key `public.crt`, if it also needs to be trusted. For instance, given that TLS is enabled and you need to add trust for MinIO's own CA and for the CA of a Keycloak server, a Kubernetes secret can be created from the certificate files using `kubectl`: ``` kubectl -n minio create secret generic minio-trusted-certs --from-file=public.crt --from-file=keycloak.crt ``` If TLS is not enabled, you would need only the third party CA: ``` kubectl -n minio create secret generic minio-trusted-certs --from-file=keycloak.crt...

key `public.crt`, if it also needs to be trusted. For instance, given that TLS is enabled and you need to add trust for MinIO's own CA and for the CA of a Keycloak server, a Kubernetes secret can be created from the certificate files using `kubectl`: ``` kubectl -n minio create secret generic minio-trusted-certs --from-file=public.crt --from-file=keycloak.crt ``` If TLS is not enabled, you would need only the third party CA: ``` kubectl -n minio create secret generic minio-trusted-certs --from-file=keycloak.crt...

    conditions {
        matches("teamcity.build.branch", "(pre-test/.*)|(gh-readonly-queue/.*)")
    }
}

fun BuildStep.skipConditionally(buildType: BuildType? = null) {
    // we need to run CompileALl unconditionally because of artifact dependency
    if (buildType !is CompileAll) {
        conditions {
            doesNotEqual("skip.build", "true")
        }
    }
}

   * size to reach 0, causing an infinite loop.
   */
  public void testCopyWithReaderThatDoesNotFillBuffer() throws IOException {
    // need a long enough string for the buffer to hit 0 remaining before the copy completes
    String string = Strings.repeat("0123456789", 100);
    StringBuilder b = new StringBuilder();

        return;
      }

      /*
       * Almost everything in GWT is an AbstractFuture (which is as good as TrustedFuture under
       * GWT). But ImmediateFuture and UncheckedThrowingFuture aren't, so we still need this case.
       */
      try {
        forceSet(getDone(delegate));
      } catch (ExecutionException exception) {
        forceSetException(exception.getCause());

   * size to reach 0, causing an infinite loop.
   */
  public void testCopyWithReaderThatDoesNotFillBuffer() throws IOException {
    // need a long enough string for the buffer to hit 0 remaining before the copy completes
    String string = Strings.repeat("0123456789", 100);
    StringBuilder b = new StringBuilder();

   * will fail and no connection will be established.
   */
  fun requestClientAuth() {
    this.clientAuth = CLIENT_AUTH_REQUESTED
  }

  /**
   * Configure the server to [need client auth][SSLSocket.setNeedClientAuth]. If the
   * client presents a certificate that is [trusted][TrustManager] the handshake will
   * proceed normally. If the client presents an untrusted certificate or no certificate at all the

  /** Creates a new {@link Closer}. */
  public static Closer create() {
    return new Closer(SUPPRESSING_SUPPRESSOR);
  }

  @VisibleForTesting final Suppressor suppressor;

  // only need space for 2 elements in most cases, so try to use the smallest array possible
  private final Deque<Closeable> stack = new ArrayDeque<>(4);
  @CheckForNull private Throwable thrown;

  @VisibleForTesting

        /*
         * The Filter can only work with NTLMv1 as it uses a man-in-the-middle
         * technique that NTLMv2 specifically thwarts. A real NTLM Filter would
         * need to do a NETLOGON RPC that JCIFS will likely never implement
         * because it requires a lot of extra crypto not used by CIFS.
         */
        p.setProperty("jcifs.smb.lmCompatibility", "0");

     */
    protected void setSubject ( Subject subject ) {
        this.subject = subject;
    }


    @Override
    public void refresh () throws CIFSException {
        // custom Kerb5Authenticators need to override this method for support
        throw new SmbUnsupportedOperationException("Refreshing credentials is not supported by this authenticator");
    }


    @Override
    public Kerb5Authenticator clone () {