Difference between revisions of "OpenVPN/Developer documentation"

From Secure Computing Wiki
Jump to: navigation, search
m (Developer communication channels)
(Patch quality)
Line 42: Line 42:
* Must be sent as unified diff (diff -u)
* Must be sent as unified diff (diff -u)
* Patches generated via git should contain a 'Signed-off-by:' line at the end (git commit --signoff)
* Must apply cleanly, without merge conflicts.
* Must apply cleanly, without merge conflicts.
* Must contain an argumentation ''why'' this patch should be included and ''how'' it solves the issue in plain English.
* Must contain an argumentation ''why'' this patch should be included and ''how'' it solves the issue in plain English.

Revision as of 17:14, 31 March 2010


Most of the content here is the result of the the weekly IRC discussions.

Developer communication channels

There are three primary developer channels:

  • openvpn-devel mailinglist: primary communication channel, subscription required
  • #openvpn-devel (at) irc.freenode.net: used for generic development discussions
  • #openvpn-discussion (at) irc.freenode.net: used for the weekly IRC meetings

Development processes

General workflow

Development Process Diagram
Original Link

The basic development process we follow is outlined in the diagram. So, in a nutshell:

  • All patches must be sent to "openvpn-devel" mailing list for review. The subject should preferably be prefixed with [PATCH]
  • All patches need to be reviewed and accepted (ACK) by at least one other developer to make sure they meet our quality criteria
  • All accepted patches go to the OpenVPN "testing" tree (Git) first
  • Code is moved to the OpenVPN "stable" tree (SVN) after initial testing
  • All official releases are based on the "stable" (SVN) tree and go through a feature freeze and a Beta/RC process

If someone maintains their modifications in a git tree already, those git trees can be pulled as long as it will not cause any conflicts against the master/SVN development branch. However, the author must send a pull request to the devel mailing list, including a description in plain English of the changes. This is so to open up for a public discussion of the changes, and to allow the ACK process to work. Changes in git trees needs to get ACKed as well, just like patches. Pull requests to the mailing list should preferably be prefixed with [GIT PULL].

NOTE: Patches or "git pull requests" sent directly to a development tree ("stable" or "testing") maintainer will be rejected. All patches and contents of git pull requests must be public and must be discussed in public.

Feature deprecation

Feature removal process (aka FRP) described here serves two purposes:

  • Maintain backwards compatibility and minimize the impact of feature removal (for users)
  • Keeping the codebase clean and understandable (for developers)

The Feature removal process is described in detail on this page.

Patch quality

All patches, regardless of their type need to be created following a few rules:

  • Must be sent as unified diff (diff -u)
  • Patches generated via git should contain a 'Signed-off-by:' line at the end (git commit --signoff)
  • Must apply cleanly, without merge conflicts.
  • Must contain an argumentation why this patch should be included and how it solves the issue in plain English.
  • Must be against the SVN development branch or git master branch, at least until a feature branch is created.
  • Everyone who has contributed to this patch should be mentioned, with at least a valid e-mail address, preferably with full name in addition. This is to give credit to contributors.

All code patches need to meet certain generic quality criteria before being accepted:

  • All code should be useful and beneficial for several OpenVPN users. This way we avoid spoiling the code base with features which is only requested for very special conditions.
  • New features need to make use of #ifdef's so that they can be disabled at compile-time. This is to enable better support for embedded systems and to track which code belongs to which feature.
  • Patch needs to respect our coding conventions to keep the codebase understandable and maintainable.

Also note that the documentation (e.g. man pages) need to be updated, if

  • New functionality has been introduced
  • Old functionality has changed
  • Functionality has been removed

Coding conventions

This is work in progress, but will include things like

  • Code indenting
  • Scratch memory handling with "gc"

Code repositories

Old CVS repository

There is an old CVS repository hosted in SF.net. This is not used for any development.

Stable (SVN) repository

The OpenVPN project makes use of two code repositories. The Stable SVN repository is maintained by James Yonan and hosted at openvpn.net. Instructions for using it can be found here. Currently (Feb 2010) only James has write access to this repository, but anonymous read-only access is available.

Code from this repository should be used if stability is important for you, but the official releases are missing some essential piece of functionality.

Testing (Git) repository

The Testing repository is maintained by David Sommerseth and uses Git. This repository is hosted by SF.net under the OpenVPN project. The master branch in the git tree is based on the openvpn/branches/BETA21 SVN branch.

There are several branches in the Git tree, each of which tracks the different patches/contributions separately. There's also one branch that contains all the available patches:

    master          -- Should be identical to James' stable SVN development branch
    bugfix2.1       -- Contains only bugfixes for OpenVPN 2.1
    frp             -- Features which are going through the feature removal process (FRP).
    feat_misc       -- Miscellaneous new and enhanced features.  Changes too small to get its own branch.
    {featureX}      -- Contains only patches for feature X
    {featureY}      -- Contains only patches for feature Y
    {featureZ}      -- Contains only patches for feature Z
    allmerged       -- All branches above merged

This gives James a possibility to only include/merge in the features and bugfixes which he wants to include into his "stable" development branch.

It is expected that each contributor which have received a feature branch makes sure it merges cleanly against the development branch at any time. The same applies to maintainers of external development Git trees. Also, the development of the feature branch is the author's responsibility - "testing" tree maintainer only collects the patches and makes sure all features and bugfixes play nicely together to catch conflicts as early as possible (and of course do sanity review of all patches).

Generic instructions for using Git in SF.net can be found here. Generic usage instructions for OpenVPN project's Git repository can be found here. To fetch the latest development code, use

git clone git://openvpn.git.sourceforge.net/gitroot/openvpn/openvpn-testing.git

You will here get a openvpn-testing directory. When entering this directory, you will get the 'master' branch by default. To checkout the allmerged branch, use

git checkout -b allmerged origin/allmerged

To see all available branches, use

git branch -a

Use the code in the allmerged branch from this git tree if you want the latest and greatest features and you're willing to encounter problems. If you're unfamiliar with Git in general, take a look at these links: