[RFR] 8214440: ldap over a TLS connection negotiate failed with "javax.net.ssl.SSLPeerUnverifiedException: hostname of the server '' does not match the hostname in the server's certificate"
vyom tewari
vyom.tewari at oracle.com
Wed Jan 9 07:03:46 UTC 2019
Hi Rob,
Thanks for fixing this issue, please use hostname.isEmpty(), instead of
"".equal(hostname). I have a question to you, why we are converting null
to empty string("") in LdapDnsProvider ?.
If you see the java doc it tells that domainname can be null
/**
* Construct an LdapDnsProviderResult consisting of a resolved
domain name
* and the ldap server endpoints that serve the domain.
*
* @param domainName the resolved domain name; can be null.
My personal suggestion is not to replace null to empty string("") in
"LdapDnsProviderResult" either throw some exception or just pass
whatever you got in LdapDnsProviderResult constructor.
Thanks,
Vyom
On 08/01/19 10:33 PM, Rob McKenna wrote:
> Hi folks,
>
> I'd like to fix this test failure caused by 8160768.
>
> The problem is that the LdapDnsProviderResult sets the hostname to the
> empty String and gets passed to StartTlsResponseImpl.verify.
> Unfortunately StartTlsResponseImpl.verify only expects null values.
> Since null and the empty String are functionally equivalent I've added a
> check to StartTlsResponseImpl.verify to take the empty String into
> account.
>
> http://cr.openjdk.java.net/~robm/8214440/webrev.01/
>
> This was caught by an existing test which I managed to miss in my
> testing incantation.
>
> -Rob
>
More information about the core-libs-dev
mailing list