package weblogic.nodemanager.server;

import java.io.IOException;
import java.net.Socket;
import java.nio.channels.Channel;
import java.security.AccessController;
import java.security.PrivilegedActionException;
import java.security.PrivilegedExceptionAction;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import weblogic.nodemanager.NodeManagerTextTextFormatter;
import weblogic.nodemanager.util.SSLProtocolsUtil;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:weblogic/nodemanager/server/SSLListener.class */
public class SSLListener extends Listener {
    SSLContext sslContext;
    SSLContextConfigurator sslContextConfigurator;
    SSLConfig sslConfig;
    SSLSocketFactory cltFactory;
    private static final NodeManagerTextTextFormatter nmText = NodeManagerTextTextFormatter.getInstance();
    public static final Logger nmLog = Logger.getLogger("weblogic.nodemanager");

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLListener(NMServer nMServer, Channel channel) throws IOException {
        super(nMServer, channel);
    }

    @Override // weblogic.nodemanager.server.Listener
    public void init() throws IOException {
        this.sslConfig = this.server.getSSLConfig();
        this.sslContextConfigurator = new SSLContextConfigurator(this.sslConfig);
        try {
            AccessController.doPrivileged(new PrivilegedExceptionAction<Object>() { // from class: weblogic.nodemanager.server.SSLListener.1
                @Override // java.security.PrivilegedExceptionAction
                public Object run() throws IOException {
                    SSLListener.this.privilegedInit();
                    return null;
                }
            });
        } catch (PrivilegedActionException e) {
            Exception exception = e.getException();
            if (!(exception instanceof IOException)) {
                throw new RuntimeException("Unexpected exception.", exception);
            }
            throw ((IOException) exception);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void privilegedInit() throws IOException {
        try {
            this.sslContext = this.sslContextConfigurator.createSSLContext();
            SSLServerSocketFactory serverSocketFactory = this.sslContext.getServerSocketFactory();
            if (this.inheritedChannel != null) {
                this.cltFactory = this.sslContext.getSocketFactory();
                return;
            }
            SSLServerSocket sSLServerSocket = this.host != null ? (SSLServerSocket) serverSocketFactory.createServerSocket(this.port, this.backlog, this.host) : (SSLServerSocket) serverSocketFactory.createServerSocket(this.port, this.backlog);
            String[] cipherSuites = this.sslConfig.getCipherSuites();
            if (cipherSuites != null && cipherSuites.length > 0) {
                try {
                    sSLServerSocket.setEnabledCipherSuites(cipherSuites);
                } catch (IllegalArgumentException e) {
                    throw new IOException(e);
                }
            }
            sSLServerSocket.setNeedClientAuth(false);
            sSLServerSocket.setEnabledProtocols(SSLProtocolsUtil.getJSSEProtocolVersions(SSLProtocolsUtil.getMinProtocolVersion(), sSLServerSocket.getSupportedProtocols(), nmLog));
            this.serverSocket = sSLServerSocket;
        } catch (Exception e2) {
            throw ((IOException) new IOException("Could not initialize context").initCause(e2));
        }
    }

    @Override // weblogic.nodemanager.server.Listener
    public void run() throws IOException {
        nmLog.info(this.host != null ? nmText.getSecureSocketListenerHost(Integer.toString(this.port), this.host.toString()) : nmText.getSecureSocketListener(Integer.toString(this.port)));
        while (true) {
            try {
                final Socket accept = this.serverSocket.accept();
                if (accept == null) {
                    nmLog.log(Level.ALL, "ServerSocket: " + this.serverSocket + " returned null from accept!");
                } else {
                    nmLog.log(Level.ALL, "Accepted connection from " + accept.getLocalAddress() + ":" + accept.getLocalPort());
                    ((SSLSocket) accept).addHandshakeCompletedListener(new HandshakeCompletedListener() { // from class: weblogic.nodemanager.server.SSLListener.2
                        @Override // javax.net.ssl.HandshakeCompletedListener
                        public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
                            SSLProtocolsUtil.configureClientInitSecureRenegotiation(handshakeCompletedEvent, SSLListener.nmLog);
                        }
                    });
                    if (this.inheritedChannel != null) {
                        SSLSocket sSLSocket = null;
                        try {
                            sSLSocket = (SSLSocket) AccessController.doPrivileged(new PrivilegedExceptionAction<SSLSocket>() { // from class: weblogic.nodemanager.server.SSLListener.3
                                /* JADX WARN: Can't rename method to resolve collision */
                                @Override // java.security.PrivilegedExceptionAction
                                public SSLSocket run() throws IOException {
                                    SSLSocket sSLSocket2 = (SSLSocket) SSLListener.this.cltFactory.createSocket(accept, accept.getInetAddress().getHostName(), accept.getLocalPort(), true);
                                    SSLListener.nmLog.info(SSLListener.nmText.upgradeToSecure());
                                    String[] cipherSuites = SSLListener.this.sslConfig.getCipherSuites();
                                    if (cipherSuites != null && cipherSuites.length > 0) {
                                        try {
                                            sSLSocket2.setEnabledCipherSuites(cipherSuites);
                                        } catch (IllegalArgumentException e) {
                                            throw new IOException(e);
                                        }
                                    }
                                    sSLSocket2.setUseClientMode(false);
                                    sSLSocket2.setNeedClientAuth(false);
                                    sSLSocket2.startHandshake();
                                    return sSLSocket2;
                                }
                            });
                            accept = sSLSocket;
                        } catch (PrivilegedActionException e) {
                            Exception exception = e.getException();
                            if (!(exception instanceof SSLException)) {
                                if (!(exception instanceof IOException)) {
                                    throw new RuntimeException("Unexpected exception.", exception);
                                }
                                throw ((IOException) exception);
                            }
                            if (sSLSocket != null && !sSLSocket.isClosed()) {
                                try {
                                    sSLSocket.close();
                                } catch (IOException e2) {
                                }
                            }
                            throw ((SSLException) exception);
                        }
                    }
                    new Thread(new Handler(this.server, accept)).start();
                }
            } catch (IOException e3) {
                nmLog.warning(nmText.getFailedSecureConnection(Integer.toString(this.port), this.host.toString()) + "" + e3);
            }
        }
    }
}
