Annotation of www/44.html, Revision 1.26
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2: <html>
3: <head>
4: <title>OpenBSD 4.4 Release</title>
5: <link rev=made href="mailto:www@openbsd.org">
6: <meta name="resource-type" content="document">
7: <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
8: <meta name="description" content="OpenBSD 4.4">
9: <meta name="keywords" content="openbsd,main">
10: <meta name="distribution" content="global">
11: <meta name="copyright" content="This document copyright 2008 by OpenBSD.">
12: </head>
13:
14: <body bgcolor="#ffffff" text="#000000" link="#24248E">
15:
16: <a href="index.html">
17: <img alt="[OpenBSD]" height="30" width="141" hspace="24" src="images/smalltitle.gif" border="0"></a>
18: <hr>
19:
20: <p>
21: <a href="images/Cryptonaut.jpg">
22: <img align="left" width="227" height="343" hspace="24" vspace="30"
23: src="images/???.jpg" alt="OpenBSD 4.4 logo"></a>
24: <h2><font color="#0000e0">The OpenBSD 4.4 Release:</font></h2>
25: <p>
26: Released Nov 1, 2008<br>
27: Copyright 1997-2008, Theo de Raadt.<br>
28: <font color="#e00000">ISBN 978-0-9784475-2-6</font>
29: <br>
30: <a href="lyrics.html#44">4.4 Song: "???"</a>
31: <p>
32:
33: <a href="#new">What's New</a><br>
34: <a href="#install">How to install</a><br>
35: <a href="#upgrade">How to upgrade</a><br>
36: <a href="#ports">How to use the ports tree</a><br>
37: <a href="orders.html">Ordering a CD set</a><br>
38:
39: <p>
40: <h3><font color="#0000e0">
41: To get the files for this release:
42: <ul>
43: <li>Order a CDROM from our <a href="orders.html">ordering system</a>.
44: <li>See the information on <a href="ftp.html">The FTP page</a> for
45: a list of mirror machines.
46: <li>Go to the <font color="#e00000">pub/OpenBSD/4.4/</font> directory on
47: one of the mirror sites.
48: <li>Briefly read the rest of this document.
49: <li>Have a look at <a href="errata44.html">The 4.4 Errata page</a> for a list
50: of bugs and workarounds.
51: <li>See a <a href="plus44.html">detailed log of changes</a> between the
52: 4.3 and 4.4 releases.
53: </ul>
54: </font></h3>
55: <br clear=all>
56:
57: <strong>Note:</strong> All applicable copyrights and credits can be found
58: in the applicable file sources found in the files src.tar.gz, sys.tar.gz,
59: xenocara.tar.gz, or in the files fetched via ports.tar.gz. The distribution
60: files used to build packages from the ports.tar.gz file are not included on
61: the CDROM because of lack of space.
62: <p>
63:
64: <a name="new"></a>
65: <hr>
66: <p>
67: <h3><font color="#0000e0">What's New</font></h3>
68: <p>
69: This is a partial list of new features and systems included in OpenBSD 4.4.
70: For a comprehensive list, see the <a href="plus44.html">changelog</a> leading
71: to 4.4.
72: <p>
73:
74: <ul>
75:
76: <li>New/extended platforms:
77: <ul>
78: <li><a href="sparc64.html">OpenBSD/sparc64</a><br>
79: Much more platform support. Machines using the Ultrasparc IV/T1/T2
80: and Fujitsu Sparc64-V/V/VII are now supported.
1.4 matthieu 81: <li><a href="socppc.html">OpenBSD/socppc</a><br>
1.8 deraadt 82: For machines based on the Freescale MPC8349E
83: System-on-Chip (SoC) platform that use Das U-Boot as a boot loader.
1.4 matthieu 84: <li><a href="landisk.html">OpenBSD/landisk</a><br>
1.8 deraadt 85: Added shared libraries support.
1.1 deraadt 86: </ul>
87: <p>
88:
89: <li>Improved hardware support, including:
90: <ul>
1.8 deraadt 91: <li>Several new/improved drivers for sensors, including:
92: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fins&sektion=4">fins(4)</a>,
93: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=andl&sektion=4">andl(4)</a>,
94: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=it&sektion=4">it(4)</a>,
95: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=kate&sektion=4">kate(4)</a>,
96: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sdtemp&sektion=4">sdtemp(4)</a>,
97: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=lmtemp&sektion=4">lmtemp(4)</a>,
98: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=adt&sektion=4">adt(4)</a> and
99: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=km&sektion=4">km(4)</a>.
1.17 deraadt 100: <li>Support for the Intel G33 and G35 chipsets in
101: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=agp&sektion=4">agp(4)</a>.
102: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=lii&sektion=4">lii(4)</a>
103: driver for Attansic L2 10/100 Ethernet devices.
