Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(199)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 6370008: Enable session resumption in SSLServerSocketNSS and unit tests (Closed)

Created:
9 years, 11 months ago by Alpha Left Google
Modified:
9 years, 6 months ago
Reviewers:
wtc
CC:
chromium-reviews, cbentzel+watch_chromium.org, Sergey Ulanov, dmac, darin-cc_chromium.org, awong, garykac, Paweł Hajdan Jr.
Visibility:
Public.

Description

Enable session resumption in SSLServerSocketNSS and unit tests SSL_ConfigServerSessionIDCache() is being used in SSLServerSocketNSS and enabling session resumption since passes are now passing. BUG=67236 TEST=net_unittests, remoting_unittests Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=72186

Patch Set 1 #

Total comments: 1
Unified diffs Side-by-side diffs Delta from patch set Stats (+2 lines, -23 lines) Patch
M net/base/ssl_config_service.h View 1 chunk +0 lines, -5 lines 0 comments Download
M net/base/ssl_config_service.cc View 1 chunk +2 lines, -3 lines 0 comments Download
M net/socket/ssl_client_socket_nss.cc View 1 chunk +0 lines, -7 lines 0 comments Download
M net/socket/ssl_server_socket_nss.cc View 1 chunk +0 lines, -6 lines 1 comment Download
M net/socket/ssl_server_socket_unittest.cc View 1 chunk +0 lines, -1 line 0 comments Download
M remoting/protocol/jingle_session.cc View 1 chunk +0 lines, -1 line 0 comments Download

Messages

Total messages: 4 (0 generated)
Alpha Left Google
I haven't tested SSLServerSocketTest after I added the usage of SSL_ConfigServerSessionIDCache() and now the tests ...
9 years, 11 months ago (2011-01-20 06:14:32 UTC) #1
Alpha Left Google
ping.
9 years, 11 months ago (2011-01-21 18:57:49 UTC) #2
wtc
LGTM. I will write to you later about a problem with the way you call ...
9 years, 11 months ago (2011-01-21 20:05:35 UTC) #3
wtc
9 years, 11 months ago (2011-01-21 21:32:38 UTC) #4 
http://codereview.chromium.org/6370008/diff/1/net/socket/ssl_server_socket_ns...
File net/socket/ssl_server_socket_nss.cc (right):

http://codereview.chromium.org/6370008/diff/1/net/socket/ssl_server_socket_ns...
net/socket/ssl_server_socket_nss.cc:295: rv =
SSL_ConfigServerSessionIDCache(1024, 5, 5, NULL);
SSL_ConfigServerSessionIDCache should be called only once by
an application.  (It does allow a repeat call though.)

Please add an EnsureNSSSSLServerInit() function, similar to
the EnsureNSSSSLInit() function, to call
SSL_ConfigServerSessionIDCache.

The ssl2_timeout and ssl3_timeout arguments are in seconds.
5 seconds is too short.  I suggest that you pass 0 so that
the default timeout is used (100 seconds for SSL2, 24 hours
for SSL3).

The default max cache entries is 10000, which is too big for
a client application that acts as an SSL server (for peer to
peer).  So passing a smaller value (1024 or even 128) is a
good idea.

Powered by Google App Engine
This is Rietveld 408576698