLE_HEADER },
+   { "accept:",             STYLE_HEADER },
+   { "accept-encoding:",    STYLE_HEADER },
+   { "accept-language:",    STYLE_HEADER },
+   { "accept-charset:",     STYLE_HEADER },
+   { "accept-ranges:",      STYLE_HEADER },
+   { "date:",               STYLE_HEADER },
+   { "cache-control:",      STYLE_HEADER },
+   { "cache-last-checked:", STYLE_HEADER },
+   { "connection:",         STYLE_HEADER },
+   { "content-type",        STYLE_HEADER },
+   { "content-length",      STYLE_HEADER },
+   { "cookie",              STYLE_HEADER },
+   { "last-modified:",      STYLE_HEADER },
+   { "pragma:",             STYLE_HEADER },
+   { "server:",             STYLE_HEADER },
+   { "etag:",               STYLE_HEADER },
+   { "expires:",            STYLE_HEADER },
+   { "warning:",            STYLE_HEADER },
+   /* this is the terminator statement - do not delete! */
+   { NULL,                  STYLE_NONE }
+};
+
+/*
+ * Public variables
+ */
+HWND g_hwndLogFrame;
+HICON g_hiconApp;
+
+/*
+ * Private variables
+ */
+static CRITICAL_SECTION g_criticalsection;
+static HWND g_hwndTray;
+static HWND g_hwndLogBox;
+static WNDPROC g_fnLogBox;
+static HICON g_hiconAnim[ANIM_FRAMES];
+static HICON g_hiconIdle;
+static HICON g_hiconOff;
+static int g_nAnimFrame;
+static BOOL g_bClipPending = FALSE;
+static int g_nRichEditVersion = 0;
+
+/*
+ * Private functions
+ */
+static HWND CreateLogWindow(HINSTANCE hInstance, int nCmdShow);
+static HWND CreateHiddenLogOwnerWindow(HINSTANCE hInstance);
+static LRESULT CALLBACK LogWindowProc(HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam);
+static LRESULT CALLBACK LogOwnerWindowProc(HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam);
+static LRESULT CALLBACK LogRichEditProc(HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam);
+static BOOL InitRichEdit(void);
+static void LogClipBuffer(void);
+static void LogCreatePatternMatchingBuffers(void);
+static void LogDestroyPatternMatchingBuffers(void);
+static int LogPutStringNoMatch(const char *pszText, int style);
+static void SetIdleIcon(void);
+
+
+/*********************************************************************
+ *
+ * Function    :  InitLogWindow
+ *
+ * Description :  Initialise the log window.
+ *
+ * Parameters  :  None
+ *
+ * Returns     :  Always TRUE (there should be error checking on the resources).
+ *
+ *********************************************************************/
+BOOL InitLogWindow(void)
+{
+   int i;
+
+   /* Load the icons */
+   g_hiconIdle = LoadIcon(g_hInstance, MAKEINTRESOURCE(IDI_IDLE));
+   g_hiconOff  = LoadIcon(g_hInstance, MAKEINTRESOURCE(IDI_OFF));
+   for (i = 0; i < ANIM_FRAMES; i++)
+   {
+      g_hiconAnim[i] = LoadIcon(g_hInstance, MAKEINTRESOURCE(IDI_ANIMATED1 + i));
+   }
+   g_hiconApp = LoadIcon(g_hInstance, MAKEINTRESOURCE(IDI_MAINICON));
+
+   /* Create the user interface */
+   g_hwndLogFrame = CreateLogWindow(g_hInstance, g_nCmdShow);
+   g_hwndTray = CreateTrayWindow(g_hInstance);
+   TrayAddIcon(g_hwndTray, 1, g_hiconApp, "Privoxy");
+
+   /* Create pattern matching buffers (for highlighting */
+   LogCreatePatternMatchingBuffers();
+
+   /* Create a critical section to protect multi-threaded access to certain things */
+   InitializeCriticalSection(&g_criticalsection);
+
+   return TRUE;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  TermLogWindow
+ *
+ * Description :  Cleanup the logwindow.
+ *
+ * Parameters  :  None
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void TermLogWindow(void)
+{
+   int i;
+
+   LogDestroyPatternMatchingBuffers();
+
+   TrayDeleteIcon(g_hwndTray, 1);
+   DeleteObject(g_hiconApp);
+   DeleteObject(g_hiconIdle);
+   DeleteObject(g_hiconOff);
+   for (i = 0; i < ANIM_FRAMES; i++)
+   {
+      DeleteObject(g_hiconAnim[i]);
+   }
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  LogCreatePatternMatchingBuffers
+ *
+ * Description :  Compile the pattern matching buffers.
+ *
+ * Parameters  :  None
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void LogCreatePatternMatchingBuffers(void)
+{
+   int i;
+   for (i = 0; patterns_to_highlight[i].str != NULL; i++)
+   {
+      regcomp(&patterns_to_highlight[i].buffer, patterns_to_highlight[i].str, REG_ICASE);
+   }
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  LogDestroyPatternMatchingBuffers
+ *
+ * Description :  Free up the pattern matching buffers.
+ *
+ * Parameters  :  None
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void LogDestroyPatternMatchingBuffers(void)
+{
+   int i;
+   for (i = 0; patterns_to_highlight[i].str != NULL; i++)
+   {
+      regfree(&patterns_to_highlight[i].buffer);
+   }
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  LogGetURLUnderCursor
+ *
+ * Description :  Returns the URL from under the cursor (remember to free it!).
+ *
+ * Parameters  :  None
+ *
+ * Returns     :  NULL or a pointer to an URL string.
+ *
+ *********************************************************************/
+char *LogGetURLUnderCursor(void)
+{
+   char *szResult = NULL;
+   regex_t re;
+   POINT ptCursor;
+   POINTL ptl;
+   DWORD nPos;
+   DWORD nWordStart = 0;
+   DWORD nWordEnd = 0;
+
+   regcomp(&re, RE_URL, REG_ICASE);
+
+   /* Get the position of the cursor over the text window */
+   GetCursorPos(&ptCursor);
+   ScreenToClient(g_hwndLogBox, &ptCursor);
+   ptl.x = ptCursor.x;
+   ptl.y = ptCursor.y;
+
+   /* Search backwards and fowards to obtain the word that is highlighted */
+   nPos = LOWORD(SendMessage(g_hwndLogBox, EM_CHARFROMPOS, 0, (LPARAM) &ptl));
+   nWordStart = SendMessage(g_hwndLogBox, EM_FINDWORDBREAK, WB_LEFT, nPos);
+   nWordEnd = SendMessage(g_hwndLogBox, EM_FINDWORDBREAK, WB_RIGHTBREAK, nPos);
+
+   /* Compare the string to the pattern */
+   if (nWordEnd > nWordStart)
+   {
+      TEXTRANGE range;
+      regmatch_t match;
+
+      range.chrg.cpMin = nWordStart;
+      range.chrg.cpMax = nWordEnd;
+      range.lpstrText = (LPSTR)zalloc(nWordEnd - nWordStart + 1);
+      SendMessage(g_hwndLogBox, EM_GETTEXTRANGE, 0, (LPARAM) &range);
+
+      if (regexec(&re, range.lpstrText, 1, &match, 0) == 0)
+      {
+         szResult = range.lpstrText;
+      }
+      else
+      {
+         free(range.lpstrText);
+      }
+
+      regfree(&re);
+   }
+   return szResult;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  LogPutString
+ *
+ * Description :  Inserts text into the logging window.  This is really
+ *                a regexp aware wrapper function to `LogPutStringNoMatch'.
+ *
+ * Parameters  :
+ *          1  :  pszText = pointer to string going to the log window
+ *
+ * Returns     :  1 => success, else the return code from `LogPutStringNoMatch'.
+ *                FIXME: this is backwards to the rest of IJB and to common
+ *                programming practice.  Please use 0 => success instead.
+ *
+ *********************************************************************/
+int LogPutString(const char *pszText)
+{
+   int i;
+   int result = 0;
+
+   if (pszText == NULL || strlen(pszText) == 0)
+   {
+      return 1;
+   }
+
+   if (!g_bLogMessages)
+   {
+      return 1;
+   }
+
+   /* Critical section stops multiple threads doing nasty interactions that
+    * foul up the highlighting and output.
+    */
+   EnterCriticalSection(&g_criticalsection);
+
+   if (g_bHighlightMessages)
+   {
+      regmatch_t match;
+
+      /* First things first, regexp scan for various things that we would like highlighted */
+      for (i = 0; patterns_to_highlight[i].str != NULL; i++)
+      {
+         if (regexec(&patterns_to_highlight[i].buffer, pszText, 1, &match, 0) == 0)
+         {
+            char *pszBefore = NULL;
+            char *pszMatch = NULL;
+            char *pszAfter = NULL;
+            int nMatchSize;
+
+            /* Split the string up into pieces representing the strings, before
+               at and after the matching pattern
+             */
+            if (match.rm_so > 0)
+            {
+               pszBefore = (char *)malloc((match.rm_so + 1) * sizeof(char));
+               memset(pszBefore, 0, (match.rm_so + 1) * sizeof(char));
+               strncpy(pszBefore, pszText, match.rm_so);
+            }
+            if (match.rm_eo < (regoff_t)strlen(pszText))
+            {
+               pszAfter = strdup(&pszText[match.rm_eo]);
+            }
+            nMatchSize = match.rm_eo - match.rm_so;
+            pszMatch = (char *)malloc(nMatchSize + 1);
+            strncpy(pszMatch, &pszText[match.rm_so], nMatchSize);
+            pszMatch[nMatchSize] = '\0';
+
+            /* Recursively call LogPutString */
+            if (pszBefore)
+            {
+               LogPutString(pszBefore);
+               free(pszBefore);
+            }
+            if (pszMatch)
+            {
+               LogPutStringNoMatch(pszMatch, patterns_to_highlight[i].style);
+               free(pszMatch);
+            }
+            if (pszAfter)
+            {
+               LogPutString(pszAfter);
+               free(pszAfter);
+            }
+
+            result = 1;
+            goto end;
+         }
+      }
+   }
+
+   result = LogPutStringNoMatch(pszText, STYLE_NONE);
+
+end:
+   LeaveCriticalSection(&g_criticalsection);
+
+   return result;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  LogPutStringNoMatch
+ *
+ * Description :  Puts a string into the logging window.
+ *
+ * Parameters  :
+ *          1  :  pszText = pointer to string going to the log window
+ *          2  :  style = STYLE_NONE, STYLE_HEADER, STYLE_HIGHLIGHT, or STYLE_LINK
+ *
+ * Returns     :  Always 1 => success.
+ *                FIXME: this is backwards to the rest of IJB and to common
+ *                programming practice.  Please use 0 => success instead.
+ *
+ *********************************************************************/
+int LogPutStringNoMatch(const char *pszText, int style)
+{
+   CHARRANGE range;
+   CHARFORMAT format;
+   int nTextLength;
+
+   assert(g_hwndLogBox);
+   if (g_hwndLogBox == NULL)
+   {
+      return 1;
+   }
+
+   /* TODO preserve existing selection */
+
+   /* Go to the end of the text */
+   nTextLength = GetWindowTextLength(g_hwndLogBox);
+   range.cpMin = nTextLength;
+   range.cpMax = nTextLength;
+   SendMessage(g_hwndLogBox, EM_EXSETSEL, 0, (LPARAM) &range);
+
+   /* Apply a formatting style */
+   memset(&format, 0, sizeof(format));
+   format.cbSize = sizeof(format);
+   format.dwMask = CFM_BOLD | CFM_UNDERLINE | CFM_STRIKEOUT |
+      CFM_ITALIC | CFM_COLOR | CFM_FACE | CFM_SIZE | CFM_CHARSET;
+   format.bCharSet = DEFAULT_CHARSET;
+   format.yHeight = (g_nFontSize * 1440) / 72;
+   strlcpy(format.szFaceName, g_szFontFaceName, sizeof(format.szFaceName));
+   if (style == STYLE_NONE)
+   {
+      /* DO NOTHING */
+      format.dwEffects |= CFE_AUTOCOLOR;
+   }
+   else if (style == STYLE_HEADER)
+   {
+      format.dwEffects |= CFE_AUTOCOLOR | CFE_ITALIC;
+   }
+   else if (style == STYLE_HIGHLIGHT)
+   {
+      format.dwEffects |= CFE_AUTOCOLOR | CFE_BOLD;
+   }
+   else if (style == STYLE_LINK)
+   {
+      format.dwEffects |= CFE_UNDERLINE;
+      format.crTextColor = RGB(0, 0, 255);
+   }
+   SendMessage(g_hwndLogBox, EM_SETCHARFORMAT, SCF_SELECTION, (LPARAM) &format);
+
+   /* Append text to the end */
+   SendMessage(g_hwndLogBox, EM_REPLACESEL, FALSE, (LPARAM) pszText);
+
+   /* TODO Restore the old selection */
+
+   /* Purge buffer */
+   if (strchr(pszText, '\n') != NULL)
+   {
+      SetTimer(g_hwndLogFrame, TIMER_CLIPBUFFER_ID, TIMER_CLIPBUFFER_TIME, NULL);
+      if (!g_bClipPending)
+      {
+         /* Set the force clip timer going. This timer ensures clipping is done
+            intermittently even when there is a sustained burst of logging
+         */
+         SetTimer(g_hwndLogFrame, TIMER_CLIPBUFFER_FORCE_ID, TIMER_CLIPBUFFER_FORCE_TIME, NULL);
+      }
+      g_bClipPending = TRUE;
+   }
+
+   return 1;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  LogShowActivity
+ *
+ * Description :  Start the spinner.
+ *
+ * Parameters  :  None
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void LogShowActivity(void)
+{
+   /* Start some activity timers */
+   if (g_bShowActivityAnimation)
+   {
+      SetTimer(g_hwndLogFrame, TIMER_ANIM_ID, TIMER_ANIM_TIME, NULL);
+      SetTimer(g_hwndLogFrame, TIMER_ANIMSTOP_ID, TIMER_ANIMSTOP_TIME, NULL);
+   }
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  LogClipBuffer
+ *
+ * Description :  Prunes old lines from the log.
