===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/innovations.html,v
retrieving revision 1.48
retrieving revision 1.49
diff -u -r1.48 -r1.49
--- www/innovations.html 2017/05/30 20:33:38 1.48
+++ www/innovations.html 2017/06/26 17:18:57 1.49
@@ -28,244 +28,244 @@
Programs and subsystems
-- ypbind(8),
- ypset(8),
- ypcat(1),
- ypmatch(1),
- ypwhich(1),
+
- ypbind(8),
+ ypset(8),
+ ypcat(1),
+ ypmatch(1),
+ ypwhich(1),
and libc support: Started by Theo de Raadt.
Imported April 26, 1993 and first released with NetBSD 0.9.
-
- ypserv(8):
+
- ypserv(8):
Started by Mats O. Jansson in 1994.
Imported October 23, 1995 and first released with OpenBSD 2.0.
-
- mopd(8):
+
- mopd(8):
Started by Mats O. Jansson in 1993.
Imported September 21, 1996 and first released with OpenBSD 2.0.
- AnonCVS:
Designed and implemented by Chuck Cranor and Theo de Raadt in 1995
(paper,
slides)
-
- aucat(1):
+
- aucat(1):
Started by Kenneth Stailey.
Imported January 2, 1997 and first released with OpenBSD 2.1.
Now maintained by Alexandre Ratchov.
- OpenSSH
- including ssh(1),
- scp(1),
- sftp(1),
- ssh-add(1),
- ssh-agent(1),
- ssh-keygen(1),
- sshd(8),
- sftp-server(8):
+ including ssh(1),
+ scp(1),
+ sftp(1),
+ ssh-add(1),
+ ssh-agent(1),
+ ssh-keygen(1),
+ sshd(8),
+ sftp-server(8):
Started by Aaron Campbell, Bob Beck, Dug Song, Markus Friedl,
Niels Provos, and Theo de Raadt
as a fork of SSH 1.2.12 by Tatu Ylonen.
Imported September 26, 1999 and first released with OpenBSD 2.6.
Now maintained by Markus Friedl, Damien Miller, Darren Tucker, and
Theo de Raadt.
-
- mg(1):
+
- mg(1):
Started by Dave Conroy in November 1986.
Imported February 25, 2000 and first released with OpenBSD 2.7.
Now maintained by Mark Lumsden.
-
- m4(1):
+
- m4(1):
Originally implemented by Ozan Yigit and Richard A. O'Keefe for 4.3BSD-Reno.
Considerably extended and maintained by Marc Espie since 1999.
-
- pf(4),
- pfctl(8),
- pflogd(8),
- authpf(8),
- ftp-proxy(8):
+
- pf(4),
+ pfctl(8),
+ pflogd(8),
+ authpf(8),
+ ftp-proxy(8):
Started by Daniel Hartmeier
as a replacement for the non-free ipf by Darren Reed.
Imported June 24, 2001 and first released with OpenBSD 3.0.
Now maintained by Henning Brauer.
-
- systrace(4),
- systrace(1):
+
- systrace(4),
+ systrace(1):
Started by Niels Provos.
Imported June 4, 2002 and first released with OpenBSD 3.2.
Deleted after OpenBSD 5.9 because
- pledge(2) is even better.
-
- spamd(8):
+ pledge(2) is even better.
+
- spamd(8):
Written by Bob Beck. Imported December 21, 2002 and first released with OpenBSD 3.3.
-
- dc(1):
+
- dc(1):
Written and maintained by Otto Moerbeek.
Imported September 19, 2003 and first released with OpenBSD 3.5.
-
- bc(1):
+
- bc(1):
Written and maintained by Otto Moerbeek.
Imported September 25, 2003 and first released with OpenBSD 3.5.
-
- sensorsd(8):
+
- sensorsd(8):
Started by Henning Brauer.
Imported September 24, 2003 and first released with OpenBSD 3.5.
Reworked by Constantine A. Murenin.
-
- pkg_add(1):
+
- pkg_add(1):
Written and maintained by Marc Espie.
Imported October 16, 2003 and first released with OpenBSD 3.5.
