Annotation of www/48.html, Revision 1.55
1.54 bentley 1: <!doctype html>
2: <html lang=en id=release>
3: <meta charset=utf-8>
4:
1.38 deraadt 5: <title>OpenBSD 4.8</title>
1.1 deraadt 6: <meta name="description" content="OpenBSD 4.8">
1.48 tj 7: <meta name="viewport" content="width=device-width, initial-scale=1">
8: <link rel="stylesheet" type="text/css" href="openbsd.css">
1.50 tb 9: <link rel="canonical" href="https://www.openbsd.org/48.html">
1.54 bentley 10: <style>
11: #sourcecode h3 {
12: color: var(--red);
13: }
14:
15: #sourcecode p {
16: margin-left: 2.75em;
17: }
18:
19: #sourcecode blockquote {
20: margin-left: 4.5em;
21: }
22: </style>
1.1 deraadt 23:
1.54 bentley 24: <h2 id=OpenBSD>
1.1 deraadt 25: <a href="index.html">
1.54 bentley 26: <i>Open</i><b>BSD</b></a>
27: 4.8
1.48 tj 28: </h2>
1.1 deraadt 29:
1.54 bentley 30: <table>
31: <tr>
32: <td>
1.2 deraadt 33: <a href="images/ElPuffiachi.jpg">
1.54 bentley 34: <img width="227" height="343" src="images/ElPuffiachi.jpg" alt="El Puffiachi"></a>
35: <td>
1.33 deraadt 36: Released Nov 1, 2010<br>
1.1 deraadt 37: Copyright 1997-2010, Theo de Raadt.<br>
1.54 bentley 38: <cite class=isbn>ISBN 978-0-9784475-6-4</cite>
1.1 deraadt 39: <br>
1.45 deraadt 40: 4.8 Song: <a href="lyrics.html#48">"El Puffiachi"</a>
1.53 deraadt 41: <br>
42: <br>
1.1 deraadt 43: <ul>
44: <li>See the information on <a href="ftp.html">The FTP page</a> for
45: a list of mirror machines.
1.54 bentley 46: <li>Go to the <code class=reldir>pub/OpenBSD/4.8/</code> directory on
1.1 deraadt 47: one of the mirror sites.
48: <li>Have a look at <a href="errata48.html">The 4.8 Errata page</a> for a list
49: of bugs and workarounds.
50: <li>See a <a href="plus48.html">detailed log of changes</a> between the
51: 4.7 and 4.8 releases.
52: </ul>
1.48 tj 53: <p>
54: All applicable copyrights and credits are in the src.tar.gz,
55: sys.tar.gz, xenocara.tar.gz, ports.tar.gz files, or in the
56: files fetched via ports.tar.gz.
1.54 bentley 57: </table>
1.48 tj 58:
59: <hr>
1.1 deraadt 60:
1.54 bentley 61: <section id=new>
62: <h3>What's New</h3>
63:
1.1 deraadt 64: <p>
65: This is a partial list of new features and systems included in OpenBSD 4.8.
66: For a comprehensive list, see the <a href="plus48.html">changelog</a> leading
67: to 4.8.
68: <p>
69:
70: <ul>
71:
72: <li>New/extended platforms:
73: <ul>
1.21 deraadt 74: <li>i386 and amd64:
75: <ul>
76: <li>ACPI-based suspend/resume works on most machines with Intel/ATI video.
1.28 stsp 77: Machines using NVidia graphics will not resume the graphics. cardbus(4) and
1.21 deraadt 78: pcmcia(4) will still have some problems, too.
79: </ul>
1.1 deraadt 80: </ul>
81: <p>
82:
83: <li>Improved hardware support, including:
84: <ul>
1.54 bentley 85: <li>New <a href="https://man.openbsd.org/acpisony.4">acpisony(4)</a>
1.6 jsg 86: driver for Sony ACPI control.
1.54 bentley 87: <li>New <a href="https://man.openbsd.org/itherm.4">itherm(4)</a>
1.6 jsg 88: driver for Intel 3400 temperature sensor.
1.54 bentley 89: <li>New <a href="https://man.openbsd.org/se.4">se(4)</a>
1.6 jsg 90: driver for SiS 190 10/100/Gigabit Ethernet devices.
1.54 bentley 91: <li>New <a href="https://man.openbsd.org/uguru.4">uguru(4)</a>
1.6 jsg 92: driver for ABIT temperature, voltage and fan sensors.
1.54 bentley 93: <li>New <a href="https://man.openbsd.org/owctr.4">owctr(4)</a>
1.6 jsg 94: driver for 1-Wire counter devices.
1.54 bentley 95: <li>New <a href="https://man.openbsd.org/pgs&arch=macppc&secktion=4">pgs(4)</a>
1.14 jasper 96: driver for Programmers Switch found on some macppc machines.
1.7 jsg 97: <li>Support for 82576 fiber and 82577/82578 (PCH) based devices
1.54 bentley 98: has been added to <a href="https://man.openbsd.org/em.4">em(4)</a>.
1.7 jsg 99: <li>Support for 24-bit encodings and USB 2.0 playback
1.54 bentley 100: has been added to <a href="https://man.openbsd.org/uaudio.4">uaudio(4)</a>.
1.7 jsg 101: <li>Support for Winbond/Nuvoton W83627DHG-P
1.54 bentley 102: has been added to <a href="https://man.openbsd.org/wbsio.4">wbsio(4)</a>.
1.7 jsg 103: <li>Support for RTL8168E
1.54 bentley 104: has been added to <a href="https://man.openbsd.org/re.4">re(4)</a>.
1.7 jsg 105: <li>Support for 800x480
1.54 bentley 106: has been added to <a href="https://man.openbsd.org/udl.4">udl(4)</a>.
1.7 jsg 107: <li>Support for M-audio Audiophile 192k
1.54 bentley 108: has been added to <a href="https://man.openbsd.org/envy.4">envy(4)</a>.
1.7 jsg 109: <li>Support for Intel Core i3/i5 internal graphics (Ironlake)
1.54 bentley 110: has been added to <a href="https://man.openbsd.org/inteldrm.4">inteldrm(4)</a>
111: and <a href="https://man.openbsd.org/agp.4">agp(4)</a>.
