while changing things, add a crypt_checkpass wrapper that handles most of
the edge cases. (not quite ready for production, though.)
ok deraadt

deterministic behavior. four selected because it's more than three, less
than five. i.e., no particular reason.

can avoid reinventing the wheel
ok guenther schwarze

ok crickets@

wherever it decides it would like them. first step. ok deraadt dlg djm

switch to generating them by default. prodded by deraadt and sthen

2. Pull up the actual minor processing code into the switch that
parses it.
3. atoi is actually simpler than strtonum in this case, but check the
input beforehand so we don't get unexpected results.
4. Slightly more consistent style between various parse and check and
increment operations on salt.
ok deraadt

a free chunk at random and may allow to increase delayed chunk array.
ok otto

default and the new 'j' option to disable this; ok jmc@

we always junk small chunks now, and the first part of pages,
but only after free. J still does the old thing. j disables everything.
Consider experimental as we evaluate performance in the real world.
ok otto

okay otto@

Should improve sparc64 and other be archs. ok matthew@ miod@

- use <>

malloc can, as always, be emulated via realloc(NULL).
ok deraadt

Like calloc(), except without the cleared-memory gaurantee
ok beck guenther, discussed for more than a year...

From Ben Cornett (ben (at) lantern.is)

non-dangerous use functions is difficult.
ok guenther

For inet(3), go the other way, remove some bogus symlinks.
Found while testing the new makewhatis(8).
ok jmc@

This is merely a by-product of figuring out the amount of phk@ code
contained herein; i'm not planning to hack on this file.

this license change. We will remember that we all still like beer.

"A collision attack published in 2007 can find collisions for full
MD4 in less than two hash operations."
ok deraadt@, man pages ok jmc@

use better constant for salt size.
always copy ":" to gerror, in case somebody is dumb enough to overwrite it
timingsafe_bcmp before somebody whines about strcmp

add some friendlier functions.
move the classic static data api into wrapper functions.
a few more changes to come...

this hardware alive is becoming increasingly difficult, and I should heed the
message sent by the three disks which have died on me over the last few days.
Noone sane will mourn these ports anyway. So long, and thanks for the fish.

(namespace pollution!) or talking about its opinion on code.
ok krw@

add a more complete check for the rounds parameter. ok deraadt

ok deraadt@ bentley@