Suppress JDK 24 deprecation/removal warnings

build.xml

@@ -297,6 +297,7 @@
                classpathref="classpath"
                includeantruntime="false">
             <compilerarg value="-Xlint:-options"/>
+            <compilerarg value="-Xlint:-path"/>
         </javac>
     </target>
 

src/java/com/wolfssl/WolfCryptEccKey.java

@@ -110,7 +110,7 @@ public byte[] getPrivateKeyPKCS8() {
         return EccPrivateKeyToPKCS8(getEccKeyPtr());
     }
 
-    @SuppressWarnings("deprecation")
+    @SuppressWarnings({"deprecation", "removal"})
     @Override
     protected void finalize() throws Throwable
     {

src/java/com/wolfssl/WolfSSL.java

@@ -2024,7 +2024,7 @@ protected static int getNamedGroupFromString(String curveName) {
         }
     }
 
-    @SuppressWarnings("deprecation")
+    @SuppressWarnings({"deprecation", "removal"})
     @Override
     protected void finalize() throws Throwable
     {

src/java/com/wolfssl/WolfSSLCRL.java

@@ -880,7 +880,7 @@ public synchronized void free() {
         }
     }
 
-    @SuppressWarnings("deprecation")
+    @SuppressWarnings({"deprecation", "removal"})
     @Override
     protected void finalize() throws Throwable {
         this.free();

src/java/com/wolfssl/WolfSSLCertManager.java

@@ -335,7 +335,7 @@ public synchronized void free() throws IllegalStateException {
         }
     }
 
-    @SuppressWarnings("deprecation")
+    @SuppressWarnings({"deprecation", "removal"})
     @Override
     protected void finalize() throws Throwable
     {

src/java/com/wolfssl/WolfSSLCertRequest.java

@@ -853,7 +853,7 @@ public synchronized void free() {
         }
     }
 
-    @SuppressWarnings("deprecation")
+    @SuppressWarnings({"deprecation", "removal"})
     @Override
     protected void finalize() throws Throwable
     {

src/java/com/wolfssl/WolfSSLCertificate.java

@@ -2624,7 +2624,7 @@ public synchronized void free() {
         }
     }
 
-    @SuppressWarnings("deprecation")
+    @SuppressWarnings({"deprecation", "removal"})
     @Override
     protected void finalize() throws Throwable
     {

src/java/com/wolfssl/WolfSSLContext.java

@@ -2546,7 +2546,7 @@ WolfSSLDebug.INFO, getContextPtr(),
         flushSessions(getContextPtr(), tm);
     }
 
-    @SuppressWarnings("deprecation")
+    @SuppressWarnings({"deprecation", "removal"})
     @Override
     protected void finalize() throws Throwable
     {

src/java/com/wolfssl/WolfSSLDebug.java

@@ -213,6 +213,7 @@ public String format(LogRecord record) {
             Level level = record.getLevel();
             String levelStr = (level != null) ? level.toString() : "UNKNOWN";
 
+            @SuppressWarnings("deprecation")
             long threadId = record.getThreadID();
             String message = record.getMessage();
             if (message == null) {
@@ -233,6 +234,7 @@ public String format(LogRecord record) {
      * JSON formatter for wolfSSL logs
      */
     private static class JSONFormatter extends Formatter {
+        @SuppressWarnings("deprecation")
         @Override
         public String format(LogRecord record) {
             if (record == null) {

src/java/com/wolfssl/WolfSSLNameConstraints.java

@@ -239,7 +239,7 @@ public void free() {
     }
 
     @Override
-    @SuppressWarnings("deprecation")
+    @SuppressWarnings({"deprecation", "removal"})
     protected void finalize() throws Throwable {
         try {
             free();

src/java/com/wolfssl/WolfSSLNativeLoggingCallback.java

@@ -33,6 +33,7 @@
  */
 class WolfSSLNativeLoggingCallback implements WolfSSLLoggingCallback
 {
+    @SuppressWarnings("deprecation")
     public synchronized void loggingCallback(int logLevel, String logMessage) {
 
         System.err.println(

src/java/com/wolfssl/WolfSSLSession.java

@@ -5910,7 +5910,7 @@ public synchronized long sessionFromDer(byte[] data)
         }
     }
 
