= OpenVPN Hackathon 2018 = [[TOC(inline, depth=1)]] This year's hackathon is organized by Andriy Revin and David Sommerseth We will stick to the format of the previous years, which means attendance is in principle limited to "active developers that are also regularly contributing to #openvpn-devel or the mailing list". We should have enough space in the meeting room for 10-14 devs. == Who is coming? == ||= Name =||= Topics =||= Arrival =||= Departure =||= Hotel =|| || Andriy Revin || - || || || @home || || David Sommerseth || clean-ups, plug-ins, OpenVPN 3 client || Thu evening (LO482/LO763) || Tue (LO766/LO483) || Ibis || || Antonio Quartulli || remaining IPv6-only work, VLAN patches, netlink, multi-socket/multi-protocol, transport API(?) || Fri || Tue || Ibis || || Steffan Karger || Performance, clean ups, crypto stuff || Thu (OS381, ETA 15:20 @ airport) || Sun || Ibis || || Gert Döring || VLAN Patches / Architecture, Challenge / Plugin stuff, Performance (Threading?) || Fri (LH2550, ETA 11:30 @airport) || Mon (LH2551) || Ibis || || Samuli Seppänen || Packaging (MSI, DEB, RPM), !HackerOne tuning || Fri late evening || Mon early morning || Ibis || || James Yonan || || || || || || Arne Schwabe || random stuff || Thu (LO410/LO765) || Tue (LO766/LO407) || Ibis || || Johan Draaisma || things || 3 oct || 8 oct || somewhere || || Lev Stipakov || things || Fri evening (TK443) || Tue || Ibis || == Where? == The meeting is held at the OpenVPN office in Lviv (Ukraine): [https://www.openstreetmap.org/search?query=49.83826%2C24.03129#map=19/49.83826/24.03129&layers=N Shevchenka Ave 5]. Lviv Danylo Halytskyi International Airport is quite close to the city. Best way of public transport is via Uber. If you have any questions - please contact Andriy Revin (andriy @ openvpn.net). == When? == The hackathon will take place from Friday October 5th 2018 to Sunday October 7th. == What? == 1. What features do we want in 2.5? Set the timeline accordingly. (See [wiki:StatusOfOpenvpn25 the OpenVPN 2.5 status page]). * tls-crypt v2, sitnl, vlan patches, ipv6-only, transport plug-in? * MSI packaging? * EasyRSA 3 for Windows (NSIS/MSI) installers? 1. Should OpenVPN be a "swiss army knife" or "secure vpn client for dummies" * Could the split between OpenVPN 2.x and 3.x reflect these two roles? 1. Feature changes * Do we need `--opt-verify`? Is this a feature strictly needed these days? 1. MSI packaging * Available for testing for tap-windows6, but not yet for OpenVPN 2 == Input == TBD == Internet == Free wifi network is available at the office == Accommodation == There are many options with hotels and Airbnb alternatives in walking distance from the office (5-10 minutes). Most reasonably priced hotels are fairly small and availability is varying a lot, but double check against hotels.com, booking.com, trivago.com or similar sites to ensure you get a good price. Some hotels close by (4-8 minutes walk): ||=Hotel =||=URL =||=Comments =|| || Ibis Styles Lviv Center || https://www.accorhotels.com/gb/hotel-9709-ibis-styles-lviv-center/index.shtml || Most likely one of the bigger ones, small rooms but decent || || Swiss Hotel || http://swiss-hotel.lviv.ua/en/ || Reasonable hotel when getting good price offers || || ANTARES Apart hotel || https://antares-apart.com.ua/en/ || - || || Danylo Inn || http://www.danyloinn.com/ || - || || == Results == (informal notes on some of the discussions that benefit from writing down) === 2.4.7 === * we need to do a 2.4.7 release "soonish", to fix the {{{--opt-verify}}} issue Lev and Johan have encountered with NCP (patch has been merged in master+release/2.4) * we want the "asymmetric compression" change from Arne in there as well * 2.4.7 will be inintially released with the old TAP6 driver, and then we can do a re-release with the new TAP6 driver after sufficient testing (when our new approach can get all testing/signing issues fixed, estimated ~4-6 weeks) * TLS1.3 related patches are acceptable for 2.4.7 if they do not change existing behaviour (unless you use {{{--tls-ciphersuite}}} === T-Shirts === * are buggy * 30 day refund policy === features in 2.5 that we want === * we have a page in the wiki so people can read up on this * MSI packaging (Simon, Samuli) * TAP6 changes -> TAP6 MSI installer * Samuli is reading books about MSI * possibly drop NSIS, or offer both options * tls-cryptv2 * Antonio is reviewing, goal: this weekend * IPv6-only * Gert needs to finish review and test bed * netlink / sitnl refactoring of tun.c, route.c * Arne volunteers to review, but is entangled in ipv6-only changes (so might need rebasing) -> Antonio to check * code is there, but needs better coordination * blocker or nice to have? * transport plugin (obfuscation or others) * operator foundation, founded by google * coordinating with Antonio * patches based on 2.4 - asked to rebase on master * "nice to have"? * "make VPN fast again" (Antonio) * ongoing activity... * VLAN patchset * Antonio volunteers to rebase + adjust the code to master * Arne volunteers to review * Gert to build test infrastructure * David: suggest to checkout the code tree "right before the uncrustify changes", apply Fabian's v2 patch set, and proceed from there * multi-listen / multi-port / multi-ip patch set * multi-port is done, with multi-ip (if same protocol) (first chunk) "in beta" * multi-protocol (TCP+UDP) "not even alpha" * Arne feels like he needs to review this * dynamic-route (routes in CCD/) * today: OpenVPN only adds route at startup * adding routes at client-connect time needs to be done "outside" * nice to have(!!) - it can be done with {{{--client-connect}}} or in plugin code - but easier debugged if "built in" === features we want in 2.6 === * asynchronous netlink (= do not block waiting for kernel ACK) * performance enhancements on multi-CPU machines * multithreading? Do we want to just go for 3.0 here?