8215430: Remove the internal package com.sun.net.ssl
authorxuelei
Fri, 01 Mar 2019 08:35:14 -0800
changeset 53972 43c2ab1bdfd3
parent 53971 1019c97e1bde
child 53973 db37ce5664e3
8215430: Remove the internal package com.sun.net.ssl Reviewed-by: chegar, mullan, wetmore
src/java.base/share/classes/com/sun/net/ssl/HostnameVerifier.java
src/java.base/share/classes/com/sun/net/ssl/HttpsURLConnection.java
src/java.base/share/classes/com/sun/net/ssl/KeyManager.java
src/java.base/share/classes/com/sun/net/ssl/KeyManagerFactory.java
src/java.base/share/classes/com/sun/net/ssl/KeyManagerFactorySpi.java
src/java.base/share/classes/com/sun/net/ssl/SSLContext.java
src/java.base/share/classes/com/sun/net/ssl/SSLContextSpi.java
src/java.base/share/classes/com/sun/net/ssl/SSLPermission.java
src/java.base/share/classes/com/sun/net/ssl/SSLSecurity.java
src/java.base/share/classes/com/sun/net/ssl/TrustManager.java
src/java.base/share/classes/com/sun/net/ssl/TrustManagerFactory.java
src/java.base/share/classes/com/sun/net/ssl/TrustManagerFactorySpi.java
src/java.base/share/classes/com/sun/net/ssl/X509KeyManager.java
src/java.base/share/classes/com/sun/net/ssl/X509TrustManager.java
src/java.base/share/classes/com/sun/net/ssl/internal/ssl/Provider.java
src/java.base/share/classes/com/sun/net/ssl/internal/ssl/X509ExtendedTrustManager.java
src/java.base/share/classes/com/sun/net/ssl/internal/www/protocol/https/DelegateHttpsURLConnection.java
src/java.base/share/classes/com/sun/net/ssl/internal/www/protocol/https/Handler.java
src/java.base/share/classes/com/sun/net/ssl/internal/www/protocol/https/HttpsURLConnectionOldImpl.java
src/java.base/share/classes/com/sun/net/ssl/package-info.java
src/java.base/share/classes/java/security/Security.java
src/java.base/share/classes/java/security/Signature.java
src/java.base/share/classes/sun/net/www/protocol/https/AbstractDelegateHttpsURLConnection.java
src/java.base/share/classes/sun/net/www/protocol/https/HttpsURLConnectionImpl.java
src/java.base/share/classes/sun/security/jca/ProviderConfig.java
src/java.base/share/classes/sun/security/ssl/SunJSSE.java
test/jdk/TEST.groups
test/jdk/com/sun/net/ssl/SSLSecurity/ComKeyManagerFactoryImpl.java
test/jdk/com/sun/net/ssl/SSLSecurity/ComSSLContextImpl.java
test/jdk/com/sun/net/ssl/SSLSecurity/ComTrustManagerFactoryImpl.java
test/jdk/com/sun/net/ssl/SSLSecurity/JavaxKeyManagerFactoryImpl.java
test/jdk/com/sun/net/ssl/SSLSecurity/JavaxSSLContextImpl.java
test/jdk/com/sun/net/ssl/SSLSecurity/JavaxTrustManagerFactoryImpl.java
test/jdk/com/sun/net/ssl/SSLSecurity/ProviderTest.java
test/jdk/com/sun/net/ssl/SSLSecurity/TruncateArray.java
test/jdk/java/security/BasicPermission/Wildcard.java
test/jdk/javax/net/ssl/FixingJavadocs/ComURLNulls.java
test/jdk/javax/net/ssl/GetInstance.java
test/jdk/javax/net/ssl/SSLSession/CheckMyTrustedKeystore.java
test/jdk/sun/net/www/protocol/https/HttpsURLConnection/CheckMethods.java
test/jdk/sun/net/www/protocol/https/NewImpl/ComHTTPSConnection.java
test/jdk/sun/net/www/protocol/https/NewImpl/ComHostnameVerifier.java
test/jdk/sun/security/ssl/X509TrustManagerImpl/CheckNullEntity.java
test/jdk/sun/security/ssl/X509TrustManagerImpl/ClientServer.java
--- a/src/java.base/share/classes/com/sun/net/ssl/HostnameVerifier.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,54 +0,0 @@
-/*
- * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * NOTE:  this file was copied from javax.net.ssl.HostnameVerifier
- */
-
-package com.sun.net.ssl;
-
-/**
- * HostnameVerifier provides a callback mechanism so that
- * implementers of this interface can supply a policy for
- * handling the case where the host to connect to and
- * the server name from the certificate mismatch.
- *
- * @deprecated As of JDK 1.4, this implementation-specific class was
- *      replaced by {@link javax.net.ssl.HostnameVerifier} and
- *      {@link javax.net.ssl.CertificateHostnameVerifier}.
- */
-@Deprecated(since="1.4")
-public interface HostnameVerifier {
-    /**
-     * Verify that the hostname from the URL is an acceptable
-     * match with the value from the common name entry in the
-     * server certificate's distinguished name.
-     *
-     * @param urlHostname the host name of the URL
-     * @param certHostname the common name entry from the certificate
-     * @return true if the certificate host name is acceptable
-     */
-    public boolean verify(String urlHostname, String certHostname);
-}
--- a/src/java.base/share/classes/com/sun/net/ssl/HttpsURLConnection.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,203 +0,0 @@
-/*
- * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * NOTE:  this file was copied from javax.net.ssl.HttpsURLConnection
- */
-
-package com.sun.net.ssl;
-
-import java.net.URL;
-import java.net.HttpURLConnection;
-import java.io.IOException;
-import java.security.cert.Certificate;
-import javax.net.SocketFactory;
-import javax.net.ssl.SSLSocketFactory;
-import javax.net.ssl.SSLPeerUnverifiedException;
-
-/**
- * HTTP URL connection with support for HTTPS-specific features. See
- * <A HREF="http://www.w3.org/pub/WWW/Protocols/"> the spec </A> for
- * details.
- *
- * @deprecated As of JDK 1.4, this implementation-specific class was
- *      replaced by {@link javax.net.ssl.HttpsURLConnection}.
- */
-@Deprecated(since="1.4")
-public abstract
-class HttpsURLConnection extends HttpURLConnection
-{
-    /*
-     * Initialize an HTTPS URLConnection ... could check that the URL
-     * is an "https" URL, and that the handler is also an HTTPS one,
-     * but that's established by other code in this package.
-     * @param url the URL
-     */
-    public HttpsURLConnection(URL url) throws IOException {
-        super(url);
-    }
-
-    /**
-     * Returns the cipher suite in use on this connection.
-     * @return the cipher suite
-     */
-    public abstract String getCipherSuite();
-
-    /**
-     * Returns the server's X.509 certificate chain, or null if
-     * the server did not authenticate.
-     * <P>
-     * Note: The returned value may not be a valid certificate chain
-     * and should not be relied on for trust decisions.
-     *
-     * @return the server certificate chain
-     */
-    public abstract Certificate[] getServerCertificates()
-        throws SSLPeerUnverifiedException;
-
-    /**
-     * HostnameVerifier provides a callback mechanism so that
-     * implementers of this interface can supply a policy for
-     * handling the case where the host to connect to and
-     * the server name from the certificate mismatch.
-     *
-     * The default implementation will deny such connections.
-     */
-    private static HostnameVerifier defaultHostnameVerifier =
-        new HostnameVerifier() {
-            public boolean verify(String urlHostname, String certHostname) {
-                return false;
-            }
-        };
-
-    protected HostnameVerifier hostnameVerifier = defaultHostnameVerifier;
-
-    /**
-     * Sets the default HostnameVerifier inherited when an instance
-     * of this class is created.
-     * @param v the default host name verifier
-     */
-    public static void setDefaultHostnameVerifier(HostnameVerifier v) {
-        if (v == null) {
-            throw new IllegalArgumentException(
-                "no default HostnameVerifier specified");
-        }
-
-        SecurityManager sm = System.getSecurityManager();
-        if (sm != null) {
-            sm.checkPermission(new SSLPermission("setHostnameVerifier"));
-        }
-        defaultHostnameVerifier = v;
-    }
-
-    /**
-     * Gets the default HostnameVerifier.
-     * @return the default host name verifier
-     */
-    public static HostnameVerifier getDefaultHostnameVerifier() {
-        return defaultHostnameVerifier;
-    }
-
-    /**
-     * Sets the HostnameVerifier.
-     * @param v the host name verifier
-     */
-    public void setHostnameVerifier(HostnameVerifier v) {
-        if (v == null) {
-            throw new IllegalArgumentException(
-                "no HostnameVerifier specified");
-        }
-
-        hostnameVerifier = v;
-    }
-
-    /**
-     * Gets the HostnameVerifier.
-     * @return the host name verifier
-     */
-    public HostnameVerifier getHostnameVerifier() {
-        return hostnameVerifier;
-    }
-
-    private static SSLSocketFactory defaultSSLSocketFactory = null;
-
-    private SSLSocketFactory sslSocketFactory = getDefaultSSLSocketFactory();
-
-    /**
-     * Sets the default SSL socket factory inherited when an instance
-     * of this class is created.
-     * @param sf the default SSL socket factory
-     */
-    public static void setDefaultSSLSocketFactory(SSLSocketFactory sf) {
-        if (sf == null) {
-            throw new IllegalArgumentException(
-                "no default SSLSocketFactory specified");
-        }
-
-        SecurityManager sm = System.getSecurityManager();
-        if (sm != null) {
-            sm.checkSetFactory();
-        }
-        defaultSSLSocketFactory = sf;
-    }
-
-    /**
-     * Gets the default SSL socket factory.
-     * @return the default SSL socket factory
-     */
-    public static SSLSocketFactory getDefaultSSLSocketFactory() {
-        if (defaultSSLSocketFactory == null) {
-            defaultSSLSocketFactory =
-                (SSLSocketFactory)SSLSocketFactory.getDefault();
-        }
-        return defaultSSLSocketFactory;
-    }
-
-    /**
-     * Sets the SSL socket factory.
-     * @param sf the SSL socket factory
-     */
-    public void setSSLSocketFactory(SSLSocketFactory sf) {
-        if (sf == null) {
-            throw new IllegalArgumentException(
-                "no SSLSocketFactory specified");
-        }
-
-        SecurityManager sm = System.getSecurityManager();
-        if (sm != null) {
-            sm.checkSetFactory();
-        }
-
-        sslSocketFactory = sf;
-    }
-
-    /**
-     * Gets the SSL socket factory.
-     * @return the SSL socket factory
-     */
-    public SSLSocketFactory getSSLSocketFactory() {
-        return sslSocketFactory;
-    }
-}
--- a/src/java.base/share/classes/com/sun/net/ssl/KeyManager.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,42 +0,0 @@
-/*
- * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * NOTE:  this file was copied from javax.net.ssl.KeyManager
- */
-
-package com.sun.net.ssl;
-
-/**
- * Base interface for JSSE key managers. These manage the
- * key material which is used to authenticate to the peer
- * of a secure socket.
- *
- * @deprecated As of JDK 1.4, this implementation-specific class was
- *      replaced by {@link javax.net.ssl.KeyManager}.
- */
-@Deprecated(since="1.4")
-public interface KeyManager {
-}
--- a/src/java.base/share/classes/com/sun/net/ssl/KeyManagerFactory.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,220 +0,0 @@
-/*
- * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * NOTE:  this file was copied from javax.net.ssl.KeyManagerFactory
- */
-
-package com.sun.net.ssl;
-
-import java.security.*;
-
-/**
- * This class acts as a factory for key managers based on a
- * source of key material. Each key manager manages a specific
- * type of key material for use by secure sockets. The key
- * material is based on a KeyStore and/or provider specific sources.
- *
- * @deprecated As of JDK 1.4, this implementation-specific class was
- *      replaced by {@link javax.net.ssl.KeyManagerFactory}.
- */
-@Deprecated(since="1.4")
-public class KeyManagerFactory {
-    // The provider
-    private Provider provider;
-
-    // The provider implementation (delegate)
-    private KeyManagerFactorySpi factorySpi;
-
-    // The name of the key management algorithm.
-    private String algorithm;
-
-    /**
-     * <p>The default KeyManager can be changed by setting the value of the
-     * {@code sun.ssl.keymanager.type} security property to the desired name.
-     *
-     * @return the default type as specified by the
-     * {@code sun.ssl.keymanager.type} security property, or an
-     * implementation-specific default if no such property exists.
-     *
-     * @see java.security.Security security properties
-     */
-    public static final String getDefaultAlgorithm() {
-        String type;
-        type = AccessController.doPrivileged(new PrivilegedAction<>() {
-            public String run() {
-                return Security.getProperty("sun.ssl.keymanager.type");
-            }
-        });
-        if (type == null) {
-            type = "SunX509";
-        }
-        return type;
-
-    }
-
-    /**
-     * Creates a KeyManagerFactory object.
-     *
-     * @param factorySpi the delegate
-     * @param provider the provider
-     * @param algorithm the algorithm
-     */
-    protected KeyManagerFactory(KeyManagerFactorySpi factorySpi,
-                                Provider provider, String algorithm) {
-        this.factorySpi = factorySpi;
-        this.provider = provider;
-        this.algorithm = algorithm;
-    }
-
-    /**
-     * Returns the algorithm name of this <code>KeyManagerFactory</code> object.
-     *
-     * <p>This is the same name that was specified in one of the
-     * <code>getInstance</code> calls that created this
-     * <code>KeyManagerFactory</code> object.
-     *
-     * @return the algorithm name of this <code>KeyManagerFactory</code> object.
-     */
-    public final String getAlgorithm() {
-        return this.algorithm;
-    }
-
-    /**
-     * Generates a <code>KeyManagerFactory</code> object that implements the
-     * specified key management algorithm.
-     * If the default provider package provides an implementation of the
-     * requested key management algorithm, an instance of
-     * <code>KeyManagerFactory</code> containing that implementation is
-     * returned.  If the algorithm is not available in the default provider
-     * package, other provider packages are searched.
-     *
-     * @param algorithm the standard name of the requested
-     * algorithm.
-     *
-     * @return the new <code>KeyManagerFactory</code> object
-     *
-     * @exception NoSuchAlgorithmException if the specified algorithm is not
-     * available in the default provider package or any of the other provider
-     * packages that were searched.
-     */
-    public static final KeyManagerFactory getInstance(String algorithm)
-        throws NoSuchAlgorithmException
-    {
-        try {
-            Object[] objs = SSLSecurity.getImpl(algorithm, "KeyManagerFactory",
-                                                (String) null);
-            return new KeyManagerFactory((KeyManagerFactorySpi)objs[0],
-                                    (Provider)objs[1],
-                                    algorithm);
-        } catch (NoSuchProviderException e) {
-            throw new NoSuchAlgorithmException(algorithm + " not found");
-        }
-    }
-
-    /**
-     * Generates a <code>KeyManagerFactory</code> object for the specified
-     * key management algorithm from the specified provider.
-     *
-     * @param algorithm the standard name of the requested
-     * algorithm.
-     * @param provider the name of the provider
-     *
-     * @return the new <code>KeyManagerFactory</code> object
-     *
-     * @exception NoSuchAlgorithmException if the specified algorithm is not
-     * available from the specified provider.
-     * @exception NoSuchProviderException if the specified provider has not
-     * been configured.
-     */
-    public static final KeyManagerFactory getInstance(String algorithm,
-                                                 String provider)
-        throws NoSuchAlgorithmException, NoSuchProviderException
-    {
-        if (provider == null || provider.isEmpty())
-            throw new IllegalArgumentException("missing provider");
-        Object[] objs = SSLSecurity.getImpl(algorithm, "KeyManagerFactory",
-                                            provider);
-        return new KeyManagerFactory((KeyManagerFactorySpi)objs[0],
-                                        (Provider)objs[1], algorithm);
-    }
-
-    /**
-     * Generates a <code>KeyManagerFactory</code> object for the specified
-     * key management algorithm from the specified provider.
-     *
-     * @param algorithm the standard name of the requested
-     * algorithm.
-     * @param provider an instance of the provider
-     *
-     * @return the new <code>KeyManagerFactory</code> object
-     *
-     * @exception NoSuchAlgorithmException if the specified algorithm is not
-     * available from the specified provider.
-     */
-    public static final KeyManagerFactory getInstance(String algorithm,
-                                                 Provider provider)
-        throws NoSuchAlgorithmException
-    {
-        if (provider == null)
-            throw new IllegalArgumentException("missing provider");
-        Object[] objs = SSLSecurity.getImpl(algorithm, "KeyManagerFactory",
-                                            provider);
-        return new KeyManagerFactory((KeyManagerFactorySpi)objs[0],
-                                        (Provider)objs[1], algorithm);
-    }
-
-    /**
-     * Returns the provider of this <code>KeyManagerFactory</code> object.
-     *
-     * @return the provider of this <code>KeyManagerFactory</code> object
-     */
-    public final Provider getProvider() {
-        return this.provider;
-    }
-
-
-    /**
-     * Initializes this factory with a source of key material. The
-     * provider may also include a provider-specific source
-     * of key material.
-     *
-     * @param ks the key store or null
-     * @param password the password for recovering keys
-     */
-    public void init(KeyStore ks, char[] password)
-        throws KeyStoreException, NoSuchAlgorithmException,
-            UnrecoverableKeyException {
-        factorySpi.engineInit(ks, password);
-    }
-
-    /**
-     * Returns one key manager for each type of key material.
-     * @return the key managers
-     */
-    public KeyManager[] getKeyManagers() {
-        return factorySpi.engineGetKeyManagers();
-    }
-}
--- a/src/java.base/share/classes/com/sun/net/ssl/KeyManagerFactorySpi.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,64 +0,0 @@
-/*
- * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * NOTE:  this file was copied from javax.net.ssl.KeyManagerFactorySpi
- */
-
-package com.sun.net.ssl;
-
-import java.security.*;
-
-/**
- * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>)
- * for the <code>KeyManagerFactory</code> class.
- *
- * <p> All the abstract methods in this class must be implemented by each
- * cryptographic service provider who wishes to supply the implementation
- * of a particular key manager factory.
- *
- * @deprecated As of JDK 1.4, this implementation-specific class was
- *      replaced by {@link javax.net.ssl.KeyManagerFactorySpi}.
- */
-@Deprecated(since="1.4")
-public abstract class KeyManagerFactorySpi {
-    /**
-     * Initializes this factory with a source of key material. The
-     * provider may also include a provider-specific source
-     * of key material.
-     *
-     * @param ks the key store or null
-     * @param password the password for recovering keys
-     */
-    protected abstract void engineInit(KeyStore ks, char[] password)
-        throws KeyStoreException, NoSuchAlgorithmException,
-            UnrecoverableKeyException;
-
-    /**
-     * Returns one trust manager for each type of trust material.
-     * @return the key managers
-     */
-    protected abstract KeyManager[] engineGetKeyManagers();
-}
--- a/src/java.base/share/classes/com/sun/net/ssl/SSLContext.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,201 +0,0 @@
-/*
- * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * NOTE:  this file was copied from javax.net.ssl.SSLContext
- */
-
-package com.sun.net.ssl;
-
-import java.security.*;
-import java.util.*;
-import javax.net.ssl.*;
-
-import sun.security.ssl.SSLSocketFactoryImpl;
-import sun.security.ssl.SSLServerSocketFactoryImpl;
-
-/**
- * Instances of this class represent a secure socket protocol
- * implementation which acts as a factory for secure socket
- * factories. This class is initialized with an optional set of
- * key and trust managers and source of secure random bytes.
- *
- * @deprecated As of JDK 1.4, this implementation-specific class was
- *      replaced by {@link javax.net.ssl.SSLContext}.
- */
-@Deprecated(since="1.4")
-public class SSLContext {
-    private Provider provider;
-
-    private SSLContextSpi contextSpi;
-
-    private String protocol;
-
-    /**
-     * Creates an SSLContext object.
-     *
-     * @param contextSpi the delegate
-     * @param provider the provider
-     * @param protocol the protocol
-     */
-    protected SSLContext(SSLContextSpi contextSpi, Provider provider,
-        String protocol) {
-        this.contextSpi = contextSpi;
-        this.provider = provider;
-        this.protocol = protocol;
-    }
-
-    /**
-     * Generates a <code>SSLContext</code> object that implements the
-     * specified secure socket protocol.
-     *
-     * @param protocol the standard name of the requested protocol.
-     *
-     * @return the new <code>SSLContext</code> object
-     *
-     * @exception NoSuchAlgorithmException if the specified protocol is not
-     * available in the default provider package or any of the other provider
-     * packages that were searched.
-     */
-    public static SSLContext getInstance(String protocol)
-        throws NoSuchAlgorithmException
-    {
-        try {
-            Object[] objs = SSLSecurity.getImpl(protocol, "SSLContext",
-                                                (String) null);
-            return new SSLContext((SSLContextSpi)objs[0], (Provider)objs[1],
-                protocol);
-        } catch (NoSuchProviderException e) {
-            throw new NoSuchAlgorithmException(protocol + " not found");
-        }
-    }
-
-    /**
-     * Generates a <code>SSLContext</code> object that implements the
-     * specified secure socket protocol.
-     *
-     * @param protocol the standard name of the requested protocol.
-     * @param provider the name of the provider
-     *
-     * @return the new <code>SSLContext</code> object
-     *
-     * @exception NoSuchAlgorithmException if the specified protocol is not
-     * available from the specified provider.
-     * @exception NoSuchProviderException if the specified provider has not
-     * been configured.
-     */
-    public static SSLContext getInstance(String protocol, String provider)
-        throws NoSuchAlgorithmException, NoSuchProviderException
-    {
-        if (provider == null || provider.isEmpty())
-            throw new IllegalArgumentException("missing provider");
-        Object[] objs = SSLSecurity.getImpl(protocol, "SSLContext",
-                                            provider);
-        return new SSLContext((SSLContextSpi)objs[0], (Provider)objs[1],
-            protocol);
-    }
-
-    /**
-     * Generates a <code>SSLContext</code> object that implements the
-     * specified secure socket protocol.
-     *
-     * @param protocol the standard name of the requested protocol.
-     * @param provider an instance of the provider
-     *
-     * @return the new <code>SSLContext</code> object
-     *
-     * @exception NoSuchAlgorithmException if the specified protocol is not
-     * available from the specified provider.
-     */
-    public static SSLContext getInstance(String protocol, Provider provider)
-        throws NoSuchAlgorithmException
-    {
-        if (provider == null)
-            throw new IllegalArgumentException("missing provider");
-        Object[] objs = SSLSecurity.getImpl(protocol, "SSLContext",
-                                            provider);
-        return new SSLContext((SSLContextSpi)objs[0], (Provider)objs[1],
-            protocol);
-    }
-
-    /**
-     * Returns the protocol name of this <code>SSLContext</code> object.
-     *
-     * <p>This is the same name that was specified in one of the
-     * <code>getInstance</code> calls that created this
-     * <code>SSLContext</code> object.
-     *
-     * @return the protocol name of this <code>SSLContext</code> object.
-     */
-    public final String getProtocol() {
-        return this.protocol;
-    }
-
-    /**
-     * Returns the provider of this <code>SSLContext</code> object.
-     *
-     * @return the provider of this <code>SSLContext</code> object
-     */
-    public final Provider getProvider() {
-        return this.provider;
-    }
-
-    /**
-     * Initializes this context. Either of the first two parameters
-     * may be null in which case the installed security providers will
-     * be searched for the highest priority implementation of the
-     * appropriate factory. Likewise, the secure random parameter may
-     * be null in which case the default implementation will be used.
-     *
-     * @param km the sources of authentication keys or null
-     * @param tm the sources of peer authentication trust decisions or null
-     * @param random the source of randomness for this generator or null
-     */
-    public final void init(KeyManager[] km, TrustManager[] tm,
-                                SecureRandom random)
-        throws KeyManagementException {
-        contextSpi.engineInit(km, tm, random);
-    }
-
-    /**
-     * Returns a <code>SocketFactory</code> object for this
-     * context.
-     *
-     * @return the factory
-     */
-    public final SSLSocketFactory getSocketFactory() {
-        return contextSpi.engineGetSocketFactory();
-    }
-
-    /**
-     * Returns a <code>ServerSocketFactory</code> object for
-     * this context.
-     *
-     * @return the factory
-     */
-    public final SSLServerSocketFactory getServerSocketFactory() {
-        return contextSpi.engineGetServerSocketFactory();
-    }
-}
--- a/src/java.base/share/classes/com/sun/net/ssl/SSLContextSpi.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,74 +0,0 @@
-/*
- * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * NOTE:  this file was copied from javax.net.ssl.SSLContextSpi
- */
-
-package com.sun.net.ssl;
-
-import java.util.*;
-import java.security.*;
-import javax.net.ssl.*;
-
-/**
- * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>)
- * for the <code>SSLContext</code> class.
- *
- * <p> All the abstract methods in this class must be implemented by each
- * cryptographic service provider who wishes to supply the implementation
- * of a particular SSL context.
- *
- * @deprecated As of JDK 1.4, this implementation-specific class was
- *      replaced by {@link javax.net.ssl.SSLContextSpi}.
- */
-@Deprecated(since="1.4")
-public abstract class SSLContextSpi {
-    /**
-     * Initializes this context.
-     *
-     * @param ah the sources of authentication keys
-     * @param th the sources of peer authentication trust decisions
-     * @param sr the source of randomness for this generator
-     */
-    protected abstract void engineInit(KeyManager[] ah, TrustManager[] th,
-        SecureRandom sr) throws KeyManagementException;
-
-    /**
-     * Returns a <code>SocketFactory</code> object for this
-     * context.
-     *
-     * @return the factory
-     */
-    protected abstract SSLSocketFactory engineGetSocketFactory();
-
-    /**
-     * Returns a <code>ServerSocketFactory</code> object for
-     * this context.
-     *
-     * @return the factory
-     */
-    protected abstract SSLServerSocketFactory engineGetServerSocketFactory();
-}
--- a/src/java.base/share/classes/com/sun/net/ssl/SSLPermission.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,136 +0,0 @@
-/*
- * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * NOTE:  this file was copied from javax.net.ssl.SSLPermission
- */
-
-package com.sun.net.ssl;
-
-import java.security.*;
-import java.util.Enumeration;
-import java.util.Hashtable;
-import java.util.StringTokenizer;
-import java.security.Permissions;
-import java.lang.SecurityManager;
-
-/**
- * This class is for various network permissions.
- * An SSLPermission contains a name (also referred to as a "target name") but
- * no actions list; you either have the named permission
- * or you don't.
- * <P>
- * The target name is the name of the network permission (see below). The naming
- * convention follows the  hierarchical property naming convention.
- * Also, an asterisk
- * may appear at the end of the name, following a ".", or by itself, to
- * signify a wildcard match. For example: "foo.*" and "*" signify a wildcard
- * match, while "*foo" and "a*b" do not.
- * <P>
- * The following table lists all the possible SSLPermission target names,
- * and for each provides a description of what the permission allows
- * and a discussion of the risks of granting code the permission.
- *
- * <table border=1 cellpadding=5>
- * <tr>
- * <th>Permission Target Name</th>
- * <th>What the Permission Allows</th>
- * <th>Risks of Allowing this Permission</th>
- * </tr>
- *
- * <tr>
- *   <td>setHostnameVerifier</td>
- *   <td>The ability to set a callback which can decide whether to
- * allow a mismatch between the host being connected to by
- * an HttpsURLConnection and the common name field in
- * server certificate.
- *  </td>
- *   <td>Malicious
- * code can set a verifier that monitors host names visited by
- * HttpsURLConnection requests or that allows server certificates
- * with invalid common names.
- * </td>
- * </tr>
- *
- * <tr>
- *   <td>getSSLSessionContext</td>
- *   <td>The ability to get the SSLSessionContext of an SSLSession.
- * </td>
- *   <td>Malicious code may monitor sessions which have been established
- * with SSL peers or might invalidate sessions to slow down performance.
- * </td>
- * </tr>
- *
- * </table>
- *
- * @see java.security.BasicPermission
- * @see java.security.Permission
- * @see java.security.Permissions
- * @see java.security.PermissionCollection
- * @see java.lang.SecurityManager
- *
- *
- * @author Marianne Mueller
- * @author Roland Schemers
- *
- * @deprecated As of JDK 1.4, this implementation-specific class was
- *      replaced by {@link javax.net.ssl.SSLPermission}.
- */
-@Deprecated(since="1.4")
-public final class SSLPermission extends BasicPermission {
-
-    private static final long serialVersionUID = -2583684302506167542L;
-
-    /**
-     * Creates a new SSLPermission with the specified name.
-     * The name is the symbolic name of the SSLPermission, such as
-     * "setDefaultAuthenticator", etc. An asterisk
-     * may appear at the end of the name, following a ".", or by itself, to
-     * signify a wildcard match.
-     *
-     * @param name the name of the SSLPermission.
-     */
-
-    public SSLPermission(String name)
-    {
-        super(name);
-    }
-
-    /**
-     * Creates a new SSLPermission object with the specified name.
-     * The name is the symbolic name of the SSLPermission, and the
-     * actions String is currently unused and should be null. This
-     * constructor exists for use by the <code>Policy</code> object
-     * to instantiate new Permission objects.
-     *
-     * @param name the name of the SSLPermission.
-     * @param actions should be null.
-     */
-
-    public SSLPermission(String name, String actions)
-    {
-        super(name, actions);
-    }
-}
--- a/src/java.base/share/classes/com/sun/net/ssl/SSLSecurity.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,699 +0,0 @@
-/*
- * Copyright (c) 2000, 2014, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * NOTE:  this file was copied from javax.net.ssl.SSLSecurity,
- * but was heavily modified to allow com.sun.* users to
- * access providers written using the javax.sun.* APIs.
- */
-
-package com.sun.net.ssl;
-
-import java.util.*;
-import java.io.*;
-import java.security.*;
-import java.security.Provider.Service;
-import java.net.Socket;
-
-import sun.security.jca.*;
-
-/**
- * This class instantiates implementations of JSSE engine classes from
- * providers registered with the java.security.Security object.
- *
- * @author Jan Luehe
- * @author Jeff Nisewanger
- * @author Brad Wetmore
- */
-
-final class SSLSecurity {
-
-    /*
-     * Don't let anyone instantiate this.
-     */
-    private SSLSecurity() {
-    }
-
-
-    // ProviderList.getService() is not accessible now, implement our own loop
-    private static Service getService(String type, String alg) {
-        ProviderList list = Providers.getProviderList();
-        for (Provider p : list.providers()) {
-            Service s = p.getService(type, alg);
-            if (s != null) {
-                return s;
-            }
-        }
-        return null;
-    }
-
-    /**
-     * The body of the driver for the getImpl method.
-     */
-    private static Object[] getImpl1(String algName, String engineType,
-            Service service) throws NoSuchAlgorithmException
-    {
-        Provider provider = service.getProvider();
-        String className = service.getClassName();
-        Class<?> implClass;
-        try {
-            ClassLoader cl = provider.getClass().getClassLoader();
-            if (cl == null) {
-                // system class
-                implClass = Class.forName(className);
