RFR: 8369950: TLS connection to IPv6 address fails with BCJSSE due to IllegalArgumentException [v2]

[Sergey Chernyshev]

On Tue, 2 Dec 2025 09:29:01 GMT, Jaikiran Pai <jpai at openjdk.org> wrote:

>> Sergey Chernyshev has updated the pull request incrementally with two additional commits since the last revision:
>> 
>>  - addressed more review comments
>>  - addressed review comments
>
> src/java.base/share/classes/sun/net/www/protocol/https/HttpsClient.java line 478:
> 
>> 476:                             !IPAddressUtil.isIPv4LiteralAddress(host) &&
>> 477:                             !(host.charAt(0) == '[' && host.charAt(host.length() - 1) == ']' &&
>> 478:                                 IPAddressUtil.isIPv6LiteralAddress(host.substring(1, host.length() - 1))
> 
> The `host` value here comes from `URL.getHost()` which specifies that it returns an IPv6 address enclosed in `[]`brackets. So what you have here looks fine to me.
> 
> One additional thing I would suggest is to make this `protected String host` field of this class `final`. It currently gets assigned in the constructor of the `HttpClient` and `HttpsClient` and making this `final` would give an extra assurance that its value will always be coming from `URL.getHost()` call. 
> 
> These 2 `sun.net.www.http.HttpClient` and `HttpsClient` classes are internal to the JDK, so changing this protected field to final shouldn't cause any issues for application code.

@jaikiran I think this deserves a separate issue. I could file a bug for this.

-------------

PR Review Comment: https://git.openjdk.org/jdk/pull/28577#discussion_r2580621085