OpenBSD -current changelog
This is a partial list of the major machine-independent changes
(i.e., these are the changes people ask about most often). Machine
specific changes have also been made, and are sometimes mentioned
in the pages for the specific platforms.
Note: Problems for which patches exist are marked in red.
Changes made between OpenBSD 4.7 and -current
- Synchronized bind(8) root.hint with latest version from rs.internic.net.
- Fixed kernel manuals thanks to full .nr nS support in mandoc(1).
- Stopped probing "volume knobs" in azalia(4) on resume. This prevents a resume break.
- Disabled uguru(4) on i386 and amd64 GENERIC kernels.
- Added PCH/82577 bits from FreeBSD in em(4).
- Fixed a crash in ftp(1) when the directory entry isn't complete.
- In bgpd(8), instead of specifying the control sockets on the command line have them in bgpd.conf. Removed the -s and -r arguments from bgpd.
- Marked the PXE boot device as "netboot" in the i386 and amd64 platform, even if we do not contain NFS client support.
- Fixed .Bk in mandoc(1): do not print invalid arguments verbatim, do not trigger TERMP_PREKEEP twice, do not die from invalid arguments, continue to ignore even valid arguments.
- Prevented recursion in pmap_enter(9).
- Make azalia(4) check if the jacks that will mute the speaker can generate unsolicited events.
- Cleared acpi(4) fixed event status on resume (power buttons/etc) so that some machines don't immediately resume after suspending to S3.
- Added support for 800x480 in udl(4).
- In route(8), Make 'route exec' emit error messages like xargs when execve() fails does.
- In iked(8), allowed to have multiple certs for the same CA but differents srcids in the certs/ directory. This enforced that the subjectAltName has to be set correctly.
- Fixed a possible double free in iked(8).
- In ospfd(8), fixed rtmsg_process to return on an error during processing rather than continue. Fixed kr_dispatch_msg so it acts when rtmsg_process fails.
- Fixed a NULL dereferencement on zombies processes.
- Fixed two PRS in pthread(3).
- Added the TPOFF* and DTP{MOD,OFF}* definitions that ld.so will need for doing thread-local storage in amd64, i386, powerpc, sparc and sparc64.
- Added uvm(9) constraints in every architectures machine-dependent initialization.
- Make use of current working directory when default-path is not set in tmux(1).
- Fixed the length check for ASN1_ID Ids in iked(8).
- Fixed DIOCCHANGERULE in pf(4) control device.
- Basic implementation of .Bk/.Ek in mandoc(1).
- In ldapd(8), added support for different page sizes in the btree.
- Added quirks in azalia(4) for IDT 92HD71B7 in HP laptops.
- Multiple improvements iked(8).
- Added option detach-on-destroy in tmux(1) to set what happens to a client when the session it is attached to is destroyed.
- Suggested a reboot if "sh MAKEDEV" was run or login.conf was modified after using sysmerge(8).
- Make use of a mutex to make atomic operations atomic on hppa multiprocessor kernels.
- Added /dev/diskmap to RAMDISKs kernels.
- Allowed processes to be scheduled onto secondary CPUs on the hppa platform.
- Cleaned useless
#include <sys/user.h>
in more than one hundred files.
- Fixed removal of one-level search index in ldapd(8).
- In com(4), grown COM_IBUFSIZE from 1024 to 8192 to be enough size for recent devices. It fixes the problem using KDDI W04K.
- Brought ss(4) device referencing into line with sd(4), cd(4) and st(4) recent changes.
- HTTP is now the default network install method rather than FTP.
- Implemented a simple keepalive mechanism in gre(4) that is compatible with the one used by Cisco.
- First steps toward variable width fonts in mandoc(1).
- Added the extendedKeyUsage flags serverAuth and clientAuth in libssl, those flags are required by recent Windows.
- Added his own Low Power Link Up code to PCH based em(4).
- Include the Id type in the generated SA tag that is passed to the kernel, à la isakmpd(8).
- Allowed -c0 in ping(1) and ping6(1).
- Make sur some single bit bitfields in rtadvd(8) are single bit.
- Fixed bug in tmux(1) command list pointer.
- Merged mandoc(1) to release 1.10.2, bug fixes (interaction of ASCII_HYPH with special chars, handling of roff conditionals, Bd -offset will no more default to 6n), improvements (more caching of .Bd and .Bl arguments for efficiency, deconstify man(7) validation routines, add FreeBSD library names) and start PostScript font-switching.
- Added GENERIC.MP kernel to hppa.
- Improved dired in mg(1): position cursor at first filename after, don't reposition cursor on reopening, check for permission before attempting to open directory.
- Prevented to hang on resume with the amd64 and i386 platform in the interprocessor interrupt handlers.
- Fixed 100% interrupt usage on amd64 MP resume.
