Hi,
Here's the summary of the IRC meeting.
---
COMMUNITY MEETING
Place: #openvpn-meeting on libera.chat
Date: Wed 10th November 2021
Time: 14:00 CET (12:00 UTC)
Planned meeting topics for this meeting were here:
<https://community.openvpn.net/openvpn/wiki/Topics-2021-11-10>
Your local meeting time is easy to check from services such as
<http://www.timeanddate.com/worldclock>
SUMMARY
cron2, d12fk, lev, mattock, novaflash, ordex and plaisthos participated
in this meeting.
---
Talked about the hackathon. Agreed that it went really well. Also noted
that OpenVPN Inc. will send something nice to Qaware as a thanks.
---
Talked about the scope of 2.6:
<https://community.openvpn.net/openvpn/wiki/StatusOfOpenvpn26>
It was suggested to move split DNS enhancements to 2.7, the motive being
to speed up the 2.6 release cycle. This idea was rejected after a bit of
discussion, which meant that the "must have" parts in 2.6 remained
unchanged.
--
Full chatlog attached
(15:00:31) cron2: yo!
(15:02:02) mattock: only 1 minute late
(15:02:04) mattock: well, two
(15:03:28) ordex: <o/
(15:04:41) d12fk: lets get started then
(15:05:28) mattock: yep
(15:05:51) mattock: https://community.openvpn.net/openvpn/wiki/Topics-2021-11-10
(15:06:49) d12fk: 1) hackathon was good
(15:07:03) lev__: hello
(15:07:07) mattock: +1
(15:08:20) mattock: anything to add for hackathon
(15:08:21) mattock: ?
(15:09:12) d12fk: I heard rumors that next one is in Oslo?!
(15:09:17) novaflash [~novafl...@185-227-75-241.dsl.cambrium.nl] è entrato
nella stanza.
(15:10:23) mattock: better start building a buffer of money now!
(15:10:50) novaflash: well i just joined. guess i'm a little late.
(15:11:10) mattock: anything to add regarding hackathon?
(15:11:31) plaisthos: cron2 and I are in contact with qaware
(15:11:43) plaisthos: they want to know what we really liked about the location
(15:11:54) novaflash: it was fun. we're putting together a blog post. i also
want to send them a gift. some t-shirts and a nintendo nes classic. (shh it's a
surprise)
(15:12:10) novaflash: because their raspberry pi retro pie was shit
(15:12:15) d12fk: was there anything to dislike?
(15:13:20) ordex: maybe food? :-P
(15:13:22) lev__: it was not straightforward to turn VR on
(15:13:23) novaflash: it was spacious and clean, amply provided with food,
drinks, entertainment - it had everything we'd ever want or need for a meeting
room.
(15:13:41) cron2: this!
(15:14:00) lev__: also bottles of wine were hard to open
(15:14:15) novaflash: and we should give them something (i'm working on that)
as a gift to keep them happy so hopefully in a future hackathon we can be there
again
(15:14:43) mattock: +1
(15:14:47) novaflash: lev is right about the wine bottles and the VR. i'm
deducting 2 stars because of that. 3 out of 5 stars because of that. just
kidding
(15:15:22) ordex: btw, I was not there, but given the proven success, it may be
meaningful to continue organizing hackathons as "guests" of some local
community/company also in the future
(15:15:35) ordex: (just as a thought)
(15:15:47) novaflash: myeah but this was one pretty exceptional i'd have to
say, probably not going to find that easily elsewhere
(15:15:48) mattock: yeah
(15:16:05) novaflash ha abbandonato la stanza (quit: Quit: Client closed).
(15:16:18) novaflash [~novafl...@185-227-75-241.dsl.cambrium.nl] è entrato
nella stanza.
(15:16:27) novaflash: harrumph. this web client is unstable.
(15:17:20) novaflash: since you guys are in contact with qaware, is there a
particular address they'd like to receive stuff on, or is the meeting room
address where we were THE address for them?
(15:18:36) novaflash ha abbandonato la stanza (quit: Client Quit).
(15:18:50) novaflash [~novafl...@185-227-75-241.dsl.cambrium.nl] è entrato
nella stanza.
