This selection is intended to include all important
and all user-visible changes.
For a complete record of all changes, please see the "source-changes"
mailing list, called "OpenBSD CVS"
in the archives,
or use CVS.
For changes in other releases, click below:
Changes made between OpenBSD 6.6 and -current
- Added a -p command line option to iked(8) allowing configuration of the UDP encapsulation port.
- Implemented "start -c" in ldomctl(8) to automatically connect to the console.
- Allowed pfctl(8) to recursively flush rules and tables.
- Removed IPsec flow blocking unencrypted IPv6 traffic in iked(8).
- Fixed acpivout(4) screen brightness adjustment through function keys, better supporting machines using exponential brightness scaling.
- Updated to libXt 1.2.0, xauth 1.1, xhost 1.0.8, viewres 1.0.6, fonttosfnt 1.1.0 and libXmu 1.1.3.
- Added amlsm(4), a driver for the "secure monitor" firmware interface.
- Added amltemp(4), a driver for the temperature sensors on various Amlogic SoCs.
- Fixed Etron EJ168 USB 3.0 Host Controllers via USB 2 devices.
- Unlocked kqueue(2).
- Added the capability for armv7 boot from another block device than the one from which efiboot was loaded.
- Added thermal sensor clocks to amlclock(4).
- Removed the tmux(1) terminal type in favor of flags DECSLRM and DECFRA.
- Added a human-readable mode (-h) to systat(1).
- Introduced *sleep_nsec(9) to allow sleeping for a specified minimum duration, allowing use at the syscall layer and elsewhere within the kernel where this minimum duration is required.
- Added support for the SIERRA MC7700 to umsm(4).
- Removed the sli(4) driver.
- Fixed channel duplication (-j option) in sndiod(8).
- Prevented a kernel panic with "dangling vnode" during forced unmount.
- Removed the dpt(4) driver for DPT EATA SCSI RAID.
- Added an ADATA SX82000 Pro pci(4) id.
- Added -Z to the default tmux(1) switch-client command in tree mode.
- Allowed use of the smtpd(8) session username in built-in filters when available.
- Corrected verification of TLS certificates in nc(1).
- Implemented scrolling in top(1) using the 9 and 0 keys.
- Allowed ipmi(4) to attach using mmio.
- Updated to xorgproto 2019.2, libX11 1.6.9, libXi 1.7.10, libXvMC 1.0.12, libxkbfile 1.1.0 and libXpm 3.5.13.
- Allowed freeing of anons as a list of pages rather than one at a time, allowing for more efficient memory freeing.
- Introduced a -n option to ldomctl(8) to validate the configuration file and exit.
- Prevented a use-after-free causing crashes with uhidev(4) devices.
- Fixed RAID volume WWIDs for mpii(4) LSI controllers on sparc64, allowing autoconf(9) to identify the volume as the root device and boot off hardware RAID.
- Added timeout_set_flags(9) and TIMEOUT_INITIALIZER_FLAGS(9), allowing the caller to initialize timeouts with arbitrary flags.
- Added the ability to download FIDO2 resident keys from a token via the ssh-keygen(1) -K option and save public/private keys into the current directory.
- Unlocked pipe(2) and pipe2(2).
- Introduced option filter-pf-addresses to snmpd.conf(5), allowing the OPENBSD-PF-MIB::pfTblAddrTable tree to be filtered out when many prefixes are stored in pf tables, reducing CPU usage during bulk walks.
- Introduced efficient page freeing in reverse order from uvm, greatly improving cases of massive page freeing.
- Prevented read-only tmux(1) clients from limiting the size.
- Stopped performing a top-level sort(1) when -c is used with a -k field.
- Added ne(4) support on cbus(4).
- Implemented support for generating FIDO2 resident keys. "ssh-add -O" will load resident keys from a FIDO2 token and add them to an ssh-agent. Removed the -x option currently used for the FIDO/U2F-specific key flags, now under -O.
