OLD | NEW |
| (Empty) |
1 diff --git a/lib/ssl/ssl.h b/lib/ssl/ssl.h | |
2 index 70665a1..de5078b 100644 | |
3 --- a/lib/ssl/ssl.h | |
4 +++ b/lib/ssl/ssl.h | |
5 @@ -973,6 +973,18 @@ SSL_IMPORT int SSL_DataPending(PRFileDesc *fd); | |
6 SSL_IMPORT SECStatus SSL_InvalidateSession(PRFileDesc *fd); | |
7 | |
8 /* | |
9 +** Cache the SSL session associated with fd, if it has not already been cached. | |
10 +*/ | |
11 +SSL_IMPORT SECStatus SSL_CacheSession(PRFileDesc *fd); | |
12 + | |
13 +/* | |
14 +** Cache the SSL session associated with fd, if it has not already been cached. | |
15 +** This function may only be called when processing within a callback assigned | |
16 +** via SSL_HandshakeCallback | |
17 +*/ | |
18 +SSL_IMPORT SECStatus SSL_CacheSessionUnlocked(PRFileDesc *fd); | |
19 + | |
20 +/* | |
21 ** Return a SECItem containing the SSL session ID associated with the fd. | |
22 */ | |
23 SSL_IMPORT SECItem *SSL_GetSessionID(PRFileDesc *fd); | |
24 diff --git a/lib/ssl/ssl3con.c b/lib/ssl/ssl3con.c | |
25 index b100b9b..7649abe 100644 | |
26 --- a/lib/ssl/ssl3con.c | |
27 +++ b/lib/ssl/ssl3con.c | |
28 @@ -12397,7 +12397,7 @@ ssl3_FinishHandshake(sslSocket *ss) | |
29 ss->ssl3.hs.receivedNewSessionTicket = PR_FALSE; | |
30 } | |
31 | |
32 - if (ss->ssl3.hs.cacheSID) { | |
33 + if (ss->ssl3.hs.cacheSID && ss->sec.isServer) { | |
34 PORT_Assert(ss->sec.ci.sid->cached == never_cached); | |
35 (*ss->sec.cache)(ss->sec.ci.sid); | |
36 ss->ssl3.hs.cacheSID = PR_FALSE; | |
37 diff --git a/lib/ssl/sslsecur.c b/lib/ssl/sslsecur.c | |
38 index 7ff0a2c..129f1f3 100644 | |
39 --- a/lib/ssl/sslsecur.c | |
40 +++ b/lib/ssl/sslsecur.c | |
41 @@ -1486,6 +1486,49 @@ SSL_InvalidateSession(PRFileDesc *fd) | |
42 return rv; | |
43 } | |
44 | |
45 +static void | |
46 +ssl3_CacheSessionUnlocked(sslSocket *ss) | |
47 +{ | |
48 + PORT_Assert(!ss->sec.isServer); | |
49 + | |
50 + if (ss->ssl3.hs.cacheSID) { | |
51 + ss->sec.cache(ss->sec.ci.sid); | |
52 + ss->ssl3.hs.cacheSID = PR_FALSE; | |
53 + } | |
54 +} | |
55 + | |
56 +SECStatus | |
57 +SSL_CacheSession(PRFileDesc *fd) | |
58 +{ | |
59 + sslSocket *ss = ssl_FindSocket(fd); | |
60 + SECStatus rv = SECFailure; | |
61 + | |
62 + if (ss) { | |
63 + ssl_Get1stHandshakeLock(ss); | |
64 + ssl_GetSSL3HandshakeLock(ss); | |
65 + | |
66 + ssl3_CacheSessionUnlocked(ss); | |
67 + rv = SECSuccess; | |
68 + | |
69 + ssl_ReleaseSSL3HandshakeLock(ss); | |
70 + ssl_Release1stHandshakeLock(ss); | |
71 + } | |
72 + return rv; | |
73 +} | |
74 + | |
75 +SECStatus | |
76 +SSL_CacheSessionUnlocked(PRFileDesc *fd) | |
77 +{ | |
78 + sslSocket *ss = ssl_FindSocket(fd); | |
79 + SECStatus rv = SECFailure; | |
80 + | |
81 + if (ss) { | |
82 + ssl3_CacheSessionUnlocked(ss); | |
83 + rv = SECSuccess; | |
84 + } | |
85 + return rv; | |
86 +} | |
87 + | |
88 SECItem * | |
89 SSL_GetSessionID(PRFileDesc *fd) | |
90 { | |
OLD | NEW |