Annotation of www/innovations.html, Revision 1.86
1.77 bentley 1: <!doctype html>
2: <html lang=en>
3: <meta charset=utf-8>
4:
1.33 tj 5: <title>OpenBSD: Innovations</title>
1.31 deraadt 6: <meta name="viewport" content="width=device-width, initial-scale=1">
7: <link rel="stylesheet" type="text/css" href="openbsd.css">
1.35 tb 8: <link rel="canonical" href="https://www.openbsd.org/innovations.html">
1.1 schwarze 9:
1.77 bentley 10: <h2 id=OpenBSD>
11: <a href="index.html">
12: <i>Open</i><b>BSD</b></a>
13: Innovations
14: </h2>
1.31 deraadt 15:
16: <hr>
1.32 tj 17: <p>
1.59 job 18: This is a list of software and ideas developed or maintained by the OpenBSD
19: project, sorted in order of approximate introduction. Some of them are
20: explained in detail in our <a href="events.html">research papers</a>.
1.32 tj 21: <hr>
1.1 schwarze 22:
1.59 job 23: <h3>Concepts</h3>
1.1 schwarze 24:
25: <ul>
1.78 deraadt 26: <li><a href="https://man.openbsd.org/ipsec.4">ipsec(4)</a>:
27: Started by John Ioannidis, Angelos D. Keromytis, Niels Provos, and
28: Niklas Hallqvist, imported February 20, 1997. OpenBSD was the first
29: free operating system to provide an IPSec stack.
30: <li><a href="https://man.openbsd.org/inet6.4">inet6(4)</a>:
31: First complete integration and adoption of IPv6 led by
32: "Itojun" (Dr. Junichiro Hagino) [WIDE/KAME], Craig Metz [NRL], and
33: Angelos D. Keromytis starting Jan 6, 1999.
34: Almost fully operational Jun 6, 1999 during the
35: <a href="hackathons.html">first OpenBSD hackathon</a>.
36: OpenBSD 2.7.
37: <li><strong>Privilege separation</strong>:
38: First implemented by
39: <a href="http://www.citi.umich.edu/u/provos/ssh/privsep.html">Niels Provos</a>
40: and Markus Friedl in OpenSSH in March 2002, released with OpenBSD 3.2.
41: The concept is now used in many OpenBSD programs, for example
42: <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>,
43: <a href="https://man.openbsd.org/dhclient.8">dhclient(8)</a>,
44: <a href="https://man.openbsd.org/dhcpd.8">dhcpd(8)</a>,
45: <a href="https://man.openbsd.org/dvmrpd.8">dvmrpd(8)</a>,
46: <a href="https://man.openbsd.org/eigrpd.8">eigrpd(8)</a>,
47: <a href="https://man.openbsd.org/file.1">file(1)</a>,
48: <a href="https://man.openbsd.org/httpd.8">httpd(8)</a>,
49: <a href="https://man.openbsd.org/iked.8">iked(8)</a>,
50: <a href="https://man.openbsd.org/ldapd.8">ldapd(8)</a>,
51: <a href="https://man.openbsd.org/ldpd.8">ldpd(8)</a>,
52: <a href="https://man.openbsd.org/mountd.8">mountd(8)</a>,
53: <a href="https://man.openbsd.org/npppd.8">npppd(8)</a>,
54: <a href="https://man.openbsd.org/ntpd.8">ntpd(8)</a>,
55: <a href="https://man.openbsd.org/ospfd.8">ospfd(8)</a>,
56: <a href="https://man.openbsd.org/ospf6d.8">ospf6d(8)</a>,
57: <a href="https://man.openbsd.org/pflogd.8">pflogd(8)</a>,
58: <a href="https://man.openbsd.org/radiusd.8">radiusd(8)</a>,
59: <a href="https://man.openbsd.org/relayd.8">relayd(8)</a>,
60: <a href="https://man.openbsd.org/ripd.8">ripd(8)</a>,
61: <a href="https://man.openbsd.org/script.1">script(1)</a>,
62: <a href="https://man.openbsd.org/smtpd.8">smtpd(8)</a>,
63: <a href="https://man.openbsd.org/syslogd.8">syslogd(8)</a>,
64: <a href="https://man.openbsd.org/tcpdump.8">tcpdump(8)</a>,
65: <a href="https://man.openbsd.org/tmux.1">tmux(1)</a>,
66: <a href="https://man.openbsd.org/xconsole.1">xconsole(1)</a>,
67: <a href="https://man.openbsd.org/xdm.1">xdm(1)</a>,
68: <a href="https://man.openbsd.org/Xserver.1">Xserver(1)</a>,
69: <a href="https://man.openbsd.org/ypldap.8">ypldap(8)</a>,
70: <a href="https://man.openbsd.org/pkg_add.1">pkg_add(1)</a>,
71: etc.
72: <li><strong>Privilege revocation</strong>:
73: Related to the work on privilege separation, some programs were refactored
74: to drop privileges while holding onto a tricky resource such as a raw socket,
75: reserved port, or modification-locked bpf(4) descriptor,
76: for example
77: <a href="https://man.openbsd.org/ping.8">ping(8)</a>,
78: <a href="https://man.openbsd.org/traceroute.8">traceroute(8)</a>,
79: etc.
80: <li><strong>Stack protector</strong>:
81: Developed since 2001 as "propolice" by Hiroaki Etoh. Integrated, and
82: implemented for additional hardware platforms, by Miod Vallat and Theo
83: de Raadt. OpenBSD 3.3 was the first operating system to enable it
84: systemwide by default.
85: <li><strong>W^X</strong>:
86: First used for sparc, sparc64, alpha, and hppa in OpenBSD 3.3.