112: <li>The <a href="https://man.openbsd.org/OpenBSD-4.7/ss.4">ss(4)</a> and
113: <a href="https://man.openbsd.org/OpenBSD-4.7/usscanner.4">usscanner(4)</a>
1.14 jasper 114: drivers have been removed.
1.22 mikeb 115: <li>Improved robustness of several SCSI/SAS/RAID HBA drivers, including
1.54 bentley 116: <a href="https://man.openbsd.org/mpi.4">mpi(4)</a>,
117: <a href="https://man.openbsd.org/mpii.4">mpii(4)</a> and
118: <a href="https://man.openbsd.org/ciss.4">ciss(4)</a>.
1.1 deraadt 119: </ul>
120: <p>
121:
122: <li>New tools:
123: <ul>
1.54 bentley 124: <li><a href="https://man.openbsd.org/iked.8">iked(8)</a>,
1.11 jsg 125: an Internet Key Exchange version 2 (IKEv2) daemon.
1.54 bentley 126: <li><a href="https://man.openbsd.org/ldapd.8">ldapd(8)</a>,
1.11 jsg 127: a Lightweight Directory Access Protocol (LDAP) daemon.
1.1 deraadt 128: </ul>
129: <p>
130:
131: <li>Filesystem midlayer improvements:
132: <ul>
1.30 stsp 133: <li>fix internal locking in (still experimental!) NTFS.
1.1 deraadt 134: </ul>
135: <p>
136:
137: <li>OpenBGPD, OpenOSPFD and other routing daemon improvements:
138: <ul>
1.54 bentley 139: <li><a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a> control sockets are now specified in the config file. This removes the -s and -r arguments to bgpd.
1.24 claudio 140: <li>Extended the BGP MPLS VPN support to allow Layer-3 MPLS VPNs to be
141: terminated on OpenBSD with the help of
1.55 ! deraadt 142: <a href="https://man.openbsd.org/mpe.4">mpe(4)</a>,
1.54 bentley 143: <a href="https://man.openbsd.org/ldpd.8">ldpd(8)</a>, and
144: <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>.
145: <li><a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>
1.24 claudio 146: supports multiple FIBs and it is possible to assign them to RIBs for
147: redistribution.
148: <li>bgpd now supports to use neighbor-as in AS filter statements and added
1.54 bentley 149: two new filters – max-as-seq and max-as-len – to limit the length of
1.24 claudio 150: a sequence of a single AS or the total length of an AS path.
151: <li>Added softreconfig support in bgpd for peers changing the RIB.
152: <li>Fixed multiprotocol MRT dumps and added 4-byte AS-Number support in
1.54 bentley 153: <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>.
1.24 claudio 154: <li>Added support for ping6 and traceroute6 in
1.54 bentley 155: <a href="https://man.openbsd.org/bgplg.8">bgplg(8)</a>
1.24 claudio 156: and
1.54 bentley 157: <a href="https://man.openbsd.org/bgplgsh.8">bgplgsh(8)</a>
158: <li><a href="https://man.openbsd.org/ospfd.8">ospfd(8)</a>
1.24 claudio 159: has better LSA pruning and config reload support.
1.54 bentley 160: <li><a href="https://man.openbsd.org/ospf6d.8">ospf6d(8)</a>
1.26 stsp 161: now supports LSAs larger than the link MTU, has improved interoperability
1.20 stsp 162: with other OSPFv3 implementations, can redistribute the default route,
163: and will correctly handle IPv6 prefixes advertised by neighbours on
164: the same link but not configured on the router itself.
1.24 claudio 165: <li>Various improvements in
1.54 bentley 166: <a href="https://man.openbsd.org/ldpd.8">ldpd(8)</a>
1.24 claudio 167: including correct penultimate hop popping, better session handling,
1.32 jj 168: and a improved config file parser.
1.1 deraadt 169: </ul>
170: <p>
171:
172: <li>Generic network stack improvements:
173: <ul>
1.55 ! deraadt 174: <li><a href="https://man.openbsd.org/ifconfig.8">ifconfig(8)</a> and
1.54 bentley 175: <a href="https://man.openbsd.org/route.8">route(8)</a>
1.24 claudio 176: get better Multiprotocol Label Switching support.
1.54 bentley 177: <li><a href="https://man.openbsd.org/traceroute.8">traceroute(8)</a>
1.24 claudio 178: now supports extended ICMP headers which allows printing of MPLS
179: labels.
1.8 stsp 180: <li>Support for RFC 4941 privacy extensions for stateless address
1.54 bentley 181: autoconfiguration has been added to <a href="https://man.openbsd.org/inet6.4">inet6(4)</a> and can be enabled via
182: <a href="https://man.openbsd.org/ifconfig.8">ifconfig(8)</a>.
183: <li><a href="https://man.openbsd.org/ifconfig.8">ifconfig(8)</a>
1.16 schwarze 184: now supports random selection of MAC addresses.
1.54 bentley 185: <li><a href="https://man.openbsd.org/tcpdump.8">tcpdump(8)</a>
1.17 schwarze 186: now decodes Multicast Listener Discovery version 2 and
187: Internet Key Exchange version 2 traffic.
1.54 bentley 188: <li><a href="https://man.openbsd.org/enc.4">enc(4)</a> and
189: <a href="https://man.openbsd.org/ipsec.4">ipsec(4)</a> are now
1.11 jsg 190: aware of routing domains.
1.55 ! deraadt 191: <li><a href="https://man.openbsd.org/dhcpd.8">dhcpd(8)</a> and
! 192: <a href="https://man.openbsd.org/dhclient.8">dhclient(8)</a> and
1.24 claudio 193: are now capable of running in different routing domains.
194: <li>Added MPLS support and a simple keepalive mechanism to
1.54 bentley 195: <a href="https://man.openbsd.org/gre.4">gre(4)</a>.
1.24 claudio 196: <li>Added MPLS support to
1.54 bentley 197: <a href="https://man.openbsd.org/gif.4">gif(4)</a>.
