package org.opendaylight.openflowjava.protocol.impl.core;

import io.netty.buffer.ByteBuf;
import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.ChannelPipeline;
import io.netty.handler.codec.ByteToMessageDecoder;
import io.netty.handler.ssl.SslHandler;
import java.util.List;
import javax.net.ssl.SSLEngine;
import org.opendaylight.openflowjava.protocol.impl.connection.ConnectionFacade;
import org.opendaylight.openflowjava.protocol.impl.core.TcpHandler;
import org.opendaylight.openflowjava.protocol.impl.util.ByteBufUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/opendaylight/openflowjava/protocol/impl/core/TlsDetector.class */
public class TlsDetector extends ByteToMessageDecoder {
    private boolean detectSsl;
    private static final Logger LOGGER = LoggerFactory.getLogger(TlsDetector.class);
    private ConnectionFacade connectionFacade;

    public TlsDetector() {
        LOGGER.trace("Creating TLS Detector");
        this.detectSsl = true;
    }

    public void exceptionCaught(ChannelHandlerContext channelHandlerContext, Throwable th) {
        LOGGER.warn("Unexpected exception from downstream.", th);
        channelHandlerContext.close();
    }

    private boolean isSsl(ByteBuf byteBuf) {
        if (!this.detectSsl) {
            return false;
        }
        LOGGER.trace("Testing connection for TLS");
        return SslHandler.isEncrypted(byteBuf);
    }

    private static void enableSsl(ChannelHandlerContext channelHandlerContext) {
        if (channelHandlerContext.pipeline().get(TcpHandler.COMPONENT_NAMES.SSL_HANDLER.name()) == null) {
            LOGGER.trace("Engaging TLS handler");
            ChannelPipeline pipeline = channelHandlerContext.channel().pipeline();
            SSLEngine createSSLEngine = SslContextFactory.getServerContext().createSSLEngine();
            createSSLEngine.setUseClientMode(false);
            pipeline.addAfter(TcpHandler.COMPONENT_NAMES.TLS_DETECTOR.name(), TcpHandler.COMPONENT_NAMES.SSL_HANDLER.name(), new SslHandler(createSSLEngine));
        }
    }

    protected void decode(ChannelHandlerContext channelHandlerContext, ByteBuf byteBuf, List<Object> list) throws Exception {
        if (byteBuf.readableBytes() < 5) {
            return;
        }
        if (LOGGER.isDebugEnabled()) {
            LOGGER.debug(ByteBufUtils.byteBufToHexString(byteBuf));
        }
        if (isSsl(byteBuf)) {
            LOGGER.debug("Connection is encrypted");
            enableSsl(channelHandlerContext);
        } else {
            LOGGER.debug("Connection is not encrypted");
        }
        if (this.connectionFacade != null) {
            LOGGER.trace("Firing onConnectionReady notification");
            this.connectionFacade.fireConnectionReadyNotification();
        }
        channelHandlerContext.pipeline().remove(TcpHandler.COMPONENT_NAMES.TLS_DETECTOR.name());
    }

    public void setConnectionFacade(ConnectionFacade connectionFacade) {
        this.connectionFacade = connectionFacade;
    }
}
