OpenVPN 3 Linux v20 (stable) This is the first stable relase of OpenVPN 3 Linux. This release is mostly adding minor improvements, a few bug fix and adding two more helper tools. * Feature: openvpn3-admin journal This is a helper function to retrieve log events from the OpenVPN 3 Linux stack logging with systemd-journald. It can be considered a lightweight journaldctl tool, which is targetting some of the filters useful for OpenVPN 3 Linux. * Feature: openvpn3-admin init-setup This is another helper function to configure OpenVPN 3 Linux in an automated fashion based on the current runtime environment. It will ensure proper state directories are present with the proper ownership and access, as well as SELinux context lables if that is availale. It will check if the needed user/group accounts is present and wether to use systemd-journald and systemd-resolved or not. In the next release, this feature will be used in the the packaging scripts for Debian/Ubuntu and Fedora/Red Hat Enterise Linux packaging as well. * Improvement: Full support for CR_TEXT based multi-factor authentication Prior releases did not fully support CR_TEXT/crtext based authentication which would result in disconnecting from the server while querying the user for the additional credentials. This new mode is more efficient and will keep the connection to the server alive. * Improvement: Improve behaviour with incorrect private key passphrase Prior releases would dump an error message which would not be much end-user friendly if the connection failed due to incorrect passphrase to the private encryption key needed for the connection. This has been improved and the error handling should be more clear for non-technical users. * Improvement: Run resume and restart operations in the background Until now, the openvpn3 session-manage --resume and --restart operations would run in the foreground, resulting in stopping the VPN session if this operation would be interrupted. These operations can typically run in the background. If a re-authentication would be need, the openvpn3 session-auth command is available to complete that operation. It is also possible to run these operations in the foreground by adding the --timeout argument with a value reasonable to wait for this operation to complete. * Improvement: Install openvpn3/constants.h header file This adds ah eader file which contains all the constants used by the OpenVPN 3 Linux stack, which is suitable for C programs. The constants listed here is similar to the constants found when importing the Python 3 openvpn3.constants module. These constants are typically used in D-Bus signals issued by the OpenVPN 3 Linux stack. * Bugfix: Don't hardcode use of --journald in openvpn3-service-logger Not all Linux distributions ships with the systemd stack. Auto-detect during build time if systemd support is available or not and fallback to syslog if systemd support is lacking. * Bugfix: Don't hardfail if systemd-resolved is unreachable If openvpn3-service-netcfg could not reach or access the systemd-resolved service, it would hard-fail which again would cause the VPN session to fail starting. This has been changed so the VPN session will succeed, but it will instead not do the DNS configuration. This situation will be duely logged in the system logs. * Documentation: Highlight deprecation of openvpn3-autoload The openvpn3-autoload feature is being deprecated in favour of using the systemd openvpn3-session@.service feature instead. The openvpn3-autoload feature will still be around though, until there is a suitable alternative for Linux distributions not capable of using the more native systemd approach. * Documentation: Generic overhaul Lots of the man pages as well as README.md file has been reviewed and updated. Lots of details has been clarified and the README.md has been split up into several files as it has grown quite a lot and some of the information would be better to have in other files to avoid duplicating the information. * Code: Coding style There exists now a .clang-format coding style definition and all the C++ source code and headers should now be using this style. * Copyright: Switch to SPDX license tags To ease the maintenance of copyright blobs, all files with an AGPL copyright blob has been switched to the SPDX license tag.