"help"
> From: openvpn-devel-requ...@lists.sourceforge.net > Subject: Openvpn-devel Digest, Vol 78, Issue 6 > To: openvpn-devel@lists.sourceforge.net > Date: Fri, 30 Nov 2012 12:37:46 +0000 > > Send Openvpn-devel mailing list submissions to > openvpn-devel@lists.sourceforge.net > > To subscribe or unsubscribe via the World Wide Web, visit > https://lists.sourceforge.net/lists/listinfo/openvpn-devel > or, via email, send a message with subject or body 'help' to > openvpn-devel-requ...@lists.sourceforge.net > > You can reach the person managing the list at > openvpn-devel-ow...@lists.sourceforge.net > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of Openvpn-devel digest..." > > > Today's Topics: > > 1. Re: [PATCH] Avoid recursion in virtual_output_callback_func() > (David Sommerseth) > 2. Re: [PATCH] Properly require --key even if > defined(MANAGMENT_EXTERNAL_KEY) (David Sommerseth) > 3. Re: [PATCH] doc/management-notes.txt: fix typo (David Sommerseth) > 4. Re: [PATCH] The get_default_gateway() function uses warn() > instead of msg() (David Sommerseth) > 5. Summary of the IRC meeting (29th Nov 2012) (Samuli Sepp?nen) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Thu, 29 Nov 2012 22:16:54 +0100 > From: David Sommerseth <openvpn.l...@topphemmelig.net> > Subject: Re: [Openvpn-devel] [PATCH] Avoid recursion in > virtual_output_callback_func() > To: openvpn-devel@lists.sourceforge.net > Message-ID: <50b7d0c6.60...@topphemmelig.net> > Content-Type: text/plain; charset="iso-8859-1" > > On 16/11/12 12:02, David Sommerseth wrote: > > From: David Sommerseth <dav...@redhat.com> > > > > This solves a SEGV situation when using the management API while OpenVPN > > is closing down. > > > > The situation happens when the management socket has closed and OpenVPN > > tries to write an error about this to the management socket. What happens > > is that > > > > virtual_output_callback_func() is called, which then calls > > -> man_output_list_push_finalize() > > -> man_output_standalone() > > -> man_write() <-- this does the socket write > > -> man_io_error() > > -> x_msg() > > -> virtual_output_print() > > -> virtual_output_callback_func() (recursion start) > > > > virtual_output_callback_func() do have a mechanism to avoid recursion, > > but that did not keep the recurse counter when > > man_output_list_push_finalize() > > is called. > > > > This patch just reorganise the recursion block to also keep the counter > > while > > calling the other functions from virtual_output_callback_func() > > > > Signed-off-by: David Sommerseth <dav...@redhat.com> > > --- > > src/openvpn/manage.c | 15 ++++++++------- > > 1 file changed, 8 insertions(+), 7 deletions(-) > > Applied to master and beta/2.3 branches > > commit b2b66179f6dcc37de9582d5c3044f0357dda3df3 (master) > commit 5541ea21691b5b39adc4bd3e1ff1af86a050c71d (beta/2.3) > Author: David Sommerseth <dav...@redhat.com> > Date: Fri Nov 16 12:02:06 2012 +0100 > > Avoid recursion in virtual_output_callback_func() > > Signed-off-by: David Sommerseth <dav...@redhat.com> > Acked-by: Gert Doering <g...@greenie.muc.de> > Message-Id: 1353063726-25113-1-git-send-email-d...@users.sourceforge.net > URL: http://article.gmane.org/gmane.network.openvpn.devel/7130 > > > -- > kind regards, > > David Sommerseth > > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 262 bytes > Desc: OpenPGP digital signature > > ------------------------------ > > Message: 2 > Date: Thu, 29 Nov 2012 22:16:57 +0100 > From: David Sommerseth <openvpn.l...@topphemmelig.net> > Subject: Re: [Openvpn-devel] [PATCH] Properly require --key even if > defined(MANAGMENT_EXTERNAL_KEY) > To: openvpn-devel@lists.sourceforge.net > Message-ID: <50b7d0c9.5070...@topphemmelig.net> > Content-Type: text/plain; charset="iso-8859-1" > > On 26/11/12 15:33, Arne Schwabe wrote: > > When specifying --tls-client --cert ... without a --key (or --pkcs11) > > option, > > OpenVPN should complain: "You must define private key file (--key)...". > > Ensure > > that this works even when compiling with MANAGMENT_EXTERNAL_KEY. > > > > Also fix the other instance where this logic is broken > > > > Orginal-Patch-by: Found by Joachim Schipper <joachim.schip...@fox-it.com> > > Signed-off-by: Arne Schwabe <a...@rfc2549.org> > > --- > > src/openvpn/options.c | 4 ++-- > > 1 file changed, 2 insertions(+), 2 deletions(-) > > Applied to master and beta/2.3 > > commit feca0900dd00577779ab02f2e52b41eb3dab935f (master) > commit 9447858c38c5cf51265c7eab3445d7d5fb4f7bba (beta/2.3) > Author: Arne Schwabe <a...@rfc2549.org> > Date: Mon Nov 26 15:33:09 2012 +0100 > > Properly require --key even if defined(MANAGMENT_EXTERNAL_KEY) > > Orginal-Patch-by: Found by Joachim Schipper <joachim.schip...@fox-it.com> > Signed-off-by: Arne Schwabe <a...@rfc2549.org> > Acked-by: Gert Doering <g...@greenie.muc.de> > Message-Id: 1353940389-31075-1-git-send-email-a...@rfc2549.org > URL: http://article.gmane.org/gmane.network.openvpn.devel/7143 > Signed-off-by: David Sommerseth <dav...@redhat.com> > > > -- > kind regards, > > David Sommerseth > > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 262 bytes > Desc: OpenPGP digital signature > > ------------------------------ > > Message: 3 > Date: Thu, 29 Nov 2012 22:17:01 +0100 > From: David Sommerseth <openvpn.l...@topphemmelig.net> > Subject: Re: [Openvpn-devel] [PATCH] doc/management-notes.txt: fix > typo > To: openvpn-devel@lists.sourceforge.net > Message-ID: <50b7d0cd.7070...@topphemmelig.net> > Content-Type: text/plain; charset="iso-8859-1" > > On 26/11/12 15:31, Joachim Schipper wrote: > > Signed-off-by: Joachim Schipper <joachim.schip...@fox-it.com> > > --- > > doc/management-notes.txt | 2 +- > > 1 file changed, 1 insertion(+), 1 deletion(-) > > Thanks! Applied to master and beta/2.3 branches > > commit 5dfdb7c010c5a32a0ec51d9266748c641cd24dba (master) > commit 376e1432b3ce0c5fc715cfc0f9a9ea7b733b4cc0 (beta/2.3) > Author: Joachim Schipper <joachim.schip...@fox-it.com> > Date: Mon Nov 26 15:31:45 2012 +0100 > > doc/management-notes.txt: fix typo > > Signed-off-by: Joachim Schipper <joachim.schip...@fox-it.com> > Acked-by: Gert Doering <g...@greenie.muc.de> > Message-Id: 1ced409804e2164c8104f9e623b08b901323d0b...@foxdft02.fox.local > URL: http://article.gmane.org/gmane.network.openvpn.devel/7141 > Signed-off-by: David Sommerseth <dav...@redhat.com> > > > -- > kind regards, > > David Sommerseth > > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 262 bytes > Desc: OpenPGP digital signature > > ------------------------------ > > Message: 4 > Date: Thu, 29 Nov 2012 22:17:05 +0100 > From: David Sommerseth <openvpn.l...@topphemmelig.net> > Subject: Re: [Openvpn-devel] [PATCH] The get_default_gateway() > function uses warn() instead of msg() > To: openvpn-devel@lists.sourceforge.net > Message-ID: <50b7d0d1.1090...@topphemmelig.net> > Content-Type: text/plain; charset="iso-8859-1" > > On 29/11/12 14:16, David Sommerseth wrote: > > From: David Sommerseth <dav...