package org.eclipse.jetty.server;

import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.nio.ByteBuffer;
import java.util.Collection;
import java.util.Objects;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSession;
import org.apache.logging.log4j.core.net.ssl.SslConfigurationDefaults;
import org.eclipse.jetty.http.HttpVersion;
import org.eclipse.jetty.io.AbstractConnection;
import org.eclipse.jetty.io.ByteBufferPool;
import org.eclipse.jetty.io.Connection;
import org.eclipse.jetty.io.EndPoint;
import org.eclipse.jetty.io.ssl.SslConnection;
import org.eclipse.jetty.io.ssl.SslHandshakeListener;
import org.eclipse.jetty.server.ConnectionFactory;
import org.eclipse.jetty.util.annotation.Name;
import org.eclipse.jetty.util.component.ContainerLifeCycle;
import org.eclipse.jetty.util.ssl.SslContextFactory;

/* loaded from: input_file:org/eclipse/jetty/server/SslConnectionFactory.class */
public class SslConnectionFactory extends AbstractConnectionFactory implements ConnectionFactory.Detecting, ConnectionFactory.Configuring {
    private static final int TLS_ALERT_FRAME_TYPE = 21;
    private static final int TLS_HANDSHAKE_FRAME_TYPE = 22;
    private static final int TLS_MAJOR_VERSION = 3;
    private final SslContextFactory.Server _sslContextFactory;
    private final String _nextProtocol;
    private boolean _directBuffersForEncryption;
    private boolean _directBuffersForDecryption;
    private boolean _ensureSecureRequestCustomizer;

    public SslConnectionFactory() {
        this(HttpVersion.HTTP_1_1.asString());
    }

    public SslConnectionFactory(@Name("next") String str) {
        this(null, str);
    }

    public SslConnectionFactory(@Name("sslContextFactory") SslContextFactory.Server server, @Name("next") String str) {
        super(SslConfigurationDefaults.PROTOCOL);
        this._directBuffersForEncryption = false;
        this._directBuffersForDecryption = false;
        this._ensureSecureRequestCustomizer = true;
        this._sslContextFactory = server == null ? new SslContextFactory.Server() : server;
        this._nextProtocol = str;
        addBean(this._sslContextFactory);
    }

    public SslContextFactory.Server getSslContextFactory() {
        return this._sslContextFactory;
    }

    public void setDirectBuffersForEncryption(boolean z) {
        this._directBuffersForEncryption = z;
    }

    public void setDirectBuffersForDecryption(boolean z) {
        this._directBuffersForDecryption = z;
    }

    public boolean isDirectBuffersForDecryption() {
        return this._directBuffersForDecryption;
    }

    public boolean isDirectBuffersForEncryption() {
        return this._directBuffersForEncryption;
    }

    public String getNextProtocol() {
        return this._nextProtocol;
    }

    public boolean isEnsureSecureRequestCustomizer() {
        return this._ensureSecureRequestCustomizer;
    }

    public void setEnsureSecureRequestCustomizer(boolean z) {
        this._ensureSecureRequestCustomizer = z;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.eclipse.jetty.util.component.ContainerLifeCycle, org.eclipse.jetty.util.component.AbstractLifeCycle
    public void doStart() throws Exception {
        super.doStart();
        SSLEngine newSSLEngine = this._sslContextFactory.newSSLEngine();
        newSSLEngine.setUseClientMode(false);
        SSLSession session = newSSLEngine.getSession();
        if (session.getPacketBufferSize() > getInputBufferSize()) {
            setInputBufferSize(session.getPacketBufferSize());
        }
    }

    @Override // org.eclipse.jetty.server.ConnectionFactory.Configuring
    public void configure(Connector connector) {
        if (isEnsureSecureRequestCustomizer()) {
            connector.getContainedBeans(HttpConfiguration.class).forEach(httpConfiguration -> {
                if (httpConfiguration.getCustomizer(SecureRequestCustomizer.class) == null) {
                    httpConfiguration.addCustomizer(new SecureRequestCustomizer());
                }
            });
        }
    }

    @Override // org.eclipse.jetty.server.ConnectionFactory.Detecting
    public ConnectionFactory.Detecting.Detection detect(ByteBuffer byteBuffer) {
        if (byteBuffer.remaining() < 2) {
            return ConnectionFactory.Detecting.Detection.NEED_MORE_BYTES;
        }
        int i = byteBuffer.get(0) & 255;
        return (i == 22 || i == 21) && (byteBuffer.get(1) & 255) == 3 ? ConnectionFactory.Detecting.Detection.RECOGNIZED : ConnectionFactory.Detecting.Detection.NOT_RECOGNIZED;
    }

    @Override // org.eclipse.jetty.server.ConnectionFactory
    public Connection newConnection(Connector connector, EndPoint endPoint) {
        SocketAddress remoteSocketAddress = endPoint.getRemoteSocketAddress();
        SSLEngine newSSLEngine = remoteSocketAddress instanceof InetSocketAddress ? this._sslContextFactory.newSSLEngine((InetSocketAddress) remoteSocketAddress) : this._sslContextFactory.newSSLEngine();
        newSSLEngine.setUseClientMode(false);
        SslConnection newSslConnection = newSslConnection(connector, endPoint, newSSLEngine);
        newSslConnection.setRenegotiationAllowed(this._sslContextFactory.isRenegotiationAllowed());
        newSslConnection.setRenegotiationLimit(this._sslContextFactory.getRenegotiationLimit());
        configure(newSslConnection, connector, endPoint);
        ConnectionFactory connectionFactory = connector.getConnectionFactory(this._nextProtocol);
        SslConnection.DecryptedEndPoint decryptedEndPoint = newSslConnection.getDecryptedEndPoint();
        decryptedEndPoint.setConnection(connectionFactory.newConnection(connector, decryptedEndPoint));
        return newSslConnection;
    }

    protected SslConnection newSslConnection(Connector connector, EndPoint endPoint, SSLEngine sSLEngine) {
        ByteBufferPool byteBufferPool = connector.getByteBufferPool();
        return new SslConnection(byteBufferPool.asRetainableByteBufferPool(), byteBufferPool, connector.getExecutor(), endPoint, sSLEngine, isDirectBuffersForEncryption(), isDirectBuffersForDecryption());
    }

    /* JADX WARN: Multi-variable type inference failed */
    @Override // org.eclipse.jetty.server.AbstractConnectionFactory
    protected AbstractConnection configure(AbstractConnection abstractConnection, Connector connector, EndPoint endPoint) {
        if (abstractConnection instanceof SslConnection) {
            SslConnection sslConnection = (SslConnection) abstractConnection;
            if (connector instanceof ContainerLifeCycle) {
                Collection beans = ((ContainerLifeCycle) connector).getBeans(SslHandshakeListener.class);
                Objects.requireNonNull(sslConnection);
                beans.forEach(sslConnection::addHandshakeListener);
            }
            Collection beans2 = getBeans(SslHandshakeListener.class);
            Objects.requireNonNull(sslConnection);
            beans2.forEach(sslConnection::addHandshakeListener);
        }
        return super.configure(abstractConnection, connector, endPoint);
    }

    @Override // org.eclipse.jetty.server.AbstractConnectionFactory, org.eclipse.jetty.util.component.AbstractLifeCycle
    public String toString() {
        return String.format("%s@%x{%s->%s}", getClass().getSimpleName(), Integer.valueOf(hashCode()), getProtocol(), this._nextProtocol);
    }
}
