1 diff --git a/net/third_party/nss/ssl/exports_win.def b/net/third_party/nss/ssl/exports_win.def 2 index e0624f1..a1045bb 100644 3 --- a/net/third_party/nss/ssl/exports_win.def 4 +++ b/net/third_party/nss/ssl/exports_win.def 5 @@ -62,3 +62,5 @@ SSL_RestartHandshakeAfterChannelIDReq 6 SSL_GetChannelBinding 7 SSL_PeerSignedCertTimestamps 8 SSL_CipherOrderSet 9 +SSL_CacheSession 10 +SSL_CacheSessionUnlocked 11 diff --git a/net/third_party/nss/ssl/ssl.h b/net/third_party/nss/ssl/ssl.h 12 index bef33fc..6f7c988 100644 13 --- a/net/third_party/nss/ssl/ssl.h 14 +++ b/net/third_party/nss/ssl/ssl.h 15 @@ -872,6 +872,18 @@ SSL_IMPORT int SSL_DataPending(PRFileDesc *fd); 16 SSL_IMPORT SECStatus SSL_InvalidateSession(PRFileDesc *fd); 17 18 /* 19 +** Cache the SSL session associated with fd, if it has not already been cached. 20 +*/ 21 +SSL_IMPORT SECStatus SSL_CacheSession(PRFileDesc *fd); 22 + 23 +/* 24 +** Cache the SSL session associated with fd, if it has not already been cached. 25 +** This function may only be called when processing within a callback assigned 26 +** via SSL_HandshakeCallback 27 +*/ 28 +SSL_IMPORT SECStatus SSL_CacheSessionUnlocked(PRFileDesc *fd); 29 + 30 +/* 31 ** Return a SECItem containing the SSL session ID associated with the fd. 32 */ 33 SSL_IMPORT SECItem *SSL_GetSessionID(PRFileDesc *fd); 34 diff --git a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3con.c 35 index 307a0fe..e2be5e6 100644 36 --- a/net/third_party/nss/ssl/ssl3con.c 37 +++ b/net/third_party/nss/ssl/ssl3con.c 38 @@ -11240,7 +11240,7 @@ ssl3_FinishHandshake(sslSocket * ss) 39 /* The first handshake is now completed. */ 40 ss->handshake = NULL; 41 42 - if (ss->ssl3.hs.cacheSID) { 43 + if (ss->ssl3.hs.cacheSID && ss->sec.isServer) { 44 (*ss->sec.cache)(ss->sec.ci.sid); 45 ss->ssl3.hs.cacheSID = PR_FALSE; 46 } 47 diff --git a/net/third_party/nss/ssl/sslsecur.c b/net/third_party/nss/ssl/sslsecur.c 48 index 31c343f..99538e5 100644 49 --- a/net/third_party/nss/ssl/sslsecur.c 50 +++ b/net/third_party/nss/ssl/sslsecur.c 51 @@ -1474,6 +1474,49 @@ SSL_InvalidateSession(PRFileDesc *fd) 52 return rv; 53 } 54 55 +static void 56 +ssl3_CacheSessionUnlocked(sslSocket *ss) 57 +{ 58 + PORT_Assert(!ss->sec.isServer); 59 + 60 + if (ss->ssl3.hs.cacheSID) { 61 + ss->sec.cache(ss->sec.ci.sid); 62 + ss->ssl3.hs.cacheSID = PR_FALSE; 63 + } 64 +} 65 + 66 +SECStatus 67 +SSL_CacheSession(PRFileDesc *fd) 68 +{ 69 + sslSocket * ss = ssl_FindSocket(fd); 70 + SECStatus rv = SECFailure; 71 + 72 + if (ss) { 73 + ssl_Get1stHandshakeLock(ss); 74 + ssl_GetSSL3HandshakeLock(ss); 75 + 76 + ssl3_CacheSessionUnlocked(ss); 77 + rv = SECSuccess; 78 + 79 + ssl_ReleaseSSL3HandshakeLock(ss); 80 + ssl_Release1stHandshakeLock(ss); 81 + } 82 + return rv; 83 +} 84 + 85 +SECStatus 86 +SSL_CacheSessionUnlocked(PRFileDesc *fd) 87 +{ 88 + sslSocket * ss = ssl_FindSocket(fd); 89 + SECStatus rv = SECFailure; 90 + 91 + if (ss) { 92 + ssl3_CacheSessionUnlocked(ss); 93 + rv = SECSuccess; 94 + } 95 + return rv; 96 +} 97 + 98 SECItem * 99 SSL_GetSessionID(PRFileDesc *fd) 100 { 101
