OpenBSD 5.5 Changelog

This selection is intended to include all important and all user-visible changes. For a complete record of all changes, please see the "source-changes" mailing list, called "OpenBSD CVS" in the archives, or use CVS.

Note: Problems for which patches exist are marked in red.

For changes in other releases, click below:
2.0, 2.1, 2.2, 2.3, 2.4, 2.5, 2.6, 2.7, 2.8, 2.9, 3.0, 3.1, 3.2, 3.3, 3.4, 3.5, 3.6,
3.7, 3.8, 3.9, 4.0, 4.1, 4.2, 4.3, 4.4, 4.5, 4.6, 4.7, 4.8, 4.9, 5.0, 5.1, 5.2, 5.3,
5.4, 5.6, 5.7, 5.8, 5.9, 6.0, 6.1, 6.2, 6.3, 6.4, 6.5, 6.6, 6.7, 6.8, 6.9, 7.0, 7.1,
7.2, 7.3, 7.4, 7.5, 7.6, current.

Changes made between OpenBSD 5.4 and 5.5

Made ssh(1) ignore environmental variables with embedded '=' or '\0' characters.
Added -C checksum mode to signify(1), to make using sha256 files safer and easier.
If a smtpd(8) peer advertises DSN and we don't want to use it, don't send trailing spaces (not all MTAs can cope).
fdisk(8) -l option added, to force LBA mode.
Fixed miniroot so it can get sets from a msdos partition.
Allow pfctl(8) to use a "*" wildcard on the command line for anchors that were not initially specified with a "*".
Stopped smtpd(8) missing F_BACKUP when dumping envelope (could break backup MX).
Fixes backported from openssl-1.0.1f (CVE-2013-4353, CVE-2013-6449 and CVE-2013-6450).
Made it possible to run X(7) with machdep.allowaperture=0 on hardware supported by radeondrm(4) on macppc too.
Use a larger read buffer, to speed up ftp(1).
Made ssh(1) cache OIDs of supported GSSAPI mechanisms before privsep sandboxing (bz#2107).
Stopped ssh(1) assuming that a socks4 username is \0 terminated.
Avoid early hostname lookups by ssh(1) unless canonicalisation is enabled (bz#2205).
Fix armv7 install script to allow it to work on both sd(4) and eMMC.
Support for ed25519 keys added to xdm(1) and xinit(1).
Made azalia(4) wait until the RIRB DMA engine is ready, so audio device integrated in the Vortex86EX SoC will work.
Abort/close all interrupt pipes when detaching HID devices (drivers attaching to uhidev(4) do not always do this).
radeon(4) workaround for broken BIOS that don't assign an address to the ROM BAR.
Revert r1.348 in sys/dev/pci/if_bge.c, to disable IPv6 TCP checksum offload for now.
Bring back ehci(4) code suspending root hub's ports before reseting the controller (saves power when suspended).
Fixed off by one leading to invalid host stats tree in smtpd(8).
Added "-p <path>" switch to fw_update(1), to specifying the location of firmware packages.
Allow ssh_config(5) to cope with configurations that always refer to canonical hostnames.
Made fw_update(1) print out the path to the firmware packages when in verbose mode.
Give drm(4) a console locator, to make sure /dev/drm0 always matches the primary display.
On mips64, increased _STACKALIGNBYTES, so long doubles on the stack are correctly aligned.
Fixed crash in tmux(1) caused by uninitialised lastwp member of layout_cell.
Basic i210/i211 support added to em(4).
tmux(1) fixed for "-fg/-bg/-style" with 256 colour terminals.
rc(8) now ignores blank characters at the end of ${pkg_scripts}, and will not execute /etc/rc.d/ in that case.
/etc/random.seed support added to alpha, mvme88k and vax.
Improved installer logic to find a filesystem to store the prefetched sets.
Made pax(1) map negative mtimes to zero instead of skipping the affected files.
Many fixes to drm(4) for i915.
Check to see if an i386/amd64 CPU supports tsc, avoid illegal instruction trap when it does not.
Stopped dhclient(8) creating default dhcp-client-identifier if an empty string has been configured as the value.
Fixed tmux(1) memory leaks with paste_replace.
Made it possible to build an i386 kernel with binutils-2.17 again.
Allow mouse down and mouse wheel for any pane with tmux(1) mouse-select-pane (not just in copy mode).
Fixed "p->p_wchan == NULL" panics seen with usb ethernet adapters.
Call control_init() before daemon() so that iscsid(8) and iscsictl(8) reloads work.
Stopped tmux(1) crashing when given an invalid colour.
Added iked(8) "config address" syntax, to list a range of addresses to use in a specified flow.
Basic iked(8) OCSP support. enable with 'set ocsp "http://10.0.0.10:8888/"'.
New smtpctl(8) "show status" command, to show if mta/mda/smtp are currently running or paused.
Stopped smtpd(8) looking up pki based on hostname if one was specified for the listener.
Fixed bcrypt(3) to avoid wraparound at 256 characters ("b" revision designation denotes fixed version).
Added initial em(4) support for i354 MAC and M88E1543 PHY.
Unbroke ld.so(1) with ssp-strong/all on sparc64 and powerpc.
Avoid spurious "getsockname failed: Bad file descriptor" errors in ssh(1) -W (bz#2200).
Preliminary nep(4) driver for the Sun Neptune 10/100/1000/10G Ethernet chip.
In radeon(4) drm code, fixed surface sync in fence on cayman (v2).
Allow X(7) to run with machdep.allowaperture=0 on inteldrm(4) and radeondrm(4).
Implemented the roff(7) ".as" request (append to user-defined string).
Let roff(7) handle some read-only number registers (e.g. .H and .V).
Re-added audio devices to the zaurus.
Updated to xterm(1) version 301.
Updated to xf86-video-intel 2.99.910 (aka 3.0RC10).
When terminfo(5) has colors#256, tmux(1) will now use setaf and setab for the 256 colour set.
Made C-j the same as C-m with tmux(1) mode keys.
In qle(4), added firmware for isp25xx; added isp25xx support.
Removed isp24xx-related code. Broken, and superceded by qle(4).
Fixed strptime(3) logic bug, as tm_yday can only be inferred if both tm_mday and tm_mon are set.
On i386/amd64, allow "disabling" of pagefaults, needed for some inteldrm(4) "fast" path code.
Fixed drm(4) bug which only copied out 32 bits of a 64-bit value.
Octeon now partially supports the D-Link DSR-500.
When sending neighbour advertisements, use the carp(4) mac address as target lladdr.
Allow larger totals to be displayed by iostat(8).
Show in dmesg(8) when an attached sd(4) is readonly, makes it clearer why write operations fail.
Introduced the qle(4) driver for QLogic ISP24xx fibre channel HBAs.
Made iked(8) set the msg_responded flag on the original message.
New dd(1) operands "status=noxfer" and "status=none", to suppress status lines printed to stderr.
Support for Intel Centrino Wireless-N 2200/105/135 added to iwn(4).
Stopped systat(1)'s pftop leaking memory at every queue refresh.
Build isp2xxx firmware into separate object files, to only include one when both isp(4) and qla(4) are enabled.
On sgi, block all interrupts that can grab the kernel lock.
Intel Centrino Wireless-N 2230 support added to iwn(4).
Fixed tmux(1) xterm-keys change where some keys (e.g. \033OA) were wrongly treated as partial matches.
Run the serving and privileged ntpd(8) processes at high priority, to lower latency.
Fixed MAC address format to let ospf work on myx(4) even without PROMISC enabled on a network interface.
Fixed drm(4) ttm: to handle in-memory region copies; ttm_bo_move_memcpy; memory type compatibility checks.
arc4random_uniform(3) returns a value strictly less than its argument; fixed arithmetic so that PID_MAX can be reached when the kernel is forking.
Many drm(4) on radeon(4) fixes, including: dac handling improvements; endian bugs; LCD record parsing; handling of variable sized arrays for router objects; panel scaling with eDP and LVDS bridges.
Added support in binutils for i386 XSAVE family of instructions: xgetbv, xsetbv, xsave, xrstor, and xsaveopt.
Fixed pmap(9) on vax when processes are using more than 512KB of stack.
Fixed failure of dhclient(8) to write resolv.conf(5) when -L is used; made add_address() and add_route() also wait until imsg is in pipe.
Stopped pkg_add(1) taking crypto sigs into account for "always-update" comparisons (the sig will always differ).
Stopped malformed IMSG_HUP messages causing the privileged dhclient(8) process to exit.
Fixed memory leak introduced in r1.96 of sys/dev/usb/usb_subr.c.
Fixed system hang issue when using radeon(4) KMS with older cards; fixed drm(4) card_posted check for newer asics; fixed endian issues with DP (v3) handling.
Rectified lock order reversal problem to stop panics seen in multi-threaded programs when using gdb(1).
When running sysmerge(8), only create DBDIR if it does not exist.
Made bus_dmamap_load(9) and bus_dmamap_unload(9) "mpsafe" on hppa.
Create dhclient(8) lease files and dhcpd(8) lease files with permissions 0640, rather than 0000 and 0664 respectively.
Be less verbose for pkg_delete(1) -X.
Stop disabling/enabling interrupts in the interrupt handler for "chip type D" (Marvell 9580).
Copy the correct number of channels in sndiod(8) join/expand.
Use the proper integer width when sndiod(8) calls AMSG_ISSET().
Macppc G5 systems with >2GB RAM now report correct amount of memory (kernel still only uses the lower 2GB).
Changed pkg_add(1) default to requiring signed packages.
Limit the number of currently opened pkg_add(1) packages, to limit memory usage.
Fixed booting of socppc n1200 with a usb disk plugged in.
Allow 64-bit page table entries on mips64 and sgi, making physical memory beyond 16GB addressable by pmap(9).
Stopped attempting to initialise the time from an uninitialised variable on socppc.
In the installer, make sure a free bpf(4) exists before dhclient(8) is run.
Fixed remote printing by lpd(8) which was broken in r1.50 of printjob.c.
Made carp(4) send IPv6 neighbour advertisements with the "router" flag when acting as router. Stops clients losing default routes during carp(4) failover.
Updated to sendmail(1) version 8.14.8.
Made dhclient(8) create "-L" leases files with the same 0000 permissions as regular leases.IF files.
Log when dhclient(8) fails to fchmod(2) or fchown(2) the file written in priv_write_file().
Fixed inet6_opt_init(3) to only check extlen when extbuff is not NULL (as per RFC 3542).
Fixed regression in ssh(1) for UsePrivilegedPort=yes.
Only set the cwm(1) urgency flag if the client is not active.
Fixed a MP race in the alpha's fpu context saving code.
Stopped tcpdump(8) segfaulting on IPv6 NFS traffic.
Made pax(1) cope with a stripped down format list (e.g. when compiled with -DNOCPIO).
Fixed spurious SIGSEGVs in inteldrm(4) with xf86-video-intel version 2.99.909.
Fixed myx(4) race, which prevented the driver from transmitting packets.
Always reset the signature when fdisk(8) is writing an MBR to disk, to ensure MBR is readable by disklabel(8).
kvm(3) crash dump parsing fixes: correct paddr in process info and pids in file info.
Made syslogd(8) ignore ENETUNREACH, so remote logging is not stuck after a "network unreachable" error.
Added smtpd(8) support for DSN and Enhanced Status Code.
Allow the smtpd(8) admin to pause relaying to a specific domain.
Socketmap table backend added to smtpd(8).
In smtpd(8), extend the allowed charset for email address; escape potentially dangerous ones.
Fixed smtpd(8) dump function which occurred with some flag combinations.
Reverted broken part of sys/dev/pci/if_bge.c r1.329 (link state handling for the BCM5700 B2).
Delayed lowercasing of hostname until right before hostname canonicalisation, to unbreak case-sensitive matching of ssh_config(5).
Fixed dpb issue with E=x11/qt3.
Fix ssh(1) memory leak in ECDSA_SIG_new().
Stopped ucom(4) trying to cleanup if it is being detached when returning from tsleep(9). Fixes a panic.
Fixed a null dereference introduced when uftdi(4) was converted to use usbd_is_dying().
On alpha, make sure sched_init_cpu() on the secondary processors is invoked with the kernel lock held.
Stopped pkg_add(1) mixing up the list of manpages to be deleted with those to be added.
Store a compact form of manpages when running pkg_add(1).
Updated to xf86-video-intel 2.99.909.
Properly clean up after sysmerge(8) is run.
Build bsd.mp on the alpha platform.
Allow use of "*************" as password in the installer response file for accounts with password logins disabled but login (e.g. with ssh-keys) still possible.
Simplified how "kept" packages are handled by pkg_add(1).
Rearrange interrupt register processing for 2200s. Makes onboard FC controllers in Sun systems work better.
Converted memset(3) of potentially-private ssh(1) and sshd(8) data to explicit_bzero().
