commit 6fe9365f11181a043f151f2e67f36015c278791d
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Wed Dec 31 11:58:21 2025 -0800

    xauth 1.1.5
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 1cb1d8e0284870a03970a0a45d1c8cfe7ec6a696
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun May 18 16:31:05 2025 -0700

    man page: fix warnings from `mandoc -T lint` and `groff -rCHECKSTYLE=10`
    
    mandoc: xauth.1:26:13: WARNING: cannot parse date, using it verbatim: TH xauth 1.1.4
    mandoc: xauth.1:33:2: WARNING: skipping paragraph macro: PP after SH
    mandoc: xauth.1:225:2: WARNING: skipping paragraph macro: sp after PP
    mandoc: xauth.1:216:2: WARNING: skipping paragraph macro: PP after SH
    mandoc: xauth.1:254:2: WARNING: skipping paragraph macro: PP after SH
    an.tmac:xauth.1:96: style: blank line in input
    an.tmac:xauth.1:104: style: blank line in input
    an.tmac:xauth.1:114: style: blank line in input
    an.tmac:xauth.1:122: style: blank line in input
    an.tmac:xauth.1:130: style: blank line in input
    an.tmac:xauth.1:135: style: blank line in input
    an.tmac:xauth.1:142: style: blank line in input
    an.tmac:xauth.1:166: style: blank line in input
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Part-of: <https://gitlab.freedesktop.org/xorg/app/xauth/-/merge_requests/28>

commit 0d43570ad3ca169464daf4304151c9b8d7ab05b8
Author: Michael Gilbert <michael.s.gilbert@gmail.com>
Date:   Fri Jul 22 14:57:37 2011 -0400

    xauth: needs cookie handling warnings in man page [Debian bug #635109]
    
    Reported-by: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=635109
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Part-of: <https://gitlab.freedesktop.org/xorg/app/xauth/-/merge_requests/27>

commit 23735afd04ab561914aa3d5465532be0a6975fef
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Mar 30 09:07:57 2025 -0700

    Improve man page formatting
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Part-of: <https://gitlab.freedesktop.org/xorg/app/xauth/-/merge_requests/26>

commit 9e238deb87c07ecda45ad86ff1e4a49125839446
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Mar 23 13:14:50 2025 -0700

    Add --help and --version options
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Part-of: <https://gitlab.freedesktop.org/xorg/app/xauth/-/merge_requests/26>

commit eb8b2ef585dc837558cc3f02f85cb88d2a6de5db
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Mar 23 11:25:50 2025 -0700

    Report unknown argument that caused error before printing usage message
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Part-of: <https://gitlab.freedesktop.org/xorg/app/xauth/-/merge_requests/26>

commit f71ca21cf1ab840e9664b7c3e99c229bd977a6a4
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sat Mar 8 16:44:09 2025 -0800

    xauth 1.1.4
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 20125640fdc37732cb3c04627bd02011cff60a12
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Jan 19 10:54:44 2025 -0800

    get_displayname_auth: replace sprintf() with snprintf()
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Part-of: <https://gitlab.freedesktop.org/xorg/app/xauth/-/merge_requests/24>

commit 88dde2ea3c45c992faf10b9b851af1ffa408a103
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Jan 19 10:48:43 2025 -0800

    Use remove() instead of unlink() to remove files
    
    Avoids filesystem corruption if file is actually a directory.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Part-of: <https://gitlab.freedesktop.org/xorg/app/xauth/-/merge_requests/24>

commit 7b540bd56829c6e4bad5fc4b25af1905c398abf1
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Jan 19 09:57:03 2025 -0800

    Avoid buffer overflow with long filenames in write_auth_file()
    
    Aligns buffer size for filenames with XauLockAuth in libXau
    
    Closes: #7 ("Buffer overflow when constructing tmp_nam")
    Reported-by: Mingjie Shen (@szsam)
    Reviewed-by: Olivier Fourdan <ofourdan@redhat.com>
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Part-of: <https://gitlab.freedesktop.org/xorg/app/xauth/-/merge_requests/24>

commit 0228cc6e5d3700a35179cf9b69da0d5ca492ef42
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sat Jan 18 15:34:15 2025 -0800

    if inet_ntop() is available, use it, even if IPv6 support is disabled
    
    Support for using inet_ntop() was originally added to support IPv6,
    and only used if IPv6 support was enabled.  Two decades later, support
    for inet_ntop() is ubiquitous and OS'es have marked inet_ntoa()
    as deprecated, so use the modern interface whenever we can now.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Part-of: <https://gitlab.freedesktop.org/xorg/app/xauth/-/merge_requests/23>

