package org.jivesoftware.openfire.nio;

import java.net.InetSocketAddress;
import java.net.UnknownHostException;
import java.nio.charset.Charset;
import java.nio.charset.CharsetEncoder;
import java.security.KeyStore;
import java.security.cert.Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import org.apache.mina.common.ByteBuffer;
import org.apache.mina.common.IoFilterChain;
import org.apache.mina.common.IoSession;
import org.apache.mina.filter.CompressionFilter;
import org.apache.mina.filter.SSLFilter;
import org.dom4j.io.OutputFormat;
import org.jivesoftware.openfire.Connection;
import org.jivesoftware.openfire.ConnectionCloseListener;
import org.jivesoftware.openfire.PacketDeliverer;
import org.jivesoftware.openfire.auth.UnauthorizedException;
import org.jivesoftware.openfire.net.ClientTrustManager;
import org.jivesoftware.openfire.net.SSLConfig;
import org.jivesoftware.openfire.net.SSLJiveKeyManagerFactory;
import org.jivesoftware.openfire.net.SSLJiveTrustManagerFactory;
import org.jivesoftware.openfire.net.ServerTrustManager;
import org.jivesoftware.openfire.session.LocalSession;
import org.jivesoftware.util.JiveGlobals;
import org.jivesoftware.util.Log;
import org.jivesoftware.util.XMLWriter;
import org.xmpp.packet.Packet;

/* loaded from: input_file:org/jivesoftware/openfire/nio/NIOConnection.class */
public class NIOConnection implements Connection {
    public static final String CHARSET = "UTF-8";
    private LocalSession session;
    private IoSession ioSession;
    private ConnectionCloseListener closeListener;
    private PacketDeliverer backupDeliverer;
    private boolean usingSelfSignedCertificate;
    private static ThreadLocal encoder = new ThreadLocalEncoder();
    private boolean flashClient = false;
    private int majorVersion = 1;
    private int minorVersion = 0;
    private String language = null;
    private Connection.TLSPolicy tlsPolicy = Connection.TLSPolicy.optional;
    private Connection.CompressionPolicy compressionPolicy = Connection.CompressionPolicy.disabled;
    private boolean closed = false;

    /* loaded from: input_file:org/jivesoftware/openfire/nio/NIOConnection$ThreadLocalEncoder.class */
    private static class ThreadLocalEncoder extends ThreadLocal {
        private ThreadLocalEncoder() {
        }

        @Override // java.lang.ThreadLocal
        protected Object initialValue() {
            return Charset.forName("UTF-8").newEncoder();
        }
    }

    public NIOConnection(IoSession ioSession, PacketDeliverer packetDeliverer) {
        this.ioSession = ioSession;
        this.backupDeliverer = packetDeliverer;
    }

    @Override // org.jivesoftware.openfire.Connection
    public boolean validate() {
        if (isClosed()) {
            return false;
        }
        deliverRawText(" ");
        return !isClosed();
    }

    @Override // org.jivesoftware.openfire.Connection
    public void registerCloseListener(ConnectionCloseListener connectionCloseListener, Object obj) {
        if (this.closeListener != null) {
            throw new IllegalStateException("Close listener already configured");
        }
        if (isClosed()) {
            connectionCloseListener.onConnectionClose(this.session);
        } else {
            this.closeListener = connectionCloseListener;
        }
    }

    @Override // org.jivesoftware.openfire.Connection
    public void removeCloseListener(ConnectionCloseListener connectionCloseListener) {
        if (this.closeListener == connectionCloseListener) {
            this.closeListener = null;
        }
    }

    @Override // org.jivesoftware.openfire.Connection
    public byte[] getAddress() throws UnknownHostException {
        return ((InetSocketAddress) this.ioSession.getRemoteAddress()).getAddress().getAddress();
    }

    @Override // org.jivesoftware.openfire.Connection
    public String getHostAddress() throws UnknownHostException {
        return ((InetSocketAddress) this.ioSession.getRemoteAddress()).getAddress().getHostAddress();
    }

    @Override // org.jivesoftware.openfire.Connection
    public String getHostName() throws UnknownHostException {
        return ((InetSocketAddress) this.ioSession.getRemoteAddress()).getAddress().getHostName();
    }

    @Override // org.jivesoftware.openfire.Connection
    public Certificate[] getLocalCertificates() {
        SSLSession sSLSession = (SSLSession) this.ioSession.getAttribute(SSLFilter.SSL_SESSION);
        return sSLSession != null ? sSLSession.getLocalCertificates() : new Certificate[0];
    }

