This is slightly less robust, but RAND_MAX must be one below a power
of two in both variants anyway.
Based on a suggestion by Matthew Martin.
ok tedu@

prodded by tim@, ok mpi@

towards other YES|NO options and drop the error warning.
with and ok tim@, ok rpe@ on an earlier diff

ok deraadt

some time ago by phessler and IIRC also mikeb), and for qname-minimisation

ok jsing@, deraadt@, beck@

From Craig Rodrigues.
ok tedu@

1. Optionally add random "canaries" to the end of an allocation. This
requires increasing the internal size of the allocation slightly, which
probably results in a large effective increase with current power of two
sizing. Therefore, this option is only enabled via 'C'.
2. When writing junk (0xdf) to freed chunks (current default behavior),
check that the junk is still intact when finally freeing the delayed chunk
to catch some potential use after free. This should be pretty cheap so
there's no option to control it separately.
ok deraadt tb

Ok tb@ jung@

not backed by blocks until used.
So I'll use /home/vm instead.
Pointed out by deraadt@

not fixed yet.

the paths.
Ok gilles@, jung@

rc-wise OK aja@ jasper@

default one is good enough.
So merge rc.conf(8)'s 'multicast_router' and 'multicast_host' into a
single 'multicast'.  If set to YES the reject route for 224/4 is not
inserted by netstart(8).
Manual bits from jmc@
ok henning@, ajacoutot@

caller and let him do another poll loop. This fixes spinning relayd
processes seen on busy TLS relays. OK benno@ henning@

ok mlarkin@
prompted by deraadt@

the doas program itself will refuse to use an insecure config file.
(changelist will continue to watch for changes, as well.)

shlib_dirs using /etc/rc.conf.local.
Fix from Jan Johansson, thanks.
OK krw@, halex@

discussed with jsg

They should not share a uid.  Leave the proxy uid for later mop-up
(sysmerge does not handle uid renamings well enough)
ok dlg, ok aja a while back

ok benno@ requested by tedu@

straight replace: thanks both to schwarze and maja for feedback
on how to rewrite parts;
i've snuck in an rcs id->openbsd id change in dev_mkdb too;

OK deraadt@ beck@

ok tedu@

ok millert@

ok jmc@

used by the constraint processes setup later (chroot, setuid...)
[late getpwnam discovered during a further audit]
ok millert

the b* byte functions belong in strings.h, not string.h so break
them out of string.h into a new strings.h.  As long as there is no
POSIX or X/OPEN define in use string.h will pull in strings.h.
OK naddy@ deraadt@

ok deraadt

strndup().
ok millert@

need to live somewhere in the meantime.)

Berzerkeley DB code.

This version of the function will always open the secure/shadow/master
password files. Soon, the regular variants of these functions will not.
(Intermixing shadow and regular gets a little weird; don't do that.)
Not using struct spwd and getspwnam functions to reduce churn in callers.
Should just be a one line diff in most places.
ok deraadt

conceptual ok guenther millert nicm