package org.ovirt.vdsm.jsonrpc.client.reactors;

import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.channels.ClosedChannelException;
import java.nio.channels.SelectionKey;
import java.nio.channels.Selector;
import java.nio.channels.SocketChannel;
import java.security.cert.Certificate;
import java.util.Arrays;
import java.util.List;
import java.util.concurrent.ExecutionException;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSession;
import org.ovirt.vdsm.jsonrpc.client.ClientConnectionException;
import org.ovirt.vdsm.jsonrpc.client.reactors.stomp.StompCommonClient;
import org.ovirt.vdsm.jsonrpc.client.utils.JsonUtils;
import org.ovirt.vdsm.jsonrpc.client.utils.OneTimeCallback;
import org.ovirt.vdsm.jsonrpc.client.utils.retry.Retryable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:org/ovirt/vdsm/jsonrpc/client/reactors/SSLClient.class */
public abstract class SSLClient extends StompCommonClient {
    protected static Logger log = LoggerFactory.getLogger(SSLClient.class);
    protected final Selector selector;
    protected SSLEngineNioHelper nioEngine;
    private SSLContext sslContext;
    private boolean client;

    public SSLClient(Reactor reactor, Selector selector, String str, int i, SSLContext sSLContext) throws ClientConnectionException {
        super(reactor, str, i);
        this.selector = selector;
        this.sslContext = sSLContext;
        this.client = true;
    }

    public SSLClient(Reactor reactor, Selector selector, String str, int i, SSLContext sSLContext, SocketChannel socketChannel) throws ClientConnectionException {
        super(reactor, str, i);
        this.selector = selector;
        this.sslContext = sSLContext;
        this.client = false;
        this.channel = socketChannel;
        postConnect(null);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SSLEngine createSSLEngine(boolean z) {
        SSLEngine createSSLEngine = this.sslContext.createSSLEngine();
        createSSLEngine.setUseClientMode(z);
        return createSSLEngine;
    }

    @Override // org.ovirt.vdsm.jsonrpc.client.reactors.ReactorClient
    public void updateInterestedOps() {
        if (!this.outbox.isEmpty() || (this.nioEngine != null && this.nioEngine.handshakeInProgress())) {
            getSelectionKey().interestOps(5);
        } else {
            getSelectionKey().interestOps(1);
        }
    }

    private Runnable pendingOperations() throws IOException, ClientConnectionException {
        if (this.nioEngine == null) {
            return null;
        }
        return this.nioEngine.process();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.ovirt.vdsm.jsonrpc.client.reactors.ReactorClient
    public int read(ByteBuffer byteBuffer) throws IOException {
        return this.nioEngine != null ? this.nioEngine.read(byteBuffer) : this.channel.read(byteBuffer);
    }

    @Override // org.ovirt.vdsm.jsonrpc.client.reactors.ReactorClient
    void write(ByteBuffer byteBuffer) throws IOException {
        if (this.nioEngine != null) {
            this.nioEngine.write(byteBuffer);
        } else {
            this.channel.write(byteBuffer);
        }
    }

    @Override // org.ovirt.vdsm.jsonrpc.client.reactors.ReactorClient
    public void process() throws IOException, ClientConnectionException {
        Runnable pendingOperations = pendingOperations();
        if (pendingOperations != null) {
            this.key.interestOps(0);
            scheduleTask(() -> {
                pendingOperations.run();
                updateInterestedOps();
                this.selector.wakeup();
                return null;
            });
        }
        if (isInInit()) {
            return;
        }
        super.process();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.ovirt.vdsm.jsonrpc.client.reactors.ReactorClient
    public void postConnect(OneTimeCallback oneTimeCallback) throws ClientConnectionException {
        try {
            this.key = (SelectionKey) scheduleTask(new Retryable(() -> {
                if (isOpen()) {
                    return this.channel.register(this.selector, 5, this);
                }
                throw new ClosedChannelException();
            }, this.policy)).get();
            this.nioEngine = new SSLEngineNioHelper(this.channel, createSSLEngine(this.client), oneTimeCallback, this);
            this.nioEngine.beginHandshake();
            if (this.key == null) {
                throw new ClientConnectionException("Connection issue during post connect");
            }
        } catch (InterruptedException | ExecutionException | SSLException e) {
            JsonUtils.logException(log, "Connection issues during ssl client creation", e);
            throw new ClientConnectionException(e);
        }
    }

    @Override // org.ovirt.vdsm.jsonrpc.client.reactors.ReactorClient
    public void postDisconnect() {
        if (this.nioEngine != null) {
            this.nioEngine.clearBuff();
        }
        this.nioEngine = null;
    }

    @Override // org.ovirt.vdsm.jsonrpc.client.reactors.ReactorClient
    public List<Certificate> getPeerCertificates() {
        try {
            if (this.nioEngine == null || this.nioEngine.getSSLEngine() == null) {
                return null;
            }
            SSLSession session = this.nioEngine.getSSLEngine().getSession();
            if (session == null || !session.isValid()) {
                throw new IllegalStateException("SSL session is invalid");
            }
            return Arrays.asList(session.getPeerCertificates());
        } catch (SSLPeerUnverifiedException e) {
            JsonUtils.logException(log, "Failed to get peer certificates", e);
            return null;
        }
    }
}