@redhat.com> > > > > A report on #openvpn pointed out that in his setup three warnings > > appeard on the console when starting up. > > > > $ sudo /usr/local/etc/rc.d/openvpn restart > > Stopping openvpn. > > Waiting for PIDS: 33031. > > Starting openvpn. > > openvpn: writing to routing socket: No such process > > openvpn: writing to routing socket: No such process > > openvpn: writing to routing socket: No such process > > $ > > > > This setup is on FreeBSD using jails with strict access to the > > routing table. > > > > After looking at the code path, this error was found in the BSD > > sections for get_default_gateway(). But it was using the warn() > > call instead of msg(M_WARN|M_ERRNO, ...) which causes these > > warnings to go to stderr instead of the log file. > > > > The warning string is also slightly modified to better explain > > what fails. > > > > Reported-by: Thomas Steen Rasmussen <tho...@gibfest.dk> > > Tested-by: Thomas Steen Rasmussen <tho...@gibfest.dk> > > Signed-off-by: David Sommerseth <dav...@redhat.com> > > --- > > src/openvpn/route.c | 4 ++-- > > 1 file changed, 2 insertions(+), 2 deletions(-) > > > > Applied to master and beta/2.3 branches > > commit b3f19cc4bec6978a128f5af3ab22d8cfa954b064 (master) > commit 28d9e57638d66fde792a53a3eb6391ddb8bb426f (beta/2.3) > Author: David Sommerseth <dav...@redhat.com> > Date: Thu Nov 29 14:16:12 2012 +0100 > > The get_default_gateway() function uses warn() instead of msg() > > Reported-by: Thomas Steen Rasmussen <tho...@gibfest.dk> > Tested-by: Thomas Steen Rasmussen <tho...@gibfest.dk> > Signed-off-by: David Sommerseth <dav...@redhat.com> > Acked-by: Gert Doering <g...@greenie.muc.de> > Message-Id: 1354194972-5388-1-git-send-email-d...@users.sourceforge.net > URL: http://article.gmane.org/gmane.network.openvpn.devel/7149 > > > -- > kind regards, > > David Sommerseth > > -------------- next part -------------- > A non-text attachment was scrubbed... > Name: signature.asc > Type: application/pgp-signature > Size: 262 bytes > Desc: OpenPGP digital signature > > ------------------------------ > > Message: 5 > Date: Fri, 30 Nov 2012 14:37:28 +0200 > From: Samuli Sepp?nen <sam...@openvpn.net> > Subject: [Openvpn-devel] Summary of the IRC meeting (29th Nov 2012) > To: "openvpn-devel@lists.sourceforge.net" > <openvpn-devel@lists.sourceforge.net> > Message-ID: <50b8a888.40...@openvpn.net> > Content-Type: text/plain; charset="utf-8" > > Hi, > > Here's the summary of the previous IRC meeting. > > --- > > COMMUNITY MEETING > > Place: #openvpn-devel on irc.freenode.net > Date: Thursday 29th Nov 2012 > Time: 18:00 UTC > > Planned meeting topics for this meeting were on this page: > > <https://community.openvpn.net/openvpn/wiki/Topics-2012-11-29> > > Next meeting will be announced in advance, but will probably be on the same > weekday and at the same time. Your local meeting time is easy to check > from services such as > > <http://www.timeanddate.com/worldclock> > > or with > > $ date -u > > > SUMMARY > > cron2, dazo, ecrist, krzee, jamesyonan, mattock, novaflash, plaisthos, > raidz and swg0101 participated in this meeting. > > -- > > Started the meeting with short round of introductions. Some were not > formally introduced, but are included here. On the community side: > > - cron2: The OpenVPN IPv6+BSD+Solaris developer, buildbot farmer (Germany) > - dazo: master of plugins and git, does patch management, cleanups and > lots of other good work (Norway) > - d12fk: develops the new openvpn-gui for Windows (Germany) > - ecrist: takes care of forums, easy-rsa maintenance, #openvpn channel, > etc. (Unites States) > - krzee: takes care of the forums and IRC with ecrist; a mystical figure > (somewhere in the Caribbean) > - plaisthos: did the Android port; in charge of overhauling the socket.c > code (Germany) > > On the company side: > > - jamesyonan: Father of OpenVPN (United States/Colorado) > - mattock: Community manager, server administrator, does OSS releases, > testing, etc. (Finland) > - novaflash: Support technician (Netherlands) > - raidz: Support engineer, network engineer, and janitor (United > States/California) > - swg0101: Support and development (United States) > > A few non-participants were also mentioned: > > - andj: Added polarssl support to openvpn and is maintaining that part > (Netherlands) > - juanjo: The other IPv6 guy who we seldom see (from where?) > > --- > > Jamesyonan gave a short introduction of the new C++ codebase: > > - about 30K lines of C++ code > - an object-oriented rethinking of openvpn from the ground up > - design similar to original OpenVPN 3.0: > <http://community.openvpn.net/openvpn/wiki/RoadMap> > - is very modular in the sense that SSL/crypto libraries, transport > protocols, etc. can be modularized > - fairly prototypical/incomplete at this stage; only the client-side has > been implemented > - has been tested against Access Server (based on OpenVPN 2.1.x) and > OpenVPN 2.3* servers > - is 100% protocol compatible with 2.x branches > - has most 2.x's options > - is being used in the OpenVPN tech android client and the upcoming iOS > client > - may (at some point) supplant the 2.x branch, but that'll probably take > at least 1-2 years > > Some more technical tidbits: > > - core leverages on Boost Asio as it's async i/o layer > - C++ is really ready for prime time in system programming / networking > space > - C++ 2003 that's used seems to work very well on different compilers > - C++ static polymorphism (templates) is great for network programming > where we have small objects that have polymorphic properties, such as > IPv4 vs IPv6 addresses > > --- > > Discussed open sourcing the C++ codebase: > > According to jamesyonan, the plan is to release this probably under GPL > within the next couple months, but the company needs the ability to > relicense the C++ core because of (Apple) app store issues. It was > agreed that having OpenVPN on that platform is a must. To accomplish > this, relicensing the codebase is necessary. The consensus was that this > can be done in a way that's acceptable to all parties, without resorting > to the classic "copyright handover" scheme, which was not ok for everyone. > > The alternative would be to release the C++ codebase under a permissive > license (e.g. BSD), but that would allow companies such as Apple or > Microsoft to "steal" it. This was not seen as a good option, either. > > --- > > Discussed the role of OpenVPN 2.3 within the company: > > The company is planning to migrate the Access Server to OpenVPN 2.3*. > Before the meeting mattock had already managed to get the Access Server > running with OpenVPN-2.3-rc1 in a few hours, with only few minor > modifications. Tests run by raidz during the meeting revealed no further > issues. More details will follow later. > > --- > > Discussed having a joint company/community meeting in FOSDEM > (https://fosdem.org/2013). Most of the present developers seem to be > coming, but nobody has dared book the flights or hotel yet. > > --- > > Decided to arrange a second meeting next Thursday at the same time. The > meeting will focus on helping James move to 2.3 and Git (from 2.1.x and > SVN). > > --- > > Full chatlog as an attachment > > -- > Samuli Sepp?nen > Community Manager > OpenVPN Technologies, Inc > > irc freenode net: mattock > > > -------------- next part -------------- > mattock_ 20.14.15 > ah, finally > damn empathy 20.14.17 > it disconnected without saying anything 20.14.33 > everyone set? 20.14.46 > > dazo 20.14.49 > heh ... been talking for your self? > > mattock_ 20.14.51 > yeah > > krzee 20.14.52 > *is here from work, so in and out depending on how busy it is* > > mattock_ 20.14.53 > > > ecrist 20.15.13 > *too* > > dazo 20.15.30 > d12fk might appear as well, but I don't think we should wait for him now ... > we're 15 min past already > > mattock_ 20.15.34 > ok, so here are today's topics: > https://community.openvpn.net/openvpn/wiki/Topics-2012-11-29 > > vpnHelper 20.15.35 > Title: Topics-2012-11-29 ? OpenVPN Community (at community.openvpn.net) > > dazo 20.15.50 > everyone from the company present? > > novaflash 20.16.05 > i am present > > raidz 20.16.10 > here > > novaflash 20.16.13 > james appears to be present as well, and raidz as well > > raidz 20.16.16 > jamesyonan > > cron2 20.16.23 > /whois novaflash? > > novaflash 20.16.30 > an idiot > i mean.. err.. 20.16.32 > > raidz 20.16.37 > introduce yourself johan > > novaflash 20.16.38 > one of the support techs at openvpn technologies > > cron2 20.16.51 > (sorry if I missed the introduction, I'm not always paying close attention) > > novaflash 20.17.00 > that's okay i don't think i ever did introduce myself here > i just sort of sidled in 20.17.07 > sneakily 20.17.11 > > cron2 20.17.18 > now done - welcome to the secret society > > novaflash 20.17.31 > *does secret handshake* > > mattock_ 20.17.59 > novaflash: btw. where do you live? besides the IRC channel, that is... > > novaflash 20.18.08 > i'm in the netherlands > > mattock_ 20.18.20 > yeah, I thought so > > cron2 20.18.35 > fun. So how big is OpenVPN tech? > > novaflash 20.18.41 > so i usually am the one answering tickets and questions in #openvpn-as while > raidz and co and dreaming of unicorns and fairies > > raidz 20.18.59 > there are about 7 of us cron2 > > novaflash 20.19.01 > 7 billion people working in the company at the moment! > > raidz 20.19.04 > we are a small bunch > > cron2 20.19.46 > I assumed so, but sometimes you guess wrong, and that sounded like "having > support force round the world, in all time zones!!" > > dazo 20.19.54 > So, raidz, novaflash, jamesyonan and mattock_ are the company guys here now, > right? > > raidz 20.19.58 > hahaha > > novaflash 20.20.12 > *checks list of nicks in the channel* > yes. 20.20.14 > i think so 20.20.31 > > raidz 20.20.39 > correct dazo > > mattock_ 20.20.40 > raidz: have you ever formally introduced yourself? > > novaflash 20.20.56 > introduce yourself raidz > > raidz 20.20.58 > I have a feeling people recognize me, but in case you don't: > > cron2 20.21.02 > I think he has > he's the one breaking stuff @ company all day 20.21.15 > > raidz 20.21.17 > I am OpenVPN's support engineer, network engineer, and janitor > > cron2 20.21.23 > what I said > > raidz 20.21.29 > We wear a lot of hats around here > exactly cron2! 20.21.38 > > novaflash 20.21.51 > raidz is selling himself short, he's also a ladies man - with a girl on each > finger > > raidz 20.22.03 > not anymore! Just 1 now! > > mattock_ 20.22.13 > shall I give a "flash introduction" of the community guys? > > novaflash 20.22.14 > oh what a tragic accident, just one finger? > > dazo 20.22.23 > mattock_: makes sense > > mattock_ 20.22.30 > ok > > raidz 20.22.31 > mattock_: I think I know most of the people in here, but I think it would be > nice > in case any of us don't 20.22.39 > > cron2 20.22.50 > +1 > > mattock_ 20.23.20 > andj added polarssl support to openvpn and is maintaining that part... lives > in Netherlands > > krzee 20.23.28 > are the corp guys here? (besides james / mattock) > > mattock_ 20.23.41 > cron2 is one of the IPv6 guys, from Germany > > cron2 20.23.44 > *points krzee at "20 lines up"* > > novaflash 20.23.45 > krzee: james, mattock, me, raidz. > > krzee 20.23.57 > oh whoa, i didnt know you were corp > > mattock_ 20.23.59 > then there's the other IPv6 guy who we don't see much (juanjo) > > novaflash 20.24.09 > krzee: surprise > > raidz 20.24.12 > krzee: we are pretty much it, I am not sure if Francis will make it or not, I > don't think he knows how to use IRC > 20.24.18 > > cron2 20.24.21 > *g* > > mattock_ 20.24.22 > d12fk: is developing the new openvpn-gui for Windows and is also from Germany > > > krzee 20.24.27 > heh > > novaflash 20.24.31 > good, keep it that way, because i say way too many crazy shit on IRC > > mattock_ 20.24.47 > ecrist is taking care of forums, easy-rsa maintenance, #openvpn channel, etc. > and is from the States > > raidz 20.24.49 > I thought cron2 was the ipv6 guy mattock_ > > mattock_ 20.25.00 > ender can introduce himself > raidz: he's one of them, the active one 20.25.07 > > novaflash 20.25.08 > raidz: that's what he said > > cron2 20.25.16 > raidz: I did "IPv6 payload", juanjo did "IPv6 transport" > > novaflash 20.25.22 > ahh. > > mattock_ 20.25.24 > keitsi can also introduce himself > > plaisthos 20.25.28 > sup > > cron2 20.25.29 > both together form "IPv6 support" > keitsi? 20.25.35 > > mattock_ 20.25.48 > krzee is also working on forums and IRC like krzee, and I believe he's > currently somewhere in the Caribbean > > raidz 20.25.48 > ahh > > plaisthos 20.25.54 > I managed to get here a bit earlier (reading backlog now) > > cron2 20.26.10 > and plaisthos is the community janitor > > mattock_ 20.26.27 > plaisthos has done the Android port of OpenVPN and has been pretty active here > that's it I guess 20.26.32 > > cron2 20.26.34 > cleaning up some damp and smelly stuff inside socket.c > > krzee 20.26.49 > <-- pirate of the caribbean ;] > > raidz 20.26.56 > Nice to re-meet/meet you all! > > mattock_ 20.27.04 > plaisthos: +5 for cleaning up the scary parts > > cron2 20.27.05 > and dazo is the master of plugins and git > > novaflash 20.27.17 > plaisthos is arne schwabe? > > mattock_ 20.27.19 > ah yes, did I somehow manage to skip dazo > ? 20.27.24 > > cron2 20.27.25 > easy to overlook > > mattock_ 20.27.29 > uh > > cron2 20.27.32 > novaflash: yes > > novaflash 20.27.36 > gotcha > > plaisthos 20.27.37 > novaflash: yes > > novaflash 20.27.40 > gotcha > > mattock_ 20.27.41 > also from Germany? > > dazo 20.27.42 > I'd like to add that plaisthos is also in charge of overhauling the often > feared socket.c code > > raidz 20.27.42 > how did you manage to skip dazo?! > > krzee 20.27.50 > +5 more for how awesome plaisthos's android client is > > dazo 20.27.59 > *considers to get grumpy on mattock_ * > > cron2 20.28.05 > raidz: he's hardly saying anything on IRC these days, so we tend to forget > him > > raidz 20.28.11 > ouch > > mattock_ 20.28.14 > so, dazo is taking care of patch management, cleaning up the codebase and in > general doing lots of good work > from Norway 20.28.18 > > cron2 20.28.21 > or maybe mattock's IRC client is just ignoring dazo > > novaflash 20.28.37 > poor dazo > > dazo 20.28.42 > heh ... too much noise from me > > krzee 20.28.43 > from norway by way of .cz > 20.28.46 > L'utente swg0101 ? entrato nella stanza 20.28.51 > > novaflash 20.28.56 > i hope some of openvpn's donations go to dazo's mental healthcare. those > pills can't be cheap. > > plaisthos 20.28.58 > *is from germany* > > novaflash 20.28.59 > oh hello swg0101 > > raidz 20.29.01 > oh, here is one more company guy: swg0101 > > swg0101 20.29.05 > hey... > > mattock_ 20.29.07 > hi swg0101 > > swg0101 20.29.15 > everyone is coughing here so I stepped away for a bit > now hopefully I don't get sick 20.29.34 > > mattock_ 20.29.44 > swg0101: you're from somewhere near San Francisco? > Bay area 20.29.48 > > swg0101 20.29.52 > in Davis > > cron2 20.29.54 > swg0101: so what are you