version 1.51, 2015/03/12 01:41:58 |
version 1.52, 2015/03/12 02:05:55 |
|
|
<li>Generic network stack improvements: |
<li>Generic network stack improvements: |
<ul> |
<ul> |
<li>The routing table is now used for most of the address lookups operations superseding the RB-tree and IPv4 address list. |
<li>The routing table is now used for most of the address lookups operations superseding the RB-tree and IPv4 address list. |
<li>The SipHash algorithm is now used for PCB hashing, trunk(4) loadbalancing, pf(4) and bridge(4). |
<li>The SipHash algorithm is now used for PCB hashing, |
<li>Traffic destinated to link-local IPv6 addresses can now be seen with tcpdump(8). |
<a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/trunk.4?query=trunk&sec=4">trunk(4)</a> loadbalancing, |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/pf.4?query=pf&sec=4">pf(4)</a> and |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man4/bridge.4?query=bridge&sec=4">bridge(4)</a>. |
|
<li>Traffic destinated to link-local IPv6 addresses can now be seen with |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man8/tcpdump.8?query=tcpdump&sec=8">tcpdump(8)</a>. |
<li> ... |
<li> ... |
</ul> |
</ul> |
<p> |
<p> |
|
|
<li>Ignore hostname.if.* files when upgrading. |
<li>Ignore hostname.if.* files when upgrading. |
<li>Configure all physical interfaces before any dynamic interface types (e.g. trunks, vlans) when upgrading. |
<li>Configure all physical interfaces before any dynamic interface types (e.g. trunks, vlans) when upgrading. |
<li> |
<li> |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fdisk&sektion=8">fdisk(8)</a> now zeros out GPT signatures found when writing out an MBR that has been re-initialzed and has no EFI or EFISYS partition. |
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=fdisk&sektion=8">fdisk(8)</a> now zeros out GPT signatures found when writing out an MBR that has been re-initialized and has no EFI or EFISYS partition. |
<li>Fixed manipulation of 'ro' and 'rw' fstab options to avoid damage to other options that happen to contain 'ro' or 'rw'. |
<li>Fixed manipulation of 'ro' and 'rw' fstab options to avoid damage to other options that happen to contain 'ro' or 'rw'. |
<li>The ramdisk binary (one binary contains all the commands) is now compiled without optimization and security features. The benefit is a substantial savings in space, allowing more features in the future. |
<li>The ramdisk binary (one binary contains all the commands) is now compiled without optimization and security features. The benefit is a substantial savings in space, allowing more features in the future. |
</ul> |
</ul> |
|
|
|
|
<li>OpenBSD <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a>: |
<li>OpenBSD <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=httpd&sektion=8">httpd(8)</a>: |
<ul> |
<ul> |
<li>SSLv2/3 is not supported anymore; renamed all occurences of "SSL" to "TLS". |
<li>SSLv2/3 is not supported anymore; renamed all occurrences of "SSL" to "TLS". |
<li>Various TLS improvements with better support for ECDHE/DHE forward secrecy. |
<li>Various TLS improvements with better support for ECDHE/DHE forward secrecy. |
<li>Improved support for virtual hosts by supporting name- and IP- based aliases. |
<li>Improved support for virtual hosts by supporting name- and IP- based aliases. |
<li>Added support for basic authentication by checking against files created with <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=htpasswd&sektion=1">htpasswd(1)</a>. |
<li>Added support for basic authentication by checking against files created with <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=htpasswd&sektion=1">htpasswd(1)</a>. |
|
|
<li>Import BoringSSL's crypto bytestring and crypto bytebuilder APIs. |
<li>Import BoringSSL's crypto bytestring and crypto bytebuilder APIs. |
<li>Jettison DTLS over SCTP. |
<li>Jettison DTLS over SCTP. |
<li>Fix memory leaks. |
<li>Fix memory leaks. |
<li>Move openssl(1) from /usr/sbin/openssl to /usr/bin/openssl |
<li>Move <a href="http://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man1/openssl.1??query=openssl&sec=1">openssl(1)</a> from /usr/sbin/openssl to /usr/bin/openssl |
<li>... |
<li>... |
</ul> |
</ul> |
<p> |
<p> |
|
|
<li>Syslogd: |
<li>Syslogd: |
<ul> |
<ul> |
<li>OpenBSD <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=syslogd&sektion=8">syslogd(8)</a> |
<li>OpenBSD <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=syslogd&sektion=8">syslogd(8)</a> |
is based on libevent now. |
is based on |
|
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=event&sektion=3">libevent</a> |
|
now. |
<li>Sending and receiving UDP messages works with both IPv4 and IPv6. |
<li>Sending and receiving UDP messages works with both IPv4 and IPv6. |
<li>Syslog messages can also be sent over TCP or TLS. |
<li>Syslog messages can also be sent over TCP or TLS. |
The syntax to specify the loghost is documented in |
The syntax to specify the loghost is documented in |