Skip to content

Instantly share code, notes, and snippets.

View NSS patch for cut-through.diff
diff --git a/mozilla/security/nss/lib/ssl/ssl.h b/mozilla/security/nss/lib/ssl/ssl.h
index 3026b48..94935a0 100644
--- a/mozilla/security/nss/lib/ssl/ssl.h
+++ b/mozilla/security/nss/lib/ssl/ssl.h
@@ -97,40 +97,42 @@ SSL_IMPORT PRFileDesc *SSL_ImportFD(PRFileDesc *model, PRFileDesc *fd);
#define SSL_ENABLE_SSL2 7 /* enable ssl v2 (on by default) */
#define SSL_ENABLE_SSL3 8 /* enable ssl v3 (on by default) */
#define SSL_NO_CACHE 9 /* don't use the session cache */
/* (off by default) */
View gist:212066
diff --git a/mozilla/security/nss/cmd/selfserv/selfserv.c b/mozilla/security/nss/cmd/selfserv/selfserv.c
index 4c3d8e3..8e6acf8 100644
--- a/mozilla/security/nss/cmd/selfserv/selfserv.c
+++ b/mozilla/security/nss/cmd/selfserv/selfserv.c
@@ -200,6 +200,7 @@ Usage(const char *progName)
"-u means enable Session Ticket extension for TLS.\n"
"-v means verbose output\n"
"-x means use export policy.\n"
+"-z mean enable compression.\n"
"-L seconds means log statistics every 'seconds' seconds (default=30).\n"
View nss-ocsp.diff
diff --git a/mozilla/security/nss/lib/certhigh/ocsp.c b/mozilla/security/nss/lib/certhigh/ocsp.c
index 0ffdb34..4a225df 100644
--- a/mozilla/security/nss/lib/certhigh/ocsp.c
+++ b/mozilla/security/nss/lib/certhigh/ocsp.c
@@ -4797,6 +4797,112 @@ CERT_CheckOCSPStatus(CERTCertDBHandle *handle, CERTCertificate *cert,
+ * FUNCTION: CERT_CacheOCSPResponseFromSideChannel
+ * First, this function caches the OCSP cache to see if a positive response
View nss-check-cert-in-shd.diff
diff --git a/mozilla/security/nss/lib/ssl/ssl3con.c b/mozilla/security/nss/lib/ssl/ssl3con.c
index 8d4b05d..414707e 100644
--- a/mozilla/security/nss/lib/ssl/ssl3con.c
+++ b/mozilla/security/nss/lib/ssl/ssl3con.c
@@ -5607,7 +5607,36 @@ ssl3_RestartHandshakeAfterCertReq(sslSocket * ss,
return rv;
+static SSL3AlertDescription
+ssl3_CertErrorToAlert(PRBool isTLS, int errCode)
agl / goimports.go
Created Oct 17, 2010
Go program to generate a dot file from the packages. Run from src/pkg.
View goimports.go
package main
import (
agl / gist:876829
Created Mar 18, 2011
Proxy server for testing revocation
View gist:876829
package main
import (
agl / gen.go
Created Apr 15, 2012
GPG/X.509 certificates
View gen.go
package main
import (
View cacerts.go
package main
import (
agl / test.c
Created Sep 13, 2014
VST forward issue.
View test.c
#include <stdint.h>
typedef int64_t limb;
typedef int32_t s32;
void product(limb out[19], const limb *a, const limb *b) {
s32 t1, t2;
t1 = a[0];
t2 = b[0];
agl / gist:aac39429601667c588cc
Created Oct 4, 2014
1024-bit key, generated with OpenSSL, for purported factorisation.
View gist:aac39429601667c588cc
If anyone can publish the two, non-trivial factors of this number (where neither is 1!) then they'll have my attention:
In standard form: