Drop -O[01] hacks for vax; no longer necessary for patched GCC 10

PR port-vax/57646: Import major vax toolchain fix by Kalvis Duckmanton

XXXRO: GCC 12 may require hacks for a while, but it turned out that
GCC 12 should be treated differently from older versions; a lot of new
files need -O[01] flags, while some may no longer require it.

I will take a look later.

Note that these hacks are not required if Kalvis's patches for GCC 12
are applied.

Keep doc/HACKS entries for a while (will be sync with update for GCC 12).

diff --git a/crypto/external/bsd/openssh/lib/Makefile b/crypto/external/bsd/openssh/lib/Makefile
index 96a93f5e396..4e38be1b642 100644
--- a/crypto/external/bsd/openssh/lib/Makefile
+++ b/crypto/external/bsd/openssh/lib/Makefile
@@ -117,12 +117,6 @@ COPTS.${f}.c+= -Wno-pointer-sign
# XXX
COPTS.channels.c+= -fno-strict-aliasing

-# XXX
-.if ${MACHINE} == "vax"
-COPTS.poly1305.c+= -O0
-COPTS.umac.c+= -O0
-.endif
-
COPTS.hostfile.c+= ${CC_WNO_FORMAT_TRUNCATION}
COPTS.sshkey.c+= ${CC_WNO_FORMAT_TRUNCATION}
COPTS.cipher.c+= -Wno-error=deprecated-declarations
diff --git a/distrib/utils/x_ping/Makefile b/distrib/utils/x_ping/Makefile
index f1c452a0d60..8ee77580a3f 100644
--- a/distrib/utils/x_ping/Makefile
+++ b/distrib/utils/x_ping/Makefile
@@ -12,10 +12,6 @@ CPPFLAGS+= -I${SRCDIR} -DCRUNCHOPS
DPADD= ${LIBM}
LDADD= -lm

-.if ${MACHINE_ARCH} == "vax"
-COPTS.ping.c=-O0
-.endif
-
.include <bsd.prog.mk>

.PATH: ${SRCDIR}
diff --git a/external/apache2/argon2/lib/libargon2/Makefile.inc b/external/apache2/argon2/lib/libargon2/Makefile.inc
index d3f4470c6c7..6a1dd146d7d 100644
--- a/external/apache2/argon2/lib/libargon2/Makefile.inc
+++ b/external/apache2/argon2/lib/libargon2/Makefile.inc
@@ -16,7 +16,3 @@ CFLAGS+= -pthread
LDADD+=-lpthread
DPADD+=${LIBPTHREAD}
.endif
-
-.if ${MACHINE} == "vax"
-COPTS.blake2b.c+= -O0
-.endif
diff --git a/external/bsd/jemalloc/lib/Makefile.inc b/external/bsd/jemalloc/lib/Makefile.inc
index 2f524358f46..d5da774f293 100644
--- a/external/bsd/jemalloc/lib/Makefile.inc
+++ b/external/bsd/jemalloc/lib/Makefile.inc
@@ -53,12 +53,6 @@ COPTS.ctl.c+=-Wno-error=stack-protector
COPTS.stats.c+=-Wno-error=stack-protector
COPTS.tcache.c+=-Wno-error=stack-protector

-.if ${MACHINE_ARCH} == "vax"
-# in merge_overlapping_regs, at regrename.c
-COPTS.arena.c+=-O0
-COPTS.extent.c+=-O0
-.endif
-
SRCS+=${JEMALLOC_SRCS}

jemalloc.d jemalloc.pico jemalloc.o jemalloc.ln jemalloc.po jemalloc.go: \
diff --git a/external/bsd/mdocml/lib/libmandoc/Makefile b/external/bsd/mdocml/lib/libmandoc/Makefile
index 40d7e29ae88..dfd3077a2c7 100644
--- a/external/bsd/mdocml/lib/libmandoc/Makefile
+++ b/external/bsd/mdocml/lib/libmandoc/Makefile
@@ -39,11 +39,6 @@ tbl_opts.c

MAN= mandoc.3

-# XXX
-.if ${MACHINE} == "vax"
-COPTS.mdoc_macro.c+=-O0
-.endif
-
COPTS.man_validate.c+=-Wno-error=array-bounds

.include <bsd.lib.mk>
diff --git a/external/gpl3/binutils.old/lib/libbfd/Makefile b/external/gpl3/binutils.old/lib/libbfd/Makefile
index 03477232b55..74a354532fa 100644
--- a/external/gpl3/binutils.old/lib/libbfd/Makefile
+++ b/external/gpl3/binutils.old/lib/libbfd/Makefile
@@ -41,10 +41,6 @@ CPPFLAGS+= -I${.CURDIR}/arch/${BFD_MACHINE_ARCH} -I${DIST}/include -I. \
-DDEBUGDIR=\"${DEBUGDIR}\" -DLIBDIR=\"${LIBDIR}\" \
-DBINDIR=\"${BINDIR}\"

-.if (${BFD_MACHINE_ARCH} == "vax")
-CPPFLAGS.elf.c += -O0
-.endif
-
COPTS.pei-x86_64.c+= -Wno-stack-protector
COPTS.elfxx-mips.c+= -Wno-stack-protector
COPTS.elf.c+= ${${ACTIVE_CC} == "gcc" && ${HAVE_GCC:U0} >= 10:? -Wno-overflow :}
diff --git a/external/gpl3/binutils/lib/libbfd/Makefile b/external/gpl3/binutils/lib/libbfd/Makefile
index 00cb2b20081..a3f0c25fd35 100644
--- a/external/gpl3/binutils/lib/libbfd/Makefile
+++ b/external/gpl3/binutils/lib/libbfd/Makefile
@@ -41,10 +41,6 @@ CPPFLAGS+= -I${.CURDIR}/arch/${BFD_MACHINE_ARCH} -I${DIST}/include -I. \
-DDEBUGDIR=\"${DEBUGDIR}\" -DLIBDIR=\"${LIBDIR}\" \
-DBINDIR=\"${BINDIR}\"

-.if (${BFD_MACHINE_ARCH} == "vax")
-CPPFLAGS.elf.c += -O0
-.endif
-
COPTS.pei-x86_64.c+= -Wno-stack-protector
COPTS.elfxx-mips.c+= -Wno-stack-protector
COPTS.elf.c+= ${${ACTIVE_CC} == "gcc" && ${HAVE_GCC:U0} >= 10:? -Wno-overflow :}
diff --git a/external/gpl3/gcc.old/lib/Makefile.sanitizer b/external/gpl3/gcc.old/lib/Makefile.sanitizer
index efd36ae4bee..5173a5109a0 100644
--- a/external/gpl3/gcc.old/lib/Makefile.sanitizer
+++ b/external/gpl3/gcc.old/lib/Makefile.sanitizer
@@ -88,22 +88,3 @@ COPTS+=-fno-builtin -fno-exceptions -fno-rtti -funwind-tables

# Can't profile without it`
#-fomit-frame-pointer
-
-.if ${MACHINE_ARCH} == "vax"
-COPTS.sanitizer_allocator.cc += -O1
-COPTS.sanitizer_common.cc += -O1
-COPTS.sanitizer_common_libcdep.cc += -O1
-COPTS.sanitizer_coverage_libcdep.cc += -O1
-COPTS.sanitizer_coverage_mapping_libcdep.cc += -O1
-COPTS.sanitizer_deadlock_detector1.cc += -O1
-COPTS.sanitizer_mac.cc += -O1
-COPTS.sanitizer_netbsd.cc += -O1
-COPTS.sanitizer_posix.cc += -O1
-COPTS.sanitizer_printf.cc += -O1
-COPTS.sanitizer_procmaps_common.cc += -O1
-COPTS.sanitizer_stackdepot.cc += -O1
-COPTS.sanitizer_symbolizer_libcdep.cc += -O1
-COPTS.sanitizer_symbolizer_report.cc += -O1
-COPTS.ubsan_diag.cc += -O1
-COPTS.ubsan_init.cc += -O1
-.endif
diff --git a/external/gpl3/gcc.old/lib/libasan/Makefile b/external/gpl3/gcc.old/lib/libasan/Makefile
index 1e6f9608abe..3da7bbf2f58 100644
--- a/external/gpl3/gcc.old/lib/libasan/Makefile
+++ b/external/gpl3/gcc.old/lib/libasan/Makefile
@@ -49,14 +49,6 @@ LIBDPLIBS+= m ${NETBSDSRCDIR}/lib/libm
LIBDPLIBS+= pthread ${NETBSDSRCDIR}/lib/libpthread
CPPFLAGS+=-DCAN_SANITIZE_UB=0

-.if ${MACHINE_ARCH} == "vax"
-COPTS.asan_allocator.cc += -O1
-COPTS.asan_report.cc += -O1
-COPTS.sanitizer_file.cc += -O1
-COPTS.ubsan_diag.cc += -O1
-COPTS.ubsan_init.cc += -O1
-.endif
-
.if ${MACHINE_ARCH} == "mipsel" || ${MACHINE_ARCH} == "mipseb"
COPTS.asan_interceptors.cc += -O1
.endif
diff --git a/external/gpl3/gcc.old/lib/liblsan/Makefile b/external/gpl3/gcc.old/lib/liblsan/Makefile
index 4578544a9a8..ddb7981077c 100644
--- a/external/gpl3/gcc.old/lib/liblsan/Makefile
+++ b/external/gpl3/gcc.old/lib/liblsan/Makefile
@@ -16,11 +16,6 @@ LSAN_SRCS+= \
lsan_linux.cc \
lsan_thread.cc

