OLD | NEW |
1 diff --git a/lib/ssl/ssl.h b/lib/ssl/ssl.h | 1 diff --git a/lib/ssl/ssl.h b/lib/ssl/ssl.h |
2 index 437a822..bc417a5 100644 | 2 index 70665a1..de5078b 100644 |
3 --- a/lib/ssl/ssl.h | 3 --- a/lib/ssl/ssl.h |
4 +++ b/lib/ssl/ssl.h | 4 +++ b/lib/ssl/ssl.h |
5 @@ -992,6 +992,18 @@ SSL_IMPORT int SSL_DataPending(PRFileDesc *fd); | 5 @@ -973,6 +973,18 @@ SSL_IMPORT int SSL_DataPending(PRFileDesc *fd); |
6 SSL_IMPORT SECStatus SSL_InvalidateSession(PRFileDesc *fd); | 6 SSL_IMPORT SECStatus SSL_InvalidateSession(PRFileDesc *fd); |
7 | 7 |
8 /* | 8 /* |
9 +** Cache the SSL session associated with fd, if it has not already been cached. | 9 +** Cache the SSL session associated with fd, if it has not already been cached. |
10 +*/ | 10 +*/ |
11 +SSL_IMPORT SECStatus SSL_CacheSession(PRFileDesc *fd); | 11 +SSL_IMPORT SECStatus SSL_CacheSession(PRFileDesc *fd); |
12 + | 12 + |
13 +/* | 13 +/* |
14 +** Cache the SSL session associated with fd, if it has not already been cached. | 14 +** Cache the SSL session associated with fd, if it has not already been cached. |
15 +** This function may only be called when processing within a callback assigned | 15 +** This function may only be called when processing within a callback assigned |
16 +** via SSL_HandshakeCallback | 16 +** via SSL_HandshakeCallback |
17 +*/ | 17 +*/ |
18 +SSL_IMPORT SECStatus SSL_CacheSessionUnlocked(PRFileDesc *fd); | 18 +SSL_IMPORT SECStatus SSL_CacheSessionUnlocked(PRFileDesc *fd); |
19 + | 19 + |
20 +/* | 20 +/* |
21 ** Return a SECItem containing the SSL session ID associated with the fd. | 21 ** Return a SECItem containing the SSL session ID associated with the fd. |
22 */ | 22 */ |
23 SSL_IMPORT SECItem *SSL_GetSessionID(PRFileDesc *fd); | 23 SSL_IMPORT SECItem *SSL_GetSessionID(PRFileDesc *fd); |
24 diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c | 24 diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c |
25 index 572bba9..afab931 100644 | 25 index b100b9b..7649abe 100644 |
26 --- a/lib/ssl/ssl3con.c | 26 --- a/lib/ssl/ssl3con.c |
27 +++ b/lib/ssl/ssl3con.c | 27 +++ b/lib/ssl/ssl3con.c |
28 @@ -12058,7 +12058,7 @@ ssl3_FinishHandshake(sslSocket * ss) | 28 @@ -12397,7 +12397,7 @@ ssl3_FinishHandshake(sslSocket *ss) |
29 ss->ssl3.hs.receivedNewSessionTicket = PR_FALSE; | 29 ss->ssl3.hs.receivedNewSessionTicket = PR_FALSE; |
30 } | 30 } |
31 | 31 |
32 - if (ss->ssl3.hs.cacheSID) { | 32 - if (ss->ssl3.hs.cacheSID) { |
33 + if (ss->ssl3.hs.cacheSID && ss->sec.isServer) { | 33 + if (ss->ssl3.hs.cacheSID && ss->sec.isServer) { |
34 » PORT_Assert(ss->sec.ci.sid->cached == never_cached); | 34 PORT_Assert(ss->sec.ci.sid->cached == never_cached); |