1.24 claudio 198: <li>Support for 802.1ad-style QinQ nested VLANs with the addition of
1.54 bentley 199: <a href="https://man.openbsd.org/svlan.4">svlan(4)</a> (service VLAN) interfaces.
1.24 claudio 200: <li>Added a RTM_DESYNC routing message as indicator that route messages
201: got dropped because of insufficent buffer space.
1.54 bentley 202: <a href="https://man.openbsd.org/ospfd.8">ospfd(8)</a>
1.24 claudio 203: uses this message to keep the internal view of the routing table in sync.
1.1 deraadt 204: </ul>
205: <p>
206:
1.29 krw 207: <li>SCSI improvements:
208: <ul>
1.54 bentley 209: <li>better <a href="https://man.openbsd.org/cd.4">cd(4)</a> detaching.
210: <li>better <a href="https://man.openbsd.org/st.4">st(4)</a> sense data and buf handling.
1.29 krw 211: <li>eliminate excessive delays when starting DVD playing.
212: <li>ask only for minimal (i.e. 18 bytes) sense data, fixing usb devices.
213: <li>migrate to using bufq.
214: <li>always try READ CAPACITY 16 on devices claiming to be SCSI-3.
215: <li>many performance and reliability improvements as a result of new SCSI midlayer:
216: <ul>
1.31 dlg 217: <li>introduce round-robin scheduling of resources for outstanding device commands to prevent a single device from monopolising the bus.
218: <li>significant reduction in memory consumption used for tracking devices attached to buses.
1.29 krw 219: <li>eliminate many unnecessary splbio/splx calls in SCSI drivers.
220: <li>eliminate many use after free's exposed by new SCSI midlayer.
221: <li>eliminate scsi_scsi_cmd(), simplifying calling inside SCSI midlayer.
222: <li>eliminate struct scsi_device.
223: <li>eliminate many uninitialized data references and invalid scsi_done() calls exposed by new SCSI midlayer.
224: <li>eliminate use of EAGAIN.
225: <li>eliminate almost all uses of NO_CCB and XS_NO_CCB.
226: </ul>
227: </ul>
228: <p>
229:
1.1 deraadt 230: <li>Assorted improvements:
231: <ul>
1.54 bentley 232: <li><a href="https://man.openbsd.org/mbtowc.3">mbtowc(3)</a> multi-byte/wide-character conversion functions
1.17 schwarze 233: have been added to the C library, and
1.54 bentley 234: <a href="https://man.openbsd.org/setlocale.3">setlocale(3)</a>
1.17 schwarze 235: now supports the en_US.UTF-8 locale.
1.54 bentley 236: <li><a href="https://man.openbsd.org/posix_madvise.2">posix_madvise(2)</a>,
237: <a href="https://man.openbsd.org/posix_memalign.3">posix_memalign(3)</a>,
238: <a href="https://man.openbsd.org/strndup.3">strndup(3)</a>, and
239: <a href="https://man.openbsd.org/strnlen.3">strnlen(3)</a>
1.17 schwarze 240: have been added to the C library.
1.54 bentley 241: <li>The <a href="https://man.openbsd.org/event.3">event(3)</a> library
1.17 schwarze 242: was updated to version 1.4.14b.
1.54 bentley 243: <li>The <a href="https://man.openbsd.org/pthreads.3">pthreads(3)</a> library
244: now implements the <code>pthread_rwlock_timed{rd,wr}lock</code> interfaces.
1.17 schwarze 245: <li>AES-NI support has been integrated into the OpenSSL
1.54 bentley 246: <a href="https://man.openbsd.org/crypto.3">crypto(3)</a> library.
1.55 ! deraadt 247: <li>MIDI control in non-server mode was added to
1.54 bentley 248: <a href="https://man.openbsd.org/aucat.1">aucat(1)</a>,
1.12 ratchov 249: including seeking within .wav files
250: <li>A new record-what-you-hear feature was added to
1.54 bentley 251: <a href="https://man.openbsd.org/aucat.1">aucat(1)</a>.
1.12 ratchov 252: <li>The minimum extra latency of the
1.54 bentley 253: <a href="https://man.openbsd.org/aucat.1">aucat(1)</a>
1.12 ratchov 254: server was lowered to a single block, improving
255: usability of low-latency programs without stability compromise.
1.54 bentley 256: <li><a href="https://man.openbsd.org/disklabel.8">disklabel(8)</a>
1.16 schwarze 257: now supports unique disk identifiers.
1.54 bentley 258: <li><a href="https://man.openbsd.org/ftp.1">ftp(1)</a>
1.17 schwarze 259: now handles redirection to relative URLs in the Location: header
260: of HTTP responses.
1.54 bentley 261: <li><a href="https://man.openbsd.org/lint.1">lint(1)</a>
1.17 schwarze 262: now recognizes the C99 data types _Bool and _Complex
263: and some related gcc extensions.
1.54 bentley 264: <li><a href="https://man.openbsd.org/make.1">make(1)</a>
1.17 schwarze 265: now allows variables in SysV modifiers,
266: and implements the :QL (quote list) modifier.
1.54 bentley 267: <li><a href="https://man.openbsd.org/man.1">man(1)</a> now allows to combine the -s option with -m or -M.
268: <li>Improved directory editing in <a href="https://man.openbsd.org/mg.1">mg(1)</a>.
269: <li><a href="https://man.openbsd.org/newfs.8">newfs(8)</a> has been tweaked to better support large file systems.
270: <li><a href="https://man.openbsd.org/od.1">od(1)</a>
1.16 schwarze 271: now supports the POSIX -A option to select an input address base.
1.54 bentley 272: <li><a href="https://man.openbsd.org/sendbug.1">sendbug(1)</a>
273: now includes the output of <code>usbdevs -v</code> into the template.
274: <li><a href="https://man.openbsd.org/smtpd.8">smtpd(8)</a>
1.16 schwarze 275: now supports the SIZE and ENHANCEDSTATUSCODES extensions
1.17 schwarze 276: and the "plain" backend for maps, and performance was improved when handling large amounts of mail.
1.54 bentley 277: <li><a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a>
1.24 claudio 278: now supports the IP-FORWARD-MIB.
1.54 bentley 279: <li><a href="https://man.openbsd.org/wsconsctl.8">wsconsctl(8)</a> now handles more than one keyboard, mouse and display.
1.14 jasper 280: <li>Many memory leaks have been fixed in various userland utilities.
1.50 tb 281: <li><a href="amd64.html">amd64</a>,
282: <a href="i386.html">i386</a>,
283: <a href="hppa.html">hppa</a>,
284: <a href="sparc64.html">sparc64</a>,
1.55 ! deraadt 285: <a href="socppc.html">socppc</a> and
1.50 tb 286: <a href="macppc.html">macppc</a>
1.23 mikeb 287: platforms were switched over to gcc4.
1.54 bentley 288: <li><a href="https://man.openbsd.org/newfs.8">newfs(8)</a> now makes FFS2 the default for partitions larger than INT_MAX blocks.
289: <li><a href="https://man.openbsd.org/dhcpd.8">dhcpd(8)</a> now includes the server id in NAK messages, as required by some
1.29 krw 290: relays.
1.54 bentley 291: <li><a href="https://man.openbsd.org/disklabel.8">disklabel(8)</a> now aligns the start and end of FFS partitions on bsize boundaries where it can, to improve performance on 4096-byte block devices.
1.29 krw 292: <li>by default, read and write caching is now turned on for non-USB scsi disks.
1.54 bentley 293: <li><a href="https://man.openbsd.org/getdirentries.2">getdirentries(2)</a> now checks to ensure that it doesn't wrap or truncate directory information on architectures where LONG is a different size from LONG LONG.
294: <li><a href="https://man.openbsd.org/disklabel.8">disklabel(8)</a> now ensures correct physical bounds and disk size are used when building a disklabel from saved ascii disklabel.
1.29 krw 295: <li>it is again possible to build a bsd.rd that has DDB.
1.54 bentley 296: <li><a href="https://man.openbsd.org/pms.4">pms(4)</a> now works much better with various trackpads and over suspend/resume cycles.
297: <li><a href="https://man.openbsd.org/fdisk.8">fdisk(8)</a> now aligns the OpenBSD partition on a power of 2 block boundary to improve performance on 4096-byte block devices.
298: <li><a href="https://man.openbsd.org/nfsd.8">nfsd(8)</a> now logs start up errors to the system log as well as the console.
299: <li><a href="https://man.openbsd.org/nfsd.8">nfsd(8)</a> now errors out if given an invalid number of servers to run.
1.1 deraadt 300: </ul>
301: <p>
302:
303: <li>Install/Upgrade process changes:
304: <ul>
1.13 jasper 305: <li>If the system time is off by more than 120 seconds, ask if the user
306: wants to set it accordingly.
1.54 bentley 307: <li><a href="https://man.openbsd.org/disklabel.8">disklabel(8)</a>
1.16 schwarze 308: now allows to customize auto allocated labels using the -R option.
1.13 jasper 309: <li>Default network install method changed from FTP to HTTP.
310: <li>Automatically set
1.54 bentley 311: <a href="https://man.openbsd.org/pkg.conf.5">/etc/pkg.conf</a>
312: 'installfrom' entry to the public mirror used while installing or upgrading.
313: <li><a href="https://man.openbsd.org/sysmerge.8">sysmerge(8)</a> now automatically installs missing users and groups.
1.29 krw 314: <li>Eliminate more excessively chatty remarks during install.
315: <li>Handle disk UID partitions better.
1.1 deraadt 316: </ul>
317: <p>
318:
1.7 jsg 319: <li>OpenSSH 5.6:
1.1 deraadt 320: <ul>
321: <li>New features:
1.14 jasper 322: <ul>
323: <li>Added a <em>ControlPersist</em> option to
1.54 bentley 324: <a href="https://man.openbsd.org/ssh_config.5">ssh_config(5)</a>.
1.14 jasper 325: <li>Hostbased authentication may now use certificate host keys.
1.54 bentley 326: <li><a href="https://man.openbsd.org/ssh-keygen.1">ssh-keygen(1)</a>
1.14 jasper 327: now supports signing certificate using a CA key that has been stored
328: in a PKCS#11 token.
1.54 bentley 329: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>
1.14 jasper 330: will now log the hostname and address that we connected to at
331: LogLevel=verbose after authentication is successful to mitigate
332: "phishing" attacks.
333: <li>Expand %h to the hostname in ssh_config Hostname options.
1.54 bentley 334: <li>Allow <a href="https://man.openbsd.org/ssh-keygen.1">ssh-keygen(1)</a>
1.14 jasper 335: to import and export of PEM and PKCS#8 keys.
1.54 bentley 336: <li><a href="https://man.openbsd.org/sshd.8">sshd(8)</a>
1.14 jasper 337: will now queue debug messages for bad ownership or permissions on
338: the user's keyfiles encountered during authentication.
1.54 bentley 339: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>
1.14 jasper 340: connection multiplexing now supports remote forwarding with
341: dynamic port allocation and can report the allocated port back to
342: the user.
1.54 bentley 343: <li><a href="https://man.openbsd.org/sshd.8">sshd(8)</a>
1.14 jasper 344: now supports indirection in matching of principal names listed in
345: certificates.
1.54 bentley 346: <a href="https://man.openbsd.org/sshd.8">sshd(8)</a>
1.14 jasper 347: now has a new <em>AuthorizedPrincipalsFile</em> option.
1.54 bentley 348: <li>Additional <a href="https://man.openbsd.org/sshd_config.5">sshd_config(5)</a>
1.14 jasper 349: options are now valid inside Match blocks:
350: <ul>
351: <li><em>AuthorizedKeysFile</em>
352: <li><em>AuthorizedPrincipalsFile</em>
353: <li><em>HostbasedUsesNameFromPacketOnly</em>
354: <li><em>PermitTunnel</em>
355: </ul>
1.1 deraadt 356: </ul>
357: <li>The following significant bugs have been fixed in this release:
358: <ul>
1.14 jasper 359: <li>The PKCS#11 code now retries a lookup for a private key if there is
360: no matching key with <em>CKA_SIGN</em> attribute enabled (bz#1736).
361: <li>Unbreak strdelim() skipping past quoted strings.
1.54 bentley 362: <li><a href="https://man.openbsd.org/sftp.1">sftp(1)</a>:
1.14 jasper 363: fix swapped args in upload_dir_internal() (bz#1797).
364: <li>Fix a longstanding problem where if you suspend
1.54 bentley 365: <a href="https://man.openbsd.org/scp.1">scp(1)</a>
1.14 jasper 366: at the password/passphrase prompt the terminal mode is not restored.
367: <li>Fix a PKCS#11 crash on some smartcards by validating the length
368: returned for C_GetAttributValue (bz#1773).
1.54 bentley 369: <li><a href="https://man.openbsd.org/sftp.1">sftp(1)</a>:
1.14 jasper 370: fix ls in working directories that contain globbing
371: characters in their pathnames (bz#1655).
372: <li>Print warning for missing home directory when
373: <em>ChrootDirectory=none.</em> (bz#1564).
1.54 bentley 374: <li><a href="https://man.openbsd.org/sftp.1">sftp(1)</a>:
1.14 jasper 375: fix a memory leak in do_realpath() error path (bz#1771).
1.54 bentley 376: <li><a href="https://man.openbsd.org/ssh-keygen.1">ssh-keygen(1)</a>:
1.14 jasper 377: Standardise error messages when attempting to open
378: private key files to include "progname: filename: error reason" (bz#1783).
379: <li>Replace verbose and overflow-prone Linebuf code with
380: read_keyfile_line() (bz#1565).
381: <li>Include the user name on "subsystem request for ..." log messages.
1.54 bentley 382: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>
1.14 jasper 383: and
1.54 bentley 384: <a href="https://man.openbsd.org/sshd.8">sshd(8)</a>:
1.14 jasper 385: remove hardcoded limit of 100 permitopen clauses and port forwards
386: per direction (bz#1327).
1.54 bentley 387: <li><a href="https://man.openbsd.org/sshd.8">sshd(8)</a>:
1.14 jasper 388: ignore stderr output from subsystems to avoid hangs if a subsystem
389: or shell initialisation writes to stderr (bz#1750).
390: <li>Skip the initial check for access with an empty password when
391: <em>PermitEmptyPasswords=no</em> (bz#1638).
1.54 bentley 392: <li><a href="https://man.openbsd.org/sshd.8">sshd(8)</a>:
1.14 jasper 393: fix logspam when key options (from="..." especially) deny
394: non-matching keys (bz#1765).
1.54 bentley 395: <li><a href="https://man.openbsd.org/ssh-keygen.1">ssh-keygen(1)</a>:
1.14 jasper 396: display a more helpful error message when $HOME is
397: inaccessible while trying to create .ssh directory (bz#1740).
1.54 bentley 398: <li><a href="https://man.openbsd.org/ssh.1">ssh(1)</a>:
1.14 jasper 399: fix hang when terminating a mux slave using ~ (bz#1758).
1.54 bentley 400: <li><a href="https://man.openbsd.org/ssh-keygen.1">ssh-keygen(1)</a>:
1.14 jasper 401: refuse to generate keys longer than
402: <em>OPENSSL_[RD]SA_MAX_MODULUS_BITS</em> (bz#1516).
403: <li>Suppress spurious tty warning when using -O and stdin is not a tty
404: (bz#1746).
405: <li>Kill channel when pty allocation requests fail (bz#1698).
1.1 deraadt 406: </ul>
407: </ul>
408: <p>
409:
1.15 schwarze 410: <li>Mandoc 1.10.5:
411: <ul>
1.54 bentley 412: <li>The <a href="https://man.openbsd.org/mandoc.1">mandoc(1)</a>
1.15 schwarze 413: utility is now used to build all manuals in the base system
414: and in Xenocara from
1.54 bentley 415: <a href="https://man.openbsd.org/mdoc.7">mdoc(7)</a> and
416: <a href="https://man.openbsd.org/man.7">man(7)</a>
1.15 schwarze 417: sources.
418: <li>New integrated roff preprocessor with minimal support for conditional
419: requests, nested roff requests, string definitions, roff registers,
420: also parsing and ignoring macro definitions.
421: <li>Improved support for manual pages generated by
1.54 bentley 422: <a href="https://man.openbsd.org/pod2man.1">pod2man(1)</a>.
1.15 schwarze 423: <li>Many parser improvements, in particular
1.54 bentley 424: <a href="https://man.openbsd.org/mdoc.7">mdoc(7)</a>
1.15 schwarze 425: support for word keeps, synopsis mode in arbitrary sections,
426: graceful handling of badly nested blocks, and improved parsing
427: of column displays.
428: <li>New PostScript and PDF output frontends.
429: <li>Many ASCII and HTML output formatting improvements, for example
430: proper synopsis indentation and improved end-of-sentence detection.
431: <li>Considerably improved syntax checking and error reporting.
432: </ul>
1.1 deraadt 433: <p>
434:
435: <li>Over 6,400 ports, major robustness and speed improvements in package tools.
436: <li>Many pre-built packages for each architecture:
1.54 bentley 437: <ul style="column-count: 4">
1.1 deraadt 438: <li>i386: 6218
439: <li>sparc64: 5950
440: <li>alpha: 5827
1.18 deraadt 441: <li>sh: 1100
1.1 deraadt 442: <li>amd64: 6166
443: <li>powerpc: 5996
444: <li>sparc: 4130
1.19 deraadt 445: <li>arm: 5628
1.1 deraadt 446: <li>hppa: 5632
447: <li>vax: 1528
448: <li>mips64: 3632
449: <li>mips64el: 4486
1.54 bentley 450: </ul>
1.1 deraadt 451: Some highlights:
452: <ul>
1.3 landry 453: <li>Gnome 2.30.2.
1.1 deraadt 454: <li>KDE 3.5.10.
1.3 landry 455: <li>Xfce 4.6.2.
1.5 jasper 456: <li>MySQL 5.1.48.
1.3 landry 457: <li>PostgreSQL 8.4.4.
458: <li>Postfix 2.7.1.
1.1 deraadt 459: <li>OpenLDAP 2.3.43.
1.3 landry 460: <li>Mozilla Firefox 3.6.8 and 3.5.11.
461: <li>Mozilla Thunderbird 3.1.1.
462: <li>OpenOffice.org 3.2.1.
1.1 deraadt 463: <li>Emacs 21.4 and 22.3
1.3 landry 464: <li>Vim 7.2.444.
465: <li>PHP 5.2.13.
466: <li>Python 2.4.6, 2.5.4 and 2.6.5.
1.1 deraadt 467: <li>Ruby 1.8.6.369.
1.13 jasper 468: <li>Mono 2.6.4.
1.1 deraadt 469: </ul>
470: <p>
471:
472: <li>As usual, steady improvements in manual pages and other documentation.
473: <p>
474:
475: <li>The system includes the following major components from outside suppliers:
476: <ul>
1.9 matthieu 477: <li>Xenocara (based on X.Org 7.5 with xserver 1.8 + patches,
1.4 jasper 478: freetype 2.3.12,
479: fontconfig 2.8.0, Mesa 7.8.2, xterm 258 and more)
480: <li>Gcc 2.95.3 (+ patches), 3.3.5 (+ patches) and 4.2.1 (+patches)
1.1 deraadt 481: <li>Perl 5.10.1 (+ patches)
482: <li>Our improved and secured version of Apache 1.3, with SSL/TLS
483: and DSO support
484: <li>OpenSSL 0.9.8k (+ patches)
485: <li>Groff 1.15
486: <li>Sendmail 8.14.3, with libmilter
487: <li>Bind 9.4.2-P2 (+ patches)
488: <li>Lynx 2.8.6rel.5 with HTTPS and IPv6 support (+ patches)
489: <li>Sudo 1.7.2
490: <li>Ncurses 5.7
491: <li>Latest KAME IPv6
492: <li>Heimdal 0.7.2 (+ patches)
493: <li>Arla 0.35.7
494: <li>Binutils 2.15 (+ patches)
495: <li>Gdb 6.3 (+ patches)
496: </ul>
497: </ul>
1.54 bentley 498: </section>
1.1 deraadt 499:
500: <hr>
1.54 bentley 501:
502: <section id=install>
503: <h3>How to install</h3>
504:
1.1 deraadt 505: <p>
506: Following this are the instructions which you would have on a piece of
507: paper if you had purchased a CDROM set instead of doing an alternate
508: form of install. The instructions for doing an FTP (or other style
509: of) install are very similar; the CDROM instructions are left intact
510: so that you can see how much easier it would have been if you had
511: purchased a CDROM instead.
512: <p>
513:
514: <hr>
515: Please refer to the following files on the three CDROMs or FTP mirror for
516: extensive details on how to install OpenBSD 4.8 on your machine:
517: <p>
518: <ul>
519: <li>CD1:4.8/i386/INSTALL.i386
520: <p>
521: <li>CD2:4.8/amd64/INSTALL.amd64
522: <li>CD2:4.8/macppc/INSTALL.macppc
523: <p>
524: <li>CD3:4.8/sparc64/INSTALL.sparc64
525: <p>
526: <li>FTP:.../OpenBSD/4.8/alpha/INSTALL.alpha
527: <li>FTP:.../OpenBSD/4.8/armish/INSTALL.armish
528: <li>FTP:.../OpenBSD/4.8/hp300/INSTALL.hp300
529: <li>FTP:.../OpenBSD/4.8/hppa/INSTALL.hppa
530: <li>FTP:.../OpenBSD/4.8/landisk/INSTALL.landisk
531: <li>FTP:.../OpenBSD/4.8/loongson/INSTALL.loongson
532: <li>FTP:.../OpenBSD/4.8/mvme68k/INSTALL.mvme68k
533: <li>FTP:.../OpenBSD/4.8/mvme88k/INSTALL.mvme88k
534: <li>FTP:.../OpenBSD/4.8/sgi/INSTALL.sgi
535: <li>FTP:.../OpenBSD/4.8/socppc/INSTALL.socppc
536: <li>FTP:.../OpenBSD/4.8/sparc/INSTALL.sparc
537: <li>FTP:.../OpenBSD/4.8/vax/INSTALL.vax
538: <li>FTP:.../OpenBSD/4.8/zaurus/INSTALL.zaurus
539: </ul>
540: <hr>
541:
1.54 bentley 542: <section id=quickinstall>
543:
1.1 deraadt 544: <p>
545: Quick installer information for people familiar with OpenBSD, and the
546: use of the "disklabel -E" command. If you are at all confused when
547: installing OpenBSD, read the relevant INSTALL.* file as listed above!
1.54 bentley 548:
549: <h3>OpenBSD/i386:</h3>
550:
1.1 deraadt 551: <p>
552: Play with your BIOS options to enable booting from a CD. The OpenBSD/i386
553: release is on CD1. If your BIOS does not support booting from CD, you will need
554: to create a boot floppy to install from. To create a boot floppy write
555: <i>CD1:4.8/i386/floppy48.fs</i> to a floppy and boot via the floppy drive.
556:
557: <p>
558: Use <i>CD1:4.8/i386/floppyB48.fs</i> instead for greater SCSI controller
559: support, or <i>CD1:4.8/i386/floppyC48.fs</i> for better laptop support.
560:
561: <p>
562: If you can't boot from a CD or a floppy disk,
563: you can install across the network using PXE as described in
564: the included INSTALL.i386 document.
565:
566: <p>
567: If you are planning on dual booting OpenBSD with another OS, you will need to
568: read INSTALL.i386.
569:
570: <p>
571: To make a boot floppy under MS-DOS, use the "rawrite" utility located
572: at <i>CD1:4.8/tools/rawrite.exe</i>. To make the boot floppy under a Unix OS,
573: use the
1.54 bentley 574: <a href="https://man.openbsd.org/dd.1">dd(1)</a>
1.1 deraadt 575: utility. The following is an example usage of
1.54 bentley 576: <a href="https://man.openbsd.org/dd.1">dd(1)</a>,
1.1 deraadt 577: where the device could be "floppy", "rfd0c", or
578: "rfd0a".
