Recent changes to this wiki:

Added a comment
diff --git a/doc/forum/Limit_pagespec_to_a_certain_depth/comment_1_6a7cb33d7100ad67efd3344d4987104a._comment b/doc/forum/Limit_pagespec_to_a_certain_depth/comment_1_6a7cb33d7100ad67efd3344d4987104a._comment
new file mode 100644
index 0000000..09b3512
--- /dev/null
+++ b/doc/forum/Limit_pagespec_to_a_certain_depth/comment_1_6a7cb33d7100ad67efd3344d4987104a._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="openmedi"
+ avatar="http://cdn.libravatar.org/avatar/563ffaff3b492c579bd8f094472e4506"
+ subject="comment 1"
+ date="2017-04-18T13:13:40Z"
+ content="""
+Ooops, shoud've used the preview feature! My pagespec was looking somewhat like this: `\"page(* and !*/*)\"` and `\"page(* and !foobar/*)\"`
+"""]]

diff --git a/doc/forum/Limit_pagespec_to_a_certain_depth.mdwn b/doc/forum/Limit_pagespec_to_a_certain_depth.mdwn
new file mode 100644
index 0000000..b1d7e49
--- /dev/null
+++ b/doc/forum/Limit_pagespec_to_a_certain_depth.mdwn
@@ -0,0 +1 @@
+I'd like my index page of my wiki to show me a list of all the files in the wiki's root and only the names of "folder-pages" (those pages that are named the same way as the folders). I used the map directive to create a list, but I can't come up with a way to limit the depth of the pagespec, so everything inside of the folders is matched and listed as well, which is not what I want. Is there a way to limit the page spec's depth or make it exclude pages in subfolders? I tried `[[!map  pages="page(* and !*/*)"]]` or `[[!map  pages="page(* and !foobar/*)"]]`, but both exclude the "folder-pages" (either all of them (first case) or the ones that I have specified (second case)).

Initial commit.
diff --git a/doc/users/STrRedWolf.mdwn b/doc/users/STrRedWolf.mdwn
new file mode 100644
index 0000000..5348d07
--- /dev/null
+++ b/doc/users/STrRedWolf.mdwn
@@ -0,0 +1 @@
+Software engineer by trade, furry author/artist by hobby.  Code tailored "while U wait".

diff --git a/doc/plugins/theme/discussion.mdwn b/doc/plugins/theme/discussion.mdwn
index 25b4e21..e58fe47 100644
--- a/doc/plugins/theme/discussion.mdwn
+++ b/doc/plugins/theme/discussion.mdwn
@@ -30,4 +30,4 @@ Choose one of the [[themes]] which are bundled with ikiwiki and configure ikiwik
 
 So I added "theme" to my config file's "add_plugins" directive, and uncommented the "theme: actiontabs" line.  I then ran "ikwiki --setup wiki.setup" and...  no change on reload.
 
-I'm on Ubuntu 16.04.  Any idea what I'm doing wrong?
+I'm on Ubuntu 16.04.  Any idea what I'm doing wrong?  --[[STrRedWolf]]

First time theme help needed.
diff --git a/doc/plugins/theme/discussion.mdwn b/doc/plugins/theme/discussion.mdwn
index 67a2bf4..25b4e21 100644
--- a/doc/plugins/theme/discussion.mdwn
+++ b/doc/plugins/theme/discussion.mdwn
@@ -24,3 +24,10 @@ Choose one of the [[themes]] which are bundled with ikiwiki and configure ikiwik
     	theme => 'blueview',
 
 -- [[AdamShand]]
+
+
+### How to enable properly?
+
+So I added "theme" to my config file's "add_plugins" directive, and uncommented the "theme: actiontabs" line.  I then ran "ikwiki --setup wiki.setup" and...  no change on reload.
+
+I'm on Ubuntu 16.04.  Any idea what I'm doing wrong?

add list of pending patches
diff --git a/doc/users/anarcat.mdwn b/doc/users/anarcat.mdwn
index 38976c3..5adbf9a 100644
--- a/doc/users/anarcat.mdwn
+++ b/doc/users/anarcat.mdwn
@@ -2,6 +2,12 @@ See <https://anarc.at/>. I have home pages like this on tons of other wikis incl
 
 [[!toc]]
 
+Submitted patches
+=================
+
+[[!inline pages="tagged(patch) and link(users/anarcat)" sort=mtime feeds=no actions=yes archive=yes show=0]]
+
+
 My todos
 ========
 

mark this as a real plugin: forgot the plugin template!
diff --git a/doc/plugins/contrib/i18nheadinganchors.mdwn b/doc/plugins/contrib/i18nheadinganchors.mdwn
index a5b108d..7af54e4 100644
--- a/doc/plugins/contrib/i18nheadinganchors.mdwn
+++ b/doc/plugins/contrib/i18nheadinganchors.mdwn
@@ -1,3 +1,6 @@
+[[!meta author="anarcat"]]
+[[!template id=plugin name=i18nanchors author="[[anarcat]]"]]
+[[!tag type/chrome]]
 [[!template  id=gitbranch branch=anarcat/i18n-headinghanchors author="[[anarcat]]"]]
 
 This plugin is similar to [[plugins/headinganchors]] except:

mark this as ready for merging
diff --git a/doc/plugins/contrib/admonition.mdwn b/doc/plugins/contrib/admonition.mdwn
index 43c63e4..2b81c98 100644
--- a/doc/plugins/contrib/admonition.mdwn
+++ b/doc/plugins/contrib/admonition.mdwn
@@ -1,6 +1,6 @@
 [[!meta author="anarcat"]]
 [[!template id=plugin name=admonition author="[[anarcat]]"]]
-[[!tag type/chrome]]
+[[!tag type/chrome patch]]
 
 # Admonitions
 

clarify that "patch" on contrib plugins means the author wants to merge
diff --git a/doc/plugins/contrib.mdwn b/doc/plugins/contrib.mdwn
index 8ae457e..9bfa95c 100644
--- a/doc/plugins/contrib.mdwn
+++ b/doc/plugins/contrib.mdwn
@@ -1,6 +1,9 @@
 These plugins are provided by third parties and are not currently
 included in ikiwiki. See [[install]] for installation help.
 
+If they are tagged [[patch]], the plugins will be considered for
+inclusion in the main [[plugins]] list.
+
 [[!map pages="plugins/contrib/* and !plugins/contrib/*/* and !*/Discussion"]]
 
 [[!inline pages="plugins/contrib/*" rootpage="plugins/contrib" show=-1

this is a patch - i'd like this in core, or at least a discussion on how to merge it with the main plugin
diff --git a/doc/plugins/contrib/i18nheadinganchors.mdwn b/doc/plugins/contrib/i18nheadinganchors.mdwn
index 3bef82e..a5b108d 100644
--- a/doc/plugins/contrib/i18nheadinganchors.mdwn
+++ b/doc/plugins/contrib/i18nheadinganchors.mdwn
@@ -17,3 +17,5 @@ Also note that *all* heading attributes are overriden with the ID
 tag. If this is not desirable, we'd need to fire up a full
 HTML::Parser or do some more regex magic to preserve the attributes
 other than `id=` which we want to keep. -- [[anarcat]]
+
+[[!tag patch]]

add a patch to make this happen
diff --git a/doc/todo/toc-with-human-readable-anchors.mdwn b/doc/todo/toc-with-human-readable-anchors.mdwn
index 0f358f4..60edaff 100644
--- a/doc/todo/toc-with-human-readable-anchors.mdwn
+++ b/doc/todo/toc-with-human-readable-anchors.mdwn
@@ -4,4 +4,48 @@ In #ikiwiki today, another user and I were in agreement that an option for human
 
 > +1 - i would love to see that happen too. Here's a patch I wrote a while back for similar functionality in moinmoin: https://svn.koumbit.net/koumbit/trunk/patches/moinmoin/nice_headings.patch -- [[anarcat]]
 
-[[!tag wishlist]]
+----
+
+I started looking into this again after getting annoyed at the
+unreadable anchors, and here's what I came up with.
+
+[[!template  id=gitbranch branch=anarcat/toc-recycle-id author="[[anarcat]]"]]
+
+The first step is to fix [[plugins/toc]] to use headings: we can
+figure out how to generate those later, but it would be nice if the
+toc directive would just reuse existing headings instead of relying on
+its own. I do this by simply checking if there's a `id` field (which
+is, by standard, unique) and reuse that when building the table of
+contents. This requires parsing HTML element attributes, but that
+shouldn't impact performance too much, hopefully. The old IDs are
+still generated for backwards compatibility. This is done in
+my [toc-recycle-id branch][] (see [921a264][]).
+
+[921a264]: https://gitlab.com/anarcat/ikiwiki/commit/27d5d9d126b6b675ad273ebd63095df0c921a264
+[toc-recycle-id branch]: https://gitlab.com/anarcat/ikiwiki/commits/toc-id-recycle
+
+The second step is to generate those headings. There are two ways of
+doing this:
+
+ 1. enable multimarkdown. by default, the [[plugins/mdwn]] plugin will
+    add `id` anchors when using [Text::Multimarkdown][] which is
+    simply a matter of adding `multimarkdown: 1` in the setup file
+
+ 2. enable the [[plugins/headinganchors]] plugin. if multimarkdown is
+    disabled, this can also provide usable identifiers.
+
+An issue I had with the latter plugin was that it did not work if
+multimarkdown was enabled, as it doesn't match headings if they
+already have a `id` attribute. It also doesn't deal very well with
+non-ASCII characters: they get basically garbled into their numeric
+representation. I have therefore written a derivative of the
+headinganchor plugin called [[plugins/contrib/i18nheadinganchors]] to
+work around those issues.
+
+It would be great to see the `toc` part of this patchset merged, at
+least. It could also be a configurable option, but that seems overkill
+considering that backwards compatibility is kept... --[[anarcat]]
+
+[Text::Multimarkdown]: http://search.cpan.org/search?mode=dist&query=Text%3A%3AMarkdown
+
+[[!tag wishlist patch]]

rename plugins/contrib/i18nheadinganchor.mdwn to plugins/contrib/i18nheadinganchors.mdwn
diff --git a/doc/plugins/contrib/i18nheadinganchor.mdwn b/doc/plugins/contrib/i18nheadinganchor.mdwn
deleted file mode 100644
index 3bef82e..0000000
--- a/doc/plugins/contrib/i18nheadinganchor.mdwn
+++ /dev/null
@@ -1,19 +0,0 @@
-[[!template  id=gitbranch branch=anarcat/i18n-headinghanchors author="[[anarcat]]"]]
-
-This plugin is similar to [[plugins/headinganchors]] except:
-
- 1. it overrides other attributes previously set on heading elements
-    (to override the multimarkdown-generated headings for example)
-
- 2. deals with non-ASCII charsets better: for example, 北亰 becomes
-    "bei-jing" instead of "z-.E4.BA.B0" and "liberté" becomes
-    "liberte" instead of "libert.C3.A9"
-
-This is a separate plugin because this is a backwards-incompatible
-change, but I would be more than happy to make a patch to merge this
-in the main plugin if necessary.
-
-Also note that *all* heading attributes are overriden with the ID
-tag. If this is not desirable, we'd need to fire up a full
-HTML::Parser or do some more regex magic to preserve the attributes
-other than `id=` which we want to keep. -- [[anarcat]]
diff --git a/doc/plugins/contrib/i18nheadinganchors.mdwn b/doc/plugins/contrib/i18nheadinganchors.mdwn
new file mode 100644
index 0000000..3bef82e
--- /dev/null
+++ b/doc/plugins/contrib/i18nheadinganchors.mdwn
@@ -0,0 +1,19 @@
+[[!template  id=gitbranch branch=anarcat/i18n-headinghanchors author="[[anarcat]]"]]
+
+This plugin is similar to [[plugins/headinganchors]] except:
+
+ 1. it overrides other attributes previously set on heading elements
+    (to override the multimarkdown-generated headings for example)
+
+ 2. deals with non-ASCII charsets better: for example, 北亰 becomes
+    "bei-jing" instead of "z-.E4.BA.B0" and "liberté" becomes
+    "liberte" instead of "libert.C3.A9"
+
+This is a separate plugin because this is a backwards-incompatible
+change, but I would be more than happy to make a patch to merge this
+in the main plugin if necessary.
+
+Also note that *all* heading attributes are overriden with the ID
+tag. If this is not desirable, we'd need to fire up a full
+HTML::Parser or do some more regex magic to preserve the attributes
+other than `id=` which we want to keep. -- [[anarcat]]

add i18nheadinganchors plugin
diff --git a/doc/plugins/contrib/i18nheadinganchor.mdwn b/doc/plugins/contrib/i18nheadinganchor.mdwn
new file mode 100644
index 0000000..3bef82e
--- /dev/null
+++ b/doc/plugins/contrib/i18nheadinganchor.mdwn
@@ -0,0 +1,19 @@
+[[!template  id=gitbranch branch=anarcat/i18n-headinghanchors author="[[anarcat]]"]]
+
+This plugin is similar to [[plugins/headinganchors]] except:
+
+ 1. it overrides other attributes previously set on heading elements
+    (to override the multimarkdown-generated headings for example)
+
+ 2. deals with non-ASCII charsets better: for example, 北亰 becomes
+    "bei-jing" instead of "z-.E4.BA.B0" and "liberté" becomes
+    "liberte" instead of "libert.C3.A9"
+
+This is a separate plugin because this is a backwards-incompatible
+change, but I would be more than happy to make a patch to merge this
+in the main plugin if necessary.
+
+Also note that *all* heading attributes are overriden with the ID
+tag. If this is not desirable, we'd need to fire up a full
+HTML::Parser or do some more regex magic to preserve the attributes
+other than `id=` which we want to keep. -- [[anarcat]]

move my repo to gitlab
diff --git a/doc/git.mdwn b/doc/git.mdwn
index 4661c46..38a2d1c 100644
--- a/doc/git.mdwn
+++ b/doc/git.mdwn
@@ -69,7 +69,7 @@ think about merging them. This is recommended. :-)
 * [[pelle]] `git://github.com/hemmop/ikiwiki.git`
 * [[chrismgray]] `git://github.com/chrismgray/ikiwiki.git`
 * [[ttw]] `git://github.com/ttw/ikiwiki.git`
-* [[anarcat]] `git://src.anarc.at/ikiwiki`
+* [[anarcat]] `https://gitlab.com/anarcat/ikiwiki.git`
 * anderbubble `git://civilfritz.net/ikiwiki.git`
 * frioux `git://github.com/frioux/ikiwiki`
 * llipavsky `git://github.com/llipavsky/ikiwiki`

respond to an old question
diff --git a/doc/plugins/headinganchors/discussion.mdwn b/doc/plugins/headinganchors/discussion.mdwn
index eaf111f..512caa4 100644
--- a/doc/plugins/headinganchors/discussion.mdwn
+++ b/doc/plugins/headinganchors/discussion.mdwn
@@ -1,4 +1,6 @@
-Isn't this functionality a part of what [[plugins/toc]] needs and does? Then probably the [[plugins/toc]] plugin's code could be split into the part that implements the [[plugins/contrib/headinganchors]]'s functionality and the TOC generation itself. That will bring more order into the code and the set of available plugins. --Ivan Z.
+Isn't this functionality a part of what [[plugins/toc]] needs and does? Then probably the [[plugins/toc]] plugin's code could be split into the part that implements the [[plugins/headinganchors]]'s functionality and the TOC generation itself. That will bring more order into the code and the set of available plugins. --Ivan Z.
+
+> Indeed it is. Except [[plugins/toc]] generates headings differently - and independently of this. *Even* if [[toc]]'s functionality would be split, you'd probably want to retain backwards compatibility there, so it's unlikely that this will happen... Also see [[todo/toc-with-human-readable-anchors]]. --[[anarcat]]
 
 ---
 

todo
diff --git a/doc/todo/subscribe_to_comments_of_page_when_editing.mdwn b/doc/todo/subscribe_to_comments_of_page_when_editing.mdwn
new file mode 100644
index 0000000..63fccad
--- /dev/null
+++ b/doc/todo/subscribe_to_comments_of_page_when_editing.mdwn
@@ -0,0 +1,10 @@
+When posting a comment to a page, there's a check box to subscribe to get
+other comments. There should be a similar check box when editing a page, to
+subscribe to all comments to the page (and perhaps to edit notifications of
+the page itself). 
+
+Currently, the user has to know how to go into their preferences and
+subscribe there. This is not ideal when using ikiwiki for a bug tracker,
+etc.
+
+--[[Joey]]

Fixing format
diff --git a/doc/bugs/Anon_edit_caused_lock_out_on_entire_site_/addplugins.mdwn b/doc/bugs/Anon_edit_caused_lock_out_on_entire_site_/addplugins.mdwn
index f70f839..06e3bfc 100644
--- a/doc/bugs/Anon_edit_caused_lock_out_on_entire_site_/addplugins.mdwn
+++ b/doc/bugs/Anon_edit_caused_lock_out_on_entire_site_/addplugins.mdwn
@@ -1,32 +1,32 @@
-# plugins to add to the default configuration
-add_plugins:
-- goodstuff
-- websetup
-- comments
-- htmlbalance
-- theme
-- opendiscussion
-- editdiff
-- rename
-- sidebar
-- relativedate
-- edittemplate
-- flattr
-- userlist
-- html
-- calendar
-- listdirectives
-- txt
-- cutpaste
-- testpagespec
-- trail
-- poll
-- prettydate
-- httpauth
-- remove
-- version
-- format
-- rst
-- fortune
-# plugins to disable
-disable_plugins: []
+    # plugins to add to the default configuration
+    add_plugins:
+    - goodstuff
+    - websetup
+    - comments
+    - htmlbalance
+    - theme
+    - opendiscussion
+    - editdiff
+    - rename
+    - sidebar
+    - relativedate
+    - edittemplate
+    - flattr
+    - userlist
+    - html
+    - calendar
+    - listdirectives
+    - txt
+    - cutpaste
+    - testpagespec
+    - trail
+    - poll
+    - prettydate
+    - httpauth
+    - remove
+    - version
+    - format
+    - rst
+    - fortune
+    # plugins to disable
+    disable_plugins: []

As requested
diff --git a/doc/bugs/Anon_edit_caused_lock_out_on_entire_site_/addplugins.mdwn b/doc/bugs/Anon_edit_caused_lock_out_on_entire_site_/addplugins.mdwn
new file mode 100644
index 0000000..f70f839
--- /dev/null
+++ b/doc/bugs/Anon_edit_caused_lock_out_on_entire_site_/addplugins.mdwn
@@ -0,0 +1,32 @@
+# plugins to add to the default configuration
+add_plugins:
+- goodstuff
+- websetup
+- comments
+- htmlbalance
+- theme
+- opendiscussion
+- editdiff
+- rename
+- sidebar
+- relativedate
+- edittemplate
+- flattr
+- userlist
+- html
+- calendar
+- listdirectives
+- txt
+- cutpaste
+- testpagespec
+- trail
+- poll
+- prettydate
+- httpauth
+- remove
+- version
+- format
+- rst
+- fortune
+# plugins to disable
+disable_plugins: []

Answering questions and updating links
diff --git a/doc/bugs/Anon_edit_caused_lock_out_on_entire_site_.mdwn b/doc/bugs/Anon_edit_caused_lock_out_on_entire_site_.mdwn
index f4f2f26..1691ae1 100644
--- a/doc/bugs/Anon_edit_caused_lock_out_on_entire_site_.mdwn
+++ b/doc/bugs/Anon_edit_caused_lock_out_on_entire_site_.mdwn
@@ -30,11 +30,13 @@ The `anonok` plugin is **not** enabled
 > Which version of ikiwiki are you running? Are you using any third-party
 > plugins or patches? --[[smcv]]
 
+>> Pasted [[here|addplugins]]
+
 ---
 
 ## Steps
 
-I've tried to place a comment clicking in the obvious [Add a comment](https://dev.iikb.xyz/ikiwiki.cgi?do=comment&page=forum%2FTema_bootstrap) in a [forum post](https://dev.iikb.xyz/forum/Tema_bootstrap/).
+I've tried to place a comment clicking in the obvious [Add a comment](https://dev.iikb.org/ikiwiki.cgi?do=comment&page=forum%2FTema_bootstrap) in a [forum post](https://dev.iikb.org/forum/Tema_bootstrap/).
 
 I've not signed in because the *sign in* page didn't come up, instead a simple `(You might want to Signin first?)` showed up, which I've haven't read and commented away.
 
@@ -42,9 +44,9 @@ I've not signed in because the *sign in* page didn't come up, instead a simple `
 
 ## Results
 
-As a consequence of that, the user '' - that's a null character, have somehow logged in and it seems that there is no way to [log it out](https://dev.iikb.xyz/ikiwiki.cgi?do=prefs).
+As a consequence of that, the user '' - that's a null character, have somehow logged in and it seems that there is no way to [log it out](https://dev.iikb.org/ikiwiki.cgi?do=prefs).
 
-None of this phantom user edits are being commited - this [blog post](https://dev.iikb.xyz/blog/posts/Bug_severo_neste_site/) was made with that user logged in via web.
+None of this phantom user edits are being commited - this [blog post](https://dev.iikb.org/blog/posts/Bug_severo_neste_site/) was made with that user logged in via web.
 
 It seems I can't log out from nowhere. I've rebuild the wiki from the command line and restarted the nginx server, the phantom user remains logged in and open to anyone willing to edit away the wiki.
 
@@ -54,7 +56,7 @@ It seems I can't log out from nowhere. I've rebuild the wiki from the command li
 
 If I wanted to do a totally anonnymous wiki, this would be the best setup ever.
 
-For [this particular installation](https://dev.iikb.xyz), that's not the case.
+For [this particular installation](https://dev.iikb.org), that's not the case.
 
 ---
 
@@ -70,3 +72,5 @@ Is there a session file or something to logout this phantom user?
 > `.setup` file. I would also be interested to see a tarball of the entire
 > wiki source directory, if it isn't excessively large. If you'd be willing to
 > share them, please contact <mailto:smcv@debian.org>. --[[smcv]]
+
+>> I think I've sent right away when you asked, anyway I still have the tarball hanging around. The last *iikb* domains will expire next month though, the wiki will only be accessible by mirror <https://notabug.org/iikb/dev.iikb.org>.

diff --git a/doc/test_page_space_allowed.mdwn b/doc/test_page_space_allowed.mdwn
index f93f6b8..c8f9123 100644
--- a/doc/test_page_space_allowed.mdwn
+++ b/doc/test_page_space_allowed.mdwn
@@ -1,1416 +1 @@
-## Changelog: From origin/DragonFly_RELEASE_4_6 to origin/DragonFly_RELEASE_4_8
-### Contributed software
-* [[4baf3da673cf4ccc37972fd7a3a5374f2f949682|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/4baf3da673cf4ccc37972fd7a3a5374f2f949682]] - gcc47: Backport objc fix from gcc trunk.
-* [[a547914c1dda914338578798fd0ebd9851ec1b99|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a547914c1dda914338578798fd0ebd9851ec1b99]] - Merge branch 'vendor/LESS'
-* [[095985121e34fb8501c6d6afb0d38e6f6a30fc0d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/095985121e34fb8501c6d6afb0d38e6f6a30fc0d]] - libncurses: Avoid -Woverflow in baud rates.
-* [[ddaf9f4ac09fd506d0ed3a635e1048beafae310c|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/ddaf9f4ac09fd506d0ed3a635e1048beafae310c]] - wpa_supplicant: Avoid cpp warning during buildworld.
-* [[eee86d5a9b698bc2d10bfce462dd5172ed60b767|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/eee86d5a9b698bc2d10bfce462dd5172ed60b767]] - binutils 2.25 linkers: Set default interpreter to valid path
-* [[a9fa94596c0f48c0524edaac2c001d92fa9c01ac|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a9fa94596c0f48c0524edaac2c001d92fa9c01ac]] - Initial import of binutils 2.27 on vendor branch
-* [[09219ee0a86ac0ce0a1b6a5d91d6274c297da796|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/09219ee0a86ac0ce0a1b6a5d91d6274c297da796]] - Import missing source needed to enable plugin support in utilities.
-* [[11650561b4cc34c733d0ddd00ba57a35c8b09262|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/11650561b4cc34c733d0ddd00ba57a35c8b09262]] - binutils225: Make plugin dir overridable at compile time.
-* [[62af0394e6f0acbb07b0de957bee06e880eae55d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/62af0394e6f0acbb07b0de957bee06e880eae55d]] - gcc47: Do not include empty header.
-* [[e656dc90e3d65d744d534af2f5ea88cf8101ebcf|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e656dc90e3d65d744d534af2f5ea88cf8101ebcf]] - Merge remote-tracking branch 'origin/vendor/BINUTILS227'
-* [[03f6201053717a978ccacc70a0b56f44d69f6aca|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/03f6201053717a978ccacc70a0b56f44d69f6aca]] - less(1): Fix type mismatches in different objects.
-* [[b4603dcfad6ee746d007a4b2f2fb735605186044|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b4603dcfad6ee746d007a4b2f2fb735605186044]] - TRE: Fix const discard issue for all compilers.
-* [[c211e07949d10318e6a8d31301b3cedb6b4e5a6d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c211e07949d10318e6a8d31301b3cedb6b4e5a6d]] - bmake: upgrade version 20141111 => 20160818
-* [[0c8a28221521252cd35eb2174b0d147c136bb2db|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/0c8a28221521252cd35eb2174b0d147c136bb2db]] - gcc47: Fix misplaced NULL usage in strings.
-* [[4eab696808e511e585602aa64af9891aa0e4c441|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/4eab696808e511e585602aa64af9891aa0e4c441]] - kernel - set default locale name for smbfs
-* [[d5d214b79f952beef771f898a2b47ab5cfcddedc|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/d5d214b79f952beef771f898a2b47ab5cfcddedc]] - Update gcc-50 to SVN version 239798 (gcc-5-branch)
-* [[5f76495ba37ea12fb60cf57228cc78b83d889fb6|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/5f76495ba37ea12fb60cf57228cc78b83d889fb6]] - gcc50: Add alternative variant of pthread presence checking.
-* [[727fc32d389c7e604175d531ef6dccd525ac01d2|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/727fc32d389c7e604175d531ef6dccd525ac01d2]] - Merge branch 'vendor/BINUTILS225'
-* [[c1d69b4e943be0ac0b9e60cf997891209e8f7198|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c1d69b4e943be0ac0b9e60cf997891209e8f7198]] - tcsh - Work around gcc-5 bug
-* [[6496ec5cf27c0e8a2cf51a861379f97b39eed5c2|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/6496ec5cf27c0e8a2cf51a861379f97b39eed5c2]] - gcc47: Suppress last codegen warning.
-* [[9b76006665e56dffc7210c587bdfa8fad8661f7a|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/9b76006665e56dffc7210c587bdfa8fad8661f7a]] - Update less from version 471 to 481
-* [[f445c8974931e0ddbeb96b2514f9cb61aee7e659|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f445c8974931e0ddbeb96b2514f9cb61aee7e659]] - Update to bmake-20160818 on the vendor branch
-* [[9a8f24bf27e38c37cda8a86cdeb34e2ae52aee6b|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/9a8f24bf27e38c37cda8a86cdeb34e2ae52aee6b]] - Merge branch 'vendor/BMAKE'
-* [[c80085678ed8b87f203af020e14e8079a552fdd0|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c80085678ed8b87f203af020e14e8079a552fdd0]] - Retire the binutils-2.24.
-* [[14cfea9901210cefd3a1d65dc15887461b194bde|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/14cfea9901210cefd3a1d65dc15887461b194bde]] - binutil227: Add DF README's and local modifications.
-* [[6b9ba3e86a05417c2af9786967ec92fc136cffde|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/6b9ba3e86a05417c2af9786967ec92fc136cffde]] - bootstrap: Expand BOOTSTRAPPING case to avoid warning.
-* [[385754ab92bea0f51c59b841b298f2ec157e5f2d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/385754ab92bea0f51c59b841b298f2ec157e5f2d]] - Merge branch 'vendor/GCC50'
-* [[e02a905d0800ea51e6685792106ea01bcc1c39ca|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e02a905d0800ea51e6685792106ea01bcc1c39ca]] - libncurses: Avoid warning when calling cgetent().
-* [[6ebf792c9ab0aa43dd13069aefd6d1d548176ef8|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/6ebf792c9ab0aa43dd13069aefd6d1d548176ef8]] - contrib/bmake: remove 2 local modifications to prepare for merge
-### Cryptography
-* [[5b245968732053a4221c42925bf7355d7eb4ad07|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/5b245968732053a4221c42925bf7355d7eb4ad07]] - build - Remove openssl from base (is now permanently replaced by ressl)
-* [[66ceb5e9b7ccc1005b0b710f32228c0b69070e98|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/66ceb5e9b7ccc1005b0b710f32228c0b69070e98]] - libressl: Few local modifications for netcat.
-* [[4188afc709be91c60882529929ad3e74932fc51c|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/4188afc709be91c60882529929ad3e74932fc51c]] - Merge branch 'vendor/LIBRESSL'
-* [[a310eb9be04d900b0e9514e84c07b9654e28ecba|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a310eb9be04d900b0e9514e84c07b9654e28ecba]] - libcrypto(3): Remove some cruft from when we supported 32-bit.
-* [[94089e80a5f705dc760628462df38162611001cd|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/94089e80a5f705dc760628462df38162611001cd]] - Merge branch 'vendor/OPENSSL'
-* [[f20408c21735b356c91cd43ddc1a5693e49b528e|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f20408c21735b356c91cd43ddc1a5693e49b528e]] - Update libressl README.DRAGONFLY for v2.4.4
-* [[497a44b089c28b45651c36fb1b2d782f406d8641|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/497a44b089c28b45651c36fb1b2d782f406d8641]] - Add a openbsd-compat file for latest import.
-* [[e00185f13e893a2f4d0288c673301fd4c78f3562|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e00185f13e893a2f4d0288c673301fd4c78f3562]] - Patch ssh vendor code for xauth's default location.
-* [[7475be118e1bc43d61bfa1192b8ac160ab3cf515|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/7475be118e1bc43d61bfa1192b8ac160ab3cf515]] - sshd - Fix default password authentication (2)
-* [[e9778795382169f8c6fde18d0565a1acef2cac8b|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e9778795382169f8c6fde18d0565a1acef2cac8b]] - Import OpenSSH-7.3p1.
-* [[0acf6c5cec1bb550d161ebd159e4ecad45908ec5|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/0acf6c5cec1bb550d161ebd159e4ecad45908ec5]] - Update LibreSSL from version 2.4.2 => 2.4.3
-* [[609bcd714d1333d31030e5309fcbcf2b8561e582|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/609bcd714d1333d31030e5309fcbcf2b8561e582]] - Merge branch 'vendor/OPENSSH'
-* [[f0ea6a7a164d1e1add5907937994265e906d96a3|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f0ea6a7a164d1e1add5907937994265e906d96a3]] - Remove most local modifications from OpenSSH.
-* [[c064523cdd96e53e622a5cc435f4388312a33a8c|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c064523cdd96e53e622a5cc435f4388312a33a8c]] - Allow make.conf to override ssh's xauth location.
-* [[f73288b8388362ab1d59c2d7072014f0d5020b18|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f73288b8388362ab1d59c2d7072014f0d5020b18]] - LibreSSL: complete update v2.4.2 => v2.4.3
-* [[a25ca6f6327a8c5c07550bd5ee5382898072f668|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a25ca6f6327a8c5c07550bd5ee5382898072f668]] - Merge branch 'vendor/LIBRESSL'
-* [[d9ccbcc96227edaf46bd27707f01d9d8b4ad5a72|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/d9ccbcc96227edaf46bd27707f01d9d8b4ad5a72]] - build - use libressl md5.h for kernel
-* [[f5b1c8a1e6dbe9333aed363dba27c2ff58be6174|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f5b1c8a1e6dbe9333aed363dba27c2ff58be6174]] - Import LibreSSL v2.4.2 to vendor branch
-* [[57de8ae1b524af49006ac8faaf4a64241aa4ba07|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/57de8ae1b524af49006ac8faaf4a64241aa4ba07]] - OpenSSH: Suppress warning on login_getcapstr().
-* [[4bde49b71e31daca1872f938e6f2c2e132cbc396|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/4bde49b71e31daca1872f938e6f2c2e132cbc396]] - sshd(8): Disable tunneled cleartext passwords.
-* [[4821a1d69d42a70e6f9f65f01812422a9f804656|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/4821a1d69d42a70e6f9f65f01812422a9f804656]] - Merge branch 'vendor/OPENSSH'
-* [[bd84e83893b298face58762e1fec24667126c8c7|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/bd84e83893b298face58762e1fec24667126c8c7]] - security/libressl: Fix ECDSA P-256 timing attack vulnerability
-* [[1852dacb2add612faac4649f46850e8492c56065|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/1852dacb2add612faac4649f46850e8492c56065]] - OpenSSH: Suppress last warning in session.c
-* [[4a22becbe09b9773cc33003d46120d8825a44415|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/4a22becbe09b9773cc33003d46120d8825a44415]] - Unbreak build.
-* [[88828e76e7d1ff613cbdfc32aeb5e35cc6ffde30|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/88828e76e7d1ff613cbdfc32aeb5e35cc6ffde30]] - sshd - Fix default password authentication
-* [[72be967a925bccd9cb7672c8adf4f3cbaeea8327|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/72be967a925bccd9cb7672c8adf4f3cbaeea8327]] - OpenSSH: Add missing prototypes and bump WARNS to 3.
-* [[1920ada36573f8e9c4ceb7694990274075650bdf|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/1920ada36573f8e9c4ceb7694990274075650bdf]] - Merge branch 'vendor/LIBRESSL'
-* [[5adaeadcee1c8e1b9e03cf22d91329a05393e316|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/5adaeadcee1c8e1b9e03cf22d91329a05393e316]] - Import OpenSSL-1.0.2h.
-* [[530c17a63c2de777e97cbf2e67edfe5bd61f31fe|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/530c17a63c2de777e97cbf2e67edfe5bd61f31fe]] - Update LibreSSL from version 2.4.3 => 2.4.4
-### Devices
-* [[0b985ce1074ab29e1e5a26e94e2823dee61a3e21|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/0b985ce1074ab29e1e5a26e94e2823dee61a3e21]] - sys/dev/disk/dm: Cleanup
-* [[68fad459c7fcdf999f82bf96953d5db99d44bb05|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/68fad459c7fcdf999f82bf96953d5db99d44bb05]] - if_iwm - Advertise full-offload scan support, fixes scan while associated.
-* [[0104ee1f4cb6a2313c00c2526c6ae98d42e5041d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/0104ee1f4cb6a2313c00c2526c6ae98d42e5041d]] - if_iwm - Move iwm_read_firmware() call into iwm_attach().
-* [[05475029b1a3dc51c45c96a7c031f7e961d2dec6|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/05475029b1a3dc51c45c96a7c031f7e961d2dec6]] - sdhci - Simplify SDHCI_PRESENT_STATE register loop in sdhci_start_command().
-* [[bb480ca679a7ea530bdca6e41082d5755e9751dc|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/bb480ca679a7ea530bdca6e41082d5755e9751dc]] - if_iwm - Remove 1s delay after fw loading. Can't reproduce issues on AC8260.
-* [[74d41163ddac72b0d7ea7b7873d53fe134723a12|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/74d41163ddac72b0d7ea7b7873d53fe134723a12]] - if_iwm - change the check for ADD_STA status, use IWM_ADD_STA_STATUS_MASK.
-* [[89f579e9823a5c446ca172cf82bbc210d6a054a4|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/89f579e9823a5c446ca172cf82bbc210d6a054a4]] - if_iwm - Enable Energy Based Scan (EBS).
-* [[d078c812418d0e2c3392e99fa25fc776d07bdfad|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/d078c812418d0e2c3392e99fa25fc776d07bdfad]] - if_iwm - Remove a couple of unneeded IWM_UCODE_TLV_FLAGS_* flags.
-* [[89bbdcc98e01702ae70176ff08df5fb95ee0801b|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/89bbdcc98e01702ae70176ff08df5fb95ee0801b]] - drm/linux: Clean-up pci_resource_start()
-* [[f62d325820ee7f7c2bcf721ada9cef8b70f74471|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f62d325820ee7f7c2bcf721ada9cef8b70f74471]] - Revert "if_iwm - SCAN_ABORT_UMAC response doesn't use a wide id"
-* [[e8560f8dc58df12a7c79a6bb4e6ccb156e001085|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e8560f8dc58df12a7c79a6bb4e6ccb156e001085]] - if_iwm - The iwm_prepare_card_hw() in iwm_attach() is only needed on 8K hw.
-* [[f0e799193f66de9af176978cfac9679eb99efd11|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f0e799193f66de9af176978cfac9679eb99efd11]] - ahci - Add workarounds for Marvell 88SE9215
-* [[0510b0eef0c0772b77331db9586fc4d39aab96d7|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/0510b0eef0c0772b77331db9586fc4d39aab96d7]] - syscons - Add need_unlock arg to sc_clean_up and sc_wait_scrn_saver_stop.
-* [[b8c69b44c3d7472d7f129a92321e58f0edde9723|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b8c69b44c3d7472d7f129a92321e58f0edde9723]] - kernel/ecc: Add MODULE_VERSION()s.
-* [[d7002a7990d077c92585978ea998474af50f91e0|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/d7002a7990d077c92585978ea998474af50f91e0]] - if_iwm - Add basic powermanagement support via ifconfig wlan0 powersave.
-* [[085e37a042bdb17081e495e46919359ce43aa118|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/085e37a042bdb17081e495e46919359ce43aa118]] - if_iwm - Sync rs (rate-selection) API definitions from Linux iwlwifi.
-* [[81b3c1fe9122fa22f33d97103039cc375f656231|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/81b3c1fe9122fa22f33d97103039cc375f656231]] - if_iwm - Adjust if_iwm_sta.h prototypes, don't pass iwm_node to rm_sta().
-* [[50787d03cd0a0366c9cc4a055bb6977e5f65c85d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/50787d03cd0a0366c9cc4a055bb6977e5f65c85d]] - if_iwm - Get rid of iwm_disable_rx_dma, just use iwm_pcie_rx_stop directly.
-* [[33ded22a8fbfedf3a5674d3df56eb86911767ecd|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/33ded22a8fbfedf3a5674d3df56eb86911767ecd]] - if_iwm - Remove more old unused scan API definitions.
-* [[5e4464425e963e25094fd31e2093de3955ad008f|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/5e4464425e963e25094fd31e2093de3955ad008f]] - if_iwm - Improve reliability of iwm_release on disassociation a bit.
-* [[b26dd4db18548ad662b7a7bc7b090b64f39c43ed|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b26dd4db18548ad662b7a7bc7b090b64f39c43ed]] - if_iwm - Use ic->ic_tq for iwm_endscan_cb instead of a private taskqueue.
-* [[a639f78832edd8a24cb683d66752f028545c0213|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a639f78832edd8a24cb683d66752f028545c0213]] - acpi - Incidental MPSAFE
-* [[66d55158f374df1465c1a63fe035d2d333ced83f|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/66d55158f374df1465c1a63fe035d2d333ced83f]] - kernel/efirt: Hook efirt.ko into the build.
-* [[c009badecf7b1389cd86adde9fd35f6113c75b5b|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c009badecf7b1389cd86adde9fd35f6113c75b5b]] - if_iwm - Get rid of another usage of the IWM_DEFAULT_MACID/_COLOR constant.
-* [[c662db9a18424b81164b14d2f9a06c43261ff5ce|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c662db9a18424b81164b14d2f9a06c43261ff5ce]] - sys/dev/disk/dm: Remove dm_table_init_target() call with NULL
-* [[8d327fcc6e31be8c51b8f2f883cfe4ed32015b02|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/8d327fcc6e31be8c51b8f2f883cfe4ed32015b02]] - drm/i915: Mark a DragonFly-specific change as such
-* [[8cd49a211d49ef7dd16c81fc2a6c26e005b9aab8|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/8cd49a211d49ef7dd16c81fc2a6c26e005b9aab8]] - drm/i915: build firmware handling code
-* [[8b61fe779792f35b9a2f8c2b9e45464d50374f11|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/8b61fe779792f35b9a2f8c2b9e45464d50374f11]] - drm/i915/trace: Add missing include files
-* [[cbb82693c18fd71b4eb86855b82d03995f352d65|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/cbb82693c18fd71b4eb86855b82d03995f352d65]] - if_iwm - Sync valid_tx_ant and valid_rx_ant mask handling with iwlwifi.
-* [[250a1c33fca1725121fe499f9cebc90267d209f9|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/250a1c33fca1725121fe499f9cebc90267d209f9]] - if_iwm - Sync iwm_nvm_read_chunk() function with Linux iwlwifi.
-* [[b97941862d5694ea8872275b9dd02d81c8fd931a|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b97941862d5694ea8872275b9dd02d81c8fd931a]] - if_iwm - Remove two duplicate const qualifiers.
-* [[31517ca9069dca83e19f06f6be74db195f22acb8|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/31517ca9069dca83e19f06f6be74db195f22acb8]] - hyperv: Implement cpucounters.
-* [[94b501399fde6368ae388a669c95b099a6e66e93|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/94b501399fde6368ae388a669c95b099a6e66e93]] - if_iwm - Handle AUTH->SCAN/INIT and ASSOC->SCAN/INIT better
-* [[53a009d6f66108b40d622ed90ea95eba5c0e5432|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/53a009d6f66108b40d622ed90ea95eba5c0e5432]] - if_iwm - Factor out and improve iwm_mvm_scan_rxon_flags() in if_iwm_scan.c.
-* [[1e0cf8ec6fcd77978f5336297ece61a415790f84|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/1e0cf8ec6fcd77978f5336297ece61a415790f84]] - if_iwm - Use notification wait API to wait for calibration to complete.
-* [[2427de166a76b82b8388c371c073111082acfa83|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/2427de166a76b82b8388c371c073111082acfa83]] - if_iwm - Add some pcie device stop code from iwlwifi. Adjust a delay.
-* [[710fdd011c30a1bd9f53b87c843fb8907c4a6cfd|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/710fdd011c30a1bd9f53b87c843fb8907c4a6cfd]] - if_iwm - Remove OpenBSD-specific comment. Beautify pci cfg space accesses.
-* [[92cc3b9fc5a9e6dc3278e9e4d485e83789d73055|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/92cc3b9fc5a9e6dc3278e9e4d485e83789d73055]] - if_iwm - Remove some unneeded #include-s from all .c files.
-* [[75895a53a9c1ba60d75be9b4bf6e49a37f91a7cf|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/75895a53a9c1ba60d75be9b4bf6e49a37f91a7cf]] - if_iwm - Sync statistics API definitions with Linux iwlwifi.
-* [[aba448de727e9b122adadeb36fd00a8ad6018d4f|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/aba448de727e9b122adadeb36fd00a8ad6018d4f]] - if_iwm - Refuse connection to APs with beacon interval < 16.
-* [[f88ab372284e63c4c13da93e9026a203b9b4cdc5|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f88ab372284e63c4c13da93e9026a203b9b4cdc5]] - if_iwm - Add iwm_nic_unlock() calls missing from previous commit.
-* [[b8674cff3d2808cded6daa41e6a9df70cf5732fd|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b8674cff3d2808cded6daa41e6a9df70cf5732fd]] - drm - Fix subtle plane masking bug.
-* [[b484d09d54301740f036ddf02008117f563960c2|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b484d09d54301740f036ddf02008117f563960c2]] - if_iwm - Add scan abort functions, to properly cancel a running scan.
-* [[f414b8da30816705e32573cc58097cacac34f161|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f414b8da30816705e32573cc58097cacac34f161]] - if_iwm - Get rid of unneeded IWM_FWDMASEGSZ and IWM_FWMAXSIZE constants
-* [[35f0e6c86c1654323d6b19f7a077f4ab8ac85868|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/35f0e6c86c1654323d6b19f7a077f4ab8ac85868]] - if_iwm - Simplify device id matching code a bit.
-* [[fccb38ab368b901be2a8d2d6357c78b73fd71dbe|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/fccb38ab368b901be2a8d2d6357c78b73fd71dbe]] - drm/linux: Add sign_extend64()
-* [[7f03b76b5fde4aeec9492caee92e0d89af7ddc71|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/7f03b76b5fde4aeec9492caee92e0d89af7ddc71]] - sdhci - Add a new interface method, get_card_present.
-* [[37d179535cd9fc03e4cd067bc5d3760f4aba9f7b|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/37d179535cd9fc03e4cd067bc5d3760f4aba9f7b]] - kernel/mmcsd: Add some dummy values for d_nheads and d_secpertrack.
-* [[5df2bc4977fd0112ec12c8b8632ac083f288136d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/5df2bc4977fd0112ec12c8b8632ac083f288136d]] - if_iwm - Use htole16 for policy field in struct iwm_time_event_cmd_v2.
-* [[62a4e7957a736b4de38938b02fa7eb9b45bc5d0d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/62a4e7957a736b4de38938b02fa7eb9b45bc5d0d]] - if_iwm - Switch arguments from iwm_node* to iwm_vap* in if_iwm_power.c.
-* [[fefad7a79f2a97ff0878b0dc59f938a04a1cece3|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/fefad7a79f2a97ff0878b0dc59f938a04a1cece3]] - drm/radeon: Replace some spinlocks by lockmgr locks
-* [[f95003b8f1f7382c8396a6d408e3072632afdd3d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f95003b8f1f7382c8396a6d408e3072632afdd3d]] - if_iwm - Remove support for fw older than -17 and -22
-* [[19b2b39ddcb96e9acb2bfa544c4b368edfe81166|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/19b2b39ddcb96e9acb2bfa544c4b368edfe81166]] - sys/dev/disk/dm: Remove obvious/redundant/disabled kprintfs
-* [[474310725fef606697c0703f34b81e586796d1b7|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/474310725fef606697c0703f34b81e586796d1b7]] - kernel - Add trackpoint and elantech mouse support (2)
-* [[52c3adbee676d8558065618e5ad694ea5c6697e0|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/52c3adbee676d8558065618e5ad694ea5c6697e0]] - if_iwm - Clean up if_iwm_power.c a bit. Fix iwm_power_scheme debug print.
-* [[efb7d4eb5c3140889a8880e12fd83c7bbfd0059d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/efb7d4eb5c3140889a8880e12fd83c7bbfd0059d]] - if_iwm - Very basic DTS thermal sensor support (prints temp as debug msg).
-* [[1f7ae36fb6df06a33ef5184f702b09aebeb4bb05|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/1f7ae36fb6df06a33ef5184f702b09aebeb4bb05]] - re: Fix typo for disabling txcsum.
-* [[a8e9a5d25e975f129d174f6d668c7d491cc0ba29|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a8e9a5d25e975f129d174f6d668c7d491cc0ba29]] - kernel/iwm: Fix building into the kernel without IWM_DEBUG.
-* [[612855b1a8c321ec9ba34f63edf913e7ecff8363|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/612855b1a8c321ec9ba34f63edf913e7ecff8363]] - if_iwm - Fix typo in commit a7697ea01c11fd493aec52260a02f31df680eb91.
-* [[5b210ee3c06ba1b9b22473e350ac501f0534390a|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/5b210ee3c06ba1b9b22473e350ac501f0534390a]] - Move efirt.ko's source to sys/dev/misc/efirt.
-* [[5a9835ae839593ab8105e055dadacd6d02a8e684|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/5a9835ae839593ab8105e055dadacd6d02a8e684]] - cpuctl(4): Require write rights for CPUCTL_MSRSBIT and CPUCTL_MSRCBIT.
-* [[cc6703ed6a5969e9fc3cdbb4e59f0e53281f0f46|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/cc6703ed6a5969e9fc3cdbb4e59f0e53281f0f46]] - vkernel: Prevent clang optimizing out the traps.
-* [[ff4d1fc3ed002c9fb362423da6c45d711b65658a|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/ff4d1fc3ed002c9fb362423da6c45d711b65658a]] - if_iwm - Get rid of some gratuitous constant renaming wrt. Linux iwlwifi.
-* [[0e589b85686434c5a4deb4cf3514d3e9f02df367|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/0e589b85686434c5a4deb4cf3514d3e9f02df367]] - ahci - Adjust a few things
-* [[288315ffc7fd83fad66ee740ee46e1db64cce67a|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/288315ffc7fd83fad66ee740ee46e1db64cce67a]] - if_iwm - Fix comments and struct definition for struct iwm_sf_cfg_cmd.
-* [[99e67e8c420dac19ea52495627da7c19ce22c219|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/99e67e8c420dac19ea52495627da7c19ce22c219]] - i386 removal, part 53/x: Remove the code of the fe(4) driver too.
-* [[1e59d1334bde37e93f702e78f96ed3bfcdd88119|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/1e59d1334bde37e93f702e78f96ed3bfcdd88119]] - drm/linux: Implement tasklets
-* [[39f8331b1a6f295291e08c377da12a8e7a5436c0|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/39f8331b1a6f295291e08c377da12a8e7a5436c0]] - if_iwm - Sync nvm parsing code with Linux iwlwifi.
-* [[c6b7218831be34afc3c711f3808a2c28e537112d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c6b7218831be34afc3c711f3808a2c28e537112d]] - hyperv: Implement Hyper-V reference TSC cputimer.
-* [[69b57ec30fee1ae9fdf70856e8b6b3f12351405e|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/69b57ec30fee1ae9fdf70856e8b6b3f12351405e]] - drm/linux: add sg_pcopy_{from/to}_buffer()
-* [[917ec290eeeeb73fe8bfa066cfc3303a55646424|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/917ec290eeeeb73fe8bfa066cfc3303a55646424]] - drm: Sync drm_crtc.c with Linux 4.6
-* [[5d6b465e288ac5b52d7115688d4e6516acbbea1c|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/5d6b465e288ac5b52d7115688d4e6516acbbea1c]] - if_iwm - Update firmware rs table, instead of indexing the table in tx cmds.
-* [[9e3c8f638d5b727702de7307fa42ceded5080c2d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/9e3c8f638d5b727702de7307fa42ceded5080c2d]] - sdhci - Add some missing register constants, and dump some more registers.
-* [[082d190b9e398c32f9d5a95dfc1cc073a9a2ddce|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/082d190b9e398c32f9d5a95dfc1cc073a9a2ddce]] - kernel - Fix minor bug in powermng
-* [[19bd59e4a136d9f93320462c0b42eae5b3e97dd3|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/19bd59e4a136d9f93320462c0b42eae5b3e97dd3]] - sys/dev/disk/dm: Make init/destroy handlers optional
-* [[ef688cebb9b29b67f7a011846589971987949e0d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/ef688cebb9b29b67f7a011846589971987949e0d]] - if_iwm - Recognize IWM_FW_PAGING_BLOCK_CMD wide cmd response correctly.
-* [[a8524cc6c440e5ce9490ba2b0507c99ff6777c6d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a8524cc6c440e5ce9490ba2b0507c99ff6777c6d]] - if_iwm - Store paging_mem_size field in firmware image information struct.
-* [[138b1116cf1965d64993c8378b927aeab22d58b7|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/138b1116cf1965d64993c8378b927aeab22d58b7]] - drm/radeon: restore the fbdev mode in lastclose
-* [[420099d00ea92d319ceca3ebf56ac57aa064dd20|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/420099d00ea92d319ceca3ebf56ac57aa064dd20]] - if_iwm - Fix iwm_poll_bit() error value check in iwm_attach().
-* [[de7995a5e0ebf2d0016a87a0142a98c75db58fb4|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/de7995a5e0ebf2d0016a87a0142a98c75db58fb4]] - if_iwm - Change 2nd arg of iwm_phy_db_set_section() to struct iwm_rx_packet.
-* [[c4743e25ff145f8ed82215cd823ac0e59c2d8e2a|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c4743e25ff145f8ed82215cd823ac0e59c2d8e2a]] - if_iwm - Remove unused fw_totlen field in struct iwm_fw_sects.
-* [[2c2175b343ca76ccf1f1c95b45752bdc7de7cd74|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/2c2175b343ca76ccf1f1c95b45752bdc7de7cd74]] - sdhci - Use pci_alloc_1intr in sdhci pci attachement.
-* [[6a6d661d9def0fdc54a3a908e6e4078861ee298f|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/6a6d661d9def0fdc54a3a908e6e4078861ee298f]] - drm/linux: Add acpi/video.h
-* [[3b7fc5aac51f81062da0a2c8fdac23e683fbd548|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/3b7fc5aac51f81062da0a2c8fdac23e683fbd548]] - if_iwm - Allow listening on both chains/atennas to get diversity.
-* [[9ed6fcdb4ff9d712f0d38b633836f42a4bd7491f|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/9ed6fcdb4ff9d712f0d38b633836f42a4bd7491f]] - acpi: Save I/O ports for I/O ports range, as long as its reasonable.
-* [[fd4f9de8bc72ea961e50829b45b59d0549040b7d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/fd4f9de8bc72ea961e50829b45b59d0549040b7d]] - if_iwm - Add firmware API definitions for TX power commands.
-* [[6a8958677c5400e80317abe422001f09fc279e96|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/6a8958677c5400e80317abe422001f09fc279e96]] - drm/linux: Add kstrtouint()
-* [[b8bd6cd746d1f45e616ccfcbeed06dfe452a1108|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b8bd6cd746d1f45e616ccfcbeed06dfe452a1108]] - if_iwm - Properly implement iwm_wme_update callback function.
-* [[76dba67c2ec64aa277a91b0ffaeb3db8ab94aa25|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/76dba67c2ec64aa277a91b0ffaeb3db8ab94aa25]] - kernel/adv: Fix extern type to match the real one.
-* [[0a797ca829eed434cff871686fb6b770c1341274|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/0a797ca829eed434cff871686fb6b770c1341274]] - kernel/if_wi: Unlock before returning.
-* [[b5eb43f0280bbcfd26af51cf5a4b8e8ff3590b67|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b5eb43f0280bbcfd26af51cf5a4b8e8ff3590b67]] - if_iwm - Process multiple frames per RX buffer.
-* [[67b5e090efb225654815fed91020db6cfc16bb19|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/67b5e090efb225654815fed91020db6cfc16bb19]] - if_iwm - Check sc->sc_attached flag in suspend/resume callbacks.
-* [[82437db026041954e8bb988c6d084355b5f7a518|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/82437db026041954e8bb988c6d084355b5f7a518]] - drm/linux: kernel_ulong_t is defined in linux/mod_devicetable.h
-* [[a9e978f7d231d39b50a79cb8926a3b56d996658c|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a9e978f7d231d39b50a79cb8926a3b56d996658c]] - drm/linux: add atomic64_cmpxchg()
-* [[ce43f57f5308b579ea21e8a5a29969114ba2247d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/ce43f57f5308b579ea21e8a5a29969114ba2247d]] - if_iwm - Implement apmg_wake_up_wa workaround properly for 7000 family.
-* [[757eecf0e6c92745aa2eee95811e573c8300850e|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/757eecf0e6c92745aa2eee95811e573c8300850e]] - if_iwm - Make ucode capabilities and api flags handling more like iwlwifi.
-* [[e79101d4474ff70e112c020c66a9cc27ff2647f5|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e79101d4474ff70e112c020c66a9cc27ff2647f5]] - drm/linux: add few ida_* functions.
-* [[ab1d3efc208e797c1e09759cd506c95c0aeaa06e|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/ab1d3efc208e797c1e09759cd506c95c0aeaa06e]] - if_iwm - Add the BSS's basic rates to iwm's LQ command, not all the rates.
-* [[5c64209cb69d2ebe065036809a4144dc6c8cd5f5|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/5c64209cb69d2ebe065036809a4144dc6c8cd5f5]] - drm/linux: Add get_nr_swap_pages()
-* [[cc624b1689c0caad8d17c4b4b4edeca001a07a88|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/cc624b1689c0caad8d17c4b4b4edeca001a07a88]] - syscons - Fix syscons with UEFI fb when drm fb is registered during boot.
-* [[98dffbe0d47d06146981b227e06bb90e81519860|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/98dffbe0d47d06146981b227e06bb90e81519860]] - hyperv: Reorder the Hyper-V TSC initialization a bit.
-* [[70f95ad1b60e4279bd1c6dd51b832eb3e2e36c15|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/70f95ad1b60e4279bd1c6dd51b832eb3e2e36c15]] - i386 removal, part 61/x: Adjust some further #ifdefs.
-* [[c7dca6a74989f006e0da100a448b499f594c92d5|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c7dca6a74989f006e0da100a448b499f594c92d5]] - drm: Partial revert of "drm: Sync drm_crtc.c with Linux 4.6"
-* [[1f249c981c4e89e7cde1836a75b61cac36dc7ac5|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/1f249c981c4e89e7cde1836a75b61cac36dc7ac5]] - if_iwm - Use iwm_mvm_scan_stop_wait to properly abort scans.
-* [[20825c8ad4cfc4f8dad78be8e4abc57d502d218c|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/20825c8ad4cfc4f8dad78be8e4abc57d502d218c]] - ath_hal: Add FCC6_FCCA regulatory domain (0x0014)
-* [[83a1185edeede081051a6c00417d4c5a8f5988eb|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/83a1185edeede081051a6c00417d4c5a8f5988eb]] - if_iwm - Move iwm_dma_contig_alloc/_free functions to if_iwm_util.c.
-* [[fa3094dbf7f6435624adcbda41fb0cd34de29570|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/fa3094dbf7f6435624adcbda41fb0cd34de29570]] - drm/linux: implement div64_u64_rem() helper in math64.h
-* [[28d082dd4654cb35f336ab89d3fe1f360c780a8d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/28d082dd4654cb35f336ab89d3fe1f360c780a8d]] - sys/dev/disk/dm: Make dmdebug() print __func__
-* [[f1c11ff5d497df59257e244c48f234711f98c0f1|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f1c11ff5d497df59257e244c48f234711f98c0f1]] - drm/i915: Fix typo in get_bdb_header(), fixes vbt validity check.
-* [[2d695c09ee6b3f48db20cbe87ad34183127e32a2|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/2d695c09ee6b3f48db20cbe87ad34183127e32a2]] - sdhci - Use the right capability field for printing the bus width.
-* [[e98ee77a816bfd8b4912047b93dfb2c560788f24|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e98ee77a816bfd8b4912047b93dfb2c560788f24]] - if_iwm - Synchronize firmware loading code with Linux iwlwifi.
-* [[a7697ea01c11fd493aec52260a02f31df680eb91|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a7697ea01c11fd493aec52260a02f31df680eb91]] - if_iwm - Sync IWM_MVM_ALIVE waiting and start_fw handling with iwlwifi.
-* [[848ab9a35b2f0b0a12f0b361199b6bb9c52ee2a6|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/848ab9a35b2f0b0a12f0b361199b6bb9c52ee2a6]] - if_iwm - Use chan list from ieee80211_scan_state for scan, not ic_channels.
-* [[e57b1815044eab7f8ebcf525ab5911143e1f80c1|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e57b1815044eab7f8ebcf525ab5911143e1f80c1]] - drm/linux: Add request_firmware_nowait()
-* [[0e645f475f5f417a016f2f68473b303a389c23ba|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/0e645f475f5f417a016f2f68473b303a389c23ba]] - vkernel - Fix races in if_vke.c
-* [[0cb0a810cb4e04b30937cb4260e779f717a86492|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/0cb0a810cb4e04b30937cb4260e779f717a86492]] - if_iwm - Switch 7265D and 3165 devices to 7265D firmware.
-* [[4b1006a6e4d0f61d48c67b46e1f791e30837db67|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/4b1006a6e4d0f61d48c67b46e1f791e30837db67]] - iwm - Reduce gratuitous differences with Linux iwlwifi in struct naming.
-* [[3e9aaef308100a4d630feffc131e3aca2ae12f8a|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/3e9aaef308100a4d630feffc131e3aca2ae12f8a]] - if_iwm - Remove dead code from iwm_pcie_load_cpu_sections().
-* [[02b1bea02c6a2bccaedf9480a4f6695d4c0beb49|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/02b1bea02c6a2bccaedf9480a4f6695d4c0beb49]] - cxm(4): Fix type mismatches on firmware variables.
-* [[d7ecd68be5ad5eebfdec4059c00330235786927f|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/d7ecd68be5ad5eebfdec4059c00330235786927f]] - if_iwm - Fix up RSSI calculations for scan results and normal RX operations.
-* [[d11dcf6adbe99ce3eb4e7de76aa6810b7c44cd2c|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/d11dcf6adbe99ce3eb4e7de76aa6810b7c44cd2c]] - drm/linux: Add vmap()
-* [[fb572d17facb99509210208b5c7e0aa2120d7079|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/fb572d17facb99509210208b5c7e0aa2120d7079]] - drm: Implement and use Linux struct device
-* [[347f670a67679f7b4b6e6b9112ba648f96a6cc38|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/347f670a67679f7b4b6e6b9112ba648f96a6cc38]] - drm/linux: Add ktime_get_boottime and ktime_ms_delta()
-* [[b5cdd8067951dc90271ab104ef555b3b5a4d5d5a|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b5cdd8067951dc90271ab104ef555b3b5a4d5d5a]] - if_iwm - Get rid of struct iwm_rx_data argument for iwm_mvm_rx_rx_mpdu.
-* [[6bf7fbb4144bdc701224764dcadc2336d4112687|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/6bf7fbb4144bdc701224764dcadc2336d4112687]] - syscons - Handle kms framebuffer activation better when not in text mode.
-* [[81d656081e06cb3a98b05fd2d1570902ee56731d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/81d656081e06cb3a98b05fd2d1570902ee56731d]] - drm/i915: Set GPU freq to idle_freq initially
-* [[9b497556328a94fbc235cb9cb6d14e792251f178|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/9b497556328a94fbc235cb9cb6d14e792251f178]] - drm/linux: Add kasprintf and kvasprintf()
-* [[3370bc5504ebb3c1b9bb960a185cd0c8052a2845|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/3370bc5504ebb3c1b9bb960a185cd0c8052a2845]] - if_iwm - Tiny cleanup in iwm_rx_addbuf().
-* [[dda889ac57d8e5b46bb1b1ecf53c17a18481c7c8|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/dda889ac57d8e5b46bb1b1ecf53c17a18481c7c8]] - if_iwm - Ignore IWM_DEBUG_LOG_MSG notifications.
-* [[61f2dcf2f8a2c33f69f7ef5abca8b106e4d1b912|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/61f2dcf2f8a2c33f69f7ef5abca8b106e4d1b912]] - syscons - Remove unneeded NULL check from register_framebuffer().
-* [[e54a5ebe1729636c555002fc46d6fd0939479f29|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e54a5ebe1729636c555002fc46d6fd0939479f29]] - if_iwm - Remove unused wantresp field in iwm_rx_data struct.
-* [[aa128dc02a17c2e616232ef0fa997121e969c995|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/aa128dc02a17c2e616232ef0fa997121e969c995]] - if_iwm - Already call iwm_mvm_power_update_mac() during SCAN<->AUTH paths.
-* [[6e31eb984a2f2d530700056c73b2eb175804398a|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/6e31eb984a2f2d530700056c73b2eb175804398a]] - drm/linux: Add kmap_to_page()

(Diff truncated)
diff --git a/doc/test_page_space_allowed.mdwn b/doc/test_page_space_allowed.mdwn
new file mode 100644
index 0000000..f93f6b8
--- /dev/null
+++ b/doc/test_page_space_allowed.mdwn
@@ -0,0 +1,1416 @@
+## Changelog: From origin/DragonFly_RELEASE_4_6 to origin/DragonFly_RELEASE_4_8
+### Contributed software
+* [[4baf3da673cf4ccc37972fd7a3a5374f2f949682|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/4baf3da673cf4ccc37972fd7a3a5374f2f949682]] - gcc47: Backport objc fix from gcc trunk.
+* [[a547914c1dda914338578798fd0ebd9851ec1b99|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a547914c1dda914338578798fd0ebd9851ec1b99]] - Merge branch 'vendor/LESS'
+* [[095985121e34fb8501c6d6afb0d38e6f6a30fc0d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/095985121e34fb8501c6d6afb0d38e6f6a30fc0d]] - libncurses: Avoid -Woverflow in baud rates.
+* [[ddaf9f4ac09fd506d0ed3a635e1048beafae310c|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/ddaf9f4ac09fd506d0ed3a635e1048beafae310c]] - wpa_supplicant: Avoid cpp warning during buildworld.
+* [[eee86d5a9b698bc2d10bfce462dd5172ed60b767|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/eee86d5a9b698bc2d10bfce462dd5172ed60b767]] - binutils 2.25 linkers: Set default interpreter to valid path
+* [[a9fa94596c0f48c0524edaac2c001d92fa9c01ac|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a9fa94596c0f48c0524edaac2c001d92fa9c01ac]] - Initial import of binutils 2.27 on vendor branch
+* [[09219ee0a86ac0ce0a1b6a5d91d6274c297da796|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/09219ee0a86ac0ce0a1b6a5d91d6274c297da796]] - Import missing source needed to enable plugin support in utilities.
+* [[11650561b4cc34c733d0ddd00ba57a35c8b09262|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/11650561b4cc34c733d0ddd00ba57a35c8b09262]] - binutils225: Make plugin dir overridable at compile time.
+* [[62af0394e6f0acbb07b0de957bee06e880eae55d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/62af0394e6f0acbb07b0de957bee06e880eae55d]] - gcc47: Do not include empty header.
+* [[e656dc90e3d65d744d534af2f5ea88cf8101ebcf|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e656dc90e3d65d744d534af2f5ea88cf8101ebcf]] - Merge remote-tracking branch 'origin/vendor/BINUTILS227'
+* [[03f6201053717a978ccacc70a0b56f44d69f6aca|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/03f6201053717a978ccacc70a0b56f44d69f6aca]] - less(1): Fix type mismatches in different objects.
+* [[b4603dcfad6ee746d007a4b2f2fb735605186044|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b4603dcfad6ee746d007a4b2f2fb735605186044]] - TRE: Fix const discard issue for all compilers.
+* [[c211e07949d10318e6a8d31301b3cedb6b4e5a6d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c211e07949d10318e6a8d31301b3cedb6b4e5a6d]] - bmake: upgrade version 20141111 => 20160818
+* [[0c8a28221521252cd35eb2174b0d147c136bb2db|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/0c8a28221521252cd35eb2174b0d147c136bb2db]] - gcc47: Fix misplaced NULL usage in strings.
+* [[4eab696808e511e585602aa64af9891aa0e4c441|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/4eab696808e511e585602aa64af9891aa0e4c441]] - kernel - set default locale name for smbfs
+* [[d5d214b79f952beef771f898a2b47ab5cfcddedc|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/d5d214b79f952beef771f898a2b47ab5cfcddedc]] - Update gcc-50 to SVN version 239798 (gcc-5-branch)
+* [[5f76495ba37ea12fb60cf57228cc78b83d889fb6|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/5f76495ba37ea12fb60cf57228cc78b83d889fb6]] - gcc50: Add alternative variant of pthread presence checking.
+* [[727fc32d389c7e604175d531ef6dccd525ac01d2|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/727fc32d389c7e604175d531ef6dccd525ac01d2]] - Merge branch 'vendor/BINUTILS225'
+* [[c1d69b4e943be0ac0b9e60cf997891209e8f7198|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c1d69b4e943be0ac0b9e60cf997891209e8f7198]] - tcsh - Work around gcc-5 bug
+* [[6496ec5cf27c0e8a2cf51a861379f97b39eed5c2|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/6496ec5cf27c0e8a2cf51a861379f97b39eed5c2]] - gcc47: Suppress last codegen warning.
+* [[9b76006665e56dffc7210c587bdfa8fad8661f7a|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/9b76006665e56dffc7210c587bdfa8fad8661f7a]] - Update less from version 471 to 481
+* [[f445c8974931e0ddbeb96b2514f9cb61aee7e659|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f445c8974931e0ddbeb96b2514f9cb61aee7e659]] - Update to bmake-20160818 on the vendor branch
+* [[9a8f24bf27e38c37cda8a86cdeb34e2ae52aee6b|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/9a8f24bf27e38c37cda8a86cdeb34e2ae52aee6b]] - Merge branch 'vendor/BMAKE'
+* [[c80085678ed8b87f203af020e14e8079a552fdd0|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c80085678ed8b87f203af020e14e8079a552fdd0]] - Retire the binutils-2.24.
+* [[14cfea9901210cefd3a1d65dc15887461b194bde|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/14cfea9901210cefd3a1d65dc15887461b194bde]] - binutil227: Add DF README's and local modifications.
+* [[6b9ba3e86a05417c2af9786967ec92fc136cffde|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/6b9ba3e86a05417c2af9786967ec92fc136cffde]] - bootstrap: Expand BOOTSTRAPPING case to avoid warning.
+* [[385754ab92bea0f51c59b841b298f2ec157e5f2d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/385754ab92bea0f51c59b841b298f2ec157e5f2d]] - Merge branch 'vendor/GCC50'
+* [[e02a905d0800ea51e6685792106ea01bcc1c39ca|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e02a905d0800ea51e6685792106ea01bcc1c39ca]] - libncurses: Avoid warning when calling cgetent().
+* [[6ebf792c9ab0aa43dd13069aefd6d1d548176ef8|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/6ebf792c9ab0aa43dd13069aefd6d1d548176ef8]] - contrib/bmake: remove 2 local modifications to prepare for merge
+### Cryptography
+* [[5b245968732053a4221c42925bf7355d7eb4ad07|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/5b245968732053a4221c42925bf7355d7eb4ad07]] - build - Remove openssl from base (is now permanently replaced by ressl)
+* [[66ceb5e9b7ccc1005b0b710f32228c0b69070e98|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/66ceb5e9b7ccc1005b0b710f32228c0b69070e98]] - libressl: Few local modifications for netcat.
+* [[4188afc709be91c60882529929ad3e74932fc51c|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/4188afc709be91c60882529929ad3e74932fc51c]] - Merge branch 'vendor/LIBRESSL'
+* [[a310eb9be04d900b0e9514e84c07b9654e28ecba|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a310eb9be04d900b0e9514e84c07b9654e28ecba]] - libcrypto(3): Remove some cruft from when we supported 32-bit.
+* [[94089e80a5f705dc760628462df38162611001cd|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/94089e80a5f705dc760628462df38162611001cd]] - Merge branch 'vendor/OPENSSL'
+* [[f20408c21735b356c91cd43ddc1a5693e49b528e|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f20408c21735b356c91cd43ddc1a5693e49b528e]] - Update libressl README.DRAGONFLY for v2.4.4
+* [[497a44b089c28b45651c36fb1b2d782f406d8641|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/497a44b089c28b45651c36fb1b2d782f406d8641]] - Add a openbsd-compat file for latest import.
+* [[e00185f13e893a2f4d0288c673301fd4c78f3562|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e00185f13e893a2f4d0288c673301fd4c78f3562]] - Patch ssh vendor code for xauth's default location.
+* [[7475be118e1bc43d61bfa1192b8ac160ab3cf515|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/7475be118e1bc43d61bfa1192b8ac160ab3cf515]] - sshd - Fix default password authentication (2)
+* [[e9778795382169f8c6fde18d0565a1acef2cac8b|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e9778795382169f8c6fde18d0565a1acef2cac8b]] - Import OpenSSH-7.3p1.
+* [[0acf6c5cec1bb550d161ebd159e4ecad45908ec5|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/0acf6c5cec1bb550d161ebd159e4ecad45908ec5]] - Update LibreSSL from version 2.4.2 => 2.4.3
+* [[609bcd714d1333d31030e5309fcbcf2b8561e582|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/609bcd714d1333d31030e5309fcbcf2b8561e582]] - Merge branch 'vendor/OPENSSH'
+* [[f0ea6a7a164d1e1add5907937994265e906d96a3|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f0ea6a7a164d1e1add5907937994265e906d96a3]] - Remove most local modifications from OpenSSH.
+* [[c064523cdd96e53e622a5cc435f4388312a33a8c|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c064523cdd96e53e622a5cc435f4388312a33a8c]] - Allow make.conf to override ssh's xauth location.
+* [[f73288b8388362ab1d59c2d7072014f0d5020b18|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f73288b8388362ab1d59c2d7072014f0d5020b18]] - LibreSSL: complete update v2.4.2 => v2.4.3
+* [[a25ca6f6327a8c5c07550bd5ee5382898072f668|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a25ca6f6327a8c5c07550bd5ee5382898072f668]] - Merge branch 'vendor/LIBRESSL'
+* [[d9ccbcc96227edaf46bd27707f01d9d8b4ad5a72|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/d9ccbcc96227edaf46bd27707f01d9d8b4ad5a72]] - build - use libressl md5.h for kernel
+* [[f5b1c8a1e6dbe9333aed363dba27c2ff58be6174|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f5b1c8a1e6dbe9333aed363dba27c2ff58be6174]] - Import LibreSSL v2.4.2 to vendor branch
+* [[57de8ae1b524af49006ac8faaf4a64241aa4ba07|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/57de8ae1b524af49006ac8faaf4a64241aa4ba07]] - OpenSSH: Suppress warning on login_getcapstr().
+* [[4bde49b71e31daca1872f938e6f2c2e132cbc396|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/4bde49b71e31daca1872f938e6f2c2e132cbc396]] - sshd(8): Disable tunneled cleartext passwords.
+* [[4821a1d69d42a70e6f9f65f01812422a9f804656|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/4821a1d69d42a70e6f9f65f01812422a9f804656]] - Merge branch 'vendor/OPENSSH'
+* [[bd84e83893b298face58762e1fec24667126c8c7|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/bd84e83893b298face58762e1fec24667126c8c7]] - security/libressl: Fix ECDSA P-256 timing attack vulnerability
+* [[1852dacb2add612faac4649f46850e8492c56065|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/1852dacb2add612faac4649f46850e8492c56065]] - OpenSSH: Suppress last warning in session.c
+* [[4a22becbe09b9773cc33003d46120d8825a44415|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/4a22becbe09b9773cc33003d46120d8825a44415]] - Unbreak build.
+* [[88828e76e7d1ff613cbdfc32aeb5e35cc6ffde30|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/88828e76e7d1ff613cbdfc32aeb5e35cc6ffde30]] - sshd - Fix default password authentication
+* [[72be967a925bccd9cb7672c8adf4f3cbaeea8327|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/72be967a925bccd9cb7672c8adf4f3cbaeea8327]] - OpenSSH: Add missing prototypes and bump WARNS to 3.
+* [[1920ada36573f8e9c4ceb7694990274075650bdf|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/1920ada36573f8e9c4ceb7694990274075650bdf]] - Merge branch 'vendor/LIBRESSL'
+* [[5adaeadcee1c8e1b9e03cf22d91329a05393e316|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/5adaeadcee1c8e1b9e03cf22d91329a05393e316]] - Import OpenSSL-1.0.2h.
+* [[530c17a63c2de777e97cbf2e67edfe5bd61f31fe|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/530c17a63c2de777e97cbf2e67edfe5bd61f31fe]] - Update LibreSSL from version 2.4.3 => 2.4.4
+### Devices
+* [[0b985ce1074ab29e1e5a26e94e2823dee61a3e21|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/0b985ce1074ab29e1e5a26e94e2823dee61a3e21]] - sys/dev/disk/dm: Cleanup
+* [[68fad459c7fcdf999f82bf96953d5db99d44bb05|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/68fad459c7fcdf999f82bf96953d5db99d44bb05]] - if_iwm - Advertise full-offload scan support, fixes scan while associated.
+* [[0104ee1f4cb6a2313c00c2526c6ae98d42e5041d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/0104ee1f4cb6a2313c00c2526c6ae98d42e5041d]] - if_iwm - Move iwm_read_firmware() call into iwm_attach().
+* [[05475029b1a3dc51c45c96a7c031f7e961d2dec6|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/05475029b1a3dc51c45c96a7c031f7e961d2dec6]] - sdhci - Simplify SDHCI_PRESENT_STATE register loop in sdhci_start_command().
+* [[bb480ca679a7ea530bdca6e41082d5755e9751dc|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/bb480ca679a7ea530bdca6e41082d5755e9751dc]] - if_iwm - Remove 1s delay after fw loading. Can't reproduce issues on AC8260.
+* [[74d41163ddac72b0d7ea7b7873d53fe134723a12|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/74d41163ddac72b0d7ea7b7873d53fe134723a12]] - if_iwm - change the check for ADD_STA status, use IWM_ADD_STA_STATUS_MASK.
+* [[89f579e9823a5c446ca172cf82bbc210d6a054a4|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/89f579e9823a5c446ca172cf82bbc210d6a054a4]] - if_iwm - Enable Energy Based Scan (EBS).
+* [[d078c812418d0e2c3392e99fa25fc776d07bdfad|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/d078c812418d0e2c3392e99fa25fc776d07bdfad]] - if_iwm - Remove a couple of unneeded IWM_UCODE_TLV_FLAGS_* flags.
+* [[89bbdcc98e01702ae70176ff08df5fb95ee0801b|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/89bbdcc98e01702ae70176ff08df5fb95ee0801b]] - drm/linux: Clean-up pci_resource_start()
+* [[f62d325820ee7f7c2bcf721ada9cef8b70f74471|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f62d325820ee7f7c2bcf721ada9cef8b70f74471]] - Revert "if_iwm - SCAN_ABORT_UMAC response doesn't use a wide id"
+* [[e8560f8dc58df12a7c79a6bb4e6ccb156e001085|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e8560f8dc58df12a7c79a6bb4e6ccb156e001085]] - if_iwm - The iwm_prepare_card_hw() in iwm_attach() is only needed on 8K hw.
+* [[f0e799193f66de9af176978cfac9679eb99efd11|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f0e799193f66de9af176978cfac9679eb99efd11]] - ahci - Add workarounds for Marvell 88SE9215
+* [[0510b0eef0c0772b77331db9586fc4d39aab96d7|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/0510b0eef0c0772b77331db9586fc4d39aab96d7]] - syscons - Add need_unlock arg to sc_clean_up and sc_wait_scrn_saver_stop.
+* [[b8c69b44c3d7472d7f129a92321e58f0edde9723|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b8c69b44c3d7472d7f129a92321e58f0edde9723]] - kernel/ecc: Add MODULE_VERSION()s.
+* [[d7002a7990d077c92585978ea998474af50f91e0|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/d7002a7990d077c92585978ea998474af50f91e0]] - if_iwm - Add basic powermanagement support via ifconfig wlan0 powersave.
+* [[085e37a042bdb17081e495e46919359ce43aa118|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/085e37a042bdb17081e495e46919359ce43aa118]] - if_iwm - Sync rs (rate-selection) API definitions from Linux iwlwifi.
+* [[81b3c1fe9122fa22f33d97103039cc375f656231|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/81b3c1fe9122fa22f33d97103039cc375f656231]] - if_iwm - Adjust if_iwm_sta.h prototypes, don't pass iwm_node to rm_sta().
+* [[50787d03cd0a0366c9cc4a055bb6977e5f65c85d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/50787d03cd0a0366c9cc4a055bb6977e5f65c85d]] - if_iwm - Get rid of iwm_disable_rx_dma, just use iwm_pcie_rx_stop directly.
+* [[33ded22a8fbfedf3a5674d3df56eb86911767ecd|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/33ded22a8fbfedf3a5674d3df56eb86911767ecd]] - if_iwm - Remove more old unused scan API definitions.
+* [[5e4464425e963e25094fd31e2093de3955ad008f|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/5e4464425e963e25094fd31e2093de3955ad008f]] - if_iwm - Improve reliability of iwm_release on disassociation a bit.
+* [[b26dd4db18548ad662b7a7bc7b090b64f39c43ed|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b26dd4db18548ad662b7a7bc7b090b64f39c43ed]] - if_iwm - Use ic->ic_tq for iwm_endscan_cb instead of a private taskqueue.
+* [[a639f78832edd8a24cb683d66752f028545c0213|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a639f78832edd8a24cb683d66752f028545c0213]] - acpi - Incidental MPSAFE
+* [[66d55158f374df1465c1a63fe035d2d333ced83f|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/66d55158f374df1465c1a63fe035d2d333ced83f]] - kernel/efirt: Hook efirt.ko into the build.
+* [[c009badecf7b1389cd86adde9fd35f6113c75b5b|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c009badecf7b1389cd86adde9fd35f6113c75b5b]] - if_iwm - Get rid of another usage of the IWM_DEFAULT_MACID/_COLOR constant.
+* [[c662db9a18424b81164b14d2f9a06c43261ff5ce|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c662db9a18424b81164b14d2f9a06c43261ff5ce]] - sys/dev/disk/dm: Remove dm_table_init_target() call with NULL
+* [[8d327fcc6e31be8c51b8f2f883cfe4ed32015b02|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/8d327fcc6e31be8c51b8f2f883cfe4ed32015b02]] - drm/i915: Mark a DragonFly-specific change as such
+* [[8cd49a211d49ef7dd16c81fc2a6c26e005b9aab8|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/8cd49a211d49ef7dd16c81fc2a6c26e005b9aab8]] - drm/i915: build firmware handling code
+* [[8b61fe779792f35b9a2f8c2b9e45464d50374f11|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/8b61fe779792f35b9a2f8c2b9e45464d50374f11]] - drm/i915/trace: Add missing include files
+* [[cbb82693c18fd71b4eb86855b82d03995f352d65|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/cbb82693c18fd71b4eb86855b82d03995f352d65]] - if_iwm - Sync valid_tx_ant and valid_rx_ant mask handling with iwlwifi.
+* [[250a1c33fca1725121fe499f9cebc90267d209f9|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/250a1c33fca1725121fe499f9cebc90267d209f9]] - if_iwm - Sync iwm_nvm_read_chunk() function with Linux iwlwifi.
+* [[b97941862d5694ea8872275b9dd02d81c8fd931a|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b97941862d5694ea8872275b9dd02d81c8fd931a]] - if_iwm - Remove two duplicate const qualifiers.
+* [[31517ca9069dca83e19f06f6be74db195f22acb8|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/31517ca9069dca83e19f06f6be74db195f22acb8]] - hyperv: Implement cpucounters.
+* [[94b501399fde6368ae388a669c95b099a6e66e93|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/94b501399fde6368ae388a669c95b099a6e66e93]] - if_iwm - Handle AUTH->SCAN/INIT and ASSOC->SCAN/INIT better
+* [[53a009d6f66108b40d622ed90ea95eba5c0e5432|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/53a009d6f66108b40d622ed90ea95eba5c0e5432]] - if_iwm - Factor out and improve iwm_mvm_scan_rxon_flags() in if_iwm_scan.c.
+* [[1e0cf8ec6fcd77978f5336297ece61a415790f84|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/1e0cf8ec6fcd77978f5336297ece61a415790f84]] - if_iwm - Use notification wait API to wait for calibration to complete.
+* [[2427de166a76b82b8388c371c073111082acfa83|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/2427de166a76b82b8388c371c073111082acfa83]] - if_iwm - Add some pcie device stop code from iwlwifi. Adjust a delay.
+* [[710fdd011c30a1bd9f53b87c843fb8907c4a6cfd|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/710fdd011c30a1bd9f53b87c843fb8907c4a6cfd]] - if_iwm - Remove OpenBSD-specific comment. Beautify pci cfg space accesses.
+* [[92cc3b9fc5a9e6dc3278e9e4d485e83789d73055|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/92cc3b9fc5a9e6dc3278e9e4d485e83789d73055]] - if_iwm - Remove some unneeded #include-s from all .c files.
+* [[75895a53a9c1ba60d75be9b4bf6e49a37f91a7cf|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/75895a53a9c1ba60d75be9b4bf6e49a37f91a7cf]] - if_iwm - Sync statistics API definitions with Linux iwlwifi.
+* [[aba448de727e9b122adadeb36fd00a8ad6018d4f|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/aba448de727e9b122adadeb36fd00a8ad6018d4f]] - if_iwm - Refuse connection to APs with beacon interval < 16.
+* [[f88ab372284e63c4c13da93e9026a203b9b4cdc5|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f88ab372284e63c4c13da93e9026a203b9b4cdc5]] - if_iwm - Add iwm_nic_unlock() calls missing from previous commit.
+* [[b8674cff3d2808cded6daa41e6a9df70cf5732fd|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b8674cff3d2808cded6daa41e6a9df70cf5732fd]] - drm - Fix subtle plane masking bug.
+* [[b484d09d54301740f036ddf02008117f563960c2|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b484d09d54301740f036ddf02008117f563960c2]] - if_iwm - Add scan abort functions, to properly cancel a running scan.
+* [[f414b8da30816705e32573cc58097cacac34f161|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f414b8da30816705e32573cc58097cacac34f161]] - if_iwm - Get rid of unneeded IWM_FWDMASEGSZ and IWM_FWMAXSIZE constants
+* [[35f0e6c86c1654323d6b19f7a077f4ab8ac85868|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/35f0e6c86c1654323d6b19f7a077f4ab8ac85868]] - if_iwm - Simplify device id matching code a bit.
+* [[fccb38ab368b901be2a8d2d6357c78b73fd71dbe|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/fccb38ab368b901be2a8d2d6357c78b73fd71dbe]] - drm/linux: Add sign_extend64()
+* [[7f03b76b5fde4aeec9492caee92e0d89af7ddc71|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/7f03b76b5fde4aeec9492caee92e0d89af7ddc71]] - sdhci - Add a new interface method, get_card_present.
+* [[37d179535cd9fc03e4cd067bc5d3760f4aba9f7b|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/37d179535cd9fc03e4cd067bc5d3760f4aba9f7b]] - kernel/mmcsd: Add some dummy values for d_nheads and d_secpertrack.
+* [[5df2bc4977fd0112ec12c8b8632ac083f288136d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/5df2bc4977fd0112ec12c8b8632ac083f288136d]] - if_iwm - Use htole16 for policy field in struct iwm_time_event_cmd_v2.
+* [[62a4e7957a736b4de38938b02fa7eb9b45bc5d0d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/62a4e7957a736b4de38938b02fa7eb9b45bc5d0d]] - if_iwm - Switch arguments from iwm_node* to iwm_vap* in if_iwm_power.c.
+* [[fefad7a79f2a97ff0878b0dc59f938a04a1cece3|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/fefad7a79f2a97ff0878b0dc59f938a04a1cece3]] - drm/radeon: Replace some spinlocks by lockmgr locks
+* [[f95003b8f1f7382c8396a6d408e3072632afdd3d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f95003b8f1f7382c8396a6d408e3072632afdd3d]] - if_iwm - Remove support for fw older than -17 and -22
+* [[19b2b39ddcb96e9acb2bfa544c4b368edfe81166|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/19b2b39ddcb96e9acb2bfa544c4b368edfe81166]] - sys/dev/disk/dm: Remove obvious/redundant/disabled kprintfs
+* [[474310725fef606697c0703f34b81e586796d1b7|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/474310725fef606697c0703f34b81e586796d1b7]] - kernel - Add trackpoint and elantech mouse support (2)
+* [[52c3adbee676d8558065618e5ad694ea5c6697e0|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/52c3adbee676d8558065618e5ad694ea5c6697e0]] - if_iwm - Clean up if_iwm_power.c a bit. Fix iwm_power_scheme debug print.
+* [[efb7d4eb5c3140889a8880e12fd83c7bbfd0059d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/efb7d4eb5c3140889a8880e12fd83c7bbfd0059d]] - if_iwm - Very basic DTS thermal sensor support (prints temp as debug msg).
+* [[1f7ae36fb6df06a33ef5184f702b09aebeb4bb05|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/1f7ae36fb6df06a33ef5184f702b09aebeb4bb05]] - re: Fix typo for disabling txcsum.
+* [[a8e9a5d25e975f129d174f6d668c7d491cc0ba29|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a8e9a5d25e975f129d174f6d668c7d491cc0ba29]] - kernel/iwm: Fix building into the kernel without IWM_DEBUG.
+* [[612855b1a8c321ec9ba34f63edf913e7ecff8363|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/612855b1a8c321ec9ba34f63edf913e7ecff8363]] - if_iwm - Fix typo in commit a7697ea01c11fd493aec52260a02f31df680eb91.
+* [[5b210ee3c06ba1b9b22473e350ac501f0534390a|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/5b210ee3c06ba1b9b22473e350ac501f0534390a]] - Move efirt.ko's source to sys/dev/misc/efirt.
+* [[5a9835ae839593ab8105e055dadacd6d02a8e684|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/5a9835ae839593ab8105e055dadacd6d02a8e684]] - cpuctl(4): Require write rights for CPUCTL_MSRSBIT and CPUCTL_MSRCBIT.
+* [[cc6703ed6a5969e9fc3cdbb4e59f0e53281f0f46|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/cc6703ed6a5969e9fc3cdbb4e59f0e53281f0f46]] - vkernel: Prevent clang optimizing out the traps.
+* [[ff4d1fc3ed002c9fb362423da6c45d711b65658a|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/ff4d1fc3ed002c9fb362423da6c45d711b65658a]] - if_iwm - Get rid of some gratuitous constant renaming wrt. Linux iwlwifi.
+* [[0e589b85686434c5a4deb4cf3514d3e9f02df367|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/0e589b85686434c5a4deb4cf3514d3e9f02df367]] - ahci - Adjust a few things
+* [[288315ffc7fd83fad66ee740ee46e1db64cce67a|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/288315ffc7fd83fad66ee740ee46e1db64cce67a]] - if_iwm - Fix comments and struct definition for struct iwm_sf_cfg_cmd.
+* [[99e67e8c420dac19ea52495627da7c19ce22c219|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/99e67e8c420dac19ea52495627da7c19ce22c219]] - i386 removal, part 53/x: Remove the code of the fe(4) driver too.
+* [[1e59d1334bde37e93f702e78f96ed3bfcdd88119|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/1e59d1334bde37e93f702e78f96ed3bfcdd88119]] - drm/linux: Implement tasklets
+* [[39f8331b1a6f295291e08c377da12a8e7a5436c0|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/39f8331b1a6f295291e08c377da12a8e7a5436c0]] - if_iwm - Sync nvm parsing code with Linux iwlwifi.
+* [[c6b7218831be34afc3c711f3808a2c28e537112d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c6b7218831be34afc3c711f3808a2c28e537112d]] - hyperv: Implement Hyper-V reference TSC cputimer.
+* [[69b57ec30fee1ae9fdf70856e8b6b3f12351405e|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/69b57ec30fee1ae9fdf70856e8b6b3f12351405e]] - drm/linux: add sg_pcopy_{from/to}_buffer()
+* [[917ec290eeeeb73fe8bfa066cfc3303a55646424|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/917ec290eeeeb73fe8bfa066cfc3303a55646424]] - drm: Sync drm_crtc.c with Linux 4.6
+* [[5d6b465e288ac5b52d7115688d4e6516acbbea1c|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/5d6b465e288ac5b52d7115688d4e6516acbbea1c]] - if_iwm - Update firmware rs table, instead of indexing the table in tx cmds.
+* [[9e3c8f638d5b727702de7307fa42ceded5080c2d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/9e3c8f638d5b727702de7307fa42ceded5080c2d]] - sdhci - Add some missing register constants, and dump some more registers.
+* [[082d190b9e398c32f9d5a95dfc1cc073a9a2ddce|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/082d190b9e398c32f9d5a95dfc1cc073a9a2ddce]] - kernel - Fix minor bug in powermng
+* [[19bd59e4a136d9f93320462c0b42eae5b3e97dd3|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/19bd59e4a136d9f93320462c0b42eae5b3e97dd3]] - sys/dev/disk/dm: Make init/destroy handlers optional
+* [[ef688cebb9b29b67f7a011846589971987949e0d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/ef688cebb9b29b67f7a011846589971987949e0d]] - if_iwm - Recognize IWM_FW_PAGING_BLOCK_CMD wide cmd response correctly.
+* [[a8524cc6c440e5ce9490ba2b0507c99ff6777c6d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a8524cc6c440e5ce9490ba2b0507c99ff6777c6d]] - if_iwm - Store paging_mem_size field in firmware image information struct.
+* [[138b1116cf1965d64993c8378b927aeab22d58b7|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/138b1116cf1965d64993c8378b927aeab22d58b7]] - drm/radeon: restore the fbdev mode in lastclose
+* [[420099d00ea92d319ceca3ebf56ac57aa064dd20|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/420099d00ea92d319ceca3ebf56ac57aa064dd20]] - if_iwm - Fix iwm_poll_bit() error value check in iwm_attach().
+* [[de7995a5e0ebf2d0016a87a0142a98c75db58fb4|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/de7995a5e0ebf2d0016a87a0142a98c75db58fb4]] - if_iwm - Change 2nd arg of iwm_phy_db_set_section() to struct iwm_rx_packet.
+* [[c4743e25ff145f8ed82215cd823ac0e59c2d8e2a|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c4743e25ff145f8ed82215cd823ac0e59c2d8e2a]] - if_iwm - Remove unused fw_totlen field in struct iwm_fw_sects.
+* [[2c2175b343ca76ccf1f1c95b45752bdc7de7cd74|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/2c2175b343ca76ccf1f1c95b45752bdc7de7cd74]] - sdhci - Use pci_alloc_1intr in sdhci pci attachement.
+* [[6a6d661d9def0fdc54a3a908e6e4078861ee298f|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/6a6d661d9def0fdc54a3a908e6e4078861ee298f]] - drm/linux: Add acpi/video.h
+* [[3b7fc5aac51f81062da0a2c8fdac23e683fbd548|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/3b7fc5aac51f81062da0a2c8fdac23e683fbd548]] - if_iwm - Allow listening on both chains/atennas to get diversity.
+* [[9ed6fcdb4ff9d712f0d38b633836f42a4bd7491f|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/9ed6fcdb4ff9d712f0d38b633836f42a4bd7491f]] - acpi: Save I/O ports for I/O ports range, as long as its reasonable.
+* [[fd4f9de8bc72ea961e50829b45b59d0549040b7d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/fd4f9de8bc72ea961e50829b45b59d0549040b7d]] - if_iwm - Add firmware API definitions for TX power commands.
+* [[6a8958677c5400e80317abe422001f09fc279e96|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/6a8958677c5400e80317abe422001f09fc279e96]] - drm/linux: Add kstrtouint()
+* [[b8bd6cd746d1f45e616ccfcbeed06dfe452a1108|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b8bd6cd746d1f45e616ccfcbeed06dfe452a1108]] - if_iwm - Properly implement iwm_wme_update callback function.
+* [[76dba67c2ec64aa277a91b0ffaeb3db8ab94aa25|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/76dba67c2ec64aa277a91b0ffaeb3db8ab94aa25]] - kernel/adv: Fix extern type to match the real one.
+* [[0a797ca829eed434cff871686fb6b770c1341274|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/0a797ca829eed434cff871686fb6b770c1341274]] - kernel/if_wi: Unlock before returning.
+* [[b5eb43f0280bbcfd26af51cf5a4b8e8ff3590b67|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b5eb43f0280bbcfd26af51cf5a4b8e8ff3590b67]] - if_iwm - Process multiple frames per RX buffer.
+* [[67b5e090efb225654815fed91020db6cfc16bb19|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/67b5e090efb225654815fed91020db6cfc16bb19]] - if_iwm - Check sc->sc_attached flag in suspend/resume callbacks.
+* [[82437db026041954e8bb988c6d084355b5f7a518|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/82437db026041954e8bb988c6d084355b5f7a518]] - drm/linux: kernel_ulong_t is defined in linux/mod_devicetable.h
+* [[a9e978f7d231d39b50a79cb8926a3b56d996658c|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a9e978f7d231d39b50a79cb8926a3b56d996658c]] - drm/linux: add atomic64_cmpxchg()
+* [[ce43f57f5308b579ea21e8a5a29969114ba2247d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/ce43f57f5308b579ea21e8a5a29969114ba2247d]] - if_iwm - Implement apmg_wake_up_wa workaround properly for 7000 family.
+* [[757eecf0e6c92745aa2eee95811e573c8300850e|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/757eecf0e6c92745aa2eee95811e573c8300850e]] - if_iwm - Make ucode capabilities and api flags handling more like iwlwifi.
+* [[e79101d4474ff70e112c020c66a9cc27ff2647f5|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e79101d4474ff70e112c020c66a9cc27ff2647f5]] - drm/linux: add few ida_* functions.
+* [[ab1d3efc208e797c1e09759cd506c95c0aeaa06e|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/ab1d3efc208e797c1e09759cd506c95c0aeaa06e]] - if_iwm - Add the BSS's basic rates to iwm's LQ command, not all the rates.
+* [[5c64209cb69d2ebe065036809a4144dc6c8cd5f5|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/5c64209cb69d2ebe065036809a4144dc6c8cd5f5]] - drm/linux: Add get_nr_swap_pages()
+* [[cc624b1689c0caad8d17c4b4b4edeca001a07a88|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/cc624b1689c0caad8d17c4b4b4edeca001a07a88]] - syscons - Fix syscons with UEFI fb when drm fb is registered during boot.
+* [[98dffbe0d47d06146981b227e06bb90e81519860|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/98dffbe0d47d06146981b227e06bb90e81519860]] - hyperv: Reorder the Hyper-V TSC initialization a bit.
+* [[70f95ad1b60e4279bd1c6dd51b832eb3e2e36c15|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/70f95ad1b60e4279bd1c6dd51b832eb3e2e36c15]] - i386 removal, part 61/x: Adjust some further #ifdefs.
+* [[c7dca6a74989f006e0da100a448b499f594c92d5|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/c7dca6a74989f006e0da100a448b499f594c92d5]] - drm: Partial revert of "drm: Sync drm_crtc.c with Linux 4.6"
+* [[1f249c981c4e89e7cde1836a75b61cac36dc7ac5|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/1f249c981c4e89e7cde1836a75b61cac36dc7ac5]] - if_iwm - Use iwm_mvm_scan_stop_wait to properly abort scans.
+* [[20825c8ad4cfc4f8dad78be8e4abc57d502d218c|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/20825c8ad4cfc4f8dad78be8e4abc57d502d218c]] - ath_hal: Add FCC6_FCCA regulatory domain (0x0014)
+* [[83a1185edeede081051a6c00417d4c5a8f5988eb|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/83a1185edeede081051a6c00417d4c5a8f5988eb]] - if_iwm - Move iwm_dma_contig_alloc/_free functions to if_iwm_util.c.
+* [[fa3094dbf7f6435624adcbda41fb0cd34de29570|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/fa3094dbf7f6435624adcbda41fb0cd34de29570]] - drm/linux: implement div64_u64_rem() helper in math64.h
+* [[28d082dd4654cb35f336ab89d3fe1f360c780a8d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/28d082dd4654cb35f336ab89d3fe1f360c780a8d]] - sys/dev/disk/dm: Make dmdebug() print __func__
+* [[f1c11ff5d497df59257e244c48f234711f98c0f1|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/f1c11ff5d497df59257e244c48f234711f98c0f1]] - drm/i915: Fix typo in get_bdb_header(), fixes vbt validity check.
+* [[2d695c09ee6b3f48db20cbe87ad34183127e32a2|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/2d695c09ee6b3f48db20cbe87ad34183127e32a2]] - sdhci - Use the right capability field for printing the bus width.
+* [[e98ee77a816bfd8b4912047b93dfb2c560788f24|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e98ee77a816bfd8b4912047b93dfb2c560788f24]] - if_iwm - Synchronize firmware loading code with Linux iwlwifi.
+* [[a7697ea01c11fd493aec52260a02f31df680eb91|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/a7697ea01c11fd493aec52260a02f31df680eb91]] - if_iwm - Sync IWM_MVM_ALIVE waiting and start_fw handling with iwlwifi.
+* [[848ab9a35b2f0b0a12f0b361199b6bb9c52ee2a6|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/848ab9a35b2f0b0a12f0b361199b6bb9c52ee2a6]] - if_iwm - Use chan list from ieee80211_scan_state for scan, not ic_channels.
+* [[e57b1815044eab7f8ebcf525ab5911143e1f80c1|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e57b1815044eab7f8ebcf525ab5911143e1f80c1]] - drm/linux: Add request_firmware_nowait()
+* [[0e645f475f5f417a016f2f68473b303a389c23ba|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/0e645f475f5f417a016f2f68473b303a389c23ba]] - vkernel - Fix races in if_vke.c
+* [[0cb0a810cb4e04b30937cb4260e779f717a86492|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/0cb0a810cb4e04b30937cb4260e779f717a86492]] - if_iwm - Switch 7265D and 3165 devices to 7265D firmware.
+* [[4b1006a6e4d0f61d48c67b46e1f791e30837db67|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/4b1006a6e4d0f61d48c67b46e1f791e30837db67]] - iwm - Reduce gratuitous differences with Linux iwlwifi in struct naming.
+* [[3e9aaef308100a4d630feffc131e3aca2ae12f8a|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/3e9aaef308100a4d630feffc131e3aca2ae12f8a]] - if_iwm - Remove dead code from iwm_pcie_load_cpu_sections().
+* [[02b1bea02c6a2bccaedf9480a4f6695d4c0beb49|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/02b1bea02c6a2bccaedf9480a4f6695d4c0beb49]] - cxm(4): Fix type mismatches on firmware variables.
+* [[d7ecd68be5ad5eebfdec4059c00330235786927f|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/d7ecd68be5ad5eebfdec4059c00330235786927f]] - if_iwm - Fix up RSSI calculations for scan results and normal RX operations.
+* [[d11dcf6adbe99ce3eb4e7de76aa6810b7c44cd2c|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/d11dcf6adbe99ce3eb4e7de76aa6810b7c44cd2c]] - drm/linux: Add vmap()
+* [[fb572d17facb99509210208b5c7e0aa2120d7079|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/fb572d17facb99509210208b5c7e0aa2120d7079]] - drm: Implement and use Linux struct device
+* [[347f670a67679f7b4b6e6b9112ba648f96a6cc38|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/347f670a67679f7b4b6e6b9112ba648f96a6cc38]] - drm/linux: Add ktime_get_boottime and ktime_ms_delta()
+* [[b5cdd8067951dc90271ab104ef555b3b5a4d5d5a|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/b5cdd8067951dc90271ab104ef555b3b5a4d5d5a]] - if_iwm - Get rid of struct iwm_rx_data argument for iwm_mvm_rx_rx_mpdu.
+* [[6bf7fbb4144bdc701224764dcadc2336d4112687|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/6bf7fbb4144bdc701224764dcadc2336d4112687]] - syscons - Handle kms framebuffer activation better when not in text mode.
+* [[81d656081e06cb3a98b05fd2d1570902ee56731d|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/81d656081e06cb3a98b05fd2d1570902ee56731d]] - drm/i915: Set GPU freq to idle_freq initially
+* [[9b497556328a94fbc235cb9cb6d14e792251f178|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/9b497556328a94fbc235cb9cb6d14e792251f178]] - drm/linux: Add kasprintf and kvasprintf()
+* [[3370bc5504ebb3c1b9bb960a185cd0c8052a2845|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/3370bc5504ebb3c1b9bb960a185cd0c8052a2845]] - if_iwm - Tiny cleanup in iwm_rx_addbuf().
+* [[dda889ac57d8e5b46bb1b1ecf53c17a18481c7c8|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/dda889ac57d8e5b46bb1b1ecf53c17a18481c7c8]] - if_iwm - Ignore IWM_DEBUG_LOG_MSG notifications.
+* [[61f2dcf2f8a2c33f69f7ef5abca8b106e4d1b912|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/61f2dcf2f8a2c33f69f7ef5abca8b106e4d1b912]] - syscons - Remove unneeded NULL check from register_framebuffer().
+* [[e54a5ebe1729636c555002fc46d6fd0939479f29|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/e54a5ebe1729636c555002fc46d6fd0939479f29]] - if_iwm - Remove unused wantresp field in iwm_rx_data struct.
+* [[aa128dc02a17c2e616232ef0fa997121e969c995|https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff/aa128dc02a17c2e616232ef0fa997121e969c995]] - if_iwm - Already call iwm_mvm_power_update_mac() during SCAN<->AUTH paths.

