Daniel Roethlisberger
Daniel Roethlisberger
As an afterthought, please provide details on the platform and build environment. If this is some weird libc without fts(3), then I suspect your platform may be part of the...
Joe, can you test drive branch [issue/195](https://github.com/droe/sslsplit/tree/issue/195) for me to see if the change fixes the issue you are having? It fixes the keyUsage field to be in line with...
If you start `chromium-browser` from a terminal, you will see the numerical NSS error code in error output that more specifically narrows down why Chromium raises `NET::ERR_CERT_INVALID`. If it's -8102...
Okay, please let me know the NSS error code when/if you have the opportunity to run Chrome or Chromium from a terminal.
@aboulfad Please open a separate issue for your problem.
I would expect the 39 months limit to only be effective for issued certificates, not CA certificates. We are not generating any leaf certificates with a lifetime longer than a...
Possible refactoring strategy: Pluggable protocol parsing function gets evbuffer and direction, and can indicate on return when it wants to be called again (after terminator is seen, or after certain...
Possible quick win strategy: Add `genericstarttls` mode to look for Client Hello messages and to upgrade to SSL/TLS when one is detected.
To solve that using a clean protocol parsing support would be much preferred to a global rewrite hack. Please file a separate issue on just COMPRESS DEFLATE prevention in IMAP...
@stevejohn82 I removed your comments as they are unrelated to this issue and instead pertain to IPv6 support in the netfilter NAT lookup engine, which I've merged to `develop` yesterday.