package com.sun.messaging.jmq.jmsserver.net.tls;

import com.sun.grizzly.portunif.TLSPUPreProcessor;
import com.sun.messaging.jmq.jmsserver.Broker;
import com.sun.messaging.jmq.jmsserver.Globals;
import com.sun.messaging.jmq.jmsserver.license.LicenseBase;
import com.sun.messaging.jmq.jmsserver.net.ProtocolStreams;
import com.sun.messaging.jmq.jmsserver.net.tcp.TcpProtocol;
import com.sun.messaging.jmq.jmsserver.resources.BrokerResources;
import com.sun.messaging.jmq.jmsserver.util.BrokerException;
import com.sun.messaging.jmq.jmsserver.util.KeystoreUtil;
import com.sun.messaging.jmq.jmsservice.BrokerEvent;
import com.sun.messaging.jmq.net.MQServerSocketFactory;
import com.sun.messaging.jmq.util.log.Logger;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.net.ServerSocket;
import java.net.SocketException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import javax.net.ServerSocketFactory;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;

/* JADX WARN: Classes with same name are omitted:
  input_file:jmsra.rar:lib/install/applications/jmsra/imqbroker.jar:com/sun/messaging/jmq/jmsserver/net/tls/TLSProtocol.class
 */
/* loaded from: input_file:com/sun/messaging/jmq/jmsserver/net/tls/TLSProtocol.class */
public class TLSProtocol extends TcpProtocol {
    private static final int defaultPort = 11001;
    private static boolean TLS_ALLOWED;
    private static final Object classlock;
    private static boolean DEBUG = false;
    private static ServerSocketFactory ssfactory = null;
    protected static Logger logger = Globals.getLogger();
    protected static BrokerResources br = Globals.getBrokerResources();

    public static void init() {
        logger = Globals.getLogger();
        br = Globals.getBrokerResources();
    }

    public static void destroy() {
        ssfactory = null;
        br = null;
    }

    public TLSProtocol() {
        this.canChangeBlocking = false;
        this.port = defaultPort;
        if (TLS_ALLOWED) {
            return;
        }
        Globals.getLogger().log(32, BrokerResources.E_FATAL_FEATURE_UNAVAILABLE, Globals.getBrokerResources().getString(BrokerResources.M_SSL_JMS));
        Broker.getBroker().exit(1, Globals.getBrokerResources().getKString(BrokerResources.E_FATAL_FEATURE_UNAVAILABLE, Globals.getBrokerResources().getString(BrokerResources.M_SSL_JMS)), BrokerEvent.Type.FATAL_ERROR);
    }

    @Override // com.sun.messaging.jmq.jmsserver.net.tcp.TcpProtocol, com.sun.messaging.jmq.jmsserver.net.Protocol
    public ProtocolStreams accept() throws IOException {
        if (this.serversocket == null) {
            throw new IOException(Globals.getBrokerResources().getString(BrokerResources.X_INTERNAL_EXCEPTION, "Unable to accept on un-opened protocol"));
        }
        SSLSocket sSLSocket = (SSLSocket) this.serversocket.accept();
        try {
            sSLSocket.setTcpNoDelay(this.nodelay);
        } catch (SocketException e) {
            Globals.getLogger().log(16, getClass().getSimpleName() + ".accept(): [" + sSLSocket.toString() + "]setTcpNoDelay(" + this.nodelay + "): " + e.toString(), (Throwable) e);
        }
        return createConnection(sSLSocket);
    }

    @Override // com.sun.messaging.jmq.jmsserver.net.tcp.TcpProtocol
    public String toString() {
        return "SSL/TLS [ " + this.port + "," + this.backlog + "]";
    }

    @Override // com.sun.messaging.jmq.jmsserver.net.tcp.TcpProtocol
    protected ServerSocket createSocket(String str, int i, int i2, boolean z, boolean z2) throws IOException {
        ServerSocketFactory serverSocketFactory = getServerSocketFactory();
        if (str == null || str.equals("*")) {
            this.serversocket = serverSocketFactory.createServerSocket(i, i2);
        } else {
            this.serversocket = serverSocketFactory.createServerSocket(i, i2, InetAddress.getByName(str));
        }
        if (DEBUG && this.serversocket != null) {
            logger.log(4, "TLSProtocol: " + this.serversocket + " " + MQServerSocketFactory.serverSocketToString(this.serversocket) + ", backlog=" + i2 + "");
        }
        return this.serversocket;
    }

    protected TLSStreams createConnection(SSLSocket sSLSocket) throws IOException {
        return new TLSStreams(sSLSocket, this.inputBufferSize, this.outputBufferSize);
    }

    public static ServerSocketFactory getServerSocketFactory() throws IOException {
        KeyManagerFactory keyManagerFactory;
        ServerSocketFactory serverSocketFactory;
        synchronized (classlock) {
            if (ssfactory == null) {
                try {
                    String keystoreLocation = KeystoreUtil.getKeystoreLocation();
                    if (!new File(keystoreLocation).exists()) {
                        throw new IOException(br.getKString(BrokerResources.E_KEYSTORE_NOT_EXIST, keystoreLocation));
                    }
                    String keystorePassword = KeystoreUtil.getKeystorePassword();
                    if (keystorePassword == null) {
                        keystorePassword = "";
                        logger.log(32, br.getKString(BrokerResources.E_PASS_PHRASE_NULL));
                    }
                    char[] charArray = keystorePassword.toCharArray();
                    SSLContext sSLContext = SSLContext.getInstance(TLSPUPreProcessor.ID);
                    try {
                        keyManagerFactory = KeyManagerFactory.getInstance("SunX509");
                    } catch (NoSuchAlgorithmException e) {
                        String defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
                        Logger logger2 = logger;
                        Logger logger3 = logger;
                        BrokerResources brokerResources = br;
                        BrokerResources brokerResources2 = br;
                        logger2.log(8, brokerResources.getKString(BrokerResources.I_KEYMGRFACTORY_USE_DEFAULT_ALG, e.getMessage(), defaultAlgorithm));
                        keyManagerFactory = KeyManagerFactory.getInstance(defaultAlgorithm);
                    }
                    KeyStore keyStore = KeyStore.getInstance("JKS");
                    keyStore.load(new FileInputStream(keystoreLocation), charArray);
                    keyManagerFactory.init(keyStore, charArray);
                    sSLContext.init(keyManagerFactory.getKeyManagers(), new TrustManager[]{new DefaultTrustManager()}, SecureRandom.getInstance("SHA1PRNG"));
                    ssfactory = MQServerSocketFactory.wrapFactory(sSLContext.getServerSocketFactory());
                } catch (IOException e2) {
                    throw e2;
                } catch (Exception e3) {
                    logger.logStack(32, br.getKString(BrokerResources.X_GET_SSL_SOCKET_FACT), e3);
                    throw new IOException(e3.getMessage());
                }
            }
            serverSocketFactory = ssfactory;
        }
        return serverSocketFactory;
    }

    static {
        TLS_ALLOWED = false;
        try {
            TLS_ALLOWED = Globals.getCurrentLicense(null).getBooleanProperty(LicenseBase.PROP_ENABLE_SSL, false);
        } catch (BrokerException e) {
            TLS_ALLOWED = false;
        }
        classlock = new Object();
    }
}
