Thursday, 2016-06-23

*** tqtran has quit IRC		00:03
*** lyrrad has quit IRC		00:24
*** Jeffrey4l has joined #openstack-swift		00:44
*** fbo has quit IRC		00:52
*** mhu has quit IRC		00:54
*** siva_krish has quit IRC		00:59
*** fbo has joined #openstack-swift		01:03
*** Suyash has quit IRC		01:05
*** klrmn has quit IRC		01:11
*** mhu has joined #openstack-swift		01:12
*** dmorita has quit IRC		01:12
*** awelleck has joined #openstack-swift		01:21
*** StraubTW has joined #openstack-swift		01:22
*** StraubTW has quit IRC		01:23
*** cdelatte has quit IRC		01:38
*** Suyash has joined #openstack-swift		01:45
*** siva_krish has joined #openstack-swift		01:53
*** siva_krish has quit IRC		01:59
*** tqtran has joined #openstack-swift		02:01
*** zul has quit IRC		02:03
*** zul has joined #openstack-swift		02:04
*** tqtran has quit IRC		02:05
*** klrmn has joined #openstack-swift		02:14
*** awelleck has quit IRC		02:21
*** zul has quit IRC		02:23
*** dmorita has joined #openstack-swift		02:24
*** greghaynes has quit IRC		02:27
*** dmorita has quit IRC		02:28
*** _JZ_ has quit IRC		02:37
*** greghaynes has joined #openstack-swift		02:39
*** awelleck has joined #openstack-swift		02:51
*** awelleck has quit IRC		02:51
*** stevemar has joined #openstack-swift		03:36
*** links has joined #openstack-swift		03:51
*** SkyRocknRoll has joined #openstack-swift		03:52
*** ppai has joined #openstack-swift		03:57
*** psachin has joined #openstack-swift		04:38
*** klrmn1 has joined #openstack-swift		04:42
*** klrmn has quit IRC		04:43
openstackgerrit	Pete Zaitcev proposed openstack/swift: Patch through the error from NewReplicator https://review.openstack.org/333107	04:44
*** Suyash has quit IRC		04:49
openstackgerrit	Pete Zaitcev proposed openstack/swift: Add a global fix for anything that involves GetHashPrefixAndSuffix https://review.openstack.org/333108	04:51
*** zaitcev has quit IRC		05:21
*** ChubYann has quit IRC		05:26
*** dmorita has joined #openstack-swift		05:27
*** dmorita has quit IRC		05:32
*** tqtran has joined #openstack-swift		06:02
*** tqtran has quit IRC		06:06
*** rcernin has joined #openstack-swift		06:15
*** jmccarthy has quit IRC		06:42
*** jmccarthy has joined #openstack-swift		06:44
*** jamielennox is now known as jamielennox\|away		06:48
*** oshritf has joined #openstack-swift		06:54
*** rcernin has quit IRC		07:02
*** tesseract- has joined #openstack-swift		07:13
*** tesseract- has quit IRC		07:14
*** tesseract- has joined #openstack-swift		07:14
*** rcernin has joined #openstack-swift		07:17
*** furlongm_ has joined #openstack-swift		07:22
*** furlongm has quit IRC		07:22
*** rledisez has joined #openstack-swift		07:25
*** furlongm has joined #openstack-swift		07:26
*** furlongm_ has quit IRC		07:27
*** hseipp has joined #openstack-swift		07:33
*** furlongm has quit IRC		07:35
*** furlongm has joined #openstack-swift		07:35
*** SkyRocknRoll_ has joined #openstack-swift		07:37
*** SkyRocknRoll_ has quit IRC		07:38
*** oshritf has quit IRC		07:39
*** furlongm has quit IRC		07:42
*** geaaru has joined #openstack-swift		07:49
*** klrmn1 has quit IRC		07:57
*** baojg has joined #openstack-swift		08:05
*** geaaru has quit IRC		08:16
*** mvk_ has quit IRC		08:21
*** geaaru has joined #openstack-swift		08:28
*** hosanai has joined #openstack-swift		08:30
*** ChanServ sets mode: +v hosanai		08:30
*** daemontool has joined #openstack-swift		08:31
*** Jeffrey4l has quit IRC		08:47
*** rcernin has quit IRC		08:50
*** Jeffrey4l has joined #openstack-swift		09:00
*** rcernin has joined #openstack-swift		09:02
*** ouchkernel has quit IRC		09:03
*** tqtran has joined #openstack-swift		09:03
*** ouchkernel has joined #openstack-swift		09:07
*** tqtran has quit IRC		09:08
*** dmk0202 has joined #openstack-swift		09:09
*** mvk_ has joined #openstack-swift		09:11
*** silor has joined #openstack-swift		09:11
*** silor1 has joined #openstack-swift		09:16
*** silor has quit IRC		09:18
*** silor1 is now known as silor		09:18
*** zul has joined #openstack-swift		09:23
*** mvk_ has quit IRC		09:24
*** baojg has quit IRC		09:26
*** Jeffrey4l has quit IRC		09:28
*** dmorita has joined #openstack-swift		09:28
*** dmorita has quit IRC		09:33
*** kei_yama has quit IRC		09:38
*** cbartz has joined #openstack-swift		09:38
*** acoles_ is now known as acoles		09:41
*** Jeffrey4l has joined #openstack-swift		09:42
*** mvk_ has joined #openstack-swift		09:43
*** jamielennox\|away is now known as jamielennox		09:43
*** pcaruana has joined #openstack-swift		09:51
*** daemontool has quit IRC		10:00
*** foexle has joined #openstack-swift		10:01
*** zul has quit IRC		10:23
*** dmk0202 has quit IRC		10:29
*** zul has joined #openstack-swift		10:35
*** zul has quit IRC		10:38
*** zul has joined #openstack-swift		10:52
*** jistr is now known as jistr\|mtg		10:56
*** zul has quit IRC		11:16
*** zul has joined #openstack-swift		11:17
*** ekarlso has quit IRC		11:26
openstackgerrit	oshritf proposed openstack/swift: Add thread level concurrency to container sync https://review.openstack.org/225338	11:26
