Index: www/obhttpd/Makefile
===================================================================
--- www/obhttpd/Makefile
+++ www/obhttpd/Makefile
@@ -2,6 +2,7 @@
 
 PORTNAME=	obhttpd
 PORTVERSION=	6.0.20161006
+PORTREVISION=	1
 CATEGORIES=	www
 
 MAINTAINER=	koue@chaosophia.net
@@ -28,18 +29,30 @@
 post-patch:
 	${REINPLACE_CMD} -e 's|httpd$$|obhttpd|g' \
 			 -e 's|httpd.conf.5|obhttpd.conf.5|g' \
-			 -e 's|httpd.8|obhttpd.8|g' ${WRKSRC}/usr.sbin/httpd/Makefile
+			 -e 's|httpd.8|obhttpd.8|g' \
+			 ${WRKSRC}/usr.sbin/httpd/Makefile
 	${REINPLACE_CMD} -e 's|htpasswd$$|obhtpasswd|g' \
-			 -e 's|htpasswd.1|obhtpasswd.1|g' ${WRKSRC}/usr.bin/htpasswd/Makefile
+			 -e 's|htpasswd.1|obhtpasswd.1|g' \
+			 ${WRKSRC}/usr.bin/htpasswd/Makefile
+	${REINPLACE_CMD} -e 's|htpasswd|obhtpasswd|g' \
+			 ${WRKSRC}/usr.bin/htpasswd/htpasswd.1
+	${REINPLACE_CMD} -e 's|%%PREFIX%%|${PREFIX}|g' \
+			 -e 's|%%WWWDIR%%|${WWWDIR}|g' \
+			 ${WRKSRC}/usr.sbin/httpd/httpd.c \
+			 ${WRKSRC}/usr.sbin/httpd/proc.c \
+			 ${WRKSRC}/usr.sbin/httpd/httpd.conf.5 \
+			 ${WRKSRC}/usr.sbin/httpd/httpd.8 \
+			 ${WRKSRC}/etc/examples/httpd.conf \
+			 ${WRKSRC}/usr.sbin/httpd/httpd.h
 	${MV} ${WRKSRC}/usr.bin/htpasswd/htpasswd.1 ${WRKSRC}/usr.bin/htpasswd/obhtpasswd.1
 	${MV} ${WRKSRC}/usr.sbin/httpd/httpd.conf.5 ${WRKSRC}/usr.sbin/httpd/obhttpd.conf.5
 	${MV} ${WRKSRC}/usr.sbin/httpd/httpd.8 ${WRKSRC}/usr.sbin/httpd/obhttpd.8
-	${REINPLACE_CMD} -e 's|/etc/httpd.conf|${PREFIX}/etc/obhttpd.conf|g' \
-		${WRKSRC}/usr.sbin/httpd/httpd.h
 
 post-install:
 	${INSTALL_DATA} ${WRKSRC}/etc/examples/httpd.conf \
 		${STAGEDIR}${PREFIX}/etc/obhttpd.conf.sample
+	${MKDIR} ${STAGEDIR}${WWWDIR}/cgi-bin ${STAGEDIR}${WWWDIR}/htdocs \
+		${STAGEDIR}${WWWDIR}/logs ${STAGEDIR}${WWWDIR}/run
 
 .include <bsd.port.pre.mk>
 
Index: www/obhttpd/distinfo
===================================================================
--- www/obhttpd/distinfo
+++ www/obhttpd/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1476701489
+TIMESTAMP = 1487012146
 SHA256 (koue-httpd-6.0.20161006_GH0.tar.gz) = 5b26a697db0095ff06469c2005bd4c8e65b1a23c667e69b03a47b221128c7225
 SIZE (koue-httpd-6.0.20161006_GH0.tar.gz) = 162396
Index: www/obhttpd/files/patch-etc_examples_httpd.conf
===================================================================
--- /dev/null
+++ www/obhttpd/files/patch-etc_examples_httpd.conf
@@ -0,0 +1,116 @@
+--- etc/examples/httpd.conf.orig	2016-10-17 10:49:16 UTC
++++ etc/examples/httpd.conf
+@@ -20,62 +20,62 @@ server "default" {
+ }
+ 
+ # A name-based "virtual" server on the same address
+-server "www.example.com" {
+-	listen on $ext_addr port 80
+-
+-	# Logging is enabled by default, but it can be turned off per server
+-	#no log
+-
