This selection is intended to include all important
and all user-visible changes.
For a complete record of all changes, please see the "source-changes"
mailing list, called "OpenBSD CVS"
in the archives,
or use CVS.
Note: Problems for which patches exist are marked in red.
Stopped awk(1) sporadically exiting early (blaming a spurious "}" in the first few lines of input) on m88k 88100-based systems.
Let mkuboot(8) recognise native ELF binaries, only output the program headers area when found. Saves the need for "objcopy -O binary"; makes beagle install/upgrade processes easier until it gets a native bootloader.
Revert wrong chunk introduced in zs.c r1.50, causing zs(4/sparc) console keyboards not to attach as console. Fixes non-wsmux kernels such as bsd.rd.
Make sure ftpd(8) tmpline[] is always NULL terminated, to avoid possible read-beyond-end in get_line().
Backout gem(4) flow control support (r1.97 of gem.c) and RX TCP/UDP checksum offload support (r1.98) to stop hangs on Sun ERI.
sftp(1) extended to allow support for resuming partial downloads.
Daemonise backgrounded ssh(1) (ControlPersist'ed) multiplexing master, so it is fully detached from its controlling terminal.
Do not reset the pf(4) fragment timeout each time a fragment arrives; drop all fragments if the packet cannot be reassembled within 60 seconds.
We now have IDEA and MDC2 in crypto(3), so no longer disable them in openssl(1).
When installing a new system, stop adding static entries to /etc/hosts for dynamic ip addresses.
Fixed umount(8) -a in cases where there are multiple file systems specified for the same mount point.
Updated to: xconsole 1.0.6, xrandr 1.4.1, xhost 1.0.6, mkfontscale 1.1.1, xfd 1.1.2 and xfontsel 1.0.5.
Added cu(1) support for XMODEM-CRC, and fix transfer initiation.
Sum consecutive dx and dy motion events in xf86-input-ws before sending them up to X(7). Reduces staircase effects on diagonal freehand drawings.
Updated smtpd(8) ldap and sqlite table backends and provide them as external backends.
Call ssh-agent(1) cleanup_handler on SIGINT when in debug mode, so sockets are cleaned up on manual exit (bz#2120).
More useful ssh-keygen(1) and ssh(1) error message on missing current user in /etc/passwd.
When smtpd(8) is accepting a message, log one line per recipient with the number of generated envelopes for each.
smtpd(8) MTA improvements: better transient error handling logic (failing destinations automatically disabled for a while); more informative error report when all routes fail for a message; implemented smtpctl(8) "show hoststats" command to get the latest stat message per MX domain; implemented smtpctl(8) "show routes" command to show the state the currently known routes to remote MXs; implemented smtpctl(8) "resume route" command to re-enable a route that has been disabled; do not hardcode limits.
smtpd(8) queue improvements: cleanup the internal queue backend API; implement a queue_proc backend; enabled support for queue encryption; added an envelope cache; better logging and error reporting.
Allow smtpd.conf(5) to specify an address family on a listener.
smtpd(8) scheduler improvements: implemented suspend/resume scheduling for individual envelopes or message, with the associated smtpctl(8) commands; allow the mta to request immediate scheduling of an envelope; on temporary failures a penalty can be given to further delay the next try.
New implementation for smtpctl(8) and its command line parser.
Implemented tls "perfect forward secrecy" with ECDHE in smtpd(8).
Allow "!" in the smtpd(8) email addresses supported charset.
Introduced expand-string modifiers to smtpd.conf(5).
Extended ssh-agent(1) support to allows encrypted hostkeys, or hostkeys on smartcards on sshd(8) (bz #1974).
Reverted r1.191 and r1.193 of sysctl.c, and properly fixed sysctl(8)'s access to ext2 filesystems.
Corrected sysctl(8) being off-by-one in naming of nodes below vfs.mounts.
In ssh(1) man page, be more exact with respect to permissions for ~/.ssh/config (bz#2078).
Implemented identd(8) -H, which hides existing and non-existent users (as well as implying -h).
Fixed bgpd(8) counting the number of prefixes wrongly (tripling max-prefix).
Disabled httpd(8) SSL compression, in order to mitigate CRIME attacks.
Enabled ECDHE support in httpd(8) via a SSLECDHCurve option.
Define httpd(8) HonorCipherOrder as a FLAG so that it works correctly as a boolean on/off flag.
Make sure the ioctl(2) has been processed by sppp(4) before printing any ifconfig(8) phase error. Prevents ifconfig(8) from printing "sppp: phase..." messages for long-name vlan(4) interfaces.
Correctly initialise pms(4) width value to 0 instead of passing garbage to wsmouse_input() when no finger is reported.