-
- carp(4):
+
- carp(4):
Written by Mickey Shalayeff, Markus Friedl, Marco Pfatschbacher,
and Ryan McBride.
Imported October 17, 2003 and first released with OpenBSD 3.5.
- OpenBGPD
- including bgpd(8)
- and bgpctl(8):
+ including bgpd(8)
+ and bgpctl(8):
Written and maintained by Henning Brauer and Claudio Jeker,
and also maintained by Peter Hessler.
Imported December 17, 2003 and first released with OpenBSD 3.5.
-
- dhclient(8):
+
- dhclient(8):
Started by Ted Lemon and Elliot Poger in 1996.
Imported January 18, 2004 and first released with OpenBSD 3.5.
Reworked by Henning Brauer.
Now maintained by Kenneth Westerback.
-
- dhcpd(8):
+
- dhcpd(8):
Started by Ted Lemon in 1995.
Imported April 13, 2004 and first released with OpenBSD 3.6.
Reworked by Henning Brauer.
Now maintained by Kenneth Westerback.
-
- hotplugd(8):
+
- hotplugd(8):
Started by Alexander Yurchenko.
Imported May 30, 2004 and first released with OpenBSD 3.6.
- OpenNTPD
- including ntpd(8)
- and ntpctl(8):
+ including ntpd(8)
+ and ntpctl(8):
Written and maintained by Henning Brauer.
Imported May 31, 2004 and first released with OpenBSD 3.6.
Portable version maintained by Brent Cook.
-
- dpb(1):
+
- dpb(1):
Started by Nikolay Sturm on August 10, 2004; first available for OpenBSD 3.6.
Rewritten and maintained by Marc Espie since August 20, 2010.
-
- ospfd(8),
- ospfctl(8):
+
- ospfd(8),
+ ospfctl(8):
Started by Esben Norby and Claudio Jeker.
Imported January 28, 2005 and first released with OpenBSD 3.7.
-
- ifstated(8):
+
- ifstated(8):
Started by Marco Pfatschbacher and Ryan McBride.
Imported January 23, 2004 and first released with OpenBSD 3.8.
-
- bioctl(8):
+
- bioctl(8):
Started by Marco Peereboom.
Imported March 29, 2005 and first released with OpenBSD 3.8.
-
- hostapd(8):
+
- hostapd(8):
Written and maintained by Reyk Floeter.
Imported May 26, 2005 and first released with OpenBSD 3.8.
-
- watchdogd(8):
+
- watchdogd(8):
Started by Marc Balmer.
Imported August 8, 2005 and first released with OpenBSD 3.8.
-
- sdiff(1):
+
- sdiff(1):
Written by Ray Lai.
Imported December 27, 2005 and first released with OpenBSD 3.9.
-
- dvmrpd(8),
- dvmrpctl(8):
+
- dvmrpd(8),
+ dvmrpctl(8):
Started by Esben Norby.
Imported June 1, 2006 and first released with OpenBSD 4.0.
-
- ripd(8),
- ripctl(8):
+
- ripd(8),
+ ripctl(8):
Started by Michele Marchetto.
Imported October 18, 2006 and first released with OpenBSD 4.1.
-
- pkg-config(1):
+
- pkg-config(1):
Started by Chris Kuethe and Marc Espie.
Imported November 27, 2006 and first released with OpenBSD 4.1.
Now maintained by Jasper Lievisse Adriaanse.
-
- relayd(8)
- with relayctl(8):
+
- relayd(8)
+ with relayctl(8):
Started by Pierre-Yves Ritschard and Reyk Floeter.
Imported December 16, 2006 and first released with OpenBSD 4.1.
Now maintained by Reyk Floeter and Sebastian Benoit.
- - cwm(1):
+
- cwm(1):
Started by Marius
Aamodt Eriksen in 2004.
Imported April 27, 2007 and first released with OpenBSD 4.2.
Now maintained by Okan Demirmen.
-
- ospf6d(8),
- ospf6ctl(8):
+
- ospf6d(8),
+ ospf6ctl(8):
Started by Esben Norby and Claudio Jeker.
Imported October 8, 2007 and first released with OpenBSD 4.2.
-
- libtool(1):
+
- libtool(1):
Written by Steven Mestdagh and Marc Espie.
Imported October 28, 2007 and first available for OpenBSD 4.3.
Now maintained by Marc Espie, Jasper Lievisse Adriaanse,
and Antoine Jacoutot.
-
- snmpd(8),
- snmpctl(8):
+
- snmpd(8),
+ snmpctl(8):
Started by Reyk Floeter.
Imported December 5, 2007 and first released with OpenBSD 4.3.
Maintained by Reyk Floeter and Bret Lambert.
-
- sysmerge(8):
+
- sysmerge(8):
Written and maintained by Antoine Jacoutot,
originally forked from mergemaster by Douglas Barton.
Imported April 22, 2008, first released with OpenBSD 4.4.
-
- ypldap(8):
+
- ypldap(8):
Started by Pierre-Yves Ritschard.
Imported June 26, 2008 and first released with OpenBSD 4.4.
- OpenSMTPD
- including smtpd(8),
- smtpctl(8),
- makemap(8):
+ including smtpd(8),
+ smtpctl(8),
+ makemap(8):
Started by Gilles Chehade.
Imported November 1, 2008 and first released with OpenBSD 4.6.
Now maintained by Gilles Chehade and Eric Faurot.
- tmux,
- tmux(1):
+ tmux(1):
Started in 2007 and maintained by Nicholas Marriott.
Imported June 1, 2009, first released with OpenBSD 4.6.
-
- ldpd(8),
- ldpctl(8):
+
- ldpd(8),
+ ldpctl(8):
Started by Michele Marchetto.
Imported June 1, 2009 and first released with OpenBSD 4.6.
Now maintained by Claudio Jeker.
- mandoc
- including mandoc(1),
- man(1),
- apropos(1),
- makewhatis(8),
- man.cgi(8):
+ including mandoc(1),
+ man(1),
+ apropos(1),
+ makewhatis(8),
+ man.cgi(8):
Started by Kristaps Dzonsons in November 2008.
Imported April 6, 2009, first released with OpenBSD 4.8.
Now maintained by Ingo Schwarze.
-
- ldapd(8),
- ldapctl(8):
+
- ldapd(8),
+ ldapctl(8):
Written by Martin Hedenfalk.
Imported May 31, 2010 and first released with OpenBSD 4.8.
- OpenIKED
- including iked(8)
- and ikectl(8):
+ including iked(8)
+ and ikectl(8):
Started by Reyk Floeter.
Imported June 3, 2010 and first released with OpenBSD 4.8.
Now maintained by Reyk Floeter and Mike Belopuhov.
-
- iscsid(8),
- iscsictl(8):
+
- iscsid(8),
+ iscsictl(8):
Written and maintained by Claudio Jeker.
Imported September 24, 2010 and first released with OpenBSD 4.9.
-
- rc.d(8),
- rc.subr(8):
+
- rc.d(8),
+ rc.subr(8):
Written and maintained by Robert Nagy and Antoine Jacoutot.
Imported October 26, 2010 and first released with OpenBSD 4.9.
-
- tftpd(8):
+
- tftpd(8):
Written and maintained by David Gwynne.
Imported March 2, 2012 and first released with OpenBSD 5.2.
-
- npppd(8),
- npppctl(8):
+
- npppd(8),
+ npppctl(8):
Started by Internet Initiative Japan Inc.
Imported January 11, 2010, first released with OpenBSD 5.3.
Maintained by YASUOKA Masahiko.
-
- ldomd(8),
- ldomctl(8):
+
- ldomd(8),
+ ldomctl(8):
Written and maintained by Mark Kettenis.
Imported October 26, 2012 and first released with OpenBSD 5.3.
-
- sndiod(8):
+
- sndiod(8):
Written and maintained by Alexandre Ratchov.
Imported November 23, 2012 and first released with OpenBSD 5.3.
-
- cu(1):
+
- cu(1):
Written and maintained by Nicholas Marriott.
Imported July 10, 2012 and first released with OpenBSD 5.4.
-
- identd(8):
+
- identd(8):
Written and maintained by David Gwynne.