- Removed single letter flags for moduli generation in ssh-keygen(1) and moved all moduli generation options to under the -O flag. Breaks existing ssh-keygen commandline syntax for moduli-related operations.
- Updated perl to 5.30.1.
- Stopped switching to new APs found during background scans with RSSI levels which will also trigger background scans, helping to prevent repeated switching in areas where APs are tuned for low transmit range.
- Increased the net80211 node cache size.
- Updated to xterm(1) 351.
- Populated logical disk port WWNs with their RAID volume's WWID in mpii(4).
- Ran cu(1) in restricted mode using -r in vmctl(8) and ldomctl(8).
- Attached Symbios Logic Flash Accelerator eMLC cards.
- Added support for regex searches in tmux(1) copy mode.
- Stopped generating "cpu" nodes for disabled CPUs in ACPI mode for efiboot, fixing booting on ACPI machines where the MADT table lists CPUs which are disabled.
- Added point-to-point ospf6d(8) support for broadcast interfaces.
- Introduced TIMEOUT_SCHEDULED flag and tos_scheduled statistic to timeout(9).
- Updated to makedepend(1) 1.0.6.
- Updated to xrdb(1) 1.2.0.
- Ensured rdr-to with loopback destination will work even when IP forwarding is disabled.
- Added amdgpio(4), a driver for the GPIO controller found on newer AMD SoC/chipsets.
- Added arm64 for support for lldb.
- Prevented ftp(1) from following remote redirects to local files.
- Allowed forwarding of a different agent socket to a specified path in ssh(1).
- Reduced stalling with lossy wifi by improving net80211 handling of the Rx block ack sequence number window and queue.
- Disabled TSX when MSR_ARCH_CAPABILITIES sets TSX_CTRL on amd64 and i386. Currently, TSX is disabled unconditionally when possible even if TAA_NO is set.
- Fixed rpki-client(8) -j option, which had not been producing any output.
- Validated authentication lengths in ripd(8) before use to prevent crashes.
- Updated to unbound(8) 1.9.6.
- Updated to nsd(8) 4.2.4.
- Reenabled firmware-based Tx retries at lower rates for iwm(4), reducing packet loss.
- Implemented unwindctl(8) status memory to show cache memory usage.
- Avoided false positives in witness(4) when detecting lock order reversals by using separate rwlock initializations for userland and kernel maps.
- Fixed arm64 speculative execution of instructions after ERET, which had led to spectre-like effects on some processors.
- Rejected leases in dhclient(8) not providing a subnet mask for the address being provided.
- Added fido(4), an HID driver for FIDO/U2F security keys.
- Added parsing of DDR4 and LPDDDR3/4 SPD memories to spdmem(4).
- Updated bind to 9.10.8-P1, the last ISC-licensed release.
- Added support to lm(4) for NCT6775F, NCT5104D, NCT6779D and NCT679D sensors.
- Added AMD FCH (KERNCZ) to the list of supported devices in piixpm(4).
- Updated piixpm(4) to support newer AMD chips like Hudson-2 and KERNCZ and implemented multi-bus support for SB800, Hudson-2 and KERNCZ.
- Extended the expected SPD types to include DDR4 and low-power DDR3/DDR4.
- Added pledge(2) inet to dig(1).
- Updated bind to 9.10.5-P3. This tree is only used to build host(1), dig(1) and nslookup(1).
- Made rpki-client(8) work with the existing cache and not exit if rsync(1) exits non-zero.
- Allowed ssh(1) security keys to act as host keys as well as user keys.
- Added support for gen2 negotiation to rkpcie(4) and enabled gen2 link state training when the dtb is configured with max-link-speed = 2.
- Introduced a bypass keyword to smtpd(8) so that built-in filters can bypass processing when a condition is met.
- Updated to libXfont2 2.0.4.
- Updated to font/util 1.3.2.
- Updated to font/encodings 1.0.5.
- Tightened permissions for USB device nodes.
- Removed gpr(4).
- Used ssh-sk-helper for all security key signing operations and security key enrollment. Most ssh(1) tools no longer need to link against libfido2 or interact with /dev/uhid* directly.
