8266459: Implement JEP 411: Deprecate the Security Manager for Removal

Co-authored-by: Sean Mullan <mullan@openjdk.org> Co-authored-by: Lance Andersen <lancea@openjdk.org> Co-authored-by: Weijun Wang <weijun@openjdk.org> Reviewed-by: erikj, darcy, chegar, naoto, joehw, alanb, mchung, kcr, prr, lancea
2025-08-27 06:45:07 +02:00 · 2021-06-02 11:57:31 +00:00 · 2021-06-02 11:57:31 +00:00 · 6765f90250
commit 6765f90250
parent 19450b9951
826 changed files with 2734 additions and 757 deletions
--- a/src/java.base/share/classes/javax/net/ssl/HttpsURLConnection.java
+++ b/src/java.base/share/classes/javax/net/ssl/HttpsURLConnection.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2018, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2021, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -230,6 +230,7 @@ public abstract class HttpsURLConnection extends HttpURLConnection {
                "no default HostnameVerifier specified");
        }

+        @SuppressWarnings("removal")
        SecurityManager sm = System.getSecurityManager();
        if (sm != null) {
            sm.checkPermission(new SSLPermission("setHostnameVerifier"));
@ -311,6 +312,7 @@ public abstract class HttpsURLConnection extends HttpURLConnection {
                "no default SSLSocketFactory specified");
        }

+        @SuppressWarnings("removal")
        SecurityManager sm = System.getSecurityManager();
        if (sm != null) {
            sm.checkSetFactory();
@ -360,6 +362,7 @@ public abstract class HttpsURLConnection extends HttpURLConnection {
                "no SSLSocketFactory specified");
        }

+        @SuppressWarnings("removal")
        SecurityManager sm = System.getSecurityManager();
        if (sm != null) {
            sm.checkSetFactory();
--- a/src/java.base/share/classes/javax/net/ssl/KeyManagerFactory.java
+++ b/src/java.base/share/classes/javax/net/ssl/KeyManagerFactory.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2021, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -62,6 +62,7 @@ public class KeyManagerFactory {
     *          {@code ssl.KeyManagerFactory.algorithm} security property, or an
     *          implementation-specific default if no such property exists.
     */
+    @SuppressWarnings("removal")
    public static final String getDefaultAlgorithm() {
        String type;
        type = AccessController.doPrivileged(new PrivilegedAction<>() {
--- a/src/java.base/share/classes/javax/net/ssl/SSLContext.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLContext.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2020, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2021, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -132,6 +132,7 @@ public class SSLContext {
        if (context == null) {
            throw new NullPointerException();
        }
+        @SuppressWarnings("removal")
        SecurityManager sm = System.getSecurityManager();
        if (sm != null) {
            sm.checkPermission(new SSLPermission("setDefaultSSLContext"));
--- a/src/java.base/share/classes/javax/net/ssl/SSLSocketFactory.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLSocketFactory.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1997, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1997, 2021, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -86,6 +86,7 @@ public abstract class SSLSocketFactory extends SocketFactory {
        }
    }

+    @SuppressWarnings("removal")
    static String getSecurityProperty(final String name) {
        return AccessController.doPrivileged(new PrivilegedAction<>() {
            @Override
--- a/src/java.base/share/classes/javax/net/ssl/TrustManagerFactory.java
+++ b/src/java.base/share/classes/javax/net/ssl/TrustManagerFactory.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2019, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2021, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -74,6 +74,7 @@ public class TrustManagerFactory {
     * {@code ssl.TrustManagerFactory.algorithm} security property, or an
     * implementation-specific default if no such property exists.
     */
+    @SuppressWarnings("removal")
    public static final String getDefaultAlgorithm() {
        String type;
        type = AccessController.doPrivileged(new PrivilegedAction<>() {