ssl

Checklist

• Dependencies installed
• No typos
• Searched existing issues and docs

Issue Description

When using the RateLimiter Middleware with a rate between 0 and 1 all events will be rejected instead of applying the specified rate. E.g.: e.Use(middleware.RateLimiter(middleware.NewRateLimiterMemoryStore(0.5)))

I am not saying that it is a common use case to have

The documentation for X509_NAME_print says:

X509_NAME_print() prints out name to bp indenting each line by obase characters. Multiple lines are used if the output (including indent) exceeds 80 characters.
https://github.com/openssl/openssl/blob/master/doc/man3/X509_NAME_print_ex.pod

However, the implementation does not actually do this. obase and 80 figure into l, but l is decreme

Sorry for not following the template. It's a straightforward question.

By enabling "WordPress-specific rules", the following codes will be added to the wordpress.conf:

# WordPress: deny general stuff
location ~* ^/(?:xmlrpc\.php|wp-links-opml\.php|wp-config\.php|wp-config-sample\.php|readme\.html|license\.txt)$ {
    deny all;
}

However, this disables xmlrpc feature, which disa

Context and Description

The READMEs and any example code in all projects should be updated to reflect the move from the IBM-Swift organization to the Kitura organization.

If anyone wants to take on all or part of this, please comment here so other's know what you're working on and submit PR's. :-)

Thanks!

Which version are you referring to
3.1dev

We list not all RFCs in ~/doc/ which we refer to in testssl.sh.

List used RFCs: grep RFC -w ./testssl.sh | grep -v TLS_CIPHER | grep RFC | sed 's/^.*RFC/RFC/' | sort -u
List RFCs referred to: grep -w RFC doc/testssl.1

Expected Behavior

rewriteTarget should work identical for websocket connections and none websocket connections

Current Behavior

For websocket connections, oauth2proxy does not seem to rewrite the request path before sending it to the upstream server.

Example:

...
server:
  BindAddress: 0.0.0.0:8081
  SecureBindAddress: ""
  TLS: null
upstreamConfig:
  upstreams:

Problem:

A common pattern is:

GUARD(s2n_stuffer_skip_write(stuffer, bytes_to_write));
uint8_t* ptr = suffer->blob.data + stuffer->write_cursor - bytes_to_write;

which could be simplified.

Solution:

*ptr could be an *out parameter to s2n_stuffer_skip_write

• Does this change what S2N sends over the wire? No.
• Does this change any public APIs? No.

Mbed TLS only supports 12-byte nonces for PSA_ALG_STREAM_CIPHER with PSA_KEY_TYPE_CHACHA20 and for PSA_ALG_CHACHA20_POLY1305. The PSA Crypto specification allows both 12-byte and 8-byte nonces