- Added support for CIDR in a: spf atoms in smtpd(8).
- Attached pvclock(4) with a lower priority in case of unstable tsc rather than not attaching at all.
- Prevented an overflow due to xen(4) failing to release the interrupt source when unmasking the interrupt.
- Reintroduced socket locking inside socket event filters.
- Fixed an issue where adjtime(2) could be set so low that time could be frozen until reboot.
- Allowed sleeping inside kqueue event filters.
- Prevented a hang in the boot loader on the HP EliteBook 830 G6.
- Modified tmux(1) source-file to allow reading from stdin.
- Updated to X server 1.20.6.
- Started virtual machines defined in vm.conf(5) in a staggered fashion, helping prevent overload of the host and improper tsc calibration in guests.
- Modified ldpd(8) to lookup the adjacency by LSR id as well as source IP address, as the remote peer may change its LSR id.
- Ensured that ld.so(1) removed the LD_LIBRARY_PATH environment variable for set-user-ID and set-group-ID executables in low memory conditions.
- Provided proper concurrency control when pausing a vm in vmd(8).
- Fixed isakmpd(8) IKE pcap file creation.
- Fixed empty response packages sent out by ripd(8) when entries are skipped due to split-horizon simple.
- Swapped smtpd(8) filter response protocol fields to match query protocol. Filters used will need updating.
- Re-enabled "syscall call-from" checking.
- Modified -z mode verification in signify(1) to save the header and output it, so signify -zV >saved.tgz will keep the signature for later checks.
- Reduced the maximum number of frame buffers for uvideo(4) to allow running higher resolutions without running out of kernel memory.
- Removed kernel VM86 support.
- Added a check when IP forwarding is disabled to ensure packet destination address matches interface address.
- Reset the login class each time through the loop when using -L (loop) mode with su(1). Fixes CVE-2019-19519.
- Retired piixpcib(4).
- Stopped hardcoding the cache directory for rpki-client(8). Cache and output directory will use defaults for root users and must be specified by non-root users.
- Enabled full use of jumbo frames on bnx(4) devices.
- Added DEBUG_PKG_CACHE functionality to pkg_add(1), fetching debug patches when packages are installed.
- Fixed xenodm(1) to use the libc authentication layer correctly.
- Fixed insufficient username validation performed by libc's authentication privilege separation layer and added additional validation points, further validating in login(1) and su(1).
- Fixed a panic when tearing down vms with vmm(4).
- Prevented a radiusd(8) crash when user does not exist.
- Prevented escalation to the auth group in xlock(1) through path-related environment variables and disabled mesa and opengl functionality.
- Added display of mode sense data to scsi(8) debug.
- Added pwmfan(4), a driver for PWM-regulated fans.
- Added rkpwm(4), a driver for the RK3399's PWM controller.
- Added support for the RK3399's PWM clock to rkclock(4).
- Added tcpdump(8) support for printing RFC 8300 Network Service Header (NSH).
- Added tcpdump(8) support for VXLAN-GPE.
- Rewrote dhcpv6 parsing in tcpdump(8) to match the rfc, correctly handling dhcpv6 messages.
- Assumed grep(1) -R passed with "." rather than printing a warning by default.
- Reverted switch to tickless backend.
- Allowed forcing specific domains to be resolved by specific resolvers in unwind.conf(5), handling typical split-horizon setups.
- Simplified sysupgrade(8) directory check and creation (/home/_syspatch). It can now be a symlink.
- Accepted netmask for IPv6 properly in ifconfig(8).
- Added a create-vdisk command to ldomctl(8) analogous to amd64's vmctl(8) create.
- Added uvm_objfree to uvm to efficiently free all pages from a uvm object, used in the buffer cache for considerable speedup when freeing pages.
- Added rkemmcphy(4), a driver for the RK3399's eMMC PHY.
- Added support for the RK3399's eMMC clock to rkclock(4).
