OpenBSD 6.2 shipping

It’s that time of the year again!

As always information is available on the OpenBSD site.  The release notes go over all the changes, but the biggest change that caught my eye was this one:

  • The i386 and amd64 platforms have switched to using clang(1) as the base system compiler.

There has been long talk about moving away from GCC on OpenBSD, but many of the older platforms were ‘trapped’ on GCC as they only have support for the CPU in older releases.  And they have long since said it was difficult in submitting patches up stream and dealing with regressions.  Sadly for GCC this has been an industry thing with even Apple moving away from GCC based compilers to CLANG.

Maybe it’s just inevitable, things change.

At least the Clang competition is driving progress from GCC too, so at least current and new platforms benefit from the competition.  Also VMM is getting stronger, I should try it some day….

OpenBSD 5.9 released!


OpenBSD 5.9 released early!  This marks the 39th release.

Major changes include (from


  • Pledge
    With a great Hackfest presentation to lay out all the details, pledge(2) is one of the more prominent changes. We say prominent, but you actually shouldn’t notice any difference with it enabled… assuming all your applications behave correctly. Much work has been done in this area, with around 70% of the OpenBSD userland being modified to use pledge within a single release cycle! A few ports also got the same treatment – something to expect more of as time goes on.
  • UEFI
    Many new laptops come with UEFI now, some without an option to fall back to a traditional BIOS. With the 5.9 release, OpenBSD can now be booted on such machines.
  • GPT
    Assuming you’re on the amd64 platform, support for GPT has been vastly improved throughout the OS. The installer has been updated to accommodate as well, and it even works on softraid(4) volumes.
  • Rewritten less
    The less(1) we’re all familiar with has been completely rewritten. After importing a fork from illumos’ Garrett D’Amore, OpenBSD continued to make improvements to the code. A safer and more modern tool was the end result, even if it’s just for viewing text. Hopefully there will be less bugs now.
  • Xen domU
    If running OpenBSD under Xen (such as on Amazon’s cloud platform) sounds interesting to you, you’ll be happy to know that 5.9 includes some pretty solid support for this.
  • Graphics
    Laptop users rejoice, as 5.9 includes graphics support for Intel’s Broadwell and Bay Trail GPUs!
  • Network SMP
    Many improvements have been made to get the network stack running multithreaded. There’s still plenty more to do in this area, but some exciting progress has definitely been made already.
  • 802.11n
    Another big one for laptop users: initial support for N wireless has landed in both the iwm(4) and iwn(4) drivers.
  • UTF-8
    Locale support for everything but C and UTF-8 has been torn out, and many utilities in the base system have much better UTF-8 support than prevously.



As we all know the VAX that was used to build OpenBSD died, and the platform was removed.

But it’s still cool that OpenBSD is going strong, wherever there is support.







Platforms that still made the cut:

  • alpha
  • amd64
  • armish
  • armv7
  • hppa
  • i386
  • landisk
  • loongson
  • luna88k
  • macppc
  • octeon
  • sgi
  • sparc
  • sparc64
  • zaurus

OpenSSH: client bugs CVE-2016-0777 and CVE-2016-0778

Update from

This is the most serious bug you’ll hear about this week: the issues identified and fixed in OpenSSH are dubbed CVE-2016-0777 and CVE-2016-0778.

An early heads up came from Theo de Raadt in this mailing list posting.

Until you are able to patch affected systems, the recommended workaround is to use

# <b>echo -e 'Host *\nUseRoaming no' &gt;&gt; /etc/ssh/ssh_config</b>

That is, add the option UseRoaming no to your /etc/ssh/ssh_config (or your user’s ~/.ssh/config) file, or start your ssh client with -oUseRoaming=no included on the commandline.

We will be updating this article with more information as it becomes available.

UPDATE: This affects OpenSSH versions 5.4 through 7.1.

UPDATE: The following commit from [email protected] has just gone in:

CVSROOT:        /cvs
Module name:    src
Changes by:     [email protected] 2016/01/14 07:34:34

Modified files:
        usr.bin/ssh    : readconf.c ssh.c

Log message:
Disable experimental client-side roaming support.  Server side was
disabled/gutted for years already, but this aspect was surprisingly
forgotten. Thanks for report from Qualys

UPDATE: Errata patches for 5.8 and 5.7 have been published.

UPDATE: Portable OpenSSH 7.1p2 has been released:

 * SECURITY: ssh(1): The OpenSSH client code between 5.4 and 7.1
   contains experimential support for resuming SSH-connections (roaming).

   The matching server code has never been shipped, but the client
   code was enabled by default and could be tricked by a malicious
   server into leaking client memory to the server, including private
   client user keys.

   <b>The authentication of the server host key prevents exploitation
   by a man-in-the-middle, so this information leak is restricted
   to connections to malicious or compromised servers.</b>

   MITIGATION: For OpenSSH &gt;= 5.4 the vulnerable code in the client
   can be completely disabled by adding 'UseRoaming no' to the global
   ssh_config(5) file, or to user configuration in ~/.ssh/config,
   or by passing -oUseRoaming=no on the command line.

UPDATE: Fixed versions are available for OpenBSD snapshots dated 2016-01-12 and later. M:Tier has binpatches for OpenBSD 5.7-stable and 5.8-stable. Debian, Ubuntu, RHEL, and many other Linux distros have it now or will soon.

UPDATE: The roaming code has been stripped out of OpenBSD -current:

CVSROOT:   /cvs
Module name:    src
Changes by: [email protected]  2016/01/14 09:17:40

Modified files:
    usr.bin/ssh    : clientloop.c kex.c kex.h monitor.c 
                     monitor_wrap.c opacket.c opacket.h packet.c 
                     packet.h readconf.c readconf.h serverloop.c 
                     ssh.c ssh2.h sshconnect.c sshconnect2.c sshd.c 
    usr.bin/ssh/lib: Makefile 
    usr.bin/ssh/ssh: Makefile 
    usr.bin/ssh/ssh-keyscan: Makefile 
    usr.bin/ssh/ssh-keysign: Makefile 
    usr.bin/ssh/sshd: Makefile 
Removed files:
    usr.bin/ssh    : roaming.h roaming_client.c roaming_common.c 
                     roaming_dummy.c roaming_serv.c 

Log message:
remove roaming support; ok [email protected]

UPDATE: The FreeBSD port has been updated, but the version in their base system remains vulnerable.

UPDATE: Qualys Security has posted their full report on the issues.

UPDATE: While the information leak is much more difficult to exploit on systems with ASLR, like OpenBSD, some users may want to consider rotating their key pairs. If you use ssh-agent(1), however, the man page offers some good news:

The agent will never send a private key over its request channel. Instead, operations
that require a private key will be performed by the agent, and the result will be
returned to the requester. This way, private keys are not exposed to clients using the

UPDATE: For Mac OS X, the version of OpenSSH in MacPorts has been updated. Since Apple typically delays security fixes, you’re advised to apply the workaround if using the bundled OpenSSH instead.

So yeah, time to patch and update.

20 years of OpenBSD

puffy58Yes, 20 years!

The list announcement:

OpenBSD's source tree just turned 20 years old.

I recall the import taking about 3 hours on an EISA-bus 486 with 
two ESDI drives.  There was an import attempt a few days earlier, 
but it failed due to insufficient space.  It took some time to 
repartition the machine.

It wasn't terribly long before David Miller, Chuck Cranor and 
Niklas Hallqvist were commiting... then more people showed up.

The first developments were improvements to 32-bit sparc.

Chuck and I also worked on setting up the first 'anoncvs' to make 
sure noone was ever cut out from 'the language of diffs' again.
I guess that was the precursor for the github concept these 
days :-).  People forget, but even FSF was a walled garden at 
the time -- throwing tar files with vague logs over the wall 
every couple months.

I was lucky to have one of the few 64Kbit ISDN links in town,
otherwise this would not have happened.  My desktop was a 
Sparcstation 10; the third machine I had was a very slow 386.

The project is now at:

~322,000 commits
~44 commits/day average
~356 hackers through the years

I thought I’d try OpenBSD 2.0 SPARC on Qemu!  Well either with SUN PROMs, or OpenBIOS the result is the same, it crashes when initializing the SCSI bus.

ok boot disk0:b
Boot device: /iommu/sbus/[email protected],8400000/[email protected],8800000/[email protected],0:b File and args:
>> OpenBSD BOOT [$Revision: 1.2 $]
Booting /bsd @ 0x4000
(if this doesn’t work, fix pmap_bootstrap4m in pmap.c)[ preserving 101620 bytes of bsd symbol table ]
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.

OpenBSD 2.0 (GENERIC) #2: Thu Oct 10 17:50:37 MDT 1996
[email protected]:/usr/src/sys/arch/sparc/compile/GENERIC
real mem = 33165312
avail mem = 29028352
using 404 buffers containing 1654784 bytes of memory
bootpath: /[email protected],10000000/[email protected],10001000/[email protected],8400000/[email protected],8800000/[email protected],0:b
mainbus0 (root): SUNW,SPARCstation-5
cpu0 at mainbus0: FMI,MB86904 @ 1169 MHz, MB86910 or WTL1164/5 FPU
cpu0: physical 16K instruction (32 b/l), 8K data (16 b/l) cache NOT enabled for 4/0 cpu/mmu combination
obio0 at mainbus0
clock0 at obio0 addr 0x71200000: mk48t08 (eeprom)
timer0 at obio0 addr 0x71d00000 delay constant 73
auxreg0 at obio0 addr 0x71900000
zs0 at obio0 addr 0x71100000 pri 12, softpri 6
zs0a: console i/o
zs1 at obio0 addr 0x71000000 pri 12, softpri 6
[slavioconfig at obio0] addr 0x71800000 not configured
power0 at obio0 addr 0x71910000
fdc0 at obio0 addr 0x71400000 pri 11, softpri 4: chip 82077
fd0 at fdc0 drive 0: 1.44MB, 80 cyl, 2 head, 18 sec
iommu0 at mainbus0 addr 0x10000000: version 5/0, page-size 4096, range 64MB
sbus0 at iommu0: clock = 584.500 MHz
dma0 at sbus0 slot 5 offset 0x8400000: rev 2
esp0 at dma0 slot 0x5 offset 0x8800000 pri 4: ESP200 40Mhz, target 7
scsibus0 at esp0
trap type 0x29: pc=f80e2494 npc=f80e2498 psr=4001bc0<EF,S,PS>
panic: trap
Stopped at _Debugger+0x4: jmpl [%o7 + 0x8], %g0

But you can play kernel hangman, if you are into that kind of thing.

But make no mistake, the new 5.8 release (just released!) boots up just fine on Qemu:

Welcome to OpenBIOS v1.1 built on Jun 17 2015 18:50
Type ‘help’ for detailed information
Trying disk…
Not a bootable ELF image
Loading a.out image…
Loaded 66648 bytes
entry point is 0x4000
bootpath: /[email protected],10000000/[email protected],10001000/[email protected],8400000/[email protected],8800000/[email protected],0

Jumping to entry point 00004000 for type 00000005…
switching to new context:
>> OpenBSD BOOT 2.11
Booting bsd
Loading at physical address 400000
cannot open /etc/random.seed: No such file or directory
console is ttya
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
Copyright (c) 1995-2015 OpenBSD. All rights reserved.

