search

narupley / not-going-to-be-commons-ssl

A Java 9, 10, 11+ compliant fork of Not-Yet-Commons-SSL
Apache License 2.0
15 stars 7 forks source link

Illegal reflective access #1

Open fhoeben opened 5 years ago

fhoeben commented 5 years ago

First of thanks for this port. I have to use a 3rd party library which depends on not yet commons and now I can use it on Java 11!

But when I use the library I get a console message. This suggests it will not work in future Java version...

WARNING: An illegal reflective access operation has occurred
WARNING: Illegal reflective access by org.apache.commons.ssl.Java14 (file:/Users/fried/.gradle/caches/modules-2/files-2.1/com.narupley/not-going-to-be-commons-ssl/0.3.18/5bf11e76817939747249e9ff60597cf1e9e0fd45/not-going-to-be-commons-ssl-0.3.18.jar) to method sun.security.ssl.SSLSocketImpl.setHost(java.lang.String)
WARNING: Please consider reporting this to the maintainers of org.apache.commons.ssl.Java14
WARNING: Use --illegal-access=warn to enable warnings of further illegal reflective access operations
WARNING: All illegal access operations will be denied in a future release
Kish-Jadhav commented 5 years ago

Are you using this in production?

fhoeben commented 5 years ago

Not yet. But we are evaluating that 3rd party library for production use. And until they have a version not using 'not yet commons'....

narupley commented 5 years ago

That setHost call may have been done reflectively to support older versions of Java. I know the proper way today to set the SNI extension is through the SSLParameters. Since this is being compiled and built with Java 8 anyway, it's probably safe to set that as the minimum supported version. So we should be able to get rid of that reflective call and set the SNI host properly.