Annotation of www/43.html, Revision 1.102
1.101 bentley 1: <!doctype html>
2: <html lang=en id=release>
3: <meta charset=utf-8>
4:
1.84 deraadt 5: <title>OpenBSD 4.3</title>
1.1 david 6: <meta name="description" content="OpenBSD 4.3">
1.94 tj 7: <meta name="viewport" content="width=device-width, initial-scale=1">
8: <link rel="stylesheet" type="text/css" href="openbsd.css">
1.96 tb 9: <link rel="canonical" href="https://www.openbsd.org/43.html">
1.101 bentley 10: <style>
11: #sourcecode h3 {
12: color: var(--red);
13: }
14:
15: #sourcecode p {
16: margin-left: 2.75em;
17: }
18:
19: #sourcecode blockquote {
20: margin-left: 4.5em;
21: }
22: </style>
1.1 david 23:
1.101 bentley 24: <h2 id=OpenBSD>
1.1 david 25: <a href="index.html">
1.101 bentley 26: <i>Open</i><b>BSD</b></a>
27: 4.3
1.94 tj 28: </h2>
1.1 david 29:
1.101 bentley 30: <table>
31: <tr>
32: <td>
1.26 david 33: <a href="images/Cryptonaut.jpg">
1.101 bentley 34: <img width="227" height="343"
35: src="images/Cryptonaut.jpg" alt="Cryptonaut"></a>
36: <td>
1.81 deraadt 37: Released May 1, 2008<br>
1.1 david 38: Copyright 1997-2008, Theo de Raadt.<br>
1.101 bentley 39: <cite class=isbn>ISBN 978-0-9784475-1-9</cite>
1.1 david 40: <br>
1.91 deraadt 41: 4.3 Song: <a href="lyrics.html#43">"Home to Hypocrisy"</a>
1.100 deraadt 42: <br>
43: <br>
1.1 david 44: <ul>
45: <li>See the information on <a href="ftp.html">The FTP page</a> for
46: a list of mirror machines.
1.101 bentley 47: <li>Go to the <code class=reldir>pub/OpenBSD/4.3/</code> directory on
1.1 david 48: one of the mirror sites.
49: <li>Have a look at <a href="errata43.html">The 4.3 Errata page</a> for a list
50: of bugs and workarounds.
51: <li>See a <a href="plus43.html">detailed log of changes</a> between the
52: 4.2 and 4.3 releases.
53: </ul>
1.94 tj 54: <p>
55: All applicable copyrights and credits are in the src.tar.gz,
56: sys.tar.gz, xenocara.tar.gz, ports.tar.gz files, or in the
57: files fetched via ports.tar.gz.
1.101 bentley 58: </table>
1.94 tj 59:
60: <hr>
1.1 david 61:
1.101 bentley 62: <section id=new>
63: <h3>What's New</h3>
64:
1.1 david 65: <p>
66: This is a partial list of new features and systems included in OpenBSD 4.3.
67: For a comprehensive list, see the <a href="plus43.html">changelog</a> leading
68: to 4.3.
69: <p>
70:
71: <ul>
72:
73: <li>New/extended platforms:
74: <ul>
1.41 miod 75: <li><a href="sparc64.html">OpenBSD/sparc64</a><br>
1.43 kettenis 76: SMP support. This should work on all supported systems,
77: with the exception of the Sun Enterprise 10000.
1.41 miod 78: <li><a href="hppa.html">OpenBSD/hppa</a><br>
1.3 kettenis 79: K-class servers like the K200 and K410 are supported now.
1.41 miod 80: <li><a href="mvme88k.html">OpenBSD/mvme88k</a><br>
81: SMP support on MVME188 and MVME188A systems.<br>
82: 88110 processor, and thus MVME197LE/SP/DP boards, are supported now.
1.74 jsing 83: <li><a href="sgi.html">OpenBSD/sgi</a><br>
84: Contains many new drivers, however the kernel requires an
85: important errata fix.
1.1 david 86: </ul>
87: <p>
88:
89: <li>Improved hardware support, including:
90: <ul>
1.101 bentley 91: <li>The <a href="https://man.openbsd.org/bge.4">bge(4)</a> driver now supports BCM5906/BCM5906M 10/100 and BCM5755 10/100/Gigabit Ethernet devices.
92: <li>The <a href="https://man.openbsd.org/cas.4">cas(4)</a> driver now supports Cassini+ 10/100/Gigabit Ethernet devices.
93: <li>The <a href="https://man.openbsd.org/em.4">em(4)</a> driver now supports ICH9 10/100 and 10/100/Gigabit Ethernet devices.
94: <li>The <a href="https://man.openbsd.org/gem.4">gem(4)</a> driver now supports the onboard 1000base-SX interface on the Sun Fire V880 server.
95: <li>The <a href="https://man.openbsd.org/ixgb.4">ixgb(4)</a> driver now supports the Sun 10Gb PCI-X Ethernet devices.
96: <li>The <a href="https://man.openbsd.org/msk.4">msk(4)</a> driver now supports Yukon FE+ 10/100 and Yukon Supreme 10/100/Gigabit Ethernet devices.
97: <li>The <a href="https://man.openbsd.org/nfe.4">nfe(4)</a> driver now supports MCP73, MCP77 and MCP79 10/100/Gigabit Ethernet devices.
98: <li>The <a href="https://man.openbsd.org/ral.4">ral(4)</a> driver now supports RT2800 based wireless network devices.
99: <li>The <a href="https://man.openbsd.org/cmpci.4">cmpci(4)</a> driver now supports CMI8768 based audio adapters.
100: <li>The <a href="https://man.openbsd.org/it.4">it(4)</a> driver now supports ITE IT8705F/8712F/8716F/8718F/8726F and SiS SiS950 ICs. Watchdog timer functionality added.
