package org.openorb.orb.csiv2;

import java.io.IOException;
import java.io.InterruptedIOException;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLServerSocketFactory;
import javax.net.ssl.SSLSocket;
import org.apache.avalon.framework.CascadingRuntimeException;
import org.omg.CORBA.COMM_FAILURE;
import org.omg.CORBA.NO_PERMISSION;
import org.omg.CORBA.ORB;
import org.omg.CSIIOP.TransportAddress;
import org.omg.IIOP.ListenPoint;
import org.omg.IOP.Codec;
import org.omg.IOP.CodecFactoryPackage.UnknownEncoding;
import org.omg.IOP.Encoding;
import org.omg.IOP.TaggedComponent;
import org.omg.PortableInterceptor.IORInfo;
import org.omg.PortableInterceptor.IORInterceptor;
import org.omg.PortableInterceptor.ORBInitInfo;
import org.omg.PortableInterceptor.ORBInitInfoPackage.DuplicateName;
import org.openorb.orb.config.ORBLoader;
import org.openorb.orb.core.LoggableLocalObject;
import org.openorb.orb.iiop.IIOPTransportServerInitializer;
import org.openorb.orb.net.Transport;
import org.openorb.orb.pi.FeatureInitInfo;
import org.openorb.orb.security.DistinguishedName;
import org.openorb.orb.security.SecurityAssociationOptions;
import org.openorb.orb.ssl.SSLAssociation;
import org.openorb.orb.ssl.SSLCipherSuiteDatabase;
import org.openorb.orb.ssl.SSLContextFinder;
import org.openorb.orb.ssl.SSLTransport;
import org.openorb.orb.util.Trace;
import org.openorb.util.ExceptionTool;

/* loaded from: input_file:org/openorb/orb/csiv2/CSITransportServerInitializer.class */
public class CSITransportServerInitializer extends IIOPTransportServerInitializer {
    CSIConfig m_config;
    private int m_port;
    private String[] m_cipher_suites;
    private ListenPoint[] m_bidir_endpoints;
    private SSLServerSocketFactory m_server_socket_factory;
    private boolean m_iiop_port_disabled = false;
    private boolean m_init_bidir = false;
    private SSLServerSocket m_server_socket = null;
    private List m_handshake_threads = new LinkedList();

    /* loaded from: input_file:org/openorb/orb/csiv2/CSITransportServerInitializer$CSIIORInterceptor.class */
    private class CSIIORInterceptor extends LoggableLocalObject implements IORInterceptor {
        private ORB m_orb;
        private ORBLoader m_loader;
        private Codec m_codec;
        private final CSITransportServerInitializer this$0;

        public CSIIORInterceptor(CSITransportServerInitializer cSITransportServerInitializer, ORB orb, Codec codec, ORBLoader oRBLoader) {
            this.this$0 = cSITransportServerInitializer;
            this.m_orb = null;
            this.m_loader = null;
            this.m_codec = null;
            this.m_orb = orb;
            this.m_loader = oRBLoader;
            this.m_codec = codec;
        }

        public ORBLoader getLoader() {
            return this.m_loader;
        }

        public String name() {
            return "CSIIORInterceptor";
        }

        public void establish_components(IORInfo iORInfo) {
            try {
                CSITlsSecTrans cSITlsSecTrans = null;
                if (this.this$0.m_config.isSSLServerTransportEnabled()) {
                    cSITlsSecTrans = CSITlsSecTrans.create(this.m_codec, this.this$0.m_config.getServerTransportSupports(), this.this$0.m_config.getServerTransportRequires(), new TransportAddress[]{new TransportAddress("localhost", (short) (this.this$0.m_port & CSIConfig.SRV_TRANS_TLS_PORT_MAX))});
                }
                iORInfo.add_ior_component_to_profile(new TaggedComponent(33, CSICompoundSecMechList.create(this.m_orb, this.m_codec, cSITlsSecTrans, SecurityAssociationOptions.parse(getLoader().getStringProperty(CSIConfig.SRV_AUTH_SUPPORTS_KEY, "EstablishTrustInClient"), (short) 64), SecurityAssociationOptions.parse(getLoader().getStringProperty(CSIConfig.SRV_AUTH_REQUIRES_KEY, ""), (short) 64), CSIServerContext.getRealm(), SecurityAssociationOptions.parse(getLoader().getStringProperty(CSIConfig.SRV_ATTR_SUPPORTS_KEY, "IdentityAssertion"), (short) 1024), 2).getEncoded(this.m_orb)), 0);
            } catch (Exception e) {
                getLogger().error("Error while establishing components", e);
            }
        }

        public void destroy() {
        }
    }

    /* loaded from: input_file:org/openorb/orb/csiv2/CSITransportServerInitializer$SSLHandshakeThread.class */
    private class SSLHandshakeThread extends Thread {
        private SSLSocket m_socket;
        private SSLAssociation m_association;
        private boolean m_handshakeCompletedSuccessfully = false;
        private final CSITransportServerInitializer this$0;

        public SSLHandshakeThread(CSITransportServerInitializer cSITransportServerInitializer, SSLSocket sSLSocket, SSLAssociation sSLAssociation) {
            this.this$0 = cSITransportServerInitializer;
            this.m_socket = sSLSocket;
            this.m_association = sSLAssociation;
            this.m_socket.addHandshakeCompletedListener(this.m_association.getHandshakeCompletedListener());
        }

        public SSLSocket getSocket() {
            return this.m_socket;
        }

        public SSLAssociation getAssociation() {
            return this.m_association;
        }

        public boolean hasHandshakeCompletedSuccessfully() {
            return this.m_handshakeCompletedSuccessfully;
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            try {
                this.m_socket.startHandshake();
                this.m_handshakeCompletedSuccessfully = true;
            } catch (IOException e) {
                try {
                    this.m_socket.close();
                } catch (IOException e2) {
                    this.this$0.getLogger().error(new StringBuffer().append("IOException closing socket: ").append(e).toString());
                }
                this.m_handshakeCompletedSuccessfully = false;
            }
        }
    }

