package com.apusic.web.http.tcp;

import com.apusic.domain.ServerConfig;
import com.apusic.net.BlockingListenerThread;
import com.apusic.net.ListenerThread;
import com.apusic.net.Muxer;
import com.apusic.net.NonBlockingListenerThread;
import com.apusic.net.SSLCertificateSupporter;
import com.apusic.net.SocketAcceptor;
import com.apusic.net.SocketAdaptor;
import com.apusic.net.SocketChannelAcceptor;
import com.apusic.server.Config;
import com.apusic.server.VMOptions;
import com.apusic.service.AttributeChangeAware;
import com.apusic.service.AttributeChangeAwareImpl;
import com.apusic.util.StringManager;
import com.apusic.web.http.Endpoint;
import com.apusic.web.http.HttpReactorManager;
import com.apusic.web.http.Server;
import com.apusic.web.resources.Resources;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.net.SocketException;
import java.nio.channels.ServerSocketChannel;
import java.nio.channels.SocketChannel;
import java.security.KeyStore;
import java.util.concurrent.TimeUnit;
import javax.net.ssl.CertPathTrustManagerParameters;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;

/* loaded from: input_file:com/apusic/web/http/tcp/TCPEndpoint.class */
public class TCPEndpoint extends Endpoint implements TCPEndpointMBean, SocketAcceptor, SocketChannelAcceptor, AttributeChangeAware {
    public static final String SERVICE_NAME = "TCPEndpoint";
    public static final int DEFAULT_PORT = 8080;
    public static final int DEFAULT_SECURE_PORT = 8081;
    public static final int DEFAULT_MUTUALAUTH_PORT = 8082;
    private AttributeChangeAware attrCA;
    private String address;
    private int port;
    private int backlog;
    protected int timeout;
    protected boolean tcpNoDelay;
    private ListenerThread[] clearListener;
    private ListenerThread secureListener;
    private ListenerThread mutualAuthListener;
    private String ioType;
    protected HttpReactorManager reactorManager;
    private KeyManagerFactory kmf;
    private TrustManagerFactory tmf;
    private SSLServerSocketFactory ssf;
    private SSLSocketFactory csf;
    private static int threadId = 0;
    private static StringManager muxerSm = StringManager.getManager(Muxer.class);
    private static final Integer ACCEPT_THREAD_COUNT = VMOptions.getTcpAcceptorThreadCount();

    /* JADX INFO: Access modifiers changed from: protected */
    public TCPEndpoint(String str) {
        super(str);
        this.attrCA = new AttributeChangeAwareImpl();
        this.address = null;
        this.port = 80;
        this.backlog = 1024;
        this.timeout = 300;
        this.tcpNoDelay = true;
        initAttributeChangeAware();
    }

    public TCPEndpoint() {
        super(SERVICE_NAME);
        this.attrCA = new AttributeChangeAwareImpl();
        this.address = null;
        this.port = 80;
        this.backlog = 1024;
        this.timeout = 300;
        this.tcpNoDelay = true;
        initAttributeChangeAware();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public TCPEndpoint(String str, String str2, int i, int i2) {
        super(str);
        this.attrCA = new AttributeChangeAwareImpl();
        this.address = null;
        this.port = 80;
        this.backlog = 1024;
        this.timeout = 300;
        this.tcpNoDelay = true;
        this.address = str2;
        this.port = i;
        this.backlog = i2;
        initAttributeChangeAware();
    }

    public TCPEndpoint(String str, int i, int i2) {
        this(SERVICE_NAME, str, i, i2);
    }

    private void initAttributeChangeAware() {
        this.attrCA.setAttributeChanged("SSLProtocol", false);
        this.attrCA.setAttributeChanged("KeyStore", false);
        this.attrCA.setAttributeChanged("KeyStoreType", false);
        this.attrCA.setAttributeChanged("KeyPassword", false);
        this.attrCA.setAttributeChanged("KeyStorePassword", false);
        this.attrCA.setAttributeChanged("TrustStore", false);
        this.attrCA.setAttributeChanged("TrustStoreType", false);
        this.attrCA.setAttributeChanged("TrustStorePassword", false);
        this.attrCA.setAttributeChanged("ServerCertificateKey", false);
        this.attrCA.setAttributeChanged("ServerCertificateChain", false);
        this.attrCA.setAttributeChanged("TrustCertificates", false);
        this.attrCA.setAttributeChanged("CertRevocationList", false);
        this.attrCA.setAttributeChanged("CRLReloadCheckInterval", false);
        this.attrCA.setAttributeChanged("KeyManagerFactoryAlgorithm", false);
        this.attrCA.setAttributeChanged("TrustManagerFactoryAlgorithm", false);
    }

    @Override // com.apusic.web.http.tcp.TCPEndpointMBean
    public String getAddress() {
        return this.address;
    }

    @Override // com.apusic.web.http.tcp.TCPEndpointMBean
    public void setAddress(String str) {
        String str2 = this.address;
        this.address = str;
        sendAttributeChangeNotification(ServerConfig.ADDRESS, "java.lang.String", str2, str);
    }

    @Override // com.apusic.web.http.IEndpoint
    public int getPort() {
        return this.port;
    }

    @Override // com.apusic.web.http.tcp.TCPEndpointMBean
    public void setPort(int i) {
        int i2 = this.port;
        this.port = i;
        sendAttributeChangeNotification(ServerConfig.PORT, "java.lang.Integer", new Integer(i2), new Integer(i));
    }

    @Override // com.apusic.web.http.tcp.TCPEndpointMBean
    public int getBacklog() {
        return this.backlog;
    }

    @Override // com.apusic.web.http.tcp.TCPEndpointMBean
    public void setBacklog(int i) {
        if (i < 0) {
            throw new IllegalArgumentException();
        }
        int i2 = this.backlog;
        this.backlog = i;
        sendAttributeChangeNotification("Backlog", "java.lang.Integer", new Integer(i2), new Integer(i));
    }

    @Override // com.apusic.web.http.tcp.TCPEndpointMBean
    public int getTimeout() {
        return this.timeout;
    }

    @Override // com.apusic.web.http.tcp.TCPEndpointMBean
    public void setTimeout(int i) {
        if (i < 0) {
            throw new IllegalArgumentException();
        }
        int i2 = this.timeout;
        this.timeout = i;
        sendAttributeChangeNotification("Timeout", "java.lang.Integer", new Integer(i2), new Integer(i));
    }

    @Override // com.apusic.web.http.tcp.TCPEndpointMBean
    public boolean getTCPNoDelay() {
        return this.tcpNoDelay;
    }

    @Override // com.apusic.web.http.tcp.TCPEndpointMBean
    public void setTCPNoDelay(boolean z) {
        boolean z2 = this.tcpNoDelay;
        this.tcpNoDelay = z;
        sendAttributeChangeNotification("TCPNoDelay", "java.lang.Boolean", new Boolean(z2), new Boolean(z));
    }

    protected ListenerThread[] createListener(int i, int i2, InetAddress inetAddress) throws IOException {
        StringBuilder append = new StringBuilder().append("TCPListener-").append(this.ioType).append("-");
        int i3 = threadId + 1;
        threadId = i3;
        return createListener(i, i2, inetAddress, append.append(i3).toString());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ListenerThread[] createListener(int i, int i2, InetAddress inetAddress, String str) throws IOException {
        ListenerThread[] listenerThreadArr = new ListenerThread[ACCEPT_THREAD_COUNT.intValue()];
        if (this.ioType.equals("bio")) {
            ServerSocket serverSocket = new ServerSocket(i, i2, inetAddress);
            for (int i3 = 0; i3 < listenerThreadArr.length; i3++) {
                listenerThreadArr[i3] = new BlockingListenerThread(this, str + "-" + i3, serverSocket);
            }
        } else {
            ServerSocketChannel open = ServerSocketChannel.open();
            open.socket().bind(new InetSocketAddress(inetAddress, i), i2);
            for (int i4 = 0; i4 < listenerThreadArr.length; i4++) {
                listenerThreadArr[i4] = new NonBlockingListenerThread(this, str + "-" + i4, open);
            }
        }
        return listenerThreadArr;
    }

