You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@hc.apache.org by ol...@apache.org on 2021/10/13 09:51:11 UTC
[httpcomponents-client] branch master updated: HTTPCLIENT-2182:
access to SSLSession attributes via reflection disallowed as of Java 16.
Core TLS functions now use new Java 1.8 API introduced by 8u251 update
This is an automated email from the ASF dual-hosted git repository.
olegk pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/httpcomponents-client.git
The following commit(s) were added to refs/heads/master by this push:
new 29d6caa HTTPCLIENT-2182: access to SSLSession attributes via reflection disallowed as of Java 16. Core TLS functions now use new Java 1.8 API introduced by 8u251 update
29d6caa is described below
commit 29d6caac55e1caae6ff41ecdae59e490a4287a15
Author: Oleg Kalnichevski <ol...@apache.org>
AuthorDate: Wed Oct 13 11:44:33 2021 +0200
HTTPCLIENT-2182: access to SSLSession attributes via reflection disallowed as of Java 16. Core TLS functions now use new Java 1.8 API introduced by 8u251 update
---
.../client5/http/ssl/ClientTlsStrategyBuilder.java | 23 +++++++++-------------
.../client5/http/ssl/DefaultClientTlsStrategy.java | 14 ++++++++++---
2 files changed, 20 insertions(+), 17 deletions(-)
diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/ssl/ClientTlsStrategyBuilder.java b/httpclient5/src/main/java/org/apache/hc/client5/http/ssl/ClientTlsStrategyBuilder.java
index 52657e3..3f4e35a 100644
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/ssl/ClientTlsStrategyBuilder.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/ssl/ClientTlsStrategyBuilder.java
@@ -30,7 +30,6 @@ package org.apache.hc.client5.http.ssl;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
-import javax.net.ssl.SSLSession;
import org.apache.hc.core5.function.Factory;
import org.apache.hc.core5.http.nio.ssl.TlsStrategy;
@@ -38,7 +37,6 @@ import org.apache.hc.core5.http.ssl.TLS;
import org.apache.hc.core5.reactor.ssl.SSLBufferMode;
import org.apache.hc.core5.reactor.ssl.TlsDetails;
import org.apache.hc.core5.ssl.SSLContexts;
-import org.apache.hc.core5.util.ReflectionUtils;
/**
* Builder for client {@link TlsStrategy} instances.
@@ -77,6 +75,10 @@ public class ClientTlsStrategyBuilder {
private String[] ciphers;
private SSLBufferMode sslBufferMode;
private HostnameVerifier hostnameVerifier;
+ /**
+ * @deprecated To be removed.
+ */
+ @Deprecated
private Factory<SSLEngine, TlsDetails> tlsDetailsFactory;
private boolean systemProperties;
@@ -133,7 +135,10 @@ public class ClientTlsStrategyBuilder {
/**
* Assigns {@link TlsDetails} {@link Factory} instance.
+ *
+ * @deprecated Do not use.
*/
+ @Deprecated
public ClientTlsStrategyBuilder setTlsDetailsFactory(final Factory<SSLEngine, TlsDetails> tlsDetailsFactory) {
this.tlsDetailsFactory = tlsDetailsFactory;
return this;
@@ -148,6 +153,7 @@ public class ClientTlsStrategyBuilder {
return this;
}
+ @SuppressWarnings("deprecation")
public TlsStrategy build() {
final SSLContext sslContextCopy;
if (sslContext != null) {
@@ -167,24 +173,13 @@ public class ClientTlsStrategyBuilder {
} else {
ciphersCopy = systemProperties ? HttpsSupport.getSystemCipherSuits() : null;
}
- final Factory<SSLEngine, TlsDetails> tlsDetailsFactoryCopy;
- if (tlsDetailsFactory != null) {
- tlsDetailsFactoryCopy = tlsDetailsFactory;
- } else {
- tlsDetailsFactoryCopy = sslEngine -> {
- final SSLSession sslSession = sslEngine.getSession();
- final String applicationProtocol = ReflectionUtils.callGetter(sslEngine,
- "ApplicationProtocol", String.class);
- return new TlsDetails(sslSession, applicationProtocol);
- };
- }
return new DefaultClientTlsStrategy(
sslContextCopy,
tlsVersionsCopy,
ciphersCopy,
sslBufferMode != null ? sslBufferMode : SSLBufferMode.STATIC,
hostnameVerifier != null ? hostnameVerifier : HttpsSupport.getDefaultHostnameVerifier(),
- tlsDetailsFactoryCopy);
+ tlsDetailsFactory);
}
}
diff --git a/httpclient5/src/main/java/org/apache/hc/client5/http/ssl/DefaultClientTlsStrategy.java b/httpclient5/src/main/java/org/apache/hc/client5/http/ssl/DefaultClientTlsStrategy.java
index 872605d..dfa2664 100644
--- a/httpclient5/src/main/java/org/apache/hc/client5/http/ssl/DefaultClientTlsStrategy.java
+++ b/httpclient5/src/main/java/org/apache/hc/client5/http/ssl/DefaultClientTlsStrategy.java
@@ -63,8 +63,16 @@ public class DefaultClientTlsStrategy extends AbstractClientTlsStrategy {
HttpsSupport.getDefaultHostnameVerifier());
}
- private final Factory<SSLEngine, TlsDetails> tlsDetailsFactory;
+ /**
+ * @deprecated To be removed.
+ */
+ @Deprecated
+ private Factory<SSLEngine, TlsDetails> tlsDetailsFactory;
+ /**
+ * @deprecated Use {@link DefaultClientTlsStrategy#DefaultClientTlsStrategy(SSLContext, String[], String[], SSLBufferMode, HostnameVerifier)}
+ */
+ @Deprecated
public DefaultClientTlsStrategy(
final SSLContext sslContext,
final String[] supportedProtocols,
@@ -82,13 +90,13 @@ public class DefaultClientTlsStrategy extends AbstractClientTlsStrategy {
final String[] supportedCipherSuites,
final SSLBufferMode sslBufferManagement,
final HostnameVerifier hostnameVerifier) {
- this(sslContext, supportedProtocols, supportedCipherSuites, sslBufferManagement, hostnameVerifier, null);
+ super(sslContext, supportedProtocols, supportedCipherSuites, sslBufferManagement, hostnameVerifier);
}
public DefaultClientTlsStrategy(
final SSLContext sslcontext,
final HostnameVerifier hostnameVerifier) {
- this(sslcontext, null, null, SSLBufferMode.STATIC, hostnameVerifier, null);
+ this(sslcontext, null, null, SSLBufferMode.STATIC, hostnameVerifier);
}
public DefaultClientTlsStrategy(final SSLContext sslcontext) {