# Erasure code sizing guide

## Toy Setups

Capacity constrained environments, MinIO will work but not recommended for production.

| servers | drives (per node) | stripe_size | parity chosen (default) | tolerance for reads (servers) | tolerance for writes (servers) |
|--------:|------------------:|------------:|------------------------:|------------------------------:|-------------------------------:|

    }

    public static void addBefore(Node sibling, Closure cl) {
        DomBuilder builder = new DomBuilder(sibling.ownerDocument, null)
        cl.delegate = builder
        cl.call()
        def parent = sibling.parentNode
        builder.elements.each { element ->
            parent.insertBefore(element, sibling)
        }
    }

    public static void addBefore(Element sibling, Node n) {
        def parent = sibling.parentNode

 *
 * ## Warning: Certificate Pinning is Dangerous!
 *
 * Pinning certificates limits your server team's abilities to update their TLS certificates. By
 * pinning certificates, you take on additional operational complexity and limit your ability to
 * migrate between certificate authorities. Do not use certificate pinning without the blessing of
 * your server's TLS administrator!
 *

    // rogue CA is trusted) but it should fail certificate pinning.
    val request =
      Request
        .Builder()
        .url(server.url("/"))
        .build()
    val call = client.newCall(request)
    assertFailsWith<SSLPeerUnverifiedException> {
      call.execute()
    }.also { expected ->
      // Certificate pinning fails!

(errn uint64) TEXT ·kdsa(SB), NOSPLIT|NOFRAME, $0-24 MOVD fc+0(FP), R0 // function code MOVD params+8(FP), R1 // address parameter block loop: KDSA R0, R4 // compute digital signature authentication BVS loop // branch back if interrupted BGT retry // signing unsuccessful, but retry with new CSPRN BLT error // condition code of 1 indicates a failure success: MOVD $0, errn+16(FP) // return 0 - sign/verify was successful RET error: MOVD $1, errn+16(FP) // return 1 - sign/verify failed RET retry: MOVD $2,...

func TestSipHashMod(t *testing.T) {
	testCases := []struct {
		objectName string
		sipHash    int
	}{
		// cases which should pass the test.
		// passing in valid object name.
		{"object", 37},
		{"The Shining Script <v1>.pdf", 38},
		{"Cost Benefit Analysis (2009-2010).pptx", 59},
		{"117Gn8rfHL2ACARPAhaFd0AGzic9pUbIA/5OCn5A", 35},
		{"SHØRT", 49},
		{"There are far too many object names, and far too few bucket names!", 8},

      createFile(right.resolve("another.txt"));

      createSymbolicLink(left.resolve("sibling"), right);
      createSymbolicLink(right.resolve("sibling"), left);
      assertEquals(
          ImmutableSet.of(
              new ResourceInfo(FILE, "left/some.txt", loader),
              new ResourceInfo(FILE, "left/sibling/another.txt", loader),
              new ResourceInfo(FILE, "right/another.txt", loader),

Use [CertificatePinner](https://square.github.io/okhttp/5.x/okhttp/okhttp3/-certificate-pinner/) to restrict which certificates and certificate authorities are trusted. Certificate pinning increases security, but limits your server team’s abilities to update their TLS certificates. **Do not use certificate pinning without the blessing of your server’s TLS administrator!**

=== ":material-language-kotlin: Kotlin"
    ```kotlin
      private val client = OkHttpClient.Builder()

 * certificate.
 *
 * Use of the chain cleaner is necessary to omit unexpected certificates that aren't relevant to
 * the TLS handshake and to extract the trusted CA certificate for the benefit of certificate
 * pinning.
 */
abstract class CertificateChainCleaner {
  @Throws(SSLPeerUnverifiedException::class)
  abstract fun clean(
    chain: List<Certificate>,
    hostname: String,
  ): List<Certificate>

  companion object {

 *
 * <p><b>Warning:</b> The caller is responsible for not attempting to read past the end of the
 * array. If any method encounters the end of the array prematurely, it throws {@link
 * IllegalStateException} to signify <i>programmer error</i>. This behavior is a technical violation
 * of the supertype's contract, which specifies a checked exception.
 *
 * @author Kevin Bourrillion
 * @since 1.0
 */
@J2ktIncompatible
@GwtIncompatible