On Tue, 28 Apr 2026 11:26:07 GMT, Volkan Yazici <[email protected]> wrote:
>> Per [RFC 6066 "3. Server Name Indication"], disallow IP literals in >> `SNIHostName::new`. >> >> While the following two call-sites could be simplified by removing IP >> literal checks, I've refrained from doing so because delegating some of the >> checks to an exception catching mechanism would impact the performance: >> >> sun.security.ssl.Utilities::rawToSNIHostName >> sun.net.www.protocol.https.HttpsClient::afterConnect >> >> [RFC 6066 "3. Server Name Indication"]: >> https://www.rfc-editor.org/rfc/rfc6066.html#page-6 >> >> --------- >> - [X] I confirm that I make this contribution in accordance with the >> [OpenJDK Interim AI Policy](https://openjdk.org/legal/ai). > > Volkan Yazici has updated the pull request incrementally with one additional > commit since the last revision: > > Big facelift src/java.base/share/classes/javax/net/ssl/SNIHostName.java line 125: > 123: * @deprecated Users are advised to migrate to the static factory > method > 124: * {@link #ofHostName(String) SNIHostName.of()}, which performs > stricter checks > 125: * on the provided hostname. "Users are advised" is unusual It might be better to have the deprecated message be something like "This method is not fully aligned with RFC 6066 correctly and does not reject a hostname that is an IP literal address. Using of(String) instead.". src/java.base/share/classes/javax/net/ssl/SNIHostName.java line 196: > 194: * @since 27 > 195: */ > 196: public static SNIHostName ofHostName(String hostname) { This name is okay, of(String) would be okay too. ------------- PR Review Comment: https://git.openjdk.org/jdk/pull/30747#discussion_r3154362839 PR Review Comment: https://git.openjdk.org/jdk/pull/30747#discussion_r3154365104