commit 6e31d5021ffd67e63b42608fae72baaebab68e80
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Jan 12 13:15:39 2025 -0800

    if getaddrinfo() is available, use it, even if IPv6 support is disabled
    
    Support for using getaddrinfo() was originally added to support IPv6,
    and only used if IPv6 support was enabled.  Two decades later, support
    for getaddrinfo() is ubiquitous and OS'es have marked gethostbyname()
    as deprecated, so use the modern interface whenever we can now.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Part-of: <https://gitlab.freedesktop.org/xorg/app/xauth/-/merge_requests/22>

commit e6e032846ea43259f989887d0eb48faced3009da
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Jan 12 13:08:48 2025 -0800

    Simplify ifdefs for IPv6 support
    
    Instead of checking for AF_INET6 at every ifdef, just check once for it
    and report that IPv6 support is not available, instead of silently not
    building support for it that configure said we were going to build.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Part-of: <https://gitlab.freedesktop.org/xorg/app/xauth/-/merge_requests/22>

commit c29eef23683f0e3575a3c60d9314de8156fbe2c2
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Mar 3 10:51:41 2024 -0800

    xauth 1.1.3
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 5ee6bf0c09c9fe56afb5ee35e678bb481671f216
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sat Feb 17 13:17:24 2024 -0800

    unifdef Lynx
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 561f7d92ab0dfa6ac0501aa7696b750587a41f9e
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sat Feb 17 13:16:52 2024 -0800

    unifdef hpux
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit a3bbfd7986f9b67f7db0112faee37f6109dfbcac
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Thu Feb 16 18:33:46 2023 -0800

    configure: raise minimum autoconf requirement to 2.70
    
    Needed for builds on NetBSD to work correctly, since it depends on
    AC_USE_SYSTEM_EXTENSIONS defining _OPENBSD_SOURCE to expose the
    prototype for reallocarray() in the system headers.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit eeae8f6a501e5fb90ca2a90556d8c6bf9679eb91
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Tue Dec 20 12:11:43 2022 -0800

    configure: Use AC_SYS_LARGEFILE to enable large file support
    
    While .Xauthority files should never be more than 2gb in size,
    they may be stored on filesystems with large inodes.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 64b9f4e080694bc8bfec14504489f43a3b005da4
Author: наб <nabijaczleweli@nabijaczleweli.xyz>
Date:   Thu Nov 24 12:47:27 2022 +0100

    Unbold brackets for optional n at start of commands
    
    This makes it more consistent with the rest of the spec,
    as well as making it correcter: "[n]list" isn't a valid command,
    "list" and "nlist" are
    
    Signed-off-by: Ahelenia Ziemiańska <nabijaczleweli@nabijaczleweli.xyz>

commit ec22154c5014a8d5e496766202b4ec504953e957
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Sep 11 10:18:58 2022 -0700

    Handle -Wempty-body warning for WRITES() macro
    
    process.c:659:57: warning: suggest braces around empty body in an ‘if’ statement
     [-Wempty-body]
     #define WRITES(fd, S) {if(write((fd), (S), strlen((S))));}
                                                             ^
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 1651502a43502da5ebbbfbd50b9f3cf0c709e8f8
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Sep 11 09:57:25 2022 -0700

    Remove unnecessary casts from malloc() calls
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit b367ca379ad97763f28a41f601680c376c3de040
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Sep 11 09:54:02 2022 -0700

    Variable scope reductions, as suggested by cppcheck
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 88380275fe13af5238955047f6b018e6e6a3adc8
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Jul 24 10:07:25 2022 -0700

    config: Add missing AC_CONFIG_SRCDIR
    
    Regroup AC statements under the Autoconf initialization section.
    Regroup AM statements under the Automake initialization section.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit c5783216c07fa9870da1b5cce023e24d649254c3
Author: Matt Turner <mattst88@gmail.com>
Date:   Tue Apr 19 19:04:26 2022 -0700

    xauth 1.1.2
    
    Signed-off-by: Matt Turner <mattst88@gmail.com>

commit ce87ae39d5ab28733b4125a09d0a643d1581b1c8
Author: Larry Doolittle <larry@doolittle.boa.org>
Date:   Sat Apr 16 15:28:31 2022 -0700

    Expand checks of socket file with S_ISSOCK
    
    Extend work done in commit 18a3c3a to earlier in the socket detection process
    Fixes issue #6.

