net/third_party/nss/patches/sessioncache.patch

   1 diff --git a/ssl/ssl.h b/ssl/ssl.h
   2 index be6d88e..57771cd 100644
   3 --- a/ssl/ssl.h
   4 +++ b/ssl/ssl.h
   5 @@ -900,6 +900,18 @@ SSL_IMPORT int SSL_DataPending(PRFileDesc *fd);
   6  SSL_IMPORT SECStatus SSL_InvalidateSession(PRFileDesc *fd);
   7
   8  /*
   9 +** Cache the SSL session associated with fd, if it has not already been cached.
  10 +*/
  11 +SSL_IMPORT SECStatus SSL_CacheSession(PRFileDesc *fd);
  12 +
  13 +/*
  14 +** Cache the SSL session associated with fd, if it has not already been cached.
  15 +** This function may only be called when processing within a callback assigned
  16 +** via SSL_HandshakeCallback
  17 +*/
  18 +SSL_IMPORT SECStatus SSL_CacheSessionUnlocked(PRFileDesc *fd);
  19 +
  20 +/*
  21  ** Return a SECItem containing the SSL session ID associated with the fd.
  22  */
  23  SSL_IMPORT SECItem *SSL_GetSessionID(PRFileDesc *fd);
  24 diff --git a/ssl/ssl3con.c b/ssl/ssl3con.c
  25 index 26b87c6..0ac85da 100644
  26 --- a/ssl/ssl3con.c
  27 +++ b/ssl/ssl3con.c
  28 @@ -11375,7 +11375,7 @@ ssl3_FinishHandshake(sslSocket * ss)
  29          ss->ssl3.hs.receivedNewSessionTicket = PR_FALSE;
  30      }
  31
  32 -    if (ss->ssl3.hs.cacheSID) {
  33 +    if (ss->ssl3.hs.cacheSID && ss->sec.isServer) {
  34         PORT_Assert(ss->sec.ci.sid->cached == never_cached);
  35         (*ss->sec.cache)(ss->sec.ci.sid);
  36         ss->ssl3.hs.cacheSID = PR_FALSE;
  37 diff --git a/ssl/sslsecur.c b/ssl/sslsecur.c
  38 index 5c6751a..00ab455 100644
  39 --- a/ssl/sslsecur.c
  40 +++ b/ssl/sslsecur.c
  41 @@ -1467,6 +1467,49 @@ SSL_InvalidateSession(PRFileDesc *fd)
  42      return rv;
  43  }
  44
  45 +static void
  46 +ssl3_CacheSessionUnlocked(sslSocket *ss)
  47 +{
  48 +    PORT_Assert(!ss->sec.isServer);
  49 +
  50 +    if (ss->ssl3.hs.cacheSID) {
  51 +       ss->sec.cache(ss->sec.ci.sid);
  52 +       ss->ssl3.hs.cacheSID = PR_FALSE;
  53 +    }
  54 +}
  55 +
  56 +SECStatus
  57 +SSL_CacheSession(PRFileDesc *fd)
  58 +{
  59 +    sslSocket *   ss = ssl_FindSocket(fd);
  60 +    SECStatus     rv = SECFailure;
  61 +
  62 +    if (ss) {
  63 +       ssl_Get1stHandshakeLock(ss);
  64 +       ssl_GetSSL3HandshakeLock(ss);
  65 +
  66 +       ssl3_CacheSessionUnlocked(ss);
  67 +       rv = SECSuccess;
  68 +
  69 +       ssl_ReleaseSSL3HandshakeLock(ss);
  70 +       ssl_Release1stHandshakeLock(ss);
  71 +    }
  72 +    return rv;
  73 +}
  74 +
  75 +SECStatus
  76 +SSL_CacheSessionUnlocked(PRFileDesc *fd)
  77 +{
  78 +    sslSocket *   ss = ssl_FindSocket(fd);
  79 +    SECStatus     rv = SECFailure;
  80 +
  81 +    if (ss) {
  82 +       ssl3_CacheSessionUnlocked(ss);
  83 +       rv = SECSuccess;
  84 +    }
  85 +    return rv;
  86 +}
  87 +
  88  SECItem *
  89  SSL_GetSessionID(PRFileDesc *fd)
  90  {