6614957: HttpsURLConnection not using the set SSLSocketFactory for creating all its Sockets

6771432: createSocket() - smpatch fails using 1.6.0_10 because of "Unconnected sockets not implemented" 6766775: X509 certificate hostname checking is broken in JDK1.6.0_10 Summary: All three bugs are interdependent Reviewed-by: xuelei

6614957: HttpsURLConnection not using the set SSLSocketFactory for creating all its Sockets
6771432: createSocket() - smpatch fails using 1.6.0_10 because of "Unconnected sockets not implemented" 6766775: X509 certificate hostname checking is broken in JDK1.6.0_10 Summary: All three bugs are interdependent Reviewed-by: xuelei
a5cd2ba4 · chegar · 2cca3b07 · a5cd2ba4 · a5cd2ba4 · a5cd2ba4
11 changed file
--- a/src/share/classes/javax/net/SocketFactory.java
+++ b/src/share/classes/javax/net/SocketFactory.java
@@ -27,8 +27,10 @@
 package javax.net;

 import java.io.IOException;
-import java.net.*;
-
+import java.net.InetAddress;
+import java.net.Socket;
+import java.net.SocketException;
+import java.net.UnknownHostException;

 /**
 * This class creates sockets.  It may be subclassed by other factories,
@@ -113,7 +115,17 @@ public abstract class SocketFactory
     * @see java.net.Socket#Socket()
     */
    public Socket createSocket() throws IOException {
-        throw new SocketException("Unconnected sockets not implemented");
+        //
+        // bug 6771432:
+        // The Exception is used by HttpsClient to signal that
+        // unconnected sockets have not been implemented.
+        //
+        UnsupportedOperationException uop = new
+                UnsupportedOperationException();
+        SocketException se =  new SocketException(
+                "Unconnected sockets not implemented");
+        se.initCause(uop);
+        throw se;
    }



--- a/src/share/classes/sun/net/NetworkClient.java
+++ b/src/share/classes/sun/net/NetworkClient.java
@@ -29,7 +29,6 @@ import java.net.Socket;
 import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.net.UnknownHostException;
-import java.net.URL;
 import java.net.Proxy;
 import java.util.Arrays;
 import java.security.AccessController;
@@ -157,10 +156,15 @@ public class NetworkClient {
                        public Socket run() {
                                       return new Socket(proxy);
                                   }});
-            } else
+            } else if (proxy.type() == Proxy.Type.DIRECT) {
+                s = createSocket();
+            } else {
+                // Still connecting through a proxy
+                // server & port will be the proxy address and port
                s = new Socket(Proxy.NO_PROXY);
+            }
        } else
-            s = new Socket();
+            s = createSocket();
        // Instance specific timeouts do have priority, that means
        // connectTimeout & readTimeout (-1 means not set)
        // Then global default timeouts
@@ -182,6 +186,15 @@ public class NetworkClient {
        return s;
    }

+    /**
+     * The following method, createSocket, is provided to allow the
+     * https client to override it so that it may use its socket factory
+     * to create the socket.
+     */
+    protected Socket createSocket() throws IOException {
+        return new java.net.Socket();
+    }
+
    protected InetAddress getLocalAddress() throws IOException {
        if (serverSocket == null)
            throw new IOException("not connected");

--- a/src/share/classes/sun/net/www/protocol/https/HttpsClient.java
+++ b/src/share/classes/sun/net/www/protocol/https/HttpsClient.java
@@ -28,39 +28,24 @@ package sun.net.www.protocol.https;

 import java.io.IOException;
 import java.io.UnsupportedEncodingException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.io.FileInputStream;
 import java.io.PrintStream;
 import java.io.BufferedOutputStream;
 import java.net.Socket;
+import java.net.SocketException;
 import java.net.URL;
 import java.net.UnknownHostException;
-import java.net.InetAddress;
 import java.net.InetSocketAddress;
 import java.net.Proxy;
 import java.net.CookieHandler;
-import java.net.Authenticator;
-import java.net.PasswordAuthentication;
 import java.security.Principal;
-import java.security.KeyStore;
-import java.security.PrivateKey;
 import java.security.cert.*;
 import java.util.StringTokenizer;
 import java.util.Vector;
-import java.util.Collection;
-import java.util.List;
-import java.util.Iterator;
 import java.security.AccessController;

