[
https://issues.apache.org/jira/browse/CXF-8415?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17273822#comment-17273822
]
Freeman Yue Fang commented on CXF-8415:
---------------------------------------
Hi [~reta],
That change was introduced to resolve a TTL problem during SSL for early
OpenJDK 11 version. Since I can't see this version in latest OpenJDK 11(also in
OpenJDK 14), I reverted that change.
Cheers
Freeman
> DefaultHostnameVerifier fails with HttpCore NIO
> -----------------------------------------------
>
> Key: CXF-8415
> URL: https://issues.apache.org/jira/browse/CXF-8415
> Project: CXF
> Issue Type: Bug
> Affects Versions: 3.4.1
> Environment: CXF version 3.4.1
> httpcore-nio version 4.4.13
> httpasyncclient version 4.1.4
> Reporter: Per-Ivar Bakke
> Assignee: Freeman Yue Fang
> Priority: Major
>
> DefaultHostnameVerifier throws RuntimeException causing the IOReactor in
> HttpCore NIO to die. I have registered an issue on Apache HttpCore NIO
> HTTPCORE-660, but I really think this should be fixed in CXF.
> Please not that the [line in
> question|https://github.com/apache/cxf/blob/master/rt/transports/http/src/main/java/org/apache/cxf/transport/https/httpclient/DefaultHostnameVerifier.java#L98]
> was changed from returning false to throwing RuntimeException as part of
> [CXF-7876|https://issues.apache.org/jira/browse/CXF-7876]. But, maybe a
> better approach would be to not catch the SSLException. This will not kill
> the IOReactor in HttpCore NIO.
> *Steps to reproduce*
> # Configure CXF to use [asynchronous client http
> transport|https://cxf.apache.org/docs/asynchronous-client-http-transport.html]
> # Test towards a server having a certificate with non-matching host (for
> instance [wrong.host.badssl.com|https://wrong.host.badssl.com/])
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
