JDK-8020842 : IDN do not throw IAE when hostname ends with a trailing dot
  • Type: Bug
  • Component: core-libs
  • Sub-Component: java.net
  • Affected Version: 8
  • Priority: P2
  • Status: Closed
  • Resolution: Fixed
  • Submitted: 2013-07-18
  • Updated: 2018-08-27
  • Resolved: 2013-08-20
The Version table provides details related to the release that this issue/RFE will be addressed.

Unresolved : Release in which this issue/RFE will be addressed.
Resolved: Release in which this issue/RFE has been resolved.
Fixed : Release in which this issue/RFE has been fixed. The release containing this fix may be available for download as an Early Access Release or a General Availability Release.

To download the current JDK release, click here.
JDK 7 JDK 8 Other
7u181Resolved 8 b105Fixed openjdk7uFixed
Related Reports
Duplicate :  
JDK-8022756 - IDN cannot handle "." properly
Duplicate :  
JDK-6894622 - IDN.toASCII and .toUnicode remove trailing dot
Duplicate :  
JDK-8022758 - IDN.toASCII() does not throw IAE for "example..com".
Duplicate :  
JDK-8022757 - IDN.toASCII("example.com.") returns "example.com", no tailing dot
Description
According to the spec, The SNIHostName constructors should throw an IllegalArgumentException when the hostname ends with a trailing dot.  The exception is not being thrown.  
This leads to 2 JCK test failures:
 api/javax_net/ssl/SNIHostName/index.html#Constructor[testTrailingDot]
 api/javax_net/ssl/SNIHostName/index.html#ConstructorEncoded[testTrailingDot]
Comments
provided test are passed in B106 and B107
11-09-2013
"com." and "." are valid IDN, but not valid SNI. The underlying IDN.toASCII() returns "com" for "com.", and throws StringIndexOutOfBoundsException for ".". SNIHostName does not handle the behavior of IDN correctly. If IDN.toASCII() returns "com." with tailing dot, and "." for ".", the current SNIHostName implementation is able to throw IAE. The issue can be fixed in IDN.
20-08-2013
Tests api/javax_net/ssl/SNIHostName/index.html#Constructor[testNotValidName] api/javax_net/ssl/SNIHostName/index.html#ConstructorEncoded[testNotValidName] will fail. These tests are using "example\u3003\u3002com" and "example..com",
12-08-2013
The spec for public SNIHostName(String hostname) states: Throws IllegalArgumentException - if hostname is illegal The hostname argument is illegal if it: .....hostname ends with a trailing dot, And the spec for public SNIHostName(byte[] encoded) states: Throws IllegalArgumentException - if encoded is illegal The encoded argument is illegal if it:.....encoded ends with a trailing dot, We can easily resolve this bug by removing the "hostname ends with a trailing dot," and "encoded ends with a trailing dot," parts of the spec. It would be good if you could provide an example of a non-valid Internationalized Domain Name (IDN) (compliant with the RFC 3490 specification).
09-08-2013
"com." and "." are valid IDN according the IDN and domain name specifications.
09-08-2013
It's a P2, I will look into the issue and ask for review from networking team.
06-08-2013
tests: Case 1: String host = IDN.toASCII(".", IDN.USE_STD3_ASCII_RULES); Exception in thread "main" java.lang.StringIndexOutOfBoundsException: String index out of range: 0 at java.lang.StringBuffer.charAt(StringBuffer.java:204) at java.net.IDN.toASCIIInternal(IDN.java:279) at java.net.IDN.toASCII(IDN.java:118) Case 2: String host = IDN.toASCII("com.", IDN.USE_STD3_ASCII_RULES); Looks like the IDN does not check the hostname parameter strictly. We can strict the check in SNIHostname, but before that move the bug to java.net for further evaluation whether it does not comply to IDN specification.
25-07-2013
No exception is thrown when "havedot.oracle.com." or "com." are used for input to the constructors. A StringIndexOutOfBoundsException is thrown when "." is input to the SNIHostName(String) constructor. An IllegalArgumentException is thrown by the SNIHostName(byte[]) constructor.
22-07-2013