Re: A new proposal to add methods to HttpsURLConnection to access SSLSession

2018-11-02 Thread Xuelei Fan
Thanks for the review and suggestions, Chris and Sean. I just finalized the CSR. Thanks, Xuelei On 11/2/2018 5:58 AM, Chris Hegarty wrote: Thanks for the updates Xuelei, some minor comments inline.. On 1 Nov 2018, at 23:42, Xuelei Fan > wrote: On 11/1/2018 11:2

Re: Option to supply custom hostname verifier to HTTP client

2018-11-02 Thread Chris Hegarty
Thanks for the additional information, we will review it. For tracking purposes I filed the follow JIRA. It should not be confused with a commitment to add such an API point, its resolution may indeed be ‘will not fix’, but it will contain a summary and record of the discussion and ultimate conclu

Re: Option to supply custom hostname verifier to HTTP client

2018-11-02 Thread Anders Wisch
Regarding the dummy TrustManager point, in my experience trust and hostname verification are separate steps (at least in Java’s implementation of SSL). Here are some tests: @Test public void selfSignedHostnameVerified() throws Exception { assertEquals(204, getResponseCode("cn=localhost", null

Re: RFR [12] 8213296: Fix legal headers in test/jdk/java/net

2018-11-02 Thread Daniel Fuchs
Looks good. Thanks chris! -- daniel On 02/11/2018 14:36, Chris Hegarty wrote: Following Jon’s lead in the langtools area, here is a change to remove the "Classpath exception” from several test in the networking area. http://cr.openjdk.java.net/~chegar/8213296/webrev/ -Chris.

Re: RFR [12] 8213296: Fix legal headers in test/jdk/java/net

2018-11-02 Thread Alan Bateman
On 02/11/2018 14:36, Chris Hegarty wrote: Following Jon’s lead in the langtools area, here is a change to remove the "Classpath exception” from several test in the networking area. http://cr.openjdk.java.net/~chegar/8213296/webrev/ Looks okay. -Alan

RFR [12] 8213296: Fix legal headers in test/jdk/java/net

2018-11-02 Thread Chris Hegarty
Following Jon’s lead in the langtools area, here is a change to remove the "Classpath exception” from several test in the networking area. http://cr.openjdk.java.net/~chegar/8213296/webrev/ -Chris.

Re: A new proposal to add methods to HttpsURLConnection to access SSLSession

2018-11-02 Thread Chris Hegarty
Thanks for the updates Xuelei, some minor comments inline.. > On 1 Nov 2018, at 23:42, Xuelei Fan wrote: > > On 11/1/2018 11:24 AM, Sean Mullan wrote: >> On 10/31/18 11:52 AM, Chris Hegarty wrote: >>> Xuelei, >>> >>> On 30/10/18 20:55, Xuelei Fan wrote: Hi, For the current Https

Re: Option to supply custom hostname verifier to HTTP client

2018-11-02 Thread Michael McMahon
There is a fix in progress for https://bugs.openjdk.java.net/browse/JDK-8213189 which will allow the "Host" header to be overridden, along with some of the other currently restricted ones. I don't follow the other point though. With a dummy TrustManager, the contents of the server's certificat