)]}'
{
  "commit": "44a141fa1057c330cd533eb6523769e7e1ca1255",
  "tree": "96ee70346873bb85b7357457f527057c4b52693d",
  "parents": [
    "5112b45ce2eae2ed253adeacb8887d42f429e27b"
  ],
  "author": {
    "name": "Adam Langley",
    "email": "alangley@gmail.com",
    "time": "Mon Feb 14 09:40:45 2022 -0800"
  },
  "committer": {
    "name": "Boringssl LUCI CQ",
    "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com",
    "time": "Mon Feb 14 18:40:35 2022 +0000"
  },
  "message": "acvp: don\u0027t send the Authorization header when renewing tokens\n\nACVP authorisation tokens expire and, once expired, need to be renewed\nby sending a new TOTP code. We almost never hit this but some FIPS\nmodules are slow enough that they can\u0027t compute the response within the\ntoken lifetime.\n\nBut the ACVP code was putting an Authorization header on the renewal\nmessage because it put that header on every message. But doing so breaks\nthe renewal because the server rejects the request because the token has\nexpired before noticing that it\u0027s a renewal request.\n\nAlso, put a 10 second buffer on deciding if a token has expired to\naccount for the transmission delay.\n\nChange-Id: I50643a223cdb313d07dd7b2c559ad160cbe608ff\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/51385\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\nCommit-Queue: Adam Langley \u003cagl@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "04f0932aa98a222d0f86c23529a218512c56f666",
      "old_mode": 33188,
      "old_path": "util/fipstools/acvp/acvptool/acvp/acvp.go",
      "new_id": "9419508e479ce3fcb8bd33b6adf57b63ae20fc83",
      "new_mode": 33188,
      "new_path": "util/fipstools/acvp/acvptool/acvp/acvp.go"
    }
  ]
}
