package org.jivesoftware.openfire.nio;

import io.netty.bootstrap.Bootstrap;
import io.netty.channel.Channel;
import io.netty.channel.ChannelHandler;
import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.ChannelInitializer;
import io.netty.channel.ChannelOption;
import io.netty.channel.EventLoopGroup;
import io.netty.channel.nio.NioEventLoopGroup;
import io.netty.channel.socket.SocketChannel;
import io.netty.channel.socket.nio.NioSocketChannel;
import io.netty.handler.codec.string.StringEncoder;
import io.netty.handler.timeout.IdleStateHandler;
import java.io.IOException;
import java.net.Socket;
import java.net.SocketAddress;
import java.nio.charset.StandardCharsets;
import java.time.Duration;
import java.time.temporal.ChronoUnit;
import java.util.Map;
import java.util.concurrent.CompletableFuture;
import java.util.concurrent.Future;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicBoolean;
import javax.net.ssl.SSLException;
import org.dom4j.Document;
import org.dom4j.DocumentHelper;
import org.dom4j.Element;
import org.dom4j.Namespace;
import org.dom4j.QName;
import org.jivesoftware.openfire.net.RespondingServerStanzaHandler;
import org.jivesoftware.openfire.net.SocketUtil;
import org.jivesoftware.openfire.server.ServerDialback;
import org.jivesoftware.openfire.session.ConnectionSettings;
import org.jivesoftware.openfire.session.DomainPair;
import org.jivesoftware.openfire.session.LocalSession;
import org.jivesoftware.openfire.spi.ConnectionAcceptor;
import org.jivesoftware.openfire.spi.ConnectionListener;
import org.jivesoftware.openfire.spi.NettyConnectionAcceptor;
import org.jivesoftware.util.JiveGlobals;
import org.jivesoftware.util.StringUtils;
import org.jivesoftware.util.SystemProperty;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/jivesoftware/openfire/nio/NettySessionInitializer.class */
public class NettySessionInitializer {
    public static final SystemProperty<Duration> GRACEFUL_SHUTDOWN_QUIET_PERIOD = SystemProperty.Builder.ofType(Duration.class).setKey("xmpp.socket.netty.graceful-shutdown.quiet-period").setDefaultValue(Duration.ofSeconds(2)).setChronoUnit(ChronoUnit.MILLIS).setDynamic(false).build();
    public static final SystemProperty<Duration> GRACEFUL_SHUTDOWN_TIMEOUT = SystemProperty.Builder.ofType(Duration.class).setKey("xmpp.socket.netty.graceful-shutdown.timeout").setDefaultValue(Duration.ofSeconds(15)).setChronoUnit(ChronoUnit.MILLIS).setDynamic(false).build();
    private static final Logger Log = LoggerFactory.getLogger(NettySessionInitializer.class);
    private final DomainPair domainPair;
    private final int port;
    private boolean directTLS = false;
    private final AtomicBoolean isStopped = new AtomicBoolean(false);
    private final EventLoopGroup workerGroup = new NioEventLoopGroup();
    private Channel channel;

    public NettySessionInitializer(DomainPair domainPair, int i) {
        this.domainPair = domainPair;
        this.port = i;
    }

    public Future<LocalSession> init(final ConnectionListener connectionListener) {
        Log.debug("Creating plain socket connection to a host that belongs to the remote XMPP domain.");
        Map.Entry<Socket, Boolean> createSocketToXmppDomain = SocketUtil.createSocketToXmppDomain(this.domainPair.getRemote(), this.port);
        if (createSocketToXmppDomain == null) {
            throw new NetworkEntityUnreachableException("Cannot establish connection to any host in the XMPP domain '" + this.domainPair.getRemote() + "'.");
        }
        Socket key = createSocketToXmppDomain.getKey();
        this.directTLS = createSocketToXmppDomain.getValue().booleanValue();
        SocketAddress remoteSocketAddress = key.getRemoteSocketAddress();
        try {
            key.close();
        } catch (IOException e) {
            Log.warn("Unable to close socket to remote address: {}", remoteSocketAddress, e);
        }
        Log.debug("Opening a new connection to {} {}.", remoteSocketAddress, this.directTLS ? "using directTLS" : "that is initially not encrypted");
        try {
            Bootstrap bootstrap = new Bootstrap();
            bootstrap.group(this.workerGroup);
            bootstrap.channel(NioSocketChannel.class);
            bootstrap.option(ChannelOption.SO_KEEPALIVE, true);
            bootstrap.handler(new ChannelInitializer<SocketChannel>() { // from class: org.jivesoftware.openfire.nio.NettySessionInitializer.1
                public void initChannel(SocketChannel socketChannel) throws Exception {
                    ChannelHandler nettyOutboundConnectionHandler = new NettyOutboundConnectionHandler(connectionListener.generateConnectionConfiguration(), NettySessionInitializer.this.domainPair, NettySessionInitializer.this.port);
                    socketChannel.pipeline().addLast("idleStateHandler", new IdleStateHandler((nettyOutboundConnectionHandler.getMaxIdleTime().isNegative() ? Duration.ZERO : nettyOutboundConnectionHandler.getMaxIdleTime()).dividedBy(2L).toMillis(), 0L, 0L, TimeUnit.MILLISECONDS));
                    socketChannel.pipeline().addLast("keepAliveHandler", new NettyIdleStateKeepAliveHandler(false));
                    socketChannel.pipeline().addLast(new ChannelHandler[]{new NettyXMPPDecoder()});
                    socketChannel.pipeline().addLast(new ChannelHandler[]{new StringEncoder(StandardCharsets.UTF_8)});
                    socketChannel.pipeline().addLast(new ChannelHandler[]{nettyOutboundConnectionHandler});
                    ConnectionAcceptor connectionAcceptor = connectionListener.getConnectionAcceptor();
                    if (connectionAcceptor instanceof NettyConnectionAcceptor) {
                        ((NettyConnectionAcceptor) connectionAcceptor).getChannelHandlerFactories().forEach(nettyChannelHandlerFactory -> {
                            try {
                                nettyChannelHandlerFactory.addNewHandlerTo(socketChannel.pipeline());
                            } catch (Throwable th) {
                                NettySessionInitializer.Log.warn("Unable to add ChannelHandler from '{}' to pipeline of new channel: {}", new Object[]{nettyChannelHandlerFactory, socketChannel, th});
                            }
                        });
                    }
                    if (NettySessionInitializer.this.directTLS) {
                        ((NettyConnection) socketChannel.attr(NettyConnectionHandler.CONNECTION).get()).startTLS(true, true);
                    }
                }