- Fixed a bug in adw(4) and sii(4/VAX).
- Removed OpenCVS from the build.
- Avoided a potential race when unlocking a mutex on the hppa platform.
- Added HUAWEI E182 (aka Emobile D31HW) in umsm(4).
- Removed -m option from pfctl(8).
- Added X11ForwardTimeout option in ssh(1).
- Make ssh(1) log the hostname and address that we connected to at LogLevel=verbose after authentication is successful to mitigate "phishing" attacks by servers with trusted keys that accept authentication silently and automatically before presenting fake password/passphrase prompts.
- Worked OpenBSD::State(3p) in the packages system.
- Make skip the initial check for access with an empty password when PermitEmptyPasswords=no in sshd(8).
- Fixed a bug in aucat(1).
- Fixed requirement for /dev/null inside ChrootDirectory with ``internal-sftp'' in sshd(8).
- In OpenSSH, removed hardcoded limit of 100 permitopen clauses and port forwards per direction.
- Make st(4) use xshandlers for scheduling IO.
- Fixed the ikectl(8) log verbose/brief commands.
- Included files annotated @bin in the database produced by pkg_mklocatedb(1).
- Prevented sd(4) to sleep while dumping.
- Added a CA export command for EAP in ikectl(8).
- Improved errno in ldapd(8).
- Removed compaction and indexing from ldapd(8). Reimplemented it in ldapctl(8).
- Fixed a bug in uvm(9) uvm_pmr_get1page().
- Prevented multiple inclusions in the IPC messaging functions.
- Make ami(4) ioctl(2) and sensor paths more reliable.
- Fixed condition in ospfd(8).
- Fixed printing of extensions in v01 certificates in ssh-keygen(1).
- Updated Mesa to version 7.8.2 in Xenocara.
- Improved by 8% the GENERIC.MP kernel speedup for the MVME197DP (mvme88k platform).
- Fixed initialization of early 2.x sun4c PROM to prevent the framebuffer to incorrectly take over the console after.
- In mpii(4), protected the Command Control Blocks free list with its own mutex.
- Doubled the dmesg buffer size on the amd64 platform.
- Included the user name on "subsystem request for ..." log messages in OpenSSH.
- Added auth debug messages for bad ownership or permissions on the user's keyfiles in OpenSSH.
- Standardised error messages when attempting to open private key files with ssh-keygen(1).
- Exposed sshd_config(5) options inside Match blocks (AuthorizedKeysFile, AuthorizedPrincipalsFile, HostbasedUsesNameFromPacketOnly, PermitTunnel).
- Added a choose-buffer command in tmux(1) for easier use of the paste buffer stack.
- Added initial support for PCH based em(4) adapters with intel GbE 82577 PHY.
- Implemented PA linearization on adapters with digital predistorters in athn(4) for AR9003 family only.
- Fixed printing of multipathed route in ldpd(8).
- Stop requiring { } blocks in ldpd(8).
- Improved athn(4).
- Fixed an integer arithmetic overflow and an overflow of the xs sense buffer in vscsi(4).
- In ami(4), protected the Command Control Blocks free list with its own mutex.
- Extended tmux(1) -t:+ and -t:- window targets for next and previous window to accept an offset such as -t:+2.
- Allowed hardlinks to tmux(1) sockets to be used more easily.
- Fixed the disapearance of wild characters in tmux(1).
- Fixed midicat(1) device mode when only -i or only -o is used.
- In eap(4), locked the sample rate of es1731-based devices to 48kHz.
- Make pkg_create(1) display bad symlinks by destination.
- Make various HP laptops boot correctly with acpi(4) by fixing reference counting panic for CondRef.
- Prevented a NULL dereference by skipping exiting process in sysctl system call.
- Linked a new iwn-firmware-5.5 package that contains an update for Intel Centrino Advanced-N 6200/Ultimate-N 6300 adapters for iwn(4) devices.
- Make bioctl(8) work with disklabel UIDs by trying to use opendev(3) first.
- All programs which make use of opendev(3) can now operate with disklabel UIDs.
- Prevented a segmentation fault in ftpd(8) on ftpd_popen() error during status command.
- Fixed a memory leak in sftp(1).
- Fixed sftp(1) "ls" in working directories that contains globbing characters in their pathnames.
- Fixed ldapd(8) byte alignment on sparc64.
- Added support to use sasyncd(8) with iked(8) instead of isakmpd(8).
- Fixed a NULL pointer dereference in sd(4).
- Compaction can now be done by a separate process in ldapd(8).
- Prevented fsck_ffs(8) to fail when used with disklabel UIDs.
- Prevented a panic with softraid(4) when sd(4) tries to enable write cache on all disks.
- Make a whole bunch of newer umsm(4) Huawei devices to work.
