package org.wildfly.extension.undertow;

import io.undertow.UndertowOptions;
import io.undertow.protocols.ssl.UndertowXnioSsl;
import io.undertow.server.OpenListener;
import io.undertow.server.protocol.http.AlpnOpenListener;
import io.undertow.server.protocol.http.HttpOpenListener;
import io.undertow.server.protocol.http2.Http2OpenListener;
import java.io.Closeable;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.nio.ByteBuffer;
import javax.net.ssl.SSLContext;
import org.jboss.as.domain.management.SecurityRealm;
import org.jboss.as.network.NetworkUtils;
import org.jboss.msc.value.InjectedValue;
import org.wildfly.extension.undertow.logging.UndertowLogger;
import org.wildfly.security.ssl.CipherSuiteSelector;
import org.xnio.ChannelListener;
import org.xnio.IoUtils;
import org.xnio.OptionMap;
import org.xnio.Options;
import org.xnio.Pool;
import org.xnio.StreamConnection;
import org.xnio.XnioWorker;
import org.xnio.channels.AcceptingChannel;
import org.xnio.ssl.SslConnection;

/* loaded from: input_file:wildfly-10.1.0.Final/modules/system/layers/base/org/wildfly/extension/undertow/main/wildfly-undertow-10.1.0.Final.jar:org/wildfly/extension/undertow/HttpsListenerService.class */
public class HttpsListenerService extends HttpListenerService {
    private final InjectedValue<SecurityRealm> securityRealm;
    private volatile AcceptingChannel<SslConnection> sslServer;
    static final String PROTOCOL = "https";
    private final String cipherSuites;

    public HttpsListenerService(String str, String str2, OptionMap optionMap, String str3, OptionMap optionMap2) {
        super(str, str2, optionMap, optionMap2, false, false);
        this.securityRealm = new InjectedValue<>();
        this.cipherSuites = str3;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wildfly.extension.undertow.HttpListenerService, org.wildfly.extension.undertow.ListenerService
    public OpenListener createOpenListener() {
        if (!this.listenerOptions.get(UndertowOptions.ENABLE_HTTP2, false)) {
            return super.createOpenListener();
        }
        try {
            return createAlpnOpenListener();
        } catch (Throwable th) {
            UndertowLogger.ROOT_LOGGER.alpnNotFound();
            UndertowLogger.ROOT_LOGGER.debug("Exception creating ALPN listener", th);
            return super.createOpenListener();
        }
    }

    private OpenListener createAlpnOpenListener() {
        OptionMap map = OptionMap.builder().addAll(commonOptions).addAll(this.listenerOptions).set(UndertowOptions.ENABLE_CONNECTOR_STATISTICS, getUndertowService().isStatisticsEnabled()).getMap();
        Pool<ByteBuffer> value2 = getBufferPool().getValue2();
        AlpnOpenListener alpnOpenListener = new AlpnOpenListener(value2, map, new HttpOpenListener(value2, map));
        if (this.listenerOptions.get(UndertowOptions.ENABLE_HTTP2, false)) {
            alpnOpenListener.addProtocol("h2", new Http2OpenListener(value2, map, "h2"), 10);
            alpnOpenListener.addProtocol(Http2OpenListener.HTTP2_14, new Http2OpenListener(value2, map, Http2OpenListener.HTTP2_14), 9);
        }
        return alpnOpenListener;
    }

    @Override // org.wildfly.extension.undertow.HttpListenerService, org.wildfly.extension.undertow.ListenerService
    protected void startListening(XnioWorker xnioWorker, InetSocketAddress inetSocketAddress, ChannelListener<AcceptingChannel<StreamConnection>> channelListener) throws IOException {
        SSLContext sSLContext = this.securityRealm.getValue2().getSSLContext();
        if (sSLContext == null) {
            throw UndertowLogger.ROOT_LOGGER.noSslContextInSecurityRealm();
        }
        OptionMap.Builder addAll = OptionMap.builder().addAll(commonOptions);
        addAll.addAll(this.socketOptions);
        addAll.set(Options.USE_DIRECT_BUFFERS, true);
        if (this.cipherSuites != null) {
            addAll.setSequence(HttpsListenerResourceDefinition.ENABLED_CIPHER_SUITES.getOption(), CipherSuiteSelector.fromString(this.cipherSuites).evaluate(sSLContext.getSupportedSSLParameters().getCipherSuites()));
        }
        OptionMap map = addAll.getMap();
        this.sslServer = new UndertowXnioSsl(xnioWorker.getXnio(), map, sSLContext).createSslConnectionServer(xnioWorker, inetSocketAddress, channelListener, map);
        this.sslServer.resumeAccepts();
        UndertowLogger.ROOT_LOGGER.listenerStarted("HTTPS", getName(), NetworkUtils.formatIPAddressForURI(inetSocketAddress.getAddress()), inetSocketAddress.getPort());
    }

    @Override // org.wildfly.extension.undertow.HttpListenerService, org.wildfly.extension.undertow.ListenerService
    public boolean isSecure() {
        return true;
    }

    @Override // org.wildfly.extension.undertow.HttpListenerService, org.wildfly.extension.undertow.ListenerService
    protected void stopListening() {
        this.sslServer.suspendAccepts();
        UndertowLogger.ROOT_LOGGER.listenerSuspend("HTTPS", getName());
        IoUtils.safeClose((Closeable) this.sslServer);
        this.sslServer = null;
        UndertowLogger.ROOT_LOGGER.listenerStopped("HTTPS", getName(), NetworkUtils.formatIPAddressForURI(getBinding().getValue2().getSocketAddress().getAddress()), getBinding().getValue2().getSocketAddress().getPort());
        this.httpListenerRegistry.getValue2().removeListener(getName());
    }

    public InjectedValue<SecurityRealm> getSecurityRealm() {
        return this.securityRealm;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wildfly.extension.undertow.HttpListenerService, org.wildfly.extension.undertow.ListenerService
    public String getProtocol() {
        return "https";
    }
}
