= Introduction =

This page shows the high-level status of OpenVPN 2.4 release. If you want all the details, see the [report:3 Active Tickets by Milestone] report.

= Deadlines =

== Debian 9 freeze ==

Mattock asked the Debian package maintainer about getting 2.4_something into Debian 9 before the freeze. Here's the response: ''"I'll consider uploading 2.4_something in early December, so we have a month to fix possible issues. After December 29 it won't be doable."''

= Features/fixes to include =

== must have ==

||'''Task description'''||'''Assigned to'''||'''Status'''||
||t_client-style "test all windows specific options" testbed on windows||???||very basic scripts + profiles done. powershell work by Samuli. Windows testing page: WindowsTesting||
||make openvpnserv2 use exit-events||mattock||research started, tracked [https://github.com/xkjyeah/openvpnserv2/issues/10 here]||
||re-indent formatting||???||last thing before we release, requires lots of manual work||
||bundle OpenSSL 1.0.2 on Windows||mattock||not started, but should be trivial||

== minor, but "we should try to make it happen" ==

||'''Task description'''||'''Assigned to'''||'''Status'''||
||block-outside-dns v2||snair||patch on list, needs review and merge (cron2)||
||tftp/wpad patch||jjk||patch on list, needs review and merge||
||dhcp-option dns6...||cron2||not done yet||
||test server that does --auth-user-pass and/or challenge stuff||cron2 (snair)||not started||
||support TLS record splitting (like ovpn3) || syzzer || #554 (started, but no patches available yet) ||
||`--tls-crypt` control channel encryption || syzzer || #633 (preview branch available) ||
||update auth-user-pass docs||mattock||not started, discussion [https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12835.html here]||
|| support OpenSSL 1.1 || syzzer (?) || not started ||

== undefined priority ==

||'''Task description'''||'''Assigned to'''||'''Status'''||
||combined i686/x96_64 Windows installers||chipitsine/mattock||PR ready, but in mattock's tests it had some issues||



== work needed ==
 * trac tickets (2.3.x, 2.4.x, unclassified)

== major items already done ==
 * ifconfig-before-open reversal patch for windows fixed (argv_printf) and merged
 * openvpnserv2 integration
 * pushable ciphers, and cipher negotiation
 * true dual-stack operation (2.3 has "dual single-stack")
 * interactive service + openvpn-gui integration
 * IPv6 route-gateway redirection
 * AEAD cipher
 * cipher negotiation (for all but a few corner cases)
 * peer-id (server and client, 2.3 has only client)
 * compression v2 = more efficient alignment
 * unified TCP timeout handling (Arne v3)
 * new buildbots for FreeBSD 10.3, NetBSD 7.0.1, OpenBSD 6.0, MacOS X, various recent Linux versions
 * --multihome fixed on BSD/amd64 architectures, tested by buildbots
 * recursive routing fixup (Lev v4)