9FRONT “CONTENTS, MAINTAINED, STABLE” RELEASED
http://9front.org/iso/9front-6350.c07f998304d6.iso.gz.torrent
http://9front.org/iso/9front-6350.c07f998304d6.iso.gz
dash 1 manual
http://fqa.9front.org/dash1.contentsmaintainedstable.pdf
NEW IN THIS RELEASE
this release featues some updates on wifi, especially support for transparent arp proxy on kernel wifi interfaces so wifi can be bridged just like ethernets (as used by vmx). improvements in ipv6 support. devbridge is in the default pc kernel configuration now. and many other bugfixes.
KERNEL AND DRIVERS
kernel: convert textmode cga screen contents to kmesg only once
kernel: initialize cyclefreq for machno > 0 in guesscpuhz()
kernel: remove Ipifc.mbps, unused.
pc: fix wrong simd exception mask (fixes go bootstrap)
pc64: fix kmap() and invlpg()
devbridge: disable write blocking on ethernets, fix mss clamping
devether: allow spoofing of source mac address for bridges; used by vmx
devether: dont forward loopback packets on bridges
devether: remove duplicated parseether() implementation (pull from libip)
devmnt: use u32int for tagmask, simplify alloctag()
devtls, devssl: avoid ~0UL comparsion (from drawterm)
devvga: removing #v/vgabios, use /dev/realmodemem instead
ether79c970: dont disable promisc mode when multicast table is not empty
ether8169: add Macv45 for RTL8111HN, rename Macv45 -> Macv42 (thanks qeed, sam-d)
ether8169: deal with kernel memory exhaution
ether82557: don’t turn off promisc mode when mcast table is not empty
etheriwl, etherwpi: limit transmit queue buffer bloat to 48k (at 22Mbit ≅ 20ms)
gre: don’t drop pptp packets when smaller than v4 header
ipv6: set router R-flag when sendra is active for neighbor advertisement
nusb/ether: dont forward loopback packets on bridges, remove read nonblocking hack
realemu: fix pit bcd mode, fix precedence bug in argconv() format routine (thanks dan cross)
usbxhci: add missing pexit() in xhcirecover proc (thanks sam-d)
wifi: don’t assume Wifi.rates[] is sorted, return net data rate for mbps (50% theoretical)
wifi: don’t implicitely update lastseen timestamp on nodelookup()
wifi: filter out loopback traffic from myself
wifi: get rid of custom hextob() routine, use dec16(), avoid copies in parsekey()
wifi: learn target ip address from neighbor advertisements in dmat proxy
wifi: matt damon wifi bridging support
wifi: revert rate adoption divider, breaks arpunks wifi
wifi: use protocol constants from ip/ip.h and ip/ipv6.h for dmatproxy()
LIBRARIES
libauth: add auth_respondAI() function to get AuthInfo for mschap/mschapv2
libauth: fix out of bounds memory access in _parseattr()
libauth: remove auth_wep() function, and non-existing httpauth() declaration
libauth: simplify _attrfmt() using fmtprint() avoiding stack buffer
libc: constant time implementation for encode(2) routines, fix base32
libc: make encXchr()/decXchr() functions available
libflate: force non-empty huffman table in mkzprecode() for deflate
libmp: use constant time encode(2) routines instead of lookup tables
libndb: retire deprecated csgetval(), ndbgetval() and ndblookval() functions
libsec: avoid unneccesary memory copies and redundant code in x509
libsec: fix mistake: strnchr -> strchr
libsec: get rid of dummy data[1] in Bytes and Ints types (thanks pr)
libsec: implement SPKI fingerprinting for okCertificate()
libsec: remove asn1toDSApriv()
libauth: remove auth_wep.$O from mkfile
PROGRAMS
auth/dsa: remove asn12dsa, dsa2pub, dsa2ssh and dsagen
auth/asn1dump: include in mkfile
authsrv: fix chap, implement mschapv2 authentication, include MPPE secret in the ticket
aux/wpa: get rid of custom Hfmt() routine, just use encodefmt. use %E for mac addresses
disk/edisk: allow printing and readonly inspection of hybrid MBR/GPT disks (thanks aiju)
factotum: implement mschapv2 role=server authentication (for ppp)
factotum: remove legacy wep protocol
factotum: remove unused sshrsa.c
factotum: replace custom hex parsing code with dec16() avoding timing side channels
ip/dhcpd: remove old testing code
ip/ipconfig: add v6 deault route from router advertisements
ip/ipconfig: set on-link flag in router advertisement prefix info (fixes windows7)
ip/ipconfig: use 2000::/3 instead of ::/0 for v6 default route
ip/ipconfig: don’t put automatic link-local address configuration in /net/ndb
ip/ppp: mschapv2 support
ip/ppp: remove left over debug print
ip/pptpd: don’t mess with ipifc (handled by ppp), slay note gorup on exit
ip/tinc: handle and set ethertype for ipv6
ip/tinc: handle single byte noop and end-of-option-list tcp options in clampmss()
ip: make pkt interfaces unbind on close (from inferno)
ndb/cs: handle v4 only case for rudp
ndb/dns: fix leak in myaddr(), normalize ip strings, cleanup
rconnect: support -t timeout for aan like in drawterm; also rcpu, rexport/import
stats: show amount of reclaimable pages (add -r flag)
sysinfo: #c/swap -> #¶/swap
tlsclient: allow dumping the server’s certificate with new -d flag
tlsclient: remove X509dump() call, writes to fd 1
tlssrv: remove usage reference to lost auth/secretpem
upas/fs: deal with imap returning more uid’s than allocated from previus “messages” command
upas/fs: fix precedence bugs, compare digest pointer to nil
upas/fs: try to deal with nil mail body (can happen when fetch fails)
venti/conf: fix padding so we write multiple of sector size
venti: fix wrong channel element size for amd64 (thanks mycroftiv)
DOCUMENTATION
arch(3): document #P/realmodemem file
auth(8): auth/debug tests both dp9ik and p9sk1
bridge(3): clarify manpage, this is a layer2 bridge
factotum(4): document dp9ik, update protocol list
ipconfig(8): remove dhcp mention from -6 example
listen(8): add -a option to restrict announce address
ppp(8): remove BUGS section, client auth has been fixed.
vmx(1): fix virtio network bloomfilter
webfs(4): document -d and -D flags
OTHER
/lib/bullshit: +converged +blockchain
/sys/lib/dist/mkfile: fix cfg/plan9.ini dependency (only visible after binds)
/sys/lib/dist: split 9boot into 9bootproto, make .386.iso and .amd64.iso targets
inst: determine kernel for bootsetup from $bootfile and $cputype
fortunes: Subject: [oss-security] nvi denial of service