Alex Auvolat
a36248a169
[fix-signed-headers] aws signatures v4: don't actually check Content-Type is signed
...
This page of the AWS docs indicate that Content-Type should be part of
the CanonicalHeaders (and therefore SignedHeaders) strings in signature
calculation:
https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-header-based-auth.html
However, testing with Minio Client revealed that it did not sign the
Content-Type header, and therefore we broke CI by expecting it to be
signed. With this commit, we don't mandate Content-Type to be signed
anymore, for better compatibility with the ecosystem. Testing against
the official behavior of S3 on AWS has not been done.
2024-03-01 13:12:18 +01:00
Alex
b8c7a560ef
Merge pull request 'Fix potential timing side-channels in authentication mechanisms' ( #737 ) from fix-auth-ct-eq into main
...
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/737
2024-02-29 14:04:38 +00:00
Alex
d3cf560e5c
Merge pull request 'Docs: add default metrics_token in quick start + uniformize use of base64' ( #739 ) from doc-default-token into main
...
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/739
2024-02-29 12:20:24 +00:00
Alex Auvolat
73b11eb17c
[doc-default-token] add default metrics_token in quick start + uniformize use of base64
2024-02-29 13:17:36 +01:00
Alex Auvolat
6d33e721c4
[fix-auth-ct-eq] use consant time comparison for awsv4 signature verification
2024-02-29 13:07:18 +01:00
Alex Auvolat
eaac4924ef
[fix-auth-ct-eq] use argon2 hashing and verification for admin/metrics token checking
2024-02-29 13:07:15 +01:00
Alex
02005055ae
Merge pull request 'Mention deduplication and compression in features page' ( #736 ) from doc-dedup into main
...
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/736
2024-02-28 12:49:26 +00:00
Alex Auvolat
a294dd9473
[doc-dedup] reorder features, move no-RAFT down
2024-02-28 13:48:45 +01:00
Alex Auvolat
947973982d
[doc-dedup] fix #rpc_bind_outgoing anchor in config page
2024-02-28 13:45:30 +01:00
Alex Auvolat
dc995059aa
[doc-dedup] mention deduplication and compression in features page
2024-02-28 13:43:30 +01:00
Alex
10031a3a91
Merge pull request 'Split presigned signature verification + fix conditions' ( #735 ) from fix-presigned into main
...
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/735
2024-02-28 11:38:00 +00:00
Alex Auvolat
90cab5b8f2
[fix-presigned] add comments and reorganize
2024-02-28 12:24:21 +01:00
Alex Auvolat
e9f759d4cb
[fix-presigned] presigned requests: allow x-amz-* query parameters to stand in for equivalent headers
2024-02-28 12:24:21 +01:00
Alex Auvolat
a5e4bfeae9
[fix-presigned] write comments
2024-02-28 12:24:21 +01:00
Alex Auvolat
4c1d42cc5f
[fix-presigned] add back anonymous request code path + refactoring
2024-02-28 12:24:21 +01:00
Alex Auvolat
2efa9c5a1a
[fix-presigned] PostObject: verify X-Amz-Algorithm
2024-02-28 12:24:20 +01:00
Alex Auvolat
a8cb8e8a8b
[fix-presigned] split presigned/normal signature verification
2024-02-28 12:24:13 +01:00
Alex
911a83ea7d
Merge pull request 'rewrite read_and_put_block as a series of steps with channels' ( #734 ) from refactor-put into main
...
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/734
2024-02-26 17:52:45 +00:00
Alex Auvolat
b76c0c102e
[refactor-put] add ordering tag to blocks being sent to storage nodes
2024-02-26 18:35:11 +01:00
Alex Auvolat
babccd2ad3
[refactor-put] send several blocks in parallel to storage nodes
2024-02-26 18:22:37 +01:00
Alex Auvolat
3fe94cc14f
[refactor-put] rewrite read_and_put_block as a series of steps with channels
2024-02-26 17:55:37 +01:00
Alex Auvolat
ee2b0c8dda
[talk-capitoul] Add talk on 2024-02-09 at capitoul.org
2024-02-26 13:42:47 +01:00
Alex
17b55205aa
Merge pull request 'doc: reverse-proxy.md: Added section on caddy-fs-s3' ( #733 ) from jpds/garage:caddy-fileserver-browse-s3 into main
...
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/733
2024-02-26 09:56:09 +00:00
Jonathan Davies
3813e6c71d
doc: reverse-proxy.md: Added section on caddy-fs-s3.
2024-02-26 00:54:33 +00:00
Alex
e399b60e25
Merge pull request 'GetObject: split out handle_get_full (small refactoring)' ( #732 ) from split_getobject into main
...
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/732
2024-02-23 17:26:53 +00:00
Alex Auvolat
d640102b76
[split_getobject] GetObject: split out handle_get_full
2024-02-23 18:14:50 +01:00
Alex
61758ce0f9
Merge pull request 'some refactoring on data read/write path' ( #729 ) from refactor-block into main
...
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/729
2024-02-23 15:49:43 +00:00
Alex Auvolat
6ee691e65f
[refactor-block] simplify some more
2024-02-23 12:50:10 +01:00
Alex Auvolat
e9c42bca34
[refactor-block] add DataBlockStream type
2024-02-23 12:22:29 +01:00
Alex Auvolat
cd1069c1d4
[refactor-block] refactor DataBlock and DataBlockPath
2024-02-23 12:15:52 +01:00
Alex Auvolat
07c7895948
[refactor-block] simplify rpc_get_block
2024-02-23 11:54:40 +01:00
Alex Auvolat
9b41f4ff20
[refactor-block] move read_stream_to_end to garage_net
2024-02-23 11:46:57 +01:00
Alex Auvolat
93552b9275
[refactor-block] Remove redundant BlockStream type
2024-02-23 11:33:38 +01:00
Alex
74d0c47f21
Merge pull request 'Add node-global lock for bucket/key operations ( fix #723 )' ( #728 ) from lock-createbucket into main
...
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/728
2024-02-22 12:05:19 +00:00
Alex Auvolat
cff702a951
[lock-createbucket] Add node-global lock for bucket/key operations ( fix #723 )
2024-02-22 12:28:21 +01:00
Alex
7e212e20e0
Merge pull request 'Minor typos & grammar fixes in docs' ( #727 ) from hartraft/garage:docs-typo-fix into main
...
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/727
2024-02-22 09:26:08 +00:00
hartraft
00a5f14a7b
Align admin endpoint port
2024-02-20 21:19:00 +01:00
hartraft
1a07c8dd54
Minor typos and grammar
2024-02-20 21:03:39 +01:00
hartraft
292f4ff9cb
Typo
...
Fix small typo on the getting started guide
2024-02-20 18:35:56 +00:00
Alex
885405d944
Merge pull request 'system metrics improvements' ( #726 ) from peer-metrics into main
...
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/726
2024-02-20 15:35:12 +00:00
Alex Auvolat
bcd571ef57
[peer-metrics] add documentation for new cluster status metrics
2024-02-20 14:59:04 +01:00
Alex Auvolat
b868493da9
[peer-metrics] add basic cluster node status metrics ( fix #545 )
2024-02-20 14:50:24 +01:00
Alex Auvolat
182a23cc12
[peer-metrics] refactor SystemMetrics to hold a reference to System
2024-02-20 14:20:58 +01:00
Alex Auvolat
3cdf69f079
[peer-metrics] Add metrics for cluster health, like GetClusterHealth admin API
2024-02-20 13:50:45 +01:00
Alex Auvolat
00d479358d
[peer-metrics] refactor/simplify SystemMetrics
2024-02-20 13:50:45 +01:00
Alex
203bb10035
Merge pull request 'Filter nodes Garage tries to connect to' ( #719 ) from reconnect-only-current into main
...
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/719
2024-02-20 10:37:11 +00:00
Alex Auvolat
e91576677e
[reconnect-only-current] filter nodes to reconnect to
...
do not try reconnecting to nodes received from consul/kubernetes
discovery if they are not currently in the layout
2024-02-20 11:07:10 +01:00
Alex
0b9859befa
Merge pull request 'garage_net: retry connecting when new IP is learned' ( #724 ) from networking-fixes into main
...
Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/724
2024-02-19 17:37:01 +00:00
Alex Auvolat
95e3a39b4d
[networking-fixes] small refactoring in garage_net peering
2024-02-19 18:12:21 +01:00
Alex Auvolat
66fe893023
[networking-fixes] garage_net: retry connecting when new IP is learned
2024-02-19 18:12:21 +01:00