On Wed, 15 Apr 2026 15:17:16 GMT, Alan Bateman <[email protected]> wrote:
>> Per [RFC 6066 "3. Server Name Indication"], disallow IP literals in >> `SNIHostName::new`. >> >> While the following two call-sites could be simplified by removing IP >> literal checks, I've refrained from doing so because delegating some of the >> checks to an exception catching mechanism would impact the performance: >> >> sun.security.ssl.Utilities::rawToSNIHostName >> sun.net.www.protocol.https.HttpsClient::afterConnect >> >> [RFC 6066 "3. Server Name Indication"]: >> https://www.rfc-editor.org/rfc/rfc6066.html#page-6 >> >> --------- >> - [X] I confirm that I make this contribution in accordance with the >> [OpenJDK Interim AI Policy](https://openjdk.org/legal/ai). > > I've added the "csr" label as I think (and correct me if I have this wrong) > that javax.net.ssl.SNIHostName can now fail for cases that it didn't > previously fail. @AlanBateman, @artur-oracle, shall I put the changes up for display in the CSR? Do you have any further remarks? ------------- PR Comment: https://git.openjdk.org/jdk/pull/30747#issuecomment-4438438385
