ukukhululwa kwesistimu yokusebenza efana ne-UNIX yamahhala, ehlangene . Iphrojekthi ye-OpenBSD yasungulwa nguTheo de Raadt ngonyaka we-1995, ngemuva kwalokho nabathuthukisi be-NetBSD, ngenxa yalokho u-Teo enqatshelwe ukufinyelela inqolobane ye-NetBSD CVS. Ngemuva kwalokhu, u-Theo de Raadt kanye neqembu labantu abanomqondo ofanayo badala uhlelo olusha oluvulekile olusekelwe esihlahleni somthombo we-NetBSD, izinhloso eziyinhloko okwakuwukuphatheka ( 13 izingxenyekazi zehadiwe), ukumisa, ukusebenza okulungile, ukuphepha okusebenzayo kanye namathuluzi ahlanganisiwe we-cryptographic. Usayizi wokufaka ogcwele I-OpenBSD 6.5 base system ingu-407 MB.
Ngaphezu kwesistimu yokusebenza ngokwayo, iphrojekthi ye-OpenBSD yaziwa ngezingxenye zayo, eziye zanda kakhulu kwezinye izinhlelo futhi ziye zazibonakalisa njengenye yezixazululo eziphephile nezisezingeni eliphezulu. Phakathi kwazo: ( I-OpenSSL), , isihlungi sephakethe , amademoni ahambisa umzila , iseva ye-NTP , iseva yemeyili , i-terminal multiplexer yombhalo (efana nesikrini se-GNU) , daemon ngokuqaliswa kwephrothokholi ye-IDENT, enye indlela ye-BSDL kuphakheji ye-GNU groff - , umthetho olandelwayo wokuhlela izinhlelo ezibekezelela amaphutha i-CARP (I-Common Address Redundancy Protocol), engasindi , insiza yokuvumelanisa ifayela .
Phakathi kwezinguquko eziphawuleka kakhulu: inguqulo ephathekayo ye-bgpd yethuliwe, yashintshwa ukuze isebenze kwamanye ama-OS, ukusetshenziswa kwe-Xenocara kanye namalungelo empande ye-tcpdump kususiwe, isixhumanisi se-LDD sinikwe amandla ngokuzenzakalelayo ku-amd64 ne-i386, ukwesekwa kwe-MPLS kuye kwaqedwa. kuthuthukiswe kakhulu, futhi nokuvikelwa ekuxhashazweni ngamasu okubuyisela emuva kuqinisiwe.I-oriented programming (ROP), ukuphumula okulula kweseva ye-DNS yengeziwe, umtshina wokuziphatha ongachazwanga uhlanganiswe ku-kernel, futhi ukwethulwa kwethu kwensiza ye-rsync kuye kwaba nemiphumela engemihle. yethulwe.
main :
- Uma wakhela i-amd64 kanye ne-i386 architectures, isixhumanisi se-LDD esakhiwe iphrojekthi ye-LLVM sisetshenziswa ngokuzenzakalelayo. Ngokwakhiwa kwe-mips64, ukusekelwa kwesakhiwo kusetshenziswa i-Clang kungeziwe;
- Izishayeli ze-pvclock ezintsha zesibali sikhathi se-KVM esine-paravirtualized kanye ne-ixl ye-Intel Ethernet 700. Umshayeli we-uaudio ushintshiwe ngokuqaliswa okusha ngosekelo lwe-USB Audio 2.0.
- Ukusebenza okuthuthukisiwe kwabashayeli bedivayisi engenantambo bwfm, iwn, iwm kanye ne-athn. Usekelo lwemilayezo ye-RTM_80211INFO yengezwe kusitaki esingenantambo ukuze kudluliselwe ulwazi lwesimo sokusebenzelana okunemininingwane ku-dhclient nemiyalo yomzila. Ukuziphatha okuthulile lapho uxhuma kumanethiwekhi angenawaya kushintshiwe - uma unohlu olumisiwe lokuxhuma ngokuzenzakalela, i-OpenBSD ayisaxhumani namanethiwekhi avulekile angaziwa (ukubuyisela ukuziphatha kwangaphambilini, ungakwazi ukwengeza inethiwekhi engenalutho ohlwini);
- Isitaki senethiwekhi sethula i-bpe entsha (I-Backbone Provider Edge) ne-mpip (MPLS IP layer 2) abashayeli bamanga bedivayisi. Ukwesekwa okwengeziwe kokumisa ezinye izizinda zomzila ze-MPLS interface. Umshayeli we-vlan unikwe amandla okudlula ukucutshungulwa komugqa kanye nokukhiphayo ngokuqondile kusixhumi esibonakalayo senethiwekhi yomzali. Kwengezwe imodi ye-txprio ku-ifconfig ukuze kulawulwe ukubhala ngekhodi okubalulekile kumaheda amaphakethe ashunqelwe (isekelwe kubashayeli be-vlan, gre, gif kanye ne-etherip);
- Ekusetshenzisweni kwesihlungi se-bpf, kube nokwenzeka ukusebenzisa indlela yokudonsa ngaphandle kokubamba amaphakethe. Lesi sici sisetshenziswa ku-tcpdump ukuhlunga esigabeni sokuqala sephakethe elitholwa idivayisi;
