aboutsummaryrefslogtreecommitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request 'AWS signatures v4: don't actually check Content-Type is ↵Alex2024-03-012-14/+9
|\ | | | | | | | | | | signed' (#745) from fix-signed-headers into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/745
| * [fix-signed-headers] aws signatures v4: don't actually check Content-Type is ↵Alex Auvolat2024-03-012-14/+9
|/ | | | | | | | | | | | | | | | signed This page of the AWS docs indicate that Content-Type should be part of the CanonicalHeaders (and therefore SignedHeaders) strings in signature calculation: https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-header-based-auth.html However, testing with Minio Client revealed that it did not sign the Content-Type header, and therefore we broke CI by expecting it to be signed. With this commit, we don't mandate Content-Type to be signed anymore, for better compatibility with the ecosystem. Testing against the official behavior of S3 on AWS has not been done.
* Merge pull request 'Fix potential timing side-channels in authentication ↵v0.9.2-rc1Alex2024-02-296-21/+109
|\ | | | | | | | | | | mechanisms' (#737) from fix-auth-ct-eq into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/737
| * [fix-auth-ct-eq] use consant time comparison for awsv4 signature verificationfix-auth-ct-eqAlex Auvolat2024-02-291-3/+4
| |
| * [fix-auth-ct-eq] use argon2 hashing and verification for admin/metrics token ↵Alex Auvolat2024-02-295-18/+105
| | | | | | | | checking
* | Merge pull request 'Docs: add default metrics_token in quick start + ↵Alex2024-02-292-5/+6
|\ \ | | | | | | | | | | | | | | | uniformize use of base64' (#739) from doc-default-token into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/739
| * | [doc-default-token] add default metrics_token in quick start + uniformize ↵Alex Auvolat2024-02-292-5/+6
| |/ | | | | | | use of base64
* | Merge pull request 'Mention deduplication and compression in features page' ↵Alex2024-02-282-8/+16
|\ \ | |/ |/| | | | | | | (#736) from doc-dedup into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/736
| * [doc-dedup] reorder features, move no-RAFT downAlex Auvolat2024-02-281-11/+11
| |
| * [doc-dedup] fix #rpc_bind_outgoing anchor in config pageAlex Auvolat2024-02-281-1/+1
| |
| * [doc-dedup] mention deduplication and compression in features pageAlex Auvolat2024-02-281-0/+8
|/
* Merge pull request 'Split presigned signature verification + fix conditions' ↵Alex2024-02-288-284/+499
|\ | | | | | | | | | | (#735) from fix-presigned into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/735
| * [fix-presigned] add comments and reorganizeAlex Auvolat2024-02-284-83/+87
| |
| * [fix-presigned] presigned requests: allow x-amz-* query parameters to stand ↵Alex Auvolat2024-02-284-13/+44
| | | | | | | | in for equivalent headers
| * [fix-presigned] write commentsAlex Auvolat2024-02-281-5/+16
| |
| * [fix-presigned] add back anonymous request code path + refactoringAlex Auvolat2024-02-282-30/+40
| |
| * [fix-presigned] PostObject: verify X-Amz-AlgorithmAlex Auvolat2024-02-281-0/+10
| |
| * [fix-presigned] split presigned/normal signature verificationAlex Auvolat2024-02-284-262/+411
|/
* Merge pull request 'rewrite read_and_put_block as a series of steps with ↵Alex2024-02-264-84/+170
|\ | | | | | | | | | | channels' (#734) from refactor-put into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/734
| * [refactor-put] add ordering tag to blocks being sent to storage nodesAlex Auvolat2024-02-263-3/+22
| |
| * [refactor-put] send several blocks in parallel to storage nodesAlex Auvolat2024-02-261-3/+46
| |
| * [refactor-put] rewrite read_and_put_block as a series of steps with channelsrefactor-putAlex Auvolat2024-02-262-85/+109
