Just to explain a bit further on a few details
Regarding retracting the 1.2.5 release and have 1.1.1 in the appstore again. Apple gave OpenVPN Inc a hard deadline on the old VPN API. Any app updates to OpenVPN Connect after July 2017
cannot utilize the old VPN API. This is out of our control. So we are forced by Apple to move forward. To rollback or even re-release the old 1.1.1 with a newer version number will be blocked by the Appstore before it reaches all the users - due to the fact that the app will then use an API which is no longer approved.
Regarding the issues related to the keychain. The newer VPN API we needed to move towards to is far more stringent and stricter in the access control. The old API was much more open and forgiving, and it was possible to access keying material outside the "domain" of the single app. This power is bad for device security. So when we now do not have that access, it is definitely seen as a user experience regression. But again, this is also outside our control. Apple enforces OpenVPN Connect updates to use the newer VPN API, and we need to play within the boundaries that gives us. One way to circumvent all this is to have the key/cert/ca files embedded into the configuration file.
Some users have utilized --tls-auth without using --key-direction (either explicitly or indirectly via the --tls-auth option as the last argument). That this worked initially has actually been a bug, and it degrades the overall security layer --tls-auth can provide. Those who switched to --tls-crypt will not see these issues, as --key-direction is automatically handled correctly. That said, --tls-crypt gives an even stronger protection than --tls-auth would provide; so this move alone is a good improvement.
There are probably a few more other issues which would deserve comments too ... but currently, these three areas have been taking most of the focus of the discussion in this thread.
All that said ... We are working on a new release, which is just about to hit testing and QA ... it seeks to remedy a lot of the issues reported. We've focused on the critical ones first for this first update. And some other issues may need to in a later release, as they need more work and we don't want to hold back a release for issues where we have fixes ready.
Despite many of you have had a bad experience with this update, we also have a lot of users telling us this update improved their situation - where it now finally works better in their environments. So this update broke some configurations while other configurations got improved. With that in mind we cannot conclude that this update was ultimately an utter and complete disaster. But it also wasn't a complete successful story either, unfortunately.
And finally, all the feedback has been valuable - in various degrees. But some post have been less constructive and useful. We fully understand and sympathize with the frustration when something truly and badly breaks - especially if your responsible for many users. But please be considerate in the wording you use when responding and raising awareness about issues. What I'm about to write, is truly sad and disturbing to write. But it seems needed. Personal attacks, questioning processes or competences or other derailing of the discussion thread is not much valuable and it belongs nowhere in these discussion threads. Most of you have have behaved well, and we could have a constructive dialogue. But some posters have experienced or will experience their posts being removed or even banned. This is not because we want to censor the forum, but simply because it provides nothing to the discussion at all. Remember that behind each and single post, there is a living human being. When submitting a post, think through how you would experience the message you're about to submit if you were the receiver and not the sender. So be considerate and respectful, and you will experience we take your feedback serious.
Thank you all ... now at least I need to get back to work