OpenBSD -current changelog
This is a partial list of the major machine-independent changes
(i.e., these are the changes people ask about most often). Machine
specific changes have also been made, and are sometimes mentioned
in the pages for the specific platforms.
Note: Problems for which patches exist are marked in red.
Changes made between OpenBSD 4.7 and -current
- Make tmux(1) print an error when an old client is not compatible with a new server.
- Reduced delays a bit in the miibus read/write routines for re(4).
- Added bootstrap loader to the beagle platform.
- Added support for sun4e on the sparc platform.
- Updated libpciaccess to version 0.11 in Xenocara.
- Prevented clients to hang on ldapd(8) by retrying requests when the B-Tree is busy.
- Fixed aucat(1) parameter handling: don't try to open a ``default'' midi port if no files are given on the command line.
- Prevented a kernel panic in scsi(4) by limiting SCIOCCOMMAND and ATAIOCCOMMAND requests.
- Rewrote the polling codepath in mpii(4), make it better multiprocessor-safe.
- Make OpenCVS and rcs(1) conforms to GNU cvs(1) allowed characters in symbol/tag names.
- Made cvs_unedit_local() OpenCVS conform to other functions with the `-t' and `-n' flags used simultaneously.
- Fixed cross build problem with cpp(1).
- Added support for using IPsec in multiple rdomains.
- Fixed table removing bugs in the kernel resident routing tables.
- Allowed to reduce the messages sent to AF_INET or AF_INET6 only daemons in the routing table sockets.
- Fixed pkg_mklocatedb(1).
- Fixed an ospf6d(8) crash.
- Fixed bulk update bugs on pfsync(8).
- On the i386 platform, removed aha(4), tl(4) from the RAMDISK kernel; geodesc(4/I386), gdt(4), twe(4), iha(4), adw(4), xl(4), exphy(4) from the RAMDISKB kernel; ne(4), nsphyter(4), rlphy(4), bmtphy(4) from the RAMDISKC kernel. Those kernels went too big after the gcc4 switch.
- Prevented fsck_ffs(8) to crash by using correct types for block numbers, those can grow big on very large filesystems.
- Many improvement on the bge(4) interface: setup proper mbuf pool watermarks for BCM5717 / BCM57765 chipsets, disabled initiation of multiple DMA reads for BCM5717 chipset, added a performance tweak for BCM5785 chipset, corrected the return ring count used for BCM5717 / BCM57765 chipsets, fixed fiber media detection for BCM5717 chipsets.
- Updated sudo to version 1.7.2p8.
- Added mapping for ACPI device to PCI bus/device/function.
- Switched hppa, i386 and powerpc to gcc4.
- Make traceroute(8) parse extended ICMP messages defined by RFC 4884.
- Added definitions in the TCP/IP stack for ICMP extended headers available for some ICMP messages like time exceeded messages.
- Use config_activate_children to get down to the isa bus activation code.
- Prevented devices without read or write functionnality to return ENODEV to the poll.
- Improved pipex.
- Improved aesni.
- Moved crypto(4) pool initialization to init_crypto and removed the crypto_pool_initialized variable. This prevents crypto_getreq() to check if the pool is initialized each time its called.
- Make ifstated(8) print runned commands in debug mode only (ifstated -d).
- Prevented deadlocks on sparc64.
- Added mpi_wait over to mpii(4) as a multiprocessor-safe mechanism: sleep while waiting for a command to complete.
- Made mpii(4) more multiprocessor-safe.
- Improved siop(4).
- Created distinct entry points functions for sun4/4c and sum4m as the bits in their interrupt enable register are completely different (intreg_clr_44c() and intreg_clr_4m() instead of ienabic(), intreg_set_44c and intreg_set_4m instead of ieanb_bis()).
- In acpi(4), use spl(9) spltty() to lock downcalls from apm(4) against the information being modified by the acpi(4) thread.
- Make ``apmd & zzz'' work correctly.
- Prevented ldapctl(8) to segfault if ``ldapctl stats'' is run when a database is being reopened due to compaction.
- Make aucat(1) try to detect busy loops caused by misbehaving audio drivers or hardware. If a busy loop is found, then close the device that caused the loop.
- Fixed a memory leak in ldapd(8).