-.if ${MACHINE_ARCH} == "vax"
-COPTS.lsan_allocator.cc += -O1
-COPTS.sanitizer_file.cc += -O1
-.endif
-
LIB= lsan
SRCS+= ${LSAN_SRCS}
LIBDPLIBS+= m ${NETBSDSRCDIR}/lib/libm
diff --git a/external/gpl3/gcc.old/lib/libubsan/Makefile b/external/gpl3/gcc.old/lib/libubsan/Makefile
index 2e2faca7b1c..9de82550d14 100644
--- a/external/gpl3/gcc.old/lib/libubsan/Makefile
+++ b/external/gpl3/gcc.old/lib/libubsan/Makefile
@@ -26,10 +26,6 @@ UBSAN_SRCS= \
COPTS.${_s}.cc+=-frtti
.endfor

-.if ${MACHINE_ARCH} == "vax"
-COPTS.sanitizer_file.cc += -O1
-.endif
-
LIB= ubsan
SRCS+= ${UBSAN_SRCS}
LIBDPLIBS+= m ${NETBSDSRCDIR}/lib/libm
diff --git a/external/gpl3/gcc.old/usr.bin/cc1/Makefile b/external/gpl3/gcc.old/usr.bin/cc1/Makefile
index c55e292ee8e..ff12a5be524 100644
--- a/external/gpl3/gcc.old/usr.bin/cc1/Makefile
+++ b/external/gpl3/gcc.old/usr.bin/cc1/Makefile
@@ -46,17 +46,6 @@ CPPFLAGS.default-c.c+= -I${BACKENDOBJ}
BUILDSYMLINKS+= ${GNUHOSTDIST}/gcc/config/sh/sh-c.cc sh-c.c
.endif

-.if ${MACHINE_CPU} == "vax"
-COPTS.c-decl.c+=-O0
-COPTS.c-typeck.c+=-O0
-COPTS.c-array-notation.c+=-O0
-COPTS.c-common.c+=-O0
-COPTS.c-ada-spec.c+=-O0
-COPTS.cilk.c+=-O0
-COPTS.c-ubsan.c+=-O0
-COPTS.cc1-checksum.c+=-O0
-.endif
-
.if ${MACHINE_ARCH} == "mipseb" || ${MACHINE_ARCH} == "mipsel"
COPTS.c-common.c+=-O3
.endif
diff --git a/external/gpl3/gcc.old/usr.bin/cc1obj/Makefile b/external/gpl3/gcc.old/usr.bin/cc1obj/Makefile
index 3123ee0d60b..aab82ad3448 100644
--- a/external/gpl3/gcc.old/usr.bin/cc1obj/Makefile
+++ b/external/gpl3/gcc.old/usr.bin/cc1obj/Makefile
@@ -44,16 +44,8 @@ COPTS.objc-act.c+= -Wno-stack-protector
COPTS.objc-gnu-runtime-abi-01.c+= -Wno-stack-protector
COPTS.objc-next-runtime-abi-01.c+= -Wno-stack-protector

-.if ${MACHINE_ARCH} == "vax"
-COPTS.c-decl.c+=-O0
-COPTS.c-typeck.c+=-O0
-COPTS.c-array-notation.c+=-O0
-COPTS.c-common.c+=-O0
-COPTS.c-ada-spec.c+=-O0
-COPTS.cilk.c+=-O0
-COPTS.c-ubsan.c+=-O0
-COPTS.cc1obj-checksum.c+=-O0
-.endif
+COPTS.c-cppbuiltin.c+= ${${ACTIVE_CC} == "gcc" && ${HAVE_GCC:U0} == 8:? -Wno-error=format-overflow :}
+COPTS.c-typeck.c+= ${${ACTIVE_CC} == "gcc" && ${HAVE_GCC:U0} == 8:? -Wno-error=format-overflow :}

.if ${MACHINE_ARCH} == "mipseb" || ${MACHINE_ARCH} == "mipsel"
COPTS.c-common.c+=-O3
diff --git a/external/gpl3/gcc.old/usr.bin/cc1objplus/Makefile b/external/gpl3/gcc.old/usr.bin/cc1objplus/Makefile
index b9c108251c5..e04e8fc7f53 100644
--- a/external/gpl3/gcc.old/usr.bin/cc1objplus/Makefile
+++ b/external/gpl3/gcc.old/usr.bin/cc1objplus/Makefile
@@ -69,18 +69,6 @@ COPTS.objc-act.c+= -Wno-stack-protector
COPTS.objc-gnu-runtime-abi-01.c+= -Wno-stack-protector
COPTS.objc-next-runtime-abi-01.c+= -Wno-stack-protector

-.if ${MACHINE_ARCH} == "vax"
-COPTS.c-decl.c+=-O0
-COPTS.c-typeck.c+=-O0
-COPTS.c-array-notation.c+=-O0
-COPTS.c-common.c+=-O0
-COPTS.c-ada-spec.c+=-O0
-COPTS.cilk.c+=-O0
-COPTS.c-ubsan.c+=-O0
-COPTS.cc1obj-checksum.c+=-O0
-COPTS.decl.c+=-O0
-.endif
-
.if ${MACHINE_ARCH} == "mipseb" || ${MACHINE_ARCH} == "mipsel"
COPTS.c-common.c+=-O3
.endif
diff --git a/external/gpl3/gcc.old/usr.bin/cc1plus/Makefile b/external/gpl3/gcc.old/usr.bin/cc1plus/Makefile
index 7936efd3a5e..7c54559e21a 100644
--- a/external/gpl3/gcc.old/usr.bin/cc1plus/Makefile
+++ b/external/gpl3/gcc.old/usr.bin/cc1plus/Makefile
@@ -31,23 +31,6 @@ CHECKSUM_OBJS= ${LIBBACKTRACEOBJ}/libbacktrace.a \

CFLAGS+= -Wno-error=stack-protector

-.if ${MACHINE_ARCH} == "vax"
-COPTS.call.c+=-O0
-COPTS.decl.c+=-O0
-COPTS.typeck2.c+=-O0
-COPTS.class.c+=-O0
-COPTS.typeck.c+=-O0
-COPTS.init.c+=-O0
-COPTS.semantics.c+=-O0
-COPTS.mangle.c+=-O0
-COPTS.constexpr.c+=-O0
-COPTS.c-common.c+=-O0
-COPTS.c-ada-spec.c+=-O0
-COPTS.cilk.c+=-O0
-COPTS.c-ubsan.c+=-O0
-COPTS.cc1plus-checksum.c+=-O0
-.endif
-
.if ${MACHINE_ARCH} == "mipseb" || ${MACHINE_ARCH} == "mipsel"
COPTS.c-common.c+=-O3
.endif
diff --git a/external/gpl3/gcc.old/usr.bin/gcc/Makefile b/external/gpl3/gcc.old/usr.bin/gcc/Makefile
index 7a66d77ffc7..a5a4b1c3adf 100644
--- a/external/gpl3/gcc.old/usr.bin/gcc/Makefile
+++ b/external/gpl3/gcc.old/usr.bin/gcc/Makefile
@@ -25,9 +25,6 @@ ${SRCS}: ${GCCARCH}/defs.mk
.include <bsd.info.mk>

COPTS.gcc.c= -Wno-stack-protector
-.if ${MACHINE_ARCH} == "vax"
-COPTS.dse.c= -O1
-.endif

.PATH: ${DIST}/gcc ${DIST}/gcc/doc ${DIST}/gcc/c

diff --git a/external/gpl3/gcc.old/usr.bin/libdecnumber/Makefile b/external/gpl3/gcc.old/usr.bin/libdecnumber/Makefile
index 751d1513eec..33aeb1c9898 100644
--- a/external/gpl3/gcc.old/usr.bin/libdecnumber/Makefile
+++ b/external/gpl3/gcc.old/usr.bin/libdecnumber/Makefile
@@ -14,10 +14,6 @@ SRCS= decNumber.c decContext.c decimal32.c decimal64.c decimal128.c
CPPFLAGS+= -I${.CURDIR}/arch/${GCC_MACHINE_ARCH} -I${DIST}/libdecnumber
CPPFLAGS+= -I${DIST}/libgcc

-.if ${MACHINE_ARCH} == "vax"
-COPTS.decNumber.c=-O0
-.endif
-
.include <bsd.lib.mk>

# Force using C++ for this
diff --git a/external/gpl3/gcc.old/usr.bin/lto-dump/Makefile b/external/gpl3/gcc.old/usr.bin/lto-dump/Makefile
index 90f44a9fcf6..fd251464fb7 100644
--- a/external/gpl3/gcc.old/usr.bin/lto-dump/Makefile
+++ b/external/gpl3/gcc.old/usr.bin/lto-dump/Makefile
@@ -24,11 +24,6 @@ COPTS.lto-common.c+= -Wno-stack-protector
.include "../Makefile.backtrace"
.include "../Makefile.libdecnumber"

-.if ${MACHINE_ARCH} == "vax"
-COPTS.lto-lang.c+=-O0
-COPTS.lto-symtab.c+=-O0
-.endif
-
LDADD+= ${LIBIBERTY} ${LIBMPC} ${LIBMPFR} ${LIBGMP} -lintl -lz -lm
DPADD+= ${LIBIBERTY} ${LIBMPC} ${LIBMPFR} ${LIBGMP} ${LIBINTL} ${LIBZ} ${LIBM}

diff --git a/external/gpl3/gcc.old/usr.bin/lto1/Makefile b/external/gpl3/gcc.old/usr.bin/lto1/Makefile
index 4c49161a64c..340d3c6124f 100644
--- a/external/gpl3/gcc.old/usr.bin/lto1/Makefile
+++ b/external/gpl3/gcc.old/usr.bin/lto1/Makefile
@@ -21,11 +21,6 @@ COPTS.lto-common.c+= -Wno-stack-protector
.include "../Makefile.libcpp"
.include "../Makefile.libdecnumber"

-.if ${MACHINE_ARCH} == "vax"
-COPTS.lto-lang.c+=-O0
-COPTS.lto-symtab.c+=-O0
-.endif
-
LDADD+= ${LIBIBERTYOBJ}/libiberty.a
DPADD+= ${LIBIBERTYOBJ}/libiberty.a
LDADD+= ${LIBIBERTY} ${LIBMPC} ${LIBMPFR} ${LIBGMP} -lintl -lz -lm
diff --git a/external/gpl3/gdb.old/lib/libdecnumber/Makefile b/external/gpl3/gdb.old/lib/libdecnumber/Makefile
index bcd4ae5b222..ce28811526b 100644
--- a/external/gpl3/gdb.old/lib/libdecnumber/Makefile
+++ b/external/gpl3/gdb.old/lib/libdecnumber/Makefile
@@ -18,10 +18,6 @@ CPPFLAGS+= -I${.CURDIR}/arch/${GDB_MACHINE_ARCH} \

SRCS= ${G_OBJS:.o=.c} ${G_SOURCES}

-.if ${MACHINE_ARCH} == "vax"
-COPTS.decNumber.c=-O0
-.endif
-
.PATH: ${DIST}/libdecnumber ${DIST}/libdecnumber/dpd

.include <bsd.lib.mk>
diff --git a/external/gpl3/gdb/lib/libdecnumber/Makefile b/external/gpl3/gdb/lib/libdecnumber/Makefile
index c95d36e3dfa..e3169865304 100644
--- a/external/gpl3/gdb/lib/libdecnumber/Makefile
+++ b/external/gpl3/gdb/lib/libdecnumber/Makefile
@@ -18,10 +18,6 @@ CPPFLAGS+= -I${.CURDIR}/arch/${GDB_MACHINE_ARCH} \

SRCS= ${G_OBJS:.o=.c} ${G_SOURCES}

-.if ${MACHINE_ARCH} == "vax"
-COPTS.decNumber.c=-O0
-.endif
-
.PATH: ${DIST}/libdecnumber ${DIST}/libdecnumber/dpd ${DIST}/libdecnumber/bid

.include <bsd.lib.mk>
diff --git a/external/gpl3/gdb/lib/libgdb/Makefile b/external/gpl3/gdb/lib/libgdb/Makefile
index b87a515d13a..c118c363975 100644
--- a/external/gpl3/gdb/lib/libgdb/Makefile
+++ b/external/gpl3/gdb/lib/libgdb/Makefile
@@ -66,12 +66,6 @@ CFLAGS:= ${CXXFLAGS} -std=gnu++17 -Wno-error=stack-protector

ada-exp.c: ada-lex.c

-.if ${MACHINE} == "vax"
-. if ${ACTIVE_CC} == "gcc" && ${HAVE_GCC:U0} >= 8
-COPTS.read.c+= -O0
-. endif
-.endif
-
# These are generated by implicit rules and are not easy to generate
CLEANDIRFILES+= \
ada-exp.c ada-lex.c \
diff --git a/external/mit/xorg/lib/gallium.old/Makefile b/external/mit/xorg/lib/gallium.old/Makefile
index 55b2fe3d1c1..bfa40c8974f 100644
--- a/external/mit/xorg/lib/gallium.old/Makefile
+++ b/external/mit/xorg/lib/gallium.old/Makefile
@@ -1211,10 +1211,6 @@ SYMLINKS+= gallium_dri.so.${SHLIB_MAJOR}.debug ${DRIDEBUGDIR}/${_d}_dri.so.${SHL
COPTS+= ${${ACTIVE_CC} == "clang":? -Wa,-Av8plus :}
.endif

-.if ${MACHINE_ARCH} == "vax"
-COPTS.nir.c += -O1
-.endif
-
# XXXGCC12
.if ${MACHINE_ARCH} == "m68k"
COPTS.st_glsl_to_tgsi.cpp += -O1
diff --git a/external/mit/xorg/lib/gallium/Makefile b/external/mit/xorg/lib/gallium/Makefile
index 6778a8c11c8..9f1422080fe 100644
--- a/external/mit/xorg/lib/gallium/Makefile
+++ b/external/mit/xorg/lib/gallium/Makefile
@@ -1428,10 +1428,6 @@ SYMLINKS+= gallium_dri.so.${SHLIB_MAJOR}.debug ${DRIDEBUGDIR}/${_d}_dri.so.${SHL
COPTS+= ${${ACTIVE_CC} == "clang":? -Wa,-Av8plus :}
.endif

-.if ${MACHINE_ARCH} == "vax"
-COPTS.nir.c += -O1
-.endif
-
COPTS.u_atomic.c+= ${${ACTIVE_CC} == "gcc" && ${HAVE_GCC:U0} >= 10:? -Wno-builtin-declaration-mismatch :}

.include <bsd.lib.mk>
diff --git a/external/mit/xorg/lib/libX11/Makefile.libx11 b/external/mit/xorg/lib/libX11/Makefile.libx11
index e103d9ace12..0e55c2a4732 100644
--- a/external/mit/xorg/lib/libX11/Makefile.libx11
+++ b/external/mit/xorg/lib/libX11/Makefile.libx11
@@ -471,11 +471,6 @@ COPTS.OpenDis.c+= -Wno-error # XXX xf86bigfstr.h
COPTS.XlibInt.c+= -Wno-error # XXX xcmiscstr.h
COPTS.XKBBind.c+= -Wno-deprecated-declarations # uses XKeycodeToKeysym

-# XXX
-.if ${MACHINE} == "vax"
-COPTS.lcWrap.c+= -O0
-.endif
-
CWARNFLAGS.clang+= -Wno-string-plus-int

.include "${NETBSDSRCDIR}/external/mit/xorg/tools/makekeys/Makefile.makekeys"
diff --git a/games/gomoku/Makefile b/games/gomoku/Makefile
index e86a63aaea7..678537066ed 100644
--- a/games/gomoku/Makefile
+++ b/games/gomoku/Makefile
@@ -9,10 +9,6 @@ LDADD= -lcurses -lterminfo
HIDEGAME=hidegame
CPPFLAGS+= ${DEBUG:D-DDEBUG}

-.if ${MACHINE} == "vax"
-COPTS.pickmove.c += -O0
-.endif
-
#WARNS= 6 # would produce warnings about small integer types
LINTFLAGS+= -w # treat warnings as errors
LINTFLAGS+= -T # strict bool mode
diff --git a/games/phantasia/Makefile b/games/phantasia/Makefile
index e9c53f23ae5..b919dac17c6 100644
--- a/games/phantasia/Makefile
+++ b/games/phantasia/Makefile
@@ -52,7 +52,3 @@ map: map.c
./map | plot > /dev/tty

.include <bsd.prog.mk>
-
-.if defined(HAVE_GCC) && ${MACHINE_ARCH} == "vax"
-COPTS.misc.c+= -O0
-.endif
diff --git a/lib/i18n_module/UTF7/Makefile b/lib/i18n_module/UTF7/Makefile
index 712c1515d42..7136f7f0cc3 100644
--- a/lib/i18n_module/UTF7/Makefile
+++ b/lib/i18n_module/UTF7/Makefile
@@ -3,6 +3,3 @@
SRCPRE=citrus_
.include <bsd.lib.mk>

-.if ${MACHINE_ARCH} == "vax" && defined(HAVE_GCC)
-COPTS.citrus_utf7.c+= -O0
-.endif
diff --git a/lib/libbz2/Makefile b/lib/libbz2/Makefile
index b2aea1e04b0..e60a2862d48 100644
--- a/lib/libbz2/Makefile
+++ b/lib/libbz2/Makefile
@@ -15,11 +15,6 @@ SRCS= blocksort.c huffman.c crctable.c randtable.c compress.c \
INCS= bzlib.h
INCSDIR= /usr/include

-# XXX huffman.c gets mis-compiled with 2.95.3
-.if ${MACHINE_ARCH} == "vax"
-COPTS+= -O0
-.endif
-
COPTS+= ${CC_WNO_IMPLICIT_FALLTHROUGH}

# XXX blocksort.c gets mis-compiled with 4.1
diff --git a/lib/libc/gdtoa/Makefile.inc b/lib/libc/gdtoa/Makefile.inc
index 132686fc33d..609da919803 100644
--- a/lib/libc/gdtoa/Makefile.inc
+++ b/lib/libc/gdtoa/Makefile.inc
@@ -44,10 +44,3 @@ SRCS+= dmisc.c \
.if ${MACHINE_ARCH} != "vax"
SRCS+= strtord.c
.endif
-
-# XXX revisit with newer GCC.
-# Ensure numbers like 0xffff319f5fa95963 print correctly
-# ("999999999999999.98", not garbage like "?A>C>@>C:BA;A><.:<")
-.if ${MACHINE_ARCH} == "vax" && defined(HAVE_GCC)
-COPTS.misc.c+= -O0
-.endif
diff --git a/lib/libcrypt/Makefile b/lib/libcrypt/Makefile
index cb3f89d6d09..e9c8be820da 100644
--- a/lib/libcrypt/Makefile
+++ b/lib/libcrypt/Makefile
@@ -30,9 +30,6 @@ SRCS+= crypt-argon2.c
SRCS+= ${src}
COPTS.${src}+= -fvisibility=hidden
. endfor
-. if ${MACHINE} == "vax"
-COPTS.blake2b.c+= -O0
-. endif
.endif

WARNS?= 5
diff --git a/libexec/ld.elf_so/Makefile b/libexec/ld.elf_so/Makefile
index f5baae1e883..24f7e1121e5 100644
--- a/libexec/ld.elf_so/Makefile
+++ b/libexec/ld.elf_so/Makefile
@@ -141,10 +141,6 @@ CPPFLAGS+= -DRTLD_DEFAULT_LIBRARY_PATH=\"${SHLIBDIR}:${LIBDIR}\"
COPTS.rtld.c+= -Wno-stack-protector
COPTS.symbol.c+=-Wno-stack-protector

-.if ${MACHINE_CPU} == "vax"
-COPTS.rtld.c+= -O0
-.endif
-
LDADD+= -Wl,--version-script=${.CURDIR}/symbols.map
LDADD+= -L${CLIBOBJ} -L${DESTDIR}${LIBDIR}
.if ${MKPICLIB} != "no"
diff --git a/sbin/fsck_ffs/Makefile.common b/sbin/fsck_ffs/Makefile.common
index 765638b2801..824e3bf2628 100644
--- a/sbin/fsck_ffs/Makefile.common
+++ b/sbin/fsck_ffs/Makefile.common
@@ -36,7 +36,3 @@ COPTS.ffs_appleufs.c+= -Wno-pointer-sign
.if ${MACHINE_ARCH} == "m68000"
COPTS.pass1.c+= -fno-tree-fre -fno-tree-lrs
.endif
-.if ${MACHINE_ARCH} == "vax"
-COPTS.pass1.c+= -O0
-COPTS.inode.c+= -O0
-.endif
diff --git a/sbin/fsdb/Makefile b/sbin/fsdb/Makefile
index c039f73a1eb..3b0331e5880 100644
--- a/sbin/fsdb/Makefile
+++ b/sbin/fsdb/Makefile
@@ -39,12 +39,6 @@ COPTS.${f}.c+= -Wno-pointer-sign
COPTS.pass1.c+= -fno-tree-fre -fno-tree-lrs
.endif

-.if ${MACHINE_ARCH} == "vax"
-COPTS.pass1.c+= -O0
-COPTS.inode.c+= -O0
-COPTS.fsdb.c+= -O0
-.endif
-
CWARNFLAGS.gcc+= ${CC_WNO_ADDRESS_OF_PACKED_MEMBER}

.include <bsd.prog.mk>
diff --git a/sbin/newfs_ext2fs/Makefile b/sbin/newfs_ext2fs/Makefile
index 40a44b9a038..ecfdbff4d3a 100644
--- a/sbin/newfs_ext2fs/Makefile
+++ b/sbin/newfs_ext2fs/Makefile
@@ -20,8 +20,4 @@ DPADD+=${LIBPROP}

.PATH: ${NETBSDSRCDIR}/sys/ufs/ext2fs ${FSCK}

-.if ${MACHINE_ARCH} == "vax"
-COPTS.mke2fs.c=-O0
-.endif
-
.include <bsd.prog.mk>
diff --git a/sbin/ping/Makefile b/sbin/ping/Makefile
index 4f33501ea7a..1f7f56e3ea5 100644
--- a/sbin/ping/Makefile
+++ b/sbin/ping/Makefile
@@ -12,8 +12,4 @@ CPPFLAGS+= -DIPSEC
LDADD+= -lipsec
DPADD+= ${LIBIPSEC}

-.if ${MACHINE_ARCH} == "vax"
-COPTS.ping.c=-O0
-.endif
-
.include <bsd.prog.mk>
diff --git a/sys/arch/vax/conf/Makefile.vax b/sys/arch/vax/conf/Makefile.vax
index cf095d54a86..c483eaa644a 100644
--- a/sys/arch/vax/conf/Makefile.vax
+++ b/sys/arch/vax/conf/Makefile.vax
@@ -34,7 +34,6 @@ GENASSYM_CONF= ${VAX}/vax/genassym.cf
CPPFLAGS+= -D_VAX_INLINE_
AFLAGS+= -x assembler-with-cpp -fno-pic
CFLAGS+= -fno-pic
-COPTS.wsmux.c+= ${${ACTIVE_CC} == "gcc" && ${HAVE_GCC:U0} >= 9:? -O1 :}


##
diff --git a/sys/lib/libsa/Makefile b/sys/lib/libsa/Makefile
index 718c97ce857..4ef3840c753 100644
--- a/sys/lib/libsa/Makefile
+++ b/sys/lib/libsa/Makefile
@@ -96,7 +96,3 @@ SRCS+= ufs.c
lib${LIB}.o:: ${OBJS:O} __buildstdlib

CPPFLAGS+= -Wno-pointer-sign
-
-.if defined(HAVE_GCC) && ${MACHINE_ARCH} == "vax"
-COPTS.bootp.c+= -O0
-.endif
diff --git a/sys/lib/libz/Makefile b/sys/lib/libz/Makefile
index 6945c0da6c6..61fb7d4f652 100644
--- a/sys/lib/libz/Makefile
+++ b/sys/lib/libz/Makefile
@@ -25,7 +25,3 @@ CLEANFILES+= lib${LIB}.o
.include <bsd.lib.mk>

lib${LIB}.o:: ${OBJS:O} __buildstdlib
-
-.if defined(HAVE_GCC) && ${MACHINE_ARCH} == "vax"
-COPTS.inftrees.c+= -O0
-.endif
diff --git a/sys/modules/lfs/Makefile b/sys/modules/lfs/Makefile
index 962538821a5..ea8f187e160 100644
--- a/sys/modules/lfs/Makefile
+++ b/sys/modules/lfs/Makefile
@@ -18,9 +18,4 @@ SRCS+= ulfs_bmap.c ulfs_dirhash.c ulfs_inode.c ulfs_lookup.c \

WARNS= 3

-.if ${MACHINE} == "vax"
-# GCC 6.5 and 7.4 cannot compile this with -DDIAGNOSTIC and -O2/-O1
-COPTS.lfs_inode.c+= -O0
-.endif
-
.include <bsd.kmodule.mk>
diff --git a/sys/rump/fs/lib/liblfs/Makefile b/sys/rump/fs/lib/liblfs/Makefile
index abade3767d9..68b74c62502 100644
--- a/sys/rump/fs/lib/liblfs/Makefile
+++ b/sys/rump/fs/lib/liblfs/Makefile
@@ -17,9 +17,6 @@ SRCS+= ulfs_bmap.c ulfs_dirhash.c ulfs_extattr.c \


CFLAGS+= -DLFS_KERNEL_RFW
-.if ${MACHINE_ARCH} == "vax"
-COPTS.lfs_inode.c+=-O0
-.endif

.include <bsd.lib.mk>
.include <bsd.klinks.mk>
diff --git a/usr.sbin/mtrace/Makefile b/usr.sbin/mtrace/Makefile
index aef09db6198..9c125c15265 100644
--- a/usr.sbin/mtrace/Makefile
+++ b/usr.sbin/mtrace/Makefile
@@ -12,10 +12,6 @@ PROG= mtrace
SRCS= igmp.c inet.c kern.c mtrace.c
MAN= mtrace.8

-.if ${MACHINE_ARCH} == "vax"
-COPTS.mtrace.c=-O0
-.endif
-
BINMODE=4555
BINOWN= root

diff --git a/external/gpl3/gcc.old/usr.bin/backend/Makefile b/external/gpl3/gcc.old/usr.bin/backend/Makefile
index d69a26fe619..99e881c783d 100644
--- a/external/gpl3/gcc.old/usr.bin/backend/Makefile
+++ b/external/gpl3/gcc.old/usr.bin/backend/Makefile
@@ -533,68 +533,9 @@ COPTS.insn-recog.c+=-Wno-error

