-
Bug
-
Resolution: Fixed
-
P3
-
1.4.2, 5.0
-
b32
-
generic, sparc
-
generic, solaris_2.6
-
Verified
Name: ktR10099 Date: 12/09/2003
According to the spec of
javax.net.ssl.SSLSessionContext.setSessionTimeout(int seconds) the only
limitation on seconds value is that it should be non negative. Timeout
value returned by getSessionTimeout() should be the same as seconds. This
is not true for seconds = Integer.MAX_VALUE. Please find example,
demonstrating the problem, below.
-------------------------------test139.java-------------------------
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSessionContext;
public class test139 {
public static void main(String[] args) {
try {
SSLServerSocketFactory ssf = (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();
SSLServerSocket ss = (SSLServerSocket)ssf.createServerSocket();
String[] protocols = ss.getSupportedProtocols();
for (int i = 0; i < protocols.length; i++) {
try {
SSLContext sslc = SSLContext.getInstance(protocols[i]);
SSLSessionContext sslsc = sslc.getServerSessionContext();
System.out.println("Protocol: " + protocols[i]);
sslsc.setSessionTimeout(Integer.MAX_VALUE);
int newtime = sslsc.getSessionTimeout();
if (newtime != Integer.MAX_VALUE) {
System.out.println("Expected timeout: " +
Integer.MAX_VALUE + ", got instead: " +
newtime);
}
} catch (Exception e) {
}
}
} catch (Exception e) {
System.out.println(e);
}
System.out.println("Finished");
}
}
-------------------------output of test139--------------------------
java full version "1.5.0-beta-b30"
Protocol: SSLv3
Expected timeout: 2147483647, got instead: -1
Protocol: TLSv1
Expected timeout: 2147483647, got instead: -1
Finished
--------------------------------------------------------------------
======================================================================
- duplicates
-
-
- Closed
-