-            } else {
-                implClass = cl.loadClass(className);
-            }
-        } catch (ClassNotFoundException e) {
-            throw new NoSuchAlgorithmException("Class " + className +
-                                                " configured for " +
-                                                engineType +
-                                                " not found: " +
-                                                e.getMessage());
-        } catch (SecurityException e) {
-            throw new NoSuchAlgorithmException("Class " + className +
-                                                " configured for " +
-                                                engineType +
-                                                " cannot be accessed: " +
-                                                e.getMessage());
-        }
-
-        /*
-         * JSSE 1.0, 1.0.1, and 1.0.2 used the com.sun.net.ssl API as the
-         * API was being developed.  As JSSE was folded into the main
-         * release, it was decided to promote the com.sun.net.ssl API to
-         * be javax.net.ssl.  It is desired to keep binary compatibility
-         * with vendors of JSSE implementation written using the
-         * com.sun.net.sll API, so we do this magic to handle everything.
-         *
-         * API used     Implementation used     Supported?
-         * ========     ===================     ==========
-         * com.sun      javax                   Yes
-         * com.sun      com.sun                 Yes
-         * javax        javax                   Yes
-         * javax        com.sun                 Not Currently
-         *
-         * Make sure the implementation class is a subclass of the
-         * corresponding engine class.
-         *
-         * In wrapping these classes, there's no way to know how to
-         * wrap all possible classes that extend the TrustManager/KeyManager.
-         * We only wrap the x509 variants.
-         */
-
-        try {   // catch instantiation errors
-
-            /*
-             * (The following Class.forName()s should alway work, because
-             * this class and all the SPI classes in javax.crypto are
-             * loaded by the same class loader.)  That is, unless they
-             * give us a SPI class that doesn't exist, say SSLFoo,
-             * or someone has removed classes from the java.base module.
-             */
-
-            Class<?> typeClassJavax;
-            Class<?> typeClassCom;
-            Object obj = null;
-
-            /*
-             * Odds are more likely that we have a javax variant, try this
-             * first.
-             */
-            if (((typeClassJavax = Class.forName("javax.net.ssl." +
-                    engineType + "Spi")) != null) &&
-                    (checkSuperclass(implClass, typeClassJavax))) {
-
-                if (engineType.equals("SSLContext")) {
-                    obj = new SSLContextSpiWrapper(algName, provider);
-                } else if (engineType.equals("TrustManagerFactory")) {
-                    obj = new TrustManagerFactorySpiWrapper(algName, provider);
-                } else if (engineType.equals("KeyManagerFactory")) {
-                    obj = new KeyManagerFactorySpiWrapper(algName, provider);
-                } else {
-                    /*
-                     * We should throw an error if we get
-                     * something totally unexpected.  Don't ever
-                     * expect to see this one...
-                     */
-                    throw new IllegalStateException(
-                        "Class " + implClass.getName() +
-                        " unknown engineType wrapper:" + engineType);
-                }
-
-            } else if (((typeClassCom = Class.forName("com.sun.net.ssl." +
-                        engineType + "Spi")) != null) &&
-                        (checkSuperclass(implClass, typeClassCom))) {
-                obj = service.newInstance(null);
-            }
-
-            if (obj != null) {
-                return new Object[] { obj, provider };
-            } else {
-                throw new NoSuchAlgorithmException(
-                    "Couldn't locate correct object or wrapper: " +
-                    engineType + " " + algName);
-            }
-
-        } catch (ClassNotFoundException e) {
-            IllegalStateException exc = new IllegalStateException(
-                "Engine Class Not Found for " + engineType);
-            exc.initCause(e);
-            throw exc;
-        }
-    }
-
-    /**
-     * Returns an array of objects: the first object in the array is
-     * an instance of an implementation of the requested algorithm
-     * and type, and the second object in the array identifies the provider
-     * of that implementation.
-     * The <code>provName</code> argument can be null, in which case all
-     * configured providers will be searched in order of preference.
-     */
-    static Object[] getImpl(String algName, String engineType, String provName)
-        throws NoSuchAlgorithmException, NoSuchProviderException
-    {
-        Service service;
-        if (provName != null) {
-            ProviderList list = Providers.getProviderList();
-            Provider prov = list.getProvider(provName);
-            if (prov == null) {
-                throw new NoSuchProviderException("No such provider: " +
-                                                  provName);
-            }
-            service = prov.getService(engineType, algName);
-        } else {
-            service = getService(engineType, algName);
-        }
-        if (service == null) {
-            throw new NoSuchAlgorithmException("Algorithm " + algName
-                                               + " not available");
-        }
-        return getImpl1(algName, engineType, service);
-    }
-
-
-    /**
-     * Returns an array of objects: the first object in the array is
-     * an instance of an implementation of the requested algorithm
-     * and type, and the second object in the array identifies the provider
-     * of that implementation.
-     * The <code>prov</code> argument can be null, in which case all
-     * configured providers will be searched in order of preference.
-     */
-    static Object[] getImpl(String algName, String engineType, Provider prov)
-        throws NoSuchAlgorithmException
-    {
-        Service service = prov.getService(engineType, algName);
-        if (service == null) {
-            throw new NoSuchAlgorithmException("No such algorithm: " +
-                                               algName);
-        }
-        return getImpl1(algName, engineType, service);
-    }
-
-    /*
-     * Checks whether one class is the superclass of another
-     */
-    private static boolean checkSuperclass(Class<?> subclass, Class<?> superclass) {
-        if ((subclass == null) || (superclass == null))
-                return false;
-
-        while (!subclass.equals(superclass)) {
-            subclass = subclass.getSuperclass();
-            if (subclass == null) {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    /*
-     * Return at most the first "resize" elements of an array.
-     *
-     * Didn't want to use java.util.Arrays, as PJava may not have it.
-     */
-    static Object[] truncateArray(Object[] oldArray, Object[] newArray) {
-
-        for (int i = 0; i < newArray.length; i++) {
-            newArray[i] = oldArray[i];
-        }
-
-        return newArray;
-    }
-
-}
-
-
-/*
- * =================================================================
- * The remainder of this file is for the wrapper and wrapper-support
- * classes.  When SSLSecurity finds something which extends the
- * javax.net.ssl.*Spi, we need to go grab a real instance of the
- * thing that the Spi supports, and wrap into a com.sun.net.ssl.*Spi
- * object.  This also mean that anything going down into the SPI
- * needs to be wrapped, as well as anything coming back up.
- */
-@SuppressWarnings("deprecation")
-final class SSLContextSpiWrapper extends SSLContextSpi {
-
-    private javax.net.ssl.SSLContext theSSLContext;
-
-    SSLContextSpiWrapper(String algName, Provider prov) throws
-            NoSuchAlgorithmException {
-        theSSLContext = javax.net.ssl.SSLContext.getInstance(algName, prov);
-    }
-
-    @SuppressWarnings("deprecation")
-    protected void engineInit(KeyManager[] kma, TrustManager[] tma,
-            SecureRandom sr) throws KeyManagementException {
-
-        // Keep track of the actual number of array elements copied
-        int dst;
-        int src;
-        javax.net.ssl.KeyManager[] kmaw;
-        javax.net.ssl.TrustManager[] tmaw;
-
-        // Convert com.sun.net.ssl.kma to a javax.net.ssl.kma
-        // wrapper if need be.
-        if (kma != null) {
-            kmaw = new javax.net.ssl.KeyManager[kma.length];
-            for (src = 0, dst = 0; src < kma.length; ) {
-                /*
-                 * These key managers may implement both javax
-                 * and com.sun interfaces, so if they do
-                 * javax, there's no need to wrap them.
-                 */
-                if (!(kma[src] instanceof javax.net.ssl.KeyManager)) {
-                    /*
-                     * Do we know how to convert them?  If not, oh well...
-                     * We'll have to drop them on the floor in this
-                     * case, cause we don't know how to handle them.
-                     * This will be pretty rare, but put here for
-                     * completeness.
-                     */
-                    if (kma[src] instanceof X509KeyManager) {
-                        kmaw[dst] = (javax.net.ssl.KeyManager)
-                            new X509KeyManagerJavaxWrapper(
-                            (X509KeyManager)kma[src]);
-                        dst++;
-                    }
-                } else {
-                    // We can convert directly, since they implement.
-                    kmaw[dst] = (javax.net.ssl.KeyManager)kma[src];
-                    dst++;
-                }
-                src++;
-            }
-
-            /*
-             * If dst != src, there were more items in the original array
-             * than in the new array.  Compress the new elements to avoid
-             * any problems down the road.
-             */
-            if (dst != src) {
-                    kmaw = (javax.net.ssl.KeyManager [])
-                        SSLSecurity.truncateArray(kmaw,
-                            new javax.net.ssl.KeyManager [dst]);
-            }
-        } else {
-            kmaw = null;
-        }
-
-        // Now do the same thing with the TrustManagers.
-        if (tma != null) {
-            tmaw = new javax.net.ssl.TrustManager[tma.length];
-
-            for (src = 0, dst = 0; src < tma.length; ) {
-                /*
-                 * These key managers may implement both...see above...
-                 */
-                if (!(tma[src] instanceof javax.net.ssl.TrustManager)) {
-                    // Do we know how to convert them?
-                    if (tma[src] instanceof X509TrustManager) {
-                        tmaw[dst] = (javax.net.ssl.TrustManager)
-                            new X509TrustManagerJavaxWrapper(
-                            (X509TrustManager)tma[src]);
-                        dst++;
-                    }
-                } else {
-                    tmaw[dst] = (javax.net.ssl.TrustManager)tma[src];
-                    dst++;
-                }
-                src++;
-            }
-
-            if (dst != src) {
-                tmaw = (javax.net.ssl.TrustManager [])
-                    SSLSecurity.truncateArray(tmaw,
-                        new javax.net.ssl.TrustManager [dst]);
-            }
-        } else {
-            tmaw = null;
-        }
-
-        theSSLContext.init(kmaw, tmaw, sr);
-    }
-
-    protected javax.net.ssl.SSLSocketFactory
-            engineGetSocketFactory() {
-        return theSSLContext.getSocketFactory();
-    }
-
-    protected javax.net.ssl.SSLServerSocketFactory
-            engineGetServerSocketFactory() {
-        return theSSLContext.getServerSocketFactory();
-    }
-
-}
-
-@SuppressWarnings("deprecation")
-final class TrustManagerFactorySpiWrapper extends TrustManagerFactorySpi {
-
-    private javax.net.ssl.TrustManagerFactory theTrustManagerFactory;
-
-    TrustManagerFactorySpiWrapper(String algName, Provider prov) throws
-            NoSuchAlgorithmException {
-        theTrustManagerFactory =
-            javax.net.ssl.TrustManagerFactory.getInstance(algName, prov);
-    }
-
-    protected void engineInit(KeyStore ks) throws KeyStoreException {
-        theTrustManagerFactory.init(ks);
-    }
-
-    protected TrustManager[] engineGetTrustManagers() {
-
-        int dst;
-        int src;
-
-        javax.net.ssl.TrustManager[] tma =
-            theTrustManagerFactory.getTrustManagers();
-
-        TrustManager[] tmaw = new TrustManager[tma.length];
-
-        for (src = 0, dst = 0; src < tma.length; ) {
-            if (!(tma[src] instanceof com.sun.net.ssl.TrustManager)) {
-                // We only know how to wrap X509TrustManagers, as
-                // TrustManagers don't have any methods to wrap.
-                if (tma[src] instanceof javax.net.ssl.X509TrustManager) {
-                    tmaw[dst] = (TrustManager)
-                        new X509TrustManagerComSunWrapper(
-                        (javax.net.ssl.X509TrustManager)tma[src]);
-                    dst++;
-                }
-            } else {
-                tmaw[dst] = (TrustManager)tma[src];
-                dst++;
-            }
-            src++;
-        }
-
-        if (dst != src) {
-            tmaw = (TrustManager [])
-                SSLSecurity.truncateArray(tmaw, new TrustManager [dst]);
-        }
-
-        return tmaw;
-    }
-
-}
-
-@SuppressWarnings("deprecation")
-final class KeyManagerFactorySpiWrapper extends KeyManagerFactorySpi {
-
-    private javax.net.ssl.KeyManagerFactory theKeyManagerFactory;
-
-    KeyManagerFactorySpiWrapper(String algName, Provider prov) throws
-            NoSuchAlgorithmException {
-        theKeyManagerFactory =
-            javax.net.ssl.KeyManagerFactory.getInstance(algName, prov);
-    }
-
-    protected void engineInit(KeyStore ks, char[] password)
-            throws KeyStoreException, NoSuchAlgorithmException,
-            UnrecoverableKeyException {
-        theKeyManagerFactory.init(ks, password);
-    }
-
-    protected KeyManager[] engineGetKeyManagers() {
-
-        int dst;
-        int src;
-
-        javax.net.ssl.KeyManager[] kma =
-            theKeyManagerFactory.getKeyManagers();
-
-        KeyManager[] kmaw = new KeyManager[kma.length];
-
-        for (src = 0, dst = 0; src < kma.length; ) {
-            if (!(kma[src] instanceof com.sun.net.ssl.KeyManager)) {
-                // We only know how to wrap X509KeyManagers, as
-                // KeyManagers don't have any methods to wrap.
-                if (kma[src] instanceof javax.net.ssl.X509KeyManager) {
-                    kmaw[dst] = (KeyManager)
-                        new X509KeyManagerComSunWrapper(
-                        (javax.net.ssl.X509KeyManager)kma[src]);
-                    dst++;
-                }
-            } else {
-                kmaw[dst] = (KeyManager)kma[src];
-                dst++;
-            }
-            src++;
-        }
-
-        if (dst != src) {
-            kmaw = (KeyManager [])
-                SSLSecurity.truncateArray(kmaw, new KeyManager [dst]);
-        }
-
-        return kmaw;
-    }
-
-}
-
-// =================================
-
-@SuppressWarnings("deprecation")
-final class X509KeyManagerJavaxWrapper implements
-        javax.net.ssl.X509KeyManager {
-
-    private X509KeyManager theX509KeyManager;
-
-    X509KeyManagerJavaxWrapper(X509KeyManager obj) {
-        theX509KeyManager = obj;
-    }
-
-    public String[] getClientAliases(String keyType, Principal[] issuers) {
-        return theX509KeyManager.getClientAliases(keyType, issuers);
-    }
-
-    public String chooseClientAlias(String[] keyTypes, Principal[] issuers,
-            Socket socket) {
-        String retval;
-
-        if (keyTypes == null) {
-            return null;
-        }
-
-        /*
-         * Scan the list, look for something we can pass back.
-         */
-        for (int i = 0; i < keyTypes.length; i++) {
-            if ((retval = theX509KeyManager.chooseClientAlias(keyTypes[i],
-                    issuers)) != null)
-                return retval;
-        }
-        return null;
-
-    }
-
-    /*
-     * JSSE 1.0.x was only socket based, but it's possible someone might
-     * want to install a really old provider.  We should at least
-     * try to be nice.
-     */
-    public String chooseEngineClientAlias(
-            String[] keyTypes, Principal[] issuers,
-            javax.net.ssl.SSLEngine engine) {
-        String retval;
-
-        if (keyTypes == null) {
-            return null;
-        }
-
-        /*
-         * Scan the list, look for something we can pass back.
-         */
-        for (int i = 0; i < keyTypes.length; i++) {
-            if ((retval = theX509KeyManager.chooseClientAlias(keyTypes[i],
-                    issuers)) != null)
-                return retval;
-        }
-
-        return null;
-    }
-
-    public String[] getServerAliases(String keyType, Principal[] issuers) {
-        return theX509KeyManager.getServerAliases(keyType, issuers);
-    }
-
-    public String chooseServerAlias(String keyType, Principal[] issuers,
-            Socket socket) {
-
-        if (keyType == null) {
-            return null;
-        }
-        return theX509KeyManager.chooseServerAlias(keyType, issuers);
-    }
-
-    /*
-     * JSSE 1.0.x was only socket based, but it's possible someone might
-     * want to install a really old provider.  We should at least
-     * try to be nice.
-     */
-    public String chooseEngineServerAlias(
-            String keyType, Principal[] issuers,
-            javax.net.ssl.SSLEngine engine) {
-
-        if (keyType == null) {
-            return null;
-        }
-        return theX509KeyManager.chooseServerAlias(keyType, issuers);
-    }
-
-    public java.security.cert.X509Certificate[]
-            getCertificateChain(String alias) {
-        return theX509KeyManager.getCertificateChain(alias);
-    }
-
-    public PrivateKey getPrivateKey(String alias) {
-        return theX509KeyManager.getPrivateKey(alias);
-    }
-}
-
-@SuppressWarnings("deprecation")
-final class X509TrustManagerJavaxWrapper implements
-        javax.net.ssl.X509TrustManager {
-
-    private X509TrustManager theX509TrustManager;
-
-    X509TrustManagerJavaxWrapper(X509TrustManager obj) {
-        theX509TrustManager = obj;
-    }
-
-    public void checkClientTrusted(
-            java.security.cert.X509Certificate[] chain, String authType)
-        throws java.security.cert.CertificateException {
-        if (!theX509TrustManager.isClientTrusted(chain)) {
-            throw new java.security.cert.CertificateException(
-                "Untrusted Client Certificate Chain");
-        }
-    }
-
-    public void checkServerTrusted(
-            java.security.cert.X509Certificate[] chain, String authType)
-        throws java.security.cert.CertificateException {
-        if (!theX509TrustManager.isServerTrusted(chain)) {
-            throw new java.security.cert.CertificateException(
-                "Untrusted Server Certificate Chain");
-        }
-    }
-
-    public java.security.cert.X509Certificate[] getAcceptedIssuers() {
-        return theX509TrustManager.getAcceptedIssuers();
-    }
-}
-
-@SuppressWarnings("deprecation")
-final class X509KeyManagerComSunWrapper implements X509KeyManager {
-
-    private javax.net.ssl.X509KeyManager theX509KeyManager;
-
-    X509KeyManagerComSunWrapper(javax.net.ssl.X509KeyManager obj) {
-        theX509KeyManager = obj;
-    }
-
-    public String[] getClientAliases(String keyType, Principal[] issuers) {
-        return theX509KeyManager.getClientAliases(keyType, issuers);
-    }
-
-    public String chooseClientAlias(String keyType, Principal[] issuers) {
-        String [] keyTypes = new String [] { keyType };
-        return theX509KeyManager.chooseClientAlias(keyTypes, issuers, null);
-    }
-
-    public String[] getServerAliases(String keyType, Principal[] issuers) {
-        return theX509KeyManager.getServerAliases(keyType, issuers);
-    }
-
-    public String chooseServerAlias(String keyType, Principal[] issuers) {
-        return theX509KeyManager.chooseServerAlias(keyType, issuers, null);
-    }
-
-    public java.security.cert.X509Certificate[]
-            getCertificateChain(String alias) {
-        return theX509KeyManager.getCertificateChain(alias);
-    }
-
-    public PrivateKey getPrivateKey(String alias) {
-        return theX509KeyManager.getPrivateKey(alias);
-    }
-}
-
-@SuppressWarnings("deprecation")
-final class X509TrustManagerComSunWrapper implements X509TrustManager {
-
-    private javax.net.ssl.X509TrustManager theX509TrustManager;
-
-    X509TrustManagerComSunWrapper(javax.net.ssl.X509TrustManager obj) {
-        theX509TrustManager = obj;
-    }
-
-    public boolean isClientTrusted(
-            java.security.cert.X509Certificate[] chain) {
-        try {
-            theX509TrustManager.checkClientTrusted(chain, "UNKNOWN");
-            return true;
-        } catch (java.security.cert.CertificateException e) {
-            return false;
-        }
-    }
-
-    public boolean isServerTrusted(
-            java.security.cert.X509Certificate[] chain) {
-        try {
-            theX509TrustManager.checkServerTrusted(chain, "UNKNOWN");
-            return true;
-        } catch (java.security.cert.CertificateException e) {
-            return false;
-        }
-    }
-
-    public java.security.cert.X509Certificate[] getAcceptedIssuers() {
-        return theX509TrustManager.getAcceptedIssuers();
-    }
-}
--- a/src/java.base/share/classes/com/sun/net/ssl/TrustManager.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,42 +0,0 @@
-/*
- * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * NOTE:  this file was copied from javax.net.ssl.TrustManager
- */
-
-package com.sun.net.ssl;
-
-/**
- * Base interface for JSSE trust managers which manage
- * authentication trust decisions for different types of
- * authentication material.
- *
- * @deprecated As of JDK 1.4, this implementation-specific class was
- *      replaced by {@link javax.net.ssl.TrustManager}.
- */
-@Deprecated(since="1.4")
-public interface TrustManager {
-}
--- a/src/java.base/share/classes/com/sun/net/ssl/TrustManagerFactory.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,220 +0,0 @@
-/*
- * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * NOTE:  this file was copied from javax.net.ssl.TrustManagerFactory
- */
-
-package com.sun.net.ssl;
-
-import java.security.*;
-
-/**
- * This class acts as a factory for trust managers based on a
- * source of trust material. Each trust manager manages a specific
- * type of trust material for use by secure sockets. The trust
- * material is based on a KeyStore and/or provider specific sources.
- *
- * @deprecated As of JDK 1.4, this implementation-specific class was
- *      replaced by {@link javax.net.ssl.TrustManagerFactory}.
- */
-@Deprecated(since="1.4")
-public class TrustManagerFactory {
-    // The provider
-    private Provider provider;
-
-    // The provider implementation (delegate)
-    private TrustManagerFactorySpi factorySpi;
-
-    // The name of the trust management algorithm.
-    private String algorithm;
-
-    /**
-     * <p>The default TrustManager can be changed by setting the value of the
-     * {@code sun.ssl.trustmanager.type} security property to the desired name.
-     *
-     * @return the default type as specified by the
-     * {@code sun.ssl.trustmanager.type} security property, or an
-     * implementation-specific default if no such property exists.
-     *
-     * @see java.security.Security security properties
-     */
-    public static final String getDefaultAlgorithm() {
-        String type;
-        type = AccessController.doPrivileged(new PrivilegedAction<>() {
-            public String run() {
-                return Security.getProperty("sun.ssl.trustmanager.type");
-            }
-        });
-        if (type == null) {
-            type = "SunX509";
-        }
-        return type;
-
-    }
-
-    /**
-     * Creates a TrustManagerFactory object.
-     *
-     * @param factorySpi the delegate
-     * @param provider the provider
-     * @param algorithm the algorithm
-     */
-    protected TrustManagerFactory(TrustManagerFactorySpi factorySpi,
-            Provider provider, String algorithm) {
-        this.factorySpi = factorySpi;
-        this.provider = provider;
-        this.algorithm = algorithm;
-    }
-
-    /**
-     * Returns the algorithm name of this <code>TrustManagerFactory</code>
-     * object.
-     *
-     * <p>This is the same name that was specified in one of the
-     * <code>getInstance</code> calls that created this
-     * <code>TrustManagerFactory</code> object.
-     *
-     * @return the algorithm name of this <code>TrustManagerFactory</code>
-     * object.
-     */
-    public final String getAlgorithm() {
-        return this.algorithm;
-    }
-
-    /**
-     * Generates a <code>TrustManagerFactory</code> object that implements the
-     * specified trust management algorithm.
-     * If the default provider package provides an implementation of the
-     * requested trust management algorithm, an instance of
-     * <code>TrustManagerFactory</code> containing that implementation is
-     * returned.  If the algorithm is not available in the default provider
-     * package, other provider packages are searched.
-     *
-     * @param algorithm the standard name of the requested trust management
-     * algorithm.
-     *
-     * @return the new <code>TrustManagerFactory</code> object
-     *
-     * @exception NoSuchAlgorithmException if the specified algorithm is not
-     * available in the default provider package or any of the other provider
-     * packages that were searched.
-     */
-    public static final TrustManagerFactory getInstance(String algorithm)
-        throws NoSuchAlgorithmException
-    {
-        try {
-            Object[] objs = SSLSecurity.getImpl(algorithm,
-                "TrustManagerFactory", (String) null);
-            return new TrustManagerFactory((TrustManagerFactorySpi)objs[0],
-                                    (Provider)objs[1],
-                                    algorithm);
-        } catch (NoSuchProviderException e) {
-            throw new NoSuchAlgorithmException(algorithm + " not found");
-        }
-    }
-
-    /**
-     * Generates a <code>TrustManagerFactory</code> object for the specified
-     * trust management algorithm from the specified provider.
-     *
-     * @param algorithm the standard name of the requested trust management
-     * algorithm.
-     * @param provider the name of the provider
-     *
-     * @return the new <code>TrustManagerFactory</code> object
-     *
-     * @exception NoSuchAlgorithmException if the specified algorithm is not
-     * available from the specified provider.
-     * @exception NoSuchProviderException if the specified provider has not
-     * been configured.
-     */
-    public static final TrustManagerFactory getInstance(String algorithm,
-                                                 String provider)
-        throws NoSuchAlgorithmException, NoSuchProviderException
-    {
-        if (provider == null || provider.isEmpty())
-            throw new IllegalArgumentException("missing provider");
-        Object[] objs = SSLSecurity.getImpl(algorithm, "TrustManagerFactory",
-                                            provider);
-        return new TrustManagerFactory((TrustManagerFactorySpi)objs[0],
-            (Provider)objs[1], algorithm);
-    }
-
-    /**
-     * Generates a <code>TrustManagerFactory</code> object for the specified
-     * trust management algorithm from the specified provider.
-     *
-     * @param algorithm the standard name of the requested trust management
-     * algorithm.
-     * @param provider an instance of the provider
-     *
-     * @return the new <code>TrustManagerFactory</code> object
-     *
-     * @exception NoSuchAlgorithmException if the specified algorithm is not
-     * available from the specified provider.
-     */
-    public static final TrustManagerFactory getInstance(String algorithm,
-                                                 Provider provider)
-        throws NoSuchAlgorithmException
-    {
-        if (provider == null)
-            throw new IllegalArgumentException("missing provider");
-        Object[] objs = SSLSecurity.getImpl(algorithm, "TrustManagerFactory",
-                                            provider);
-        return new TrustManagerFactory((TrustManagerFactorySpi)objs[0],
-            (Provider)objs[1], algorithm);
-    }
-
-    /**
-     * Returns the provider of this <code>TrustManagerFactory</code> object.
-     *
-     * @return the provider of this <code>TrustManagerFactory</code> object
-     */
-    public final Provider getProvider() {
-        return this.provider;
-    }
-
-
-    /**
-     * Initializes this factory with a source of certificate
-     * authorities and related trust material. The
-     * provider may also include a provider-specific source
-     * of key material.
-     *
-     * @param ks the key store or null
-     */
-    public void init(KeyStore ks) throws KeyStoreException {
-        factorySpi.engineInit(ks);
-    }
-
-    /**
-     * Returns one trust manager for each type of trust material.
-     * @return the trust managers
-     */
-    public TrustManager[] getTrustManagers() {
-        return factorySpi.engineGetTrustManagers();
-    }
-}
--- a/src/java.base/share/classes/com/sun/net/ssl/TrustManagerFactorySpi.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,62 +0,0 @@
-/*
- * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * NOTE:  this file was copied from javax.net.ssl.TrustManagerFactorySpi
- */
-
-package com.sun.net.ssl;
-
-import java.security.*;
-
-/**
- * This class defines the <i>Service Provider Interface</i> (<b>SPI</b>)
- * for the <code>TrustManagerFactory</code> class.
- *
- * <p> All the abstract methods in this class must be implemented by each
- * cryptographic service provider who wishes to supply the implementation
- * of a particular trust manager factory.
- *
- * @deprecated As of JDK 1.4, this implementation-specific class was
- *      replaced by {@link javax.net.ssl.TrustManagerFactorySpi}.
- */
-@Deprecated(since="1.4")
-public abstract class TrustManagerFactorySpi {
-    /**
-     * Initializes this factory with a source of certificate
-     * authorities and related trust material. The
-     * provider may also include a provider-specific source
-     * of key material.
-     *
-     * @param ks the key store or null
-     */
-    protected abstract void engineInit(KeyStore ks) throws KeyStoreException;
-
-    /**
-     * Returns one trust manager for each type of trust material.
-     * @return the trust managers
-     */
-    protected abstract TrustManager[] engineGetTrustManagers();
-}
--- a/src/java.base/share/classes/com/sun/net/ssl/X509KeyManager.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,109 +0,0 @@
-/*
- * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * NOTE:  this file was copied from javax.net.ssl.X509KeyManager
- */
-
-package com.sun.net.ssl;
-
-import java.security.KeyManagementException;
-import java.security.PrivateKey;
-import java.security.Principal;
-import java.security.cert.X509Certificate;
-
-/**
- * Instances of this interface manage which X509 certificate-based
- * key pairs are used to authenticate the local side of a secure
- * socket. The individual entries are identified by unique alias names.
- *
- * @deprecated As of JDK 1.4, this implementation-specific class was
- *      replaced by {@link javax.net.ssl.X509KeyManager}.
- */
-@Deprecated(since="1.4")
-public interface X509KeyManager extends KeyManager {
-    /**
-     * Get the matching aliases for authenticating the client side of a secure
-     * socket given the public key type and the list of
-     * certificate issuer authorities recognized by the peer (if any).
-     *
-     * @param keyType the key algorithm type name
-     * @param issuers the list of acceptable CA issuer subject names
-     * @return the matching alias names
-     */
-    public String[] getClientAliases(String keyType, Principal[] issuers);
-
-    /**
-     * Choose an alias to authenticate the client side of a secure
-     * socket given the public key type and the list of
-     * certificate issuer authorities recognized by the peer (if any).
-     *
-     * @param keyType the key algorithm type name
-     * @param issuers the list of acceptable CA issuer subject names
-     * @return the alias name for the desired key
-     */
-    public String chooseClientAlias(String keyType, Principal[] issuers);
-
-    /**
-     * Get the matching aliases for authenticating the server side of a secure
-     * socket given the public key type and the list of
-     * certificate issuer authorities recognized by the peer (if any).
-     *
-     * @param keyType the key algorithm type name
-     * @param issuers the list of acceptable CA issuer subject names
-     * @return the matching alias names
-     */
-    public String[] getServerAliases(String keyType, Principal[] issuers);
-
-    /**
-     * Choose an alias to authenticate the server side of a secure
-     * socket given the public key type and the list of
-     * certificate issuer authorities recognized by the peer (if any).
-     *
-     * @param keyType the key algorithm type name
-     * @param issuers the list of acceptable CA issuer subject names
-     * @return the alias name for the desired key
-     */
-    public String chooseServerAlias(String keyType, Principal[] issuers);
-
-    /**
-     * Returns the certificate chain associated with the given alias.
-     *
-     * @param alias the alias name
-     *
-     * @return the certificate chain (ordered with the user's certificate first
-     * and the root certificate authority last)
-     */
-    public X509Certificate[] getCertificateChain(String alias);
-
-    /*
-     * Returns the key associated with the given alias.
-     *
-     * @param alias the alias name
-     *
-     * @return the requested key
-     */
-    public PrivateKey getPrivateKey(String alias);
-}
--- a/src/java.base/share/classes/com/sun/net/ssl/X509TrustManager.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,73 +0,0 @@
-/*
- * Copyright (c) 2000, 2017, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * NOTE:  this file was copied from javax.net.ssl.X509TrustManager
- */
-
-package com.sun.net.ssl;
-
-import java.security.cert.X509Certificate;
-
-/**
- * Instance of this interface manage which X509 certificates
- * may be used to authenticate the remote side of a secure
- * socket. Decisions may be based on trusted certificate
- * authorities, certificate revocation lists, online
- * status checking or other means.
- *
- * @deprecated As of JDK 1.4, this implementation-specific class was
- *      replaced by {@link javax.net.ssl.X509TrustManager}.
- */
-@Deprecated(since="1.4")
-public interface X509TrustManager extends TrustManager {
-    /**
-     * Given the partial or complete certificate chain
-     * provided by the peer, build a certificate path
-     * to a trusted root and return true if it can be
-     * validated and is trusted for client SSL authentication.
-     *
-     * @param chain the peer certificate chain
-     */
-    public boolean isClientTrusted(X509Certificate[] chain);
-
-    /**
-     * Given the partial or complete certificate chain
-     * provided by the peer, build a certificate path
-     * to a trusted root and return true if it can be
-     * validated and is trusted for server SSL authentication.
-     *
-     * @param chain the peer certificate chain
-     */
-    public boolean isServerTrusted(X509Certificate[] chain);
-
-    /**
-     * Return an array of certificate authority certificates
-     * which are trusted for authenticating peers.
-     *
-     * @return the acceptable CA issuer certificates
-     */
-    public X509Certificate[] getAcceptedIssuers();
-}
--- a/src/java.base/share/classes/com/sun/net/ssl/internal/ssl/Provider.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,52 +0,0 @@
-/*
- * Copyright (c) 2007, 2019, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package com.sun.net.ssl.internal.ssl;
-
-import sun.security.ssl.SunJSSE;
-
-/**
- * Main class for the SunJSSE provider. The actual code was moved to the
- * class sun.security.ssl.SunJSSE, but for backward compatibility we
- * continue to use this class as the main Provider class.
- */
-@Deprecated(since="9")
-public final class Provider extends SunJSSE {
-
-    private static final long serialVersionUID = 3231825739635378733L;
-
-    // standard constructor
-    public Provider() {
-        super();
-    }
-
-    /**
-     * Installs the JSSE provider.
-     */
-    public static synchronized void install() {
-        /* nop. Remove this method in the future. */
-    }
-
-}
--- a/src/java.base/share/classes/com/sun/net/ssl/internal/ssl/X509ExtendedTrustManager.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,123 +0,0 @@
-/*
- * Copyright (c) 2005, 2017, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package com.sun.net.ssl.internal.ssl;
-
-import javax.net.ssl.X509TrustManager;
-
-import java.security.cert.X509Certificate;
-import java.security.cert.CertificateException;
-
-/**
- * Instance of this class is an extension of <code>X509TrustManager</code>.
- * <p>
- * Note that this class is referenced by the Deploy workspace. Any updates
- * must make sure that they do not cause any breakage there.
- * <p>
- * It takes the responsiblity of checking the peer identity with its
- * principal declared in the cerificate.
- * <p>
- * The class provides an alternative to <code>HostnameVerifer</code>.
- * If application customizes its <code>HostnameVerifer</code> for
- * <code>HttpsURLConnection</code>, the peer identity will be checked
- * by the customized <code>HostnameVerifer</code>; otherwise, it will
- * be checked by the extended trust manager.
- * <p>
- * RFC2830 defines the server identification specification for "LDAP"
- * algorithm. RFC2818 defines both the server identification and the
- * client identification specification for "HTTPS" algorithm.
- *
- * @see X509TrustManager
- * @see HostnameVerifier
- *
- * @since 1.6
- * @author Xuelei Fan
- */
-@Deprecated(since="9")
-public abstract class X509ExtendedTrustManager implements X509TrustManager {
-    /**
-     * Constructor used by subclasses only.
-     */
-    protected X509ExtendedTrustManager() {
-    }
-
-    /**
-     * Given the partial or complete certificate chain provided by the
-     * peer, check its identity and build a certificate path to a trusted
-     * root, return if it can be validated and is trusted for client SSL
-     * authentication based on the authentication type.
-     * <p>
-     * The authentication type is determined by the actual certificate
-     * used. For instance, if RSAPublicKey is used, the authType
-     * should be "RSA". Checking is case-sensitive.
-     * <p>
-     * The algorithm parameter specifies the client identification protocol
-     * to use. If the algorithm and the peer hostname are available, the
-     * peer hostname is checked against the peer's identity presented in
-     * the X509 certificate, in order to prevent masquerade attacks.
-     *
-     * @param chain the peer certificate chain
-     * @param authType the authentication type based on the client certificate
-     * @param hostname the peer hostname
-     * @param algorithm the identification algorithm
-     * @throws IllegalArgumentException if null or zero-length chain
-     *         is passed in for the chain parameter or if null or zero-length
-     *         string is passed in for the  authType parameter
-     * @throws CertificateException if the certificate chain is not trusted
-     *         by this TrustManager.
-     */
-    public abstract void checkClientTrusted(X509Certificate[] chain,
-        String authType, String hostname, String algorithm)
-        throws CertificateException;
-
-    /**
-     * Given the partial or complete certificate chain provided by the
-     * peer, check its identity and build a certificate path to a trusted
-     * root, return if it can be validated and is trusted for server SSL
-     * authentication based on the authentication type.
-     * <p>
-     * The authentication type is the key exchange algorithm portion
-     * of the cipher suites represented as a String, such as "RSA",
-     * "DHE_DSS". Checking is case-sensitive.
-     * <p>
-     * The algorithm parameter specifies the server identification protocol
-     * to use. If the algorithm and the peer hostname are available, the
-     * peer hostname is checked against the peer's identity presented in
-     * the X509 certificate, in order to prevent masquerade attacks.
-     *
-     * @param chain the peer certificate chain
-     * @param authType the key exchange algorithm used
-     * @param hostname the peer hostname
-     * @param algorithm the identification algorithm
-     * @throws IllegalArgumentException if null or zero-length chain
-     *         is passed in for the chain parameter or if null or zero-length
-     *         string is passed in for the  authType parameter
-     * @throws CertificateException if the certificate chain is not trusted
-     *         by this TrustManager.
-     */
-    public abstract void checkServerTrusted(X509Certificate[] chain,
-        String authType, String hostname, String algorithm)
-        throws CertificateException;
-}
--- a/src/java.base/share/classes/com/sun/net/ssl/internal/www/protocol/https/DelegateHttpsURLConnection.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,178 +0,0 @@
-/*
- * Copyright (c) 2001, 2017, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package com.sun.net.ssl.internal.www.protocol.https;
-
-import java.net.URL;
-import java.net.Proxy;
-import java.io.IOException;
-import java.util.Collection;
-import java.util.List;
-import java.util.Iterator;
-
-import java.security.Principal;
-import java.security.cert.*;
-
-import javax.security.auth.x500.X500Principal;
-
-import sun.security.util.HostnameChecker;
-import sun.security.util.DerValue;
-import sun.security.x509.X500Name;
-
-import sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection;
-
-/**
- * This class was introduced to provide an additional level of
- * abstraction between javax.net.ssl.HttpURLConnection and
- * com.sun.net.ssl.HttpURLConnection objects. <p>
- *
- * javax.net.ssl.HttpURLConnection is used in the new sun.net version
- * of protocol implementation (this one)
- * com.sun.net.ssl.HttpURLConnection is used in the com.sun version.
- *
- */
-@Deprecated(since="9")
-@SuppressWarnings("deprecation") // HttpsURLConnection is deprecated
-public class DelegateHttpsURLConnection extends AbstractDelegateHttpsURLConnection {
-
-    // we need a reference to the HttpsURLConnection to get
-    // the properties set there
-    // we also need it to be public so that it can be referenced
-    // from sun.net.www.protocol.http.HttpURLConnection
-    // this is for ResponseCache.put(URI, URLConnection)
-    // second parameter needs to be cast to javax.net.ssl.HttpsURLConnection
-    // instead of AbstractDelegateHttpsURLConnection
-
-    public com.sun.net.ssl.HttpsURLConnection httpsURLConnection;
-
-    DelegateHttpsURLConnection(URL url,
-            sun.net.www.protocol.http.Handler handler,
-            com.sun.net.ssl.HttpsURLConnection httpsURLConnection)
-            throws IOException {
-        this(url, null, handler, httpsURLConnection);
-    }
-
-    DelegateHttpsURLConnection(URL url, Proxy p,
-            sun.net.www.protocol.http.Handler handler,
-            com.sun.net.ssl.HttpsURLConnection httpsURLConnection)
-            throws IOException {
-        super(url, p, handler);
-        this.httpsURLConnection = httpsURLConnection;
-    }
-
-    protected javax.net.ssl.SSLSocketFactory getSSLSocketFactory() {
-        return httpsURLConnection.getSSLSocketFactory();
-    }
-
-    protected javax.net.ssl.HostnameVerifier getHostnameVerifier() {
-        // note: getHostnameVerifier() never returns null
-        return new VerifierWrapper(httpsURLConnection.getHostnameVerifier());
-    }
-
-    /*
-     * Called by layered delegator's finalize() method to handle closing
-     * the underlying object.
-     */
-    protected void dispose() throws Throwable {
-        super.finalize();
-    }
-}
-
-class VerifierWrapper implements javax.net.ssl.HostnameVerifier {
-    @SuppressWarnings("deprecation")
-    private com.sun.net.ssl.HostnameVerifier verifier;
-
-    @SuppressWarnings("deprecation")
-    VerifierWrapper(com.sun.net.ssl.HostnameVerifier verifier) {
-        this.verifier = verifier;
-    }
-
-    /*
-     * In com.sun.net.ssl.HostnameVerifier the method is defined
-     * as verify(String urlHostname, String certHostname).
-     * This means we need to extract the hostname from the X.509 certificate
-     * in this wrapper.
-     */
-    public boolean verify(String hostname, javax.net.ssl.SSLSession session) {
-        try {
-            Certificate[] serverChain = session.getPeerCertificates();
-            if ((serverChain == null) || (serverChain.length == 0)) {
-                return false;
-            }
-            if (serverChain[0] instanceof X509Certificate == false) {
-                return false;
-            }
-            X509Certificate serverCert = (X509Certificate)serverChain[0];
-            String serverName = getServername(serverCert);
-            if (serverName == null) {
-                return false;
-            }
-            return verifier.verify(hostname, serverName);
-        } catch (javax.net.ssl.SSLPeerUnverifiedException e) {
-            return false;
-        }
-    }
-
-    /*
-     * Extract the name of the SSL server from the certificate.
-     *
-     * Note this code is essentially a subset of the hostname extraction
-     * code in HostnameChecker.
-     */
-    private static String getServername(X509Certificate peerCert) {
-        try {
-            // compare to subjectAltNames if dnsName is present
-            Collection<List<?>> subjAltNames = peerCert.getSubjectAlternativeNames();
-            if (subjAltNames != null) {
-                for (Iterator<List<?>> itr = subjAltNames.iterator(); itr.hasNext(); ) {
-                    List<?> next = itr.next();
-                    if (((Integer)next.get(0)).intValue() == 2) {
-                        // compare dNSName with host in url
-                        String dnsName = ((String)next.get(1));
-                        return dnsName;
-                    }
-                }
-            }
-
-            // else check against common name in the subject field
-            X500Name subject = HostnameChecker.getSubjectX500Name(peerCert);
-
-            DerValue derValue = subject.findMostSpecificAttribute
-                                                (X500Name.commonName_oid);
-            if (derValue != null) {
-                try {
-                    String name = derValue.getAsString();
-                    return name;
-                } catch (IOException e) {
-                    // ignore
-                }
-            }
-        } catch (java.security.cert.CertificateException e) {
-            // ignore
-        }
-        return null;
-    }
-
-}
--- a/src/java.base/share/classes/com/sun/net/ssl/internal/www/protocol/https/Handler.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,56 +0,0 @@
-/*
- * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-package com.sun.net.ssl.internal.www.protocol.https;
-
-import java.io.IOException;
-import java.net.URL;
-import java.net.Proxy;
-
-/**
- * This class exists for compatibility with previous JSSE releases
- * only. The HTTPS implementation can now be found in
- * sun.net.www.protocol.https.
- *
- */
-@Deprecated(since="9")
-public class Handler extends sun.net.www.protocol.https.Handler {
-
-    public Handler() {
-        super();
-    }
-
-    public Handler(String proxy, int port) {
-        super(proxy, port);
-    }
-
-    protected java.net.URLConnection openConnection(URL u) throws IOException {
-        return openConnection(u, (Proxy)null);
-    }
-
-    protected java.net.URLConnection openConnection(URL u, Proxy p) throws IOException {
-        return new HttpsURLConnectionOldImpl(u, p, this);
-    }
-}
--- a/src/java.base/share/classes/com/sun/net/ssl/internal/www/protocol/https/HttpsURLConnectionOldImpl.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,506 +0,0 @@
-/*
- * Copyright (c) 1996, 2017, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * NOTE: This class lives in the package sun.net.www.protocol.https.
- * There is a copy in com.sun.net.ssl.internal.www.protocol.https for JSSE
- * 1.0.2 compatibility. It is 100% identical except the package and extends
- * lines. Any changes should be made to be class in sun.net.* and then copied
- * to com.sun.net.*.
- */
-
-// For both copies of the file, uncomment one line and comment the other
-// package sun.net.www.protocol.https;
-package com.sun.net.ssl.internal.www.protocol.https;
-
-import java.net.URL;
-import java.net.Proxy;
-import java.net.ProtocolException;
-import java.net.MalformedURLException;
-import java.io.*;
-import java.net.Authenticator;
-import javax.net.ssl.*;
-import java.security.Permission;
-import java.util.Map;
-import java.util.List;
-import sun.net.www.http.HttpClient;
-
-/**
- * A class to represent an HTTP connection to a remote object.
- *
- * Ideally, this class should subclass and inherit the http handler
- * implementation, but it can't do so because that class have the
- * wrong Java Type.  Thus it uses the delegate (aka, the
- * Adapter/Wrapper design pattern) to reuse code from the http
- * handler.
- *
- * Since it would use a delegate to access
- * sun.net.www.protocol.http.HttpURLConnection functionalities, it
- * needs to implement all public methods in it's super class and all
- * the way to Object.
- *
- */
-
-// For both copies of the file, uncomment one line and comment the other
-// public class HttpsURLConnectionImpl
-//      extends javax.net.ssl.HttpsURLConnection {
-@Deprecated(since="9")
-@SuppressWarnings("deprecation") // HttpsURLConnection is deprecated
-public class HttpsURLConnectionOldImpl
-        extends com.sun.net.ssl.HttpsURLConnection {
-
-    private DelegateHttpsURLConnection delegate;
-
-// For both copies of the file, uncomment one line and comment the other
-//    HttpsURLConnectionImpl(URL u, Handler handler) throws IOException {
-    HttpsURLConnectionOldImpl(URL u, Handler handler) throws IOException {
-        this(u, null, handler);
-    }
-
-    static URL checkURL(URL u) throws IOException {
-        if (u != null) {
-            if (u.toExternalForm().indexOf('\n') > -1) {
-                throw new MalformedURLException("Illegal character in URL");
-            }
-        }
-        return u;
-    }
-// For both copies of the file, uncomment one line and comment the other
-//    HttpsURLConnectionImpl(URL u, Handler handler) throws IOException {
-    HttpsURLConnectionOldImpl(URL u, Proxy p, Handler handler) throws IOException {
-        super(checkURL(u));
-        delegate = new DelegateHttpsURLConnection(url, p, handler, this);
-    }
-
-    /**
-     * Create a new HttpClient object, bypassing the cache of
-     * HTTP client objects/connections.
-     *
-     * @param url       the URL being accessed
-     */
-    protected void setNewClient(URL url) throws IOException {
-        delegate.setNewClient(url, false);
-    }
-
-    /**
-     * Obtain a HttpClient object. Use the cached copy if specified.
-     *
-     * @param url       the URL being accessed
-     * @param useCache  whether the cached connection should be used
-     *                  if present
-     */
-    protected void setNewClient(URL url, boolean useCache)
-            throws IOException {
-        delegate.setNewClient(url, useCache);
-    }
-
-    /**
-     * Create a new HttpClient object, set up so that it uses
-     * per-instance proxying to the given HTTP proxy.  This
-     * bypasses the cache of HTTP client objects/connections.
-     *
-     * @param url       the URL being accessed
-     * @param proxyHost the proxy host to use
-     * @param proxyPort the proxy port to use
-     */
-    protected void setProxiedClient(URL url, String proxyHost, int proxyPort)
-            throws IOException {
-        delegate.setProxiedClient(url, proxyHost, proxyPort);
-    }
-
-    /**
-     * Obtain a HttpClient object, set up so that it uses per-instance
-     * proxying to the given HTTP proxy. Use the cached copy of HTTP
-     * client objects/connections if specified.
-     *
-     * @param url       the URL being accessed
-     * @param proxyHost the proxy host to use
-     * @param proxyPort the proxy port to use
-     * @param useCache  whether the cached connection should be used
-     *                  if present
-     */
-    protected void setProxiedClient(URL url, String proxyHost, int proxyPort,
-            boolean useCache) throws IOException {
-        delegate.setProxiedClient(url, proxyHost, proxyPort, useCache);
-    }
-
-    /**
-     * Implements the HTTP protocol handler's "connect" method,
-     * establishing an SSL connection to the server as necessary.
-     */
-    public void connect() throws IOException {
-        delegate.connect();
-    }
-
-    /**
-     * Used by subclass to access "connected" variable.  Since we are
-     * delegating the actual implementation to "delegate", we need to
-     * delegate the access of "connected" as well.
-     */
-    protected boolean isConnected() {
-        return delegate.isConnected();
-    }
-
-    /**
-     * Used by subclass to access "connected" variable.  Since we are
-     * delegating the actual implementation to "delegate", we need to
-     * delegate the access of "connected" as well.
-     */
-    protected void setConnected(boolean conn) {
-        delegate.setConnected(conn);
-    }
-
-    /**
-     * Returns the cipher suite in use on this connection.
-     */
-    public String getCipherSuite() {
-        return delegate.getCipherSuite();
-    }
-
-    /**
-     * Returns the certificate chain the client sent to the
-     * server, or null if the client did not authenticate.
-     */
-    public java.security.cert.Certificate []
-        getLocalCertificates() {
-        return delegate.getLocalCertificates();
-    }
-
-    /**
-     * Returns the server's certificate chain, or throws
-     * SSLPeerUnverified Exception if
-     * the server did not authenticate.
-     */
-    public java.security.cert.Certificate []
-        getServerCertificates() throws SSLPeerUnverifiedException {
-        return delegate.getServerCertificates();
-    }
-
-    /*
-     * Allowable input/output sequences:
-     * [interpreted as POST/PUT]
-     * - get output, [write output,] get input, [read input]
-     * - get output, [write output]
-     * [interpreted as GET]
-     * - get input, [read input]
-     * Disallowed:
-     * - get input, [read input,] get output, [write output]
-     */
-
-    public synchronized OutputStream getOutputStream() throws IOException {
-        return delegate.getOutputStream();
-    }
-
-    public synchronized InputStream getInputStream() throws IOException {
-        return delegate.getInputStream();
-    }
-
-    public InputStream getErrorStream() {
-        return delegate.getErrorStream();
-    }
-
-    /**
-     * Disconnect from the server.
-     */
-    public void disconnect() {
-        delegate.disconnect();
-    }
-
-    public boolean usingProxy() {
-        return delegate.usingProxy();
-    }
-
-    /**
-     * Returns an unmodifiable Map of the header fields.
-     * The Map keys are Strings that represent the
-     * response-header field names. Each Map value is an
-     * unmodifiable List of Strings that represents
-     * the corresponding field values.
-     *
-     * @return a Map of header fields
-     * @since 1.4
-     */
-    public Map<String,List<String>> getHeaderFields() {
-        return delegate.getHeaderFields();
-    }
-
-    /**
-     * Gets a header field by name. Returns null if not known.
-     * @param name the name of the header field
-     */
-    public String getHeaderField(String name) {
-        return delegate.getHeaderField(name);
-    }
-
-    /**
-     * Gets a header field by index. Returns null if not known.
-     * @param n the index of the header field
-     */
-    public String getHeaderField(int n) {
-        return delegate.getHeaderField(n);
-    }
-
-    /**
-     * Gets a header field by index. Returns null if not known.
-     * @param n the index of the header field
-     */
-    public String getHeaderFieldKey(int n) {
-        return delegate.getHeaderFieldKey(n);
-    }
-
-    /**
-     * Sets request property. If a property with the key already
-     * exists, overwrite its value with the new value.
-     * @param value the value to be set
-     */
-    public void setRequestProperty(String key, String value) {
-        delegate.setRequestProperty(key, value);
-    }
-
-    /**
-     * Adds a general request property specified by a
-     * key-value pair.  This method will not overwrite
-     * existing values associated with the same key.
-     *
-     * @param   key     the keyword by which the request is known
-     *                  (e.g., "<code>accept</code>").
-     * @param   value  the value associated with it.
-     * @see #getRequestProperties(java.lang.String)
-     * @since 1.4
-     */
-    public void addRequestProperty(String key, String value) {
-        delegate.addRequestProperty(key, value);
-    }
-
-    /**
-     * Overwrite super class method
-     */
-    public int getResponseCode() throws IOException {
-        return delegate.getResponseCode();
-    }
-
-    public String getRequestProperty(String key) {
-        return delegate.getRequestProperty(key);
-    }
-
-    /**
-     * Returns an unmodifiable Map of general request
-     * properties for this connection. The Map keys
-     * are Strings that represent the request-header
-     * field names. Each Map value is a unmodifiable List
-     * of Strings that represents the corresponding
-     * field values.
-     *
-     * @return  a Map of the general request properties for this connection.
-     * @throws IllegalStateException if already connected
-     * @since 1.4
-     */
-    public Map<String,List<String>> getRequestProperties() {
-        return delegate.getRequestProperties();
-    }
-
-    /*
-     * We support JDK 1.2.x so we can't count on these from JDK 1.3.
-     * We override and supply our own version.
-     */
-    public void setInstanceFollowRedirects(boolean shouldFollow) {
-        delegate.setInstanceFollowRedirects(shouldFollow);
-    }
-
-    public boolean getInstanceFollowRedirects() {
-        return delegate.getInstanceFollowRedirects();
-    }
-
-    public void setRequestMethod(String method) throws ProtocolException {
-        delegate.setRequestMethod(method);
-    }
-
-    public String getRequestMethod() {
-        return delegate.getRequestMethod();
-    }
-
-    public String getResponseMessage() throws IOException {
-        return delegate.getResponseMessage();
-    }
-
-    public long getHeaderFieldDate(String name, long Default) {
-        return delegate.getHeaderFieldDate(name, Default);
-    }
-
-    public Permission getPermission() throws IOException {
-        return delegate.getPermission();
-    }
-
-    public URL getURL() {
-        return delegate.getURL();
-    }
-
-    public int getContentLength() {
-        return delegate.getContentLength();
-    }
-
-    public long getContentLengthLong() {
-        return delegate.getContentLengthLong();
-    }
-
-    public String getContentType() {
-        return delegate.getContentType();
-    }
-
-    public String getContentEncoding() {
-        return delegate.getContentEncoding();
-    }
-
-    public long getExpiration() {
-        return delegate.getExpiration();
-    }
-
-    public long getDate() {
-        return delegate.getDate();
-    }
-
-    public long getLastModified() {
-        return delegate.getLastModified();
-    }
-
-    public int getHeaderFieldInt(String name, int Default) {
-        return delegate.getHeaderFieldInt(name, Default);
-    }
-
-    public long getHeaderFieldLong(String name, long Default) {
-        return delegate.getHeaderFieldLong(name, Default);
-    }
-
-    public Object getContent() throws IOException {
-        return delegate.getContent();
-    }
-
-    @SuppressWarnings("rawtypes")
-    public Object getContent(Class[] classes) throws IOException {
-        return delegate.getContent(classes);
-    }
-
-    public String toString() {
-        return delegate.toString();
-    }
-
-    public void setDoInput(boolean doinput) {
-        delegate.setDoInput(doinput);
-    }
-
-    public boolean getDoInput() {
-        return delegate.getDoInput();
-    }
-
-    public void setDoOutput(boolean dooutput) {
-        delegate.setDoOutput(dooutput);
-    }
-
-    public boolean getDoOutput() {
-        return delegate.getDoOutput();
-    }
-
-    public void setAllowUserInteraction(boolean allowuserinteraction) {
-        delegate.setAllowUserInteraction(allowuserinteraction);
-    }
-
-    public boolean getAllowUserInteraction() {
-        return delegate.getAllowUserInteraction();
-    }
-
-    public void setUseCaches(boolean usecaches) {
-        delegate.setUseCaches(usecaches);
-    }
-
-    public boolean getUseCaches() {
-        return delegate.getUseCaches();
-    }
-
-    public void setIfModifiedSince(long ifmodifiedsince) {
-        delegate.setIfModifiedSince(ifmodifiedsince);
-    }
-
-    public long getIfModifiedSince() {
-        return delegate.getIfModifiedSince();
-    }
-
-    public boolean getDefaultUseCaches() {
-        return delegate.getDefaultUseCaches();
-    }
-
-    public void setDefaultUseCaches(boolean defaultusecaches) {
-        delegate.setDefaultUseCaches(defaultusecaches);
-    }
-
-    /*
-     * finalize (dispose) the delegated object.  Otherwise
-     * sun.net.www.protocol.http.HttpURLConnection's finalize()
-     * would have to be made public.
-     */
-    protected void finalize() throws Throwable {
-        delegate.dispose();
-    }
-
-    public boolean equals(Object obj) {
-        return delegate.equals(obj);
-    }
-
-    public int hashCode() {
-        return delegate.hashCode();
-    }
-
-    public void setConnectTimeout(int timeout) {
-        delegate.setConnectTimeout(timeout);
-    }
-
-    public int getConnectTimeout() {
-        return delegate.getConnectTimeout();
-    }
-
-    public void setReadTimeout(int timeout) {
-        delegate.setReadTimeout(timeout);
-    }
-
-    public int getReadTimeout() {
-        return delegate.getReadTimeout();
-    }
-
-    public void setFixedLengthStreamingMode (int contentLength) {
-        delegate.setFixedLengthStreamingMode(contentLength);
-    }
-
-    public void setFixedLengthStreamingMode(long contentLength) {
-        delegate.setFixedLengthStreamingMode(contentLength);
-    }
-
-    public void setChunkedStreamingMode (int chunklen) {
-        delegate.setChunkedStreamingMode(chunklen);
-    }
-
-    @Override
-    public void setAuthenticator(Authenticator auth) {
-        delegate.setAuthenticator(auth);
-    }
-}
--- a/src/java.base/share/classes/com/sun/net/ssl/package-info.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,31 +0,0 @@
-/*
- * Copyright (c) 1999, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.  Oracle designates this
- * particular file as subject to the "Classpath" exception as provided
- * by Oracle in the LICENSE file that accompanied this code.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/**
- * Provides classes related to creating and configuring secure socket
- * factories.  These classes are used with the Sun reference
- * implementation of the Java Secure Socket Extension (JSSE).
- */
-package com.sun.net.ssl;
--- a/src/java.base/share/classes/java/security/Security.java	Fri Mar 01 08:14:29 2019 -0500
+++ b/src/java.base/share/classes/java/security/Security.java	Fri Mar 01 08:35:14 2019 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -201,7 +201,7 @@
     private static void initializeStatic() {
         props.put("security.provider.1", "sun.security.provider.Sun");
         props.put("security.provider.2", "sun.security.rsa.SunRsaSign");
-        props.put("security.provider.3", "com.sun.net.ssl.internal.ssl.Provider");
+        props.put("security.provider.3", "sun.security.ssl.SunJSSE");
         props.put("security.provider.4", "com.sun.crypto.provider.SunJCE");
         props.put("security.provider.5", "sun.security.jgss.SunProvider");
         props.put("security.provider.6", "com.sun.security.sasl.Provider");
--- a/src/java.base/share/classes/java/security/Signature.java	Fri Mar 01 08:14:29 2019 -0500
+++ b/src/java.base/share/classes/java/security/Signature.java	Fri Mar 01 08:35:14 2019 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1996, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1996, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -285,7 +285,6 @@
         signatureInfo.put("sun.security.rsa.RSASignature$SHA384withRSA", TRUE);
         signatureInfo.put("sun.security.rsa.RSASignature$SHA512withRSA", TRUE);
         signatureInfo.put("sun.security.rsa.RSAPSSSignature", TRUE);
-        signatureInfo.put("com.sun.net.ssl.internal.ssl.RSASignature", TRUE);
         signatureInfo.put("sun.security.pkcs11.P11Signature", TRUE);
     }
 
--- a/src/java.base/share/classes/sun/net/www/protocol/https/AbstractDelegateHttpsURLConnection.java	Fri Mar 01 08:14:29 2019 -0500
+++ b/src/java.base/share/classes/sun/net/www/protocol/https/AbstractDelegateHttpsURLConnection.java	Fri Mar 01 08:35:14 2019 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -71,10 +71,6 @@
      * Create a new HttpClient object, bypassing the cache of
      * HTTP client objects/connections.
      *
-     * Note: this method is changed from protected to public because
-     * the com.sun.ssl.internal.www.protocol.https handler reuses this
-     * class for its actual implemantation
-     *
      * @param url the URL being accessed
      */
     public void setNewClient (URL url)
@@ -85,10 +81,6 @@
     /**
      * Obtain a HttpClient object. Use the cached copy if specified.
      *
-     * Note: this method is changed from protected to public because
-     * the com.sun.ssl.internal.www.protocol.https handler reuses this
-     * class for its actual implemantation
-     *
      * @param url       the URL being accessed
      * @param useCache  whether the cached connection should be used
      *        if present
@@ -107,10 +99,6 @@
      * per-instance proxying to the given HTTP proxy.  This
      * bypasses the cache of HTTP client objects/connections.
      *
-     * Note: this method is changed from protected to public because
-     * the com.sun.ssl.internal.www.protocol.https handler reuses this
-     * class for its actual implemantation
-     *
      * @param url       the URL being accessed
      * @param proxyHost the proxy host to use
      * @param proxyPort the proxy port to use
@@ -125,10 +113,6 @@
      * proxying to the given HTTP proxy. Use the cached copy of HTTP
      * client objects/connections if specified.
      *
-     * Note: this method is changed from protected to public because
-     * the com.sun.ssl.internal.www.protocol.https handler reuses this
-     * class for its actual implemantation
-     *
      * @param url       the URL being accessed
      * @param proxyHost the proxy host to use
      * @param proxyPort the proxy port to use
--- a/src/java.base/share/classes/sun/net/www/protocol/https/HttpsURLConnectionImpl.java	Fri Mar 01 08:14:29 2019 -0500
+++ b/src/java.base/share/classes/sun/net/www/protocol/https/HttpsURLConnectionImpl.java	Fri Mar 01 08:35:14 2019 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -23,17 +23,7 @@
  * questions.
  */
 
-/*
- * NOTE: This class lives in the package sun.net.www.protocol.https.
- * There is a copy in com.sun.net.ssl.internal.www.protocol.https for JSSE
- * 1.0.2 compatibility. It is 100% identical except the package and extends
- * lines. Any changes should be made to be class in sun.net.* and then copied
- * to com.sun.net.*.
- */
-
-// For both copies of the file, uncomment one line and comment the other
 package sun.net.www.protocol.https;
-// package com.sun.net.ssl.internal.www.protocol.https;
 
 import java.net.URL;
 import java.net.Proxy;
@@ -64,21 +54,13 @@
  * the way to Object.
  *
  */
-
-// For both copies of the file, uncomment one line and comment the
-// other. The differences between the two copies are introduced for
-// plugin, and it is marked as such.
 public class HttpsURLConnectionImpl
         extends javax.net.ssl.HttpsURLConnection {
-// public class HttpsURLConnectionOldImpl
-//      extends com.sun.net.ssl.HttpsURLConnection {
 
     // NOTE: made protected for plugin so that subclass can set it.
     protected DelegateHttpsURLConnection delegate;
 
-// For both copies of the file, uncomment one line and comment the other
     HttpsURLConnectionImpl(URL u, Handler handler) throws IOException {
-//    HttpsURLConnectionOldImpl(URL u, Handler handler) throws IOException {
         this(u, null, handler);
     }
 
@@ -90,9 +72,8 @@
         }
         return u;
     }
-// For both copies of the file, uncomment one line and comment the other
+
     HttpsURLConnectionImpl(URL u, Proxy p, Handler handler) throws IOException {
-//    HttpsURLConnectionOldImpl(URL u, Proxy p, Handler handler) throws IOException {
         super(checkURL(u));
         delegate = new DelegateHttpsURLConnection(url, p, handler, this);
     }
--- a/src/java.base/share/classes/sun/security/jca/ProviderConfig.java	Fri Mar 01 08:14:29 2019 -0500
+++ b/src/java.base/share/classes/sun/security/jca/ProviderConfig.java	Fri Mar 01 08:35:14 2019 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2016, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -178,8 +178,12 @@
             p = new sun.security.rsa.SunRsaSign();
         } else if (provName.equals("SunJCE") || provName.equals("com.sun.crypto.provider.SunJCE")) {
             p = new com.sun.crypto.provider.SunJCE();
-        } else if (provName.equals("SunJSSE") || provName.equals("com.sun.net.ssl.internal.ssl.Provider")) {
-            p = new com.sun.net.ssl.internal.ssl.Provider();
+        } else if (provName.equals("SunJSSE") ||
+                provName.equals("com.sun.net.ssl.internal.ssl.Provider")) {
+            // com.sun.net.ssl.internal.ssl.Provider is the legacy SunJSSE
+            // provider implementation. For compatibility, let's continue to
+            // support the legacy name for a while.
+            p = new sun.security.ssl.SunJSSE();
         } else if (provName.equals("Apple") || provName.equals("apple.security.AppleProvider")) {
             // need to use reflection since this class only exists on MacOsx
             p = AccessController.doPrivileged(new PrivilegedAction<Provider>() {
--- a/src/java.base/share/classes/sun/security/ssl/SunJSSE.java	Fri Mar 01 08:14:29 2019 -0500
+++ b/src/java.base/share/classes/sun/security/ssl/SunJSSE.java	Fri Mar 01 08:35:14 2019 -0800
@@ -58,7 +58,7 @@
  * FIPS mode.
  *
  */
-public abstract class SunJSSE extends java.security.Provider {
+public class SunJSSE extends java.security.Provider {
 
     private static final long serialVersionUID = 3231825739635378733L;
 
@@ -66,9 +66,8 @@
         "(PKCS12, SunX509/PKIX key/trust factories, " +
         "SSLv3/TLSv1/TLSv1.1/TLSv1.2/TLSv1.3/DTLSv1.0/DTLSv1.2)";
 
-    protected SunJSSE() {
+    public SunJSSE() {
         super("SunJSSE", PROVIDER_VER, info);
-        subclassCheck();
         registerAlgorithms();
     }
 
@@ -136,12 +135,4 @@
         ps("KeyStore", "PKCS12",
             "sun.security.pkcs12.PKCS12KeyStore", null, null);
     }
-
-    // com.sun.net.ssl.internal.ssl.Provider has been deprecated since JDK 9
-    @SuppressWarnings("deprecation")
-    private void subclassCheck() {
-        if (getClass() != com.sun.net.ssl.internal.ssl.Provider.class) {
-            throw new AssertionError("Illegal subclass: " + getClass());
-        }
-    }
 }
--- a/test/jdk/TEST.groups	Fri Mar 01 08:14:29 2019 -0500
+++ b/test/jdk/TEST.groups	Fri Mar 01 08:35:14 2019 -0800
@@ -1,4 +1,4 @@
-#  Copyright (c) 2013, 2018, Oracle and/or its affiliates. All rights reserved.
+#  Copyright (c) 2013, 2019, Oracle and/or its affiliates. All rights reserved.
 #  DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 #
 #  This code is free software; you can redistribute it and/or modify it
@@ -214,8 +214,7 @@
     sun/security \
     -sun/security/krb5 \
     -sun/security/jgss \
-    javax/net \
-    com/sun/net/ssl
+    javax/net
 
