RFR: 8270553: Tests should not use (real, in-use, routable) 1.1.1.1 as dummy IP value

[Daniel Fuchs]

On Fri, 16 Jul 2021 09:16:23 GMT, Jonathan Dowland <jdowland at openjdk.org> wrote:

> The tests `test/jdk/java/net/HttpURLConnection/HttpURLConWithProxy.java` uses the IP address "1.1.1.1" as a value. I think at the time the address was picked, the assumption was the address was not valid / not routable. Since April 2018 the address is part of CloudFlare's "Free" DNS product: <https://en.wikipedia.org/wiki/1.1.1.1>. (this test was originally written in 2016, before the service was launched)
> 
> I've verified using local packet captures that running the test does result in IP traffic being sent to 1.1.1.1. (Several other tests in JDK use 1.1.1.1 as a placeholder IP. I've checked them all and none of the others connect out to the IP like this one)
>  
> This PR substitutes that IP address value (and two others) for ones from a reserved IP range (240.0.0.0/4 according to RFC 6761) which will not result in runners of the test suit inadvertently sending IP packets to the CloudFlare service. 
> 
> This could be invalidated again if that address range is allocated at some point in the future. A more future-proof fix would be to bind to random ports on localhost for each dummy proxy (as done for the target HTTP server in the test already). I can do that if preferred.
> 
> <https://bugs.openjdk.java.net/browse/JDK-8270553>

Thanks for suggesting a replacement for the 1.1.1.1 address Jonathan! I have run your patch through our test system and not observed any errors caused by this patch - so from my perspective you're good to go. Could you please add a comment before the line where the `240.*` addresses are used that explains that these addresses are reserved (Class E network) and are not supposed to point to any existing endpoint?

-------------

PR: https://git.openjdk.java.net/jdk/pull/4806