Mercurial Mercurial > jdk-sandbox / diff
summary | shortlog | changelog | graph | tags | bookmarks | branches | files | changeset | file | latest | revisions | annotate | diff | comparison | raw | help
Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
src/java.base/share/classes/sun/security/util/HostnameChecker.java
branchJDK-8145252-TLS13-branch
changeset 56542 56aaa6cb3693
parent 47216 71c04702a3d5
child 56692 7b0bde908f58 
--- a/src/java.base/share/classes/sun/security/util/HostnameChecker.java	Fri May 11 14:55:56 2018 -0700
+++ b/src/java.base/share/classes/sun/security/util/HostnameChecker.java	Fri May 11 15:53:12 2018 -0700
@@ -35,9 +35,8 @@
 import javax.net.ssl.SNIHostName;
 
 import sun.net.util.IPAddressUtil;
-import sun.security.ssl.ClientKeyExchangeService;
-import sun.security.ssl.Debug;
 import sun.security.x509.X500Name;
+import sun.security.ssl.SSLLogger;
 
 /**
  * Class to check hostnames against the names specified in a certificate as
@@ -60,8 +59,6 @@
     private static final int ALTNAME_DNS = 2;
     private static final int ALTNAME_IP  = 7;
 
-    private static final Debug debug = Debug.getInstance("ssl");
-
     // the algorithm to follow to perform the check. Currently unused.
     private final byte checkType;
 
@@ -118,12 +115,15 @@
      * Return the Server name from Kerberos principal.
      */
     public static String getServerName(Principal principal) {
+/*
         ClientKeyExchangeService p =
                 ClientKeyExchangeService.find("KRB5");
         if (p == null) {
             throw new AssertionError("Kerberos should have been available");
         }
         return p.getServiceHostName(principal);
+*/
+        return null;
     }
 
     /**
@@ -316,9 +316,10 @@
                                               boolean chainsToPublicCA) {
         // not ok if it is a single wildcard character or "*."
         if (template.equals("*") || template.equals("*.")) {
-            if (debug != null) {
-                debug.println("Certificate domain name has illegal single " +
-                              "wildcard character: " + template);
+            if (SSLLogger.isOn) {
+                SSLLogger.fine(
+                    "Certificate domain name has illegal single " +
+                      "wildcard character: " + template);
             }
             return true;
         }
@@ -335,9 +336,10 @@
 
         // not ok if there is no dot after wildcard (ex: "*com")
         if (firstDotIndex == -1) {
-            if (debug != null) {
-                debug.println("Certificate domain name has illegal wildcard, " +
-                              "no dot after wildcard character: " + template);
+            if (SSLLogger.isOn) {
+                SSLLogger.fine(
+                    "Certificate domain name has illegal wildcard, " +
+                    "no dot after wildcard character: " + template);
             }
             return true;
         }
@@ -354,9 +356,10 @@
         if (rd.isPresent()) {
             String wDomain = afterWildcard.substring(firstDotIndex + 1);
             if (rd.get().publicSuffix().equalsIgnoreCase(wDomain)) {
-                if (debug != null) {
-                    debug.println("Certificate domain name has illegal " +
-                                  "wildcard for public suffix: " + template);
+                if (SSLLogger.isOn) {
+                    SSLLogger.fine(
+                        "Certificate domain name has illegal " +
+                        "wildcard for public suffix: " + template);
                 }
                 return true;
             }
jdk-sandbox