Code review of JDK-8072385, Only the first DNSName entry is checked for endpoint identification

Xuelei Fan at
Wed Mar 4 14:51:17 UTC 2015


Please review the fix for:

In SunJSSE implementation, during endpoint identification, there is a
bug in SubjectAlternativeName matching that only the fist DNSName are
checked. As may impact some business where host-name alias are used.

The patch is attached.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: ClientHandshaker.patch
Type: text/x-patch
Size: 5798 bytes
Desc: not available
URL: <>

More information about the security-dev mailing list