+ *
+ * Parameters  :  None
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void LogClipBuffer(void)
+{
+   int nLines = SendMessage(g_hwndLogBox, EM_GETLINECOUNT, 0, 0);
+   if (g_bLimitBufferSize && nLines > g_nMaxBufferLines)
+   {
+      /* Compute the range representing the lines to be deleted */
+      LONG nLastLineToDelete = nLines - g_nMaxBufferLines;
+      LONG nLastChar = SendMessage(g_hwndLogBox, EM_LINEINDEX, nLastLineToDelete, 0);
+      CHARRANGE range;
+      range.cpMin = 0;
+      range.cpMax = nLastChar;
+
+      /* TODO get current selection */
+
+      /* TODO adjust and clip old selection against range to be deleted */
+
+      /* Select range and erase it (turning off autoscroll to prevent
+         nasty scrolling) */
+      SendMessage(g_hwndLogBox, EM_SETOPTIONS, ECOOP_XOR, ECO_AUTOVSCROLL);
+      SendMessage(g_hwndLogBox, EM_EXSETSEL, 0, (LPARAM) &range);
+      SendMessage(g_hwndLogBox, EM_REPLACESEL, FALSE, (LPARAM) "");
+      SendMessage(g_hwndLogBox, EM_SETOPTIONS, ECOOP_XOR, ECO_AUTOVSCROLL);
+
+      /* reposition (back to) the end of the log content */
+      range.cpMin = SendMessage (g_hwndLogBox, WM_GETTEXTLENGTH, 0, 0);
+      range.cpMax = -1;
+      SendMessage(g_hwndLogBox, EM_EXSETSEL, 0, (LPARAM) &range);
+ 
+      /* restore vertical ScrollBar stuff (messed up by AUTOVSCROLL) */
+      SendMessage (g_hwndLogBox, EM_SCROLL, SB_LINEDOWN, 0);
+ 
+   }
+
+}                                        
+
+
+/*********************************************************************
+ *
+ * Function    :  CreateHiddenLogOwnerWindow
+ *
+ * Description :  Creates a hidden owner window that stops the log
+ *                window appearing in the task bar.
+ *
+ * Parameters  :
+ *          1  :  hInstance = application's instance handle
+ *
+ * Returns     :  Handle to newly created window.
+ *
+ *********************************************************************/
+HWND CreateHiddenLogOwnerWindow(HINSTANCE hInstance)
+{
+   static const char *szWndName = "PrivoxyLogOwner";
+   WNDCLASS wc;
+   HWND hwnd;
+
+   wc.style          = 0;
+   wc.lpfnWndProc    = LogOwnerWindowProc;
+   wc.cbClsExtra     = 0;
+   wc.cbWndExtra     = 0;
+   wc.hInstance      = hInstance;
+   wc.hIcon          = g_hiconApp;
+   wc.hCursor        = 0;
+   wc.hbrBackground  = 0;
+   wc.lpszMenuName   = 0;
+   wc.lpszClassName  = szWndName;
+
+   RegisterClass(&wc);
+
+   hwnd = CreateWindow(szWndName, szWndName,
+      WS_OVERLAPPEDWINDOW, CW_USEDEFAULT, CW_USEDEFAULT, CW_USEDEFAULT,
+      CW_USEDEFAULT, NULL, NULL, hInstance, NULL );
+
+   return hwnd;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  LogOwnerWindowProc
+ *
+ * Description :  Dummy procedure that does nothing special.
+ *
+ * Parameters  :
+ *          1  :  hwnd = window handle
+ *          2  :  uMsg = message number
+ *          3  :  wParam = first param for this message
+ *          4  :  lParam = next param for this message
+ *
+ * Returns     :  Same as `DefWindowProc'.
+ *
+ *********************************************************************/
+LRESULT CALLBACK LogOwnerWindowProc(HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam)
+{
+   return DefWindowProc(hwnd, uMsg, wParam, lParam);
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  CreateLogWindow
+ *
+ * Description :  Create the logging window.
+ *
+ * Parameters  :
+ *          1  :  hInstance = application's instance handle
+ *          2  :  nCmdShow = window show value (MIN, MAX, NORMAL, etc...)
+ *
+ * Returns     :  Handle to newly created window.
+ *
+ *********************************************************************/
+HWND CreateLogWindow(HINSTANCE hInstance, int nCmdShow)
+{
+   static const char *szWndName = "PrivoxyLogWindow";
+   static const char *szWndTitle = "Privoxy";
+
+   HWND hwnd = NULL;
+   HWND hwndOwner = (g_bShowOnTaskBar) ? NULL : CreateHiddenLogOwnerWindow(hInstance);
+   RECT rcClient;
+   WNDCLASSEX wc;
+
+   memset(&wc, 0, sizeof(wc));
+   wc.cbSize         = sizeof(wc);
+   wc.style          = CS_DBLCLKS;
+   wc.lpfnWndProc    = LogWindowProc;
+   wc.cbClsExtra     = 0;
+   wc.cbWndExtra     = 0;
+   wc.hInstance      = hInstance;
+   wc.hIcon          = g_hiconApp;
+   wc.hCursor        = 0;
+   wc.hbrBackground  = 0;
+   wc.lpszMenuName   = MAKEINTRESOURCE(IDR_LOGVIEW);
+   wc.lpszClassName  = szWndName;
+   wc.hbrBackground  = GetStockObject(WHITE_BRUSH);
+   RegisterClassEx(&wc);
+
+   hwnd = CreateWindowEx(WS_EX_APPWINDOW, szWndName, szWndTitle,
+      WS_OVERLAPPEDWINDOW, CW_USEDEFAULT, CW_USEDEFAULT, CW_USEDEFAULT,
+      CW_USEDEFAULT, hwndOwner, NULL, hInstance, NULL);
+
+   /* Now create a child list box */
+   GetClientRect(hwnd, &rcClient);
+
+   /* Create a rich edit control */
+   InitRichEdit();
+   g_hwndLogBox = CreateWindowEx(0, (g_nRichEditVersion == 0x0100) ? "RichEdit" : RICHEDIT_CLASS, "",
+      ES_AUTOVSCROLL | ES_MULTILINE | ES_READONLY | ES_NOHIDESEL | WS_CHILD | WS_VSCROLL | WS_HSCROLL | WS_VISIBLE,
+      rcClient.left, rcClient.top, rcClient.right, rcClient.bottom,
+      hwnd, NULL, hInstance, NULL);
+/* SendMessage(g_hwndLogBox, EM_SETWORDWRAPMODE, 0, 0); */
+
+   /* Subclass the control to catch certain messages */
+   g_fnLogBox = (WNDPROC) GetWindowLong(g_hwndLogBox, GWL_WNDPROC);
+   SetWindowLong(g_hwndLogBox, GWL_WNDPROC, (LONG) LogRichEditProc);
+
+   /* Minimizing looks stupid when the log window is not on the task bar, so hide instead */
+   if (!g_bShowOnTaskBar &&
+         (nCmdShow == SW_SHOWMINIMIZED ||
+          nCmdShow == SW_MINIMIZE ||
+          nCmdShow == SW_SHOWMINNOACTIVE))
+   {
+      g_bShowLogWindow = FALSE;
+      nCmdShow = SW_HIDE;
+   }
+
+   ShowWindow(hwnd, nCmdShow);
+   UpdateWindow(hwnd);
+
+
+   GetClientRect(g_hwndLogFrame, &rcClient);
+   SetWindowPos(g_hwndLogBox, NULL, rcClient.left, rcClient.top, rcClient.right - rcClient.left, rcClient.bottom - rcClient.top, SWP_NOZORDER);
+
+   return hwnd;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  InitRichEdit
+ *
+ * Description :  Initialise the rich edit control library.
+ *
+ * Parameters  :  None
+ *
+ * Returns     :  TRUE => success, FALSE => failure.
+ *                FIXME: this is backwards to the rest of IJB and to common
+ *                programming practice.  Please use 0 => success instead.
+ *
+ *********************************************************************/
+BOOL InitRichEdit(void)
+{
+   static HINSTANCE hInstRichEdit;
+   if (hInstRichEdit == NULL)
+   {
+      g_nRichEditVersion = 0;
+      hInstRichEdit = LoadLibraryA("RICHED20.DLL");
+      if (hInstRichEdit)
+      {
+         g_nRichEditVersion = _RICHEDIT_VER;
+      }
+      else
+      {
+         hInstRichEdit = LoadLibraryA("RICHED32.DLL");
+         if (hInstRichEdit)
+         {
+            g_nRichEditVersion = 0x0100;
+         }
+      }
+   }
+   return (hInstRichEdit != NULL) ? TRUE : FALSE;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  ShowLogWindow
+ *
+ * Description :  Shows or hides the log window.  We will also raise the
+ *                window on a show command in case it is buried.
+ *
+ * Parameters  :
+ *          1  :  bShow = TRUE to show, FALSE to mimize/hide
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void ShowLogWindow(BOOL bShow)
+{
+   if (bShow)
+   {
+      SetForegroundWindow(g_hwndLogFrame);
+      SetWindowPos(g_hwndLogFrame, HWND_TOP, 0, 0, 0, 0, SWP_SHOWWINDOW | SWP_NOSIZE | SWP_NOMOVE);
+      
+   }
+   else if (g_bShowOnTaskBar)
+   {
+      ShowWindow(g_hwndLogFrame, SW_MINIMIZE);
+   }
+   else
+   {
+      ShowWindow(g_hwndLogFrame, SW_HIDE);
+   }
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  EditFile
+ *
+ * Description :  Opens the specified setting file for editing.
+ * FIXME: What if the file has no associated application. Check for return values
+*        from ShellExecute??
+ *
+ * Parameters  :
+ *          1  :  filename = filename from the config (aka config.txt) file.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void EditFile(const char *filename)
+{
+   if (filename)
+   {
+      ShellExecute(g_hwndLogFrame, "open", filename, NULL, NULL, SW_SHOWNORMAL);
+   }
+
+}
+
+
+/*--------------------------------------------------------------------------*/
+/* Windows message handlers                                                 */
+/*--------------------------------------------------------------------------*/
+
+
+/*********************************************************************
+ *
+ * Function    :  OnLogRButtonUp
+ *
+ * Description :  Handler for WM_RBUTTONUP messages.
+ *
+ * Parameters  :
+ *          1  :  nModifier = wParam from mouse message (unused)
+ *          2  :  x = x coordinate of the mouse event
+ *          3  :  y = y coordinate of the mouse event
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void OnLogRButtonUp(int nModifier, int x, int y)
+{
+   HMENU hMenu = LoadMenu(g_hInstance, MAKEINTRESOURCE(IDR_POPUP_SELECTION));
+   if (hMenu != NULL)
+   {
+      HMENU hMenuPopup = GetSubMenu(hMenu, 0);
+
+      /* Check if there is a selection */
+      CHARRANGE range;
+      SendMessage(g_hwndLogBox, EM_EXGETSEL, 0, (LPARAM) &range);
+      if (range.cpMin == range.cpMax)
+      {
+         EnableMenuItem(hMenuPopup, ID_EDIT_COPY, MF_BYCOMMAND | MF_GRAYED);
+      }
+      else
+      {
+         EnableMenuItem(hMenuPopup, ID_EDIT_COPY, MF_BYCOMMAND | MF_ENABLED);
+      }
+
+      /* Display the popup */
+      TrackPopupMenu(hMenuPopup, TPM_LEFTALIGN | TPM_TOPALIGN | TPM_RIGHTBUTTON, x, y, 0, g_hwndLogFrame, NULL);
+      DestroyMenu(hMenu);
+   }
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  OnLogCommand
+ *
+ * Description :  Handler for WM_COMMAND messages.
+ *
+ * Parameters  :
+ *          1  :  nCommand = the command portion of the menu selection event
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void OnLogCommand(int nCommand)
+{
+   switch (nCommand)
+   {
+      case ID_TOGGLE_SHOWWINDOW:
+         g_bShowLogWindow = !g_bShowLogWindow;
+
+         ShowLogWindow(g_bShowLogWindow);
+         break;
+
+      case ID_FILE_EXIT:
+         PostMessage(g_hwndLogFrame, WM_CLOSE, 0, 0);
+         break;
+
+      case ID_EDIT_COPY:
+         SendMessage(g_hwndLogBox, WM_COPY, 0, 0);
+         break;
+
+      case ID_VIEW_CLEARLOG:
+         SendMessage(g_hwndLogBox, WM_SETTEXT, 0, (LPARAM) "");
+         break;
+
+      case ID_VIEW_LOGMESSAGES:
+         g_bLogMessages = !g_bLogMessages;
+         /* SaveLogSettings(); */
+         break;
+
+      case ID_VIEW_MESSAGEHIGHLIGHTING:
+         g_bHighlightMessages = !g_bHighlightMessages;
+         /* SaveLogSettings(); */
+         break;
+
+      case ID_VIEW_LIMITBUFFERSIZE:
+         g_bLimitBufferSize = !g_bLimitBufferSize;
+         /* SaveLogSettings(); */
+         break;
+
+      case ID_VIEW_ACTIVITYANIMATION:
+         g_bShowActivityAnimation = !g_bShowActivityAnimation;
+         /* SaveLogSettings(); */
+         break;
+
+#ifdef FEATURE_TOGGLE
+      /* by haroon - change toggle to its opposite value */
+      case ID_TOGGLE_ENABLED:
+         global_toggle_state = !global_toggle_state;
+         if (global_toggle_state)
+         {
+            log_error(LOG_LEVEL_INFO, "Now toggled ON.");
+         }
+         else
+         {
+            log_error(LOG_LEVEL_INFO, "Now toggled OFF.");
+         }
+         SetIdleIcon();
+         break;
+#endif /* def FEATURE_TOGGLE */
+
+      case ID_TOOLS_EDITCONFIG:
+         EditFile(configfile);
+         break;
+
+      case ID_TOOLS_EDITDEFAULTACTIONS:
+         EditFile(g_default_actions_file);
+         break;
+
+      case ID_TOOLS_EDITUSERACTIONS:
+         EditFile(g_user_actions_file);
+         break;
+
+      case ID_TOOLS_EDITFILTERS:
+         EditFile(g_re_filterfile);
+         break;
+
+#ifdef FEATURE_TRUST
+      case ID_TOOLS_EDITTRUST:
+         EditFile(g_trustfile);
+         break;
+#endif /* def FEATURE_TRUST */
+
+      case ID_HELP_GPL:
+         ShellExecute(g_hwndLogFrame, "open", "LICENSE.txt", NULL, NULL, SW_SHOWNORMAL);
+         break;
+
+      case ID_HELP_FAQ:
+         ShellExecute(g_hwndLogFrame, "open", "doc\\faq\\index.html", NULL, NULL, SW_SHOWNORMAL);
+         break;
+
+      case ID_HELP_MANUAL:
+         ShellExecute(g_hwndLogFrame, "open", "doc\\user-manual\\index.html", NULL, NULL, SW_SHOWNORMAL);
+         break;
+
+      case ID_HELP_STATUS:
+         ShellExecute(g_hwndLogFrame, "open", CGI_PREFIX "show-status", NULL, NULL, SW_SHOWNORMAL);
+         break;
+
+      case ID_HELP_ABOUT:
+         MessageBox(g_hwndLogFrame, win32_blurb, "About Privoxy", MB_OK);
+         break;
+
+      default:
+         /* DO NOTHING */
+         break;
+   }
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  OnLogInitMenu
+ *
+ * Description :  Handler for WM_INITMENU messages.  Enable, disable,
+ *                check, and/or uncheck menu options as apropos.