579:
1.54 bentley 580: <blockquote><pre>
1.1 deraadt 581: # <strong>dd if=<file> of=/dev/<device> bs=32k</strong>
1.54 bentley 582: </pre></blockquote>
1.1 deraadt 583:
584: <p>
585: Make sure you use properly formatted perfect floppies with NO BAD BLOCKS or
586: your install will most likely fail. For more information on creating a boot
587: floppy and installing OpenBSD/i386 please refer to
1.49 tj 588: <a href="faq/faq4.html#MkFlop">this page</a>.
1.54 bentley 589:
590: <h3>OpenBSD/amd64:</h3>
1.1 deraadt 591:
592: <p>
593: The 4.8 release of OpenBSD/amd64 is located on CD2.
594: Boot from the CD to begin the install - you may need to adjust
595: your BIOS options first.
596: If you can't boot from the CD, you can create a boot floppy to install from.
597: To do this, write <i>CD2:4.8/amd64/floppy48.fs</i> to a floppy, then
598: boot from the floppy drive.
599:
600: <p>
601: If you can't boot from a CD or a floppy disk,
602: you can install across the network using PXE as described in the included
603: INSTALL.amd64 document.
604:
605: <p>
606: If you are planning to dual boot OpenBSD with another OS, you will need to
607: read INSTALL.amd64.
1.54 bentley 608:
609: <h3>OpenBSD/macppc:</h3>
1.1 deraadt 610:
611: <p>
612: Put CD2 in your CDROM drive and poweron your machine while holding down the
613: <i>C</i> key until the display turns on and shows <i>OpenBSD/macppc boot</i>.
614:
615: <p>
616: Alternatively, at the Open Firmware prompt, enter <i>boot cd:,ofwboot
617: /4.8/macppc/bsd.rd</i>
1.54 bentley 618:
619: <h3>OpenBSD/sparc64:</h3>
1.1 deraadt 620:
621: <p>
622: Put CD3 in your CDROM drive and type <i>boot cdrom</i>.
623:
624: <p>
625: If this doesn't work, or if you don't have a CDROM drive, you can write
626: <i>CD3:4.8/sparc64/floppy48.fs</i> or <i>CD3:4.8/sparc64/floppyB48.fs</i>
627: (depending on your machine) to a floppy and boot it with <i>boot
628: floppy</i>. Refer to INSTALL.sparc64 for details.
629:
630: <p>
631: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
632: will most likely fail.
633:
634: <p>
635: You can also write <i>CD3:4.8/sparc64/miniroot48.fs</i> to the swap partition on
636: the disk and boot with <i>boot disk:b</i>.
637:
638: <p>
639: If nothing works, you can boot over the network as described in INSTALL.sparc64.
1.54 bentley 640:
641: <h3>OpenBSD/alpha:</h3>
1.1 deraadt 642:
643: <p>
1.54 bentley 644: Write <i>FTP:4.8/alpha/floppy48.fs</i> or
1.1 deraadt 645: <i>FTP:4.8/alpha/floppyB48.fs</i> (depending on your machine) to a diskette and
646: enter <i>boot dva0</i>. Refer to INSTALL.alpha for more details.
647:
648: <p>
649: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
650: will most likely fail.
651:
1.54 bentley 652: <h3>OpenBSD/armish:</h3>
1.1 deraadt 653:
654: <p>
655: After connecting a serial port, Thecus can boot directly from the network
656: either tftp or http. Configure the network using fconfig, reset,
657: then load bsd.rd, see INSTALL.armish for specific details.
658: IOData HDL-G can only boot from an EXT-2 partition. Boot into linux
659: and copy 'boot' and bsd.rd into the first partition on wd0 (hda1)
660: then load and run bsd.rd, preserving the wd0i (hda1) ext2fs partition.
661: More details are available in INSTALL.armish.
662:
1.54 bentley 663: <h3>OpenBSD/hp300:</h3>
664:
1.1 deraadt 665: <p>
666: Boot over the network by following the instructions in INSTALL.hp300.
667:
1.54 bentley 668: <h3>OpenBSD/hppa:</h3>
669:
1.1 deraadt 670: <p>
671: Boot over the network by following the instructions in INSTALL.hppa or the
672: <a href="hppa.html#install">hppa platform page</a>.
1.54 bentley 673:
674: <h3>OpenBSD/landisk:</h3>
1.1 deraadt 675:
676: <p>
677: Write <i>miniroot48.fs</i> to the start of the CF
678: or disk, and boot normally.
679:
1.54 bentley 680: <h3>OpenBSD/loongson:</h3>
681:
1.1 deraadt 682: <p>
683: Write <i>miniroot48.fs</i> to a USB stick and boot bsd.rd from it
684: or boot bsd.rd via tftp.
685: Refer to the instructions in INSTALL.loongson for more details.
686:
1.54 bentley 687: <h3>OpenBSD/mvme68k:</h3>
688:
1.1 deraadt 689: <p>
690: You can create a bootable installation tape or boot over the network.<br>
691: The network boot requires a MVME68K BUG version that supports the <i>NIOT</i>
692: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme68k
693: for more details.
694:
1.54 bentley 695: <h3>OpenBSD/mvme88k:</h3>
696:
1.1 deraadt 697: <p>
698: You can create a bootable installation tape or boot over the network.<br>
699: The network boot requires a MVME88K BUG version that supports the <i>NIOT</i>
700: and <i>NBO</i> debugger commands. Follow the instructions in INSTALL.mvme88k
701: for more details.
1.54 bentley 702:
703: <h3>OpenBSD/sgi:</h3>
1.1 deraadt 704:
705: <p>
706: To install on an O2, burn cd48.iso on a CD-R, put it in the CD drive of your
707: machine and select <i>Install System Software</i> from the System Maintenance
708: menu.
709:
710: <p>
711: On other systems, or if your machine doesn't have a CD drive, you can
712: setup a DHCP/tftp network server, and boot using "bootp()/bsd.rd.IP##" using
713: the kernel matching your system type.
714: Refer to the instructions in INSTALL.sgi for more details.
715:
1.54 bentley 716: <h3>OpenBSD/socppc:</h3>
717:
1.1 deraadt 718: <p>
719: After connecting a serial port, boot over the network via DHCP/tftp.
