)]}'
{
  "commit": "1e859054c31ec7b974e998373e85fadea56d93ad",
  "tree": "8bed48d7df199b3565139339c479c99f2586ed21",
  "parents": [
    "bfe527fa35735e8e045cbfb42b012e13ca68f9cf"
  ],
  "author": {
    "name": "David Benjamin",
    "email": "davidben@google.com",
    "time": "Sun Feb 09 16:04:58 2020 -0500"
  },
  "committer": {
    "name": "CQ bot account: commit-bot@chromium.org",
    "email": "commit-bot@chromium.org",
    "time": "Tue Mar 03 17:15:15 2020 +0000"
  },
  "message": "Revise QUIC encryption secret APIs.\n\nThe original API separated when keys were exported to QUIC from when\nthey were \"active\". This means the obligations on QUIC are unclear. For\ninstance we added SSL_quic_read_level and SSL_quic_write_level to\ncapture when keys were active, yet QUICHE never used them anyway. It\nwould be better to defer releasing keys to when they are needed.\n\nIn particular, we should align our API with the guidelines in\nhttps://github.com/quicwg/base-drafts/issues/3173.\n\nThis means we need separate read and write callbacks, which\nunfortunately means the invariants around ACKs must now be covered in\nprose.\n\nWe\u0027ll likely remove SSL_quic_read_level and SSL_quic_write_level in a\nlater CL as QUIC has no need to know this anymore. (It should simply\nfeed handshake data to BoringSSL as it sees it and, if we reject it,\nreport a suitably error.) The notion of a \"current\" encryption level is\na little odd given the interaction between 0-RTT and\nServerHello..Finished ACKs.\n\nUpdate-Note: This is an incompatible change to SSL_QUIC_METHOD.\nBORINGSSL_API_VERSION can be used to distinguish the two revisions.\n\nBug: 303\nChange-Id: I6c9dca1ae156d26a80c366a4ba969dcb04e65349\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/40127\nReviewed-by: Nick Harper \u003cnharper@google.com\u003e\nReviewed-by: Steven Valdez \u003csvaldez@google.com\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "e347c09aedae42865cdf4cb336809116da1e2de9",
      "old_mode": 33188,
      "old_path": "include/openssl/base.h",
      "new_id": "8d73f7747ca0da09714096717ceb74bce97d6245",
      "new_mode": 33188,
      "new_path": "include/openssl/base.h"
    },
    {
      "type": "modify",
      "old_id": "1fedaf833b8df3cbd17d2479eee09b2342b9db0d",
      "old_mode": 33188,
      "old_path": "include/openssl/ssl.h",
      "new_id": "234b0884e8973fbdd70e3340d5114bf5bd13b1ee",
      "new_mode": 33188,
      "new_path": "include/openssl/ssl.h"
    },
    {
      "type": "modify",
      "old_id": "fa692c51a4826617a898c455a8745239b161cfa2",
      "old_mode": 33188,
      "old_path": "ssl/handshake_client.cc",
      "new_id": "e64e456fddeb536a5834addc69a4032181448d4d",
      "new_mode": 33188,
      "new_path": "ssl/handshake_client.cc"
    },
    {
      "type": "modify",
      "old_id": "78c56b6105ca21fe395b14eb626428c7a8145b37",
      "old_mode": 33188,
      "old_path": "ssl/internal.h",
      "new_id": "91036ae9b04f80321787b4876668817062bc0c40",
      "new_mode": 33188,
      "new_path": "ssl/internal.h"
    },
    {
      "type": "modify",
      "old_id": "9104bc1b72b02adb049e862486f0e0e60d317e59",
      "old_mode": 33188,
      "old_path": "ssl/ssl_test.cc",
      "new_id": "c838bf430d0ec627abeefb62ba547905d0c968dc",
      "new_mode": 33188,
      "new_path": "ssl/ssl_test.cc"
    },
    {
      "type": "modify",
      "old_id": "e63ccbfa01951c9a461e17a1a656d3f386520365",
      "old_mode": 33188,
      "old_path": "ssl/test/mock_quic_transport.cc",
      "new_id": "23445cba85954889fba93e9ccbb46095e984de7a",
      "new_mode": 33188,
      "new_path": "ssl/test/mock_quic_transport.cc"
    },
    {
      "type": "modify",
      "old_id": "21f7dc66c74ee70134c4de4ad2a952cdadcae2f6",
      "old_mode": 33188,
      "old_path": "ssl/test/mock_quic_transport.h",
      "new_id": "6dfed5bdd020dc3478d35407106ee98cdaf83f61",
      "new_mode": 33188,
      "new_path": "ssl/test/mock_quic_transport.h"
    },
    {
      "type": "modify",
      "old_id": "f497704bef731560a726b546a8a5e6ddf116a9cf",
      "old_mode": 33188,
      "old_path": "ssl/test/test_config.cc",
      "new_id": "3f524ffe6613630f51e39e5eb1ef9dfb14d2f75e",
      "new_mode": 33188,
      "new_path": "ssl/test/test_config.cc"
    },
    {
      "type": "modify",
      "old_id": "941818516b91f6c2df6867eede25c4e2f05553dd",
      "old_mode": 33188,
      "old_path": "ssl/tls13_client.cc",
      "new_id": "722847172163d9858a78d4d79595decefec11d46",
      "new_mode": 33188,
      "new_path": "ssl/tls13_client.cc"
    },
    {
      "type": "modify",
      "old_id": "bd12f635b04ff7e651efd6affad3201b01b6954f",
      "old_mode": 33188,
      "old_path": "ssl/tls13_enc.cc",
      "new_id": "3a2e4e5d322021ecb20ce7243489fd37cdba9f6a",
      "new_mode": 33188,
      "new_path": "ssl/tls13_enc.cc"
    },
    {
      "type": "modify",
      "old_id": "f79626089d6994b8fb23e1562c94d267fde97a1e",
      "old_mode": 33188,
      "old_path": "ssl/tls13_server.cc",
      "new_id": "6730f8310670c8c6d345426057ad44c0ea966c10",
      "new_mode": 33188,
      "new_path": "ssl/tls13_server.cc"
    }
  ]
}