(Diff truncated)
MyUserPage
diff --git a/doc/users/martymcfly.mdwn b/doc/users/martymcfly.mdwn
new file mode 100644
index 0000000..1b86ce4
--- /dev/null
+++ b/doc/users/martymcfly.mdwn
@@ -0,0 +1 @@
+Ikiwiki-Newbie-user with Asciidoc-ambitions.

Added a comment: PS
diff --git a/doc/forum/ikwiki_with_AsciiDoc:_page_cannot_be_rendered/comment_1_7e7345fadad209c26c62cab6e2b9f1a9._comment b/doc/forum/ikwiki_with_AsciiDoc:_page_cannot_be_rendered/comment_1_7e7345fadad209c26c62cab6e2b9f1a9._comment
new file mode 100644
index 0000000..c7aeb5f
--- /dev/null
+++ b/doc/forum/ikwiki_with_AsciiDoc:_page_cannot_be_rendered/comment_1_7e7345fadad209c26c62cab6e2b9f1a9._comment
@@ -0,0 +1,9 @@
+[[!comment format=mdwn
+ username="martymcfly@55267c498da1bbb4b9fe2a8baadc45dc1bd8f57a"
+ nickname="martymcfly"
+ avatar="http://cdn.libravatar.org/avatar/ca6b7c22733653ded358b982cce0e616"
+ subject="PS"
+ date="2017-03-09T14:00:21Z"
+ content="""
+There was no suspicious log messages in the apache log files about it.
+"""]]

Ikiwiki error with Asciidoc
diff --git a/doc/forum/ikwiki_with_AsciiDoc:_page_cannot_be_rendered.mdwn b/doc/forum/ikwiki_with_AsciiDoc:_page_cannot_be_rendered.mdwn
new file mode 100644
index 0000000..515e8c1
--- /dev/null
+++ b/doc/forum/ikwiki_with_AsciiDoc:_page_cannot_be_rendered.mdwn
@@ -0,0 +1,16 @@
+Hallo ikiwiki-team!
+
+I would like to setup ikwiki with AsciiDoc. So far I was able to install the [asciidoc.pm plugin](https://ikiwiki.info/plugins/contrib/asciidoc/) and got it to run.
+However when saving a page of Page type Asciidoc I encounter the error:
+
+> asciidoc: ERROR: unsafe: ifeval invalid asciidoc: FAILED: ifeval invalid safe document
+
+This also happens when I afterwards open that page with asciidoc markup. It seems to me that this is a rendering problem!?
+
+Installed on Debian Jessie with ikiwiki version 3.20141016.4
+
+What can I do to make it work?
+
+Cheers!
+
+Dennis

cleanup
diff --git a/doc/test_page_space_allowed.mdwn b/doc/test_page_space_allowed.mdwn
deleted file mode 100644
index c7d8cc3..0000000
--- a/doc/test_page_space_allowed.mdwn
+++ /dev/null
@@ -1,3 +0,0 @@
-asdf asdf
-
-asdf <span style="color: #ee9d77;">asdf asdf</span>

diff --git a/doc/test_page_space_allowed.mdwn b/doc/test_page_space_allowed.mdwn
new file mode 100644
index 0000000..c7d8cc3
--- /dev/null
+++ b/doc/test_page_space_allowed.mdwn
@@ -0,0 +1,3 @@
+asdf asdf
+
+asdf <span style="color: #ee9d77;">asdf asdf</span>

test test blah blah
diff --git a/doc/sandbox.mdwn b/doc/sandbox.mdwn
index 0872462..a9065ff 100644
--- a/doc/sandbox.mdwn
+++ b/doc/sandbox.mdwn
@@ -4,11 +4,16 @@ Sure it is.
 
 Nope my friend.
 
-<<<<<<< HEAD
-[[test link]]
-=======
-[[Test link]]
->>>>>>> 59f04c5ad3daf0c01e81d28ec1106e23567a1100
+List:
+
+* thing 1
+* thing 2 [[test page space allowed]]
+* thing 3
+* * sublist a? [[TestPage]]
+* * sublist b [[testpage]]
+* thing 4
+
+
 
 [[!meta date="Thu Jun 16 22:04:33 2005" updated="Thu Dec 22 01:23:20 2011"]]
 

speed up commenting by optionally providing a comment form in static pages
diff --git a/doc/todo/comment_posting_form_in_static_pages.mdwn b/doc/todo/comment_posting_form_in_static_pages.mdwn
new file mode 100644
index 0000000..e1246a2
--- /dev/null
+++ b/doc/todo/comment_posting_form_in_static_pages.mdwn
@@ -0,0 +1 @@
+I'd like to speed up the opportunity for people to comment on my ikiwiki, by having the comment-composition form included in static pages, below the existing comments. My initial hacks have been thwarted because the CGI-generated comment composition form has hidden elements with a session ID (a feature of CGI::FormBuilder I think) to prevent exactly this. -- [[users/jon]] [[!tag wishlist]]

Added a comment
diff --git a/doc/forum/Password_protect_whole_wiki/comment_5_239d0640c229ae50bf85796b376595cf._comment b/doc/forum/Password_protect_whole_wiki/comment_5_239d0640c229ae50bf85796b376595cf._comment
new file mode 100644
index 0000000..4602a77
--- /dev/null
+++ b/doc/forum/Password_protect_whole_wiki/comment_5_239d0640c229ae50bf85796b376595cf._comment
@@ -0,0 +1,9 @@
+[[!comment format=mdwn
+ username="jmtd@d79be1606aba831a3b476d5fff7d99f4b321eab2"
+ nickname="jmtd"
+ avatar="http://cdn.libravatar.org/avatar/96f1bc700fdf0fc814f40c90391a6b53"
+ subject="comment 5"
+ date="2017-03-03T14:48:02Z"
+ content="""
+CGI-only wishlist item I mentioned: [[todo/CGI-only_mode]]
+"""]]

Added a comment
diff --git a/doc/forum/Password_protect_whole_wiki/comment_4_0bebd42b23b4c238831272061486a6ef._comment b/doc/forum/Password_protect_whole_wiki/comment_4_0bebd42b23b4c238831272061486a6ef._comment
new file mode 100644
index 0000000..e019d02
--- /dev/null
+++ b/doc/forum/Password_protect_whole_wiki/comment_4_0bebd42b23b4c238831272061486a6ef._comment
@@ -0,0 +1,13 @@
+[[!comment format=mdwn
+ username="jmtd@d79be1606aba831a3b476d5fff7d99f4b321eab2"
+ nickname="jmtd"
+ avatar="http://cdn.libravatar.org/avatar/96f1bc700fdf0fc814f40c90391a6b53"
+ subject="comment 4"
+ date="2017-03-03T14:29:11Z"
+ content="""
+If we are talking about configuring the HTTPD to use HTTP basic auth, the UI for HTTP Basic authentication is not great; it is not well supported on mobile devices; it's not well managed by browsers which can remember login credentials and it's not well supported by password managers. Most serious web applications do not use it and instead have their own bespoke session management stuff. Indeed Ikiwiki already has machinery for logins and sessions (I've just completed it on ikiwiki.info to post this comment). So I still think it would be nice to have it necessary to log in to view some, or all, pages in some circumstances.
+
+Of course for HTTPD-mediated login, it doesn't have to be HTTP Basic, but not many users will have the skills or infrastructure to set up something like Shibboleth for their ikiwikis.
+
+To some extent this dovetails with another wishlist item of mine, which is the ability to generate a CGI-only ikiwiki. This is useful if you have an existing ikiwiki which is large, and you want to run a dev or test one in parallel, but don't want to share the src dir, and don't want to have a second git clone of the material knocking around. -- [[users/jon]]
+"""]]

my github mirror of ikiwiki has been deleted due to their horrible anti-free-software TOS
diff --git a/doc/git.mdwn b/doc/git.mdwn
index bcf454e..4661c46 100644
--- a/doc/git.mdwn
+++ b/doc/git.mdwn
@@ -25,10 +25,6 @@ think about merging them. This is recommended. :-)
 
 <!-- Machine-parsed format: * wikilink <git:url> -->
 
-* github `git://github.com/joeyh/ikiwiki.git`
-  ([browse](http://github.com/joeyh/ikiwiki/tree/master))  
-  A mirror of the main repo, automatically updated. Also provides http
-  cloning at `http://github.com/joeyh/ikiwiki.git`
 * l10n `git://l10n.ikiwiki.info/`
   Open push localization branch used for <http://l10n.ikiwiki.info/>
 * [[smcv]] `git://git.pseudorandom.co.uk/git/smcv/ikiwiki.git`

Added a comment
diff --git a/doc/forum/Inconsistency_in_pages_behaviour/comment_9_28efdafb7393e9ba03c61fb73ecad6be._comment b/doc/forum/Inconsistency_in_pages_behaviour/comment_9_28efdafb7393e9ba03c61fb73ecad6be._comment
new file mode 100644
index 0000000..f0fd9e6
--- /dev/null
+++ b/doc/forum/Inconsistency_in_pages_behaviour/comment_9_28efdafb7393e9ba03c61fb73ecad6be._comment
@@ -0,0 +1,12 @@
+[[!comment format=mdwn
+ username="svetlana@192500fb6a2e2ef8e78d1a08cca64b1bca9833b9"
+ nickname="svetlana"
+ avatar="http://cdn.libravatar.org/avatar/5821f2dec97d186ce3b455b806d33035"
+ subject="comment 9"
+ date="2017-02-21T22:02:44Z"
+ content="""
+From the above I think we maybe could 
+
+- write a .po plugin feature that if indexpages is enabled then it logs a warning and disables itself, and
+- write an ikiwiki feature that when indexpages is toggled then ikiwiki renames the source files accordingly...
+"""]]

+aka use page/index.mdwn source files
diff --git a/doc/plugins/po.mdwn b/doc/plugins/po.mdwn
index b7c1582..0a764b6 100644
--- a/doc/plugins/po.mdwn
+++ b/doc/plugins/po.mdwn
@@ -36,7 +36,7 @@ rendered as `bla/page/index.fr.html`, else as `bla/page.fr.html`
 (In)Compatibility
 =================
 
-This plugin does not support the `indexpages` mode. If you don't know
+This plugin does not support the `indexpages` mode (a.k.a. "use page/index.mdwn source files"). If you don't know
 what it is, you probably don't care.
 
 

Added a comment
diff --git a/doc/forum/Inconsistency_in_pages_behaviour/comment_8_b7cbce4cfea17c2bbd28f6f450deff9a._comment b/doc/forum/Inconsistency_in_pages_behaviour/comment_8_b7cbce4cfea17c2bbd28f6f450deff9a._comment
new file mode 100644
index 0000000..2faacf1
--- /dev/null
+++ b/doc/forum/Inconsistency_in_pages_behaviour/comment_8_b7cbce4cfea17c2bbd28f6f450deff9a._comment
@@ -0,0 +1,11 @@
+[[!comment format=mdwn
+ username="smcv"
+ avatar="http://cdn.libravatar.org/avatar/0ee943fe632ff995f6f0f25b7167d03b"
+ subject="comment 8"
+ date="2017-02-21T18:21:19Z"
+ content="""
+> Is .po plugin able to work if the user chooses to use foo/index.mdwn ?
+
+Discussion on [[plugins/po/discussion]] in 2009, before the (then third party)
+po plugin was merged, says it is known not to work in that configuration.
+"""]]

Added a comment
diff --git a/doc/forum/Inconsistency_in_pages_behaviour/comment_7_9bac21d9ae3467ae2abb7aa2cfd9ec20._comment b/doc/forum/Inconsistency_in_pages_behaviour/comment_7_9bac21d9ae3467ae2abb7aa2cfd9ec20._comment
new file mode 100644
index 0000000..6e7ab94
--- /dev/null
+++ b/doc/forum/Inconsistency_in_pages_behaviour/comment_7_9bac21d9ae3467ae2abb7aa2cfd9ec20._comment
@@ -0,0 +1,25 @@
+[[!comment format=mdwn
+ username="smcv"
+ avatar="http://cdn.libravatar.org/avatar/0ee943fe632ff995f6f0f25b7167d03b"
+ subject="comment 7"
+ date="2017-02-21T18:17:34Z"
+ content="""
+> Is .po plugin able to work if the user chooses to use foo/index.mdwn ?
+
+Your guess is as good as mine. That configuration is really unusual (I'm not quite
+sure why we even have it as an option), and the po plugin is also unusual (not
+many people go to the effort of translating their wikis), so it seems likely that
+you're the first person to try the two together.
+
+> Is ikiwiki able to move files back and forth when the user toggles the
+> 'use foo/index.mwdn' setting?
+
+Not that I know of. If it could, it would likely require you to run
+`ikiwiki-transition`, but that tool doesn't seem to have any modes that
+seem relevant.
+
+> In the case the user toggles this setting, does the .po plugin adapt to the
+> new value (both ways) and move its files around too?
+
+Almost certainly no.
+"""]]

Added a comment
diff --git a/doc/forum/Inconsistency_in_pages_behaviour/comment_6_33024f2e1cc6b7972bcb0527c1dae400._comment b/doc/forum/Inconsistency_in_pages_behaviour/comment_6_33024f2e1cc6b7972bcb0527c1dae400._comment
new file mode 100644
index 0000000..dbc292c
--- /dev/null
+++ b/doc/forum/Inconsistency_in_pages_behaviour/comment_6_33024f2e1cc6b7972bcb0527c1dae400._comment
@@ -0,0 +1,15 @@
+[[!comment format=mdwn
+ username="svetlana@192500fb6a2e2ef8e78d1a08cca64b1bca9833b9"
+ nickname="svetlana"
+ avatar="http://cdn.libravatar.org/avatar/5821f2dec97d186ce3b455b806d33035"
+ subject="comment 6"
+ date="2017-02-21T03:56:18Z"
+ content="""
+I misread \"nobacklinks\" as \"no backlinks\". Turns out setting it to 0 after applying that patch fixes the problem. This whole discussion is now resolved in short term.
+
+In long term, there are a few remaining questions.
+
+- Is .po plugin able to work if the user chooses to use foo/index.mdwn ?
+- Is ikiwiki able to move files back and forth when the user toggles the 'use foo/index.mwdn' setting?
+- In the case the user toggles this setting, does the .po plugin adapt to the new value (both ways) and move its files around too?
+"""]]

Added a comment
diff --git a/doc/forum/Inconsistency_in_pages_behaviour/comment_5_2cbb00d925663f8fe3017a00596613d6._comment b/doc/forum/Inconsistency_in_pages_behaviour/comment_5_2cbb00d925663f8fe3017a00596613d6._comment
new file mode 100644
index 0000000..15820df
--- /dev/null
+++ b/doc/forum/Inconsistency_in_pages_behaviour/comment_5_2cbb00d925663f8fe3017a00596613d6._comment
@@ -0,0 +1,40 @@
+[[!comment format=mdwn
+ username="svetlana@192500fb6a2e2ef8e78d1a08cca64b1bca9833b9"
+ nickname="svetlana"
+ avatar="http://cdn.libravatar.org/avatar/5821f2dec97d186ce3b455b806d33035"
+ subject="comment 5"
+ date="2017-02-21T03:47:34Z"
+ content="""
+Turns out always listing backlinks (if they exist) is intended behaviour. I followed \"[[todo/allow disabling backlinks]]\" todo page by editing ~/git.ikiwiki.info/IkiWiki/Render.pm 
+
+    diff --git a/IkiWiki/Render.pm b/IkiWiki/Render.pm
+    index e8ed627..6142846 100644
+    --- a/IkiWiki/Render.pm
+    +++ b/IkiWiki/Render.pm
+    @@ -1,4 +1,4 @@
+    -#!/usr/bin/perl
+    +#!/usr/local/bin/perl
+    
+     package IkiWiki;
+    
+    @@ -111,7 +111,8 @@ sub genpage ($$) {
+            }
+            templateactions($template, $page);
+    
+    -       my @backlinks=sort { $a->{page} cmp $b->{page} || $a->{url} cmp $b->{url} } backlinks($page);
+    +       my @backlinks=sort { $a->{page} cmp $b->{page} || $a->{url} cmp $b->{url} } backlinks($page)
+    +           unless defined $config{nobacklinks} && $config{nobacklinks} == 0;
+            my ($backlinks, $more_backlinks);
+            if (@backlinks <= $config{numbacklinks} || ! $config{numbacklinks}) {
+                    $backlinks=\@backlinks;
+    
+
+
+Here is line in config:
+
+    nobacklinks: 1
+
+
+
+and then \"perl Makefile.PL ;$MAKE;$MAKE install\" . But then running 'ikiwiki --rebuild --setup ~/wiki/ikiwiki.setup' makes no difference. Why ...
+"""]]

Added a comment
diff --git a/doc/forum/Inconsistency_in_pages_behaviour/comment_4_01ae20cdc4f105bd182049f5138a8dd2._comment b/doc/forum/Inconsistency_in_pages_behaviour/comment_4_01ae20cdc4f105bd182049f5138a8dd2._comment
new file mode 100644
index 0000000..d43c11e
--- /dev/null
+++ b/doc/forum/Inconsistency_in_pages_behaviour/comment_4_01ae20cdc4f105bd182049f5138a8dd2._comment
@@ -0,0 +1,42 @@
+[[!comment format=mdwn
+ username="svetlana@192500fb6a2e2ef8e78d1a08cca64b1bca9833b9"
+ nickname="svetlana"
+ avatar="http://cdn.libravatar.org/avatar/5821f2dec97d186ce3b455b806d33035"
+ subject="comment 4"
+ date="2017-02-20T23:42:13Z"
+ content="""
+Fixed the .po marking pages as translatable -- 
+
+1. un-ticked \"use page/index.mdwn source files\"
+
+2. ran this script, committed, and pushed:
+
+```
+    
+    # Bash -- from http://mywiki.wooledge.org/BashFAQ/030
+    # Also requires GNU or BSD find(1)
+    # Recursively change all *.foo files to *.bar
+    
+    find . -type f -name 'index.mdwn' -print0 | while IFS= read -r -d '' f; do
+        mv -- \"$f\" \"${f%/index.mdwn}.mdwn\"
+    done
+ 
+    find . -type f -name 'index.ru.po' -print0 | while IFS= read -r -d '' f; do
+        mv -- \"$f\" \"${f%/index.ru.po}.ru.po\"
+    done
+    
+    find . -type f -name 'index.pot' -print0 | while IFS= read -r -d '' f; do
+        mv -- \"$f\" \"${f%/index.pot}.pot\"
+    done
+    
+    
+    mv ..mdwn index.mdwn
+    mv ..pot index.pot
+    mv ..ru.po index.ru.po
+```
+
+
+
+
+The problem with backlinks still stays so far.
+"""]]

Added a comment
diff --git a/doc/forum/Password_protect_whole_wiki/comment_3_39554aa379a9653dd1ccb8970d98f021._comment b/doc/forum/Password_protect_whole_wiki/comment_3_39554aa379a9653dd1ccb8970d98f021._comment
new file mode 100644
index 0000000..47422df
--- /dev/null
+++ b/doc/forum/Password_protect_whole_wiki/comment_3_39554aa379a9653dd1ccb8970d98f021._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="openmedi"
+ avatar="http://cdn.libravatar.org/avatar/563ffaff3b492c579bd8f094472e4506"
+ subject="comment 3"
+ date="2017-02-20T15:43:13Z"
+ content="""
+Thanks! I actually found an easy to follow guide that includes https via let encrypt [here](https://www.digitalocean.com/community/tutorials/how-to-set-up-password-authentication-with-apache-on-ubuntu-16-04).
+"""]]

Added a comment
diff --git a/doc/forum/Inconsistency_in_pages_behaviour/comment_3_5de086a73f26966be07925d48b3aa523._comment b/doc/forum/Inconsistency_in_pages_behaviour/comment_3_5de086a73f26966be07925d48b3aa523._comment
new file mode 100644
index 0000000..1c5bb67
--- /dev/null
+++ b/doc/forum/Inconsistency_in_pages_behaviour/comment_3_5de086a73f26966be07925d48b3aa523._comment
@@ -0,0 +1,16 @@
+[[!comment format=mdwn
+ username="svetlana@192500fb6a2e2ef8e78d1a08cca64b1bca9833b9"
+ nickname="svetlana"
+ avatar="http://cdn.libravatar.org/avatar/5821f2dec97d186ce3b455b806d33035"
+ subject="comment 3"
+ date="2017-02-19T21:59:25Z"
+ content="""
+I removed /home/public (the wiki build destination) and rebuilt it, re-enabled po plugin with \"* or */* or */*/* or */*/*/*\" in its pagespec settings, but it still only picks up root level pages. Subpages are not marked as translatable. This is a problem.
+
+The backlinks issue seems to not have resolved itself, either.
+
+Remarkably, removing sandbox.pot and sandbox.ru.po from ~/wiki made the sandbox page not translatable. It seems that the po plugin is looking for foo/bar.mdwn and foo/bar.pot and foo/bar.po.ru rather than foo/bar/index.mdwn, foo/bar/index.ru.po, foo/bar/index.pot and so on?
+
+I tried to disable \"use page/index.mdwn source files\" and rebuild the wiki, but now I have \"foo/bar/index/\" URIs and `[[foo/bar]]` is an unknown link marked with a question mark, so I'm going to fix it all up in the source files by hand and see if it helps...
+
+"""]]

removed
diff --git a/doc/forum/Inconsistency_in_pages_behaviour/comment_3_8aa03c750f434f2a6dfbd34a22e23397._comment b/doc/forum/Inconsistency_in_pages_behaviour/comment_3_8aa03c750f434f2a6dfbd34a22e23397._comment
deleted file mode 100644
index 012b97a..0000000
--- a/doc/forum/Inconsistency_in_pages_behaviour/comment_3_8aa03c750f434f2a6dfbd34a22e23397._comment
+++ /dev/null
@@ -1,11 +0,0 @@
-[[!comment format=mdwn
- username="svetlana@192500fb6a2e2ef8e78d1a08cca64b1bca9833b9"
- nickname="svetlana"
- avatar="http://cdn.libravatar.org/avatar/5821f2dec97d186ce3b455b806d33035"
- subject="comment 3"
- date="2017-02-19T21:48:21Z"
- content="""
-I removed /home/public (the wiki build destination) and rebuilt it, re-enabled po plugin with \"`* or */* or */*/* or */*/*/*`\" in its pagespec settings, but it still only picks up root level pages. Subpages are not marked as translatable. This is a problem.
-
-The backlinks issue seems to have resolved itself after doing this.
-"""]]

Added a comment
diff --git a/doc/forum/Inconsistency_in_pages_behaviour/comment_3_8aa03c750f434f2a6dfbd34a22e23397._comment b/doc/forum/Inconsistency_in_pages_behaviour/comment_3_8aa03c750f434f2a6dfbd34a22e23397._comment
new file mode 100644
index 0000000..012b97a
--- /dev/null
+++ b/doc/forum/Inconsistency_in_pages_behaviour/comment_3_8aa03c750f434f2a6dfbd34a22e23397._comment
@@ -0,0 +1,11 @@
+[[!comment format=mdwn
+ username="svetlana@192500fb6a2e2ef8e78d1a08cca64b1bca9833b9"
+ nickname="svetlana"
+ avatar="http://cdn.libravatar.org/avatar/5821f2dec97d186ce3b455b806d33035"
+ subject="comment 3"
+ date="2017-02-19T21:48:21Z"
+ content="""
+I removed /home/public (the wiki build destination) and rebuilt it, re-enabled po plugin with \"`* or */* or */*/* or */*/*/*`\" in its pagespec settings, but it still only picks up root level pages. Subpages are not marked as translatable. This is a problem.
+
+The backlinks issue seems to have resolved itself after doing this.
+"""]]

Update my (spalax) information
diff --git a/doc/ikiwikiusers.mdwn b/doc/ikiwikiusers.mdwn
index 49e3442..9f453f7 100644
--- a/doc/ikiwikiusers.mdwn
+++ b/doc/ikiwikiusers.mdwn
@@ -211,7 +211,7 @@ Personal sites and blogs
 * Kalle Söderman: [Seen Architecture](http://img.kalleswork.net), [Stockholm Project](http://stockholm.kalleswork.net) - Mainly -image galleries using the album and osm plugins with a customized html5 theme.
 * James Richardson's [wiki](https://jamestechnotes.com), [blog](https://jamesrichardson.name), and online [resume](https://resume.jamesrichardson.name).
 * [Amitai Schleier's site](https://schmonz.com/)
-* My ([[spalax]]) [professional website](http://paternault.fr)
+* [[spalax]]'s [professional website](http://paternault.fr)
 * [Aloodo Blog](http://blog.aloodo.org/)
 * Ninguém tem blog! - Restricted ikiwiki hosting
   * [Dissertos radicais](http://dissertosradicais.tem.blog.br)
diff --git a/doc/users/spalax.mdwn b/doc/users/spalax.mdwn
index a9a030c..2010fde 100644
--- a/doc/users/spalax.mdwn
+++ b/doc/users/spalax.mdwn
@@ -12,8 +12,8 @@ I wrote and maintain a few plugins, which are available here: [[https://atelier.
 
 I have a few things in mind. Their status is something between *I will implement it someday* to *maybe someone could need this* or *I will need it if I implement this killer website I have in mind*.
 
-* [[plugins/contrib/htaccessmanager]]: Create a cgi page to manage a htaccess file.
-
+* [[plugins/contrib/usermanager]]: Create a cgi page to manage users (add/remove users, give/remove administrative priviledge to users, change password, etc.
+* [[plugins/contrib/htaccess]]: Have an [[htacess|//httpd.apache.org/docs/current/howto/htaccess.html]] file to be automatically updated each time an user is added/deleted, or its password is changed).
 
