)]}'
{
  "commit": "c59bf8bf189dcbde868e04efcd53b705ed155231",
  "tree": "c541ea30ca1040da20ceab4f4e3ff70a028cc1fe",
  "parents": [
    "4ad93a8c50451ee4c7cc31ecc49aeb19200a4e78"
  ],
  "author": {
    "name": "David Benjamin",
    "email": "davidben@google.com",
    "time": "Tue Nov 12 12:02:09 2024 -0500"
  },
  "committer": {
    "name": "Boringssl LUCI CQ",
    "email": "boringssl-scoped@luci-project-accounts.iam.gserviceaccount.com",
    "time": "Wed Nov 13 05:22:33 2024 +0000"
  },
  "message": "Support skipping tickets in both ticket callbacks\n\nTLS 1.2 and TLS 1.3 both support some mechanism for the server to change\nits mind at the last minute and not send a ticket. In TLS 1.2, you leave\nthe ticket field empty. In TLS 1.3, you just don\u0027t send NewSessionTicket\nin the first place.\n\nWe have two ticket encryption callbacks, the old \"ticket key callback\"\nand the \"ticket AEAD callback\".\n\nThe ticket key callback has no way to trigger this behavior, but it has\nan unused zero return that could be repurposed for this, in principle.\nBack in 2016, OpenSSL did so in\nhttps://github.com/openssl/openssl/pull/1098\n\nThe ticket AEAD callback could, in principle, support this by\nsuccessfully returning the empty string. This goes against the current\ndocumented API contract, but it accidentally worked in TLS 1.2. In TLS\n1.3, it caused our servers to send a syntax error.\n\nThe QUIC folks want this behavior and used to accidentally trigger the\nsyntax error, and have switched to returning some garbage placeholder\nstring. Between that, the new OpenSSL behavior, and it accidentally\nworking in TLS 1.2 anyway, let\u0027s just go ahead and support this.\n\nTo aid in version skew messes, this also bumps BORINGSSL_API_VERSION.\n\nChange-Id: Id4fef7b9aa552dc8e927f89a5d746bdd2247e1c6\nReviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/73028\nCommit-Queue: David Benjamin \u003cdavidben@google.com\u003e\nReviewed-by: Adam Langley \u003cagl@google.com\u003e\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "29b598e15476f1da1e775b0e74b178df04002153",
      "old_mode": 33188,
      "old_path": "include/openssl/base.h",
      "new_id": "e95efbaac5eb0df22902094f97da01628b669e22",
      "new_mode": 33188,
      "new_path": "include/openssl/base.h"
    },
    {
      "type": "modify",
      "old_id": "b198e0c7c31872f535cad9922bdf7a0c98db96fb",
      "old_mode": 33188,
      "old_path": "include/openssl/ssl.h",
      "new_id": "b0abe116d72f543535a91e1c0fc3cc27cbb06ca2",
      "new_mode": 33188,
      "new_path": "include/openssl/ssl.h"
    },
    {
      "type": "modify",
      "old_id": "1b292a72834678e3e3ac4a142cae6dfb9148bdf4",
      "old_mode": 33188,
      "old_path": "ssl/handshake_server.cc",
      "new_id": "40329c65e24cd72c230b1d38f1c7962344d593ad",
      "new_mode": 33188,
      "new_path": "ssl/handshake_server.cc"
    },
    {
      "type": "modify",
      "old_id": "3e68a8bf1da33d4608ac184a394d39ad9ccb7b6f",
      "old_mode": 33188,
      "old_path": "ssl/internal.h",
      "new_id": "213704d490610e00d191688c45c80d3833e8a64b",
      "new_mode": 33188,
      "new_path": "ssl/internal.h"
    },
    {
      "type": "modify",
      "old_id": "9ceefbb0ad20e6b3e961b006eecdfe803ea8eb06",
      "old_mode": 33188,
      "old_path": "ssl/ssl_session.cc",
      "new_id": "16fd4539f5e449cda88f6d9205e2da125af87ab7",
      "new_mode": 33188,
      "new_path": "ssl/ssl_session.cc"
    },
    {
      "type": "modify",
      "old_id": "2a3b648b11fd9167d7c624967421d48ae029b637",
      "old_mode": 33188,
      "old_path": "ssl/test/runner/common.go",
      "new_id": "462172af9a5f5c4d36fcc6edebc00ca6cc8781ed",
      "new_mode": 33188,
      "new_path": "ssl/test/runner/common.go"
    },
    {
      "type": "modify",
      "old_id": "7f6ea6496990b07a5a027f53c26014cffe55f967",
      "old_mode": 33188,
      "old_path": "ssl/test/runner/conn.go",
      "new_id": "c025548ba7e48b512287407197bbc9ed0b2fb25f",
      "new_mode": 33188,
      "new_path": "ssl/test/runner/conn.go"
    },
    {
      "type": "modify",
      "old_id": "70f8c287d7863f4039fe5955e58c9361fbf5f1c3",
      "old_mode": 33188,
      "old_path": "ssl/test/runner/handshake_client.go",
      "new_id": "35ba616c784ddf566b8caf8af0b5447c1256086c",
      "new_mode": 33188,
      "new_path": "ssl/test/runner/handshake_client.go"
    },
    {
      "type": "modify",
      "old_id": "532fa5f816b4a84d392735a5b96aa32303fb73b6",
      "old_mode": 33188,
      "old_path": "ssl/test/runner/runner.go",
      "new_id": "fad3ac805b9e43de1e860778632bbf0c7c7482a5",
      "new_mode": 33188,
      "new_path": "ssl/test/runner/runner.go"
    },
    {
      "type": "modify",
      "old_id": "cf47abc059594bdadb9e5866899e24ed4b7b7f4b",
      "old_mode": 33188,
      "old_path": "ssl/test/test_config.cc",
      "new_id": "0485f9854aa8770f12e143c7a850b7ac2712f869",
      "new_mode": 33188,
      "new_path": "ssl/test/test_config.cc"
    },
    {
      "type": "modify",
      "old_id": "36f970149bf23f8417644af16fcc0d25b6c25f9a",
      "old_mode": 33188,
      "old_path": "ssl/test/test_config.h",
      "new_id": "093d2410a65e8e51a842e4d2e5488a6aee8805bd",
      "new_mode": 33188,
      "new_path": "ssl/test/test_config.h"
    },
    {
      "type": "modify",
      "old_id": "7fda54bdb9050f4aad0d3a83549d3ee9a3f9f49b",
      "old_mode": 33188,
      "old_path": "ssl/tls13_server.cc",
      "new_id": "709dfd3db492c81849d040888e7aebb5204c57f6",
      "new_mode": 33188,
      "new_path": "ssl/tls13_server.cc"
    }
  ]
}