Monday, 2018-02-05

*** hoangcx has joined #openstack-vpnaas00:48
*** ChanServ sets mode: +o hoangcx00:48
*** huntxu has joined #openstack-vpnaas01:29
hoangcxhuntxu: ping02:40
huntxuhoangcx: pong02:40
hoangcxhuntxu: hi, thanks for your reply02:40
hoangcxhuntxu: I have a question regarding to the following commit https://github.com/openstack/neutron-vpnaas/commit/b1530c73da9b8c689c61b3fc726a1ba6e5038ec3#diff-6425857d99a351a735b906d11d4d42ef02:41
hoangcxhuntxu: Do you think it is not up to date for StrongSwan and Libreswan?02:41
huntxuhoangcx: you are going to suggest use sha384/512 for StrongSwan and Libreswan?02:43
hoangcxhuntxu: Have those drivers supported "sha384" and "sha512" auth algorithms?02:44
hoangcxhuntxu: I mean If it have supported we should unblock validator block code02:44
huntxuhttps://download.libreswan.org/CHANGES back to v3.0 in 2013 * NETKEY: Support for SHA384/SHA512 and integ(ikev2)  in ESP [Avesh]02:45
*** yamamoto has joined #openstack-vpnaas02:47
hoangcxhuntxu: So, It means we can unblock those validate. right?02:48
huntxuhoangcx: https://wiki.strongswan.org/projects/strongswan/wiki/IKEv1CipherSuites https://wiki.strongswan.org/projects/strongswan/wiki/IKEv2CipherSuites02:51
hoangcxhuntxu: Those drivers supported both sha38/512 mode.02:53
huntxuhoangcx: yes, so I guess it's fine to unblock their usage02:54
hoangcxhuntxu: I raised this because I have asked from other guy. Hope someone can propose a patch to get this up to date with drivers supporting02:55
huntxuhoangcx: https://review.openstack.org/#/c/442661/ I recalled that I have see something related to this topic02:56
huntxuhoangcx: I don't have a libreswan environment, for Strong02:57
huntxuhoangcx: I don't have a libreswan environment, for StrongSwan I can unblock that locally to check whether it works02:57
hoangcxhuntxu: Thank you.02:57
hoangcxhuntxu: The patch you mentioned is in other aspect that make a change for default auth algorithm02:58
huntxuhoangcx: Yeah, just some dissusion related to this03:00
huntxuhoangcx: I would try StrongSwan locally first and then see what I can do with Libreswan03:00
hoangcxhuntxu: Yeah. yamamoto did a research on it.03:01
hoangcxhuntxu: Ok. Thank for your head up03:02
hoangcxhuntxu: Will you plan to attend Vancouver summit?04:32
hoangcxhuntxu: I am thinking to invite you as a co-speaker for a presentation that I will propose (even if I know there is less possibility/chance to get approval for vpnaas) :-)04:32
huntxuhoangcx: unfortunately I am not planning to attend Vancouver summit, thanks for your invitation :P04:34
hoangcxhuntxu: Ack :-)04:34
hoangcxhuntxu: about sha384/sha512 support: if possible, please help to post a patch to unblock when you finished checking it locally :)10:17
huntxuhoangcx: sure, will do, I'm occupied by something else today, hope I can do that in this week :)10:21
hoangcxhuntxu: +1 :)10:23
*** huntxu has quit IRC12:25
*** yamamoto has quit IRC13:01
*** yamamoto has joined #openstack-vpnaas13:19
openstackgerritAkihiro Motoki proposed openstack/neutron-vpnaas-dashboard master: Correct django template pattern in babel-django.cfg  https://review.openstack.org/54091216:14
*** yamamoto has quit IRC16:36
*** yamamoto has joined #openstack-vpnaas16:49
*** yamamoto has quit IRC16:49
*** yamamoto has joined #openstack-vpnaas16:50
*** yamamoto has quit IRC16:50
*** yamamoto has joined #openstack-vpnaas17:50
openstackgerritMerged openstack/neutron-vpnaas-dashboard master: Correct django template pattern in babel-django.cfg  https://review.openstack.org/54091217:58
*** yamamoto has quit IRC18:06

Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!