Restore ifb(4/sparc64) textmode acceleration on Expert3D{,-Lite} and XVR-1200. Broken since r1.17 of ifb.c.
When ucom(4) is detached, free its pipes, close attached tty before freeing its descriptor. Fixes panic introduced in r1.59 of ucom.c.
To prevent lock ordering problems with the sparc64 kernel lock, block all interrupts that can grab the kernel lock.
Fixed possible memory/file descriptor leak in ldd(1) error path.
When using man.conf(5) _default search path with _subdir, first sort by manual section (1, 8, 6...), then by manual tree (share, X11R6, local), only for ties prefer cat over man.
Make tmux(1) next-word-end work properly with vi(1) keys.
Set TCP nodelay for ssh(1) connections started with -N (bz#2124).
ssh-keygen(1) do_print_resource_record() can't be called with NULL filename, don't attempt asking for one if it has not been specified (bz#2127).
Avoid confusing ssh(1) error message in some broken resolver cases (bz#2122).
Introduced httpd(8) HonorCipherOrder to use the server's order of preference of ciphers.
sk(4) now works on macppc, should work on sparc64 too.
bgpd(8) SE now always messages the RDE when a peer comes up or when a reload happens, so the RDE should end up with correct values.
Backed out the virtual file system cache flipper temporarily.
Added basic support for digitisers with pens in uhts(4).
Added support for mouse based group {,r}cycle to cwmrc(5).
Replaced a few (x)malloc with (x)calloc to prevent potential integer overflows in cwm(1).
Old make(1) option "-P" removed, it has not been doing anything for years.
Use the write-only rasops(9) code to speed up the console framebuffer on macppc.
Create more com(4) entries by default since puc(4)s are now guaranteed to show up at com4 or higher on x86.
Advertise utpms(4) as being a WSMOUSE_TYPE_USB so ws(4) can use the touchpad directly. Makes some touchpads usable if the bluetooth HID mouse is not detected or ums(4) is disabled.
Vax elf(5) toolchain added, using "%" as the register prefix.
Taught mopd(8) and mopa.out about ELF files. Allows forthcoming vax elf(5) boot blocks to be converted to working mop binaries.
Avoid truncation when calculating clock gain/loss on sparc and sparc64.
When the tmux(1) session option renumber-window is used, make sure the winlink lists stay in sync with one another.
Act like vi(1) when tmux(1) is moving words; clarify error messages when setting options.
Implemented tmux(1) s, S, C mode switch commands for when in vi(1) mode.
Made pfctl(8) collect and display "match" counters for pf(4) tables; fixed pf(4) table displays to fit within 80 chars.
Added support for fuse_teardown(3). This function is needed by zipfs.
Correctly abort and free the pipe when detaching the umodem(4) device.
Move mg(1) cursor upwards past multiple lines with no characters, instead of stopping when first line with no characters is found.
Run any pending traps before calling the EXIT or ERR traps when ksh(1) -e is set. Fixes bug where signal trap would not be run if (eg) ^C was pressed and -e was set.
Corrected interrupt moderation setting for ix(4) 82598.
Fixed loading the driver without XAA and initialisation of shadowfb with modern X servers in xf86-video-trident, xf86-video-i740 and xf86-video-neomagic.
Added support for protected-subnet config types to iked(8).
5.3 RELIABILITY FIX: Two flaws in vio(4) may cause a kernel panic, and may cause IPv6 neighbour discovery to fail. A source code patch is available for 5.3.
Updated to sendmail-8.14.7.
5.3 RELIABILITY FIX: inability to oack would cause tftpd(8) to segfault A source code patch is available for 5.3.
Stopped tmux(1) emitting annoying beeps if a machine was shutdown while tmux is running and you then focus in/out of an xterm.
High memory page flipping for the buffer cache. Allows use of large buffer caches on amd64 with > 4 GB of memory.
Activated the sitaracm driver (beaglebone only).
Optimised memcpy(9) on amd64, alpha, i386, vax, sh, sparc, hppa and hppa64 by always doing forward copy; made memcpy(9) use the forward copy branch of memmove(9); implemented bcopy(9) by swapping its arguments and dropping into memmove(9).
POSIX specifies that for an AND/OR list, only the last command's exit status matters for "set -e". Revert ksh(1) to follow this.
On mach64, only disable xf86-video-mach64 RenderAccel, not the full EXA acceleration. This is enough to fix screen corruption.
Made cwm(1) check for, and honour, CWStackMode and CWSibling change requests during a ConfigureRequest event.
Unbreak the xf86-video-sunffb driver.
Fixes for integer overflows in XF86DRIOpenConnection() and XF86DRIGetClientDriverName() (CVE-2013-1993).
Reverted ssh(1) revision 1.203 of readconf.c while crashes are investigated.
Fixed a crypto(9) bug that caused time-based rekeys to happen too frequently.
When running sshd(8) -D, close stderr unless we have explicitly requesting logging to stderr (bz#1976).
The kernel will now keep a record of recently exit(3)'ed pids, so they don't get recycled too quickly.
Support added for the presto(4/sparc) SS10/SS20 NVSIMM as block devices.
Added dhclient(8) support for static routes option (33) and classless static routes option (121).
Prevent failures when sftp(1) is linked against a libedit built with wide character support (bz#1990).
Disable parity on the alpha pci(4) bus to avoid data parity errors. To help Alphabooks, as well as early Multia.
Use MAXPATHLEN for ssh(1) buffer size, instead of fixed value.
Implemented pf(4) divert-to and divert-reply for IPv6 raw sockets.
Prevent panic on alpha if "ifconfig(8) up" is run on an unplugged de(4) interface.
Added login_yubikey(8) handling for keyboard layouts which break modhex (eg dvorak); added keymap table.
Do not feed UTF-8 input into mandoc(1) or nroff(1), because that results in corrupt output.
Fix dhclient(8) "\" escape handling in read_string().
Updated to libX11 1.6.0.
Introduced the ldpctl(8) "show discovery" command.
Sped up the ldpd(8) session establishment process.
Do not allow ldpd(8) TCP connection to associate with any neighbour/adjacency before an "Initialization" message is received.
Added support for macppc virtual consoles, based on previous work done for inteldrm(4).
Implemented ldpd(8) support for adjacencies and targeted "hellos"; allow more complex topologies with targeted sessions.
Properly implement the exponential backoff timer on ldpd(8) session initialisation, to match section 2.5.3 of RFC 5036.
Notify the lde process when an ldpd(8) neighbour is deleted (discovery timeout).
5.2 and 5.3 RELIABILITY FIX: With HTTP keepalive, relayd(8) only filtered the first request and switched to pass-through mode for subsequent requests from the client. Make sure to stay in HTTP header mode.
Stopped npppd(8) doing pipex(4) ioctl if no tunnel interface is configured.
Don't add newly created thread to the process's thread list until it's fully built, so that it can't get a signal from realitexpire().
Only produce UTF-8 output when using perl(1) if the user's locale asks for it.
Fixed potential vmx(4) panic if an mbuf was replaced but new one not returned by vmxnet3_load_mbuf().
Add bcrypt_pbkdf(3), a password based key derivation function (using a bcrypt(3) variant better suited for use as a pluggable hash).
Reworked logic for matching macppc boot device, to allow for root on any drive attached to the first controller.
Fixed ksh(1): "for var in; do ..." shouldn't be interpreted as "for var; do ...". Brings ksh(1) more in line with POSIX.
Backported unique commitid support to cvs(1) (with a new random id generator).
Fixed bug in ldpd(8) so the fib-update directive accepts "no" as an option.
pf(4) divert-reply states where the initial SYN does not get an answer, can now be handled more correctly.
Advertise the ldpd(8) implicit-null label for routes attached to loopback interfaces to guarantee PHP.
Implement ldpd(8) support for multiple addresses per interface.
Fixed a pf(4) regression introduced with pf.c 1.827, allowing us to create icmp(4) states again.
Stop a ucom(4) panic when trying to open a non-connected serial; more checks to avoid races when the driver is being detached.
Fixes possible timeout on ssl(8) sessions if there is data pending in the smtpd(8) ssl buffer.
Added ":" to the ksh(1) list of special characters.
Added locale(1) utility, to check the current locale configuration and provides a list of locales supported by the system.
Perform more aggressive compile-time optimisations in ethernet code path. Significant performance improvements on busy firewalls.
Added dired-revert, to refresh the mg(1) dired buffer.
-I option added to confirm pkill(1) process-by-process.
Fixed "anchor quick" with pf(4) nested anchors (previously quick flag was lost as soon as we stepped into a child anchor).
Force ssh(1) MAC output to be 64-bit aligned, so umac won't see unaligned accesses on strict-alignment architectures (bz#2101).
Updated to xterm 293.
Updated to xf86-input-synaptics 1.7.1.
Let mandoc(1) .Do .Dq .Ql .So .Sq generate the correct roff(7) character escape sequences such that output modes like -Tutf8 have a chance to select nice glyphs.
Fixed a bug where the calibration loop could show wrong CPU frequencies on i386/amd64.
Fixed relayd(8) so it filters all HTTP keepalives, not just the first.
