Changes made between OpenBSD 3.2 and OpenBSD-current
This is a partial list of the major machine-independent changes
(i.e., these are the changes people ask about most often). Port
specific changes have also been made, and are sometimes mentioned
in the pages for the specific platforms.
Changes to the ports collection are documented
here.
Note: Problems for which patches exist are marked in red.
We are working on OpenBSD-current.
The following list sums up (almost) all the changes made up to January 17.
- Unbreak pf(4) nat random source port assignment. Now a rule has to actually ask for static-port in order to get it.
- Enable the pfctl(8) 'static-port' keyword.
- Extensive ld(1) changes to better protect ELF executables from tampering (see the checkin comment for details.)
- Add new output format option '-f' to ncheck_ffs(8).
- ncheck_ffs(8) no longer reports when the set[ug]id bits are set on directories, since these are meaningless in OpenBSD.
- Fix a missing YYERROR in the pfctl(8) parser.
- Deal with cd(4) drives that are picky about being asked to play the leadout track.
- Note with regret and sadness that the freely available PCI vendor and device list is no longer available.
- Bring protocols(5) more into line with current reality.
- More improvements and device additions to pciide(4).
- Explicity use the first path found by glob(3) instead of indexing with an uninitialised variable in sftp(1).
- Small fixes to whois(1).
- Create PIC archives for a number of X libs, useful for ports that create shared libraries.
- Stop nfsstat(1) displaying info for the no-longer-supported NQNFS protocol.
- Fix nfsstat(1)'s filesystem id lookup, and a minor buffer overrun.
- Fix some minor bugs in pf(4) radix table creation.
- Have pfctl(8) recognise the '-T load' option like it used to.
- Plug a memory leak in the pf(4) radix table code when using PFR_FLAG_DUMMY.
- For the benefit of dhclient(8), allow outbound pings from the initial pf(4) rulebase installed by rc(8).
- Pull all the IP address parsing code of pfctl(8) into one place.
- Goodbye libc_r and libnpthread, hello libpthread.
- Check for and report read errors in md5(1).
- Stop sftp(1) uploading or downloading non-regular files.
- /etc/weekly is now built (by default) in /var/tmp rather than /tmp.
- Add an extra sanity check in malloc(3) to prevent size_t overflows.
- Better input checking and error handling in the pf(4) radix tables code.
- Begin converting vmstat(8) with the -i option to use sysctl(3) instead of kvm.
- Start work on NVIDIA nForce support.
- pf(4) radix tables now understand CIDR-notation IPv4 addresses.
- Some command-line fixes and tweaks to rusers(1).
- Stop rm(1) with the -P option from overwriting files with multiple links.
- Fix handling of addition and subtraction of negated addresses to radix tables in pfctl(8).
- In ssh(1) only show the socket(2) error for the last address to which one tries to connect.
- Don't fill files full of holes with ftruncate(2) after a write error in rcp(1) and scp(1).
- Add a progress meter to the sftp(1) client.
- Remove fetch(9) and store(9) from the kernel, and replace calls to them with their copy(9) descendants.
- Various strl* return value checks in pfctl(8).
- Initial support for queue statistics display for pfctl(8) (-vsq option.)
- 'Default-Phase-1-Configuration' -> 'Default-phase-1-configuration', 'Default-Phase-2-Suites' -> 'Default-phase-2-suites' in isakmpd(8).
- New radix table manipulation syntax for pf.conf(5), and a corresponding new -Tl option for pfctl(8).
- Add support for active/inactive pf(4) radix tablesets in the kernel
- Enable SET/ACK in isakmpd(8) when acting as an ike-mode-cfg responder.
- Improvements and fixes to batch mode sftp(1).
- Big strlcpy/strlcat(3) makeover for csh(1).
- Stop compress(1) from clobbering an existing output file if the input can't be opened.
- gcc(1) attribute(sentinel) improvements.
- Improvements to whois(1): Can specify port with -p; recursive IP lookup; INICHOST (-i) is now netsol.
- Remove old altq packet-classifier code from the kernel now that pf(4) does its job instead.
- pfctl(8)'s string parser can handle strings beginning with an underscore, useful for all those new daemon usernames.
- Have authpf(8) clean up after failed previous incarnations of itself.
- Don't allow s[eh]mmni to be set (via the newish sysctl(8) interface) greater than 0xffff, to prevent id collisions due to wraparound.
- pf(4) radix tables now spring into and out of existence on demand.
- Fix the sudoers(5) parser's handling of EOF not preceded by newline.
- Stop sftp(1) from always adding u+w permissions to files pulled by get -p.
- Values set in sysctl.conf(5) can contain spaces when quoted as for sh.
- shmctl(2) can now operate on segments marked for removal.
- In compress(1), don't trip the 'may not mix -o, -c or -t' warning by mistake, and don't choke on stdin when compressing.
- Add mg(1) the +number option, which moves the point to the given line of each file.
- Correct a couple of {dup,reply,route}-to problems related to nat pools.
- Create a new group, _lkm, and install modstat(8) setgid to it instead of to kmem.
- pstat(8) now only does kvm_openfiles(3) for the -v option, the rest is obtained using sysctl(3).
- cp(1) sets permissions later, so -R works when copying directories with no write access.
- Fix a null deref in dlsym(3).
- Avoid a rare division-by-zero in ps(1) that could occur on non-IEEE systems like the vax.
- Remove the endianness from bktr(4). Enable on macppc.
- Make sure we don't try to free a null pointer in whois(1).
- Change 'no-route' implementation from a flag in the pf(4) rule address to an address type.
- Make pf(4) skip-step calculation honour the 'no-route' keyword.
- Remove code in ld(1) to force linking against a specific library version.
- Add console support for Polish and Turkish keyboard layouts.
- Add the userland support for pf(4) radix tables to pfctl(8) and authpf(8).
- Remove reference to the now obsolete screenblank from /etc/rc.
- Fix dig(1) time display on 64-bit big-endian targets.
- Do a bridge(4) routing update if the source interface is in the LEARNING state, not the destination interface.
- ftp(1) does a better job of detecting a failed cd command.
- Have syslog(3) parse '%%m' correctly.
- Fix a null deref in at(1).
- Require a direction for pf(4) rules that do routing.
- When combining (route|reply)-to and translation in pf(4) rules, make sure a state table insertion is only attempted once.
- Note (in the system copyright message) that it's now 2003.
- Update to sendmail 8.12.7.
- Have tcpdump(8) display all pf(4) rule types instead of just pass/block rules.
- Make the pf(4) radix table code handle duplicate table names and/or duplicate addresses in a single ioctl(2) call.
- Remove the pf(4) skip-step for rule action (scrub or no-scrub.)
- Properly update pf(4) scrub rule statistics.
- Put pf(4) scrub rules into a ruleset separate to filter rules.
- Implement policy suggestions in xsystrace(1).
- Adios amiga and sun3 platforms.
- Don't overrun the buffer when listing route entries via sysctl(3).
- Fix strtok_r(3) breakage in libwrap that was causing EXCEPT rules to fail.
- Add a missing exit(3) in pfctl(8).
- Correctly ignore the case where a directory with the desired executable name appears in one of the paths searched by exec[vl]p(3).
- Set a default pf(4) state table size of 10000 entries.
- In pf.conf(5), change keyword 'ipv6-icmp-type' to 'icmp6-type' and instead of 'proto ipv6-icmp' allow 'icmp6'
- Fix a C++ compiler problem with Kerberos IV's krb.h, similar to the cdefs.h fix earlier.
- Avoid a null deref when parsing the command line of make(1).
- Allocate memory for connections to spamd(8) based on the -c command line option.
- Make cd(4) try more often than other scsi devices, and don't ignore 'not ready' status from the bus.
- Add a parameter for the number of retries when waiting for a scsi device to come ready (scsi_test_unit_ready().)
- If semop(2) has to do a tsleep(9), wake it back up at a much lower priority.
- Wait until a semaphore undo structure can be allocated if one isn't available immediately, and check that another hasn't been allocated to our process while we were waiting.
- Properly check SOCKS connection return code in nc(1).
- More firewire fixes. Concurrent devices support on the way.
- Remove outdated references to NFS as an installation source from the install notes.
- Fix HOSTAP_FLAG_BITS in wi(4).
- Make 'pfctl -a name -s[rn]' show all rules or nats in all rulesets on anchor 'name'.
- In authpf(8), set the macro '$user_id' to the username.
- Fix a couple of missed semaphore counter updates.
- Add kernel portion of radix table support for pf(4) rule source and destination addresses.
- Remove an extraneous semicolon in <sys/cdefs.h> that broke some C++ compilers.
- Fix an amusingly incorrect calloc(3) size in nc(1).
- Allow the log keyword in pf(4) scrub rules.
- Some fixes to pf(4) ioctl handling.
- When pf(4) is routing a stateful connection, use the correct pool address.
- Fix kernel pf(4)'s ability to match binat-anchor rules.
- Add a missing initialisation that was causing a crash in pf(4).
- Add spamd(8) support to rc(8). rc.conf and root's crontab.
- More paranoia checks in kernel pf(4) routing.
- Unbreak spamd(8)'s connection timeout.