 # Contact
 

Apology about the poor choice for the name of the sidebar2 plugin
diff --git a/doc/plugins/contrib/sidebar2/discussion.mdwn b/doc/plugins/contrib/sidebar2/discussion.mdwn
new file mode 100644
index 0000000..c3989e7
--- /dev/null
+++ b/doc/plugins/contrib/sidebar2/discussion.mdwn
@@ -0,0 +1,5 @@
+More than four years after having written and published this plugin, I kind of regret its name. It should have been called `manybars`, `multibars` or anything like that, but by calling it `sidebar2`, I hijacked the [[plugins/sidebar]] name, preventing the original author to update its own plugin.
+
+Anyway, it is too late to change the name back. I hope I did not offend anyone by doing so… Sorry about this.
+
+-- [[Louis|spalax]]

New plugin: verboserpc
diff --git a/doc/plugins/contrib/verboserpc.mdwn b/doc/plugins/contrib/verboserpc.mdwn
new file mode 100644
index 0000000..09446fe
--- /dev/null
+++ b/doc/plugins/contrib/verboserpc.mdwn
@@ -0,0 +1,83 @@
+[[!meta author="spalax"]]
+[[!template id=plugin name=verboserpc author="[[Louis|spalax]]"]]
+
+Debugging [external plugins](//ikiwiki.info/plugins/write/external/) is a pain, as soon as RPC is involved… This kind-of plugin tries to make it a little bit less painful.
+
+It acts as a proxy between Ikiwiki and the plugin (which, for the record, is an executable program communicating with Ikiwiki using [XML RPC](http://www.xmlrpc.com/) on standard input/output), and logs everithing on standard error.
+
+[[!toc]]
+
+# Example
+
+A sample output of a wiki compilation is shown below.
+
+    $ ikiwiki --setup wiki.setup --refresh --verbose
+    -> <?xml version="1.0" encoding="utf-8"?><methodCall><methodName>import</methodName><params></params></methodCall>
+    <- <?xml version='1.0'?>
+    <- <methodCall>
+    <- <methodName>hook</methodName>
+    <- <params>
+    <- <param>
+    <- <value><string>call</string></value>
+    <- </param>
+    <- <param>
+    <- <value><string>getsetup</string></value>
+    <- </param>
+    <- <param>
+    <- <value><string>type</string></value>
+    <- </param>
+    <- <param>
+    <- <value><string>getsetup</string></value>
+    <- </param>
+    <- <param>
+    <- <value><string>id</string></value>
+    <- </param>
+    <- <param>
+    <- <value><string>foo</string></value>
+    <- </param>
+    <- <param>
+    <- <value><string>last</string></value>
+    <- </param>
+    <- <param>
+    <- <value><boolean>0</boolean></value>
+    <- </param>
+    <- </params>
+    <- </methodCall>
+    -> <?xml version="1.0" encoding="utf-8"?><methodResponse><params><param><value><string>1</string></value></param></params></methodResponse>
+    <- <?xml version='1.0'?>
+    <- <methodResponse>
+    <- <params>
+    <- <param>
+    <- <value><struct>
+    <- <member>
+    <- <name>null</name>
+    <- <value><string></string></value>
+    <- </member>
+    <- </struct></value>
+    <- </param>
+    <- </params>
+    <- </methodResponse>
+    rebuilding wiki..
+    scanning index.mdwn
+    building index.mdwn
+    done
+
+# Enabling the plugin
+
+Let us say you want to debug a plugin `foo`, located somewhere in your [`libdir`](https://ikiwiki.info/plugins/install/).
+
+1. Do not not enable plugin `foo` in the ikiwiki setup file.
+2. Create a symbolic link named `foo.verboserpc` in one of your `libdir`, linking to the `verboserpc` plugin.
+3. In your setup file, enable plugin `foo.verboserpc`.
+
+That's it. When called, the `verboserpc` plugin will be called as `foo.verboserpc`, and will run program `foo`, while transmitting (to Ikiwiki and `foo`) and logging (to standard error) any input/output.
+
+# Does it work?
+
+Well… External plugins are still a pain to debug, even with this tool. If your plugin is written using python, and you are using the [`proxy`](http://source.ikiwiki.branchable.com/?p=source.git;a=blob;f=plugins/proxy.py;h=b61eb466c8d47ef839fc24e5d0ba54be3a9b23fa;hb=HEAD), it might be useless, since this proxy already have an option to log RPC calls (by giving `debug_fn=sys.stderr.write` as an option to the constructor of [`IkiWikiProcedureProxy`](http://source.ikiwiki.branchable.com/?p=source.git;a=blob;f=plugins/proxy.py;h=b61eb466c8d47ef839fc24e5d0ba54be3a9b23fa;hb=HEAD#l217)).
+
+I am not sure that this plugin is the solution to the problem of debugging external plugins. I am still publishing it here, hoping that someone might improve it into something useful…
+
+# Download and install
+
+Code and documentation can be found here : [[https://atelier.gresille.org/projects/gresille-ikiwiki/wiki/VerboseRPC]].

New plugin: pageversion
diff --git a/doc/forum/Questions_about_a_new_plugin/comment_5_1ea0be887d7490e0a9b4dc1c2fe886bd._comment b/doc/forum/Questions_about_a_new_plugin/comment_5_1ea0be887d7490e0a9b4dc1c2fe886bd._comment
new file mode 100644
index 0000000..afd0aa4
--- /dev/null
+++ b/doc/forum/Questions_about_a_new_plugin/comment_5_1ea0be887d7490e0a9b4dc1c2fe886bd._comment
@@ -0,0 +1,11 @@
+[[!comment format=mdwn
+ username="spalax"
+ subject="""Done!"""
+ date="2017-02-18T19:53:15Z"
+ content="""
+At last, I wrote this plugin. It was not on the top of my priority list, but I eventually did it.
+
+It is called [[plugins/contrib/pageversion]].
+
+Thank you very much for your advice: it is far better than what I had in mind before discussing it with you! :)
+"""]]
diff --git a/doc/plugins/contrib/pageversion.mdwn b/doc/plugins/contrib/pageversion.mdwn
new file mode 100644
index 0000000..9793801
--- /dev/null
+++ b/doc/plugins/contrib/pageversion.mdwn
@@ -0,0 +1,89 @@
+[[!meta author="spalax"]]
+[[!template id=plugin name=pageversion author="[[Louis|spalax]]"]]
+
+This plugin makes it possible to manage different versions of the same page, allowing to:
+
+- make older/newer versions available;
+- highlight the latest version.
+
+[[!toc]]
+
+# Rationale
+
+On my personal website/blog, I publish articles which I sometimes update. Sometimes, I add a few lines of text with a ``Updated on DATE.`` message; other times, I rewrite the whole article. In this latter case, I want:
+
+- the main version of the article to be the latest one;
+- oldest versions still to be available;
+- the main list of my articles to list only the latest version of each article.
+
+# Example
+
+For instance, on my personal website, article [one](//paternault.fr/pedago/sismologie/20150110/) has been updated to [two](//paternault.fr/pedago/sismologie/20150819/).
+
+- They both contain the directive `\[[!versionof parent]]`, marking them as a version of the [main article](//paternault.fr/pedago/sismologie) (which happens to be their parent page).
+- On the [old article](//paternault.fr/pedago/sismologie/20150819/), links to the other articles (only one here) are available.
+- On the [page listing my articles](//paternault.fr/pedago), only the latest article appears.
+- The [main page](//paternault.fr/pedago/sismologie) lists all versions of this article, and redirects to the latest one.
+
+# List of directives and pagespecs
+
+Pages are marked as versions as other pages using tags (subtags of `_pageversion/*`). Directive ``\[[!versionof]]`` simply add the appropriate tag to the current page (thus, one can ignore this directive, but it makes things easier).
+
+Pages can be marked as versions of another page (e.g. ``foo/version1`` and ``foo/version2`` are versions of page ``foo``), or versions of an arbitrary abstract page (called *label* later). There is no conflict between them (that is, pages marked as a version of page ``foo`` and as a version of label ``foo`` are not a version of the same page).
+
+## Directive `versionof`
+
+Marks current page as a version of another page. Its main forms are:
+
+- `\[[!versionof name=foo]]` Mark current page as a version of page ``foo`` (page ``foo`` is searched using the same [[linking rules|ikiwiki/SubPage/LinkingRules]] as a [[ikiwiki/WikiLink]]).
+- `\[[!versionof label=bar]]` Mark current page as a version of some abstract object labelled ``bar``.
+
+It may be convenient to refer to some particular page. Thus, those alternative forms are also available:
+
+- `\[[!versionof name]]` Mark current page as a version of itself.
+- `\[[!versionof parent]]` Mark current page as a version of its parent page.
+
+## Template `otherversions`
+
+To add a list to the other versions of a page (both older and newer), a template is provided. It is called with:
+
+    \[[!template id=otherversions version=VERSION template=INLINETEMPLATE]]
+
+Where:
+
+- *(Required)* Pages that are a version of `VERSION` are listed (for instance ``\[[!template id=otherversions version=name=foo]]``).
+- *(Optional)* Template `INLINETEMPLATE` is used (instead of the default `otherversionpage` template) in the [[ikiwiki/directive/inline]] directive listing the other pages.
+
+## Pagespec `versionof`
+
+A pagespec can match pages marked as a version of something using the pagespec `versionof`. It accepts the same arguments as the arguments as the ``versionof`` directive, that is:
+
+- `versionof(name=foo)`: Match pages which are a version of page ``foo``.
+- `versionof(name)`: Match pages which are a version of the current page.
+- `versionof(parent)`: Match pages which are a version of the parent page.
+- `versionof(label=bar)`: Match pages which are a version of some abstract object labelled ``bar``.
+
+Moreover, it takes one additional argument:
+
+- `versionof(any)`: Match pages which are a version of anything.
+
+## Pagespec `latestversion`
+
+An additional pagespec `latestversion` is provided. It accepts the same arguments as the `versionof` pagespec (that is:
+`latestversion(name=foo)`,
+`latestversion(name)`,
+`latestversion(parent)`,
+`latestversion(label=bar)`,
+`latestversion(any)`) but only the most recent page is matched.
+
+## Pagespec `latest_tagged`
+
+As a side effect, this plugin also provides the `latest_tagged(TAG)` pagespec. It matches one single page: the most recent page tagged with the given tag.
+
+## Directive `redirect`
+
+Directive ``\[[!redirect]]`` (from the [[redirect]] plugin) can be used together with this package. For instance, a page containing the directive ``\[[!redirect pages="versionof(page)"]]`` will redirect to the most recent page marked as a version of the current page.
+
+# Download and Install
+
+Code and documentation can be found here : [[https://atelier.gresille.org/projects/gresille-ikiwiki/wiki/PageVersion]].
diff --git a/doc/users/spalax.mdwn b/doc/users/spalax.mdwn
index d9e9c5f..a9a030c 100644
--- a/doc/users/spalax.mdwn
+++ b/doc/users/spalax.mdwn
@@ -13,7 +13,6 @@ I wrote and maintain a few plugins, which are available here: [[https://atelier.
 I have a few things in mind. Their status is something between *I will implement it someday* to *maybe someone could need this* or *I will need it if I implement this killer website I have in mind*.
 
 * [[plugins/contrib/htaccessmanager]]: Create a cgi page to manage a htaccess file.
-* [[forum/Questions_about_a_new_plugin]]
 
 
 # Contact

New plugin: redirect
diff --git a/doc/plugins/contrib/redirect.mdwn b/doc/plugins/contrib/redirect.mdwn
new file mode 100644
index 0000000..4bf315a
--- /dev/null
+++ b/doc/plugins/contrib/redirect.mdwn
@@ -0,0 +1,35 @@
+[[!meta author="spalax"]]
+[[!template id=plugin name=redirect author="[[Louis|spalax]]"]]
+
+This plugin provides a [[ikiwiki/directive/redirect]] [[ikiwiki/directive]].
+
+Using this, you can cause a page to redirect to another page (something similar to the ``redir`` option of the [[meta|http://ikiwiki.info/ikiwiki/directive/meta]] plugin.
+
+[[!toc]]
+
+# Directive
+
+It accepts options ``pages``, ``skip``, ``sort``, ``reverse``, which have the same meaning as they have in the [[inline|http://ikiwiki.info/ikiwiki/directive/inline/]] directive. It builds a list of pages using those arguments, and redirect the page to the first page of this list.
+
+It also renders a text *If you are not redirected automatically, follow \[[this link]].* This text can be customized by changing the template `redirect.tmpl`, which accepts a single variable ``TARGETPAGE``.
+
+# Example
+
+To have a page ``latest.html`` redirect to your latest blog post, have the following line into ``latest.mdwn``:
+
+    \[[!redirect pages="blog/* and !blog/*"]]
+
+# Setup
+
+This directive accepts no setup options.
+
+# Differences with the ``meta`` plugin
+
+* This directive is better than the ``redir`` option of the [[meta|http://ikiwiki.info/ikiwiki/directive/meta/]] plugin because it can redirect to (the first page of) a pagespec, meaning things like *"redirect to my latest blog post"*.
+* The ``redir`` option of the [[meta|http://ikiwiki.info/ikiwiki/directive/meta]] plugin is better than this directive because:
+  * it can redirect to an anchor ``\[[!meta redir="foo#bar"]]``;
+  * it can redirect to an external page ``\[[!meta redir="http://example.com"]]``.
+
+# Download and install
+
+Code and documentation can be found here : [[https://atelier.gresille.org/projects/gresille-ikiwiki/wiki/Redirect]].

diff --git a/doc/tips/laptop_wiki_with_git/discussion.mdwn b/doc/tips/laptop_wiki_with_git/discussion.mdwn
index b44285d..fd5409e 100644
--- a/doc/tips/laptop_wiki_with_git/discussion.mdwn
+++ b/doc/tips/laptop_wiki_with_git/discussion.mdwn
@@ -1,3 +1,8 @@
+I have tried `gitorigin_branch:` and it does not seem to work. I have to use `gitorigin_branch: ''` to literally set it to empty string to make it work.
+[[newton108]]
+
+----
+
 I have followed this idea along, and it seems to work pretty well. 
 Now I have a question as a git newbie. Can I have the post-commit hook on the server use something like rsync to update the files on a third machine hosting the web server?  The web server does not have git (cretins!). Of course I could just run a cron job.
 
@@ -11,6 +16,8 @@ Or, was this last remark about rebuilding after pulling meant to apply to rebuil
 > Of course you don't need a web server on the laptop. It is useful for
 > previewing pages before publishing them though. --[[Joey]]
 
+----
+
 I have followed this idea too, however after pushing to the server running gitk in the scrdir shows that the remotes/origin/master branch is newer than the master. Is this normal? Have I reset the master branch to remotes/origin/master then every time when someone pushed something (and run ikiwiki -setup afterwards?)
 [[Micheal]]
 

Added a comment
diff --git a/doc/forum/Most_TMPL__95__VAR_variables_are_empty_in_a_template/comment_1_919425ab81ff72f1d8f1586519f19e69._comment b/doc/forum/Most_TMPL__95__VAR_variables_are_empty_in_a_template/comment_1_919425ab81ff72f1d8f1586519f19e69._comment
new file mode 100644
index 0000000..a25d4dd
--- /dev/null
+++ b/doc/forum/Most_TMPL__95__VAR_variables_are_empty_in_a_template/comment_1_919425ab81ff72f1d8f1586519f19e69._comment
@@ -0,0 +1,9 @@
+[[!comment format=mdwn
+ username="vegardv@75ae889e836bda8ce69bc038d8335c398a2f6f40"
+ nickname="vegardv"
+ avatar="http://cdn.libravatar.org/avatar/b35da1da5c23c19063f73defc0431ab0"
+ subject="comment 1"
+ date="2017-02-10T08:33:41Z"
+ content="""
+I have discovered the same. I have a template which contains <TMPL_VAR basename>. This used to insert the basename of the current page, but at some point this expansion stopped working.
+"""]]

Added a comment
diff --git a/doc/forum/Inconsistency_in_pages_behaviour/comment_2_204710a432cec8b291827e54962b55a5._comment b/doc/forum/Inconsistency_in_pages_behaviour/comment_2_204710a432cec8b291827e54962b55a5._comment
new file mode 100644
index 0000000..3fce6a9
--- /dev/null
+++ b/doc/forum/Inconsistency_in_pages_behaviour/comment_2_204710a432cec8b291827e54962b55a5._comment
@@ -0,0 +1,13 @@
+[[!comment format=mdwn
+ username="svetlana@192500fb6a2e2ef8e78d1a08cca64b1bca9833b9"
+ nickname="svetlana"
+ avatar="http://cdn.libravatar.org/avatar/5821f2dec97d186ce3b455b806d33035"
+ subject="comment 2"
+ date="2017-02-09T21:48:05Z"
+ content="""
+Yes, I expected <http://svetlana.nfshost.com/irc/freenode/index.en.html> to be translatable into Russian and not have backlinks.
+
+$ ikiwiki --rebuild --verbose --setup ~/wiki/ikiwiki.setup
+
+<http://svetlana.nfshost.com/rebuild.txt>
+"""]]

Added a comment
diff --git a/doc/forum/Inconsistency_in_pages_behaviour/comment_1_bf6aaa61970215a76b2a14ac268f942b._comment b/doc/forum/Inconsistency_in_pages_behaviour/comment_1_bf6aaa61970215a76b2a14ac268f942b._comment
new file mode 100644
index 0000000..d0e2997
--- /dev/null
+++ b/doc/forum/Inconsistency_in_pages_behaviour/comment_1_bf6aaa61970215a76b2a14ac268f942b._comment
@@ -0,0 +1,10 @@
+[[!comment format=mdwn
+ username="smcv"
+ avatar="http://cdn.libravatar.org/avatar/0ee943fe632ff995f6f0f25b7167d03b"
+ subject="comment 1"
+ date="2017-02-09T12:13:02Z"
+ content="""
+Did you expect http://svetlana.nfshost.com/irc/freenode/index.en.html to be translatable into Russian and not have backlinks, for instance?
+
+This looks like you have changed configuration/templates and not (successfully!) done a full rebuild since then - but you said \"I think rebuilding the wiki is not affecting this problem\" so presumably you have *tried* to rebuild the wiki, it just didn't work (or didn't completely work). What exact command did you use, and what was its output?
+"""]]

diff --git a/doc/forum/Inconsistency_in_pages_behaviour.mdwn b/doc/forum/Inconsistency_in_pages_behaviour.mdwn
new file mode 100644
index 0000000..cfba777
--- /dev/null
+++ b/doc/forum/Inconsistency_in_pages_behaviour.mdwn
@@ -0,0 +1 @@
+At <http://svetlana.nfshost.com/index.en.html> some pages are not marked as translatable though I used '*' as po plugin pagespec. Also I edited page.tmpl and commented out the backlinks section, but it still shows on some pages. These two defects are probably related. Please advise how to troubleshoot. I think rebuilding the wiki is not affecting this problem. --[[users/svetlana]] 22:21:46 AEDT February 9, 2017

+update broken uris
diff --git a/doc/ikiwikiusers.mdwn b/doc/ikiwikiusers.mdwn
index 034da64..49e3442 100644
--- a/doc/ikiwikiusers.mdwn
+++ b/doc/ikiwikiusers.mdwn
@@ -109,7 +109,7 @@ Projects & Organizations
 * [[voice in time|http://voice-in-time.com]] a voice recording studio located in Hamburg, Germany (rather complex build using ikiwiki only, providing CGI access for the customer)
 * [[nb instrument|http://nb-instrument.com]] a workshop for beautifully handcrafted musical instruments, located in Hamburg, Germany (also one of our rather complex builds using ikiwiki only, providing CGI access for the customer)
 * [[coido architects|http://coido.de]] architectural company, located in Hamburg, Germany and Rotterdam, Netherlands (also rather complex build adding masonry and gallery scripts and some pjaxing to the picture, providing CGI access for the customer)
-* [[guppy|http://guppy.branchable.com]] an internationalized modular Python IRC bot
+* [[guppy|http://guppy.branchable.com/index.en.html]] an internationalized modular Python IRC bot
 
 Personal sites and blogs
 ========================
@@ -222,4 +222,4 @@ Personal sites and blogs
 * [Sean Whitton's personal website](http://spwhitton.name/)
 * [Matto's personal website](https://box.matto.nl)
 * [Rob Sayers' personal website](http://www.robsayers.com)
-* [Svetlana Tkachenko's personal website](http://svetlana.nfshost.com) - personal site, no blog
+* [Svetlana Tkachenko's personal website](http://svetlana.nfshost.com/index.en.html) - personal site, no blog

diff --git a/doc/users/svetlana.mdwn b/doc/users/svetlana.mdwn
new file mode 100644
index 0000000..6fca6dc
--- /dev/null
+++ b/doc/users/svetlana.mdwn
@@ -0,0 +1,7 @@
+I speak English and Russian. I use ikiwiki at [my personal site](http://svetlana.nfshost.com).
+
+I also help a few software projects localize their documentation -- [vy](http://vy.branchable.com) and [guppy](http://guppy.branchable.com).
+
+I enjoy ikiwiki.
+
+I am testing the po and osm plugins.

Confuses a map
diff --git a/doc/plugins/po/discussion.mdwn b/doc/plugins/po/discussion.mdwn
index ffd511a..9f99880 100644
--- a/doc/plugins/po/discussion.mdwn
+++ b/doc/plugins/po/discussion.mdwn
@@ -749,3 +749,13 @@ Hello, I am not sure whether it's the right way to add a comment here, but I dow
 > an interactive Perl session) and see whether there are useful error messages. --[[smcv]]
 
 > > I had to set ikiwiki's INSTALL_BASE to ~/perl5, and install local::lib, to get the wiki to see Locale::Po4a::Po. What was helpful is `ikiwiki --setup wiki/ikiwiki.setup --wrappers` as it outputs the useful error message straight away if it can't find something in @INC. It is finally working now. --[[users/svetlana]]
+
+# Confuses a map
+
+The `\[[!map  pages="*"]]` directive works in confused ways when po plugin is enabled. It lists items like this:
+
+- [foo](foo/index.en.html)
+  - [index.ru](foo/index.ru)
+  - [index.ja](foo/index.ja)
+
+I'm not sure what to do with it, I would like to be able to list pages only in one language. --[[users/svetlana]] 10:10AM February 8, 2017

diff --git a/doc/plugins/po/discussion.mdwn b/doc/plugins/po/discussion.mdwn
index 35d755e..ffd511a 100644
--- a/doc/plugins/po/discussion.mdwn
+++ b/doc/plugins/po/discussion.mdwn
@@ -747,3 +747,5 @@ Hello, I am not sure whether it's the right way to add a comment here, but I dow
 > It should be in a section headed "format plugin: po". If that doesn't appear, try
 > `perl -MIkiWiki::Plugin::po -e ''` (or equivalently, `use IkiWiki::Plugin::po;` in
 > an interactive Perl session) and see whether there are useful error messages. --[[smcv]]
+
+> > I had to set ikiwiki's INSTALL_BASE to ~/perl5, and install local::lib, to get the wiki to see Locale::Po4a::Po. What was helpful is `ikiwiki --setup wiki/ikiwiki.setup --wrappers` as it outputs the useful error message straight away if it can't find something in @INC. It is finally working now. --[[users/svetlana]]

removed
diff --git a/doc/forum/installing_ikiwiki__44___local::lib__44___and_po4a_on_nearlyfreespeech.mdwn b/doc/forum/installing_ikiwiki__44___local::lib__44___and_po4a_on_nearlyfreespeech.mdwn
deleted file mode 100644
index 5fb748e..0000000
--- a/doc/forum/installing_ikiwiki__44___local::lib__44___and_po4a_on_nearlyfreespeech.mdwn
+++ /dev/null
@@ -1,47 +0,0 @@
-I am trying to follow <https://ikiwiki.info/tips/nearlyfreespeech/>. It installs IkiWiki into ~/lib/perl5. 
-
-
-I have this in ~/.profile:
-
-    [svetlana /home/private]$ cat ~/.profile
-    PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/home/private//bin
-    #eval `perl -I ~/perl5/lib/perl5 -Mlocal::lib`
-    echo $PERL5LIB
-    eval `perl -I ~/lib/perl5:~/perl5/lib/perl5 -Mlocal::lib`
-    echo $PERL5LIB
-    export MANPATH=$HOME/perl5/man:$MANPATH
-    #export PERL5LIB=$HOME/ikiwiki:$HOME/ikiwiki/cpan:$HOME/lib/perl5:$HOME/perl5/lib/perl5
-    [svetlana /home/private]$
-
-The wiki works. How it sets the environment so that things 'see' it in ~/lib/perl5, I have no idea.
-
-I installed cpanm. Turns out it installs itself to ~/perl5/lib/perl5.
-
-I installed local::lib. Turns out it sets PERL5LIB to ~/perl5/lib/perl5.
-
-I didn't see po4a in cpan and was too lazy to add it there, though it's probably two clicks away.
-
-I downloaded po4a from debian package page as a tarball and build it. Turns out it installs itself into ~/perl5/lib/perl5.
-
-I added 'po' to the list of plugins in wiki config, and refreshed it.
-
-
-Webserver says 
-
-AH01215: Failed to load plugin IkiWiki::Plugin::po: Can't locate Locale/Po4a/Chooser.pm in @INC (you may need to install the Locale::Po4a::Chooser module) (@INC contains: /home/private//lib/perl5/amd64-freebsd-thread-multi /home/private//lib/perl5 /usr/local/lib/perl5/site_perl/mach/5.22 /usr/local/lib/perl5/site_perl /usr/local/lib/perl5/5.22/mach /usr/local/lib/perl5/5.22) at /home/private//lib/perl5/IkiWiki/Plugin/po.pm line 19.: /fs6d/svetlana/public/ikiwiki.cgi
-
-Everything gives error 500.
-
-Removing 'po' from 'add_plugins' section and refreshing the wiki gets rid of the problem. But I would really like po plugin to work.
-
-I tried building po4a again. Now it complains about missing dependencies, SGMLS and Unicode::GCString. cpanm doesn't find SGMLS, and there is some error installing Unicode::GCString from cpanm. At this point, I don't care what that error is.
-
-I just know I'm doing something wrong and need someone to tell me what.
-
-In the first place I'd prefer everything went to the location local::lib likes.
-
-There is no reason to keep everything in ~/perl5/lib/perl5, while keeping IkiWiki in ~/lib/perl5.
-
-I'd like to fix that first.
-
-Please advise. Thank you very much.

diff --git a/doc/forum/installing_ikiwiki__44___local::lib__44___and_po4a_on_nearlyfreespeech.mdwn b/doc/forum/installing_ikiwiki__44___local::lib__44___and_po4a_on_nearlyfreespeech.mdwn
new file mode 100644
index 0000000..5fb748e
--- /dev/null
+++ b/doc/forum/installing_ikiwiki__44___local::lib__44___and_po4a_on_nearlyfreespeech.mdwn
@@ -0,0 +1,47 @@
+I am trying to follow <https://ikiwiki.info/tips/nearlyfreespeech/>. It installs IkiWiki into ~/lib/perl5. 
+
+
+I have this in ~/.profile:
+
+    [svetlana /home/private]$ cat ~/.profile
+    PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin:/home/private//bin
+    #eval `perl -I ~/perl5/lib/perl5 -Mlocal::lib`
+    echo $PERL5LIB
+    eval `perl -I ~/lib/perl5:~/perl5/lib/perl5 -Mlocal::lib`
+    echo $PERL5LIB
+    export MANPATH=$HOME/perl5/man:$MANPATH
+    #export PERL5LIB=$HOME/ikiwiki:$HOME/ikiwiki/cpan:$HOME/lib/perl5:$HOME/perl5/lib/perl5
+    [svetlana /home/private]$
+
+The wiki works. How it sets the environment so that things 'see' it in ~/lib/perl5, I have no idea.
+
+I installed cpanm. Turns out it installs itself to ~/perl5/lib/perl5.
+
+I installed local::lib. Turns out it sets PERL5LIB to ~/perl5/lib/perl5.
+
+I didn't see po4a in cpan and was too lazy to add it there, though it's probably two clicks away.
+
+I downloaded po4a from debian package page as a tarball and build it. Turns out it installs itself into ~/perl5/lib/perl5.
+
+I added 'po' to the list of plugins in wiki config, and refreshed it.
+
+
+Webserver says 
+
+AH01215: Failed to load plugin IkiWiki::Plugin::po: Can't locate Locale/Po4a/Chooser.pm in @INC (you may need to install the Locale::Po4a::Chooser module) (@INC contains: /home/private//lib/perl5/amd64-freebsd-thread-multi /home/private//lib/perl5 /usr/local/lib/perl5/site_perl/mach/5.22 /usr/local/lib/perl5/site_perl /usr/local/lib/perl5/5.22/mach /usr/local/lib/perl5/5.22) at /home/private//lib/perl5/IkiWiki/Plugin/po.pm line 19.: /fs6d/svetlana/public/ikiwiki.cgi
+
+Everything gives error 500.
+
+Removing 'po' from 'add_plugins' section and refreshing the wiki gets rid of the problem. But I would really like po plugin to work.
+
+I tried building po4a again. Now it complains about missing dependencies, SGMLS and Unicode::GCString. cpanm doesn't find SGMLS, and there is some error installing Unicode::GCString from cpanm. At this point, I don't care what that error is.
+
+I just know I'm doing something wrong and need someone to tell me what.
+
+In the first place I'd prefer everything went to the location local::lib likes.
+
+There is no reason to keep everything in ~/perl5/lib/perl5, while keeping IkiWiki in ~/lib/perl5.
+
+I'd like to fix that first.
+
+Please advise. Thank you very much.

change `pwd` to $HOME so assumptions are met even if you cd elsewhere
diff --git a/doc/tips/nearlyfreespeech.mdwn b/doc/tips/nearlyfreespeech.mdwn
index f9da223..2a78b66 100644
--- a/doc/tips/nearlyfreespeech.mdwn
+++ b/doc/tips/nearlyfreespeech.mdwn
@@ -52,9 +52,9 @@ because the system has most modules installed already.
 So, you might want to skip this step and come back to it later if ikiwiki
 doesn't work.
 
-	PERL5LIB=`pwd`/ikiwiki:`pwd`/ikiwiki/cpan:`pwd`/lib/perl5 PERL_MM_USE_DEFAULT=1 perl -MCPAN -e 'CPAN::Shell->install("Bundle::IkiWiki")'
+	PERL5LIB=$HOME/ikiwiki:$HOME/ikiwiki/cpan:$HOME/lib/perl5 PERL_MM_USE_DEFAULT=1 perl -MCPAN -e 'CPAN::Shell->install("Bundle::IkiWiki")'
 	
-	PERL5LIB=`pwd`/ikiwiki:`pwd`/ikiwiki/cpan:`pwd`/lib/perl5 PERL_MM_USE_DEFAULT=1 perl -MCPAN -e 'CPAN::Shell->force(install => "Bundle::IkiWiki::Extras")'
+	PERL5LIB=$HOME/ikiwiki:$HOME/ikiwiki/cpan:$HOME/lib/perl5 PERL_MM_USE_DEFAULT=1 perl -MCPAN -e 'CPAN::Shell->force(install => "Bundle::IkiWiki::Extras")'
 
 This will take a while. As long as the first command succeeds, ikiwiki will be
 usable. The second command adds extra modules that some plugins use, so it's

No longer using ikiwiki
diff --git a/doc/ikiwikiusers.mdwn b/doc/ikiwikiusers.mdwn
index 86a6972..034da64 100644
--- a/doc/ikiwikiusers.mdwn
+++ b/doc/ikiwikiusers.mdwn
@@ -123,7 +123,6 @@ Personal sites and blogs
 * [Roland Mas's blog](http://roland.entierement.nu/categories/geek-en.html)
 * [Sergio Talens-Oliag's personal wiki](http://mixinet.net/~sto/) and [blog](http://mixinet.net/~sto/blog)
 * [Christian Aichinger's homepage](http://greek0.net/)
-* Ben A'Lee's [homepage](http://benjaminalee.co.uk/).
 * [Adam  Shand's homepage](http://adam.shand.net/iki/)
 * [Hess family wiki](http://kitenet.net/~family/)
 * [Zack](http://upsilon.cc/~zack)'s homepage, including [his weblog](http://upsilon.cc/~zack/blog/)

diff --git a/doc/plugins/po/discussion.mdwn b/doc/plugins/po/discussion.mdwn
index 59795d7..35d755e 100644
--- a/doc/plugins/po/discussion.mdwn
+++ b/doc/plugins/po/discussion.mdwn
@@ -743,3 +743,7 @@ Besides: When using the map instead of the inline directive, regarding l10n all
 # Does not show up in the setup
 
 Hello, I am not sure whether it's the right way to add a comment here, but I downloaded po4a from Debian repository and built it. Typing 'use Locale::Po4a::Po;' into a 'perl' session doesn't interrupt it -- I believe it is installed already. Yet in websetup there is no 'use po?' section. I am at a loss what to do. I am using nearlyfreespeech for hosting. --[[users/svetlana]]
+
+> It should be in a section headed "format plugin: po". If that doesn't appear, try
+> `perl -MIkiWiki::Plugin::po -e ''` (or equivalently, `use IkiWiki::Plugin::po;` in
+> an interactive Perl session) and see whether there are useful error messages. --[[smcv]]

Does not show up in the setup
diff --git a/doc/plugins/po/discussion.mdwn b/doc/plugins/po/discussion.mdwn
index b282581..59795d7 100644
--- a/doc/plugins/po/discussion.mdwn
+++ b/doc/plugins/po/discussion.mdwn
@@ -739,3 +739,7 @@ Could this be related to the templates used by inline not being localized?
 Any hints wether I am currently running into some dead end with ikiwiki regarding template l10n here would be greatly appreciated.
 
