package oracle.net.nt;

import ch.qos.logback.core.joran.JoranConstants;
import java.io.IOException;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.nio.channels.SocketChannel;
import java.security.cert.X509Certificate;
import java.util.Properties;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import oracle.net.jdbc.nl.NLException;
import oracle.net.jdbc.nl.NVPair;
import oracle.net.ns.NetException;
import oracle.net.nt.NTAdapter;
import org.h2.engine.Constants;

/* loaded from: input_file:BOOT-INF/lib/ojdbc8-18.15.0.0.jar:oracle/net/nt/TcpsNTAdapter.class */
public class TcpsNTAdapter extends TcpNTAdapter {
    String matchSSLServerCertDNWith;
    boolean fullDNMatch;
    SSLSocketFactory l_sslSockFac;
    Socket underlyingSocket;
    SocketChannel underlyingSocketChannel;
    InetAddress[] inetAddresses;
    int count;
    int attempts;
    SSLSocket socketWithListener;
    SSLEngine l_sslEngine;
    boolean useNio;
    private String httpProxy;
    private int httpProxyPort;
    private String websocketURI;

    public TcpsNTAdapter(String str, Properties properties) throws NLException {
        super(str, properties);
        this.underlyingSocket = null;
        this.underlyingSocketChannel = null;
        this.inetAddresses = null;
        this.websocketURI = "/sqlnet";
        NVPair findNVPair = this.nav.findNVPair(this.nvpAddr, "HTTPS_PROXY");
        NVPair findNVPair2 = this.nav.findNVPair(this.nvpAddr, "HTTPS_PROXY_PORT");
        if (findNVPair != null) {
            this.httpProxy = findNVPair.getAtom();
            if (findNVPair2 != null) {
                this.httpProxyPort = Integer.parseInt(findNVPair2.getAtom());
            }
        }
        NVPair findNVPair3 = this.nav.findNVPair(this.nvpAddr, "WEBSOCK_URI");
        if (findNVPair3 != null) {
            this.websocketURI = findNVPair3.getAtom();
        }
    }

    @Override // oracle.net.nt.TcpNTAdapter, oracle.net.nt.NTAdapter
    public void connect() throws IOException {
        this.useNio = Boolean.parseBoolean((String) this.socketOptions.get(20));
        if (this.useNio) {
            this.l_sslEngine = CustomSSLSocketFactory.getSSLSocketEngine(this.host, this.port, this.socketOptions);
        } else {
            this.l_sslSockFac = CustomSSLSocketFactory.getSSLSocketFactory(this.socketOptions);
            this.underlyingSocket = new Socket();
        }
        String str = (String) this.socketOptions.get(2);
        int parseInt = str == null ? 0 : Integer.parseInt(str);
        boolean parseBoolean = Boolean.parseBoolean((String) this.socketOptions.get(18));
        if (this.inetAddresses == null) {
            this.inetAddresses = InetAddress.getAllByName(this.host);
            if (parseBoolean && this.inetAddresses.length > 1) {
                this.inetAddresses = getAddressesInCircularOrder(this.host, this.inetAddresses);
            }
            DownHostsCache.getInstance().reorderAddresses(this.inetAddresses, this.port);
            this.attempts = this.inetAddresses.length;
            this.count = 0;
        }
        do {
            InetAddress inetAddress = this.inetAddresses[this.count];
            InetSocketAddress inetSocketAddress = new InetSocketAddress(inetAddress, this.port);
            this.count++;
            this.attempts--;
            InetSocketAddress inetSocketAddress2 = null;
            if (this.httpProxy != null) {
                inetSocketAddress2 = new InetSocketAddress(this.httpProxy, this.httpProxyPort);
            }
            long currentTimeMillis = System.currentTimeMillis();
            this.underlyingSocket = new Socket();
            try {
                if (this.useNio) {
                    this.netStat = new NetStatImpl();
                    this.underlyingSocketChannel = new TimeoutSocketChannel(new InetSocketAddress(inetAddress, this.port), parseInt, this.netStat, inetSocketAddress2);
                    this.underlyingSocket = this.underlyingSocketChannel.socket();
                } else {
                    this.underlyingSocket.connect(inetSocketAddress, parseInt);
                }
                if (this.useNio) {
                    this.socketChannel = new SSLSocketChannel(this.underlyingSocketChannel, this.l_sslEngine);
                    this.socket = this.socketChannel.socket();
                } else {
                    this.socket = this.l_sslSockFac.createSocket(this.underlyingSocket, this.host, this.port, true);
                }
                String str2 = (String) this.socketOptions.get(3);
                if (str2 != null) {
                    setOption(3, str2);
                }
                setSSLSocketOptions();
                if (this.useNio && this.protocol != null && this.protocol.equalsIgnoreCase("wss")) {
                    this.socketChannel = new WSSSocketChannel(this.socketChannel, this.websocketURI, this.host, this.port, (String) this.socketOptions.get(26), (String) this.socketOptions.get(27));
                }
                return;
            } catch (IOException e) {
                DownHostsCache.getInstance().markDownHost(inetAddress, this.port);
                try {
                    if (this.underlyingSocket != null) {
                        this.underlyingSocket.close();
                    }
                    if (this.socket != null) {
                        this.socket.close();
                    }
                } catch (Exception e2) {
                }
                if (this.attempts <= 0) {
                    resetInetAddress();
                    throw new IOException(String.format("%s, socket connect lapse %d ms. %s %d %s %d", e.getMessage(), Long.valueOf(System.currentTimeMillis() - currentTimeMillis), inetAddress.toString(), Integer.valueOf(this.port), str, Integer.valueOf(this.count)), e);
                }
            } catch (NumberFormatException e3) {
                throw new NetException(505);
            }
        } while (this.count < this.inetAddresses.length);
    }

