If you want to attend a session like this, the next chance is at EuroBSDCon in Vienna, September 15.
OpenIKED 7.1 was released on May 23rd, 2022.
The complete release notes may be read here:
https://ftp.openbsd.org/pub/OpenBSD/OpenIKED/openiked-7.1-relnotes.txt
LibreSSL 3.5.3 was released on May 18th, 2022.
The release notes may be found here:
https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.3-relnotes.txt
However, given the release notes are rather brief, they are quoted here in their entirety:
We have released LibreSSL 3.5.3, which will be arriving in the LibreSSL directory of your local OpenBSD mirror soon. It includes the following reliability fix: * Fix d2i_ASN1_OBJECT(). A confusion of two CBS resulted in advancing the passed *der_in pointer incorrectly. Thanks to Aram Sargsyan for reporting the issue and testing the fix. The LibreSSL project continues improvement of the codebase to reflect modern, safe programming practices. We welcome feedback and improvements from the broader community. Thanks to all of the contributors who helped make this release possible.… how to add a 'night mode' to the OpenBSD framebuffer console to give the text a yellow tint for more comfortable night time viewing, along with quite a few other cosmetic tweaks such as adding support for strikethrough text and double underlining. The article explains how to dynamically adjust the colour pallette, add a new sysctl value, and add a new escape sequence to the console emulation code in the kernel.
Following much development and testing, parallel IP forwarding has been enabled in -current. The most recent of the relevant commits are: CVSROOT: /cvs Module name: src Changes by: bluhm@cvs.openbsd.org 2022/04/30 15:13:57 Modified files: sys/net : if.c ifq.c Log message: Run IP input and forwarding with shared netlock. Also distribute packets from the interface receive rings into multiple net task queues. Note that we still have only one softnet task. So there will be no concurrency yet, but we can notice wrong exclusive lock assertions. Soon the final step will be to increase the NET_TASKQ define. lots of testing Hrvoje Popovski; OK sashan@ and:
In -current, the performance of pkg_add(1) has been greatly enhanced by the enabling of caching by default:
CVSROOT: /cvs Module name: src Changes by: espie@cvs.openbsd.org 2022/04/29 04:44:05 Modified files: usr.sbin/pkg_add/OpenBSD: PackageLocation.pm usr.sbin/pkg_add/OpenBSD/PackageRepository: Cache.pm Installed.pm Log message: finally, turn on caching by default change the defines: TEST_CACHING -> !NO_CACHING TEST_CACHING_VERBOSE -> CACHING_VERBOSE TEST_CACHING_RECHECK -> CACHING_RECHECK okay with sthen@syspatch71-001_wifi was somewhat broken (in terms of the housekeeping rather than the functionality of the patch).
On those systems to which the faulty patch was applied, some manual intervention is required. Instructions for this are now on the errata page.
Hot on the heels of OpenBSD 7.1's release, LibreSSL has been updated to 3.5.2!
The complete release notes may be read here: https://ftp.openbsd.org/pub/OpenBSD/LibreSSL/libressl-3.5.2-relnotes.txt
As usual, the release page lists the main highlights of the new release, which include
The new release supports 13 distinct hardware platforms with thousands of prebuilt packages for all platforms.
If you want to delve further into the details before (or while, after) installing or upgrading to the new release, the detailed changelog has all the details. Those upgrading from the 7.0 release (or earlier) should consult the Upgrade Guide.
If you enjoy this release, please remember to donate to the project as a way of saying thanks to the developers for their work.
Claudio Jeker (claudio@) has just announced the release of OpenBGPD 7.3. He writes:
We have released OpenBGPD 7.3, which will be arriving in the OpenBGPD directory of your local OpenBSD mirror soon. This release includes the following changes to the previous release: * Macro expansion in the config file is improved. It is now possible to expand 'set large-community $myAS:$location:$transit'. * Add initial FIB support for Linux. Routes can be added and removed. Nexthop tracking and dynamic interface detection are not yet implemented. * Major refactoring in the RIB codebase to add multipath support in an upcoming release. OpenBGPD-portable is known to compile and run on FreeBSD, and the Linux distributions Alpine, Debian, Fedora, RHEL/CentOS and Ubuntu. It is our hope that packagers take interest and help adapt OpenBGPD-portable to more distributions. We welcome feedback and improvements from the broader community. Thanks to all of the contributors who helped make this release possible.Version 9.0 of OpenSSH has been released. Notable changes include:
OpenBSD 7.1 will include the new release.
In a message to tech@ (and arm64@), Mark Kettenis (kettenis@) wrote:
It has taken a while, but I'm pleased to announce that OpenBSD/arm64 works well enough on Apple M1 systems for some wider testing. A major milestone was reached with the release of the Asahi Linux installer: https://asahilinux.org/2022/03/asahi-linux-alpha-release/ This provides an easy way to add UEFI "firmware" to your Apple M1 machine which is required to boot OpenBSD/arm64. The basic steps are: […]Hrvoje Popovski writes in with some result from his performance tests, like he did a few years ago:
I've tested Alexander Bluhm's (bluhm@) parallel ip forwarding diff and i've got some nice results. Readers should be aware that bluhm@'s diff sets NET_TASKQ=4 which means that forwarding will use 4 CPU threads and that this diff will affect only network cards that have multiqueue support (at the time of writing those cards are ix(4), ixl(4), and mcx(4). In my tests I was sending 14Mpps UDP packet over ix(4) interfaces which have 16 queues:
ix0 at pci10 dev 0 function 0 "Intel 82599" rev 0x01, msix, 16 queues ix1 at pci10 dev 0 function 1 "Intel 82599" rev 0x01, msix, 16 queuesOpenBSD box is Supermicro AS-1114S-WTRT with 24 x AMD EPYC 7413 24-Core Processor, 2650.37 MHz CPUs so this box is nice to test those 16 queues.
For undeadly readers, our Errata column on the right side of the web site automatically updates and as of March 15th, 2022 some of you may have already noticed that there is a new security fix related to LibreSSL. Salient excerpt from the release notes as follows:
"* A malicious certificate can cause an infinite loop. Reported by and fix from Tavis Ormandy and David Benjamin, Google."Subsequently, LibreSSL 3.5.1 (the development branch for those tracking -current/7.1-beta), 3.4.3 (the stable branch for those tracking 7.0-release) and 3.3.6 (the last supported branch for those stragglers still on OpenBSD 6.9) have been released!
Please see https://www.libressl.org/releases.html for more details and release notes specific to each version. It appears that the same bug was present in OpenSSL and has been fixed there too.
Following a request-for-testing thread on tech@, Stefan Sperling (stsp@) has committed some IEEE 802.11ac support to iwx(4):
CVSROOT: /cvs Module name: src Changes by: stsp@cvs.openbsd.org 2022/03/14 09:08:50 Modified files: sys/dev/pci : if_iwx.c if_iwxreg.h if_iwxvar.h Log message: Add initial support for 802.11ac (VHT) to the iwx(4) driver. This makes it possible to use 80MHz channels and VHT-specific MCS. Other 11ac features remain disabled for now. Tested: ax200: Matthias Schmidt, phessler, dv, kevlo, Joel Carnat, hrvoje, jmc, stsp ax201: mlarkin, stsp iwm (regression testing): stspAs always, thanks Stefan!
James Hastings (hastings@) has committed mtw(4), a driver for MediaTek MT7601U USB Wi-Fi devices:
CVSROOT: /cvs Module name: src Changes by: hastings@cvs.openbsd.org 2021/12/20 06:59:02 Added files: sys/dev/ic : mtwreg.h sys/dev/usb : if_mtw.c if_mtwvar.h Log message: Add mtw(4), a driver for MediaTek MT7601U wifi devices. Ported from run(4) with legacy chipsets removed. Not yet enabled in the build. ok stsp@ jmatthew@With the following commit, Theo de Raadt (deraadt@) moved -current to version 7.1-beta:
CVSROOT: /cvs Module name: src Changes by: deraadt@cvs.openbsd.org 2022/02/20 10:11:05 Modified files: etc/root : root.mail share/mk : sys.mk sys/arch/macppc/stand/tbxidata: bsd.tbxi sys/conf : newvers.sh sys/sys : param.h usr.bin/signify: signify.1 Log message: move to 7.1-betaSnapshots are (already) available for some platforms.
(Regular readers will know what comes next…)
This serves as an excellent reminder to upgrade snapshots frequently,
test both base and ports,
and report problems
[plus, of course,
donate!].
Recent things of interest include:
