package com.predic8.membrane.core.rules;

import com.google.common.base.Objects;
import com.predic8.membrane.annot.MCAttribute;
import com.predic8.membrane.annot.MCChildElement;
import com.predic8.membrane.annot.MCElement;
import com.predic8.membrane.annot.Required;
import com.predic8.membrane.core.Router;
import com.predic8.membrane.core.config.security.SSLParser;
import com.predic8.membrane.core.exchange.Exchange;
import com.predic8.membrane.core.interceptor.Interceptor;
import com.predic8.membrane.core.interceptor.InterceptorFlowController;
import com.predic8.membrane.core.interceptor.Outcome;
import com.predic8.membrane.core.sslinterceptor.SSLInterceptor;
import com.predic8.membrane.core.stats.RuleStatisticCollector;
import com.predic8.membrane.core.transport.http.Connection;
import com.predic8.membrane.core.transport.http.ConnectionManager;
import com.predic8.membrane.core.transport.http.StreamPump;
import com.predic8.membrane.core.transport.http.client.ConnectionConfiguration;
import com.predic8.membrane.core.transport.ssl.SSLContext;
import com.predic8.membrane.core.transport.ssl.SSLExchange;
import com.predic8.membrane.core.transport.ssl.SSLProvider;
import com.predic8.membrane.core.transport.ssl.StaticSSLContext;
import com.predic8.membrane.core.util.DNSCache;
import java.io.IOException;
import java.net.Socket;
import java.net.SocketException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.validation.DataBinder;

@MCElement(name = "sslProxy")
/* loaded from: input_file:WEB-INF/lib/service-proxy-core-5.8.1.jar:com/predic8/membrane/core/rules/SSLProxy.class */
public class SSLProxy implements Rule {
    private static Logger log = LoggerFactory.getLogger(SSLProxy.class.getName());
    private Target target;
    private ConnectionConfiguration connectionConfiguration = new ConnectionConfiguration();
    private RuleStatisticCollector ruleStatisticCollector = new RuleStatisticCollector();
    private boolean useAsDefault = true;
    private List<SSLInterceptor> sslInterceptors = new ArrayList();
    int port;
    String ip;
    String host;
    ConnectionManager cm;
    Router router;

    /* loaded from: input_file:WEB-INF/lib/service-proxy-core-5.8.1.jar:com/predic8/membrane/core/rules/SSLProxy$ForwardingStaticSSLContext.class */
    private class ForwardingStaticSSLContext extends StaticSSLContext {
        public ForwardingStaticSSLContext() {
            super(SSLProxy.this.getSSLParser(), SSLProxy.this.router.getResolverMap(), SSLProxy.this.router.getBaseLocation());
        }

        @Override // com.predic8.membrane.core.transport.ssl.SSLContext
        public Socket wrap(Socket socket, byte[] bArr, int i) throws IOException {
            DNSCache dnsCache = SSLProxy.this.router.getDnsCache();
            SSLExchange sSLExchange = new SSLExchange();
            sSLExchange.setRemoteAddrIp(dnsCache.getHostAddress(socket.getInetAddress()));
            sSLExchange.setRemotePort(socket.getPort());
            sSLExchange.setRule(SSLProxy.this);
            boolean z = true;
            try {
                Iterator<SSLInterceptor> it = SSLProxy.this.sslInterceptors.iterator();
                while (true) {
                    if (!it.hasNext()) {
                        break;
                    }
                    if (it.next().handleRequest(sSLExchange) != Outcome.CONTINUE) {
                        z = false;
                        break;
                    }
                }
            } catch (Exception e) {
                sSLExchange.setProperty(InterceptorFlowController.ABORTION_REASON, e);
                z = false;
            }
            if (!z) {
                if (sSLExchange.getProperty(InterceptorFlowController.ABORTION_REASON) != null && (sSLExchange.getProperty(InterceptorFlowController.ABORTION_REASON) instanceof Throwable)) {
                    ((Throwable) sSLExchange.getProperty(InterceptorFlowController.ABORTION_REASON)).printStackTrace();
                }
                try {
                    socket.getOutputStream().write(new byte[]{21, 3, 1, 0, 2, 2, sSLExchange.getError().getCode()});
                    if (socket != null) {
                        socket.close();
                    }
                    throw new SocketException("not continuing");
                } catch (Throwable th) {
                    if (socket != null) {
                        try {
                            socket.close();
                        } catch (Throwable th2) {
                            th.addSuppressed(th2);
                        }
                    }
                    throw th;
                }
            }
            int port = SSLProxy.this.target.getPort();
            if (port == -1) {
                port = SSLProxy.this.getPort();
            }
            StreamPump.StreamPumpStats streamPumpStats = SSLProxy.this.router.getStatistics().getStreamPumpStats();
            Connection connection = SSLProxy.this.cm.getConnection(SSLProxy.this.target.getHost(), port, SSLProxy.this.connectionConfiguration.getLocalAddr(), null, SSLProxy.this.connectionConfiguration.getTimeout());
            connection.out.write(bArr, 0, i);
            connection.out.flush();
            String obj = socket.getRemoteSocketAddress().toString();
            String connection2 = connection.toString();
            StreamPump streamPump = new StreamPump(connection.in, socket.getOutputStream(), streamPumpStats, "SSL" + " " + obj + " <- " + connection2, SSLProxy.this);
            StreamPump streamPump2 = new StreamPump(socket.getInputStream(), connection.out, streamPumpStats, "SSL" + " " + obj + " -> " + connection2, SSLProxy.this);
            socket.setSoTimeout(0);
            String name = Thread.currentThread().getName();
            new Thread(streamPump, name + " " + "SSL" + " Backward Thread").start();
            try {
                Thread.currentThread().setName(name + " " + "SSL" + " Onward Thread");
                streamPump2.run();
                throw new SocketException("SSL Forwarding Connection closed.");
            } finally {
                try {
                    connection.close();
                } catch (IOException e2) {
                    SSLProxy.log.debug("", (Throwable) e2);
                }
            }
        }

