From af9a8236e8bc2b789103568996da44ace89c010f Mon Sep 17 00:00:00 2001
From: Cameron Kaiser <classilla@floodgap.com>
Date: Sat, 29 Aug 2020 22:39:44 -0700
Subject: [PATCH] fix overzealous assertion (M1531906)

---
 security/nss/lib/ssl/sslnonce.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/security/nss/lib/ssl/sslnonce.c b/security/nss/lib/ssl/sslnonce.c
index b7b5b7fe5..32e5d75ef 100644
--- a/security/nss/lib/ssl/sslnonce.c
+++ b/security/nss/lib/ssl/sslnonce.c
@@ -1197,14 +1197,15 @@ ssl3_SetSIDSessionTicket(sslSessionID *sid,
      * anything yet, so no locking is needed.
      */
     if (sid->u.ssl3.lock) {
-        PORT_Assert(sid->cached == in_client_cache);
         PR_RWLock_Wlock(sid->u.ssl3.lock);
+        /* Another thread may have evicted, or it may be in external cache. */
+        PORT_Assert(sid->cached != never_cached);
     }
     /* If this was in the client cache, then we might have to free the old
      * ticket.  In TLS 1.3, we might get a replacement ticket if the server
      * sends more than one ticket. */
     if (sid->u.ssl3.locked.sessionTicket.ticket.data) {
-        PORT_Assert(sid->cached == in_client_cache ||
+        PORT_Assert(sid->cached != never_cached ||
                     sid->version >= SSL_LIBRARY_VERSION_TLS_1_3);
         SECITEM_FreeItem(&sid->u.ssl3.locked.sessionTicket.ticket,
                          PR_FALSE);