Pulogalamu ya ProHoster > Blog > nkhani zapaintaneti > Kutulutsidwa kwa OpenBSD 6.7

Kutulutsidwa kwa OpenBSD 6.7

Yovomerezedwa ndi kumasulidwa kwa pulogalamu yaulere ya UNIX-ngati yogwiritsira ntchito Pulogalamu ya OpenBSD 6.7. Ntchito ya OpenBSD idakhazikitsidwa ndi Theo de Raadt mu 1995 pambuyo pake kukangana ndi opanga NetBSD, chifukwa chake Teo adakanidwa mwayi wopita kunkhokwe ya NetBSD CVS. Zitatha izi, Theo de Raadt ndi gulu la anthu amalingaliro ofanana adapanga njira yatsopano yotseguka yotengera mtengo wa NetBSD, zomwe zolinga zake zinali kunyamula (mothandizidwa ndi 12 hardware nsanja), muyezo, ntchito yolondola, chitetezo yogwira ndi Integrated cryptographic zida. Full unsembe kukula Chithunzi cha ISO OpenBSD 6.7 base system ndi 470 MB.

Kuphatikiza pa machitidwe opangira okha, polojekiti ya OpenBSD imadziwika ndi zigawo zake, zomwe zafala kwambiri m'machitidwe ena ndipo zatsimikizira kuti ndi imodzi mwa njira zotetezeka komanso zapamwamba kwambiri. Mwa iwo: LibreSSL (foloko OpenSSL), OpenSSH, paketi fyuluta PF, kuyendetsa ma daemoni OpenBGPD ndi OpenOSPFD, seva ya NTP OpenNTPD, seva yamakalata OpenSMTPD, ma terminal multiplexer (ofanana ndi skrini ya GNU) tmux, daemon chodziwika ndi kukhazikitsa kwa IDENT protocol, njira ina ya BSDL ku phukusi la GNU groff - mando, ndondomeko yokonzekera machitidwe olekerera zolakwika CARP (Common Address Redundancy Protocol), yopepuka http seva, chothandizira cholumikizira mafayilo OpenRSYNC.

waukulu kuwongolera:

  • Dongosolo lamafayilo a FFS2, lomwe limagwiritsa ntchito nthawi ya 64-bit ndi ma block values, limayatsidwa mwachisawawa pakuyika kwatsopano kwa pafupifupi zomanga zonse zothandizidwa m'malo mwa FFS (kupatula landisk, luna88k, ndi sgi).
  • Njira yatsopano yawonjezedwa kuti muwone ngati kuyimba kwadongosolo kuli koyenera, zomwe zimasokonezanso kugwiritsa ntchito ziwopsezo. Njirayi imalola mafoni adongosolo kuti azichitidwa pokhapokha atapezeka kuchokera kumalo okumbukira omwe adalembetsedwa kale. Kuyimba kwatsopano kwa msyscall () kwaperekedwa kuti kulembetse malo okumbukira ndikuyambitsa chitetezo.
  • Chiwerengero cha magawo omwe amatha kupangidwa pa diski imodzi chawonjezeka kuchokera pa 7 mpaka 15.
  • Chosankha cha cron parsing code chalembedwanso kuti chithandizire mawonekedwe a getopt monga "-ns" ndikufotokozeranso mbendera zomwezo. Munda wa "zosankha" mu crontab wasinthidwa kukhala "mbendera". Onjezani mbendera ya "-s" ku crontab kuti gawo limodzi lokha la ntchito lizitha kugwira ntchito nthawi imodzi. Wowonjezera "~" kuti atchule mtengo wanthawi yake.
  • Woyang'anira zenera wa cwm amagwiritsa ntchito luso lozindikira kukula kwazenera ngati gawo la kukula kwazenera loyambira pamakonzedwe a matailosi.
  • Zomangamanga za Powerpc zasintha kugwiritsa ntchito Clang mwachisawawa ndikupangitsa kuti mplock ikhale yodziyimira payokha.
  • apmd yathandizira chithandizo choyimilira chokha ndi hibernation (-z/-Z) - daemon tsopano imayankha mauthenga osintha mabatire omwe amatumizidwa ndi woyendetsa magetsi. Kusintha kwa kugona kumachitika ndi kuchedwa kwa masekondi a 60, zomwe zimapatsa wogwiritsa ntchito nthawi yoti azitha kulamulira.
  • Adawonjezera $REQUEST_SCHEME kusintha kosinthika ku seva yomangidwa mu HTTP kuti asunge protocol yoyambirira (http kapena https) polozeranso, komanso njira ya "strip" kulola ma chroots angapo mu /var/www kwa ma seva a FastCGI.
  • Chida chapamwamba tsopano chimathandizira kupukusa pogwiritsa ntchito makiyi a 9 ndi 0.
  • Njira yomasulira masamba amakumbukiro motsatira dongosolo imayambitsidwa, yomwe imawonjezera mphamvu yakumasula masamba ambiri.
  • Seva ya DNS yosamangidwa ili ndi kuyang'ana kwa DNSSEC kumayatsidwa mwachisawawa.
  • Kuyimba mafoni kumamasulidwa ku kutsekereza kwapadziko lonse lapansi
    __thrsleep(2), __thrwakeup(2), close(2), closefrom(2), dup(2), dup2(2), dup3(2), flock(2), fcntl(2), kqueue(2), chitoliro (2), pipe2(2) ndi nanosleep(2), komanso gawo lofunikira la ioctl(2).

  • Thandizo la hardware yowonjezera. Dalaivala watsopano wa iwx wawonjezedwa kwa ma chips opanda zingwe a Intel AX200, ndipo dalaivala wa iwm wawonjezera chithandizo cha zipangizo za Intel 9260 ndi 9560. Dalaivala wa rge wawonjezedwa kwa Realtek 8125 PCI Express 2.5Gb. Madalaivala ambiri atsopano aperekedwa kuti apititse patsogolo magwiridwe antchito pama board a arm64 ndi armv7, kuphatikiza chithandizo chowonjezera cha bolodi la Raspberry Pi 4 ndikuthandizira bwino kwa Raspberry Pi 2 ndi 3.
  • Dongosolo la mawu a sndio awonjezedwa. Wowonjezera sioctl_open API ndi chida cha sndioctl chowongolera mawu kudzera pa sndiod. /dev/mixer yachotsedwa ndipo madoko onse asinthidwa kukhala sndio m'malo mwa mawonekedwe osakaniza a kernel. Sndiod imapereka kugwiritsa ntchito njira zowongolera voliyumu ya hardware. Kupititsa patsogolo chitetezo, kugwiritsa ntchito nthawi zonse /dev/audio* ndi /dev/rmidi* ndikoletsedwa.
  • Malo opanda zingwe amasiya kulumikizidwa ku netiweki iliyonse ya Wi-Fi yomwe sigwirizana ndi kubisa, kupatula potchula lamulo la "ifconfig join". Imawonetsetsa kuti kusanthula kwakumbuyo kwamanetiweki omwe alipo kumayambika pomwe lamulo la "ifconfig scan" likuchitidwa ndi wogwiritsa ntchito mizu. Cache ya zotsatira za scan yawonjezedwa. Anawonjezera mbendera ya "nwflag nomimo", yokhazikitsidwa kudzera pa ifconfig, yomwe imathandiza kuchotsa kutayika kwa paketi mu 11n mode ngati chipangizocho chili ndi zolumikizira za mlongoti zosalumikizidwa. Thandizo lowonjezera pamachitidwe ojambulira oyendetsa a bwfm driver. Kusintha kwachangu pakati pa ma netiweki opanda zingwe pochepetsa kufunikira kwa maukonde omwe sakanatha kulumikizidwa.
  • Dalaivala watsopano wa pppac wawonekera mu stack network, yomwe imaphatikizapo kukhazikitsidwa kwa mawonekedwe a PPP Access Concentrator. Zosintha za npppd.conf zasintha kuti zigwiritse ntchito pppac m'malo mwa tun. Kuwongolera kwa paketi kukazimitsidwa, cheke chawonjezeredwa kuti muwone ngati adilesi yopita mu paketi ikufanana ndi adilesi ya mawonekedwe a netiweki. Thandizo la Mobileip lachotsedwa.
  • Ogwiritsa ntchito opanda mizu amaletsedwa kugwiritsa ntchito ioctl kusintha ma adilesi a netiweki ndikusintha magawo a pppoe interfaces.
  • sysupgrade imatsimikizira kuti zosintha za firmware (fw_update) zimayambika musanayambe kuyambiranso.
  • Kuyimba foni yovumbulutsa kwakonzedwa kuti ipereke kudzipatula kwadongosolo la fayilo. Chiwerengero cha mapulogalamu ochokera ku maziko omwe chitetezo chogwiritsira ntchito kuvumbulutsa chimagwiritsidwa ntchito chawonjezeka kufika pa 82. Kuphatikizapo vmstat, iostat ndi systat zasamutsidwa kuti zivumbulutsidwe.
  • Thandizo la RSA-PSS lawonjezeredwa ku crypto(3).
  • Thandizo la DoT (DNS pa TLS) lawonjezedwa ku chosinthira cha DNS. Adawonjezera lamulo la "unwindctl status memory".
  • Kukhazikitsidwa kwa IPsec kwasinthidwa kwambiri. Thandizo lowonjezera pakusuntha kwa magalimoto pakati pa ma rdomain panthawi ya encryption ndi decryption kuti muteteze motsutsana ndi njira zam'mbali. Zowonjezera zothandizira kusintha rdomain kukhala iked, ndikuwonjezera njira ya 'rdomain' ku iked.conf
    Mulingo wokhazikika wa iked ndi isakmpd ndi IPSEC_LEVEL_REQUIRE, womwe umalepheretsa kukonza mapaketi osalembetsedwa olingana ndi kutuluka. Ma curve25519, ecp256, ecp384, ecp521, modp3072 ndi modp4096 ma algorithms awonjezedwa kumagulu a Diffie-Hellman a IKE SA. Mu iked, njira yotsimikizirika yosasinthika yasinthidwa kukhala chitsimikiziro cha siginecha ya digito (RFC 7427). Anawonjezera zokonda za ESN ku iked.conf. Njira yowonjezeredwa "-p" kuti musankhe nambala ya doko ya UDP yosakhala yokhazikika.

