Restore binary compatibility with 0.3.7

Author: dwijnand

build.sbt

@@ -42,48 +42,6 @@ lazy val sslConfigCore = project.in(file("ssl-config-core"))
     OsgiKeys.exportPackage := Seq(s"com.typesafe.sslconfig.*;version=${version.value}"),
     OsgiKeys.importPackage := Seq("!sun.misc", "!sun.security.*", configImport(), "*"),
     OsgiKeys.requireCapability := """osgi.ee;filter:="(&(osgi.ee=JavaSE)(version>=1.8))"""",
-
-    mimaBinaryIssueFilters ++= Seq(
-      ProblemFilters.exclude[DirectMissingMethodProblem]("com.typesafe.sslconfig.ssl.package.foldVersion"),
-      ProblemFilters.exclude[DirectMissingMethodProblem]("com.typesafe.sslconfig.ssl.package.foldRuntime"),
-      ProblemFilters.exclude[DirectMissingMethodProblem]("com.typesafe.sslconfig.ssl.Ciphers.java16RecommendedCiphers"),
-      ProblemFilters.exclude[DirectMissingMethodProblem]("com.typesafe.sslconfig.ssl.Ciphers.java17RecommendedCiphers"),
-      ProblemFilters.exclude[MissingClassProblem]("com.typesafe.sslconfig.Base64"),
-
-      // Merge Lagom changes to KeyStore generation
-      // https://github.com/lightbend/ssl-config/pull/114
-      ProblemFilters.exclude[DirectMissingMethodProblem]("com.typesafe.sslconfig.ssl.FakeKeyStore.DnName"),
-      ProblemFilters.exclude[DirectMissingMethodProblem]("com.typesafe.sslconfig.ssl.FakeKeyStore.createSelfSignedCertificate"),
-
-      // Should've always been final
-      ProblemFilters.exclude[FinalClassProblem]("com.typesafe.sslconfig.ssl.FakeKeyStore"),
-
-      // Moved to FakeKeyStore-the-object
-      ProblemFilters.exclude[DirectMissingMethodProblem]("com.typesafe.sslconfig.ssl.FakeKeyStore.GeneratedKeyStore"),
-      ProblemFilters.exclude[DirectMissingMethodProblem]("com.typesafe.sslconfig.ssl.FakeKeyStore.SignatureAlgorithmOID"),
-      ProblemFilters.exclude[DirectMissingMethodProblem]("com.typesafe.sslconfig.ssl.FakeKeyStore.SignatureAlgorithmName"),
-
-      // Support trustStore password
-      ProblemFilters.exclude[DirectMissingMethodProblem]("com.typesafe.sslconfig.ssl.TrustStoreConfig.this"),
-      ProblemFilters.exclude[DirectMissingMethodProblem]("com.typesafe.sslconfig.ssl.TrustStoreConfig.<init>$default$3"),
-      ProblemFilters.exclude[IncompatibleResultTypeProblem]("com.typesafe.sslconfig.ssl.TrustStoreConfig.<init>$default$4"),
-
-      // DefaultHostnameVerifier was decomissioned
-      ProblemFilters.exclude[MissingClassProblem]("com.typesafe.sslconfig.ssl.DefaultHostnameVerifier"),
-
-      // Remove evil monkeypatching debug classes
-      ProblemFilters.exclude[MissingClassProblem]("com.typesafe.sslconfig.ssl.MonkeyPatcher"),
-      ProblemFilters.exclude[MissingClassProblem]("com.typesafe.sslconfig.ssl.debug.FixInternalDebugLogging"),
-      ProblemFilters.exclude[MissingClassProblem]("com.typesafe.sslconfig.ssl.debug.FixInternalDebugLogging$MonkeyPatchInternalSslDebugAction"),
-      ProblemFilters.exclude[MissingClassProblem]("com.typesafe.sslconfig.ssl.debug.FixLoggingAction"),
-      ProblemFilters.exclude[MissingClassProblem]("com.typesafe.sslconfig.ssl.debug.ClassFinder"),
-      ProblemFilters.exclude[MissingClassProblem]("com.typesafe.sslconfig.ssl.debug.FixCertpathDebugLogging$MonkeyPatchSunSecurityUtilDebugAction"),
-      ProblemFilters.exclude[MissingClassProblem]("com.typesafe.sslconfig.ssl.debug.FixCertpathDebugLogging"),
-      ProblemFilters.exclude[MissingClassProblem]("com.typesafe.sslconfig.ssl.debug.FixCertpathDebugLogging$SunSecurityUtilDebugLogger"),
-
-      // Warn on deprecated settings, using LoggerFactory.
-      ProblemFilters.exclude[DirectMissingMethodProblem]("com.typesafe.sslconfig.ssl.SSLConfigParser.this")
-    )
 ).enablePlugins(SbtOsgi)
 
