OpenBSD -current changelog
This selection is intended to include all important
and all user-visible changes.
For a complete record of all changes, please see the "source-changes"
mailing list, called "OpenBSD CVS"
in the archives,
or use CVS.
Note: Problems for which patches exist are marked in red.
For changes in other releases, click below:
Changes made between OpenBSD 5.5 and -current
- Stopped mandoc(1) crashing when processing macros in .Sh header lines, or having .Sm off or .Bk -words open.
- Stopped leaking socketpair file descriptors if tmux(1) fork(2) fails.
- Fixed potential race in UFS where an allocated inode could fail to get added.
- Removed o_dir.c from openssl(1) now that OPENSSL_DIR_XXX has been removed from the build.
- Removed nonstandard and unsafe DES support from ed(1).
- Switched pkg_mklocatedb(1) to using common SetList code, renaming -x into -X.
- Updated xcb-utils to 0.3.9.
- Allow slowcgi(8) QUERY_STRING to be longer than 127 bytes.
- Update libxcb to version 1.10.
- Made OPENSSL_NO_HEARTBLEED the default and only option in ssl(8) code.
- Adapted snmpctl(8), relayd(8) and snmpd(8) to use AgentX protocol to send traps.
- Confirm passwords when signify(1) is generating keys.
- Fixed SQL_STEP failures for man(7) pages lacking descriptions.
- Better mandoc(1) error reporting in case of SQL errors: mention dir and file.
- Major ssl(8) cleanup to remove: MacOS, Netware, OS/2, VMS and Windows build machinery and shared libraries; openssl(1) engines and code that were not properly licensed; vms support; various horrible socket syscall wrappers; insecure use of time as a random seed in the TLS engine.
- In qla(4) debug output, print loop ids as decimals and port ids as 24bit hex.
- Update to xtrans 1.3.4.
- Updated to xextproto 7.3.0.
- Added presentproto 1.0.
- Bring back r1.16 of protector.c in gcc(1) version 2.95. Fixes code generation of usr.sbin/dhcpd/memory.c!new_address_range() on vax.
- 5.3, 5.4, 5.5 and -current SECURITY FIX: Fixed openssl(1) read buffer to stop an attacker injecting data from one connection into another.
A source code patch is available for 5.3, 5.4 and 5.5.
- Made sure cu(1) -l overrides HOST.
- Avoid sshd(8) crash at exit, by checking that pmonitor!=NULL before dereferencing (bz#2225).
- Fixed more(1) to use basic regular expressions (unlike less(1)).
- Clamp offsets to the available memory space. Fixes tmux(1) crash.
- Further apropos(1) speed optimisation, with mmap(3) MAP_ANON SQLITE_CONFIG_PAGECACHE.
- Updated to libdrm 2.4.53
- Disabled Segglemann's RFC520 heartbeat from ssl(8).
- Don't release the ssl(8) read buffer if we're not done reading from it; disabled buf freelists.
- Added validation routines to iked(8): overall header structure is checked for sanity before copying the header; avoid overflow by passing down the number of remaining bytes.
- Notify userland when an arp(4) entry is removed.
- Fixed fd leaks in mg(1) error paths.
- Retired rtinit() and switched to using rt_ifa_add(9) and rt_ifa_del(9) to manage connected routes to prefixes/hosts.
- Revived fix for perl(1) RT bug 116441 (null dereference affecting mod_perl).
- Split manual names out of the common "keys" table into their own "names" table. Reduces standard apropos(1) search times 70% for the full /usr/share/man database.
- Moved descriptions from mandoc(1) keys table to mpages table: reduces typical apropos(1) search times by about 40%; reduces database size.
- In less(1) "more" mode, made command specified by -p option apply to every edited file, as per POSIX.
- Reverted r1.93 of mg(1) file.c, which broke permission checks.
- 5.5 SECURITY FIX: Make ftp(1) client check the server hostname, to avoid false validation when connecting to an https website.
A source code patch is available for 5.5.
- Updated to xf86-video-ati 7.3.0.
- Made smtpd(8) display correct imsg when profiling is on and if the type was changed.
- Zapped the smtpd(8) mfa process. Content filtering will be done at session level.
- Removed CA certificates from ssl(8) which are not listed in Mozilla's certdata.txt.
- Use root CAs in ssl(8) used by TeleSec (Deutsche Telekom AG): Baltimore CyberTrust Root, Deutsche Telekom Root CA, T-TeleSec GlobalRoot Class 2 and T-TeleSec GlobalRoot Class 3.