  • Kuthekera kwa tmux terminal multiplexer kwakulitsidwa ndipo zosankha zambiri zatsopano zawonjezedwa.
  • Mtundu wa seva yamakalata wa OpenSMTPD wasinthidwa. Zosefera zomangidwira zimagwiritsa ntchito mawu oti "bypass" kuti mudumphe kukonza malinga ndi zomwe zanenedwa. Amalola kuti dzina lolowera la gawo la smtpd ligwiritsidwe ntchito pazosefera. Mu smtpd.conf, magawo amalola kugwiritsa ntchito mail-from ndi rctp-to.
  • Phukusi la OpenSSH 8.2 lasinthidwa kuti liphatikizepo chithandizo cha ma tokeni otsimikizika azinthu ziwiri za FIDO/U2F. Mutha kuwona tsatanetsatane wa zosinthazo apa.
  • Zasinthidwa Phukusi la LibreSSL, momwe kukhazikitsidwa kwa TLS 1.3 kutengera makina atsopano a boma komanso kagawo kakang'ono kogwirira ntchito ndi zolemba kwatha. Mwachikhazikitso, gawo lamakasitomala lokha la TLS 1.3 ndilololedwa pakalipano; gawo la seva likukonzekera kuti liziyambitsa mwachisawawa pakumasulidwa kwamtsogolo. Mndandanda wa zosintha zina zitha kuwoneka muzolengeza zotulutsidwa 3.1.0 ΠΈ 3.1.1.
  • Chiwerengero cha madoko a zomangamanga za AMD64 chinali 11268, cha aarch64 - 10848, cha i386 - 10715. Zigawo zochokera kwa opanga chipani chachitatu zomwe zikuphatikizidwa mu OpenBSD 6.7 zasinthidwa:
    • Xenocara zithunzi stack zochokera X.Org 7.7 ndi xserver 1.20.8 + zigamba, freetype 2.10.1, fontconfig 2.12.4, Mesa 19.2.8, xterm 351, xkeyboard-config 2.20;
    • LLVM/Clang 8.0.1 (ndi zigamba)
    • GCC 4.2.1 (yokhala ndi zigamba) ndi 3.3.6 (yokhala ndi zigamba)
    • Perl 5.30.2 (ndi zigamba)
    • NSD 4.2.4
    • Zosasinthika 1.10.0
    • Namwino 5.7
    • Binutils 2.17 (ndi zigamba)
    • Gdb 6.3 (ndi zigamba)
    • Disembala 20, 2012
    • Kutulutsa 2.2.8

    Source: opennet.ru

Kuwonjezera ndemanga