35 » (*ss->sec.cache)(ss->sec.ci.sid); | 35 (*ss->sec.cache)(ss->sec.ci.sid); |
36 » ss->ssl3.hs.cacheSID = PR_FALSE; | 36 ss->ssl3.hs.cacheSID = PR_FALSE; |
37 diff --git a/lib/ssl/sslsecur.c b/lib/ssl/sslsecur.c | 37 diff --git a/lib/ssl/sslsecur.c b/lib/ssl/sslsecur.c |
38 index cca55bb..b4b8e95 100644 | 38 index 7ff0a2c..129f1f3 100644 |
39 --- a/lib/ssl/sslsecur.c | 39 --- a/lib/ssl/sslsecur.c |
40 +++ b/lib/ssl/sslsecur.c | 40 +++ b/lib/ssl/sslsecur.c |
41 @@ -1483,6 +1483,49 @@ SSL_InvalidateSession(PRFileDesc *fd) | 41 @@ -1486,6 +1486,49 @@ SSL_InvalidateSession(PRFileDesc *fd) |
42 return rv; | 42 return rv; |
43 } | 43 } |
44 | 44 |
45 +static void | 45 +static void |
46 +ssl3_CacheSessionUnlocked(sslSocket *ss) | 46 +ssl3_CacheSessionUnlocked(sslSocket *ss) |
47 +{ | 47 +{ |
48 + PORT_Assert(!ss->sec.isServer); | 48 + PORT_Assert(!ss->sec.isServer); |
49 + | 49 + |
50 + if (ss->ssl3.hs.cacheSID) { | 50 + if (ss->ssl3.hs.cacheSID) { |
51 +» ss->sec.cache(ss->sec.ci.sid); | 51 + ss->sec.cache(ss->sec.ci.sid); |
52 +» ss->ssl3.hs.cacheSID = PR_FALSE; | 52 + ss->ssl3.hs.cacheSID = PR_FALSE; |
53 + } | 53 + } |
54 +} | 54 +} |
55 + | 55 + |
56 +SECStatus | 56 +SECStatus |
57 +SSL_CacheSession(PRFileDesc *fd) | 57 +SSL_CacheSession(PRFileDesc *fd) |
58 +{ | 58 +{ |
59 + sslSocket * ss = ssl_FindSocket(fd); | 59 + sslSocket *ss = ssl_FindSocket(fd); |
60 + SECStatus rv = SECFailure; | 60 + SECStatus rv = SECFailure; |
61 + | 61 + |
62 + if (ss) { | 62 + if (ss) { |
63 +» ssl_Get1stHandshakeLock(ss); | 63 + ssl_Get1stHandshakeLock(ss); |
64 +» ssl_GetSSL3HandshakeLock(ss); | 64 + ssl_GetSSL3HandshakeLock(ss); |
65 + | 65 + |
66 +» ssl3_CacheSessionUnlocked(ss); | 66 + ssl3_CacheSessionUnlocked(ss); |
67 +» rv = SECSuccess; | 67 + rv = SECSuccess; |
68 + | 68 + |
69 +» ssl_ReleaseSSL3HandshakeLock(ss); | 69 + ssl_ReleaseSSL3HandshakeLock(ss); |
70 +» ssl_Release1stHandshakeLock(ss); | 70 + ssl_Release1stHandshakeLock(ss); |
71 + } | 71 + } |
72 + return rv; | 72 + return rv; |
73 +} | 73 +} |
74 + | 74 + |
75 +SECStatus | 75 +SECStatus |
76 +SSL_CacheSessionUnlocked(PRFileDesc *fd) | 76 +SSL_CacheSessionUnlocked(PRFileDesc *fd) |
77 +{ | 77 +{ |
78 + sslSocket * ss = ssl_FindSocket(fd); | 78 + sslSocket *ss = ssl_FindSocket(fd); |
79 + SECStatus rv = SECFailure; | 79 + SECStatus rv = SECFailure; |
80 + | 80 + |
81 + if (ss) { | 81 + if (ss) { |
82 +» ssl3_CacheSessionUnlocked(ss); | 82 + ssl3_CacheSessionUnlocked(ss); |
83 +» rv = SECSuccess; | 83 + rv = SECSuccess; |
84 + } | 84 + } |
85 + return rv; | 85 + return rv; |
86 +} | 86 +} |
87 + | 87 + |
88 SECItem * | 88 SECItem * |
89 SSL_GetSessionID(PRFileDesc *fd) | 89 SSL_GetSessionID(PRFileDesc *fd) |
90 { | 90 { |
OLD | NEW |