package io.undertow.server.protocol.http;

import io.netty.handler.ssl.ApplicationProtocolNames;
import io.undertow.UndertowLogger;
import io.undertow.UndertowMessages;
import io.undertow.UndertowOptions;
import io.undertow.connector.ByteBufferPool;
import io.undertow.connector.PooledByteBuffer;
import io.undertow.protocols.alpn.ALPNManager;
import io.undertow.protocols.alpn.ALPNProvider;
import io.undertow.protocols.ssl.SslConduit;
import io.undertow.protocols.ssl.UndertowXnioSsl;
import io.undertow.server.AggregateConnectorStatistics;
import io.undertow.server.ConnectorStatistics;
import io.undertow.server.DelegateOpenListener;
import io.undertow.server.HttpHandler;
import io.undertow.server.OpenListener;
import io.undertow.server.XnioByteBufferPool;
import java.io.Closeable;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.CompletableFuture;
import java.util.function.Function;
import javax.net.ssl.SSLEngine;
import org.xnio.ChannelListener;
import org.xnio.IoUtils;
import org.xnio.OptionMap;
import org.xnio.Pool;
import org.xnio.StreamConnection;
import org.xnio.channels.StreamSourceChannel;
import org.xnio.ssl.SslConnection;

/* JADX WARN: Classes with same name are omitted:
  input_file:m2repo/io/undertow/undertow-core/2.0.15.Final/undertow-core-2.0.15.Final.jar:io/undertow/server/protocol/http/AlpnOpenListener.class
 */
/* loaded from: input_file:m2repo/io/undertow/undertow-core/2.0.23.Final/undertow-core-2.0.23.Final.jar:io/undertow/server/protocol/http/AlpnOpenListener.class */
public class AlpnOpenListener implements ChannelListener<StreamConnection>, OpenListener {
    public static final String REQUIRED_CIPHER = "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256";
    private static final Set<String> REQUIRED_PROTOCOLS = Collections.unmodifiableSet(new HashSet(Arrays.asList("TLSv1.2", "TLSv1.3")));
    private final ALPNManager alpnManager;
    private final ByteBufferPool bufferPool;
    private final Map<String, ListenerEntry> listeners;
    private String[] protocols;
    private final String fallbackProtocol;
    private volatile HttpHandler rootHandler;
    private volatile OptionMap undertowOptions;
    private volatile boolean statisticsEnabled;
    private volatile boolean providerLogged;
    private volatile boolean alpnFailLogged;

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:m2repo/io/undertow/undertow-core/2.0.15.Final/undertow-core-2.0.15.Final.jar:io/undertow/server/protocol/http/AlpnOpenListener$AlpnConnectionListener.class
     */
    /* loaded from: input_file:m2repo/io/undertow/undertow-core/2.0.23.Final/undertow-core-2.0.23.Final.jar:io/undertow/server/protocol/http/AlpnOpenListener$AlpnConnectionListener.class */
    public class AlpnConnectionListener implements ChannelListener<StreamSourceChannel> {
        private final StreamConnection channel;
        private final CompletableFuture<SelectedAlpn> selectedAlpn;

        private AlpnConnectionListener(StreamConnection streamConnection, CompletableFuture<SelectedAlpn> completableFuture) {
            this.channel = streamConnection;
            this.selectedAlpn = completableFuture;
        }