commit 83e97b2bf683f341da177bd5df5b1297cbdc16a4
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sat Apr 16 13:11:36 2022 -0700

    gitlab CI: stop requiring Signed-off-by in commits
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit a5c70489f99c8259d4770aeb96524a91395b8ab9
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Apr 10 10:46:51 2022 -0700

    Fix off-by-one in quote-stripping routines
    
    Reported by Oracle Parfait:
    
    Error: Buffer overrun
       Buffer overflow [buffer-overflow] (CWE 120):
          In pointer dereference of key[(len - 1)] with index (len - 1)
          Array size >= 1 bytes, index >= 1
            at line 1647 of process.c in function 'do_add'.
    
    Error: Buffer overrun
       Buffer overflow [buffer-overflow] (CWE 120):
          In pointer dereference of authdata[(authdatalen - 1)] with index (authdatalen - 1)
          Array size is ??? bytes, index is ???
            at line 1965 of process.c in function 'do_generate'.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 999691ffaef492d4bebea69605d274fa2023dfee
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sat Dec 4 10:29:07 2021 -0800

    Build xz tarballs instead of bzip2
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit cb0ef91ea63105b0629324837a4dc752e32d6d67
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Tue Nov 30 17:07:42 2021 -0800

    gitlab CI: add a basic build test
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 25f94d50523f8967f6f22a631d462355dbd680a3
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Tue Nov 30 17:05:46 2021 -0800

    configure.ac: fail build if xtrans is not found
    
    Copied from libX11/configure.ac
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit f17b241220fef63a32d1b7329edfbcf6f435fabe
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Tue Nov 30 17:29:59 2021 -0800

    tests: report failure if stderr has unexpected output
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 6ad2fc509b55003a10fe9d973e2f8672946d4180
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Tue Nov 30 17:23:07 2021 -0800

    tests: Fix failure to make distcheck
    
    Add test_xauth to EXTRA_DIST
    Add test output files to CLEANFILES
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 5598b8612b095d9f5f513ada2a4bbacaca1bfea8
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Tue Nov 30 15:11:43 2021 -0800

    tests: make tests work in out-of-tree builds
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 3d6519f11867183b9698cbf8cc9515bc767b98af
Author: Dr. Tilmann Bubeck <tilmann@bubecks.de>
Date:   Mon Nov 29 15:05:39 2021 +0100

    Fix warning -Wstringop-truncation for strncpy by using memcpy instead

commit 5da9a32e638f4bce66ec92dff64ed68a1bbd6b6b
Author: Dr. Tilmann Bubeck <tilmann@bubecks.de>
Date:   Mon Nov 29 12:30:17 2021 +0100

    Removed build requirement "cmdtest".
    Replaced by a shell script with the needed functionality.

commit d6d1423fabdaec25d4a677e794f91a91f7c09c70
Author: Baptiste Daroussin <bapt@FreeBSD.org>
Date:   Mon Feb 6 22:28:44 2017 +0100

    Improve portability
    
    there is no need to hard depend on bash given almost all the code is
    /bin/sh compliant
    
    Remove the function keyword from setup-source to make it /bin/sh
    compliant
    
    pipe wc -l output to xargs to make the command output compatible with
    both GNU wc and BSD wc (which prefix the output with a tab)

commit 477307d00c1220f8594622e1af982fb0e4e215bf
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Nov 28 15:32:37 2021 -0800

    xauth 1.1.1
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 1bfa5bff47654213f1d40af64bae0e9e23b4bed4
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Nov 28 15:03:37 2021 -0800

    Fix spelling/wording issues
    
    Found by using:
        codespell --builtin clear,rare,usage,informal,code,names
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit c2811c953620cf946269db2b74b29e0dc707e26a
Author: Alex Gendin <ukkeefy@gmail.com>
Date:   Sat Sep 26 23:26:07 2020 -0400

    Fix segfault when X starts
    
    This patch potentially fixes bug https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=884934
    
    System log entries when this bug occurs:
        kernel: xauth[16729]: segfault at 1 ip 00007f51f517f5a5 sp 00007ffdec846568 error 4
                              in libc-2.31.so[7f51f5102000+144000]
        kernel: Code: bc d1 f3 0f 7f 27 f3 0f 7f 6f 10 f3 0f 7f 77 20 f3 0f 7f 7f 30 49 83 c0
                      0f 49 29 d0 48 8d 7c 17 31 e9 8f 0b 00 00 66 0f ef c0 <f3> 0f 6f 0e f3
                      0f 6f 56 10 66 0f 74 c1 66 0f d7 d0 49 83 f8 11 0f
    
