)]}' { "commit": "bb507838057853688ffe6d4ad044aad8ce5bc654", "tree": "46c79afc44ccf3986de03afefaccfe5ca434538f", "parents": [ "04a89c843598b07ac5cc4de3eecde998b43451ce" ], "author": { "name": "Adam Langley", "email": "alangley@gmail.com", "time": "Tue Sep 17 12:56:01 2019 -0700" }, "committer": { "name": "CQ bot account: commit-bot@chromium.org", "email": "commit-bot@chromium.org", "time": "Thu Sep 19 19:56:46 2019 +0000" }, "message": "Don\u0027t allow SGC EKUs for server certificates.\n\nThe Server Gated Cryptography EKUs are a left-over from 1990\u0027s export\nregulations. For historical reaons, the SGC EKUs are accepted as a valid\nsubstitute for a server authentication EKU, but they shouldn\u0027t be. This\nchange makes it so that we ignore them.\n\nChange-Id: Ie184c52f588ae391a95d61c474ee6324bdd8f4f2\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/37545\nCommit-Queue: Adam Langley \u003cagl@google.com\u003e\nReviewed-by: David Benjamin \u003cdavidben@google.com\u003e\n", "tree_diff": [ { "type": "modify", "old_id": "1f664b9b4e826abf6b0208cc7827f47e841de819", "old_mode": 33188, "old_path": "crypto/x509/x509_test.cc", "new_id": "521d7573fb2a6b15ddf85290ba0716d3c9afbea8", "new_mode": 33188, "new_path": "crypto/x509/x509_test.cc" }, { "type": "modify", "old_id": "5e1f6415b9e076ebb1631693c626f646e93a8d4f", "old_mode": 33188, "old_path": "crypto/x509v3/v3_purp.c", "new_id": "25768c09471c838e115f9225f4e51c2f25696586", "new_mode": 33188, "new_path": "crypto/x509v3/v3_purp.c" } ] }