package org.apache.qpid.server.protocol;

import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.nio.ByteBuffer;
import java.security.Principal;
import java.util.Set;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLPeerUnverifiedException;
import org.apache.log4j.Logger;
import org.apache.qpid.protocol.ServerProtocolEngine;
import org.apache.qpid.server.logging.actors.CurrentActor;
import org.apache.qpid.server.logging.messages.ConnectionMessages;
import org.apache.qpid.server.model.Broker;
import org.apache.qpid.server.model.Port;
import org.apache.qpid.server.model.Transport;
import org.apache.qpid.server.plugin.ProtocolEngineCreator;
import org.apache.qpid.transport.Sender;
import org.apache.qpid.transport.network.NetworkConnection;
import org.apache.qpid.transport.network.security.SSLStatus;
import org.apache.qpid.transport.network.security.ssl.SSLBufferingSender;
import org.apache.qpid.transport.network.security.ssl.SSLReceiver;

/* loaded from: input_file:org/apache/qpid/server/protocol/MultiVersionProtocolEngine.class */
public class MultiVersionProtocolEngine implements ServerProtocolEngine {
    private static final Logger _logger = Logger.getLogger(MultiVersionProtocolEngine.class);
    private final long _id;
    private final SSLContext _sslContext;
    private final boolean _wantClientAuth;
    private final boolean _needClientAuth;
    private final Port _port;
    private final Transport _transport;
    private final ProtocolEngineCreator[] _creators;
    private Set<AmqpProtocolVersion> _supported;
    private String _fqdn;
    private final Broker _broker;
    private NetworkConnection _network;
    private Sender<ByteBuffer> _sender;
    private final AmqpProtocolVersion _defaultSupportedReply;
    private volatile ServerProtocolEngine _delegate = new SelfDelegateProtocolEngine();
    private static final int MINIMUM_REQUIRED_HEADER_BYTES = 8;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apache/qpid/server/protocol/MultiVersionProtocolEngine$ClosedDelegateProtocolEngine.class */
    public class ClosedDelegateProtocolEngine implements ServerProtocolEngine {
        private ClosedDelegateProtocolEngine() {
        }

        public SocketAddress getRemoteAddress() {
            return MultiVersionProtocolEngine.this._network.getRemoteAddress();
        }

        public SocketAddress getLocalAddress() {
            return MultiVersionProtocolEngine.this._network.getLocalAddress();
        }

        public long getWrittenBytes() {
            return 0L;
        }

        public long getReadBytes() {
            return 0L;
        }

        public void received(ByteBuffer byteBuffer) {
            MultiVersionProtocolEngine._logger.error("Error processing incoming data, could not negotiate a common protocol");
        }

        public void exception(Throwable th) {
            MultiVersionProtocolEngine._logger.error("Error establishing session", th);
        }

        public void closed() {
        }

        public void writerIdle() {
        }

        public void readerIdle() {
        }

        public void setNetworkConnection(NetworkConnection networkConnection, Sender<ByteBuffer> sender) {
        }

        public long getLastReadTime() {
            return 0L;
        }

        public long getLastWriteTime() {
            return 0L;
        }

        public long getConnectionId() {
            return MultiVersionProtocolEngine.this._id;
        }
    }

    /* loaded from: input_file:org/apache/qpid/server/protocol/MultiVersionProtocolEngine$SSLNetworkConnection.class */
    private static class SSLNetworkConnection implements NetworkConnection {
        private final NetworkConnection _network;
        private final SSLBufferingSender _sslSender;
        private final SSLEngine _engine;

        public SSLNetworkConnection(SSLEngine sSLEngine, NetworkConnection networkConnection, SSLBufferingSender sSLBufferingSender) {
            this._engine = sSLEngine;
            this._network = networkConnection;
            this._sslSender = sSLBufferingSender;
        }

        public Sender<ByteBuffer> getSender() {
            return this._sslSender;
        }

        public void start() {
            this._network.start();
        }

        public void close() {
            this._sslSender.close();
            this._network.close();
        }

        public SocketAddress getRemoteAddress() {
            return this._network.getRemoteAddress();
        }

        public SocketAddress getLocalAddress() {
            return this._network.getLocalAddress();
        }

        public void setMaxWriteIdle(int i) {
            this._network.setMaxWriteIdle(i);
        }

        public void setMaxReadIdle(int i) {
            this._network.setMaxReadIdle(i);
        }

        public void setPeerPrincipal(Principal principal) {
            this._network.setPeerPrincipal(principal);
        }

        public Principal getPeerPrincipal() {
            try {
                return this._engine.getSession().getPeerPrincipal();
            } catch (SSLPeerUnverifiedException e) {
                return null;
            }
        }

        public int getMaxReadIdle() {
            return this._network.getMaxReadIdle();
        }

        public int getMaxWriteIdle() {
            return this._network.getMaxWriteIdle();
        }
    }

    /* loaded from: input_file:org/apache/qpid/server/protocol/MultiVersionProtocolEngine$SelfDelegateProtocolEngine.class */
    private class SelfDelegateProtocolEngine implements ServerProtocolEngine {
        private final ByteBuffer _header;
        private long _lastReadTime;

        private SelfDelegateProtocolEngine() {
            this._header = ByteBuffer.allocate(MultiVersionProtocolEngine.MINIMUM_REQUIRED_HEADER_BYTES);
        }

        public SocketAddress getRemoteAddress() {
            return MultiVersionProtocolEngine.this._network.getRemoteAddress();
        }

        public SocketAddress getLocalAddress() {
            return MultiVersionProtocolEngine.this._network.getLocalAddress();
        }

        public long getWrittenBytes() {
            return 0L;
        }

        public long getReadBytes() {
            return 0L;
        }

        public void received(ByteBuffer byteBuffer) {
            this._lastReadTime = System.currentTimeMillis();
            ByteBuffer duplicate = byteBuffer.duplicate();
            if (this._header.remaining() > duplicate.limit()) {
                byteBuffer.position(byteBuffer.limit());
            } else {
                duplicate.limit(this._header.remaining());
                byteBuffer.position(this._header.remaining());
            }
            this._header.put(duplicate);
            if (this._header.hasRemaining()) {
                return;
            }
            this._header.flip();
            byte[] bArr = new byte[MultiVersionProtocolEngine.MINIMUM_REQUIRED_HEADER_BYTES];
            this._header.get(bArr);
            ServerProtocolEngine serverProtocolEngine = null;
            byte[] bArr2 = null;
            byte[] bArr3 = null;
            AmqpProtocolVersion amqpProtocolVersion = null;
            for (int i = 0; serverProtocolEngine == null && i < MultiVersionProtocolEngine.this._creators.length; i++) {
                if (MultiVersionProtocolEngine.this._supported.contains(MultiVersionProtocolEngine.this._creators[i].getVersion())) {
                    bArr2 = MultiVersionProtocolEngine.this._creators[i].getHeaderIdentifier();
                    amqpProtocolVersion = MultiVersionProtocolEngine.this._creators[i].getVersion();
                    byte[] headerIdentifier = MultiVersionProtocolEngine.this._creators[i].getHeaderIdentifier();
                    boolean z = true;
                    for (int i2 = 0; z && i2 < headerIdentifier.length; i2++) {
                        z = bArr[i2] == headerIdentifier[i2];
                    }
                    if (z) {
                        serverProtocolEngine = MultiVersionProtocolEngine.this._creators[i].newProtocolEngine(MultiVersionProtocolEngine.this._broker, MultiVersionProtocolEngine.this._network, MultiVersionProtocolEngine.this._port, MultiVersionProtocolEngine.this._transport, MultiVersionProtocolEngine.this._id);
                    }
                }
                if (MultiVersionProtocolEngine.this._defaultSupportedReply != null && MultiVersionProtocolEngine.this._creators[i].getVersion() == MultiVersionProtocolEngine.this._defaultSupportedReply) {
                    bArr3 = MultiVersionProtocolEngine.this._creators[i].getHeaderIdentifier();
                }
            }
            if (serverProtocolEngine == null && MultiVersionProtocolEngine.this.looksLikeSSL(bArr) && MultiVersionProtocolEngine.this._sslContext != null) {
                serverProtocolEngine = new SslDelegateProtocolEngine();
            }
            if (serverProtocolEngine != null) {
                MultiVersionProtocolEngine.this._delegate = serverProtocolEngine;
                this._header.flip();
                MultiVersionProtocolEngine.this._delegate.received(this._header);
                if (byteBuffer.hasRemaining()) {
                    MultiVersionProtocolEngine.this._delegate.received(byteBuffer);
                    return;
                }
                return;
            }
            if (MultiVersionProtocolEngine.this._defaultSupportedReply != null && MultiVersionProtocolEngine.this._defaultSupportedReply != amqpProtocolVersion) {
                if (MultiVersionProtocolEngine._logger.isDebugEnabled()) {
                    MultiVersionProtocolEngine._logger.debug("Default reply to unsupported protocol version was configured, changing reply from " + amqpProtocolVersion + " to " + MultiVersionProtocolEngine.this._defaultSupportedReply);
                }
                bArr2 = bArr3;
                amqpProtocolVersion = MultiVersionProtocolEngine.this._defaultSupportedReply;
            }
            if (MultiVersionProtocolEngine._logger.isDebugEnabled()) {
                MultiVersionProtocolEngine._logger.debug("Unsupported protocol version requested, replying with: " + amqpProtocolVersion);
            }
            MultiVersionProtocolEngine.this._sender.send(ByteBuffer.wrap(bArr2));
            MultiVersionProtocolEngine.this._sender.flush();
            MultiVersionProtocolEngine.this._delegate = new ClosedDelegateProtocolEngine();
            MultiVersionProtocolEngine.this._network.close();
        }