- Isifaki sinikeza ukusekela ukwengeza isithombe sediski ku-kernel RAMDISK. Uqinisekise ukususwa kwezinye izingxenye zokukhishwa okudala phakathi nenqubo yokubuyekeza isistimu;
- Ikholi yesistimu ethuthukisiwe , ehlinzeka ngokuhlukaniswa kokufinyelela kwesistimu yefayela. Inguqulo entsha yengeza ukutholwa kokufana okuhlobene nohla lwemibhalo olusebenzayo lwenqubo yamanje lapho kudluliswa izindlela ezihlobene. Ukusetshenziswa kwezibalo nokufinyelela kwezingxenye zendlela yefayela ekhawulelwe akuvunyelwe. Kuzinhlelo zokusebenza i-ospfd, ospf6d, rebound, getconf, kvm_mkdb, bdftopcf, Xserver, passwd, spamlogd, spamd, sensorsd, snmpd, htpasswd kanye ne-ifstated, ukuvikelwa kusetshenziswa ukuvezwa kuyasetshenziswa;
- U-Clang uthuthukise amathuluzi okuvimbela ukusetshenziswa kwamasu okuhlela okugxile ekubuyiseleni (ROP), okunciphise kakhulu inani lamagajethi e-polymorphic atholakala kumafayela asebenzisekayo angumphumela wezakhiwo ze-i386 ne-amd64;
- I-Clang ithuthukise ukusebenza nokuphepha uma usebenzisa
indlela yokuvikela , okuhloswe ngayo ukwenza kube nzima ukwenziwa kokuxhashazwa okwakhiwa kusetshenziswa izingcezu zokuboleka zekhodi nezindlela zokuhlela ezigxile ekubuyiseleni. Ukuze kusheshiswe ukusebenza, idatha ifakwa kumarejista esikhundleni sesitaki noma nini lapho kunokwenzeka, futhi inqolobane yokucubungula isetshenziswa kahle kakhulu lapho ibuya. I-RETGUARD manje isisetshenziswa esikhundleni sokuvikela isitaki sendabuko kumasistimu we-amd64 kanye ne-arm64; - Izinsiza ezihlobene nesitaki senethiwekhi zithuthukisiwe: Usekelo lokuhlunga amaphakethe e-MPLS lwengezwe kusihlungi se-pcap. Amandla okumisa okuhamba phambili komzila lengezwe ku-ospfd, ospf6d ne-ripd. IN
ukuvikela okusekelwe kumshini we-ripd . Kungezwe izindlela ze-sff ne-sffdump ku-ifconfig ukuze uthole ulwazi lokuxilonga kuma-transmitter optical; - Ukukhishwa kokuqala kwesixazululi esisha kwethulwe , ecubungula imibuzo ye-DNS ephindaphindayo futhi yamukela ukuxhumana kuphela kusixhumi esibonakalayo 127.0.0.1.
I-Unwind yakhelwe ukusetshenziswa ezinhlelweni zeklayenti, njengamakhompyutha aphathekayo, ezihamba phakathi kwamanethiwekhi ahlukene angenantambo. Uma ithola ukuvinjwa kwethrafikhi ye-DNS kunethiwekhi yendawo, khulula amaswishi ekusebenziseni ikheli leseva ye-DNS ephindaphindayo edluliswa nge-DHCP, kodwa iyaqhubeka nokuzama ukuxazulula ngokuzimela futhi ngokushesha nje lapho izicelo eziqondile ziqala ukudlula, ibuyela ekufinyeleleni ngokuzimela. amaseva e-DNS; - Ku-bgpd, kwenziwe umsebenzi wokunciphisa ukusetshenziswa kwememori, i-optimizer yemithetho elula yengeziwe (ihlanganisa imithetho yokuhlunga ehluke kuphela kumasethi okuhlunga), inqubo yokumisa ye-BGP MPLS VPN ishintshiwe, ukusekelwa kwe-IPv6 BGP MPLS VPN kungeziwe. , kanye nokusebenza kwe-"as-override" kusetshenziswe esikhundleni sikamakhelwane u-AS kuya ku-AS wendawo emikhondweni, yengeza ikhono lokufanisa nemiphakathi eminingana emthethweni owodwa, yengeza izici ezintsha ezifanayo "*", "indawo-njengoba" kanye "nomakhelwane -njengoba", umsebenzi othuthukisiwe onamasethi amakhulu emithetho, wengeza imiyalo emisha yokusebenza namaqembu amasistimu angomakhelwane azimele (“iqembu le-bgpctl elingumakhelwane”, “iqembu le-bgpctl khombisa umakhelwane”, “iqembu le-bgpctl bonisa ubambo lomakhelwane”), ikhono lokwengeza amanethiwekhi kumathebula e-BGP VPN yengezwe ku-bgpctl. Ngokokuqala ngqa, inguqulo ephathekayo ye-OpenBGPD-ephathekayo isilungisiwe, ilungele ukusebenza kwezinye izinhlelo ngaphandle kwe-OpenBSD;
- Inketho eyengeziwe ukuthola izimo zokuziphatha okungachazwanga ku-OpenBSD kernel.
