On Fri, 16 Jul 2021 09:16:23 GMT, Jonathan Dowland <jdowl...@openjdk.org> wrote:
> The tests `test/jdk/java/net/HttpURLConnection/HttpURLConWithProxy.java` uses > the IP address "1.1.1.1" as a value. I think at the time the address was > picked, the assumption was the address was not valid / not routable. Since > April 2018 the address is part of CloudFlare's "Free" DNS product: > <https://en.wikipedia.org/wiki/1.1.1.1>. (this test was originally written in > 2016, before the service was launched) > > I've verified using local packet captures that running the test does result > in IP traffic being sent to 1.1.1.1. (Several other tests in JDK use 1.1.1.1 > as a placeholder IP. I've checked them all and none of the others connect out > to the IP like this one) > > This PR substitutes that IP address value (and two others) for ones from a > reserved IP range (240.0.0.0/4 according to RFC 6761) which will not result > in runners of the test suit inadvertently sending IP packets to the > CloudFlare service. > > This could be invalidated again if that address range is allocated at some > point in the future. A more future-proof fix would be to bind to random ports > on localhost for each dummy proxy (as done for the target HTTP server in the > test already). I can do that if preferred. > > <https://bugs.openjdk.java.net/browse/JDK-8270553> This pull request has now been integrated. Changeset: 394ebc86 Author: Jonathan Dowland <jdowl...@openjdk.org> Committer: Daniel Fuchs <dfu...@openjdk.org> URL: https://git.openjdk.java.net/jdk/commit/394ebc8642366bc16aedde0d7f09fe4214f14cdd Stats: 5 lines in 1 file changed: 2 ins; 0 del; 3 mod 8270553: Tests should not use (real, in-use, routable) 1.1.1.1 as dummy IP value Reviewed-by: shade, dfuchs ------------- PR: https://git.openjdk.java.net/jdk/pull/4806