(15:19:33) d12fk: the were offices on multiple floors of the building, so I
think the answer is yes
(15:21:19) cron2: the primary office door is "on the left wing", so, yes
(15:21:41) novaflash: k
(15:22:53) mattock: move to sync up?
(15:22:55) novaflash: i have to go in a bit to pick up the xx chromosomed being
attached to me
(15:23:24) mattock: systemd-chromosomed, right?
(15:24:12) ***d12fk shakes fist
(15:24:19) cron2: T-Shirts have not arrived yet... they say "Nov 10", so there
is a few hours left...
(15:24:20) d12fk: now they implemented that too
(15:25:28) novaflash: did we get to 2.6.0 scope yet?
(15:25:41) ordex: no
(15:25:47) novaflash: gosh
(15:25:50) cron2 ha scelto come argomento:
https://community.openvpn.net/openvpn/wiki/Topics-2021-11-10
(15:26:26) cron2: I think what we agreed upon (documented in the wiki) is still
making sense
(15:27:14) cron2: and the tentative timeline is built on "DCO, alpha, beta,
release candidates, release" :-) - other stuff might happen in between
(15:29:32) ordex: yeaterday we had a discussion about already removing other
non essential things from the list and already plan 2.7 (and possibly 2.8)
(15:29:48) mattock: https://community.openvpn.net/openvpn/wiki/StatusOfOpenvpn26
(15:29:50) ordex: mainly to avoid defocusing our efforts from what remains on
the plate for 2.6
(15:29:56) novaflash: i have painful experiences with large releases, which
makes release cycles very slow. i was hoping to cut down the scope of 2.6.0 and
get DCO and openssl3 out sooner. the DNS stuff is something that can go to a
next release in my opinion. there may be other such items that could go into a
2.7.0 release. i'm basically advocating smaller but faster
(15:29:56) novaflash: releases. not just 1 release per year. in particular the
DCO is a Big Thing. and it has a huge lead time to get it into linux kernel
too. so sooner we can get that going the better.
(15:30:20) ordex: yap
(15:30:31) cron2: this is not how the community thing works
(15:30:56) cron2: you can't just stamp your foot and say "must be done now!"
(15:31:21) ordex: exactly. this is why we should not "add" more things to an
already long list
(15:31:24) mattock: this is just prioritization discussion to avoid delaying
2.6 further
(15:31:24) cron2: there is known brokenness in our tree (frame), known
incompletes (ossl 3.0), and known security issues (TLS handshake)
(15:31:45) cron2: I do not understand why we spend a few hours on this last
weekend and then open that discussion again
(15:32:05) cron2: we have trimmed down the "must have" list to the, well, "must
have" bits
(15:32:30) ordex: maybe it's my fault, but yesterday I was advocating the fact
that the current "must have" list on the wikipage is likely to cause more delays
(15:33:02) cron2: the only thing I see that we can split off is the DNS options
and some documentation
(15:33:27) ordex: yap, the discussion yesterday started with the DNS options.
since that is a totally new thing that was just appended
(15:33:46) ordex: imho it doesn't make sense to add it to 2.6, unless there is
a meaningful reason
(15:33:47) cron2: but that was a wish to have something consistent and
well-documented for 3.x and 2.x, "soonish"
(15:34:12) cron2: yes, it makes sense :-) - consistency between 2.x and 3.x,
and better expressing what we want to achieve with DNS settings
(15:34:43) cron2: and the plan is "other people work on this", so it's not
holding up DNS or frame/TLS
(15:35:03) ordex: sure, this is a good reason for implementing the new DNS
options, but why delaying 2.6 even more? can't we make 2.7 just with DNS
options and a few more things we have on the plate?
(15:35:13) cron2: no
(15:35:16) ordex: cron2: there are some resources that are shared, like you
testing/reviewing
(15:35:42) cron2: a new release is a major effort and it takes a few month to
shake down, and then support multiple trains in parallel
(15:35:56) cron2: this is not commercial software "we do not care, it compiles,
ship it"
(15:36:30) cron2: we're down from 4 years to 1.5 years, so that's already quite
good...
(15:36:36) ordex: sure thing, I didn' mean to shorten the releasing period, but
rather making sure we can close the lid in, let's say, 6/7 months instead of 18
(15:36:39) ordex: hehe, true
(15:37:07) cron2: I'd say let's focus on getting work *done* instead of trying
to postpone work...
