| Version 35 (modified by , 4 years ago) (diff) |
|---|
Introduction
This page shows the high-level status of OpenVPN 2.5 release. If you want all the details, see the Active Tickets by Milestone report.
Schedule
As we missed our original deadline (Debian Buster freeze) we don't have a schedule yet, except "in year 2020". Nevertheless, the release will proceed as follows:
- 2.5_beta1 (late January)
After this date, no new features allowed, stabilising starts for real. Some minor "nice to have patches" might be accepted after evaluation/discussion on IRC; but should be avoided. Man page processing will be converted from the current groff formatting to a markdown formatting right before beta tagging.
- ??? - 2.5_beta2 (optional)
Only patches related to stabilising and important bug-fixes are allowed after this point. No more "nice to have patches" after this point. If we have no bug fixes or otherwise stabilizing code this release can be skipped.
- ??? - 2.5_rc1
Only really needed and critical bug fixes allowed.
- ??? - 2.5_rc2
Branching out release/2.5 happens here.
- 2.5.0 Final release.
Deadline: To be determined
- Code freeze on January 31st, 2020 (based on discussions in Trento hackathon)
- 2.5.0 release on April 1st, 2020
Features/fixes to include
must have
| Task description | Assigned to | Status | Ticket |
| Purge NSIS installers (migrate to MSI installers) | mattock | ??? | #1122 |
| Netlink support (includes route.c / tun.c refactoring) | ordex | merged | #1123 |
| VLAN patch set | ordex/cron2/plaithos | merged! | #6 |
| Support for multiple sockets (multi-port/multi-IP) | ordex | pending review | #556 |
| Implement asymmetric compression | plaisthos | pending, need updated patch + review (syzzer/cron2) | ? |
| man page formatting change | dazo | pending, will be done right before beta release | - |
"we should try to make it happen" (but will likely not make it)
| Task description | Assigned to | Status | Ticket |
| Wintun support | lev | merged | ??? |
| IPv6-only server | ordex | server support is pending review | #208 |
| support for multiple-protocol sockets (UDP/TCP) | ordex | wip | |
| Dynamic routes ('route in ccd-file'), depends on netlink support | ??? | ??? | |
| transport plugin (primary use case: obfuscation) | ordex | wip | |
| struct argv overhaul | dazo | Updated and rebased patches sent, awaiting review | |
| auth-gen-token: Inform client why auth-token was rejected | dazo | Replaced by patches from plaisthos Merged. | |
| tftp/wpad patch | jjk | patch on list, needs review and merge | |
| support TLS record splitting (like ovpn3) | syzzer | (started, but no patches available yet) | #554 |
| Allow OpenVPN to communicate to peers via a Linux VRF | - | updated patches need review + ML submission | |
| test server that does --auth-user-pass and/or challenge stuff | cron2 (snair) | not started | |
| update auth-user-pass docs | mattock | not started, discussion here | |
| Update OpenVPN PRF (move away from SHA1/MD5) | syzzer | not started | |
| maybe: add PRF plugin interface | ??? | ??? | |
| maybe: add key exchange plugin interface (allows easily doing .e.g post quantum kex) | ??? | ??? | |
| maybe: add data channel separation (or, move to ovpn3, which already has this?) | ??? | ??? | |
| maybe: fix radius-plugin - plugin is useful but not maintained very well | ??? | ??? | |
| improve control channel performance | syzzer | ??? |
work needed
- trac tickets (2.4.x, 2.5.x, unclassified)
- MSI testing and user documentation
(major) items already done
- remove ENABLE_CRYPTO
- ChaCha20-Poly1305 support for the data channel
- tls-crypt-v2 (#1121)
- MSI packaging
TODO: update list
