--- a/jdk/src/java.base/share/classes/sun/security/util/HostnameChecker.java Tue Feb 10 11:34:13 2015 -0800
+++ b/jdk/src/java.base/share/classes/sun/security/util/HostnameChecker.java Tue Feb 10 23:32:48 2015 +0000
@@ -26,6 +26,8 @@
package sun.security.util;
import java.io.IOException;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
import java.util.*;
import java.security.Principal;
@@ -148,6 +150,17 @@
String ipAddress = (String)next.get(1);
if (expectedIP.equalsIgnoreCase(ipAddress)) {
return;
+ } else {
+ // compare InetAddress objects in order to ensure
+ // equality between a long IPv6 address and its
+ // abbreviated form.
+ try {
+ if (InetAddress.getByName(expectedIP).equals(
+ InetAddress.getByName(ipAddress))) {
+ return;
+ }
+ } catch (UnknownHostException e) {
+ } catch (SecurityException e) {}
}
}
}
--- a/jdk/test/sun/security/util/HostnameMatcher/TestHostnameChecker.java Tue Feb 10 11:34:13 2015 -0800
+++ b/jdk/test/sun/security/util/HostnameMatcher/TestHostnameChecker.java Tue Feb 10 23:32:48 2015 +0000
@@ -187,6 +187,9 @@
in = new FileInputStream(new File(PATH, "cert4.crt"));
X509Certificate cert4 = (X509Certificate)cf.generateCertificate(in);
in.close();
+ in = new FileInputStream(new File(PATH, "cert5.crt"));
+ X509Certificate cert5 = (X509Certificate)cf.generateCertificate(in);
+ in.close();
HostnameChecker checker = HostnameChecker.getInstance(
HostnameChecker.TYPE_TLS);
@@ -202,6 +205,9 @@
check(checker, "5.6.7.8", cert3, true);
check(checker, "foo.bar.com", cert4, true);
check(checker, "altfoo.bar.com", cert4, true);
+ check(checker, "2001:db8:3c4d:15::1a2f:1a2b", cert5, true);
+ check(checker, "2001:0db8:3c4d:0015:0000:0000:1a2f:1a2b", cert5, true);
+ check(checker, "2002:db8:3c4d:15::1a2f:1a2b", cert5, false);
checker = HostnameChecker.getInstance(
HostnameChecker.TYPE_LDAP);
--- /dev/null Thu Jan 01 00:00:00 1970 +0000
+++ b/jdk/test/sun/security/util/HostnameMatcher/cert5.crt Tue Feb 10 23:32:48 2015 +0000
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIECDCCAvCgAwIBAgIJAJaBmuUlfY8sMA0GCSqGSIb3DQEBBQUAMIGmMQswCQYD
+VQQGEwJVUzETMBEGA1UECAwKU29tZS1TdGF0ZTESMBAGA1UEBwwJU29tZS1DaXR5
+MSowKAYDVQQKDCFVbmNvbmZpZ3VyZWQgT3BlblNTTCBJbnN0YWxsYXRpb24xEDAO
+BgNVBAsMB3NlY3Rpb24xMDAuBgNVBAMMJzIwMDE6MGRiODozYzRkOjAwMTU6MDAw
+MDowMDAwOjFhMmY6MWEyYjAeFw0xNTAyMTAxODMzMjBaFw0xNTAzMTIxODMzMjBa
+MIGmMQswCQYDVQQGEwJVUzETMBEGA1UECAwKU29tZS1TdGF0ZTESMBAGA1UEBwwJ
+U29tZS1DaXR5MSowKAYDVQQKDCFVbmNvbmZpZ3VyZWQgT3BlblNTTCBJbnN0YWxs
+YXRpb24xEDAOBgNVBAsMB3NlY3Rpb24xMDAuBgNVBAMMJzIwMDE6MGRiODozYzRk
+OjAwMTU6MDAwMDowMDAwOjFhMmY6MWEyYjCCASIwDQYJKoZIhvcNAQEBBQADggEP
+ADCCAQoCggEBAMcigWxmeF6Dmo3xAw3y/8d3vB8Th4YsmvwXb9DxwNWV+B3vxJgq
+ww6T6VBxrle1bgu/RtZDJwLf5vMhVElxuuE86di2qyurKFbpe29C9xnCxuMlXpje
+X2pNknz4ZzOqD4opmIAFjXZ2Xp1kLt+HJX7ABoz7Uga+IbVfDRPPf2KOqYNpBQkp
+dgI5VOZDQNVNb+8vdXDwyanMQ0TgPXKL4BQIkGB4RM8sgpPMUvB+tEB7zmUtgSco
+2a5M84wIhxv85CmFFoTVSzXsRCDhVAZj0aHRkkmAsMSmzPa4HiPnuVRV740oQjDy
+oMGLndaEs2nxIqckUFHOHcSTf0/wmcvPbIsCAwEAAaM3MDUwCQYDVR0TBAIwADAL
+BgNVHQ8EBAMCBeAwGwYDVR0RBBQwEocQIAENuDxNABUAAAAAGi8aKzANBgkqhkiG
+9w0BAQUFAAOCAQEAtnelRbYPPZRgTd4oxOiPqwc01EE9JgtkFWlooCwVUDChOR2k
+us1qlhKsvbN2Tcsm1Ss3p0Uxk/g1o2/mY8rA/dJ8qiN6jbfjpEi8b2MirP5tQSE0
+QNXbVGr5FnLbuUmn+82pB0vBSaq7gxehbV6S7dteyQUnb2imltC5wS9PwYb8wWx7
+IpyXWt0jkYkC8KJEevVYI7qtwpjYhyc1FqwzUiPmdqGz2AFLQ4RgTXJi93SPoyKM
+s65oPV+r6/0qwnslScxVfszHxxFn1Yfsc5Oseare1MnlNzH69PmWs523C/fBvnB2
+MsHKLPdoN7uSpBLB7j46g5jQG/ceri/cquZKYA==
+-----END CERTIFICATE-----