Code review of JDK-8072385, Only the first DNSName entry is checked for endpoint identification
Xuelei Fan
xuelei.fan at oracle.com
Wed Mar 4 14:51:17 UTC 2015
Hi,
Please review the fix for:
https://bugs.openjdk.java.net/browse/JDK-8072385
In SunJSSE implementation, during endpoint identification, there is a
bug in SubjectAlternativeName matching that only the fist DNSName are
checked. As may impact some business where host-name alias are used.
The patch is attached.
Thanks,
Xuelei
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ClientHandshaker.patch
Type: text/x-patch
Size: 5798 bytes
Desc: not available
URL: <https://mail.openjdk.org/pipermail/security-dev/attachments/20150304/c87c08b5/ClientHandshaker.patch>
More information about the security-dev
mailing list