===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/50.html,v
retrieving revision 1.22
retrieving revision 1.23
diff -u -r1.22 -r1.23
--- www/50.html 2016/03/21 05:46:19 1.22
+++ www/50.html 2016/03/22 10:54:42 1.23
@@ -60,140 +60,140 @@
- MSI interrupts for many devices, on those architectures which can
support them (amd64, i386, sparc64 only so far).
-
- A new dma_alloc(9) API makes it easier for kernel code to allocate
+
- A new dma_alloc(9) API makes it easier for kernel code to allocate
dma-safe memory. Many drivers (especially network drivers) and
subsystems (in particular scsi and the buffer cache) were adapted
to use this.
- As a result, big-memory support has been enabled on all possible
architectures.
-
- The rather rare bce(4) driver now copies mbufs all the time, to cope
+
- The rather rare bce(4) driver now copies mbufs all the time, to cope
with the hardware having a 1GB limit.
-
- Added hds(4), a driver for Hitachi Modular Storage SCSI devices.
-
- Added myx(4), a driver for the Myricom Myri-10G 10GB Ethernet devices.
-
- Added dfs(4), a driver for Dynamic Frequency Switching on some macppc
+
- Added hds(4), a driver for Hitachi Modular Storage SCSI devices.
+
- Added myx(4), a driver for the Myricom Myri-10G 10GB Ethernet devices.
+
- Added dfs(4), a driver for Dynamic Frequency Switching on some macppc
systems.
-
- cardbus(4) and pcmcia(4) support on sgi.
+
- cardbus(4) and pcmcia(4) support on sgi.
- Suspend/resume support on Loongson Yeelong laptops.
Generic network stack improvements:
- - Added support for sending Wake on Lan packets using arp(8).
-
- Permit turning Wake on Lan support on/off using ifconfig(8).
-
- Added Wake on Lan support to xl(4), re(4), and vr(4).
-
- Allow ftp-proxy(8) to proxy across rdomains.
+
- Added support for sending Wake on Lan packets using arp(8).
+
- Permit turning Wake on Lan support on/off using ifconfig(8).
+
- Added Wake on Lan support to xl(4), re(4), and vr(4).
+
- Allow ftp-proxy(8) to proxy across rdomains.
- The IPv4 stack will no longer accept ICMP redirects when
acting as a router.
- By default the IPv6 stack will not process ICMP6 redirects.
- rtsol(8) will turn it back if -F is used.
-
- Reworked large parts of the dhclient(8) options processing for better
+ rtsol(8) will turn it back if -F is used.
+
- Reworked large parts of the dhclient(8) options processing for better
interoperability.
-
- Fixed carp(4) to work in IPv6 only setups.
-
- Make it possible to bind(2) to the local network broadcast address
+
- Fixed carp(4) to work in IPv6 only setups.
+
- Make it possible to bind(2) to the local network broadcast address
on datagram and raw sockets.
- The default multicast reject route is now ignored if the UDP socket
uses the IP_MULTICAST_IF socket option.
-
- Make gre(4) work between systems in the same LAN.
-
- Removed the link1 mode special addressing mode on lo(4).
+
- Make gre(4) work between systems in the same LAN.
+
- Removed the link1 mode special addressing mode on lo(4).
- Kernel randomization speed and quality improved substantially.
Routing daemons and other userland network improvements:
- - bgpd(8) no longer bumps the rlimits: the rc.d framework respects
+
- bgpd(8) no longer bumps the rlimits: the rc.d framework respects
login classes which is a much better solution.
-
- Correctly set the network filtersets on reload in bgpd(8).
+
- Correctly set the network filtersets on reload in bgpd(8).
- The routing socket is now sending RTM_DESYNC messages if the
socketbuffer overflows.
-
- Allow ospfd(8) to send out LS updates and other messages
+
- Allow ospfd(8) to send out LS updates and other messages
larger than the MTU.
-
- Fixed nexthop calculation in ospfd(8) for directly connected P2P links.
-
- First bits to support opaque LSA in ospfd(8). Only basic redistribute
+
- Fixed nexthop calculation in ospfd(8) for directly connected P2P links.
+
- First bits to support opaque LSA in ospfd(8). Only basic redistribute
logic and LSDB handling for now.
-
- Creating new interfaces will no longer cause a fatal error in ospf6d(8).
-
- ospf6d(8) handles link-state changes better.
-
- Better loopback handling in ospf6d(8).
-
- No longer install extra multicast routes in ripd(8) and ldpd(8).
-
- Make kqueue(2) work with sosplice(9).
-
- Enabled sosplice(9) in relayd(8) for TCP.
+
- Creating new interfaces will no longer cause a fatal error in ospf6d(8).
+
- ospf6d(8) handles link-state changes better.
+
- Better loopback handling in ospf6d(8).
+
- No longer install extra multicast routes in ripd(8) and ldpd(8).
+
- Make kqueue(2) work with sosplice(9).
+
- Enabled sosplice(9) in relayd(8) for TCP.
- Added support for divert-to which provides some benefits over
- rdr-to in relayd(8).
-
- Fixed trap sending in snmpd(8).
-
- Make ping6(8) compare minimum amount of bytes between what
+ rdr-to in relayd(8).
+
- Fixed trap sending in snmpd(8).
+
- Make ping6(8) compare minimum amount of bytes between what
was received and what was sent out.
-
- Make traceroute(8) with type-of-service setted (-t) display
+
- Make traceroute(8) with type-of-service setted (-t) display
a message if the returned packet has a different tos type.
- Added the socket splicing fields of struct socket to netstat -vP output.
-
pf(4) improvements:
+pf(4) improvements:
- - Make pf(4) reassemble IPv6 fragments. In the forward case, pf
+
- Make pf(4) reassemble IPv6 fragments. In the forward case, pf
refragments the packets with the same maximum size.
-
- Allow pf(4) to filter on the rdomain a packet belongs to.
-
- Make pf(4) allow userland proxies to establish cross rdomain
+
- Allow pf(4) to filter on the rdomain a packet belongs to.
+
- Make pf(4) allow userland proxies to establish cross rdomain
proxy sessions.
-
- Added IPv6 ACK prioritization in pf(4).
+
- Added IPv6 ACK prioritization in pf(4).
- Change 'set skip on <...>' to work with interface groups.
-
- pfsync(4) supports IPv6 as network protocol.
-
- Switched ftp-proxy(8) over to divert-to instead of rdr-to.
-
- tftp-proxy(8) uses 'divert-to' as well.
+
- pfsync(4) supports IPv6 as network protocol.
+
- Switched ftp-proxy(8) over to divert-to instead of rdr-to.
+
- tftp-proxy(8) uses 'divert-to' as well.
SCSI improvements:
- most SCSI hardware drivers now use the new iopools infrastructure.
-
- scsi(4) devices are now all provided with a unique devid, which
+
- scsi(4) devices are now all provided with a unique devid, which
is displayed during the probe process.
- ASC/ASCQ error codes and verbiage now in sync with
http://www.t10.org/lists/asc-num.txt.
- progress on iSCSI includes better login, better logout, preliminary
- FSM support in iscsid(8), and improved logging and debug information.
-
- uk(4) can now safely and reliably detach an unknown SCSI device.
-
- mpath(4) device and kernel support is improved.
-
- vscsi(4) now ensures output always goes to the correct connection.
-
- vscsi(4) connections can now be reset gracefully.
-
- scsi(4) devices on fibre channel fabrics no longer inherit the adapter's
+ FSM support in iscsid(8), and improved logging and debug information.
+
- uk(4) can now safely and reliably detach an unknown SCSI device.
+
- mpath(4) device and kernel support is improved.
+
- vscsi(4) now ensures output always goes to the correct connection.
+
- vscsi(4) connections can now be reset gracefully.
+
- scsi(4) devices on fibre channel fabrics no longer inherit the adapter's
address.
Assorted improvements:
- - For additional security, security(8) was rewritten in Perl.
-
- Mandoc 1.11.4: Now accepts eqn(7) input (no fancy formatting yet)
+
- For additional security, security(8) was rewritten in Perl.
+
- Mandoc 1.11.4: Now accepts eqn(7) input (no fancy formatting yet)
and supports -Tutf8 output (but no utf8 input yet).
- Removed a variety of OS-compat emulation code, leaving just the Linux
support.
- Small improvements to Linux compat (only available on i386).
-
- Improved our own pkg-config(1) implementation with extended comparison
+
- Improved our own pkg-config(1) implementation with extended comparison
scheme and implementing various new options.
- The math library, libm, was fully fleshed out to support all C99 required
parts. Many bugs for various architectures were fixed along the way.
-
- malloc(3) is a lot faster and has a few further security features (more
+
- malloc(3) is a lot faster and has a few further security features (more
randomization, as well as the 'S' flag to enable all paranoia checks).
- 'make depend' is no longer neccessary in kernel compilation directories
since the dependencies are calculated automatically.
- Increased the default size of the buffer cache.
-
- kqueue(2) now works on /dev/random and spliced sockets
+
- kqueue(2) now works on /dev/random and spliced sockets
- On MBR-based disks, scan through up to 256 extended partition tables
when looking for an OpenBSD partition table.
-
- Added POSIX 2008 fdopendir(3) and openat(2) functions, as well as the
+
- Added POSIX 2008 fdopendir(3) and openat(2) functions, as well as the
O_CLOEXEC, O_DIRECTORY, and F_DUPFD_CLOEXEC flags.
- Improved lint format string checks and added a few other checks.
-
- kdump(1) now dumps stat and sockaddr structures, sysctl mib
+
- kdump(1) now dumps stat and sockaddr structures, sysctl mib
strings, and decodes syscall flags and operation bits.
- Improved kernel pool debug checking.
- Improved correctness of signals and various syscalls when rthreads
are in use.
-
- Kernel malloc(9) space and stacks moved to non-dma memory.
+
- Kernel malloc(9) space and stacks moved to non-dma memory.
- Fixed some shutdown/reboot hangs on NFS clients.
- UNIX-domain socket paths are now guaranteed to be NUL-terminated.
-
- Added support for *wprintf(3), wcs{,n}casecmp(3), and wcsdup(3).
+
- Added support for *wprintf(3), wcs{,n}casecmp(3), and wcsdup(3).
- NULL is now a (void *).
@@ -201,18 +201,18 @@
Install/Upgrade process changes:
- Completed support for DUID disk installs, and enabled it fully.
-
- Tried to make sysmerge(8) work in the installer, but ran into small
+
- Tried to make sysmerge(8) work in the installer, but ran into small
problems and decided to disable it.
- Install non-free firmwares from the internet upon first boot, based on a
question in the installer.
-
- svnd(4)-like behaviour became the default for vnd(4) devices. This is
+
- svnd(4)-like behaviour became the default for vnd(4) devices. This is
what is used to build the media.
-
rc.d(8) framework improvements:
+rc.d(8) framework improvements:
- - rc.d(8) is now also used for the base system daemons.
+
- rc.d(8) is now also used for the base system daemons.
- Backward compatible with the historic way of starting daemons.
- Notify the user by appending (ok) or (failed) in interactive mode.
- Better diagnostics with the introduction of RC_DEBUG.
@@ -224,73 +224,73 @@
- New features:
- Introduce sandboxing of the pre-auth privsep child using an optional
- sshd_config(5)
+ sshd_config(5)
"UsePrivilegeSeparation=sandbox" mode that enables mandatory
restrictions on the syscalls the privsep child can perform.
- Add new SHA256-based HMAC transport integrity modes from
http://www.ietf.org/id/draft-dbider-sha2-mac-for-ssh-02.txt
These modes are hmac-sha2-256, hmac-sha2-256-96, hmac-sha2-512,
and hmac-sha2-512-96, and are available by default in
- ssh(1)
+ ssh(1)
and
- sshd(8).
+ sshd(8).
- The pre-authentication
- sshd(8)
+ sshd(8)
privilege separation slave process now logs via a socket shared with
the master process, avoiding the need to maintain /dev/log inside the
chroot.
