This allows an application to only update a password entry if it is
in the state it expects.  Additionally, if the old passwd struct
is specified the new one may have a different pw_name field since
matching is done on the original.  Adapted from FreeBSD.

This allows for safe abort handling, without tripping into
false recursivity problems.
Ok tedu@, deraadt@

instead of 16.  E.g. it is now /dev/{p,t}typ[0-9a-zA-z] instead of just
/dev/{p,t}typ[0-9a-f].  This requires that you update MAKEDEV and run:
# cd /dev && ./MAKEDEV pty0 && rm -f [pt]ty[rq]*

ok millert@ deraadt@ jason@

reviewed by deraadt@, tedu@

suggested by deraadt@

ioctl(2), an unprivileged process may allocate a pty and have its owner
and mode set appropriately.  This means that programs such as xterm and
screen no longer need to be setuid.  Programs using the openpty()
function require zero changes and will "just work".
Designed by beck@ and deraadt@; changes by beck@ with cleanup (and
a rewrite of the vnode bits) by art@ and tweaks/bugfixes by me.
Tested by many.

some of this ok espie@, all of it ok deraadt@

this can cause confusion when a user tries to use a long option with
a program that only supports short options.  Furthermore, it appears
to be in violation of POSIX, which states that "--" shall indicate
the end of argument processing, not any string that begins with "--".
OK otto@ and closes PR 3666.

discussed with todd@

to avoid flushing stdio twice.  This code path should never really
happen though.  Also make the function declaration ANSI.  OK deraadt@

which could result in writing a NUL byte outside of tokens[].  A fix, from
Patrick Latifi, is to move the increment into the "i < MAXTOKENS - 1" block.

- Talk about zeroing the last element of the longopts array.
- Remove '?' from the switch and some KNF to the code.
- Change 0's to NULL where appropriate.
jmc@ ok.

o Round negative numbers correctly
o Do not print fractional valus for byte values
ok ian@ henning@

"Weaknesses in the Key Scheduling Algorithm of RC4", Fluhrer, Mantin and
Shamir. ok itojun@

kill a .Pp before a display;

page after each page size allocation to detect overrun.  this is
somewhat electric fence like, while attempting to be mostly usable in
production.  also, use tdeval's chunk randomization code.
enabled with the G option.
ok deraadt and co.

actually an error, A still applies full effect.
suggested by phk. ok deraadt@ tdeval@

from er, Charlie Root (PR 3506)

lock before setting malloc_func, not after.
ok cloder@ deraadt@

mostly from tjr@freebsd's rev. 1.14 commit.

with error messages elsewhere.  requested ok deraadt@ henning@

ok deraadt@ henning@ millert@

this effect.  OK deraadt@ pvalchev@

POSIX and/or GNU.  deraadt@ and jmc@ OK

is set), we can accept an optional arg separated by whitespace.  Previously,
the optional arg needed to be adjacent to the option character.
deraadt@ OK

the allocation.  ok deraadt@ markus@

slight sync with NetBSD page;
ok millert@

Same as sys/crypto/sha2.c revision 1.2

ok deraadt@

ok deraadt@ espie@ marcm@

ok deraadt@