1 diff -pu a/nss/lib/ssl/ssl3con.c b/nss/lib/ssl/ssl3con.c 2 --- a/nss/lib/ssl/ssl3con.c 2014-01-17 19:00:52.843413560 -0800 3 +++ b/nss/lib/ssl/ssl3con.c 2014-01-17 19:01:36.374129696 -0800 4 @@ -11318,7 +11318,7 @@ ssl3_FinishHandshake(sslSocket * ss) 5 ss->ssl3.hs.receivedNewSessionTicket = PR_FALSE; 6 } 7 8 - if (ss->ssl3.hs.cacheSID) { 9 + if (ss->ssl3.hs.cacheSID && ss->sec.isServer) { 10 PORT_Assert(ss->sec.ci.sid->cached == never_cached); 11 (*ss->sec.cache)(ss->sec.ci.sid); 12 ss->ssl3.hs.cacheSID = PR_FALSE; 13 diff -pu a/nss/lib/ssl/ssl.h b/nss/lib/ssl/ssl.h 14 --- a/nss/lib/ssl/ssl.h 2014-01-17 19:00:52.843413560 -0800 15 +++ b/nss/lib/ssl/ssl.h 2014-01-17 19:01:36.374129696 -0800 16 @@ -892,6 +892,18 @@ SSL_IMPORT int SSL_DataPending(PRFileDes 17 SSL_IMPORT SECStatus SSL_InvalidateSession(PRFileDesc *fd); 18 19 /* 20 +** Cache the SSL session associated with fd, if it has not already been cached. 21 +*/ 22 +SSL_IMPORT SECStatus SSL_CacheSession(PRFileDesc *fd); 23 + 24 +/* 25 +** Cache the SSL session associated with fd, if it has not already been cached. 26 +** This function may only be called when processing within a callback assigned 27 +** via SSL_HandshakeCallback 28 +*/ 29 +SSL_IMPORT SECStatus SSL_CacheSessionUnlocked(PRFileDesc *fd); 30 + 31 +/* 32 ** Return a SECItem containing the SSL session ID associated with the fd. 33 */ 34 SSL_IMPORT SECItem *SSL_GetSessionID(PRFileDesc *fd); 35 diff -pu a/nss/lib/ssl/sslsecur.c b/nss/lib/ssl/sslsecur.c 36 --- a/nss/lib/ssl/sslsecur.c 2014-01-17 17:59:03.242109996 -0800 37 +++ b/nss/lib/ssl/sslsecur.c 2014-01-17 19:01:36.374129696 -0800 38 @@ -1469,6 +1469,49 @@ SSL_InvalidateSession(PRFileDesc *fd) 39 return rv; 40 } 41 42 +static void 43 +ssl3_CacheSessionUnlocked(sslSocket *ss) 44 +{ 45 + PORT_Assert(!ss->sec.isServer); 46 + 47 + if (ss->ssl3.hs.cacheSID) { 48 + ss->sec.cache(ss->sec.ci.sid); 49 + ss->ssl3.hs.cacheSID = PR_FALSE; 50 + } 51 +} 52 + 53 +SECStatus 54 +SSL_CacheSession(PRFileDesc *fd) 55 +{ 56 + sslSocket * ss = ssl_FindSocket(fd); 57 + SECStatus rv = SECFailure; 58 + 59 + if (ss) { 60 + ssl_Get1stHandshakeLock(ss); 61 + ssl_GetSSL3HandshakeLock(ss); 62 + 63 + ssl3_CacheSessionUnlocked(ss); 64 + rv = SECSuccess; 65 + 66 + ssl_ReleaseSSL3HandshakeLock(ss); 67 + ssl_Release1stHandshakeLock(ss); 68 + } 69 + return rv; 70 +} 71 + 72 +SECStatus 73 +SSL_CacheSessionUnlocked(PRFileDesc *fd) 74 +{ 75 + sslSocket * ss = ssl_FindSocket(fd); 76 + SECStatus rv = SECFailure; 77 + 78 + if (ss) { 79 + ssl3_CacheSessionUnlocked(ss); 80 + rv = SECSuccess; 81 + } 82 + return rv; 83 +} 84 + 85 SECItem * 86 SSL_GetSessionID(PRFileDesc *fd) 87 { 88
