ssl

Checklist

• Dependencies installed
• No typos
• Searched existing issues and docs

Issue Description

When using the RateLimiter Middleware with a rate between 0 and 1 all events will be rejected instead of applying the specified rate. E.g.: e.Use(middleware.RateLimiter(middleware.NewRateLimiterMemoryStore(0.5)))

I am not saying that it is a common use case to have

The API documentation for KEM decapsulation - EVP_PKEY_decapsulate - suggests that the function returns 0 or a negative value for failure.

However, most PQC KEMs such as those implemented by oqs-provider don't return an error code if decapsulation failed (e.g. due to mod

Feature request

Place the access_log and error_log directives inside the main server block instead of http block.

Feature description

Disable access_log at http block:
File: /etc/nginx/nginx.conf

# ...
http {
    # ...
    access_log off;
    # ...
}
# ...

Enable per site access_log and error_log at main server block:
File: /etc/nginx/

Context and Description

The READMEs and any example code in all projects should be updated to reflect the move from the IBM-Swift organization to the Kitura organization.

If anyone wants to take on all or part of this, please comment here so other's know what you're working on and submit PR's. :-)

Thanks!

Which version are you referring to
3.1dev

We list not all RFCs in ~/doc/ which we refer to in testssl.sh.

List used RFCs: grep RFC -w ./testssl.sh | grep -v TLS_CIPHER | grep RFC | sed 's/^.*RFC/RFC/' | sort -u
List RFCs referred to: grep -w RFC doc/testssl.1

Expected Behavior

When making a request with headers "Connection: keep-alive, Upgrade; Upgrade: websocket", the keep-alive should be ignored when checking if the request should be served by a Websocket, per IETF protocol document, the Connection header must include Upgrade, but is not limited to exactl

Problem:

A common pattern is:

GUARD(s2n_stuffer_skip_write(stuffer, bytes_to_write));
uint8_t* ptr = suffer->blob.data + stuffer->write_cursor - bytes_to_write;

which could be simplified.

Solution:

*ptr could be an *out parameter to s2n_stuffer_skip_write

• Does this change what S2N sends over the wire? No.
• Does this change any public APIs? No.