Code Review Request 8144566, Custom HostnameVerifier disables SNI extension
Bradford Wetmore
bradford.wetmore at oracle.com
Tue Dec 8 00:21:09 UTC 2015
Please see my comment in the bug. I haven't verified this, but it seems
the problem might be generic to the codepath through SSLSocket, not just
Https.
Brad
On 12/6/2015 4:32 AM, Xuelei Fan wrote:
> Hi,
>
> Please review the update for JDK-8144566:
>
> http://cr.openjdk.java.net/~xuelei/8144566/webrev.00/
>
> For HttpsURLConnection, the server name may be set after the TLS
> connection and handshake has been initialized. As may result in that
> the server name does not present at TLS ClientHello messages.
>
> This fix resets the server name for the initialized handshake for above
> cases.
>
> Thanks,
> Xuelei
>
More information about the security-dev
mailing list