In OpenBSD source tree code integrated with the new daemon identd IDENT protocol implementation (RFC 1413), designed to identify the user organization, establishing TCP-connection.
New identd developed in the depths of the OpenBSD project as a safe, high-performance replacement of the original BSD identd, caused by inetd.
New implementation itself handles the connection and starts to form a background process, and connections are handled in non-blocking mode using libevent. At the expense of the competent organization handling network connections and avoid the overhead associated with the launch of a new process for each request using inetd, the new implementation can dramatically increase the performance of the service IDENT. In addition, the new identd possible to parallel processing of client connections.
To ensure safety in the new identd support additional mechanisms such as the division and cancellation of privileges. Processing of the request is made after the transition to an isolated chroot-environment and reset privilege. To check the user uses an unprivileged process, with performance test does not block processing other requests.
Of yet unimplemented features old identd noted the lack of support download user ID information from the posted file in the home directory “. Ident”. Besides not fully processed until the error. Now the new identd is only available for use in OpenBSD, but you can count on the early emergence of portable version to support for other popular projects, OpenBSD, such as OpenSSH, packet filter PF, routing daemons and OpenBGPD OpenOSPFD, NTP-server OpenNTPD, mail server OpenSMTPD multiplexer text terminal (similar to GNU screen) tmux, BSDL-alternative package GNU groff – mandoc, protocols for fault-tolerant systems CARP (Common Address Redundancy Protocol).
Main link to news: