Commit graph

1982 commits

Author SHA1 Message Date
fa4878bad6
[sse-c] Testing for SSE-C encryption 2024-03-07 15:43:48 +01:00
57acc60082
[sse-c] Implement SSE-C encryption 2024-03-07 15:43:47 +01:00
fe2dc5d51c
Merge branch 'main' into next-0.10 2024-03-07 14:00:34 +01:00
afee8c2207 Merge pull request 'allow utf-8 in headers + add test for object metadata' (#763) from unicode-headers into main
Reviewed-on: Deuxfleurs/garage#763
2024-03-07 12:54:07 +00:00
eab2b81be2
[unicode-headers] allow utf-8 in headers + add test for object metadata 2024-03-07 13:42:01 +01:00
Yureka
c1769bbe69 ReplicationMode -> ConsistencyMode+ReplicationFactor 2024-03-07 12:45:33 +01:00
Yureka
8f86af52ed adjust docs for replication factor 2024-03-05 22:57:08 +01:00
603604cdfc Merge pull request 'refactor: remove max_write_errors and max_faults' (#760) from yuka/garage:remove-max-write-errors into next-0.10
Reviewed-on: Deuxfleurs/garage#760
2024-03-05 21:56:17 +00:00
Yureka
6760895926 refactor: remove max_write_errors and max_faults 2024-03-04 18:39:56 +01:00
bbde9bc912
Merge branch 'main' into next-0.10 2024-03-04 15:56:10 +01:00
3168bb34a0 Merge pull request 'add request context helper' (#751) from yuka/garage:req-ctx into main
Reviewed-on: Deuxfleurs/garage#751
2024-03-04 14:51:05 +00:00
512933a036 Merge pull request 'Garage v0.9.3' (#757) from rel-0.9.3 into main
Reviewed-on: Deuxfleurs/garage#757
2024-03-04 13:26:47 +00:00
8670140358
[rel-0.9.3] Bump version to 0.9.3 2024-03-04 14:00:55 +01:00
5bb69a1257 Merge pull request 'Add API test + fix presigned requests' (#756) from test-presigned into main
Reviewed-on: Deuxfleurs/garage#756
2024-03-04 12:56:02 +00:00
c8e416aaa5
[test-presigned] Use a HeaderMap type for QueryMap 2024-03-04 13:33:14 +01:00
Yureka
fb55682c66 add request context helper 2024-03-04 13:26:39 +01:00
c94bf45cba
Store original-cased query keys alongside query values 2024-03-04 13:03:27 +01:00
7c4f3473af
Lowercase query parameter keys when parsing 2024-03-04 13:03:16 +01:00
b6a91e549b
[test-presigned] Add API test for presigned requests 2024-03-04 13:02:07 +01:00
32d6b4def8 Merge pull request 'Add talk on 2024-02-09 at capitoul.org' (#755) from talk-capitoul into main
Reviewed-on: Deuxfleurs/garage#755
2024-03-04 11:08:23 +00:00
c4de471de1 Merge pull request 'doc: fix typo in connect/backup.md' (#749) from Armael/garage:doc-typo into main
Reviewed-on: Deuxfleurs/garage#749
2024-03-03 13:51:38 +00:00
Armaël Guéneau
16e17375c5 doc: fix typo in connect/backup.md 2024-03-03 13:02:56 +01:00
95ab36aae7 Merge pull request 'Bump version to v0.9.2' (#747) from rel-0.9.2 into main
Reviewed-on: Deuxfleurs/garage#747
2024-03-01 16:20:28 +00:00
6a7623e90d
[rel-0.9.2] Bump version to v0.9.2 2024-03-01 16:54:39 +01:00
70b9904e91 Merge pull request 'AWS signatures v4: don't actually check Content-Type is signed' (#745) from fix-signed-headers into main
Reviewed-on: Deuxfleurs/garage#745
2024-03-01 12:50:15 +00:00
a36248a169
[fix-signed-headers] aws signatures v4: don't actually check Content-Type is signed
This page of the AWS docs indicate that Content-Type should be part of
the CanonicalHeaders (and therefore SignedHeaders) strings in signature
calculation:

https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-header-based-auth.html

