package pt.com.broker.core;

import io.netty.bootstrap.ServerBootstrap;
import io.netty.buffer.ByteBufAllocator;
import io.netty.channel.ChannelFuture;
import io.netty.channel.ChannelFutureListener;
import io.netty.channel.ChannelOption;
import io.netty.channel.ChannelPipeline;
import io.netty.channel.socket.SocketChannel;
import io.netty.handler.ssl.SslHandler;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.concurrent.ThreadFactory;
import javax.net.ssl.SSLEngine;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import pt.com.broker.codec.BrokerDecoderRouter;
import pt.com.broker.codec.BrokerEncoderRouter;
import pt.com.broker.core.BrokerServer;
import pt.com.broker.net.BrokerSslPipelineFactory;
import pt.com.gcs.conf.GcsInfo;

/* loaded from: input_file:pt/com/broker/core/BrokerSSLServer.class */
public class BrokerSSLServer extends BrokerServer {
    private static Logger log = LoggerFactory.getLogger(BrokerSSLServer.class);
    private static BrokerSslPipelineFactory sslPipelineFactory = new BrokerSslPipelineFactory();

    public BrokerSSLServer(ThreadFactory threadFactory, ThreadFactory threadFactory2, int i, ByteBufAllocator byteBufAllocator) {
        super(threadFactory, threadFactory2, i, 0, byteBufAllocator);
    }

    @Override // pt.com.broker.core.BrokerServer
    public void start() {
        try {
            startSSLBrokerServer().addListener(new ChannelFutureListener() { // from class: pt.com.broker.core.BrokerSSLServer.1
                public void operationComplete(ChannelFuture channelFuture) throws Exception {
                    if (channelFuture.isSuccess()) {
                        BrokerSSLServer.log.info("SAPO-SSL-BROKER  Listening on: '{}'.", channelFuture.channel().localAddress());
                    }
                }
            });
        } catch (Throwable th) {
            log.error("SAPO-SSL-BROKER failed to start. Reason: '{}'. The SSL endoint is not available", th.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final SSLEngine getSSLEngine() throws Exception {
        SSLEngine createSSLEngine = sslPipelineFactory.getSSLContext().createSSLEngine();
        String sslProtocolWhiteList = GcsInfo.getSslProtocolWhiteList();
        if (sslProtocolWhiteList != null) {
            String[] supportedProtocols = createSSLEngine.getSupportedProtocols();
            String[] split = sslProtocolWhiteList.replaceAll("\\s*,\\s*", ",").split(",");
            ArrayList arrayList = new ArrayList();
            for (String str : split) {
                if (Arrays.binarySearch(supportedProtocols, str) > 0) {
                    arrayList.add(str);
                } else {
                    log.warn("Invalid SSL protocol configuration found: {}", str);
                }
            }
            if (arrayList.size() > 0) {
                createSSLEngine.setEnabledProtocols((String[]) arrayList.toArray(new String[arrayList.size()]));
            }
        }
        String sslCipherSuiteWhitelist = GcsInfo.getSslCipherSuiteWhitelist();
        if (sslCipherSuiteWhitelist != null) {
            String[] supportedCipherSuites = createSSLEngine.getSupportedCipherSuites();
            String[] split2 = sslCipherSuiteWhitelist.replaceAll("\\s*,\\s*", ",").split(",");
            ArrayList arrayList2 = new ArrayList();
            for (String str2 : split2) {
                if (Arrays.binarySearch(supportedCipherSuites, str2) > 0) {
                    arrayList2.add(str2);
                } else {
                    log.warn("Invalid SSL ciphersuite configuration found: {}", str2);
                }
            }
            if (arrayList2.size() > 0) {
                createSSLEngine.setEnabledCipherSuites((String[]) arrayList2.toArray(new String[arrayList2.size()]));
            }
        }
        createSSLEngine.setUseClientMode(false);
        log.debug("SSLEngine enabled protocols: {}", Arrays.toString(createSSLEngine.getEnabledProtocols()));
        log.debug("SSLEngine supported protocols: {}", Arrays.toString(createSSLEngine.getSupportedProtocols()));
        log.debug("SSLEngine supported ciphersuites: {}", Arrays.toString(createSSLEngine.getSupportedCipherSuites()));
        return createSSLEngine;
    }

    protected ChannelFuture startSSLBrokerServer() {
        ServerBootstrap createBootstrap = createBootstrap();
        createBootstrap.childHandler(new BrokerServer.ChannelInitializer<SocketChannel>() { // from class: pt.com.broker.core.BrokerSSLServer.2
            /* JADX INFO: Access modifiers changed from: protected */
            @Override // pt.com.broker.core.BrokerServer.ChannelInitializer
            public void initChannel(SocketChannel socketChannel) throws Exception {
                ChannelPipeline pipeline = socketChannel.pipeline();
                pipeline.addLast("ssl", new SslHandler(BrokerSSLServer.this.getSSLEngine()));
                pipeline.addLast("broker-encoder", new BrokerEncoderRouter());
                pipeline.addLast("broker-decoder", new BrokerDecoderRouter(GcsInfo.getMessageMaxSize()));
                super.initChannel((AnonymousClass2) socketChannel);
            }
        });
        return createBootstrap.bind(this.socketAddress);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // pt.com.broker.core.BrokerServer
    public ServerBootstrap createBootstrap() {
        ServerBootstrap createBootstrap = super.createBootstrap();
        createBootstrap.childOption(ChannelOption.TCP_NODELAY, true);
        return createBootstrap;
    }
}
