)]}' { "commit": "1c337e566d98a46798fe76c170c35e8c1a3ca6ea", "tree": "910025ec6ed36d97aa00b07b4b71a426503ecd3e", "parents": [ "bdc409801f793bc15cae6e57697e061b96dd9487" ], "author": { "name": "Jesse Selover", "email": "jselover@google.com", "time": "Fri Aug 10 13:28:47 2018 -0400" }, "committer": { "name": "CQ bot account: commit-bot@chromium.org", "email": "commit-bot@chromium.org", "time": "Fri Aug 10 20:06:22 2018 +0000" }, "message": "Option to reverify certs on resumption.\n\nWorks in the 1.3 and 1.2 client handshakes, not implemented on the\nserver for now.\nCreates an SSL_CTX option to reverify the server certificate on session\nresumption. Reverification only runs the client\u0027s certificate verify callback.\nAdds new states to the client handshakes: state_reverify_server_certificate in\nTLS 1.2, and state_server_certificate_reverify in TLS 1.3.\nAdds a negative test to make sure that by default we don\u0027t verify the\ncertificate on resumption, and positive tests that make sure we do when the\nnew option is set.\n\nChange-Id: I3a47ff3eacb3099df4db4c5bc57f7c801ceea8f1\nBug: chromium:347402\nReviewed-on: https://boringssl-review.googlesource.com/29984\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nCQ-Verified: CQ bot account: commit-bot@chromium.org \u003ccommit-bot@chromium.org\u003e\n", "tree_diff": [ { "type": "modify", "old_id": "a24af4611d9b7219031692bc96ae20dcad64b0da", "old_mode": 33188, "old_path": "include/openssl/ssl.h", "new_id": "d61698168d73a5fec798ef85553298f7e315dcfd", "new_mode": 33188, "new_path": "include/openssl/ssl.h" }, { "type": "modify", "old_id": "4683ac595a41fc3d4b0d6e5a48afec2d1e17385b", "old_mode": 33188, "old_path": "ssl/handshake.cc", "new_id": "8e5c62c3598385798fb159e92537840bbff931af", "new_mode": 33188, "new_path": "ssl/handshake.cc" }, { "type": "modify", "old_id": "de5d8e96b685f285c52608a727c8dbbf199dfc95", "old_mode": 33188, "old_path": "ssl/handshake_client.cc", "new_id": "cb9b6dec8fd893f93341d2eca96a648144c44916", "new_mode": 33188, "new_path": "ssl/handshake_client.cc" }, { "type": "modify", "old_id": "cc3e075a4b7319b2a1beeb0c2e021cb9a81b1fd7", "old_mode": 33188, "old_path": "ssl/internal.h", "new_id": "46c52486af93bf4b6653a7bd2532bc7b2ad62df9", "new_mode": 33188, "new_path": "ssl/internal.h" }, { "type": "modify", "old_id": "36c26cd5612155245b19a220bbe04dac1b31051a", "old_mode": 33188, "old_path": "ssl/ssl_lib.cc", "new_id": "d6181f3dd15b28ecda7171fe560cb60b3c3f0114", "new_mode": 33188, "new_path": "ssl/ssl_lib.cc" }, { "type": "modify", "old_id": "d1748dd791769f50229c66d0551d8250e937d596", "old_mode": 33188, "old_path": "ssl/test/runner/runner.go", "new_id": "47c45133890d832378e2c216bb56c4d3924d9e10", "new_mode": 33188, "new_path": "ssl/test/runner/runner.go" }, { "type": "modify", "old_id": "d92cf722fcd772f546de8a10a1446ed660a3ecb9", "old_mode": 33188, "old_path": "ssl/test/test_config.cc", "new_id": "fee4258043219f756b432d280c3a60a9c23254bb", "new_mode": 33188, "new_path": "ssl/test/test_config.cc" }, { "type": "modify", "old_id": "6c9ac3e245d96ebcb8553a965ecf93e908ab6640", "old_mode": 33188, "old_path": "ssl/test/test_config.h", "new_id": "7f9f4424b590c1c78ef853ca29b5e81f17401af2", "new_mode": 33188, "new_path": "ssl/test/test_config.h" }, { "type": "modify", "old_id": "40281a07f90023c1e97ac6bbfc267bf1e92482d4", "old_mode": 33188, "old_path": "ssl/tls13_client.cc", "new_id": "cf204037948fe8e39e39ee25b1c7f935687e6ddf", "new_mode": 33188, "new_path": "ssl/tls13_client.cc" } ] }