Name: ktR10099 Date: 12/10/2003



According to the spec for
javax.net.ssl.SSLSessionContext.setSessionTimeout(int seconds) "If the
timeout limit is set to 't' seconds, a session exceeds the timeout limit
't' seconds after its creation time. When the timeout limit is exceeded
for a session, the SSLSession object is invalidated..." Please find below
example, demonstrating that this does not work for current java
implementation. session.isValid() should return false after timeout, but
it still returns true.
-----------------------------test141.java-------------------------
import java.net.InetAddress;
import javax.net.ssl.*;
import java.io.*;
import java.security.cert.CertificateException;
import java.security.*;

public class test141 {
    static KeyStore ks = null;
    static String ksPassword = "DukesSecretPassword";
    static char[] passphrase = ksPassword.toCharArray();

    public static SSLSocketFactory socketfactory = null;
    static SSLServerSocketFactory serversocketfactory = null;

    public static void main(String[] args) {
try {
ks = KeyStore.getInstance("JKS");
            System.out.println("Got keystore instance");
} catch (KeyStoreException kse) {
            System.out.println(kse);
}
        try {
            // please use "testkeys" used by ssl tests in JCK
            ks.load(new FileInputStream("testkeys"), passphrase);
            System.out.println("Keystore loaded");
        } catch (IOException ioe) {
            System.out.println(ioe);
        } catch (NoSuchAlgorithmException nsae) {
            System.out.println(nsae);
        } catch (CertificateException ce) {
            System.out.println(ce);
        }
        SSLContextInit("SSL");
        try {
            SSLServerSocket ss = (SSLServerSocket)serversocketfactory.createServerSocket(8765);
            System.out.println("SSLServerSocket");
            Client client = new Client(8765);
            client.start();
            SSLSocket s = (SSLSocket)ss.accept();
            BufferedReader is =
new BufferedReader(new InputStreamReader(s.getInputStream()));
            String res = is.readLine();
            System.out.println("1 Server got: " + res);
            res = is.readLine();
            System.out.println("2 Server got: " + res);
        } catch (Exception e) {
            System.out.println(e);
        }
        System.out.println("Finished");
    }

    public static void SSLContextInit (String protocol) {
boolean status = true;
SSLContext ctx = null;
KeyManagerFactory kmf = null;
TrustManagerFactory tmf = null;

try {
            ctx = SSLContext.getInstance(protocol);
kmf = KeyManagerFactory.getInstance("SunX509");
tmf = TrustManagerFactory.getInstance("SunX509");
kmf.init(ks, passphrase);
tmf.init(ks);
} catch (NoSuchAlgorithmException nase) {
            System.out.println(nase);
} catch (KeyStoreException kse) {
            System.out.println(kse);
} catch (UnrecoverableKeyException uke) {
            System.out.println(uke);
}

try {
            ctx.init(kmf.getKeyManagers(),
tmf.getTrustManagers(),
new SecureRandom());
            socketfactory = ctx.getSocketFactory();
            serversocketfactory = ctx.getServerSocketFactory();
} catch (KeyManagementException kme) {
            System.out.println(kme);
}
    }
}

class Client extends Thread {
    int remotePort;
    SSLSocket s;

    public Client(int portToConnectTo) {
        remotePort = portToConnectTo;
    }

    public void run() {
        System.out.println("Client started");
        try {
InetAddress address = InetAddress.getLocalHost();
SSLSocketFactory sf = test141.socketfactory;
s = (SSLSocket) sf.createSocket(address, remotePort);
            SSLSession session = s.getSession();
            SSLSessionContext context = session.getSessionContext();
            BufferedWriter os =
new BufferedWriter(new OutputStreamWriter(s.getOutputStream()));
            System.out.println("Client ready ... now sending the message.");
            String response = "Response from client";
            os.write(response, 0, response.length());
            os.newLine();
            os.flush();
            if (context != null) {
                context.setSessionTimeout(1);
                System.out.println("Timeout set");
                Thread.sleep(5000);
                System.out.println("Pause completed");
                System.out.println("isValid() returns " + session.isValid());
                os.write(response, 0, response.length());
                os.newLine();
                os.flush();
            } else {
                System.out.println("Context is null");
            }
        } catch (Exception e) {
            System.out.println(e);
        }
        System.out.println("Client finished");
    }
}
------------------------output of test141------------------------
java full version "1.5.0-beta-b30"
Got keystore instance
Keystore loaded
SSLServerSocket
Client started
Client ready ... now sending the message.
Timeout set
1 Server got: Response from client
Pause completed
isValid() returns true
Client finished
2 Server got: Response from client
Finished
-------------------------------------------------------------------
======================================================================