Duplicate :
|
|
Duplicate :
|
|
Duplicate :
|
|
Relates :
|
|
Relates :
|
JDK-8181791 :
|
FULL PRODUCT VERSION : java version "1.8.0_66" Java(TM) SE Runtime Environment (build 1.8.0_66-b17) Java HotSpot(TM) 64-Bit Server VM (build 25.66-b17, mixed mode) ADDITIONAL OS VERSION INFORMATION : OS X 10.11.1 A DESCRIPTION OF THE PROBLEM : Refering to JDK-8072464, which is closed due to "cannot reproduce". I wonder why your Devs can`t reproduce the problem, but I guess it because of his proxy settings. Taking the following test and grep for Extension server_name, server_name: [type=host_name (0), value=www.google.com] First method leads to intended output, second method setting hostnameverifier doesn't. import javax.net.ssl.HttpsURLConnection; import java.net.URL; public class SslTest { static { System.setProperty("javax.net.debug", "ssl,handshake"); } @Test public void testHandshake() throws Exception { URL url = new URL("https://www.google.com"); HttpsURLConnection conn = (HttpsURLConnection) url.openConnection(); conn.getInputStream(); } @Test public void testHandshakeHostnameVerifier() throws Exception { URL url = new URL("https://www.google.com"); HttpsURLConnection conn = (HttpsURLConnection) url.openConnection(); conn.setHostnameVerifier((s, sslSession) -> true); conn.getInputStream(); } } Sorry for the duplicate, but it is not possible to reopen or comment a bug. REGRESSION. Last worked in version 8u66 STEPS TO FOLLOW TO REPRODUCE THE PROBLEM : import javax.net.ssl.HttpsURLConnection; import java.net.URL; public class SslTest { static { System.setProperty("javax.net.debug", "ssl,handshake"); } @Test public void testHandshake() throws Exception { URL url = new URL("https://www.google.com"); HttpsURLConnection conn = (HttpsURLConnection) url.openConnection(); conn.getInputStream(); } @Test public void testHandshakeHostnameVerifier() throws Exception { URL url = new URL("https://www.google.com"); HttpsURLConnection conn = (HttpsURLConnection) url.openConnection(); conn.setHostnameVerifier((s, sslSession) -> true); conn.getInputStream(); } } EXPECTED VERSUS ACTUAL BEHAVIOR : EXPECTED - Use of SNI Extension in both test methods Debug Information contains: Extension server_name, server_name: [type=host_name (0), value=www.google.com] ACTUAL - SNI is used without custom host name verifier only. REPRODUCIBILITY : This bug can be reproduced always. ---------- BEGIN SOURCE ---------- import javax.net.ssl.HttpsURLConnection; import java.net.URL; public class SslTest { static { System.setProperty("javax.net.debug", "ssl,handshake"); } @Test public void testHandshake() throws Exception { URL url = new URL("https://www.google.com"); HttpsURLConnection conn = (HttpsURLConnection) url.openConnection(); conn.getInputStream(); } @Test public void testHandshakeHostnameVerifier() throws Exception { URL url = new URL("https://www.google.com"); HttpsURLConnection conn = (HttpsURLConnection) url.openConnection(); conn.setHostnameVerifier((s, sslSession) -> true); conn.getInputStream(); } } ---------- END SOURCE ----------
|