 import javax.security.auth.x500.X500Principal;

 import javax.net.ssl.*;
-import sun.security.x509.X500Name;
-import sun.misc.Regexp;
-import sun.misc.RegexpPool;
-import sun.net.www.HeaderParser;
-import sun.net.www.MessageHeader;
 import sun.net.www.http.HttpClient;
 import sun.security.action.*;

@@ -125,6 +110,7 @@ final class HttpsClient extends HttpClient
    private static final int    httpsPortNumber = 443;

    /** Returns the default HTTPS port (443) */
+    @Override
    protected int getDefaultPort() { return httpsPortNumber; }

    private HostnameVerifier hv;
@@ -368,11 +354,39 @@ final class HttpsClient extends HttpClient
        return sslSocketFactory;
    }

+    /**
+     * The following method, createSocket, is defined in NetworkClient
+     * and overridden here so that the socket facroty is used to create
+     * new sockets.
+     */
+    @Override
+    protected Socket createSocket() throws IOException {
+        try {
+            return sslSocketFactory.createSocket();
+        } catch (SocketException se) {
+            //
+            // bug 6771432
+            // javax.net.SocketFactory throws a SocketException with an
+            // UnsupportedOperationException as its cause to indicate that
+            // unconnected sockets have not been implemented.
+            //
+            Throwable t = se.getCause();
+            if (t != null && t instanceof UnsupportedOperationException) {
+                return super.createSocket();
+            } else {
+                throw se;
+            }
+        }
+    }
+
+
+    @Override
    public boolean needsTunneling() {
        return (proxy != null && proxy.type() != Proxy.Type.DIRECT
                && proxy.type() != Proxy.Type.SOCKS);
    }

+    @Override
    public void afterConnect() throws IOException, UnknownHostException {
        if (!isCachedConnection()) {
            SSLSocket s = null;
@@ -383,6 +397,9 @@ final class HttpsClient extends HttpClient
                                                        host, port, true);
                } else {
                    s = (SSLSocket)serverSocket;
+                    if (s instanceof SSLSocketImpl) {
+                        ((SSLSocketImpl)s).setHost(host);
+                    }
                }
            } catch (IOException ex) {
                // If we fail to connect through the tunnel, try it
@@ -451,7 +468,6 @@ final class HttpsClient extends HttpClient
        //
        // Get authenticated server name, if any
        //
-        boolean done = false;
        String host = url.getHost();

        // if IPv6 strip off the "[]"
@@ -467,7 +483,7 @@ final class HttpsClient extends HttpClient

            // Use ciphersuite to determine whether Kerberos is present.
            if (cipher.startsWith("TLS_KRB5")) {
-                if (!checker.match(host, getPeerPrincipal())) {
+                if (!HostnameChecker.match(host, getPeerPrincipal())) {
                    throw new SSLPeerUnverifiedException("Hostname checker" +
                                " failed for Kerberos");
                }
@@ -514,6 +530,7 @@ final class HttpsClient extends HttpClient
                              + url.getHost() + ">");
    }

+    @Override
    protected void putInKeepAliveCache() {
        kac.put(url, sslSocketFactory, this);
    }
@@ -521,6 +538,7 @@ final class HttpsClient extends HttpClient
    /*
     * Close an idle connection to this URL (if it exists in the cache).
     */
+    @Override
    public void closeIdleConnection() {
        HttpClient http = (HttpClient) kac.get(url, sslSocketFactory);
        if (http != null) {
@@ -626,6 +644,7 @@ final class HttpsClient extends HttpClient
     * @return the proxy host being used for this client, or null
     *          if we're not going through a proxy
     */
+    @Override
    public String getProxyHostUsed() {
        if (!needsTunneling()) {
            return null;
@@ -638,6 +657,7 @@ final class HttpsClient extends HttpClient
     * @return the proxy port being used for this client.  Meaningless
     *          if getProxyHostUsed() gives null.
     */
+    @Override
    public int getProxyPortUsed() {
        return (proxy == null || proxy.type() == Proxy.Type.DIRECT ||
                proxy.type() == Proxy.Type.SOCKS)? -1:

--- a/src/share/classes/sun/security/ssl/SSLSocketImpl.java
+++ b/src/share/classes/sun/security/ssl/SSLSocketImpl.java
@@ -1840,6 +1840,11 @@ final public class SSLSocketImpl extends BaseSSLSocketImpl {
        return host;
    }

+    // ONLY used by HttpsClient to setup the URI specified hostname
+    synchronized public void setHost(String host) {
+        this.host = host;
+    }
+
    /**
     * Gets an input stream to read from the peer on the other side.
     * Data read from this stream was always integrity protected in

--- a/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/DNSIdentities.java
+++ b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/DNSIdentities.java
--- a/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/HttpsCreateSockTest.java
+++ b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/HttpsCreateSockTest.java
+/*
+ * Copyright 2010 Sun Microsystems, Inc.  All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/**
+ * @test
+ * @bug 6771432
+ * @summary createSocket() - smpatch fails using 1.6.0_10 because of "Unconnected sockets not implemented"
+ */
+
+import javax.net.SocketFactory;
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.SSLSocketFactory;
+import java.security.NoSuchAlgorithmException;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.Socket;
+import java.net.URL;
+import java.io.BufferedWriter;
+import java.io.IOException;
+import java.io.OutputStreamWriter;
+import com.sun.net.httpserver.HttpExchange;
+import com.sun.net.httpserver.HttpHandler;
+import com.sun.net.httpserver.HttpsConfigurator;
+
+/*
+ * This class tests that the HTTPS protocol handler is using its socket factory for
+ * creating new Sockets. It does this by wrapping the default SSLSocketFactory with
+ * its own socket factory, SimpleSSLSocketFactory, and verifying that when a https
+ * connection is made one of the socket factories createSocket methods, that
+ * actually creates a Socket, is being invoked by the protocol handler.
+ */
+
+public class HttpsCreateSockTest
+{
+    /*
+     * Where do we find the keystores?
+     */
+    static String pathToStores = "../../../../../../etc";
+    static String keyStoreFile = "keystore";
+    static String trustStoreFile = "truststore";
+    static String passwd = "passphrase";
+
+    com.sun.net.httpserver.HttpsServer httpsServer;
+    MyHandler httpHandler;
+
+    public static void main(String[] args) {
+        String keyFilename =
+            System.getProperty("test.src", "./") + "/" + pathToStores +
+                "/" + keyStoreFile;
+        String trustFilename =
+            System.getProperty("test.src", "./") + "/" + pathToStores +
+                "/" + trustStoreFile;
+
+        System.setProperty("javax.net.ssl.keyStore", keyFilename);
+        System.setProperty("javax.net.ssl.keyStorePassword", passwd);
+        System.setProperty("javax.net.ssl.trustStore", trustFilename);
+        System.setProperty("javax.net.ssl.trustStorePassword", passwd);
+
+        new HttpsCreateSockTest();
+    }
+
+    public HttpsCreateSockTest() {
+        try {
+            startHttpsServer();
+            doClient();
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        } catch (IOException ioe) {
+            ioe.printStackTrace();
+        } finally {
+           httpsServer.stop(1);
+        }
+    }
+
+    void doClient() throws IOException {
+        InetSocketAddress address = httpsServer.getAddress();
+
+        URL url = new URL("https://localhost:" + address.getPort() + "/");
+        System.out.println("trying to connect to " + url + "...");
+
+        HttpsURLConnection uc = (HttpsURLConnection) url.openConnection();
+        uc.setHostnameVerifier(new AllHostnameVerifier());
+        if (uc instanceof javax.net.ssl.HttpsURLConnection) {
+            ((javax.net.ssl.HttpsURLConnection) uc).setSSLSocketFactory(new SimpleSSLSocketFactory());
+            System.out.println("Using TestSocketFactory");
+        }
+        uc.connect();
+        System.out.println("CONNECTED " + uc);
+        System.out.println(uc.getResponseMessage());
+        uc.disconnect();
+    }
+
+    /**
+     * Https Server
+     */
+    public void startHttpsServer() throws IOException, NoSuchAlgorithmException  {
