Introduction
This page shows the high-level status of OpenVPN 2.6 release. If you want all the details, see the Active Tickets by Milestone report.
Schedule
Too early to say, but we hope to get this done quicker than 2.4 and 2.5 - so, tentatively, "early 2022"
Features/fixes to include
must have
| Task description | Assigned to | Status | Ticket
|
| DCO (on Linux) | ordex, plaisthos | unclear | -
|
| DCO (on FreBSD) | ? | ? | -
|
| update auth-user-pass docs | mattock | not started, discussion here
|
| polish auth-token / auth-gen-token corner cases (not sending token after explicit-exit-notify from server, etc.) | cron2, plaisthos | pending | -
|
nice to have
| Task description | Assigned to | Status | Ticket
|
| support for multiple-protocol sockets (UDP/TCP) | ordex | wip
|
| Support for multiple sockets (multi-port/multi-IP) | ordex | pending review | #556
|
| Dynamic routes ('route in ccd-file'), depends on netlink support | ??? | ??? |
|
| transport plugin (primary use case: obfuscation) | ordex | wip |
|
| tftp/wpad patch | jjk | patch on list, needs review and merge |
|
| support TLS record splitting (like ovpn3) | syzzer | (started, but no patches available yet) | #554
|
| test server that does --auth-user-pass and/or challenge stuff | cron2 (snair) | --auth-user-pass done, challenge missing |
|
| Update OpenVPN PRF (move away from SHA1/MD5) | syzzer/plaisthos | done(?) |
|
| maybe: add PRF plugin interface | ??? | ??? |
|
| maybe: add key exchange plugin interface (allows easily doing .e.g post quantum kex) | ??? | ??? |
|
| maybe: add data channel separation (or, move to ovpn3, which already has this?) | ??? | ??? |
|
| maybe: fix radius-plugin - plugin is useful but not maintained very well | ??? | ??? |
|
| improve control channel performance | syzzer | ??? |
|
| inner VRF support? | ?? | ?? | ??
|
| route monitoring (enable clients to react to network changes) | cron2 | not started | -
|