doing? > > novaflash 20.30.02 > yes and he's got brains the size of my balls. wait that didn't come out quite > right... > > swg0101 20.30.05 > I am doing cronjobs... haha, jk > > cron2 20.30.25 > *has the feeling that "cronjobs" means work* > > novaflash 20.30.33 > he's in support and development - he figures out the really gritty problems > some of our clients have and proposes fixes > > krzee 20.30.40 > swg0101, im from the bay originally > > swg0101 20.30.48 > yes, krzee is krzee > > mattock_ 20.30.56 > krzee has no real name afaik > he's just krzee 20.31.00 > > swg0101 20.31.08 > you are krzee > > krzee 20.31.10 > this is true, krzee is my name > > mattock_ 20.31.13 > I don't think he has an email address, either > 20.31.18 > > novaflash 20.31.18 > you're all a little krzee > > mattock_ 20.31.31 > mkay, are we done with introductions? > > krzee 20.31.34 > the publishing company of JJK's book didnt like that i have no real name lol > > swg0101 20.31.35 > so what are we talking about? > > mattock_ 20.31.42 > swg0101: https://community.openvpn.net/openvpn/wiki/Topics-2012-11-29 > > vpnHelper 20.31.43 > Title: Topics-2012-11-29 ? OpenVPN Community (at community.openvpn.net) > > novaflash 20.31.44 > the topics are here > https://community.openvpn.net/openvpn/wiki/Topics-2012-11-29 20.31.45 > > swg0101 20.32.03 > fun stuff > > novaflash 20.32.12 > i am seeing openvpn c++ here, i think it that's different from what openvpn > has been up till now? > i assume it was python before and now c++ ? 20.32.23 > > mattock_ 20.32.30 > james could probably start by explaining what the C++ thingy is, and what > should we do about it > jamesyonan: shall you do the honors? 20.32.58 > > jamesyonan 20.33.12 > yes, basically I've been working for a while on a new openvpn core that might > (at some point) supplant the 2.x branch > it's fairly prototypical at this stage 20.33.27 > it's ~ 30K lines of C++ code 20.33.42 > > swg0101 20.33.53 > jamesyonan: is that the core that you are working on that allows for > different transport protocols on top of OpenVPN? > > jamesyonan 20.34.07 > yes, among other things > > swg0101 20.34.12 > very interesting > > jamesyonan 20.34.49 > it is very modular in the sense that SSL/crypto libraries, transport > protocols, etc. can be modularized > > krzee 20.34.55 > is it being built with the 3.0 roadmap in mind? > sounds like a yes ^ 20.35.00 > > jamesyonan 20.35.17 > basically yes, but it's still incomplete at this point > right now it's just a client 20.35.27 > > krzee 20.35.48 > (for anyone not familiar, http://community.openvpn.net/openvpn/wiki/RoadMap ) > > vpnHelper 20.35.51 > Title: RoadMap ? OpenVPN Community (at community.openvpn.net) > > jamesyonan 20.35.53 > it's being used in the OpenVPN tech android client and the upcoming iOS > client > > novaflash 20.36.20 > neat. > > cron2 20.36.30 > hah, he said the word > > raidz 20.36.41 > > > novaflash 20.36.57 > supercallifragilisticexpialidocious then > > krzee 20.37.18 > hows it licensed? > > jamesyonan 20.37.58 > the plan is to release this probably under GPL within the next couple months > > mattock_ 20.38.31 > jamesyonan: I would suggest "in FOSDEM" > > novaflash 20.38.45 > i am not familiar with fosdem? > > mattock_ 20.39.07 > you could give an introduction of it there > > cron2 20.39.10 > that's an open source conference in brussels, early february > > dazo 20.39.11 > novaflash: http://fosdem.org/2012/ > > plaisthos 20.39.15 > jamesyonan: with a contributer agreement? So you can merge changes to iOS and > the android client base? > > mattock_ 20.39.16 > https://fosdem.org/2013/ > > vpnHelper 20.39.19 > Title: fosdem.org (at fosdem.org) > Title: FOSDEM 2013 - Home (at fosdem.org) 20.39.21 > > jamesyonan 20.39.25 > but bear in mind that this is a new code base, and is still far from being a > drop-in replacement for 2.x > > novaflash 20.40.19 > so, FOSDEM is an event, not a license type? > > mattock_ 20.40.24 > yeah > > krzee 20.40.25 > novaflash, correct > > novaflash 20.40.28 > righto > when i went to the frontpage i saw beer mentioned 20.40.41 > so they've got me sold 20.40.44 > > cron2 20.41.03 > .nl->brussels is a nice train trip, andj and jjk did this last year > > novaflash 20.41.14 > jan just keizer? > yes i don't think brussels is too far, it can be done 20.41.30 > > jamesyonan 20.41.44 > you guys are lucky that you have trains > > cron2 20.41.45 > novaflash: yeah, we all met last year at fosdem, first ever face-to-face > meeting. Very goood. > > dazo 20.41.47 > what is this rumour about "contributor agreement"? > > novaflash 20.42.12 > jamesyonan: europe is interesting in that it has so much stuff so close > together. > > cron2 20.42.21 > dazo: well, it's a logical consequence: you can't release iOS code under GPL > - so if that code is open sourced, and you want people to be able to > contribute back, you need them to accept re-releasing it under a non-GPL > license > > mattock_ 20.42.51 > there are other ways to handle the copyright ownership issues which iOS > requires > > novaflash 20.42.52 > hm. apple restricting GPL eh? > > mattock_ 20.42.55 > none of them are pretty > > cron2 20.42.57 > (stupid Apple and Microsoft store license shit, but we *need* OpenVPN on > these platforms) > > mattock_ 20.43.17 > so we need to somehow minimize damages to everyone involved > > cron2 20.43.20 > novaflash: Apple store requires "receiver must not modify", GPL requires > "receiver must receive source and all rights to modify". Incompatible > > novaflash 20.43.30 > gotcha. > > jamesyonan 20.43.36 > right, basically we need the ability to relicense the C++ core because of app > store issues > > krzee 20.43.37 > openvpn on native ios will be a pretty fat win > > mattock_ 20.43.45 > there are other options besides contributor agreements > but some version of openvpn needs to "compatible" with iOS policies 20.44.13 > > plaisthos 20.44.16 > BSD license but I can understand if OpenVPN Corp does not want a BSD licensed > OpenVN core > > novaflash 20.44.24 > perhaps if we promise to bring Steve Jobs back to life, Apple will allow us a > more flexible licensing method. > > mattock_ 20.44.28 > plaisthos: exactly > > dazo 20.44.47 > well, I can understand that argument ... from a business perspective .... I > can even agree to a kind of contributor agreement that permits re-licensing > to Apple and Microsoft stores ... but if the agreement requires copyright > handover, then I'm fairly sceptical and will probably drop out instantly > > jamesyonan 20.45.09 > no, we're certainly not asking for copyright handover > > cron2 20.45.25 > the agreement would need to be worded carefully to keep the GPL stuff GPLed, > and just permit extra licensing > > jamesyonan 20.45.34 > we just need the ability to relicense if necessary > > dazo 20.45.47 > fair enough > > cron2 20.45.48 > *is fine with that* > > mattock_ 20.46.38 > nobody really _wants_ those pesky agreement and bureaucracy... they basically > hurt everyone (in our situation) > > dazo 20.46.39 > jamesyonan: when you have a draft ready, I can check if the GPL lawyer at my > work have time to review it and comment it > > novaflash 20.46.47 > the open source project must of course be kept intact, and not have some > apple/microsoft bozos stealing it all. > mattock_: yeah agreed. but best to have it covered. 