-    @SuppressWarnings("deprecation")
+    @SuppressWarnings({"deprecation", "removal"})
     @Override
     protected void finalize() throws Throwable
     {

src/java/com/wolfssl/WolfSSLX509Name.java

@@ -626,7 +626,7 @@ public synchronized void free() {
         }
     }
 
-    @SuppressWarnings("deprecation")
+    @SuppressWarnings({"deprecation", "removal"})
     @Override
     protected void finalize() throws Throwable
     {

src/java/com/wolfssl/provider/jsse/WolfSSLAuthStore.java

@@ -789,7 +789,7 @@ protected boolean removeEldestEntry(Map.Entry<K, V> oldest) {
         }
     }
 
-    @SuppressWarnings("deprecation")
+    @SuppressWarnings({"deprecation", "removal"})
     @Override
     protected synchronized void finalize() throws Throwable {
         /* Clear LinkedHashMap and set to null to allow

src/java/com/wolfssl/provider/jsse/WolfSSLContext.java

@@ -601,7 +601,7 @@ protected com.wolfssl.WolfSSLContext getInternalWolfSSLContext() {
         return this.ctx;
     }
 
-    @SuppressWarnings("deprecation")
+    @SuppressWarnings({"deprecation", "removal"})
     @Override
     protected void finalize() throws Throwable {
         if (this.ctx != null) {

src/java/com/wolfssl/provider/jsse/WolfSSLEngine.java

@@ -2806,7 +2806,7 @@ public int sessionTicketCallback(WolfSSLSession ssl, byte[] ticket,
         }
     }
 
-    @SuppressWarnings("deprecation")
+    @SuppressWarnings({"deprecation", "removal"})
     @Override
     protected synchronized void finalize() throws Throwable {
         if (this.ssl != null) {

src/java/com/wolfssl/provider/jsse/WolfSSLEngineHelper.java

@@ -1971,7 +1971,7 @@ protected synchronized void clearObjectState() {
         this.authStore = null;
     }
 
-    @SuppressWarnings("deprecation")
+    @SuppressWarnings({"deprecation", "removal"})
     @Override
     protected synchronized void finalize() throws Throwable {
 

src/java/com/wolfssl/provider/jsse/WolfSSLImplementSSLSession.java

@@ -622,6 +622,7 @@ public Certificate[] getLocalCertificates() {
         return km.getCertificateChain(authStore.getCertAlias());
     }
 
+    @SuppressWarnings("removal")
     @Override
     public synchronized javax.security.cert.X509Certificate[]
         getPeerCertificateChain() throws SSLPeerUnverifiedException {
@@ -1181,7 +1182,7 @@ public synchronized List<SNIServerName> getRequestedServerNames()
         return Collections.emptyList();
     }
 
-    @SuppressWarnings("deprecation")
+    @SuppressWarnings({"deprecation", "removal"})
     @Override
     protected synchronized void finalize() throws Throwable
     {

src/java/com/wolfssl/provider/jsse/WolfSSLInternalVerifyCb.java

@@ -446,6 +446,7 @@ else if (eng != null) {
      *         SSL/TLS handshake should continue. Otherwise return 0
      *         to mark verification failure and stop/abort handshake.
      */
+    @SuppressWarnings("deprecation")
     public int verifyCallback(int preverify_ok, long x509StorePtr) {
 
         WolfSSLCertificate[] certs = null;

src/java/com/wolfssl/provider/jsse/WolfSSLKeyX509.java

@@ -22,7 +22,6 @@
 package com.wolfssl.provider.jsse;
 
 import java.net.Socket;
-import java.security.AccessController;
 import java.security.KeyStore;
 import java.security.KeyStoreException;
 import java.security.Principal;
@@ -90,9 +89,11 @@ public WolfSSLKeyX509(KeyStore store, char[] password)
             () -> "creating new WolfSSLKeyX509 object");
 
         /* Check Security property once at construction time.
-         * Use doPrivileged for SecurityManager compatibility. */
+         * Use doPrivileged for SecurityManager compatibility.
+         * AccessController used via FQN to avoid import-line removal
+         * warning on JDK 17+. */
         @SuppressWarnings("removal")
-        String disableCacheValue = AccessController.doPrivileged(
+        String disableCacheValue = java.security.AccessController.doPrivileged(
             new PrivilegedAction<String>() {
                 public String run() {
                     return Security.getProperty(DISABLE_CACHE_PROPERTY);
@@ -215,6 +216,7 @@ private void populateCache(KeyStore store, char[] password)
      * null - if no alias matches found in KeyStore.
      * String[] - aliases, if found that match type and/or issuers
      */
+    @SuppressWarnings("deprecation")
     private String[] getAliasesFromKeyStore(String type, Principal[] issuers)
         throws KeyStoreException {
 
@@ -286,6 +288,7 @@ private String[] getAliasesFromKeyStore(String type, Principal[] issuers)
      * null - if no alias matches found.
      * String[] - aliases, if found that match type and/or issuers
      */
+    @SuppressWarnings("deprecation")
     private String[] getAliases(String type, Principal[] issuers) {
 
         /* Check if caching is disabled, use direct KeyStore access */
@@ -555,6 +558,7 @@ public PrivateKey getPrivateKey(String alias) {
     /**
      * Clear sensitive data when object is garbage collected
      */
+    @SuppressWarnings({"deprecation", "removal"})
     @Override
     protected void finalize() throws Throwable {
         try {

src/java/com/wolfssl/provider/jsse/WolfSSLParametersHelper.java

@@ -22,7 +22,6 @@
 
 import java.lang.reflect.Method;
 import java.lang.reflect.InvocationTargetException;
-import java.security.AccessController;
 import java.security.PrivilegedAction;
 import javax.net.ssl.SSLParameters;
 import com.wolfssl.provider.jsse.WolfSSLJDK8Helper;
@@ -53,7 +52,16 @@ public WolfSSLParametersHelper() { }
      * has SSLParameters methods that older versions may not have */
     static
     {
-        AccessController.doPrivileged(new PrivilegedAction<Object>() {
+        detectSSLParametersMethods();
+    }
+
+    /* AccessController used via FQN to avoid import-line removal
+     * warning on JDK 17+. */
+    @SuppressWarnings("removal")
+    private static void detectSSLParametersMethods()
+    {
+        java.security.AccessController
+            .doPrivileged(new PrivilegedAction<Object>() {
             public Object run() {
                 Class<?> c = SSLParameters.class;
                 Method[] methods = c.getDeclaredMethods();

src/java/com/wolfssl/provider/jsse/WolfSSLProvider.java

@@ -75,6 +75,7 @@ public void errorCallback(int ok, int err, String hash) {
     /**
      * wolfSSL JSSE Provider class
      */
+    @SuppressWarnings("deprecation")
     public WolfSSLProvider() {
         super("wolfJSSE", 1.17, "wolfSSL JSSE Provider");
         /* super("wolfJSSE", "1.17", "wolfSSL JSSE Provider"); */

src/java/com/wolfssl/provider/jsse/WolfSSLSocket.java

@@ -1514,6 +1514,7 @@ public synchronized void removeHandshakeCompletedListener(
      *
      * @throws IOException if a network error occurs
      */
+    @SuppressWarnings("deprecation")
     @Override
     public synchronized void startHandshake() throws IOException {
         int ret;
@@ -2319,7 +2320,7 @@ public synchronized void connect(SocketAddress endpoint, int timeout)
         }
     }
 
-    @SuppressWarnings("deprecation")
+    @SuppressWarnings({"deprecation", "removal"})
     @Override
     protected synchronized void finalize() throws Throwable {
         if (this.ssl != null) {

src/java/com/wolfssl/provider/jsse/WolfSSLTrustX509.java

@@ -1339,7 +1339,7 @@ public X509Certificate[] getAcceptedIssuers() {
         }
     }
 
-    @SuppressWarnings("deprecation")
+    @SuppressWarnings({"deprecation", "removal"})
     @Override
     protected void finalize() throws Throwable {
         this.store = null;

src/java/com/wolfssl/provider/jsse/WolfSSLX509.java

@@ -181,6 +181,7 @@ public BigInteger getSerialNumber() {
         return this.cert.getSerial();
     }
 
+    @SuppressWarnings("deprecation")
     @Override
     public Principal getIssuerDN() {
 
@@ -194,6 +195,7 @@ public Principal getIssuerDN() {
         return new WolfSSLPrincipal(name);
     }
 