- Introduced msyscall(2), permitting system calls from selected code regions only: the main program, ld.so(1), libc.so and sigtramp. This is intended to harden against a mixture of W^X failures and JIT bugs allowing syscall misinterpretation.
- Modified root's crontab(1) to run rpki-client(8) and reload bgpd(8) configuration, enabling RPKI ROA filtering.
- Modified buffer cache to use individual uvm_objs per buffer to speed page lookups.
- Decayed the unwind(8) resolver histogram data over time to reflect strategy performance.
- Removed the -r flag in rpki-client(8). CRLs will always be checked.
- Added the "console" command to ldomctl(8) which executes cu(1) on the domain's console.
- Printed guest domain vcctty(4) devices in status output in ldomctl(8).
- Removed km_mapblocks from kmemstats and its always-zero column from the ddb(4) "show malloc" output.
- Implemented a hexdump command in the bootloader, helping to inspect the memory layout created by the firmware and useful for UEFI debugging.
- Added list-io command to ldomctl(8), listing the available PCIe devices to be used with the iodevice parameter in ldom.conf(5).
- Measured performance of resolving strategies in unwind(8), sorting them and choosing the next best strategy when one fails.
- Removed captive portal detection from unwind(8).
- Reinstated support for monitor mode and multiple frames in iwm(4).
- Updated GLU to 9.0.1.
- Updated libdrm to 2.4.100.
- Added support for TLS 1.3 post handshake handshake messages and key updates to LibreSSL.
- Fixed scsi(8) softraid crypto volumes on 4K-sector disks.
- Faked disk info to match expected boot disk when EFI bootloader has been received via TFTP, fixing a hang during HP Elitebook UEFI boot.
- Fixed kernel crash in pf_ioctl with WITH_PF_LOCK and NET_TASKQ > 1.
- Switched to tickless backend in timeout(9), adding new interface timeout_at_ts(9) to avoid backwardly compatible behavior.
- Allowed use of 'auth' as an origin in smtpd.conf(5).
- Added support for MSI-X for iwm(4) devices.
- Allowed use of mail-from and rctp-to as for and from parameters in smtpd.conf(5).
- Computed RSSI on 9k iwm(4) devices as for previous generations, fixing spurious signal strength values of over 100%.
- Added a tmux(1) p format modifier for padding to width.
- Stored smtp(1) session usernames in an envelope, allowing the ruleset to match specific users or mailing addresses.
- Added "no-touch-required" options to ssh-keygen(1) and sshd(8) to disable touch requirement for authorized_keys and certificates.
- Added an sshd_config(5) PubkeyAuthOptions directive allowing specification of whether sshd(8) should check whether user presence was tested before a security key was made.
- Withdrew all proposals on slaacd(8) startup to prevent indefinite retention of nameservers on interfaces no longer flagged for autoconf.
- Prevented a timeout in ssh(1) when the server doesn't immediately send a banner, such as with multiplexers like sslh.
- Allowed rc.d(8) script to reload sndiod(8).
- Added tracking of which interfaces have learned nameservers to unwind(8).
- Improved ksmn(4) temperature conversion precision.
- Added a quirk to handle Apollo Lake, Gemini Lake and 100 Series Intel SD/MMC sdhc(4) controllers which should not have voltages set to 0V.
- Added Gemini Lake SD/MMC controller pci(4) ids.
- Ensured proper kernel stack alignment on mips64, fixing a panic on octeon related to pppoe(4).
- Adjusted on-wire signature encoding for ecdsh-sk ssh(1) keys to better match ec25519-sk keys.
- Fixed an off-by-one TRB issue in bulk transfers larger than 64k, making udl(4) work on xhci(4).
- Added iwm(4) support for 9260 and 9560 devices.
- Enabled ESP UDP-encapsulation with the iked(8) -t flag.
- Added -keyopt option to openssl(1) cms subcommand, providing rsa_padding_mode:oaep for cms -encrypt and rsa_padding_mode:pss for cms -sign.
- Added -f for full size to join-pane in tmux(1).
- Added rge(4), a new driver for Realtek 8125 PCI Express 2.5Gb ethernet devices.
