package org.xnio.ssl;

import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.nio.ByteBuffer;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashSet;
import java.util.Set;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicIntegerFieldUpdater;
import java.util.concurrent.atomic.AtomicReferenceFieldUpdater;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import org.apache.activemq.artemis.core.remoting.impl.netty.TransportConstants;
import org.xnio.ChannelListener;
import org.xnio.ChannelListeners;
import org.xnio.Option;
import org.xnio.OptionMap;
import org.xnio.Options;
import org.xnio.Pool;
import org.xnio.Sequence;
import org.xnio.SslClientAuthMode;
import org.xnio.XnioExecutor;
import org.xnio.XnioIoThread;
import org.xnio.XnioWorker;
import org.xnio._private.Messages;
import org.xnio.channels.AcceptingChannel;
import org.xnio.channels.ConnectedChannel;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:org/xnio/ssl/AbstractAcceptingSslChannel.class */
public abstract class AbstractAcceptingSslChannel<C extends ConnectedChannel, S extends ConnectedChannel> implements AcceptingChannel<C> {
    private final SSLContext sslContext;
    private final AcceptingChannel<? extends S> tcpServer;
    private volatile SslClientAuthMode clientAuthMode;
    private volatile int useClientMode;
    private volatile int enableSessionCreation;
    private volatile String[] cipherSuites;
    private volatile String[] protocols;
    private final ChannelListener.Setter<AcceptingChannel<C>> closeSetter;
    private final ChannelListener.Setter<AcceptingChannel<C>> acceptSetter;
    protected final boolean startTls;
    protected final Pool<ByteBuffer> socketBufferPool;
    protected final Pool<ByteBuffer> applicationBufferPool;
    private static final AtomicReferenceFieldUpdater<AbstractAcceptingSslChannel, SslClientAuthMode> clientAuthModeUpdater = AtomicReferenceFieldUpdater.newUpdater(AbstractAcceptingSslChannel.class, SslClientAuthMode.class, "clientAuthMode");
    private static final AtomicIntegerFieldUpdater<AbstractAcceptingSslChannel> useClientModeUpdater = AtomicIntegerFieldUpdater.newUpdater(AbstractAcceptingSslChannel.class, "useClientMode");
    private static final AtomicIntegerFieldUpdater<AbstractAcceptingSslChannel> enableSessionCreationUpdater = AtomicIntegerFieldUpdater.newUpdater(AbstractAcceptingSslChannel.class, "enableSessionCreation");
    private static final AtomicReferenceFieldUpdater<AbstractAcceptingSslChannel, String[]> cipherSuitesUpdater = AtomicReferenceFieldUpdater.newUpdater(AbstractAcceptingSslChannel.class, String[].class, "cipherSuites");
    private static final AtomicReferenceFieldUpdater<AbstractAcceptingSslChannel, String[]> protocolsUpdater = AtomicReferenceFieldUpdater.newUpdater(AbstractAcceptingSslChannel.class, String[].class, TransportConstants.PROTOCOLS_PROP_NAME);
    private static final Set<Option<?>> SUPPORTED_OPTIONS = Option.setBuilder().add(Options.SSL_CLIENT_AUTH_MODE).add(Options.SSL_USE_CLIENT_MODE).add(Options.SSL_ENABLE_SESSION_CREATION).add(Options.SSL_ENABLED_CIPHER_SUITES).add(Options.SSL_ENABLED_PROTOCOLS).create();

    /* JADX INFO: Access modifiers changed from: package-private */
    public AbstractAcceptingSslChannel(SSLContext sSLContext, AcceptingChannel<? extends S> acceptingChannel, OptionMap optionMap, Pool<ByteBuffer> pool, Pool<ByteBuffer> pool2, boolean z) {
        this.tcpServer = acceptingChannel;
        this.sslContext = sSLContext;
        this.socketBufferPool = pool;
        this.applicationBufferPool = pool2;
        this.startTls = z;
        this.clientAuthMode = (SslClientAuthMode) optionMap.get(Options.SSL_CLIENT_AUTH_MODE);
        this.useClientMode = optionMap.get(Options.SSL_USE_CLIENT_MODE, false) ? 1 : 0;
        this.enableSessionCreation = optionMap.get(Options.SSL_ENABLE_SESSION_CREATION, true) ? 1 : 0;
        Sequence sequence = (Sequence) optionMap.get(Options.SSL_ENABLED_CIPHER_SUITES);
        this.cipherSuites = sequence != null ? (String[]) sequence.toArray(new String[sequence.size()]) : null;
        Sequence sequence2 = (Sequence) optionMap.get(Options.SSL_ENABLED_PROTOCOLS);
        this.protocols = sequence2 != null ? (String[]) sequence2.toArray(new String[sequence2.size()]) : null;
        this.closeSetter = ChannelListeners.getDelegatingSetter(acceptingChannel.getCloseSetter(), this);
        this.acceptSetter = ChannelListeners.getDelegatingSetter(acceptingChannel.getAcceptSetter(), this);
    }

    @Override // org.xnio.channels.Configurable
    public <T> T setOption(Option<T> option, T t) throws IllegalArgumentException, IOException {
        if (option == Options.SSL_CLIENT_AUTH_MODE) {
            return option.cast(clientAuthModeUpdater.getAndSet(this, Options.SSL_CLIENT_AUTH_MODE.cast(t)));
        }
        if (option == Options.SSL_USE_CLIENT_MODE) {
            Boolean cast = Options.SSL_USE_CLIENT_MODE.cast(t);
            if (cast != null) {
                return option.cast(Boolean.valueOf(useClientModeUpdater.getAndSet(this, cast.booleanValue() ? 1 : 0) != 0));
            }
        } else {
            if (option != Options.SSL_ENABLE_SESSION_CREATION) {
                if (option == Options.SSL_ENABLED_CIPHER_SUITES) {
                    Sequence<String> cast2 = Options.SSL_ENABLED_CIPHER_SUITES.cast(t);
                    return option.cast(cipherSuitesUpdater.getAndSet(this, cast2 == null ? null : (String[]) cast2.toArray(new String[cast2.size()])));
                }
                if (option != Options.SSL_ENABLED_PROTOCOLS) {
                    return (T) this.tcpServer.setOption(option, t);
                }
                Sequence<String> cast3 = Options.SSL_ENABLED_PROTOCOLS.cast(t);
                return option.cast(protocolsUpdater.getAndSet(this, cast3 == null ? null : (String[]) cast3.toArray(new String[cast3.size()])));
            }
            Boolean cast4 = Options.SSL_ENABLE_SESSION_CREATION.cast(t);
            if (cast4 != null) {
                return option.cast(Boolean.valueOf(enableSessionCreationUpdater.getAndSet(this, cast4.booleanValue() ? 1 : 0) != 0));
            }
        }
        throw Messages.msg.nullParameter("value");
    }

    @Override // org.xnio.channels.CloseableChannel
    public XnioWorker getWorker() {
        return this.tcpServer.getWorker();
    }

    @Override // org.xnio.channels.SimpleAcceptingChannel
    public C accept() throws IOException {
        SslClientAuthMode sslClientAuthMode;
        S accept = this.tcpServer.accept();
        if (accept == null) {
            return null;
        }
        InetSocketAddress inetSocketAddress = (InetSocketAddress) accept.getPeerAddress(InetSocketAddress.class);
        SSLEngine createSSLEngine = this.sslContext.createSSLEngine(JsseSslUtils.getHostNameNoResolve(inetSocketAddress), inetSocketAddress.getPort());
        boolean z = this.useClientMode != 0;
        createSSLEngine.setUseClientMode(z);
        if (!z && (sslClientAuthMode = this.clientAuthMode) != null) {
            switch (sslClientAuthMode) {
                case NOT_REQUESTED:
                    createSSLEngine.setNeedClientAuth(false);
                    createSSLEngine.setWantClientAuth(false);
                    break;
                case REQUESTED:
                    createSSLEngine.setWantClientAuth(true);
                    break;
                case REQUIRED:
                    createSSLEngine.setNeedClientAuth(true);
                    break;
                default:
                    throw new IllegalStateException();
            }
        }
        createSSLEngine.setEnableSessionCreation(this.enableSessionCreation != 0);
        String[] strArr = this.cipherSuites;
        if (strArr != null) {
            HashSet hashSet = new HashSet(Arrays.asList(createSSLEngine.getSupportedCipherSuites()));
            ArrayList arrayList = new ArrayList();
            for (String str : strArr) {
                if (hashSet.contains(str)) {
                    arrayList.add(str);
                }
            }
            createSSLEngine.setEnabledCipherSuites((String[]) arrayList.toArray(new String[arrayList.size()]));
        }
        String[] strArr2 = this.protocols;
        if (strArr2 != null) {
            HashSet hashSet2 = new HashSet(Arrays.asList(createSSLEngine.getSupportedProtocols()));
            ArrayList arrayList2 = new ArrayList();
            for (String str2 : strArr2) {
                if (hashSet2.contains(str2)) {
                    arrayList2.add(str2);
                }
            }
            createSSLEngine.setEnabledProtocols((String[]) arrayList2.toArray(new String[arrayList2.size()]));
        }
        return accept(accept, createSSLEngine);
    }

    protected abstract C accept(S s, SSLEngine sSLEngine);

