OpenBSD Journal

OpenBSD 4.6 released

Contributed by weerd on from the friendly-frog-delivery dept.

The OpenBSD team is pleased to announce the release of OpenBSD 4.6. See the announcement for more information.

Place an order worldwide or order it from the shop closest to you, or if you only download from FTP then make a donation. If you do FTP your release, be sure to use a local mirror and not the main ftp server:  Europe (Sweden)  MI, USA  Austria  CO, USA  Austria  CA, USA

Highlights of OpenBSD 4.6 are listed below.

  • New/extended platforms:
    • mvme68k
      • Added support for the MVME141 and MVME165 boards.
    • sparc
      • The bootblock load address was moved so that larger kernels can be loaded.
    • sparc64
      • Added acceleration support for many of the PCI frame buffer drivers, such as Sun PGX, PGX64 and XVR-100, and Tech Source Raptor GFX graphics cards.
    • sgi
      • Added support for the SGI Octane, SGI Origin 200 and SGI Fuel families of systems.
      • Several bugs in interrupt handling have been fixed, resulting in much snappier system response.

  • Improved hardware support, including:
    • Several new/improved drivers for sensors, including:
      • The ips(4) driver now has sensor support, complementing the bio support.
      • The acpithinkpad(4) driver now has temperature and fan sensor support.
      • New endrun(4) driver for the EndRun Technologies timedelta sensor.
      • The fins(4) driver now has support for F71806, F71862 and F71882.
      • The acpitz(4) driver now shows correct decimals for temperature.
    • Added radeonfb(4) to sparc64, an accelerated framebuffer for Sun XVR-100 boards.
    • Added support in re(4) for RTL8103E and RTL8168DP devices.
    • Added support for BCM5709/BCM5716 devices in the bnx(4) driver.
    • Added support for ICH10 variants of em(4).
    • Added support for VIA VX855 chipset in the viapm(4) and pciide(4) drivers.
    • Added support for Intel SCH IDE to pciide(4).
    • Added support for the Broadcom HT-1100 chipset in the piixpm(4) driver.
    • Added support for 82574L based devices in the em(4) driver.
    • A number of network drivers including ix(4), sis(4), msk(4), bnx(4), and vr(4) now use MCLGETI(9) to reduce memory usage and increase performance under load and attack.
    • Added support for VIA CX800 south bridge to the viapm(4) driver.
    • Added support in em(4) for the newer 82575 (and maybe 82576) chips.
    • zyd(4) now supports devices with Airoha AL2230S radios.
    • zyd(4) now works on big-endian machines
    • urtw(4) now supports RTL8187B based devices.
    • New otus(4) driver for Atheros AR9001U USB 802.11a/b/g/Draft-N wireless devices.
    • New berkwdt(4) driver for Berkshire Products PCI watchdog timers.
    • New udl(4) driver for USB video devices.
    • Support for a variety of newer models in bge(4).
    • Initial version of vsw(4), a driver for the virtual network switch on sun4v sparc64s.
    • Implemented machfb(4), an accelerated driver for the sparc64 PGX/PGX64 framebuffers.
    • Added a vcc(4) and vcctty(4) driver for the "Virtual Console Concentrator" found on the control domain of sun4v systems.
    • Implemented 64-bit FIFO modes for ciss(4) devices.
    • Enable hardware VLAN tagging/stripping on ix(4).
    • Added basic support for Envy24HT chips in the envy(4) driver.
    • Many improvements and updates to the isp(4) driver.
    • Added support for 88E8057-based Yukon 2 Ultra 2-devices in msk(4).
    • The ips(4) driver now works reliably.
    • Added raptor(4), an accelerated framebuffer driver for the Tech Source Raptor GFX cards on the sparc64 platform.
    • Enabled schsio(4) on i386 and amd64 and added watchdog timer support.
    • New acpivideo(4) driver for ACPI display switching and brightness control.

  • New tools:
    • Added smtpd(8), a new privilege-separated SMTP daemon.
    • Imported the tmux(1) terminal multiplexer, replacing window(1).

  • pf(4) improvements:
    • Enabled pf(4) by default in the rc.conf(8).
    • Removed pf(4) scrub rules, and only do one kind of packet reassembly. Rulesets with scrub rules need to be modified because of this.
    • Regular rules can now have per-rule scrub options.
    • Added new "match" keyword which only applies rule options but does not change the current pass/block state.
    • Make all pf(4) operations transactional to improve atomicity of reloads.
    • Stricter pf(4) checking for ICMP and ICMPv6 packets.
    • Various improvements to pfsync(4) to lower sync traffic bandwidth and optionally allow active-active firewall setups.
    • Fix pf(4) scrub max-mss for IPv6 traffic.

  • OpenBGPD, OpenOSPFD and other routing daemon improvements:
    • In bgpd(8), rework most of the RDE to allow multiple RIBs. It is possible to filter per-RIB and attach neighbors to a specific RIB.
    • Added an option to bgpd(8) to change the "connect-retry" timer.
    • Allow bgpd.conf(5) and bgpctl(8) to contain 32-bit ASN numbers written in ASPLAIN format.
    • Fix bgpd(8) to correctly encode MP unreachable NLRI so IPv6 prefixes get removed correctly.
    • Changed the behaviour of "redistribute default" for ospfd(8) and ripd(8). A default route has to be present in the FIB to be correctly advertised.
    • Make ospfd(8) and ripd(8) track reject and blackhole routes and allow them to be redistributed even if pointing to
    • Allow to specify an alternate control socket for ospfd(8).
    • ospfd(8) can now be bound into an alternate routing domain.
    • Fix ospfd(8) route metric for "redistribute default".
    • Initial version of ldpctl(8) and ldpd(8), a label distribution protocol daemon for mpls.
    • Make dvmrp(8) RDE aware of multicast group members per interface.
    • Support for pruning in dvmrp(8).

  • Generic Network-Stack improvements:
    • Support for virtual routing and firewalling with the addition of routing domains.
    • Add code in ifconfig(8) to bind an interface to a routing domain.
    • Add support to ping(8), traceroute(8), arp(8), nc(1) and telnet(1) to specify which routing domain to use.
    • Allow ifconfig(8) to turn off IPv6 completely for an interface and make rtsold(8) turn on inet6 on the interface.
    • Routes track the interface link state.
    • route(8) flush accepts "-iface" or "-priority" to only flush routes matching these conditions.
    • Multiple dhclients can now coexist without causing mayhem.
    • Make wireless interfaces have an interface priority of 4 by default. Makes them less preferred then wired interfaces.
    • Do not accept IPv4 ICMP redirects by default.
    • Added the MAC address to the log entries in dhclient(8).
    • Make systat(1) show interface description names in the interface view, and add new NFS server and client views.
    • Make tun(4) emulate link state depending on the open and close of the device fd.
    • Use pf state-table information to speed up decision on whether a packet is to be delivered locally or forwarded.
    • More routing socket checks added to make userland applications more resilient to kernel changes.

  • Install/Upgrade process changes:
    • New disklabel(8) automatic partition allocator with a variety of smart heuristics.
    • The installer has been nearly rewritten mostly with a focus on simplifying installation.

  • OpenSSH 5.3:
    • Do not limit home directory paths to 256 characters. (bz #1615)
    • Several minor documentation and correctness fixes.

  • Over 5,800 ports, minor robustness improvements in package tools.
  • Many pre-built packages for each architecture:
    • i386: 5606
    • sparc64: 5413
    • alpha: 5346
    • sh: 1261
    • amd64: 5544
    • powerpc: 5427
    • sparc: 3711
    • arm: 5291
    • hppa: 4790
    • vax: 1785
    • mips64: 3443
    Some highlights:
    • Gnome 2.24.3.
    • KDE 3.5.10.
    • Xfce 4.6.1.
    • MySQL 5.0.83.
    • PostgreSQL 8.3.7.
    • Postfix 2.6.2.
    • OpenLDAP 2.3.43.
    • Mozilla Firefox 3.0.11 and 3.5.
    • Mozilla Thunderbird
    • 3.1.0.
    • Emacs 21.4 and 22.3
    • Vim 7.2.190.
    • PHP 5.2.10.
    • Python 2.4.6, 2.5.4 and 2.6.2.
    • Ruby

  • As usual, steady improvements in manual pages and other documentation.

  • The system includes the following major components from outside suppliers:
    • Xenocara (based on X.Org 7.4 + patches, freetype 2.3.9, fontconfig 2.6.0, Mesa 7.4.2, xterm 243 and more)
    • Gcc 2.95.3 (+ patches) and 3.3.5 (+ patches)
    • Perl 5.10.0 (+ patches)
    • Our improved and secured version of Apache 1.3, with SSL/TLS and DSO support
    • OpenSSL 0.9.8k (+ patches)
    • Groff 1.15
    • Sendmail 8.14.3, with libmilter
    • Bind 9.4.2-P2 (+ patches)
    • Lynx 2.8.6rel.5 with HTTPS and IPv6 support (+ patches)
    • Sudo 1.7.2
    • Ncurses 5.2
    • Latest KAME IPv6
    • Heimdal 0.7.2 (+ patches)
    • Arla 0.35.7
    • Binutils 2.15 (+ patches)
    • Gdb 6.3 (+ patches)

    After the reported delays at the CD manufacturer, it's nice to see the team was able to get 4.6 out the door this early. Those of you who haven't ordered a set yet, you can of course still order a copy. Remember - there is no downloading the stickers!

  • (Comments are closed)

    1. By Shane J Pearson (SJP) on

      Congratulations and a big thank you to all the developers and others who have brought us another brilliant release! And thanks too to the supportive OpenBSD community!

      Love the mugs. Got one for work and one for home.

      One Net5501 in Sydney now at 4.6 -stable! Now on to the others...


    2. By akl (akl) on

      Fantastic! A big thank you to everybody involved.

    3. By Nick Rivera (nrivera) on

      Another great release.
      It's time to carry away default OS on my new netbook and install right one.

      hurray! hurray! hurray!

    4. By Anonymous Coward (fanboi) on

      Awesome new installer script, with the useradd integrated and the option to set /etc/ssh/sshd_config:PermitRootLogin to NO afterwards. Logic, i like it.
      The automatic diskpartitioning saves time as well. I had my home gateway up and running again in 15 minutes tops. Full reinstall!

      So thx and grats on 4.6


    Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]