[gnutls-devel] Bug: SNI is ignored when resuming session from cache
Nikos Mavrogiannopoulos
nmav at gnutls.org
Sat Sep 23 08:30:26 CEST 2017
On Thu, 2017-09-21 at 11:27 +0200, Thomas Klute wrote:
> Am 20.09.2017 um 18:35 schrieb Nikos Mavrogiannopoulos:
> > A reproducer would certainly speed things up!
>
> Attached my fix with a detailed commit message, and a reproducer/test
> case.
>
Thank you. I've created a merge request at:
https://gitlab.com/gnutls/gnutls/merge_requests/520
The reason for not reading the extension at resumption was in order to
enforce the previously received SNI, on the first connection. However,
as I understand that is not the case.
Anyway, your analysis is right, and we should prevent the resumption
from happening inside gnutls in _gnutls_check_resumed_params().
For that, I've enhanced the pull request above. Could you check whether
it addresses the bug you raised?
regards,
Nikos
More information about the Gnutls-devel
mailing list