1 files changed, 26 insertions, 33 deletions

diff --git a/security/nss/lib/ssl/sslsnce.c b/security/nss/lib/ssl/sslsnce.c
index 279f3c015..3ef11f7a7 100644
--- a/security/nss/lib/ssl/sslsnce.c
+++ b/security/nss/lib/ssl/sslsnce.c
@@ -85,12 +85,11 @@
 /*
 ** Format of a cache entry in the shared memory.
 */
-PR_STATIC_ASSERT(sizeof(PRTime) == 8);
 struct sidCacheEntryStr {
     /* 16 */ PRIPv6Addr addr; /* client's IP address */
-    /*  8 */ PRTime creationTime;
-    /*  8 */ PRTime lastAccessTime;
-    /*  8 */ PRTime expirationTime;
+    /*  4 */ PRUint32 creationTime;
+    /*  4 */ PRUint32 lastAccessTime;
+    /*  4 */ PRUint32 expirationTime;
     /*  2 */ PRUint16 version;
     /*  1 */ PRUint8 valid;
     /*  1 */ PRUint8 sessionIDLength;
@@ -99,25 +98,25 @@ struct sidCacheEntryStr {
     /*  2 */ PRUint16 authKeyBits;
     /*  2 */ PRUint16 keaType;
     /*  2 */ PRUint16 keaKeyBits;
-    /*  4 */ PRUint32 signatureScheme;
-    /*  4 */ PRUint32 keaGroup;
-    /* 92  - common header total */
+    /* 72  - common header total */
 
     union {
         struct {
             /*  2 */ ssl3CipherSuite cipherSuite;
-            /* 52 */ ssl3SidKeys keys; /* keys, wrapped as needed. */
+            /*  2 */ PRUint16 compression; /* SSLCompressionMethod */
+
+            /* 54 */ ssl3SidKeys keys; /* keys, wrapped as needed. */
 
             /*  4 */ PRUint32 masterWrapMech;
             /*  4 */ PRInt32 certIndex;
             /*  4 */ PRInt32 srvNameIndex;
             /* 32 */ PRUint8 srvNameHash[SHA256_LENGTH]; /* SHA256 name hash */
             /*  2 */ PRUint16 namedCurve;
-/*100 */} ssl3;
+/*104 */} ssl3;
 
 /* force sizeof(sidCacheEntry) to be a multiple of cache line size */
 struct {
-    /*116 */ PRUint8 filler[116]; /* 92+116==208, a multiple of 16 */
+    /*120 */ PRUint8 filler[120]; /* 72+120==192, a multiple of 16 */
 } forceSize;
     } u;
 };
@@ -283,7 +282,7 @@ LockSidCacheLock(sidCacheLock *lock, PRUint32 now)
     if (rv != SECSuccess)
         return 0;
     if (!now)
-        now = ssl_TimeSec();
+        now = ssl_Time();
     lock->timeStamp = now;
     lock->pid = myPid;
     return now;
@@ -299,7 +298,7 @@ UnlockSidCacheLock(sidCacheLock *lock)
     return rv;
 }
 
-/* returns the value of ssl_TimeSec on success, zero on failure. */
+/* returns the value of ssl_Time on success, zero on failure. */
 static PRUint32
 LockSet(cacheDesc *cache, PRUint32 set, PRUint32 now)
 {
@@ -433,10 +432,9 @@ ConvertFromSID(sidCacheEntry *to, sslSessionID *from)
     to->authKeyBits = from->authKeyBits;
     to->keaType = from->keaType;
     to->keaKeyBits = from->keaKeyBits;
-    to->keaGroup = from->keaGroup;
-    to->signatureScheme = from->sigScheme;
 
     to->u.ssl3.cipherSuite = from->u.ssl3.cipherSuite;
+    to->u.ssl3.compression = (PRUint16)from->u.ssl3.compression;
     to->u.ssl3.keys = from->u.ssl3.keys;
     to->u.ssl3.masterWrapMech = from->u.ssl3.masterWrapMech;
     to->sessionIDLength = from->u.ssl3.sessionIDLength;
@@ -454,10 +452,9 @@ ConvertFromSID(sidCacheEntry *to, sslSessionID *from)
 
     SSL_TRC(8, ("%d: SSL3: ConvertSID: time=%d addr=0x%08x%08x%08x%08x "
                 "cipherSuite=%d",
-                myPid, to->creationTime / PR_USEC_PER_SEC,
-                to->addr.pr_s6_addr32[0], to->addr.pr_s6_addr32[1],
-                to->addr.pr_s6_addr32[2], to->addr.pr_s6_addr32[3],
-                to->u.ssl3.cipherSuite));
+                myPid, to->creationTime, to->addr.pr_s6_addr32[0],
+                to->addr.pr_s6_addr32[1], to->addr.pr_s6_addr32[2],
+                to->addr.pr_s6_addr32[3], to->u.ssl3.cipherSuite));
 }
 
