summarylogtreecommitdiffstats
path: root/openbgpd.changelog
blob: 37f73c132afc02cc56c6eea677ce7e896594ca9b (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60

## 8.2 - 2023-10-02
    * Update ASPA support to follow draft-ietf-sidrops-aspa-verification-16
      and draft-ietf-sidrops-aspa-profile-16 by making the ASPA lookup
      tables AFI-agnostic.

    * Fix a fatal error in the Linux netlink parser which was triggered
      because of a mismatched netlink message size.

    * Rework UPDATE message generation to use the new ibuf API instead
      of the hand-rolled solution before. 

    * Improve error message in bgpctl for features not supported by the
      portable version of OpenBGPD.

    * Adjusted example GRACEFUL_SHUTDOWN filter rule in the example config
      to only match on ebgp sessions.

## 8.1 - 2023-07-12
    * Include OpenBSD 7.3 errata 002:
      Avoid fatal errors in bgpd(8) due to incorrect refcounting and
      mishandling of ASPA objects. Fix bgpctl(8) 'show rib in' by renaming
      'invalid' into 'disqualified'.

    * Include OpenBSD 7.3 errata 006:
      Incorrect length handling of path attributes in bgpd(8) can lead to a
      session reset.

    * Include OpenBSD 7.3 errata 009:
      When tracking nexthops over IPv6 multipath routes, or when receiving
      a NOTIFICATION while reaching an internal limit, bgpd(8) could crash.

      When checking the next hop for IPv6 multipath routes, or when receiving
      a NOTIFICATION while reaching an internal limit, bgpd(8) could crash.

    * Add configure options to adjust WWW_USER and wwwrunstatedir.

    * Fix 'ext-community * *' matching which also affects filters removing
      all ext-commuinites.

    * Limit the socket buffer size to 64k for all sessions.
      Limiting the buffer size to a reasonable size ensures that not too many
      updates end up queued in the TCP stack.


## 8.0 - 2023-05-04
    * Include OpenBSD 7.3 errata 001 (link: https://www.openbsd.org/errata73.html#p001_bgpd):
      A new ASPA object appeared in the RPKI ecosystem and exposed bugs in
      bgpd(8) and rpki-client(8).

    * Introduce a semaphore to protect intermittent RTR session data 
      from being published to the RDE.

    * Add first version of flowspec support. Right now only announcement
      of flowspec rules is possible.

    * Improve and extend the bgpctl parser to handle commands like
      `bgpctl show rib 192.0.2.0/24 detail`. Also add various flowspec
      specific commands.

## This document contains the changelogs as posted in each release announcement on the OpenBSD mailing list.