nats-server

mirror of https://github.com/gogrlx/nats-server.git synced 2026-04-16 11:04:42 -07:00

Go to file

Todd Beets 832dcc9246 Support TLS 1.2 RSA signature with PKCS#1 v1.5 padding (#4244 )

Cert Store (aka wincert) feature wasn't properly handling TLS 1.2
handshake with TLS 1.2 clients that do not support RSA signature with
PSS padding.

With this update, Cert Store will perform either PKCS#1 v1.5 or PSS
padding for RSA signature depending on what type is negotiated by the
TLS 1.2 client.

Issue surfaces with the NATS .NET v1 client which supports TLS 1.2 only
(.NET 4.6.2 dependency) only when the client application was hosted on
Windows 10 Enterprise LTSC 2019 (equivalent also to Windows 10 1809 and
Windows Server 2019). If the same client was executed on a more modern
Windows 10 release, RSA signature with PSS padding was negotiated and
succeeded normally.

The Go NATS client as well as any client operating at TLS 1.3 level
would not exhibit the issue as TLS 1.3 requires PSS.

Fix tested good on Windows 10 Enterprise LTSC 2019 host and in confirmed
fixed in user's Windows environment where the issue was originally
detected.

2023-06-14 08:27:17 -07:00

.github

Merge branch 'main' into dev

2023-05-17 16:48:47 -07:00

conf

fix some comments

2023-04-25 11:28:59 +08:00

doc

remove ADR files from the server

2021-07-13 10:07:31 +02:00

docker

Fix nsc in nightly

2023-04-17 00:07:01 -07:00

internal

Redact URLs before logging or returning in error (#2643 )

2021-10-27 12:44:59 -04:00

logger

Add logtime_utc option

2023-02-10 10:29:26 +00:00

logos

Updated logo for better aesthetics on dark mode.

2022-10-11 09:56:47 +09:00

scripts

Fix some lint errors after move to golangci-lint

2022-12-30 20:00:08 +00:00

server

Support TLS 1.2 RSA signature with PKCS#1 v1.5 padding (#4244 )

2023-06-14 08:27:17 -07:00

test

Merge branch 'main' into dev

2023-06-09 18:25:17 -07:00

util

Small fix to nats-server-hardened.service

2023-02-09 18:53:40 -08:00

.coveralls.yml

Should have been included from the coveralls instructions to know more.

2014-07-25 13:16:58 -07:00

.gitignore

Ignore dist and .vscode

2022-08-03 14:01:55 -07:00

.golangci.yml

Lint warnings on fmt.Print, fmt.Printf, fmt.Println

2023-01-24 16:10:13 +00:00

.goreleaser-nightly.yml

Prepare v2.9.17 release

2023-05-18 13:57:40 -04:00

.goreleaser.yml

Remove gomod proxy, build by installing package instead

2023-03-28 08:16:33 -07:00

.travis.yml

Merge branch 'main' into dev

2023-06-08 09:34:41 -07:00

CODE-OF-CONDUCT.md

Add CNCF Code of Conduct

2018-03-15 11:38:25 -07:00

dependencies.md

Update dependencies.md

2022-08-16 16:48:00 -06:00

go.mod

Bump client version to v1.27.0

2023-06-12 22:06:08 +02:00

go.sum

go mod tidy to update go.sum

2023-06-12 17:16:35 -07:00

GOVERNANCE.md

Update GOVERNANCE.md

2020-11-10 10:40:28 -06:00

LICENSE

Update license to Apache 2

2018-03-15 22:31:07 -07:00

locksordering.txt

Optimizations for large single hub account leafnode fleets.

2023-05-05 13:14:49 -07:00

main.go

Remove snapshot of cores and maxprocs

2023-03-17 15:09:50 -07:00

MAINTAINERS.md

Update MAINTAINERS.md

2020-06-22 11:10:49 -05:00

README.md

Prepare v2.9.17 release

2023-05-18 13:57:40 -04:00

TODO.md

[ADDED] Server sends INFO with cluster URLs to clients with support

2016-07-26 10:55:55 -06:00

README.md

NATS is a simple, secure and performant communications system for digital systems, services and devices. NATS is part of the Cloud Native Computing Foundation (CNCF). NATS has over 40 client language implementations, and its server can run on-premise, in the cloud, at the edge, and even on a Raspberry Pi. NATS can secure and simplify design and operation of modern distributed systems.

Documentation

Official Website
Official Documentation
FAQ
Watch a video overview of NATS.
Watch this video from SCALE 13x to learn more about its origin story and design philosophy.

Contact

Twitter: Follow us on Twitter!
Google Groups: Where you can ask questions
Slack: Click here to join. You can ask question to our maintainers and to the rich and active community.

Contributing

If you are interested in contributing to NATS, read about our...

Roadmap

The NATS product roadmap can be found here.

Security

Security Audit

A third party security audit was performed by Cure53, you can see the full report here.

Reporting Security Vulnerabilities

If you've found a vulnerability or a potential vulnerability in the NATS server, please let us know at nats-security.

License

Unless otherwise noted, the NATS source files are distributed under the Apache Version 2.0 license found in the LICENSE file.