Annotation of www/plus22.html, Revision 1.12
1.1 deraadt 1: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML Strict//EN">
2: <html>
3: <head>
4: <title>OpenBSD 2.2 changes</title>
5: <link rev=made href=mailto:www@openbsd.org>
6: <meta name="resource-type" content="document">
7: <meta name="description" content="the main OpenBSD page">
8: <meta name="keywords" content="openbsd,main">
9: <meta name="distribution" content="global">
10: <meta name="copyright" content="This document copyright 1996 by OpenBSD.">
11: </head>
12:
13: <BODY BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#23238E">
14:
15: <img alt="[OpenBSD]" height=30 width=141 SRC="images/smalltitle.gif">
16: <p>
1.2 deraadt 17: <h2><font color=#e00000>Changes made between OpenBSD 2.1 and OpenBSD 2.2</font><hr></h2>
1.1 deraadt 18:
19: <p>
20: This is a partial list of the major machine independent changes
21: (ie. these are the changes people ask about most often). Port
22: specific changes have also been made, and are sometimes mentioned
23: in the pages for the specific <a href=plat.html>ports</a> if you
24: are interested in further port-specific details. Many ports
25: have had architecture-specific enhancements relative to NetBSD,
26: but when they do not they certainly have plenty of platform-independent
27: changes, starting with those listed below..
28:
29: <p>
30: Note: <font color=#e00000>Problems for which patches exist are marked in red</font>.
31:
32: <p>
33: <h3>
1.3 deraadt 34: <a href=plus20.html>For changes leading up to OpenBSD 2.0, click here</a>.<br>
35: <a href=plus21.html>For changes leading up to OpenBSD 2.1, click here</a>.<br>
36: <a href=plus23.html>For changes leading up to OpenBSD 2.3, click here</a>.<br>
37: <a href=plus24.html>For changes leading up to OpenBSD 2.4, click here</a>.<br>
38: <a href=plus25.html>For changes leading up to OpenBSD 2.5, click here</a>.<br>
39: <a href=plus26.html>For changes leading up to OpenBSD 2.6, click here</a>.<br>
1.6 deraadt 40: <a href=plus27.html>For changes leading up to OpenBSD 2.7, click here</a>.<br>
1.7 deraadt 41: <a href=plus28.html>For changes leading up to OpenBSD 2.8, click here</a>.<br>
1.8 deraadt 42: <a href=plus29.html>For changes leading up to OpenBSD 2.9, click here</a>.<br>
1.12 ! deraadt 43: <a href=plus30.html>For changes leading up to OpenBSD 3.0, click here</a>.<br>
1.1 deraadt 44: <a href=plus.html>For changes in OpenBSD-current, click here</a>.
45: <br>
46: </h3>
47:
48: <hr>
49:
50: <h3><font color=#0000e0>OpenBSD 2.2 released (Dec 4, 1997).</font></h3><p>
51: <ul>
52: <li>Prevent open(2) with wrong flag modes.
53: <li><strong>The new afterboot(8) man page. Everyone should look at this</strong>.
54: <li>Addition of 'kbus' port for the Solbourne Series5 sparc-based machines.
55: <li>Make clri(8) mark the filesystem dirty.
56: <li>Add per-host locking support to supfilesrv.
57: <li>Make the ncr scsi driver work on big-endian machines too.
58: <li>Fix a select/read race in identd(8) which would make it spin wildly.
59: <li>Make ac(8) use the correct timestamp if the user specifies a different wtmp file.
60: <li>Fix mktemp() to work correctly when specified against non-existant directories.
61: <li>Fix a memory leak in libdes.
62: <li>Fix one last little problem case in the fts(3) library routine. This is a very complicated piece of code...
63: <li>Some minor tftpd bug fixes.
64: <li>Another lpd security fix.
65: <li>Repair the msdosfs timestamping code so that NT/Win95 do not complain.
66: <li>Make disklabel -E always succeed at writing a label. Now you can load a fictitious label, edit it, and write it out.
67: <li>In fmt(1), support backslashed whitespace inside words better.