- Repaired the "set delay" option for pf(4) to function as specified in pf.conf(5).
- Added the initial framework for the TLSv1.3 server.
- Used disable-bt overlay with raspberry pi to use pluart(4) as console, rather than the 'mini uart'.
- Added a -d option to pkg_add(1) to add debug packages if present alongside intended updates or additions.
- Fixed a segmentation fault in ncurses(3).
- Implemented HTTP/1.1 in ftp(1).
- Added direct support for U2F/FIDO2 security keys in ssh(1).
- Began resolving captive portal hosts internally in unwind(8).
- Changed tmux(1) new-session -A to attach to the best existing session when a session name is not specified, rather than creating a new session.
- Added an option to tmux(1) to set the key sent by backspace for systems using ^H.
- Prevented non-root users from using ioctl(2) to alter the address of a network interface.
- Prevented non-root users from setting the parameters of pppoe(4) interfaces.
- Prevented a local user from causing the system to hang by reading specific registers when Intel Gen8/Gen9 graphics hardware is in a low power state.
- Prevented writes to memory allowed by the Intel Gen9 graphics hardware.
- Notified the user via TTY or $SSH_ASKPASS when ssh(1) security keys must be tapped/touched in order to perform a signature operation.
- Enabled ed25519 support in ssh(1).
- Fixed iwm(4) support and loaded new firmware for 3168 devices.
- Enabled rpki-client(8).
- Printed the URL when sysupgrade(8) fetches new sets.
- Prevented a crash in ieee80211_node2req() which could be triggered by an ioctl(2) if the driver had not yet initialized the channel map.
- Implemented DNS proposals in unwind(8) to learn nameservers from network autoconfiguration daemons.
- Moved /usr and var remounting earlier to allow unwind(8) to start before pf(4) is configured.
- Added a Content-Security-Policy HTTP header to mandoc(1) that allows only CSS.
- Added an opportunistic run of fw_update(1) to sysupgrade(8) before rebooting to run the upgrade.
- Introduced a "trusted" modifier to ntpd(8), for peers which should be on a local net, used in situations where https constraints cannot be used but auto settime is desired.
- Stopped connecting to available open wifi networks when an interface is marked up. This behavior must now be explicitly enabled with ifconfig(8) join "".
- Added support for active scan to bwfm(4).
- Lowered the priority of APs which fail to connect in the ifconfig(8) join list, allowing switching wifi networks by moving between them without having to down/up the interface or suspend/resume.
- Triggered a background scan when root runs the ifconfig(8) scan command, updating the list of cached APs for future scans and forcing a search for a better AP to roam to.
- Switched 8260 and 8265 iwm(4) devices to -34 firmware.
- Added support for buttons 2 and 3 to imt(4).
- Enabled DNSSEC validation in unbound(8) by default.
- Prevented non-root users from setting the WEP key on an(4) wireless network devices.
- Added -F flag to tmux(1) send-keys to expand formats in search-backward and forward copy mode commands.
- Performed constraint validation against 22.214.171.124 and 2620:fe::fe by default in ntpd.conf(5).
- Fixed a bug where outstanding frames on the iwn(4) aggregation queue interfere with roaming to another AP.
- Raised net80211's "beacon miss" threshold to avoid frequent reconnects to APs suffering packet loss due to distance.
- Removed mobileip(4).
- Added ogx(4), a driver for the OCTEON III network processor.
- Reinstated OpenSSL(1) CMS.
- Switched iwm(4) 3160, 7260 and 7265 to -17 firmware images.
- Enabled DQA mode for iwm(4).
- Added support for iwm(4) firmware paging, required for newer 8k device firmware.
- Fixed a possible crash in smtpd(8) when combining "from rdns" with nested virtual aliases under a particular configuration.
- Released smtpd(8).
- Added opportunistic DoT support to unwind(8).
- Hooked rpki-client(8) up to the build.
- Enabled CMS in ssl(8).
- Added initial infrastructure for U2F/FIDO support in ssh(1).