104: <li>Preliminary support for UVC USB webcams:
105: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=uvideo&sektion=4">uvideo(4)</a>
1.8 deraadt 106: and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=video&sektion=4">video(4)</a>.
1.26 ! deraadt 107: <li>WPA/WPA2-PSK support for several wireless cards.
1.17 deraadt 108: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=openchrome&sektion=4">openchrome(4)</a>
109: driver replaces the via X.Org driver for VIA video cards.
1.8 deraadt 110: <li>AMD Geode video card driver for X.Org.
1.17 deraadt 111: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=vmt&sektion=4">vmt(4)</a>
1.26 ! deraadt 112: driver which implements VMware Tools.
1.17 deraadt 113: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=auglx&sektion=4&arch=i386">auglx(4)</a>
114: driver for AMD Geode LX CS5536 integrated AC'97 audio.
115: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ix&sektion=4">ix(4)</a>
116: driver for Intel 82598 PCI Express 10Gb Ethernet.
117: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=acpithinkpad&sektion=4">acpithinkpad(4)</a>
118: driver provides additional ACPI support for IBM/Lenovo ThinkPad laptops.
119: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=acpiasus&sektion=4">acpiasus(4)</a>
1.26 ! deraadt 120: driver provides additional ACPI support for ASUS laptops, including the EeePC.
1.17 deraadt 121: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gecko&sektion=4">gecko(4)</a>
122: driver supporting the GeckoBOA BC GSC+ port found on some hppa systems.
123: <li>New <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tsec&sektion=4">tsec(4)</a>
1.26 ! deraadt 124: driver supporting the Freescale Triple Speed Ethernet Controller.
1.17 deraadt 125: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=re&sektion=4">re(4)</a>
126: driver now supports RTL8102E and RTL8168 devices.
127: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cas&sektion=4">cas(4)</a>
128: driver now supports National Semiconductor Saturn devices.
129: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pccom&sektion=4">pccom(4)</a>
130: driver has been removed; all platforms use com(4) now.
131: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cardbus&sektion=4">cardbus(4)</a>
132: and
133: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pcmcia&sektion=4">pcmcia(4)</a>
134: now work on most sparc64 machines.
135: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=udcf&sektion=4">udcf(4)</a>
136: driver now supports mouseCLOCK USB II devices.
137: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=msk&sektion=4">msk(4)</a>
1.21 deraadt 138: driver now supports 88E8040T devices.
1.17 deraadt 139: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ath&sektion=4">ath(4)</a>
140: now now supports many more Atheros wireless devices.
141: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ciss&sektion=4">ciss(4)</a>
142: driver now supports HP Smart Array P212, P410, P411, P411i
143: and P812 devices.
144: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=uftdi&sektion=4">uftdi(4)</a>
145: driver now supports ELV Elektronik and FTDI 2232L devices.
146: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=umsm&sektion=4">umsm(4)</a>
147: driver now supports Option GlobeTrotter 3G+, Huawei E220
148: and more HSDPA MSM devices.
149: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ubsa&sektion=4">ubsa(4)</a>
150: driver now supports ZTE CMDMA MSM devices.
151: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=axe&sektion=4">axe(4)</a>
152: driver now supports Apple USB A1277 devices.
153: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=puc&sektion=4">puc(4)</a>
154: driver now supports more Netmos devices.
155: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=mgx&sektion=4">mgx(4)</a>
156: driver now supports 2D acceleration on selected boards.
1.19 deraadt 157: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isp&sektion=4">isp(4)</a>
158: driver firmware for some controllers has been updated.
159: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=isp&sektion=4">isp(4)</a>
160: driver no longer hangs during probe some machines.
1.21 deraadt 161: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bge&sektion=4">bge(4)</a>
162: driver has better support for BCM5704 chipsets in fiber
163: mode which helps with some blade servers.
164: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bge&sektion=4">bge(4)</a>
165: driver has better support for the BCM5906 chipset on some systems.
166: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bge&sektion=4">bge(4)</a>
167: driver has much better support for PCI Express chipsets
168: resulting in much faster transit performance.
1.24 damien 169: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ral&sektion=4">ral(4)</a>
170: driver now supports Ralink Technology RT2700 devices.
1.21 deraadt 171: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bge&sektion=4">bge(4)</a>
172: driver has support for the BCM5714/5715/5780 chipsets using fiber interfaces.
173: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=bnx&sektion=4">bnx(4)</a>
174: driver has support for the BCM5706/5708 chipsets using fiber interfaces.
1.26 ! deraadt 175: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ral&sektion=4">ral(4)</a>
! 176: driver now supports Ralink Technology RT2700 devices.
! 177: <li>On i386 and amd64, make the serial console on non-primary ports work.
! 178: <li>On i386 and amd64, make the serial console handle non-default speeds.
1.1 deraadt 179: <li>...
180: </ul>
181: <p>
182:
183: <li>New tools:
184: <ul>
1.17 deraadt 185: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rpc.statd&sektion=8">rpc.statd(8)</a>,
186: the host status monitoring daemon for use with the NFS file locking daemon.
