FreshBSD

   Explain the ASCII rendering of single quotes because that repeatedly
   caused confusion in the past.  People plainly do not expect that
   there are limits to the compatibility between Unicode and ASCII,
   but there are.

   The information belongs here and not into mandoc_char(7) because
   it explains how the specific output device (-T ascii) works and
   because it has nothing to do with the question of how characters
   are represented on the input side.

   Remove temporary gotos.

   In the case of a dummy CCS or post-handshake handshake message, return
   TLS13_WANT_POLLIN rather than using a goto internally. This allows the
   caller to retry at an appropriate time and reduces the complexity within
   the record layer.

   ok beck@ tb@

   Set BIO retry on TLS13_IO_WANT_POLLIN/TLS13_IO_WANT_POLLOUT.

   In most cases a TLS13_IO_WANT_POLLIN or TLS13_IO_WANT_POLLOUT will have
   bubbled up from the wire callbacks, in which case the BIO retry flag will
   already be set. However, if we return TLS13_IO_WANT_POLLIN or
   TLS13_IO_WANT_POLLOUT from a higher layer the BIO retry flag will not be
   set and that will cause SSL_get_error() to return SSL_ERROR_SYSCALL rather
   than the intended SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE.

   ok beck@ tb@

   Correct comment on delete_addresses() return value.

   Restore pre-a2k19 behaviour of clearing out all existing addresses
   when setting new address.

   That change needs specific consideration rather than inadvertant
   inclusion, especially after claiming no functional change was
   being made.

   Change and related problems noted and reversion tested by Kurt
   Mosiejczuk.

   openssh-7.9 accidentally reused the server's algorithm lists in the
   client for KEX, ciphers and MACs. The ciphers and MACs were
   identical between the client and server, but the error accidentially
   disabled the diffie-hellman-group-exchange-sha1 KEX method.

   This fixes the client code to use the correct method list, but
   because nobody complained, it also disables the
   diffie-hellman-group-exchange-sha1 KEX method.

   Reported by nuxi AT vault24.org via bz#2697; ok dtucker

   document pci_mapreg_map and some related functions.

   i couldn't figure out which argument becomes the flags for the
   wrapped call to bus_space_map(9), so i wrote this page so i wouldnt
   have to read the code for this one again.

   ok jmc@ schwarze@ mpi@ deraadt@

   recognise more arm cpus
   ok patrick@

   Update to Unicode 10

   Committing the diff in my tree that matched the version sent by
   Lauri Tirkkonen <lotheac AT iki.fi>

   OK schwarze@

   Improve the X86FixupGadgets pass:
   - Target all four kinds of return bytes (c2, c3, ca, cb)
   - Fix up instructions using both ModR/M and SIB bytes
   - Force alignment before instructions with return bytes in immediates
   - Force alignment before instructions that have return bytes in their encoding
   - Add a command line switch to toggle the functionality.

   ok deraadt@

   For ia32 use a volatile double to force 64 bit rounding.  Otherwise
   the i387 would use its internal 80 bit stack.  This fixes getround()
   on i386.

   remove __BEGIN_DECLS/__END_DECLS, this .h file wont be
   read by a C++ compiler, and __* are no lonmger recommended.
   https://www.gnu.org/software/libtool/manual/html_node/C-header-files.html
   ok deraadt@

   Allow ssdfb(4) to be mmap(2)-able so that we can use its framebuffer
   from the userland.  Also allow changing the brightness levels so that
   it can even be turned off to save power and to prevent burn in.

   at some point the uvm_km_thread learned to free memory, but the comment
   was never updated.
   from Amit Kulkarni

   errror -> error in log messages; from alessandro gallo

   perform removal of agent-forwarding directory in forward setup error
   path with user's privileged. This is a no-op as this code always runs
   with user privilege now that we no longer support running sshd with
   privilege separation disabled, but as long as the privsep skeleton is
   there we should follow the rules.

   bz#2969 with patch from Erik Sjölund

   Test that all supported TLS ciphers actually work.  Establish
   connections between client and server implemented with LibreSSL or
   OpenSSL with a fixed cipher on each side.  Check the used cipher
   in the session print out.

   Transfers that span multiple TRBs which wrap around the ring and
   thus have the Link TRB inbetween must have the Chain Bit set in the
   Link TRB.  Otherwise xHCI controllers might think that the transfer
   ends at that point.

   Fixes an issue that was most prominently seen as Invalid CSW error
   when using umass0 on octeon and i.MX8M.

   Tested by visa@
   ok mpi@

   kristaps f18392f58d1f0bc72917e3ac3a46be74c194688d
   Document that the gid/uid list may be empty. Fixes
   https://github.com/kristapsdz/openrsync/issues/10

   kristaps cbe83cd64f40e634dbc22d3f2918c41977a6514d
   If we don't get a uid/gid map, such as with an rsync:// address, we
   might not be able to map.  So fall back on numeric ids.

   kristaps 7721288a1d170f4d789bf7a7b822f14f91f7bcb9

   In order for GPL rsync(1) to work with --delete when openrsync is a
   remote sender, we need to set the FLIST_TOP_LEVEL bit for all
   top-level directories. This is because the GPL rsync(1) uses this bit
   to determine which directories to scan for files for deletion.

