From 245a6927058fa302fe1bfda740a76e5f7df1c458 Mon Sep 17 00:00:00 2001
From: Wouter Born <github@maindrain.net>
Date: Thu, 24 Sep 2020 14:57:01 +0200
Subject: [PATCH] Remove deprecated MQTT transport code (#1668)

Related to #1408

Signed-off-by: Wouter Born <github@maindrain.net>
---
 .../transport/mqtt/MqttBrokerConnection.java  | 24 -------
 .../mqtt/ssl/CustomTrustManagerFactory.java   | 34 ----------
 .../AcceptAllCertificatesSSLContext.java      | 66 -------------------
 .../sslcontext/CustomSSLContextProvider.java  | 58 ----------------
 .../mqtt/sslcontext/SSLContextProvider.java   | 36 ----------
 5 files changed, 218 deletions(-)
 delete mode 100644 bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/sslcontext/AcceptAllCertificatesSSLContext.java
 delete mode 100644 bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/sslcontext/CustomSSLContextProvider.java
 delete mode 100644 bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/sslcontext/SSLContextProvider.java

diff --git a/bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/MqttBrokerConnection.java b/bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/MqttBrokerConnection.java
index cb0a34648..68fc769cd 100644
--- a/bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/MqttBrokerConnection.java
+++ b/bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/MqttBrokerConnection.java
@@ -38,8 +38,6 @@ import org.openhab.core.io.transport.mqtt.internal.client.MqttAsyncClientWrapper
 import org.openhab.core.io.transport.mqtt.reconnect.AbstractReconnectStrategy;
 import org.openhab.core.io.transport.mqtt.reconnect.PeriodicReconnectStrategy;
 import org.openhab.core.io.transport.mqtt.ssl.CustomTrustManagerFactory;
-import org.openhab.core.io.transport.mqtt.sslcontext.CustomSSLContextProvider;
-import org.openhab.core.io.transport.mqtt.sslcontext.SSLContextProvider;
 import org.osgi.service.cm.ConfigurationException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -91,7 +89,6 @@ public class MqttBrokerConnection {
     protected final MqttVersion mqttVersion;
 
     private @Nullable TrustManagerFactory trustManagerFactory = InsecureTrustManagerFactory.INSTANCE;
-    private SSLContextProvider sslContextProvider = new CustomSSLContextProvider(trustManagerFactory);
     protected final String clientId;
     private @Nullable String user;
     private @Nullable String password;
@@ -298,7 +295,6 @@ public class MqttBrokerConnection {
         } else {
             trustManagerFactory = null;
         }
-        sslContextProvider = new CustomSSLContextProvider(trustManagerFactory);
     }
 
     public TrustManager[] getTrustManagers() {
@@ -506,26 +502,6 @@ public class MqttBrokerConnection {
         return keepAliveInterval;
     }
 
-    /**
-     * Return the ssl context provider.
-     */
-    @Deprecated
-    public SSLContextProvider getSSLContextProvider() {
-        return sslContextProvider;
-    }
-
-    /**
-     * Set the ssl context provider. The default provider is {@see AcceptAllCertifcatesSSLContext}.
-     *
-     * @return The ssl context provider. Should not be null, but the ssl context will in fact
-     *         only be used if a ssl:// url is given.
-     */
-    @Deprecated
-    public void setSSLContextProvider(SSLContextProvider sslContextProvider) {
-        this.sslContextProvider = sslContextProvider;
-        trustManagerFactory = new CustomTrustManagerFactory(sslContextProvider);
-    }
-
     /**
      * Return true if there are subscribers registered via {@link #subscribe(String, MqttMessageSubscriber)}.
      * Call {@link #unsubscribe(String, MqttMessageSubscriber)} or {@link #unsubscribeAll()} if necessary.
diff --git a/bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/ssl/CustomTrustManagerFactory.java b/bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/ssl/CustomTrustManagerFactory.java
index e430a17c1..154527558 100644
--- a/bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/ssl/CustomTrustManagerFactory.java
+++ b/bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/ssl/CustomTrustManagerFactory.java
@@ -12,22 +12,14 @@
  */
 package org.openhab.core.io.transport.mqtt.ssl;
 