 lazy val documentation = project.in(file("documentation"))

ssl-config-core/src/main/scala/com/typesafe/sslconfig/ssl/Config.scala

@@ -544,6 +544,8 @@ object SSLConfigFactory {
 
 class SSLConfigParser(c: EnrichedConfig, classLoader: ClassLoader, loggerFactory: Option[LoggerFactory]) {
 
+  def this(c: EnrichedConfig, classLoader: ClassLoader) = this(c, classLoader, None)
+
   def parse(): SSLConfigSettings = {
 
     val default = c.get[Boolean]("default")

ssl-config-core/src/main/scala/com/typesafe/sslconfig/ssl/DefaultHostnameVerifier.scala

@@ -0,0 +1,44 @@
+/*
+ * Copyright (C) 2015 - 2019 Lightbend Inc. <https://www.lightbend.com>
+ */
+
+package com.typesafe.sslconfig.ssl
+
+import java.security.Principal
+import java.security.cert.{ Certificate, CertificateException, X509Certificate }
+
+import com.typesafe.sslconfig.util.LoggerFactory
+import javax.net.ssl.{ HostnameVerifier, SSLPeerUnverifiedException, SSLSession }
+import javax.security.auth.kerberos.KerberosPrincipal
+import sun.security.util.HostnameChecker
+
+@deprecated("DefaultHostnameVerifier has been deprecated and does nothing.  Please use the javax.net.debug system property.", "0.4.0")
+class DefaultHostnameVerifier(mkLogger: LoggerFactory) extends HostnameVerifier {
+  private val logger = mkLogger(getClass)
+
+  def hostnameChecker: HostnameChecker = {
+    logger.warn("DefaultHostnameVerifier has been deprecated and does nothing.  Please use the javax.net.debug system property.")
+    HostnameChecker.getInstance(HostnameChecker.TYPE_TLS)
+  }
+
+  def matchKerberos(hostname: String, principal: Principal) = {
+    logger.warn("DefaultHostnameVerifier has been deprecated and does nothing.  Please use the javax.net.debug system property.")
+    true
+  }
+
+  def isKerberos(principal: Principal): Boolean = {
+    logger.warn("DefaultHostnameVerifier has been deprecated and does nothing.  Please use the javax.net.debug system property.")
+    true
+  }
+
+  def verify(hostname: String, session: SSLSession): Boolean = {
+    logger.warn("DefaultHostnameVerifier has been deprecated and does nothing.  Please use the javax.net.debug system property.")
+    true
+  }
+
+  /** INTERNAL API */
+  def matchCertificates(hostname: String, peerCertificates: Array[Certificate]): Boolean = {
+    logger.warn("DefaultHostnameVerifier has been deprecated and does nothing.  Please use the javax.net.debug system property.")
+    true
+  }
+}