Improved cut(1) POSIX compliance: continue to process the remaining file operands even after not finding an input file.
On alpha, manage a per-cpu pmap(9) free entries queue, in addition to the in-use queue to avoid corrupting memory; simplified try_lock(), to avoid one forward branch in the common case.
Take bwidth into account for the cwm(1) menu's position and size.
Fixed pkg_add(1) kept packages bug (they have to be completed somewhere).
When pkg_add(1) is stopped by ^C^C, try to exit only when the database is in a safe state.
drm(4) i915 now invalidates TLBs for the rings after a reset.
On amd64, removed some of the excessive cache and TLB flushing going on during hibernate unpack.
Allow the cwm(1) config parser continue parsing even after encountering an error.
Replaced most usages of bzero(3) with explicit_bzero in ssh(1) and lib/libutil/bcrypt_pbkdf.c and pkcs5_pbkdf2.c.
Fixed partial matches in tmux(4) with xterm-keys on.
Add \033[18t window operations to tmux(1).
Set IFCAP_VLAN_MTU on tl(4) to allow for VLAN sized frames.
If a scsi(4) device doesn't have device ids or serial numbers, try using node_wwn to generate a devid.
Fixed VCPU reset sequence bug on bge(4) BCM5906.
Simplified adjtime(2) by keeping track of the adjustment in a 64-bit integer. Stops ntpd(8) losing sync.
Stopped umodem(4) matching control interfaces if data interface is missing or already claimed. Fixes Ericsson F3507g.
Made sure partial installs of a package are handled properly by pkg_add(1).
Added an MI api for atomic ops (e.g atomic_add_int(9)) in the kernel.
Added a -d flag to fw_update(1), to remove the specified firmware packages.
Added fuse(4) support for IO_APPEND.
Check command name/path for truncation and provide user feedback during cwm(1) config parse .
Fixed ftp(1) progress meter, broken after the introduction of the '-D' flag
Allow replacing separate foo-{fg,bg,attr} tmux(1) options with a single foo-style option (e.g. "set -g status-style fg=yellow,bg=red,blink").
Remember the last active tmux(1) pane in the top-bottom or left-right cell so that it can be restored when using selectp -L/-R/etc.
Enable IPv6 TCP checksum offload for bge(4).
Check cwm(1) "ignore windowname" for truncation and provide user feedback during config parse.
Error out on an unacceptable worm(6) length argument; start with the cursor on the worm's head.
nginx.conf default changed to stop sending nginx(8) version number in error pages and "Server" header.
cwm(1) now follows the EWMH spec: if the cardinal returned is 0xFFFFFFFF (-1) then the window should appear on all desktops.
Added CoreChip RD9700 support to udav(4).
Dropped FETCH_CMD from sysmerge(8), now always use ftp(1).
Fixes/workarounds for bge(4) BCM5719/BCM5720/BCM57765/BCM57766 chipsets; added support for the new BCM5762 ASIC (BCM5725/BCM5727/BCM57767); added all of the newer PCI ids.
Replaced ssl(3) HMAC and MD5 with implementations based on native sshd(8) ssh_digest_*.
Removed the no-op flags -L and -V from compress(1); removed -g flag from gzip(1) (non-standard, only makes sense in compress(1)).
Enhance sysmerge(8) errors output and display what is going on.
Enabled IPv6 checksum offload in jmw(4).
Attempt to make user changes of keyboard layout configs more "sticky" on wsmux(4).
Work in progress code added for SMP on the alpha architecture.
Installer fixes to: extend logic for finding a location to place prefetched sets; complain loudly on errors and give users a chance to react; improve detection of ftp(1) fails while fetching sets; be more cautious while removing temporary directories.
tcpdump(8) now correctly shows that checksums of zero are invalid when listening to UDP over IPv6 traffic.
Stopped ufs_setattr() assuming atime/mtime/ctime flag bits needing to be updated weren't already set.
Stopped pkg_add(1) allowing file permissions to be adjusted without an explicit @mode annotation.
Changed the default pf.conf(5) block policy to "block return".
Reverted counter size changes in netinet, as it broke netstat(1).
Added a special case to ssh(1) for the DH group size for 3des-cbc, which has an effective strength much lower than the key size.
Corrected parsing of dhclient.conf(5) statements "fixed-address" and "next-server".
Ditched kernel high and low water marks for vfs(9) pages and replaced with a single target, to minimise use of biglock.
Disable lapic when halting CPUs on i386, for improved suspend.
Implemented the traceroute6(8) "-c", "-D" and "-S" flags (from traceroute(8)).
Improved formatting of broken blocks in mandoc(1) -Tman.
When a disklabel(5) is read from a MBR partitioned disk, preserve any changes the user makes with disklabel(8) "-b".
Made iked(8) re-lookup the policy as soon as we have the ID of the peer (destid).
Enabled format-string checks for log_*() in iked(8).
Made sure iked(8) sa_lookup() can actually find the SAs.
Stopped iked(8) leaking prv RSA key for each signature.
Avoid wdc(4) panics where free_xfer is called after scsi_done calls xfer_put.
In bgpd(8), corrected the matching for filter rules of "prefixlen = XX".
Fixed VRAM size calculation for VRAM >= 4GB, and many other fixes for radeon(4).
Fixed a use-after-free when GPU acceleration disabled; many more drm(4) fixes.
Killed (inaccurate) hardware checksummed packet counters and use software counters instead; switched netstat(1) to use them.
Allow the special bgpd(8) case of making a route valid before setting the blackhole flag on it.
Support multi-stream archives in pkg_sign(1), storing packing-list as a separate stream for efficiency.
Made cwm(1) supply a more useful title for windows launched via the ssh(1) command menu ("[ssh] <hostname>").
Switched radeon(4) drm to MSI on the cards that support it.
Added -D shorttitle support to ftp(1).
Added initial softraid(4) support for rebuilding a RAID5 volume.
Fixed resume on some radeon(4) rs4xx(v2) boards.
Support paste key in tmux(1) copy mode input (for search etc); clamp length to screen width.
Properly release X(7) resources during cwm(1) teardown.
Streamlined cwm(1) event loop/restart/quit handling.
Implemented the "\:" (optional line break) escape sequence in mandoc(1).
Do not permit periods in tmux(1) session names.
Only exit tmux(1) copy mode at the bottom if no selection is in progress.
bus_dmamap_load(9) and bus_dmamap_unload(9) made mpsafe on sparc64.
sysmerge(8) cleans up work directory better; improved handling and comparisons of symlinks; simplified signature handling.
Removed genmask support from route(8).
Fixed problems installing from atapiscsi(4) cdrom devices.
Added CoreChip RD9700 support to udav(4).
Fixed a bug where stale bgpd(8) routes were not properly flushed on sessions announcing the graceful restart capability.
Made sure the disklabel(5) is written to the correct spot on devices with non-512-byte sectors.
Improved isakmpd(8) randomisation.
Introduced fine grained locking to myx(4) (only from the interrupt side).
Fixed a double free caused by a relayd.conf(5) config with two "listen on" statements in a relay.
Allow pflow(4) to determine the src IP address based on the route table if flowsrc is not set.
Added a virtio(4) random driver.
Enabled mpsafe interrupts on pyro(4/sparc64).
Do not clean the multicast records of an interface when it is destroyed (as pcb multicast options might keep a pointer to them).
Disabled lapic when halting amd64 CPUs. Fixes suspend on some machines.
Enabled signature checking by default to sysmerge(8), with new option -S to skip.
Allow dhclient.conf(5) to specify "fixed-address", "next-serve", "filename" and "server-name".
When creating the effective lease, dhclient.conf(5) can now override anything in an offer or saved lease.
Fixed softraid(4) RAID5 write functionality: changed parity calculation algorithm to avoid volume scrubs; allow writes to function correctly even when a chunk is lost.
Allow pf(4) to match "any" interface (excluding loopback).
Added sdmmc(4) support to i386/amd64 install media.
Fixed lpd(8) race condition during symlink check.
Added ubcmtp driver for Broadcom multitouch trackpads (on some MacBooks) enabling multi-finger gestures with synaptics(4).
Convert the softraid(4) work unit workqs to taskqs.
Added strong stack protector mode for propolice in gcc(1) version 3.
Support added to pfctl(8) for "!received-on <interface>".
Allow the Alix APU to reboot by changing the acpi(4) checks.
Added newqueue support to systat(1) for the queue view.
Allow vio(4) to recover after running out of mbuf(9)s.
Allow userland to pass RTF_MPATH flag. Unbreaks multipath routes.
Set initial pf(4) ruleset to explicitly allow dhcp / bootp and dhcpv6. Lease renewals blocked without this change.
Introduced fine grained locking around the lists of packet handlers myx(4) maintains.
Reworked parsing of numbers by dhclient(8) to improve the error messages.
Introduced qla(4), a new driver for Qlogic fibre channel HBAs (only ISP23xx so far).
Count dropped icmp(4) errors when the rate limit is exceeded. netstat(1) will report this now.
When installboot(8) is copying files, do it in 512 byte blocks to appease install media.
Merged mesa 9.2.5.
Reworked installboot(8) to use a single directory with a single makefile.
Call random_start() immediately after cpu_startup.
Support a second -v on mandocdb(8), to show keys while they are being added.
Unlink an associated pf(4) divert state when a socket connection gets destroyed.
Made mos(4) pass received broadcast frames explicitly if not in promiscuous mode. Fixes a problem with initiating connections.
Stopped xterm(1) "-hold" from chewing CPU cycles.
Remove the RAID 4 discipline from softraid(4). RAID 5 should be used instead.
Updated the radeon(4) drm headers based on libdrm 2.4.51; updated libdrm to 2.4.51.
Added installboot(8) "-r", to allows the mount point of the root filesystem to be specified.
Stopped dhclient(8) following symlinks for -l and -L arguments.
Made dhclient(8) parse_X return -1 when it encounters a parsing error. Enables recognition of zero length value vs parsing error.
Fixed off-by-one on specially crafted /etc/shells file.
Optimisations to mandocdb: db build time goes down by 10% (now 1.9x of makewhatis(8)); db size goes down by 4% (now 11x of makewhatis(8)); db build time with -Q goes down by 15% (now at 0.28x of makewhatis(8)); db size with -Q goes down by 3% (now 3.35x of makewhatis(8)).
Avoid size_t overflows while dhclient(8) is reading /etc/resolv.conf.tail, and in file(1) apprentice_map.
Added support for mknod(8) in fuse(4); removed an infinite loop in fuse_device_cleanup().
Incorrect cast to size_t removed from sftp(1), which broke resume of large downloads.
Added more luna88k-specific initialisation in xf86-video-wsfb.
Re-open the default pipe with updated values when attaching a new ohci(4) or ehci(4) device, so the device will be recognised.
Added support for the DS1337 TOD octrtc(4/octeon) clocks.
Added md5(1) -C option (to only do checksum comparison for specified files).
Initialise _res.nsaddr_list in res_init(), fixing some programs which depend on bind resolver internals.
Reset the top(1) cursor position each time there is a resize event.
Added new option "-fstack-protector-strong" for gcc(1) version 4.
Added the "next" keyword as an alias for "+ 1" for relative times with at(1); support "months" and "years" relative time units (all per POSIX).
When parsing dhclient.conf(5) or dhclient.leases(5) and encountering a "}" or a ";", always continue reading rest of file.
Enabled gcc(1) -Wbounded by default.
New signify(1) options: -m message and -x signature.
Reverted to pkg_add(1) PackageRepository.pm r1.97, as there is a memory leak when using internal GZip.
Updated to freetype 2.5.2.
Added -DNOCPIO option to pax(1), for use by distrib/special
Let tcpdump(8) detect bad ICMP/ICMPv6 checksums with the -v flag.
While the hibernated image is being unpacked, acpi(4) now demotes APs to real mode, place them in HLT loop. Fixes some spurious reboots on resume.
Added MSI support to jme(4).
Corrected sigpending(2) argument handling, to stop it writing to the wrong memory on hppa and hppa64.
When md5(1) is using a checklist, print MISSING for non-existent files.
Fixed ping6(8) bug where binary built with stack-protector-strong would fail to set the routing table id.
Made ddb(4) "show mbuf" print all mbuf(9) fields in a consistent way.
Don't let ssh(1) or sshd(8) connect to clients/servers that suffer from SSH_BUG_DERIVEKEY. These are too vulnerable to KEX attacks.
Option "-e" for embedded signatures added to signify(1).
Allow tmux(1) "attach-session -t" to accept a window and pane to select them on attach; made "switch-client -t" accept a window and pane.
tmux(1) changes: check for truncation when copying path; don't use a temporary buffer in screen_set_title; include strerror in output when connecting to server fails.
Fixed the radeon(4) burner method, ensuring cookie is a pointer to rasops_info. Fixes hangs on shutdown.