    This bug happens when function get_address_info() in gethost.c is called
    with a display name without forward slash, for example 'myhost.mydomain:0'

commit d7e5021416444e3cc545ffa4f8d1e613cabec633
Author: Karol Herbst <kherbst@redhat.com>
Date:   Thu Apr 22 13:26:50 2021 +0200

    Check malloc calls in process.c
    
    Fixes warnings like
    
    warning[-Wanalyzer-possible-null-argument]: use of possibly-NULL 'authdata' where non-null expected
    
    Found-by: gcc static analysis
    Signed-off-by: Karol Herbst <kherbst@redhat.com>

commit 18a3c3a7672ff5d65bf0b79b89464eac7540b95b
Author: Dr. Tilmann Bubeck <tilmann@bubecks.de>
Date:   Thu Aug 20 20:28:52 2020 +0200

    Additionally check socket file with S_ISSOCK
    This fixes bug https://bugzilla.redhat.com/show_bug.cgi?id=1870201

commit aaf037ec5c576e46318935feaf6e2b7407ff11a0
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun May 10 13:21:50 2020 -0700

    Avoid memory leaks in error paths in do_generate
    
    Reported by Oracle Parfait:
    Error: Memory leak
       Memory leak [memory-leak] (CWE 401):
          Memory leak of pointer authdata allocated with malloc((authdatalen - 1))
            at line 1955 of process.c in function 'do_generate'.
              authdata allocated at line 1946 with malloc((authdatalen - 1))
          Memory leak of pointer authdata allocated with malloc((authdatalen - 1))
            at line 1971 of process.c in function 'do_generate'.
              authdata allocated at line 1946 with malloc((authdatalen - 1))
              authdata leaks when (i + 1) >= argc at line 1910.
            at line 1980 of process.c in function 'do_generate'.
              authdata allocated at line 1946 with malloc((authdatalen - 1))
              authdata leaks when (i + 1) >= argc at line 1910.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 4faf0f63f0563513252967a2da1c51de6f5f7b0c
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun May 10 11:46:16 2020 -0700

    Use reallocarray() when adding members to array in split_into_words()
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit af7a74e28b33c18c4cb90f0d25bdfd5dff2e29d3
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun May 10 11:27:25 2020 -0700

    Avoid memory leak when realloc() fails in split_into_words()
    
    Reported by Oracle Parfait:
    Error: Memory leak
       Memory leak [memory-leak] (CWE 401):
          Memory leak of pointer argv allocated with malloc(32)
            at line 283 of process.c in function 'split_into_words'.
              argv allocated at line 264 with malloc(32)
              argv leaks when cur == total at line 280.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit f5af3b21bc94cb020f3530c3cc70f8a9fd6c6452
Author: Tobias Stoeckmann <tobias@stoeckmann.org>
Date:   Sun May 3 12:29:53 2020 +0200

    Prevent OOB write with long file names.
    
    If an -f argument is exactly 1022 characters in size, an off-by-one
    stack overflow happens in auth_finalize. The overflow could be even
    larger if locks are ignored for authentication files.
    
    Make sure that a given authentication file name fits into temporary
    buffer and that this buffer matches buffer sizes of libXau which is
    used by xauth.

commit cb98d3b3c5e0f8a7585ab6e2c909fad68c52fd55
Author: Tobias Stoeckmann <tobias@stoeckmann.org>
Date:   Sun May 3 12:25:21 2020 +0200

    Fix segmentation fault on invalid add argument.
    
    The hex key supplied with an add command can be quoted, in which
    case the quotation marks are removed.
    
    The check itself makes sure that a given string starts with a
    double quotation mark and ends with a double quotation mark.
    
    Buf if only " is supplied, the code crashes because it subtracts
    2 from the length (which is 1) and therefore copies too much
    memory into a 0 allocated memory area.
    
    Proof of concept:
    
    $ xauth add :0 0 \"

commit e97992671b3870878709a1c01991488965b61b94
Author: Adam Jackson <ajax@redhat.com>
Date:   Thu Jul 11 13:49:26 2019 -0400

    xauth 1.1

commit 0932418d9b47e8240160bcbacbdc38b9bc9870d3
Author: Adam Jackson <ajax@redhat.com>
Date:   Tue Jun 18 12:03:33 2019 -0400

    process: Close a window where no authority file would exist
    
    unlink()ing the old auth file before link()ing the temp to the new is
    just silly. rename() is atomic and will happily clobber the destination,
    and the only thing link() can give you here is the ability to fail on
    filesystems that don't support hardlinks.
    
