WolfSSL
/
wolfssljni
mirror of https://github.com/wolfSSL/wolfssljni.git
1
0
Fork 0
Code Issues Releases Wiki Activity

Merge pull request #253 from gasbytes/HttpsURLConnection/ImpactOnSNI-patch 

wolfjsse: auto-enable SNI for HttpsURLConnection
pull/255/head
Chris Conlon 2025-02-05 10:03:06 -07:00 committed by GitHub
parent 1e530a911e d075893cbc
commit 45810c8fbf
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 17 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java
View File

@ -890,7 +890,23 @@ public class WolfSSLEngineHelper {
* This allows users to enable legacy hostname-based SNI behavior * This allows users to enable legacy hostname-based SNI behavior
* through java.security configuration rather than JVM arguments. */ * through java.security configuration rather than JVM arguments. */
boolean autoSNI = "true".equalsIgnoreCase( boolean autoSNI = "true".equalsIgnoreCase(
Security.getProperty("wolfjsse.autoSNI")); Security.getProperty("wolfjsse.autoSNI"));
/* Detect HttpsURLConnection usage by checking:
* - Client mode is set (client-side connection)
* - Has hostname from URL
* - Has peer address from socket
* - No explicit SNI configuration
* This pattern is unique to HttpsURLConnection initialization
*/
boolean isHttpsConnection = this.clientMode &&
this.hostname != null &&
this.peerAddr != null &&
this.params.getServerNames() == null;
/* Enable SNI if explicitly requested via property or if
* HttpsURLConnection is detected */
autoSNI = autoSNI || isHttpsConnection;
if (!enableSNI) { if (!enableSNI) {
WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO, WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,