When sftp(1) is formating the time, show dates in the future with the year; fixed incorrect date calculations.
Updated pax(1) -v format to match ls(1) -l: display the year for dates in the future; eliminate bogus handling of LC_TIME environment variable.
Per POSIX, times in the future are now reported by ls(1) with the year.
Added support for -h hashfile to cksum(1), md5(1), sha1(1) and sha256(1).
Updated to libXfont 1.4.7 (includes fix for CVE-2013-6462).
5.3 and 5.4 SECURITY FIX: CVE-2013-6462: unlimited "sscanf" can overflow the Xserver(1) libXfont stack buffer.
A source code patch is available for 5.3 and 5.4.
Restrict what characters can be in a pkg_add(1) signer, to make certain it's not possible to go ../ from /etc/signify.
Propagate an rdomain number to the icmp6(4) nd6_lookup independently from the ifp pointer. Prevents a crash.
Follow-up fixes for IFID collision handling in IPv6CP; properly change the link-local address.
Made pkg_add(1) verify all checksums, including special files (e.g. prevents people from tampering with DESC).
Sped up mandocdb(8) -Q by another 3% (now at 39.5% of makewhatis(8)).
Delay checking vnode(9) locking of the target vnodes in tmpfs_rename() until we've confirmed they're on the same filesystem as the source.
Allow pkg_add(1) processing of package lists in parallel, a large speedup when re-gzipping a signed package.
Enable memory beyond 1.5GB on sgi octane, to test if kernel panics seen on some MP systems have been fixed.
More speedups for mandocdb(8) -Q mode, found with gprof(1).
Fixed sparc64 kernel profiling.
On sgi, let 2048-byte sector media use a volume header using fake 512-byte sectors, yet still allow reading the native label from it.
Fixed mandocdb(8) -d and -u (broken by recent optimisations).
Make sure in6_ifdetach() removes the ff01::1 route for the detaching interface, too.
make(1) "target: prereq" solving now done after parsing, not during command execution.
Added option -Q (quick) to mandoc(1), for accelerated generation of reduced-size databases.
On i386/amd64, don't use the first 64KB memory for anything (including tramps and uvm). Avoids possible corruption by buggy BIOS SMM code.
Hooked installboot(8) into the build.
No longer have "unreachable manuals", removed the code from mandoc(1).
/dev/random added to the install media, providing additional usable entropy for bsd.rd and first boot.
Fixed vgafb(4) on macppc to bring back textmode cursor.
Updated to x11proto 7.0.25 and xauth 1.0.8.
When rebooting from single user mode, stopped init(8) raising securelevel(7) at rc.shutdown(8).
Ensure we close the socket to the whois(1) server before returning, to avoid a loop.
Made pf(4) queues properly disappear when interfaces are destroyed.
Updated to: xf86-input-elographics 1.4.1, xf86-input-joystick 1.6.2, xf86-input-vmmouse 13.0.0, libpciacces 0.13.2 and glproto 1.4.17.
Calculate proper cwm(1) menu width/height on the first Expose event.
Allowed cwm(1) to accept _NET_WM_DESKTOP and _NET_CURRENT_DESKTOP ClientMessage.
Don't allow cwm(1) to resize to 0x0 during mouse resize.
Added primary support for luna88k 4bpp/8bpp frame buffer, with colour support on the luna wscons(4).
Updated to xterm(1) to version 300.
Temporarily disabled ahci(4) MSI for Samsung XP941.
Tweaked azalia(4) to enable beep and CD controls on ALC282, ALC221 and ALC269.
Fixed mkuboot(8) "make bsd.umg"; allow it to handle PT_LOAD, fail on any others.
Fixed deadlocks when sndiod(8) device slot uses the SIO_SYNC mode.
Fixed ztsscale(8/zaurus) after struct wscons_event size change.
Don't consider ld.so(1) to be successfully built unless a test program using it works.
Experimental feature to let apropos(1) show different keys than .Nd.
Added signify(1), a tool to sign and verify signatures.
First steps to replacing the Berkeley-DB based mandocdb with an sqlite3(1) version.
ssh(1) and sshd(8) now refuse keys from clients/servers using obsolete RSA+MD5 signature scheme.
Reverted rgephy(4) to pre r1.25 behaviour: fetch link and media status when attached to re(4).
Enabled azalia(4) snooping on Lynx Point-LP HD Audio. Fixes Acer Aspire E1 572G audio.
Support .St -p1003.1-2013, "IEEE Std 1003.1-2008/Cor 1-2013" in mdoc(7).
Corrected initialisation of the Bt458 in the luna 8bpp frame buffer.
Stopped mandoc(1) triggering end-of-sentence spacing (near period) at partial implicit macros.
When showing ssh(1) hostkeys, show ed25519 keys as well.
Stopped ssh(1) refusing to load ed25519 certificates.
Allow deletion of ed25519 keys from the ssh(1) agent.
Allow ssh(1) ed25519 keys to appear as certificate authorities.
Call PHY_RESET upon attaching eephy(4) to trigger PHY initialisation (to match behaviour before r1.52).
i386 now uses PIE.
Update to Xserver(1) version 1.14.5 (mac68k and mvmeppc are no longer supported).
Added installboot support for vax, hp300, hppa64, sparc64 and landisk.
arc4random(3) accessible by init(8), leading to random pids for anything besides 0 and 1.
Create a seed file for the bootloader in /etc/random.seed, for random data very early in the boot process.
Free(bbp) in newfs_ext2fs(8) error paths (coverity CID 274748).
"/stand" directory removed (has not been used in decades).
Provide a bootstrap implementation for use with architectures like hppa, landisk and vax.
Initial version of a unified installboot(8). For now only for i386/hppa/amd64.
rc(8) will now report absence of pkg_scripts.
Properly remap mandoc(1) \B, \H, \h, \L, and \l to ESCAPE_IGNORE.
Parse and ignore the roff(7) escape sequences \d (move half line down) and \u (move half line up).
Implemented .Fo/.Fa/.Fc indentation and break handling for mandoc(1) -Tman.
Probe for a keyboard on all iockbc(4/sgi) ports, attach to the first one found.
Fixed pkg_add(1) autoloading of quirks; avoid loading the old quirks file; always report if quirks should be there if it can't be loaded.
In the SYNOPSIS, implemented hanging indentation for .Fo and avoid mandoc(1) outputting line breaks inside .Fa arguments.
Added mdoc(7) support for .St -xsh4.2, the System Interfaces part of the original Single UNIX Specification.
Final circleq to tailq fix for netstat(1), tcpbench(1) and systat(1).
Stopped mandoc(1) breaking output lines in .Fn function arguments in SYNOPSIS mode.
Rearranged/corrected bpf(4) timeout conditionals. Fixes negative timeout panics.
Implemented SYNOPSIS .Fn indentation for mandoc(1) -Tman.
Stopped mandoc(1) outputting line breaks after block macros spanning more than one input line when encountering a ".Bk".
Added ftp(1) support for SSL/TLS server certificate validation (enabled by default); allow setting preferred ciphers.
Fixed mg(1) bugs: dotline off by one when adding newline at EOF; align and sync dotlines when displaying the same buffer in two windows.
Allow pkg_add(1) to cope with the change in ftp(1) warning messages.
The xbase set requires the comp set. When installing, include comp automatically if xbase is selected.
Fixed IPv6 functionality in tftp-proxy(8); implemented "-a" option to make it work on a NAT gateway; generate pass rules instead of erroring out when no address for the current AF was specified.
Revert previous acpi(4) commit, which made resume hang on some GENERIC.MP systems.
Made ld.so(1) pass its cleanup handler, stopped it calling atexit(4) directly on i386, sparc64, alpha, powerpc, amd64 and hppa.
In mandoc(1), implemented hanging indentation for .Fn in SYNOPSIS mode.
radeon(4) now tries to keep the framebuffer console layout set up by the firmware on sparc64.
On alpha, set the primary CPU's PAL revision correctly, to properly spin up secondary processors.
Implemented mandoc(1) end-of-sentence spacing at the end of man(7) macro lines.
Fixed dhclient(8) "string constant too long" errors when reading back a lease with filename or servername attributes containing escaped characters.
Save and restore acpihpet(4) configuration on suspend/resume.
Fixed locking in the drm(4) i915 page fault handler.
Allow kdump(1) to recognise itimer and ktrace facility names to {get,set}itimer() and ktrace().
Add support for truncate in fuse(4).
Added vioscsi(4) driver, work-in-progress but functional enough to work with both Google Compute Engine and RHEVM.
Made mg(1) set the correct line number after successfully searching with re-search-{backward,forward}.
Fixed ksh(1) crash when trying to access ${12345678901234567890}.
When ftp(1) is writing a file, break out when we get a write(2) error, not just an EPIPE.
Switched netstat(1), systat(1) and tcpbench(1) from CIRCLEQ to TAILQ and purged last renants of CIRCLEQ in the base.
Reliability fix for ssl(8) SHA384 SSL/TLS ciphers, to avoid application crash on strict alignment architectures.
5.3 and 5.4 RELIABILITY FIX: avoid application crash while using ssl(8) SHA384 SSL/TLS ciphers.
A source code patch is available for 5.3 and 5.4.
Initialise each cpu's mttr properly (for PAT) at boot and after suspend/resume on i386/amd64.
Made mg(1) "dired-unmark-backward" behave the same as emacs.
Plugged memory leak in tftp-proxy(8).
Recognise octeon2 cpus, like those found in the lanner mr326.
Stopped ssh-agent(1) from crashing (NULL deref) when deleting PKCS#11 keys from an agent that has a mix of normal and PKCS#11 keys (bz#2186).
Fixed multiple remote forwardings with dynamically assigned listen ports, so ssh(1) client can discriminate between them (bz#2147).
Avoid potential integer overflow in ssh(1) client_alive_interval timeout (bz#2170).
Made ssh-add(1) skip requesting smartcard PIN when removing keys from agent (bz#2187).
Provide a random stackgap on pthread frames.
Removed artificial limit on the ksh(1) max array index.
Reverted the other part of bpf.c's r1.84. May finally fix "timeout_add: to_ticks (-1) < 0".
Changed install password prompts; added autoinstall(8) question for root ssh(1) pubkey; make pubkey prompts appear in log.
Correctly read strings containing non-printable characters in dhclient(8) lease file; allow embedded NUL characters rather than skipping them.
Cleanup in ksh(1) code for ctypes, and re-auditing of this area.
Added tcgetsid(3) function, as it is now in POSIX base.
Back-port code from binutils 2.16, so weak undefined references work on alpha.
Run spamd-setup from within /etc/rc.d/spamd; made the rc.d(8) script take $spamd_black into consideration.
Bugfix by switching generic drm(4) modesetting code to give negative errno return values.
Made acpi(4) restore sysctl(8) hw.setperf upon resume like we do for apm(4) on i386.
Implemented cwm(1) support for _NET_WM_STATE_FULLSCREEN hint, with keybinding changes: CM-f "fullscreen", CM-m "maximize".
Changed subject of install/upgrade log to better match periodic maintenance emails.
Allow double quotes to be quoted (by doubling them) in mdoc(7), to match roff(7) and man(7).
Prevented drm(4) causing a kernel panic if an unsupported frame buffer configuration is requested.
Made ssh-add(1) also add .ssh/id_ed25519, to match the manual page.
Removed popa3d(8) from base (no plaintext-password-only daemons allowed anymore).
Fixed ubt(4) compilation after last commit to sys/dev/usb/ubt.c; fixed bthub compilation.
Overhauled intel(4) i915 pread/pwrite code, to fix cache coherency issues and reduce screen artifacts.
Avoid timeouts of ULONG_MAX milliseconds. Stops the Xserver(1) from crashing with "select returned EINVAL" messages.
In dhclient(8), update timestamps in "effective" lease prior to printing the lease.
Enabled tmpfs so it gets tested some more.
Instead of using the work area, use the Xinerama area for cwm(1) snap calculations.
Initial version of autoinstall(8) manpage, for unattended installs/upgrades.
Save-set when cwm(1) is re-exec'ing so as to not lose State on our hidden clients.
Added cwmrc(5) support for XUrgency and matching _NET_WM_STATE_DEMANDS_ATTENTION ewmh hint, with configurable urgencyborder.
Rewritten receive filter handling and ioctl bits in aue(4).
Have df(1) in the daily(8) output show used/free inode levels.
Make sure cwm(1) really takes the work area gap into account with snap calculations.
Track the last event timestamp and pass it on for cwm(1) WM_TAKE_FOCUS ClientMessage. Solves focus order issue.
Fixed static linking of libpthread.
Better bus error diagnostics on sgi (only affects IP28).
Revert change to sha256 in sys/dev/rnd.c, so ramdisk will build again.
Use u_int32_t to store the magic number sent by sppp(4). Fixes a bug on big-endian LP64 archs.