    @Override // com.apusic.service.Service
    protected void startService() throws Exception {
        InetAddress inetAddress;
        this.ioType = VMOptions.getWebIoType();
        if (this.port > 0) {
            if (this.address == null || this.address.length() == 0 || this.address.equals("*")) {
                this.log.info(Resources._T(Resources.MSG_TCP_LISTEN_PORT, String.valueOf(this.port)));
                inetAddress = null;
            } else {
                this.log.info(Resources._T(Resources.MSG_TCP_LISTEN_ADDRESS, this.address, String.valueOf(this.port)));
                inetAddress = InetAddress.getByName(this.address);
            }
            if (!this.ioType.equals(VMOptions.WEB_IO_TYPE_BIO)) {
                this.reactorManager = getServer().getHttpReactorManager();
            }
            this.clearListener = createListener(this.port, this.backlog, inetAddress);
            for (ListenerThread listenerThread : this.clearListener) {
                listenerThread.start();
            }
        }
        if (this.enableSSL == null || !this.enableSSL.booleanValue()) {
            return;
        }
        if (this.securePort != null && this.securePort.intValue() > 0) {
            this.secureListener = new BlockingListenerThread(this, "TcpSecureListener", createSecureServerSocket(this.securePort.intValue(), (this.mutualAuthPort == null || this.mutualAuthPort.intValue() <= 0 || this.mutualAuthPort == this.securePort) ? getNeedClientAuth() : "false"));
            this.secureListener.start();
        }
        if (!isNeedClientAuth() || this.mutualAuthPort == null || this.mutualAuthPort.intValue() <= 0 || this.mutualAuthPort == this.securePort) {
            return;
        }
        this.mutualAuthListener = new BlockingListenerThread(this, "TcpMutualAuthListener", createSecureServerSocket(this.mutualAuthPort.intValue(), getNeedClientAuth()));
        this.mutualAuthListener.start();
    }

    @Override // com.apusic.service.Service
    protected void stopService() {
        if (this.clearListener != null) {
            for (ListenerThread listenerThread : this.clearListener) {
                listenerThread.shutdown();
            }
            this.clearListener = null;
        }
    }

    protected ServerSocket createSecureServerSocket(int i, String str) throws IOException {
        ServerSocket createServerSocket;
        initSSL();
        if (this.address == null || this.address.length() == 0 || this.address.equals("*")) {
            this.log.info(Resources._T(Resources.MSG_TCP_LISTEN_PORT, String.valueOf(i)));
            createServerSocket = this.ssf.createServerSocket(i, this.backlog);
        } else {
            this.log.info(Resources._T(Resources.MSG_TCP_LISTEN_ADDRESS, this.address, String.valueOf(i)));
            createServerSocket = this.ssf.createServerSocket(i, this.backlog, InetAddress.getByName(this.address));
        }
        if (str.equalsIgnoreCase("true")) {
            ((SSLServerSocket) createServerSocket).setNeedClientAuth(true);
        }
        if (str.equalsIgnoreCase("want")) {
            ((SSLServerSocket) createServerSocket).setWantClientAuth(true);
        }
        return createServerSocket;
    }