+        httpsServer = com.sun.net.httpserver.HttpsServer.create(new InetSocketAddress(0), 0);
+        httpsServer.createContext("/", new MyHandler());
+        httpsServer.setHttpsConfigurator(new HttpsConfigurator(SSLContext.getDefault()));
+        httpsServer.start();
+    }
+
+    class MyHandler implements HttpHandler {
+        private String message = "This is a message!";
+
+        @Override
+        public void handle(HttpExchange t) throws IOException {
+            t.sendResponseHeaders(200, message.length());
+            BufferedWriter writer = new BufferedWriter( new OutputStreamWriter(t.getResponseBody(), "ISO8859-1"));
+            writer.write(message, 0, message.length());
+            writer.close();
+            t.close();
+        }
+    }
+
+    /**
+     * Simple wrapper on default SSLSocketFactory
+     */
+    class SimpleSSLSocketFactory extends SSLSocketFactory
+    {
+        /*
+         * true if this factory has been used to create a new Socket, i.e.
+         * one of the SocketFactory methods has been called.
+         */
+        boolean socketCreated = false;
+
+        /*
+         * true if this factory has been used to wrap a Socket, i.e.
+         * the SSLSocketFactory method,
+         * createSocket(Socket, String, int, boolean), has been called.
+         */
+        boolean socketWrapped = false;
+
+        @Override
+        public Socket createSocket(InetAddress host, int port) throws IOException {
+            socketCreated = true;
+            return SocketFactory.getDefault().createSocket(host, port);
+        }
+
+        @Override
+        public Socket createSocket(InetAddress address, int port, InetAddress localAddress,
+                                   int localPort) throws IOException {
+            socketCreated = true;
+            return SocketFactory.getDefault().createSocket(address, port, localAddress, localPort);
+        }
+
+        @Override
+        public Socket createSocket(String host, int port) throws IOException {
+            socketCreated = true;
+            return SocketFactory.getDefault().createSocket(host, port);
+        }
+
+        @Override
+        public Socket createSocket(String host, int port, InetAddress localHost,
+                                   int localPort) throws IOException {
+            socketCreated = true;
+            return SocketFactory.getDefault().createSocket(host, port, localHost, localPort);
+        }
+
+        // methods from SSLSocketFactory
+        @Override
+        public Socket createSocket(Socket s, String host, int port,
+                                   boolean autoClose) throws IOException {
+            socketWrapped = true;
+            return ((SSLSocketFactory) SSLSocketFactory.getDefault()).createSocket
+                                                               (s, host, port, autoClose);
+        }
+
+        @Override
+        public String[] getDefaultCipherSuites() {
+            return ((SSLSocketFactory) SSLSocketFactory.getDefault()).getDefaultCipherSuites();
+        }
+
+        @Override
+        public String[] getSupportedCipherSuites()  {
+             return ((SSLSocketFactory) SSLSocketFactory.getDefault()).getSupportedCipherSuites();
+        }
+    }
+
+    class AllHostnameVerifier implements HostnameVerifier
+    {
+        @Override
+        public boolean verify(String hostname, SSLSession session) {
+            return true;
+        }
+    }
+}
--- a/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/HttpsSocketFacTest.java
+++ b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/HttpsSocketFacTest.java
+/*
+ * Copyright 2010 Sun Microsystems, Inc.  All Rights Reserved.
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * This code is free software; you can redistribute it and/or modify it
+ * under the terms of the GNU General Public License version 2 only, as
+ * published by the Free Software Foundation.
+ *
+ * This code is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
+ * version 2 for more details (a copy is included in the LICENSE file that
+ * accompanied this code).
+ *
+ * You should have received a copy of the GNU General Public License version
