Hi, Here's the summary of the previous IRC meeting / sprint.
--- COMMUNITY MEETING Place: #openvpn-devel on irc.freenode.net List-Post: openvpn-devel@lists.sourceforge.net Date: Thursday 1st Sep 2011 Time: 18:00 UTC Planned meeting topics for this meeting were on this page: <https://community.openvpn.net/openvpn/wiki/Topics-2011-09-01> Next meeting will be announced in advance, but will probably be on the same weekday and at the same time. Your local meeting time is easy to check from services such as <http://www.timeanddate.com/worldclock> or with $ date -u SUMMARY andj, cron2, dazo, krzee, mattock and novaflash participated in this meeting. -- This meeting was mostly a sprint, where Adriaan's (andj's) PolarSSL patches were reviewed, fixed and ACKed on the fly. The sprint focused on the "SSL library separation" patchset. This is the status of these patches before and after the meeting: <https://community.openvpn.net/openvpn/wiki/PolarSSLintegration?version=45#SSLlibraryseparation> <https://community.openvpn.net/openvpn/wiki/PolarSSLintegration?version=54#SSLlibraryseparation> If you have any comments regarding any of the patches (or ACKs) please chime in. If there are no complaints, the ACKed patches will be merged to the main Git repository soon. It will probably take 2-3 IRC sprints to go through the remaining PolarSSL patches. --- Full chatlog as an attachment -- Samuli Seppänen Community Manager OpenVPN Technologies, Inc irc freenode net: mattock
mattock 21:00:28 mkay, meeting time andj 21:00:40 evening mattock 21:00:49 ok, so james won't be attending, unfortunately https://community.openvpn.net/openvpn/wiki/Topics-2011-09-01 21:01:01 vpnHelper 21:01:03 Title: Topics-2011-09-01 â OpenVPN Community (at community.openvpn.net) mattock 21:01:41 so, we got andj, cron2, ecrist and krzee present... anybody else atm? novaflash 21:01:58 /lurking mattock 21:02:31 novaflash: that qualifies you as an attendee novaflash 21:02:43 ouch. this means i have to do something. cron2 21:02:45 not much to contribute to todays topics... mattock 21:02:57 cron2: even polarssl stuff? L'utente dazo_afk è ora conosciuto come dazo 21:03 mattock 21:03:21 hi dazo! cron2 21:03:22 especially not crypto or windows related andj 21:03:32 hi dazo cron2 21:03:43 wb dazo dazo 21:03:48 hey! mattock 21:04:28 so, which topics should we cover? there are bunch of PolarSSL refactoring patches those should be relatively easy, right andj? 21:04:37 andj 21:04:40 I'm afraid I haven't got that much to contribute to the Windows stuff, but I'll wait out the discussion on that Yeah, think so 21:04:44 the first one is slightly tougher I think 21:04:52 mattock 21:05:16 if it's too hairy, perhaps we can skip it? tackle some easier ones 21:05:26 andj 21:06:14 not extremely difficult 21:06:16 L'utente d12fk- è entrato nella stanza 21:06 andj 21:06:27 But windows stuff first? as that's less? 21:06:30 d12fk- 21:06:49 we should move the windows stuff to later i'm here but not really 21:06:59 andj 21:07:11 ok, starting with the first polar patch then https://github.com/andj/openvpn-ssl-refactoring/commit/df9b63c5c0b3333d7171e76dd3dab87b9274cbf8 21:07:17 vpnHelper 21:07:18 Title: Commit df9b63c5c0b3333d7171e76dd3dab87b9274cbf8 to andj/openvpn-ssl-refactoring - GitHub (at github.com) andj 21:07:25 https://gist.github.com/1171353 vpnHelper 21:07:26 Title: andj's gist: 1171353 Gist (at gist.github.com) andj 21:08:03 Basically move the cert reading code dazo 21:12:13 andj: what about the code which is left in ssl.c ... around line 2000 