        @Override // org.xnio.ChannelListener
        public void handleEvent(StreamSourceChannel streamSourceChannel) {
            int read;
            DelegateOpenListener delegateOpenListener;
            PooledByteBuffer allocate = AlpnOpenListener.this.bufferPool.allocate();
            do {
                try {
                    try {
                        read = this.channel.getSourceChannel().read(allocate.getBuffer());
                        if (read == -1) {
                            IoUtils.safeClose((Closeable) this.channel);
                            if (1 != 0) {
                                allocate.close();
                                return;
                            }
                            return;
                        }
                        allocate.getBuffer().flip();
                        SelectedAlpn now = this.selectedAlpn.getNow(null);
                        String selectedProtocol = now != null ? now.provider.getSelectedProtocol(now.engine) : null;
                        if (selectedProtocol != null) {
                            if (!selectedProtocol.isEmpty()) {
                                delegateOpenListener = ((ListenerEntry) AlpnOpenListener.this.listeners.get(selectedProtocol)).listener;
                            } else {
                                if (AlpnOpenListener.this.fallbackProtocol == null) {
                                    UndertowLogger.REQUEST_IO_LOGGER.noALPNFallback(this.channel.getPeerAddress());
                                    IoUtils.safeClose((Closeable) this.channel);
                                    if (1 != 0) {
                                        allocate.close();
                                        return;
                                    }
                                    return;
                                }
                                delegateOpenListener = ((ListenerEntry) AlpnOpenListener.this.listeners.get(AlpnOpenListener.this.fallbackProtocol)).listener;
                            }
                            streamSourceChannel.getReadSetter().set(null);
                            delegateOpenListener.handleEvent(this.channel, allocate);
                            if (0 != 0) {
                                allocate.close();
                                return;
                            }
                            return;
                        }
                        if (read > 0) {
                            if (AlpnOpenListener.this.fallbackProtocol == null) {
                                UndertowLogger.REQUEST_IO_LOGGER.noALPNFallback(this.channel.getPeerAddress());
                                IoUtils.safeClose((Closeable) this.channel);
                                if (1 != 0) {
                                    allocate.close();
                                    return;
                                }
                                return;
                            }
                            DelegateOpenListener delegateOpenListener2 = ((ListenerEntry) AlpnOpenListener.this.listeners.get(AlpnOpenListener.this.fallbackProtocol)).listener;
                            streamSourceChannel.getReadSetter().set(null);
                            delegateOpenListener2.handleEvent(this.channel, allocate);
                            if (0 != 0) {
                                allocate.close();
                                return;
                            }
                            return;
                        }
                    } catch (IOException e) {
                        UndertowLogger.REQUEST_IO_LOGGER.ioException(e);
                        IoUtils.safeClose((Closeable) this.channel);
                        if (1 != 0) {
                            allocate.close();
                            return;
                        }
                        return;
                    } catch (Throwable th) {
                        UndertowLogger.REQUEST_IO_LOGGER.handleUnexpectedFailure(th);
                        IoUtils.safeClose((Closeable) this.channel);
                        if (1 != 0) {
                            allocate.close();
                            return;
                        }
                        return;
                    }
                } catch (Throwable th2) {
                    if (1 != 0) {
                        allocate.close();
                    }
                    throw th2;
                }
            } while (read != 0);
            this.channel.getSourceChannel().resumeReads();
            if (1 != 0) {
                allocate.close();
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:m2repo/io/undertow/undertow-core/2.0.15.Final/undertow-core-2.0.15.Final.jar:io/undertow/server/protocol/http/AlpnOpenListener$ListenerEntry.class
     */
    /* loaded from: input_file:m2repo/io/undertow/undertow-core/2.0.23.Final/undertow-core-2.0.23.Final.jar:io/undertow/server/protocol/http/AlpnOpenListener$ListenerEntry.class */
    public static class ListenerEntry implements Comparable<ListenerEntry> {
        final DelegateOpenListener listener;
        final int weight;
        final String protocol;

        ListenerEntry(DelegateOpenListener delegateOpenListener, int i, String str) {
            this.listener = delegateOpenListener;
            this.weight = i;
            this.protocol = str;
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (!(obj instanceof ListenerEntry)) {
                return false;
            }
            ListenerEntry listenerEntry = (ListenerEntry) obj;
            if (this.weight == listenerEntry.weight && this.listener.equals(listenerEntry.listener)) {
                return this.protocol.equals(listenerEntry.protocol);
            }
            return false;
        }

        public int hashCode() {
            return (31 * ((31 * this.listener.hashCode()) + this.weight)) + this.protocol.hashCode();
        }

