package org.eclipse.jetty.server.ssl;

import java.io.File;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.OutputStream;
import java.net.Socket;
import java.nio.charset.StandardCharsets;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.concurrent.LinkedBlockingQueue;
import javax.net.ssl.SNIHostName;
import javax.net.ssl.SSLParameters;
import javax.net.ssl.SSLSocket;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.eclipse.jetty.http.HttpVersion;
import org.eclipse.jetty.io.Connection;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.server.HttpConfiguration;
import org.eclipse.jetty.server.HttpConnectionFactory;
import org.eclipse.jetty.server.Request;
import org.eclipse.jetty.server.SecureRequestCustomizer;
import org.eclipse.jetty.server.Server;
import org.eclipse.jetty.server.ServerConnector;
import org.eclipse.jetty.server.SocketCustomizationListener;
import org.eclipse.jetty.server.SslConnectionFactory;
import org.eclipse.jetty.server.handler.AbstractHandler;
import org.eclipse.jetty.util.IO;
import org.eclipse.jetty.util.ssl.SslContextFactory;
import org.hamcrest.MatcherAssert;
import org.hamcrest.Matchers;
import org.junit.jupiter.api.AfterEach;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;

/* loaded from: input_file:org/eclipse/jetty/server/ssl/SslConnectionFactoryTest.class */
public class SslConnectionFactoryTest {
    private Server _server;
    private ServerConnector _connector;
    private int _port;

    @BeforeEach
    public void before() throws Exception {
        File file = new File("src/test/resources/keystore");
        if (!file.exists()) {
            throw new FileNotFoundException(file.getAbsolutePath());
        }
        this._server = new Server();
        HttpConfiguration httpConfiguration = new HttpConfiguration();
        httpConfiguration.setSecureScheme("https");
        httpConfiguration.setSecurePort(8443);
        httpConfiguration.setOutputBufferSize(32768);
        HttpConfiguration httpConfiguration2 = new HttpConfiguration(httpConfiguration);
        httpConfiguration2.addCustomizer(new SecureRequestCustomizer());
        SslContextFactory.Server server = new SslContextFactory.Server();
        server.setKeyStorePath(file.getAbsolutePath());
        server.setKeyStorePassword("OBF:1vny1zlo1x8e1vnw1vn61x8g1zlu1vn4");
        server.setKeyManagerPassword("OBF:1u2u1wml1z7s1z7a1wnl1u2g");
        ServerConnector serverConnector = new ServerConnector(this._server, new ConnectionFactory[]{new SslConnectionFactory(server, HttpVersion.HTTP_1_1.asString()), new HttpConnectionFactory(httpConfiguration2)});
        this._connector = serverConnector;
        serverConnector.setPort(0);
        serverConnector.setIdleTimeout(30000L);
        this._server.addConnector(serverConnector);
        this._server.setHandler(new AbstractHandler() { // from class: org.eclipse.jetty.server.ssl.SslConnectionFactoryTest.1
            public void handle(String str, Request request, HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws IOException, ServletException {
                httpServletResponse.setStatus(200);
                httpServletResponse.getWriter().write("url=" + httpServletRequest.getRequestURI() + "\nhost=" + httpServletRequest.getServerName());
                httpServletResponse.flushBuffer();
            }
        });
        this._server.start();
        this._port = serverConnector.getLocalPort();
    }

    @AfterEach
    public void after() throws Exception {
        this._server.stop();
        this._server = null;
    }

    @Test
    public void testConnect() throws Exception {
        MatcherAssert.assertThat(getResponse("127.0.0.1", null), Matchers.containsString("host=127.0.0.1"));
    }

    @Test
    public void testSNIConnect() throws Exception {
        MatcherAssert.assertThat(getResponse("localhost", "localhost", "jetty.eclipse.org"), Matchers.containsString("host=localhost"));
    }

