)]}'
{
  "commit": "7341310c1eb39f4dd51bf1b03d621089da0808ea",
  "tree": "326c6aef1d5e65a8a1758ab41bcd5a05b71ecb77",
  "parents": [
    "6957eb60415317d30804e47ae6774275f619068d"
  ],
  "author": {
    "name": "Maxim Dounin",
    "email": "mdounin@mdounin.ru",
    "time": "Mon Jun 29 17:15:51 2020 +0300"
  },
  "committer": {
    "name": "Maxim Dounin",
    "email": "mdounin@mdounin.ru",
    "time": "Mon Jun 29 17:15:51 2020 +0300"
  },
  "message": "SSL: fixed unexpected certificate requests (ticket #2008).\n\nUsing SSL_CTX_set_verify(SSL_VERIFY_PEER) implies that OpenSSL will\nsend a certificate request during an SSL handshake, leading to unexpected\ncertificate requests from browsers as long as there are any client\ncertificates installed.  Given that ngx_ssl_trusted_certificate()\nis called unconditionally by the ngx_http_ssl_module, this affected\nall HTTPS servers.  Broken by 699f6e55bbb4 (not released yet).\n\nFix is to set verify callback in the ngx_ssl_trusted_certificate() function\nwithout changing the verify mode.\n",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "c1d5d6a43b35dc8f9856380b1c2d20b3a05a4fce",
      "old_mode": 33188,
      "old_path": "src/event/ngx_event_openssl.c",
      "new_id": "f589b9812ff5490b1bc15bb27d53b69e22e88cdf",
      "new_mode": 33188,
      "new_path": "src/event/ngx_event_openssl.c"
    }
  ]
}