===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.920
retrieving revision 1.921
diff -u -r1.920 -r1.921
--- www/plus.html 2004/04/19 01:35:22 1.920
+++ www/plus.html 2004/04/26 17:33:31 1.921
@@ -55,11 +55,93 @@
We are working on OpenBSD-current.
-The following list sums up (almost) all the changes made up to April 16.
+The following list sums up (almost) all the changes made up to April 25.
-
+
+- Since isprint(3) doesn't consider all whitespace printable, also use isspace(3) for the binary file test in less(1).
+
- Fix float -> quad conversion in libc.
+
- Prettier outpub from bgpctl(8).
+
- Permit multiple default routes.
+
- A few more unionfs fixes.
+
- Respect access rights on a union filesystem (PR#745).
+
- Add a few pieces missed in the merge of OpenSSL 0.9.7d.
+
- Add input queue congestion flag support to a few interfaces that can't use the new IF_INPUT_ENQUEUE macro.
+
- Prevent an endless loop in pf(4) with 'route-to lo0' rules (PR#3736).
+
- Have authpf(8) run pfctl(8) to change the rulebase instead of sucking in code from pfctl and doing it itself.
+
- Set MINCLSIZE back to its smaller pre-KAME IPv6 value, so now clusters will be used more often.
+
- In pfsync(4), purge only a specific expired state instead of doing an expensive purge all expired states while running at a high spl(9).
+
- Make sure the local address and bgpd(8) neighbor address are of the same address family.
+
- Use '|' instead of ':' as the field separator for spamd(8) database keys, in preparation for future IPv6 support.
+
- Fix a potential null dereference in the ssl(3) application utility code.
+
+
- Give routed(8) a local copy of the radix tree code, so it doesn't get (re)broken by net/radix.c changes.
+
- Make ssl(3) S/MIME work again.
+
- Add 'neighbor cloning' to bgpd(8), allowing a configuration to be specified for a network/prefixlength pair as well as the peer IP address. The configuration is cloned for each new peer in the given address range.
+
+
- Some string cleaning in ddb(4).
+
- Fix a missing return statement in in bgpd(8)'s control connection error path.
+
- Add multipath support to the radix tree, allowing multiple routes to a single destination (though it won't actually get you anywhere just yet). From KAME.
+
- Send pfsync(4) packets for IPv6 protocols other than TCP, UDP and ICMP.
+
- Sync kernel radix tree code with 4.4BSD-Lite2 via NetBSD.
+
- Don't add a PF_GENERATED tag to pf(4) synproxy generated packets for the second handshake, so they can match rules (and create state) on another interface.
+
+
- Add a 'probability' modifier for pf(4) rules, setting the likelihood with which a rule will trigger.
+
- Greatly simplify inetd(8)'s hostname/address lookup code.
+
- Since OpenBSD has openpty(3), we may as well have telnetd(8) use it.
+
- Initial support for IPv6 transport in bgpd(8).
+
- Add spamd(8) config files to changelist(5) and /etc/mtree/special.
+
- Some additional TCP option length paranoia in pf(4)'s normaliser.
+
- Have netstat(1) display the new tcps.rcvacktooold statistic counter.
+
- Sync <tree.h> with Niels Provos' version to get rid of a compiler warning for RB_NEXT(3).
+
+
- Port the gcc2 bounds checking support to gcc3, enabled with -Wbounded (see gcc-local(1)).
+
- Add some CMSG_ macros to get proper alignment in portalfs. From NetBSD.
+
- In isakmpd(8), make sure the KEY_LENGTH attribute is present when checking AES proposals as this is required when acting as responder to SafeNet peers.
+
- Silence getopt(3) errors in the privileged tcpdump(8) process.
+
- Don't display rubbish on the first output line from vmstat(8), wait for the stats to stabilise.
+
+
- Fix the calculation of a raw IPv6 UDP packet's checksum.