68: <li>Support 'q' modifier in kernel vsprintf/kprintf
69: <li>Implementation of the new disklabel -E mode.
70: <li>Handle creation of /var/tmp/vi.recover more securely.
71: <li>Quirks for two kinds of hitachi dk515 scsi drives and the Cipher ST150S tape drive.
72: <li>Handle a potential crash in the bpf driver.
73: <li>Rewrite of fdisk(8).
74: <li>Make /etc/security handle blowfish-a passwd entries.
75: <li>Ignore bogus hostnames in the /etc/exports file.
76: <li>Fix prompting code in pw_edit(3)
77: <li>The random(6) tool (game?) now uses arc4random(3).
78: <li>A few pppd fixes.
79: <li>More IPSEC improvements after the Interop ANX bakeoff.
80: <li>Add -f option to readlink which does a realpath(3).
81: <li>Fix a bug in libform.
82: <li>Add support for FNM_LEADING_DIR, FNM_CASEFOLD, FNM_IGNORECASE to fnmatch(3).
83: <li>Fix a network performance problem introduced with IPSEC.
84: <li>Fix the : and . support in chown so that usernames can have . in them.
85: <li>Make execle() use alloca() instead of malloc(); to ensure execle() can be safely called in a signal hander.
86: <li>Fix an ifconfig bug related to interfaces that do not exist.
87: <li>In struct sigaction, split sa_handler and the new sa_sigaction function pointers as is being done on newer POSIX systems. This permits proper prototyping of signal handlers.
88: <li>Ignore SIGPIPE in inetd(8).
89: <li>Fixed a pstat -s related bug in pcvt.
90: <li>Do not init pgid in /dev/log's logopen().
91: <li>Make ls -d sort directories with files.
92: <li>Fix a few small problems in rarpd(8).
93: <li>Shrink most of the install floppies ;-)
94: <li>Fix tar to deal better with one more kind of strange tar file.
95: <li>Make top(1) work better on very small screens.
96: <li>Deal with some possible buffer overflows in sup.
97: <li>Fixed various MAKEDEV bugs on lots of architectures.
98: <li>Fix ftime(3).
99: <li>Another important disk-full check in pwd_mkdb(8).
100: <li>Run calendar -a in the background. (Points to whoever figures out why).
101: <li>Add mkisofs(8).
102: <li>Add sigaction(2) SA_NOCLDWAIT support.
103: <li>Don't error out of MDTM fails.
104: <li>Fix SA_* sigaction(2) fields in the OS compat code.
105: <li>Some syslogd fixes.
106: <li>Permit a longer path buffer in tgetent(3).
107: <li>Fix a ksh(1) bug.
108: <li>Added ex (EtherExpress Pro/10) driver ported from FreeBSD
109: <li>Always set the SCSI-1 LUN field correctly in all transfers.
110: <li>Make popen(3) safe if vfork(2) does real parent address space borrowing.
111: <li>Some fsck_msdos(8) fixes.
112: <li>Made indent(1) handle unlimited number of -T options.
113: <li>Fixed small pathname buffer in man(1).
114: <li>Some setlogin() and getlogin() fixes in the tree.
115: <li>Make ddb not think 'h' means hangman.
116: <li>Ignore trailing spaces on priority in /etc/syslogd.conf.
117: <li>Fix a long-standing and minor problem with ld.so on m68k.
118: <li>Preliminary manual pages for the IPSEC utils.
119: <li>Fix a coredumping problem in tip(1).
120: <li>Extend buffer lengths in patch(1).
121: <li>make bpfread() return ENXIO for uninitialized descriptors.
122: <li>Cleaned up verbose scsi error reporting.
123: <li>make mail(1) be permissive about <CR><LF> pairs in mailbox files.
124: <li>Update ftp(1) to new NetBSD changes.
125: <li>Print system call emulation in ps(1) output. Try "ps -axO emul".
126: <li>New COMPAT_BSDOS binary compatibility subsystem.
127: <li>Another tip(1) overflow fix.
128: <li>ppp 2.3.1...
129: <li>make glob(3) XPG4.2 compliant, which means use GLOB_ABORT.
