Basic info

• Time: Wednesday 01 february 2023 at 13:00 CET (12:00 UTC)
• Place: #openvpn-meeting channel on LiberaChat IRC network

Topics

Current topics

• Planning to have a new release of OpenVPN 2.6 around March 8th.

• Can we have someone at OpenVPN create nicer windows traybar logos (#1276)?
  yes matt is currently working on it in ​https://github.com/OpenVPN/openvpn-gui/issues/595

• Press release of 2.6
  in progress

• Review support status for OpenVPN versions. (SupportedVersions document)
  2.4 was not placed in git tree only support mode yet - will do that now. that was an oversight.
  openvpn 2.6 was added and is in support now until undefined.
  about windows 7/8/8.1, we'll add some note that people are lucky if it still works, and we still try to keep it working, but we can't offer any real guarantees there anymore.

• Review DCO-for-Linux release status
  working on making control packets go through transport socket instead of netlink. easy for udp, not so easy for tcp.
  then next item is TCP notification missing under heavy load bug. will retest after control channel moved to socket.
  will then work on removing the netlink code entirely since it's not in use anymore then.

• License amendment for OpenVPN2 to solve openssl/mbedtls licensing issues
  dazo is in contact with open source legal expert, explaining the issues, getting feedback.
  our concern about system libraries is definitely warranted - on linux it may be considered so but not on most other platforms.
  main question is, do we have to limit the exception to apply only to cryptographic libraries?
  question really being; do we expect it to be abused if we blanket approve all apache2 libraries?

• As discussed in Hackathon we want to do a PoC with using Gerrit for code review.
  the proof of concept is online. yuriy will provide information on this.
  using credentials from commnunity it should now be possible to access it at ​https://gerrit.openvpn.net/

• 2.6 release - did we get some feedback, and is any of it vital to respond on?
  Fedora/EPEL world has been silent (good sign). Fedora 38 will ship with 2.6 in native repo.
  on github there's a lot of windows interesting reports - half are DCO related, half because of crappy configs from vpn providers.
  dazo reports that a change is needed to selinux policies to allow access to netlink, otherwise openvpn2 can't use DCO by default with selinux enabled.
  dazo upstreamed a fix but this takes time to distribute. will in the intermediate period prepare to bundle that particular policy, for Fedora/Copr? packages.

• Forums machine on community infrastructure is only non-Linux system.
  mattock made a new forums system that runs on rocky linux 8 as agreed with ecrist.
  Currently waiting for ecrist to test if he has access and all is well before we're able to make the switch.
  ecrist indicated that he is missing some information, mattock provided this.

Topics on standby

• Have to remember to update SupportedVersions to put 2.4 out of support at around end of March

• OpenVPN 2.6 performance results.
  We should work on an article to publish some performance results when 2.6 is out as stable. but first press release.

• Management interface documentation on main website will be updated with info from doc/management-notes.txt
  novaflash will pick this up again now that he is back.

• ​https://www-dev.openvpn.in/community-resources/openvpn-quickstart/ will be updated from /doc/man-sections/example-fingerprint.rst information.
  Static-key will be deprecated and contents updated with peer-fingerprint stuff.
  novaflash will pick this up again now that he is back.

• IPv6 to community.
  No new information to report.