HTTPCLIENT-2182: access to SSLSession attributes via reflection disallowed as of Java 16. Core TLS functions now use new Java 1.8 API introduced by 8u251 update
diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/ssl/ClientTlsStrategyBuilder.java b/httpclient5/src/main/java/org/apache/hc/client5/http/ssl/ClientTlsStrategyBuilder.java
index 52657e3..3f4e35a 100644
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/ssl/ClientTlsStrategyBuilder.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/ssl/ClientTlsStrategyBuilder.java
@@ -30,7 +30,6 @@
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
-import javax.net.ssl.SSLSession;
import org.apache.hc.core5.function.Factory;
import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
@@ -38,7 +37,6 @@
import org.apache.hc.core5.reactor.ssl.SSLBufferMode;
import org.apache.hc.core5.reactor.ssl.TlsDetails;
import org.apache.hc.core5.ssl.SSLContexts;
-import org.apache.hc.core5.util.ReflectionUtils;
/**
* Builder for client {@link TlsStrategy} instances.
@@ -77,6 +75,10 @@
private String[] ciphers;
private SSLBufferMode sslBufferMode;
private HostnameVerifier hostnameVerifier;
+ /**
+ * @deprecated To be removed.
+ */
+ @Deprecated
private Factory<SSLEngine, TlsDetails> tlsDetailsFactory;
private boolean systemProperties;
@@ -133,7 +135,10 @@
/**
* Assigns {@link TlsDetails} {@link Factory} instance.
+ *
+ * @deprecated Do not use.
*/
+ @Deprecated
public ClientTlsStrategyBuilder setTlsDetailsFactory(final Factory<SSLEngine, TlsDetails> tlsDetailsFactory) {
this.tlsDetailsFactory = tlsDetailsFactory;
return this;
@@ -148,6 +153,7 @@
return this;
}
+ @SuppressWarnings("deprecation")
public TlsStrategy build() {
final SSLContext sslContextCopy;
if (sslContext != null) {
@@ -167,24 +173,13 @@
} else {
ciphersCopy = systemProperties ? HttpsSupport.getSystemCipherSuits() : null;
}
- final Factory<SSLEngine, TlsDetails> tlsDetailsFactoryCopy;
- if (tlsDetailsFactory != null) {
- tlsDetailsFactoryCopy = tlsDetailsFactory;
- } else {
- tlsDetailsFactoryCopy = sslEngine -> {
- final SSLSession sslSession = sslEngine.getSession();
- final String applicationProtocol = ReflectionUtils.callGetter(sslEngine,
- "ApplicationProtocol", String.class);
- return new TlsDetails(sslSession, applicationProtocol);
- };
- }
return new DefaultClientTlsStrategy(
sslContextCopy,
tlsVersionsCopy,
ciphersCopy,
sslBufferMode != null ? sslBufferMode : SSLBufferMode.STATIC,
hostnameVerifier != null ? hostnameVerifier : HttpsSupport.getDefaultHostnameVerifier(),
- tlsDetailsFactoryCopy);
+ tlsDetailsFactory);
}
}
diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/ssl/DefaultClientTlsStrategy.java b/httpclient5/src/main/java/org/apache/hc/client5/http/ssl/DefaultClientTlsStrategy.java
index 872605d..dfa2664 100644
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/ssl/DefaultClientTlsStrategy.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/ssl/DefaultClientTlsStrategy.java
@@ -63,8 +63,16 @@
HttpsSupport.getDefaultHostnameVerifier());
}
- private final Factory<SSLEngine, TlsDetails> tlsDetailsFactory;
+ /**
+ * @deprecated To be removed.
+ */
+ @Deprecated
+ private Factory<SSLEngine, TlsDetails> tlsDetailsFactory;
+ /**
+ * @deprecated Use {@link DefaultClientTlsStrategy#DefaultClientTlsStrategy(SSLContext, String[], String[], SSLBufferMode, HostnameVerifier)}
+ */
+ @Deprecated
public DefaultClientTlsStrategy(
final SSLContext sslContext,
final String[] supportedProtocols,
@@ -82,13 +90,13 @@
final String[] supportedCipherSuites,
final SSLBufferMode sslBufferManagement,
final HostnameVerifier hostnameVerifier) {
- this(sslContext, supportedProtocols, supportedCipherSuites, sslBufferManagement, hostnameVerifier, null);
+ super(sslContext, supportedProtocols, supportedCipherSuites, sslBufferManagement, hostnameVerifier);
}
public DefaultClientTlsStrategy(
final SSLContext sslcontext,
final HostnameVerifier hostnameVerifier) {
- this(sslcontext, null, null, SSLBufferMode.STATIC, hostnameVerifier, null);
+ this(sslcontext, null, null, SSLBufferMode.STATIC, hostnameVerifier);
}
public DefaultClientTlsStrategy(final SSLContext sslcontext) {
diff --git a/httpclient5/src/test/java/org/apache/hc/client5/http/examples/AsyncClientCustomSSL.java b/httpclient5/src/test/java/org/apache/hc/client5/http/examples/AsyncClientCustomSSL.java
index 34176e4..12e28eb 100644
--- a/httpclient5/src/test/java/org/apache/hc/client5/http/examples/AsyncClientCustomSSL.java
+++ b/httpclient5/src/test/java/org/apache/hc/client5/http/examples/AsyncClientCustomSSL.java
@@ -66,18 +66,6 @@
.build();
final TlsStrategy tlsStrategy = ClientTlsStrategyBuilder.create()
.setSslContext(sslcontext)
- // IMPORTANT uncomment the following method when running Java 9 or older
- // in order for ALPN support to work and avoid the illegal reflective
- // access operation warning
- /*
- .setTlsDetailsFactory(new Factory<SSLEngine, TlsDetails>() {
-
- @Override
- public TlsDetails create(final SSLEngine sslEngine) {
- return new TlsDetails(sslEngine.getSession(), sslEngine.getApplicationProtocol());
- }
- })
- */
.build();
final PoolingAsyncClientConnectionManager cm = PoolingAsyncClientConnectionManagerBuilder.create()
diff --git a/httpclient5/src/test/java/org/apache/hc/client5/http/examples/AsyncClientTlsAlpn.java b/httpclient5/src/test/java/org/apache/hc/client5/http/examples/AsyncClientTlsAlpn.java
deleted file mode 100644
index 97db267..0000000
--- a/httpclient5/src/test/java/org/apache/hc/client5/http/examples/AsyncClientTlsAlpn.java
+++ /dev/null
@@ -1,125 +0,0 @@
-/*
- * ====================================================================
- * Licensed to the Apache Software Foundation (ASF) under one
- * or more contributor license agreements. See the NOTICE file
- * distributed with this work for additional information
- * regarding copyright ownership. The ASF licenses this file
- * to you under the Apache License, Version 2.0 (the
- * "License"); you may not use this file except in compliance
- * with the License. You may obtain a copy of the License at
- *
- * http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing,
- * software distributed under the License is distributed on an
- * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
- * KIND, either express or implied. See the License for the
- * specific language governing permissions and limitations
- * under the License.
