- Inspired by Michael Smith's session id fix for OpenSSL, I did the

  corresponding fix in the GnuTLS code: make sure to store the new session id
  in case the re-used one is rejected.

3 files changed, 32 insertions, 8 deletions

diff --git a/CHANGES b/CHANGES
index e1bea9fc8..db8191351 100644
--- a/CHANGES
+++ b/CHANGES
@@ -6,6 +6,11 @@
 
                                   Changelog
 
+Daniel Stenberg (5 May 2009)
+- Inspired by Michael Smith's session id fix for OpenSSL, I did the
+  corresponding fix in the GnuTLS code: make sure to store the new session id
+  in case the previous re-used one is rejected.
+
 Daniel Stenberg (4 May 2009)
 - Michael Smith posted bug report #2786255
   (http://curl.haxx.se/bug/view.cgi?id=2786255) with a patch, identifying how
diff --git a/RELEASE-NOTES b/RELEASE-NOTES
index af2197c8e..1d4dee3eb 100644
--- a/RELEASE-NOTES
+++ b/RELEASE-NOTES
@@ -39,7 +39,7 @@ This release includes the following bugfixes:
  o TFTP problems after a failed transfer to the same host
  o improved out of the box TPF compatibility
  o HTTP PUT protocol line endings portions mangled from CRLF to CRCRLF
- o Rejected SSL session ids are killed properly (for OpenSSL builds)
+ o Rejected SSL session ids are killed properly (for OpenSSL and GnuTLS builds)
 
 This release includes the following known bugs:
 
diff --git a/lib/gtls.c b/lib/gtls.c
index 70b1b2510..f07854245 100644
--- a/lib/gtls.c
+++ b/lib/gtls.c
@@ -588,20 +588,39 @@ Curl_gtls_connect(struct connectdata *conn,
 
   conn->ssl[sockindex].state = ssl_connection_complete;
 
-  if(!ssl_sessionid) {
-    /* this session was not previously in the cache, add it now */
+  {
+    /* we always unconditionally get the session id here, as even if we
+       already got it from the cache and asked to use it in the connection, it
+       might've been rejected and then a new one is in use now and we need to
+       detect that. */
+    void *connect_sessionid;
+    size_t connect_idsize;
 
     /* get the session ID data size */
-    gnutls_session_get_data(session, NULL, &ssl_idsize);
-    ssl_sessionid = malloc(ssl_idsize); /* get a buffer for it */
+    gnutls_session_get_data(session, NULL, &connect_idsize);
+    connect_sessionid = malloc(connect_idsize); /* get a buffer for it */
 
-    if(ssl_sessionid) {
+    if(connect_sessionid) {
       /* extract session ID to the allocated buffer */
-      gnutls_session_get_data(session, ssl_sessionid, &ssl_idsize);
+      gnutls_session_get_data(session, connect_sessionid, &connect_idsize);
+
+      if(ssl_sessionid &&
+         ((connect_idsize != ssl_idsize) ||
+          memcmp(connect_sessionid, ssl_sessionid, ssl_idsize)))
+        /* there was one before in the cache, but without the same size or
+           with different contents so delete the old one */
+        Curl_ssl_delsessionid(conn, ssl_sessionid);
+      else if(ssl_sessionid) {
+        /* it was in the cache and its the same one now, just leave it */
+        free(connect_sessionid);
+        return CURLE_OK;
+      }
+
 
       /* store this session id */
-      return Curl_ssl_addsessionid(conn, ssl_sessionid, ssl_idsize);
+      return Curl_ssl_addsessionid(conn, connect_sessionid, connect_idsize);
     }
+
   }
 
   return CURLE_OK;