8074531: Remove javax.security.cert.X509Certificate usage in internal networking packages
Reviewed-by: mullan
--- a/jdk/src/java.base/share/classes/com/sun/net/ssl/HttpsURLConnection.java Tue Mar 24 14:48:11 2015 +0000
+++ b/jdk/src/java.base/share/classes/com/sun/net/ssl/HttpsURLConnection.java Tue Mar 24 11:31:04 2015 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2000, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2000, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -32,10 +32,10 @@
import java.net.URL;
import java.net.HttpURLConnection;
import java.io.IOException;
+import java.security.cert.Certificate;
import javax.net.SocketFactory;
import javax.net.ssl.SSLSocketFactory;
-
-import javax.security.cert.X509Certificate;
+import javax.net.ssl.SSLPeerUnverifiedException;
/**
* HTTP URL connection with support for HTTPS-specific features. See
@@ -70,7 +70,8 @@
* the server did not authenticate.
* @return the server certificate chain
*/
- public abstract X509Certificate [] getServerCertificateChain();
+ public abstract Certificate[] getServerCertificates()
+ throws SSLPeerUnverifiedException;
/**
* HostnameVerifier provides a callback mechanism so that
--- a/jdk/src/java.base/share/classes/com/sun/net/ssl/internal/www/protocol/https/HttpsURLConnectionOldImpl.java Tue Mar 24 14:48:11 2015 +0000
+++ b/jdk/src/java.base/share/classes/com/sun/net/ssl/internal/www/protocol/https/HttpsURLConnectionOldImpl.java Tue Mar 24 11:31:04 2015 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 1996, 2013, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -187,25 +187,6 @@
return delegate.getServerCertificates();
}
- /**
- * Returns the server's X.509 certificate chain, or null if
- * the server did not authenticate.
- *
- * NOTE: This method is not necessary for the version of this class
- * implementing javax.net.ssl.HttpsURLConnection, but provided for
- * compatibility with the com.sun.net.ssl.HttpsURLConnection version.
- */
- public javax.security.cert.X509Certificate[] getServerCertificateChain() {
- try {
- return delegate.getServerCertificateChain();
- } catch (SSLPeerUnverifiedException e) {
- // this method does not throw an exception as declared in
- // com.sun.net.ssl.HttpsURLConnection.
- // Return null for compatibility.
- return null;
- }
- }
-
/*
* Allowable input/output sequences:
* [interpreted as POST/PUT]
--- a/jdk/src/java.base/share/classes/sun/net/www/protocol/https/AbstractDelegateHttpsURLConnection.java Tue Mar 24 14:48:11 2015 +0000
+++ b/jdk/src/java.base/share/classes/sun/net/www/protocol/https/AbstractDelegateHttpsURLConnection.java Tue Mar 24 11:31:04 2015 -0700
@@ -262,27 +262,6 @@
}
/**
- * Returns the server's X.509 certificate chain, or null if
- * the server did not authenticate.
- *
- * @deprecated This method returns the deprecated
- * {@code javax.security.cert.X509Certificate} type.
- * Use {@code getServerCertificates()} instead.
- */
- @Deprecated
- public javax.security.cert.X509Certificate[] getServerCertificateChain()
- throws SSLPeerUnverifiedException {
- if (cachedResponse != null) {
- throw new UnsupportedOperationException("this method is not supported when using cache");
- }
- if (http == null) {
- throw new IllegalStateException("connection not yet open");
- } else {
- return ((HttpsClient)http).getServerCertificateChain();
- }
- }
-
- /**
* Returns the server's principal, or throws SSLPeerUnverifiedException
* if the server did not authenticate.
