*** hoangcx has joined #openstack-vpnaas | 00:48 | |
*** ChanServ sets mode: +o hoangcx | 00:48 | |
*** huntxu has joined #openstack-vpnaas | 01:29 | |
hoangcx | huntxu: ping | 02:40 |
---|---|---|
huntxu | hoangcx: pong | 02:40 |
hoangcx | huntxu: hi, thanks for your reply | 02:40 |
hoangcx | huntxu: I have a question regarding to the following commit https://github.com/openstack/neutron-vpnaas/commit/b1530c73da9b8c689c61b3fc726a1ba6e5038ec3#diff-6425857d99a351a735b906d11d4d42ef | 02:41 |
hoangcx | huntxu: Do you think it is not up to date for StrongSwan and Libreswan? | 02:41 |
huntxu | hoangcx: you are going to suggest use sha384/512 for StrongSwan and Libreswan? | 02:43 |
hoangcx | huntxu: Have those drivers supported "sha384" and "sha512" auth algorithms? | 02:44 |
hoangcx | huntxu: I mean If it have supported we should unblock validator block code | 02:44 |
huntxu | https://download.libreswan.org/CHANGES back to v3.0 in 2013 * NETKEY: Support for SHA384/SHA512 and integ(ikev2) in ESP [Avesh] | 02:45 |
*** yamamoto has joined #openstack-vpnaas | 02:47 | |
hoangcx | huntxu: So, It means we can unblock those validate. right? | 02:48 |
huntxu | hoangcx: https://wiki.strongswan.org/projects/strongswan/wiki/IKEv1CipherSuites https://wiki.strongswan.org/projects/strongswan/wiki/IKEv2CipherSuites | 02:51 |
hoangcx | huntxu: Those drivers supported both sha38/512 mode. | 02:53 |
huntxu | hoangcx: yes, so I guess it's fine to unblock their usage | 02:54 |
hoangcx | huntxu: I raised this because I have asked from other guy. Hope someone can propose a patch to get this up to date with drivers supporting | 02:55 |
huntxu | hoangcx: https://review.openstack.org/#/c/442661/ I recalled that I have see something related to this topic | 02:56 |
huntxu | hoangcx: I don't have a libreswan environment, for Strong | 02:57 |
huntxu | hoangcx: I don't have a libreswan environment, for StrongSwan I can unblock that locally to check whether it works | 02:57 |
hoangcx | huntxu: Thank you. | 02:57 |
hoangcx | huntxu: The patch you mentioned is in other aspect that make a change for default auth algorithm | 02:58 |
huntxu | hoangcx: Yeah, just some dissusion related to this | 03:00 |
huntxu | hoangcx: I would try StrongSwan locally first and then see what I can do with Libreswan | 03:00 |
hoangcx | huntxu: Yeah. yamamoto did a research on it. | 03:01 |
hoangcx | huntxu: Ok. Thank for your head up | 03:02 |
hoangcx | huntxu: Will you plan to attend Vancouver summit? | 04:32 |
hoangcx | huntxu: I am thinking to invite you as a co-speaker for a presentation that I will propose (even if I know there is less possibility/chance to get approval for vpnaas) :-) | 04:32 |
huntxu | hoangcx: unfortunately I am not planning to attend Vancouver summit, thanks for your invitation :P | 04:34 |
hoangcx | huntxu: Ack :-) | 04:34 |
hoangcx | huntxu: about sha384/sha512 support: if possible, please help to post a patch to unblock when you finished checking it locally :) | 10:17 |
huntxu | hoangcx: sure, will do, I'm occupied by something else today, hope I can do that in this week :) | 10:21 |
hoangcx | huntxu: +1 :) | 10:23 |
*** huntxu has quit IRC | 12:25 | |
*** yamamoto has quit IRC | 13:01 | |
*** yamamoto has joined #openstack-vpnaas | 13:19 | |
openstackgerrit | Akihiro Motoki proposed openstack/neutron-vpnaas-dashboard master: Correct django template pattern in babel-django.cfg https://review.openstack.org/540912 | 16:14 |
*** yamamoto has quit IRC | 16:36 | |
*** yamamoto has joined #openstack-vpnaas | 16:49 | |
*** yamamoto has quit IRC | 16:49 | |
*** yamamoto has joined #openstack-vpnaas | 16:50 | |
*** yamamoto has quit IRC | 16:50 | |
*** yamamoto has joined #openstack-vpnaas | 17:50 | |
openstackgerrit | Merged openstack/neutron-vpnaas-dashboard master: Correct django template pattern in babel-django.cfg https://review.openstack.org/540912 | 17:58 |
*** yamamoto has quit IRC | 18:06 |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!