andj 21:12:25 That's what I'm trying to figure out I think something might have gone missing here between version 2.1.4 and 2.3 21:12:48 dazo 21:12:58 I smell some conflicts when merging this into master though, as there has been some changes in ssl.c .... andj 21:13:03 ok, let's skip this one and I'll look into it later 21:13:10 https://github.com/andj/openvpn-ssl-refactoring/commit/4431a8b7cf89500b81c9c62774ac75c1937297e3 21:13:27 vpnHelper 21:13:28 Title: Commit 4431a8b7cf89500b81c9c62774ac75c1937297e3 to andj/openvpn-ssl-refactoring - GitHub (at github.com) andj 21:13:30 is the next one with its gist 21:13:42 https://gist.github.com/1171400 21:13:43 vpnHelper 21:13:44 Title: andj's gist: 1171400 Gist (at gist.github.com) dazo 21:13:47 there's happened more stuff with the management parts in 2.2, much from james ... so need to be careful with that andj 21:14:33 dazo: I'll work on a fix for that patch later, it seems I missed some management stuff there during the rebase onward to 4431a8b7cf8 21:15:01 dazo 21:15:12 looking ACK 21:17:05 andj 21:17:13 cool ah, https://github.com/andj/openvpn-ssl-refactoring/commit/2a5f084332fc7a619107513b17b2f4a3dc0c31b2 21:17:24 vpnHelper 21:17:25 Title: Commit 2a5f084332fc7a619107513b17b2f4a3dc0c31b2 to andj/openvpn-ssl-refactoring - GitHub (at github.com) andj 21:17:29 might be the missing external stuff https://gist.github.com/1171413 is the accompanying gist 21:17:44 vpnHelper 21:17:45 Title: andj's gist: 1171413 Gist (at gist.github.com) dazo 21:19:45 andj: what happens with the stuff round line 70? (in the gist) 21:19:59 andj 21:21:13 let me check in the final code mattock 21:22:23 I'm already a bit confused about the ACKs... could you verify the current situation: https://community.openvpn.net/openvpn/wiki/PolarSSLintegration?version=46#SSLlibraryseparation vpnHelper 21:22:25 Title: PolarSSLintegration â OpenVPN Community (at community.openvpn.net) andj 21:22:39 That's right mattock 21:22:42 ok andj 21:23:01 I'll look into this patch later as well dazo 21:23:12 goodie! andj 21:23:49 I suspect it's ok, but it'll take too long to look at now next one: https://gist.github.com/1171425 21:23:58 vpnHelper 21:23:59 Title: andj's gist: 1171425 Gist (at gist.github.com) andj 21:24:06 oops https://github.com/andj/openvpn-ssl-refactoring/commit/b5ceb7049dd57ac8e7fa05d542c479382a4ed1ed 21:24:14 vpnHelper 21:24:15 Title: Commit b5ceb7049dd57ac8e7fa05d542c479382a4ed1ed to andj/openvpn-ssl-refactoring - GitHub (at github.com) andj 21:24:30 that's the actual commit dazo 21:26:23 anyone understand the purpose of xname_cmp()? (just a thought, not related to the real review) 21:26:40 andj 21:27:03 no ide why it's there, if that's what you mean *idea 21:27:15 dazo 21:27:17 it lookse like a simple function rename ... andj 21:27:46 sk_X509_NAME_new(xname_cmp); probably a slightly different signature required 21:27:56 so just an adapter 21:28:01 dazo 21:28:12 could be looks good, but I see the patch is mixing tabs and spaces towards the end 21:30:44 andj 21:30:45 anyway, it's a pretty straightforward copy where? 21:31:10 dazo 21:31:36 it is really obvious around line 800+ the msg() calls are out of line 21:31:44 andj 21:31:49 isn't that just github? 