OpenBSD Journal

We had previously reported on EuroBSDcon 2022. As of October 27th, 2022 the EuroBSDcon YouTube channel has been updated with a variety of OpenBSD related talk recordings for those who didn't catch the streams live, with the salient ones linked below:

Version 0.77ofGame of Treeshas been released (and the portupdated):

The OpenBSD project today announced the release of the most recent version of our favorite operating system, OpenBSD 7.2.This is the 53 release from the OpenBSD project. Highlights of the new release include:

In a long series of commits,Theo de Raadt (deraadt@)has added support for the immutable memory mappingson which wereported earlier.We see:

A new version of OpenBGPD, the OpenBSD and portable BGP daemon, has has been released.The announcement notes some key improvements in this release:

Signalling another turn of the seasons, Brent Cook (bcook@) announced that a new release of LibreSSL is out. The announcement reads:

OpenSSH 9.1has been released.It is primarily a bug-fix release.Version 9.1 will be part of theOpenBSD 7.2 release.

Another site for searching OpenBSD packages has appeared- OpenBSD.app.The site, which supports full text search,is run by Aaron Bieber (abieber@ when hisOpenBSD hat isn't askew).He commentedonLobsters.

An important message from Damien Miller (djm@) turned up on mailing lists and elsewhere, saying,

While recovering after EuroBSDCon and starting to gear up for the much anticipated next OpenBSD release, our co-editor Peter Hansteen found the time to do a remote Sunday lunch talk (slides) for SEMIBUG titled A Few of My Favorite Things About The OpenBSD Packet Filter Tools (full text, blog with trackers). The full text of the talk is also available here, without trackers.Topics covered: PF basics, state tracking tricks, greytrapping, traffic shaping, with pointers to further material.All good fun while we are waiting for the next bit thing.

Game of Trees 0.76 was released on September 23rd, 2022.

Joel Carnat has written ablog entryon using dockerunder and fromOpenBSD.It starts:

EuroBSDCon 2022is currently underway.Slides for some of the OpenBSD sessions are alreadyavailablefrom the the usual place on theOpenBSD web site.At the time of writing, it's not too late to catchlive streamsof the final day of the conference!

OpenBGPD, our favorite BGP daemon,has a new release, version 7.6.The release announcement leads in,

In a recent piece titled The Things Spammers Believe - A Tale of 300,000 Imaginary Friends, undeadly.org co-editor Peter Hansteen summarizes more than 15 years (yes, it has been that long) of improving the noise levels in mail feeds.The main tools are what comes in the base system of our favorite operating system, with particular focus on spamd(8) and the greytrapping feature.The article leads in with

With the followingcommit,Theo de Raadt (deraadt@) moved -current to version 7.2:

A new version of the OpenBSD rpki-client – RPKI validator to support BGP Origin Validation, version 8.0 has been released.The announcement reads,

Stefan Sperling (stsp@)notedthe release ofversion 0.75ofGame of Trees:

We are delighted to have received a report onthe recently-concludedg2k22 hackathon.Martijn van Duren (martijn@) writes:

In a September 1st post to tech@ titled immutable userland mappings, Theo de Raadt (deraadt@) gave us a preview of code that may soon land in -current. The message leads in,

Following adiscussion on tech@,Job Snijders (job@),committedtops(1)support for displaying the parent/child hierarchy of processesas an ASCII art tree:

Antoine Jacoutot (ajacoutot@)hasaddeda "configtest"action torcctl(8):

Damien Miller (djm@)notesthat all (new) commits to the portableOpenSSHrepository are now signed usinggit'sSSH signature support.Further details areon the OpenSSH developmentmailing list:

Ina pairofcommits,Theo de Raadt (deraadt@)changed many daemons in /sbinto be dynamically linked. First this, which had some of us a little mystified:

Video recordings fromBSDCan 2022are nowavailable.OpenBSD-related sessions include:

Stefan Sperling (stsp@)hascommittedsupport for RAID 1C[mirroring and encryption]boot to -current on the amd64 platform:

Damien Miller (djm@) has committedhome-directory requesttosftp-server(8):

In -current, /usr/gameshas been removed from the default$PATH.Theo Buehler (tb@)committed the change:

Damien Miller (djm@)committed a changerandomising the rekeying interval inarc4random(3)(and friends):

With the followingcommit(s),Theo de Raadt (deraadt@) moved -currentto version 7.2-beta:

For those who have been paying attention to the Game of Trees development list, there has been a lot going on with got(1). Apologies here at undeadly for having missed some release announcements!

Our favorite BGP daemon, OpenBGPD, has a new version 7.5 out. The announcement reads,

A fairly critical component of routing security infrastructure, rpki-client, has a new release out, version 7.9.The announcement leads in,

Theo de Raadt (deraadt@)committedthe change:

The first r2k22 hackathon report is in, from Job Snijders (job@), who writes:

Courtney Allen has published a blog post about how to run a website and blog almost exclusively on things that are in the OpenBSD base system already, only adding AsciiDoc to the mix.The lead in reads,

Christian Ludwig "wrote a tool to statically analyze spl(9) kernel locking in OpenBSD. It even found some bugs."His write up is here: https://medium.com/@chrissicool/analyze-openbsds-kernel-with-domain-specific-knowledge-ca665d92eebbHis code for the Lock Balancing Checker referenced in the write up is available under an ISC license and can be obtained here: https://github.com/chrissicool/lbc

Here are a few recent OpenBSD news items that we almost missed ourselves:

Frederic Cambus (fcambus@)has written ablog entryregarding the significant differences between the versions ofLLVM inbase andports.

We wouldn't blame you if you it slipped under yourRADAR thatOpenBGPD 7.4 was released,since it doesn't appear to have been mentioned on the OpenBGPD website yet.However, the release notes may be found inthis mailing list postfrom June 14th, 2022:

Peter Hansteen, Massimiliano Stucchi and Tom Smyth gave a presentation on pf at BSDCan 2022. While a video recording from the event has yet to appear, the slides from their presentation may be viewed here:

OpenIKED 7.1 was released on May 23rd, 2022.The complete release notes may be read here:

LibreSSL 3.5.3 was released on May 18th, 2022.The release notes may be found here:

Crystal Kolipe writes in about her work on the framebuffer console, and provides an article on

Following much development and testing,parallel IP forwarding has been enabled in -current.The most recent of the relevant commitsare:

In -current, the performance ofpkg_add(1)has been greatly enhanced by theenabling of caching by default:

syspatch71-001_wifi was somewhatbroken(in terms of the housekeeping rather thanthe functionality of the patch).On those systems to which the faulty patch was applied,some manual intervention is required.Instructions for thisare now on theerrata page.

Hot on the heels of OpenBSD 7.1's release,LibreSSLhas been updated to 3.5.2!The complete release notes may be read here:https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.2-relnotes.txt

The long spring (or fall) wait is over, the OpenBSD project today formally released OpenBSD 7.1, the 52nd release of our favorite open source operating system.As usual, the release page lists the main highlights of the new release, which include

Claudio Jeker (claudio@) has just announced the release of OpenBGPD 7.3. He writes: