9FRONT “CONTENTS, MAINTAINED, STABLE” RELEASED

front

http://9front.org/iso/9front-6350.c07f998304d6.iso.gz.torrent

http://9front.org/iso/9front-6350.c07f998304d6.iso.gz

dash 1 manual

http://fqa.9front.org/dash1.contentsmaintainedstable.pdf

NEW IN THIS RELEASE

this release featues some updates on wifi, especially support for transparent arp proxy on kernel wifi interfaces so wifi can be bridged just like ethernets (as used by vmx). improvements in ipv6 support. devbridge is in the default pc kernel configuration now. and many other bugfixes.

KERNEL AND DRIVERS

kernel: convert textmode cga screen contents to kmesg only once

kernel: initialize cyclefreq for machno > 0 in guesscpuhz()

kernel: remove Ipifc.mbps, unused.

pc: fix wrong simd exception mask (fixes go bootstrap)

pc64: fix kmap() and invlpg()

devbridge: disable write blocking on ethernets, fix mss clamping

devether: allow spoofing of source mac address for bridges; used by vmx

devether: dont forward loopback packets on bridges

devether: remove duplicated parseether() implementation (pull from libip)

devmnt: use u32int for tagmask, simplify alloctag()

devtls, devssl: avoid ~0UL comparsion (from drawterm)

devvga: removing #v/vgabios, use /dev/realmodemem instead

ether79c970: dont disable promisc mode when multicast table is not empty

ether8169: add Macv45 for RTL8111HN, rename Macv45 -> Macv42 (thanks qeed, sam-d)

ether8169: deal with kernel memory exhaution

ether82557: don’t turn off promisc mode when mcast table is not empty

etheriwl, etherwpi: limit transmit queue buffer bloat to 48k (at 22Mbit ≅ 20ms)

gre: don’t drop pptp packets when smaller than v4 header

ipv6: set router R-flag when sendra is active for neighbor advertisement

nusb/ether: dont forward loopback packets on bridges, remove read nonblocking hack

realemu: fix pit bcd mode, fix precedence bug in argconv() format routine (thanks dan cross)

usbxhci: add missing pexit() in xhcirecover proc (thanks sam-d)

wifi: don’t assume Wifi.rates[] is sorted, return net data rate for mbps (50% theoretical)

wifi: don’t implicitely update lastseen timestamp on nodelookup()

wifi: filter out loopback traffic from myself

wifi: get rid of custom hextob() routine, use dec16(), avoid copies in parsekey()

wifi: learn target ip address from neighbor advertisements in dmat proxy

wifi: matt damon wifi bridging support

wifi: revert rate adoption divider, breaks arpunks wifi

wifi: use protocol constants from ip/ip.h and ip/ipv6.h for dmatproxy()

LIBRARIES

libauth: add auth_respondAI() function to get AuthInfo for mschap/mschapv2

libauth: fix out of bounds memory access in _parseattr()

libauth: remove auth_wep() function, and non-existing httpauth() declaration

libauth: simplify _attrfmt() using fmtprint() avoiding stack buffer

libc: constant time implementation for encode(2) routines, fix base32

libc: make encXchr()/decXchr() functions available

libflate: force non-empty huffman table in mkzprecode() for deflate

libmp: use constant time encode(2) routines instead of lookup tables

libndb: retire deprecated csgetval(), ndbgetval() and ndblookval() functions

libsec: avoid unneccesary memory copies and redundant code in x509

libsec: fix mistake: strnchr -> strchr

libsec: get rid of dummy data[1] in Bytes and Ints types (thanks pr)

libsec: implement SPKI fingerprinting for okCertificate()

libsec: remove asn1toDSApriv()

libauth: remove auth_wep.$O from mkfile

PROGRAMS

auth/dsa: remove asn12dsa, dsa2pub, dsa2ssh and dsagen

auth/asn1dump: include in mkfile

authsrv: fix chap, implement mschapv2 authentication, include MPPE secret in the ticket

aux/wpa: get rid of custom Hfmt() routine, just use encodefmt. use %E for mac addresses

disk/edisk: allow printing and readonly inspection of hybrid MBR/GPT disks (thanks aiju)

factotum: implement mschapv2 role=server authentication (for ppp)

factotum: remove legacy wep protocol

factotum: remove unused sshrsa.c

factotum: replace custom hex parsing code with dec16() avoding timing side channels

ip/dhcpd: remove old testing code

ip/ipconfig: add v6 deault route from router advertisements

ip/ipconfig: set on-link flag in router advertisement prefix info (fixes windows7)

ip/ipconfig: use 2000::/3 instead of ::/0 for v6 default route

ip/ipconfig: don’t put automatic link-local address configuration in /net/ndb

ip/ppp: mschapv2 support

ip/ppp: remove left over debug print

ip/pptpd: don’t mess with ipifc (handled by ppp), slay note gorup on exit

ip/tinc: handle and set ethertype for ipv6

ip/tinc: handle single byte noop and end-of-option-list tcp options in clampmss()

ip: make pkt interfaces unbind on close (from inferno)

ndb/cs: handle v4 only case for rudp

ndb/dns: fix leak in myaddr(), normalize ip strings, cleanup

rconnect: support -t timeout for aan like in drawterm; also rcpu, rexport/import

stats: show amount of reclaimable pages (add -r flag)

sysinfo: #c/swap -> #¶/swap

tlsclient: allow dumping the server’s certificate with new -d flag

tlsclient: remove X509dump() call, writes to fd 1

tlssrv: remove usage reference to lost auth/secretpem

upas/fs: deal with imap returning more uid’s than allocated from previus “messages” command

upas/fs: fix precedence bugs, compare digest pointer to nil

upas/fs: try to deal with nil mail body (can happen when fetch fails)

venti/conf: fix padding so we write multiple of sector size

venti: fix wrong channel element size for amd64 (thanks mycroftiv)

DOCUMENTATION

arch(3): document #P/realmodemem file

auth(8): auth/debug tests both dp9ik and p9sk1

bridge(3): clarify manpage, this is a layer2 bridge

factotum(4): document dp9ik, update protocol list

ipconfig(8): remove dhcp mention from -6 example

listen(8): add -a option to restrict announce address

ppp(8): remove BUGS section, client auth has been fixed.

vmx(1): fix virtio network bloomfilter

webfs(4): document -d and -D flags

OTHER

/lib/bullshit: +converged +blockchain

/sys/lib/dist/mkfile: fix cfg/plan9.ini dependency (only visible after binds)

/sys/lib/dist: split 9boot into 9bootproto, make .386.iso and .amd64.iso targets

inst: determine kernel for bootsetup from $bootfile and $cputype

fortunes: Subject: [oss-security] nvi denial of service

http://okturing.com/src/2115/body

back