Peter Avalos updated libpcap and tcpdump. This is on master, not the 3.0 branch.
A bit of symmetry in that title, there. Old ATA, which was replaced years ago, is finally gone. This should affect nobody…
John Marino has added support for RELRO in DragonFly, which makes it the first BSD to have it. That’s great news! What is it? Apparently a guard against memory corruption or overflow in the linker. His commit message gives better details.
Matthias Schmidt found a discussion about DragonFly’s password encryption. The result, if I am reading it correctly, is that brute-forcing the password from available hashes is quicker than it should be. Matthias also found a contributed fix. Samuel Greear updated to match the reference SHA implementation also in Linux, with this very pertinent warning.
Matthew Dillon has a very detailed commit message with changes to make sure Hammer will run overnight cleanups in situations as low as 256M of RAM. I think you can find that much RAM in breakfast cereal boxes these days.
What happens when you break enough things in DragonFly that you become a source of test cases? As Antonio Huete Jimenez (AKA “tuxillo” on IRC) found out, you get a stress test named after you.
Nuno Antunes has committed a large quantity of work on updating netgraph to version 7. His goal is to be able to run mpd5, though it’s not there yet. If you want to look at it, go to the monthly page and look around the 10th; there’s too much to link to individually.
Peter Avalos has updated OpenSSL to 1.0.0f; this is to fix 6 security issues identified in the OpenSSL changelog.
You may want to update for this – a lockup bug with the re(4) (RealTek 8xxx series) driver has been fixed.
dma, which originated on DragonFly, is now at version 0.7, and so is the version in DragonFly.
John Marino updated libm, bringing a large quantity of functions. This may be a stopgap measure for now. As a positive side effect, buffer overflow attacks are a bit harder now.
The recently discovered telnetd vulnerability has been fixed in DragonFly, thanks to Peter Avalos. Apparently it’s been around everywhere forever. (last link via xhr) Hopefully there aren’t that many people that still need a telnet daemon; SSH has run it out of town for the most part.
Since I’m already talking about imports, several changes from FreeBSD and OpenBSD for NFS, plus more original material, have been brought in by Venkatesh Srinivas. Those changes from FreeBSD apparently improve NFS write performance, though I don’t have numbers to show.
There’s been a rare segfault present in DragonFly for quite some time. It’s been difficult to reproduce, and the 2.12 release due some months ago was held up specifically to fix it. Matthew Dillon was, after many days (months?) of work, able to replicate it reliably and eventually find a way around what appears to be a new AMD-specific bug. Read his very detailed explanation of what he did to get to this point.
Francois Tigeot benchmarked his accounting work with blogbench, and posted a PDF with the results. Dmitrij D. Czarkoff made a simpler graph, which can be used to draw the conclusion: blogbench didn’t work well for estimating the impact of VFS accounting. If you want to try accounting yourself, put vfs.accounting_enabled="1" in your /boot/loader.conf.
(The normal DragonFly mailarchive isn’t updating because it feeds from DragonFly NNTP, and that’s not updating, so I’m using Gmane for post links.)
There is now a NO_BINUTILS221 option, added by Sascha Wildner, that will keep your system from building binutils 2.21 during a buildworld. The system will still build binutils 2.22, so there will still be a functioning ld on the system. Use this along with NO_GCC41 (so only gcc 4.4 gets built) to speed up your buildworlds, if you like.
If you’re looking to use IPMI and remotely watch the console of another system, Matthew Dillon has made some changes to help with that.
I’ve had a bunch of posts like this so far, but that’s not a bad thing. Sepherosa Ziehau has a pair of optimizations that appear to make performance with big pipes (1G) and tiny packets (18b, if I read correctly) reach near the physical maximum for 1000-base-T Ethernet.
Francois Tigeot has been working for quite a while on a VFS accounting system. It doesn’t restrict to a quota (yet), but it will give you byte totals for each mounted filesystem. It has been committed, so it looks like a good way to tell which PFS is eating your disk.
Update: Francois pointed out he’s still adding parts for this. So it’s not quite done yet, but soon.