package weblogic.iiop;

import java.io.IOException;
import java.net.Socket;
import java.security.AccessController;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSocket;
import javax.security.auth.login.LoginException;
import weblogic.kernel.Kernel;
import weblogic.protocol.ServerChannel;
import weblogic.security.acl.UserInfo;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.acl.internal.AuthenticatedUser;
import weblogic.security.service.PrivilegedActions;
import weblogic.security.utils.SSLCertUtility;
import weblogic.security.utils.SSLIOContextTable;
import weblogic.socket.JSSESocket;
import weblogic.socket.SSLFilter;
import weblogic.socket.utils.JSSEUtils;
import weblogic.utils.io.Chunk;

/* loaded from: input_file:weblogic/iiop/MuxableSocketIIOPS.class */
final class MuxableSocketIIOPS extends MuxableSocketIIOP {
    private static final AuthenticatedSubject kernelId = (AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction());
    private static AuthenticatedSubject defaultSubject = null;

    /* JADX INFO: Access modifiers changed from: package-private */
    public MuxableSocketIIOPS(Chunk chunk, Socket socket, ServerChannel serverChannel) throws IOException {
        super(chunk, socket, serverChannel);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public MuxableSocketIIOPS(ServerChannel serverChannel) {
        super(serverChannel);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void registerClientSocket(Socket socket) throws IOException {
        connectAction.register(this, socket, true);
    }

    public void register(Socket socket, boolean z) throws IOException {
        if (z) {
            SSLSocket sSLSocket = (SSLSocket) socket;
            JSSESocket jSSESocket = JSSEUtils.getJSSESocket(sSLSocket);
            if (jSSESocket != null) {
                JSSEUtils.registerJSSEFilter(jSSESocket, this);
                JSSEUtils.activate(jSSESocket, this);
                return;
            }
            SSLFilter sSLFilter = (SSLFilter) SSLIOContextTable.findContext(sSLSocket).getFilter();
            setSocketFilter(sSLFilter);
            try {
                sSLSocket.startHandshake();
                sSLFilter.setDelegate(this);
                sSLFilter.activate();
            } catch (SSLException e) {
                if (!sSLSocket.isClosed()) {
                    try {
                        sSLSocket.close();
                    } catch (IOException e2) {
                    }
                }
                throw e;
            }
        }
    }

    public byte getQOS() {
        return (byte) 102;
    }

    @Override // weblogic.iiop.MuxableSocketIIOP
    public void authenticate(UserInfo userInfo) {
        if (userInfo == null || (userInfo instanceof AuthenticatedUser) || !authenticate()) {
            super.authenticate(userInfo);
        }
    }

    @Override // weblogic.iiop.MuxableSocketIIOP
    public AuthenticatedSubject getUser() {
        if (getSubject() == null && Kernel.isServer()) {
            authenticate();
        }
        return getSubject() != null ? getSubject() : getDefaultSubject();
    }

    private boolean authenticate() {
        X509Certificate[] x509CertificateArr = null;
        try {
            x509CertificateArr = SSLCertUtility.getPeerCertChain((SSLSocket) getSocket());
        } catch (Exception e) {
        }
        if (x509CertificateArr == null) {
            return false;
        }
        try {
            AuthenticatedSubject assertIdentity = MuxableSocketIIOP.getPrincipalAuthenticator(kernelId).assertIdentity("X.509", x509CertificateArr, this);
            if (assertIdentity == null) {
                return false;
            }
            setSubject(assertIdentity);
            return true;
        } catch (LoginException e2) {
            return false;
        }
    }

    private static AuthenticatedSubject getDefaultSubject() {
        if (defaultSubject != null) {
            return defaultSubject;
        }
        synchronized (Connection.class) {
            if (defaultSubject == null) {
                defaultSubject = IiopConfigurationFacade.getSecureConnectionDefaultSubject(kernelId);
            }
        }
        return defaultSubject;
    }

    @Override // weblogic.iiop.MuxableSocketIIOP
    protected final boolean isSecure() {
        return true;
    }
}