    Fixes: xorg/app/xauth#2

commit 42239054b088dcdfc637880a8edf39b841c5ea51
Author: Michal Srb <msrb@suse.com>
Date:   Thu May 31 15:12:36 2018 +0200

    Sort entries from most specific to most generic.
    
    There is no point in adding entry or merging lists if a FamilyWild entry would
    end in front of any entry, or entry without display number would end in front
    of entry with number.
    
    This sorts all entries in order:
      * FamilyWild without display number
      * FamilyWild with display number
      * Other family without display number
      * Other family with display number
    
    The order of the entries in each category is kept.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 06a21f7c3d5eb5dc9a86418e87946cc7ac83e437
Author: Michal Srb <msrb@suse.com>
Date:   Thu May 31 15:12:35 2018 +0200

    Merge only entries with equal dpy and protoname.
    
    Merging two lists, or adding entry a into list acts unexpectedly if the list
    contains FamilyWild or entry with an empty display numbers. For example:
    
      > xauth list
      #ffff#6f70656e737573652d74756d626c6577656564#:  MIT-MAGIC-COOKIE-1  1500d80327733252cc42ba469138a259
    
      > xauth add test/unix:2 MIT-MAGIC-COOKIE-1 aabbccddeeff00112233445566778899
      > xauth list
      test/unix:2  MIT-MAGIC-COOKIE-1  aabbccddeeff00112233445566778899
    
    This is because merge_entries compares entries using `match_auth`, which
    follows the same rules as XauGetBestAuthByAddr. Following these rules is good
    when filtering the output of `xauth list`, but for merging we should compare
    for equality. It used to be done that way before commit 1555fff4. That commit
    changed it to improve the `xauth list` behavior, but did not seem consider the
    impact on merge.
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 673d42c5ffbbb07ad6b9b3d99a9cc78198999dd1
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Wed Nov 21 16:58:33 2018 -0800

    Update configure.ac bug URL for gitlab migration
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit fa5c2797921b2b0c6dcdde5cf1832a90a0a9dfbf
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Fri Nov 16 21:03:57 2018 -0800

    Update README for gitlab migration
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 4a3a9fc5271cd04ab9123e4713d00b161daf0b6a
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sat May 5 14:58:15 2018 -0700

    Change fall through comment in process.c to match gcc's requirements
    
    Needs to match one of the regexps shown under
    https://gcc.gnu.org/onlinedocs/gcc-7.3.0/gcc/Warning-Options.html#index-Wimplicit-fallthrough
    
    Silences warning from gcc 7.3:
    process.c: In function ‘dump_entry’:
    process.c:1007:9: warning: this statement may fall through [-Wimplicit-fallthrough=]
          if (dpyname) {
             ^
    process.c:1012:4: note: here
        default:
        ^~~~~~~
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 536d1003a5c4d5ac24cd3b8afd10492e4e6242df
Author: Matt Turner <mattst88@gmail.com>
Date:   Sun Jan 29 13:09:12 2017 -0800

    xauth 1.0.10
    
    Signed-off-by: Matt Turner <mattst88@gmail.com>

commit 72717ccee0b6bdbf161cc9d44abe3dc1d824fe46
Author: Matt Turner <mattst88@gmail.com>
Date:   Sun Jan 29 13:09:39 2017 -0800

    Build xauth before running tests.
    
    Otherwise make check fails if make hasn't previously been run.
    
    Signed-off-by: Matt Turner <mattst88@gmail.com>

commit 4dee6a980fdc0174d3825389f95ac1f27c2427db
Author: Mihail Konev <k.mvc@ya.ru>
Date:   Thu Jan 26 14:00:20 2017 +1000

    autogen: add default patch prefix
    
    Signed-off-by: Mihail Konev <k.mvc@ya.ru>

commit 4933bc594087c25dfbc9b1f6db46440f19d0b360
Author: Emil Velikov <emil.l.velikov@gmail.com>
Date:   Mon Mar 9 12:00:52 2015 +0000

    autogen.sh: use quoted string variables
    
    Place quotes around the $srcdir, $ORIGDIR and $0 variables to prevent
    fall-outs, when they contain space.
    
