TlsSocket.Negotiate: TlsException: This session was already added into session cache

0 votes
asked Jun 15, 2012 by SMI (150 points)
edited Nov 2, 2012

I have a server side program that I want to protect with TLS. To do this I am creating a TlsSocket from a standard C# socket created by Socket.EndAccept:

tlsSocket = new TlsSocket(acceptedSocket);  
tlsSocket.Parameters.AllowedSuites = TlsCipherSuite.Secure;  
tlsSocket.Parameters.CertificatePolicy = TlsCertificatePolicy.NoClientCertificate;  
tlsSocket.Parameters.Certificate = CertificateChain.BuildFrom(serverCert);  
tlsSocket.Parameters.CommonName = "";  
tlsSocket.Parameters.Entity = TlsConnectionEnd.Server;  

The Negotiate call throws a TlsException:

Rebex.Net.TlsException: This session was already added into session cache. --->   System.ArgumentException: This session was already added into session cache.  
   at Rebex.Net.TlsSession.uAZzG(String , TlsSession )  
   at wWGvS.AsKBXeZ.ByBAdgZ(Byte[] , Int32 , Int32 , cEEfuOZ )  
   at wWGvS.AsKBXeZ.OnHandshakeReceived(Byte[] buffer, Int32 offset, Int32 count)  
   at wWGvS.ckSCApZ.CzzDw(Byte[] , Int32 , Int32 )  
   at wWGvS.ckSCApZ.cDtmAOZ()  
   --- End of inner exception stack trace ---  
   at wWGvS.ckSCApZ.cDtmAOZ()  
   at wWGvS.ckSCApZ.ArwjUr()  
   at Rebex.Net.TlsSocket.Negotiate()

If I don't call Negotiate then the socket works fine and I can send and receive data (just insecurely). I have tried messing around with the Session Property of the parameters without success.

What I am missing?

1 Answer

0 votes
answered Jun 15, 2012 by Lukas Pokorny (128,250 points)
edited Nov 2, 2012
Best answer

Update: This was fixed in 2012 R3, disabling the session cache is no longer needed.

Thanks for reporting this issue, we will look into it.

In the meantime, please try disabling session caching by adding the following line:

tlsSocket.Parameters.Options |= TlsOptions.DoNotCacheSessions;

Does it work then?

commented Jun 15, 2012 by SMI (150 points)
edited Jun 15, 2012

Thanks for that, I didn't notice that option.