187: <li>Initial import of
188: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=yplapd&sektion=8">ypldap(8)</a>,
189: a drop-in replacement for ypserv to glue in an LDAP directory for
190: get{pw,gr}ent family of functions.
1.21 deraadt 191: <li>Deprecated <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=slattach&sektion=8">slattach(8)</a>
192: and <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=slattach&sektion=8">slattach(8)</a>
193: in favor of
194: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=slattach&sektion=8">ldattach(8)</a>.
195: <li>Import of <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=tcpbench&sektion=8">tcpbench(1)</a>, a small TCP benchmarking tool.
1.1 deraadt 196: <li>...
197: </ul>
198: <p>
199:
200: <li>New functionality:
201: <ul>
1.3 ratchov 202: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=aucat&sektion=1">aucat(1)</a>
1.26 ! deraadt 203: is now able to play and record audio in full-duplex,
! 204: mix unlimited number of streams, handle up to 16 channels,
! 205: resample streams on the fly, support various 24-bit and 32-bit
1.3 ratchov 206: encodings and does format conversions on the fly.
1.8 deraadt 207: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a> now supports IPv6.
1.26 ! deraadt 208: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhcpd&sektion=8">dhcpd(8)</a>
! 209: now supports basic synchronization of the /var/db/dhcpd.leases
! 210: file to allow running multiple instances for redundancy.
1.8 deraadt 211: <li>Many wireless network drivers now support WPA.
1.17 deraadt 212: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=rpc.lockd&sektion=8">rpc.lockd(8)</a>
213: now supports NLMv4 and does actually do locking.
214: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ftp&sektion=1">ftp(1)</a>
215: now supports recursive mget transfers.
1.19 deraadt 216: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ftp&sektion=1">ftp(1)</a>
217: now uses keep alive packets by default.
1.26 ! deraadt 218: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ftp&sektion=1">ftp(1)</a>
! 219: now accepts empty passwords in URLs.
1.17 deraadt 220: <li>Allow <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cdio&sektion=1">cdio(1)</a>
221: in TAO mode to set the write speed.
1.19 deraadt 222: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cdio&sektion=1">cdio(1)</a>
223: no longer blanks media twice.
1.21 deraadt 224: <li>Add ability in <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cdio&sektion=1">cdio(1)</a>
225: to determine media capabilities and make it figure out if media supports TAO or blanking.
1.17 deraadt 226: <li>Initial version of
227: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=softraid&sektion=4">softraid(4)</a>
228: crypto support. Disabled for now.
1.19 deraadt 229: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhcpd&sektion=8">dhcpd(8)</a>
1.26 ! deraadt 230: now groks options tftp-config-file and auto-proxy-script in
! 231: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhcpd.conf&sektion=5">dhcpd.conf(5)</a>.
1.19 deraadt 232: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhclient&sektion=8">dhclient(8)</a>
233: option handling much more resistant to abuse.
234: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dhclient&sektion=8">dhclient(8)</a>
235: now aware of interface link state and reacts to changes.
236: <li>DIOCRLDINFO, DIOCGPDINFO, and DIOCGPART support added to block devices
237: previously lacking it.
238: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=disklabel&sektion=8">disklabel(8)</a>
239: no longer supports the '-r' option, and obtains all disklabel information via ioctl's.
240: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=disklabel&sektion=8">disklabel(8)</a>
241: no longer suggests offsets and sizes that would result in partitions starting or ending
242: outside the OpenBSD section of the disk.
243: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=disklabel&sektion=8">disklabel(8)</a>
244: now correctly reads back the 'vendor' field from text disklabels.
245: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=disklabel&sektion=8">disklabel(8)</a>
246: editor mode '?' and 'p' commands are more compact and the 'l' command has been added
247: to produce previous verbose output.
248: <li>I/O's outside the bounds of the RAW_PART are now prevented, allowing
249: proper detection of invalid I/O's.
250: <li>USB floppies now have a valid cylinder count calculated, rather than 0.
251: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=newfs&sektion=8">newfs(8)</a>
252: can now create filesystems on devices with sector sizes other than 512, although
253: such filesystems cannot yet be read.
254: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scsi&sektion=4">scsi(4)</a>
255: probing displays less useless verbiage and fewer spurious error messages.
256: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=st&sektion=4">st(4)</a>
257: devices can now be detached.
258: <li>ATAPI devices are now identified as such, rather than as SCSIn devices.
259: <li>SATA tape drives now work.
260: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scsi&sektion=4">scsi(4)</a>
261: probing now displays the ID of the initiator on the bus.
262: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scsi&sektion=4">scsi(4)</a>
263: debug capabilities improved to show commands and input or output data as appropriate.
264: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scsi&sektion=4">scsi(4)</a>
265: probing makes better use of the TEST UNIT READY command to clear errors and allow
266: successfull attachments.