101: <li>The <a href="https://man.openbsd.org/mfi.4">mfi(4)</a> driver now supports Dell CERC6/PERC6 and LSI SAS1078 RAID controllers.
102: <li>The <a href="https://man.openbsd.org/viapm.4">viapm(4)</a> driver now supports the VIA VT8237S south bridges SMBus controller.
1.35 jsg 103: <li>Support for hotplugging ExpressCard devices has been added.
1.101 bentley 104: <li>New <a href="https://man.openbsd.org/amd64/amdpcib.4">amdpcib(4)</a> driver for the AMD-8111 series LPC bridge and timecounter on amd64.
105: <li>New <a href="https://man.openbsd.org/amd64/pctr.4">pctr(4)</a> driver for the CPU performance counters on amd64.
106: <li>New <a href="https://man.openbsd.org/bwi.4">bwi(4)</a> driver for the Broadcom AirForce IEEE 802.11b/g wireless network device.
107: <li>New <a href="https://man.openbsd.org/envy.4">envy(4)</a> driver for the VIA Envy24 audio device.
108: <li>New <a href="https://man.openbsd.org/et.4">et(4)</a> driver for the Agere/LSI ET1310 10/100/Gigabit Ethernet device.
109: <li>New <a href="https://man.openbsd.org/etphy.4">etphy(4)</a> driver for the Agere/LSI ET1011 TruePHY Gigabit Ethernet PHY.
110: <li>New <a href="https://man.openbsd.org/i386/amdpcib.4">amdpcib(4)</a> driver for the AMD-8111 series LPC bridge and timecounter on i386.
111: <li>New <a href="https://man.openbsd.org/i386/glxpcib.4">glxpcib(4)</a> driver for the AMD CS5536 PCI-ISA bridge with timecounter, watchdog timer, and GPIO on i386.
112: <li>New <a href="https://man.openbsd.org/iwn.4">iwn(4)</a> driver for the Intel Wireless WiFi Link 4965AGN IEEE 802.11a/b/g/Draft-N wireless network device.
113: <li>New <a href="https://man.openbsd.org/msts.4">msts(4)</a> line discipline to interface the Meinberg Standard Time String devices to provide a timedelta sensor.
114: <li>New <a href="https://man.openbsd.org/sgi/gbe.4">gbe(4)</a> driver for the SGI Graphics Back End (GBE) Frame Buffer on sgi.
115: <li>New <a href="https://man.openbsd.org/sgi/mkbc.4">mkbc(4)</a> driver for the Moosehead PS/2 Controller on sgi.
116: <li>New <a href="https://man.openbsd.org/sgi/power.4">power(4)</a> driver for the power button on sgi.
117: <li>New <a href="https://man.openbsd.org/sparc64/ecadc.4">ecadc(4)</a> driver for the Environmental Monitoring Subsystem temperature sensor on sparc64.
118: <li>New <a href="https://man.openbsd.org/sparc64/tda.4">tda(4)</a> driver for the fan controller on the Sun Blade 1000/2000, making these machines much less noisy.
119: <li>New <a href="https://man.openbsd.org/spdmem.4">spdmem(4)</a> driver retrieves information about memory modules.
120: <li>New <a href="https://man.openbsd.org/thmc.4">thmc(4)</a> driver for the TI THMC50, Analog ADM1022/1028 temperature sensor.
121: <li>New <a href="https://man.openbsd.org/uchcom.4">uchcom(4)</a> driver for the WinChipHead CH341/340 based USB serial adapter.
122: <li>New <a href="https://man.openbsd.org/umbg.4">umbg(4)</a> driver for the Meinberg Funkuhren USB5131 radio clock to provide
1.69 mbalmer 123: a timedelta sensor.
1.101 bentley 124: <li>New <a href="https://man.openbsd.org/upgt.4">upgt(4)</a> driver for the Conexant/Intersil PrismGT SoftMAC USB IEEE 802.11b/g wireless network device.
125: <li>New <a href="https://man.openbsd.org/wbng.4">wbng(4)</a> driver for the Winbond W83793G temperature, voltage, and fan sensor.
126: <li>New <a href="https://man.openbsd.org/wbsio.4">wbsio(4)</a> driver for the Winbond LPC Super I/O ICs.
127: <li>New <a href="https://man.openbsd.org/adl.4">adl(4)</a> driver for the Andigilog aSC7621 temperature, voltage, and fan sensor.
128: <li>The <a href="https://man.openbsd.org/siop.4">siop(4)</a> driver now supports the (non-PCI) NCR 53c720/770 in big-endian mode.
129: <li>New <a href="https://man.openbsd.org/lmn.4">lmn(4)</a> driver for the National Semiconductor LM93 sensor.
1.1 david 130: </ul>
131: <p>
132:
133: <li>New tools:
134: <ul>
1.101 bentley 135: <li><a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a>, implementing the Simple Network Management Protocol.
136: <li>The <a href="https://man.openbsd.org/snmpctl.8">snmpctl(8)</a> program controls the SNMP daemon.
137: <li>The <a href="https://man.openbsd.org/pcidump.8">pcidump(8)</a> utility displays the device address, vendor, and product name of PCI devices.
138: <li><a href="https://man.openbsd.org/ldattach.8">ldattach(8)</a> is used to attach a line discipline to a serial line to allow for in-kernel processing of the received and/or sent data.
1.1 david 139: </ul>
140: <p>
141:
142: <li>New functionality:
143: <ul>
1.101 bentley 144: <li><a href="https://man.openbsd.org/sparc/eeprom.8">eeprom(8)</a> is now able to display the OpenPROM device tree on systems that have it.
1.7 jasper 145: <li>Support for X11 on sgi has been added.
1.101 bentley 146: <li>The periodic <a href="https://man.openbsd.org/security.8">security(8)</a> reports now include package changes.
