| *** hoangcx has joined #openstack-vpnaas | 00:57 | |
| *** ChanServ sets mode: +o hoangcx | 00:57 | |
| *** huntxu has joined #openstack-vpnaas | 01:14 | |
| hoangcx | huntxu: hi | 01:30 |
|---|---|---|
| huntxu | hoangcx: morning~ | 01:30 |
| hoangcx | huntxu: thanks for pushed the patch. | 01:30 |
| hoangcx | huntxu: I have just check bug report https://bugs.launchpad.net/neutron/+bug/1747654 | 01:30 |
| openstack | Launchpad bug 1747654 in neutron "VPNaaS: enable sha384/sha512 auth algorithms for *Swan drivers" [Medium,New] - Assigned to Hunt Xu (huntxu) | 01:30 |
| hoangcx | I think it is not need to add REF to the title | 01:31 |
| huntxu | hoangcx: hmmm, I can remove that prefix then | 01:32 |
| hoangcx | huntxu: I removed it for you already and add important status to it | 01:32 |
| hoangcx | huntxu: :) | 01:32 |
| hoangcx | huntxu: let me check the patch and post comments on it | 01:32 |
| huntxu | hoangcx: thx, I will see what I can do with LibreSwan, I applied it locally yesterday and for StrongSwan it worked like a charm | 01:34 |
| hoangcx | huntxu: perfect. Thanks a lot :) | 01:35 |
| hoangcx | huntxu: waiting for your info for LibreSwan :) | 01:35 |
| hoangcx | huntxu: commented you your patch. And I also confirmed with StrongSwan in my local env :) | 02:10 |
| hoangcx | s/commented you/commented on :P | 02:11 |
| huntxu | hoangcx: have already read that, will handle it later | 02:11 |
| *** openstackgerrit has joined #openstack-vpnaas | 02:27 | |
| openstackgerrit | zhouguowei proposed openstack/neutron-vpnaas-dashboard master: Modify the language for zh_CN https://review.openstack.org/541517 | 02:27 |
| *** hoangcx has quit IRC | 02:33 | |
| *** hoangcx has joined #openstack-vpnaas | 02:34 | |
| *** ChanServ sets mode: +o hoangcx | 02:34 | |
| *** yamamoto has joined #openstack-vpnaas | 02:52 | |
| *** yamamoto has quit IRC | 02:55 | |
| *** yamamoto has joined #openstack-vpnaas | 02:56 | |
| *** hoangcx has quit IRC | 03:31 | |
| *** openstackgerrit has quit IRC | 04:04 | |
| *** hoangcx has joined #openstack-vpnaas | 04:21 | |
| *** hoangcx has quit IRC | 04:29 | |
| *** hoangcx has joined #openstack-vpnaas | 05:46 | |
| *** ChanServ sets mode: +o hoangcx | 05:46 | |
| *** openstackgerrit has joined #openstack-vpnaas | 06:03 | |
| openstackgerrit | zhouguowei proposed openstack/neutron-vpnaas-dashboard master: Change support to supported https://review.openstack.org/541551 | 06:03 |
| openstackgerrit | OpenStack Proposal Bot proposed openstack/neutron-vpnaas-dashboard master: Imported Translations from Zanata https://review.openstack.org/541590 | 07:15 |
| openstackgerrit | Hunt Xu proposed openstack/neutron-vpnaas master: Add IPv6 VPNaaS scenario tests https://review.openstack.org/533172 | 07:30 |
| openstackgerrit | Hunt Xu proposed openstack/neutron-vpnaas master: Remove ikelifetime in %default section of ipsec.conf templates https://review.openstack.org/541604 | 08:10 |
| *** hoangcx has quit IRC | 08:14 | |
| *** hoangcx has joined #openstack-vpnaas | 08:15 | |
| *** ChanServ sets mode: +o hoangcx | 08:15 | |
| huntxu | hoangcx: now I can confirm that both sha384 and sha512 also work for LibreSwan | 08:39 |
| hoangcx | huntxu: Perfect. Thanks for your info. | 08:40 |
| hoangcx | huntxu: I confirmed with StrongSwan this morning. Need to prepare env for LibreSwan | 08:40 |
| huntxu | hoangcx: it takes me quite some time to make it work in LibreSwan, some handy changes are needed if you use similar env as I | 08:42 |
| huntxu | hoangcx: I use CentOS 7.4 with libreswan-3.20-5.el7_4.x86_64, devstack cloned in this morning | 08:43 |