267: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scsi&sektion=4">scsi(4)</a>
268: probing can now find more fibre channel attached devices.
1.21 deraadt 269: <li>Several mbuf pool cache corruption issues were fixed.
270: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=identd&sektion=8">identd(8)</a>
271: now supports IPv6 in standalone mode.
272: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cal&sektion=1">cal(1)</a>
273: now shows week numbers too.
274: <li>In <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>,
275: implement a sloppy tcpstate tracker which does not look at sequence numbers at all.
1.25 mpf 276: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>
277: rule accounting now has a counter to record how many states in total have been
278: created by a rule.
279: <li>The kill states feature in
280: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pfctl&sektion=8">pfctl(8)</a>
281: now supports two additional match targets: Kill by rule label or state ID.
1.21 deraadt 282: <li>Make <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=relayd&sektion=8">relayd(8)</a>
283: use sloppy
284: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=pf&sektion=4">pf(4)</a>
285: state keeping for routed sessions (Direct Server Return).
286: <li>Added support in
287: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=relayd&sektion=8">relayd(8)</a>
288: for transparent L7 forwarding in relays.
289: <li>Extend <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=awk&sektion=1">awk(1)</a>
290: with bitwise operations.
1.8 deraadt 291: <li>...
1.1 deraadt 292: </ul>
293: <p>
294:
295: <li>Assorted improvements and code cleanup:
296: <ul>
1.8 deraadt 297: <li>A greatly changed buffer cache subsystem which maps cache pages only
298: when in use, resulting in improved filesystem performance, and
1.26 ! deraadt 299: allowing for the effective use of a much larger buffer cache.
1.11 espie 300: <li>A greatly improved implementation of
1.9 otto 301: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=malloc&sektion=3">
1.11 espie 302: malloc(3)</a>, the general purpose memory allocator,
303: which catches more mistakes, reduces address space fragmentation,
304: and is faster.
1.10 otto 305: <li>The <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=statfs&sektion=2">
1.14 otto 306: statfs(2)</a> system call has been enhanced to support large
1.10 otto 307: filesystems.
1.20 deraadt 308: <li>Lots of features have been implemented in OpenCVS, which can now be used
1.19 deraadt 309: to do some real work.
310: <li>New APIs for arc4random, one to fill a buffer with random numbers
311: and the other to return a uniformly distributed random number without bias.
1.12 deraadt 312: <li>...
1.1 deraadt 313: </ul>
314: <p>
315:
316: <li>Install/Upgrade process changes:
317: <ul>
1.15 deraadt 318: <li>A new tool
1.18 sobrado 319: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sysmerge&sektion=8">
320: sysmerge(8)</a>, derived from the old mergemaster port, makes
1.15 deraadt 321: it easier to merge configuration files changes during an upgrade.
1.16 deraadt 322: <li>Fully support OpenBSD inside extended partitions on i386 and amd64.
1.17 deraadt 323: <li>During installation 'dhcp' is now the initial default answer during
324: network configuration.
1.19 deraadt 325: <li>Fetching sets via FTP more reliable due to automatic use of keep alive.
326: <li>Fetching sets via NFS no longer hangs retrying a non-functional mount.
327: <li>Installation ensures hostname.* files are installed with mode 600.
328: <li>Serial console configuration now automatically detects speed.
329: <li>Serial console support extended to all architectures.
330: <li>Partition size display no longer limited to 32 bit sizes.
331: <li>Partition sizes now scaled and formatted to use human readable units.
1.26 ! deraadt 332: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ntpd&sektion=8">ntpd(8)</a>
! 333: configuration questions improved.
1.19 deraadt 334: <li>Sparc miniroot root disk detection fixed.
335: <li>Invocations of
336: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=disklabel&sektion=8">disklabel(8)</a>
337: by the scripts are now less verbose.
1.1 deraadt 338: </ul>
339: <p>
340:
1.15 deraadt 341: <li>OpenSSH 5.1:
1.1 deraadt 342: <ul>
1.15 deraadt 343: <li>New experimental fingerprint ASCII art visualisation system for easier
344: verification of remote keys.
345: <li>Added <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=chroot&sektion=2">
346: chroot(2)</a> support for
347: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>.
348: <li>Added an extended test mode (-T) to
349: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&sektion=8">sshd(8)</a>.
350: <li>Make
351: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>
352: support negation of groups in a "Match group" block.
1.16 deraadt 353: <li>Increased the ephemeral key size in protocol1 from 768 to 1024 bits.
1.15 deraadt 354: <li>Better tests of primes in /etc/moduli
1.16 deraadt 355: <li>Refuse to read .shosts or authorized_keys files that are not regular
1.15 deraadt 356: files.
357: <li>Enable ~ escapes for multiplex slave sessions.
1.16 deraadt 358: <li>Support CIDR address matching in Match blocks and authorized_keys
1.15 deraadt 359: from="..." stanzas.
360: <li>Make port forwarding code try additional addresses when connecting to
361: a destination whose DNS name resolves to more than one address.
362: <li>Make the maximum number of
363: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&sektion=1">ssh(1)</a>
1.16 deraadt 364: sessions run-time controllable via MaxSessions in
1.15 deraadt 365: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&sektion=5">
366: ssh_config(5)</a>.
367: <li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_scan&sektion=1">
1.16 deraadt 368: ssh_scan(1)</a> now defaults to RSA protocol 2 keys, instead of RSA1.
1.15 deraadt 369: <li>Added an extension to sftp protocol to implement
370: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=statvfs&sektion=2">
371: statvfs(2)</a>-like operations and add a df command to
372: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&sektion=1">
373: sftp(1)</a>.
1.26 ! deraadt 374: <li>Disable execution of ~/.ssh/rc for sessions where a command has been
1.15 deraadt 375: forced by the sshd_config ForceCommand directive.
376: <li>And several bug fixes and performance enhancements.
1.1 deraadt 377: </ul>
378: <p>
379:
380: <li>Over ???? ports, minor robustness improvements in package tools.
381: <li>Many pre-built packages for each architecture:
382: <table border=0 cellspacing=0 cellpadding=2 width="95%">
383: <tr>
384: <td valign="top" width="25%">
385: <ul>
1.8 deraadt 386: <li>i386: 5033
387: <li>sparc64: 4862
1.1 deraadt 388: <li>alpha: ????
389: <li>sh: ????
390: </ul></td><td valign=top width="25%"><ul>
1.23 deraadt 391: <li>amd64: 4940
1.22 deraadt 392: <li>powerpc: 4258
1.1 deraadt 393: <li>sparc: ????
394: <li>m68k: ????
395: </ul></td><td valign=top width="25%"><ul>
396: <li>arm: ????
397: <li>hppa: ????
398: <li>vax: ????
399: <li>mips64: ????
400: </ul></td><td valign=top width="25%"><ul>
401: <li>m88k: ????
402: </ul></td></tr></table>
403: Some highlights:
404: <ul>
1.11 espie 405: <li>mozilla-firefox3
406: <li>drupal-5, core package and external modules, a modern CMS.
1.1 deraadt 407: </ul>
408: <p>
409:
410: <li>As usual, steady improvements in manual pages and other documentation.
411: <p>
412:
413: <li>The system includes the following major components from outside suppliers:
414: <ul>
415: <li>Xenocara (based on X.Org 7.3 + patches, freetype 2.3.5, fontconfig
1.2 matthieu 416: 2.4.2, Mesa 7.0.3, xterm 234 and more)
1.1 deraadt 417: <li>Gcc 2.95.3
418: (+ <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gcc-local&sektion=1">patches</a>)
419: and 3.3.5
420: (+ <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=gcc-local&sektion=1">patches</a>)
421: <li>Perl 5.8.8 (+ patches)
422: <li>Our improved and secured version of Apache 1.3, with SSL/TLS and DSO support
423: <li>OpenSSL 0.9.7j (+ patches)
424: <li>Groff 1.15
1.8 deraadt 425: <li>Sendmail 8.14.3, with libmilter
426: <li>Bind 9.4.2-P2 (+ patches)
1.1 deraadt 427: <li>Lynx 2.8.5rel.4 with HTTPS and IPv6 support (+ patches)
1.8 deraadt 428: <li>Sudo 1.6.9p17
1.1 deraadt 429: <li>Ncurses 5.2
430: <li>Latest KAME IPv6
431: <li>Heimdal 0.7.2 (+ patches)
432: <li>Arla 0.35.7
433: <li>Binutils 2.15 (+ patches)
434: <li>Gdb 6.3 (+ patches)
435: </ul>
436: <p>
437:
438: </ul>
439:
440: <a name="install"></a>
441: <hr>
442: <p>
443: <h3><font color="#0000e0">How to install</font></h3>
444: <p>
445: Following this are the instructions which you would have on a piece of
446: paper if you had purchased a CDROM set instead of doing an alternate
447: form of install. The instructions for doing an FTP (or other style
448: of) install are very similar; the CDROM instructions are left intact
449: so that you can see how much easier it would have been if you had
450: purchased a CDROM instead.