        @Override // com.predic8.membrane.core.transport.ssl.SSLContext
        public String constructHostNamePattern() {
            return SSLProxy.this.getKey().getHost();
        }

        @Override // com.predic8.membrane.core.transport.ssl.StaticSSLContext
        public boolean equals(Object obj) {
            if (obj instanceof ForwardingStaticSSLContext) {
                return Objects.equal(SSLProxy.this, ((ForwardingStaticSSLContext) obj).getSSLProxy());
            }
            return false;
        }

        public SSLProxy getSSLProxy() {
            return SSLProxy.this;
        }

        @Override // com.predic8.membrane.core.transport.ssl.StaticSSLContext, com.predic8.membrane.core.transport.ssl.SSLContext
        public String getPrometheusContextTypeName() {
            return "forwarding";
        }

        @Override // com.predic8.membrane.core.transport.ssl.StaticSSLContext, com.predic8.membrane.core.transport.ssl.SSLContext
        public boolean hasKeyAndCertificate() {
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:WEB-INF/lib/service-proxy-core-5.8.1.jar:com/predic8/membrane/core/rules/SSLProxy$MyRuleKey.class */
    public class MyRuleKey implements RuleKey {
        private MyRuleKey() {
        }

        @Override // com.predic8.membrane.core.rules.RuleKey
        public int getPort() {
            return SSLProxy.this.port;
        }

        @Override // com.predic8.membrane.core.rules.RuleKey
        public String getMethod() {
            return null;
        }

        @Override // com.predic8.membrane.core.rules.RuleKey
        public String getPath() {
            return null;
        }

        @Override // com.predic8.membrane.core.rules.RuleKey
        public String getHost() {
            return SSLProxy.this.host;
        }

        @Override // com.predic8.membrane.core.rules.RuleKey
        public boolean isMethodWildcard() {
            return false;
        }

        @Override // com.predic8.membrane.core.rules.RuleKey
        public boolean isPathRegExp() {
            return false;
        }

        @Override // com.predic8.membrane.core.rules.RuleKey
        public boolean isUsePathPattern() {
            return false;
        }

        @Override // com.predic8.membrane.core.rules.RuleKey
        public void setUsePathPattern(boolean z) {
        }

        @Override // com.predic8.membrane.core.rules.RuleKey
        public void setPathRegExp(boolean z) {
        }

        @Override // com.predic8.membrane.core.rules.RuleKey
        public void setPath(String str) {
        }

        @Override // com.predic8.membrane.core.rules.RuleKey
        public boolean matchesPath(String str) {
            return false;
        }

        @Override // com.predic8.membrane.core.rules.RuleKey
        public String getIp() {
            return SSLProxy.this.ip;
        }

        @Override // com.predic8.membrane.core.rules.RuleKey
        public void setIp(String str) {
        }

        @Override // com.predic8.membrane.core.rules.RuleKey
        public boolean matchesHostHeader(String str) {
            return false;
        }

        @Override // com.predic8.membrane.core.rules.RuleKey
        public boolean matchesVersion(String str) {
            return false;
        }

        @Override // com.predic8.membrane.core.rules.RuleKey
        public boolean complexMatch(Exchange exchange) {
            return false;
        }

        public boolean equals(Object obj) {
            if (!(obj instanceof MyRuleKey)) {
                return false;
            }
            MyRuleKey myRuleKey = (MyRuleKey) obj;
            return Objects.equal(getHost(), myRuleKey.getHost()) && getPort() == myRuleKey.getPort();
        }
    }

