)]}'
{
  "commit": "66e106026aa6efb7e7266d5fd36ef27f30757d43",
  "tree": "52643f2deb565e954250ff9c21642c168728a7e6",
  "parents": [
    "07432f325d6a388fe6d4881e84b076610c961f05"
  ],
  "author": {
    "name": "David Benjamin",
    "email": "davidben@google.com",
    "time": "Fri Jul 19 16:44:30 2019 -0400"
  },
  "committer": {
    "name": "CQ bot account: commit-bot@chromium.org",
    "email": "commit-bot@chromium.org",
    "time": "Fri Jul 19 21:34:34 2019 +0000"
  },
  "message": "Align TLS 1.3 cipher suite names with OpenSSL.\n\nThere are two naming conventions for TLS cipher suites, the standard\nIETF names (SSL_CIPHER_standard_name) and the ad-hoc OpenSSL names\n(SSL_CIPHER_get_name). When we added TLS 1.3, we had to come up with\nOpenSSL-style names for the cipher suites.\n\nOpenSSL-style names use hyphens rather than underscores (and omit\nunderscores in odd places), so the natural name for\nTLS_AES_128_GCM_SHA256 would have been \"AES128-GCM-SHA256\". However,\nthat name is already taken by TLS_RSA_WITH_AES_128_GCM_SHA256 because\nOpenSSL\u0027s naming convention treats the legacy RSA key exchange as\ndefault. Instead, we used an \"AEAD-\" prefix to indicate the ciphers only\nspecified the AEAD.\n\nSince then, OpenSSL has implemented TLS 1.3. Instead, they simply made\nthe OpenSSL-style name match the standard name starting TLS 1.3,\nunderscores and all. (This is why openssl s_client will return very\ndifferent-looking cipher names in TLS 1.2 and TLS 1.3.)\n\nAlign with OpenSSL and do the same.\n\nUpdate-Note: SSL_CIPHER_get_name will return different values for TLS\n1.3 ciphers than before. Note that we did not allow TLS 1.3 ciphers to\nbe configured at all, so no cipher suite configurations will need to\nchange, but code logging or asserting on the result of a TLS connection\nmay observe differences.\n\nIt is also recommended that consumers replace uses of\nSSL_CIPHER_get_name with SSL_CIPHER_standard_name which gives a much\nmore consistent naming convention. (BoringSSL supports both standard and\nOpenSSL names in the cipher suite configuration, so there\u0027s no need to\nuse OpenSSL names at all.)\n\nChange-Id: I40b1de0689dd7b32af88602acc063934f2877999\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/36764\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nCommit-Queue: Adam Langley \u003cagl@google.com\u003e\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "c0247ca6baf5b21cc58cce5e21f394534e685f6b",
      "old_mode": 33188,
      "old_path": "include/openssl/ssl.h",
      "new_id": "690a3883dd98ba93db546c925e06a4d853fbf2a9",
      "new_mode": 33188,
      "new_path": "include/openssl/ssl.h"
    },
    {
      "type": "modify",
      "old_id": "f7766f25a6e804e6893f164d2b70549a13db968d",
      "old_mode": 33188,
      "old_path": "include/openssl/tls1.h",
      "new_id": "e3209b6fc8f2fa0e9d6fa29725fb403e62a5b965",
      "new_mode": 33188,
      "new_path": "include/openssl/tls1.h"
    }
  ]
}