[gnutls-help] Repeated session resumption with TLS tickets

[Ross Lagerwall]

Hi,

glib-networking (which uses gnutls) has a session cache such that after
a connection handshake completes, it uses gnutls_session_get_data2 to
retrieve and keep the session data. When another connection begins, it
uses gnutls_session_set_data to reuse the data.

However, this does not work properly with TLS tickets.  After a session is
resumed, the TLS tickets get stored in "resumed session data" which is
not subsequently packed into the TLS session data again.  Because of
this, the third connection to a particular server is not properly resumed
because the session data is missing the TLS tickets.

I can change the code to only cache the session data if the session was
not resumed, but I'd like to know if this is the correct thing to do or
if gnutls should instead always store the TLS tickets in the session
data?

Thanks for your help :-)
-- 
Ross Lagerwall