ssl-config-core/src/main/scala/com/typesafe/sslconfig/ssl/MonkeyPatcher.scala

@@ -0,0 +1,12 @@
+/*
+ * Copyright (C) 2015 - 2019 Lightbend Inc. <https://www.lightbend.com>
+ */
+
+package com.typesafe.sslconfig.ssl
+
+import java.lang.reflect.Field
+
+@deprecated("MonkeyPatcher has been deprecated and does nothing.  Please use the javax.net.debug system property.", "0.4.0")
+trait MonkeyPatcher {
+  def monkeyPatchField(field: Field, newObject: AnyRef): Unit = ()
+}

ssl-config-core/src/main/scala/com/typesafe/sslconfig/ssl/debug/ClassFinder.scala

@@ -0,0 +1,15 @@
+/*
+ * Copyright (C) 2015 - 2019 Lightbend Inc. <https://www.lightbend.com>
+ */
+
+package com.typesafe.sslconfig.ssl.debug
+
+import com.typesafe.sslconfig.util.NoDepsLogger
+
+@deprecated("ClassFinder has been deprecated and does nothing.  Please use the javax.net.debug system property.", "0.4.0")
+trait ClassFinder {
+  def logger: NoDepsLogger
+  def initialResource: String
+  def isValidClass(className: String): Boolean
+  def findClasses: Set[Class[_]] = Set.empty
+}

ssl-config-core/src/main/scala/com/typesafe/sslconfig/ssl/debug/FixCertpathDebugLogging.scala

@@ -0,0 +1,52 @@
+/*
+ * Copyright (C) 2015 - 2019 Lightbend Inc. <https://www.lightbend.com>
+ */
+
+package com.typesafe.sslconfig.ssl.debug
+
+import java.security.AccessController
+import com.typesafe.sslconfig.util.{ LoggerFactory, NoDepsLogger }
+
+import scala.util.control.NonFatal
+import sun.security.util.Debug
+
+@deprecated("FixCertpathDebugLogging has been deprecated and does nothing.  Please use the javax.net.debug system property.", "0.4.0")
+class FixCertpathDebugLogging(mkLogger: LoggerFactory) {
+  val logger = mkLogger("com.typesafe.sslconfig.ssl.debug.FixCertpathDebugLogging")
+
+  @deprecated("MonkeyPatchSunSecurityUtilDebugAction has been deprecated and does nothing.  Please use the javax.net.debug system property.", "0.4.0")
+  class MonkeyPatchSunSecurityUtilDebugAction(val newDebug: Debug, val newOptions: String) extends FixLoggingAction {
+    val logger = mkLogger("com.typesafe.sslconfig.ssl.debug.FixCertpathDebugLogging.MonkeyPatchSunSecurityUtilDebugAction")
+
+    val initialResource = "/sun/security/provider/certpath/Builder.class"
+
+    val debugType = classOf[Debug]
+
+    def isValidClass(className: String): Boolean = {
+      logger.warn("MonkeyPatchSunSecurityUtilDebugAction has been deprecated and does nothing.  Please use the javax.net.debug system property.")
+      if (className.startsWith("java.security.cert")) return true
+      if (className.startsWith("sun.security.provider.certpath")) return true
+      if (className.equals("sun.security.x509.InhibitAnyPolicyExtension")) return true
+      false
+    }
+
+    def isUsingDebug: Boolean = {
+      logger.warn("MonkeyPatchSunSecurityUtilDebugAction has been deprecated and does nothing.  Please use the javax.net.debug system property.")
+      (newOptions != null) && newOptions.contains("certpath")
+    }
+
+    def run(): Unit = {
+      logger.warn("MonkeyPatchSunSecurityUtilDebugAction has been deprecated and does nothing.  Please use the javax.net.debug system property.")
+    }
+  }
+
+  @deprecated("SunSecurityUtilDebugLogger has been deprecated and does nothing.  Please use the javax.net.debug system property.", "0.4.0")
+  class SunSecurityUtilDebugLogger(logger: NoDepsLogger) extends sun.security.util.Debug {
+    override def println(message: String): Unit = ()
+    override def println(): Unit = ()
+  }
+
+  def apply(newOptions: String, debugOption: Option[Debug] = None): Unit = {
+    logger.warn("FixCertpathDebugLogging has been deprecated and does nothing.  Please use the javax.net.debug system property.")
+  }
+}

ssl-config-core/src/main/scala/com/typesafe/sslconfig/ssl/debug/FixInternalDebugLogging.scala

