www/61.html - diff

Return to 61.html CVS log

Up to [local] / www

Diff for /www/61.html between version 1.90 and 1.91

version 1.90, 2017/04/11 13:23:37

version 1.91, 2017/06/26 17:18:57

Line 38

<li>See a <a href="plus61.html">detailed log of changes</a> between the

6.0 and 6.1 releases.

<li><a href="http://man.openbsd.org/signify.1">signify(1)</a>

<li><a href="https://man.openbsd.org/signify.1">signify(1)</a>

pubkeys for this release:

<pre>

base: RWQEQa33SgQSEsMwwVV1+GjzdcQfRNV2Bgo48Ztd2KiZ9bAodz9c+Maa

Line 64

<li>New/extended platforms:

<ul>

<li>New <a href="https://www.openbsd.org/arm64.html">arm64</a> platform,

using <a href="http://man.openbsd.org/clang-local.1">clang(1)</a>

using <a href="https://man.openbsd.org/clang-local.1">clang(1)</a>

as the base system compiler.

<li>The <a href="https://www.openbsd.org/armv7.html">armv7</a> platform

has seen some major improvements, including a switch to EABI and

Line 80

<li>Improved hardware support, including:

<ul>

<li>New <a href="http://man.openbsd.org/acpials.4">acpials(4)</a>

<li>New <a href="https://man.openbsd.org/acpials.4">acpials(4)</a>

driver for ACPI ambient light sensor devices.

<li>New <a href="http://man.openbsd.org/acpihve.4">acpihve(4)</a>

<li>New <a href="https://man.openbsd.org/acpihve.4">acpihve(4)</a>

driver for feeding Hyper-V entropy into the kernel pool.

<li>New <a href="http://man.openbsd.org/acpisbs.4">acpisbs(4)</a>

<li>New <a href="https://man.openbsd.org/acpisbs.4">acpisbs(4)</a>

driver for ACPI Smart Battery devices.

driver for Designware GMAC 10/100/Gigabit Ethernet devices.

driver for Loongson 3A PCI host bridges.

driver for Hyper-V networking interfaces.

<li>New <a href="http://man.openbsd.org/hyperv.4">hyperv(4)</a>

<li>New <a href="https://man.openbsd.org/hyperv.4">hyperv(4)</a>

driver for the Hyper-V guest nexus device.

driver for the Atmel maXTouch touchpad and touchscreen.

<li>New <a href="http://man.openbsd.org/armv7/imxtemp.4">imxtemp(4)</a>

<li>New <a href="https://man.openbsd.org/armv7/imxtemp.4">imxtemp(4)</a>

driver for Freescale i.MX6 temperature sensors.

<li>New <a href="http://man.openbsd.org/loongson/leioc.4">leioc(4)</a>

<li>New <a href="https://man.openbsd.org/loongson/leioc.4">leioc(4)</a>

driver for the Loongson 3A low-end IO controller.

<li>New <a href="http://man.openbsd.org/octeon/octmmc.4">octmmc(4)</a>

<li>New <a href="https://man.openbsd.org/octeon/octmmc.4">octmmc(4)</a>

driver for the OCTEON MMC host controller.

<li>New <a href="http://man.openbsd.org/armv7/ompinmux.4">ompinmux(4)</a>

<li>New <a href="https://man.openbsd.org/armv7/ompinmux.4">ompinmux(4)</a>

driver for OMAP pin multiplexing.

<li>New <a href="http://man.openbsd.org/armv7/omwugen.4">omwugen(4)</a>

<li>New <a href="https://man.openbsd.org/armv7/omwugen.4">omwugen(4)</a>

driver for OMAP wake-up generators.

driver for the ARM Power State Coordination Interface.

<li>New <a href="http://man.openbsd.org/simplefb.4">simplefb(4)</a>

<li>New <a href="https://man.openbsd.org/simplefb.4">simplefb(4)</a>

driver for the simple frame buffer on systems

using a device tree.

<li>New <a href="http://man.openbsd.org/armv7/sximmc.4">sximmc(4)</a>

<li>New <a href="https://man.openbsd.org/armv7/sximmc.4">sximmc(4)</a>

driver for Allwinner A1X/A20 MMC/SD/SDIO controllers.

driver for Trusted Platform Module devices.

<li>New <a href="http://man.openbsd.org/uwacom.4">uwacom(4)</a>

<li>New <a href="https://man.openbsd.org/uwacom.4">uwacom(4)</a>

driver for Wacom USB tablets.

<li>New <a href="http://man.openbsd.org/vmmci.4">vmmci(4)</a>

<li>New <a href="https://man.openbsd.org/vmmci.4">vmmci(4)</a>

VMM control interface.

driver for Xen Blkfront virtual disks.

driver for the LUNA-88K HD647180X I/O processor.

<li>Support for Kaby Lake and Lewisburg PCH Ethernet MACs with I219 PHYs

has been added to the

<a href="http://man.openbsd.org/?query=em">em(4)</a> driver.

<a href="https://man.openbsd.org/?query=em">em(4)</a> driver.

<li>Support for RTL8153 USB 3.0 Gigabit Ethernet based devices

has been added to the

<a href="http://man.openbsd.org/?query=ure">ure(4)</a> driver.

<a href="https://man.openbsd.org/?query=ure">ure(4)</a> driver.

<li>Improved ACPI support for modern Apple hardware, including S3 suspend

and resume.

<li>Support for X550 family of 10 Gigabit Ethernet based devices

has been added to the

<a href="http://man.openbsd.org/?query=ix">ix(4)</a> driver.

<a href="https://man.openbsd.org/?query=ix">ix(4)</a> driver.

</ul>

<li>New <a href="http://man.openbsd.org/amd64/vmm.4">vmm(4)</a>/

<li>New <a href="https://man.openbsd.org/amd64/vmm.4">vmm(4)</a>/

<a href="http://man.openbsd.org/amd64/vmd.8">vmd(8)</a>:

<a href="https://man.openbsd.org/amd64/vmd.8">vmd(8)</a>:

<ul>

<li>Support was partially integrated in 6.0, but disabled.

<li>Support for amd64 and i386 hosts.

<li>BIOS payload provided via vmm-firmware, delivered via

<a href="http://man.openbsd.org/fw_update.1">fw_update(1)</a>.

<a href="https://man.openbsd.org/fw_update.1">fw_update(1)</a>.

<li>Support for Linux guest VMs.

<li>Better interrupt handling and legacy device emulation.

<li><a href="http://man.openbsd.org/amd64/vmm.4">vmm(4)</a> no longer

<li><a href="https://man.openbsd.org/amd64/vmm.4">vmm(4)</a> no longer

requires VMX unrestricted guest capability (Nehalem and later CPUs

are sufficient).

<li>Removed bounce buffers previously used by

<a href="http://man.openbsd.org/amd64/vmd.8">vmd(8)</a> for

<a href="https://man.openbsd.org/amd64/vmd.8">vmd(8)</a> for

<a href="http://man.openbsd.org/vio.4">vio(4)</a> and

<a href="https://man.openbsd.org/vio.4">vio(4)</a> and

<a href="http://man.openbsd.org/vioblk.4">vioblk(4)</a> devices.

<a href="https://man.openbsd.org/vioblk.4">vioblk(4)</a> devices.

<li>Support VMs with > 2GB RAM.

<li><a href="http://man.openbsd.org/amd64/vmd.8">vmd(8)</a> uses

<li><a href="https://man.openbsd.org/amd64/vmd.8">vmd(8)</a> uses

<a href="http://man.openbsd.org/pledge.2">pledge(2)</a> and the

<a href="https://man.openbsd.org/pledge.2">pledge(2)</a> and the

fork+exec model.

expanded to include VM ownership rules (uid/gid).

<li><a href="http://man.openbsd.org/amd64/vmd.8">vmd(8)</a>/

<li><a href="https://man.openbsd.org/amd64/vmd.8">vmd(8)</a>/

supports automatic

<a href="http://man.openbsd.org/bridge.4">bridge(4)</a> and

<a href="https://man.openbsd.org/bridge.4">bridge(4)</a> and

<a href="http://man.openbsd.org/switch.4">switch(4)</a> configuration

<a href="https://man.openbsd.org/switch.4">switch(4)</a> configuration

for VM network interfaces.