147: <li>The <a href="https://man.openbsd.org/cmpci.4">cmpci(4)</a> driver now supports multichannel audio playback if the hardware supports it.
148: <li>The <a href="https://man.openbsd.org/auvia.4">auvia(4)</a> driver now supports multichannel audio playback if the hardware supports it.
149: <li>The <a href="https://man.openbsd.org/auich.4">auich(4)</a> driver now supports recording from the microphone as well as full-duplex mode.
150: <li>The <a href="https://man.openbsd.org/eso.4">eso(4)</a> driver now supports recording as well as full-duplex mode.
1.31 otto 151: <li>The ffs layer is now 64-bit disk block address clean.
152: This means that disks, partitions and filesystems larger than 2TB are
1.32 sobrado 153: now supported, with the exception of statfs(2) and quotas.
1.45 krw 154: <li>DMA is now enabled for 1-sector devices such as flash drives, providing
155: significant speed improvement.
156: <li>Sparc and Sparc64 disklabels now provide automatic recognition of ext2fs
157: partitions.
158: <li>Filesystems on USB devices are automatically dismounted if the device is
159: disconnected.
1.101 bentley 160: <li>The configuration of <a href="https://man.openbsd.org/carp.4">carp(4)</a> load balancing has
1.46 mpf 161: been vastly simplified.
1.101 bentley 162: <li><a href="https://man.openbsd.org/fstab.5">
1.58 jj 163: fstab(5)</a> entries referring to non-existent mount points are now
1.47 krw 164: ignored, allowing subsequent entries to be processed.
1.50 sthen 165: <li>Additional configuration files can now be included in
1.101 bentley 166: <a href="https://man.openbsd.org/pf.conf.5">pf.conf(5)</a>.
167: <li><a href="https://man.openbsd.org/sppp.4">sppp(4)</a> now has IPv6 support.
168: <li><a href="https://man.openbsd.org/ipsec.conf.5">ipsec.conf(5)</a> now supports defining 192 and 256 bit keysizes for AES.
1.1 david 169: </ul>
170: <p>
171:
172: <li>Assorted improvements and code cleanup:
173: <ul>
1.101 bentley 174: <li>Improved support for an <a href="https://man.openbsd.org/lkm.4">lkm(4)</a> subsystem on amd64.
175: <li><a href="https://man.openbsd.org/ossaudio.3">ossaudio(3)</a> received several bug fixes and enhancements including but not limited to improved recording and full-duplex support.
176: <li><a href="https://man.openbsd.org/audio.4">audio(4)</a> received several bug fixes and enhancements including but not limited to improved recording and full-duplex support.
177: <li><a href="https://man.openbsd.org/make.1">make(1)</a> was heavily modified, mostly to improve support for parallel build.
1.22 espie 178: Parallel builds now run commands in the same way the sequential builds do,
179: and the output from commands is more readable.
180: A large part of the source tree, xenocara, and quite a few ports now build
181: correctly with <code>make -j</code>.
1.101 bentley 182: <li><a href="https://man.openbsd.org/rcs.1">rcs</a> tools improvements and bug fixes.
1.36 claudio 183: <li>RTM_VERSION was increased so that all routing messages could be modified
184: to include additional fields for upcoming networking features.
1.101 bentley 185: <li><a href="https://man.openbsd.org/sendbug.1">sendbug(1)</a>
1.42 ray 186: has stricter comment parsing, to avoid mangling diffs.
1.101 bentley 187: <li><a href="https://man.openbsd.org/umass.4">
1.45 krw 188: umass(4)</a> devices no longer detect bogus LUNs.
1.101 bentley 189: <li>USB<a href="https://man.openbsd.org/st.4">
1.47 krw 190: st(4)</a> devices can now successfully disconnect.
191: <li>More deviant umass devices accommodated.
1.101 bentley 192: <li><a href="https://man.openbsd.org/svnd.4">
1.48 krw 193: svnd(4)</a> devices now work on block devices.
1.101 bentley 194: <li><a href="https://man.openbsd.org/disklabel.8">
1.48 krw 195: disklabel(8)</a> is now aware of NTFS partitions.
1.101 bentley 196: <li><a href="https://man.openbsd.org/raidctl.8">
1.48 krw 197: raidctl(8)</a> now correctly handles trailing whitespace in configuration files.
1.101 bentley 198: <li><a href="https://man.openbsd.org/mt.1">
1.48 krw 199: mt(1)</a> no longer triggers panics when processing the 'rewoffl' command.
1.101 bentley 200: <li><a href="https://man.openbsd.org/raid.4">
1.48 krw 201: raid(4)</a> devices no longer hang when searching for components during boot.
1.101 bentley 202: <li><a href="https://man.openbsd.org/sd.4">
1.48 krw 203: sd(4)</a> devices no longer receive spurious SYNCHRONIZE CACHE commands that
204: confuse some hardware.
1.101 bentley 205: <li><a href="https://man.openbsd.org/sd.4">
1.58 jj 206: sd(4)</a> no longer claim that SYNCHRONIZE CACHE commands are 16 bytes long when they
1.48 krw 207: are actually 10 bytes. Some devices took this too literally.
1.101 bentley 208: <li><a href="https://man.openbsd.org/dhcpd.8">
1.48 krw 209: dhcpd(8)</a> now always issues packets equal or larger than the minimum IP MTU.
1.101 bentley 210: <li>The <a href="https://man.openbsd.org/disklabel.8">disklabel(8)</a>
1.49 krw 211: -E mode does not allow manual editing of the 'c' partition, which
212: is always set to cover the entire disk.
1.101 bentley 213: <li>The <a href="https://man.openbsd.org/disklabel.8">disklabel(8)</a>
1.49 krw 214: -E mode does not allow changing the cpg value of a partition.
