package org.eclipse.jetty.io.ssl;

import java.io.IOException;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.util.Collection;
import java.util.Map;
import java.util.Objects;
import java.util.concurrent.Executor;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLPeerUnverifiedException;
import org.eclipse.jetty.io.ByteBufferPool;
import org.eclipse.jetty.io.ClientConnectionFactory;
import org.eclipse.jetty.io.ClientConnector;
import org.eclipse.jetty.io.Connection;
import org.eclipse.jetty.io.EndPoint;
import org.eclipse.jetty.io.ssl.SslConnection;
import org.eclipse.jetty.io.ssl.SslHandshakeListener;
import org.eclipse.jetty.util.component.ContainerLifeCycle;
import org.eclipse.jetty.util.ssl.SslContextFactory;

/* loaded from: input_file:lib/jetty-io-12.0.15.jar:org/eclipse/jetty/io/ssl/SslClientConnectionFactory.class */
public class SslClientConnectionFactory implements ClientConnectionFactory {
    public static final String SSL_ENGINE_CONTEXT_KEY = "org.eclipse.jetty.client.ssl.engine";
    private final SslContextFactory.Client _sslContextFactory;
    private final ByteBufferPool _byteBufferPool;
    private final Executor _executor;
    private final ClientConnectionFactory _clientConnectionFactory;
    private boolean _directBuffersForEncryption = true;
    private boolean _directBuffersForDecryption = true;
    private boolean _requireCloseMessage;

    /* loaded from: input_file:lib/jetty-io-12.0.15.jar:org/eclipse/jetty/io/ssl/SslClientConnectionFactory$HTTPSHandshakeListener.class */
    private class HTTPSHandshakeListener implements SslHandshakeListener {
        private final Map<String, Object> context;

        private HTTPSHandshakeListener(Map<String, Object> map) {
            this.context = map;
        }

        @Override // org.eclipse.jetty.io.ssl.SslHandshakeListener
        public void handshakeSucceeded(SslHandshakeListener.Event event) throws SSLException {
            HostnameVerifier hostnameVerifier = SslClientConnectionFactory.this._sslContextFactory.getHostnameVerifier();
            if (hostnameVerifier != null) {
                SocketAddress socketAddress = (SocketAddress) this.context.get(ClientConnector.REMOTE_SOCKET_ADDRESS_CONTEXT_KEY);
                if (socketAddress instanceof InetSocketAddress) {
                    String hostString = ((InetSocketAddress) socketAddress).getHostString();
                    try {
                        if (hostnameVerifier.verify(hostString, event.getSSLEngine().getSession())) {
                        } else {
                            throw new SSLPeerUnverifiedException("Host name verification failed for host: " + hostString);
                        }
                    } catch (SSLException e) {
                        throw e;
                    } catch (Throwable th) {
                        throw ((SSLException) new SSLPeerUnverifiedException("Host name verification failed for host: " + hostString).initCause(th));
                    }
                }
            }
        }
    }

    /* loaded from: input_file:lib/jetty-io-12.0.15.jar:org/eclipse/jetty/io/ssl/SslClientConnectionFactory$SslEngineFactory.class */
    public interface SslEngineFactory {
        SSLEngine newSslEngine(String str, int i, Map<String, Object> map);
    }

    public SslClientConnectionFactory(SslContextFactory.Client client, ByteBufferPool byteBufferPool, Executor executor, ClientConnectionFactory clientConnectionFactory) {
        this._sslContextFactory = (SslContextFactory.Client) Objects.requireNonNull(client, "Missing SslContextFactory");
        this._byteBufferPool = byteBufferPool;
        this._executor = executor;
        this._clientConnectionFactory = clientConnectionFactory;
    }

    public SslContextFactory.Client getSslContextFactory() {
        return this._sslContextFactory;
    }

    public ByteBufferPool getByteBufferPool() {
        return this._byteBufferPool;
    }

    public Executor getExecutor() {
        return this._executor;
    }

    public ClientConnectionFactory getClientConnectionFactory() {
        return this._clientConnectionFactory;
    }

    public void setDirectBuffersForEncryption(boolean z) {
        this._directBuffersForEncryption = z;
    }

    public void setDirectBuffersForDecryption(boolean z) {
        this._directBuffersForDecryption = z;
    }

    public boolean isDirectBuffersForDecryption() {
        return this._directBuffersForDecryption;
    }

    public boolean isDirectBuffersForEncryption() {
        return this._directBuffersForEncryption;
    }

    public boolean isRequireCloseMessage() {
        return this._requireCloseMessage;
    }

    public void setRequireCloseMessage(boolean z) {
        this._requireCloseMessage = z;
    }

    @Override // org.eclipse.jetty.io.ClientConnectionFactory
    public Connection newConnection(EndPoint endPoint, Map<String, Object> map) throws IOException {
        SSLEngine newSSLEngine;
        SocketAddress socketAddress = (SocketAddress) map.get(ClientConnector.REMOTE_SOCKET_ADDRESS_CONTEXT_KEY);
        if (socketAddress instanceof InetSocketAddress) {
            InetSocketAddress inetSocketAddress = (InetSocketAddress) socketAddress;
            String hostString = inetSocketAddress.getHostString();
            int port = inetSocketAddress.getPort();
            newSSLEngine = this._sslContextFactory instanceof SslEngineFactory ? ((SslEngineFactory) this._sslContextFactory).newSslEngine(hostString, port, map) : this._sslContextFactory.newSSLEngine(hostString, port);
        } else {
            newSSLEngine = this._sslContextFactory.newSSLEngine();
        }
        newSSLEngine.setUseClientMode(true);
        map.put(SSL_ENGINE_CONTEXT_KEY, newSSLEngine);
        SslConnection newSslConnection = newSslConnection(endPoint, newSSLEngine);
        SslConnection.SslEndPoint sslEndPoint = newSslConnection.getSslEndPoint();
        sslEndPoint.setConnection(this._clientConnectionFactory.newConnection(sslEndPoint, map));
        newSslConnection.addHandshakeListener(new HTTPSHandshakeListener(map));
        customize(newSslConnection, map);
        return newSslConnection;
    }

    protected SslConnection newSslConnection(EndPoint endPoint, SSLEngine sSLEngine) {
        return new SslConnection(getByteBufferPool(), getExecutor(), getSslContextFactory(), endPoint, sSLEngine, isDirectBuffersForEncryption(), isDirectBuffersForDecryption());
    }

    @Override // org.eclipse.jetty.io.ClientConnectionFactory
    public Connection customize(Connection connection, Map<String, Object> map) {
        if (connection instanceof SslConnection) {
            SslConnection sslConnection = (SslConnection) connection;
            sslConnection.setRenegotiationAllowed(this._sslContextFactory.isRenegotiationAllowed());
            sslConnection.setRenegotiationLimit(this._sslContextFactory.getRenegotiationLimit());
            sslConnection.setRequireCloseMessage(isRequireCloseMessage());
            ContainerLifeCycle containerLifeCycle = (ContainerLifeCycle) map.get(ClientConnectionFactory.CLIENT_CONTEXT_KEY);
            if (containerLifeCycle != null) {
                Collection beans = containerLifeCycle.getBeans(SslHandshakeListener.class);
                Objects.requireNonNull(sslConnection);
                beans.forEach(sslConnection::addHandshakeListener);
            }
        }
        return super.customize(connection, map);
    }
}