 /*
@@ -479,6 +476,7 @@ ConvertToSID(sidCacheEntry *from,
 
     to->u.ssl3.sessionIDLength = from->sessionIDLength;
     to->u.ssl3.cipherSuite = from->u.ssl3.cipherSuite;
+    to->u.ssl3.compression = (SSLCompressionMethod)from->u.ssl3.compression;
     to->u.ssl3.keys = from->u.ssl3.keys;
     to->u.ssl3.masterWrapMech = from->u.ssl3.masterWrapMech;
     if (from->u.ssl3.srvNameIndex != -1 && psnce) {
@@ -543,8 +541,6 @@ ConvertToSID(sidCacheEntry *from,
     to->authKeyBits = from->authKeyBits;
     to->keaType = from->keaType;
     to->keaKeyBits = from->keaKeyBits;
-    to->keaGroup = from->keaGroup;
-    to->sigScheme = from->signatureScheme;
 
     return to;
 
@@ -752,19 +748,17 @@ ServerSessionIDCache(sslSessionID *sid)
 
         PORT_Assert(sid->creationTime != 0);
         if (!sid->creationTime)
-            sid->lastAccessTime = sid->creationTime = ssl_TimeUsec();
+            sid->lastAccessTime = sid->creationTime = ssl_Time();
         /* override caller's expiration time, which uses client timeout
          * duration, not server timeout duration.
          */
-        sid->expirationTime =
-            sid->creationTime + cache->ssl3Timeout * PR_USEC_PER_SEC;
+        sid->expirationTime = sid->creationTime + cache->ssl3Timeout;
         SSL_TRC(8, ("%d: SSL: CacheMT: cached=%d addr=0x%08x%08x%08x%08x time=%x "
                     "cipherSuite=%d",
                     myPid, sid->cached,
                     sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],
                     sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3],
-                    sid->creationTime / PR_USEC_PER_SEC,
-                    sid->u.ssl3.cipherSuite));
+                    sid->creationTime, sid->u.ssl3.cipherSuite));
         PRINT_BUF(8, (0, "sessionID:", sid->u.ssl3.sessionID,
                       sid->u.ssl3.sessionIDLength));
 
@@ -826,8 +820,7 @@ ServerSessionIDUncache(sslSessionID *sid)
                 myPid, sid->cached,
                 sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1],
                 sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3],
-                sid->creationTime / PR_USEC_PER_SEC,
-                sid->u.ssl3.cipherSuite));
+                sid->creationTime, sid->u.ssl3.cipherSuite));
     PRINT_BUF(8, (0, "sessionID:", sessionID, sessionIDLength));
     set = SIDindex(cache, &sid->addr, sessionID, sessionIDLength);
     now = LockSet(cache, set, 0);
@@ -1093,7 +1086,7 @@ InitCache(cacheDesc *cache, int maxCacheEntries, int maxCertCacheEntries,
     cache->srvNameCacheData = (srvNameCacheEntry *)(cache->cacheMem + (ptrdiff_t)cache->srvNameCacheData);
 
     /* initialize the locks */
-    init_time = ssl_TimeSec();
+    init_time = ssl_Time();
     pLock = cache->sidCacheLocks;
     for (locks_to_initialize = cache->numSIDCacheLocks + 3;
          locks_initialized < locks_to_initialize;
@@ -1141,10 +1134,6 @@ SSL_SetMaxServerCacheLocks(PRUint32 maxLocks)
     return SECSuccess;
 }
 
-PR_STATIC_ASSERT(sizeof(sidCacheEntry) % 16 == 0);
-PR_STATIC_ASSERT(sizeof(certCacheEntry) == 4096);
-PR_STATIC_ASSERT(sizeof(srvNameCacheEntry) == 1072);
-
 static SECStatus
 ssl_ConfigServerSessionIDCacheInstanceWithOpt(cacheDesc *cache,
                                               PRUint32 ssl3_timeout,
@@ -1156,6 +1145,10 @@ ssl_ConfigServerSessionIDCacheInstanceWithOpt(cacheDesc *cache,
 {
     SECStatus rv;
 
+    PORT_Assert(sizeof(sidCacheEntry) == 192);
+    PORT_Assert(sizeof(certCacheEntry) == 4096);
+    PORT_Assert(sizeof(srvNameCacheEntry) == 1072);
+
     rv = ssl_Init();
     if (rv != SECSuccess) {
         return rv;
@@ -1526,7 +1519,7 @@ LockPoller(void *arg)
         if (sharedCache->stopPolling)
             break;
 
-        now = ssl_TimeSec();
+        now = ssl_Time();
         then = now - expiration;
         for (pLock = cache->sidCacheLocks, locks_polled = 0;
              locks_to_poll > locks_polled && !sharedCache->stopPolling;