+ * 2 along with this work; if not, write to the Free Software Foundation,
+ * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
+ *
+ * Please contact Sun Microsystems, Inc., 4150 Network Circle, Santa Clara,
+ * CA 95054 USA or visit www.sun.com if you need additional information or
+ * have any questions.
+ */
+
+/*
+ * @test
+ * @bug 6614957
+ * @summary HttpsURLConnection not using the set SSLSocketFactory for creating all its Sockets
+ * @run main/othervm HttpsSocketFacTest
+ */
+
+import javax.net.SocketFactory;
+import javax.net.ssl.HostnameVerifier;
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.SSLSession;
+import javax.net.ssl.SSLSocketFactory;
+import java.security.NoSuchAlgorithmException;
+import java.net.InetAddress;
+import java.net.InetSocketAddress;
+import java.net.Socket;
+import java.net.URL;
+import java.io.BufferedWriter;
+import java.io.InputStream;
+import java.io.IOException;
+import java.io.OutputStreamWriter;
+import com.sun.net.httpserver.HttpExchange;
+import com.sun.net.httpserver.HttpHandler;
+import com.sun.net.httpserver.HttpsConfigurator;
+
+/*
+ * This class tests that the HTTPS protocol handler is using its socket factory for
+ * creating new Sockets. It does this by wrapping the default SSLSocketFactory with
+ * its own socket factory, SimpleSSLSocketFactory, and verifying that when a https
+ * connection is made one of the socket factories createSocket methods, that
+ * actually creates a Socket, is being invoked by the protocol handler.
+ */
+
+public class HttpsSocketFacTest
+{
+    /*
+     * Where do we find the keystores?
+     */
+    static String pathToStores = "../../../../../../etc";
+    static String keyStoreFile = "keystore";
+    static String trustStoreFile = "truststore";
+    static String passwd = "passphrase";
+
+    com.sun.net.httpserver.HttpsServer httpsServer;
+    MyHandler httpHandler;
+
+    public static void main(String[] args) {
+        String keyFilename =
+            System.getProperty("test.src", "./") + "/" + pathToStores +
+                "/" + keyStoreFile;
+        String trustFilename =
+            System.getProperty("test.src", "./") + "/" + pathToStores +
+                "/" + trustStoreFile;
+
+        System.setProperty("javax.net.ssl.keyStore", keyFilename);
+        System.setProperty("javax.net.ssl.keyStorePassword", passwd);
+        System.setProperty("javax.net.ssl.trustStore", trustFilename);
+        System.setProperty("javax.net.ssl.trustStorePassword", passwd);
+
+        new HttpsSocketFacTest();
+    }
+
+    public HttpsSocketFacTest() {
+        try {
+            startHttpsServer();
+            doClient();
+        } catch (NoSuchAlgorithmException e) {
+            e.printStackTrace();
+        } catch (IOException ioe) {
+            ioe.printStackTrace();
+        } finally {
+           httpsServer.stop(1);
+        }
+    }
+
+    void doClient() throws IOException {
+        InetSocketAddress address = httpsServer.getAddress();
+        URL url = new URL("https://localhost:" + address.getPort() + "/test6614957/");
+        System.out.println("trying to connect to " + url + "...");
+
+        HttpsURLConnection uc = (HttpsURLConnection) url.openConnection();
+        SimpleSSLSocketFactory sssf = new SimpleSSLSocketFactory();
+        uc.setSSLSocketFactory(sssf);
+        uc.setHostnameVerifier(new AllHostnameVerifier());
+        InputStream is = uc.getInputStream();
+
+        byte[] ba = new byte[1024];
+        int read = 0;
+        while ((read = is.read(ba)) != -1) {
+            System.out.println(new String(ba, 0, read));
+        }
+
+        System.out.println("SimpleSSLSocketFactory.socketCreated = " + sssf.socketCreated);
+        System.out.println("SimpleSSLSocketFactory.socketWrapped = " + sssf.socketWrapped);
+
+        if (!sssf.socketCreated)
+            throw new RuntimeException("Failed: Socket Factory not being called to create Socket");
+    }
+
+    /**
+     * Https Server
+     */
+    public void startHttpsServer() throws IOException, NoSuchAlgorithmException  {
+        httpsServer = com.sun.net.httpserver.HttpsServer.create(new InetSocketAddress(0), 0);
+        httpsServer.createContext("/test6614957/", new MyHandler());