1.101 bentley 215: <li>The <a href="https://man.openbsd.org/disklabel.8">disklabel(8)</a>
1.49 krw 216: -E mode command 'r' now displays the list of free chunks on the disk.
1.101 bentley 217: <li>The <a href="https://man.openbsd.org/disklabel.8">disklabel(8)</a>
1.49 krw 218: -E mode no longer permits assigning arbitrary sizes to FS_BOOT and FS_UNUSED
219: partitions.
1.101 bentley 220: <li>The <a href="https://man.openbsd.org/bge.4">bge(4)</a> driver problems receiving jumbo frames have been resolved.
1.55 deraadt 221: <li>Many dangerous unsigned comparisons with -1 when checking the
1.49 krw 222: results of read and write calls have been eliminated.
1.101 bentley 223: <li>The new M_ZERO flag for <a href="https://man.openbsd.org/malloc.9">malloc(9)</a>
1.49 krw 224: replaces many malloc+bzero/memset combinations, fixing a number of bugs
225: in memory initialization and shrinking the kernel.
1.101 bentley 226: <li><a href="https://man.openbsd.org/dhcpd.8">
1.54 krw 227: dhcpd(8)</a> now correctly constructs response packets that use the overflow buffers to store options.
228: <li>SCSI drivers are more reliable in MP machines due to better locking
229: around command completion.
230: <li>TCP responses to highly fragmented packets are now constructed without
231: risking corruption of kernel memory.
1.58 jj 232: <li>Sockets now allow 4095 multicast group memberships.
1.1 david 233: </ul>
234: <p>
235:
236: <li>Install/Upgrade process changes:
237: <ul>
1.44 krw 238: <li>All platforms now have serial console support when installing.
239: <li>Serial console speed is detected and appropriate /etc/ttys entries
240: automatically created.
1.55 deraadt 241: <li><a href="vax.html">OpenBSD/vax</a> now also has both kinds of install ISO CD images.
1.54 krw 242: <li>DNS server addresses are remembered if an install is restarted.
1.74 jsing 243: <li><a href="sgi.html">OpenBSD/sgi</a> can now be installed using the glass console.
1.1 david 244: </ul>
245: <p>
246:
247: <li>OpenBGPD 4.3:
248: <ul>
1.39 deraadt 249: <li>Correctly handle prefixes which would cause a routing loop.
1.101 bentley 250: <li><a href="https://man.openbsd.org/bgpctl.8">bgpctl</a>'s
1.51 sobrado 251: detailed RIB output shows additional attributes like extended
1.36 claudio 252: communities or the cluster id list.
1.1 david 253: </ul>
254: <p>
255:
256: <li>OpenNTPD 4.3:
257: <ul>
1.38 otto 258: <li>Handle IP changes of clients more gracefully.
1.37 otto 259: <li>Log peer and sensor status to syslog if the majority of either is
260: bad, or if a SIGINFO signal is received.
1.38 otto 261: <li>Allow offsetting of time sensors that have a systematic error.
1.1 david 262: </ul>
263: <p>
264:
265: <li>OpenOSPFD 4.3:
266: <ul>
1.101 bentley 267: <li>Equal cost multipath support – don't forget to set the right sysctls.
1.39 deraadt 268: <li>Parser and commandline options are now in sync with bgpd.
1.1 david 269: </ul>
270: <p>
271:
1.30 reyk 272: <li>relayd 4.3:
1.1 david 273: <ul>
1.101 bentley 274: <li><a href="https://man.openbsd.org/OpenBSD-4.2/hoststated.8">hoststated(8)</a>/<a href="https://man.openbsd.org/OpenBSD-4.2/hoststatectl.8">hoststatectl(8)</a>
1.30 reyk 275: were renamed to
1.101 bentley 276: <a href="https://man.openbsd.org/relayd.8">relayd(8)</a>/<a href="https://man.openbsd.org/relayctl.8">relayctl(8)</a>.
277: <li>Improved configuration grammar for <a href="https://man.openbsd.org/relayd.conf.5">relayd.conf(5)</a>.
278: <li>Allow to send SNMP traps via <a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a> when host states change.
1.30 reyk 279: <li>Improved support for URL filtering and protocol actions.
280: <li>Added support for UDP-based DNS relaying with request ID randomisation.
281: <li>Various bug fixes, optimisations, and cleanups.
282: <li>Improved reload support.
1.1 david 283: </ul>
284: <p>
285:
286: <li>OpenSSH 4.8:
287: <ul>
1.33 djm 288: <li>New features:
289: <ul>
290: <li>Added
1.101 bentley 291: <a href="https://man.openbsd.org/chroot.2">chroot(2)</a>
292: support for <a href="https://man.openbsd.org/sshd.8">sshd(8)</a>,
1.33 djm 293: controlled by a new option
294: <em>"ChrootDirectory"</em>. Please refer to
1.101 bentley 295: <a href="https://man.openbsd.org/sshd_config.5">sshd_config(5)</a>
1.33 djm 296: for details, and
1.102 ! deraadt 297: please use this feature carefully.
1.33 djm 298: <li>Linked
1.101 bentley 299: <a href="https://man.openbsd.org/sftp-server.8">sftp-server(8)</a>
1.33 djm 300: into
1.101 bentley 301: <a href="https://man.openbsd.org/sshd.8">sshd(8)</a>. The internal sftp server is
1.33 djm 302: used when the command <em>"internal-sftp"</em> is specified in a Subsystem
303: or ForceCommand declaration. When used with <em>ChrootDirectory</em>, the
304: internal sftp server requires no special configuration of files
305: inside the chroot environment. Please refer to
1.101 bentley 306: <a href="https://man.openbsd.org/sshd_config.5">sshd_config(5)</a>
1.102 ! deraadt 307: for more information.
