)]}'
{
  "commit": "5a94aff9aebcf9738c7bc464bc95fa4ac3a46ed7",
  "tree": "3de69140b0af05ea4d6badf8209b1c0ee89383e9",
  "parents": [
    "15b580f7f6cdfc9626bba4a785a9783faf637e06"
  ],
  "author": {
    "name": "David Benjamin",
    "email": "davidben@google.com",
    "time": "Mon Sep 23 16:36:25 2024 -0400"
  },
  "committer": {
    "name": "Boringssl LUCI CQ",
    "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com",
    "time": "Tue Sep 24 20:20:53 2024 +0000"
  },
  "message": "Check for 0-RTT vs final version mismatches earlier\n\nThis makes no immediate difference, but it avoids having two versions\u0027\nworth of record layers active at once if TLS 1.4 exists later. Right now\nour record vs connection state is precariously set up to support this\nbecause we won\u0027t actually shut off 0-RTT until we get to\nEncryptedExtensions.\n\nChecking this earlier means that there is only ever one version\u0027s worth\nof record layer active at once. The cost is that, if TLS 1.4 exists\nlater, we\u0027ll need to add a ssl_hs_early_data_rejected point in there.\n(But we probably will want to anyway if we ever do DTLS 1.3 0-RTT.)\n\nChange-Id: I4a626c87caa123de3579c65e0129f385e290024f\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/71533\nReviewed-by: Nick Harper \u003cnharper@chromium.org\u003e\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "8bc35e6ae12f15abbb1768fdbffb077c6ea50519",
      "old_mode": 33188,
      "old_path": "ssl/handshake_client.cc",
      "new_id": "82c4df941f8fac367e714950e3e4c549090aed7a",
      "new_mode": 33188,
      "new_path": "ssl/handshake_client.cc"
    }
  ]
}