ok guenther

Technically, it's a slight variant of bcrypt better suited for use as a
pluggable hash with PKCS #5 PBKDF2.
ok djm
(also tweak pkcs5_pbkdf2() prototype to have consistent types.)

move the call_depth decrement so it happens unconditionally and can
still return to 0 when called with dso!=NULL.
ok millert

Catalogs had an arbitrary character set which was used regardless of locale.
Add UTF-8-encoded catalogs for libc error messages, and rename existing ones
to indicate their character sets. catopen(3) now chooses a catalog which
matches the locale's encoding, if available.
help & ok matthew, man page bits ok jmc, input from naddy and bluhm

ok millert@

ok millert

from Alf Schlichting
ok millert@

Requires a libc minor bump, committing now so that we have up-to-date
snapshots for the upcoming hackathon.
joint work with millert@
man page bits ok jmc@
input and ok millert@, guenther@, deraadt@

ok otto

ok otto

want to be using DES) and some of the notes about the export controls
are no longer so relevant. ok deraadt jmc

the function is going to return.

silence some warnings.

later revision of FIPS-180.  OK miod@ jmc@ guenther@ djm@

okay guenther@

where appropriate.  Among other things makes the symbols consistent
across all architectures (notably where ldbl mantissa is 53 bits).
While at it, kill unused LINTLIBRARY/PROTOLIB1 cruft which was there
to trick lint into recording the right prototypes for aliased
functions.  Most of the work done at the awesome n2k13 hackathon.
Agreed by kettenis@, guenther@, matthew@.

reported by ajacoutot and (much earlier, sorry) by Alexey Suslikov

ok millert@, mikeb@, lteo@

corner cases.  OK millert@.

expanded, but not enough due to precedence error. Spotted by Thorsten Glaser.

would be able to receive multiple SCM_RIGHTS messages.
ok claudio@ gilles@

ok guenther millert kettenis

text.  OK deraadt@

grantpt() and unlockpt() using /dev/ptm.  Man pages from FreeBSD.
OK kettenis@ deraadt@ beck@ ajacoutot@ naddy@

not going to fix in order to stay compatible with legacy password data.
Nobody should use DES crypt anyway these days.
See http://www.freebsd.org/security/advisories/FreeBSD-SA-12:02.crypt.asc
for details about this bug.
Discussed with deraadt and beck about half a year ago (I'm pruning Ms
from my tree).

or the special value of 0.
ok deraadt@ otto@

an invalid multiplier, like the man page says it should
"looks sensible" deraadt@, ok ian@

Should make coredumps from abort() easier to debug too.
ok kurt@

unmapping of freed allocations without disabling chunk randomisation
like the "Freeguard" ('F') option does. Make security 'S' option
use 'U' and not 'F'.
Rationale: guarding with no chunk randomisation is great for debugging
use-after-free, but chunk randomisation offers better defence against
"heap feng shui" style attacks that depend on carefully constructing a
particular heap layout so we should leave this enabled when requesting
security options.

references into a STANDARDS section;

an empty name, NULL pointer, or a name containing an '=' character.
OK millert@, guenther@

in working condition anymore (assuming there would be interest in running on
it).

equal, but it is more correct)
from Michal Mazurek

Okay otto@.
Found by Michal Mazurek <akfaew at jasminek dot net>, thanks!

be included in source files that specify POSIX source.  libutil isn't
a standard POSIX library, but no need to be gratuitously incompatible.
Fixes x11/st.
ok tedu, guenther, kettenis