1.33 djm 308: <li>Added a protocol extension method "posix-rename@openssh.com" for
1.101 bentley 309: <a href="https://man.openbsd.org/sftp-server.8">sftp-server(8)</a>
1.102 ! deraadt 310: to perform POSIX atomic rename() operations.
1.33 djm 311: <li>Removed the fixed limit of 100 file handles in
1.101 bentley 312: <a href="https://man.openbsd.org/sftp-server.8">sftp-server(8)</a>.
1.33 djm 313: The server will now dynamically allocate handles up to the number of
1.102 ! deraadt 314: available file descriptors.
1.101 bentley 315: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>
1.33 djm 316: will now skip generation of SSH protocol 1 ephemeral server
317: keys when in inetd mode and protocol 2 connections are negotiated.
318: This speeds up protocol 2 connections to inetd-mode servers that
1.102 ! deraadt 319: also allow Protocol 1.
1.33 djm 320: <li>Accept the <em>PermitRootLogin</em> directive in a
1.101 bentley 321: <a href="https://man.openbsd.org/sshd_config.5">sshd_config(5)</a>
1.33 djm 322: <em>Match</em>
323: block. Allows for, e.g. permitting root only from the local
1.102 ! deraadt 324: network.
1.33 djm 325: <li>Reworked
1.101 bentley 326: <a href="https://man.openbsd.org/sftp.1">sftp(1)</a>
1.33 djm 327: argument splitting and escaping to be more
328: internally consistent (i.e. between sftp commands) and more
329: consistent with
1.101 bentley 330: <a href="https://man.openbsd.org/sh.1">sh(1)</a>.
1.33 djm 331: Please note that this will change the
332: interpretation of some quoted strings, especially those with
1.102 ! deraadt 333: embedded backslash escape sequences.
1.33 djm 334: <li>Support <em>"Banner=none"</em> in
1.101 bentley 335: <a href="https://man.openbsd.org/sshd_config.5">sshd_config(5)</a>
1.33 djm 336: to disable sending of a
1.102 ! deraadt 337: pre-login banner (e.g. in a <em>Match</em> block).
1.101 bentley 338: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>
1.33 djm 339: <em>ProxyCommand</em>s are now executed with $SHELL rather than
1.102 ! deraadt 340: /bin/sh.
1.101 bentley 341: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)'s</a>
1.33 djm 342: <em>ConnectTimeout</em> option is now applied to both the TCP
343: connection and the SSH banner exchange (previously it just covered
344: the TCP connection). This allows callers of
1.101 bentley 345: <a href="https://man.openbsd.org/ssh.1">ssh(1)</a>
1.33 djm 346: to better detect
347: and deal with stuck servers that accept a TCP connection but don't
348: progress the protocol, and also makes <em>ConnectTimeout</em> useful for
1.102 ! deraadt 349: connections via a <em>ProxyCommand</em>.
1.33 djm 350: <li>Many new regression tests, including interop tests against PuTTY's
1.102 ! deraadt 351: plink.
! 352: </ul>
1.33 djm 353: <li>The following significant bugs have been fixed in this release:
354: <ul>
355: <li>SSH2_MSG_UNIMPLEMENTED packets did not correctly reset the client
356: keepalive logic, causing disconnections on servers that did not
1.102 ! deraadt 357: explicitly implement "keepalive@openssh.com".
1.101 bentley 358: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>
1.61 okan 359: used the obsolete SIG DNS RRtype for host keys in DNS,
1.102 ! deraadt 360: instead of the current standard RRSIG.
1.33 djm 361: <li>Correctly drain ACKs when a
1.101 bentley 362: <a href="https://man.openbsd.org/sftp.1">sftp(1)</a>
1.33 djm 363: upload write fails midway,
1.102 ! deraadt 364: avoids a fatal() exit from what should be a recoverable condition.
1.33 djm 365: <li>Fixed packet size advertisements. Previously TCP and agent
366: forwarding incorrectly advertised the channel window size as the
1.102 ! deraadt 367: packet size, causing fatal errors under some conditions.
1.33 djm 368: <li><em>Many more bugfixes. Please refer to the
1.97 tb 369: <a href="https://www.openssh.com/txt/release-4.8">Release Notes</a>.</em>
1.102 ! deraadt 370:
! 371: </ul>
1.1 david 372: </ul>
373: <p>
374:
375: <li>Over 4,900 ports, minor robustness improvements in package tools.
376: <li>Many pre-built packages for each architecture:
1.101 bentley 377: <ul style="column-count: 3">
1.52 deraadt 378: <li>i386: 4782
1.56 deraadt 379: <li>sparc64: 4613
1.62 deraadt 380: <li>alpha: 4233
1.79 pvalchev 381: <li>sh: 2046
1.52 deraadt 382: <li>amd64: 4708
1.57 deraadt 383: <li>powerpc: 4634
1.63 deraadt 384: <li>sparc: 3159
1.73 deraadt 385: <li>m68k: 830
1.80 pvalchev 386: <li>arm: 3377
1.65 deraadt 387: <li>hppa: 3971
1.78 pvalchev 388: <li>vax: 296
1.73 deraadt 389: <li>mips64: 1897
1.67 deraadt 390: <li>m88k: 27
1.101 bentley 391: </ul>
1.1 david 392: Some highlights:
393: <ul>
1.2 jasper 394: <li>Gnome 2.20.3.
395: <li>GNUstep 1.14.2.
1.64 jasper 396: <li>KDE 3.5.8.
1.2 jasper 397: <li>Mozilla Firefox 2.0.0.12.
398: <li>Mozilla Thunderbird 2.0.0.12.
399: <li>MySQL 5.0.51a.
400: <li>OpenMotif 2.3.0.
401: <li>OpenOffice.org 2.3.1.
402: <li>PostgreSQL 8.2.6.
