Basic info

• Time: Wednesday 21 December 2022 at 13:00 CET (12:00 UTC)
• Place: #openvpn-meeting channel on LiberaChat IRC network

Topics

Current topics

• novaflash is back to resume meeting duties.

• Do we even do a meeting on the 28th?
  Yes, but we won't have full attendance. Would be good to sync up about a new 2.6 beta3/rc1 release.

• 2.6 release plans
  We haven't decided if we want to do beta3 or rc1, but definitely not a stable release yet.
  We have decided that we should do a release on the 28th of December.

• How do we judge remaining known bugs?
  Must solve: crashbug with TCP (​https://github.com/OpenVPN/openvpn/issues/190) is something plaisthos will take a look at.
  Not critical: keepalive not working in DCO p2p mode (#1476) [fixed in 7c66a6dab54d8]
  Not critical as long as keep-alive is used: p2p TLS renegotiations getting all confused if client reconnects after server failed renegotiation, but *before* server-connect-timeout expires.
  Not critical: UDP gremlin uncovers "sometimes p2mp server on linux-dco is not notified / is ignoring if client expires" (8 clients out of about 5000 connects), keeps sending TLS renegotion packets.
  Must solve: Seems DCO is not sending a signal to user space when a tcp client disconnects or gets connection reset. Will check if ordex has availability to fix.

• 2.6 MSVC toolchain, update to VS 2022? Windows Server 2022?
  Not for beta2. But might try to do before 2.6.0 stable release. lev has sent patches that need review.

• Forums machine on community infrastructure is only non-Linux system.
  mattock made a new forums system that runs on rocky linux 8 as agreed with ecrist.
  Currently waiting for ecrist to test if he has access and all is well before we're able to make the switch.

• License amendment for OpenVPN2 to accomodate mbedtls.
  plaisthos made a first draft. plaisthos asked to get novaflash to ask francis and james to sign off on it.
  In the meantime we need to compile a list of contributors and get ready to ask them to accept the changes.
  novaflash will pick this up again now that he is back.

• pkcs11-helper dynamic loader flags: yes/no(/cancel), add patch to openvpn/contrib to get support/exposure in 2.6(.0/beta2)?
  These changes were merged.

Topics on standby

• OpenVPN2 build environment and improving it.
  djpig is currently working on this. The company has decided to prioritize this task.
  Code signing key was moved to an HSM system for increased security.
  Further improvements to the build process are underway.

• Management interface documentation on main website will be updated with info from doc/management-notes.txt
  novaflash will pick this up again now that he is back.

• ​https://www-dev.openvpn.in/community-resources/openvpn-quickstart/ will be updated from /doc/man-sections/example-fingerprint.rst information.
  Static-key will be deprecated and contents updated with peer-fingerprint stuff.
  novaflash will pick this up again now that he is back.

• As discussed in Hackathon we want to do a PoC with using Gerrit for code review.
  This requires an environment to be setup and tuned. This is postponed until after 2.6 stable release.

• IPv6 to community.
  No new information to report.