+ *
+ * Parameters  :
+ *          1  :  hmenu = handle to menu to "make current"
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void OnLogInitMenu(HMENU hmenu)
+{
+   /* Only enable editors if there is a file to edit */
+   EnableMenuItem(hmenu, ID_TOOLS_EDITDEFAULTACTIONS, MF_BYCOMMAND | (g_default_actions_file ? MF_ENABLED : MF_GRAYED));
+   EnableMenuItem(hmenu, ID_TOOLS_EDITUSERACTIONS, MF_BYCOMMAND | (g_user_actions_file ? MF_ENABLED : MF_GRAYED));
+   EnableMenuItem(hmenu, ID_TOOLS_EDITFILTERS, MF_BYCOMMAND | (g_re_filterfile ? MF_ENABLED : MF_GRAYED));
+#ifdef FEATURE_TRUST
+   EnableMenuItem(hmenu, ID_TOOLS_EDITTRUST, MF_BYCOMMAND | (g_trustfile ? MF_ENABLED : MF_GRAYED));
+#endif /* def FEATURE_TRUST */
+
+   /* Check/uncheck options */
+   CheckMenuItem(hmenu, ID_VIEW_LOGMESSAGES, MF_BYCOMMAND | (g_bLogMessages ? MF_CHECKED : MF_UNCHECKED));
+   CheckMenuItem(hmenu, ID_VIEW_MESSAGEHIGHLIGHTING, MF_BYCOMMAND | (g_bHighlightMessages ? MF_CHECKED : MF_UNCHECKED));
+   CheckMenuItem(hmenu, ID_VIEW_LIMITBUFFERSIZE, MF_BYCOMMAND | (g_bLimitBufferSize ? MF_CHECKED : MF_UNCHECKED));
+   CheckMenuItem(hmenu, ID_VIEW_ACTIVITYANIMATION, MF_BYCOMMAND | (g_bShowActivityAnimation ? MF_CHECKED : MF_UNCHECKED));
+#ifdef FEATURE_TOGGLE
+   /* by haroon - menu item for Enable toggle on/off */
+   CheckMenuItem(hmenu, ID_TOGGLE_ENABLED, MF_BYCOMMAND | (global_toggle_state ? MF_CHECKED : MF_UNCHECKED));
+#endif /* def FEATURE_TOGGLE */
+   CheckMenuItem(hmenu, ID_TOGGLE_SHOWWINDOW, MF_BYCOMMAND | (g_bShowLogWindow ? MF_CHECKED : MF_UNCHECKED));
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  OnLogTimer
+ *
+ * Description :  Handler for WM_TIMER messages.
+ *
+ * Parameters  :
+ *          1  :  nTimer = timer id (animation start/stop or clip buffer)
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void OnLogTimer(int nTimer)
+{
+   switch (nTimer)
+   {
+      case TIMER_ANIM_ID:
+         TraySetIcon(g_hwndTray, 1, g_hiconAnim[g_nAnimFrame++ % ANIM_FRAMES]);
+         break;
+
+      case TIMER_ANIMSTOP_ID:
+         g_nAnimFrame = 0;
+         SetIdleIcon();
+         KillTimer(g_hwndLogFrame, TIMER_ANIM_ID);
+         KillTimer(g_hwndLogFrame, TIMER_ANIMSTOP_ID);
+         break;
+
+      case TIMER_CLIPBUFFER_ID:
+      case TIMER_CLIPBUFFER_FORCE_ID:
+         LogClipBuffer();
+         g_bClipPending = FALSE;
+         KillTimer(g_hwndLogFrame, TIMER_CLIPBUFFER_ID);
+         KillTimer(g_hwndLogFrame, TIMER_CLIPBUFFER_FORCE_ID);
+         break;
+
+      default:
+         /* DO NOTHING */
+         break;
+   }
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  SetIdleIcon
+ *
+ * Description :  Sets the tray icon to either idle or off
+ *
+ * Parameters  :  none
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void SetIdleIcon()
+{
+#ifdef FEATURE_TOGGLE
+         if (!global_toggle_state)
+         {
+            TraySetIcon(g_hwndTray, 1, g_hiconOff);
+            /* log_error(LOG_LEVEL_INFO, "Privoxy OFF icon selected."); */
+         }
+         else
+#endif /* def FEATURE_TOGGLE */
+         TraySetIcon(g_hwndTray, 1, g_hiconIdle);
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  LogRichEditProc
+ *
+ * Description :  Window subclass routine handles some events for the rich edit control.
+ *
+ * Parameters  :
+ *          1  :  hwnd = window handle of the rich edit control
+ *          2  :  uMsg = message number
+ *          3  :  wParam = first param for this message
+ *          4  :  lParam = next param for this message
+ *
+ * Returns     :  Appropriate M$ window message handler codes.
+ *
+ *********************************************************************/
+LRESULT CALLBACK LogRichEditProc(HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam)
+{
+   switch (uMsg)
+   {
+      case WM_RBUTTONUP:
+      {
+         POINT pt;
+         pt.x = LOWORD(lParam);
+         pt.y = HIWORD(lParam);
+         ClientToScreen(hwnd, &pt);
+         OnLogRButtonUp(wParam, pt.x, pt.y);
+         return 0;
+      }
+      case WM_CHAR:
+      {
+         if ((GetKeyState(VK_CONTROL) != 0) && (wParam == 4)) /* ctrl+d */
+         {
+             OnLogCommand(ID_VIEW_CLEARLOG);
+             return 0;
+         }
+      }
+   }
+   return CallWindowProc(g_fnLogBox, hwnd, uMsg, wParam, lParam);
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  LogWindowProc
+ *
+ * Description :  Windows call back routine handles events on the log window.
+ *
+ * Parameters  :
+ *          1  :  hwnd = handle of the logging window
+ *          2  :  uMsg = message number
+ *          3  :  wParam = first param for this message
+ *          4  :  lParam = next param for this message
+ *
+ * Returns     :  Appropriate M$ window message handler codes.
+ *
+ *********************************************************************/
+LRESULT CALLBACK LogWindowProc(HWND hwnd, UINT uMsg, WPARAM wParam, LPARAM lParam)
+{
+   switch (uMsg)
+   {
+      case WM_CREATE:
+         return 0;
+
+      case WM_CLOSE:
+         /* This is the end - beautiful friend - the end */
+         DestroyWindow(g_hwndLogBox);
+         DestroyWindow(g_hwndLogFrame);
+         return 0;
+
+      case WM_DESTROY:
+         PostQuitMessage(0);
+         return 0;
+
+      case WM_SHOWWINDOW:
+         g_bShowLogWindow = wParam;
+      case WM_SIZE:
+         /* Resize the logging window to fit the new frame */
+         if (g_hwndLogBox)
+         {
+            RECT rc;
+            GetClientRect(g_hwndLogFrame, &rc);
+            SetWindowPos(g_hwndLogBox, NULL, rc.left, rc.top, rc.right - rc.left, rc.bottom - rc.top, SWP_NOZORDER);
+         }
+         return 0;
+
+      case WM_INITMENU:
+         OnLogInitMenu((HMENU) wParam);
+         return 0;
+
+      case WM_TIMER:
+         OnLogTimer(wParam);
+         return 0;
+
+      case WM_COMMAND:
+         OnLogCommand(LOWORD(wParam));
+         return 0;
+
+      case WM_SYSCOMMAND:
+         switch (wParam)
+         {
+            case SC_CLOSE:
+               if (g_bCloseHidesWindow)
+               {
+                  ShowLogWindow(FALSE);
+                  return 0;
+               }
+               break;
+            case SC_MINIMIZE:
+               ShowLogWindow(FALSE);
+               return 0;
+         }
+         break;
+
+      case WM_CHAR:
+         if ((GetKeyState(VK_CONTROL) != 0) && (wParam == 4)) /* ctrl+d */
+         {
+             OnLogCommand(ID_VIEW_CLEARLOG);
+             return 0;
+         }
+         break;
+   }
+
+   return DefWindowProc(hwnd, uMsg, wParam, lParam);
+
+}
+
+#endif /* ndef _WIN_CONSOLE - entire file */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/w32log.h b/external/privoxy/w32log.h
new file mode 100644
index 0000000..fff13ad
--- /dev/null
+++ b/external/privoxy/w32log.h
@@ -0,0 +1,181 @@
+#ifndef W32LOG_H_INCLUDED
+#define W32LOG_H_INCLUDED
+#define W32LOG_H_VERSION "$Id: w32log.h,v 1.13 2009/03/07 17:58:02 fabiankeil Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/w32log.h,v $
+ *
+ * Purpose     :  Functions for creating and destroying the log window,
+ *                ouputting strings, processing messages and so on.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2009 members of
+ *                the Privoxy team.  http://www.privoxy.org/
+ *
+ *                Written by and Copyright (C) 1999 Adam Lock
+ *                <locka at iol.ie>
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: w32log.h,v $
+ *    Revision 1.13  2009/03/07 17:58:02  fabiankeil
+ *    Fix two mingw32-only buffer overflows. Note that triggering
+ *    them requires control over the configuration file in which
+ *    case all bets are off anyway.
+ *
+ *    Revision 1.12  2006/07/18 14:48:48  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.10.2.2  2002/11/20 14:39:05  oes
+ *    Fixed compiler warning
+ *
+ *    Revision 1.10.2.1  2002/08/21 17:58:05  oes
+ *    Temp kludge to let user and default action file be edited through win32 GUI (FR 592080)
+ *
+ *    Revision 1.10  2002/03/26 22:57:10  jongfoster
+ *    Web server name should begin www.
+ *
+ *    Revision 1.9  2002/03/24 12:03:47  jongfoster
+ *    Name change
+ *
+ *    Revision 1.8  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.7  2001/07/29 18:43:08  jongfoster
+ *    Changing #ifdef _FILENAME_H to FILENAME_H_INCLUDED, to conform to
+ *    ANSI C rules.
+ *
+ *    Revision 1.6  2001/07/13 14:04:59  oes
+ *    Removed all #ifdef PCRS
+ *
+ *    Revision 1.5  2001/06/07 23:08:12  jongfoster
+ *    Forward and ACL edit options removed.
+ *
+ *    Revision 1.4  2001/05/31 21:37:11  jongfoster
+ *    GUI changes to rename "permissions file" to "actions file".
+ *
+ *    Revision 1.3  2001/05/29 09:50:24  jongfoster
+ *    Unified blocklist/imagelist/permissionslist.
+ *    File format is still under discussion, but the internal changes
+ *    are (mostly) done.
+ *
+ *    Also modified interceptor behaviour:
+ *    - We now intercept all URLs beginning with one of the following
+ *      prefixes (and *only* these prefixes):
+ *        * http://i.j.b/
+ *        * http://ijbswa.sf.net/config/
+ *        * http://ijbswa.sourceforge.net/config/
+ *    - New interceptors "home page" - go to http://i.j.b/ to see it.
+ *    - Internal changes so that intercepted and fast redirect pages
+ *      are not replaced with an image.
+ *    - Interceptors now have the option to send a binary page direct
+ *      to the client. (i.e. ijb-send-banner uses this)
+ *    - Implemented show-url-info interceptor.  (Which is why I needed
+ *      the above interceptors changes - a typical URL is
+ *      "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ *      The previous mechanism would not have intercepted that, and
+ *      if it had been intercepted then it then it would have replaced
+ *      it with an image.)
+ *
+ *    Revision 1.2  2001/05/26 00:28:36  jongfoster
+ *    Automatic reloading of config file.
+ *    Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32).
+ *    Most of the global variables have been moved to a new
+ *    struct configuration_spec, accessed through csp->config->globalname
+ *    Most of the globals remaining are used by the Win32 GUI.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:59:07  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+extern HWND g_hwndLogFrame;
+
+/* Indicates whether task bar shows activity animation */
+extern BOOL g_bShowActivityAnimation;
+
+/* Indicates if the log window appears on the task bar */
+extern BOOL g_bShowOnTaskBar;
+
+/* Indicates whether closing the log window really just hides it */
+extern BOOL g_bCloseHidesWindow;
+
+/* Indicates if messages are logged at all */
+extern BOOL g_bLogMessages;
+
+/* Indicates whether log messages are highlighted */
+extern BOOL g_bHighlightMessages;
+
+/* Indicates if buffer is limited in size */
+extern BOOL g_bLimitBufferSize;
+
+/* Maximum number of lines allowed in buffer when limited */
+extern int g_nMaxBufferLines;
+
+/* Font to use */
+extern char g_szFontFaceName[32];
+
+/* Size of font to use */
+extern int g_nFontSize;
+
+
+/* FIXME: this is a kludge */
+
+extern const char * g_default_actions_file;
+extern const char * g_user_actions_file;
+extern const char * g_re_filterfile;
+#ifdef FEATURE_TRUST
+extern const char * g_trustfile;
+#endif /* def FEATURE_TRUST */
+
+/* FIXME: end kludge */
+
+extern HICON g_hiconApp;
+extern int LogPutString(const char *pszText);
+extern BOOL InitLogWindow(void);
+extern void TermLogWindow(void);
+extern void ShowLogWindow(BOOL bShow);
+extern void LogShowActivity(void);
+
+/* Revision control strings from this header and associated .c file */
+extern const char w32log_rcs[];
+extern const char w32log_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef W32LOG_H_INCLUDED */
+
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/w32res.h b/external/privoxy/w32res.h
new file mode 100644
index 0000000..ecee2c3
--- /dev/null
+++ b/external/privoxy/w32res.h
@@ -0,0 +1,194 @@
+#ifndef W32RES_H_INCLUDED
+#define W32RES_H_INCLUDED
+#define W32RES_H_VERSION "$Id: w32res.h,v 1.17 2009/01/01 15:09:23 ler762 Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/w32res.h,v $
+ *
+ * Purpose     :  Identifiers for Windows GUI resources.
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2002 members of
+ *                the Privoxy team.  http://www.privoxy.org/
+ *
+ *                Based on the Internet Junkbuster originally written
+ *                by and Copyright (C) 1997 Anonymous Coders and 
+ *                Junkbusters Corporation.  http://www.junkbusters.com
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: w32res.h,v $
+ *    Revision 1.17  2009/01/01 15:09:23  ler762
+ *    Change the Windows taskbar icon when privoxy is toggled off.
+ *
+ *    Revision 1.16  2008/11/02 14:37:47  ler762
+ *    commit the part of the patches I've been using that were written by torford and gjmurphy
+ *      [ 1824315 ] Minor code cleanup
+ *      [ 1781135 ] Patch - Add clear log, select all, and Accelerators for w32
+ *        http://sourceforge.net/tracker/?func=detail&atid=311118&aid=1781135&group_id=11118
+ *    The full patch adds control keys A(select all), C(copy) and D(delete all) to the
+ *    Privoxy log window menu.  Select all and copy work for me without the patch
+ *    (albeit without showing the accelerator keys on the menu), so the only part of the
+ *    patch I've been using for the last year or so has been the ctrl-d to delete
+ *    everything in the Privoxy log window.
+ *
+ *    Revision 1.15  2006/07/18 14:48:48  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.13.2.1  2002/08/21 17:59:06  oes
+ *     - "Show Privoxy Window" now a toggle
+ *     - Temp kludge to let user and default action file be edited through win32 GUI (FR 592080)
+ *
+ *    Revision 1.13  2002/03/26 22:57:10  jongfoster
+ *    Web server name should begin www.
+ *
+ *    Revision 1.12  2002/03/24 12:07:36  jongfoster
+ *    Consistern name for filters file
+ *
+ *    Revision 1.11  2002/03/24 12:03:47  jongfoster
+ *    Name change
+ *
+ *    Revision 1.10  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.9  2001/07/29 18:43:08  jongfoster
+ *    Changing #ifdef _FILENAME_H to FILENAME_H_INCLUDED, to conform to
+ *    ANSI C rules.
+ *
+ *    Revision 1.8  2001/07/13 14:04:59  oes
+ *    Removed all #ifdef PCRS
+ *
+ *    Revision 1.7  2001/06/07 23:08:12  jongfoster
+ *    Forward and ACL edit options removed.
+ *
+ *    Revision 1.6  2001/05/31 21:37:11  jongfoster
+ *    GUI changes to rename "permissions file" to "actions file".
+ *
+ *    Revision 1.5  2001/05/29 09:50:24  jongfoster
+ *    Unified blocklist/imagelist/permissionslist.
+ *    File format is still under discussion, but the internal changes
+ *    are (mostly) done.
+ *
+ *    Also modified interceptor behaviour:
+ *    - We now intercept all URLs beginning with one of the following
+ *      prefixes (and *only* these prefixes):
+ *        * http://i.j.b/
+ *        * http://ijbswa.sf.net/config/
+ *        * http://ijbswa.sourceforge.net/config/
+ *    - New interceptors "home page" - go to http://i.j.b/ to see it.
+ *    - Internal changes so that intercepted and fast redirect pages
+ *      are not replaced with an image.
+ *    - Interceptors now have the option to send a binary page direct
+ *      to the client. (i.e. ijb-send-banner uses this)
+ *    - Implemented show-url-info interceptor.  (Which is why I needed
+ *      the above interceptors changes - a typical URL is
+ *      "http://i.j.b/show-url-info?url=www.somesite.com/banner.gif".
+ *      The previous mechanism would not have intercepted that, and
+ *      if it had been intercepted then it then it would have replaced
+ *      it with an image.)
+ *
+ *    Revision 1.4  2001/05/26 01:26:34  jongfoster
+ *    New #define, WIN_GUI_EDIT, enables the (embryonic) Win32 GUI editor.
+ *    This #define cannot be set from ./configure - there's no point, it
+ *    doesn't work yet.  See feature request # 425722
+ *
+ *    Revision 1.3  2001/05/26 00:28:36  jongfoster
+ *    Automatic reloading of config file.
+ *    Removed obsolete SIGHUP support (Unix) and Reload menu option (Win32).
+ *    Most of the global variables have been moved to a new
+ *    struct configuration_spec, accessed through csp->config->globalname
+ *    Most of the globals remaining are used by the Win32 GUI.
+ *
+ *    Revision 1.2  2001/05/20 01:21:20  jongfoster
+ *    Version 2.9.4 checkin.
+ *    - Merged popupfile and cookiefile, and added control over PCRS
+ *      filtering, in new "permissionsfile".
+ *    - Implemented LOG_LEVEL_FATAL, so that if there is a configuration
+ *      file error you now get a message box (in the Win32 GUI) rather
+ *      than the program exiting with no explanation.
+ *    - Made killpopup use the PCRS MIME-type checking and HTTP-header
+ *      skipping.
+ *    - Removed tabs from "config"
+ *    - Moved duplicated url parsing code in "loaders.c" to a new funcition.
+ *    - Bumped up version number.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:59:08  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+#define IDR_TRAYMENU                      101
+#define IDI_IDLE                          102
+#define IDR_LOGVIEW                       103
+#define IDR_ACCELERATOR                   104
+#define IDR_POPUP_SELECTION               105
+
+
+#define IDI_MAINICON                      200
+#define IDI_ANIMATED1                     201
+#define IDI_ANIMATED2                     202
+#define IDI_ANIMATED3                     203
+#define IDI_ANIMATED4                     204
+#define IDI_ANIMATED5                     205
+#define IDI_ANIMATED6                     206
+#define IDI_ANIMATED7                     207
+#define IDI_ANIMATED8                     208
+#define IDI_OFF                           209
+
+#define ID_TOGGLE_SHOWWINDOW              4000
+#define ID_HELP_ABOUT                     4001
+#define ID_FILE_EXIT                      4002
+#define ID_VIEW_CLEARLOG                  4003
+#define ID_VIEW_LOGMESSAGES               4004
+#define ID_VIEW_MESSAGEHIGHLIGHTING       4005
+#define ID_VIEW_LIMITBUFFERSIZE           4006
+#define ID_VIEW_ACTIVITYANIMATION         4007
+#define ID_HELP_FAQ                       4008
+#define ID_HELP_MANUAL                    4009
+#define ID_HELP_GPL                       4010
+#define ID_HELP_STATUS                    4011
+#ifdef FEATURE_TOGGLE
+#define ID_TOGGLE_ENABLED                 4012
+#endif /* def FEATURE_TOGGLE */
+
+/* Break these out so they are easier to extend, but keep consecutive */
+#define ID_TOOLS_EDITCONFIG               5000
+#define ID_TOOLS_EDITDEFAULTACTIONS       5001
+#define ID_TOOLS_EDITUSERACTIONS          5002
+#define ID_TOOLS_EDITFILTERS              5003
+
+#ifdef FEATURE_TRUST
+#define ID_TOOLS_EDITTRUST                5004
+#endif /* def FEATURE_TRUST */
+
+#define ID_EDIT_COPY  30000
+
+
+#endif /* ndef W32RES_H_INCLUDED */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/w32svrapi.c b/external/privoxy/w32svrapi.c
new file mode 100644
index 0000000..aed1232
--- /dev/null
+++ b/external/privoxy/w32svrapi.c
@@ -0,0 +1,952 @@
+const char w32_svrapi_rcs[] = "$Id: w32svrapi.c,v 1.2 2006/09/20 03:15:43 david__schmidt Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/w32svrapi.c,v $
+ *
+ * Purpose     :  Win32 Services API for Privoxy.
+ *                Provides the implementation of an Win32 service to
+ *                allow the code to directly register and run as a
+ *                native Windows service application.
+ *
+ *                Since Win9x/ME platforms don't provide or support
+ *                running programs as services, this code uses runtime
+ *                loading and calling of the Win32 Service API, to
+ *                prevent the possibility of getting "entry point not
+ *                found" type errors on unsupported platforms. This adds
+ *                a little more complexity to the code, but it is worth
+ *                doing to provide that isolation.
+ *
+ * Copyright   :  Written by and Copyright (C) 2003, 2006 members of
+ *                the Privoxy team.  http://www.privoxy.org/
+ *
+ *                Written by and Copyright (C) 2003 Ian Cummings
+ *                <ian_a_c at hotmail.com>
+ *
+ *                Special thanks to Mates Dolák <matesek at post.cz> for
+ *                some very helpful feedback and suggestions during the
+ *                development of this code.
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: w32svrapi.c,v $
+ *    Revision 1.2  2006/09/20 03:15:43  david__schmidt
+ *    Clean up a variable type declaration which just
+ *    happened to work...
+ *
+ *    Revision 1.1  2006/08/12 03:54:37  david__schmidt
+ *    Windows service integration
+ *
+ *
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+#ifdef _WIN32
+
+#include <stdio.h>
+
+#ifndef STRICT
+#define STRICT
+#endif
+#include <windows.h>
+#include <process.h>
+
+#ifndef _WIN_CONSOLE
+#  include "w32log.h"
+#endif /* ndef _WIN_CONSOLE */
+
+#include "w32svrapi.h"
+const char w32_svrapi_h_rcs[] = W32_SVRAPI_H_VERSION;
+
+
+/* Only the ANSI Win32 APIs are used at this time. If for some
+ * reason, we're building under unicode then we must stop
+ */
+#ifdef UNICODE
+#error "Privoxy interface to Win32 Services only runs under ANSI builds. Unicode is not supported at present, but you can volunteer for the job if you like! :)"
+#endif
+
+
+/* Default to not running as service, unless the command line says so */
+BOOL bRunAsService = FALSE;
+
+/* According to the Win32 docs for CreateService,
+ * the max length for the service name is 256 chars
+ */
+char szThisServiceName[260];
+
+static BOOL get_service_description(const char *pszServiceName, char *pszDisplayName, DWORD dwDispSize);
+static void WINAPI privoxy_w32_service_start(DWORD dw, LPSTR* psz);
+static void WINAPI privoxy_w32_service_handler(DWORD dwOpcode);
+SERVICE_TABLE_ENTRY w32ServiceDispatchTable[] = {{"", privoxy_w32_service_start}, {NULL, NULL}};
+static SERVICE_STATUS_HANDLE hSrv_status = 0;
+static SERVICE_STATUS srv_status;
+
+
+
+/*********************************************************************
+ * This function returns TRUE if we are running on an OS that can
+ * support services, like NT, etc. It returns FALSE for Win9x/ME.
+ *********************************************************************/
+static BOOL HasServiceControlManager()
+{
+   HMODULE     hDll;
+   FARPROC     pFunc;
+   SC_HANDLE   hScm;
+
+   /* Load the DLL with the SCM functions or return a failure status */
+   hDll = LoadLibrary("Advapi32.dll");
+   if (hDll == NULL)
+   {
+      printf("Can't load Advapi32.dll -- LoadLibrary failed!\n");
+      return FALSE;
+   }
+
+   /* Get the address of the ANSI OpenSCManager function, or return a failure status */
+   pFunc = GetProcAddress(hDll, "OpenSCManagerA");
+   if (pFunc == NULL)
+   {
+      printf("Can't find OpenSCManagerA -- GetProcAddress failed!\n");
+      FreeLibrary(hDll);
+      return FALSE;
+   }
+
+   /* Try and connect to the SCM. If it fails check and see if the error 
+    * code is ERROR_CALL_NOT_IMPLEMENTED, which means:
+    *    "This function is not supported on this system."
