Use separate SSL session caches per profile

net/socket/ssl_client_socket_nss.cc

Index: net/socket/ssl_client_socket_nss.cc
diff --git a/net/socket/ssl_client_socket_nss.cc b/net/socket/ssl_client_socket_nss.cc
index 49e065f39d6bb8e5800c454698f1149aa0e7eb2b..1d1359eb89fd3e4cd5b60b8dd19a2d91cedbe5a1 100644
--- a/net/socket/ssl_client_socket_nss.cc
+++ b/net/socket/ssl_client_socket_nss.cc
@@ -698,7 +698,13 @@ int SSLClientSocketNSS::InitializeSSLPeerName() {
   // Set the peer ID for session reuse.  This is necessary when we create an
   // SSL tunnel through a proxy -- GetPeerName returns the proxy's address
   // rather than the destination server's address in that case.
-  std::string peer_id = host_and_port_.ToString();
+  //
+  // We incorporate the session cache id to, e.g., have a separate
+  // session cache in incognito mode.
+  const std::string& host_and_port_string = host_and_port_.ToString();
+  std::string peer_id = base::StringPrintf("%d:%s",
+                                           ssl_config_.session_cache_id,
+                                           host_and_port_string.c_str());
   SECStatus rv = SSL_SetSockPeerID(nss_fd_, const_cast<char*>(peer_id.c_str()));
   if (rv != SECSuccess)
     LogFailedNSSFunction(net_log_, "SSL_SetSockPeerID", peer_id.c_str());