OpenBSD 5.8 (RAMDISK) #23: Sun Aug 9 00:08:29 GMT 2015
[email protected]:/usr/src/sys/arch/sparc/compile/RAMDISK
real mem = 117309440 (111MB)
avail mem = 111083520 (105MB)
mainbus0 at root: SUNW,SPARCstation-5
cpu0 at mainbus0: MB86904 @ 170 MHz, MB86910 or WTL1164/5 FPU
cpu0: 16K instruction (32 b/l), 8K data (16 b/l), 512K external (32 b/l) cache enabled
obio0 at mainbus0
clock0 at obio0 addr 0x71200000: mk48t08 (eeprom)
timer0 at obio0 addr 0x71d00000: delay constant 73, frequency 2000000 Hz
zs0 at obio0 addr 0x71100000 pri 12, softpri 6
zstty0 at zs0 channel 0: console
zstty1 at zs0 channel 1
zs1 at obio0 addr 0x71000000 pri 12, softpri 6
zskbd0 at zs1 channel 0: no keyboard
zstty2 at zs1 channel 1: mouse
fdc0 at obio0 addr 0x71400000 pri 11, softpri 4: chip 82077
fd0 at fdc0 drive 0: 1.44MB 80 cyl, 2 head, 18 sec
auxreg0 at obio0 addr 0x71900000
power0 at obio0 addr 0x71910000
slavioconfig at obio0 addr 0x71800000 not configured
chosen “reg” property length = -1 (need multiple of 12)
builtin “reg” property length = -1 (need multiple of 12)
iommu0 at mainbus0 addr 0x10000000: version 0x5/0x0, page-size 4096, range 64MB
sbus0 at iommu0: 21.250 MHz
dma0 at sbus0 slot 5 offset 0x8400000: rev 2
esp0 at dma0 offset 0x8800000 pri 4: ESP200, 40MHz
scsibus0 at esp0: 8 targets, initiator 7
sd0 at scsibus0 targ 0 lun 0: <QEMU, QEMU HARDDISK, 2.4.> SCSI3 0/direct fixed
sd0: 6MB, 512 bytes/sector, 12288 sectors
cd0 at scsibus0 targ 2 lun 0: <QEMU, QEMU CD-ROM, 2.4.> SCSI3 5/cdrom removable
ledma0 at sbus0 slot 5 offset 0x8400010: rev 2
le0 at ledma0 offset 0x8c00000 pri 6: address 52:54:00:12:34:56
le0: 16 receive buffers, 4 transmit buffers
tcx0 at sbus0 slot 3 offset 0x800000 pri 9: 1024x768x8
wsdisplay0 at tcx0
wsdisplay0: screen 0 added (std, sun emulation)
“SUNW,CS4231” at sbus0 class serial slot 4 offset 0xc000000 not configured
“power-management” at sbus0 slot 4 offset 0xa000000 not configured
bootpath: /[email protected],10000000/[email protected],10001000/[email protected],8400000/[email protected],8800000/[email protected],0
root on rd0a swap on rd0b dump on rd0b
erase ^?, werase ^W, kill ^U, intr ^C, status ^T

Welcome to the OpenBSD/sparc 5.8 installation program.
(I)nstall, (U)pgrade, (A)utoinstall or (S)hell?

Just don’t bother with the ‘install diskette’ try the miniroot instead.

OpenBSD 5.6 Sparc64 on Qemu

Well the good news is that like NetBSD the kernel boots.  The downside is that none of the network adapters I could think of work.  They are either ignored, or crash out the kernel.

OpenBIOS for Sparc64
Configuration device id QEMU version 1 machine id 0
kernel cmdline
UUID: 00000000-0000-0000-0000-000000000000
Welcome to OpenBIOS v1.1 built on Nov 15 2014 12:59
Type ‘help’ for detailed information
Trying cdrom:f…
Not a bootable ELF image
Not a bootable a.out image

Loading FCode image…
Loaded 4829 bytes
entry point is 0x4000
OpenBSD IEEE 1275 Bootblock 1.3
Jumping to entry point 0000000000100000 for type 0000000000000001…
switching to new context: entry point 0x100000 stack 0x00000000ffe8aa09
>> OpenBSD BOOT 1.6
Trying bsd…
open /[email protected],0/[email protected]/[email protected]/[email protected]:f/etc/random.seed: No such file or d
Booting /[email protected],0/[email protected]/[email protected]/[email protected]:f/bsd
[email protected][email protected][email protected][email protected]
symbols @ 0xffc5a300 119 start=0x1000000

Unexpected client interface exception: -1
console is /[email protected],0/[email protected]/su
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
Copyright (c) 1995-2014 OpenBSD. All rights reserved.

OpenBSD 5.6 (RAMDISK) #178: Fri Aug 8 05:00:27 MDT 2014
[email protected]:/usr/src/sys/arch/sparc64/compile/RAMDISK
real mem = 2147483648 (2048MB)
avail mem = 2103877632 (2006MB)
mainbus0 at root: OpenBiosTeam,OpenBIOS
cpu0 at mainbus0: SUNW,UltraSPARC-IIi (rev 9.1) @ 100 MHz
cpu0: physical 256K instruction (64 b/l), 16K data (32 b/l), 256K external (64 b
psycho0 at mainbus0: SUNW,sabre, impl 0, version 0, ign 7c0
psycho0: bus range 0-2, PCI bus 0
psycho0: dvma map c0000000-dfffffff
pci0 at psycho0
ppb0 at pci0 dev 1 function 0 “Sun Simba” rev 0x11
pci1 at ppb0 bus 1
ppb1 at pci0 dev 1 function 1 “Sun Simba” rev 0x11
pci2 at ppb1 bus 2
unknown vendor 0x1234 product 0x1111 (class display subclass VGA, rev 0x02) at p
ci0 dev 2 function 0 not configured
ebus0 at pci0 dev 3 function 0 “Sun PCIO EBus2” rev 0x01
“fdthree” at ebus0 addr 0-ffffffff not configured
com0 at ebus0 addr 3f8-3ff ivec 0x2b: ns16550a, 16 byte fifo
com0: console
“kb_ps2” at ebus0 addr 60-67 not configured
“Realtek 8029” rev 0x00 at pci0 dev 4 function 0 not configured
pciide0 at pci0 dev 5 function 0 “CMD Technology PCI0646” rev 0x07: DMA, channel
0 configured to native-PCI, channel 1 configured to native-PCI
pciide0: using ivec 0x7d4 for native-PCI interrupt
pciide0: channel 0 disabled (no drives)
atapiscsi0 at pciide0 channel 1 drive 0
scsibus0 at atapiscsi0: 2 targets
cd0 at scsibus0 targ 0 lun 0: <QEMU, QEMU DVD-ROM, 2.2.> ATAPI 5/cdrom removable
cd0(pciide0:1:0): using PIO mode 4, Ultra-DMA mode 2
prtc0 at mainbus0
softraid0 at root
scsibus1 at softraid0: 256 targets
bootpath: /[email protected],0/[email protected],0/[email protected],0/[email protected],0:f
root on rd0a swap on rd0b dump on rd0b
unix-gettod:interpret: exception -13 caught
interpret h# 01c099ec unix-gettod failed with error ffffffffffffffed
WARNING: bad date in battery clock — CHECK AND RESET THE DATE!
erase ^?, werase ^W, kill ^U, intr ^C, status ^T

Welcome to the OpenBSD/sparc64 5.6 installation program.
(I)nstall, (U)pgrade, (A)utoinstall or (S)hell?

(I)nstall, (U)pgrade, (A)utoinstall or (S)hell? (I)nstall, (U)pgrade, (A)utoinst
all or (S)hell? s


But it’s great it’s this close!

OpenBSD 5.5 released!


OpenBSD 5.5 was just released! And in case you don’t get the DeLorean reference, this release focuses on fixing the 2038 issue!

From the change list:

  • time_t is now 64 bits on all platforms.
    • From OpenBSD 5.5 onwards, OpenBSD is year 2038 ready and will run well beyond Tue Jan 19 03:14:07 2038 UTC.
    • The entire source tree (kernel, libraries, and userland programs) has been carefully and comprehensively audited to support 64-bit time_t.
    • Userland programs that were changed include arp(8)bgpd(8)calendar(8)cron(8)find(1)fsck_ffs(8)ifconfig(8)ksh(1)ld(1),tmux(1)top(1), and many others, including games!
    • Removed time_t from network, on-disk, and database formats.
    • Removed as many (time_t) casts as possible.
    • Format strings were converted to use %lld and (long long) casts.
    • Uses of timeval were converted to timespec where possible.
    • Parts of the system that could not use 64-bit time_t were converted to use unsigned 32-bit instead, so they are good till the year 2106.
    • Numerous ports throughout the ports tree received time_t fixes.

Wow, that’s pretty cool!

And of course for VMware users:

  • New vmx(4) driver for VMware VMXNET3 Virtual Interface Controller devices.
  • New vmwpvs(4) driver for VMware Paravirtual SCSI.
  • New vioscsi(4) driver for VirtIO SCSI adapters.
  • New viornd(4) driver for VirtIO random number devices.

In addition the new vxlan driver looks pretty interesting too!

As always get your copy from one of the many HTTP mirrors, and why not support the project with the purchase of a CD or poster?

free. functional and secure...
free. functional and secure…

OpenBSD 5.1 released!

I saw the announcement that OpenBSD 5.1 was just released today (May day release?) Anyways I thought I’d boot it up on SIMH to check that the VAX is still working. So here is a minimal ini file, that I used.

set cpu 64m
set rq0 ra92
att rq0 openbsd_vax
set rq1 cdrom
att rq1 cd51.iso
at xq0 bob
boot cpu

I fired up SIMH, and away it went!

KA655-B V5.3, VMB 2.7
Performing normal system tests.
Tests completed.
>>>boot dua1:


>> OpenBSD/vax boot [1.16] <<
>> Press enter to autoboot now, or any other key to abort: 0
> boot bsd
Copyright (c) 1982, 1986, 1989, 1991, 1993
The Regents of the University of California. All rights reserved.
Copyright (c) 1995-2012 OpenBSD. All rights reserved.

OpenBSD 5.1 (RAMDISK) #32: Tue Feb 14 14:09:56 MST 2012
[email protected]:/usr/src/sys/arch/vax/compile/RAMDISK
MicroVAX 3800/3900 [0A000006 01530302]
cpu: KA655, CVAX microcode rev 6 Firmware rev 83
real mem = 67043328 (63MB)
avail mem = 61091840 (58MB)
mainbus0 at root
ibus0 at mainbus0
uba0 at ibus0: Q22
dz0 at uba0 csr 160100 vec 196 ipl 15
mtc0 at uba0 csr 174500 vec 508 ipl 15
mscpbus0 at mtc0: version 5 model 3
mscpbus0: DMA burst size set to 4
mt0 at mscpbus0 drive 0: TK50
mt1 at mscpbus0 drive 1: TK50
mt2 at mscpbus0 drive 2: TK50
mt3 at mscpbus0 drive 3: TK50
uda0 at uba0 csr 172150 vec 504 ipl 15
mscpbus1 at uda0: version 3 model 3
mscpbus1: DMA burst size set to 4
ra0 at mscpbus1 drive 0: RA92
ra1 at mscpbus1 drive 1: RRD40
ra2 at mscpbus1 drive 2: RD54
rx0 at mscpbus1 drive 3: RX50
qe0 at uba0 csr 174440 vec 500 ipl 15: delqa, address 08:00:2b:aa:bb:cc
boot device: ra1
ra0: 1436MB, 512 bytes/sector, 2940951 sectors
ra1: 650MB, 512 bytes/sector, 1331200 sectors
ra2: attempt to bring on line failed: unit offline (not mounted) (code 3, subco
de 1)
ra2: not mounted/spun down
ra2: 0MB, 512 bytes/sector, 0 sectors
rx0: attempt to bring on line failed: unit offline (not mounted) (code 3, subco
de 1)
root on rd0a swap on rd0b dump on rd0b
clock has gained 76 days — CHECK AND RESET THE DATE!
erase ^?, werase ^W, kill ^U, intr ^C, status ^T

Welcome to the OpenBSD/vax 5.1 installation program.
(I)nstall, (U)pgrade or (S)hell?

You can find OpenBSD on, and of course the mirrors.

OpenBSD 5.0 released!

There have been quite a few changes made between OpenBSD 4.9 and 5.0

  • Added dfs(4/MACPPC) driver to support the Dynamic Frequency Switching feature found on some laptops.
  • Update to sendmail(8) 8.14.5.
  • Support additional L2C variants and L1D (AR813x/AR815x chips) in alc(4).
  • Fixed reload support in relayd(8).
  • Change ‘set skip on <…>’ to work with interface groups.
  • Various drivers have been adjusted to use PCI Message Signaled Interrupts on amd64, i386, macppc and sparc64.
  • In addition to relative resizing, allow absolute resizing of partitions in auto-allocated labels with disklabel(8).
  • New AMD K10/K11 pstate driver allows setperf and apm to change CPU frequences on newer AMD CPUs.
  • Allow specifying k/m/g/… suffixes in newfs(8) -S and -s options.
  • Fixed client and group cycle defines in cwm(1).
  • Disable pipex for L2TP on disconnect.
  • Unified various macppc gpio(4) access methods that take an offset relative to the mac-io bus base address. Needed for upcoming dfs(4/MACPPC) support.
  • Make ssh(1) use FD_CLOEXEC consistently.
  • Fixed arguments to arm pmap(9) pool_init: alignment of alignment of L2_TABLE_SIZE_REAL is at offset 0 and not at offset L2_TABLE_SIZE_REAL.
  • Make pci(4) pass flags down the PCI bus hierarchy.
  • Fixed type warnings reported by clang in smtpd(8).
  • Added pci(4) register definitions for PCI MSI capability.
  • Fixed wrong id for UDP_ENCAP_TRANSPORT_DRAFT in isakmpd(8).
  • Make ssh(1) warn on unexpected key type in key_parse_private_type().
  • Make calls to malloc(3) malloc_dump() safer by avoiding file pointer computation for stats.
  • Fixed some warnings in adduser(8).
  • Introduced leak detection code for MALLOC_STATS in malloc(3).
  • Fixed bug in glob(3).
  • Make dhclient(8) more friendly to sequential option processing by always starting DHCP packet options with DHO_DHCP_MESSAGE_TYPE. Improved working with Nortel NetIP DHCP server.
  • Cleaned up adduser(8) handling of email messages.
  • Pre-allocate memory in ipsec(4) package to avoid sleeping after performing a lookup, which may lead to a race.
  • Removed support for authorized_keys2, a relic from the early days of protocol V2, in ssh(1).
  • Stop leaking swapslots in uvm(9) when doing a uvm_km_pgremove and a page is in swap only.
  • Removed uvm(9) vm_page_lookup_freelist().
  • Prevent security(8) from complaining about a group(5) line with a single “+” as “wrong number of fields”, that abbreviated syntax for NIS map of groups is explicitly allowed by group(5). Warn if this isn’t the last line of group(5) though.
  • Fixed an off-by-one that made smtpd(8) skip an “invalid” bucket that was actually valid.
  • Implemented correct prologue and epilogue for hppa64 machine-dependent init.
  • Make mips common kernel code set octeon’s internal counter clock speed to its processor clock.
  • Fixed aucat(1) option handling and enable TCP in midicat(1).
  • Make more silent ssh(1) debug() logs by detecting that it’s trying to load a private key in key_try_load_public() and returning early.
  • Make pfsync(4) use timeout(9) timeout_del return value to check if the timeout is actually removed when undeferring a packet.
  • Make timeout(9) timeout_del able to tell the caller if it actually did remove a timeout or not.
  • Refactored queue allocation and initialization into wdc(4) wdc_alloc_queue() function, and let attachment code call this rather than malloc(9). This prevents re-initialization of the queue in shared queue chipsets.
  • Initialize the wdc(4) ata_drive_datas structures earlier in wdcattach() so that chip-specific drv_probe routines can assume they’ve already been initialized.
  • Added a wprintf(3) man pages.
  • Always free the multibyte->wchar conversion buffer allocated in vfwprintf(3) __mbsconv().
  • Make sndio(7) sio_psleep() use an array of SIO_MAXNFDS pollfd structures rather than a single one.
  • Initialize the ‘pstate’ field of the aucat(1) wav structure.
  • Make gdb(1) handle lazy relocation stubs as Linux does.
  • Started a work in ospfd(8) to support opaque LSA.
  • Make relayd(8) use the proc.c privsep API/commodity functions based on work for iked(8) and smtpd(8).
  • Fixed segfault in smtpd(8) newaliases after global env move.
  • Fixed a few minor issues in i386 hibernate support code relating to improper swap device determination and memory range calculation.
  • Make tmux(1) reset last pane on break-pane. Fixes a problem reported in Debian bug #622677.
  • Make tmux(1) reset last pane on swap-pane across windows. Fixes a crash.
  • Fix memory handling in octeon machine-dependent code.
  • Prevent tmux(1) from dragging on click, only select.
  • Fixed memory leaks in tmux(1) command capture pane.
  • Fixed a memory leak in tmux(1) commands if cmd_pane_session succeed.
  • Added a new option to tmux(1), mouse-resize-pane which, when on, allows panes to be resized by dragging their borders.
  • Make tmux(1) use the tsl and fsl terminfo(5) capabilities to update terminal title and automatically fill them in on terminals with the XT capability.
  • Eliminated a few unused wdc(4) capability flags (WDC_CAPABILITY_HWLOCK, WDC_CAPABILITY_ATA_NOSTREAM, and WDC_CAPABILITY_ATAPI_NOSTREAM).
  • Added a small memory optimization in fsck_ffs(8).
  • Improved tmux(1) behaviour when TTY allocation fails: if RequestTTY is set to ‘auto’ make it not treat a TTY allocation error as fatal and just restore the local TTY.
  • Fixed xf86-input-ws on xserver 1.9 and earlier.
  • Make sure sysmerge(8) handle first /etc/group and /etp/master.passwd in case it need to install files or directories with newly added user/group ownerships.
  • Enabled xf86-input-synaptics on i386 and amd64.
  • Simplified physio(9) thanks to the fact that buffers now come out of a pool rather than a global list of statically allocated structures and aren’t shared.
  • Added support to new wscons(4) ioctl WSMOUSEIO_SETMODE in xf86-input-synaptics.
  • Introduced a ‘freeze’ flag in tmux(1) which make it ignore any move or resize requests made on the windows it’s applied.
  • Removed uvm_pglist.h from the tree.
  • Updated xf86-input-acecad to version 1.5.0, xf86-video-chips to 1.2.4, xf86-video-vmware to 11.0.3, xf86-video-siliconmotion to 1.7.5, xlsclients to 1.1.2.
  • Added a RequestTTY ssh_config(5) option to allow configuration-based control over tty(4) allocation, like ssh [-tT].
  • Make ssh_config(5) support negated host matching.
  • Added a %L expansion (short-form of the local host name) for ssh(1) ControlPath.
  • Set ssh(1) traffic class for IPv6 traffic as it’s done for IPv4 TOS. Fixes bz#1855.
  • On cwm(1) map, prevent it from warping the windows that are marked as ignored.
  • Make ubsec(4) interrupt routine acknowledge only the interrupts it can process.
  • Make sure amd64 AES session id checks look at the lower 32 bits of crp_sid.
  • Make sysmerge(8) create the directory holding the link it’s about to create if it does not exist.
  • Force loopback interfaces to IF_STA_LOOPBACK in ospf6d(8).
  • Fixed memory leak in ssh(1). Fixes bz#1849.
  • Make hppa64 gateway page accessible to all userland processes.
  • Put back cwm(1) window resize back to 60 Hz.
  • Reverted atapiscsi(4) to only attempting on IDENTIFY command against directly attached devices as in the pre-port-multiplier code.
  • Make the “mute” key work on macppc keyboards.
  • Make urndis(4) attach to Samsung Galaxy S.
  • Added disklabel(8) support in tunefs(8).
  • Make cwm(1) menu window aware of xinerama(3) info.
  • Keep synaptics touchpad to the current wscons(4) behaviour until WSMOUSEIO_SETMODE ioctl is issued to switch to synaptics mode.
  • Make sure hppa64 restore sr4 at the very end of locore.S to avoid further loads from the trapframe to be done at the wrong address space.
  • Make tftp-proxy(8) use ‘divert-to’.
  • Make malloc(3) start scanning the bits of the chunk at a random position to take the first available free slots instead of starting from position zero and skipping a random number of free slots. Make things faster.
  • Updated relayd(8) logging and debug functions to use the C99 __func__ macro instead of static function names.
  • Allow a user to specify relayd(8) root priority.
  • Fixed check of errors in bgpd(8) sessions.
  • Make ssh(1) gracefully fall back when ControlPath is too large for a sockaddr_un.
  • Make atactl(8) capable of reading disklabel(8) UIDs.
  • Allow ssh-add(1) to read key from standard input with ssh-add - .
  • Make iscsid(8) handle logins more correctly.
  • Make scsi(4) skip leading blanks and collapse multiple white spaces into when when printing scsi device ids.
  • Prevent smtpd(8) from fork-bombing on startup when there are lots of mails in the offline queue by using a wait list to keep the number of forked processes below a reasonable limit when enqueueing.
  • Make tmux(1) change window with mouse wheel over status line if mouse-select-window is on.
  • Prevent use of strnvis(3) in tmux(1) title as it breaks UTF-8.
  • Make tmux(1) check if mouse-select-pane is on, not off when setting mouse flags.
  • Collapse mbuf(9) m_pullup and m_pullup2 into a single function.
  • Fixed macppc volume keyboard keys.
  • Cleaned up gotos in TCP input listening sockets to make it obvious when packets are dropped and when normal program flow occurs. Changed error return value of syn_cache_add() from 0 to -1 in order to clearly communicate intent.
  • Added a zlib.pc pkg-config(1) file.
  • Gave more room to hppa64 kernel stack.
  • Make hppa64 properly save and restore the space registers to/from the trap frame.
  • Make aucat(1) determine the default device in backend code instead of common code.
  • Moved softraid(4) SLIST initializations earlier so that failure handling paths can safely use them.
  • Make aucat(1) in server mode listen on all addresses when given ‘-‘ for address.
  • Fixed problems when there is an endian differences between aucat(1) server and client.
  • Make aucat(1) set the TCP_NODELAY option for TCP connections.
  • Fixed bad return value check in OpenCVS.
  • Fixed string containing state names used for debug printf() in aucat(1).
  • Fixed potential NULL dereference in ioprbs(4)ray(4), IPv6 fragmentation code and output routines.
  • Prevented myx(4) from checking malloc(3) return values against NULL as M_WAITOK is used.
  • Added libdrm_radeon to the system libraries.
  • Make radeon(4) use the r600 driver for r600+ chipsets, not r300. Should stop annoying errors for GL on r{6,7}00 chipsets.
  • Added PCI-Cardbus bridges and the most popular PCMCIA and CardBUS drivers to sgi GENERIC and RAMDISK kernels.
  • Make hppa handle userland pmap(9) mapping on unmanaged pages better.
  • Fixed em(4) 82578DC from only being able to negotiate at 10baseT.