20.47.11 > > jamesyonan 20.47.22 > dazo: sure > > mattock_ 20.47.46 > dazo: oh yes, you have GPL lawyers at RedHat > > novaflash 20.48.14 > that's pretty supercallifragilisticexpialidocious > > mattock_ 20.48.46 > jamesyonan: perhaps you could share a word about the architecture of the C++ > codebase... it should help limit the scope of any copyright ownership issues > > > swg0101 20.48.48 > dazo works at RH? > > dazo 20.48.50 > mattock_ yeah, Richard Fontana is quite into this stuff > > mattock_ 20.48.51 > yes > > dazo 20.48.53 > swg0101: I do > > swg0101 20.48.59 > interesting > security team? 20.49.07 > > novaflash 20.49.20 > dazo: he will now try to obtain your company secrets by squeezing your brain > like a lemon. > > swg0101 20.49.37 > easy peasy lemon squeezy so they call > > jamesyonan 20.49.38 > no, as long as openvpn is under GPL, none of the big guys can really steal it > > dazo 20.49.59 > swg0101: actually, no ... openvpn is one of my spare time projects ... I'm > doing real time kernel QA and development of related test tools > > jamesyonan 20.50.24 > ok, let me give a short primer on the new C++ code base > > dazo 20.50.38 > +1 > > mattock_ 20.50.53 > jamesyonan: that's a valid point... companies like Apple would probably steal > the code the very instant it was released under a BSD license > > raidz 20.51.07 > ^^^ > > jamesyonan 20.52.00 > right, BSD license would allow any company to create a proprietary fork > > novaflash 20.52.21 > GPL with permissions in specific cases for relicensing would still seem to be > the best option > > jamesyonan 20.52.30 > but I don't see that this could be done with GPL > and I think we've seen cases in the past, where the big guys have tried to > shred the GPL 20.53.29 > MS called it a "cancer" at one point 20.53.40 > but I think it has proved it's resiliancy at preventing proprietary forks > 20.54.06 > > dazo 20.54.06 > yupp > > novaflash 20.54.19 > if microsoft hates it, i love it already > > krzee 20.54.45 > http://en.wikipedia.org/wiki/Viral_license "The term is most often used to > describe the GPL, which requires that any derivative work also be licensed > with the GPL." > > vpnHelper 20.54.46 > Title: Viral license - Wikipedia, the free encyclopedia (at en.wikipedia.org) > > jamesyonan 20.55.57 > so the C++ core is basically an object-oriented rethinking of openvpn from > the ground up > the core leverages on Boost Asio as it's async i/o layer 20.56.38 > > mattock_ 20.57.08 > http://www.boost.org/doc/libs/1_52_0/doc/html/boost_asio.html > > jamesyonan 20.57.09 > rather than sort of roll it's own async i/o layer as the 2.x branch does > > vpnHelper 20.57.10 > Title: Boost.Asio - 1.52.0 (at www.boost.org) > > jamesyonan 20.57.35 > Asio is really great > C++ is an interesting animal 20.58.29 > > dazo 20.59.01 > heh ... that's a nice way to put it > > mattock_ 20.59.12 > I've heard everyone loves C++ > 20.59.15 > > cron2 20.59.22 > interesting way to word it... (I've never liked C++, especially from a > sysadmin perspective it's higly annoying that half the source doesn't compile > with half the compilers...) > > novaflash 20.59.29 > i've heard it's better than B++ > > jamesyonan 20.59.32 > I would have to say that I was originally very sceptical that C++ would be a > good systems programming language > > swg0101 20.59.35 > lol > x++ 20.59.42 > ; 20.59.51 > > jamesyonan 21.00.15 > but here are some of the points that won me over... > I remember back in maybe '06 I gave C++ a trial run for a network project I > was working on 21.01.05 > I used whatever gcc was current at the time, linked in boost Asio, and ran > some benchmarks 21.01.35 > this was a very simple server app, sort of like a very basic HTTP server > 21.01.54 > it's a program that would have been 60KB written in C but it ended up linking > at 600KB in C++ and being several times slower than equivalent C 21.02.49 > > cron2 21.03.22 > now *that* doesn't truly convince me yet > > krzee 21.03.31 > lol > > jamesyonan 21.03.37 > then several years layer, maybe around '11 I gave C++ another shot > this time I used the latest boost and gcc 4.6 21.04.03 > what I discovered is that some really serious optimization work had gone into > gcc (and LLVM as well) 21.05.06 > > plaisthos 21.05.14 > *outs himself as C++ programmer too* > > jamesyonan 21.05.55 > for example, the compiler people figured out a really cool way to deal with > C++ exceptions so that they didn't incur any overhead unless they are thrown > > > cron2 21.06.09 > plaisthos: if you ever need a new job, one of my customers is doing quite a > lot of C++ and Java > > raidz 21.07.09 > > > jamesyonan 21.07.28 > I was quite amazed that I could write very clean, abstracted network code > using gcc 4.6 + boost asio and the code size had come down to ~ 60 KB and the > compiler seemed to really factor out all the abstraction so the resulting > generated code was very efficient > > plaisthos 21.07.38 > llvm guys also figured out how to give you good error messages (: > > jamesyonan 21.08.36 > yes, llvm is looking good, but it still seems slightly behind gcc on > generating fast code from C++ > but in any event, I think C++ is really ready for prime time in the kind of > system programming / networking space that openvpn is in 21.09.18 > some other things I like about modern C++ ... 21.09.43 > it's a very-well standardized language across the different major compilers, > i.e. gcc, llvm, visual studio, etc. 21.10.30 > > mattock_ 21.10.49 > hmm, even visual studio... that's something > > jamesyonan 21.10.49 > now granted, I am using C++ 2003 for this project -- haven't ventured into > '11 yet > I wrote ~20K lines before I even tested it on visual studio 21.11.17 > and I think it took under a couple hours to get it building and running with > VS 21.11.51 > > cron2 21.12.12 > that is definitely a plus > > novaflash 21.12.32 > yeah a C plus plus (groan) > > jamesyonan 21.12.36 > so let me get into some of the features of C++ that I think make it > well-suited for use as a basis for OpenVPN > C++ is one of the few languages that supports both static and dynamic > polymorphism 21.13.21 > dynamic polymorphism via virtual functions 21.14.03 > and static polymorphism via templates 21.14.18 > > ecrist 21.15.36 > are you suggesting a switch, completely, from C to C++? > > jamesyonan 21.15.44 > templates are great for network programming, because we have a lot of cases > where we have small objects that have polymorphic properties, such as IPv4 vs > IPv6 addresses > I think it makes a lot of sense for OpenVPN 3 to be C++ 21.16.16 > > ecrist 21.16.32 > http://www.joelonsoftware.com/articles/fog0000000069.html > > vpnHelper 21.16.33 > Title: Things You Should Never Do, Part I - Joel on Software (at > www.joelonsoftware.com) > > jamesyonan 21.16.38 > but I think the 2.x branch should remain in C > > ecrist 21.17.25 > dazo pointed me to that doc > > mattock_ 21.17.39 > ecrist, dazo: complements, excellent article > > ecrist 21.17.49 > I'd be afraid 3 would never be released > > cron2 21.18.11 > *tends to agree on both extents - "rewriting 2.x into C++" is likely to be > more effort than "doing it fresh from the start and adding features on the > go"* > or so 21.18.14 > > ecrist 21.18.14 > and what did potentially get released would be riddled with bugs that were > already