Cache SSL resumption tokens in necko
Categories
(Core :: Networking, enhancement, P2)
Tracking
()
Tracking | Status | |
---|---|---|
firefox68 | --- | fixed |
People
(Reporter: michal, Assigned: michal)
References
(Blocks 1 open bug)
Details
(Whiteboard: [necko-triaged])
Attachments
(1 file)
We need to have the cache in necko because the internal cache in NSS won't cache QUIC connections. Memory only cache will land in this bug. Persisting tokens to disk will be implemented later.
Assignee | ||
Comment 1•6 years ago
|
||
SSLTokensCache is a simple memory only storage for resumption tokens which are get and set using API for external TLS session caches in NSS.
Updated•6 years ago
|
Assignee | ||
Comment 2•5 years ago
|
||
After I added the call to SSL_OptionGet, the build fails on all platforms except Linux:
https://treeherder.mozilla.org/#/jobs?repo=try&revision=a25d1b4492622b226f538c8ecce5918e20f9a74f
Dana, do you have an idea what's wrong?
Comment 3•5 years ago
|
||
Looks like we don't export that symbol when we compile NSS in-tree. You should add SSL_OptionGet
right before this line: https://searchfox.org/mozilla-central/rev/197210b8c139b64f642edaa3336d26b9c1761568/security/nss.symbols#667
Assignee | ||
Comment 4•5 years ago
|
||
(In reply to Dana Keeler (she/her) (use needinfo) (:keeler for reviews) from comment #3)
Looks like we don't export that symbol when we compile NSS in-tree. You should add
SSL_OptionGet
right before this line: https://searchfox.org/mozilla-central/rev/197210b8c139b64f642edaa3336d26b9c1761568/security/nss.symbols#667
Thanks, this solved the problem. Do I need a review for this change?
Comment 5•5 years ago
|
||
Consider this r=me but see also the comment I left in differential about how I don't think it's even necessary to call that function since the callback will never be called if we've disabled session tickets.
Comment 6•5 years ago
|
||
Actually I just read your response - nevermind, lgtm.
Pushed by mnovotny@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/7fbf58d80879 Cache SSL resumption tokens in necko, r=mayhemer
Comment 8•5 years ago
|
||
bugherder |
Description
•