- If TLS validation is on, make ftp(1) fetch TLS certificate and check the server hostname against the subjectAltName and/or CommonName.
- Build libgcc without SSP. Unbreaks landisk bootblocks.
- Updated to xorg-macros 1.19.0.
- Ensure that we free buffers written out by the page daemon rather than caching them.
- Fixed error in bcrypt_pbkdf(3) stride calculations.
- Added error detection mechanism to detect when sudo(8) configuration is incorrect for building ports.
- Zero-fill smtpd(8) mta static buffer before use in DSN code.
- Added term_flushln() flag to control indentation of continuation lines in TERMP_NOBREAK mode. Reduces groff-mandoc differences in base by more than 15%.
- Added rgephy(4) for axe(4) and axen(4) on hppa and zaurus.
- Fully implemented roff(7) \B (validate numerical expression) and partially implemented \w (measure text width) escape sequence.
- 5.3, 5.4, 5.5 and -current SECURITY FIX: Fixed openssl(1) CVE-2014-0160 "heartbleed" vulnerability.
A source code patch is available for 5.3, 5.4 and 5.5.
- Added MSI support for xhci(4).
- Enable upd(4) on archs where uhidev(4) is present.
- Do not attach when no upd(4) sensors can be allocated; made device querying smarter.
- Added roff(7) support for indirect references to user-defined strings.
- Made iscsid(8) listen to the control socket, so the connect() call from iscsictl(8) will not fail.
- In udp_output(), use the correct source address in case of an unbound socket.
- Accept arbitrary argument delimiters for various roff(7) escape sequences.
- Increased MSGBUFSIZE on macppc.
- Exit on error or HUP when poll()ing the keyboard. Otherwise, top(1) may spin when its tty goes away.
- Added implementation of roff(7) numerical expressions.
- Retired kernel support for SO_DONTROUTE, this time without breaking localhost connections.
- Updated termtypes.master to upstream terminfo-20140329.src.
- When qla(4) is iterating through fabric ports, start at our own port ID, to simplify tracking.
- Added axen(4) wherever axe(4) is found.
- qla(4) ISP2322 chips need a different firmware image to other 2300s, don't load firmware for them.
- Removed (expensive) temporary connect in udp_output(). Also fixes possible memory leak.
- Added missing addressing modes for the fucomip instruction on i386. Unbreaks webkit port.
- Fixed smtpd(8) when writing multi-line "To" and "Cc" headers.
- Implemented the roff(7) .rr (remove register) request.
- Fixed uvm(9) logic error (and prevented theoretical infinite loop) in uvm_pmr_rootupdate().
- mandoc(1) bugfix: make sure all variables are properly initialised when rendering .ll (line length) requests.
- Added the -t ktrace(1) option to ltrace(1). Allows triggering library function call trace and other kernel events trace simultaneously.
- Fixed smtpd(8) header parsing issue in enqueuer, which was stripping the "From:" header in some cases.
- Made mandoc(1) warn about missing mlinks when the -p (picky) option is given, and not overridden by: -Q, -d, -u, or -t.
- Merged the mda, mta and smtp smtpd(8) processes into a single unprivileged process.
- Start the smtpd(8) purge task after events are set, so we don't miss a SIGCHLD.
- Reworked qla(4) command polling loop so it can handle multiple responses in a single interrupt. Allows talking to Hitachi disk arrays.
- Fixed pppx kernel panic when using npppd(8) with multiple pppx devices.
- When the -n or -t flag is given to makewhatis(8), write names and descriptions to stdout (format similar to apropos(1)).
- Instead of silently doing nothing, made mandoc(1) warn and return non-zero when the manpath is empty.
- Added a uvm_yield function to uvm(9) and use it to prevent the reaper from hogging the cpu.
- Reworked wait/kernel lock heuristics to give interrupts on other CPUs to a chance to run, for reduced latency.
- When mg(1) discovers a directory is non-existent, offer a "y" option to make the directory.
- Renamed the makewhatis(8) -W option to -p. Matches flag introduced in OpenBSD 2.7.
- Proper validation and computation of bsize now occurs in the disklabel(8) expert mode.
- Renamed -v option of mandocdb(8) to -D, to avoid a clash with the -v option of makewhatis(8).
- Reduced the tmux(4) mouse wheel scroll size to 3; allow shift to reduce it to 1; allow meta and ctrl to multiply by 3; support wheel in "choose" mode.
- Fixed npppctl(8) calculation of response message size.
- Added the "#" character as a comment character in the mg(1) startup file.
