Code Review Request 8144566, Custom HostnameVerifier disables SNI extension

Bradford Wetmore bradford.wetmore at oracle.com
Tue Dec 8 00:21:09 UTC 2015


Please see my comment in the bug.  I haven't verified this, but it seems 
the problem might be generic to the codepath through SSLSocket, not just 
Https.

Brad





On 12/6/2015 4:32 AM, Xuelei Fan wrote:
> Hi,
>
> Please review the update for JDK-8144566:
>
>     http://cr.openjdk.java.net/~xuelei/8144566/webrev.00/
>
> For HttpsURLConnection, the server name may be set after the TLS
> connection and handshake has been initialized.  As may result in that
> the server name does not present at TLS ClientHello messages.
>
> This fix resets the server name for the initialized handshake for above
> cases.
>
> Thanks,
> Xuelei
>


More information about the security-dev mailing list