[gnutls-devel] Bug: SNI is ignored when resuming session from cache

Nikos Mavrogiannopoulos nmav at gnutls.org
Sat Sep 23 08:30:26 CEST 2017


On Thu, 2017-09-21 at 11:27 +0200, Thomas Klute wrote:
> Am 20.09.2017 um 18:35 schrieb Nikos Mavrogiannopoulos:
> > A reproducer would certainly speed things up!
> 
> Attached my fix with a detailed commit message, and a reproducer/test
> case.
> 

Thank you. I've created a merge request at:
https://gitlab.com/gnutls/gnutls/merge_requests/520

The reason for not reading the extension at resumption was in order to
enforce the previously received SNI, on the first connection. However,
as I understand that is not the case.

Anyway, your analysis is right, and we should prevent the resumption
from happening inside gnutls in _gnutls_check_resumed_params().
For that, I've enhanced the pull request above. Could you check whether
it addresses the bug you raised?


regards,
Nikos





More information about the Gnutls-devel mailing list