ssl

Checklist

• Dependencies installed
• No typos
• Searched existing issues and docs

Issue Description

When using the RateLimiter Middleware with a rate between 0 and 1 all events will be rejected instead of applying the specified rate. E.g.: e.Use(middleware.RateLimiter(middleware.NewRateLimiterMemoryStore(0.5)))

I am not saying that it is a common use case to have

I know this is going to sound trivial... but hopefully it's *SO* trivial that it's easy to implement! «grin»

I was using openssl s_client to debug an issue that turned out to be the result of having multiple DNS (round-robin) 'A' records defined...

It would have helped tremendously if s_client had logged the IP address to which it actually connected at the top. (And running {dig/

Feature request

Feature description

The generated and installed config files permission are too open, any user logined on the system can read and write them. So i suggest append a chmod command into Extract tar step to keep config files more safty.

How the feature is useful

Context and Description

The READMEs and any example code in all projects should be updated to reflect the move from the IBM-Swift organization to the Kitura organization.

If anyone wants to take on all or part of this, please comment here so other's know what you're working on and submit PR's. :-)

Thanks!

Can somebody give a hand here?

I am referring to this line in the readme: [![Travis CI Status](https://travis-ci.org/drwetter/testssl.sh.svg?branch=3.1dev)](https://travis-ci.org/drwetter/testssl.sh)

Problem:

A common pattern is:

GUARD(s2n_stuffer_skip_write(stuffer, bytes_to_write));
uint8_t* ptr = suffer->blob.data + stuffer->write_cursor - bytes_to_write;

which could be simplified.

Solution:

*ptr could be an *out parameter to s2n_stuffer_skip_write

• Does this change what S2N sends over the wire? No.
• Does this change any public APIs? No.

When closing the browser after a successful user sign in, the session is still alive for the time the oauth2-proxy cookie has not expired and tokens in session are still valid.

Expected Behavior

There could be an additional "browser session enabled" configuration. When the browser is closed (or when the browser defines the "current session" ends), the oauth2-proxy user session should also

The definition and the comment about PSA_KEY_EXPORT_ECC_PUBLIC_KEY_MAX_SIZE in include/psa/crypto_sizes.h apply to Weierstrass curves only: 0x04, x, y. This happens to work for Montgomery and Edwards curves as well (because those only use one coordinates, which takes less room), so it's no big deal, but the documentation there is misleading and the definition is suboptimal.

The goal of this