Imported March 18, 2013 and first released with OpenBSD 5.4.
-
- slowcgi(8):
+
- slowcgi(8):
Written and maintained by Florian Obser.
Imported May 23, 2013 and first released with OpenBSD 5.4.
-
- signify(1):
+
- signify(1):
Written and maintained by Ted Unangst.
Imported December 31, 2013 and first released with OpenBSD 5.5.
-
- htpasswd(1):
+
- htpasswd(1):
Written and maintained by Florian Obser.
Imported March 17, 2014 and first released with OpenBSD 5.6.
- LibreSSL:
@@ -273,71 +273,71 @@
and Theo de Raadt on April 13, 2014, as a fork of OpenSSL 1.0.1g.
First released with OpenBSD 5.6.
Portable version maintained by Brent Cook.
-
- httpd(8):
+
- httpd(8):
Started by Reyk Floeter.
Imported July 12, 2014 and first released with OpenBSD 5.6.
Maintained by Reyk Floeter and Florian Obser.
-
- rcctl(8):
+
- rcctl(8):
Written and maintained by Antoine Jacoutot.
Imported August 19, 2014 and first released with OpenBSD 5.7.
-
- file(1):
+
- file(1):
Rewritten from scratch and maintained by Nicholas Marriott.
Imported April 24, 2015 and first released with OpenBSD 5.8.
-
- doas(1):
+
- doas(1):
Written and maintained by Ted Unangst.
Imported July 16, 2015 and first released with OpenBSD 5.8.
-
- radiusd(8):
+
- radiusd(8):
Written and maintained by YASUOKA Masahiko.
Imported July 21, 2015 and first released with OpenBSD 5.8.
-
- eigrpd(8),
- eigrpctl(8):
+
- eigrpd(8),
+ eigrpctl(8):
Written and maintained by Renato Westphal.
Imported October 2, 2015 and first released with OpenBSD 5.9.
-
- rebound(8):
+
- rebound(8):
Written and maintained by Ted Unangst.
Imported October 15, 2015 and first released with OpenBSD 5.9.
-
- vmm(4),
- vmd(8),
- vmctl(8):
+
- vmm(4),
+ vmd(8),
+ vmctl(8):
Written and maintained by Mike Larkin and Reyk Floeter.
Imported November 13, 2015 and first released with OpenBSD 5.9.
-
- pdisk(8):
+
- pdisk(8):
Originally written by Eryk Vershen in 1996-1998,
rewritten and maintained by Kenneth Westerback since January 11, 2016
and first released with OpenBSD 5.9.
-
- mknod(8):
+
- mknod(8):
Original version from Version 6 AT&T UNIX (1975),
last rewritten by Marc Espie on March 5, 2016
and first released with OpenBSD 6.0.
-
- audioctl(1):
+
- audioctl(1):
Originally written by Lennart Augustsson in 1997,
rewritten and maintained by Alexandre Ratchov since June 21, 2016
and first released with OpenBSD 6.0.
-
- switchd(8),
- switchctl(8):
+
- switchd(8),
+ switchctl(8):
Written and maintained by Reyk Floeter.
Imported July 19, 2016; released with OpenBSD 6.1.
-
- acme-client(1):
+
- acme-client(1):
Written by Kristaps Dzonsons, imported August 31, 2016; released
with OpenBSD 6.1.
-
- syspatch(8):
+
- syspatch(8):
Written and maintained by Antoine Jacoutot.
Imported September 5, 2016; released with OpenBSD 6.1.
-
- ping(8):
+
- ping(8):
Restructured to include IPv6 functionality and maintained by Florian Obser.
The separate
- ping6(8)
+ ping6(8)
was superseded on September 17, 2016,
and the new, combined version was released with OpenBSD 6.1.
-
- xenodm(1):
+
- xenodm(1):
Cleaned-up fork of
- xdm(1)
+ xdm(1)
maintained by Matthieu Herrb.
Imported October 23, 2016; released with OpenBSD 6.1.
-
- ocspcheck(8):
+
- ocspcheck(8):
Written and maintained by Bob Beck.
Imported January 24, 2017; released with OpenBSD 6.1.