    private synchronized void initSSL() {
        if (this.ssf != null) {
            return;
        }
        this.serverCertificateKey = getServerCertificateKey();
        this.serverCertificateChain = getServerCertificateChain();
        this.keyStoreName = getKeyStore();
        this.keyPassword = getKeyPassword();
        this.trustStoreName = getTrustStore();
        this.trustStorePassword = getTrustStorePassword();
        this.trustCertificates = getTrustCertificates();
        this.certRevocationList = getCertRevocationList();
        if (this.serverCertificateKey == null || this.serverCertificateChain == null) {
            if (this.keyStoreName == null || this.keyStoreName.length() == 0) {
                throw new RuntimeException(muxerSm.get("muxer.ssl.no.key.store"));
            }
            if (this.keyPassword == null) {
                throw new RuntimeException(muxerSm.get("muxer.ssl.no.key.pass"));
            }
        }
        FileInputStream fileInputStream = null;
        try {
            try {
                String keyStoreType = getKeyStoreType();
                if (keyStoreType == null || keyStoreType.length() == 0) {
                    keyStoreType = KeyStore.getDefaultType();
                }
                String trustStoreType = getTrustStoreType();
                if (trustStoreType == null || trustStoreType.length() == 0) {
                    trustStoreType = KeyStore.getDefaultType();
                }
                String keyManagerFactoryAlgorithm = getKeyManagerFactoryAlgorithm();
                if (keyManagerFactoryAlgorithm == null || keyManagerFactoryAlgorithm.length() == 0) {
                    keyManagerFactoryAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
                }
                String trustManagerFactoryAlgorithm = getTrustManagerFactoryAlgorithm();
                if (trustManagerFactoryAlgorithm == null || trustManagerFactoryAlgorithm.length() == 0) {
                    trustManagerFactoryAlgorithm = TrustManagerFactory.getDefaultAlgorithm();
                }
                KeyStore keyStore = KeyStore.getInstance(keyStoreType);
                char[] cArr = null;
                if (this.keyStoreName != null && this.keyStoreName.length() != 0 && this.keyPassword != null) {
                    cArr = this.keyStorePassword.toCharArray();
                    fileInputStream = new FileInputStream(Config.getFile(this.keyStoreName));
                    keyStore.load(fileInputStream, cArr);
                    fileInputStream.close();
                } else if (this.serverCertificateChain != null && this.serverCertificateKey != null) {
                    cArr = "temppass".toCharArray();
                    keyStore.load(null, cArr);
                    SSLCertificateSupporter.initKeystore(keyStore, cArr, this.serverCertificateKey, this.serverCertificateChain);
                }
                if (this.keyPassword != null) {
                    cArr = this.keyPassword.toCharArray();
                }
                this.kmf = KeyManagerFactory.getInstance(keyManagerFactoryAlgorithm);
                this.kmf.init(keyStore, cArr);
                this.log.debug("key manager factory algorithm is: " + this.kmf.getAlgorithm());
                KeyStore keyStore2 = null;
                if (this.trustStoreName != null && this.trustStoreName.length() != 0) {
                    keyStore2 = KeyStore.getInstance(trustStoreType);
                    char[] charArray = this.trustStorePassword == null ? null : this.trustStorePassword.toCharArray();
                    File file = Config.getFile(this.trustStoreName);
                    System.setProperty("javax.net.ssl.trustStore", file.getAbsolutePath());
                    System.setProperty("javax.net.ssl.trustStorePassword", this.trustStorePassword);
                    fileInputStream = new FileInputStream(file);
                    keyStore2.load(fileInputStream, charArray);
                    fileInputStream.close();
                } else if (this.trustCertificates != null) {
                    keyStore2 = KeyStore.getInstance(trustStoreType);
                    keyStore2.load(null, null);
                    SSLCertificateSupporter.initTruststore(keyStore2, this.trustCertificates);
                }
                this.tmf = TrustManagerFactory.getInstance(trustManagerFactoryAlgorithm);
                if (this.certRevocationList == null) {
                    this.tmf.init(keyStore2);
                } else {
                    this.tmf.init(new CertPathTrustManagerParameters(SSLCertificateSupporter.getParameters(trustManagerFactoryAlgorithm, this.certRevocationList, keyStore2, getCRLReloadCheckInterval().intValue())));
                }
                this.log.debug("trust manager factory algorithm is: " + this.tmf.getAlgorithm());
                SSLContext sSLContext = SSLContext.getInstance(getSSLProtocol());
                sSLContext.init(this.kmf.getKeyManagers(), this.tmf.getTrustManagers(), null);
                this.ssf = sSLContext.getServerSocketFactory();
                this.csf = sSLContext.getSocketFactory();
                if (fileInputStream != null) {
                    try {
                        fileInputStream.close();
                    } catch (IOException e) {
                    }
                }
            } catch (Exception e2) {
                this.log.debug(muxerSm.get("muxer.ssl.init.failed"), e2);
                throw new RuntimeException(muxerSm.get("muxer.ssl.init.failed", e2.toString()));
            }
        } catch (Throwable th) {
            if (fileInputStream != null) {
                try {
                    fileInputStream.close();
                } catch (IOException e3) {
                }
            }
            throw th;
        }
    }

