OK deraadt, phessler

Unhook rtadvd from build.
OK deraadt, phessler

Remove rtadvd(8) from rc(8).
OK deraadt, phessler

from lauri tirkkonen;
ok sthen beck

as unsynced. reported by naddy, also seen by me (I noticed because
monitoring-plugins check_ntp complained). ok claudio henning

This brings unveil into the tree, disabled by default - Currently
this will return EPERM on all attempts to use it until we are
fully certain it is ready for people to start using, but this
now allows for others to do more tweaking and experimentation.
Still needs to send the unveil's across forks and execs before
fully enabling.
Many thanks to robert@ and deraadt@ for extensive testing.
ok deraadt@

sensors, mark us unsynced again. ok reyk krw, pt out / discussion / help naddy

This recycles the _btd uid/gid that have been removed in 2013.
Discussed in the hackroom.

to running VMs (at least for OpenBSD ones), but the stop routine for system
daemons is not usually called at shutdown.
Earlier version with just "vmd stop" ok reyk@ kn@, ajacoutot@ reminded me
to hide the contextless "vmd(ok)" text which looks bad, I did so and wrapped
it with a "stopping VMs" message (it can take some time, especially when you
have multiple VMs, so better to have some clear feedback).

Use it in /etc/rc.d/vmd accordingly.
OK sthen@

OK(failed) phessler
OK deraadt

calloc or strdup), we just need to log that we ran out of memory in a
particular function.
Recommended by florian@ and deraadt@
ok benno@ henning@ tb@

Show proper error message if a regular user executes netstart.
Only do the privilege check if the id binary is available,
which might not be the case during diskless system startup.
ok deraadt, jasper, jca, krw, rpe (who wrote the same diff), sthen

running out of memory.
Next step, be correct *and* consistent.
ok dennis@ tb@ benno@ schwarze@

ok benno@ deraadt@

From Raf Czlonka

Globally anycasted 6to4 has outlived its usefulness.
Operational discussion: http://seclists.org/nanog/2018/Jun/268
OK deraadt@

"root strip" was semantically incorrect and did cause some confusion
as it never stripped the root but the client's request path.
Discussed with many.  Heads up: this is a grammar change that also
affects acme-client(1) configurations (see current.html).
OK claudio@

Adjust filters and comment them to explain the basic operation.
Use large-community and a prefix-set to ensure no bad prefixes are
leaked to eBGP speakers.
With and OK job@

immediately above also uses this notation, it's shorter, and it keeps
two examples in the man page which claim to be the same as the default config
(but with exceptions) in sync;
ok gilles

4.2 BSD takes a signal mask as argument while POSIX sigpause(int
sig) expects a single signal.  Do not expose our traditional BSD
sigpause(3) to XPG/POSIX sources.
OK guenther@

ok eric@

so that the changed default will be pointed out to the admin by
sysmerge.
Idea & OK sthen

OK millert@, kn@, ian@, sthen@

cases and will just be copied by users without thinking.
ok claudio@

Rockchip ARM SoCs.
ok millert@, deraadt@

With advice from jca@
OK jca@ millert@

Suggested by and OK jmc.
OK tb

ok kettenis@+florian@'s OCD

OK benno

While here, qname minimisation is an RFC since some time.
tweak & OK sthen

With & OK deraadt
input sthen
looks better to beck
OK benno

session tickets instead. Adjust example relayd.conf file.
From Matt Schwartz, reminded by jmc@ OK deraadt@

From Raf Czlonka, ok sthen@

Based on discussion here https://github.com/libressl-portable/openbsd/pull/82
Suggested fix from jsing@

extensions and modern compilers (such as clang) will use them to optimize
separate calculations of sine and cosine.
ok tom@, patrick@, deraadt@, jmc@