package oracle.kv.impl.util.registry.ssl;

import java.io.IOException;
import java.net.ServerSocket;
import java.net.Socket;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.concurrent.BlockingQueue;
import java.util.concurrent.LinkedBlockingQueue;
import java.util.concurrent.RejectedExecutionException;
import java.util.concurrent.ThreadFactory;
import java.util.concurrent.ThreadPoolExecutor;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;
import javax.net.ssl.SSLSocket;
import oracle.kv.impl.security.ssl.SSLControl;
import oracle.kv.impl.util.PortRange;
import oracle.kv.impl.util.registry.ServerSocketFactory;

/* loaded from: input_file:oracle/kv/impl/util/registry/ssl/SSLServerSocketFactory.class */
public class SSLServerSocketFactory extends ServerSocketFactory {
    private static final int HANDSHAKE_THREAD_MAX = 10;
    private static final int HANDSHAKE_QUEUE_MAX = 10;
    private static final long KEEPALIVE_MS = 10000;
    private static final AtomicInteger hsThreadCounter = new AtomicInteger(0);
    private final Map<Integer, ServerSocket> pendingSocketMap;
    private final SSLControl sslControl;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: input_file:oracle/kv/impl/util/registry/ssl/SSLServerSocketFactory$SSLInternalServerSocket.class */
    public class SSLInternalServerSocket extends ServerSocket {
        private final ThreadPoolExecutor handshakeExecutor;
        private final Thread rawAcceptor;
        private final BlockingQueue<AcceptEvent> acceptEvents;
        private final BlockingQueue<Runnable> handshakeExecutionQueue;
        private final int listenPort;

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:oracle/kv/impl/util/registry/ssl/SSLServerSocketFactory$SSLInternalServerSocket$AcceptEvent.class */
        public abstract class AcceptEvent {
            private AcceptEvent() {
            }

            abstract Socket yieldSocket() throws IOException;
        }

        /* loaded from: input_file:oracle/kv/impl/util/registry/ssl/SSLServerSocketFactory$SSLInternalServerSocket$ExceptionEvent.class */
        private class ExceptionEvent extends AcceptEvent {
            private final IOException ioe;

            ExceptionEvent(IOException iOException) {
                super();
                this.ioe = iOException;
            }

            @Override // oracle.kv.impl.util.registry.ssl.SSLServerSocketFactory.SSLInternalServerSocket.AcceptEvent
            Socket yieldSocket() throws IOException {
                throw this.ioe;
            }
        }

        /* loaded from: input_file:oracle/kv/impl/util/registry/ssl/SSLServerSocketFactory$SSLInternalServerSocket$HandshakeThreadFactory.class */
        private class HandshakeThreadFactory implements ThreadFactory {
            private HandshakeThreadFactory() {
            }

            @Override // java.util.concurrent.ThreadFactory
            public Thread newThread(Runnable runnable) {
                Thread thread = new Thread(runnable, "SSLHandshake-" + SSLInternalServerSocket.this.listenPort + "-" + SSLServerSocketFactory.hsThreadCounter.getAndIncrement());
                thread.setDaemon(true);
                return thread;
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:oracle/kv/impl/util/registry/ssl/SSLServerSocketFactory$SSLInternalServerSocket$RawAcceptor.class */
        public final class RawAcceptor implements Runnable {

            /* loaded from: input_file:oracle/kv/impl/util/registry/ssl/SSLServerSocketFactory$SSLInternalServerSocket$RawAcceptor$HandshakeAndVerify.class */
            private final class HandshakeAndVerify implements Runnable {
                private SSLSocket sslSocket;

                private HandshakeAndVerify(SSLSocket sSLSocket) {
                    this.sslSocket = sSLSocket;
                }

                @Override // java.lang.Runnable
                public void run() {
                    if (SSLInternalServerSocket.this.authenticateNewSocket(this.sslSocket)) {
                        SSLInternalServerSocket.this.queueAcceptedSocket(this.sslSocket);
                    }
                }
            }

            private RawAcceptor() {
            }

            @Override // java.lang.Runnable
            public void run() {
                while (true) {
                    try {
                        SSLSocket acceptSocket = SSLInternalServerSocket.this.acceptSocket();
                        if (acceptSocket != null) {
                            if (SSLServerSocketFactory.this.sslControl.peerAuthenticator() != null) {
                                try {
                                    SSLInternalServerSocket.this.handshakeExecutor.execute(new HandshakeAndVerify(acceptSocket));
                                } catch (RejectedExecutionException e) {
                                    if (SSLServerSocketFactory.this.connectionLogger != null) {
                                        SSLServerSocketFactory.this.connectionLogger.info("Unable to queue socket for verification - interrupted.");
                                    }
                                    SSLInternalServerSocket.this.forceCloseSocket(acceptSocket);
                                }
                            } else {
                                SSLInternalServerSocket.this.queueAcceptedSocket(acceptSocket);
                            }
                        }
                    } catch (IOException e2) {
                        try {
                            SSLInternalServerSocket.this.acceptEvents.put(new ExceptionEvent(e2));
                        } catch (InterruptedException e3) {
                            if (SSLServerSocketFactory.this.connectionLogger != null) {
                                SSLServerSocketFactory.this.connectionLogger.info("Unable to queue ExecptionEvent while terminating");
                            }
                        }
                        SSLInternalServerSocket.this.handshakeExecutor.shutdown();
                        if (SSLServerSocketFactory.this.connectionLogger != null) {
                            SSLServerSocketFactory.this.connectionLogger.info("Queued shutdown event for port " + SSLInternalServerSocket.this.listenPort);
                            return;
                        }
                        return;
                    }
                }
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        /* loaded from: input_file:oracle/kv/impl/util/registry/ssl/SSLServerSocketFactory$SSLInternalServerSocket$SocketEvent.class */
        public class SocketEvent extends AcceptEvent {
            private final Socket socket;

            SocketEvent(Socket socket) {
                super();
                this.socket = socket;
            }

            @Override // oracle.kv.impl.util.registry.ssl.SSLServerSocketFactory.SSLInternalServerSocket.AcceptEvent
            Socket yieldSocket() throws IOException {
                return this.socket;
            }
        }

        SSLInternalServerSocket(SSLServerSocketFactory sSLServerSocketFactory, int i) throws IOException {
            this(i, 0);
        }

        SSLInternalServerSocket(int i, int i2) throws IOException {
            super(i, i2);
            this.listenPort = getLocalPort();
            if (!SSLServerSocketFactory.this.doBackgroundAccept()) {
                this.handshakeExecutionQueue = null;
                this.handshakeExecutor = null;
                this.acceptEvents = null;
                this.rawAcceptor = null;
                return;
            }
            this.handshakeExecutionQueue = new LinkedBlockingQueue(10);
            this.handshakeExecutor = new ThreadPoolExecutor(1, 10, SSLServerSocketFactory.KEEPALIVE_MS, TimeUnit.MILLISECONDS, this.handshakeExecutionQueue, new HandshakeThreadFactory());
            this.acceptEvents = new LinkedBlockingQueue();
            this.rawAcceptor = new Thread(new RawAcceptor(), "SSLAccept-" + this.listenPort);
            this.rawAcceptor.setDaemon(true);
            this.rawAcceptor.start();
        }

        @Override // java.net.ServerSocket
        public Socket accept() throws IOException {
            SSLSocket acceptSocket;
            if (this.acceptEvents != null) {
                while (true) {
                    try {
                        return this.acceptEvents.take().yieldSocket();
                    } catch (InterruptedException e) {
                        if (SSLServerSocketFactory.this.connectionLogger != null) {
                            SSLServerSocketFactory.this.connectionLogger.info("Interrupted while waiting for acceptEvent");
                        }
                    }
                }
            }
            do {
                acceptSocket = acceptSocket();
            } while (!authenticateNewSocket(acceptSocket));
            return acceptSocket;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public boolean authenticateNewSocket(SSLSocket sSLSocket) {
            if (SSLServerSocketFactory.this.sslControl.peerAuthenticator() == null) {
                return true;
            }
            try {
                sSLSocket.startHandshake();
                if (SSLServerSocketFactory.this.sslControl.peerAuthenticator().isTrusted(sSLSocket.getSession())) {
                    return true;
                }
                if (SSLServerSocketFactory.this.connectionLogger != null) {
                    SSLServerSocketFactory.this.connectionLogger.info("Rejecting client connection");
                }
                forceCloseSocket(sSLSocket);
                return false;
            } catch (IOException e) {
                if (SSLServerSocketFactory.this.connectionLogger != null) {
                    SSLServerSocketFactory.this.connectionLogger.info("error while handshaking: " + e);
                }
                forceCloseSocket(sSLSocket);
                return false;
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public SSLSocket acceptSocket() throws IOException {
            Socket accept = super.accept();
            SSLSocket sSLSocket = (SSLSocket) SSLServerSocketFactory.this.sslControl.sslContext().getSocketFactory().createSocket(accept, accept.getInetAddress().toString(), accept.getPort(), true);
            sSLSocket.setUseClientMode(false);
            SSLServerSocketFactory.this.sslControl.applySSLParameters(sSLSocket);
            return sSLSocket;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void forceCloseSocket(Socket socket) {
            try {
                socket.close();
            } catch (IOException e) {
                if (SSLServerSocketFactory.this.connectionLogger != null) {
                    SSLServerSocketFactory.this.connectionLogger.info("Exception closing socket: " + e);
                }
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void queueAcceptedSocket(SSLSocket sSLSocket) {
            try {
                this.acceptEvents.put(new SocketEvent(sSLSocket));
            } catch (InterruptedException e) {
                if (SSLServerSocketFactory.this.connectionLogger != null) {
                    SSLServerSocketFactory.this.connectionLogger.info("Interrupted while queueing new socket - discarding:" + e);
                }
                forceCloseSocket(sSLSocket);
            }
        }
    }

