On Tue, 2 Dec 2025 14:47:00 GMT, Daniel Jeliński <[email protected]> wrote:
>> @djelinski would you think such a negative test is needed here? > >> On the other hand, should we then add a negative test with a certificate >> that doesn't have a SAN extension (or the 127.0.0.1 ipv4 address in it), >> that should fail in the HostnameVerifier when the 'https://127.0.0.1/' is >> requested? > > No, such test would fail whether we use setServerNames or not. > > I think @vy is asking for a check that the SSLParameters passed to > SSLSocket#setSSLParameters have no serverNames configured. That should be > reasonably easy to do. @djelinski @vy We could check the SSL parameters of the internal SSLSocket if the wrapper socket factory passed the inner SSLSocket to the caller. Please take a look at the updated test. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/28577#discussion_r2583227229
