Feed openbsd-journal OpenBSD Journal

Favorite IconOpenBSD Journal

Link http://undeadly.org/
Feed http://undeadly.org/cgi?action=rss
Updated 2025-05-14 23:31
Game of Trees 0.112 released
Version 0.112of Game of Treeshas been released (and the portupdated):
OpenSMTPD 7.7.0p0 released
Omar Polo (op@) hasannouncedthe release of version 7.7.0p0 ofOpenSMTPD:
erspan(4): ERSPAN Type II collection
Our favorite operating system is in the process of aquiring Encapsulated Remote Switch Port Analyzer (ERSPAN) support, in the form of a new virtual network interface, dubbed erspan(4).An early version of the code, but possibly close to being ready for further development in-tree waspresentedby David Gwynne (dlg@) in amessage to tech@:
Improved ACPI WMI support (may be) incoming
Over on tech@, Ted Unangst (tedu@) isairinga patch to introduce better support ACPI WMI,looking for tests and comments:
Optimisation of parallel TCP input
Alexander Bluhm (bluhm@) hascommittedchanges which eliminate contentionby caching the socket lock in TCP input:
bpflogd(8) imported into -current
Following its recent introduction on tech@[See earlier article],David Gwynne (dlg@)hascommittedbpflogd(8)to the tree:
LLDP daemon and tool committed to -current
Following its recent introduction on tech@[See earlier article],David Gwynne (dlg@)hascommittedlldpd(8)to the tree:
DSA signature support removed from OpenSSH
Damien Miller (djm@) hascompletedthe planned[See previousarticles]removal of DSA signature support from OpenSSH:
Call for testing: Last bits of DSA to be removed from OpenSSH
In a message to tech@ with the subject"die DSA die", Damien Miller (djm@) presents a diff that will remove the last bits of DSA support from OpenSSH:
ssh: listener sockets relocated from /tmp to ~/.ssh/agent
A longdiscussionon tech@(initiated by asuggestion/patch from Jesper Wallin)has culminated in Damien Miller (djm@)committingchanges which increase security by taking advantage of the use ofunveil(2)elsewhere in the OpenBSD ecosystem:
The installer now prefers disks over 1GB
Klemens Nanni (kn@) hascommittedthe his proposed change[Seeprevious article]such that theOpenBSD installer now prefers disks over 1GBwhen prompting for the root disk.The commit message explains the change:
Call for testing and comment: Make the installer prefer >1G disks
You can tell it's right after a release is cut when new ideas are fielded in patches to tech@.One such small but potentially important change that is being aired now is achangeto the installer to suggest the larger one when several disks are available. Klemens Nanni (kn@) describes the motivation for the change as
Call for Testing: Parallel fault handler
In apostto tech@,Martin Pieuchot (mpi@)has requested testing of a diff (against -current) to enablerunning the upper part of the fault handler in parallel:
LibreSSL 4.1.0 released
LibreSSLversion4.1.0has been released.This is the version found in (the recently released)OpenBSD 7.7The release notes read,
In -current, pkg_add -u no longer advises file removal
Klemens Nanni (kn@)committed a changeremoving misleading messages on package update:
MP-safe tcp_input() committed
As we saw recently in theGraphed and measured: running TCP input in parallelstory, Alexander Bluhm (bluhm@) has been working on parallel TCP input, finally making tcp_input() MP-safe.This work has now beencommitted,
OpenBSD 7.7 Released
The OpenBSD project hasannouncedOpenBSD 7.7,its 58 release.The new releasecontains a number of significant improvements, including but certainlynot limited to:
Introducing an OpenBSD LLDP daemon
Our favorite operating system may be on the verge of having a LLDP(Link Layer Discovery Protocol)daemon added to the base system. David Gwynne (dlg@) is circulating a patch on tech@ that introduces the daemon,
Introducing bpflogd(8): capture packets via BPF to log files
In a recentpostto tech@, David Gwynne (dlg@) introduced a new daemon to log packets from BPF.Themessagereads
Game of Trees 0.111 released
Version 0.111of Game of Treeshas been released (and the portupdated,with additional useful information in the commit message):
Graphed and measured: running TCP input in parallel
Over on tech@, Alexander Bluhm (bluhm@) is airing a patch to improve parallel TCP input, and is looking for testers:
rpki-client 9.5 released
TheOpenBSD projecthasannouncedthe release ofversion 9.5of rpki-client:
OpenBSD -current is now "7.7-current"
Theo de Raadt (deraadt@) updated the versionofOpenBSD-current to "7.7-current".Those running the latest-and-greatest[via a sufficiently new snapshot or built from source]no longer need to use"-D snap" withpkg_add(1)(andpkg_info(1)).