8 spaces = 1 tab 21:32:01 and github decided 2 spaces = 1 tab 21:32:39 dazo 21:32:44 doubt it ... if you enable colours in git, and show the patch there, you might see a lot of red fields (haven't checked on this patch yet) andj 21:33:20 hmm, it looks ok in my editor but that's not saying that much 21:33:28 dazo 21:34:03 + if (!PEM_read_bio_X509 (bio, &cert, 0, NULL)) /* takes ownership of cert */ + break; 21:34:03 + if (!cert) 21:34:03 + msg (M_SSLERR, "Error reading extra-certs certificate"); 21:34:04 + if (SSL_CTX_add_extra_chain_cert(ctx->ctx, cert) != 1) 21:34:04 + msg (M_SSLERR, "Error adding extra-certs certificate"); 21:34:04 that's raw from my terminal ... no colour flashing, though ... but here msg() is one too little 21:34:20 https://gist.github.com/1171425 ... here it is also visible that the code shifts lefts some places 21:35:21 vpnHelper 21:35:23 Title: andj's gist: 1171425 Gist (at gist.github.com) dazo don't like mixed tab/spaces 21:35 andj 21:35:51 my editor says: <6spaces>if (!PEM_read_bio_X509 (bio, &cert, 0, NULL)) /* takes ownership of cert */ 21:36:05 <1tab>break; 21:36:05 is that wrong? 21:36:10 dazo 21:36:40 yeah, it should then be either <6spaces> and then <8spaces> ... or <1tab> and then <2tabs> but follow what looks like the standard in that file ... if it is a complete mess (which is not unlikely), make sure each function block you change is consistent 21:37:10 andj 21:37:11 I thought the standard was 2 character space tabs and for every 8 spaces take a tab 21:37:25 d12fk- 21:37:33 sadly openvpn uses gnu style andj 21:37:40 (that's what I found everywhere) cron2 21:37:45 so did i.... andj 21:37:45 so that's what I applied dazo 21:38:02 well, the issue is that the tab character is saved, not the spaces ... which is why it shifts andj 21:38:02 so that's why you'll find that yeah, but that's just github 21:38:14 not the actual code 21:38:19 dazo 21:38:20 because tabs are not necessarily defined to the same width in all editors d12fk- 21:38:31 http://en.wikipedia.org/wiki/Indent_style#GNU_style vpnHelper 21:38:33 Title: Indent style - Wikipedia, the free encyclopedia (at en.wikipedia.org) dazo 21:38:41 (which is why I prefer spaces instead of tabs ... no such mess) d12fk- 21:38:52 good editors have a .kateconfig =) andj 21:38:52 I'm a bit of a pythonista at times and from that I haaattte tabs 21:39:02 dazo 21:39:14 andj 21:39:15 but that's just personal, stuck to what I thought was the standard here anyway, let's just say I stuck to GNU style for all of the code 21:39:36 dazo 21:39:45 andj: I would not mind if you change those tabs to spaces, and that it fits the structure .... and over time, we'll go completely over to spaces only andj 21:39:59 is the patch ok otherwise? dazo 21:40:19 yeah, I couldn't see I saw anything else andj 21:40:19 dazo: will do in the future, but changing it now might be rather painful d12fk- 21:40:44 what i find worse than gnu style is no style dazo 21:40:47 yeah, it can be painful to redo patches andj 21:40:53 https://github.com/andj/openvpn-ssl-refactoring/commit/bde5b4f18e82437cdd6ca93cdc6fb78bfedc924b dazo 21:40:54 d12fk-: vpnHelper 21:40:55 Title: Commit bde5b4f18e82437cdd6ca93cdc6fb78bfedc924b to andj/openvpn-ssl-refactoring - GitHub (at github.com) andj 21:41:15 hmm, I'll get rid of the Fox-IT hardening line there that got left over from a different hardening patch 21:41:25 mattock 21:42:25 did b5ceb get an ACK? andj 21:42:46 dazo? I think so, not sure 21:42:58 dazo 21:43:05 mattock: functional ACK, but I'd like the code style to be cleaned up ... if a separate patch, that's fine now mattock 21:43:13 ok andj 21:43:39 dazo: if you want a style clean-up I'll do it in one patch so we can debate that patch, and not the functional stuff 21:43:55 cron2 21:44:08 +1 dazo 21:44:18 good deal! maybe we have some more coding style