Software-update: OpenBSD 4.6

Enkele dagen geleden is de nieuwe halfjaarlijkse release van OpenBSD uitgekomen. Op deze pagina is een uitgebreide lijst van ftp- en http-downloadlocaties te vinden. OpenBSD stamt af van de originele Berkeley Software Distribution en staat erom bekend dat de ontwikkelaars alleen opensource software willen gebruiken en verder om zijn uitstekende documentatie en veiligheid. Zoals gewoonlijk met een nieuwe versie van OpenBSD is er ook een nieuw thema ontworpen rondom het OS, vergezeld met een heuse themesong en verkrijgbaar op audio-cd, als poster en t-shirt. Als titel van het thema heeft men deze keer gekozen voor "Planet of the Users". Hieronder is een gedetailleerder overzicht van de doorgevoerde veranderingen in versie 4.6 te vinden:

New/extended platforms:

• mvme68k
  • Added support for the MVME141 and MVME165 boards.
• sparc
  • The bootblock load address was moved so that larger kernels can be loaded.
• sparc64
  • Added acceleration support for many of the PCI frame buffer drivers, such as Sun PGX, PGX64 and XVR-100, and Tech Source Raptor GFX graphics cards.
• sgi
  • Added support for the SGI Octane, SGI Origin 200 and SGI Fuel families of systems.
  • Several bugs in interrupt handling have been fixed, resulting in much snappier system response.

Improved hardware support, including:

• Several new/improved drivers for sensors, including:
  • The ips(4) driver now has sensor support, complementing the bio support.
  • The acpithinkpad(4) driver now has temperature and fan sensor support.
  • New endrun(4) driver for the EndRun Technologies timedelta sensor.
  • The fins(4) driver now has support for F71806, F71862 and F71882.
  • The acpitz(4) driver now shows correct decimals for temperature.
• Added radeonfb(4) to sparc64, an accelerated framebuffer for Sun XVR-100 boards.
• Added support in re(4) for RTL8103E and RTL8168DP devices.
• Added support for BCM5709/BCM5716 devices in the bnx(4) driver.
• Added support for ICH10 variants of em(4).
• Added support for VIA VX855 chipset in the viapm(4) and pciide(4) drivers.
• Added support for Intel SCH IDE to pciide(4).
• Added support for the Broadcom HT-1100 chipset in the piixpm(4) driver.
• Added support for 82574L based devices in the em(4) driver.
• A number of network drivers including ix(4), sis(4), msk(4), bnx(4), and vr(4) now use MCLGETI(9) to reduce memory usage and increase performance under load and attack.
• Added support for VIA CX800 south bridge to the viapm(4) driver.
• Added support in em(4) for the newer 82575 (and maybe 82576) chips.
• zyd(4) now supports devices with Airoha AL2230S radios.
• zyd(4) now works on big-endian machines
• urtw(4) now supports RTL8187B based devices.
• New otus(4) driver for Atheros AR9001U USB 802.11a/b/g/Draft-N wireless devices.
• New berkwdt(4) driver for Berkshire Products PCI watchdog timers.
• New udl(4) driver for USB video devices.
• Support for a variety of newer models in bge(4).
• Initial version of vsw(4), a driver for the virtual network switch on sun4v sparc64s.
• Implemented machfb(4), an accelerated driver for the sparc64 PGX/PGX64 framebuffers.
• Added a vcc(4) and vcctty(4) driver for the "Virtual Console Concentrator" found on the control domain of sun4v systems.
• Implemented 64-bit FIFO modes for ciss(4) devices.
• Enable hardware VLAN tagging/stripping on ix(4).
• Added basic support for Envy24HT chips in the envy(4) driver.
• Many improvements and updates to the isp(4) driver.
• Added support for 88E8057-based Yukon 2 Ultra 2-devices in msk(4).
• The ips(4) driver now works reliably.
• Added raptor(4), an accelerated framebuffer driver for the Tech Source Raptor GFX cards on the sparc64 platform.
• Enabled schsio(4) on i386 and amd64 and added watchdog timer support.
• New acpivideo(4) driver for ACPI display switching and brightness control.

New tools:

• Added smtpd(8), a new privilege-separated SMTP daemon.
• Imported the tmux(1) terminal multiplexer, replacing window(1).

pf(4) improvements:

• Enabled pf(4) by default in the rc.conf(8).
• Removed pf(4) scrub rules, and only do one kind of packet reassembly. Rulesets with scrub rules need to be modified because of this.
• Regular rules can now have per-rule scrub options.
• Added new "match" keyword which only applies rule options but does not change the current pass/block state.
• Make all pf(4) operations transactional to improve atomicity of reloads.
• Stricter pf(4) checking for ICMP and ICMPv6 packets.
• Various improvements to pfsync(4) to lower sync traffic bandwidth and optionally allow active-active firewall setups.
• Fix pf(4) scrub max-mss for IPv6 traffic.

OpenBGPD, OpenOSPFD and other routing daemon improvements:

• In bgpd(8), rework most of the RDE to allow multiple RIBs. It is possible to filter per-RIB and attach neighbors to a specific RIB.
• Added an option to bgpd(8) to change the "connect-retry" timer.
• Allow bgpd.conf(5) and bgpctl(8) to contain 32-bit ASN numbers written in ASPLAIN format.
• Fix bgpd(8) to correctly encode MP unreachable NLRI so IPv6 prefixes get removed correctly.
• Changed the behaviour of "redistribute default" for ospfd(8) and ripd(8). A default route has to be present in the FIB to be correctly advertised.
• Make ospfd(8) and ripd(8) track reject and blackhole routes and allow them to be redistributed even if pointing to 127.0.0.1.
• Allow to specify an alternate control socket for ospfd(8).
• ospfd(8) can now be bound into an alternate routing domain.
• Fix ospfd(8) route metric for "redistribute default".
• Initial version of ldpctl(8) and ldpd(8), a label distribution protocol daemon for mpls.
• Make dvmrp(8) RDE aware of multicast group members per interface.
• Support for pruning in dvmrp(8).

Generic Network-Stack improvements:

• Support for virtual routing and firewalling with the addition of routing domains.
• Add code in ifconfig(8) to bind an interface to a routing domain.
• Add support to ping(8), traceroute(8), arp(8), nc(1) and telnet(1) to specify which routing domain to use.
• Allow ifconfig(8) to turn off IPv6 completely for an interface and make rtsold(8) turn on inet6 on the interface.
• Routes track the interface link state.
• route(8) flush accepts "-iface" or "-priority" to only flush routes matching these conditions.
• Multiple dhclients can now coexist without causing mayhem.
• Make wireless interfaces have an interface priority of 4 by default. Makes them less preferred then wired interfaces.
• Do not accept IPv4 ICMP redirects by default.
• Added the MAC address to the log entries in dhclient(8).
• Make systat(1) show interface description names in the interface view, and add new NFS server and client views.
• Make tun(4) emulate link state depending on the open and close of the device fd.
• Use pf state-table information to speed up decision on whether a packet is to be delivered locally or forwarded.
• More routing socket checks added to make userland applications more resilient to kernel changes.

Install/Upgrade process changes:

• New disklabel(8) automatic partition allocator with a variety of smart heuristics.
• The installer has been nearly rewritten mostly with a focus on simplifying installation.

OpenSSH 5.3:

• Do not limit home directory paths to 256 characters. (bz #1615)
• Several minor documentation and correctness fixes.