Fixed wcstof(3), wcstod(3), wcstold(3) C99 compliance to: handle "inf", "infinity", "nan", and "nan(whatever)"; reject bare minus and plus signs; handle multi-byte characters; and set *endptr = nptr for all failure cases.
Exclude mac address for the HMAC calculation if lladdr is the real one, so that we can use the real MAC address for carp(4).
Make tmux(1) escape "Ss", because groff(1) thinks it has found a macro.
Partially back out new librthread ticket locks code, until heavier CPU usage issues are resolved.
Stop printing acpi(4) wakeup devices in dmesg(8) after the 16th wakeup device, to workaround vmware reporting hundreds of wakeup devices.
Update sftp(1) progress meter when data is acked, not when it's sent (bz#2108).
Fix catopen(3) for UTF-8 locales and update the implementation to POSIX-2008. catopen(3) now chooses a catalog which matches the locale's encoding, if available.
Librthread now features a new spinlock (that is really a ticket lock).
Stopped mtree(8) generating arbitrary directories in /usr/share/locale.
Changed the naming scheme used for directories in /usr/share/locale to eliminate redundant copies of LC_CTYPE files.
Restart the ldpd(8) keepalive timer whenever a LDP PDU is sent.
Updated to xf86-video-sunffb 1.2.2.
Don't try to send a Shutdown message if ldpd(8) connection is already closed or a read error occurred; as per RFC 5036, send a "Shutdown" message if an unexpected message is received during the initialisation process; check if the whole LSR ID of received messages is correct; ignore messages from the process whose associated neighbour is not in the operational state.
Dropped support for per-interface ldpd(8) labelspaces.
Don't allow enabling ldpd(8) on loopback and carp(4) interfaces. LDP should be allowed only on physical or tunnel interfaces.
Accommodate bge(4) E5/C600 and 5719/5720 PCI-E maximum payload size handling. Fixes RX path on 5719.
Switched ldpd(8) to use a non-blocking connection so other LDP sessions and ldpctl(8) remain responsive.
Stopped tmux(1) mangling top-bit-set characters when they passed to window_pane_key.
Fixed use after free in case the vio(4) mbuf needs defragmentation, to fix a panic.
When removing "dump (all|updates)" from bgpd.conf(5) and reloading, tell the session engine to actually stop logging.
Export the original (aka untranslated) address in pflow(4), and also in the "af-to" case.
Support relayd(8) SSL inspection, the ability to transparently filter in SSL/TLS connections (eg. HTTPS) by using a local CA that is accepted by the clients.
Fixed bug in amd64 hibernate code (introduced when we moved the kernel to load at 16MB physical address).
Change HTTP/1.x in the generated relayd(8) error messages, to HTTP/1.0. Required by Safari; makes it RFC-compliant.
setsockopt(2) to see ifstated(8) messages for interfaces in all routing domains again, instead of just the primary one.
Tied mkuboot utility into the build.
Fixed ls(1) column padding of inode numbers and block counts >2^32, as well as display of directory block totals >2^32.
Fixed bug when starting ldpd(8) with a configured interface in the down state so it is not promoted to ACTIVE.
Fixed pci_min_powerstate() to return the current power state (not D3) if ACPI is not compiled in.
Stop ldpd(8) trying to send hello messages if the interface is down.
Simplified ldpd(8) hello holdtime calculation and stop the timeout timer if the holdtime is "infinite".
Improve ldpd(8) sanity checks on received UDP messages: "PDU Length" now checked against what RFC 5036, section 3.1 specifies.
ldpd(8) no longer uses a carp address as ldp router id because it is not unique.
Do not allow SIOCSIFADDR on AF_INET6 sockets. Avoids possible local denial of service.
5.2 and 5.3 RELIABILITY FIX: Do not allow SIOCSIFADDR on AF_INET6 sockets. Avoids possible local denial of service. A source code patch is available for 5.2 and 5.3.
Build fixed for sis (SiS and XGI video) driver under xserver 1.14.
Make mkuboot install into the path so we can use it during builds.
Updated inputproto to 2.3.
Send correct ttl on outgoing bgpd(8) packets, so peer sessions can come up correctly if both sides use ttl-security.
Removed make(1) cmtime again, but with a proper test for nodes without children.
mandoc(1) now rejects non-printable characters found in the input stream, even when preceded by a backslash.
pkg-config(1) error message for empty files now display the full path, in case the file exists in multiple locations.
Make the mg(1) dired commands dired-flag-file-deleted, dired-backup-unflag and dired-unflag behave more like emacs when the cursor stays on the first character of the file name.
Disabled bge(4) PHY auto-polling mode on anything newer than BCM5705. Fixes uplink negotiation on BCM5719.