 Besides: When using the map instead of the inline directive, regarding l10n all is working like it should, pitty is that for the kind of deployment I am heading for I will also need pages to be included with a custom template. --[[Boris]]
+
+# Does not show up in the setup
+
+Hello, I am not sure whether it's the right way to add a comment here, but I downloaded po4a from Debian repository and built it. Typing 'use Locale::Po4a::Po;' into a 'perl' session doesn't interrupt it -- I believe it is installed already. Yet in websetup there is no 'use po?' section. I am at a loss what to do. I am using nearlyfreespeech for hosting. --[[users/svetlana]]

* [[guppy|http://guppy.branchable.com]] an internationalized modular Python IRC bot
diff --git a/doc/ikiwikiusers.mdwn b/doc/ikiwikiusers.mdwn
index b221cdc..86a6972 100644
--- a/doc/ikiwikiusers.mdwn
+++ b/doc/ikiwikiusers.mdwn
@@ -109,6 +109,7 @@ Projects & Organizations
 * [[voice in time|http://voice-in-time.com]] a voice recording studio located in Hamburg, Germany (rather complex build using ikiwiki only, providing CGI access for the customer)
 * [[nb instrument|http://nb-instrument.com]] a workshop for beautifully handcrafted musical instruments, located in Hamburg, Germany (also one of our rather complex builds using ikiwiki only, providing CGI access for the customer)
 * [[coido architects|http://coido.de]] architectural company, located in Hamburg, Germany and Rotterdam, Netherlands (also rather complex build adding masonry and gallery scripts and some pjaxing to the picture, providing CGI access for the customer)
+* [[guppy|http://guppy.branchable.com]] an internationalized modular Python IRC bot
 
 Personal sites and blogs
 ========================

Added a comment
diff --git a/doc/forum/Password_protect_whole_wiki/comment_2_6413b431654afaf76d278946b13f2270._comment b/doc/forum/Password_protect_whole_wiki/comment_2_6413b431654afaf76d278946b13f2270._comment
new file mode 100644
index 0000000..85b00c3
--- /dev/null
+++ b/doc/forum/Password_protect_whole_wiki/comment_2_6413b431654afaf76d278946b13f2270._comment
@@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="smcv"
+ avatar="http://cdn.libravatar.org/avatar/0ee943fe632ff995f6f0f25b7167d03b"
+ subject="comment 2"
+ date="2017-01-18T21:46:14Z"
+ content="""
+Sorry, wrong Apache page. [The right one](https://httpd.apache.org/docs/2.4/howto/auth.html)
+"""]]

Added a comment: Do that through your web server, not ikiwiki
diff --git a/doc/forum/Password_protect_whole_wiki/comment_1_5d363401f953ee7a45c50f3275eb9151._comment b/doc/forum/Password_protect_whole_wiki/comment_1_5d363401f953ee7a45c50f3275eb9151._comment
new file mode 100644
index 0000000..a4ec4fa
--- /dev/null
+++ b/doc/forum/Password_protect_whole_wiki/comment_1_5d363401f953ee7a45c50f3275eb9151._comment
@@ -0,0 +1,16 @@
+[[!comment format=mdwn
+ username="smcv"
+ avatar="http://cdn.libravatar.org/avatar/0ee943fe632ff995f6f0f25b7167d03b"
+ subject="Do that through your web server, not ikiwiki"
+ date="2017-01-18T21:45:30Z"
+ content="""
+ikiwiki is a wiki compiler (or a static site generator if you prefer): when it
+builds your wiki, the result is static HTML. When a visitor views a page,
+no ikiwiki code is running.
+
+If you want viewing to be restricted, you need to configure your web server
+(Apache or lighttpd or nginx or similar) to restrict it. For example, if
+your web server is Apache,
+[this page on Apache access control](https://httpd.apache.org/docs/2.4/howto/access.html)
+might help.
+"""]]

diff --git a/doc/forum/Password_protect_whole_wiki.mdwn b/doc/forum/Password_protect_whole_wiki.mdwn
new file mode 100644
index 0000000..43befd7
--- /dev/null
+++ b/doc/forum/Password_protect_whole_wiki.mdwn
@@ -0,0 +1 @@
+Is it somehow possible to password protect the whole wiki from _viewing_? And if so, how? I could only find that you can prevent editing, but not if you could prevent viewing the wiki itself.

Note another Debian 8 backport
diff --git a/doc/security.mdwn b/doc/security.mdwn
index 299109a..e7770dd 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -564,8 +564,8 @@ which are both used in most ikiwiki installations.
 This bug was reported on 2016-12-17. A partially fixed version
 3.20161219 was released on 2016-12-19, but the solution used in that
 version was not effective with git versions older than 2.8.0.
-A more complete fix was released on 2016-12-29 in version 3.20161229.
-A backport to Debian 8 'jessie' is in progress.
+A more complete fix was released on 2016-12-29 in version 3.20161229,
+with fixes backported to Debian 8 in version 3.20141016.4.
 
 ([[!debcve CVE-2016-10026]] represents the original vulnerability.
 [[!debcve CVE-2016-9645]]/OVE-20161226-0002 represents the vulnerability

Fix typo
diff --git a/doc/security.mdwn b/doc/security.mdwn
index 5c54031..299109a 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -598,7 +598,7 @@ in version 3.20141016.4.
 
 ## <span id="cve-2017-0356">Authentication bypass via repeated parameters</span>
 
-The ikiwiki maintainers discovered further flaws similar 2016-9646
+The ikiwiki maintainers discovered further flaws similar to CVE-2016-9646
 in the passwordauth plugin's use of CGI::FormBuilder, with a more
 serious impact:
 

Release 3.20170111
diff --git a/debian/changelog b/debian/changelog
index 36a9701..14045a9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-ikiwiki (3.20170111) UNRELEASED; urgency=medium
+ikiwiki (3.20170111) unstable; urgency=high
 
   * passwordauth: prevent authentication bypass via multiple name
     parameters (CVE-2017-0356, OVE-20170111-0001)
@@ -9,7 +9,7 @@ ikiwiki (3.20170111) UNRELEASED; urgency=medium
   * remove: make it clearer that repeated page parameter is OK here
   * t/passwordauth.t: new automated test for passwordauth
 
- -- Simon McVittie <smcv@debian.org>  Wed, 11 Jan 2017 18:12:05 +0000
+ -- Simon McVittie <smcv@debian.org>  Wed, 11 Jan 2017 18:16:53 +0000
 
 ikiwiki (3.20170110) unstable; urgency=medium
 
diff --git a/doc/news/version_3.20160905.mdwn b/doc/news/version_3.20160905.mdwn
deleted file mode 100644
index 9bd925b..0000000
--- a/doc/news/version_3.20160905.mdwn
+++ /dev/null
@@ -1,8 +0,0 @@
-ikiwiki 3.20160905 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
- * [ Joey Hess ]
-   * Fix installation when prefix includes a string metacharacter.
-     Thanks, Sam Hathaway.
- * [ Simon McVittie ]
-   * Use git log --no-renames to generate recentchanges, fixing the git
-     test-case with git 2.9 (Closes: #[835612](http://bugs.debian.org/835612))"""]]
\ No newline at end of file
diff --git a/doc/news/version_3.20170111.mdwn b/doc/news/version_3.20170111.mdwn
new file mode 100644
index 0000000..03b2ac2
--- /dev/null
+++ b/doc/news/version_3.20170111.mdwn
@@ -0,0 +1,10 @@
+ikiwiki 3.20170111 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+   * passwordauth: prevent authentication bypass via multiple name
+     parameters (CVE-2017-0356, OVE-20170111-0001)
+   * passwordauth: avoid userinfo forgery via repeated email parameter
+     (also in the scope of CVE-2017-0356)
+   * CGI, attachment, passwordauth: harden against repeated parameters
+     (not believed to have been a vulnerability)
+   * remove: make it clearer that repeated page parameter is OK here
+   * t/passwordauth.t: new automated test for passwordauth"""]]
\ No newline at end of file
diff --git a/ikiwiki.spec b/ikiwiki.spec
index ec08495..d9d0331 100644
--- a/ikiwiki.spec
+++ b/ikiwiki.spec
@@ -1,5 +1,5 @@
 Name:           ikiwiki
-Version: 3.20161229.1
+Version: 3.20170111
 Release:        1%{?dist}
 Summary:        A wiki compiler
 
diff --git a/po/ikiwiki.pot b/po/ikiwiki.pot
index f515d7f..d7f16b6 100644
--- a/po/ikiwiki.pot
+++ b/po/ikiwiki.pot
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2016-12-29 20:46+0000\n"
+"POT-Creation-Date: 2017-01-11 18:18+0000\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -28,7 +28,7 @@ msgstr ""
 msgid "login failed, perhaps you need to turn on cookies?"
 msgstr ""
 
-#: ../IkiWiki/CGI.pm:239 ../IkiWiki/CGI.pm:394
+#: ../IkiWiki/CGI.pm:239 ../IkiWiki/CGI.pm:395
 msgid "Your login session has expired."
 msgstr ""
 
@@ -44,15 +44,15 @@ msgstr ""
 msgid "Admin"
 msgstr ""
 
-#: ../IkiWiki/CGI.pm:302
+#: ../IkiWiki/CGI.pm:303
 msgid "Preferences saved."
 msgstr ""
 
-#: ../IkiWiki/CGI.pm:357
+#: ../IkiWiki/CGI.pm:358
 msgid "You are banned."
 msgstr ""
 
-#: ../IkiWiki/CGI.pm:490 ../IkiWiki/CGI.pm:491 ../IkiWiki.pm:1653
+#: ../IkiWiki/CGI.pm:491 ../IkiWiki/CGI.pm:492 ../IkiWiki.pm:1653
 msgid "Error"
 msgstr ""
 
@@ -167,19 +167,19 @@ msgstr ""
 msgid "prohibited by allowed_attachments"
 msgstr ""
 
-#: ../IkiWiki/Plugin/attachment.pm:234
+#: ../IkiWiki/Plugin/attachment.pm:235
 msgid "bad attachment filename"
 msgstr ""
 
-#: ../IkiWiki/Plugin/attachment.pm:307
+#: ../IkiWiki/Plugin/attachment.pm:308
 msgid "attachment upload"
 msgstr ""
 
-#: ../IkiWiki/Plugin/attachment.pm:358
+#: ../IkiWiki/Plugin/attachment.pm:359
 msgid "this attachment is not yet saved"
 msgstr ""
 
-#: ../IkiWiki/Plugin/attachment.pm:376
+#: ../IkiWiki/Plugin/attachment.pm:377
 msgid "just uploaded"
 msgstr ""
 
@@ -376,7 +376,7 @@ msgstr ""
 msgid "Invalid email address."
 msgstr ""
 
-#: ../IkiWiki/Plugin/emailauth.pm:98 ../IkiWiki/Plugin/passwordauth.pm:377
+#: ../IkiWiki/Plugin/emailauth.pm:98 ../IkiWiki/Plugin/passwordauth.pm:380
 msgid "Failed to send mail"
 msgstr ""
 
@@ -418,25 +418,25 @@ msgstr ""
 msgid "%s is an attachment, not a page."
 msgstr ""
 
-#: ../IkiWiki/Plugin/git.pm:929 ../IkiWiki/Plugin/git.pm:992 ../IkiWiki.pm:1873
+#: ../IkiWiki/Plugin/git.pm:933 ../IkiWiki/Plugin/git.pm:997 ../IkiWiki.pm:1873
 #, perl-format
 msgid "you are not allowed to change %s"
 msgstr ""
 
-#: ../IkiWiki/Plugin/git.pm:951
+#: ../IkiWiki/Plugin/git.pm:955
 #, perl-format
 msgid "you cannot act on a file with mode %s"
 msgstr ""
 
-#: ../IkiWiki/Plugin/git.pm:955
+#: ../IkiWiki/Plugin/git.pm:959
 msgid "you are not allowed to change file modes"
 msgstr ""
 
-#: ../IkiWiki/Plugin/git.pm:1029
+#: ../IkiWiki/Plugin/git.pm:1033
 msgid "you are not allowed to revert a merge"
 msgstr ""
 
-#: ../IkiWiki/Plugin/git.pm:1083 ../IkiWiki/Plugin/git.pm:1103
+#: ../IkiWiki/Plugin/git.pm:1085 ../IkiWiki/Plugin/git.pm:1104
 #, perl-format
 msgid "Failed to revert commit %s"
 msgstr ""
@@ -652,7 +652,7 @@ msgstr ""
 msgid "bad or missing template"
 msgstr ""
 
-#: ../IkiWiki/Plugin/passwordauth.pm:145 ../IkiWiki/Plugin/passwordauth.pm:343
+#: ../IkiWiki/Plugin/passwordauth.pm:145 ../IkiWiki/Plugin/passwordauth.pm:347
 msgid "Error creating account."
 msgstr ""
 
@@ -664,31 +664,31 @@ msgstr ""
 msgid "Create your user page"
 msgstr ""
 
-#: ../IkiWiki/Plugin/passwordauth.pm:340
+#: ../IkiWiki/Plugin/passwordauth.pm:344
 msgid "Account creation successful. Now you can Login."
 msgstr ""
 
-#: ../IkiWiki/Plugin/passwordauth.pm:350
+#: ../IkiWiki/Plugin/passwordauth.pm:353
 msgid "No email address, so cannot email password reset instructions."
 msgstr ""
 
-#: ../IkiWiki/Plugin/passwordauth.pm:379
+#: ../IkiWiki/Plugin/passwordauth.pm:382
 msgid "You have been mailed password reset instructions."
 msgstr ""
 
-#: ../IkiWiki/Plugin/passwordauth.pm:414
+#: ../IkiWiki/Plugin/passwordauth.pm:418
 msgid "incorrect password reset url"
 msgstr ""
 

(Diff truncated)
Document the security fix soon to be released in 3.20170111
diff --git a/debian/changelog b/debian/changelog
index 2183ef1..36a9701 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,16 @@
+ikiwiki (3.20170111) UNRELEASED; urgency=medium
+
+  * passwordauth: prevent authentication bypass via multiple name
+    parameters (CVE-2017-0356, OVE-20170111-0001)
+  * passwordauth: avoid userinfo forgery via repeated email parameter
+    (also in the scope of CVE-2017-0356)
+  * CGI, attachment, passwordauth: harden against repeated parameters
+    (not believed to have been a vulnerability)
+  * remove: make it clearer that repeated page parameter is OK here
+  * t/passwordauth.t: new automated test for passwordauth
+
+ -- Simon McVittie <smcv@debian.org>  Wed, 11 Jan 2017 18:12:05 +0000
+
 ikiwiki (3.20170110) unstable; urgency=medium
 
   [ Amitai Schleier ]
diff --git a/doc/security.mdwn b/doc/security.mdwn
index a538a49..5c54031 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -591,7 +591,23 @@ of them relatively minor:
   could potentially forge commit authorship (attribute their edit to
   someone else) by crafting multiple values for the rcsinfo field
 
-This was fixed in ikiwiki 3.20161229. A backport to Debian 8
-'jessie' is in progress.
+This was fixed in ikiwiki 3.20161229, with fixes backported to Debian 8
+in version 3.20141016.4.
 
 ([[!debcve CVE-2016-9646]]/OVE-20161226-0001)
+
+## <span id="cve-2017-0356">Authentication bypass via repeated parameters</span>
+
+The ikiwiki maintainers discovered further flaws similar 2016-9646
+in the passwordauth plugin's use of CGI::FormBuilder, with a more
+serious impact:
+
+* An attacker who can log in to a site with a password can log in
+  as a different and potentially more privileged user.
+* An attacker who can create a new account can set arbitrary fields
+  in the user database for that account.
+
+This was fixed in ikiwiki 3.20170111, with fixes backported to Debian 8
+in version 3.20141016.4.
+
+([[!debcve CVE-2017-0356]]/OVE-20170111-0001)

3.20170110
diff --git a/debian/changelog b/debian/changelog
index 8205b95..2183ef1 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-ikiwiki (3.20170109) UNRELEASED; urgency=medium
+ikiwiki (3.20170110) unstable; urgency=medium
 
   [ Amitai Schleier ]
   * wrappers: Correctly escape quotes in git_wrapper_background_command
@@ -41,7 +41,7 @@ ikiwiki (3.20170109) UNRELEASED; urgency=medium
     build-dependency, with virtual package libmagickcore-extra as an
     alternative, to help autopkgtest to do the right thing
 
- -- Simon McVittie <smcv@debian.org>  Mon, 09 Jan 2017 14:33:19 +0000
+ -- Simon McVittie <smcv@debian.org>  Tue, 10 Jan 2017 13:22:01 +0000
 
 ikiwiki (3.20161229.1) unstable; urgency=medium
 
diff --git a/doc/news/version_3.20160728.mdwn b/doc/news/version_3.20160728.mdwn
deleted file mode 100644
index 88baddc..0000000
--- a/doc/news/version_3.20160728.mdwn
+++ /dev/null
@@ -1,9 +0,0 @@
-ikiwiki 3.20160728 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
-   * Explicitly remove current working directory from Perl's library
-     search path, mitigating [[!debcve CVE-2016-1238]] (see [[!debbug 588017]])
-   * wrappers: allocate new environment dynamically, so we won't overrun
-     the array if third-party plugins add multiple environment variables.
-   * Standards-Version: 3.9.8 (no changes required)
-
---[[smcv]]"""]]
diff --git a/doc/news/version_3.20170110.mdwn b/doc/news/version_3.20170110.mdwn
new file mode 100644
index 0000000..b28cee0
--- /dev/null
+++ b/doc/news/version_3.20170110.mdwn
@@ -0,0 +1,41 @@
+ikiwiki 3.20170110 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+ * [ Amitai Schleier ]
+   * wrappers: Correctly escape quotes in git\_wrapper\_background\_command
+ * [ Simon McVittie ]
+   * git: use an explicit function parameter for the directory to work
+     in. Previously, we used global state that was not restored correctly
+     on catching exceptions, causing an unintended log message
+     "cannot chdir to .../ikiwiki-temp-working: No such file or directory"
+     with versions &gt;= 3.20161229 when an attempt to revert a change fails
+     or is disallowed
+   * git: don't run "git rev-list ... -- -- ..." which would select the
+     wrong commits if a file named literally "--" is present in the
+     repository
+   * check\_canchange: log "bad file name whatever", not literal string
+     "bad file name %s"
+   * t/git-cgi.t: fix a race condition that made the test fail
+     intermittently
+   * t/git-cgi.t: be more careful to provide a syntactically valid
+     author/committer name and email, hopefully fixing this test on
+     ci.debian.net
+   * templates, comments, passwordauth: use rel=nofollow microformat
+     for dynamic URLs
+   * templates: use rel=nofollow microformat for comment authors
+   * news: use Debian security tracker instead of MITRE for security
+     references. Thanks, anarcat
+   * Set package format to 3.0 (native)
+   * d/copyright: re-order to put more specific stanzas later, to get the
+     intended interpretation
+   * d/source/lintian-overrides: override obsolete-url-in-packaging for
+     OpenID Selector, which does not seem to have any more current URL
+     (and in any case our version is a fork)
+   * docwiki.setup: exclude TourBusStop from offline documentation.
+     It does not make much sense there.
+   * d/ikiwiki.lintian-overrides: override script-not-executable warnings
+   * d/ikiwiki.lintian-overrides: silence false positive spelling warning
+     for Moin Moin
+   * d/ikiwiki.doc-base: register the documentation with doc-base
+   * d/control: set libmagickcore-6.q16-3-extra as preferred
+     build-dependency, with virtual package libmagickcore-extra as an
+     alternative, to help autopkgtest to do the right thing"""]]
\ No newline at end of file

news: Use Debian security tracker instead of MITRE for CVE references
The Debian security tracker gets timely updates, whereas the official
CVE pages hosted by MITRE tend to show up as "RESERVED" for several
weeks or months after assignment.
diff --git a/doc/news/version_3.20160728.mdwn b/doc/news/version_3.20160728.mdwn
index 6836a9b..88baddc 100644
--- a/doc/news/version_3.20160728.mdwn
+++ b/doc/news/version_3.20160728.mdwn
@@ -1,7 +1,7 @@
 ikiwiki 3.20160728 released with [[!toggle text="these changes"]]
 [[!toggleable text="""
    * Explicitly remove current working directory from Perl's library
-     search path, mitigating [[!cve CVE-2016-1238]] (see [[!debbug 588017]])
+     search path, mitigating [[!debcve CVE-2016-1238]] (see [[!debbug 588017]])
    * wrappers: allocate new environment dynamically, so we won't overrun
      the array if third-party plugins add multiple environment variables.
    * Standards-Version: 3.9.8 (no changes required)
diff --git a/doc/news/version_3.20161219.mdwn b/doc/news/version_3.20161219.mdwn
index b039009..e4f32db 100644
--- a/doc/news/version_3.20161219.mdwn
+++ b/doc/news/version_3.20161219.mdwn
@@ -7,7 +7,7 @@ ikiwiki 3.20161219 released with [[!toggle text="these changes"]]
    * Security: tell `git revert` not to follow renames. If it does, then
      renaming a file can result in a revert writing outside the wiki srcdir
      or altering a file that the reverting user should not be able to alter,
-     an authorization bypass. Thanks, intrigeri. ([[!cve CVE-2016-10026]])
+     an authorization bypass. Thanks, intrigeri. ([[!debcve CVE-2016-10026]])
    * cgitemplate: remove some dead code. Thanks, blipvert
    * Restrict CSS matches against header class to not break
      Pandoc tables with header rows. Thanks, karsk
diff --git a/doc/news/version_3.20161229.mdwn b/doc/news/version_3.20161229.mdwn
index 7d96ced..365cb69 100644
--- a/doc/news/version_3.20161229.mdwn
+++ b/doc/news/version_3.20161229.mdwn
@@ -2,17 +2,17 @@ ikiwiki 3.20161229 released with [[!toggle text="these changes"]]
 [[!toggleable text="""
    * Security: force CGI::FormBuilder-&gt;field to scalar context where
      necessary, avoiding unintended function argument injection
-     analogous to [[!cve CVE-2014-1572]]. In ikiwiki this could be used to
+     analogous to [[!debcve CVE-2014-1572]]. In ikiwiki this could be used to
      forge commit metadata, but thankfully nothing more serious.
-     ([[!cve CVE-2016-9646]])
+     ([[!debcve CVE-2016-9646]])
    * Security: try revert operations in a temporary working tree before
      approving them. Previously, automatic rename detection could result in
      a revert writing outside the wiki srcdir or altering a file that the
      reverting user should not be able to alter, an authorization bypass.
-     ([[!cve CVE-2016-10026]] represents the original vulnerability.)
+     ([[!debcve CVE-2016-10026]] represents the original vulnerability.)
      The incomplete fix released in 3.20161219 was not effective for git
      versions prior to 2.8.0rc0.
-     ([[!cve CVE-2016-9645]] represents that incomplete solution.)
+     ([[!debcve CVE-2016-9645]] represents that incomplete solution.)
    * Add CVE references for CVE-2016-10026
    * Add automated test for using the CGI with git, including
      CVE-2016-10026
diff --git a/doc/security.mdwn b/doc/security.mdwn
index 56b6481..a538a49 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -368,9 +368,9 @@ allow the security hole to be exploited.
 
 The htmlscrubber did not block javascript in uris. This was fixed by adding
 a whitelist of valid uri types, which does not include javascript. 
-([[!cve CVE-2008-0809]]) Some urls specifyable by the meta plugin could also
+([[!debcve CVE-2008-0809]]) Some urls specifyable by the meta plugin could also
 theoretically have been used to inject javascript; this was also blocked
-([[!cve CVE-2008-0808]]).
+([[!debcve CVE-2008-0808]]).
 
 This hole was discovered on 10 February 2008 and fixed the same day
 with the release of ikiwiki 2.31.1. (And a few subsequent versions..)
@@ -383,7 +383,7 @@ parties.
 Cross Site Request Forging could be used to constuct a link that would
 change a logged-in user's password or other preferences if they clicked on
 the link. It could also be used to construct a link that would cause a wiki
-page to be modified by a logged-in user. ([[!cve CVE-2008-0165]])
+page to be modified by a logged-in user. ([[!debcve CVE-2008-0165]])
 
 These holes were discovered on 10 April 2008 and fixed the same day with
 the release of ikiwiki 2.42. A fix was also backported to Debian etch, as
@@ -410,7 +410,7 @@ passwords in cleartext over the net to log in, either.
 This hole allowed ikiwiki to accept logins using empty passwords, to openid
 accounts that didn't use a password. It was introduced in version 1.34, and
 fixed in version 2.48. The [bug](http://bugs.debian.org/483770) was
-discovered on 30 May 2008 and fixed the same day. ([[!cve CVE-2008-0169]])
+discovered on 30 May 2008 and fixed the same day. ([[!debcve CVE-2008-0169]])
 
 I recommend upgrading to 2.48 immediatly if your wiki allows both password
 and openid logins.
@@ -433,7 +433,7 @@ bypassed and used to read arbitrary files. This was fixed by
 enabling TeX configuration options that disallow unsafe TeX commands.
 The fix was released on 30 Aug 2009 in version 3.1415926, and was
 backported to stable in version 2.53.4. If you use the teximg plugin,
-I recommend upgrading. ([[!cve CVE-2009-2944]])
+I recommend upgrading. ([[!debcve CVE-2009-2944]])
 
 ## javascript insertion via svg uris
 
@@ -458,7 +458,7 @@ Additionally, it was discovered that comments' html was never scrubbed during
 preview or moderation of comments with such a configuration.
 
 These problems were discovered on 12 November 2010 and fixed the same
-hour with the release of ikiwiki 3.20101112. ([[!cve CVE-2010-1673]])
+hour with the release of ikiwiki 3.20101112. ([[!debcve CVE-2010-1673]])
 
 ## javascript insertion via insufficient checking in comments
 
@@ -468,7 +468,7 @@ used for an XSS attack.
 This hole was discovered on 22 Jan 2011 and fixed the same day with
 the release of ikiwiki 3.20110122. A fix was backported to Debian squeeze,
 as version 3.20100815.5. An upgrade is recommended for sites
-with the comments plugin enabled. ([[!cve CVE-2011-0428]])
+with the comments plugin enabled. ([[!debcve CVE-2011-0428]])
 
 ## possible javascript insertion via insufficient htmlscrubbing of alternate stylesheets
 
@@ -480,13 +480,13 @@ This hole was discovered on 28 Mar 2011 and fixed the same hour with
 the release of ikiwiki 3.20110328. A fix was backported to Debian squeeze,
 as version 3.20100815.6. An upgrade is recommended for sites that have
 untrusted committers, or have the attachments plugin enabled.
-([[!cve CVE-2011-1401]])
+([[!debcve CVE-2011-1401]])
 
 ## tty hijacking via ikiwiki-mass-rebuild
 
 Ludwig Nussel discovered a way for users to hijack root's tty when
 ikiwiki-mass-rebuild was run. Additionally, there was some potential
-for information disclosure via symlinks. ([[!cve CVE-2011-1408]])
+for information disclosure via symlinks. ([[!debcve CVE-2011-1408]])
 
 This hole was discovered on 8 June 2011 and fixed the same day with
 the release of ikiwiki 3.20110608. Note that the fix is dependant on
@@ -498,7 +498,7 @@ installed suid (not the default), and whose admins run `ikiwiki-mass-rebuild`.
 ## javascript insertion via meta tags
 
 Raúl Benencia discovered an additional XSS exposure in the meta plugin.
-([[!cve CVE-2012-0220]])
+([[!debcve CVE-2012-0220]])
 
 This hole was discovered on 16 May 2012 and fixed the same day with
 the release of ikiwiki 3.20120516. A fix was backported to Debian squeeze,
@@ -506,7 +506,7 @@ as version 3.20100815.9. An upgrade is recommended for all sites.
 
 ## XSS via openid selector
 
-Raghav Bisht discovered this XSS in the openid selector. ([[!cve CVE-2015-2793]])
+Raghav Bisht discovered this XSS in the openid selector. ([[!debcve CVE-2015-2793]])
 
 The hole was reported on March 24th, a fix was developed on March 27th,
 and the fixed version 3.20150329 was released on the 29th. A fix was backported
@@ -524,12 +524,12 @@ was discovered on 4 May by the ikiwiki developers, and the fixed version
 in progress.
 
 An upgrade is recommended for sites using
-the CGI. ([[!cve CVE-2016-4561]], OVE-20160505-0012)
+the CGI. ([[!debcve CVE-2016-4561]], OVE-20160505-0012)
 
 ## ImageMagick CVE-2016–3714 ("ImageTragick")
 
 ikiwiki 3.20160506 and 3.20141016.3 attempt to mitigate
-[[!cve CVE-2016-3714]], and any
+[[!debcve CVE-2016-3714]], and any
 future ImageMagick vulnerabilities that resemble it, by restricting the
 image formats that the [[ikiwiki/directive/img]] directive is willing to
 resize. An upgrade is recommended for sites where an untrusted user is
@@ -539,7 +539,7 @@ writing no such version is available.
 
 ## Perl CVE-2016-1238 (current working directory in search path)
 
-ikiwiki 3.20160728 attempts to mitigate [[!cve CVE-2016-1238]] by
+ikiwiki 3.20160728 attempts to mitigate [[!debcve CVE-2016-1238]] by
 removing `'.'` from the Perl library search path. An attacker with write
 access to ikiwiki's current working directory could potentially use this
 vulnerability to execute arbitrary Perl code. An upgrade is recommended
@@ -567,8 +567,8 @@ version was not effective with git versions older than 2.8.0.
 A more complete fix was released on 2016-12-29 in version 3.20161229.
 A backport to Debian 8 'jessie' is in progress.
 
-([[!cve CVE-2016-10026]] represents the original vulnerability.
-[[!cve CVE-2016-9645]]/OVE-20161226-0002 represents the vulnerability
+([[!debcve CVE-2016-10026]] represents the original vulnerability.
+[[!debcve CVE-2016-9645]]/OVE-20161226-0002 represents the vulnerability
 in 3.20161219 caused by the incomplete fix.)
 
 ## <span id="cve-2016-9646">Commit metadata forgery via CGI::FormBuilder context-dependent APIs</span>
@@ -594,4 +594,4 @@ of them relatively minor:
 This was fixed in ikiwiki 3.20161229. A backport to Debian 8
 'jessie' is in progress.
 
-([[!cve CVE-2016-9646]]/OVE-20161226-0001)
+([[!debcve CVE-2016-9646]]/OVE-20161226-0001)

shortcuts: Use security-tracker.debian.org for [[!debcve]]
security.debian.org currently rejects HTTPS connections.
diff --git a/doc/shortcuts.mdwn b/doc/shortcuts.mdwn
index 00379d8..7d1f491 100644
--- a/doc/shortcuts.mdwn
+++ b/doc/shortcuts.mdwn
@@ -28,7 +28,7 @@ This page controls what shortcut links the wiki supports.
 * [[!shortcut name=debss url="http://snapshot.debian.org/package/%s/"]]
   * Usage: `\[[!debss package]]` or `\[[!debss package/version]]`.  See <http://snapshot.debian.org/> for details.
 * [[!shortcut name=debwiki url="https://wiki.debian.org/%S"]]
-* [[!shortcut name=debcve url="https://security.debian.org/%S"]]
+* [[!shortcut name=debcve url="https://security-tracker.debian.org/tracker/%S"]]
   * also supports Debian bug numbers, packages and whatever the [security tracker](https://security-tracker.debian.org/tracker/) supports.
 * [[!shortcut name=fdobug url="https://bugs.freedesktop.org/show_bug.cgi?id=%s" desc="freedesktop.org bug #%s"]]
 * [[!shortcut name=fdolist url="http://lists.freedesktop.org/mailman/listinfo/%s" desc="%s@lists.freedesktop.org"]]

add debian security tracker
diff --git a/doc/shortcuts.mdwn b/doc/shortcuts.mdwn
index ea905d8..00379d8 100644
--- a/doc/shortcuts.mdwn
+++ b/doc/shortcuts.mdwn
@@ -28,6 +28,8 @@ This page controls what shortcut links the wiki supports.
 * [[!shortcut name=debss url="http://snapshot.debian.org/package/%s/"]]
   * Usage: `\[[!debss package]]` or `\[[!debss package/version]]`.  See <http://snapshot.debian.org/> for details.
 * [[!shortcut name=debwiki url="https://wiki.debian.org/%S"]]
+* [[!shortcut name=debcve url="https://security.debian.org/%S"]]
+  * also supports Debian bug numbers, packages and whatever the [security tracker](https://security-tracker.debian.org/tracker/) supports.
 * [[!shortcut name=fdobug url="https://bugs.freedesktop.org/show_bug.cgi?id=%s" desc="freedesktop.org bug #%s"]]
 * [[!shortcut name=fdolist url="http://lists.freedesktop.org/mailman/listinfo/%s" desc="%s@lists.freedesktop.org"]]
 * [[!shortcut name=gnomebug url="https://bugzilla.gnome.org/show_bug.cgi?id=%s" desc="GNOME bug #%s"]]

3.20161229.1
diff --git a/debian/changelog b/debian/changelog
index 7eb10ca..99081bc 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,10 +1,10 @@
-ikiwiki (3.20161229.1) UNRELEASED; urgency=medium
+ikiwiki (3.20161229.1) unstable; urgency=medium
 
   * git: Attribute reverts to the user doing the revert, not the wiki
     itself.
   * git: Do not disable the commit hook while preparing a revert.
 