solved, or simply not a problem, in our current code base > > jamesyonan 21.18.21 > I think it's an interesting article, but I disagree with it > > novaflash 21.18.27 > ecrist; at the moment jamesyonan has a prototypical version that is already > functioning in c++ as the client in android and now ios. > or when it is released anyways (for iOS i mean) 21.18.41 > > ecrist 21.18.56 > novaflash: I'm aware > > jamesyonan 21.19.05 > yes, the C++ core is already in production > > cron2 21.19.25 > what you can't do is "stop 2.x, rewrite everything, and stall until 3.x is > ready" - *that* would be a major mistake > > ecrist 21.19.26 > but untested relative to the community code base > > cron2 21.19.33 > ecrist: no, it works nicely > > jamesyonan 21.20.00 > well actually the C++ core, because it's only a client, ALWAYS connects to an > OpenVPN 2.x server > > cron2 21.20.04 > ecrist: I've given it enough beating that I would be happy for my customers > to use it, against a 2.3RC1 server > and what james says 21.20.32 > > jamesyonan 21.20.48 > cron2 has worked with us on testing the new iOS client > > cron2 21.20.49 > jamesyonan: do you test C++ -> 2.1/AS or vs. 2.3? > > jamesyonan 21.21.03 > both > > krzee 21.21.27 > from our previous talks, a lot of 3.0 would need to be re-write anyways > > cron2 21.21.36 > yeah > > novaflash 21.21.41 > the OpenVPN Android client that jamesyonan made is capable of working for > both the open source server and the access server > > raidz 21.21.59 > same goes for ios > > krzee 21.22.00 > to account for making it modular, which sounds to be a lot of what this new > core aims for > > jamesyonan 21.22.15 > yes, the new C++ core is 100% protocol compatible with 2.x branch > > ecrist 21.22.27 > is it feature-complete? > > jamesyonan 21.22.55 > no, it doesn't have all of the 2.x options > but it has most of them 21.23.17 > > raidz 21.23.25 > jamesyonan: will it have them all? > > plaisthos 21.23.35 > Having worked with the socket.c code I must say I would not aim at having all > options > some of them are very disruptive 21.23.46 > > cron2 21.23.47 > *expected that comment * > > jamesyonan 21.24.06 > it could -- right now I believe fragment option is not implemented > yeah, the new code base doesn't even have a socket.c-like source file 21.24.52 > because Asio handles the i/o layer 21.25.06 > > ecrist 21.25.19 > what about the MTU and mssfix bits? > > plaisthos 21.25.19 > > I got to get going 21.25.32 > have to leave you guys 21.25.45 > > novaflash 21.25.47 > bye plaisthos > > swg0101 21.25.51 > cya > > jamesyonan 21.25.51 > mssfix isn't there now, but it's on my short list of things to add > bye plaisthos 21.26.04 > > cron2 21.26.51 > james: I did mssfix for IPv6 today. If you're working on that, you might > want to look at it - haven't sent the patch yet, but it's working on our > corp VPN server > http://public.greenie.net/gert/misc/ipv6-mss-diff2.txt 21.26.59 > > jamesyonan 21.27.11 > cool > > plaisthos 21.27.15 > jamesyonan: One last question before I go. My client is currently named > "OpenVPN for Android". At the time I first named the client I did not give it > much thought. I have later realized that the name might sound "official". If > you do not like this I can change the name > > jamesyonan 21.27.59 > no, I don't think that's really necessary > > raidz 21.28.18 > plaisthos: Love your client btw > > jamesyonan 21.28.29 > we tend to brand the OpenVPN Tech products with "OpenVPN Connect" anyway > > novaflash 21.29.11 > and in future releases of access server we'll probably have links to the > openvpn tech versions for android and ios anyways > at least, that's what i'd expect 21.29.19 > > plaisthos 21.29.31 > raidz: thanks > jamesyonan: okay thanks bye 21.29.40 > > jamesyonan 21.29.55 > see ya > > mattock_ 21.30.11 > jamesyonan: you mentioned that the C++ codebase is still very far from being > a replacement for 2.x > so we'll be living with the original code for quite a while 21.30.27 > > novaflash 21.30.37 > 2.* will continue > > cron2 21.30.59 > mattock_: it has no server side yet > > jamesyonan 21.31.07 > yes, it's much closer to being a client-side replacement, but the server side > will take more development > > mattock_ 21.31.15 > today I tried merging some of your SVN patches to Git, and it wasn't pretty > > jamesyonan 21.31.34 > snappy? > > mattock_ 21.31.44 > I think we're past the point where we "should move" to 2.3, and are in "need > to move a.s.a.p." > yes, that and all others actually 21.31.50 > snappy is probably the worst of the bunch 21.31.59 > > novaflash 21.32.11 > the new compressor? > > mattock_ 21.32.17 > yep > > novaflash 21.32.34 > ironic that a name like snappy should take much time to get integrated. > > jamesyonan 21.33.06 > snappy is really great though -- I don't know if you've looked through the > source > > swg0101 21.33.15 > Google's implementation? > > jamesyonan 21.33.22 > this is what google uses company-wide as its main compressor > > swg0101 21.33.46 > would be curious to see if it makes good performance differences > perhaps with aes-ni 21.33.54 > > mattock_ 21.36.34 > jamesyonan: can you port the patches I sent you for 2.3? > I could then do more testing with 2.3 with those patches included 21.36.45 > > jamesyonan 21.37.02 > the snappy patch? > > mattock_ 21.37.22 > all of the patches, except r8129 > that one was fairly trivial to port 21.37.32 > the first problem is that files have been moved around 21.37.41 > e.g. 21.37.44 > init.c -> src/openvpn/init.c 21.37.50 > that's trivial, but doesn't do the trick anymore, too many changes/cleanups > in 2.3 21.38.10 > so manual merging is necessary for all patches 21.38.31 > > jamesyonan 21.38.31 > ok, I'll take a look at it > > mattock_ 21.39.22 > jamesyonan: how is your 2.3-fu? meaning, should we arrange a meeting where we > take a look at what's exactly has change since 2.1.x? > > jamesyonan 21.39.25 > yes, we are planning to migrate to 2.3 for the next version of AS > > mattock_ 21.39.45 > in fact, I did some tests on openvpn 2.3-rc1 and AS, and got the thing > running > > novaflash 21.39.47 > AS 1.9? > > jamesyonan 21.39.53 > yes, that would make sense > > mattock_ 21.39.54 > with fairly minimal modifications > > cron2 21.39.58 > mattock: oh, that's cool > > jamesyonan 21.40.05 > novaflash: yes > > novaflash 21.40.18 > neat. i mean, cool. > > mattock_ 21.40.26 > I thank dazo for keeping Git in sync with SVN for this long... for the > missing patches, I don't blame him for dropping the ball > Alon's buildsystem work made merging much more difficult 21.40.55 > > dazo 21.41.07 > heh ... no it just got too complicated to merge it in for me ... well, I > could do it ... but it would require a lot of analysing of each conflict > > mattock_ 21.41.35 > jamesyonan: "yes, that would make sense" ... was this a response to the > meeting suggestion? > > dazo 21.41.43 > on the plus side ... alons build system now works fairly well on > cross-compiles and cross-platform stuff, I htink > > jamesyonan 21.41.47 > yes > > cron2 21.41.47 > *grumbles quietly about the build system accident^Wrevolution* > > mattock_ 21.41.53 > dazo: yes, that's correct, it's pretty good > best buildsystem so far 21.42.17 > > cron2 21.42.18 > some parts are great, but rearranging all the source tree was... "more > religious than useful" > > mattock_ 