MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2024-12-26 15:15:55 -05:00
Code Issues Packages Projects Releases Wiki Activity
51b1f41518
minio/internal/config
History
Andreas Auernhammer 14876a4df1
ldap: use custom TLS cipher suites (#20221) 
This commit replaces the LDAP client TLS config and
adds a custom list of TLS cipher suites which support
RSA key exchange (RSA kex).

Some LDAP server connections experience a significant slowdown
when these cipher suites are not available. The Go TLS stack
disables them by default. (Can be enabled via GODEBUG=tlsrsakex=1).

fixes https://github.com/minio/minio/issues/20214

With a custom list of TLS ciphers, Go can pick the TLS RSA key-exchange
cipher. Ref:
```
	if c.CipherSuites != nil {
		return c.CipherSuites
	}
	if tlsrsakex.Value() == "1" {
		return defaultCipherSuitesWithRSAKex
	}
```
Ref: https://cs.opensource.google/go/go/+/refs/tags/go1.22.5:src/crypto/tls/common.go;l=1017

Signed-off-by: Andreas Auernhammer <github@aead.dev>
2024-08-07 05:59:47 -07:00
..
api replication: make large workers configurable (#20077) 2024-07-12 07:57:31 -07:00
batch ldap: Add user DN attributes list config param (#19758) 2024-05-24 16:05:23 -07:00
browser Fix browser UI animation (#19966) 2024-06-20 17:58:58 -07:00
cache ldap: Add user DN attributes list config param (#19758) 2024-05-24 16:05:23 -07:00
callhome ldap: Add user DN attributes list config param (#19758) 2024-05-24 16:05:23 -07:00
compress ldap: Add user DN attributes list config param (#19758) 2024-05-24 16:05:23 -07:00
dns cleanup ignored static analysis (#16767) 2023-03-06 08:56:10 -08:00
drive ldap: Add user DN attributes list config param (#19758) 2024-05-24 16:05:23 -07:00
etcd fix: hot-reloading STS credential policy documents (#20012) 2024-06-28 16:17:22 -07:00
heal ldap: Add user DN attributes list config param (#19758) 2024-05-24 16:05:23 -07:00
identity ldap: use custom TLS cipher suites (#20221) 2024-08-07 05:59:47 -07:00
ilm fix: wire up ILM sub-system properly for help (#19836) 2024-05-30 01:14:58 -07:00
lambda Add typos check to Makefile (#20051) 2024-07-08 14:39:49 -07:00
notify hide some deprecated fields from 'get' output (#20069) 2024-07-10 13:16:44 -07:00
policy hide some deprecated fields from 'get' output (#20069) 2024-07-10 13:16:44 -07:00
scanner ldap: Add user DN attributes list config param (#19758) 2024-05-24 16:05:23 -07:00
storageclass ldap: Add user DN attributes list config param (#19758) 2024-05-24 16:05:23 -07:00
subnet hide some deprecated fields from 'get' output (#20069) 2024-07-10 13:16:44 -07:00
bool-flag_test.go rename all remaining packages to internal/ (#12418) 2021-06-01 14:59:40 -07:00
bool-flag.go heal: Enable periodic bitrot scan configuration (#14464) 2022-04-07 08:10:40 -07:00
certs_test.go Remove deprecated io/ioutil (#15707) 2022-09-19 11:05:16 -07:00
certs.go ldap: Add user DN attributes list config param (#19758) 2024-05-24 16:05:23 -07:00
certsinfo.go add gocritic/ruleguard checks back again, cleanup code. (#13665) 2021-11-16 09:28:29 -08:00
config_test.go fix: cleanup config KV parsing using madmin helpers (#15552) 2022-08-18 15:55:17 -07:00
config.go ldap: Add user DN attributes list config param (#19758) 2024-05-24 16:05:23 -07:00
constants.go Support to store browser config settings (#18631) 2024-01-01 08:36:33 -08:00
crypto_test.go kms: add support for MinKMS and remove some unused/broken code (#19368) 2024-05-07 16:55:37 -07:00
crypto.go kms: add support for MinKMS and remove some unused/broken code (#19368) 2024-05-07 16:55:37 -07:00
errors-utils.go cleanup ignored static analysis (#16767) 2023-03-06 08:56:10 -08:00
errors.go clarify error message for root user credential (#20043) 2024-07-10 09:57:01 -07:00
help.go Redact all secrets from config viewing APIs (#17380) 2023-06-23 07:45:27 -07:00
legacy.go Do not save credentials in config.json (#16275) 2022-12-19 12:27:06 -08:00
server.go extend server config.yaml to support per pool set drive count (#19663) 2024-05-03 08:54:03 -07:00