- Support UTF-8 with tmux(4) choose-buffer; made buffer_sample bigger to let it trim at window right edge.
- Enabled hds(4) on hppa.
- Enabled mpath(4) on macppc.
- When using VerifyHostKeyDNS with a DNSSEC resolver, down-convert any certificate keys to plain keys and attempt SSHFP resolution. Prevents server from forcing a new-hostkey dialog.
- Include fingerprint of key not found by ssh-keysign(8); use arc4random_buf() instead of loop+arc4random().
- In four byte UTF-8 sequences, make sure tmux(1) only uses three bits of the first byte.
- Stopped tmux(1) crashing when a zero-length argument is passed to setb.
- Made tmux(1) message-limit a server option.
- Stopped tmux(1) segfaulting when the parent of the layout cell is NULL.
- Added setb -a to tmux(1) append; added a copy mode append command.
- Made session_attached a count; added session_many_attached flag to tmux(1).
- Added start-of-list, end-of-list, top-line and bottom-line in tmux(1) choice mode.
- Stopped tmux(1) writing into the buffer if there are no arguments.
- Changed secondary device attributes response to "\033[>84;0;0c" which is unique for tmux(1).
- Made bus_dmamap_load(9) and bus_dmamap_unload(9) mpsafe on alpha.
- Restored behaviour of ls(1) -f implying -a (lost in commit made in 1989). Conforms to IEEE 1003.1-2008 ("POSIX.1").
- On loongson, mips and octeon, stopped whole L1 cache being flushed unnecessarily.
- Again allow more than one level of directories to be created via mg(1) make-directory.
- Force detach of all usb(4) devices by disconnecting root hubs before suspending machine. Avoids races.
- libtool(1) now properly add -rpath to the linker when linking libraries. Matches GNU libtool.
- Increased Xtranssock.c send buffer for UNIX sockets. Makes Firefox usable again when viewing large images.
- If HOST or the host argument starts with a "/", cu(1) will now treat it as a device name.
- Fixed REMOTE on cu(1) to work like tip(1); added support for HOST.
- Added SNI support to ftp(1).
- Allow roff(7) to support relative arguments to .ll (increase or decrease line length).
- Repaired boot.net operation on (at least) sparc SS5 PROM v2.21
- Implement the roff(7) .ll (line length) request.
- 5.5 RELIABILITY FIX: Memory corruption occurring during icmp(4) reflection handling (ICMP reflection is disabled by default).
A source code patch is available for 5.5.
- Recognise so-called "EFI-like" interface provided by newer PMON firmware on Loongson 2Gq and Loongson 3A.
- Bugfix and security update to nginx(8) version 1.4.7 (note: CVE-2014-0133 does not affect OpenBSD).
- Speed-up overlapping copy operations in gio(4/sgi) by attempting to perform them in larger chunks whenever possible.
- Removed pflowproto 9 (unfixable post-2038). Better option is pflowproto 10.
- Allow leading and trailing vertical lines in mandoc(1), format them in the same way as groff; do not require whitespace before vertical lines in layout specifications.
- Properly initialise malloc(3)ed memory in mandoc(1), to fix crashes when using apropos(1).
- Made sure the command TRB is reset if a command is submitted when the usb(4) hardware is already gone.
- Reverted "retire kernel support for SO_DONTROUTE" diff, which caused problems in localhost connections.
- On loongson, made sure the HIBERNATE pages get reserved regardless of the memory layout.
- Program the colormap correctly on grtwo(4/sgi); added a simple screen burner accessop.
- When enforcing TOS (Traffic Class), made pf(4) preserve the ECN bits (as with IPv4 packets).
- Adjusted (commented-out) nginx.conf(5) sample blocks for PHP and SSL configurations.
- Made mg(1) C-t (transpose two chars) behave like emacs.
- Ended experimental machine-independent login.conf(5) template support.
- Made cu(1) handle REMOTE in the environment as either a separate remote(5) file or a host.
- Added cu(1) support for retrieving the line and speed from the /etc/remote "dv" and "br" capabilities like tip(1).
- Fixed handling of the kill(1) "-1" option from a thread other than the original thread.
- Permit generating of NAMI and CSW records inside ktrace(2).
- Ignore the -b option if cksum(1) is called as-is (e.g. "cksum -b /bsd"), to match man page.
- Removed file2c(1). hexdump(1) works as well for most use cases.
- usb(4) root hubs can now happily be detached and reattached.
- When smtpd(8) is locally enqueuing messages without specifying a domain, update headers to show the local domain.
- Strengthened ssh(1): removed weaker pre-SHA2 hashes, broken cipher (arcfour), and the broken mode (CBC) from the default configuration.
- skey(1) bugfixes: default algorithm switched back to md5; do not let skey_set_algorithm() cause a segfault if an unsupported algorithm is specified.
- Added acpithinkpad(4) support for aux button strip on newer thinkpads missing regular F1-F12 keys.
- dd(1) now supports g for gigabytes.
- Reworked the way sysmerge(8) fetches and verifies sets, to simplify the process.
- Merged perl(1) version 5.18.2 (including local patches).
- Stopped calling smtpd(8) purge_task every 10 secs (only needed once at startup).
- Removed "-r" option from ping(8), traceroute6(8) and traceroute(8).
- Enabled SQLITE_ENABLE_FTS3_PARENTHESIS in sqlite3(1).
- Removed the MD4 functions (highly susceptible to collision attacks).
- Skip leading escape sequences in mandoc(1) man_deroff(), for better indexing.
- Gave powerpc PIE.
- Initialise additional BATs (IBAT4-IBAT7 and DBAT4-IBAT7) on socppc. Stops memory corruption on devices with rb600.
- Fix uhidev_detach() when detaching a device which did not claim all reported IDs.
- Reverted audio key handling.
- Make sure sysmerge(8) adds missing users/groups before running the target; otherwise mtree(8) can fail.
- Let mg(1) users input a tag to find, even if no default tag is defined.
- Disabled smtpd(8) imsg buffers profiling code, to stop processes waking up each second.
- npppd(8) tunnels can now have multiple listen addresses.
- Reimplemented control part of npppd(8) with imsg; added "monitor" command for npppctl(8) to monitor PPP session start/stop events.
- Fixed npppd(8) bug which caused segfaults when npppd.conf(5) had "username-suffix" and "strip-atmark-realm" as yes.
- Made npppd(8) keep listening on 1723/tcp when accept() is failed.
- Removed tape as a method for fetching install sets.
- Attempt to workaround the R4000 end-of-page errata on sgi and mips64, triggered by TLB misses when the code flow crosses a page boundary.
- Disabled MS-CHAPv1 (RFC 2433) support in pppd(8).
- Fixed sysmerge(8) regression when not using a full path to sets; make it use ftp(1) -D.
- Installed /var/unbound/db directory for DNSSEC root key; added (commented-out) options for DNSSEC to unbound.conf(5).
- Removed insecure MD4 checksum algorithm from cksum(1).
- Removed ftp method for obtaining installation sets when running the installer.
- Enabled upd(4) on amd64, sparc64 and macppc archs for testing.
- Sync timestamp changes for inodes of special files to disk as late as possible to avoid useless disk i/o.
- Include support in pstat(8) -v to display the IN_LAZYMOD flag.
- On sgi machines, fixed clipping bounds in "fill" and "blt" graphics operations; added colormap support.
- Removed timeout logic from the polling loop in qlw(4). Stops devices timing out before attaching.
- Retired the rarely used hp300, mvme68k and mvme88k ports.
- Allow checking mandoc(1) databases are up to date even when you don't have write permissions.
- Notify userland (via the routing socket) when ARP resolution completes.
- Put the AF_ROUTE socket that arp(8) operates on into the appropriate rdomain. Stops "arp -V 1 -d 10.0.0.1" hanging forever.
- Made bgpctl(8) correctly parse attribute length form imsg.
- Exit from traceroute6(8) if there is at least one unreachable and sum of unreachables and timeouts are >= number of probes.
- Unbroke sndiod(1) monitoring mode, which was shifted in time by 1 block.
- Userland ppp(9) removed.
- In apropos(1) output, sort names and avoid multiple section numbers.
- In slowcgi(8), use SCRIPT_FILENAME (can be an absolute filesystem path). Fallback to SCRIPT_NAME if this is not present.
- Reimplemented htpasswd(1) from scratch.
- Don't use volume keys when in raw-mode. Stops simultaneous volume changes by X(7) and ukbd(4).
- Enable qlw(4) at sbus(4) on sparc64.
- Enabled unbound(8) in base.
- Updated to xcb-proto version 1.10.
- Updated to libdrm 2.4.52.
- Removed the unused userland agp(4) interface.
- Reverted to the freetype2.pc we had before to bring back local changes.
- More informative smtpd(8) log message on unknown SNI.
- Provide an MI api for byteswapping loads and stores, especially beneficial for sparc64 and powerpc.