+-	location "/pub/*" {
+-		directory auto index
+-		log style combined
+-	}
+-
+-	location "*.php" {
+-		fastcgi socket "/run/php-fpm.sock"
+-	}
+-
+-	location "/cgi-bin/*" {
+-		fastcgi
+-
+-		# The /cgi-bin directory is outside of the document root
+-		root "/"
+-	}
+-
+-	root "/htdocs/www.example.com"
+-}
++#server "www.example.com" {
++#	listen on $ext_addr port 80
++#
++#	# Logging is enabled by default, but it can be turned off per server
++#	#no log
++#
++#	location "/pub/*" {
++#		directory auto index
++#		log style combined
++#	}
++#
++#	location "*.php" {
++#		fastcgi socket "/run/php-fpm.sock"
++#	}
++#
++#	location "/cgi-bin/*" {
++#		fastcgi
++#
++#		# The /cgi-bin directory is outside of the document root
++#		root "/"
++#	}
++#
++#	root "/htdocs/www.example.com"
++#}
+ 
+ # An HTTPS server using SSL/TLS
+-server "secure.example.com" {
+-	listen on 127.0.0.1 tls port 443
+-
+-	# TLS certificate and key files created with acme-client(1)             
+-	tls certificate "/etc/ssl/acme/fullchain.pem"
+-	tls key "/etc/ssl/acme/private/privkey.pem"
+-
+-	# Define server-specific log files relative to /logs
+-	log { access "secure-access.log", error "secure-error.log" }
+-
+-	# Increase connection limits to extend the lifetime
+-	connection { max requests 500, timeout 3600 }
+-
+-	root "/htdocs/secure.example.com"
+-}
++#server "secure.example.com" {
++#	listen on 127.0.0.1 tls port 443
++#
++#	# TLS certificate and key files created with acme-client(1)             
++#	tls certificate "/usr/local/etc/ssl/acme/fullchain.pem"
++#	tls key "%%PREFIX/etc/ssl/acme/private/privkey.pem"
++#
++#	# Define server-specific log files relative to /logs
++#	log { access "secure-access.log", error "secure-error.log" }
++#
++#	# Increase connection limits to extend the lifetime
++#	connection { max requests 500, timeout 3600 }
++#
++#	root "/htdocs/secure.example.com"
++#}
+ 
+ # Another server on a different internal IPv4 address
+-server "intranet.example.com" {
+-	listen on 10.0.0.1 port 80
+-	directory { auto index, index "default.htm" }
+-	root "/htdocs/intranet.example.com"
+-}
++#server "intranet.example.com" {
++#	listen on 10.0.0.1 port 80
++#	directory { auto index, index "default.htm" }
++#	root "/htdocs/intranet.example.com"
++#}
+ 
+ # An IPv6-based server on a non-standard port
+-server "ipv6.example.com" {
+-	listen on 2001:db8::53f6:3eab port 81
+-	root "/htdocs/ipv6.example.com"
+-}
++#server "ipv6.example.com" {
++#	listen on 2001:db8::53f6:3eab port 81
++#	root "/htdocs/ipv6.example.com"
++#}
+ 
+ # Include MIME types instead of the built-in ones
+-types {
+-	include "/usr/share/misc/mime.types"
+-}
++#types {
++#	include "/usr/local/etc/mime.types"
++#}
