Introduction
This page shows the high-level status of OpenVPN 2.4 release. If you want all the details, see the Active Tickets by Milestone report.
Schedule
- November 16 - 2.4_beta1
After this date, no new features allowed, stabilising starts for real. Some minor "nice to have patches" might be accepted after evaluation/discussion on IRC.
- (optional) November 24th/25th - 2.4_beta2
Only patches related to stabilising and important bug-fixes are allowed after this point. No more "nice to have patches" after this point. If we have no
bug fixes or otherwise stabilizing code this release can be skipped.
- December 1st - 2.4_rc1
Only really needed and critical bug fixes allowed. This is also the time where we change to a unified coding style across the whole source code.
- December 15th - 2.4_rc2
Branching out release/2.4 happens here.
- December 28th - 2.4.0
Final release.
Deadline: Debian 9 freeze
Mattock asked the Debian package maintainer about getting 2.4_something into Debian 9 before the freeze. Here's the response: "I'll consider uploading 2.4_something in early December, so we have a month to fix possible issues. After December 29 it won't be doable."
Features/fixes to include
must have
Task description | Assigned to | Status
|
re-indent formatting | ??? | requires lots of manual work. See CodeStyle.
|
poor mans NCP | syzzer | v4 did not compile, v6 coming up
|
minor, but "we should try to make it happen"
work needed
- trac tickets (2.3.x, 2.4.x, unclassified)
(major) items already done
- make openvpnserv2 use exit-events
- combined 32/64-bit Windows installers
- semi-automated testing of OpenVPN/OpenVPN-GUI/openvpnserv2 on Windows using openvpn-windows-test
- dhcp-option DNS6 (stub, windows, android)
- bundle OpenSSL 1.0.2 on windows
- Refactor CRL handling
- --tls-crypt control channel encryption #633
- ifconfig-before-open reversal patch for windows fixed (argv_printf) and merged
- openvpnserv2 integration
- pushable ciphers, and cipher negotiation
- true dual-stack operation (2.3 has "dual single-stack")
- interactive service + openvpn-gui integration
- IPv6 route-gateway redirection
- AEAD cipher
- cipher negotiation (for all but a few corner cases)
- peer-id (server and client, 2.3 has only client)
- compression v2 = more efficient alignment
- unified TCP timeout handling (Arne v3)
- new buildbots for FreeBSD 10.3, NetBSD 7.0.1, OpenBSD 6.0, MacOS X, various recent Linux versions
- --multihome fixed on BSD/amd64 architectures, tested by buildbots
- recursive routing fixup (Lev v4)
- block-outside-dns on multiple tunnels (v2, Selva)