-
Type:
Bug
-
Resolution: Duplicate
-
Priority:
P5
-
None
-
Affects Version/s: 1.0.2
-
Component/s: security-libs
-
None
-
generic
-
generic
public class sess {
public static void main(String args[]) throws Exception {
SSLSocketFactory sslsf =
(SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket ssls = (SSLSocket) sslsf.createSocket("localhost", 2001);
ssls.setEnableSessionCreation(false);
ssls.startHandshake();
}
}
The above should not allow any sessions to be created,
as session creation is turned off for this socket. However,
we're seeing that the session creation for the first
handshake isn't respecting this, but later ones are.
###@###.### 2002-04-10
public static void main(String args[]) throws Exception {
SSLSocketFactory sslsf =
(SSLSocketFactory) SSLSocketFactory.getDefault();
SSLSocket ssls = (SSLSocket) sslsf.createSocket("localhost", 2001);
ssls.setEnableSessionCreation(false);
ssls.startHandshake();
}
}
The above should not allow any sessions to be created,
as session creation is turned off for this socket. However,
we're seeing that the session creation for the first
handshake isn't respecting this, but later ones are.
###@###.### 2002-04-10
- duplicates
-
-
- Resolved
-