Uploaded image for project: 'JDK'
  1. JDK
  2. JDK-4966250

SSLSessionContext.setSessionTimeout() documentation could be updated

XMLWordPrintable



      Name: ktR10099 Date: 12/10/2003



      According to the spec for
      javax.net.ssl.SSLSessionContext.setSessionTimeout(int seconds) "If the
      timeout limit is set to 't' seconds, a session exceeds the timeout limit
      't' seconds after its creation time. When the timeout limit is exceeded
      for a session, the SSLSession object is invalidated..." Please find below
      example, demonstrating that this does not work for current java
      implementation. session.isValid() should return false after timeout, but
      it still returns true.
      -----------------------------test141.java-------------------------
      import java.net.InetAddress;
      import javax.net.ssl.*;
      import java.io.*;
      import java.security.cert.CertificateException;
      import java.security.*;

      public class test141 {
          static KeyStore ks = null;
          static String ksPassword = "DukesSecretPassword";
          static char[] passphrase = ksPassword.toCharArray();

          public static SSLSocketFactory socketfactory = null;
          static SSLServerSocketFactory serversocketfactory = null;

          public static void main(String[] args) {
      try {
      ks = KeyStore.getInstance("JKS");
                  System.out.println("Got keystore instance");
      } catch (KeyStoreException kse) {
                  System.out.println(kse);
      }
              try {
                  // please use "testkeys" used by ssl tests in JCK
                  ks.load(new FileInputStream("testkeys"), passphrase);
                  System.out.println("Keystore loaded");
              } catch (IOException ioe) {
                  System.out.println(ioe);
              } catch (NoSuchAlgorithmException nsae) {
                  System.out.println(nsae);
              } catch (CertificateException ce) {
                  System.out.println(ce);
              }
              SSLContextInit("SSL");
              try {
                  SSLServerSocket ss = (SSLServerSocket)serversocketfactory.createServerSocket(8765);
                  System.out.println("SSLServerSocket");
                  Client client = new Client(8765);
                  client.start();
                  SSLSocket s = (SSLSocket)ss.accept();
                  BufferedReader is =
      new BufferedReader(new InputStreamReader(s.getInputStream()));
                  String res = is.readLine();
                  System.out.println("1 Server got: " + res);
                  res = is.readLine();
                  System.out.println("2 Server got: " + res);
              } catch (Exception e) {
                  System.out.println(e);
              }
              System.out.println("Finished");
          }

          public static void SSLContextInit (String protocol) {
      boolean status = true;
      SSLContext ctx = null;
      KeyManagerFactory kmf = null;
      TrustManagerFactory tmf = null;

      try {
                  ctx = SSLContext.getInstance(protocol);
      kmf = KeyManagerFactory.getInstance("SunX509");
      tmf = TrustManagerFactory.getInstance("SunX509");
      kmf.init(ks, passphrase);
      tmf.init(ks);
      } catch (NoSuchAlgorithmException nase) {
                  System.out.println(nase);
      } catch (KeyStoreException kse) {
                  System.out.println(kse);
      } catch (UnrecoverableKeyException uke) {
                  System.out.println(uke);
      }

      try {
                  ctx.init(kmf.getKeyManagers(),
      tmf.getTrustManagers(),
      new SecureRandom());
                  socketfactory = ctx.getSocketFactory();
                  serversocketfactory = ctx.getServerSocketFactory();
      } catch (KeyManagementException kme) {
                  System.out.println(kme);
      }
          }
      }

      class Client extends Thread {
          int remotePort;
          SSLSocket s;

          public Client(int portToConnectTo) {
              remotePort = portToConnectTo;
          }

          public void run() {
              System.out.println("Client started");
              try {
      InetAddress address = InetAddress.getLocalHost();
      SSLSocketFactory sf = test141.socketfactory;
      s = (SSLSocket) sf.createSocket(address, remotePort);
                  SSLSession session = s.getSession();
                  SSLSessionContext context = session.getSessionContext();
                  BufferedWriter os =
      new BufferedWriter(new OutputStreamWriter(s.getOutputStream()));
                  System.out.println("Client ready ... now sending the message.");
                  String response = "Response from client";
                  os.write(response, 0, response.length());
                  os.newLine();
                  os.flush();
                  if (context != null) {
                      context.setSessionTimeout(1);
                      System.out.println("Timeout set");
                      Thread.sleep(5000);
                      System.out.println("Pause completed");
                      System.out.println("isValid() returns " + session.isValid());
                      os.write(response, 0, response.length());
                      os.newLine();
                      os.flush();
                  } else {
                      System.out.println("Context is null");
                  }
              } catch (Exception e) {
                  System.out.println(e);
              }
              System.out.println("Client finished");
          }
      }
      ------------------------output of test141------------------------
      java full version "1.5.0-beta-b30"
      Got keystore instance
      Keystore loaded
      SSLServerSocket
      Client started
      Client ready ... now sending the message.
      Timeout set
      1 Server got: Response from client
      Pause completed
      isValid() returns true
      Client finished
      2 Server got: Response from client
      Finished
      -------------------------------------------------------------------
      ======================================================================

            mpowers Mark Powers
            kvtsunw Kvt Kvt (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved:
              Imported:
              Indexed: