= Introduction = This page shows the high-level status of OpenVPN 2.5 release. If you want all the details, see the [report:3 Active Tickets by Milestone] report. = Schedule = * October 7 - Feature selection At the hackathon in Lviv, we'll decide which features we want for 2.5. After that, we can start planning the steps below. * ??? - 2.5_beta1 After this date, no new features allowed, stabilising starts for real. Some minor "nice to have patches" might be accepted after evaluation/discussion on IRC. * (optional) ??? - 2.5_beta2 Only patches related to stabilising and important bug-fixes are allowed after this point. No more "nice to have patches" after this point. If we have no bug fixes or otherwise stabilizing code this release can be skipped. * ??? - 2.5_rc1 Only really needed and critical bug fixes allowed. * ??? - 2.5_rc2 Branching out release/2.5 happens here. * ??? - 2.5.0 Final release. == Deadline: To be determined == Last time we used the Debian freeze as a hard deadline. TODO: investigate if there is a similar freeze we want to make. = Features/fixes to include = == must have == ||'''Task description'''||'''Assigned to'''||'''Status'''|| || tls-crypt-v2 || syzzer || Patch review in progress (ordex) || || transport plugin (primary use case: obfuscation) || ??? || ??? || || netlink support (includes route.c / tun.c refactoring) || ordex || ??? || || 'make VPN fast again!' || ??? || ??? || || remove ENABLE_CRYPTO || ordex || ??? || || purge NSIS installers (migrate to MSI installers) || mattock || ??? || || VLAN patch set || ??? || ??? || || support for multiple sockets (UDP/TCP/multi-port/multi-IP) || ordex || ??? || || dynamic routes ('route in ccd-file'), depends on netlink support || ??? || ??? || || improve control channel performance || syzzer || ??? || == minor, but "we should try to make it happen" == ||'''Task description'''||'''Assigned to'''||'''Status'''|| || [https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12818.html struct argv overhaul] || d12fk || Patch review completed (dazo), patch 1-4 applied, patch 5-7 need v2 patches || || [https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12848.html auth-gen-token: Inform client why auth-token was rejected] || dazo || Patch review in progress (syzzer) || || [http://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg10511.html tftp/wpad patch]||jjk||patch on list, needs review and merge|| || support TLS record splitting (like ovpn3) || syzzer || #554 (started, but no patches available yet) || || [https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12767.html Allow OpenVPN to communicate to peers via a Linux VRF] || - || [https://github.com/OpenVPN/openvpn/pull/65/commits/1baa7e6782b39ed664eedb9b006728d31e22c07e updated patches] need review + ML submission || || test server that does --auth-user-pass and/or challenge stuff||cron2 (snair)||not started|| || update auth-user-pass docs||mattock||not started, discussion [https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12835.html here]|| || Update OpenVPN PRF (move away from SHA1/MD5) || syzzer || not started || || maybe: add PRF plugin interface || ??? || ??? || || maybe: add key exchange plugin interface (allows easily doing .e.g post quantum kex) || ??? || ??? || || maybe: add data channel separation (or, move to ovpn3, which already has this?) || ??? || ??? || || maybe: fix radius-plugin - plugin is useful but not maintained very well || ??? || ??? || == work needed == * trac tickets (2.4.x, 2.5.x, unclassified) == (major) items already done == TODO: create list