    @Override // org.jivesoftware.openfire.Connection
    public Certificate[] getPeerCertificates() {
        try {
            SSLSession sSLSession = (SSLSession) this.ioSession.getAttribute(SSLFilter.SSL_SESSION);
            if (sSLSession != null) {
                return sSLSession.getPeerCertificates();
            }
        } catch (SSLPeerUnverifiedException e) {
            Log.warn("Error retrieving client certificates of: " + this.session, e);
        }
        return new Certificate[0];
    }

    @Override // org.jivesoftware.openfire.Connection
    public void setUsingSelfSignedCertificate(boolean z) {
        this.usingSelfSignedCertificate = z;
    }

    @Override // org.jivesoftware.openfire.Connection
    public boolean isUsingSelfSignedCertificate() {
        return this.usingSelfSignedCertificate;
    }

    @Override // org.jivesoftware.openfire.Connection
    public PacketDeliverer getPacketDeliverer() {
        return this.backupDeliverer;
    }

    @Override // org.jivesoftware.openfire.Connection
    public void close() {
        boolean z = false;
        synchronized (this) {
            if (!isClosed()) {
                try {
                    deliverRawText(this.flashClient ? "</flash:stream>" : "</stream:stream>", false);
                } catch (Exception e) {
                }
                if (this.session != null) {
                    this.session.setStatus(-1);
                }
                this.ioSession.close();
                this.closed = true;
                z = true;
            }
        }
        if (z) {
            notifyCloseListeners();
        }
    }

    @Override // org.jivesoftware.openfire.Connection
    public void systemShutdown() {
        deliverRawText("<stream:error><system-shutdown xmlns='urn:ietf:params:xml:ns:xmpp-streams'/></stream:error>");
        close();
    }

    private void notifyCloseListeners() {
        if (this.closeListener != null) {
            try {
                this.closeListener.onConnectionClose(this.session);
            } catch (Exception e) {
                Log.error("Error notifying listener: " + this.closeListener, e);
            }
        }
    }

    @Override // org.jivesoftware.openfire.Connection
    public void init(LocalSession localSession) {
        this.session = localSession;
    }

    @Override // org.jivesoftware.openfire.Connection
    public boolean isClosed() {
        return this.session == null ? this.closed : this.session.getStatus() == -1;
    }

    @Override // org.jivesoftware.openfire.Connection
    public boolean isSecure() {
        return this.ioSession.getFilterChain().contains("tls");
    }

    @Override // org.jivesoftware.openfire.Connection
    public void deliver(Packet packet) throws UnauthorizedException {
        if (isClosed()) {
            this.backupDeliverer.deliver(packet);
            return;
        }
        ByteBuffer allocate = ByteBuffer.allocate(4096);
        allocate.setAutoExpand(true);
        boolean z = false;
        try {
            XMLWriter xMLWriter = new XMLWriter(new ByteBufferWriter(allocate, (CharsetEncoder) encoder.get()), new OutputFormat());
            xMLWriter.write(packet.getElement());
            xMLWriter.flush();
            if (this.flashClient) {
                allocate.put((byte) 0);
            }
            allocate.flip();
            this.ioSession.write(allocate);
        } catch (Exception e) {
            Log.debug("NIOConnection: Error delivering packet\n" + toString(), e);
            z = true;
        }
        if (!z) {
            this.session.incrementServerPacketCount();
        } else {
            close();
            this.backupDeliverer.deliver(packet);
        }
    }

    @Override // org.jivesoftware.openfire.Connection
    public void deliverRawText(String str) {
        deliverRawText(str, true);
    }

    private void deliverRawText(String str, boolean z) {
        if (isClosed()) {
            return;
        }
        ByteBuffer allocate = ByteBuffer.allocate(str.length());
        allocate.setAutoExpand(true);
        boolean z2 = false;
        try {
            allocate.put(str.getBytes("UTF-8"));
            if (this.flashClient) {
                allocate.put((byte) 0);
            }
            allocate.flip();
            if (z) {
                this.ioSession.write(allocate);
            } else if (!this.ioSession.write(allocate).join(JiveGlobals.getIntProperty("connection.ack.timeout", 2000))) {
                Log.warn("No ACK was received when sending stanza to: " + toString());
            }
        } catch (Exception e) {
            Log.debug("NIOConnection: Error delivering raw text\n" + toString(), e);
            z2 = true;
        }
        if (z2 && z) {
            close();
        }
    }