.if ${GCC_MACHINE_ARCH} == "vax"
CPPFLAGS+=-I${.CURDIR}/../../lib/libgcc/libgcov/arch/${GCC_MACHINE_ARCH}
-COPTS.builtins.c+=-O0
-COPTS.calls.c+=-O0
-COPTS.convert.c+=-O0
-COPTS.data-streamer-out.c+=-O0
-COPTS.dse.c+=-O0 # XXX port-vax/51967
-COPTS.dwarf2out.c+=-O0
-COPTS.expmed.c+=-O0
-COPTS.expr.c+=-O0 -Wno-error=tautological-compare
-COPTS.fixed-value.c+=-O0
-COPTS.fold-const.c+=-O0
-COPTS.generic-match.c+=-O0
-COPTS.gimple-fold.c+=-O0
-COPTS.gimple-match.c+=-O0
-COPTS.gimple-ssa-strength-reduction.c+=-O0
-COPTS.gimple-ssa-warn-restrict.c+=-O0
-COPTS.gimple.c+=-O0
-COPTS.internal-fn.c+=-O0
-COPTS.lto-streamer-out.c+=-O0
-COPTS.omp-low.c+=-O0
-COPTS.predict.c+=-O0
-COPTS.range-op.cc+=-O0
-COPTS.recog.c+=-O0
-COPTS.sanopt.c+=-O0
-COPTS.stmt.c+=-O0
-COPTS.stor-layout.c+=-O0
-COPTS.targhooks.c+=-O0
-COPTS.tree-affine.c+=-O0
-COPTS.tree-cfg.c+=-O0
-COPTS.tree-data-ref.c+=-O0
-COPTS.tree-eh.c+=-O0
-COPTS.tree-if-conv.c+=-O0
-COPTS.tree-object-size.c+=-O0
-COPTS.tree-parloops.c+=-O0
-COPTS.tree-predcom.c+=-O0
-COPTS.tree-pretty-print.c+=-O0
-COPTS.tree-ssa-alias.c+=-O0
-COPTS.tree-ssa-ccp.c+=-O0
-COPTS.tree-ssa-forwprop.c+=-O0
-COPTS.tree-ssa-loop-ivopts.c+=-O0
-COPTS.tree-ssa-loop-manip.c+=-O0
-COPTS.tree-ssa-loop-niter.c+=-O0
-COPTS.tree-ssa-math-opts.c+=-O0
-COPTS.tree-ssa-phiopt.c+= -O0
-COPTS.tree-ssa-pre.c+=-O0
-COPTS.tree-ssa-reassoc.c+=-O0
-COPTS.tree-ssa-strlen.c+=-O0
-COPTS.tree-ssa-uninit.c+=-O0
-COPTS.tree-ssa.c+=-O0
-COPTS.tree-switch-conversion.c+=-O0
-COPTS.tree-vect-data-refs.c+=-O0
-COPTS.tree-vect-loop-manip.c+=-O0
-COPTS.tree-vect-loop.c+=-O0
-COPTS.tree-vect-patterns.c+=-O0
-COPTS.tree-vect-stmts.c+=-O0
-COPTS.tree-vrp.c+=-O0
-COPTS.tree.c+=-O0
-COPTS.ubsan.c+=-O0
-COPTS.varasm.c+=-O0
-COPTS.vr-values.c+=-O0
-COPTS.web.c+=-O0
-COPTS.wide-int-range.cc+=-O0
-COPTS.wide-int.cc+=-O0
+
+COPTS.expmed.c+=-Wno-error=tautological-compare
+COPTS.expr.c+=-Wno-error=tautological-compare
.else
COPTS.tree.c= ${${ACTIVE_CC} == "clang" :? -O0 :}
.endif

apply ${CC_WNO_STRINGOP_OVERFLOW} for crypt.c.

init_perm() takes a larger array than IE3264[] is, but it doesn't use more
for this instance.

branches: 1.34.2;
PR/56838: David A. Holland: namespace pollution in static libcrypt

Remove the

COPTS.*+= -Wno-error=.*

lines for building argon2 sources, by fixing the problems at source.

Addresses Rin Okuyama's concerns on tech-userlevel/tech-crypto in

Message-ID: <f1eab199-3607-bb05-15cc-033e38721ba4@gmail.com>

libcrypt: Compile with USE_FORT, for this is cryptographic software.

libcrypt: Make Werror-disables for external Argon2 library per-file.

Requested by rin.

libcrypt: fine-grained warnings for argon2, requested by rin

libcrypt: work around compiler bugs to get MKARGON2 working on vax

Fix release builds with MKARGON2=yes

This changes argon2 from a separately built library into a private
dependency of libcrypt and removes the argon2(1) utility (we already
have pwhash(1)). Giving libcrypt more library dependencies
complicates things (e.g. libcrypt is a dependency of openssl).
pthreads support gets disabled in argon2 for similar reasons.

For testing argon2, we rely on the libcrypt test suite.

PR/55095: David A. Holland: pw_gensalt(3) undocumented

adding argon2 support to libcrypt. argon2 user authentication now
available via MKARGON2=yes (3 variants supported; argon2id recommended)
before using, please read argon2 paper at
https://github.com/P-H-C/phc-winner-argon2

branches: 1.25.26;
Silence -Wpointer-sign on crypt-sha1.c.
This requires casts, which is not entirely desirable; however, this way
at least no *more* pointer sign issues can creep in.

Output object files are unchanged on amd64.

branches: 1.24.2;
crypt-sha1.c flags apply to all compilers in the tree, drop conditional.

These directories default to WARNS?=5

branches: 1.22.2;
remove most of the remaining HAVE_GCC tests that are always true in
the modern world.

branches: 1.21.18;
Wrap compiler-specific flags with HAVE_GCC and HAVE_PCC as necessary. Add a few flags for PCC.

Add test for HAVE_PCC with HAVE_GCC which turn off compiler warning flags.

branches: 1.19.18;
gently add some "const", and avoid some casts
compiles with WARNS=4 now (on i386 and alpha)

As discussed back in June, move the implementation of hmac_sha1 here
because this is not a public function and crypt-sha1.c is the only
place where it is used (It must have been that way formerly, because
there was a stale prototype in crypt.h all the time.)
Being here, do some RCSID and prototype cleanup, and add as much "const"
as needed to compile these files with WARNS=3.

sprinkle some -fno-strict-aliasing and -Wno-pointer-sign with GCC4.

Add pw_gensalt, which was taken from pwd_gensalt. This now is used in 3
places, so it might as well be part of libcrypt.

Add support for SHA1 hashed passwords.
The algorithm used is essentially PBKDF1 from RFC 2898 but using
hmac_sha1 rather than SHA1 directly (suggested by smb@research.att.com).

* The format of the encrypted password is:
* $<tag>$<iterations>$<salt>$<digest>
*
* where:
* <tag> is "sha1"
* <iterations> is an unsigned int identifying how many rounds
* have been applied to <digest>. The number
* should vary slightly for each password to make
* it harder to generate a dictionary of
* pre-computed hashes. See crypt_sha1_iterations.
* <salt> up to 64 bytes of random data, 8 bytes is
* currently considered more than enough.
* <digest> the hashed password.

hmac.c implementes HMAC as defined in RFC 2104 and includes a unit
test for both hmac_sha1 and hmac_sha1 using a selection of the Known
Answer Tests from RFC 2202.

It is worth noting that to be FIPS compliant the hmac key (password)
should be 10-20 chars.

hrink the Blowfish routines down to only what we need for __bcrypt(),
and don't export any of the Blowfish functionality outside bcrypt.c.

Explicitly move setting of NOxxx and USE_SHLIBDIR to the top of the
Makefile (before including <bsd.own.mk>)

support bcrypt password. can be chosen by "blowfish" keyword in passwd.conf.
from openbsd

branches: 1.11.2;
* Add user-controlled mk.conf variables
- SHLIBDIR Location to install shared libraries if ${USE_SHLIBDIR}
is "yes". Defaults to "/usr/lib".

- USE_SHLIBDIR If "yes", install shared libraries in ${SHLIBDIR}
instead of ${LIBDIR}. Defaults to "no".
Sets ${_LIBSODIR} to the appropriate value.
This may be set by individual Makefiles as well.

- SHLINKDIR Location of shared linker. Defaults to "/usr/libexec".
If != "/usr/libexec", change the dynamic-linker
encoded in shared programs

* Set USE_SHLIBDIR for libraries used by /bin and /sbin:
libc libcrypt libcrypto libedit libipsec libkvm libm libmi387
libtermcap libutil libz

* If ${_LIBSODIR} != ${LIBDIR}, add symlinks from ${LIBDIR}/${LIB}.so*
to ${_LIBSODIR}/${LIB}.so* for compatibility.

* Always install /sbin/init statically (for now)


The net effect of these changes depends on how the variables are set:

1.) If nothing is set or changed, there is no change from the
current behaviour:
- Static /bin, /sbin, and bits of /usr/*
- Dynamic rest
- Shared linker is /usr/libexec/ld*so

2.) If the following make variables are set:
LDSTATIC=
SHLINKDIR=/lib
SHLIBDIR=/lib
Then the behaviour becomes:
- Dynamic tools
- .so libraries used by /bin and /sbin are installed to /lib,
with symlinks from /usr/lib/lib*so to -> /lib/lib*so
where appropriate
- Shared linker is /lib/ld*so

3.) As per 2.), but add the following variable:
USE_SHLIBDIR=yes
This forces all .so's to be instaleld in /lib (with compat
symlinks), not just those tagged by their Makefiles to be.
Again, compat symlinks are installed

Add __md5crypt(), for internal use by libcrypt. This behaves for the most
part like crypt() but uses a proprietry encryption scheme that utilises MD5.
From FreeBSD via OpenBSD.

branches: 1.9.2;
No longer need the <bsd.crypto.mk> song-and-dance here.

branches: 1.8.6;
optionally include CRYPTOPATH Makefile.frag files.

Use bsd.crypto.mk.

use the (broken) crypt.c from the 4.4BSD-Lite Foreign distribution, that
can encrypt passwords but _cannot_ decrypt anything. "real" (i.e. two-way,
unbroken) crypt() now lives in /usr/src/domestic.

specify man pages the new way.

always create libcrypt, and link with it where necessary. this will
make life with shared libraries happier. also, get dummy crypt out
of libc.

Add RCS identifiers, remove some completely useless RCS logs and patchkit
headers, and a few other insignificant changes.

make makefile do *nothing* for any of the standard cases if crypt.c
doesn't exist.

made libcrypt, so exportable vs. non-exportable packages can be
handled easliy.

branches: 1.1.2;
file Version.map was initially added on branch agc-symver.

libcrypt: Hide more private symbols by default. Fix style.

Revert putting a $ as the final character for blowfish. It is not required by
MCF and we want to be compatible.

Add missing trailing $ for blowfish

Publish explicit_memset and consttime_memequal in userland libc.

Remove the double-underscore from the userland versions, and do the
weak alias dance instead, now that these are public parts of libc.

As discussed on tech-userlevel:

https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
(option 3)

Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.

consttime_memequal is the same as the old consttime_bcmp.
explicit_memset is to memset as explicit_bzero was to bcmp.

Passes amd64 release and i386/ALL, but I'm sure I missed some spots,
so please let me know.

branches: 1.17.2;
Add "consttime_bcmp" and "explicit_bzero" functions for both kernel
abd userland, as proposed on tech-security, with explicit_bzero using
a volatile function pointer as suggested by Alan Barrett.
Both do what the name says. For userland, both are prefixed by "__"
to keep them out of the user namespace.
Change some memset/memcmp uses to the new functions where it makes
sense -- these are just some examples, more to come.

Use C89 functions definitions.
Remove use of __P

clamp length to 72 (73) characters.

- go back to returning NULL, we are going to wrap crypt instead.
- limit length of key to 253 to prevent truncation.

we want to check against "*0" not "*\0"

Instead of returning ":" on error, return "*0" or "*1" which will always result
in logged password entries, even if the calling program decides to blindly
use them. Discussed in: http://www.openwall.com/lists/oss-security/2011/11/15/3

Return ":1" on error instead of ":", so that sloppy password creation programs
don't end up confusing libc or the other way around. From Solar Designer

branches: 1.10.4;
-fix maximum length of salt (missing prefix, rounding error)
-clip number of rounds at 31 -- this is log2 of the real number,
and anything larger would break exponentation
-catch possible atoi() error where log2(rounds) is parsed in the
salt prefix
-zero crypto state on exit
from Open/FreeBSD

gently add some "const", and avoid some casts
compiles with WARNS=4 now (on i386 and alpha)

don't segfault on NULL pointer if number of rounds is
not specified in passwd.conf.

fix compile issue and de-lint

- change the gensalt functions to take an optional string instead of
the number of rounds.
- make pw_gensalt() more generic, so that it does not depend in libutil.

add local prototype for old salt function

Write __gensalt_blowfish function that does not use static storage and
can return an error. Make the old bcrypt_gensalt() function use that.
XXX: should gc bcrypt_gensalt(). What uses it?

branches: 1.3.2;
add __RCSID()

hrink the Blowfish routines down to only what we need for __bcrypt(),
and don't export any of the Blowfish functionality outside bcrypt.c.

support bcrypt password. can be chosen by "blowfish" keyword in passwd.conf.
from openbsd

hrink the Blowfish routines down to only what we need for __bcrypt(),
and don't export any of the Blowfish functionality outside bcrypt.c.

support bcrypt password. can be chosen by "blowfish" keyword in passwd.conf.
from openbsd

Remove leading __ from __(const|inline|signed|volatile) -- it is obsolete.

branches: 1.3.2;
add __RCSID()

hrink the Blowfish routines down to only what we need for __bcrypt(),
and don't export any of the Blowfish functionality outside bcrypt.c.

support bcrypt password. can be chosen by "blowfish" keyword in passwd.conf.
from openbsd

libcrypt: Nix trailing whitespace.

No functional change intended.

Prompted by tying up loose ends around PR lib/57895.

libcrypt/crypt-argon2.c: Add RCS id.

Noted in PR lib/57895.

branches: 1.20.2;
Don't use uninitialized variable.
Fixes PR 57895.

branches: 1.19.2;
Make it compile again

Avoid null SEGV if libargon passed string with too few $

Seen on netbsd-9 built xscreensaver running on a current system.
Whatever triggered this should also be fixed, but in the meantime
we can improve the behaviour from "Segmentation Fault"

Free strdup'd value in libargon decode_option error paths

If its worth freeing in the success path, its worth freeing in the
error path... (given we don't _exit or similar)

remove dup assignments (RVP)

crypt(3): document some of the memory units we're dealing with

Be a little bit more eager to let Argon2 use memory.

crypt(3): For argon2, default to time=3.

Good enough for a 50MHz SPARC, a shark, and the spec.

crypt(3): return 0 -> return NULL for function returning char *

crypt(3): Adapt default Argon2 parameters to system performance

If the parameters are unspecified:

- Set the default memory consumption based on the amount of memory
available to userspace.

The algorithm actually slows down incredibly quickly as the "memory"
parameter is increased. We want to avoid running out of memory on low
memory systems, but increase the difficulty of bruteforcing passwords
from systems with a lot of memory. At the same time, we want to avoid
problems when concurrent logins are happening.

- Run a hashing loop for one second with steadily increasing "time"
until we settle on a value for "time". We want to use as much CPU time
as reasonable for computing the password hash without making logins
inconvenient.

libcrypt: Hide more private symbols by default. Fix style.

added missing copyright header. pointed out by nia. no functional change

crypt(3): clean up some leftover debug goo

crypt(3): match the Argon2 reference implementation's Base64 exactly

There are too many minor variations regarding padding and exact alphabet
to safely use the implementation in libc or an existing implementation
in libcrypt.

crypt(3): Make Argon2 implementation match the reference impl by
making sure input salts are decoded as base64.

paranoia: use explicit_memset

crypt-argon2: Properly honor user's version number.

Follow upstream by defaulting to 0x10 if it's not specified.

crypt-argon2: improve resilience of the parser.

Allow the version number to be unspecified as in the argon2 upstream
test suite, properly defaulting to a version if the v= block is
entirely missing, and treating the remaining block as parameters.

Fix a null pointer derefence when the encoded password is unspecified
in the settings string.

Remove extra semicolon.

branches: 1.1.4;
adding argon2 support to libcrypt. argon2 user authentication now
available via MKARGON2=yes (3 variants supported; argon2id recommended)
before using, please read argon2 paper at
https://github.com/P-H-C/phc-winner-argon2

libcrypt: Nix trailing whitespace.

No functional change intended.

Prompted by tying up loose ends around PR lib/57895.

branches: 1.10.2; 1.10.4;
libcrypt: Fix a floating point exception when a low number of HMAC-SHA1
iterations are specified.

libcrypt: Hide more private symbols by default. Fix style.

branches: 1.8.18; 1.8.28;
Publish explicit_memset and consttime_memequal in userland libc.

Remove the double-underscore from the userland versions, and do the
weak alias dance instead, now that these are public parts of libc.

As discussed on tech-userlevel:

https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
(option 3)

Silence -Wpointer-sign on crypt-sha1.c.
This requires casts, which is not entirely desirable; however, this way
at least no *more* pointer sign issues can creep in.

Output object files are unchanged on amd64.

Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.

consttime_memequal is the same as the old consttime_bcmp.
explicit_memset is to memset as explicit_bzero was to bcmp.

Passes amd64 release and i386/ALL, but I'm sure I missed some spots,
so please let me know.

branches: 1.5.2;
Add "consttime_bcmp" and "explicit_bzero" functions for both kernel
abd userland, as proposed on tech-security, with explicit_bzero using
a volatile function pointer as suggested by Alan Barrett.
Both do what the name says. For userland, both are prefixed by "__"
to keep them out of the user namespace.
Change some memset/memcmp uses to the new functions where it makes
sense -- these are just some examples, more to come.

branches: 1.4.4;
rearrange variable usage to kill __UNCONST
reviewed by sjg

As discussed back in June, move the implementation of hmac_sha1 here
because this is not a public function and crypt-sha1.c is the only
place where it is used (It must have been that way formerly, because
there was a stale prototype in crypt.h all the time.)
Being here, do some RCSID and prototype cleanup, and add as much "const"
as needed to compile these files with WARNS=3.

use the standard __UNCONST

Add support for SHA1 hashed passwords.
The algorithm used is essentially PBKDF1 from RFC 2898 but using
hmac_sha1 rather than SHA1 directly (suggested by smb@research.att.com).

* The format of the encrypted password is:
* $<tag>$<iterations>$<salt>$<digest>
*
* where:
* <tag> is "sha1"
* <iterations> is an unsigned int identifying how many rounds
* have been applied to <digest>. The number
* should vary slightly for each password to make
* it harder to generate a dictionary of
* pre-computed hashes. See crypt_sha1_iterations.
* <salt> up to 64 bytes of random data, 8 bytes is
* currently considered more than enough.
* <digest> the hashed password.

hmac.c implementes HMAC as defined in RFC 2104 and includes a unit
test for both hmac_sha1 and hmac_sha1 using a selection of the Known
Answer Tests from RFC 2202.

It is worth noting that to be FIPS compliant the hmac key (password)
should be 10-20 chars.

crypt(3): minor formatting tweaks

clarify some of the parameters for 'setting'; avoid talking about passing
the output of crypt(3); note that for md5 and blowfish the salt is silently
truncated if it's longer than the respectively accepted length

crypt(3): Minor markup tweaks

crypt(3): Call it password hashing, not `encrypting'.

Tidy up some of the markup while here, and be consistent about
calling the neatly formatted US-ASCII string an `encoded password
hash').

crypt.3: add a reference for Argon2

Capitalize word.

crypt.3: note parallelism caveats

fix typos in man pages.

Mark up argon2 description. Restore removed lines/text from previous
commit.

adding argon2 support to libcrypt. argon2 user authentication now
available via MKARGON2=yes (3 variants supported; argon2id recommended)
before using, please read argon2 paper at
https://github.com/P-H-C/phc-winner-argon2

branches: 1.27.32;
Use major.minor for NetBSD versions.

Fix punctuation markup.

Remove trailing whitespace.

a typo and missing markup

Improve returns description from Solar Designer.

Remove trailing whitespace. Avoid xr to itself.

reflect current reality about return values.

branches: 1.20.42;
Mention pwhash(1) in a few places,
suggested in PR 31125 by Stefan Schumacher.

salt is in the second argument

branches: 1.18.2;
Remove a superfluous .sp in the SEE ALSO section.

Move UCB-licensed code from 4-clause to 3-clause licence.

Patches provided by Joel Baker in PR 22280, verified by myself.

Use
.In header.h
instead of
.Fd #include \*[Lt]header.h\*[Gt]
Much easier to read and write, and supported by groff for ages.
Okayed by ross.

New sentence, new line. From Robert Elz.

support bcrypt password. can be chosen by "blowfish" keyword in passwd.conf.
from openbsd

branches: 1.13.2;
Change Nd argument to 'password encryption', since it does not only provide
DES support. Noted by Jeremy C. Reed.

Punctuation nits.

Generate <>& symbolically.

Whitespace nits, drop unnecessary .Pps.

Take a stab at documenting non-DES password encryption.

branches: 1.8.2;
Enable decryption in crypt(), from cryptosrc-intl, and lift the updated
manual page (which describes decryption) from cryptosrc-us.

branches: 1.7.6;
More trailing white space.

Prototype has moved: add inclusion of <stdlib.h> to the synopsis of setkey().

add LIBRARY section to man page

hint that crypt() et. al. are declared in unistd.h; from Jon Buller in
PR lib/3488.

Manpage fixes from Jochen Pohl. Aligns the prototypes in the SYNOPSIS
section with the actual function declarations. See PR #1589 for details.

use the (broken) crypt.c from the 4.4BSD-Lite Foreign distribution, that
can encrypt passwords but _cannot_ decrypt anything. "real" (i.e. two-way,
unbroken) crypt() now lives in /usr/src/domestic.

always create libcrypt, and link with it where necessary. this will
make life with shared libraries happier. also, get dummy crypt out
of libc.

libcrypt: Nix trailing whitespace.

No functional change intended.

Prompted by tying up loose ends around PR lib/57895.

branches: 1.40.2;
libcrypt: trailing white space

Fix typo in comment.

branches: 1.38.8;
Avoid undefined behavior in left shift

crypt.c:772:11, left shift of 1363235140 by 1 places cannot be represented
in type 'int32_t' (aka 'int')

Avoid undefined behavior in bit shift operations

crypt.c:839:40, left shift of negative value -1197182952
crypt.c:840:40, left shift of negative value -264997776

adding argon2 support to libcrypt. argon2 user authentication now
available via MKARGON2=yes (3 variants supported; argon2id recommended)
before using, please read argon2 paper at
https://github.com/P-H-C/phc-winner-argon2

adding full scheme comparison to libcrypt:crypt and pwhash tests

branches: 1.34.16;
fix error messages

make __crypt static

wrap crypt() to a function that returns *0 and *1 on error.

perform the check for all salts > 2.

Provide a safer salting method that does not turn invalid salts to '.'.
Be more sensitive to bad salts and counts. From:
http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/glibc/crypt_freesec.c
From Solar Designer

avoid accessing array over its bound, from Solar Designer

branches: 1.28.6;
ANSI function prototypes

de-__P

branches: 1.26.20;
Remove more duplicate #includes, and a few spurious whitespaces at EOL
From Slava Semushin <slava.semushin@gmail.com>

Constify prtab() argument, fixes MKDEBUGLIB build.

gently add some "const", and avoid some casts
compiles with WARNS=4 now (on i386 and alpha)

Need stdio.h if debug.

Add support for SHA1 hashed passwords.
The algorithm used is essentially PBKDF1 from RFC 2898 but using
hmac_sha1 rather than SHA1 directly (suggested by smb@research.att.com).

* The format of the encrypted password is:
* $<tag>$<iterations>$<salt>$<digest>
*
* where:
* <tag> is "sha1"
* <iterations> is an unsigned int identifying how many rounds
* have been applied to <digest>. The number
* should vary slightly for each password to make
* it harder to generate a dictionary of
* pre-computed hashes. See crypt_sha1_iterations.
* <salt> up to 64 bytes of random data, 8 bytes is
* currently considered more than enough.
* <digest> the hashed password.

hmac.c implementes HMAC as defined in RFC 2104 and includes a unit
test for both hmac_sha1 and hmac_sha1 using a selection of the Known
Answer Tests from RFC 2202.

It is worth noting that to be FIPS compliant the hmac key (password)
should be 10-20 chars.

Move UCB-licensed code from 4-clause to 3-clause licence.

Patches provided by Joel Baker in PR 22280, verified by myself.

make the read-only arrays const

support bcrypt password. can be chosen by "blowfish" keyword in passwd.conf.
from openbsd

branches: 1.18.2;
Four casts for lint.

fix nested extern declaration.

Handle non-DES encrypted passwords; currently only MD5.

branches: 1.15.2;
Enable decryption in crypt(), from cryptosrc-intl, and lift the updated
manual page (which describes decryption) from cryptosrc-us.

branches: 1.14.2;
Fix doubled 'the's.

vax -> __vax__

Need <stdlib.h> for setkey() prototype.

don't kill 'register' in comments!

remove obsolete register declarations

specify array sizes in init_perm prototype. One of the array specifications
was "C_block [][]", which isn't valid (or sensible!) C (only the last
dimension may be omitted). However, all of the dimensions are known
so they might as well be specified.

branches: 1.8.2;
don't let prototypes disappear if LARGEDATA is defined

rcsid police, deprecate some use of register

add explicit return types and braces for gcc -Wall, some minor KNF
existing differences between exportable and domestic versions were
preserved.

use the (broken) crypt.c from the 4.4BSD-Lite Foreign distribution, that
can encrypt passwords but _cannot_ decrypt anything. "real" (i.e. two-way,
unbroken) crypt() now lives in /usr/src/domestic.

type sanity

cast for quiet.

Add RCS identifiers.

made libcrypt, so exportable vs. non-exportable packages can be
handled easliy.

branches: 1.1.4;
libcrypt: Add expected symbols list.

PR lib/58838: shared libraries in base should all have expsym lists

libcrypt: Hide more private symbols by default. Fix style.

crypt(3): match the Argon2 reference implementation's Base64 exactly

There are too many minor variations regarding padding and exact alphabet
to safely use the implementation in libc or an existing implementation
in libcrypt.

crypt(3): Make Argon2 implementation match the reference impl by
making sure input salts are decoded as base64.

adding argon2 support to libcrypt. argon2 user authentication now
available via MKARGON2=yes (3 variants supported; argon2id recommended)
before using, please read argon2 paper at
https://github.com/P-H-C/phc-winner-argon2

branches: 1.4.82;
As discussed back in June, move the implementation of hmac_sha1 here
because this is not a public function and crypt-sha1.c is the only
place where it is used (It must have been that way formerly, because
there was a stale prototype in crypt.h all the time.)
Being here, do some RCSID and prototype cleanup, and add as much "const"
as needed to compile these files with WARNS=3.

- change the gensalt functions to take an optional string instead of
the number of rounds.
- make pw_gensalt() more generic, so that it does not depend in libutil.

