IrcMeetings: irclog_2024-02-07.txt

<djpig> moin moin
<mattock> hi!
<Giaan> hi
<ordex> hi
<MaxF> moin!
<djpig> okay, since novaflash will not attend the meeting let me start with the first topic
<mattock> +1
<djpig> "Adding explicit license for ​openvpn-buildbot"
<mattock> I don't have particular opinions, but typically I use BSD-2-Clause for stuff where the license does not matter much
<djpig> yeah, I would agree with that
<djpig> don't think this needs GPL
<ordex> yeah
<mattock> I can send a PR that adds the license
<djpig> thanks
<djpig> moving on
<djpig> (I will add notes to the Wiki page about the discussion)
<djpig> "Pending Buildbot PRs"
* becm has quit (Ping timeout: 256 seconds)
<djpig> mattock: I have been reviewing https://github.com/OpenVPN/openvpn-buildbot/pull/32 today and that looks good to me
<plaisthos> hey
<mattock> hi plaisthos!
<mattock> djpig: ok!
<djpig> mattock: https://github.com/OpenVPN/openvpn-buildbot/pull/31 I honestly couldn't care less about. I just don't think this solves an actual problem right now
<plaisthos> MaxF: if you want something to do, you can make mbed TLS compile with OpenVPN when    -DMBEDTLS_DEPRECATED_REMOVED is set :P
<mattock> djpig: I think "somebody" cared, possibly cron2
<MaxF> is this for version 2 or 3?
<plaisthos> MaxF: 3
<MaxF> so 2 still works?
<plaisthos> MaxF: I looked into making openvpn3 compatible with mbed TLS 3 and we have that set for 2 
<plaisthos> and looked what happens when you add that in OpenVPN 2.x and it also spectularly fails
<MaxF> I'll look at it when I find time. Or someone to delegate
<djpig> mattock: okay, I will try to look at it. But #32 looks much more relevant to me. So I will look into deploying that first
<djpig> let's move on for now
<djpig> "Wiki Migration"
<mattock> djpig: +1 to 31 and 32
* uddr35 (~uddr35@194.44.71.210) has joined
<rob0> what is the link to new wiki?
<uddr35> aloha
<lev__> hola
<mattock> djpig: one more note regarding #31: I think it paves the way for "different tests for different files" as well (see https://www.mail-archive.com/openvpn-devel@lists.sourceforge.net/msg28127.html)
<mattock> rob0: I can't recall, need to dig up meeting minutes to figure it out :)
<djpig> mattock: right, good point
<mattock> I'll figure out the wiki addresses, no meeting minutes
<djpig> maybe add them to https://community.openvpn.net/openvpn/wiki/TracWikiReplacements which is where I expected to find them ;)
<mattock> yeah, the IPs are dynamic though, but at least the path would be known
<djpig> and then maybe give people some more time to take a look and try the topic next week again?
<mattock> works for me
<djpig> Server-side testing
<djpig> meeting time
<mattock> https://community.openvpn.net/openvpn/wiki/TracWikiReplacements updated with URLs
<ordex>     • xwiki: http://18.184.233.206:8080
<ordex>     • wiki.js: http://18.184.233.206:8081
<vpnHelper> Title: Main page | Wiki.js (at 18.184.233.206:8081)
<ordex> just FTR
<ordex> ah ok
<rob0> thanks
<djpig> who would like to attend that meeting about server side testing? Me, mattock. cron2, ordex ? uddr35 ?
<ordex> cron2 for sure as he has the one having implemented the current version
<ordex> that he uses for testing privately
* becm (~Thunderbi@rtr.astos.de) has joined
<ordex> I can try to join depending on the time
<djpig> cron2: so what times would work for you?
<uddr35> @djpig yes please
<djpig> hmm, not sure whether he is here, actually
<mattock> I think cron2 is missing today
<ordex> normally he has time in the morning, but we need him t tell us which day :-D so let's arrange the meeting when he's online
<ordex> yeah
<djpig> okay
<mattock> I think we're down to last topic: 2.6.9 release?
