package org.apache.flink.runtime.io.network.netty;

import io.netty.channel.Channel;
import io.netty.channel.ChannelHandler;
import io.netty.handler.codec.string.StringDecoder;
import io.netty.handler.codec.string.StringEncoder;
import java.net.InetAddress;
import org.apache.flink.configuration.Configuration;
import org.apache.flink.runtime.io.network.netty.NettyTestUtil;
import org.apache.flink.util.NetUtils;
import org.junit.Assert;
import org.junit.Test;

/* loaded from: input_file:org/apache/flink/runtime/io/network/netty/NettyClientServerSslTest.class */
public class NettyClientServerSslTest {
    @Test
    public void testValidSslConnection() throws Exception {
        NettyTestUtil.NettyServerAndClient initServerAndClient = NettyTestUtil.initServerAndClient(new NettyProtocol() { // from class: org.apache.flink.runtime.io.network.netty.NettyClientServerSslTest.1
            public ChannelHandler[] getServerChannelHandlers() {
                return new ChannelHandler[0];
            }

            public ChannelHandler[] getClientChannelHandlers() {
                return new ChannelHandler[0];
            }
        }, new NettyConfig(InetAddress.getLoopbackAddress(), NetUtils.getAvailablePort(), NettyTestUtil.DEFAULT_SEGMENT_SIZE, 1, createSslConfig()));
        Channel connect = NettyTestUtil.connect(initServerAndClient);
        connect.pipeline().addLast(new ChannelHandler[]{new StringDecoder()}).addLast(new ChannelHandler[]{new StringEncoder()});
        Assert.assertTrue(connect.writeAndFlush("test").await().isSuccess());
        NettyTestUtil.shutdown(initServerAndClient);
    }

    @Test
    public void testInvalidSslConfiguration() throws Exception {
        NettyProtocol nettyProtocol = new NettyProtocol() { // from class: org.apache.flink.runtime.io.network.netty.NettyClientServerSslTest.2
            public ChannelHandler[] getServerChannelHandlers() {
                return new ChannelHandler[0];
            }

            public ChannelHandler[] getClientChannelHandlers() {
                return new ChannelHandler[0];
            }
        };
        Configuration createSslConfig = createSslConfig();
        createSslConfig.setString("security.ssl.keystore-password", "invalidpassword");
        NettyTestUtil.NettyServerAndClient nettyServerAndClient = null;
        try {
            nettyServerAndClient = NettyTestUtil.initServerAndClient(nettyProtocol, new NettyConfig(InetAddress.getLoopbackAddress(), NetUtils.getAvailablePort(), NettyTestUtil.DEFAULT_SEGMENT_SIZE, 1, createSslConfig));
            Assert.fail("Created server and client from invalid configuration");
        } catch (Exception e) {
        }
        NettyTestUtil.shutdown(nettyServerAndClient);
    }

    @Test
    public void testSslHandshakeError() throws Exception {
        NettyProtocol nettyProtocol = new NettyProtocol() { // from class: org.apache.flink.runtime.io.network.netty.NettyClientServerSslTest.3
            public ChannelHandler[] getServerChannelHandlers() {
                return new ChannelHandler[0];
            }

            public ChannelHandler[] getClientChannelHandlers() {
                return new ChannelHandler[0];
            }
        };
        Configuration createSslConfig = createSslConfig();
        createSslConfig.setString("security.ssl.keystore", "src/test/resources/untrusted.keystore");
        NettyTestUtil.NettyServerAndClient initServerAndClient = NettyTestUtil.initServerAndClient(nettyProtocol, new NettyConfig(InetAddress.getLoopbackAddress(), NetUtils.getAvailablePort(), NettyTestUtil.DEFAULT_SEGMENT_SIZE, 1, createSslConfig));
        Channel connect = NettyTestUtil.connect(initServerAndClient);
        connect.pipeline().addLast(new ChannelHandler[]{new StringDecoder()}).addLast(new ChannelHandler[]{new StringEncoder()});
        Assert.assertFalse(connect.writeAndFlush("test").await().isSuccess());
        NettyTestUtil.shutdown(initServerAndClient);
    }

    private Configuration createSslConfig() throws Exception {
        Configuration configuration = new Configuration();
        configuration.setBoolean("security.ssl.enabled", true);
        configuration.setString("security.ssl.keystore", "src/test/resources/local127.keystore");
        configuration.setString("security.ssl.keystore-password", "password");
        configuration.setString("security.ssl.key-password", "password");
        configuration.setString("security.ssl.truststore", "src/test/resources/local127.truststore");
        configuration.setString("security.ssl.truststore-password", "password");
        return configuration;
    }
}