| |
* | Merge pull request 'doc: reverse-proxy.md: Added section on caddy-fs-s3' ↵Alex2024-02-261-0/+29
|\ \ | |/ |/| | | | | | | (#733) from jpds/garage:caddy-fileserver-browse-s3 into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/733
| * doc: reverse-proxy.md: Added section on caddy-fs-s3.Jonathan Davies2024-02-261-0/+29
|/
* Merge pull request 'GetObject: split out handle_get_full (small ↵Alex2024-02-231-15/+19
|\ | | | | | | | | | | refactoring)' (#732) from split_getobject into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/732
| * [split_getobject] GetObject: split out handle_get_fullAlex Auvolat2024-02-231-15/+19
|/
* Merge pull request 'some refactoring on data read/write path' (#729) from ↵Alex2024-02-236-148/+130
|\ | | | | | | | | | | refactor-block into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/729
| * [refactor-block] simplify some morerefactor-blockAlex Auvolat2024-02-232-22/+5
| |
| * [refactor-block] add DataBlockStream typeAlex Auvolat2024-02-232-14/+18
| |
| * [refactor-block] refactor DataBlock and DataBlockPathAlex Auvolat2024-02-233-75/+85
| |
| * [refactor-block] simplify rpc_get_blockAlex Auvolat2024-02-232-24/+4
| |
| * [refactor-block] move read_stream_to_end to garage_netAlex Auvolat2024-02-233-18/+28
| |
| * [refactor-block] Remove redundant BlockStream typeAlex Auvolat2024-02-232-12/+7
|/
* Merge pull request 'Add node-global lock for bucket/key operations (fix ↵Alex2024-02-2212-476/+511
|\ | | | | | | | | | | #723)' (#728) from lock-createbucket into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/728
| * [lock-createbucket] Add node-global lock for bucket/key operations (fix #723)lock-createbucketAlex Auvolat2024-02-2212-476/+511
|/
* Merge pull request 'Minor typos & grammar fixes in docs' (#727) from ↵Alex2024-02-224-12/+12
|\ | | | | | | | | | | hartraft/garage:docs-typo-fix into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/727
| * Align admin endpoint porthartraft2024-02-201-1/+1
| |
| * Minor typos and grammarhartraft2024-02-202-10/+10
| |
| * Typohartraft2024-02-201-1/+1
|/ | | | Fix small typo on the getting started guide
* Merge pull request 'system metrics improvements' (#726) from peer-metrics ↵Alex2024-02-204-104/+412
|\ | | | | | | | | | | into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/726
| * [peer-metrics] add documentation for new cluster status metricspeer-metricsAlex Auvolat2024-02-201-0/+106
| |
| * [peer-metrics] add basic cluster node status metrics (fix #545)Alex Auvolat2024-02-201-0/+94
| |
| * [peer-metrics] refactor SystemMetrics to hold a reference to SystemAlex Auvolat2024-02-203-72/+83
| |
| * [peer-metrics] Add metrics for cluster health, like GetClusterHealth admin APIAlex Auvolat2024-02-202-28/+172
| |
| * [peer-metrics] refactor/simplify SystemMetricsAlex Auvolat2024-02-202-88/+41
| |
* | Merge pull request 'Filter nodes Garage tries to connect to' (#719) from ↵Alex2024-02-201-5/+16
|\ \ | |/ |/| | | | | | | reconnect-only-current into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/719
| * [reconnect-only-current] filter nodes to reconnect toAlex Auvolat2024-02-201-5/+16
| | | | | | | | | | do not try reconnecting to nodes received from consul/kubernetes discovery if they are not currently in the layout
* | Merge pull request 'garage_net: retry connecting when new IP is learned' ↵Alex2024-02-191-22/+32
|\ \ | | | | | | | | | | | | | | | (#724) from networking-fixes into main Reviewed-on: https://git.deuxfleurs.fr/Deuxfleurs/garage/pulls/724
| * | [networking-fixes] small refactoring in garage_net peeringAlex Auvolat2024-02-191-14/+12
| | |
| * | [networking-fixes] garage_net: retry connecting when new IP is learnedAlex Auvolat2024-02-191-8/+20
|/ /