- remove local UNCONST
- add new __gensalt functions

Add support for SHA1 hashed passwords.
The algorithm used is essentially PBKDF1 from RFC 2898 but using
hmac_sha1 rather than SHA1 directly (suggested by smb@research.att.com).

* The format of the encrypted password is:
* $<tag>$<iterations>$<salt>$<digest>
*
* where:
* <tag> is "sha1"
* <iterations> is an unsigned int identifying how many rounds
* have been applied to <digest>. The number
* should vary slightly for each password to make
* it harder to generate a dictionary of
* pre-computed hashes. See crypt_sha1_iterations.
* <salt> up to 64 bytes of random data, 8 bytes is
* currently considered more than enough.
* <digest> the hashed password.

hmac.c implementes HMAC as defined in RFC 2104 and includes a unit
test for both hmac_sha1 and hmac_sha1 using a selection of the Known
Answer Tests from RFC 2202.

It is worth noting that to be FIPS compliant the hmac key (password)
should be 10-20 chars.

Clean up deleted files.

print the warning exactly once per function per program invocation.

always create libcrypt, and link with it where necessary. this will
make life with shared libraries happier. also, get dummy crypt out
of libc.

libcrypt: Nix trailing whitespace.

No functional change intended.

Prompted by tying up loose ends around PR lib/57895.

branches: 1.4.2; 1.4.4;
libcrypt: Hide more private symbols by default. Fix style.

fix ipad/opad buffer length (was one too much), just for sanity

fix -Wsign-compare issues

As discussed back in June, move the implementation of hmac_sha1 here
because this is not a public function and crypt-sha1.c is the only
place where it is used (It must have been that way formerly, because
there was a stale prototype in crypt.h all the time.)
Being here, do some RCSID and prototype cleanup, and add as much "const"
as needed to compile these files with WARNS=3.

As discussed back in June, move the implementation of hmac_sha1 here
because this is not a public function and crypt-sha1.c is the only
place where it is used (It must have been that way formerly, because
there was a stale prototype in crypt.h all the time.)
Being here, do some RCSID and prototype cleanup, and add as much "const"
as needed to compile these files with WARNS=3.

libcrypt: Nix trailing whitespace.

No functional change intended.

Prompted by tying up loose ends around PR lib/57895.

branches: 1.15.2; 1.15.4;
libcrypt: Hide more private symbols by default. Fix style.

Publish explicit_memset and consttime_memequal in userland libc.

Remove the double-underscore from the userland versions, and do the
weak alias dance instead, now that these are public parts of libc.

As discussed on tech-userlevel:

https://mail-index.netbsd.org/tech-userlevel/2013/06/24/msg007843.html
(option 3)

Replace consttime_bcmp/explicit_bzero by consttime_memequal/explicit_memset.

consttime_memequal is the same as the old consttime_bcmp.
explicit_memset is to memset as explicit_bzero was to bcmp.

Passes amd64 release and i386/ALL, but I'm sure I missed some spots,
so please let me know.

branches: 1.12.2;
Add "consttime_bcmp" and "explicit_bzero" functions for both kernel
abd userland, as proposed on tech-security, with explicit_bzero using
a volatile function pointer as suggested by Alan Barrett.
Both do what the name says. For userland, both are prefixed by "__"
to keep them out of the user namespace.
Change some memset/memcmp uses to the new functions where it makes
sense -- these are just some examples, more to come.

remove the option to build this against openssl - this hasn't been used
in the NetBSD build
since the libc version of MD5Final zeroes out the context, replace
the bzero introduced in the previous commit by comments telling that

zero out hash context after use, to avoid traces in RAM
(hint from "Solar Designer")

branches: 1.9.34;
Remove more duplicate #includes, and a few spurious whitespaces at EOL
From Slava Semushin <slava.semushin@gmail.com>

Add support for SHA1 hashed passwords.
The algorithm used is essentially PBKDF1 from RFC 2898 but using
hmac_sha1 rather than SHA1 directly (suggested by smb@research.att.com).

* The format of the encrypted password is:
* $<tag>$<iterations>$<salt>$<digest>
*
* where:
* <tag> is "sha1"
* <iterations> is an unsigned int identifying how many rounds
* have been applied to <digest>. The number
* should vary slightly for each password to make
* it harder to generate a dictionary of
* pre-computed hashes. See crypt_sha1_iterations.
* <salt> up to 64 bytes of random data, 8 bytes is
* currently considered more than enough.
* <digest> the hashed password.

hmac.c implementes HMAC as defined in RFC 2104 and includes a unit
test for both hmac_sha1 and hmac_sha1 using a selection of the Known
Answer Tests from RFC 2202.

It is worth noting that to be FIPS compliant the hmac key (password)
should be 10-20 chars.

make itoa64[] const

use strlcat

If libcrypto is defined, use the MD5 routines from libcrypto, rather
than from libc.

branches: 1.4.2;
Ensure that the salt is always terminated properly with '$'. Makes Cyrus'
pwcheck (which either modifies the buffer or was passing bad password
strings) happy. Noted by Cillian Sharkey <cns@redbrick.dcu.ie>.

Fix comment.

Cosmetic nits.

Add __md5crypt(), for internal use by libcrypt. This behaves for the most
part like crypt() but uses a proprietry encryption scheme that utilises MD5.
From FreeBSD via OpenBSD.

PR/56838: David A. Holland: namespace pollution in static libcrypt

pw_gensalt.3: add argon2 bits

branches: 1.7.2;
Remove trailing whitespace.

new paragraph

more info

Revert putting a $ as the final character for blowfish. It is not required by
MCF and we want to be compatible.

Fix typos. Use more markup. New sentence, new line.

- bump blowfish size, explain version
- add passwd xref

PR/55095: David A. Holland: pw_gensalt(3) undocumented

libcrypt: Nix trailing whitespace.

No functional change intended.

Prompted by tying up loose ends around PR lib/57895.

branches: 1.13.2; 1.13.4;
crypt(3): Adapt default Argon2 parameters to system performance

If the parameters are unspecified:

- Set the default memory consumption based on the amount of memory
available to userspace.

The algorithm actually slows down incredibly quickly as the "memory"
parameter is increased. We want to avoid running out of memory on low
memory systems, but increase the difficulty of bruteforcing passwords
from systems with a lot of memory. At the same time, we want to avoid
problems when concurrent logins are happening.

- Run a hashing loop for one second with steadily increasing "time"
until we settle on a value for "time". We want to use as much CPU time
as reasonable for computing the password hash without making logins
inconvenient.

libcrypt: Hide more private symbols by default. Fix style.

crypt(3): match the Argon2 reference implementation's Base64 exactly

There are too many minor variations regarding padding and exact alphabet
to safely use the implementation in libc or an existing implementation
in libcrypt.

crypt(3): Make Argon2 implementation match the reference impl by
making sure input salts are decoded as base64.

Remove extra semicolon.

adding argon2 support to libcrypt. argon2 user authentication now
available via MKARGON2=yes (3 variants supported; argon2id recommended)
before using, please read argon2 paper at
https://github.com/P-H-C/phc-winner-argon2

branches: 1.7.48;
fix -Wsign-compare issues

Remove more duplicate #includes, and a few spurious whitespaces at EOL
From Slava Semushin <slava.semushin@gmail.com>

fix compile issue.

- change the gensalt functions to take an optional string instead of
the number of rounds.
- make pw_gensalt() more generic, so that it does not depend in libutil.

sprinkle ARGSUSED and include "crypt.h"

only get the rounds if we have them.

Add pw_gensalt, which was taken from pwd_gensalt. This now is used in 3
places, so it might as well be part of libcrypt.

bump shared libraries.

Add pw_gensalt, which was taken from pwd_gensalt. This now is used in 3
places, so it might as well be part of libcrypt.

crank minor for bcrypt support

branches: 1.3.12;
Add a note to update src/distrib/sets/lists/base/shl.*, and add a missing
RCS Id.

RCSID Police.

add shlib_version file, with version 0.0

crypt(3): match the Argon2 reference implementation's Base64 exactly

There are too many minor variations regarding padding and exact alphabet
to safely use the implementation in libc or an existing implementation
in libcrypt.

crypt(3): Make Argon2 implementation match the reference impl by
making sure input salts are decoded as base64.

Add support for SHA1 hashed passwords.
The algorithm used is essentially PBKDF1 from RFC 2898 but using
hmac_sha1 rather than SHA1 directly (suggested by smb@research.att.com).

* The format of the encrypted password is:
* $<tag>$<iterations>$<salt>$<digest>
*
* where:
* <tag> is "sha1"
* <iterations> is an unsigned int identifying how many rounds
* have been applied to <digest>. The number
* should vary slightly for each password to make
* it harder to generate a dictionary of
* pre-computed hashes. See crypt_sha1_iterations.
* <salt> up to 64 bytes of random data, 8 bytes is
* currently considered more than enough.
* <digest> the hashed password.

hmac.c implementes HMAC as defined in RFC 2104 and includes a unit
test for both hmac_sha1 and hmac_sha1 using a selection of the Known
Answer Tests from RFC 2202.

It is worth noting that to be FIPS compliant the hmac key (password)
should be 10-20 chars.