package info.schnatterer.tomcat;

import java.io.IOException;
import java.nio.file.FileSystems;
import java.nio.file.Path;
import java.nio.file.Paths;
import java.nio.file.StandardWatchEventKinds;
import java.nio.file.WatchEvent;
import java.nio.file.WatchKey;
import java.nio.file.WatchService;
import java.util.Set;
import org.apache.coyote.http11.Http11AprProtocol;
import org.apache.juli.logging.Log;
import org.apache.juli.logging.LogFactory;
import org.apache.tomcat.util.net.SSLHostConfig;
import org.apache.tomcat.util.net.SSLHostConfigCertificate;

/* loaded from: input_file:info/schnatterer/tomcat/ReloadingHttp11AprProtocol.class */
public class ReloadingHttp11AprProtocol extends Http11AprProtocol {
    private final Object lock = new Object();
    private volatile boolean configChanged = false;

    /* loaded from: input_file:info/schnatterer/tomcat/ReloadingHttp11AprProtocol$ReloadSslConfigThread.class */
    class ReloadSslConfigThread extends Thread {
        private final Log log = LogFactory.getLog(ReloadSslConfigThread.class);

        ReloadSslConfigThread() {
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            try {
                this.log.debug("Listening for certificate changes");
                while (!ReloadingHttp11AprProtocol.this.configChanged) {
                    synchronized (ReloadingHttp11AprProtocol.this.lock) {
                        ReloadingHttp11AprProtocol.this.lock.wait();
                    }
                }
                this.log.debug("Received notification of changed certificate. Delaying reload to make sure all cert files are written.");
                Thread.sleep(3000L);
                ReloadingHttp11AprProtocol.this.getEndpoint().reloadSslHostConfigs();
                this.log.info("Reloaded SSL Config");
                ReloadingHttp11AprProtocol.this.configChanged = false;
            } catch (Exception e) {
                this.log.error("Error while waiting for certificate to change. Retrying.", e);
            } finally {
                run();
            }
        }
    }

    /* loaded from: input_file:info/schnatterer/tomcat/ReloadingHttp11AprProtocol$WatchSslConfigException.class */
    static class WatchSslConfigException extends RuntimeException {
        WatchSslConfigException(Exception exc) {
            super(exc);
        }
    }

    /* loaded from: input_file:info/schnatterer/tomcat/ReloadingHttp11AprProtocol$WatchSslConfigThread.class */
    class WatchSslConfigThread extends Thread {
        private final Log log = LogFactory.getLog(WatchSslConfigThread.class);

        WatchSslConfigThread() {
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            SSLHostConfig[] findSslHostConfigs = ReloadingHttp11AprProtocol.this.getEndpoint().findSslHostConfigs();
            if (findSslHostConfigs.length < 1) {
                this.log.error("No SSLHostConfig found. Can't watch for changes");
                return;
            }
            Set certificates = findSslHostConfigs[0].getCertificates();
            if (certificates.isEmpty()) {
                this.log.error("No Certificate found in SSLHostConfig found. Can't watch for changes");
                return;
            }
            String certificateFile = ((SSLHostConfigCertificate) certificates.iterator().next()).getCertificateFile();
            if (certificateFile == null) {
                this.log.error("Certificate file is null.Can't watch for changes");
                return;
            }
            try {
                Path parent = Paths.get(SSLHostConfig.adjustRelativePath(certificateFile), new String[0]).getParent();
                this.log.info("Watching certificate folder for change: " + parent);
                WatchService newWatchService = FileSystems.getDefault().newWatchService();
                parent.register(newWatchService, StandardWatchEventKinds.ENTRY_CREATE, StandardWatchEventKinds.ENTRY_DELETE, StandardWatchEventKinds.ENTRY_MODIFY);
                watchAndReload(newWatchService);
            } catch (IOException e) {
                this.log.error("Error while setting up watch for folder of certificate file: " + certificateFile, e);
                throw new WatchSslConfigException(e);
            }
        }

        private void watchAndReload(WatchService watchService) {
            while (true) {
                try {
                    try {
                        WatchKey take = watchService.take();
                        if (take == null) {
                            return;
                        }
                        for (WatchEvent<?> watchEvent : take.pollEvents()) {
                            this.log.debug(watchEvent.kind() + " - file: " + watchEvent.context());
                        }
                        synchronized (ReloadingHttp11AprProtocol.this.lock) {
                            ReloadingHttp11AprProtocol.this.configChanged = true;
                            ReloadingHttp11AprProtocol.this.lock.notifyAll();
                        }
                        take.reset();
                    } catch (InterruptedException e) {
                        this.log.error("Error while watching certificate folder. Retrying.", e);
                        interrupt();
                        watchAndReload(watchService);
                        return;
                    }
                } finally {
                    watchAndReload(watchService);
                }
            }
        }
    }

    public void init() throws Exception {
        super.init();
        new WatchSslConfigThread().start();
        new ReloadSslConfigThread().start();
    }
}
