Version 4 (modified by 6 years ago) (diff) | ,
---|
Introduction
This page shows the high-level status of OpenVPN 2.5 release. If you want all the details, see the Active Tickets by Milestone report.
Schedule
- October 7 - Feature selection
At the hackathon in Lviv, we'll decide which features we want for 2.5. After that, we can start planning the steps below.
- ??? - 2.5_beta1
After this date, no new features allowed, stabilising starts for real. Some minor "nice to have patches" might be accepted after evaluation/discussion on IRC.
- (optional) ??? - 2.5_beta2
Only patches related to stabilising and important bug-fixes are allowed after this point. No more "nice to have patches" after this point. If we have no bug fixes or otherwise stabilizing code this release can be skipped.
- ??? - 2.5_rc1
Only really needed and critical bug fixes allowed.
- ??? - 2.5_rc2
Branching out release/2.5 happens here.
- ??? - 2.5.0 Final release.
Deadline: To be determined
Last time we used the Debian freeze as a hard deadline.
TODO: investigate if there is a similar freeze we want to make.
Features/fixes to include
must have
Task description | Assigned to | Status |
tls-crypt-v2 | syzzer | Patch review in progress (ordex) |
transport plugin (primary use case: obfuscation) | Operator Foundation (ordex will get patches ready for ml) | ordex |
netlink support (includes route.c / tun.c refactoring) | ordex | ??? |
'make VPN fast again!' | ??? | ??? |
purge NSIS installers (migrate to MSI installers) | mattock | ??? |
VLAN patch set | ordex/cron2/plaithos | ordex/cron2/plaithos |
support for multiple sockets (UDP/TCP/multi-port/multi-IP) | ordex | ??? |
dynamic routes ('route in ccd-file'), depends on netlink support | ??? | ??? |
improve control channel performance | syzzer | ??? |
minor, but "we should try to make it happen"
Task description | Assigned to | Status |
struct argv overhaul | d12fk | Patch review completed (dazo), patch 1-4 applied, patch 5-7 need v2 patches |
auth-gen-token: Inform client why auth-token was rejected | dazo | Patch review in progress (syzzer) |
tftp/wpad patch | jjk | patch on list, needs review and merge |
support TLS record splitting (like ovpn3) | syzzer | #554 (started, but no patches available yet) |
Allow OpenVPN to communicate to peers via a Linux VRF | - | updated patches need review + ML submission |
test server that does --auth-user-pass and/or challenge stuff | cron2 (snair) | not started |
update auth-user-pass docs | mattock | not started, discussion here |
Update OpenVPN PRF (move away from SHA1/MD5) | syzzer | not started |
maybe: add PRF plugin interface | ??? | ??? |
maybe: add key exchange plugin interface (allows easily doing .e.g post quantum kex) | ??? | ??? |
maybe: add data channel separation (or, move to ovpn3, which already has this?) | ??? | ??? |
maybe: fix radius-plugin - plugin is useful but not maintained very well | ??? | ??? |
work needed
- trac tickets (2.4.x, 2.5.x, unclassified)
(major) items already done
TODO: create list