                public void exceptionCaught(ChannelHandlerContext channelHandlerContext, Throwable th) throws Exception {
                    super.exceptionCaught(channelHandlerContext, th);
                    if (exceptionOccurredForDirectTLS(th) && NettySessionInitializer.this.directTLS && JiveGlobals.getBooleanProperty(ConnectionSettings.Server.TLS_ON_PLAIN_DETECTION_ALLOW_NONDIRECTTLS_FALLBACK, true) && th.getMessage().contains("plaintext connection?")) {
                        NettySessionInitializer.Log.warn("Plaintext detected on a new connection that is was started in DirectTLS mode (socket address: {}). Attempting to restart the connection in non-DirectTLS mode.", NettySessionInitializer.this.domainPair.getRemote());
                        NettySessionInitializer.this.directTLS = false;
                        NettySessionInitializer.Log.info("Re-establishing connection to {}. Proceeding without directTLS.", NettySessionInitializer.this.domainPair.getRemote());
                        NettySessionInitializer.this.init(connectionListener);
                    }
                }

                public boolean exceptionOccurredForDirectTLS(Throwable th) {
                    return th instanceof SSLException;
                }
            });
            this.channel = bootstrap.connect(remoteSocketAddress).sync().channel();
            this.channel.closeFuture().addListener(future -> {
                stop();
            });
            if (!this.directTLS) {
                sendOpeningStreamHeader(this.channel);
            }
            return waitForSession(this.channel);
        } catch (InterruptedException e2) {
            Log.error("Error establishing Netty client session", e2);
            stop();
            throw new RuntimeException(e2);
        }
    }

    public void stop() {
        if (this.isStopped.compareAndSet(false, true)) {
            if (this.channel != null) {
                NettyConnection nettyConnection = (NettyConnection) this.channel.attr(NettyConnectionHandler.CONNECTION).get();
                if (nettyConnection != null) {
                    nettyConnection.close();
                }
                this.channel.close();
            }
            this.workerGroup.shutdownGracefully(GRACEFUL_SHUTDOWN_QUIET_PERIOD.getValue().toMillis(), GRACEFUL_SHUTDOWN_TIMEOUT.getValue().toMillis(), TimeUnit.MILLISECONDS);
        }
    }

    private Future<LocalSession> waitForSession(Channel channel) {
        RespondingServerStanzaHandler respondingServerStanzaHandler = (RespondingServerStanzaHandler) channel.attr(NettyConnectionHandler.HANDLER).get();
        return CompletableFuture.anyOf(respondingServerStanzaHandler.isSessionAuthenticated(), respondingServerStanzaHandler.haveAttemptedAllAuthenticationMethods()).thenApply(obj -> {
            return respondingServerStanzaHandler.getSession();
        });
    }

    private void sendOpeningStreamHeader(Channel channel) {
        Log.debug("Send the stream header and wait for response...");
        Element createElement = DocumentHelper.createElement(QName.get("stream", "stream", "http://etherx.jabber.org/streams"));
        Document createDocument = DocumentHelper.createDocument(createElement);
        createDocument.setXMLEncoding(StandardCharsets.UTF_8.toString());
        createElement.add(Namespace.get("", "jabber:server"));
        if (ServerDialback.isEnabled() || ServerDialback.isEnabledForSelfSigned()) {
            createElement.add(Namespace.get("db", "jabber:server:dialback"));
        }
        createElement.addAttribute("from", this.domainPair.getLocal());
        createElement.addAttribute("to", this.domainPair.getRemote());
        createElement.addAttribute("version", "1.0");
        String asUnclosedStream = StringUtils.asUnclosedStream(createDocument);
        Log.trace("Sending: {}", asUnclosedStream);
        channel.writeAndFlush(asUnclosedStream);
    }

    public String toString() {
        return "NettySessionInitializer{domainPair=" + String.valueOf(this.domainPair) + ", port=" + this.port + ", directTLS=" + this.directTLS + ", workerGroup=" + String.valueOf(this.workerGroup) + ", channel=" + String.valueOf(this.channel) + "}";
    }
}
