ssl

Checklist

• Dependencies installed
• No typos
• Searched existing issues and docs

Issue Description

When using the RateLimiter Middleware with a rate between 0 and 1 all events will be rejected instead of applying the specified rate. E.g.: e.Use(middleware.RateLimiter(middleware.NewRateLimiterMemoryStore(0.5)))

I am not saying that it is a common use case to have

Currently the PKCS12_parse() fails if it is called on mac-less PKCS12 files. Given the KDF used with the MAC algorithm in PKCS12 is not FIPS compliant it would be desirable to allow mac-less PKCS12 files.

The PR would need to include some tests for PKCS12_parse API as there are currently none.

Sorry for not following the template. It's a straightforward question.

By enabling "WordPress-specific rules", the following codes will be added to the wordpress.conf:

# WordPress: deny general stuff
location ~* ^/(?:xmlrpc\.php|wp-links-opml\.php|wp-config\.php|wp-config-sample\.php|readme\.html|license\.txt)$ {
    deny all;
}

However, this disables xmlrpc feature, which disa

Context and Description

The READMEs and any example code in all projects should be updated to reflect the move from the IBM-Swift organization to the Kitura organization.

If anyone wants to take on all or part of this, please comment here so other's know what you're working on and submit PR's. :-)

Thanks!

Which version are you referring to
3.1dev

We list not all RFCs in ~/doc/ which we refer to in testssl.sh.

List used RFCs: grep RFC -w ./testssl.sh | grep -v TLS_CIPHER | grep RFC | sed 's/^.*RFC/RFC/' | sort -u
List RFCs referred to: grep -w RFC doc/testssl.1

I'm trying to build a container image with oauth2-proxy as base image for the linux/arm64/v8 platform.

Expected Behavior

The build is successful

Current Behavior

The build failes with error building image: no child with platform linux/arm64/v8 in index quay.io/oauth2-proxy/oauth2-proxy:v7.2.1

Possible Solution

The arm64 entry in the image index is missing the v8

Problem:

A common pattern is:

GUARD(s2n_stuffer_skip_write(stuffer, bytes_to_write));
uint8_t* ptr = suffer->blob.data + stuffer->write_cursor - bytes_to_write;

which could be simplified.

Solution:

*ptr could be an *out parameter to s2n_stuffer_skip_write

• Does this change what S2N sends over the wire? No.
• Does this change any public APIs? No.

Mbed TLS only supports 12-byte nonces for PSA_ALG_STREAM_CIPHER with PSA_KEY_TYPE_CHACHA20 and for PSA_ALG_CHACHA20_POLY1305. The PSA Crypto specification allows both 12-byte and 8-byte nonces