package net.dona.doip.server;

import com.google.gson.JsonObject;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.io.PushbackInputStream;
import java.io.UncheckedIOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.ServerSocket;
import java.net.Socket;
import java.net.SocketTimeoutException;
import java.net.UnknownHostException;
import java.nio.charset.StandardCharsets;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ConcurrentMap;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.atomic.AtomicInteger;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLServerSocket;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.TrustManager;
import net.dona.doip.BadDoipException;
import net.dona.doip.DoipConstants;
import net.dona.doip.DoipResponseHeadersWithRequestId;
import net.dona.doip.InDoipMessageImpl;
import net.dona.doip.OutDoipMessageImpl;
import net.dona.doip.server.DoipServerConfig;
import net.dona.doip.util.GsonUtility;
import net.dona.doip.util.tls.AllTrustingTrustManager;
import net.dona.doip.util.tls.AutoSelfSignedKeyManager;
import net.dona.doip.util.tls.TlsProtocolAndCipherSuiteConfigurationUtil;
import net.dona.doip.util.tls.X509IdParser;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: input_file:net/dona/doip/server/DoipServer.class */
public class DoipServer {
    private static final Logger logger = LoggerFactory.getLogger(DoipServer.class);
    private static final AtomicInteger serverCount = new AtomicInteger(1);
    private final DoipServerConfig config;
    private ServerSocket serverSocket;
    private DoipProcessor doipProcessor;
    private ExecutorService execServ;
    private int port;
    private volatile boolean keepServing;
    private final ConcurrentMap<Long, Socket> activeSockets = new ConcurrentHashMap();
    private final boolean willShutdownDoipProcessorLifecycle = true;

    public DoipServer(DoipServerConfig doipServerConfig) {
        this.config = doipServerConfig;
        this.port = doipServerConfig.port;
    }

    public DoipServer(DoipServerConfig doipServerConfig, DoipProcessor doipProcessor) {
        this.config = doipServerConfig;
        this.doipProcessor = doipProcessor;
        this.port = doipServerConfig.port;
    }

    public void init() throws Exception {
        if (this.doipProcessor == null) {
            this.doipProcessor = (DoipProcessor) Class.forName(this.config.processorClass).newInstance();
            this.doipProcessor.init(this.config.processorConfig);
        }
        initServerSocket();
        AtomicInteger atomicInteger = new AtomicInteger(1);
        int andIncrement = serverCount.getAndIncrement();
        this.execServ = Executors.newFixedThreadPool(this.config.numThreads, runnable -> {
            return new Thread(runnable, "doip-server-" + andIncrement + "-" + atomicInteger.getAndIncrement());
        });
        this.keepServing = true;
        new Thread(this::serveRequests, "DOIP-Socket-Accept-Thread").start();
    }

    public int getPort() {
        return this.port;
    }

    private void initServerSocket() throws KeyManagementException, IOException, UnknownHostException {
        if (System.getProperty("jdk.tls.ephemeralDHKeySize") == null) {
            System.setProperty("jdk.tls.ephemeralDHKeySize", "2048");
        }
        this.serverSocket = getServerSSLContext(this.config.tlsConfig).getServerSocketFactory().createServerSocket();
        ((SSLServerSocket) this.serverSocket).setWantClientAuth(true);
        TlsProtocolAndCipherSuiteConfigurationUtil.configureEnabledProtocolsAndCipherSuites(this.serverSocket);
        this.serverSocket.bind(new InetSocketAddress(InetAddress.getByName(this.config.listenAddress), this.config.port), this.config.backlog);
        this.port = this.serverSocket.getLocalPort();
    }

    private static SSLContext getServerSSLContext(DoipServerConfig.TlsConfig tlsConfig) throws KeyManagementException {
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            try {
                sSLContext.init(new KeyManager[]{tlsConfig == null ? new AutoSelfSignedKeyManager(null) : tlsConfig.certificateChain != null ? new AutoSelfSignedKeyManager((String) null, tlsConfig.certificateChain, tlsConfig.privateKey) : tlsConfig.publicKey != null ? new AutoSelfSignedKeyManager(tlsConfig.id, tlsConfig.publicKey, tlsConfig.privateKey) : new AutoSelfSignedKeyManager(tlsConfig.id)}, new TrustManager[]{new AllTrustingTrustManager()}, null);
                return sSLContext;
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        } catch (NoSuchAlgorithmException e2) {
            throw new AssertionError(e2);
        }
    }

    private void serveRequests() {
        while (this.keepServing) {
            try {
                Socket accept = this.serverSocket.accept();
                accept.setSoTimeout(this.config.maxIdleTimeMillis);
                this.execServ.execute(() -> {
                    handle(accept);
                });
            } catch (Exception e) {
                if (this.keepServing) {
                    logger.error("Exception accepting request", e);
                }
            }
        }
    }

    private void handle(Socket socket) {
        this.activeSockets.put(Long.valueOf(Thread.currentThread().getId()), socket);
        try {
            if (this.keepServing) {
                handleMessagesThrowing(socket);
            }
        } catch (Exception e) {
        } finally {
            this.activeSockets.remove(Long.valueOf(Thread.currentThread().getId()));
        }
        try {
            socket.close();
        } catch (Exception e2) {
        }
    }