<li><a href="http://man.openbsd.org/amd64/vmctl.8">vmctl(8)</a> supports

<li><a href="https://man.openbsd.org/amd64/vmctl.8">vmctl(8)</a> supports

graceful VM shutdown via

<a href="http://man.openbsd.org/amd64/vmmci.4">vmmci(4)</a>.

<a href="https://man.openbsd.org/amd64/vmmci.4">vmmci(4)</a>.

</ul>

<li>IEEE 802.11 wireless stack improvements:

<ul>

<li>The <a href="http://man.openbsd.org/ral.4">ral(4)</a> driver

<li>The <a href="https://man.openbsd.org/ral.4">ral(4)</a> driver

now supports Ralink RT3900E (RT5390, RT3292) devices.

<li>The <a href="http://man.openbsd.org/iwm.4">iwm(4)</a> and

<li>The <a href="https://man.openbsd.org/iwm.4">iwm(4)</a> and

<a href="http://man.openbsd.org/iwn.4">iwn(4)</a> drivers

<a href="https://man.openbsd.org/iwn.4">iwn(4)</a> drivers

now support the short guard interval (SGI) in 11n mode.

<li>Added a new implementation of MiRa, a rate adapation algorithm

designed for 802.11n.

<li>The <a href="http://man.openbsd.org/iwm.4">iwm(4)</a> driver

<li>The <a href="https://man.openbsd.org/iwm.4">iwm(4)</a> driver

now supports 802.11n MIMO (MCS 0-15).

<li>The <a href="http://man.openbsd.org/athn.4">athn(4)</a> driver

<li>The <a href="https://man.openbsd.org/athn.4">athn(4)</a> driver

now supports 802.11n, featuring MIMO (MCS 0-15) and hostap mode.

<li>The <a href="http://man.openbsd.org/iwn.4">iwn(4)</a> driver

<li>The <a href="https://man.openbsd.org/iwn.4">iwn(4)</a> driver

now receives MIMO frames in monitor mode.

<li>The <a href="http://man.openbsd.org/rtwn.4">rtwn(4)</a> and

<li>The <a href="https://man.openbsd.org/rtwn.4">rtwn(4)</a> and

<a href="http://man.openbsd.org/urtwn.4">urtwn(4)</a> drivers

<a href="https://man.openbsd.org/urtwn.4">urtwn(4)</a> drivers

now use AMRR rate adaptation (8188EU and 8188CE devices only).

<li>TKIP/WPA1 was disabled by default because of inherent weaknesses

in this protocol.

Line 196

<li>Generic network stack improvements:

<ul>

<li>New <a href="http://man.openbsd.org/switch.4">switch(4)</a>

<li>New <a href="https://man.openbsd.org/switch.4">switch(4)</a>

pseudo-device together with new

<a href="http://man.openbsd.org/switchd.8">switchd(8)</a> and

<a href="https://man.openbsd.org/switchd.8">switchd(8)</a> and

<a href="http://man.openbsd.org/switchctl.8">switchctl(8)</a>

<a href="https://man.openbsd.org/switchctl.8">switchctl(8)</a>

programs.

<li>New <a href="http://man.openbsd.org/mobileip.4">mobileip(4)</a>

<li>New <a href="https://man.openbsd.org/mobileip.4">mobileip(4)</a>

operation mode for the

pseudo-device.

<li>Multipoint-to-multipoint mode in

<a href="http://man.openbsd.org/vxlan.4">vxlan(4)</a>.

<a href="https://man.openbsd.org/vxlan.4">vxlan(4)</a>.

<li><a href="http://man.openbsd.org/route.8">route(8)</a>

<li><a href="https://man.openbsd.org/route.8">route(8)</a>

and netstat -r display all routing flags correctly and they

are completely documented in the

<a href="http://man.openbsd.org/netstat.1">netstat(1)</a>

<a href="https://man.openbsd.org/netstat.1">netstat(1)</a>

man page.

<li>When sending TCP streams they are locally stored in large

mbuf clusters to improve memory management.

The maximum TCP send and receive buffer size has been

increased from 256KB to 2MB.

Note that this results in a different

OS fingerprint for OpenBSD.