Index: www/obhttpd/files/patch-usr.sbin_httpd_httpd.h
===================================================================
--- /dev/null
+++ www/obhttpd/files/patch-usr.sbin_httpd_httpd.h
@@ -0,0 +1,22 @@
+--- usr.sbin/httpd/httpd.h.orig	2017-02-13 19:11:13 UTC
++++ usr.sbin/httpd/httpd.h
+@@ -46,7 +46,7 @@
+ #define nitems(_a) (sizeof((_a)) / sizeof((_a)[0]))
+ #endif
+ 
+-#define CONF_FILE		"/etc/httpd.conf"
++#define CONF_FILE		"%%PREFIX%%/etc/obhttpd.conf"
+ #define HTTPD_SOCKET		"/var/run/httpd.sock"
+ #define HTTPD_USER		"www"
+ #define HTTPD_SERVERNAME	"OpenBSD httpd"
+@@ -58,8 +58,8 @@
+ #define HTTPD_ERROR_LOG		"error.log"
+ #define HTTPD_DEFAULT_TYPE	{ "bin", "application", "octet-stream", NULL }
+ #define HTTPD_LOGVIS		VIS_NL|VIS_TAB|VIS_CSTYLE
+-#define HTTPD_TLS_CERT		"/etc/ssl/server.crt"
+-#define HTTPD_TLS_KEY		"/etc/ssl/private/server.key"
++#define HTTPD_TLS_CERT		"%%PREFIX%%/etc/ssl/server.crt"
++#define HTTPD_TLS_KEY		"%%PREFIX%%/etc/ssl/private/server.key"
+ #define HTTPD_TLS_CIPHERS	"compat"
+ #define HTTPD_TLS_DHE_PARAMS	"none"
+ #define HTTPD_TLS_ECDHE_CURVE	"auto"
Index: www/obhttpd/files/patch-usr.sbin_httpd_httpd.8
===================================================================
--- /dev/null
+++ www/obhttpd/files/patch-usr.sbin_httpd_httpd.8
@@ -0,0 +1,59 @@
+--- usr.sbin/httpd/httpd.8.orig	2017-02-13 16:32:23 UTC
++++ usr.sbin/httpd/httpd.8
+@@ -15,11 +15,11 @@
+ .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ .\"
+ .Dd $Mdocdate: September 15 2016 $
+-.Dt HTTPD 8
++.Dt OBHTTPD 8
+ .Os
+ .Sh NAME
+-.Nm httpd
+-.Nd HTTP daemon
++.Nm obhttpd
++.Nd OpenBSD HTTP daemon
+ .Sh SYNOPSIS
+ .Nm
+ .Op Fl dnv
+@@ -58,7 +58,7 @@ This allows for easy monitoring of
+ .It Fl f Ar file
+ Specifies the configuration file.
+ The default is
+-.Pa /etc/httpd.conf .
++.Pa %%PREFIX%%/etc/obhttpd.conf .
+ .It Fl n
+ Check that the configuration is valid, but don't start any servers.
+ .It Fl v
+@@ -69,24 +69,24 @@ options increase the verbosity.
+ .El
+ .Sh FILES
+-.Bl -tag -width "/etc/ssl/private/server.key" -compact
++.Bl -tag -width "%%PREFIX/etc/ssl/private/server.key" -compact
+-.It Pa /etc/httpd.conf
++.It Pa %%PREFIX%%/etc/obhttpd.conf
+ Default configuration file.
+-.It Pa /etc/ssl/private/server.key
++.It Pa %%PREFIX%%/etc/ssl/private/server.key
+ Default SSL/TLS server key.
+-.It Pa /etc/ssl/server.crt
++.It Pa %%PREFIX%%/etc/ssl/server.crt
+ Default SSL/TLS server certificate.
+-.It Pa /var/run/httpd.sock
++.It Pa /var/run/obhttpd.sock
+ .Ux Ns -domain
+ socket used for communication with
+ .Nm .
+-.It Pa /var/www/logs/access.log
++.It Pa %%WWWDIR%%/logs/access.log
+ Default access log file.
+-.It Pa /var/www/logs/error.log
++.It Pa %%WWWDIR%%/logs/error.log
+ Default error log file.