- Honour the -R and -N flags to pfctl(8).
- Tweak gcc(1)'s handling of inline functions w.r.t. the stack protector.
- New _spamd user and group for, uh, spamd(8).
- Fix pfctl(8)'s display of 'control' keyword for CBQ rules.
- Make libc/md/md5c.c compile again for big-endian machines.
- Avoid a null deref in pppd(8).
- Remove a couple of extra ntohs(3) calls in pfsync(4).
- Cleanup of atactl(8).
- Update Perl's Safe(3p) module to 2.09, fixing a security hole.
- newsyslog(8) error messages now contain the line number.
- Have 'chroot -U' do a setlogin(2) if the caller is, or can be made into, the session leader.
- Make chroot(8) check for $SHELL defined as null as well as for undef.
- Increase the receive buffer length of the correct socket in syslogd(8).
- Fix pfctl(8)'s display of binat rules that use nat pools.
- authpf(8) rules are now managed in their own anchor instead of at the end of the main rulebase. New *anchor rules are needed to activate authpf.
- Make sure the queue identifier returned by msgget(2) is greater than zero.
- Correctly display pf(4) rdr rules with no proxy port.
- Fix a missing initialisation in pfctl(8).
- Add spamd(8), which uses new pf(4) features to stop spammers even hitting the mail server.
- Fix an Alpha-specific crash in pfsync(4) by using bcopy() instead of structure assignment.
- Fix a use-after-free() in mailwrapper(8).
- Add a new kernel pool(9) flag, PR_DEBUG, the use of which causes pool memory to be malloc(9)'d using M_DEBUG.
- Add new kernel malloc(9) type M_DEBUG.
- Also support CORENIC handles in whois(1).
- Add dsiz and ssiz keywords to ps(1) to show data size and stack size respectively.
- Update awk(1) to 'one true awk' version 20021213 (Friday 13th ed.)
- Add the -6 and -c registry shortcuts to whois(1), and deal with VNIC handles starting with '!'.
- Better resolver error checking, a few fixes and a lot of message cleanup in ftp-proxy(8).
- Stop '-k' being used as an abbreviation for '--keep-locals' in GNU as(1).
- Optimise pf(4) skip-step calculation to O(n) from O(n-squared).
- Fix pf(4) 'no {binat,nat,rdr}' evaluation.
- Allow pfctl(8) (with the -vsn) option to display translation statistics as -vsr does for rules.
- When logging pf(4) rules from anchored rules, display the *anchor rule number, not the rule number within the anchored rules. (Hopefully both will be displayed sometime soon.)
- Make sure that state table entry display doesn't try to print rules that are no longer in place.
- Prevent changes to different rule types overwriting pf(4) DIOCCHANGE* tickets.
- Support a single destination port in pf(4) rdr-anchor rules.
- Match pf(4) {binat,nat,rdr}-anchor parsing to what is actually supported.
- Always compile in PRIQ and HFSC schedulers if ALTQ is included in the kernel.
- Make SysV shared memory and semaphore limits configurable via sysctl(8). Oh yes.
- whois(1) no longer barfs totally if just one of its query list is not found.
- Add PRIQ scheduler support to pfctl(8).
- su(1) only calls setlogin(2) if it's the session leader (as noted in the setlogin manpage.)
- More compress(1)-works-like-gzip(1): Add -r (recurse) option, and make it truncate existing files when extracting.
- Since pf(4) rule comparison is now done in userland, remove unused pf_compare* functions from the kernel.
- pf(4) DIOCCHANGE* ioctls now require a ticket, to prevent races.
- Merge pf(4) nat, binat and rdr structures and pools into pf_rule.
- Fix the signedness of wsconsctl(8) variable display.focus, so a test against -1 now makes sense.
- Teach imake(1) how to detect automagically the gcc(1) stack protector.
- Now pf(4) supports other queue types, only try to create a root queue for CBQ.
- For some peculiar reason, support decoding in ppt(6).
- Make linux emultation *stat64() work again.
- Convert altq(9) disciplines HFSC, PRIQ and RIO to pf(4)-based (CDNR and RED to come,) and remove other queuing disciplines.
- iostat(8), systat(1) and vmstat(8) now update their disk stats automatically when a device is detached.
- Enable login failure recording by default, by installing a blank /var/log/failedlogin (see login(1).)
- Fix some problems with the new inlined <ctype.h> functions on 64-bit architectures.
- Make cdio(1) deal properly with multiline CDDB responses.
- Add a second 'priority' queue to be specified in a pf(rule), currently used for low-delay ToS packets. Great for ToS-savvy programs like ssh(1).
- Revert nc(1) to the old behaviour, so it exits when the read descriptor is closed instead of requiring both read and write to close.