-
- slaacd(8):
+
- slaacd(8):
Written and maintained by Florian Obser.
Imported March 18, 2017; released with OpenBSD 6.2.
@@ -345,11 +345,11 @@
Concepts
-- ipsec(4):
+
- ipsec(4):
Started by John Ioannidis, Angelos D. Keromytis, Niels Provos, and
Niklas Hallqvist, imported February 20, 1997. OpenBSD was the first
free operating system to provide an IPSec stack.
-
- inet6(4):
+
- inet6(4):
First complete integration and adoption of IPv6 led by
"Itojun" (Dr. Junichiro Hagino) [WIDE/KAME], Craig Metz [NRL], and
Angelos D. Keromytis starting Jan 6, 1999.
@@ -361,43 +361,43 @@
Niels Provos
and Markus Friedl in OpenSSH in March 2002, released with OpenBSD 3.2.
The concept is now used in many OpenBSD programs, for example
- bgpd(8),
- dhclient(8),
- dhcpd(8),
- dvmrpd(8),
- eigrpd(8),
- file(1),
- httpd(8),
- iked(8),
- ldapd(8),
- ldpd(8),
- mountd(8),
- npppd(8),
- ntpd(8),
- ospfd(8),
- ospf6d(8),
- pflogd(8),
- radiusd(8),
- relayd(8),
- ripd(8),
- script(1),
- smtpd(8),
- syslogd(8),
- tcpdump(8),
- tmux(1),
- xconsole(1),
- xdm(1),
- Xserver(1),
- ypldap(8),
- pkg_add(1),
+ bgpd(8),
+ dhclient(8),
+ dhcpd(8),
+ dvmrpd(8),
+ eigrpd(8),
+ file(1),
+ httpd(8),
+ iked(8),
+ ldapd(8),
+ ldpd(8),
+ mountd(8),
+ npppd(8),
+ ntpd(8),
+ ospfd(8),
+ ospf6d(8),
+ pflogd(8),
+ radiusd(8),
+ relayd(8),
+ ripd(8),
+ script(1),
+ smtpd(8),
+ syslogd(8),
+ tcpdump(8),
+ tmux(1),
+ xconsole(1),
+ xdm(1),
+ Xserver(1),
+ ypldap(8),
+ pkg_add(1),
etc.
- Privilege revocation:
Related to the work on privilege separation, some programs were refactored
to drop privileges while holding onto a tricky resource such as a raw socket,
reserved port, or modification-locked bpf(4) descriptor,
for example
- ping(8),
- traceroute(8),
+ ping(8),
+ traceroute(8),
etc.
- Stack protector: Developed since 2001 as "propolice" by Hiroaki Etoh.
Integrated, and implemented for additional hardware platforms,
@@ -407,7 +407,7 @@
Strictly enforced by default since OpenBSD 6.0: a program can only
violate it if the executable is marked with
PT_OPENBSD_WXNEEDED
and it is located on a filesystem mounted with the wxallowed
- mount(8) option.
+ mount(8) option.
- GOT and PLT protection by ld.so: first done as part of the W^X
work in OpenBSD 3.3, by Dale Rahn and Theo de Raadt.
The GOT and PLT regions are read-only outside of ld.so itself.
@@ -415,13 +415,13 @@
in OpenBSD 3.4.
- ASLR: OpenBSD 3.4 was the first widely used operating system to
provide it by default.
-
- gcc-local(1)
+
- gcc-local(1)
__attribute__((__bounded__)) static analysis annotation
and checking mechanism:
Started by Anil Madhavapeddy on June 26, 2003
and ported to GCC 4 by Nicholas Marriott.
First released with OpenBSD 3.4.
-
- malloc(3)
+
- malloc(3)
randomization implemented by Thierry Deval. Guard pages and randomized (delayed) free added by Ted Unangst.
Reimplemented by Otto Moerbeek
for OpenBSD 4.4.
@@ -435,18 +435,18 @@
cookie in OpenBSD 5.3 by Matthew Dempsky.
- Static-PIE: Position-independent static binaries for /bin, /sbin and ramdisks.
First released with OpenBSD 5.7.