*** daemontool has joined #openstack-swift		11:28
*** dmk0202 has joined #openstack-swift		11:33
openstackgerrit	oshritf proposed openstack/swift: Add process level concurrency to container sync https://review.openstack.org/332985	11:50
*** ekarlso has joined #openstack-swift		11:51
*** daemontool_ has joined #openstack-swift		11:54
*** daemontool has quit IRC		11:55
openstackgerrit	Victor Stinner proposed openstack/swift: Python 3: Fix basestring, long and StringIO https://review.openstack.org/333297	12:02
openstackgerrit	Victor Stinner proposed openstack/swift: Python 3: dict.iteritems() and dict.itervalues() https://review.openstack.org/333298	12:02
openstackgerrit	Victor Stinner proposed openstack/swift: Python 3: fix urllib import https://review.openstack.org/333299	12:02
openstackgerrit	Victor Stinner proposed openstack/swift: Python 3: fix usage of reload() https://review.openstack.org/333300	12:02
openstackgerrit	Victor Stinner proposed openstack/swift: Python 3: fix ConfigParser and httplib imports https://review.openstack.org/333301	12:02
openstackgerrit	Victor Stinner proposed openstack/swift: Python 3: Fix usage of dict methods https://review.openstack.org/333302	12:02
openstackgerrit	Victor Stinner proposed openstack/swift: Python 3: fix dict.values()[0] https://review.openstack.org/333303	12:02
*** dmorita has joined #openstack-swift		12:09
*** dmorita has quit IRC		12:14
*** manous has joined #openstack-swift		12:35
*** SkyRocknRoll has quit IRC		12:36
*** ametts has joined #openstack-swift		12:43
*** tongli has joined #openstack-swift		12:48
*** McMurlock1 has joined #openstack-swift		12:49
*** janonymous has quit IRC		12:51
openstackgerrit	Christopher Bartz proposed openstack/swift: Preserve query params in tempurl https://review.openstack.org/333331	12:57
*** hosanai has quit IRC		12:57
*** pauloewerton has joined #openstack-swift		12:58
*** manous_ has joined #openstack-swift		13:09
*** manous has quit IRC		13:11
*** StraubTW has joined #openstack-swift		13:14
tdasilva	good morning	13:23
*** jistr\|mtg is now known as jistr		13:31
*** catintheroof has joined #openstack-swift		13:32
ntata	good morning	13:35
*** foexle has quit IRC		13:46
*** zul_ has joined #openstack-swift		13:59
*** zul has quit IRC		14:00
*** mwheckmann has joined #openstack-swift		14:00
*** ppai has quit IRC		14:00
*** zul_ has quit IRC		14:01
*** zul has joined #openstack-swift		14:02
*** manous_ has quit IRC		14:04
*** manous_ has joined #openstack-swift		14:18
onovy	hi, https://review.openstack.org/#/c/323874/ and https://review.openstack.org/#/c/323877/ anyone? ;)	14:22
patchbot	onovy: patch 323874 - pyeclib - Change liberasure URL to new one	14:22
patchbot	onovy: patch 323877 - pyeclib - Bump liberasurecode dependency to 1.2.0 version	14:22
onovy	and https://review.openstack.org/#/c/323819/ :)	14:22
patchbot	onovy: patch 323819 - liberasurecode - Changed homepage to new one	14:22
*** rfeusi has joined #openstack-swift		14:24
*** foexle has joined #openstack-swift		14:26
rfeusi	I need help for a minimal openstack swift architecture. I have two datacenters next to each others (only a steet is between them, so latency is very small).	14:27
*** jistr is now known as jistr\|mtg		14:38
*** links has quit IRC		14:41
*** pcaruana has quit IRC		14:41
onovy	rfeusi: hi, we are using geocluster for this, so two regions and two replicas each	14:48
*** foexle has quit IRC		14:49
onovy	but if latency is really small, and throughtput betwean them is not issue, you can make it as one region too	14:49
*** manous_ has quit IRC		14:56
*** siva_krish has joined #openstack-swift		14:57
*** mvk_ has quit IRC		15:02
*** amit213 has quit IRC		15:04
*** tqtran has joined #openstack-swift		15:06
*** tqtran has quit IRC		15:10
notmyname	good morning	15:14
*** sheel has quit IRC		15:15
*** siva_krish has left #openstack-swift		15:17
*** dmorita has joined #openstack-swift		15:19
*** haypo has joined #openstack-swift		15:33
*** Suyash has joined #openstack-swift		15:33
*** dmk0202 has quit IRC		15:46
*** psachin has quit IRC		15:47
*** lyrrad has joined #openstack-swift		15:50
*** arch-nemesis has joined #openstack-swift		15:52
timburke	good morning	15:52