    public String getName() {
        return "csiv2-server-init";
    }

    public void init(ORBInitInfo oRBInitInfo, FeatureInitInfo featureInitInfo) {
        super.init(oRBInitInfo, featureInitInfo);
        ORBLoader loader = featureInitInfo.getLoader();
        this.m_config = new CSIConfig(loader);
        if (getLogger().isDebugEnabled() && Trace.isHigh()) {
            getLogger().debug(new StringBuffer().append("Server supports '").append(this.m_config.getServerTransportSupportsString()).append("'").toString());
            getLogger().debug(new StringBuffer().append("Server requires '").append(this.m_config.getServerTransportRequiresString()).append("'").toString());
        }
        if (this.m_config.isSSLServerTransportEnabled()) {
            if (getLogger().isDebugEnabled() && Trace.isMedium()) {
                getLogger().debug("SSL transport enabled");
            }
            if ((this.m_config.getServerTransportRequires() & 64) != 0) {
                this.m_init_bidir = loader.getBooleanProperty("ssliop.server.AllowBiDir", true);
            }
            this.m_server_socket_factory = (SSLServerSocketFactory) SSLContextFinder.getDefault(oRBInitInfo, featureInitInfo, getLogger().getChildLogger("ctx")).getServerSocketFactory();
            this.m_cipher_suites = SSLCipherSuiteDatabase.getCipherSuites(this.m_config.getServerTransportRequires(), this.m_config.getServerTransportSupports(), this.m_server_socket_factory.getSupportedCipherSuites());
            if (getLogger().isDebugEnabled() && Trace.isHigh()) {
                StringBuffer stringBuffer = new StringBuffer();
                stringBuffer.append("Server selected cipher suites are '");
                for (int i = 0; i < this.m_cipher_suites.length; i++) {
                    stringBuffer.append(this.m_cipher_suites[i]);
                    if (i < this.m_cipher_suites.length - 1) {
                        stringBuffer.append(DistinguishedName.DEFAULT_SEPARATOR);
                    }
                }
                stringBuffer.append("'");
                getLogger().debug(stringBuffer.toString());
            }
            open_port();
        }
        try {
            Codec create_codec = oRBInitInfo.codec_factory().create_codec(new Encoding((short) 0, (byte) 1, (byte) 2));
            try {
                CSIIORInterceptor cSIIORInterceptor = new CSIIORInterceptor(this, featureInitInfo.orb(), create_codec, loader);
                oRBInitInfo.add_ior_interceptor(cSIIORInterceptor);
                if (getLogger().isDebugEnabled() && Trace.isHigh()) {
                    getLogger().debug(new StringBuffer().append(cSIIORInterceptor.name()).append(" installed.").toString());
                }
                try {
                    CSIServerInterceptor cSIServerInterceptor = new CSIServerInterceptor(create_codec, featureInitInfo.orb(), this);
                    cSIServerInterceptor.enableLogging(getLogger().getChildLogger("srv"));
                    oRBInitInfo.add_server_request_interceptor(cSIServerInterceptor);
                    if (getLogger().isDebugEnabled() && Trace.isHigh()) {
                        getLogger().debug(new StringBuffer().append(cSIServerInterceptor.name()).append(" installed.").toString());
                    }
                    if (getLogger().isDebugEnabled() && Trace.isLow()) {
                        getLogger().debug("init done");
                    }
                } catch (DuplicateName e) {
                    throw new CascadingRuntimeException("Poblem installing the server interceptor", e);
                }
            } catch (Exception e2) {
                throw ExceptionTool.initCause(new RuntimeException("Unable to install the IOR interceptor"), e2);
            }
        } catch (UnknownEncoding e3) {
        }
    }

    public void open() {
        if (!this.m_iiop_port_disabled) {
            super.open();
        }
        if (this.m_server_socket == null && this.m_config.isSSLServerTransportEnabled()) {
            open_port();
        }
    }

    private void open_port() {
        int serverTransportPort = this.m_config.getServerTransportPort();
        try {
            if (getLogger().isDebugEnabled() && Trace.isHigh()) {
                getLogger().debug(new StringBuffer().append("Trying to open SSL socket on '").append(getListenHost()).append(":").append(serverTransportPort).append("'").toString());
            }
            this.m_server_socket = (SSLServerSocket) this.m_server_socket_factory.createServerSocket(serverTransportPort, 50, getListenHost());
            if ((this.m_config.getServerTransportRequires() & 64) != 0) {
                this.m_server_socket.setNeedClientAuth(true);
                if (getLogger().isDebugEnabled() && Trace.isHigh()) {
                    getLogger().debug("Server needs client authentication (certificates)");
                }
            }
            this.m_server_socket.setEnabledCipherSuites(this.m_cipher_suites);
            this.m_port = this.m_server_socket.getLocalPort();
            if (getLogger().isDebugEnabled() && Trace.isHigh()) {
                getLogger().debug(new StringBuffer().append("Server port set to '").append(this.m_port).append("'").toString());
            }
        } catch (IOException e) {
            if (getLogger().isErrorEnabled()) {
                getLogger().error(new StringBuffer().append("Unable to listen on ").append(serverTransportPort).append(".").toString(), e);
            }
            throw new COMM_FAILURE(new StringBuffer().append("Unable to listen on ").append(serverTransportPort).append(" (").append(e).append(")").toString());
        } catch (SecurityException e2) {
            if (getLogger().isErrorEnabled()) {
                getLogger().error(new StringBuffer().append("Access denied for ").append(serverTransportPort).append(".").toString(), e2);
            }
            throw new NO_PERMISSION(new StringBuffer().append("Access denied for ").append(serverTransportPort).append(" (").append(e2).append(")").toString());
        }
    }