-
- SROP (sigreturn(2)
+
- SROP (sigreturn(2)
oriented programming) mitigation: Researched by
Eric Bosman
and Herbert Bos in 2014, implemented by Theo de Raadt in May 2016,
enabled by default since OpenBSD 6.0.
- C library order randomization:
- In rc(8), re-link
+ In rc(8), re-link
libc.so on startup, placing the objects in a random order.
Theo de Raadt and Robert Peichaer, May 2016,
enabled by default since OpenBSD 6.0.
- Kernel-assisted lazy-binding for W^X safety in multi-threaded programs.
- A new syscall kbind(2)
+ A new syscall kbind(2)
permits lazy-binding to be W^X safe in multi-threaded programs.
Implemented for OpenBSD 5.9 by Philip Guenther in July 2015.
- Process layouts in memory tightened to remove execute permission from
@@ -461,54 +461,54 @@
- Use of fork+exec in privilege separated programs. The strategy is to give
each process a fresh & unique address space for ASLR, stack protector -- as
protection against address space discovery attacks. Implemented first by
- Damien Miller (sshd(8) 2004), Claudio Jeker (bgpd(8), 2015), Eric Faurot (smtpd(8), 2016),
+ Damien Miller (sshd(8) 2004), Claudio Jeker (bgpd(8), 2015), Eric Faurot (smtpd(8), 2016),
Rafael Zalamena (various, 2016), and others.
Functions
-- arc4random(3):
+
- arc4random(3):
David Mazieres, December 28, 1996, OpenBSD 2.1
-
- bcrypt(3):
+
- bcrypt(3):
Implemented by Niels Provos and David Mazieres
Imported February 13, 1997 and first released with OpenBSD 2.1.
-
- strlcpy(3),
- strlcat(3):
+
- strlcpy(3),
+ strlcat(3):
Todd Miller and Theo de Raadt, July 1, 1998, OpenBSD 2.4
-
- strtonum(3):
+
- strtonum(3):
Ted Unangst, Todd Miller, and Theo de Raadt, May 3, 2004, OpenBSD 3.6
-
- imsg:
+
- imsg:
Message passing API, written by Henning Brauer.
In libutil since May 26, 2010, OpenBSD 4.8;
used by various daemons before that.
-
- timingsafe_bcmp(3):
+
- timingsafe_bcmp(3):
Damien Miller, July 13, 2010, OpenBSD 4.9
-
- explicit_bzero(3):
+
- explicit_bzero(3):
Ted Unangst and Matthew Dempsky, January 22, 2014, OpenBSD 5.5
-
- ohash:
+
- ohash:
Written and maintained by Marc Espie.
In libutil since May 12, 2014, OpenBSD 5.6;
used by make(1) and m4(1) before that.
-
- asr:
+
- asr:
Replacement resolver written and maintained by Eric Faurot.
Imported April 14, 2012; activated on March 26, 2014, OpenBSD 5.6.
-
- reallocarray(3):
+
- reallocarray(3):
Theo de Raadt and Ted Unangst, April 22, 2014, OpenBSD 5.6
-
- getentropy(2):
+
- getentropy(2):
Matthew Dempsky and Theo de Raadt, June 13, 2014, OpenBSD 5.6
-
- sendsyslog(2):
+
- sendsyslog(2):
Theo de Raadt, July 10, 2014, OpenBSD 5.6
-
- timingsafe_memcmp(3):
+
- timingsafe_memcmp(3):
Matthew Dempsky, July 13, 2014, OpenBSD 5.6
-
- pledge(2):
+
- pledge(2):
Theo de Raadt, July 19, 2015, OpenBSD 5.9
-
- getpwnam_shadow(3),
- getpwuid_shadow(3):
+
- getpwnam_shadow(3),
+ getpwuid_shadow(3):
Ted Unangst and Theo de Raadt, November 18, 2015, OpenBSD 5.9
-
- recallocarray(3):
+
- recallocarray(3):
Otto Moerbeek, Joel Sing and Theo de Raadt, March 6, 2017, OpenBSD 6.1
-
- freezero(3):
+
- freezero(3):
Otto Moerbeek, April 10, 2017, OpenBSD 6.2