RFR: 8346705: SNI not sent with Java 22+ using java.net.http.HttpClient.Builder#sslParameters
Jaikiran Pai
jpai at openjdk.org
Mon Jan 6 13:19:39 UTC 2025
On Mon, 6 Jan 2025 13:07:11 GMT, Nicolas Henneaux <duke at openjdk.org> wrote:
> I'm not sure how I could validate those? Should I build fully the openjdk?
I wrongly assumed that you had experience building the JDK. If you haven't built the JDK previously, then the instructions are here https://github.com/openjdk/jdk/blob/master/doc/building.md. But it's OK if you don't want to build and test this change. I created the regression test to closely relate to what was happening in the original reproducer and I tried out one test from your project after the fix. That passed. So I think it should be fine.
> Is it expected the configured sni is ignored when detected in the hostname? I suspect other use cases when configured sni can be useful on top of the given hostname.
For this PR, I intentionally focused on merely bringing back the behaviour that was before the regression was introduced. The HttpClient currently doesn't specify how it deals with SNI server name in the presence of application configured `HttpClient.sslParameters()`. There are a couple of issues that have already been filed to look into that part - https://bugs.openjdk.org/browse/JDK-8294170 and https://bugs.openjdk.org/browse/JDK-8326315. So any work we do related to this, would be done separately through those existing issues.
-------------
PR Comment: https://git.openjdk.org/jdk/pull/22927#issuecomment-2573092213
More information about the net-dev
mailing list