Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

grpc: Simplify server TLS config #2755

Closed
cthulhu-rider opened this issue Feb 27, 2024 · 1 comment
Closed

grpc: Simplify server TLS config #2755

cthulhu-rider opened this issue Feb 27, 2024 · 1 comment
Assignees
Labels
I3 Minimal impact neofs-storage Storage node application issues S3 Minimally significant U4 Nothing urgent
Milestone

Comments

@cthulhu-rider
Copy link
Contributor

cthulhu-rider commented Feb 27, 2024

gRPC release v1.60.0 contains server-side TLS fix

storage node's code touches this API. At a glance it is very similar, but the list of cipher suites is not completely equivalent

need to revise and try to rely on gRPC defaults which follow RFC 7540 since then

@cthulhu-rider cthulhu-rider added neofs-storage Storage node application issues U4 Nothing urgent S3 Minimally significant I3 Minimal impact labels Feb 27, 2024
@roman-khimov
Copy link
Member

What? We're maintaining a list of cipher suites internally? I want to kill it ASAP.

@roman-khimov roman-khimov added this to the v0.41.0 milestone Feb 27, 2024
@cthulhu-rider cthulhu-rider self-assigned this Mar 5, 2024
cthulhu-rider added a commit that referenced this issue Mar 5, 2024
The gRPC lib defaults min accepted TLS version to 1.2 since release
v1.60.0 (grpc/grpc-go#6758).

Refs #2755.

Signed-off-by: Leonard Lyubich <[email protected]>
cthulhu-rider added a commit that referenced this issue Mar 5, 2024
Insecure cipher suites must never be allowed.

Refs #2755.

Signed-off-by: Leonard Lyubich <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
I3 Minimal impact neofs-storage Storage node application issues S3 Minimally significant U4 Nothing urgent
Projects
None yet
Development

No branches or pull requests

2 participants