    Signed-off-by: Emil Velikov <emil.l.velikov@gmail.com>
    Reviewed-by: Peter Hutterer <peter.hutterer@who-t.net>
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit eaeb306e67c23657f713b3ca48765d1c6ed99986
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Tue Jan 24 10:32:07 2017 +1000

    autogen.sh: use exec instead of waiting for configure to finish
    
    Syncs the invocation of configure with the one from the server.
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
    Reviewed-by: Emil Velikov <emil.velikov@collabora.com>

commit 179459471e83a0cd235a0c8ead99b3156390e00c
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Sun Jun 1 21:03:14 2014 -0700

    autogen.sh: Honor NOCONFIGURE=1
    
    See http://people.gnome.org/~walters/docs/build-api.txt
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit 0e4c17c6d6980f07896f0631cffeb82a0e9705f7
Author: Peter Hutterer <peter.hutterer@who-t.net>
Date:   Thu Jan 26 10:26:30 2017 +1000

    autogen.sh: stop using maintainer mode
    
    See xserver commit 4bf3eac5fe20f
    
    Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>

commit a64ca3aafcde516658d699047382ab294e3e974f
Author: Søren Sandmann Pedersen <ssp@redhat.com>
Date:   Thu Sep 26 12:30:03 2013 -0400

    usage(): Print summary for the -n option
    
    This option is mentioned in the man page, but not in the help text
    
    Signed-off-by: Hans de Goede <hdegoede@redhat.com>
    Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>

commit ad26f2137f6414c8cadc070f96a4476d435e994b
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Fri Jan 2 09:49:52 2015 -0800

    include POSIX-standard limits.h for PATH_MAX instead of sys/syslimits.h
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Reviewed-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
    Reviewed-by: Mark Kettenis <kettenis@openbsd.org>

commit a58c9d74c8f9c4292d367c6e23d15c4cba03dfde
Author: Jon TURNEY <jon.turney@dronecode.org.uk>
Date:   Fri Jan 2 16:18:52 2015 +0000

    Fix !HAVE_STRLCPY case
    
    Fix error in the !HAVE_STRLCPY case, introduced in commit
    f990dd936b5fd1a40290bb88cde517a0ac38f823
    
    It seems that "path[sizeof(path) - 1]" rather than "buf[sizeof(path) - 1]" must
    be meant here, especially as the second instance doesn't even compile...
    
    parsedpy.c: In function ‘parse_displayname’:
    parsedpy.c:176:9: error: ‘buf’ undeclared (first use in this function)
    
    Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
    Reviewed-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Reviewed-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>

commit f990dd936b5fd1a40290bb88cde517a0ac38f823
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Date:   Wed Dec 31 02:42:17 2014 -0800

    Update DISPLAY parsing to work with new launchd paths in Yosemite
    
    Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>

commit 047f92a85796fca563d9345d6c4798b64be77cff
Author: Dr. Tilmann Bubeck <tilmann@bubecks.de>
Date:   Tue Jun 24 00:22:54 2014 +0200

    Fix for xauth failing on ENOSPC (= disk full)
    
    If xauth must store its XAUTHORITY file on a file system which is
    full, it will be unable to write the changes. This condition was
    not detected and therefore often the whole XAUTHORITY file was
    cleared. Here is the fix.
    
    Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=21260
    
    Signed-off-by: Dr. Tilmann Bubeck <tilmann@bubecks.de>

commit 12e63de4e0b3a45fad15863a66723609b068e668
Author: Dr. Tilmann Bubeck <tilmann@bubecks.de>
Date:   Wed Apr 2 22:13:48 2014 +0200

    Clarified RELEASING in README
    
    Changed clone URL and improved text. Removed section GARBAGE.
    
    Signed-off-by: Dr. Tilmann Bubeck <tilmann@bubecks.de>

commit 0b120e37be8ed44188b3497bf02db48e9cf638bc
Author: Dr. Tilmann Bubeck <tilmann@bubecks.de>
Date:   Wed Apr 2 20:02:00 2014 +0200

    Third version bump to 1.0.9.
    
    Minor change in README to include 1.0.9 in diff so that release.sh
    is happy.
    
    Signed-off-by: Dr. Tilmann Bubeck <tilmann@bubecks.de>

commit e204395a7ccf403999ffa2515379784b641745d1
Author: Dr. Tilmann Bubeck <tilmann@bubecks.de>
Date:   Wed Apr 2 19:52:43 2014 +0200

    Second version bump to 1.0.9.
    
    Minor change in README to push the version bump.
    