- Enabled FIFO IO for sd(4) devices.
- Improved the event notification on mpi(4).
- Moved the last direct uses of mpi_{get,put}_ccb over to using the scsi_iohandler wrappers in mpi(4).
- Make aucat(1) handle all streams (audio files and client connections) the same way. Cleaned command line options: stream parameters (-Ccehjmrtvx) must precede stream definitions (-ios) and per-device parameters (-abz) and stream definitions (-ios) must precede device definitions (-f). Since there's no ``server'' and ``non-server'' modes anymore, the -l option just detach the process.
- Make ospf6d(8) advertise a intra-area-prefix-lsa with all prefixes for the network if there are any adjacent neighbors on link.
- Removed compat_bsdos(8).
- Fixed ldapd(8) update writing to the B-Tree while having a cursor open on the affected pages.
- Fixed use after free in ypldap(8).
- Fixed a memory leak with transaction abortion on ldapd(8).
- Fixed an NFS crash on sparc.
- Make sysmerge(8) automaticaly install missing users/groups.
- Prevented broken battery stats, overheating, failure to resume on some machines by resetting SCI_EN on resume.
- Make ^D handling consistent in fdisk(8).
- Improved iked(8) non-debug logging messages when a session is established/closed.
- Implemented rudimentary support for user defined strings in mandoc(1).
- Make the i386 kernel responsible for saving the FPU state before running signal handlers.
- Removed getrdomain(2) and replaced it by getrtable(2). It fixes the naming of interfaces and variables for rdomain and rtables and make possible to bind sockets (including listening sockets) to rtables and not just rdomains. You'll need to remove /usr/share/man/cat2/[gs]etrdomain.0 after this.
- Removed ss(4) and usscanner(4) from all kernels.
- In pfctl(8), fixed recursive printing of wildcard anchors, fixed printing of multi-part anchor paths, added a warning to prevent users from specifying multi-component names for inline anchors.
- Make sd(4) stop on suspend and start again upon resume.
- Added itherm(4), a driver for Intel 3400 Thermal Sensor.
- Implemented translation of the SCSI START STOP UNIT command.
- Added proper locking around vinvalbuf(9) in NTFS.
- Fixed the return value of pmap_steal_memory() on hppa64.
- Saved some space on RAMDISKs kernels.
- Added new workaround for PCH devices in em(4) and make an Intel GbE 82578 PHY actually work.
- Provided an iopool in arc(4).
- Removed support for compat_sunos(8).
- Fixed bugs in npppd.
- Dropped fill_eproc() from SMALL_KERNELS.
- Allowed systat(1) to print date and time when in raw mode.
- Passed and saved state in pkg_add(1) repository related libraries, used to print all error messages.
- Make sdmmc(4) be detached and re-attached on resume.
- Allowed softraid(4) to implement seamless transitions from the previous metadata version to current version without needing to recreate the softraid volume by determining the data offset using a variable specified within the softraid metadata.
- Improved ciss(4) sensor setup loop.
- Make ath(4) come back after resume without having to manually ifconfig(8) it again.
- Improved tip(1).
- Allowed clients to present custom editing forms in ldapd(8).
- Added more MCP79 AHCI ids to the list of devices that need special handling in ahci(4).
- Fixed bad sshd_config(8) options parsing with quoting string (e.g. ``AllowUsers "blah blah" blah'').
- Fixed pci(4) uninitialized variable warning.
- Recent uvm(9) changes exposed an eight year old bug in the network stack: an item was reference after it has been returned to the pool.
- Fixed an error handling in fdisk(8).
- Prevented ldapd(8) from validating modification of immutable attributes in the namespace if configured with relaxed schema checking.
- Forbid deletion of non-leaf nodes in ldapd(8).
- Fixed memory leaks in ldapd(8) schema parser and B-Tree.
- Added ability to limit memory presented to kernel at boot with 'machine memory =128M' style commands on i386 and amd64.
- Added Lenovo Thinkpad X100e quirk for vga_pci.
- Mobility Radeon HD 4870 works with drm(4).
- Avoid register leaks into new i386 or amd64 process images.
- Added more support for ARMv7 on the arm platform.
- Allowed .nr nS to force SYNOPSIS-style .Nm indentation outside the SYNOPSIS in mandoc(1).
