OpenBSD -current changelog
This selection is intended to include all important
and all user-visible changes.
For a complete record of all changes, please see the "source-changes"
mailing list, called "OpenBSD CVS"
in the archives,
or use CVS.
Note: Problems for which patches exist are marked in red.
Changes made between OpenBSD 5.3 and -current
- Limit the identd(8) client to 256 bytes of input. If they send too much, just close the connection.
- Timeout based on the whole identd(8) session, not after every read/write. Stops clients from consuming fds on the server.
- Handle EMFILE/ENFILE from accept by disabling handling of events on the identd(8) listeners for a second.
- New identd(8) daemon, to replace the libexec one often run from inetd(8). An event driven non-blocking implemention.
- Added an interface to rebind agp(4) DMA mappings. For KMS to reload bindings after suspend/resume.
- Set glxpcib(4/loongson) "Power Immediate" bit upon attaching, so Fuloong can auto restart upon power failure.
- Updated nginx(8) to 1.2.7.
- Correct the clock speeds used to calculate int moderation values provided by the SK_IM_USECS() macro on msk(4) and sk(4).
- Added workaround for HW bug in bge(4) BCM5717/BCM5718/BCM5719-A0/BCM5720-A0 chipsets: don't include interface input drop counter in input errors.
- Apply the "AcceptPerfectMatch" workaround for sis(4) DP83815 chipsets to the 15D revision as well.
- Fixed size of unicast rx filter table on vio(4), to stop unicast address overwriting part of the multicast rx filter table.
- Updated fonts-conf(5).
- Allow tftpd(8) option ACK to negotiate 2 byte transfers with extra options.
- Fixed double free which occurred if a tftpd(8) option ACK failed.
- Don't unconditionally try to attach octcf(4) to a CF bus on octeon. Stops endless faults on the EdgeRouter Lite.
- Removed the unused sequencer(4) driver.
- Re-enabled build of Xserver(1) on hp300.
- Enable vge(4) flow control support.
- Fixed mii(4) flow control support; workaround for the IP1001 PHY where downshift support was not functioning properly.
- Install npppd.conf(5) with permissions of 0640, as there could be the radius config in this file.
- Disabled pie for lkm(4).
- Removed faithd(8) and faith(4).
- Make sure dhclient(8) doesn't delete IPv6 routes.
- Allow octeon to reboot by poking the right address for a soft cpu reset.
- In aucat(1) debug mode, log successful connections.
- Stopped sndiod(1) and aucat(1) displaying warnings if accept() returns ECONNABORTED or EWOULDBLOCK, as we do in other daemons.
- Fake "SMBIOS detection" for quirky Soekris boxes, to make it easier to attach device drivers.
- Require that the mktemp(1) template include at least 6 trailing Xs to match POSIX mkstemp/mkdtemp. Improved error messages.
- Fixed kernel profiling on MP systems by using per-CPU buffers and teaching kgmon(8) to deal with them.
- Allow snmpd(8) report new PF "translation" counter.
- Add pf(4) "translation" counter, use this (not "memory") when address translation fails due to no free ports in the configured range.
- Turn identd(8) off by default.
- Allow systrace(1), identd(8), uucpd(8), iked(8), nfsd(8), talk(1), tcpbench(1), bgpd(8), dvmrpd(8), ftp-proxy(8), inetd(8), iscsid(8), ldpd(8), ospf6d(8), ospfd(8), ppp(8), relayd(8), ripd(8), sasyncd(8), smtpd(8), snmpd(8) and syslogd(8) to handle ECONNABORTED errors from accept(2).
- When binding a lease, check for and clear out any "zombie" routes left behind by a dead dhclient(8).
- As per RFC 2131, stop dhcpd(8) ACK'ing any REQUEST containing a server-identifier option that specifies a different dhcp server.
- Removed the -I option from ndp(8).
- Do not start npppd(8) if a pptp tunnel is configured but the gre(4) protocol is not enabled.
- Flush writes to BGE_MI_COMM to avoid "APE lock request failed!" errors with HP 331T (5719) and 332T (5720) bge(4) cards.
- Changed relayd(8) to use the monotonic clock instead of gettimeofday() and call fatal() on error-that-should-not-happen.
- Removed obsolete sudo(8) code that used to change the mode of sudoers from the old (pre-1.6) default.
- Reserve a file descriptor on accept() for subsequent connect() call by ftp-proxy(8), as done in relayd(8).
- Put tip(1) back, but without the hardlink to cu(1) for now.
- Make it possible to override already attached wsdisplay(4) console later in the boot process. Needed for upcoming KMS changes.
- Workaround for some PowerBooks without an adb(4/macppc) bus, to prevent their PMU from shutting down the machine.
- Prevent gzsig(1) going into an endless loop on input error.
- Prevent gzsig(1) race condition by using already opened file descriptors. Properly presume owner/mode of gzip(1) file.
- Add new cu(1), a libevent-based implementation of the old tip(1)/cu(1) with a few new things (eg basic xmodem support). Disable tip(1).
- Always use the internal PHY on Apple variants. This unbreaks gem(4) on some PowerMac G5.
