package org.wildfly.extension.undertow;

import io.undertow.UndertowOptions;
import io.undertow.connector.ByteBufferPool;
import io.undertow.protocols.ssl.UndertowXnioSsl;
import io.undertow.server.ListenerRegistry;
import io.undertow.server.OpenListener;
import io.undertow.server.protocol.http.AlpnOpenListener;
import io.undertow.server.protocol.http.HttpOpenListener;
import io.undertow.server.protocol.http2.Http2OpenListener;
import java.io.IOException;
import java.net.InetSocketAddress;
import java.util.function.Consumer;
import java.util.function.Supplier;
import javax.net.ssl.SSLContext;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.network.NetworkUtils;
import org.wildfly.extension.undertow.logging.UndertowLogger;
import org.wildfly.security.ssl.CipherSuiteSelector;
import org.xnio.ChannelListener;
import org.xnio.IoUtils;
import org.xnio.OptionMap;
import org.xnio.Options;
import org.xnio.StreamConnection;
import org.xnio.XnioWorker;
import org.xnio.channels.AcceptingChannel;
import org.xnio.ssl.SslConnection;

/* loaded from: input_file:org/wildfly/extension/undertow/HttpsListenerService.class */
public class HttpsListenerService extends HttpListenerService {
    private Supplier<SSLContext> sslContextSupplier;
    private volatile AcceptingChannel<SslConnection> sslServer;
    static final String PROTOCOL = "https";
    private final String cipherSuites;
    private final boolean proxyProtocol;

    public HttpsListenerService(Consumer<ListenerService> consumer, PathAddress pathAddress, String str, OptionMap optionMap, String str2, OptionMap optionMap2, boolean z) {
        this(consumer, pathAddress, str, optionMap, str2, optionMap2, false, false, z);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public HttpsListenerService(Consumer<ListenerService> consumer, PathAddress pathAddress, String str, OptionMap optionMap, String str2, OptionMap optionMap2, boolean z, boolean z2, boolean z3) {
        super(consumer, pathAddress, str, optionMap, optionMap2, z, z2, z3);
        this.cipherSuites = str2;
        this.proxyProtocol = z3;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void setSSLContextSupplier(Supplier<SSLContext> supplier) {
        this.sslContextSupplier = supplier;
    }

    @Override // org.wildfly.extension.undertow.ListenerService
    protected UndertowXnioSsl getSsl() {
        SSLContext sSLContext = this.sslContextSupplier.get();
        return new UndertowXnioSsl(((XnioWorker) this.worker.get()).getXnio(), getSSLOptions(sSLContext), sSLContext);
    }

    @Override // org.wildfly.extension.undertow.ListenerService
    protected OptionMap getSSLOptions(SSLContext sSLContext) {
        OptionMap.Builder addAll = OptionMap.builder().addAll(commonOptions);
        addAll.addAll(this.socketOptions);
        addAll.set(Options.USE_DIRECT_BUFFERS, true);
        if (this.cipherSuites != null) {
            addAll.setSequence(HttpsListenerResourceDefinition.ENABLED_CIPHER_SUITES.getOption(), CipherSuiteSelector.fromString(this.cipherSuites).evaluate(sSLContext.getSupportedSSLParameters().getCipherSuites()));
        }
        return addAll.getMap();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.wildfly.extension.undertow.HttpListenerService, org.wildfly.extension.undertow.ListenerService
    public OpenListener createOpenListener() {
        if (!this.listenerOptions.get(UndertowOptions.ENABLE_HTTP2, false)) {
            return super.createOpenListener();
        }
        try {
            return createAlpnOpenListener();
        } catch (Throwable th) {
            UndertowLogger.ROOT_LOGGER.alpnNotFound(getName());
            UndertowLogger.ROOT_LOGGER.debug("Exception creating ALPN listener", th);
            return super.createOpenListener();
        }
    }

    private OpenListener createAlpnOpenListener() {
        OptionMap map = OptionMap.builder().addAll(commonOptions).addAll(this.listenerOptions).set(UndertowOptions.ENABLE_CONNECTOR_STATISTICS, getUndertowService().isStatisticsEnabled()).getMap();
        ByteBufferPool byteBufferPool = (ByteBufferPool) getBufferPool().get();
        AlpnOpenListener alpnOpenListener = new AlpnOpenListener(byteBufferPool, map, new HttpOpenListener(byteBufferPool, map));
        if (this.listenerOptions.get(UndertowOptions.ENABLE_HTTP2, false)) {
            alpnOpenListener.addProtocol("h2", new Http2OpenListener(byteBufferPool, map, "h2"), 10);
            alpnOpenListener.addProtocol("h2-14", new Http2OpenListener(byteBufferPool, map, "h2-14"), 9);
        }
        return alpnOpenListener;
    }

    @Override // org.wildfly.extension.undertow.HttpListenerService, org.wildfly.extension.undertow.ListenerService
    protected void startListening(XnioWorker xnioWorker, InetSocketAddress inetSocketAddress, ChannelListener<AcceptingChannel<StreamConnection>> channelListener) throws IOException {
        if (this.proxyProtocol) {
            this.sslServer = xnioWorker.createStreamConnectionServer(inetSocketAddress, channelListener, getSSLOptions(this.sslContextSupplier.get()));
        } else {
            this.sslServer = getSsl().createSslConnectionServer(xnioWorker, inetSocketAddress, channelListener, getSSLOptions(this.sslContextSupplier.get()));
        }
        this.sslServer.resumeAccepts();
        InetSocketAddress inetSocketAddress2 = (InetSocketAddress) this.sslServer.getLocalAddress(InetSocketAddress.class);
        UndertowLogger.ROOT_LOGGER.listenerStarted("HTTPS", getName(), NetworkUtils.formatIPAddressForURI(inetSocketAddress2.getAddress()), inetSocketAddress2.getPort());
    }

    @Override // org.wildfly.extension.undertow.HttpListenerService, org.wildfly.extension.undertow.ListenerService, org.wildfly.extension.undertow.UndertowListener
    public boolean isSecure() {
        return true;
    }

    @Override // org.wildfly.extension.undertow.HttpListenerService, org.wildfly.extension.undertow.ListenerService
    protected void stopListening() {
        InetSocketAddress inetSocketAddress = (InetSocketAddress) this.sslServer.getLocalAddress(InetSocketAddress.class);
        this.sslServer.suspendAccepts();
        UndertowLogger.ROOT_LOGGER.listenerSuspend("HTTPS", getName());
        IoUtils.safeClose(this.sslServer);
        this.sslServer = null;
        UndertowLogger.ROOT_LOGGER.listenerStopped("HTTPS", getName(), NetworkUtils.formatIPAddressForURI(inetSocketAddress.getAddress()), inetSocketAddress.getPort());
        ((ListenerRegistry) this.httpListenerRegistry.get()).removeListener(getName());
    }

    @Override // org.wildfly.extension.undertow.HttpListenerService, org.wildfly.extension.undertow.ListenerService, org.wildfly.extension.undertow.UndertowListener
    public String getProtocol() {
        return PROTOCOL;
    }
}