- Make i386 and amd64 synchronise FPU state instead of flushing them before suspending.
- Implemented vslock_device() and vsunlock_device() and used them for physio(9).
- Fixed memory leak by adding a missing free(3) in ospf6d(8) and ospfd(8).
- Corrected handling of trailing punctuation in .Nm block headers in mandoc(1).
- Remove PAGEFASTRECYCLE option from the generic kernel.
- Removed obsolete docs from the source tree.
- Implemented LDAP compare operation in ldapd(8).
- Constrained malloc to only grab pages from DMA reachable memory.
- Allowed uvm(9) to swap when there is more memory than what can be DMA.
- Make deeply nested dlopen(3) binaries start faster.
- Switched getpeereid(3) from system calls to library routines by using getsockopt(2) with SOL_SOCKET and SO_PEERCRED.
- Improved pkg_add(1) debug mode.
- Make ldapd(8) parse and ignore schema extensions with an X- prefix.
- Removed compat_ibcs2(8).
- Follow POSIX (IEEE Std 1003.1, 2004 Edition) in the implementation of the sed(1) "y" (translate) command.
- Allow [ to be used as a delimiter in sed(1).
- Make wsconsctl handle more than the first keyboard, mouse and display.
- Make ciss(4), ips(4), vga_pci compile with SMALL_KERNEL.
- Improved mandoc(1) .Nm indentation in the SYNOPSIS.
- Fixed terminal mode restoration after suspending scp(1).
- Added support for disklabel UIDs in bioctl(8).
- Make ldapd(8) reset number of revisions after B-Tree compaction.
- Prevented statistics loss is ldapd(8).
- Improved scsi(4) by killing struct scsi_device.
- Provided safepri value and uvm(9) constraints to hppa64 machine-dependent initialization code.
- Allowed easier canceling of bad requests in ldapd(8).
- Added a man page to npppdctl(8).
- Fixed a null pointer dereference and two possible null pointer assignment in ldapd(8).
- Saved memory on sparsely populated scsi(4) buses.
- Prevented code paths from exposing uninitialized memory to user space or devices in scsi(4).
- Fixed ncr(4) on vax.
- Prevented a thread kill(2) to send the signal to a separate process.
- Added screen types and emulations in wsconsctl(8).
- Make it possible to get the screen types and emulations for a wsdisplay(4).
- Removed dead assignments in ldapd(8).
- Added support in iked(8) for the tap extension that will tell the kernel to send all IPsec traffic for derived SAs to the specified enc(4) interface instead of enc0.
- Added support in ipsecctl(8) for dumping the pfkey ADB_X_EXT_TAP extension to communicate the encX interface unit for a specified SA between userland and kernel.
- Allowed to specify an alternative enc(4) interface for an SA.
- Removed GENERIC kernel compatibility with OpenBSD 4.3.
- Fixed subordinate bus number for multi-root PCI buses.
- Handled special vga(4) cards for resume on i386 and amd64.
- Checked ldapd(8) modify don't add immutable attributes.
- Cleaned up now irrelevant TODOs and READMEs in the tree.
- Improved performance on some disks (those that have 4K sectors but report 512B), by making `fdisk -i' start the partition on a power of 2 block boundary.
- Improved ldpd(8) for future multipath routes support.
- Silenced the activation debug reporting in the kernel to prevent possible interactions when printing vga states.
- Fixed an ldapd(8) crash by making it stop pruning page cache directly when adding to it.
- Prevented disklabel(8) editor to crash when pressing ^D.
- Removed compat_osf1(8).
- Improved error reporting in mandoc(1): avoid error exit after warnings, added ERROR: and FATAL: to messages.
- Added SOL_SOCKET and SO_PEERCRED support to getsockopt(2).
- Make ldapd(8) validate that an entry can't belong to an abstract object class directly.
- Added a global root user that is allowed to read/write entries in all local namespaces to ldapd(8).
- Silenced the activate function when unknown events are given to scsibus.
- Fixed mg(1) buffer problems.
- Use a SLIST for the ccb free list in ips(4) and mfi(4).
- Make sd(4) flush its cache before suspend.
- Make sure pthreads(3) FPU state is aligned on a 128-bit boundary on i386 as it is on amd64.