- Disabled re(4) IP checksum offloading for Realtek 8168 (broken if the packet has IP options).
- Updated to: xterm(1) 291, bdftopcf(1) 1.0.4, beforelight(1) 1.0.5, ico(1) 1.0.4, xcalc(1) 1.0.5, xfsinfo(1) 1.0.4, xkbutils 1.0.4, xsetroot(1) 1.1.1, xstdcmap(1) 1.0.3, xvidtune(1) 1.0.3, xvinfo(1) 1.1.2, xsm(1) 1.0.3, libXrandr 1.4.0, and xrandr(1) 1.4.0.
- Enable TCP socket splicing for HTTP persistent connection and chunked transfer encoding. Speeds up relayd(8).
- Updated to fontconfig 2.10.91 + a few local fixes: replaced ugly bitmapped Lucida fonts with Luxi or DejaVu TrueType fonts; moved the target of fontconfig recipes to the "pattern" from the "font" to add the default values properly.
- Rewrite the ste(4) receive filter handling code and cleanup the ioctl bits.
- First steps towards alphabook1 support.
- Allow ssh(1) "-f none ..."
- Implement a bgpctl(8) nei foo destroy that will remove the specified cloned neighbour.
- Better bgpd(8) templates support: on config reload adjust the cloned neighbours so that they get the config changes as well; clean up sessions that are 1h idle but in state active (instead of down); allow bgpctl(8) to destroy cloned neighbours.
- Added submethod support to sshd_config(5) AuthenticationMethods.
- Fixed return value of wcrtomb(3) in single-byte locales if the "s" argument is NULL.
- Allow a "+" in the cron(8) MAILTO email address.
- Per POSIX, if getconf(1) confstr() returns zero without setting errno ("no defined value") then print "undefined\n".
- Correct the delay when programming the sis(4) short cable fix to 100us, not 100ms.
- Fixed and simplified determining whether we're using an rl(4) 8129 or 8139 chipset. Allows D-Link DFE-520TX to work.
- Fixed ssh(1) public key and hostbased authentication when the client has specified a style (e.g. "root:skey").
- Fatal() ssh(1) session when ChrootDirectory is specified while running without root privileges.
- Account for the size of the allocation when defending the uvm(9) pagedaemon reserve.
- Sync yyerror() in ospfd(8), ospf6d(8), snmpd(8), dvmrpd(8), ifstated(8), ldpd(8), ripd(8), smtpd(8) and ypldap(8) with version in bgpd(8), so that it logs to syslog when daemonised.
- Patch for CVE-2013-1667 in perl(1): DoS in rehashing code (see http://code.activestate.com/lists/perl5-porters/191311/).
- When dumping ospfd(8) config, just print "passive" for passive interfaces rather than showing the "hello" timers and keys.
- Fixed a bad comparison when calculating the size of the hibernate code's signature block.
- Updated: rgb to 1.0.5, xev(1) to 1.2.1, and sessreg(1) to 1.0.8.
- Reset ssh(1) pubkey order on partial success.
- Let whois(1) -P do a query against https://www.peeringdb.com/.
- softraid(4) disciplines are now shutdown in reverse attach order, making manually stacked volumes more practical.
- Reorder pci(4) code such that wsdisplay(4) attaches after drm(4). Preparation for framebuffer console support on amd64/i386.
- When deleting an IPv6 interface address, also remove the prefix and the cloning route.
- Added HG20F9 usb ethernet to axe(4).
- Check ldomctl(8/sparc64) parser's return value and exit if parsing failed. Report syntax error with duplicated domain name.
- Use vlog() to log relayd(8) parser errors so they will show up in logs if they occur when reloading.
- When user(8) is locking/unlocking an account, never touch passwords that are "*" or 13*. Also make sure to never end up with an empty password.
- Fixed format string issue when printing an error out on bge(4) with APE and more than 4 pci(4) functions.
- Fixed ksh(1) quoting in word part of ${var+word} (and similar) when entire thing is quoted or in a here-doc.
- Disabled duplicate address detection on carp(4) interfaces, as the peer may have the same addresses.
- Make sure that IPv6 source address selection only chooses a carp(4) address if the interface is in master state.
- Fixed the combination of "j" format flag and the XPG "$" modifier in vfprintf(3).
- Unbreak softraid(4) compilation with debug enabled.
- Fixed pf(4) so when a pf.conf(5) containing "set tos" is followed by a scrub option, the tos will not be changed to 0x00.
- Properly conditionalise adding wscons(4) to the list of consoles on amd64 NWSDISPLAY.
- Always compare aliases(5) at the end of the sysmerge(8). Prevents newaliases(8) from failing due to smtpd.conf(5) syntax change.
- When passwd(1) is using an external password quality check program, don't run (potentially contradictory) internal pattern checks.
- Bring getconf(1) substantially up to spec with POSIX 1003.1-2008: 155 new names; support for the -v option. Added support for non-standard -L and -l options for listing the known names.
www@openbsd.org
$OpenBSD: plus.html,v 1.1278 2013/03/23 00:59:59 brett Exp $