87: Strictly enforced by default since OpenBSD 6.0: a program can only
88: violate it if the executable is marked with <code>PT_OPENBSD_WXNEEDED</code>
89: and it is located on a filesystem mounted with the <code>wxallowed</code>
90: <a href="https://man.openbsd.org/mount.8">mount(8)</a> option.
91: <li><strong>GOT and PLT protection</strong> by ld.so:
92: first done as part of the W^X work in OpenBSD 3.3, by Dale Rahn and
93: Theo de Raadt. The GOT and PLT regions are read-only outside of ld.so
94: itself. Extended to the .init/.fini sections (constructors and
95: destructors) in OpenBSD 3.4.
96: <li><strong>ASLR</strong>:
97: OpenBSD 3.4 was the first widely used operating system to
98: provide it by default.
99: <li><a href="https://man.openbsd.org/gcc-local.1">gcc-local(1)</a>
100: __attribute__((__bounded__)) static analysis annotation
101: and checking mechanism:
102: Started by Anil Madhavapeddy on June 26, 2003
103: and ported to GCC 4 by Nicholas Marriott.
104: First released with OpenBSD 3.4.
105: <li><a href="https://man.openbsd.org/malloc.3">malloc(3)</a>
106: randomization implemented by Thierry Deval. Guard pages and randomized (delayed) free added by Ted Unangst.
107: Reimplemented by <a href="papers/eurobsdcon2009/otto-malloc.pdf">Otto Moerbeek</a>
108: for OpenBSD 4.4.
109: <li><strong>Position-independent executables (PIE)</strong>:
110: OpenBSD 5.3 was the first widely used operating system to enable it
111: globally by default, on seven hardware platforms.
112: Implemented in November 2008 by
113: <a href="https://www.openbsd.org/papers/nycbsdcon08-pie/">Kurt Miller</a>
114: and enabled by default by
115: <a href="https://www.openbsd.org/papers/asiabsdcon2015-pie-slides.pdf">Pascal Stumpf</a>
116: in August 2012.
117: <li><strong>Random-data memory</strong>:
118: the ability to specify that a variable should be initialized
1.68 deraadt 119: at load time with random byte values (placed into a new ELF
120: <b>.openbsd.randomdata</b> section) was implemented in
121: OpenBSD 5.3 by Matthew Dempsky.
1.78 deraadt 122: <li><strong>Stack protector per shared object</strong>:
123: using the random-data memory feature, each shared object was given its
124: own stack protector cookie in OpenBSD 5.3 by Matthew Dempsky.
125: <li><strong>Static-PIE</strong>:
126: Position-independent static binaries for /bin, /sbin and ramdisks.
127: Implemented for OpenBSD 5.7 by Kurt Miller and Mark Kettenis.
128: <li><strong>SROP</strong>
129: (<a href="https://man.openbsd.org/sigreturn.2">sigreturn(2)</a>
130: oriented programming) mitigation: attacks researched by
131: <a href="http://www.cs.vu.nl/~herbertb/papers/srop_sp14.pdf">Eric Bosman</a>
1.81 deraadt 132: and Herbert Bos in 2014, solution implemented by Theo de Raadt in May 2016,
1.78 deraadt 133: enabled by default since OpenBSD 6.0.
134: <li><strong>Library order randomization</strong>:
135: In <a href="https://man.openbsd.org/rc.8">rc(8)</a>, re-link
136: <code>libc.so</code>, <code>libcrypto</code>, and <code>ld.so</code>
137: on startup, placing the objects in a random order.
138: Theo de Raadt and Robert Peichaer, May 2016,
139: enabled by default since OpenBSD 6.0 and 6.2.
140: <li>Kernel-assisted lazy-binding for W^X safety in multi-threaded programs.
141: A new syscall <a href="https://man.openbsd.org/kbind.2">kbind(2)</a>
142: permits lazy-binding to be W^X safe in multi-threaded programs.
143: Implemented for OpenBSD 5.9 by Philip Guenther in July 2015.
144: <li>Process layouts in memory tightened to remove execute permission from
145: all segmented, non-instruction data and to remove write permission from
146: data that is only modified during loading and relocation.
147: By combining the RELRO (Read-Only after Relocation) design from the
148: GNU project with the original ASLR work from OpenBSD 3.3 and
149: strict lazy-binding work from OpenBSD 5.9, this is applied to not
150: just a subset of programs and libraries but rather to all programs
151: and libraries.
152: Implemented for OpenBSD 6.1 by Philip Guenther in August 2016.
153: <li>Use of <strong>fork+exec in privilege separated programs</strong>. The
154: strategy is to give each process a fresh & unique address space for
155: ASLR, stack protector -- as protection against address space discovery attacks.
156: Implemented first by
157: Damien Miller (<a href="https://man.openbsd.org/sshd.8">sshd(8)</a> 2004),
158: Claudio Jeker (<a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>, 2015),
159: Eric Faurot (<a href="https://man.openbsd.org/smtpd.8">smtpd(8)</a>, 2016),
160: Rafael Zalamena (various, 2016), and others.
161: <li><strong>trapsleds</strong>:
162: Reduction of incidental NOP instructions/sequences in the instruction
163: stream which could be useful potentially for ROP attack methods to
164: innaccurately target gadgets. These NOP sequences are converted into
165: trap sequences where possible. Todd Mortimer and Theo de Raadt, June
166: 2017.
1.81 deraadt 167: <li><strong>Kernel relinking at boot</strong>:
1.78 deraadt 168: the .o files of the kernel are relinked in random order from a
169: link-kit, before every reboot. This provides substantial interior
170: randomization in the kernel's text and data segments for layout and
171: relative branches/calls. Basically a unique address space for each
172: kernel boot, similar to the userland fork+exec model described above
173: but for the kernel. Theo de Raadt, June 2017.
1.61 deraadt 174: <li>
1.81 deraadt 175: Rearranged i386/amd64 register allocator order in
1.61 deraadt 176: <a href="https://man.openbsd.org/clang.1">clang(1)</a>
177: to reduce polymorphic RET instructions:
178: Todd Mortimer, November 20, 2017.
1.64 deraadt 179: <li>
1.72 mortimer 180: Reencoding of i386/amd64 instruction sequences to avoid
181: embedded polymorphic RET instructions. Enhancements to
182: <a href="https://man.openbsd.org/clang.1">clang(1)</a>
183: Todd Mortimer, April 28, 2018 and onwards.
1.81 deraadt 184: <li><b>MAP_STACK</b> addition to
1.64 deraadt 185: <a href="https://man.openbsd.org/mmap.2">mmap(2)</a>
186: allows opportunistic verification that the stack-register
187: points at stack memory, therefore catching pivots to non-stack
188: memory (sometimes used in ROP attacks).
189: Theo de Raadt, April 12, 2018.
1.78 deraadt 190: <li><b>RETGUARD</b> is a replacement for the <b>stack-protector</b>
191: which uses a per-function random cookie (located in the read-only ELF
192: <b>.openbsd.randomdata</b> section) to consistency-check the
193: return address on the stack. Implemented for AMD64 and ARM64
1.83 mortimer 194: by Todd Mortimer in OpenBSD 6.4, and for Octeon in OpenBSD 6.7.
1.81 deraadt 195: <li><b>MAP_CONCEAL</b> addition to
1.76 otto 196: <a href="https://man.openbsd.org/mmap.2">mmap(2)</a>
197: disallows memory pages to be written to core dumps, preventing
198: accidental exposure of private information.
199: Theo de Raadt, Mark Kettenis and Scott Soule Cheloha,
200: February 2, 2019.
1.79 deraadt 201: <li>Similar to the opportunistic verification in <b>MAP_STACK</b>,
202: system-calls can no longer be performed from PROT_WRITE memory.
203: Theo de Raadt, June 2, 2019.
1.85 deraadt 204: <li>System calls may only be performed from selected code regions
205: (main program, ld.so, libc.so, and sigtramp).
206: Theo de Raadt, November 28, 2019.
1.17 mlarkin 207: </ul>
1.1 schwarze 208:
1.59 job 209: <h3>Functions</h3>
1.1 schwarze 210:
211: <ul>
1.78 deraadt 212: <li><a href="https://man.openbsd.org/issetugid.2">issetugid(2)</a>:
213: Theo de Raadt, August 25, 1996, OpenBSD 2.0
214: <li><a href="https://man.openbsd.org/arc4random.3">arc4random(3)</a>:
215: David Mazieres, December 28, 1996, OpenBSD 2.1
216: <li><a href="https://man.openbsd.org/bcrypt.3">bcrypt(3)</a>:
217: Implemented by <a href="https://www.usenix.org/legacy/events/usenix99/provos/provos_html/node1.html">Niels Provos and David Mazieres</a>
218: Imported February 13, 1997 and first released with OpenBSD 2.1.
219: <li><a href="https://man.openbsd.org/strlcpy.3">strlcpy(3)</a>,
220: <a href="https://man.openbsd.org/strlcat.3">strlcat(3)</a>:
221: Todd Miller and Theo de Raadt, July 1, 1998, OpenBSD 2.4
222: <li><a href="https://man.openbsd.org/strtonum.3">strtonum(3)</a>:
223: Ted Unangst, Todd Miller, and Theo de Raadt, May 3, 2004, OpenBSD 3.6
224: <li><a href="https://man.openbsd.org/imsg_init.3">imsg</a>:
225: Message passing API, written by Henning Brauer.
226: In libutil since May 26, 2010, OpenBSD 4.8;
227: used by various daemons before that.
228: <li><a href="https://man.openbsd.org/timingsafe_bcmp.3">timingsafe_bcmp(3)</a>:
229: Damien Miller, July 13, 2010, OpenBSD 4.9
230: <li><a href="https://man.openbsd.org/explicit_bzero.3">explicit_bzero(3)</a>:
231: Ted Unangst and Matthew Dempsky, January 22, 2014, OpenBSD 5.5
232: <li><a href="https://man.openbsd.org/ohash_init.3">ohash</a>:
233: Written and maintained by Marc Espie.
234: In libutil since May 12, 2014, OpenBSD 5.6;
235: used by make(1) and m4(1) before that.
236: <li><a href="https://man.openbsd.org/asr_run.3">asr</a>:
237: Replacement resolver written and maintained by Eric Faurot.
238: Imported April 14, 2012; activated on March 26, 2014, OpenBSD 5.6.