*** diogogmt has joined #openstack-swift		16:03
*** chsc has joined #openstack-swift		16:09
*** rledisez has quit IRC		16:17
*** tesseract- has quit IRC		16:17
*** baojg has joined #openstack-swift		16:18
*** dosaboy has quit IRC		16:18
*** Suyash has quit IRC		16:18
*** sheel has joined #openstack-swift		16:22
notmyname	jrichli: in keymaster.py, we're using sha256 for the hmac. what would you think about changing that to sha384?	16:32
notmyname	I just made the change locally, and I'm about to run tests against it	16:33
*** Suyash has joined #openstack-swift		16:36
*** SkyRocknRoll has joined #openstack-swift		16:36
*** dosaboy has joined #openstack-swift		16:39
*** jistr\|mtg is now known as jistr		16:42
notmyname	well that didn't work	16:42
jrichli	notmyname: sounds good. just wondering if there was a particular compliance issue that influenced that change?	16:42
jrichli	oh :-/	16:42
notmyname	and neither did the second thign	16:42
*** SkyRocknRoll has quit IRC		16:42
notmyname	jrichli: I tried https://gist.github.com/notmyname/6b29fb06a7d32c9ee5911896265ece8b and I get a client disconnect (499) from the object servers	16:43
notmyname	the reason I'm curious is for "checkbox compliance"	16:43
notmyname	basically, when looking at some US government standards, AES256 is good for up to TOP SECRET, but SHA256 is only good to SECRET. SHA384 is also ok for TOP SECRET	16:44
*** silor has quit IRC		16:44
jrichli	but is that for encryption, or key derivation?	16:44
jrichli	the use case matters	16:45
notmyname	checkbox compliance ;-)	16:45
jrichli	id have to see the description of the checkbox item	16:45
notmyname	from that thing I linked yesterday...looking for the link again	16:45
jrichli	i have that link.	16:45
jrichli	ill take a look	16:45
jrichli	btw - we are needing a 256 bit key because of our encryption	16:46
notmyname	yeah, the suite B list on https://www.cnss.gov/CNSS/openDoc.cfm?lZsorLEWqomRp4GEC0ztzA==	16:46
notmyname	but seriously. that's my whole thinking. someone asked if the algorithms used in swift are on the suite B list, and that's it	16:47
notmyname	so I thought it might be a relatively simple change. turns out it's probably not :-)	16:48
jrichli	"the algorithms used" usually means for the encyrption part	16:48
notmyname	yeah, but sha isn't an encryption algorithm	16:48
notmyname	and it's on the list	16:48
jrichli	but deriving ivs or keys is a whole different use case. the checkbox would be specific if it is addressing key derivation	16:48
jrichli	256-bit keys is what we decided on	16:48
jrichli	if you try to run with a longer key, crypto will complain	16:49
notmyname	yes I know (now) ;-)	16:49
notmyname	but yeah, I see what you mean now	16:50
notmyname	and I because of what you said, I understand the question better. thanks	16:50
jrichli	so if AES with 256 bit keys is on the list (and i thought it was) than we dont need longer keys	16:50
jrichli	ok, cool	16:50
*** cbartz has left #openstack-swift		16:55
*** klrmn has joined #openstack-swift		17:03
*** baojg has quit IRC		17:05
*** daemontool_ has quit IRC		17:06
timburke	notmyname: do you have a title for that document? every time i try to follow your link, i get "We're sorry, but we're having trouble opening this document because we did not recognize your session variable." blah blah "Not all pages in this site can be bookmarked."	17:07
notmyname	timburke: it's the CNSSP 15 on https://www.cnss.gov/CNSS/issuances/Policies.cfm	17:07
timburke	thanks	17:08
jrichli	FWIW: this is what cca has said about our key derivation security: "Using HMAC for key derivation is sound and fits. The HKDF function serves a different scenario, more appropriate for a protocol context. Here we are in the scenario of NIST SP 800-108, and its KDF in counter mode with HMAC (sec. 5.1) is equivalent in security to what we use here. It is of critical importance that 'encryption_root_secret' has enough entropy (256 bits o	17:09
jrichli	r more)."	17:09
*** McMurlock1 has quit IRC		17:09
jrichli	of course, this doesn't mention the hashing alg used within the HMAC call, but he knows we are using 256 bit keys.	17:11
*** Jeffrey4l has quit IRC		17:11
notmyname	ok	17:11
notmyname	I just learned about https://blake2.net. It looks really interesting as an alternative to where md5 is used in swift today (yes, I realize that would be a HUGE change)	17:12
notmyname	just as fast or faster than md5, and it has some interesting options to have variable digest sizes depending on the use case	17:12
notmyname	and the FAQ even mentions that it's good for stuff like OpenStack Swift!	17:13
*** tqtran has joined #openstack-swift		17:13
jrichli	interesting	17:14
