Context Navigation

Basic info

New, closed: no community meeting on 12 June 2024
Due to an event that a large amount of people will attend, this particular day will be inconvenient to do a meeting.
Meetings will resume the week after on 19 June 2024.

Updated: Buildbot and t_server null
Builds were failing because worker containers have not been rebuilt.
This issue was resolved between mattock and djpig.

Updated: community.openvpn.net trac wiki
It turned out that outline is not really open source, it has BSL 1.1 license. Not suitable for us.
Wiki.js still seems at the moment the direction we want to go. To be sure leoossa will present some workflows to test.
Based on the results of those tests we can then see where the limitations of wiki.js are, and then we can see if those are dealbreakers or not.

Updated: release openvpn 2.6.11
Waiting to complete review/merge process of Windows tunnelcrack mitigations.
Waiting to complete review/merge process of item reported by reynir.
Once those items are in we'll prepare for a release, tentatively in 2 weeks from now.

Updated: DCO and Linux upstreaming, API change
Upstreaming DCO to Linux is proceeding, it is in review stage at the moment.
ordex will send a patchset v4 based on feedback received over the past days.
There will be an API change that makes it incompatible with the current implementation.
A graceful solution to that was already discussed and in motion. giaan will be working on this.
(in a nutshell, make OpenVPN understand old and new API, DKMS and kernel versions both will then use new API, then we drop old API)

OpenVPN community meetup 2024
There's a wiki page up now where we can coordinate: https://community.openvpn.net/openvpn/wiki/CommunityMeetup2024
We're basically at the point where we can prepare a mailing and send out invites to people.
Where: Karlsruhe, Germany. Exact details of meeting room to be determined.
When: Set to 20-22 September 2024.
Shirts: novaflash will talk to matt about this.

forums topics
rob0 and novaflash will work to get access and then find some time to look at solving the cloudflare related issue.
Unfortunately the past weeks were difficult to find time - holidays and travel and such. Will find time and push this forward.
Plan is to soon switch URLs so new forum is on forums.openvpn.net and old forums is on archive address.
- email confirmation on registration was suggested.
- mod permissions, guide, hard or soft delete (chuck board?), what to do with GDPR, etc. (write it down and actually make it available to mods, maybe a hidden topic)
- access for mods to logs so one can see what others did

Tunnelcrack progress TunnelCrack community wiki article
Status update on TunnelCrack mitigations:
Windows, openvpn2: ready to merge. openvpn3: in code review.
Linux, openvpn2: in progress. openvpn3: in progress.
macOS: to be determined.
iOS: to be determined.
Android: not vulnerable.

donation collection
From earlier exploration it is clear that setting up a legal entity is not worth the expense at this point. We're just starting out with donations.
What we can do is start out with an existing company that can collect the money and puts it to good community use. ordex volunteers to take this on.
There are some options to consider. There may be existing solutions that we want to consider.
PayPal? seems overly expensive with all their fees.
Stripe could be worth considering for credit card processing.
GitHub? Sponsors was mentioned as a possible solution, this is worth investigating.
Open Collective was also mentioned, that needs some investigating how that exactly would work for us.

website release process
Waiting for faster way to update community downloads and security advisories on main site.
Again postponed due to issues. Now planned for this week. We'll see.

Status of SBOM
There was a discussion between MaxF and djpig and others.
For OpenVPN2 / OpenVPN-NL, there is not much overlap, as OpenVPN2 doesn't ship much in terms of libraries, but OpenVPN-NL does.
The interesting use-case for an SBOM is really the OpenVPN Windows GUI client.

Static-key mini how-to is outdated.
This page is outdated badly: https://openvpn.net/community-resources/static-key-mini-howto/
company will send this to tech writer to redo based on https://github.com/OpenVPN/openvpn/blob/master/doc/man-sections/example-fingerprint.rst info
and also retain a link to that github doc.
having a simple guide online will help adoption

OpenVPN 2.6 performance results.
tests should cover: gre, ipsec, userland, dco
linux, freebsd, windows
requires time to be dedicated to doing this, when time available will do it

What's going on with new taskbar icons?
matt provided icons in https://github.com/OpenVPN/openvpn-gui/issues/595
last update: will be picked up by selva when he has time

software code signing topic
company switched EV code signing to cloudhsm, this is same cert type we use for driver signing, is also suitable for binary signing.
in future we could possibly switch community to that same key. saves having to maintain 2 different keys.
depends on how hard/easy it is to access company key signing thingee from community infrastructure.
also no high priority at the moment, we have a working solution now.

Last modified 3 months ago Last modified on 06/05/24 12:56:42