ukukhutshwa kwenkqubo yasimahla, enqamlezileyo ye-UNIX-efana nenkqubo yokusebenza . Iprojekthi ye-OpenBSD yasekwa nguTheo de Raadt kwi-1995, emva koko nabaphuhlisi be-NetBSD, ngenxa yoko uTeo walelwa ukufikelela kwindawo yokugcina i-CVS ye-NetBSD. Emva koku, uTheo de Raadt kunye neqela labantu abanengqondo efanayo benza inkqubo entsha yokusebenza evulekileyo esekelwe kumthi womthombo we-NetBSD, iinjongo eziphambili zokuphathekayo ( Iiplatifti ze-13 ze-hardware), ukulinganisa, ukusebenza okuchanekileyo, ukhuseleko olusebenzayo kunye nezixhobo ezidibeneyo ze-cryptographic. Ubungakanani obupheleleyo bofakelo Inkqubo yesiseko ye-OpenBSD 6.5 yi-407 MB.
Ukongeza kwinkqubo yokusebenza ngokwayo, iprojekthi ye-OpenBSD yaziwa ngamacandelo ayo, athe asasazeka kwezinye iinkqubo kwaye azibonakalise njengenye yezisombululo ezikhuselekileyo nezikumgangatho ophezulu. Phakathi kwabo: ( OpenSSL), , isihluzo sepakethi , iidemon ezihambisayo , iseva ye-NTP , iseva yemeyile , i-terminal yokuphindaphinda isicatshulwa (ifana nesikrini se-GNU) , idaemon ngokuphunyezwa kwe-IDENT protocol, enye indlela ye-BSDL kwi-GNU groff package - , iprothokholi yokuququzelela iinkqubo zokunyamezela iimpazamo iCARP (iProtocol ye-Common Address Redundancy Protocol), ilula , into eluncedo yongqamaniso lwefayile .
Phakathi kwezona nguqu ziphawulekayo: uguqulelo oluphathekayo lwe-bgpd luye lwaziswa, lulungele ukusebenza kwezinye ii-OS, ukusetyenziswa kwe-Xenocara kunye namalungelo engcambu ye-tcpdump kuphelisiwe, i-LDD linker yenziwe ngokungagqibekanga kwi-amd64 kunye ne-i386, inkxaso ye-MPLS iye yafunyanwa. iphuculwe kakhulu, kwaye ukukhuselwa ngokuchasene nezenzo kunye nobuchule bokubuyela umva kuye kwaqiniswa inkqubo ejoliswe kuyo (i-ROP), i-recursive DNS server unwind iye yongezwa, i-detector yokuziphatha engachazwanga idibaniswe kwi-kernel, kunye nokuphunyezwa kwethu kwe-rsync utility. yaziswa.
Siseko :
- Xa ukwakhiwa kwe-amd64 kunye ne-i386 ye-architectures, i-LDD ikhonkco ephuhliswe yiprojekthi ye-LLVM isetyenziswa ngokungagqibekanga. Kwi-architecture ye-mips64, inkxaso yokwakha usebenzisa i-Clang yongezwe;
- Abaqhubi be-pvclock entsha ye-paravirtualized KVM timer kunye ne-ixl ye-Intel Ethernet 700. Umqhubi we-uaudio uthatyathelwe indawo ngokuphunyezwa okutsha ngenkxaso ye-USB Audio 2.0.
- Ukuphuculwa kokusebenza kwabaqhubi besixhobo esingenazingcingo bwfm, iwn, iwm kunye ne-athn. Inkxaso yemiyalezo ye-RTM_80211INFO yongezwe kwisitaki esingenazingcingo ukuhambisa ulwazi lwemeko yojongano oluneenkcukacha kwi-dhclient kunye nemiyalelo yendlela. Ukuziphatha okuthe cwaka xa uqhagamshelana neenethiwekhi ezingenazingcingo zitshintshiwe - ukuba unoluhlu olucwangcisiweyo lokudibanisa ngokuzenzekelayo, i-OpenBSD ayisadibanisi kwiinethiwekhi ezivulekileyo ezingaziwayo (ukubuyisela ukuziphatha kwangaphambili, unokongeza inethiwekhi engenanto kuluhlu);
- Isitaki sothungelwano sazisa ibpe entsha (UMboneleli woMda ongemva) kunye nempip (MPLS IP umaleko 2) abaqhubi besixhobo sokungengabo. Inkxaso eyongeziweyo yokumisela enye imimandla yomzila yeMPLS ujongano. Umqhubi we-vlan unikwe amandla ukudlula ukusetyenzwa komgca kunye nemveliso ngokuthe ngqo kujongano lwenethiwekhi yomzali. Imowudi ye-txprio eyongeziweyo kwi-ifconfig yokulawula ukufakwa kweekhowudi eziphambili kwizihloko zeepakethi ezinetonela (exhaswayo kwi-vlan, gre, gif kunye nabaqhubi be-etherip);
- Ekuphunyezweni kwesihluzi se-bpf, kuye kwenzeka ukuba kusetyenziswe indlela yokulahla ngaphandle kokubamba iipakethi. Olu phawu lusetyenziswa kwi-tcpdump ukucoca kwinqanaba lokuqala lepakethi efunyenwe sisixhobo;
