October 29, 2004

OpenBSD 3.6 released

Author: Jem Matzan

OpenBSD project leader Theo de Raadt today announced the official release of OpenBSD 3.6 for 14 architectures. This regular release includes new support for the luna88k platform as well as a long list of enhancements such as SMP support for x86 and AMD64. Read on for details and download mirrors.

According to the press release from de Raadt, the following changes, bugfixes, additions and enhancements have been made to 3.6:

- New platform:

  • OpenBSD/luna88k
    Expanding the mvme88k porting effort by supporting Omron's
    line of 88100-based workstations.

- SMP support on OpenBSD/i386 and OpenBSD/amd64 platforms.

- New functionality:

  • A cleaned-up DHCP server and client implementation,
    now featuring privilege separation and safe defaults.
  • A new NTP daemon written from scratch, which ought to fit
    the needs of most NTP users.
  • pfctl(8) now provides a rules optimizer to help improve
    filtering speed.
  • The packet filter, pf(4), now supports nested anchors.
  • tcpdrop(8), a command to drop TCP connections.
  • The NMBCLUSTERS option has been eliminated, replaced by a
    sysctl with higher default values on many platforms.
  • Added support for cksum (three flavours), md4, sha256, sha384
    and sha512 to the md5(1) command.
  • Memory file systems created by the mount_mfs(8) command
    now can be populated immediately after creation.
  • New hotplugd(8) daemon and hotplug(4) device that
    watch for newly attached devices.
  • isakmpd(8) now supports NAT-traversal and Dead Peer Detection
    (RFC 3706).
  • strtonum(3), a simple, robust and therefore safe function
    to convert strings to numbers, has been added.
  • On the OpenBSD/sparc platform, StackGhost buffer overflow
    exploit protection has been added.
  • A generic IEEE 802.11 framework has been added.

- Improved hardware support, including:

  • Sangoma T1 and E1 cards (san(4)).
  • Jumbo frames now work reliably on em(4),
    sk(4), and ti(4) adapters.
  • USB 2.0 (ehci(4)) controllers.
  • AIC79xx-based Ultra320 SCSI adapters, such as the Adaptec
    29320 and 39320 (ahd(4)).
  • The i386 and amd64 CD bootloader code no longer emulates a
    floppy which improves the chances of booting on newer
  • New re(4) driver for Realtek 8169/8169S/8110S PCI
    Ethernet adapters.
  • New atw(4) driver for ADMtek ADM8211 802.11b wireless
  • New axe(4) driver for ASIX Electronics AX88172 USB
    Ethernet adapters.
  • New cdce(4) driver for Ethernet over USB bridges.
  • New ichpcib(4) driver for Intel ICHx/ICHx-M LPC PCI-ISA
  • New gscpcib(4) driver for National Semiconductor Geode
    SC1100 PCI-ISA bridges.
  • New iic(4) driver for Inter IC (I2C) master/slave buses.
  • New lmtemp(4) driver for National Semiconductor LM75/LM77
    temperature sensors.
  • New gscsio(4) driver for National Semiconductor Geode
    SC1100 Super I/O chips.
  • New gpio(4) driver and accompanying gpioctl(8)
    utility for supporting General Purpose Input/Output.
  • New mediabay(4) macppc driver for the ATA33 HD controller
    over removable CD.
  • hw.setperf sysctl hooks for PowerNow in AMD K6 and K7

- New functionality for bgpd(8), the Border Gateway Protocol Daemon:

  • Kernel memory management improvements now allow the full
    global routing table to be kept in memory without customizing
    or tuning.
  • Support for adding received prefixes to a pf(4) table.
  • Support for IPsec, both manually keyed and using IKE.
  • Support for setting BGP communities (RFC1997) on incoming and
    outbound UPDATES.
  • Support for NOPEER community (RFC3765).
  • Partial support for RFC2858 Multiprotocol Capabilities,
    currently only IPv4-unicast is announced.
  • Support for Route Reflection (RFC2796).
  • Support for dynamic network announcements.
  • Support for Route Refresh Capability (RFC2918).

- Improved NFS performance and reliability.

- Shared libraries and gcc 3.3.2 on the OpenBSD/hppa port.

- Privilege separation or revocation for the following programs:

  • afsd(8)
  • mopd(8)
  • pppoe(8)
  • rbootd(8)
  • dhcrelay(8), dhclient(8), and dhcpd(8)

- Over 2700 ports, 2500 pre-built packages.

- Many improvements for security and reliability (look for the red print in the complete changelog).

- As usual, many improvements in manual pages and other documentation.

- OpenSSH 3.9:

  • sshd(8) now re-executes itself on accepting a new
    connection. This security measure ensures that all
    execute-time randomizations are reapplied for each connection
    rather than once, for the master process' lifetime. This
    includes mmap and malloc mappings, shared library addressing,
    shared library mapping order, ProPolice and StackGhost
    cookies on architectures that support such things.
  • Selected environment variables can now be passed between the
    client and the server.
  • Session multiplexing: a single ssh connection can now carry
    multiple login/command/file transfer sessions.

- This release of OpenBSD includes the following major components from outside suppliers:

  • XFree86 4.4.0 unencumbered (+ patches, and i386 contains
    3.3.6 servers (+ patches) for chipsets not supported by 4.4).
  • Gcc 2.95.3 (+ patches) and 3.3.2 (+ patches)
  • Perl 5.8.5 (+ patches)
  • Apache 1.3.29, mod_ssl 2.8.16, DSO support (+ patches)
  • OpenSSL 0.9.7d (+ patches)
  • Groff 1.15
  • Sendmail 8.13.0, with libmilter
  • Bind 9.2.3 (+ patches)
  • Lynx 2.8.5rel.2 with HTTPS and IPv6 support (+ patches)
  • Sudo 1.6.7p5
  • Ncurses 5.2
  • Latest KAME IPv6
  • Heimdal 0.6rc1 (+ patches)
  • Arla 0.35.7
  • Binutils 2.14
  • Gdb 6.1

A complete list of changes since the 3.5 release can be found here.

Is this is the last CD release?

3.6 represents the 17th release of OpenBSD, 16 of which have been released on CD. But the future of OpenBSD CD releases seems to be in question due to a lack of 3.6 pre-order sales. OpenBSD users and supporters are encouraged to make a donation or buy a CD set or other merchandise to help financially support the project.

FTP mirrors and installation

OpenBSD maintains a list of download mirrors for installation images. Installation instructions are specific to architecture and can be found in the architecture's directory on any of the download mirrors. Instructions for the i386 (x86) FTP install can be found here. The CD sets install entirely from the CD and have paper instructions included.

Jem Matzan is the author of three
books, a freelance journalist and the editor-in-chief of The Jem Report.


  • BSD
Click Here!