ssl

Checklist

• Dependencies installed
• No typos
• Searched existing issues and docs

Issue Description

When using the RateLimiter Middleware with a rate between 0 and 1 all events will be rejected instead of applying the specified rate. E.g.: e.Use(middleware.RateLimiter(middleware.NewRateLimiterMemoryStore(0.5)))

I am not saying that it is a common use case to have

I'm using a /etc/cron.daily/ file that does:

#!/bin/sh

BITS=4096
GENERATOR=-2

openssl dhparam -out /etc/pki/tls/misc/dhparam.pem.new \
		$GENERATOR $BITS > /dev/null \
	&& mv -f /etc/pki/tls/misc/dhparam.pem.new /etc/pki/tls/misc/dhparam \
	&& apachectl restart

to generate daily dhparam files which I then use in ssl.conf as:

SSLOpenSSLConfCmd DHParameters /e

Sorry for not following the template. It's a straightforward question.

By enabling "WordPress-specific rules", the following codes will be added to the wordpress.conf:

# WordPress: deny general stuff
location ~* ^/(?:xmlrpc\.php|wp-links-opml\.php|wp-config\.php|wp-config-sample\.php|readme\.html|license\.txt)$ {
    deny all;
}

However, this disables xmlrpc feature, which disa

Context and Description

The READMEs and any example code in all projects should be updated to reflect the move from the IBM-Swift organization to the Kitura organization.

If anyone wants to take on all or part of this, please comment here so other's know what you're working on and submit PR's. :-)

Thanks!

There's little information about what keys and values are in the output, what it means and how they are related to the screen output. In general that needs to be added. (special topics see #1675, #1674)

We are using oauth2-proxy in a airgapped enviroment and the login page is missing its stylesheet.
We upgrade oauth proxy from version v7.1.3 to v.7.2.0
But the new version nolonger has its own stylesheet.
It is now downling this from cdn.jsdelivr.net.
We cannot reach this domain from our server.
It is possible to include the stylesheet in the application itself rather then relaying on a 3rth

Problem:

A common pattern is:

GUARD(s2n_stuffer_skip_write(stuffer, bytes_to_write));
uint8_t* ptr = suffer->blob.data + stuffer->write_cursor - bytes_to_write;

which could be simplified.

Solution:

*ptr could be an *out parameter to s2n_stuffer_skip_write

• Does this change what S2N sends over the wire? No.
• Does this change any public APIs? No.

Since 3.0, all fields of mbedtls_ssl_ticket_key and mbedtls_ssl_ticket_context are now private. It turns out some applications where accessing them (originally reported in #5331):

lighttpd allows synchronization of session tickets
across multiple servers, and so writes into mbedtls_ssl_ticket_context to
manage mbedtls_ssl_ticket_context.
lighttpd `mod_mbedtls_session_ticket_key_ch