package org.jivesoftware.openfire.nio;

import io.netty.channel.ChannelFuture;
import io.netty.channel.ChannelFutureListener;
import io.netty.channel.ChannelHandler;
import io.netty.channel.ChannelHandlerContext;
import io.netty.handler.codec.compression.JZlibDecoder;
import io.netty.handler.codec.compression.JZlibEncoder;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslHandler;
import io.netty.handler.traffic.ChannelTrafficShapingHandler;
import java.net.InetSocketAddress;
import java.net.SocketAddress;
import java.net.UnknownHostException;
import java.security.cert.Certificate;
import java.util.Optional;
import java.util.concurrent.atomic.AtomicReference;
import javax.annotation.Nullable;
import javax.net.ssl.SSLPeerUnverifiedException;
import org.jivesoftware.openfire.Connection;
import org.jivesoftware.openfire.PacketDeliverer;
import org.jivesoftware.openfire.auth.UnauthorizedException;
import org.jivesoftware.openfire.net.AbstractConnection;
import org.jivesoftware.openfire.net.ServerTrafficCounter;
import org.jivesoftware.openfire.net.StanzaHandler;
import org.jivesoftware.openfire.session.LocalSession;
import org.jivesoftware.openfire.session.Session;
import org.jivesoftware.openfire.spi.ConnectionConfiguration;
import org.jivesoftware.openfire.spi.EncryptionArtifactFactory;
import org.jivesoftware.openfire.spi.NettyServerInitializer;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.xmpp.packet.Packet;
import org.xmpp.packet.StreamError;

/* loaded from: input_file:org/jivesoftware/openfire/nio/NettyConnection.class */
public class NettyConnection extends AbstractConnection {
    private static final Logger Log = LoggerFactory.getLogger(NettyConnection.class);
    public static final String SSL_HANDLER_NAME = "ssl";
    private final ConnectionConfiguration configuration;
    private final ChannelHandlerContext channelHandlerContext;
    private final PacketDeliverer backupDeliverer;
    private boolean usingSelfSignedCertificate;
    private final AtomicReference<Connection.State> state = new AtomicReference<>(Connection.State.OPEN);
    private boolean isEncrypted = false;

    public NettyConnection(ChannelHandlerContext channelHandlerContext, @Nullable PacketDeliverer packetDeliverer, ConnectionConfiguration connectionConfiguration) {
        this.channelHandlerContext = channelHandlerContext;
        this.backupDeliverer = packetDeliverer;
        this.configuration = connectionConfiguration;
    }

    @Override // org.jivesoftware.openfire.Connection
    public boolean validate() {
        if (isClosed()) {
            return false;
        }
        deliverRawText(" ");
        return !isClosed();
    }

    public SocketAddress getPeer() {
        return this.channelHandlerContext.channel().remoteAddress();
    }

    @Override // org.jivesoftware.openfire.Connection
    public byte[] getAddress() throws UnknownHostException {
        SocketAddress remoteAddress = this.channelHandlerContext.channel().remoteAddress();
        if (remoteAddress == null) {
            throw new UnknownHostException();
        }
        return ((InetSocketAddress) remoteAddress).getAddress().getAddress();
    }

    @Override // org.jivesoftware.openfire.Connection
    public String getHostAddress() throws UnknownHostException {
        SocketAddress remoteAddress = this.channelHandlerContext.channel().remoteAddress();
        if (remoteAddress == null) {
            throw new UnknownHostException();
        }
        return ((InetSocketAddress) remoteAddress).getAddress().getHostAddress();
    }

    @Override // org.jivesoftware.openfire.Connection
    public String getHostName() throws UnknownHostException {
        SocketAddress remoteAddress = this.channelHandlerContext.channel().remoteAddress();
        if (remoteAddress == null) {
            throw new UnknownHostException();
        }
        return ((InetSocketAddress) remoteAddress).getAddress().getHostName();
    }

    @Override // org.jivesoftware.openfire.Connection
    public Certificate[] getLocalCertificates() {
        SslHandler sslHandler = this.channelHandlerContext.channel().pipeline().get(SSL_HANDLER_NAME);
        return sslHandler != null ? sslHandler.engine().getSession().getLocalCertificates() : new Certificate[0];
    }

    @Override // org.jivesoftware.openfire.Connection
    public Certificate[] getPeerCertificates() {
        SslHandler sslHandler = this.channelHandlerContext.channel().pipeline().get(SSL_HANDLER_NAME);
        if (sslHandler != null) {
            try {
                return sslHandler.engine().getSession().getPeerCertificates();
            } catch (SSLPeerUnverifiedException e) {
                if (Log.isTraceEnabled()) {
                    Log.trace("Peer does not offer certificates in session: " + String.valueOf(this.session), e);
                }
            }
        }
        return new Certificate[0];
    }

    @Override // org.jivesoftware.openfire.Connection
    public Optional<String> getTLSProtocolName() {
        SslHandler sslHandler = this.channelHandlerContext.channel().pipeline().get(SSL_HANDLER_NAME);
        return sslHandler == null ? Optional.empty() : Optional.ofNullable(sslHandler.engine().getSession().getProtocol());
    }

    @Override // org.jivesoftware.openfire.Connection
    public Optional<String> getCipherSuiteName() {
        SslHandler sslHandler = this.channelHandlerContext.channel().pipeline().get(SSL_HANDLER_NAME);
        return sslHandler == null ? Optional.empty() : Optional.ofNullable(sslHandler.engine().getSession().getCipherSuite());
    }

    @Override // org.jivesoftware.openfire.Connection
    public void setUsingSelfSignedCertificate(boolean z) {
        this.usingSelfSignedCertificate = z;
    }

    @Override // org.jivesoftware.openfire.Connection
    public boolean isUsingSelfSignedCertificate() {
        return this.usingSelfSignedCertificate;
    }

    @Override // org.jivesoftware.openfire.Connection
    @Nullable
    public PacketDeliverer getPacketDeliverer() {
        return this.backupDeliverer;
    }

    @Override // org.jivesoftware.openfire.Connection
    public void close(@Nullable StreamError streamError, boolean z) {
        ChannelFuture newSucceededFuture;
        if (this.state.compareAndSet(Connection.State.OPEN, Connection.State.CLOSED)) {
            Log.trace("Closing {} with optional error: {}", this, streamError);
            if (this.session != null) {
                if (!z) {
                    this.session.getStreamManager().formalClose();
                }
                this.session.setStatus(Session.Status.CLOSED);
                newSucceededFuture = this.channelHandlerContext.writeAndFlush((streamError != null ? streamError.toXML() : "") + "</stream:stream>");
            } else {
                newSucceededFuture = this.channelHandlerContext.newSucceededFuture();
            }
            newSucceededFuture.addListener(future -> {
                Log.trace("Flushed any final bytes, closing connection.");
            }).addListener(ChannelFutureListener.CLOSE).addListener(future2 -> {
                Log.trace("Notifying close listeners.");
                notifyCloseListeners().whenComplete((obj, th) -> {
                    this.closeListeners.clear();
                    if (th != null) {
                        Log.warn("Exception while invoking close listeners for {}", this, th);
                    }
                });
            }).addListener(future3 -> {
                Log.trace("Finished closing connection.");
            });
        }
    }

    @Override // org.jivesoftware.openfire.Connection
    public void systemShutdown() {
        close(new StreamError(StreamError.Condition.system_shutdown));
    }

    @Override // org.jivesoftware.openfire.net.AbstractConnection, org.jivesoftware.openfire.Connection
    public void reinit(LocalSession localSession) {
        super.reinit(localSession);
        ((StanzaHandler) this.channelHandlerContext.channel().attr(NettyConnectionHandler.HANDLER).get()).setSession(localSession);
    }

    @Override // org.jivesoftware.openfire.Connection
    public boolean isInitialized() {
        return (this.session == null || isClosed()) ? false : true;
    }

    @Override // org.jivesoftware.openfire.Connection
    public boolean isClosed() {
        return this.state.get() == Connection.State.CLOSED;
    }

    @Override // org.jivesoftware.openfire.Connection
    public boolean isEncrypted() {
        return this.isEncrypted;
    }

    public void setEncrypted(boolean z) {
        this.isEncrypted = z;
    }

    @Override // org.jivesoftware.openfire.Connection
    public void deliver(Packet packet) throws UnauthorizedException {
        if (isClosed()) {
            if (this.backupDeliverer != null) {
                this.backupDeliverer.deliver(packet);
                return;
            } else {
                Log.trace("Discarding packet that was due to be delivered on closed connection {}, for which no backup deliverer was configured.", this);
                return;
            }
        }
        boolean z = false;
        try {
            this.channelHandlerContext.writeAndFlush(packet.getElement().asXML()).addListener(future -> {
                updateWrittenBytesCounter(this.channelHandlerContext);
            });
        } catch (Exception e) {
            Log.debug("Error delivering packet:\n" + String.valueOf(packet), e);
            z = true;
        }
        if (!z) {
            this.session.incrementServerPacketCount();
            return;
        }
        close();
        if (this.backupDeliverer != null) {
            this.backupDeliverer.deliver(packet);
        } else {
            Log.trace("Discarding packet that failed to be delivered to connection {}, for which no backup deliverer was configured.", this);
        }
    }