Use a correct pexp to unbreak identd(8) stop/reload (old pexp in /var/run/rc.d/identd has to be manually removed).
Revert to return EPERM for sem_init(3) pshared until it works properly.
Support XA_WM_HINTS in cwm(1) PropertyNotify events.
In sys/dev/rnd.c, replace use of md5(1) with sha256(1).
Prevent gcc(1) from inlining the unsafe functions (and hiding warnings for) sprintf(3), vsprintf(3), stpcpy(3), strcat(3) and strcpy(3).
Redraw cwm(1) client border when unhiding.
Dropped the f0, f1, f2 gettytab(5) capabilities ("modern" replacement is the set of i#, o#, c#, l# to poke magic numbers into termios(4)).
Added infrastructure to create un-biglocked task queues.
Stopped fuse(4) attempt to free a non-heap object.
At resume, do not move flushing characters in from the com(4) chip, as there shouldn't be any.
Remove MD intagp(4) code that is unused now that inteldrm(4) manages the GTT all by itself.
Re-factor processing of classless static routes option (121) in dhclient(8); added more data validation.
Fixed crash on urndis(4) detach.
Stopped iked(8) dropping messages if we are usually the initiator and the peer initiates rekeying first.
Allow uvm(9) aobj to shrink and grow, for mount_tmpfs(8) support.
In sgi architecture, fixed boot block installation on IP28.
Fix cwm(1) client group shortcut in menu lists when clients aren't assigned to a group, to fix a crash.
Updated to Xserver(1) version 1.14.4.
Enabled rum(4) for armv7.
Fixed pcn(4), to allow bringing interface out of all-multicast mode once a range of multicast addresses has been found.
Corrected the sudo(8) check for whether a user may change the login class.
Enabled fast path for relocations and enabled cpu relocations on intel(4) i915.
If the ring was full, make jme(4) put the packet back on the queue so it can be transmitted.
Fixed jme(4) error handling for DMA.
Made intel(4) clflush() flush the correct cache line on i386/amd64. Fixes gnome screen corruption and hangs.
Stopped intel(4) i915 from panicking if an object is truncated while still mapped.
Fixed smtpctl(8) resume route.
ssh(1) now supports ed25519 hostkeys and user identities (see http://ed25519.cr.yp.to/software.html).
New ssh(1) private key format, with bcrypt as the default KDF.
Fixed memory leak in sftp(1) error path in do_readdir().
Warn when smtpd(8) fails to parse a field.
When a relay fails, let the smtpd(8) scheduler update all envelopes in the holdq as if they tempfailed.
Libcompat (for compatability with 4.3BSD) is purged.
Corrected spin timeout detection in __mp_lock debug code.
Fixed ssh(1) AuthorizedKeysCommand inside a Match block (bz#2161).
When dhclient(8) receives a /32 IP address assignment, mimic ISC DHCP by adding a direct route(8) for the default gateway.
Fixed the installer's parsing of nwids containing blanks.
Protect calls to bio_getitall with the sc_lock, so mfi(4) doesn't panic.
Don't leak local_fd on sftp(1) error (bz#2171).
Allow sgi IP27 to be able to boot off cdrom via the "Install System Software" menu.
Fixed iwi(4) to cope with fatal firmware errors: reset chip, reload firmware and bring the interface back up.
Fixed an out-of-bounds-memcpy in iked(8) pfkey_process().
smtpd(8) scheduler_ramqueue is now in O(log n).
Stopped fuse(4) appending a NUL character to buf in readlink(2); more checks for malloc(3) return values.
Allow fuse(4) to free the representation of the vnode(9) in userspace.
Unmount the fuse(4) filesystem if communication ends with the fuse device.
Added missing fuse(4) checks that the communication channel with libfuse is still open before sending fusebufs.
Stopped smtpd(8) sending all delivery notifications to the queue in one go.
Warn when smtpd(8) fails to enqueue an internal bounce.
Fixed dc(4) so it can bring the interface out of all multicast mode once a range of multicast addresses; fixed multicast range checking.
When cwm(1) receives a NotionNotify event, don't redraw the top menu selection.
Always highlight the first menu item in the cwm(1) menu.
Prepend the group shortcut in the cwm(1) client search menu; prepend shortcut in unhide menu.
Stopped ntfs subsystem trying to put an off_t into an int, which resulted in a 2GB limit.
Avoid truncating ntfs 64-bit attribute values to 32-bits. Otherwise an attribute's data length value wraps at 4GB.
If not hidden during an UnmapNotify event, cwm(1) will now un-manage the client.
Corrected ssh(1) bzero of chacha20+poly1305 key context (bz#2177).
Made ssh(1) key_to_blob() return a NULL blob on failure (part of bz#2175).
Fixed use-after-free in ssh(1) ssh-pkcs11-helper.c (bz#2175).
Switched mvme68k to the MI zs(4/mvme68k) driver.
More robust parsing of the DHCP lease file for autoinstall.
Updated to pixman 0.32.4.
Fixed intel(4) write-read race with multiple rings.
Brightness quirk for Acer Aspire 4736Z added to intel(4)
Prevent "bogus xmit rate %d setup" panics in wireless IBSS mode.
Made ifconfig(8) scan show the nwid, channel, and bssid for IBSS networks (not just access points).
Allow the autoinstaller to pass a public ssh(1) key for inclusion in the user's .ssh/authorized_keys.
Fixed nsd(8) bug#534: IXFR query loop over UDP for zones that are unchanged, to stop query flood from the slave.
Use arc4random(3) instead of srand(3) and rand(3) in kerberos(8).
Restore radeon(4) frame buffer upon last close; makes sure we we have a usable console after exiting X(7).
Do not send the smtpd(8) holdq release message if no envelope was held for a relay.
Do not hard-code smtpd(8) scheduler batch size; reduced default limit to avoid hammering effects.
Reverted sys/net/bpf.c back to r1.85, as panics are still being reported.
For pthread_main_np(3), use a new flag, THREAD_ORIGINAL, to indicate the original thread for this process. Fixes some ConsoleKit failures.
Made the installer's ask_which bail out on a missing response in the autoinstall case rather than looping endlessly.
Re-enabled radeon(4) RADEON_INFO_VA_START and RADEON_INFO_IB_VM_MAX_SIZE.
Mark replaced iked(8) flows as "not loaded".
Don't let iked(8) leak duplicate flows.
iked(8) now drops duplicate requests, to avoid corrupt child-SA tables.
Made iked(8) discard & free duplicate IKESAs; made sure new SAs are not created that cannot be inserted in the SA tree.
Include hexdump in iked(8) debug output only for -vvv.
Support raw pubkey authentication w/o X.509 certificates in iked(8).
When wpi(4) has a fatal firmware error, reset the chip, reload the firmware and bring the interface up again.
Limit the number of envelopes to recall in the smtpd(8) hoststat cache.
Removed some double frees in fuse(4).
Fixed smtpd(8) loading of passphrase-protected keys.
Allow subdomain matching in smtpd(8) mailaddr table(5).
Changed the way multicast(4) addresses are linked to an interface.
Now the auto installer supports both install and upgrade, use "non-interactive mode" instead of installation.
Fixed a more(1) read loop, subtly broken on big-endian machines for some time.
Like "gap", made cwm(1) "snapdist" per-screen.
Let cwm(1) deal with clients that don't have WM_NORMAL_HINTS.
Removed cwmrc(5) option to bind a key by keycode with brackets, which never worked. Users should be using keysym names not keycodes.
Made timeout_add(9) return whether the timeout(9) was scheduled in this call (by returning 1), or a previous call (by returning 0).
Grow nfsd(8) request cache for the server side from 64 to 2048 entries. Avoids "file already exists" errors.
Fixed a possible double-free/NULL dereference in vi(1) msg_print.
Updated nsd(8) to version 4.0.0; use nsd-control to signal; generate keys for nsd-control if they don't exist.
Copy some entries from Apache's httpd(8) mime.types file to the one used by nginx(8).
Only set the IFF_ALLMULTI flag if there is at least one real multicast(4) address.
Added some logic to the autoinstaller, to select an interface for the initial dhcp request.
Allow autoinstall/upgrade even when not netbooted.
Reworked install.sub _autorespond(): better line parsing; treat empty/missing/multiple answers as an error and exit; ensure $RESPONSEFILE exists.
Vax can now compress/decompress .xz files.
Many utilities adjusted to use u_char for buffers in "yylex for ctype" calls.
Stopped netstat(1) -Ar leaking kernel pointers to unprivileged users.
Disable %n in printf(9), to avoid making any format-string vulnerabilities exploitable.
Reworked pmap(9) on vax to allow the kernel to use much less memory for page tables.
Increase NMBCLUSTERS in vax (using kernel memory saved by recent pmap(9) changes).
In uvm(9), replaced the swapdev CIRCLEQ with a TAILQ; replaced list traversals with LIST_FOREACH.
I2C driver for am335x added to armv7 (not enabled yet).
Prevent some race conditions in make(1) by just chdir()'ing into the right objdir.
Merged mesa 9.2.3.
In install.sub, use a flag file to recognise a successful autoinstaller run; provide the autoinstaller logfile as mail to root.
With tmux(1) -k, only kill the window after using it to work out -c path.
Made tmux(1) handle empty current directory more gracefully.
kdump(1) now understands USB, VIDIOC and generic DRM ioctl(2).
Taught fsck_ext2fs(8) about MAXPARTITIONS, to let it operate on partitions "i" through "p".
Guard against a compiler optimising away a comparison against NULL-1 in fsck_ext2fs(8) and fsck_ffs(8).
Made isakmpd(8) keep the flow until last ipsec(4) SA is deleted, if the flow is shared by multiple SAs via NAT-T.
Fixed memory leaks in fuse(4).
Initial support in em(4) for integrated Lynx Point ethernet with external i217 and i218 PHYs.
Bring back check of driver freeing uninitialised structures to urndis(4).
Security update to nginx(8) version 1.4.4, which fixes CVE-2013-4547 (see http://mailman.nginx.org/pipermail/nginx-announce/2013/000125.html).
5.3 and 5.4 SECURITY FIX FOR nginx(8) CVE-2013-4547. A source code patch is available for 5.3 and 5.4.
Updated to libdrm 2.4.47 for drm(4).
Changed /dev/drm* permissions to 0600.
Correctly set verify flag on the smtpd(8) listener.
Fail if smtpd(8)'s lka can't load the certificate file.
Added newer ssh(1) protocol 2 transport cipher "chacha20-poly1305@openssh.com",
Removed disksort from the kernel, now that all the direct users have been removed.
rthread shared semaphore fixes: sem_init(3) shared semaphores now work; in sem_open(3), initialise the spinlock if we created the semaphore.
Added gpio(4/armv7) support for omap3/4 and am335x; added omgpio(4) manpage.
Reworked smtpd(8) mda and scheduler to limit the number of pending deliveries to the same user.
Delay closure of sshd(8) in/out fds until after "Bad protocol version identification..." message, as get_remote_ipaddr/get_remote_port require them open.
Added the autoinstall configuration to the list of files stirring the random(4) pool at install.
Moved the GTT management into the intel(4) drm driver.
Backed out intel(4) DRM_IOCTL_I915_GEM_WAIT commit (which left X(7) unusable on resume on some machines).
In install.sub, try to fetch a host-specific responsefile, fallback to a generic one otherwise.
Allow "*" in the user part of mail addresses in smtpd.conf(5).
Impose a limit on the number of inflight envelopes on smtpd(8).
Enabled MSI on the remaining re(4) chipsets.
While autoinstalling, decide whether to install or upgrade from DHCP attribute "filename".
Give /dev/drm0 to the user logged on the console and/or xdm(1), to allow running of OpenGL applications.
Bugfix for pf(4) so a "prio" value of a match rule is not overridden by a later pass rule.
Fixed xf86-video-nv shadow framebuffer implementation for nv(4).
When smtpd(8) is looking up an MX, parse the address if the domain is a "[ipaddr]" string.
Converted trunk(4) to use a detachhook.
Added ugl(4), a driver for Genesys Logic GL620USB-A USB host-to-host link cable. Derived from upl(4).
Unhooked radeonold from the build.
Merged in libdrm 2.4.47 for radeon(4).
Removed unused /dev/X0 entries.
On luna88k, map the bitmap planes of the frame buffer used by the driver. 10% speedup under X(7).
On luna88k, allow ddb(4) to be entered from the keyboard, when there is a glass console and ddb.console=1, with ctrl-alt/zenmen-esc.
Enabled 802.11a support in wpi(4) such as Intel PRO/Wireless 3945ABG rev 0x02.
Reverted r1.858 of sys/net/pf.c, as it caused panics.
Added ugl(4), a driver for Genesys Logic GL620USB-A USB host-to-host link cable. Driver is derived from upl(4).