  • Make the network stack recognize SO_RTABLE socket option (getsockopt(2)setsockopt(2)) at the SOL_SOCKET level.
  • Make iked(8) active SA lookup via policy work for NAT traversal.
  • Added a workaround for an em(4) 82579 hardware bug that can result in lost rx packets between the mac and phy.
  • Reworked iscsid(8) logout code.
  • Reworked and improved iscsid(8) logout.
  • Fixed counting of interrupts for devices that attach to elroy(4/HPPA).
  • Updated inteldrm(4) to the one contained in libdrm 2.4.23 for the ddx update and to stop mesa 7.9.2 crashing.
  • Copied glxinfo(1) and glxgears(1) sources from Mesa Demos.
  • Fixed NULL dereference if inteldrm(4) fails to attach.
  • Splitted sudo(8) ALL, ROLE and TYPE into their own actions.
  • Fixed reload issue with changing network statements.
  • Make bgpd(8) free cname and rcname on exit.
  • Make sure to cast mips64 physmem to a 64-bit type before passing it to ptoa().
  • Make pppoe use gid_t for setgroups().
  • Make asa(1) return > 0 when file is not found.
  • Make sh internal serial driver use cons_decl() instead of its own cn* prototypes.
  • Plugged holes in sparc and vax cdevsw[] to make vscsi(4)diskmap(4) and pppx entries match numbers in comments and the MAKEDEV majors.
  • Improved malloc(3) scanning for free chunks without losing any randomization.
  • Make gcc -02 raise an underflow exception on m88k to prevent incorrect optimizations in floating-point environments.
  • Improved sudo(8) netmask regexp.
  • Fixed gre(4) strange problems seen on directly connected tunnels.
  • Make softraid(4) only handle vanilla scsi inquiry requests and reject VPD requests since they are not handled.
  • Fixed carp(4) IPv6 only setups.
  • Make tmux(1) redraw only the status line on command update and not the entire client.
  • Explicitly pass the rdomain to tcp_respond() to prevent a RST from being sent on rdomain 0 in certain failure cases.
  • Prevent SCSI devices from inheriting the adapters addresses on fc fabrics.
  • Make iscsid(8) try to schedule a new task for the connection in conn_task_cleanup().
  • Make sure vscsi DATA OUT operations are piggibacked on the same connection as the initial SCSI REQUEST.
  • Enabled floating-point environment in all archs.
  • Bring back fwprintf() in libc and in gcc4 libstdc++.
  • Improved and cleaned floating-point environment.
  • Make mpath(4) retry commands in iscsid(8) when it comes back.
  • Make IPv4 in_broadcast() rdomain aware.
  • Fixed boot hangs due to usb(4) abuse of kthread_create_deferred(9).
  • Allow SOCK_DGRAM sockets sockets to be bound to the local network broadcast addr in TCP/IP PCB and raw IP functions.
  • Implemented a new authentication method allowing aucat and midicat to work over TCP.
  • Switched ftp-proxy(8) over to divert-to instead of rdr-to.
  • Fixed some off-by-one errors in atapiscsi(4).
  • Make acpithinkpad(4) attach to newer Lenovo models like the x120e.
  • Default gcc(1) on alpha to -mfp-rounding-mode=d, for code which assumes the rounding mode is always controlled by fpsetround(3).
  • Added toggable verbosity to iscsid(8).
  • Simplified ioprbs(4) scsi_xfer handling.
  • Make aucat(1) use more volatile sig_atomic_t in signal handler.
  • Added hds(4) a driver for Hitachi Modular Storage SCSI devices.
  • Prevent i386 from explicitly enabling an interrupt before returning from an interrupt.
  • Added support for rooting off multipath disks in sparc64.
  • Added support for Intel 6 series SATA in non RAID, non AHCI mode.
  • Fixed du(1) output for directories larger than 1 TB.
  • Added preliminary FSM support in iscsid(8).
  • Make mpath(4) use DMA safe memory when talking to devices.
  • Fixed envy(4) interrupt handler if it’s shared with other pci devices.
  • Prevent mpi(4) from trying to issue SCSI commands against a target where it failed to get the RAID headers.
  • Make mpi(4) configure fc controllers to fail io as fast as possible when cables are yanked.
  • Make mpath(4) retry the IO down another path when a path returns XS_SELTIMEOUT.
  • Make mpi(4) nicer with mpath(4) when unplugging it from paths.
  • Make mpi(4) scanning of fibre channel ports match the way Linux does it.
  • Set UVM_FLAG_FIXED in sparc, sparc64 and vax.
  • Make dpt(4) use iopools.
  • Make ipsec(4) ipsec_input() pass IPv4 or IPv6 packets to the correct raw ip input function if ipsec(4) is disabled.
  • Added floating-point environment for mips64.
  • Make gcc default to -mpf-rounding-mode=d on alpha.
  • Make dpt(4) compile on 64-bits arches.
  • Allow the root device to be identified by its disklabel(8) UID on amd64 and i386.
  • Make trm(4) use iopools.
  • Added FPU emulation option to octeon.
  • Added floating-point environment for powerpc and sparc.
  • Teach sysconf(_SC_GETGR_R_SIZE_MAX) the correct size of a buffer for the reentrant getgrent(3) functions (getgrgid_r, getgrnam_r).
  • Removed svnd backward compatibility from vnd(4).
  • Updated xf86-input-vmmouse to version 12.7.0.
  • Make xf86-input-usbtablet handle obsolete X{alloc,free,realloc) functions.
  • Adapted xf86-input-usbtablet to revision 12.
  • Prevent dump(8) from using stdio in the SIGSEGV handler.
  • Fixed worms(6) “-d delay” option.
  • Update timezone to tzdata2011g from
  • Fixed bug in ioprbs(4).
  • Allow commands like “route add $SOMEHOST” to work correctly, previously they operated on the default route.
  • Prevent pkg_add(1) from erasing first man page in case two man pages have the same name.
  • Provided #h for short hostname (no domain) in tmux(1).
  • Make tmux(1) copy behaviour in vi mode slightly more like vi(1).
  • Make azalia(4) detachable and prevent constant interrupts when the device isn’t used.
  • Merged GNU binutils 2.17.
  • Make a double link between pf(4) states and sockets.
  • Prevent mandoc(1) from breaking lines right before numbers, as Groff does.
  • Updated xf86-input-ws to revision 1.3.0.
  • Merged mandoc(1) version 1.11.1. Mostly cleanup and maintenance.
  • Added C99 floating-point environment in sh.
  • Make ahci(4) get the error ccbs state right for a put when a port is empty. Fixes noise during boot.
  • Enforced correct types in relayd(8).
  • Updated xorg-docs to version 1.6.
  • Removed support for very old ffson-disk formats from fsck_ffs(8).
  • Make radeondrm(4) match HD5450.
  • Make umsm(4) match Sierra USB305.
  • Prevent chio(1) and mt(1) from opening the ‘c’ partition on on devices that don’t have one.
  • Implemented C99 floating-point environment for alpha, arm, i386 and sparc64.
  • Make hppa stop calling shared interrupt handlers as soon as one of them return 1 (positive interrupt was for me), like it’s done on other architectures.
  • Prevent i386 kernel code or read only data to be writable by ddb(4). Only enable write for ddb(4) in the page table entry temporally.
  • Enabled the SIGWINCH handler in ncurses.
  • Added FE_DENORMAL to amd64 C99 floating-point environment.
  • Fixed sticky flags in hppa64 fpsr.
  • Make sysarch(2) available for userland in alpha.
  • Improved security(8) report of devices or setuid files owned by a nonexistent user or group.
  • Prevent vnd(4) from being opened for write in both simple and non-simple mode.
  • Fixed bug with autovivification in security(8).
  • Make traceroute(8) only print changed TOS in returned packets when -t is set.
  • Updated xf86-input-keyboard to version 1.6.0, xf86-input-mouse to 1.7.0.
  • Make beagle start at high ipl.
  • Make isakmpd(8) indicate which side of the connection responded during phase 1 while using -v.
  • Fixed uninitialized variables and formatting strings in acpi(4).
  • Prevent amd64 and i386 from printing irrelevant PCI interrupt line programmed by the BIOS for APIC interrupts.
  • Fixed sticky flags in hppa fpsr.
  • Added support for PCH2 (Sandy Bridge) MAC with em(4) 82579 PHY.
  • Moved the rc.d(8) bits from rc.{local,shutdown} directly into /etc/rc. By default, rc.{local,shutdown} don’t output anything anymore.
  • Merged version 1.10.10 of mandoc(1): mainly cleanups and maintenance version.
  • Added C99 floating-point environment to adm64 and hppa.
  • Speed up softraid(4) XORP and XORQ operations in RAID6.
  • Fixed sgi dma_constraint upper limit computation.
  • Make sgi print memory sizes as longs.
  • Make sgi use 64 bit integer to compute IP35 memory ranges.
  • Make nsd-zonec(8) less verbose in nsdc(8) runs.
  • Improved sysmerge(8) detection of obsolete files.
  • Added a filter-routes option to snmpd.conf(5).
  • Added many improvements to hppa64 machine-dependent code.
  • Prevent apmd(8) daemon from hiding to the user it failed.
  • Fixed some long versus 64 bit type mismatches.
  • Make ahci(4) reserve its own ccb.
  • Make find(1) return exit code 1 if any path could not be traversed, as told by POSIX.
  • Fixed multibyte characters length mesuration in citrus.
  • Updated xf86-input-ws to version 1.3.0: API compatibility with Xserver 1.10, sync build system with other Xorg input modules.
  • Updated x11proto to version 7.0.21, xf86-input-keyboard to 1.6.0, xf86-input-mouse to 1.7.0, xorg-docs to 1.6.
  • Make awk(1) store the old seed when srand() is called and use it as the return value, as told by POSIX.
  • Fixed bugs in rint(3).
  • Fixed potential NULL dereference in compat_linux(8).
  • Make OpenCVS diff use -u when its context is 3.
  • Implemented correct prologue and epilogue for hpp64 machine-dependent initialization.
  • Added perl security fix for CVE-2011-1487.
  • Enhanced sysmerge(8) output.
  • Fixed return value in arc(4) interrupt handler.
  • Removed Potential NULL dereference in amd64 AES, amd64 and i386 VIA machine-dependent code.
  • Added support for Intel GM45 SOL in puc(4).
  • Prevent vr(4) from disabling interrupts in the isr before enabling them again when leaving.
  • Make gdt(4) use iopools.
  • Simplified umass(4) devid generation.
  • Make midi keyboards work with macppc.
  • Fixed potential null dereference in pf(4) ioctl, ahd(4).
  • Fixed dead assignments in spdmem(4).
  • Fixed dead store in wscons(4).
  • Removed UUCP special directory permission.
  • Automatically enter copy-mode in tmux(1) when mode-mouse is on and the mouse is dragged or its wheel is used.
  • Disabled mvme88k 88110 branch prediction logic on all revisions.
  • Fixed uname(3) return value check in tmux(1).
  • Added missing call to pmap_update() in uvm(9) km_alloc().
  • Make uvm(9) kernel memory free the correct pages when virtual addresses failed to be allocated.
  • Fixed type error in an amd64 vector.S comparison.
  • Make the IPv4 stack use an RB tree for local address lookups.
  • Include USB vendor and product ids in umass(4) when manufacturing a unique disk id from a USB serial number, as recommended by the umass spec.
  • Changed pool(9) constraints to use kmem_pa_mode instead of uvm_constraint_range. Use km_alloc(9) for all backend allocations in pool(9) and for the emergency kentry allocations in uvm(9) uvm_mapent_alloc. Garbage collect uvm_km_getpage, uvm_km_getpage_pla and uvm_km_putpage.