(15:38:28) d12fk: anyway, I'll work on DNS for 2.x and if someone picks it up
for some release, good
(15:39:19) mattock: let's see how it goes then
(15:39:21) ordex: yap yap
(15:39:31) mattock: but dco should be a focus so that we get it upstreamed
a.s.a.p.
(15:39:42) d12fk: the minimal scope should be non-intrusive, at least from what
I can see now
(15:39:49) mattock: ok
(15:39:57) cron2: yes (= can we please have windows snapshots with DCO built &
published?)
(15:40:08) cron2: so we can ask for testers
(15:40:13) ordex: yap
(15:40:26) ordex: we should do the same for linux
(15:40:28) cron2: oh, well, first we need the code in :-)
(15:40:43) plaisthos: To be honest, I think we can hit the end of the year
mark, if we prioritise it high enough inside the company
(15:40:59) plaisthos: and invest a lot more time in testing/QA with corp
ressources
(15:41:24) cron2: for "all code in, testing begins" I agree, for "full release"
I'm not sure. Too many loose bits (trac tickets with milestone 2.6.0 and
others).
(15:42:08) ordex: all in by the end of the year and feature freeze would be
good anyway, imho
(15:45:09) novaflash: just fyi, i'm not "stamping my foot". i'm simply stating
my opinion. i have experience with large releases and how things get very slow
and a huge major effort to get things out because of that. i was suggesting to
drop DNS. but community decides how to do things, and if the decision is to
keep it in, then okay. please also note that when i phrase
(15:45:09) novaflash: things i use words like 'suggest' and 'hope to' and not
'must be done now!'.
(15:45:57) cron2: it felt like a polite wrapping around stamping the foot :-)
(15:46:12) ordex: :D
(15:46:19) cron2: (now, you being dutch, I understand that I'm contradicting
myself here, but anyway)
(15:46:20) novaflash: i'm childish enough to stamp my foot if i really wanted
to do that :-P
(15:46:57) cron2: speaking of stuff to do... what is missing in the OSSL 3.0
"load provider" bits?
(15:47:01) novaflash: we can prioritize/support 2.6 with company resources, i
think
(15:47:31) cron2: more review/testing resources would help tremendously
(15:48:09) cron2: (because "patch is left out for four weeks and then does not
apply anymore" is really slowing us down, as is "this looks good but explodes
$specialcase")
(15:48:35) novaflash: unfortunately plaisthos is going away for a few days and
ordex has a gremlin in his house at the moment, so that is a temporary slowdown
;-)
(15:48:53) lev__: pkcs11-helper doesn't work with openssl3
(15:48:57) lev__: (yet)
(15:48:58) mattock: at the moment = next 18 years
(15:49:09) mattock: :)
(15:49:18) cron2: I just drove my gremlin away ("kid I'm working")
(15:49:36) cron2: lev__: this is understood, but what about our own patches?
(15:50:14) ordex: mah!
(15:50:23) ordex: I should learn how to drive mine away too
(15:50:24) ordex: :D
(15:50:25) cron2: 12/21 ("loading of non default providers") is missing, and
that one seems to be in need of rework
(15:50:28) lev__: yeah I guess nothing which is out of our control
(15:50:31) cron2: ordex: you will :)
(15:50:42) novaflash: i think a requirement is that they learn how to listen
and walk
(15:50:52) cron2: and the ERR_BUF_SIZE (21/21) is missing as well...
(15:53:48) cron2: anyway, these two patches would be what is needed to close
the "ossl 3.0 support" from openvpn side. Then, xkey provider, work with
plaisthos/selva on the PR review and the next round.
(15:55:42) cron2: I'll have a look at Lev__'s DHCP thing tonight or tomorrow
(15:55:52) cron2: need to leave in 4 minutes for the next meeting
(15:56:24) novaflash: gotta go too
(15:56:38) mattock: sounds good
(15:56:41) mattock: let's end this thing
(15:56:47) mattock: I'll write the summary later
(15:56:51) cron2: *wave*
(15:57:07) novaflash ha abbandonato la stanza (quit: Quit: byebye).
(15:58:52) d12fk: bye
(16:02:48) ordex: byee
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