    @Override // org.xnio.channels.AcceptingChannel, org.xnio.channels.BoundChannel
    public ChannelListener.Setter<? extends AcceptingChannel<C>> getCloseSetter() {
        return this.closeSetter;
    }

    @Override // java.nio.channels.Channel
    public boolean isOpen() {
        return this.tcpServer.isOpen();
    }

    @Override // org.xnio.channels.CloseableChannel, java.nio.channels.InterruptibleChannel, java.nio.channels.Channel, java.io.Closeable, java.lang.AutoCloseable
    public void close() throws IOException {
        this.tcpServer.close();
    }

    @Override // org.xnio.channels.Configurable
    public boolean supportsOption(Option<?> option) {
        return SUPPORTED_OPTIONS.contains(option) || this.tcpServer.supportsOption(option);
    }

    @Override // org.xnio.channels.Configurable
    public <T> T getOption(Option<T> option) throws IOException {
        if (option == Options.SSL_CLIENT_AUTH_MODE) {
            return option.cast(this.clientAuthMode);
        }
        if (option == Options.SSL_USE_CLIENT_MODE) {
            return option.cast(Boolean.valueOf(this.useClientMode != 0));
        }
        if (option == Options.SSL_ENABLE_SESSION_CREATION) {
            return option.cast(Boolean.valueOf(this.enableSessionCreation != 0));
        }
        if (option == Options.SSL_ENABLED_CIPHER_SUITES) {
            String[] strArr = this.cipherSuites;
            if (strArr == null) {
                return null;
            }
            return option.cast(Sequence.of((Object[]) strArr));
        }
        if (option != Options.SSL_ENABLED_PROTOCOLS) {
            return (T) this.tcpServer.getOption(option);
        }
        String[] strArr2 = this.protocols;
        if (strArr2 == null) {
            return null;
        }
        return option.cast(Sequence.of((Object[]) strArr2));
    }

    @Override // org.xnio.channels.AcceptingChannel, org.xnio.channels.SimpleAcceptingChannel, org.xnio.channels.SuspendableAcceptChannel
    public ChannelListener.Setter<? extends AcceptingChannel<C>> getAcceptSetter() {
        return this.acceptSetter;
    }

    @Override // org.xnio.channels.BoundChannel
    public SocketAddress getLocalAddress() {
        return this.tcpServer.getLocalAddress();
    }

    @Override // org.xnio.channels.BoundChannel
    public <A extends SocketAddress> A getLocalAddress(Class<A> cls) {
        return (A) this.tcpServer.getLocalAddress(cls);
    }

    @Override // org.xnio.channels.SuspendableAcceptChannel
    public void suspendAccepts() {
        this.tcpServer.suspendAccepts();
    }

    @Override // org.xnio.channels.SuspendableAcceptChannel
    public void resumeAccepts() {
        this.tcpServer.resumeAccepts();
    }

    @Override // org.xnio.channels.SuspendableAcceptChannel
    public boolean isAcceptResumed() {
        return this.tcpServer.isAcceptResumed();
    }

    @Override // org.xnio.channels.SuspendableAcceptChannel
    public void wakeupAccepts() {
        this.tcpServer.wakeupAccepts();
    }

    @Override // org.xnio.channels.SuspendableAcceptChannel
    public void awaitAcceptable() throws IOException {
        this.tcpServer.awaitAcceptable();
    }

    @Override // org.xnio.channels.SuspendableAcceptChannel
    public void awaitAcceptable(long j, TimeUnit timeUnit) throws IOException {
        this.tcpServer.awaitAcceptable(j, timeUnit);
    }

    @Override // org.xnio.channels.SuspendableAcceptChannel
    @Deprecated
    public XnioExecutor getAcceptThread() {
        return this.tcpServer.getAcceptThread();
    }

    @Override // org.xnio.channels.CloseableChannel
    public XnioIoThread getIoThread() {
        return this.tcpServer.getIoThread();
    }
}