  • Fixed type bug in rdist(1).
  • Added Perl security fix for CVE-2011-1487: ucfirst(), uc() and lc() forget to set the tainted flag if input was marked as tainted.
  • Make sure the mouse should only work in copy mode for tmux(1) if mode-mouse is set, not just mouse-select-pane.
  • Added an option to tmux(1): mouse-select-window. It allows the mouse to be used by clicking on the status line.
  • Changed kernel pool constraints to us kmem_pa_mode instead of uvm_constraint_range; use km_alloc(9) for all backend allocations in pools; use km_alloc(9) for the emergency kentry allocations in uvm_mapent_alloc; garbage collect uvm_km_getpage, uvm_getpage_pla and uvm_km_putpage.
  • Prevent rc.local from printing ‘starting local daemons’ if rc_scripts is empty.
  • Updated Test::Simple(3p) to version 0.98.
  • Deprecated vnds in favour of svnds.
  • Removed the old style by-pass-the-buffer-cache vnd(4) code. This will treat vndX the same as svndX.
  • Make rdist(1) print size_t with %zu and ssize_t with %zd in error/debug output.
  • Improved the iked(8) acquire mode peer, policy matching.
  • Added support for “acquire mode” from iked(8) static flows.
  • Updated List::Util(3p) to version 1.23.
  • Fixed a sysmerge(8) bug where OBSOLETE_FILES would contain only the last appended occurrence. Display OBSOLETE_FILES on stdout.
  • Modify bnx(4) interrupt handler so it only processes the rings once rather than looping over them until it runs out of work to do.
  • Run the ppb(4) interrupt handler at IPL_BIO.
  • Make pciide(4)wdc(4) and wd(4) watch for wdc(4) registers returning 0xff which probably means the controller is dead.
  • Packed ssh-keygen(1) certificate options in lexical order of option name.
  • Prevent scsi(4) devices from attaching if mpath(4) is disabled in config or ukc.
  • Allow graceful shutdown of ssh(1) multiplexing: request that a mux server removes its listener socket and refuse future multiplexing requests.
  • Switched from the old shell script /etc/security to the new Perl script security(8).
  • Enabled disklabel(8) UID version of fstab(5) by default on install media.
  • Added Wake on LAN support to xl(4).
  • Fixed an assertwaitok panic in sppp(4).
  • Prevent ath(4) from increasing if_oerrors for every multicast frame leaving the interface.
  • Prevent dhclient(8) from warning on unknown DHCP server options unless asked to reject leases with unknown options.
  • Fixed a possible division by zero if a server sends dhclient(8) a broken option.
  • Added -t to tmux(1) list-clients.
  • Fixed tmux(1) character position check.
  • Make uvm(9) construct a better path to the swapdevice.
  • Fixed lround(3) bugs similar to lrint(3).
  • Allow the user to interrupt hppa boot procedure before booting the default kernel as on most architectures.
  • Added swap partition entries to disklabel(8) -F and -f output.
  • Moved the hppa64 FPU state out of hppa64 ‘struct pcb’ like on hppa.
  • Initialize hppa %cr30 for proc0 with the address of proc0 fpstate.
  • Make nextafter(x, y) return y if x equals y.
  • Improved fsck_ffs(8) speed.
  • Use “aucatN” for aucat(1) socket path and “midicatN” for midicat(1).
  • Added ‘-F’ to disklabel(8). It is the same as ‘-f’ but uses DUIDs when writing the mount point information to the specified file. After every label write, read the label to get current UID info.
  • Removed the AMSG_GETCAP message from the aucat(1) protocol.
  • Make aucat(1) audio and midi(4) backends share the same code to communicate with the server.
  • Allow isakmpd -v (verbose logging) to work if any -D option is supplied.
  • Make rc(8) output ‘starting standard daemons:’ to be consistent with the rest.
  • Prevent all archs kernel machine-dependent disk(9) subroutines from copying, pasting errors by using ‘R(->b_flags, B_READ | B_WRITE | B_DONE)’ regardless of what the previous IO was.
  • Initialize bha(4) variables before use.
  • Improved uvm(9) pager.
  • Removed a wrong test in hppa longjmp.
  • Improved uvm(9) uvm_pageinsert().
  • Make wdc(4) skip waiting until active channels see their busy bit cleared.
  • Hunt drivers returning incorrect interrupt handlers.
  • Make smtpd(8) reprocess the ramqueue when an envelope is reinserted into the ramqueue after a trip to MDA or MTA.
  • Implemented smtpd(8) disk-queue layout in walk_queue().
  • Removed message_id and message_uid from smtpd(8). It now has an evpid associated to each delivery message, the evpid is an u_int64_t where the upper 32 bits are the msgid, and the 32 bits are the envelope unique identifier for that message.
  • Make sure iswctype(3) wcwidth() return -1 if the character is not printable. Adapt file(1) to this behaviour.
  • Removed dead assignments from ix(4) IPv6 Multicast Listener Discovery.
  • Prevent all kernels disk(9) subroutines from modifying flags used by the buffer cache.
  • Silence daily(8) errors in the temporary directory cleanup process.
  • Converted the kernel Makefiles to autogenerate dependencies during compilation using the -MD option to cc(1), with -MP, -MT, and -MF where needed, converting “make depend” to a no-op. This increases parallelism when using “make -j” and keeps the dependencies up to date with each compilation automatically.
  • Implemented -MP, -MT and -MF options in gcc(1) so all platforms can support so-called “advanced automatic dependency generation”.
  • Added fsqueue_message_create(), fsqueue_message_commit() fsqueue_envelope_create() and fsqueue_message_purge() to new smtpd(8) queue API and removed queue_hash().
  • Added support for VIA VT6415 and VX900 IDE to pciide(4).
  • Make smtpd(8) use the new fsqueue API everywhere it needs a file descriptor.
  • Added fsqueue_message_fd_r() and fsqueue_message_fd_rw() to smtpd(8) to obtain a read-only and read/write descriptor to the message file.
  • Added RTL8401E, RTL8102EL, RTL8105E, RTL8168E/8111E-VL to re(4). Corrected definition of RTL8103E.
  • Added support for clarkdale Integrated Graphics Device in vga(4).
  • Prevent newsyslog(8) from compressing wtmp by default.
  • Added fsqueue backend to smtpd(8). It will implement a filesystem queue.
  • Make hppa locore.S spstrcpy work.
  • Removed pcb_uva from hppa64.
  • Reduced call to wskbd(4) update_leds() to what is necessary.
  • Fixed hppa64 locore.S copy_on_fault by decrementing the stack pointer before restoring the return pointer.
  • Make hppa64 bcopy.S and spcopy.S use 64-bit operations for address manipulation.
  • Correctly load p_addr and avoid trashing the source address in hppa64 bcopy.S and spcopy.S.
  • Modified sis(4) interrupt handler so it only processes the rings once rather than looping over them until it runs out of work to do.
  • Make softraid(4) sr_raid_start_stop() ignore SCSI start/stop: a softraid(4) displine should always reflect the correct status.
  • Make smtpd(8) use a ram-queue instead of doing a continuous walk on disk-queue.
  • Make spstrcpy() work as it should in hppa64 locore.S.
  • Enabled siop(4)scsibus(4) and sd(4) in hppa64 GENERIC kernel.
  • Removed noisy debug code from hppa intr.c.
  • Make ipsecctl(8) dump PFKEY in hexadecimal.
  • Fixed sasyncd(8) with NAT/T by making PFKEYv2 export udpencap state of SA to userland.
  • Fixed READ/WRITE confusion in bnx(4).
  • Added support for per-rthread base-offset for the %fs selector on amd64. Added pcb_fsbase to the PCB for tracking what the value for the thread is, and ci_cur_fsbase to struct cpu_info for tracking the CPU’s current value for FS.base, then on return to user-space, skip the setting if the CPU has the right value already. Non-threaded processes without TLS leave FS.base zero, which can be conveniently optimized: setting %fs zeros FS.base for fewer cycles than wrmsr.
  • Replaced NULL by 0 in sparc64 console initialization.
  • Modified ix(4)em(4) interrupt handler so it only processes the rings once rather than looping over them until it runs out of work to do.
  • No longer special-case NULL as a long for kernel and bootblocks.
  • Replaced NULL by 0 in vme(4/MVME88K).
  • Fixed uninitialized variable in ccd(4).
  • Avoid kvm(3) starvation in UFS because of softdeps waiting on too many mapped buffers and consuming all the available kva mapping buffers.
  • Make mount(8) work when the device is provided as a disklabel(8) UID.
  • Enabled sosplice(9) in relayd(8) for TCP.
  • Put the accepted socket of a diverted connection into the routing domain of a connection originator in TCP input. this allows one to query the source rdomain with a SO_RTABLE socket option.
  • Make sshd(8) exit with 0 instead of 255 on SIGTERM. Fixes bz#1879.
  • Fixed -Wshadow in ssh-keygen(1).
  • Prevent as(1) from using NULL for scalar type assignments in vax atof().
  • Fixed SPL handling when PCDISPLAY_SOFTCURSOR is enabled in pcdisplay(4).
  • Allow man(1) to find the ports/infrastructure manpages by default.
  • Added -s option to detach all tmux(1) client attached to a session.
  • Make Xenocara video(1) use VIDIOC_ENUM_FRAMEINTERVALS to get the supported frame intervals and display the frame rates if at least on -v is used. Added new option -R to disable frame rate adjustment and display the frame rates if at least on -v is used.
  • Make uvideo(4) use VIDIOC_ENUM_FRAMEINTERVALS to get the supported frame intervals
  • Make uvideo(4) calculate frame data sizes for uncompressed formats instead of believing the hardware (prevent from hardware returning bogus information); make it skip under-sized and over-sized frames; make it check it’s using the right parameters.
  • Make new security(8) format the “Block device changes” as it was.
  • Fixed logical bug in dvmrpd(8).
  • Fixed a vi(1) display glitch leading to crash.
  • Merged viaenv with viapm(4) added support SMBus for VT82C596, VT82C596B, VT82C686A, VT8231 and ACPI timer for all VIA South Bridges.
  • Added support for Zaurus in xkeyboard-config.
  • Prevent azalia(4) from touching hardware in the detach path when its already gone, but azalia_pci_detach is called if the device could not be initialized.
  • Updated xkeyboard-config to version 2.2.1.
  • Extended amd64 pci(4) memory address space to 36-bit.
  • Allow rdist(1) to handle files larger than 2G. Fixes PR6586.
  • Added support for wscons(4) in Xenocara.
  • Fixed bugs in lrint(3).
  • Replaced NULL by 0 in installboot(8/SPARC64) and in sgi, mips64 machine-dependent code.
  • Implemented remaining checks in the new security(8).
  • Make amd64 bus_space use a 32 bit I/O port value since 64 bits isn’t possible in practice.
  • Replaced NULL by 0 in sgi boot.
  • Repaired a 32-bit truncation in mips64 paddr_t calculation. Fixes Origin 350 boot.
  • Bumped tmux(1) buffer-limit default to 20.
  • Make dhclient(8) ignore obsolete option 33 (static route) that was broken.
