package weblogic.rjvm.t3;

import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket;
import weblogic.kernel.KernelStatus;
import weblogic.protocol.ServerChannel;
import weblogic.protocol.configuration.ChannelHelper;
import weblogic.rjvm.JVMID;
import weblogic.rjvm.RJVMLogger;
import weblogic.security.SSL.CertCallback;
import weblogic.security.SSL.ClientCertificatePlugin;
import weblogic.security.SSL.SSLClientInfo;
import weblogic.security.utils.SSLCertUtility;
import weblogic.server.channels.ChannelService;
import weblogic.socket.ChannelSSLSocketFactory;
import weblogic.socket.SSLFilter;
import weblogic.socket.SocketMuxer;
import weblogic.utils.io.Chunk;

/* loaded from: input_file:weblogic/rjvm/t3/MuxableSocketT3S.class */
public final class MuxableSocketT3S extends MuxableSocketT3 {
    private static final long serialVersionUID = -1499853227078510946L;
    private static String clientCertPlugin;

    public MuxableSocketT3S(Chunk chunk, Socket socket, ServerChannel serverChannel) throws IOException {
        super(chunk, socket, serverChannel);
        if (ChannelHelper.isAdminChannel(serverChannel)) {
            this.connection.setAdminQOS();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static MuxableSocketT3S createMuxableSocket(InetAddress inetAddress, int i, ServerChannel serverChannel, JVMID jvmid, int i2, String str) throws IOException {
        ServerChannel preferredOutboundChannel = getPreferredOutboundChannel(new InetSocketAddress(inetAddress.getHostAddress(), i), serverChannel);
        MuxableSocketT3S muxableSocketT3S = new MuxableSocketT3S(jvmid, preferredOutboundChannel, str);
        Socket newSocketWithRetry = muxableSocketT3S.newSocketWithRetry(inetAddress, i, i2 > 0 ? i2 : preferredOutboundChannel.getConnectTimeout() * 1000);
        if (preferredOutboundChannel == serverChannel) {
            ServerChannel findPreferredChannelFromSocket = ChannelService.findPreferredChannelFromSocket(newSocketWithRetry, preferredOutboundChannel.getProtocol(), preferredOutboundChannel);
            if (!findPreferredChannelFromSocket.equals(preferredOutboundChannel)) {
                muxableSocketT3S = new MuxableSocketT3S(jvmid, findPreferredChannelFromSocket, str);
            }
        }
        try {
            muxableSocketT3S.connectSocket(newSocketWithRetry, i2);
            return muxableSocketT3S;
        } catch (SSLException e) {
            Socket socket = muxableSocketT3S.getSocket();
            if (socket != null && !socket.isClosed()) {
                try {
                    socket.close();
                } catch (IOException e2) {
                }
            }
            throw e;
        }
    }

    private void initializeClientCertPlugin(JVMID jvmid, ServerChannel serverChannel) throws IOException {
        SSLClientInfo clientCertificate;
        if (clientCertPlugin == null || (clientCertificate = getClientCertificate(jvmid, serverChannel)) == null) {
            return;
        }
        ((ChannelSSLSocketFactory) this.socketFactory).setSSLClientInfo(clientCertificate);
    }

    private MuxableSocketT3S(JVMID jvmid, ServerChannel serverChannel, String str) throws IOException {
        super(serverChannel, str);
        if (ChannelHelper.isAdminChannel(serverChannel)) {
            this.connection.setAdminQOS();
        }
        initializeClientCertPlugin(jvmid, serverChannel);
    }

    static SSLClientInfo getClientCertificate(JVMID jvmid, ServerChannel serverChannel) {
        try {
            ClientCertificatePlugin clientCertificatePlugin = (ClientCertificatePlugin) Class.forName(clientCertPlugin).newInstance();
            CertCallback certCallback = new CertCallback(SocketMuxer.getMuxer().isAsyncMuxer(), serverChannel.getAddress(), serverChannel.getPort(), jvmid.getPublicAddress(), jvmid.getPublicPort());
            clientCertificatePlugin.loadClientCertificate(certCallback, jvmid.getDomainName(), jvmid.getServerName());
            return certCallback.getSSLClientInfo();
        } catch (Throwable th) {
            RJVMLogger.logFailedGetClientCertificate(th);
            return null;
        }
    }

    @Override // weblogic.rjvm.t3.MuxableSocketT3
    public X509Certificate[] getJavaCertChain() {
        try {
            return SSLCertUtility.getPeerCertChain((SSLSocket) getSocket());
        } catch (Exception e) {
            return null;
        }
    }

    public void ensureForceClose() {
        ((SSLFilter) getSocketFilter()).ensureForceClose();
    }

    static {
        if (KernelStatus.isServer()) {
            clientCertPlugin = System.getProperty("weblogic.security.SSL.ClientCertPlugin");
        }
    }
}
