)]}' { "commit": "b31040d0d8bbfa563a39e2321131074816d9d21b", "tree": "daa27ec3ef9985512b241008b96cb00553b7251a", "parents": [ "c7a3a148721c2b02ed31297bcc2a823949225e67" ], "author": { "name": "David Benjamin", "email": "davidben@chromium.org", "time": "Sun Jun 07 10:53:32 2015 -0400" }, "committer": { "name": "Adam Langley", "email": "agl@google.com", "time": "Mon Jun 08 22:13:45 2015 +0000" }, "message": "Get rid of CERT_PKEY slots in SESS_CERT.\n\nThis doesn\u0027t even change behavior. Unlike local configuration, the peer\ncan never have multiple certificates anyway. (Even with a renego, the\nSESS_CERT is created anew.)\n\nThis does lose the implicit certificate type check, but the certificate\ntype is already checked in ssl3_get_server_certificate and later checked\npost-facto in ssl3_check_cert_and_algorithm (except that one seems to\nhave some bugs like it accepts ECDSA certificates for RSA cipher suites,\nto be cleaned up in a follow-up). Either way, we have the certificate\nmismatch tests for this.\n\nBUG\u003d486295\n\nChange-Id: I437bb723bb310ad54ee4150eda67c1cfe43377b3\nReviewed-on: https://boringssl-review.googlesource.com/5044\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\n", "tree_diff": [ { "type": "modify", "old_id": "7d9a5ad632b7e02ce69486be41df4f4f081ef56e", "old_mode": 33188, "old_path": "ssl/internal.h", "new_id": "0f40122f856c3433b78f554ab428e7efddacadf7", "new_mode": 33188, "new_path": "ssl/internal.h" }, { "type": "modify", "old_id": "159e2d76ef7c569a98bf655eb80957646f0e4637", "old_mode": 33188, "old_path": "ssl/s3_clnt.c", "new_id": "d7ed14f93d33361ac01373379379f6fdaec2e5c4", "new_mode": 33188, "new_path": "ssl/s3_clnt.c" }, { "type": "modify", "old_id": "f1fd6751e5d64f22501b97c8f69f8f7125ce0d17", "old_mode": 33188, "old_path": "ssl/ssl_cert.c", "new_id": "f27685d11ace08cbe166146ef86a8bb36c096519", "new_mode": 33188, "new_path": "ssl/ssl_cert.c" } ] }