403: <li>Xfce 4.4.2.
1.1 david 404: </ul>
405: <p>
406:
407: <li>As usual, steady improvements in manual pages and other documentation.
408: <p>
409:
410: <li>The system includes the following major components from outside suppliers:
411: <ul>
1.4 matthieu 412: <li>Xenocara (based on X.Org 7.3 + patches, freetype 2.3.5, fontconfig
1.1 david 413: 2.4.2, Mesa 7.0.2, xterm 232 and more)
414: <li>Gcc 2.95.3
1.101 bentley 415: (+ <a href="https://man.openbsd.org/gcc-local.1">patches</a>)
1.1 david 416: and 3.3.5
1.101 bentley 417: (+ <a href="https://man.openbsd.org/gcc-local.1">patches</a>)
1.1 david 418: <li>Perl 5.8.8 (+ patches)
419: <li>Our improved and secured version of Apache 1.3, with SSL/TLS and DSO support
420: <li>OpenSSL 0.9.7j (+ patches)
421: <li>Groff 1.15
422: <li>Sendmail 8.14.1, with libmilter
423: <li>Bind 9.4.2 (+ patches)
424: <li>Lynx 2.8.5rel.4 with HTTPS and IPv6 support (+ patches)
425: <li>Sudo 1.6.9p12
426: <li>Ncurses 5.2
427: <li>Latest KAME IPv6
428: <li>Heimdal 0.7.2 (+ patches)
429: <li>Arla 0.35.7
430: <li>Binutils 2.15 (+ patches)
431: <li>Gdb 6.3 (+ patches)
432: </ul>
433:
434: </ul>
1.101 bentley 435: </section>
1.1 david 436:
437: <hr>
1.101 bentley 438:
439: <section id=install>
440: <h3>How to install</h3>
441:
1.1 david 442: <p>
443: Following this are the instructions which you would have on a piece of
444: paper if you had purchased a CDROM set instead of doing an alternate
445: form of install. The instructions for doing an FTP (or other style
446: of) install are very similar; the CDROM instructions are left intact
447: so that you can see how much easier it would have been if you had
448: purchased a CDROM instead.
449: <p>
450:
451: <hr>
452: Please refer to the following files on the three CDROMs or FTP mirror for
453: extensive details on how to install OpenBSD 4.3 on your machine:
454: <p>
455: <ul>
456: <li>CD1:4.3/i386/INSTALL.i386
457: <p>
458: <li>CD2:4.3/amd64/INSTALL.amd64
459: <li>CD2:4.3/macppc/INSTALL.macppc
460: <p>
461: <li>CD3:4.3/sparc64/INSTALL.sparc64
462: <p>
463: <li>FTP:.../OpenBSD/4.3/alpha/INSTALL.alpha
464: <li>FTP:.../OpenBSD/4.3/armish/INSTALL.armish
465: <li>FTP:.../OpenBSD/4.3/hp300/INSTALL.hp300
466: <li>FTP:.../OpenBSD/4.3/hppa/INSTALL.hppa
467: <li>FTP:.../OpenBSD/4.3/landisk/INSTALL.landisk
468: <li>FTP:.../OpenBSD/4.3/mac68k/INSTALL.mac68k
469: <li>FTP:.../OpenBSD/4.3/mvme68k/INSTALL.mvme68k
470: <li>FTP:.../OpenBSD/4.3/mvme88k/INSTALL.mvme88k
1.27 david 471: <li>FTP:.../OpenBSD/4.3/sgi/INSTALL.sgi
1.1 david 472: <li>FTP:.../OpenBSD/4.3/sparc/INSTALL.sparc
473: <li>FTP:.../OpenBSD/4.3/vax/INSTALL.vax
474: <li>FTP:.../OpenBSD/4.3/zaurus/INSTALL.zaurus
475: </ul>
476: <hr>
477:
1.101 bentley 478: <section id=quickinstall>
479:
1.1 david 480: <p>
481: Quick installer information for people familiar with OpenBSD, and the
482: use of the "disklabel -E" command. If you are at all confused when
483: installing OpenBSD, read the relevant INSTALL.* file as listed above!
1.101 bentley 484:
485: <h3>OpenBSD/i386:</h3>
486:
1.1 david 487: <p>
488: Play with your BIOS options to enable booting from a CD. The OpenBSD/i386
489: release is on CD1. If your BIOS does not support booting from CD, you will need
490: to create a boot floppy to install from. To create a boot floppy write
491: <i>CD1:4.3/i386/floppy43.fs</i> to a floppy and boot via the floppy drive.
492:
493: <p>
494: Use <i>CD1:4.3/i386/floppyB43.fs</i> instead for greater SCSI controller
495: support, or <i>CD1:4.3/i386/floppyC43.fs</i> for better laptop support.
496:
497: <p>
498: If you can't boot from a CD or a floppy disk,
499: you can install across the network using PXE as described in
500: the included INSTALL.i386 document.
501:
502: <p>
503: If you are planning on dual booting OpenBSD with another OS, you will need to
504: read INSTALL.i386.
505:
506: <p>
507: To make a boot floppy under MS-DOS, use the "rawrite" utility located
508: at <i>CD1:4.3/tools/rawrite.exe</i>. To make the boot floppy under a Unix OS,
509: use the
1.101 bentley 510: <a href="https://man.openbsd.org/dd.1">dd(1)</a>
1.1 david 511: utility. The following is an example usage of
1.101 bentley 512: <a href="https://man.openbsd.org/dd.1">dd(1)</a>,
1.1 david 513: where the device could be "floppy", "rfd0c", or
514: "rfd0a".
