Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 



Forgot your password?
typodupeerror
×
Operating Systems Encryption Open Source Security Software Upgrades BSD

OpenBSD 5.5 Released 128

ConstantineM (965345) writes "Just as per the schedule, OpenBSD 5.5 was released today, May 1, 2014. The theme of the 5.5 release is Wrap in Time, which represents a significant achievement of changing time_t to int64_t on all platforms, as well as ensuring that all of the 8k+ OpenBSD ports still continue to build and work properly, thus doing all the heavy lifting and paving the way for all other operating systems to make the transition to 64-bit time an easier task down the line. Signed releases and packages and the new signify utility are another big selling point of 5.5, as well as OpenSSH 6.6, which includes lots of DJB crypto like chacha20-poly1305, plus lots of other goodies."
This discussion has been archived. No new comments can be posted.

OpenBSD 5.5 Released

Comments Filter:
  • YAY for BSD (Score:5, Interesting)

    by CheshireDragon ( 1183095 ) on Thursday May 01, 2014 @12:01PM (#46890523) Homepage
    Even though I've never used it...
    • Re: (Score:3, Informative)

      by Anonymous Coward

      Fire up a VM and try it out, OpenBSD is a really nice OS to work with IMO.

    • Yep, that's pretty much what 99.7% of people can contribute to this discussion(maybe 95% of slashdotters specifically, but still).

      You can kinda go "Yay open source operating system that creates a bit of systemic competitive pressure to keep updating other open source operating systems through some really bizarre application of economics towards a system built around entirely free exchange"

      It gets real abstract.

      • If not for the lack of ZFS, I would use OpenBSD. Instead my fileserver is running FreeBSD 10.

        • Which file system do they use?
          • openbsd has the Unix FFS (up to about 1TB volume size) and FFS2 (up to 8 zettabytes volume size)

            • So FFS2 - how does it compare w/ ZFS, aside from license (which I'm assuming here is ISC, right?)
              • FFS2 is basically the original Berkeley FFS (also known as UFS, but there are at least half a dozen incompatible filesystems called UFS, so that just gets confusing) with some extensions. It basically just increases the size of various fields in the inode data structure so that various limits are much larger. I'm not familiar with the OpenBSD implementation, but on FreeBSD it also supports soft updates (where metadata and data writes are sequenced so that the filesystem is aways consistent, although fsck

                • Creating snapshots with ZFS is a O(1) operation.

                  That doesn't relate to any of the (layering) changes you listed. That's a simple byproduct of ZFS being a copy-on-write (CoW) file system, unlike most other popular file systems. But there are other CoW file systems out there, which similarly have O(1) snapshots.

              • OpenBSD does have soft updates which are optionally enabled at mount time. It also has software RAID 0 or 1, and 1 allows more than two volumes to be mirrored, kind of like a hot spare that doesn't need rebuild time.

                So it's not as full featured as ZFS, though compared to most linux filesystems the FFS and FFS2 are extremely robust at surviving unexpected power failure.

      • by wonkey_monkey ( 2592601 ) on Thursday May 01, 2014 @12:51PM (#46891239) Homepage

        It gets real abstract.

        Well, which is it?

    • Re: (Score:2, Informative)

      by Kremmy ( 793693 )
      There's a little bit of header, a little bit of license, BSD...

      It's the silent protagonist in the technological world - they build and refine the technology that seeps into all other operating systems.
      The code is licensed so liberally that Stallman's arguments literally boil down to "everyone can use it so it's not free".
      If you dig into the credits portion of almost any software, it's there.
      We all use BSD.
      • by Anonymous Coward

        Stallman has never called the BSD license non-free. You're either delusional or a liar.
        All free software licenses are wonderful for us users. Copyleft ones are also wonderful for free software as a whole.

      • by Anonymous Coward

        The code is licensed so liberally that Stallman's arguments literally boil down to "everyone can use it so it's not free".

        Given that Stallman's main organisation, the Free Software Foundation, almost actively supports [gnu.org] the BSD license, declaring it a Free Software License compatible with the GPL, I wonder what it is that drives you to say such a thing. A feeling that since the truth normally supports Richard, it's worth spreading almost any lie in the hope of discrediting him?

      • by Arker ( 91948 )
        "The code is licensed so liberally that Stallman's arguments literally boil down to "everyone can use it so it's not free"."

        Stallman has always acknowledged it as Free and continues to do so.

        Dont be a troll.
        • by Kremmy ( 793693 )
          That is EXACTLY what he is saying given his comments regarding LLVM.
          Referring to this [gnu.org] post in particular.
          His stance is a demonization of liberally licensed code, to a very unfortunate degree.
          I am absolutely not trolling when I say that man has given up freedom for ideology.
          • by Arker ( 91948 )
            "That is EXACTLY what he is saying given his comments regarding LLVM.
            Referring to this post in particular."

            I suggest you re-read his post. If your opinion has not corrected by then, you might need to seek remedial help in Reading or English. "EXACTLY" and "not at all" are not synonyms, and this is actually not at all what he is saying in that post.
    • you sure? your printer doesn't have have controller running BSD? or network appliance?

  • *Ahem* (Score:1, Funny)

    by Anonymous Coward

    oblig [xkcd.com]

    • by ledow ( 319597 )

      Except we're not on 64-bit.

      The full announcement tells you that a load of things had to be converted to unsigned 32-bit because that's all you could do.

      And they can conceivably affect things in your children's lifetimes (if not before, with long date calculations like mortgages etc.).

      Fact is, however, that system support for 64-bit time only means your taskbar clock will go up that far. It means nothing in terms of your application actually supporting and calculating things correctly once we get anywhere n

      • by fnj ( 64210 )

        Making time_t an int64_t instead of an int32_t has absolutely NOTHING to do with whether the architecture is 32 or 64 bits. An application that does time manipulations NOT using time_t is a stupid, broken application.

  • by Anonymous Coward on Thursday May 01, 2014 @12:10PM (#46890645)

    Before anyone asks, no, this new version of OpenBSD (version 5.5) does not include libReSSL yet.
    That's not how OpenBSD operates. Neat announcements made even a month before an OpenBSD release do not usually appear in the very next OpenBSD release. There are cutoffs/deadlines, and the OpenBSD group is far more interesting in ensuring reliability than flashy new code that is only partially ready.
    If you check the libReSSL.org website, libReSSL is planning to be included in OpenBSD 5.6, which I expect will be released on November 1, 2014. The OpenBSD group has a solid track record of making their official releases publicly available by the expected date.
    To see an overview on what did get included in this version (like signed packages), see the release notes (which is pointed to by the first hyperlink of this Slashdot news story).

  • by msauve ( 701917 ) on Thursday May 01, 2014 @12:12PM (#46890667)
    The next release is scheduled for a few years prior to Sunday, 4 December 292,277,026,596.
    • I was gonna ask - which year would people have to look out for now?
  • USB Installer! (Score:5, Informative)

    by Dimwit ( 36756 ) on Thursday May 01, 2014 @12:43PM (#46891107)

    There's a USB installation image for i386 and amd64! Finally! Dear lord, it's been years. That's as big a deal as the time_t thing for me.

    • by Anonymous Coward

      A more flexible way to create an OpenBSD flash installer:
      http://blog.breeno.net/2014/02/creating-flexible-openbsd-usb-installer.html

    • No, the biggest thing for me is the signed packages. For a security-focused distribution, the lack of signed packages seemed quite ironic.

  • NetBSD time_t (Score:4, Informative)

    by Anonymous Coward on Thursday May 01, 2014 @12:44PM (#46891121)

    I use OpenBSD almost exclusively, but in all fairness NetBSD was the first to move to a 64-bit time_t on all its platforms.

    Also, there's no chance that Linux would ever make such a jump. They'll invent something complex and annoying to maintain backward compatibility with all the proprietary crapware. OpenBSD and NetBSD can do it because they're not afraid to make everybody recompile their software.

    (For people who don't understand the issue: on NetBSD and OpenBSD time_t is now 64-bits, even on 32-bit platforms. So the 2038 problem is non-existent going forward, even for 32-bit software.)

    • I think you got it the other way around - it's Linux that's unafraid to break backwards compatibility, while the BSDs are pretty religious about that point
      • but this openbsd release is a "flag day" release, meaning it *will* break old binaries, they need to be recompiled.

  • by Anonymous Coward

    I have used OpenBSD a number of times over the years but when I have tried to use it as a high performance server it falls on its face. Has it gotten any better?

    • Re: (Score:3, Insightful)

      by Anonymous Coward

      OpenBSD is not meant to be the fastest or most scalable OS in the world -- just the safest. The right tool for the job. You use OpenBSD as a firewall in front of your high performance server, which can then run whatever OS you choose. I wouldn't trust anything else. More specifically, the bare bones, well documented, best practice coded, continuously audited, secure by default approach means you can deploy an OpenBSD firewall router with minimal effort and minimal worry. Save the worry and effort for t

  • Does this mean I don't have to worry about Tuesday January 19, 2038 at 03:14:07 UTC anymore? What's the new date/time when things will crash and burn?
    • by Jurily ( 900488 )

      Using a signed 64-bit value introduces a new wraparound date that is over twenty times greater than the estimated age of the universe: approximately 292 billion years from now, at 15:30:08 on Sunday, 4 December 292,277,026,596.

      • by NMBob ( 772954 )
        Yeah, but isn't it going to take like 10^500 (or is it 10^800?) years for all of the baryons to fizzle out? Rats. More code to write.
  • 5.5 base signify pubkey: RWRGy8gxk9N9314J0gh9U02lA7s8i6ITajJiNgxQOndvXvM5ZPX+nQ9h
    5.5 fw signify pubkey: RWTdVOhdk5qyNktv0iGV6OpaVfogGxTYc1bbkaUhFlExmclYvpJR/opO
    5.5 pkg signify pubkey: RWQQC1M9dhm/tja/ktitJs/QVI1kGTQr7W7jtUmdZ4uTp+4yZJ6RRHb5

  • Just an FYI, heartbleed is not fixed in 5.5 without extra (source) patches.

    See http://www.openbsd.org/errata5... [openbsd.org]

      002: SECURITY FIX: April 8, 2014 All architectures
    Missing bounds checking in OpenSSL's implementation of the TLS/DTLS heartbeat extension (RFC6520) which can result in a leak of memory contents.
    A source code patch exists which remedies this problem.

  • Does OBSD include support for Wayland in 5.5? Is it stated for a future version, or have they decided to stay w/ X11?

There are new messages.

Working...