Bring back stack scanning/dropping of IPv6 type 0 routing headers, but only engage this code when pf(4) is disabled.
Don't fail when an em(4) has no MAC address, and move on to the logic that addresses this.
Fixed setups with ipsec(4) and ifbound, so all local IPSec packets (tunnel->tunnel) match state in pf(4).
Kill the activate routine in ucom(4) and adapt the parent process to no longer call it.
HID cleanups in uhid(4), uhidev(4), ukbd(4), ums(4) and utpms(4), including cleanup match/attach multi-casting.
Made athn(4) tick calculation work as intended. Should fix excessive timeouts and "Michael mic" errors.
Cope with the EAGAIN API change for msgbuf_write(3) in various daemons.
Improvements for sppp(4) address assignment and related issues in IPv6CP; deal with IFID collisions instead of ignoring them; use arc4random(3) during IFID generation; assign destination address to /128 point-to-point links.
Fixed isakmpd(8) parameter types for X.509 routines.
Be more specific in ksh(1) ulimit error messages.
Fixed ^C handling in miniroot.
Setup pfkey timer before use in iked(8). Ignore messages meant for other daemons, like isakmpd(8) does.
Fixed automatic retry in msgbuf_write(3) on EAGAIN (which resulted in spinning).
Ignore empty lines and empty answers in install.conf.
Fixed usbd_dopoll() to take the device as argument (polling is done per controller not per interface).
bgpd.conf(5) knob added, to set priority of routes bgpd(8) inserts into the kernel routing table.
Disabled smtpd(8) forward(5) lookup if sticky bit is set on homedir.
Fixed case-folding issue with smtpd(8) pki names (they are case-insensitive). Check that a pki entry exists when used in a listen or relay rule.
Don't set the TENTATIVE flag on an IPv6 address that is marked as NODAD (otherwise address is rendered unusable).
Ensure that install.conf is non-empty and is re-fetched on every restart of the autoinstaller.
Improved on cwm(1) fix in r1.35 of event.c. If UnmapNotify event is synthetic, set the state to Withdrawn or Iconic ("hidden").
Implemented sd(4) card detection in armv7. Fixes "sdmmc0: can't enable card" on beaglebone black when there is no card.
Fixed bootloader random hangs while counting down on LUNA-88K2; applied same logic to luna88k/dev/timekeeper.c.
5.3 and 5.4 RELIABILITY FIX: fixed vnode(9) locking so an unprivileged cannot hang the system.
A source code patch is available for 5.3 and 5.4.
bpf(4) bpf.c r1.84 returns, this time without panic(9).
Disabled kerberos(8) support in cvs(1) (only used by the strongly-discouraged pserver).
Set "to" address to INADDR_BROADCAST (not "from" address) when dhclient(8) is trying to send broadcast request to server.
Updated to xf86-input-keyboard 1.8.0.
Reverted recent bpf(4) changes to stop "panic: timeout_add: to_ticks (-1)".
Follow RFC 2131: when dhclient(8) is renewing a lease begin by using unicast, fall back to broadcast.
Put back the border draw call in cwm(1) client_resize (needed for redrawing maximised clients).
Cleaned up the activate routines from the uoaklux(4), uoakrh(4) and uoakv(4) drivers.
Re-enabled hardware acceleration on intel(4) Haswells.
Fixed calculations using ticks in bpf(4), athn(4), and radeon(4) to cope with the tick value wrapping.
Bugfixes to drm(4) i915 code to avoid possible Haswell system hangs and GPU locks.
In drm(4) i915, fixed context sizes on HSW (Haswell graphics).
When the mandoc(1) parser is closing an explicit block that is not open, also close below-subsection implicit scopes.
In the mandoc(1) formatter, make sure indentation is reset when leaving a scope, not only when entering the next one.
Fixed mandoc(1) blank lines rendering right after .SH and .SS.
Added mandoc_char(7) support for Unicode characters alternative syntax \C'uXXXX'.
Many font packages updated.
Added fcu(4/macppc) to RAMDISK ,to avoid playing a fan symphony when installing/upgrading some PowerMac G5s.
Stopped growfs(8) assuming the disk sector size is 512-bytes and using p_size as the full partition size.
Corrected the netstat(1) printout of socket buffer counts.
Abort autoinstaller if no sets are found in install_files(), or in case of an invalid answer to a yes/no question.
In azalia(4), enabled snooping on Intel 8 Series HD Audio, and now recognise Realtek ALC221.
Merged in mesa version 9.2.2.
Support tmux(1) case insensitive searching in the same manner as emacs (any uppercase means case sensitive).
Make quota(1) work with DUIDs.
5.3 and 5.4 RELIABILITY FIX: avoid crash occurring on pflow(4) interface destruction.
A source code patch is available for 5.3 and 5.4.
Correctly redraw the top two lines in tmux(1) copy mode when they are selected.
Made sure vlan(4) detach hooks are executed in reverse order they were added.
5.3 and 5.4 SECURITY FIX: fixed memory corruption vulnerability in the post-authentication sshd(8) process with aes128-gcm@openssh.com or aes256-gcm@openssh.com keys.
A source code patch is available for 5.3 and 5.4.
Fixed regression in r1.101 of sys/dev/usb/uhci.c to avoid dereferencing an uninitialised variable when a uhci(4) transfer times out.
Made ssh(1) output the effective values of Ciphers, MACs and KexAlgorithms when the default has not been overridden.
Do not leak the detach hook when the parent interface of a vlan(4) is destroyed/removed.
Stopped autoconf(9) processing transfers when a uhci(4) controller is deactivated.
Backport remainder of the use_loginclass fix from sudo(8) version 1.7.9.
Search the userland buffer of dirent structures before falling back to getdents(2), for considerable speedup.
Fixed ssh(1) rekeying for AES-GCM modes.
Added support for the RTS5229 card reader to rtsx(4).
Added support for "Power Resources" for Dx states to acpi(4), so usb(4) is detected after resume on thinkpads.
Fixed assertion that could lead to orphaned messages left in the smtpd(8) queue after all envelopes are gone.
Format changes and expanded options in smtpd.conf(5).
Stopped mpii(4) running out of command slots when large numbers of devices are detached.
Fixed ifconfig(8) with IPv6 tunnel addresses (broken by recent vxlan(4) commit).
Removed iop(4).
Use DL_SETPSIZE() on i386 to set partition size. Fixes tree breakage.
Make sure seekdir(3) works even when dirp->dd_buf still contains some pending entries.
Fixed softraid(4) levels 0, 4, 5, and 6 to use all available space with partitions larger than 2TB.
Temporary cwm(1) keyboard focus fix for clients that neither populate wmhints nor wmprotocols (e.g. rdesktop).
Enabled locking of fields using the acpi(4) global lock when required.
Let fuse_opt_insert_arg() take an empty string as argument, to unbreak ntfs-3g.
Reserve the last page of the uvm(9) primary swap space, in case we need to place a hibernate signature there.
Hooked up nginx.conf(5) to the build.
The radeon(4) code that sets the DPMS mode may sleep, so do not run from a timeout, hand it off to a taskq.
Fixed ssh(1) rekeying for KEX_C25519_SHA256.
Enabled TX checksum offload in jme(4).
Removed unnecessary spinlock that slowed down pthread_getspecific(3).
Use curve25519 for default sshd(8) key exchange (curve25519-sha256@libssh.org).
Let ssh(1) support pkcs#11 tokens that only provide X.509 certificates instead of raw pubkeys (fixes bz#1908).
Replaced rc4 with ChaCha20 in crypto(9).
Made sure login_yubikey(8) does not log passwords, even if they are wrong.
Bring back spnego support into kerberos(8) gssapi as it used to be before the update to 1.5.2.
Push the pf(4) queues every 1/HZ using timeout(9); use a timeout for each HFSC-enabled interface.
Removed ray(4) from i386/amd64.
Hooked up sunxi bits for miniroot and ramdisk (tested on pcduino).
Use m_copydata() instead of mtod(), so routing messages compatibility code will work on strict alignment architectures.
Added missing bitfields to fuse(4) that are needed by gnome virtual filesystem.
Fixed mkuboot(8) endianess for big endian architecture.
Made sure we send pflow(4) packets via the correct rdomain.
Re-added cwm(1) support for WM_TAKE_FOCUS. Solves keyboard input focus loss for java apps.
Enabled fuse(4).
Update UK dialling codes from ofcom information, and added 970 (Palestine), to share/misc/inter.phone.
Better defaults for the wsdisplay(4) screen burner settings: all unblank actions enabled (burning still disabled by default).
Removed a.out(5) support from compat_linux(8).
Installed fuse(4) headers in "make includes", to unbreak ports(7) builds.
Converted the route expire timestamp in kernel and routing message to 64 bit.
Switched the crypto(9) work queue to the task_add(9) api.
Re-enable compat_linux(8) on i386, now it is working with post-32bit-time.
Added a header for various hardware implementation dependent register (HID) definitions to macppc.
Make sure bioctl(8) -v output is properly aligned with the normal output.
Added smtpctl(8) "show relays" and "show hosts" commands.
Enabled native builds of the luna88k boot block and install it into /usr/mdec; copy boot blocks into /boot on the root disk in md_installboot().
Fixed some jagged diagonal lines when using ws(4).
Treat another OMRON UPS, BY35S, as ugen(4). Allows sysutils/nut to work on this device.
Allow kernels to compile without INET6.
Unbreak glxsb(4/i386) by properly allocating its key schedule.
Fixed potential file descriptor overlap by making sure that file descriptors zero to two are always open when starting slowcgi(8).
Added missing "heloname" field for smtpd(8) relayhost; differentiate relays with different helotable/heloname.
Emit an extra "config" convenience target that allows one to rerun config(8) without changing directories.
Use "/etc/mail/mailname" instead of "/etc/mailname" in smtpd(8).
Report smtpd(8) mta sessions errors on the route (not the MX). If a route has too many such errors, disable it for a while.
sshd_config(5) PermitTTY options to disallow TTY allocation, mirroring the no-pty authorized_keys option (bz#2070).
Moved most of the uses of workqs in drm(4) to the new taskq api. Fixes hangs on radeon(4).
Let vmwpvs(4) get hotplug events from the hypervisor, so you can add and remove disks at runtime.
Introduced tasks and taskqs (e.g. task_add(9)). Ongoing replacement of workq_add_task(9) and posse.
Unlock the vnode(9) while calling a device's d_close routine, to ensure the device close routine doesn't block indefinitely.
First steps of a native luna88k bootloader, able to boot elf(5) kernels with symbols from disk or network.
On armv7, enabled blocksize > 512.
Allow smtpd(8) to accept credentials formated as "<user> <passwd>", and empty alias files.
Report the ssl certificate verification status in the smtpd(8) mail header; log ssl certificate validation errors; fixed several ssl-related leaks.
Use the correct value for the Interframe Gap Time 0 bit in the usb(4) transmit configuration register.
Revamped armv7 ramdisk and miniroot creation process; installer can recognise the SoC and makes decision based on it.
Added -A (-ax) support to ps(1)
Removed fddi(4) support and the three flavours of the driver, fpa(4), fea(4) and fta(4).
Make prcm(4/armv7) aware of the GPIO modules on armv7 machines.
Made smtpd(8) handle the case where the filter string is quoted.
Fixed a potential race when several smtpd(8) relays share a single domain (resulted in temporary delays/failures).
Make sure that the kernel symbols area isn't marked as free space on armv7.
bzero(3) some smtpd(8) structures before using them, to be safe.
Improved elf(5) handling, so mkuboot(8) will create valid images running on 64-bit systems.
Support added for unattended OpenBSD installations, using DHCP and a response file.
Added support for AUTH LOGIN in smtpd(8) mta.
Fixed smtpd(8) parsing of inet6(4) addresses when prefixed with "IPv6:"
Allow smtpd(8) mta to "hold" envelopes in the scheduler when it has too many tasks for a given relay.
Fixed the timer on sunxi A20 boards.
Abort early if another smtpd(8) instance is running.
Fixed makefile, to make sure we build the manual pages of all architectures on macppc.
Enabled gpioctl(8) for armv7, and added associated devices on armv7/sunxi.
Fixed traceroute6(8), nc(1) and telnet(1) when the -V flag is not given.
For sunxi boards where u-boot doesn't set MAC address (e.g. pcduino), generate address based on the Security ID (SID).
Updated xkeyboard-config(7) to version 2.10.1.
Fixed ssh(1) crash caused by previous commit which occurs when using ProxyCommand.
Fixed/re-enable re(4) RX checksum offload for 8168C/8168CP. Flag was accidently removed with rev 1.140 of sys/dev/ic/re.c.
Let smtpd(8) local enqueuer cope with the output of a long running program; use sendmail(8)-like exit status.
Allocate smtpd(8) key storage dynamically, instead of using a fixed size buffer.
