package weblogic.server.channels;

import java.io.EOFException;
import java.io.IOException;
import java.io.InterruptedIOException;
import java.net.ServerSocket;
import java.net.Socket;
import java.security.AccessController;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;
import weblogic.kernel.T3SrvrLogger;
import weblogic.management.provider.ManagementService;
import weblogic.protocol.ServerChannel;
import weblogic.protocol.configuration.ChannelHelper;
import weblogic.security.acl.internal.AuthenticatedSubject;
import weblogic.security.service.PrivilegedActions;
import weblogic.security.utils.SSLCipherUtility;
import weblogic.security.utils.SSLContextManager;
import weblogic.security.utils.SSLIOContextTable;
import weblogic.security.utils.SSLSetup;
import weblogic.socket.MuxableSocket;
import weblogic.socket.MuxableSocketDiscriminator;
import weblogic.socket.SSLFilter;
import weblogic.socket.SocketMuxer;
import weblogic.work.WorkAdapter;
import weblogic.work.WorkManagerFactory;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:weblogic/server/channels/DynamicSSLListenThread.class */
public final class DynamicSSLListenThread extends DynamicListenThread {
    private static final String SSL_LISTEN_THREAD_NAME = "DynamicSSLListenThread";
    private static final String ADMIN_LISTEN_THREAD_NAME = "AdminListenThread";
    private static final AuthenticatedSubject kernelId = (AuthenticatedSubject) AccessController.doPrivileged(PrivilegedActions.getKernelIdentityAction());
    private SSLServerSocketFactory serverFactory;

    /* JADX INFO: Access modifiers changed from: package-private */
    public DynamicSSLListenThread(ServerChannel[] serverChannelArr, DynamicListenThreadManager dynamicListenThreadManager) throws IOException {
        super(serverChannelArr, dynamicListenThreadManager);
        this.serverFactory = null;
        this.port = serverChannelArr[0].getPort();
        try {
            if (SocketMuxer.getMuxer().isAsyncMuxer()) {
                this.serverFactory = SSLContextManager.getSSLNioServerSocketFactory(serverChannelArr[0], kernelId);
            } else {
                this.serverFactory = SSLContextManager.getSSLServerSocketFactory(serverChannelArr[0], kernelId);
            }
            this.loginTimeout = serverChannelArr[0].getLoginTimeoutMillis();
        } catch (Exception e) {
            T3SrvrLogger.logInconsistentSecurityConfig(e);
            throw ((IOException) new IOException(e.getMessage()).initCause(e));
        }
    }

    @Override // weblogic.server.channels.DynamicListenThread
    final String getName() {
        return "DynamicSSLListenThread[" + getChannelName() + "]";
    }

    @Override // weblogic.server.channels.DynamicListenThread
    protected ServerSocket newServerSocket(int i) throws IOException {
        SSLServerSocket sSLServerSocket = (SSLServerSocket) this.serverFactory.createServerSocket(i, ManagementService.getRuntimeAccess(kernelId).getServer().getAcceptBacklog(), getListenAddress());
        String[] ciphersuites = ManagementService.getRuntimeAccess(kernelId).getServer().getSSL().getCiphersuites();
        SSLCipherUtility.normalizeNames(ciphersuites);
        String[] removeNullCipherSuites = SSLCipherUtility.removeNullCipherSuites(ciphersuites);
        if (removeNullCipherSuites != null && removeNullCipherSuites.length > 0) {
            sSLServerSocket.setEnabledCipherSuites(removeNullCipherSuites);
        }
        if (SSLSetup.isDebugEnabled(3)) {
            String[] enabledCipherSuites = sSLServerSocket.getEnabledCipherSuites();
            SSLSetup.info(getName() + " " + enabledCipherSuites.length + " cipher suites enabled:");
            for (String str : enabledCipherSuites) {
                SSLSetup.info(str);
            }
        }
        sSLServerSocket.setNeedClientAuth(this.channels[0].isTwoWaySSLEnabled() || this.channels[0].isClientCertificateEnforced());
        return sSLServerSocket;
    }

    @Override // weblogic.server.channels.DynamicListenThread
    public void registerSocket(Socket socket) {
        SSLIOContextTable.registerForThrottling((SSLSocket) socket);
        final SSLSocket sSLSocket = (SSLSocket) socket;
        final long j = this.loginTimeout;
        WorkAdapter workAdapter = new WorkAdapter() { // from class: weblogic.server.channels.DynamicSSLListenThread.1
            final SSLSocket theSock;
            final long timeout;

            {
                this.theSock = sSLSocket;
                this.timeout = j;
            }

            @Override // java.lang.Runnable
            public void run() {
                try {
                    this.theSock.setSoTimeout(DynamicSSLListenThread.this.loginTimeout);
                    MuxableSocket muxableSocketDiscriminator = new MuxableSocketDiscriminator(this.theSock, DynamicSSLListenThread.this.handlers, DynamicSSLListenThread.this.channels);
                    sSLSocket.startHandshake();
                    SSLFilter sSLFilter = (SSLFilter) SSLIOContextTable.findContext(this.theSock).getFilter();
                    sSLFilter.setDelegate(muxableSocketDiscriminator);
                    sSLFilter.activateNoRegister();
                    muxableSocketDiscriminator.setSocketFilter(sSLFilter);
                    SocketMuxer.getMuxer().register(sSLFilter);
                    SocketMuxer.getMuxer().read(sSLFilter);
                } catch (EOFException e) {
                    DynamicSSLListenThread.this.rejectCatastrophe(sSLSocket, "Client closed socket '" + DynamicListenThread.socketInfo(sSLSocket) + "' before completing connection.", e);
                } catch (InterruptedIOException e2) {
                    DynamicSSLListenThread.this.rejectCatastrophe(sSLSocket, "Login timed out after: '" + this.timeout + "' ms on socket: '" + DynamicListenThread.socketInfo(sSLSocket) + "'", e2);
                } catch (IOException e3) {
                    DynamicSSLListenThread.this.rejectCatastrophe(sSLSocket, "Unable to read from socket: '" + DynamicListenThread.socketInfo(sSLSocket) + "'", e3);
                }
            }
        };
        if (ChannelHelper.isAdminChannel(this.channels[0])) {
            WorkManagerFactory.getInstance().getSystem().schedule(workAdapter);
        } else {
            WorkManagerFactory.getInstance().getDefault().schedule(workAdapter);
        }
    }
}