The default limit for mbuf clusters has been increased.

You can check the values with

<a href="http://man.openbsd.org/netstat.1">netstat(1)</a>

<a href="https://man.openbsd.org/netstat.1">netstat(1)</a>

-m and adjust them with

<a href="http://man.openbsd.org/sysctl.8">sysctl(8)</a>

<a href="https://man.openbsd.org/sysctl.8">sysctl(8)</a>

kern.maxclusters.

<li>Make the TCP_NOPUSH flag work for

<a href="http://man.openbsd.org/listen.2">listen(2)</a>

<a href="https://man.openbsd.org/listen.2">listen(2)</a>

sockets.

It is inherited by the socket returned from

<a href="http://man.openbsd.org/accept.2">accept(2)</a>.

<a href="https://man.openbsd.org/accept.2">accept(2)</a>.

<li>A lot of code has been removed or simplified to make the

transition to multi-processor easier.

Redesign the interrupt and multi-processor locks in the

network stack.

<li>When passing packets from the network stack to the

interface layer, make sure that they have no pointers to

which could result in a memory free operation at the wrong

protection level.

<li>Fix checksum calculation in

af-to ICMP packet conversions.

Simplify af-to processing in and fix path MTU discovery in

some corner cases.

Line 250

fragment headers.

Follow RFC 5722 "Handling of Overlapping IPv6 Fragments"

more strictly in

<a href="http://man.openbsd.org/pf.4">pf(4)</a>.

<a href="https://man.openbsd.org/pf.4">pf(4)</a>.

RFC 8021 "IPv6 Atomic Fragments Considered Harmful" deprecates

generating atomic fragments, so do not send them anymore.

<li>Depending on the addresses,

<a href="http://man.openbsd.org/ipsecctl.8">ipsecctl(8)</a>

<a href="https://man.openbsd.org/ipsecctl.8">ipsecctl(8)</a>

may automatically group SA bundles together.

To make clear what is going on, the kernel provides this

information and ipsecctl -s sa prints IPsec SA bundles.

Line 279

<li>Routing daemons and other userland network improvements:

<ul>

<li><a href="http://man.openbsd.org/ping.8">ping(8)</a> and

<li><a href="https://man.openbsd.org/ping.8">ping(8)</a> and

<a href="http://man.openbsd.org/ping6.8">ping6(8)</a> are now the same

<a href="https://man.openbsd.org/ping6.8">ping6(8)</a> are now the same

binary and share the engine.

<li><a href="http://man.openbsd.org/ripd.8">ripd(8)</a> now supports

<li><a href="https://man.openbsd.org/ripd.8">ripd(8)</a> now supports

p2p links with addresses in different subnets.

<li>UDP speakers can specify an IPv4 source address using

<tt>IP_SENDSRCADDR</tt>.

and <a href="http://man.openbsd.org/snmpd.8">snmpd(8)</a> now

and <a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a> now

use the proper source address when sending replies.

<li><a href="http://man.openbsd.org/iked.8">iked(8)</a> now

<li><a href="https://man.openbsd.org/iked.8">iked(8)</a> now

supports ECDSA and RFC 7427 signatures for authentication.

<li><a href="http://man.openbsd.org/iked.8">iked(8)</a> now

<li><a href="https://man.openbsd.org/iked.8">iked(8)</a> now

supports replying to IKEv2 responder cookies.

<li>Many fixes and improvements for

<a href="http://man.openbsd.org/iked.8">iked(8)</a> and

<a href="https://man.openbsd.org/iked.8">iked(8)</a> and

<a href="http://man.openbsd.org/ikectl.8">ikectl(8)</a>, including

<a href="https://man.openbsd.org/ikectl.8">ikectl(8)</a>, including

various fixes for rekeying.

<li><a href="http://man.openbsd.org/ospfd.8">ospfd(8)</a> and

<li><a href="https://man.openbsd.org/ospfd.8">ospfd(8)</a> and

<a href="http://man.openbsd.org/ospf6d.8">ospf6d(8)</a> now cope

<a href="https://man.openbsd.org/ospf6d.8">ospf6d(8)</a> now cope

with interface MTU change at runtime.