        public long getConnectionId() {
            return MultiVersionProtocolEngine.this._id;
        }

        public void exception(Throwable th) {
            MultiVersionProtocolEngine._logger.error("Error establishing session", th);
        }

        public void closed() {
            try {
                MultiVersionProtocolEngine.this._delegate = new ClosedDelegateProtocolEngine();
                if (MultiVersionProtocolEngine._logger.isDebugEnabled()) {
                    MultiVersionProtocolEngine._logger.debug("Connection from  " + getRemoteAddress() + " was closed before any protocol version was established.");
                }
                try {
                    MultiVersionProtocolEngine.this._network.close();
                } catch (Exception e) {
                }
            } catch (Exception e2) {
                try {
                    MultiVersionProtocolEngine.this._network.close();
                } catch (Exception e3) {
                }
            } catch (Throwable th) {
                try {
                    MultiVersionProtocolEngine.this._network.close();
                } catch (Exception e4) {
                }
                throw th;
            }
        }

        public void writerIdle() {
        }

        public void readerIdle() {
            CurrentActor.get().message(ConnectionMessages.IDLE_CLOSE());
            MultiVersionProtocolEngine.this._network.close();
        }

        public void setNetworkConnection(NetworkConnection networkConnection, Sender<ByteBuffer> sender) {
        }

        public long getLastReadTime() {
            return this._lastReadTime;
        }

        public long getLastWriteTime() {
            return 0L;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:org/apache/qpid/server/protocol/MultiVersionProtocolEngine$SslDelegateProtocolEngine.class */
    public class SslDelegateProtocolEngine implements ServerProtocolEngine {
        private final MultiVersionProtocolEngine _decryptEngine;
        private final SSLEngine _engine;
        private final SSLReceiver _sslReceiver;
        private final SSLBufferingSender _sslSender;
        private long _lastReadTime;

        private SslDelegateProtocolEngine() {
            this._decryptEngine = new MultiVersionProtocolEngine(MultiVersionProtocolEngine.this._broker, null, false, false, MultiVersionProtocolEngine.this._supported, MultiVersionProtocolEngine.this._defaultSupportedReply, MultiVersionProtocolEngine.this._port, Transport.SSL, MultiVersionProtocolEngine.this._id, MultiVersionProtocolEngine.this._creators);
            this._engine = MultiVersionProtocolEngine.this._sslContext.createSSLEngine();
            this._engine.setUseClientMode(false);
            if (MultiVersionProtocolEngine.this._needClientAuth) {
                this._engine.setNeedClientAuth(MultiVersionProtocolEngine.this._needClientAuth);
            } else if (MultiVersionProtocolEngine.this._wantClientAuth) {
                this._engine.setWantClientAuth(MultiVersionProtocolEngine.this._wantClientAuth);
            }
            SSLStatus sSLStatus = new SSLStatus();
            this._sslReceiver = new SSLReceiver(this._engine, this._decryptEngine, sSLStatus);
            this._sslSender = new SSLBufferingSender(this._engine, MultiVersionProtocolEngine.this._sender, sSLStatus);
            this._decryptEngine.setNetworkConnection(new SSLNetworkConnection(this._engine, MultiVersionProtocolEngine.this._network, this._sslSender));
        }

        public void received(ByteBuffer byteBuffer) {
            this._lastReadTime = System.currentTimeMillis();
            this._sslReceiver.received(byteBuffer);
            this._sslSender.send();
            this._sslSender.flush();
        }

        public void setNetworkConnection(NetworkConnection networkConnection, Sender<ByteBuffer> sender) {
        }

        public SocketAddress getRemoteAddress() {
            return this._decryptEngine.getRemoteAddress();
        }

        public SocketAddress getLocalAddress() {
            return this._decryptEngine.getLocalAddress();
        }

        public long getWrittenBytes() {
            return this._decryptEngine.getWrittenBytes();
        }

        public long getReadBytes() {
            return this._decryptEngine.getReadBytes();
        }

        public void closed() {
            this._decryptEngine.closed();
        }

        public void writerIdle() {
            this._decryptEngine.writerIdle();
        }

        public void readerIdle() {
            this._decryptEngine.readerIdle();
        }

        public void exception(Throwable th) {
            this._decryptEngine.exception(th);
        }

        public long getConnectionId() {
            return this._decryptEngine.getConnectionId();
        }

        public long getLastReadTime() {
            return this._lastReadTime;
        }

        public long getLastWriteTime() {
            return this._decryptEngine.getLastWriteTime();
        }
    }

    public MultiVersionProtocolEngine(Broker broker, SSLContext sSLContext, boolean z, boolean z2, Set<AmqpProtocolVersion> set, AmqpProtocolVersion amqpProtocolVersion, Port port, Transport transport, long j, ProtocolEngineCreator[] protocolEngineCreatorArr) {
        if (amqpProtocolVersion != null && !set.contains(amqpProtocolVersion)) {
            throw new IllegalArgumentException("The configured default reply (" + amqpProtocolVersion + ") to an unsupported protocol version initiation is itself not supported!");
        }
        this._id = j;
        this._broker = broker;
        this._supported = set;
        this._defaultSupportedReply = amqpProtocolVersion;
        this._sslContext = sSLContext;
        this._wantClientAuth = z;
        this._needClientAuth = z2;
        this._port = port;
        this._transport = transport;
        this._creators = protocolEngineCreatorArr;
    }

    public SocketAddress getRemoteAddress() {
        return this._delegate.getRemoteAddress();
    }

    public SocketAddress getLocalAddress() {
        return this._delegate.getLocalAddress();
    }

    public long getWrittenBytes() {
        return this._delegate.getWrittenBytes();
    }

    public long getReadBytes() {
        return this._delegate.getReadBytes();
    }

    public void closed() {
        this._delegate.closed();
    }

    public void writerIdle() {
        this._delegate.writerIdle();
    }

    public void readerIdle() {
        this._delegate.readerIdle();
    }

    public void received(ByteBuffer byteBuffer) {
        this._delegate.received(byteBuffer);
    }

    public void exception(Throwable th) {
        this._delegate.exception(th);
    }

    public long getConnectionId() {
        return this._delegate.getConnectionId();
    }

    public void setNetworkConnection(NetworkConnection networkConnection) {
        setNetworkConnection(networkConnection, networkConnection.getSender());
    }

    public void setNetworkConnection(NetworkConnection networkConnection, Sender<ByteBuffer> sender) {
        this._network = networkConnection;
        SocketAddress localAddress = this._network.getLocalAddress();
        if (!(localAddress instanceof InetSocketAddress)) {
            throw new IllegalArgumentException("Unsupported socket address class: " + localAddress);
        }
        this._fqdn = ((InetSocketAddress) localAddress).getHostName();
        this._sender = sender;
    }

    public long getLastReadTime() {
        return this._delegate.getLastReadTime();
    }

    public long getLastWriteTime() {
        return this._delegate.getLastWriteTime();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean looksLikeSSL(byte[] bArr) {
        return looksLikeSSLv3ClientHello(bArr) || looksLikeSSLv2ClientHello(bArr);
    }

    private boolean looksLikeSSLv3ClientHello(byte[] bArr) {
        return bArr[0] == 22 && bArr[1] == 3 && (bArr[2] == 0 || bArr[2] == 1 || bArr[2] == 2 || bArr[2] == 3) && bArr[5] == 1;
    }

    private boolean looksLikeSSLv2ClientHello(byte[] bArr) {
        return bArr[0] == Byte.MIN_VALUE && bArr[3] == 3 && (bArr[4] == 0 || bArr[4] == 1 || bArr[4] == 2 || bArr[4] == 3);
    }
}
