Set SSL2 and SSL3 timeout times properly for SSL server session cache.

Bug 223242. r=jullien.pierre
2006-01-28 02:21:31 +00:00 · 2006-01-28 02:21:31 +00:00 · 3360534c6e
--- a/security/nss/lib/ssl/sslsnce.c
+++ b/security/nss/lib/ssl/sslsnce.c
@ -36,7 +36,7 @@
 * the terms of any one of the MPL, the GPL or the LGPL.
 *
 * ***** END LICENSE BLOCK ***** */
-/* $Id: sslsnce.c,v 1.36 2005-11-11 02:45:59 julien.pierre.bugs%sun.com Exp $ */
+/* $Id: sslsnce.c,v 1.37 2006-01-28 02:21:31 nelsonb%netscape.com Exp $ */

 /* Note: ssl_FreeSID() in sslnonce.c gets used for both client and server 
 * cache sids!
@ -750,12 +750,14 @@ ServerSessionIDCache(sslSessionID *sid)
    if (sid->cached == never_cached || sid->cached == invalid_cache) {
 	PRUint32 set;

-	PORT_Assert(sid->creationTime != 0 && sid->expirationTime != 0);
+	PORT_Assert(sid->creationTime != 0);
 	if (!sid->creationTime)
 	    sid->lastAccessTime = sid->creationTime = ssl_Time();
 	if (version < SSL_LIBRARY_VERSION_3_0) {
-	    if (!sid->expirationTime)
-		sid->expirationTime = sid->creationTime + ssl_sid_timeout;
+	    /* override caller's expiration time, which uses client timeout
+	     * duration, not server timeout duration.
+	     */
+	    sid->expirationTime = sid->creationTime + cache->ssl2Timeout;
 	    SSL_TRC(8, ("%d: SSL: CacheMT: cached=%d addr=0x%08x%08x%08x%08x time=%x "
 			"cipher=%d", myPid, sid->cached,
 			sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],
@ -769,8 +771,10 @@ ServerSessionIDCache(sslSessionID *sid)
 			  sid->u.ssl2.cipherArg.len));

 	} else {
-	    if (!sid->expirationTime)
-		sid->expirationTime = sid->creationTime + ssl3_sid_timeout;
+	    /* override caller's expiration time, which uses client timeout
+	     * duration, not server timeout duration.
+	     */
+	    sid->expirationTime = sid->creationTime + cache->ssl3Timeout;
 	    SSL_TRC(8, ("%d: SSL: CacheMT: cached=%d addr=0x%08x%08x%08x%08x time=%x "
 			"cipherSuite=%d", myPid, sid->cached,
 			sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],