wiki:MunichHackathon2014

Version 26 (modified by Gert Döring, 9 years ago) (diff)

--

OpenVPN Hackathon 2014

who

This is organized by Gert Döring (cron2) and sponsored by Spacenet AG (http://www.space.net/).

We have space for about 10 people in the conference room I have booked so far, so I'd limit this to "active developers that are also regularily contributing to #openvpn-devel or the mailing list". If there is overwhelming interest, I can get a larger room, but then the address listed below would change (still in Munich, but not as centrally located).

who is coming?

Name Topics Arrival Departure
Gert Döring no particular topics Fri morning-ish Sun, late night
David Sommerseth auth/kerberos, plug-ins Fri 14-ish (SK4759) Sun, afternoon (LH2456)
Samuli Seppänen openvpn 2.4/3.x, community site Thu, morning (BT221) Sun, afternoon (BT224)
Steffan Karger AES-GCM, Windows service review? Fri, around noon Sun, afternoon
Adriaan de Jong tbd Fri, around noon Sun, afternoon
Arne Schwabe timeouts in OpenVPN Fri, train, 11:30 Monday, morning, train
Jan Just Keijser Win7+ integration, performance Sat morning Sun, afternoon
Heiko Hund interactive service, NTLM patches, GOST Fri. morning Sun. evening
Lev Stipakov peer-id patch, tbd Thu. evening Sun. evening
James Yonan OpenVPN protocol changes Thu. morning -

where?

We'll meet in one of the office locations of Spacenet. The address is:

SpaceNet AG
Landsberger Strasse 155
80687 München (Munich)
Germany

see google maps. The entrance is in the upper left corner on the inside of the "#" formed building.

Inside the "#", there are 4 entries in each of the corners, marked as "Haus 1" to "Haus 4". Take the entry "Haus 4". There is a reception for Cable&Wireless and SpaceNet? there. Tell the security guy that you want to visit SpaceNet?, and he'll call me or one of my colleagues and we'll pick you up (SpaceNet? is on the 1st floor of Haus 4). The guard will require some sort of deposit - ID card, driver license, etc - to ensure people properly check out at leaving.

This location is easy to reach by car or by public transport (Tram from central station).

Specifically:

  • if you arrive by plane, take S-Bahn S1 or S8 (it's a circle, S1 goes left, S8 goes right) and exit after about 45 minutes at "Hirschgarten" or "Donnersbergerbrücke". About 10 minutes walk from there, or take the Tram 18/19 for the remainder.
  • if you end up near the central station (either arriving by train, or with the S-Bahn), exit the central station on the south side, take Tram 18 or 19 towards Willibaldplatz / Gondrellplatz (westwards), and exit at "Lokschuppen". Landsberger Strasse is the street the Tram travels, 155 is across the street next to the "Bauhaus" market
  • if you come by car, parking in the vicinity is a bit problematic. You can park in the "Bauhaus" garage but that's "for their customers only", so you'd need to relocate to the SpaceNet? parking garage when the SpaceNet? crew has left (no guest parking there, unfortunately). We'll find something.

If you get lost, call me: +49 177 2160221

when?

The hackathon will take place from Nov 14 (Friday), 2014 to Nov 16 (Sunday). The room is ours for the full 3 days, and I (cron2) will be there at Friday 09:30-ish. I have no confirmed arrival dates from anyone else yet...

food

I'll sponsor soft drinks, snacks and the conference room, and I'll sponsor a "Weisswurstfrühstück" for Saturday (see https://en.wikipedia.org/wiki/Weisswurst).

Friday evening, we meet at http://www.cafe-westend.com/ (19:00 local time, table reserved for "Döring"), sponsored by OpenVPN Tech. Good TexMex? and local food.

Saturday, it's http://wirtshaus-am-bavariapark.com/ (19:00 local time, table reserved for "Karger", I assume), sponsored by FoxIT. Bavarian food, beer :-)

what?

So what is the goal of the Hackathon?