+    */
+   hScm = (SC_HANDLE)(*pFunc)(NULL, NULL, SC_MANAGER_CONNECT);
+   if (hScm == NULL)
+   {
+      DWORD dwErr = GetLastError();
+      if (dwErr == ERROR_CALL_NOT_IMPLEMENTED)
+      {
+         /* Expected error under Win9x/Me, so don't print any debug info
+          * here as we'll leave that up to the calling function to do
+          */
+         FreeLibrary(hDll);
+         return FALSE;
+      }
+
+      printf("Call to OpenSCManager failed -- GetLastError() returned %lu!\n", dwErr);
+      FreeLibrary(hDll);
+      return FALSE;
+   }
+
+   w32_close_service_handle(hScm);
+
+   /* OpenSCManager function exists and works, so we're on an NT type platform */
+   FreeLibrary(hDll);
+
+   return TRUE;
+
+} /* -END- HasServiceControlManager */
+
+
+BOOL CanSystemSupportServices()
+{
+   BOOL bHasScm = HasServiceControlManager();
+   return bHasScm;
+
+} /* -END- CanSystemSupportServices */
+
+
+
+/*********************************************************************
+ *
+ * The Service functions are defined in <winsvc.h> which is where
+ * the declarations used in this file are taken from
+ *
+ *********************************************************************/ 
+
+
+/*********************************************************************
+ * Open a connection to the service control manager
+ *********************************************************************/ 
+SC_HANDLE w32_open_sc_manager(
+  LPCTSTR lpMachineName,   /* computer name */
+  LPCTSTR lpDatabaseName,  /* SCM database name */
+  DWORD dwDesiredAccess)   /* access type */
+{
+   HMODULE     hDll = NULL;
+   SC_HANDLE   hScm = NULL;
+   FARPROC     pFunc = NULL;
+   DWORD       dwLastErr = 0;
+
+   /* Load the DLL with the SCM functions or return failure */
+   hDll = LoadLibrary("Advapi32.dll");
+   if (hDll == NULL)
+   {
+      return NULL;
+   }
+
+   /* Get the address of the ANSI OpenSCManager function, or return failure */
+   pFunc = GetProcAddress(hDll, "OpenSCManagerA");
+   if (pFunc == NULL)
+   {
+      FreeLibrary(hDll);
+      return NULL;
+   }
+
+   /* Call the SCM function, and save the error code */
+   hScm = (SC_HANDLE)(*pFunc)(lpMachineName, lpDatabaseName, dwDesiredAccess);
+   dwLastErr = GetLastError();
+
+   /* Release the library and then restore the last error
+    * code, in case FreeLibrary altered it.
+    */
+   FreeLibrary(hDll);
+   SetLastError(dwLastErr);
+     
+   return hScm;
+
+} /* -END- w32_open_sc_manager */
+
+
+
+BOOL w32_close_service_handle(
+  SC_HANDLE hSCObject)   /* handle to service or SCM object */
+{
+   HMODULE     hDll = NULL;
+   FARPROC     pFunc = NULL;
+   DWORD       dwLastErr = 0;
+   BOOL        bRet;
+
+   /* Load the DLL with the SCM functions or return a failure status */
+   hDll = LoadLibrary("Advapi32.dll");
+   if (hDll == NULL)
+   {
+      return FALSE;
+   }
+
+   /* Get the address of the CloseServiceHandle function, or return a failure status */
+   pFunc = GetProcAddress(hDll, "CloseServiceHandle");
+   if (pFunc == NULL)
+   {
+      FreeLibrary(hDll);
+      return FALSE;
+   }
+
+   /* Close the handle, and save the error code */
+   bRet = (BOOL)(*pFunc)(hSCObject);
+   dwLastErr = GetLastError();
+
+   /* Release the library and then restore the last error
+    * code, in case FreeLibrary altered it.
+    */
+   FreeLibrary(hDll);
+   SetLastError(dwLastErr);
+
+   return bRet;
+
+} /* -END- w32_close_service_handle */
+
+
+
+/*********************************************************************
+ * Open a service
+ *********************************************************************/ 
+SC_HANDLE w32_open_service(
+  SC_HANDLE hSCManager,   /* handle to SCM database */
+  LPCTSTR lpServiceName,  /* service name */
+  DWORD dwDesiredAccess)  /* access */
+{
+   HMODULE     hDll = NULL;
+   SC_HANDLE   hSrv = NULL;
+   FARPROC     pFunc = NULL;
+   DWORD       dwLastErr = 0;
+
+   /* Load the DLL with the SCM functions or return failure */
+   hDll = LoadLibrary("Advapi32.dll");
+   if (hDll == NULL)
+   {
+      return NULL;
+   }
+
+   /* Get the address of the ANSI OpenService function, or return failure */
+   pFunc = GetProcAddress(hDll, "OpenServiceA");
+   if (pFunc == NULL)
+   {
+      FreeLibrary(hDll);
+      return NULL;
+   }
+
+   /* Call the SCM function, and save the error code */
+   hSrv = (SC_HANDLE)(*pFunc)(hSCManager, lpServiceName, dwDesiredAccess);
+   dwLastErr = GetLastError();
+
+   /* Release the library and then restore the last error
+    * code, in case FreeLibrary altered it.
+    */
+   FreeLibrary(hDll);
+   SetLastError(dwLastErr);
+     
+   return hSrv;
+
+} /* -END- w32_open_service */
+
+
+
+SC_HANDLE w32_create_service(
+  SC_HANDLE hSCManager,       /* handle to SCM database */
+  LPCTSTR lpServiceName,      /* name of service to start */
+  LPCTSTR lpDisplayName,      /* display name */
+  DWORD dwDesiredAccess,      /* type of access to service */
+  DWORD dwServiceType,        /* type of service */
+  DWORD dwStartType,          /* when to start service */
+  DWORD dwErrorControl,       /* severity of service failure */
+  LPCTSTR lpBinaryPathName,   /* name of binary file */
+  LPCTSTR lpLoadOrderGroup,   /* name of load ordering group */
+  LPDWORD lpdwTagId,          /* tag identifier */
+  LPCTSTR lpDependencies,     /* array of dependency names */
+  LPCTSTR lpServiceStartName, /* account name */
+  LPCTSTR lpPassword)         /* account password */
+{
+   HMODULE     hDll = NULL;
+   SC_HANDLE   hSrv = NULL;
+   FARPROC     pFunc = NULL;
+   DWORD       dwLastErr = 0;
+
+   /* Load the DLL with the SCM functions or return failure */
+   hDll = LoadLibrary("Advapi32.dll");
+   if (hDll == NULL)
+   {
+      return NULL;
+   }
+
+   /* Get the address of the ANSI CreateService function, or return failure */
+   pFunc = GetProcAddress(hDll, "CreateServiceA");
+   if (pFunc == NULL)
+   {
+      FreeLibrary(hDll);
+      return NULL;
+   }
+
+   /* Call the SCM function, and save the error code */
+   hSrv = (SC_HANDLE)(*pFunc)(hSCManager,          /* handle to SCM database */
+                              lpServiceName,       /* name of service to start */
+                              lpDisplayName,       /* display name */
+                              dwDesiredAccess,     /* type of access to service */
+                              dwServiceType,       /* type of service */
+                              dwStartType,         /* when to start service */
+                              dwErrorControl,      /* severity of service failure */
+                              lpBinaryPathName,    /* name of binary file */
+                              lpLoadOrderGroup,    /* name of load ordering group */
+                              lpdwTagId,           /* tag identifier */
+                              lpDependencies,      /* array of dependency names */
+                              lpServiceStartName,  /* account name */
+                              lpPassword);         /* account password */
+   dwLastErr = GetLastError();
+
+   /* Release the library and then restore the last error
+    * code, in case FreeLibrary altered it.
+    */
+   FreeLibrary(hDll);
+   SetLastError(dwLastErr);
+     
+   return hSrv;
+
+} /* -END- w32_create_service */
+
+
+
+BOOL w32_delete_service(
+  SC_HANDLE hService)   /* handle to service */
+{
+   HMODULE     hDll = NULL;
+   FARPROC     pFunc = NULL;
+   DWORD       dwLastErr = 0;
+   BOOL        bRet;
+
+   /* Load the DLL with the SCM functions or return a failure status */
+   hDll = LoadLibrary("Advapi32.dll");
+   if (hDll == NULL)
+   {
+      return FALSE;
+   }
+
+   /* Get the address of the DeleteService function, or return a failure status */
+   pFunc = GetProcAddress(hDll, "DeleteService");
+   if (pFunc == NULL)
+   {
+      FreeLibrary(hDll);
+      return FALSE;
+   }
+
+   /* Close the handle, and save the error code */
+   bRet = (BOOL)(*pFunc)(hService);
+   dwLastErr = GetLastError();
+
+   /* Release the library and then restore the last error
+    * code, in case FreeLibrary altered it.
+    */
+   FreeLibrary(hDll);
+   SetLastError(dwLastErr);
+
+   return bRet;
+
+} /* -END- w32_delete_service */
+
+
+
+BOOL w32_query_service_config(
+  SC_HANDLE hService,                     /* handle to service */
+  LPQUERY_SERVICE_CONFIG lpServiceConfig, /* buffer */
+  DWORD cbBufSize,                        /* size of buffer */
+  LPDWORD pcbBytesNeeded)                 /* bytes needed */
+{
+   HMODULE     hDll = NULL;
+   FARPROC     pFunc = NULL;
+   DWORD       dwLastErr = 0;
+   BOOL        bRet;
+
+   /* Load the DLL with the SCM functions or return a failure status */
+   hDll = LoadLibrary("Advapi32.dll");
+   if (hDll == NULL)
+   {
+      return FALSE;
+   }
+
+   /* Get the address of the QueryServiceConfig function, or return a failure status */
+   pFunc = GetProcAddress(hDll, "QueryServiceConfigA");
+   if (pFunc == NULL)
+   {
+      FreeLibrary(hDll);
+      return FALSE;
+   }
+
+   /* Close the handle, and save the error code */
+   bRet = (BOOL)(*pFunc)(hService, lpServiceConfig, cbBufSize, pcbBytesNeeded);
+   dwLastErr = GetLastError();
+
+   /* Release the library and then restore the last error
+    * code, in case FreeLibrary altered it.
+    */
+   FreeLibrary(hDll);
+   SetLastError(dwLastErr);
+
+   return bRet;
+
+} /* -END- w32_query_service_config */
+
+
+BOOL w32_start_service_ctrl_dispatcher(
+  CONST LPSERVICE_TABLE_ENTRY lpServiceTable)   /* service table */
+{
+   HMODULE     hDll = NULL;
+   FARPROC     pFunc = NULL;
+   DWORD       dwLastErr = 0;
+   BOOL        bRet;
+
+   /* Load the DLL with the SCM functions or return a failure status */
+   hDll = LoadLibrary("Advapi32.dll");
+   if (hDll == NULL)
+   {
+      return FALSE;
+   }
+
+   /* Get the address of the StartServiceCtrlDispatcher function, or return a failure status */
+   pFunc = GetProcAddress(hDll, "StartServiceCtrlDispatcherA");
+   if (pFunc == NULL)
+   {
+      FreeLibrary(hDll);
+      return FALSE;
+   }
+
+   /* Close the handle, and save the error code */
+   bRet = (BOOL)(*pFunc)(lpServiceTable);
+   dwLastErr = GetLastError();
+
+   /* Release the library and then restore the last error
+    * code, in case FreeLibrary altered it.
+    */
+   FreeLibrary(hDll);
+   SetLastError(dwLastErr);
+
+   return bRet;
+
+} /* -END- w32_start_service_ctrl_dispatcher */
+
+
+
+SERVICE_STATUS_HANDLE w32_register_service_ctrl_handler(
+  LPCTSTR lpServiceName,               /* service name */
+  LPHANDLER_FUNCTION lpHandlerProc)    /* handler function */
+{
+   HMODULE     hDll = NULL;
+   FARPROC     pFunc = NULL;
+   DWORD       dwLastErr = 0;
+   SERVICE_STATUS_HANDLE hServStat = (SERVICE_STATUS_HANDLE)0;
+
+   /* Load the DLL with the SCM functions or return a failure status */
+   hDll = LoadLibrary("Advapi32.dll");
+   if (hDll == NULL)
+   {
+      return hServStat;
+   }
+
+   /* Get the address of the RegisterServiceCtrlHandler function, or return a failure status */
+   pFunc = GetProcAddress(hDll, "RegisterServiceCtrlHandlerA");
+   if (pFunc == NULL)
+   {
+      FreeLibrary(hDll);
+      return hServStat;
+   }
+
+   /* Close the handle, and save the error code */
+   hServStat = (SERVICE_STATUS_HANDLE)(*pFunc)(lpServiceName, lpHandlerProc);
+   dwLastErr = GetLastError();
+
+   /* Release the library and then restore the last error
+    * code, in case FreeLibrary altered it.
+    */
+   FreeLibrary(hDll);
+   SetLastError(dwLastErr);
+
+   return hServStat;
+
+} /* -END- w32_register_service_ctrl_handler */
+
+
+
+BOOL w32_set_service_status(
+  SERVICE_STATUS_HANDLE hServiceStatus,   /* service status handle */
+  LPSERVICE_STATUS lpServiceStatus)       /* status buffer */
+{
+   HMODULE     hDll = NULL;
+   FARPROC     pFunc = NULL;
+   DWORD       dwLastErr = 0;
+   BOOL        bRet;
+
+   /* Load the DLL with the SCM functions or return a failure status */
+   hDll = LoadLibrary("Advapi32.dll");
+   if (hDll == NULL)
+   {
+      return FALSE;
+   }
+
+   /* Get the address of the SetServiceStatus function, or return a failure status */
+   pFunc = GetProcAddress(hDll, "SetServiceStatus");
+   if (pFunc == NULL)
+   {
+      FreeLibrary(hDll);
+      return FALSE;
+   }
+
+   /* Close the handle, and save the error code */
+   bRet = (BOOL)(*pFunc)(hServiceStatus, lpServiceStatus);
+   dwLastErr = GetLastError();
+
+   /* Release the library and then restore the last error
+    * code, in case FreeLibrary altered it.