        @Override // java.lang.Comparable
        public int compareTo(ListenerEntry listenerEntry) {
            return -Integer.compare(this.weight, listenerEntry.weight);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:m2repo/io/undertow/undertow-core/2.0.15.Final/undertow-core-2.0.15.Final.jar:io/undertow/server/protocol/http/AlpnOpenListener$SSLConduitUpdater.class
     */
    /* loaded from: input_file:m2repo/io/undertow/undertow-core/2.0.23.Final/undertow-core-2.0.23.Final.jar:io/undertow/server/protocol/http/AlpnOpenListener$SSLConduitUpdater.class */
    public static final class SSLConduitUpdater implements Function<SSLEngine, SSLEngine> {
        final SslConduit conduit;
        final Function<SSLEngine, SSLEngine> underlying;

        SSLConduitUpdater(SslConduit sslConduit, Function<SSLEngine, SSLEngine> function) {
            this.conduit = sslConduit;
            this.underlying = function;
        }

        @Override // java.util.function.Function
        public SSLEngine apply(SSLEngine sSLEngine) {
            SSLEngine apply = this.underlying.apply(sSLEngine);
            this.conduit.setSslEngine(apply);
            return apply;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Classes with same name are omitted:
      input_file:m2repo/io/undertow/undertow-core/2.0.15.Final/undertow-core-2.0.15.Final.jar:io/undertow/server/protocol/http/AlpnOpenListener$SelectedAlpn.class
     */
    /* loaded from: input_file:m2repo/io/undertow/undertow-core/2.0.23.Final/undertow-core-2.0.23.Final.jar:io/undertow/server/protocol/http/AlpnOpenListener$SelectedAlpn.class */
    public static final class SelectedAlpn {
        final SSLEngine engine;
        final ALPNProvider provider;

        SelectedAlpn(SSLEngine sSLEngine, ALPNProvider aLPNProvider) {
            this.engine = sSLEngine;
            this.provider = aLPNProvider;
        }
    }

    public AlpnOpenListener(Pool<ByteBuffer> pool, OptionMap optionMap, DelegateOpenListener delegateOpenListener) {
        this(pool, optionMap, ApplicationProtocolNames.HTTP_1_1, delegateOpenListener);
    }

    public AlpnOpenListener(Pool<ByteBuffer> pool, OptionMap optionMap) {
        this(pool, optionMap, (String) null, (DelegateOpenListener) null);
    }

    public AlpnOpenListener(Pool<ByteBuffer> pool, OptionMap optionMap, String str, DelegateOpenListener delegateOpenListener) {
        this(new XnioByteBufferPool(pool), optionMap, str, delegateOpenListener);
    }

    public AlpnOpenListener(ByteBufferPool byteBufferPool, OptionMap optionMap, DelegateOpenListener delegateOpenListener) {
        this(byteBufferPool, optionMap, ApplicationProtocolNames.HTTP_1_1, delegateOpenListener);
    }

    public AlpnOpenListener(ByteBufferPool byteBufferPool) {
        this(byteBufferPool, OptionMap.EMPTY, (String) null, (DelegateOpenListener) null);
    }

    public AlpnOpenListener(ByteBufferPool byteBufferPool, OptionMap optionMap) {
        this(byteBufferPool, optionMap, (String) null, (DelegateOpenListener) null);
    }

    public AlpnOpenListener(ByteBufferPool byteBufferPool, OptionMap optionMap, String str, DelegateOpenListener delegateOpenListener) {
        this.alpnManager = ALPNManager.INSTANCE;
        this.listeners = new HashMap();
        this.bufferPool = byteBufferPool;
        this.undertowOptions = optionMap;
        this.fallbackProtocol = str;
        this.statisticsEnabled = optionMap.get(UndertowOptions.ENABLE_CONNECTOR_STATISTICS, false);
        if (str == null || delegateOpenListener == null) {
            return;
        }
        addProtocol(str, delegateOpenListener, 0);
    }