130: <li>Fix first directory handling in "find -execdir"
131: <li>Some FreeBSD m4(1) fixes.
1.11 jsyn 132: <li>Do permission checking at delivery time for pgids derived from TIOCSPGRP, F_SETOWN, or FIOSETOWN.
1.1 deraadt 133: <li>Correct some remaining small inetd bugs.
134: <li>Handle SIGCHLD better in rlogin.
135: <li>Kill "union wait" in a few more places.
136: <li>More SysVR4 emulation: sockets, NTP, POSIX time functions, pread(2)/pwrite(2).
137: <li>In calendar(1), support "-t date" to let you see the calendar for other days.
138: <li>Further IPSEC enhancement (but still no man pages for it though).
139: <li>Fix a crash in systat(8).
140: <li>Handle setgid lossage in tip(1).
1.5 rohee 141: <li>Lucent Technologies (formerly AT&T) awk version 970821.
1.1 deraadt 142: <li>Correct 'sync' option to dd(1).
143: <li>In dump(8), do not consider tape changing time in the timing estimates.
144: <li>In join(1), require compat options start with '-'.
145: <li>A few fixes to tip(1).
146: <li>Various fixes to battlestar(6).
147: <li>Few more 64 bit fixes in userland, in some rarely used system tools.
148: <li>Don't print duplicate fields in ps(1) when called with silly arguments.
149: <li>basename(1) and dirname(1) no longer give an error for paths starting with '-'.
150: <li>Document a64l(3) and l64a(3).
151: <li>The group vector could end up with duplicates esp. with YP. Now it won't.
152: <li>ash is gone gone gone.
153: <li>Fixed a bug where the kernel could lie about how many file descriptors are available and cause a panic.
154: <li>shutdown(8) now gets its own session as it deserves.
155: <li>Fixed err(3)/warn(3) argument usage in the tree.
156: <li>Buffer overflow fixes in tip(1).
157: <li>XPG4 compatibility for ps(1) format options.
158: <li>Added basename(3) and dirname(3) for XPG4. dirname(1) is now trivial.
159: <li>Verbose SCSI warnings are now available and on by default.
160: <li>Fixed a bug in cp(1) when the -r option is used and the source dir ends in a '/'.
161: <li>Changed realloc(foo,0) semantics to be like malloc(0), not free(foo).
162: <li>More user-friendly error messages from mount_* when the filesystem is not in the kernel.
163: <li>New PCMCIA Wavelan driver.
164: <li>Be more careful about YP groups in getgrouplist().
165: <li>Support simple add/delete operations on ports in the baddynamic masks via sysctl(8)
166: <li>More 1003.2 conformance: cal, cksum, sleep, compress, expr, etc.
167: <li>We are starting to pay attention to good things found in the XPG4 standard. We hope to never be compliant, because XPG4 goes way too far.
168: <li>Put hostname in root crontab mailout subjects.
169: <li>Attempt to deal with archive timestamp and filemode problems in texinfo...
170: <li>ATAPI quirk for MATSHITA CR-574.
171: <li>Fix another procfs security hole.
172: <li>Add top(1) to the source tree. Fix some problems.
173: <li>Be even more paranoid (if it can be believed) in mail.local(8).
174: <li>In mountd(8), handle ext2fs specially, like most exported filesystems.
175: <li>Fix pcap_inject(3) in libpcap.
176: <li>Make gzexe(1) use mktemp to avoid races.
177: <li>Make bad random allocation ports settable via sysctl(8).
178: <li>Import ypserv performance.
179: <li>Optional TCP syn cookie support enabled via TCPCOOKIE kernel option.
180: <li>Change the bounds_check_with_label() API to handle a cpu_disklabel too.
181: <li>Support -n better in pstat(8).
182: <li>Make bsd.doc.mk use DOCDIR.
183: <li>Fix vacation(1) properly.
184: <li>Fix a memory leak in grep(1).
185: <li>Seriously rework the identd daemon even further, to avoid even more input parsing problems and race conditions.
186: <li>Work has started to fix the remainder of the signal handlers in the source tree with respect to errno clobbering.
187: <li>Fix another race condition in identd.
1.11 jsyn 188: <li>Fix pdksh bugs: closed too many fds on exec, fix handling of (( )) to be compatible with POSIX sh spec without breaking $((, and explain how IFS works when splitting text after a substitution.
1.1 deraadt 189: <li>Make 127.0.0.1 assumed OK if /var/yp/securenet is in use.
190: <li>save errno in most of the tree's SIGCHLD handlers, just in case.
191: <li>More mdoc pages.
192: <li>Cyclades driver fixed. Works on alpha, too.
193: <li>Fixed getnetbyaddr() 'always tried DNS' resolution problem from 2.1.
194: <li>Sendmail 8.8.7.
195: <li>Fix a kernel bug regarding double m_freem()..
196: <li>Make if_tun to prefix address family as a host byte order u_int32_t instead of a u_char, so that bpf can deal with the interface.
197: <li>Deal nicer with rfork/execve interactions.
198: <li>Attempt to cleanup identd. A long road left.
199: <li>FSF GNU texinfo 3.11.
200: <li>More fixes to the alpha vga driver. Curses-based programs now work on it.
201: <li>Radius support in tcpdump.
202: <li>Todd Miller is on a rampage, and making every single buffer inside mail(1) dynamically allocated...
203: <li>Support fpx cards with i82555 PHY.
204: <li>routed(8) is now disabled by default.
205: <li>Various fixes and improvements to the 3cXXX ethernet drivers.
206: <li>More buffer overflow fixes in mail(1).
207: <li>An ugly identd race fixed.
208: <li>Fix systat manpage.
209: <li>Man page improvements in many areas.
210: <li>Allocate reserved ports for NFS inside the kernel randomly.
211: <li>Support -H flag in who(1).
212: <li>More mail(1) fixes.... It's amazing Todd hasn't broken it.
213: <li>stime(2) support for SunOS emulation.
214: <li>Switch back to nvi; vim has copyright licensing issues.
215: <li>mremap(2) support for Linux emulation.
216: <li>Use sendmail -t instead of other invocation forms inside lots of programs in the source tree.
217: <li>Hardcode a list of reserved ports that random port allocation should not reuse.
218: <li>Support YP map mail.aliases set of maps.
219: <li>Support lpc(8) "all" keyword option.
220: <li>-d flag for shutdown(8).
221: <li>Add -T support to last(1).
222: <li>Fix pax to not need getcwd(3).
223: <li>Implement IFF_NOARP handling in netinet.
224: <li>make amd(8) use /tmp_mnt by default.
225: <li>Do not use tempnam(3) in mail(1).
226: <li>All Makefile.bsd-wrapper files can now strip GNU binaries during install (pr 188.)
227: <li>Some cribbage(6) fixes.
228: <li>permit ftp(1) to download http pages without Content-Length.
229: <li>Appletalk networking support.
230: <li>S/Key keyfile is now readable only by root. skeyinfo(1) and skeyaudit(1) have been enhanced and rewritten as C programs.
231: <li>mail(1) supports "inc" command.
232: <li>mail(1) behaves correctly when interrupted while getting headers from the user.
233: <li>IPSEC Photuris daemon is integrated into the source tree.
234: <li>make ctags operate a bit better in the presence of extra spacing.
235: <li>Add <strong>-d date</strong> support to last(1).
236: <li>Import of the IPSEC photuris daemon.
237: <li>Add rmd160 hash support throughout the source tree.
238: <li>lpd security fixes.
239: <li>man page cleanups.
240: <li>Updated <a href="http://www.sendmail.org/">Sendmail</a> to 8.8.6.
241: <li>cua devices, new <strong>MAKEDEV</strong> script in the hp300 port.
242: <li>More mail(1) fixes, particularly regarding long lines.
243: <li>Add sha1 digest support to mtree(8).
244: <li>Add sha1 support to md5(1).
245: <li>Lots more IPSEC improvements.
246: <li>Repair symbolic link handling during coredumps (correctly, this time).