Made sure cwm(1) client_delete does not try to destroy clients that are already gone (and generate spurious errors).
Don't let smtpd(8) ignore "remove" requests for an envelope which is inflight.
Improve reporting in smtpctl(8): when sending a request to the scheduler, wait for the success/failure report; report the total number of affected envelopes for schedule, pause, resume and remove envelope operations.
Stopped falsely assuming that the icmp(4) checksum field is always in the first mbuf(9) of an mbuf chain.
X11 clients added to the aviion architecture.
Fixed off-by-one when mpii(4) is calculating the length of an sgl segment.
Fixed regression that made the pandaboard panic when it tried to enable PRCM_MMC0 on the omap4.
Added support for xbox 360 controller as a uhid(4).
Added support for the hardware random number generator on octeons, octrng(4).
Understand node contexts when smtpd(8) is building the expansion tree (e.g. same delivery for different users, or as a different destination address).
Fixed USERINFO and CREDENTIALS lookups in the (experimental) smtpd(8) sqlite backend.
Plugged smtpd(8) memory leaks on update.
nm(1) output on archives on mips now displays correctly.
Fixed sendmail(1) to cope with filesystems with large f_bavail values.
Do not rely on u-boot to enable mmc clocks on armv7.
Do not fatal() smtpd(8) immediately on write error. Fixes bug where the server would stop if smtpctl(8) exited early.
Don't try to resolve hostnames when a ssh(1) ProxyCommand is set unless the user has forced canonicalisation.
Disallow empty Match statements in sshd_config(5), and add "Match all", which matches everything.
Periodically print progress and, if possible, expected time to completion when screening moduli(5) for DH groups.
Include local address and port in sshd(8) "Connection from ..." message (only shown at loglevel>=verbose).
Enabled TX checksum offload in bnx(4) and bg(4).
Allow traceroute6(8) to operate across a nat64 gateway.
Made slowcgi(8) loop around waitpid to catch all exited children, as there is no guarantee of one signal per child.
Added support for displaying the cache write policy of RAID volumes to bioctl(8); make mfi(4) pass up the necessary information.
Added key to tmux(1), to swap to other end of selection (bound to o with vi keys)
Overwrite icmp(4) type-specific nextptr field only when pf(4) changed it, to fix icmp(4) to icmp6(4) translation regression.
In pthread_kill(3)/pthread_cancel(3), make sure the thread ID won't be reused until the kill(2) is complete.
Allow uppercase "K/M/G" specification in "machine memory" boot(8) command on i386/amd64.
Relative-specified ssh-keygen(1) certificate expiry time should be relative to current time and not the validity start time.
Hostname may have %h sequences, these should be expanded prior to ssh(1) Match evaluation.
Made roff(7) parse and ignore .hw (hyphenation points in words).
Save "next-server" (a.k.a. siaddr) info into the dhclient.leases(5) file.
Added SMC_CAPS_SINGLE_ONLY capability to sdmmc(4), to force the sdmmc stack to only issue single blocks transfers.
Resolved an issue where icmp(4) traffic with pf(4) nat-to failed due to incorrect checksums.
Added support for allwinner-based devices (A1x/A20) such as the cubieboard to armv7.
Removed arc4random_stir() and arc4random_addrandom(), which should not be called directly.
Unbreak mg(1) make-directory by stripping trailing "/".
Stopped slowcgi(8) leak fds in the fork(2) error path.
Added support for sdhc(4) to detect GPIO pins on the i.MX6 wandboard.
Added a pmtu delay sysctl(8) BUTTON for netinet6.
Enabled vxlan(4).
Made dhcpd(8) use provided netmask in "subnet" statements, allowing later comparisons with interface addresses to work properly.
Added load_font and list_font accessops to all rasops(9) wsdisplay(4) drivers, e.g. tga(4) and gpx(4/vax).
Fixed pf(4) icmpid bug (only affected icmp(4) echos via nat, when the nat doesn't change the address).
Allow a user to switch telnet(1) to rdomain zero.
Made nc(1) set the requested rdomain on the socket instead of only on the IPv4 part; allow switching to rdomain zero.
Added rdomain support to IPv6 configuration tools ndp(8), rtsold(8), ping6(8) and traceroute6(8).
With disklabel(8) -A, take 10% for swap, setting a maximum based on physmem.
Introduced the "display.font" parameter, which requests the wsdisplay(4) driver to change the display font.
Enabled support for vmware paravirtual SCSI via vmwpvs(4) on i386/amd64.
Built-in kernel fonts will now appear in the list of font usable by wsdisplay(4), vga(4), rasops(9) and wsfontload(8).
Eliminate global limit on the number of fonts able to be loaded by wsdisplay(4).
In hibernate for i386/amd64, temporarily reverted "Realmode park" mode.
Do not run any command from the client which starts the tmux(1) server until after the configuration file completes loading.
Let wsfontload(8) report i/o errors on stdin as occurring on "stdin" not "(null)".
Added i386/amd64 boot(9) support for keydisk-based softraid crypto volumes.
If a font is not a file, wsfontload(8) now computes the numbers of characters it contains from its size, instead of assuming 256; default to 12x22 glyph instead of 8x16 if the display is a raster frame buffer.
Updated to xf86-video-dummy 0.3.7 and xf86-video-vesa 2.3.3.
WSDISPLAYIO_GTYPE ioctl support added to radeon(4) and intel(4) KMS drivers.
Fixed resume time stream corruption seen on x230 with large (16GB) unhibernation.
Allow hibernate to work on Ivy Bridge and later CPUs.
Don't turn on ModifyOtherKeys by default, as when tmux(1) is killed and it's left stuck on.
slowcgi(8) now properly reserves file descriptors for incoming connections.
Fixed some spurious failure-to-hibernate errors.
Removed the noct(4) driver.
In the ssh_config(5) "Match" section, renamed the "command" sub-clause to "exec".
Parse the argument the -r option with atoll(3) to support dates past 2038
Reverted r1.138 of pp/cwm/client.c (WM_TAKE_FOCUS) for now.
ip6_input() adjusted to remove double scanning for routing header type 0 in the IPv6 stack, as pf(4) handles this anyway.
No longer make cwm(1) redraw unnecessarily on every unhide, resize, and mouse move/resize "Expose" event.
Improved address and linkstate hooks, added additional detach hook to track changes on the parent multicast interface in vxlan(4).
Support the hibernate key (Fn-F12) on thinkpads.
Enabled TX checksum offload on em(4).
In crontab(5), added a random sleep of up to half an hour to distribute the server load from spamd-setup(8).
Merged bgpd.conf(5) prefix and prefixlen filter components into one filter, so rules are grouped by prefixes last.
slowcgi(8) now keeps better track of fds, to only close those still open. Avoids closing random fds from other connections.
Fix receipt of OID varbinds when snmpd(8) is sending traps.
When we attach a network interface, do not reuse the last index. Avoids some race conditions.
Simplified pipex(4) checksum handling.
Stop pre-computing the pseudo header checksum and incrementally updating it in the tcp(4) and udp(4) stacks.
Fixed some 512-byte block vs disk sector confusion on hppa and sgi.
For cwm(1) clients that support WM_TAKE_FOCUS in their WM_PROTOCOLS property, send a ClientMessage event.
Don't silence stderr from pkg_add(1) when running fw_update(1) in verbose mode.
UTF-8 support for wsdisplay(4) emulation modes, so vt100 and sun emulation recognise xterm-compatible escape sequences ESC % G and ESC % @.
When rasops(9) can't find a proper glyph for a requested character, use a question mark instead of a space.
Bugfix update to nginx(8) version 1.4.3.
Disable global page mappings before we start to unpack on i386/amd64 using acpi(4), for more robust hibernate.
Use openlog(3) in slowcgi(8) to log to syslog(3).
Made slowcgi(8) set FD_CLOEXEC; fixed some pointer calculations.
Adjusted the disklabel(8) editor to allow more space for swap on large disks (e.g. useful for hibernation).
Allow hibernate to run the radeon(4) suspend code before mountroot.
Prepared the route(8) command for printing 64 bit route expire time; fixed conversion between relative and absolute expire time.
Include remote port in ssh(1) bad banner message (bz#2162).
pf.conf(5) cannot have queue definitions inside anchors, don't let pfctl(8) attempt to load them, error out if we run into one.
Updated snmpd(8) to use the proc.c privsep style from iked(8) and relayd(8).
Remove support for a.out(5) and ecoff on all platforms (we only do elf(5) now).
"fsync@" protocol extension for sftp-server(8). Client support for calling fsync(2) for faster transfers (bz#1798).
snmpd(8) -r option removed.
Support added for oaic in the aviion boot blocks.
Moved creation of "restricted" communication sockets into snmpd.conf(5); added ability to specify an alternate "control" socket location; allow for the creation of multiple "restricted" sockets.
Prefer acpi(4) over apm(4/i386) on i386.
Implemented ssh(1) client-side hostname canonicalisation. Avoids need for host certificates to list unqualified alongside fully-qualified names.
Stopped ldpd(8) binding a label for the default route.
avoid ldpd(8) segfaults by passing the ldpd_conf structure as an argument.
The disklabel(8) variables aflag and dflag are boolean, so use logical instead of binary operators for comparison.
Improved ldpd(8) parsing of LDP messages; proper notification messages on error conditions.
ldpd(8) now ignores messages that have Unknown flag set.
Added support for ERL ethernet on octeon (which can now be booted over NFS).
Driver added for the oaic(4/aviion) AIC-6250 SCSI controller found on aviion models 100, 200, 300, 400 and 4300.
Fixed tmux(1) detach -a, by skipping clients where the session is NULL.
Added a "Match" keyword to ssh_config(5) that allows matching on hostname, user or result of arbitrary commands.
Made logging of ssh(1) session starts a more useful format.
Check for invalid values in the routing message, to stop root crashing kernel from userland.
Fixed hangs seen when unplugging a USB keyboard which was attached to an uhci(4).
Added 7.5kbit Diffie-Hellman groups to moduli(5).
Count number of lines in moduli input file and pass to the testing ssh-keygen(1) process, to provide completion time estimate.
Made roff(7) parse/ignore the .fam (font family) request. Fixes irunner(1) and uim-xim(1) ports.
Use crunchgen(8) DIST_LIB/DIST_OBJS hooks to make it possible to link crunched binaries against libraries compiled with smaller objects.
Fixed regression introduced when macppc pci(4) started parsing device tree to enumerate devices, so ht(4/macppc) controllers work.
Added libefi to mandoc(1), and simplified some names.
Set the default vxlan(4) MTU to full 1500 bytes.
Imported vxlan(4), the virtual extensible local area network tunnel interface.
Standalone hfsc implementation added to pf(4), for the new bandwidth shaping subsystem (altq stays during migration phase).
Let systat(1) adapt to recent queueing changes.
Add initial RTL8106E and RTL8168G/8111G support to re(4).
Fixed hang-on-close problem seen with ssh(1) and xterm(1) when a closed pty(4) is poll(2)'ed.
Changed pf(4) to prevent non-data packets from being dropped.
Stopped tmux(1) leaking file descriptors in the rare MSG_VERSION case.
Updated to freetype 2.5.0.1.
Added support for am335x edma3 controller to armv7.
When tmux(1) is respawning, pass -1 for cwd now (not NULL).
Show session name in tmux(1) detached message.
Alter how tmux(1) handles the working directory: -c flag to new, neww, splitw allows the working directory to be overridden; -c flag to attach let's the session working directory be changed; default-path option has been removed.
Make tilde expansion in tmux(1) command strings work even if it isn't terminated by /.
Instead of fixed size buffers for some tmux(1) messages, send only the string length; similarly for MSG_COMMAND - allow full imsg limit (not arbitrary 2048).
When mouse button is pressed within a tmux(1) pane, no longer resize the pane if edge of the border is later hit.
Support tmux(1) -c for new-session.
Upon mouse click, stopped tmux(1) selecting panes which aren't visible.
Restored missing tmux(1) key binding for %.
Ensure the tmux(1) check on the permissions of TMUX_TMPDIR is performed on directories only (not files).
Clear tmux(1) WINLINK_ALERTFLAGS properly, otherwise sessions may still see flags for winlinks which have been cleared.
When tmux(1) choose-tree expands/collapses items, ensure the item is visible at the bottom of the screen.
Made tmux(1) assign mouse x/y coords before checking them. Fixes off-by-one when the statusbar is at the top of the screen.
Allow tmux(1) to accept multiple parameters to SM/RM/DECSET/DECRST.
Only include actual trailing spaces (not unused cells) with tmux(1) capturep -J.
Allow tmux(1) nested format expansion.
Allow the file descriptor received from the tmux(1) client to be -1.
Extended tmux(1) to handle input mouse positions greater than 33.
Make tmux(1) recalculate_sizes() handle an empty window with no active pane. This can happen when a window is in two sessions.