21.42.44 > ...maybe if we rebuilt another buildsystem from scratch, then we could fix > all the problems in the current one? > > dazo 21.43.13 > cron2: to some extent, I can agree ... but the "everything in root dir" was > also quite chaotic too > > mattock_ 21.43.27 > I think the new layout is quite nice > > cron2 21.43.30 > it's not so much the build system, as the "other changes" > *hates it every time I look at stuff* 21.43.39 > src/openvpn/ is just overdoing it for a single program, "src/" is fully fine, > and "everything in toplevel dir" was good enough for me 21.44.14 > but we digress - damage has been done, and it's easy to oppose something in > hindsight 21.44.31 > > mattock_ 21.45.49 > jamesyonan: as C++ codebase is not going to go server anytime soon, so what > about 2.4? > moving AS to 2.3 should be _fairly_ painless 21.46.06 > then we have 2.4 release cycle coming up 21.46.15 > what is our strategy regarding it? 21.46.24 > "what drives us forward with 2.4" 21.47.06 > > jamesyonan 21.47.18 > yes, don't see the C++ codebase as altering the evolution of 2.x branch for a > least another year or two > my attitude is that the C++ codebase should prove itself in multiple areas > before it is embraced en-mass 21.49.03 > > mattock_ 21.49.16 > will 2.4 be mostly about cleanups/stabilization, or do we (=the project) have > some other agenda? > > dazo 21.51.11 > well, plaisthos does a lot of code clean-up in socket.c ... and we have a lot > of other clean-ups as well ... and it might be we try to modularise other > things better as well > > mattock_ 21.51.33 > I'm thinking of removing rarely used options > > dazo 21.51.34 > but some important things I hope we can sort out with 2.4 is listening to > multiple ports and protocols > > mattock_ 21.51.40 > i.e. historic baggage > > novaflash 21.51.54 > multiple cores? *hopeful* > > cron2 21.51.56 > mattock: what you consider historic baggage might be the reason why people > are using OpenVPN... > > mattock_ 21.52.10 > cron2: I hear you complaining about too many options > but you're right 21.52.20 > > dazo 21.52.29 > novaflash: nope, that won't fit into 2.4 .... going from single thread to > multi-thread requires a too massive change now > > mattock_ 21.52.30 > so we'd need to identify what's just baggage, and what's being used > > cron2 21.52.41 > indeed, we have way too many options, but sometimes you find yourself in a > corner and all that helps is one of the more obscure options... > > mattock_ 21.52.51 > lol > > novaflash 21.53.06 > dazo: i have to admit, knowing how openvpn works, it's best to leave the > multi core handling outside of it > > jamesyonan 21.53.28 > why not preserve the options in 2.x branch and let 3.x be testing ground for > removal of obsolete options > > cron2 21.53.28 > dazo: oh, if someone comes along and finds a way to split encryption, > decryption, crypto, and "the rest" into a handful of threads, I might be open > to take a closer look... > > mattock_ 21.53.32 > actually, I don't think not having multiple threads is that bad > > cron2 21.53.39 > s/crypto/compression/ > well, it limits performance... 21.53.54 > > novaflash 21.54.10 > maybe not but it'd only really be of much use in very large deployments > (where people use multiple openvpn processes anyways) and on systems with > very low power but dual core cpu systems like atom systems. > > dazo 21.54.15 > cron2: true ... but there's this nasty thing called CPU caching as well ... > so to make that optimal, that will require some nasty analysing too > > jamesyonan 21.54.23 > the C++ core supports multiple threads, HOWEVER, you really can't do fine > grained threading and expect to see a performance gain > > mattock_ 21.54.25 > one can have multiple processes, which, while heavier than threads are > adequate > > cron2 21.54.39 > my goals for 2.4 is "code overhaul to integrate IPv6 more nicely" (it's > bolted-on right now - working but ugly) > > novaflash 21.54.44 > agree with mattock_ . > cron2: seconded, ipv6 is hot right now 21.55.00 > > dazo 21.55.07 > and the things with threading ... you loose performance instantly in the > moment you have more high loaded threads than CPU cores available > > cron2 21.55.12 > dazo: well, that speaks for "two threads" (one for incoming, one for outgoing > packets)... > > dazo 21.55.21 > cron2: agreed > > cron2 21.55.36 > and you don't loose if you do not synchronize around too much... (maybe a > 3rd thread for handshaking) > but I'm not writing it - not enough experience with writing threaded code to > feel comfortable about doing this in a security product 21.56.08 > > mattock_ 21.56.09 > we actually have one more important topic today: > "Joint company/community meeting in FOSDEM in Bruessels" 21.56.19 > jamesyonan: we insist you come there 21.56.35 > > novaflash 21.56.38 > perhaps it's best to take small but important steps with 2.*, and big steps > in 3 ? > > cron2 21.56.39 > novaflash: it's in, and it's working, but it's missing some bells and > whistles, and needs polishing > > novaflash 21.56.50 > mattock_: that would be so cool, having james here > > jamesyonan 21.56.56 > yes, I'm going to try to be there > > cron2 21.57.06 > cool > > dazo 21.57.12 > I'm trying to get the bookings done this or next week > > novaflash 21.57.32 > mattock_: do you know the exact date and shit? > > mattock_ 21.57.53 > jamesyonan: if we can open source the C++ codebase by then, then your should > _definitely_ be there and give a presentation of it > > cron2 21.58.04 > novaflash: all on fosdem.org/2013/ > > jamesyonan 21.58.09 > yes, that's what I'm thinking > > dazo 21.58.14 > novaflash: February 2-3 > > novaflash 21.58.23 > ah thanks, neato > oh hell! 21.58.38 > > mattock_ 21.58.39 > also, the company should offer a nice dinner for everyone involved in the > project > > novaflash 21.58.40 > it's belgium! > beer! 21.58.48 > > mattock_ 21.58.50 > > > jamesyonan 21.59.03 > sure, great idea > > novaflash 21.59.05 > okay, yes, i'm okay now. > > mattock_ 21.59.17 > novaflash: that is most correct > > dazo 21.59.17 > novaflash: I've been told that in Germany 7 beers counts as a dinner ... > > novaflash 21.59.17 > i'll buy you guys some beer > > cron2 21.59.25 > *will bring warmer shoes this time* > > dazo 21.59.35 > *too* > > novaflash 21.59.36 > cron2: did you go naked again? > > cron2 22.00.12 > novaflash: nah, but last year they had a huge amount of snow, and the heating > in the university buildings was... not up to it > > novaflash 22.00.19 > yikes > > mattock_ 22.00.21 > was there any heating? > > novaflash 22.00.39 > yes, the beamer was on > > cron2 22.00.40 > mattock: if you bring in 1000 open source zealots, there *is* heat. But it > wasn't enough > > dazo 22.00.59 > it's the first conference I've been to where I saw plenty of geeks hacking in > thick jackets ... not t-shirts > > novaflash 22.01.15 > note to self: don't go naked > so um what's next on the agenda? 