<li><a href="http://man.openbsd.org/bgpd.8">bgpd(8)</a> now supports

<li><a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a> now supports

BGP Large Communities

(<a href="https://www.rfc-editor.org/rfc/rfc8092.txt">RFC 8092</a>).

<li><a href="http://man.openbsd.org/bgpd.8">bgpd(8)</a> now supports

<li><a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a> now supports

BGP Administrative Shutdown Communication

(<a href="https://www.ietf.org/id/draft-ietf-idr-shutdown.txt">draft-ietf-idr-shutdown</a>).

</ul>

Line 313

<ul>

<li>Enforcement of userland W^X on OCTEON Plus and later.

<li>All shared libraries, all dynamic and static-PIE executables, and

<a href="http://man.openbsd.org/ld.so.1">ld.so(1)</a> itself use

<a href="https://man.openbsd.org/ld.so.1">ld.so(1)</a> itself use

the RELRO ("read-only after relocation") design such that

more of the initial data is protected as read-only.

<li>The size of user virtual address space has been increased

from 2GB to 1TB on mips64.

<li>PIE and -static -pie on arm.

<li><a href="http://man.openbsd.org/route6d.8">route6d(8)</a> now

<li><a href="https://man.openbsd.org/route6d.8">route6d(8)</a> now

runs with fewer privileges.

<li>For incoming TLS connections

<a href="http://man.openbsd.org/syslogd.8">syslogd(8)</a>

<a href="https://man.openbsd.org/syslogd.8">syslogd(8)</a>

can validate client certificates with a given CA file.

<li>The privileged parent process of

<a href="http://man.openbsd.org/syslogd.8">syslogd(8)</a>

<a href="https://man.openbsd.org/syslogd.8">syslogd(8)</a>

calls

to reshuffle its random memory layout.

<li>New function

<a href="http://man.openbsd.org/recallocarray.3">recallocarray(3)</a>

<a href="https://man.openbsd.org/recallocarray.3">recallocarray(3)</a>

to reduce the risk of incorrect clearing of memory before and after

<a href="http://man.openbsd.org/reallocarray.3">reallocarray(3)</a>.

<a href="https://man.openbsd.org/reallocarray.3">reallocarray(3)</a>.

<li><a href="http://man.openbsd.org/sha2.3">SHA512_256</a> family

<li><a href="https://man.openbsd.org/sha2.3">SHA512_256</a> family

of functions added to libc.

<li>arm added to the list of archs where the

<a href="http://man.openbsd.org/setjmp.3">setjmp(3)</a>

<a href="https://man.openbsd.org/setjmp.3">setjmp(3)</a>

family of functions apply XOR cookies to stack and return-address

values in the jmpbuf.

<li><a href="http://man.openbsd.org/printf.3">printf(3)</a> family

<li><a href="https://man.openbsd.org/printf.3">printf(3)</a> family

of formatting functions now report to syslog when the %s

format is used with a NULL pointer.

<li>Heap buffer overflow detection has been improved when the C

<a href="http://man.openbsd.org/malloc.3">malloc(3)</a> option is used.

<a href="https://man.openbsd.org/malloc.3">malloc(3)</a> option is used.

The existing S option now includes C.

<li>Support for permitting non-root users to

<a href="http://man.openbsd.org/mount.8">mount(8)</a> filesystems

<a href="https://man.openbsd.org/mount.8">mount(8)</a> filesystems

has been removed.

<li><a href="http://man.openbsd.org/bioctl.8">bioctl(8)</a> now uses

<li><a href="https://man.openbsd.org/bioctl.8">bioctl(8)</a> now uses

<a href="http://man.openbsd.org/bcrypt_pbkdf.3">bcrypt PBKDF</a> to

<a href="https://man.openbsd.org/bcrypt_pbkdf.3">bcrypt PBKDF</a> to

derive keys for

<a href="http://man.openbsd.org/softraid.4">softraid(4)</a> crypto

<a href="https://man.openbsd.org/softraid.4">softraid(4)</a> crypto

volumes.