@@ -0,0 +1,44 @@
+/*
+ * Copyright (C) 2015 - 2019 Lightbend Inc. <https://www.lightbend.com>
+ */
+
+package com.typesafe.sslconfig.ssl.debug
+
+import com.typesafe.sslconfig.util.LoggerFactory
+
+@deprecated("FixInternalDebugLogging has been deprecated and does nothing.  Please use the javax.net.debug system property.", "0.4.0")
+class FixInternalDebugLogging(mkLogger: LoggerFactory) {
+  private val logger = mkLogger("com.typesafe.sslconfig.ssl.debug.FixInternalDebugLogging")
+
+  @deprecated("MonkeyPatchInternalSslDebugAction has been deprecated and does nothing.  Please use the javax.net.debug system property.", "0.4.0")
+  class MonkeyPatchInternalSslDebugAction(val newOptions: String) extends FixLoggingAction {
+    override val logger = mkLogger("com.typesafe.sslconfig.ssl.debug.FixInternalDebugLogging.MonkeyPatchInternalSslDebugAction")
+
+    val initialResource = "/sun/security/ssl/Debug.class"
+    val debugClassName = "sun.security.ssl.Debug"
+
+    def isValidClass(className: String): Boolean = {
+      logger.warn("MonkeyPatchInternalSslDebugAction has been deprecated and does nothing.  Please use the javax.net.debug system property.")
+      if (className.startsWith("com.sun.net.ssl.internal.ssl")) return true
+      if (className.startsWith("sun.security.ssl")) return true
+      false
+    }
+
+    def isUsingDebug: Boolean = {
+      logger.warn("MonkeyPatchInternalSslDebugAction has been deprecated and does nothing.  Please use the javax.net.debug system property.")
+      (newOptions != null) && (!newOptions.isEmpty)
+    }
+
+    def run(): Unit = {
+      logger.warn("MonkeyPatchInternalSslDebugAction has been deprecated and does nothing.  Please use the javax.net.debug system property.")
+    }
+
+    def apply(newOptions: String): Unit = {
+      logger.warn("MonkeyPatchInternalSslDebugAction has been deprecated and does nothing.  Please use the javax.net.debug system property.")
+    }
+  }
+
+  def apply(newOptions: String): Unit = {
+    logger.warn("FixInternalDebugLogging has been deprecated and does nothing.  Please use the javax.net.debug system property.")
+  }
+}

ssl-config-core/src/main/scala/com/typesafe/sslconfig/ssl/debug/FixLoggingAction.scala

@@ -0,0 +1,19 @@
+/*
+ * Copyright (C) 2015 - 2019 Lightbend Inc. <https://www.lightbend.com>
+ */
+
+package com.typesafe.sslconfig.ssl.debug
+
+import java.lang.reflect.Field
+import java.security.PrivilegedExceptionAction
+import com.typesafe.sslconfig.ssl.MonkeyPatcher
+
+@deprecated("FixLoggingAction has been deprecated and does nothing.  Please use the javax.net.debug system property.", "0.4.0")
+abstract class FixLoggingAction extends PrivilegedExceptionAction[Unit] with MonkeyPatcher with ClassFinder {
+  def newOptions: String
+
+  def isValidField(field: Field, definedType: Class[_]): Boolean = {
+    logger.warn("DebugConfiguration has been deprecated and does nothing.  Please use the javax.net.debug system property.")
+    false
+  }
+}