22.02.58 > > mattock_ 22.03.20 > hmm, I guess we're mostly done > > cron2 22.03.41 > we just need confirmation that dazo is happy and will now end his strike > > novaflash 22.03.51 > he's on strike? > > dazo 22.03.51 > hehe > > mattock_ 22.04.07 > definitely > > novaflash 22.04.13 > perhaps he needs a good ole whipping > > cron2 22.04.27 > *whips dazo with lots of ACKs* > on strings 22.04.29 > > mattock_ 22.04.36 > or "in strings"? > > novaflash 22.04.46 > i am getting a very odd image here now > of cron2 in g-string 22.04.54 > > cron2 22.04.55 > *doesn't want to know* > > novaflash 22.04.56 > whipping dazo > > mattock_ 22.04.57 > oh my, all of this will go to the mailing list > > dazo 22.04.58 > jamesyonan: would it be possible to get you more visible on the -devel > mailing list? Like just giving "ACK" or "NACK" to patches which makes sense > ... doesn't need to too often but a few times every month when there are some > un-reviewed patches would help > > mattock_ 22.05.13 > +1 > > novaflash 22.05.18 > mattock_: just delete everything i said then > > mattock_ 22.05.22 > we've missed you > novaflash: the trust must not me tampered with 22.05.29 > oops 22.05.32 > truth 22.05.33 > > novaflash 22.05.42 > mattock_: but that typo will MAGICALLY be repaired? > > mattock_ 22.05.46 > no > > novaflash 22.05.50 > heh > > jamesyonan 22.05.51 > I think that's a good idea, I just need to scale better > > novaflash 22.05.54 > okay good then. > > cron2 22.06.20 > jamesyonan: you need to reimplement yourself using C++ and Boost, obviously > > mattock_ 22.06.22 > jamesyonan: I think moving to 2.3 will help... raidz is running a test suite > with 2.3-rc1 atm > > dazo 22.06.47 > jamesyonan: I think we're fairly good now ... cron2 have done a good job > reviewing stuff ... but I do know we have some stuff which needs to be > reviewed for 2.4 > > novaflash 22.06.55 > mattock_: i got your test suite forwarded and am going to give it a shot too > > jamesyonan 22.06.56 > no, I think I need to go quantum > > mattock_ 22.07.02 > we need to communicate with the community devs using the "normal" methods to > be effective > > dazo 22.07.05 > (which is rather old stuff ... but I'll summarise it on a wiki first) > > mattock_ 22.07.33 > the "weekly meeting with James" worked initially, but quite often it created > lot of delay > > dazo 22.07.47 > and I know plaisthos will come with some socket.c clean-up too > > novaflash 22.07.50 > jamesyonan: remove your GPL license and let us fork you a couple of times so > there's more of you to spread around > > mattock_ 22.08.30 > there's also the option of stopping all the interesting side-projects? > I'm constantly struggling with that myself 22.08.43 > 22.08.48 > > dazo 22.09.21 > *would like to reduce the openvpn side-project, so he could focus more on his > own eurephia project * > > mattock_ 22.09.44 > dazo: how's the openvpn linux gui side-project going? > > jamesyonan 22.09.44 > it's easier for me to spend a couple hours a week with undivided attention > than to multitask off-and-on into community discussions > > dazo 22.09.53 > oh true > GUI programming is a mess 22.10.03 > even GTK 22.10.11 > > novaflash 22.10.19 > dazo is developing a gui for linux? awesome! > > dazo 22.10.32 > I've took over the maintenance of gopenvpn > the previous maintainer didn't have much time for it any more 22.10.46 > > jamesyonan 22.11.17 > dazo: have you looked at SRP ( > http://en.wikipedia.org/wiki/Secure_Remote_Password_protocol )? > > vpnHelper 22.11.18 > Title: Secure Remote Password protocol - Wikipedia, the free encyclopedia (at > en.wikipedia.org) > > cron2 22.11.40 > dazo: is that a useful thing to have, gopenvpn, as to "make the integration > in NM better" (as everybody seems to go to NM anyway) > > mattock_ 22.12.01 > jamesyonan: we haven't had "classic" IRC meeting on Thursdays for a while, > because things have worked fine without them > > dazo 22.12.31 > cron2: NM is useful for "I just need one VPN tunnel" .... but I usually use 3 > in parallel, and gopenvpn is somewhat closer in behaviour to the Windows GUI > .... using real config files > > cron2 22.12.56 > dazo: ah, so NM cannot do multiple tunnels? Indeed, that would be a good > reason for "something better" > > dazo 22.13.12 > jamesyonan: nope ... but that looks interesting (at least if I don't have to > go to deep on the mathematics > > cron2 22.13.17 > *is confused by graphical stuff* > > dazo 22.13.32 > cron2: and if NM looses the wireless for a second ... it disconnects/stops > all VPN tunnels > > mattock_ 22.13.36 > jamesyonan: it'd be great if you could, say, check openvpn-devel list 2-3 > times a week and then immediately close the email client > > dazo 22.13.43 > that's my second big complaint about NM > > mattock_ 22.13.58 > that strategy saves my nerves and improves my focus > > dazo 22.14.01 > (to fix that, it seems the core NM needs to be reworked) > > cron2 22.14.15 > mattock: and you compensate by hanging in IRC all day > > dazo 22.14.21 > hehe > > mattock_ 22.14.27 > well, yes... but I hate email more than I hate IRC > email => somebody wants me to do something 22.14.46 > > novaflash 22.14.55 > as it appears that the main agenda points have been handled (unless our > illustrious leaders indicate otherwise) i am going to go get some things > sorted here and head off to bed. > > mattock_ 22.15.04 > novaflash: good idea > > cron2 22.15.08 > dazo: seems we really need to sit together with d12fk @FOSDEM to sort out the > privilege separation / gui / service stuff > that should happen "soon" now... 22.15.16 > novaflash: good night 22.15.24 > > mattock_ 22.15.36 > and we should book the flights / hotels soon, before the prices start > climbing up > > dazo 22.15.59 > cron2: agreed ... that's 2.4 material > and if jamesyonan will be present at FOSDEM ... it would be natural to gain > from his experience there as well 22.16.30 > > mattock_ 22.16.39 > oh, one more thing > I want to set a time when James comes here to be moved to wonderful world of > Git and 2.3.x 22.17.01 > jamesyonan: please pick a date and time 22.17.25 > > jamesyonan 22.17.46 > yes, I do like git, but I'm still stuck with svn for now > > mattock_ 22.17.47 > I can take care of the Git part, I've been dazo's apprentice > how do we get you unstuck? how can we help? 22.18.04 > > cron2 22.18.12 > "rpm -e svn" > > jamesyonan 22.18.26 > rpm: not found > > mattock_ 22.18.33 > uh > > dazo 22.18.40 > heh > > cron2 22.18.49 > jamesyonan: now I think dazo will stop talking to you...! > > dazo 22.19.07 > hmmmm > > jamesyonan 22.19.17 > actually I use mac most of the time > > mattock_ 22.19.49 > jamesyonan: next Thursday, same time, same place? > > jamesyonan 22.19.53 > sure > > mattock_ 22.20.02 > ok, excellent > I think we're done, then 22.20.18 > any objections? 22.20.58 > > cron2 22.21.49 > *is fine* > > jamesyonan 22.22.23 > fine here > > ecrist 22.22.24 > none from me > > mattock_ 22.23.07 > nice! > > dazo 22.23.08 > *is fine* > > mattock_ 22.23.25 > ok, next meeting next week this time > I'll send a summary tomorrow 22.23.36 > > dazo 22.23.41 > thx all! > > mattock_ 22.26.54 > good night! > or midday, or whatever 22.27.00 > > ------------------------------ > > ------------------------------------------------------------------------------ > Keep yourself connected to Go Parallel: > TUNE You got it built. Now make it sing. Tune shows you how. > http://goparallel.sourceforge.net > > ------------------------------ > > _______________________________________________ > Openvpn-devel mailing list > Openvpn-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/openvpn-devel > > > End of Openvpn-devel Digest, Vol 78, Issue 6 > ********************************************