  • meet in person, talk about things
    • contributors agreement (CLA) for OpenVPN 3
    • future development of 2.x and 3.x
    • GPL violation on multiple apps on the play store
  • hack on the 2.4 codebase - there's a number of "large" things we could try to tackle
    • peer-id patch set (full support in 2.4, client-side support in 2.3)
    • new data packet format proposed for AEAD and "null-compression"
    • fix compilation of "master" on windows
    • openvpn interactive service - get code in git tree
    • async plugin patch, inotify async auth patch (Lev)
    • IPv6 gateway detection?
  • work on open trac issues
    • lots of things to review and bugs to fix

I'm all open for additions here - I think the meetings in Brussels and Munich 2013 have shown that "just being able to sit together and hack" is a useful excercise.

Internet

of course there will be free WiFi available, and for bandwidth junkies, wired Internet as well :-) - Spacenet is an Internet service provider, and that's one of their core locations, connected with multiple 10Gbit links to the world...

accomodation

  • "Motel One Munich City West" has been recommended as "being close, reasonably priced, and generally OK"

results

This is just a sort of unordered list of things we agree on, to avoid thoughts getting lost

  • drop Windows XP support in OpenVPN 2.4
    • this also affects Windows Server 2003 (extended support) and Windows XP Embedded
    • specifically: XP will not get "interactive service" support, because the APIs used for IPv6 routing are not available on XP
    • 2.3.x will continue to be supported
    • 2.4.x might drop XP support if supporting it gets too hard, like "keep all the netsh calls in there" - it will be announced in the 2.4.0 release notes "use on your own risk, but not officially supported anymore"
    • functionality that will fail on XP and older will be wrapped in an #ifdef
  • strip out the PRNG support from OpenVPN, as both SSL libraries have good PRNG inside, and at least PolarSSL's is faster (syzzer)
  • about removing snappy support - we keep it for the time being (#ifdef), because OpenVPN 3 and OpenVPN AS support an use it. Since compression can be negotiated, we can just leave it off for platforms where it is complicated to build (like Windows due to libstdc++.dll being so big)
  • coding style in OpenVPN source - see http://blue.bikeshed.org/ and http://en.wikipedia.org/wiki/Indent_style - candidates: Allmann, GNU, K&R (higher git impact when changing over due to the opening bracket moving), and then tabs/no-tabs.
    • everybody is "okayish" with changing, as long as it is done consistent, everywhere
    • slighly stronger feeling for Allmann style - Allmann style it is
    • syzzer voluntereers to make the non-consistent files consistent
    • "the big whitespace change" for existing code happens at 2.4-RC, and then we will no longer do "patches to master and 2.3" (which would have different indentation) but to "master and 2.4" (same style), except for critical issues, which usually are small and manageable
    • line length?
      • "stick to what we have for now", do not reformat arbitrarily
      • breaking a line in the middle: align to opening (round) brackets in line above
    • tabs vs. spaces: "not mixed"
      • majority for "only spaces, no tabs"
      • this is what we change to: all spaces
  • new packet format? (Mail from James, Message-ID: <54648EAC.70204@…>)
    • AEAD: 12byte nonce is needed - use session ID plus HMAC random for that? James and Syzzer agree on that.
    • compression V2 format - yes, go for it
    • to support COMPRESS_V2 the server needs to actually send the peer-id packet format as well (right now only the client sends peer-id packets)
    • discussion:
      • James: lets actually negotiate COMPRESS_V2 so we do not couple peer-id and compression which is actually independent parts/layers of the code
      • Arne: this could be "PACKET_FORMAT_3" (peer-id+compress-v2)
      • James: lean to "negotiate compression and packet format independently, as they are different layers"
      • Jan Just: nice thing about scalar packet format is that you know which features have to be in there - but "don't do too many of these versions"
    • discussion ended up with crypto negotiations, but I think we'll just see a patch from James with "whatever will be the outcome" for COMPRESS_V2
  • regarding --enable-ssl/disable-ssl - decided to a) ask the openvpn-users whether there is anyone using OpenVPN without SSL, and if not, remove the option (so --enable-crypto would bring SSL, --disable-crypto would take away SSL and all crypto) - one different #ifdef variant less
  • querying passwords using systemd
    • ...