- Cosmetic fixes to scp(1).
- Allow some ordering freedom for pf(4) scrub rules.
- Lots of firewire fixes. Add SCSI-over-FireWire support
- Compare all the bytes of a pf(4) nat pools key, instead of comparing the first byte four times.
- Fix a linkage problem that stopped 'make build' working with DESTDIR set.
- Remove setgid(kmem) from trpt(8).
- pstat(8) can now get the tty list using sysctl(3) insteam of kvm_read(3).
- Fix systrace(1) logging so it works for non-translated calls too.
- Stop close(2) clobbering errno in ld(1).
- Convert <ctype.h> macros into functions so they are consistent with those in libc.
- Change XDR.x_handy from int to u_int to avoid sign bugs.
- Make ar(1) work more like its GNU and Solaris counterparts and not require an archive for the d,m,q and r operations.
- Fix an mbuf-related panic in kernel PF_KEY v2 code.
- More ANSIfication in /sbin.
- Fix a potential (non-exploitable) buffer overrun in the httpd(8) macro FIX_PRECISION.
- Add missing snprintf(3) error check to config(8).
- When mounting the root partition via NFS, call inittodr(9) with the root filesystem's atime rather than its mtime (since it's likely to be read-only and pretty static.)
- Renumber some (debug only) tun(4) ioctls so they don't clash with ppp(4).
- Make sure user(8) cleans up properly on failure by calling pw_abort(3).
- Check the interface is running first to avoid doing unnecessary STP processing in bridge(4).
- Before login_getcapstr(3) destroys the information, check that the value of $SHELL given to ssh(1) is the same as the user's real shell.
- Remember to take the address of the structure on which we're using bzero(3) in the libc stack protector code.
- Hack setsockopt(2) under linux emulation so that SO_REUSEADDR works as expected.
- Use libc's getopt_long(3) instead of the private version found in a number of GNU programs.
- Fix a typo in bridge(4) so that pf(4) actually gets applied to outbound frames...
- Yet more string function paranoia in pfctl(8).
- Allow bridge(4) to set the STP path cost.
- Add support for regular expression matches in systrace(1) filters.
- In systrace(1), don't allow 'permit' to be used on aliases.
- Now that options to pf(4) rules can mostly be in any order, check for and disallow repeated options.
- Handle '-' as stdin or stdout appropriately in uniq(1).
- strncpy -> strlcpy in pfctl(8).
- Make compress(1) accept most of gzip(1)'s long options. Some cleanup also.
- Continuing compatibility tweaks to getopt_long(3).
- pf(4) queue options can now be in any order. The 'scheduler' keyword is no longer used.
- More rule shrinkage: The 'fromto' part of a pf(4) is now optional and defaults to 'all', so e.g. 'block' == 'block all' == 'block from any to any'.
- pf(4) anchor rules now support parameters, so 'anchor name proto tcp from any to any port smtp' works.
- Remove support for the '-a otp' flag from telnetd(8). Use login.conf(5) instead.
- Make su(1)'s -a flag work again.
- 'pfctl -s' now prints out addresses in rules in the order they are entered.
- When telnet(1) receives a SIGPIPE when writing to the terminal, treat it like a user SIGQUIT.
- Have pfctl(8) use the actual interface MTU instead of assuming 1500.
- Convert string key hashes in pfctl(8) to network byte order.
- Fix a bug in Xaw that reads the wrong error return from open(2).
- All the games set up the RNG with srandomdev(3) instead of by lesser means.
- Have isakmpd(8) set the transform from the Default-Phase-1-Configuration.
- Make srandomdev(3) fall back to using sysctl if it can't open /dev/arandom.
- Make the libc getopt_long(3) more compatible with GNU.
- Output from 'pfctl -v' is now valid input to pfctl(8).
- Make section and tag comparisons in isakmpd(8) case-insensitive.
- Allow a null direction in pf(4) rules, so e.g. 'block all' is now valid.
- Add named rulesets support to pf(4), invoked from 'anchor' rules in the main ruleset.
- Kernel memory allocation debugging can now be used anywhere - if the debugging pool is not yet initialised, it just does nothing.
- Fixes to getopt_long(3).
- Rule numbers are no longer output by 'pfctl -v'. Use '-v -v' to get them back.
- Make scp(1) handle systems with odd block sizes better.
- Drop unnecessary altq devices from the kernel.
- Pass correct sizes to memset in ping6(8).
- Make bridge(4) behave better when running spanning tree: Flush the dynamic MAC cache when the forwarding/blocking state changes, and only forward packets while in the forwarding state.
- Make isakmpd(8) accept ACQUIRE requests with a null EXT_ADDRESS_SRC.
- In pf(4), apply a netmask consistently.
- Crank the major version numbers of the X libraries.
- Continuing cleanup and shrinkage of the installer scripts.
- arp(8) now prints the interface name with which an address is associated.
- Big cleanup up mixerctl(1).
- Import a GNUish getopt_long(3) from NetBSD.
- Add -4 and -6 command line options to isakmpd(8) to select the address family to use.
- Better MTU setting for pfsync(4).
- Correct a missed initialiser in raid(4).
- Have pfctl(8) play nice and shut down its sockets when it's done.
- Crank all (system) library major numbers now that propolice is in.
- Make a copy of rather than just refer to a string in ld(1). Cures some ports linking problems.
- Allow options at the end of pf(4) pass and block rules to come in any order.
- Make the bandwidth specifier optional in altq rules (as well as queue rules.) As a side effect, the altq rules can now have "bandwidth xx%" where the percentage is taken w.r.t. the interface bandwidth.
- Implement legacy functions ecvt(3), fcvt(3) and gcvt(3) for standards compliance.
- Add propolice stack attack protection into gcc(1).
- Updated unifdef(1).
- Don't have the X server drop privileges if started by root and from a non-standard config path.
- Tweaks and fixes to pf(4)'s ioctl code.
- Teach tcpdump(8) about pfsync(4).
- Add new pseudo-device pfsync(4), exposing changes to the pf(4) state table.
- Kill a null deref in pf(4).
- Wrap some noisy altq printf()s with #ifdef ALTQ_DEBUG.
- file(1) gets a new option, -b, which supresses the output of the pathname.
- Allow a qlimit to be specified in pf(4) altq rules as well as in queue rules.
- Use a custom hash function (based on that in if_bridge.c) for pf(4) source-hash nat pools instead of MD5.
- tcpdump(8) checks for invalid icmp6 option length.
- page_dir update fixed in realloc(3). MALLOC_OPTIONS=J is now honoured in realloc() as well.
- 'fc -e' now works when ksh(1) is invoked in 'sh' mode.
- Allow usernames given to ssh(1) to contain '@' characters, i.e. the hostname follows the last '@'.
- Tweaks to pf(4) altq rules display.
- Stop daemon(3) closing descriptors that isakmpd(8) needs.
- Have pfctl(8) read correctly the tbrsize spec.
- Fix underflow and wraparound in socket timeout calculation.
- Make IPv6 work in Linux emulation mode, though not for IPv4-mapped addresses.
- The bandwidth statement in pf(4) queue rules is now optional.
- Change pf.conf(5) ordering so translation is now after queue...
- Parse more include files so that kdump(1) knows about more ioctls.
- Pass in the right structure to DIOCCHANGEADDR.
- Fix 'pfctl -Fq' so altq(9) gets flushed and reset properly.
- setuid() -> seteuid() in ftpd(8).
- Tweak pf(4)'s handling of address families in rules.
- Make pfctl(8) fetch the address properly for lo(4) with LINK1 set.
- Use 1KB = 1000B instead of 1024B when dealing with bandwidth in pf(4).
- Fix URL CRLF injection bug in lynx(1).
- Add a missing check for snprintf errors in identd(8).
- Protect arc4_getbyte() with an splhigh().
- Some cleanup in talkd(8).
- When malloc(3) stats dumps are enabled, warn if atexit(3) fails.
- Enforce new pf.conf(5) ordering: options, normalization, translation, queue, filter.
- Copy TAILQs properly in pfctl(8).
- Remove a potential access-after-free in libc's syslog code.
- New manual page gcc-local(1) documenting OpenBSD-specific changes to gcc(1).
- So farewell, then, altqd(8) and friends.
- Better pfctl(8) altq rule error checking.
- Fix a potential null deref in pfctl(8)'s parser, and some general cleanup.
- Make sure authpf(8) and pfctl(8) don't try to issue ioctls when running with -n.
- Implement 'nat pools' in pf(4), allow redirection using (nat, rdr, route-to, dup-to and reply-to) to multiple addresses.
- Improvements to the ELF loader.
- Some snprintf paranoia in BSD auth, also some extra initialisation.
- Added new example dir /usr/share/pf, and example queue rulebase /usr/share/pf/queue1 to show how cool pf+altq is.
- Stop authpf(8) accepting non-interactive sessions.
- 'pfctl -v' displays altq and queue lines, including child queue assignment.
- Match the queue to the return type (icmp-unreach or RST) for pf(4) block rules.
- Use a quad_t instead of an int, and fix rlimit sizing for >2GB machines.
- Fix some strncpy(3) lengths in telnetd(8).
