Issue #4385 - Limit new UnsupportedOperationException to direct SslContextFactory usage

jetty-util/src/main/java/org/eclipse/jetty/util/ssl/SslContextFactory.java

@@ -1270,7 +1270,8 @@ protected KeyManager[] getKeyManagers(KeyStore keyStore) throws Exception
     @Deprecated
     protected X509ExtendedKeyManager newSniX509ExtendedKeyManager(X509ExtendedKeyManager keyManager)
     {
-        throw new UnsupportedOperationException("X509ExtendedKeyManager only supported on Server");
+        LOG.warn("Using Deprecated SslContextFactory implementation, SNI does not work in this context, use SslContextFactory.Server instead.");
+        return null;
     }
 
     protected TrustManager[] getTrustManagers(KeyStore trustStore, Collection<? extends CRL> crls) throws Exception
@@ -2178,6 +2179,13 @@ protected void checkConfiguration()
             checkEndPointIdentificationAlgorithm();
             super.checkConfiguration();
         }
+
+        @Deprecated
+        protected X509ExtendedKeyManager newSniX509ExtendedKeyManager(X509ExtendedKeyManager keyManager)
+        {
+            // Overriding base implementation, as this context should have no WARN message.
+            return null;
+        }
     }
 
     @ManagedObject

jetty-util/src/test/java/org/eclipse/jetty/util/ssl/X509Test.java

@@ -26,10 +26,9 @@
 import org.junit.jupiter.api.Test;
 
 import static org.hamcrest.MatcherAssert.assertThat;
-import static org.hamcrest.Matchers.containsString;
 import static org.hamcrest.Matchers.is;
 import static org.hamcrest.Matchers.notNullValue;
-import static org.junit.jupiter.api.Assertions.assertThrows;
+import static org.hamcrest.Matchers.nullValue;
 
 public class X509Test
 {
@@ -161,17 +160,17 @@ public void testSniX509ExtendedKeyManager_BaseClass() throws Exception
     {
         SslContextFactory baseSsl = new SslContextFactory();
         X509ExtendedKeyManager x509ExtendedKeyManager = getX509ExtendedKeyManager(baseSsl);
-        UnsupportedOperationException npe = assertThrows(UnsupportedOperationException.class, () -> baseSsl.newSniX509ExtendedKeyManager(x509ExtendedKeyManager));
-        assertThat("UnsupportedOperationException.message", npe.getMessage(), containsString("X509ExtendedKeyManager only supported on Server"));
+        X509ExtendedKeyManager sniX509ExtendedKeyManager = baseSsl.newSniX509ExtendedKeyManager(x509ExtendedKeyManager);
+        assertThat("SNI X509 ExtendedKeyManager is undefined in this context", sniX509ExtendedKeyManager, nullValue());
     }
 
     @Test
     public void testSniX509ExtendedKeyManager_ClientClass() throws Exception
     {
         SslContextFactory clientSsl = new SslContextFactory.Client();
         X509ExtendedKeyManager x509ExtendedKeyManager = getX509ExtendedKeyManager(clientSsl);
-        UnsupportedOperationException re = assertThrows(UnsupportedOperationException.class, () -> clientSsl.newSniX509ExtendedKeyManager(x509ExtendedKeyManager));
-        assertThat("UnsupportedOperationException.message", re.getMessage(), containsString("X509ExtendedKeyManager only supported on Server"));
+        X509ExtendedKeyManager sniX509ExtendedKeyManager = clientSsl.newSniX509ExtendedKeyManager(x509ExtendedKeyManager);
+        assertThat("SNI X509 ExtendedKeyManager is undefined in this context", sniX509ExtendedKeyManager, nullValue());
     }
 
     @Test