wolfjsse: auto-enable SNI for HttpsURLConnection

Enable SNI automatically when detecting HttpsURLConnection's unique initialization pattern, fixing ImpactOnSNI test while preserving default SNI behavior for SSL sockets.
2025-02-05 15:15:41 +01:00 · 2025-02-05 15:15:41 +01:00 · d075893cbc
parent 1e530a911e
commit d075893cbc
1 changed files with 17 additions and 1 deletions
--- a/src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java
+++ b/src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java
@ -890,7 +890,23 @@ public class WolfSSLEngineHelper {
         * This allows users to enable legacy hostname-based SNI behavior
         * through java.security configuration rather than JVM arguments. */
        boolean autoSNI = "true".equalsIgnoreCase(
-            Security.getProperty("wolfjsse.autoSNI"));
+                        Security.getProperty("wolfjsse.autoSNI"));
+
+        /* Detect HttpsURLConnection usage by checking:
+         * - Client mode is set (client-side connection)
+         * - Has hostname from URL
+         * - Has peer address from socket
+         * - No explicit SNI configuration
+         * This pattern is unique to HttpsURLConnection initialization
+         */
+        boolean isHttpsConnection = this.clientMode &&
+                this.hostname != null &&
+                this.peerAddr != null &&
+                this.params.getServerNames() == null;
+
+        /* Enable SNI if explicitly requested via property or if
+         * HttpsURLConnection is detected */
+        autoSNI = autoSNI || isHttpsConnection;

        if (!enableSNI) {
            WolfSSLDebug.log(getClass(), WolfSSLDebug.INFO,