+    */
+   FreeLibrary(hDll);
+   SetLastError(dwLastErr);
+
+   return bRet;
+
+} /* -END- w32_set_service_status */
+
+
+static void display_win32_msg(BOOL bIsError, char *msg)
+{
+#ifdef _WIN_CONSOLE
+   printf("%s", msg);
+#else
+   if (bIsError)
+   {
+      MessageBox(NULL, msg, "Privoxy Error", 
+         MB_OK | MB_ICONERROR | MB_TASKMODAL | MB_SETFOREGROUND | MB_TOPMOST);
+   }
+   else
+   {
+      MessageBox(NULL, msg, "Privoxy Information", 
+         MB_OK | MB_ICONINFORMATION | MB_TASKMODAL | MB_SETFOREGROUND | MB_TOPMOST);
+   }
+#endif
+
+} /* -END- display_win32_msg */
+
+
+static BOOL get_service_description(const char *pszServiceName, char *pszDisplayName, DWORD dwDispSize)
+{
+   /*********************************************************************
+    * Create a simple display name
+    *********************************************************************/
+   strcpy(pszDisplayName, "Privoxy (");
+   strncat(pszDisplayName, pszServiceName, dwDispSize - strlen(pszDisplayName) - 2);
+   strcat(pszDisplayName, ")");
+
+   return TRUE;
+}
+
+
+
+BOOL install_service(const char *service_name)
+{
+   char szModule[(MAX_PATH*2)+1];
+   char szDisplayName[MAX_PATH+2];
+   SC_HANDLE hSCM;
+   SC_HANDLE hService;
+
+   /*********************************************************************
+    * First check if this system can support a service architecture
+    *********************************************************************/
+   if (!CanSystemSupportServices())
+   {
+      display_win32_msg(TRUE, "This system doesn't support installing Privoxy as a service.\nWinNT/2000/XP are required for this feature.\n");
+      return FALSE;
+   }
+
+   /* Use a default service name if none was supplied */
+   if ((service_name == NULL) || (strlen(service_name) == 0))
+   {
+      service_name = "privoxy";
+   }
+
+   /*********************************************************************
+    * Open a handle to the Service Control Manager with full access rights
+    *********************************************************************/
+   hSCM = w32_open_sc_manager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
+   if (hSCM == NULL)
+   {
+      display_win32_msg(TRUE, "Can't open Service Control Manager - Service install failed!\n  Administrator rights are required to create a service.\n");
+      return FALSE;
+   }
+
+
+   /*********************************************************************
+    * Work out the full image path plus command line for the service
+    * We'll temporarily use szDisplayName as a second buffer.
+    *********************************************************************/
+   GetModuleFileName(NULL, szDisplayName, MAX_PATH);
+   sprintf(szModule, "\"%s\" --service", szDisplayName); 
+
+   
+   /*********************************************************************
+    * Get the display name for the service
+    *********************************************************************/
+   get_service_description(service_name, szDisplayName, sizeof(szDisplayName)/sizeof(char));
+
+
+   /*********************************************************************
+    * Create the service
+    *********************************************************************/
+   hService = w32_create_service(hSCM, 
+                           service_name,              /* the internal service name */
+                           szDisplayName,             /* the display name */
+                           SERVICE_ALL_ACCESS,        /* get full access during creation */
+                           SERVICE_WIN32_OWN_PROCESS  /* run in our own process */
+#ifndef _WIN_CONSOLE
+                         + SERVICE_INTERACTIVE_PROCESS /* GUI also wants interactive rights */
+#endif
+                           ,
+                           SERVICE_DEMAND_START,      /* For now, only start when asked to */
+                           SERVICE_ERROR_NORMAL,      /* Normal error handling by the SCM */
+                           szModule,                  /* The executable service file */
+                           NULL,                      /* No load order info needed */
+                           NULL,                      /* No load order info needed */
+                           NULL,                      /* No dependencies */
+                           NULL,                      /* Default to LocalSystem... */
+                           NULL);                     /* ...which doesn't require a password */
+   if (hService == NULL)
+   {
+      display_win32_msg(TRUE, "Can't install service!\n");
+      w32_close_service_handle(hSCM);
+      return FALSE;
+   }
+
+   display_win32_msg(FALSE, "Service was successfully created.\n*** IMPORTANT NOTE: You should now use the Services control panel to\n*** configure the startup type and user account details for the service.\n\n");
+
+   /* tidy up */
+   w32_close_service_handle(hService);
+   w32_close_service_handle(hSCM);
+   return TRUE;
+
+} /* -END- install_service */
+
+
+
+BOOL uninstall_service(const char *service_name)
+{
+   char szDisplayName[MAX_PATH+2];
+   SC_HANDLE hSCM;
+   SC_HANDLE hService;
+   BOOL bResult = FALSE;
+
+
+   /*********************************************************************
+    * First check if this system can support a service architecture
+    *********************************************************************/
+   if (!CanSystemSupportServices())
+   {
+      display_win32_msg(TRUE, "This system doesn't support installing Privoxy as a service.\nWinNT/2000/XP are required for this feature.\n");
+      return FALSE;
+   }
+
+
+   /* Use a default service name if none was supplied */
+   if ((service_name == NULL) || (strlen(service_name) == 0))
+   {
+      service_name = "privoxy";
+   }
+
+
+   /*********************************************************************
+    * Open a handle to the Service Control Manager with full access rights
+    *********************************************************************/
+   hSCM = w32_open_sc_manager(NULL, NULL, SC_MANAGER_ALL_ACCESS);
+   if (hSCM == NULL)
+   {
+      display_win32_msg(TRUE, "Can't open Service Control Manager - Service uninstall failed!\n  Administrator rights are required to delete a service.\n");
+      return FALSE;
+   }
+
+
+   /*********************************************************************
+    * Get the display name for the service
+    *********************************************************************/
+   get_service_description(service_name, szDisplayName, sizeof(szDisplayName)/sizeof(char));
+
+
+   /*********************************************************************
+    * Open and then delete the service
+    *********************************************************************/
+   hService = w32_open_service(hSCM, service_name, DELETE);
+   if (hService == NULL)
+   {
+      display_win32_msg(TRUE, "Can't open service for delete access rights!\n");
+      w32_close_service_handle(hSCM);
+      return FALSE;
+   }
+
+   if (w32_delete_service(hService))
+   {
+      display_win32_msg(FALSE, "Service was deleted successfully.\n");
+      bResult = TRUE;
+   }
+   else
+   {
+      display_win32_msg(TRUE, "Service could not be deleted!\n");
+      bResult = FALSE;
+   }
+
+   w32_close_service_handle(hService);
+   w32_close_service_handle(hSCM);
+   return bResult;
+
+} /* -END- uninstall_service */
+
+
+
+/*********************************************************************
+ *
+ * Function    :  privoxy_w32_service_start
+ *
+ * Description :  This is the entry point function for the service.
+ *                In other words, it's the ServiceMain function.
+ *
+ * Parameters  :  Defined by the Win32 API, but not used here
+ *
+ * Returns     :  void
+ *
+ *********************************************************************/
+static void WINAPI privoxy_w32_service_start(DWORD dw, LPSTR* pszArgs)
+{
+   int child_id;
+
+   /* Arg zero is always the service name, and we need to 
+    * know it when we call RegisterServiceCtrlHandler.
+    */
+   strcpy(szThisServiceName, pszArgs[0]);
+
+   /* Tell the SCM we are running */
+   srv_status.dwServiceType = SERVICE_WIN32_OWN_PROCESS;
+   srv_status.dwCurrentState = SERVICE_RUNNING;
+   srv_status.dwCheckPoint = 0;
+   srv_status.dwControlsAccepted = SERVICE_ACCEPT_STOP;
+   srv_status.dwWin32ExitCode = NO_ERROR;
+   srv_status.dwServiceSpecificExitCode = 0;
+   srv_status.dwWaitHint = 0;
+
+   hSrv_status = w32_register_service_ctrl_handler(szThisServiceName, privoxy_w32_service_handler);
+   if (!hSrv_status)
+   {
+      return;
+   }
+   w32_set_service_status(hSrv_status, &srv_status);
+
+#ifndef FEATURE_PTHREAD
+   child_id = _beginthread(w32_service_listen_loop, 0, NULL);
+   if (child_id > 0)
+#else
+#error "FIXME: Do pthread stuff here!"
+#endif
+   {
+      w32_set_service_status(hSrv_status, &srv_status);
+   }
+   else
+   {
+      srv_status.dwCurrentState = SERVICE_STOPPED;
+      srv_status.dwCheckPoint = 0;
+      srv_status.dwWin32ExitCode = ERROR_SERVICE_SPECIFIC_ERROR;
+      srv_status.dwServiceSpecificExitCode = ERROR_SERVICE_NO_THREAD;
+      w32_set_service_status(hSrv_status, &srv_status);
+   }
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  w32_set_service_cwd
+ *
+ * Description :  Simple function to change the current directory to
+ *                the same location as the service executable.
+ *
+ * Parameters  :  void
+ *
+ * Returns     :  void
+ *
+ *********************************************************************/
+void w32_set_service_cwd(void)
+{
+   char exe_name[MAX_PATH+1];
+   char dir_name[MAX_PATH+1];
+   char *pszFile = NULL;
+
+   /* Get the exe name and path of the service */
+   if (GetModuleFileName(NULL, exe_name, MAX_PATH))
+   {
+      /* Ask the API to tell us where the filename portion starts */
+      if (GetFullPathName(exe_name, MAX_PATH, dir_name, &pszFile))
+      {
+         /* remove the filename from the string */
+         if (pszFile != NULL)
+         {
+            *pszFile = '\0';
+            /* We have just a directory path now, so make it current */
+            SetCurrentDirectory(dir_name);
+         }
+      }
+   }
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  w32_service_exit_notify
+ *
+ * Description :  This is a simple atexit function that is called by the
+ *                C runtime after exit has been called. It allows the
+ *                service code to detect when the app is about to die and
+ *                send an quick notification to the SCM that the service
+ *                now stopped.
+ *
+ * Parameters  :  void
+ *
+ * Returns     :  void
+ *
+ *********************************************************************/
+void w32_service_exit_notify(void)
+{
+   if (hSrv_status != 0)
+   {
+      if (srv_status.dwCurrentState != SERVICE_STOPPED)
+      {
+         srv_status.dwCurrentState = SERVICE_STOPPED;
+         srv_status.dwCheckPoint = 0;
+         srv_status.dwWin32ExitCode = ERROR_SERVICE_SPECIFIC_ERROR;
+         srv_status.dwServiceSpecificExitCode = ERROR_PROCESS_ABORTED;
+         w32_set_service_status(hSrv_status, &srv_status);
+      }
+   }
+}
+
+
+static void w32_mini_exit(void *p)
+{
+   Sleep(100);
+#ifdef _WIN_CONSOLE
+   exit(0);
+#else
+   PostMessage(g_hwndLogFrame, WM_CLOSE, 0, 0);
+#endif /* def _WIN_CONSOLE */
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  privoxy_w32_service_handler
+ *
+ * Description :  This is the control message handler function for
+ *                the service.
+ *
+ * Parameters  :  dwOpcode
+ *                   requested control code sent by SCM
+ *
+ * Returns     :  void
+ *
+ *********************************************************************/
+static void WINAPI privoxy_w32_service_handler(DWORD dwOpcode)
+{
+   switch(dwOpcode)
+   {
+      case SERVICE_CONTROL_STOP:
+         /* We've stopped
+          */
+         srv_status.dwCurrentState = SERVICE_STOPPED;
+         srv_status.dwCheckPoint = 0;
+         srv_status.dwWin32ExitCode = NO_ERROR;
+         srv_status.dwServiceSpecificExitCode = 0;
+
+         /* Maybe there is a more friendly way to stop, but this will do for now! */
+         w32_set_service_status(hSrv_status, &srv_status);
+
+         /* During testing, I kept getting error 109 (ERROR_BROKEN_PIPE) and
+          * as far as the SCM was concerned the service was still stopping,
+          * even after the process had disappeared.
+          *
+          * It seems that if we call exit in the ServiceMain thread, it causes
+          * the SCM to not recieve the status we sent in the line above. The
+          * simple fix was to create a new thread to actually call exit for us
+          * whilst this thread continues and returns to its caller.
+          */
+
+         if (_beginthread(w32_mini_exit, 0, NULL) < 0)
+         {
+            /* we failed to create the exit thread, so just force an exit here
+             * and the SCM will just have to go and whistle!
+             */
+            exit(0);
+         }
+         break;
+
+      default:
+         break;
+   }
+
+   w32_set_service_status(hSrv_status, &srv_status);
+}
+
+
+#endif /* ifdef _WIN32 */
+
diff --git a/external/privoxy/w32svrapi.h b/external/privoxy/w32svrapi.h
new file mode 100644
index 0000000..48a6d8d
--- /dev/null
+++ b/external/privoxy/w32svrapi.h
@@ -0,0 +1,146 @@
+#ifndef W32_SVRAPI_H_INCLUDED
+#define W32_SVRAPI_H_INCLUDED
+#define W32_SVRAPI_H_VERSION "$Id: w32svrapi.h,v 1.1 2006/08/12 03:54:37 david__schmidt Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/w32svrapi.h,v $
+ *
+ * Purpose     :  Win32 Services API for Privoxy.
+ *                Provides the implementation of an Win32 service to
+ *                allow the code to directly register and run as a
+ *                native Windows service application.
+ *
+ *                Since Win9x/ME platforms don't provide or support
+ *                running programs as services, this code uses runtime
+ *                loading and calling of the Win32 Service API, to
+ *                prevent the possibility of getting "entry point not
+ *                found" type errors on unsupported platforms. This adds
+ *                a little more complexity to the code, but it is worth
+ *                doing to provide that isolation.
+ *
+ * Copyright   :  Written by and Copyright (C) 2003 members of
+ *                the Privoxy team.  http://www.privoxy.org/
+ *
+ *                Written by and Copyright (C) 2003 Ian Cummings
+ *                <ian_a_c at hotmail.com>
+ *
+ *                Special thanks to Mates Dolák <matesek at post.cz> for
+ *                some very helpful feedback and suggestions during the
+ *                development of this code.
