| OLD | NEW |
|---|
| 1 /* | 1 /* |
| 2 * This file implements the CLIENT Session ID cache. | 2 * This file implements the CLIENT Session ID cache. |
| 3 * | 3 * |
| 4 * This Source Code Form is subject to the terms of the Mozilla Public | 4 * This Source Code Form is subject to the terms of the Mozilla Public |
| 5 * License, v. 2.0. If a copy of the MPL was not distributed with this | 5 * License, v. 2.0. If a copy of the MPL was not distributed with this |
| 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | 6 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| 7 | 7 |
| 8 #include "cert.h" | 8 #include "cert.h" |
| 9 #include "pk11pub.h" | 9 #include "pk11pub.h" |
| 10 #include "secitem.h" | 10 #include "secitem.h" |
| (...skipping 104 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 115 int i; | 115 int i; |
| 116 SSL_TRC(8, ("SSL: destroy sid: sid=0x%x cached=%d", sid, sid->cached)); | 116 SSL_TRC(8, ("SSL: destroy sid: sid=0x%x cached=%d", sid, sid->cached)); |
| 117 PORT_Assert((sid->references == 0)); | 117 PORT_Assert((sid->references == 0)); |
| 118 | 118 |
| 119 if (sid->cached == in_client_cache) | 119 if (sid->cached == in_client_cache) |
| 120 return; /* it will get taken care of next time cache is traversed. */ | 120 return; /* it will get taken care of next time cache is traversed. */ |
| 121 | 121 |
| 122 if (sid->version < SSL_LIBRARY_VERSION_3_0) { | 122 if (sid->version < SSL_LIBRARY_VERSION_3_0) { |
| 123 SECITEM_ZfreeItem(&sid->u.ssl2.masterKey, PR_FALSE); | 123 SECITEM_ZfreeItem(&sid->u.ssl2.masterKey, PR_FALSE); |
| 124 SECITEM_ZfreeItem(&sid->u.ssl2.cipherArg, PR_FALSE); | 124 SECITEM_ZfreeItem(&sid->u.ssl2.cipherArg, PR_FALSE); |
| 125 } else { |
| 126 if (sid->u.ssl3.sessionTicket.ticket.data) { |
| 127 SECITEM_FreeItem(&sid->u.ssl3.sessionTicket.ticket, PR_FALSE); |
| 128 } |
| 129 if (sid->u.ssl3.srvName.data) { |
| 130 SECITEM_FreeItem(&sid->u.ssl3.srvName, PR_FALSE); |
| 131 } |
| 132 if (sid->u.ssl3.signedCertTimestamps.data) { |
| 133 SECITEM_FreeItem(&sid->u.ssl3.signedCertTimestamps, PR_FALSE); |
| 134 } |
| 135 if (sid->u.ssl3.originalHandshakeHash.data) { |
| 136 SECITEM_FreeItem(&sid->u.ssl3.originalHandshakeHash, PR_FALSE); |
| 137 } |
| 125 } | 138 } |
| 139 |
| 126 if (sid->peerID != NULL) | 140 if (sid->peerID != NULL) |
| 127 PORT_Free((void *)sid->peerID); /* CONST */ | 141 PORT_Free((void *)sid->peerID); /* CONST */ |
| 128 | 142 |
| 129 if (sid->urlSvrName != NULL) | 143 if (sid->urlSvrName != NULL) |
| 130 PORT_Free((void *)sid->urlSvrName); /* CONST */ | 144 PORT_Free((void *)sid->urlSvrName); /* CONST */ |
| 131 | 145 |
| 132 if ( sid->peerCert ) { | 146 if ( sid->peerCert ) { |
| 133 CERT_DestroyCertificate(sid->peerCert); | 147 CERT_DestroyCertificate(sid->peerCert); |
| 134 } | 148 } |
| 135 for (i = 0; i < MAX_PEER_CERT_CHAIN_SIZE && sid->peerCertChain[i]; i++) { | 149 for (i = 0; i < MAX_PEER_CERT_CHAIN_SIZE && sid->peerCertChain[i]; i++) { |
| 136 CERT_DestroyCertificate(sid->peerCertChain[i]); | 150 CERT_DestroyCertificate(sid->peerCertChain[i]); |
| 137 } | 151 } |
| 138 if (sid->peerCertStatus.items) { | 152 if (sid->peerCertStatus.items) { |
| 139 SECITEM_FreeArray(&sid->peerCertStatus, PR_FALSE); | 153 SECITEM_FreeArray(&sid->peerCertStatus, PR_FALSE); |
| 140 } | 154 } |
| 141 | 155 |
| 142 if ( sid->localCert ) { | 156 if ( sid->localCert ) { |
| 143 CERT_DestroyCertificate(sid->localCert); | 157 CERT_DestroyCertificate(sid->localCert); |
| 144 } | 158 } |
| 145 if (sid->u.ssl3.sessionTicket.ticket.data) { | 159 |
| 146 » SECITEM_FreeItem(&sid->u.ssl3.sessionTicket.ticket, PR_FALSE); | |
| 147 } | |
| 148 if (sid->u.ssl3.srvName.data) { | |
| 149 » SECITEM_FreeItem(&sid->u.ssl3.srvName, PR_FALSE); | |
| 150 } | |
| 151 if (sid->u.ssl3.originalHandshakeHash.data) { | |
| 152 » SECITEM_FreeItem(&sid->u.ssl3.originalHandshakeHash, PR_FALSE); | |
| 153 } | |
| 154 | |
| 155 PORT_ZFree(sid, sizeof(sslSessionID)); | 160 PORT_ZFree(sid, sizeof(sslSessionID)); |
| 156 } | 161 } |
| 157 | 162 |
| 158 /* BEWARE: This function gets called for both client and server SIDs !! | 163 /* BEWARE: This function gets called for both client and server SIDs !! |
| 159 * Decrement reference count, and | 164 * Decrement reference count, and |
| 160 * free sid if ref count is zero, and sid is not in the cache. | 165 * free sid if ref count is zero, and sid is not in the cache. |
| 161 * Does NOT remove from the cache first. | 166 * Does NOT remove from the cache first. |
| 162 * If the sid is still in the cache, it is left there until next time | 167 * If the sid is still in the cache, it is left there until next time |
| 163 * the cache list is traversed. | 168 * the cache list is traversed. |
| 164 */ | 169 */ |
| (...skipping 285 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 450 sid->u.ssl3.sessionTicket.ticket.len = 0; | 455 sid->u.ssl3.sessionTicket.ticket.len = 0; |
| 451 } | 456 } |
| 452 sid->u.ssl3.sessionTicket.received_timestamp = | 457 sid->u.ssl3.sessionTicket.received_timestamp = |
| 453 session_ticket->received_timestamp; | 458 session_ticket->received_timestamp; |
| 454 sid->u.ssl3.sessionTicket.ticket_lifetime_hint = | 459 sid->u.ssl3.sessionTicket.ticket_lifetime_hint = |
| 455 session_ticket->ticket_lifetime_hint; | 460 session_ticket->ticket_lifetime_hint; |
| 456 | 461 |
| 457 UNLOCK_CACHE; | 462 UNLOCK_CACHE; |
| 458 return SECSuccess; | 463 return SECSuccess; |
| 459 } | 464 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 64553002:
Certificate Transparency TLS extension patch for NSS (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master