+        httpsServer.setHttpsConfigurator(new HttpsConfigurator(SSLContext.getDefault()));
+        httpsServer.start();
+    }
+
+    class MyHandler implements HttpHandler {
+        private String message = "This is a message!";
+
+        @Override
+        public void handle(HttpExchange t) throws IOException {
+            t.sendResponseHeaders(200, message.length());
+            BufferedWriter writer = new BufferedWriter( new OutputStreamWriter(t.getResponseBody(), "ISO8859-1"));
+            writer.write(message, 0, message.length());
+            writer.close();
+            t.close();
+        }
+    }
+
+    /**
+     * Simple wrapper on default SSLSocketFactory
+     */
+    class SimpleSSLSocketFactory extends SSLSocketFactory
+    {
+        /*
+         * true if this factory has been used to create a new Socket, i.e.
+         * one of the SocketFactory methods has been called.
+         */
+        boolean socketCreated = false;
+
+        /*
+         * true if this factory has been used to wrap a Socket, i.e.
+         * the SSLSocketFactory method,
+         * createSocket(Socket, String, int, boolean), has been called.
+         */
+        boolean socketWrapped = false;
+
+        // methods for SocketFactory
+        @Override
+        public Socket createSocket() throws IOException {
+            socketCreated = true;
+            return SocketFactory.getDefault().createSocket();
+        }
+
+        @Override
+        public Socket createSocket(InetAddress host, int port) throws IOException {
+            socketCreated = true;
+            return SocketFactory.getDefault().createSocket(host, port);
+        }
+
+        @Override
+        public Socket createSocket(InetAddress address, int port, InetAddress localAddress,
+                                   int localPort) throws IOException {
+            socketCreated = true;
+            return SocketFactory.getDefault().createSocket(address, port, localAddress, localPort);
+        }
+
+        @Override
+        public Socket createSocket(String host, int port) throws IOException {
+            socketCreated = true;
+            return SocketFactory.getDefault().createSocket(host, port);
+        }
+
+        @Override
+        public Socket createSocket(String host, int port, InetAddress localHost,
+                                   int localPort) throws IOException {
+            socketCreated = true;
+            return SocketFactory.getDefault().createSocket(host, port, localHost, localPort);
+        }
+
+        // methods from SSLSocketFactory
+        @Override
+        public Socket createSocket(Socket s, String host, int port,
+                                   boolean autoClose) throws IOException {
+            socketWrapped = true;
+            return ((SSLSocketFactory) SSLSocketFactory.getDefault()).createSocket
+                                                               (s, host, port, autoClose);
+        }
+
+        @Override
+        public String[] getDefaultCipherSuites() {
+            return ((SSLSocketFactory) SSLSocketFactory.getDefault()).getDefaultCipherSuites();
+        }
+
+        @Override
+        public String[] getSupportedCipherSuites()  {
+             return ((SSLSocketFactory) SSLSocketFactory.getDefault()).getSupportedCipherSuites();
+        }
+    }
+
+    class AllHostnameVerifier implements HostnameVerifier
+    {
+        @Override
+        public boolean verify(String hostname, SSLSession session) {
+            return true;
+        }
+    }
+}
--- a/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPAddressDNSIdentities.java
+++ b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPAddressDNSIdentities.java
--- a/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPAddressIPIdentities.java
+++ b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPAddressIPIdentities.java
--- a/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPIdentities.java
+++ b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/IPIdentities.java
--- a/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/Identities.java
+++ b/test/sun/security/ssl/sun/net/www/protocol/https/HttpsURLConnection/Identities.java