Adapt to API changes in Reactor Netty

The following issue changed the SSL configuration API for both client
and server: https://github.com/reactor/reactor-netty/issues/370

spring-boot-project/spring-boot-actuator-autoconfigure/src/main/java/org/springframework/boot/actuate/autoconfigure/cloudfoundry/reactive/ReactiveCloudFoundrySecurityService.java

@@ -66,13 +66,13 @@ class ReactiveCloudFoundrySecurityService {
 	}
 
 	protected ReactorClientHttpConnector buildTrustAllSslConnector() {
-		HttpClient client = HttpClient.create().secure((sslContextSpec) -> sslContextSpec
-				.forClient().sslContext(this::configureSsl));
+		HttpClient client = HttpClient.create().secure(
+				(sslContextSpec) -> sslContextSpec.sslContext(createSslContext()));
 		return new ReactorClientHttpConnector(client);
 	}
 
-	private SslContextBuilder configureSsl(SslContextBuilder builder) {
-		return builder.sslProvider(SslProvider.JDK)
+	private SslContextBuilder createSslContext() {
+		return SslContextBuilder.forClient().sslProvider(SslProvider.JDK)
 				.trustManager(InsecureTrustManagerFactory.INSTANCE);
 	}
 

spring-boot-project/spring-boot/src/main/java/org/springframework/boot/web/embedded/netty/SslServerCustomizer.java

@@ -19,7 +19,6 @@ package org.springframework.boot.web.embedded.netty;
 import java.net.URL;
 import java.security.KeyStore;
 import java.util.Arrays;
-import java.util.function.Consumer;
 
 import javax.net.ssl.KeyManagerFactory;
 import javax.net.ssl.TrustManagerFactory;
@@ -52,32 +51,31 @@ public class SslServerCustomizer implements NettyServerCustomizer {
 	@Override
 	public HttpServer apply(HttpServer server) {
 		try {
-			return server.secure((contextSpec) -> contextSpec.forServer()
-					.sslContext(getContextBuilderConsumer()));
+			return server
+					.secure((contextSpec) -> contextSpec.sslContext(getContextBuilder()));
 		}
 		catch (Exception ex) {
 			throw new IllegalStateException(ex);
 		}
 	}
 
-	protected Consumer<SslContextBuilder> getContextBuilderConsumer() {
-		return (builder) -> {
-			builder.keyManager(getKeyManagerFactory(this.ssl, this.sslStoreProvider))
-					.trustManager(
-							getTrustManagerFactory(this.ssl, this.sslStoreProvider));
-			if (this.ssl.getEnabledProtocols() != null) {
-				builder.protocols(this.ssl.getEnabledProtocols());
-			}
-			if (this.ssl.getCiphers() != null) {
-				builder.ciphers(Arrays.asList(this.ssl.getCiphers()));
-			}
-			if (this.ssl.getClientAuth() == Ssl.ClientAuth.NEED) {
-				builder.clientAuth(ClientAuth.REQUIRE);
-			}
-			else if (this.ssl.getClientAuth() == Ssl.ClientAuth.WANT) {
-				builder.clientAuth(ClientAuth.OPTIONAL);
-			}
-		};
+	protected SslContextBuilder getContextBuilder() {
+		SslContextBuilder builder = SslContextBuilder
+				.forServer(getKeyManagerFactory(this.ssl, this.sslStoreProvider))
+				.trustManager(getTrustManagerFactory(this.ssl, this.sslStoreProvider));
+		if (this.ssl.getEnabledProtocols() != null) {
+			builder.protocols(this.ssl.getEnabledProtocols());
+		}
+		if (this.ssl.getCiphers() != null) {
+			builder.ciphers(Arrays.asList(this.ssl.getCiphers()));
+		}
+		if (this.ssl.getClientAuth() == Ssl.ClientAuth.NEED) {
+			builder.clientAuth(ClientAuth.REQUIRE);
+		}
+		else if (this.ssl.getClientAuth() == Ssl.ClientAuth.WANT) {
+			builder.clientAuth(ClientAuth.OPTIONAL);
+		}
+		return builder;
 	}
 
 	protected KeyManagerFactory getKeyManagerFactory(Ssl ssl,

spring-boot-project/spring-boot/src/test/java/org/springframework/boot/web/reactive/server/AbstractReactiveWebServerFactoryTests.java

@@ -31,6 +31,7 @@ import io.netty.channel.ChannelHandlerContext;
 import io.netty.channel.ChannelInboundHandlerAdapter;
 import io.netty.handler.codec.http.HttpHeaderNames;
 import io.netty.handler.codec.http.HttpResponse;
+import io.netty.handler.ssl.SslContextBuilder;
 import io.netty.handler.ssl.SslProvider;
 import io.netty.handler.ssl.util.InsecureTrustManagerFactory;
 import org.junit.After;
@@ -135,10 +136,11 @@ public abstract class AbstractReactiveWebServerFactoryTests {
 	}
 
 	protected ReactorClientHttpConnector buildTrustAllSslConnector() {
+		SslContextBuilder builder = SslContextBuilder.forClient()
+				.sslProvider(SslProvider.JDK)
+				.trustManager(InsecureTrustManagerFactory.INSTANCE);
 		HttpClient client = HttpClient.create().wiretap()
-				.secure((sslContextSpec) -> sslContextSpec.forClient()
-						.sslContext((builder) -> builder.sslProvider(SslProvider.JDK)
-								.trustManager(InsecureTrustManagerFactory.INSTANCE)));
+				.secure((sslContextSpec) -> sslContextSpec.sslContext(builder));
 		return new ReactorClientHttpConnector(client);
 	}
 
@@ -171,11 +173,12 @@ public abstract class AbstractReactiveWebServerFactoryTests {
 		KeyManagerFactory clientKeyManagerFactory = KeyManagerFactory
 				.getInstance(KeyManagerFactory.getDefaultAlgorithm());
 		clientKeyManagerFactory.init(clientKeyStore, "password".toCharArray());
+		SslContextBuilder builder = SslContextBuilder.forClient()
+				.sslProvider(SslProvider.JDK)
+				.trustManager(InsecureTrustManagerFactory.INSTANCE)
+				.keyManager(clientKeyManagerFactory);
 		HttpClient client = HttpClient.create().wiretap()
-				.secure((sslContextSpec) -> sslContextSpec.forClient()
-						.sslContext((builder) -> builder.sslProvider(SslProvider.JDK)
-								.trustManager(InsecureTrustManagerFactory.INSTANCE)
-								.keyManager(clientKeyManagerFactory)));
+				.secure((sslContextSpec) -> sslContextSpec.sslContext(builder));
 		return new ReactorClientHttpConnector(client);
 	}