package net.handle.server.servletcontainer;

import java.lang.ref.WeakReference;
import java.nio.channels.ByteChannel;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import javax.servlet.http.HttpServletRequest;
import net.handle.server.servletcontainer.PortUnificationSelectChannelConnector;
import net.handle.server.servletcontainer.auth.StandardHandleAuthenticator;
import org.eclipse.jetty.io.nio.ChannelEndPoint;
import org.eclipse.jetty.io.nio.SslConnection;
import org.eclipse.jetty.server.Request;

/* loaded from: input_file:net/handle/server/servletcontainer/TlsRenegotiationRequestor.class */
public class TlsRenegotiationRequestor {
    private static final String PROCESSED_ATTRIBUTE_NAME = TlsRenegotiationRequestor.class.getName() + ".processed";
    private final SslConnection.SslEndPoint sslEndPoint;
    private final Request request;

    /* JADX INFO: Access modifiers changed from: package-private */
    public TlsRenegotiationRequestor(SslConnection.SslEndPoint sslEndPoint, Request request) {
        this.sslEndPoint = sslEndPoint;
        this.request = request;
    }

    public boolean isWantingTlsRenegotiation(Boolean bool, boolean z) {
        if ((!z && bool == null) || this.request.getAttribute(PROCESSED_ATTRIBUTE_NAME) != null) {
            return false;
        }
        SSLEngine sslEngine = this.sslEndPoint.getSslEngine();
        if (z) {
            return true;
        }
        if (bool.booleanValue()) {
            if (sslEngine.getNeedClientAuth()) {
                return false;
            }
            return !sslEngine.getWantClientAuth() || StandardHandleAuthenticator.extractCertificate(this.request) == null;
        }
        if (sslEngine.getNeedClientAuth() || sslEngine.getWantClientAuth()) {
            return (sslEngine.getWantClientAuth() && StandardHandleAuthenticator.extractCertificate(this.request) == null) ? false : true;
        }
        return false;
    }

    public boolean isNeedClientAuth() {
        return this.sslEndPoint.getSslEngine().getNeedClientAuth();
    }

    public void requestTlsRenegotiation(HttpServletRequest httpServletRequest, Boolean bool) throws SSLException {
        this.request.setAttribute(PROCESSED_ATTRIBUTE_NAME, Boolean.TRUE);
        if (!(this.sslEndPoint.getEndpoint() instanceof ChannelEndPoint)) {
            throw new AssertionError("unexpected object structure in requestTlsRenegotiation");
        }
        ByteChannel channel = this.sslEndPoint.getEndpoint().getChannel();
        if (!(channel instanceof PortUnificationSelectChannelConnector.ReadAheadSocketChannelWrapper)) {
            throw new AssertionError("unexpected object structure in requestTlsRenegotiation");
        }
        ((PortUnificationSelectChannelConnector.ReadAheadSocketChannelWrapper) channel).request = new WeakReference<>(this.request);
        SSLEngine sslEngine = this.sslEndPoint.getSslEngine();
        sslEngine.getSession().invalidate();
        if (bool != null && !sslEngine.getNeedClientAuth()) {
            sslEngine.setWantClientAuth(bool.booleanValue());
        }
        sslEngine.beginHandshake();
        if (httpServletRequest == null) {
            this.request.startAsync();
        } else {
            this.request.startAsync(httpServletRequest, this.request.getServletResponse());
        }
    }
}
