RFR: 8349910: Implement JEP 517: HTTP/3 for the HTTP Client API [v9]
Daniel Fuchs
dfuchs at openjdk.org
Thu Jun 26 18:13:40 UTC 2025
On Thu, 26 Jun 2025 17:36:21 GMT, Daniel Jeliński <djelinski at openjdk.org> wrote:
>> src/java.base/share/classes/jdk/internal/net/quic/QuicTLSContext.java line 70:
>>
>>> 68: if (!(underlyingImpl instanceof SSLContextImpl ssci)) {
>>> 69: return false;
>>> 70: }
>>
>> Would there be a way to check the implementation of the X509TrustManager here too? Or can we only do that later on during the handshake?
>
> that's what the `isUsableWithQuic` method below does.
Oh! I had missed that. Very good then!
>> src/java.base/share/classes/jdk/internal/net/quic/QuicTLSContext.java line 126:
>>
>>> 124: *
>>> 125: * @param peerHost The peer hostname or IP address. Can be null.
>>> 126: * @param peerPort The peer port, can be -1 if the port is unknown
>>
>> Would that be the hostname in the URI, or in the AltService?
>> Maybe we could add an `@apiNote` here to clarify it.
>
> Well the javadoc here was written to match the one on SSLContext#createSSLEngine. The peer information is used for caching, but it's also used in the SNI extension, so ideally users should use the URI address, not the alt service one.
OK. Maybe that would deserve a note - since with HTTP/3 we have potentially two addresses and two ports.
-------------
PR Review Comment: https://git.openjdk.org/jdk/pull/24751#discussion_r2169650283
PR Review Comment: https://git.openjdk.org/jdk/pull/24751#discussion_r2169653256
More information about the net-dev
mailing list