- Updated to freetype-2.5.3. Fixes vulnerability in the CFF driver (CVE-2014-2240).
- Enabled qla(4) and qle(4) in ramdisks (except on sgi).
- smtpd(8) now prints the correct user name if SMTPD_QUEUE_USER is missing.
- Use ticket locks (not spinlocks) on i386/amd64/sparc64. Provides fairer access to the kernel lock.
- Added a few more instruction patterns to binutils that are needed by gcc(1) version 4.8.
- In mandoc(1) -Tutf8 mode, count hyphens against the output line length even when they are breakable.
- Stopped the smtpd(8) enqueue utility adding a User-Agent header to emails.
- Block userland from entering drm(4) code during suspend/resume. Fixes inteldrm(4) bugs.
- Unhooked httpd(8) from build: use of nginx(8) is encouraged now.
- No more spray(8) in base.
- Fixed buffer overflows in icmp(4) redirect handling (introduced in rev 1.106).
- Switched over from sendmail(8) to smtpd(8) by default.
- Fixed iked(8) config-address w/o pool.
- Unbroke nc(1) "-6 -l" and apply correct fix for previous commit.
- Removed rmail(8).
- Made ssh(1) scan for ed25519 keys by default.
- For isakmpd(8) CA generation, set the correct certificate extensions so more SSL implementations will trust this as a CA cert. Matches ssl(8).
- Bugfix update to nginx(8) version 1.4.6.
- When pf(4) is translating packets from one address family to another, pass the TOS/Traffic Class field of the original packet.
- When pf(4) is setting packet description, also retrieve the Traffic Class field of IPv6 packets.
- Fixed the cnmac(4/octeon) mediastatus when the interface is not configured.
- Optimisation of opendir(3), rewinddir(3) and related functions. 2000x speedup of seekdir(3) in some tests.
- Fixed acpi(4) on amd64, to avoid reboot and stack corruption problems when resuming.
- Reworked per-cpu cache information, to avoid using hardcoding data based on processor type on mips, octeon, and sgi.
- In re(4), fixed operation and made reception of packets work on the 8168G controllers.
- Made mandoc(1) user-defined macros wrapping ".TP" work correctly; preserve line breaks contained in user-defined macros called in ".nf" mode.
- Enable DMA bursting and tagged queueing in qlw(4); enable qlw(4) on alpha/amd64/i386/macppc/sgi/sparc64; only attempt to load firmware if we actually have some.
- Initial xhci(4) implementation: USB 3.0 umass(4) devices get reasonable read/write speed.
- Improved roff(7)'s .if/.ie condition handling.
- Fixed env(1) diagnostic messages to stderr, so failure of env(1) and failure of the specified utility can be distinguished.
- Allow signify(1) to read input messages on a pipe.
- Added usbd_get_hub_descriptor(), to clean up uhub(4) and deal with hub device descriptors in high speed devices.
- With md5(1) -C, exit with exit status of 1 if any of the files specified do not exist.
- mandoc(1) bugfixes related to the closing of conditional blocks: handle more than one `\}' on macro lines; do not treat `\}' as a macro invocation after a dot at the beginning of a line; do not complain about characters following `\}'.
- Makes the "cleartoggle" function in HC drivers optional (upcoming xhci(4) driver doesn't use it).
- Allow signify(1) to accept a password on stdin, as long as it is not a tty(4).
- On qlw(4), set the correct clock rate for ISP1020/1020A.
- When running sysmerge(8), always print the key signify(1) is using.
- Fix the return values of getpwnam_r(3), getpwuid_r(3), getgrnam_r(3), and getgrgid_r(3) to agree with POSIX.
- Altered qlw(4) so it can compile on sparc64 too.
- In -Tutf8 mode, make mandoc_char(7) named accent character escape sequences render as non-combining accents (lets mandoc behave like groff); made \' and \` equivalent to \(aa and \(ga, respectively.
- Introduced qlw(4), a new driver for QLogic ISP SCSI HBAs (currently only supports the pci(4) variants).
- Raised the delay before initialising sdmmc(4). Lets the reader on X220 work reliably.
- Fixed: sndiod(1) read/write position tracking; incorrect delta propagated after xruns in play-only and rec-only modes; crashes seen after a few days of continuous playback.
- Fixed incorrect position reporting with sndiod(1) when using tiny block sizes on busy machines.
- Made sndiod(1) check that the socket is writable before attempting to write data packets.
- On armv7, removed TIMEZONE and DST options from GENERIC-* kernels; added option USBVERBOSE to all kernels.