| OLD | NEW |
|---|
| 1 diff --git a/lib/ssl/ssl.h b/lib/ssl/ssl.h | 1 diff --git a/lib/ssl/ssl.h b/lib/ssl/ssl.h |
| 2 index 437a822..bc417a5 100644 | 2 index 70665a1..de5078b 100644 |
| 3 --- a/lib/ssl/ssl.h | 3 --- a/lib/ssl/ssl.h |
| 4 +++ b/lib/ssl/ssl.h | 4 +++ b/lib/ssl/ssl.h |
| 5 @@ -992,6 +992,18 @@ SSL_IMPORT int SSL_DataPending(PRFileDesc *fd); | 5 @@ -973,6 +973,18 @@ SSL_IMPORT int SSL_DataPending(PRFileDesc *fd); |
| 6 SSL_IMPORT SECStatus SSL_InvalidateSession(PRFileDesc *fd); | 6 SSL_IMPORT SECStatus SSL_InvalidateSession(PRFileDesc *fd); |
| 7 | 7 |
| 8 /* | 8 /* |
| 9 +** Cache the SSL session associated with fd, if it has not already been cached. | 9 +** Cache the SSL session associated with fd, if it has not already been cached. |
| 10 +*/ | 10 +*/ |
| 11 +SSL_IMPORT SECStatus SSL_CacheSession(PRFileDesc *fd); | 11 +SSL_IMPORT SECStatus SSL_CacheSession(PRFileDesc *fd); |
| 12 + | 12 + |
| 13 +/* | 13 +/* |
| 14 +** Cache the SSL session associated with fd, if it has not already been cached. | 14 +** Cache the SSL session associated with fd, if it has not already been cached. |
| 15 +** This function may only be called when processing within a callback assigned | 15 +** This function may only be called when processing within a callback assigned |
| 16 +** via SSL_HandshakeCallback | 16 +** via SSL_HandshakeCallback |
| 17 +*/ | 17 +*/ |
| 18 +SSL_IMPORT SECStatus SSL_CacheSessionUnlocked(PRFileDesc *fd); | 18 +SSL_IMPORT SECStatus SSL_CacheSessionUnlocked(PRFileDesc *fd); |
| 19 + | 19 + |
| 20 +/* | 20 +/* |
| 21 ** Return a SECItem containing the SSL session ID associated with the fd. | 21 ** Return a SECItem containing the SSL session ID associated with the fd. |
| 22 */ | 22 */ |
| 23 SSL_IMPORT SECItem *SSL_GetSessionID(PRFileDesc *fd); | 23 SSL_IMPORT SECItem *SSL_GetSessionID(PRFileDesc *fd); |
| 24 diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c | 24 diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c |
| 25 index 572bba9..afab931 100644 | 25 index b100b9b..7649abe 100644 |
| 26 --- a/lib/ssl/ssl3con.c | 26 --- a/lib/ssl/ssl3con.c |
| 27 +++ b/lib/ssl/ssl3con.c | 27 +++ b/lib/ssl/ssl3con.c |
| 28 @@ -12058,7 +12058,7 @@ ssl3_FinishHandshake(sslSocket * ss) | 28 @@ -12397,7 +12397,7 @@ ssl3_FinishHandshake(sslSocket *ss) |
| 29 ss->ssl3.hs.receivedNewSessionTicket = PR_FALSE; | 29 ss->ssl3.hs.receivedNewSessionTicket = PR_FALSE; |
| 30 } | 30 } |
| 31 | 31 |
| 32 - if (ss->ssl3.hs.cacheSID) { | 32 - if (ss->ssl3.hs.cacheSID) { |
| 33 + if (ss->ssl3.hs.cacheSID && ss->sec.isServer) { | 33 + if (ss->ssl3.hs.cacheSID && ss->sec.isServer) { |
| 34 » PORT_Assert(ss->sec.ci.sid->cached == never_cached); | 34 PORT_Assert(ss->sec.ci.sid->cached == never_cached); |
| 35 » (*ss->sec.cache)(ss->sec.ci.sid); | 35 (*ss->sec.cache)(ss->sec.ci.sid); |
