)]}'
{
  "commit": "b29e1e15a344b83820594419781a9cef0d7dbca8",
  "tree": "59758b81eb6daac7a6991875149869926d6ed2e0",
  "parents": [
    "8728af480156e3471775a41ec33c352e0b09000d"
  ],
  "author": {
    "name": "David Benjamin",
    "email": "davidben@google.com",
    "time": "Mon May 06 14:44:46 2019 -0500"
  },
  "committer": {
    "name": "CQ bot account: commit-bot@chromium.org",
    "email": "commit-bot@chromium.org",
    "time": "Tue May 07 23:31:38 2019 +0000"
  },
  "message": "Save and restore errors when ignoring ssl_send_alert result.\n\nOut-of-band errors, the UNIX gift that keeps on giving...\n\nWe almost always ignore the result of ssl_send_alert, treating it as\nlargely a \"best effort\". Sending an alert is the only place in the TLS\nstack where we call back to user code with state in the error queue. (If\nwe\u0027ve put something in the error queue, it means we are in the process\nof failing an operation.) That user code may mess up state by, say,\ncalling ERR_clear_error.\n\nIn particular, if the underlying BIO is implemented with SSL_write, as\nin TLS tunneled over an HTTPS proxy, the call to SSL_write will\nERR_clear_error and clobber our error state. (SSL_write must\nERR_clear_error so that SSL_get_error works. This is one of the few\nplaces we are sensitive to clearing the error queue.)\n\nSplit ssl_send_alert into a low-level ssl_send_alert_impl (for the two\nplaces we do honor the return value) an ssl_send_alert wrapper which\nsaves and restores the error queue across the call, more explicitly\nignoring the return value.\n\nThis is intended as a minimal fix to https://crbug.com/959305, in case\nwe need to merge it to a release branch. As a follow-up, I plan to\nrework the handshake state machine so it never calls ssl_send_alert,\ninstead returning the alert as part of the error. This is the last bit\nof I/O still in the handshake. (We have the out_alert calling\nconvention, but I\u0027m thinking it\u0027s worth a small sum type where the error\nbranch has an alert so we don\u0027t forget to supply one everywhere.\n\nUpdate-Note: This changes our behavior when sending an alert fails.\nBug: chromium:959305\nChange-Id: I24033205ad0f7ebd1797964489e4d46414a3e7ec\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/35904\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "2a173c1267b9e72346a67a33ba502e16813e0067",
      "old_mode": 33188,
      "old_path": "ssl/internal.h",
      "new_id": "c7f6a5e8653306c0f7f7333026bf97cfea0f0236",
      "new_mode": 33188,
      "new_path": "ssl/internal.h"
    },
    {
      "type": "modify",
      "old_id": "abc6798e6be30704dc883f59a1793d61f5f3db99",
      "old_mode": 33188,
      "old_path": "ssl/s3_pkt.cc",
      "new_id": "67bfd63d6aa277406762481442b91a0e7d8a415e",
      "new_mode": 33188,
      "new_path": "ssl/s3_pkt.cc"
    },
    {
      "type": "modify",
      "old_id": "95177e076eb8335a3b19ae3ec1dedd2f69e2787a",
      "old_mode": 33188,
      "old_path": "ssl/ssl_lib.cc",
      "new_id": "f27f2b879b6ff87600b29060f55c6c7dd9ef89d2",
      "new_mode": 33188,
      "new_path": "ssl/ssl_lib.cc"
    },
    {
      "type": "modify",
      "old_id": "f06b1d955770013772d0932e2716844f51adbe21",
      "old_mode": 33188,
      "old_path": "ssl/ssl_test.cc",
      "new_id": "6f180c74e19708da5b99054bc3c112240f0bfe39",
      "new_mode": 33188,
      "new_path": "ssl/ssl_test.cc"
    }
  ]
}