 jdk_security4 = \
     com/sun/security/jgss \
--- a/test/jdk/com/sun/net/ssl/SSLSecurity/ComKeyManagerFactoryImpl.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,41 +0,0 @@
-/*
- * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-import java.security.*;
-import com.sun.net.ssl.*;
-
-public class ComKeyManagerFactoryImpl extends KeyManagerFactorySpi {
-
-    public ComKeyManagerFactoryImpl() {
-        System.out.println("ComKeyManagerFactoryImpl initialized");
-    }
-
-    protected void engineInit(KeyStore ks, char [] password)
-            throws KeyStoreException {
-        System.out.println("ComKeyManagerFactoryImpl init'd");
-    }
-
-    protected KeyManager[] engineGetKeyManagers()  {
-        return null;
-    }
-}
--- a/test/jdk/com/sun/net/ssl/SSLSecurity/ComSSLContextImpl.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,47 +0,0 @@
-/*
- * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-import java.security.*;
-import com.sun.net.ssl.*;
-
-public class ComSSLContextImpl extends SSLContextSpi {
-
-    public ComSSLContextImpl() {
-        System.out.println("ComSSLContextImpl initialized");
-    }
-
-    protected void engineInit(KeyManager[] km,
-           TrustManager[] tm, SecureRandom sr) throws KeyManagementException {
-        System.out.println("ComSSLContextImpl init'd");
-    }
-
-    protected javax.net.ssl.SSLSocketFactory engineGetSocketFactory() {
-        return null;
-    }
-
-    protected javax.net.ssl.SSLServerSocketFactory
-            engineGetServerSocketFactory() {
-        return null;
-    }
-
-}
--- a/test/jdk/com/sun/net/ssl/SSLSecurity/ComTrustManagerFactoryImpl.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,40 +0,0 @@
-/*
- * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-import java.security.*;
-import com.sun.net.ssl.*;
-
-public class ComTrustManagerFactoryImpl extends TrustManagerFactorySpi {
-
-    public ComTrustManagerFactoryImpl() {
-        System.out.println("ComTrustManagerFactoryImpl initialized");
-    }
-
-    protected void engineInit(KeyStore ks) throws KeyStoreException {
-        System.out.println("ComTrustManagerFactoryImpl init'd");
-    }
-
-    protected TrustManager[] engineGetTrustManagers()  {
-        return null;
-    }
-}
--- a/test/jdk/com/sun/net/ssl/SSLSecurity/JavaxKeyManagerFactoryImpl.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,45 +0,0 @@
-/*
- * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-import java.security.*;
-import javax.net.ssl.*;
-
-public class JavaxKeyManagerFactoryImpl extends KeyManagerFactorySpi {
-
-    public JavaxKeyManagerFactoryImpl () {
-        System.out.println("JavaxKeyManagerFactoryImpl initialized");
-    }
-
-    protected void engineInit(KeyStore ks, char[] passwd)
-            throws KeyStoreException {
-        System.out.println("JavaxKeyManagerFactoryImpl init'd");
-    }
-
-    protected void engineInit(ManagerFactoryParameters spec)
-            throws InvalidAlgorithmParameterException {
-    }
-
-    protected KeyManager[] engineGetKeyManagers() {
-        return null;
-    }
-}
--- a/test/jdk/com/sun/net/ssl/SSLSecurity/JavaxSSLContextImpl.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,61 +0,0 @@
-/*
- * Copyright (c) 2002, 2003, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-import java.security.*;
-import javax.net.ssl.*;
-
-public class JavaxSSLContextImpl extends SSLContextSpi {
-
-    public JavaxSSLContextImpl() {
-        System.out.println("JavaxSSLContextImpl initialized");
-    }
-
-    protected void engineInit(KeyManager[] km,
-           TrustManager[] tm, SecureRandom sr) throws KeyManagementException {
-        System.out.println("JavaxSSLContextImpl init'd");
-    }
-
-    protected SSLEngine engineCreateSSLEngine() {
-        return null;
-    }
-
-    protected SSLEngine engineCreateSSLEngine(String host, int port) {
-        return null;
-    }
-
-    protected SSLSocketFactory engineGetSocketFactory() {
-        return null;
-    }
-
-    protected SSLServerSocketFactory engineGetServerSocketFactory() {
-        return null;
-    }
-
-    protected SSLSessionContext engineGetServerSessionContext() {
-        return null;
-    }
-
-    protected SSLSessionContext engineGetClientSessionContext() {
-        return null;
-    }
-}
--- a/test/jdk/com/sun/net/ssl/SSLSecurity/JavaxTrustManagerFactoryImpl.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,44 +0,0 @@
-/*
- * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-import java.security.*;
-import javax.net.ssl.*;
-
-public class JavaxTrustManagerFactoryImpl extends TrustManagerFactorySpi {
-
-    public JavaxTrustManagerFactoryImpl () {
-        System.out.println("JavaxTrustManagerFactoryImpl initialized");
-    }
-
-    protected void engineInit(KeyStore ks) throws KeyStoreException {
-        System.out.println("JavaxTrustManagerFactoryImpl init'd");
-    }
-
-    protected void engineInit(ManagerFactoryParameters spec)
-            throws InvalidAlgorithmParameterException {
-    }
-
-    protected TrustManager[] engineGetTrustManagers() {
-        return null;
-    }
-}
--- a/test/jdk/com/sun/net/ssl/SSLSecurity/ProviderTest.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,109 +0,0 @@
-/*
- * Copyright (c) 2002, 2016, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * @test
- * @bug 4667976 8130181
- * @modules java.base/com.sun.net.ssl
- * @compile JavaxSSLContextImpl.java ComSSLContextImpl.java
- *      JavaxTrustManagerFactoryImpl.java ComTrustManagerFactoryImpl.java
- *      JavaxKeyManagerFactoryImpl.java ComKeyManagerFactoryImpl.java
- * @run main/othervm ProviderTest
- * @summary brokenness in the com.sun.net.ssl.SSLSecurity wrappers
- */
-
-import java.security.*;
-import com.sun.net.ssl.*;
-
-public class ProviderTest {
-
-    public static void main(String args[]) throws Exception {
-        SSLContext sslc;
-        TrustManagerFactory tmf;
-        KeyManagerFactory kmf;
-
-        Provider extraProvider = new MyProvider();
-        Security.addProvider(extraProvider);
-        try {
-            System.out.println("getting a javax SSLContext");
-            sslc = SSLContext.getInstance("javax");
-            sslc.init(null, null, null);
-            System.out.println("\ngetting a com SSLContext");
-            sslc = SSLContext.getInstance("com");
-            sslc.init(null, null, null);
-
-            System.out.println("\ngetting a javax TrustManagerFactory");
-            tmf = TrustManagerFactory.getInstance("javax");
-            tmf.init((KeyStore) null);
-            System.out.println("\ngetting a com TrustManagerFactory");
-            tmf = TrustManagerFactory.getInstance("com");
-            tmf.init((KeyStore) null);
-
-            System.out.println("\ngetting a javax KeyManagerFactory");
-            kmf = KeyManagerFactory.getInstance("javax");
-            kmf.init((KeyStore) null, null);
-            System.out.println("\ngetting a com KeyManagerFactory");
-            kmf = KeyManagerFactory.getInstance("com");
-            kmf.init((KeyStore) null, null);
-        } finally {
-            Security.removeProvider(extraProvider.getName());
-        }
-    }
-}
-
-class MyProvider extends Provider {
-
-    private static String info = "Brad's provider";
-
-    /**
-     * Installs the JSSE provider.
-     */
-    public static synchronized void install()
-    {
-        /* nop. Remove this method in the future. */
-    }
-
-    public MyProvider()
-    {
-        super("BRAD", "1.0", info);
-
-        AccessController.doPrivileged(new java.security.PrivilegedAction() {
-            public Object run() {
-
-                put("SSLContext.javax", "JavaxSSLContextImpl");
-                put("SSLContext.com",   "ComSSLContextImpl");
-                put("TrustManagerFactory.javax",
-                                        "JavaxTrustManagerFactoryImpl");
-                put("TrustManagerFactory.com",
-                                        "ComTrustManagerFactoryImpl");
-                put("KeyManagerFactory.javax",
-                                        "JavaxKeyManagerFactoryImpl");
-                put("KeyManagerFactory.com",
-                                        "ComKeyManagerFactoryImpl");
-
-                return null;
-            }
-        });
-
-    }
-}
--- a/test/jdk/com/sun/net/ssl/SSLSecurity/TruncateArray.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,72 +0,0 @@
-/*
- * Copyright (c) 2002, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * @test
- * @bug 4665824
- * @summary JSSE - ClassCastException with 1.4
- * @modules java.base/com.sun.net.ssl
- */
-
-import com.sun.net.ssl.*;
-
-public class TruncateArray {
-
-    public static void main(String args[]) throws Exception {
-        try {
-
-            TrustManager tms [] = new TrustManager [] {
-                new MyTM(), new MyTM(), new MyTM() };
-
-            KeyManager kms [] = new KeyManager [] {
-                new MyKM(), new MyKM(), new MyKM() };
-
-            SSLContext ctx = SSLContext.getInstance("TLS");
-            ctx.init(kms, tms, null);
-
-            KeyManagerFactory kmf = KeyManagerFactory.getInstance("SUNX509");
-            KeyManager[] km = kmf.getKeyManagers();
-
-            TrustManagerFactory tmf =
-                TrustManagerFactory.getInstance("SUNX509");
-            TrustManager[] tm = tmf.getTrustManagers();
-
-        } catch (ClassCastException e) {
-            throw e;
-        } catch (Throwable e) {
-            /*
-             * swallow anything else, we only are interested
-             * in class casting errors here.  For example, we soon
-             * may be catching methods called on uninitialized factories.
-             */
-            System.out.println("Caught something else");
-            e.printStackTrace();
-        }
-    }
-
-    static class MyTM implements TrustManager {
-    }
-
-    static class MyKM implements KeyManager {
-    }
-}
--- a/test/jdk/java/security/BasicPermission/Wildcard.java	Fri Mar 01 08:14:29 2019 -0500
+++ b/test/jdk/java/security/BasicPermission/Wildcard.java	Fri Mar 01 08:35:14 2019 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2012, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -33,8 +33,7 @@
  * @summary Check that BasicPermission subclasses don't throw exception if name
  *          contains wildcard character ("*") but does not signify a
  *          wildcard match
- * @modules java.base/com.sun.net.ssl
- *          java.sql
+ * @modules java.sql
  */
 
 public class Wildcard {
@@ -51,6 +50,5 @@
         new SQLPermission(wildcard);
         new PropertyPermission(wildcard, "read");
         new SSLPermission(wildcard);
-        new com.sun.net.ssl.SSLPermission(wildcard);
     }
 }
--- a/test/jdk/javax/net/ssl/FixingJavadocs/ComURLNulls.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,123 +0,0 @@
-/*
- * Copyright (c) 2001, 2015, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * @test
- * @bug 4387882 4451038
- * @summary Need to revisit the javadocs for JSSE, especially the
- *      promoted classes, and HttpsURLConnection.getCipherSuite throws
- *      NullPointerException
- * @modules java.base/com.sun.net.ssl
- *          java.base/com.sun.net.ssl.internal.www.protocol.https
- * @run main/othervm ComURLNulls
- *
- *     SunJSSE does not support dynamic system properties, no way to re-use
- *     system properties in samevm/agentvm mode.
- * @author Brad Wetmore
- */
-
-import java.net.*;
-import java.io.*;
-import javax.net.ssl.*;
-import com.sun.net.ssl.HttpsURLConnection;
-import com.sun.net.ssl.HostnameVerifier;
-
-/*
- * Tests that the com null argument changes made it in ok.
- */
-
-public class ComURLNulls {
-
-    private static class ComSunHTTPSHandlerFactory implements URLStreamHandlerFactory {
-        private static String SUPPORTED_PROTOCOL = "https";
-
-        public URLStreamHandler createURLStreamHandler(String protocol) {
-            if (!protocol.equalsIgnoreCase(SUPPORTED_PROTOCOL))
-                return null;
-
-            return new com.sun.net.ssl.internal.www.protocol.https.Handler();
-        }
-    }
-
-    public static void main(String[] args) throws Exception {
-        HostnameVerifier reservedHV =
-            HttpsURLConnection.getDefaultHostnameVerifier();
-        try {
-            URL.setURLStreamHandlerFactory(new ComSunHTTPSHandlerFactory());
-
-            /**
-             * This test does not establish any connection to the specified
-             * URL, hence a dummy URL is used.
-             */
-            URL foobar = new URL("https://example.com/");
-
-            HttpsURLConnection urlc =
-                (HttpsURLConnection) foobar.openConnection();
-
-            try {
-                urlc.getCipherSuite();
-            } catch (IllegalStateException e) {
-                System.out.print("Caught proper exception: ");
-                System.out.println(e.getMessage());
-            }
-
-            try {
-                urlc.getServerCertificates();
-            } catch (IllegalStateException e) {
-                System.out.print("Caught proper exception: ");
-                System.out.println(e.getMessage());
-            }
-
-            try {
-                urlc.setDefaultHostnameVerifier(null);
-            } catch (IllegalArgumentException e) {
-                System.out.print("Caught proper exception: ");
-                System.out.println(e.getMessage());
-            }
-
-            try {
-                urlc.setHostnameVerifier(null);
-            } catch (IllegalArgumentException e) {
-                System.out.print("Caught proper exception: ");
-                System.out.println(e.getMessage());
-            }
-
-            try {
-                urlc.setDefaultSSLSocketFactory(null);
-            } catch (IllegalArgumentException e) {
-                System.out.print("Caught proper exception: ");
-                System.out.println(e.getMessage());
-            }
-
-            try {
-                urlc.setSSLSocketFactory(null);
-            } catch (IllegalArgumentException e) {
-                System.out.print("Caught proper exception");
-                System.out.println(e.getMessage());
-            }
-            System.out.println("TESTS PASSED");
-        } finally {
-            HttpsURLConnection.setDefaultHostnameVerifier(reservedHV);
-        }
-    }
-}
--- a/test/jdk/javax/net/ssl/GetInstance.java	Fri Mar 01 08:14:29 2019 -0500
+++ b/test/jdk/javax/net/ssl/GetInstance.java	Fri Mar 01 08:35:14 2019 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2003, 2011, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2003, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,7 +27,6 @@
  * @summary verify getInstance() works using Provider.getService()
  *          Export "PKIX" as the standard algorithm name of KeyManagerFactory
  * @author Andreas Sterbenz
- * @modules java.base/com.sun.net.ssl
  */
 
 import java.security.*;
@@ -113,38 +112,7 @@
         tmf = TrustManagerFactory.getInstance("X.509", p);
         same(p, tmf.getProvider());
 
-        testComSun();
-
         long stop = System.currentTimeMillis();
         System.out.println("Done (" + (stop - start) + " ms).");
     }
-
-    private static void testComSun() throws Exception {
-        Provider p = Security.getProvider("SunJSSE");
-
-        com.sun.net.ssl.SSLContext context;
-        context = com.sun.net.ssl.SSLContext.getInstance("SSL");
-        same(p, context.getProvider());
-        context = com.sun.net.ssl.SSLContext.getInstance("SSL", "SunJSSE");
-        same(p, context.getProvider());
-        context = com.sun.net.ssl.SSLContext.getInstance("SSL", p);
-        same(p, context.getProvider());
-
-        com.sun.net.ssl.KeyManagerFactory kmf;
-        kmf = com.sun.net.ssl.KeyManagerFactory.getInstance("SunX509");
-        same(p, kmf.getProvider());
-        kmf = com.sun.net.ssl.KeyManagerFactory.getInstance("SunX509", "SunJSSE");
-        same(p, kmf.getProvider());
-        kmf = com.sun.net.ssl.KeyManagerFactory.getInstance("SunX509", p);
-        same(p, kmf.getProvider());
-
-        com.sun.net.ssl.TrustManagerFactory tmf;
-        tmf = com.sun.net.ssl.TrustManagerFactory.getInstance("SunX509");
-        same(p, tmf.getProvider());
-        tmf = com.sun.net.ssl.TrustManagerFactory.getInstance("SunX509", "SunJSSE");
-        same(p, tmf.getProvider());
-        tmf = com.sun.net.ssl.TrustManagerFactory.getInstance("SunX509", p);
-        same(p, tmf.getProvider());
-    }
-
 }
--- a/test/jdk/javax/net/ssl/SSLSession/CheckMyTrustedKeystore.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,407 +0,0 @@
-/*
- * Copyright (c) 2001, 2011, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-
-/*
- * @test
- * @bug 4329114
- * @summary Need better way of reflecting the reason when a chain is
- *      rejected as untrusted.
- * @modules java.base/com.sun.net.ssl
- * @ignore JSSE supports algorithm constraints with CR 6916074,
- *      need to update this test case in JDK 7 soon
- * @run main/othervm CheckMyTrustedKeystore
- *
- * @author Brad Wetmore
- */
-
-// This is a serious hack job!
-
-import java.io.*;
-import java.net.*;
-import java.security.*;
-import javax.net.ssl.*;
-import java.security.cert.*;
-
-public class CheckMyTrustedKeystore {
-
-    /*
-     * =============================================================
-     * Set the various variables needed for the tests, then
-     * specify what tests to run on each side.
-     */
-
-    /*
-     * Should we run the client or server in a separate thread?
-     * Both sides can throw exceptions, but do you have a preference
-     * as to which side should be the main thread.
-     */
-    static boolean separateServerThread = true;
-
-    /*
-     * Where do we find the keystores?
-     */
-    final static String pathToStores = "../etc";
-    final static String keyStoreFile = "keystore";
-    final static String trustStoreFile = "truststore";
-    final static String unknownStoreFile = "unknown_keystore";
-    final static String passwd = "passphrase";
-    final static char[] cpasswd = "passphrase".toCharArray();
-
-    /*
-     * Is the server ready to serve?
-     */
-    volatile static boolean serverReady = false;
-
-    /*
-     * Turn on SSL debugging?
-     */
-    final static boolean debug = false;
-
-    /*
-     * If the client or server is doing some kind of object creation
-     * that the other side depends on, and that thread prematurely
-     * exits, you may experience a hang.  The test harness will
-     * terminate all hung threads after its timeout has expired,
-     * currently 3 minutes by default, but you might try to be
-     * smart about it....
-     */
-
-    /*
-     * Define the server side of the test.
-     *
-     * If the server prematurely exits, serverReady will be set to true
-     * to avoid infinite hangs.
-     */
-    void doServerSide() throws Exception {
-        KeyStore ks = KeyStore.getInstance("JKS");
-        com.sun.net.ssl.SSLContext ctx =
-            com.sun.net.ssl.SSLContext.getInstance("TLS");
-        com.sun.net.ssl.KeyManagerFactory kmf =
-            com.sun.net.ssl.KeyManagerFactory.getInstance("SunX509");
-
-        ks.load(new FileInputStream(keyFilename), cpasswd);
-        kmf.init(ks, cpasswd);
-
-        com.sun.net.ssl.TrustManager [] tms =
-            new com.sun.net.ssl.TrustManager []
-            { new MyComX509TrustManager() };
-
-        ctx.init(kmf.getKeyManagers(), tms, null);
-
-        SSLServerSocketFactory sslssf =
-            (SSLServerSocketFactory) ctx.getServerSocketFactory();
-
-        SSLServerSocket sslServerSocket =
-            (SSLServerSocket) sslssf.createServerSocket(serverPort);
-        serverPort = sslServerSocket.getLocalPort();
-
-        sslServerSocket.setNeedClientAuth(true);
-
-        /*
-         * Create using the other type.
-         */
-        SSLContext ctx1 =
-            SSLContext.getInstance("TLS");
-        KeyManagerFactory kmf1 =
-            KeyManagerFactory.getInstance("SunX509");
-
-        TrustManager [] tms1 =
-            new TrustManager []
-            { new MyJavaxX509TrustManager() };
-
-        kmf1.init(ks, cpasswd);
-
-        ctx1.init(kmf1.getKeyManagers(), tms1, null);
-
-        sslssf = (SSLServerSocketFactory) ctx1.getServerSocketFactory();
-
-        SSLServerSocket sslServerSocket1 =
-            (SSLServerSocket) sslssf.createServerSocket(serverPort1);
-        serverPort1 = sslServerSocket1.getLocalPort();
-        sslServerSocket1.setNeedClientAuth(true);
-
-        /*
-         * Signal Client, we're ready for his connect.
-         */
-        serverReady = true;
-
-        SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
-        sslServerSocket.close();
-        serverReady = false;
-
-        InputStream sslIS = sslSocket.getInputStream();
-        OutputStream sslOS = sslSocket.getOutputStream();
-
-        sslIS.read();
-        sslOS.write(85);
-        sslOS.flush();
-        sslSocket.close();
-
-        sslSocket = (SSLSocket) sslServerSocket1.accept();
-        sslIS = sslSocket.getInputStream();
-        sslOS = sslSocket.getOutputStream();
-
-        sslIS.read();
-        sslOS.write(85);
-        sslOS.flush();
-        sslSocket.close();
-
-        System.out.println("Server exiting!");
-        System.out.flush();
-    }
-
-    void doTest(SSLSocket sslSocket) throws Exception {
-        InputStream sslIS = sslSocket.getInputStream();
-        OutputStream sslOS = sslSocket.getOutputStream();
-
-        System.out.println("  Writing");
-        sslOS.write(280);
-        sslOS.flush();
-        System.out.println("  Reading");
-        sslIS.read();
-
-        sslSocket.close();
-    }
-
-    /*
-     * Define the client side of the test.
-     *
-     * If the server prematurely exits, serverReady will be set to true
-     * to avoid infinite hangs.
-     */
-    void doClientSide() throws Exception {
-
-        /*
-         * Wait for server to get started.
-         */
-        while (!serverReady) {
-            Thread.sleep(50);
-        }
-
-        /*
-         * See if an unknown keystore actually gets checked ok.
-         */
-        System.out.println("==============");
-        System.out.println("Starting test0");
-        KeyStore uks = KeyStore.getInstance("JKS");
-        SSLContext ctx =
-            SSLContext.getInstance("TLS");
-        KeyManagerFactory kmf =
-            KeyManagerFactory.getInstance("SunX509");
-
-        uks.load(new FileInputStream(unknownFilename), cpasswd);
-        kmf.init(uks, cpasswd);
-
-        TrustManager [] tms = new TrustManager []
-            { new MyJavaxX509TrustManager() };
-
-        ctx.init(kmf.getKeyManagers(), tms, null);
-
-        SSLSocketFactory sslsf =
-            (SSLSocketFactory) ctx.getSocketFactory();
-
-        System.out.println("Trying first socket " + serverPort);
-        SSLSocket sslSocket = (SSLSocket)
-            sslsf.createSocket("localhost", serverPort);
-
-        doTest(sslSocket);
-
-        /*
-         * Now try the other way.
-         */
-        com.sun.net.ssl.SSLContext ctx1 =
-            com.sun.net.ssl.SSLContext.getInstance("TLS");
-        com.sun.net.ssl.KeyManagerFactory kmf1 =
-            com.sun.net.ssl.KeyManagerFactory.getInstance("SunX509");
-        kmf1.init(uks, cpasswd);
-
-        com.sun.net.ssl.TrustManager [] tms1 =
-            new com.sun.net.ssl.TrustManager []
-            { new MyComX509TrustManager() };
-
-        ctx1.init(kmf1.getKeyManagers(), tms1, null);
-
-        sslsf = (SSLSocketFactory) ctx1.getSocketFactory();
-
-        System.out.println("Trying second socket " + serverPort1);
-        sslSocket = (SSLSocket) sslsf.createSocket("localhost",
-            serverPort1);
-
-        doTest(sslSocket);
-        System.out.println("Completed test1");
-    }
-
-    /*
-     * =============================================================
-     * The remainder is just support stuff
-     */
-
-    int serverPort = 0;
-    int serverPort1 = 0;
-
-    volatile Exception serverException = null;
-    volatile Exception clientException = null;
-
-    final static String keyFilename =
-        System.getProperty("test.src", "./") + "/" + pathToStores +
-        "/" + keyStoreFile;
-    final static String unknownFilename =
-        System.getProperty("test.src", "./") + "/" + pathToStores +
-        "/" + unknownStoreFile;
-
-    public static void main(String[] args) throws Exception {
-
-        if (debug)
-            System.setProperty("javax.net.debug", "all");
-
-        /*
-         * Start the tests.
-         */
-        new CheckMyTrustedKeystore();
-    }
-
-    Thread clientThread = null;
-    Thread serverThread = null;
-
-    /*
-     * Primary constructor, used to drive remainder of the test.
-     *
-     * Fork off the other side, then do your work.
-     */
-    CheckMyTrustedKeystore() throws Exception {
-        if (separateServerThread) {
-            startServer(true);
-            startClient(false);
-        } else {
-            startClient(true);
-            startServer(false);
-        }
-
-        /*
-         * Wait for other side to close down.
-         */
-        if (separateServerThread) {
-            serverThread.join();
-        } else {
-            clientThread.join();
-        }
-
-        /*
-         * When we get here, the test is pretty much over.
-         *
-         * If the main thread excepted, that propagates back
-         * immediately.  If the other thread threw an exception, we
-         * should report back.
-         */
-        if (serverException != null) {
-            System.out.print("Server Exception:");
-            throw serverException;
-        }
-        if (clientException != null) {
-            System.out.print("Client Exception:");
-            throw clientException;
-        }
-    }
-
-    void startServer(boolean newThread) throws Exception {
-        if (newThread) {
-            serverThread = new Thread() {
-                public void run() {
-                    try {
-                        doServerSide();
-                    } catch (Exception e) {
-                        /*
-                         * Our server thread just died.
-                         *
-                         * Release the client, if not active already...
-                         */
-                        System.err.println("Server died...");
-                        serverReady = true;
-                        serverException = e;
-                    }
-                }
-            };
-            serverThread.start();
-        } else {
-            doServerSide();
-        }
-    }
-
-    void startClient(boolean newThread) throws Exception {
-        if (newThread) {
-            clientThread = new Thread() {
-                public void run() {
-                    try {
-                        doClientSide();
-                    } catch (Exception e) {
-                        /*
-                         * Our client thread just died.
-                         */
-                        System.err.println("Client died...");
-                        clientException = e;
-                    }
-                }
-            };
-            clientThread.start();
-        } else {
-            doClientSide();
-        }
-    }
-}
-
-class MyComX509TrustManager implements com.sun.net.ssl.X509TrustManager {
-
-    public X509Certificate[] getAcceptedIssuers() {
-        return (new X509Certificate[0]);
-    }
-
-    public boolean isClientTrusted(X509Certificate[] chain) {
-        System.out.println("    IsClientTrusted?");
-        return true;
-    }
-
-    public boolean isServerTrusted(X509Certificate[] chain) {
-        System.out.println("    IsServerTrusted?");
-        return true;
-    }
-}
-
-class MyJavaxX509TrustManager implements X509TrustManager {
-
-    public X509Certificate[] getAcceptedIssuers() {
-        return (new X509Certificate[0]);
-    }
-
-    public void checkClientTrusted(X509Certificate[] chain, String authType)
-            throws CertificateException {
-        System.out.println("    CheckClientTrusted(" + authType + ")?");
-    }
-
-    public void checkServerTrusted(X509Certificate[] chain, String authType)
-            throws CertificateException {
-        System.out.println("    CheckServerTrusted(" + authType + ")?");
-    }
-}
--- a/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/CheckMethods.java	Fri Mar 01 08:14:29 2019 -0500
+++ b/test/jdk/sun/net/www/protocol/https/HttpsURLConnection/CheckMethods.java	Fri Mar 01 08:35:14 2019 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2001, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2001, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -26,13 +26,12 @@
  * @bug 4423074
  * @summary Need to rebase all the duplicated classes from Merlin.
  *          This test will check out http POST
- * @modules java.base/sun.net.www.protocol.https java.base/com.sun.net.ssl.internal.www.protocol.https
+ * @modules java.base/sun.net.www.protocol.https
  */
 import java.net.*;
 import java.util.*;
 import java.lang.reflect.*;
 import sun.net.www.protocol.https.HttpsURLConnectionImpl;
-import com.sun.net.ssl.internal.www.protocol.https.HttpsURLConnectionOldImpl;
 
