On Tue, Feb 24, 2015 at 9:26 AM, Nikos Mavrogiannopoulos <[email protected]> wrote: > On Tue, Feb 24, 2015 at 12:55 AM, Ross Lagerwall > <[email protected]> wrote: >> Hi, >> glib-networking (which uses gnutls) has a session cache such that after >> a connection handshake completes, it uses gnutls_session_get_data2 to >> retrieve and keep the session data. When another connection begins, it >> uses gnutls_session_set_data to reuse the data. >> However, this does not work properly with TLS tickets. After a session is >> resumed, the TLS tickets get stored in "resumed session data" which is >> not subsequently packed into the TLS session data again. Because of >> this, the third connection to a particular server is not properly resumed >> because the session data is missing the TLS tickets. >> I can change the code to only cache the session data if the session was >> not resumed, but I'd like to know if this is the correct thing to do or >> if gnutls should instead always store the TLS tickets in the session >> data? > > This was the intention. The data should be saved when in non-resumed > sessions only. I'll try to make that clean in the documentation, if > you have any suggestions on that matter, they are welcome. >
Thanks for clearing that up. I would suggest something like: "gnutls_session_get_data2 should be used to cache session data only when a session is created, i.e. when gnutls_session_is_resumed returns false." _______________________________________________ Gnutls-help mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-help