+ *
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: w32svrapi.h,v $
+ *    Revision 1.1  2006/08/12 03:54:37  david__schmidt
+ *    Windows service integration
+ *
+ *
+ *
+ *********************************************************************/
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+#ifdef _WIN32
+
+
+extern char szThisServiceName[];
+extern BOOL bRunAsService;
+extern SERVICE_TABLE_ENTRY w32ServiceDispatchTable[];
+
+extern BOOL install_service(const char *service_name);
+extern BOOL uninstall_service(const char *service_name);
+extern void w32_service_exit_notify(void);
+extern void w32_set_service_cwd(void);
+extern void w32_service_listen_loop(void *p);
+
+
+extern BOOL CanSystemSupportServices();
+
+
+extern SC_HANDLE w32_open_sc_manager(
+  LPCTSTR lpMachineName,   /* computer name */
+  LPCTSTR lpDatabaseName,  /* SCM database name */
+  DWORD dwDesiredAccess);  /* access type */
+
+
+extern BOOL w32_close_service_handle(
+  SC_HANDLE hSCObject);    /* handle to service or SCM object */
+
+
+extern SC_HANDLE w32_open_service(
+  SC_HANDLE hSCManager,    /* handle to SCM database */
+  LPCTSTR lpServiceName,   /* service name */
+  DWORD dwDesiredAccess);  /* access */
+
+
+extern SC_HANDLE w32_create_service(
+  SC_HANDLE hSCManager,       /* handle to SCM database */
+  LPCTSTR lpServiceName,      /* name of service to start */
+  LPCTSTR lpDisplayName,      /* display name */
+  DWORD dwDesiredAccess,      /* type of access to service */
+  DWORD dwServiceType,        /* type of service */
+  DWORD dwStartType,          /* when to start service */
+  DWORD dwErrorControl,       /* severity of service failure */
+  LPCTSTR lpBinaryPathName,   /* name of binary file */
+  LPCTSTR lpLoadOrderGroup,   /* name of load ordering group */
+  LPDWORD lpdwTagId,          /* tag identifier */
+  LPCTSTR lpDependencies,     /* array of dependency names */
+  LPCTSTR lpServiceStartName, /* account name */
+  LPCTSTR lpPassword);        /* account password */
+
+
+extern BOOL w32_delete_service(
+  SC_HANDLE hService);   /* handle to service */
+
+
+extern BOOL w32_query_service_config(
+  SC_HANDLE hService,                     /* handle to service */
+  LPQUERY_SERVICE_CONFIG lpServiceConfig, /* buffer */
+  DWORD cbBufSize,                        /* size of buffer */
+  LPDWORD pcbBytesNeeded);                /* bytes needed */
+
+
+extern BOOL w32_start_service_ctrl_dispatcher(
+  CONST LPSERVICE_TABLE_ENTRY lpServiceTable);   /* service table */
+
+
+extern SERVICE_STATUS_HANDLE w32_register_service_ctrl_handler(
+  LPCTSTR lpServiceName,               /* service name */
+  LPHANDLER_FUNCTION lpHandlerProc);   /* handler function */
+
+
+extern BOOL w32_set_service_status(
+  SERVICE_STATUS_HANDLE hServiceStatus,   /* service status handle */
+  LPSERVICE_STATUS lpServiceStatus);      /* status buffer */
+
+
+#endif  /* def _WIN32 */
+
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef W32_SVRAPI_H_INCLUDED */
+  
diff --git a/external/privoxy/w32taskbar.c b/external/privoxy/w32taskbar.c
new file mode 100644
index 0000000..079e45e
--- /dev/null
+++ b/external/privoxy/w32taskbar.c
@@ -0,0 +1,313 @@
+const char w32taskbar_rcs[] = "$Id: w32taskbar.c,v 1.10 2006/09/23 13:26:38 roro Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/w32taskbar.c,v $
+ *
+ * Purpose     :  Functions for creating, setting and destroying the
+ *                workspace tray icon
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2002 members of
+ *                the Privoxy team.  http://www.privoxy.org/
+ *
+ *                Written by and Copyright (C) 1999 Adam Lock
+ *                <locka at iol.ie>
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: w32taskbar.c,v $
+ *    Revision 1.10  2006/09/23 13:26:38  roro
+ *    Replace TABs by spaces in source code.
+ *
+ *    Revision 1.9  2006/07/18 14:48:48  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.7.2.2  2003/03/19 21:27:42  gliptak
+ *    Corrected compilation error/typo
+ *
+ *    Revision 1.7.2.1  2002/11/20 14:39:32  oes
+ *    Applied patch by Mattes Dolak which adds re-creation of the win32 taskbar
+ *    icon on reception of the "TaskbarCreated" window message.
+ *
+ *    Revision 1.7  2002/03/31 17:19:00  jongfoster
+ *    Win32 only: Enabling STRICT to fix a VC++ compile warning.
+ *
+ *    Revision 1.6  2002/03/26 22:57:10  jongfoster
+ *    Web server name should begin www.
+ *
+ *    Revision 1.5  2002/03/24 12:03:47  jongfoster
+ *    Name change
+ *
+ *    Revision 1.4  2001/11/16 00:46:31  jongfoster
+ *    Fixing compiler warnings
+ *
+ *    Revision 1.3  2001/05/22 18:56:28  oes
+ *    CRLF -> LF
+ *
+ *    Revision 1.2  2001/05/20 15:07:54  jongfoster
+ *    File is now ignored if _WIN_CONSOLE is defined.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:59:08  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+#include <stdio.h>
+
+#ifndef STRICT
+#define STRICT
+#endif
+#include <windows.h>
+
+#include "w32taskbar.h"
+#include "w32res.h"
+#include "w32log.h"
+
+const char w32taskbar_h_rcs[] = W32TASKBAR_H_VERSION;
+
+#ifndef _WIN_CONSOLE /* entire file */
+
+#define WM_TRAYMSG WM_USER+1
+
+static HMENU g_hmenuTray;
+static HWND g_hwndTrayX;
+static UINT g_traycreatedmsg;
+
+static LRESULT CALLBACK TrayProc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam);
+
+
+/*********************************************************************
+ *
+ * Function    :  CreateTrayWindow
+ *
+ * Description :  Creates and returns the invisible window responsible
+ *                for processing tray messages.
+ *
+ * Parameters  :
+ *          1  :  hInstance = instance handle of this application
+ *
+ * Returns     :  Handle of the systray window.
+ *
+ *********************************************************************/
+HWND CreateTrayWindow(HINSTANCE hInstance)
+{
+   WNDCLASS wc;
+   static const char *szWndName = "PrivoxyTrayWindow";
+
+   wc.style          = 0;
+   wc.lpfnWndProc    = TrayProc;
+   wc.cbClsExtra     = 0;
+   wc.cbWndExtra     = 0;
+   wc.hInstance      = hInstance;
+   wc.hIcon          = 0;
+   wc.hCursor        = 0;
+   wc.hbrBackground  = 0;
+   wc.lpszMenuName   = 0;
+   wc.lpszClassName  = szWndName;
+
+   RegisterClass(&wc);
+
+   /* TaskbarCreated is sent to a window when it should re-add its tray icons */
+   g_traycreatedmsg = RegisterWindowMessage("TaskbarCreated");
+
+   g_hwndTrayX = CreateWindow(szWndName, szWndName,
+      WS_OVERLAPPEDWINDOW, CW_USEDEFAULT, CW_USEDEFAULT, CW_USEDEFAULT,
+      CW_USEDEFAULT, NULL, NULL, hInstance, NULL );
+
+   ShowWindow(g_hwndTrayX, SW_HIDE);
+   UpdateWindow(g_hwndTrayX);
+
+   g_hmenuTray = LoadMenu(hInstance, MAKEINTRESOURCE(IDR_TRAYMENU));
+
+   return g_hwndTrayX;
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  TraySetIcon
+ *
+ * Description :  Sets the tray icon to the specified shape.
+ *
+ * Parameters  :
+ *          1  :  hwnd = handle of the systray window
+ *          2  :  uID = user message number to notify systray window
+ *          3  :  hicon = set the current icon to this handle
+ *
+ * Returns     :  Same value as `Shell_NotifyIcon'.
+ *
+ *********************************************************************/
+BOOL TraySetIcon(HWND hwnd, UINT uID, HICON hicon)
+{
+   NOTIFYICONDATA nid;
+
+   memset(&nid, 0, sizeof(nid));
+
+   nid.cbSize = sizeof(nid);
+   nid.hWnd = hwnd;
+   nid.uID = uID;
+   nid.uFlags = NIF_ICON;
+   nid.uCallbackMessage = 0;
+   nid.hIcon = hicon;
+
+   return( Shell_NotifyIcon(NIM_MODIFY, &nid) );
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  TrayAddIcon
+ *
+ * Description :  Adds a tray icon.
+ *
+ * Parameters  :
+ *          1  :  hwnd = handle of the systray window
+ *          2  :  uID = user message number to notify systray window
+ *          3  :  hicon = handle of icon to add to systray window
+ *          4  :  pszToolTip = tool tip when mouse hovers over systray window
+ *
+ * Returns     :  Same as `Shell_NotifyIcon'.
+ *
+ *********************************************************************/
+BOOL TrayAddIcon(HWND hwnd, UINT uID, HICON hicon, const char *pszToolTip)
+{
+   NOTIFYICONDATA nid;
+
+   memset(&nid, 0, sizeof(nid));
+
+   nid.cbSize = sizeof(nid);
+   nid.hWnd = hwnd;
+   nid.uID = uID;
+   nid.uFlags = NIF_MESSAGE | NIF_ICON | NIF_TIP;
+   nid.uCallbackMessage = WM_TRAYMSG;
+   nid.hIcon = hicon;
+
+   if (pszToolTip)
+   {
+      strcpy(nid.szTip, pszToolTip);
+   }
+
+   return( Shell_NotifyIcon(NIM_ADD, &nid) );
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  TrayDeleteIcon
+ *
+ * Description :  Deletes a tray icon.
+ *
+ * Parameters  :
+ *          1  :  hwnd = handle of the systray window
+ *          2  :  uID = user message number to notify systray window
+ *
+ * Returns     :  Same as `Shell_NotifyIcon'.
+ *
+ *********************************************************************/
+BOOL TrayDeleteIcon(HWND hwnd, UINT uID)
+{
+   NOTIFYICONDATA nid;
+
+   memset(&nid, 0, sizeof(nid));
+
+   nid.cbSize = sizeof(nid);
+   nid.hWnd = hwnd;
+   nid.uID = uID;
+
+   return( Shell_NotifyIcon(NIM_DELETE, &nid) );
+
+}
+
+
+/*********************************************************************
+ *
+ * Function    :  TrayProc
+ *
+ * Description :  Call back procedure processes tray messages.
+ *
+ * Parameters  :
+ *          1  :  hwnd = handle of the systray window
+ *          2  :  msg = message number
+ *          3  :  wParam = first param for this message
+ *          4  :  lParam = next param for this message
+ *
+ * Returns     :  Appropriate M$ window message handler codes.
+ *
+ *********************************************************************/
+LRESULT CALLBACK TrayProc(HWND hwnd, UINT msg, WPARAM wParam, LPARAM lParam)
+{
+   switch (msg)
+   {
+      case WM_CREATE:
+         return 0;
+
+      case WM_CLOSE:
+         PostQuitMessage(0);
+         return 0;
+
+      case WM_TRAYMSG:
+      {
+         /* UINT uID = (UINT) wParam; */
+         UINT uMouseMsg = (UINT) lParam;
+
+         if (uMouseMsg == WM_RBUTTONDOWN)
+         {
+            POINT pt;
+            HMENU hmenu = GetSubMenu(g_hmenuTray,0);
+            GetCursorPos(&pt);
+            SetForegroundWindow(g_hwndLogFrame);
+            TrackPopupMenu(hmenu, TPM_LEFTALIGN | TPM_TOPALIGN, pt.x, pt.y, 0, g_hwndLogFrame, NULL);
+            PostMessage(g_hwndLogFrame, WM_NULL, 0, 0 ) ;
+         }
+         else if (uMouseMsg == WM_LBUTTONDBLCLK)
+         {
+            ShowLogWindow(TRUE);
+         }
+      }
+      return 0;
+
+      default:
+
+         if (msg == g_traycreatedmsg)
+         {
+            TrayAddIcon(g_hwndTrayX, 1, g_hiconApp, "Privoxy");
+         }
+         break;
+   }
+
+   return DefWindowProc(hwnd, msg, wParam, lParam);
+
+}
+
+
+#endif /* ndef _WIN_CONSOLE - entire file */
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/w32taskbar.h b/external/privoxy/w32taskbar.h
new file mode 100644
index 0000000..7ea7588
--- /dev/null
+++ b/external/privoxy/w32taskbar.h
@@ -0,0 +1,82 @@
+#ifndef W32TASKBAR_H_INCLUDED
+#define W32TASKBAR_H_INCLUDED
+#define W32TASKBAR_H_VERSION "$Id: w32taskbar.h,v 1.6 2006/07/18 14:48:48 david__schmidt Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/w32taskbar.h,v $
+ *
+ * Purpose     :  Functions for creating, setting and destroying the
+ *                workspace tray icon
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2002 members of
+ *                the Privoxy team.  http://www.privoxy.org/
+ *
+ *                Written by and Copyright (C) 1999 Adam Lock
+ *                <locka at iol.ie>
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: w32taskbar.h,v $
+ *    Revision 1.6  2006/07/18 14:48:48  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.4  2002/03/26 22:57:10  jongfoster
+ *    Web server name should begin www.
+ *
+ *    Revision 1.3  2002/03/24 12:03:47  jongfoster
+ *    Name change
+ *
+ *    Revision 1.2  2001/07/29 18:43:08  jongfoster
+ *    Changing #ifdef _FILENAME_H to FILENAME_H_INCLUDED, to conform to
+ *    ANSI C rules.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:59:08  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+extern HWND CreateTrayWindow(HINSTANCE hInstance);
+extern BOOL TrayAddIcon(HWND hwnd, UINT uID, HICON hicon, const char *pszToolTip);
+extern BOOL TraySetIcon(HWND hwnd, UINT uID, HICON hicon);
+extern BOOL TrayDeleteIcon(HWND hwnd, UINT uID);
+
+/* Revision control strings from this header and associated .c file */
+extern const char w32taskbar_rcs[];
+extern const char w32taskbar_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef W32TASKBAR_H_INCLUDED */
+
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/win32.c b/external/privoxy/win32.c
new file mode 100644
index 0000000..3aedd53
--- /dev/null
+++ b/external/privoxy/win32.c
@@ -0,0 +1,366 @@
+const char win32_rcs[] = "$Id: win32.c,v 1.15 2009/02/09 19:16:35 fabiankeil Exp $";
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/win32.c,v $
+ *
+ * Purpose     :  Win32 User Interface initialization and message loop
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2002 members of
+ *                the Privoxy team.  http://www.privoxy.org/
+ *
+ *                Written by and Copyright (C) 1999 Adam Lock
+ *                <locka at iol.ie>
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: win32.c,v $
+ *    Revision 1.15  2009/02/09 19:16:35  fabiankeil
+ *    Bump copyright year in win32_blurb[].