   kristaps 156cf3b7d459efe133d603158fc33c243dc07ba0
   Use style(9) for bit

   kristaps 97df28257f3cc5faae8072fbadbc334a57a4e8a7
   Remove another potential deadlock when in sender mode with
   multiplexing enabled.

   kristaps b1c688cad9f544a59b871c9984888cb1a3ae11e4
   Avoid crash when -n is specified.

   kristaps acb8f263717f27691f0318d4b7154f854b7206b3

   As found by benno@, if --numeric-ids is passed in, rsync does not send
   or receive the uid/gid lists at all.  This also means that we need not
   process the lists, as we're simply going to copy around the same
   value.

   implement --numeric-ids, tweaked by kristaps

   a handful of new tests related to expr.c rev. 1.34

   Consume one leading space with %e iff given

   Since strftime(3)'s %e conversion specification preceeds single digits by a
   blank, do the converse here to allow safe data round trips through these
   functions with the same format string.

   Positive feedback tedu deraadt,
   OK millert jca

   Remove the #ifdef i386 special test, it does not compile there.

   Replace the print "not ok" with an assert macro.  This is consistent
   to the other tests and causes a regress fail.  Fix RCS Id.
   from Moritz Buhl

   Wire up alert handling for TLSv1.3.

   In TLSv1.3 there are two types of alerts "closure alerts" and
   "error alerts". This makes the record layer more strict and handles closure
   of the read and write channels. The callback then handles the record layer to
   SSL mapping/behaviour.

   ok tb@

   Change the alert callback return type from int to void.

   There is nothing for the handler to really signal, since it cannot change
   the fact that we received an alert. While here use TLS13_IO_FAILURE instead
   of hardcoding -1.

   ok tb@

   Fix a few cases where int was used instead of ssize_t.

   If sysctl(8) was compiled with an obsolete struct sensordev size,
   it could get stuck in an endless loop.  After sensors sysctl(2)
   fails, do not continue using uninitialized memory.  Catch the error,
   print a warning, and skip the sensors.
   OK benno@ visa@ deraadt@

   Link msun regress to build.

   Copy tests for our libm implementation from FreeBSD.  Only passing
   tests are included, the others need some fixes in the library first.
   Hopefully these tests will help us to find compiler bugs earlier.
   from Moritz Buhl

   Compute params of shrunk partition and not of resized one; ok krw@

   type is not used here. Still keep a comment around to keep the code
   similar to all other attr parsers.

   Adjust bgpctl to the new ctl_show_interface struct that is sent instead of
   the system specific struct kif. Makes this code a lot more portable but
   still prints the same info in the same way.
   OK sthen@

   Media and link states are highly OS dependent, to make porting easier
   export the interface info in a way that does not need OS specific functions
   to print it. Link state and media are now strings that are set by bgpd.
   bgpctl can just print them. Move get_linkstate and get_media_descr to
   kroute.c where all other system specific stuff is.
   OK sthen@

   Use reallocarray in place of malloc(a * b) to handle possible
   overflow in multiplication of malloc argument.

   Cortex A76 is not affected by spectre variant 2 branch target injection
   attacks described in CVE-2017-5715 and ATF does not implement a
   workaround for Cortex A76.

   get rid of atomic_foo ops in the tx start and completion paths.

   atomics were used to coordinate updates to the number of available
   slots on the tx ring. start would use what was available, and txeof
   (completion) would add back freed slots. start and completion
   update a producer and consumer index respectively, so we can use
   those with the size of the ring to calculate space instead.

   while here i simplified what txeof does a fair bit, which combined
   with the removal of the atomics gives us a bit of a speed improvement.
   hrvoje popovski reports up to a 20% improvement in one environment,
   but 5 to 10 is probably more realistic.

   ive had this in a tree since 2017, but mpi's "Faster vlan(4)
   forwarding?" post made me dig it out and clean it up.

   ok jmatthew@

   When evaluating an arithmetical expression, for example inside $(()),
   never do substitution (neither parameter, nor command, nor arithmetic,
   nor tilde substitution) on the values of any variables encountered
   inside the expression, but do recursively perform arithmetical
   evaluation of subexpressions as required.  This makes behaviour
   more consistent, without hindering any behaviour promised in the
   manual page.

   A quirk originally reported by Andy Chu <andychup at gmail dot com>
   was that in the past, when encountering an array index, the shell
   would not only do evaluation, but also substitution on the array
   index, even though substitution would not be done on the expression
   in general.

   tobias@ contributed to initial efforts of understanding the quirk.
   patch tested in a bulk build by naddy@
   "please commit" deraadt@

   Add a test that catches problems of tcp md5 signatures, like the one
   fixed in bgpd/pfkey.c rev 1.54 by claudio.

   Tweak previous, use the same wording everywhere

   ok deraadt@

   When adding a wsmux device to an existing wsmux device using
   ioctl(WSMUXIO_ADD_DEVICE), two distinct locks of the same type are
   acquired. Thus, witness will emit warning. Since acquiring two different
   locks of the same type is harmless in this context, relax the witness
   check by flagging the locks as RWL_DUPOK.

   ok visa@

   Reported-by: syzbot+249e483406a1f7843915 at syzkaller.appspotmail.com

   fix attribute name

   Protect the hash table with a mutex.

   inputs & ok visa@

   Forgot to set the sockaddr length field which is mandatory on the pfkey socket.
   Fixes tcp-md5 issues noticed by benno@, OK benno@