Support IP address validation in certificate SAN

[divang]

Merging community contribution from PR #2865 by @tangtheone (Pei-Tang Huang)

Objective:

Enable SSL/TLS certificate validation for connections using IP addresses directly, without requiring the hostNameInCertificate workaround. Currently, the JDBC driver only validates DNS hostnames in certificates' Subject Alternative Name (SAN) extension, causing connection failures when users connect via IP address even when the certificate contains that IP in its SAN.

Solutions:

• Implemented RFC 5280 compliant IP address validation in certificate SAN extension
• Extended SQLServerCertificateUtils.validateServerNameInCertificate() to check for both:
  • Type 2 (dNSName) - DNS hostnames with wildcard support
  • Type 7 (iPAddress) - IP addresses with exact match validation
• IP addresses must match exactly (no wildcard patterns allowed for security)
• Maintains backward compatibility - all existing DNS validation logic remains unchanged
• Certificate chain, trust, and expiration validations are still enforced

Key Changes:

• Modified SQLServerCertificateUtils.java to add IP address (type 7) checking alongside existing DNS name (type 2) validation
• Added comprehensive test coverage in SSLCertificateValidationTest.java

Testing:

• Added 6 new test cases covering:
  • IPv4 address matching and mismatching scenarios
  • IPv6 address validation
  • Multiple SAN entries (mixed DNS and IP addresses)
  • Case-insensitive IP address comparison
  • Fallback behavior when no IP SAN is present
• All tests validate proper certificate validation flow
• Verified compilation succeeds with no errors
• Existing DNS-based validation tests remain passing

Standards Compliance: RFC 5280 Section 4.2.1.6 (Subject Alternative Name)

Original contribution: #2865

[codecov]

Codecov Report

❌ Patch coverage is 65.21739% with 8 lines in your changes missing coverage. Please review.
✅ Project coverage is 59.10%. Comparing base (303aeb9) to head (73a5038).
⚠️ Report is 5 commits behind head on main.

Files with missing lines	Patch %	Lines
...soft/sqlserver/jdbc/SQLServerCertificateUtils.java	65.21%	0 Missing and 8 partials ⚠️

Additional details and impacted files

@@             Coverage Diff              @@
##               main    #2873      +/-   ##
============================================
+ Coverage     56.44%   59.10%   +2.66%     
- Complexity     4559     4787     +228     
============================================
  Files           151      151              
  Lines         34560    34577      +17     
  Branches       5768     5776       +8     
============================================
+ Hits          19508    20438     +930     
+ Misses        12418    11407    -1011     
- Partials       2634     2732      +98     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.