OpenIKED 7.4 Released
TheOpenBSD projecthasannouncedthe release ofOpenIKED7.4:
OpenSSH 10.0 Released
The OpenSSH project has announced their latest release, OpenSSH 10.0.The announcement and release notes read:
New sysctl(8) -f option supports reading entire settings file in one go
If you have ever been irked by having to enter a sequence of sysctl(8) commands to achieve things like enabling forwarding for IPv4 and IPv6 both, help is at hand.In a recent commit, Klemens Nanni (kn@) added functionality to have the classic command read multiple settings from a file:
rsync replaced with openrsync on macOS Sequoia
We (undeadly.org editors) had not noticed ourselves, but Will Backman wrote in about the news that some OpenBSD code -- openrsync -- had been made available to a wider audience, courtesy of Apple:
OpenBSD -current has moved to version 7.7
TheOpenBSD7.7 release cycle is entering its final phases...With the followingcommit,Theo de Raadt (deraadt@) moved -current to version 7.7(dropping the "-beta"):
fw_update(8) gains support for arbitrary dmesg files
Hitherto,fw_update(8)has gathered system information largely from/var/run/dmesg.boot(on the host on which it is invoked).Andrew Hewus Fresh (afresh1@) hascommitted a changewhich allowsspecifyinganarbitrary dmesg file.The commit message explains the rationale:
OpenBSD -current moves to 7.7-beta
It's that time of the year again.With the followingcommit,Theo de Raadt (deraadt@)changed the version of the OpenBSD development branchto 7.7-beta:
Game of Trees 0.110 released
Version 0.110of Game of Treeshas been released (and the portupdated):
Game of Trees 0.109 released
Version 0.109of Game of Treeshas been released (and the portupdated):
OpenBGPD 8.8 released
The OpenBGPD project (essentially a subproject of the OpenBSD project), have released their latest work in the OpenBGPD 8.8 release.The release announcement reads,
Game of Trees 0.108 released
Version 0.108of Game of Treeshas been released (and the portupdated):
rpki-client 9.4 released
As announced by Job Snijders on the FediVerse rpki-client 9.4 has been released.The complete release notes from https://cdn.openbsd.org/pub/OpenBSD/rpki-client/rpki-client-9.4.txt are below:Read more...
Game of Trees 0.107 released
Version 0.107of Game of Treeshas been released (and the portupdated):
rpki-client stricter aging policy for Trust Anchor certificates commited to -current
There has long been some concern in the networking communities, particularly the routing security part, about the use of very long lived Trust Anchor (TA) certificates in routing infrastructure. Today Job Snijders (job@) commited code torpki-client(8)to implement a gradual phase in of a stricter policy on TA certificates lifetimes.The commit message reads,
FRAME sockets added to OpenBSD
Thanks toworkby David Gwynne (dlg@),OpenBSD -current now has a new"AF_FRAME"socket domain:
OpenBGPD 8.7 released
Claudio Jeker (claudio@)announcedthe release of version 8.7 ofOpenBGPD,the OpenBSD project'sBorder Gateway Protocol (BGP) daemon:
Initial list of 21 EuroBSDcon 2024 videos released
The initial list of 21 'low hanging fruit' videos from EuroBSDcon 2024 has been released with more to follow:
Rafael Sadowski on dpb(1)
(As noted in histoot,)Rafael Sadowski (radowski@)has written a blog entry entitleddpb - distributed ports builder,which describes hisdpb(1)setup.
Rafael Sadowski on dpb(1)
(As noted in histoot,)Rafael Sadowski (radowski@)has written a blog entry entitleddpb - distributed ports builder,which describes hisdpb(1)setup.
-current now has more flexible performance policy
Jeremie Courreges-Anglas (jca@)committed a changewhich is likely to be welcomed by laptop users:
unwind: wildcard in blacklist
Soon, unwind will have support wildcard in blacklist.Here, a change that makes any domain in the blacklist that starts with '.', which is not a legal name due to an empty label, is treated as any subdomain on that zone.This means that .example.com blocks all requests to any subdomain of example.com, but allows example.com.Changes: https://marc.info/?l=openbsd-cvs&m=173244784522937&w=2
Game of Trees 0.106 released
Version 0.106of Game of Treeshas been released (and the portupdated).
Game of Trees 0.105 released
Version 0.105of Game of Treeshas been released (and the portupdated).Read more...
Game of Trees 0.104 released
Version 0.104of Game of Treeshas been released (and the portupdated).
LibreSSL 4.0.0 Released
The LibreSSL project, a closely associated subproject of the OpenBSD project, has announced the availability of their new stable release, LibreSSL 4.0.0, which comes with a number of improvements and a sprinkling of fixes. The release announcement reads,
sshd(8) splitting continues
The work of improving ssh security by segregating functionality into separate binaries contiues, this time by introducing sshd-auth as a separate binary.The commit message summarizes why this makes sense,
OpenSMTPD 7.4.6p0 Released
Omar Polo (op@) hasannouncedthe release of version 7.6.0p0 ofOpenSMTPD.The changes (including the table protocol change on which wereported earlier)are:
12345678910...