Backporting sun.security.ssl.ClientHandshaker change to jdk7u?
John.E.Gregg at wellsfargo.com
John.E.Gregg at wellsfargo.com
Tue May 19 21:31:41 UTC 2015
Hi all,
On April 10 a change was committed to jdk8u that I'd like to see backported to jdk7u. The change set is a large one: http://hg.openjdk.java.net/jdk8u/jdk8u-dev/jdk/rev/ea62ea52af27. I don't know anything about the background of the change. The checkin comment just says "Merge." I don't know where it was merged from but it seems to be a bundle of unrelated changes.
The substance of the change to sun.security.ssl.ClientHandshaker is to make the triple handshake fix check all subject alternate names of types "IP address" and "DNS" and not just the first of each. The current behavior, introduced in in 1.7.0_71 I think, is unnecessarily restrictive. I believe the change is just a single file.
Thanks
John Gregg
More information about the jdk7u-dev
mailing list