    Signed-off-by: Dr. Tilmann Bubeck <tilmann@bubecks.de>

commit c36e9838294a6042eb7ae61fc476cbc3280aef2d
Author: Dr. Tilmann Bubeck <tilmann@bubecks.de>
Date:   Wed Apr 2 19:44:37 2014 +0200

    Fixed missing EXTRA_DIST in tests. Extended README for releasing.
    
    The tests/Makefile.am missed the EXTRA_DIST definition which resulted in
    missing files for the test done with "make check". This was fixed.
    README was extended to describe howto release a new version of this
    software and to clarify something from ReleaseHOWTO of x.org.
    Prepare anything for releasing 1.0.9.
    
    Signed-off-by: Dr. Tilmann Bubeck <tilmann@bubecks.de>

commit ce4bfd951160eabdb28f5534c34aa7549dba7fba
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Mon Mar 31 23:21:12 2014 +0200

    version bump to 1.0.9
    
    Prepare for a new version 1.0.9 of xauth.
    
    Signed-off-by: Dr. Tilmann Bubeck <t.bubeck@reinform.de>

commit ccf30deb585297823ea03fc68805a1c825e335fe
Author: Alan Coopersmith <alan.coopersmith@oracle.com>
Date:   Fri Dec 27 11:01:35 2013 -0800

    Add AC_USE_SYSTEM_EXTENSIONS to expose non-standard extensions
    
    Required on Solaris to expose definitions in system headers that
    are not defined in the XPG standards now that xtrans 1.3 defines
    _XOPEN_SOURCE to 600 on Solaris.
    
    Fixes build failures:
    gethost.c: In function ‘get_hostname’:
    gethost.c:97:21: error: ‘INET6_ADDRSTRLEN’ undeclared (first use in this function)
    gethost.c:97:21: note: each undeclared identifier is reported only once for each function it appears in
    gethost.c:97:16: warning: unused variable ‘addr’ [-Wunused-variable]
    gethost.c: In function ‘get_address_info’:
    gethost.c:196:9: error: implicit declaration of function ‘strlcpy’ [-Werror=implicit-function-declaration]
    gethost.c:196:9: warning: nested extern declaration of ‘strlcpy’ [-Wnested-externs]
    
    Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
    Reviewed-by: Daniel Stone <daniel@fooishbar.org>

commit afeb2c22ba1f7193acf814954e66f40cfd699c17
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Sun Oct 13 21:38:10 2013 +0200

    Fix warning about warn_unused_result triggered by WRITES.

commit 2eb4ef59d7c27ac7972954d406ad9c2fa8123672
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Sun Oct 13 17:57:49 2013 +0200

    * Do not install test_xauth during "make install" as it is
      only used during "make check".
    * perror out, if test_xauth does not find "cmdtest".

commit 4de4a231f3a718d2af0d2b00443c803f8bddfbc5
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Wed Oct 9 23:45:15 2013 +0200

    Second version bump to 1.0.8

commit f7425f45addce5629d338c051a41ec1a119ea51f
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Wed Oct 9 23:38:15 2013 +0200

    Rewrote test_xauth to C to make automake and "make distclean" happy.

commit c4356e8dc8b9fe039c38104551af93e0583ffbee
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Wed Oct 9 23:33:42 2013 +0200

    Revert version bump back to 1.0.7 to prepare missing commit before 1.0.8

commit d907dda4e5a2584ac15a404c8269b888b61bbf9e
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Tue Oct 8 21:45:06 2013 +0200

    version bump to 1.0.8

commit c6ecc2c8470093ba17ff1cf993df46f9e670173d
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Tue Oct 8 21:41:37 2013 +0200

    Improved README to explain "make check".

commit 4e05bce6da8eeb9eb98624cf868675eaf5816df5
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Tue Oct 8 21:34:49 2013 +0200

    Added command "version" and command line arg "-V" to show version of xauth.

commit e53df261c9ca11435df0c8853350d913b557446b
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Sun Oct 6 16:50:33 2013 +0200

    Fix warning raised by "-Wshadow".

commit 92de3583c7aaaa2040728808add2186348859b98
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Sun Oct 6 15:10:05 2013 +0200

    Rework match_auth_dpy() to be easier to read and maintain (hopefully).

commit 1555fff4ab458d7d4053f1ea6b74c3e14a65ad63
Author: Egbert Eich <eich@freedesktop.org>
Date:   Wed Aug 14 22:11:06 2013 +0200

    Make matching algorithm mimic XauGet*AuthByAddr
    
    Xlib (xcb) uses XauGetBestAuthByAddr() when looking for an
    authorization. 'xauth [n]list $DISPLAY' used a slightly
    stricter algorithm which doesn't find a possible authorization
    for cases where either the family is set to FamilyWild or
    address the address length is 0.
    
