use a prefix for client session cache keys

This prevents cross-protocol ticket reuse (when the same Config is used for TCP and QUIC).
quic-go · Mar 16, 2022 · 333d50b · 333d50b
1 parent 9ea6a73
commit 333d50b
Showing 1 changed file with 4 additions and 2 deletions.
diff --git a/handshake_client.go b/handshake_client.go
@@ -1079,13 +1079,15 @@ func (c *Conn) getClientCertificate(cri *CertificateRequestInfo) (*Certificate,
 	return new(Certificate), nil
 }
 
+const clientSessionCacheKeyPrefix = "qtls-"
+
 // clientSessionCacheKey returns a key used to cache sessionTickets that could
 // be used to resume previously negotiated TLS sessions with a server.
 func clientSessionCacheKey(serverAddr net.Addr, config *config) string {
 	if len(config.ServerName) > 0 {
-		return config.ServerName
+		return clientSessionCacheKeyPrefix + config.ServerName
 	}
-	return serverAddr.String()
+	return clientSessionCacheKeyPrefix + serverAddr.String()
 }
 
 // hostnameInSNI converts name into an appropriate hostname for SNI.