from the early secret // and the transcript up to the ClientHello. func (s *EarlySecret) EarlyExporterMasterS(transcript fips140.Hash) *ExporterMasterSecret { return &ExporterMasterSecret{ secret: deriveSecret(s.hash, s.secret, earlyExporterLabel, transcript), hash: s.hash, } } func (s *ExporterMasterSecret) Exporter(label string, context []byte, length int) []byte { secret := deriveSecret(s.hash, s.secret, label, nil) h := s.hash() h.Write(context) return ExpandLabel(s.hash, secret, "exporter", h.Sum(nil),...

labels.notification_login=Page de connexion
labels.notification_search_top=Page d'accueil de la recherche
labels.storage_endpoint=Point de terminaison
labels.storage_access_key=Clé d'accès
labels.storage_secret_key=Clé secrète
labels.storage_bucket=Compartiment
labels.storage_type=Type
labels.storage_type_auto=Auto
labels.storage_type_s3=S3
labels.storage_type_gcs=GCS
labels.storage_region=Region
labels.storage_project_id=Project ID

labels.ldap_memberof_attribute=memberOf Attribute
labels.notification_login=Login Page
labels.notification_search_top=Search Top Page
labels.storage_endpoint=Endpoint
labels.storage_access_key=Access Key
labels.storage_secret_key=Secret Key
labels.storage_bucket=Bucket
labels.storage_type=Type
labels.storage_type_auto=Auto
labels.storage_type_s3=S3
labels.storage_type_gcs=GCS
labels.storage_region=Region
labels.storage_project_id=Project ID

ExporterMasterSecret struct { secret []byte hash func() hash.Hash } // ExporterMasterSecret derives the exporter_master_secret from the master secret // and the transcript up to the server Finished. func (s *MasterSecret) ExporterMasterSecret(transcript hash.Hash) *ExporterMasterSecret { return &ExporterMasterSecret{ secret: deriveSecret(s.hash, s.secret, exporterLabel, transcript), hash: s.hash, } } // EarlyExporterMasterS derives the exporter_master_secret from the early secret // and the transcript up...

improves the security posture in the mounting process where the volumes are ACL’ed on the pods’ service account without handing out unnecessary permissions to the CSI drivers’ service account. This feature is especially important for secret-handling CSI drivers, such as the secrets-store-csi-driver. Since these tokens can be rotated and short-lived, this feature also provides a knob for CSI drivers to receive `NodePublishVolume` RPC calls periodically with the new token. This knob is also useful when volumes...

- Clean duplicate GetPodServiceMemberships function ([#83902](https://github.com/kubernetes/kubernetes/pull/83902), [@gongguan](https://github.com/gongguan))

### Auth

- K8s docker config json secrets are now compatible with docker config desktop authentication credentials files ([#82148](https://github.com/kubernetes/kubernetes/pull/82148), [@bbourbie](https://github.com/bbourbie))

labels.notification_login=Pagina di login
labels.notification_search_top=Pagina principale di ricerca
labels.storage_endpoint=Endpoint
labels.storage_access_key=Chiave di accesso
labels.storage_secret_key=Chiave segreta
labels.storage_bucket=Bucket
labels.send_testmail=Invia email di test
labels.backup_configuration=Backup
labels.backup_name=Nome
labels.backup_bulk_file=File di massa
labels.backup_button_upload=Carica

}

// CopyObjectHandler - Copy Object
// ----------
// This implementation of the PUT operation adds an object to a bucket
// while reading the object from another source.
// Notice: The S3 client can send secret keys in headers for encryption related jobs,
// the handler should ensure to remove these keys before sending them to the object layer.
// Currently these keys are:
//   - X-Amz-Server-Side-Encryption-Customer-Key

- Don't prematurely close reflectors in case of slow initialization in watch based manager to fix issues with inability to properly mount secrets/configmaps. ([#104604](https://github.com/kubernetes/kubernetes/pull/104604), [@wojtek-t](https://github.com/wojtek-t))

- Fixed in-tree to CSI migration for Portworx volumes, in clusters where Portworx security feature is enabled (it's a Portworx feature, not Kubernetes feature). It required secret data from the secret mentioned in-tree SC, to be passed in CSI requests which was not happening before this fix. ([#129675](https://github.com/kubernetes/kubernetes/pull/129675), [@gohilankit](https://github.com/gohilankit)) [SIG Storage]