+    @SuppressWarnings("deprecation")
     @Override
     public Principal getSubjectDN() {
 
@@ -678,7 +680,7 @@ public byte[] getExtensionValue(String oid) {
     }
 
 
-    @SuppressWarnings("removal")
+    @SuppressWarnings({"deprecation", "removal"})
     @Override
     protected void finalize() throws Throwable {
         try {

src/java/com/wolfssl/provider/jsse/WolfSSLX509X.java

@@ -40,7 +40,7 @@
  *
  * @author wolfSSL
  */
-@SuppressWarnings("deprecation")
+@SuppressWarnings({"deprecation", "removal"})
 public class WolfSSLX509X extends X509Certificate {
     WolfSSLX509 cert;
 

src/java/com/wolfssl/provider/jsse/adapter/WolfSSLJDK8Helper.java

@@ -24,7 +24,6 @@
 import java.util.ArrayList;
 import java.lang.reflect.Method;
 import java.lang.reflect.InvocationTargetException;
-import java.security.AccessController;
 import java.security.PrivilegedAction;
 import javax.net.ssl.SSLParameters;
 import javax.net.ssl.SNIServerName;
@@ -52,6 +51,7 @@ public WolfSSLJDK8Helper() { }
      * @param m Java method to call to set SNI server names
      * @param in WolfSSLParameters to set SNI names from
      */
+    @SuppressWarnings("removal")
     protected static void setServerNames(final SSLParameters out,
                                          final Method m, WolfSSLParameters in) {
 
@@ -69,8 +69,11 @@ protected static void setServerNames(final SSLParameters out,
                 sni.add(new SNIHostName(name.getEncoded()));
             }
 
-            /* call SSLParameters.setServerName() */
-            AccessController.doPrivileged(new PrivilegedAction<Object>() {
+            /* call SSLParameters.setServerNames().
+             * AccessController used via FQN to avoid import-line removal
+             * warning on JDK 17+. */
+            java.security.AccessController
+                .doPrivileged(new PrivilegedAction<Object>() {
                 public Object run() {
                     try {
                         m.invoke(out, sni);
@@ -122,6 +125,7 @@ protected static void getServerNames(final SSLParameters in,
      * @param m method to invoke to set protocols
      * @param in input WolfSSLParameters to read ALPN protocols from
      */
+    @SuppressWarnings("removal")
     protected static void setApplicationProtocols(final SSLParameters out,
                                          final Method m, WolfSSLParameters in) {
 
@@ -134,7 +138,8 @@ protected static void setApplicationProtocols(final SSLParameters out,
         final Object[] appProtoArr = {appProtos};
         if (appProtos != null) {
             /* call SSLParameters.setApplicationProtocols() */
-            AccessController.doPrivileged(new PrivilegedAction<Object>() {
+            java.security.AccessController
+                .doPrivileged(new PrivilegedAction<Object>() {
                 public Object run() {
                     try {
                         m.invoke(out, appProtoArr);
@@ -190,6 +195,7 @@ protected static void getApplicationProtocols(final SSLParameters in,
      * @param m method to invoke to set endpoint ID algo
      * @param in input WolfSSLParameters to read endpoint ID algo from
      */
+    @SuppressWarnings("removal")
     protected static void setEndpointIdentificationAlgorithm(
         final SSLParameters out, final Method m, WolfSSLParameters in) {
 
@@ -202,7 +208,8 @@ protected static void setEndpointIdentificationAlgorithm(
         final String idAlgo = in.getEndpointIdentificationAlgorithm();
         if (idAlgo != null) {
             /* call SSLParameters.setEndpointIdentificationAlgorithm() */
-            AccessController.doPrivileged(new PrivilegedAction<Object>() {
+            java.security.AccessController
+                .doPrivileged(new PrivilegedAction<Object>() {
                 public Object run() {
                     try {
                         m.invoke(out, idAlgo);

src/test/com/wolfssl/provider/jsse/test/WolfSSLEngineMemoryLeakTest.java

@@ -82,6 +82,7 @@ public static void setupProvider() {
      * The test will fail if JNI global references prevent garbage collection.
      */
     @Test
+    @SuppressWarnings("removal")
     public void testEngineMemoryLeakWithAbandonedEngines() throws Exception {
 
         /* Skip on Android due to performance and timeout issues */