Log message:
libsodium: updated to 1.0.19

Version 1.0.19
  This release includes all the changes from 1.0.18-stable, as well as two
additions:

 - New AEADs: AEGIS-128L and AEGIS-256 are now available in the
`crypto_aead_aegis128l_*()` and `crypto_aead_aegis256_*()` namespaces.
AEGIS is a family of authenticated ciphers for high-performance applications,
leveraging hardware AES acceleration on `x86_64` and `aarch64`. In addition
to performance, AEGIS ciphers have unique properties making them easier and
safer to use than AES-GCM. They can also be used as high-performance MACs.
 - The HKDF key derivation mechanism, required by many standard protocols, is
now available in the `crypto_kdf_hkdf_*()` namespace. It is implemented for
the SHA-256 and SHA-512 hash functions.
 - The `osx.sh` build script was renamed to `macos.sh`.
 - Support for android-mips was removed.

Log message:
security: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes

Unfetchable distfiles (fetched conditionally?):
./security/cyrus-sasl/distinfo \ 
cyrus-sasl-dedad73e5e7a75d01a5f3d5a6702ab8ccd2ff40d.patch.v2

Log message:
security: Remove SHA1 hashes for distfiles

Log message:
Add include/sodium to BUILDLINK_INCDIRS.libsodium.

Log message:
libsodium: updated to 1.0.18

Version 1.0.18
 - The Enterprise versions of Visual Studio are now supported.
 - Visual Studio 2019 is now supported.
 - 32-bit binaries for Visual Studio 2010 are now provided.
 - A test that didn't work properly on Linux systems with overcommit
memory turned on has been removed. This fixes Ansible builds.
 - Emscripten: print and printErr functions are overridden to send
errors to the console, if there is one.
 - Emscripten: UTF8ToString() is now exported since Pointer_stringify()
has been deprecated.
 - Libsodium version detection has been fixed in the CMake recipe.
 - Generic hashing got a 10% speedup on AVX2.
 - New target: WebAssembly/WASI (compile with dist-builds/wasm32-wasi.sh).
 - New functions to map a hash to an edwards25519 point or get a random point:
core_ed25519_from_hash() and core_ed25519_random().
 - crypto_core_ed25519_scalar_mul() has been implemented for scalar*scalar
(mod L) multiplication.
 - Support for the Ristretto group has been implemented, for compatibility
with wasm-crypto.
 - Improvements have been made to the test suite.
 - Portability improvements has been made.
 - getentropy() is now used on systems providing this system call.
 - randombytes_salsa20 has been renamed to randombytes_internal.
 - Support for (p)nacl has been removed.
 - Most ((nonnull)) attributes have been relaxed to allow 0-length inputs
to be NULL.
 - The -ftree-vectorize and -ftree-slp-vectorize compiler switches are
now used, if available, for optimized builds.

Log message:
libsodium: updated to 1.0.17

Version 1.0.17
- Bug fix: sodium_pad() didn't properly support block sizes >= 256 bytes.
- JS/WebAssembly: some old iOS versions can't instantiate the WebAssembly
module; fall back to Javascript on these.
- JS/WebAssembly: compatibility with newer Emscripten versions.
- Bug fix: crypto_pwhash_scryptsalsa208sha256_str_verify() and
crypto_pwhash_scryptsalsa208sha256_str_needs_rehash() didn't return
EINVAL on input strings with a short length, unlike their high-level
counterpart.
- Added a workaround for Visual Studio 2010 bug causing CPU features
not to be detected.
- Portability improvements.
- Test vectors from Project Wycheproof have been added.
- New low-level APIs for arithmetic mod the order of the prime order group:
crypto_core_ed25519_scalar_random(), crypto_core_ed25519_scalar_reduce(),
crypto_core_ed25519_scalar_invert(), crypto_core_ed25519_scalar_negate(),
crypto_core_ed25519_scalar_complement(), crypto_core_ed25519_scalar_add()
and crypto_core_ed25519_scalar_sub().
- New low-level APIs for scalar multiplication without clamping:
crypto_scalarmult_ed25519_base_noclamp() and
crypto_scalarmult_ed25519_noclamp(). These new APIs are especially useful
for blinding.
- sodium_sub() has been implemented.
- Support for WatchOS has been added.
- getrandom(2) is now used on FreeBSD 12+.
- The nonnull attribute has been added to all relevant prototypes.
- More reliable AVX512 detection.
- Javascript/Webassembly builds now use dynamic memory growth.

Log message:
*: Add CTF_SUPPORTED/CTF_FILES_SKIP where necessary.

Log message:
libsodium: updated to 1.0.16

Version 1.0.16
 - Signatures computations and verifications are now way faster on
64-bit platforms with compilers supporting 128-bit arithmetic (gcc,
clang, icc). This includes the WebAssembly target.
 - New low-level APIs for computations over edwards25519:
`crypto_scalarmult_ed25519()`, `crypto_scalarmult_ed25519_base()`,
`crypto_core_ed25519_is_valid_point()`, `crypto_core_ed25519_add()`,
`crypto_core_ed25519_sub()` and `crypto_core_ed25519_from_uniform()`
(elligator representative to point).
 - `crypto_sign_open()`, `crypto_sign_verify_detached() and
`crypto_sign_edwards25519sha512batch_open` now reject public keys in
non-canonical form in addition to low-order points.
 - The library can be built with `ED25519_NONDETERMINISTIC` defined in
order to use synthetic nonces for EdDSA. This is disabled by default.
 - Webassembly: `crypto_pwhash_*()` functions are now included in
non-sumo builds.
 - `sodium_stackzero()` was added to wipe content off the stack.
 - Android: support new SDKs where unified headers have become the
default.
 - The Salsa20-based PRNG example is now thread-safe on platforms with
support for thread-local storage, optionally mixes bits from RDRAND.
 - CMAKE: static library detection on Unix systems has been improved
 - Argon2 and scrypt are slightly faster on Linux.