| 36 » ss->ssl3.hs.cacheSID = PR_FALSE; | 36 ss->ssl3.hs.cacheSID = PR_FALSE; |
| 37 diff --git a/lib/ssl/sslsecur.c b/lib/ssl/sslsecur.c | 37 diff --git a/lib/ssl/sslsecur.c b/lib/ssl/sslsecur.c |
| 38 index cca55bb..b4b8e95 100644 | 38 index 7ff0a2c..129f1f3 100644 |
| 39 --- a/lib/ssl/sslsecur.c | 39 --- a/lib/ssl/sslsecur.c |
| 40 +++ b/lib/ssl/sslsecur.c | 40 +++ b/lib/ssl/sslsecur.c |
| 41 @@ -1483,6 +1483,49 @@ SSL_InvalidateSession(PRFileDesc *fd) | 41 @@ -1486,6 +1486,49 @@ SSL_InvalidateSession(PRFileDesc *fd) |
| 42 return rv; | 42 return rv; |
| 43 } | 43 } |
| 44 | 44 |
| 45 +static void | 45 +static void |
| 46 +ssl3_CacheSessionUnlocked(sslSocket *ss) | 46 +ssl3_CacheSessionUnlocked(sslSocket *ss) |
| 47 +{ | 47 +{ |
| 48 + PORT_Assert(!ss->sec.isServer); | 48 + PORT_Assert(!ss->sec.isServer); |
| 49 + | 49 + |
| 50 + if (ss->ssl3.hs.cacheSID) { | 50 + if (ss->ssl3.hs.cacheSID) { |
| 51 +» ss->sec.cache(ss->sec.ci.sid); | 51 + ss->sec.cache(ss->sec.ci.sid); |
| 52 +» ss->ssl3.hs.cacheSID = PR_FALSE; | 52 + ss->ssl3.hs.cacheSID = PR_FALSE; |
| 53 + } | 53 + } |
| 54 +} | 54 +} |
| 55 + | 55 + |
| 56 +SECStatus | 56 +SECStatus |
| 57 +SSL_CacheSession(PRFileDesc *fd) | 57 +SSL_CacheSession(PRFileDesc *fd) |
| 58 +{ | 58 +{ |
| 59 + sslSocket * ss = ssl_FindSocket(fd); | 59 + sslSocket *ss = ssl_FindSocket(fd); |
| 60 + SECStatus rv = SECFailure; | 60 + SECStatus rv = SECFailure; |
| 61 + | 61 + |
| 62 + if (ss) { | 62 + if (ss) { |
| 63 +» ssl_Get1stHandshakeLock(ss); | 63 + ssl_Get1stHandshakeLock(ss); |
| 64 +» ssl_GetSSL3HandshakeLock(ss); | 64 + ssl_GetSSL3HandshakeLock(ss); |
| 65 + | 65 + |
| 66 +» ssl3_CacheSessionUnlocked(ss); | 66 + ssl3_CacheSessionUnlocked(ss); |
| 67 +» rv = SECSuccess; | 67 + rv = SECSuccess; |
| 68 + | 68 + |
| 69 +» ssl_ReleaseSSL3HandshakeLock(ss); | 69 + ssl_ReleaseSSL3HandshakeLock(ss); |
| 70 +» ssl_Release1stHandshakeLock(ss); | 70 + ssl_Release1stHandshakeLock(ss); |
| 71 + } | 71 + } |
| 72 + return rv; | 72 + return rv; |
| 73 +} | 73 +} |
| 74 + | 74 + |
| 75 +SECStatus | 75 +SECStatus |
| 76 +SSL_CacheSessionUnlocked(PRFileDesc *fd) | 76 +SSL_CacheSessionUnlocked(PRFileDesc *fd) |
| 77 +{ | 77 +{ |
| 78 + sslSocket * ss = ssl_FindSocket(fd); | 78 + sslSocket *ss = ssl_FindSocket(fd); |
| 79 + SECStatus rv = SECFailure; | 79 + SECStatus rv = SECFailure; |
| 80 + | 80 + |
| 81 + if (ss) { | 81 + if (ss) { |
| 82 +» ssl3_CacheSessionUnlocked(ss); | 82 + ssl3_CacheSessionUnlocked(ss); |
| 83 +» rv = SECSuccess; | 83 + rv = SECSuccess; |
| 84 + } | 84 + } |
| 85 + return rv; | 85 + return rv; |
| 86 +} | 86 +} |
| 87 + | 87 + |
| 88 SECItem * | 88 SECItem * |
| 89 SSL_GetSessionID(PRFileDesc *fd) | 89 SSL_GetSessionID(PRFileDesc *fd) |
| 90 { | 90 { |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1844813002:
Uprev NSS to 3.23 on iOS (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master