moin moin hi! hi hi moin! okay, since novaflash will not attend the meeting let me start with the first topic +1 "Adding explicit license for ​openvpn-buildbot" I don't have particular opinions, but typically I use BSD-2-Clause for stuff where the license does not matter much yeah, I would agree with that don't think this needs GPL yeah I can send a PR that adds the license thanks moving on (I will add notes to the Wiki page about the discussion) "Pending Buildbot PRs" * becm has quit (Ping timeout: 256 seconds) mattock: I have been reviewing https://github.com/OpenVPN/openvpn-buildbot/pull/32 today and that looks good to me hey hi plaisthos! djpig: ok! mattock: https://github.com/OpenVPN/openvpn-buildbot/pull/31 I honestly couldn't care less about. I just don't think this solves an actual problem right now MaxF: if you want something to do, you can make mbed TLS compile with OpenVPN when -DMBEDTLS_DEPRECATED_REMOVED is set :P djpig: I think "somebody" cared, possibly cron2 is this for version 2 or 3? MaxF: 3 so 2 still works? MaxF: I looked into making openvpn3 compatible with mbed TLS 3 and we have that set for 2 and looked what happens when you add that in OpenVPN 2.x and it also spectularly fails I'll look at it when I find time. Or someone to delegate mattock: okay, I will try to look at it. But #32 looks much more relevant to me. So I will look into deploying that first let's move on for now "Wiki Migration" djpig: +1 to 31 and 32 * uddr35 (~uddr35@194.44.71.210) has joined what is the link to new wiki? aloha hola djpig: one more note regarding #31: I think it paves the way for "different tests for different files" as well (see https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28127.html) rob0: I can't recall, need to dig up meeting minutes to figure it out :) mattock: right, good point I'll figure out the wiki addresses, no meeting minutes maybe add them to https://community.openvpn.net/openvpn/wiki/TracWikiReplacements which is where I expected to find them ;) yeah, the IPs are dynamic though, but at least the path would be known and then maybe give people some more time to take a look and try the topic next week again? works for me Server-side testing meeting time https://community.openvpn.net/openvpn/wiki/TracWikiReplacements updated with URLs • xwiki: http://18.184.233.206:8080 • wiki.js: http://18.184.233.206:8081 Title: Main page | Wiki.js (at 18.184.233.206:8081) just FTR ah ok thanks who would like to attend that meeting about server side testing? Me, mattock. cron2, ordex ? uddr35 ? cron2 for sure as he has the one having implemented the current version that he uses for testing privately * becm (~Thunderbi@rtr.astos.de) has joined I can try to join depending on the time cron2: so what times would work for you? @djpig yes please hmm, not sure whether he is here, actually I think cron2 is missing today normally he has time in the morning, but we need him t tell us which day :-D so let's arrange the meeting when he's online yeah okay I think we're down to last topic: 2.6.9 release? yes the open question seems to be whether we wait for an easy-rsa fix or not I think on Windows we are stuck with EasyRSA lev__: what is the status of the security fix for Windows? Is that ready? YES oops yes does that go into openvpn-build or openvpn? -build so we could tag openvpn, I think We could always decide to release the easy-rsa fix as an installer-only release yeah. Also we don't have any estimate when it will be fixed I think if we do not have a fix for easy-rsa in a few days we just go ahead with the release since it is not a regression should we target early next week? Monday/Tuesday? also we should probably add some easyrsa testing to windows TA something simple like creating PKI and server/client certs and validate that something has been indeed created makes sense. you are certainly welcome to do so :) but then again we will have a proof that it works on Windows Server 2022, and nothing about Windows 11 right, also the remote powershell session might have different behavior than the shell launched from UI okay, any other topics not mentioned on the meeting page? yes Can we arrange a meeting to talk about SBOMs some time in the next two weeks? I've got one colleague at Fox who has been looking into that topic, and I thought maybe we can get together with the people at OpenVPN Inc. who are working on it. yeah, I would be happy to talk to someone about that. Because I have been looking into it, but still have no idea what would be useful... So happy to hear from someone with a slightly different perspective what time would work for you? 11:00 CET is generally a good time, except on Thursdays I can not make it Feb 14, everything else is good for me MaxF: let us know if you need more options how about Tuesday Feb 13? at 11 works for me works for me MaxF: will you take care of the technical details? just asked my colleague, it works for him too yes, you guys usually use jitsi right? we have in the past, but inside the company it is all Slack now. But I'm happy to join whatever djpig I have your e-mail but not uddr35 's I think I can send it via Signal alright @djpig thanks okay, any other topics ? We can set up a shared Slack channel if you want. I am a Slack admin for us. I never used slack, does it run in the browser? it can then that should work rob0: let's see whether we need a continous discussion. For a one-time meeting this sounds like overkill I have done that on Linux okay, just tossing out as a suggestion rob0: yeah thanks. I know we have done that for e.g. security audits and other projects like that slack works in browser but yeah for one meeting jitsi would be just easier ok, then we use either jitsi or teams, I'll let you know if there are no more topics I guess this meeting is finished for today nothing more from me +1 okay, I will try to prepare a summary mail mattock: do we have login credentials for the test wikis? * MaxF has quit (Quit: Client closed) djpig: I created those for everyone who wanted when they were "revealed" if you want an account just let me know * uddr35 has quit (Remote host closed the connection) apologies for missing the meeting... I was in the school library, which does have wifi *and* LTE (if the windows are open), but they did something weird to the network and I was totally and utterly offline, and couldn't leave either 2.6.9 release "early monday" would work nicely for me (so I'd tag + push sunday evening, and you tell me on monday if I bumbled something) cron2: okay, sounds good mattock: yes, please so, djpig, plaisthos: I'd like to proceed with 475, but it needs 474 as prerequisite, and this is still sitting on -1, possibly caused by a misunderstanding? I am still not really happy with the leak suppression that we are forced to do, I hoped to look into that much sooner ECHAN