- -- Simon McVittie <smcv@debian.org>  Thu, 29 Dec 2016 20:35:51 +0000
+ -- Simon McVittie <smcv@debian.org>  Thu, 29 Dec 2016 20:46:24 +0000
 
 ikiwiki (3.20161229) unstable; urgency=medium
 
diff --git a/doc/news/version_3.20160506.mdwn b/doc/news/version_3.20160506.mdwn
deleted file mode 100644
index 6800a30..0000000
--- a/doc/news/version_3.20160506.mdwn
+++ /dev/null
@@ -1,49 +0,0 @@
-News for ikiwiki 3.20160506:
-
-   To mitigate [[!cve CVE-2016-3714]] and similar ImageMagick security vulnerabilities,
-   the `\[[!img]]` directive is now restricted to these common web formats by
-   default:
-
-   * JPEG (`.jpg`, `.jpeg`)
-   * PNG (`.png`)
-   * GIF (`.gif`)
-   * SVG (`.svg`)
-
-   (In particular, by default resizing PDF files is no longer allowed.)
-
-   Additionally, resized SVG files are displayed in the browser as SVG
-   instead of being converted to PNG.
-
-   If all users who can attach images are fully trusted, this restriction
-   can be removed with the new img\_allowed\_formats setup option.
-   See [[ikiwiki/directive/img]] for more details.
-
-ikiwiki 3.20160506 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
- * [ [[Simon McVittie|smcv]] ]
-   * HTML-escape error messages, in one case avoiding potential cross-site
-     scripting ([[!cve CVE-2016-4561]], OVE-20160505-0012)
-   * Mitigate ImageMagick vulnerabilities such as CVE-2016-3714:
-     - img: force common Web formats to be interpreted according to extension,
-       so that "allowed\_attachments: '*.jpg'" does what one might expect
-     - img: restrict to JPEG, PNG and GIF images by default, again mitigating
-       CVE-2016-3714 and similar vulnerabilities
-     - img: check that the magic number matches what we would expect from
-       the extension before giving common formats to ImageMagick
-   * d/control: use https for Homepage
-   * d/control: add Vcs-Browser
- * [ [[Joey Hess|joey]] ]
-   * img: Add back support for SVG images, bypassing ImageMagick and
-     simply passing the SVG through to the browser, which is supported by all
-     commonly used browsers these days.
-     SVG scaling by img directives has subtly changed; where before
-     size=wxh would preserve aspect ratio, this cannot be done when passing
-     them through and so specifying both a width and height can change
-     the SVG's aspect ratio.
-   * loginselector: When only openid and emailauth are enabled, but
-     passwordauth is not, avoid showing a "Other" box which opens an
-     empty form.
- * [ [[Amitai Schlair|schmonz]] ]
-   * mdwn: Process .md like .mdwn, but disallow web creation.
- * [ Florian Wagner ]
-   * git: Correctly handle filenames starting with a dash in add/rm/mv."""]]
diff --git a/doc/news/version_3.20161229.1.mdwn b/doc/news/version_3.20161229.1.mdwn
new file mode 100644
index 0000000..a09a3b2
--- /dev/null
+++ b/doc/news/version_3.20161229.1.mdwn
@@ -0,0 +1,5 @@
+ikiwiki 3.20161229.1 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+   * git: Attribute reverts to the user doing the revert, not the wiki
+     itself.
+   * git: Do not disable the commit hook while preparing a revert."""]]
\ No newline at end of file
diff --git a/ikiwiki.spec b/ikiwiki.spec
index 39ddd5c..ec08495 100644
--- a/ikiwiki.spec
+++ b/ikiwiki.spec
@@ -1,5 +1,5 @@
 Name:           ikiwiki
-Version: 3.20160728
+Version: 3.20161229.1
 Release:        1%{?dist}
 Summary:        A wiki compiler
 
diff --git a/po/bg.po b/po/bg.po
index c45130a..ec6416e 100644
--- a/po/bg.po
+++ b/po/bg.po
@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: ikiwiki-bg\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2016-06-14 18:58+0000\n"
+"POT-Creation-Date: 2016-12-29 20:37+0000\n"
 "PO-Revision-Date: 2007-01-12 01:19+0200\n"
 "Last-Translator: Damyan Ivanov <dam@modsodtsys.com>\n"
 "Language-Team: Bulgarian <dict@fsa-bg.org>\n"
@@ -17,42 +17,42 @@ msgstr ""
 "Content-Transfer-Encoding: 8bit\n"
 "X-Generator: KBabel 1.11.4\n"
 
-#: ../IkiWiki/CGI.pm:222
+#: ../IkiWiki/CGI.pm:217
 msgid ""
 "probable misconfiguration: sslcookie is set, but you are attempting to login "
 "via http, not https"
 msgstr ""
 
-#: ../IkiWiki/CGI.pm:225
+#: ../IkiWiki/CGI.pm:220
 msgid "login failed, perhaps you need to turn on cookies?"
 msgstr ""
 
-#: ../IkiWiki/CGI.pm:244 ../IkiWiki/CGI.pm:399
+#: ../IkiWiki/CGI.pm:239 ../IkiWiki/CGI.pm:394
 msgid "Your login session has expired."
 msgstr ""
 
-#: ../IkiWiki/CGI.pm:265
+#: ../IkiWiki/CGI.pm:260
 msgid "Login"
 msgstr ""
 
-#: ../IkiWiki/CGI.pm:266
+#: ../IkiWiki/CGI.pm:261
 #, fuzzy
 msgid "Preferences"
 msgstr "Предпочитанията са запазени."
 
-#: ../IkiWiki/CGI.pm:267
+#: ../IkiWiki/CGI.pm:262
 msgid "Admin"
 msgstr ""
 
-#: ../IkiWiki/CGI.pm:307
+#: ../IkiWiki/CGI.pm:302
 msgid "Preferences saved."
 msgstr "Предпочитанията са запазени."
 
-#: ../IkiWiki/CGI.pm:362
+#: ../IkiWiki/CGI.pm:357
 msgid "You are banned."
 msgstr "Достъпът ви е забранен."
 
-#: ../IkiWiki/CGI.pm:495 ../IkiWiki/CGI.pm:496 ../IkiWiki.pm:1653
+#: ../IkiWiki/CGI.pm:490 ../IkiWiki/CGI.pm:491 ../IkiWiki.pm:1653
 msgid "Error"
 msgstr "Грешка"
 
@@ -139,7 +139,7 @@ msgstr "грешка при обработване на шаблона"
 msgid "deleting bucket.."
 msgstr ""
 
-#: ../IkiWiki/Plugin/amazon_s3.pm:38 ../ikiwiki.in:225
+#: ../IkiWiki/Plugin/amazon_s3.pm:38 ../ikiwiki.in:226
 msgid "done"
 msgstr "готово"
 
@@ -278,37 +278,37 @@ msgstr ""
 msgid "comments on page '%s' are closed"
 msgstr ""
 
-#: ../IkiWiki/Plugin/comments.pm:584
+#: ../IkiWiki/Plugin/comments.pm:585
 msgid "comment stored for moderation"
 msgstr ""
 
-#: ../IkiWiki/Plugin/comments.pm:586
+#: ../IkiWiki/Plugin/comments.pm:587
 msgid "Your comment will be posted after moderator review"
 msgstr ""
 
-#: ../IkiWiki/Plugin/comments.pm:599
+#: ../IkiWiki/Plugin/comments.pm:600
 msgid "Added a comment"
 msgstr ""
 
-#: ../IkiWiki/Plugin/comments.pm:603
+#: ../IkiWiki/Plugin/comments.pm:604
 #, perl-format
 msgid "Added a comment: %s"
 msgstr ""
 
-#: ../IkiWiki/Plugin/comments.pm:677 ../IkiWiki/Plugin/userlist.pm:55
+#: ../IkiWiki/Plugin/comments.pm:678 ../IkiWiki/Plugin/userlist.pm:55
 #: ../IkiWiki/Plugin/websetup.pm:272
 msgid "you are not logged in as an admin"
 msgstr ""
 

(Diff truncated)
add anchors for use in advisory to oss-security
diff --git a/doc/security.mdwn b/doc/security.mdwn
index 823f5ef..56b6481 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -547,7 +547,7 @@ for sites where an untrusted user is able to attach files with arbitrary
 names and/or run a setuid ikiwiki wrapper with a working directory of
 their choice.
 
-## Editing restriction bypass for git revert
+## <span id="cve-2016-9645">Editing restriction bypass for git revert</span>
 
 intrigeri discovered that a web or git user could revert a change to a
 page they are not allowed to edit, if the change being reverted was made
@@ -571,7 +571,7 @@ A backport to Debian 8 'jessie' is in progress.
 [[!cve CVE-2016-9645]]/OVE-20161226-0002 represents the vulnerability
 in 3.20161219 caused by the incomplete fix.)
 
-## Commit metadata forgery via CGI::FormBuilder context-dependent APIs
+## <span id="cve-2016-9646">Commit metadata forgery via CGI::FormBuilder context-dependent APIs</span>
 
 When CGI::FormBuilder->field("foo") is called in list context (and
 in particular in the arguments to a subroutine that takes named

Clarify which versions of ikiwiki fixed CVE-2016-9645, -9646
diff --git a/doc/security.mdwn b/doc/security.mdwn
index 317a534..823f5ef 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -564,6 +564,8 @@ which are both used in most ikiwiki installations.
 This bug was reported on 2016-12-17. A partially fixed version
 3.20161219 was released on 2016-12-19, but the solution used in that
 version was not effective with git versions older than 2.8.0.
+A more complete fix was released on 2016-12-29 in version 3.20161229.
+A backport to Debian 8 'jessie' is in progress.
 
 ([[!cve CVE-2016-10026]] represents the original vulnerability.
 [[!cve CVE-2016-9645]]/OVE-20161226-0002 represents the vulnerability
@@ -589,4 +591,7 @@ of them relatively minor:
   could potentially forge commit authorship (attribute their edit to
   someone else) by crafting multiple values for the rcsinfo field
 
+This was fixed in ikiwiki 3.20161229. A backport to Debian 8
+'jessie' is in progress.
+
 ([[!cve CVE-2016-9646]]/OVE-20161226-0001)

3.20161229
diff --git a/debian/changelog b/debian/changelog
index bc04809..cd7e158 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,4 +1,4 @@
-ikiwiki (3.20161220) UNRELEASED; urgency=medium
+ikiwiki (3.20161229) unstable; urgency=medium
 
   * Security: force CGI::FormBuilder->field to scalar context where
     necessary, avoiding unintended function argument injection
@@ -22,7 +22,7 @@ ikiwiki (3.20161220) UNRELEASED; urgency=medium
   * git: do not fail to commit changes with a recent git version
     and an anonymous committer
 
- -- Simon McVittie <smcv@debian.org>  Wed, 21 Dec 2016 13:03:07 +0000
+ -- Simon McVittie <smcv@debian.org>  Thu, 29 Dec 2016 17:36:15 +0000
 
 ikiwiki (3.20161219) unstable; urgency=medium
 
diff --git a/doc/news/version_3.20160121.mdwn b/doc/news/version_3.20160121.mdwn
deleted file mode 100644
index 2e727a6..0000000
--- a/doc/news/version_3.20160121.mdwn
+++ /dev/null
@@ -1,46 +0,0 @@
-ikiwiki 3.20160121 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
- * [ [[Amitai Schlair|schmonz]] ]
-   * [[plugins/meta]]: Fix `\[[!meta name=foo]]` by closing the open quote.
-   * Avoid unescaped `{` in regular expressions
-   * meta test: Add tests for many behaviors of the directive.
-   * img test: Bail gracefully when [[!cpan ImageMagick]] is not present.
- * [ [[Joey Hess|joey]] ]
-   * [[plugins/emailauth]]: Added `emailauth_sender` config.
-   * Modified `page.tmpl` to to set html `lang=` and `dir=` when
-     values have been specified for them, which the [[plugins/po|po plugin]] does.
-   * Specifically license the javascript underlay under the permissive
-     basewiki license.
- * [ [[Simon McVittie|smcv]] ]
-   * [[plugins/git]]: if no committer identity is known, set it to
-     `IkiWiki <ikiwiki.info>` in `.git/config`. This resolves commit errors
-     in versions of git that require a non-trivial committer identity.
-   * [[plugins/inline]], [[plugins/trail]]: rename `show`, `feedshow` parameters to `limit`, `feedlimit`
-     (with backwards compatibility)
-   * [[plugins/pagestats]]: add `show` option to show [[plugins/meta]] fields. Thanks, [[Louis|spalax]]
-   * [[plugins/inline]]: force RSS `<comments>` to be a fully absolute URL as required
-     by the W3C validator. Please use Atom feeds if relative URLs are
-     desirable on your site.
-   * [[plugins/inline]]: add `<atom:link rel="self">` to RSS feeds as recommended by
-     the W3C validator
-   * [[plugins/inline]]: do not produce links containing `/./` or `/../`
-   * syslog: accept and encode UTF-8 messages
-   * syslog: don't fail to log if the wiki name contains `%s`
-   * Change dependencies from transitional package [[!debpkg perlmagick]]
-     to [[!debpkg libimage-magick-perl]] (Closes: #[789221](http://bugs.debian.org/789221))
-   * debian/copyright: update for the rename of `openid-selector` to
-     `login-selector`
-   * d/control: remove leading article from Description
-     (lintian: description-synopsis-starts-with-article)
-   * d/control: Standards-Version: 3.9.6, no changes required
-   * Wrap and sort control files (`wrap-and-sort -abst`)
-   * Silence "used only once: possible typo" warnings for variables
-     that are part of modules' APIs
-   * Run [[!debpkg autopkgtest]] tests using [[!debpkg autodep8]] and the pkg-perl team's
-     infrastructure
-   * Add enough build-dependencies to run all tests, except for
-     non-git VCSs
-   * tests: consistently use `done_testing` instead of `no_plan`
-   * `t/img.t`: do not spuriously skip
-   * img test: skip testing PDFs if unsupported
-   * img test: use the right filenames when testing that deletion occurs"""]]
diff --git a/doc/news/version_3.20161229.mdwn b/doc/news/version_3.20161229.mdwn
new file mode 100644
index 0000000..7d96ced
--- /dev/null
+++ b/doc/news/version_3.20161229.mdwn
@@ -0,0 +1,23 @@
+ikiwiki 3.20161229 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+   * Security: force CGI::FormBuilder-&gt;field to scalar context where
+     necessary, avoiding unintended function argument injection
+     analogous to [[!cve CVE-2014-1572]]. In ikiwiki this could be used to
+     forge commit metadata, but thankfully nothing more serious.
+     ([[!cve CVE-2016-9646]])
+   * Security: try revert operations in a temporary working tree before
+     approving them. Previously, automatic rename detection could result in
+     a revert writing outside the wiki srcdir or altering a file that the
+     reverting user should not be able to alter, an authorization bypass.
+     ([[!cve CVE-2016-10026]] represents the original vulnerability.)
+     The incomplete fix released in 3.20161219 was not effective for git
+     versions prior to 2.8.0rc0.
+     ([[!cve CVE-2016-9645]] represents that incomplete solution.)
+   * Add CVE references for CVE-2016-10026
+   * Add automated test for using the CGI with git, including
+     CVE-2016-10026
+     - Build-depend on libipc-run-perl for better build-time test coverage
+   * Add missing ikiwiki.setup for the manual test for CVE-2016-10026
+   * git: don't issue a warning if the rcsinfo CGI parameter is undefined
+   * git: do not fail to commit changes with a recent git version
+     and an anonymous committer"""]]

Add CVE references for CVE-2016-9646, CVE-2016-9645
Thanks to the Debian security team for allocating these.
diff --git a/debian/changelog b/debian/changelog
index c7d1938..bc04809 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,14 +4,15 @@ ikiwiki (3.20161220) UNRELEASED; urgency=medium
     necessary, avoiding unintended function argument injection
     analogous to CVE-2014-1572. In ikiwiki this could be used to
     forge commit metadata, but thankfully nothing more serious.
-    (OVE-20161226-0001)
-  * Security: try revert operations before approving them. Previously,
-    automatic rename detection could result in a revert writing outside
-    the wiki srcdir or altering a file that the reverting user should not be
-    able to alter, an authorization bypass. The incomplete fix released in
-    3.20161219 was not effective for git versions prior to 2.8.0rc0.
-    (CVE-2016-10026 represents the original vulnerability)
-    (OVE-20161226-0002 represents the incomplete fix released in 3.20161219)
+    (CVE-2016-9646)
+  * Security: try revert operations in a temporary working tree before
+    approving them. Previously, automatic rename detection could result in
+    a revert writing outside the wiki srcdir or altering a file that the
+    reverting user should not be able to alter, an authorization bypass.
+    (CVE-2016-10026 represents the original vulnerability.)
+    The incomplete fix released in 3.20161219 was not effective for git
+    versions prior to 2.8.0rc0.
+    (CVE-2016-9645 represents that incomplete solution.)
   * Add CVE references for CVE-2016-10026
   * Add automated test for using the CGI with git, including
     CVE-2016-10026
diff --git a/doc/security.mdwn b/doc/security.mdwn
index c08d658..317a534 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -566,7 +566,8 @@ This bug was reported on 2016-12-17. A partially fixed version
 version was not effective with git versions older than 2.8.0.
 
 ([[!cve CVE-2016-10026]] represents the original vulnerability.
-OVE-20161226-0002 represents the incomplete fix in 3.20161219.)
+[[!cve CVE-2016-9645]]/OVE-20161226-0002 represents the vulnerability
+in 3.20161219 caused by the incomplete fix.)
 
 ## Commit metadata forgery via CGI::FormBuilder context-dependent APIs
 
@@ -588,4 +589,4 @@ of them relatively minor:
   could potentially forge commit authorship (attribute their edit to
   someone else) by crafting multiple values for the rcsinfo field
 
-(OVE-20161226-0001)
+([[!cve CVE-2016-9646]]/OVE-20161226-0001)

Prune git remotes that are unreachable or unresponsive
diff --git a/doc/git.mdwn b/doc/git.mdwn
index 4808e57..bcf454e 100644
--- a/doc/git.mdwn
+++ b/doc/git.mdwn
@@ -45,13 +45,13 @@ think about merging them. This is recommended. :-)
 * [[chrysn]] `git://prometheus.amsuess.com/ikiwiki`
 * [[simonraven]] (unavailable) `git://github.com/kjikaqawej/ikiwiki-simon.git`
 * [[schmonz]] `git://github.com/schmonz/ikiwiki.git`
-* [[will]] `http://www.cse.unsw.edu.au/~willu/ikiwiki.git`
+* [[will]] (unavailable) `http://www.cse.unsw.edu.au/~willu/ikiwiki.git`
 * [[kaizer]] `git://github.com/engla/ikiwiki.git`
 * [[bbb]] (unavailable) `http://git.boulgour.com/bbb/ikiwiki.git`
 * [[KathrynAndersen]] `git://github.com/rubykat/ikiplugins.git`
 * [[ktf]] `git://github.com/ktf/ikiwiki.git`
 * [[tove]] `git://github.com/tove/ikiwiki.git`
-* [[GiuseppeBilotta]] `git://git.oblomov.eu/ikiwiki`
+* [[GiuseppeBilotta]] (unavailable) `git://git.oblomov.eu/ikiwiki`
 * [[roktas]] (unavailable) `git://github.com/roktas/ikiwiki.git`
 * [[davrieb|David_Riebenbauer]] (unavailable) `git://git.liegesta.at/git/ikiwiki`
   ([browse](http://git.liegesta.at/?p=ikiwiki.git;a=summary))
@@ -77,7 +77,7 @@ think about merging them. This is recommended. :-)
 * anderbubble `git://civilfritz.net/ikiwiki.git`
 * frioux `git://github.com/frioux/ikiwiki`
 * llipavsky `git://github.com/llipavsky/ikiwiki`
-* [[cbaines]] `git://git.cbaines.net/ikiwiki`
+* [[cbaines]] (unavailable) `git://git.cbaines.net/ikiwiki`
 * [[mhameed]] `git://github.com/mhameed/ikiwiki.git`
 * [[spalax]] `git://github.com/paternal/ikiwiki.git` ([[browse|https://github.com/paternal/ikiwiki]])
 * [[jcflack]] `git://github.com/jcflack/ikiwiki.git`

Added a comment
diff --git a/doc/forum/How_to_parse___34__:__47__etc__47__localtime__34___timezone__63__/comment_2_bb67e838ee1a762cef2f66389f973aa7._comment b/doc/forum/How_to_parse___34__:__47__etc__47__localtime__34___timezone__63__/comment_2_bb67e838ee1a762cef2f66389f973aa7._comment
new file mode 100644
index 0000000..627c6fb
--- /dev/null
+++ b/doc/forum/How_to_parse___34__:__47__etc__47__localtime__34___timezone__63__/comment_2_bb67e838ee1a762cef2f66389f973aa7._comment
@@ -0,0 +1,12 @@
+[[!comment format=mdwn
+ username="spalax"
+ avatar="http://cdn.libravatar.org/avatar/3f1353e4135221fc25bfecd1b812bcc8"
+ subject="comment 2"
+ date="2016-12-26T22:03:27Z"
+ content="""
+> [...] can't your plugin just use local time unconditionally, via time_zone => 'local' [...]?
+
+Perfect! Thanks.
+
+-- [[Louis|spalax]]
+"""]]

Added a comment
diff --git a/doc/forum/How_to_parse___34__:__47__etc__47__localtime__34___timezone__63__/comment_1_76d7e1f18828ce2767ba4f98a1901c29._comment b/doc/forum/How_to_parse___34__:__47__etc__47__localtime__34___timezone__63__/comment_1_76d7e1f18828ce2767ba4f98a1901c29._comment
new file mode 100644
index 0000000..c3c14e2
--- /dev/null
+++ b/doc/forum/How_to_parse___34__:__47__etc__47__localtime__34___timezone__63__/comment_1_76d7e1f18828ce2767ba4f98a1901c29._comment
@@ -0,0 +1,22 @@
+[[!comment format=mdwn
+ username="smcv"
+ avatar="http://cdn.libravatar.org/avatar/0ee943fe632ff995f6f0f25b7167d03b"
+ subject="comment 1"
+ date="2016-12-26T19:26:25Z"
+ content="""
+`:/etc/localtime` is a glibc'ism, added to solve
+[[bugs/without_timezone,_excessive_statting_causes_slowness]]. It means
+\"read the contents or symlink destination of `/etc/localtime` and use that as
+the active time zone\".
+
+I would not recommend parsing that string, although you could.
+
+ikiwiki sets the `TZ` environment variable to either `$config{timezone}`
+or that default value during startup; so can't your plugin just use
+local time unconditionally, via `time_zone => 'local'`, without ever
+caring about which specific time zone that means?
+
+(For example, the standard `IkiWiki::formattime` uses `localtime($time)` which
+is basically a non-OO version of
+`DateTime->from_epoch(epoch => $time, time_zone => 'local')`.)
+"""]]

Question about default timezone ":/etc/localtime"
diff --git a/doc/forum/How_to_parse___34__:__47__etc__47__localtime__34___timezone__63__.mdwn b/doc/forum/How_to_parse___34__:__47__etc__47__localtime__34___timezone__63__.mdwn
new file mode 100644
index 0000000..cf7f2b5
--- /dev/null
+++ b/doc/forum/How_to_parse___34__:__47__etc__47__localtime__34___timezone__63__.mdwn
@@ -0,0 +1,13 @@
+Hello,
+I am writing a plugin that uses the timezone. Ikiwiki.pm [defines the default timezone](http://source.ikiwiki.branchable.com/?p=source.git;a=blob;f=IkiWiki.pm;h=fa71f479107a2388fde2fe00a67bfa2daa4fb3a9;hb=HEAD#l638) to ``:/etc/localtime``. The problem is that I do not know how to parse this.
+
+In my code, I have lines like ``$now = DateTime->now(time_zone => $config{timezone});`` or ``$thistime = DateTime->from_epoch(epoch=>$thistime, time_zone=>$config{timezone});``. They work well when timezone is something like ``Europe/Paris``, but with the default ``:/etc/localtime``, I get the error message ``The timezone ':/etc/localtime' is an invalid name.``
+
+Is there a way to automatically recognize both ``Europe/Paris`` and ``:/etc/localtime``? Or should I add something like the following in my code?
+
+    if ($config{timezone} eq ":/etc/localtime") {
+        $config{timezone} = DateTime::TimeZone->new(name=>'local')->name();
+    }
+
+Regards,  
+[[Louis|spalax]]

Force CGI::FormBuilder->field to scalar context where necessary
CGI::FormBuilder->field has behaviour similar to the CGI.pm misfeature
we avoided in f4ec7b0. Force it into scalar context where it is used
in an argument list.
This prevents two (relatively minor) commit metadata forgery
vulnerabilities:
* In the comments plugin, an attacker who was able to post a comment
could give it a user-specified author and author-URL even if the wiki
configuration did not allow for that, by crafting multiple values
to other fields.
* In the editpage plugin, an attacker who was able to edit a page
could potentially forge commit authorship by crafting multiple values
for the rcsinfo field.
The remaining plugins changed in this commit appear to have been
protected by use of explicit scalar prototypes for the called functions,
but have been changed anyway to make them more obviously correct.
In particular, checkpassword() in passwordauth has a known prototype,
so an attacker cannot trick it into treating multiple values of the
name field as being the username, password and field to check for.
OVE-20161226-0001
diff --git a/IkiWiki/Plugin/attachment.pm b/IkiWiki/Plugin/attachment.pm
index e8135a8..428b363 100644
--- a/IkiWiki/Plugin/attachment.pm
+++ b/IkiWiki/Plugin/attachment.pm
@@ -165,7 +165,7 @@ sub formbuilder (@) {
 	
 	# Generate the attachment list only after having added any new
 	# attachments.
-	$form->tmpl_param("attachment_list" => [attachment_list($form->field('page'))]);
+	$form->tmpl_param("attachment_list" => [attachment_list(scalar $form->field('page'))]);
 }
 
 sub attachment_holding_location {
diff --git a/IkiWiki/Plugin/comments.pm b/IkiWiki/Plugin/comments.pm
index b47f965..0858f69 100644
--- a/IkiWiki/Plugin/comments.pm
+++ b/IkiWiki/Plugin/comments.pm
@@ -557,11 +557,12 @@ sub editcomment ($$) {
 		}
 		
 		$postcomment=1;
-		my $ok=IkiWiki::check_content(content => $form->field('editcontent'),
-			subject => $form->field('subject'),
+		my $ok=IkiWiki::check_content(
+			content => scalar $form->field('editcontent'),
+			subject => scalar $form->field('subject'),
 			$config{comments_allowauthor} ? (
-				author => $form->field('author'),
-				url => $form->field('url'),
+				author => scalar $form->field('author'),
+				url => scalar $form->field('url'),
 			) : (),
 			page => $location,
 			cgi => $cgi,
@@ -601,7 +602,7 @@ sub editcomment ($$) {
 				length $form->field('subject')) {
 				$message = sprintf(
 					gettext("Added a comment: %s"),
-					$form->field('subject'));
+					scalar $form->field('subject'));
 			}
 
 			IkiWiki::rcs_add($file);
diff --git a/IkiWiki/Plugin/editpage.pm b/IkiWiki/Plugin/editpage.pm
index 6ca4b58..99a1429 100644
--- a/IkiWiki/Plugin/editpage.pm
+++ b/IkiWiki/Plugin/editpage.pm
@@ -431,7 +431,7 @@ sub cgi_editpage ($$) {
 			$conflict=rcs_commit(
 				file => $file,
 				message => $message,
-				token => $form->field("rcsinfo"),
+				token => scalar $form->field("rcsinfo"),
 				session => $session,
 			);
 			enable_commit_hook();
diff --git a/IkiWiki/Plugin/notifyemail.pm b/IkiWiki/Plugin/notifyemail.pm
index b50a22a..079bb10 100644
--- a/IkiWiki/Plugin/notifyemail.pm
+++ b/IkiWiki/Plugin/notifyemail.pm
@@ -34,7 +34,7 @@ sub formbuilder (@) {
 	}
 	elsif ($form->submitted eq "Save Preferences" && $form->validate &&
 	       defined $form->field("subscriptions")) {
-		setsubscriptions($username, $form->field('subscriptions'));
+		setsubscriptions($username, scalar $form->field('subscriptions'));
 	}
 }
 
diff --git a/IkiWiki/Plugin/passwordauth.pm b/IkiWiki/Plugin/passwordauth.pm
index 3bdd9de..c966087 100644
--- a/IkiWiki/Plugin/passwordauth.pm
+++ b/IkiWiki/Plugin/passwordauth.pm
@@ -231,7 +231,7 @@ sub formbuilder_setup (@) {
 				$form->field(
 					name => "password",
 					validate => sub {
-						checkpassword($form->field("name"), shift);
+						checkpassword(scalar $form->field("name"), shift);
 					},
 				);
 			}
@@ -395,7 +395,7 @@ sub formbuilder (@) {
 		if ($form->submitted eq "Save Preferences" && $form->validate) {
 			my $user_name=$form->field('name');
 			if (defined $form->field("password") && length $form->field("password")) {
-				setpassword($user_name, $form->field('password'));
+				setpassword($user_name, scalar $form->field('password'));
 			}
 		}
 	}
diff --git a/IkiWiki/Plugin/po.pm b/IkiWiki/Plugin/po.pm
index 6b55ee3..418e8e5 100644
--- a/IkiWiki/Plugin/po.pm
+++ b/IkiWiki/Plugin/po.pm
@@ -548,7 +548,7 @@ sub formbuilder_setup (@) {
 		# their buttons, which is why this hook must be run last.
 		# The canrename/canremove hooks already ensure this is forbidden
 		# at the backend level, so this is only UI sugar.
-		if (istranslation($form->field("page"))) {
+		if (istranslation(scalar $form->field("page"))) {
 			map {
 				for (my $i = 0; $i < @{$params{buttons}}; $i++) {
 					if (@{$params{buttons}}[$i] eq $_) {
diff --git a/IkiWiki/Plugin/rename.pm b/IkiWiki/Plugin/rename.pm
index 4a86d5a..56dfbd5 100644
--- a/IkiWiki/Plugin/rename.pm
+++ b/IkiWiki/Plugin/rename.pm
@@ -259,7 +259,7 @@ sub formbuilder (@) {
 		my $session=$params{session};
 
 		if ($form->submitted eq "Rename" && $form->field("do") eq "edit") {
-			rename_start($q, $session, 0, $form->field("page"));
+			rename_start($q, $session, 0, scalar $form->field("page"));
 		}
 		elsif ($form->submitted eq "Rename Attachment") {
 			my @selected=map { Encode::decode_utf8($_) } $q->param("attachment_select");
@@ -312,7 +312,7 @@ sub sessioncgi ($$) {
 			# performed in check_canrename later.
 			my $srcfile=IkiWiki::possibly_foolish_untaint($pagesources{$src})
 				if exists $pagesources{$src};
-			my $dest=IkiWiki::possibly_foolish_untaint(titlepage($form->field("new_name")));
+			my $dest=IkiWiki::possibly_foolish_untaint(titlepage(scalar $form->field("new_name")));
 			my $destfile=$dest;
 			if (! $q->param("attachment")) {
 				my $type=$q->param('type');
diff --git a/debian/changelog b/debian/changelog
index 86d06bd..ccf830b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,5 +1,10 @@
 ikiwiki (3.20161220) UNRELEASED; urgency=medium
 
+  * Security: force CGI::FormBuilder->field to scalar context where
+    necessary, avoiding unintended function argument injection
+    analogous to CVE-2014-1572. In ikiwiki this could be used to
+    forge commit metadata, but thankfully nothing more serious.
+    (OVE-20161226-0001)
   * Add CVE references for CVE-2016-10026
   * Add missing ikiwiki.setup for the manual test for CVE-2016-10026
   * git: don't issue a warning if the rcsinfo CGI parameter is undefined
diff --git a/doc/security.mdwn b/doc/security.mdwn
index 4f825de..9818e0c 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -563,3 +563,25 @@ which are both used in most ikiwiki installations.
 