+ .El
+ .Sh SEE ALSO
+ .Xr acme-client 1 ,
+-.Xr httpd.conf 5 ,
++.Xr obhttpd.conf 5 ,
+ .Xr slowcgi 8
+ .Sh HISTORY
+ The
Index: www/obhttpd/files/patch-usr.sbin_httpd_httpd.c
===================================================================
--- /dev/null
+++ www/obhttpd/files/patch-usr.sbin_httpd_httpd.c
@@ -0,0 +1,11 @@
+--- usr.sbin/httpd/httpd.c.orig	2017-02-16 19:21:54 UTC
++++ usr.sbin/httpd/httpd.c
+@@ -204,7 +204,7 @@ main(int argc, char *argv[])
+ 		ps->ps_title[proc_id] = title;
+ 
+ 	if (env->sc_chroot == NULL)
+-		env->sc_chroot = ps->ps_pw->pw_dir;
++		env->sc_chroot = "%%WWWDIR%%";
+ 	for (proc = 0; proc < nitems(procs); proc++)
+ 		procs[proc].p_chroot = env->sc_chroot;
+ 
Index: www/obhttpd/files/patch-usr.sbin_httpd_httpd.conf.5
===================================================================
--- /dev/null
+++ www/obhttpd/files/patch-usr.sbin_httpd_httpd.conf.5
@@ -0,0 +1,195 @@
+--- usr.sbin/httpd/httpd.conf.5.orig	2016-10-17 10:49:16 UTC
++++ usr.sbin/httpd/httpd.conf.5
+@@ -15,15 +15,15 @@
+ .\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ .\"
+ .Dd $Mdocdate: May 9 2016 $
+-.Dt HTTPD.CONF 5
++.Dt OBHTTPD.CONF 5
+ .Os
+ .Sh NAME
+-.Nm httpd.conf
+-.Nd HTTP daemon configuration file
++.Nm obhttpd.conf
++.Nd OBHTTP daemon configuration file
+ .Sh DESCRIPTION
+ .Nm
+-is the configuration file for the HTTP daemon,
+-.Xr httpd 8 .
++is the configuration file for the OBHTTP daemon,
++.Xr obhttpd 8 .
+ .Sh SECTIONS
+ .Nm
+ is divided into four main sections:
+@@ -33,9 +33,9 @@ User-defined variables may be defined an
+ configuration file.
+ .It Sy Global Configuration
+ Global settings for
+-.Xr httpd 8 .
++.Xr obhttpd 8 .
+ .It Sy Servers
+-Listening HTTP web servers.
++Listening OBHTTP web servers.
+ .It Sy Types
+ Media types and extensions.
+ .El
+@@ -46,7 +46,7 @@ a host
+ can be specified by IPv4 address, IPv6 address, interface name,
+ interface group, or DNS hostname.
+ If the address is an interface name,
+-.Xr httpd 8
++.Xr obhttpd 8
+ will look up the first IPv4 address and any other IPv4 and IPv6
+ addresses of the specified network interface.
+ If
+@@ -82,7 +82,7 @@ Additional configuration files can be in
+ .Ic include
+ keyword, for example:
+ .Bd -literal -offset indent
+-include "/etc/httpd.conf.local"
++include "%%PREFIX%%/etc/obhttpd.conf.local"
+ .Ed
+ .Sh MACROS
+ Macros can be defined that will later be expanded in context.
+@@ -110,8 +110,7 @@ Set the
+ .Xr chroot 2
+ directory.
+ If not specified, it defaults to
+-.Pa /var/www ,
+-the home directory of the www user.
++.Pa %%WWWDIR%%.
+ .It Ic default type Ar type/subtype
+ Set the default media type that is used if the media type for a
+ specified extension is not found in the configured types or for files
+@@ -132,7 +131,7 @@ directory.
+ Run the specified number of server processes.
+ This increases the performance and prevents delays when connecting
+ to a server.
+-.Xr httpd 8
++.Xr obhttpd 8
+ runs 3 server processes by default.
+ .El
+ .Sh SERVERS
+@@ -172,11 +171,11 @@ the
+ using pattern matching instead of shell globbing rules,
+ see
+ .Xr patterns 7 .
+-.It Oo Ic no Oc Ic authenticate Oo Ar realm Oc Ic with Pa htpasswd
++.It Oo Ic no Oc Ic authenticate Oo Ar realm Oc Ic with Pa obhtpasswd
+ Authenticate a remote user for
+ .Ar realm
+ by checking the credentials against the user authentication file
+-.Pa htpasswd .