451: <p>
452:
453: <hr>
454: Please refer to the following files on the three CDROMs or FTP mirror for
455: extensive details on how to install OpenBSD 4.4 on your machine:
456: <p>
457: <ul>
458: <li>CD1:4.4/i386/INSTALL.i386
459: <p>
460: <li>CD2:4.4/amd64/INSTALL.amd64
461: <li>CD2:4.4/macppc/INSTALL.macppc
462: <p>
463: <li>CD3:4.4/sparc64/INSTALL.sparc64
464: <p>
465: <li>FTP:.../OpenBSD/4.4/alpha/INSTALL.alpha
466: <li>FTP:.../OpenBSD/4.4/armish/INSTALL.armish
467: <li>FTP:.../OpenBSD/4.4/hp300/INSTALL.hp300
468: <li>FTP:.../OpenBSD/4.4/hppa/INSTALL.hppa
469: <li>FTP:.../OpenBSD/4.4/landisk/INSTALL.landisk
470: <li>FTP:.../OpenBSD/4.4/mac68k/INSTALL.mac68k
471: <li>FTP:.../OpenBSD/4.4/mvme68k/INSTALL.mvme68k
472: <li>FTP:.../OpenBSD/4.4/mvme88k/INSTALL.mvme88k
473: <li>FTP:.../OpenBSD/4.4/sgi/INSTALL.sgi
474: <li>FTP:.../OpenBSD/4.4/sparc/INSTALL.sparc
475: <li>FTP:.../OpenBSD/4.4/vax/INSTALL.vax
476: <li>FTP:.../OpenBSD/4.4/zaurus/INSTALL.zaurus
477: </ul>
478: <hr>
479:
480: <p>
481: Quick installer information for people familiar with OpenBSD, and the
482: use of the "disklabel -E" command. If you are at all confused when
483: installing OpenBSD, read the relevant INSTALL.* file as listed above!
484: <p>
485:
486: <h3><font color="#e00000">OpenBSD/i386:</font></h3>
487: <ul>
488: Play with your BIOS options to enable booting from a CD. The OpenBSD/i386
489: release is on CD1. If your BIOS does not support booting from CD, you will need
490: to create a boot floppy to install from. To create a boot floppy write
491: <i>CD1:4.4/i386/floppy44.fs</i> to a floppy and boot via the floppy drive.
492:
493: <p>
494: Use <i>CD1:4.4/i386/floppyB44.fs</i> instead for greater SCSI controller
495: support, or <i>CD1:4.4/i386/floppyC44.fs</i> for better laptop support.
496:
497: <p>
498: If you can't boot from a CD or a floppy disk,
499: you can install across the network using PXE as described in
500: the included INSTALL.i386 document.
501:
502: <p>
503: If you are planning on dual booting OpenBSD with another OS, you will need to
504: read INSTALL.i386.
505:
506: <p>
507: To make a boot floppy under MS-DOS, use the "rawrite" utility located
508: at <i>CD1:4.4/tools/rawrite.exe</i>. To make the boot floppy under a Unix OS,
509: use the
510: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dd&sektion=1">dd(1)</a>
511: utility. The following is an example usage of
512: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=dd&sektion=1">dd(1)</a>,
513: where the device could be "floppy", "rfd0c", or
514: "rfd0a".
515:
516: <ul><pre>
517: # <strong>dd if=<file> of=/dev/<device> bs=32k</strong>
518: </pre></ul>
519:
520: <p>
521: Make sure you use properly formatted perfect floppies with NO BAD BLOCKS or
522: your install will most likely fail. For more information on creating a boot
523: floppy and installing OpenBSD/i386 please refer to
524: <a href="faq/faq4.html#MkFlop">FAQ 4.3.1</a>.
525: </ul>
526:
527: <p>
528: <h3><font color="#e00000">OpenBSD/amd64:</font></h3>
529: <ul>
530: The 4.4 release of OpenBSD/amd64 is located on CD2.
531: Boot from the CD to begin the install - you may need to adjust
532: your BIOS options first.
533: If you can't boot from the CD, you can create a boot floppy to install from.
534: To do this, write <i>CD2:4.4/amd64/floppy44.fs</i> to a floppy, then
535: boot from the floppy drive.
536:
537: <p>
538: If you can't boot from a CD or a floppy disk,
539: you can install across the network using PXE as described in the included
540: INSTALL.amd64 document.
541:
542: <p>
543: If you are planning to dual boot OpenBSD with another OS, you will need to
544: read INSTALL.amd64.
545: </ul>
546:
547: <p>
548: <h3><font color="#e00000">OpenBSD/macppc:</font></h3>
549: <ul>
550: Put CD2 in your CDROM drive and poweron your machine while holding down the
551: <i>C</i> key until the display turns on and shows <i>OpenBSD/macppc boot</i>.
552:
553: <p>
554: Alternatively, at the Open Firmware prompt, enter <i>boot cd:,ofwboot
555: /4.4/macppc/bsd.rd</i>
556: </ul>
557:
558: <p>
559: <h3><font color="#e00000">OpenBSD/sparc64:</font></h3>
560: <ul>
561: Put CD3 in your CDROM drive and type <i>boot cdrom</i>.
562:
563: <p>
564: If this doesn't work, or if you don't have a CDROM drive, you can write
565: <i>CD3:4.4/sparc64/floppy44.fs</i> or <i>CD3:4.4/sparc64/floppyB44.fs</i>
566: (depending on your machine) to a floppy and boot it with <i>boot
567: floppy</i>. Refer to INSTALL.sparc64 for details.
