[JDK-8261969] SNIHostName should check if the encoded hostname conform to RFC 3490 - Java Bug System

XML

Word

Printable

Details

Type: Bug
Status: Resolved
Priority: P3
Resolution: Fixed
Affects Version/s: 16, 17
Fix Version/s: 17
Component/s: security-libs
Labels:
- tencent-interest

Subcomponent:
javax.net.ssl
Resolved In Build:
b13

Description

The constructor SNIHostName(byte[] encoded) should check if the encoded hostname conform to RFC 3490.

@@ -173,7 +173,8 @@ public final class SNIHostName extends SNIServerName {
.onUnmappableCharacter(CodingErrorAction.REPORT);

this.hostname = IDN.toASCII(
- decoder.decode(ByteBuffer.wrap(encoded)).toString());
+ decoder.decode(ByteBuffer.wrap(encoded)).toString(), IDN.USE_STD3_ASCII_RULES);

Attachments

Issue Links

links to

Commit openjdk/jdk/4f4d0f53

Review openjdk/jdk/2639

Activity

People

Assignee:: John Jiang

Reporter:: John Jiang

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 2021-02-18 09:31

Updated:: 2021-03-10 16:30

Resolved:: 2021-03-02 14:37