OLD | NEW |
1 diff --git a/ssl/ssl.h b/ssl/ssl.h | 1 diff --git a/lib/ssl/ssl.h b/lib/ssl/ssl.h |
2 index be6d88e..57771cd 100644 | 2 index 437a822..bc417a5 100644 |
3 --- a/ssl/ssl.h | 3 --- a/lib/ssl/ssl.h |
4 +++ b/ssl/ssl.h | 4 +++ b/lib/ssl/ssl.h |
5 @@ -900,6 +900,18 @@ SSL_IMPORT int SSL_DataPending(PRFileDesc *fd); | 5 @@ -992,6 +992,18 @@ SSL_IMPORT int SSL_DataPending(PRFileDesc *fd); |
6 SSL_IMPORT SECStatus SSL_InvalidateSession(PRFileDesc *fd); | 6 SSL_IMPORT SECStatus SSL_InvalidateSession(PRFileDesc *fd); |
7 | 7 |
8 /* | 8 /* |
9 +** Cache the SSL session associated with fd, if it has not already been cached. | 9 +** Cache the SSL session associated with fd, if it has not already been cached. |
10 +*/ | 10 +*/ |
11 +SSL_IMPORT SECStatus SSL_CacheSession(PRFileDesc *fd); | 11 +SSL_IMPORT SECStatus SSL_CacheSession(PRFileDesc *fd); |
12 + | 12 + |
13 +/* | 13 +/* |
14 +** Cache the SSL session associated with fd, if it has not already been cached. | 14 +** Cache the SSL session associated with fd, if it has not already been cached. |
15 +** This function may only be called when processing within a callback assigned | 15 +** This function may only be called when processing within a callback assigned |
16 +** via SSL_HandshakeCallback | 16 +** via SSL_HandshakeCallback |
17 +*/ | 17 +*/ |
18 +SSL_IMPORT SECStatus SSL_CacheSessionUnlocked(PRFileDesc *fd); | 18 +SSL_IMPORT SECStatus SSL_CacheSessionUnlocked(PRFileDesc *fd); |
19 + | 19 + |
20 +/* | 20 +/* |
21 ** Return a SECItem containing the SSL session ID associated with the fd. | 21 ** Return a SECItem containing the SSL session ID associated with the fd. |
22 */ | 22 */ |
23 SSL_IMPORT SECItem *SSL_GetSessionID(PRFileDesc *fd); | 23 SSL_IMPORT SECItem *SSL_GetSessionID(PRFileDesc *fd); |
24 diff --git a/ssl/ssl3con.c b/ssl/ssl3con.c | 24 diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c |
25 index 26b87c6..0ac85da 100644 | 25 index 572bba9..afab931 100644 |
26 --- a/ssl/ssl3con.c | 26 --- a/lib/ssl/ssl3con.c |
27 +++ b/ssl/ssl3con.c | 27 +++ b/lib/ssl/ssl3con.c |
28 @@ -11375,7 +11375,7 @@ ssl3_FinishHandshake(sslSocket * ss) | 28 @@ -12058,7 +12058,7 @@ ssl3_FinishHandshake(sslSocket * ss) |
29 ss->ssl3.hs.receivedNewSessionTicket = PR_FALSE; | 29 ss->ssl3.hs.receivedNewSessionTicket = PR_FALSE; |
30 } | 30 } |
31 | 31 |
32 - if (ss->ssl3.hs.cacheSID) { | 32 - if (ss->ssl3.hs.cacheSID) { |
33 + if (ss->ssl3.hs.cacheSID && ss->sec.isServer) { | 33 + if (ss->ssl3.hs.cacheSID && ss->sec.isServer) { |
34 PORT_Assert(ss->sec.ci.sid->cached == never_cached); | 34 PORT_Assert(ss->sec.ci.sid->cached == never_cached); |
35 (*ss->sec.cache)(ss->sec.ci.sid); | 35 (*ss->sec.cache)(ss->sec.ci.sid); |
36 ss->ssl3.hs.cacheSID = PR_FALSE; | 36 ss->ssl3.hs.cacheSID = PR_FALSE; |
37 diff --git a/ssl/sslsecur.c b/ssl/sslsecur.c | 37 diff --git a/lib/ssl/sslsecur.c b/lib/ssl/sslsecur.c |
38 index 5c6751a..00ab455 100644 | 38 index cca55bb..b4b8e95 100644 |
39 --- a/ssl/sslsecur.c | 39 --- a/lib/ssl/sslsecur.c |
40 +++ b/ssl/sslsecur.c | 40 +++ b/lib/ssl/sslsecur.c |
41 @@ -1467,6 +1467,49 @@ SSL_InvalidateSession(PRFileDesc *fd) | 41 @@ -1483,6 +1483,49 @@ SSL_InvalidateSession(PRFileDesc *fd) |
42 return rv; | 42 return rv; |
43 } | 43 } |
44 | 44 |
45 +static void | 45 +static void |
46 +ssl3_CacheSessionUnlocked(sslSocket *ss) | 46 +ssl3_CacheSessionUnlocked(sslSocket *ss) |
47 +{ | 47 +{ |
48 + PORT_Assert(!ss->sec.isServer); | 48 + PORT_Assert(!ss->sec.isServer); |
49 + | 49 + |
50 + if (ss->ssl3.hs.cacheSID) { | 50 + if (ss->ssl3.hs.cacheSID) { |
51 + ss->sec.cache(ss->sec.ci.sid); | 51 + ss->sec.cache(ss->sec.ci.sid); |
(...skipping 29 matching lines...) Expand all Loading... |
81 + if (ss) { | 81 + if (ss) { |
82 + ssl3_CacheSessionUnlocked(ss); | 82 + ssl3_CacheSessionUnlocked(ss); |
83 + rv = SECSuccess; | 83 + rv = SECSuccess; |
84 + } | 84 + } |
85 + return rv; | 85 + return rv; |
86 +} | 86 +} |
87 + | 87 + |
88 SECItem * | 88 SECItem * |
89 SSL_GetSessionID(PRFileDesc *fd) | 89 SSL_GetSessionID(PRFileDesc *fd) |
90 { | 90 { |
OLD | NEW |