= Introduction = This page shows the high-level status of OpenVPN 2.5 release. If you want all the details, see the [report:3 Active Tickets by Milestone] report. = Schedule = As we missed our original deadline (Debian Buster freeze) we don't have a schedule yet, except "in year 2019". Nevertheless, the release will proceed as follows: * 2.5_beta1 After this date, no new features allowed, stabilising starts for real. Some minor "nice to have patches" might be accepted after evaluation/discussion on IRC; but should be avoided. * ??? - 2.5_beta2 (optional) Only patches related to stabilising and important bug-fixes are allowed after this point. No more "nice to have patches" after this point. If we have no bug fixes or otherwise stabilizing code this release can be skipped. * ??? - 2.5_rc1 Only really needed and critical bug fixes allowed. * ??? - 2.5_rc2 Branching out release/2.5 happens here. * 2.5.0 Final release. == Deadline: To be determined == Last time we used the Debian freeze as a hard deadline. For OpenVPN 2.5 we wanted to use [https://release.debian.org/buster/freeze_policy.html Debian Buster freeze], but missed the deaadline. = Features/fixes to include = == must have == ||'''Task description'''||'''Assigned to'''||'''Status'''||'''Ticket'''|| || Purge NSIS installers ([wiki:OpenvpnMSIInstaller migrate to MSI installers]) || mattock || ??? ||#1122|| || Netlink support (includes route.c / tun.c refactoring) || ordex || merged ||#1123|| || VLAN patch set || ordex/cron2/plaithos || pending review (arne) ||#6|| || Support for multiple sockets (multi-port/multi-IP) || ordex || pending review ||#556|| || Implement asymmetric compression || plaisthos || pending, need updated patch + review (syzzer/cron2) || ? || == "we should try to make it happen" (but will likely not make it) == ||'''Task description'''||'''Assigned to'''||'''Status'''||'''Ticket'''|| || [https://patchwork.openvpn.net/patch/824/ Wintun support] || lev || code is pending review || ??? || || [https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg16998.html IPv6-only server] || ordex || server support is pending review ||#208|| || support for multiple-protocol sockets (UDP/TCP) || ordex || wip || || Dynamic routes ('route in ccd-file'), depends on netlink support || ??? || ??? || || transport plugin (primary use case: obfuscation) || ordex || wip || || 'make VPN fast again!' || ??? || ??? || || [https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12818.html struct argv overhaul] || d12fk || Patch review completed (dazo), patch 1-4 applied, v2 of patches 5-7 on the ml waiting for review (rebranded as 1-4 by davids) || || [https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12848.html auth-gen-token: Inform client why auth-token was rejected] || dazo || Patch review in progress (syzzer) || || [http://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg10511.html tftp/wpad patch] || jjk ||patch on list, needs review and merge|| || support TLS record splitting (like ovpn3) || syzzer ||(started, but no patches available yet) ||#554|| || [https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12767.html Allow OpenVPN to communicate to peers via a Linux VRF] || - || [https://github.com/OpenVPN/openvpn/pull/65/commits/1baa7e6782b39ed664eedb9b006728d31e22c07e updated patches] need review + ML submission || || test server that does --auth-user-pass and/or challenge stuff ||cron2 (snair)||not started|| || update auth-user-pass docs || mattock||not started, discussion [https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg12835.html here]|| || Update OpenVPN PRF (move away from SHA1/MD5) || syzzer || not started || || maybe: add PRF plugin interface || ??? || ??? || || maybe: add key exchange plugin interface (allows easily doing .e.g post quantum kex) || ??? || ??? || || maybe: add data channel separation (or, move to ovpn3, which already has this?) || ??? || ??? || || maybe: fix radius-plugin - plugin is useful but not maintained very well || ??? || ??? || || improve control channel performance || syzzer || ??? || == work needed == * trac tickets (2.4.x, 2.5.x, unclassified) * MSI testing and user documentation == (major) items already done == * remove ENABLE_CRYPTO * [https://patchwork.openvpn.net/patch/496/ ChaCha20-Poly1305 support for the data channel] * tls-crypt-v2 (#1121) * MSI packaging TODO: update list