[glib-networking] tls: Only cache session data if a session was not resumed
- From: Ross Lagerwall <rossl src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [glib-networking] tls: Only cache session data if a session was not resumed
- Date: Tue, 10 Mar 2015 17:48:46 +0000 (UTC)
commit da9c6df0e7c0a9e565b07492ef859be878bae42f
Author: Ross Lagerwall <rosslagerwall gmail com>
Date: Tue Feb 24 17:21:22 2015 +0000
tls: Only cache session data if a session was not resumed
As per the upstream discussion [1], session data should only be
stored when the session is not resumed.
This affects resuming sessions when using TLS tickets, since they
are not stored in the session data after a save/resume cycle.
[1] http://lists.gnutls.org/pipermail/gnutls-help/2015-February/003760.html
https://bugzilla.gnome.org/show_bug.cgi?id=745099
tls/gnutls/gtlsclientconnection-gnutls.c | 32 +++++++++++++++++++----------
1 files changed, 21 insertions(+), 11 deletions(-)
---
diff --git a/tls/gnutls/gtlsclientconnection-gnutls.c b/tls/gnutls/gtlsclientconnection-gnutls.c
index 69ae6c3..7ca4220 100644
--- a/tls/gnutls/gtlsclientconnection-gnutls.c
+++ b/tls/gnutls/gtlsclientconnection-gnutls.c
@@ -327,18 +327,28 @@ g_tls_client_connection_gnutls_finish_handshake (GTlsConnectionGnutls *conn,
if (gnutls->priv->session_id)
{
- gnutls_datum_t session_datum;
-
- if (!*inout_error &&
- gnutls_session_get_data2 (g_tls_connection_gnutls_get_session (conn),
- &session_datum) == 0)
+ if (!*inout_error)
{
- GBytes *session_data = g_bytes_new_with_free_func (session_datum.data, session_datum.size,
- (GDestroyNotify)gnutls_free, session_datum.data);
-
- g_tls_backend_gnutls_store_session (GNUTLS_CLIENT, gnutls->priv->session_id,
- session_data);
- g_bytes_unref (session_data);
+ if (!gnutls_session_is_resumed (g_tls_connection_gnutls_get_session (conn)))
+ {
+ gnutls_datum_t session_datum;
+
+ if (gnutls_session_get_data2 (g_tls_connection_gnutls_get_session (conn),
+ &session_datum) == 0)
+ {
+ GBytes *session_data = g_bytes_new_with_free_func (session_datum.data,
+ session_datum.size,
+ (GDestroyNotify)gnutls_free,
+ session_datum.data);
+
+ g_tls_backend_gnutls_store_session (GNUTLS_CLIENT,
+ gnutls->priv->session_id,
+ session_data);
+ g_bytes_unref (session_data);
+ }
+ else
+ g_tls_backend_gnutls_remove_session (GNUTLS_CLIENT, gnutls->priv->session_id);
+ }
}
else
g_tls_backend_gnutls_remove_session (GNUTLS_CLIENT, gnutls->priv->session_id);
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]