package org.apache.geronimo.yoko;

import java.io.IOException;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.security.cert.Certificate;
import javax.net.ssl.HandshakeCompletedEvent;
import javax.net.ssl.HandshakeCompletedListener;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import org.apache.geronimo.corba.ORBConfiguration;
import org.apache.geronimo.corba.security.config.ConfigUtil;
import org.apache.geronimo.corba.security.config.ssl.SSLCipherSuiteDatabase;
import org.apache.geronimo.corba.security.config.ssl.SSLConfig;
import org.apache.geronimo.corba.security.config.tss.TSSSSLTransportConfig;
import org.apache.geronimo.corba.util.Util;
import org.apache.yoko.orb.OCI.IIOP.ConnectionHelper;
import org.omg.CORBA.ORB;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/apache/geronimo/yoko/SocketFactory.class */
public class SocketFactory implements ConnectionHelper {
    private static final Logger log = LoggerFactory.getLogger(SocketFactory.class);
    private String[] cipherSuites;
    private boolean clientAuthSupported;
    private boolean clientAuthRequired;
    private ORB orb;
    private SSLSocketFactory socketFactory = null;
    private SSLServerSocketFactory serverSocketFactory = null;
    private SSLConfig sslConfig = null;
    int supports = 1;
    int requires = 1;

    public void init(ORB orb, String str) {
        this.orb = orb;
        this.clientAuthSupported = false;
        this.clientAuthRequired = false;
        ORBConfiguration registeredORB = Util.getRegisteredORB(str);
        if (registeredORB == null) {
            throw new RuntimeException("Unable to resolve ORB configuration " + str);
        }
        this.sslConfig = registeredORB.getSslConfig();
        TSSSSLTransportConfig transport_mech = registeredORB.getTssConfig().getTransport_mech();
        if (transport_mech != null && (transport_mech instanceof TSSSSLTransportConfig)) {
            TSSSSLTransportConfig tSSSSLTransportConfig = transport_mech;
            this.supports = tSSSSLTransportConfig.getSupports();
            this.requires = tSSSSLTransportConfig.getRequires();
        }
        if ((this.supports & 64) != 0) {
            this.clientAuthSupported = true;
            if ((this.requires & 64) != 0) {
                this.clientAuthRequired = true;
            }
        }
        if ((this.supports & 32) != 0) {
            this.clientAuthSupported = true;
            if ((this.requires & 32) != 0) {
                this.clientAuthRequired = true;
            }
        }
        if (log.isDebugEnabled()) {
            log.debug("Creating Yoko SocketFactor for GBean " + str);
            log.debug("   SUPPORTS: " + ConfigUtil.flags(this.supports));
            log.debug("   REQUIRES: " + ConfigUtil.flags(this.requires));
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:23:0x00ed, code lost:
    
        r0 = r0;
        r0 = r0.getSupports();
        r0 = r0.getRequires();
        r0 = r0.getPort();
        r0 = r0.getHostname();
     */
    /* JADX WARN: Code restructure failed: missing block: B:24:0x0118, code lost:
    
        if (org.apache.geronimo.yoko.SocketFactory.log.isDebugEnabled() == false) goto L23;
     */
    /* JADX WARN: Code restructure failed: missing block: B:25:0x011b, code lost:
    
        org.apache.geronimo.yoko.SocketFactory.log.debug("IOR to target " + r0 + ":" + ((int) r0));
        org.apache.geronimo.yoko.SocketFactory.log.debug("   SUPPORTS: " + org.apache.geronimo.corba.security.config.ConfigUtil.flags(r0));
        org.apache.geronimo.yoko.SocketFactory.log.debug("   REQUIRES: " + org.apache.geronimo.corba.security.config.ConfigUtil.flags(r0));
     */
    /* JADX WARN: Code restructure failed: missing block: B:27:0x0184, code lost:
    
        if ((1 & r0) != 1) goto L26;
     */
    /* JADX WARN: Code restructure failed: missing block: B:35:0x0196, code lost:
    
        return createSSLSocket(r0, r0, r0, r0);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.net.Socket createSocket(org.omg.IOP.IOR r7, org.omg.CORBA.Policy[] r8, java.net.InetAddress r9, int r10) throws java.io.IOException {
        /*
            Method dump skipped, instructions count: 695
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: org.apache.geronimo.yoko.SocketFactory.createSocket(org.omg.IOP.IOR, org.omg.CORBA.Policy[], java.net.InetAddress, int):java.net.Socket");
    }

    public Socket createSelfConnection(InetAddress inetAddress, int i) throws IOException {
        try {
            if ((1 & this.requires) != 1) {
                return createSSLSocket(inetAddress.getHostName(), i, this.requires, this.supports);
            }
            if (log.isDebugEnabled()) {
                log.debug("Created plain endpoint to " + inetAddress.getHostName() + ":" + i);
            }
            return new Socket(inetAddress, i);
        } catch (IOException e) {
            log.error("Exception creating a client socket to " + inetAddress.getHostName() + ":" + i, e);
            throw e;
        }
    }

    public ServerSocket createServerSocket(int i, int i2) throws IOException {
        try {
            if ((1 & this.requires) == 1) {
                if (log.isDebugEnabled()) {
                    log.debug("Created plain server socket for port " + i);
                }
                return new ServerSocket(i, i2);
            }
            SSLServerSocket sSLServerSocket = (SSLServerSocket) getServerSocketFactory().createServerSocket(i, i2);
            configureServerSocket(sSLServerSocket);
            return sSLServerSocket;
        } catch (IOException e) {
            log.error("Exception creating a server socket for port " + i, e);
            throw e;
        }
    }

    public ServerSocket createServerSocket(int i, int i2, InetAddress inetAddress) throws IOException {
        try {
            if ((1 & this.requires) == 1) {
                if (log.isDebugEnabled()) {
                    log.debug("Created plain server socket for port " + i);
                }
                return new ServerSocket(i, i2, inetAddress);
            }
            SSLServerSocket sSLServerSocket = (SSLServerSocket) getServerSocketFactory().createServerSocket(i, i2, inetAddress);
            configureServerSocket(sSLServerSocket);
            return sSLServerSocket;
        } catch (IOException e) {
            log.error("Exception creating a client socket to " + inetAddress.getHostName() + ":" + i, e);
            throw e;
        }
    }

    private SSLSocketFactory getSocketFactory() throws IOException {
        if (this.socketFactory == null) {
            if (this.sslConfig == null) {
                this.socketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
            } else {
                try {
                    this.socketFactory = this.sslConfig.createSSLFactory(Thread.currentThread().getContextClassLoader());
                } catch (Exception e) {
                    log.error("Unable to create client SSL socket factory", e);
                    throw ((IOException) new IOException("Unable to create client SSL socket factory: " + e.getMessage()).initCause(e));
                }
            }
        }
        return this.socketFactory;
    }

    private SSLServerSocketFactory getServerSocketFactory() throws IOException {
        if (this.serverSocketFactory == null) {
            if (this.sslConfig == null) {
                this.serverSocketFactory = (SSLServerSocketFactory) SSLServerSocketFactory.getDefault();
            } else {
                try {
                    this.serverSocketFactory = this.sslConfig.createSSLServerFactory(Thread.currentThread().getContextClassLoader());
                } catch (Exception e) {
                    log.error("Unable to create server SSL socket factory", e);
                    throw ((IOException) new IOException("Unable to create server SSL socket factory: " + e.getMessage()).initCause(e));
                }
            }
            if (this.cipherSuites == null) {
                this.cipherSuites = SSLCipherSuiteDatabase.getCipherSuites(this.requires, this.supports, this.serverSocketFactory.getDefaultCipherSuites());
            }
            getSocketFactory();
        }
        return this.serverSocketFactory;
    }

    private void configureServerSocket(SSLServerSocket sSLServerSocket) throws IOException {
        sSLServerSocket.setEnabledCipherSuites(this.cipherSuites);
        if (this.clientAuthRequired) {
            sSLServerSocket.setNeedClientAuth(true);
        } else if (this.clientAuthSupported) {
            sSLServerSocket.setWantClientAuth(true);
        } else {
            sSLServerSocket.setNeedClientAuth(false);
        }
        sSLServerSocket.setSoTimeout(60000);
        if (log.isDebugEnabled()) {
            log.debug("Created SSL server socket on port " + sSLServerSocket.getLocalPort());
            log.debug("    client authentication " + (this.clientAuthSupported ? "SUPPORTED" : "UNSUPPORTED"));
            log.debug("    client authentication " + (this.clientAuthRequired ? "REQUIRED" : "OPTIONAL"));
            log.debug("    cipher suites:");
            for (int i = 0; i < this.cipherSuites.length; i++) {
                log.debug("    " + this.cipherSuites[i]);
            }
        }
    }

    private Socket createSSLSocket(String str, int i, int i2, int i3) throws IOException {
        SSLSocketFactory socketFactory = getSocketFactory();
        SSLSocket sSLSocket = (SSLSocket) socketFactory.createSocket(str, i);
        sSLSocket.setSoTimeout(60000);
        String[] cipherSuites = SSLCipherSuiteDatabase.getCipherSuites(i2, i3, socketFactory.getDefaultCipherSuites());
        sSLSocket.setEnabledCipherSuites(cipherSuites);
        if (log.isDebugEnabled()) {
            log.debug("Created SSL socket to " + str + ":" + i);
            log.debug("    cipher suites:");
            for (String str2 : cipherSuites) {
                log.debug("    " + str2);
            }
            sSLSocket.addHandshakeCompletedListener(new HandshakeCompletedListener() { // from class: org.apache.geronimo.yoko.SocketFactory.1
                @Override // javax.net.ssl.HandshakeCompletedListener
                public void handshakeCompleted(HandshakeCompletedEvent handshakeCompletedEvent) {
                    Certificate[] localCertificates = handshakeCompletedEvent.getLocalCertificates();
                    if (localCertificates == null) {
                        SocketFactory.log.debug("handshake returned no local certs");
                        return;
                    }
                    SocketFactory.log.debug("handshake returned local certs count: " + localCertificates.length);
                    for (Certificate certificate : localCertificates) {
                        SocketFactory.log.debug("cert: " + certificate.toString());
                    }
                }
            });
        }
        return sSLSocket;
    }
}