    public ListenPoint[] getBiDirEndpoints() {
        if (this.m_init_bidir) {
            this.m_init_bidir = false;
            ListenPoint[] biDirEndpoints = !this.m_iiop_port_disabled ? super.getBiDirEndpoints() : null;
            if (biDirEndpoints == null || biDirEndpoints.length == 0) {
                this.m_bidir_endpoints = new ListenPoint[1];
            } else {
                this.m_bidir_endpoints = new ListenPoint[biDirEndpoints.length + 1];
                System.arraycopy(biDirEndpoints, 0, this.m_bidir_endpoints, 1, biDirEndpoints.length);
            }
            this.m_bidir_endpoints[0] = new ListenPoint(getPrimaryEndpoint().host, (short) this.m_port);
        }
        return this.m_bidir_endpoints;
    }

    public void close() {
        if (!this.m_iiop_port_disabled) {
            super.close();
        }
        if (this.m_server_socket != null && this.m_config.isSSLServerTransportEnabled()) {
            try {
                this.m_server_socket.close();
            } catch (IOException e) {
                getLogger().error(new StringBuffer().append("IOException closing socket: ").append(e).toString());
            }
            this.m_server_socket = null;
        }
    }

    public boolean isOpen() {
        return this.m_server_socket != null;
    }

    public Transport accept(int i) {
        if (!this.m_config.isSSLServerTransportEnabled()) {
            return super.accept(i);
        }
        if (i <= 0 || i > 250) {
            i = 250;
        }
        Iterator it = this.m_handshake_threads.iterator();
        while (it.hasNext()) {
            SSLHandshakeThread sSLHandshakeThread = (SSLHandshakeThread) it.next();
            if (!sSLHandshakeThread.isAlive()) {
                it.remove();
                if (!sSLHandshakeThread.hasHandshakeCompletedSuccessfully()) {
                    return null;
                }
                SSLTransport sSLTransport = new SSLTransport(sSLHandshakeThread.getSocket(), this.m_port, sSLHandshakeThread.getAssociation());
                sSLTransport.enableLogging(getLogger());
                if (getLogger().isDebugEnabled() && Trace.isHigh()) {
                    getLogger().debug(new StringBuffer().append("SSL connection established: ").append(sSLTransport).toString());
                }
                return sSLTransport;
            }
        }
        try {
            this.m_server_socket.setSoTimeout(i / 2);
            try {
                try {
                    int serverHandshakeTimeout = this.m_config.getServerHandshakeTimeout();
                    SSLSocket sSLSocket = (SSLSocket) this.m_server_socket.accept();
                    sSLSocket.setSoTimeout(serverHandshakeTimeout);
                    SSLHandshakeThread sSLHandshakeThread2 = new SSLHandshakeThread(this, sSLSocket, new SSLAssociation(this.m_config.getServerTransportRequires(), true));
                    this.m_handshake_threads.add(sSLHandshakeThread2);
                    sSLHandshakeThread2.start();
                    return null;
                } catch (InterruptedIOException e) {
                    if (this.m_iiop_port_disabled) {
                        return null;
                    }
                    return super.accept(i / 2);
                }
            } catch (SSLException e2) {
                if (getLogger().isErrorEnabled()) {
                    getLogger().error("Unexpected SSLException while accepting connections.", e2);
                }
                throw new COMM_FAILURE(new StringBuffer().append("Unexpected SSLException while accepting connections (").append(e2).append(")").toString());
            } catch (IOException e3) {
                if (getLogger().isErrorEnabled()) {
                    getLogger().error("Unexpected IOException while accepting connections.", e3);
                }
                throw new COMM_FAILURE(new StringBuffer().append("Unexpected IOException while accepting connections (").append(e3).append(")").toString());
            }
        } catch (IOException e4) {
            if (getLogger().isErrorEnabled()) {
                getLogger().error("Unexpected IOException while setting the socket's SO timeout.", e4);
            }
            throw new COMM_FAILURE(new StringBuffer().append("Unexpected IOException while setting the socket's SO timeout (").append(e4).append(")").toString());
        }
    }
}