 public class CheckMethods {
     static boolean debug = false;
@@ -85,9 +84,8 @@
         }
     }
 
-    // check HttpsURLConnectionImpl and HttpsURLConnectionOldImpl
-    // contain all public and protected methods defined in
-    // HttpURLConnection and URLConnection
+    // check HttpsURLConnectionImpl contain all public and protected methods
+    // defined in HttpURLConnection and URLConnection
     public static void main(String[] args) {
         ArrayList allMethods = new ArrayList(
             Arrays.asList(HttpURLConnection.class.getDeclaredMethods()));
@@ -121,24 +119,6 @@
             throw new RuntimeException("Method definition test failed on HttpsURLConnectionImpl");
         }
 
-        // testing HttpsURLConnectionOldImpl
-        List httpsOldMethods =
-            Arrays.asList(HttpsURLConnectionOldImpl.class.getDeclaredMethods());
-
-        ArrayList httpsOldMethodSignatures = new ArrayList();
-        for (Iterator itr = httpsOldMethods.iterator(); itr.hasNext(); ) {
-            Method m = (Method)itr.next();
-            if (!Modifier.isStatic(m.getModifiers())) {
-                httpsOldMethodSignatures.add(
-                 new MethodSignature(m.getName(), m.getParameterTypes()));
-            }
-        }
-
-        if (!httpsOldMethodSignatures.containsAll(allMethodSignatures)) {
-            throw new RuntimeException("Method definition test failed" +
-                                       " on HttpsURLConnectionOldImpl");
-        }
-
         // testing for non static public field
         ArrayList allFields = new ArrayList(
             Arrays.asList(URLConnection.class.getFields()));
--- a/test/jdk/sun/net/www/protocol/https/NewImpl/ComHTTPSConnection.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,393 +0,0 @@
-/*
- * Copyright (c) 2001, 2015, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * @test
- * @bug 4474255
- * @summary Can no longer obtain a com.sun.net.ssl.HttpsURLConnection
- * @modules java.base/com.sun.net.ssl
- *          java.base/com.sun.net.ssl.internal.www.protocol.https
- * @run main/othervm ComHTTPSConnection
- *
- *     SunJSSE does not support dynamic system properties, no way to re-use
- *     system properties in samevm/agentvm mode.
- * @author Brad Wetmore
- */
-
-import java.io.*;
-import java.net.*;
-import java.security.cert.Certificate;
-import javax.net.ssl.*;
-import com.sun.net.ssl.HostnameVerifier;
-import com.sun.net.ssl.HttpsURLConnection;
-
-/**
- * See if we can obtain a com.sun.net.ssl.HttpsURLConnection,
- * and then play with it a bit.
- */
-public class ComHTTPSConnection {
-
-    /*
-     * =============================================================
-     * Set the various variables needed for the tests, then
-     * specify what tests to run on each side.
-     */
-
-    /*
-     * Should we run the client or server in a separate thread?
-     * Both sides can throw exceptions, but do you have a preference
-     * as to which side should be the main thread.
-     */
-    static boolean separateServerThread = true;
-
-    /*
-     * Where do we find the keystores?
-     */
-    static String pathToStores = "../../../../../../javax/net/ssl/etc";
-    static String keyStoreFile = "keystore";
-    static String trustStoreFile = "truststore";
-    static String passwd = "passphrase";
-
-    /*
-     * Is the server ready to serve?
-     */
-    volatile static boolean serverReady = false;
-
-    /*
-     * Turn on SSL debugging?
-     */
-    static boolean debug = false;
-
-    /*
-     * If the client or server is doing some kind of object creation
-     * that the other side depends on, and that thread prematurely
-     * exits, you may experience a hang.  The test harness will
-     * terminate all hung threads after its timeout has expired,
-     * currently 3 minutes by default, but you might try to be
-     * smart about it....
-     */
-
-    /**
-     * Returns the path to the file obtained from
-     * parsing the HTML header.
-     */
-    private static String getPath(DataInputStream in)
-        throws IOException
-    {
-        String line = in.readLine();
-        String path = "";
-        // extract class from GET line
-        if (line.startsWith("GET /")) {
-            line = line.substring(5, line.length()-1).trim();
-            int index = line.indexOf(' ');
-            if (index != -1) {
-                path = line.substring(0, index);
-            }
-        }
-
-        // eat the rest of header
-        do {
-            line = in.readLine();
-        } while ((line.length() != 0) &&
-                 (line.charAt(0) != '\r') && (line.charAt(0) != '\n'));
-
-        if (path.length() != 0) {
-            return path;
-        } else {
-            throw new IOException("Malformed Header");
-        }
-    }
-
-    /**
-     * Returns an array of bytes containing the bytes for
-     * the file represented by the argument <b>path</b>.
-     *
-     * In our case, we just pretend to send something back.
-     *
-     * @return the bytes for the file
-     * @exception FileNotFoundException if the file corresponding
-     * to <b>path</b> could not be loaded.
-     */
-    private byte[] getBytes(String path)
-        throws IOException
-    {
-        return "Hello world, I am here".getBytes();
-    }
-
-    /*
-     * Define the server side of the test.
-     *
-     * If the server prematurely exits, serverReady will be set to true
-     * to avoid infinite hangs.
-     */
-    void doServerSide() throws Exception {
-
-        SSLServerSocketFactory sslssf =
-          (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
-        SSLServerSocket sslServerSocket =
-            (SSLServerSocket) sslssf.createServerSocket(serverPort);
-        serverPort = sslServerSocket.getLocalPort();
-
-        /*
-         * Signal Client, we're ready for his connect.
-         */
-        serverReady = true;
-
-        SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
-        DataOutputStream out =
-                new DataOutputStream(sslSocket.getOutputStream());
-
-        try {
-             // get path to class file from header
-             DataInputStream in =
-                        new DataInputStream(sslSocket.getInputStream());
-             String path = getPath(in);
-             // retrieve bytecodes
-             byte[] bytecodes = getBytes(path);
-             // send bytecodes in response (assumes HTTP/1.0 or later)
-             try {
-                out.writeBytes("HTTP/1.0 200 OK\r\n");
-                out.writeBytes("Content-Length: " + bytecodes.length + "\r\n");
-                out.writeBytes("Content-Type: text/html\r\n\r\n");
-                out.write(bytecodes);
-                out.flush();
-             } catch (IOException ie) {
-                ie.printStackTrace();
-                return;
-             }
-
-        } catch (Exception e) {
-             e.printStackTrace();
-             // write out error response
-             out.writeBytes("HTTP/1.0 400 " + e.getMessage() + "\r\n");
-             out.writeBytes("Content-Type: text/html\r\n\r\n");
-             out.flush();
-        } finally {
-             // close the socket
-             System.out.println("Server closing socket");
-             sslSocket.close();
-             serverReady = false;
-        }
-    }
-
-    private static class ComSunHTTPSHandlerFactory implements URLStreamHandlerFactory {
-        private static String SUPPORTED_PROTOCOL = "https";
-
-        public URLStreamHandler createURLStreamHandler(String protocol) {
-            if (!protocol.equalsIgnoreCase(SUPPORTED_PROTOCOL))
-                return null;
-
-            return new com.sun.net.ssl.internal.www.protocol.https.Handler();
-        }
-    }
-
-    /*
-     * Define the client side of the test.
-     *
-     * If the server prematurely exits, serverReady will be set to true
-     * to avoid infinite hangs.
-     */
-    void doClientSide() throws Exception {
-        /*
-         * Wait for server to get started.
-         */
-        while (!serverReady) {
-            Thread.sleep(50);
-        }
-
-        HostnameVerifier reservedHV =
-            HttpsURLConnection.getDefaultHostnameVerifier();
-        try {
-            URL.setURLStreamHandlerFactory(new ComSunHTTPSHandlerFactory());
-            HttpsURLConnection.setDefaultHostnameVerifier(new NameVerifier());
-
-            URL url = new URL("https://" + "localhost:" + serverPort +
-                                    "/etc/hosts");
-            URLConnection urlc = url.openConnection();
-
-            if (!(urlc instanceof com.sun.net.ssl.HttpsURLConnection)) {
-                throw new Exception(
-                    "URLConnection ! instanceof " +
-                    "com.sun.net.ssl.HttpsURLConnection");
-            }
-
-            BufferedReader in = null;
-            try {
-                in = new BufferedReader(new InputStreamReader(
-                                   urlc.getInputStream()));
-                String inputLine;
-                System.out.print("Client reading... ");
-                while ((inputLine = in.readLine()) != null)
-                    System.out.println(inputLine);
-
-                System.out.println("Cipher Suite: " +
-                    ((HttpsURLConnection)urlc).getCipherSuite());
-                Certificate[] certs =
-                    ((HttpsURLConnection)urlc).getServerCertificates();
-                for (int i = 0; i < certs.length; i++) {
-                    System.out.println(certs[0]);
-                }
-
-                in.close();
-            } catch (SSLException e) {
-                if (in != null)
-                    in.close();
-                throw e;
-            }
-            System.out.println("Client reports:  SUCCESS");
-        } finally {
-            HttpsURLConnection.setDefaultHostnameVerifier(reservedHV);
-        }
-    }
-
-    static class NameVerifier implements HostnameVerifier {
-        public boolean verify(String urlHostname,
-                        String certHostname) {
-            System.out.println(
-                "CertificateHostnameVerifier: " + urlHostname + " == "
-                + certHostname + " returning true");
-            return true;
-        }
-    }
-
-    /*
-     * =============================================================
-     * The remainder is just support stuff
-     */
-
-    // use any free port by default
-    volatile int serverPort = 0;
-
-    volatile Exception serverException = null;
-    volatile Exception clientException = null;
-
-    public static void main(String[] args) throws Exception {
-        String keyFilename =
-            System.getProperty("test.src", "./") + "/" + pathToStores +
-                "/" + keyStoreFile;
-        String trustFilename =
-            System.getProperty("test.src", "./") + "/" + pathToStores +
-                "/" + trustStoreFile;
-
-        System.setProperty("javax.net.ssl.keyStore", keyFilename);
-        System.setProperty("javax.net.ssl.keyStorePassword", passwd);
-        System.setProperty("javax.net.ssl.trustStore", trustFilename);
-        System.setProperty("javax.net.ssl.trustStorePassword", passwd);
-
-        if (debug)
-            System.setProperty("javax.net.debug", "all");
-
-        /*
-         * Start the tests.
-         */
-        new ComHTTPSConnection();
-    }
-
-    Thread clientThread = null;
-    Thread serverThread = null;
-
-    /*
-     * Primary constructor, used to drive remainder of the test.
-     *
-     * Fork off the other side, then do your work.
-     */
-    ComHTTPSConnection() throws Exception {
-        if (separateServerThread) {
-            startServer(true);
-            startClient(false);
-        } else {
-            startClient(true);
-            startServer(false);
-        }
-
-        /*
-         * Wait for other side to close down.
-         */
-        if (separateServerThread) {
-            serverThread.join();
-        } else {
-            clientThread.join();
-        }
-
-        /*
-         * When we get here, the test is pretty much over.
-         *
-         * If the main thread excepted, that propagates back
-         * immediately.  If the other thread threw an exception, we
-         * should report back.
-         */
-        if (serverException != null) {
-            System.out.print("Server Exception:");
-            throw serverException;
-        }
-        if (clientException != null) {
-            System.out.print("Client Exception:");
-            throw clientException;
-        }
-    }
-
-    void startServer(boolean newThread) throws Exception {
-        if (newThread) {
-            serverThread = new Thread() {
-                public void run() {
-                    try {
-                        doServerSide();
-                    } catch (Exception e) {
-                        /*
-                         * Our server thread just died.
-                         *
-                         * Release the client, if not active already...
-                         */
-                        System.err.println("Server died...");
-                        serverReady = true;
-                        serverException = e;
-                    }
-                }
-            };
-            serverThread.start();
-        } else {
-            doServerSide();
-        }
-    }
-
-    void startClient(boolean newThread) throws Exception {
-        if (newThread) {
-            clientThread = new Thread() {
-                public void run() {
-                    try {
-                        doClientSide();
-                    } catch (Exception e) {
-                        /*
-                         * Our client thread just died.
-                         */
-                        System.err.println("Client died...");
-                        clientException = e;
-                    }
-                }
-            };
-            clientThread.start();
-        } else {
-            doClientSide();
-        }
-    }
-}
--- a/test/jdk/sun/net/www/protocol/https/NewImpl/ComHostnameVerifier.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,362 +0,0 @@
-/*
- * Copyright (c) 2001, 2018, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-// SunJSSE does not support dynamic system properties, no way to re-use
-// system properties in samevm/agentvm mode.
-
-/*
- * @test
- * @bug 4474255 4484246
- * @summary When an application enables anonymous SSL cipher suite,
- *        Hostname verification is not required
- * @modules java.base/com.sun.net.ssl
- *          java.base/com.sun.net.ssl.internal.www.protocol.https
- * @run main/othervm ComHostnameVerifier
- */
-
-import java.io.*;
-import java.net.*;
-import java.security.Security;
-import javax.net.ssl.*;
-import javax.security.cert.*;
-import com.sun.net.ssl.HostnameVerifier;
-import com.sun.net.ssl.HttpsURLConnection;
-
-/**
- * Use com.net.net.ssl.HostnameVerifier
- */
-public class ComHostnameVerifier {
-
-    /*
-     * =============================================================
-     * Set the various variables needed for the tests, then
-     * specify what tests to run on each side.
-     */
-
-    /*
-     * Should we run the client or server in a separate thread?
-     * Both sides can throw exceptions, but do you have a preference
-     * as to which side should be the main thread.
-     */
-    static boolean separateServerThread = true;
-
-    /*
-     * Is the server ready to serve?
-     */
-    volatile static boolean serverReady = false;
-
-    /*
-     * Turn on SSL debugging?
-     */
-    static boolean debug = false;
-
-    /*
-     * If the client or server is doing some kind of object creation
-     * that the other side depends on, and that thread prematurely
-     * exits, you may experience a hang.  The test harness will
-     * terminate all hung threads after its timeout has expired,
-     * currently 3 minutes by default, but you might try to be
-     * smart about it....
-     */
-
-    /**
-     * Returns the path to the file obtained from
-     * parsing the HTML header.
-     */
-    private static String getPath(DataInputStream in)
-        throws IOException
-    {
-        String line = in.readLine();
-        if (line == null)
-                return null;
-        String path = "";
-        // extract class from GET line
-        if (line.startsWith("GET /")) {
-            line = line.substring(5, line.length()-1).trim();
-            int index = line.indexOf(' ');
-            if (index != -1) {
-                path = line.substring(0, index);
-            }
-        }
-
-        // eat the rest of header
-        do {
-            line = in.readLine();
-        } while ((line.length() != 0) &&
-                 (line.charAt(0) != '\r') && (line.charAt(0) != '\n'));
-
-        if (path.length() != 0) {
-            return path;
-        } else {
-            throw new IOException("Malformed Header");
-        }
-    }
-
-    /**
-     * Returns an array of bytes containing the bytes for
-     * the file represented by the argument <b>path</b>.
-     *
-     * In our case, we just pretend to send something back.
-     *
-     * @return the bytes for the file
-     * @exception FileNotFoundException if the file corresponding
-     * to <b>path</b> could not be loaded.
-     */
-    private byte[] getBytes(String path)
-        throws IOException
-    {
-        return "Hello world, I am here".getBytes();
-    }
-
-    /*
-     * Define the server side of the test.
-     *
-     * If the server prematurely exits, serverReady will be set to true
-     * to avoid infinite hangs.
-     */
-    void doServerSide() throws Exception {
-
-        SSLServerSocketFactory sslssf =
-          (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
-        SSLServerSocket sslServerSocket =
-            (SSLServerSocket) sslssf.createServerSocket(serverPort);
-        serverPort = sslServerSocket.getLocalPort();
-
-        String ciphers[]= { "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA" };
-        sslServerSocket.setEnabledCipherSuites(ciphers);
-
-        /*
-         * Signal Client, we're ready for his connect.
-         */
-        serverReady = true;
-
-        SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
-        DataOutputStream out =
-                new DataOutputStream(sslSocket.getOutputStream());
-
-        try {
-             // get path to class file from header
-             DataInputStream in =
-                        new DataInputStream(sslSocket.getInputStream());
-             String path = getPath(in);
-             // retrieve bytecodes
-             byte[] bytecodes = getBytes(path);
-             // send bytecodes in response (assumes HTTP/1.0 or later)
-             try {
-                out.writeBytes("HTTP/1.0 200 OK\r\n");
-                out.writeBytes("Content-Length: " + bytecodes.length + "\r\n");
-                out.writeBytes("Content-Type: text/html\r\n\r\n");
-                out.write(bytecodes);
-                out.flush();
-             } catch (IOException ie) {
-                ie.printStackTrace();
-                return;
-             }
-
-        } catch (Exception e) {
-             e.printStackTrace();
-             // write out error response
-             out.writeBytes("HTTP/1.0 400 " + e.getMessage() + "\r\n");
-             out.writeBytes("Content-Type: text/html\r\n\r\n");
-             out.flush();
-        } finally {
-             // close the socket
-             System.out.println("Server closing socket");
-             sslSocket.close();
-             serverReady = false;
-        }
-    }
-
-    private static class ComSunHTTPSHandlerFactory implements URLStreamHandlerFactory {
-        private static String SUPPORTED_PROTOCOL = "https";
-
-        public URLStreamHandler createURLStreamHandler(String protocol) {
-            if (!protocol.equalsIgnoreCase(SUPPORTED_PROTOCOL))
-                return null;
-
-            return new com.sun.net.ssl.internal.www.protocol.https.Handler();
-        }
-    }
-
-    /*
-     * Define the client side of the test.
-     *
-     * If the server prematurely exits, serverReady will be set to true
-     * to avoid infinite hangs.
-     */
-    void doClientSide() throws Exception {
-        /*
-         * Wait for server to get started.
-         */
-        while (!serverReady) {
-            Thread.sleep(50);
-        }
-
-        URL.setURLStreamHandlerFactory(new ComSunHTTPSHandlerFactory());
-
-        System.setProperty("https.cipherSuites",
-                "SSL_DH_anon_WITH_3DES_EDE_CBC_SHA");
-
-        // use the default hostname verifier
-
-        URL url = new URL("https://" + "localhost:" + serverPort +
-                                "/etc/hosts");
-        URLConnection urlc = url.openConnection();
-
-        if (!(urlc instanceof com.sun.net.ssl.HttpsURLConnection)) {
-            throw new Exception(
-                "URLConnection ! instanceof " +
-                "com.sun.net.ssl.HttpsURLConnection");
-        }
-
-        BufferedReader in = null;
-        try {
-            in = new BufferedReader(new InputStreamReader(
-                               urlc.getInputStream()));
-            String inputLine;
-            System.out.print("Client reading... ");
-            while ((inputLine = in.readLine()) != null)
-                System.out.println(inputLine);
-            System.out.println("Cipher Suite: " +
-                ((HttpsURLConnection)urlc).getCipherSuite());
-            in.close();
-        } catch (SSLException e) {
-            if (in != null)
-                in.close();
-            throw e;
-        }
-        System.out.println("Client reports:  SUCCESS");
-    }
-
-    /*
-     * =============================================================
-     * The remainder is just support stuff
-     */
-
-    // use any free port by default
-    volatile int serverPort = 0;
-
-    volatile Exception serverException = null;
-    volatile Exception clientException = null;
-
-    public static void main(String[] args) throws Exception {
-        // re-enable 3DES
-        Security.setProperty("jdk.tls.disabledAlgorithms", "");
-
-        if (debug)
-            System.setProperty("javax.net.debug", "all");
-
-        /*
-         * Start the tests.
-         */
-        new ComHostnameVerifier();
-    }
-
-    Thread clientThread = null;
-    Thread serverThread = null;
-
-    /*
-     * Primary constructor, used to drive remainder of the test.
-     *
-     * Fork off the other side, then do your work.
-     */
-    ComHostnameVerifier() throws Exception {
-        if (separateServerThread) {
-            startServer(true);
-            startClient(false);
-        } else {
-            startClient(true);
-            startServer(false);
-        }
-
-        /*
-         * Wait for other side to close down.
-         */
-        if (separateServerThread) {
-            serverThread.join();
-        } else {
-            clientThread.join();
-        }
-
-        /*
-         * When we get here, the test is pretty much over.
-         *
-         * If the main thread excepted, that propagates back
-         * immediately.  If the other thread threw an exception, we
-         * should report back.
-         */
-        if (serverException != null) {
-            System.out.print("Server Exception:");
-            throw serverException;
-        }
-        if (clientException != null) {
-            System.out.print("Client Exception:");
-            throw clientException;
-        }
-    }
-
-    void startServer(boolean newThread) throws Exception {
-        if (newThread) {
-            serverThread = new Thread() {
-                public void run() {
-                    try {
-                        doServerSide();
-                    } catch (Exception e) {
-                        /*
-                         * Our server thread just died.
-                         *
-                         * Release the client, if not active already...
-                         */
-                        System.err.println("Server died...");
-                        serverReady = true;
-                        serverException = e;
-                    }
-                }
-            };
-            serverThread.start();
-        } else {
-            doServerSide();
-        }
-    }
-
-    void startClient(boolean newThread) throws Exception {
-        if (newThread) {
-            clientThread = new Thread() {
-                public void run() {
-                    try {
-                        doClientSide();
-                    } catch (Exception e) {
-                        /*
-                         * Our client thread just died.
-                         */
-                        System.err.println("Client died...");
-                        clientException = e;
-                    }
-                }
-            };
-            clientThread.start();
-        } else {
-            doClientSide();
-        }
-    }
-}
--- a/test/jdk/sun/security/ssl/X509TrustManagerImpl/CheckNullEntity.java	Fri Mar 01 08:14:29 2019 -0500
+++ b/test/jdk/sun/security/ssl/X509TrustManagerImpl/CheckNullEntity.java	Fri Mar 01 08:35:14 2019 -0800
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2005, 2007, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2005, 2019, Oracle and/or its affiliates. All rights reserved.
  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
  *
  * This code is free software; you can redistribute it and/or modify it
@@ -27,7 +27,6 @@
  * @summary unspecified exceptions in X509TrustManager.checkClient[Server]Truste
 d
  * @author Xuelei Fan
- * @modules java.base/com.sun.net.ssl.internal.ssl
  */
 