  • On m68k, m88k and vax cerror.S WEAK_ALIAS does an implicit _C_LABEL().
  • Fixed issues with tabulation and space handling in rc.subr(8).
  • Replaced NULL usage in non-pointer context by 0 in pthreads(3).
  • Imported xf86-input-synaptics in Xenocara.
  • Make tmux(1) use sitm for italics instead of smso if the terminal supports it.
  • Make amdiic(4)amdpm(4)ichiic(4) and piixpm(4) use unique wait channels.
  • Make sure mfi(4) upper 32 bits are always written to instead of assuming it is 0.
  • Use dma_alloc in mfi(4) transient management commands.
  • Fixed type of a_syms in nlist(3): it’s an int, not a pointer.
  • Make sure aucat(1) socket reorder its outgoing messages.
  • Prevent from doing integer comparison with NULL in alpha parts.
  • Fixed a dma_free() in wd(4) ATA parts.
  • Fixed softraid(4) raidp/raid6 to make them work with new iopool code.
  • Make Xenocara override the new fonts auto-detection code in util-cf-macros.
  • Prevent ports using imake(1) from breaking.
  • Fixed device names in acpitz(4) acpitz_setfan() printf messages.
  • Make hppa64 syscall_return work.
  • Avoid truncating values in mips64 pmap(9) format strings.
  • Make sure the ALIGN() macro uses u_long on all platforms for consistency.
  • Make sendmail(8) the same as the prototype but listen on the loopback interface instead of all interfaces.
  • Avoid to use NULL in integer comparison in various places, as bios(4/AMD64)pxaudc(4/ZAURUS)pxammc(4/ZAURUS), hp300 wscons(4)astro(4/HPPA), hppa64 astro, bios(4/I386)vme(4/MVME88K)mkbc(4/SGI), sparc64 pmap(9)mbus(4/VAX)adw(4)fxp(4)sti(4)isapnp(4),inteldrm(4)malo(4)uath(4)uhts(4), routing sockets, sd(4) and uvm(9).
  • Avoid using an uninitialized variable when downgrading PIO mode on pciide(4) ITExpress chipsets.
  • Synchronized hppa64 apic code with hppa.
  • Moved aha(4) to iopools.
  • Added support for divert-to which provides some benefits over rdr-to in relayd(8).
  • Prevent passing uninitialized variable to uvm(9) uvm_km_free().
  • Added initial interrupt handling implementation for hppa64.
  • Make sd(4) more silent.
  • Changed tmux(1) -t option: an empty session name means the current sessions, empty session names and those containing a colon will be forbidden when they are created.
  • Make attaching decision of acpivideo(4) be based on the same methods than other ACPI drivers.
  • Prevent mbuf(9) from looping endlessly because of IPcomp-quine or IPcomp-IPIP-IPcomp.
  • make ra(4/VAX)mtc(4/VAX) use bdev_decl() to get block device function prototypes.
  • Fix bug in m88k trap to allow a sanity check in m88110_syscall() to be triggered.
  • Make rc.subr(8) print a fail message if reload fails.
  • Synchronized hppa64 cpu_match() and cpu_hardclock() with hppa.
  • Fixed installboot with softraid(4).
  • Moved ips(4) to iopools.
  • Put in the infrastructure for OpenBSD/arm gcc4 support. Not working yet.
  • Added a new serial devid type for scsi(4) devices.
  • Moved hppa64 CPL to struct cpu_info.
  • Make callers of machine-dependent disk subroutines check return value against 0 instead of NULL.
  • Make scsi(4) unconditionally print scsi device IDs instead of just when mpath(4) is enabled.
  • Allow pf(4) to filter on the rdomain a packet belongs to.
  • Make traceroute(8) with type-of-service setted (-t) display a message if the returned packet has a different tos type.
  • Defined NULL as a void pointer instead of a long integer, as required by Single Unix. ppp(8)procmap(1)rtadvd(8)user(8)ypldap(8). Use 0 for integers and ‘\0’ for chars instead.
  • Removed NULL usage in non-pointer context in keynote(3)usbhid(3),
  • Fixed type error in httpd(8) proxy_ftp.
  • Make rc.subr(8) remove leading and trailing spaces from daemon_flags.
  • Allow softraid crypto discipline to work with bigmem.
  • Make softraid(4) handle bigmem for metadata reads and writes.
  • Make scsi(4) enquire against dmaable memory.
  • Make siop(4) dma safely to the xs->sense buffer.
  • Fixed test in uvm(9) in uvm_pmr_rootupdate().
  • Make space and tab the same for roff(7) on .de macro lines, after the new macro name.
  • Fixed a buffer cache bug in vfs(9).
  • Replaced a wrong logical or by a binary or in uticom(4).
  • Make pf(4) pf_check_proto_cksum() considering packets with the CSUM_OUT flags set to be ok.
  • Make IPv4 stack do an ICMP checksum if M_ICMP_CSUM_OUT is set.
  • Define M_ICMP_CSUM_{OUT,OK,BAD} in mbuf(9) header.
  • Prevent em(4) from using em_reset_hw() I/O space on hardware that doesn’t handle it.
  • Added wd_hibernate_io(), a standalone disk I/O writer which tries to not damage kernel memory to wdc(4) and wd(4).
  • Make softraid(4) use iopools.
  • Added a flag to cmd_find_session so that attach-session can prefer unattached sessions when choosing the most recently used.
  • Added icelandic keyboard mapping to pckbd(4) and ukbd(4).
  • Updated xrdb to version 1.0.9. Fixes CVE-2011-0465 to which OpenBSD is not vulnerable.
  • Bind C-u to delete-line in tmux(1) vi mode like ksh does.
  • Removed portalfs.
  • Allow GCC2 to be used as a cross compiler from amd64.
  • Added macros for ssm/rsm in hppa64.
  • Implemented syscall_return in hppa64.
  • Added IPv6 ACK prioritization in pf(4).
  • Moved hppa64 PSW in struct cpu_info and ensure the kernel leave interrupts disabled when switching to virtual mode in the trap handler.
  • Added set_tid_address() syscall to compat_linux(8).
  • Fixed compat_linux(8) PID fetching.
  • Fixed bug to enable splower() and splraise() in hppa64.
  • Allow userland to inform connection to vscsi(4) is lost instead of failing it.
  • Fixed bug in usbhid(3).
  • Allow sgi IP27 kernel to pick memory from a different xbow(4/SGI) node than the one it booted from.
  • Reworked the way scsi(4) paths between mpath(4) capable devices and the kernel are managed.
  • Improved handling of vnode(9) vop_default struct in all file systems.
  • Make rc.subr(8) use printf(1) instead of echo(1) to handle case where daemon_flags is ‘-n’.
  • Make hppa64 locore.S save and restore the PSW value when making a PDC call, rather than blindly reloading from kpsl and enable wide mode for PSW defaults.
  • Removed compat_freebsd(8).
  • Added a SCSI probe routine to isp(4) so it can reject high luns when the midlayer is probing, rather than every time it issues an io.
  • Prevent potential problems with dma in wdc(4).
  • Fixed wrong m_dup_pkthdr() behaviour with M_WAITOK passing in mbuf(9).
  • Added ‘,’ command in systat(1) to display numbers with thousands separators and to switch the ifstat view to Bits/s.
  • Fixed compat_linux(8) argument list.
  • Make xbow(4/SGI) rely on dma_constraints range and removed ATE code.
  • Make iscsid(8) log the SessionName to easily understand which session caused a problem.
  • Added AI_FQDN flag to getaddrinfo(3).
  • Turned macros into functions in IPv4 TCP input code and save more than 1400 bytes from the kernel on amd64.
  • Make sure i386 clear upper bits of the segment selectors in ddb_regs before entering ddb(4) so that “show registers” display sane values.
  • Moved tcp segments flushing from tcp_reass() to its own function: tcp_flush_queue.
  • Added linux_sys_{g,s}et_set_thread_area() support in compat_linux(8).
  • Correctly inherit and set the watermarks on socketbuffers. This fixes NFS problems and ensures that accepted sockets have correct socketbuffer setting.
  • Fixed mbuf(9) leaks in socket buffer.
  • Use routing socket m_copyback() return value to detect failure.
  • Make wcswidth(3) return -1 in case of unprintable character.
  • Cleaned up protocol checksums in pf(4), IPv4 and MPLS.
  • Make uvideo(4) reset time per frame to the default when the time per frame is setted to zero as the v4l2 spec says, instead of returning EINVAL.
  • Make mips64 correctly disassemble triadic version of {d,}m[ft]c instructions found on more and more mips64 processors.
  • Saved the IPv4 stack from a few unneeded IP header pull ups.
  • Prevent IPv4 stack from accepting ICMP redirects when acting as a router as it is done in IPv6 stack.
  • Removed useless check from MPLS.
  • Make gre(4) work between systems in the same LAN.
  • Prevent double free in mbuf(9).
  • Added another bpf hook in carp(4) carp_input to catch multicast and broadcast packets too.
  • Make Arla AFS NPPFS use alra_warnx instead of arla_warn is there is no errno to pass.
  • Removed useless ip checksums from pf(4).
  • Removed unneeded bridge(4) check in IP checksum handling.
  • Allow mount_msdos(8) to mount with option ‘async’.
  • Moved P_EXEC flag from struct proc to process, so that setpgid() will fail regardless of which rthread calls execve().
  • Removed COMPAT_047 from GENERIC kernel.
  • In libc, moved __cerror to ___cerror with a weak alias so that rthreads can override it.
  • Fixed a gcc(1) warning in uvm(9).
  • Use route(8) -q options instead of >/dev/null 2>&1 in dhclient(8).
  • Changed some uvm(9) structs flag from ints to chars to make the structs smaller.
  • Make uvm(9) disallow swapping to vnd(4) devices and return ENOTSUPP to userland.
  • Added a new, unified allocator of kernel memory in uvm(9).
  • Clean up dhclient(8).
  • Added a new sysctl(3): kern.pool_debug which enable or disable POOL_DEBUG on the fly. Still defaults to on on -current.
  • Prevent a userland action to changed size of a closed half socket.
  • Prevent IPv6 input functions from enqueueing mbuf(9)s on sockets marked as SS_CANTRCVMORE.
  • Make aps(4) work on boot or resume.
  • The backplane version of em(4) 82575EB has no link state. It’s always up.
  • Increased wd(4) timeout on I/O from 10s to 45s. This gives loongson enough time to wake up on resume.
  • Enabled the use of all the memory found on sgi IP27 and IP30 kernels.
  • Added a consistency check in sgi bus_dma(9) for the value returned by pmap_extract() against the dma_constraints range in _dmamap_load_buffer.
  • Make sure sgi dma_constraint is listed in uvm_md_constraints[] when it does not span the whole physical address space for uvm(9) pmemrange to operate correctly.
  • In octeon and sgi make sure resetting mtx_lock in mtx_lock is the last operation on the struct mutex.
  • Added helper functions for suspend in uvm(9): allow reclaiming pages from all pools, allow zeroing all pages. Not called yet.
  • Call setlocale() in hexdump(1)tcpdump(8) to avoid display glitches in UTF-8 locales.
  • Prevent libc locale from filling the ctype tab with Latin-1 information in UTF-8 locales.
  • Make mount_ntfs(8) handle disklabel(8) UIDs.
  • Make ahci(4) safer to use with bigmem by using dma_{alloc,free} for I/O.
  • Allow a desync to happen in a routing socket buffer when it becomes full rather than continually retrying until space becomes available.
  • Make ioprbs(4) use iopools.
  • Allow kernel printfs to go to console if in ddb(4) instead of being redirected to xconsole.