-
- ssh(1)
+
- ssh(1)
now warns when a server refuses X11 forwarding.
-
- sshd_config(5)'s
+
- sshd_config(5)'s
AuthorizedKeysFile now accepts multiple paths, separated by whitespace.
The undocumented AuthorizedKeysFile2 option is deprecated (though the
default for AuthorizedKeysFile includes .ssh/authorized_keys2).
-
- sshd_config(5):
+
- sshd_config(5):
similarly deprecate UserKnownHostsFile2 and GlobalKnownHostsFile2 by
making UserKnownHostsFile and GlobalKnownHostsFile accept multiple
options and default to include known_hosts2.
-
- sshd_config(5)'s
+
- sshd_config(5)'s
ControlPath option now expands %L to the host portion of the
destination host name.
-
- sshd_config(5)
+
- sshd_config(5)
"Host" options now support negated Host matching.
-
- sshd_config(5):
+
- sshd_config(5):
a new RequestTTY option provides control over when a TTY is requested
for a connection, similar to the existing -t/-tt/-T
- ssh(1)
+ ssh(1)
commandline options.
-
- ssh-keygen(1):
+
- ssh-keygen(1):
Add -A option. For each of the key types (rsa1, rsa, dsa and ecdsa) for
which host keys do not exist, generate the host keys with the default
key file path, an empty passphrase, default bits for the key type, and
default comment. This is useful for system initialisation scripts.
-
- ssh(1):
+
- ssh(1):
Allow graceful shutdown of multiplexing: request that a mux server
removes its listener socket and refuse future multiplexing requests but
don't kill existing connections. This may be requested using
"ssh -O stop ...".
-
- ssh-add(1):
+
- ssh-add(1):
now accepts keys piped from standard input.
- The following significant bugs have been fixed in this release:
- Retain key comments when loading v.2 keys. These will be visible in
"ssh-add -l" and other places. (bz#439)
-
- ssh(1)
+
- ssh(1)
and
- sshd(8):
+ sshd(8):
set IPv6 traffic class from IPQoS (as well as IPv4 ToS/DSCP). (bz#1855)
-
- sshd(8):
+
- sshd(8):
allow GSSAPI authentication to detect when a server-side failure causes
authentication failure and don't count such failures against
MaxAuthTries. (bz#1244)
-
- ssh-keysign(8):
+
- ssh-keysign(8):
now signs hostbased authentication challenges correctly using ECDSA
keys. (bz#1858)
-
- sftp(1):
+
- sftp(1):
document that sftp accepts square brackets to delimit addresses
(useful for IPv6). (bz#1847a)
-
- ssh(1):
+
- ssh(1):
when using session multiplexing, the master process will change its
process title to reflect the control path in use and when a
ControlPersist-ed master is waiting to close. (bz#1883 and bz#1911)
@@ -342,9 +342,9 @@
- As usual, steady improvements in manual pages and other documentation.
- Base system and Xenocara manuals are now installed as source code,
- making grep(1) more useful in /usr/share/man/ and /usr/X11R6/man/.
+ making grep(1) more useful in /usr/share/man/ and /usr/X11R6/man/.
- If both formatted and source versions of manuals are installed,
- man(1) automatically displays the newer version of each page.
+ man(1) automatically displays the newer version of each page.
- The system includes the following major components from outside suppliers:
- Xenocara (based on X.Org 7.6 with xserver 1.9 + patches,
@@ -439,9 +439,9 @@
To make a boot floppy under MS-DOS, use the "rawrite" utility located
at CD1:5.0/tools/rawrite.exe. To make the boot floppy under a Unix OS,
use the
-dd(1)
+dd(1)
utility. The following is an example usage of
-dd(1),
+dd(1),
where the device could be "floppy", "rfd0c", or
"rfd0a".
@@ -724,7 +724,7 @@
OpenBSD ports system.
The ports/ directory represents a CVS (see the manpage for
-
+
cvs(1) if
you aren't familiar with CVS) checkout of our ports. As with our complete
source tree, our ports tree is available via anoncvs. So, in