Drop Target_javax_net_ssl_SSLContext substitutions

[rsvoboda]

Drop Target_javax_net_ssl_SSLContext substitutions

Resolves #45739

[gsmet]

CI will pass. Problem might be size of native executable when SSL is disabled.

I prepared a PR with hopefully the necessary changes but didn't have the time to finalize.

See https://quarkus.io/guides/native-and-ssl#lets-disable-ssl-and-see-how-it-goes .

If your patch doesn't make any difference in this case, then we can pursue.

[rsvoboda]

Ok, I will look into that. From the original commit I though there were functional issues when quarkus.ssl.native=false was set - e.g. in 7ea698e#diff-90b1e30d9f494ec4747fd06e5bd4b6dabdaa0cfffc5fcf458e08c3e8baffb393R17

[rsvoboda]

I did just quick check with 3.17.8 and the size of native is the same no matter what quarkus.ssl.native value is set

mvn -pl resteasy-client-quickstart clean verify -Dnative -Dquarkus.platform.version=3.17.8 -Dquarkus.ssl.native=true
ls -lh resteasy-client-quickstart/target/resteasy-client-quickstart-1.0.0-SNAPSHOT-runner
-rwxr-xr-x@ 1 rsvoboda  staff    59M Jan 23 12:49 resteasy-client-quickstart/target/resteasy-client-quickstart-1.0.0-SNAPSHOT-runner

mvn -pl resteasy-client-quickstart clean verify -Dnative -Dquarkus.platform.version=3.17.8 -Dquarkus.ssl.native=false
ls -lh resteasy-client-quickstart/target/resteasy-client-quickstart-1.0.0-SNAPSHOT-runner
-rwxr-xr-x@ 1 rsvoboda  staff    59M Jan 23 12:52 resteasy-client-quickstart/target/resteasy-client-quickstart-1.0.0-SNAPSHOT-runner

[rsvoboda]

And I received Caused by: java.lang.IllegalArgumentException: https://stage.code.quarkus.io/api requires SSL support but it is disabled. You probably have set quarkus.ssl.native to false. when ssl was disabled (but the size was the same as when ssl was enabled)

@gsmet this feels like a bug, size should be smaller when ssl is disabled, right?

[gsmet]

@gsmet this feels like a bug, size should be smaller when ssl is disabled, right?

I dunno. Things have changed so much in GraalVM and they tend to give up on getting small binaries for ease of use.

I tried with the patch I had prepared with getInstance() implementation and it's not any better.

So we should maybe just drop this quarkus.ssl.native feature entirely. @zakkak WDYT?

[rsvoboda]

CC @jerboaa @galderz @maxandersen @cescoffier

[galderz]

It's unclear from the original commit that introduced this why it was added? @gsmet?

[gsmet]

@galderz it was introduced at a very early stage when enabling SSL required quite some additional configuration to get things going.

And it also had the nice bonus that it would avoid getting the SSL stuff into the native image, which was dropping around 10 MB from the binary.

Nowadays, things have been simplified a lot so from a simplification perspective, I don't think this property is needed anymore, but... it was still nice to be able to reduce the native executable size if you didn't need SSL.

[zakkak]

I agree with dropping the feature. Regarding the image size, note that in the guide it used to be 46MB with SSL and 25MB without it while now it is 61MB.

Things have changed so much in GraalVM and they tend to give up on getting small binaries for ease of use.

That's true, but I don't think it's the only cause of this increase. Other causes can be more features/code coming from newer JDKs and/or libraries.