[Bug 3363] [IcedTea7] Backport "8144566: Custom HostnameVerifier disables SNI extension"
bugzilla-daemon at icedtea.classpath.org
bugzilla-daemon at icedtea.classpath.org
Wed Apr 26 02:57:11 UTC 2017
http://icedtea.classpath.org/bugzilla/show_bug.cgi?id=3363
Andrew John Hughes <gnu.andrew at redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|ASSIGNED |RESOLVED
Resolution|--- |INVALID
--- Comment #1 from Andrew John Hughes <gnu.andrew at redhat.com> ---
Bug not present in 2.x. It only has client-side SNI support.
$ cat TestVerify.java
import java.io.IOException;
import java.net.URL;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSession;
public class TestVerify
{
public static void main(String[] args) throws IOException {
URL url = new URL("https://www.google.com");
HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
conn.setHostnameVerifier(new HostnameVerifier() {
@Override
public boolean verify(String hostname, SSLSession session) {
return true;
}
});
conn.getInputStream();
}
}
$ /usr/lib/jvm/icedtea-8/bin/java -Djavax.net.debug=ssl,handshake
TestVerify|grep server_name
$ /usr/lib/jvm/icedtea-7/bin/java -Djavax.net.debug=ssl,handshake
TestVerify|grep server_name
Extension server_name, server_name: [host_name: www.google.com]
Extension server_name, server_name: [host_name: www.google.co.uk]
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openjdk.java.net/pipermail/distro-pkg-dev/attachments/20170426/874d972f/attachment.html>
More information about the distro-pkg-dev
mailing list