    @Override // com.apusic.net.SocketAcceptor
    public void acceptSocket(final Socket socket) {
        long checkConnectionLimit = checkConnectionLimit(socket);
        if (checkConnectionLimit <= 0) {
            handleConnection(socket);
        } else {
            Config.getTimer().schedule(new Runnable() { // from class: com.apusic.web.http.tcp.TCPEndpoint.1
                @Override // java.lang.Runnable
                public void run() {
                    TCPEndpoint.this.acceptSocket(socket);
                }
            }, checkConnectionLimit, TimeUnit.MILLISECONDS);
        }
    }

    @Override // com.apusic.net.SocketChannelAcceptor
    public void acceptSocketChannel(final SocketChannel socketChannel) {
        long checkConnectionLimit = checkConnectionLimit(socketChannel.socket());
        if (checkConnectionLimit <= 0) {
            handleConnection(SocketAdaptor.getInstance(socketChannel));
        } else {
            Config.getTimer().schedule(new Runnable() { // from class: com.apusic.web.http.tcp.TCPEndpoint.2
                @Override // java.lang.Runnable
                public void run() {
                    TCPEndpoint.this.acceptSocketChannel(socketChannel);
                }
            }, checkConnectionLimit, TimeUnit.MILLISECONDS);
        }
    }

    protected void handleConnection(Socket socket) {
        Server server = getServer();
        if (server == null || !server.isStarted()) {
            try {
                socket.close();
                return;
            } catch (Exception e) {
                return;
            }
        }
        try {
            socket.setTcpNoDelay(this.tcpNoDelay);
            socket.setSoTimeout(this.timeout * 1000);
        } catch (SocketException e2) {
            e2.printStackTrace();
        }
        if (this.ioType.equals(VMOptions.WEB_IO_TYPE_BIO) || (socket instanceof SSLSocket)) {
            handleBIOConnection(server, socket);
            return;
        }
        if (this.ioType.equals(VMOptions.WEB_IO_TYPE_NIO)) {
            handleNIOConnection(server, (SocketAdaptor) socket);
        } else if (this.ioType.equals(VMOptions.WEB_IO_TYPE_NB)) {
            handleNBConnection(server, (SocketAdaptor) socket);
        } else {
            handleBIOConnection(server, socket);
        }
    }

    protected void handleNBConnection(Server server, SocketAdaptor socketAdaptor) {
        this.reactorManager.assignReactorFor(TCP_NBConnection.getInstance(this, socketAdaptor).getReactorHandler());
    }

    protected void handleNIOConnection(Server server, SocketAdaptor socketAdaptor) {
        TCP_NIOConnection tCP_NIOConnection = TCP_NIOConnection.getInstance(this, socketAdaptor);
        this.reactorManager.assignReactorFor(tCP_NIOConnection.getReactorHandler(), false);
        try {
            tCP_NIOConnection.processInput(true);
        } catch (Throwable th) {
            if (this.log.isDebugable()) {
                this.log.debug("Error occurred while process input for socket " + socketAdaptor, th);
            }
            tCP_NIOConnection.abort();
        }
    }

    protected void handleBIOConnection(Server server, Socket socket) {
        server.handleConnection(TCP_BIOConnection.getInstance(this, socket));
    }

    private long checkConnectionLimit(Socket socket) {
        return Config.getJ2EEServer().checkConnectionLimit(socket);
    }

    @Override // com.apusic.service.AttributeChangeAware
    public Boolean isAttributeChanged(String str) {
        return this.attrCA.isAttributeChanged(str);
    }

    @Override // com.apusic.service.AttributeChangeAware
    public void setAttributeChanged(String str, Boolean bool) {
        this.attrCA.setAttributeChanged(str, bool);
    }

    @Override // com.apusic.service.AttributeChangeAware
    public Boolean compareAndSetAttributeChanged(String str, Boolean bool, Boolean bool2) {
        return this.attrCA.compareAndSetAttributeChanged(str, bool, bool2);
    }
}
