-
Type:
Bug
-
Resolution: Fixed
-
Priority:
P3
-
Affects Version/s: 16, 17
-
Component/s: security-libs
-
b13
The constructor SNIHostName(byte[] encoded) should check if the encoded hostname conform to RFC 3490.
@@ -173,7 +173,8 @@ public final class SNIHostName extends SNIServerName {
.onUnmappableCharacter(CodingErrorAction.REPORT);
this.hostname = IDN.toASCII(
- decoder.decode(ByteBuffer.wrap(encoded)).toString());
+ decoder.decode(ByteBuffer.wrap(encoded)).toString(), IDN.USE_STD3_ASCII_RULES);
@@ -173,7 +173,8 @@ public final class SNIHostName extends SNIServerName {
.onUnmappableCharacter(CodingErrorAction.REPORT);
this.hostname = IDN.toASCII(
- decoder.decode(ByteBuffer.wrap(encoded)).toString());
+ decoder.decode(ByteBuffer.wrap(encoded)).toString(), IDN.USE_STD3_ASCII_RULES);