Stopped tmux(1) leaking formats if they are added multiple times, and leaking grouped sessions on destroy.
Fixed potential tmux(1) crash when a command in a command client can't be parsed.
Stopped tmux(1) adding client formats when they are NULL.
Fixed sshd(8) re-exec fallback, by ensuring that startup_pipe is correctly updated (bz#2139).
Added ability to whitelist and/or blacklist sftp protocol requests by name to sftp-server(8).
Changed "physical address" to "tunnel:" in ifconfig(8)'s tunnel address output.
Merged binutils 2.15 einfo() buffering change to binutils-2.17.
Enabled oosiop(4) synch negotiation.
Various fixes to make kiic(4/macppc) work on some G5s.
Fixed Powerbooks regression, where one of the two kiic(4/macppc) would timeout when trying to configure the audio chip.
Made syslogd(8) trim leading white space from the message before trying to extract the program name.
Include the "state of health" field in the mfi(4) "bbu ok" (battery capacity) sensor value.
Stopped pf(4) leaking ruleitems from match rules when hitting a per-rule max state limit.
Allow bgpctl(8) to bulk add/delete routes with the same attributes. Really useful for distributing IP lists.
Fixed dixfonts from upstream for CVE-2013-4396 (use after free in Xserver handling of ImageText requests).
When available, use monitor/mwait to idle on i386/amd64.
Early stages of a working disk bootloader for OpenBSD/aviion. Currently limited to oosiop(4) controllers
Increased the size of the Diffie-Hellman groups requested for a each ssh(1) symmetric key. New values taken from NIST 800-57, upper limit from RFC4419.
Added vmwpvs(4), a driver for VMware Paravirtual SCSI in vmware guests.
Use CLOCK_UPTIME, so that vmstat(8) uptime averages/rates are over the actual time-running-not-suspended.
Fixed a segfault in ndp(8) -A to properly free the buffer when not in repeat mode.
Show number of sectors, not the number of 512-byte blocks, when newfs(8) is saying "n sectors of m bytes".
Allow snmpctl(8) to specify the "oid" option multiple times (e.g. "snmpctl walk 127.0.0.1 oid system oid ifName").
Added axen(4) device driver, for ASIX AX88178a and AX88179 Ethernet interfaces.
getdirentries(2) is dead; long live getdents(2).
Fixed mandoc(1) to allow breaking the line at hyphens in macro arguments (e.g. .Nd and most of the .%? citation macros).
Stopped mandoc(1) throwing a fatal error and dying if there is anything inside a .Bl block body before the first .It.
Added quirk to azalia(4) for ALC260 (found on Acer Extensa 6700).
Added CLOCK_UPTIME, a clock which measures time-running-not-suspended, used in clock_gettime(2) and other places.
Backed out POLLHUP change until a problem with xterm(1) hanging on close is fixed.
Support for the i.MX6-based Wandboard Quad added to the armv7 architecture.
Disabled interrupts in the re(4) interrupt handler. Fixes the occasional watchdog timeout when using MSI.
Removed Adaptec 2940 SCSI controllers from i386 RAMDISK kernels to make other things fit.
Use monitor/mwait to idle amd64 CPUs when available.
Change the default for the "default-path" option to ~ in tmux(1).
Updated to mesa 9.2.1.
In tmux(1), use open(".")/fchdir(2) to save and restore current directory rather than getcwd(3)/chdir(2).
Fix boot device matching in the presence of mpath(4) on hppa/hppa64.
poll(2) on a closed tty(4) now returns POLLIN|POLLHUP in revents when events is set to POLLIN, and POLLHUP when events is set to POLLOUT.
Added ntpctl(8), which allows us to query the locally running ntpd(8) process.
Fix tuner ioctl TVTUNER_SETFREQ in bktr(4) (broken after rev 1.30).
In mandoc(1), support roff(7) simple numerical conditions.
Support mandoc(1) setting and printing out arbitrary roff(7) number registers, preserving support for the ".nr nS" SYNOPSIS state register.
Fixed drm(4) incoherence with fence updates on Sandybridge and higher CPUs.
Kernel adjusted to print many daddr_t variables with %lld, and u_int64_t variables with %llu in many places.
Made it possible to correctly set up and label a vnd image with a boot area on aviion.
Emulate 64-bit drm(4) atomic operations on 32-bit architectures by using a mutex.
Replaced rc4 with ChaCha20 in arc4random(3).
Added initial SNMP client utility to snmpctl(8). For example, "snmpctl snmp walk 127.0.0.1".
In ld(1), make stderr buffered in einfo(), to speed up display of error messages on slower platforms.
Use PATH_MAX, NAME_MAX and LOGIN_NAME_MAX (not MAXPATHNAMELEN, MAXNAMLEN or MAXLOGNAME) in the C library.
Stopped drm(4)'s drmclose unreferencing objects while a mutex is locked.
Ensure the OpenBSD area of the disk does not enclose the boot area on the aviion architecture; added installboot(8/aviion).
On aviion, test whether the WHOAMI register exists before using it.
Two new libX11 locale(1) added: km_KH.UTF-8 and sr_CS.UTF-8.
Enabled mpath, rdac, and sym in GENERIC kernels to find bugs.
Ensure stack is 1:1 mapped before attempting to give control back to the PROM at halt/reboot time, so aviion can reboot.
Updated to: xserver 1.14.3; makedepend 1.0.5; xman 1.1.3; libX11 1.6.2; libXaw 1.0.12; libXmu 1.1.2; libXpm 3.5.11; libXrandr 1.4.2 and libXv 1.0.10.
poll(2) on a socket now sets POLLHUP on EOF, so socketpair(2) matches pipe(2) behaviour when the other end is closed.
Refined gio(4/sgi) frame buffer probe, to correctly detect a newport frame buffer on Indy if a HPC SCSI board is attached.
Correctly probe for the Ethernet chip on hpc(4/sgi) v1.5 expansion boards. Gets rid of "sq not configured" in dmesg(8).
In boot(9), do not iterate over alldevs if it is empty (e.g. halting from ddb(4) with ddb entered early with boot -d).
With even number of offsets, choose middle offset with lowest delay. Resolves uncertainty in the ntpd(8) REFID assignment.
Stopped the message that uthum(4)'s calibration offset is incorrect, when the offset is less than 1 degree C.
Stopped wd(4) incrementing the address the next i/o will start at by an incorrect amount.
IPv6 atomic fragments must not go into the pf(4) reassembly queue, but be processed immediately.
Use the cpuid vendor string (not model string) when enabling VIA specific amd64 code so the code works with Eden X2 processors.
Take into account that the iked(8) ike message header might no longer point to the same memory after buffer manipulations.
Make sure drm(4) vblank_time_lock blocks interrupts; made most atomic operations really atomic; removed all 64-bit atomic operations on 32-bit architectures. Potentially fixes some races/panics.
Sync most machine independent LANCE code (le(4/vax)); added ILACC (79900) support.
Stop traffic for a given usb(4) endpoint when a transfer reports an I/O error. Fixes ehci(4) looping with "ehci_idone:" messages.
Try to release the console if pckbc(4) fails to send the initial command byte, giving USB keyboards a better chance of attaching.
On hp300: Removed SLOWSCSI; increased scsi(4) target selection timeout. Booting kernel from disk now much faster.
Keep sudo(8) default env_keep to minimum required for pkg_add(1); env_keep for building src and ports moved to "wsrc" group.
Report each m88k cmmu on its own line in dmesg(8); fixed multiprocessor writeback logic.
Fixed luna88k installer, to add bsd.mp to the default sets if > 1 processor.
Stopped merging the per-thread and per-process flags when reporting them via sysctl(8) KERN_PROC.
Updated to: util-macros 1.17.1 and videoproto 2.3.2.
Merge unbound 1.4.21 and ldns 1.6.16.
Fixed tmpfs' uio_offset, to stop it skipping one entry for each block.
Fix an ino_t inconsistency to unbreak the build of fuse(4)'s libfuse.
Made aviion understand ELF files well enough to netboot kernels on AV530.
Switch to machine independent dart(4) driver on aviion.
Set top(1) a higher MAX_COLS, more reasonable for modern widescreen displays.
Fixed occasional SIGSEGV in privsep'd binaries (eg syslogd(8) and pflogd(8)) on sparc/sparc64 running on sun4/4c/4e.
Added support for root on NFSv3.
Configure pms(4) absolute mode for elantech v2. Synaptics driver now attaches to elantech v2 touchpads. Print the firmware version at attach time for reference in future bug reports.
Fixed panic in pipex(4) seen if pipex deleted a session via idle-timer when npppd(8) was frozen, causing use-after-free.
Don't assume the length of npppd(8) chap challenges.
Added length check for Proxy LCP and Authentication AVPs in npppd(8); also in 5.2, 5.3 and 5.4 stable branches.
Do no try to clear the uhidev(4) endpoint (as it if has stalled) if the USB transfer reported an I/O error.
Made ssh(1) BindAddress work with UsePrivilegedPort=yes (bz#1211).
Tell the client when their preferred ssh(1) listen address has been overridden by the server's GatewayPorts (bz#1297).
Store the initial file offset so the progress meter doesn't freak out when resuming sftp(1) transfers (bz#2137).
Get ethernet working on the edgerouter lite; added atphy(4) to RAMDISK and GENERIC.
Increased default number of ugen(4) device files: two are too few for modern standards.
Removed gssapi config parts from ssh_config(5).
Fixed mandoc(1) horizontal spacing for input lines beginning like ".Oc Ns".
Fixed mandoc(1) horizontal spacing where "Ns" macro follows a block-closing macro and the corresponding block-opening macro is not on the same line.
Reverted ksh(1), so commands executed via `foo` or $( bar ) inherit "set -e" status (as POSIX requires).
Updated to: twm(1) version 1.0.8; xclipboard(1) version 1.1.3; xclock(1) version 1.0.7; xinit(1) version 1.3.3; xkill(1) version 1.0.4; xlsclients(1) version 1.1.3; xmodmap(1) version 1.0.8; xrdb(1) version 1.1.0 and libSM version 1.2.2.
Bar pflow(4) if flowsrc is not set.
Fixed sign of returned error code for drm(4) i915.
Prevent hardclock(9) trying to schedule a softclock interrupt before its cookie has been allocated (this caused panics on macppc).
Added SM_PATH to the default env_keep in sudoers(5).
Added basic support for eMMC memory and enable it on the BeagleBone Black.
Revert previous sys/net/if.c diff to always increment the if(4) interface index (tun_switch() depends on this feature).
Avoid leaking mbufs in cpsw(4/armv7) failure paths.
Fixed ssh(1) connection crash when sending break (~B) on a ControlPersist'd session.
Switched to using arc4random in sqlite3(1).
Allow for 0-length "octet strings" in SNMP traps, so snmpd(8) conforms with ITU X.690 (ASN.1 definition document).
Correctly NUL-terminate the systat(1) cpu view array. Fixes a segfault on powerpc and probably others.
Fixed user(8) bug where owner/mode is not set on the user's homedir if the specified skeldir does not exist.
Added support for SM_PATH environment variable. sysmerge(8) can search this path for etcXX.tgz and/or xetcXX.tgz.
Disabled intel(4) blit acceleration on haswell (for now).
Allow BOOTP lease times and the options dhcp-lease-time, dhcp-rebinding-time, and dhcp-renewal-time to be controlled via dhclient.conf(5).
Added relayd.conf(5) support for ECDHE (Elliptic Curve Diffie-Hellman) to enable TLS/SSL Perfect Forward Secrecy (PFS).
Import nl(1) from NetBSD, with local changes (inc. "-" syntax for stdin, multibyte delimiter support from FreeBSD, code simplifications).
Fixed some omissions and flag errors for radeon(4) pci match tables, removed the duplicate table for i915.
Monochrome Xserver(1) now available on luna88k.
Fixed scsi(4) mpath "next path" selection. If the current path is NULL the machine will no longer panic.
Enabled vmx(4) on i386 and amd64.
Added a new systat(1) screen "cpu" listing the usage of each CPU core; new -B command line flag, similar to -b.
Changed default relayd(8) and ldapd(8) ciphers to HIGH:!aNULL.
Plugged a snmpd(8) memory leak when walking the pfTblAddrTable in PF-MIB.
Sync PF-MIB and snmpd(8) with the pf(4) table byte/packet counters for "match" rules.
Support added to arm for FreeScale's i.MX6 SoC.
Taught id(1) about the whoami(1) and groups(1) run modes (removes shell wrappers).
When slowcgi(8) is dumping FastCGI protocol headers during debug, also dump the "request begin" and "request end" protocol entries.
Made slowcgi(8) use the correct buffer size for memory allocation and reads.
Added ugold(4), a driver for PCsensor's USB gold TEMPer temperature measurement device.
Merged mesa version 9.2.0 into xenocara.