<djpig> yes
<djpig> the open question seems to be whether we wait for an easy-rsa fix or not
<lev__> I think on Windows we are stuck with EasyRSA
<djpig> lev__: what is the status of the security fix for Windows? Is that ready?
<lev__> YES
<lev__> oops
<lev__> yes
<djpig> does that go into openvpn-build or openvpn?
<lev__> -build
<lev__> so we could tag openvpn, I think
<djpig> We could always decide to release the easy-rsa fix as an installer-only release
<lev__> yeah. Also we don't have any estimate when it will be fixed
<djpig> I think if we do not have a fix for easy-rsa in a few days we just go ahead with the release since it is not a regression
<djpig> should we target early next week? Monday/Tuesday?
<lev__> also we should probably add some easyrsa testing to windows TA 
<lev__> something simple like creating PKI and server/client certs and validate that something has been indeed created
<djpig> makes sense. you are certainly welcome to do so :)
<lev__> but then again we will have a proof that it works on Windows Server 2022, and nothing about Windows 11
<djpig> right, also the remote powershell session might have different behavior than the shell launched from UI
<djpig> okay, any other topics not mentioned on the meeting page?
<MaxF> yes
<MaxF> Can we arrange a meeting to talk about SBOMs some time in the next two weeks? I've got one colleague at Fox who has been looking into that topic, and I thought maybe we can get together with the people at OpenVPN Inc. who are working on it.
<djpig> yeah, I would be happy to talk to someone about that. Because I have been looking into it, but still have no idea what would be useful... So happy to hear from someone with a slightly different perspective
<MaxF> what time would work for you?
<djpig> 11:00 CET is generally a good time, except on Thursdays
<uddr35> I can not make it Feb 14, everything else is good for me
<djpig> MaxF: let us know if you need more options
<MaxF> how about Tuesday Feb 13?
<MaxF> at 11
<djpig> works for me
<uddr35> works for me
<djpig> MaxF: will you take care of the technical details?
<MaxF> just asked my colleague, it works for him too
<MaxF> yes, you guys usually use jitsi right?
<djpig> we have in the past, but inside the company it is all Slack now. But I'm happy to join whatever
<MaxF> djpig I have your e-mail but not uddr35 's I think
<djpig> I can send it via Signal
<MaxF> alright
<uddr35> @djpig thanks
<djpig> okay, any other topics
<djpig> ?
<rob0> We can set up a shared Slack channel if you want. I am a Slack admin for us.
<MaxF> I never used slack, does it run in the browser?
<rob0> it can
<MaxF> then that should work
<djpig> rob0: let's see whether we need a continous discussion. For a one-time meeting this sounds like overkill
<rob0> I have done that on Linux
<rob0> okay, just tossing out as a suggestion
<djpig> rob0: yeah thanks. I know we have done that for e.g. security audits and other projects like that
<uddr35> slack works in browser but yeah for one meeting jitsi would be just easier
<MaxF> ok, then we use either jitsi or teams, I'll let you know
<djpig> if there are no more topics I guess this meeting is finished for today
<MaxF> nothing more from me
<mattock> +1
<djpig> okay, I will try to prepare a summary mail
<ordex> <o/
<djpig> mattock: do we have login credentials for the test wikis?
* MaxF has quit (Quit: Client closed)
<mattock> djpig: I created those for everyone who wanted when they were "revealed"
<mattock> if you want an account just let me know
* uddr35 has quit (Remote host closed the connection)
<cron2> apologies for missing the meeting... I was in the school library, which does have wifi *and* LTE (if the windows are open), but they did something weird to the network and I was totally and utterly offline, and couldn't leave either
<cron2> 2.6.9 release "early monday" would work nicely for me (so I'd tag + push sunday evening, and you tell me on monday if I bumbled something)
<djpig> cron2: okay, sounds good
<djpig> mattock: yes, please
<cron2> so, djpig, plaisthos: I'd like to proceed with 475, but it needs 474 as prerequisite, and this is still sitting on -1, possibly caused by a misunderstanding?
<plaisthos> I am still not really happy with the leak suppression that we are forced to do, I hoped to look into that much sooner 
<djpig> ECHAN