Documentation is good, so therefore more documentation must be better, right? A few examples where things may have gotten out of control.

more...

Some thoughts based on a series of tweets.

more...

Updated to chrome and noticed I couldn’t login to my own site.

www.tedunangst.com normally uses encryption to protect your information. When Google Chrome tried to connect to www.tedunangst.com this time, the website sent back unusual and incorrect credentials.

That’s mostly not wrong, although the “this time” is. The cert has never been fully trusted by chrome, but I click through because I’m a bad person. This time, however, there was no option to do so.

You cannot visit www.tedunangst.com right now because the website uses HSTS.

I mean, yes, I set the HSTS header, but that was with the same cert that chrome is now insisting can’t be trusted. Why in the world would you permanently store “must have trusted cert” on the basis of an untrusted cert?

I suppose this warning is too late to save anyone, but you can clear HSTS sites if necessary via chrome://net-internals/#hsts.

6.1 is old news.

Add 8265 and 3168 support to the iwm driver.

Zero some more kernel memory before use, to prevent padding leaks if the structures ever change.

Some changes to libtls. Allow retrieving the cert chain. This somewhat contradicts my original mandate for libtls that it not expose any gnarly X.509 details to the user, but certs are a fact of life and if you have to build a cert chain downloading tool, you’d want to use the cool API, no? Reality eventually corrupts all our dreams. Also, sneak peak, some adjustment to library internals to allow relayd’s privsep engine to work with libtls.

Give tmux clients names. There have been lots of small improvements to tmux over the past six months which haven’t seemed notable in isolation, but shoutout to all the little fixes, too.

Refinements to syslogd’s internal logging code. More consistency, less snowflake.

The neverending project to add sizes to free calls in the kernel is closer to ending.

64 bit bus address support for the msk driver, required for onboard nic in the Overdrive 1000 to work. And use MSI.

Quiesce sensors during suspend and resume so that callbacks aren’t running for detached drivers.

Introduce freezero to libc, a function that combines explicit_bzero and free, but in a potentially optimal way if the memory can be directly unmapped. Use it in a bunch of places.

Mention the installer bug that has the consequence that some users must remove a trailing /6.1 from the uri in the installurl file.

Wrapping up the best ever release.

Fix some bugs in scan_scaled. Add tests. Fix more bugs.

mandoc cgi mode redirects to better URLs.

Some fixes to vmd to handle controls sockets and TTYs and reboot and other edge cases better.

Configure and apply the multitouch-tracking functions of wsmouse.

Convert some code here and there to using recallocarray.

Improve documentation for the jungle that is sysctl.

Too many use after free bugs in USB drivers, so, for release, revert memory synchronization change to usbdi.c that only works if code elsewhere is correct.

Import dhcrelay6, a DHCPv6 relay, for people living in the past in the future.

The pledge group “ioctl” has been split into a few more targeted permissions.

Add slaacd, a Stateless Address AutoConfiguration Daemon, for people living in the future in the present.

Audio fixes for azalia on Kaby Lake processors.

A great many fixes to vmd to support guests other than OpenBSD. With seabios support, the new default, even penguins can fly.

Fix a leak of stack contents in kernel exec functions.

Kernel W^X comes to arm64.

Add “(compatible with GNU linkers)” to the lld version output so that configure scripts which only look for magic strings work.

Implement a driver for Marvell’s XHCI controller found on some arm devices.

Merge Mesa 13.0.6

TLS ticket support in httpd.

Add support for RFC4754 (ECDSA) and RFC7427 authentication to iked. Add support to reflect the responder IKEv2 COOKIE, as used by Azure.

Add signify public keys for syspatch for the current and next release.

Unlock tree, we are now hacking on 6.1-current.

Every once in a while somebody asks if they can run flak, and the answer is usually some variant of no, not right now, but maybe after I’m done rewriting it four times. Well, it’s been stuck at rewrite number 3 for quite a while, so time to push the button. Of course, putting code on the internet requires a place to put it, but Microsoft shut down Codeplex. Guess I have to build my own.

more...

Apple announced a new iPad today, so I bought a chromebook. Actually, I bought it a few days ago; it just happened to arrive today. It’s a 2 in 1 flip around touchscreen tablet laptop all in wonder. I’ve been doing a lot of reading recently on my other chromebook, but sometimes I wish the keyboard would just go away. And when I’m reading on an iPad, I wish I had a keyboard. Technology is all about convergence, right? Bring on the singularity.

more...

Sometimes I want to play a game. On Windows. On a laptop. That weighs three pounds. This kind of limits my options, but here’s a few games that worked out decently enough. Of course, some obvious choices like old school point and click games will run fine, but what I found is that even a number of retro pixel style games can be graphically intensive. It’s hard work looking easy.

more...

The OpenBSD 61. It comes at night.

more...

The hovertext for Friday’s xkcd Borrow Your Laptop asks for scrolling mapped to undo and redo. How hard can it be? There’s more than one way to do this, but the other ways are boring. What if we’re using a program that doesn’t allow rebinding keys or buttons?

more...