+
- For dhcpd(8)'s ping probes, just use the pid for the ICMP id like ping(8) does, instead of some architecture-dependent wierdness.
+
+
- Merge in new Omron LUNA port (luna88k), based on OpenBSD/mvme88k, NetBSD/luna68k and CMU Mach.
+
- As with dhcrelay(8), set a write filter and lock the bpf(4) descriptor before privilege drop in dhcpd(8).
+
+
- Change pw_copy(3) to take the old entry as an additional parameter, allowing both a change of username and a check that the file hasn't changed since it was last read (fixes PR#3698). Adapted from FreeBSD.
+
- Set a write filter and lock dhcrelay(8)'s bpf(4) file descriptor before dropping privileges.
+
- Drop the port-changing options in dhcrelay(8) too, always use standard ports.
+
- New TCP stat counter tcps.rcvacktooold, counts the number of times we drop very old ACK packets when the sequence number isn't exactly right.
+
- Set the km_page allocator's low watermark to a value that allows the system to boot.
+
- Switch the build over to the new, improved dhcpd(8) and dhcrelay(8).
+
- Remove the -p (listen port) option of new dhcpd(8).
+
+
- Bump the default kern.maxclusters to a value high enough to deter all but the most determined tweakers.
+
- Remove the GATEWAY config(8) option now that both IP forwarding and mbuf cluster allocation are configurable using sysctl(3).
+
- Introduce a new sysctl(3) kern.maxclusters controlling (oddly enough) the maximum number of mbuf clusters. This deprecates the much-abused NMBCLUSTERS config(8) option.
+
- Use the km_page allocator as the backend for the mbuf and mbuf cluster pools.
+
- New km_page pool(9) allocator running in an interrupt-safe kernel thread (kmthread).
+
- Resource starvation checks for sockets:
+
+ - Check the level of mbuf(9) cluster utilisation when doing an accepting a listen socket, and fail if usage is greater than 95% of the hard limit.
+
- New API sbcheckreserve() returns ENOBUFS if more than 50% of mbuf(9) clusters are in use
+
- Use sbcheckreserve() when accepting a connection, and on setsockopt(2) for SO_SNDBUF and SND_RCVBUF, and allocate minimal buffers in in low-memory situations.
+
+ - Stop propolice tripping an assert in gcc3.
+
- Make spamd(8) display an error if it can't open the /var/db/spamd database for writing, and return a proper error code.
+
- Cure the angst in user(8) caused by the non-existence of the /nonexistent directory.
+
- Correct new dhcpd(8)'s handling of very long lease times (PR#2888).
+
- Fix a propolice bug in gcc(1) and unbreak MySQL (mysql bug id 1442).
+
+
- Have ssh(1) perform strict permission checks on ~/.ssh/config files and abort unless they're correct.
+
- If kernel ipsec(4) and/or ipcomp(4) processing is disabled by sysctl(3), pass any packets through as raw IP to give userland a chance to handle them.
+
- Sync the em(4) driver with FreeBSD.
+
- Tidy up usb(4) kernel configs in line with recent i386 changes.
+
- Restore siop(4)'s ability to detect SCSI options after the recent probe changes.
+
- Since dhcpd(8) can now be invoked legitimately without an interface, don't abort when the user doesn't give any options.
+
+
- New _tftpd user and group.
+
- Make sure m_pullup2(9) copies the M_CLUSTER flag when it creates a new mbuf (PR#3740).
- Have pf(4) block unconditionally when the input queue congestion flag is set, instead of doing CPU-intensive rule tests.
- If an interface input queue becomes full, set a new congestion flag in the queue structure. Since a full queue usually indicates processing overload, this flag can be used to allow other subsystems to cooperate in easing the situation.
@@ -269,7 +351,7 @@
www@openbsd.org
-
$OpenBSD: plus.html,v 1.920 2004/04/19 01:35:22 deraadt Exp $
+
$OpenBSD: plus.html,v 1.921 2004/04/26 17:33:31 deraadt Exp $