    @Override // io.undertow.server.OpenListener
    public HttpHandler getRootHandler() {
        return this.rootHandler;
    }

    @Override // io.undertow.server.OpenListener
    public void setRootHandler(HttpHandler httpHandler) {
        this.rootHandler = httpHandler;
        Iterator<Map.Entry<String, ListenerEntry>> it = this.listeners.entrySet().iterator();
        while (it.hasNext()) {
            it.next().getValue().listener.setRootHandler(httpHandler);
        }
    }

    @Override // io.undertow.server.OpenListener
    public OptionMap getUndertowOptions() {
        return this.undertowOptions;
    }

    @Override // io.undertow.server.OpenListener
    public void setUndertowOptions(OptionMap optionMap) {
        if (optionMap == null) {
            throw UndertowMessages.MESSAGES.argumentCannotBeNull("undertowOptions");
        }
        this.undertowOptions = optionMap;
        Iterator<Map.Entry<String, ListenerEntry>> it = this.listeners.entrySet().iterator();
        while (it.hasNext()) {
            it.next().getValue().listener.setRootHandler(this.rootHandler);
        }
        this.statisticsEnabled = optionMap.get(UndertowOptions.ENABLE_CONNECTOR_STATISTICS, false);
    }

    @Override // io.undertow.server.OpenListener
    public ByteBufferPool getBufferPool() {
        return this.bufferPool;
    }

    @Override // io.undertow.server.OpenListener
    public ConnectorStatistics getConnectorStatistics() {
        if (!this.statisticsEnabled) {
            return null;
        }
        ArrayList arrayList = new ArrayList();
        Iterator<Map.Entry<String, ListenerEntry>> it = this.listeners.entrySet().iterator();
        while (it.hasNext()) {
            ConnectorStatistics connectorStatistics = it.next().getValue().listener.getConnectorStatistics();
            if (connectorStatistics != null) {
                arrayList.add(connectorStatistics);
            }
        }
        return new AggregateConnectorStatistics((ConnectorStatistics[]) arrayList.toArray(new ConnectorStatistics[arrayList.size()]));
    }

    @Override // io.undertow.server.OpenListener
    public void closeConnections() {
        Iterator<Map.Entry<String, ListenerEntry>> it = this.listeners.entrySet().iterator();
        while (it.hasNext()) {
            it.next().getValue().listener.closeConnections();
        }
    }

    public AlpnOpenListener addProtocol(String str, DelegateOpenListener delegateOpenListener, int i) {
        this.listeners.put(str, new ListenerEntry(delegateOpenListener, i, str));
        ArrayList arrayList = new ArrayList(this.listeners.values());
        Collections.sort(arrayList);
        this.protocols = new String[arrayList.size()];
        for (int i2 = 0; i2 < arrayList.size(); i2++) {
            this.protocols[i2] = ((ListenerEntry) arrayList.get(i2)).protocol;
        }
        return this;
    }

