The SSL client cache timeout values for SSL2 and SSL3 were reversed.

This caused all SSL3 sessions to timeout after 100 seconds. Bug 55231.

1 files changed, 2 insertions, 2 deletions

diff --git a/security/nss/lib/ssl/sslnonce.c b/security/nss/lib/ssl/sslnonce.c
index ec6daf2c0..f94868da6 100644
--- a/security/nss/lib/ssl/sslnonce.c
+++ b/security/nss/lib/ssl/sslnonce.c
@@ -220,7 +220,7 @@ CacheSID(sslSessionID *sid)
 
     /* XXX should be different trace for version 2 vs. version 3 */
     if (sid->version < SSL_LIBRARY_VERSION_3_0) {
-	expirationPeriod = ssl3_sid_timeout;
+	expirationPeriod = ssl_sid_timeout;
 	PRINT_BUF(8, (0, "sessionID:",
 		  sid->u.ssl2.sessionID, sizeof(sid->u.ssl2.sessionID)));
 	PRINT_BUF(8, (0, "masterKey:",
@@ -230,7 +230,7 @@ CacheSID(sslSessionID *sid)
     } else {
 	if (sid->u.ssl3.sessionIDLength == 0) 
 	    return;
-	expirationPeriod = ssl_sid_timeout;
+	expirationPeriod = ssl3_sid_timeout;
 	PRINT_BUF(8, (0, "sessionID:",
 		      sid->u.ssl3.sessionID, sid->u.ssl3.sessionIDLength));
     }