[jira] [Comment Edited] (HTTPCORE-664) WARNING: Illegal reflective access by org.apache.hc.core5.util.ReflectionUtils$1 (file:/mnt/blah.jar) to method sun.security.ssl.SSLEngineImpl.getApplicationProtocol()

[Jean-Noel Rouvignac (Jira)]

    [ 
https://issues.apache.org/jira/browse/HTTPCORE-664?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17277001#comment-17277001
 ] 

Jean-Noel Rouvignac edited comment on HTTPCORE-664 at 2/2/21, 9:59 AM:
-----------------------------------------------------------------------

Commercial. Ah! License... I forgot. I am going to remove the comment.


was (Author: jnrouvignac):
Commercial.

> WARNING: Illegal reflective access by 
> org.apache.hc.core5.util.ReflectionUtils$1 (file:/mnt/blah.jar) to method 
> sun.security.ssl.SSLEngineImpl.getApplicationProtocol()
> -----------------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: HTTPCORE-664
>                 URL: https://issues.apache.org/jira/browse/HTTPCORE-664
>             Project: HttpComponents HttpCore
>          Issue Type: Bug
>          Components: HttpCore
>    Affects Versions: 5.0.3
>         Environment: Java 11
>            Reporter: Jean-Noel Rouvignac
>            Priority: Major
>
> Using httpcore5 with Java 11, we noticed the code is reporting the following 
> warning reported by the JVM:
> {noformat}
> 11:50:19 WARNING: An illegal reflective access operation has occurred
> 11:50:19 WARNING: Illegal reflective access by 
> org.apache.hc.core5.util.ReflectionUtils$1 (file:/mnt/blah.jar) to method 
> sun.security.ssl.SSLEngineImpl.getApplicationProtocol()
> 11:50:19 WARNING: Please consider reporting this to the maintainers of 
> org.apache.hc.core5.util.ReflectionUtils$1
> 11:50:19 WARNING: Use --illegal-access=warn to enable warnings of further 
> illegal reflective access operations
> 11:50:19 WARNING: All illegal access operations will be denied in a future 
> release
> {noformat}
> This illegal access should not be performed at all. I have not yet looked at 
> the code to see how it can be avoided / removed.
>  
> The likely cause of this message is the following code in 
> [{{SSLIOSession.doHandshake()}}|https://github.com/apache/httpcomponents-core/blob/master/httpcore5/src/main/java/org/apache/hc/core5/reactor/ssl/SSLIOSession.java#L390]:
> {code:java}
>                     if (this.tlsDetails == null) {
>                         final SSLSession sslSession = 
> this.sslEngine.getSession();
>                         final String applicationProtocol = 
> ReflectionUtils.callGetter(this.sslEngine, "ApplicationProtocol", 
> String.class);
>                         this.tlsDetails = new TlsDetails(sslSession, 
> applicationProtocol);           
>                     }
> {code}



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@hc.apache.org
For additional commands, e-mail: dev-h...@hc.apache.org