timburke	i wonder if the cryptography package would support 3AES with a 512 bit key (say, coming out of an HMAC-SHA512), similar to 3DES...not that i think we necessarily need or want to. just idle curiosity	17:15
*** ChubYann has joined #openstack-swift		17:17
timburke	oh hey, the FAQ even mentions Swift by name!	17:18
notmyname	timburke: yeah. cool, huh?	17:18
jrichli	notmyname: the problem about researching the 'goodness' of our use of sha256 here is that typically HMAC is used for message authentication. But we are not using it for that in this case.	17:20
jrichli	but the issue is collisions - and yes, we want to not repeat keys if we can help it	17:20
jrichli	its a lot simpler if you can just say you generate random keys :-)	17:21
*** raildo is now known as raildo-afk		17:22
jrichli	similar issue with discussions of md5 use in swift. we dont use it as an HMAC. so what everybody talks about doesnt apply	17:22
notmyname	right :-)	17:22
timburke	speaking of random keys... do we have any data regarding the point at which having sufficient entropy becomes a bottleneck?	17:24
jrichli	a bottleneck to what exactly?	17:25
*** hseipp has quit IRC		17:26
timburke	if i PUT a whole bunch of tiny (<32 bytes, say) objects, the proxies will be getting 32 bytes worth of random key material for each. under enough load, i could see the proxy needing to either wait for more random data to be generated or accept lower-quality data	17:34
*** rcernin has quit IRC		17:38
timburke	random experimenting would seem to indicate this is unlikely to be a problem. i think the standard handling-a-PUT overhead will far outweigh waiting on 32 bytes of entropy	17:44
notmyname	timburke: that's when you fork over $15 and plug one of these into the server http://altusmetrum.org/ChaosKey/	17:46
timburke	notmyname: knowing when you need one is good, though	17:48
notmyname	sure. I guess "when /dev/urandom is slow" probably isn't a good metric ;0(	17:49
notmyname	or whatever that smiley thing is supposed to be	17:49
*** mwheckmann has quit IRC		17:51
timburke	notmyname: looks like v0.4 has a red LED! that's when you know you've made it http://git.gag.com/?p=hw/usbtrng	17:53
notmyname	whoa!	17:53
notmyname	timburke: I'm sure v0.5 will have a blue LED	17:54
timburke	notmyname: too late! maybe v0.6 http://git.gag.com/?p=hw/usbtrng;a=commit;h=531f5ef	17:57
notmyname	I remember once upon a time when redbo got fed up with how long the proxy server code was and refactored it into all the different proxy controllers. and now I'm scrolling through 2300+ lines of just the proxy object controller thinking it should be split up	17:59
notmyname	what with all the different putters and mimecontrollers	18:00
*** McMurlock1 has joined #openstack-swift		18:05
*** pauloewerton has quit IRC		18:11
*** geaaru has quit IRC		18:14
* jrichli is back from lunch. reading now		18:14
jrichli	timburke: so you are talking about a scenario where somebody were to use random keys in swift? Or are you talking about the possible strain of the random iv generation for our current scheme?	18:20
*** zul has quit IRC		18:20
timburke	jrichli: current scheme. but like i said, it doesn't seem to add much overhead; i'm not worried	18:21
jrichli	timburke: i am probably missing something. we dont use random for anything except the ivs. the item of sufficient entropy that christian was referring to was the root key that is fixed and supplied in config.	18:22
timburke	yes, and that seems fine. i like our requirements on the root key	18:24
timburke	i'm thinking of the random ivs and body keys that are generated per PUT	18:24
*** zul has joined #openstack-swift		18:24
jrichli	timburke: oh, right. we switched to random key for body sorta late in the game (when wrapping was introduced). i had it my mind we were still using the derived key.	18:27
timburke	with max meta around 90, we're talking about only <1.5k worth of random data per request	18:28
tdasilva	notmyname: will the crypto work be merged to master as one single commit or multiple commits?	18:29
timburke	tdasilva: the plan is to have multiple commits on the crypto-review branch which all come into master as a single merge commit	18:29
notmyname	tdasilva: when we all like the crypto-review chain, we'll propose one merge commit to land on master	18:29
*** siva_krish has joined #openstack-swift		18:30
tdasilva	notmyname, timburke: ok, was just thinking earlier today if it would make sense to start merging separate patches as we are "done" with it...the first patch already has 3 +2s. I was wondering if that would make things easier in terms of maintaining the chain	18:31