</ul>

<li><a href="http://man.openbsd.org/dhclient.8">dhclient(8)</a>/

<li><a href="https://man.openbsd.org/dhclient.8">dhclient(8)</a>/

<a href="http://man.openbsd.org/dhcpd.8">dhcpd(8)</a>/

<a href="https://man.openbsd.org/dhcpd.8">dhcpd(8)</a>/

<a href="http://man.openbsd.org/dhcrelay.8">dhcrelay(8)</a> improvements:

<a href="https://man.openbsd.org/dhcrelay.8">dhcrelay(8)</a> improvements:

<ul>

<li>Add DHO_BOOTFILE_NAME and DHO_TFTP_SERVER to the options requested by default.

<li>Add support for RFC 6842 (Client Identifier Option in DHCP Server Replies).

Line 371

<li>Fix issues with redundant dhcpd servers and CARP'd interfaces.

<li>Switch to standard logging functions

<li>Fix vis/unvis of strings in

<a href="http://man.openbsd.org/dhclient.8">dhclient(8)</a> leases files.

<a href="https://man.openbsd.org/dhclient.8">dhclient(8)</a> leases files.

</ul>

<li>Assorted improvements:

<ul>

<li>New <a href="http://man.openbsd.org/syspatch.8">syspatch(8)</a>

<li>New <a href="https://man.openbsd.org/syspatch.8">syspatch(8)</a>

utility for security and reliability binary updates to the base

system.

<li><a href="http://man.openbsd.org/acme-client.1">acme-client(1)</a>, a

<li><a href="https://man.openbsd.org/acme-client.1">acme-client(1)</a>, a

privilege separated Automatic Certificate Management Environment

(ACME) client written by Kristaps Dzonsons has been imported.

<li>New, simplified

<a href="http://man.openbsd.org/xenodm.1">xenodm(1)</a>

<a href="https://man.openbsd.org/xenodm.1">xenodm(1)</a>

X11 display manager forked from

<a href="http://man.openbsd.org/OpenBSD-6.0/xdm.1">xdm(1)</a>.

<a href="https://man.openbsd.org/OpenBSD-6.0/xdm.1">xdm(1)</a>.

<li>Unicode version 8 character properties in the C library.

<li>Partial UTF-8 line editing support for

<a href="http://man.openbsd.org/ksh.1">ksh(1)</a> Vi input mode.

<a href="https://man.openbsd.org/ksh.1">ksh(1)</a> Vi input mode.

<li>UTF-8 support in

<a href="http://man.openbsd.org/column.1">column(1)</a>.

<a href="https://man.openbsd.org/column.1">column(1)</a>.

<li>The performance and concurrency of the

<a href="http://man.openbsd.org/malloc.3">malloc(3)</a> family

<a href="https://man.openbsd.org/malloc.3">malloc(3)</a> family

in multi-threaded processes has been improved.

<li>Estonian keyboard support.

<li><a href="http://man.openbsd.org/read.2">read(2)</a> on

<li><a href="https://man.openbsd.org/read.2">read(2)</a> on

directories now fails instead of returning 0.

<li>Support for the <tt>RES_USE_EDNS0</tt> and <tt>RES_USE_DNSSEC</tt>

flags has been added to the

<a href="http://man.openbsd.org/resolver.3">resolver(3)</a>

<a href="https://man.openbsd.org/resolver.3">resolver(3)</a>

implementation.

<li><a href="http://man.openbsd.org/syslogd.8">syslogd(8)</a>

<li><a href="https://man.openbsd.org/syslogd.8">syslogd(8)</a>

limits the socket buffer for TCP and TLS connections to 64K

to avoid wasting kernel memory.

<li><a href="http://man.openbsd.org/syslogd.8">syslogd(8)</a>

<li><a href="https://man.openbsd.org/syslogd.8">syslogd(8)</a>

supports the option -Z to print the timestamp in RFC 5424

ISO format.

This logs everything in UTC including the year, timezone

and fractions of seconds.

The default is still RFC 3164 BSD syslog time format.

<li>When log files are rotated,

<a href="http://man.openbsd.org/newsyslog.8">newsyslog(8)</a>

<a href="https://man.openbsd.org/newsyslog.8">newsyslog(8)</a>

writes the creation time in UTC ISO format into the first line.

<li>The

<a href="http://man.openbsd.org/syslogd.8">syslogd(8)</a>

<a href="https://man.openbsd.org/syslogd.8">syslogd(8)</a>

options -a, -T, and -U can be given more than once to specify

multiple input sources.

<li>Improve the

<a href="http://man.openbsd.org/syslogd.8">syslogd(8)</a>

<a href="https://man.openbsd.org/syslogd.8">syslogd(8)</a>

output and diagnostics in case the klog buffer

overflows.

<li>Make SIGHUP handling in

<a href="http://man.openbsd.org/syslogd.8">syslogd(8)</a>

<a href="https://man.openbsd.org/syslogd.8">syslogd(8)</a>

more reliable.

<li>Let <a href="http://man.openbsd.org/syslogd.8">syslogd(8)</a>

<li>Let <a href="https://man.openbsd.org/syslogd.8">syslogd(8)</a>

tolerate most errors on startup.

Keep running and receive messages from all working subsystems,

but do not die.

<li>The <a href="http://man.openbsd.org/syslog.3">syslog(3)</a>

<li>The <a href="https://man.openbsd.org/syslog.3">syslog(3)</a>

priority of fatal and warning messages of various daemons

has been adjusted.

<li>An NMI sends the amd64 kernel into

more reliably.

<li><a href="http://man.openbsd.org/ld.so.1">ld.so(1)</a> now

<li><a href="https://man.openbsd.org/ld.so.1">ld.so(1)</a> now

supports the DT_PREINITARRAY, DT_INITARRAY, DT_FINIARRAY, DT_FLAGS,

and DT_RUNPATH dynamic tags.

<li><a href="http://man.openbsd.org/kdump.1">kdump(1)</a>

<li><a href="https://man.openbsd.org/kdump.1">kdump(1)</a>

now dumps the fds returned by

<a href="http://man.openbsd.org/pipe.2">pipe(2)</a> and

<a href="https://man.openbsd.org/pipe.2">pipe(2)</a> and

<a href="http://man.openbsd.org/socketpair.2">socketpair(2)</a>.

<a href="https://man.openbsd.org/socketpair.2">socketpair(2)</a>.

<li>Added support to <a href="http://man.openbsd.org/doas.1">doas(1)</a>

<li>Added support to <a href="https://man.openbsd.org/doas.1">doas(1)</a>

for session-locked persistent authentication.

<li>Use a hardware register for the thread pointer on arm for improved

performance in multi-threaded processes.

<li>SGI boot blocks now consult the OpenBSD

<a href="http://man.openbsd.org/disklabel.5">disklabel(5)</a>

<a href="https://man.openbsd.org/disklabel.5">disklabel(5)</a>

to locate the root filesystem.

This reduces constraints on disk partitioning.

no longer hangs when its transmit ring gets full.

has been fixed to accept broadcast frames in non-promiscuous mode

when no IP address is configured.

This lets the interface work with DHCP.

<li>Multiprocessor-safe PCI interrupt handlers are run

without the kernel lock on OpenBSD/sgi.

<li><a href="http://man.openbsd.org/fdisk.8">fdisk(8)</a> now unconditionally

<li><a href="https://man.openbsd.org/fdisk.8">fdisk(8)</a> now unconditionally

sets the size of the protective MBR's EFI GPT partition to UINT32_MAX.

<li><a href="http://man.openbsd.org/fdisk.8">fdisk(8)</a> now respects the

<li><a href="https://man.openbsd.org/fdisk.8">fdisk(8)</a> now respects the

current MBR or GPT format when initializing a disk.

<li><a href="http://man.openbsd.org/softraid.4">softraid(4)</a> now uses

<li><a href="https://man.openbsd.org/softraid.4">softraid(4)</a> now uses

sufficient parallel i/o's to efficiently rebuild RAID5 volumes.

<li><a href="http://man.openbsd.org/asr_run.3">asr</a> now accepts UDP

<li><a href="https://man.openbsd.org/asr_run.3">asr</a> now accepts UDP

packets of up to 4096 bytes to account for broken DNS servers.

<li><a href="http://man.openbsd.org/umass.4">umass(4)</a> no longer assumes

<li><a href="https://man.openbsd.org/umass.4">umass(4)</a> no longer assumes

that ATAPI or UFI devices have only 1 LUN.

