MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-11-09 05:34:56 -05:00
Code Issues Packages Projects Releases Wiki Activity

fix: enable AssumeRoleWithCertificate API only when asked (#13410)

Browse Source 
This is a breaking change but we need to do this to avoid
issues discussed in #13409 based on discussions from #13371

fixes #13371
fixes #13409
This commit is contained in:
Harshavardhana
2021-10-11 14:23:51 -07:00
committed by GitHub
parent c19b1a143e
commit 9ea45399ce
4 changed files with 24 additions and 14 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
cmd/config-current.go
View File

@@ -496,6 +496,10 @@ func lookupConfigs(s config.Config, objAPI ObjectLayer) {
logger.LogIf(ctx, fmt.Errorf("Unable to initialize X.509/TLS STS API: %w", err))
}
if globalSTSTLSConfig.InsecureSkipVerify {
logger.Info("CRITICAL: enabling %s is not recommended in a production environment", xtls.EnvIdentityTLSSkipVerify)
}
globalOpenIDConfig, err = openid.LookupConfig(s[config.IdentityOpenIDSubSys][config.Default],
NewGatewayHTTPTransport(), xhttp.DrainBody)
if err != nil {