notmyname	yeah, perhaps. actually, I want to leave that up to acoles and whatever local tools he has to manage it. but yeah, I'd be fine with landing the first one on the crypto-review branch now. I'd also be ok with leaving it as-is	18:32
timburke	leaving it as-is has the benefit of letting us go back and change it if we somehow realized while looking at patch 5 (say) that something else should have been done in patch 1. at the same time, maybe the fact that we didn't realize it until patch 5 demonstrates that the change logically belongs in patch 5 anyway...	18:34
patchbot	timburke: https://review.openstack.org/#/c/5/ - openstack-infra/system-config - Fix problem with jenkins known_hosts url. (MERGED)	18:34
patchbot	timburke: https://review.openstack.org/#/c/1/ - openstack-infra/system-config - Add puppet module for ssh that installs an sshd_co... (MERGED)	18:34
patchbot	timburke: https://review.openstack.org/#/c/5/ - openstack-infra/system-config - Fix problem with jenkins known_hosts url. (MERGED)	18:34
patchbot	timburke: https://review.openstack.org/#/c/5/ - openstack-infra/system-config - Fix problem with jenkins known_hosts url. (MERGED)	18:34
timburke	:-(	18:35
notmyname	tdasilva: don't poke happy fun patchbot	18:35
notmyname	timburke: ^	18:35
tdasilva	lol	18:36
*** mlanner has quit IRC		18:37
*** McMurlock1 has quit IRC		18:37
jrichli	wow. threre really patch numbers that low	18:37
acoles	I can't resist.... patch 0	18:38
patchbot	acoles: https://review.openstack.org/#/c/0/	18:38
tdasilva	timburke: yeah, I thought of that too, but I think that could also be easily fixed. I guess I was striving for a couple of things. First really just perception. If we get to next Friday and there's only two or three patches in the chain to merge, I'd feel better. Also, it's really the last few patches that have the crypto work. Merging earlier patches as they are "done" might allow for a "softer soft freeze" on master	18:39
tdasilva	and we don't have to worry so much about conflicts	18:39
*** mlanner has joined #openstack-swift		18:40
*** tongli has quit IRC		18:40
acoles	tdasilva: are you suggesting merging the earlier patches to master? otherwise I think it makes no difference wrt conflicts if they are merged on crypto-review or not	18:41
acoles	but I will consider whether it could make life easier for me or reviewers in any other way	18:42
tdasilva	acoles: yes, merge to master	18:43
tdasilva	acoles: what got me thinking about this was the convo yesterday about the documentation and the sync work that is being held up	18:43
acoles	oic.	18:43
jrichli	I think tdasilva has a good idea. I think at the rate we are going, one more week isn't going to be enough (I hate to say)	18:43
timburke	as i recall, notmyname seemed opposed to it, but his opinion may have changed	18:44
timburke	oh yeah, i meant to mention this in the meeting: i've been using a dash like https://goo.gl/f9gMj4 - other reviewers may find it useful. puts patches where you have a draft at the top, and categorizes all of them based on whether you left a positive or negative (or no) score	18:44
notmyname	no, I don't want to merge to master	18:45
acoles	the sync work shouldn't conflict, I wonder if actually it was in conflict with master and hence crypto-review	18:45
notmyname	but landing on crypto-review is ok	18:45
acoles	the one advantage of landing on crypto-review is that if we want to go back and change stuff that landed we may be able to do it with a fresh patch at the top of the chain, and that avoids lots of rebase noise for the other patches. the disadvantage is that it opens the flood gates for adding patches to the top of the chain ;)	18:47
notmyname	I'd be fine with landing on crypto-review, but I'd have the same concern as timburke mentioned	18:48
notmyname	and I don't think the docs works should likely be held up for much longer. I do think we have a pretty good shot at landing this in the next 7 days	18:49
jrichli	yes, i see that point too.	18:49
acoles	as far as my process is concerned, I don't yet have a problem with managing an un-merged chain	18:49
acoles	notmyname: +1 - done in 7 days or I -2 all the patches and ragequit ;)	18:50
notmyname	:-)	18:51
jrichli	acoles: dont even joke about that!	18:51
notmyname	we'll have the alexit	18:51
acoles	oh, you just reminded me I need to vote!	18:52
notmyname	do you have to go to a polling station, or can you do it online?	18:53
notmyname	ahale and joeljwright need to go vote too :-)	18:53
acoles	online ? (!*"$^ that'll be the day! believe it or not we use paper and pencil and there is no id check, you just state your name/address and get to vote.	18:54
notmyname	same here (when it's not the closed-source electronic machines)	18:55
clarkb	oregon and washington's mail in voting system is really nice	18:57
*** amit213 has joined #openstack-swift		19:00
redbo	In texas, you have to show your gun to vote.	19:00
*** sheel has quit IRC		19:05
notmyname	jrichli: on patch 328205 do you think we'll drop the x-backend-container-update-override-* at some point later?	19:11
patchbot	notmyname: https://review.openstack.org/#/c/328205/ - swift (feature/crypto-review) - Make container update override headers persistent	19:11
notmyname	you know, as much as we drop anything in swift	19:11
notmyname	jrichli: are you working with thai tran?	19:14
jrichli	notmyname: to some extent yes, I with thai. as for backend, i will have to look at some notes i had. in a call now : will get back to you	19:17
timburke	notmyname: the ones sent for EC support? i don't think so. the object server needs to account for it regardless, due to our upgrade-storage-nodes-then-upgrade-proxy-nodes recommendation. and since the object server needs to handle it anyway, we may as well keep sending it; then even if a proxy server upgrades before an object server, this particular thing will still work	19:19
notmyname	/lunch	19:22
*** htruta is now known as henrique		19:22
*** henrique is now known as Guest78419		19:23
*** Guest78419 is now known as htruta		19:23
*** siva_krish has quit IRC		19:25
*** welldannit has joined #openstack-swift		19:26
*** chsc has quit IRC		19:35
*** haypo has left #openstack-swift		19:36
acoles	notmyname: +1 what timburke said, don't see us dropping the old-style overrides for EC	19:46
*** acoles is now known as acoles_		19:47
*** zaitcev has joined #openstack-swift		19:50
*** ChanServ sets mode: +v zaitcev		19:50
openstackgerrit	Tim Burke proposed openstack/swift: MockMemcached cleanup https://review.openstack.org/333554	19:56
openstackgerrit	Tim Burke proposed openstack/swift: Tighten memcached tests https://review.openstack.org/333555	19:56
ahale	hehe , do you have to shoot the polling card too redbo ?	20:00
redbo	Yeah, at 20 yards	20:00
openstackgerrit	Victor Stinner proposed openstack/swift: Python 3: Fix usage of dict methods https://review.openstack.org/333302	20:02
openstackgerrit	Victor Stinner proposed openstack/swift: Python 3: fix dict.values()[0] https://review.openstack.org/333303	20:02
*** siva_krish has joined #openstack-swift		20:06
*** chsc has joined #openstack-swift		20:11
*** gyee has joined #openstack-swift		20:16
zaitcev	My wife has a Walther Q5 that can easily do that.	20:16
jrichli	notmyname: btw, thai tran is tqtran	20:24
*** zul has quit IRC		20:27
*** fbo has quit IRC		20:27
*** hugokuo has quit IRC		20:27
*** rsFF- has quit IRC		20:27
*** remix_tj has quit IRC		20:27
*** Anticimex has quit IRC		20:27
*** MooingLemur has quit IRC		20:27
*** peterlisak has quit IRC		20:27
*** zigo has quit IRC		20:27
*** ntata has quit IRC		20:27
*** onovy has quit IRC		20:27
*** _fortis has quit IRC		20:27
*** CrackerJ- has quit IRC		20:27
*** zacksh_ has quit IRC		20:27
*** mmotiani has quit IRC		20:27
*** j_king has quit IRC		20:27
*** jamielennox has quit IRC		20:27
*** mattoliverau has quit IRC		20:27
*** mmotiani_ is now known as mmotiani		20:27
*** j_king has joined #openstack-swift		20:27
*** matt6434 has joined #openstack-swift		20:27
*** rsFF has joined #openstack-swift		20:27
*** onovy has joined #openstack-swift		20:27
*** CrackerJackMack has joined #openstack-swift		20:27
*** Anticimex has joined #openstack-swift		20:27
*** hugokuo has joined #openstack-swift		20:27
*** peterlisak has joined #openstack-swift		20:27
*** MooingLemur has joined #openstack-swift		20:27
*** remix_tj has joined #openstack-swift		20:27
*** mmotiani_ has joined #openstack-swift		20:28
*** zul has joined #openstack-swift		20:28
*** zacksh has joined #openstack-swift		20:28
*** zigo has joined #openstack-swift		20:29
*** ouchkernel has quit IRC		20:29
*** fbo has joined #openstack-swift		20:30
*** McMurlock1 has joined #openstack-swift		20:36
*** ouchkernel has joined #openstack-swift		20:36
*** cebreidian has joined #openstack-swift		20:36
*** ntata has joined #openstack-swift		20:37
*** jamielennox has joined #openstack-swift		20:38
*** dmorita has quit IRC		20:43
*** dmorita has joined #openstack-swift		20:44
*** adu has joined #openstack-swift		20:50
*** mmcardle has quit IRC		20:50
*** mvk_ has joined #openstack-swift		21:02
*** nadeem has joined #openstack-swift		21:07
*** foexle has joined #openstack-swift		21:07
*** ozialien10 has quit IRC		21:08
*** McMurlock1 has quit IRC		21:17
timburke	zaitcev: you may also like patch 333554	21:19
patchbot	timburke: https://review.openstack.org/#/c/333554/ - swift - MockMemcached cleanup	21:19