    Signed-off-by: Egbert Eich <eich@freedesktop.org>

commit 10cbe2ed2a96582e7ee9fa5cfe6f8f69a3a4e4d4
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Sun Oct 6 14:16:59 2013 +0200

    Added black box tests for basic functionality started with "make check".

commit 3be53072f8252962c6df740e64e897b970ae0349
Author: Egbert Eich <eich@freedesktop.org>
Date:   Tue Oct 1 01:17:09 2013 +0200

    Handle v4-mapped inet6 addresses correctly
    
    Handling of v4-mapped inet6 addresses has been introduced
    with commit 58140dbbd39389ad6af58e201e055f3d4b92d368:
    
       Look for FamilyLocal if inet or inet6 address is loopback
    
    These adresses should be treated as inet addresses. This patch
    makes the code consistent with the handling if xcb_auth.c in
    libxcb.
    
    Signed-off-by: Egbert Eich <eich@freedesktop.org>

commit 58140dbbd39389ad6af58e201e055f3d4b92d368
Author: Egbert Eich <eich@freedesktop.org>
Date:   Sun Sep 29 08:25:14 2013 -0700

    Look for FamilyLocal if inet or inet6 address is loopback
    
    libxcb uses FamilyLocal authorization if the host name or IP in the
    display string is from the loopback device. This patch adds the same
    behavior to xauth.
    This fixes a long standing problem that for ssh tunneled connections
    a display variable of the form: localhost:<N>.<M> leads to correct
    authorization when an X client is started but "xauth list $DISPLAY"
    returns nothing.
    
    Signed-off-by: Egbert Eich <eich@freedesktop.org>
    Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
    Reviewed-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>

commit 09a9451af29545196cedfc8dcaf32e3f1ccc672b
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Date:   Sun Sep 29 07:57:37 2013 -0700

    Silenece lack of noreturn warning
    
    Signed-off-by: Jeremy Huddleston Sequoia <jeremyhu@apple.com>

commit a2c8f59f13caf63a642bad1b97d9adf5a9e01bcb
Author: Jeremy Huddleston Sequoia <jeremyhu@apple.com>
Date:   Sun Sep 29 08:04:39 2013 -0700

    Revert "Look for FamilyLocal if inet or inet6 address is loopback"
    
    Also reverts the followup "More fixes for compiler warnings regarding the use of "const"."
    
    This reverts commits fb328950ce1156b8228214240b213860b794b4c8 and
    345c7bf0d09f26183cfde9ad1c812c8de71869a5.
    
    Fixes build regression found on darwin tinderbox.
    
    Per SUSv4*, IN6_IS_ADDR_LOOPBACK takes a 'const struct in6_addr *', not a
    'const struct sockaddr_in6 *'.
    
    *: http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/netinet_in.h.html

commit fb328950ce1156b8228214240b213860b794b4c8
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Wed Sep 25 09:36:58 2013 +0200

    More fixes for compiler warnings regarding the use of "const".

commit 345c7bf0d09f26183cfde9ad1c812c8de71869a5
Author: Egbert Eich <eich@freedesktop.org>
Date:   Wed Aug 14 17:08:27 2013 +0200

    Look for FamilyLocal if inet or inet6 address is loopback
    
    libxcb uses FamilyLocal authorization if the host name or IP in the
    display string is from the loopback device. This patch adds the same
    behavior to xauth.
    This fixes a long standing problem that for ssh tunneled connections
    a display variable of the form: localhost:<N>.<M> leads to correct
    authorization when an X client is started but "xauth list $DISPLAY"
    returns nothing.
    
    Signed-off-by: Egbert Eich <eich@freedesktop.org>

commit 289ca779f73840cb5c9d69b919413079d1be3fc2
Author: Dr. Tilmann Bubeck <t.bubeck@reinform.de>
Date:   Tue Sep 24 11:21:52 2013 +0200

    Fix various compiler warnings raised by modern gcc (4.8.1).

commit 2440a254797cc3655c8743a9232f30a693f6f947
Author: Thomas Klausner <wiz@NetBSD.org>
Date:   Thu Jul 11 11:27:15 2013 +0200
[--snip--]