    private void handleMessagesThrowing(Socket socket) throws IOException {
        PushbackInputStream pushbackInputStream = new PushbackInputStream(new BufferedInputStream(socket.getInputStream()));
        while (true) {
            int read = pushbackInputStream.read();
            if (read <= -1) {
                return;
            }
            pushbackInputStream.unread(read);
            InDoipMessageImpl inDoipMessageImpl = new InDoipMessageImpl(pushbackInputStream);
            OutDoipMessageImpl outDoipMessageImpl = new OutDoipMessageImpl(new BufferedOutputStream(socket.getOutputStream()));
            String str = null;
            try {
                X509Certificate[] clientCertChain = getClientCertChain(socket);
                String parseIdentityHandle = X509IdParser.parseIdentityHandle(clientCertChain);
                PublicKey publicKey = null;
                if (clientCertChain != null && clientCertChain.length > 0) {
                    publicKey = clientCertChain[0].getPublicKey();
                }
                DoipServerRequestImpl doipServerRequestImpl = new DoipServerRequestImpl(inDoipMessageImpl, parseIdentityHandle, publicKey, clientCertChain);
                str = doipServerRequestImpl.getRequestId();
                DoipServerResponseImpl doipServerResponseImpl = new DoipServerResponseImpl(str, outDoipMessageImpl);
                try {
                    this.doipProcessor.process(doipServerRequestImpl, doipServerResponseImpl);
                    doipServerResponseImpl.commit();
                    outDoipMessageImpl.close();
                    inDoipMessageImpl.close();
                } catch (UncheckedIOException e) {
                    throw e.getCause();
                }
            } catch (SocketTimeoutException e2) {
                outDoipMessageImpl.closeSegmentOutput();
                writeBadDoipException(str, socket.getOutputStream(), e2.getMessage());
                throw e2;
            } catch (BadDoipException e3) {
                outDoipMessageImpl.closeSegmentOutput();
                writeBadDoipException(str, socket.getOutputStream(), e3.getMessage());
                throw e3;
            } catch (Exception e4) {
                if (this.keepServing) {
                    logger.warn("Exception handling message", e4);
                }
                outDoipMessageImpl.closeSegmentOutput();
                writeServerException(str, socket.getOutputStream(), "An unexpected server error occurred");
                throw e4;
            }
        }
    }

    private X509Certificate[] getClientCertChain(Socket socket) {
        if (!(socket instanceof SSLSocket)) {
            return null;
        }
        try {
            Certificate[] peerCertificates = ((SSLSocket) socket).getSession().getPeerCertificates();
            if (peerCertificates == null || peerCertificates.length == 0) {
                return null;
            }
            X509Certificate[] x509CertificateArr = new X509Certificate[peerCertificates.length];
            for (int i = 0; i < peerCertificates.length; i++) {
                if (!(peerCertificates[i] instanceof X509Certificate)) {
                    return null;
                }
                x509CertificateArr[i] = (X509Certificate) peerCertificates[i];
            }
            return x509CertificateArr;
        } catch (SSLPeerUnverifiedException e) {
            return null;
        }
    }

    private void writeBadDoipException(String str, OutputStream outputStream, String str2) throws IOException {
        DoipResponseHeadersWithRequestId doipResponseHeadersWithRequestId = new DoipResponseHeadersWithRequestId();
        doipResponseHeadersWithRequestId.requestId = str;
        doipResponseHeadersWithRequestId.status = DoipConstants.STATUS_BAD_REQUEST;
        doipResponseHeadersWithRequestId.attributes = new JsonObject();
        doipResponseHeadersWithRequestId.attributes.addProperty(DoipConstants.MESSAGE_ATT, str2);
        outputStream.write((GsonUtility.getGson().toJson(doipResponseHeadersWithRequestId) + "\n#\n#\n").getBytes(StandardCharsets.UTF_8));
        outputStream.flush();
    }

    private void writeServerException(String str, OutputStream outputStream, String str2) throws IOException {
        DoipResponseHeadersWithRequestId doipResponseHeadersWithRequestId = new DoipResponseHeadersWithRequestId();
        doipResponseHeadersWithRequestId.requestId = str;
        doipResponseHeadersWithRequestId.status = DoipConstants.STATUS_ERROR;
        doipResponseHeadersWithRequestId.attributes = new JsonObject();
        doipResponseHeadersWithRequestId.attributes.addProperty(DoipConstants.MESSAGE_ATT, str2);
        outputStream.write((GsonUtility.getGson().toJson(doipResponseHeadersWithRequestId) + "\n#\n#\n").getBytes(StandardCharsets.UTF_8));
        outputStream.flush();
    }

    public void shutdown() {
        this.keepServing = false;
        try {
            this.execServ.shutdown();
        } catch (Exception e) {
            logger.error("Shutdown error", e);
        }
        try {
            this.serverSocket.close();
        } catch (Exception e2) {
            logger.error("Shutdown error", e2);
        }
        Iterator<Socket> it = this.activeSockets.values().iterator();
        while (it.hasNext()) {
            try {
                it.next().close();
            } catch (Exception e3) {
                logger.error("Shutdown error", e3);
            }
        }
        try {
            this.execServ.awaitTermination(Long.MAX_VALUE, TimeUnit.DAYS);
        } catch (Exception e4) {
            logger.error("Shutdown error", e4);
        }
        if (this.willShutdownDoipProcessorLifecycle) {
            try {
                this.doipProcessor.shutdown();
            } catch (Exception e5) {
                logger.error("Shutdown error", e5);
            }
        }
    }
}
