Basic info
- Time: Wednesday 11 January 2023 at 13:00 CET (12:00 UTC)
- Place: #openvpn-meeting channel on LiberaChat IRC network
Topics
Current topics
- Can we have someone at OpenVPN create nicer windows traybar logos (#1276)?
- 2.6 release plans (for rc2 and 2.6.0 stable)
Plan is to do an rc2 release on 12th of January
Want to get lev's patch for config folder migration for GUI in.
Want to try and get plaisthos's patch for dynamic tls-crypt in
Can we do stable release 2.6.0 in 2 weeks (jan 26)?
What to do aboutSRV
? This probably won't make it in 2.6.0.
What to do aboutdynamic tls-crypt
? Going to try to get it into rc2.
OpenVPN 2.6.0 stable release open issues
- blockers (must be fixed before 2.6.0)
---?
- nice to have
P2P --tls-server still gets confused sometimes when "client just disappears" and no--keepalive
is configured
duplicate route addition / EEXIST with SITNL is not handled correctly (will lead to duplicate route removal)
route_add() status code uses 0/1/2 magic numbers, should use MAGIC_CONSTANTS
dco.dco_del_peer_reason etc. should be initialized "upfront" not "after the fact" (see commit aaccf8843)
engine test failing with openssl 3.0.x iff built with engine support (non-default) (this is already merged)
- additional features
---?
- DCO showstoppers (not holding up 2.6.0 release, but a reason to not use DCO in production)
OOM in netlink on busy servers https://github.com/OpenVPN/ovpn-dco/issues/16
openvpn hang on "close tun, before restarting" https://github.com/OpenVPN/ovpn-dco/issues/18
more... https://github.com/OpenVPN/ovpn-dco/issues
- OpenVPN2 build environment and improving it.
djpig is currently working on this. The company has decided to prioritize this task.
Code signing key was moved to an HSM system for increased security.
djpig overhauled openvpn-build, it now uses submodules for openvpn and openvpn-gui, and contains debian packaging scripts.
Further improvements to the build process are underway.
- OpenVPN 2.6 performance results.
Now that we have a beta out, and soon an rc1, we want to have an article on main site and press release about performance results.
- Forums machine on community infrastructure is only non-Linux system.
mattock made a new forums system that runs on rocky linux 8 as agreed with ecrist.
Currently waiting for ecrist to test if he has access and all is well before we're able to make the switch.
ecrist indicated that he is missing some information, mattock will provide.
Topics on standby
- License amendment for OpenVPN2 to accomodate mbedtls.
plaisthos made a first draft. plaisthos asked to get novaflash to ask francis and james to sign off on it.
In the meantime we need to compile a list of contributors and get ready to ask them to accept the changes.
novaflash will pick this up again now that he is back.
- Management interface documentation on main website will be updated with info from doc/management-notes.txt
novaflash will pick this up again now that he is back.
- https://www-dev.openvpn.in/community-resources/openvpn-quickstart/ will be updated from /doc/man-sections/example-fingerprint.rst information.
Static-key will be deprecated and contents updated with peer-fingerprint stuff.
novaflash will pick this up again now that he is back.
- As discussed in Hackathon we want to do a PoC with using Gerrit for code review.
This requires an environment to be setup and tuned. This is postponed until after 2.6 stable release.
- IPv6 to community.
No new information to report.
Last modified 15 months ago
Last modified on 01/12/23 14:12:23