Skip to content

Instantly share code, notes, and snippets.

Adam Langley agl

Block or report user

Report or block agl

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View NSS patch for cut-through.diff
diff --git a/mozilla/security/nss/lib/ssl/ssl.h b/mozilla/security/nss/lib/ssl/ssl.h
index 3026b48..94935a0 100644
--- a/mozilla/security/nss/lib/ssl/ssl.h
+++ b/mozilla/security/nss/lib/ssl/ssl.h
@@ -97,40 +97,42 @@ SSL_IMPORT PRFileDesc *SSL_ImportFD(PRFileDesc *model, PRFileDesc *fd);
#define SSL_ENABLE_SSL2 7 /* enable ssl v2 (on by default) */
#define SSL_ENABLE_SSL3 8 /* enable ssl v3 (on by default) */
#define SSL_NO_CACHE 9 /* don't use the session cache */
/* (off by default) */
View gist:212066
diff --git a/mozilla/security/nss/cmd/selfserv/selfserv.c b/mozilla/security/nss/cmd/selfserv/selfserv.c
index 4c3d8e3..8e6acf8 100644
--- a/mozilla/security/nss/cmd/selfserv/selfserv.c
+++ b/mozilla/security/nss/cmd/selfserv/selfserv.c
@@ -200,6 +200,7 @@ Usage(const char *progName)
"-u means enable Session Ticket extension for TLS.\n"
"-v means verbose output\n"
"-x means use export policy.\n"
+"-z mean enable compression.\n"
"-L seconds means log statistics every 'seconds' seconds (default=30).\n"
View nss-ocsp.diff
diff --git a/mozilla/security/nss/lib/certhigh/ocsp.c b/mozilla/security/nss/lib/certhigh/ocsp.c
index 0ffdb34..4a225df 100644
--- a/mozilla/security/nss/lib/certhigh/ocsp.c
+++ b/mozilla/security/nss/lib/certhigh/ocsp.c
@@ -4797,6 +4797,112 @@ CERT_CheckOCSPStatus(CERTCertDBHandle *handle, CERTCertificate *cert,
+ * FUNCTION: CERT_CacheOCSPResponseFromSideChannel
+ * First, this function caches the OCSP cache to see if a positive response
View nss-check-cert-in-shd.diff
diff --git a/mozilla/security/nss/lib/ssl/ssl3con.c b/mozilla/security/nss/lib/ssl/ssl3con.c
index 8d4b05d..414707e 100644
--- a/mozilla/security/nss/lib/ssl/ssl3con.c
+++ b/mozilla/security/nss/lib/ssl/ssl3con.c
@@ -5607,7 +5607,36 @@ ssl3_RestartHandshakeAfterCertReq(sslSocket * ss,
return rv;
+static SSL3AlertDescription
+ssl3_CertErrorToAlert(PRBool isTLS, int errCode)
agl / goimports.go
Created Oct 17, 2010
Go program to generate a dot file from the packages. Run from src/pkg.
View goimports.go
package main
import (
agl / gist:876829
Created Mar 18, 2011
Proxy server for testing revocation
View gist:876829
package main
import (
agl / gen.go
Created Apr 15, 2012
GPG/X.509 certificates
View gen.go
package main
import (
View cacerts.go
package main
import (
agl / test.c
Created Sep 13, 2014
VST forward issue.
View test.c
#include <stdint.h>
typedef int64_t limb;
typedef int32_t s32;
void product(limb out[19], const limb *a, const limb *b) {
s32 t1, t2;
t1 = a[0];
t2 = b[0];
agl / gist:aac39429601667c588cc
Created Oct 4, 2014
1024-bit key, generated with OpenSSL, for purported factorisation.
View gist:aac39429601667c588cc
If anyone can publish the two, non-trivial factors of this number (where neither is 1!) then they'll have my attention:
In standard form:
You can’t perform that action at this time.