From 4c9577a08f614b1e981933c1b083ddb8fef33d8c Mon Sep 17 00:00:00 2001
From: Oleg Kalnichevski <olegk@apache.org>
Date: Sat, 11 Oct 2014 20:01:33 +0000
Subject: [PATCH] Do not run public suffix test on simple host names (non DNS
 names)

git-svn-id: https://svn.apache.org/repos/asf/httpcomponents/httpclient/trunk@1631106 13f79535-47bb-0310-9956-ffa450edef68
---
 .../conn/ssl/DefaultHostnameVerifier.java     |  2 +-
 .../http/conn/ssl/TestSSLSocketFactory.java   | 26 +++++++++++++++++++
 2 files changed, 27 insertions(+), 1 deletion(-)

diff --git a/httpclient/src/main/java/org/apache/http/conn/ssl/DefaultHostnameVerifier.java b/httpclient/src/main/java/org/apache/http/conn/ssl/DefaultHostnameVerifier.java
index fd117d298..2d9661225 100644
--- a/httpclient/src/main/java/org/apache/http/conn/ssl/DefaultHostnameVerifier.java
+++ b/httpclient/src/main/java/org/apache/http/conn/ssl/DefaultHostnameVerifier.java
@@ -173,7 +173,7 @@ public final class DefaultHostnameVerifier implements HostnameVerifier {
             return false;
         }
 
-        if (publicSuffixMatcher != null) {
+        if (publicSuffixMatcher != null && host.contains(".")) {
             String domainRoot = publicSuffixMatcher.getDomainRoot(identity);
             if (domainRoot == null) {
                 // Public domain
diff --git a/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java b/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java
index 153e69366..9ca78a587 100644
--- a/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java
+++ b/httpclient/src/test/java/org/apache/http/conn/ssl/TestSSLSocketFactory.java
@@ -109,6 +109,30 @@ public class TestSSLSocketFactory {
         }
     }
 
+    @Test
+    public void testBasicDefaultHostnameVerifier() throws Exception {
+        this.server = ServerBootstrap.bootstrap()
+                .setServerInfo(LocalServerTestBase.ORIGIN)
+                .setSslContext(SSLTestContexts.createServerSSLContext())
+                .create();
+        this.server.start();
+
+        final HttpContext context = new BasicHttpContext();
+        final SSLConnectionSocketFactory socketFactory = new SSLConnectionSocketFactory(
+                SSLTestContexts.createClientSSLContext(), SSLConnectionSocketFactory.getDefaultHostnameVerifier());
+        final Socket socket = socketFactory.createSocket(context);
+        final InetSocketAddress remoteAddress = new InetSocketAddress("localhost", this.server.getLocalPort());
+        final HttpHost target = new HttpHost("localhost", this.server.getLocalPort(), "https");
+        final SSLSocket sslSocket = (SSLSocket) socketFactory.connectSocket(0, socket, target, remoteAddress, null, context);
+        try {
+            final SSLSession sslsession = sslSocket.getSession();
+
+            Assert.assertNotNull(sslsession);
+        } finally {
+            sslSocket.close();
+        }
+    }
+
     @Test
     public void testClientAuthSSL() throws Exception {
         this.server = ServerBootstrap.bootstrap()
@@ -178,6 +202,8 @@ public class TestSSLSocketFactory {
 
         };
 
+
+
         this.server = ServerBootstrap.bootstrap()
                 .setServerInfo(LocalServerTestBase.ORIGIN)
                 .setSslContext(SSLTestContexts.createServerSSLContext())