package com.sun.grizzly.config;

import com.sun.grizzly.Context;
import com.sun.grizzly.config.dom.Protocol;
import com.sun.grizzly.config.dom.ProtocolFinder;
import com.sun.grizzly.config.dom.Ssl;
import com.sun.grizzly.filter.SSLReadFilter;
import com.sun.grizzly.portunif.PUProtocolRequest;
import com.sun.grizzly.util.SSLUtils;
import com.sun.grizzly.util.ThreadAttachment;
import com.sun.grizzly.util.WorkerThread;
import java.io.EOFException;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.channels.SelectableChannel;
import java.nio.channels.SelectionKey;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLEngineResult;

/* loaded from: input_file:com/sun/grizzly/config/HttpProtocolFinder.class */
public class HttpProtocolFinder extends com.sun.grizzly.http.portunif.HttpProtocolFinder implements ConfigAwareElement<ProtocolFinder> {
    private static final Logger logger = GrizzlyEmbeddedHttp.logger();
    private final Object sync = new Object();
    private volatile boolean isSecured;
    private volatile Ssl ssl;
    private volatile SSLConfigHolder sslConfigHolder;
    private static final int sslReadTimeout = 5000;

    @Override // com.sun.grizzly.config.ConfigAwareElement
    public void configure(ProtocolFinder protocolFinder) {
        Protocol findProtocol = protocolFinder.findProtocol();
        this.isSecured = Boolean.parseBoolean(findProtocol.getSecurityEnabled());
        if (this.isSecured) {
            this.ssl = findProtocol.getSsl();
            if (SSLConfigHolder.isAllowLazyInit(this.ssl)) {
                return;
            }
            this.sslConfigHolder = SSLConfigHolder.configureSSL(this.ssl);
        }
    }

    @Override // com.sun.grizzly.http.portunif.HttpProtocolFinder, com.sun.grizzly.portunif.ProtocolFinder
    public String find(Context context, PUProtocolRequest pUProtocolRequest) throws IOException {
        String find;
        if (!this.isSecured) {
            return super.find(context, pUProtocolRequest);
        }
        if (this.sslConfigHolder == null) {
            synchronized (this.sync) {
                if (this.sslConfigHolder == null) {
                    this.sslConfigHolder = SSLConfigHolder.configureSSL(this.ssl);
                }
            }
        }
        SelectionKey selectionKey = context.getSelectionKey();
        SelectableChannel channel = selectionKey.channel();
        SSLEngine createSSLEngine = this.sslConfigHolder.createSSLEngine();
        boolean isLoggable = logger.isLoggable(Level.FINE);
        if (isLoggable) {
            logger.log(Level.FINE, "sslEngine: " + createSSLEngine);
        }
        ByteBuffer securedInputByteBuffer = pUProtocolRequest.getSecuredInputByteBuffer();
        ByteBuffer securedOutputByteBuffer = pUProtocolRequest.getSecuredOutputByteBuffer();
        ByteBuffer byteBuffer = pUProtocolRequest.getByteBuffer();
        int packetBufferSize = createSSLEngine.getSession().getPacketBufferSize();
        if (securedInputByteBuffer == null || (securedInputByteBuffer != null && packetBufferSize > securedInputByteBuffer.capacity())) {
            securedInputByteBuffer = ByteBuffer.allocate(packetBufferSize * 2);
            pUProtocolRequest.setSecuredInputByteBuffer(securedInputByteBuffer);
        }
        if (securedOutputByteBuffer == null || (securedOutputByteBuffer != null && packetBufferSize > securedOutputByteBuffer.capacity())) {
            securedOutputByteBuffer = ByteBuffer.allocate(packetBufferSize * 2);
            pUProtocolRequest.setSecuredOutputByteBuffer(securedOutputByteBuffer);
        }
        int applicationBufferSize = createSSLEngine.getSession().getApplicationBufferSize();
        if (byteBuffer == null || applicationBufferSize > byteBuffer.capacity()) {
            ByteBuffer allocate = ByteBuffer.allocate(packetBufferSize);
            byteBuffer.flip();
            allocate.put(byteBuffer);
            byteBuffer = allocate;
            pUProtocolRequest.setByteBuffer(byteBuffer);
        }
        securedInputByteBuffer.clear();
        securedOutputByteBuffer.position(0);
        securedOutputByteBuffer.limit(0);
        securedInputByteBuffer.put((ByteBuffer) byteBuffer.flip());
        byteBuffer.clear();
        WorkerThread workerThread = (WorkerThread) Thread.currentThread();
        boolean z = false;
        try {
            byteBuffer = SSLUtils.doHandshake(channel, byteBuffer, securedInputByteBuffer, securedOutputByteBuffer, createSSLEngine, SSLEngineResult.HandshakeStatus.NEED_UNWRAP, sslReadTimeout, securedInputByteBuffer.position() > 0);
            if (isLoggable) {
                logger.log(Level.FINE, "handshake is done");
            }
            pUProtocolRequest.setSSLEngine(createSSLEngine);
            workerThread.setSSLEngine(createSSLEngine);
            workerThread.setInputBB(securedInputByteBuffer);
            workerThread.setOutputBB(securedOutputByteBuffer);
            selectionKey.attach(workerThread.updateAttachment(ThreadAttachment.Mode.SSL_ENGINE));
            securedOutputByteBuffer.limit(securedOutputByteBuffer.position());
            z = true;
        } catch (EOFException e) {
            if (isLoggable) {
                logger.log(Level.FINE, "handshake failed", (Throwable) e);
            }
        } catch (Exception e2) {
            if (isLoggable) {
                logger.log(Level.FINE, "handshake failed", (Throwable) e2);
            }
            securedInputByteBuffer.flip();
            byteBuffer.put(securedInputByteBuffer);
        }
        if (isLoggable) {
            logger.log(Level.FINE, "after handshake. isComplete: " + z);
        }
        if (!z) {
            return null;
        }
        if (isLoggable) {
            logger.log(Level.FINE, "secured bytebuffer: " + securedInputByteBuffer);
        }
        long currentTimeMillis = System.currentTimeMillis();
        while (true) {
            find = super.find(context, pUProtocolRequest);
            if (find != null || System.currentTimeMillis() - currentTimeMillis >= 5000) {
                break;
            }
            if (SSLUtils.doRead(channel, securedInputByteBuffer, createSSLEngine, sslReadTimeout).bytesRead == -1) {
                logger.log(Level.FINE, "EOF");
                throw new EOFException();
            }
            byteBuffer = SSLUtils.unwrapAll(byteBuffer, securedInputByteBuffer, createSSLEngine);
            pUProtocolRequest.setByteBuffer(byteBuffer);
            workerThread.setByteBuffer(byteBuffer);
        }
        context.setAttribute(SSLReadFilter.SSL_PREREAD_DATA, Boolean.TRUE);
        if (isLoggable) {
            logger.log(Level.FINE, "protocol: " + find);
        }
        return find;
    }
}