    @MCElement(id = "sslProxy-target", name = DataBinder.DEFAULT_OBJECT_NAME, topLevel = false)
    /* loaded from: input_file:WEB-INF/lib/service-proxy-core-5.8.1.jar:com/predic8/membrane/core/rules/SSLProxy$Target.class */
    public static class Target {
        private int port = -1;
        private String host;

        public int getPort() {
            return this.port;
        }

        @MCAttribute
        public void setPort(int i) {
            this.port = i;
        }

        public String getHost() {
            return this.host;
        }

        @MCAttribute
        public void setHost(String str) {
            this.host = str;
        }
    }

    public ConnectionConfiguration getConnectionConfiguration() {
        return this.connectionConfiguration;
    }

    @MCChildElement(order = 0)
    public void setConnectionConfiguration(ConnectionConfiguration connectionConfiguration) {
        this.connectionConfiguration = connectionConfiguration;
    }

    public Target getTarget() {
        return this.target;
    }

    @MCChildElement(order = 100)
    @Required
    public void setTarget(Target target) {
        this.target = target;
    }

    @Override // com.predic8.membrane.core.rules.Rule
    public List<Interceptor> getInterceptors() {
        return null;
    }

    @Override // com.predic8.membrane.core.rules.Rule
    public void setInterceptors(List<Interceptor> list) {
    }

    public List<SSLInterceptor> getSslInterceptors() {
        return this.sslInterceptors;
    }

    @MCChildElement(allowForeign = true, order = 50)
    public void setSslInterceptors(List<SSLInterceptor> list) {
        this.sslInterceptors = list;
    }

    @Override // com.predic8.membrane.core.rules.Rule
    public boolean isBlockRequest() {
        return false;
    }

    @Override // com.predic8.membrane.core.rules.Rule
    public boolean isBlockResponse() {
        return false;
    }

    public int getPort() {
        return this.port;
    }

    @MCAttribute
    public void setPort(int i) {
        this.port = i;
    }

    public String getIp() {
        return this.ip;
    }

    @MCAttribute
    public void setIp(String str) {
        this.ip = str;
    }

    public String getHost() {
        return this.host;
    }

    @MCAttribute
    public void setHost(String str) {
        this.host = str;
    }

    @Override // com.predic8.membrane.core.rules.Rule
    public RuleKey getKey() {
        return new MyRuleKey();
    }

    @Override // com.predic8.membrane.core.rules.Rule
    public void setKey(RuleKey ruleKey) {
    }

    @Override // com.predic8.membrane.core.rules.Rule
    public void setName(String str) {
    }

    @Override // com.predic8.membrane.core.rules.Rule
    public String getName() {
        return "SSL " + getHost() + ":" + getPort();
    }

    @Override // com.predic8.membrane.core.rules.Rule
    public void setBlockRequest(boolean z) {
    }

    @Override // com.predic8.membrane.core.rules.Rule
    public void setBlockResponse(boolean z) {
    }

    @Override // com.predic8.membrane.core.rules.Rule
    public RuleStatisticCollector getStatisticCollector() {
        return this.ruleStatisticCollector;
    }

    @Override // com.predic8.membrane.core.rules.Rule
    public SSLContext getSslInboundContext() {
        return new ForwardingStaticSSLContext();
    }

    @Override // com.predic8.membrane.core.rules.Rule
    public SSLProvider getSslOutboundContext() {
        return null;
    }

    @Override // com.predic8.membrane.core.rules.Rule
    public void init(Router router) throws Exception {
        this.router = router;
        this.cm = new ConnectionManager(this.connectionConfiguration.getKeepAliveTimeout(), router.getTimerManager());
        Iterator<SSLInterceptor> it = this.sslInterceptors.iterator();
        while (it.hasNext()) {
            it.next().init(router);
        }
    }

    @Override // com.predic8.membrane.core.rules.Rule
    public boolean isTargetAdjustHostHeader() {
        return false;
    }

    @Override // com.predic8.membrane.core.rules.Rule
    public boolean isActive() {
        return true;
    }

    @Override // com.predic8.membrane.core.rules.Rule
    public String getErrorState() {
        return null;
    }

    @Override // com.predic8.membrane.core.rules.Rule
    /* renamed from: clone, reason: merged with bridge method [inline-methods] */
    public SSLProxy m1315clone() throws CloneNotSupportedException {
        SSLProxy sSLProxy = (SSLProxy) super.clone();
        try {
            sSLProxy.init(this.router);
            return sSLProxy;
        } catch (Exception e) {
            throw new RuntimeException(e);
        }
    }

    private SSLParser getSSLParser() {
        SSLParser sSLParser = new SSLParser();
        sSLParser.setUseAsDefault(this.useAsDefault);
        return sSLParser;
    }

    public boolean isUseAsDefault() {
        return this.useAsDefault;
    }

    @MCAttribute
    public void setUseAsDefault(boolean z) {
        this.useAsDefault = z;
    }
}