-import java.lang.reflect.Field;
 import java.security.KeyStore;
 
 import javax.net.ssl.ManagerFactoryParameters;
-import javax.net.ssl.SSLContext;
 import javax.net.ssl.TrustManager;
-import javax.net.ssl.X509TrustManager;
 
 import org.eclipse.jdt.annotation.NonNullByDefault;
 import org.eclipse.jdt.annotation.Nullable;
-import org.openhab.core.io.transport.mqtt.sslcontext.SSLContextProvider;
-import org.osgi.service.cm.ConfigurationException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
-import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
 import io.netty.handler.ssl.util.SimpleTrustManagerFactory;
 
 /**
@@ -37,38 +29,12 @@ import io.netty.handler.ssl.util.SimpleTrustManagerFactory;
  */
 @NonNullByDefault
 public class CustomTrustManagerFactory extends SimpleTrustManagerFactory {
-    private final Logger logger = LoggerFactory.getLogger(CustomTrustManagerFactory.class);
     private final TrustManager[] trustManagers;
 
     public CustomTrustManagerFactory(TrustManager[] trustManagers) {
         this.trustManagers = trustManagers;
     }
 
-    @Deprecated
-    public CustomTrustManagerFactory(SSLContextProvider contextProvider) {
-        TrustManager[] tm;
-        try {
-            SSLContext ctx = contextProvider.getContext();
-
-            // get SSLContextImpl
-            Field contextSpiField = ctx.getClass().getDeclaredField("contextSpi");
-            contextSpiField.setAccessible(true);
-            Object sslContextImpl = contextSpiField.get(ctx);
-            Class<?> sslContextImplClass = sslContextImpl.getClass().getSuperclass().getSuperclass();
-
-            // get trustmanager
-            Field trustManagerField = sslContextImplClass.getDeclaredField("trustManager");
-            trustManagerField.setAccessible(true);
-            Object trustManagerObj = trustManagerField.get(sslContextImpl);
-
-            tm = new TrustManager[] { (X509TrustManager) trustManagerObj };
-        } catch (IllegalAccessException | NoSuchFieldException | ConfigurationException e) {
-            logger.warn("using default insecure trustmanager, could not extract trustmanager from SSL context:", e);
-            tm = InsecureTrustManagerFactory.INSTANCE.getTrustManagers();
-        }
-        trustManagers = tm;
-    }
-
     @Override
     protected void engineInit(@Nullable KeyStore keyStore) throws Exception {
     }
diff --git a/bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/sslcontext/AcceptAllCertificatesSSLContext.java b/bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/sslcontext/AcceptAllCertificatesSSLContext.java
deleted file mode 100644
index 1099e7ba3..000000000
--- a/bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/sslcontext/AcceptAllCertificatesSSLContext.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/**
- * Copyright (c) 2010-2020 Contributors to the openHAB project
- *
- * See the NOTICE file(s) distributed with this work for additional
- * information.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License 2.0 which is available at
- * http://www.eclipse.org/legal/epl-2.0
- *
- * SPDX-License-Identifier: EPL-2.0
- */
-package org.openhab.core.io.transport.mqtt.sslcontext;
-
-import java.security.KeyManagementException;
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.X509Certificate;
-
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.TrustManager;
-import javax.net.ssl.X509TrustManager;
-
-import org.eclipse.jdt.annotation.NonNullByDefault;
-import org.eclipse.jdt.annotation.Nullable;
-import org.osgi.service.cm.ConfigurationException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * This SSLContextProvider returns an {@link SSLContext} that accepts all connections and doesn't perform any
- * certificate validations. This implementation forces a TLS v1.2 {@link SSLContext} instance.
- *
- * @author David Graeff - Initial contribution
- */
-@Deprecated
-@NonNullByDefault
-public class AcceptAllCertificatesSSLContext implements SSLContextProvider {
-    private final Logger logger = LoggerFactory.getLogger(AcceptAllCertificatesSSLContext.class);
-
-    TrustManager trustManager = new X509TrustManager() {
-        @Override
-        public X509Certificate[] getAcceptedIssuers() {
-            return new X509Certificate[0];
-        }
-
-        @Override
-        public void checkClientTrusted(X509Certificate @Nullable [] certs, @Nullable String authType) {
-        }
-
-        @Override
-        public void checkServerTrusted(X509Certificate @Nullable [] certs, @Nullable String authType) {
-        }
-    };
-
-    @Override
-    public SSLContext getContext() throws ConfigurationException {
