[Bug 3363] New: [IcedTea7] Backport "8144566: Custom HostnameVerifier disables SNI extension"

classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 3363] New: [IcedTea7] Backport "8144566: Custom HostnameVerifier disables SNI extension"

bugzilla-daemon
Bug ID 3363
Summary [IcedTea7] Backport "8144566: Custom HostnameVerifier disables SNI extension"
Product IcedTea
Version 7-hg
Hardware all
OS All
Status NEW
Severity normal
Priority P5
Component IcedTea
Assignee gnu.andrew@redhat.com
Reporter gnu.andrew@redhat.com
CC unassigned@icedtea.classpath.org

Clone of bug 3352 for 2.x.


You are receiving this mail because:
  • You are on the CC list for the bug.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 3363] [IcedTea7] Backport "8144566: Custom HostnameVerifier disables SNI extension"

bugzilla-daemon
[hidden email] changed bug 3363
What Removed Added
Status NEW ASSIGNED
Target Milestone --- 2.6.10


You are receiving this mail because:
  • You are on the CC list for the bug.
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

[Bug 3363] [IcedTea7] Backport "8144566: Custom HostnameVerifier disables SNI extension"

bugzilla-daemon
In reply to this post by bugzilla-daemon
[hidden email] changed bug 3363
What Removed Added
Status ASSIGNED RESOLVED
Resolution --- INVALID

Comment # 1 on bug 3363 from [hidden email]
Bug not present in 2.x. It only has client-side SNI support.

$ cat TestVerify.java
import java.io.IOException;
import java.net.URL;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSession;

public class TestVerify
{
    public static void main(String[] args) throws IOException {
        URL url = new URL("https://www.google.com");
        HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
        conn.setHostnameVerifier(new HostnameVerifier() {
             @Override
             public boolean verify(String hostname, SSLSession session) {
                 return true;
             }
        });
        conn.getInputStream();
    }
}

$ /usr/lib/jvm/icedtea-8/bin/java -Djavax.net.debug=ssl,handshake
TestVerify|grep server_name
$ /usr/lib/jvm/icedtea-7/bin/java -Djavax.net.debug=ssl,handshake
TestVerify|grep server_name
Extension server_name, server_name: [host_name: www.google.com]
Extension server_name, server_name: [host_name: www.google.co.uk]


You are receiving this mail because:
  • You are on the CC list for the bug.
Loading...