- Add _tokenadm and _radius groups so their respective login programs can be setgid instead of setuid(root).
- Add _shadow group and change group and mode of /etc/spwd.db to match
- Add atoll(3) and strerror_r(3) to libc.
- Add simple multiple-card load balancing to crypto(9) and add a simplified driver registration API.
- Some int -> unsigned int in isakmpd(8).
- New -n option for syslogd(8) to disable DNS lookups.
- Correct a format string bug in routed(8)'s, er, Makefile.
- Fix at(1) breakage when two jobs are set for the same time.
- Correct a use-before-init in xterm(1).
- Create a simple lookup table mechanism [dev/pci/pci.c:pci_matchbyid()] to match PCI device IDs, and have several drivers use it.
- vi(1) catalog updates: Fix Russian, add Polish and Ukrainian.
- Fix an off-by-one when reading ICMP types and codes by name in pfctl(8).
- Merge of altq(9) and pf(4), still some work left to do.
- Don't overwrite SIG{INT,QUIT,TERM} handlers in ssh(1) if they're set to ignore. This mirrors rsh(1) behaviour.
- Make sure skey(1) issues a fake challenge for a user without an S/Key file.
- Enable the pthread library, but install it as libnpthreads so autoconf scripts don't pick it up and use it with -lpthread as well as using -pthread.
- In ftpd(8), prohibit user id changes once logged in, and run more stuff as the logged-in user.
- Add 'Default-Phase-1-Configuration' to isakmpd(8).
- Be more careful when loading RSA1 key files in ssh(1).
- Fix isakmpd(8)'s handling of multiple values and continuation lines.
- Improvements to ld.so(1) symbol lookup failure messages.
- Allow DNS queries from the initial rulebase loaded by /etc/rc, so pfctl(8) can load at boot-time rulebases containing DNS entries.
- SECURITY FIX: A buffer overflow in named(8) could allow an attacker to execute code with the privileges of named. On OpenBSD, named runs as a non-root user in a chrooted environment which mitigates the effects of this bug.
A source code patch is available.
[Applied to stable]
- Create links from curses(3) libs to ncurses, to satisfy autoconfiguration scripts that expect the latter instead of checking properly.
- pf(4) scrub rules now are subject to the same list expansion as other rules.
- Add label macro '$if' to pf.conf(5), now we can have interfaces in expansion lists.
- Add some missing pointer initialisations in pfctl(8).
- Add a null transform to crypto(4), enabled via sysctl kern.cryptodevallowsoft=1.
- Fix systrace(1)'s determination of the execve(2) filename.
- Kernel IPsec code checks for short IP headers.
- systrace(1) checks for invalid system call numbers.
- Make su(1)'s login emultation mode work even more like login(1).
- Avoid a possible reference count leak in kernel file descriptor code.
- Remove bogus operations on the not-yet-existent file descriptor table in libc_r.
- Implement simple vnodeops inheritance for specfs and fifofs,
- ftp(1) can now follow HTTP redirects.
- Have scp(1) properly reflect check the exit status of its ssh(1) process if an error occurs.
- Fix some invalid pointers in pf(4)'s ioctl(2) handler.
- Stop makewhatis(8) moaning about non-existent directories.
- Don't use the HostbasedAuthentication switch to ssh-keysign(8); instead, add new option EnableSSHKeysign to ssh_config(5).
- Have groupdel(8) check that the named group exists.
- Allow '$' as the last character of a username, to appease Samba.
- Make sshd(8)'s -e option (log to stderr) work.
- Make the minimum file rotation size 512 bytes instead of 512Kbytes...
- Rearrange payload length check for ESP packets so packets with NULL encryption are tested also.
- Don't allow a simple non-existent server to crash altqstat(1).
- Solve problems static linking with -lpthread. (-static -pthread still broken.)
- Stop up a couple of memory leaks in isakmpd(8).
- Fix a few bugs in mount(8), and make its command line arguments handling more consistent.
- Keep a correct reference count to the file referenced by ioctl(2) under SVR4 emulation.
- Gracefully handle broken firewalls that block ECN-enabled TCP sessions by falling back to non-ECN.
- Some thread-safety fixes to libc.
- Add a cast to handle properly size_t larger than u_int in ssh(1).
- Fix some problems gzip(1) had displaying information on files > 2GB.
- Serve pf(4) a strong draught of CIDR (e.g. can use 10/8 now instead of 10.0.0.0/8.)
- -STABLE branch created for 3.2. smrsh, pfbridge and kadmind errata fixes applied to it.
- When checking a filename in ssh(1), don't fail when realpath(3) for the user's home directory - this happens legitimately when using AFS.
