Meeting summary for 19 February 2025:
* *New: community downloads hard to find on main website*
/Three suggestions that will be passed on to company:/
/1. rename community to open source, there is a consensus in the
meeting that community could be anything and open source is specific
to openvpn open source software./
/2. open source community would prefer to see open source downloads
back on the 'second line' main menu./
/3. it was suggested to add a call to action like "looking for open
source downloads?" at the bottom of the page./
* *Updated: OpenSSL update severity high*
/We discussed internally and looks like it doesn't affect us. But
since a copy of OpenSSL is shipped with the Windows installer, we'll
just update that copy just to be sure./
/This will be shipped as a 2.6.13-I002 update/revision to the MSI
installer only, not a full OpenVPN release./
* *Updated: Release 2.7*
/We want to get our release done before the next major Debian release./
/This means tentatively getting stuff for 2.7 done before March 1 or
so, and release early April./
/Looking into a weird failure to deliver properly working openssl
binary on amd64 on master. Looks like with old MSVC the OpenSSL
ARM64 bug we observed doesn't occur./
/We need to decide on switching to newer API for DCO and making a
newer out-of-tree DCO. We're already working towards an updated
out-of-tree DCO copy./
/There is a party interested in doing a security audit of OpenVPN
2.7, there are some questions to be clarified about it being a code
audit and/or testing./
* *Updated: data format v3 / epoch data keys*
/Implementation in user space in OpenVPN2 and OpenVPN3 are both done
now./
/Since Linux DCO is in the process of upstreaming to Linux kernel,
we're not changing the implementation to include this now, but will
do it after./
/Windows DCO multipeer support is currently in review process - once
that part is done we can look at adding the necessary changes for
epoch data keys./
* *Udated: DCO Linux upstreaming*
/Upstreaming DCO to Linux is proceeding, it is in review stage at
the moment./
/Patchset v19 lead to some further discussions which are believed to
now be resolved, v20 should land by end of this week./
* *Updated: multi-socket support*
/https://gerrit.openvpn.net/q/topic:%22multisocket%22
<https://gerrit.openvpn.net/q/topic:%22multisocket%22>/
/Currently there's 3 patches left. A trivial one, then one that may
need more discussion, and then the big one that makes it all work./
/It generally works but cron2 was able to trigger crashes after
stress testing it - so that needs to be addressed./
* *Updated: DCO windows multi-peer*
/This is in review now - it compiles and works./
/cron2 is looking into stress testing it to see what breaks./
* *Updated: new --dns option support
*/https://gerrit.openvpn.net/q/topic:%22dns+option%22
<https://gerrit.openvpn.net/q/topic:%22dns+option%22>//It's going to
be updated based on feedback received and discussions had on how to
handle the situation of being unable to handle certain DNS options.
//Expect it to be ready for review again by end of the week./
As always you're welcome to join at #openvpn-meeting on Libera IRC
network every Wednesday at 14:00 Central European Time.
Kind regards,
Johan Draaisma
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