- Make tcpdump(8) print MPLS label as decimal instead of hexadecimal.
- Fixed route label in pf(4) control device.
- Better handling detaching of cd(4).
- Fixed ldapctl(8) stats, avoided a null pointer dereference when reopening a namespace.
- Fixed arguments to fpu_kernel_enter() and fpu_kernel_exit() on the amd64 platform.
- Modernized pkg_merge(1).
- Improved the AD1848 Parallel-Port 16-Bit SoundPort Stereo Codec.
- Allowed recording to work for Crystal Semiconductor CS4231 Audio Codec/mixer chip when there is only one DMA channel.
- Lots of improvements in pkg_add(1) around the new OpenBSD::State(3p) API.
- Improved ucom(4).
- Added support for Ironlake (clarkdale and arrandale, i.e. core i3 and core i5 internal graphics) to intel agp(4) and intel drm(4). Mostly works, but the suspend/resume handler doesn't put the registers back 100%.
- Make ExpressCard hotplug work after suspend/resume cycle by saving PCIe slot control and status register.
- Reworked ldpd(8) network distribution so all path of an active route are sent to the lde so it can asign remote labels to all of the pathes.
- Fixed uhci(4) on numerous machines by preserving and restoring BARs on suspend/resume for all pci(4) devices.
- Make ldapd(8) validate that all attributes are allowed by any of its object classes.
- Synchronised ldpd(8) kroute.c with ospfd(8) one for future multipath routes support.
- Updated libedit to bring it into sync with the latest version from NetBSD.
- Allowed key options (command="..." and friends) in sshd(8) AuthorizedPrincipals.
- Allowed ssh-keygen(1) to import (-i) and export (-e) of PEM and PKCS#8 encoded keys
- Improved -o in ftp(1).
- Added some missing UHCI and EHCI register restores on resume.
- Added support for mapping ACPI to PCI devices.
- Added support for referrals in ldapd(8).
- Added aesni, an amd64 driver for the crypto framework, similar to the VIA driver for supporting the AES-NI instructions found on recent Intel cores. Special thanks to Huang Ying at Intel for getting the assembly code relicensed from GPL to a more suitable license.
- Many improvements in sparc boot.
- Replaced enc(4) with a new implementation as a clonable device.
- Added PADDR_IS_DMA_REACHABLE macro in uvm(9).
- Reworked cypress cpu cache setup and enabled writeback mode on sparc.
- Added fpu_kernel_enter() and fpu_kernel_exit() on the i386 and amd64 platform. This allows the use of the FPU in the kernel.
- Fixed some USB keys by removing extra_bytes field in scsi(4) struct scsi_sense_data.
- Make iked(8) lookup the RSA public keys in /etc/iked/pubkeys/ as an alternative to X.509 CA verification.
- Make ldapd(8) return a protocol error when trying to use starttls without a configured certificate, instead of just blocking the client.
- As it is not anymore setuid, removed tip(1) complicated public/private/root permissions scheme for options in favour of a single read-only bit.
- Removed compat_hpux(8).
- Used the libutil implementation of UUCP locking in tip(1).
- Factored iked(8) Diffie-Hellman implementation for isakmpd(8) with lots of benefits: smaller code, libcrypto instead of custom crypto code, theorically adds support for many new MODP and EC2N/ECP modes.
- Added missing free()s in iked(8).
- Fixed use after free(3) in pfctl(8).
- Improved Intel GbE 82578 and 82578 PHY in em(4).
- Removed mentions of operating system binary emulation in installation notes.
- Improved ahci(4) suspend/resume.
- Improved acpi(4) suspend/resume by using recencly added bufq_quiesce().
- Make sasyncd(8) use only 3 verbosity level: None, Important, All.
- Removed compat_ultrix(8).
- Avoided a null pointer dereferencement in usbhidaction(1).
- Added support for badly nested blocks in mandoc(1).
- Cleaned tip(1) from obsolete acu.
- Make call to sysctl(3) fail if a process asked KERN_PROC2 or KERN_FILE2 (or their libkvm wrappers) for more informations than the running implementation knows how to provide.
- Synchronised mandoc(1) to release 1.10.3: support -Tps -Opaper=a4 and -Opaper=letter.
- Automatically set /etc/pkg.conf `installfrom' entry to the public mirror used while installing or upgrading.
- Added a framework for glyph width encoding in mandoc(1).
- Fixed a logic error in spdmem(4).
- Changed st(4) to use the FIFO buf sorting discipline rather than the default disk-sorting one.
- Fixed aucat(1) crash by explicitely initialize members of struct dev in dev_open().
- Prevented aucat(1) from checking if the midi control interface is idle when the device isn't open yet.
- When given NULL or "" as argument, make unsetenv(3) set errno to EINVAL, conforming to POSIX.
- Improved the FPU register saving on the hppa platform.
- Factor out code used to save and flush process FPU context in hppa.
- Forced the dns buffers to be aligned using a union in smtpd(8) and ypserv(8) as a workaround for "misalign strings on the stack" bug in gcc4 and as a better and more common idiom.
- Added custom layout in tmux(1), the list-windows command displays the layout as a string that can be applied to another window using select-layout.
- Allowed selecting both address family and protocol in netstat(1).
- Rewritten ldapd(8) schema parser. The new parser now support symbolic OID names. You need to update your /etc/ldapd.conf: schemas are now included with the 'schema' keyword.
- Added VIA xcrypt for amd64 in libssl.
- Cleaned interface stats handling in pfctl(8): '-Fi' reset ALL the interface statistics and make '-Fa -i ifname' fail.
- Fixed IFADDRDEL imsg error message in ospfd(8).
- Make tmux(1) commands use stdin, stdout and stderr sent from client to server. You'll need to restart your server after this upgrade.
- Fixed keyboards in wsconsctl(8), better handling of none latin-1 characters.
- Added initial support for Intel GbE 82578 PHY in em(4).
- Added iked(8) to rc(8).
- Added the rtable id as an argument to rn_walktree() in the network stack. This permits functions like rt_if_remove_rtdelete() to be able to correctly remove nodes.
- Used an SLIST instead of a TAILQ for the ccb free list in arc(4).
- Massive removal of unused struct scsi_device.
- Updateed the perl(1) Safe module to version 2.2.7 for CVE-2010-1168 and CVE-2010-1447.
- Modified IPv6 stack to conform to the last ospf6d(8) changes. Now neighbor discovery is solely based on the cloning route and not on the address neigborship anymore.
- Added initial support for RTL8168E in re(4).
- Make ospf6d(8) create a cloning route if there is no next hop but an interface index.
- Used the interface index for writing routes into the kernel in ospf6d(8).
- Allow tty drivers to request larger buffers at attach time using a max-baud-rate hint. These larger buffers are required by the very high speed KDDI devices in Japan (com(4), or ucom(4)).
- In cwm(1), fixed window name and class to match cwmrc(5).
- Added definitions in acpi(4) for Intel/AMD IOMMU ACPI tables.
- Implemented iopools in osiop(4) to get rid of another use of XS_NO_CCB.
- Used in com(4) a more moderate fifo trigger level (4) for moderately quick (sub-38400) port speeds.
- Synchronized bind(8) root.hint with latest version from rs.internic.net.
- Fixed kernel manuals thanks to full .nr nS support in mandoc(1).
- Stopped probing "volume knobs" in azalia(4) on resume. This prevents a resume break.
- Disabled uguru(4) on i386 and amd64 GENERIC kernels.
- Added PCH/82577 bits from FreeBSD in em(4).
- Fixed a crash in ftp(1) when the directory entry isn't complete.
- In bgpd(8), instead of specifying the control sockets on the command line have them in bgpd.conf. Removed the -s and -r arguments from bgpd.
- Marked the PXE boot device as "netboot" in the i386 and amd64 platform, even if we do not contain NFS client support.
- Fixed .Bk in mandoc(1): do not print invalid arguments verbatim, do not trigger TERMP_PREKEEP twice, do not die from invalid arguments, continue to ignore even valid arguments.
- Prevented recursion in pmap_enter(9).
- Make azalia(4) check if the jacks that will mute the speaker can generate unsolicited events.
- Cleared acpi(4) fixed event status on resume (power buttons/etc) so that some machines don't immediately resume after suspending to S3.
- Added support for 800x480 in udl(4).
- In route(8), Make 'route exec' emit error messages like xargs when execve() fails does.