568:
569: <p>
570: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
571: will most likely fail.
572:
573: <p>
574: You can also write <i>CD3:4.4/sparc64/miniroot44.fs</i> to the swap partition on
575: the disk and boot with <i>boot disk:b</i>.
576:
577: <p>
578: If nothing works, you can boot over the network as described in INSTALL.sparc64.
579: </ul>
580:
581: <p>
582: <h3><font color="#e00000">OpenBSD/alpha:</font></h3>
583: <ul>
584: <p>Write <i>FTP:4.4/alpha/floppy44.fs</i> or
585: <i>FTP:4.4/alpha/floppyB44.fs</i> (depending on your machine) to a diskette and
586: enter <i>boot dva0</i>. Refer to INSTALL.alpha for more details.
587:
588: <p>
589: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
590: will most likely fail.
591:
592: </ul>
593:
594: <p>
595: <h3><font color="#e00000">OpenBSD/armish:</font></h3>
596: <ul>
597: <p>
598: After connecting a serial port, Thecus can boot directly from the network
599: either tftp or http. Configure the network using fconfig, reset,
600: then load bsd.rd, see INSTALL.armish for specific details.
601: IOData HDL-G can only boot from an EXT-2 partition. Boot into linux
602: and copy 'boot' and bsd.rd into the first partition on wd0 (hda1)
603: then load and run bsd.rd, preserving the wd0i (hda1) ext2fs partition.
604: More details are available in INSTALL.armish.
605: </ul>
606:
607: <p>
608: <h3><font color="#e00000">OpenBSD/hp300:</font></h3>
609: <ul>
610: <p>
611: Boot over the network by following the instructions in INSTALL.hp300.
612: </ul>
613:
614: <p>
615: <h3><font color="#e00000">OpenBSD/hppa:</font></h3>
616: <ul>
617: <p>
618: Boot over the network by following the instructions in INSTALL.hppa or the
619: <a href="hppa.html#install">hppa platform page</a>.
620: </ul>
621:
622: <p>
623: <h3><font color="#e00000">OpenBSD/landisk:</font></h3>
624: <ul>
625: <p>
626: Write <i>miniroot44.fs</i> to the start of the CF
627: or disk, and boot normally.
628: </ul>
629:
630: <p>
631: <h3><font color="#e00000">OpenBSD/mac68k:</font></h3>
632: <ul>
633: <p>
634: Boot MacOS as normal and extract the Macside "BSD/Mac68k Booter" utility from
635: <i>FTP:4.4/mac68k/utils</i> onto your hard disk. Configure the "BSD/Mac68k
636: Booter" with the location of your bsd.rd kernel and boot into the installer.
637: Refer to the instructions in INSTALL.mac68k for more details.
638: </ul>
639:
640: <p>
641: <h3><font color="#e00000">OpenBSD/mvme68k:</font></h3>
642: <ul>
643: <p>
644: You can create a bootable installation tape or boot over the network.<br>
645: The network boot requires a MVME68K BUG version that supports the <i>NIOT</i>
646: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme68k
647: for more details.
648: </ul>
649:
650: <p>
651: <h3><font color="#e00000">OpenBSD/mvme88k:</font></h3>
652: <ul>
653: <p>
654: You can create a bootable installation tape or boot over the network.<br>
655: The network boot requires a MVME88K BUG version that supports the <i>NIOT</i>
656: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme88k
657: for more details.
658: </ul>
659:
660: <p>
661: <h3><font color="#e00000">OpenBSD/sparc:</font></h3>
662: <ul>
663: Boot from one of the provided install ISO images, using one of the two
664: commands listed below, depending on the version of your ROM.
665:
666: <ul><pre>
667: ok <strong>boot cdrom 4.4/sparc/bsd.rd</strong>
668: or
669: > <strong>b sd(0,6,0)4.4/sparc/bsd.rd</strong>
670: </pre></ul>
671:
672: <p>
673: If your SPARC system does not have a CD drive, you can alternatively boot from floppy.
674: To do so you need to write <i>floppy44.fs</i> to a floppy.
675: For more information see <a href="faq/faq4.html#MkFlop">FAQ 4.3.1</a>.
676: To boot from the floppy use one of the two commands listed below,
677: depending on the version of your ROM.
678:
679: <ul><pre>
680: ok <strong>boot floppy</strong>
681: or
682: > <strong>b fd()</strong>
683: </pre></ul>
684:
685: <p>
686: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
687: will most likely fail.
688:
689: <p>
690: If your SPARC system doesn't have a floppy drive nor a CD drive, you can either
691: setup a bootable tape, or install via network, as told in the
692: INSTALL.sparc file.