    public SSLServerSocketFactory(SSLControl sSLControl, String str, int i, int i2, int i3) {
        super(str, i, i2, i3);
        if (sSLControl == null) {
            throw new IllegalArgumentException("sslControl may not be null");
        }
        this.sslControl = sSLControl;
        this.pendingSocketMap = new HashMap();
    }

    public String toString() {
        return "<SSLServerSocketFactory name=" + this.name + " backlog=" + this.backlog + " port range=" + this.startPort + "," + this.endPort + " ssl control = " + this.sslControl + ">";
    }

    @Override // oracle.kv.impl.util.registry.ServerSocketFactory
    public int hashCode() {
        return (31 * super.hashCode()) + this.sslControl.hashCode();
    }

    @Override // oracle.kv.impl.util.registry.ServerSocketFactory
    public boolean equals(Object obj) {
        if (this == obj) {
            return true;
        }
        return super.equals(obj) && (obj instanceof SSLServerSocketFactory) && this.sslControl.equals(((SSLServerSocketFactory) obj).sslControl);
    }

    public ServerSocket createServerSocket(int i) throws IOException {
        ServerSocket retrievePendingSocket;
        return (i == 0 || (retrievePendingSocket = retrievePendingSocket(i)) == null) ? commonCreateServerSocket(i) : retrievePendingSocket;
    }

    @Override // oracle.kv.impl.util.registry.ServerSocketFactory
    public synchronized ServerSocket prepareServerSocket() throws IOException {
        if (!doBackgroundAccept()) {
            return null;
        }
        ServerSocket createServerSocket = createServerSocket(0);
        this.pendingSocketMap.put(Integer.valueOf(createServerSocket.getLocalPort()), createServerSocket);
        return createServerSocket;
    }

    @Override // oracle.kv.impl.util.registry.ServerSocketFactory
    public synchronized void discardServerSocket(ServerSocket serverSocket) {
        for (Map.Entry<Integer, ServerSocket> entry : this.pendingSocketMap.entrySet()) {
            if (entry.getValue() == serverSocket) {
                this.pendingSocketMap.remove(entry.getKey());
                break;
            }
        }
        try {
            serverSocket.close();
        } catch (IOException e) {
        }
    }

    public static SSLServerSocketFactory create(SSLControl sSLControl, String str, int i, String str2) {
        if (str2 == null || PortRange.isUnconstrained(str2)) {
            return new SSLServerSocketFactory(sSLControl, str, i, 0, 0);
        }
        List range = PortRange.getRange(str2);
        return new SSLServerSocketFactory(sSLControl, str, i, ((Integer) range.get(0)).intValue(), ((Integer) range.get(1)).intValue());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean doBackgroundAccept() {
        return this.sslControl.peerAuthenticator() != null;
    }

    private synchronized ServerSocket retrievePendingSocket(int i) {
        return this.pendingSocketMap.remove(Integer.valueOf(i));
    }

    @Override // oracle.kv.impl.util.registry.ServerSocketFactory
    protected ServerSocket instantiateServerSocket(int i) throws IOException {
        return new SSLInternalServerSocket(this, i);
    }

    @Override // oracle.kv.impl.util.registry.ServerSocketFactory
    protected ServerSocket instantiateServerSocket(int i, int i2) throws IOException {
        return new SSLInternalServerSocket(i, i2);
    }
}