- Insiza ye-tcpdump iqeda ngokuphelele ukusetshenziswa kwamalungelo ezimpande;
- Ukusebenza okuthuthukisiwe kwe-malloc ezinhlelweni ezinezintambo eziningi;
- Inguqulo yokuqala yohlelo yengezwe ekwakhiweni ngokuqaliswa kwayo kwensiza yokuvumelanisa ifayela le-rsync;
- Inguqulo yeseva yemeyili ye-OpenSMTPD ibuyekeziwe, lapho umbandela omusha wokuqhathanisa othi “kusuka ku-rdns” wengezwe ku-smtpd.conf, okuvumela ukuthi ukhethe izikhathi ezisekelwe ekulungisweni kwe-DNS ehlehlayo (enquma igama lomsingathi nge-IP). Lapho usesha kumathebula, ikhono lokusebenzisa izinkulumo ezivamile lingeziwe;
- Iphakheji ye-OpenSSH 8.0 ibuyekeziwe, ukubuyekezwa okuningiliziwe kokuthuthukiswa kungatholakala ;
- Iphakheji ye-LibreSSL ibuyekeziwe, ukubuka konke okunemininingwane yokuthuthukiswa kungatholakala kuzimemezelo zokukhishwa и ;
- I-Mandoc ithuthukise ngokuphawulekayo okukhiphayo kwe-HTML, ithuthukise ukunikezwa kwethebula, futhi yengeza ifulegi elithi “-O” ukuze uvule ikhasi elinencazelo yetemu elishiwo;
- Amandla esitaki sezithombe ze-Xenocara anwetshiwe: iseva ye-X ayisadingi ukufakwa ngefulegi le-setuid ukuze isebenze. Umshayeli we-radeonsi Mesa uhlanganisa ukusekelwa kwe-hardware acceleration for the Southern Islands (Radeon HD 7000) kanye ne-Sea Islands (Radeon HD 8000) GPUs;
- Izimbobo ze-C++ zezakhiwo ezingasekelwe yi-Clang manje sezihlanganiswa kusetshenziswa i-GCC evela ezimbotsheni. Inombolo yezimbobo ze-AMD64 architecture yayingu-10602, ye-aarch64 - 9654, ye-i386 - 10535. Kuzinhlelo zokusebenza ezitholakala ezikhumulweni, okulandelayo kuyaphawulwa:
- I-Asterisk 16.2.1
- I-Audacity 2.3.1
- I-CMake 3.10.2
- I-Chromium 73.0.3683.86
- FFmpeg 4.1.3
- I-GCC 4.9.4 kanye ne-8.3.0
- I-GNOME 3.30.2.1
- Iya ku-1.12.1
- I-JDK 8u202 kanye ne-11.0.2+9-3
- I-LLVM/Clang 7.0.1
- LibreOffice 6.2.2.2
- I-Lua 5.1.5, 5.2.4 kanye no-5.3.5
- UMariaDB 10.0.38
- IMono 5.18.1.0
- I-Mozilla Firefox 66.0.2 kanye ne-ESR 60.6.1
- IMozilla Thunderbird 60.6.1
- I-Node.js 10.15.0
- I-OpenLDAP 2.3.43 kanye ne-2.4.47
- I-PHP 7.1.28, 7.2.17 kanye ne-7.3.4
- I-Postfix 3.3.3 kanye ne-3.4.20190106
- I-PostgreSQL 11.2
- I-Python 2.7.16 kanye ne-3.6.8
- R 3.5.3
- I-Ruby 2.4.6, 2.5.5 kanye no-2.6.2
- Ukugqwala 1.33.0
- I-Sendmail 8.16.0.41
- I-SQLite3 3.27.2
- I-Meerkat 4.1.3
- Tcl/Tk 8.5.19 kanye 8.6.8
- I-TeX Live 2018
- I-Vim 8.1.1048 kanye ne-Neovim 0.3.4
- I-Xfce 4.12
- Izingxenye zezinkampani zangaphandle ezifakwe ne-OpenBSD 6.5:
- Isitaki sezithombe ze-Xenocara esisekelwe kuseva ye-X.Org 1.19.7 enamapeshi, i-freetype 2.9.1, fontconfig 2.12.4, Mesa 18.3.5, xterm 344, xkeyboard-config 2.20;
- I-LLVM/Clang 7.0.1 (eneziqephu)
- I-GCC 4.2.1 (eneziqephu) kanye no-3.3.6 (eneziqephu)
- I-Perl 5.28.1 (eneziqephu)
- I-NSD 4.1.27
- Ukukhulula 1.9.1
- Abahlengikazi 5.7
- I-Binutils 2.17 (eneziqephu)
- I-Gdb 6.3 (eneziqephu)
- Awk Aug 10, 2011
- Expat 2.2.6
Source: opennet.ru