    @Test
    public void testBadHandshake() throws Exception {
        Socket socket = new Socket("127.0.0.1", this._port);
        try {
            OutputStream outputStream = socket.getOutputStream();
            try {
                outputStream.write("Rubbish".getBytes());
                outputStream.flush();
                socket.setSoTimeout(1000);
                MatcherAssert.assertThat(Integer.valueOf(socket.getInputStream().read()), Matchers.equalTo(21));
                if (outputStream != null) {
                    outputStream.close();
                }
                socket.close();
            } finally {
            }
        } catch (Throwable th) {
            try {
                socket.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    @Test
    public void testSocketCustomization() throws Exception {
        final LinkedBlockingQueue linkedBlockingQueue = new LinkedBlockingQueue();
        this._connector.addBean(new SocketCustomizationListener() { // from class: org.eclipse.jetty.server.ssl.SslConnectionFactoryTest.2
            protected void customize(Socket socket, Class<? extends Connection> cls, boolean z) {
                linkedBlockingQueue.add("customize connector " + cls + "," + z);
            }
        });
        ((SslConnectionFactory) this._connector.getBean(SslConnectionFactory.class)).addBean(new SocketCustomizationListener() { // from class: org.eclipse.jetty.server.ssl.SslConnectionFactoryTest.3
            protected void customize(Socket socket, Class<? extends Connection> cls, boolean z) {
                linkedBlockingQueue.add("customize ssl " + cls + "," + z);
            }
        });
        ((HttpConnectionFactory) this._connector.getBean(HttpConnectionFactory.class)).addBean(new SocketCustomizationListener() { // from class: org.eclipse.jetty.server.ssl.SslConnectionFactoryTest.4
            protected void customize(Socket socket, Class<? extends Connection> cls, boolean z) {
                linkedBlockingQueue.add("customize http " + cls + "," + z);
            }
        });
        MatcherAssert.assertThat(getResponse("127.0.0.1", null), Matchers.containsString("host=127.0.0.1"));
        Assertions.assertEquals("customize connector class org.eclipse.jetty.io.ssl.SslConnection,false", linkedBlockingQueue.poll());
        Assertions.assertEquals("customize ssl class org.eclipse.jetty.io.ssl.SslConnection,false", linkedBlockingQueue.poll());
        Assertions.assertEquals("customize connector class org.eclipse.jetty.server.HttpConnection,true", linkedBlockingQueue.poll());
        Assertions.assertEquals("customize http class org.eclipse.jetty.server.HttpConnection,true", linkedBlockingQueue.poll());
        Assertions.assertEquals(0, linkedBlockingQueue.size());
    }

    @Test
    public void testServerWithoutHttpConnectionFactory() throws Exception {
        this._server.stop();
        Assertions.assertNotNull(this._connector.removeConnectionFactory(HttpVersion.HTTP_1_1.asString()));
        Assertions.assertThrows(IllegalStateException.class, () -> {
            this._server.start();
        });
    }

    private String getResponse(String str, String str2) throws Exception {
        String response = getResponse(str, str, str2);
        MatcherAssert.assertThat(response, Matchers.startsWith("HTTP/1.1 200 OK"));
        MatcherAssert.assertThat(response, Matchers.containsString("url=/ctx/path"));
        return response;
    }

    private String getResponse(String str, String str2, String str3) throws Exception {
        SslContextFactory.Client client = new SslContextFactory.Client(true);
        client.start();
        SSLSocket sSLSocket = (SSLSocket) client.getSslContext().getSocketFactory().createSocket("127.0.0.1", this._port);
        if (str3 != null) {
            SNIHostName sNIHostName = new SNIHostName(str);
            ArrayList arrayList = new ArrayList();
            arrayList.add(sNIHostName);
            SSLParameters sSLParameters = sSLSocket.getSSLParameters();
            sSLParameters.setServerNames(arrayList);
            sSLSocket.setSSLParameters(sSLParameters);
        }
        sSLSocket.startHandshake();
        if (str3 != null) {
            MatcherAssert.assertThat(((X509Certificate) sSLSocket.getSession().getPeerCertificates()[0]).getSubjectX500Principal().getName("CANONICAL"), Matchers.startsWith("cn=" + str3));
        }
        sSLSocket.getOutputStream().write(("GET /ctx/path HTTP/1.0\r\nHost: " + str2 + ":" + this._port + "\r\n\r\n").getBytes(StandardCharsets.ISO_8859_1));
        String io = IO.toString(sSLSocket.getInputStream());
        sSLSocket.close();
        client.stop();
        return io;
    }
}