    @Override // oracle.net.nt.TcpNTAdapter, oracle.net.nt.NTAdapter
    public boolean hasMoreInetAddresses() {
        return this.inetAddresses != null && this.count < this.inetAddresses.length;
    }

    @Override // oracle.net.nt.TcpNTAdapter, oracle.net.nt.NTAdapter
    public void resetInetAddress() {
        this.inetAddresses = null;
    }

    public void renegotiateSession() throws IOException {
        if (this.useNio) {
            this.l_sslEngine = CustomSSLSocketFactory.getSSLSocketEngine(this.host, this.port, this.socketOptions);
            SSLSocketChannel sSLSocketChannel = new SSLSocketChannel(this.underlyingSocketChannel, this.l_sslEngine);
            if (this.protocol.equalsIgnoreCase("wss")) {
                this.socketChannel.setUnderlyingChannel(sSLSocketChannel);
            } else {
                this.socketChannel = sSLSocketChannel;
            }
            this.socket = this.socketChannel.socket();
        } else {
            this.socketWithListener = (SSLSocket) this.socket;
            this.socket = this.l_sslSockFac.createSocket(this.underlyingSocket, this.host, this.port, true);
        }
        String str = (String) this.socketOptions.get(3);
        if (str != null) {
            setOption(3, str);
        }
        setSSLSocketOptions();
    }

    public void setSSLSocketOptions() throws IOException {
        super.setSocketOptions();
        SSLSocket sSLSocket = null;
        if (!this.useNio) {
            sSLSocket = (SSLSocket) this.socket;
            sSLSocket.setUseClientMode(true);
        }
        TcpsConfigure.configureVersion(sSLSocket, this.l_sslEngine, (String) this.socketOptions.get(6), this.useNio);
        TcpsConfigure.configureCipherSuites(sSLSocket, this.l_sslEngine, (String) this.socketOptions.get(7), this.useNio);
    }

    @Override // oracle.net.nt.TcpNTAdapter, oracle.net.nt.NTAdapter
    public void setOption(int i, Object obj) throws IOException, NetException {
        switch (i) {
            case 107:
                if (((String) obj).equalsIgnoreCase(Constants.CLUSTERING_ENABLED)) {
                    this.fullDNMatch = true;
                    return;
                } else {
                    this.fullDNMatch = false;
                    return;
                }
            case 108:
                setServerDNMatchValue((String[]) obj);
                return;
            default:
                super.setOption(i, obj);
                return;
        }
    }

    @Override // oracle.net.nt.TcpNTAdapter, oracle.net.nt.NTAdapter
    public Object getOption(int i) throws IOException, NetException {
        SSLSession session = !this.useNio ? ((SSLSocket) this.socket).getSession() : this.l_sslEngine.getSession();
        switch (i) {
            case 102:
                String cipherSuite = session.getCipherSuite();
                return (cipherSuite == null || cipherSuite.indexOf(JoranConstants.NULL) != -1) ? "FALSE" : Constants.CLUSTERING_ENABLED;
            case 103:
                return ((X509Certificate) session.getPeerCertificates()[0]).getSubjectDN().getName();
            case 104:
                return session.getPeerCertificateChain();
            case 105:
                return session.getCipherSuite();
            case 106:
                String str = (String) this.socketOptions.get(4);
                if (str == null) {
                    str = System.getProperty("oracle.net.ssl_server_dn_match", "false");
                }
                return ((str.equalsIgnoreCase("YES") || str.equalsIgnoreCase("ON") || str.equalsIgnoreCase(Constants.CLUSTERING_ENABLED)) && !TcpsConfigure.matchServerDN(((X509Certificate) session.getPeerCertificates()[0]).getSubjectDN().getName(), this.matchSSLServerCertDNWith, this.fullDNMatch)) ? "FALSE" : Constants.CLUSTERING_ENABLED;
            default:
                return super.getOption(i);
        }
    }

    public void setServerDNMatchValue(String[] strArr) {
        String str = strArr[0];
        String str2 = strArr[1];
        String str3 = strArr[2];
        if (str != null) {
            this.matchSSLServerCertDNWith = str;
            this.fullDNMatch = true;
            return;
        }
        if (str2 != null) {
            if (str2.indexOf(46) != -1) {
                this.matchSSLServerCertDNWith = "CN=" + str2.substring(0, str2.indexOf(46));
                return;
            } else {
                this.matchSSLServerCertDNWith = "CN=" + str2.trim();
                return;
            }
        }
        if (str3 != null) {
            if (str3.indexOf(46) != -1) {
                this.matchSSLServerCertDNWith = "CN=" + str3.substring(0, str3.indexOf(46));
            } else {
                this.matchSSLServerCertDNWith = "CN=" + str3.trim();
            }
        }
    }

    @Override // oracle.net.nt.TcpNTAdapter, oracle.net.nt.NTAdapter
    public NTAdapter.NetworkAdapterType getNetworkAdapterType() {
        return NTAdapter.NetworkAdapterType.TCPS;
    }
}