<li><a href="http://man.openbsd.org/scsi.4">scsi(4)</a> now correctly

<li><a href="https://man.openbsd.org/scsi.4">scsi(4)</a> now correctly

detects end of tape on LTO5 devices.

<li><a href="http://man.openbsd.org/httpd.8">httpd(8)</a> supports

<li><a href="https://man.openbsd.org/httpd.8">httpd(8)</a> supports

SNI

via <a href="http://man.openbsd.org/tls_config_add_keypair_ocsp_mem.3">libtls</a>

via <a href="https://man.openbsd.org/tls_config_add_keypair_ocsp_mem.3">libtls</a>

to allow for multiple https sites on a single IP address.

<li><a href="http://man.openbsd.org/ocspcheck.8">ocspcheck(8)</a>

<li><a href="https://man.openbsd.org/ocspcheck.8">ocspcheck(8)</a>

has been added, and can be used to check the OCSP status of

certificates. The corresponding responses can be saved for later use in OCSP stapling.

<li><a href="http://man.openbsd.org/httpd.8">httpd(8)</a> supports

<li><a href="https://man.openbsd.org/httpd.8">httpd(8)</a> supports

OCSP stapling

via <a href="http://man.openbsd.org/tls_config_add_keypair_ocsp_mem.3">libtls</a>

via <a href="https://man.openbsd.org/tls_config_add_keypair_ocsp_mem.3">libtls</a>

to permit OCSP responses to be stapled to the tls handshake

<li><a href="http://man.openbsd.org/nc.1">nc(1)</a> now also

<li><a href="https://man.openbsd.org/nc.1">nc(1)</a> now also

supports OCSP stapling server side, and will show the stapling information

client side.

<li>Both <a href="http://man.openbsd.org/relayd.8">relayd(8)</a> and

<li>Both <a href="https://man.openbsd.org/relayd.8">relayd(8)</a> and

<a href="http://man.openbsd.org/httpd.8">httpd(8)</a> support now

<a href="https://man.openbsd.org/httpd.8">httpd(8)</a> support now

TLS session resumption using TLS session tickets.

See the respective configuration man page for more information.

<li>With the -f option

<a href="http://man.openbsd.org/sensorsd.8">sensorsd(8)</a>

<a href="https://man.openbsd.org/sensorsd.8">sensorsd(8)</a>

can use an alternative config file.

</ul>

Line 835

<li>mandoc 1.14.1

<ul>

<li>New <a href="http://man.openbsd.org/mandoc.db.5">mandoc.db(5)</a>

<li>New <a href="https://man.openbsd.org/mandoc.db.5">mandoc.db(5)</a>

file format: <a href="http://man.openbsd.org/man.1">man(1)</a>,

file format: <a href="https://man.openbsd.org/man.1">man(1)</a>,

<a href="http://man.openbsd.org/apropos.1">apropos(1)</a>, and

<a href="https://man.openbsd.org/apropos.1">apropos(1)</a>, and

<a href="http://man.openbsd.org/makewhatis.8">makewhatis(8)</a>

<a href="https://man.openbsd.org/makewhatis.8">makewhatis(8)</a>

no longer need SQLite3.

<li>Much improved HTML output and CSS.

<li>In <a href="http://man.openbsd.org/man.1">man(1)</a>, internal

<li>In <a href="https://man.openbsd.org/man.1">man(1)</a>, internal

searching with <a href="http://man.openbsd.org/less.1">less(1)</a>

searching with <a href="https://man.openbsd.org/less.1">less(1)</a>

<code>:t</code> has been improved.

<li>New <a href="http://man.openbsd.org/mandoc.1">mandoc(1)</a>

<li>New <a href="https://man.openbsd.org/mandoc.1">mandoc(1)</a>

<code>-mdoc -T markdown</code> output mode

(already a post-1.14.1 feature).

</ul>

Line 980

Quick installer information for people familiar with OpenBSD, and the use of

the "<a href="http://man.openbsd.org/disklabel.8">disklabel</a> -E" command.

the "<a href="https://man.openbsd.org/disklabel.8">disklabel</a> -E" command.

If you are at all confused when installing OpenBSD, read the relevant

INSTALL.* file as listed above!