  • Make ncrscsi(4/MAC68K) use iopools.
  • Prevent the network stack from enqueueing mbuf(9)s on sockets marked as SS_CANTRCVMORE, as was done for routing sockets.
  • Prevent ipsec(4) from relying on implicit net/route.h inclusion via pf(4).
  • Make twe(4) use iopools.
  • Fixes display glitches occurring during virtual terminal switches with pcdisplay(4) and vga(4).
  • Moved PPWAIT flag from struct proc to process,so that rthreads in a vforked child behave correctly in most architectures machine-dependent code.
  • Use uvm_pmr_isfree() in uvm(9) when DEBUG is defined.
  • Allow allocation in inet6 in6_update_ifo() to wait.
  • Make ATA in wd(4) safer with bigmem.
  • Make spc(4/LUNA88K)mesh(4/MACPPC)aic(4)bha(4)oosiop(4)uha(4/I386)sea(4/I386) use iopools.
  • Allow bce(4) to run properly on systems with more than 1GB of physical memory and re-enable it on i386 and amd64 GENERIC and RAMDISK_CD kernels.
  • Hide the cursor during tetris(6)
  • Removed the AMD GART based iommu code.
  • Make Fujitsu MB89352 SCSI devices use iopools on hp300.
  • Enabled bigmem by default on amd64.
  • Updated xorg-cf-files to version 1.0.4.
  • Prevent pfsync(4) from deferring packets for states with NOSYNC set.
  • Set dma pools to IPL_VM.
  • Moved P_SUGID and P_SUGIDEXEC from struct proc to process. Ensures checks are done even from an rthread.
  • Constrain vfs(9) and uvm(9) buffer cache to use only the dma reachable region of memory. With this change bufcachepercent will be the percentage of dma reachable memory that the buffer cache will attempt to use.
  • Added stat counters to smtpd(8) lookup agent.
  • Make sure that amd64 physical addresses for dma are below the top of the dma constraint range and panic if they are not.
  • Removed obsolete vnode_if.* files from kernel.
  • Updated the xserver to version 1.9.5.
  • Improved DNAME handling in smtpd(8) resolver.
  • Removed buffer queues from vnd(4) since the disk that houses the image backing the vnd(4) also has a bufq.
  • Make ATA to SCSI translation layer safer to use with bigmem.
  • Removed the possibility to set the link 1 flag on an inet 4 lo(4).
  • Make mpii(4) correctly handle data underruns. Makes ses(4)safte(4) and lun probes work.
  • Make uvm(9) count the number of physical pages within a memory range.
  • Added support for pppx interfaces instead of tun(4) interfaces in npppd.
  • Added the local ip address to PIPEX session request ioctl so npppd can tell it to the kernel.
  • Improved libXi client/server endianness difference handling.
  • Make yacc(1) use some of its unused free functions.
  • Fixed error handling in uvm(9), and keep track of which pages need to freed.
  • Fixed wrong frame interval return value in uvideo(4).
  • Make sure everything run from i386 machine-dependent init .init and .fini sections gets a properly aligned stack.
  • Make loongson recognize 3A processor though it won’t accept to run it yet.
  • Prevent udav(4) from processing packets where the USB xfer length is shorter than a packetheader, and prevent it from processing packets where the packet header length field says the packet is longer than the size of the USB xfer.
  • Make the top line of systat(1) stop updating, along with the rest of the data when ‘p’ is pressed.
  • Make sure everything run from amd64 machine-dependent init .init and .fini sections gets a properly aligned stack.
  • Fixed hppa64 trap diagnostic by correctly initializing oldcpi.
  • Make tmux(1) work out what type of option is being set by name regardless of the -s or -w options.
  • Removed unnecessary check in tmux(1) options.
  • On tmux(1), change -t on display-message to be target-pane for the #[A-Z] replacements and add -c as target-client.
  • Make sshd(8) print ipqos friendly string when launched with -T option.
  • Make smtpd(8) resolver use the CNAME query interface from asr for reverse lookups.
  • Added -a and -s options to tmux(1) lsp to list all panes in the server or session respectively. Added -s to lsw.
  • Make libXi aware of endianness difference between an X server and an X client.
  • Allow a start and end line to be specified for tmux(1) capture-pane which may be negative to capture part of the history.
  • Added mlphy(4), a driver for the MicroLinear 6692 Ethernet PHYs and include it in i386 and alpha.
  • Make ieee80211_node clean nodes until the number of cached nodes is smaller than the maximum number of nodes, otherwise it will never actually clean any nodes. Fixes issues with clients failing too attach because the node cache is completely filled.
  • Added icmptype and tcpflags to pcap(3).
  • Make tmux(1) set the terminal blocking earlier.
  • Make tmux(1) give each pane created in a tmux server a unique id (starting from 0), put it in the TMUX_PANE environment variable and accept it as a target.
  • Fixed libXi on sparc64.
  • Make hppa save its r4-r8 registers because the c3700 firmware corrupts their upper half.
  • Make sure loongson machine-dependent message buffer area is not zeroed unconditionaly. This gives up a persistent dmesg.
  • Fixed dhclient(8) interval handling.
  • Added umask and path checks in security(8) replacement.
  • Prevent smtpd(8) from failing to deliver a message if an MX address could not be resolved even though other valid MX exist. Make it only report the failure if no server address can be found at all.
  • Prevent MX from being silently dropped in smtpd(8) resolver.
  • Make sure smtpd(8) have an stdio stream opened for the message before trying to close it in an MTA session. Prevents from segv in case of DNS errors.
  • Modified smtpd(8) asr API to make things a bit smoother on the user side.
  • Make smtpd(8) client API receive an stdio stream rather than a file descriptor to the message file descriptor. Prevents a memory leak.
  • Make smtpd(8) resolver use an index for iterating into the MX list.
  • Make uvideo(4) fill in the timestamp when copying a frame into the mmap buffer.
  • Added support for VIDIOC_ENUM_FRAMEINTERVALS in uvideo(4).
  • In video(4) and uvideo(4), added support for VIDIOC_S_PARM and VIDIOC_G_PARM, ioctls used for setting and getting the frame interval.
  • Make uvideo(4) print the supported frame intervals when printing the frame descriptor.
  • Prevent uvideo(4) from changing the format group’s default frame when configuring the device, and from using the default frame as the current frame: because the format group ‘frame_cur’ handles it.
  • Prevent uvideo(4) from trying to align its array of frame descriptors with the frame descriptor bFrameIndex field. The first valid frame in the array is at index 0, not 1.
  • Multiple improvements to uvideo(4): empty the queue of frames in the mmap frame buffer and set the index of the current frame to -1 when the mmap frame buffer is freed, set the index of the current frame to 0 when allocating the mmap frame buffer, panic if a) the mmap frame buffer is already allocated when it try to be allocated again, or b) the mmap frame buffer is not allocated when frames are tried to be added to it.
  • Allow ftp-proxy to proxy across rdomains.
  • Make pf(4) allow userland proxies to establish cross rdomain proxy sessions.
  • Increased rc.subr(8) timeout to 30 seconds.
  • Rewritten ospfd(8) lsack generation.
  • Make security(8) replacement checks home directories.
  • Make ssh-keygen(1) use strcasecmp() for “clear” cert permission option.
  • Make pf(4) reassemble IPv6 fragments. In the forward case, pf refragments the packets with the same maximum size. This allows the sender to determine the optimal fragment size by Path MTU Discovery.
  • Plugged bug in m4(1) to fix autoconf 2.5 and to match behaviour of Solaris m4.
  • Make hppa process interrupts in priority order.
  • Fixed some memory leaks in ospfd(8).
  • Initiated a replacement of security(8) not yet linked to the build.
  • Make sure smtpd(8) struct asr is always freed in asr_done().
  • Simplify smtpd(8) resolver initialization.
  • Make ifconfig(8) use the define for max rdomain with tunneldomain as well.
  • Make pf(4) address family independent functions reusable by netinet6.
  • Normalize sentinel in various archs machine-dependent code: Use _MACHINE_*_H_ and _<ARCH>_*_H_ properly and consistently.
  • Removed -d option from ssh-keygen(1).
  • Make com(4) read from UART only if there is something to read. Fixes beagle crash.
  • Make rc(8) use ssh-keygen -A to generate new host keys.
  • Added a -A option to ssh-keygen(1) to generate host keys (rsa1, rsa, dsa and ecdsa) with the default file path, an empty passphrase, default bits for the key type and default comment if the keys don’t exist.
  • Allow scp://hostname/~user/subdir to work as a pkg(1) repository.
  • Prevent IPv6 stack from processing ICMP6 redirects by default. rtsol(8) will turn it back if -F is used.
  • Moved netinet6 MTU size check behind pf_test6() to avoid dropping unfragmented packet in ip6_forward().
  • Make cwm mouse reset the XSync timing change for client move only.
  • Make rtsold(8) print a warning when used to do IPv6 autoconfiguration while accepting redirects is turned off. Make it set net.inet6.icmp6.rediraccept to 1 if the -F switch is given.
  • Make netinet6 ip6_fragment() reusable by pf(4).
  • Increased the number of EBRs the kernel can transit looking for the OpenBSD partition from 8 to 256.
  • Make amd64 and i386 warn on install if the newly installed system won’t be able to boot the install root disk.
  • Enabled beagle distrib.
  • Prevent tcpdump(8) from being strict when checking the length of an OSPF packet.
  • Make ueagle(4) and umodem(4) silently clear the endpoint when the device has failed.
  • Improved cwm.
  • Make use of timerclear macro in mrinfo(8)rpc.lockd(8)rtadvd(8)rtsold(8)traceroute(8) and wsmoused(8/I386).
  • Added support for NetMos Nm9922 dual serial port cards in puc(4).
  • Multiple smtpd(8) improvements: make it close datafd in client_close and reset smtp_client pointer to NULL after client_close(). Prevent smtpd(8) bounce_session() from closing msgfd as it is done by client_close().
  • Fixed a memory leak in smtpd(8) client.c and properly close envelope in queue_shared.c.
  • Fixed a memory leak in smtpd(8) client.c and properly close envelope in queue_shared.c.
  • Import the foundation for eqn(7) support in mandoc(1).
  • Prevent a protect fault in i386 and amd64 machine-dependent code by masking out invalid bits when reading MXCSR from userland sigcontext or a ptrace request.
  • Updated util-macros to version 1.13.0, dmxproto to 2.3.1.
  • Allow OpenBSD::Ustar(3p) to be more precise in its error messages: record position in archive, and caller can set description of file handle.
  • Fixes an AML issue on some Asus machines with acpi(4).
  • Make ntpd(8) and timed(8) use timerclear macro.
  • Pass to OpenBSD::PackingElement(3p) the new -c option to grotty when building manuals to avoid ANSI escape sequences and continue traditional backspace escaping.