- Do a better job when comparing dynamic addresses in pf(4).
- In pf(4) AF macros, operate on the whole address (all 128 bits) unless AF_INET is set.
- Fix perl(1)'s MakeMaker so manpages get installed the way we like.
- Plug a memory leak in IPv6 (ip6_output.c)
- Make sure processes aren't added to the process list until they're completely initialised.
- Implement some 4.3BSD emulation functions in terms of setresuid() etc.
- Use the new setresuid() etc. calls for FreeBSD, HP-UX and Linux emulation of the same calls.
- Implement [gs]etres[gu]id(2) system calls. Minor version bump for libc and libc_r.
- Many fixes to signal and fd handing under threads.
- Fix pf(4) interface expansion.
- Better GRE output from tcpdump(8).
- New -U option to chroot(8) that sets the uid, gid and group vector from the password database.
- To a chorus of approval, add the 'set require-order [yes|no]' option to pf.conf(5).
- Remove a bogus test in dd(1) that stopped a perfectly legal seek on a character device.
- Merge mod_ssl 2.8.12, fixing a cross-site scripting bug and two off-by-ones.
- Add a missing break statement in systrace(1)'s arguments parsing code.
- Add getdents64() support under Linux emulation.
- Merge in Perl 5.8.0.
- Have pool elements' sizes rounded up to the alignment passed to pool_init(9) instead of relying on the architecture's ALIGNBYTES value.
- wi(4) can now do pointless-but-common WEP encryption in software for Prism and Symbol cards. Useful if your card doesn't do weak IV avoidance (or if you trust your BSD more than your hardware manufacturer,) and also serves as a framework for better wireless crypto protocols.
- The installer unpacks siteXX.{tgz,tar.gz} files last so that site-specific tarballs always overwrite standard files.
- Remove the error-prone and robustness-principle-defying 'flags X' (as opposed to 'flags X/Y') syntax from pf(4)
- Be a little less 32-bit-centric in libcrypto.
- Have route6d(8) and rtsold(8) use poll(2) instead of select(2) as well.
- Change atoi(3) to strtoul(3) in route6d(8).
- Change a number of header files so NULL is now defined as 0L instead of 0, and so is the same size as a pointer.
- Add to chroot(8) the ability to set the uid, gid and group vector after doing the chroot(2) call.
- Some additional paranoia added to authpf(8).
- Have pf(4) test rule labels as well when comparing rules.
- Fix a few instances where %ul was used instead of %lu.
- Use poll(2) instead of select(2) in ping6(8)
- More picky argument parsing in traceroute6(8) and ping6(8).
- A couple of tmpnam(3)s become mkstemp(3) in httpd(8).
- Lots of int -> u_long in traceroute6(8).
- Correct an off-by-one in wi(4).
- Fix a printf format string typo in pfctl(8).
- Make pfctl(8) apply the netmask to addresses right away, so bogus netmasks show up as munges network numbers in -v output.
- Correct a couple of typos in pf(4)'s ioctl() code.
- Fix a null deref in libc_r.
- Make sure the user process tally is right when kernel stack space can't be allocated for the new proc.
- Correctly count the total number of processes in the system.
- SECURITY FIX: A buffer overflow can occur in the kadmind(8) daemon, leading to possible remote crash or exploit.
A source code patch is available.
[Applied to stable]
- Add partial support for the 21145 chip to dc(4).
- Have xconsole(1) get a pseudoterminal using openpty(3) instead of going all #ifdef.
- More NULL -> (void *)NULL, this time in XFree, to make sure varargs sentinel is pointer-width.
- pax(1) now honours @LongLink, and has a new option to stop the next volume prompt.
- Improved media support and a boundary check fix for wi(4).
- Have route(8) correctly interpret -prefixlen 32 (or 128 for IPv6) network as a host route.
- Enable uvm_tree_sanity() check #ifdef DEBUG.
- Fix a potential null deref in route(8)'s arguments parser.
- Renumber ch(4) CHIO* ioctls. Old definitions renamed to OCHIO*, binary backwards compatibility will be left in intact until post-3.3.
- Teach kdump(1) to print AUDIO_* ioctls, and add a few missing syscall defines.
- Support fxp(4) on big-endian architectures.
- pf(4) allows protocols to be specified by a (valid) protocol number.
- Add a missing free() in pflogd(8).
- Treat manually- and auto-configured IPv6 address prefixes the same way.
- For positively POSIX reasons, implement isfdtype(3).
- Bring pax(1)'s date handling code back into sync with that in date(1). Four digit years parse now.
- Start to break out machine-dependent parts of MAKEDEV(8) into separate files.
