package org.apache.qpid.server.model.adapter;

import java.security.GeneralSecurityException;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.UUID;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;
import org.apache.qpid.server.configuration.BrokerProperties;
import org.apache.qpid.server.configuration.IllegalConfigurationException;
import org.apache.qpid.server.configuration.updater.TaskExecutor;
import org.apache.qpid.server.logging.messages.BrokerMessages;
import org.apache.qpid.server.model.Broker;
import org.apache.qpid.server.model.KeyStore;
import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.model.Protocol;
import org.apache.qpid.server.model.Transport;
import org.apache.qpid.server.model.TrustStore;
import org.apache.qpid.server.plugin.QpidServiceLoader;
import org.apache.qpid.server.plugin.TransportProviderFactory;
import org.apache.qpid.server.protocol.AmqpProtocolVersion;
import org.apache.qpid.server.transport.AcceptingTransport;
import org.apache.qpid.server.transport.TransportProvider;
import org.apache.qpid.server.util.ServerScopedRuntimeException;
import org.apache.qpid.transport.network.security.ssl.QpidMultipleTrustManager;

/* loaded from: input_file:org/apache/qpid/server/model/adapter/AmqpPortAdapter.class */
public class AmqpPortAdapter extends PortAdapter<AmqpPortAdapter> {
    private final Broker<?> _broker;
    private AcceptingTransport _transport;

    public AmqpPortAdapter(UUID uuid, Broker<?> broker, Map<String, Object> map, Map<String, Object> map2, TaskExecutor taskExecutor) {
        super(uuid, broker, map, map2, taskExecutor);
        this._broker = broker;
    }

    @Override // org.apache.qpid.server.model.adapter.PortAdapter
    protected void onActivate() {
        Collection<Transport> transports = getTransports();
        Set<AmqpProtocolVersion> convertFromModelProtocolsToAmqp = convertFromModelProtocolsToAmqp(getProtocols());
        TransportProvider transportProvider = null;
        HashSet hashSet = new HashSet(transports);
        for (TransportProviderFactory transportProviderFactory : new QpidServiceLoader().instancesOf(TransportProviderFactory.class)) {
            if (transportProviderFactory.getSupportedTransports().contains(transports)) {
                transportProvider = transportProviderFactory.getTransportProvider(hashSet);
            }
        }
        if (transportProvider == null) {
            throw new IllegalConfigurationException("No transport providers found which can satisfy the requirement to support the transports: " + transports);
        }
        this._transport = transportProvider.createTransport(hashSet, (transports.contains(Transport.SSL) || transports.contains(Transport.WSS)) ? createSslContext() : null, this, convertFromModelProtocolsToAmqp, getDefaultAmqpSupportedReply());
        this._transport.start();
        Iterator<Transport> it = getTransports().iterator();
        while (it.hasNext()) {
            this._broker.getEventLogger().message(BrokerMessages.LISTENING(String.valueOf(it.next()), Integer.valueOf(getPort())));
        }
    }

    @Override // org.apache.qpid.server.model.adapter.PortAdapter
    protected void onStop() {
        if (this._transport != null) {
            Iterator<Transport> it = getTransports().iterator();
            while (it.hasNext()) {
                this._broker.getEventLogger().message(BrokerMessages.SHUTTING_DOWN(String.valueOf(it.next()), Integer.valueOf(getPort())));
            }
            this._transport.close();
        }
    }

    private Set<AmqpProtocolVersion> convertFromModelProtocolsToAmqp(Collection<Protocol> collection) {
        HashSet hashSet = new HashSet();
        Iterator<Protocol> it = collection.iterator();
        while (it.hasNext()) {
            hashSet.add(it.next().toAmqpProtocolVersion());
        }
        return hashSet;
    }

    private SSLContext createSslContext() {
        TrustManager[] trustManagerArr;
        KeyStore keyStore = getKeyStore();
        Collection<TrustStore> trustStores = getTrustStores();
        if ((((Boolean) getAttribute(Port.NEED_CLIENT_AUTH)).booleanValue() || ((Boolean) getAttribute(Port.WANT_CLIENT_AUTH)).booleanValue()) && trustStores.isEmpty()) {
            throw new IllegalConfigurationException("Client certificate authentication is enabled on AMQP port '" + getName() + "' but no trust store defined");
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            KeyManager[] keyManagers = keyStore.getKeyManagers();
            if (trustStores == null || trustStores.isEmpty()) {
                trustManagerArr = null;
            } else if (trustStores.size() == 1) {
                trustManagerArr = trustStores.iterator().next().getTrustManagers();
            } else {
                ArrayList arrayList = new ArrayList();
                QpidMultipleTrustManager qpidMultipleTrustManager = new QpidMultipleTrustManager();
                Iterator<TrustStore> it = trustStores.iterator();
                while (it.hasNext()) {
                    TrustManager[] trustManagers = it.next().getTrustManagers();
                    if (trustManagers != null) {
                        for (TrustManager trustManager : trustManagers) {
                            if (trustManager instanceof X509TrustManager) {
                                qpidMultipleTrustManager.addTrustManager((X509TrustManager) trustManager);
                            } else {
                                arrayList.add(trustManager);
                            }
                        }
                    }
                }
                if (!qpidMultipleTrustManager.isEmpty()) {
                    arrayList.add(qpidMultipleTrustManager);
                }
                trustManagerArr = (TrustManager[]) arrayList.toArray(new TrustManager[arrayList.size()]);
            }
            sSLContext.init(keyManagers, trustManagerArr, null);
            return sSLContext;
        } catch (GeneralSecurityException e) {
            throw new ServerScopedRuntimeException("Unable to create SSLContext for key or trust store", e);
        }
    }

    private AmqpProtocolVersion getDefaultAmqpSupportedReply() {
        String property = System.getProperty(BrokerProperties.PROPERTY_DEFAULT_SUPPORTED_PROTOCOL_REPLY);
        if (property != null) {
            return AmqpProtocolVersion.valueOf(property);
        }
        return null;
    }
}