693: </ul>
694:
695: <p>
696: <h3><font color="#e00000">OpenBSD/sgi:</font></h3>
697: <ul>
698: <p>
699: Burn cd44.iso on a CD-R, put it in the CD drive of your machine and
700: select <i>Install System Software</i> from the System Maintenance menu.
701:
702: <p>
703: If your machine doesn't have a CD drive, you can
704: setup a DHCP/tftp network server, and boot using "bootp()/bsd.rd".
705: Refer to the instructions in INSTALL.sgi for more details.
706: </ul>
707:
708: <p>
709: <h3><font color="#e00000">OpenBSD/vax:</font></h3>
710: <ul>
711: Boot over the network via mopbooting as described in INSTALL.vax.
712: </ul>
713:
714: <p>
715: <h3><font color="#e00000">OpenBSD/zaurus:</font></h3>
716: <ul>
717: <p>
718: Using the Linux built-in graphical ipkg installer, install the
719: openbsd44_arm.ipk package. Reboot, then run it. Read INSTALL.zaurus
720: for a few important details.
721: </ul>
722:
723: <p>
724: <h3><font color="#e00000">Notes about the source code:</font></h3>
725: <ul>
726: src.tar.gz contains a source archive starting at /usr/src. This file
727: contains everything you need except for the kernel sources, which are
728: in a separate archive. To extract:
729: <p>
730: <ul><pre>
731: # <strong>mkdir -p /usr/src</strong>
732: # <strong>cd /usr/src</strong>
733: # <strong>tar xvfz /tmp/src.tar.gz</strong>
734: </pre></ul>
735: <p>
736: sys.tar.gz contains a source archive starting at /usr/src/sys.
737: This file contains all the kernel sources you need to rebuild kernels.
738: To extract:
739: <p>
740: <ul><pre>
741: # <strong>mkdir -p /usr/src/sys</strong>
742: # <strong>cd /usr/src</strong>
743: # <strong>tar xvfz /tmp/sys.tar.gz</strong>
744: </pre></ul>
745: <p>
746: Both of these trees are a regular CVS checkout. Using these trees it
747: is possible to get a head-start on using the anoncvs servers as
748: described <a href="anoncvs.html">here</a>.
749: Using these files
750: results in a much faster initial CVS update than you could expect from
751: a fresh checkout of the full OpenBSD source tree.
752: <p>
753: </ul>
754:
755: <a name="upgrade"></a>
756: <hr>
757: <p>
758: <h3><font color="#0000e0">How to upgrade</font></h3>
759: <p>
760: If you already have an OpenBSD 4.3 system, and do not want to reinstall,
761: upgrade instructions and advice can be found in the
762: <a href="faq/upgrade44.html">Upgrade Guide</a>.
763:
764: <a name="ports"></a>
765: <hr>
766: <p>
767: <h3><font color="#0000e0">Ports Tree</font></h3>
768: <p>
769: A ports tree archive is also provided. To extract:
770: <p>
771: <ul><pre>
772: # <strong>cd /usr</strong>
773: # <strong>tar xvfz /tmp/ports.tar.gz</strong>
774: # <strong>cd ports</strong>
775: </pre></ul>
776: <p>
777: The <i>ports/</i> subdirectory is a checkout of the OpenBSD ports tree. Go
778: read the <a href="ports.html">ports</a> page
779: if you know nothing about ports
780: at this point. This text is not a manual of how to use ports.
781: Rather, it is a set of notes meant to kickstart the user on the
782: OpenBSD ports system.
783: <p>
784: The <i>ports/</i> directory represents a CVS (see the manpage for
785: <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=cvs&apropos=0&sektion=1&manpath=OpenBSD+Current&arch=i386&format=html">
786: cvs(1)</a> if
787: you aren't familiar with CVS) checkout of our ports. As with our complete
788: source tree, our ports tree is available via anoncvs. So, in
789: order to keep current with it, you must make the <i>ports/</i> tree
790: available on a read-write medium and update the tree with a command
791: like:
792: <p>
793: <ul><pre>
794: # <strong>cd [portsdir]/; cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_4_4</strong>
795: </pre></ul>
796: <p>
797: [Of course, you must replace the local directory and server name here
798: with the location of your ports collection and a nearby anoncvs
799: server.]
800: <p>
801: Note that most ports are available as packages through FTP. Updated
802: packages for the 4.4 release will be made available if problems arise.
803: <p>
804: If you're interested in seeing a port added, would like to help out, or just
805: would like to know more, the mailing list ports@openbsd.org is a good
806: place to know.
807: <p>
808:
809: <hr>
810: <a href="index.html"><img height="24" width="24" src="back.gif" border="0"
811: alt="OpenBSD"></a>
812: <a href="mailto:www@openbsd.org">www@openbsd.org</a>
813: <br><small>
1.26 ! deraadt 814: $OpenBSD: 44.html,v 1.25 2008/08/26 09:11:59 mpf Exp $
1.1 deraadt 815: </small>
816:
817: </body>
818: </html>