-        try {
-            SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
-            sslContext.init(null, new TrustManager[] { trustManager }, null);
-            return sslContext;
-        } catch (KeyManagementException | NoSuchAlgorithmException e) {
-            logger.warn("SSL configuration failed", e);
-            throw new ConfigurationException("ssl", e.getMessage());
-        }
-    }
-}
diff --git a/bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/sslcontext/CustomSSLContextProvider.java b/bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/sslcontext/CustomSSLContextProvider.java
deleted file mode 100644
index 53074ed92..000000000
--- a/bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/sslcontext/CustomSSLContextProvider.java
+++ /dev/null
@@ -1,58 +0,0 @@
-/**
- * Copyright (c) 2010-2020 Contributors to the openHAB project
- *
- * See the NOTICE file(s) distributed with this work for additional
- * information.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License 2.0 which is available at
- * http://www.eclipse.org/legal/epl-2.0
- *
- * SPDX-License-Identifier: EPL-2.0
- */
-package org.openhab.core.io.transport.mqtt.sslcontext;
-
-import java.security.KeyManagementException;
-import java.security.NoSuchAlgorithmException;
-
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.TrustManagerFactory;
-
-import org.eclipse.jdt.annotation.NonNullByDefault;
-import org.eclipse.jdt.annotation.Nullable;
-import org.osgi.service.cm.ConfigurationException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-/**
- * This SSLContextProvider returns an {@link SSLContext} that accepts all connections and doesn't perform any
- * certificate validations. This implementation forces a TLS v1.2 {@link SSLContext} instance.
- *
- * @author Jan N. Klug - Initial contribution
- */
-@Deprecated
-@NonNullByDefault
-public class CustomSSLContextProvider implements SSLContextProvider {
-    private final Logger logger = LoggerFactory.getLogger(CustomSSLContextProvider.class);
-    private final @Nullable TrustManagerFactory factory;
-
-    public CustomSSLContextProvider(@Nullable TrustManagerFactory factory) {
-        this.factory = factory;
-    }
-
-    @Override
-    public SSLContext getContext() throws ConfigurationException {
-        try {
-            if (factory == null) {
-                return SSLContext.getDefault();
-            } else {
-                SSLContext sslContext = SSLContext.getInstance("TLSv1.2");
-                sslContext.init(null, factory.getTrustManagers(), null);
-                return sslContext;
-            }
-        } catch (KeyManagementException | NoSuchAlgorithmException e) {
-            logger.warn("SSL configuration failed", e);
-            throw new ConfigurationException("ssl", e.getMessage());
-        }
-    }
-}
diff --git a/bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/sslcontext/SSLContextProvider.java b/bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/sslcontext/SSLContextProvider.java
deleted file mode 100644
index d9f1aaeec..000000000
--- a/bundles/org.openhab.core.io.transport.mqtt/src/main/java/org/openhab/core/io/transport/mqtt/sslcontext/SSLContextProvider.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/**
- * Copyright (c) 2010-2020 Contributors to the openHAB project
- *
- * See the NOTICE file(s) distributed with this work for additional
- * information.
- *
- * This program and the accompanying materials are made available under the
- * terms of the Eclipse Public License 2.0 which is available at
- * http://www.eclipse.org/legal/epl-2.0
- *
- * SPDX-License-Identifier: EPL-2.0
- */
-package org.openhab.core.io.transport.mqtt.sslcontext;
-
-import javax.net.ssl.SSLContext;
-
-import org.eclipse.jdt.annotation.NonNullByDefault;
-import org.openhab.core.io.transport.mqtt.MqttBrokerConnection;
-import org.osgi.service.cm.ConfigurationException;
-
-/**
- * Implement this and provide a {@link SSLContext} instance to be used by the {@link MqttBrokerConnection} for secure
- * Mqtt broker connections where the URL starts with 'ssl://'. Register your implementation with
- * {@link MqttBrokerConnection.setSSLContextProvider}.
- *
- * @author David Graeff - Initial contribution
- */
-@Deprecated
-@NonNullByDefault
-public interface SSLContextProvider {
-    /**
-     * Return an {@link SSLContext} to be used by secure Mqtt broker connections. Never return null here. If you are not
-     * able to create an {@link SSLContext} instance, fail with a ConfigurationException instead.
-     */
-    SSLContext getContext() throws ConfigurationException;
-}