515:
1.101 bentley 516: <blockquote><pre>
1.1 david 517: # <strong>dd if=<file> of=/dev/<device> bs=32k</strong>
1.101 bentley 518: </pre></blockquote>
1.1 david 519:
520: <p>
521: Make sure you use properly formatted perfect floppies with NO BAD BLOCKS or
522: your install will most likely fail. For more information on creating a boot
523: floppy and installing OpenBSD/i386 please refer to
1.95 tj 524: <a href="faq/faq4.html#MkFlop">this page</a>.
1.101 bentley 525:
526: <h3>OpenBSD/amd64:</h3>
1.1 david 527:
528: <p>
529: The 4.3 release of OpenBSD/amd64 is located on CD2.
530: Boot from the CD to begin the install - you may need to adjust
531: your BIOS options first.
532: If you can't boot from the CD, you can create a boot floppy to install from.
533: To do this, write <i>CD2:4.3/amd64/floppy43.fs</i> to a floppy, then
534: boot from the floppy drive.
535:
536: <p>
537: If you can't boot from a CD or a floppy disk,
538: you can install across the network using PXE as described in the included
539: INSTALL.amd64 document.
540:
541: <p>
542: If you are planning to dual boot OpenBSD with another OS, you will need to
543: read INSTALL.amd64.
1.101 bentley 544:
545: <h3>OpenBSD/macppc:</h3>
1.1 david 546:
547: <p>
548: Put CD2 in your CDROM drive and poweron your machine while holding down the
549: <i>C</i> key until the display turns on and shows <i>OpenBSD/macppc boot</i>.
550:
551: <p>
552: Alternatively, at the Open Firmware prompt, enter <i>boot cd:,ofwboot
553: /4.3/macppc/bsd.rd</i>
1.101 bentley 554:
555: <h3>OpenBSD/sparc64:</h3>
1.1 david 556:
557: <p>
558: Put CD3 in your CDROM drive and type <i>boot cdrom</i>.
559:
560: <p>
561: If this doesn't work, or if you don't have a CDROM drive, you can write
562: <i>CD3:4.3/sparc64/floppy43.fs</i> or <i>CD3:4.3/sparc64/floppyB43.fs</i>
563: (depending on your machine) to a floppy and boot it with <i>boot
564: floppy</i>. Refer to INSTALL.sparc64 for details.
565:
566: <p>
567: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
568: will most likely fail.
569:
570: <p>
571: You can also write <i>CD3:4.3/sparc64/miniroot43.fs</i> to the swap partition on
572: the disk and boot with <i>boot disk:b</i>.
573:
574: <p>
575: If nothing works, you can boot over the network as described in INSTALL.sparc64.
1.101 bentley 576:
577: <h3>OpenBSD/alpha:</h3>
1.1 david 578:
579: <p>
1.101 bentley 580: Write <i>FTP:4.3/alpha/floppy43.fs</i> or
1.1 david 581: <i>FTP:4.3/alpha/floppyB43.fs</i> (depending on your machine) to a diskette and
582: enter <i>boot dva0</i>. Refer to INSTALL.alpha for more details.
583:
584: <p>
585: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
586: will most likely fail.
587:
1.101 bentley 588: <h3>OpenBSD/armish:</h3>
1.1 david 589:
590: <p>
591: After connecting a serial port, Thecus can boot directly from the network
592: either tftp or http. Configure the network using fconfig, reset,
593: then load bsd.rd, see INSTALL.armish for specific details.
594: IOData HDL-G can only boot from an EXT-2 partition. Boot into linux
595: and copy 'boot' and bsd.rd into the first partition on wd0 (hda1)
596: then load and run bsd.rd, preserving the wd0i (hda1) ext2fs partition.
597: More details are available in INSTALL.armish.
598:
1.101 bentley 599: <h3>OpenBSD/hp300:</h3>
600:
1.1 david 601: <p>
602: Boot over the network by following the instructions in INSTALL.hp300.
1.101 bentley 603:
604: <h3>OpenBSD/hppa:</h3>
1.1 david 605:
606: <p>
607: Boot over the network by following the instructions in INSTALL.hppa or the
608: <a href="hppa.html#install">hppa platform page</a>.
609:
1.101 bentley 610: <h3>OpenBSD/landisk:</h3>
611:
1.1 david 612: <p>
613: Write <i>miniroot43.fs</i> to the start of the CF
614: or disk, and boot normally.
1.101 bentley 615:
616: <h3>OpenBSD/mac68k:</h3>
1.1 david 617:
618: <p>
619: Boot MacOS as normal and extract the Macside "BSD/Mac68k Booter" utility from
620: <i>FTP:4.3/mac68k/utils</i> onto your hard disk. Configure the "BSD/Mac68k
621: Booter" with the location of your bsd.rd kernel and boot into the installer.
622: Refer to the instructions in INSTALL.mac68k for more details.
623:
1.101 bentley 624: <h3>OpenBSD/mvme68k:</h3>
625:
1.1 david 626: <p>
627: You can create a bootable installation tape or boot over the network.<br>
628: The network boot requires a MVME68K BUG version that supports the <i>NIOT</i>
629: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme68k
630: for more details.
1.101 bentley 631:
632: <h3>OpenBSD/mvme88k:</h3>
1.1 david 633:
634: <p>
635: You can create a bootable installation tape or boot over the network.<br>
636: The network boot requires a MVME88K BUG version that supports the <i>NIOT</i>
637: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme88k
638: for more details.
1.101 bentley 639:
640: <h3>OpenBSD/sparc:</h3>
1.1 david 641:
642: <p>
643: Boot from one of the provided install ISO images, using one of the two
644: commands listed below, depending on the version of your ROM.
645:
1.101 bentley 646: <blockquote><pre>
647: ok <kbd>boot cdrom 4.3/sparc/bsd.rd</kbd>
1.1 david 648: or
1.101 bentley 649: > <kbd>b sd(0,6,0)4.3/sparc/bsd.rd</kbd>
650: </pre></blockquote>
1.1 david 651:
652: <p>
653: If your SPARC system does not have a CD drive, you can alternatively boot from floppy.
