package org.apache.dubbo.remoting.transport.netty4;

import io.netty.channel.ChannelHandlerContext;
import io.netty.channel.ChannelInboundHandler;
import io.netty.channel.ChannelInboundHandlerAdapter;
import io.netty.handler.ssl.SslContext;
import io.netty.handler.ssl.SslHandler;
import io.netty.handler.ssl.SslHandshakeCompletionEvent;
import javax.net.ssl.SSLSession;
import org.apache.dubbo.common.URL;
import org.apache.dubbo.common.logger.Logger;
import org.apache.dubbo.common.logger.LoggerFactory;

/* loaded from: input_file:BOOT-INF/lib/dubbo-2.7.12-mone-v8-SNAPSHOT.jar:org/apache/dubbo/remoting/transport/netty4/SslHandlerInitializer.class */
public class SslHandlerInitializer {
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) SslHandlerInitializer.class);

    /* loaded from: input_file:BOOT-INF/lib/dubbo-2.7.12-mone-v8-SNAPSHOT.jar:org/apache/dubbo/remoting/transport/netty4/SslHandlerInitializer$HandshakeCompletionEvent.class */
    public static class HandshakeCompletionEvent {
        private final SSLSession sslSession;
        private final ChannelHandlerContext ctx;

        public HandshakeCompletionEvent(SSLSession sSLSession, ChannelHandlerContext channelHandlerContext) {
            this.sslSession = sSLSession;
            this.ctx = channelHandlerContext;
        }

        public SSLSession getSslSession() {
            return this.sslSession;
        }

        public ChannelHandlerContext getCtx() {
            return this.ctx;
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/dubbo-2.7.12-mone-v8-SNAPSHOT.jar:org/apache/dubbo/remoting/transport/netty4/SslHandlerInitializer$SslClientTlsHandler.class */
    public static class SslClientTlsHandler extends ChannelInboundHandlerAdapter {
        private final SslContext sslContext;
        private final NettyClientHandler clientHandler;

        public SslClientTlsHandler(URL url, NettyClientHandler nettyClientHandler) {
            this.sslContext = SslContexts.buildClientSslContext(url);
            this.clientHandler = nettyClientHandler;
        }

        @Override // io.netty.channel.ChannelHandlerAdapter, io.netty.channel.ChannelHandler
        public void handlerAdded(ChannelHandlerContext channelHandlerContext) {
            channelHandlerContext.pipeline().addBefore(channelHandlerContext.name(), null, new SslHandler(this.sslContext.newEngine(channelHandlerContext.alloc()), false));
        }

        @Override // io.netty.channel.ChannelInboundHandlerAdapter, io.netty.channel.ChannelInboundHandler
        public void userEventTriggered(ChannelHandlerContext channelHandlerContext, Object obj) throws Exception {
            if (obj instanceof SslHandshakeCompletionEvent) {
                SslHandshakeCompletionEvent sslHandshakeCompletionEvent = (SslHandshakeCompletionEvent) obj;
                if (!sslHandshakeCompletionEvent.isSuccess()) {
                    SslHandlerInitializer.logger.error("TLS negotiation failed when trying to accept new connection.", sslHandshakeCompletionEvent.cause());
                    channelHandlerContext.fireExceptionCaught(sslHandshakeCompletionEvent.cause());
                } else {
                    SSLSession session = ((SslHandler) channelHandlerContext.pipeline().get(SslHandler.class)).engine().getSession();
                    SslHandlerInitializer.logger.info("TLS negotiation succeed with session: " + session);
                    this.clientHandler.handshakeCompleted(new HandshakeCompletionEvent(session, channelHandlerContext));
                    channelHandlerContext.pipeline().remove(this);
                }
            }
        }
    }

    /* loaded from: input_file:BOOT-INF/lib/dubbo-2.7.12-mone-v8-SNAPSHOT.jar:org/apache/dubbo/remoting/transport/netty4/SslHandlerInitializer$SslServerTlsHandler.class */
    public static class SslServerTlsHandler extends ChannelInboundHandlerAdapter {
        private final SslContext sslContext;
        private final NettyServerHandler serverHandler;

        SslServerTlsHandler(URL url, NettyServerHandler nettyServerHandler) {
            this.sslContext = SslContexts.buildServerSslContext(url);
            this.serverHandler = nettyServerHandler;
        }

        @Override // io.netty.channel.ChannelHandlerAdapter, io.netty.channel.ChannelHandler
        public void handlerAdded(ChannelHandlerContext channelHandlerContext) throws Exception {
            super.handlerAdded(channelHandlerContext);
            channelHandlerContext.pipeline().addFirst(new SslHandler(this.sslContext.newEngine(channelHandlerContext.alloc()), false));
        }

        @Override // io.netty.channel.ChannelInboundHandlerAdapter, io.netty.channel.ChannelHandlerAdapter, io.netty.channel.ChannelHandler, io.netty.channel.ChannelInboundHandler
        public void exceptionCaught(ChannelHandlerContext channelHandlerContext, Throwable th) throws Exception {
            SslHandlerInitializer.logger.error("TLS negotiation failed when trying to accept new connection.", th);
        }

        @Override // io.netty.channel.ChannelInboundHandlerAdapter, io.netty.channel.ChannelInboundHandler
        public void userEventTriggered(ChannelHandlerContext channelHandlerContext, Object obj) throws Exception {
            if (obj instanceof SslHandshakeCompletionEvent) {
                SslHandshakeCompletionEvent sslHandshakeCompletionEvent = (SslHandshakeCompletionEvent) obj;
                if (sslHandshakeCompletionEvent.isSuccess()) {
                    SSLSession session = ((SslHandler) channelHandlerContext.pipeline().get(SslHandler.class)).engine().getSession();
                    SslHandlerInitializer.logger.info("TLS negotiation succeed with session: " + session);
                    this.serverHandler.handshakeCompleted(new HandshakeCompletionEvent(session, channelHandlerContext));
                    channelHandlerContext.pipeline().remove(this);
                } else {
                    SslHandlerInitializer.logger.error("TLS negotiation failed when trying to accept new connection.", sslHandshakeCompletionEvent.cause());
                    channelHandlerContext.close();
                }
            }
            super.userEventTriggered(channelHandlerContext, obj);
        }
    }

    public static ChannelInboundHandler sslServerHandler(URL url, NettyServerHandler nettyServerHandler) {
        return new SslServerTlsHandler(url, nettyServerHandler);
    }

    public static ChannelInboundHandler sslClientHandler(URL url, NettyClientHandler nettyClientHandler) {
        return new SslClientTlsHandler(url, nettyClientHandler);
    }
}
