On Mon, 6 Dec 2021 21:27:48 GMT, Michael McMahon <micha...@openjdk.org> wrote:
> This updates the testkeys keystore file used by SimpleSSLContext in the test
> tree, in order to add subject alt names for the literal IP addresses
> "127.0.0.1" and "::1". This should allow the self signed certificate in the
> keystore to be accepted even when the local OS doesn't have a localhost to
> loopback address name service mapping.
>
> Apart from the test, there's nothing to see in the webrev as it's a binary
> file. Here is the relevant diff between the list output from the old and new
> keystores
>
> 24c24,31
> < #1: ObjectId: 2.5.29.14 Criticality=false
> ---
>> #1: ObjectId: 2.5.29.17 Criticality=true
>> SubjectAlternativeName [
>> DNSName: localhost
>> IPAddress: 127.0.0.1
>> IPAddress: 0:0:0:0:0:0:0:1
>> ]
>>
test/jdk/com/sun/net/httpserver/SANTest.java line 77:
> 75: int port1 = s1.getAddress().getPort();
> 76: int port2 = s2.getAddress().getPort();
> 77: test ("127.0.0.1", root+"/test1", port2, "smallfile.txt", 23);
Maybe this test should use `IPSupport::hasIPv4` and `IPSupport::hasIPv6` to
figure out which addresses can be tested on a particular machine.
-------------
PR: https://git.openjdk.java.net/jdk/pull/6727
