For Windows, we are simply using calloc, which has two annoyances:
the memory has more permissions than needed by default, and it comes
from the process heap, which looks like a memory leak since this memory
is rightfully never freed.
This switches _rs_alloc on Windows to use VirtualAlloc, which restricts the
memory to READ|WRITE and keeps the memory out of the process heap.
ok deraadt@

chunk rnd), rm P: is default

double unmap and I experienced a much more unstable firefox.
discussed with otto on icb

expensive syscall, and we don't want to tie up other threads. there's no
need to hold the lock, so defer it to afterwards.
from Michael McConville
ok deraadt

for login.conf, and we don't want to go lower.

already does this, so we don't want to go backwards on password changes.
ok krw

for example, were removed in 2013 because they don't make sense in ldpd.
ok deraadt

filters (AS, peer-as, source-as, transit-as).
Add a use case (block illegal AS numbers) to the bgpd.conf example.
feedback from claudio, sthen, florian,
ok florian@ phessler@

Point at wikipedia's list of blacklists instead, some are DNS-only but there
are a few rsyncable ones in there (including a good commercial one and some
free ones).

frequently for my taste, and disk is cheap.
ok deraadt millert

became more visible recently because a log_debug was changed to
log_warnx.  Change it back for now.
ok jsing

ok tedu@

a rant Theo wrote 24 years ago.  Mark __ypexclude_{add,is,free}() as hidden
"get off my lawn!" deraadt@

ok natano@ millert@ deraadt@

- run commands in subshell only if mktemp is successful
- on error just leave the for-loop but set _error=true
- cleanup tmpdirs afterwards
- set _error=true if the ro remount fails
- print appropriate final message depending on $_error
positive feedback from deraadt
OK krw

are left for now but umg files are no longer built when building
releases.

OK deraadt

OK sthen, deraadt

in some cases.  Be consistent and use "dst" everywhere like for
strlcat(3) and strncat(3).  From Tim Kuijsten.

- move the info message inside the function
- skip reordering if /usr/lib is on a nfs mounted filesystem
- temporarily remount rw if /usr/lib is on a ro ffs file-system
OK deraadt

longjmp performs can't really be relied upon, even after we got rid of the
false positives...
ok millert@ deraadt@

ok millert@ deraadt@

OK deraadt

available wide open.  there should be some access model either via a
group or fbtab.  This will cause a decision to be made.
ok millert

ensure that we load the CA certificates and use tls_connect_servername()
so that we can verify the server we are connecting to (even though we've
already resolved the hostname). Also add additional warnings for TLS
connect and TLS write failures so that we know what is happening and why.
Lack of server name verification also reported by Luis M. Merino
<luismiguelmerino at gmail dot com> - thanks!
ok deraadt@ reyk@

and force long filenames on the first mount of fat 16 filesystems so
this works.
U-boot scripts have not yet been changed to load these files.
ok kettenis@

about pkg.conf isn't really that helpful and if a big syntax change comes along
well we have current.html.
it was disabled during p2k16 and no one complained so far
discussed with and ok deraadt@

sthen does not object

hppa reverse-stack gives us a valuable test case, but most developers don't
have a 2nd one to proceed further with this.
ok kettenis

From Michal Mazurek <akfaew at jasminek dot net>.
OK tedu@

ok beck@

the University of Alberta moves away from running a spamd fronted MX,
so there is no more source for this traplist anymore.