+ *
+ *    Revision 1.14  2008/03/02 18:15:41  fabiankeil
+ *    Update copyright year in win32_blurb[].
+ *
+ *    Revision 1.13  2007/01/31 16:25:24  fabiankeil
+ *    Update copyright range for the About message.
+ *
+ *    Revision 1.12  2006/08/12 03:54:37  david__schmidt
+ *    Windows service integration
+ *
+ *    Revision 1.11  2006/07/18 14:48:48  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.9.2.2  2002/08/27 18:03:40  oes
+ *    Fixed stupid typo
+ *
+ *    Revision 1.9.2.1  2002/08/21 17:59:27  oes
+ *    Sync win32_blurb[] with our standard blurb
+ *
+ *    Revision 1.9  2002/03/31 17:19:00  jongfoster
+ *    Win32 only: Enabling STRICT to fix a VC++ compile warning.
+ *
+ *    Revision 1.8  2002/03/26 22:57:10  jongfoster
+ *    Web server name should begin www.
+ *
+ *    Revision 1.7  2002/03/24 12:03:47  jongfoster
+ *    Name change
+ *
+ *    Revision 1.6  2002/03/16 21:53:28  jongfoster
+ *    VC++ Heap debug option
+ *
+ *    Revision 1.5  2002/03/04 23:47:30  jongfoster
+ *    - Rewritten, simpler command-line pre-parser
+ *    - not using raise(SIGINT) any more
+ *
+ *    Revision 1.4  2001/11/30 21:29:33  jongfoster
+ *    Fixing a warning
+ *
+ *    Revision 1.3  2001/11/16 00:46:31  jongfoster
+ *    Fixing compiler warnings
+ *
+ *    Revision 1.2  2001/07/29 19:32:00  jongfoster
+ *    Renaming _main() [mingw32 only] to real_main(), for ANSI compliance.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:59:08  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#include "config.h"
+
+#ifdef _WIN32
+
+#include <stdio.h>
+
+#include "project.h"
+#include "jcc.h"
+#include "miscutil.h"
+
+/* Uncomment this if you want to build Win32 as a console app */
+/* #define _WIN_CONSOLE */
+
+#ifndef STRICT
+#define STRICT
+#endif
+#include <windows.h>
+
+#include <stdarg.h>
+#include <process.h>
+
+#if defined(_WIN32) && defined(_MSC_VER) && defined(_DEBUG)
+/* Visual C++ Heap debugging */
+#include <crtdbg.h>
+#endif /* defined(_WIN32) && defined(_MSC_VER) && defined(_DEBUG) */
+
+#include "win32.h"
+
+const char win32_h_rcs[] = WIN32_H_VERSION;
+
+/**
+ * A short introductory text about Privoxy.  Used for the "About" box
+ * or the console startup message.
+ */
+const char win32_blurb[] =
+"Privoxy version " VERSION " for Windows\n"
+"Copyright (C) 2000-2009 the Privoxy Team (" HOME_PAGE_URL ")\n"
+"Based on the Internet Junkbuster by Junkbusters Corp.\n"
+"This is free software; it may be used and copied under the\n"
+"GNU General Public License: http://www.gnu.org/copyleft/gpl.html .\n"
+"This program comes with ABSOLUTELY NO WARRANTY OF ANY KIND.\n";
+
+#ifdef _WIN_CONSOLE
+
+/**
+ * Hide the console.  If set, the program will disconnect from the 
+ * console and run in the background.  This allows the command-prompt
+ * window to close.
+ */
+int hideConsole     = 0;
+
+
+#else /* ndef _WIN_CONSOLE */
+
+
+/**
+ * The application instance handle.
+ */
+HINSTANCE g_hInstance;
+
+
+/**
+ * The command to show the window that was specified at startup.
+ */
+int g_nCmdShow;
+
+static void  __cdecl UserInterfaceThread(void *);
+
+
+#endif /* ndef _WIN_CONSOLE */
+
+/*********************************************************************
+ *
+ * Function    :  WinMain
+ *
+ * Description :  M$ Windows "main" routine:
+ *                parse the `lpCmdLine' param into main's argc and argv variables,
+ *                start the user interface thread (for the systray window), and
+ *                call main (i.e. patch execution into normal startup).
+ *
+ * Parameters  :
+ *          1  :  hInstance = instance handle of this execution
+ *          2  :  hPrevInstance = instance handle of previous execution
+ *          3  :  lpCmdLine = command line string which started us
+ *          4  :  nCmdShow = window show value (MIN, MAX, NORMAL, etc...)
+ *
+ * Returns     :  `main' never returns, so WinMain will also never return.
+ *
+ *********************************************************************/
+int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow)
+{
+#if 0   /* See comment about __argc & __argv below */
+   int i;
+   int argc = 1;
+   const char *argv[3];
+   char szModule[MAX_PATH+1];
+#endif
+
+   int res;
+#ifndef _WIN_CONSOLE
+   HANDLE hInitCompleteEvent = NULL;
+#endif
+
+
+#if defined(_WIN32) && defined(_MSC_VER) && defined(_DEBUG)
+#if 0
+   /* Visual C++ Heap debugging */
+
+   /* Get current flag*/
+   int tmpFlag = _CrtSetDbgFlag( _CRTDBG_REPORT_FLAG );
+
+   /* Turn on leak-checking bit */
+   tmpFlag |= _CRTDBG_ALLOC_MEM_DF | _CRTDBG_LEAK_CHECK_DF | _CRTDBG_CHECK_ALWAYS_DF;
+
+   /* Turn off CRT block checking bit */
+   tmpFlag &= ~(_CRTDBG_CHECK_CRT_DF | _CRTDBG_DELAY_FREE_MEM_DF);
+
+   /* Set flag to the new value */
+   _CrtSetDbgFlag( tmpFlag );
+#endif
+#endif /* defined(_WIN32) && defined(_MSC_VER) && defined(_DEBUG) */
+
+
+/************
+ * I couldn't figure out why the command line was being sorta parsed here
+ * instead of using the __argc & __argv globals usually defined in stdlib.h
+ *
+ * From what I can tell by looking at the MinWG source, it supports these
+ * globals, so i'd hope that the other compilers do so as well.
+ * Obviously, if i'm wrong i'll find out soon enough!  :)
+ ************/
+#if 0
+   /*
+    * Cheat in parsing the command line.  We only ever have at most one
+    * paramater, which may optionally be specified inside double quotes.
+    */
+
+   if (lpCmdLine != NULL)
+   {
+      /* Make writable copy */
+      lpCmdLine = strdup(lpCmdLine);
+   }
+   if (lpCmdLine != NULL)
+   {
+      chomp(lpCmdLine);
+      i = strlen(lpCmdLine);
+      if ((i >= 2) && (lpCmdLine[0] == '\"') && (lpCmdLine[i - 1] == '\"'))
+      {
+         lpCmdLine[i - 1] = '\0';
+         lpCmdLine++;
+      }
+      if (lpCmdLine[0] == '\0')
+      {
+         lpCmdLine = NULL;
+      }
+   }
+
+   GetModuleFileName(hInstance, szModule, MAX_PATH);
+   argv[0] = szModule;
+   argv[1] = lpCmdLine;
+   argv[2] = NULL;
+   argc = ((lpCmdLine != NULL) ? 2 : 1);
+#endif /* -END- 0 */
+
+
+#ifndef _WIN_CONSOLE
+   /* Create a user-interface thread and wait for it to initialise */
+   hInitCompleteEvent = CreateEvent(NULL, TRUE, FALSE, NULL);
+   g_hInstance = hInstance;
+   g_nCmdShow = nCmdShow;
+   _beginthread(UserInterfaceThread, 0, &hInitCompleteEvent);
+   WaitForSingleObject(hInitCompleteEvent, INFINITE);
+   DeleteObject(hInitCompleteEvent);
+#endif
+
+#ifdef __MINGW32__
+   res = real_main( __argc, __argv );
+#else
+   res = main( __argc, __argv );
+#endif
+
+   return res;
+
+}
+
+#endif
+
+/*********************************************************************
+ *
+ * Function    :  InitWin32
+ *
+ * Description :  Initialise windows, setting up the console or windows as appropriate.
+ *
+ * Parameters  :  None
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+void InitWin32(void)
+{
+   WORD wVersionRequested;
+   WSADATA wsaData;
+
+#ifdef _WIN_CONSOLE
+   SetProcessShutdownParameters(0x100, SHUTDOWN_NORETRY);
+   if (hideConsole)
+   {
+      FreeConsole();
+   }
+#endif
+   wVersionRequested = MAKEWORD(2, 0);
+   if (WSAStartup(wVersionRequested, &wsaData) != 0)
+   {
+#ifndef _WIN_CONSOLE
+      MessageBox(NULL, "Cannot initialize WinSock library", "Privoxy Error", 
+         MB_OK | MB_ICONERROR | MB_TASKMODAL | MB_SETFOREGROUND | MB_TOPMOST);  
+#endif
+      exit(1);
+   }
+
+}
+
+
+#ifndef _WIN_CONSOLE
+#include <signal.h>
+#include <assert.h>
+
+#include "win32.h"
+#include "w32log.h"
+
+
+/*********************************************************************
+ *
+ * Function    :  UserInterfaceThread
+ *
+ * Description :  User interface thread.  WinMain will wait for us to set
+ *                the hInitCompleteEvent before patching over to `main'.
+ *                This ensures the systray window is active before beginning
+ *                operations.
+ *
+ * Parameters  :
+ *          1  :  pData = pointer to `hInitCompleteEvent'.
+ *
+ * Returns     :  N/A
+ *
+ *********************************************************************/
+static void __cdecl UserInterfaceThread(void *pData)
+{
+   MSG msg;
+   HANDLE hInitCompleteEvent = *((HANDLE *) pData);
+
+   /* Initialise */
+   InitLogWindow();
+   SetEvent(hInitCompleteEvent);
+
+   /* Enter a message processing loop */
+   while (GetMessage(&msg, (HWND) NULL, 0, 0))
+   {
+      TranslateMessage(&msg);
+      DispatchMessage(&msg);
+   }
+
+   /* Cleanup */
+   TermLogWindow();
+
+   /* Time to die... */
+   exit(0);
+
+}
+
+
+#endif /* ndef _WIN_CONSOLE */
+
+
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/
diff --git a/external/privoxy/win32.h b/external/privoxy/win32.h
new file mode 100644
index 0000000..1b4e814
--- /dev/null
+++ b/external/privoxy/win32.h
@@ -0,0 +1,94 @@
+#ifndef WIN32_H_INCLUDED
+#define WIN32_H_INCLUDED
+#define WIN32_H_VERSION "$Id: win32.h,v 1.7 2006/07/18 14:48:48 david__schmidt Exp $"
+/*********************************************************************
+ *
+ * File        :  $Source: /cvsroot/ijbswa/current/win32.h,v $
+ *
+ * Purpose     :  Win32 User Interface initialization and message loop
+ *
+ * Copyright   :  Written by and Copyright (C) 2001-2002 members of
+ *                the Privoxy team.  http://www.privoxy.org/
+ *
+ *                Written by and Copyright (C) 1999 Adam Lock
+ *                <locka at iol.ie>
+ *
+ *                This program is free software; you can redistribute it 
+ *                and/or modify it under the terms of the GNU General
+ *                Public License as published by the Free Software
+ *                Foundation; either version 2 of the License, or (at
+ *                your option) any later version.
+ *
+ *                This program is distributed in the hope that it will
+ *                be useful, but WITHOUT ANY WARRANTY; without even the
+ *                implied warranty of MERCHANTABILITY or FITNESS FOR A
+ *                PARTICULAR PURPOSE.  See the GNU General Public
+ *                License for more details.
+ *
+ *                The GNU General Public License should be included with
+ *                this file.  If not, you can view it at
+ *                http://www.gnu.org/copyleft/gpl.html
+ *                or write to the Free Software Foundation, Inc., 59
+ *                Temple Place - Suite 330, Boston, MA  02111-1307, USA.
+ *
+ * Revisions   :
+ *    $Log: win32.h,v $
+ *    Revision 1.7  2006/07/18 14:48:48  david__schmidt
+ *    Reorganizing the repository: swapping out what was HEAD (the old 3.1 branch)
+ *    with what was really the latest development (the v_3_0_branch branch)
+ *
+ *    Revision 1.5  2002/03/26 22:57:10  jongfoster
+ *    Web server name should begin www.
+ *
+ *    Revision 1.4  2002/03/24 12:03:47  jongfoster
+ *    Name change
+ *
+ *    Revision 1.3  2001/07/30 22:08:36  jongfoster
+ *    Tidying up #defines:
+ *    - All feature #defines are now of the form FEATURE_xxx
+ *    - Permanently turned off WIN_GUI_EDIT
+ *    - Permanently turned on WEBDAV and SPLIT_PROXY_ARGS
+ *
+ *    Revision 1.2  2001/07/29 18:43:08  jongfoster
+ *    Changing #ifdef _FILENAME_H to FILENAME_H_INCLUDED, to conform to
+ *    ANSI C rules.
+ *
+ *    Revision 1.1.1.1  2001/05/15 13:59:08  oes
+ *    Initial import of version 2.9.3 source tree
+ *
+ *
+ *********************************************************************/
+
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+extern const char win32_blurb[];
+
+extern void InitWin32(void);
+
+#ifdef _WIN_CONSOLE
+extern int hideConsole;
+#endif /*def _WIN_CONSOLE */
+
+extern HINSTANCE g_hInstance;
+extern int g_nCmdShow;
+
+extern int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow);
+
+/* Revision control strings from this header and associated .c file */
+extern const char win32_rcs[];
+extern const char win32_h_rcs[];
+
+#ifdef __cplusplus
+} /* extern "C" */
+#endif
+
+#endif /* ndef WIN32_H_INCLUDED */
+  
+/*
+  Local Variables:
+  tab-width: 3
+  end:
+*/





More information about the tor-commits mailing list