    @Override // org.jivesoftware.openfire.Connection
    public void startTLS(boolean z, String str, Connection.ClientAuth clientAuth) throws Exception {
        boolean z2 = str == null;
        KeyStore keyStore = SSLConfig.getKeyStore();
        String keyPassword = SSLConfig.getKeyPassword();
        KeyStore keyStore2 = z2 ? SSLConfig.getc2sTrustStore() : SSLConfig.gets2sTrustStore();
        String str2 = z2 ? SSLConfig.getc2sTrustPassword() : SSLConfig.gets2sTrustPassword();
        if (z2) {
            Log.debug("NIOConnection: startTLS: using c2s");
        } else {
            Log.debug("NIOConnection: startTLS: using s2s");
        }
        KeyManager[] keyManagers = SSLJiveKeyManagerFactory.getKeyManagers(keyStore, keyPassword);
        TrustManager[] trustManagers = SSLJiveTrustManagerFactory.getTrustManagers(keyStore2, str2);
        if (z || clientAuth == Connection.ClientAuth.needed || clientAuth == Connection.ClientAuth.wanted) {
            trustManagers = z2 ? new TrustManager[]{new ClientTrustManager(keyStore2)} : new TrustManager[]{new ServerTrustManager(str, keyStore2, this)};
        }
        SSLContext sSLContext = SSLContext.getInstance("TLS");
        sSLContext.init(keyManagers, trustManagers, null);
        SSLFilter sSLFilter = new SSLFilter(sSLContext);
        sSLFilter.setUseClientMode(z);
        if (clientAuth == Connection.ClientAuth.needed) {
            sSLFilter.setNeedClientAuth(true);
        } else if (clientAuth == Connection.ClientAuth.wanted) {
            sSLFilter.setWantClientAuth(true);
        }
        this.ioSession.getFilterChain().addBefore("org.apache.mina.common.ExecutorThreadModel", "tls", sSLFilter);
        this.ioSession.setAttribute(SSLFilter.DISABLE_ENCRYPTION_ONCE, Boolean.TRUE);
        if (z) {
            return;
        }
        deliverRawText("<proceed xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\"/>");
    }

    @Override // org.jivesoftware.openfire.Connection
    public void addCompression() {
        IoFilterChain filterChain = this.ioSession.getFilterChain();
        filterChain.addAfter(filterChain.contains("tls") ? "tls" : "org.apache.mina.common.ExecutorThreadModel", "compression", new CompressionFilter(true, false, 9));
    }

    @Override // org.jivesoftware.openfire.Connection
    public void startCompression() {
        ((CompressionFilter) this.ioSession.getFilterChain().get("compression")).setCompressOutbound(true);
    }

    @Override // org.jivesoftware.openfire.Connection
    public boolean isFlashClient() {
        return this.flashClient;
    }

    @Override // org.jivesoftware.openfire.Connection
    public void setFlashClient(boolean z) {
        this.flashClient = z;
    }

    @Override // org.jivesoftware.openfire.Connection
    public int getMajorXMPPVersion() {
        return this.majorVersion;
    }

    @Override // org.jivesoftware.openfire.Connection
    public int getMinorXMPPVersion() {
        return this.minorVersion;
    }

    @Override // org.jivesoftware.openfire.Connection
    public void setXMPPVersion(int i, int i2) {
        this.majorVersion = i;
        this.minorVersion = i2;
    }

    @Override // org.jivesoftware.openfire.Connection
    public String getLanguage() {
        return this.language;
    }

    @Override // org.jivesoftware.openfire.Connection
    public void setLanaguage(String str) {
        this.language = str;
    }

    @Override // org.jivesoftware.openfire.Connection
    public boolean isCompressed() {
        return this.ioSession.getFilterChain().contains("compression");
    }

    @Override // org.jivesoftware.openfire.Connection
    public Connection.CompressionPolicy getCompressionPolicy() {
        return this.compressionPolicy;
    }

    @Override // org.jivesoftware.openfire.Connection
    public void setCompressionPolicy(Connection.CompressionPolicy compressionPolicy) {
        this.compressionPolicy = compressionPolicy;
    }

    @Override // org.jivesoftware.openfire.Connection
    public Connection.TLSPolicy getTlsPolicy() {
        return this.tlsPolicy;
    }

    @Override // org.jivesoftware.openfire.Connection
    public void setTlsPolicy(Connection.TLSPolicy tLSPolicy) {
        this.tlsPolicy = tLSPolicy;
    }

    public String toString() {
        return super.toString() + " MINA Session: " + this.ioSession;
    }
}