However, testing with Minio Client revealed that it did not sign the
Content-Type header, and therefore we broke CI by expecting it to be
signed. With this commit, we don't mandate Content-Type to be signed
anymore, for better compatibility with the ecosystem. Testing against
the official behavior of S3 on AWS has not been done.
2024-03-01 13:12:18 +01:00
b8c7a560ef Merge pull request 'Fix potential timing side-channels in authentication mechanisms' (#737) from fix-auth-ct-eq into main
Reviewed-on: Deuxfleurs/garage#737
2024-02-29 14:04:38 +00:00
d3cf560e5c Merge pull request 'Docs: add default metrics_token in quick start + uniformize use of base64' (#739) from doc-default-token into main
Reviewed-on: Deuxfleurs/garage#739
2024-02-29 12:20:24 +00:00
73b11eb17c
[doc-default-token] add default metrics_token in quick start + uniformize use of base64 2024-02-29 13:17:36 +01:00
6d33e721c4
[fix-auth-ct-eq] use consant time comparison for awsv4 signature verification 2024-02-29 13:07:18 +01:00
eaac4924ef
[fix-auth-ct-eq] use argon2 hashing and verification for admin/metrics token checking 2024-02-29 13:07:15 +01:00
02005055ae Merge pull request 'Mention deduplication and compression in features page' (#736) from doc-dedup into main
Reviewed-on: Deuxfleurs/garage#736
2024-02-28 12:49:26 +00:00
a294dd9473
[doc-dedup] reorder features, move no-RAFT down 2024-02-28 13:48:45 +01:00
947973982d
[doc-dedup] fix #rpc_bind_outgoing anchor in config page 2024-02-28 13:45:30 +01:00
dc995059aa
[doc-dedup] mention deduplication and compression in features page 2024-02-28 13:43:30 +01:00
10031a3a91 Merge pull request 'Split presigned signature verification + fix conditions' (#735) from fix-presigned into main
Reviewed-on: Deuxfleurs/garage#735
2024-02-28 11:38:00 +00:00
90cab5b8f2
[fix-presigned] add comments and reorganize 2024-02-28 12:24:21 +01:00
e9f759d4cb
[fix-presigned] presigned requests: allow x-amz-* query parameters to stand in for equivalent headers 2024-02-28 12:24:21 +01:00
a5e4bfeae9
[fix-presigned] write comments 2024-02-28 12:24:21 +01:00
4c1d42cc5f
[fix-presigned] add back anonymous request code path + refactoring 2024-02-28 12:24:21 +01:00
2efa9c5a1a
[fix-presigned] PostObject: verify X-Amz-Algorithm 2024-02-28 12:24:20 +01:00
a8cb8e8a8b
[fix-presigned] split presigned/normal signature verification 2024-02-28 12:24:13 +01:00
d0d95fd53f
[next-0.10] woodpecker: run debug pipeline on manual trigger 2024-02-27 10:13:09 +01:00
4b978b7533
Merge branch 'main' into next-0.10 2024-02-26 18:55:24 +01:00
911a83ea7d Merge pull request 'rewrite read_and_put_block as a series of steps with channels' (#734) from refactor-put into main
Reviewed-on: Deuxfleurs/garage#734
2024-02-26 17:52:45 +00:00
b76c0c102e
[refactor-put] add ordering tag to blocks being sent to storage nodes 2024-02-26 18:35:11 +01:00
babccd2ad3
[refactor-put] send several blocks in parallel to storage nodes 2024-02-26 18:22:37 +01:00
3fe94cc14f
[refactor-put] rewrite read_and_put_block as a series of steps with channels 2024-02-26 17:55:37 +01:00
ee2b0c8dda
[talk-capitoul] Add talk on 2024-02-09 at capitoul.org 2024-02-26 13:42:47 +01:00
17b55205aa Merge pull request 'doc: reverse-proxy.md: Added section on caddy-fs-s3' (#733) from jpds/garage:caddy-fileserver-browse-s3 into main
Reviewed-on: Deuxfleurs/garage#733
2024-02-26 09:56:09 +00:00