247: <li>Replace libc sha1 code with another version that is better in some respects.
248: <li>Fix passive buffer overflow in rusers.
249: <li>Make ed(1) work properly on a non-tty.
250: <li>make compress(1) do gzip support too.
251: <li>Maintain process size stats in forkstat struct for "vmstat -f".
252: <li>Fix ruptime output for machines up > 99 days.
253: <li>Amended issetugid(2) man page to be quite a bit more clear.
254: <li>ATAPI devices may now reside in a kernel without wd (disk) devices.
255: <li>Intel EtherExpress Pro/100B PCI driver.
256: <li>More IPSEC changes. IPSEC is almost fully useable now.
257: <li>Fix a number of rtld dynamic loading problems.
258: <li>split ifconfig -a into -a/-A: -A prints ifaliases, -a does not.
259: <li>Repaired nfs handling in tcpdump.
260: <li>Fixed highscore handling in battlestar(6).
261: <li>Fixed all(?) Makefile wrappers for GNU software to not build and install manpages when NOMAN is set.
262: <li>libedit update with lots of fixes.
263: <li>Many more 64 bit fixes for the alpha, in about 20 more programs.
264: <li>Move libdes out of the kerberos tree so that it can be used by other parts of the system too.
265: <li>Make sleep(1) handle fractions of seconds. This is a nice extension.
266: <li>New kprop/kpropd man pages.
267: <li>Permit tftpd to provide files over 32K blocks in size.
268: <li>Fix readlink(1).
269: <li>Import of cvs-1.9.10.
270: <li>A few more minor netinet problems fixed.
271: <li>Modify inetd to accept a "hostname,[hostname,...]:" token to added to the front of any line in /etc/inetd.conf. This permits services to be supplied only on certain interfaces.
272: <li>Import of the gnu multi-precision math library, libgmp. This will be used by an IPSEC key daemon soon.
273: <li>Support IP option handling in IPSEC packets.
274: <li>Race fix to amd(8).
275: <li>Y2K enhancement to date(1).
276: <li>Repaired hundreds of long != int problems (in a bunch of programs) that affect the alpha.
277: <li>Clip setsockopt SO_SND*/SO_RCV parameters.
278: <li>Use O_EXLOCK for passwd locking to avoid a class of localhost denial of service attacks.
279: <li>Fix a minor problem in popen().
280: <li>IPF 3.1.11 + Darren's patches + 64-bit cleanup.
281: <li>Added automatic power down framework at halt(8) time, currently only supported on sun4m machines with the <i>power</i> device.
282: <li>Slightly improve ftpd log file.
283: <li>More paranoia in procfs.
284: <li>Add ELOOP error handling to realpath(3).
285: <li>Some NLS improvements, notably some more language catalogs.
286: <li>Change mount(2) to return EFTYPE for invalid filesystem.
287: <li>More ipsec changes!
1.11 jsyn 288: <li>add -insecure flag to ypbind(8) so that it can bind to very old ypservs.
1.1 deraadt 289: <li>Make ifconfig(8) print full information about the full set of interface aliases.
290: <li>Support "-d dir" in rpc.yppasswdd(8).
291: <li>Fix some more /tmp races in various programs.
292: <li>add per-interface bindings to inetd(8).
293: <li>Better support for unmounted filesystems in df(1).
294: <li>Correct -n behaviour in sort(1).
295: <li>In newfs(8), fix -o and -m to work better.
296: <li>Add tsearch(3) to libc.
297: <li>Fix /tmp races in make(1).
298: <li>Deal with atapi drives that cannot lock their doors.
299: <li>Improved performance in /dev/*random.
300: <li>Fixed a few netinet bugs as pointed out by TCP/IP Illustrated Vol.2.
301: <li>Add tsearch(3) and friends to libc, as required by XPG3(?).
302: <li>Repair many cross-references and other documentation problems in the section 2 and 3 man pages, and also fix a few minor other bugs discovered by analysis of recent changes in FreeBSD's and NetBSD's libc.
303: <li>Implement hex/octal offsets in cmp(1), as documented.
304: <li>Addition of readlink(1).
