From 2c7a54bb70bbd1381375d995b14fceb261838eb8 Mon Sep 17 00:00:00 2001
From: David Woodhouse <David.Woodhouse@intel.com>
Date: Fri, 23 Sep 2016 12:33:13 +0100
Subject: [PATCH] Add session resume check for GnuTLS too

It's actually doing nothing here; no existing version of GnuTLS would
have let the session get established since we do not install any
credentials which would permit any key exchange. But it wasn't
*explicitly* prevented. And now it is.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
---
 gnutls-dtls.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/gnutls-dtls.c b/gnutls-dtls.c
index 032e522a..b0a1981d 100644
--- a/gnutls-dtls.c
+++ b/gnutls-dtls.c
@@ -312,6 +312,19 @@ int dtls_try_handshake(struct openconnect_info *vpninfo)
 	char *str;
 
 	if (!err) {
+		if (strcmp(vpninfo->dtls_cipher, "PSK-NEGOTIATE") &&
+		    !gnutls_session_is_resumed(vpninfo->dtls_ssl)) {
+			/* Someone attempting to hijack the DTLS session?
+			 * A real server would never allow a full session
+			 * establishment instead of the agreed resume. */
+			vpn_progress(vpninfo, PRG_ERR,
+				     _("DTLS session resume failed; possible MITM attack. Disabling DTLS.\n"));
+			dtls_close(vpninfo);
+			vpninfo->dtls_attempt_period = 0;
+			vpninfo->dtls_state = DTLS_DISABLED;
+			return -EIO;
+		}
+
 #ifdef HAVE_GNUTLS_DTLS_SET_DATA_MTU
 		/* Make sure GnuTLS's idea of the MTU is sufficient to take
 		   a full VPN MTU (with 1-byte header) in a data record. */
-- 
2.50.1