- Constrained and corrected the routes being deleted when applying a new lease in dhclient(8) and corrected route comparison. This corrects a network failure with "arpresolve: ... route contains no information".
- Released OpenBGPD 6.6p0.
- Added support for RSA-PSS to crypto(3).
- Added an ASR resolver type to unwind(8), using the libc asynchronous resolver directly with DHCP-provided nameservers. Switched to the ASR resolver rather than DHCP when behind a captive portal.
- Made background scans less frequent when choosing the same AP.
- Began marking stale prefixes in the Adj-RIB-out during graceful reload of bgpd(8) and fixed prefix_withdraw to check the correct prefix flags before removing a prefix from the update or withdraw tree.
- Added an Intel 9260 wifi card pci(4) id.
- Added Marvell 88SE9128 AHCI pci(4) id.
- Fixed a bug with the fatal bgpd(8) non-existing prefix call to ensure the missing prefix is inserted into the prefix tree.
- Fixed bgpd(8) crashes where the nexthop_runners tail queue was corrupted.
- Improved error handling for bwfm(4) connection attempts.
- Added code laying groundwork for the use of multiple processors on armv7.
- Made vmx(4) transmit mp-safe.
- Corrected clock_getres(2) to provide the actual resolution of a given clock.
- Released OpenSMTPD 6.6.0.
- Allowed switching to framebuffer "glass" console on armv7, mirroring previous changes to arm64.
- Added retguard for octeon/mips64.
- Added a missing unveil(2) of /etc/shells for passwd(1).
- Printed IP addresses in verbose mode in nc(1).
- Reverted change to nc(1) fixing the -N flag due to regress failures for tls.
- Added sxisid(4), a driver to read the on-chip eFuses.
- Added new -N name option to ftp(1), allowing calling scripts to change the progname and produce better error messages.
- Updated timezone information to reflect DST changes for Fiji and Norfolk Island.
- Rewrote the time validity check for mtfs in rpki-client(8) to correctly account for the timezone.
- Added the system clock interface nanoboottime(9), returning the UTC time at which the system booted in seconds and nanoseconds.
- Added sxipwm(4) and pwmbl(4), drivers which jointly add support for the backlight controller on the Pinebook.
- On newer ThinkPads reporting HKEY version > 1, allowed acpivout(4) to claim backlight controls rather than wscons(4), allowing use of the fine-grained backlight BCL steps defined in acpi(4).
- Changed acpivout(4) to increment and decrement screen brightness based only on brightness level changes of 5% or higher.
- Prevented an infinite loop when aborting ulpt(4)'s pipe after an I/O error.
- Implemented the "parallel boot" feature on compatible sparc64 firmware.
- Corrected a memory leak in unwind(1) when the list of DHCP resolvers doesn't change.
- Stopped checking whether the IPv6 source address of a neighbor advertisement is from a neighbor's address, not required in accordance with RFC 4861.
- Added support for dynamic queue allocation (DQA) to iwm(4).
- Corrected cache flush operations on arm64 which were being incorrectly treated as write operations. This fixes a bug where cache flushing caused Firefox to abort.
- Fixed the -N flag for nc(1) to shut down the socket when input stops, or when tls is in use and either side of the socket goes away.
- Added rpki-client(8) output formats for bird and CSV.
- Fixed a potential NULL dereference for revoked hostkeys in ssh(1).
- Added support for percentage sizes to tmux(1) resize-pane ("-x 10%") and changed split-window and join-pane -l to accept similar percentages, deprecating the -p option.
- Made sparc64 autoconf(4) try to match the devid against the bootpath if link->port_wwn doesn't work, helping when booting off of an mpii(4) controller.
- Used unveil(2) to reduce filesystem access in vmstat(8), iostat(8) and systat(1).
- Changed httpd(8) to send a 408 response when a timeout happens while headers are being received, but close the connection if no request is received.
- Added an azalia(4) quirk for the ALC285 on the X1C7 to avoid a clicking noise on the headphone output.
- Moved to 6.6-current.