- Send ksh.kshrc label() and ilabel() output to /dev/tty insted of stdout, so command output streams doesn't get messed up.
- systrace(1) supports system call-granularity privilege elevation!
- Correct a typo in systrace(1) that was causing group predicates to be evaluated incorrectly.
- Range-check values given to atactl(8).
- Better mask comparison for pf(4) binat.
- Remove the setuid bit from login(1). If run with a non-root euid, it invokes su(1) with the new -L flag.
- Add '-L' flag to su(1) to make it work like login(1).
- Enable the META key in ksh(1) for 7-bit locales.
- Make sure some varargs end-of-list sentinel NULLs are pointer-width.
- Fix a subtle dangling pointer bug in BSD auth.
- Sync Brazil's Daylight Savings Time handling with new reality.
[Applied to stable]
- Stop makewhatis(8) grumbling about having Perl 5.8.x instead of 5.6.x.
- In the X server, work around problems caused by certain MTRR configurations whose details are only available under NDA.
- Kernel tweaks and hacks in preparation for GCC 3.x (kern/subr_prf.c)
- A logic error in the pool(9) kernel memory allocator could cause memory corruption in low-memory situations, causing the system to crash.
A source code patch is available.
[Applied to stable]
- pf(4) can now binat a whole netblock with one rule.
- Remove a potential null pointer deref in BSD authentication code.
- Fix a bad printf format string in ftpd(8). Non-critical because it's only ever fed by parts of the authentication system which sanitise the input first.
- Do some more unsigned checks to system call parameters, as with the setitimer(2) erratum.
[Applied to stable]
- Prepare the GNU floating-point emulation code on i386 for ELF.
- Update stable to OpenSSH 3.5.
- Catch some endianness nits and add zero-padding of keys in wi(4).
- Teach ALTQ CBQ the pf(4) API. The old API remains for now.
- RELIABILITY FIX: Network bridges running pf with scrubbing enabled could cause mbuf corruption, causing the system to crash.
A source code patch is available.
[Applied to stable]
- Fix a bug in m_tag_copy_chain().
- Hush up noisy IPv6 neighbor discovery. Can be made loud again using sysctl net.inet6.icmp6.nd6_debug.
- SECURITY FIX: An attacker can bypass the restrictions imposed by sendmail's restricted shell, smrsh(8), and execute arbitrary commands with the privileges of his own account.
A source code patch is available.
[Applied to stable]
- Make predicates part of systrace(1)'s grammar.
- Start work on a merge of altq(9) and pf(4) functionality. Oh yes.
- Add a missing htons() in talkd(8).
- In pmdb, fix a crash that occurred when an attempt to set a breakpoint failed.
- Support SA_RESETHAND support to libc_r, in preparation for SA_SIGINFO support.
- Merge in Apache 1.3.27 and mod_ssl 2.8.11.
- New block-policy option to set the default response to a block rule.
- More rulebase reduction: "block return ..." now does The Right Thing, RST for TCP, ICMP for UDP, silent block otherwise.
- pf(4) support for icmpv6 returns in response to block rules.
- New reply-to rule option for pf(4), works like route-to but applies to reply packets in a stateful connection.
- httpd(8) restarts work even when srm.conf is not present.
- Have the X server complain less about unknown scancodes.
- Initialise the uvm_pglistalloc result list in the function, instead of requiring the caller to do it.
- syslog(3) and syslog_r(3) now take the new __syslog__ format attribute.
- Make the default httpd(8) config files use php4 instead of php3.
- pfctl(8) expands lists left-to-right instead of right-to-left.
- Teach pf(4) how to filter on the IP TOS field.
- Fix list handling problem in ALTQ CBQ that showed up with three or more CBQ instances.
- smtpd(8) has left the building.
- By default, add the -H option to the sort(1) invoked by locate.updatedb(8).
- Give window(1) the stdarg treatment.
- When routing via pf(4), use the outgoing interface as decided by the normal routing code, not the interface to which the rule applies.
- Fix cross-site scripting vulnerability (CAN-2002-0840) in the default error page of httpd(8). Only applies under specific (and non-OpenBSD default) conditions.
[Applied to stable]
- In kernel IP processing, block interrupts with splsoftnet(9) around interface address routing table manipulations.
- Make sure wi(4) doesn't accept out-of-range TX keys.
- Stop ami(4) matching I2O-configured devices.
- 3.2 -> 3.2-current.
This list mentions mostly platform-independent changes. For a list of changes
made in a particular platform, please check the page for that platform. If you
find them not listed there, the changes are either (1) not being documented or
(2) are documented here.
www@openbsd.org
$OpenBSD: plus.html,v 1.856 2003/01/18 20:05:08 deraadt Exp $