MyFavMirrors
/
minio
mirror of https://github.com/minio/minio.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
minio/internal
History
Andreas Auernhammer 14876a4df1
ldap: use custom TLS cipher suites (#20221) 
This commit replaces the LDAP client TLS config and
adds a custom list of TLS cipher suites which support
RSA key exchange (RSA kex).

Some LDAP server connections experience a significant slowdown
when these cipher suites are not available. The Go TLS stack
disables them by default. (Can be enabled via GODEBUG=tlsrsakex=1).

fixes https://github.com/minio/minio/issues/20214

With a custom list of TLS ciphers, Go can pick the TLS RSA key-exchange
cipher. Ref:
```
	if c.CipherSuites != nil {
		return c.CipherSuites
	}
	if tlsrsakex.Value() == "1" {
		return defaultCipherSuitesWithRSAKex
	}
```
Ref: https://cs.opensource.google/go/go/+/refs/tags/go1.22.5:src/crypto/tls/common.go;l=1017

Signed-off-by: Andreas Auernhammer <github@aead.dev>
 		2024-08-07 05:59:47 -07:00
..
amztime add codespell action (#18818) 2024-01-17 23:03:17 -08:00
arn Add more tests for ARN and its format (#19408) 2024-04-04 01:31:34 -07:00
auth Restrict access keys for users and groups to not allow '=' or ',' (#19749) 2024-05-28 10:14:16 -07:00
bpool Reduce parallelReader allocs (#19558) 2024-04-19 09:44:59 -07:00
bucket replication: make large workers configurable (#20077) 2024-07-12 07:57:31 -07:00
cachevalue Add cluster config metrics in metrics-v3 (#19507) 2024-05-24 05:50:46 -07:00
color add logrotate support for MinIO logs (#19641) 2024-05-01 10:57:52 -07:00
config ldap: use custom TLS cipher suites (#20221) 2024-08-07 05:59:47 -07:00
crypto do not print unexpected logs (#20083) 2024-07-12 13:51:54 -07:00
deadlineconn Update connection deadlines less frequently (#20166) 2024-07-26 10:40:11 -07:00
disk Read drive IO stats from sysfs instead of procfs (#19131) 2024-02-26 11:34:50 -08:00
dsync use unixNanoTime instead of time.Time in lockRequestorInfo (#20140) 2024-07-24 03:24:01 -07:00
etag fix: some flyby typos in the code (#19212) 2024-03-10 14:09:36 -07:00
event kafka: _MINIO_KAFKA_DEBUG to enable sarama debug messages (#19849) 2024-06-01 08:02:59 -07:00
fips fips: enforce FIPS-compliant TLS ciphers in FIPS mode (#20131) 2024-07-23 03:11:25 -07:00
grid separate lock from common grid to avoid epoll contention (#20180) 2024-07-29 11:10:04 -07:00
handlers send proper IPv6 names avoid bracketing notation (#18699) 2023-12-21 16:56:55 -08:00
hash Accept multipart checksums with part count (#19680) 2024-05-08 09:18:34 -07:00
http add optimizations to bring performance on unversioned READS (#20128) 2024-07-23 03:53:03 -07:00
init force all internal MinIO operations to be under UTC (#16009) 2022-11-04 16:44:38 -07:00
ioutil move to GET for internal stream READs instead of POST (#20160) 2024-07-26 05:55:01 -07:00
jwt allow JWT parsing on large session policy based tokens (#17167) 2023-05-09 00:53:08 -07:00
kms Allow a KMS Action to specify keys in the Resources of a policy (#20079) 2024-07-16 07:03:03 -07:00
lock fix: linter errors in Windows specific code (#18276) 2023-10-18 11:08:15 -07:00
logger do not print unexpected logs (#20083) 2024-07-12 13:51:54 -07:00
lsync cleanup Go linter settings (#16736) 2023-03-04 20:57:35 -08:00
mcontext Add X-Amz-Request-Id to internode calls (#16146) 2022-12-06 09:27:26 -08:00
mountinfo add codespell action (#18818) 2024-01-17 23:03:17 -08:00
net fix: return error when requested interface has no stats available (#17666) 2023-07-17 01:14:01 -07:00
once Support persistent queue store for loggers (#17121) 2023-05-08 21:20:31 -07:00
pubsub Fix tracing send on closed channel (#18982) 2024-02-06 08:57:30 -08:00
rest move to GET for internal stream READs instead of POST (#20160) 2024-07-26 05:55:01 -07:00
ringbuffer Add PutObject Ring Buffer (#19605) 2024-05-14 17:11:04 -07:00
s3select ldap: Add user DN attributes list config param (#19758) 2024-05-24 16:05:23 -07:00
store Webhook targets refactor and bug fixes (#19275) 2024-03-25 09:44:20 -07:00