package org.lockss.jetty;

import java.io.File;
import java.security.KeyStore;
import java.util.Properties;
import javax.net.ssl.SSLServerSocket;
import org.lockss.daemon.LockssKeyStoreManager;
import org.lockss.plugin.simulated.SimulatedContentGenerator;
import org.lockss.test.ConfigurationUtil;
import org.lockss.test.LockssTestCase;
import org.lockss.test.MockLockssDaemon;
import org.lockss.test.TcpTestUtil;
import org.lockss.util.KeyStoreUtil;
import org.lockss.util.ListUtil;
import org.mortbay.util.InetAddrPort;

/* loaded from: input_file:org/lockss/jetty/TestLockssSslListener.class */
public class TestLockssSslListener extends LockssTestCase {
    static final String BAD_PROTO = "SSLv3";
    static final String KEYSTORE_PASS = "Keystore Password";
    static final String KEY_PASS = "No Donut!";
    LockssKeyStoreManager keystoreMgr;
    String keyStoreFileName;

    @Override // org.lockss.test.LockssTestCase
    public void setUp() throws Exception {
        super.setUp();
        this.keyStoreFileName = new File(getTempDir(), "test.keystore").toString();
        MockLockssDaemon mockLockssDaemon = getMockLockssDaemon();
        LockssTestCase.TestingRandomManager testingRandomManager = new LockssTestCase.TestingRandomManager();
        testingRandomManager.initService(mockLockssDaemon);
        mockLockssDaemon.setRandomManager(testingRandomManager);
        this.keystoreMgr = mockLockssDaemon.getKeystoreManager();
        this.keystoreMgr.startService();
    }

    KeyStore createKeyStore(String str, String str2, String str3) throws Exception {
        Properties properties = new Properties();
        properties.put("File", str);
        properties.put("Password", str2);
        properties.put("KeyPassword", str3);
        return KeyStoreUtil.createKeyStore(properties);
    }

    void addKsProp(Properties properties, String str, String str2, String str3, String str4) {
        String str5 = "org.lockss.keyMgr.keystore." + str + ".";
        properties.put(str5 + "name", str);
        properties.put(str5 + "type", "JCEKS");
        properties.put(str5 + SimulatedContentGenerator.FILE_PREFIX, str2);
        if (str3 != null) {
            properties.put(str5 + "password", str3);
        }
        properties.put(str5 + "keyPassword", str4);
    }

    public void testDisableProtocols() throws Exception {
        createKeyStore(this.keyStoreFileName, KEYSTORE_PASS, KEY_PASS);
        Properties properties = new Properties();
        addKsProp(properties, "ks1", this.keyStoreFileName, null, KEY_PASS);
        ConfigurationUtil.addFromProps(properties);
        this.keystoreMgr.getLockssKeyStore("ks1");
        InetAddrPort inetAddrPort = new InetAddrPort("127.0.0.1", TcpTestUtil.findUnboundTcpPort());
        LockssSslListener lockssSslListener = new LockssSslListener(inetAddrPort);
        lockssSslListener.setKeyManagerFactory(this.keystoreMgr.getKeyManagerFactory("ks1"));
        lockssSslListener.setDisableProtocols(ListUtil.list(new String[]{BAD_PROTO}));
        assertFalse(ListUtil.fromArray(((SSLServerSocket) lockssSslListener.newServerSocket(inetAddrPort, 5)).getEnabledProtocols()).contains(BAD_PROTO));
    }
}