 This bug was reported on 2016-12-17. The fixed version 3.20161219
 was released on 2016-12-19. ([[!cve CVE-2016-10026]])
+
+## Commit metadata forgery via CGI::FormBuilder context-dependent APIs
+
+When CGI::FormBuilder->field("foo") is called in list context (and
+in particular in the arguments to a subroutine that takes named
+arguments), it can return zero or more values for foo from the CGI
+request, rather than the expected single value. This breaks the usual
+Perl parsing convention for named arguments, similar to CVE-2014-1572
+in Bugzilla (which was caused by a similar API design issue in CGI.pm).
+
+In ikiwiki, this appears to have been exploitable in two places, both
+of them relatively minor:
+
+* in the comments plugin, an attacker who was able to post a comment
+  could give it a user-specified author and author-URL even if the wiki
+  configuration did not allow for that, by crafting multiple values
+  for other fields
+* in the editpage plugin, an attacker who was able to edit a page
+  could potentially forge commit authorship (attribute their edit to
+  someone else) by crafting multiple values for the rcsinfo field
+
+(OVE-20161226-0001)

Add CVE references for CVE-2016-10026
diff --git a/debian/changelog b/debian/changelog
index 7490db7..0314038 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+ikiwiki (3.20161220) UNRELEASED; urgency=medium
+
+  * Add CVE references for CVE-2016-10026
+
+ -- Simon McVittie <smcv@debian.org>  Wed, 21 Dec 2016 13:03:07 +0000
+
 ikiwiki (3.20161219) unstable; urgency=medium
 
   [ Joey Hess ]
@@ -8,7 +14,7 @@ ikiwiki (3.20161219) unstable; urgency=medium
   * Security: tell `git revert` not to follow renames. If it does, then
     renaming a file can result in a revert writing outside the wiki srcdir
     or altering a file that the reverting user should not be able to alter,
-    an authorization bypass. Thanks, intrigeri
+    an authorization bypass. Thanks, intrigeri. (CVE-2016-10026)
   * cgitemplate: remove some dead code. Thanks, blipvert
   * Restrict CSS matches against header class to not break
     Pandoc tables with header rows. Thanks, karsk
diff --git a/doc/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed.mdwn b/doc/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed.mdwn
index f21dece..e7f3c69 100644
--- a/doc/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed.mdwn
+++ b/doc/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed.mdwn
@@ -24,6 +24,9 @@ when reverting.
 > I tried to do something more clever (doing the revert, and checking
 > whether it made changes that aren't allowed) but couldn't get it to
 > work in a reasonable time, so I'm going with the simpler fix.
-> [[Fix committed|done]], a release will follow later today. --[[smcv]]
+> [[Fix committed|done]], a release will follow later today.
+>
+> [[!cve CVE-2016-10026]] has been assigned to this vulnerability.
+> --[[smcv]]
 
 >> You rock, thanks a lot! --[[intrigeri]]
diff --git a/doc/news/version_3.20161219.mdwn b/doc/news/version_3.20161219.mdwn
index 3b64cb8..b039009 100644
--- a/doc/news/version_3.20161219.mdwn
+++ b/doc/news/version_3.20161219.mdwn
@@ -7,8 +7,8 @@ ikiwiki 3.20161219 released with [[!toggle text="these changes"]]
    * Security: tell `git revert` not to follow renames. If it does, then
      renaming a file can result in a revert writing outside the wiki srcdir
      or altering a file that the reverting user should not be able to alter,
-     an authorization bypass. Thanks, intrigeri
+     an authorization bypass. Thanks, intrigeri. ([[!cve CVE-2016-10026]])
    * cgitemplate: remove some dead code. Thanks, blipvert
    * Restrict CSS matches against header class to not break
      Pandoc tables with header rows. Thanks, karsk
-   * Make pagestats output more deterministic. Thanks, intrigeri"""]]
\ No newline at end of file
+   * Make pagestats output more deterministic. Thanks, intrigeri"""]]
diff --git a/doc/security.mdwn b/doc/security.mdwn
index a5db9b4..4f825de 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -562,4 +562,4 @@ This affects sites with the `git` VCS and the `recentchanges` plugin,
 which are both used in most ikiwiki installations.
 
 This bug was reported on 2016-12-17. The fixed version 3.20161219
-was released on 2016-12-19.
+was released on 2016-12-19. ([[!cve CVE-2016-10026]])

Replied.
diff --git a/doc/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed.mdwn b/doc/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed.mdwn
index f8e3b59..f21dece 100644
--- a/doc/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed.mdwn
+++ b/doc/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed.mdwn
@@ -17,9 +17,13 @@ when reverting.
 > maintainers, so that they are not visible to the general public
 > until we have had a chance to fix the bug. --[[smcv]]
 
+>> Sorry about that, I should clearly know better :/ --[[intrigeri]]
+
 > Fixed by using
 > `git revert --strategy=recursive --strategy-option=no-renames`.
 > I tried to do something more clever (doing the revert, and checking
 > whether it made changes that aren't allowed) but couldn't get it to
 > work in a reasonable time, so I'm going with the simpler fix.
 > [[Fix committed|done]], a release will follow later today. --[[smcv]]
+
+>> You rock, thanks a lot! --[[intrigeri]]

Announce 3.20161219
diff --git a/doc/news/version_3.20150614.mdwn b/doc/news/version_3.20150614.mdwn
deleted file mode 100644
index 1b08f5a..0000000
--- a/doc/news/version_3.20150614.mdwn
+++ /dev/null
@@ -1,8 +0,0 @@
-ikiwiki 3.20150614 released with [[!toggle text="these changes"]]
-[[!toggleable text="""
-   * inline: change default sort order from age to "age title" for
-     determinism, partially fixing deterministic build for git-annex,
-     ikiwiki-hosting etc. (Closes: #[785757](http://bugs.debian.org/785757))
-   * img: avoid ImageMagick misinterpreting filenames containing a colon
-   * img test: set old timestamp on source file that will change, so that
-     the test will pass even if it takes less than 1 second"""]]
\ No newline at end of file
diff --git a/doc/news/version_3.20161219.mdwn b/doc/news/version_3.20161219.mdwn
new file mode 100644
index 0000000..3b64cb8
--- /dev/null
+++ b/doc/news/version_3.20161219.mdwn
@@ -0,0 +1,14 @@
+ikiwiki 3.20161219 released with [[!toggle text="these changes"]]
+[[!toggleable text="""
+ * [ Joey Hess ]
+   * inline: Prevent creating a file named ".mdwn" when the
+     postform is submitted with an empty title.
+ * [ Simon McVittie ]
+   * Security: tell `git revert` not to follow renames. If it does, then
+     renaming a file can result in a revert writing outside the wiki srcdir
+     or altering a file that the reverting user should not be able to alter,
+     an authorization bypass. Thanks, intrigeri
+   * cgitemplate: remove some dead code. Thanks, blipvert
+   * Restrict CSS matches against header class to not break
+     Pandoc tables with header rows. Thanks, karsk
+   * Make pagestats output more deterministic. Thanks, intrigeri"""]]
\ No newline at end of file
diff --git a/doc/security.mdwn b/doc/security.mdwn
index 9dee6d9..a5db9b4 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -546,3 +546,20 @@ vulnerability to execute arbitrary Perl code. An upgrade is recommended
 for sites where an untrusted user is able to attach files with arbitrary
 names and/or run a setuid ikiwiki wrapper with a working directory of
 their choice.
+
+## Editing restriction bypass for git revert
+
+intrigeri discovered that a web or git user could revert a change to a
+page they are not allowed to edit, if the change being reverted was made
+before the page was moved from a location where that user had permission
+to edit it. For example, if a file is moved from `drafts/policy.mdwn`
+(editable by less-trusted users) to `policy.mdwn` (only editable
+by more-trusted users), a less-trusted user could revert a change
+that was made to `drafts/policy.mdwn` prior to that move, and it would
+result in `policy.mdwn` being altered.
+
+This affects sites with the `git` VCS and the `recentchanges` plugin,
+which are both used in most ikiwiki installations.
+
+This bug was reported on 2016-12-17. The fixed version 3.20161219
+was released on 2016-12-19.

mention security contacts here too
diff --git a/doc/contact.mdwn b/doc/contact.mdwn
index dab0925..afcc677 100644
--- a/doc/contact.mdwn
+++ b/doc/contact.mdwn
@@ -8,3 +8,10 @@ and IRC, and respond in a timely fashion.
 
 You could also drop by the IRC channel `#ikiwiki` on
 [OFTC](http://www.oftc.net/) (`irc.oftc.net`).
+
+However, if you find a new security vulnerability, please email the maintainers
+privately instead of raising it in a public medium, so that we can
+arrange for coordinated disclosure when a fix is available. The maintainers
+are [[Joey Hess|joey]] (<joey@kitenet.net>),
+[[Simon McVittie|smcv]] (<smcv@debian.org>)
+and [[Amitai Schleier|schmonz]] (<schmonz-web-ikiwiki@schmonz.com>).

Opt in to whatever spam this may bring.
diff --git a/doc/security.mdwn b/doc/security.mdwn
index e4851ec..9dee6d9 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -9,7 +9,7 @@ privately instead of listing it in a public bug tracker, so that we can
 arrange for coordinated disclosure when a fix is available. The maintainers
 are [[Joey Hess|joey]] (<joey@kitenet.net>),
 [[Simon McVittie|smcv]] (<smcv@debian.org>)
-and [[Amitai Schleier|schmonz]] (`schmonz-web-ikiwiki schmonz com`).
+and [[Amitai Schleier|schmonz]] (<schmonz-web-ikiwiki@schmonz.com>).
 
 [[!toc levels=2]]
 

Added a comment: no, not supported
diff --git a/doc/forum/large_wiki:_is_running_ikiwiki_in_steps_possible__63__/comment_2_eff15d45a5065574c9f1e48b2a1deff6._comment b/doc/forum/large_wiki:_is_running_ikiwiki_in_steps_possible__63__/comment_2_eff15d45a5065574c9f1e48b2a1deff6._comment
new file mode 100644
index 0000000..52e4ec3
--- /dev/null
+++ b/doc/forum/large_wiki:_is_running_ikiwiki_in_steps_possible__63__/comment_2_eff15d45a5065574c9f1e48b2a1deff6._comment
@@ -0,0 +1,16 @@
+[[!comment format=mdwn
+ username="smcv"
+ avatar="http://cdn.libravatar.org/avatar/0ee943fe632ff995f6f0f25b7167d03b"
+ subject="no, not supported"
+ date="2016-12-19T17:23:06Z"
+ content="""
+> What I wanted to know is: Is there a way to run ikiwiki in chunks of 10 minutes
+> steps or something like that?
+
+No, this is not supported. I don't think ikiwiki is suitable for use with your wiki
+on that hosting provider.
+
+If you don't need the CGI, you could \"compile\" the wiki offline (on your laptop)
+and upload the resulting `$destdir` to the hosting provider - effectively
+treating the hosting provider as simple static storage.
+"""]]

Restrict CSS matches on .header to not affect <tr>
Pandoc generates <tr class="header"> to hold <th> elements, and
we don't want to make those be display: block.
diff --git a/doc/bugs/style.css___40__unnecessarily__41___breaks_pandoc_table_headers.mdwn b/doc/bugs/style.css___40__unnecessarily__41___breaks_pandoc_table_headers.mdwn
index a667bfa..aa4eec9 100644
--- a/doc/bugs/style.css___40__unnecessarily__41___breaks_pandoc_table_headers.mdwn
+++ b/doc/bugs/style.css___40__unnecessarily__41___breaks_pandoc_table_headers.mdwn
@@ -44,3 +44,19 @@ Alternatively, add the following code.
 		}
 
 I've added that last code snippet to my `custom.css` file. I admit `.header tr:not(.header)` is not especially elegant, but then again, I have almost no knowledge of CSS. There might be better solutions. (I don't even know why `display: block;` breaks the tables or why changing it to `display: table-header;` doesn't fix it but `display: table-row;` does :D )
+
+> This is essentially a conflict between ikiwiki's expectations for the
+> definitions of CSS classes, and pandoc's expectations. The ikiwiki
+> templates use `class="header"` to mean essentially the same thing
+> as a HTML5 `<header>`, while Pandoc assumes a different meaning.
+>
+> I think `div.header, header.header {` is probably a cleaner fix,
+> and I have [[done]] that.
+>
+> FYI, `display: block` breaks the tables because it makes the `<tr>` not
+> be treated as a table row by the browser's layout engine.
+> `table-header` is not a valid
+> [value for the CSS `display` attribute](https://developer.mozilla.org/en-US/docs/Web/CSS/display)
+> so that won't work.
+>
+> --[[smcv]]
diff --git a/doc/style.css b/doc/style.css
index f0846c0..8c16e7a 100644
--- a/doc/style.css
+++ b/doc/style.css
@@ -10,7 +10,7 @@ footer,header,hgroup,menu,nav,section {
 	display: block;
 }
 
-.header {
+div.header, header.header {
 	margin: 0;
 	font-size: 140%;
 	font-weight: bold;
diff --git a/themes/actiontabs/style.css b/themes/actiontabs/style.css
index 67720e2..16e3d98 100644
--- a/themes/actiontabs/style.css
+++ b/themes/actiontabs/style.css
@@ -51,7 +51,7 @@ body {
 	font-size: 120%;
 }
 
-.header {
+div.header, header.header {
 	font-weight: normal;
 }
 
diff --git a/themes/monochrome/style.css b/themes/monochrome/style.css
index e85f8ab..aa2ee94 100644
--- a/themes/monochrome/style.css
+++ b/themes/monochrome/style.css
@@ -19,7 +19,7 @@ body {
 	font-family: 'Lato', sans-serif;
 }
 
-.header {
+div.header, header.header {
 	margin-bottom: 0.5em;
 }
 .pageheader .actions ul {

rename bugs/img_tag_should_support_relative_size.mdwn to todo/img_tag_should_support_relative_size.mdwn
diff --git a/doc/bugs/img_tag_should_support_relative_size.mdwn b/doc/bugs/img_tag_should_support_relative_size.mdwn
deleted file mode 100644
index b6966e0..0000000
--- a/doc/bugs/img_tag_should_support_relative_size.mdwn
+++ /dev/null
@@ -1,29 +0,0 @@
-The size parameter should accept relative values, like "100%". When including large images, I would like it to be scaled relative to the available space.
-
-> 100% of what?
->
-> The purpose of `[[!img]]` is to scale large images, for example photos, down
-> to a more web-suitable size. When ikiwiki rebuilds the website, it cannot
-> know how large visitors' web browser windows are going to be, so it cannot
-> scale the image relative to the size of a visitor's web browser window.
->
-> The closest thing it could do would be to not scale the image at all
-> (potentially a very large download if it's a high-resolution photo),
-> and use CSS or `<img sizes=...>` to ask the visitor's web browser to scale
-> the image relative to something the web browser knows, such as the viewport
-> size.
->
-> With HTML5 `<img sizes="..." srcset="...">`, it would be possible to extend
-> `[[!img]]` to produce more than one resized image and let the visitor's
-> browser choose which one to download, but I'm not sure what a good syntax
-> for that would look like...
->
-> "The available space" is not something we can use, because current HTML
-> standards do not offer that. In HTML5 it is possible to base sizes on the
-> viewport (window) size, but the available space (excluding sidebars etc.)
-> is not something the browser can know in advance, because it needs to know
-> how large images are before it carries out layout calculations, and it
-> needs to carry out layout calculations before it can know the available
-> space.
->
-> --[[smcv]]
diff --git a/doc/todo/img_tag_should_support_relative_size.mdwn b/doc/todo/img_tag_should_support_relative_size.mdwn
new file mode 100644
index 0000000..b6966e0
--- /dev/null
+++ b/doc/todo/img_tag_should_support_relative_size.mdwn
@@ -0,0 +1,29 @@
+The size parameter should accept relative values, like "100%". When including large images, I would like it to be scaled relative to the available space.
+
+> 100% of what?
+>
+> The purpose of `[[!img]]` is to scale large images, for example photos, down
+> to a more web-suitable size. When ikiwiki rebuilds the website, it cannot
+> know how large visitors' web browser windows are going to be, so it cannot
+> scale the image relative to the size of a visitor's web browser window.
+>
+> The closest thing it could do would be to not scale the image at all
+> (potentially a very large download if it's a high-resolution photo),
+> and use CSS or `<img sizes=...>` to ask the visitor's web browser to scale
+> the image relative to something the web browser knows, such as the viewport
+> size.
+>
+> With HTML5 `<img sizes="..." srcset="...">`, it would be possible to extend
+> `[[!img]]` to produce more than one resized image and let the visitor's
+> browser choose which one to download, but I'm not sure what a good syntax
+> for that would look like...
+>
+> "The available space" is not something we can use, because current HTML
+> standards do not offer that. In HTML5 it is possible to base sizes on the
+> viewport (window) size, but the available space (excluding sidebars etc.)
+> is not something the browser can know in advance, because it needs to know
+> how large images are before it carries out layout calculations, and it
+> needs to carry out layout calculations before it can know the available
+> space.
+>
+> --[[smcv]]

Not possible as stated, but could be adapted into a valid feature request
diff --git a/doc/bugs/img_tag_should_support_relative_size.mdwn b/doc/bugs/img_tag_should_support_relative_size.mdwn
index a625487..b6966e0 100644
--- a/doc/bugs/img_tag_should_support_relative_size.mdwn
+++ b/doc/bugs/img_tag_should_support_relative_size.mdwn
@@ -1 +1,29 @@
 The size parameter should accept relative values, like "100%". When including large images, I would like it to be scaled relative to the available space.
+
+> 100% of what?
+>
+> The purpose of `[[!img]]` is to scale large images, for example photos, down
+> to a more web-suitable size. When ikiwiki rebuilds the website, it cannot
+> know how large visitors' web browser windows are going to be, so it cannot
+> scale the image relative to the size of a visitor's web browser window.
+>
+> The closest thing it could do would be to not scale the image at all
+> (potentially a very large download if it's a high-resolution photo),
+> and use CSS or `<img sizes=...>` to ask the visitor's web browser to scale
+> the image relative to something the web browser knows, such as the viewport
+> size.
+>
+> With HTML5 `<img sizes="..." srcset="...">`, it would be possible to extend
+> `[[!img]]` to produce more than one resized image and let the visitor's
+> browser choose which one to download, but I'm not sure what a good syntax
+> for that would look like...
+>
+> "The available space" is not something we can use, because current HTML
+> standards do not offer that. In HTML5 it is possible to base sizes on the
+> viewport (window) size, but the available space (excluding sidebars etc.)
+> is not something the browser can know in advance, because it needs to know
+> how large images are before it carries out layout calculations, and it
+> needs to carry out layout calculations before it can know the available
+> space.
+>
+> --[[smcv]]

List security contacts
We still don't have a security@ alias; listing personal emails is
unfortunately the next-best thing.
diff --git a/doc/bugs.mdwn b/doc/bugs.mdwn
index f16a4f8..86df604 100644
--- a/doc/bugs.mdwn
+++ b/doc/bugs.mdwn
@@ -3,6 +3,10 @@ elsewhere. Link items to [[bugs/done]] when done.
 
 Also see the [Debian bugs](http://bugs.debian.org/ikiwiki).
 
+If you are reporting a security vulnerability, please email the maintainers
+privately, instead of making it public by listing it here. See [[security]]
+for contact details.
+
 There are [[!pagecount pages="bugs/* and !bugs/done and !bugs/discussion and 
 !link(patch) and !link(bugs/done) and !bugs/*/*"
 feedpages="created_after(bugs/no_commit_mails_for_new_pages)"]] "open" bugs:
diff --git a/doc/security.mdwn b/doc/security.mdwn
index 6d68fac..e4851ec 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -1,11 +1,16 @@
-Let's do an ikiwiki security analysis.
-
 If you are using ikiwiki to render pages that only you can edit, do not
 generate any wrappers, and do not use the cgi, then there are no more
 security issues with this program than with cat(1). If, however, you let
 others edit pages in your wiki, then some possible security issues do need
 to be kept in mind.
 
+If you find a new security vulnerability, please email the maintainers
+privately instead of listing it in a public bug tracker, so that we can
+arrange for coordinated disclosure when a fix is available. The maintainers
+are [[Joey Hess|joey]] (<joey@kitenet.net>),
+[[Simon McVittie|smcv]] (<smcv@debian.org>)
+and [[Amitai Schleier|schmonz]] (`schmonz-web-ikiwiki schmonz com`).
+
 [[!toc levels=2]]
 
 ----

diff --git a/doc/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed.mdwn b/doc/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed.mdwn
index 8ac62e5..09a2379 100644
--- a/doc/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed.mdwn
+++ b/doc/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed.mdwn
@@ -12,3 +12,7 @@ will automatically detect that the file affected by the to-be-reverted
 commit has moved, and modify the file in its new location
 when reverting.
 
+> Working on it. In future please report non-public security
+> vulnerabilities (such as authorization bypass) by private email to the
+> maintainers, so that they are not visible to the general public
+> until we have had a chance to fix the bug. --[[smcv]]

Tell `git revert` not to follow renames
Otherwise, we have an authorization bypass vulnerability: rcs_preprevert
looks at what changed in the commit we are reverting, not at what would
result from reverting it now. In particular, if some files were renamed
since the commit we are reverting, a revert of changes that were within
the designated subdirectory and allowed by check_canchange() might now
affect files that are outside the designated subdirectory or disallowed
by check_canchange().
diff --git a/IkiWiki/Plugin/git.pm b/IkiWiki/Plugin/git.pm
index 249338d..7511f09 100644
--- a/IkiWiki/Plugin/git.pm
+++ b/IkiWiki/Plugin/git.pm
@@ -973,7 +973,9 @@ sub rcs_revert ($) {
 
 	ensure_committer();
 
-	if (run_or_non('git', 'revert', '--no-commit', $sha1)) {
+	if (run_or_non('git', 'revert', '--strategy=recursive',
+			'--strategy-option=no-renames',
+			'--no-commit', $sha1)) {
 		return undef;
 	}
 	else {
diff --git a/doc/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed.mdwn b/doc/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed.mdwn
index 09a2379..f8e3b59 100644
--- a/doc/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed.mdwn
+++ b/doc/bugs/rcs_revert_can_bypass_authorization_if_affected_files_were_renamed.mdwn
@@ -16,3 +16,10 @@ when reverting.
 > vulnerabilities (such as authorization bypass) by private email to the
 > maintainers, so that they are not visible to the general public
 > until we have had a chance to fix the bug. --[[smcv]]
+
+> Fixed by using
+> `git revert --strategy=recursive --strategy-option=no-renames`.
+> I tried to do something more clever (doing the revert, and checking
+> whether it made changes that aren't allowed) but couldn't get it to
+> work in a reasonable time, so I'm going with the simpler fix.
+> [[Fix committed|done]], a release will follow later today. --[[smcv]]

Try revert operations (on a branch) before approving them
Otherwise, we have a time-of-check/time-of-use vulnerability:
rcs_preprevert previously looked at what changed in the commit we are
reverting, not at what would result from reverting it now. In
particular, if some files were renamed since the commit we are
reverting, a revert of changes that were within the designated
subdirectory and allowed by check_canchange() might now affect
files that are outside the designated subdirectory or disallowed
by check_canchange().
It is not sufficient to disable rename detection, since git older
than 2.8.0rc0 (in particular the version in Debian stable) silently
accepts and ignores the relevant options.
OVE-20161226-0002
diff --git a/IkiWiki/Plugin/git.pm b/IkiWiki/Plugin/git.pm
index 64a47c8..56d6493 100644
--- a/IkiWiki/Plugin/git.pm
+++ b/IkiWiki/Plugin/git.pm
@@ -425,6 +425,16 @@ sub parse_diff_tree ($) {
 	}
 	shift @{ $dt_ref } if $dt_ref->[0] =~ /^$/;
 
+	$ci{details} = [parse_changed_files($dt_ref)];
+
+	return \%ci;
+}
+
+sub parse_changed_files {
+	my $dt_ref = shift;
+
+	my @files;
+
 	# Modified files.
 	while (my $line = shift @{ $dt_ref }) {
 		if ($line =~ m{^
@@ -442,7 +452,7 @@ sub parse_diff_tree ($) {
 			my $status = shift(@tmp);
 
 			if (length $file) {
-				push @{ $ci{'details'} }, {
+				push @files, {
 					'file'      => decode_git_file($file),
 					'sha1_from' => $sha1_from[0],
 					'sha1_to'   => $sha1_to,
@@ -456,7 +466,7 @@ sub parse_diff_tree ($) {
 		last;
 	}
 
-	return \%ci;
+	return @files;
 }
 
 sub git_commit_info ($;$) {
@@ -955,10 +965,14 @@ sub rcs_preprevert ($) {
 	my $rev=shift;
 	my ($sha1) = $rev =~ /^($sha1_pattern)$/; # untaint
 
+	my @undo;      # undo stack for cleanup in case of an error
+
+	ensure_committer();
+
 	# Examine changes from root of git repo, not from any subdir,
 	# in order to see all changes.
 	my ($subdir, $rootdir) = git_find_root();
-	in_git_dir($rootdir, sub {
+	return in_git_dir($rootdir, sub {
 		my @commits=git_commit_info($sha1, 1);
 	
 		if (! @commits) {
@@ -971,7 +985,68 @@ sub rcs_preprevert ($) {
 			error gettext("you are not allowed to revert a merge");
 		}
 
+		# Due to the presence of rename-detection, we cannot actually
+		# see what will happen in a revert without trying it.
+		# But we can guess, which is enough to rule out most changes
+		# that we won't allow reverting.
 		git_parse_changes(1, @commits);
+
+		my $failure;
+		my @ret;
+		# If it looks OK, do it for real, on a branch.
+		eval {
+			IkiWiki::disable_commit_hook();
+			push @undo, sub {
+				IkiWiki::enable_commit_hook();
+			};
+			my $branch = "ikiwiki_revert_${sha1}"; # supposed to be unique
+
+			push @undo, sub {
+				run_or_cry('git', 'branch', '-D', $branch) if $failure;
+			};
+			if (run_or_non('git', 'rev-parse', '--quiet', '--verify', $branch)) {
+				run_or_non('git', 'branch', '-D', $branch);
+			}
+			run_or_die('git', 'branch', $branch, $config{gitmaster_branch});
+
+			push @undo, sub {
+				if (!run_or_cry('git', 'checkout', '--quiet', $config{gitmaster_branch})) {
+					run_or_cry('git', 'checkout','-f', '--quiet', $config{gitmaster_branch});
+				}
+			};
+			run_or_die('git', 'checkout', '--quiet', $branch);
+
+			run_or_die('git', 'revert', '--no-commit', $sha1);
+			run_or_non('git', 'commit', '-m', "revert $sha1", '-a');
+
+			# Re-switch to master.
+			run_or_die('git', 'checkout', '--quiet', $config{gitmaster_branch});
+
+			my @raw_lines;
+			@raw_lines = run_or_die('git', 'diff', '--pretty=raw',
+				'--raw', '--abbrev=40', '--always', '--no-renames',
+				"ikiwiki_revert_${sha1}..");
+
+			my $ci = {
+				details => [parse_changed_files(\@raw_lines)],
+			};
+
+			@ret = git_parse_changes(0, $ci);
+		};
+		$failure = $@;
+
+		# Process undo stack (in reverse order).  By policy cleanup
+		# actions should normally print a warning on failure.
+		while (my $handle = pop @undo) {
+			$handle->();
+		}
+
+		if ($failure) {
+			my $message = sprintf(gettext("Failed to revert commit %s"), $sha1);
+			error("$message\n$failure\n");
+		}
+
+		return @ret;
 	});
 }
 
@@ -982,11 +1057,11 @@ sub rcs_revert ($) {
 
 	ensure_committer();
 
-	if (run_or_non('git', 'revert', '--no-commit', $sha1)) {
+	if (run_or_non('git', 'merge', '--ff-only', "ikiwiki_revert_$sha1")) {
 		return undef;
 	}
 	else {
-		run_or_die('git', 'reset', '--hard');
+		run_or_non('git', 'branch', '-D', "ikiwiki_revert_$sha1");
 		return sprintf(gettext("Failed to revert commit %s"), $sha1);
 	}
 }
diff --git a/debian/changelog b/debian/changelog
index ccf830b..b057ec7 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,13 @@ ikiwiki (3.20161220) UNRELEASED; urgency=medium
     analogous to CVE-2014-1572. In ikiwiki this could be used to
     forge commit metadata, but thankfully nothing more serious.
     (OVE-20161226-0001)
+  * Security: try revert operations before approving them. Previously,
+    automatic rename detection could result in a revert writing outside
+    the wiki srcdir or altering a file that the reverting user should not be
+    able to alter, an authorization bypass. The incomplete fix released in
+    3.20161219 was not effective for git versions prior to 2.8.0rc0.
+    (CVE-2016-10026 represents the original vulnerability)
+    (OVE-20161226-0002 represents the incomplete fix released in 3.20161219)
   * Add CVE references for CVE-2016-10026
   * Add missing ikiwiki.setup for the manual test for CVE-2016-10026
   * git: don't issue a warning if the rcsinfo CGI parameter is undefined
diff --git a/doc/security.mdwn b/doc/security.mdwn
index 9818e0c..c08d658 100644
--- a/doc/security.mdwn
+++ b/doc/security.mdwn
@@ -561,8 +561,12 @@ result in `policy.mdwn` being altered.
 This affects sites with the `git` VCS and the `recentchanges` plugin,
 which are both used in most ikiwiki installations.
 
-This bug was reported on 2016-12-17. The fixed version 3.20161219
-was released on 2016-12-19. ([[!cve CVE-2016-10026]])
+This bug was reported on 2016-12-17. A partially fixed version
+3.20161219 was released on 2016-12-19, but the solution used in that
+version was not effective with git versions older than 2.8.0.
+
+([[!cve CVE-2016-10026]] represents the original vulnerability.
+OVE-20161226-0002 represents the incomplete fix in 3.20161219.)
 
 ## Commit metadata forgery via CGI::FormBuilder context-dependent APIs
 

cgitemplate: remove dead code
blipvert points out in [[bugs/use of $topurl in cgitemplate]] that this
variable has not been used since commit a052771
"Now that we're always using HTML5, <base href> can be relative".
diff --git a/doc/bugs/use_of___36__topurl_in_cgitemplate.mdwn b/doc/bugs/use_of___36__topurl_in_cgitemplate.mdwn
index e062c45..156f077 100644
--- a/doc/bugs/use_of___36__topurl_in_cgitemplate.mdwn
+++ b/doc/bugs/use_of___36__topurl_in_cgitemplate.mdwn
@@ -7,3 +7,22 @@ In commits by Simon McVittie on Oct 5, 2014, the following was added to `cgitemp
 
 I am trying to determine what was intended by this change.  The variable `$topurl` is not used again in this function, so this is essentially dead code.
 --[[blipvert]]
+
+> If you look at `git log -p IkiWiki/CGI.pm` you'll see that *at the time*, `$topurl`
+> was used further down the function. Later in the branch, [commit 33f6026
+"In html5 mode, generate a host- or protocol-relative <base> for the
+CGI"](http://source.ikiwiki.branchable.com/?p=source.git;a=commit;h=33f60260b233d0310ce6dd4304304a516595b906)
+> made this conditional on `! $config{html5}`.
+>
+> Somewhat later,
+> [commit 490a1ec
+"Always produce HTML5 doctype and new attributes, but not new
+elements"](http://source.ikiwiki.branchable.com/?p=source.git;a=commit;h=490a1eca7bed841848765b495a73fbc56e4808f4)
+> repurposed `$config{html5}` from "use HTML5" to "use new HTML5 elements" -
+> which meant that [commit a052771
+"Now that we're always using HTML5, <base href> can be
+relative"](http://source.ikiwiki.branchable.com/?p=source.git;a=commit;h=a05277128732beb351aa696c49d337086414ffb6)
+> could remove the only code that used `$topurl`.
+>
+> You are correct to say that computing `$topurl` is now dead code, and I
+> have removed it. [[done]] --[[smcv]]