239: <li><a href="https://man.openbsd.org/reallocarray.3">reallocarray(3)</a>:
240: Theo de Raadt and Ted Unangst, April 22, 2014, OpenBSD 5.6
241: <li><a href="https://man.openbsd.org/getentropy.2">getentropy(2)</a>:
242: Matthew Dempsky and Theo de Raadt, June 13, 2014, OpenBSD 5.6
243: <li><a href="https://man.openbsd.org/sendsyslog.2">sendsyslog(2)</a>:
244: Theo de Raadt, July 10, 2014, OpenBSD 5.6
245: <li><a href="https://man.openbsd.org/timingsafe_memcmp.3">timingsafe_memcmp(3)</a>:
246: Matthew Dempsky, July 13, 2014, OpenBSD 5.6
247: <li><a href="https://man.openbsd.org/pledge.2">pledge(2)</a>:
248: Theo de Raadt, July 19, 2015, OpenBSD 5.9
249: <li><a href="https://man.openbsd.org/getpwnam_shadow.3">getpwnam_shadow(3)</a>,
250: <a href="https://man.openbsd.org/getpwuid_shadow.3">getpwuid_shadow(3)</a>:
251: Ted Unangst and Theo de Raadt, November 18, 2015, OpenBSD 5.9
252: <li><a href="https://man.openbsd.org/recallocarray.3">recallocarray(3)</a>:
253: Otto Moerbeek, Joel Sing and Theo de Raadt, March 6, 2017, OpenBSD 6.1
254: <li><a href="https://man.openbsd.org/freezero.3">freezero(3)</a>:
255: Otto Moerbeek, April 10, 2017, OpenBSD 6.2
256: <li><a href="https://man.openbsd.org/unveil.2">unveil(2)</a>:
257: Theo de Raadt and Bob Beck, July 13, 2018, OpenBSD 6.4
258: <li><a href="https://man.openbsd.org/malloc_conceal.3">malloc_conceal(3)</a>
1.76 otto 259: and
1.78 deraadt 260: <a href="https://man.openbsd.org/calloc_conceal.3">calloc_conceal(3)</a>:
261: Otto Moerbeek, May 10, 2019, OpenBSD 6.5
1.82 schwarze 262: <li><a href=https://man.openbsd.org/ber_read_elements.3>ber</a>:
263: ASN.1 basic encoding rules API, written by Claudio Jeker and
264: Reyk Flöter, maintained by Rob Pierce and Martijn van Duren;
265: started in 2006/07, moved to libutil on May 11, 2019, OpenBSD 6.6
1.16 deraadt 266: </ul>
267:
1.59 job 268:
269: <h3>Programs and subsystems</h3>
1.16 deraadt 270:
271: <ul>
1.78 deraadt 272: <li><a href="https://man.openbsd.org/ypbind.8">ypbind(8)</a>,
273: <a href="https://man.openbsd.org/ypset.8">ypset(8)</a>,
274: <a href="https://man.openbsd.org/ypcat.1">ypcat(1)</a>,
275: <a href="https://man.openbsd.org/ypmatch.1">ypmatch(1)</a>,
276: <a href="https://man.openbsd.org/ypwhich.1">ypwhich(1)</a>,
277: and libc support: Started by Theo de Raadt.
278: Imported April 26, 1993 and first released with NetBSD 0.9.
279: <li><a href="https://man.openbsd.org/ypserv.8">ypserv(8)</a>:
280: Started by Mats O. Jansson in 1994.
281: Imported October 23, 1995 and first released with OpenBSD 2.0.
282: <li><a href="https://man.openbsd.org/mopd.8">mopd(8)</a>:
283: Started by Mats O. Jansson in 1993.
284: Imported September 21, 1996 and first released with OpenBSD 2.0.
285: <li><a href="anoncvs.html">AnonCVS</a>:
286: Designed and implemented by Chuck Cranor and Theo de Raadt in 1995
287: (<a href="papers/anoncvs-paper.pdf">paper</a>,
288: <a href="papers/anoncvs-slides.pdf">slides</a>)
289: <li><a href="https://man.openbsd.org/aucat.1">aucat(1)</a>:
290: Started by Kenneth Stailey.
291: Imported January 2, 1997 and first released with OpenBSD 2.1.
292: Now maintained by Alexandre Ratchov.
293: <li><a href="https://www.openssh.com/">OpenSSH</a>
294: including <a href="https://man.openbsd.org/ssh.1">ssh(1)</a>,
295: <a href="https://man.openbsd.org/scp.1">scp(1)</a>,
296: <a href="https://man.openbsd.org/sftp.1">sftp(1)</a>,
297: <a href="https://man.openbsd.org/ssh-add.1">ssh-add(1)</a>,
298: <a href="https://man.openbsd.org/ssh-agent.1">ssh-agent(1)</a>,
299: <a href="https://man.openbsd.org/ssh-keygen.1">ssh-keygen(1)</a>,
300: <a href="https://man.openbsd.org/sshd.8">sshd(8)</a>,
301: <a href="https://man.openbsd.org/sftp-server.8">sftp-server(8)</a>:
302: Started by Aaron Campbell, Bob Beck, Dug Song, Markus Friedl,
303: Niels Provos, and Theo de Raadt
304: as a fork of SSH 1.2.12 by Tatu Ylonen.
305: Imported September 26, 1999 and first released with OpenBSD 2.6.
306: Now maintained by Markus Friedl, Damien Miller, Darren Tucker, and
307: Theo de Raadt.
308: <li><a href="https://man.openbsd.org/mg.1">mg(1)</a>:
309: Started by Dave Conroy in November 1986.
310: Imported February 25, 2000 and first released with OpenBSD 2.7.
311: Now maintained by Mark Lumsden.
312: <li><a href="https://man.openbsd.org/m4.1">m4(1)</a>:
313: Originally implemented by Ozan Yigit and Richard A. O'Keefe for 4.3BSD-Reno.
314: Considerably extended and maintained by Marc Espie since 1999.
315: <li><a href="https://man.openbsd.org/pf.4">pf(4)</a>,
316: <a href="https://man.openbsd.org/pfctl.8">pfctl(8)</a>,
317: <a href="https://man.openbsd.org/pflogd.8">pflogd(8)</a>,
318: <a href="https://man.openbsd.org/authpf.8">authpf(8)</a>,
319: <a href="https://man.openbsd.org/ftp-proxy.8">ftp-proxy(8)</a>:
320: Started by Daniel Hartmeier as a replacement for the non-free ipf by
321: Darren Reed. Imported June 24, 2001 and first released with OpenBSD
322: 3.0. Now maintained by Henning Brauer.
323: <li><a href="https://man.openbsd.org/OpenBSD-5.9/systrace.4">systrace(4)</a>,
324: <a href="https://man.openbsd.org/OpenBSD-5.9/systrace.1">systrace(1)</a>:
325: Started by Niels Provos.
326: Imported June 4, 2002 and first released with OpenBSD 3.2.
327: Deleted after OpenBSD 5.9 because
328: <a href="https://man.openbsd.org/pledge.2">pledge(2)</a> is even better.
329: <li><a href="https://man.openbsd.org/spamd.8">spamd(8)</a>:
330: Written by Bob Beck. Imported December 21, 2002 and first released with
331: OpenBSD 3.3.
332: <li><a href="https://man.openbsd.org/dc.1">dc(1)</a>:
333: Written and maintained by Otto Moerbeek.
334: Imported September 19, 2003 and first released with OpenBSD 3.5.
335: <li><a href="https://man.openbsd.org/bc.1">bc(1)</a>:
336: Written and maintained by Otto Moerbeek.
337: Imported September 25, 2003 and first released with OpenBSD 3.5.
338: <li><a href="https://man.openbsd.org/sensorsd.8">sensorsd(8)</a>:
339: Started by Henning Brauer.
340: Imported September 24, 2003 and first released with OpenBSD 3.5.
341: Reworked by Constantine A. Murenin.
342: <li><a href="https://man.openbsd.org/pkg_add.1">pkg_add(1)</a>:
343: Written and maintained by Marc Espie.
344: Imported October 16, 2003 and first released with OpenBSD 3.5.
345: <li><a href="https://man.openbsd.org/carp.4">carp(4)</a>:
346: Written by Mickey Shalayeff, Markus Friedl, Marco Pfatschbacher,
347: and Ryan McBride.
348: Imported October 17, 2003 and first released with OpenBSD 3.5.
349: <li><a href="http://www.openbgpd.org/">OpenBGPD</a>
350: including <a href="https://man.openbsd.org/bgpd.8">bgpd(8)</a>
351: and <a href="https://man.openbsd.org/bgpctl.8">bgpctl(8)</a>:
352: Written and maintained by Henning Brauer and Claudio Jeker,
353: and also maintained by Peter Hessler.
354: Imported December 17, 2003 and first released with OpenBSD 3.5.
355: <li><a href="https://man.openbsd.org/dhclient.8">dhclient(8)</a>:
356: Started by Ted Lemon and Elliot Poger in 1996.
357: Imported January 18, 2004 and first released with OpenBSD 3.5.
358: Reworked by Henning Brauer.
359: Now maintained by Kenneth Westerback.
360: <li><a href="https://man.openbsd.org/dhcpd.8">dhcpd(8)</a>:
361: Started by Ted Lemon in 1995.
362: Imported April 13, 2004 and first released with OpenBSD 3.6.
363: Reworked by Henning Brauer.
364: Now maintained by Kenneth Westerback.
365: <li><a href="https://man.openbsd.org/hotplugd.8">hotplugd(8)</a>:
366: Started by Alexander Yurchenko.
367: Imported May 30, 2004 and first released with OpenBSD 3.6.
368: <li><a href="http://www.openntpd.org/">OpenNTPD</a>
369: including <a href="https://man.openbsd.org/ntpd.8">ntpd(8)</a>
370: and <a href="https://man.openbsd.org/ntpctl.8">ntpctl(8)</a>:
371: Written and maintained by Henning Brauer.
372: Imported May 31, 2004 and first released with OpenBSD 3.6.
373: Portable version maintained by Brent Cook.
374: <li><a href="https://man.openbsd.org/dpb.1">dpb(1)</a>:
375: Started by Nikolay Sturm on August 10, 2004; first available for OpenBSD 3.6.
376: Rewritten and maintained by Marc Espie since August 20, 2010.
377: <li><a href="https://man.openbsd.org/ospfd.8">ospfd(8)</a>,
378: <a href="https://man.openbsd.org/ospfctl.8">ospfctl(8)</a>:
379: Started by Esben Norby and Claudio Jeker.
380: Imported January 28, 2005 and first released with OpenBSD 3.7.
381: <li><a href="https://man.openbsd.org/ifstated.8">ifstated(8)</a>:
382: Started by Marco Pfatschbacher and Ryan McBride.
383: Imported January 23, 2004 and first released with OpenBSD 3.8.
384: <li><a href="https://man.openbsd.org/bioctl.8">bioctl(8)</a>:
385: Started by Marco Peereboom.
386: Imported March 29, 2005 and first released with OpenBSD 3.8.
387: <li><a href="https://man.openbsd.org/hostapd.8">hostapd(8)</a>:
388: Written and maintained by Reyk Floeter.
389: Imported May 26, 2005 and first released with OpenBSD 3.8.
390: <li><a href="https://man.openbsd.org/watchdogd.8">watchdogd(8)</a>:
391: Started by Marc Balmer.
392: Imported August 8, 2005 and first released with OpenBSD 3.8.
393: <li><a href="https://man.openbsd.org/sdiff.1">sdiff(1)</a>:
394: Written by Ray Lai.
395: Imported December 27, 2005 and first released with OpenBSD 3.9.
396: <li><a href="https://man.openbsd.org/dvmrpd.8">dvmrpd(8)</a>,
397: <a href="https://man.openbsd.org/dvmrpctl.8">dvmrpctl(8)</a>:
398: Started by Esben Norby.