- Count of deinstalling package fixed in pkg_delete(1).
- Write cache enabled on sd(4) disks during attach.
- In mpi(4), allowed the cache enabling on virtual disks to run as part of the disks attach routine.
- Initial support for initiator mode with certificate, which allows to run iked(8) as a "client" or to configure iked(8) to iked(8) (OpenBSD to OpenBSD) IKEv2 VPNs.
- Added commands in iked(8) to create/delete/install/import keys without involving certificates.
- Fixed a memleak in the disk mapper.
- Fixed block length for AES in iked(8).
- Fixed EAP responder mode in iked(8).
- In iked(8), make NAT detection work in initiator and responder mode.
- Fixed memory leak in ypldap(8).
- Adjusted FTP reply codes in ftpd(8) (in error conditions) to conform to RFC 959.
- Segmentation fault prevented in lock(1).
- In ldapd(8), fixed a btree reference counting when opening the database with a file descriptor directly using btree_open_fd().
- Make ospf6d(8) stop preventing dynamic route redistribution because of a "dispatch_rtmsg no nexthop" error was emitted in wrong cases; fixed a use after free(3), fixed a segfault.
- Make ospf6ctl(8) print additional new line after 'Number of Links' in show database router.
- Make ospfctl(8) print 'Number of Routers' in show database network.
- Fixed a memory leak in ypldap(8).
- In scsi(4), Restore an unusual XS_SENSE semantic; Fixes restore(8) problems seen on certain tape drives.
- In ldapd(8), Wrap searches in a read-only transaction so it is guaranteed to see a consistent snapshot of the database.
- Implemented IP-FORWARD-MIB for IPv4 in snmpd(8).Add support for Intel AES-NI and the CLMUL_ instructions, plus a few others that are needed to omplement accelerated AES (and AES-GCM mode) on newer Intel cores.
- In ldapd(8), track changes in btree_txn_* API, pass a NULL btree when also passing a transaction.
- In ldapd(8), when a btree NULL pointer is passed to a function that accept both btree and a transaction, the btree is taken from the transaction.
- Fixes in sort(1): clarify sort's various modes of operation; -m is overridden by -C and -c; ordering options should not appear after -k.
- In ldapd(8), append a "tombstone" meta page after a database has been compacted. This allows other processes to pick up the change and re-open the file.
- Added minimal initial -Tps support in mandoc(1).
- Allowed configure queue expiry in smtpd(5).
- In fsck_ffs(8), added missing headers needed for opendev(3) and close(3).
- Declare safepri at the MD level on each platform, so that the kern_synch.c does not have to deal with it as a common.
- In ikectl(8), added a command to revoke a certificate and generate a CRL; make the ca install command install the CRL as well.
- Added a -S flag to iked(8) to do the same as ``set passive'' but matches the isakmpd(8) flag.
- Added new commands to iked(8) and ikectl(8), the couple/decouple commands will set loading of the learned flows and SAs to the kernel the active/passive commands are required to use iked with sasyncd(8).
- Stopped printing FEC twice in ldpd(8).
- Added another tree in iked(8) to lookup policy SAs by peer address.
- Removed the CRYPTO_ALGORITHM_ALL define from crypto(4).
- In ospfd(8), restricted the interface scope embedding to link local nexthops.
- In ospfd(8), fixed an infinite loop hit when the prefixlen is not devidable by 32 by decoding prefixes corectly.
- Fixed time on Mostek time-of-day chips with dead batteries.
- Moved the logging of FEC changes to the LDE and print the FEC and label information.
- Allow FFS file system to be mounted by a disklabel(8) UID.
- Fixed MPLS pop operation to make PHP work again.
- Reworked UI messages in pkg_add(1).
- Properly enable vscsi(4) on the longsoon platform.
- Make ospfd(8) calculate size of update packet with IPv6 header and reserve space for IPsec.
- Introduce a diskmap pseudo device which allows userland to open a disk specified via its disklabel UID.
- Merged mandoc(1) bits that will be going into 1.10.1.
- Fixed various problems of auich(4) on SiS 7012 based chips.
- Reworked the way onboard devices attach on Sun 4/110 systems.
- In tcpdump(8), added minimal decode support for IKEv2 exchange types and payloads.
- Fixed a bug which prevented diskless station to boot (PR6382).
- Make ldpd(8) store all labels in ldpd in host byte order without any additional shifting.
iked(8), ikectl(8) enabled in the build.
This list mentions mostly platform-independent changes. For a list of changes
made in a particular platform, please check the page for that platform. If you
find them not listed there, the changes are either (1) not being documented or
(2) are documented here.
www@openbsd.org
$OpenBSD: plus.html,v 1.1166 2010/07/01 23:56:09 deraadt Exp $