*/
--- a/jdk/src/java.base/share/classes/sun/net/www/protocol/https/HttpsClient.java Tue Mar 24 14:48:11 2015 +0000
+++ b/jdk/src/java.base/share/classes/sun/net/www/protocol/https/HttpsClient.java Tue Mar 24 11:31:04 2015 -0700
@@ -697,21 +697,6 @@
}
/**
- * Returns the X.509 certificate chain with which the server
- * authenticated itself, or null if the server did not authenticate.
- *
- * @deprecated This method returns the deprecated
- * {@code javax.security.cert.X509Certificate} type.
- * Use {@code getServerCertificates()} instead.
- */
- @Deprecated
- javax.security.cert.X509Certificate [] getServerCertificateChain()
- throws SSLPeerUnverifiedException
- {
- return session.getPeerCertificateChain();
- }
-
- /**
* Returns the principal with which the server authenticated
* itself, or throw a SSLPeerUnverifiedException if the
* server did not authenticate.
--- a/jdk/src/java.base/share/classes/sun/net/www/protocol/https/HttpsURLConnectionImpl.java Tue Mar 24 14:48:11 2015 +0000
+++ b/jdk/src/java.base/share/classes/sun/net/www/protocol/https/HttpsURLConnectionImpl.java Tue Mar 24 11:31:04 2015 -0700
@@ -198,30 +198,6 @@
}
/**
- * Returns the server's X.509 certificate chain, or null if
- * the server did not authenticate.
- *
- * NOTE: This method is not necessary for the version of this class
- * implementing javax.net.ssl.HttpsURLConnection, but provided for
- * compatibility with the com.sun.net.ssl.HttpsURLConnection version.
- *
- * @deprecated This method returns the deprecated
- * {@code javax.security.cert.X509Certificate} type.
- * Use {@code getServerCertificates()} instead.
- */
- @Deprecated
- public javax.security.cert.X509Certificate[] getServerCertificateChain() {
- try {
- return delegate.getServerCertificateChain();
- } catch (SSLPeerUnverifiedException e) {
- // this method does not throw an exception as declared in
- // com.sun.net.ssl.HttpsURLConnection.
- // Return null for compatibility.
- return null;
- }
- }
-
- /**
* Returns the principal with which the server authenticated itself,
* or throw a SSLPeerUnverifiedException if the server did not authenticate.
*/
--- a/jdk/test/javax/net/ssl/FixingJavadocs/ComURLNulls.java Tue Mar 24 14:48:11 2015 +0000
+++ b/jdk/test/javax/net/ssl/FixingJavadocs/ComURLNulls.java Tue Mar 24 11:31:04 2015 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -80,7 +80,7 @@
}
try {
- urlc.getServerCertificateChain();
+ urlc.getServerCertificates();
} catch (IllegalStateException e) {
System.out.print("Caught proper exception: ");
System.out.println(e.getMessage());
--- a/jdk/test/sun/net/www/protocol/https/NewImpl/ComHTTPSConnection.java Tue Mar 24 14:48:11 2015 +0000
+++ b/jdk/test/sun/net/www/protocol/https/NewImpl/ComHTTPSConnection.java Tue Mar 24 11:31:04 2015 -0700
@@ -1,5 +1,5 @@
/*
- * Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2015, Oracle and/or its affiliates. All rights reserved.
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
*
* This code is free software; you can redistribute it and/or modify it
@@ -34,8 +34,8 @@
import java.io.*;
import java.net.*;
+import java.security.cert.Certificate;
import javax.net.ssl.*;
-import javax.security.cert.*;
import com.sun.net.ssl.HostnameVerifier;
import com.sun.net.ssl.HttpsURLConnection;
@@ -240,8 +240,8 @@
System.out.println("Cipher Suite: " +
((HttpsURLConnection)urlc).getCipherSuite());
- X509Certificate[] certs =
- ((HttpsURLConnection)urlc).getServerCertificateChain();
+ Certificate[] certs =
+ ((HttpsURLConnection)urlc).getServerCertificates();
for (int i = 0; i < certs.length; i++) {
System.out.println(certs[0]);
}