things along the road as well then, on things we see in these patches (not the complete code) 21:44:25 d12fk- 21:44:38 how far advanced are you with the polar stuff? dazo 21:45:05 bde5b4f18e82437cd ACK when the Fox-IT line disappears d12fk- 21:45:26 will it make sense to stick around without james in here anyway? dazo will get dinner served in 15 min 21:45 dazo 21:46:07 d12fk-: we probably won't good chances to look at your windows stuff today, without james ... I want him to look at that, as he is the experienced one who can review this andj 21:46:28 https://github.com/andj/openvpn-ssl-refactoring/commit/8e6d02204736f36e5f94ab539fcbcf5f5766f060 vpnHelper 21:46:30 Title: Commit 8e6d02204736f36e5f94ab539fcbcf5f5766f060 to andj/openvpn-ssl-refactoring - GitHub (at github.com) andj 21:46:32 Fox-IT tag dazo 21:46:40 ACK andj 21:47:06 https://github.com/andj/openvpn-ssl-refactoring/commit/899913d235502a2a6bd754e368bbe5a782a83911 vpnHelper 21:47:08 Title: Commit 899913d235502a2a6bd754e368bbe5a782a83911 to andj/openvpn-ssl-refactoring - GitHub (at github.com) andj 21:47:09 is the next one d12fk- 21:47:11 dazo: ok let's do this another time then andj 21:47:15 https://gist.github.com/1171454 vpnHelper 21:47:15 Title: andj's gist: 1171454 Gist (at gist.github.com) andj 21:48:10 That one just moves the BIO code into an openssl-specific bit 21:48:31 as BIOs are openssl-specific 21:48:37 dazo 21:49:55 do you have gist view as well? andj 21:50:05 see above dazo 's head begins to get really slow now 21:50 dazo 21:50:29 duh! d12fk- 21:50:31 dinner in 10 will fix that =) dazo 21:50:36 yeah andj 21:50:38 give me a chance to look at the two weird patches 21:50:50 dazo 21:52:36 I'm sorry, my head is not able to understand what it looks at ... I see the code, looks sensible, but somehow I get a div by zero in my head dazo feels he shouldn't push it much more today ... very sorry about that 21:52 andj 21:53:34 that's fine, we'll continue next week dazo 21:53:35 if cron2 is around and have time, maybe he could continue (no pressure though) 21:53:46 mattock 21:54:32 good news: Francis promised to pay for the shirts so, it was all about the donation aspect 21:54:45 I'll discuss details such as prices & delivery with Colleen (the lady who contacted) 21:55:14 contact me 21:55:17 andj 21:55:50 cron2, up for a few of the simpler patches? mattock 21:58:49 yeah, getting a few more tackled would be nice mattock 22:05:54 novaflash: fixed the issues on https://community.openvpn.net/openvpn/wiki/RelatedProjects vpnHelper 22:05:55 Title: RelatedProjects â OpenVPN Community (at community.openvpn.net) mattock 22:06:06 cron2: still there? or shall we call this a day? cron2 22:06:11 dazo: do we have simple ones? mattock 22:06:19 ah, hello! andj 22:06:27 https://github.com/andj/openvpn-ssl-refactoring/commit/360ff2980be50a6d2d8dececa1854807da4a7a1c vpnHelper 22:06:28 Title: Commit 360ff2980be50a6d2d8dececa1854807da4a7a1c to andj/openvpn-ssl-refactoring - GitHub (at github.com) andj 22:06:32 cron2 22:06:50 mmmh, github.com has no IPv6 andj 22:07:08 to give an example of a simple one cron2 22:07:19 now that one is simple, but why is it done? andj 22:07:40 to ensure a consistent ordering in the file cron2 22:08:09 cosmetics, eh? but anyway, I'm all for orderly structure, so ACK d12fk- 22:08:30 cron2: stackenblochen? cron2 22:08:41 h?? d12fk- 22:09:05 cron2: http://www.youtube.com/watch?v=zqAdxN1IWQQ vpnHelper 22:09:07 Title: Stackenblochen - YouTube (at www.youtube.com) andj 22:10:03 lol cron2 22:10:13 omg andj 22:10:34 