- In iked(8), allowed to have multiple certs for the same CA but differents srcids in the certs/ directory. This enforced that the subjectAltName has to be set correctly.
- Fixed a possible double free in iked(8).
- In ospfd(8), fixed rtmsg_process to return on an error during processing rather than continue. Fixed kr_dispatch_msg so it acts when rtmsg_process fails.
- Fixed a NULL dereferencement on zombies processes.
- Fixed two PRS in pthread(3).
- Added the TPOFF* and DTP{MOD,OFF}* definitions that ld.so will need for doing thread-local storage in amd64, i386, powerpc, sparc and sparc64.
- Added uvm(9) DMA address constraints in every architectures machine-dependent initialization.
- Make use of current working directory when default-path is not set in tmux(1).
- Fixed the length check for ASN1_ID Ids in iked(8).
- Fixed DIOCCHANGERULE in pf(4) control device.
- Basic implementation of .Bk/.Ek in mandoc(1).
- In ldapd(8), added support for different page sizes in the btree.
- Added quirks in azalia(4) for IDT 92HD71B7 in HP laptops.
- Multiple improvements iked(8).
- Added option detach-on-destroy in tmux(1) to set what happens to a client when the session it is attached to is destroyed.
- Suggested a reboot if "sh MAKEDEV" was run or login.conf was modified after using sysmerge(8).
- Make use of a mutex to make atomic operations atomic on hppa multiprocessor kernels.
- Added /dev/diskmap to RAMDISKs kernels.
- Allowed processes to be scheduled onto secondary CPUs on the hppa platform.
- Cleaned useless
#include <sys/user.h>
in more than one hundred files.
- Fixed removal of one-level search index in ldapd(8).
- In com(4), grown COM_IBUFSIZE from 1024 to 8192 to be enough size for recent devices. It fixes the problem using KDDI W04K.
- Brought ss(4) device referencing into line with sd(4), cd(4) and st(4) recent changes.
- HTTP is now the default network install method rather than FTP.
- Implemented a simple keepalive mechanism in gre(4) that is compatible with the one used by Cisco.
- First steps toward variable width fonts in mandoc(1).
- Added the extendedKeyUsage flags serverAuth and clientAuth in libssl, those flags are required by recent Windows.
- Added his own Low Power Link Up code to PCH based em(4).
- Include the Id type in the generated SA tag that is passed to the kernel, a la isakmpd(8).
- Allowed -c0 in ping(1) and ping6(1).
- Make sur some single bit bitfields in rtadvd(8) are single bit.
- Fixed bug in tmux(1) command list pointer.
- Merged mandoc(1) release 1.10.2, bug fixes (interaction of ASCII_HYPH with special chars, handling of roff conditionals, Bd -offset will no more default to 6n), improvements (more caching of .Bd and .Bl arguments for efficiency, deconstify man(7) validation routines, add FreeBSD library names) and start PostScript font-switching.
- Added GENERIC.MP kernel to hppa.
- Improved dired in mg(1): position cursor at first filename after, don't reposition cursor on reopening, check for permission before attempting to open directory.
- Prevented to hang on resume with the amd64 and i386 platform in the interprocessor interrupt handlers.
- Fixed 100% interrupt usage on amd64 MP resume.
- Fixed a bug in adw(4) and sii(4/VAX).
- Removed OpenCVS from the build.
- Avoided a potential race when unlocking a mutex on the hppa platform.
- Added HUAWEI E182 (aka Emobile D31HW) in umsm(4).
- Removed -m option from pfctl(8).
- Added X11ForwardTimeout option in ssh(1).
- Make ssh(1) log the hostname and address that we connected to at LogLevel=verbose after authentication is successful to mitigate "phishing" attacks by servers with trusted keys that accept authentication silently and automatically before presenting fake password/passphrase prompts.
- Worked OpenBSD::State(3p) in the packages system.
- Make skip the initial check for access with an empty password when PermitEmptyPasswords=no in sshd(8).
- Fixed a bug in aucat(1).
- Fixed requirement for /dev/null inside ChrootDirectory with ``internal-sftp'' in sshd(8).
- In OpenSSH, removed hardcoded limit of 100 permitopen clauses and port forwards per direction.
- Make st(4) use xshandlers for scheduling IO.
