MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-03-31 01:33:41 -04:00
Code Issues Packages Projects Releases Wiki Activity
4,915 Commits 5 Branches 513 Tags
a50cc7e937
Commit Graph

4 Commits

Author SHA1 Message Date
Andreas Auernhammer
21a3c0f482 disable elliptic curves P-384 and P-521 for TLS. () 
This change disables the non-constant-time implementations of P-384 and P-521.
As a consequence a client using just these curves cannot connect to the server.
This should be no real issues because (all) clients at least support P-256.

Further this change also rejects ECDSA private keys of P-384 and P-521.
While non-constant-time implementations for the ECDHE exchange don't expose an
obvious vulnerability, using P-384 or P-521 keys for the ECDSA signature may allow
pratical timing attacks.

Fixes
2018-04-24 15:47:30 -07:00
Bala FA
76cc65531c use package name correctly () 2018-04-21 19:23:54 -07:00
kannappanr
f8a3fd0c2a
Create logger package and rename errorIf to LogIf () 
Removing message from error logging
Replace errors.Trace with LogIf
 2018-04-05 15:04:40 -07:00
kannappanr
91fd8ffeb7
Move http package inside cmd () 2018-04-05 14:19:27 -07:00