cdo, it's like ocd, but in alphabetical order like it should be 22:10:37 cron2 22:10:58 anyway, ACK on this one, next andj 22:11:24 https://github.com/andj/openvpn-ssl-refactoring/commit/1f09fbe7a54779a6b359c139400c71cbb53f5ac9 vpnHelper 22:11:25 Title: Commit 1f09fbe7a54779a6b359c139400c71cbb53f5ac9 to andj/openvpn-ssl-refactoring - GitHub (at github.com) andj 22:11:36 straightforward file move note that it got moved into its own function 22:12:03 cron2 22:13:27 ack andj 22:13:36 same story: https://github.com/andj/openvpn-ssl-refactoring/commit/7172f01eee7aa5c78af77f560ab8c5a25666614d vpnHelper 22:13:37 Title: Commit 7172f01eee7aa5c78af77f560ab8c5a25666614d to andj/openvpn-ssl-refactoring - GitHub (at github.com) andj 22:13:43 gist shows no changes https://gist.github.com/1171477 22:13:44 vpnHelper 22:13:45 Title: andj's gist: 1171477 Gist (at gist.github.com) cron2 22:15:20 gist better should show some changes, as the data type changed andj 22:15:31 well slightly cron2 22:16:08 but yeah, these are somewhat logical, and the rest is indeed just moved ack 22:16:10 andj 22:16:15 https://github.com/andj/openvpn-ssl-refactoring/commit/d1fa6f792b65f38acbe0728387a1f9b214e2be00 vpnHelper 22:16:16 Title: Commit d1fa6f792b65f38acbe0728387a1f9b214e2be00 to andj/openvpn-ssl-refactoring - GitHub (at github.com) andj 22:16:24 that one has such a short gist that it's in the comments 22:16:29 below 22:16:30 cron2 22:17:25 a new blank line sneaked in!!! (but I like blank lines for structure!) 22:17:55 ACK 22:17:55 andj 22:18:10 https://github.com/andj/openvpn-ssl-refactoring/commit/0c332998f43510afed692febadf1a03dcee57ee9 22:18:32 vpnHelper 22:18:33 Title: Commit 0c332998f43510afed692febadf1a03dcee57ee9 to andj/openvpn-ssl-refactoring - GitHub (at github.com) andj 22:18:38 you'll love that one cron2 22:18:51 moar blank lines? *looking* andj 22:18:59 but maybe we should leave it for the general white space round cron2 22:19:07 heh, that's more for dazo to like looks good to me, ACK (even if it's just white space) 22:19:30 andj 22:19:58 ok, https://github.com/andj/openvpn-ssl-refactoring/commit/be3d6f97f7596c91fae5e656854dbfed6de80ec6 vpnHelper 22:19:59 Title: Commit be3d6f97f7596c91fae5e656854dbfed6de80ec6 to andj/openvpn-ssl-refactoring - GitHub (at github.com) andj 22:20:04 is just doxygen moving around https://gist.github.com/1140033 22:20:24 vpnHelper 22:20:25 Title: andj's gist: 1140033 Gist (at gist.github.com) andj 22:20:29 for the gist cron2 22:21:09 huh, there were some duplicate prototypes before the patch? andj 22:21:23 yeah, mostly due to moves in earlier patches this is basically cleanup 22:21:30 cron2 22:22:54 there's no code changes, and the doxygen just moves around (can't say which effects that has), so ACK ok, last one for today now... 22:22:59 andj 22:23:09 ok, that's the last of the ssl verification patches that are simple there's a few minor bugfixes further on, but those are better for later 22:23:51 cron2 22:24:01 let's do those next time, then cron2 <- tired 22:24 andj 22:24:09 indeed thanks everyone 22:24:13 mattock 22:24:17 thanks guys! andj 22:24:26 I'm going to go have a look at the two weird patches from earlier krzee 22:24:33 </lurk> mattock 22:24:41 final status here: https://community.openvpn.net/openvpn/wiki/PolarSSLintegration?version=54#SSLlibraryseparation novaflash 22:24:42 hey.. that was my line... vpnHelper 22:24:43 Title: PolarSSLintegration â OpenVPN Community (at community.openvpn.net) mattock 22:24:47 check if you can pretty nice progress again!