In mandoc(1) SYNOPSIS mode, fixed .Ek (it doesn't end a keep).
Since audio code is mp safe, establish isa(4) and pci(4) audio interrupts with the IPL_MPSAFE flag, so interrupt handlers don't need to wait for global kernel_lock.
Merge upstream fixes for several X(7) library vulnerabilities (integer overflows/buffer overflows/memory corruption).
Revert pms(4) Active PS/2 support for now, until solution found for pckbc(4) and gsckbc(4/hppa) chipsets that stopped working.
Simplified cwm(1) grabbing keys per screen (during init) and during a MappingNotify.
Put slowcgi(8) (a FastCGI to CGI wrapper) in, to work on it in-tree. Not hooked up to the build yet.
Properly implement acpi(4) access to IndexField() field units.
Allow auto-scaling encrypt(1) bcrypt rounds based on CPU power.
Set correct route priority in bgpd(8) send_rt6msg. Fixes v6 routes being added to the kernel as RTP_DEFAULT.
Shuffle mg(1) shell-command-on-region around to give shell-command.
Check validity of cwmrc(5) mousebind buttons during the parse phase, not when client needs to grab (when it's too late); load the default config if this is invalid.
Don't use BUS_DMA_WAITOK in the bge(4) bge_init path, since it might be called from a timeout(9).
Modified luna88k comkbd(4/sparc64) RAWKEY_XXX values, to input the right characters on Japanese keyboards.
Synced libedit with upstream to fix: buffer growing, memory allocation for wide chars, and to handle return of mbstowcs(3).
Fixed pty(4) descriptor leak occurring if fork(2) fails.
Added driver for the am335x timers, to be used by the beaglebone.
Fixed missing softraid(4) work unit state initialisations.
Eliminate the need to change the cwm(1) menu window on every Xft(3) font draw; added support for _NET_WM_STATE_MAXIMIZED_{HORZ,VERT}, _NET_ACTIVE_WINDOW ClientMessage and _NET_WM_STATE ClientMessage.
Make sure bgpd(8) addr.aid is actually available when first accessed.
Remove "abort_task" from usb(4) task queue before recycling the containing structure, to avoid ehci(4), ohci(4) or uhci(4) panic.
Switched cwm(1) border colours to Xft(3). If colour name allocation fails, revert back to default.
If pid<0, kill(2) no longer fails with EPERM unless none of the target processes could be signalled.
Switched mvme68k to the machine independent wdsc(4/sgi) driver.
Added more messages for when apmd(8) is entering suspend.
Make mg(1) cursor position when moving backwards by paragraph behave the same as emacs (move it to line above paragraph).
Fixed duplicate TouchBegin selection with virtual devices. Fixes gtk+3 applications crashing with "BadImplementation" error.
Don't try to start an ssh-agent(1) via xinit(1) or xsession if $SSH_AGENT_PID is already set.
Standardise logging of supplemental information during ssh(1) userauth, pushing all logging onto a single line.
Fixed failure to recognise ssh(1) cert-authority keys if a key of a different type appeared in authorized_keys before it.
/dev/ttyc is no longer special on sparc/sparc64 now that sun serial mice are handled by wsmouse(4); update ttys(5) and fbtab(5) accordingly.
Build and install libgcov on gcc(1) version 4 platforms. Makes gcc -fprofile-arcs work again.
On arm, make sure we executed an instruction before continuing to the next. Replaced calls to drain the write buffer with the correct ones for armv7.
Fixed the "right-of-cursor background color is inverted when we do delete-after-cursor" bug on luna88k wscons(4) console.
Preliminary support added for mvme88k MVME180 and MVME181 boards.
nginx(8) security fix for CVE-2013-2028 (see http://mailman.nginx.org/pipermail/nginx-announce/2013/000112.html).
Stopped binutils rejecting "++" and "--" in expressions, as some versions of gcc(1) emit these.
Don't leak usb(4) information to userland in the case where the actual transfer length is smaller than the requested one and the USBD_SHORT_XFER_OK flag is set.
nginx(8) security fix for CVE-2013-2070 (see http://thread.gmane.org/gmane.comp.security.oss.general/10173).
Implemented wsmoused(8) support based on the new multiple screen support in rasops(9).
If a directory exists when trying to create a new one, mg(1) will now warn the user.
Update "cur_time" after poll(2) returns on dhcpd(8), as poll(2) might have slept for an arbitrary amount of time.
Implemented mechanism to establish interrupt handlers that don't grab the kernel lock upon entry on i386/amd64.
Run audio interrupts without grabbing the kernel lock on sparc64.
Added the ability to ignore specific unrecognised ssh_config(5) options; bz#866.
