package weblogic.nodemanager.server;

import java.io.IOException;
import java.net.Socket;
import java.nio.channels.Channel;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import weblogic.nodemanager.NodeManagerTextTextFormatter;
import weblogic.security.utils.SSLContextWrapper;
import weblogic.security.utils.SSLTrustValidator;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: input_file:weblogic/nodemanager/server/SSLListener.class */
public class SSLListener extends Listener {
    SSLContextWrapper sslContext;
    SSLConfig sslConfig;
    SSLSocketFactory cltFactory;
    private static final NodeManagerTextTextFormatter nmText = NodeManagerTextTextFormatter.getInstance();

    /* JADX INFO: Access modifiers changed from: package-private */
    public SSLListener(NMServer nMServer, Channel channel) throws IOException {
        super(nMServer, channel);
    }

    @Override // weblogic.nodemanager.server.Listener
    public void init() throws IOException {
        try {
            this.sslContext = SSLContextWrapper.getInstance();
            this.sslConfig = this.server.getSSLConfig();
            this.sslContext.addIdentity(this.sslConfig.getIdentityCertificateChain(), this.sslConfig.getIdentityPrivateKey());
            SSLTrustValidator sSLTrustValidator = new SSLTrustValidator();
            sSLTrustValidator.setPeerCertsRequired(false);
            sSLTrustValidator.setAllowOverride(false);
            this.sslContext.setTrustManager(sSLTrustValidator);
            this.sslContext.setExportRefreshCount(500);
            SSLServerSocketFactory sSLServerSocketFactory = this.sslContext.getSSLServerSocketFactory();
            if (this.inheritedChannel != null) {
                this.cltFactory = this.sslContext.getSSLSocketFactory();
                return;
            }
            SSLServerSocket sSLServerSocket = this.host != null ? (SSLServerSocket) sSLServerSocketFactory.createServerSocket(this.port, this.backlog, this.host) : (SSLServerSocket) sSLServerSocketFactory.createServerSocket(this.port, this.backlog);
            String cipherSuite = this.sslConfig.getCipherSuite();
            if (cipherSuite != null) {
                sSLServerSocket.setEnabledCipherSuites(new String[]{cipherSuite});
                if (!sSLServerSocket.getEnabledCipherSuites()[0].equals(cipherSuite)) {
                    throw new IOException(nmText.getUnsupportedCipher(cipherSuite));
                }
            }
            sSLServerSocket.setNeedClientAuth(false);
            this.serverSocket = sSLServerSocket;
        } catch (Exception e) {
            throw ((InternalError) new InternalError("Could not instantiate SSLContextWrapper").initCause(e));
        }
    }

    @Override // weblogic.nodemanager.server.Listener
    public void run() throws IOException {
        String cipherSuite;
        NMServer.nmLog.info(this.host != null ? nmText.getSecureSocketListenerHost(Integer.toString(this.port), this.host.toString()) : nmText.getSecureSocketListener(Integer.toString(this.port)));
        while (true) {
            try {
                Socket accept = this.serverSocket.accept();
                Socket socket = accept;
                if (accept != null) {
                    if (this.inheritedChannel != null) {
                        SSLSocket sSLSocket = (SSLSocket) this.cltFactory.createSocket(socket, socket.getInetAddress().getHostName(), socket.getLocalPort(), true);
                        NMServer.nmLog.info(nmText.upgradeToSecure());
                        cipherSuite = this.sslConfig.getCipherSuite();
                        if (cipherSuite != null) {
                            sSLSocket.setEnabledCipherSuites(new String[]{cipherSuite});
                            if (!sSLSocket.getEnabledCipherSuites()[0].equals(cipherSuite)) {
                                break;
                            }
                        }
                        sSLSocket.setUseClientMode(false);
                        sSLSocket.setNeedClientAuth(false);
                        try {
                            sSLSocket.startHandshake();
                            socket = sSLSocket;
                        } catch (IOException e) {
                            if (!sSLSocket.isClosed()) {
                                try {
                                    sSLSocket.close();
                                } catch (IOException e2) {
                                }
                            }
                            throw e;
                        }
                    }
                    new Thread(new Handler(this.server, socket)).start();
                }
            } catch (IOException e3) {
                NMServer.nmLog.warning(nmText.getFailedSecureConnection(Integer.toString(this.port), this.host.toString()) + "" + e3);
            }
        }
        throw new IOException(nmText.getUnsupportedCipher(cipherSuite));
    }
}
