===================================================================
RCS file: /cvsrepo/anoncvs/cvs/www/plus.html,v
retrieving revision 1.796
retrieving revision 1.797
diff -u -r1.796 -r1.797
--- www/plus.html 2001/08/30 05:40:04 1.796
+++ www/plus.html 2001/09/04 01:59:07 1.797
@@ -53,18 +53,109 @@
We are working on OpenBSD-current.
+- New src compilation target: cross-env; prints all environment variables that need to be set for cross-building.
+
- Import usbhidctl(1), a userland program to manipulate USB HID devices.
+
- Import usb(3) library libusb for USB HID processing.
+
- Rename powerpc port to macppc, allowing for code sharing between different powerpc-based platforms.
+
- Inherit vlan(4) baudrate from parent.
+
- Various lpd(8) improvements and fixes.
- SECURITY FIX: fix buffer overflow reading queue file in lpd.
A source code patch is available.
[Applied to stable]
- - ...
+
- Plug memory leak in scp(1) and rcp(1).
+
- Avoid segfault in dhclient(8) when the server specifies its name.
+
- Support the ! operator in host paramater lists in pfctl(8).
+
- Send a reset request for every packet recieved by ppp(8) when the encryption dictionaries are out of sync.
+
- Make pf(4) support ISN randomization (aka. phase modulation).
+
- Store argc as a long on the stack as opposed to an int.
+
- Switch rijndael code to the optimized AES reference release.
+
- Have isakmpd(8) send DELETE notifications for all active SAs when shutting down.
+
- In sudo(8), apply default login class if unable to look one up.
+
- Support macro expansion in pf.conf(5).
+
- Work some magic on the installation scripts for floppies, shrinking them.
+
- Correct the setup of the initial tcp(4) state window in pf(4).
+
- Import pflogd(8), logging daemon that writes pf(4) logs in tcpdump(8) binary format.
- SECURITY FIX: fix out of bounds handling in sendmail debug handling
A source code patch is available.
[Applied to stable]
- - ...
+
- Repair ppp(8)'s iface-alias option.
+
- Fix rule flushing code in bridge(4) devices.
+
- Support ip6(4) in ppp(8); crude IPV6CP support; many other smaller changes.
+
- Enhance file-change detection in vipw(8) and crontab(1).
+
- Add per-rule statistics and byte counter to pf(4).
+
- Don't reset xl(1)'s Rx/Tx without first turning them back on after a suspend.
+
- Support paramater lists in pfctl(8).
+
- Be sure to pass the interface to ipip_input() in the net subsystem so it can be used in bpf(4).
+
- Import ftp-proxy(8), a transparent ftp proxy.
+
- Loosen tcp(4) state code in pf(4), allowing "stupid stacks to shotgun their SYNs and provide better handling for pre-existing connections".
+
- Initial import of sparc64 port; much subsequent development, too much to list.
+
- Add the possibility to add a random offset to the stack on exec(3).
+
- Make the siop(4) driver pay attention to quirks table, eliminating INQUIRY snooping and ifdef toggling.
+
- New -s switch for pwd_mkdb(8) to only update the secure .db file.
+
- -e switch for nm(1) to show extra symbol information.
+
- Delay locking the passwd file until we have gotten a new password from the user. Also play with the file locking routine.
+
- Attempt to recover from PCI aborts in the hifn(4) driver.
+
- Import keyconv, a small utility to convert between openssl(1) and DNSSEC key formats.
+
- Support trusted public RSA keys as files in isakmpd(8).
+
- Fix lengths for PFKEYv2 and KAME messages in IPv4-in-IPv6 and IPv6-in-IPv4 flows.
+
- Import popa3d(8), Solar Designer's POP3 daemon.
+
- The valiant vm_extern.h, vm_inherit.h, vm_map.h, and vm_pager.h files ride off into the sunset.
+
- pf(4) support for icmp(4) errors referring to icmp(4) queries/replies.
+
- Allow file flags in mtree(8).
+
- Don't compare the source address on packets to the one in SA when doing ipsec(4) processing.
+
- Repair rijndael block alignment.
+
- Unshare sigaction(2) signal handlers on exec(3).
+
- Merge altq(9) options into just "altq" for base + red + cbq, and enable it by default.
+
- Support the -h flag for ln(1) that prevents following a symlink to a directory.
+
- Many new timeouts for a wide variety of devices.
+
- Remove the IPCOMP option as it's now part of the IPSEC option.
+
- Rewrite signal(3) handlers in altqd(8) to be race-safe.
+
- Add support for RC4 operations in the hifn(4) driver.
+
- Don't free(3) unallocated memory in mailwrapper(8).
+
- Change tsleep(9) into an ltsleep wrapper. ltsleep takes one more argument than tsleep(9), a simplelock that it unlocks when safe.
+
- Let kerberosV compile entirely on platforms without shared libraries.
+
- Avoid /tmp race in rcs2log by using mktemp(1).
+
- Tweak timekeeping code in dd(1) to produce a sane bandwidth measure for a short runs.
+
- Enable the ESP and AH ipsec(4) protocols by default.
+
- Make kernel crash(8) dumps work under mvme68k.
+
- No longer drop packets when using an ACQUIRE policy and an error occurs when notifying key management.
+
- New getrrsetbyname(3) function to retrieve arbitrary DNS records.
+
- Support protocol version 2 in ssh-keyscan(1).
+
- Move xdm(1)'s PID file from xdm-pid to xdm.pid in /var/run, maintaining consistancy.
+
- Delay decision to make a new hash(3) table or not until after calling open(2), clearing up problems with file locking.
+
- vlan(4) changes: utilize IFCAP_VLAN_MTU and IFCAP_VLAN_HWTAGGING capabilities; LINK0 and MTU ambiguity are no more; MTU's can only be changed within the scope of the parent's MTU.
+
- Repair non-blocking mode issues in syslogd(8), avoiding grief with locked terminals.
+
- Make all cases of .Sh AUTHOR and .Sh EXAMPLE plural in manual pages.
+
- New sysctl(3) nkmempages that reports how many pages are in kmem_map.
+
- Support stateless tcp(4) normalization in pf(4).
+
- Import x99token(1), a software x99 token calculator.
+
- Add support for EDNS0 extended flag DNSSEC OK to the resolver(3) routines.
+
- Don't send a NUL on the end of CHAP SUCCESS packets in ppp(8) so that WindowsME and Windows98 won't mysteriously fail when encryption is enabled.
+
- Allocate uvm(9) page buckets from kernel_map, saving kmem_map space on machines with lots of physical memory.
+
- In ppp(8), compensate for a Windows 98 bug when sending a CHAP81 challenge response.
+
- Support the SmartcardDevice option in ssh(1) to specify which smartcard device to use.
+
- Step down only one Ultra DMA mode at a time when downgrading.
+
- On DMA timeouts, stop busmaster PCIIDE and reset channel.
+
- Don't malloc(3) too much and choke in ELF execution.
+
- Support rule skipping in pf(4).
+
- Allow negative lock length with lockf(3), making it compliant to specification.
+
- In top(1), abort if stdout(4) ever produces EOF; prevents spinning output if controlling tty disappears.
+
- Implement startup and shutdown hooks via dohooks(9) and family.
- SECURITY FIX: check filehandle size copied from userland
A source code patch is available.
[Applied to stable]
- - ...
+
- Nuke edlabel.
+
- Add support for disabling swap devices via swapctl(8)'s -d option.
+
- Support sshd(8) configuration file and key testing via the -t option.
+
- Change vop_symlink and vop_mknod so that they return the created node in a way that the caller can actually utilize it.
+
- Use vfork(2) safely in sup(1).
+
- New flag PMAP_CANFAIL that tells pmap_enter that it can fail if there aren't enough resources instead of panicing.
+
- Make non-stateful and stateful pf(4) filtering work on bridge(4) devices.
+
- Initialize arpcom later; it could be incorrectly initialized if done before bridge_input().
+
- Enable challenge-response authentication by default in ssh(1).
+
- Fix/complete pf(4) binary operators.
+
- Repair signal race in m4(1).
+
- Ensure make(1) doesn't dump core when reporting open conditionals.
- Promote PMAP_NEW option to mandatory status.
- In the netinet subsystem, zero the TCP checksum field before calculating the new value; fixes problem with bad checksums on keepalives.
- Use 64-bit integers for some ipcomp byte counts, fixing strange results with netstat(1).
@@ -444,7 +535,7 @@
www@openbsd.org
-
$OpenBSD: plus.html,v 1.796 2001/08/30 05:40:04 jason Exp $
+
$OpenBSD: plus.html,v 1.797 2001/09/04 01:59:07 deraadt Exp $