  • Added support for ecdsa SSH keys in default xinit and xdm.
  • Make installboot(8/I386) and installboot(8/AMD64) error out if /boot cross the BOOTBIOS_MAXSEC line.
  • Added the ONDA MSA11OUP USB modem to umsm(4).
  • Fixed st(4) stdetach() to call vdevgone() with the right device minor numbers.
  • Make netstat(1) print icps_bmcastecho as “XX echo requests to broadcast/multicast rejected”.
  • Improved comkbd(4/SPARC64).
  • Make pkg-config(1) print the URL of installed package newer version when requested.
  • Added basic validation for .pc files in pkg-config(1).
  • Fixed bugs in pkg-config(1).
  • Fixed obj directory probing to support cross compiling on arch hp300, loongson, sgi, sparc and sparc64.
  • Fixed ral(4) RT2661 firmware loading at startup and resume.
  • Prevent uk(4) from provoking a kernel panic when detaching an unknown SCSI device.
  • Make arm platform recognize OMAP3630/DM3730, as found in the beagleboard xM.
  • Make cd(4)ch(4)safte(4)sd(4)ses(4) and st(4) use dma_{alloc,free} instead of malloc to allocate buffers which need to be in the right address space.
  • Make it possible to allocate up to 64K of dma pools in the kernel dma allocator.
  • Make rc.subr(8) quiet unless RC_DEBUG=1.
  • Make rc.subr(8) print daemon names itself instead of using rc.{local,shutdown}.
  • Make rc.subr(8) notify the user if a given operation was successful or not by appending the (ok) or (failed) strings to the end of the daemon name.
  • Introduced an INRC environment variable in rc.subr(8) so it may know if it’s called from rc.local or rc.shutdown.
  • In bios(4/I386)bios(4/AMD64)installboot(8/I386) and installboot(8/AMD64) make the various findopenbsd() functions non-recursive, eliminating a global, a couple of parameters, and opening up possibility of traversing a much longer EBR lists without blowing the stack.
  • Fixed trap sending in snmpd(8).
  • Make npppd use timerclear macro.
  • Removed evaluation of PATH_LOCALE in libc localization code to prevent abuses causing integer overflow.
  • Make smtpd(8) use user-provided Diffie-Hellman parameters for ephemeral key exchange. If no Diffie-Hellman parameters are found, fallback to built-in parameters as it was done until now.
  • Make softraid(4) attach one sensordev per discipline. This results in a drive sensor being attached for each volume under the same sensordev, instead of having multiple sensordevs each with a single drive. Fixes PR6576.
  • Added a -B flag to netstat(1) which displays buffer sizes for TCP sockets.
  • Make ssh-keyscan(1) use timerclear macro.
  • Make aucat(1) use timerclear macro.
  • Fixed uninitialized variable warnings in ksh(1).
  • Make ifstated(8) use appropriate timerclear macro.
  • Fixed a function return in mandoc(1).
  • Make sure tcpbench(1) rebuild its binaries if kvm(3) or event(3) have changed.
  • Updated zoneinfo database to tzdata2011d from
  • Make it possible to boot OpenBSD on an amd64 or i386 up to the 7th extended partition below 128GB.
  • Prevent gcc(1) from warning because of recent HANDLE_PRAGMA_PACK_PUSH_POP.
  • Improved EBR handling in kernel disk(9) subroutines.
  • Added initial beagle distrib pieces.
  • Prevent usb subsystem crash in beagle with prcm.
  • Prevent rc.subr(8) from launching rc_start if rc_pre failed and from launching rc_post if rc_stop failed.
  • Implemented PKG_CONFIG_SYSROOT_DIR in pkg-config(1). Bumped version to 0.23.
  • Fixed a use after free in PIPEX.
  • Make socket(2) soreceive() block a process reading from a spliced socket that already got an end-of-file but still has data in the receive buffer until all data hase been move. Make kqueue(2) work with sosplice(9).
  • Fixed handling of VIS_ALL in vis(3).
  • Added Wake on LAN support for re(4) and vr(4).
  • Added ‘wol’ and ‘-wol’ options to ifconfig(8) to enable and disable Wake on LAN on a system in standby or suspend mode.
  • Updated xkbcomp to version 1.2.1.
  • Synchronized ctype definitions for the UTF-8 locale to FreeBSD, fixing width of various zero-width characters.
  • Replaced type daddr_t (64-bit disk address) by type daddr_32t (32-bit disk address) in all archs machine-dependent code (bios, boot…). The bootblocks only do 32-bit block spanning for now.
  • Removed groff(1) from base.
  • Make sparc and sparc64 libc division and remainder use a better fitted register.
  • Prevent a race in sosplice(9).
  • Fixed relayd(8) client timeout.
  • Make ext2fs utilities use type daddr32_t because they can only operate with a 32-bit block number range for now.
  • Updated xkeyboard-config to version 2.1.
  • Replace the old, broken KERN_PROC ABI and its matching functions in kvm(3) with the stable-ABI versions that are currently named KERN_PROC2, kvm_get{proc,argv,envv}2().
  • In i386 machine-dependent parts, provide distinct segments for the %fs and %gs selectors to use by default, with per-rthread base offsets and with sysarch() functions, I386_{GET,SET}_{FS,GS}BASE, for fetching and setting those base offsets. This is necessary for both rthread and Linux compat support.
  • Fixed a bug that caused nbr addr_tree corruption in ldpd(8).
  • Make ldpd(8) log the fact that a session was not accepted because of missing HELLOs.
  • Clean bios(4/i386) and bios(4/amd64) stack garbage before passing buffer to biosd_io().
  • Added -z <output_zone> to date(1) for changing the specified time zone.
  • Make sure extra arguments are not passed to date(1).
  • Prevent which(1) -a option from changing the exit status.
  • Added support to admtemp(4) for detecting the NXP SA56004X.
  • Implemented options –print-provides, –print-requires and –print-requires-private in pkg-config(1).
  • Make pkg_config honour PKG_CONFIG_DEBUG_SPEW.
  • Allow ssh(1) GSSAPI authentication to detect when a server-side failure causes authentication failure and don’t count such failures against MaxAuthTries. Fixes bz#1244.
  • Make IPv6 stack log MAC address changes in the IPv6 neighbour discovery protocol cache as “ndp info overwritten”. Makes the behaviour similar to ARP.
  • Make smtpctl show stats display inet4 and inet6 repartition for incoming sessions.
  • Moved rc.subr(8) redirections into the rc_cmd itself instead of rc_start and rc_stop so scripts don’t need to set it.
  • Implemented UDP mode for tcpbench(1) and switch it to use libevent.
  • Print em(4) debugging info via ifconfig(8) debug command instead of using a global em_display_debug_stats variable.
  • Make ksh(1) substitute ‘~’ for $HOME in the \W prompt case. Matches bash behaviour.
  • Prevent rc.subr(8) from losing rc_{pre,post} when rc.d(8) override rc_{start,stop}.
  • Fixed truncation of IPv6 addresses in smtpd(8) mail delivery path.
  • Fixed a carp(4) reconfiguration problem.
  • Build xcb by default in Xenocara.
  • Added vrng(4/sparc64) to sparc64 GENERIC kernel.
  • Fixed extended partition searching in biosboot(8/i386)biosboot(8/amd64)cdboot(8/i386)cdboot(8/amd64)installboot(8/i386)installboot(8/amd64)pxeboot(8/i386) and pxeboot(8/amd64).
  • Allow ospfd(8) to send out LS updates larger than the MTU.
  • Make ospfd(8) use IP_MAXPACKET instead of IBUF_READ_SIZE as upper bound for packet building.
  • In tmux(1) prevent tiled producing a corrupt layout when only one column is needed.
  • Added support to pass through escape sequences to the underlying terminal in tmux(1).
  • Updated xterm to version 269.
  • Make usbhidaction(1) use fork(2) and exec(3) instead of system(3).
  • Make pkg_create(1) run makewhatis(8) when verbose mode is set.
  • Added editline support to bc(1).
  • Removed NTFS from alpha GENERIC kernel.
  • Prevent mandoc(1) from leaking information about software used into PostScript and PDF documents.
  • Clean up date handling in mandoc(1): always store dates as strings, not as seconds since the Epoch; for input, try the three most common formats everywhere; for unrecognized format, just pass the date though verbatim; when there is no date at all, still use the current date.
  • Make sure isp(4) MEMORYBARRIER(SYNC_REG) performs a read/write bus_space_barrier, instead of a read barrier only, as it is used in read-modify-write cycles.
  • Added to rc.subr(8) an “rc_bg” variable that is undefined by default and allows to start a daemon in the background.
  • Make getopt(3) ignore leading ‘-‘ in optstring if POSIXLY_CORRECT is set. Fixes PR6267.
  • Fixed potential crash when GZIP variable set and more than 512 command line arguments specified. Closes PR 6573.
  • Improved sparc64 machine-dependent code by removing tests already performed by bus_space_barrier(9).
  • Fixed DMA errors with dc(4) on sparc64.
  • Improved disklabel(8) auto-allocation scheme.
  • Prevent usb(4) devices from being non-functional because of a too long reset.
  • Improved tmux(1).
  • Fixed bug in azalia(4) resume.
  • Added -H to ls(1) (follow symlink) as required by POSIX.
  • Added -W <whiteexp> to spamlogd(8). Adjusts the time for whiteexp in hours.
  • Prevent mpi(4) from reading garbled replies.
  • Added -H to grep(1) (opposite of -h) to always print name.
  • Fixed passing of arguments from spamd(8) to pfctl(8). Fixes PR6142.
  • Prevent division-by-zero in zts(4/ZAURUS) when scaling down to the screen resolution.
  • Resized MAXDSIZ up to 2G on macppc and socppc.
  • Make cron(8) reset the SIGPIPE signal handler immediately before executing a command.
  • Make at(1) use dirfd(3) instead looking into struct dirent.
  • Added a -P option to tmux(1). Detaches to HUP the client’s parent process.
  • Make smtpd(8) log correctly ip addresses on big-endian machines.
  • Make ping6(8) compare minimum amount of bytes between what was received and what was sent out and print additional information explaining payload size differences.
  • Fixed broken handling of ios_base::showpos in libstdc++-v3.
  • Added the socket splicing fields of struct socket to netstat -vP output for debugging.
  • Fixed a bug in atexit(3) __cxa_finalize().
  • Allow <sys/stdarg.h> to use va_arg macro as a local variable name.
  • Fixed a segmentation fault in rtadvd(8).
  • Make pfsync(4) use ip6_output for sending IPv6 frames instead of assuming everything is IPv4 and using ip_output.
  • Define HANDLE_PRAGMA_PACK_PUSH_POP just like on other platforms in gcc(1) to get #pragma pack and #pragma push work in order to be compatible with MS compilers as it is used by some projects like chromium.
  • Make sure disklabel(8) editor save the start and end sector of the OpenBSD area every time a user updates its bounds.
  • Synchronized scsi(4) ASC/ASCQ errors with <>.

This list mentions mostly platform-independent changes. For a list of changes made in a particular platform, please check the page for that platform. If you find them not listed there, the changes are either (1) not being documented or (2) are documented here.