and the symbols not in the C standard are weak

Delete unused 'fd' argument from internal function oldttyname()

variables go direct.  (Common variables cannot be aliased.)

machinery. OpenBSD has never been not ELF on amd64, and changing this will
actually make -portable life slightly easier in the near future.

ok deraadt@

By default, MSVC's stdlib.h defines min(), so we need to spell out something
less common to avoid picking it up.
ok deraadt@ beck@ miod@

so that we can provide asm labels for the memcpy/memset/__stack_smash_handler
calls that it generates ab initio.  Eliminate direct #includes of it.  Make
sure it's a dependency of all objects (unnecessary for asm, but close enough).
ok deraadt@

to eliminate duplicate copies of the tables and get direct access internally
ok kettenis@ deraadt@

_cat* in the process.
ok kettenis@

wrapper .h files and asm labels to let internal calls resolve directly and
not be overridable or use the PLT.  Then, apply that framework to most of
the functions in stdio.h, string.h, err.h, and wchar.h.  Delete the
should-have-been-hidden-all-along _v?(err|warn)[cx]? symbols while here.
tests clean on i386, amd64, sparc64, powerpc, and mips64
naming feedback from kettenis@ and millert@
ok kettenis@

through all existing pseudo-tty devices in /dev.

and __dorand48() and __rand48_deterministic
ok deraadt@

malloc/calloc/realloc* returns.

99% of the world calls it.
allow just "bcrypt" without params to mean auto-tune ("bcrypt,a").
default remains 8 rounds (for now)
ok deraadt

OpenSSL stopped building it last year and removed it this year.
Based on OpenSSL commit c436e05bdc.
Also cranked major version in libcrypto, libssl and libtls.
"fine with me" bcook@ miod@

platforms) by explicitly making imsg->data = NULL when there is no
data. ok deraadt

OK tedu@

ok deraadt jeremy

ok jsing@

ok gilles claudio doug

henning@ "sure"

bcook@ notes that this check really only impacted 64-bit Windows.  Also,
changed the check to be unsigned for consistency.
ok bcook@

consistent with the behavior of the other libc sort functions.
OK deraadt@

ok miod@ jsing@

ok deraadt@ jsing@ miod@

when we can just make spanp const char * to match it.  OK deraadt@

We do not build, test or ship any dynamic engines, so we can remove the dynamic
engine loader as well. This leaves a stub initialization function in its place.
ok beck@, reyk@, miod@

This only provides the sysctl wrapper in glibc, which we do not use and is not available in other libc implementations for Linux. Thanks to ncopa from github.

Fix one occurence in imsg_flush() and clarify it the man page.
Discussed with at least blambert@ jsg@ yasuoka@.
OK gilles@

is non-portable.  Also add missing asprintf() return value checks.
OK deraadt@ guenther@ doug@

part of the ISO C standard and have also been dropped from POSIX.
OK guenther@ kettenis@

of some undefined value.
OK tedu@

ok millert@ jmc@ schwarze@

separately to avoid false negatives.
ok miod@ millert@

Include it if we have the sysctl syscall.

From Michael Felt.

consistent handling of negative ids on 32bit/64bit systems.
The only negative uid/gid allowed is -1 which is special-cased
so it can be preserved when writing the new master.passwd file
instead of being written as an unsigned number.  OK deraadt@

The issetugid() API is supposed to make a strong promise where "0
means it is safe to look at the environment".  Way back in the past
someone on the OpenSSL team responded to the environment access danger
by creating a wrapper called OPENSSL_issetugid, and went to use it a
number of places.  However, by default on systems lacking true
issetugid(), OPENSSL_issetugid returns 0.  0 indicating safely.  False
safety.  Which means OPENSSL_issetugid() fails to make any sort of
promise about safety, in fact it is just the opposite.
Can you believe the OpenSSL team?
This nastiness was noticed over the years, however noone could gain traction
and get it fixed in OpenSSL.  Also see a paragraph about this in
http://www.tedunangst.com/flak/post/worst-common-denominator-programming
ok jsing