Add an optional second argument to ssh(1) RekeyLimit and sshd_config(5) to allow rekeying based on elapsed time in addition to amount of traffic.
If an /etc/apm/* program fails, apmd(8) will now log the failure and error message.
Allow m88k and mvme88k to correctly printf(3) or panic(9) early on unrecognised systems.
Updated nginx(8) to 1.2.9; several bugfixes, security fix for CVE-2013-2070.
Don't let tmux(1) cursor position overflow when reflowing.
Introduced a global interrupt-aware mutex protecting data structures (including sound-card registers) from concurrent access by syscall(9) and interrupt code-paths.
Added support for intel(4) E7221 integrated graphics.
Pass the correct pointer to pool_put(9) if pf_state_key_attach fails.
Removed "swapin" and "swapout" from uvm(9) statistics (as we haven't swapped out of uvm(9) for a few years); don't display swapin/swapout uvmexp fields in systat(1), vmstat(8) or rpc.rstatd(8).
make(1) now keeps track of age of the youngest child process. Helps with out-of-date messages in -dm mode.
Stopped the line buffer being potentially accessed out of bounds when ^W (WERASE) is used in vi(1) insert mode.
pkg_add(1) PackingElement.pm samples should never alias specialfiles, so error out right away.
Added sparc64 support for running interrupt handlers without taking the kernel lock (via bus_intr_establish(9) interface). Used only by schizo(4/sparc64) for now.
Make sure the global IPv4 address list and the per-interface list remain in sync even when SIOCAIFADDR or SIOCSIFADDR ioctl(2) have not been issued.
Where we have a KMS driver (currently inteldrm(4) only) wsdisplay(4) now switches from X back to console screen upon entering ddb(4) .
In wsdisplay(4), make sure it really is the console before attempting to switch screens.
Handle big (a.k.a. >2TB) disks by adding logic to handle the 12 and 16 byte scsi read/write commands on sparc64.
Removed use after free the in case where the vio(4) mbuf needs defragmentation. Fixes a panic.
Make easier to stop taking the kernel lock when running "mp safe" interrupt handlers on i386/amd64/sparc64.
S-Records boot loader added to mvme88k. Allows kernel to be loaded from network, using either the on-board interface (on MVME187 and MVME197) or any MVME376; added MVME376 support to netboot.
Fixed sndiod(8) check for whether a midi port is referenced (which sometimes caused the port to be closed prematurely); use order specified by -q to order the exposed midi ports.
Swapped cwm(1) x/y calculations in kbd move/resize, to match those in the respective mouse functions.
Set trunk(4)'s MTU to that of the first trunkport. Allows trunk to work with jumbo/baby-jumbo frames.
Fixed dhclient(8) subnet check: check our rdomain against the rdomains of the other interfaces, not against our own.
Bail if device_lookup doesn't find anything, to bring vscsi(4) in line with other drivers.
Sync state key pointers with pf_state_key_attach values. Stops pfsync(4) inserting garbage addresses into packets when there is a state key collision.
Added support for future time_t and ino_t size enlargements to compat_linux(8).
Fixed memleak in ssh(1) cert_free(), which wasn't actually freeing the struct; bz#2096
Re-commit uthum_activate() removal in uthum(4), now that uhidev(4) can handle it.
When a fork(2)'d child process (whose parent set SA_NOCLDWAIT or ignored SIGCHLD) is exiting, unconditionally wake parent instead of doing this only for the last child.
Prevent a chunked HTTP connection stalling relayd(8); use a 64 bit variable to allow (theoretical) large chunks.
Don't limit tmux(1) width and height to 222 in standard mouse mode.
When deactivating usb(4) child devices do not panic if their driver does not implement an *activate() function.
Added ksh(1) support for printing long long (%lld).
find(1) now handles large numbers. Fixes time_t beyond 2038, constrains the range of i_num correctly, and now handles files > 4GB in size on 32-bit machines.
Matched vacation(1) behaviour to current sendmail-based vacation.
Make sure the fs blocksize doesn't get too big when using disklabel(8).
Correctly allocate a buffer for a uhci(4) transfer; do not pre-allocate TDs to put them in the free list.
Pass state correctly so pkg_add(1) can do error messages.
Fixed some AVPs of SCCRP to comply RFC 2661 in npppd(8): firmware revision and vendor name AVP are not mandatory; hostname AVP must have 1 octet at least.
Fixed panic when pipex(4) session is terminated by idle timer.
Stopped existing authentication being removed when the npppd.conf(5) configuration is reloaded.
Fixed npppd(8) configuration options "max-session", "user-max-session", "strip-nt-domain" and "strip-atmark-realm".
Fixed npppd(8)'s pppoed, broken since the last configuration parser change.