- * ====================================================================
- *
- * This software consists of voluntary contributions made by many
- * individuals on behalf of the Apache Software Foundation. For more
- * information on the Apache Software Foundation, please see
- * <http://www.apache.org/>.
- *
- */
-package org.apache.hc.client5.http.examples;
-
-import java.util.concurrent.Future;
-
-import javax.net.ssl.SSLSession;
-
-import org.apache.hc.client5.http.async.methods.SimpleHttpRequest;
-import org.apache.hc.client5.http.async.methods.SimpleHttpResponse;
-import org.apache.hc.client5.http.async.methods.SimpleRequestBuilder;
-import org.apache.hc.client5.http.async.methods.SimpleRequestProducer;
-import org.apache.hc.client5.http.async.methods.SimpleResponseConsumer;
-import org.apache.hc.client5.http.impl.async.CloseableHttpAsyncClient;
-import org.apache.hc.client5.http.impl.async.HttpAsyncClients;
-import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManager;
-import org.apache.hc.client5.http.impl.nio.PoolingAsyncClientConnectionManagerBuilder;
-import org.apache.hc.client5.http.protocol.HttpClientContext;
-import org.apache.hc.client5.http.ssl.ClientTlsStrategyBuilder;
-import org.apache.hc.core5.concurrent.FutureCallback;
-import org.apache.hc.core5.http.HttpHost;
-import org.apache.hc.core5.http.message.StatusLine;
-import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
-import org.apache.hc.core5.io.CloseMode;
-
-/**
- * This example demonstrates how to avoid the illegal reflective access operation warning
- * when running with Oracle JRE 9 or newer.
- */
-public class AsyncClientTlsAlpn {
-
- public final static void main(final String[] args) throws Exception {
- final TlsStrategy tlsStrategy = ClientTlsStrategyBuilder.create()
- .useSystemProperties()
- // IMPORTANT uncomment the following method when running Java 9 or older
- // in order for ALPN support to work and avoid the illegal reflective
- // access operation warning
- /*
- .setTlsDetailsFactory(new Factory<SSLEngine, TlsDetails>() {
-
- @Override
- public TlsDetails create(final SSLEngine sslEngine) {
- return new TlsDetails(sslEngine.getSession(), sslEngine.getApplicationProtocol());
- }
- })
- */
- .build();
- final PoolingAsyncClientConnectionManager cm = PoolingAsyncClientConnectionManagerBuilder.create()
- .setTlsStrategy(tlsStrategy)
- .build();
- try (final CloseableHttpAsyncClient client = HttpAsyncClients.custom()
- .setConnectionManager(cm)
- .build()) {
-
- client.start();
-
- final HttpHost target = new HttpHost("https", "nghttp2.org");
- final HttpClientContext clientContext = HttpClientContext.create();
-
- final SimpleHttpRequest request = SimpleRequestBuilder.get()
- .setHttpHost(target)
- .setPath("/httpbin/")
- .build();
-
- System.out.println("Executing request " + request);
- final Future<SimpleHttpResponse> future = client.execute(
- SimpleRequestProducer.create(request),
- SimpleResponseConsumer.create(),
- clientContext,
- new FutureCallback<SimpleHttpResponse>() {
-
- @Override
- public void completed(final SimpleHttpResponse response) {
- System.out.println(request + "->" + new StatusLine(response));
- final SSLSession sslSession = clientContext.getSSLSession();
- if (sslSession != null) {
- System.out.println("SSL protocol " + sslSession.getProtocol());
- System.out.println("SSL cipher suite " + sslSession.getCipherSuite());
- }
- System.out.println(response.getBody());
- }
-
- @Override
- public void failed(final Exception ex) {
- System.out.println(request + "->" + ex);
- }
-
- @Override
- public void cancelled() {
- System.out.println(request + " cancelled");
- }
-
- });
- future.get();
-
- System.out.println("Shutting down");
- client.close(CloseMode.GRACEFUL);
- }
- }
-
-}