On Wed, 3 Mar 2021 08:51:13 GMT, Vyom Tewari <vtew...@openjdk.org> wrote:
>>> > HttpsURLConnection, works with SunJSSE provider but does not work with
>>> > other JSSE provider. In case of SunJSSE , HttpsURLConnection set the host
>>> > name as follows
>>> > s = (SSLSocket)serverSocket;
>>> > if (s instanceof SSLSocketImpl) {
>>> > ((SSLSocketImpl)s).setHost(host);
>>> > }
>>>
>>> Did you copy the code/lines above from
>>> src/java.base/share/classes/sun/net/www/protocol/https/HttpsClient.java?
>>> This is the file you updated in the pull request. If I read the updated
>>> file right, the line numbers are from 455 to 458. If the socket is an
>>> instance of SSLSocketImpl, the host is set here.
>>>
>>> > But in case of other providers(BouncyCastleProvider ) host will not get
>>> > set and "java.security.cert.CertificateException: No subject alternative
>>> > name found matching IP address" exception will be thrown.
>>
>> thanks for pointing me out. yes you are right in case of SSLSocketImpl
>> host will set twice. I will do the changes and update the PR.
>
> update the PR and incorporated the review comment suggested by Xuelei.
Vyom, can you provide, or point to a test that exercises the code paths that
have been changed? And also some new test that would fail before the fix and
pass after?
best regards,
-- daniel
-------------
PR: https://git.openjdk.java.net/jdk/pull/2583