| huntxu | hoangcx: https://paste.ubuntu.com/26534617/ https://review.openstack.org/#/c/495284/ these two changes are needed for the new libreswan | 08:46 |
| huntxu | hoangcx: and you might need https://review.openstack.org/#/c/535208/ if you use devstack as the neutron-l3 is run by the devstack user | 08:47 |
| hoangcx | huntxu: OK. Let me try | 08:49 |
| openstackgerrit | Hunt Xu proposed openstack/neutron-vpnaas master: Remove ikelifetime in %default section of ipsec.conf templates https://review.openstack.org/541604 | 08:51 |
| hoangcx | huntxu: I confirmed with LibreSwan too. It really needs to apply those change you mentioned. | 09:11 |
| hoangcx | huntxu: see log here http://paste.openstack.org/show/664667/ | 09:12 |
| hoangcx | huntxu: So, Could you please update the patch with merging those necessary change? | 09:12 |
| huntxu | hoangcx: nice, I'm on the way updating it | 09:13 |
| openstackgerrit | Hunt Xu proposed openstack/neutron-vpnaas master: Enable sha384/sha512 auth algorithms for *Swan drivers https://review.openstack.org/541250 | 09:34 |
| hoangcx | huntxu: Don't you need to merge https://paste.ubuntu.com/26534617/ to ^^? | 09:42 |
| huntxu | hoangcx: it is not related, I think this should be merged to https://review.openstack.org/#/c/495284/ | 09:43 |
| hoangcx | huntxu: I'm asking relevant members on the patch to see | 09:45 |
| huntxu | hoangcx: we still have to check it also works for older versions... I would take over 495284 if we don't get a reply from the owner | 09:46 |
| hoangcx | huntxu: Yeah. The patch is not updated for several months. I think you can take it over :) | 09:47 |
| huntxu | hoangcx: by the way what do you think about adding functional tests for LibreSwan, it seems zuul supports using CentOS as the base system | 09:53 |
| hoangcx | huntxu: you mean we should add a new job like "neutron-vpnaas-dsvm-functional-lswan" ? | 09:55 |
| huntxu | hoangcx: yes, LibreSwan is taken less care of than it should be IMHO | 09:58 |
| hoangcx | huntxu: Yes. But I'm not a maintainer of the driver. https://docs.openstack.org/neutron-vpnaas/latest/devref/team.html#driver-maintainers | 10:00 |
| openstackgerrit | Hunt Xu proposed openstack/neutron-vpnaas master: Enable sha384/sha512 auth algorithms for *Swan drivers https://review.openstack.org/541250 | 10:00 |
| hoangcx | huntxu: If you are willing, please volunteer to help it be improved | 10:00 |
| huntxu | hoangcx: ok, I can try that | 10:01 |
| hoangcx | huntxu: I'm not sure if zuul supports using CentOS as the base system | 10:01 |
| hoangcx | huntxu: awesome :) | 10:01 |
| huntxu | hoangcx: I add functional tests for strongswan to verify sha384 and sha512 | 10:01 |
| hoangcx | huntxu: Please push a patch to add your name to the driver maintainer list | 10:01 |
| * hoangcx needs to leave office early. See huntxu tomorrow :) | 10:10 | |
| openstackgerrit | Hunt Xu proposed openstack/neutron-vpnaas master: Enable sha384/sha512 auth algorithms for *Swan drivers https://review.openstack.org/541250 | 10:32 |
| *** yamamoto has quit IRC | 12:17 | |
| *** yamamoto has joined #openstack-vpnaas | 12:17 | |
| *** huntxu has quit IRC | 12:21 | |
| *** yamamoto has quit IRC | 15:10 | |
| *** yamamoto has joined #openstack-vpnaas | 15:26 | |
| *** yamamoto has quit IRC | 15:30 | |
| *** yamamoto has joined #openstack-vpnaas | 16:50 | |
| *** yamamoto has quit IRC | 16:57 | |
| openstackgerrit | Merged openstack/neutron-vpnaas-dashboard master: Imported Translations from Zanata https://review.openstack.org/541590 | 23:08 |
Generated by irclog2html.py 2.15.3 by Marius Gedminas - find it at mg.pov.lt!