++.Pa obhtpasswd .
+ The file name is relative to the
+ .Ic chroot
+ and must be readable by the www user.
+@@ -188,7 +187,7 @@ Drop the connection without sending an e
+ .It Ic block Op Ic return Ar code Op Ar uri
+ Close the connection and send an error page.
+ If the optional return code is not specified,
+-.Xr httpd 8
++.Xr obhttpd 8
+ denies access with a
+ .Sq 403 Forbidden
+ response.
+@@ -261,7 +260,7 @@ If not specified, it defaults to
+ .Pa index.html .
+ .It Ic no index
+ Disable the directory index.
+-.Xr httpd 8
++.Xr obhttpd 8
+ will neither display nor generate a directory index.
+ .El
+ .It Oo Ic no Oc Ic fastcgi Op Ic socket Ar socket
+@@ -271,7 +270,7 @@ The
+ is a local path name within the
+ .Xr chroot 2
+ root directory of
+-.Xr httpd 8
++.Xr obhttpd 8
+ and defaults to
+ .Pa /run/slowcgi.sock .
+ .Pp
+@@ -333,7 +332,7 @@ The configured TCP server port of the se
+ The revision of the HTTP specification used.
+ .It Ic SERVER_SOFTWARE
+ The server software name of
+-.Xr httpd 8 .
++.Xr obhttpd 8 .
+ .El
+ .It Ic hsts Oo Ar option Oc
+ Enable HTTP Strict Transport Security.
+@@ -452,7 +451,7 @@ The
+ is a pathname within the
+ .Xr chroot 2
+ root directory of
+-.Nm httpd .
++.Nm obhttpd .
+ If not specified, it defaults to
+ .Pa /htdocs .
+ .It Ic strip Ar number
+@@ -504,7 +503,7 @@ The
+ .Ar file
+ should contain a PEM encoded certificate.
+ The default is
+-.Pa /etc/ssl/server.crt .
++.Pa %%PREFIX%%/etc/ssl/server.crt .
+ .It Ic ciphers Ar string
+ Specify the TLS cipher string.
+ If not specified, the default value
+@@ -530,9 +529,9 @@ The
+ should contain a PEM encoded private key and reside outside of the
+ .Xr chroot 2
+ root directory of
+-.Nm httpd .
++.Nm obhttpd .
+ The default is
+-.Pa /etc/ssl/private/server.key .
++.Pa %%PREFIX%%/etc/ssl/private/server.key .
+ .It Ic protocols Ar string
+ Specify the TLS protocols to enable for this server.
+ If not specified, the value
+@@ -545,14 +544,14 @@ function for other valid protocol string
+ .El
+ .Sh TYPES
+ Configure the supported media types.
+-.Xr httpd 8
++.Xr obhttpd 8
+ will set the
+ .Ar Content-Type
+ of the response header based on the file extension listed in the
+ .Ic types
+ section.
+ If not specified,
+-.Xr httpd 8
++.Xr obhttpd 8
+ will use built-in media types for
+ .Ar text/css ,
+ .Ar text/html ,
+@@ -578,7 +577,7 @@ One or more names can be specified per l
+ Each line may end with an optional semicolon.
+ .It Ic include Ar file
+ Include types definitions from an external file, for example
+-.Pa /usr/share/misc/mime.types .
++.Pa %%PREFIX%%/etc/mime.types .
+ .El
+ .Sh EXAMPLES
+ The following example will start one server that is pre-forked two
+@@ -656,13 +655,13 @@ server "www.example.com" {
+ }
+ .Ed
+ .Sh SEE ALSO
+-.Xr htpasswd 1 ,
++.Xr obhtpasswd 1 ,
+ .Xr patterns 7 ,
+-.Xr httpd 8 ,
++.Xr obhttpd 8 ,
+ .Xr slowcgi 8
+ .Sh AUTHORS
+ .An -nosplit
+ The
+-.Xr httpd 8
++.Xr obhttpd 8
+ program was written by
+ .An Reyk Floeter Aq Mt reyk@openbsd.org .
Index: www/obhttpd/files/patch-usr.sbin_httpd_patterns.7
===================================================================
--- /dev/null
+++ www/obhttpd/files/patch-usr.sbin_httpd_patterns.7
@@ -0,0 +1,29 @@
+--- usr.sbin/httpd/patterns.7.orig	2017-02-13 16:32:53 UTC
++++ usr.sbin/httpd/patterns.7
+@@ -33,7 +33,7 @@
+ .Nd Lua's pattern matching rules
+ .Sh DESCRIPTION
+ Pattern matching in
+-.Xr httpd 8
++.Xr obhttpd 8
+ is based on the implementation of the Lua scripting language and
+ provides a simple and fast alternative to the regular expressions (REs) that
+ are described in
+@@ -272,7 +272,7 @@ there will be two captures: 2 and 4.
+ .Sh SEE ALSO
+ .Xr fnmatch 3 ,
+ .Xr re_format 7 ,
+-.Xr httpd 8
++.Xr obhttpd 8
+ .Rs
+ .%A Roberto Ierusalimschy
+ .%A Luiz Henrique de Figueiredo
+@@ -299,7 +299,7 @@ and
+ .An Luiz Henrique de Figueiredo
+ at PUC-Rio.
+ It was turned into a native C API for
+-.Xr httpd 8
++.Xr obhttpd 8
+ by
+ .An Reyk Floeter Aq Mt reyk@openbsd.org .
+ .Sh CAVEATS
Index: www/obhttpd/files/patch-usr.sbin_httpd_proc.c
===================================================================
--- /dev/null
+++ www/obhttpd/files/patch-usr.sbin_httpd_proc.c
@@ -0,0 +1,11 @@
+--- usr.sbin/httpd/proc.c.orig	2017-02-16 19:23:09 UTC
++++ usr.sbin/httpd/proc.c
+@@ -544,7 +544,7 @@ proc_run(struct privsep *ps, struct priv
+ 
+ 	/* Change root directory */
+ 	if (p->p_chroot != NULL)
+-		root = p->p_chroot;
++		root = "%%WWWDIR%%";
+ 	else
+ 		root = pw->pw_dir;
+ 
Index: www/obhttpd/files/patch-usr.sbin_httpd_server__file.c
===================================================================
--- /dev/null
+++ www/obhttpd/files/patch-usr.sbin_httpd_server__file.c
@@ -0,0 +1,30 @@
+OpenBSD 6.0 errata 17, Jan 31, 2017
+
+A bug in the processing of range headers in httpd can lead to memory
+exhaustion. This patch disables range header processing.
+
+--- usr.sbin/httpd/server_file.c.orig	2016-10-17 10:49:16 UTC
++++ usr.sbin/httpd/server_file.c
+@@ -66,7 +66,6 @@ server_file_access(struct httpd *env, st
+ 	struct http_descriptor	*desc = clt->clt_descreq;
+ 	struct server_config	*srv_conf = clt->clt_srv_conf;
+ 	struct stat		 st;
+-	struct kv		*r, key;
+ 	char			*newpath, *encodedpath;
+ 	int			 ret;
+ 
+@@ -146,13 +145,7 @@ server_file_access(struct httpd *env, st
+ 		goto fail;
+ 	}
+ 
+-	key.kv_key = "Range";
+-	r = kv_find(&desc->http_headers, &key);
+-	if (r != NULL)
+-		return (server_partial_file_request(env, clt, path, &st,
+-		    r->kv_value));
+-	else
+-		return (server_file_request(env, clt, path, &st));
++	return (server_file_request(env, clt, path, &st));
+ 
+  fail:
+ 	switch (errno) {
Index: www/obhttpd/pkg-plist
===================================================================
--- www/obhttpd/pkg-plist
+++ www/obhttpd/pkg-plist
@@ -5,3 +5,7 @@
 man/man8/obhttpd.8.gz
 sbin/obhtpasswd
 sbin/obhttpd
+@dir %%WWWDIR%%/cgi-bin
+@dir %%WWWDIR%%/htdocs
+@dir %%WWWDIR%%/logs
+@dir %%WWWDIR%%/run