Use the dd(1) and ed(1) that are on the install media, instead of the one post-install.
Added SHA-224 to cksum(1). SHA-224 is to SHA-256 as SHA-384 is to SHA-512, and was in a later revision of FIPS-180.
Backed out rev 1.17 of lib/libc/rpc/svc_tcp.c and its conversion to poll (to avoid endless loop).
Reverted pckbc(4) sys/dev/pckbc/pms.c r1.37, now that we stop after the first matching protocol.
Moved pckbc(4) IntelliMouse protocol definition after Elantech ones (some touchpads support both, we want to pick the latter).
Stopped pckbc(4) probing for all supported protocols. It confused some touchpads and made it harder to pick the right protocol if a device answers to more than one magic sequence.
Support added for F13-F24 keys found on IBM 122-key pckbc(4) keyboards.
Unbreak tape boot blocks on mvme68k (broken since the switch to the MI libsa loadfile code).
To speed scrolling, framebuffer acceleration now uses the registers to determine first visible pixel; works even while X is running, and safely scroll when printing panic messages or if we've entered ddb(4).
Added new option to xenocara to automatically build the Gallium3D software rasteriser as part of the libGL.
Make sure drm(4) turns hsync/vsync back on at crt enable (v2) for intel i915 chipsets.
Perform a warm reset instead of putting hardware into full sleep mode to avoid system hangs upon "ifconfig down up" with some AR5212 hardware.
Other window managers grab the Xserver(1) during the whole client setup process, so make cwm(1) match. Avoids race conditions.
Make it possible for ldomctl(8/sparc64) to explicitly specify the number of vcpus and the amount of memory for the primary domain. Also prevents people mistakenly creating two domains named "primary".
Fixed drm(4) EDID detailed timing vsync parsing and frame rate.
Backout drm(4) commit, which introduced a bogus check that could lead to an infinite loop in some eDP setups.
Reverted rev 1.21, to fix a race condition where multiple mkdir(1) -p's trying to create overlapping paths in parallel could error out.
Re-implemented tcp_read() in the resolver, so it can get the packet length in multiple reads.
Have tht(4) set IFF_ALLMULTI when in promisc mode.
Two fixes to drm(4) intel_sdvo_write_cmd(): allocate a large enough buffer to store messages; make sure we return true if we successfully transferred the command. Makes it possible to talk to the SDVO chip on the other end.
In getent(1), use getaddrinfo() to display multiple addresses including IPv6.
Prevent some undesirable interactions between using the brightness keys and wsconsctl(8) on the Dell XPS M1330.
Restrict protocol numbers for raw sockets to the range from 0 to 255.
Have smtpd(8) temporarily refuse new messages if file system holding the queue has less than 10% of disk space or inodes left.
Fixed a ftp(1) memory leak during HTTP header parsing.
Revert to the old method of intel(4) execbuffer pinning for i915.
Provide a default softraid(4) discipline interrupt handling function and migrate all of the disciplines that now have the same interrupt code.
Added function to read the MPCore base address on arm. Allows dynamically determining where e.g. the interrupt controller is.
Correctly show the scope for IPv6 addresses in getnameinfo(3).
Stopped the resolver failing in gethostbyname_async() when there are multiple addresses in a DNS packet.
Prevent race conditions in smtpd(8) db file handling.
Allow snmpd(8) to be put into read-only mode so that all "set" requests will be rejected.
Fixed some missing sd_sync check/wakeup after scsi_io_put() calls in softraid(4).
Rewritten work unit handling code in the softraid(4) RAID 1/4/5/6 interrupt handlers. Ensures that work units are always removed from the pending queue and that colliders are started, even in the event of an I/O failure.
Move the tmux(1) cursor back into the last column on CUU/CUD, to match xterm(1) behaviour.
Make sure the new resolver only uses the search domains for DNS lookups, as the previous resolver did.
Short-circuit screen switching on intel(4) i915 if we're switching to the screen that's currently active.
Stop pci(4) rePOSTing devices supported by inteldrm(4), as the driver now properly restores the graphics mode.
Added AES-XTS support to aesni crypto(4) driver on amd64. Allows softraid(4) to benefit from the AES-NI instructions on newer Intel CPUs.
Only accept partial keys if the timer has not expired. Fixes infinite tmux(1) loop when escape is pressed the wrong number of times.
During upgrade network setup, print friendlier error message if dhclient(8) is required but missing.
Added basic support for multiple screens to rasops(9), use this to provide proper virtual terminals to intel(4) i915.
Fixed libkvm build on m68k.
tmux(1) will try to establish client for run-shell and if-shell if no -t.
Reverted the tmux(1) command-prefix change, which broke sequences of commands.
