NSS_IMPLEMENT NSSTrustDomain * NSSTrustDomain_Create ( NSSUTF8 *moduleOpt, NSSUTF8 *uriOpt, NSSUTF8 *opaqueOpt, void *reserved ) { NSSArena *arena; NSSTrustDomain *rvTD; arena = NSSArena_Create(); if(!arena) { return (NSSTrustDomain *)NULL; } rvTD = nss_ZNEW(arena, NSSTrustDomain); if (!rvTD) { goto loser; } /* protect the token list and the token iterator */ rvTD->tokensLock = NSSRWLock_New(100, "tokens"); if (!rvTD->tokensLock) { goto loser; } nssTrustDomain_InitializeCache(rvTD, NSSTRUSTDOMAIN_DEFAULT_CACHE_SIZE); rvTD->arena = arena; rvTD->refCount = 1; rvTD->statusConfig = NULL; return rvTD; loser: if (rvTD && rvTD->tokensLock) { NSSRWLock_Destroy(rvTD->tokensLock); } nssArena_Destroy(arena); return (NSSTrustDomain *)NULL; }
/* ** Add an sid to the cache or return a previously cached entry to the cache. ** Although this is static, it is called via ss->sec.cache(). */ static void CacheSID(sslSessionID *sid) { PRUint32 expirationPeriod; PORT_Assert(sid->cached == never_cached); SSL_TRC(8, ("SSL: Cache: sid=0x%x cached=%d addr=0x%08x%08x%08x%08x port=0x%04x " "time=%x cached=%d", sid, sid->cached, sid->addr.pr_s6_addr32[0], sid->addr.pr_s6_addr32[1], sid->addr.pr_s6_addr32[2], sid->addr.pr_s6_addr32[3], sid->port, sid->creationTime, sid->cached)); if (!sid->urlSvrName) { /* don't cache this SID because it can never be matched */ return; } /* XXX should be different trace for version 2 vs. version 3 */ if (sid->version < SSL_LIBRARY_VERSION_3_0) { expirationPeriod = ssl_sid_timeout; PRINT_BUF(8, (0, "sessionID:", sid->u.ssl2.sessionID, sizeof(sid->u.ssl2.sessionID))); PRINT_BUF(8, (0, "masterKey:", sid->u.ssl2.masterKey.data, sid->u.ssl2.masterKey.len)); PRINT_BUF(8, (0, "cipherArg:", sid->u.ssl2.cipherArg.data, sid->u.ssl2.cipherArg.len)); } else { if (sid->u.ssl3.sessionIDLength == 0 && sid->u.ssl3.locked.sessionTicket.ticket.data == NULL) return; /* Client generates the SessionID if this was a stateless resume. */ if (sid->u.ssl3.sessionIDLength == 0) { SECStatus rv; rv = PK11_GenerateRandom(sid->u.ssl3.sessionID, SSL3_SESSIONID_BYTES); if (rv != SECSuccess) return; sid->u.ssl3.sessionIDLength = SSL3_SESSIONID_BYTES; } expirationPeriod = ssl3_sid_timeout; PRINT_BUF(8, (0, "sessionID:", sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength)); sid->u.ssl3.lock = NSSRWLock_New(NSS_RWLOCK_RANK_NONE, NULL); if (!sid->u.ssl3.lock) { return; } } PORT_Assert(sid->creationTime != 0 && sid->expirationTime != 0); if (!sid->creationTime) sid->lastAccessTime = sid->creationTime = ssl_Time(); if (!sid->expirationTime) sid->expirationTime = sid->creationTime + expirationPeriod; /* * Put sid into the cache. Bump reference count to indicate that * cache is holding a reference. Uncache will reduce the cache * reference. */ LOCK_CACHE; sid->references++; sid->cached = in_client_cache; sid->next = cache; cache = sid; UNLOCK_CACHE; }