*** catintheroof has quit IRC		21:21
*** chsc has quit IRC		21:23
*** adu has quit IRC		21:26
zaitcev	if new_val[0] == '-': # ie, val is negative	21:28
timburke	it felt less stupid than eval'ing str(int(current) + int(value)) twice. not by much, i'll admit...	21:30
timburke	er, minus, not plus. you know what i mean	21:31
zaitcev	It just seemed to me much too obvious.	21:32
timburke	i'm always happy to remove comments :-)	21:32
zaitcev	I'll check if list+list still works in py3 after tea	21:33
zaitcev	actually looks like tuple+tuple here self.cache[key][:2] + (new_val, )	21:33
zaitcev	else it's .append() or something, I dunn	21:34
notmyname	google has a nice little readout https://www.google.com/#q=brexit+results	21:42
timburke	zaitcev: should be fine. py3 won't join two views (like from dict.keys() or dict.values()), but lists and tuples still work	21:47
zaitcev	notmyname: You can tell it's going to be 51/49 for Remain without any Google. YOUGOV said so, it is so.	21:55
*** chsc has joined #openstack-swift		21:56
*** chsc has joined #openstack-swift		21:56
*** rfeusi has quit IRC		22:01
*** rfeusi has joined #openstack-swift		22:02
*** ametts has quit IRC		22:02
*** nadeem has quit IRC		22:17
*** matt6434 is now known as mattoliverau		22:18
*** ChanServ sets mode: +v mattoliverau		22:18
mattoliverau	morning	22:18
*** ouchkernel has quit IRC		22:19
*** acoles_ is now known as acoles		22:24
*** McMurlock1 has joined #openstack-swift		22:27
acoles	notmyname: this is the best brexit indicator http://www.xe.com/currencycharts/?from=GBP&to=USD&view=12h	22:27
notmyname	:-)	22:28
*** StraubTW has quit IRC		22:30
*** diogogmt has quit IRC		22:33
*** chsc has quit IRC		22:36
*** chsc has joined #openstack-swift		22:41
*** chsc has joined #openstack-swift		22:41
*** natarej has quit IRC		22:43
*** diogogmt has joined #openstack-swift		22:44
*** natarej has joined #openstack-swift		22:44
openstackgerrit	Merged openstack/swift: Patch through the error from NewReplicator https://review.openstack.org/333107	22:49
clayg	notmyname: ok, how do you crypto?	22:50
timburke	yay!	22:51
notmyname	clayg: the patches are organized really well. I started with the whole-view (ie start at the end) to understand the pieces, and now I'm going through from patch 0 to 6	22:51
notmyname	the commit messages are really good at explaining the need and what's being done. starts with a lot of refactoring, then adds the new functionality, then docs	22:52
acoles	oh no	22:52
timburke	haha	22:52
* acoles runs for cover		22:52
clayg	timburke: how did patch 333554 happen? did you see something blow up?	22:53
patchbot	clayg: https://review.openstack.org/#/c/333554/ - swift - MockMemcached cleanup	22:53
timburke	clayg: i saw patch 333303 and decided it didn't do enough to improve the situation	22:53
patchbot	timburke: https://review.openstack.org/#/c/333303/ - swift - Python 3: fix dict.values()[0]	22:53
acoles	clayg: patch 328209 might be a good place to start, before diving into the crypto code in patch 328208. 328203 - 328207 are supporting changes.	22:55
patchbot	acoles: https://review.openstack.org/#/c/328209/ - swift (feature/crypto-review) - Add encryption overview doc	22:55
patchbot	acoles: https://review.openstack.org/#/c/328208/ - swift (feature/crypto-review) - Enable object body and metadata encryption	22:55
clayg	oh yay! py3 patches are back! yay!	22:55
timburke	clayg: a relevant thread for that starts at http://lists.openstack.org/pipermail/openstack-dev/2016-June/097930.html - though i'm not sure how much you'd care to read it	22:56
clayg	acoles: nice work on the rebase - chain looks solid	22:59
timburke	acoles: good point on the derived iv! so if we use the object key for object-server etags...could we get away with using the same iv for all objects? hmm...	23:01
acoles	timburke: hmmm...now there's a thought	23:03
acoles	clayg: just about to push a new set of patches btw	23:04
clayg	acoles: very good - please do	23:04
*** siva_krish has quit IRC		23:04
timburke	acoles: i'd be nervous about having it be a constant across all swift deployments...but across a single one, maybe...	23:05
clayg	patch 328207 looks right - no votes yet?	23:05
patchbot	clayg: https://review.openstack.org/#/c/328207/ - swift (feature/crypto-review) - Allow middleware to override metadata header checking	23:05
notmyname	timburke: did I miss something acoles said about the iv?	23:05
notmyname	acoles: after you push these, you're out until monday, right?	23:05
acoles	notmyname: I just published some comments on patch 328208	23:06