399: Imported June 1, 2006 and first released with OpenBSD 4.0.
400: <li><a href="https://man.openbsd.org/ripd.8">ripd(8)</a>,
401: <a href="https://man.openbsd.org/ripctl.8">ripctl(8)</a>:
402: Started by Michele Marchetto.
403: Imported October 18, 2006 and first released with OpenBSD 4.1.
404: <li><a href="https://man.openbsd.org/pkg-config.1">pkg-config(1)</a>:
405: Started by Chris Kuethe and Marc Espie.
406: Imported November 27, 2006 and first released with OpenBSD 4.1.
407: Now maintained by Jasper Lievisse Adriaanse.
408: <li><a href="https://man.openbsd.org/relayd.8">relayd(8)</a>
409: with <a href="https://man.openbsd.org/relayctl.8">relayctl(8)</a>:
410: Started by Pierre-Yves Ritschard and Reyk Floeter.
411: Imported December 16, 2006 and first released with OpenBSD 4.1.
412: Now maintained by Reyk Floeter and Sebastian Benoit.<br/>
413: <li><a href="https://man.openbsd.org/cwm.1">cwm(1)</a>:
414: Started by <a href="http://monkey.org/~marius/cwm/README">Marius
415: Aamodt Eriksen</A> in 2004.
416: Imported April 27, 2007 and first released with OpenBSD 4.2.
417: Now maintained by Okan Demirmen.
418: <a href="https://github.com/chneukirchen/cwm">Portable version</a>
419: maintained by Leah Neukirchen.
420: <li><a href="https://man.openbsd.org/ospf6d.8">ospf6d(8)</a>,
421: <a href="https://man.openbsd.org/ospf6ctl.8">ospf6ctl(8)</a>:
422: Started by Esben Norby and Claudio Jeker.
423: Imported October 8, 2007 and first released with OpenBSD 4.2.
424: <li><a href="https://man.openbsd.org/libtool.1">libtool(1)</a>:
425: Written by Steven Mestdagh and Marc Espie.
426: Imported October 28, 2007 and first available for OpenBSD 4.3.
427: Now maintained by Marc Espie, Jasper Lievisse Adriaanse,
428: and Antoine Jacoutot.
429: <li><a href="https://man.openbsd.org/snmpd.8">snmpd(8)</a>,
430: <a href="https://man.openbsd.org/snmpctl.8">snmpctl(8)</a>:
431: Started by Reyk Floeter.
432: Imported December 5, 2007 and first released with OpenBSD 4.3.
433: Maintained by Reyk Floeter and Bret Lambert.
434: <li><a href="https://man.openbsd.org/sysmerge.8">sysmerge(8)</a>:
435: Written and maintained by Antoine Jacoutot,
436: originally forked from mergemaster by Douglas Barton.
437: Imported April 22, 2008, first released with OpenBSD 4.4.
438: <li><a href="https://man.openbsd.org/ypldap.8">ypldap(8)</a>:
439: Started by Pierre-Yves Ritschard.
440: Imported June 26, 2008 and first released with OpenBSD 4.4.
441: <li><a href="https://www.opensmtpd.org/">OpenSMTPD</a>
442: including <a href="https://man.openbsd.org/smtpd.8">smtpd(8)</a>,
443: <a href="https://man.openbsd.org/smtpctl.8">smtpctl(8)</a>,
444: <a href="https://man.openbsd.org/makemap.8">makemap(8)</a>:
445: Started by Gilles Chehade.
446: Imported November 1, 2008 and first released with OpenBSD 4.6.
447: Now maintained by Gilles Chehade and Eric Faurot.
448: <li><a href="http://tmux.github.io/">tmux</a>,
449: <a href="https://man.openbsd.org/tmux.1">tmux(1)</a>:
450: Started in 2007 and maintained by Nicholas Marriott.
451: Imported June 1, 2009, first released with OpenBSD 4.6.
452: <li><a href="https://man.openbsd.org/ldpd.8">ldpd(8)</a>,
453: <a href="https://man.openbsd.org/ldpctl.8">ldpctl(8)</a>:
454: Started by Michele Marchetto.
455: Imported June 1, 2009 and first released with OpenBSD 4.6.
456: Now maintained by Claudio Jeker.
457: <li><a href="http://mdocml.bsd.lv/">mandoc</a>
458: including <a href="https://man.openbsd.org/mandoc.1">mandoc(1)</a>,
459: <a href="https://man.openbsd.org/man.1">man(1)</a>,
460: <a href="https://man.openbsd.org/apropos.1">apropos(1)</a>,
461: <a href="https://man.openbsd.org/makewhatis.8">makewhatis(8)</a>,
462: <a href="https://man.openbsd.org/man.cgi.8">man.cgi(8)</a>:
463: Started by Kristaps Dzonsons in November 2008.
464: Imported April 6, 2009, first released with OpenBSD 4.8.
465: Now maintained by Ingo Schwarze.
466: <li><a href="https://man.openbsd.org/ldapd.8">ldapd(8)</a>,
467: <a href="https://man.openbsd.org/ldapctl.8">ldapctl(8)</a>:
468: Written by Martin Hedenfalk.
469: Imported May 31, 2010 and first released with OpenBSD 4.8.
470: <li><a href="http://www.openiked.org/">OpenIKED</a>
471: including <a href="https://man.openbsd.org/iked.8">iked(8)</a>
472: and <a href="https://man.openbsd.org/ikectl.8">ikectl(8)</a>:
473: Started by Reyk Floeter.
474: Imported June 3, 2010 and first released with OpenBSD 4.8.
475: Now maintained by Reyk Floeter and Mike Belopuhov.