720: Refer to the instructions in INSTALL.socppc for more details.
1.54 bentley 721:
722: <h3>OpenBSD/sparc:</h3>
1.1 deraadt 723:
724: <p>
725: Boot from one of the provided install ISO images, using one of the two
726: commands listed below, depending on the version of your ROM.
727:
1.54 bentley 728: <blockquote><pre>
729: ok <kbd>boot cdrom 4.8/sparc/bsd.rd</kbd>
1.1 deraadt 730: or
1.54 bentley 731: > <kbd>b sd(0,6,0)4.8/sparc/bsd.rd</kbd>
732: </pre></blockquote>
1.1 deraadt 733:
734: <p>
735: If your SPARC system does not have a CD drive, you can alternatively boot from floppy.
736: To do so you need to write <i>floppy48.fs</i> to a floppy.
1.49 tj 737: For more information see <a href="faq/faq4.html#MkFlop">this page</a>.
1.1 deraadt 738: To boot from the floppy use one of the two commands listed below,
739: depending on the version of your ROM.
740:
1.54 bentley 741: <blockquote><pre>
742: ok <kbd>boot floppy</kbd>
1.1 deraadt 743: or
1.54 bentley 744: > <kbd>b fd()</kbd>
745: </pre></blockquote>
1.1 deraadt 746:
747: <p>
748: Make sure you use a properly formatted floppy with NO BAD BLOCKS or your install
749: will most likely fail.
750:
751: <p>
752: If your SPARC system doesn't have a floppy drive nor a CD drive, you can either
753: setup a bootable tape, or install via network, as told in the
754: INSTALL.sparc file.
1.54 bentley 755:
756: <h3>OpenBSD/vax:</h3>
1.1 deraadt 757:
758: <p>
759: Boot over the network via mopbooting as described in INSTALL.vax.
760:
1.54 bentley 761: <h3>OpenBSD/zaurus:</h3>
762:
1.1 deraadt 763: <p>
764: Using the Linux built-in graphical ipkg installer, install the
765: openbsd48_arm.ipk package. Reboot, then run it. Read INSTALL.zaurus
766: for a few important details.
1.54 bentley 767:
768: </section>
769:
770: <section id=sourcecode>
771: <h3>Notes about the source code:</h3>
1.1 deraadt 772:
773: <p>
774: src.tar.gz contains a source archive starting at /usr/src. This file
775: contains everything you need except for the kernel sources, which are
776: in a separate archive. To extract:
1.54 bentley 777:
778: <blockquote><pre>
779: # <kbd>mkdir -p /usr/src</kbd>
780: # <kbd>cd /usr/src</kbd>
781: # <kbd>tar xvfz /tmp/src.tar.gz</kbd>
782: </pre></blockquote>
783:
1.1 deraadt 784: <p>
785: sys.tar.gz contains a source archive starting at /usr/src/sys.
786: This file contains all the kernel sources you need to rebuild kernels.
787: To extract:
1.54 bentley 788:
789: <blockquote><pre>
790: # <kbd>mkdir -p /usr/src/sys</kbd>
791: # <kbd>cd /usr/src</kbd>
1.1 deraadt 792: # <strong>tar xvfz /tmp/sys.tar.gz</strong>
1.54 bentley 793: </pre></blockquote>
794:
1.1 deraadt 795: <p>
796: Both of these trees are a regular CVS checkout. Using these trees it
797: is possible to get a head-start on using the anoncvs servers as
798: described <a href="anoncvs.html">here</a>.
799: Using these files
800: results in a much faster initial CVS update than you could expect from
801: a fresh checkout of the full OpenBSD source tree.
802:
1.54 bentley 803: </section>
804: </section>
805:
1.1 deraadt 806: <hr>
1.54 bentley 807:
808: <section id=upgrade>
809: <h3>How to upgrade</h3>
1.1 deraadt 810: <p>
811: If you already have an OpenBSD 4.7 system, and do not want to reinstall,
812: upgrade instructions and advice can be found in the
813: <a href="faq/upgrade48.html">Upgrade Guide</a>.
1.54 bentley 814: </section>
1.1 deraadt 815:
816: <hr>
1.54 bentley 817:
818: <section id=ports>
819: <h3>Ports Tree</h3>
1.1 deraadt 820: <p>
821: A ports tree archive is also provided. To extract:
822: <p>
1.54 bentley 823: <blockquote><pre>
824: # <kbd>cd /usr</kbd>
825: # <kbd>tar xvfz /tmp/ports.tar.gz</kbd>
826: # <kbd>cd ports</kbd>
827: </pre></blockquote>
1.1 deraadt 828: <p>
829: The <i>ports/</i> subdirectory is a checkout of the OpenBSD ports tree. Go
830: read the <a href="faq/ports/index.html">ports</a> page
831: if you know nothing about ports
832: at this point. This text is not a manual of how to use ports.
833: Rather, it is a set of notes meant to kickstart the user on the
834: OpenBSD ports system.
835: <p>
836: The <i>ports/</i> directory represents a CVS (see the manpage for
1.54 bentley 837: <a href="https://man.openbsd.org/cvs.1">
1.1 deraadt 838: cvs(1)</a> if
839: you aren't familiar with CVS) checkout of our ports. As with our complete
840: source tree, our ports tree is available via anoncvs. So, in
841: order to keep current with it, you must make the <i>ports/</i> tree
842: available on a read-write medium and update the tree with a command
843: like:
844: <p>
1.54 bentley 845: <blockquote><pre>
1.1 deraadt 846: # <strong>cd [portsdir]/; cvs -d anoncvs@server.openbsd.org:/cvs update -Pd -rOPENBSD_4_8</strong>
1.54 bentley 847: </pre></blockquote>
1.1 deraadt 848: <p>
849: [Of course, you must replace the local directory and server name here
850: with the location of your ports collection and a nearby anoncvs
851: server.]
852: <p>
853: Note that most ports are available as packages through FTP. Updated
854: packages for the 4.8 release will be made available if problems arise.
855: <p>
856: If you're interested in seeing a port added, would like to help out, or just
857: would like to know more, the mailing list ports@openbsd.org is a good
858: place to know.
1.54 bentley 859: </section>