- Fixed the ikectl(8) log verbose/brief commands.
- Included files annotated @bin in the database produced by pkg_mklocatedb(1).
- Prevented sd(4) to sleep while dumping.
- Added a CA export command for EAP in ikectl(8).
- Improved errno in ldapd(8).
- Removed compaction and indexing from ldapd(8). Reimplemented it in ldapctl(8).
- Fixed a bug in uvm(9) uvm_pmr_get1page().
- Prevented multiple inclusions in the IPC messaging functions.
- Make ami(4) ioctl(2) and sensor paths more reliable.
- Fixed condition in ospfd(8).
- Fixed printing of extensions in v01 certificates in ssh-keygen(1).
- Updated Mesa to version 7.8.2 in Xenocara.
- Do not propagate cache invalidate operations between processors on 88110 systems, improves GENERIC.MP kernel speed by 8% on the MVME197DP (mvme88k platform).
- Prevent the framebuffer from taking over serial console on early 2.x sun4c PROM if no keyboard is connected.
- In mpii(4), protected the Command Control Blocks free list with its own mutex.
- Doubled the dmesg buffer size on the amd64 platform.
- Included the user name on "subsystem request for ..." log messages in OpenSSH.
- Added auth debug messages for bad ownership or permissions on the user's keyfiles in OpenSSH.
- Standardised error messages when attempting to open private key files with ssh-keygen(1).
- Exposed sshd_config(5) options inside Match blocks (AuthorizedKeysFile, AuthorizedPrincipalsFile, HostbasedUsesNameFromPacketOnly, PermitTunnel).
- Added a choose-buffer command in tmux(1) for easier use of the paste buffer stack.
- Added initial support for PCH based em(4) adapters with intel GbE 82577 PHY.
- Implemented PA linearization on adapters with digital predistorters in athn(4) for AR9003 family only.
- Fixed printing of multipathed route in ldpd(8).
- Stop requiring { } blocks in ldpd(8).
- Improved athn(4).
- Fixed an integer arithmetic overflow and an overflow of the xs sense buffer in vscsi(4).
- In ami(4), protected the Command Control Blocks free list with its own mutex.
- Extended tmux(1) -t:+ and -t:- window targets for next and previous window to accept an offset such as -t:+2.
- Allowed hardlinks to tmux(1) sockets to be used more easily.
- Fixed the disapearance of wild characters in tmux(1).
- Fixed midicat(1) device mode when only -i or only -o is used.
- In eap(4), locked the sample rate of es1731-based devices to 48kHz.
- Make pkg_create(1) display bad symlinks by destination.
- Make various HP laptops boot correctly with acpi(4) by fixing reference counting panic for CondRef.
- Prevented a NULL dereference by skipping exiting process in sysctl system call.
- Linked a new iwn-firmware-5.5 package that contains an update for Intel Centrino Advanced-N 6200/Ultimate-N 6300 adapters for iwn(4) devices.
- Make bioctl(8) work with disklabel UIDs by trying to use opendev(3) first.
- All programs which make use of opendev(3) can now operate with disklabel UIDs.
- Prevented a segmentation fault in ftpd(8) on ftpd_popen() error during status command.
- Fixed a memory leak in sftp(1).
- Fixed sftp(1) "ls" in working directories that contains globbing characters in their pathnames.
- Fixed ldapd(8) byte alignment on sparc64.
- Added support to use sasyncd(8) with iked(8) instead of isakmpd(8).
- Fixed a NULL pointer dereference in sd(4).
- Compaction can now be done by a separate process in ldapd(8).
- Prevented fsck_ffs(8) to fail when used with disklabel UIDs.
- Prevented a panic with softraid(4) when sd(4) tries to enable write cache on all disks.
- Make a whole bunch of newer umsm(4) Huawei devices to work.
- Count of deinstalling package fixed in pkg_delete(1).
- Write cache enabled on sd(4) disks during attach.
- In mpi(4), allowed the cache enabling on virtual disks to run as part of the disks attach routine.
- Initial support for initiator mode with certificate, which allows to run iked(8) as a "client" or to configure iked(8) to iked(8) (OpenBSD to OpenBSD) IKEv2 VPNs.
- Added commands in iked(8) to create/delete/install/import keys without involving certificates.
