package org.apache.cxf.systest.hc5.https.hostname;

import jakarta.xml.ws.BindingProvider;
import java.io.Closeable;
import java.util.Arrays;
import java.util.Collection;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLSession;
import org.apache.cxf.Bus;
import org.apache.cxf.BusFactory;
import org.apache.cxf.bus.spring.SpringBusFactory;
import org.apache.cxf.configuration.jsse.TLSClientParameters;
import org.apache.cxf.frontend.ClientProxy;
import org.apache.cxf.testutil.common.AbstractBusClientServerTestBase;
import org.apache.hello_world.services.SOAPService;
import org.junit.AfterClass;
import org.junit.Assert;
import org.junit.BeforeClass;
import org.junit.Test;
import org.junit.runner.RunWith;
import org.junit.runners.Parameterized;

@RunWith(Parameterized.class)
/* loaded from: input_file:org/apache/cxf/systest/hc5/https/hostname/HostnameVerificationDeprecatedTest.class */
public class HostnameVerificationDeprecatedTest extends AbstractBusClientServerTestBase {
    static final String PORT = allocatePort(HostnameVerificationDeprecatedServer.class);
    static final String PORT2 = allocatePort(HostnameVerificationDeprecatedServer.class, 2);
    static final String PORT3 = allocatePort(HostnameVerificationDeprecatedServer.class, 3);
    private final Boolean async;

    public HostnameVerificationDeprecatedTest(Boolean bool) {
        this.async = bool;
    }

    @BeforeClass
    public static void startServers() throws Exception {
        System.setProperty("java.protocol.handler.pkgs", "com.sun.net.ssl.internal.www.protocol");
        Assert.assertTrue("Server failed to launch", launchServer(HostnameVerificationDeprecatedServer.class, true));
    }

    @Parameterized.Parameters(name = "{0}")
    public static Collection<Boolean> data() {
        return Arrays.asList(Boolean.FALSE, Boolean.TRUE);
    }

    @AfterClass
    public static void cleanup() throws Exception {
        System.clearProperty("java.protocol.handler.pkgs");
        stopAllServers();
    }

    @Test
    public void testLocalhostNotMatching() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(HostnameVerificationDeprecatedTest.class.getResource("hostname-client.xml").toString());
        BusFactory.setDefaultBus(createBus);
        BusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        Assert.assertNotNull("Service is null", sOAPService);
        BindingProvider httpsPort = sOAPService.getHttpsPort();
        Assert.assertNotNull("Port is null", httpsPort);
        updateAddressPort(httpsPort, PORT);
        if (this.async.booleanValue()) {
            httpsPort.getRequestContext().put("use.async.http.conduit", true);
        }
        try {
            httpsPort.greetMe("Kitty");
            Assert.fail("Failure expected on the hostname verification");
        } catch (Exception e) {
        }
        ((Closeable) httpsPort).close();
        createBus.shutdown(true);
    }

    @Test
    public void testLocalhostNotMatchingDisableCN() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(HostnameVerificationTest.class.getResource("hostname-client-disablecn.xml").toString());
        BusFactory.setDefaultBus(createBus);
        BusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        Assert.assertNotNull("Service is null", sOAPService);
        BindingProvider httpsPort = sOAPService.getHttpsPort();
        Assert.assertNotNull("Port is null", httpsPort);
        updateAddressPort(httpsPort, PORT);
        if (this.async.booleanValue()) {
            httpsPort.getRequestContext().put("use.async.http.conduit", true);
        }
        Assert.assertEquals(httpsPort.greetMe("Kitty"), "Hello Kitty");
        ((Closeable) httpsPort).close();
        createBus.shutdown(true);
    }

    @Test
    public void testNoSubjectAlternativeNameNoCNMatchDefaultVerifier() throws Exception {
        HostnameVerifier defaultHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
        try {
            HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { // from class: org.apache.cxf.systest.hc5.https.hostname.HostnameVerificationDeprecatedTest.1
                @Override // javax.net.ssl.HostnameVerifier
                public boolean verify(String str, SSLSession sSLSession) {
                    return true;
                }

                public boolean verify(String str, String str2) {
                    return true;
                }
            });
            Bus createBus = new SpringBusFactory().createBus(HostnameVerificationTest.class.getResource("hostname-client-usedefault.xml").toString());
            BusFactory.setDefaultBus(createBus);
            BusFactory.setThreadDefaultBus(createBus);
            SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
            Assert.assertNotNull("Service is null", sOAPService);
            BindingProvider httpsPort = sOAPService.getHttpsPort();
            Assert.assertNotNull("Port is null", httpsPort);
            updateAddressPort(httpsPort, PORT);
            if (this.async.booleanValue()) {
                httpsPort.getRequestContext().put("use.async.http.conduit", true);
            }
            Assert.assertEquals(httpsPort.greetMe("Kitty"), "Hello Kitty");
            ((Closeable) httpsPort).close();
            createBus.shutdown(true);
            if (defaultHostnameVerifier != null) {
                HttpsURLConnection.setDefaultHostnameVerifier(defaultHostnameVerifier);
            }
        } catch (Throwable th) {
            if (defaultHostnameVerifier != null) {
                HttpsURLConnection.setDefaultHostnameVerifier(defaultHostnameVerifier);
            }
            throw th;
        }
    }

    @Test
    public void testNoSubjectAlternativeNameNoCNMatchDefaultVerifierNoConfig() throws Exception {
        HostnameVerifier defaultHostnameVerifier = HttpsURLConnection.getDefaultHostnameVerifier();
        try {
            System.setProperty("javax.net.ssl.trustStore", "keys/subjalt.jks");
            System.setProperty("javax.net.ssl.trustStorePassword", "security");
            System.setProperty("javax.net.ssl.trustStoreType", "JKS");
            HttpsURLConnection.setDefaultHostnameVerifier(new HostnameVerifier() { // from class: org.apache.cxf.systest.hc5.https.hostname.HostnameVerificationDeprecatedTest.2
                @Override // javax.net.ssl.HostnameVerifier
                public boolean verify(String str, SSLSession sSLSession) {
                    return true;
                }

                public boolean verify(String str, String str2) {
                    return true;
                }
            });
            SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
            Assert.assertNotNull("Service is null", sOAPService);
            BindingProvider httpsPort = sOAPService.getHttpsPort();
            Assert.assertNotNull("Port is null", httpsPort);
            updateAddressPort(httpsPort, PORT);
            if (this.async.booleanValue()) {
                httpsPort.getRequestContext().put("use.async.http.conduit", true);
            }
            TLSClientParameters tLSClientParameters = new TLSClientParameters();
            tLSClientParameters.setUseHttpsURLConnectionDefaultHostnameVerifier(true);
            ClientProxy.getClient(httpsPort).getConduit().setTlsClientParameters(tLSClientParameters);
            Assert.assertEquals(httpsPort.greetMe("Kitty"), "Hello Kitty");
            ((Closeable) httpsPort).close();
            if (defaultHostnameVerifier != null) {
                HttpsURLConnection.setDefaultHostnameVerifier(defaultHostnameVerifier);
            }
            System.clearProperty("javax.net.ssl.trustStore");
            System.clearProperty("javax.net.ssl.trustStorePassword");
            System.clearProperty("javax.net.ssl.trustStoreType");
        } catch (Throwable th) {
            if (defaultHostnameVerifier != null) {
                HttpsURLConnection.setDefaultHostnameVerifier(defaultHostnameVerifier);
            }
            System.clearProperty("javax.net.ssl.trustStore");
            System.clearProperty("javax.net.ssl.trustStorePassword");
            System.clearProperty("javax.net.ssl.trustStoreType");
            throw th;
        }
    }

    @Test
    public void testNoSubjectAlternativeNameCNMatch() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(HostnameVerificationDeprecatedTest.class.getResource("hostname-client.xml").toString());
        BusFactory.setDefaultBus(createBus);
        BusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        Assert.assertNotNull("Service is null", sOAPService);
        BindingProvider httpsPort = sOAPService.getHttpsPort();
        Assert.assertNotNull("Port is null", httpsPort);
        updateAddressPort(httpsPort, PORT2);
        if (this.async.booleanValue()) {
            httpsPort.getRequestContext().put("use.async.http.conduit", true);
        }
        Assert.assertEquals(httpsPort.greetMe("Kitty"), "Hello Kitty");
        ((Closeable) httpsPort).close();
        createBus.shutdown(true);
    }

    @Test
    public void testNoSubjectAlternativeNameCNWildcardMatch() throws Exception {
        Bus createBus = new SpringBusFactory().createBus(HostnameVerificationTest.class.getResource("hostname-client.xml").toString());
        BusFactory.setDefaultBus(createBus);
        BusFactory.setThreadDefaultBus(createBus);
        SOAPService sOAPService = new SOAPService(SOAPService.WSDL_LOCATION, SOAPService.SERVICE);
        Assert.assertNotNull("Service is null", sOAPService);
        BindingProvider httpsPort = sOAPService.getHttpsPort();
        Assert.assertNotNull("Port is null", httpsPort);
        updateAddressPort(httpsPort, PORT3);
        if (this.async.booleanValue()) {
            httpsPort.getRequestContext().put("use.async.http.conduit", true);
        }
        Assert.assertEquals(httpsPort.greetMe("Kitty"), "Hello Kitty");
        ((Closeable) httpsPort).close();
        createBus.shutdown(true);
    }
}
