net/third_party/nss/patches/sessioncache.patch

   1 diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c
   2 --- a/nss/lib/ssl/ssl3con.c     2014-01-03 19:45:10.857611184 -0800
   3 +++ b/nss/lib/ssl/ssl3con.c     2014-01-03 19:45:18.457735467 -0800
   4 @@ -11318,7 +11318,7 @@ ssl3_FinishHandshake(sslSocket * ss)
   5          ss->ssl3.hs.receivedNewSessionTicket = PR_FALSE;
   6      }
   7
   8 -    if (ss->ssl3.hs.cacheSID) {
   9 +    if (ss->ssl3.hs.cacheSID && ss->sec.isServer) {
  10         PORT_Assert(ss->sec.ci.sid->cached == never_cached);
  11         (*ss->sec.cache)(ss->sec.ci.sid);
  12         ss->ssl3.hs.cacheSID = PR_FALSE;
  13 diff -pu a/nss/lib/ssl/ssl.h b/nss/lib/ssl/ssl.h
  14 --- a/nss/lib/ssl/ssl.h 2014-01-03 19:45:10.857611184 -0800
  15 +++ b/nss/lib/ssl/ssl.h 2014-01-03 19:45:18.457735467 -0800
  16 @@ -872,6 +872,18 @@ SSL_IMPORT int SSL_DataPending(PRFileDes
  17  SSL_IMPORT SECStatus SSL_InvalidateSession(PRFileDesc *fd);
  18
  19  /*
  20 +** Cache the SSL session associated with fd, if it has not already been cached.
  21 +*/
  22 +SSL_IMPORT SECStatus SSL_CacheSession(PRFileDesc *fd);
  23 +
  24 +/*
  25 +** Cache the SSL session associated with fd, if it has not already been cached.
  26 +** This function may only be called when processing within a callback assigned
  27 +** via SSL_HandshakeCallback
  28 +*/
  29 +SSL_IMPORT SECStatus SSL_CacheSessionUnlocked(PRFileDesc *fd);
  30 +
  31 +/*
  32  ** Return a SECItem containing the SSL session ID associated with the fd.
  33  */
  34  SSL_IMPORT SECItem *SSL_GetSessionID(PRFileDesc *fd);
  35 diff -pu a/nss/lib/ssl/sslsecur.c b/nss/lib/ssl/sslsecur.c
  36 --- a/nss/lib/ssl/sslsecur.c    2014-01-03 19:39:28.452012178 -0800
  37 +++ b/nss/lib/ssl/sslsecur.c    2014-01-03 19:45:18.467735631 -0800
  38 @@ -1469,6 +1469,49 @@ SSL_InvalidateSession(PRFileDesc *fd)
  39      return rv;
  40  }
  41
  42 +static void
  43 +ssl3_CacheSessionUnlocked(sslSocket *ss)
  44 +{
  45 +    PORT_Assert(!ss->sec.isServer);
  46 +
  47 +    if (ss->ssl3.hs.cacheSID) {
  48 +       ss->sec.cache(ss->sec.ci.sid);
  49 +       ss->ssl3.hs.cacheSID = PR_FALSE;
  50 +    }
  51 +}
  52 +
  53 +SECStatus
  54 +SSL_CacheSession(PRFileDesc *fd)
  55 +{
  56 +    sslSocket *   ss = ssl_FindSocket(fd);
  57 +    SECStatus     rv = SECFailure;
  58 +
  59 +    if (ss) {
  60 +       ssl_Get1stHandshakeLock(ss);
  61 +       ssl_GetSSL3HandshakeLock(ss);
  62 +
  63 +       ssl3_CacheSessionUnlocked(ss);
  64 +       rv = SECSuccess;
  65 +
  66 +       ssl_ReleaseSSL3HandshakeLock(ss);
  67 +       ssl_Release1stHandshakeLock(ss);
  68 +    }
  69 +    return rv;
  70 +}
  71 +
  72 +SECStatus
  73 +SSL_CacheSessionUnlocked(PRFileDesc *fd)
  74 +{
  75 +    sslSocket *   ss = ssl_FindSocket(fd);
  76 +    SECStatus     rv = SECFailure;
  77 +
  78 +    if (ss) {
  79 +       ssl3_CacheSessionUnlocked(ss);
  80 +       rv = SECSuccess;
  81 +    }
  82 +    return rv;
  83 +}
  84 +
  85  SECItem *
  86  SSL_GetSessionID(PRFileDesc *fd)
  87  {