projects / platform / upstream / glib-networking.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d424a70)
TLS: Only cache session data if a session was not resumed 19/73419/2 accepted/tizen/3.0/ivi/20161011.044006 accepted/tizen/3.0/mobile/20161015.033015 accepted/tizen/3.0/tv/20161016.004455 accepted/tizen/3.0/wearable/20161015.082657 accepted/tizen/common/20160608.160926 accepted/tizen/ivi/20160609.090753 accepted/tizen/mobile/20160609.090614 accepted/tizen/tv/20160609.090731 accepted/tizen/wearable/20160609.090714 submit/tizen/20160608.101452 submit/tizen_3.0_common/20161104.104000 submit/tizen_3.0_ivi/20161010.000002 submit/tizen_3.0_mobile/20161015.000002 submit/tizen_3.0_tv/20161015.000002 submit/tizen_3.0_wearable/20161015.000002
authorSeonah Moon <seonah1.moon@samsung.com>
Tue, 29 Mar 2016 04:59:01 +0000 (13:59 +0900)
committerseonah moon <seonah1.moon@samsung.com>
Wed, 8 Jun 2016 05:44:22 +0000 (22:44 -0700)
As per the upstream discussion [1], session data should only be
stored when the session is not resumed.

This affects resuming sessions when using TLS tickets, since they
are not stored in the session data after a save/resume cycle.

[1] http://lists.gnutls.org/pipermail/gnutls-help/2015-February/003760.html

https://bugzilla.gnome.org/show_bug.cgi?id=745099

Change-Id: Ic9bc0381ed18d37b55cf1fbc49663cbb611ff328
Signed-off-by: Seonah Moon <seonah1.moon@samsung.com>
tls/gnutls/gtlsclientconnection-gnutls.c patch | blob | history

diff --git a/tls/gnutls/gtlsclientconnection-gnutls.c b/tls/gnutls/gtlsclientconnection-gnutls.c
index 07a3a00..2bbf759 100644 (file)
--- a/tls/gnutls/gtlsclientconnection-gnutls.c
+++ b/tls/gnutls/gtlsclientconnection-gnutls.c
@@ -311,18 +311,29 @@ g_tls_client_connection_gnutls_finish_handshake (GTlsConnectionGnutls  *conn,
 
   if (gnutls->priv->session_id)
     {
-      gnutls_datum_t session_datum;
-
-      if (!*inout_error &&
-         gnutls_session_get_data2 (g_tls_connection_gnutls_get_session (conn),
-                                   &session_datum) == 0)
+      if (!*inout_error)
        {
-         GBytes *session_data = g_bytes_new_with_free_func (session_datum.data, session_datum.size,
-                                                            (GDestroyNotify)gnutls_free, session_datum.data);
-
-         g_tls_backend_gnutls_store_session (GNUTLS_CLIENT, gnutls->priv->session_id,
-                                             session_data);
-         g_bytes_unref (session_data);
+          if (!gnutls_session_is_resumed (g_tls_connection_gnutls_get_session (conn)))
+            {
+              gnutls_datum_t session_datum;
+
+              if (gnutls_session_get_data2 (g_tls_connection_gnutls_get_session (conn),
+                                            &session_datum) == 0)
+                {
+                  GBytes *session_data = g_bytes_new_with_free_func (session_datum.data,
+                                                                     session_datum.size,
+                                                                     (GDestroyNotify)gnutls_free,
+                                                                     session_datum.data);
+
+                  g_tls_backend_gnutls_store_session (GNUTLS_CLIENT,
+                                                      gnutls->priv->session_id,
+                                                      session_data);
+                  g_bytes_unref (session_data);
+                }
+              else {
+                g_tls_backend_gnutls_remove_session (GNUTLS_CLIENT, gnutls->priv->session_id);
+                         }
+            }
        }
       else
        g_tls_backend_gnutls_remove_session (GNUTLS_CLIENT, gnutls->priv->session_id);
Domain: Network & Connectivity / Data Network;