1diff --git a/net/third_party/nss/ssl/exports_win.def b/net/third_party/nss/ssl/exports_win.def 2index e0624f1..a1045bb 100644 3--- a/net/third_party/nss/ssl/exports_win.def 4+++ b/net/third_party/nss/ssl/exports_win.def 5@@ -62,3 +62,5 @@ SSL_RestartHandshakeAfterChannelIDReq 6 SSL_GetChannelBinding 7 SSL_PeerSignedCertTimestamps 8 SSL_CipherOrderSet 9+SSL_CacheSession 10+SSL_CacheSessionUnlocked 11diff --git a/net/third_party/nss/ssl/ssl.h b/net/third_party/nss/ssl/ssl.h 12index bef33fc..6f7c988 100644 13--- a/net/third_party/nss/ssl/ssl.h 14+++ b/net/third_party/nss/ssl/ssl.h 15@@ -872,6 +872,18 @@ SSL_IMPORT int SSL_DataPending(PRFileDesc *fd); 16 SSL_IMPORT SECStatus SSL_InvalidateSession(PRFileDesc *fd); 17 18 /* 19+** Cache the SSL session associated with fd, if it has not already been cached. 20+*/ 21+SSL_IMPORT SECStatus SSL_CacheSession(PRFileDesc *fd); 22+ 23+/* 24+** Cache the SSL session associated with fd, if it has not already been cached. 25+** This function may only be called when processing within a callback assigned 26+** via SSL_HandshakeCallback 27+*/ 28+SSL_IMPORT SECStatus SSL_CacheSessionUnlocked(PRFileDesc *fd); 29+ 30+/* 31 ** Return a SECItem containing the SSL session ID associated with the fd. 32 */ 33 SSL_IMPORT SECItem *SSL_GetSessionID(PRFileDesc *fd); 34diff --git a/net/third_party/nss/ssl/ssl3con.c b/net/third_party/nss/ssl/ssl3con.c 35index 307a0fe..e2be5e6 100644 36--- a/net/third_party/nss/ssl/ssl3con.c 37+++ b/net/third_party/nss/ssl/ssl3con.c 38@@ -11240,7 +11240,7 @@ ssl3_FinishHandshake(sslSocket * ss) 39 /* The first handshake is now completed. */ 40 ss->handshake = NULL; 41 42- if (ss->ssl3.hs.cacheSID) { 43+ if (ss->ssl3.hs.cacheSID && ss->sec.isServer) { 44 (*ss->sec.cache)(ss->sec.ci.sid); 45 ss->ssl3.hs.cacheSID = PR_FALSE; 46 } 47diff --git a/net/third_party/nss/ssl/sslsecur.c b/net/third_party/nss/ssl/sslsecur.c 48index 31c343f..99538e5 100644 49--- a/net/third_party/nss/ssl/sslsecur.c 50+++ b/net/third_party/nss/ssl/sslsecur.c 51@@ -1474,6 +1474,49 @@ SSL_InvalidateSession(PRFileDesc *fd) 52 return rv; 53 } 54 55+static void 56+ssl3_CacheSessionUnlocked(sslSocket *ss) 57+{ 58+ PORT_Assert(!ss->sec.isServer); 59+ 60+ if (ss->ssl3.hs.cacheSID) { 61+ ss->sec.cache(ss->sec.ci.sid); 62+ ss->ssl3.hs.cacheSID = PR_FALSE; 63+ } 64+} 65+ 66+SECStatus 67+SSL_CacheSession(PRFileDesc *fd) 68+{ 69+ sslSocket * ss = ssl_FindSocket(fd); 70+ SECStatus rv = SECFailure; 71+ 72+ if (ss) { 73+ ssl_Get1stHandshakeLock(ss); 74+ ssl_GetSSL3HandshakeLock(ss); 75+ 76+ ssl3_CacheSessionUnlocked(ss); 77+ rv = SECSuccess; 78+ 79+ ssl_ReleaseSSL3HandshakeLock(ss); 80+ ssl_Release1stHandshakeLock(ss); 81+ } 82+ return rv; 83+} 84+ 85+SECStatus 86+SSL_CacheSessionUnlocked(PRFileDesc *fd) 87+{ 88+ sslSocket * ss = ssl_FindSocket(fd); 89+ SECStatus rv = SECFailure; 90+ 91+ if (ss) { 92+ ssl3_CacheSessionUnlocked(ss); 93+ rv = SECSuccess; 94+ } 95+ return rv; 96+} 97+ 98 SECItem * 99 SSL_GetSessionID(PRFileDesc *fd) 100 { 101