654: To do so you need to write <i>floppy43.fs</i> to a floppy.
1.95 tj 655: For more information see <a href="faq/faq4.html#MkFlop">this page</a>.
1.1 david 656: To boot from the floppy use one of the two commands listed below,
657: depending on the version of your ROM.
658:
1.101 bentley 659: <blockquote><pre>
660: ok <kbd>boot floppy</kbd>
1.1 david 661: or
1.101 bentley 662: > <kbd>b fd()</kbd>
663: </pre></blockquote>
1.1 david 664:
665: <p>
666: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
667: will most likely fail.
668:
669: <p>
670: If your SPARC system doesn't have a floppy drive nor a CD drive, you can either
671: setup a bootable tape, or install via network, as told in the
672: INSTALL.sparc file.
673:
1.101 bentley 674: <h3>OpenBSD/sgi:</h3>
675:
1.1 david 676: <p>
677: Burn cd43.iso on a CD-R, put it in the CD drive of your machine and
678: select <i>Install System Software</i> from the System Maintenance menu.
679:
680: <p>
681: If your machine doesn't have a CD drive, you can
682: setup a DHCP/tftp network server, and boot using "bootp()/bsd.rd".
683: Refer to the instructions in INSTALL.sgi for more details.
1.101 bentley 684:
685: <h3>OpenBSD/vax:</h3>
1.1 david 686:
687: <p>
688: Boot over the network via mopbooting as described in INSTALL.vax.
1.101 bentley 689:
690: <h3>OpenBSD/zaurus:</h3>
1.1 david 691:
692: <p>
693: Using the Linux built-in graphical ipkg installer, install the
694: openbsd43_arm.ipk package. Reboot, then run it. Read INSTALL.zaurus
695: for a few important details.
1.101 bentley 696:
697: </section>
698:
699: <section id=sourcecode>
700: <h3>Notes about the source code:</h3>
1.1 david 701:
702: <p>
703: src.tar.gz contains a source archive starting at /usr/src. This file
704: contains everything you need except for the kernel sources, which are
705: in a separate archive. To extract:
1.101 bentley 706:
707: <blockquote><pre>
708: # <kbd>mkdir -p /usr/src</kbd>
709: # <kbd>cd /usr/src</kbd>
710: # <kbd>tar xvfz /tmp/src.tar.gz</kbd>
711: </pre></blockquote>
712:
1.1 david 713: <p>
714: sys.tar.gz contains a source archive starting at /usr/src/sys.
715: This file contains all the kernel sources you need to rebuild kernels.
716: To extract:
1.101 bentley 717:
718: <blockquote><pre>
719: # <kbd>mkdir -p /usr/src/sys</kbd>
720: # <kbd>cd /usr/src</kbd>
1.1 david 721: # <strong>tar xvfz /tmp/sys.tar.gz</strong>
1.101 bentley 722: </pre></blockquote>
723:
1.1 david 724: <p>
725: Both of these trees are a regular CVS checkout. Using these trees it
726: is possible to get a head-start on using the anoncvs servers as
727: described <a href="anoncvs.html">here</a>.
728: Using these files
729: results in a much faster initial CVS update than you could expect from
730: a fresh checkout of the full OpenBSD source tree.
731:
1.101 bentley 732: </section>
733: </section>
734:
1.1 david 735: <hr>
1.101 bentley 736:
737: <section id=upgrade>
738: <h3>How to upgrade</h3>
1.1 david 739: <p>
740: If you already have an OpenBSD 4.2 system, and do not want to reinstall,
741: upgrade instructions and advice can be found in the
742: <a href="faq/upgrade43.html">Upgrade Guide</a>.
1.101 bentley 743: </section>
1.1 david 744:
745: <hr>
1.101 bentley 746:
747: <section id=ports>
748: <h3>Ports Tree</h3>
1.1 david 749: <p>
750: A ports tree archive is also provided. To extract:
751: <p>
1.101 bentley 752: <blockquote><pre>
753: # <kbd>cd /usr</kbd>
754: # <kbd>tar xvfz /tmp/ports.tar.gz</kbd>
755: # <kbd>cd ports</kbd>
756: </pre></blockquote>
1.1 david 757: <p>
758: The <i>ports/</i> subdirectory is a checkout of the OpenBSD ports tree. Go
1.82 jasper 759: read the <a href="faq/faq15.html">ports</a> page
1.1 david 760: if you know nothing about ports
761: at this point. This text is not a manual of how to use ports.
762: Rather, it is a set of notes meant to kickstart the user on the
763: OpenBSD ports system.
764: <p>
765: The <i>ports/</i> directory represents a CVS (see the manpage for
1.101 bentley 766: <a href="https://man.openbsd.org/cvs.1">
1.1 david 767: cvs(1)</a> if
768: you aren't familiar with CVS) checkout of our ports. As with our complete
769: source tree, our ports tree is available via anoncvs. So, in
770: order to keep current with it, you must make the <i>ports/</i> tree
771: available on a read-write medium and update the tree with a command
772: like:
773: <p>
1.101 bentley 774: <blockquote><pre>
1.1 david 775: # <strong>cd [portsdir]/; cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_4_3</strong>
1.101 bentley 776: </pre></blockquote>
1.1 david 777: <p>
778: [Of course, you must replace the local directory and server name here
779: with the location of your ports collection and a nearby anoncvs
780: server.]
781: <p>
782: Note that most ports are available as packages through FTP. Updated
783: packages for the 4.3 release will be made available if problems arise.
784: <p>
785: If you're interested in seeing a port added, would like to help out, or just
786: would like to know more, the mailing list ports@openbsd.org is a good
787: place to know.
1.101 bentley 788: </section>