476: <li><a href="https://man.openbsd.org/iscsid.8">iscsid(8)</a>,
477: <a href="https://man.openbsd.org/iscsictl.8">iscsictl(8)</a>:
478: Written and maintained by Claudio Jeker.
479: Imported September 24, 2010 and first released with OpenBSD 4.9.
480: <li><a href="https://man.openbsd.org/rc.d.8">rc.d(8)</a>,
481: <a href="https://man.openbsd.org/rc.subr.8">rc.subr(8)</a>:
482: Written and maintained by Robert Nagy and Antoine Jacoutot.
483: Imported October 26, 2010 and first released with OpenBSD 4.9.
484: <li><a href="https://man.openbsd.org/tftpd.8">tftpd(8)</a>:
485: Written and maintained by David Gwynne.
486: Imported March 2, 2012 and first released with OpenBSD 5.2.
487: <li><a href="https://man.openbsd.org/npppd.8">npppd(8)</a>,
488: <a href="https://man.openbsd.org/npppctl.8">npppctl(8)</a>:
489: Started by Internet Initiative Japan Inc.
490: Imported January 11, 2010, first released with OpenBSD 5.3.
491: Maintained by YASUOKA Masahiko.
492: <li><a href="https://man.openbsd.org/ldomd.8">ldomd(8)</a>,
493: <a href="https://man.openbsd.org/ldomctl.8">ldomctl(8)</a>:
494: Written and maintained by Mark Kettenis.
495: Imported October 26, 2012 and first released with OpenBSD 5.3.
496: <li><a href="https://man.openbsd.org/sndiod.8">sndiod(8)</a>:
497: Written and maintained by Alexandre Ratchov.
498: Imported November 23, 2012 and first released with OpenBSD 5.3.
499: <li><a href="https://man.openbsd.org/cu.1">cu(1)</a>:
500: Written and maintained by Nicholas Marriott.
501: Imported July 10, 2012 and first released with OpenBSD 5.4.
502: <li><a href="https://man.openbsd.org/identd.8">identd(8)</a>:
503: Written and maintained by David Gwynne.
504: Imported March 18, 2013 and first released with OpenBSD 5.4.
505: <li><a href="https://man.openbsd.org/slowcgi.8">slowcgi(8)</a>:
506: Written and maintained by Florian Obser.
507: Imported May 23, 2013 and first released with OpenBSD 5.4.
508: <li><a href="https://man.openbsd.org/signify.1">signify(1)</a>:
509: Written and maintained by <a href="http://www.tedunangst.com/flak/post/signify">Ted Unangst</a>.
510: Imported December 31, 2013 and first released with OpenBSD 5.5.
511: <li><a href="https://man.openbsd.org/htpasswd.1">htpasswd(1)</a>:
512: Written and maintained by Florian Obser.
513: Imported March 17, 2014 and first released with OpenBSD 5.6.
514: <li><a href="https://www.libressl.org/">LibreSSL</a>:
515: Started by Ted Unangst, Bob Beck, Joel Sing, Miod Vallat, Philip Guenther,
516: and Theo de Raadt on April 13, 2014, as a fork of OpenSSL 1.0.1g.
517: First released with OpenBSD 5.6.
518: Portable version maintained by Brent Cook.
519: <li><a href="https://man.openbsd.org/httpd.8">httpd(8)</a>:
520: Started by Reyk Floeter.
521: Imported July 12, 2014 and first released with OpenBSD 5.6.
522: Maintained by Reyk Floeter and Florian Obser.
523: <li><a href="https://man.openbsd.org/rcctl.8">rcctl(8)</a>:
524: Written and maintained by Antoine Jacoutot.
525: Imported August 19, 2014 and first released with OpenBSD 5.7.
526: <li><a href="https://man.openbsd.org/file.1">file(1)</a>:
527: Rewritten from scratch and maintained by Nicholas Marriott.
528: Imported April 24, 2015 and first released with OpenBSD 5.8.
529: <li><a href="https://man.openbsd.org/doas.1">doas(1)</a>:
530: Written and maintained by Ted Unangst.
531: Imported July 16, 2015 and first released with OpenBSD 5.8.
532: <li><a href="https://man.openbsd.org/radiusd.8">radiusd(8)</a>:
533: Written and maintained by YASUOKA Masahiko.
534: Imported July 21, 2015 and first released with OpenBSD 5.8.
535: <li><a href="https://man.openbsd.org/eigrpd.8">eigrpd(8)</a>,
536: <a href="https://man.openbsd.org/eigrpctl.8">eigrpctl(8)</a>:
537: Written and maintained by Renato Westphal.
538: Imported October 2, 2015 and first released with OpenBSD 5.9.
539: <li><a href="https://man.openbsd.org/vmm.4">vmm(4)</a>,
540: <a href="https://man.openbsd.org/vmd.8">vmd(8)</a>,
541: <a href="https://man.openbsd.org/vmctl.8">vmctl(8)</a>:
542: Written and maintained by Mike Larkin and Reyk Floeter.
543: Imported November 13, 2015 and first released with OpenBSD 5.9.
544: <li><a href="https://man.openbsd.org/pdisk.8">pdisk(8)</a>:
545: Originally written by Eryk Vershen in 1996-1998,
546: rewritten and maintained by Kenneth Westerback since January 11, 2016
547: and first released with OpenBSD 5.9.
548: <li><a href="https://man.openbsd.org/mknod.8">mknod(8)</a>:
549: Original version from Version 6 AT&T UNIX (1975),
550: last rewritten by Marc Espie on March 5, 2016
551: and first released with OpenBSD 6.0.
552: <li><a href="https://man.openbsd.org/audioctl.1">audioctl(1)</a>:
553: Originally written by Lennart Augustsson in 1997,
554: rewritten and maintained by Alexandre Ratchov since June 21, 2016
555: and first released with OpenBSD 6.0.
556: <li><a href="https://man.openbsd.org/switchd.8">switchd(8)</a>,
557: <a href="https://man.openbsd.org/switchctl.8">switchctl(8)</a>:
558: Written and maintained by Reyk Floeter.
559: Imported July 19, 2016; released with OpenBSD 6.1.
560: <li><a href="https://man.openbsd.org/acme-client.1">acme-client(1)</a>:
561: Written by Kristaps Dzonsons, imported August 31, 2016; released
562: with OpenBSD 6.1.
563: <li><a href="https://man.openbsd.org/syspatch.8">syspatch(8)</a>:
564: Written and maintained by Antoine Jacoutot.
565: Imported September 5, 2016; released with OpenBSD 6.1.
566: <li><a href="https://man.openbsd.org/ping.8">ping(8)</a>:
567: Restructured to include IPv6 functionality and maintained by Florian Obser.
568: The separate
1.81 deraadt 569: <a href="https://man.openbsd.org/OpenBSD-6.0/ping6.8">ping6(8)</a>
1.78 deraadt 570: was superseded on September 17, 2016,
571: and the new, combined version was released with OpenBSD 6.1.
572: <li><a href="https://man.openbsd.org/xenodm.1">xenodm(1)</a>:
573: Cleaned-up fork of
574: <a href="https://man.openbsd.org/OpenBSD-6.0/xdm.1">xdm(1)</a>
575: maintained by Matthieu Herrb.
576: Imported October 23, 2016; released with OpenBSD 6.1.
577: <li><a href="https://man.openbsd.org/ocspcheck.8">ocspcheck(8)</a>:
578: Written and maintained by Bob Beck.
579: Imported January 24, 2017; released with OpenBSD 6.1.
580: <li><a href="https://man.openbsd.org/slaacd.8">slaacd(8)</a>:
581: Written and maintained by Florian Obser.
582: Imported March 18, 2017; released with OpenBSD 6.2.
583: <li><a href="https://man.openbsd.org/rad.8">rad(8)</a>:
584: Written and maintained by Florian Obser.
585: Imported July 10, 2018; released with OpenBSD 6.4.
586: <li><a href="https://man.openbsd.org/unwind.8">unwind(8)</a>:
587: Written and maintained by Florian Obser.
588: Imported January 23, 2019; released with OpenBSD 6.5.
589: <li><a href="https://man.openbsd.org/openrsync.1">openrsync(1)</a>:
590: Written by Kristaps Dzonsons.
591: Imported February 10, 2019; released with OpenBSD 6.5.
1.82 schwarze 592: <li><a href="https://man.openbsd.org/sysupgrade.8">sysupgrade(8)</a>:
593: Written by Christian Weisgerber, Florian Obser, and Theo de Raadt.
594: Imported April 25, 2019; released with OpenBSD 6.6.
595: <li><a href="https://man.openbsd.org/snmp.1">snmp(1)</a>:
596: Written and maintained by Martijn van Duren.
597: Imported August 9, 2019; released with OpenBSD 6.6.
598: <li><a href="https://man.openbsd.org/rpki-client.8">rpki-client(8)</a>:
599: Written by Kristaps Dzonsons, maintained by Claudio Jeker.
600: Imported June 17, 2019; to be released with OpenBSD 6.7.
1.1 schwarze 601: </ul>
602:
1.11 deraadt 603: <h3>Projects maintained by OpenBSD developers outside OpenBSD</h3>
1.1 schwarze 604:
605: <ul>
1.78 deraadt 606: <li><a href="http://www.sudo.ws/">sudo</a>:
607: Started by Bob Coggeshall and Cliff Spencer around 1980.
608: Imported November 18, 1999, first released with OpenBSD 2.7.
609: Now maintained by Todd Miller.
610: <li><a href="http://bulabula.org/femail/">femail</a>:
611: Written and maintained by Henning Brauer.
612: Started in 2005, port available since September 22, 2005.
613: <li><a href="http://www.midish.org/">midish</a>:
614: Written and maintained by Alexandre Ratchov.
615: Started in 2003, port available since November 4, 2005.
616: <li><a href="https://github.com/nicm/fdm">fdm</a>:
617: Written and maintained by Nicholas Marriott.
618: Started in 2006, port available since January 18, 2007.
619: <li><a href="https://github.com/ajacoutot/toad/">toad</a>:
620: Written and maintained by Antoine Jacoutot.
621: Started in 2013, port available since October 8, 2013.
622: <li><a href="https://mandoc.bsd.lv/docbook2mdoc/">docbook2mdoc</a>:
623: Started by Kristaps Dzonsons in 2014, maintained by Ingo Schwarze.
624: Port available since April 3, 2014.
625: <li><a href="http://jasperla.github.io/portroach/">portroach</a>:
626: Written and maintained by Jasper Lievisse Adriaanse,
627: originally forked from FreeBSD's portscout.
628: Started in 2014, port available since September 5, 2014.
629: <li><a href="https://github.com/yasuoka/cvs2gitdump">cvs2gitdump</a>:
630: Written and maintained by YASUOKA Masahiko.
631: Started in 2012, port available since August 1, 2016.
1.84 stsp 632: <li><a href="https://gameoftrees.org">Game of Trees</a>:
633: Written and maintained by Stefan Sperling.
634: Started in 2017, port available since August 9, 2019.
1.1 schwarze 635: </ul>
![[BACK]](/icons/back.gif){kind=icon}
Return to innovations.html CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [local] / www