Reseed the random(4) pool with the dmesg(8) when more devices are attached.
Sync ospf6d(8) with ospfd(8): allow two minutes until neighbour adjacencies are formed; for point-to-point interfaces, send lsupdates to the interface address (since there is no DR and multicast messages to the DR will be ignored); improve snapshot handling.
Create a new context when copying instead of using the (possibly nonexistent) input context. Fixes tmux(1) crash.
Display the window's column number in the mg(1) mode line, not the column number of the active window.
Write escaped tmux(1) output in control mode rather than hex.
Allow tmux(1) to handle empty pending output (and not fail), and add \n.
When only two panes are in a tmux(1) window, only draw half the separating line as active.
Don't let tmux(1) display-message crash if no client.
tmux(1) will now only send end guard if begin was sent.
Process "^[" as meta when a partial key is found by tmux(1).
Record when the buffer was saved in the mg(1) undo history.
Handle "no client" better in tmux(1) display-message.
Do not let pstat(8) or fstat(1) leak kernel pointers, unless operating as root.
Added tmux(1) -A flag to new-session, to make it behave like attach-session if the session exists.
Added resize-pane -Z to temporarily zoom/unzoom the active tmux(1) pane.
Added a -o option to set-option, to prevent tmux(1) setting an option already set.
Add a tmux(1) command queue to standardise and simplify commands that call other commands.
Allow tmux(1) to handle focus events from the terminal.
Expand format variables in the tmux(1) run-shell and if-shell shell commands.
Added option command-prefix which is automatically prepended to any tmux(1) command (apart from a naked default-shell).
Added support for focus notifications when tmux(1) pane changes.
Reverted revision 1.138 of bsd.own.mk and switch amd64, i386, arm, sh and sparc64 back to binutils 2.15.
Fixed bug in ld(1) --gc-sections to stop it stripping out .note sections. Unbreaks building chromium with binutils-2.17.
dhclient(8) will now ignore client-identifier option sent by the server and instead record the local client-identifier used to obtain the lease, or construct one. Stops confusing servers when renewing a previous lease from a different MAC.
Stop dhcpd(8) including the client-identifier option in OFFER or ACK messages, as per RFC 2131 4.3.1.
Add tmux(1) -C and -J to capture pane to escape control sequences and to join wrapped line.
Clear last attributes after reset in tmux(1) string_cells.
Fixed tmux(1) so capture-pane/save-buffer can work in control clients.
Add tmux(1) copy-pipe mode command to copy selection and also pipe to a command.
Add -e flag to tmux(1) capture-pane to include embedded ANSI SGR escape sequences.
Provide a way for *drm(4) to prevent VGA text console wsdisplay(4) instance from attaching after it has control of the VGA hardware.
Backout radeon(4) xf86-video-ati workaround for broken accelerated solid pictures with XAA on big endian architectures, and apply the correct fix (working at depth 16 and 24).
Limit the identd(8) client to 256 bytes of input. If they send too much, just close the connection.
Timeout based on the whole identd(8) session, not after every read/write. Stops clients from consuming fds on the server.
Handle EMFILE/ENFILE from accept by disabling handling of events on the identd(8) listeners for a second.
New identd(8) daemon, to replace the libexec one often run from inetd(8). An event driven non-blocking implemention.
Added an interface to rebind agp(4) DMA mappings. For KMS to reload bindings after suspend/resume.
Set glxpcib(4/loongson) "Power Immediate" bit upon attaching, so Fuloong can auto restart upon power failure.
Enable TCP socket splicing for HTTP persistent connection and chunked transfer encoding. Speeds up relayd(8).
Updated to fontconfig 2.10.91 + a few local fixes: replaced ugly bitmapped Lucida fonts with Luxi or DejaVu TrueType fonts; moved the target of fontconfig recipes to the "pattern" from the "font" to add the default values properly.
Rewrite the ste(4) receive filter handling code and cleanup the ioctl bits.
Implement a bgpctl(8) nei foo destroy that will remove the specified cloned neighbour.
Better bgpd(8) templates support: on config reload adjust the cloned neighbours so that they get the config changes as well; clean up sessions that are 1h idle but in state active (instead of down); allow bgpctl(8) to destroy cloned neighbours.
Added submethod support to sshd_config(5) AuthenticationMethods.
Fixed return value of wcrtomb(3) in single-byte locales if the "s" argument is NULL.
When passwd(1) is using an external password quality check program, don't run (potentially contradictory) internal pattern checks.
Bring getconf(1) substantially up to spec with POSIX 1003.1-2008: 155 new names; support for the -v option. Added support for non-standard -L and -l options for listing the known names.