    @Override // org.xnio.ChannelListener
    public void handleEvent(final StreamConnection streamConnection) {
        if (UndertowLogger.REQUEST_LOGGER.isTraceEnabled()) {
            UndertowLogger.REQUEST_LOGGER.tracef("Opened connection with %s", streamConnection.getPeerAddress());
        }
        SslConduit sslConduit = UndertowXnioSsl.getSslConduit((SslConnection) streamConnection);
        SSLEngine sSLEngine = sslConduit.getSSLEngine();
        final CompletableFuture completableFuture = new CompletableFuture();
        this.alpnManager.registerEngineCallback(sSLEngine, new SSLConduitUpdater(sslConduit, new Function<SSLEngine, SSLEngine>() { // from class: io.undertow.server.protocol.http.AlpnOpenListener.1
            @Override // java.util.function.Function
            public SSLEngine apply(SSLEngine sSLEngine2) {
                if (!AlpnOpenListener.engineSupportsHTTP2(sSLEngine2)) {
                    if (!AlpnOpenListener.this.alpnFailLogged) {
                        synchronized (this) {
                            if (!AlpnOpenListener.this.alpnFailLogged) {
                                UndertowLogger.REQUEST_LOGGER.debugf("ALPN has been configured however %s is not present or TLS1.2 is not enabled, falling back to default protocol", "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256");
                                AlpnOpenListener.this.alpnFailLogged = true;
                            }
                        }
                    }
                    if (AlpnOpenListener.this.fallbackProtocol != null && ((ListenerEntry) AlpnOpenListener.this.listeners.get(AlpnOpenListener.this.fallbackProtocol)) != null) {
                        completableFuture.complete(null);
                        return sSLEngine2;
                    }
                }
                final ALPNProvider provider = AlpnOpenListener.this.alpnManager.getProvider(sSLEngine2);
                if (provider != null) {
                    if (!AlpnOpenListener.this.providerLogged) {
                        synchronized (this) {
                            if (!AlpnOpenListener.this.providerLogged) {
                                UndertowLogger.REQUEST_LOGGER.debugf("Using ALPN provider %s for connector at %s", provider, streamConnection.getLocalAddress());
                                AlpnOpenListener.this.providerLogged = true;
                            }
                        }
                    }
                    final SSLEngine protocols = provider.setProtocols(sSLEngine2, AlpnOpenListener.this.protocols);
                    ALPNLimitingSSLEngine aLPNLimitingSSLEngine = new ALPNLimitingSSLEngine(protocols, new Runnable() { // from class: io.undertow.server.protocol.http.AlpnOpenListener.1.1
                        @Override // java.lang.Runnable
                        public void run() {
                            provider.setProtocols(protocols, new String[]{AlpnOpenListener.this.fallbackProtocol});
                        }
                    });
                    completableFuture.complete(new SelectedAlpn(protocols, provider));
                    return aLPNLimitingSSLEngine;
                }
                if (!AlpnOpenListener.this.providerLogged) {
                    synchronized (this) {
                        if (!AlpnOpenListener.this.providerLogged) {
                            UndertowLogger.REQUEST_LOGGER.debugf("ALPN has been configured however no provider could be found for engine %s for connector at %s", sSLEngine2, streamConnection.getLocalAddress());
                            AlpnOpenListener.this.providerLogged = true;
                        }
                    }
                }
                if (AlpnOpenListener.this.fallbackProtocol != null && ((ListenerEntry) AlpnOpenListener.this.listeners.get(AlpnOpenListener.this.fallbackProtocol)) != null) {
                    completableFuture.complete(null);
                    return sSLEngine2;
                }
                UndertowLogger.REQUEST_LOGGER.debugf("No ALPN provider available and no fallback defined", new Object[0]);
                IoUtils.safeClose((Closeable) streamConnection);
                completableFuture.complete(null);
                return sSLEngine2;
            }
        }));
        AlpnConnectionListener alpnConnectionListener = new AlpnConnectionListener(streamConnection, completableFuture);
        streamConnection.getSourceChannel().setReadListener(alpnConnectionListener);
        alpnConnectionListener.handleEvent((StreamSourceChannel) streamConnection.getSourceChannel());
    }

    public static boolean engineSupportsHTTP2(SSLEngine sSLEngine) {
        String[] enabledProtocols = sSLEngine.getEnabledProtocols();
        boolean z = false;
        int length = enabledProtocols.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            if (REQUIRED_PROTOCOLS.contains(enabledProtocols[i])) {
                z = true;
                break;
            }
            i++;
        }
        if (!z) {
            return false;
        }
        for (String str : sSLEngine.getEnabledCipherSuites()) {
            if (str.equals("TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256")) {
                return true;
            }
        }
        return false;
    }
}
