| openstackgerrit | Kota Tsuyuzaki proposed openstack/swift3: List system dependencies for running common tests https://review.openstack.org/334342 | 00:25 |
|---|---|---|
| timburke | kota_: what platform do you usually use? debating about getting a centos env up and running to test ^^ | 00:31 |
| kota_ | timburke: ubuntu 14:04 usually | 00:32 |
| kota_ | timburke: i thought we need gcc for rpm as well as Swift looking at its bindep.txt. | 00:33 |
| kota_ | timburke: making centos env sounds awesome! | 00:33 |
| kota_ | timburke: and congrats you got an official topic for swift encryption in barcelona summit ;-) | 00:34 |
| timburke | thanks! now i just need to have some new data to present | 00:35 |
| timburke | i'll try to get a centos env up (maybe tomorrow? maybe next week?) | 00:35 |
| kota_ | sounds good, so you are thinking we need more binary dependencies for rpm? | 00:36 |
| kota_ | or, just setting up to prevent future regression | 00:36 |
| kota_ | ? | 00:36 |
| timburke | i'm curious about whether we can get away with fewer :-) | 00:37 |
| kota_ | :-) | 00:38 |
| *** m_kazuhiro has joined #swift3 | 01:01 | |
| timburke | kota_: any objections on https://review.openstack.org/#/c/319404/? it shouldn't really matter much since we're got (and recommend) the auth_uri config option, but it might be nice | 01:09 |
| kota_ | looking | 01:11 |
| kota_ | sorry lazy review pace | 01:11 |
| timburke | no worries. just figured i'd go through some of my old patches :-) | 01:11 |
| timburke | https://review.openstack.org/#/c/326765/ might be another good one (lets you run both keystoneauth and tempauth, say), and fairly low-risk | 01:12 |
| kota_ | to be safe, that "[]" wrapping should be IIF that doesn't end with ']'? | 01:12 |
| timburke | i figured it'd be unlikely that someone would set it to something like '::FFFF:129.144.52.38]', so just checking startswith ought to be sufficient | 01:14 |
| kota_ | does it work? looks odd to me... | 01:14 |
| timburke | at that point, no matter what we do they're misconfigured it | 01:15 |
| timburke | i linked to a similar change in the auth_token middleware (back when it was still part of keystoneclient) | 01:15 |
| kota_ | that rfc2732 says, "To use a literal IPv6 address in a URL, the literal address should be enclosed in "[" and "]" characters." | 01:16 |
| timburke | yup, so something like `curl --globoff 'http://[::1]:8080/info'` should work, while something like `curl --globoff 'http://::1:8080/info'` won't | 01:18 |
| kota_ | netaddr.valid_ipv6("::FFFF:129.144.52.38]") -> False, bah | 01:18 |
| timburke | although curiously, my irc client thinks the latter is a valid link and the former isn't :-/ | 01:19 |
| kota_ | looks like that we need [] for http uri | 01:20 |
| kota_ | looking at the related change you suggested, https://review.openstack.org/#/c/43041/15/keystoneclient/middleware/auth_token.py@380 | 01:20 |
| kota_ | it looks better to use netaddr.valid_ipv6? | 01:21 |
| -kota_- >>> netaddr.valid_ipv6("3ffe:2a00:100:7031::1") | 01:21 | |
| -kota_- True | 01:21 | |
| -kota_- >>> netaddr.valid_ipv6("[3ffe:2a00:100:7031::1]") | 01:21 | |
| kota_ | False | 01:21 |
| timburke | maybe. i figured, if someone was already working around the problem by specifying a []-wrapped ipv6 address, no sense in breaking their config | 01:22 |
| kota_ | netaddr.valid_ipv6 will be True only if we don't set "[]" wrap auth_host config, so it seems safe... | 01:24 |
| timburke | oh, yeah! duh | 01:24 |
| timburke | curiously, current keystonemiddleware just does a check for ':' in auth_host -- https://github.com/openstack/keystonemiddleware/blob/4.9.0/keystonemiddleware/auth_token/_auth.py#L51 | 01:25 |
| timburke | i think that may have been where i got the idea... but maybe netaddr.valid_ipv6 *is* better... | 01:25 |
| kota_ | hah, keystonemiddleware seems wrong :/ | 01:27 |
| *** onovy has quit IRC | 02:48 | |
| *** onovy has joined #swift3 | 02:48 | |
| *** tdasilva has quit IRC | 07:04 | |
| *** tdasilva has joined #swift3 | 07:42 | |
| *** openstackgerrit has quit IRC | 08:18 | |
| *** openstackgerrit has joined #swift3 | 08:19 | |
| *** mattoliverau has quit IRC | 09:06 | |
| *** matt6434 has joined #swift3 | 09:06 | |
| *** matt6434 is now known as mattoliverau | 10:26 | |
| *** nikivi has joined #swift3 | 10:41 | |
| *** nikivi has quit IRC | 10:42 | |
| *** m_kazuhiro has quit IRC | 10:59 | |
| openstackgerrit | Tim Burke proposed openstack/swift3: Fix assorted typos https://review.openstack.org/339728 | 21:16 |
| openstackgerrit | Merged openstack/swift3: Fix assorted typos https://review.openstack.org/339728 | 21:38 |
| timburke | kota_: i figured out another part of why i didn't go straight for netaddr.valid_ipv6... it's not in requirements! so i think it makes sense to use swift's is_valid_ipv6, but it was only added in 2.3.0 :-( | 21:45 |
| timburke | i'm debating between trying to import it and inlining it if/when it fails vs. just always inlining it | 21:46 |
| openstackgerrit | Tim Burke proposed openstack/swift3: Allow IPv6 addresses in auth_host config option https://review.openstack.org/319404 | 22:33 |
| openstackgerrit | Tim Burke proposed openstack/swift3: Allow IPv6 addresses in auth_host config option https://review.openstack.org/319404 | 22:44 |
Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!