- Fixed a memleak in the disk mapper.
- Fixed block length for AES in iked(8).
- Fixed EAP responder mode in iked(8).
- In iked(8), make NAT detection work in initiator and responder mode.
- Fixed memory leak in ypldap(8).
- Adjusted FTP reply codes in ftpd(8) (in error conditions) to conform to RFC 959.
- Segmentation fault prevented in lock(1).
- In ldapd(8), fixed a btree reference counting when opening the database with a file descriptor directly using btree_open_fd().
- Make ospf6d(8) stop preventing dynamic route redistribution because of a "dispatch_rtmsg no nexthop" error was emitted in wrong cases; fixed a use after free(3), fixed a segfault.
- Make ospf6ctl(8) print additional new line after 'Number of Links' in show database router.
- Make ospfctl(8) print 'Number of Routers' in show database network.
- Fixed a memory leak in ypldap(8).
- In scsi(4), Restore an unusual XS_SENSE semantic; Fixes restore(8) problems seen on certain tape drives.
- In ldapd(8), Wrap searches in a read-only transaction so it is guaranteed to see a consistent snapshot of the database.
- Implemented IP-FORWARD-MIB for IPv4 in snmpd(8).Add support for Intel AES-NI and the CLMUL_ instructions, plus a few others that are needed to omplement accelerated AES (and AES-GCM mode) on newer Intel cores.
- In ldapd(8), track changes in btree_txn_* API, pass a NULL btree when also passing a transaction.
- In ldapd(8), when a btree NULL pointer is passed to a function that accept both btree and a transaction, the btree is taken from the transaction.
- Fixes in sort(1): clarify sort's various modes of operation; -m is overridden by -C and -c; ordering options should not appear after -k.
- In ldapd(8), append a "tombstone" meta page after a database has been compacted. This allows other processes to pick up the change and re-open the file.
- Added minimal initial -Tps support in mandoc(1).
- Allowed configure queue expiry in smtpd(5).
- In fsck_ffs(8), added missing headers needed for opendev(3) and close(3).
- Declare safepri at the MD level on each platform, so that the kern_synch.c does not have to deal with it as a common.
- In ikectl(8), added a command to revoke a certificate and generate a CRL; make the ca install command install the CRL as well.
- Added a -S flag to iked(8) to do the same as ``set passive'' but matches the isakmpd(8) flag.
- Added new commands to iked(8) and ikectl(8), the couple/decouple commands will set loading of the learned flows and SAs to the kernel the active/passive commands are required to use iked with sasyncd(8).
- Stopped printing FEC twice in ldpd(8).
- Added another tree in iked(8) to lookup policy SAs by peer address.
- Removed the CRYPTO_ALGORITHM_ALL define from crypto(4).
- In ospfd(8), restricted the interface scope embedding to link local nexthops.
- In ospfd(8), fixed an infinite loop hit when the prefixlen is not devidable by 32 by decoding prefixes corectly.
- Fixed time on Mostek time-of-day chips with dead batteries.
- Moved the logging of FEC changes to the LDE and print the FEC and label information.
- Allow FFS file system to be mounted by a disklabel(8) UID.
- Fixed MPLS pop operation to make PHP work again.
- Reworked UI messages in pkg_add(1).
- Properly enable vscsi(4) on the longsoon platform.
- Make ospfd(8) calculate size of update packet with IPv6 header and reserve space for IPsec.
- Introduce a diskmap pseudo device which allows userland to open a disk specified via its disklabel UID.
- Merged mandoc(1) bits that will be going into 1.10.1.
- Fixed various problems of auich(4) on SiS 7012 based chips.
- Reworked the way onboard devices attach on Sun 4/110 systems.
- In tcpdump(8), added minimal decode support for IKEv2 exchange types and payloads.
- Fixed a bug which prevented diskless station to boot (PR6382).
- Make ldpd(8) store all labels in ldpd in host byte order without any additional shifting.
iked(8), ikectl(8) enabled in the build.
This list mentions mostly platform-independent changes. For a list of changes
made in a particular platform, please check the page for that platform. If you
find them not listed there, the changes are either (1) not being documented or
(2) are documented here.
www@openbsd.org
$OpenBSD: plus.html,v 1.1171 2010/07/13 17:22:21 deraadt Exp $