On Wed, 15 Apr 2026 14:55:57 GMT, Volkan Yazici <[email protected]> wrote:
> Per [RFC 6066 "3. Server Name Indication"], disallow IP literals in > `SNIHostName::new`. > > While the following two call-sites could be simplified by removing IP literal > checks, I've refrained from doing so because delegating some of the checks to > an exception catching mechanism would impact the performance: > > sun.security.ssl.Utilities::rawToSNIHostName > sun.net.www.protocol.https.HttpsClient::afterConnect > > [RFC 6066 "3. Server Name Indication"]: > https://www.rfc-editor.org/rfc/rfc6066.html#page-6 > > --------- > - [X] I confirm that I make this contribution in accordance with the [OpenJDK > Interim AI Policy](https://openjdk.org/legal/ai). We've decided to leave `SNIHostName::new` untouched, and introduce a new static factory method with stricter checks. See the CSR discussion for details. I will update the PR in this direction. ------------- PR Comment: https://git.openjdk.org/jdk/pull/30747#issuecomment-4283600457