    @Override // org.jivesoftware.openfire.Connection
    public void deliverRawText(String str) {
        if (isClosed()) {
            Log.debug("Cannot send data to as connection is already closed: " + String.valueOf(this));
        } else {
            Log.trace("Sending: {}", str);
            this.channelHandlerContext.writeAndFlush(str).addListener(future -> {
                updateWrittenBytesCounter(this.channelHandlerContext);
            });
        }
    }

    private void updateWrittenBytesCounter(ChannelHandlerContext channelHandlerContext) {
        ChannelTrafficShapingHandler channelTrafficShapingHandler = channelHandlerContext.channel().pipeline().get(NettyServerInitializer.TRAFFIC_HANDLER_NAME);
        if (channelTrafficShapingHandler != null) {
            long lastWrittenBytes = channelTrafficShapingHandler.trafficCounter().lastWrittenBytes();
            Long l = (Long) channelHandlerContext.channel().attr(NettyConnectionHandler.WRITTEN_BYTES).get();
            long longValue = l == null ? lastWrittenBytes : lastWrittenBytes - l.longValue();
            channelHandlerContext.channel().attr(NettyConnectionHandler.WRITTEN_BYTES).set(Long.valueOf(lastWrittenBytes));
            ServerTrafficCounter.incrementOutgoingCounter(longValue);
        }
    }

    @Override // org.jivesoftware.openfire.Connection
    public void startTLS(boolean z, boolean z2) throws Exception {
        SslHandler newHandler;
        EncryptionArtifactFactory encryptionArtifactFactory = new EncryptionArtifactFactory(this.configuration);
        if (z) {
            SslContext createClientModeSslContext = encryptionArtifactFactory.createClientModeSslContext();
            NettyOutboundConnectionHandler nettyOutboundConnectionHandler = this.channelHandlerContext.channel().pipeline().get(NettyOutboundConnectionHandler.class);
            newHandler = createClientModeSslContext.newHandler(this.channelHandlerContext.alloc(), nettyOutboundConnectionHandler.getDomainPair().getRemote(), nettyOutboundConnectionHandler.getPort());
        } else {
            newHandler = encryptionArtifactFactory.createServerModeSslContext(z2).newHandler(this.channelHandlerContext.alloc());
        }
        this.channelHandlerContext.pipeline().addFirst(SSL_HANDLER_NAME, newHandler);
        if (z || z2) {
            return;
        }
        deliverRawText("<proceed xmlns=\"urn:ietf:params:xml:ns:xmpp-tls\"/>");
    }

    @Override // org.jivesoftware.openfire.Connection
    public void addCompression() {
        if (isEncrypted()) {
            this.channelHandlerContext.channel().pipeline().addAfter(SSL_HANDLER_NAME, "inboundCompressionHandler", new JZlibDecoder());
        } else {
            this.channelHandlerContext.channel().pipeline().addFirst(new ChannelHandler[]{new JZlibDecoder()});
        }
    }

    @Override // org.jivesoftware.openfire.Connection
    public void startCompression() {
        if (isEncrypted()) {
            this.channelHandlerContext.channel().pipeline().addAfter(SSL_HANDLER_NAME, "outboundCompressionHandler", new JZlibEncoder(9));
        } else {
            this.channelHandlerContext.channel().pipeline().addFirst(new ChannelHandler[]{new JZlibEncoder(9)});
        }
    }

    @Override // org.jivesoftware.openfire.Connection
    public ConnectionConfiguration getConfiguration() {
        return this.configuration;
    }

    @Override // org.jivesoftware.openfire.Connection
    public boolean isCompressed() {
        return this.channelHandlerContext.channel().pipeline().get(JZlibDecoder.class) != null;
    }

    public String toString() {
        SocketAddress remoteAddress = this.channelHandlerContext.channel().remoteAddress();
        return getClass().getSimpleName() + "{peer: " + String.valueOf(remoteAddress == null ? "(unknown)" : remoteAddress) + ", state: " + String.valueOf(this.state) + ", session: " + String.valueOf(this.session) + ", Netty channel handler context name: " + this.channelHandlerContext.name() + "}";
    }
}
