8344366: Remove Security Manager dependencies from javax.net.ssl and sun.security.ssl packages

Reviewed-by: coffeys, ascarpino, hchao
2025-08-26 22:34:27 +02:00 · 2024-11-25 13:10:59 +00:00 · 2024-11-25 13:10:59 +00:00 · ddc8a9d5da
commit ddc8a9d5da
parent 965aace297
26 changed files with 147 additions and 440 deletions
--- a/src/java.base/share/classes/javax/net/ssl/HttpsURLConnection.java
+++ b/src/java.base/share/classes/javax/net/ssl/HttpsURLConnection.java
@ -227,11 +227,6 @@ public abstract class HttpsURLConnection extends HttpURLConnection {
                "no default HostnameVerifier specified");
        }

-        @SuppressWarnings("removal")
-        SecurityManager sm = System.getSecurityManager();
-        if (sm != null) {
-            sm.checkPermission(new SSLPermission("setHostnameVerifier"));
-        }
        defaultHostnameVerifier = v;
    }

@ -306,11 +301,6 @@ public abstract class HttpsURLConnection extends HttpURLConnection {
                "no default SSLSocketFactory specified");
        }

-        @SuppressWarnings("removal")
-        SecurityManager sm = System.getSecurityManager();
-        if (sm != null) {
-            sm.checkSetFactory();
-        }
        defaultSSLSocketFactory = sf;
    }

@ -353,11 +343,6 @@ public abstract class HttpsURLConnection extends HttpURLConnection {
                "no SSLSocketFactory specified");
        }

-        @SuppressWarnings("removal")
-        SecurityManager sm = System.getSecurityManager();
-        if (sm != null) {
-            sm.checkSetFactory();
-        }
        sslSocketFactory = sf;
    }

--- a/src/java.base/share/classes/javax/net/ssl/KeyManagerFactory.java
+++ b/src/java.base/share/classes/javax/net/ssl/KeyManagerFactory.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2024, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -25,7 +25,6 @@

 package javax.net.ssl;

-import java.security.Security;
 import java.security.*;
 import java.util.Objects;

@ -62,11 +61,8 @@ public class KeyManagerFactory {
     *          {@code ssl.KeyManagerFactory.algorithm} security property, or an
     *          implementation-specific default if no such property exists.
     */
-    @SuppressWarnings("removal")
    public static final String getDefaultAlgorithm() {
-        String type;
-        type = AccessController.doPrivileged((PrivilegedAction<String>) () ->
-            Security.getProperty("ssl.KeyManagerFactory.algorithm"));
+        String type = Security.getProperty("ssl.KeyManagerFactory.algorithm");
        if (type == null) {
            type = "SunX509";
        }
--- a/src/java.base/share/classes/javax/net/ssl/SSLContext.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLContext.java
@ -129,11 +129,6 @@ public class SSLContext {
        if (context == null) {
            throw new NullPointerException();
        }
-        @SuppressWarnings("removal")
-        SecurityManager sm = System.getSecurityManager();
-        if (sm != null) {
-            sm.checkPermission(new SSLPermission("setDefaultSSLContext"));
-        }

        defaultContext = context;
    }
--- a/src/java.base/share/classes/javax/net/ssl/SSLSocketFactory.java
+++ b/src/java.base/share/classes/javax/net/ssl/SSLSocketFactory.java
@ -33,8 +33,6 @@ import java.io.InputStream;
 import java.security.*;
 import java.util.Locale;

-import sun.security.action.GetPropertyAction;
-
 /**
 * <code>SSLSocketFactory</code>s create <code>SSLSocket</code>s.
 *
@ -46,7 +44,7 @@ public abstract class SSLSocketFactory extends SocketFactory {
    static final boolean DEBUG;

    static {
-        String s = GetPropertyAction.privilegedGetProperty(
+        String s = System.getProperty(
                "javax.net.debug", "").toLowerCase(Locale.ENGLISH);
        DEBUG = s.contains("all") || s.contains("ssl");
    }
@ -86,18 +84,15 @@ public abstract class SSLSocketFactory extends SocketFactory {
        }
    }

-    @SuppressWarnings("removal")
    static String getSecurityProperty(final String name) {
-        return AccessController.doPrivileged((PrivilegedAction<String>) () -> {
-            String s = Security.getProperty(name);
-            if (s != null) {
-                s = s.trim();
-                if (s.isEmpty()) {
-                    s = null;
-                }
+        String s = Security.getProperty(name);
+        if (s != null) {
+            s = s.trim();
+            if (s.isEmpty()) {
+                s = null;
            }
-            return s;
-        });
+        }
+        return s;
    }

    /**
--- a/src/java.base/share/classes/javax/net/ssl/TrustManagerFactory.java
+++ b/src/java.base/share/classes/javax/net/ssl/TrustManagerFactory.java
@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999, 2022, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 1999, 2024, Oracle and/or its affiliates. All rights reserved.
 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
 *
 * This code is free software; you can redistribute it and/or modify it
@ -25,7 +25,6 @@

 package javax.net.ssl;

-import java.security.Security;
 import java.security.*;
 import java.util.Objects;

@ -74,11 +73,8 @@ public class TrustManagerFactory {
     * {@code ssl.TrustManagerFactory.algorithm} security property, or an
     * implementation-specific default if no such property exists.
     */
-    @SuppressWarnings("removal")
    public static final String getDefaultAlgorithm() {
-        String type;
-        type = AccessController.doPrivileged((PrivilegedAction<String>) () ->
-            Security.getProperty( "ssl.TrustManagerFactory.algorithm"));
+        String type = Security.getProperty("ssl.TrustManagerFactory.algorithm");
        if (type == null) {
            type = "SunX509";
        }