patchbot	acoles: https://review.openstack.org/#/c/328208/ - swift (feature/crypto-review) - Enable object body and metadata encryption	23:06
acoles	clayg: yeah we have a review activity dip in the middle of the chain	23:06
timburke	notmyname: in his most-recent comments on...yeah, that one. "If we switch back to using object key whenever we use a derived key then I think there is no longer a requirement for IV's to be distinct w.r.t. other object paths"	23:06
acoles	some start at the top, some start at the bottom, only the dedicated make it to the middle and beyond ;)	23:07
notmyname	I'm in the middle now. not sure if I'll make it out alive	23:07
acoles	timburke: notmyname ... but I think they will be anyway by virtue of the padding	23:08
timburke	also, patch 328208 is just big. i keep coming back to it, biting off chunks, chewing on them a while...	23:08
patchbot	timburke: https://review.openstack.org/#/c/328208/ - swift (feature/crypto-review) - Enable object body and metadata encryption	23:08
timburke	i'm somewhere around the middle now	23:08
acoles	hmmm, except if path length is exactly 16	23:08
timburke	acoles: but as you said, if we're using different keys, it shouldn't matter	23:09
acoles	teah	23:09
acoles	yeah	23:09
openstackgerrit	Alistair Coles proposed openstack/swift: Support for http footers - Replication and EC https://review.openstack.org/328204	23:11
openstackgerrit	Alistair Coles proposed openstack/swift: Make container update override headers persistent https://review.openstack.org/328205	23:11
openstackgerrit	Alistair Coles proposed openstack/swift: Enable middleware to set metadata on object POST https://review.openstack.org/328206	23:11
openstackgerrit	Alistair Coles proposed openstack/swift: Allow middleware to override metadata header checking https://review.openstack.org/328207	23:11
openstackgerrit	Alistair Coles proposed openstack/swift: Enable object body and metadata encryption https://review.openstack.org/328208	23:11
timburke	patches galore!	23:12
openstackgerrit	Alistair Coles proposed openstack/swift: Add encryption overview doc https://review.openstack.org/328209	23:12
acoles	timburke: but are they the right ones? makes me so nervous doing this	23:12
acoles	ok, known tasks still outstanding - rework the iv offset calculation ( jrichli is working on that ), torgomatic's unified Putter patch (I'm pinning its fate to the outcome of the uk referendum - to unify or not ;)	23:14
acoles	notmyname: timburke tdasilva kota_ jrichli ^^	23:14
notmyname	thanks!	23:15
acoles	remind me of any other tasks	23:15
*** kei_yama has joined #openstack-swift		23:15
*** rcernin has joined #openstack-swift		23:16
notmyname	I don't know of any. and I think torgomatic's unified Putters is nice, but perhaps not a blocker	23:16
notmyname	acoles: you're offline until monday now, right?	23:18
torgomatic	yeah, if that had to wait until after the merge, that'd probably be okay	23:18
acoles	torgomatic: did you spot anything broken when you wrote that patch?	23:23
torgomatic	acoles: nothing broken, no	23:23
acoles	notmyname: I am around tomorrow but have an early finish (taking son to visit possible future university over weekend). Then back on Monday.	23:23
acoles	notmyname: that is, unless we brexit in which case the internet may be severed at the coast	23:24
notmyname	heh	23:24
acoles	notmyname: I'll be on the phone conf tomorrow	23:25
notmyname	ok	23:25
notmyname	right. I need to make sure my alarm is set	23:25
*** arch-nemesis has quit IRC		23:26
*** foexle has quit IRC		23:26
acoles	torgomatic: I did see some potential benefits in a single class while I was ironing out the conn resp references. Tactically it might save a load or rebase noise up the chain if we kept it for follow up.	23:27
acoles	s/or/of/	23:27
acoles	good night	23:29
*** sheel has joined #openstack-swift		23:29
*** acoles is now known as acoles_		23:30
*** McMurlock1 has quit IRC		23:33
clayg	lol @ a number of .data files thinking they're something -> /srv/node4/sdb4/objects/890/fe9/dea1f52fbcc16540744db6850e4b8fe9/1466724125.69735.data: Sendmail frozen configuration - version m"\343\233q5\276C$\007\266\347:\341\015uFB\240\373\323\227D\273y\233T\316\341J\367A\262\033H\356\201\264\212\323I\354\331\3228\207\321fO/c\210U\006?Pg1,ml\201S	23:36
clayg	^ from `file /srv/node4/sdb4/objects/890/fe9/dea1f52fbcc16540744db6850e4b8fe9/1466724125.69735.data`	23:36
*** ouchkernel has joined #openstack-swift		23:38
*** adu has joined #openstack-swift		23:40
*** dmorita has quit IRC		23:41
*** dmorita has joined #openstack-swift		23:45
*** chsc has quit IRC		23:47
*** daemontool has joined #openstack-swift		23:53

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!