305: <li>Move named tmp files to /etc/named/tmp/ to avoid localhost race attacks.
306: <li>document the ddb hangman.
307: <li>tftpd -c flag.
308: <li>Use dynamic fd_set allocation in more places, particularly setuid programs.
309: <li>Use /etc/namedb/tmp/ to avoid /var/tmp race conditions.
310: <li>Ensure TCP RST is within window.
311: <li>fix disklabel support in vnd/svnd.
312: <li>add sysctl net.inet.tcp.{keepidle,keepintvl,slowhz}
313: <li>fix SO_SNDTIMEO.
314: <li>Add <strong>-P proto</strong> support to traceroute.
315: <li>Some more security and robustness changes to traceroute and ping.
316: <li>A few netinet fixes.
317: <li>Kernel now generates random pid values in fork().
1.10 pvalchev 318: <li>fix sendmsg() credential passing on 64 bit machines.
1.1 deraadt 319: <li>kill process timers if execve'ing a setuid/setgid executable.
320: <li>Few more fixes to pax(1).
1.11 jsyn 321: <li>Fix lots more NetBSD PRs.
1.1 deraadt 322: <li>tcp wrappers 7.6
323: <li>Add some more malloc options to malloc(3)
1.4 rohee 324: <li>In ar(1), truncate uid & gid if too large.
1.1 deraadt 325: <li>getpgid(2) from XPG3(?)
326: <li>tail(1) can now notice if the file been replaced or truncated.
327: <li>Fix more overflows and other bugs in mail(1).
328: <li>Lots of man page fixes.
329: <li>New named root.cache from Internic.
330: <li>Support SIGINFO in ping; also add more complete icmp reporting capabilities.
331: <li>Make adduser understand /etc/passwd.conf
332: <li>Newer version of ext2fs that is reliable for read/write operation. This is essentially FULLY OPERATIONAL.
333: <li>Import newer version of vax port.
334: <li>Fix a few more libc functions to generate very large fd_set's properly for select(2).
335: <li>Few quirky changes to the way ISO9660 disklabel spoofing works in some ports.
336: </ul>
337: <p>
338:
339: This list mentions mostly platform-independent changes. For a list of changes
340: made in a particular platform, please check the page for that platform. If you
341: find them not listed there, the changes are either (1) not being documented or
342: (2) are documented here.<br><br>
343:
344: <hr>
345: <p>
346: <h3>
1.3 deraadt 347: <a href=plus20.html>For changes leading up to OpenBSD 2.0, click here</a>.<br>
348: <a href=plus21.html>For changes leading up to OpenBSD 2.1, click here</a>.<br>
349: <a href=plus23.html>For changes leading up to OpenBSD 2.3, click here</a>.<br>
350: <a href=plus24.html>For changes leading up to OpenBSD 2.4, click here</a>.<br>
351: <a href=plus25.html>For changes leading up to OpenBSD 2.5, click here</a>.<br>
352: <a href=plus26.html>For changes leading up to OpenBSD 2.6, click here</a>.<br>
1.6 deraadt 353: <a href=plus27.html>For changes leading up to OpenBSD 2.7, click here</a>.<br>
1.7 deraadt 354: <a href=plus28.html>For changes leading up to OpenBSD 2.8, click here</a>.<br>
1.8 deraadt 355: <a href=plus29.html>For changes leading up to OpenBSD 2.9, click here</a>.<br>
1.12 ! deraadt 356: <a href=plus30.html>For changes leading up to OpenBSD 3.0, click here</a>.<br>
1.1 deraadt 357: <a href=plus.html>For changes in OpenBSD-current, click here</a>.
358: <br>
359: </h3>
360:
361: <hr>
362: <a href="index.html"><img height=24 width=24 src=back.gif border=0 alt=OpenBSD></a>
363: <a href=mailto:www@openbsd.org>www@openbsd.org</a>
1.12 ! deraadt 364: <br><small>$OpenBSD: plus22.html,v 1.11 2001/08/08 21:06:32 jsyn Exp $</small>
1.1 deraadt 365:
366: </body>
367: </html>