This is slightly less robust, but RAND_MAX must be one below a power
of two in both variants anyway.
Based on a suggestion by Matthew Martin.
ok tedu@

1. Optionally add random "canaries" to the end of an allocation. This
requires increasing the internal size of the allocation slightly, which
probably results in a large effective increase with current power of two
sizing. Therefore, this option is only enabled via 'C'.
2. When writing junk (0xdf) to freed chunks (current default behavior),
check that the junk is still intact when finally freeing the delayed chunk
to catch some potential use after free. This should be pretty cheap so
there's no option to control it separately.
ok deraadt tb

straight replace: thanks both to schwarze and maja for feedback
on how to rewrite parts;
i've snuck in an rcs id->openbsd id change in dev_mkdb too;

ok tedu@

ok millert@

ok jmc@

Berzerkeley DB code.

or otherwise change Dt to reflect the name of an existing function;
feedback/ok schwarze

stubs for the executable from crtbegin.o into libc, which lets them be
excluded from static links that don't use them.
For this, drop the normal crt{begin,end}S.o from libc.so: the .init and .fini
sections for libc aren't called at the right times anyway, so it's good that
they're unused.  libc.so just needs __guard_local and the .note.openbsd.ident
section, so add them to stack_protector.c for now (this will be improved)
"good time" deraadt@

doesn't get pulled into all static executables
ok millert@ jca@

Wrap __cxa_{atexit,finalize}() so the call from exit() goes direct
Switch regress/lib/libc/atexit/ to be built with -static so that it can
still access __atexit*
ok millert@ jca@

are the errno messages and signal names.  Everything else is in
English.  We are not planning to translate more text.  Running a
mixed system with less than 1% of the text in native language makes
no sense.  So remove the NLS support from libc messages.  The
catopen(3) functions stay as they are.
OK stsp@ mpi@

wrappers.  To keep uses from crawling back in, mark signal() as
deprecated inside libc.
ok deraadt@

SIGINT and SIGQUIT with sigaction() instead of signal() so that all bits
are preserved.
ok deraadt@ millert@

into libc, and move pthread_sigmask() as well (just a trivial wrapper).
This provides consistent handling of SIGTHR between single- and multi-threaded
programs and is a step in the merge of all the libpthread overloads, providing
some ASM and Makefile bits that the other wrappers will need.
ok deraadt@ millert@

the truncation check immediately following it was not updated to
match.  Not an issue in practice since the buffers are the same
size.  OK deraadt@

case, by deleting some useless '& of an array' we also eliminate the need
for the casts which prompted the original lint warnings
ok deraadt@

ok millert@

on arm and m88k
problems with optind observed by jsg@

development of a cargo cult in case people look at existing files
for examples.  This achieves a consistent .Fo and .Fn quoting style
across the whole tree.

Hide bcrypt_autorounds(), prefixing with an underbar for static builds.

verified that they are there via isdigit() so we can convert from
ASCII to an int without using atoi().  OK guenther@ deraadt@

C standard are all weak.
Apply __{BEGIN,END}_HIDDEN_DECLS to gdtoa{,imp}.h, hiding the
arch-specific __strtorx, __ULtox_D2A, __strtorQ, __ULtoQ_D2A symbols.

and the symbols not in the C standard are weak

Delete unused 'fd' argument from internal function oldttyname()

variables go direct.  (Common variables cannot be aliased.)

ok deraadt@

By default, MSVC's stdlib.h defines min(), so we need to spell out something
less common to avoid picking it up.
ok deraadt@ beck@ miod@

so that we can provide asm labels for the memcpy/memset/__stack_smash_handler
calls that it generates ab initio.  Eliminate direct #includes of it.  Make
sure it's a dependency of all objects (unnecessary for asm, but close enough).
ok deraadt@

to eliminate duplicate copies of the tables and get direct access internally
ok kettenis@ deraadt@

_cat* in the process.
ok kettenis@

wrapper .h files and asm labels to let internal calls resolve directly and
not be overridable or use the PLT.  Then, apply that framework to most of
the functions in stdio.h, string.h, err.h, and wchar.h.  Delete the
should-have-been-hidden-all-along _v?(err|warn)[cx]? symbols while here.
tests clean on i386, amd64, sparc64, powerpc, and mips64
naming feedback from kettenis@ and millert@
ok kettenis@

and __dorand48() and __rand48_deterministic
ok deraadt@

malloc/calloc/realloc* returns.

99% of the world calls it.
allow just "bcrypt" without params to mean auto-tune ("bcrypt,a").
default remains 8 rounds (for now)
ok deraadt

OK tedu@