http-client-branch: added system property to disable hostname verification for testing http-client-branch
authormichaelm
Fri, 16 Feb 2018 10:34:17 +0000
branchhttp-client-branch
changeset 56137 dd867826d55b
parent 56136 3b58e5bacad6
child 56138 4f92b988600e
http-client-branch: added system property to disable hostname verification for testing
src/java.net.http/share/classes/jdk/internal/net/http/AbstractAsyncSSLConnection.java
src/java.net.http/share/classes/jdk/internal/net/http/common/Utils.java
--- a/src/java.net.http/share/classes/jdk/internal/net/http/AbstractAsyncSSLConnection.java	Thu Feb 15 20:09:01 2018 +0000
+++ b/src/java.net.http/share/classes/jdk/internal/net/http/AbstractAsyncSSLConnection.java	Fri Feb 16 10:34:17 2018 +0000
@@ -67,6 +67,10 @@
     protected final String serverName;
     protected final SSLParameters sslParameters;
 
+    // Setting this property disables HTTPS hostname verification. Use with care.
+    private static final boolean disableHostnameVerification = Utils.isHostnameVerificationDisabled();
+
+
     AbstractAsyncSSLConnection(InetSocketAddress addr,
                                HttpClientImpl client,
                                String serverName, int port,
@@ -94,7 +98,8 @@
                                                      String[] alpn) {
         SSLParameters sslp = client.sslParameters();
         SSLParameters sslParameters = Utils.copySSLParameters(sslp);
-        sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
+        if (!disableHostnameVerification)
+            sslParameters.setEndpointIdentificationAlgorithm("HTTPS");
         if (alpn != null) {
             Log.logSSL("AbstractAsyncSSLConnection: Setting application protocols: {0}",
                        Arrays.toString(alpn));
--- a/src/java.net.http/share/classes/jdk/internal/net/http/common/Utils.java	Thu Feb 15 20:09:01 2018 +0000
+++ b/src/java.net.http/share/classes/jdk/internal/net/http/common/Utils.java	Fri Feb 16 10:34:17 2018 +0000
@@ -89,6 +89,9 @@
             getBooleanProperty(DebugLogger.HPACK_NAME, false);
     public static final boolean TESTING = DEBUG;
 
+    public static final boolean isHostnameVerificationDisabled = // enabled by default
+        getBooleanProperty("jdk.internal.http.disableHostnameVerification", false);
+
     /**
      * Allocated buffer size. Must never be higher than 16K. But can be lower
      * if smaller allocation units preferred. HTTP/2 mandates that all
@@ -375,7 +378,7 @@
                 NetProperties.get(name));
     }
 
-    static boolean getBooleanProperty(String name, boolean def) {
+    public static boolean getBooleanProperty(String name, boolean def) {
         return AccessController.doPrivileged((PrivilegedAction<Boolean>) () ->
                 Boolean.parseBoolean(System.getProperty(name, String.valueOf(def))));
     }
@@ -795,4 +798,11 @@
         else
             return new ImmutableSSLSession(session);
     }
+
+    /**
+     * Enabled by default. May be disabled for testing. Use with care
+     */
+    public static boolean isHostnameVerificationDisabled() {
+        return isHostnameVerificationDisabled;
+    }
 }