 import java.io.*;
@@ -37,8 +36,6 @@
 import java.security.*;
 import java.util.Enumeration;
 
-import com.sun.net.ssl.internal.ssl.X509ExtendedTrustManager;
-
 public class CheckNullEntity {
 
     /*
@@ -157,7 +154,7 @@
             if (trustManager instanceof X509ExtendedTrustManager) {
                 try {
                     ((X509ExtendedTrustManager)trustManager).checkClientTrusted(
-                        certChain, (String)null, "localhost", null);
+                        certChain, (String)null, (Socket)null);
                 } catch (IllegalArgumentException iae) {
                     // get the right exception
                     extFailed >>= 1;
@@ -165,7 +162,7 @@
 
                 try {
                     ((X509ExtendedTrustManager)trustManager).checkServerTrusted(
-                        certChain, (String)null, "localhost", null);
+                        certChain, (String)null, (Socket)null);
                 } catch (IllegalArgumentException iae) {
                     // get the right exception
                     extFailed >>= 1;
@@ -173,7 +170,7 @@
 
                 try {
                     ((X509ExtendedTrustManager)trustManager).checkClientTrusted(
-                        certChain, "", "localhost", null);
+                        certChain, "", (Socket)null);
                 } catch (IllegalArgumentException iae) {
                     // get the right exception
                     extFailed >>= 1;
@@ -181,7 +178,7 @@
 
                 try {
                     ((X509ExtendedTrustManager)trustManager).checkServerTrusted(
-                        certChain, "", "localhost", null);
+                        certChain, "", (Socket)null);
                 } catch (IllegalArgumentException iae) {
                     // get the right exception
                     extFailed >>= 1;
@@ -189,7 +186,7 @@
 
                 try {
                     ((X509ExtendedTrustManager)trustManager).checkClientTrusted(
-                        null, authType, "localhost", null);
+                        null, authType, (Socket)null);
                 } catch (IllegalArgumentException iae) {
                     // get the right exception
                     extFailed >>= 1;
@@ -197,7 +194,7 @@
 
                 try {
                     ((X509ExtendedTrustManager)trustManager).checkServerTrusted(
-                        null, authType, "localhost", null);
+                        null, authType, (Socket)null);
                 } catch (IllegalArgumentException iae) {
                     // get the right exception
                     extFailed >>= 1;
--- a/test/jdk/sun/security/ssl/X509TrustManagerImpl/ClientServer.java	Fri Mar 01 08:14:29 2019 -0500
+++ /dev/null	Thu Jan 01 00:00:00 1970 +0000
@@ -1,365 +0,0 @@
-/*
- * Copyright (c) 2002, 2014, Oracle and/or its affiliates. All rights reserved.
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * This code is free software; you can redistribute it and/or modify it
- * under the terms of the GNU General Public License version 2 only, as
- * published by the Free Software Foundation.
- *
- * This code is distributed in the hope that it will be useful, but WITHOUT
- * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
- * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License
- * version 2 for more details (a copy is included in the LICENSE file that
- * accompanied this code).
- *
- * You should have received a copy of the GNU General Public License version
- * 2 along with this work; if not, write to the Free Software Foundation,
- * Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
- *
- * Please contact Oracle, 500 Oracle Parkway, Redwood Shores, CA 94065 USA
- * or visit www.oracle.com if you need additional information or have any
- * questions.
- */
-
-/*
- * @test
- * @bug 4717766
- * @author Brad Wetmore
- * @summary 1.0.3 JsseX509TrustManager erroneously calls isClientTrusted()
- * @modules java.base/com.sun.net.ssl
- * @run main/manual ClientServer
- */
-
-/*
- * SunJSSE does not support dynamic system properties, no way to re-use
- * system properties in samevm/agentvm mode.
- *
- * JSSE supports algorithm constraints with CR 6916074, need to update
- * this test case in JDK 7 soon.
- *
- * This problem didn't exist in JSSE 1.4, only JSSE 1.0.3.  However,
- * this is a useful test, so I decided to include it in 1.4.2.
- */
-
-import java.io.*;
-import java.net.*;
-import javax.net.ssl.*;
-import java.security.cert.*;
-import java.security.*;
-import com.sun.net.ssl.*;
-
-public class ClientServer {
-
-    /*
-     * =============================================================
-     * Set the various variables needed for the tests, then
-     * specify what tests to run on each side.
-     */
-
-    /*
-     * Should we run the client or server in a separate thread?
-     * Both sides can throw exceptions, but do you have a preference
-     * as to which side should be the main thread.
-     */
-    static boolean separateServerThread = true;
-
-    /*
-     * Where do we find the keystores?
-     */
-    static String pathToStores = "../../../../javax/net/ssl/etc";
-    static String keyStoreFile = "keystore";
-    static String trustStoreFile = "truststore";
-    static String passwd = "passphrase";
-
-    /*
-     * Is the server ready to serve?
-     */
-    volatile static boolean serverReady = false;
-
-    /*
-     * Turn on SSL debugging?
-     */
-    static boolean debug = false;
-
-    /*
-     * If the client or server is doing some kind of object creation
-     * that the other side depends on, and that thread prematurely
-     * exits, you may experience a hang.  The test harness will
-     * terminate all hung threads after its timeout has expired,
-     * currently 3 minutes by default, but you might try to be
-     * smart about it....
-     */
-
-    /*
-     * Define the server side of the test.
-     *
-     * If the server prematurely exits, serverReady will be set to true
-     * to avoid infinite hangs.
-     */
-    void doServerSide() throws Exception {
-        SSLServerSocketFactory sslssf = getDefaultServer();
-        SSLServerSocket sslServerSocket =
-            (SSLServerSocket) sslssf.createServerSocket(serverPort);
-        serverPort = sslServerSocket.getLocalPort();
-
-        /*
-         * Signal Client, we're ready for his connect.
-         */
-        serverReady = true;
-
-        SSLSocket sslSocket = (SSLSocket) sslServerSocket.accept();
-        sslSocket.setNeedClientAuth(true);
-        InputStream sslIS = sslSocket.getInputStream();
-        OutputStream sslOS = sslSocket.getOutputStream();
-
-        sslIS.read();
-        sslOS.write(85);
-        sslOS.flush();
-
-        sslSocket.close();
-
-        if (!serverTM.wasServerChecked() && serverTM.wasClientChecked()) {
-            System.out.println("SERVER TEST PASSED!");
-        } else {
-            throw new Exception("SERVER TEST FAILED!  " +
-                !serverTM.wasServerChecked() + " " +
-                serverTM.wasClientChecked());
-        }
-    }
-
-    /*
-     * Define the client side of the test.
-     *
-     * If the server prematurely exits, serverReady will be set to true
-     * to avoid infinite hangs.
-     */
-    void doClientSide() throws Exception {
-
-        /*
-         * Wait for server to get started.
-         */
-        while (!serverReady) {
-            Thread.sleep(50);
-        }
-
-        SSLSocketFactory sslsf = getDefaultClient();
-        SSLSocket sslSocket = (SSLSocket)
-            sslsf.createSocket("localhost", serverPort);
-
-        InputStream sslIS = sslSocket.getInputStream();
-        OutputStream sslOS = sslSocket.getOutputStream();
-
-        sslOS.write(280);
-        sslOS.flush();
-        sslIS.read();
-
-        sslSocket.close();
-
-        if (clientTM.wasServerChecked() && !clientTM.wasClientChecked()) {
-            System.out.println("CLIENT TEST PASSED!");
-        } else {
-            throw new Exception("CLIENT TEST FAILED!  " +
-                clientTM.wasServerChecked() + " " +
-                !clientTM.wasClientChecked());
-        }
-    }
-
-    private com.sun.net.ssl.SSLContext getDefault(MyX509TM tm)
-            throws Exception {
-
-        String keyFilename =
-            System.getProperty("test.src", "./") + "/" + pathToStores +
-                "/" + keyStoreFile;
-        String trustFilename =
-            System.getProperty("test.src", "./") + "/" + pathToStores +
-                "/" + trustStoreFile;
-
-        char[] passphrase = "passphrase".toCharArray();
-        KeyStore ks = KeyStore.getInstance("JKS");
-        ks.load(new FileInputStream(keyFilename), passphrase);
-
-        com.sun.net.ssl.KeyManagerFactory kmf =
-            com.sun.net.ssl.KeyManagerFactory.getInstance("SunX509");
-        kmf.init(ks, passphrase);
-
-        ks = KeyStore.getInstance("JKS");
-        ks.load(new FileInputStream(trustFilename), passphrase);
-
-        com.sun.net.ssl.TrustManagerFactory tmf =
-            com.sun.net.ssl.TrustManagerFactory.getInstance("SunX509");
-        tmf.init(ks);
-
-        com.sun.net.ssl.TrustManager [] tms = tmf.getTrustManagers();
-
-        int i;
-        for (i = 0; i < tms.length; i++) {
-            if (tms[i] instanceof com.sun.net.ssl.X509TrustManager) {
-                break;
-            }
-        }
-
-        if (i >= tms.length) {
-            throw new Exception("Couldn't find X509TM");
-        }
-
-        tm.init((com.sun.net.ssl.X509TrustManager)tms[i]);
-        tms = new MyX509TM [] { tm };
-
-        com.sun.net.ssl.SSLContext ctx =
-            com.sun.net.ssl.SSLContext.getInstance("TLS");
-        ctx.init(kmf.getKeyManagers(), tms, null);
-        return ctx;
-    }
-
-    MyX509TM serverTM;
-    MyX509TM clientTM;
-
-    private SSLServerSocketFactory getDefaultServer() throws Exception {
-        serverTM = new MyX509TM();
-        return getDefault(serverTM).getServerSocketFactory();
-    }
-
-    private SSLSocketFactory getDefaultClient() throws Exception {
-        clientTM = new MyX509TM();
-        return getDefault(clientTM).getSocketFactory();
-    }
-
-    static class MyX509TM implements com.sun.net.ssl.X509TrustManager {
-
-        com.sun.net.ssl.X509TrustManager tm;
-        boolean clientChecked;
-        boolean serverChecked;
-
-        void init(com.sun.net.ssl.X509TrustManager x509TM) {
-            tm = x509TM;
-        }
-
-        public boolean wasClientChecked() {
-            return clientChecked;
-        }
-
-        public boolean wasServerChecked() {
-            return serverChecked;
-        }
-
-        public boolean isClientTrusted(X509Certificate[] chain) {
-            clientChecked = true;
-            return true;
-        }
-
-        public boolean isServerTrusted(X509Certificate[] chain) {
-            serverChecked = true;
-            return true;
-        }
-
-        public X509Certificate[] getAcceptedIssuers() {
-            return tm.getAcceptedIssuers();
-        }
-    }
-
-    /*
-     * =============================================================
-     * The remainder is just support stuff
-     */
-
-    // use any free port by default
-    volatile int serverPort = 0;
-
-    volatile Exception serverException = null;
-    volatile Exception clientException = null;
-
-    public static void main(String[] args) throws Exception {
-
-        if (debug)
-            System.setProperty("javax.net.debug", "all");
-
-        /*
-         * Start the tests.
-         */
-        new ClientServer();
-    }
-
-    Thread clientThread = null;
-    Thread serverThread = null;
-
-    /*
-     * Primary constructor, used to drive remainder of the test.
-     *
-     * Fork off the other side, then do your work.
-     */
-    ClientServer() throws Exception {
-        if (separateServerThread) {
-            startServer(true);
-            startClient(false);
-        } else {
-            startClient(true);
-            startServer(false);
-        }
-
-        /*
-         * Wait for other side to close down.
-         */
-        if (separateServerThread) {
-            serverThread.join();
-        } else {
-            clientThread.join();
-        }
-
-        /*
-         * When we get here, the test is pretty much over.
-         *
-         * If the main thread excepted, that propagates back
-         * immediately.  If the other thread threw an exception, we
-         * should report back.
-         */
-        if (serverException != null)
-            throw serverException;
-        if (clientException != null)
-            throw clientException;
-    }
-
-    void startServer(boolean newThread) throws Exception {
-        if (newThread) {
-            serverThread = new Thread() {
-                public void run() {
-                    try {
-                        doServerSide();
-                    } catch (Exception e) {
-                        /*
-                         * Our server thread just died.
-                         *
-                         * Release the client, if not active already...
-                         */
-                        System.err.println("Server died...");
-                        serverReady = true;
-                        serverException = e;
-                    }
-                }
-            };
-            serverThread.start();
-        } else {
-            doServerSide();
-        }
-    }
-
-    void startClient(boolean newThread) throws Exception {
-        if (newThread) {
-            clientThread = new Thread() {
-                public void run() {
-                    try {
-                        doClientSide();
-                    } catch (Exception e) {
-                        /*
-                         * Our client thread just died.
-                         */
-                        System.err.println("Client died...");
-                        clientException = e;
-                    }
-                }
-            };
-            clientThread.start();
-        } else {
-            doClientSide();
-        }
-    }
-}