Set relayd(8) "toread" to 0 if we don't expect a body. Fixes handling of HTTP requests with a body (e.g. POST).
Add a proper suspend ksh(1) builtin that saves/restores the tty and pgrp as needed instead of using an alias (login shells may be suspended if they are not running in an orphan process group).
The beagle architecture has been replaced by the more generic armv7.
time_t and other random fixes from upstream merged into base nsd(8).
Added libtxc_dxtn 1.0.1, a DXTn/S3 texture compression library.
When a partition is changing to UNUSED, save kernel-set values on all partitions, not just open ones and keep the new partition type. Allows changing the RAW_PART partition (a.k.a. "c") to UNUSED.
Rewritten ARMv7 cpu cache discovery code (to remove false assumptions); fixed log2(3) on arm.
After resume, make the pms(4) driver wait longer when /dev/wsmouse is opened. Allows mouse to work after resume on x130e.
Updated to nsd(8) version 3.2.16.
Only free the per-protocol descriptor if a pms(4) touchpad cannot be correctly identified during attach.
Removed unnecessary calls to arc4random_stir(3) in ssh-keygen(1) and sshd(8). Increases available entropy.
Use arc4random(9) as the preferred random number source in fontconfig.
Properly pass daemon_flags to amd(8).
Update line buffer allocation on radeon(4). Fixes blank screen problems on dce4.1, dce5 and dce6 asics (see https://bugs.freedesktop.org/show_bug.cgi?id=64850).
Updated GLU to version 9.0.0. GLU was previously part of Mesa but is now separate.
Made sftp(1) "^w" delete the previous word, instead of the entire line. Matches ksh(1) behaviour.
Lock the audio mutex before invoking the audio(4) call-back. Fixes panics on zaurus.
Turn on mass storage interface for mfii(4).
If a slowcgi(8) script dies due to receipt of signal, pass that back to the HTTP frontend as the "application return status".
Use PCIe capability version 2 when displaying link speeds with pcidump(8).
Fixed handling of getdents() against UDF filesystems.
Use arc4random_buf(3) in iceauth(1).
Added iwn(4) support for advanced btcoex.
Allow setlocale(3) (LC_MESSAGES, ...); to succeed. Stops some ports (e.g. gnome) from freaking out.
Quieten ssh-keygen(1) batch processing; exit with non-zero if asked to find a non-existent hostname in the known_hosts file.
When we attach an inet(4) interface, avoid races by not reusing the last index.
Enabled RS400/RS480/RS690 in radeon(4).
Non-integrated radeon(4) >= r600 parts will now try to enable PCIe 2.0/3.0 speeds if the PCIe root port advertises those speeds.
Made mpath(4) path driver "match routes" return 8, so they will definitely be higher than the real device drivers.
Assume roundrobin path scheduler type within a group of mpath(4) paths now (sym(4) devices work around this by putting every path in its own group).
When pmap(9) flushes page from all caches, writeback on all CPUs. Fixes spurious m88k segmentation faults.
Updated xterm(1) to version 296 (with sixel graphics disabled for now), DejaVu Fonts to 2.34 and libX11 to 1.6.1.
Simplified xvctl(1), a utility to get or set Xv(3) extension values.
Replaced rand(3)/random(3) calls with secure arc4random(9) in npppd(8)'s radius authentication, make(1) and route6d(8).
Implemented handling of group failover in mpath(4).
New slowcgi(8) option to specify an alternate FastCGI socket on which to listen.
Introduced the idea of groups of paths to mpath(4). Only paths on the first group in the list will handle io now.
Adjust startup sequence so mpath(4) attaches before other hardware.
Make ommmc interrupts show up in vmstat(8) -i, systat(1), etc on beagle.
Updated to pixman 0.30.2.
Allocate and deallocate memory for encryption contexts within cryptosoft. Removes the need for zerokey functions.
Make disklabel(8) partitions from "i" to "p" functional on luna88k.
Initialise loongson pcimap earlier, to make sure its value is not tested before initialisation (only affects 2e systems).
Fixed usage of fork(2) in programs linked against libpthread on m88k 88100 processors, where the parent thread would spin.
Updated to Xserver(1) version 1.14.2.
Replaced random(3) with arc4random(9) in libevent.
Fixed minor discrepancies with ix(4) link state handling.
Stopped oce(4) and ix(4) calling if_link_state_change if link state is not changed.
Fix memory initialisation for octeons that have less than 256MB.
Stir PRNG after sshd(8) runs post-accept fork. The child gets a different PRNG state anyway via rexec and explicit privsep reseeds, but it's good to be sure.
Do not let netstart(8) create a route to alias addresses via 127.0.0.1 (the stack is able to tell if the address is local or not).
Correct format string mismatches in various code turned up by gcc(1) -Wformat=2.
Added acpi(4) indicator sensor to acpibtnX, to reflect lid status when available. Useful for people not using machdep.lidsuspend.
With wsdisplay(4), use the console locator to make sure wsdisplay0 is always the glass console on i386/amd64.
Use int64_t in the spamdb(8) greylist db file, with backwards compatibility for records with 32-bit times.
Fixed build of ix(4) without vlan.
Added urtwn(4) to the sgi kernels where it makes sense.
Added nc(1) -F flag to enabled fd-pass mode: establish connection and pass connected socket to stdout.
Remove uscanner(4). Disabled in GENERIC long ago (when libusb became the preferred solution for USB scanners).
Enabled mpii(4) on sparc64.
Added ssh_config(5) ProxyUseFDPass option, to establish a connection and then pass file descriptor back to ssh(1).
Make pf(4) "match quick" abort ruleset evaluation with the current block/pass state, rather than continuing on.
Fixed kernel profiling on powerpc architectures (broken since the buffers were made per-cpu).
Fixed prototypes of do_load_half() and do_load_byte() on m88k to stop obscure bugs in awk(1) and elsewhere.
Disable appleagp(4). It doesn't really work yet, and hurts certain iBook G3 models (PowerMac4,3).
Fixed xf86-video-ati shadowfb on big-endian machines.
Updated to: xload 1.1.2, xprop 1.2.2, xset 1.2.3, libXfont 1.4.6 and xwd 1.0.6.
Stop dhclient(8) creating a route to the bound address via 127.0.0.1, as the stack should be able to correctly short-circuit packet routing to local addresses without this.
Make the vgafb(4) console correctly restore when exiting X(7).
Stopped macppc pretending to support non-console devices, because vgafb(4) only matches the framebuffer device setup by the firmware.
Use %lld and cast to long long when passwd(1) is printing time_t values, and atoll(3) when parsing them.
For ikectl(8), snmpctl(8) and rdate(8) use %lld and cast to long long when printing time_t values.
Enabled radeondrm(4) on macppc.
Use mapiodev to do the initial mapping of vgafb(4). Allows radeondrm(4) to bus_space_map(9) it without panicking.
Updated to xf86-video-ati 7.2.0. Fixes endianess problem with kms.
Avoid integer overflow in sector calculation reading UDF DVDs, which broke reads past 2GB.
On luna88k, check number of planes (1, 4, or 8bpp) in framebuffer by ourselves (PROM gives false values). Lets monochrome X(7) server work correctly with a 4bpp framebuffer.
Enabled radeondrm(4) on sparc64.
Align stack yp(8) buffers to 64-bit boundaries now, for they might contain a struct passwd(5).
Blast uhts(4), as the code was merged into ums(4) last week.
Stop defining SIOC{S,G}ETVLAN as SIOC{S,G}IFGENERIC. Lets vlan(4) handle pppoe(4)-specific ioctls and vice versa without smashing the stack of the caller.
Make sure "drm.h" gets generated on all architectures that support pci(4), making alpha and loongson compile again.
Set bgpd.conf(5) to filter the IPv6 Discard-Only prefix, because it should not be globally routable (see RFC6666).
Rewrite the internals of the bgpd(8) RDE reload logic. First step to make reload non-blocking. Speeds up the reload time, should also fix a few edge cases on reloads.
Enforce that the ls_id and the adv_rtr field in a type 1 router LSA are the same. This will drop updates trying to attack the ospfd(8) LSDB.
Only skip dhclient(8) address deleting/adding and route deleting/adding on identical lease when we are in state S_RENEWING. Makes sure we end up with an IP address on the interface.
Don't depend on a list of archs to determine endianess, unbreaks X(7) gallium build on sparc64.
Let fw_update(1) handle firmware for radeondrm(4).
Allow the user to specify which firmware to install with fw_update(1), or to install all of them using the -a switch.
Updated iceauth to 1.0.6 and xfwp to 1.0.3.
Let the Xserver(1) handle more /dev/drmN devices.
Improved pci(4)'s VGA arbiter support now the kernel can give us information about the resources required by a particular device.
Moved ray(4) to the attic.
When handling puts from a client, tftpd(8) will now close the file once downloaded, instead of waiting until after we clean up the client .
Remove bogus refcounting of usb(4) pipes, to avoid memory leaks and potentially aborting a pipe when requests are still pending.
Made the tree compile again on architectures without drm(4).
Switch time_t, ino_t, clock_t, and struct kevent's ident and data members to 64bit types; build perl(1) with -DBIG_TIME.
Add the tcp(4) socket option TCP_NOPUSH to delay sending the stream. Useful to aggregate data in the kernel from multiple sources, avoids sending small packets.
ps(1) flags are split between thread and process but it is useful for ddb(4) to show both. Show both in ps overview, list them explicitly for the specific thread.
Match macppc framebuffer device against its OpenFirmware node, to enable sharing of console detection logic with sparc64 in radeondrm(4).
Build mesa radeon(4) drivers on sparc64; switch to gallium drivers for r300 and r600.
Enabled xf86-video-ati kernel modesetting support.
Added TTM and radeon(4) DRM code. Includes kernel modesetting, framebuffer console and support for newer hardware.
Fixes for as(1) on mvme88k: provide 88110 syntactic sugar for the control register names; correctly handle -m options; allow the register prefix to correctly be recognised in front of the condition codes.
Cancel timeouts on pflow(4) interface destruction.
Plugged file descriptor and memory leak in fuse(4)'s fuse_open() error path.
Fixed a potential race on luna88k, where a secondary cpu incorrectly resets variables on the primary cpu.
Merged uhts(1) into ums(1).
Added rc.d(8) scripts for ipropd-master and ipropd-slave.
Added urtwn(4) for upgrades to macppc ramdisk.
Enabled ctrl-left-arrow and ctrl-right-arrow to move forward/back a word in ssh(1); matching ksh(1)'s recent change.
Do getopt parsing for all sftp(1) commands, to ensure consistent behaviour.
Implemented the roff(7) font-escape sequence \f(BI "bold+italic".
Made it possible for graphics drivers to opt-out of VGA arbitration.
Neither the flow control diff nor the RX checksum offload diff is responsible for gem(4) hangs, so put them back.
Bugfix update to nginx(8) version 1.4.2.
Build libdrm_radeon on sparc64.
Create drm(4) device nodes on sparc64 and create additional entries on amd64/i386/macppc for running with multiple cards.
Fixed sftp(1) regression: symlinking a file would incorrectly canonicalise the target path (bz#2129).
Disabled libexec/identd and enable usr.sbin/identd(8).
After a panic(9), do not fill up the dmesg(8) with splassert messages. They scroll away the important information.
Another major overhaul of the inteldrm(4) GEM code.
Make sure states learnt via pfsync(4) from a peer with the same ruleset checksum get properly assigned to rules.
Stopped gcc(1) warning on missing newline at EOF. Matches the behaviour of gcc >= 4.3 and clang.
Moved check in mktemp(1) for template length, so error message is also shown in the -t case instead of EINVAL.
Make user(8) write UIDs/GIDs as unsigned in the passwd file and error messages. Matches what pw_scan(3) expects.
Switched vax to gcc(1) version 3.3.6; removed gcc(1) version 2.95 from the tree.
Fixed mandoc(1) bug by reverting r1.10 of term.c: after a leading blank on an output line, don't generate a premature line break.
Updated ix(4) to the Intel/FreeBSD current version. Brings support for the flow control and additional (untested) bits for 1G fibre versions.
Enabled MSI on re(4) RT810xE.
Unbreak PMTU-discovery for ipsec(4) AES-GCM.
Don't flush the cache on page inflate for hibernate on amd64 for faster resume on some machines.
Fixed corner cases in the implementation of pow(3) to make it compatible with C99.
Implement if_nametoindex(3) and if_indextoname(3) for pfctl(8). 20x speedup factor with some complex rulesets.
Create more inodes on the sparc64 installation ramdisk. Prevents problems during install/upgrade when files or nodes need to be added.
Added ral(4) support for the Ralink RT3060, which uses the RT3572 MAC/BBP.
Remove the sysmerge(8) glue from the installer (it has never been used and is being replaced).

Лучший частный хостинг