Code review request, 8020842 IDN do not throw IAE when hostname ends with a trailing dot
Xuelei Fan
xuelei.fan at oracle.com
Fri Aug 9 01:37:01 UTC 2013
On 8/9/2013 9:22 AM, Weijun Wang wrote:
> I tried nslookup. Those with ".." inside are illegal,
>
> $ nslookup com..
> nslookup: 'com..' is not a legal name (empty label)
>
> but
>
> $ nslookup .
> Server: 192.168.10.1
> Address: 192.168.10.1#53
>
> Non-authoritative answer:
> *** Can't find .: No answer
>
Thanks for the testing. The behaviors are the same as this fix now.
Learn something new today to use nslookup.
> Also, since this bug was originally about SNIHostName, do you need to
> add some extra restriction there to reject "oracle.com." things?
>
No, we cannot restrict the format of IDN in SNIHostName more than in
IDN. However, we may need to rethink about the comparing of two IDN, for
example, "example.com." should equal to "example.com". I want to
consider it in another bug.
Can I push the changeset?
Thanks,
Xuelei
> Thanks
> Max
>
> On 8/9/13 8:41 AM, Xuelei Fan wrote:
>> Ping.
>>
>> Thanks,
>> Xuelei
>>
>> On 8/7/2013 11:17 PM, Xuelei Fan wrote:
>>> Please review the new update:
>>>
>>> http://cr.openjdk.java.net./~xuelei/8020842/webrev.01/
>>>
>>> With this update, "com." is valid (return "com."); "." and
>>> "example..com" are invalid. And IAE will be thrown for invalid IDN.
>>>
>>> Thanks,
>>> Xuelei
>>>
More information about the security-dev
mailing list