- Umfakeli ubonelela ngenkxaso ukongeza umfanekiso wedisk kwikernel RAMDISK. Ukuqinisekisa ukususwa kwamanye amacandelo okukhutshwa kwakudala ngexesha lenkqubo yohlaziyo lwenkqubo;
- Ukufowuna kwenkqubo ephuculweyo , ebonelela ngofikelelo lwesixokelelwano sodwa. Uguqulelo olutsha longeza ubhaqo longqamaniso olunxulumene nolawulo lwenkqubo yangoku xa kusahlulahlula iindlela ezizalanayo. Ukusetyenziswa kwestat kunye nokufikelela kumacandelo endlela yefayile ethintelweyo akuvumelekanga. Kwizicelo ze-ospfd, ospf6d, rebound, getconf, kvm_mkdb, bdftopcf, Xserver, passwd, spamlogd, spamd, sensorsd, snmpd, htpasswd kunye ifstated, ukhuseleko usebenzisa isityhilelo siphunyeziwe;
- I-Clang iye yaphucula izixhobo zokuthintela ukusetyenziswa kweendlela zokubuyela kwi-return-oriented programming (ROP), eye yanciphisa kakhulu inani lezixhobo ze-polymorphic ezifunyenwe kwiifayile eziphunyeziweyo ze-i386 kunye ne-amd64 izakhiwo;
- UClang uye waphucula ukusebenza kunye nokhuseleko xa usebenzisa
indlela yokukhusela , ejolise ekufakeni nzima ukuphunyezwa kwemisebenzi eyakhiwe kusetyenziswa iziqwenga zokuboleka zekhowudi kunye nobuchule bokucwangcisa obujoliswe ekubuyiseleni. Ukukhawulezisa ukusebenza, idatha ifakwe kwiirejista endaweni ye-stack xa kunokwenzeka, kwaye i-cache yeprosesa isetyenziswe ngokufanelekileyo xa ibuya. I-RETGUARD ikwasetyenziswa ngoku endaweni yokhuseleko lwemfumba yemveli kwiinkqubo ze-amd64 kunye ne-arm64; - Izixhobo ezinxulumene ne-stack yenethiwekhi ziye zaphuculwa: Inkxaso yokucoca iipakethi ze-MPLS zongezwe kwi-pcap-filter. Ukukwazi ukuqwalasela izinto eziphambili zomzila zongezwe kwi-ospfd, ospf6d kunye ne-ripd. IN
ukhuseleko olusekwe kumatshini we-ripd . Ukongezwa kwe-sff kunye neendlela ze-sffdump kwi-ifconfig ukufumana ulwazi lokuxilonga kwii-transmitter zamehlo; - Ukukhutshwa kokuqala kwesisombululo esitsha kubonisiwe , eyenza i-recursive DNS imibuzo kwaye yamkele imidibaniso kuphela kwi-interface 127.0.0.1.
I-Unwind iyilelwe ukusetyenziswa kwiinkqubo zabaxhasi, ezifana neelaptops, ezihamba phakathi kweenethiwekhi ezahlukeneyo ezingenazingcingo. Ukuba ibona ukuvinjelwa kwe-DNS ye-traffic kwinethiwekhi yendawo, khulula utshintsho ekusebenziseni idilesi ye-DNS ye-recursive server idluliselwe nge-DHCP, kodwa iyaqhubeka izama ukusombulula ngokuzimeleyo kwaye ngokukhawuleza ukuba izicelo ezithe ngqo ziqala ukudlula, ibuyela ekufikeleleni ngokuzimeleyo. iiseva ze-DNS; - Kwi-bgpd, umsebenzi wenziwe ukunciphisa ukusetyenziswa kwememori, i-optimizer yemithetho elula yongezwa (idibanisa imithetho yokucoca eyahluke kuphela kwiisethi zokucoca), inkqubo yoqwalaselo ye-BGP MPLS VPN iye yatshintshwa, inkxaso ye-IPv6 BGP MPLS VPN yongezwa. , kwaye "njengoko-ukugqithisa" ukusebenza kuphunyeziwe ukuba kuthathelwe indawo ummelwane AS kwi-AS yendawo emikhondweni, yongeza ukukwazi ukuhambelana noluntu oluninzi kumgaqo omnye, ukongeza iimpawu ezintsha ezihambelanayo "*", "indawo-njenge" kunye "nommelwane." -njengoko", umsebenzi ophuculweyo kunye neeseti ezinkulu zemithetho, yongeza imiyalelo emitsha yokusebenza kunye namaqela eenkqubo ezizimeleyo ezizimeleyo ("iqela le-bgpctl elingummelwane", "i-bgpctl bonisa iqela lommelwane", "i-bgpctl bonisa iqela lommelwane iqela"), ukukwazi ukongeza uthungelwano kwiitafile ze-BGP VPN zongezwe kwi-bgpctl. Ngexesha lokuqala, inguqulelo ephathekayo ye-OpenBGPD-ephathwayo ilungisiwe, ilungele ukusebenza kwiinkqubo ngaphandle kwe-OpenBSD;
- Inketho eyongeziweyo ukufumana iimeko zokuziphatha okungachazwanga kwi-OpenBSD kernel.
- Usetyenziso lwe-tcpdump luphelisa ngokupheleleyo ukusetyenziswa kwamalungelo eengcambu;
- Ukusebenza okuphuculweyo kwe-malloc kwizicelo ezinemisonto emininzi;
- Uguqulelo lokuqala lwenkqubo yongezwe kuqulunqo ngokuphunyezwa kwayo kwesixhobo songqamaniso lwefayile yersync;
- Uguqulelo lweseva ye-imeyile ye-OpenSMTPD ihlaziywe, apho inqobo entsha yokuthelekisa "ukusuka kwi-rdns" yongezwe kwi-smtpd.conf, ekuvumela ukuba ukhethe iiseshini ezisekelwe kwisisombululo se-DNS esingasemva (ukugqiba igama lomninimzi nge-IP). Xa kukhangelwa kwiitheyibhile, ukukwazi ukusebenzisa iintetho eziqhelekileyo zongeziwe;
- Iphakheji ye-OpenSSH 8.0 ihlaziywe, inkcazo eneenkcukacha zophuculo inokufunyanwa ;
- Iphakheji ye-LibreSSL ihlaziywe, inkcazo ecacileyo yokuphuculwa inokufumaneka kwizibhengezo zokukhululwa ΠΈ ;
- I-Mandoc iphucule kakhulu imveliso ye-HTML, iphucula ukunikezelwa kwetafile, kwaye yongeza iflegi "-O" ukuvula iphepha ngenkcazo yegama elichaziweyo;
- Izakhono zesitaki semizobo yeXenocara zandisiwe: iseva ye-X ayisafuni kufakelo ngeflegi ye-setuid ukuze iqhube. Umqhubi we-radeonsi Mesa uquka inkxaso ye-hardware acceleration kwi-Southern Islands (i-Radeon HD 7000) kunye ne-Sea Islands (i-Radeon HD 8000) ye-GPUs;
- Izibuko ze-C++ zezakhiwo ezingaxhaswanga nguClang ngoku ziqulunqwe kusetyenziswa i-GCC ukusuka kumazibuko. Inani lamazibuko oyilo lwe-AMD64 laliyi-10602, ye-aarch64 - 9654, ye-i386 - 10535. Kwizicelo ezibekwe kumazibuko, oku kulandelayo kuqatshelwe:
- Inkwenkwezi 16.2.1
- I-Audacity 2.3.1
- I-CMake 3.10.2
- I-Chromium 73.0.3683.86
- I-FFmpeg 4.1.3
- I-GCC 4.9.4 kunye ne-8.3.0
- GNOME 3.30.2.1
- Yiya kwi-1.12.1
- I-JDK 8u202 kunye ne-11.0.2 + 9-3
- LLVM/Clang 7.0.1
- FreeOffice 6.2.2.2
- Lua 5.1.5, 5.2.4 kunye 5.3.5
- UMariaDB 10.0.38
- IMono 5.18.1.0
- IMozilla Firefox 66.0.2 kunye neESR 60.6.1
- IMozilla Thunderbird 60.6.1
- Indlela yeNode 10.15.0
- I-OpenLDAP 2.3.43 kunye ne-2.4.47
- PHP 7.1.28, 7.2.17 kunye 7.3.4
- I-Postfix 3.3.3 kunye ne-3.4.20190106
- IPostgreSQL 11.2
- IPython 2.7.16 kunye ne-3.6.8
- R 3.5.3
- IRuby 2.4.6, 2.5.5 kunye ne-2.6.2
- Umhlwa 1.33.0
- Thumela i-imeyile 8.16.0.41
- I-SQLite3 3.27.2
- IMeerkat 4.1.3
- Tcl/Tk 8.5.19 yaye 8.6.8
- I-TeX ihlala ngo-2018
- Vim 8.1.1048 kunye Neovim 0.3.4
- I-Xfce 4.12
- Izinto zeqela lesithathu zibandakanyiwe ne-OpenBSD 6.5:
- Xenocara isitakhi semizobo esekwe kwi-X.Org iseva 1.19.7 enamabala, i-freetype 2.9.1, fontconfig 2.12.4, Mesa 18.3.5, xterm 344, xkeyboard-config 2.20;
- LLVM/Clang 7.0.1 (eneziqwengana)
- I-GCC 4.2.1 (eneephetshi) kunye ne-3.3.6 (ineziqwengana)
- Perl 5.28.1 (eneziqwengana)
- I-NSD 4.1.27
- Ingabotshwanga 1.9.1
- Nurses 5.7
- I-Binutils 2.17 (eneziqendu)
- Gdb 6.3 (eneziqwengana)
- Awk 10 Aug, 2011
- Expat 2.2.6
umthombo: opennet.ru