OpenBSD Journal

April 11, 2017: The OpenBSD project has announced the availability of the newest release, OpenBSD 6.1:

Ian Darwin writes in about his work deploying the arm64 platform and the Raspberry Pi 3:So I have this empty white birdhouse-like thing in the yard, open at the front. It was intended to house the wireless remote temperature sensor from alow-cost weather station, which had previously been mounted on a dark-colored wall of the house (reading were really high when the sun reached that side of the house!).But when I put the sensor into the birdhouse, the signal is too weak for the weather station to receive it(the mounting post was put in place by a previous owner of our property, and is set deeply in concrete).So the next plan was to pop in a tiny OpenBSD computer with a uthum(4) temperature sensor and stream the temperature over WiFi.Read more...

While the world largely wasn't looking, there was a nano hackathon last month, Hackathon report - e2k17 Hackathon, Edmonton Alberta. Bob Beck (beck@) writes,

Mike Larkin (mlarkin@) writes on tech@:

Google's golang, collaboratively developed by Unix and C pioneers like Ken Thompson, Rob Pike et al has been very BSD friendly (the language itself is BSD licensed) and it just got even friendlier for OpenBSD's pledge mechanism.To quote the diff:"unix: add support for OpenBSD pledgePledge, the privilege-restricting syscall and mitigation mechanism,was missing from syscall_openbsd.go. As of the latest release, itis officially supported in 'stable'."Link to the full golang diff here: https://go.googlesource.com/sys/+/8fd966b47dbdd4faa03de0d06e3d733baeb9a1a9%5E%21/

On behalf of the EuroBSDCon 2017 Program Committee, here is the Call for Proposals for the EuroBSDCon 2017 conference which will take place in Paris, France from 21st through 24th of September 2017:

Ingo Schwarze (schwarze@) has written in with another (beautifully formatted)report on even more great mandoc(1)enhancements:Read more...

Ted Unangst (tedu@) continues his flak series with part 6 and part 7.

If you follow commits closely, via source-changes@ or otherwise, you may already know that mandoc has grown another useful feature. Ingo Schwarze sent us this very nicely formatted article about the new mandoc to markdown converter:Read more...

Ken Westerback (krw@ when wearing his developer hat) writes in with a summary:

Hrvoje Popovski kindly wrote in to point out that Martin Pieuchot (mpi@) has written a piece entitled What happened to my vlan?.The piece begins:

Ingo Schwarze (schwarze@) writes in:

Next up in our series of a2k17 hackathon reports is this one from Antoine Jacoutot, who writes:

Patrick Wildt (patrick@) reports on progress with arm64 platform support:

Our next a2k17 report comes from Martin Pieuchot (mpi@), who writes:

Still fresh from the just completed hackathon down under Ken Westerback writes,

Fresh from the newly completed a2k17 hackathon comes this report from Bob Beck:

Martin Pieuchot has written another article chronicling the modernization of the network stack. Martin writes,

Avoid possible side-channel leak of ECDSA private keys when signing.A source code patch exists which remedies this problem:for 6.0.for 5.9This is related to CVE-2016-7056 "ECDSA P-256 timing attack key recovery (OpenSSL, LibreSSL, BoringSSL)"Additional details can be read here: http://seclists.org/oss-sec/2017/q1/52Thanks to M:Tier https://stable.mtier.org for raising awareness on this patch.

OpenBSD as WiFi access points look set to be making a comeback in the near future. With this diff https://marc.info/?l=openbsd-tech&m=148396652007923&w=2, Stefan Sperling added 802.11n hostap mode, with full support initially for the Atheros chips supported by the athn(4) driver.

Michael W Lucas is offering the chance to get your name in his forthcoming book on relayd and httpd:

Ted Unangst (tedu@) continues his flak series with part 5.

Undeadly editor Peter Hansteen (pitrh) recently spoke to the Bergen (BSD and) Linux User Group (BLUG) on the subject "OpenBSD and you", and has shared the slides from the talk.These make a great resource for preaching to the as-yet-unconverted.

A new version of OpenSSH has been announced. Continue reading for the changelog of OpenSSH 7.4 below: Read more...

Ingo Schwarze (schwarze@) writes in:

Ted Unangst (tedu@) has written a flak entry entitled "openbsd changes of note".It gives an overview (with relevant links) of recent significant changes in -current.Update: there is now a second part.Update: there is now a third part.

Kristaps Dzonsons, of mandoc and acme-client (and more) fame, has written a detailed article entitled "why pledge(2) …or, how I learned to love web application sandboxing".The tl;dr section starts:

Today's big news comes from the OpenBSD Foundation, via director Ken Westerback. The official word from the foundation is:

The first report out of the just completed l2k16 (LibreSSL focused) hackathon comes from Ingo Schwarze, who writes:

The next b2k16 hackathon report comes from Daniel Jakots, who writes:

New contributor doctrit writes,An interesting news article title caught my attention and I was pleasantly surprised to find OpenBSD having a prominent place within the article's content. 8^)

The first report from the b2k16 hackathon comes from Antoine Jacoutot, who writes:

Your next b2k16 report comes form Jeremy Evans, who writes:

Our next b2k16 report comes from Landry Breuil, who writes:

Five OpenBSD 6.0 CD-ROM copies were signed by 40 developers during theg2k16 Hackathon in Cambridge, UK. These copies are being auctioned sequentially on ebay.CD set #1 (Sep 29th + 5 days) sold for $4200CD set #2 (Oct 4th + 3 days) sold for $3000CD set #3 (Oct 8th + 3 days) sold for $817CD set #4 (Oct 11th + 3 days) sold for $635CD set #5 (Oct 14th + 3 days) sold for $1024All proceeds will be donated to the OpenBSD Foundationto support and further the development of free software based on the OpenBSD operating system.Read more...

With a small commit, OpenBSD now has a hypervisor and virtualization in-tree. This has been a lot of hard work by Mike Larkin, Reyk Flöter, and many others.VMM requires certain hardware features (Intel Nehalem or later, and virtualization enabled in the BIOS) in order to provide VM services, and currently only supports OpenBSD guests.

Alexander Bluhm (bluhm@) contributed our next report (which even includes a picture):

The g2k16 hackathon must have been a really great one, because here is yet another report, this time from Patrick Wildt, who writes:

The g2k16 hackathon reports keep coming, and we love it! In this fresh report, Martin Pieuchot writes,

Ted Unangst (tedu@) has written an item regarding doas:

Matthieu Herrb supplied our next g2k16 report:

Vincent Gross supplied the next hackathon report:

Here's yet another g2k16 hackathon report, this one from Antoine Jacoutot, who writes:

Next up in the series of g2k16 hackathon reports is this one from Florian Obser, who writes:

Next up with a g2k16 Hackathon report is Jasper Lievisse Adriaanse:

DragonFly BSD has joined HardenedBSD and TrueOS (formerly PC-BSD) in adopting LibreSSL in the base system:

Next up in our series of g2k16 hackathon reports is Christian Weisgerber, who writes:

Our next g2k16 report comes from Brent Cook (bcook@), who writes:

Next in our series of g2k16 hackathon reports is Ted Unangst, who writes:

The next g2k16 developer report comes from Giovanni Bechis, who writes: