-
Up to now, a GTlsClientConnectionGnutls' session ID was built only from the address and port. This led to overly aggressive caching of the TLS session data and ignored the set client certificate of any subsequent connection to the same server/port. Move computation of the session ID from _constructed() to _begin_handshake() when we actually need it; at that point we have the client certificate already set. Append the certificate's hash to the session ID to disambiguate connections with different client certificates while still retaining the caching for multiple connections with the same cert. Add a second client certificate with a different modulus to the test files and expand the connection /tls/connection/client-auth* tests to cover this case. Also extend /tls/connection/client-auth-failure to do a connection with a good certificate after a failed attempt without a cert, to ensure that our session caching doesn't attempt to re-use the failed session for that. https://bugzilla.gnome.org/show_bug.cgi?id=781578
8da92fd6